CVE-2016-2110: auth/ntlmssp: implement new_spnego support including MIC checking (as server)

We now include a MsvAvTimestamp in our target info as indication for the client to include a NTLMSSP_MIC in the AUTH_MESSAGE. If the client uses NTLMv2 we check NTLMSSP_AVFLAG_MIC_IN_AUTHENTICATE_MESSAGE and require a valid MIC. This is still disabled if the "map to guest" feature is used. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
author: Stefan Metzmacher <metze@samba.org> 2015-11-19 16:02:58 +0100
committer: Stefan Metzmacher <metze@samba.org> 2016-04-12 19:25:23 +0200
commit: c0fc6a6d7f7a9d709f35c1a7e4812c0a89285977 (patch)
tree: 135ea341544fd50b3853646fd5b3c25b63264c23 /auth/ntlmssp/gensec_ntlmssp.c
parent: 8b76b05fe7aafe4b2bdc32d477bf2a20be71b6f3 (diff)
download: samba-c0fc6a6d7f7a9d709f35c1a7e4812c0a89285977.tar.gz
1 files changed, 9 insertions, 0 deletions
diff --git a/auth/ntlmssp/gensec_ntlmssp.c b/auth/ntlmssp/gensec_ntlmssp.c
index 567258914af..329d8eb4751 100644
--- a/auth/ntlmssp/gensec_ntlmssp.c
+++ b/auth/ntlmssp/gensec_ntlmssp.c
@@ -105,6 +105,15 @@ bool gensec_ntlmssp_have_feature(struct gensec_security *gensec_security,
 	if (feature & GENSEC_FEATURE_SIGN_PKT_HEADER) {
 		return true;
 	}
+	if (feature & GENSEC_FEATURE_NEW_SPNEGO) {
+		if (!ntlmssp_state->session_key.length) {
+			return false;
+		}
+		if (!(ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SIGN)) {
+			return false;
+		}
+		return ntlmssp_state->new_spnego;
+	}
 
 	return false;
 }
author	Stefan Metzmacher <metze@samba.org>	2015-11-19 16:02:58 +0100
committer	Stefan Metzmacher <metze@samba.org>	2016-04-12 19:25:23 +0200
commit	c0fc6a6d7f7a9d709f35c1a7e4812c0a89285977 (patch)
tree	135ea341544fd50b3853646fd5b3c25b63264c23 /auth/ntlmssp/gensec_ntlmssp.c
parent	8b76b05fe7aafe4b2bdc32d477bf2a20be71b6f3 (diff)
download	samba-c0fc6a6d7f7a9d709f35c1a7e4812c0a89285977.tar.gz