CVE-2013-4496:Revert remainder of ce895609b04380bfc41e4f8fddc84bd2f9324340
commit435541a9bc25879ec5cdd987a72a3a278bae2877
authorAndrew Bartlett <abartlet@samba.org>
Wed, 27 Nov 2013 17:50:01 +0000 (28 06:50 +1300)
committerKarolin Seeger <kseeger@samba.org>
Tue, 11 Mar 2014 11:36:45 +0000 (11 12:36 +0100)
tree32719685f7e81946d466ecb8834d0ba5440b5442
parent70efaacd009f44b9b31403afb3c7c858ecdcaf96
CVE-2013-4496:Revert remainder of ce895609b04380bfc41e4f8fddc84bd2f9324340

Part of this was removed when ChangePasswordUser was unimplemented,
but remove the remainder of this flawed commit.  Fully check the
password first, as extract_pw_from_buffer() already does a partial
check of the password because it needs a correct old password to
correctly decrypt the length.

Andrew Bartlett

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
source4/rpc_server/samr/samr_password.c