diff options
author | Stefan Metzmacher <metze@samba.org> | 2016-02-23 19:08:31 +0100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2016-04-12 19:25:24 +0200 |
commit | 423e95b430eea1bb55cddf6c0eedd10dec7b03a1 (patch) | |
tree | 31fc3ca88ee4a593669d1bd2438f4767b7ddbb6e /libcli/auth/proto.h | |
parent | 847192d4939401d7bc2dec495082f08bffc1c6cc (diff) | |
download | samba-423e95b430eea1bb55cddf6c0eedd10dec7b03a1.tar.gz |
CVE-2016-2111: libcli/auth: add NTLMv2_RESPONSE_verify_netlogon_creds() helper function
This is the function that prevents spoofing like
Microsoft's CVE-2015-0005.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Diffstat (limited to 'libcli/auth/proto.h')
-rw-r--r-- | libcli/auth/proto.h | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h index acf39e15287..cc9ae336685 100644 --- a/libcli/auth/proto.h +++ b/libcli/auth/proto.h @@ -155,6 +155,11 @@ bool SMBNTLMv2encrypt(TALLOC_CTX *mem_ctx, const DATA_BLOB *names_blob, DATA_BLOB *lm_response, DATA_BLOB *nt_response, DATA_BLOB *lm_session_key, DATA_BLOB *user_session_key) ; +NTSTATUS NTLMv2_RESPONSE_verify_netlogon_creds(const char *account_name, + const char *account_domain, + const DATA_BLOB response, + const struct netlogon_creds_CredentialState *creds, + const char *workgroup); /*********************************************************** encode a password buffer with a unicode password. The buffer |