summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2007-05-02 09:54:06 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:51:56 -0500
commit798398950864fd780b7b70f80cce2b2e73aa0349 (patch)
tree3208c7ae5a533fd19c7e4536697d861aaedbc51e /source4
parent19a6878380eec4a66fb9f15f4d7a16d80c4ee84d (diff)
downloadsamba-798398950864fd780b7b70f80cce2b2e73aa0349.tar.gz
samba-798398950864fd780b7b70f80cce2b2e73aa0349.tar.bz2
samba-798398950864fd780b7b70f80cce2b2e73aa0349.zip
r22635: make it possible to not turn off dns canonicalization of hostnames
with krb5:set_dns_canonicalize=yes needed for the drsuapi replication, but we should fix this with a kdc locator plugin ... metze (This used to be commit f0a12355bcfab47663e62f3d8ae820815210cdc5)
Diffstat (limited to 'source4')
-rw-r--r--source4/auth/gensec/gensec_gssapi.c2
-rw-r--r--source4/auth/kerberos/krb5_init_context.c3
2 files changed, 3 insertions, 2 deletions
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index 82a79e1945..86e988e4cb 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -218,7 +218,7 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
}
/* don't do DNS lookups of any kind, it might/will fail for a netbios name */
- ret = gsskrb5_set_dns_canonicalize(FALSE);
+ ret = gsskrb5_set_dns_canonicalize(lp_parm_bool(-1, "krb5", "set_dns_canonicalize", false));
if (ret) {
DEBUG(1,("gensec_krb5_start: gsskrb5_set_dns_canonicalize failed\n"));
talloc_free(gensec_gssapi_state);
diff --git a/source4/auth/kerberos/krb5_init_context.c b/source4/auth/kerberos/krb5_init_context.c
index b78f6ef94e..e3a8479277 100644
--- a/source4/auth/kerberos/krb5_init_context.c
+++ b/source4/auth/kerberos/krb5_init_context.c
@@ -473,7 +473,8 @@ krb5_error_code smb_krb5_init_context(void *parent_ctx,
/* Set options in kerberos */
- krb5_set_dns_canonicalize_hostname((*smb_krb5_context)->krb5_context, FALSE);
+ krb5_set_dns_canonicalize_hostname((*smb_krb5_context)->krb5_context,
+ lp_parm_bool(-1, "krb5", "set_dns_canonicalize", false));
return 0;
}