if (!cli_initialise(cli))
return NULL;
+ /* security = server just can't function with spnego */
+ cli->use_spnego = False;
+
pserver = strdup(lp_passwordserver());
p = pserver;
if (!cli_initialise(cli))
return NULL;
+ /* security = server just can't function with spnego */
+ cli->use_spnego = False;
+
pserver = strdup(lp_passwordserver());
p = pserver;
extern int max_recv;
extern fstring global_myworkgroup;
extern fstring remote_machine;
-BOOL global_encrypted_passwords_negotiated;
+BOOL global_encrypted_passwords_negotiated = False;
+BOOL global_spnego_negotiated = False;
/****************************************************************************
reply for the core protocol
char *principal;
int len;
+ global_spnego_negotiated = True;
+
memset(guid, 0, 16);
safe_strcpy((char *)guid, global_myname, 16);
strlower((char *)guid);
BOOL guest=False;
static BOOL done_sesssetup = False;
extern BOOL global_encrypted_passwords_negotiated;
+ extern BOOL global_spnego_negotiated;
extern uint32 global_client_caps;
extern int Protocol;
extern fstring remote_machine;
/* a SPNEGO session setup has 12 command words, whereas a normal
NT1 session setup has 13. See the cifs spec. */
- if (CVAL(inbuf, smb_wct) == 12 &&
+ if (CVAL(inbuf, smb_wct) == 12 &&
(SVAL(inbuf, smb_flg2) & FLAGS2_EXTENDED_SECURITY)) {
return reply_sesssetup_and_X_spnego(conn, inbuf, outbuf, length, bufsize);
}
+ if (global_spnego_negotiated) {
+ DEBUG(0,("reply_sesssetup_and_X: Rejecting attempt at 'normal' session setup after negotiating spnego.\n"));
+ return ERROR_NT(NT_STATUS_UNSUCCESSFUL);
+ }
+
*smb_apasswd = *smb_ntpasswd = 0;
smb_bufsize = SVAL(inbuf,smb_vwv2);