We need to authenticate against the RpcProxy.
In future we could have a way to specify alternative credentials
for the RpcProxy and HttpProxy.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Sep 23 01:34:05 CEST 2014 on sn-devel-104
#include "librpc/rpc/dcerpc_proto.h"
#include "librpc/gen_ndr/ndr_lsa_c.h"
#include "librpc/gen_ndr/ndr_samr.h"
-
+#include "auth/credentials/credentials.h"
struct rpc_connect_srv_state {
struct libnet_context *ctx;
{
struct rpc_connect_dci_state *s;
struct composite_context *epm_map_req;
+ struct cli_credentials *epm_creds = NULL;
+
s = talloc_get_type(c->private_data, struct rpc_connect_dci_state);
/* prepare to get endpoint mapping for the requested interface */
s->final_binding = dcerpc_binding_dup(s, s->lsa_pipe->binding);
if (composite_nomem(s->final_binding, c)) return;
-
+
+ epm_creds = cli_credentials_init_anon(s);
+ if (composite_nomem(epm_creds, c)) return;
+
epm_map_req = dcerpc_epm_map_binding_send(c, s->final_binding, s->r.in.dcerpc_iface,
+ epm_creds,
s->ctx->event_ctx, s->ctx->lp_ctx);
if (composite_nomem(epm_map_req, c)) return;
struct pipe_connect_state *s;
enum dcerpc_transport_t transport;
const char *endpoint = NULL;
+ struct cli_credentials *epm_creds = NULL;
/* composite context allocation and setup */
c = composite_create(parent_ctx, ev);
switch (transport) {
case NCACN_NP:
case NCACN_IP_TCP:
- case NCACN_HTTP:
case NCALRPC:
endpoint = dcerpc_binding_get_string_option(s->binding, "endpoint");
+
+ /* anonymous credentials for rpc connection used to get endpoint mapping */
+ epm_creds = cli_credentials_init_anon(s);
+ if (composite_nomem(epm_creds, c)) return c;
+
+ break;
+ case NCACN_HTTP:
+ endpoint = dcerpc_binding_get_string_option(s->binding, "endpoint");
+ epm_creds = credentials;
break;
default:
break;
struct composite_context *binding_req;
binding_req = dcerpc_epm_map_binding_send(c, s->binding, s->table,
+ epm_creds,
s->pipe->conn->event_ctx,
s->lp_ctx);
composite_continue(c, binding_req, continue_map_binding, c);
struct schannel_key_state *s;
struct composite_context *epm_map_req;
enum netr_SchannelType schannel_type = cli_credentials_get_secure_channel_type(credentials);
-
+ struct cli_credentials *epm_creds = NULL;
+
/* composite context allocation and setup */
c = composite_create(mem_ctx, p->conn->event_ctx);
if (c == NULL) return NULL;
s->local_negotiate_flags |= NETLOGON_NEG_RODC_PASSTHROUGH;
}
+ epm_creds = cli_credentials_init_anon(s);
+ if (composite_nomem(epm_creds, c)) return c;
+
/* allocate binding structure */
s->binding = dcerpc_binding_dup(s, s->pipe->binding);
if (composite_nomem(s->binding, c)) return c;
/* request the netlogon endpoint mapping */
epm_map_req = dcerpc_epm_map_binding_send(c, s->binding,
&ndr_table_netlogon,
+ epm_creds,
s->pipe->conn->event_ctx,
lp_ctx);
if (composite_nomem(epm_map_req, c)) return c;
struct composite_context *dcerpc_epm_map_binding_send(TALLOC_CTX *mem_ctx,
struct dcerpc_binding *binding,
const struct ndr_interface_table *table,
+ struct cli_credentials *creds,
struct tevent_context *ev,
struct loadparm_context *lp_ctx)
{
struct composite_context *c;
struct epm_map_binding_state *s;
struct composite_context *pipe_connect_req;
- struct cli_credentials *anon_creds;
NTSTATUS status;
struct dcerpc_binding *epmapper_binding;
int i;
return c;
}
- /* anonymous credentials for rpc connection used to get endpoint mapping */
- anon_creds = cli_credentials_init_anon(s);
- if (composite_nomem(anon_creds, c)) return c;
-
epmapper_binding = dcerpc_binding_dup(s, binding);
if (composite_nomem(epmapper_binding, c)) return c;
/* initiate rpc pipe connection */
pipe_connect_req = dcerpc_pipe_connect_b_send(s, epmapper_binding,
&ndr_table_epmapper,
- anon_creds, c->event_ctx,
+ creds, c->event_ctx,
lp_ctx);
if (composite_nomem(pipe_connect_req, c)) return c;
struct loadparm_context *lp_ctx)
{
struct composite_context *c;
+ struct cli_credentials *epm_creds;
- c = dcerpc_epm_map_binding_send(mem_ctx, binding, table, ev, lp_ctx);
+ epm_creds = cli_credentials_init_anon(mem_ctx);
+ if (epm_creds == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ c = dcerpc_epm_map_binding_send(mem_ctx, binding, table, epm_creds, ev, lp_ctx);
+ if (c == NULL) {
+ talloc_free(epm_creds);
+ return NT_STATUS_NO_MEMORY;
+ }
+ talloc_steal(c, epm_creds);
return dcerpc_epm_map_binding_recv(c);
}