summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2005-10-12 23:08:49 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:04:57 -0500
commit4a190ec27bf69f849f22daf3060841f9a1c92b4f (patch)
tree008b2261d02ddb97e2d62df55e938fbb7c9aaf28 /source3/smbd
parentc5260e733c417642a30a59ebe46ed60b8ef18f6c (diff)
downloadsamba-4a190ec27bf69f849f22daf3060841f9a1c92b4f.tar.gz
samba-4a190ec27bf69f849f22daf3060841f9a1c92b4f.tar.bz2
samba-4a190ec27bf69f849f22daf3060841f9a1c92b4f.zip
r10947: Fix bugs #3133 and #1828 - SPNEGO not working with PocketPC 2003.
Our sessionsetup code now handles raw NTLMSSP connects, so we can go back to doing what W2K3 does here which is to send no OID's in the negprot reply when not in a security=ads mode. Jeremy. (This used to be commit 38a70185b7ca20677026103d40f61608e7ad0c90)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/negprot.c19
1 files changed, 10 insertions, 9 deletions
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index d4f0167a5f..1f4cb30003 100644
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -177,7 +177,6 @@ static int negprot_spnego(char *p)
OID_KERBEROS5_OLD,
OID_NTLMSSP,
NULL};
- const char *OIDs_plain[] = {OID_NTLMSSP, NULL};
int len;
global_spnego_negotiated = True;
@@ -198,20 +197,22 @@ static int negprot_spnego(char *p)
}
#endif
-#if 0
/* strangely enough, NT does not sent the single OID NTLMSSP when
not a ADS member, it sends no OIDs at all
- we can't do this until we teach our sesssion setup parser to know
- about raw NTLMSSP (clients send no ASN.1 wrapping if we do this)
+ OLD COMMENT : "we can't do this until we teach our sesssion setup parser to know
+ about raw NTLMSSP (clients send no ASN.1 wrapping if we do this)"
+
+ Our sessionsetup code now handles raw NTLMSSP connects, so we can go
+ back to doing what W2K3 does here. This is needed to make PocketPC 2003
+ CIFS connections work with SPNEGO. See bugzilla bugs #1828 and #3133
+ for details. JRA.
+
*/
- if (lp_security() != SEC_ADS) {
+
+ if (lp_security() != SEC_ADS && !lp_use_kerberos_keytab()) {
memcpy(p, guid, 16);
return 16;
- }
-#endif
- if (lp_security() != SEC_ADS && !lp_use_kerberos_keytab()) {
- blob = spnego_gen_negTokenInit(guid, OIDs_plain, "NONE");
} else {
fstring myname;
char *host_princ_s = NULL;