[PATCH] Patch for bug 1703
Ralph Boehme
slow at samba.org
Mon May 2 15:50:32 UTC 2016
Hi!
Attached is a patch to fix bug 1703:
s3:libnet:libnet_join: add netbios aliases as SPNs
Add all listed smb.conf netbios aliases as SPNs to the machine account:
HOST/NETBIOS_ALIAS at REALM
and
HOST/netbios_alias.dnsdomain.name at REALM
I wasn't entirely sure where to pull the DNS name info from, but
decided against calling getaddrinfo() on the netbios alias via
name_to_fqdn(), but instead just pick up the DNS domain name from
r->out.dns_domain_name.
Please review and push if ok, thanks!
Cheerio!
-slow
-------------- next part --------------
From 7547d9bc68f4fd1514b9f9c3ec8435a5a8975a34 Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Tue, 26 Apr 2016 17:21:46 +0200
Subject: [PATCH] s3:libnet:libnet_join: add netbios aliases as SPNs
Add all listed smb.conf netbios aliases as SPNs to the machine account:
HOST/NETBIOS_ALIAS at REALM
and
HOST/netbios_alias.dnsdomain.name at REALM
Bug: https://bugzilla.samba.org/show_bug.cgi?id=1703
Signed-off-by: Ralph Boehme <slow at samba.org>
---
source3/libnet/libnet_join.c | 60 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 60 insertions(+)
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index ef6c995..a28864d 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -463,6 +463,7 @@ static ADS_STATUS libnet_join_set_machine_spn(TALLOC_CTX *mem_ctx,
size_t num_spns = 0;
char *spn = NULL;
bool ok;
+ const char **netbios_aliases = NULL;
/* Find our DN */
@@ -524,6 +525,65 @@ static ADS_STATUS libnet_join_set_machine_spn(TALLOC_CTX *mem_ctx,
}
}
+ netbios_aliases = lp_netbios_aliases();
+ if (netbios_aliases != NULL) {
+ for (; *netbios_aliases != NULL; netbios_aliases++) {
+ /*
+ * Add HOST/NETBIOSNAME
+ */
+ spn = talloc_asprintf(mem_ctx, "HOST/%s", *netbios_aliases);
+ if (spn == NULL) {
+ TALLOC_FREE(spn);
+ return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
+ }
+ if (!strupper_m(spn)) {
+ TALLOC_FREE(spn);
+ return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
+ }
+
+ ok = ads_element_in_array(spn_array, num_spns, spn);
+ if (ok) {
+ TALLOC_FREE(spn);
+ continue;
+ }
+ ok = add_string_to_array(spn_array, spn,
+ &spn_array, &num_spns);
+ if (!ok) {
+ TALLOC_FREE(spn);
+ return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
+ }
+ TALLOC_FREE(spn);
+
+ /*
+ * Add HOST/netbiosname.domainname
+ */
+ if (r->out.dns_domain_name == NULL) {
+ continue;
+ }
+ fstr_sprintf(my_fqdn, "%s.%s",
+ *netbios_aliases,
+ r->out.dns_domain_name);
+
+ spn = talloc_asprintf(mem_ctx, "HOST/%s", my_fqdn);
+ if (spn == NULL) {
+ return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
+ }
+
+ ok = ads_element_in_array(spn_array, num_spns, spn);
+ if (ok) {
+ TALLOC_FREE(spn);
+ continue;
+ }
+ ok = add_string_to_array(spn_array, spn,
+ &spn_array, &num_spns);
+ if (!ok) {
+ TALLOC_FREE(spn);
+ return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
+ }
+ TALLOC_FREE(spn);
+ }
+ }
+
/* make sure to NULL terminate the array */
spn_array = talloc_realloc(mem_ctx, spn_array, const char *, num_spns + 1);
if (spn_array == NULL) {
--
2.5.0
More information about the samba-technical
mailing list