From a13f0599551609394904b99e4014d580ec65c506 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 20 Jul 2008 11:04:31 +0200 Subject: [PATCH] Refactoring: Change calling conventions for cli_rpc_pipe_open_ntlmssp Pass in ndr_syntax_id instead of pipe_idx, return NTSTATUS --- source/include/proto.h | 28 +++++++------- source/libsmb/passchange.c | 14 +++---- source/rpc_client/cli_pipe.c | 86 ++++++++++++++++++++++--------------------- source/rpcclient/rpcclient.c | 30 ++++++++------- source/utils/net_rpc.c | 11 +++--- source/winbindd/winbindd_cm.c | 25 +++++++------ 6 files changed, 101 insertions(+), 93 deletions(-) diff --git a/source/include/proto.h b/source/include/proto.h index 1395ec524b0..ee3905896ad 100644 --- a/source/include/proto.h +++ b/source/include/proto.h @@ -7104,20 +7104,20 @@ NTSTATUS rpc_pipe_open_ncalrpc(TALLOC_CTX *mem_ctx, const char *socket_path, NTSTATUS cli_rpc_pipe_open_noauth(struct cli_state *cli, const struct ndr_syntax_id *interface, struct rpc_pipe_client **presult); -struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp(struct cli_state *cli, - int pipe_idx, - enum pipe_auth_level auth_level, - const char *domain, - const char *username, - const char *password, - NTSTATUS *perr); -struct rpc_pipe_client *cli_rpc_pipe_open_spnego_ntlmssp(struct cli_state *cli, - int pipe_idx, - enum pipe_auth_level auth_level, - const char *domain, - const char *username, - const char *password, - NTSTATUS *perr); +NTSTATUS cli_rpc_pipe_open_ntlmssp(struct cli_state *cli, + const struct ndr_syntax_id *interface, + enum pipe_auth_level auth_level, + const char *domain, + const char *username, + const char *password, + struct rpc_pipe_client **presult); +NTSTATUS cli_rpc_pipe_open_spnego_ntlmssp(struct cli_state *cli, + const struct ndr_syntax_id *interface, + enum pipe_auth_level auth_level, + const char *domain, + const char *username, + const char *password, + struct rpc_pipe_client **presult); struct rpc_pipe_client *get_schannel_session_key(struct cli_state *cli, const char *domain, uint32 *pneg_flags, diff --git a/source/libsmb/passchange.c b/source/libsmb/passchange.c index 86c7b521604..c8a44069492 100644 --- a/source/libsmb/passchange.c +++ b/source/libsmb/passchange.c @@ -136,13 +136,13 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam /* Try not to give the password away too easily */ if (!pass_must_change) { - pipe_hnd = cli_rpc_pipe_open_ntlmssp(cli, - PI_SAMR, - PIPE_AUTH_LEVEL_PRIVACY, - "", /* what domain... ? */ - user_name, - old_passwd, - &result); + result = cli_rpc_pipe_open_ntlmssp(cli, + &ndr_table_samr.syntax_id, + PIPE_AUTH_LEVEL_PRIVACY, + "", /* what domain... ? */ + user_name, + old_passwd, + &pipe_hnd); } else { /* * If the user password must be changed the ntlmssp bind will diff --git a/source/rpc_client/cli_pipe.c b/source/rpc_client/cli_pipe.c index 6fe3a0831a6..b93e8181e96 100644 --- a/source/rpc_client/cli_pipe.c +++ b/source/rpc_client/cli_pipe.c @@ -3053,38 +3053,37 @@ NTSTATUS cli_rpc_pipe_open_noauth(struct cli_state *cli, Open a named pipe to an SMB server and bind using NTLMSSP or SPNEGO NTLMSSP ****************************************************************************/ -static struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp_internal(struct cli_state *cli, - int pipe_idx, - enum pipe_auth_type auth_type, - enum pipe_auth_level auth_level, - const char *domain, - const char *username, - const char *password, - NTSTATUS *perr) +static NTSTATUS cli_rpc_pipe_open_ntlmssp_internal(struct cli_state *cli, + const struct ndr_syntax_id *interface, + enum pipe_auth_type auth_type, + enum pipe_auth_level auth_level, + const char *domain, + const char *username, + const char *password, + struct rpc_pipe_client **presult) { struct rpc_pipe_client *result; struct cli_pipe_auth_data *auth; + NTSTATUS status; - *perr = cli_rpc_pipe_open(cli, pipe_names[pipe_idx].abstr_syntax, - &result); - if (!NT_STATUS_IS_OK(*perr)) { - return NULL; + status = cli_rpc_pipe_open(cli, interface, &result); + if (!NT_STATUS_IS_OK(status)) { + return status; } - *perr = rpccli_ntlmssp_bind_data( + status = rpccli_ntlmssp_bind_data( result, auth_type, auth_level, domain, username, cli->pwd.null_pwd ? NULL : password, &auth); - if (!NT_STATUS_IS_OK(*perr)) { + if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("rpccli_ntlmssp_bind_data returned %s\n", - nt_errstr(*perr))); - TALLOC_FREE(result); - return NULL; + nt_errstr(status))); + goto err; } - *perr = rpc_pipe_bind(result, auth); - if (!NT_STATUS_IS_OK(*perr)) { + status = rpc_pipe_bind(result, auth); + if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error %s\n", - nt_errstr(*perr) )); + nt_errstr(status) )); goto err; } @@ -3093,12 +3092,13 @@ static struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp_internal(struct cli_sta result->trans.np.pipe_name, cli->desthost, domain, username )); - return result; + *presult = result; + return NT_STATUS_OK; err: TALLOC_FREE(result); - return NULL; + return status; } /**************************************************************************** @@ -3106,22 +3106,22 @@ static struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp_internal(struct cli_sta Open a named pipe to an SMB server and bind using NTLMSSP (bind type 10) ****************************************************************************/ -struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp(struct cli_state *cli, - int pipe_idx, - enum pipe_auth_level auth_level, - const char *domain, - const char *username, - const char *password, - NTSTATUS *perr) +NTSTATUS cli_rpc_pipe_open_ntlmssp(struct cli_state *cli, + const struct ndr_syntax_id *interface, + enum pipe_auth_level auth_level, + const char *domain, + const char *username, + const char *password, + struct rpc_pipe_client **presult) { return cli_rpc_pipe_open_ntlmssp_internal(cli, - pipe_idx, + interface, PIPE_AUTH_TYPE_NTLMSSP, auth_level, domain, username, password, - perr); + presult); } /**************************************************************************** @@ -3129,22 +3129,22 @@ struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp(struct cli_state *cli, Open a named pipe to an SMB server and bind using spnego NTLMSSP (bind type 9) ****************************************************************************/ -struct rpc_pipe_client *cli_rpc_pipe_open_spnego_ntlmssp(struct cli_state *cli, - int pipe_idx, - enum pipe_auth_level auth_level, - const char *domain, - const char *username, - const char *password, - NTSTATUS *perr) +NTSTATUS cli_rpc_pipe_open_spnego_ntlmssp(struct cli_state *cli, + const struct ndr_syntax_id *interface, + enum pipe_auth_level auth_level, + const char *domain, + const char *username, + const char *password, + struct rpc_pipe_client **presult) { return cli_rpc_pipe_open_ntlmssp_internal(cli, - pipe_idx, + interface, PIPE_AUTH_TYPE_SPNEGO_NTLMSSP, auth_level, domain, username, password, - perr); + presult); } /**************************************************************************** @@ -3299,7 +3299,11 @@ static struct rpc_pipe_client *get_schannel_session_key_auth_ntlmssp(struct cli_ { struct rpc_pipe_client *netlogon_pipe = NULL; - netlogon_pipe = cli_rpc_pipe_open_spnego_ntlmssp(cli, PI_NETLOGON, PIPE_AUTH_LEVEL_PRIVACY, domain, username, password, perr); + *perr = cli_rpc_pipe_open_spnego_ntlmssp(cli, + &ndr_table_netlogon.syntax_id, + PIPE_AUTH_LEVEL_PRIVACY, + domain, username, password, + &netlogon_pipe); if (!netlogon_pipe) { return NULL; } diff --git a/source/rpcclient/rpcclient.c b/source/rpcclient/rpcclient.c index ff98a24fbae..eac96d39578 100644 --- a/source/rpcclient/rpcclient.c +++ b/source/rpcclient/rpcclient.c @@ -586,22 +586,24 @@ static NTSTATUS do_cmd(struct cli_state *cli, &cmd_entry->rpc_pipe); break; case PIPE_AUTH_TYPE_SPNEGO_NTLMSSP: - cmd_entry->rpc_pipe = cli_rpc_pipe_open_spnego_ntlmssp(cli, - cmd_entry->pipe_idx, - pipe_default_auth_level, - lp_workgroup(), - get_cmdline_auth_info_username(), - get_cmdline_auth_info_password(), - &ntresult); + ntresult = cli_rpc_pipe_open_spnego_ntlmssp( + cli, + cli_get_iface(cmd_entry->pipe_idx), + pipe_default_auth_level, + lp_workgroup(), + get_cmdline_auth_info_username(), + get_cmdline_auth_info_password(), + &cmd_entry->rpc_pipe); break; case PIPE_AUTH_TYPE_NTLMSSP: - cmd_entry->rpc_pipe = cli_rpc_pipe_open_ntlmssp(cli, - cmd_entry->pipe_idx, - pipe_default_auth_level, - lp_workgroup(), - get_cmdline_auth_info_username(), - get_cmdline_auth_info_password(), - &ntresult); + ntresult = cli_rpc_pipe_open_ntlmssp( + cli, + cli_get_iface(cmd_entry->pipe_idx), + pipe_default_auth_level, + lp_workgroup(), + get_cmdline_auth_info_username(), + get_cmdline_auth_info_password(), + &cmd_entry->rpc_pipe); break; case PIPE_AUTH_TYPE_SCHANNEL: cmd_entry->rpc_pipe = cli_rpc_pipe_open_schannel(cli, diff --git a/source/utils/net_rpc.c b/source/utils/net_rpc.c index 783dda19982..1c9776db734 100644 --- a/source/utils/net_rpc.c +++ b/source/utils/net_rpc.c @@ -167,12 +167,11 @@ int run_rpc_command(struct net_context *c, } } else { if (conn_flags & NET_FLAGS_SEAL) { - pipe_hnd = cli_rpc_pipe_open_ntlmssp(cli, pipe_idx, - PIPE_AUTH_LEVEL_PRIVACY, - lp_workgroup(), - c->opt_user_name, - c->opt_password, - &nt_status); + nt_status = cli_rpc_pipe_open_ntlmssp( + cli, cli_get_iface(pipe_idx), + PIPE_AUTH_LEVEL_PRIVACY, + lp_workgroup(), c->opt_user_name, + c->opt_password, &pipe_hnd); } else { nt_status = cli_rpc_pipe_open_noauth( cli, cli_get_iface(pipe_idx), diff --git a/source/winbindd/winbindd_cm.c b/source/winbindd/winbindd_cm.c index b7e2f086fc7..340dc2381d1 100644 --- a/source/winbindd/winbindd_cm.c +++ b/source/winbindd/winbindd_cm.c @@ -1962,14 +1962,15 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, /* We have an authenticated connection. Use a NTLMSSP SPNEGO authenticated SAMR pipe with sign & seal. */ - conn->samr_pipe = - cli_rpc_pipe_open_spnego_ntlmssp(conn->cli, PI_SAMR, - PIPE_AUTH_LEVEL_PRIVACY, - domain_name, - machine_account, - machine_password, &result); + result = cli_rpc_pipe_open_spnego_ntlmssp(conn->cli, + &ndr_table_samr.syntax_id, + PIPE_AUTH_LEVEL_PRIVACY, + domain_name, + machine_account, + machine_password, + &conn->samr_pipe); - if (conn->samr_pipe == NULL) { + if (!NT_STATUS_IS_OK(result)) { DEBUG(10,("cm_connect_sam: failed to connect to SAMR " "pipe for domain %s using NTLMSSP " "authenticated pipe: user %s\\%s. Error was " @@ -2102,11 +2103,13 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, /* We have an authenticated connection. Use a NTLMSSP SPNEGO * authenticated LSA pipe with sign & seal. */ - conn->lsa_pipe = cli_rpc_pipe_open_spnego_ntlmssp - (conn->cli, PI_LSARPC, PIPE_AUTH_LEVEL_PRIVACY, - conn->cli->domain, conn->cli->user_name, conn_pwd, &result); + result = cli_rpc_pipe_open_spnego_ntlmssp + (conn->cli, &ndr_table_lsarpc.syntax_id, + PIPE_AUTH_LEVEL_PRIVACY, + conn->cli->domain, conn->cli->user_name, conn_pwd, + &conn->lsa_pipe); - if (conn->lsa_pipe == NULL) { + if (!NT_STATUS_IS_OK(result)) { DEBUG(10,("cm_connect_lsa: failed to connect to LSA pipe for " "domain %s using NTLMSSP authenticated pipe: user " "%s\\%s. Error was %s. Trying schannel.\n", -- 2.11.4.GIT