[Samba] SPNEGO Response format

Sudheer Kurichiyath skurichiyath at vmware.com
Wed Sep 3 03:56:54 GMT 2008

Hi Jeremy,

I experienced this problem with Samba versions samba-3.0.23c and 3.0.28-0.el5.8.

Thanks and Regards


-----Original Message-----
From: Jeremy Allison [mailto:jra at samba.org]
Sent: Wednesday, September 03, 2008 4:34 AM
To: Sudheer Kurichiyath
Cc: 'samba at lists.samba.org'
Subject: Re: [Samba] SPNEGO Response format

On Tue, Sep 02, 2008 at 03:31:44AM -0700, Sudheer Kurichiyath wrote:
> Hi,
> There is a problem with the negResult field of NegoTokenArg structure. As per SPNEGO RFC rfc247, NegTokenTarg can have an optional parameter with the name negResult.
> Samba does not look  to support this optional parameter. The function spnego_parse_auth() is failing if a client sends negResult parameter in its SPNEGO response. (My client sends a "accept-incomplete" in the negResult field). A windows-based CIFS server does not have any issue with the response token containing the negResult field.
> Is there a fix available in Samba for this problem Or am I the first person who is experiencing this issue? The workaround I have is to avoid sending negResult  to  Samba.

What version of Samba are you testing against please ?


More information about the samba mailing list