locked
SSPI Negotiate not packaged properly RRS feed

  • Question

  • I'm trying to get an SSPI SPNEGO token.  When I get the token, though, it is only the NTLMSSP portion and not wrapped in the SPNEGO protocol.

    Here's my code:

     

    SecPkgInfo *secPackInfo;

    QuerySecurityPackageInfo( L"Negotiate", &secPackInfo );

    struct _SecHandle hCtxt;

    DWORD ctxReq = ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT | ISC_REQ_CONFIDENTIALITY | ISC_REQ_DELEGATE;
    DWORD ctxAttr;

    SecBuffer ob;

    obd.ulVersion = SECBUFFER_VERSION;
    obd.cBuffers = 1;
    obd.pBuffers = &ob; // just one buffer
    ob.BufferType = SECBUFFER_TOKEN; // preping a token here
    ob.cbBuffer = secPackInfo->cbMaxToken;
    ob.pvBuffer = LocalAlloc( 0, ob.cbBuffer );

    SECURITY_STATUS ss = AcquireCredentialsHandle(NULL, L"Negotiate", SECPKG_CRED_OUTBOUND, NULL, nameAndPwd, NULL, NULL, &hCred, &Lifetime); 

    unsigned int rc = InitializeSecurityContext(&hCred, NULL, L"jbaron\\james", ctxReq, 0, SECURITY_NATIVE_DREP, NULL, 0, &hCtxt, &obd, &ctxAttr, &Lifetime);

     for(int x = 0; x < ob.cbBuffer; ++x)
     andx_buf[x + offset] = ((const char*)ob.pvBuffer)[x]; /// starts with NTLMSSP

     


    • Edited by Blue Baron Wednesday, December 14, 2011 3:50 PM
    Wednesday, December 14, 2011 3:29 PM