[SCM] Samba Shared Repository - branch master updated
Stefan Metzmacher
metze at samba.org
Wed Nov 30 09:04:02 MST 2011
The branch, master has been updated
via de553b5 s4:gensec/spnego: only try the mechs that match the client given ones
from 4afbda2 s4:libcli/raw: implement on top of smbXcli_conn/req
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit de553b52f2bacf54b57b56216fbb91f9108026be
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Nov 30 15:17:05 2011 +0100
s4:gensec/spnego: only try the mechs that match the client given ones
Windows-Members of NT4/Samba3 domains, send
MechTypes:
1.3.6.1.4.1.311.2.2.10 [NTLMSSP]
1.2.840.48018.1.2.2 [krb5 broken]
1.2.840.113554.1.2.2 [krb5]
MechToken for NTLMSSP.
This patch makes sure we start NTLMSSP with the given MechToken,
instead of trying to pass the NTLMSSP MechToken to the krb5 backend
first. As that would fail the authentication with an error
instead of trying fallbacks.
metze
Autobuild-User: Stefan Metzmacher <metze at samba.org>
Autobuild-Date: Wed Nov 30 17:03:29 CET 2011 on sn-devel-104
-----------------------------------------------------------------------
Summary of changes:
source4/auth/gensec/spnego.c | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/auth/gensec/spnego.c b/source4/auth/gensec/spnego.c
index fd3caaa..fae32d8 100644
--- a/source4/auth/gensec/spnego.c
+++ b/source4/auth/gensec/spnego.c
@@ -428,6 +428,10 @@ static NTSTATUS gensec_spnego_parse_negTokenInit(struct gensec_security *gensec_
uint32_t j;
for (j=0; mechType && mechType[j]; j++) {
for (i=0; all_sec && all_sec[i].op; i++) {
+ if (strcmp(mechType[j], all_sec[i].oid) != 0) {
+ continue;
+ }
+
nt_status = gensec_subcontext_start(spnego_state,
gensec_security,
&spnego_state->sub_sec_security);
--
Samba Shared Repository
More information about the samba-cvs
mailing list