summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2010-04-20 15:00:50 +1000
committerAndrew Bartlett <abartlet@samba.org>2010-04-27 16:41:51 +1000
commit1ae9044b8e2347a0c8c948a65a22fae6ec1ef385 (patch)
tree36fc4bbc82d62ba856009825b67351068b7bbe14
parent6be72df7362c27c973a63a960d0b87eefa22db15 (diff)
downloadsamba-1ae9044b8e2347a0c8c948a65a22fae6ec1ef385.tar.gz
samba-1ae9044b8e2347a0c8c948a65a22fae6ec1ef385.tar.bz2
samba-1ae9044b8e2347a0c8c948a65a22fae6ec1ef385.zip
s4:gensec Use a different form of 'name' in GSSAPI import_name()
The idea here is to make it not dependent on the system's default realm. Andrew Bartlett
-rw-r--r--source4/auth/gensec/gensec_gssapi.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index fe9aaa3b90..9e974cb941 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -347,11 +347,11 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
if (principal && lp_client_use_spnego_principal(gensec_security->settings->lp_ctx)) {
name_type = GSS_C_NULL_OID;
} else {
- principal = talloc_asprintf(gensec_gssapi_state, "%s@%s",
+ principal = talloc_asprintf(gensec_gssapi_state, "%s/%s@%s",
gensec_get_target_service(gensec_security),
- hostname);
+ hostname, lp_realm(gensec_security->settings->lp_ctx));
- name_type = GSS_C_NT_HOSTBASED_SERVICE;
+ name_type = GSS_C_NT_USER_NAME;
}
name_token.value = discard_const_p(uint8_t, principal);
name_token.length = strlen(principal);