Dmitry M. Maslennikov <rlz at altlinux.org>

diff --git a/samba/source/client/cifs.upcall.c b/samba/source/client/cifs.upcall.c
index 238b861..d60ba0a 100644
--- a/samba/source/client/cifs.upcall.c
+++ b/samba/source/client/cifs.upcall.c
@@ -26,6 +26,10 @@ create dns_resolver * * /usr/local/sbin/cifs.upcall %k
 
 #include "includes.h"
 #include <keyutils.h>
+#include <netdb.h>
+#include <resolv.h>
+
+#define MAX_DNS_NAMELEN (15*(MAXHOSTNAMELEN + 1)+1)
 
 #include "cifs_spnego.h"
 
@@ -111,9 +115,37 @@ decode_key_description(const char *desc, int *ver, secType_t * sec,
 				len = pos - tkn;
 			}
 			len -= 4;
+			// Get canonical name of host
+			struct addrinfo * info;
+			if(len > MAX_DNS_NAMELEN)
+			{
+				syslog(LOG_WARNING, "Hostname is too long");
+				return 1;
+			}
+			char host[MAX_DNS_NAMELEN+1];
+			strlcpy(host, tkn + 5, len);
+			int ret = getaddrinfo(host, 0, 0, &info);
+			if(ret)
+			{
+				syslog(LOG_WARNING, "getaddrinfo: %s",
+					gai_strerror(ret));
+				return 1;
+			}
+			ret = getnameinfo(info->ai_addr, info->ai_addrlen,
+				    host, sizeof(host), 0, 0, 0);
+			if(ret)
+			{
+				syslog(LOG_WARNING, "getnameinfo: %s",
+					gai_strerror(ret));
+				freeaddrinfo(info);
+				return 1;
+			}
+			freeaddrinfo(info);
+			len = strlen(host) + 1;
+
 			SAFE_FREE(*hostname);
 			*hostname = SMB_XMALLOC_ARRAY(char, len);
-			strlcpy(*hostname, tkn + 5, len);
+			strlcpy(*hostname, host, len);
 			retval |= DKD_HAVE_HOSTNAME;
 		} else if (strncmp(tkn, "ipv4=", 5) == 0) {
 			/* BB: do we need it if we have hostname already? */