summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2012-01-09 11:19:33 +1100
committerAndrew Bartlett <abartlet@samba.org>2012-01-09 11:39:54 +1100
commit13f5414f93e54b2fad7d2966cd3ddd2e4abb0dc6 (patch)
treecd4a6800ed367e68a571dd7c56e3797779fb52bd
parentc243bd2578026d28abfbb4e8a76fe7f008291466 (diff)
downloadsamba-13f5414f93e54b2fad7d2966cd3ddd2e4abb0dc6.tar.gz
samba-13f5414f93e54b2fad7d2966cd3ddd2e4abb0dc6.tar.bz2
samba-13f5414f93e54b2fad7d2966cd3ddd2e4abb0dc6.zip
s3-libsmb: Do not look up FQDN or use host/ for krb5 encrypted CIFS
This is important, as we want to use exactly the same name and ticket that the libsmb session setup code used, so we do not hit the KDC twice. For the session setup to have succeded using the default 'client use spnego principal = no', the cifs/ principal must exist anyway, so looking for host/ is pointless. The case of 'client use spnego principal = yes' was never supported here. Andrew Bartlett
-rw-r--r--source3/libsmb/clifsinfo.c13
1 files changed, 1 insertions, 12 deletions
diff --git a/source3/libsmb/clifsinfo.c b/source3/libsmb/clifsinfo.c
index d314c42921..b02cdd5a22 100644
--- a/source3/libsmb/clifsinfo.c
+++ b/source3/libsmb/clifsinfo.c
@@ -810,19 +810,8 @@ NTSTATUS cli_gss_smb_encryption_start(struct cli_state *cli)
return NT_STATUS_NO_MEMORY;
}
- name_to_fqdn(fqdn, cli_state_remote_name(cli));
- strlower_m(fqdn);
-
servicename = "cifs";
- status = make_cli_gss_blob(talloc_tos(), es, servicename, fqdn, NT_STATUS_OK, blob_recv, &blob_send);
- if (!NT_STATUS_EQUAL(status,NT_STATUS_MORE_PROCESSING_REQUIRED)) {
- servicename = "host";
- status = make_cli_gss_blob(talloc_tos(), es, servicename, fqdn, NT_STATUS_OK, blob_recv, &blob_send);
- if (!NT_STATUS_EQUAL(status,NT_STATUS_MORE_PROCESSING_REQUIRED)) {
- goto fail;
- }
- }
-
+ status = make_cli_gss_blob(talloc_tos(), es, servicename, cli_state_remote_name(cli), NT_STATUS_OK, blob_recv, &blob_send);
do {
data_blob_free(&blob_recv);
status = enc_blob_send_receive(cli, &blob_send, &blob_recv, &param_out);