summaryrefslogtreecommitdiff
path: root/source4/libcli/raw
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2004-07-13 05:14:59 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:57:34 -0500
commited03516c915c4a4c8ae6f7decfa04d51049d9dd5 (patch)
tree41f535a24108d59c367849ae80885198e371bda3 /source4/libcli/raw
parent39b12015846e06cbf89079e365e6c228ca3883c2 (diff)
downloadsamba-ed03516c915c4a4c8ae6f7decfa04d51049d9dd5.tar.gz
samba-ed03516c915c4a4c8ae6f7decfa04d51049d9dd5.tar.bz2
samba-ed03516c915c4a4c8ae6f7decfa04d51049d9dd5.zip
r1475: More kerberos work
- We can now connect to hosts that follow the SPNEGO RFC, and *do not* give us their principal name in the mechListMIC. - The client code now remembers the hostname it connects to - We now kinit for a user, if there is not valid ticket already - Re-introduce clock skew compensation TODO: - See if the username in the ccache matches the username specified - Use a private ccache, rather then the global one, for a 'new' kinit - Determine 'default' usernames. - The default for Krb5 is the one in the ccache, then $USER - For NTLMSSP, it's just $USER Andrew Bartlett (This used to be commit de5da669397db4ac87c6da08d3533ca3030da2b0)
Diffstat (limited to 'source4/libcli/raw')
-rw-r--r--source4/libcli/raw/clisession.c7
-rw-r--r--source4/libcli/raw/clisocket.c11
2 files changed, 17 insertions, 1 deletions
diff --git a/source4/libcli/raw/clisession.c b/source4/libcli/raw/clisession.c
index 5aaceb103a..e31cf07bf8 100644
--- a/source4/libcli/raw/clisession.c
+++ b/source4/libcli/raw/clisession.c
@@ -424,6 +424,13 @@ static NTSTATUS smb_raw_session_setup_generic_spnego(struct cli_session *session
goto done;
}
+ status = gensec_set_target_hostname(session->gensec, session->transport->socket->hostname);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(1, ("Failed to start set GENSEC target hostname: %s\n",
+ nt_errstr(status)));
+ goto done;
+ }
+
status = gensec_start_mech_by_oid(session->gensec, OID_SPNEGO);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to start set GENSEC client SPNEGO mechanism: %s\n",
diff --git a/source4/libcli/raw/clisocket.c b/source4/libcli/raw/clisocket.c
index 4dae7d517d..5cd6f33689 100644
--- a/source4/libcli/raw/clisocket.c
+++ b/source4/libcli/raw/clisocket.c
@@ -45,6 +45,8 @@ struct cli_socket *cli_sock_init(void)
/* 20 second default timeout */
sock->timeout = 20000;
+ sock->hostname = NULL;
+
return sock;
}
@@ -140,6 +142,7 @@ BOOL cli_sock_connect_byname(struct cli_socket *sock, const char *host, int port
struct in_addr ip;
TALLOC_CTX *mem_ctx;
char *name, *p;
+ BOOL ret;
if (getenv("LIBSMB_PROG")) {
sock->fd = sock_exec(getenv("LIBSMB_PROG"));
@@ -162,7 +165,13 @@ BOOL cli_sock_connect_byname(struct cli_socket *sock, const char *host, int port
return False;
}
+ ret = cli_sock_connect(sock, &ip, port);
+
+ if (ret) {
+ sock->hostname = talloc_steal(mem_ctx, sock->mem_ctx, name);
+ }
+
talloc_destroy(mem_ctx);
- return cli_sock_connect(sock, &ip, port);
+ return ret;
}