Some closed source SMB servers, check the gssapi channel bindings,
and don't support the address type 255 for null bindings.
Both heimdal and mit use 16 zero bytes instead of a md5 checksum
of the channel bindings.
Created attachment 6171 [details]
Patches to use krb5_auth_con_set_req_cksumtype()
Thanks Metze, any chance you could post these to the linux-cifs mailing list with a description of the problem? They look fine at first glance, aside from the bare 0x8003. It seems like that ought to have a #define'd constant added with a descriptive name.
Done, but I've extended the comment to explain where 0x8003 is comming from
(RFC 4121), instead of adding a define, which would be only used in one place.
This is now in cifs-utils-4.8.1. Closing bug as FIXED.