auth: Provide a way to specify the NTLMSSP server name to GENSEC

author Andrew Bartlett <abartlet@samba.org>

Tue, 31 Jan 2012 05:17:04 +0000 (16:17 +1100)

committer Stefan Metzmacher <metze@samba.org>

Fri, 17 Feb 2012 09:48:09 +0000 (10:48 +0100)
author Andrew Bartlett <abartlet@samba.org>
Tue, 31 Jan 2012 05:17:04 +0000 (16:17 +1100)
committer Stefan Metzmacher <metze@samba.org>
Fri, 17 Feb 2012 09:48:09 +0000 (10:48 +0100)
diff --git a/auth/gensec/gensec.h b/auth/gensec/gensec.h

index c52eecb8d0b3696842eaf4125bebe629329aad9c..aba1018a92b164e74aad3beab5ce2443b33d20a8 100644 (file)
--- a/auth/gensec/gensec.h
+++ b/auth/gensec/gensec.h
@@ -83,6 +83,10 @@ struct gensec_settings {
          * should be used, rather than those loaded by the plugin
          * mechanism */
         struct gensec_security_ops **backends;
+
+       /* To fill in our own name in the NTLMSSP server */
+       const char *server_dns_domain;
+       const char *server_dns_name;
  };
  
  struct gensec_security_ops {
diff --git a/auth/ntlmssp/gensec_ntlmssp_server.c b/auth/ntlmssp/gensec_ntlmssp_server.c

index 1f1f5b3f7b8200bec5979556f9aeff345183d808..de86dd509e39168d11daac69fa9a23e94a5322e8 100644 (file)
--- a/auth/ntlmssp/gensec_ntlmssp_server.c
+++ b/auth/ntlmssp/gensec_ntlmssp_server.c
@@ -266,6 +266,10 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security)
         NTSTATUS nt_status;
         struct ntlmssp_state *ntlmssp_state;
         struct gensec_ntlmssp_context *gensec_ntlmssp;
+       const char *netbios_name;
+       const char *netbios_domain;
+       const char *dns_name;
+       const char *dns_domain;
  
         nt_status = gensec_ntlmssp_start(gensec_security);
         NT_STATUS_NOT_OK_RETURN(nt_status);
@@ -339,33 +343,48 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security)
                 ntlmssp_state->server.is_standalone = false;
         }
  
-       ntlmssp_state->server.netbios_name = lpcfg_netbios_name(gensec_security->settings->lp_ctx);
+       netbios_name = lpcfg_netbios_name(gensec_security->settings->lp_ctx);
+       netbios_domain = lpcfg_workgroup(gensec_security->settings->lp_ctx);
  
-       ntlmssp_state->server.netbios_domain = lpcfg_workgroup(gensec_security->settings->lp_ctx);
-
-       {
+       if (gensec_security->settings->server_dns_name) {
+               dns_name = gensec_security->settings->server_dns_name;
+       } else {
                 const char *dnsdomain = lpcfg_dnsdomain(gensec_security->settings->lp_ctx);
-               char *dnsname, *lower_netbiosname;
-               lower_netbiosname = strlower_talloc(ntlmssp_state, ntlmssp_state->server.netbios_name);
+               char *lower_netbiosname;
+
+               lower_netbiosname = strlower_talloc(ntlmssp_state, netbios_name);
+               NT_STATUS_HAVE_NO_MEMORY(lower_netbiosname);
  
                 /* Find out the DNS host name */
                 if (dnsdomain && dnsdomain[0] != '\0') {
-                       dnsname = talloc_asprintf(ntlmssp_state, "%s.%s",
-                                                 lower_netbiosname,
-                                                 dnsdomain);
+                       dns_name = talloc_asprintf(ntlmssp_state, "%s.%s",
+                                                  lower_netbiosname,
+                                                  dnsdomain);
                         talloc_free(lower_netbiosname);
-                       ntlmssp_state->server.dns_name = dnsname;
+                       NT_STATUS_HAVE_NO_MEMORY(dns_name);
                 } else {
-                       ntlmssp_state->server.dns_name = lower_netbiosname;
+                       dns_name = lower_netbiosname;
                 }
+       }
  
-               NT_STATUS_HAVE_NO_MEMORY(ntlmssp_state->server.dns_name);
-
-               ntlmssp_state->server.dns_domain
-                       = talloc_strdup(ntlmssp_state,
-                                       lpcfg_dnsdomain(gensec_security->settings->lp_ctx));
-               NT_STATUS_HAVE_NO_MEMORY(ntlmssp_state->server.dns_domain);
+       if (gensec_security->settings->server_dns_domain) {
+               dns_domain = gensec_security->settings->server_dns_domain;
+       } else {
+               dns_domain = lpcfg_dnsdomain(gensec_security->settings->lp_ctx);
         }
  
+       ntlmssp_state->server.netbios_name = talloc_strdup(ntlmssp_state, netbios_name);
+       NT_STATUS_HAVE_NO_MEMORY(ntlmssp_state->server.netbios_name);
+
+       ntlmssp_state->server.netbios_domain = talloc_strdup(ntlmssp_state, netbios_domain);
+       NT_STATUS_HAVE_NO_MEMORY(ntlmssp_state->server.netbios_domain);
+
+       ntlmssp_state->server.dns_name = talloc_strdup(ntlmssp_state, dns_name);
+       NT_STATUS_HAVE_NO_MEMORY(ntlmssp_state->server.dns_name);
+
+       ntlmssp_state->server.dns_domain = talloc_strdup(ntlmssp_state, dns_domain);
+       NT_STATUS_HAVE_NO_MEMORY(ntlmssp_state->server.dns_domain);
+
         return NT_STATUS_OK;
  }
+
author	Andrew Bartlett <abartlet@samba.org>
	Tue, 31 Jan 2012 05:17:04 +0000 (16:17 +1100)
committer	Stefan Metzmacher <metze@samba.org>
	Fri, 17 Feb 2012 09:48:09 +0000 (10:48 +0100)
auth/gensec/gensec.h		patch \| blob \| history
auth/ntlmssp/gensec_ntlmssp_server.c		patch \| blob \| history