c->status = gensec_update(sec->generic_state, state,
sec->auth_info->credentials,
&state->credentials);
+ data_blob_free(&sec->auth_info->credentials);
if (NT_STATUS_EQUAL(c->status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
more_processing = true;
if (!composite_is_ok(c)) return;
+ if (state->pipe->conn->flags & DCERPC_HEADER_SIGNING) {
+ gensec_want_feature(sec->generic_state, GENSEC_FEATURE_SIGN_PKT_HEADER);
+ }
+
if (state->credentials.length == 0) {
composite_done(c);
return;
if (!more_processing) {
/* NO reply expected, so just send it */
- c->status = dcerpc_auth3(state->pipe->conn, state);
+ c->status = dcerpc_auth3(state->pipe, state);
+ data_blob_free(&state->credentials);
+ sec->auth_info->credentials = data_blob(NULL, 0);
if (!composite_is_ok(c)) return;
composite_done(c);
creq = dcerpc_alter_context_send(state->pipe, state,
&state->pipe->syntax,
&state->pipe->transfer_syntax);
+ data_blob_free(&state->credentials);
+ sec->auth_info->credentials = data_blob(NULL, 0);
if (composite_nomem(creq, c)) return;
composite_continue(c, creq, bind_auth_recv_alter, c);
struct dcerpc_pipe *p,
const struct ndr_interface_table *table,
struct cli_credentials *credentials,
- struct loadparm_context *lp_ctx,
+ struct gensec_settings *gensec_settings,
uint8_t auth_type, uint8_t auth_level,
const char *service)
{
c->status = gensec_client_start(p, &sec->generic_state,
p->conn->event_ctx,
- lp_ctx);
+ gensec_settings);
if (!NT_STATUS_IS_OK(c->status)) {
DEBUG(1, ("Failed to start GENSEC client mode: %s\n",
nt_errstr(c->status)));
auth_type, auth_level);
if (!NT_STATUS_IS_OK(c->status)) {
DEBUG(1, ("Failed to start GENSEC client mechanism %s: %s\n",
- gensec_get_name_by_authtype(auth_type),
+ gensec_get_name_by_authtype(sec->generic_state, auth_type),
nt_errstr(c->status)));
composite_error(c, c->status);
return c;
/* The first request always is a dcerpc_bind. The subsequent ones
* depend on gensec results */
creq = dcerpc_bind_send(p, state, &syntax, &transfer_syntax);
+ data_blob_free(&state->credentials);
+ sec->auth_info->credentials = data_blob(NULL, 0);
if (composite_nomem(creq, c)) return c;
composite_continue(c, creq, bind_auth_recv_bindreply, c);
_PUBLIC_ NTSTATUS dcerpc_bind_auth(struct dcerpc_pipe *p,
const struct ndr_interface_table *table,
struct cli_credentials *credentials,
- struct loadparm_context *lp_ctx,
+ struct gensec_settings *gensec_settings,
uint8_t auth_type, uint8_t auth_level,
const char *service)
{
struct composite_context *creq;
- creq = dcerpc_bind_auth_send(p, p, table, credentials, lp_ctx,
+ creq = dcerpc_bind_auth_send(p, p, table, credentials, gensec_settings,
auth_type, auth_level, service);
return dcerpc_bind_auth_recv(creq);
}