s4:libcli: allow a fallback to NTLMSSP if SPNEGO is not supported locally

author Stefan Metzmacher <metze@samba.org>

Thu, 19 Jul 2018 21:04:33 +0000 (23:04 +0200)

committer Karolin Seeger <kseeger@samba.org>

Sat, 28 Jul 2018 04:16:14 +0000 (06:16 +0200)
author Stefan Metzmacher <metze@samba.org>
Thu, 19 Jul 2018 21:04:33 +0000 (23:04 +0200)
committer Karolin Seeger <kseeger@samba.org>
Sat, 28 Jul 2018 04:16:14 +0000 (06:16 +0200)
diff --git a/source4/libcli/smb2/session.c b/source4/libcli/smb2/session.c

index e3e54cbe31a1e213053f3d69542a51d5a281b085..a8985b2542c773d35ae64a7383e82d4880e9e384 100644 (file)
--- a/source4/libcli/smb2/session.c
+++ b/source4/libcli/smb2/session.c
@@ -196,13 +196,38 @@ struct tevent_req *smb2_session_setup_spnego_send(
  
         if (state->out_secblob.length > 0) {
                 chosen_oid = GENSEC_OID_SPNEGO;
+               status = gensec_start_mech_by_oid(session->gensec, chosen_oid);
+               if (!NT_STATUS_IS_OK(status)) {
+                       DEBUG(1, ("Failed to start set GENSEC client mechanism %s: %s\n",
+                                 gensec_get_name_by_oid(session->gensec,
+                                                        chosen_oid),
+                                 nt_errstr(status)));
+                       state->out_secblob = data_blob_null;
+                       chosen_oid = GENSEC_OID_NTLMSSP;
+                       status = gensec_start_mech_by_oid(session->gensec,
+                                                         chosen_oid);
+                       if (!NT_STATUS_IS_OK(status)) {
+                               DEBUG(1, ("Failed to start set (fallback) GENSEC client mechanism %s: %s\n",
+                                         gensec_get_name_by_oid(session->gensec,
+                                                                chosen_oid),
+                                         nt_errstr(status)));
+                       }
+               }
+               if (tevent_req_nterror(req, status)) {
+                       return tevent_req_post(req, ev);
+               }
         } else {
                 chosen_oid = GENSEC_OID_NTLMSSP;
-       }
-
-       status = gensec_start_mech_by_oid(session->gensec, chosen_oid);
-       if (tevent_req_nterror(req, status)) {
-               return tevent_req_post(req, ev);
+               status = gensec_start_mech_by_oid(session->gensec, chosen_oid);
+               if (!NT_STATUS_IS_OK(status)) {
+                       DEBUG(1, ("Failed to start set GENSEC client mechanism %s: %s\n",
+                                 gensec_get_name_by_oid(session->gensec,
+                                                        chosen_oid),
+                                 nt_errstr(status)));
+               }
+               if (tevent_req_nterror(req, status)) {
+                       return tevent_req_post(req, ev);
+               }
         }
  
         smb2_session_setup_spnego_gensec_next(req);
author	Stefan Metzmacher <metze@samba.org>
	Thu, 19 Jul 2018 21:04:33 +0000 (23:04 +0200)
committer	Karolin Seeger <kseeger@samba.org>
	Sat, 28 Jul 2018 04:16:14 +0000 (06:16 +0200)