CVE-2013-4496:Revert remainder of ce895609b04380bfc41e4f8fddc84bd2f9324340
commit48ffca0acac83bb31266390361ee77e1eaa2f2be
authorAndrew Bartlett <abartlet@samba.org>
Wed, 27 Nov 2013 17:50:01 +0000 (28 06:50 +1300)
committerStefan Metzmacher <metze@samba.org>
Thu, 13 Mar 2014 14:06:35 +0000 (13 15:06 +0100)
treed90a9042f9c1764db8e2372f14bb97b9b66d3b2f
parent9f53b61f0674f7855a42b8e0de66f343f4592589
CVE-2013-4496:Revert remainder of ce895609b04380bfc41e4f8fddc84bd2f9324340

Part of this was removed when ChangePasswordUser was unimplemented,
but remove the remainder of this flawed commit.  Fully check the
password first, as extract_pw_from_buffer() already does a partial
check of the password because it needs a correct old password to
correctly decrypt the length.

Andrew Bartlett

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245

Change-Id: Ibccc4ada400b5f89a942d79c1a269b493e0adda6
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://gerrit.samba.org/38

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Mar 13 15:06:35 CET 2014 on sn-devel-104
source4/rpc_server/samr/samr_password.c