{
int retval;
DATA_BLOB tkt, tkt_wrapped;
- const char *krb_mechs[] = {OID_KERBEROS5_OLD, OID_KERBEROS5, OID_NTLMSSP, NULL};
+ const char *krb_mechs[] = {OID_KERBEROS5_OLD, OID_NTLMSSP, NULL};
/* get a kerberos ticket for the service and extract the session key */
retval = cli_krb5_get_ticket(principal, time_offset,
}
/*
- parse a SPNEGO auth packet. This contains the encrypted passwords
+ parse a SPNEGO NTLMSSP auth packet. This contains the encrypted passwords
*/
-BOOL spnego_parse_auth_response(DATA_BLOB blob, NTSTATUS nt_status,
- const char *mechOID,
+BOOL spnego_parse_auth_response(DATA_BLOB blob, NTSTATUS nt_status,
DATA_BLOB *auth)
{
ASN1_DATA data;
asn1_check_enumerated(&data, negResult);
asn1_end_tag(&data);
- *auth = data_blob_null;
-
- if (asn1_tag_remaining(&data)) {
+ if (negResult == SPNEGO_NEG_RESULT_INCOMPLETE) {
asn1_start_tag(&data,ASN1_CONTEXT(1));
- asn1_check_OID(&data, mechOID);
+ asn1_check_OID(&data, OID_NTLMSSP);
+ asn1_end_tag(&data);
+
+ asn1_start_tag(&data,ASN1_CONTEXT(2));
+ asn1_read_OctetString(&data, auth);
asn1_end_tag(&data);
-
- if (asn1_tag_remaining(&data)) {
- asn1_start_tag(&data,ASN1_CONTEXT(2));
- asn1_read_OctetString(&data, auth);
- asn1_end_tag(&data);
- }
- } else if (negResult == SPNEGO_NEG_RESULT_INCOMPLETE) {
- data.has_error = 1;
}
asn1_end_tag(&data);