bool need_conf = false;
NTSTATUS status;
WERROR werr;
+ const char *remote_name = smbXcli_conn_remote_name(cli->conn);
+ const struct sockaddr_storage *remote_sockaddr =
+ smbXcli_conn_remote_sockaddr(cli->conn);
status = cli_rpc_pipe_open_noauth_transport(
cli,
NCACN_NP,
&ndr_table_svcctl,
+ remote_name,
+ remote_sockaddr,
&rpccli);
if (!NT_STATUS_IS_OK(status)) {
DBG_WARNING("cli_rpc_pipe_open_noauth_transport failed: %s\n",
status = dcerpc_svcctl_OpenSCManagerW(
rpccli->binding_handle,
frame,
- smbXcli_conn_remote_name(cli->conn),
+ remote_name,
NULL,
SEC_FLAG_MAXIMUM_ALLOWED,
&scmanager_handle,
struct SERVICE_STATUS service_status;
NTSTATUS status;
WERROR werr;
+ const char *remote_name = smbXcli_conn_remote_name(cli->conn);
+ const struct sockaddr_storage *remote_sockaddr =
+ smbXcli_conn_remote_sockaddr(cli->conn);
status = cli_rpc_pipe_open_noauth_transport(
cli,
NCACN_NP,
&ndr_table_svcctl,
+ remote_name,
+ remote_sockaddr,
&rpccli);
if (!NT_STATUS_IS_OK(status)) {
DBG_WARNING("cli_rpc_pipe_open_noauth_transport failed: %s\n",
status = dcerpc_svcctl_OpenSCManagerW(
rpccli->binding_handle,
frame,
- smbXcli_conn_remote_name(cli->conn),
+ remote_name,
NULL,
SEC_FLAG_MAXIMUM_ALLOWED,
&scmanager_handle,
const struct samr_Password *nt_hashes[2] = { NULL, NULL };
uint8_t idx_nt_hashes = 0;
NTSTATUS status;
+ const char *remote_name = NULL;
+ const struct sockaddr_storage *remote_sockaddr = NULL;
status = netlogon_creds_cli_get(creds_ctx, frame, &creds);
if (NT_STATUS_IS_OK(status)) {
action = "overwrite";
}
+ if (cli != NULL) {
+ remote_name = smbXcli_conn_remote_name(cli->conn);
+ } else {
+ remote_name = "<UNKNOWN>";
+ }
+
DEBUG(5,("%s: %s cached netlogon_creds cli[%s/%s] to %s\n",
__FUNCTION__, action,
creds->account_name, creds->computer_name,
- smbXcli_conn_remote_name(cli->conn)));
+ remote_name));
if (!force_reauth) {
goto done;
}
num_nt_hashes = 2;
}
+ remote_name = smbXcli_conn_remote_name(cli->conn);
+ remote_sockaddr = smbXcli_conn_remote_sockaddr(cli->conn);
+
status = cli_rpc_pipe_open_noauth_transport(cli,
transport,
&ndr_table_netlogon,
+ remote_name,
+ remote_sockaddr,
&netlogon_pipe);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(5,("%s: failed to open noauth netlogon connection to %s - %s\n",
__FUNCTION__,
- smbXcli_conn_remote_name(cli->conn),
+ remote_name,
nt_errstr(status)));
TALLOC_FREE(frame);
return status;
DEBUG(5,("%s: using new netlogon_creds cli[%s/%s] to %s\n",
__FUNCTION__,
creds->account_name, creds->computer_name,
- smbXcli_conn_remote_name(cli->conn)));
+ remote_name));
done:
if (negotiate_flags != NULL) {
struct rpc_pipe_client *rpccli;
NTSTATUS status;
bool retry = false;
+ const char *remote_name = NULL;
+ const struct sockaddr_storage *remote_sockaddr = NULL;
sec_chan_type = cli_credentials_get_secure_channel_type(trust_creds);
if (sec_chan_type == SEC_CHAN_NULL) {
goto fail;
}
- status = cli_rpc_pipe_open_noauth_transport(
- cli, transport, &ndr_table_netlogon, &rpccli);
+ remote_name = smbXcli_conn_remote_name(cli->conn);
+ remote_sockaddr = smbXcli_conn_remote_sockaddr(cli->conn);
+
+ status = cli_rpc_pipe_open_noauth_transport(cli,
+ transport,
+ &ndr_table_netlogon,
+ remote_name,
+ remote_sockaddr,
+ &rpccli);
if (!NT_STATUS_IS_OK(status)) {
DBG_DEBUG("cli_rpc_pipe_open_noauth_transport "
"failed: %s\n", nt_errstr(status));
NTSTATUS cli_rpc_pipe_open_noauth_transport(struct cli_state *cli,
enum dcerpc_transport_t transport,
const struct ndr_interface_table *table,
+ const char *remote_name,
+ const struct sockaddr_storage *remote_sockaddr,
struct rpc_pipe_client **presult)
{
struct rpc_pipe_client *result;
struct pipe_auth_data *auth;
NTSTATUS status;
- const char *remote_name = smbXcli_conn_remote_name(cli->conn);
- const struct sockaddr_storage *remote_sockaddr =
- smbXcli_conn_remote_sockaddr(cli->conn);
-
status = cli_rpc_pipe_open(cli,
transport,
const struct ndr_interface_table *table,
struct rpc_pipe_client **presult)
{
+ const char *remote_name = smbXcli_conn_remote_name(cli->conn);
+ const struct sockaddr_storage *remote_sockaddr =
+ smbXcli_conn_remote_sockaddr(cli->conn);
+
return cli_rpc_pipe_open_noauth_transport(cli, NCACN_NP,
- table, presult);
+ table,
+ remote_name,
+ remote_sockaddr,
+ presult);
}
/****************************************************************************
NTSTATUS cli_rpc_pipe_open_noauth_transport(struct cli_state *cli,
enum dcerpc_transport_t transport,
const struct ndr_interface_table *table,
+ const char *remote_name,
+ const struct sockaddr_storage *remote_sockaddr,
struct rpc_pipe_client **presult);
/****************************************************************************
enum dcerpc_transport_t transport;
TALLOC_CTX *mem_ctx = talloc_stackframe();
+ const char *remote_name = NULL;
+ const struct sockaddr_storage *remote_sockaddr = NULL;
+ struct sockaddr_storage remote_ss = {
+ .ss_family = AF_UNSPEC,
+ };
transport = dcerpc_binding_get_transport(binding);
+ if (cli != NULL) {
+ remote_name = smbXcli_conn_remote_name(cli->conn);
+ remote_sockaddr = smbXcli_conn_remote_sockaddr(cli->conn);
+ } else {
+ const char *remote_host =
+ dcerpc_binding_get_string_option(binding, "host");
+ remote_name = dcerpc_binding_get_string_option(
+ binding, "target_hostname");
+
+ if (remote_host != NULL) {
+ int af = AF_UNSPEC;
+
+ if (remote_name == NULL) {
+ remote_name = dcerpc_binding_get_string_option(
+ binding, "host");
+ }
+
+ if (is_ipaddress_v4(remote_host)) {
+ af = AF_INET;
+ } else if (is_ipaddress_v6(remote_host)) {
+ af = AF_INET6;
+ }
+ if (af != AF_UNSPEC) {
+ int ok = inet_pton(af, remote_host, &remote_ss);
+ if (ok) {
+ remote_sockaddr = &remote_ss;
+ }
+ }
+ }
+ }
+
/* Open pipe */
if ((cmd_entry->table != NULL) && (cmd_entry->rpc_pipe == NULL)) {
ntresult = cli_rpc_pipe_open_noauth_transport(
cli, transport,
cmd_entry->table,
+ remote_name,
+ remote_sockaddr,
&cmd_entry->rpc_pipe);
break;
case DCERPC_AUTH_TYPE_SPNEGO:
sec_chan_type = cli_credentials_get_secure_channel_type(creds);
if (sec_chan_type == SEC_CHAN_NULL) {
+ const char *remote_name =
+ smbXcli_conn_remote_name(conn->cli->conn);
+ const struct sockaddr_storage *remote_sockaddr =
+ smbXcli_conn_remote_sockaddr(conn->cli->conn);
+
if (transport == NCACN_IP_TCP) {
DBG_NOTICE("get_secure_channel_type gave SEC_CHAN_NULL "
"for %s, deny NCACN_IP_TCP and let the "
conn->cli,
transport,
&ndr_table_netlogon,
+ remote_name,
+ remote_sockaddr,
&conn->netlogon_pipe);
if (!NT_STATUS_IS_OK(result)) {
invalidate_cm_connection(domain);