CVE-2016-2110: auth/gensec: fix the client side of a new_spnego exchange

Even for SMB where the server provides its mech list,
the client needs to remember its own mech list for the
mechListMIC calculation.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

auth/gensec/spnego.c

@@ -784,6 +784,7 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
 
 		const char *my_mechs[] = {NULL, NULL};
 		NTSTATUS nt_status = NT_STATUS_INVALID_PARAMETER;
+		bool ok;
 
 		if (!in.length) {
 			/* client to produce negTokenInit */
@@ -846,6 +847,14 @@ static NTSTATUS gensec_spnego_update(struct gensec_security *gensec_security, TA
 				return NT_STATUS_INVALID_PARAMETER;
 		}
 
+		ok = spnego_write_mech_types(spnego_state,
+					     my_mechs,
+					     &spnego_state->mech_types);
+		if (!ok) {
+			DEBUG(1, ("SPNEGO: Failed to write mechTypes\n"));
+			return NT_STATUS_NO_MEMORY;
+		}
+
 		/* set next state */
 		spnego_state->expected_packet = SPNEGO_NEG_TOKEN_TARG;
 		spnego_state->state_position = SPNEGO_CLIENT_TARG;