s3-libads Default to NOT using the server-supplied principal from SPNEGO

[metze/samba/wip.git] / source3 / libsmb / cliconnect.c

diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 54e6a5d16691ba55458155ac2467d2d380f1e766..c66314891d0784c60a868d1fbaa76413664b7a2d 100644 (file)
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -25,6 +25,8 @@
 #include "smb_krb5.h"
 #include "../libcli/auth/ntlmssp.h"
 #include "libads/kerberos_proto.h"
+#include "krb5_env.h"
+#include "async_smb.h"
 
 static const struct {
        int prot;
@@ -1227,7 +1229,8 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user,
         * negprot reply. It is WRONG to depend on the principal sent in the
         * negprot reply, but right now we do it. If we don't receive one,
         * we try to best guess, then fall back to NTLM.  */
-       if (!spnego_parse_negTokenInit(talloc_tos(), blob, OIDs, &principal, NULL)) {
+       if (!spnego_parse_negTokenInit(talloc_tos(), blob, OIDs, &principal, NULL) ||
+                       OIDs[0] == NULL) {
                data_blob_free(&blob);
                return ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
        }
@@ -1276,10 +1279,9 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user,
                        }
                }
 
-               /* If we get a bad principal, try to guess it if
-                  we have a valid host NetBIOS name.
+               /* We may not be allowed to use the server-supplied SPNEGO principal, or it may not have been supplied to us
                 */
-               if (strequal(principal, ADS_IGNORE_PRINCIPAL)) {
+               if (!lp_client_use_spnego_principal() || strequal(principal, ADS_IGNORE_PRINCIPAL)) {
                        TALLOC_FREE(principal);
                }
 
@@ -1497,7 +1499,7 @@ NTSTATUS cli_session_setup(struct cli_state *cli,
 
 struct cli_ulogoff_state {
        struct cli_state *cli;
-       uint16_t vwv[2];
+       uint16_t vwv[3];
 };
 
 static void cli_ulogoff_done(struct tevent_req *subreq);
@@ -2134,6 +2136,11 @@ static void cli_negprot_done(struct tevent_req *subreq)
                        SAFE_FREE(cli->inbuf);
                        cli->outbuf = (char *)SMB_MALLOC(CLI_SAMBA_MAX_LARGE_READX_SIZE+LARGE_WRITEX_HDR_SIZE+SAFETY_MARGIN);
                        cli->inbuf = (char *)SMB_MALLOC(CLI_SAMBA_MAX_LARGE_READX_SIZE+LARGE_WRITEX_HDR_SIZE+SAFETY_MARGIN);
+                       if (!cli->outbuf || !cli->inbuf) {
+                               tevent_req_nterror(req,
+                                               NT_STATUS_NO_MEMORY);
+                               return;
+                       }
                        cli->bufsize = CLI_SAMBA_MAX_LARGE_READX_SIZE + LARGE_WRITEX_HDR_SIZE;
                }
 
@@ -2222,6 +2229,7 @@ bool cli_session_request(struct cli_state *cli,
 {
        char *p;
        int len = 4;
+       int namelen = 0;
        char *tmp;
 
        /* 445 doesn't have session request */
@@ -2240,8 +2248,11 @@ bool cli_session_request(struct cli_state *cli,
        }
 
        p = cli->outbuf+len;
-       memcpy(p, tmp, name_len(tmp));
-       len += name_len(tmp);
+       namelen = name_len((unsigned char *)tmp, talloc_get_size(tmp));
+       if (namelen > 0) {
+               memcpy(p, tmp, namelen);
+               len += namelen;
+       }
        TALLOC_FREE(tmp);
 
        /* and my name */
@@ -2253,8 +2264,11 @@ bool cli_session_request(struct cli_state *cli,
        }
 
        p = cli->outbuf+len;
-       memcpy(p, tmp, name_len(tmp));
-       len += name_len(tmp);
+       namelen = name_len((unsigned char *)tmp, talloc_get_size(tmp));
+       if (namelen > 0) {
+               memcpy(p, tmp, namelen);
+               len += namelen;
+       }
        TALLOC_FREE(tmp);
 
        /* send a session request (RFC 1002) */