summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--source3/include/proto.h1
-rw-r--r--source3/param/loadparm.c11
-rw-r--r--source3/smbd/negprot.c3
3 files changed, 15 insertions, 0 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 94196b41d1..3ef12158b8 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -3307,6 +3307,7 @@ bool lp_unix_extensions(void);
bool lp_use_spnego(void);
bool lp_client_use_spnego(void);
bool lp_client_use_spnego_principal(void);
+bool lp_send_spnego_principal(void);
bool lp_hostname_lookups(void);
bool lp_change_notify(const struct share_params *p );
bool lp_kernel_change_notify(const struct share_params *p );
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 05958b47d2..b7f6a99f49 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -339,6 +339,7 @@ struct global {
bool bClientPlaintextAuth;
bool bClientUseSpnego;
bool client_use_spnego_principal;
+ bool send_spnego_principal;
bool bDebugPrefixTimestamp;
bool bDebugHiresTimestamp;
bool bDebugPid;
@@ -1409,6 +1410,15 @@ static struct parm_struct parm_table[] = {
.flags = FLAG_ADVANCED,
},
{
+ .label = "send spnego principal",
+ .type = P_BOOL,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.send_spnego_principal,
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED,
+ },
+ {
.label = "username",
.type = P_STRING,
.p_class = P_LOCAL,
@@ -5722,6 +5732,7 @@ FN_GLOBAL_BOOL(lp_unix_extensions, &Globals.bUnixExtensions)
FN_GLOBAL_BOOL(lp_use_spnego, &Globals.bUseSpnego)
FN_GLOBAL_BOOL(lp_client_use_spnego, &Globals.bClientUseSpnego)
FN_GLOBAL_BOOL(lp_client_use_spnego_principal, &Globals.client_use_spnego_principal)
+FN_GLOBAL_BOOL(lp_send_spnego_principal, &Globals.send_spnego_principal)
FN_GLOBAL_BOOL(lp_hostname_lookups, &Globals.bHostnameLookups)
FN_LOCAL_PARM_BOOL(lp_change_notify, bChangeNotify)
FN_LOCAL_PARM_BOOL(lp_kernel_change_notify, bKernelChangeNotify)
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index a0c1d2594f..443fac4b4b 100644
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -213,6 +213,9 @@ DATA_BLOB negprot_spnego(TALLOC_CTX *ctx, struct smbd_server_connection *sconn)
/* Code for standalone WXP client */
blob = spnego_gen_negTokenInit(ctx, OIDs_ntlm, NULL, "NONE");
#endif
+ } else if (!lp_send_spnego_principal()) {
+ /* By default, Windows 2008 and later sends not_defined_in_RFC4178@please_ignore */
+ blob = spnego_gen_negTokenInit(ctx, OIDs_krb5, NULL, ADS_IGNORE_PRINCIPAL);
} else {
fstring myname;
char *host_princ_s = NULL;
generated by cgit (git 2.34.1) at 2024-12-01 03:17:38 +0000