summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/negprot.c19
1 files changed, 10 insertions, 9 deletions
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index d4f0167a5f..1f4cb30003 100644
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -177,7 +177,6 @@ static int negprot_spnego(char *p)
OID_KERBEROS5_OLD,
OID_NTLMSSP,
NULL};
- const char *OIDs_plain[] = {OID_NTLMSSP, NULL};
int len;
global_spnego_negotiated = True;
@@ -198,20 +197,22 @@ static int negprot_spnego(char *p)
}
#endif
-#if 0
/* strangely enough, NT does not sent the single OID NTLMSSP when
not a ADS member, it sends no OIDs at all
- we can't do this until we teach our sesssion setup parser to know
- about raw NTLMSSP (clients send no ASN.1 wrapping if we do this)
+ OLD COMMENT : "we can't do this until we teach our sesssion setup parser to know
+ about raw NTLMSSP (clients send no ASN.1 wrapping if we do this)"
+
+ Our sessionsetup code now handles raw NTLMSSP connects, so we can go
+ back to doing what W2K3 does here. This is needed to make PocketPC 2003
+ CIFS connections work with SPNEGO. See bugzilla bugs #1828 and #3133
+ for details. JRA.
+
*/
- if (lp_security() != SEC_ADS) {
+
+ if (lp_security() != SEC_ADS && !lp_use_kerberos_keytab()) {
memcpy(p, guid, 16);
return 16;
- }
-#endif
- if (lp_security() != SEC_ADS && !lp_use_kerberos_keytab()) {
- blob = spnego_gen_negTokenInit(guid, OIDs_plain, "NONE");
} else {
fstring myname;
char *host_princ_s = NULL;