jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-20 16:00:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

smb-extended-20040724

Browse Source 
Don't fallback to SMB_AUTH_NTLM.  Apparently, allowing SPNEGO to be
used each time prevents the failure of authentication when logged into
Windows with an external Kerberos principal mapped to a local account.
This commit is contained in:
Jeffrey Altman 2004-07-24 09:31:15 +00:00 committed by Jeffrey Altman
parent ed8fdaa8e1
commit e73c65900f
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/WINNT/afsd/smb.c
View File

@ -7344,7 +7344,13 @@ void smb_Init(osi_log_t *logp, char *snamep, int useV3, int LANadapt,
or sec package id. */ or sec package id. */
afsi_log("Reverting to NO SMB AUTH"); afsi_log("Reverting to NO SMB AUTH");
smb_authType = SMB_AUTH_NONE; smb_authType = SMB_AUTH_NONE;
} else if ( smb_authType == SMB_AUTH_EXTENDED) { }
#ifdef COMMENT
/* Don't fallback to SMB_AUTH_NTLM. Apparently, allowing SPNEGO to be used each
* time prevents the failure of authentication when logged into Windows with an
* external Kerberos principal mapped to a local account.
*/
else if ( smb_authType == SMB_AUTH_EXTENDED) {
/* Test to see if there is anything to negotiate. If SPNEGO is not going to be used /* Test to see if there is anything to negotiate. If SPNEGO is not going to be used
* then the only option is NTLMSSP anyway; so just fallback. * then the only option is NTLMSSP anyway; so just fallback.
*/ */
@ -7358,6 +7364,7 @@ void smb_Init(osi_log_t *logp, char *snamep, int useV3, int LANadapt,
} else } else
free(secBlob); free(secBlob);
} }
#endif
} }
{ {