Commit 21645023 authored by Kai Blin's avatar Kai Blin Committed by Alexandre Julliard

secur32: Gracefully handle ntlm_auth versions that don't support the new commands.

parent fc6d24f3
......@@ -236,11 +236,6 @@ SECURITY_STATUS run_helper(PNegoHelper helper, char *buffer,
return SEC_E_ILLEGAL_MESSAGE;
}
if( (*buflen <= 3) && (strncmp(helper->com_buf, "BH", 2) == 0))
{
return SEC_E_INTERNAL_ERROR;
}
/* We only get ERR if the input size is too big. On a GENSEC error,
* ntlm_auth will return BH */
if(strncmp(helper->com_buf, "ERR", 3) == 0)
......
......@@ -627,6 +627,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(
if(buffer_len < 3)
{
TRACE("No flags negotiated, or helper does not support GF command\n");
helper->neg_flags = 0l;
}
else
{
......@@ -640,13 +641,9 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(
if((ret = run_helper(helper, buffer, max_len, &buffer_len)) != SEC_E_OK)
goto isc_end;
if(buffer_len < 3)
TRACE("Helper does not support GK command\n");
else
{
if(strncmp(buffer, "BH ", 3) == 0)
if(strncmp(buffer, "BH", 2) == 0)
{
TRACE("Helper sent %s\n", debugstr_a(buffer+3));
TRACE("Helper does not understand command or no key negotiated.\n");
helper->valid_session_key = FALSE;
helper->session_key = HeapAlloc(GetProcessHeap(), 0, 16);
/*Generate the dummy session key = MD4(MD4(password))*/
......@@ -674,7 +671,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(
}
memcpy(helper->session_key, bin, bin_len);
}
}
helper->crypt.ntlm.a4i = SECUR32_arc4Alloc();
SECUR32_arc4Init(helper->crypt.ntlm.a4i, helper->session_key, 16);
helper->crypt.ntlm.seq_num = 0l;
......@@ -1239,7 +1236,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_MakeSignature(PCtxtHandle phContext, ULONG
return SEC_E_UNSUPPORTED_FUNCTION;
}
if(helper->neg_flags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN)
if(helper->neg_flags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN || helper->neg_flags == 0)
{
TRACE("Generating dummy signature\n");
/* A dummy signature is 0x01 followed by 15 bytes of 0x00 */
......@@ -1315,7 +1312,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_VerifySignature(PCtxtHandle phContext,
return SEC_E_UNSUPPORTED_FUNCTION;
}
if(helper->neg_flags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN)
if(helper->neg_flags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN || helper->neg_flags == 0)
{
const BYTE dummy_sig[] = {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment