From 13f5414f93e54b2fad7d2966cd3ddd2e4abb0dc6 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 9 Jan 2012 11:19:33 +1100 Subject: s3-libsmb: Do not look up FQDN or use host/ for krb5 encrypted CIFS This is important, as we want to use exactly the same name and ticket that the libsmb session setup code used, so we do not hit the KDC twice. For the session setup to have succeded using the default 'client use spnego principal = no', the cifs/ principal must exist anyway, so looking for host/ is pointless. The case of 'client use spnego principal = yes' was never supported here. Andrew Bartlett --- source3/libsmb/clifsinfo.c | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) (limited to 'source3/libsmb') diff --git a/source3/libsmb/clifsinfo.c b/source3/libsmb/clifsinfo.c index d314c42921..b02cdd5a22 100644 --- a/source3/libsmb/clifsinfo.c +++ b/source3/libsmb/clifsinfo.c @@ -810,19 +810,8 @@ NTSTATUS cli_gss_smb_encryption_start(struct cli_state *cli) return NT_STATUS_NO_MEMORY; } - name_to_fqdn(fqdn, cli_state_remote_name(cli)); - strlower_m(fqdn); - servicename = "cifs"; - status = make_cli_gss_blob(talloc_tos(), es, servicename, fqdn, NT_STATUS_OK, blob_recv, &blob_send); - if (!NT_STATUS_EQUAL(status,NT_STATUS_MORE_PROCESSING_REQUIRED)) { - servicename = "host"; - status = make_cli_gss_blob(talloc_tos(), es, servicename, fqdn, NT_STATUS_OK, blob_recv, &blob_send); - if (!NT_STATUS_EQUAL(status,NT_STATUS_MORE_PROCESSING_REQUIRED)) { - goto fail; - } - } - + status = make_cli_gss_blob(talloc_tos(), es, servicename, cli_state_remote_name(cli), NT_STATUS_OK, blob_recv, &blob_send); do { data_blob_free(&blob_recv); status = enc_blob_send_receive(cli, &blob_send, &blob_recv, ¶m_out); -- cgit