-/****************************************************************************
- Open a named pipe to an SMB server and bind using schannel (bind type 68).
- Fetch the session key ourselves using a temporary netlogon pipe. This
- version uses an ntlmssp auth bound netlogon pipe to get the key.
- ****************************************************************************/
-
-static NTSTATUS get_schannel_session_key_auth_ntlmssp(struct cli_state *cli,
- const char *domain,
- const char *username,
- const char *password,
- uint32 *pneg_flags,
- struct rpc_pipe_client **presult)
-{
- struct rpc_pipe_client *netlogon_pipe = NULL;
- NTSTATUS status;
-
- status = cli_rpc_pipe_open_spnego_ntlmssp(
- cli, &ndr_table_netlogon.syntax_id, NCACN_NP,
- DCERPC_AUTH_LEVEL_PRIVACY,
- domain, username, password, &netlogon_pipe);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- status = get_schannel_session_key_common(netlogon_pipe, cli, domain,
- pneg_flags);
- if (!NT_STATUS_IS_OK(status)) {
- TALLOC_FREE(netlogon_pipe);
- return status;
- }
-
- *presult = netlogon_pipe;
- return NT_STATUS_OK;
-}
-
-/****************************************************************************
- Open a named pipe to an SMB server and bind using schannel (bind type 68).
- Fetch the session key ourselves using a temporary netlogon pipe. This version
- uses an ntlmssp bind to get the session key.
- ****************************************************************************/
-
-NTSTATUS cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli,
- const struct ndr_syntax_id *interface,
- enum dcerpc_transport_t transport,
- enum dcerpc_AuthLevel auth_level,
- const char *domain,
- const char *username,
- const char *password,
- struct rpc_pipe_client **presult)
-{
- uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS;
- struct rpc_pipe_client *netlogon_pipe = NULL;
- struct rpc_pipe_client *result = NULL;
- NTSTATUS status;
-
- status = get_schannel_session_key_auth_ntlmssp(
- cli, domain, username, password, &neg_flags, &netlogon_pipe);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0,("cli_rpc_pipe_open_ntlmssp_auth_schannel: failed to get schannel session "
- "key from server %s for domain %s.\n",
- cli->desthost, domain ));
- return status;
- }
-
- status = cli_rpc_pipe_open_schannel_with_key(
- cli, interface, transport, auth_level, domain, &netlogon_pipe->dc,
- &result);
-
- /* Now we've bound using the session key we can close the netlog pipe. */
- TALLOC_FREE(netlogon_pipe);
-
- if (NT_STATUS_IS_OK(status)) {
- *presult = result;
- }
- return status;
-}
-
-/****************************************************************************
- Open a named pipe to an SMB server and bind using schannel (bind type 68).
- Fetch the session key ourselves using a temporary netlogon pipe.
- ****************************************************************************/
-
-NTSTATUS cli_rpc_pipe_open_schannel(struct cli_state *cli,
- const struct ndr_syntax_id *interface,
- enum dcerpc_transport_t transport,
- enum dcerpc_AuthLevel auth_level,
- const char *domain,
- struct rpc_pipe_client **presult)
-{
- uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS;
- struct rpc_pipe_client *netlogon_pipe = NULL;
- struct rpc_pipe_client *result = NULL;
- NTSTATUS status;
-
- status = get_schannel_session_key(cli, domain, &neg_flags,
- &netlogon_pipe);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0,("cli_rpc_pipe_open_schannel: failed to get schannel session "
- "key from server %s for domain %s.\n",
- cli->desthost, domain ));
- return status;
- }
-
- status = cli_rpc_pipe_open_schannel_with_key(
- cli, interface, transport, auth_level, domain, &netlogon_pipe->dc,
- &result);
-
- /* Now we've bound using the session key we can close the netlog pipe. */
- TALLOC_FREE(netlogon_pipe);
-
- if (NT_STATUS_IS_OK(status)) {
- *presult = result;
- }
-
- return status;
-}
-