diff options
author | Stefan Metzmacher <metze@samba.org> | 2015-12-01 11:01:24 +0100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2016-04-12 19:25:22 +0200 |
commit | 2843f012b6bfb6d56e11b1723c0b35531ebf669f (patch) | |
tree | 68bbcbb1381d2e237f973f85d3c9213e3cb2a89d /auth/ntlmssp/ntlmssp_client.c | |
parent | 61ec7f069d777e2688657b490c07ce7499bd7221 (diff) | |
download | samba-2843f012b6bfb6d56e11b1723c0b35531ebf669f.tar.gz |
CVE-2016-2110: auth/ntlmssp: maintain conf_flags and required_flags variables
We now give an error when required flags are missing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Diffstat (limited to 'auth/ntlmssp/ntlmssp_client.c')
-rw-r--r-- | auth/ntlmssp/ntlmssp_client.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/auth/ntlmssp/ntlmssp_client.c b/auth/ntlmssp/ntlmssp_client.c index bf3b8c0dd5f..c8b7c432f8a 100644 --- a/auth/ntlmssp/ntlmssp_client.c +++ b/auth/ntlmssp/ntlmssp_client.c @@ -168,6 +168,9 @@ NTSTATUS gensec_ntlmssp_resume_ccache(struct gensec_security *gensec_security, ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SEAL; } + ntlmssp_state->neg_flags |= ntlmssp_state->required_flags; + ntlmssp_state->conf_flags = ntlmssp_state->neg_flags; + if (DEBUGLEVEL >= 10) { struct NEGOTIATE_MESSAGE *negotiate = talloc( ntlmssp_state, struct NEGOTIATE_MESSAGE); @@ -669,6 +672,9 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security) ntlmssp_state->use_ccache = true; } + ntlmssp_state->neg_flags |= ntlmssp_state->required_flags; + ntlmssp_state->conf_flags = ntlmssp_state->neg_flags; + return NT_STATUS_OK; } |