/* The following definitions come from libsmb/clispnego.c */
-DATA_BLOB spnego_gen_negTokenInit(const char *OIDs[],
+DATA_BLOB spnego_gen_negTokenInit(const char *OIDs[],
+ DATA_BLOB *psecblob,
const char *principal);
-DATA_BLOB gen_negTokenInit(const char *OID, DATA_BLOB blob);
bool spnego_parse_negTokenInit(DATA_BLOB blob,
char *OIDs[ASN1_MAX_OIDS],
char **principal,
|| NT_STATUS_IS_OK(nt_status))
&& blob_out.length) {
if (turn == 1) {
+ const char *OIDs_ntlm[] = {OID_NTLMSSP, NULL};
/* and wrap it in a SPNEGO wrapper */
- msg1 = gen_negTokenInit(OID_NTLMSSP, blob_out);
+ msg1 = spnego_gen_negTokenInit(OIDs_ntlm, &blob_out, NULL);
} else {
/* wrap it in SPNEGO */
msg1 = spnego_gen_auth(blob_out);
struct cli_session_setup_ntlmssp_state *state;
NTSTATUS status;
DATA_BLOB blob_out;
+ const char *OIDs_ntlm[] = {OID_NTLMSSP, NULL};
req = tevent_req_create(mem_ctx, &state,
struct cli_session_setup_ntlmssp_state);
goto fail;
}
- state->blob_out = gen_negTokenInit(OID_NTLMSSP, blob_out);
+ state->blob_out = spnego_gen_negTokenInit(OIDs_ntlm, &blob_out, NULL);
data_blob_free(&blob_out);
subreq = cli_sesssetup_blob_send(state, ev, cli, state->blob_out);
/*
generate a negTokenInit packet given a list of supported
- OIDs (the mechanisms) and a principal name string
+ OIDs (the mechanisms) a blob, and a principal name string
*/
-DATA_BLOB spnego_gen_negTokenInit(const char *OIDs[],
+
+DATA_BLOB spnego_gen_negTokenInit(const char *OIDs[],
+ DATA_BLOB *psecblob,
const char *principal)
{
int i;
asn1_pop_tag(data);
asn1_pop_tag(data);
- asn1_push_tag(data, ASN1_CONTEXT(3));
- asn1_push_tag(data, ASN1_SEQUENCE(0));
- asn1_push_tag(data, ASN1_CONTEXT(0));
- asn1_write_GeneralString(data,principal);
- asn1_pop_tag(data);
- asn1_pop_tag(data);
- asn1_pop_tag(data);
-
- asn1_pop_tag(data);
- asn1_pop_tag(data);
-
- asn1_pop_tag(data);
-
- if (data->has_error) {
- DEBUG(1,("Failed to build negTokenInit at offset %d\n", (int)data->ofs));
+ if (psecblob && psecblob->length && psecblob->data) {
+ asn1_push_tag(data, ASN1_CONTEXT(2));
+ asn1_write_OctetString(data,psecblob->data,
+ psecblob->length);
+ asn1_pop_tag(data);
}
- ret = data_blob(data->data, data->length);
- asn1_free(data);
-
- return ret;
-}
-
-/*
- Generate a negTokenInit as used by the client side ... It has a mechType
- (OID), and a mechToken (a security blob) ...
-
- Really, we need to break out the NTLMSSP stuff as well, because it could be
- raw in the packets!
-*/
-DATA_BLOB gen_negTokenInit(const char *OID, DATA_BLOB blob)
-{
- ASN1_DATA *data;
- DATA_BLOB ret;
-
- data = asn1_init(talloc_tos());
- if (data == NULL) {
- return data_blob_null;
+ if (principal) {
+ asn1_push_tag(data, ASN1_CONTEXT(3));
+ asn1_push_tag(data, ASN1_SEQUENCE(0));
+ asn1_push_tag(data, ASN1_CONTEXT(0));
+ asn1_write_GeneralString(data,principal);
+ asn1_pop_tag(data);
+ asn1_pop_tag(data);
+ asn1_pop_tag(data);
}
- asn1_push_tag(data, ASN1_APPLICATION(0));
- asn1_write_OID(data,OID_SPNEGO);
- asn1_push_tag(data, ASN1_CONTEXT(0));
- asn1_push_tag(data, ASN1_SEQUENCE(0));
-
- asn1_push_tag(data, ASN1_CONTEXT(0));
- asn1_push_tag(data, ASN1_SEQUENCE(0));
- asn1_write_OID(data, OID);
- asn1_pop_tag(data);
- asn1_pop_tag(data);
-
- asn1_push_tag(data, ASN1_CONTEXT(2));
- asn1_write_OctetString(data,blob.data,blob.length);
- asn1_pop_tag(data);
-
asn1_pop_tag(data);
asn1_pop_tag(data);
DATA_BLOB null_blob = data_blob_null;
DATA_BLOB request = data_blob_null;
DATA_BLOB spnego_msg = data_blob_null;
+ const char *OIDs_ntlm[] = {OID_NTLMSSP, NULL};
DEBUG(5, ("create_spnego_ntlmssp_auth_rpc_bind_req: Processing NTLMSSP Negotiate\n"));
status = ntlmssp_update(cli->auth->a_u.ntlmssp_state,
}
/* Wrap this in SPNEGO. */
- spnego_msg = gen_negTokenInit(OID_NTLMSSP, request);
+ spnego_msg = spnego_gen_negTokenInit(OIDs_ntlm, &request, NULL);
data_blob_free(&request);
OID_KERBEROS5_OLD,
OID_NTLMSSP,
NULL};
- const char *OIDs_plain[] = {OID_NTLMSSP, NULL};
+ const char *OIDs_ntlm[] = {OID_NTLMSSP, NULL};
sconn->smb1.negprot.spnego = true;
/* strangely enough, NT does not sent the single OID NTLMSSP when
blob = data_blob(guid, 16);
#else
/* Code for standalone WXP client */
- blob = spnego_gen_negTokenInit(OIDs_plain, "NONE");
+ blob = spnego_gen_negTokenInit(OIDs_ntlm, NULL, "NONE");
#endif
} else {
fstring myname;
== -1) {
return data_blob_null;
}
- blob = spnego_gen_negTokenInit(OIDs_krb5, host_princ_s);
+ blob = spnego_gen_negTokenInit(OIDs_krb5, NULL, host_princ_s);
SAFE_FREE(host_princ_s);
}
git.samba.org / kai / samba-autobuild / .git / commitdiff