Ignore:
Timestamp:
Jul 25, 2016, 11:55:48 AM (9 years ago)
Author:
Paul Smedley
Message:

Add support to enable Kerberos support, and make the plugin connect using kerberos when it's enabled

Location:
branches/client-3.0/src
Files:
5 edited

Legend:

Unmodified
Added
Removed

  • branches/client-3.0/src/ndpsmb.c

    r928 r930  
    110110        {ND_PROP_ULONG, 0, "CLD", "32"},
    111111        {ND_PROP_ULONG, 0, "EASUPPORT", "1"},
     112        {ND_PROP_ULONG, 0, "KRB5SUPPORT", "0"},
    112113        {ND_PROP_STRING, 0, NULL, NULL}
    113114};
     
    364365        pRes->rootlevel = 0;
    365366        pRes->easupport = 1;
    366 #ifdef HAVE_KRB5_H
    367         pRes->krb5support = 1;
    368 #else
    369367        pRes->krb5support = 0;
    370 #endif
    371368        pRes->pdc = NULL;
    372369
     
    473470        }
    474471
     472        t = 0;
     473        rc = ph->fsphQueryUlongProperty (properties, "KRB5SUPPORT", &t);
     474        if (!rc)
     475        {
     476                if (t > 1)
     477                {
     478                        rc = ERROR_INVALID_PARAMETER;
     479                }
     480                else
     481                {
     482                        pRes->krb5support = t;
     483                }
     484        }
    475485        t = 0;
    476486        rc = ph->fsphQueryUlongProperty (properties, "CTO", &t);

  • branches/client-3.0/src/rc/rc.dlg

    r519 r930  
    3333                        DT_WORDBREAK
    3434        AUTOCHECKBOX    "", CHK_EASUPPORT, 180, 132, 10, 10, WS_GROUP
     35        LTEXT           "Supports KRB5", LBL_KRB5SUPPORT, 195, 140, 52, 10,
     36                        DT_WORDBREAK
     37        AUTOCHECKBOX    "", CHK_KRB5SUPPORT, 180, 142, 10, 10, WS_GROUP
    3538        PUSHBUTTON      "Cancel", DID_CANCEL, 7, 6, 56, 14
    3639                        PRESPARAMS PP_FONTNAMESIZE, "9.WarpSans Bold"

  • branches/client-3.0/src/rc/rc.h

    r519 r930  
    2323#define GB_CACHE                     1025
    2424#define GB_BROWSE                   1027
     25#define LBL_KRB5SUPPORT               1028
     26#define CHK_KRB5SUPPORT               1029
    2527#define LBL_CACHETIMEOUT        1014
    2628#define SPIN_CACHETIMEOUT       1015

  • branches/client-3.0/src/rc/rc.rc_

    r756 r930  
    4848   "    mastertype - 0 if 'master' is the name of master server, 1 if 'master' is the name of master workgroup\r\n"
    4949   "    easupport - 0 to not support EA, 1 to support\r\n"
     50   "    krb5support - 0 to not support kerberos authentication, 1 to support\r\n"
    5051   "\r\n"
    5152}
     
    126127RCDATA (DLG_ID + 11)
    127128{
     129    CHK_KRB5SUPPORT, PARMTYPE_INT, 0L, 1L, "krb5support", "%d", 0L
     130}
     131
     132RCDATA (DLG_ID + 12)
    128133    1
    129134}

  • branches/client-3.0/src/smbwrp.c

    r929 r930  
    245245        const char *name = NULL;
    246246
    247         debuglocal(1,"Connecting to \\\\%s:*********@%s:%s\\%s. Master %s:%d\n", srv->username,  workgroup, server, share, srv->master, srv->ifmastergroup);
    248 
    249         cli_set_timeout(c, 10000); /* 10 seconds. */
    250 
    251         if (pRes->krb5support == 1)
    252         {
    253             debuglocal(1,"Kerberos support enabled\n");
    254             c->use_kerberos = True;
     247        if (!pRes->krb5support)
     248                debuglocal(1,"Connecting to \\\\%s:*********@%s:%s\\%s. Master %s:%d\n", srv->username,  workgroup, server, share, srv->master, srv->ifmastergroup);
     249        else
     250                debuglocal(1,"Connecting to \\\\%s:%s\\%s using kerberos authentication. Master %s:%d\n", workgroup, server, share, srv->master, srv->ifmastergroup);
     251
     252        if (pRes->krb5support) {
     253                flags |= CLI_FULL_CONNECTION_USE_KERBEROS;
    255254        }
    256255
     
    290289
    291290                /* try an anonymous login if it failed */
    292                 if (!NT_STATUS_IS_OK(cli_session_setup(c, "", "", 0,"", 0, workgroup))) {
    293                         debuglocal(4,"Anonymous login failed\n");
     291               
     292                /* If a password was not supplied then
     293                 * try again with a null username. */
     294                if (srv->password[0] || !srv->username[0] ||
     295                        pRes->krb5support ||
     296                !NT_STATUS_IS_OK(status = cli_session_setup(c, "",
     297                                        "", 0,
     298                                        "", 0,
     299                                        workgroup))) {
     300                        debuglocal(1,"session setup failed: %s\n",
     301                                 nt_errstr(status));
     302
     303                        if ((NT_STATUS_EQUAL(status,
     304                                            NT_STATUS_MORE_PROCESSING_REQUIRED)) ||
     305                             NT_STATUS_EQUAL(status,
     306                                            NT_STATUS_INTERNAL_ERROR)){
     307                                debuglocal(4,"did you forget to run kinit?\n");
     308                        } else
     309                                debuglocal(4,"Anonymous login failed\n");
     310
    294311                        cli_shutdown(c);
    295312                        return 6;
Note: See TracChangeset for help on using the changeset viewer.