s3:rpc_client: Pass remote name and socket to cli_rpc_pipe_open_with_creds()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14767

Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

diff --git a/source3/libsmb/passchange.c b/source3/libsmb/passchange.c
index e62d49d085c3478de5627737dbca494740c760a0..2137c183f0e051e5a974dc55616d662552787fb9 100644 (file)
--- a/source3/libsmb/passchange.c
+++ b/source3/libsmb/passchange.c
@@ -143,12 +143,16 @@ NTSTATUS remote_password_change(const char *remote_machine,
        /* Try not to give the password away too easily */
 
        if (!pass_must_change) {
+               const struct sockaddr_storage *remote_sockaddr =
+                       smbXcli_conn_remote_sockaddr(cli->conn);
+
                result = cli_rpc_pipe_open_with_creds(cli,
                                                      &ndr_table_samr,
                                                      NCACN_NP,
                                                      DCERPC_AUTH_TYPE_NTLMSSP,
                                                      DCERPC_AUTH_LEVEL_PRIVACY,
                                                      remote_machine,
+                                                     remote_sockaddr,
                                                      creds,
                                                      &pipe_hnd);
        } else {

diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index 3ed0a47ab01eb449b86c1f1e316cde1a4b6a5c48..ddb1a73a3f66107f481cd8a183599f2f8a60b21c 100644 (file)
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -3264,6 +3264,7 @@ NTSTATUS cli_rpc_pipe_open_with_creds(struct cli_state *cli,
                                      enum dcerpc_AuthType auth_type,
                                      enum dcerpc_AuthLevel auth_level,
                                      const char *server,
+                                     const struct sockaddr_storage *remote_sockaddr,
                                      struct cli_credentials *creds,
                                      struct rpc_pipe_client **presult)
 {
@@ -3271,8 +3272,6 @@ NTSTATUS cli_rpc_pipe_open_with_creds(struct cli_state *cli,
        struct pipe_auth_data *auth = NULL;
        const char *target_service = table->authservices->names[0];
        NTSTATUS status;
-       const struct sockaddr_storage *remote_sockaddr =
-               smbXcli_conn_remote_sockaddr(cli->conn);
 
        status = cli_rpc_pipe_open(cli,
                                   transport,

diff --git a/source3/rpc_client/cli_pipe.h b/source3/rpc_client/cli_pipe.h
index 151d8a8777cfcad810e48ed0b7395d86cc586fb9..f9392515e69e08e803543e14d095f83944858540 100644 (file)
--- a/source3/rpc_client/cli_pipe.h
+++ b/source3/rpc_client/cli_pipe.h
@@ -80,6 +80,7 @@ NTSTATUS cli_rpc_pipe_open_with_creds(struct cli_state *cli,
                                      enum dcerpc_AuthType auth_type,
                                      enum dcerpc_AuthLevel auth_level,
                                      const char *server,
+                                     const struct sockaddr_storage *remote_sockaddr,
                                      struct cli_credentials *creds,
                                      struct rpc_pipe_client **presult);
 

diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index 7acede8518558531834b83a63b71eae281504668..a85f037728539a468492d8bb1923d8c7010efa32 100644 (file)
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -958,7 +958,8 @@ static NTSTATUS do_cmd(struct cli_state *cli,
                                        transport,
                                        auth_type,
                                        auth_level,
-                                       smbXcli_conn_remote_name(cli->conn),
+                                       remote_name,
+                                       remote_sockaddr,
                                        creds,
                                        &cmd_entry->rpc_pipe);
                                break;

diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index ca91e1696c359166f6fbbf46426f08ae84c5fe23..b871dc3b1f59f0f5fe39debb9149f8f49a2c69e8 100644 (file)
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -208,6 +208,7 @@ int run_rpc_command(struct net_context *c,
                                        DCERPC_AUTH_TYPE_NTLMSSP,
                                        DCERPC_AUTH_LEVEL_PRIVACY,
                                        smbXcli_conn_remote_name(cli->conn),
+                                       smbXcli_conn_remote_sockaddr(cli->conn),
                                        c->creds, &pipe_hnd);
                        } else {
                                nt_status = cli_rpc_pipe_open_noauth(

diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index f529f455cc65e9b75222b70861c57dfc2b8c1306..ee8ae45951ee342fa9ef071c9ed497c5c452afab 100644 (file)
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -2445,6 +2445,8 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
        struct netlogon_creds_cli_context *p_creds;
        struct cli_credentials *creds = NULL;
        bool retry = false; /* allow one retry attempt for expired session */
+       const char *remote_name = NULL;
+       const struct sockaddr_storage *remote_sockaddr = NULL;
 
        if (sid_check_is_our_sam(&domain->sid)) {
                if (domain->rodc == false || need_rw_dc == false) {
@@ -2498,6 +2500,9 @@ retry:
                goto anonymous;
        }
 
+       remote_name = smbXcli_conn_remote_name(conn->cli->conn);
+       remote_sockaddr = smbXcli_conn_remote_sockaddr(conn->cli->conn);
+
        /*
         * We have an authenticated connection. Use a SPNEGO
         * authenticated SAMR pipe with sign & seal.
@@ -2507,7 +2512,8 @@ retry:
                                              NCACN_NP,
                                              DCERPC_AUTH_TYPE_SPNEGO,
                                              conn->auth_level,
-                                             smbXcli_conn_remote_name(conn->cli->conn),
+                                             remote_name,
+                                             remote_sockaddr,
                                              creds,
                                              &conn->samr_pipe);
 
@@ -2772,6 +2778,8 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
        struct netlogon_creds_cli_context *p_creds;
        struct cli_credentials *creds = NULL;
        bool retry = false; /* allow one retry attempt for expired session */
+       const char *remote_name = NULL;
+       const struct sockaddr_storage *remote_sockaddr = NULL;
 
 retry:
        result = init_dc_connection_rpc(domain, false);
@@ -2804,6 +2812,9 @@ retry:
                goto anonymous;
        }
 
+       remote_name = smbXcli_conn_remote_name(conn->cli->conn);
+       remote_sockaddr = smbXcli_conn_remote_sockaddr(conn->cli->conn);
+
        /*
         * We have an authenticated connection. Use a SPNEGO
         * authenticated LSA pipe with sign & seal.
@@ -2812,7 +2823,8 @@ retry:
                (conn->cli, &ndr_table_lsarpc, NCACN_NP,
                 DCERPC_AUTH_TYPE_SPNEGO,
                 conn->auth_level,
-                smbXcli_conn_remote_name(conn->cli->conn),
+                remote_name,
+                remote_sockaddr,
                 creds,
                 &conn->lsa_pipe);