From: Stefan Metzmacher Date: Thu, 29 Dec 2016 16:51:17 +0000 (+0100) Subject: use gensec_gssapi_try_kerberos in source3/librpc/crypto/gse.c X-Git-Url: http://git.samba.org/?p=metze%2Fsamba%2Fwip.git;a=commitdiff_plain;h=05a8d447f21eaf63de88d61548bb574c9c809f4c use gensec_gssapi_try_kerberos in source3/librpc/crypto/gse.c --- diff --git a/source3/librpc/crypto/gse.c b/source3/librpc/crypto/gse.c index 9a9f4261222f..de8c98688484 100644 --- a/source3/librpc/crypto/gse.c +++ b/source3/librpc/crypto/gse.c @@ -30,6 +30,7 @@ #include "auth/gensec/gensec.h" #include "auth/gensec/gensec_internal.h" #include "auth/credentials/credentials.h" +#include "auth/kerberos/gensec_gssapi_helper.h" #include "../librpc/gen_ndr/dcerpc.h" #if defined(HAVE_KRB5) @@ -757,17 +758,9 @@ static NTSTATUS gensec_gse_client_start(struct gensec_security *gensec_security) const char *password = cli_credentials_get_password(creds); const char *realm = cli_credentials_get_realm(creds); - if (!hostname) { - DEBUG(1, ("Could not determine hostname for target computer, cannot use kerberos\n")); - return NT_STATUS_INVALID_PARAMETER; - } - if (is_ipaddress(hostname)) { - DEBUG(2, ("Cannot do GSE to an IP address\n")); - return NT_STATUS_INVALID_PARAMETER; - } - if (strcmp(hostname, "localhost") == 0) { - DEBUG(2, ("GSE to 'localhost' does not make sense\n")); - return NT_STATUS_INVALID_PARAMETER; + nt_status = gensec_gssapi_try_kerberos(gensec_security); + if (!NT_STATUS_IS_OK(nt_status)) { + return nt_status; } if (gensec_security->want_features & GENSEC_FEATURE_SESSION_KEY) { diff --git a/source3/wscript_build b/source3/wscript_build index aa8fdc175674..4b3754b25670 100644 --- a/source3/wscript_build +++ b/source3/wscript_build @@ -46,7 +46,7 @@ bld.SAMBA3_LIBRARY('netapi', bld.SAMBA3_LIBRARY('gse', source='librpc/crypto/gse_krb5.c librpc/crypto/gse.c', - deps='krb5samba gensec smbconf KRBCLIENT secrets3', + deps='krb5samba gensec smbconf KRBCLIENT secrets3 GENSEC_GSSAPI_HELPER', private_library=True) bld.SAMBA3_LIBRARY('msrpc3',