diff options
Diffstat (limited to 'source/libsmb/clispnego.c')
-rw-r--r-- | source/libsmb/clispnego.c | 25 |
1 files changed, 9 insertions, 16 deletions
diff --git a/source/libsmb/clispnego.c b/source/libsmb/clispnego.c index 5ea5cf3011d..6aca217e259 100644 --- a/source/libsmb/clispnego.c +++ b/source/libsmb/clispnego.c @@ -348,7 +348,7 @@ int spnego_gen_negTokenTarg(const char *principal, int time_offset, { int retval; DATA_BLOB tkt, tkt_wrapped; - const char *krb_mechs[] = {OID_KERBEROS5_OLD, OID_KERBEROS5, OID_NTLMSSP, NULL}; + const char *krb_mechs[] = {OID_KERBEROS5_OLD, OID_NTLMSSP, NULL}; /* get a kerberos ticket for the service and extract the session key */ retval = cli_krb5_get_ticket(principal, time_offset, @@ -518,10 +518,9 @@ DATA_BLOB spnego_gen_auth_response(DATA_BLOB *reply, NTSTATUS nt_status, } /* - parse a SPNEGO auth packet. This contains the encrypted passwords + parse a SPNEGO NTLMSSP auth packet. This contains the encrypted passwords */ -BOOL spnego_parse_auth_response(DATA_BLOB blob, NTSTATUS nt_status, - const char *mechOID, +BOOL spnego_parse_auth_response(DATA_BLOB blob, NTSTATUS nt_status, DATA_BLOB *auth) { ASN1_DATA data; @@ -542,20 +541,14 @@ BOOL spnego_parse_auth_response(DATA_BLOB blob, NTSTATUS nt_status, asn1_check_enumerated(&data, negResult); asn1_end_tag(&data); - *auth = data_blob_null; - - if (asn1_tag_remaining(&data)) { + if (negResult == SPNEGO_NEG_RESULT_INCOMPLETE) { asn1_start_tag(&data,ASN1_CONTEXT(1)); - asn1_check_OID(&data, mechOID); + asn1_check_OID(&data, OID_NTLMSSP); + asn1_end_tag(&data); + + asn1_start_tag(&data,ASN1_CONTEXT(2)); + asn1_read_OctetString(&data, auth); asn1_end_tag(&data); - - if (asn1_tag_remaining(&data)) { - asn1_start_tag(&data,ASN1_CONTEXT(2)); - asn1_read_OctetString(&data, auth); - asn1_end_tag(&data); - } - } else if (negResult == SPNEGO_NEG_RESULT_INCOMPLETE) { - data.has_error = 1; } asn1_end_tag(&data); |