diff options
author | Günther Deschner <gd@samba.org> | 2018-03-14 15:35:01 +0100 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2018-08-11 08:16:03 +0200 |
commit | f0bd8cc723d8f119f90367f6d0258ff250a6075c (patch) | |
tree | 17df184d48e6ac8b0032fb3bb43561f926ce106f | |
parent | 5fb35b7f8e184879c3c8931e9af31befdc75aeac (diff) | |
download | samba-f0bd8cc723d8f119f90367f6d0258ff250a6075c.tar.gz |
CVE-2018-1139 s3-utils: use enum ntlm_auth_level in ntlm_password_check().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360
CVE-2018-1139: Weak authentication protocol allowed.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
-rw-r--r-- | source3/utils/ntlm_auth.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c index 3f544902a24..8f77680416f 100644 --- a/source3/utils/ntlm_auth.c +++ b/source3/utils/ntlm_auth.c @@ -1010,7 +1010,7 @@ static NTSTATUS local_pw_check(struct auth4_context *auth4_context, *pauthoritative = 1; nt_status = ntlm_password_check(mem_ctx, - true, true, 0, + true, NTLM_AUTH_ON, 0, &auth4_context->challenge.data, &user_info->password.response.lanman, &user_info->password.response.nt, @@ -1719,7 +1719,9 @@ static void manage_ntlm_server_1_request(enum stdio_helper_mode stdio_helper_mod nt_lm_owf_gen (opt_password, nt_pw.hash, lm_pw.hash); nt_status = ntlm_password_check(mem_ctx, - true, true, 0, + true, + NTLM_AUTH_ON, + 0, &challenge, &lm_response, &nt_response, |