}
if (cli) {
- if (cli->use_kerberos || (cli->capabilities & CAP_EXTENDED_SECURITY))
+ if (cli->use_kerberos && cli->got_kerberos_mechanism)
fputs("ATTR: auth-info-required=negotiate\n", stderr);
else
fputs("ATTR: auth-info-required=username,password\n", stderr);
bool use_kerberos;
bool fallback_after_kerberos;
bool use_spnego;
+ bool got_kerberos_mechanism; /* Server supports krb5 in SPNEGO. */
bool use_oplocks; /* should we use oplocks? */
bool use_level_II_oplocks; /* should we use level II oplocks? */
char *principal = NULL;
char *OIDs[ASN1_MAX_OIDS];
int i;
- bool got_kerberos_mechanism = False;
DATA_BLOB blob;
const char *p = NULL;
char *account = NULL;
DEBUG(3,("got OID=%s\n", OIDs[i]));
if (strcmp(OIDs[i], OID_KERBEROS5_OLD) == 0 ||
strcmp(OIDs[i], OID_KERBEROS5) == 0) {
- got_kerberos_mechanism = True;
+ cli->got_kerberos_mechanism = True;
}
free(OIDs[i]);
}
/* If password is set we reauthenticate to kerberos server
* and do not store results */
- if (got_kerberos_mechanism && cli->use_kerberos) {
+ if (cli->got_kerberos_mechanism && cli->use_kerberos) {
ADS_STATUS rc;
if (pass && *pass) {