sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-09-20 17:44:21 +03:00
Code Activity

s3:rpc_client: pass remote_{name,sockaddr} to rpccli_connect_netlogon()

Browse Source 
Otherwise this can only work with NCACN_NP...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This commit is contained in:
Stefan Metzmacher
2024-09-20 10:03:11 +02:00
committed by Ralph Boehme
parent 10d34de8d3
commit d1a3c74eb9
4 changed files with 26 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
source3/libnet/libnet_join.c
View File

@@ -1184,6 +1184,7 @@ static NTSTATUS libnet_join_joindomain_rpc_unsecure(TALLOC_CTX *mem_ctx,
struct rpc_pipe_client *passwordset_pipe = NULL; struct rpc_pipe_client *passwordset_pipe = NULL;
struct cli_credentials *cli_creds; struct cli_credentials *cli_creds;
struct netlogon_creds_cli_context *netlogon_creds = NULL; struct netlogon_creds_cli_context *netlogon_creds = NULL;
const struct sockaddr_storage *remote_sockaddr = NULL;
size_t len = 0; size_t len = 0;
bool ok; bool ok;
DATA_BLOB new_trust_blob = data_blob_null; DATA_BLOB new_trust_blob = data_blob_null;
@@ -1220,6 +1221,8 @@ static NTSTATUS libnet_join_joindomain_rpc_unsecure(TALLOC_CTX *mem_ctx,
r->in.passed_machine_password, r->in.passed_machine_password,
CRED_SPECIFIED); CRED_SPECIFIED);
remote_sockaddr = smbXcli_conn_remote_sockaddr(cli->conn);
status = rpccli_create_netlogon_creds_ctx(cli_creds, status = rpccli_create_netlogon_creds_ctx(cli_creds,
r->in.dc_name, r->in.dc_name,
r->in.msg_ctx, r->in.msg_ctx,
@@ -1232,6 +1235,8 @@ static NTSTATUS libnet_join_joindomain_rpc_unsecure(TALLOC_CTX *mem_ctx,
status = rpccli_connect_netlogon(cli, status = rpccli_connect_netlogon(cli,
NCACN_NP, NCACN_NP,
r->in.dc_name,
remote_sockaddr,
netlogon_creds, netlogon_creds,
true, /* force_reauth */ true, /* force_reauth */
cli_creds, cli_creds,
@@ -1630,6 +1635,7 @@ NTSTATUS libnet_join_ok(struct messaging_context *msg_ctx,
struct netlogon_creds_cli_context *netlogon_creds = NULL; struct netlogon_creds_cli_context *netlogon_creds = NULL;
NTSTATUS status; NTSTATUS status;
int flags = CLI_FULL_CONNECTION_IPC; int flags = CLI_FULL_CONNECTION_IPC;
const struct sockaddr_storage *remote_sockaddr = NULL;
if (!dc_name) { if (!dc_name) {
TALLOC_FREE(frame); TALLOC_FREE(frame);
@@ -1688,6 +1694,8 @@ NTSTATUS libnet_join_ok(struct messaging_context *msg_ctx,
return status; return status;
} }
remote_sockaddr = smbXcli_conn_remote_sockaddr(cli->conn);
status = rpccli_create_netlogon_creds_ctx(cli_creds, status = rpccli_create_netlogon_creds_ctx(cli_creds,
dc_name, dc_name,
msg_ctx, msg_ctx,
@@ -1701,6 +1709,8 @@ NTSTATUS libnet_join_ok(struct messaging_context *msg_ctx,
status = rpccli_connect_netlogon(cli, status = rpccli_connect_netlogon(cli,
NCACN_NP, NCACN_NP,
dc_name,
remote_sockaddr,
netlogon_creds, netlogon_creds,
true, /* force_reauth */ true, /* force_reauth */
cli_creds, cli_creds,

7
source3/rpc_client/cli_netlogon.c
View File

@@ -301,6 +301,8 @@ NTSTATUS rpccli_setup_netlogon_creds(
NTSTATUS rpccli_connect_netlogon( NTSTATUS rpccli_connect_netlogon(
struct cli_state *cli, struct cli_state *cli,
enum dcerpc_transport_t transport, enum dcerpc_transport_t transport,
const char *remote_name,
const struct sockaddr_storage *remote_sockaddr,
struct netlogon_creds_cli_context *creds_ctx, struct netlogon_creds_cli_context *creds_ctx,
bool force_reauth, bool force_reauth,
struct cli_credentials *trust_creds, struct cli_credentials *trust_creds,
@@ -318,8 +320,6 @@ NTSTATUS rpccli_connect_netlogon(
struct rpc_pipe_client *rpccli; struct rpc_pipe_client *rpccli;
NTSTATUS status; NTSTATUS status;
bool retry = false; bool retry = false;
const char *remote_name = NULL;
const struct sockaddr_storage *remote_sockaddr = NULL;
sec_chan_type = cli_credentials_get_secure_channel_type(trust_creds); sec_chan_type = cli_credentials_get_secure_channel_type(trust_creds);
if (sec_chan_type == SEC_CHAN_NULL) { if (sec_chan_type == SEC_CHAN_NULL) {
@@ -380,9 +380,6 @@ again:
} }
} }
remote_name = smbXcli_conn_remote_name(cli->conn);
remote_sockaddr = smbXcli_conn_remote_sockaddr(cli->conn);
do_serverauth = force_reauth || !found_existing_creds; do_serverauth = force_reauth || !found_existing_creds;
if (!do_serverauth) { if (!do_serverauth) {

2
source3/rpc_client/cli_netlogon.h
View File

@@ -48,6 +48,8 @@ NTSTATUS rpccli_setup_netlogon_creds(
NTSTATUS rpccli_connect_netlogon( NTSTATUS rpccli_connect_netlogon(
struct cli_state *cli, struct cli_state *cli,
enum dcerpc_transport_t transport, enum dcerpc_transport_t transport,
const char *remote_name,
const struct sockaddr_storage *remote_sockaddr,
struct netlogon_creds_cli_context *creds_ctx, struct netlogon_creds_cli_context *creds_ctx,
bool force_reauth, bool force_reauth,
struct cli_credentials *trust_creds, struct cli_credentials *trust_creds,

19
source3/winbindd/winbindd_cm.c
View File

@@ -3201,6 +3201,8 @@ static NTSTATUS cm_connect_netlogon_transport(struct winbindd_domain *domain,
NTSTATUS result; NTSTATUS result;
enum netr_SchannelType sec_chan_type; enum netr_SchannelType sec_chan_type;
struct cli_credentials *creds = NULL; struct cli_credentials *creds = NULL;
const char *remote_name = NULL;
const struct sockaddr_storage *remote_sockaddr = NULL;
*cli = NULL; *cli = NULL;
@@ -3230,6 +3232,9 @@ static NTSTATUS cm_connect_netlogon_transport(struct winbindd_domain *domain,
TALLOC_FREE(conn->netlogon_pipe); TALLOC_FREE(conn->netlogon_pipe);
TALLOC_FREE(conn->netlogon_creds_ctx); TALLOC_FREE(conn->netlogon_creds_ctx);
remote_name = smbXcli_conn_remote_name(conn->cli->conn);
remote_sockaddr = smbXcli_conn_remote_sockaddr(conn->cli->conn);
result = winbindd_get_trust_credentials(domain, result = winbindd_get_trust_credentials(domain,
talloc_tos(), talloc_tos(),
true, /* netlogon */ true, /* netlogon */
@@ -3250,11 +3255,6 @@ static NTSTATUS cm_connect_netlogon_transport(struct winbindd_domain *domain,
sec_chan_type = cli_credentials_get_secure_channel_type(creds); sec_chan_type = cli_credentials_get_secure_channel_type(creds);
if (sec_chan_type == SEC_CHAN_NULL) { if (sec_chan_type == SEC_CHAN_NULL) {
const char *remote_name =
smbXcli_conn_remote_name(conn->cli->conn);
const struct sockaddr_storage *remote_sockaddr =
smbXcli_conn_remote_sockaddr(conn->cli->conn);
if (transport == NCACN_IP_TCP) { if (transport == NCACN_IP_TCP) {
DBG_NOTICE("get_secure_channel_type gave SEC_CHAN_NULL " DBG_NOTICE("get_secure_channel_type gave SEC_CHAN_NULL "
"for %s, deny NCACN_IP_TCP and let the " "for %s, deny NCACN_IP_TCP and let the "
@@ -3295,9 +3295,12 @@ static NTSTATUS cm_connect_netlogon_transport(struct winbindd_domain *domain,
return result; return result;
} }
result = rpccli_connect_netlogon( result = rpccli_connect_netlogon(conn->cli,
conn->cli, transport, transport,
conn->netlogon_creds_ctx, conn->netlogon_force_reauth, creds, remote_name,
remote_sockaddr,
conn->netlogon_creds_ctx,
conn->netlogon_force_reauth, creds,
&conn->netlogon_pipe); &conn->netlogon_pipe);
conn->netlogon_force_reauth = false; conn->netlogon_force_reauth = false;
if (!NT_STATUS_IS_OK(result)) { if (!NT_STATUS_IS_OK(result)) {