const char *service = gensec_get_target_service(gensec_security);
const char *realm = cli_credentials_get_realm(creds);
- target_principal = gensec_get_target_principal(gensec_security);
- if (target_principal != NULL) {
- goto do_start;
- }
-
- if (!hostname) {
- DEBUG(3, ("No hostname for target computer passed in, cannot use kerberos for this connection\n"));
- return NT_STATUS_INVALID_PARAMETER;
- }
- if (is_ipaddress(hostname)) {
- DEBUG(2, ("Cannot do GSSAPI to an IP address\n"));
- return NT_STATUS_INVALID_PARAMETER;
- }
- if (strcmp(hostname, "localhost") == 0) {
- DEBUG(2, ("GSSAPI to 'localhost' does not make sense\n"));
- return NT_STATUS_INVALID_PARAMETER;
+ nt_status = gensec_gssapi_try_kerberos(gensec_security);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ return nt_status;
}
- if (realm == NULL) {
+ target_principal = gensec_get_target_principal(gensec_security);
+ if (target_principal == NULL && realm == NULL) {
char *cred_name = cli_credentials_get_unparsed_name(creds,
gensec_security);
DEBUG(3, ("cli_credentials(%s) without realm, "
return NT_STATUS_INVALID_PARAMETER;
}
-do_start:
-
nt_status = gensec_gssapi_start(gensec_security);
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;