summaryrefslogtreecommitdiff
path: root/source4/dns_server/dns_query.c
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2017-03-01 14:19:50 +1300
committerAndrew Bartlett <abartlet@samba.org>2017-03-29 02:37:27 +0200
commit59ed188ede42a4bc6534f679fa89dd0fb7f8a3ae (patch)
treebd8e20d3096cc326a3bde1ac03fe76f5a9c9b9fa /source4/dns_server/dns_query.c
parenta0ab86dedca2471ca2e4bb222f272d4bd35c85df (diff)
downloadsamba-59ed188ede42a4bc6534f679fa89dd0fb7f8a3ae.tar.gz
dns: Provide local and remote socket address to GENSEC
This can be used for logging and for Kerberos channel bindings Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Diffstat (limited to 'source4/dns_server/dns_query.c')
-rw-r--r--source4/dns_server/dns_query.c22
1 files changed, 22 insertions, 0 deletions
diff --git a/source4/dns_server/dns_query.c b/source4/dns_server/dns_query.c
index c0ae19a4dd4..366696ddd01 100644
--- a/source4/dns_server/dns_query.c
+++ b/source4/dns_server/dns_query.c
@@ -702,6 +702,8 @@ static WERROR handle_authoritative_recv(struct tevent_req *req)
static NTSTATUS create_tkey(struct dns_server *dns,
const char* name,
const char* algorithm,
+ const struct tsocket_address *remote_address,
+ const struct tsocket_address *local_address,
struct dns_server_tkey **tkey)
{
NTSTATUS status;
@@ -738,6 +740,24 @@ static NTSTATUS create_tkey(struct dns_server *dns,
gensec_want_feature(k->gensec, GENSEC_FEATURE_SIGN);
+ status = gensec_set_remote_address(k->gensec,
+ remote_address);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(1, ("Failed to set remote address into GENSEC: %s\n",
+ nt_errstr(status)));
+ *tkey = NULL;
+ return status;
+ }
+
+ status = gensec_set_local_address(k->gensec,
+ local_address);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(1, ("Failed to set local address into GENSEC: %s\n",
+ nt_errstr(status)));
+ *tkey = NULL;
+ return status;
+ }
+
status = gensec_start_mech_by_oid(k->gensec, GENSEC_OID_SPNEGO);
if (!NT_STATUS_IS_OK(status)) {
@@ -861,6 +881,8 @@ static WERROR handle_tkey(struct dns_server *dns,
if (tkey == NULL) {
status = create_tkey(dns, in->questions[0].name,
in_tkey->rdata.tkey_record.algorithm,
+ state->remote_address,
+ state->local_address,
&tkey);
if (!NT_STATUS_IS_OK(status)) {
ret_tkey->rdata.tkey_record.error = DNS_RCODE_BADKEY;
View Lorry Controller Status