diff options
author | Volker Lendecke <vlendec@samba.org> | 2003-05-11 08:08:25 +0000 |
---|---|---|
committer | Volker Lendecke <vlendec@samba.org> | 2003-05-11 08:08:25 +0000 |
commit | 914ef37419ebc8660fed3bb645f990ce27295d34 (patch) | |
tree | a8332e8dd05ba588f26e0cd9ab038bbc65ec54a1 /source3 | |
parent | 690641e8cc0366e45dd796063fba10a9b63084e1 (diff) | |
download | samba-914ef37419ebc8660fed3bb645f990ce27295d34.tar.gz samba-914ef37419ebc8660fed3bb645f990ce27295d34.tar.bz2 samba-914ef37419ebc8660fed3bb645f990ce27295d34.zip |
Ok, this is a hack. On a netsec bind reply I did not see anything
useful in the auth verifier yet. So this patch ignores it.
Really checking this would be a lot more intrusive: in rpc_api_pipe we
would have to distinguish between binds and normal requests, or have
more state in the netsec info of cli_state, which is also somewhat
hackish.
Volker
(This used to be commit 8de04fcf680a9bc5054965577eb500e0541ffe66)
Diffstat (limited to 'source3')
-rw-r--r-- | source3/rpc_client/cli_pipe.c | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index 223d6a707e..4f465d7453 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -307,6 +307,26 @@ static BOOL rpc_auth_pipe(struct cli_state *cli, prs_struct *rdata, prs_struct auth_verf; if (auth_len != RPC_AUTH_NETSEC_CHK_LEN) { + + if ( (auth_len == 12) && + (cli->auth_info.seq_num == 0) ) { + + /* This is the reply to our bind. Ok, + the sequence number can wrap + around. But this only means that + every 4 billion request we + misdetect a wrong length in a + reply. This is an error condition + which will lead to failure anyway + later. + + The reply contains a + RPC_AUTH_VERIFIER with no content + (12 bytes), so ignore it. + */ + return True; + } + DEBUG(0,("rpc_auth_pipe: wrong schannel auth len %d\n", auth_len)); return False; } |