sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-24 13:57:43 +03:00
Code

change ADS negprot to match more closely the options used by w2k. This

Browse Source 
affects the principal used and the order of SPNEGO OIDs
This commit is contained in:
Andrew Tridgell -
parent 56b194e835
commit e8ff1c0819
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
source/smbd/negprot.c
View File

@ -170,9 +170,9 @@ static int negprot_spnego(char *p)
DATA_BLOB blob; DATA_BLOB blob;
extern pstring global_myname; extern pstring global_myname;
uint8 guid[16]; uint8 guid[16];
const char *OIDs_krb5[] = {OID_NTLMSSP, const char *OIDs_krb5[] = {OID_KERBEROS5,
OID_KERBEROS5,
OID_KERBEROS5_OLD, OID_KERBEROS5_OLD,
OID_NTLMSSP,
NULL}; NULL};
const char *OIDs_plain[] = {OID_NTLMSSP, NULL}; const char *OIDs_plain[] = {OID_NTLMSSP, NULL};
char *principal; char *principal;
@ -199,9 +199,7 @@ static int negprot_spnego(char *p)
if (lp_security() != SEC_ADS) { if (lp_security() != SEC_ADS) {
blob = spnego_gen_negTokenInit(guid, OIDs_plain, "NONE"); blob = spnego_gen_negTokenInit(guid, OIDs_plain, "NONE");
} else { } else {
/* win2000 uses host$@REALM, which we will probably use eventually, asprintf(&principal, "%s$@%s", guid, lp_realm());
but for now this works */
asprintf(&principal, "HOST/%s@%s", guid, lp_realm());
blob = spnego_gen_negTokenInit(guid, OIDs_krb5, principal); blob = spnego_gen_negTokenInit(guid, OIDs_krb5, principal);
free(principal); free(principal);
} }