diff options
author | Andrew Bartlett <abartlet@samba.org> | 2004-07-13 05:14:59 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:57:34 -0500 |
commit | ed03516c915c4a4c8ae6f7decfa04d51049d9dd5 (patch) | |
tree | 41f535a24108d59c367849ae80885198e371bda3 /source4/libcli/raw | |
parent | 39b12015846e06cbf89079e365e6c228ca3883c2 (diff) | |
download | samba-ed03516c915c4a4c8ae6f7decfa04d51049d9dd5.tar.gz samba-ed03516c915c4a4c8ae6f7decfa04d51049d9dd5.tar.bz2 samba-ed03516c915c4a4c8ae6f7decfa04d51049d9dd5.zip |
r1475: More kerberos work
- We can now connect to hosts that follow the SPNEGO RFC, and *do not*
give us their principal name in the mechListMIC.
- The client code now remembers the hostname it connects to
- We now kinit for a user, if there is not valid ticket already
- Re-introduce clock skew compensation
TODO:
- See if the username in the ccache matches the username specified
- Use a private ccache, rather then the global one, for a 'new' kinit
- Determine 'default' usernames.
- The default for Krb5 is the one in the ccache, then $USER
- For NTLMSSP, it's just $USER
Andrew Bartlett
(This used to be commit de5da669397db4ac87c6da08d3533ca3030da2b0)
Diffstat (limited to 'source4/libcli/raw')
-rw-r--r-- | source4/libcli/raw/clisession.c | 7 | ||||
-rw-r--r-- | source4/libcli/raw/clisocket.c | 11 |
2 files changed, 17 insertions, 1 deletions
diff --git a/source4/libcli/raw/clisession.c b/source4/libcli/raw/clisession.c index 5aaceb103a..e31cf07bf8 100644 --- a/source4/libcli/raw/clisession.c +++ b/source4/libcli/raw/clisession.c @@ -424,6 +424,13 @@ static NTSTATUS smb_raw_session_setup_generic_spnego(struct cli_session *session goto done; } + status = gensec_set_target_hostname(session->gensec, session->transport->socket->hostname); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("Failed to start set GENSEC target hostname: %s\n", + nt_errstr(status))); + goto done; + } + status = gensec_start_mech_by_oid(session->gensec, OID_SPNEGO); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("Failed to start set GENSEC client SPNEGO mechanism: %s\n", diff --git a/source4/libcli/raw/clisocket.c b/source4/libcli/raw/clisocket.c index 4dae7d517d..5cd6f33689 100644 --- a/source4/libcli/raw/clisocket.c +++ b/source4/libcli/raw/clisocket.c @@ -45,6 +45,8 @@ struct cli_socket *cli_sock_init(void) /* 20 second default timeout */ sock->timeout = 20000; + sock->hostname = NULL; + return sock; } @@ -140,6 +142,7 @@ BOOL cli_sock_connect_byname(struct cli_socket *sock, const char *host, int port struct in_addr ip; TALLOC_CTX *mem_ctx; char *name, *p; + BOOL ret; if (getenv("LIBSMB_PROG")) { sock->fd = sock_exec(getenv("LIBSMB_PROG")); @@ -162,7 +165,13 @@ BOOL cli_sock_connect_byname(struct cli_socket *sock, const char *host, int port return False; } + ret = cli_sock_connect(sock, &ip, port); + + if (ret) { + sock->hostname = talloc_steal(mem_ctx, sock->mem_ctx, name); + } + talloc_destroy(mem_ctx); - return cli_sock_connect(sock, &ip, port); + return ret; } |