svn commit: samba r10947 - in branches/SAMBA_3_0/source/smbd: .

jra at samba.org jra at samba.org
Wed Oct 12 23:08:50 GMT 2005 

Author: jra
Date: 2005-10-12 23:08:49 +0000 (Wed, 12 Oct 2005)
New Revision: 10947

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10947

Log:
Fix bugs #3133 and #1828 - SPNEGO not working with PocketPC 2003.
Our sessionsetup code now handles raw NTLMSSP connects, so we can go
back to doing what W2K3 does here which is to send no OID's in
the negprot reply when not in a security=ads mode.
Jeremy.

Modified:
   branches/SAMBA_3_0/source/smbd/negprot.c


Changeset:
Modified: branches/SAMBA_3_0/source/smbd/negprot.c
===================================================================
--- branches/SAMBA_3_0/source/smbd/negprot.c	2005-10-12 22:25:51 UTC (rev 10946)
+++ branches/SAMBA_3_0/source/smbd/negprot.c	2005-10-12 23:08:49 UTC (rev 10947)
@@ -177,7 +177,6 @@
 				   OID_KERBEROS5_OLD,
 				   OID_NTLMSSP,
 				   NULL};
-	const char *OIDs_plain[] = {OID_NTLMSSP, NULL};
 	int len;
 
 	global_spnego_negotiated = True;
@@ -198,20 +197,22 @@
 	}
 #endif
 
-#if 0
 	/* strangely enough, NT does not sent the single OID NTLMSSP when
 	   not a ADS member, it sends no OIDs at all
 
-	   we can't do this until we teach our sesssion setup parser to know
-	   about raw NTLMSSP (clients send no ASN.1 wrapping if we do this)
+	   OLD COMMENT : "we can't do this until we teach our sesssion setup parser to know
+		   about raw NTLMSSP (clients send no ASN.1 wrapping if we do this)"
+
+	   Our sessionsetup code now handles raw NTLMSSP connects, so we can go
+	   back to doing what W2K3 does here. This is needed to make PocketPC 2003
+	   CIFS connections work with SPNEGO. See bugzilla bugs #1828 and #3133
+	   for details. JRA.
+
 	*/
-	if (lp_security() != SEC_ADS) {
+
+	if (lp_security() != SEC_ADS && !lp_use_kerberos_keytab()) {
 		memcpy(p, guid, 16);
 		return 16;
-	}
-#endif
-	if (lp_security() != SEC_ADS && !lp_use_kerberos_keytab()) {
-		blob = spnego_gen_negTokenInit(guid, OIDs_plain, "NONE");
 	} else {
 		fstring myname;
 		char *host_princ_s = NULL;

More information about the samba-cvs mailing list