Complete the fix for bug 6100

According to [MS-RPCE].pdf, section 2.2.2.11: ---- A client or a server that (during composing of a PDU) has allocated more space for the authentication token than the security provider fills in SHOULD fill in the rest of the allocated space with zero octets. These zero octets are still considered to belong to the authentication token part of the PDU.<36> ---- RPC implementations are allowed to send padding bytes at the end of an auth footer. Windows 7 makes use of this. Thanks to Nick Meier <nmeier@microsoft.com> Volker (cherry picked from commit 7274d5691a339087f2770acf2f954830506f5cdc)
author: Volker Lendecke <vl@samba.org> 2009-03-05 15:14:27 -0800
committer: Karolin Seeger <kseeger@samba.org> 2009-07-30 09:22:13 +0200
commit: 09d7055c12e4a90eb74417ff37bb3359272607fd (patch)
tree: dc1c0a164a3eaa3bbffc75e83a0b40d17bd8a384
parent: 9fe089291df30035974b750b4da7e6fa20b9c8a5 (diff)
download: samba-09d7055c12e4a90eb74417ff37bb3359272607fd.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/source/rpc_server/srv_pipe.c b/source/rpc_server/srv_pipe.c
index db1c3fea0e5..d491bc22450 100644
--- a/source/rpc_server/srv_pipe.c
+++ b/source/rpc_server/srv_pipe.c
@@ -2062,7 +2062,7 @@ BOOL api_pipe_schannel_process(pipes_struct *p, prs_struct *rpc_in, uint32 *p_ss
 
 	auth_len = p->hdr.auth_len;
 
-	if (auth_len != RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN) {
+	if (auth_len < RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN) {
 		DEBUG(0,("Incorrect auth_len %u.\n", (unsigned int)auth_len ));
 		return False;
 	}
author	Volker Lendecke <vl@samba.org>	2009-03-05 15:14:27 -0800
committer	Karolin Seeger <kseeger@samba.org>	2009-07-30 09:22:13 +0200
commit	09d7055c12e4a90eb74417ff37bb3359272607fd (patch)
tree	dc1c0a164a3eaa3bbffc75e83a0b40d17bd8a384
parent	9fe089291df30035974b750b4da7e6fa20b9c8a5 (diff)
download	samba-09d7055c12e4a90eb74417ff37bb3359272607fd.tar.gz