[SCM] Samba Shared Repository - branch master updated
Günther Deschner
gd at samba.org
Thu Oct 15 06:41:58 MDT 2009
The branch, master has been updated
via 449ab39... s3-spnego: Fix Bug #6815. Windows 2008 R2 SPNEGO negTokenTarg parsing failure.
from fb13eb7... s4:w32err_code.py script - put it under "scripting/bin"
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 449ab398f58c6e0041621752322ebe24e6d70225
Author: Günther Deschner <gd at samba.org>
Date: Thu Oct 15 14:13:26 2009 +0200
s3-spnego: Fix Bug #6815. Windows 2008 R2 SPNEGO negTokenTarg parsing failure.
When parsing a SPNEGO session setup retry (falling back from KRB5 to NTLMSSP),
we failed to parse the ASN1_ENUMERATED negResult in the negTokenTarg, thus
failing spnego_parse_auth() completely.
By just using the shared spnego/asn1 code, we get the parsing the correct way.
Guenther
-----------------------------------------------------------------------
Summary of changes:
source3/Makefile.in | 4 +++-
source3/libsmb/clispnego.c | 31 ++++++++++++-------------------
2 files changed, 15 insertions(+), 20 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 90faadf..d12c991 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -506,7 +506,9 @@ SCHANNEL_OBJ = ../libcli/auth/credentials.o \
passdb/secrets_schannel.o
LIBSMB_OBJ = libsmb/clientgen.o libsmb/cliconnect.o libsmb/clifile.o \
- libsmb/clikrb5.o libsmb/clispnego.o ../lib/util/asn1.o \
+ libsmb/clikrb5.o libsmb/clispnego.o \
+ ../libcli/auth/spnego_parse.o \
+ ../lib/util/asn1.o \
libsmb/clirap.o libsmb/clierror.o libsmb/climessage.o \
libsmb/clireadwrite.o libsmb/clilist.o libsmb/cliprint.o \
libsmb/clitrans.o libsmb/clisecdesc.o libsmb/clidgram.o \
diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c
index 5d7e43d..1103ef8 100644
--- a/source3/libsmb/clispnego.c
+++ b/source3/libsmb/clispnego.c
@@ -495,31 +495,24 @@ DATA_BLOB spnego_gen_auth(DATA_BLOB blob)
*/
bool spnego_parse_auth(DATA_BLOB blob, DATA_BLOB *auth)
{
- ASN1_DATA *data;
+ ssize_t len;
+ struct spnego_data token;
- data = asn1_init(talloc_tos());
- if (data == NULL) {
+ len = spnego_read_data(talloc_tos(), blob, &token);
+ if (len == -1) {
+ DEBUG(3,("spnego_parse_auth: spnego_read_data failed\n"));
return false;
}
- asn1_load(data, blob);
- asn1_start_tag(data, ASN1_CONTEXT(1));
- asn1_start_tag(data, ASN1_SEQUENCE(0));
- asn1_start_tag(data, ASN1_CONTEXT(2));
- asn1_read_OctetString(data, talloc_autofree_context(), auth);
- asn1_end_tag(data);
- asn1_end_tag(data);
- asn1_end_tag(data);
-
- if (data->has_error) {
- DEBUG(3,("spnego_parse_auth failed at %d\n", (int)data->ofs));
- data_blob_free(auth);
- asn1_free(data);
- return False;
+ if (token.type != SPNEGO_NEG_TOKEN_TARG) {
+ DEBUG(3,("spnego_parse_auth: wrong token type: %d\n",
+ token.type));
+ return false;
}
- asn1_free(data);
- return True;
+ *auth = token.negTokenTarg.responseToken;
+
+ return true;
}
/*
--
Samba Shared Repository
More information about the samba-cvs
mailing list