1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

auth: Provide a way to specify the NTLMSSP server name to GENSEC

This avoids us needing to assume lp_netbios_name().lp_dnsdomain() if the caller
knows better.  This will allow preservation of current s3 behaviour.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
Andrew Bartlett 2012-01-31 16:17:04 +11:00 committed by Stefan Metzmacher
parent c616ab0965
commit 55c630404a
2 changed files with 41 additions and 18 deletions

View File

@ -83,6 +83,10 @@ struct gensec_settings {
* should be used, rather than those loaded by the plugin
* mechanism */
struct gensec_security_ops **backends;
/* To fill in our own name in the NTLMSSP server */
const char *server_dns_domain;
const char *server_dns_name;
};
struct gensec_security_ops {

View File

@ -266,6 +266,10 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security)
NTSTATUS nt_status;
struct ntlmssp_state *ntlmssp_state;
struct gensec_ntlmssp_context *gensec_ntlmssp;
const char *netbios_name;
const char *netbios_domain;
const char *dns_name;
const char *dns_domain;
nt_status = gensec_ntlmssp_start(gensec_security);
NT_STATUS_NOT_OK_RETURN(nt_status);
@ -339,33 +343,48 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security)
ntlmssp_state->server.is_standalone = false;
}
ntlmssp_state->server.netbios_name = lpcfg_netbios_name(gensec_security->settings->lp_ctx);
netbios_name = lpcfg_netbios_name(gensec_security->settings->lp_ctx);
netbios_domain = lpcfg_workgroup(gensec_security->settings->lp_ctx);
ntlmssp_state->server.netbios_domain = lpcfg_workgroup(gensec_security->settings->lp_ctx);
{
if (gensec_security->settings->server_dns_name) {
dns_name = gensec_security->settings->server_dns_name;
} else {
const char *dnsdomain = lpcfg_dnsdomain(gensec_security->settings->lp_ctx);
char *dnsname, *lower_netbiosname;
lower_netbiosname = strlower_talloc(ntlmssp_state, ntlmssp_state->server.netbios_name);
char *lower_netbiosname;
lower_netbiosname = strlower_talloc(ntlmssp_state, netbios_name);
NT_STATUS_HAVE_NO_MEMORY(lower_netbiosname);
/* Find out the DNS host name */
if (dnsdomain && dnsdomain[0] != '\0') {
dnsname = talloc_asprintf(ntlmssp_state, "%s.%s",
lower_netbiosname,
dnsdomain);
dns_name = talloc_asprintf(ntlmssp_state, "%s.%s",
lower_netbiosname,
dnsdomain);
talloc_free(lower_netbiosname);
ntlmssp_state->server.dns_name = dnsname;
NT_STATUS_HAVE_NO_MEMORY(dns_name);
} else {
ntlmssp_state->server.dns_name = lower_netbiosname;
dns_name = lower_netbiosname;
}
NT_STATUS_HAVE_NO_MEMORY(ntlmssp_state->server.dns_name);
ntlmssp_state->server.dns_domain
= talloc_strdup(ntlmssp_state,
lpcfg_dnsdomain(gensec_security->settings->lp_ctx));
NT_STATUS_HAVE_NO_MEMORY(ntlmssp_state->server.dns_domain);
}
if (gensec_security->settings->server_dns_domain) {
dns_domain = gensec_security->settings->server_dns_domain;
} else {
dns_domain = lpcfg_dnsdomain(gensec_security->settings->lp_ctx);
}
ntlmssp_state->server.netbios_name = talloc_strdup(ntlmssp_state, netbios_name);
NT_STATUS_HAVE_NO_MEMORY(ntlmssp_state->server.netbios_name);
ntlmssp_state->server.netbios_domain = talloc_strdup(ntlmssp_state, netbios_domain);
NT_STATUS_HAVE_NO_MEMORY(ntlmssp_state->server.netbios_domain);
ntlmssp_state->server.dns_name = talloc_strdup(ntlmssp_state, dns_name);
NT_STATUS_HAVE_NO_MEMORY(ntlmssp_state->server.dns_name);
ntlmssp_state->server.dns_domain = talloc_strdup(ntlmssp_state, dns_domain);
NT_STATUS_HAVE_NO_MEMORY(ntlmssp_state->server.dns_domain);
return NT_STATUS_OK;
}