secur32: Revert "secur32: Work around ntlm_auth in Samba 3.0.28a being broken for cached credentials".
This reverts commit7788c8ed0d
, as well as commitec443be738
. Due to erroneous user input, these commits actually broke more than they fixed.
This commit is contained in:
parent
dfb2b429a0
commit
e6ac20e814
|
@ -471,6 +471,7 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(
|
||||||
if((phContext == NULL) && (pInput == NULL))
|
if((phContext == NULL) && (pInput == NULL))
|
||||||
{
|
{
|
||||||
static char helper_protocol[] = "--helper-protocol=ntlmssp-client-1";
|
static char helper_protocol[] = "--helper-protocol=ntlmssp-client-1";
|
||||||
|
static CHAR credentials_argv[] = "--use-cached-creds";
|
||||||
SEC_CHAR *client_argv[5];
|
SEC_CHAR *client_argv[5];
|
||||||
int pwlen = 0;
|
int pwlen = 0;
|
||||||
|
|
||||||
|
@ -549,10 +550,10 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(
|
||||||
}
|
}
|
||||||
username = ntlm_GetUsernameArg(ui->wkui1_username, -1);
|
username = ntlm_GetUsernameArg(ui->wkui1_username, -1);
|
||||||
|
|
||||||
FIXME("using ntlm_auth cached credentials not supported\n");
|
TRACE("using cached credentials\n");
|
||||||
|
|
||||||
client_argv[2] = username;
|
client_argv[2] = username;
|
||||||
client_argv[3] = NULL;
|
client_argv[3] = credentials_argv;
|
||||||
client_argv[4] = NULL;
|
client_argv[4] = NULL;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -644,8 +645,8 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(
|
||||||
if(fContextReq & ISC_REQ_DELEGATE)
|
if(fContextReq & ISC_REQ_DELEGATE)
|
||||||
ctxt_attr |= ISC_RET_DELEGATE;
|
ctxt_attr |= ISC_RET_DELEGATE;
|
||||||
|
|
||||||
/* If no password is given, use an empty password instead. This is the
|
/* If no password is given, try to use cached credentials. Fall back to an empty
|
||||||
* SMB way to do "anonymous" authentication. */
|
* password if this failed. */
|
||||||
if(!password && !ntlm_cred->password)
|
if(!password && !ntlm_cred->password)
|
||||||
{
|
{
|
||||||
lstrcpynA(buffer, "OK", max_len-1);
|
lstrcpynA(buffer, "OK", max_len-1);
|
||||||
|
@ -654,17 +655,15 @@ static SECURITY_STATUS SEC_ENTRY ntlm_InitializeSecurityContextW(
|
||||||
cleanup_helper(helper);
|
cleanup_helper(helper);
|
||||||
goto isc_end;
|
goto isc_end;
|
||||||
}
|
}
|
||||||
/* If the helper replied with "PW", give an empty password. */
|
/* If the helper replied with "PW", using cached credentials failed */
|
||||||
if(!strncmp(buffer, "PW", 2))
|
if(!strncmp(buffer, "PW", 2))
|
||||||
{
|
{
|
||||||
TRACE("Using cached credentials failed.\n");
|
TRACE("Using cached credentials failed.\n");
|
||||||
lstrcpynA(buffer, "PW AA==", max_len-1);
|
ret = SEC_E_NO_CREDENTIALS;
|
||||||
|
goto isc_end;
|
||||||
}
|
}
|
||||||
else
|
else /* Just do a noop on the next run */
|
||||||
{
|
|
||||||
/* Just do a noop on the next run */
|
|
||||||
lstrcpynA(buffer, "OK", max_len-1);
|
lstrcpynA(buffer, "OK", max_len-1);
|
||||||
}
|
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in New Issue