Error in libsmb/clispnego.c

[Richard Sharpe]

Hi,

In libsmb/clispnego.c, in spnego_gen_krb5_wrap, there is the following 
piece of code:

        asn1_push_tag(&data, ASN1_APPLICATION(0));
        asn1_write_OID(&data, OID_KERBEROS5);
        asn1_write_BOOLEAN(&data, 0);
        asn1_write(&data, ticket.data, ticket.length);
        asn1_pop_tag(&data);

The asn1_write_BOOLEAN is wrong. According to RFC1964, the two-byte field 
that the asn1_write_BOOLEAN writes is actually a token-id, which can have 
the values:

#define KRB_TOKEN_AP_REQ                0x0001
#define KRB_TOKEN_AP_REP                0x0002
#define KRB_TOKEN_AP_ERR                0x0003
#define KRB_TOKEN_GETMIC                0x0101
#define KRB_TOKEN_WRAP                  0x0102
#define KRB_TOKEN_DELETE_SEC_CONTEXT    0x0201

A similar mistake is made in the spnego_parse_krb5_wrap.

We should fix it, but that involves returning error codes from parse if it 
is not what we expect, and handing an extra parameter to the gen routine.
 
Regards
-----
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, 
sharpe[at]ethereal.com, http://www.richardsharpe.com