You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@serf.apache.org by iv...@apache.org on 2018/05/08 15:48:53 UTC
svn commit: r1831196 - /serf/trunk/auth/auth_spnego_sspi.c
Author: ivan
Date: Tue May 8 15:48:53 2018
New Revision: 1831196
URL: http://svn.apache.org/viewvc?rev=1831196&view=rev
Log:
Revert r1699914 (try use reverse DNS to resolve canonical name for SPN). While
the new behavior fixes issue with NTLM authentication to localhost, it may
break common existing setups [1]. This change restores previous behavior that
has been in serf 1.3.x.
[1] https://groups.google.com/forum/#!msg/serf-dev/yFPCis1zNNI/jQSUOd6StvgJ
Modified:
serf/trunk/auth/auth_spnego_sspi.c
Modified: serf/trunk/auth/auth_spnego_sspi.c
URL: http://svn.apache.org/viewvc/serf/trunk/auth/auth_spnego_sspi.c?rev=1831196&r1=1831195&r2=1831196&view=diff
==============================================================================
--- serf/trunk/auth/auth_spnego_sspi.c (original)
+++ serf/trunk/auth/auth_spnego_sspi.c Tue May 8 15:48:53 2018
@@ -174,23 +174,7 @@ get_canonical_hostname(const char **cano
}
if (addrinfo) {
- /* We got the canonical name and address. Try to perform
- * reverse DNS lookup to find the true hostname.
- * This is how MIT KRB works by default.*/
- char rdnshost[NI_MAXHOST];
- int gaierr;
-
- gaierr = getnameinfo(addrinfo->ai_addr, addrinfo->ai_addrlen,
- rdnshost, sizeof(rdnshost),
- NULL, 0, NI_NAMEREQD);
- if (gaierr) {
- /* Reverse DNS lookup failed -- use canonical name is that case. */
- *canonname = apr_pstrdup(pool, addrinfo->ai_canonname);
- }
- else {
- /* We got the hostname -- use it for SPN. */
- *canonname = apr_pstrdup(pool, rdnshost);
- }
+ *canonname = apr_pstrdup(pool, addrinfo->ai_canonname);
}
else {
*canonname = apr_pstrdup(pool, hostname);