const char * get_canonical_hostname(int use_dns) { char *host; static char *canonical_host_name = NULL; static char *remote_ip = NULL; /* Check if we have previously retrieved name with same option. */ if (use_dns && canonical_host_name != NULL) return canonical_host_name; if (!use_dns && remote_ip != NULL) return remote_ip; /* Get the real hostname if socket; otherwise return UNKNOWN. */ if (packet_connection_is_on_socket()) host = get_remote_hostname(packet_get_connection_in(), use_dns); else host = "UNKNOWN"; if (use_dns) canonical_host_name = host; else remote_ip = host; return host; }
const char * get_canonical_hostname(int use_dns) { static char *canonical_host_name = NULL; static int use_dns_done = 0; /* Check if we have previously retrieved name with same option. */ if (canonical_host_name != NULL) { if (use_dns_done != use_dns) xfree(canonical_host_name); else return canonical_host_name; } /* Get the real hostname if socket; otherwise return UNKNOWN. */ if (packet_connection_is_on_socket()) canonical_host_name = get_remote_hostname( packet_get_connection_in(), use_dns); else canonical_host_name = xstrdup("UNKNOWN"); use_dns_done = use_dns; return canonical_host_name; }
static NTSTATUS auth3_generate_session_info_pac(struct auth4_context *auth_ctx, TALLOC_CTX *mem_ctx, struct smb_krb5_context *smb_krb5_context, DATA_BLOB *pac_blob, const char *princ_name, const struct tsocket_address *remote_address, uint32_t session_info_flags, struct auth_session_info **session_info) { TALLOC_CTX *tmp_ctx; struct PAC_LOGON_INFO *logon_info = NULL; struct netr_SamInfo3 *info3_copy = NULL; bool is_mapped; bool is_guest; char *ntuser; char *ntdomain; char *username; char *rhost; struct passwd *pw; NTSTATUS status; int rc; tmp_ctx = talloc_new(mem_ctx); if (!tmp_ctx) { return NT_STATUS_NO_MEMORY; } if (pac_blob) { #ifdef HAVE_KRB5 status = kerberos_pac_logon_info(tmp_ctx, *pac_blob, NULL, NULL, NULL, NULL, 0, &logon_info); #else status = NT_STATUS_ACCESS_DENIED; #endif if (!NT_STATUS_IS_OK(status)) { goto done; } } rc = get_remote_hostname(remote_address, &rhost, tmp_ctx); if (rc < 0) { status = NT_STATUS_NO_MEMORY; goto done; } if (strequal(rhost, "UNKNOWN")) { rhost = tsocket_address_inet_addr_string(remote_address, tmp_ctx); if (rhost == NULL) { status = NT_STATUS_NO_MEMORY; goto done; } } status = get_user_from_kerberos_info(tmp_ctx, rhost, princ_name, logon_info, &is_mapped, &is_guest, &ntuser, &ntdomain, &username, &pw); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("Failed to map kerberos principal to system user " "(%s)\n", nt_errstr(status))); status = NT_STATUS_ACCESS_DENIED; goto done; } /* save the PAC data if we have it */ if (logon_info) { status = create_info3_from_pac_logon_info(tmp_ctx, logon_info, &info3_copy); if (!NT_STATUS_IS_OK(status)) { goto done; } netsamlogon_cache_store(ntuser, info3_copy); } /* setup the string used by %U */ sub_set_smb_name(username); /* reload services so that the new %U is taken into account */ lp_load_with_shares(get_dyn_CONFIGFILE()); status = make_session_info_krb5(mem_ctx, ntuser, ntdomain, username, pw, info3_copy, is_guest, is_mapped, NULL /* No session key for now, caller will sort it out */, session_info); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("Failed to map kerberos pac to server info (%s)\n", nt_errstr(status))); status = NT_STATUS_ACCESS_DENIED; goto done; } DEBUG(5, (__location__ "OK: user: %s domain: %s client: %s\n", ntuser, ntdomain, rhost)); status = NT_STATUS_OK; done: TALLOC_FREE(tmp_ctx); return status; }