diff options
author | Stefan Metzmacher <metze@samba.org> | 2007-05-02 09:54:06 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:51:56 -0500 |
commit | 798398950864fd780b7b70f80cce2b2e73aa0349 (patch) | |
tree | 3208c7ae5a533fd19c7e4536697d861aaedbc51e /source4 | |
parent | 19a6878380eec4a66fb9f15f4d7a16d80c4ee84d (diff) | |
download | samba-798398950864fd780b7b70f80cce2b2e73aa0349.tar.gz samba-798398950864fd780b7b70f80cce2b2e73aa0349.tar.bz2 samba-798398950864fd780b7b70f80cce2b2e73aa0349.zip |
r22635: make it possible to not turn off dns canonicalization of hostnames
with krb5:set_dns_canonicalize=yes
needed for the drsuapi replication, but we should fix this with
a kdc locator plugin ...
metze
(This used to be commit f0a12355bcfab47663e62f3d8ae820815210cdc5)
Diffstat (limited to 'source4')
-rw-r--r-- | source4/auth/gensec/gensec_gssapi.c | 2 | ||||
-rw-r--r-- | source4/auth/kerberos/krb5_init_context.c | 3 |
2 files changed, 3 insertions, 2 deletions
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c index 82a79e1945..86e988e4cb 100644 --- a/source4/auth/gensec/gensec_gssapi.c +++ b/source4/auth/gensec/gensec_gssapi.c @@ -218,7 +218,7 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security) } /* don't do DNS lookups of any kind, it might/will fail for a netbios name */ - ret = gsskrb5_set_dns_canonicalize(FALSE); + ret = gsskrb5_set_dns_canonicalize(lp_parm_bool(-1, "krb5", "set_dns_canonicalize", false)); if (ret) { DEBUG(1,("gensec_krb5_start: gsskrb5_set_dns_canonicalize failed\n")); talloc_free(gensec_gssapi_state); diff --git a/source4/auth/kerberos/krb5_init_context.c b/source4/auth/kerberos/krb5_init_context.c index b78f6ef94e..e3a8479277 100644 --- a/source4/auth/kerberos/krb5_init_context.c +++ b/source4/auth/kerberos/krb5_init_context.c @@ -473,7 +473,8 @@ krb5_error_code smb_krb5_init_context(void *parent_ctx, /* Set options in kerberos */ - krb5_set_dns_canonicalize_hostname((*smb_krb5_context)->krb5_context, FALSE); + krb5_set_dns_canonicalize_hostname((*smb_krb5_context)->krb5_context, + lp_parm_bool(-1, "krb5", "set_dns_canonicalize", false)); return 0; } |