summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/librpc/crypto/cli_spnego.c14
-rw-r--r--source3/librpc/crypto/spnego.h2
-rw-r--r--source3/rpc_client/cli_pipe.c3
3 files changed, 19 insertions, 0 deletions
diff --git a/source3/librpc/crypto/cli_spnego.c b/source3/librpc/crypto/cli_spnego.c
index f64a537e20..98251c776e 100644
--- a/source3/librpc/crypto/cli_spnego.c
+++ b/source3/librpc/crypto/cli_spnego.c
@@ -88,6 +88,8 @@ NTSTATUS spnego_generic_init_client(TALLOC_CTX *mem_ctx,
const char *oid,
bool do_sign, bool do_seal,
bool is_dcerpc,
+ const char *server,
+ const char *target_service,
const char *domain,
const char *username,
const char *password,
@@ -148,6 +150,18 @@ NTSTATUS spnego_generic_init_client(TALLOC_CTX *mem_ctx,
GENSEC_FEATURE_DCE_STYLE);
}
+ status = gensec_set_target_service(auth_generic_state->gensec_security, target_service);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(sp_ctx);
+ return status;
+ }
+
+ status = gensec_set_target_hostname(auth_generic_state->gensec_security, server);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(sp_ctx);
+ return status;
+ }
+
status = auth_generic_client_start(auth_generic_state, oid);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(sp_ctx);
diff --git a/source3/librpc/crypto/spnego.h b/source3/librpc/crypto/spnego.h
index 7e0f1590ab..a31f997ab6 100644
--- a/source3/librpc/crypto/spnego.h
+++ b/source3/librpc/crypto/spnego.h
@@ -65,6 +65,8 @@ NTSTATUS spnego_generic_init_client(TALLOC_CTX *mem_ctx,
const char *oid,
bool do_sign, bool do_seal,
bool is_dcerpc,
+ const char *server,
+ const char *target_service,
const char *domain,
const char *username,
const char *password,
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index 49053c980e..ca8655cab1 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -3143,6 +3143,8 @@ NTSTATUS cli_rpc_pipe_open_spnego_ntlmssp(struct cli_state *cli,
struct pipe_auth_data *auth;
struct spnego_context *spnego_ctx;
NTSTATUS status;
+ const char *server = NULL;
+ const char *target_service = "cifs"; /* TODO: Determine target service from the bindings or interface table */
status = cli_rpc_pipe_open(cli, transport, interface, &result);
if (!NT_STATUS_IS_OK(status)) {
@@ -3182,6 +3184,7 @@ NTSTATUS cli_rpc_pipe_open_spnego_ntlmssp(struct cli_state *cli,
(auth->auth_level ==
DCERPC_AUTH_LEVEL_PRIVACY),
true,
+ server, target_service,
domain, username, password,
&spnego_ctx);
if (!NT_STATUS_IS_OK(status)) {