sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code

r13176: Fix show-stopper bug for 3.0.21b where 4 leg NTLMSSP SPNEGO

Browse Source 
auth was not generating the correct auth header on the 4th
packet. This may fix a lot of Windows client complaints and
is essential for release.
Jeremy.
This commit is contained in:
Jeremy Allison 2006-01-27 02:35:08 +00:00 committed by Gerald (Jerry) Carter
parent 31b3201f53
commit 48dd8c732b
2 changed files with 24 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
source/libsmb/spnego.c
View File

@ -341,4 +341,3 @@ BOOL free_spnego_data(SPNEGO_DATA *spnego)
out: out:
return ret; return ret;
} }

25
source/rpc_server/srv_pipe.c
View File

@ -1188,12 +1188,17 @@ static BOOL pipe_spnego_auth_bind_negotiate(pipes_struct *p, prs_struct *rpc_in_
static BOOL pipe_spnego_auth_bind_continue(pipes_struct *p, prs_struct *rpc_in_p, static BOOL pipe_spnego_auth_bind_continue(pipes_struct *p, prs_struct *rpc_in_p,
RPC_HDR_AUTH *pauth_info, prs_struct *pout_auth) RPC_HDR_AUTH *pauth_info, prs_struct *pout_auth)
{ {
DATA_BLOB spnego_blob, auth_blob, auth_reply; RPC_HDR_AUTH auth_info;
DATA_BLOB spnego_blob;
DATA_BLOB auth_blob;
DATA_BLOB auth_reply;
DATA_BLOB response;
AUTH_NTLMSSP_STATE *a = p->auth.a_u.auth_ntlmssp_state; AUTH_NTLMSSP_STATE *a = p->auth.a_u.auth_ntlmssp_state;
ZERO_STRUCT(spnego_blob); ZERO_STRUCT(spnego_blob);
ZERO_STRUCT(auth_blob); ZERO_STRUCT(auth_blob);
ZERO_STRUCT(auth_reply); ZERO_STRUCT(auth_reply);
ZERO_STRUCT(response);
if (p->auth.auth_type != PIPE_AUTH_TYPE_SPNEGO_NTLMSSP || !a) { if (p->auth.auth_type != PIPE_AUTH_TYPE_SPNEGO_NTLMSSP || !a) {
DEBUG(0,("pipe_spnego_auth_bind_continue: not in NTLMSSP auth state.\n")); DEBUG(0,("pipe_spnego_auth_bind_continue: not in NTLMSSP auth state.\n"));
@ -1230,7 +1235,24 @@ static BOOL pipe_spnego_auth_bind_continue(pipes_struct *p, prs_struct *rpc_in_p
data_blob_free(&spnego_blob); data_blob_free(&spnego_blob);
data_blob_free(&auth_blob); data_blob_free(&auth_blob);
/* Generate the spnego "accept completed" blob - no incoming data. */
response = spnego_gen_auth_response(&auth_reply, NT_STATUS_OK, OID_NTLMSSP);
/* Copy the blob into the pout_auth parse struct */
init_rpc_hdr_auth(&auth_info, RPC_SPNEGO_AUTH_TYPE, pauth_info->auth_level, RPC_HDR_AUTH_LEN, 1);
if(!smb_io_rpc_hdr_auth("", &auth_info, pout_auth, 0)) {
DEBUG(0,("pipe_spnego_auth_bind_continue: marshalling of RPC_HDR_AUTH failed.\n"));
goto err;
}
if (!prs_copy_data_in(pout_auth, (char *)response.data, response.length)) {
DEBUG(0,("pipe_spnego_auth_bind_continue: marshalling of data blob failed.\n"));
goto err;
}
data_blob_free(&auth_reply); data_blob_free(&auth_reply);
data_blob_free(&response);
p->pipe_bound = True; p->pipe_bound = True;
@ -1241,6 +1263,7 @@ static BOOL pipe_spnego_auth_bind_continue(pipes_struct *p, prs_struct *rpc_in_p
data_blob_free(&spnego_blob); data_blob_free(&spnego_blob);
data_blob_free(&auth_blob); data_blob_free(&auth_blob);
data_blob_free(&auth_reply); data_blob_free(&auth_reply);
data_blob_free(&response);
free_pipe_ntlmssp_auth_data(&p->auth); free_pipe_ntlmssp_auth_data(&p->auth);
p->auth.a_u.auth_ntlmssp_state = NULL; p->auth.a_u.auth_ntlmssp_state = NULL;