sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-20 22:50:26 +03:00
Code

CVE-2016-2111: s4:torture/base: don't use ntlmv2 for dos connection in base.samba3error

Browse Source 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
This commit is contained in:
Stefan Metzmacher 2016-03-26 22:24:23 +01:00
parent 8e1e621ef1
commit b6899e111c
1 changed files with 17 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
source4/torture/basic/base.c
View File

@ -1527,6 +1527,7 @@ static bool torture_chkpath_test(struct torture_context *tctx,
static bool torture_samba3_errorpaths(struct torture_context *tctx)
{
bool nt_status_support;
bool client_ntlmv2_auth;
struct smbcli_state *cli_nt = NULL, *cli_dos = NULL;
bool result = false;
int fnum;
@ -1536,18 +1537,27 @@ static bool torture_samba3_errorpaths(struct torture_context *tctx)
NTSTATUS status;
nt_status_support = lpcfg_nt_status_support(tctx->lp_ctx);
client_ntlmv2_auth = lpcfg_client_ntlmv2_auth(tctx->lp_ctx);
if (!lpcfg_set_cmdline(tctx->lp_ctx, "nt status support", "yes")) {
torture_result(tctx, TORTURE_FAIL, "Could not set 'nt status support = yes'\n");
goto fail;
}
if (!lpcfg_set_cmdline(tctx->lp_ctx, "client ntlmv2 auth", "yes")) {
torture_result(tctx, TORTURE_FAIL, "Could not set 'client ntlmv2 auth = yes'\n");
goto fail;
}
if (!torture_open_connection(&cli_nt, tctx, 0)) {
goto fail;
}
if (!lpcfg_set_cmdline(tctx->lp_ctx, "nt status support", "no")) {
torture_result(tctx, TORTURE_FAIL, "Could not set 'nt status support = yes'\n");
torture_result(tctx, TORTURE_FAIL, "Could not set 'nt status support = no'\n");
goto fail;
}
if (!lpcfg_set_cmdline(tctx->lp_ctx, "client ntlmv2 auth", "no")) {
torture_result(tctx, TORTURE_FAIL, "Could not set 'client ntlmv2 auth = no'\n");
goto fail;
}
@ -1557,7 +1567,12 @@ static bool torture_samba3_errorpaths(struct torture_context *tctx)
if (!lpcfg_set_cmdline(tctx->lp_ctx, "nt status support",
nt_status_support ? "yes":"no")) {
torture_result(tctx, TORTURE_FAIL, "Could not reset 'nt status support = yes'");
torture_result(tctx, TORTURE_FAIL, "Could not reset 'nt status support'");
goto fail;
}
if (!lpcfg_set_cmdline(tctx->lp_ctx, "client ntlmv2 auth",
client_ntlmv2_auth ? "yes":"no")) {
torture_result(tctx, TORTURE_FAIL, "Could not reset 'client ntlmv2 auth'");
goto fail;
}