sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-26 21:57:41 +03:00
Code

s3/rpc_client: return validation from rpccli_netlogon functions

Browse Source 
Return the validation info instead of the already mapped info3. Higher
layers need info6 if available, this is the first step in passing the
unmapped info up to callers.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
Ralph Boehme 2017-11-30 23:35:40 +01:00
parent 7082ebbbfb
commit 489e942aa9
4 changed files with 49 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
source3/rpc_client/cli_netlogon.c
View File

@ -461,7 +461,8 @@ NTSTATUS rpccli_netlogon_password_logon(
enum netr_LogonInfoClass logon_type, enum netr_LogonInfoClass logon_type,
uint8_t *authoritative, uint8_t *authoritative,
uint32_t *flags, uint32_t *flags,
struct netr_SamInfo3 **info3) uint16_t *_validation_level,
union netr_Validation **_validation)
{ {
TALLOC_CTX *frame = talloc_stackframe(); TALLOC_CTX *frame = talloc_stackframe();
NTSTATUS status; NTSTATUS status;
@ -572,7 +573,7 @@ NTSTATUS rpccli_netlogon_password_logon(
binding_handle, binding_handle,
logon_type, logon_type,
logon, logon,
frame, mem_ctx,
&validation_level, &validation_level,
&validation, &validation,
authoritative, authoritative,
@ -582,14 +583,9 @@ NTSTATUS rpccli_netlogon_password_logon(
return status; return status;
} }
status = map_validation_to_info3(mem_ctx,
validation_level, validation,
info3);
TALLOC_FREE(frame); TALLOC_FREE(frame);
if (!NT_STATUS_IS_OK(status)) { *_validation_level = validation_level;
return status; *_validation = validation;
}
return NT_STATUS_OK; return NT_STATUS_OK;
} }
@ -614,7 +610,8 @@ NTSTATUS rpccli_netlogon_network_logon(
DATA_BLOB nt_response, DATA_BLOB nt_response,
uint8_t *authoritative, uint8_t *authoritative,
uint32_t *flags, uint32_t *flags,
struct netr_SamInfo3 **info3) uint16_t *_validation_level,
union netr_Validation **_validation)
{ {
NTSTATUS status; NTSTATUS status;
const char *workstation_name_slash; const char *workstation_name_slash;
@ -625,7 +622,7 @@ NTSTATUS rpccli_netlogon_network_logon(
struct netr_ChallengeResponse lm; struct netr_ChallengeResponse lm;
struct netr_ChallengeResponse nt; struct netr_ChallengeResponse nt;
*info3 = NULL; *_validation = NULL;
ZERO_STRUCT(lm); ZERO_STRUCT(lm);
ZERO_STRUCT(nt); ZERO_STRUCT(nt);
@ -686,12 +683,8 @@ NTSTATUS rpccli_netlogon_network_logon(
return status; return status;
} }
status = map_validation_to_info3(mem_ctx, *_validation_level = validation_level;
validation_level, validation, *_validation = validation;
info3);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
return NT_STATUS_OK; return NT_STATUS_OK;
} }

8
source3/rpc_client/cli_netlogon.h
View File

@ -71,9 +71,10 @@ NTSTATUS rpccli_netlogon_password_logon(
enum netr_LogonInfoClass logon_type, enum netr_LogonInfoClass logon_type,
uint8_t *authoritative, uint8_t *authoritative,
uint32_t *flags, uint32_t *flags,
struct netr_SamInfo3 **info3); uint16_t *_validation_level,
union netr_Validation **_validation);
NTSTATUS rpccli_netlogon_network_logon( NTSTATUS rpccli_netlogon_network_logon(
struct netlogon_creds_cli_context *creds, struct netlogon_creds_cli_context *creds_ctx,
struct dcerpc_binding_handle *binding_handle, struct dcerpc_binding_handle *binding_handle,
TALLOC_CTX *mem_ctx, TALLOC_CTX *mem_ctx,
uint32_t logon_parameters, uint32_t logon_parameters,
@ -85,6 +86,7 @@ NTSTATUS rpccli_netlogon_network_logon(
DATA_BLOB nt_response, DATA_BLOB nt_response,
uint8_t *authoritative, uint8_t *authoritative,
uint32_t *flags, uint32_t *flags,
struct netr_SamInfo3 **info3); uint16_t *_validation_level,
union netr_Validation **_validation);
#endif /* _RPC_CLIENT_CLI_NETLOGON_H_ */ #endif /* _RPC_CLIENT_CLI_NETLOGON_H_ */

14
source3/rpcclient/cmd_netlogon.c
View File

@ -27,6 +27,7 @@
#include "rpc_client/cli_netlogon.h" #include "rpc_client/cli_netlogon.h"
#include "secrets.h" #include "secrets.h"
#include "../libcli/auth/netlogon_creds_cli.h" #include "../libcli/auth/netlogon_creds_cli.h"
#include "rpc_client/util_netlogon.h"
static WERROR cmd_netlogon_logon_ctrl2(struct rpc_pipe_client *cli, static WERROR cmd_netlogon_logon_ctrl2(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, int argc, TALLOC_CTX *mem_ctx, int argc,
@ -497,6 +498,8 @@ static NTSTATUS cmd_netlogon_sam_logon(struct rpc_pipe_client *cli,
struct netr_SamInfo3 *info3 = NULL; struct netr_SamInfo3 *info3 = NULL;
uint8_t authoritative = 0; uint8_t authoritative = 0;
uint32_t flags = 0; uint32_t flags = 0;
uint16_t validation_level;
union netr_Validation *validation = NULL;
/* Check arguments */ /* Check arguments */
@ -536,10 +539,19 @@ static NTSTATUS cmd_netlogon_sam_logon(struct rpc_pipe_client *cli,
logon_type, logon_type,
&authoritative, &authoritative,
&flags, &flags,
&info3); &validation_level,
&validation);
if (!NT_STATUS_IS_OK(result)) if (!NT_STATUS_IS_OK(result))
goto done; goto done;
result = map_validation_to_info3(mem_ctx,
validation_level,
validation,
&info3);
if (!NT_STATUS_IS_OK(result)) {
return result;
}
done: done:
return result; return result;
} }

24
source3/winbindd/winbindd_pam.c
View File

@ -1379,6 +1379,8 @@ static NTSTATUS winbind_samlogon_retry_loop(struct winbindd_domain *domain,
int netr_attempts = 0; int netr_attempts = 0;
bool retry = false; bool retry = false;
NTSTATUS result; NTSTATUS result;
uint16_t validation_level;
union netr_Validation *validation = NULL;
do { do {
struct rpc_pipe_client *netlogon_pipe; struct rpc_pipe_client *netlogon_pipe;
@ -1456,7 +1458,8 @@ static NTSTATUS winbind_samlogon_retry_loop(struct winbindd_domain *domain,
NetlogonInteractiveInformation, NetlogonInteractiveInformation,
authoritative, authoritative,
flags, flags,
info3); &validation_level,
&validation);
} else { } else {
result = rpccli_netlogon_network_logon( result = rpccli_netlogon_network_logon(
domain->conn.netlogon_creds_ctx, domain->conn.netlogon_creds_ctx,
@ -1471,7 +1474,8 @@ static NTSTATUS winbind_samlogon_retry_loop(struct winbindd_domain *domain,
nt_response, nt_response,
authoritative, authoritative,
flags, flags,
info3); &validation_level,
&validation);
} }
/* /*
@ -1538,7 +1542,21 @@ static NTSTATUS winbind_samlogon_retry_loop(struct winbindd_domain *domain,
domainname)); domainname));
invalidate_cm_connection(domain); invalidate_cm_connection(domain);
} }
return result;
if (!NT_STATUS_IS_OK(result)) {
return result;
}
result = map_validation_to_info3(mem_ctx,
validation_level,
validation,
info3);
TALLOC_FREE(validation);
if (!NT_STATUS_IS_OK(result)) {
return result;
}
return NT_STATUS_OK;
} }
static NTSTATUS winbindd_dual_pam_auth_samlogon( static NTSTATUS winbindd_dual_pam_auth_samlogon(