sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-04 17:47:26 +03:00
Code

s3:ntlmssp Don't permit LM_KEY in combination with NTLMv2

Browse Source 
This is another 'belts and braces' check to avoid the use of the
weak 'LM_KEY' encryption when the client has chosen NTLMv2.

Andrew Bartlett

Signed-off-by: Günther Deschner <gd@samba.org>
This commit is contained in:
Andrew Bartlett 2010-08-06 20:24:35 +10:00 committed by Günther Deschner
parent f6cc686036
commit d112557a05
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
source3/libsmb/ntlmssp.c
View File

@ -617,7 +617,10 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
DEBUG(10,("ntlmssp_server_auth: Failed to create NTLM2 session key.\n"));
session_key = data_blob_null;
}
} else if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) {
} else if ((ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY)
/* Ensure we can never get here on NTLMv2 */
&& (ntlmssp_state->nt_resp.length == 0 || ntlmssp_state->nt_resp.length == 24)) {
if (lm_session_key.data && lm_session_key.length >= 8) {
if (ntlmssp_state->lm_resp.data && ntlmssp_state->lm_resp.length == 24) {
session_key = data_blob_talloc(ntlmssp_state,