diff options
| author | Jeremy Allison <jra@samba.org> | 2006-01-27 02:35:08 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:06:16 -0500 |
| commit | 48dd8c732b890e3fd3d8e80ace765487601cfb26 (patch) | |
| tree | 63d5afdcf92dbb71937ab8f56e1a4316087e9f81 /source | |
| parent | 31b3201f537220ec82d6fecbb4c457bfe3dbb9c9 (diff) | |
| download | samba-48dd8c732b890e3fd3d8e80ace765487601cfb26.tar.gz samba-48dd8c732b890e3fd3d8e80ace765487601cfb26.tar.xz samba-48dd8c732b890e3fd3d8e80ace765487601cfb26.zip | |
r13176: Fix show-stopper bug for 3.0.21b where 4 leg NTLMSSP SPNEGO
auth was not generating the correct auth header on the 4th
packet. This may fix a lot of Windows client complaints and
is essential for release.
Jeremy.
Diffstat (limited to 'source')
| -rw-r--r-- | source/libsmb/spnego.c | 1 | ||||
| -rw-r--r-- | source/rpc_server/srv_pipe.c | 25 |
2 files changed, 24 insertions, 2 deletions
diff --git a/source/libsmb/spnego.c b/source/libsmb/spnego.c index 6cc4436a0cf..f6a66200bac 100644 --- a/source/libsmb/spnego.c +++ b/source/libsmb/spnego.c @@ -341,4 +341,3 @@ BOOL free_spnego_data(SPNEGO_DATA *spnego) out: return ret; } - diff --git a/source/rpc_server/srv_pipe.c b/source/rpc_server/srv_pipe.c index 8084e7673a5..ecf79d0c1f3 100644 --- a/source/rpc_server/srv_pipe.c +++ b/source/rpc_server/srv_pipe.c @@ -1188,12 +1188,17 @@ static BOOL pipe_spnego_auth_bind_negotiate(pipes_struct *p, prs_struct *rpc_in_ static BOOL pipe_spnego_auth_bind_continue(pipes_struct *p, prs_struct *rpc_in_p, RPC_HDR_AUTH *pauth_info, prs_struct *pout_auth) { - DATA_BLOB spnego_blob, auth_blob, auth_reply; + RPC_HDR_AUTH auth_info; + DATA_BLOB spnego_blob; + DATA_BLOB auth_blob; + DATA_BLOB auth_reply; + DATA_BLOB response; AUTH_NTLMSSP_STATE *a = p->auth.a_u.auth_ntlmssp_state; ZERO_STRUCT(spnego_blob); ZERO_STRUCT(auth_blob); ZERO_STRUCT(auth_reply); + ZERO_STRUCT(response); if (p->auth.auth_type != PIPE_AUTH_TYPE_SPNEGO_NTLMSSP || !a) { DEBUG(0,("pipe_spnego_auth_bind_continue: not in NTLMSSP auth state.\n")); @@ -1230,7 +1235,24 @@ static BOOL pipe_spnego_auth_bind_continue(pipes_struct *p, prs_struct *rpc_in_p data_blob_free(&spnego_blob); data_blob_free(&auth_blob); + + /* Generate the spnego "accept completed" blob - no incoming data. */ + response = spnego_gen_auth_response(&auth_reply, NT_STATUS_OK, OID_NTLMSSP); + + /* Copy the blob into the pout_auth parse struct */ + init_rpc_hdr_auth(&auth_info, RPC_SPNEGO_AUTH_TYPE, pauth_info->auth_level, RPC_HDR_AUTH_LEN, 1); + if(!smb_io_rpc_hdr_auth("", &auth_info, pout_auth, 0)) { + DEBUG(0,("pipe_spnego_auth_bind_continue: marshalling of RPC_HDR_AUTH failed.\n")); + goto err; + } + + if (!prs_copy_data_in(pout_auth, (char *)response.data, response.length)) { + DEBUG(0,("pipe_spnego_auth_bind_continue: marshalling of data blob failed.\n")); + goto err; + } + data_blob_free(&auth_reply); + data_blob_free(&response); p->pipe_bound = True; @@ -1241,6 +1263,7 @@ static BOOL pipe_spnego_auth_bind_continue(pipes_struct *p, prs_struct *rpc_in_p data_blob_free(&spnego_blob); data_blob_free(&auth_blob); data_blob_free(&auth_reply); + data_blob_free(&response); free_pipe_ntlmssp_auth_data(&p->auth); p->auth.a_u.auth_ntlmssp_state = NULL; |