summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/libads/sasl.c4
-rw-r--r--source3/libsmb/cliconnect.c4
-rw-r--r--source3/smbd/sesssetup.c12
3 files changed, 16 insertions, 4 deletions
diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c
index 97ba9c9286..0164b0c740 100644
--- a/source3/libads/sasl.c
+++ b/source3/libads/sasl.c
@@ -173,7 +173,9 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
DATA_BLOB blob;
char *principal = NULL;
char *OIDs[ASN1_MAX_OIDS];
+#ifdef HAVE_KRB5
BOOL got_kerberos_mechanism = False;
+#endif
rc = ldap_sasl_bind_s(ads->ld, NULL, "GSS-SPNEGO", NULL, NULL, NULL, &scred);
@@ -202,10 +204,12 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
/* make sure the server understands kerberos */
for (i=0;OIDs[i];i++) {
DEBUG(3,("ads_sasl_spnego_bind: got OID=%s\n", OIDs[i]));
+#ifdef HAVE_KRB5
if (strcmp(OIDs[i], OID_KERBEROS5_OLD) == 0 ||
strcmp(OIDs[i], OID_KERBEROS5) == 0) {
got_kerberos_mechanism = True;
}
+#endif
free(OIDs[i]);
}
DEBUG(3,("ads_sasl_spnego_bind: got server principal name =%s\n", principal));
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index aa37a29391..c5154827c6 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -702,7 +702,9 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user,
char *principal;
char *OIDs[ASN1_MAX_OIDS];
int i;
+#ifdef HAVE_KRB5
BOOL got_kerberos_mechanism = False;
+#endif
DATA_BLOB blob;
DEBUG(3,("Doing spnego session setup (blob length=%lu)\n", (unsigned long)cli->secblob.length));
@@ -731,10 +733,12 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user,
/* make sure the server understands kerberos */
for (i=0;OIDs[i];i++) {
DEBUG(3,("got OID=%s\n", OIDs[i]));
+#ifdef HAVE_KRB5
if (strcmp(OIDs[i], OID_KERBEROS5_OLD) == 0 ||
strcmp(OIDs[i], OID_KERBEROS5) == 0) {
got_kerberos_mechanism = True;
}
+#endif
free(OIDs[i]);
}
DEBUG(3,("got principal=%s\n", principal));
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 40ea28a86d..e1fb71d575 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -417,7 +417,9 @@ static int reply_spnego_negotiate(connection_struct *conn,
DATA_BLOB secblob;
int i;
DATA_BLOB chal;
- BOOL got_kerberos = False;
+#ifdef HAVE_KRB5
+ BOOL got_kerberos_mechanism = False;
+#endif
NTSTATUS nt_status;
/* parse out the OIDs and the first sec blob */
@@ -434,11 +436,13 @@ static int reply_spnego_negotiate(connection_struct *conn,
server sent back krb5/mskrb5/ntlmssp as mechtypes, but the
client (2ksp3) replied with ntlmssp/mskrb5/krb5 and an
NTLMSSP mechtoken. --jerry */
-
+
+#ifdef HAVE_KRB5
if (strcmp(OID_KERBEROS5, OIDs[0]) == 0 ||
strcmp(OID_KERBEROS5_OLD, OIDs[0]) == 0) {
- got_kerberos = True;
+ got_kerberos_mechanism = True;
}
+#endif
for (i=0;OIDs[i];i++) {
DEBUG(3,("Got OID %s\n", OIDs[i]));
@@ -447,7 +451,7 @@ static int reply_spnego_negotiate(connection_struct *conn,
DEBUG(3,("Got secblob of size %lu\n", (unsigned long)secblob.length));
#ifdef HAVE_KRB5
- if (got_kerberos && (SEC_ADS == lp_security())) {
+ if (got_kerberos_mechanism && (SEC_ADS == lp_security())) {
int ret = reply_spnego_kerberos(conn, inbuf, outbuf,
length, bufsize, &secblob);
data_blob_free(&secblob);