struct netlogon_creds_CredentialState **pdc,
struct rpc_pipe_client **presult);
-NTSTATUS cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli,
- const struct ndr_interface_table *table,
- enum dcerpc_transport_t transport,
- enum dcerpc_AuthLevel auth_level,
- const char *domain,
- const char *username,
- const char *password,
- struct rpc_pipe_client **presult);
-
NTSTATUS cli_rpc_pipe_open_schannel(struct cli_state *cli,
const struct ndr_interface_table *table,
enum dcerpc_transport_t transport,
return NT_STATUS_OK;
}
-/****************************************************************************
- Open a named pipe to an SMB server and bind using schannel (bind type 68).
- Fetch the session key ourselves using a temporary netlogon pipe. This
- version uses an ntlmssp auth bound netlogon pipe to get the key.
- ****************************************************************************/
-
-static NTSTATUS get_schannel_session_key_auth_ntlmssp(struct cli_state *cli,
- const char *domain,
- const char *username,
- const char *password,
- uint32 *pneg_flags,
- struct rpc_pipe_client **presult)
-{
- struct rpc_pipe_client *netlogon_pipe = NULL;
- NTSTATUS status;
-
- status = cli_rpc_pipe_open_spnego(
- cli, &ndr_table_netlogon, NCACN_NP,
- GENSEC_OID_NTLMSSP,
- DCERPC_AUTH_LEVEL_PRIVACY,
- smbXcli_conn_remote_name(cli->conn),
- domain, username, password, &netlogon_pipe);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- status = get_schannel_session_key_common(netlogon_pipe, cli, domain,
- pneg_flags);
- if (!NT_STATUS_IS_OK(status)) {
- TALLOC_FREE(netlogon_pipe);
- return status;
- }
-
- *presult = netlogon_pipe;
- return NT_STATUS_OK;
-}
-
-/****************************************************************************
- Open a named pipe to an SMB server and bind using schannel (bind type 68).
- Fetch the session key ourselves using a temporary netlogon pipe. This version
- uses an ntlmssp bind to get the session key.
- ****************************************************************************/
-
-NTSTATUS cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli,
- const struct ndr_interface_table *table,
- enum dcerpc_transport_t transport,
- enum dcerpc_AuthLevel auth_level,
- const char *domain,
- const char *username,
- const char *password,
- struct rpc_pipe_client **presult)
-{
- uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS |
- NETLOGON_NEG_SUPPORTS_AES;
- struct rpc_pipe_client *netlogon_pipe = NULL;
- struct rpc_pipe_client *result = NULL;
- NTSTATUS status;
-
- status = get_schannel_session_key_auth_ntlmssp(
- cli, domain, username, password, &neg_flags, &netlogon_pipe);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0,("cli_rpc_pipe_open_ntlmssp_auth_schannel: failed to get schannel session "
- "key from server %s for domain %s.\n",
- smbXcli_conn_remote_name(cli->conn), domain ));
- return status;
- }
-
- status = cli_rpc_pipe_open_schannel_with_key(
- cli, table, transport, auth_level, domain, &netlogon_pipe->dc,
- &result);
-
- /* Now we've bound using the session key we can close the netlog pipe. */
- TALLOC_FREE(netlogon_pipe);
-
- if (NT_STATUS_IS_OK(status)) {
- *presult = result;
- }
- return status;
-}
-
/****************************************************************************
Open a named pipe to an SMB server and bind using schannel (bind type 68).
Fetch the session key ourselves using a temporary netlogon pipe.