s3-librpc Supply target service and server to spnego_generic_init_client()

Signed-off-by: Stefan Metzmacher <metze@samba.org>

diff --git a/source3/librpc/crypto/cli_spnego.c b/source3/librpc/crypto/cli_spnego.c
index f64a537e202ee06d76a565882303f9c190be9e13..98251c776ecfa6af2b43c4e124d8bb3c94e0faea 100644 (file)
--- a/source3/librpc/crypto/cli_spnego.c
+++ b/source3/librpc/crypto/cli_spnego.c
@@ -88,6 +88,8 @@ NTSTATUS spnego_generic_init_client(TALLOC_CTX *mem_ctx,
                                    const char *oid,
                                    bool do_sign, bool do_seal,
                                    bool is_dcerpc,
+                                   const char *server,
+                                   const char *target_service,
                                    const char *domain,
                                    const char *username,
                                    const char *password,
@@ -148,6 +150,18 @@ NTSTATUS spnego_generic_init_client(TALLOC_CTX *mem_ctx,
                                    GENSEC_FEATURE_DCE_STYLE);
        }
 
+       status = gensec_set_target_service(auth_generic_state->gensec_security, target_service);
+       if (!NT_STATUS_IS_OK(status)) {
+               TALLOC_FREE(sp_ctx);
+               return status;
+       }
+
+       status = gensec_set_target_hostname(auth_generic_state->gensec_security, server);
+       if (!NT_STATUS_IS_OK(status)) {
+               TALLOC_FREE(sp_ctx);
+               return status;
+       }
+
        status = auth_generic_client_start(auth_generic_state, oid);
        if (!NT_STATUS_IS_OK(status)) {
                TALLOC_FREE(sp_ctx);

diff --git a/source3/librpc/crypto/spnego.h b/source3/librpc/crypto/spnego.h
index 7e0f1590ab68824f186ceb8916e8ba313d90b344..a31f997ab6da130f003ecab00e385cd4fa737832 100644 (file)
--- a/source3/librpc/crypto/spnego.h
+++ b/source3/librpc/crypto/spnego.h
@@ -65,6 +65,8 @@ NTSTATUS spnego_generic_init_client(TALLOC_CTX *mem_ctx,
                                    const char *oid,
                                    bool do_sign, bool do_seal,
                                    bool is_dcerpc,
+                                   const char *server,
+                                   const char *target_service,
                                    const char *domain,
                                    const char *username,
                                    const char *password,

diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index 49053c980ecfb5c0a760a2be11e29af1a8218e9b..ca8655cab1a74a332778cefd7410a8e68bbcab46 100644 (file)
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -3143,6 +3143,8 @@ NTSTATUS cli_rpc_pipe_open_spnego_ntlmssp(struct cli_state *cli,
        struct pipe_auth_data *auth;
        struct spnego_context *spnego_ctx;
        NTSTATUS status;
+       const char *server = NULL;
+       const char *target_service = "cifs"; /* TODO: Determine target service from the bindings or interface table */
 
        status = cli_rpc_pipe_open(cli, transport, interface, &result);
        if (!NT_STATUS_IS_OK(status)) {
@@ -3182,6 +3184,7 @@ NTSTATUS cli_rpc_pipe_open_spnego_ntlmssp(struct cli_state *cli,
                                            (auth->auth_level ==
                                                DCERPC_AUTH_LEVEL_PRIVACY),
                                            true,
+                                           server, target_service,
                                            domain, username, password,
                                            &spnego_ctx);
        if (!NT_STATUS_IS_OK(status)) {