diff options
| author | Andreas Schneider <asn@samba.org> | 2017-03-08 12:34:59 +0100 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2017-03-10 11:37:21 +0100 |
| commit | bf6358bf035e7ad48bd15cc2164afab2a19e7ad6 (patch) | |
| tree | 57505fcbb969918811fe129922728147e089c8b3 /source4/auth/gensec | |
| parent | 8f7c4529420316b553c80cd3d19b6996525b029a (diff) | |
| download | samba-bf6358bf035e7ad48bd15cc2164afab2a19e7ad6.tar.gz | |
s4:gensec_gssapi: Move setup of service_principal to update function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12554
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'source4/auth/gensec')
| -rw-r--r-- | source4/auth/gensec/gensec_gssapi.c | 33 |
1 files changed, 20 insertions, 13 deletions
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c index f8e83eae34e..a11b5958ba9 100644 --- a/source4/auth/gensec/gensec_gssapi.c +++ b/source4/auth/gensec/gensec_gssapi.c @@ -400,18 +400,6 @@ do_start: gensec_gssapi_state->gss_want_flags &= ~(GSS_C_DELEG_FLAG|GSS_C_DELEG_POLICY_FLAG); } - nt_status = gensec_gssapi_setup_server_principal(gensec_gssapi_state, - target_principal, - service, - hostname, - realm, - gensec_gssapi_state->gss_oid, - &gensec_gssapi_state->target_principal, - &gensec_gssapi_state->server_name); - if (!NT_STATUS_IS_OK(nt_status)) { - return nt_status; - } - return NT_STATUS_OK; } @@ -452,7 +440,11 @@ static NTSTATUS gensec_gssapi_update(struct gensec_security *gensec_security, OM_uint32 min_stat2; gss_buffer_desc input_token = { 0, NULL }; gss_buffer_desc output_token = { 0, NULL }; - + struct cli_credentials *cli_creds = gensec_get_credentials(gensec_security); + const char *target_principal = gensec_get_target_principal(gensec_security); + const char *hostname = gensec_get_target_hostname(gensec_security); + const char *service = gensec_get_target_service(gensec_security); + const char *client_realm = cli_credentials_get_realm(cli_creds); gss_OID gss_oid_p = NULL; OM_uint32 time_req = 0; OM_uint32 time_rec = 0; @@ -491,6 +483,21 @@ static NTSTATUS gensec_gssapi_update(struct gensec_security *gensec_security, return NT_STATUS_INTERNAL_ERROR; } #endif + + if (gensec_gssapi_state->server_name == NULL) { + nt_status = gensec_gssapi_setup_server_principal(gensec_gssapi_state, + target_principal, + service, + hostname, + client_realm, + gensec_gssapi_state->gss_oid, + &gensec_gssapi_state->target_principal, + &gensec_gssapi_state->server_name); + if (!NT_STATUS_IS_OK(nt_status)) { + return nt_status; + } + } + maj_stat = gss_init_sec_context(&min_stat, gensec_gssapi_state->client_cred->creds, &gensec_gssapi_state->gssapi_context, |