s3-auth: Use the gensec-supplied DNS domain name and hostname.

Also have a reasonable fallback for when it is not set.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>

1 files changed, 32 insertions, 0 deletions

diff --git a/source3/auth/auth_generic.c b/source3/auth/auth_generic.c
index b76dcd7e8f..559dce19f9 100644
--- a/source3/auth/auth_generic.c
+++ b/source3/auth/auth_generic.c
@@ -183,6 +183,8 @@ NTSTATUS auth_generic_prepare(TALLOC_CTX *mem_ctx,
 		struct loadparm_context *lp_ctx;
 		size_t idx = 0;
 		struct cli_credentials *server_credentials;
+		const char *dns_name;
+		const char *dns_domain;
 		struct auth4_context *auth4_context = talloc_zero(tmp_ctx, struct auth4_context);
 		if (auth4_context == NULL) {
 			DEBUG(10, ("failed to allocate auth4_context failed\n"));
@@ -211,6 +213,36 @@ NTSTATUS auth_generic_prepare(TALLOC_CTX *mem_ctx,
 			return NT_STATUS_NO_MEMORY;
 		}
 
+		/*
+		 * This should be a 'netbios domain -> DNS domain'
+		 * mapping, and can currently validly return NULL on
+		 * poorly configured systems.
+		 *
+		 * This is used for the NTLMSSP server
+		 *
+		 */
+		dns_name = get_mydnsfullname();
+		if (dns_name == NULL) {
+			dns_name = "";
+		}
+
+		dns_domain = get_mydnsdomname(tmp_ctx);
+		if (dns_domain == NULL) {
+			dns_domain = "";
+		}
+
+		gensec_settings->server_dns_name = strlower_talloc(gensec_settings, dns_name);
+		if (gensec_settings->server_dns_name == NULL) {
+			TALLOC_FREE(tmp_ctx);
+			return NT_STATUS_NO_MEMORY;
+		}
+
+		gensec_settings->server_dns_domain = strlower_talloc(gensec_settings, dns_domain);
+		if (gensec_settings->server_dns_domain == NULL) {
+			TALLOC_FREE(tmp_ctx);
+			return NT_STATUS_NO_MEMORY;
+		}
+
 		gensec_settings->backends = talloc_zero_array(gensec_settings,
 						struct gensec_security_ops *, 4);
 		if (gensec_settings->backends == NULL) {