1 files changed, 9 insertions, 16 deletions

diff --git a/source/libsmb/clispnego.c b/source/libsmb/clispnego.c
index 5ea5cf3011d..6aca217e259 100644
--- a/source/libsmb/clispnego.c
+++ b/source/libsmb/clispnego.c
@@ -348,7 +348,7 @@ int spnego_gen_negTokenTarg(const char *principal, int time_offset,
 {
 	int retval;
 	DATA_BLOB tkt, tkt_wrapped;
-	const char *krb_mechs[] = {OID_KERBEROS5_OLD, OID_KERBEROS5, OID_NTLMSSP, NULL};
+	const char *krb_mechs[] = {OID_KERBEROS5_OLD, OID_NTLMSSP, NULL};
 
 	/* get a kerberos ticket for the service and extract the session key */
 	retval = cli_krb5_get_ticket(principal, time_offset,
@@ -518,10 +518,9 @@ DATA_BLOB spnego_gen_auth_response(DATA_BLOB *reply, NTSTATUS nt_status,
 }
 
 /*
- parse a SPNEGO auth packet. This contains the encrypted passwords
+ parse a SPNEGO NTLMSSP auth packet. This contains the encrypted passwords
 */
-BOOL spnego_parse_auth_response(DATA_BLOB blob, NTSTATUS nt_status,
-				const char *mechOID,
+BOOL spnego_parse_auth_response(DATA_BLOB blob, NTSTATUS nt_status, 
 				DATA_BLOB *auth)
 {
 	ASN1_DATA data;
@@ -542,20 +541,14 @@ BOOL spnego_parse_auth_response(DATA_BLOB blob, NTSTATUS nt_status,
 	asn1_check_enumerated(&data, negResult);
 	asn1_end_tag(&data);
 
-	*auth = data_blob_null;
-
-	if (asn1_tag_remaining(&data)) {
+	if (negResult == SPNEGO_NEG_RESULT_INCOMPLETE) {
 		asn1_start_tag(&data,ASN1_CONTEXT(1));
-		asn1_check_OID(&data, mechOID);
+		asn1_check_OID(&data, OID_NTLMSSP);
+		asn1_end_tag(&data);
+		
+		asn1_start_tag(&data,ASN1_CONTEXT(2));
+		asn1_read_OctetString(&data, auth);
 		asn1_end_tag(&data);
-
-		if (asn1_tag_remaining(&data)) {
-			asn1_start_tag(&data,ASN1_CONTEXT(2));
-			asn1_read_OctetString(&data, auth);
-			asn1_end_tag(&data);
-		}
-	} else if (negResult == SPNEGO_NEG_RESULT_INCOMPLETE) {
-		data.has_error = 1;
 	}
 
 	asn1_end_tag(&data);