diff options
| author | Kouhei Sutou <kou@clear-code.com> | 2009-08-13 15:12:01 +0900 |
|---|---|---|
| committer | Günther Deschner <gd@samba.org> | 2009-09-17 20:10:54 +0200 |
| commit | f8dae40fc8e40f747a4571a2500bba9f1a790fa5 (patch) | |
| tree | 778ee30d1a61903a9a4abe617777be6a48dfc3fa /libcli/auth | |
| parent | c2055de162b154efb1aef0d2977f860a01ffdbbc (diff) | |
| download | samba-f8dae40fc8e40f747a4571a2500bba9f1a790fa5.tar.gz samba-f8dae40fc8e40f747a4571a2500bba9f1a790fa5.tar.bz2 samba-f8dae40fc8e40f747a4571a2500bba9f1a790fa5.zip | |
spnego: Support ASN.1 BIT STRING and use it in SPNEGO.
Signed-off-by: Günther Deschner <gd@samba.org>
Diffstat (limited to 'libcli/auth')
| -rw-r--r-- | libcli/auth/spnego.h | 4 | ||||
| -rw-r--r-- | libcli/auth/spnego_parse.c | 13 |
2 files changed, 9 insertions, 8 deletions
diff --git a/libcli/auth/spnego.h b/libcli/auth/spnego.h index 08350a44ff..4b60f22d32 100644 --- a/libcli/auth/spnego.h +++ b/libcli/auth/spnego.h @@ -32,7 +32,6 @@ #define SPNEGO_ANON_FLAG 0x10 #define SPNEGO_CONF_FLAG 0x20 #define SPNEGO_INTEG_FLAG 0x40 -#define SPNEGO_REQ_FLAG 0x80 enum spnego_negResult { SPNEGO_ACCEPT_COMPLETED = 0, @@ -43,7 +42,8 @@ enum spnego_negResult { struct spnego_negTokenInit { const char **mechTypes; - int reqFlags; + DATA_BLOB reqFlags; + uint8_t reqFlagsPadding; DATA_BLOB mechToken; DATA_BLOB mechListMIC; char *targetPrincipal; diff --git a/libcli/auth/spnego_parse.c b/libcli/auth/spnego_parse.c index 27e57740dc..3f7047b0e0 100644 --- a/libcli/auth/spnego_parse.c +++ b/libcli/auth/spnego_parse.c @@ -62,8 +62,8 @@ static bool read_negTokenInit(struct asn1_data *asn1, TALLOC_CTX *mem_ctx, /* Read reqFlags */ case ASN1_CONTEXT(1): asn1_start_tag(asn1, ASN1_CONTEXT(1)); - asn1_read_Integer(asn1, &token->reqFlags); - token->reqFlags |= SPNEGO_REQ_FLAG; + asn1_read_BitString(asn1, mem_ctx, &token->reqFlags, + &token->reqFlagsPadding); asn1_end_tag(asn1); break; /* Read mechToken */ @@ -130,11 +130,11 @@ static bool write_negTokenInit(struct asn1_data *asn1, struct spnego_negTokenIni } /* write reqFlags */ - if (token->reqFlags & SPNEGO_REQ_FLAG) { - int flags = token->reqFlags & ~SPNEGO_REQ_FLAG; - + if (token->reqFlags.length > 0) { asn1_push_tag(asn1, ASN1_CONTEXT(1)); - asn1_write_Integer(asn1, flags); + asn1_write_BitString(asn1, token->reqFlags.data, + token->reqFlags.length, + token->reqFlagsPadding); asn1_pop_tag(asn1); } @@ -353,6 +353,7 @@ bool spnego_free_data(struct spnego_data *spnego) if (spnego->negTokenInit.mechTypes) { talloc_free(spnego->negTokenInit.mechTypes); } + data_blob_free(&spnego->negTokenInit.reqFlags); data_blob_free(&spnego->negTokenInit.mechToken); data_blob_free(&spnego->negTokenInit.mechListMIC); talloc_free(spnego->negTokenInit.targetPrincipal); |