auth/spnego: handle broken mechListMIC response from Windows 2000

[samba.git] / auth / gensec / spnego.c

diff --git a/auth/gensec/spnego.c b/auth/gensec/spnego.c
index 5126952a6d71e641abe2dacf1c5995b7e4911940..33a4b4688a360a7f641545297d2854cdde8eec8d 100644 (file)
--- a/auth/gensec/spnego.c
+++ b/auth/gensec/spnego.c
@@ -1077,6 +1077,24 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
                        };
                }
 
+               if (spnego.negTokenTarg.mechListMIC.length > 0) {
+                       DATA_BLOB *m = &spnego.negTokenTarg.mechListMIC;
+                       const DATA_BLOB *r = &spnego.negTokenTarg.responseToken;
+
+                       /*
+                        * Windows 2000 has a bug, it repeats the
+                        * responseToken in the mechListMIC field.
+                        */
+                       if (m->length == r->length) {
+                               int cmp;
+
+                               cmp = memcmp(m->data, r->data, m->length);
+                               if (cmp == 0) {
+                                       data_blob_free(m);
+                               }
+                       }
+               }
+
                if (spnego.negTokenTarg.mechListMIC.length > 0) {
                        if (spnego_state->no_response_expected) {
                                spnego_state->needs_mic_check = true;