summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
Diffstat (limited to 'source4')
-rw-r--r--source4/auth/gensec/gensec_gssapi.c14
-rw-r--r--source4/auth/kerberos/krb5_init_context.c13
-rw-r--r--source4/cldap_server/netlogon.c12
-rw-r--r--source4/dsdb/kcc/kcc_periodic.c2
-rw-r--r--source4/dsdb/repl/drepl_out_helpers.c3
-rw-r--r--source4/kdc/kdc.c2
-rw-r--r--source4/lib/tls/tls.c3
-rw-r--r--source4/libcli/ldap/ldap_client.c4
-rw-r--r--source4/ntptr/simple_ldb/ntptr_simple_ldb.c8
-rw-r--r--source4/rpc_server/drsuapi/addentry.c2
-rw-r--r--source4/rpc_server/netlogon/dcerpc_netlogon.c12
-rw-r--r--source4/rpc_server/spoolss/dcesrv_spoolss.c6
-rw-r--r--source4/torture/rpc/frsapi.c3
-rw-r--r--source4/torture/rpc/netlogon.c6
-rw-r--r--source4/torture/rpc/wkssvc.c2
15 files changed, 43 insertions, 49 deletions
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index a23f913264..2759ab41c3 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -147,6 +147,7 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
struct gensec_gssapi_state *gensec_gssapi_state;
krb5_error_code ret;
struct gsskrb5_send_to_kdc send_to_kdc;
+ const char *realm;
gensec_gssapi_state = talloc(gensec_security, struct gensec_gssapi_state);
if (!gensec_gssapi_state) {
@@ -226,15 +227,10 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
talloc_free(gensec_gssapi_state);
return NT_STATUS_INTERNAL_ERROR;
}
- if (lp_realm(gensec_security->settings->lp_ctx) && *lp_realm(gensec_security->settings->lp_ctx)) {
- char *upper_realm = strupper_talloc(gensec_gssapi_state, lp_realm(gensec_security->settings->lp_ctx));
- if (!upper_realm) {
- DEBUG(1,("gensec_krb5_start: could not uppercase realm: %s\n", lp_realm(gensec_security->settings->lp_ctx)));
- talloc_free(gensec_gssapi_state);
- return NT_STATUS_NO_MEMORY;
- }
- ret = gsskrb5_set_default_realm(upper_realm);
- talloc_free(upper_realm);
+
+ realm = lp_realm(gensec_security->settings->lp_ctx);
+ if (realm != NULL) {
+ ret = gsskrb5_set_default_realm(realm);
if (ret) {
DEBUG(1,("gensec_krb5_start: gsskrb5_set_default_realm failed\n"));
talloc_free(gensec_gssapi_state);
diff --git a/source4/auth/kerberos/krb5_init_context.c b/source4/auth/kerberos/krb5_init_context.c
index 04f0718a62..c00d7b1618 100644
--- a/source4/auth/kerberos/krb5_init_context.c
+++ b/source4/auth/kerberos/krb5_init_context.c
@@ -368,7 +368,7 @@ krb5_error_code smb_krb5_init_context(void *parent_ctx,
krb5_error_code ret;
TALLOC_CTX *tmp_ctx;
char **config_files;
- const char *config_file;
+ const char *config_file, *realm;
initialize_krb5_error_table();
@@ -415,14 +415,9 @@ krb5_error_code smb_krb5_init_context(void *parent_ctx,
return ret;
}
- if (lp_realm(lp_ctx) && *lp_realm(lp_ctx)) {
- char *upper_realm = strupper_talloc(tmp_ctx, lp_realm(lp_ctx));
- if (!upper_realm) {
- DEBUG(1,("gensec_krb5_start: could not uppercase realm: %s\n", lp_realm(lp_ctx)));
- talloc_free(tmp_ctx);
- return ENOMEM;
- }
- ret = krb5_set_default_realm((*smb_krb5_context)->krb5_context, upper_realm);
+ realm = lp_realm(lp_ctx);
+ if (realm != NULL) {
+ ret = krb5_set_default_realm((*smb_krb5_context)->krb5_context, realm);
if (ret) {
DEBUG(1,("krb5_set_default_realm failed (%s)\n",
smb_get_krb5_error_message((*smb_krb5_context)->krb5_context, ret, tmp_ctx)));
diff --git a/source4/cldap_server/netlogon.c b/source4/cldap_server/netlogon.c
index 50a8775ae4..b06fd609f2 100644
--- a/source4/cldap_server/netlogon.c
+++ b/source4/cldap_server/netlogon.c
@@ -61,7 +61,6 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
uint32_t server_type;
const char *pdc_name;
struct GUID domain_uuid;
- const char *realm;
const char *dns_domain;
const char *pdc_dns_name;
const char *flatname;
@@ -78,7 +77,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
domain = talloc_strndup(mem_ctx, domain, strlen(domain)-1);
}
- if (domain && strcasecmp_m(domain, lp_realm(lp_ctx)) == 0) {
+ if (domain && strcasecmp_m(domain, lp_dnsdomain(lp_ctx)) == 0) {
domain_dn = ldb_get_default_basedn(sam_ctx);
}
@@ -245,8 +244,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
pdc_name = talloc_asprintf(mem_ctx, "\\\\%s", lp_netbios_name(lp_ctx));
domain_uuid = samdb_result_guid(dom_res->msgs[0], "objectGUID");
- realm = lp_realm(lp_ctx);
- dns_domain = lp_realm(lp_ctx);
+ dns_domain = lp_dnsdomain(lp_ctx);
pdc_dns_name = talloc_asprintf(mem_ctx, "%s.%s",
strlower_talloc(mem_ctx,
lp_netbios_name(lp_ctx)),
@@ -274,7 +272,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
}
netlogon->data.nt5_ex.server_type = server_type;
netlogon->data.nt5_ex.domain_uuid = domain_uuid;
- netlogon->data.nt5_ex.forest = realm;
+ netlogon->data.nt5_ex.forest = dns_domain;
netlogon->data.nt5_ex.dns_domain = dns_domain;
netlogon->data.nt5_ex.pdc_dns_name = pdc_dns_name;
netlogon->data.nt5_ex.domain = flatname;
@@ -307,7 +305,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
netlogon->data.nt5.user_name = user;
netlogon->data.nt5.domain_name = flatname;
netlogon->data.nt5.domain_uuid = domain_uuid;
- netlogon->data.nt5.forest = realm;
+ netlogon->data.nt5.forest = dns_domain;
netlogon->data.nt5.dns_domain = dns_domain;
netlogon->data.nt5.pdc_dns_name = pdc_dns_name;
netlogon->data.nt5.pdc_ip = pdc_ip;
@@ -403,7 +401,7 @@ void cldapd_netlogon_request(struct cldap_socket *cldap,
}
if (domain_guid == NULL && domain == NULL) {
- domain = lp_realm(cldapd->task->lp_ctx);
+ domain = lp_dnsdomain(cldapd->task->lp_ctx);
}
if (version == -1) {
diff --git a/source4/dsdb/kcc/kcc_periodic.c b/source4/dsdb/kcc/kcc_periodic.c
index 44e0c7ae8b..30d43033cb 100644
--- a/source4/dsdb/kcc/kcc_periodic.c
+++ b/source4/dsdb/kcc/kcc_periodic.c
@@ -152,7 +152,7 @@ static NTSTATUS kccsrv_simple_update(struct kccsrv_service *s, TALLOC_CTX *mem_c
r1->other_info = talloc_zero(reps, struct repsFromTo1OtherInfo);
r1->other_info->dns_name = talloc_asprintf(r1->other_info, "%s._msdcs.%s",
GUID_string(mem_ctx, &ntds_guid),
- lp_realm(s->task->lp_ctx));
+ lp_dnsdomain(s->task->lp_ctx));
r1->source_dsa_obj_guid = ntds_guid;
r1->source_dsa_invocation_id = invocation_id;
r1->replica_flags =
diff --git a/source4/dsdb/repl/drepl_out_helpers.c b/source4/dsdb/repl/drepl_out_helpers.c
index 5c63c111f3..598ceb58b9 100644
--- a/source4/dsdb/repl/drepl_out_helpers.c
+++ b/source4/dsdb/repl/drepl_out_helpers.c
@@ -506,10 +506,9 @@ static void dreplsrv_update_refs_send(struct dreplsrv_op_pull_source_state *st)
ntds_guid_str = GUID_string(r, &service->ntds_guid);
if (composite_nomem(ntds_guid_str, c)) return;
- /* lp_realm() is not really right here */
ntds_dns_name = talloc_asprintf(r, "%s._msdcs.%s",
ntds_guid_str,
- lp_realm(service->task->lp_ctx));
+ lp_dnsdomain(service->task->lp_ctx));
if (composite_nomem(ntds_dns_name, c)) return;
r->in.bind_handle = &drsuapi->bind_handle;
diff --git a/source4/kdc/kdc.c b/source4/kdc/kdc.c
index a67aa09461..1260e9000f 100644
--- a/source4/kdc/kdc.c
+++ b/source4/kdc/kdc.c
@@ -602,7 +602,7 @@ static NTSTATUS kdc_check_generic_kerberos(struct irpc_message *msg,
}
ret = krb5_make_principal(kdc->smb_krb5_context->krb5_context, &principal,
- lp_realm(kdc->task->lp_ctx),
+ lp_realm(kdc->task->lp_ctx),
"krbtgt", lp_realm(kdc->task->lp_ctx),
NULL);
diff --git a/source4/lib/tls/tls.c b/source4/lib/tls/tls.c
index ba2e9e431b..470b555aee 100644
--- a/source4/lib/tls/tls.c
+++ b/source4/lib/tls/tls.c
@@ -377,7 +377,8 @@ struct tls_params *tls_initialise(TALLOC_CTX *mem_ctx, struct loadparm_context *
if (!file_exist(cafile)) {
char *hostname = talloc_asprintf(mem_ctx, "%s.%s",
- lp_netbios_name(lp_ctx), lp_realm(lp_ctx));
+ lp_netbios_name(lp_ctx),
+ lp_dnsdomain(lp_ctx));
if (hostname == NULL) {
goto init_failed;
}
diff --git a/source4/libcli/ldap/ldap_client.c b/source4/libcli/ldap/ldap_client.c
index 3c78a7c7e2..eb53276936 100644
--- a/source4/libcli/ldap/ldap_client.c
+++ b/source4/libcli/ldap/ldap_client.c
@@ -338,7 +338,9 @@ _PUBLIC_ struct composite_context *ldap_connect_send(struct ldap_connection *con
/* LDAPI connections are to localhost, so give the
* local host name as the target for gensec's
* DIGEST-MD5 mechanism */
- conn->host = talloc_asprintf(conn, "%s.%s", lp_netbios_name(conn->lp_ctx), lp_realm(conn->lp_ctx));
+ conn->host = talloc_asprintf(conn, "%s.%s",
+ lp_netbios_name(conn->lp_ctx),
+ lp_dnsdomain(conn->lp_ctx));
if (composite_nomem(conn->host, state->ctx)) {
return result;
}
diff --git a/source4/ntptr/simple_ldb/ntptr_simple_ldb.c b/source4/ntptr/simple_ldb/ntptr_simple_ldb.c
index 601f7902df..e179f52926 100644
--- a/source4/ntptr/simple_ldb/ntptr_simple_ldb.c
+++ b/source4/ntptr/simple_ldb/ntptr_simple_ldb.c
@@ -208,12 +208,14 @@ static WERROR sptr_GetPrintServerData(struct ntptr_GenericHandle *server, TALLOC
r->out.data->binary = blob;
return WERR_OK;
} else if (strcmp("DNSMachineName", r->in.value_name) == 0) {
- if (!lp_realm(server->ntptr->lp_ctx)) return WERR_INVALID_PARAM;
+ const char *dnsdomain = lp_dnsdomain(server->ntptr->lp_ctx);
+
+ if (dnsdomain == NULL) return WERR_INVALID_PARAM;
*r->out.type = REG_SZ;
r->out.data->string = talloc_asprintf(mem_ctx, "%s.%s",
- lp_netbios_name(server->ntptr->lp_ctx),
- lp_realm(server->ntptr->lp_ctx));
+ lp_netbios_name(server->ntptr->lp_ctx),
+ dnsdomain);
W_ERROR_HAVE_NO_MEMORY(r->out.data->string);
return WERR_OK;
}
diff --git a/source4/rpc_server/drsuapi/addentry.c b/source4/rpc_server/drsuapi/addentry.c
index 2c913dd91d..dbaf627130 100644
--- a/source4/rpc_server/drsuapi/addentry.c
+++ b/source4/rpc_server/drsuapi/addentry.c
@@ -82,7 +82,7 @@ static WERROR drsuapi_add_SPNs(struct drsuapi_bind_state *b_state,
ntds_guid_str = GUID_string(res, &ntds_guid);
- dom_string = lp_realm(dce_call->conn->dce_ctx->lp_ctx);
+ dom_string = lp_dnsdomain(dce_call->conn->dce_ctx->lp_ctx);
/*
* construct a modify request to add the new SPNs to
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 5eccd7f6a8..f763069a3b 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -643,7 +643,7 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal
sam6 = talloc_zero(mem_ctx, struct netr_SamInfo6);
NT_STATUS_HAVE_NO_MEMORY(sam6);
sam6->base = *sam;
- sam6->forest.string = lp_realm(dce_call->conn->dce_ctx->lp_ctx);
+ sam6->forest.string = lp_dnsdomain(dce_call->conn->dce_ctx->lp_ctx);
sam6->principle.string = talloc_asprintf(mem_ctx, "%s@%s",
sam->account_name.string, sam6->forest.string);
NT_STATUS_HAVE_NO_MEMORY(sam6->principle.string);
@@ -1096,7 +1096,7 @@ static NTSTATUS fill_one_domain_info(TALLOC_CTX *mem_ctx,
if (is_local) {
info->domainname.string = lp_sam_name(lp_ctx);
- info->dns_domainname.string = lp_realm(lp_ctx);
+ info->dns_domainname.string = lp_dnsdomain(lp_ctx);
info->domain_guid = samdb_result_guid(res, "objectGUID");
info->domain_sid = samdb_result_dom_sid(mem_ctx, res, "objectSid");
} else {
@@ -1432,14 +1432,14 @@ static WERROR dcesrv_netr_DsRGetDCNameEx2(struct dcesrv_call_state *dce_call, TA
*/
info->dc_unc = talloc_asprintf(mem_ctx, "\\\\%s.%s",
lp_netbios_name(dce_call->conn->dce_ctx->lp_ctx),
- lp_realm(dce_call->conn->dce_ctx->lp_ctx));
+ lp_dnsdomain(dce_call->conn->dce_ctx->lp_ctx));
W_ERROR_HAVE_NO_MEMORY(info->dc_unc);
info->dc_address = talloc_strdup(mem_ctx, "\\\\0.0.0.0");
W_ERROR_HAVE_NO_MEMORY(info->dc_address);
info->dc_address_type = DS_ADDRESS_TYPE_INET;
info->domain_guid = samdb_result_guid(res[0], "objectGUID");
- info->domain_name = lp_realm(dce_call->conn->dce_ctx->lp_ctx);
- info->forest_name = lp_realm(dce_call->conn->dce_ctx->lp_ctx);
+ info->domain_name = lp_dnsdomain(dce_call->conn->dce_ctx->lp_ctx);
+ info->forest_name = lp_dnsdomain(dce_call->conn->dce_ctx->lp_ctx);
info->dc_flags = DS_DNS_FOREST_ROOT |
DS_DNS_DOMAIN |
DS_DNS_CONTROLLER |
@@ -1614,7 +1614,7 @@ static WERROR dcesrv_netr_DsrEnumerateDomainTrusts(struct dcesrv_call_state *dce
/* TODO: add filtering by trust_flags, and correct trust_type
and attributes */
trusts->array[0].netbios_name = lp_sam_name(dce_call->conn->dce_ctx->lp_ctx);
- trusts->array[0].dns_name = lp_realm(dce_call->conn->dce_ctx->lp_ctx);
+ trusts->array[0].dns_name = lp_dnsdomain(dce_call->conn->dce_ctx->lp_ctx);
trusts->array[0].trust_flags =
NETR_TRUST_FLAG_TREEROOT |
NETR_TRUST_FLAG_IN_FOREST |
diff --git a/source4/rpc_server/spoolss/dcesrv_spoolss.c b/source4/rpc_server/spoolss/dcesrv_spoolss.c
index d380b10d8e..0e071dc74c 100644
--- a/source4/rpc_server/spoolss/dcesrv_spoolss.c
+++ b/source4/rpc_server/spoolss/dcesrv_spoolss.c
@@ -150,6 +150,7 @@ static WERROR dcesrv_spoolss_check_server_name(struct dcesrv_call_state *dce_cal
bool ret;
struct socket_address *myaddr;
const char **aliases;
+ const char *dnsdomain;
int i;
/* NULL is ok */
@@ -186,12 +187,13 @@ static WERROR dcesrv_spoolss_check_server_name(struct dcesrv_call_state *dce_cal
/* DNS NAME is ok
* TODO: we need to check if aliases are also ok
*/
- if (lp_realm(dce_call->conn->dce_ctx->lp_ctx)) {
+ dnsdomain = lp_dnsdomain(dce_call->conn->dce_ctx->lp_ctx);
+ if (dnsdomain != NULL) {
char *str;
str = talloc_asprintf(mem_ctx, "%s.%s",
lp_netbios_name(dce_call->conn->dce_ctx->lp_ctx),
- lp_realm(dce_call->conn->dce_ctx->lp_ctx));
+ dnsdomain);
W_ERROR_HAVE_NO_MEMORY(str);
ret = strequal(str, server_name);
diff --git a/source4/torture/rpc/frsapi.c b/source4/torture/rpc/frsapi.c
index e9a19bcf96..24d769a310 100644
--- a/source4/torture/rpc/frsapi.c
+++ b/source4/torture/rpc/frsapi.c
@@ -193,8 +193,7 @@ static bool test_ForceReplication(struct torture_context *tctx,
r.in.replica_set_guid = NULL;
r.in.connection_guid = NULL;
- r.in.replica_set_name = talloc_asprintf(tctx, "%s",
- lp_realm(tctx->lp_ctx));
+ r.in.replica_set_name = lp_dnsdomain(tctx->lp_ctx);
r.in.partner_dns_name = dcerpc_server_name(p);
torture_assert_ntstatus_ok(tctx,
diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c
index 35f1a5942f..6a753ed412 100644
--- a/source4/torture/rpc/netlogon.c
+++ b/source4/torture/rpc/netlogon.c
@@ -1991,7 +1991,7 @@ static bool test_netr_DsRGetDCName(struct torture_context *tctx,
struct netr_DsRGetDCNameInfo *info = NULL;
r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
- r.in.domain_name = talloc_asprintf(tctx, "%s", lp_realm(tctx->lp_ctx));
+ r.in.domain_name = lp_dnsdomain(tctx->lp_ctx);
r.in.domain_guid = NULL;
r.in.site_guid = NULL;
r.in.flags = DS_RETURN_DNS_NAME;
@@ -2016,7 +2016,7 @@ static bool test_netr_DsRGetDCNameEx(struct torture_context *tctx,
struct netr_DsRGetDCNameInfo *info = NULL;
r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
- r.in.domain_name = talloc_asprintf(tctx, "%s", lp_realm(tctx->lp_ctx));
+ r.in.domain_name = lp_dnsdomain(tctx->lp_ctx);
r.in.domain_guid = NULL;
r.in.site_name = NULL;
r.in.flags = DS_RETURN_DNS_NAME;
@@ -2043,7 +2043,7 @@ static bool test_netr_DsRGetDCNameEx2(struct torture_context *tctx,
r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
r.in.client_account = NULL;
r.in.mask = 0x00000000;
- r.in.domain_name = talloc_asprintf(tctx, "%s", lp_realm(tctx->lp_ctx));
+ r.in.domain_name = lp_dnsdomain(tctx->lp_ctx);
r.in.domain_guid = NULL;
r.in.site_name = NULL;
r.in.flags = DS_RETURN_DNS_NAME;
diff --git a/source4/torture/rpc/wkssvc.c b/source4/torture/rpc/wkssvc.c
index 06b1d05ee4..d5ef0a4fda 100644
--- a/source4/torture/rpc/wkssvc.c
+++ b/source4/torture/rpc/wkssvc.c
@@ -1132,7 +1132,7 @@ static bool test_NetrJoinDomain(struct torture_context *tctx,
user);
r.in.server_name = dcerpc_server_name(p);
- r.in.domain_name = lp_realm(tctx->lp_ctx);
+ r.in.domain_name = lp_dnsdomain(tctx->lp_ctx);
r.in.account_ou = NULL;
r.in.Account = admin_account;
r.in.password = NULL;