s3:rpc_client: Use gensec for NCALRPC_AS_SYSTEM.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/source3/librpc/rpc/dcerpc_helpers.c b/source3/librpc/rpc/dcerpc_helpers.c
index f95f46670eee0ac1e768eec1d61ba4c854ab7bbf..62358d5ec5c66de259fb39b4cbb1887d13756cb9 100644 (file)
--- a/source3/librpc/rpc/dcerpc_helpers.c
+++ b/source3/librpc/rpc/dcerpc_helpers.c
@@ -428,8 +428,7 @@ NTSTATUS dcerpc_add_auth_footer(struct pipe_auth_data *auth,
        DATA_BLOB auth_blob;
        NTSTATUS status;
 
-       if (auth->auth_type == DCERPC_AUTH_TYPE_NONE ||
-           auth->auth_type == DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM) {
+       if (auth->auth_type == DCERPC_AUTH_TYPE_NONE) {
                return NT_STATUS_OK;
        }
 
@@ -467,7 +466,6 @@ NTSTATUS dcerpc_add_auth_footer(struct pipe_auth_data *auth,
        /* Generate any auth sign/seal and add the auth footer. */
        switch (auth->auth_type) {
        case DCERPC_AUTH_TYPE_NONE:
-       case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
                status = NT_STATUS_OK;
                break;
        default:
@@ -564,7 +562,6 @@ NTSTATUS dcerpc_check_auth(struct pipe_auth_data *auth,
 
        switch (auth->auth_type) {
        case DCERPC_AUTH_TYPE_NONE:
-       case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
                return NT_STATUS_OK;
 
        default:

diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index 245f3fbeae37d63568c8edd588a01bd05e26ebe3..07fa5598d1997d9be4fa8afc62c446f9211b093d 100644 (file)
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -1107,12 +1107,6 @@ static NTSTATUS create_rpc_bind_req(TALLOC_CTX *mem_ctx,
        case DCERPC_AUTH_TYPE_NONE:
                break;
 
-       case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
-               auth_token = data_blob_talloc(mem_ctx,
-                                             "NCALRPC_AUTH_TOKEN",
-                                             18);
-               break;
-
        default:
                ret = create_generic_auth_rpc_bind_req(cli, mem_ctx,
                                                       &auth_token,
@@ -1829,7 +1823,6 @@ static void rpc_pipe_bind_step_one_done(struct tevent_req *subreq)
        switch(pauth->auth_type) {
 
        case DCERPC_AUTH_TYPE_NONE:
-       case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
                /* Bind complete. */
                tevent_req_done(req);
                return;
@@ -1862,7 +1855,6 @@ static void rpc_pipe_bind_step_one_done(struct tevent_req *subreq)
        switch(pauth->auth_type) {
 
        case DCERPC_AUTH_TYPE_NONE:
-       case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
                /* Bind complete. */
                tevent_req_done(req);
                return;
@@ -2293,30 +2285,6 @@ struct dcerpc_binding_handle *rpccli_bh_create(struct rpc_pipe_client *c,
        return h;
 }
 
-NTSTATUS rpccli_ncalrpc_bind_data(TALLOC_CTX *mem_ctx,
-                                 struct pipe_auth_data **presult)
-{
-       struct pipe_auth_data *result;
-
-       result = talloc_zero(mem_ctx, struct pipe_auth_data);
-       if (result == NULL) {
-               return NT_STATUS_NO_MEMORY;
-       }
-
-       result->auth_type = DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM;
-       result->auth_level = DCERPC_AUTH_LEVEL_CONNECT;
-
-       result->user_name = talloc_strdup(result, "");
-       result->domain = talloc_strdup(result, "");
-       if ((result->user_name == NULL) || (result->domain == NULL)) {
-               TALLOC_FREE(result);
-               return NT_STATUS_NO_MEMORY;
-       }
-
-       *presult = result;
-       return NT_STATUS_OK;
-}
-
 NTSTATUS rpccli_anon_bind_data(TALLOC_CTX *mem_ctx,
                               struct pipe_auth_data **presult)
 {
@@ -2421,6 +2389,22 @@ static NTSTATUS rpccli_generic_bind_data(TALLOC_CTX *mem_ctx,
        return status;
 }
 
+NTSTATUS rpccli_ncalrpc_bind_data(TALLOC_CTX *mem_ctx,
+                                 struct pipe_auth_data **presult)
+{
+       return rpccli_generic_bind_data(mem_ctx,
+                                       DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM,
+                                       DCERPC_AUTH_LEVEL_CONNECT,
+                                       NULL, /* server */
+                                       "host", /* target_service */
+                                       NAME_NT_AUTHORITY, /* domain */
+                                       "SYSTEM",
+                                       "", /* password */
+                                       CRED_DONT_USE_KERBEROS,
+                                       NULL, /* netlogon_creds_CredentialState */
+                                       presult);
+}
+
 /**
  * Create an rpc pipe client struct, connecting to a tcp port.
  */
@@ -3186,7 +3170,6 @@ NTSTATUS cli_get_session_key(TALLOC_CTX *mem_ctx,
        }
 
        switch (cli->auth->auth_type) {
-       case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
        case DCERPC_AUTH_TYPE_NONE:
                sk = data_blob_const(a->transport_session_key.data,
                                     a->transport_session_key.length);