svn commit: samba r11219 - in
branches/SAMBA_4_0/source/auth/gensec: .
abartlet at samba.org
abartlet at samba.org
Thu Oct 20 10:25:51 GMT 2005
Author: abartlet
Date: 2005-10-20 10:25:51 +0000 (Thu, 20 Oct 2005)
New Revision: 11219
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=11219
Log:
Now that we have the credentials hooked in here, we have a much more
reasonable value to fill in for the mechListMIC.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/auth/gensec/spnego.c
Changeset:
Modified: branches/SAMBA_4_0/source/auth/gensec/spnego.c
===================================================================
--- branches/SAMBA_4_0/source/auth/gensec/spnego.c 2005-10-20 10:21:04 UTC (rev 11218)
+++ branches/SAMBA_4_0/source/auth/gensec/spnego.c 2005-10-20 10:25:51 UTC (rev 11219)
@@ -411,6 +411,7 @@
const char **mechTypes = NULL;
DATA_BLOB unwrapped_out = data_blob(NULL, 0);
const struct gensec_security_ops_wrapper *all_sec;
+ const char *principal = NULL;
mechTypes = gensec_security_oids(out_mem_ctx, GENSEC_OID_SPNEGO);
@@ -461,11 +462,19 @@
spnego_out.negTokenInit.reqFlags = 0;
if (spnego_state->state_position == SPNEGO_SERVER_START) {
+ /* server credentails */
+ struct cli_credentials *creds = gensec_get_credentials(gensec_security);
+ if (creds) {
+ principal = cli_credentials_get_principal(creds, out_mem_ctx);
+ }
+ }
+ if (principal) {
spnego_out.negTokenInit.mechListMIC
- = data_blob_string_const(talloc_asprintf(out_mem_ctx, "%s$@%s", lp_netbios_name(), lp_realm()));
+ = data_blob_string_const(principal);
} else {
spnego_out.negTokenInit.mechListMIC = null_data_blob;
}
+
spnego_out.negTokenInit.mechToken = unwrapped_out;
if (spnego_write_data(out_mem_ctx, out, &spnego_out) == -1) {
More information about the samba-cvs
mailing list