fix crash with missing mechtypes

Andrew Bartlett abartlet at samba.org
Fri Sep 24 16:31:03 MDT 2010


On Fri, 2010-09-24 at 09:57 -0700, Jeremy Allison wrote:
> On Fri, Sep 24, 2010 at 12:36:37PM -0400, simo wrote:
> > 
> > Do you know how windows behaves against the same test ?
> 
> No, the test suites are proprietary and even if I did
> I couldn't discuss it (under plugfest NDA I'm afraid).

http://tools.ietf.org/html/rfc4178#section-4.2.1
I decided to look up the RFC: 

4.2.1.  negTokenInit

      NegTokenInit ::= SEQUENCE {
          mechTypes       [0] MechTypeList,
          reqFlags        [1] ContextFlags  OPTIONAL,
            -- inherited from RFC 2478 for backward compatibility,
            -- RECOMMENDED to be left out
          mechToken       [2] OCTET STRING  OPTIONAL,
          mechListMIC     [3] OCTET STRING  OPTIONAL,
          ...
      }
      ContextFlags ::= BIT STRING {
          delegFlag       (0),
          mutualFlag      (1),
          replayFlag      (2),
          sequenceFlag    (3),
          anonFlag        (4),
          confFlag        (5),
          integFlag       (6)
      } (SIZE (32))

   This is the syntax for the inner token of the initial negotiation
   message.

   mechTypes

      This field contains one or more security mechanisms available for
      the initiator, in decreasing preference order (favorite choice
      first).

The older http://tools.ietf.org/html/rfc2478 also states that one or
more mechTypes must be sent, but marks the ASN.1 as optional. 

> This fix prevents the crash, and I still think not
> sending any OID's in a packet is definitely an invalid
> parameter error :-).

It seems to me that this isn't optional, and therefore an invalid
parameter reply is quite justified.

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20100925/f2bab174/attachment.pgp>


More information about the samba-technical mailing list