From bbcd9deb07fe0cfcb2911093e1c99d30b210e7d2 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Sun, 21 Oct 2001 03:25:34 +0000
Subject: made smbclient cope better with arbitrary principle forms (This used
 to be commit d1341d74b7aa5f6b3f72e5409b245f87f1ad670b)

---
 source3/libsmb/cliconnect.c |  4 ++++
 source3/libsmb/clikrb5.c    | 12 +++++-------
 source3/libsmb/clispnego.c  | 15 +--------------
 3 files changed, 10 insertions(+), 21 deletions(-)

(limited to 'source3/libsmb')

diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index e24f081c69..11825ab036 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -387,6 +387,8 @@ static BOOL cli_session_setup_kerberos(struct cli_state *cli, char *principle, c
 {
 	DATA_BLOB blob2, negTokenTarg;
 
+	d_printf("Doing kerberos session setup\n");
+
 	/* generate the encapsulated kerberos5 ticket */
 	negTokenTarg = spnego_gen_negTokenTarg(cli, principle);
 
@@ -509,6 +511,8 @@ static BOOL cli_session_setup_spnego(struct cli_state *cli, char *user,
 	int i;
 	BOOL got_kerberos_mechanism = False;
 
+	d_printf("Doing spnego session setup\n");
+
 	/* the server might not even do spnego */
 	if (cli->secblob.length == 16) {
 		DEBUG(3,("server didn't supply a full spnego negprot\n"));
diff --git a/source3/libsmb/clikrb5.c b/source3/libsmb/clikrb5.c
index 5fef97c571..98e27fb9c4 100644
--- a/source3/libsmb/clikrb5.c
+++ b/source3/libsmb/clikrb5.c
@@ -28,8 +28,7 @@
 static krb5_error_code krb5_mk_req2(krb5_context context, 
 				    krb5_auth_context *auth_context, 
 				    const krb5_flags ap_req_options,
-				    const char *service, 
-				    const char *realm,
+				    const char *principle,
 				    krb5_ccache ccache, 
 				    krb5_data *outbuf)
 {
@@ -39,10 +38,9 @@ static krb5_error_code krb5_mk_req2(krb5_context context,
 	krb5_creds 		  creds;
 	krb5_data in_data;
 	
-	retval = krb5_build_principal(context, &server, strlen(realm),
-				      realm, service, NULL);
+	retval = krb5_parse_name(context, principle, &server);
 	if (retval) {
-		DEBUG(1,("Failed to build principle for %s@%s\n", service, realm));
+		DEBUG(1,("Failed to parse principle %s\n", principle));
 		return retval;
 	}
 	
@@ -89,7 +87,7 @@ cleanup_princ:
 /*
   get a kerberos5 ticket for the given service 
 */
-DATA_BLOB krb5_get_ticket(char *service, char *realm)
+DATA_BLOB krb5_get_ticket(char *principle)
 {
 	krb5_error_code retval;
 	krb5_data packet;
@@ -114,7 +112,7 @@ DATA_BLOB krb5_get_ticket(char *service, char *realm)
 	if ((retval = krb5_mk_req2(context, 
 				   &auth_context, 
 				   0, 
-				   service, realm,
+				   principle,
 				   ccdef, &packet))) {
 		goto failed;
 	}
diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c
index c421d75913..bcce0f6173 100644
--- a/source3/libsmb/clispnego.c
+++ b/source3/libsmb/clispnego.c
@@ -271,24 +271,11 @@ BOOL spnego_parse_krb5_wrap(DATA_BLOB blob, DATA_BLOB *ticket)
 */
 DATA_BLOB spnego_gen_negTokenTarg(struct cli_state *cli, char *principle)
 {
-	char *p;
-	fstring service;
-	char *realm;
 	DATA_BLOB tkt, tkt_wrapped, targ;
 	const char *krb_mechs[] = {OID_KERBEROS5_OLD, OID_NTLMSSP, NULL};
 
-	fstrcpy(service, principle);
-	p = strchr_m(service, '@');
-	if (!p) {
-		DEBUG(1,("Malformed principle [%s] in spnego_gen_negTokenTarg\n",
-			 principle));
-		return data_blob(NULL, 0);
-	}
-	*p = 0;
-	realm = p+1;
-
 	/* get a kerberos ticket for the service */
-	tkt = krb5_get_ticket(service, realm);
+	tkt = krb5_get_ticket(principle);
 
 	/* wrap that up in a nice GSS-API wrapping */
 	tkt_wrapped = spnego_gen_krb5_wrap(tkt);
-- 
cgit