Author: abartlet Date: 2005-08-02 06:36:42 +0000 (Tue, 02 Aug 2005) New Revision: 8912
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=8912 Log: Samba 3.0 was failing from a Vista client, because it was using 'raw' NTLMSSP (not wrapped in SPNEGO). We really should have supported this anyway, but we got away with it for a while... Andrew Bartlett Modified: branches/SAMBA_3_0/source/smbd/sesssetup.c Changeset: Modified: branches/SAMBA_3_0/source/smbd/sesssetup.c =================================================================== --- branches/SAMBA_3_0/source/smbd/sesssetup.c 2005-08-02 06:24:45 UTC (rev 8911) +++ branches/SAMBA_3_0/source/smbd/sesssetup.c 2005-08-02 06:36:42 UTC (rev 8912) @@ -353,7 +353,8 @@ static BOOL reply_spnego_ntlmssp(connection_struct *conn, char *inbuf, char *outbuf, uint16 vuid, AUTH_NTLMSSP_STATE **auth_ntlmssp_state, - DATA_BLOB *ntlmssp_blob, NTSTATUS nt_status) + DATA_BLOB *ntlmssp_blob, NTSTATUS nt_status, + BOOL wrap) { BOOL ret; DATA_BLOB response; @@ -406,9 +407,16 @@ } } - response = spnego_gen_auth_response(ntlmssp_blob, nt_status, OID_NTLMSSP); + if (wrap) { + response = spnego_gen_auth_response(ntlmssp_blob, nt_status, OID_NTLMSSP); + } else { + response = *ntlmssp_blob; + } + ret = reply_sesssetup_blob(conn, outbuf, response, nt_status); - data_blob_free(&response); + if (wrap) { + data_blob_free(&response); + } /* NT_STATUS_MORE_PROCESSING_REQUIRED from our NTLMSSP code tells us, and the other end, that we are not finished yet. */ @@ -504,8 +512,8 @@ data_blob_free(&secblob); reply_spnego_ntlmssp(conn, inbuf, outbuf, vuid, auth_ntlmssp_state, - &chal, nt_status); - + &chal, nt_status, True); + data_blob_free(&chal); /* already replied */ @@ -550,7 +558,7 @@ reply_spnego_ntlmssp(conn, inbuf, outbuf, vuid, auth_ntlmssp_state, - &auth_reply, nt_status); + &auth_reply, nt_status, True); data_blob_free(&auth_reply); @@ -652,6 +660,31 @@ return ret; } + if (strncmp(blob1.data, "NTLMSSP", 7) == 0) { + DATA_BLOB chal; + NTSTATUS nt_status; + if (!vuser->auth_ntlmssp_state) { + nt_status = auth_ntlmssp_start(&vuser->auth_ntlmssp_state); + if (!NT_STATUS_IS_OK(nt_status)) { + /* Kill the intermediate vuid */ + invalidate_vuid(vuid); + + return ERROR_NT(nt_status); + } + } + + nt_status = auth_ntlmssp_update(vuser->auth_ntlmssp_state, + blob1, &chal); + + data_blob_free(&blob1); + + reply_spnego_ntlmssp(conn, inbuf, outbuf, vuid, + &vuser->auth_ntlmssp_state, + &chal, nt_status, False); + data_blob_free(&blob1); + return -1; + } + /* what sort of packet is this? */ DEBUG(1,("Unknown packet in reply_sesssetup_and_X_spnego\n"));
