mirror of
https://github.com/samba-team/samba.git
synced 2025-01-11 05:18:09 +03:00
CVE-2020-25717: s3:ntlm_auth: start with authoritative = 1
This is not strictly needed, but makes it easier to audit that we don't miss important places. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
parent
76ec5f9409
commit
cc6d63100c
@ -1931,7 +1931,7 @@ static void manage_ntlm_server_1_request(enum stdio_helper_mode stdio_helper_mod
|
|||||||
TALLOC_FREE(mem_ctx);
|
TALLOC_FREE(mem_ctx);
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
uint8_t authoritative = 0;
|
uint8_t authoritative = 1;
|
||||||
|
|
||||||
if (!domain) {
|
if (!domain) {
|
||||||
domain = smb_xstrdup(get_winbind_domain());
|
domain = smb_xstrdup(get_winbind_domain());
|
||||||
@ -2447,7 +2447,7 @@ static bool check_auth_crap(void)
|
|||||||
char *hex_lm_key;
|
char *hex_lm_key;
|
||||||
char *hex_user_session_key;
|
char *hex_user_session_key;
|
||||||
char *error_string;
|
char *error_string;
|
||||||
uint8_t authoritative = 0;
|
uint8_t authoritative = 1;
|
||||||
|
|
||||||
setbuf(stdout, NULL);
|
setbuf(stdout, NULL);
|
||||||
|
|
||||||
|
@ -54,7 +54,7 @@ static bool test_lm_ntlm_broken(enum ntlm_break break_which)
|
|||||||
DATA_BLOB lm_response = data_blob(NULL, 24);
|
DATA_BLOB lm_response = data_blob(NULL, 24);
|
||||||
DATA_BLOB nt_response = data_blob(NULL, 24);
|
DATA_BLOB nt_response = data_blob(NULL, 24);
|
||||||
DATA_BLOB session_key = data_blob(NULL, 16);
|
DATA_BLOB session_key = data_blob(NULL, 16);
|
||||||
uint8_t authoritative = 0;
|
uint8_t authoritative = 1;
|
||||||
uchar lm_key[8];
|
uchar lm_key[8];
|
||||||
uchar user_session_key[16];
|
uchar user_session_key[16];
|
||||||
uchar lm_hash[16];
|
uchar lm_hash[16];
|
||||||
@ -177,7 +177,7 @@ static bool test_ntlm_in_lm(void)
|
|||||||
NTSTATUS nt_status;
|
NTSTATUS nt_status;
|
||||||
uint32_t flags = 0;
|
uint32_t flags = 0;
|
||||||
DATA_BLOB nt_response = data_blob(NULL, 24);
|
DATA_BLOB nt_response = data_blob(NULL, 24);
|
||||||
uint8_t authoritative = 0;
|
uint8_t authoritative = 1;
|
||||||
uchar lm_key[8];
|
uchar lm_key[8];
|
||||||
uchar lm_hash[16];
|
uchar lm_hash[16];
|
||||||
uchar user_session_key[16];
|
uchar user_session_key[16];
|
||||||
@ -245,7 +245,7 @@ static bool test_ntlm_in_both(void)
|
|||||||
uint32_t flags = 0;
|
uint32_t flags = 0;
|
||||||
DATA_BLOB nt_response = data_blob(NULL, 24);
|
DATA_BLOB nt_response = data_blob(NULL, 24);
|
||||||
DATA_BLOB session_key = data_blob(NULL, 16);
|
DATA_BLOB session_key = data_blob(NULL, 16);
|
||||||
uint8_t authoritative = 0;
|
uint8_t authoritative = 1;
|
||||||
uint8_t lm_key[8];
|
uint8_t lm_key[8];
|
||||||
uint8_t lm_hash[16];
|
uint8_t lm_hash[16];
|
||||||
uint8_t user_session_key[16];
|
uint8_t user_session_key[16];
|
||||||
@ -322,7 +322,7 @@ static bool test_lmv2_ntlmv2_broken(enum ntlm_break break_which)
|
|||||||
DATA_BLOB lmv2_response = data_blob_null;
|
DATA_BLOB lmv2_response = data_blob_null;
|
||||||
DATA_BLOB ntlmv2_session_key = data_blob_null;
|
DATA_BLOB ntlmv2_session_key = data_blob_null;
|
||||||
DATA_BLOB names_blob = NTLMv2_generate_names_blob(NULL, get_winbind_netbios_name(), get_winbind_domain());
|
DATA_BLOB names_blob = NTLMv2_generate_names_blob(NULL, get_winbind_netbios_name(), get_winbind_domain());
|
||||||
uint8_t authoritative = 0;
|
uint8_t authoritative = 1;
|
||||||
uchar user_session_key[16];
|
uchar user_session_key[16];
|
||||||
DATA_BLOB chall = get_challenge();
|
DATA_BLOB chall = get_challenge();
|
||||||
char *error_string;
|
char *error_string;
|
||||||
@ -452,7 +452,7 @@ static bool test_plaintext(enum ntlm_break break_which)
|
|||||||
char *password;
|
char *password;
|
||||||
smb_ucs2_t *nt_response_ucs2;
|
smb_ucs2_t *nt_response_ucs2;
|
||||||
size_t converted_size;
|
size_t converted_size;
|
||||||
uint8_t authoritative = 0;
|
uint8_t authoritative = 1;
|
||||||
uchar user_session_key[16];
|
uchar user_session_key[16];
|
||||||
uchar lm_key[16];
|
uchar lm_key[16];
|
||||||
static const uchar zeros[8] = { 0, };
|
static const uchar zeros[8] = { 0, };
|
||||||
|
Loading…
Reference in New Issue
Block a user