svn commit: samba r19041 - in branches/SAMBA_3_0/source/libsmb: .

Mon, 02 Oct 2006 05:56:49 -0700 

Author: vlendec
Date: 2006-10-02 12:54:49 +0000 (Mon, 02 Oct 2006)
New Revision: 19041

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=19041

Log:
Make us connect to Vista RC1. Apparently metze had done the same patch some
weeks ago.

We have some work before us, when in AD mode Vista sends
"[EMAIL PROTECTED]" as the principal.....

Volker

Modified:
   branches/SAMBA_3_0/source/libsmb/cliconnect.c
   branches/SAMBA_3_0/source/libsmb/clispnego.c


Changeset:
Modified: branches/SAMBA_3_0/source/libsmb/cliconnect.c
===================================================================
--- branches/SAMBA_3_0/source/libsmb/cliconnect.c       2006-10-02 12:24:51 UTC 
(rev 19040)
+++ branches/SAMBA_3_0/source/libsmb/cliconnect.c       2006-10-02 12:54:49 UTC 
(rev 19041)
@@ -762,8 +762,21 @@
 #endif
                free(OIDs[i]);
        }
-       DEBUG(3,("got principal=%s\n", principal));
 
+       DEBUG(3,("got principal=%s\n", principal ? principal : "<null>"));
+
+       if (got_kerberos_mechanism && (principal == NULL)) {
+               /*
+                * It is WRONG to depend on the principal sent in the negprot
+                * reply, but right now we do it. So for safety (don't
+                * segfault later) disable Kerberos when no principal was
+                * sent. -- VL
+                */
+               DEBUG(1, ("Kerberos mech was offered, but no principal was 
sent\n"));
+               DEBUGADD(1, ("Disabling Kerberos\n"));
+               cli->use_kerberos = False;
+       }
+
        fstrcpy(cli->user_name, user);
 
 #ifdef HAVE_KRB5

Modified: branches/SAMBA_3_0/source/libsmb/clispnego.c
===================================================================
--- branches/SAMBA_3_0/source/libsmb/clispnego.c        2006-10-02 12:24:51 UTC 
(rev 19040)
+++ branches/SAMBA_3_0/source/libsmb/clispnego.c        2006-10-02 12:54:49 UTC 
(rev 19041)
@@ -149,13 +149,16 @@
        asn1_end_tag(&data);
        asn1_end_tag(&data);
 
-       asn1_start_tag(&data, ASN1_CONTEXT(3));
-       asn1_start_tag(&data, ASN1_SEQUENCE(0));
-       asn1_start_tag(&data, ASN1_CONTEXT(0));
-       asn1_read_GeneralString(&data,principal);
-       asn1_end_tag(&data);
-       asn1_end_tag(&data);
-       asn1_end_tag(&data);
+       *principal = NULL;
+       if (asn1_tag_remaining(&data) > 0) {
+               asn1_start_tag(&data, ASN1_CONTEXT(3));
+               asn1_start_tag(&data, ASN1_SEQUENCE(0));
+               asn1_start_tag(&data, ASN1_CONTEXT(0));
+               asn1_read_GeneralString(&data,principal);
+               asn1_end_tag(&data);
+               asn1_end_tag(&data);
+               asn1_end_tag(&data);
+       }
 
        asn1_end_tag(&data);
        asn1_end_tag(&data);

Reply via email to