svn commit: samba r20107 - in
branches/SAMBA_4_0/source/auth/gensec: .
metze at samba.org
metze at samba.org
Mon Dec 11 16:36:30 GMT 2006
Author: metze
Date: 2006-12-11 16:36:30 +0000 (Mon, 11 Dec 2006)
New Revision: 20107
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=20107
Log:
don't segfault when the server didn't send a supportedMech in a negTokenTarg
this happens because we send 1.2.840.113554.1.2.2 before 1.2.840.48018.1.2.2
in the negTokenInit. And w2k's spnego code redirects us to use 1.2.840.48018.1.2.2
and then we start the our spnego engine with 1.2.840.48018.1.2.2 and in the then following
negTokenTarg w2k don't send the supportedMech (which means it aggrees in what we've choosen)
metze
Modified:
branches/SAMBA_4_0/source/auth/gensec/spnego.c
Changeset:
Modified: branches/SAMBA_4_0/source/auth/gensec/spnego.c
===================================================================
--- branches/SAMBA_4_0/source/auth/gensec/spnego.c 2006-12-11 15:49:39 UTC (rev 20106)
+++ branches/SAMBA_4_0/source/auth/gensec/spnego.c 2006-12-11 16:36:30 UTC (rev 20107)
@@ -904,6 +904,7 @@
/* Server didn't like our choice of mech, and chose something else */
if ((spnego.negTokenTarg.negResult == SPNEGO_ACCEPT_INCOMPLETE) &&
+ spnego.negTokenTarg.supportedMech &&
strcmp(spnego.negTokenTarg.supportedMech, spnego_state->neg_oid) != 0) {
DEBUG(3,("GENSEC SPNEGO: client preferred mech (%s) not accepted, server wants: %s\n",
gensec_get_name_by_oid(spnego.negTokenTarg.supportedMech),
More information about the samba-cvs
mailing list