diff options
-rw-r--r-- | source4/auth/gensec/cyrus_sasl.c | 13 | ||||
-rw-r--r-- | source4/auth/gensec/gensec.c | 11 | ||||
-rw-r--r-- | source4/auth/gensec/gensec_krb5.c | 23 |
3 files changed, 24 insertions, 23 deletions
diff --git a/source4/auth/gensec/cyrus_sasl.c b/source4/auth/gensec/cyrus_sasl.c index da96d239af..39b11ff3d0 100644 --- a/source4/auth/gensec/cyrus_sasl.c +++ b/source4/auth/gensec/cyrus_sasl.c @@ -20,6 +20,7 @@ */ #include "includes.h" +#include "lib/tsocket/tsocket.h" #include "auth/credentials/credentials.h" #include "auth/gensec/gensec.h" #include "auth/gensec/gensec_proto.h" @@ -117,8 +118,8 @@ static NTSTATUS gensec_sasl_client_start(struct gensec_security *gensec_security struct gensec_sasl_state *gensec_sasl_state; const char *service = gensec_get_target_service(gensec_security); const char *target_name = gensec_get_target_hostname(gensec_security); - struct socket_address *local_socket_addr = gensec_get_my_addr(gensec_security); struct socket_address *remote_socket_addr = gensec_get_peer_addr(gensec_security); + const struct tsocket_address *tlocal_addr = gensec_get_local_address(gensec_security); char *local_addr = NULL; char *remote_addr = NULL; int sasl_ret; @@ -153,11 +154,11 @@ static NTSTATUS gensec_sasl_client_start(struct gensec_security *gensec_security gensec_security->private_data = gensec_sasl_state; - if (local_socket_addr) { - local_addr = talloc_asprintf(gensec_sasl_state, - "%s;%d", - local_socket_addr->addr, - local_socket_addr->port); + if (tlocal_addr) { + local_addr = talloc_asprintf(gensec_sasl_state, + "%s;%d", + tsocket_address_inet_addr_string(tlocal_addr, gensec_sasl_state), + tsocket_address_inet_port(tlocal_addr)); } if (remote_socket_addr) { diff --git a/source4/auth/gensec/gensec.c b/source4/auth/gensec/gensec.c index e1680c9c89..d6acb262dc 100644 --- a/source4/auth/gensec/gensec.c +++ b/source4/auth/gensec/gensec.c @@ -1289,17 +1289,6 @@ _PUBLIC_ NTSTATUS gensec_set_peer_addr(struct gensec_security *gensec_security, return NT_STATUS_OK; } -struct socket_address *gensec_get_my_addr(struct gensec_security *gensec_security) -{ - if (gensec_security->my_addr) { - return gensec_security->my_addr; - } - - /* We could add a 'set sockaddr' call, and do a lookup. This - * would avoid needing to do system calls if nothing asks. */ - return NULL; -} - _PUBLIC_ struct socket_address *gensec_get_peer_addr(struct gensec_security *gensec_security) { if (gensec_security->peer_addr) { diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c index ee5f9c3c37..ff26018ae2 100644 --- a/source4/auth/gensec/gensec_krb5.c +++ b/source4/auth/gensec/gensec_krb5.c @@ -28,6 +28,7 @@ #include "auth/kerberos/kerberos.h" #include "auth/auth.h" #include "lib/socket/socket.h" +#include "lib/tsocket/tsocket.h" #include "librpc/rpc/dcerpc.h" #include "auth/credentials/credentials.h" #include "auth/gensec/gensec.h" @@ -89,7 +90,8 @@ static NTSTATUS gensec_krb5_start(struct gensec_security *gensec_security, bool krb5_error_code ret; struct gensec_krb5_state *gensec_krb5_state; struct cli_credentials *creds; - const struct socket_address *my_addr, *peer_addr; + const struct socket_address *peer_addr; + const struct tsocket_address *tlocal_addr; krb5_address my_krb5_addr, peer_krb5_addr; creds = gensec_get_credentials(gensec_security); @@ -141,10 +143,19 @@ static NTSTATUS gensec_krb5_start(struct gensec_security *gensec_security, bool return NT_STATUS_INTERNAL_ERROR; } - my_addr = gensec_get_my_addr(gensec_security); - if (my_addr && my_addr->sockaddr) { - ret = krb5_sockaddr2address(gensec_krb5_state->smb_krb5_context->krb5_context, - my_addr->sockaddr, &my_krb5_addr); + tlocal_addr = gensec_get_local_address(gensec_security); + if (tlocal_addr) { + ssize_t socklen; + struct sockaddr_storage ss; + + socklen = tsocket_address_bsd_sockaddr(tlocal_addr, + (struct sockaddr *) &ss, + sizeof(struct sockaddr_storage)); + if (socklen < 0) { + return NT_STATUS_INTERNAL_ERROR; + } + ret = krb5_sockaddr2address(gensec_krb5_state->smb_krb5_context->krb5_context, + (const struct sockaddr *) &ss, &my_krb5_addr); if (ret) { DEBUG(1,("gensec_krb5_start: krb5_sockaddr2address (local) failed (%s)\n", smb_get_krb5_error_message(gensec_krb5_state->smb_krb5_context->krb5_context, @@ -169,7 +180,7 @@ static NTSTATUS gensec_krb5_start(struct gensec_security *gensec_security, bool ret = krb5_auth_con_setaddrs(gensec_krb5_state->smb_krb5_context->krb5_context, gensec_krb5_state->auth_context, - my_addr ? &my_krb5_addr : NULL, + tlocal_addr ? &my_krb5_addr : NULL, peer_addr ? &peer_krb5_addr : NULL); if (ret) { DEBUG(1,("gensec_krb5_start: krb5_auth_con_setaddrs failed (%s)\n", |