s3-smbd Don't send SPNEGO principal (rfc4178 hint) by default

This patch, based on the suggestion by Goldberg, Neil R. <ngoldber@mitre.org>
turns off the sending of the principal in the negprot by default, matching
Windows 2008 behaviour.

This slowly works us back from this hack, which from an RFC
perspective was never the right thing to do in the first place, but we
traditionally follow windows behaviour.  It also discourages client
implmentations from relying on it, as if they do they are more open to
man-in-the-middle attacks.

Andrew Bartlett

1 files changed, 11 insertions, 0 deletions

diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 05958b47d2..b7f6a99f49 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -339,6 +339,7 @@ struct global {
 	bool bClientPlaintextAuth;
 	bool bClientUseSpnego;
 	bool client_use_spnego_principal;
+	bool send_spnego_principal;
 	bool bDebugPrefixTimestamp;
 	bool bDebugHiresTimestamp;
 	bool bDebugPid;
@@ -1409,6 +1410,15 @@ static struct parm_struct parm_table[] = {
 		.flags		= FLAG_ADVANCED,
 	},
 	{
+		.label		= "send spnego principal",
+		.type		= P_BOOL,
+		.p_class	= P_GLOBAL,
+		.ptr		= &Globals.send_spnego_principal,
+		.special	= NULL,
+		.enum_list	= NULL,
+		.flags		= FLAG_ADVANCED,
+	},
+	{
 		.label		= "username",
 		.type		= P_STRING,
 		.p_class	= P_LOCAL,
@@ -5722,6 +5732,7 @@ FN_GLOBAL_BOOL(lp_unix_extensions, &Globals.bUnixExtensions)
 FN_GLOBAL_BOOL(lp_use_spnego, &Globals.bUseSpnego)
 FN_GLOBAL_BOOL(lp_client_use_spnego, &Globals.bClientUseSpnego)
 FN_GLOBAL_BOOL(lp_client_use_spnego_principal, &Globals.client_use_spnego_principal)
+FN_GLOBAL_BOOL(lp_send_spnego_principal, &Globals.send_spnego_principal)
 FN_GLOBAL_BOOL(lp_hostname_lookups, &Globals.bHostnameLookups)
 FN_LOCAL_PARM_BOOL(lp_change_notify, bChangeNotify)
 FN_LOCAL_PARM_BOOL(lp_kernel_change_notify, bKernelChangeNotify)