diff options
author | Stefan Metzmacher <metze@samba.org> | 2015-06-19 01:07:49 +0200 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2015-06-23 22:12:07 +0200 |
commit | 8dbe9d785bd3b3d7bdca1e9854dc0516047d5e5a (patch) | |
tree | d2e5ca40d86fd4fb62f86791e4709ffa20b4deb1 /source3/libads | |
parent | 7b916b5f9a3db5b268639d2d68cfa85e20a83266 (diff) | |
download | samba-8dbe9d785bd3b3d7bdca1e9854dc0516047d5e5a.tar.gz |
s3:libads/sasl: use gensec_max_{input,wrapped}_size() in ads_sasl_spnego_ntlmssp_bind
gensec_sig_size() is for gensec_{sign,seal}_packet() instead of gensec_wrap().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Diffstat (limited to 'source3/libads')
-rw-r--r-- | source3/libads/sasl.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c index db7335ec81e..720ee7852fe 100644 --- a/source3/libads/sasl.c +++ b/source3/libads/sasl.c @@ -250,11 +250,12 @@ static ADS_STATUS ads_sasl_spnego_ntlmssp_bind(ADS_STRUCT *ads) } while (rc == LDAP_SASL_BIND_IN_PROGRESS && !NT_STATUS_IS_OK(nt_status)); if (ads->ldap.wrap_type > ADS_SASLWRAP_TYPE_PLAIN) { - uint32_t sig_size = gensec_sig_size(auth_generic_state->gensec_security, 0); - ads->ldap.out.max_unwrapped = ADS_SASL_WRAPPING_OUT_MAX_WRAPPED - sig_size; - ads->ldap.out.sig_size = sig_size; + size_t max_wrapped = gensec_max_wrapped_size(auth_generic_state->gensec_security); + ads->ldap.out.max_unwrapped = gensec_max_input_size(auth_generic_state->gensec_security); + + ads->ldap.out.sig_size = max_wrapped - ads->ldap.out.max_unwrapped; ads->ldap.in.min_wrapped = ads->ldap.out.sig_size; - ads->ldap.in.max_wrapped = ADS_SASL_WRAPPING_IN_MAX_WRAPPED; + ads->ldap.in.max_wrapped = max_wrapped; status = ads_setup_sasl_wrapping(ads, &ads_sasl_ntlmssp_ops, auth_generic_state->gensec_security); if (!ADS_ERR_OK(status)) { DEBUG(0, ("ads_setup_sasl_wrapping() failed: %s\n", |