diff options
author | Jeremy Allison <jra@samba.org> | 2005-10-15 00:46:38 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:05:00 -0500 |
commit | 1c5c61e3703ffca912f81496324ce82c2f19efa0 (patch) | |
tree | a3a5c8ec6889e101d3829892aeb02aa41a241522 | |
parent | daf33dc4fc888b839aa38d1e757ed066edf06996 (diff) | |
download | samba-1c5c61e3703ffca912f81496324ce82c2f19efa0.tar.gz samba-1c5c61e3703ffca912f81496324ce82c2f19efa0.tar.bz2 samba-1c5c61e3703ffca912f81496324ce82c2f19efa0.zip |
r11079: Narrowing down on the #1828 PPC bug. The PPC client sends an
initial NTLMSSP negotiate blob of only 16 bytes - no strings
added ! (So don't try parsing them).
Jeremy.
(This used to be commit e15b758f5fa6f500214bb60599a89f3c795c9fed)
-rw-r--r-- | source3/libsmb/ntlmssp.c | 38 |
1 files changed, 6 insertions, 32 deletions
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c index 42a4b95e29..0becc7fdee 100644 --- a/source3/libsmb/ntlmssp.c +++ b/source3/libsmb/ntlmssp.c @@ -419,7 +419,6 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state, fstring dnsname, dnsdomname; uint32 neg_flags = 0; uint32 ntlmssp_command, chal_flags; - char *cliname=NULL, *domname=NULL; const uint8 *cryptkey; const char *target_name; @@ -429,40 +428,15 @@ static NTSTATUS ntlmssp_server_negotiate(struct ntlmssp_state *ntlmssp_state, #endif if (request.length) { - BOOL parse_ok = msrpc_parse(&request, "CddAA", - "NTLMSSP", - &ntlmssp_command, - &neg_flags, - &cliname, - &domname); - - if (!parse_ok) { - /* PocketPC 2003 sends the cliname and domname strings in unicode, - but doesn't set the unicode bit. Try with a parse string of "CddUU" */ - SAFE_FREE(cliname); - SAFE_FREE(domname); - parse_ok = msrpc_parse(&request, "CddUU", - "NTLMSSP", - &ntlmssp_command, - &neg_flags, - &cliname, - &domname); - } - - if (!parse_ok) { - DEBUG(1, ("ntlmssp_server_negotiate: failed to parse NTLMSSP Negotiate:\n")); + if ((request.length < 16) || !msrpc_parse(&request, "Cdd", + "NTLMSSP", + &ntlmssp_command, + &neg_flags)) { + DEBUG(1, ("ntlmssp_server_negotiate: failed to parse NTLMSSP Negotiate of length %u\n", + (unsigned int)request.length)); dump_data(2, (const char *)request.data, request.length); - SAFE_FREE(cliname); - SAFE_FREE(domname); return NT_STATUS_INVALID_PARAMETER; } - - DEBUG(10, ("ntlmssp_server_negotiate: client = %s, domain = %s\n", - cliname ? cliname : "", domname ? domname : "")); - - SAFE_FREE(cliname); - SAFE_FREE(domname); - debug_ntlmssp_flags(neg_flags); } |