*/
#include "includes.h"
+#include "../libcli/auth/libcli_auth.h"
#include "librpc/gen_ndr/cli_epmapper.h"
+#include "../librpc/gen_ndr/ndr_schannel.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_RPC_CLI
/* the names appear not to matter: the syntaxes _do_ matter */
const char *client_pipe;
- const RPC_IFACE *abstr_syntax; /* this one is the abstract syntax id */
+ const struct ndr_syntax_id *abstr_syntax; /* this one is the abstract syntax id */
} pipe_names [] =
{
{ PIPE_LSARPC, &ndr_table_lsarpc.syntax_id },
return NT_STATUS_OK;
}
- if (auth_len != RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN) {
+ if (auth_len < RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN) {
DEBUG(0,("cli_pipe_verify_schannel: auth_len %u.\n", (unsigned int)auth_len ));
return NT_STATUS_INVALID_PARAMETER;
}
RPC_HDR_AUTH *pauth_out,
prs_struct *auth_data)
{
- RPC_AUTH_SCHANNEL_NEG schannel_neg;
+ struct NL_AUTH_MESSAGE r;
+ enum ndr_err_code ndr_err;
+ DATA_BLOB blob;
/* We may change the pad length before marshalling. */
init_rpc_hdr_auth(pauth_out, RPC_SCHANNEL_AUTH_TYPE, (int)auth_level, 0, 1);
}
}
- init_rpc_auth_schannel_neg(&schannel_neg, cli->auth->domain,
- global_myname());
-
/*
* Now marshall the data into the auth parse_struct.
*/
- if(!smb_io_rpc_auth_schannel_neg("schannel_neg",
- &schannel_neg, auth_data, 0)) {
- DEBUG(0,("Failed to marshall RPC_AUTH_SCHANNEL_NEG.\n"));
+ r.MessageType = NL_NEGOTIATE_REQUEST;
+ r.Flags = NL_FLAG_OEM_NETBIOS_DOMAIN_NAME |
+ NL_FLAG_OEM_NETBIOS_COMPUTER_NAME;
+ r.oem_netbios_domain.a = cli->auth->domain;
+ r.oem_netbios_computer.a = global_myname();
+
+ ndr_err = ndr_push_struct_blob(&blob, talloc_tos(), NULL, &r,
+ (ndr_push_flags_fn_t)ndr_push_NL_AUTH_MESSAGE);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ DEBUG(0,("Failed to marshall NL_AUTH_MESSAGE.\n"));
+ prs_mem_free(auth_data);
+ return ndr_map_error2ntstatus(ndr_err);
+ }
+
+ if (DEBUGLEVEL >= 10) {
+ NDR_PRINT_DEBUG(NL_AUTH_MESSAGE, &r);
+ }
+
+ if (!prs_copy_data_in(auth_data, (const char *)blob.data, blob.length))
+ {
prs_mem_free(auth_data);
return NT_STATUS_NO_MEMORY;
}
static NTSTATUS create_bind_or_alt_ctx_internal(enum RPC_PKT_TYPE pkt_type,
prs_struct *rpc_out,
uint32 rpc_call_id,
- const RPC_IFACE *abstract,
- const RPC_IFACE *transfer,
+ const struct ndr_syntax_id *abstract,
+ const struct ndr_syntax_id *transfer,
RPC_HDR_AUTH *phdr_auth,
prs_struct *pauth_info)
{
static NTSTATUS create_rpc_bind_req(struct rpc_pipe_client *cli,
prs_struct *rpc_out,
uint32 rpc_call_id,
- const RPC_IFACE *abstract,
- const RPC_IFACE *transfer,
+ const struct ndr_syntax_id *abstract,
+ const struct ndr_syntax_id *transfer,
enum pipe_auth_type auth_type,
enum pipe_auth_level auth_level)
{
return NT_STATUS_OK;
}
-NTSTATUS rpc_api_pipe_req(TALLOC_CTX *mem_ctx, struct rpc_pipe_client *cli,
- uint8 op_num,
- prs_struct *in_data,
- prs_struct *out_data)
-{
- TALLOC_CTX *frame = talloc_stackframe();
- struct event_context *ev;
- struct tevent_req *req;
- NTSTATUS status = NT_STATUS_NO_MEMORY;
-
- ev = event_context_init(frame);
- if (ev == NULL) {
- goto fail;
- }
-
- req = rpc_api_pipe_req_send(frame, ev, cli, op_num, in_data);
- if (req == NULL) {
- goto fail;
- }
-
- tevent_req_poll(req, ev);
-
- status = rpc_api_pipe_req_recv(req, mem_ctx, out_data);
- fail:
- TALLOC_FREE(frame);
- return status;
-}
-
#if 0
/****************************************************************************
Set the handle state.
Check the rpc bind acknowledge response.
****************************************************************************/
-static bool check_bind_response(RPC_HDR_BA *hdr_ba, const RPC_IFACE *transfer)
+static bool check_bind_response(RPC_HDR_BA *hdr_ba,
+ const struct ndr_syntax_id *transfer)
{
if ( hdr_ba->addr.len == 0) {
DEBUG(4,("Ignoring length check -- ASU bug (server didn't fill in the pipe name correctly)"));
********************************************************************/
static NTSTATUS create_rpc_alter_context(uint32 rpc_call_id,
- const RPC_IFACE *abstract,
- const RPC_IFACE *transfer,
+ const struct ndr_syntax_id *abstract,
+ const struct ndr_syntax_id *transfer,
enum pipe_auth_level auth_level,
const DATA_BLOB *pauth_blob, /* spnego auth blob already created. */
prs_struct *rpc_out)
TALLOC_CTX *frame = talloc_stackframe();
struct event_context *ev;
struct tevent_req *req;
- NTSTATUS status = NT_STATUS_NO_MEMORY;
+ NTSTATUS status = NT_STATUS_OK;
ev = event_context_init(frame);
if (ev == NULL) {
+ status = NT_STATUS_NO_MEMORY;
goto fail;
}
req = rpc_pipe_bind_send(frame, ev, cli, auth);
if (req == NULL) {
+ status = NT_STATUS_NO_MEMORY;
goto fail;
}
- tevent_req_poll(req, ev);
+ if (!tevent_req_poll(req, ev)) {
+ status = map_nt_error_from_unix(errno);
+ goto fail;
+ }
status = rpc_pipe_bind_recv(req);
fail:
result->abstract_syntax = *abstract_syntax;
result->transfer_syntax = ndr_transfer_syntax;
result->dispatch = cli_do_rpc_ndr;
+ result->dispatch_send = cli_do_rpc_ndr_send;
+ result->dispatch_recv = cli_do_rpc_ndr_recv;
result->desthost = talloc_strdup(result, host);
result->srv_name_slash = talloc_asprintf_strupper_m(
result->max_xmit_frag = RPC_MAX_PDU_FRAG_LEN;
result->max_recv_frag = RPC_MAX_PDU_FRAG_LEN;
- if (!resolve_name(host, &addr, 0)) {
+ if (!resolve_name(host, &addr, 0, false)) {
status = NT_STATUS_NOT_FOUND;
goto fail;
}
goto fail;
}
+ result->transport->transport = NCACN_IP_TCP;
+
*presult = result;
return NT_STATUS_OK;
result->abstract_syntax = *abstract_syntax;
result->transfer_syntax = ndr_transfer_syntax;
result->dispatch = cli_do_rpc_ndr;
+ result->dispatch_send = cli_do_rpc_ndr_send;
+ result->dispatch_recv = cli_do_rpc_ndr_recv;
result->desthost = get_myname(result);
result->srv_name_slash = talloc_asprintf_strupper_m(
addr.sun_family = AF_UNIX;
strncpy(addr.sun_path, socket_path, sizeof(addr.sun_path));
- if (sys_connect(fd, (struct sockaddr *)&addr) == -1) {
+ if (sys_connect(fd, (struct sockaddr *)(void *)&addr) == -1) {
DEBUG(0, ("connect(%s) failed: %s\n", socket_path,
strerror(errno)));
close(fd);
goto fail;
}
+ result->transport->transport = NCALRPC;
+
*presult = result;
return NT_STATUS_OK;
result->abstract_syntax = *abstract_syntax;
result->transfer_syntax = ndr_transfer_syntax;
result->dispatch = cli_do_rpc_ndr;
+ result->dispatch_send = cli_do_rpc_ndr_send;
+ result->dispatch_recv = cli_do_rpc_ndr_recv;
result->desthost = talloc_strdup(result, cli->desthost);
result->srv_name_slash = talloc_asprintf_strupper_m(
result, "\\\\%s", result->desthost);
return status;
}
+ result->transport->transport = NCACN_NP;
+
DLIST_ADD(cli->pipe_list, result);
talloc_set_destructor(result, rpc_pipe_client_np_destructor);
result->abstract_syntax = *syntax;
result->transfer_syntax = ndr_transfer_syntax;
result->dispatch = cli_do_rpc_ndr;
+ result->dispatch_send = cli_do_rpc_ndr_send;
+ result->dispatch_recv = cli_do_rpc_ndr_recv;
result->max_xmit_frag = RPC_MAX_PDU_FRAG_LEN;
result->max_recv_frag = RPC_MAX_PDU_FRAG_LEN;
return status;
}
+ result->transport->transport = NCACN_INTERNAL;
+
*presult = result;
return NT_STATUS_OK;
}
External interface.
Open a named pipe to an SMB server and bind using schannel (bind type 68)
using session_key. sign and seal.
+
+ The *pdc will be stolen onto this new pipe
****************************************************************************/
NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli,
const struct ndr_syntax_id *interface,
enum pipe_auth_level auth_level,
const char *domain,
- const struct dcinfo *pdc,
+ struct netlogon_creds_CredentialState **pdc,
struct rpc_pipe_client **presult)
{
struct rpc_pipe_client *result;
}
status = rpccli_schannel_bind_data(result, domain, auth_level,
- pdc->sess_key, &auth);
+ (*pdc)->session_key, &auth);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("rpccli_schannel_bind_data returned %s\n",
nt_errstr(status)));
/*
* The credentials on a new netlogon pipe are the ones we are passed
- * in - copy them over.
+ * in - reference them in
*/
- result->dc = (struct dcinfo *)talloc_memdup(result, pdc, sizeof(*pdc));
+ result->dc = talloc_move(result, pdc);
if (result->dc == NULL) {
- DEBUG(0, ("talloc failed\n"));
+ DEBUG(0, ("talloc reference failed\n"));
TALLOC_FREE(result);
return NT_STATUS_NO_MEMORY;
}
}
status = cli_rpc_pipe_open_schannel_with_key(
- cli, interface, auth_level, domain, netlogon_pipe->dc,
+ cli, interface, auth_level, domain, &netlogon_pipe->dc,
&result);
/* Now we've bound using the session key we can close the netlog pipe. */
}
status = cli_rpc_pipe_open_schannel_with_key(
- cli, interface, auth_level, domain, netlogon_pipe->dc,
+ cli, interface, auth_level, domain, &netlogon_pipe->dc,
&result);
/* Now we've bound using the session key we can close the netlog pipe. */