1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

auth/spnego: handle broken mechListMIC response from Windows 2000

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11870

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
This commit is contained in:
Stefan Metzmacher 2016-04-23 05:17:25 +02:00
parent 9930bd17f2
commit 032c2733de

View File

@ -1077,6 +1077,24 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
};
}
if (spnego.negTokenTarg.mechListMIC.length > 0) {
DATA_BLOB *m = &spnego.negTokenTarg.mechListMIC;
const DATA_BLOB *r = &spnego.negTokenTarg.responseToken;
/*
* Windows 2000 has a bug, it repeats the
* responseToken in the mechListMIC field.
*/
if (m->length == r->length) {
int cmp;
cmp = memcmp(m->data, r->data, m->length);
if (cmp == 0) {
data_blob_free(m);
}
}
}
if (spnego.negTokenTarg.mechListMIC.length > 0) {
if (spnego_state->no_response_expected) {
spnego_state->needs_mic_check = true;