r11080: Narrowing down on the #1828 PPC bug. The PPC client sends an

initial NTLMSSP negotiate blob of only 16 bytes - no strings
added ! (So don't try parsing them).
Jeremy.
(This used to be commit 42d93a317ab424a0720620b83c285b5118bcc06f)

1 files changed, 7 insertions, 19 deletions

diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index 9a1e11aff6..374bb23b6a 100644
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -186,28 +186,16 @@ NTSTATUS ntlmssp_server_negotiate(struct gensec_security *gensec_security,
 #endif
 
 	if (in.length) {
-		BOOL parse_ok = msrpc_parse(out_mem_ctx,
-				 &in, "CddAA",
-				 "NTLMSSP",
-				 &ntlmssp_command,
-				 &neg_flags,
-				 &cliname,
-				 &domname);
-		if (!parse_ok) {
-			parse_ok = msrpc_parse(out_mem_ctx,
-					 &in, "CddUU",
-					 "NTLMSSP",
-					 &ntlmssp_command,
-					 &neg_flags,
-					 &cliname,
-					 &domname);
-		}
-		if (!parse_ok) {
-			DEBUG(1, ("ntlmssp_server_negotiate: failed to parse NTLMSSP:\n"));
+		if ((in.length < 16) || !msrpc_parse(out_mem_ctx, &in, "Cdd",
+							 "NTLMSSP",
+							 &ntlmssp_command,
+							 &neg_flags)) {
+			DEBUG(1, ("ntlmssp_server_negotiate: failed to parse "
+				"NTLMSSP Negotiate of length %u:\n",
+				(unsigned int)in.length ));
 			dump_data(2, in.data, in.length);
 			return NT_STATUS_INVALID_PARAMETER;
 		}
-		
 		debug_ntlmssp_flags(neg_flags);
 	}