diff options
| author | Günther Deschner <gd@samba.org> | 2009-09-08 11:57:52 +0200 |
|---|---|---|
| committer | Günther Deschner <gd@samba.org> | 2009-09-08 12:34:10 +0200 |
| commit | 5b2b5abf4f630c28dc5f018ecced3894ae66f491 (patch) | |
| tree | f597c9c925cbe479620822bb1a00b754ba6c4981 /source3/rpc_client | |
| parent | 9c4827e433e675292892bc82743d885b53574c9a (diff) | |
| download | samba-5b2b5abf4f630c28dc5f018ecced3894ae66f491.tar.gz samba-5b2b5abf4f630c28dc5f018ecced3894ae66f491.tar.xz samba-5b2b5abf4f630c28dc5f018ecced3894ae66f491.zip | |
s3-schannel: Fix Bug #6697. Interdomain trusts with Windows 2008 R2 DCs.
The Schannel verifier (aka NL_AUTH_SIGNATURE) structure (32 byte) sent from a
W2k8r2 DC is passed in a buffer with the size of a NL_AUTH_SHA2_SIGNATURE (56
byte). We should just ignore the remaining 12 zeroed bytes and proceed.
Guenther
Diffstat (limited to 'source3/rpc_client')
| -rw-r--r-- | source3/rpc_client/cli_pipe.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index 0f647190181..5af2c95811f 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -681,7 +681,7 @@ static NTSTATUS cli_pipe_verify_schannel(struct rpc_pipe_client *cli, RPC_HDR *p return NT_STATUS_OK; } - if (auth_len != RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN) { + if (auth_len < RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN) { DEBUG(0,("cli_pipe_verify_schannel: auth_len %u.\n", (unsigned int)auth_len )); return NT_STATUS_INVALID_PARAMETER; } |