s4:gensec_tstream: allow wrapped messages up to a size of 0xfffffff

author Stefan Metzmacher <metze@samba.org>

Fri, 22 Apr 2016 14:18:24 +0000 (16:18 +0200)

committer Karolin Seeger <kseeger@samba.org>

Fri, 29 Apr 2016 10:06:25 +0000 (12:06 +0200)
author Stefan Metzmacher <metze@samba.org>
Fri, 22 Apr 2016 14:18:24 +0000 (16:18 +0200)
committer Karolin Seeger <kseeger@samba.org>
Fri, 29 Apr 2016 10:06:25 +0000 (12:06 +0200)
diff --git a/source4/auth/gensec/gensec_tstream.c b/source4/auth/gensec/gensec_tstream.c

index 92f4fa6687cef7921a7e07577a526047842ef774..c828170b1709ed2291d4446fd214005a5799db0b 100644 (file)
--- a/source4/auth/gensec/gensec_tstream.c
+++ b/source4/auth/gensec/gensec_tstream.c
@@ -253,7 +253,11 @@ static int tstream_gensec_readv_next_vector(struct tstream_context *unix_stream,
  
                 msg_len = RIVAL(state->wrapped.hdr, 0);
  
-               if (msg_len > 0x00FFFFFF) {
+               /*
+                * I got a Windows 2012R2 server responding with
+                * a message of 0x1b28a33.
+                */
+               if (msg_len > 0x0FFFFFFF) {
                         errno = EMSGSIZE;
                         return -1;
                 }
author	Stefan Metzmacher <metze@samba.org>
	Fri, 22 Apr 2016 14:18:24 +0000 (16:18 +0200)
committer	Karolin Seeger <kseeger@samba.org>
	Fri, 29 Apr 2016 10:06:25 +0000 (12:06 +0200)