diff options
author | Volker Lendecke <vlendec@samba.org> | 2006-10-02 12:54:49 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:15:05 -0500 |
commit | eb00981fc363a104d43dba75a8d18cc02421bbf8 (patch) | |
tree | c530a87df54b1c89285f39b0f1e2b1728e112a51 /source3 | |
parent | c25f331cf9370a461487bf99cb661aa0148e078e (diff) | |
download | samba-eb00981fc363a104d43dba75a8d18cc02421bbf8.tar.gz samba-eb00981fc363a104d43dba75a8d18cc02421bbf8.tar.bz2 samba-eb00981fc363a104d43dba75a8d18cc02421bbf8.zip |
r19041: Make us connect to Vista RC1. Apparently metze had done the same patch some
weeks ago.
We have some work before us, when in AD mode Vista sends
"not_defined_in_RFC4178@please_ignore" as the principal.....
Volker
(This used to be commit af85d8ec02b36b765ceadf0a342c7eda2410034b)
Diffstat (limited to 'source3')
-rw-r--r-- | source3/libsmb/cliconnect.c | 15 | ||||
-rw-r--r-- | source3/libsmb/clispnego.c | 17 |
2 files changed, 24 insertions, 8 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index 6e6f7a5ebe..983d9012f0 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -762,7 +762,20 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user, #endif free(OIDs[i]); } - DEBUG(3,("got principal=%s\n", principal)); + + DEBUG(3,("got principal=%s\n", principal ? principal : "<null>")); + + if (got_kerberos_mechanism && (principal == NULL)) { + /* + * It is WRONG to depend on the principal sent in the negprot + * reply, but right now we do it. So for safety (don't + * segfault later) disable Kerberos when no principal was + * sent. -- VL + */ + DEBUG(1, ("Kerberos mech was offered, but no principal was sent\n")); + DEBUGADD(1, ("Disabling Kerberos\n")); + cli->use_kerberos = False; + } fstrcpy(cli->user_name, user); diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c index fedf7e5c6e..a01c009b6e 100644 --- a/source3/libsmb/clispnego.c +++ b/source3/libsmb/clispnego.c @@ -149,13 +149,16 @@ BOOL spnego_parse_negTokenInit(DATA_BLOB blob, asn1_end_tag(&data); asn1_end_tag(&data); - asn1_start_tag(&data, ASN1_CONTEXT(3)); - asn1_start_tag(&data, ASN1_SEQUENCE(0)); - asn1_start_tag(&data, ASN1_CONTEXT(0)); - asn1_read_GeneralString(&data,principal); - asn1_end_tag(&data); - asn1_end_tag(&data); - asn1_end_tag(&data); + *principal = NULL; + if (asn1_tag_remaining(&data) > 0) { + asn1_start_tag(&data, ASN1_CONTEXT(3)); + asn1_start_tag(&data, ASN1_SEQUENCE(0)); + asn1_start_tag(&data, ASN1_CONTEXT(0)); + asn1_read_GeneralString(&data,principal); + asn1_end_tag(&data); + asn1_end_tag(&data); + asn1_end_tag(&data); + } asn1_end_tag(&data); asn1_end_tag(&data); |