summaryrefslogtreecommitdiff
path: root/source4/rpc_server/dcerpc_server.c
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2008-09-12 15:47:02 +0200
committerStefan Metzmacher <metze@samba.org>2008-09-13 20:37:12 +0200
commit9a222474bb891e0b1839ecad009e5d0420d4b308 (patch)
tree196e70ccc28b2777edabeb0c18c301f29920d8ef /source4/rpc_server/dcerpc_server.c
parent48f500edc0ea415092cb30662506746fa4b0f180 (diff)
downloadsamba-9a222474bb891e0b1839ecad009e5d0420d4b308.tar.gz
samba-9a222474bb891e0b1839ecad009e5d0420d4b308.tar.bz2
samba-9a222474bb891e0b1839ecad009e5d0420d4b308.zip
rpc_server: don't send auth trailers in level connect
Also ignore auth trailers in level connect on receive. This fixes [krb5,connect] against windows. TODO: maybe the gensec mech need to decide if signatures are needed in level connect. metze (This used to be commit 2e3629719790e7631d9de383b565dc8a0997bcfb)
Diffstat (limited to 'source4/rpc_server/dcerpc_server.c')
-rw-r--r--source4/rpc_server/dcerpc_server.c11
1 files changed, 7 insertions, 4 deletions
diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c
index fa7b8d26f5..e5f59d0cf9 100644
--- a/source4/rpc_server/dcerpc_server.c
+++ b/source4/rpc_server/dcerpc_server.c
@@ -951,13 +951,16 @@ _PUBLIC_ NTSTATUS dcesrv_reply(struct dcesrv_call_state *call)
request header size */
chunk_size = call->conn->cli_max_recv_frag;
chunk_size -= DCERPC_REQUEST_LENGTH;
- if (call->conn->auth_state.gensec_security) {
- chunk_size -= DCERPC_AUTH_TRAILER_LENGTH;
+ if (call->conn->auth_state.auth_info &&
+ call->conn->auth_state.gensec_security) {
sig_size = gensec_sig_size(call->conn->auth_state.gensec_security,
call->conn->cli_max_recv_frag);
- chunk_size -= sig_size;
- chunk_size -= (chunk_size % 16);
+ if (sig_size) {
+ chunk_size -= DCERPC_AUTH_TRAILER_LENGTH;
+ chunk_size -= sig_size;
+ }
}
+ chunk_size -= (chunk_size % 16);
do {
uint32_t length;
generated by cgit (git 2.34.1) at 2024-07-03 00:44:48 +0000