sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Code

r10947: Fix bugs #3133 and #1828 - SPNEGO not working with PocketPC 2003.

Browse Source 
Our sessionsetup code now handles raw NTLMSSP connects, so we can go
back to doing what W2K3 does here which is to send no OID's in
the negprot reply when not in a security=ads mode.
Jeremy.
(This used to be commit 38a70185b7)
This commit is contained in:
Jeremy Allison 2005-10-12 23:08:49 +00:00 committed by Gerald (Jerry) Carter
parent c5260e733c
commit 4a190ec27b
1 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
source3/smbd/negprot.c
View File

@ -177,7 +177,6 @@ static int negprot_spnego(char *p)
OID_KERBEROS5_OLD,
OID_NTLMSSP,
NULL};
const char *OIDs_plain[] = {OID_NTLMSSP, NULL};
int len;
global_spnego_negotiated = True;
@ -198,20 +197,22 @@ static int negprot_spnego(char *p)
}
#endif
#if 0
/* strangely enough, NT does not sent the single OID NTLMSSP when
not a ADS member, it sends no OIDs at all
we can't do this until we teach our sesssion setup parser to know
about raw NTLMSSP (clients send no ASN.1 wrapping if we do this)
OLD COMMENT : "we can't do this until we teach our sesssion setup parser to know
about raw NTLMSSP (clients send no ASN.1 wrapping if we do this)"
Our sessionsetup code now handles raw NTLMSSP connects, so we can go
back to doing what W2K3 does here. This is needed to make PocketPC 2003
CIFS connections work with SPNEGO. See bugzilla bugs #1828 and #3133
for details. JRA.
*/
if (lp_security() != SEC_ADS) {
if (lp_security() != SEC_ADS && !lp_use_kerberos_keytab()) {
memcpy(p, guid, 16);
return 16;
}
#endif
if (lp_security() != SEC_ADS && !lp_use_kerberos_keytab()) {
blob = spnego_gen_negTokenInit(guid, OIDs_plain, "NONE");
} else {
fstring myname;
char *host_princ_s = NULL;