diff options
author | Andrew Bartlett <abartlet@samba.org> | 2012-01-09 11:19:33 +1100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2012-01-09 11:39:54 +1100 |
commit | 13f5414f93e54b2fad7d2966cd3ddd2e4abb0dc6 (patch) | |
tree | cd4a6800ed367e68a571dd7c56e3797779fb52bd | |
parent | c243bd2578026d28abfbb4e8a76fe7f008291466 (diff) | |
download | samba-13f5414f93e54b2fad7d2966cd3ddd2e4abb0dc6.tar.gz samba-13f5414f93e54b2fad7d2966cd3ddd2e4abb0dc6.tar.bz2 samba-13f5414f93e54b2fad7d2966cd3ddd2e4abb0dc6.zip |
s3-libsmb: Do not look up FQDN or use host/ for krb5 encrypted CIFS
This is important, as we want to use exactly the same name and ticket
that the libsmb session setup code used, so we do not hit the KDC twice.
For the session setup to have succeded using the default 'client use
spnego principal = no', the cifs/ principal must exist anyway, so
looking for host/ is pointless. The case of 'client use spnego
principal = yes' was never supported here.
Andrew Bartlett
-rw-r--r-- | source3/libsmb/clifsinfo.c | 13 |
1 files changed, 1 insertions, 12 deletions
diff --git a/source3/libsmb/clifsinfo.c b/source3/libsmb/clifsinfo.c index d314c42921..b02cdd5a22 100644 --- a/source3/libsmb/clifsinfo.c +++ b/source3/libsmb/clifsinfo.c @@ -810,19 +810,8 @@ NTSTATUS cli_gss_smb_encryption_start(struct cli_state *cli) return NT_STATUS_NO_MEMORY; } - name_to_fqdn(fqdn, cli_state_remote_name(cli)); - strlower_m(fqdn); - servicename = "cifs"; - status = make_cli_gss_blob(talloc_tos(), es, servicename, fqdn, NT_STATUS_OK, blob_recv, &blob_send); - if (!NT_STATUS_EQUAL(status,NT_STATUS_MORE_PROCESSING_REQUIRED)) { - servicename = "host"; - status = make_cli_gss_blob(talloc_tos(), es, servicename, fqdn, NT_STATUS_OK, blob_recv, &blob_send); - if (!NT_STATUS_EQUAL(status,NT_STATUS_MORE_PROCESSING_REQUIRED)) { - goto fail; - } - } - + status = make_cli_gss_blob(talloc_tos(), es, servicename, cli_state_remote_name(cli), NT_STATUS_OK, blob_recv, &blob_send); do { data_blob_free(&blob_recv); status = enc_blob_send_receive(cli, &blob_send, &blob_recv, ¶m_out); |