diff options
author | Stefan Metzmacher <metze@samba.org> | 2013-12-13 17:31:45 +0100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2014-01-07 12:47:04 +0100 |
commit | dc96b1ddccfe8eb1a631355f9471ee0b620d682c (patch) | |
tree | 263a3396fcd4a7128751389db278439232dca3b2 /libcli/auth | |
parent | 6e6d9f9f12284ed06a21cc02080e436b7326065f (diff) | |
download | samba-dc96b1ddccfe8eb1a631355f9471ee0b620d682c.tar.gz samba-dc96b1ddccfe8eb1a631355f9471ee0b620d682c.tar.xz samba-dc96b1ddccfe8eb1a631355f9471ee0b620d682c.zip |
libcli/auth: use unique key_name values in netlogon_creds_cli_context_common()
Until all callers are fixed to pass the same 'server_computer'
value, we try to calculate a server_netbios_name and use this
as unique identifier for a specific domain controller.
Otherwise winbind would use 'hostname.example.com'
while 'net rpc testjoin' would use 'HOSTNAME',
which leads to 2 records in netlogon_creds_cli.tdb
for the same domain controller.
Once all callers are fixed we can think about reverting this
commit.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'libcli/auth')
-rw-r--r-- | libcli/auth/netlogon_creds_cli.c | 58 |
1 files changed, 48 insertions, 10 deletions
diff --git a/libcli/auth/netlogon_creds_cli.c b/libcli/auth/netlogon_creds_cli.c index 75d6b2c679b..a872b31bfcc 100644 --- a/libcli/auth/netlogon_creds_cli.c +++ b/libcli/auth/netlogon_creds_cli.c @@ -106,23 +106,30 @@ static NTSTATUS netlogon_creds_cli_context_common( struct netlogon_creds_cli_context **_context) { struct netlogon_creds_cli_context *context = NULL; + TALLOC_CTX *frame = talloc_stackframe(); + char *_key_name = NULL; + char *server_netbios_name = NULL; + char *p = NULL; *_context = NULL; context = talloc_zero(mem_ctx, struct netlogon_creds_cli_context); if (context == NULL) { + TALLOC_FREE(frame); return NT_STATUS_NO_MEMORY; } context->client.computer = talloc_strdup(context, client_computer); if (context->client.computer == NULL) { - talloc_free(context); + TALLOC_FREE(context); + TALLOC_FREE(frame); return NT_STATUS_NO_MEMORY; } context->client.account = talloc_strdup(context, client_account); if (context->client.account == NULL) { - talloc_free(context); + TALLOC_FREE(context); + TALLOC_FREE(frame); return NT_STATUS_NO_MEMORY; } @@ -133,29 +140,60 @@ static NTSTATUS netlogon_creds_cli_context_common( context->server.computer = talloc_strdup(context, server_computer); if (context->server.computer == NULL) { - talloc_free(context); + TALLOC_FREE(context); + TALLOC_FREE(frame); return NT_STATUS_NO_MEMORY; } context->server.netbios_domain = talloc_strdup(context, server_netbios_domain); if (context->server.netbios_domain == NULL) { - talloc_free(context); + TALLOC_FREE(context); + TALLOC_FREE(frame); return NT_STATUS_NO_MEMORY; } - context->db.key_name = talloc_asprintf(context, "CLI[%s/%s]/SRV[%s/%s]", - client_computer, - client_account, - server_computer, - server_netbios_domain); + /* + * TODO: + * Force the callers to provide a unique + * value for server_computer and use this directly. + * + * For now we have to deal with + * "HOSTNAME" vs. "hostname.example.com". + */ + server_netbios_name = talloc_strdup(frame, server_computer); + if (server_netbios_name == NULL) { + TALLOC_FREE(context); + TALLOC_FREE(frame); + return NT_STATUS_NO_MEMORY; + } + + p = strchr(server_netbios_name, '.'); + if (p != NULL) { + p[0] = '\0'; + } + + _key_name = talloc_asprintf(frame, "CLI[%s/%s]/SRV[%s/%s]", + client_computer, + client_account, + server_netbios_name, + server_netbios_domain); + if (_key_name == NULL) { + TALLOC_FREE(context); + TALLOC_FREE(frame); + return NT_STATUS_NO_MEMORY; + } + + context->db.key_name = talloc_strdup_upper(context, _key_name); if (context->db.key_name == NULL) { - talloc_free(context); + TALLOC_FREE(context); + TALLOC_FREE(frame); return NT_STATUS_NO_MEMORY; } context->db.key_data = string_term_tdb_data(context->db.key_name); *_context = context; + TALLOC_FREE(frame); return NT_STATUS_OK; } |