Replace DOM_CHAL with "struct netr_Credential" where we can right now.

This allows to remove some more old netlogon client calls.

Guenther

source/include/ntdomain.h

@@ -135,9 +135,9 @@ struct handle_list {
 /* Domain controller authentication protocol info */
 struct dcinfo {
 	uint32 sequence; /* "timestamp" from client. */
-	DOM_CHAL seed_chal; 
-	DOM_CHAL clnt_chal; /* Client credential */
-	DOM_CHAL srv_chal;  /* Server credential */
+	struct netr_Credential seed_chal;
+	struct netr_Credential clnt_chal; /* Client credential */
+	struct netr_Credential srv_chal;  /* Server credential */
  
 	unsigned char  sess_key[16]; /* Session key - 8 bytes followed by 8 zero bytes */
 	unsigned char  mach_pw[16];   /* md4(machine password) */

source/libsmb/credentials.c

@@ -42,9 +42,9 @@ char *credstr(const unsigned char *cred)
 ****************************************************************************/
 
 static void creds_init_128(struct dcinfo *dc,
-				const DOM_CHAL *clnt_chal_in,
-				const DOM_CHAL *srv_chal_in,
-				const unsigned char mach_pw[16])
+			   const struct netr_Credential *clnt_chal_in,
+			   const struct netr_Credential *srv_chal_in,
+			   const unsigned char mach_pw[16])
 {
 	unsigned char zero[4], tmp[16];
 	HMACMD5Context ctx;
@@ -94,9 +94,9 @@ static void creds_init_128(struct dcinfo *dc,
 ****************************************************************************/
 
 static void creds_init_64(struct dcinfo *dc,
-			const DOM_CHAL *clnt_chal_in,
-			const DOM_CHAL *srv_chal_in,
-			const unsigned char mach_pw[16])
+			  const struct netr_Credential *clnt_chal_in,
+			  const struct netr_Credential *srv_chal_in,
+			  const unsigned char mach_pw[16])
 {
 	uint32 sum[2];
 	unsigned char sum2[8];
@@ -177,10 +177,10 @@ static void creds_step(struct dcinfo *dc)
 
 void creds_server_init(uint32 neg_flags,
 			struct dcinfo *dc,
-			DOM_CHAL *clnt_chal,
-			DOM_CHAL *srv_chal,
+			struct netr_Credential *clnt_chal,
+			struct netr_Credential *srv_chal,
 			const unsigned char mach_pw[16],
-			DOM_CHAL *init_chal_out)
+			struct netr_Credential *init_chal_out)
 {
 	DEBUG(10,("creds_server_init: neg_flags : %x\n", (unsigned int)neg_flags));
 	DEBUG(10,("creds_server_init: client chal : %s\n", credstr(clnt_chal->data) ));
@@ -246,7 +246,7 @@ bool netlogon_creds_server_check(const struct dcinfo *dc,
 
 static void creds_reseed(struct dcinfo *dc)
 {
-	DOM_CHAL time_chal;
+	struct netr_Credential time_chal;
 
 	SIVAL(time_chal.data, 0, IVAL(dc->seed_chal.data, 0) + dc->sequence + 1);
 	SIVAL(time_chal.data, 4, IVAL(dc->seed_chal.data, 4));
@@ -274,7 +274,8 @@ bool creds_server_step(struct dcinfo *dc, const DOM_CRED *received_cred, DOM_CRE
 
 	/* Create the outgoing credentials */
 	cred_out->timestamp.time = tmp_dc.sequence + 1;
-	cred_out->challenge = tmp_dc.srv_chal;
+	memcpy(&cred_out->challenge.data, tmp_dc.srv_chal.data,
+	       sizeof(cred_out->challenge.data));
 
 	creds_reseed(&tmp_dc);
 
@@ -324,10 +325,10 @@ bool netlogon_creds_server_step(struct dcinfo *dc,
 
 void creds_client_init(uint32 neg_flags,
 			struct dcinfo *dc,
-			DOM_CHAL *clnt_chal,
-			DOM_CHAL *srv_chal,
+			struct netr_Credential *clnt_chal,
+			struct netr_Credential *srv_chal,
 			const unsigned char mach_pw[16],
-			DOM_CHAL *init_chal_out)
+			struct netr_Credential *init_chal_out)
 {
 	dc->sequence = time(NULL);
 
@@ -406,7 +407,8 @@ void creds_client_step(struct dcinfo *dc, DOM_CRED *next_cred_out)
 	creds_step(dc);
 	creds_reseed(dc);
 
-	next_cred_out->challenge = dc->clnt_chal;
+	memcpy(&next_cred_out->challenge.data, dc->clnt_chal.data,
+	       sizeof(next_cred_out->challenge.data));
 	next_cred_out->timestamp.time = dc->sequence;
 }
 

source/rpc_client/cli_netlogon.c

@@ -251,17 +251,17 @@ static NTSTATUS rpccli_net_auth3(struct rpc_pipe_client *cli,
 ****************************************************************************/
 
 NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
-				const char *server_name,
-				const char *domain,
-				const char *clnt_name,
-				const char *machine_account,
-				const unsigned char machine_pwd[16],
-				uint32 sec_chan_type,
-				uint32 *neg_flags_inout)
+				     const char *server_name,
+				     const char *domain,
+				     const char *clnt_name,
+				     const char *machine_account,
+				     const unsigned char machine_pwd[16],
+				     enum netr_SchannelType sec_chan_type,
+				     uint32_t *neg_flags_inout)
 {
 	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-	DOM_CHAL clnt_chal_send;
-	DOM_CHAL srv_chal_recv;
+	struct netr_Credential clnt_chal_send;
+	struct netr_Credential srv_chal_recv;
 	struct dcinfo *dc;
 
 	SMB_ASSERT(cli->pipe_idx == PI_NETLOGON);
@@ -288,13 +288,11 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
 	generate_random_buffer(clnt_chal_send.data, 8);
 
 	/* Get the server challenge. */
-	result = rpccli_net_req_chal(cli,
-				cli->mem_ctx,
-				dc->remote_machine,
-				clnt_name,
-				&clnt_chal_send,
-				&srv_chal_recv);
-
+	result = rpccli_netr_ServerReqChallenge(cli, cli->mem_ctx,
+						dc->remote_machine,
+						clnt_name,
+						&clnt_chal_send,
+						&srv_chal_recv);
 	if (!NT_STATUS_IS_OK(result)) {
 		return result;
 	}
@@ -307,20 +305,18 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
 			machine_pwd,
 			&clnt_chal_send);
 
-        /*  
+        /*
          * Send client auth-2 challenge and receive server repy.
          */
 
-	result = rpccli_net_auth2(cli,
-			cli->mem_ctx,
-			dc->remote_machine,
-			dc->mach_acct,
-			sec_chan_type,
-			clnt_name,
-			neg_flags_inout,
-			&clnt_chal_send, /* input. */
-			&srv_chal_recv); /* output */
-
+	result = rpccli_netr_ServerAuthenticate2(cli, cli->mem_ctx,
+						 dc->remote_machine,
+						 dc->mach_acct,
+						 sec_chan_type,
+						 clnt_name,
+						 &clnt_chal_send, /* input. */
+						 &srv_chal_recv, /* output. */
+						 neg_flags_inout);
 	if (!NT_STATUS_IS_OK(result)) {
 		return result;
 	}
@@ -330,7 +326,7 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
 	 * server received challenge.
 	 */
 
-	if (!creds_client_check(dc, &srv_chal_recv)) {
+	if (!netlogon_creds_client_check(dc, &srv_chal_recv)) {
 		/*
 		 * Server replied with bad credential. Fail.
 		 */

source/rpc_server/srv_netlog_nt.c

@@ -35,7 +35,7 @@ extern userdom_struct current_user_info;
  *************************************************************************/
 
 static void init_net_r_req_chal(struct netr_Credential *r,
-				DOM_CHAL *srv_chal)
+				struct netr_Credential *srv_chal)
 {
 	DEBUG(6,("init_net_r_req_chal: %d\n", __LINE__));
 
@@ -406,7 +406,7 @@ NTSTATUS _netr_ServerAuthenticate(pipes_struct *p,
 				  struct netr_ServerAuthenticate *r)
 {
 	NTSTATUS status;
-	DOM_CHAL srv_chal_out;
+	struct netr_Credential srv_chal_out;
 
 	if (!p->dc || !p->dc->challenge_sent) {
 		return NT_STATUS_ACCESS_DENIED;
@@ -465,7 +465,7 @@ NTSTATUS _netr_ServerAuthenticate2(pipes_struct *p,
 {
 	NTSTATUS status;
 	uint32_t srv_flgs;
-	DOM_CHAL srv_chal_out;
+	struct netr_Credential srv_chal_out;
 
 	/* We use this as the key to store the creds: */
 	/* r->in.computer_name */