The Samba-Bugzilla – Bug 7890
cifs-util: GSSAPI 0x8003 checksum uses wrong channel bindings
Last modified: 2011-02-01 13:03:03 UTC
Some closed source SMB servers, check the gssapi channel bindings,
and don't support the address type 255 for null bindings.
Both heimdal and mit use 16 zero bytes instead of a md5 checksum
of the channel bindings.
Created attachment 6171 [details]
Patches to use krb5_auth_con_set_req_cksumtype()
Thanks Metze, any chance you could post these to the linux-cifs mailing list with a description of the problem? They look fine at first glance, aside from the bare 0x8003. It seems like that ought to have a #define'd constant added with a descriptive name.
Done, but I've extended the comment to explain where 0x8003 is comming from
(RFC 4121), instead of adding a define, which would be only used in one place.
This is now in cifs-utils-4.8.1. Closing bug as FIXED.