[linux-cifs-client] [PATCH 2/2] cifs.spnego helper in samba:
helper source code
Jeff Layton
jlayton at redhat.com
Mon Nov 12 12:27:55 GMT 2007
On Mon, 12 Nov 2007 03:03:46 -0500
simo <idra at samba.org> wrote:
>
> On Wed, 2007-11-07 at 14:02 +0300, Q (Igor Mammedov) wrote:
> > + // do mech specific authorization
> > + switch(sectype){
> > + case KRB5:{
> > + char* princ;
> > + size_t len;
> > +
> > + /* for "cifs/" service name + terminating
> > 0*/
> > + len = strlen(hostname)+6;
> > + princ = malloc(len);
> > + if ( !princ ) {
> > + rc = 1;
> > + break;
> > + }
> > + strncpy(princ,"cifs/",len);
> > + strncpy(princ+5,hostname,len-5);
> > +
>
> Aren't we missing the REALM here ?
>
> And of course a good question is also .. how do we determine the
> realm ? I am thinking of cases where the server is in another realm
> and there is a trust between the server realm and the user realm.
>
> Simo.
>
Perhaps we could coopt the 'domain=' mount option and have the kernel
pass that to userspace in the description string?
--
Jeff Layton <jlayton at redhat.com>
More information about the linux-cifs-client
mailing list