LCOV - code coverage report
Current view: top level - source3/rpc_client - cli_pipe_schannel.c (source / functions) Hit Total Coverage
Test: coverage report for master 2f515e9b Lines: 24 40 60.0 %
Date: 2024-04-21 15:09:00 Functions: 1 1 100.0 % 

          Line data    Source code
       1             : /*
       2             :  *  Unix SMB/CIFS implementation.
       3             :  *  RPC Pipe client / server routines
       4             :  *  Largely rewritten by Jeremy Allison             2005.
       5             :  *
       6             :  *  This program is free software; you can redistribute it and/or modify
       7             :  *  it under the terms of the GNU General Public License as published by
       8             :  *  the Free Software Foundation; either version 3 of the License, or
       9             :  *  (at your option) any later version.
      10             :  *
      11             :  *  This program is distributed in the hope that it will be useful,
      12             :  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
      13             :  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      14             :  *  GNU General Public License for more details.
      15             :  *
      16             :  *  You should have received a copy of the GNU General Public License
      17             :  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
      18             :  */
      19             : 
      20             : #include "includes.h"
      21             : #include "../librpc/gen_ndr/ndr_schannel.h"
      22             : #include "../librpc/gen_ndr/ndr_netlogon.h"
      23             : #include "../libcli/auth/schannel.h"
      24             : #include "rpc_client/cli_netlogon.h"
      25             : #include "rpc_client/cli_pipe.h"
      26             : #include "librpc/rpc/dcerpc.h"
      27             : #include "passdb.h"
      28             : #include "libsmb/libsmb.h"
      29             : #include "../libcli/smb/smbXcli_base.h"
      30             : #include "libcli/auth/netlogon_creds_cli.h"
      31             : 
      32             : #undef DBGC_CLASS
      33             : #define DBGC_CLASS DBGC_RPC_CLI
      34             : 
      35             : /****************************************************************************
      36             :  Open a named pipe to an SMB server and bind using schannel (bind type 68).
      37             :  Fetch the session key ourselves using a temporary netlogon pipe.
      38             :  ****************************************************************************/
      39             : 
      40          24 : NTSTATUS cli_rpc_pipe_open_schannel(struct cli_state *cli,
      41             :                                     struct messaging_context *msg_ctx,
      42             :                                     const struct ndr_interface_table *table,
      43             :                                     enum dcerpc_transport_t transport,
      44             :                                     const char *domain,
      45             :                                     const char *remote_name,
      46             :                                     const struct sockaddr_storage *remote_sockaddr,
      47             :                                     struct rpc_pipe_client **presult,
      48             :                                     TALLOC_CTX *mem_ctx,
      49             :                                     struct netlogon_creds_cli_context **pcreds)
      50             : {
      51          24 :         TALLOC_CTX *frame = talloc_stackframe();
      52          24 :         struct rpc_pipe_client *result = NULL;
      53           0 :         NTSTATUS status;
      54          24 :         struct cli_credentials *cli_creds = NULL;
      55          24 :         struct netlogon_creds_cli_context *netlogon_creds = NULL;
      56          24 :         struct netlogon_creds_CredentialState *creds = NULL;
      57           0 :         uint32_t netlogon_flags;
      58             : 
      59          24 :         status = pdb_get_trust_credentials(domain, NULL,
      60             :                                            frame, &cli_creds);
      61          24 :         if (!NT_STATUS_IS_OK(status)) {
      62           0 :                 TALLOC_FREE(frame);
      63           0 :                 return status;
      64             :         }
      65             : 
      66          24 :         status = rpccli_create_netlogon_creds_ctx(cli_creds,
      67             :                                                   remote_name,
      68             :                                                   msg_ctx,
      69             :                                                   frame,
      70             :                                                   &netlogon_creds);
      71          24 :         if (!NT_STATUS_IS_OK(status)) {
      72           0 :                 TALLOC_FREE(frame);
      73           0 :                 return status;
      74             :         }
      75             : 
      76          24 :         status = rpccli_setup_netlogon_creds(cli, transport,
      77             :                                              netlogon_creds,
      78             :                                              false, /* force_reauth */
      79             :                                              cli_creds);
      80          24 :         if (!NT_STATUS_IS_OK(status)) {
      81           0 :                 TALLOC_FREE(frame);
      82           0 :                 return status;
      83             :         }
      84             : 
      85          24 :         status = netlogon_creds_cli_get(netlogon_creds, frame, &creds);
      86          24 :         if (!NT_STATUS_IS_OK(status)) {
      87           0 :                 TALLOC_FREE(frame);
      88           0 :                 return status;
      89             :         }
      90             : 
      91          24 :         netlogon_flags = creds->negotiate_flags;
      92          24 :         TALLOC_FREE(creds);
      93             : 
      94          24 :         if (netlogon_flags & NETLOGON_NEG_AUTHENTICATED_RPC) {
      95          24 :                 status = cli_rpc_pipe_open_schannel_with_creds(cli, table,
      96             :                                                                transport,
      97             :                                                                netlogon_creds,
      98             :                                                                remote_name,
      99             :                                                                remote_sockaddr,
     100             :                                                                &result);
     101          24 :                 if (!NT_STATUS_IS_OK(status)) {
     102           0 :                         TALLOC_FREE(frame);
     103           0 :                         return status;
     104             :                 }
     105             :         } else {
     106           0 :                 status = cli_rpc_pipe_open_noauth(cli, table, &result);
     107           0 :                 if (!NT_STATUS_IS_OK(status)) {
     108           0 :                         TALLOC_FREE(frame);
     109           0 :                         return status;
     110             :                 }
     111             :         }
     112             : 
     113          24 :         *presult = result;
     114          24 :         if (pcreds != NULL) {
     115          24 :                 *pcreds = talloc_move(mem_ctx, &netlogon_creds);
     116             :         }
     117             : 
     118          24 :         TALLOC_FREE(frame);
     119          24 :         return NT_STATUS_OK;
     120             : }

Generated by: LCOV version 1.14