summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2005-10-15 00:46:38 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:05:00 -0500
commit1c5c61e3703ffca912f81496324ce82c2f19efa0 (patch)
treea3a5c8ec6889e101d3829892aeb02aa41a241522
parentdaf33dc4fc888b839aa38d1e757ed066edf06996 (diff)
downloadsamba-1c5c61e3703ffca912f81496324ce82c2f19efa0.tar.gz
samba-1c5c61e3703ffca912f81496324ce82c2f19efa0.tar.bz2
samba-1c5c61e3703ffca912f81496324ce82c2f19efa0.zip
r11079: Narrowing down on the #1828 PPC bug. The PPC client sends an
initial NTLMSSP negotiate blob of only 16 bytes - no strings added ! (So don't try parsing them). Jeremy. (This used to be commit e15b758f5fa6f500214bb60599a89f3c795c9fed)
-rw-r--r--source3/libsmb/ntlmssp.c38
1 files changed, 6 insertions, 32 deletions
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
index 42a4b95e29..0becc7fdee 100644
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -419,7 +419,6 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state,
fstring dnsname, dnsdomname;
uint32 neg_flags = 0;
uint32 ntlmssp_command, chal_flags;
- char *cliname=NULL, *domname=NULL;
const uint8 *cryptkey;
const char *target_name;
@@ -429,40 +428,15 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state,
#endif
if (request.length) {
- BOOL parse_ok = msrpc_parse(&request, "CddAA",
- "NTLMSSP",
- &ntlmssp_command,
- &neg_flags,
- &cliname,
- &domname);
-
- if (!parse_ok) {
- /* PocketPC 2003 sends the cliname and domname strings in unicode,
- but doesn't set the unicode bit. Try with a parse string of "CddUU" */
- SAFE_FREE(cliname);
- SAFE_FREE(domname);
- parse_ok = msrpc_parse(&request, "CddUU",
- "NTLMSSP",
- &ntlmssp_command,
- &neg_flags,
- &cliname,
- &domname);
- }
-
- if (!parse_ok) {
- DEBUG(1, ("ntlmssp_server_negotiate: failed to parse NTLMSSP Negotiate:\n"));
+ if ((request.length < 16) || !msrpc_parse(&request, "Cdd",
+ "NTLMSSP",
+ &ntlmssp_command,
+ &neg_flags)) {
+ DEBUG(1, ("ntlmssp_server_negotiate: failed to parse NTLMSSP Negotiate of length %u\n",
+ (unsigned int)request.length));
dump_data(2, (const char *)request.data, request.length);
- SAFE_FREE(cliname);
- SAFE_FREE(domname);
return NT_STATUS_INVALID_PARAMETER;
}
-
- DEBUG(10, ("ntlmssp_server_negotiate: client = %s, domain = %s\n",
- cliname ? cliname : "", domname ? domname : ""));
-
- SAFE_FREE(cliname);
- SAFE_FREE(domname);
-
debug_ntlmssp_flags(neg_flags);
}