return NT_STATUS_OK;
}
-NTSTATUS cli_rpc_pipe_open_spnego(struct cli_state *cli,
- const struct ndr_interface_table *table,
- enum dcerpc_transport_t transport,
- enum credentials_use_kerberos use_kerberos,
- enum dcerpc_AuthLevel auth_level,
- const char *server,
- const char *domain,
- const char *username,
- const char *password,
- struct rpc_pipe_client **presult)
-{
- struct rpc_pipe_client *result;
- struct pipe_auth_data *auth = NULL;
- const char *target_service = table->authservices->names[0];
-
- NTSTATUS status;
-
- status = cli_rpc_pipe_open(cli, transport, table, &result);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- status = rpccli_generic_bind_data(result,
- DCERPC_AUTH_TYPE_SPNEGO, auth_level,
- server, target_service,
- domain, username, password,
- use_kerberos, NULL,
- &auth);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, ("rpccli_generic_bind_data returned %s\n",
- nt_errstr(status)));
- goto err;
- }
-
- status = rpc_pipe_bind(result, auth);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, ("cli_rpc_pipe_open_spnego: cli_rpc_pipe_bind failed with error %s\n",
- nt_errstr(status) ));
- goto err;
- }
-
- DEBUG(10,("cli_rpc_pipe_open_spnego: opened pipe %s to "
- "machine %s.\n", table->name,
- result->desthost));
-
- *presult = result;
- return NT_STATUS_OK;
-
- err:
-
- TALLOC_FREE(result);
- return status;
-}
-
NTSTATUS cli_get_session_key(TALLOC_CTX *mem_ctx,
struct rpc_pipe_client *cli,
DATA_BLOB *session_key)
const char *password,
struct rpc_pipe_client **presult);
-NTSTATUS cli_rpc_pipe_open_spnego(struct cli_state *cli,
- const struct ndr_interface_table *table,
- enum dcerpc_transport_t transport,
- enum credentials_use_kerberos use_kerberos,
- enum dcerpc_AuthLevel auth_level,
- const char *server,
- const char *domain,
- const char *username,
- const char *password,
- struct rpc_pipe_client **presult);
-
NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli,
const struct ndr_interface_table *table,
enum dcerpc_transport_t transport,
/* Open pipe */
if ((cmd_entry->table != NULL) && (cmd_entry->rpc_pipe == NULL)) {
+ enum credentials_use_kerberos use_kerberos = CRED_AUTO_USE_KERBEROS;
switch (pipe_default_auth_type) {
case DCERPC_AUTH_TYPE_NONE:
ntresult = cli_rpc_pipe_open_noauth_transport(
&cmd_entry->rpc_pipe);
break;
case DCERPC_AUTH_TYPE_SPNEGO:
- {
- enum credentials_use_kerberos use_kerberos;
-
switch (pipe_default_auth_spnego_type) {
case PIPE_AUTH_TYPE_SPNEGO_NTLMSSP:
use_kerberos = CRED_DONT_USE_KERBEROS;
use_kerberos = CRED_AUTO_USE_KERBEROS;
break;
}
- ntresult = cli_rpc_pipe_open_spnego(
- cli, cmd_entry->table,
- default_transport,
- use_kerberos,
- pipe_default_auth_level,
- smbXcli_conn_remote_name(cli->conn),
- get_cmdline_auth_info_domain(auth_info),
- get_cmdline_auth_info_username(auth_info),
- get_cmdline_auth_info_password(auth_info),
- &cmd_entry->rpc_pipe);
- break;
- }
+ /* Fall through */
case DCERPC_AUTH_TYPE_NTLMSSP:
case DCERPC_AUTH_TYPE_KRB5:
ntresult = cli_rpc_pipe_open_generic_auth(
cli, cmd_entry->table,
default_transport,
- CRED_AUTO_USE_KERBEROS,
+ use_kerberos,
pipe_default_auth_type,
pipe_default_auth_level,
smbXcli_conn_remote_name(cli->conn),
/* We have an authenticated connection. Use a NTLMSSP SPNEGO
authenticated SAMR pipe with sign & seal. */
- status = cli_rpc_pipe_open_spnego(conn->cli,
- &ndr_table_samr,
- NCACN_NP,
- CRED_DONT_USE_KERBEROS,
- conn->auth_level,
- smbXcli_conn_remote_name(conn->cli->conn),
- domain_name,
- machine_account,
- machine_password,
- &conn->samr_pipe);
+ status = cli_rpc_pipe_open_generic_auth(conn->cli,
+ &ndr_table_samr,
+ NCACN_NP,
+ CRED_DONT_USE_KERBEROS,
+ DCERPC_AUTH_TYPE_SPNEGO,
+ conn->auth_level,
+ smbXcli_conn_remote_name(conn->cli->conn),
+ domain_name,
+ machine_account,
+ machine_password,
+ &conn->samr_pipe);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10,("cm_connect_sam: failed to connect to SAMR "
/* We have an authenticated connection. Use a NTLMSSP SPNEGO
* authenticated LSA pipe with sign & seal. */
- result = cli_rpc_pipe_open_spnego
+ result = cli_rpc_pipe_open_generic_auth
(conn->cli, &ndr_table_lsarpc, NCACN_NP,
CRED_DONT_USE_KERBEROS,
+ DCERPC_AUTH_TYPE_SPNEGO,
conn->auth_level,
smbXcli_conn_remote_name(conn->cli->conn),
conn->cli->domain, conn->cli->user_name, conn->cli->password,