From 0c1b4c232135ebdef58bb5e697dfc60ddbb358bc Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 2 Jan 2012 15:38:38 +1100 Subject: s3-librpc Call SPENGO/GSSAPI via the auth_generic layer and gensec This simplifies a lot of code, as we know we are always dealing with a struct gensec_security, and allows the gensec module being used to implement GSSAPI to be swapped for AD-server operation. Andrew Bartlett Signed-off-by: Stefan Metzmacher --- source3/rpc_client/cli_pipe.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) (limited to 'source3/rpc_client/cli_pipe.c') diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index ce8ab819c5..f3a334a052 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -2939,6 +2939,7 @@ NTSTATUS cli_rpc_pipe_open_spnego_krb5(struct cli_state *cli, struct pipe_auth_data *auth; struct spnego_context *spnego_ctx; NTSTATUS status; + const char *target_service = "cifs"; /* TODO: Determine target service from the bindings or interface table */ status = cli_rpc_pipe_open(cli, transport, interface, &result); if (!NT_STATUS_IS_OK(status)) { @@ -2969,15 +2970,16 @@ NTSTATUS cli_rpc_pipe_open_spnego_krb5(struct cli_state *cli, goto err_out; } - status = spnego_gssapi_init_client(auth, - (auth->auth_level == + status = spnego_generic_init_client(auth, + GENSEC_OID_KERBEROS5, + (auth->auth_level == DCERPC_AUTH_LEVEL_INTEGRITY), - (auth->auth_level == + (auth->auth_level == DCERPC_AUTH_LEVEL_PRIVACY), - true, - NULL, server, "cifs", - username, password, - &spnego_ctx); + true, + server, target_service, + auth->domain, auth->user_name, password, + &spnego_ctx); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("spnego_init_client returned %s\n", nt_errstr(status))); -- cgit