summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2001-10-14 06:14:11 +0000
committerAndrew Tridgell <tridge@samba.org>2001-10-14 06:14:11 +0000
commitb46f6d865efa6dd50ed8b83d498f9e04919c9bc9 (patch)
tree96293cb13cdd071b23638dbd96c2c4b2f4b3eb9c
parent81756ba7440e255f750d13858e1147d3976e70e2 (diff)
downloadsamba-b46f6d865efa6dd50ed8b83d498f9e04919c9bc9.tar.gz
samba-b46f6d865efa6dd50ed8b83d498f9e04919c9bc9.tar.bz2
samba-b46f6d865efa6dd50ed8b83d498f9e04919c9bc9.zip
fixed NTLMSSP with XP servers (who don't send the duplicate challenge
in the asn1 spnego structures) (This used to be commit 131010e9fb842b4d5a8660c538a3313c95fadae7)
-rw-r--r--source3/libsmb/cliconnect.c8
-rw-r--r--source3/libsmb/clispnego.c12
2 files changed, 17 insertions, 3 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 4a9d2fe59c..94eda90a3b 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -439,6 +439,10 @@ static BOOL cli_session_setup_ntlmssp(struct cli_state *cli, char *user,
return False;
}
+#if 0
+ file_save("chal.dat", blob.data, blob.length);
+#endif
+
/* the server gives us back two challenges */
if (!spnego_parse_challenge(blob, &chal1, &chal2)) {
return False;
@@ -499,6 +503,10 @@ static BOOL cli_session_setup_spnego(struct cli_state *cli, char *user,
goto ntlmssp;
}
+#if 0
+ file_save("negprot.dat", cli->secblob.data, cli->secblob.length);
+#endif
+
/* the server sent us the first part of the SPNEGO exchange in the negprot
reply */
if (!spnego_parse_negTokenInit(cli->secblob, guid, OIDs, &principle)) {
diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c
index 6b705658c3..da8c6450ae 100644
--- a/source3/libsmb/clispnego.c
+++ b/source3/libsmb/clispnego.c
@@ -241,6 +241,9 @@ BOOL spnego_parse_challenge(DATA_BLOB blob,
BOOL ret;
ASN1_DATA data;
+ ZERO_STRUCTP(chal1);
+ ZERO_STRUCTP(chal2);
+
asn1_load(&data, blob);
asn1_start_tag(&data,ASN1_CONTEXT(1));
asn1_start_tag(&data,ASN1_SEQUENCE(0));
@@ -257,9 +260,12 @@ BOOL spnego_parse_challenge(DATA_BLOB blob,
asn1_read_octet_string(&data, chal1);
asn1_end_tag(&data);
- asn1_start_tag(&data,ASN1_CONTEXT(3));
- asn1_read_octet_string(&data, chal2);
- asn1_end_tag(&data);
+ /* the second challenge is optional (XP doesn't send it) */
+ if (asn1_tag_remaining(&data)) {
+ asn1_start_tag(&data,ASN1_CONTEXT(3));
+ asn1_read_octet_string(&data, chal2);
+ asn1_end_tag(&data);
+ }
asn1_end_tag(&data);
asn1_end_tag(&data);