mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
gensec:spnego: ignore trailing bytes in SPNEGO_SERVER_START state
This matches Windows (at least Server 2012_R2). BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
parent
55dd8bdb05
commit
86808d66f3
@ -1758,6 +1758,7 @@ static NTSTATUS gensec_spnego_update_in(struct gensec_security *gensec_security,
|
|||||||
const DATA_BLOB in, TALLOC_CTX *mem_ctx,
|
const DATA_BLOB in, TALLOC_CTX *mem_ctx,
|
||||||
DATA_BLOB *full_in)
|
DATA_BLOB *full_in)
|
||||||
{
|
{
|
||||||
|
DATA_BLOB consume = data_blob_null;
|
||||||
struct spnego_state *spnego_state =
|
struct spnego_state *spnego_state =
|
||||||
talloc_get_type_abort(gensec_security->private_data,
|
talloc_get_type_abort(gensec_security->private_data,
|
||||||
struct spnego_state);
|
struct spnego_state);
|
||||||
@ -1824,17 +1825,26 @@ static NTSTATUS gensec_spnego_update_in(struct gensec_security *gensec_security,
|
|||||||
return NT_STATUS_INVALID_PARAMETER;
|
return NT_STATUS_INVALID_PARAMETER;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
consume = in;
|
||||||
expected = spnego_state->in_needed - spnego_state->in_frag.length;
|
expected = spnego_state->in_needed - spnego_state->in_frag.length;
|
||||||
if (in.length > expected) {
|
if (consume.length > expected) {
|
||||||
|
if (spnego_state->state_position != SPNEGO_SERVER_START) {
|
||||||
|
/*
|
||||||
|
* we got more than expected
|
||||||
|
*/
|
||||||
|
return NT_STATUS_INVALID_PARAMETER;
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* we got more than expected
|
* In SPNEGO_SERVER_START we need to ignore unexpected
|
||||||
|
* bytes at the end.
|
||||||
*/
|
*/
|
||||||
return NT_STATUS_INVALID_PARAMETER;
|
consume.length = expected;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (in.length == spnego_state->in_needed) {
|
if (consume.length == spnego_state->in_needed) {
|
||||||
/*
|
/*
|
||||||
* if the in.length contains the full blob
|
* if the consume.length contains the full blob
|
||||||
* we are done.
|
* we are done.
|
||||||
*
|
*
|
||||||
* Note: this implies spnego_state->in_frag.length == 0,
|
* Note: this implies spnego_state->in_frag.length == 0,
|
||||||
@ -1842,13 +1852,13 @@ static NTSTATUS gensec_spnego_update_in(struct gensec_security *gensec_security,
|
|||||||
* because we already know that we did not get
|
* because we already know that we did not get
|
||||||
* more than expected.
|
* more than expected.
|
||||||
*/
|
*/
|
||||||
*full_in = in;
|
*full_in = consume;
|
||||||
spnego_state->in_needed = 0;
|
spnego_state->in_needed = 0;
|
||||||
return NT_STATUS_OK;
|
return NT_STATUS_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
ok = data_blob_append(spnego_state, &spnego_state->in_frag,
|
ok = data_blob_append(spnego_state, &spnego_state->in_frag,
|
||||||
in.data, in.length);
|
consume.data, consume.length);
|
||||||
if (!ok) {
|
if (!ok) {
|
||||||
return NT_STATUS_NO_MEMORY;
|
return NT_STATUS_NO_MEMORY;
|
||||||
}
|
}
|
||||||
|
@ -1,7 +1,4 @@
|
|||||||
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_full_pad_spnego_alter
|
|
||||||
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_full_pad_spnego_auth3
|
|
||||||
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_auth3_align2_ntlm
|
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_auth3_align2_ntlm
|
||||||
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_auth3_align2_spnego
|
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_auth3_align2_spnego
|
||||||
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_ntlm_2889_auth3
|
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_ntlm_2889_auth3
|
||||||
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_tail_pad_spnego_alter
|
|
||||||
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_tail_pad_spnego_auth3
|
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_tail_pad_spnego_auth3
|
||||||
|
Loading…
Reference in New Issue
Block a user