From 97a321e557e494e98fa745ec530202120a69403e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 13 Oct 2005 19:45:24 +0000 Subject: r10974: Get closer to trying to fix #1825 (PcoketPC spnego bug). Ensure we set keylen to zero if no spnego. Jeremy. (This used to be commit 57ed94e6e4a095422496d92a0095dc48cfecdd68) --- source3/smbd/negprot.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c index 1f4cb30003..91942bf028 100644 --- a/source3/smbd/negprot.c +++ b/source3/smbd/negprot.c @@ -167,7 +167,7 @@ static int reply_lanman2(char *inbuf, char *outbuf) Generate the spnego negprot reply blob. Return the number of bytes used. ****************************************************************************/ -static int negprot_spnego(char *p) +static int negprot_spnego(char *p, uint8 *pkeylen) { DATA_BLOB blob; nstring dos_name; @@ -212,6 +212,7 @@ static int negprot_spnego(char *p) if (lp_security() != SEC_ADS && !lp_use_kerberos_keytab()) { memcpy(p, guid, 16); + *pkeylen = 0; return 16; } else { fstring myname; @@ -224,6 +225,11 @@ static int negprot_spnego(char *p) } memcpy(p, blob.data, blob.length); len = blob.length; + if (len > 256) { + DEBUG(0,("negprot_spnego: blob length too long (%d)\n", len)); + len = 255; + } + *pkeylen = len; data_blob_free(&blob); return len; } @@ -324,16 +330,17 @@ static int reply_nt1(char *inbuf, char *outbuf) /* note that we do not send a challenge at all if we are using plaintext */ get_challenge(p); - SSVALS(outbuf,smb_vwv16+1,8); + SCVAL(outbuf,smb_vwv16+1,8); p += 8; } p += srvstr_push(outbuf, p, lp_workgroup(), -1, STR_UNICODE|STR_TERMINATE|STR_NOALIGN); DEBUG(3,("not using SPNEGO\n")); } else { - int len = negprot_spnego(p); + uint8 keylen; + int len = negprot_spnego(p, &keylen); - SSVALS(outbuf,smb_vwv16+1,len); + SCVAL(outbuf,smb_vwv16+1,keylen); p += len; DEBUG(3,("using SPNEGO\n")); } -- cgit