diff options
author | Andrew Tridgell <tridge@samba.org> | 2002-09-20 09:37:02 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2002-09-20 09:37:02 +0000 |
commit | 8ea2d8f255763b027cc70e35f96ad2ad325a4589 (patch) | |
tree | 3ea3eb6b88a64739393be178b6f1686ed82e2303 /source3 | |
parent | 737b0a54bfeae22f18b2b77850fe70f7326e5a6c (diff) | |
download | samba-8ea2d8f255763b027cc70e35f96ad2ad325a4589.tar.gz samba-8ea2d8f255763b027cc70e35f96ad2ad325a4589.tar.bz2 samba-8ea2d8f255763b027cc70e35f96ad2ad325a4589.zip |
change ADS negprot to match more closely the options used by w2k. This
affects the principal used and the order of SPNEGO OIDs
(This used to be commit e8ff1c0819e02a1fc7234ad0a07d5415936dfbd2)
Diffstat (limited to 'source3')
-rw-r--r-- | source3/smbd/negprot.c | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c index 0e306cdab0..16427b00d7 100644 --- a/source3/smbd/negprot.c +++ b/source3/smbd/negprot.c @@ -170,9 +170,9 @@ static int negprot_spnego(char *p) DATA_BLOB blob; extern pstring global_myname; uint8 guid[16]; - const char *OIDs_krb5[] = {OID_NTLMSSP, - OID_KERBEROS5, + const char *OIDs_krb5[] = {OID_KERBEROS5, OID_KERBEROS5_OLD, + OID_NTLMSSP, NULL}; const char *OIDs_plain[] = {OID_NTLMSSP, NULL}; char *principal; @@ -199,9 +199,7 @@ static int negprot_spnego(char *p) if (lp_security() != SEC_ADS) { blob = spnego_gen_negTokenInit(guid, OIDs_plain, "NONE"); } else { - /* win2000 uses host$@REALM, which we will probably use eventually, - but for now this works */ - asprintf(&principal, "HOST/%s@%s", guid, lp_realm()); + asprintf(&principal, "%s$@%s", guid, lp_realm()); blob = spnego_gen_negTokenInit(guid, OIDs_krb5, principal); free(principal); } |