diff options
| author | Andrew Tridgell <tridge@samba.org> | 2010-10-01 19:05:30 -0700 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 2010-10-01 22:31:57 -0700 |
| commit | 9bae4cd3d967f43c32796d03b1c2ee8ae5119e00 (patch) | |
| tree | 71684b7e66a1d8436a603cbb9933ec33d010bfd8 | |
| parent | ee15dc96926f505ba7f01ccfcfc2959b507f2b96 (diff) | |
| download | samba-9bae4cd3d967f43c32796d03b1c2ee8ae5119e00.tar.gz samba-9bae4cd3d967f43c32796d03b1c2ee8ae5119e00.tar.bz2 samba-9bae4cd3d967f43c32796d03b1c2ee8ae5119e00.zip | |
s4-rpc: added target_principal binding handle option
this allows you to specify a target SPN for a connection
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
| -rw-r--r-- | librpc/rpc/binding.c | 4 | ||||
| -rw-r--r-- | source4/libnet/libnet_join.c | 2 | ||||
| -rw-r--r-- | source4/libnet/libnet_rpc.c | 2 | ||||
| -rw-r--r-- | source4/librpc/rpc/dcerpc.c | 2 | ||||
| -rw-r--r-- | source4/librpc/rpc/dcerpc.h | 1 | ||||
| -rw-r--r-- | source4/librpc/rpc/dcerpc_auth.c | 11 | ||||
| -rw-r--r-- | source4/librpc/rpc/dcerpc_schannel.c | 2 |
7 files changed, 18 insertions, 6 deletions
diff --git a/librpc/rpc/binding.c b/librpc/rpc/binding.c index 42059c0586..1b716d0153 100644 --- a/librpc/rpc/binding.c +++ b/librpc/rpc/binding.c @@ -247,7 +247,7 @@ _PUBLIC_ NTSTATUS dcerpc_parse_binding(TALLOC_CTX *mem_ctx, const char *s, struc char *p; int i, j, comma_count; - b = talloc(mem_ctx, struct dcerpc_binding); + b = talloc_zero(mem_ctx, struct dcerpc_binding); if (!b) { return NT_STATUS_NO_MEMORY; } @@ -651,7 +651,7 @@ _PUBLIC_ NTSTATUS dcerpc_binding_from_tower(TALLOC_CTX *mem_ctx, NTSTATUS status; struct dcerpc_binding *binding; - binding = talloc(mem_ctx, struct dcerpc_binding); + binding = talloc_zero(mem_ctx, struct dcerpc_binding); NT_STATUS_HAVE_NO_MEMORY(binding); ZERO_STRUCT(binding->object); diff --git a/source4/libnet/libnet_join.c b/source4/libnet/libnet_join.c index 7992670eec..da2110842b 100644 --- a/source4/libnet/libnet_join.c +++ b/source4/libnet/libnet_join.c @@ -96,7 +96,7 @@ static NTSTATUS libnet_JoinADSDomain(struct libnet_context *ctx, struct libnet_J return NT_STATUS_NO_MEMORY; } - drsuapi_binding = talloc(tmp_ctx, struct dcerpc_binding); + drsuapi_binding = talloc_zero(tmp_ctx, struct dcerpc_binding); if (!drsuapi_binding) { r->out.error_string = NULL; talloc_free(tmp_ctx); diff --git a/source4/libnet/libnet_rpc.c b/source4/libnet/libnet_rpc.c index fbf002f2ed..e0781c3816 100644 --- a/source4/libnet/libnet_rpc.c +++ b/source4/libnet/libnet_rpc.c @@ -772,7 +772,7 @@ static void continue_epm_map_binding_send(struct composite_context *c) s = talloc_get_type(c->private_data, struct rpc_connect_dci_state); /* prepare to get endpoint mapping for the requested interface */ - s->final_binding = talloc(s, struct dcerpc_binding); + s->final_binding = talloc_zero(s, struct dcerpc_binding); if (composite_nomem(s->final_binding, c)) return; *s->final_binding = *s->lsa_pipe->binding; diff --git a/source4/librpc/rpc/dcerpc.c b/source4/librpc/rpc/dcerpc.c index 13e3a3e100..5a31b6a2bb 100644 --- a/source4/librpc/rpc/dcerpc.c +++ b/source4/librpc/rpc/dcerpc.c @@ -517,7 +517,7 @@ _PUBLIC_ struct dcerpc_pipe *dcerpc_pipe_init(TALLOC_CTX *mem_ctx, struct tevent { struct dcerpc_pipe *p; - p = talloc(mem_ctx, struct dcerpc_pipe); + p = talloc_zero(mem_ctx, struct dcerpc_pipe); if (!p) { return NULL; } diff --git a/source4/librpc/rpc/dcerpc.h b/source4/librpc/rpc/dcerpc.h index b5062a55e3..4edb521854 100644 --- a/source4/librpc/rpc/dcerpc.h +++ b/source4/librpc/rpc/dcerpc.h @@ -190,6 +190,7 @@ struct dcerpc_binding { struct ndr_syntax_id object; const char *host; const char *target_hostname; + const char *target_principal; const char *endpoint; const char **options; const char *localaddress; diff --git a/source4/librpc/rpc/dcerpc_auth.c b/source4/librpc/rpc/dcerpc_auth.c index bca7a8d186..95fdbf2374 100644 --- a/source4/librpc/rpc/dcerpc_auth.c +++ b/source4/librpc/rpc/dcerpc_auth.c @@ -292,6 +292,17 @@ struct composite_context *dcerpc_bind_auth_send(TALLOC_CTX *mem_ctx, } } + if (p->binding && p->binding->target_principal) { + c->status = gensec_set_target_principal(sec->generic_state, + p->binding->target_principal); + if (!NT_STATUS_IS_OK(c->status)) { + DEBUG(1, ("Failed to set GENSEC target principal to %s: %s\n", + p->binding->target_principal, nt_errstr(c->status))); + composite_error(c, c->status); + return c; + } + } + c->status = gensec_start_mech_by_authtype(sec->generic_state, auth_type, auth_level); if (!NT_STATUS_IS_OK(c->status)) { diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c index 7716323541..fc56eccf7c 100644 --- a/source4/librpc/rpc/dcerpc_schannel.c +++ b/source4/librpc/rpc/dcerpc_schannel.c @@ -268,7 +268,7 @@ struct composite_context *dcerpc_schannel_key_send(TALLOC_CTX *mem_ctx, } /* allocate binding structure */ - s->binding = talloc(c, struct dcerpc_binding); + s->binding = talloc_zero(c, struct dcerpc_binding); if (composite_nomem(s->binding, c)) return c; *s->binding = *s->pipe->binding; |