summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVolker Lendecke <vl@samba.org>2009-03-05 22:20:55 +0100
committerVolker Lendecke <vl@samba.org>2009-03-05 22:28:07 +0100
commit2544ba6a0a1b9c4bacc93262b8e776bf98456252 (patch)
tree279b0427024c622595e3f06b3470676c227e403f
parentbb1dab3a97d07dd6778f414ce3bff4f150b60d5d (diff)
downloadsamba-2544ba6a0a1b9c4bacc93262b8e776bf98456252.tar.gz
samba-2544ba6a0a1b9c4bacc93262b8e776bf98456252.tar.bz2
samba-2544ba6a0a1b9c4bacc93262b8e776bf98456252.zip
Complete the fix for bug 6100
According to [MS-RPCE].pdf, section 2.2.2.11: ---- A client or a server that (during composing of a PDU) has allocated more space for the authentication token than the security provider fills in SHOULD fill in the rest of the allocated space with zero octets. These zero octets are still considered to belong to the authentication token part of the PDU.<36> ---- RPC implementations are allowed to send padding bytes at the end of an auth footer. Windows 7 makes use of this. Thanks to Nick Meier <nmeier@microsoft.com> Volker
-rw-r--r--source3/rpc_server/srv_pipe.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 09b1f66440..ac491b9e53 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -2113,7 +2113,7 @@ bool api_pipe_schannel_process(pipes_struct *p, prs_struct *rpc_in, uint32 *p_ss
auth_len = p->hdr.auth_len;
- if (auth_len != RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN) {
+ if (auth_len < RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN) {
DEBUG(0,("Incorrect auth_len %u.\n", (unsigned int)auth_len ));
return False;
}