Merge branch 'master' of ssh://git.samba.org/data/git/samba
authorJelmer Vernooij <jelmer@samba.org>
Sun, 2 Nov 2008 04:50:08 +0000 (05:50 +0100)
committerJelmer Vernooij <jelmer@samba.org>
Sun, 2 Nov 2008 04:50:08 +0000 (05:50 +0100)
77 files changed:
lib/util/debug.h
pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm
source4/auth/gensec/gensec.c
source4/auth/gensec/gensec.h
source4/auth/gensec/gensec_gssapi.c
source4/auth/gensec/gensec_krb5.c
source4/auth/gensec/schannel.c
source4/auth/kerberos/krb5_init_context.c
source4/auth/ntlm/auth_server.c
source4/auth/ntlmssp/ntlmssp_client.c
source4/auth/ntlmssp/ntlmssp_server.c
source4/auth/sam.c
source4/auth/system_session.c
source4/client/cifsdd.c
source4/client/cifsdd.h
source4/client/cifsddio.c
source4/client/client.c
source4/kdc/kpasswdd.c
source4/ldap_server/ldap_bind.c
source4/lib/socket/socket.c
source4/lib/socket/socket.h
source4/libcli/cliconnect.c
source4/libcli/ldap/ldap_bind.c
source4/libcli/libcli.h
source4/libcli/raw/clitree.c
source4/libcli/resolve/nbtlist.c
source4/libcli/smb2/connect.c
source4/libcli/smb2/session.c
source4/libcli/smb2/smb2_calls.h
source4/libcli/smb_composite/connect.c
source4/libcli/smb_composite/fetchfile.c
source4/libcli/smb_composite/fsinfo.c
source4/libcli/smb_composite/sesssetup.c
source4/libcli/smb_composite/smb_composite.h
source4/librpc/rpc/dcerpc.c
source4/librpc/rpc/dcerpc.h
source4/librpc/rpc/dcerpc_auth.c
source4/librpc/rpc/dcerpc_connect.c
source4/librpc/rpc/dcerpc_schannel.c
source4/librpc/rpc/dcerpc_secondary.c
source4/librpc/rpc/dcerpc_util.c
source4/ntvfs/cifs/vfs_cifs.c
source4/ntvfs/smb2/vfs_smb2.c
source4/param/loadparm.c
source4/param/param.h
source4/rpc_server/dcerpc_server.c
source4/rpc_server/dcerpc_server.h
source4/rpc_server/dcesrv_auth.c
source4/rpc_server/remote/dcesrv_remote.c
source4/smb_server/smb/negprot.c
source4/smb_server/smb/sesssetup.c
source4/smb_server/smb2/negprot.c
source4/smb_server/smb2/sesssetup.c
source4/torture/auth/ntlmssp.c
source4/torture/basic/misc.c
source4/torture/basic/secleak.c
source4/torture/gentest.c
source4/torture/locktest.c
source4/torture/masktest.c
source4/torture/raw/composite.c
source4/torture/raw/context.c
source4/torture/raw/lock.c
source4/torture/raw/lockbench.c
source4/torture/raw/openbench.c
source4/torture/raw/oplock.c
source4/torture/raw/tconrate.c
source4/torture/rpc/join.c
source4/torture/rpc/remote_pac.c
source4/torture/rpc/samba3rpc.c
source4/torture/rpc/schannel.c
source4/torture/rpc/spoolss_notify.c
source4/torture/smb2/scan.c
source4/torture/smb2/util.c
source4/torture/unix/unix_info2.c
source4/torture/unix/whoami.c
source4/torture/util_smb.c
source4/utils/ntlm_auth.c

index 632c24fadb9c8604a0a04721693c97ff8d4cae6f..a5962b04bbf75d7a6b68e3b05f0c2840fa391f45 100644 (file)
@@ -83,7 +83,7 @@ enum debug_logtype {DEBUG_STDOUT = 0, DEBUG_FILE = 1, DEBUG_STDERR = 2};
 */
 _PUBLIC_ void dbghdr(int level, const char *location, const char *func);
 
-_PUBLIC_ void dbghdrclass(int level, int class, const char *location, const char *func);
+_PUBLIC_ void dbghdrclass(int level, int cls, const char *location, const char *func);
 
 /**
   reopen the log file (usually called because the log file name might have changed)
index e30102b4e1f4b4123a8928da2015cf9b55af41b0..bb0c18e13c8bfe5bf79777187e5e9181ea1ff54f 100644 (file)
@@ -120,7 +120,8 @@ static NTSTATUS $name\__op_ndr_pull(struct dcesrv_call_state *dce_call, TALLOC_C
         /* unravel the NDR for the packet */
        ndr_err = ndr_table_$name.calls[opnum].ndr_pull(pull, NDR_IN, *r);
        if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
-               dcerpc_log_packet(&ndr_table_$name, opnum, NDR_IN,
+               dcerpc_log_packet(dce_call->conn->packet_log_dir, 
+                                 &ndr_table_$name, opnum, NDR_IN,
                                  &dce_call->pkt.u.request.stub_and_verifier);
                dce_call->fault_code = DCERPC_FAULT_NDR;
                return NT_STATUS_NET_WRITE_FAULT;
@@ -144,7 +145,8 @@ pidl "
        }
 
        if (dce_call->fault_code != 0) {
-               dcerpc_log_packet(&ndr_table_$name, opnum, NDR_IN,
+               dcerpc_log_packet(dce_call->conn->packet_log_dir, 
+                         &ndr_table_$name, opnum, NDR_IN,
                                  &dce_call->pkt.u.request.stub_and_verifier);
                return NT_STATUS_NET_WRITE_FAULT;
        }
@@ -167,7 +169,8 @@ pidl "
        }
 
        if (dce_call->fault_code != 0) {
-               dcerpc_log_packet(&ndr_table_$name, opnum, NDR_IN,
+               dcerpc_log_packet(dce_call->conn->packet_log_dir,
+                         &ndr_table_$name, opnum, NDR_IN,
                                  &dce_call->pkt.u.request.stub_and_verifier);
                return NT_STATUS_NET_WRITE_FAULT;
        }
index 5d57383d2a853a3529ef4e16ceea4e90444d6778..20c88f86bc17bd424d3a2bd1ece001d710a5ac10 100644 (file)
@@ -477,7 +477,7 @@ const char **gensec_security_oids(struct gensec_security *gensec_security,
 */
 static NTSTATUS gensec_start(TALLOC_CTX *mem_ctx, 
                             struct event_context *ev,
-                            struct loadparm_context *lp_ctx,
+                            struct gensec_settings *settings,
                             struct messaging_context *msg,
                             struct gensec_security **gensec_security)
 {
@@ -501,7 +501,7 @@ static NTSTATUS gensec_start(TALLOC_CTX *mem_ctx,
 
        (*gensec_security)->event_ctx = ev;
        (*gensec_security)->msg_ctx = msg;
-       (*gensec_security)->lp_ctx = lp_ctx;
+       (*gensec_security)->settings = talloc_reference(*gensec_security, settings);
 
        return NT_STATUS_OK;
 }
@@ -529,7 +529,7 @@ _PUBLIC_ NTSTATUS gensec_subcontext_start(TALLOC_CTX *mem_ctx,
        (*gensec_security)->want_features = parent->want_features;
        (*gensec_security)->event_ctx = parent->event_ctx;
        (*gensec_security)->msg_ctx = parent->msg_ctx;
-       (*gensec_security)->lp_ctx = parent->lp_ctx;
+       (*gensec_security)->settings = talloc_reference(*gensec_security, parent->settings);
 
        return NT_STATUS_OK;
 }
@@ -543,11 +543,11 @@ _PUBLIC_ NTSTATUS gensec_subcontext_start(TALLOC_CTX *mem_ctx,
 _PUBLIC_ NTSTATUS gensec_client_start(TALLOC_CTX *mem_ctx, 
                             struct gensec_security **gensec_security,
                             struct event_context *ev,
-                            struct loadparm_context *lp_ctx)
+                            struct gensec_settings *settings)
 {
        NTSTATUS status;
 
-       status = gensec_start(mem_ctx, ev, lp_ctx, NULL, gensec_security);
+       status = gensec_start(mem_ctx, ev, settings, NULL, gensec_security);
        if (!NT_STATUS_IS_OK(status)) {
                return status;
        }
@@ -564,7 +564,7 @@ _PUBLIC_ NTSTATUS gensec_client_start(TALLOC_CTX *mem_ctx,
 */
 _PUBLIC_ NTSTATUS gensec_server_start(TALLOC_CTX *mem_ctx, 
                             struct event_context *ev,
-                            struct loadparm_context *lp_ctx,
+                            struct gensec_settings *settings,
                             struct messaging_context *msg,
                             struct gensec_security **gensec_security)
 {
@@ -580,7 +580,7 @@ _PUBLIC_ NTSTATUS gensec_server_start(TALLOC_CTX *mem_ctx,
                return NT_STATUS_INTERNAL_ERROR;
        }
 
-       status = gensec_start(mem_ctx, ev, lp_ctx, msg, gensec_security);
+       status = gensec_start(mem_ctx, ev, settings, msg, gensec_security);
        if (!NT_STATUS_IS_OK(status)) {
                return status;
        }
@@ -1107,9 +1107,8 @@ _PUBLIC_ NTSTATUS gensec_set_target_hostname(struct gensec_security *gensec_secu
 _PUBLIC_ const char *gensec_get_target_hostname(struct gensec_security *gensec_security) 
 {
        /* We allow the target hostname to be overriden for testing purposes */
-       const char *target_hostname = lp_parm_string(gensec_security->lp_ctx, NULL, "gensec", "target_hostname");
-       if (target_hostname) {
-               return target_hostname;
+       if (gensec_security->settings->target_hostname) {
+               return gensec_security->settings->target_hostname;
        }
 
        if (gensec_security->target.hostname) {
@@ -1255,6 +1254,16 @@ static int sort_gensec(struct gensec_security_ops **gs1, struct gensec_security_
        return (*gs2)->priority - (*gs1)->priority;
 }
 
+int gensec_setting_int(struct gensec_settings *settings, const char *mechanism, const char *name, int default_value)
+{
+       return lp_parm_int(settings->lp_ctx, NULL, mechanism, name, default_value);
+}
+
+bool gensec_setting_bool(struct gensec_settings *settings, const char *mechanism, const char *name, bool default_value)
+{
+       return lp_parm_bool(settings->lp_ctx, NULL, mechanism, name, default_value);
+}
+
 /*
   initialise the GENSEC subsystem
 */
index 0b31882ddd6865d95b4f2fc63018393ce5a3de2b..2a483171f73c9074b5f8ba385fc48b593d82fed0 100644 (file)
@@ -64,6 +64,7 @@ enum gensec_role
 
 struct auth_session_info;
 struct cli_credentials;
+struct gensec_settings;
 
 struct gensec_update_request {
        struct gensec_security *gensec_security;
@@ -77,6 +78,12 @@ struct gensec_update_request {
        } callback;
 };
 
+struct gensec_settings {
+       struct loadparm_context *lp_ctx;
+       struct smb_iconv_convenience *iconv_convenience;
+       const char *target_hostname;
+};
+
 struct gensec_security_ops {
        const char *name;
        const char *sasl_name;
@@ -151,7 +158,6 @@ struct gensec_security_ops_wrapper {
 
 struct gensec_security {
        const struct gensec_security_ops *ops;
-       struct loadparm_context *lp_ctx;
        void *private_data;
        struct cli_credentials *credentials;
        struct gensec_target target;
@@ -161,6 +167,7 @@ struct gensec_security {
        struct event_context *event_ctx;
        struct messaging_context *msg_ctx; /* only valid as server */
        struct socket_address *my_addr, *peer_addr;
+       struct gensec_settings *settings;
 };
 
 /* this structure is used by backends to determine the size of some critical types */
@@ -210,7 +217,7 @@ NTSTATUS gensec_subcontext_start(TALLOC_CTX *mem_ctx,
 NTSTATUS gensec_client_start(TALLOC_CTX *mem_ctx, 
                             struct gensec_security **gensec_security,
                             struct event_context *ev,
-                            struct loadparm_context *lp_ctx);
+                            struct gensec_settings *settings);
 NTSTATUS gensec_start_mech_by_sasl_list(struct gensec_security *gensec_security, 
                                                 const char **sasl_names);
 NTSTATUS gensec_update(struct gensec_security *gensec_security, TALLOC_CTX *out_mem_ctx, 
@@ -262,7 +269,7 @@ NTSTATUS gensec_start_mech_by_authtype(struct gensec_security *gensec_security,
 const char *gensec_get_name_by_authtype(uint8_t authtype);
 NTSTATUS gensec_server_start(TALLOC_CTX *mem_ctx, 
                             struct event_context *ev,
-                            struct loadparm_context *lp_ctx,
+                            struct gensec_settings *settings,
                             struct messaging_context *msg,
                             struct gensec_security **gensec_security);
 NTSTATUS gensec_session_info(struct gensec_security *gensec_security, 
@@ -295,5 +302,7 @@ struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx,
 NTSTATUS gensec_start_mech_by_sasl_name(struct gensec_security *gensec_security, 
                                        const char *sasl_name);
 
+int gensec_setting_int(struct gensec_settings *settings, const char *mechanism, const char *name, int default_value);
+bool gensec_setting_bool(struct gensec_settings *settings, const char *mechanism, const char *name, bool default_value);
 
 #endif /* __GENSEC_H__ */
index e307dbb5cb6913a5f7dd39bc28551c9bcfafae36..dcfffef3df6ee05414b9bdbb8ba7c15df46ea1e0 100644 (file)
@@ -154,7 +154,7 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
        
        gensec_gssapi_state->gss_exchange_count = 0;
        gensec_gssapi_state->max_wrap_buf_size
-               = lp_parm_int(gensec_security->lp_ctx, NULL, "gensec_gssapi", "max wrap buf size", 65536);
+               = gensec_setting_int(gensec_security->settings, "gensec_gssapi", "max wrap buf size", 65536);
                
        gensec_gssapi_state->sasl = false;
        gensec_gssapi_state->sasl_state = STAGE_GSS_NEG;
@@ -170,16 +170,16 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
        gensec_gssapi_state->input_chan_bindings = GSS_C_NO_CHANNEL_BINDINGS;
        
        gensec_gssapi_state->want_flags = 0;
-       if (lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec_gssapi", "mutual", true)) {
+       if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "mutual", true)) {
                gensec_gssapi_state->want_flags |= GSS_C_MUTUAL_FLAG;
        }
-       if (lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec_gssapi", "delegation", true)) {
+       if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "delegation", true)) {
                gensec_gssapi_state->want_flags |= GSS_C_DELEG_FLAG;
        }
-       if (lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec_gssapi", "replay", true)) {
+       if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "replay", true)) {
                gensec_gssapi_state->want_flags |= GSS_C_REPLAY_FLAG;
        }
-       if (lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec_gssapi", "sequence", true)) {
+       if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "sequence", true)) {
                gensec_gssapi_state->want_flags |= GSS_C_SEQUENCE_FLAG;
        }
 
@@ -214,10 +214,10 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
                talloc_free(gensec_gssapi_state);
                return NT_STATUS_INTERNAL_ERROR;
        }
-       if (lp_realm(gensec_security->lp_ctx) && *lp_realm(gensec_security->lp_ctx)) {
-               char *upper_realm = strupper_talloc(gensec_gssapi_state, lp_realm(gensec_security->lp_ctx));
+       if (lp_realm(gensec_security->settings->lp_ctx) && *lp_realm(gensec_security->settings->lp_ctx)) {
+               char *upper_realm = strupper_talloc(gensec_gssapi_state, lp_realm(gensec_security->settings->lp_ctx));
                if (!upper_realm) {
-                       DEBUG(1,("gensec_krb5_start: could not uppercase realm: %s\n", lp_realm(gensec_security->lp_ctx)));
+                       DEBUG(1,("gensec_krb5_start: could not uppercase realm: %s\n", lp_realm(gensec_security->settings->lp_ctx)));
                        talloc_free(gensec_gssapi_state);
                        return NT_STATUS_NO_MEMORY;
                }
@@ -231,7 +231,7 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
        }
 
        /* don't do DNS lookups of any kind, it might/will fail for a netbios name */
-       ret = gsskrb5_set_dns_canonicalize(lp_parm_bool(gensec_security->lp_ctx, NULL, "krb5", "set_dns_canonicalize", false));
+       ret = gsskrb5_set_dns_canonicalize(gensec_setting_bool(gensec_security->settings, "krb5", "set_dns_canonicalize", false));
        if (ret) {
                DEBUG(1,("gensec_krb5_start: gsskrb5_set_dns_canonicalize failed\n"));
                talloc_free(gensec_gssapi_state);
@@ -240,7 +240,7 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
 
        ret = smb_krb5_init_context(gensec_gssapi_state, 
                                    gensec_security->event_ctx,
-                                   gensec_security->lp_ctx,
+                                   gensec_security->settings->lp_ctx,
                                    &gensec_gssapi_state->smb_krb5_context);
        if (ret) {
                DEBUG(1,("gensec_krb5_start: krb5_init_context failed (%s)\n",
@@ -274,7 +274,7 @@ static NTSTATUS gensec_gssapi_server_start(struct gensec_security *gensec_securi
        } else {
                ret = cli_credentials_get_server_gss_creds(machine_account, 
                                                           gensec_security->event_ctx, 
-                                                          gensec_security->lp_ctx, &gcc);
+                                                          gensec_security->settings->lp_ctx, &gcc);
                if (ret) {
                        DEBUG(1, ("Aquiring acceptor credentials failed: %s\n", 
                                  error_message(ret)));
@@ -336,7 +336,7 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
        gensec_gssapi_state->gss_oid = gss_mech_krb5;
 
        principal = gensec_get_target_principal(gensec_security);
-       if (principal && lp_client_use_spnego_principal(gensec_security->lp_ctx)) {
+       if (principal && lp_client_use_spnego_principal(gensec_security->settings->lp_ctx)) {
                name_type = GSS_C_NULL_OID;
        } else {
                principal = talloc_asprintf(gensec_gssapi_state, "%s@%s", 
@@ -362,7 +362,7 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
 
        ret = cli_credentials_get_client_gss_creds(creds, 
                                                   gensec_security->event_ctx, 
-                                                  gensec_security->lp_ctx, &gcc);
+                                                  gensec_security->settings->lp_ctx, &gcc);
        switch (ret) {
        case 0:
                break;
@@ -1142,10 +1142,10 @@ static bool gensec_gssapi_have_feature(struct gensec_security *gensec_security,
                        return false;
                }
 
-               if (lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec_gssapi", "force_new_spnego", false)) {
+               if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "force_new_spnego", false)) {
                        return true;
                }
-               if (lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec_gssapi", "disable_new_spnego", false)) {
+               if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "disable_new_spnego", false)) {
                        return false;
                }
 
@@ -1256,7 +1256,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
         */
        if (pac_blob.length) {
                nt_status = kerberos_pac_blob_to_server_info(mem_ctx, 
-                                                            lp_iconv_convenience(gensec_security->lp_ctx),
+                                                            gensec_security->settings->iconv_convenience,
                                                             pac_blob, 
                                                             gensec_gssapi_state->smb_krb5_context->krb5_context,
                                                             &server_info);
@@ -1290,11 +1290,11 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
                        return NT_STATUS_NO_MEMORY;
                }
 
-               if (!lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec", "require_pac", false)) {
+               if (!gensec_setting_bool(gensec_security->settings, "gensec", "require_pac", false)) {
                        DEBUG(1, ("Unable to find PAC, resorting to local user lookup: %s\n",
                                  gssapi_error_string(mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid)));
                        nt_status = sam_get_server_info_principal(mem_ctx, gensec_security->event_ctx, 
-                                                                 gensec_security->lp_ctx, principal_string,
+                                                                 gensec_security->settings->lp_ctx, principal_string,
                                                                  &server_info);
                        
                        if (!NT_STATUS_IS_OK(nt_status)) {
@@ -1311,7 +1311,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
 
        /* references the server_info into the session_info */
        nt_status = auth_generate_session_info(mem_ctx, gensec_security->event_ctx, 
-                                              gensec_security->lp_ctx, server_info, &session_info);
+                                              gensec_security->settings->lp_ctx, server_info, &session_info);
        if (!NT_STATUS_IS_OK(nt_status)) {
                talloc_free(mem_ctx);
                return nt_status;
@@ -1334,13 +1334,13 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
                        return NT_STATUS_NO_MEMORY;
                }
 
-               cli_credentials_set_conf(session_info->credentials, gensec_security->lp_ctx);
+               cli_credentials_set_conf(session_info->credentials, gensec_security->settings->lp_ctx);
                /* Just so we don't segfault trying to get at a username */
                cli_credentials_set_anonymous(session_info->credentials);
                
                ret = cli_credentials_set_client_gss_creds(session_info->credentials, 
                                                           gensec_security->event_ctx,
-                                                          gensec_security->lp_ctx, 
+                                                          gensec_security->settings->lp_ctx, 
                                                           gensec_gssapi_state->delegated_cred_handle,
                                                           CRED_SPECIFIED);
                if (ret) {
index 1f54043038441025893806ca7c8e1905aef6f9b3..16867366a4890d08959bdf0cc5ed19e6941dbd64 100644 (file)
@@ -120,7 +120,7 @@ static NTSTATUS gensec_krb5_start(struct gensec_security *gensec_security)
 
        if (cli_credentials_get_krb5_context(creds, 
                                             gensec_security->event_ctx, 
-                                            gensec_security->lp_ctx, &gensec_krb5_state->smb_krb5_context)) {
+                                            gensec_security->settings->lp_ctx, &gensec_krb5_state->smb_krb5_context)) {
                talloc_free(gensec_krb5_state);
                return NT_STATUS_INTERNAL_ERROR;
        }
@@ -252,7 +252,7 @@ static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security
 
        ret = cli_credentials_get_ccache(gensec_get_credentials(gensec_security), 
                                         gensec_security->event_ctx, 
-                                        gensec_security->lp_ctx, &ccache_container);
+                                        gensec_security->settings->lp_ctx, &ccache_container);
        switch (ret) {
        case 0:
                break;
@@ -267,7 +267,7 @@ static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security
        }
        in_data.length = 0;
        
-       if (principal && lp_client_use_spnego_principal(gensec_security->lp_ctx)) {
+       if (principal && lp_client_use_spnego_principal(gensec_security->settings->lp_ctx)) {
                krb5_principal target_principal;
                ret = krb5_parse_name(gensec_krb5_state->smb_krb5_context->krb5_context, principal,
                                      &target_principal);
@@ -452,7 +452,7 @@ static NTSTATUS gensec_krb5_update(struct gensec_security *gensec_security,
                /* Grab the keytab, however generated */
                ret = cli_credentials_get_keytab(gensec_get_credentials(gensec_security), 
                                                 gensec_security->event_ctx, 
-                                                gensec_security->lp_ctx, &keytab);
+                                                gensec_security->settings->lp_ctx, &keytab);
                if (ret) {
                        return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
                }
@@ -594,7 +594,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
                                                      KRB5_AUTHDATA_WIN2K_PAC, 
                                                      &pac_data);
        
-       if (ret && lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec", "require_pac", false)) {
+       if (ret && gensec_setting_bool(gensec_security->settings, "gensec", "require_pac", false)) {
                DEBUG(1, ("Unable to find PAC in ticket from %s, failing to allow access: %s \n",
                          principal_string,
                          smb_get_krb5_error_message(context, 
@@ -607,7 +607,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
                DEBUG(5, ("krb5_ticket_get_authorization_data_type failed to find PAC: %s\n", 
                          smb_get_krb5_error_message(context, 
                                                     ret, mem_ctx)));
-               nt_status = sam_get_server_info_principal(mem_ctx, gensec_security->event_ctx, gensec_security->lp_ctx, principal_string,
+               nt_status = sam_get_server_info_principal(mem_ctx, gensec_security->event_ctx, gensec_security->settings->lp_ctx, principal_string,
                                                          &server_info);
                krb5_free_principal(context, client_principal);
                free(principal_string);
@@ -630,7 +630,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
 
                /* decode and verify the pac */
                nt_status = kerberos_pac_logon_info(gensec_krb5_state, 
-                                                   lp_iconv_convenience(gensec_security->lp_ctx),
+                                                   gensec_security->settings->iconv_convenience,
                                                    &logon_info, pac,
                                                    gensec_krb5_state->smb_krb5_context->krb5_context,
                                                    NULL, gensec_krb5_state->keyblock,
@@ -655,7 +655,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
        }
 
        /* references the server_info into the session_info */
-       nt_status = auth_generate_session_info(mem_ctx, gensec_security->event_ctx, gensec_security->lp_ctx, server_info, &session_info);
+       nt_status = auth_generate_session_info(mem_ctx, gensec_security->event_ctx, gensec_security->settings->lp_ctx, server_info, &session_info);
 
        if (!NT_STATUS_IS_OK(nt_status)) {
                talloc_free(mem_ctx);
index f21202b86f5486e46a94898adf518d73ba90ae2d..e6d38c14a371ee4bae1ee0448545191236b4f26c 100644 (file)
@@ -85,7 +85,7 @@ static NTSTATUS schannel_update(struct gensec_security *gensec_security, TALLOC_
 #endif
                
                ndr_err = ndr_push_struct_blob(out, out_mem_ctx, 
-                                              lp_iconv_convenience(gensec_security->lp_ctx), &bind_schannel,
+                                              gensec_security->settings->iconv_convenience, &bind_schannel,
                                               (ndr_push_flags_fn_t)ndr_push_schannel_bind);
                if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
                        status = ndr_map_error2ntstatus(ndr_err);
@@ -106,7 +106,7 @@ static NTSTATUS schannel_update(struct gensec_security *gensec_security, TALLOC_
                
                /* parse the schannel startup blob */
                ndr_err = ndr_pull_struct_blob(&in, out_mem_ctx,
-                       lp_iconv_convenience(gensec_security->lp_ctx),
+                       gensec_security->settings->iconv_convenience,
                        &bind_schannel, 
                        (ndr_pull_flags_fn_t)ndr_pull_schannel_bind);
                if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
@@ -126,7 +126,7 @@ static NTSTATUS schannel_update(struct gensec_security *gensec_security, TALLOC_
                
                /* pull the session key for this client */
                status = schannel_fetch_session_key(out_mem_ctx, gensec_security->event_ctx, 
-                                                   gensec_security->lp_ctx, workstation, 
+                                                   gensec_security->settings->lp_ctx, workstation, 
                                                    domain, &creds);
                if (!NT_STATUS_IS_OK(status)) {
                        DEBUG(3, ("Could not find session key for attempted schannel connection from %s: %s\n",
@@ -144,7 +144,7 @@ static NTSTATUS schannel_update(struct gensec_security *gensec_security, TALLOC_
                bind_schannel_ack.unknown3 = 0x6c0000;
                
                ndr_err = ndr_push_struct_blob(out, out_mem_ctx, 
-                                              lp_iconv_convenience(gensec_security->lp_ctx), &bind_schannel_ack,
+                                              gensec_security->settings->iconv_convenience, &bind_schannel_ack,
                                               (ndr_push_flags_fn_t)ndr_push_schannel_bind_ack);
                if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
                        status = ndr_map_error2ntstatus(ndr_err);
@@ -190,7 +190,7 @@ static NTSTATUS schannel_session_info(struct gensec_security *gensec_security,
                                         struct auth_session_info **_session_info) 
 {
        struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state);
-       return auth_anonymous_session_info(state, gensec_security->event_ctx, gensec_security->lp_ctx, _session_info);
+       return auth_anonymous_session_info(state, gensec_security->event_ctx, gensec_security->settings->lp_ctx, _session_info);
 }
 
 static NTSTATUS schannel_start(struct gensec_security *gensec_security)
index 90b542c4c46553c8a0d19b7791c6099ae50bc8d8..06db904130504379661a19ca8fc18390c3c22cd1 100644 (file)
@@ -250,14 +250,10 @@ krb5_error_code smb_krb5_send_and_recv_func(krb5_context context,
                status = NT_STATUS_INVALID_PARAMETER;
                switch (hi->proto) {
                case KRB5_KRBHST_UDP:
-                       if (lp_parm_bool(global_loadparm, NULL, "krb5", "udp", true)) {
-                               status = socket_create(name, SOCKET_TYPE_DGRAM, &smb_krb5->sock, 0);
-                       }
+                       status = socket_create(name, SOCKET_TYPE_DGRAM, &smb_krb5->sock, 0);
                        break;
                case KRB5_KRBHST_TCP:
-                       if (lp_parm_bool(global_loadparm, NULL, "krb5", "tcp", true)) {
-                               status = socket_create(name, SOCKET_TYPE_STREAM, &smb_krb5->sock, 0);
-                       }
+                       status = socket_create(name, SOCKET_TYPE_STREAM, &smb_krb5->sock, 0);
                        break;
                case KRB5_KRBHST_HTTP:
                        talloc_free(smb_krb5);
index 0b1e091eeac2196f35ac47b387c6ce54b130d850..2af0cc8a00baa96619706902482eba5ef98ebccd 100644 (file)
@@ -66,6 +66,7 @@ static NTSTATUS server_get_challenge(struct auth_method_context *ctx, TALLOC_CTX
                return NT_STATUS_INTERNAL_ERROR;
        }
        io.in.dest_ports = lp_smb_ports(ctx->auth_ctx->lp_ctx); 
+       io.in.socket_options = lp_socket_options(ctx->auth_ctx->lp_ctx);
 
        io.in.called_name = strupper_talloc(mem_ctx, io.in.dest_host);
 
@@ -145,6 +146,7 @@ static NTSTATUS server_check_password(struct auth_method_context *ctx,
 
        session_setup.in.credentials = creds;
        session_setup.in.workgroup = ""; /* Only used with SPNEGO, which we are not doing */
+       session_setup.in.gensec_settings = lp_gensec_settings(session, ctx->auth_ctx->lp_ctx);
 
        /* Check password with remove server - this should be async some day */
        nt_status = smb_composite_sesssetup(session, &session_setup);
index 31da9fc9270d2e77eed08ff0055d4b927a2ea3be..e28d8462d456d4492e7c5b3be6c7381f818bd4da 100644 (file)
@@ -192,7 +192,7 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
        if (gensec_ntlmssp_state->use_nt_response) {
                flags |= CLI_CRED_NTLM_AUTH;
        }
-       if (lp_client_lanman_auth(gensec_security->lp_ctx)) {
+       if (lp_client_lanman_auth(gensec_security->settings->lp_ctx)) {
                flags |= CLI_CRED_LANMAN_AUTH;
        }
 
@@ -217,7 +217,7 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
        }
        
        if ((gensec_ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) 
-           && lp_client_lanman_auth(gensec_security->lp_ctx) && lm_session_key.length == 16) {
+           && lp_client_lanman_auth(gensec_security->settings->lp_ctx) && lm_session_key.length == 16) {
                DATA_BLOB new_session_key = data_blob_talloc(mem_ctx, NULL, 16);
                if (lm_response.length == 24) {
                        SMBsesskeygen_lm_sess_key(lm_session_key.data, lm_response.data, 
@@ -308,17 +308,17 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security)
 
        gensec_ntlmssp_state->role = NTLMSSP_CLIENT;
 
-       gensec_ntlmssp_state->domain = lp_workgroup(gensec_security->lp_ctx);
+       gensec_ntlmssp_state->domain = lp_workgroup(gensec_security->settings->lp_ctx);
 
-       gensec_ntlmssp_state->unicode = lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "unicode", true);
+       gensec_ntlmssp_state->unicode = gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "unicode", true);
 
-       gensec_ntlmssp_state->use_nt_response = lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "send_nt_reponse", true);
+       gensec_ntlmssp_state->use_nt_response = gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "send_nt_reponse", true);
 
-       gensec_ntlmssp_state->allow_lm_key = (lp_client_lanman_auth(gensec_security->lp_ctx) 
-                                             && (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "allow_lm_key", false)
-                                                 || lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "lm_key", false)));
+       gensec_ntlmssp_state->allow_lm_key = (lp_client_lanman_auth(gensec_security->settings->lp_ctx) 
+                                             && (gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "allow_lm_key", false)
+                                                 || gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "lm_key", false)));
 
-       gensec_ntlmssp_state->use_ntlmv2 = lp_client_ntlmv2_auth(gensec_security->lp_ctx);
+       gensec_ntlmssp_state->use_ntlmv2 = lp_client_ntlmv2_auth(gensec_security->settings->lp_ctx);
 
        gensec_ntlmssp_state->expected_state = NTLMSSP_INITIAL;
 
@@ -326,27 +326,27 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security)
                NTLMSSP_NEGOTIATE_NTLM |
                NTLMSSP_REQUEST_TARGET;
 
-       if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "128bit", true)) {
+       if (gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "128bit", true)) {
                gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_128;               
        }
 
-       if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "56bit", false)) {
+       if (gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "56bit", false)) {
                gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_56;                
        }
 
-       if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "lm_key", false)) {
+       if (gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "lm_key", false)) {
                gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_LM_KEY;
        }
 
-       if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "keyexchange", true)) {
+       if (gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "keyexchange", true)) {
                gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_KEY_EXCH;          
        }
 
-       if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "alwayssign", true)) {
+       if (gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "alwayssign", true)) {
                gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;               
        }
 
-       if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_client", "ntlm2", true)) {
+       if (gensec_setting_bool(gensec_security->settings, "ntlmssp_client", "ntlm2", true)) {
                gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2;             
        } else {
                /* apparently we can't do ntlmv2 if we don't do ntlm2 */
index cb336d5b463870dd345f8dc21bca049886c3996a..37cc5f318ff5278036b57b5143baf23f1b6cbef3 100644 (file)
@@ -186,7 +186,7 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security,
 
                /* Find out the DNS domain name */
                dnsdomname[0] = '\0';
-               safe_strcpy(dnsdomname, lp_realm(gensec_security->lp_ctx), sizeof(dnsdomname) - 1);
+               safe_strcpy(dnsdomname, lp_realm(gensec_security->settings->lp_ctx), sizeof(dnsdomname) - 1);
                strlower_m(dnsdomname);
 
                /* Find out the DNS host name */
@@ -722,7 +722,7 @@ NTSTATUS gensec_ntlmssp_session_info(struct gensec_security *gensec_security,
        NTSTATUS nt_status;
        struct gensec_ntlmssp_state *gensec_ntlmssp_state = (struct gensec_ntlmssp_state *)gensec_security->private_data;
 
-       nt_status = auth_generate_session_info(gensec_ntlmssp_state, gensec_security->event_ctx, gensec_security->lp_ctx, gensec_ntlmssp_state->server_info, session_info);
+       nt_status = auth_generate_session_info(gensec_ntlmssp_state, gensec_security->event_ctx, gensec_security->settings->lp_ctx, gensec_ntlmssp_state->server_info, session_info);
        NT_STATUS_NOT_OK_RETURN(nt_status);
 
        (*session_info)->session_key = data_blob_talloc(*session_info, 
@@ -749,14 +749,14 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security)
        gensec_ntlmssp_state->role = NTLMSSP_SERVER;
 
        gensec_ntlmssp_state->workstation = NULL;
-       gensec_ntlmssp_state->server_name = lp_netbios_name(gensec_security->lp_ctx);
+       gensec_ntlmssp_state->server_name = lp_netbios_name(gensec_security->settings->lp_ctx);
 
-       gensec_ntlmssp_state->domain = lp_workgroup(gensec_security->lp_ctx);
+       gensec_ntlmssp_state->domain = lp_workgroup(gensec_security->settings->lp_ctx);
 
        gensec_ntlmssp_state->expected_state = NTLMSSP_NEGOTIATE;
 
-       gensec_ntlmssp_state->allow_lm_key = (lp_lanman_auth(gensec_security->lp_ctx) 
-                                         && lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_server", "allow_lm_key", false));
+       gensec_ntlmssp_state->allow_lm_key = (lp_lanman_auth(gensec_security->settings->lp_ctx) 
+                                         && gensec_setting_bool(gensec_security->settings, "ntlmssp_server", "allow_lm_key", false));
 
        gensec_ntlmssp_state->server_multiple_authentications = false;
        
@@ -767,23 +767,23 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security)
        gensec_ntlmssp_state->nt_resp = data_blob(NULL, 0);
        gensec_ntlmssp_state->encrypted_session_key = data_blob(NULL, 0);
 
-       if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_server", "128bit", true)) {
+       if (gensec_setting_bool(gensec_security->settings, "ntlmssp_server", "128bit", true)) {
                gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_128;               
        }
 
-       if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_server", "56bit", true)) {
+       if (gensec_setting_bool(gensec_security->settings, "ntlmssp_server", "56bit", true)) {
                gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_56;                
        }
 
-       if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_server", "keyexchange", true)) {
+       if (gensec_setting_bool(gensec_security->settings, "ntlmssp_server", "keyexchange", true)) {
                gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_KEY_EXCH;          
        }
 
-       if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_server", "alwayssign", true)) {
+       if (gensec_setting_bool(gensec_security->settings, "ntlmssp_server", "alwayssign", true)) {
                gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;               
        }
 
-       if (lp_parm_bool(gensec_security->lp_ctx, NULL, "ntlmssp_server", "ntlm2", true)) {
+       if (gensec_setting_bool(gensec_security->settings, "ntlmssp_server", "ntlm2", true)) {
                gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2;             
        }
 
@@ -797,7 +797,7 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security)
        nt_status = auth_context_create(gensec_ntlmssp_state, 
                                        gensec_security->event_ctx,
                                        gensec_security->msg_ctx,
-                                       gensec_security->lp_ctx,
+                                       gensec_security->settings->lp_ctx,
                                        &gensec_ntlmssp_state->auth_context);
        NT_STATUS_NOT_OK_RETURN(nt_status);
 
@@ -805,7 +805,7 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security)
        gensec_ntlmssp_state->may_set_challenge = auth_ntlmssp_may_set_challenge;
        gensec_ntlmssp_state->set_challenge = auth_ntlmssp_set_challenge;
        gensec_ntlmssp_state->check_password = auth_ntlmssp_check_password;
-       gensec_ntlmssp_state->server_role = lp_server_role(gensec_security->lp_ctx);
+       gensec_ntlmssp_state->server_role = lp_server_role(gensec_security->settings->lp_ctx);
 
        return NT_STATUS_OK;
 }
index 4255a6432a1fa6a16ea1c7352cc1d5cb7e30afc6..f6a998ae0f1f50b7c87cc57b7402c243aa4dfaf3 100644 (file)
@@ -447,7 +447,8 @@ NTSTATUS sam_get_server_info_principal(TALLOC_CTX *mem_ctx,
                return NT_STATUS_NO_MEMORY;
        }
 
-       sam_ctx = samdb_connect(tmp_ctx, event_ctx, lp_ctx, system_session(tmp_ctx, lp_ctx));
+       sam_ctx = samdb_connect(tmp_ctx, event_ctx, lp_ctx, 
+                               system_session(tmp_ctx, lp_ctx));
        if (sam_ctx == NULL) {
                talloc_free(tmp_ctx);
                return NT_STATUS_INVALID_SYSTEM_SERVICE;
@@ -459,7 +460,8 @@ NTSTATUS sam_get_server_info_principal(TALLOC_CTX *mem_ctx,
                return nt_status;
        }
 
-       nt_status = authsam_make_server_info(tmp_ctx, sam_ctx, lp_netbios_name(lp_ctx),
+       nt_status = authsam_make_server_info(tmp_ctx, sam_ctx, 
+                                            lp_netbios_name(lp_ctx),
                                             msgs[0], msgs_domain_ref[0],
                                             user_sess_key, lm_sess_key,
                                             server_info);
index 1d227fe46822fffd3363a510156a29984aa0b2fe..07b006064382e9b6345ec920f6775223ba6cf11e 100644 (file)
@@ -234,6 +234,7 @@ NTSTATUS auth_system_server_info(TALLOC_CTX *mem_ctx, const char *netbios_name,
                                 struct auth_serversupplied_info **_server_info) 
 {
        struct auth_serversupplied_info *server_info;
+
        server_info = talloc(mem_ctx, struct auth_serversupplied_info);
        NT_STATUS_HAVE_NO_MEMORY(server_info);
 
index 6d35dc6b8289bd1e20feebfd136fa8c61968d743..3e0ab7af78263820b3d8872df3700ebccc0b9571 100644 (file)
@@ -358,6 +358,7 @@ static struct dd_iohandle * open_file(struct resolve_context *resolve_ctx,
                                      struct event_context *ev,
                                      const char * which, const char **ports,
                                      struct smbcli_options *smb_options,
+                                     const char *socket_options,
                                      struct smbcli_session_options *smb_session_options,
                                      struct smb_iconv_convenience *iconv_convenience)
 {
@@ -381,6 +382,7 @@ static struct dd_iohandle * open_file(struct resolve_context *resolve_ctx,
                path = check_arg_pathname("if");
                handle = dd_open_path(resolve_ctx, ev, path, ports,
                                      check_arg_numeric("ibs"), options,
+                                     socket_options,
                                      smb_options, smb_session_options,
                                      iconv_convenience);
        } else if (strcmp(which, "of") == 0) {
@@ -388,6 +390,7 @@ static struct dd_iohandle * open_file(struct resolve_context *resolve_ctx,
                path = check_arg_pathname("of");
                handle = dd_open_path(resolve_ctx, ev, path, ports,
                                      check_arg_numeric("obs"), options,
+                                     socket_options,
                                      smb_options, smb_session_options,
                                      iconv_convenience);
        } else {
@@ -443,12 +446,14 @@ static int copy_files(struct event_context *ev, struct loadparm_context *lp_ctx)
 
        if (!(ifile = open_file(lp_resolve_context(lp_ctx), ev, "if",
                                lp_smb_ports(lp_ctx), &options,
+                               lp_socket_options(lp_ctx),
                                &session_options, lp_iconv_convenience(lp_ctx)))) {
                return(FILESYS_EXIT_CODE);
        }
 
        if (!(ofile = open_file(lp_resolve_context(lp_ctx), ev, "of",
                                lp_smb_ports(lp_ctx), &options,
+                               lp_socket_options(lp_ctx),
                                &session_options,
                                lp_iconv_convenience(lp_ctx)))) {
                return(FILESYS_EXIT_CODE);
index bb851fa24864c9213c054757890fab37604ac305..cfc37cad54c80c811eddd377af26994609d68cde 100644 (file)
@@ -97,6 +97,7 @@ struct dd_iohandle * dd_open_path(struct resolve_context *resolve_ctx,
                                  const char * path,
                                  const char **ports,
                                uint64_t io_size, int options, 
+                               const char *socket_options,
                                struct smbcli_options *smb_options,
                                struct smbcli_session_options *smb_session_options,
                                struct smb_iconv_convenience *iconv_convenience);
index 3c9e0c22022915b457f13a291f62c2a10d4a6846..49c32a37dc0fa4dee6bb3b08cd3b439781d9c8b8 100644 (file)
@@ -225,6 +225,7 @@ static struct smbcli_state * init_smb_session(struct resolve_context *resolve_ct
                                              const char * host,
                                              const char **ports,
                                              const char * share,
+                                             const char *socket_options,
                                              struct smbcli_options *options,
                                              struct smbcli_session_options *session_options,
                                              struct smb_iconv_convenience *iconv_convenience)
@@ -237,6 +238,7 @@ static struct smbcli_state * init_smb_session(struct resolve_context *resolve_ct
         */
        ret = smbcli_full_connection(NULL, &cli, host, ports, share,
                                     NULL /* devtype */,
+                                    socket_options,
                                     cmdline_credentials, resolve_ctx,
                                     ev, options,
                                     session_options,
@@ -306,6 +308,7 @@ static struct dd_iohandle * open_cifs_handle(struct resolve_context *resolve_ctx
                                        const char * path,
                                        uint64_t io_size,
                                        int options,
+                                       const char *socket_options,
                                        struct smbcli_options *smb_options,
                                        struct smbcli_session_options *smb_session_options,
                                        struct smb_iconv_convenience *iconv_convenience)
@@ -329,6 +332,7 @@ static struct dd_iohandle * open_cifs_handle(struct resolve_context *resolve_ctx
        smbh->h.io_seek = smb_seek_func;
 
        if ((smbh->cli = init_smb_session(resolve_ctx, ev, host, ports, share,
+                                         socket_options,
                                          smb_options, smb_session_options,
                                          iconv_convenience)) == NULL) {
                return(NULL);
@@ -351,6 +355,7 @@ struct dd_iohandle * dd_open_path(struct resolve_context *resolve_ctx,
                                  const char **ports,
                                uint64_t io_size,
                                int options,
+                               const char *socket_options,
                                struct smbcli_options *smb_options,
                                struct smbcli_session_options *smb_session_options,
                                struct smb_iconv_convenience *iconv_convenience)
@@ -370,7 +375,8 @@ struct dd_iohandle * dd_open_path(struct resolve_context *resolve_ctx,
 
                        return(open_cifs_handle(resolve_ctx, ev, host, ports,
                                                share, remain,
-                                               io_size, options, smb_options,
+                                               io_size, options, 
+                                               socket_options, smb_options,
                                                smb_session_options,
                                                iconv_convenience));
                }
index 8936a3cf2ff5cf6537e8ddf725ada58ac541ee6d..5066df1f544b92b1cca466bb31a129bfe335389d 100644 (file)
@@ -3045,6 +3045,7 @@ static bool do_connect(struct smbclient_context *ctx,
                       struct resolve_context *resolve_ctx,
                       const char *specified_server, const char **ports, 
                       const char *specified_share, 
+                          const char *socket_options,
                       struct cli_credentials *cred, 
                       struct smbcli_options *options,
                       struct smbcli_session_options *session_options,
@@ -3066,7 +3067,9 @@ static bool do_connect(struct smbclient_context *ctx,
        ctx->remote_cur_dir = talloc_strdup(ctx, "\\");
        
        status = smbcli_full_connection(ctx, &ctx->cli, server, ports,
-                                       share, NULL, cred, resolve_ctx, 
+                                       share, NULL, 
+                                       socket_options,
+                                       cred, resolve_ctx, 
                                        ev_ctx, options, session_options,
                                        iconv_convenience);
        if (!NT_STATUS_IS_OK(status)) {
@@ -3279,6 +3282,7 @@ static int do_message_op(const char *netbios_name, const char *desthost,
        
        if (!do_connect(ctx, ev_ctx, lp_resolve_context(cmdline_lp_ctx),
                        desthost, lp_smb_ports(cmdline_lp_ctx), service,
+                       lp_socket_options(cmdline_lp_ctx),
                        cmdline_credentials, &smb_options, &smb_session_options,
                        lp_iconv_convenience(cmdline_lp_ctx)))
                return 1;
index f5d92cd3c591741e66d558cda1acf3bcf7f707b0..2fa07d0531c4ba7231528faf41652a30b6b417d8 100644 (file)
@@ -483,7 +483,9 @@ bool kpasswdd_process(struct kdc_server *kdc,
        ap_req = data_blob_const(&input->data[header_len], ap_req_len);
        krb_priv_req = data_blob_const(&input->data[header_len + ap_req_len], krb_priv_len);
        
-       nt_status = gensec_server_start(tmp_ctx, kdc->task->event_ctx, kdc->task->lp_ctx, kdc->task->msg_ctx, &gensec_security);
+       nt_status = gensec_server_start(tmp_ctx, kdc->task->event_ctx, 
+                                       lp_gensec_settings(tmp_ctx, kdc->task->lp_ctx), kdc->task->msg_ctx, 
+                                       &gensec_security);
        if (!NT_STATUS_IS_OK(nt_status)) {
                talloc_free(tmp_ctx);
                return false;
index 20777e526195b353586308d58af78e1185e0a40d..0fe6fcce908766b44f80b018f4372b1189bfe03f 100644 (file)
@@ -142,7 +142,7 @@ static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call)
 
                status = gensec_server_start(conn,
                                             conn->connection->event.ctx,
-                                            conn->lp_ctx,
+                                            lp_gensec_settings(conn, conn->lp_ctx),
                                             conn->connection->msg_ctx,
                                             &conn->gensec);
                if (!NT_STATUS_IS_OK(status)) {
index 0c3d0320685da9cf151bd27db6d27fc9e3d618c2..eff2c0a74354e6ccf12ee32d6b72ed465628c052 100644 (file)
@@ -70,7 +70,7 @@ _PUBLIC_ NTSTATUS socket_create_with_ops(TALLOC_CTX *mem_ctx, const struct socke
 
        if (!(flags & SOCKET_FLAG_BLOCK) &&
            type == SOCKET_TYPE_STREAM &&
-           lp_parm_bool(global_loadparm, NULL, "socket", "testnonblock", false)) {
+               lp_parm_bool(global_loadparm, NULL, "socket", "testnonblock", false)) {
                (*new_sock)->flags |= SOCKET_FLAG_TESTNONBLOCK;
        }
 
index 4baa0cfbb1101e1ea75247f31cbd1b462b3798b4..ec3afe8f7fc978512e283ef82904d3f59b484cba 100644 (file)
@@ -208,4 +208,6 @@ NTSTATUS socket_connect_multi(TALLOC_CTX *mem_ctx, const char *server_address,
 void set_socket_options(int fd, const char *options);
 void socket_set_flags(struct socket_context *socket, unsigned flags);
 
+extern bool testnonblock;
+
 #endif /* _SAMBA_SOCKET_H */
index 6f58cfa8a79fbd3983e271db33963ff21a17b052..402387f5b5fbd6ac4b6a553b7956e69145a8de58 100644 (file)
@@ -73,7 +73,8 @@ NTSTATUS smbcli_negprot(struct smbcli_state *cli, bool unicode, int maxprotocol)
 NTSTATUS smbcli_session_setup(struct smbcli_state *cli, 
                              struct cli_credentials *credentials,
                              const char *workgroup,
-                             struct smbcli_session_options options)
+                             struct smbcli_session_options options,
+                             struct gensec_settings *gensec_settings)
 {
        struct smb_composite_sesssetup setup;
        NTSTATUS status;
@@ -86,6 +87,7 @@ NTSTATUS smbcli_session_setup(struct smbcli_state *cli,
        setup.in.capabilities = cli->transport->negotiate.capabilities;
        setup.in.credentials = credentials;
        setup.in.workgroup = workgroup;
+       setup.in.gensec_settings = gensec_settings;
 
        status = smb_composite_sesssetup(cli->session, &setup);
 
@@ -146,6 +148,7 @@ NTSTATUS smbcli_full_connection(TALLOC_CTX *parent_ctx,
                                const char **ports,
                                const char *sharename,
                                const char *devtype,
+                               const char *socket_options,
                                struct cli_credentials *credentials,
                                struct resolve_context *resolve_ctx,
                                struct event_context *ev,
@@ -161,6 +164,7 @@ NTSTATUS smbcli_full_connection(TALLOC_CTX *parent_ctx,
        status = smbcli_tree_full_connection(parent_ctx,
                                             &tree, host, ports, 
                                             sharename, devtype,
+                                                socket_options,
                                             credentials, resolve_ctx, ev,
                                             options,
                                             session_options,
index b66232c02e55356cdad32dcba285516e6e7ae5d4..a12f7652a55fa31803f4f494dd07934bc9cfa1ca 100644 (file)
@@ -224,7 +224,8 @@ _PUBLIC_ NTSTATUS ldap_bind_sasl(struct ldap_connection *conn,
        gensec_init(lp_ctx);
 
        status = gensec_client_start(conn, &conn->gensec,
-                                    conn->event.event_ctx, lp_ctx);
+                                    conn->event.event_ctx, 
+                                    lp_gensec_settings(conn, lp_ctx));
        if (!NT_STATUS_IS_OK(status)) {
                DEBUG(0, ("Failed to start GENSEC engine (%s)\n", nt_errstr(status)));
                goto failed;
index 163852d90ac96abf682c190a6a135168a6e31f48..a4bd727f4c7419d19cb936ee07fa6019cec3da45 100644 (file)
@@ -64,6 +64,7 @@ enum brl_type {
 
 
 #include "libcli/raw/libcliraw.h"
+struct gensec_settings;
 #include "libcli/libcli_proto.h"
 
 #endif /* __LIBCLI_H__ */
index 61cbfa7ecb0be706c03144bf983f8b58e69c59be..8640a25747638bff7b35b6a070bfe993a0cba80c 100644 (file)
@@ -173,6 +173,7 @@ NTSTATUS smbcli_tree_full_connection(TALLOC_CTX *parent_ctx,
                                     struct smbcli_tree **ret_tree, 
                                     const char *dest_host, const char **dest_ports,
                                     const char *service, const char *service_type,
+                                        const char *socket_options,
                                     struct cli_credentials *credentials,
                                     struct resolve_context *resolve_ctx,
                                     struct event_context *ev,
@@ -189,6 +190,7 @@ NTSTATUS smbcli_tree_full_connection(TALLOC_CTX *parent_ctx,
 
        io.in.dest_host = dest_host;
        io.in.dest_ports = dest_ports;
+       io.in.socket_options = socket_options;
        io.in.called_name = strupper_talloc(tmp_ctx, dest_host);
        io.in.service = service;
        io.in.service_type = service_type;
index 531ce6098fbcdde4d0a8d7667d7ca13a87edc844..ec4cfb81b414fe5b2a368c4f896d18112c24a5a3 100644 (file)
@@ -142,7 +142,7 @@ struct composite_context *resolve_name_nbtlist_send(TALLOC_CTX *mem_ctx,
        }
 
        state->nbtsock = nbt_name_socket_init(state, event_ctx, 
-                                             lp_iconv_convenience(global_loadparm));
+                                             global_iconv_convenience);
        if (composite_nomem(state->nbtsock, c)) return c;
 
        /* count the address_list size */
index 67d98cfeaf250e882f254da8ff374510a8f9f474..e7aa8c753de8c38ef83ce5a744864438f02f1d3a 100644 (file)
@@ -33,6 +33,8 @@ struct smb2_connect_state {
        struct resolve_context *resolve_ctx;
        const char *host;
        const char *share;
+       const char **ports;
+       const char *socket_options;
        struct smbcli_options options;
        struct smb2_negprot negprot;
        struct smb2_tree_connect tcon;
@@ -138,7 +140,7 @@ static void continue_negprot(struct smb2_request *req)
                break;
        }
 
-       state->session = smb2_session_init(transport, global_loadparm, state, true);
+       state->session = smb2_session_init(transport, lp_gensec_settings(transport, global_loadparm), state, true);
        if (composite_nomem(state->session, c)) return;
 
        creq = smb2_session_setup_spnego_send(state->session, state->credentials);
@@ -208,15 +210,16 @@ static void continue_resolve(struct composite_context *creq)
        const char **ports;
        const char *default_ports[] = { "445", NULL };
 
-       ports = lp_parm_string_list(state, global_loadparm, NULL, "smb2", "ports", NULL);
-       if (ports == NULL) {
-               ports = default_ports;
-       }
-
        c->status = resolve_name_recv(creq, state, &addr);
        if (!composite_is_ok(c)) return;
 
-       creq = smbcli_sock_connect_send(state, addr, ports, state->host, state->resolve_ctx, c->event_ctx, lp_socket_options(global_loadparm));
+       if (state->ports == NULL) {
+               ports = default_ports;
+       } else {
+               ports = state->ports;
+       }
+
+       creq = smbcli_sock_connect_send(state, addr, ports, state->host, state->resolve_ctx, c->event_ctx, state->socket_options);
 
        composite_continue(c, creq, continue_socket, c);
 }
@@ -227,11 +230,13 @@ static void continue_resolve(struct composite_context *creq)
  */
 struct composite_context *smb2_connect_send(TALLOC_CTX *mem_ctx,
                                            const char *host,
+                                               const char **ports,
                                            const char *share,
                                            struct resolve_context *resolve_ctx,
                                            struct cli_credentials *credentials,
                                            struct event_context *ev,
-                                           struct smbcli_options *options)
+                                           struct smbcli_options *options,
+                                               const char *socket_options)
 {
        struct composite_context *c;
        struct smb2_connect_state *state;
@@ -249,9 +254,12 @@ struct composite_context *smb2_connect_send(TALLOC_CTX *mem_ctx,
        state->options = *options;
        state->host = talloc_strdup(c, host);
        if (composite_nomem(state->host, c)) return c;
+       state->ports = talloc_reference(state, ports);
        state->share = talloc_strdup(c, share);
        if (composite_nomem(state->share, c)) return c;
        state->resolve_ctx = talloc_reference(state, resolve_ctx);
+       state->socket_options = talloc_reference(state, socket_options);
+       if (composite_nomem(state->socket_options, c)) return c;
 
        ZERO_STRUCT(name);
        name.name = host;
@@ -282,15 +290,18 @@ NTSTATUS smb2_connect_recv(struct composite_context *c, TALLOC_CTX *mem_ctx,
   sync version of smb2_connect
 */
 NTSTATUS smb2_connect(TALLOC_CTX *mem_ctx, 
-                     const char *host, const char *share,
+                     const char *host, const char **ports, 
+                         const char *share,
                      struct resolve_context *resolve_ctx,
                      struct cli_credentials *credentials,
                      struct smb2_tree **tree,
                      struct event_context *ev,
-                     struct smbcli_options *options)
+                     struct smbcli_options *options,
+                         const char *socket_options)
 {
-       struct composite_context *c = smb2_connect_send(mem_ctx, host, share, 
-                                                       resolve_ctx,
-                                                       credentials, ev, options);
+       struct composite_context *c = smb2_connect_send(mem_ctx, host, ports, 
+                                                                                                       share, resolve_ctx, 
+                                                                                                       credentials, ev, options,
+                                                                                                       socket_options);
        return smb2_connect_recv(c, mem_ctx, tree);
 }
index 31b3e942e92d967e8ff72a4e09c301594f16d544..127bb9bcae7c3cb31a00ffb63c4f1d1fcba3f6ba 100644 (file)
 #include "libcli/smb2/smb2_calls.h"
 #include "libcli/composite/composite.h"
 #include "auth/gensec/gensec.h"
-#include "param/param.h"
 
 /**
   initialise a smb2_session structure
  */
 struct smb2_session *smb2_session_init(struct smb2_transport *transport,
-                                      struct loadparm_context *lp_ctx,
+                                      struct gensec_settings *settings,
                                       TALLOC_CTX *parent_ctx, bool primary)
 {
        struct smb2_session *session;
@@ -50,7 +49,7 @@ struct smb2_session *smb2_session_init(struct smb2_transport *transport,
        /* prepare a gensec context for later use */
        status = gensec_client_start(session, &session->gensec, 
                                     session->transport->socket->event.ctx, 
-                                    lp_ctx);
+                                    settings);
        if (!NT_STATUS_IS_OK(status)) {
                talloc_free(session);
                return NULL;
index f66236af30c90e9e780ffcfe7569051442e7fb7f..ec246b209dff9818884f4af4085ede87cb0cf7d2 100644 (file)
@@ -107,4 +107,5 @@ struct smb2_setinfo {
 struct cli_credentials;
 struct event_context;
 struct resolve_context;
+struct gensec_settings;
 #include "libcli/smb2/smb2_proto.h"
index 4a73acfd57125b9cf607981306b7895d19f653dd..70df0a19ffeee2a00e1cedd8181e247c43103ece 100644 (file)
@@ -257,6 +257,7 @@ static NTSTATUS connect_negprot(struct composite_context *c,
        state->io_setup->in.capabilities = state->transport->negotiate.capabilities;
        state->io_setup->in.credentials  = io->in.credentials;
        state->io_setup->in.workgroup    = io->in.workgroup;
+       state->io_setup->in.gensec_settings = lp_gensec_settings(state->io_setup, global_loadparm);
 
        state->creq = smb_composite_sesssetup_send(state->session, state->io_setup);
        NT_STATUS_HAVE_NO_MEMORY(state->creq);
@@ -377,7 +378,7 @@ static NTSTATUS connect_resolve(struct composite_context *c,
                                               io->in.dest_ports,
                                               io->in.dest_host, 
                                               NULL, c->event_ctx, 
-                                                  lp_socket_options(global_loadparm));
+                                                 io->in.socket_options);
        NT_STATUS_HAVE_NO_MEMORY(state->creq);
 
        state->stage = CONNECT_SOCKET;
index cbe2289a55f05ad9acd82df63030568423e7a6f2..6dc2ae8c8f1af39840be8fcec2b696ad007df26b 100644 (file)
@@ -138,6 +138,7 @@ struct composite_context *smb_composite_fetchfile_send(struct smb_composite_fetc
 
        state->connect->in.dest_host    = io->in.dest_host;
        state->connect->in.dest_ports   = io->in.ports;
+       state->connect->in.socket_options = io->in.socket_options;
        state->connect->in.called_name  = io->in.called_name;
        state->connect->in.service      = io->in.service;
        state->connect->in.service_type = io->in.service_type;
index f148fb8bf64bb147f66c997f7bbd3a466f975e3e..8f5339fa057996ef13888cf755135a106b28b453 100644 (file)
@@ -146,6 +146,7 @@ struct composite_context *smb_composite_fsinfo_send(struct smbcli_tree *tree,
 
        state->connect->in.dest_host    = io->in.dest_host;
        state->connect->in.dest_ports   = io->in.dest_ports;
+       state->connect->in.socket_options = io->in.socket_options;
        state->connect->in.called_name  = io->in.called_name;
        state->connect->in.service      = io->in.service;
        state->connect->in.service_type = io->in.service_type;
index 2ca12a589880dadd70fe90c5b9f12650cd7a05be..10f84a5dbace12d13b14f1f7ba22d6f3fb558f35 100644 (file)
@@ -408,7 +408,7 @@ static NTSTATUS session_setup_spnego(struct composite_context *c,
        smbcli_temp_set_signing(session->transport);
 
        status = gensec_client_start(session, &session->gensec, c->event_ctx,
-                                    global_loadparm);
+                                    io->in.gensec_settings);
        if (!NT_STATUS_IS_OK(status)) {
                DEBUG(1, ("Failed to start GENSEC client mode: %s\n", nt_errstr(status)));
                return status;
index fd1b95e64f01a5b7ee55793dc1d3d8184ad1e98d..431733d600dc69eaffd86952882a5543c180799f 100644 (file)
@@ -53,6 +53,7 @@ struct smb_composite_fetchfile {
                const char *called_name;
                const char *service;
                const char *service_type;
+               const char *socket_options;
                struct cli_credentials *credentials;
                const char *workgroup;
                const char *filename;
@@ -93,6 +94,7 @@ struct smb_composite_connect {
        struct {
                const char *dest_host;
                const char **dest_ports;
+               const char *socket_options;
                const char *called_name;
                const char *service;
                const char *service_type;
@@ -120,6 +122,7 @@ struct smb_composite_sesssetup {
                uint32_t capabilities;
                struct cli_credentials *credentials;
                const char *workgroup;
+               struct gensec_settings *gensec_settings;
        } in;
        struct {
                uint16_t vuid;
@@ -133,6 +136,7 @@ struct smb_composite_fsinfo {
        struct {
                const char *dest_host;
                const char **dest_ports;
+               const char *socket_options;
                const char *called_name;
                const char *service;
                const char *service_type;
index bd8e60d4bdeb9e0905630cd3e9eb9eddd3933f8b..042745d74d657cfc8a8803918765cd514a22224f 100644 (file)
@@ -1457,8 +1457,9 @@ _PUBLIC_ NTSTATUS dcerpc_ndr_request_recv(struct rpc_request *req)
        ndr_err = call->ndr_pull(pull, NDR_OUT, r);
        if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
                status = ndr_map_error2ntstatus(ndr_err);
-               dcerpc_log_packet(table, opnum, NDR_OUT, 
-                                 &response);
+               dcerpc_log_packet(p->conn->packet_log_dir,
+                                                 table, opnum, NDR_OUT, 
+                                                 &response);
                return status;
        }
 
@@ -1467,7 +1468,8 @@ _PUBLIC_ NTSTATUS dcerpc_ndr_request_recv(struct rpc_request *req)
                                                 call->ndr_push, call->ndr_pull, 
                                                 call->ndr_print);
                if (!NT_STATUS_IS_OK(status)) {
-                       dcerpc_log_packet(table, opnum, NDR_OUT, 
+                       dcerpc_log_packet(p->conn->packet_log_dir, 
+                                                         table, opnum, NDR_OUT, 
                                  &response);
                        return status;
                }
index cc8d3d142970e5894a65f8b555f9962b003f914e..dfbe6ee7a6a9a047f1ad2bffe72feb59c19c547b 100644 (file)
@@ -40,6 +40,7 @@ enum dcerpc_transport_t {
   this defines a generic security context for signed/sealed dcerpc pipes.
 */
 struct dcerpc_connection;
+struct gensec_settings;
 struct dcerpc_security {
        struct dcerpc_auth *auth_info;
        struct gensec_security *generic_state;
@@ -61,6 +62,9 @@ struct dcerpc_connection {
        struct event_context *event_ctx;
        struct smb_iconv_convenience *iconv_convenience;
 
+       /** Directory in which to save ndrdump-parseable files */
+       const char *packet_log_dir;
+
        bool dead;
        bool free_skipped;
 
@@ -109,10 +113,10 @@ struct dcerpc_pipe {
        struct dcerpc_connection *conn;
        struct dcerpc_binding *binding;
 
-       /* the last fault code from a DCERPC fault */
+       /** the last fault code from a DCERPC fault */
        uint32_t last_fault_code;
 
-       /* timeout for individual rpc requests, in seconds */
+       /** timeout for individual rpc requests, in seconds */
        uint32_t request_timeout;
 };
 
@@ -319,7 +323,7 @@ NTSTATUS dcerpc_alter_context(struct dcerpc_pipe *p,
 NTSTATUS dcerpc_bind_auth(struct dcerpc_pipe *p,
                          const struct ndr_interface_table *table,
                          struct cli_credentials *credentials,
-                         struct loadparm_context *lp_ctx,
+                         struct gensec_settings *gensec_settings,
                          uint8_t auth_type, uint8_t auth_level,
                          const char *service);
 struct composite_context* dcerpc_pipe_connect_send(TALLOC_CTX *parent_ctx,
@@ -345,9 +349,10 @@ NTSTATUS dcerpc_secondary_auth_connection_recv(struct composite_context *c,
 
 struct composite_context* dcerpc_secondary_connection_send(struct dcerpc_pipe *p,
                                                           struct dcerpc_binding *b);
-void dcerpc_log_packet(const struct ndr_interface_table *ndr,
-                      uint32_t opnum, uint32_t flags, 
-                      DATA_BLOB *pkt);
+void dcerpc_log_packet(const char *lockdir, 
+                                          const struct ndr_interface_table *ndr,
+                                          uint32_t opnum, uint32_t flags, 
+                                          DATA_BLOB *pkt);
 NTSTATUS dcerpc_binding_build_tower(TALLOC_CTX *mem_ctx, struct dcerpc_binding *binding, struct epm_tower *tower);
 
 NTSTATUS dcerpc_floor_get_lhs_data(struct epm_floor *epm_floor, struct ndr_syntax_id *syntax);
index 2eced55967e956360b08e67d4c623204faff6289..7c9d04eeb4f6e51379512e690fade31354bf9b7b 100644 (file)
@@ -222,7 +222,7 @@ struct composite_context *dcerpc_bind_auth_send(TALLOC_CTX *mem_ctx,
                                                struct dcerpc_pipe *p,
                                                const struct ndr_interface_table *table,
                                                struct cli_credentials *credentials,
-                                               struct loadparm_context *lp_ctx,
+                                               struct gensec_settings *gensec_settings,
                                                uint8_t auth_type, uint8_t auth_level,
                                                const char *service)
 {
@@ -251,7 +251,7 @@ struct composite_context *dcerpc_bind_auth_send(TALLOC_CTX *mem_ctx,
 
        c->status = gensec_client_start(p, &sec->generic_state,
                                        p->conn->event_ctx,
-                                       lp_ctx);
+                                       gensec_settings);
        if (!NT_STATUS_IS_OK(c->status)) {
                DEBUG(1, ("Failed to start GENSEC client mode: %s\n",
                          nt_errstr(c->status)));
@@ -387,12 +387,12 @@ NTSTATUS dcerpc_bind_auth_recv(struct composite_context *creq)
 _PUBLIC_ NTSTATUS dcerpc_bind_auth(struct dcerpc_pipe *p,
                          const struct ndr_interface_table *table,
                          struct cli_credentials *credentials,
-                         struct loadparm_context *lp_ctx,
+                         struct gensec_settings *gensec_settings,
                          uint8_t auth_type, uint8_t auth_level,
                          const char *service)
 {
        struct composite_context *creq;
-       creq = dcerpc_bind_auth_send(p, p, table, credentials, lp_ctx,
+       creq = dcerpc_bind_auth_send(p, p, table, credentials, gensec_settings,
                                     auth_type, auth_level, service);
        return dcerpc_bind_auth_recv(creq);
 }
index 9583fcdc02bc54bd2567a9bd8b9c67ac0cd1fc05..8d03f9cde32a33d988c178afc2f548dfde128a3f 100644 (file)
@@ -116,6 +116,7 @@ static struct composite_context *dcerpc_pipe_connect_ncacn_np_smb_send(TALLOC_CT
                conn->in.called_name = "*SMBSERVER"; /* FIXME: This is invalid */
        else
                conn->in.called_name            = s->io.binding->target_hostname;
+       conn->in.socket_options         = lp_socket_options(lp_ctx);
        conn->in.service                = "IPC$";
        conn->in.service_type           = NULL;
        conn->in.workgroup              = lp_workgroup(lp_ctx);
@@ -247,11 +248,15 @@ static struct composite_context *dcerpc_pipe_connect_ncacn_np_smb2_send(
        lp_smbcli_options(lp_ctx, &options);
 
        /* send smb2 connect request */
-       conn_req = smb2_connect_send(mem_ctx, s->io.binding->host, "IPC$", 
+       conn_req = smb2_connect_send(mem_ctx, s->io.binding->host, 
+                       lp_parm_string_list(mem_ctx, lp_ctx, NULL, "smb2", "ports", NULL),
+                                       "IPC$", 
                                     s->io.resolve_ctx,
                                     s->io.creds,
                                     c->event_ctx,
-                                    &options);
+                                    &options,
+                                        lp_socket_options(lp_ctx)
+                                        );
        composite_continue(c, conn_req, continue_smb2_connect, c);
        return c;
 }
@@ -740,6 +745,9 @@ _PUBLIC_ struct composite_context* dcerpc_pipe_connect_b_send(TALLOC_CTX *parent
        s->pipe = dcerpc_pipe_init(c, ev, lp_iconv_convenience(lp_ctx));
        if (composite_nomem(s->pipe, c)) return c;
 
+       if (DEBUGLEVEL >= 10)
+               s->pipe->conn->packet_log_dir = lp_lockdir(lp_ctx);
+
        /* store parameters in state structure */
        s->binding      = binding;
        s->table        = table;
index 13bbc3d51fce6261010d68bf26df85e65b5fc948..e3add82bf2e918ab1824bc347d2d8faa57957e9f 100644 (file)
@@ -29,6 +29,7 @@
 #include "librpc/gen_ndr/ndr_netlogon_c.h"
 #include "auth/credentials/credentials.h"
 #include "librpc/rpc/dcerpc_proto.h"
+#include "param/param.h"
 
 struct schannel_key_state {
        struct dcerpc_pipe *pipe;
@@ -319,7 +320,7 @@ static void continue_schannel_key(struct composite_context *ctx)
 
        /* send bind auth request with received creds */
        auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table, s->credentials, 
-                                        s->lp_ctx,
+                                        lp_gensec_settings(c, s->lp_ctx),
                                         DCERPC_AUTH_TYPE_SCHANNEL, s->auth_level,
                                         NULL);
        if (composite_nomem(auth_req, c)) return;
index b4d5d05b617407432a4e6658183afad301f63107..8ac235c67c25f901207d6632bbc61861852b5e22 100644 (file)
@@ -75,6 +75,9 @@ _PUBLIC_ struct composite_context* dcerpc_secondary_connection_send(struct dcerp
        s->pipe2 = dcerpc_pipe_init(c, s->pipe->conn->event_ctx, s->pipe->conn->iconv_convenience);
        if (composite_nomem(s->pipe2, c)) return c;
 
+       if (DEBUGLEVEL >= 10)
+               s->pipe2->conn->packet_log_dir = s->pipe->conn->packet_log_dir;
+
        /* open second dcerpc pipe using the same transport as for primary pipe */
        switch (s->pipe->conn->transport.transport) {
        case NCACN_NP:
index 32646e85b0e62793789a682c27f81632acb0a42e..1847b20ee7304042f4c59ad2963de74631d0f00b 100644 (file)
@@ -421,7 +421,8 @@ static void continue_ntlmssp_connection(struct composite_context *ctx)
 
        /* initiate a authenticated bind */
        auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table,
-                                        s->credentials, s->lp_ctx,
+                                        s->credentials, 
+                                        lp_gensec_settings(c, s->lp_ctx),
                                         DCERPC_AUTH_TYPE_NTLMSSP,
                                         dcerpc_auth_level(s->pipe->conn),
                                         s->table->authservices->names[0]);
@@ -453,7 +454,9 @@ static void continue_spnego_after_wrong_pass(struct composite_context *ctx)
 
        /* initiate a authenticated bind */
        auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table,
-                                        s->credentials, s->lp_ctx, DCERPC_AUTH_TYPE_SPNEGO,
+                                        s->credentials, 
+                                        lp_gensec_settings(c, s->lp_ctx), 
+                                        DCERPC_AUTH_TYPE_SPNEGO,
                                         dcerpc_auth_level(s->pipe->conn),
                                         s->table->authservices->names[0]);
        composite_continue(c, auth_req, continue_auth, c);
@@ -572,7 +575,9 @@ struct composite_context *dcerpc_pipe_auth_send(struct dcerpc_pipe *p,
        } else {
                /* try SPNEGO with fallback to NTLMSSP */
                auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table,
-                                                s->credentials, s->lp_ctx, DCERPC_AUTH_TYPE_SPNEGO,
+                                                s->credentials, 
+                                                lp_gensec_settings(c, s->lp_ctx), 
+                                                DCERPC_AUTH_TYPE_SPNEGO,
                                                 dcerpc_auth_level(conn),
                                                 s->table->authservices->names[0]);
                composite_continue(c, auth_req, continue_auth_auto, c);
@@ -580,7 +585,9 @@ struct composite_context *dcerpc_pipe_auth_send(struct dcerpc_pipe *p,
        }
 
        auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table,
-                                        s->credentials, s->lp_ctx, auth_type,
+                                        s->credentials, 
+                                        lp_gensec_settings(c, s->lp_ctx), 
+                                        auth_type,
                                         dcerpc_auth_level(conn),
                                         s->table->authservices->names[0]);
        composite_continue(c, auth_req, continue_auth, c);
@@ -671,19 +678,20 @@ _PUBLIC_ NTSTATUS dcerpc_fetch_session_key(struct dcerpc_pipe *p,
 
   this triggers on a debug level of >= 10
 */
-_PUBLIC_ void dcerpc_log_packet(const struct ndr_interface_table *ndr,
+_PUBLIC_ void dcerpc_log_packet(const char *lockdir,
+                                                               const struct ndr_interface_table *ndr,
                       uint32_t opnum, uint32_t flags, 
                       DATA_BLOB *pkt)
 {
        const int num_examples = 20;
        int i;
 
-       if (DEBUGLEVEL < 10) return;
+       if (lockdir == NULL) return;
 
        for (i=0;i<num_examples;i++) {
                char *name=NULL;
                asprintf(&name, "%s/rpclog/%s-%u.%d.%s", 
-                        lp_lockdir(global_loadparm), ndr->name, opnum, i,
+                        lockdir, ndr->name, opnum, i,
                         (flags&NDR_IN)?"in":"out");
                if (name == NULL) {
                        return;
index 14bf79ecf6cbb61ac128843382ccde17834f8c8e..27d5b9de5a3d8a8c94d26a733a678b756f3b0436 100644 (file)
@@ -199,6 +199,7 @@ static NTSTATUS cvfs_connect(struct ntvfs_module_context *ntvfs,
        /* connect to the server, using the smbd event context */
        io.in.dest_host = host;
        io.in.dest_ports = lp_smb_ports(ntvfs->ctx->lp_ctx);
+       io.in.socket_options = lp_socket_options(ntvfs->ctx->lp_ctx);
        io.in.called_name = host;
        io.in.credentials = credentials;
        io.in.fallback_to_anonymous = false;
index 2c1461b9167679a01c7af1bb7388e3798067502e..8e3219293d2e2bdf08e6422c26bb6714038e6e21 100644 (file)
@@ -226,10 +226,14 @@ static NTSTATUS cvfs_connect(struct ntvfs_module_context *ntvfs,
 
        lp_smbcli_options(ntvfs->ctx->lp_ctx, &options);
 
-       creq = smb2_connect_send(private, host, remote_share, 
+       creq = smb2_connect_send(private, host, 
+                       lp_parm_string_list(private, ntvfs->ctx->lp_ctx, NULL, "smb2", "ports", NULL),
+                               remote_share, 
                                 lp_resolve_context(ntvfs->ctx->lp_ctx),
                                 credentials,
-                                ntvfs->ctx->event_ctx, &options);
+                                ntvfs->ctx->event_ctx, &options,
+                                lp_socket_options(ntvfs->ctx->lp_ctx)
+                                );
 
        status = smb2_connect_recv(creq, private, &tree);
        NT_STATUS_NOT_OK_RETURN(status);
index b4098c840cdf50e27b015d74188db493e3ab41e3..6b8db0e7f54f26313bc593c4179126cb2286b566 100644 (file)
@@ -65,6 +65,8 @@
 #include "param/loadparm.h"
 #include "libcli/raw/libcliraw.h"
 #include "rpc_server/common/common.h"
+#include "lib/socket/socket.h"
+#include "auth/gensec/gensec.h"
 
 #define standard_sub_basic talloc_strdup
 
@@ -2671,3 +2673,14 @@ _PUBLIC_ struct dcerpc_server_info *lp_dcerpc_server_info(TALLOC_CTX *mem_ctx, s
 
        return ret;
 }
+
+struct gensec_settings *lp_gensec_settings(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
+{
+       struct gensec_settings *settings = talloc(mem_ctx, struct gensec_settings);
+       if (settings == NULL)
+               return NULL;
+       settings->lp_ctx = talloc_reference(settings, lp_ctx);
+       settings->iconv_convenience = lp_iconv_convenience(lp_ctx);
+       settings->target_hostname = lp_parm_string(lp_ctx, NULL, "gensec", "target_hostname");
+       return settings;
+}
index 8a653be0a8041ff3657a2b389337d5239cc72aa7..80bb5ff1283cb247598338fd7a92912a39322bac 100644 (file)
@@ -67,6 +67,7 @@ struct loadparm_context;
 struct loadparm_service;
 struct smbcli_options;
 struct smbcli_session_options;
+struct gensec_settings;
 
 void reload_charcnv(struct loadparm_context *lp_ctx);
 
@@ -166,7 +167,6 @@ int lp_cli_minprotocol(struct loadparm_context *);
 int lp_security(struct loadparm_context *);
 bool lp_paranoid_server_security(struct loadparm_context *);
 int lp_announce_as(struct loadparm_context *);
-const char **lp_js_include(struct loadparm_context *);
 
 const char *lp_servicename(const struct loadparm_service *service);
 const char *lp_pathname(struct loadparm_service *, struct loadparm_service *);
@@ -329,6 +329,7 @@ void lp_smbcli_options(struct loadparm_context *lp_ctx,
 void lp_smbcli_session_options(struct loadparm_context *lp_ctx,
                                 struct smbcli_session_options *options);
 struct dcerpc_server_info *lp_dcerpc_server_info(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx);
+struct gensec_settings *lp_gensec_settings(TALLOC_CTX *, struct loadparm_context *);
 
 
 /* The following definitions come from param/generic.c  */
index 1d1efa74808cdb0db2b31d22ed2e44f3b1ceef6f..6f3f6799e7883efcb8773f949f641bdfeab7127e 100644 (file)
@@ -339,6 +339,7 @@ _PUBLIC_ NTSTATUS dcesrv_endpoint_connect(struct dcesrv_context *dce_ctx,
        p->endpoint = ep;
        p->contexts = NULL;
        p->call_list = NULL;
+       p->packet_log_dir = lp_lockdir(dce_ctx->lp_ctx);
        p->incoming_fragmented_call_list = NULL;
        p->pending_call_list = NULL;
        p->cli_max_recv_frag = 0;
index 59a4bab083e2d599f14ade1e1a1b101e0c541743..4788fb3a51ab4b7a127a6b4634545237a62d071a 100644 (file)
@@ -210,6 +210,8 @@ struct dcesrv_connection {
 
        bool processing;
 
+       const char *packet_log_dir;
+
        /* this is the default state_flags for dcesrv_call_state structs */
        uint32_t state_flags;
 
index bef7e4be78134b94967ffa67a9a95e053fc2c2db..5169031d1634781c4692015bb2f5e40369fc7b8a 100644 (file)
@@ -61,7 +61,9 @@ bool dcesrv_auth_bind(struct dcesrv_call_state *call)
                return false;
        }
 
-       status = gensec_server_start(dce_conn, call->event_ctx, call->conn->dce_ctx->lp_ctx, call->msg_ctx, &auth->gensec_security);
+       status = gensec_server_start(dce_conn, call->event_ctx, 
+                                    lp_gensec_settings(dce_conn, call->conn->dce_ctx->lp_ctx), 
+                                    call->msg_ctx, &auth->gensec_security);
        if (!NT_STATUS_IS_OK(status)) {
                DEBUG(1, ("Failed to start GENSEC for DCERPC server: %s\n", nt_errstr(status)));
                return false;
index 3cf8fbe8fb074e7891bda39daf8dd9463184d37f..1310ecee90e04c5b0c3ddce4344731d2983b5ff6 100644 (file)
@@ -144,7 +144,8 @@ static NTSTATUS remote_op_ndr_pull(struct dcesrv_call_state *dce_call, TALLOC_CT
         /* unravel the NDR for the packet */
        ndr_err = table->calls[opnum].ndr_pull(pull, NDR_IN, *r);
        if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
-               dcerpc_log_packet(table, opnum, NDR_IN,
+               dcerpc_log_packet(dce_call->conn->packet_log_dir,
+                                                 table, opnum, NDR_IN,
                                  &dce_call->pkt.u.request.stub_and_verifier);
                dce_call->fault_code = DCERPC_FAULT_NDR;
                return NT_STATUS_NET_WRITE_FAULT;
index 00ff3862f5edbf678211a835dda8dc0d640dae71..71ee82d16205d68aae13b972afa065d7a9d27f4a 100644 (file)
@@ -353,7 +353,7 @@ static void reply_nt1(struct smbsrv_request *req, uint16_t choice)
 
                nt_status = gensec_server_start(req->smb_conn,
                                                req->smb_conn->connection->event.ctx,
-                                               req->smb_conn->lp_ctx,
+                                               lp_gensec_settings(req->smb_conn, req->smb_conn->lp_ctx),
                                                req->smb_conn->connection->msg_ctx,
                                                &gensec_security);
                if (!NT_STATUS_IS_OK(nt_status)) {
index a12bbd5cec29d46233f4d4a4c8d0ec67f22edf40..f34124b1a0b4b250653cd55cb458d30006f85537 100644 (file)
@@ -365,7 +365,7 @@ static void sesssetup_spnego(struct smbsrv_request *req, union smb_sesssetup *se
 
                status = gensec_server_start(req,
                                             req->smb_conn->connection->event.ctx,
-                                            req->smb_conn->lp_ctx,
+                                            lp_gensec_settings(req, req->smb_conn->lp_ctx),
                                             req->smb_conn->connection->msg_ctx,
                                             &gensec_ctx);
                if (!NT_STATUS_IS_OK(status)) {
index 49a2d12ef47073bdb166e2bb7bab64811ef6b97a..03e5c9356d1daf046a3c4a035208b70ceb912c1b 100644 (file)
@@ -42,7 +42,7 @@ static NTSTATUS smb2srv_negprot_secblob(struct smb2srv_request *req, DATA_BLOB *
 
        nt_status = gensec_server_start(req,
                                        req->smb_conn->connection->event.ctx,
-                                       req->smb_conn->lp_ctx,
+                                       lp_gensec_settings(req, req->smb_conn->lp_ctx),
                                        req->smb_conn->connection->msg_ctx,
                                        &gensec_security);
        if (!NT_STATUS_IS_OK(nt_status)) {
index 9f8765d6e9461069532ad9ba8b08ec251467c883..176be0b3ea7f56f993d81c27163de9f9cb72f3c2 100644 (file)
@@ -126,7 +126,7 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses
 
                status = gensec_server_start(req,
                                             req->smb_conn->connection->event.ctx,
-                                            req->smb_conn->lp_ctx,
+                                            lp_gensec_settings(req, req->smb_conn->lp_ctx),
                                             req->smb_conn->connection->msg_ctx,
                                             &gensec_ctx);
                if (!NT_STATUS_IS_OK(status)) {
index 1e8b33999751a82ceab3c4597938840d72feb7ee..e62b150a4ba9e8439558048328d0e33b0d087778 100644 (file)
@@ -23,6 +23,7 @@
 #include "auth/ntlmssp/ntlmssp.h"
 #include "lib/cmdline/popt_common.h"
 #include "torture/torture.h"
+#include "param/param.h"
 
 static bool torture_ntlmssp_self_check(struct torture_context *tctx)
 {
@@ -34,7 +35,7 @@ static bool torture_ntlmssp_self_check(struct torture_context *tctx)
 
        torture_assert_ntstatus_ok(tctx, 
                gensec_client_start(mem_ctx, &gensec_security,
-                                   tctx->ev, tctx->lp_ctx),
+                                   tctx->ev, lp_gensec_settings(tctx, tctx->lp_ctx)),
                "gensec client start");
 
        gensec_set_credentials(gensec_security, cmdline_credentials);
@@ -89,7 +90,7 @@ static bool torture_ntlmssp_self_check(struct torture_context *tctx)
 
        torture_assert_ntstatus_ok(tctx, 
                gensec_client_start(mem_ctx, &gensec_security,
-                                   tctx->ev, tctx->lp_ctx),
+                                   tctx->ev, lp_gensec_settings(tctx, tctx->lp_ctx)),
                "Failed to start GENSEC for NTLMSSP");
 
        gensec_set_credentials(gensec_security, cmdline_credentials);
index 89e716988393ac123785035998183a48be819315..c19b08e617ad419304fa947104f5f5475aa854f5 100644 (file)
@@ -817,6 +817,7 @@ static struct composite_context *torture_connect_async(
        smb->in.dest_host=talloc_strdup(mem_ctx,host);
        smb->in.service=talloc_strdup(mem_ctx,share);
        smb->in.dest_ports=lp_smb_ports(tctx->lp_ctx);
+       smb->in.socket_options = lp_socket_options(tctx->lp_ctx);
        smb->in.called_name = strupper_talloc(mem_ctx, host);
        smb->in.service_type=NULL;
        smb->in.credentials=cmdline_credentials;
index ca1fd444d9e1494b55efc51f233b133b619ff9f4..3fdd9a9bbd262a8e172eab2827c81e4e9ae21ca1 100644 (file)
@@ -44,8 +44,9 @@ static bool try_failed_login(struct torture_context *tctx, struct smbcli_state *
        setup.in.sesskey = cli->transport->negotiate.sesskey;
        setup.in.capabilities = cli->transport->negotiate.capabilities;
        setup.in.workgroup = lp_workgroup(tctx->lp_ctx);
-
        setup.in.credentials = cli_credentials_init(session);
+       setup.in.gensec_settings = lp_gensec_settings(tctx, tctx->lp_ctx);
+
        cli_credentials_set_conf(setup.in.credentials, tctx->lp_ctx);
        cli_credentials_set_domain(setup.in.credentials, "INVALID-DOMAIN", CRED_SPECIFIED);
        cli_credentials_set_username(setup.in.credentials, "INVALID-USERNAME", CRED_SPECIFIED);
index aefed23f51a9e60adeba9e02506cc806bcfa27ca..9e2456d2361d93d1a8733edef1d2e8a948527fbc 100644 (file)
@@ -227,17 +227,21 @@ static bool connect_servers(struct event_context *ev,
 
                        if (options.smb2) {
                                status = smb2_connect(NULL, servers[i].server_name, 
+                                                                         lp_smb_ports(lp_ctx),
                                                      servers[i].share_name,
                                                      lp_resolve_context(lp_ctx),
                                                      servers[i].credentials,
                                                      &servers[i].smb2_tree[j],
-                                                     ev, &smb_options);
+                                                     ev, &smb_options,
+                                                         lp_socket_options(lp_ctx)
+                                                         );
                        } else {
                                status = smbcli_tree_full_connection(NULL,
                                                                     &servers[i].smb_tree[j], 
                                                                     servers[i].server_name, 
                                                                     lp_smb_ports(lp_ctx),
                                                                     servers[i].share_name, "A:",
+                                                                        lp_socket_options(lp_ctx),
                                                                     servers[i].credentials,
                                                                     lp_resolve_context(lp_ctx), ev,
                                                                     &smb_options,
index 819fbe072b950f2cc3a86bc606ffd54ce68a365d..4beef98a8ff07cc79093a95effdb83f90a58595e 100644 (file)
@@ -164,6 +164,7 @@ static struct smbcli_state *connect_one(struct event_context *ev,
                                                server, 
                                                lp_smb_ports(lp_ctx),
                                                share, NULL,
+                                               lp_socket_options(lp_ctx),
                                                servers[snum], 
                                                lp_resolve_context(lp_ctx),
                                                ev, &options, &session_options,
index 14d597666e37f20b0233abdc32bc0b39d87e86a0..fb1277a95ab3191e0f77859c5f01a721b2e90be3 100644 (file)
@@ -76,6 +76,7 @@ static struct smbcli_state *connect_one(struct resolve_context *resolve_ctx,
                                        struct event_context *ev,
                                        TALLOC_CTX *mem_ctx,
                                        char *share, const char **ports,
+                                       const char *socket_options,
                                        struct smbcli_options *options,
                                        struct smbcli_session_options *session_options,
                                        struct smb_iconv_convenience *iconv_convenience)
@@ -96,6 +97,7 @@ static struct smbcli_state *connect_one(struct resolve_context *resolve_ctx,
                                        server, 
                                        ports,
                                        share, NULL,
+                                       socket_options,
                                        cmdline_credentials, resolve_ctx, ev,
                                        options, session_options,
                                        iconv_convenience);
@@ -368,7 +370,8 @@ static void usage(poptContext pc)
        lp_smbcli_session_options(lp_ctx, &session_options);
 
        cli = connect_one(lp_resolve_context(lp_ctx), ev, mem_ctx, share, 
-                         lp_smb_ports(lp_ctx), &options, &session_options,
+                         lp_smb_ports(lp_ctx), lp_socket_options(lp_ctx), 
+                         &options, &session_options,
                          lp_iconv_convenience(lp_ctx));
        if (!cli) {
                DEBUG(0,("Failed to connect to %s\n", share));
index 16de4308bb3a920999f83fab75ca8a99f4c890e7..6eb4fe0e67e98abe4cdad17141d0909f1f6ec9eb 100644 (file)
@@ -347,6 +347,7 @@ static bool test_fsinfo(struct smbcli_state *cli, struct torture_context *tctx)
 
        io1.in.dest_host = torture_setting_string(tctx, "host", NULL);
        io1.in.dest_ports = lp_smb_ports(tctx->lp_ctx);
+       io1.in.socket_options = lp_socket_options(tctx->lp_ctx);
        io1.in.called_name = torture_setting_string(tctx, "host", NULL);
        io1.in.service = torture_setting_string(tctx, "share", NULL);
        io1.in.service_type = "A:";
index 450ad0f2605b9eb66c53558084123e4ad7ade6b8..a9d36b7788c9f9a19963c063c0a63baf3d6ea930 100644 (file)
@@ -74,6 +74,7 @@ static bool test_session(struct smbcli_state *cli, struct torture_context *tctx)
        struct smbcli_tree *tree;
        struct smb_composite_sesssetup setup;
        struct smb_composite_sesssetup setups[15];
+       struct gensec_settings *gensec_settings;
        union smb_open io;
        union smb_write wr;
        union smb_close cl;
@@ -92,6 +93,7 @@ static bool test_session(struct smbcli_state *cli, struct torture_context *tctx)
        printf("create a second security context on the same transport\n");
 
        lp_smbcli_session_options(tctx->lp_ctx, &options);
+       gensec_settings = lp_gensec_settings(tctx, tctx->lp_ctx);
 
        session = smbcli_session_init(cli->transport, tctx, false, options);
 
@@ -100,6 +102,7 @@ static bool test_session(struct smbcli_state *cli, struct torture_context *tctx)
        setup.in.workgroup = lp_workgroup(tctx->lp_ctx);
 
        setup.in.credentials = cmdline_credentials;
+       setup.in.gensec_settings = gensec_settings;
 
        status = smb_composite_sesssetup(session, &setup);
        CHECK_STATUS(status, NT_STATUS_OK);
@@ -142,7 +145,6 @@ static bool test_session(struct smbcli_state *cli, struct torture_context *tctx)
                setup.in.workgroup = lp_workgroup(tctx->lp_ctx);
        
                setup.in.credentials = cmdline_credentials;
-       
 
                status = smb_composite_sesssetup(session3, &setup);
                CHECK_STATUS(status, NT_STATUS_LOGON_FAILURE);
@@ -233,6 +235,7 @@ static bool test_session(struct smbcli_state *cli, struct torture_context *tctx)
                setups[i].in.workgroup = lp_workgroup(tctx->lp_ctx);
                
                setups[i].in.credentials = cmdline_credentials;
+               setups[i].in.gensec_settings = gensec_settings;
 
                sessions[i] = smbcli_session_init(cli->transport, tctx, false, options);
                composite_contexts[i] = smb_composite_sesssetup_send(sessions[i], &setups[i]);
@@ -402,6 +405,7 @@ static bool test_tree_ulogoff(struct smbcli_state *cli, struct torture_context *
        setup.in.capabilities = cli->transport->negotiate.capabilities;
        setup.in.workgroup = lp_workgroup(tctx->lp_ctx);
        setup.in.credentials = cmdline_credentials;
+       setup.in.gensec_settings = lp_gensec_settings(tctx, tctx->lp_ctx);
        status = smb_composite_sesssetup(session1, &setup);
        CHECK_STATUS(status, NT_STATUS_OK);
        session1->vuid = setup.out.vuid;
@@ -458,6 +462,7 @@ static bool test_tree_ulogoff(struct smbcli_state *cli, struct torture_context *
        setup.in.capabilities = cli->transport->negotiate.capabilities;
        setup.in.workgroup = lp_workgroup(tctx->lp_ctx);
        setup.in.credentials = cmdline_credentials;
+       setup.in.gensec_settings = lp_gensec_settings(tctx, tctx->lp_ctx);
        status = smb_composite_sesssetup(session2, &setup);
        CHECK_STATUS(status, NT_STATUS_OK);
        session2->vuid = setup.out.vuid;
@@ -657,8 +662,8 @@ static bool test_pid_2sess(struct smbcli_state *cli, struct torture_context *tct
        setup.in.sesskey = cli->transport->negotiate.sesskey;
        setup.in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
        setup.in.workgroup = lp_workgroup(tctx->lp_ctx);
-
        setup.in.credentials = cmdline_credentials;
+       setup.in.gensec_settings = lp_gensec_settings(tctx, tctx->lp_ctx);
 
        status = smb_composite_sesssetup(session, &setup);
        CHECK_STATUS(status, NT_STATUS_OK);     
index dbe071c9adf5cac7a709c12679ebe4777b7d7864..2d1eae3a696ed196b20a46c06821a2d5ddb3b566 100644 (file)
@@ -598,6 +598,7 @@ static bool test_async(struct torture_context *tctx,
        setup.in.capabilities = cli->transport->negotiate.capabilities;
        setup.in.workgroup = lp_workgroup(tctx->lp_ctx);
        setup.in.credentials = cmdline_credentials;
+       setup.in.gensec_settings = lp_gensec_settings(tctx, tctx->lp_ctx);
        status = smb_composite_sesssetup(session, &setup);
        CHECK_STATUS(status, NT_STATUS_OK);
        session->vuid = setup.out.vuid;
index a6dce8a9266d0e42a3df985350f729760ba66432..6b59b35b5d8b07e4f0e8b0a4f48dd7333c6dc667 100644 (file)
@@ -188,6 +188,7 @@ static void reopen_connection(struct event_context *ev, struct timed_event *te,
 
        io->in.dest_host    = state->dest_host;
        io->in.dest_ports   = state->dest_ports;
+       io->in.socket_options = lp_socket_options(state->tctx->lp_ctx);
        io->in.called_name  = state->called_name;
        io->in.service      = share;
        io->in.service_type = state->service_type;
index ec94637445a3b0f73a3488342ff4be7b0c1237ce..e2d52f6c029f8a3fa90f7a9f2f56efa88d079fd9 100644 (file)
@@ -130,6 +130,7 @@ static void reopen_connection(struct event_context *ev, struct timed_event *te,
 
        io->in.dest_host    = state->dest_host;
        io->in.dest_ports   = state->dest_ports;
+       io->in.socket_options = lp_socket_options(state->tctx->lp_ctx);
        io->in.called_name  = state->called_name;
        io->in.service      = share;
        io->in.service_type = state->service_type;
index 46b41e51a00ad9c0ed139be5b6afe607f36e5f40..86dae6bc1fd6f8a7618bb1a4656ee0dd2a6fce1d 100644 (file)
@@ -187,7 +187,7 @@ static bool open_connection_no_level2_oplocks(struct torture_context *tctx,
                                        torture_setting_string(tctx, "host", NULL),
                                        lp_smb_ports(tctx->lp_ctx),
                                        torture_setting_string(tctx, "share", NULL),
-                                       NULL, cmdline_credentials,
+                                       NULL, lp_socket_options(tctx->lp_ctx), cmdline_credentials,
                                        lp_resolve_context(tctx->lp_ctx),
                                        tctx->ev, &options, &session_options,
                                        lp_iconv_convenience(tctx->lp_ctx));
index 9e753018289c55e4d4408e18144010cf3e93b67a..1615b5322a5f9e72cb246ca735421547169f71f6 100644 (file)
@@ -100,7 +100,7 @@ static int fork_tcon_client(struct torture_context *tctx,
 
                status = smbcli_full_connection(NULL, &cli,
                                host, lp_smb_ports(tctx->lp_ctx), share,
-                               NULL, cmdline_credentials,
+                               NULL, lp_socket_options(tctx->lp_ctx), cmdline_credentials,
                                lp_resolve_context(tctx->lp_ctx),
                                tctx->ev, &options, &session_options,
                                lp_iconv_convenience(tctx->lp_ctx));
index a6bb53a7599a2fa69c40d7c60a528a85816495fa..9d6c803ad7163043502bce0c90f099327fbe86b0 100644 (file)
@@ -39,6 +39,7 @@ bool torture_rpc_join(struct torture_context *torture)
        status = smbcli_full_connection(tj, &cli, host,
                                        lp_smb_ports(torture->lp_ctx),
                                        "IPC$", NULL,
+                                       lp_socket_options(torture->lp_ctx),
                                        machine_account,
                                        lp_resolve_context(torture->lp_ctx),
                                        torture->ev, &options, &session_options,
@@ -66,6 +67,7 @@ bool torture_rpc_join(struct torture_context *torture)
        status = smbcli_full_connection(tj, &cli, host,
                                        lp_smb_ports(torture->lp_ctx),
                                        "IPC$", NULL,
+                                       lp_socket_options(torture->lp_ctx),
                                        machine_account,
                                        lp_resolve_context(torture->lp_ctx),
                                        torture->ev, &options, &session_options,
index 1f03ad6396b24cd521180e902096720a2f6f2355..0d18228563997a4e22e957cb16d7d43ecb797b73 100644 (file)
@@ -92,7 +92,8 @@ static bool test_PACVerify(struct torture_context *tctx,
        
        torture_assert(tctx, msg_server_ctx != NULL, "Failed to init messaging context");
 
-       status = gensec_client_start(tctx, &gensec_client_context, tctx->ev, tctx->lp_ctx);
+       status = gensec_client_start(tctx, &gensec_client_context, tctx->ev, 
+                                    lp_gensec_settings(tctx, tctx->lp_ctx));
        torture_assert_ntstatus_ok(tctx, status, "gensec_client_start (client) failed");
 
        status = gensec_set_target_hostname(gensec_client_context, TEST_MACHINE_NAME);
@@ -103,7 +104,9 @@ static bool test_PACVerify(struct torture_context *tctx,
        status = gensec_start_mech_by_sasl_name(gensec_client_context, "GSSAPI");
        torture_assert_ntstatus_ok(tctx, status, "gensec_start_mech_by_sasl_name (client) failed");
 
-       status = gensec_server_start(tctx, tctx->ev, tctx->lp_ctx, msg_server_ctx, &gensec_server_context);
+       status = gensec_server_start(tctx, tctx->ev, 
+                                    lp_gensec_settings(tctx, tctx->lp_ctx), 
+                                    msg_server_ctx, &gensec_server_context);
        torture_assert_ntstatus_ok(tctx, status, "gensec_server_start (server) failed");
 
        status = gensec_set_credentials(gensec_server_context, credentials);
index 93bcb3a1ea7e3ba54615e5737b15d5cf0a4f2120..73c2044449efd045f033815d8f6c99f697d4cd6d 100644 (file)
@@ -89,7 +89,9 @@ bool torture_bind_authcontext(struct torture_context *torture)
        status = smbcli_full_connection(mem_ctx, &cli,
                                        torture_setting_string(torture, "host", NULL),
                                        lp_smb_ports(torture->lp_ctx),
-                                       "IPC$", NULL, cmdline_credentials,
+                                       "IPC$", NULL, 
+                                       lp_socket_options(torture->lp_ctx),
+                                       cmdline_credentials,
                                        lp_resolve_context(torture->lp_ctx),
                                        torture->ev, &options, &session_options,
                                        lp_iconv_convenience(torture->lp_ctx));
@@ -160,6 +162,7 @@ bool torture_bind_authcontext(struct torture_context *torture)
        setup.in.capabilities = cli->transport->negotiate.capabilities;
        setup.in.workgroup = "";
        setup.in.credentials = anon_creds;
+       setup.in.gensec_settings = lp_gensec_settings(torture, torture->lp_ctx);
 
        status = smb_composite_sesssetup(session2, &setup);
        if (!NT_STATUS_IS_OK(status)) {
@@ -233,7 +236,7 @@ static bool bindtest(struct smbcli_state *cli,
        }
 
        status = dcerpc_bind_auth(lsa_pipe, &ndr_table_lsarpc,
-                                 credentials, lp_ctx, auth_type, auth_level,
+                                 credentials, lp_gensec_settings(lp_ctx, lp_ctx), auth_type, auth_level,
                                  NULL);
        if (!NT_STATUS_IS_OK(status)) {
                d_printf("dcerpc_bind_auth failed: %s\n", nt_errstr(status));
@@ -308,7 +311,9 @@ bool torture_bind_samba3(struct torture_context *torture)
        status = smbcli_full_connection(mem_ctx, &cli,
                                        torture_setting_string(torture, "host", NULL),
                                        lp_smb_ports(torture->lp_ctx),
-                                       "IPC$", NULL, cmdline_credentials,
+                                       "IPC$", NULL, 
+                                       lp_socket_options(torture->lp_ctx),
+                                       cmdline_credentials,
                                        lp_resolve_context(torture->lp_ctx),
                                        torture->ev, &options, &session_options,
                                        lp_iconv_convenience(torture->lp_ctx));
@@ -384,7 +389,7 @@ static NTSTATUS get_usr_handle(struct smbcli_state *cli,
 
        if (admin_creds != NULL) {
                status = dcerpc_bind_auth(samr_pipe, &ndr_table_samr,
-                                         admin_creds, lp_ctx, auth_type, auth_level,
+                                         admin_creds, lp_gensec_settings(lp_ctx, lp_ctx), auth_type, auth_level,
                                          NULL);
                if (!NT_STATUS_IS_OK(status)) {
                        d_printf("dcerpc_bind_auth failed: %s\n",
@@ -1013,7 +1018,7 @@ static bool schan(struct smbcli_state *cli,
 #if 1
        net_pipe->conn->flags |= (DCERPC_SIGN | DCERPC_SEAL);
        status = dcerpc_bind_auth(net_pipe, &ndr_table_netlogon,
-                                 wks_creds, lp_ctx, DCERPC_AUTH_TYPE_SCHANNEL,
+                                 wks_creds, lp_gensec_settings(lp_ctx, lp_ctx), DCERPC_AUTH_TYPE_SCHANNEL,
                                  DCERPC_AUTH_LEVEL_PRIVACY,
                                  NULL);
 #else
@@ -1244,7 +1249,9 @@ bool torture_netlogon_samba3(struct torture_context *torture)
        status = smbcli_full_connection(mem_ctx, &cli,
                                        torture_setting_string(torture, "host", NULL),
                                        lp_smb_ports(torture->lp_ctx),
-                                       "IPC$", NULL, anon_creds, 
+                                       "IPC$", NULL, 
+                                       lp_socket_options(torture->lp_ctx),
+                                       anon_creds, 
                                        lp_resolve_context(torture->lp_ctx),
                                        torture->ev, &options, &session_options,
                                        lp_iconv_convenience(torture->lp_ctx));
@@ -1334,8 +1341,8 @@ static bool test_join3(struct torture_context *tctx,
        status = smbcli_full_connection(tctx, &cli,
                                        torture_setting_string(tctx, "host", NULL),
                                        lp_smb_ports(tctx->lp_ctx),
-                                       "IPC$", NULL, smb_creds, 
-                                       lp_resolve_context(tctx->lp_ctx),
+                                       "IPC$", NULL, lp_socket_options(tctx->lp_ctx),
+                                       smb_creds, lp_resolve_context(tctx->lp_ctx),
                                        tctx->ev, &options, &session_options,
                                        lp_iconv_convenience(tctx->lp_ctx));
        if (!NT_STATUS_IS_OK(status)) {
@@ -1717,7 +1724,7 @@ bool torture_samba3_rpc_getusername(struct torture_context *torture)
        status = smbcli_full_connection(
                mem_ctx, &cli, torture_setting_string(torture, "host", NULL),
                lp_smb_ports(torture->lp_ctx),
-               "IPC$", NULL, cmdline_credentials, 
+               "IPC$", NULL, lp_socket_options(torture->lp_ctx), cmdline_credentials, 
                lp_resolve_context(torture->lp_ctx),
                torture->ev, &options, &session_options,
                lp_iconv_convenience(torture->lp_ctx));
@@ -1744,8 +1751,8 @@ bool torture_samba3_rpc_getusername(struct torture_context *torture)
 
        status = smbcli_full_connection(
                mem_ctx, &cli, torture_setting_string(torture, "host", NULL),
-               lp_smb_ports(torture->lp_ctx),
-               "IPC$", NULL, anon_creds, 
+               lp_smb_ports(torture->lp_ctx), "IPC$", NULL, 
+               lp_socket_options(torture->lp_ctx), anon_creds, 
                lp_resolve_context(torture->lp_ctx),
                torture->ev, &options, &session_options,
                lp_iconv_convenience(torture->lp_ctx));
@@ -1812,6 +1819,7 @@ bool torture_samba3_rpc_getusername(struct torture_context *torture)
                setup.in.capabilities = cli->transport->negotiate.capabilities;
                setup.in.workgroup = "";
                setup.in.credentials = user_creds;
+               setup.in.gensec_settings = lp_gensec_settings(torture, torture->lp_ctx);
 
                status = smb_composite_sesssetup(session2, &setup);
                if (!NT_STATUS_IS_OK(status)) {
index 2c39596e356db283f191872e5797e5c3dae5f682..ca1655729bd017d4e8f1b5fd56eabe9695ee5e83 100644 (file)
@@ -292,7 +292,7 @@ static bool test_schannel(struct torture_context *tctx,
        torture_assert_ntstatus_ok(tctx, status, "seconday connection");
 
        status = dcerpc_bind_auth(p_netlogon, &ndr_table_netlogon, 
-                                 credentials, tctx->lp_ctx,
+                                 credentials, lp_gensec_settings(tctx, tctx->lp_ctx),
                                  DCERPC_AUTH_TYPE_SCHANNEL,
                                  dcerpc_auth_level(p->conn),
                                  NULL);
@@ -319,7 +319,7 @@ static bool test_schannel(struct torture_context *tctx,
        torture_assert_ntstatus_ok(tctx, status, "seconday connection");
 
        status = dcerpc_bind_auth(p_lsa, &ndr_table_lsarpc,
-                                 credentials, tctx->lp_ctx,
+                                 credentials, lp_gensec_settings(tctx, tctx->lp_ctx),
                                  DCERPC_AUTH_TYPE_SCHANNEL,
                                  dcerpc_auth_level(p->conn),
                                  NULL);
@@ -360,7 +360,7 @@ static bool test_schannel(struct torture_context *tctx,
 
        /* and now setup an SCHANNEL bind on netlogon */
        status = dcerpc_bind_auth(p_netlogon2, &ndr_table_netlogon,
-                                 credentials, tctx->lp_ctx,
+                                 credentials, lp_gensec_settings(tctx, tctx->lp_ctx),
                                  DCERPC_AUTH_TYPE_SCHANNEL,
                                  dcerpc_auth_level(p_samr2->conn),
                                  NULL);
index dc2a82414bec99892937be52b90dd7eb6ad892c2..f9ff31a797743ed7bf91b0a94f25f3cf73e88081 100644 (file)
@@ -60,7 +60,8 @@ static NTSTATUS spoolss__op_ndr_pull(struct dcesrv_call_state *dce_call, TALLOC_
         /* unravel the NDR for the packet */
        ndr_err = ndr_table_spoolss.calls[opnum].ndr_pull(pull, NDR_IN, *r);
        if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
-               dcerpc_log_packet(&ndr_table_spoolss, opnum, NDR_IN,
+               dcerpc_log_packet(dce_call->conn->packet_log_dir,
+                                                 &ndr_table_spoolss, opnum, NDR_IN,
                                  &dce_call->pkt.u.request.stub_and_verifier);
                dce_call->fault_code = DCERPC_FAULT_NDR;
                return NT_STATUS_NET_WRITE_FAULT;
@@ -102,7 +103,8 @@ static NTSTATUS spoolss__op_dispatch(struct dcesrv_call_state *dce_call, TALLOC_
        }
 
        if (dce_call->fault_code != 0) {
-               dcerpc_log_packet(&ndr_table_spoolss, opnum, NDR_IN,
+               dcerpc_log_packet(dce_call->conn->packet_log_dir,
+                                                 &ndr_table_spoolss, opnum, NDR_IN,
                                  &dce_call->pkt.u.request.stub_and_verifier);
                return NT_STATUS_NET_WRITE_FAULT;
        }
index ae51af18820ed0ad97281be2a97814f3321423ef..f0d25017c6d33c0eb87572215e8c674f8e56bedc 100644 (file)
@@ -204,10 +204,12 @@ bool torture_smb2_scan(struct torture_context *torture)
 
        lp_smbcli_options(torture->lp_ctx, &options);
 
-       status = smb2_connect(mem_ctx, host, share, 
-                             lp_resolve_context(torture->lp_ctx), 
-                             credentials, &tree, 
-                             torture->ev, &options);
+       status = smb2_connect(mem_ctx, host, 
+                                                 lp_smb_ports(torture->lp_ctx),
+                                                 share, 
+                                                 lp_resolve_context(torture->lp_ctx), 
+                                                 credentials, &tree, torture->ev, &options,
+                                                 lp_socket_options(torture->lp_ctx));
        if (!NT_STATUS_IS_OK(status)) {
                printf("Connection failed - %s\n", nt_errstr(status));
                return false;
@@ -221,10 +223,12 @@ bool torture_smb2_scan(struct torture_context *torture)
                smb2_transport_send(req);
                if (!smb2_request_receive(req)) {
                        talloc_free(tree);
-                       status = smb2_connect(mem_ctx, host, share, 
-                                             lp_resolve_context(torture->lp_ctx), 
-                                             credentials, &tree, 
-                                             torture->ev, &options);
+                       status = smb2_connect(mem_ctx, host, 
+                                                                 lp_smb_ports(torture->lp_ctx),
+                                                                 share, 
+                                                                 lp_resolve_context(torture->lp_ctx), 
+                                                                 credentials, &tree, torture->ev, &options,
+                                                                 lp_socket_options(torture->lp_ctx));
                        if (!NT_STATUS_IS_OK(status)) {
                                printf("Connection failed - %s\n", nt_errstr(status));
                                return false;
index 3a437acbab870eeb6a3581cd6035a0b509616bbb..e53b6cddacf384532ba7380bc693ac5560b62e81 100644 (file)
@@ -274,10 +274,14 @@ bool torture_smb2_connection(struct torture_context *tctx, struct smb2_tree **tr
 
        lp_smbcli_options(tctx->lp_ctx, &options);
 
-       status = smb2_connect(tctx, host, share, 
+       status = smb2_connect(tctx, host, 
+                                                 lp_smb_ports(tctx->lp_ctx),
+                                                 share, 
                              lp_resolve_context(tctx->lp_ctx),
                              credentials, tree, 
-                             tctx->ev, &options);
+                             tctx->ev, &options,
+                                 lp_socket_options(tctx->lp_ctx)
+                                 );
        if (!NT_STATUS_IS_OK(status)) {
                printf("Failed to connect to SMB2 share \\\\%s\\%s - %s\n",
                       host, share, nt_errstr(status));
index 53909f645b651617d0579e7e2f15791a497cc3ac..2e451e199907d481b87c7577d18ebdd04e23063a 100644 (file)
@@ -63,7 +63,7 @@ static struct smbcli_state *connect_to_server(struct torture_context *tctx)
 
        status = smbcli_full_connection(tctx, &cli, host, 
                                        lp_smb_ports(tctx->lp_ctx),
-                                       share, NULL,
+                                       share, NULL, lp_socket_options(tctx->lp_ctx),
                                        cmdline_credentials, 
                                        lp_resolve_context(tctx->lp_ctx),
                                        tctx->ev, &options, &session_options,
index d7fbe4a23d814bb0e245fdf08dbe5de2875640bb..f3a6acee506888fad8c237ff1e674fb06a416d6d 100644 (file)
@@ -84,7 +84,7 @@ static struct smbcli_state *connect_to_server(struct torture_context *tctx,
 
        status = smbcli_full_connection(tctx, &cli, host, 
                                        lp_smb_ports(tctx->lp_ctx),
-                                       share, NULL,
+                                       share, NULL, lp_socket_options(tctx->lp_ctx),
                                        creds, lp_resolve_context(tctx->lp_ctx),
                                        tctx->ev, &options, &session_options,
                                        lp_iconv_convenience(tctx->lp_ctx));
index b84938cf11f3d755dc02a2c8885b1c165aee0ad2..5157369a78e2c536ef2dbe45596af3ff272da0ea 100644 (file)
@@ -486,6 +486,7 @@ _PUBLIC_ bool torture_open_connection_share(TALLOC_CTX *mem_ctx,
        status = smbcli_full_connection(mem_ctx, c, hostname, 
                                        lp_smb_ports(tctx->lp_ctx),
                                        sharename, NULL,
+                                       lp_socket_options(tctx->lp_ctx),
                                        cmdline_credentials, 
                                        lp_resolve_context(tctx->lp_ctx),
                                        ev, &options, &session_options,
index 99fb3e80817ab33702258a2a77cee5186549bb87..4964694790a05402e44f9494e2a1295a58df3bfb 100644 (file)
@@ -473,7 +473,8 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode,
                case NTLMSSP_CLIENT_1:
                        /* setup the client side */
 
-                       nt_status = gensec_client_start(NULL, &state->gensec_state, ev, lp_ctx);
+                       nt_status = gensec_client_start(NULL, &state->gensec_state, ev, 
+                                                       lp_gensec_settings(NULL, lp_ctx));
                        if (!NT_STATUS_IS_OK(nt_status)) {
                                exit(1);
                        }
@@ -486,7 +487,8 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode,
                        if (!msg) {
                                exit(1);
                        }
-                       if (!NT_STATUS_IS_OK(gensec_server_start(state, ev, lp_ctx, msg, &state->gensec_state))) {
+                       if (!NT_STATUS_IS_OK(gensec_server_start(state, ev, lp_gensec_settings(state, lp_ctx), 
+                                                                msg, &state->gensec_state))) {
                                exit(1);
                        }
                        break;