diff options
| author | Andrew Tridgell <tridge@samba.org> | 2002-09-20 09:37:02 +0000 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 2002-09-20 09:37:02 +0000 |
| commit | 8ea2d8f255763b027cc70e35f96ad2ad325a4589 (patch) | |
| tree | 3ea3eb6b88a64739393be178b6f1686ed82e2303 | |
| parent | 737b0a54bfeae22f18b2b77850fe70f7326e5a6c (diff) | |
| download | samba-8ea2d8f255763b027cc70e35f96ad2ad325a4589.tar.gz samba-8ea2d8f255763b027cc70e35f96ad2ad325a4589.tar.bz2 samba-8ea2d8f255763b027cc70e35f96ad2ad325a4589.zip | |
change ADS negprot to match more closely the options used by w2k. This
affects the principal used and the order of SPNEGO OIDs
(This used to be commit e8ff1c0819e02a1fc7234ad0a07d5415936dfbd2)
| -rw-r--r-- | source3/smbd/negprot.c | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c index 0e306cdab0..16427b00d7 100644 --- a/source3/smbd/negprot.c +++ b/source3/smbd/negprot.c @@ -170,9 +170,9 @@ static int negprot_spnego(char *p) DATA_BLOB blob; extern pstring global_myname; uint8 guid[16]; - const char *OIDs_krb5[] = {OID_NTLMSSP, - OID_KERBEROS5, + const char *OIDs_krb5[] = {OID_KERBEROS5, OID_KERBEROS5_OLD, + OID_NTLMSSP, NULL}; const char *OIDs_plain[] = {OID_NTLMSSP, NULL}; char *principal; @@ -199,9 +199,7 @@ static int negprot_spnego(char *p) if (lp_security() != SEC_ADS) { blob = spnego_gen_negTokenInit(guid, OIDs_plain, "NONE"); } else { - /* win2000 uses host$@REALM, which we will probably use eventually, - but for now this works */ - asprintf(&principal, "HOST/%s@%s", guid, lp_realm()); + asprintf(&principal, "%s$@%s", guid, lp_realm()); blob = spnego_gen_negTokenInit(guid, OIDs_krb5, principal); free(principal); } |