From 57589e3b67c4fbe6412478bef9a46cdf5b1df795 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 25 Mar 2006 11:39:09 +0000 Subject: r14714: On DCE/RPC, we need the name of the remote server used on the socket, for Kerberos. It must be the full name contacted, not the 'called name' we might want to use for \\server things, so add another function. Andrew Bartlett (This used to be commit 6d57d1dbb76e7d1ca2fd4f1a6c0bacfa7a189e2b) --- source4/librpc/rpc/dcerpc.h | 2 ++ source4/librpc/rpc/dcerpc_auth.c | 2 +- source4/librpc/rpc/dcerpc_smb.c | 28 +++++++++++++++++++--------- source4/librpc/rpc/dcerpc_smb2.c | 11 +++++++++++ source4/librpc/rpc/dcerpc_sock.c | 26 ++++++++++++++++++-------- 5 files changed, 51 insertions(+), 18 deletions(-) (limited to 'source4/librpc/rpc') diff --git a/source4/librpc/rpc/dcerpc.h b/source4/librpc/rpc/dcerpc.h index 7fcaa9d922..3ee3c4a502 100644 --- a/source4/librpc/rpc/dcerpc.h +++ b/source4/librpc/rpc/dcerpc.h @@ -65,6 +65,8 @@ struct dcerpc_connection { const char *(*peer_name)(struct dcerpc_connection *); + const char *(*target_hostname)(struct dcerpc_connection *); + /* send a request to the server */ NTSTATUS (*send_request)(struct dcerpc_connection *, DATA_BLOB *, BOOL trigger_read); diff --git a/source4/librpc/rpc/dcerpc_auth.c b/source4/librpc/rpc/dcerpc_auth.c index 88132b15fe..04f3d9b436 100644 --- a/source4/librpc/rpc/dcerpc_auth.c +++ b/source4/librpc/rpc/dcerpc_auth.c @@ -228,7 +228,7 @@ struct composite_context *dcerpc_bind_auth_send(TALLOC_CTX *mem_ctx, } c->status = gensec_set_target_hostname( - sec->generic_state, p->conn->transport.peer_name(p->conn)); + sec->generic_state, p->conn->transport.target_hostname(p->conn)); if (!NT_STATUS_IS_OK(c->status)) { DEBUG(1, ("Failed to set GENSEC target hostname: %s\n", nt_errstr(c->status))); diff --git a/source4/librpc/rpc/dcerpc_smb.c b/source4/librpc/rpc/dcerpc_smb.c index e16142d5c2..594feb8d64 100644 --- a/source4/librpc/rpc/dcerpc_smb.c +++ b/source4/librpc/rpc/dcerpc_smb.c @@ -350,7 +350,7 @@ static NTSTATUS smb_shutdown_pipe(struct dcerpc_connection *c) } /* - return SMB server name + return SMB server name (called name) */ static const char *smb_peer_name(struct dcerpc_connection *c) { @@ -358,6 +358,15 @@ static const char *smb_peer_name(struct dcerpc_connection *c) return smb->server_name; } +/* + return remote name we make the actual connection (good for kerberos) +*/ +static const char *smb_target_hostname(struct dcerpc_connection *c) +{ + struct smb_private *smb = talloc_get_type(c->transport.private, struct smb_private); + return smb->tree->session->transport->socket->hostname; +} + /* fetch the user session key */ @@ -462,14 +471,15 @@ static void pipe_open_recv(struct smbcli_request *req) /* fill in the transport methods */ - c->transport.transport = NCACN_NP; - c->transport.private = NULL; - c->transport.shutdown_pipe = smb_shutdown_pipe; - c->transport.peer_name = smb_peer_name; - - c->transport.send_request = smb_send_request; - c->transport.send_read = send_read_request; - c->transport.recv_data = NULL; + c->transport.transport = NCACN_NP; + c->transport.private = NULL; + c->transport.shutdown_pipe = smb_shutdown_pipe; + c->transport.peer_name = smb_peer_name; + c->transport.target_hostname = smb_target_hostname; + + c->transport.send_request = smb_send_request; + c->transport.send_read = send_read_request; + c->transport.recv_data = NULL; /* Over-ride the default session key with the SMB session key */ c->security_state.session_key = smb_session_key; diff --git a/source4/librpc/rpc/dcerpc_smb2.c b/source4/librpc/rpc/dcerpc_smb2.c index 01fd783e6f..84ece71e4c 100644 --- a/source4/librpc/rpc/dcerpc_smb2.c +++ b/source4/librpc/rpc/dcerpc_smb2.c @@ -331,6 +331,16 @@ static const char *smb2_peer_name(struct dcerpc_connection *c) return smb->server_name; } +/* + return remote name we make the actual connection (good for kerberos) +*/ +static const char *smb2_target_hostname(struct dcerpc_connection *c) +{ + struct smb2_private *smb = talloc_get_type(c->transport.private, + struct smb2_private); + return smb->tree->session->transport->socket->hostname; +} + /* fetch the user session key */ @@ -432,6 +442,7 @@ static void pipe_open_recv(struct smb2_request *req) c->transport.private = NULL; c->transport.shutdown_pipe = smb2_shutdown_pipe; c->transport.peer_name = smb2_peer_name; + c->transport.target_hostname = smb2_target_hostname; c->transport.send_request = smb2_send_request; c->transport.send_read = send_read_request; diff --git a/source4/librpc/rpc/dcerpc_sock.c b/source4/librpc/rpc/dcerpc_sock.c index 0385a70d3c..05c66cd796 100644 --- a/source4/librpc/rpc/dcerpc_sock.c +++ b/source4/librpc/rpc/dcerpc_sock.c @@ -187,7 +187,16 @@ static NTSTATUS sock_shutdown_pipe(struct dcerpc_connection *p) */ static const char *sock_peer_name(struct dcerpc_connection *p) { - struct sock_private *sock = p->transport.private; + struct sock_private *sock = talloc_get_type(p->transport.private, struct sock_private); + return sock->server_name; +} + +/* + return remote name we make the actual connection (good for kerberos) +*/ +static const char *sock_target_hostname(struct dcerpc_connection *p) +{ + struct sock_private *sock = talloc_get_type(p->transport.private, struct sock_private); return sock->server_name; } @@ -226,15 +235,16 @@ static void continue_socket_connect(struct composite_context *ctx) /* fill in the transport methods */ - conn->transport.transport = s->transport; - conn->transport.private = NULL; + conn->transport.transport = s->transport; + conn->transport.private = NULL; - conn->transport.send_request = sock_send_request; - conn->transport.send_read = sock_send_read; - conn->transport.recv_data = NULL; + conn->transport.send_request = sock_send_request; + conn->transport.send_read = sock_send_read; + conn->transport.recv_data = NULL; - conn->transport.shutdown_pipe = sock_shutdown_pipe; - conn->transport.peer_name = sock_peer_name; + conn->transport.shutdown_pipe = sock_shutdown_pipe; + conn->transport.peer_name = sock_peer_name; + conn->transport.target_hostname = sock_target_hostname; sock->sock = s->socket_ctx; sock->pending_reads = 0; -- cgit