diff options
author | Andrew Tridgell <tridge@samba.org> | 2001-10-14 06:14:11 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2001-10-14 06:14:11 +0000 |
commit | b46f6d865efa6dd50ed8b83d498f9e04919c9bc9 (patch) | |
tree | 96293cb13cdd071b23638dbd96c2c4b2f4b3eb9c /source3/libsmb | |
parent | 81756ba7440e255f750d13858e1147d3976e70e2 (diff) | |
download | samba-b46f6d865efa6dd50ed8b83d498f9e04919c9bc9.tar.gz samba-b46f6d865efa6dd50ed8b83d498f9e04919c9bc9.tar.bz2 samba-b46f6d865efa6dd50ed8b83d498f9e04919c9bc9.zip |
fixed NTLMSSP with XP servers (who don't send the duplicate challenge
in the asn1 spnego structures)
(This used to be commit 131010e9fb842b4d5a8660c538a3313c95fadae7)
Diffstat (limited to 'source3/libsmb')
-rw-r--r-- | source3/libsmb/cliconnect.c | 8 | ||||
-rw-r--r-- | source3/libsmb/clispnego.c | 12 |
2 files changed, 17 insertions, 3 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index 4a9d2fe59c..94eda90a3b 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -439,6 +439,10 @@ static BOOL cli_session_setup_ntlmssp(struct cli_state *cli, char *user, return False; } +#if 0 + file_save("chal.dat", blob.data, blob.length); +#endif + /* the server gives us back two challenges */ if (!spnego_parse_challenge(blob, &chal1, &chal2)) { return False; @@ -499,6 +503,10 @@ static BOOL cli_session_setup_spnego(struct cli_state *cli, char *user, goto ntlmssp; } +#if 0 + file_save("negprot.dat", cli->secblob.data, cli->secblob.length); +#endif + /* the server sent us the first part of the SPNEGO exchange in the negprot reply */ if (!spnego_parse_negTokenInit(cli->secblob, guid, OIDs, &principle)) { diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c index 6b705658c3..da8c6450ae 100644 --- a/source3/libsmb/clispnego.c +++ b/source3/libsmb/clispnego.c @@ -241,6 +241,9 @@ BOOL spnego_parse_challenge(DATA_BLOB blob, BOOL ret; ASN1_DATA data; + ZERO_STRUCTP(chal1); + ZERO_STRUCTP(chal2); + asn1_load(&data, blob); asn1_start_tag(&data,ASN1_CONTEXT(1)); asn1_start_tag(&data,ASN1_SEQUENCE(0)); @@ -257,9 +260,12 @@ BOOL spnego_parse_challenge(DATA_BLOB blob, asn1_read_octet_string(&data, chal1); asn1_end_tag(&data); - asn1_start_tag(&data,ASN1_CONTEXT(3)); - asn1_read_octet_string(&data, chal2); - asn1_end_tag(&data); + /* the second challenge is optional (XP doesn't send it) */ + if (asn1_tag_remaining(&data)) { + asn1_start_tag(&data,ASN1_CONTEXT(3)); + asn1_read_octet_string(&data, chal2); + asn1_end_tag(&data); + } asn1_end_tag(&data); asn1_end_tag(&data); |