diff options
| author | Andrew Tridgell <tridge@samba.org> | 2002-09-20 09:37:02 +0000 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 2002-09-20 09:37:02 +0000 |
| commit | e8ff1c0819e02a1fc7234ad0a07d5415936dfbd2 (patch) | |
| tree | 26d5ce39a3509b2984f64eb3123bef7b4497b037 /source/smbd | |
| parent | 56b194e83538bcb6006a5ab1e00cdb493dd9ad7f (diff) | |
| download | samba-e8ff1c0819e02a1fc7234ad0a07d5415936dfbd2.tar.gz samba-e8ff1c0819e02a1fc7234ad0a07d5415936dfbd2.tar.xz samba-e8ff1c0819e02a1fc7234ad0a07d5415936dfbd2.zip | |
change ADS negprot to match more closely the options used by w2k. This
affects the principal used and the order of SPNEGO OIDs
Diffstat (limited to 'source/smbd')
| -rw-r--r-- | source/smbd/negprot.c | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/source/smbd/negprot.c b/source/smbd/negprot.c index 0e306cdab0a..16427b00d70 100644 --- a/source/smbd/negprot.c +++ b/source/smbd/negprot.c @@ -170,9 +170,9 @@ static int negprot_spnego(char *p) DATA_BLOB blob; extern pstring global_myname; uint8 guid[16]; - const char *OIDs_krb5[] = {OID_NTLMSSP, - OID_KERBEROS5, + const char *OIDs_krb5[] = {OID_KERBEROS5, OID_KERBEROS5_OLD, + OID_NTLMSSP, NULL}; const char *OIDs_plain[] = {OID_NTLMSSP, NULL}; char *principal; @@ -199,9 +199,7 @@ static int negprot_spnego(char *p) if (lp_security() != SEC_ADS) { blob = spnego_gen_negTokenInit(guid, OIDs_plain, "NONE"); } else { - /* win2000 uses host$@REALM, which we will probably use eventually, - but for now this works */ - asprintf(&principal, "HOST/%s@%s", guid, lp_realm()); + asprintf(&principal, "%s$@%s", guid, lp_realm()); blob = spnego_gen_negTokenInit(guid, OIDs_krb5, principal); free(principal); } |