Fix obscure bug where if client sends us the krb5 part
authorJeremy Allison <jra@samba.org>
Thu, 14 Feb 2008 03:21:12 +0000 (19:21 -0800)
committerJeremy Allison <jra@samba.org>
Thu, 14 Feb 2008 03:21:12 +0000 (19:21 -0800)
of a SPNEGO packet we could drop into the NTLMSSP
part of the processing. This fix only for 3.0.28a,
I have a proper SPNEGO negotiate fix for 3.2.
Jeremy

source/smbd/sesssetup.c

index d9a52625fe17fa3da0f66873b00721fc26def1cd..4fe3ac3ca5800493305c0989ed8a78e8753b7f12 100644 (file)
@@ -710,6 +710,15 @@ static int reply_spnego_negotiate(connection_struct *conn,
        }
 #endif
 
+       if (got_kerberos_mechanism) {
+               invalidate_intermediate_vuid(vuid);
+               DEBUG(3,("reply_spnego_negotiate: network "
+                       "misconfiguration, client sent us a "
+                       "krb5 ticket and kerberos security "
+                       "not enabled"));
+               return ERROR_NT(NT_STATUS_LOGON_FAILURE);
+       }
+
        if (*auth_ntlmssp_state) {
                auth_ntlmssp_end(auth_ntlmssp_state);
        }