svn commit: samba r4692 - in branches/SAMBA_4_0/source/libcli/auth:
.
abartlet at samba.org
abartlet at samba.org
Tue Jan 11 20:20:27 GMT 2005
Author: abartlet
Date: 2005-01-11 20:20:27 +0000 (Tue, 11 Jan 2005)
New Revision: 4692
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=4692
Log:
Make the client SPNEGO code bail out in a couple more cases.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/libcli/auth/spnego.c
Changeset:
Modified: branches/SAMBA_4_0/source/libcli/auth/spnego.c
===================================================================
--- branches/SAMBA_4_0/source/libcli/auth/spnego.c 2005-01-11 20:09:59 UTC (rev 4691)
+++ branches/SAMBA_4_0/source/libcli/auth/spnego.c 2005-01-11 20:20:27 UTC (rev 4692)
@@ -686,8 +686,11 @@
if (spnego_state->no_response_expected) {
if (spnego.negTokenTarg.negResult != SPNEGO_ACCEPT_COMPLETED) {
- DEBUG(1,("gensec_update ok but not accepted\n"));
+ DEBUG(3,("GENSEC SPNEGO: client GENSEC accepted, but server rejected (bad password?)\n"));
nt_status = NT_STATUS_INVALID_PARAMETER;
+ } else if (spnego.negTokenTarg.responseToken.length) {
+ DEBUG(2,("GENSEC SPNEGO: client GENSEC accepted, but server continued negotiation!\n"));
+ nt_status = NT_STATUS_INVALID_PARAMETER;
} else {
nt_status = NT_STATUS_OK;
}
More information about the samba-cvs
mailing list