summaryrefslogtreecommitdiffstats
path: root/source3/libsmb/clispnego.c
diff options
context:
space:
mode:
authorBill Ricker <bricker@apple.com>2008-04-07 15:02:56 -0700
committerJames Peach <jpeach@samba.org>2008-04-07 15:05:51 -0700
commitf700ee6418c7b861efdb0f8eaa61b99ad598b7c3 (patch)
tree78c875b50374d51bce2300b7f2c6a32c874623a0 /source3/libsmb/clispnego.c
parent2dfec9e829e6e4c11ebde8c204e06b81cc596a29 (diff)
downloadsamba-f700ee6418c7b861efdb0f8eaa61b99ad598b7c3.tar.gz
samba-f700ee6418c7b861efdb0f8eaa61b99ad598b7c3.tar.xz
samba-f700ee6418c7b861efdb0f8eaa61b99ad598b7c3.zip
Fix Kerberos interop with Mac OS X 10.5 clients.
Ignore optional req_flags. Use the Kerberos mechanism OID negotiated with the client rather than hardcoding OID_KERBEROS5_OLD. (This used to be commit 59a2bcf30fef14ecc826271862b645dd3a61cb48)
Diffstat (limited to 'source3/libsmb/clispnego.c')
-rw-r--r--source3/libsmb/clispnego.c12
1 files changed, 12 insertions, 0 deletions
diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c
index a75032a47d6..fa9dba098f6 100644
--- a/source3/libsmb/clispnego.c
+++ b/source3/libsmb/clispnego.c
@@ -246,6 +246,18 @@ bool parse_negTokenTarg(DATA_BLOB blob, char *OIDs[ASN1_MAX_OIDS], DATA_BLOB *se
asn1_end_tag(&data);
asn1_end_tag(&data);
+ /* Skip any optional req_flags that are sent per RFC 4178 */
+ if (asn1_check_tag(&data, ASN1_CONTEXT(1))) {
+ uint8 flags;
+
+ asn1_start_tag(&data, ASN1_CONTEXT(1));
+ asn1_start_tag(&data, ASN1_BITFIELD);
+ while (asn1_tag_remaining(&data) > 0)
+ asn1_read_uint8(&data, &flags);
+ asn1_end_tag(&data);
+ asn1_end_tag(&data);
+ }
+
asn1_start_tag(&data, ASN1_CONTEXT(2));
asn1_read_OctetString(&data,secblob);
asn1_end_tag(&data);