/* * Build the SPNEGO "hint" token based on the * configured authentication mechanisms. * (NTLMSSP, and maybe Kerberos) */ void smbd_get_authconf(smb_kmod_cfg_t *kcfg) { SPNEGO_TOKEN_HANDLE hSpnegoToken = NULL; uchar_t *pBuf = kcfg->skc_negtok; uint32_t *pBufLen = &kcfg->skc_negtok_len; ulong_t tLen = sizeof (kcfg->skc_negtok); int rc; rc = spnegoCreateNegTokenHint(MechTypeList, MechTypeCnt, (uchar_t *)IgnoreSPN, &hSpnegoToken); if (rc != SPNEGO_E_SUCCESS) { syslog(LOG_DEBUG, "smb_config_get_negtok: " "spnegoCreateNegTokenHint, rc=%d", rc); *pBufLen = 0; return; } rc = spnegoTokenGetBinary(hSpnegoToken, pBuf, &tLen); if (rc != SPNEGO_E_SUCCESS) { syslog(LOG_DEBUG, "smb_config_get_negtok: " "spnegoTokenGetBinary, rc=%d", rc); *pBufLen = 0; } else { *pBufLen = (uint32_t)tLen; } spnegoFreeData(hSpnegoToken); }
/* * Build the SPNEGO "hint" token based on the * configured authentication mechanisms. * (NTLMSSP, and maybe Kerberos) */ void smbd_get_authconf(smb_kmod_cfg_t *kcfg) { SPNEGO_MECH_OID *mechList = MechTypeList; int mechCnt = MechTypeCnt; SPNEGO_TOKEN_HANDLE hSpnegoToken = NULL; uchar_t *pBuf = kcfg->skc_negtok; uint32_t *pBufLen = &kcfg->skc_negtok_len; ulong_t tLen = sizeof (kcfg->skc_negtok); int rc; /* * In workgroup mode, skip Kerberos. */ if (smb_config_get_secmode() != SMB_SECMODE_DOMAIN) { mechList += MECH_OID_IDX_NTLMSSP; mechCnt -= MECH_OID_IDX_NTLMSSP; } rc = spnegoCreateNegTokenHint(mechList, mechCnt, (uchar_t *)IgnoreSPN, &hSpnegoToken); if (rc != SPNEGO_E_SUCCESS) { syslog(LOG_DEBUG, "smb_config_get_negtok: " "spnegoCreateNegTokenHint, rc=%d", rc); *pBufLen = 0; return; } rc = spnegoTokenGetBinary(hSpnegoToken, pBuf, &tLen); if (rc != SPNEGO_E_SUCCESS) { syslog(LOG_DEBUG, "smb_config_get_negtok: " "spnegoTokenGetBinary, rc=%d", rc); *pBufLen = 0; } else { *pBufLen = (uint32_t)tLen; } spnegoFreeData(hSpnegoToken); }