diff options
author | Bill Ricker <bricker@apple.com> | 2008-04-07 15:02:56 -0700 |
---|---|---|
committer | James Peach <jpeach@samba.org> | 2008-04-07 15:05:51 -0700 |
commit | f700ee6418c7b861efdb0f8eaa61b99ad598b7c3 (patch) | |
tree | 78c875b50374d51bce2300b7f2c6a32c874623a0 /source3/libsmb/clispnego.c | |
parent | 2dfec9e829e6e4c11ebde8c204e06b81cc596a29 (diff) | |
download | samba-f700ee6418c7b861efdb0f8eaa61b99ad598b7c3.tar.gz samba-f700ee6418c7b861efdb0f8eaa61b99ad598b7c3.tar.xz samba-f700ee6418c7b861efdb0f8eaa61b99ad598b7c3.zip |
Fix Kerberos interop with Mac OS X 10.5 clients.
Ignore optional req_flags. Use the Kerberos mechanism OID negotiated
with the client rather than hardcoding OID_KERBEROS5_OLD.
(This used to be commit 59a2bcf30fef14ecc826271862b645dd3a61cb48)
Diffstat (limited to 'source3/libsmb/clispnego.c')
-rw-r--r-- | source3/libsmb/clispnego.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c index a75032a47d6..fa9dba098f6 100644 --- a/source3/libsmb/clispnego.c +++ b/source3/libsmb/clispnego.c @@ -246,6 +246,18 @@ bool parse_negTokenTarg(DATA_BLOB blob, char *OIDs[ASN1_MAX_OIDS], DATA_BLOB *se asn1_end_tag(&data); asn1_end_tag(&data); + /* Skip any optional req_flags that are sent per RFC 4178 */ + if (asn1_check_tag(&data, ASN1_CONTEXT(1))) { + uint8 flags; + + asn1_start_tag(&data, ASN1_CONTEXT(1)); + asn1_start_tag(&data, ASN1_BITFIELD); + while (asn1_tag_remaining(&data) > 0) + asn1_read_uint8(&data, &flags); + asn1_end_tag(&data); + asn1_end_tag(&data); + } + asn1_start_tag(&data, ASN1_CONTEXT(2)); asn1_read_OctetString(&data,secblob); asn1_end_tag(&data); |