diff options
author | Volker Lendecke <vl@samba.org> | 2009-03-05 22:20:55 +0100 |
---|---|---|
committer | Volker Lendecke <vl@samba.org> | 2009-03-05 22:28:07 +0100 |
commit | 2544ba6a0a1b9c4bacc93262b8e776bf98456252 (patch) | |
tree | 279b0427024c622595e3f06b3470676c227e403f /source3/rpc_server | |
parent | bb1dab3a97d07dd6778f414ce3bff4f150b60d5d (diff) | |
download | samba-2544ba6a0a1b9c4bacc93262b8e776bf98456252.tar.gz samba-2544ba6a0a1b9c4bacc93262b8e776bf98456252.tar.bz2 samba-2544ba6a0a1b9c4bacc93262b8e776bf98456252.zip |
Complete the fix for bug 6100
According to [MS-RPCE].pdf, section 2.2.2.11:
----
A client or a server that (during composing of a PDU) has allocated more space
for the authentication token than the security provider fills in SHOULD fill in
the rest of the allocated space with zero octets. These zero octets are still
considered to belong to the authentication token part of the PDU.<36>
----
RPC implementations are allowed to send padding bytes at the end of an auth
footer. Windows 7 makes use of this.
Thanks to Nick Meier <nmeier@microsoft.com>
Volker
Diffstat (limited to 'source3/rpc_server')
-rw-r--r-- | source3/rpc_server/srv_pipe.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index 09b1f66440..ac491b9e53 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -2113,7 +2113,7 @@ bool api_pipe_schannel_process(pipes_struct *p, prs_struct *rpc_in, uint32 *p_ss auth_len = p->hdr.auth_len; - if (auth_len != RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN) { + if (auth_len < RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN) { DEBUG(0,("Incorrect auth_len %u.\n", (unsigned int)auth_len )); return False; } |