librpc: Remove user/domain from struct pipe_auth_data

This does require that we always fill in the gensec pointer, but the
simplification is worth the extra allocations.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

diff --git a/source3/librpc/rpc/dcerpc.h b/source3/librpc/rpc/dcerpc.h
index 9d0f86156e753603cce8f795f4c2781a1b665fc3..f75dd8417b5b92410180b581f6e8f12003644c26 100644 (file)
--- a/source3/librpc/rpc/dcerpc.h
+++ b/source3/librpc/rpc/dcerpc.h
@@ -45,9 +45,7 @@ struct pipe_auth_data {
 
        void *auth_ctx;
 
-       /* Only the client code uses these 3 for now */
-       char *domain;
-       char *user_name;
+       /* Only the client code uses this for now */
        DATA_BLOB transport_session_key;
 };
 

diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index ce247ff537e049f9b292c2ebec1ce34984af03bb..d3a075f28d3fe10763edaf12f96848fdd947f249 100644 (file)
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -2289,6 +2289,8 @@ NTSTATUS rpccli_anon_bind_data(TALLOC_CTX *mem_ctx,
                               struct pipe_auth_data **presult)
 {
        struct pipe_auth_data *result;
+       struct auth_generic_state *auth_generic_ctx;
+       NTSTATUS status;
 
        result = talloc_zero(mem_ctx, struct pipe_auth_data);
        if (result == NULL) {
@@ -2298,13 +2300,38 @@ NTSTATUS rpccli_anon_bind_data(TALLOC_CTX *mem_ctx,
        result->auth_type = DCERPC_AUTH_TYPE_NONE;
        result->auth_level = DCERPC_AUTH_LEVEL_NONE;
 
-       result->user_name = talloc_strdup(result, "");
-       result->domain = talloc_strdup(result, "");
-       if ((result->user_name == NULL) || (result->domain == NULL)) {
-               TALLOC_FREE(result);
-               return NT_STATUS_NO_MEMORY;
+       status = auth_generic_client_prepare(result,
+                                            &auth_generic_ctx);
+       if (!NT_STATUS_IS_OK(status)) {
+               DEBUG(1, ("Failed to create auth_generic context: %s\n",
+                         nt_errstr(status)));
+       }
+
+       status = auth_generic_set_username(auth_generic_ctx, "");
+       if (!NT_STATUS_IS_OK(status)) {
+               DEBUG(1, ("Failed to set username: %s\n",
+                         nt_errstr(status)));
+       }
+
+       status = auth_generic_set_domain(auth_generic_ctx, "");
+       if (!NT_STATUS_IS_OK(status)) {
+               DEBUG(1, ("Failed to set domain: %s\n",
+                         nt_errstr(status)));
+               return status;
        }
 
+       status = gensec_set_credentials(auth_generic_ctx->gensec_security,
+                                       auth_generic_ctx->credentials);
+       if (!NT_STATUS_IS_OK(status)) {
+               DEBUG(1, ("Failed to set GENSEC credentials: %s\n",
+                         nt_errstr(status)));
+               return status;
+       }
+       talloc_unlink(auth_generic_ctx, auth_generic_ctx->credentials);
+       auth_generic_ctx->credentials = NULL;
+
+       result->auth_ctx = talloc_move(result, &auth_generic_ctx->gensec_security);
+       talloc_free(auth_generic_ctx);
        *presult = result;
        return NT_STATUS_OK;
 }
@@ -2333,13 +2360,6 @@ static NTSTATUS rpccli_generic_bind_data(TALLOC_CTX *mem_ctx,
        result->auth_type = auth_type;
        result->auth_level = auth_level;
 
-       result->user_name = talloc_strdup(result, username);
-       result->domain = talloc_strdup(result, domain);
-       if ((result->user_name == NULL) || (result->domain == NULL)) {
-               status = NT_STATUS_NO_MEMORY;
-               goto fail;
-       }
-
        status = auth_generic_client_prepare(result,
                                             &auth_generic_ctx);
        if (!NT_STATUS_IS_OK(status)) {
@@ -2867,18 +2887,6 @@ NTSTATUS cli_rpc_pipe_open_noauth_transport(struct cli_state *cli,
         * from the enclosing SMB creds
         */
 
-       TALLOC_FREE(auth->user_name);
-       TALLOC_FREE(auth->domain);
-
-       auth->user_name = talloc_strdup(auth, cli->user_name);
-       auth->domain = talloc_strdup(auth, cli->domain);
-
-       if ((cli->user_name != NULL && auth->user_name == NULL)
-           || (cli->domain != NULL && auth->domain == NULL)) {
-               TALLOC_FREE(result);
-               return NT_STATUS_NO_MEMORY;
-       }
-
        if (transport == NCACN_NP) {
                struct smbXcli_session *session;
 

diff --git a/source3/rpc_client/cli_spoolss.c b/source3/rpc_client/cli_spoolss.c
index 1a8903d82a154e1f86ef8f1f042133c960d07310..f262d888d12b1b6670b78d14c0894d775b700359 100644 (file)
--- a/source3/rpc_client/cli_spoolss.c
+++ b/source3/rpc_client/cli_spoolss.c
@@ -26,6 +26,8 @@
 #include "rpc_client/rpc_client.h"
 #include "../librpc/gen_ndr/ndr_spoolss_c.h"
 #include "rpc_client/cli_spoolss.h"
+#include "auth/gensec/gensec.h"
+#include "auth/credentials/credentials.h"
 
 /**********************************************************************
  convencience wrapper around rpccli_spoolss_OpenPrinterEx
@@ -43,13 +45,14 @@ WERROR rpccli_spoolss_openprinter_ex(struct rpc_pipe_client *cli,
        struct spoolss_UserLevelCtr userlevel_ctr;
        struct spoolss_UserLevel1 level1;
        struct dcerpc_binding_handle *b = cli->binding_handle;
+       struct cli_credentials *creds = gensec_get_credentials(cli->auth->auth_ctx);
 
        ZERO_STRUCT(devmode_ctr);
 
        level1.size     = 28;
        level1.client   = talloc_asprintf(mem_ctx, "\\\\%s", lp_netbios_name());
        W_ERROR_HAVE_NO_MEMORY(level1.client);
-       level1.user     = cli->auth->user_name;
+       level1.user     = cli_credentials_get_username(creds);
        level1.build    = 1381;
        level1.major    = 2;
        level1.minor    = 0;
@@ -221,6 +224,7 @@ WERROR rpccli_spoolss_addprinterex(struct rpc_pipe_client *cli,
        struct spoolss_UserLevel1 level1;
        struct policy_handle handle;
        struct dcerpc_binding_handle *b = cli->binding_handle;
+       struct cli_credentials *creds = gensec_get_credentials(cli->auth->auth_ctx);
 
        ZERO_STRUCT(devmode_ctr);
        ZERO_STRUCT(secdesc_ctr);
@@ -232,7 +236,7 @@ WERROR rpccli_spoolss_addprinterex(struct rpc_pipe_client *cli,
        level1.processor        = 0;
        level1.client           = talloc_asprintf(mem_ctx, "\\\\%s", lp_netbios_name());
        W_ERROR_HAVE_NO_MEMORY(level1.client);
-       level1.user             = cli->auth->user_name;
+       level1.user             = cli_credentials_get_username(creds);
 
        userlevel_ctr.level = 1;
        userlevel_ctr.user_info.level1 = &level1;

diff --git a/source3/utils/net_rpc_printer.c b/source3/utils/net_rpc_printer.c
index f5247b29352ddf9f7abf88f3059dc800f826bd4e..8b5ea617a284a64fc2b834480845b76b8090a08d 100644 (file)
--- a/source3/utils/net_rpc_printer.c
+++ b/source3/utils/net_rpc_printer.c
@@ -29,6 +29,8 @@
 #include "../libcli/registry/util_reg.h"
 #include "libsmb/libsmb.h"
 #include "../libcli/smb/smbXcli_base.h"
+#include "auth/gensec/gensec.h"
+#include "auth/credentials/credentials.h"
 
 /* support itanium as well */
 static const struct print_architecture_table_node archi_table[]= {
@@ -1120,6 +1122,7 @@ static bool get_printer_info(struct rpc_pipe_client *pipe_hnd,
 {
        struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
        struct policy_handle hnd;
+       struct cli_credentials *creds = gensec_get_credentials(pipe_hnd->auth->auth_ctx);
        WERROR werr;
 
        /* no arguments given, enumerate all printers */
@@ -1136,7 +1139,7 @@ static bool get_printer_info(struct rpc_pipe_client *pipe_hnd,
        /* argument given, get a single printer by name */
        if (!net_spoolss_open_printer_ex(pipe_hnd, mem_ctx, argv[0],
                                         MAXIMUM_ALLOWED_ACCESS,
-                                        pipe_hnd->auth->user_name,
+                                        cli_credentials_get_username(creds),
                                         &hnd))
                return false;
 
@@ -1315,6 +1318,8 @@ static NTSTATUS rpc_printer_publish_internals_args(struct rpc_pipe_client *pipe_
        struct policy_handle hnd = { 0, };
        WERROR result;
        const char *action_str;
+       struct cli_credentials *creds = gensec_get_credentials(pipe_hnd->auth->auth_ctx);
+       const char *username = cli_credentials_get_username(creds);
 
        if (!get_printer_info(pipe_hnd, mem_ctx, 2, argc, argv, &num_printers, &info_enum))
                return nt_status;
@@ -1330,7 +1335,7 @@ static NTSTATUS rpc_printer_publish_internals_args(struct rpc_pipe_client *pipe_
 
                /* open printer handle */
                if (!net_spoolss_open_printer_ex(pipe_hnd, mem_ctx, sharename,
-                       PRINTER_ALL_ACCESS, pipe_hnd->auth->user_name, &hnd))
+                       PRINTER_ALL_ACCESS, username, &hnd))
                        goto done;
 
                /* check for existing dst printer */
@@ -1912,6 +1917,8 @@ NTSTATUS rpc_printer_migrate_drivers_internals(struct net_context *c,
        struct cli_state *cli_share_src = NULL;
        struct cli_state *cli_share_dst = NULL;
        const char *drivername = NULL;
+       struct cli_credentials *creds = gensec_get_credentials(pipe_hnd->auth->auth_ctx);
+       const char *username = cli_credentials_get_username(creds);
        WERROR werr;
 
        DEBUG(3,("copying printer-drivers\n"));
@@ -1990,7 +1997,7 @@ NTSTATUS rpc_printer_migrate_drivers_internals(struct net_context *c,
                /* open src printer handle */
                if (!net_spoolss_open_printer_ex(pipe_hnd, mem_ctx, sharename,
                                                 MAXIMUM_ALLOWED_ACCESS,
-                                                pipe_hnd->auth->user_name,
+                                                username,
                                                 &hnd_src))
                        goto done;