summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2010-07-19 14:21:01 -0700
committerJeremy Allison <jra@samba.org>2010-07-19 14:21:01 -0700
commit962951e63d0bd3588085314b3bd94bac35415347 (patch)
tree92088787de741336695500a5353243553b1ea130
parent6763730304627a58139450fd3e03a0ce48e31bb9 (diff)
downloadsamba-962951e63d0bd3588085314b3bd94bac35415347.tar.gz
samba-962951e63d0bd3588085314b3bd94bac35415347.tar.bz2
samba-962951e63d0bd3588085314b3bd94bac35415347.zip
Fix [Bug 7577] SPNEGO auth fails when contacting Win7 system using Microsoft Live Sign-in Assistant
Based on code from <david.kondrad@legrand.us>. Cope with every NegTokenInit ::= SEQUENCE value. Jeremy.
-rw-r--r--source3/libsmb/clispnego.c61
1 files changed, 54 insertions, 7 deletions
diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c
index 264743b2a6..09efb560c0 100644
--- a/source3/libsmb/clispnego.c
+++ b/source3/libsmb/clispnego.c
@@ -146,9 +146,16 @@ bool spnego_parse_negTokenInit(DATA_BLOB blob,
asn1_start_tag(data,ASN1_APPLICATION(0));
asn1_check_OID(data,OID_SPNEGO);
+
+ /* negTokenInit [0] NegTokenInit */
asn1_start_tag(data,ASN1_CONTEXT(0));
asn1_start_tag(data,ASN1_SEQUENCE(0));
+ /* mechTypes [0] MechTypeList OPTIONAL */
+
+ /* Not really optional, we depend on this to decide
+ * what mechanisms we have to work with. */
+
asn1_start_tag(data,ASN1_CONTEXT(0));
asn1_start_tag(data,ASN1_SEQUENCE(0));
for (i=0; asn1_tag_remaining(data) > 0 && i < ASN1_MAX_OIDS-1; i++) {
@@ -161,14 +168,54 @@ bool spnego_parse_negTokenInit(DATA_BLOB blob,
asn1_end_tag(data);
*principal = NULL;
+
+ /*
+ Win7 + Live Sign-in Assistant attaches a mechToken
+ ASN1_CONTEXT(2) to the negTokenInit packet
+ which breaks our negotiation if we just assume
+ the next tag is ASN1_CONTEXT(3).
+ */
+
if (asn1_tag_remaining(data) > 0) {
- asn1_start_tag(data, ASN1_CONTEXT(3));
- asn1_start_tag(data, ASN1_SEQUENCE(0));
- asn1_start_tag(data, ASN1_CONTEXT(0));
- asn1_read_GeneralString(data,talloc_autofree_context(),principal);
- asn1_end_tag(data);
- asn1_end_tag(data);
- asn1_end_tag(data);
+ if (asn1_peek_tag(data, ASN1_CONTEXT(1))) {
+ uint8 flags;
+
+ /* reqFlags [1] ContextFlags OPTIONAL */
+ asn1_start_tag(data, ASN1_CONTEXT(1));
+ asn1_start_tag(data, ASN1_BIT_STRING);
+ while (asn1_tag_remaining(data) > 0) {
+ asn1_read_uint8(data, &flags);
+ }
+ asn1_end_tag(data);
+ asn1_end_tag(data);
+ }
+ }
+
+ if (asn1_tag_remaining(data) > 0) {
+ if (asn1_peek_tag(data, ASN1_CONTEXT(2))) {
+ /* mechToken [2] OCTET STRING OPTIONAL */
+ DATA_BLOB token;
+ asn1_start_tag(data, ASN1_CONTEXT(2));
+ asn1_read_OctetString(data, talloc_autofree_context(),
+ &token);
+ asn1_end_tag(data);
+ /* Throw away the token - not used. */
+ data_blob_free(&token);
+ }
+ }
+
+ if (asn1_tag_remaining(data) > 0) {
+ if (asn1_peek_tag(data, ASN1_CONTEXT(3))) {
+ /* mechListMIC [3] OCTET STRING OPTIONAL */
+ asn1_start_tag(data, ASN1_CONTEXT(3));
+ asn1_start_tag(data, ASN1_SEQUENCE(0));
+ asn1_start_tag(data, ASN1_CONTEXT(0));
+ asn1_read_GeneralString(data,talloc_autofree_context(),
+ principal);
+ asn1_end_tag(data);
+ asn1_end_tag(data);
+ asn1_end_tag(data);
+ }
}
asn1_end_tag(data);