diff options
author | Andrew Tridgell <tridge@samba.org> | 2001-10-22 05:04:33 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2001-10-22 05:04:33 +0000 |
commit | fba157123ed1d6f59d40aa9161218fbfcf71253f (patch) | |
tree | 392e928545db46c420cce20e564ad5eea46898e8 /source3/smbd | |
parent | 18ffa22657b694857cc948949e567a514bc68d65 (diff) | |
download | samba-fba157123ed1d6f59d40aa9161218fbfcf71253f.tar.gz samba-fba157123ed1d6f59d40aa9161218fbfcf71253f.tar.bz2 samba-fba157123ed1d6f59d40aa9161218fbfcf71253f.zip |
- fixed link order of krb5 libs
- accept a wide range of principal names in session setup
(This used to be commit 672df66296f540b606aa43effab5f021b8978e4b)
Diffstat (limited to 'source3/smbd')
-rw-r--r-- | source3/smbd/negprot.c | 1 | ||||
-rw-r--r-- | source3/smbd/sesssetup.c | 24 |
2 files changed, 6 insertions, 19 deletions
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c index ecc6e7ee51..097cb79e67 100644 --- a/source3/smbd/negprot.c +++ b/source3/smbd/negprot.c @@ -165,6 +165,7 @@ static int negprot_spnego(char *p, uint8 cryptkey[8]) uint8 guid[16]; const char *OIDs[] = {OID_NTLMSSP, OID_KERBEROS5, + OID_KERBEROS5_OLD, NULL}; char *principal; int len; diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 003cb0dc3d..fc6c694d9f 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -33,16 +33,12 @@ static int reply_spnego_kerberos(connection_struct *conn, { DATA_BLOB ticket; krb5_context context; - krb5_principal server; krb5_auth_context auth_context = NULL; krb5_keytab keytab = NULL; krb5_data packet; krb5_ticket *tkt = NULL; int ret; char *realm, *client, *p; - fstring hostname; - char *principal; - extern pstring global_myname; const struct passwd *pw; char *user; gid_t gid; @@ -56,30 +52,21 @@ static int reply_spnego_kerberos(connection_struct *conn, return ERROR_NT(NT_STATUS_LOGON_FAILURE); } - fstrcpy(hostname, global_myname); - strlower(hostname); - asprintf(&principal, "HOST/%s@%s", hostname, realm); - ret = krb5_init_context(&context); if (ret) { DEBUG(1,("krb5_init_context failed (%s)\n", error_message(ret))); return ERROR_NT(NT_STATUS_LOGON_FAILURE); } - ret = krb5_parse_name(context, principal, &server); - if (ret) { - DEBUG(1,("krb5_parse_name(%s) failed (%s)\n", - principal, error_message(ret))); - return ERROR_NT(NT_STATUS_LOGON_FAILURE); - } - - free(principal); - packet.length = ticket.length; packet.data = (krb5_pointer)ticket.data; +#if 0 + file_save("/tmp/ticket.dat", ticket.data, ticket.length); +#endif + if ((ret = krb5_rd_req(context, &auth_context, &packet, - server, keytab, NULL, &tkt))) { + NULL, keytab, NULL, &tkt))) { DEBUG(3,("krb5_rd_req failed (%s)\n", error_message(ret))); return ERROR_NT(NT_STATUS_LOGON_FAILURE); @@ -444,7 +431,6 @@ static int reply_sesssetup_and_X_spnego(connection_struct *conn, char *inbuf,cha blob1 = data_blob(p, SVAL(inbuf, smb_vwv7)); #if 0 - chdir("/home/tridge"); file_save("negotiate.dat", blob1.data, blob1.length); #endif |