From 0d3097c135e382f3540b2bb0fef0497af16d7344 Mon Sep 17 00:00:00 2001
From: Tim Potter <tpot@samba.org>
Date: Mon, 26 May 2003 06:59:38 +0000
Subject: This fixes net rpc vampire when talking to win2k (<sp3).  win2k sends
 back a different sized blob of encrypted password data then we were
 expecting.  There's an extra 32 bytes of unknown stuff. (This used to be
 commit 285952fd626b02362fb6732f90c5a3ce0d2d5ae0)

---
 source3/rpc_parse/parse_net.c | 6 +++---
 source3/rpc_parse/parse_prs.c | 8 ++++----
 2 files changed, 7 insertions(+), 7 deletions(-)

(limited to 'source3/rpc_parse')

diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c
index 2c99d54b1b..7d04eace23 100644
--- a/source3/rpc_parse/parse_net.c
+++ b/source3/rpc_parse/parse_net.c
@@ -2129,12 +2129,12 @@ static BOOL net_io_sam_account_info(const char *desc, uint8 sess_key[16],
 		if (!prs_uint32("pwd_len", ps, depth, &len))
                         return False;
 		old_offset = ps->data_offset;
-		if (len == 0x44)
+		if (len > 0)
 		{
 			if (ps->io)
 			{
 				/* reading */
-                                if (!prs_hash1(ps, ps->data_offset, sess_key))
+                                if (!prs_hash1(ps, ps->data_offset, sess_key, len))
                                         return False;
 			}
 			if (!net_io_sam_passwd_info("pass", &info->pass, 
@@ -2144,7 +2144,7 @@ static BOOL net_io_sam_account_info(const char *desc, uint8 sess_key[16],
 			if (!ps->io)
 			{
 				/* writing */
-                                if (!prs_hash1(ps, old_offset, sess_key))
+                                if (!prs_hash1(ps, old_offset, sess_key, len))
                                         return False;
 			}
 		}
diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c
index e0a75d7382..88150c718b 100644
--- a/source3/rpc_parse/parse_prs.c
+++ b/source3/rpc_parse/parse_prs.c
@@ -1316,7 +1316,7 @@ int tdb_prs_fetch(TDB_CONTEXT *tdb, char *keystr, prs_struct *ps, TALLOC_CTX *me
 /*******************************************************************
  hash a stream.
  ********************************************************************/
-BOOL prs_hash1(prs_struct *ps, uint32 offset, uint8 sess_key[16])
+BOOL prs_hash1(prs_struct *ps, uint32 offset, uint8 sess_key[16], int len)
 {
 	char *q;
 
@@ -1326,12 +1326,12 @@ BOOL prs_hash1(prs_struct *ps, uint32 offset, uint8 sess_key[16])
 #ifdef DEBUG_PASSWORD
 	DEBUG(100, ("prs_hash1\n"));
 	dump_data(100, sess_key, 16);
-	dump_data(100, q, 68);
+	dump_data(100, q, len);
 #endif
-	SamOEMhash((uchar *) q, sess_key, 68);
+	SamOEMhash((uchar *) q, sess_key, len);
 
 #ifdef DEBUG_PASSWORD
-	dump_data(100, q, 68);
+	dump_data(100, q, len);
 #endif
 
 	return True;
-- 
cgit