memset(gss_cksum, '\0', base_cksum_size + orig_length);
SIVAL(gss_cksum, 0, GSSAPI_BNDLENGTH);
- /* Precalculated MD5sum of NULL channel bindings (20 bytes) */
- /* Channel bindings are: (all ints encoded as little endian)
-
- [4 bytes] initiator_addrtype (255 for null bindings)
- [4 bytes] initiator_address length
- [n bytes] .. initiator_address data - not present
- in null bindings.
- [4 bytes] acceptor_addrtype (255 for null bindings)
- [4 bytes] acceptor_address length
- [n bytes] .. acceptor_address data - not present
- in null bindings.
- [4 bytes] application_data length
- [n bytes] .. application_ data - not present
- in null bindings.
- MD5 of this is ""\x14\x8f\x0c\xf7\xb1u\xdey*J\x9a%\xdfV\xc5\x18"
- */
-
- memcpy(&gss_cksum[4],
- "\x14\x8f\x0c\xf7\xb1u\xdey*J\x9a%\xdfV\xc5\x18",
- GSSAPI_BNDLENGTH);
+ /*
+ * GSS_C_NO_CHANNEL_BINDINGS means 16 zero bytes.
+ * This matches the behavior of heimdal and mit.
+ *
+ * And it is needed to work against some closed source
+ * SMB servers.
+ *
+ * See bug #7883
+ */
+ memset(&gss_cksum[4], 0x00, GSSAPI_BNDLENGTH);
SIVAL(gss_cksum, 20, gss_flags);
git.samba.org / samba.git / commitdiff