From 481c644b7b32aa876c69153760fe8a460eea0e69 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 25 Nov 2001 23:05:13 +0000 Subject: added 'security=ADS' (This used to be commit 5a735a88e472a48cd4329832998dc31c1e230ecb) --- source3/include/smb.h | 2 +- source3/param/loadparm.c | 1 + source3/smbd/negprot.c | 7 +++++++ 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/source3/include/smb.h b/source3/include/smb.h index d3b999f3cb..1d7612e9e8 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -1282,7 +1282,7 @@ char *strdup(char *s); enum protocol_types {PROTOCOL_NONE,PROTOCOL_CORE,PROTOCOL_COREPLUS,PROTOCOL_LANMAN1,PROTOCOL_LANMAN2,PROTOCOL_NT1}; /* security levels */ -enum security_types {SEC_SHARE,SEC_USER,SEC_SERVER,SEC_DOMAIN}; +enum security_types {SEC_SHARE,SEC_USER,SEC_SERVER,SEC_DOMAIN,SEC_ADS}; /* server roles */ enum server_types diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 548dd83769..b967c5b63f 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -547,6 +547,7 @@ static struct enum_list enum_security[] = { {SEC_USER, "USER"}, {SEC_SERVER, "SERVER"}, {SEC_DOMAIN, "DOMAIN"}, + {SEC_ADS, "ADS"}, {-1, NULL} }; diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c index d080c23332..8a01a59bf2 100644 --- a/source3/smbd/negprot.c +++ b/source3/smbd/negprot.c @@ -171,6 +171,13 @@ static int negprot_spnego(char *p) safe_strcpy((char *)guid, global_myname, 16); strlower((char *)guid); + /* strangely enough, NT does not sent the single OID NTLMSSP when + not a ADS member, it sends no OIDs at all */ + if (lp_security() != SEC_ADS) { + memcpy(p, guid, 16); + return 16; + } + /* win2000 uses host$@REALM, which we will probably use eventually, but for now this works */ asprintf(&principal, "HOST/%s@%s", guid, lp_realm()); -- cgit