summaryrefslogtreecommitdiff
path: root/source4/auth
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2006-07-21 02:05:45 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:10:16 -0500
commitb718193b6bbf67b7677b07c0eb41364672bc69a7 (patch)
treeef7e6e98d9ae11c9f7039641d8c7ca6e04ef81ea /source4/auth
parent048d0c64f9505ad236b9bf138d10ee3e2bb08cec (diff)
downloadsamba-b718193b6bbf67b7677b07c0eb41364672bc69a7.tar.gz
samba-b718193b6bbf67b7677b07c0eb41364672bc69a7.tar.bz2
samba-b718193b6bbf67b7677b07c0eb41364672bc69a7.zip
r17173: Check for oversize output, not oversize input, and fix the GSSAPI mech
to work (it broke it in the previous commit). Andrew Bartlett (This used to be commit e96638bc74f0752ce8af6626a04c92d48b917ffe)
Diffstat (limited to 'source4/auth')
-rw-r--r--source4/auth/gensec/gensec_gssapi.c21
1 files changed, 11 insertions, 10 deletions
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index e8597dc73b..2ff52311c3 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -741,16 +741,6 @@ static NTSTATUS gensec_gssapi_wrap(struct gensec_security *gensec_security,
input_token.length = in->length;
input_token.value = in->data;
- if (gensec_gssapi_state->sasl) {
- size_t max_input_size = gensec_gssapi_max_input_size(gensec_security);
- if (max_input_size < in->length) {
- DEBUG(1, ("gensec_gssapi_wrap: INPUT data (%u) is larger than SASL negotiated maximum size (%u)\n",
- in->length,
- (unsigned int)max_input_size));
- }
- return NT_STATUS_INVALID_PARAMETER;
- }
-
maj_stat = gss_wrap(&min_stat,
gensec_gssapi_state->gssapi_context,
gensec_have_feature(gensec_security, GENSEC_FEATURE_SEAL),
@@ -767,6 +757,17 @@ static NTSTATUS gensec_gssapi_wrap(struct gensec_security *gensec_security,
*out = data_blob_talloc(mem_ctx, output_token.value, output_token.length);
gss_release_buffer(&min_stat, &output_token);
+ if (gensec_gssapi_state->sasl) {
+ size_t max_wrapped_size = gensec_gssapi_max_wrapped_size(gensec_security);
+ if (max_wrapped_size < out->length) {
+ DEBUG(1, ("gensec_gssapi_wrap: when wrapped, INPUT data (%u) is grew to be larger than SASL negotiated maximum output size (%u > %u)\n",
+ in->length,
+ out->length,
+ (unsigned int)max_wrapped_size));
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+ }
+
if (gensec_have_feature(gensec_security, GENSEC_FEATURE_SEAL)
&& !conf_state) {
return NT_STATUS_ACCESS_DENIED;