summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2001-10-22 05:04:33 +0000
committerAndrew Tridgell <tridge@samba.org>2001-10-22 05:04:33 +0000
commitfba157123ed1d6f59d40aa9161218fbfcf71253f (patch)
tree392e928545db46c420cce20e564ad5eea46898e8 /source3/smbd
parent18ffa22657b694857cc948949e567a514bc68d65 (diff)
downloadsamba-fba157123ed1d6f59d40aa9161218fbfcf71253f.tar.gz
samba-fba157123ed1d6f59d40aa9161218fbfcf71253f.tar.bz2
samba-fba157123ed1d6f59d40aa9161218fbfcf71253f.zip
- fixed link order of krb5 libs
- accept a wide range of principal names in session setup (This used to be commit 672df66296f540b606aa43effab5f021b8978e4b)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/negprot.c1
-rw-r--r--source3/smbd/sesssetup.c24
2 files changed, 6 insertions, 19 deletions
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index ecc6e7ee51..097cb79e67 100644
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -165,6 +165,7 @@ static int negprot_spnego(char *p, uint8 cryptkey[8])
uint8 guid[16];
const char *OIDs[] = {OID_NTLMSSP,
OID_KERBEROS5,
+ OID_KERBEROS5_OLD,
NULL};
char *principal;
int len;
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 003cb0dc3d..fc6c694d9f 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -33,16 +33,12 @@ static int reply_spnego_kerberos(connection_struct *conn,
{
DATA_BLOB ticket;
krb5_context context;
- krb5_principal server;
krb5_auth_context auth_context = NULL;
krb5_keytab keytab = NULL;
krb5_data packet;
krb5_ticket *tkt = NULL;
int ret;
char *realm, *client, *p;
- fstring hostname;
- char *principal;
- extern pstring global_myname;
const struct passwd *pw;
char *user;
gid_t gid;
@@ -56,30 +52,21 @@ static int reply_spnego_kerberos(connection_struct *conn,
return ERROR_NT(NT_STATUS_LOGON_FAILURE);
}
- fstrcpy(hostname, global_myname);
- strlower(hostname);
- asprintf(&principal, "HOST/%s@%s", hostname, realm);
-
ret = krb5_init_context(&context);
if (ret) {
DEBUG(1,("krb5_init_context failed (%s)\n", error_message(ret)));
return ERROR_NT(NT_STATUS_LOGON_FAILURE);
}
- ret = krb5_parse_name(context, principal, &server);
- if (ret) {
- DEBUG(1,("krb5_parse_name(%s) failed (%s)\n",
- principal, error_message(ret)));
- return ERROR_NT(NT_STATUS_LOGON_FAILURE);
- }
-
- free(principal);
-
packet.length = ticket.length;
packet.data = (krb5_pointer)ticket.data;
+#if 0
+ file_save("/tmp/ticket.dat", ticket.data, ticket.length);
+#endif
+
if ((ret = krb5_rd_req(context, &auth_context, &packet,
- server, keytab, NULL, &tkt))) {
+ NULL, keytab, NULL, &tkt))) {
DEBUG(3,("krb5_rd_req failed (%s)\n",
error_message(ret)));
return ERROR_NT(NT_STATUS_LOGON_FAILURE);
@@ -444,7 +431,6 @@ static int reply_sesssetup_and_X_spnego(connection_struct *conn, char *inbuf,cha
blob1 = data_blob(p, SVAL(inbuf, smb_vwv7));
#if 0
- chdir("/home/tridge");
file_save("negotiate.dat", blob1.data, blob1.length);
#endif