diff options
author | Andrew Bartlett <abartlet@samba.org> | 2017-03-01 14:19:50 +1300 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2017-03-29 02:37:27 +0200 |
commit | 59ed188ede42a4bc6534f679fa89dd0fb7f8a3ae (patch) | |
tree | bd8e20d3096cc326a3bde1ac03fe76f5a9c9b9fa /source4/dns_server/dns_query.c | |
parent | a0ab86dedca2471ca2e4bb222f272d4bd35c85df (diff) | |
download | samba-59ed188ede42a4bc6534f679fa89dd0fb7f8a3ae.tar.gz |
dns: Provide local and remote socket address to GENSEC
This can be used for logging and for Kerberos channel bindings
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Diffstat (limited to 'source4/dns_server/dns_query.c')
-rw-r--r-- | source4/dns_server/dns_query.c | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/source4/dns_server/dns_query.c b/source4/dns_server/dns_query.c index c0ae19a4dd4..366696ddd01 100644 --- a/source4/dns_server/dns_query.c +++ b/source4/dns_server/dns_query.c @@ -702,6 +702,8 @@ static WERROR handle_authoritative_recv(struct tevent_req *req) static NTSTATUS create_tkey(struct dns_server *dns, const char* name, const char* algorithm, + const struct tsocket_address *remote_address, + const struct tsocket_address *local_address, struct dns_server_tkey **tkey) { NTSTATUS status; @@ -738,6 +740,24 @@ static NTSTATUS create_tkey(struct dns_server *dns, gensec_want_feature(k->gensec, GENSEC_FEATURE_SIGN); + status = gensec_set_remote_address(k->gensec, + remote_address); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("Failed to set remote address into GENSEC: %s\n", + nt_errstr(status))); + *tkey = NULL; + return status; + } + + status = gensec_set_local_address(k->gensec, + local_address); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("Failed to set local address into GENSEC: %s\n", + nt_errstr(status))); + *tkey = NULL; + return status; + } + status = gensec_start_mech_by_oid(k->gensec, GENSEC_OID_SPNEGO); if (!NT_STATUS_IS_OK(status)) { @@ -861,6 +881,8 @@ static WERROR handle_tkey(struct dns_server *dns, if (tkey == NULL) { status = create_tkey(dns, in->questions[0].name, in_tkey->rdata.tkey_record.algorithm, + state->remote_address, + state->local_address, &tkey); if (!NT_STATUS_IS_OK(status)) { ret_tkey->rdata.tkey_record.error = DNS_RCODE_BADKEY; |