mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
CVE-2016-2110: auth/ntlmssp: call ntlmssp_sign_init if we provide GENSEC_FEATURE_SIGN
It's important to check if got the GENSEC_FEATURE_SIGN and if the caller wanted it. The caller may only asked for GENSEC_FEATURE_SESSION_KEY which implicitly negotiates NTLMSSP_NEGOTIATE_SIGN, which might indicate GENSEC_FEATURE_SIGN to the SPNEGO glue code. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
This commit is contained in:
parent
1e3bd3e6ac
commit
fa8c65626e
@ -538,7 +538,7 @@ done:
|
||||
|
||||
ntlmssp_state->expected_state = NTLMSSP_DONE;
|
||||
|
||||
if (gensec_security->want_features & (GENSEC_FEATURE_SIGN|GENSEC_FEATURE_SEAL)) {
|
||||
if (gensec_ntlmssp_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) {
|
||||
nt_status = ntlmssp_sign_init(ntlmssp_state);
|
||||
if (!NT_STATUS_IS_OK(nt_status)) {
|
||||
DEBUG(1, ("Could not setup NTLMSSP signing/sealing system (error was: %s)\n",
|
||||
|
@ -598,7 +598,7 @@ static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security,
|
||||
talloc_steal(ntlmssp_state, session_key.data);
|
||||
}
|
||||
|
||||
if (ntlmssp_state->session_key.length) {
|
||||
if (gensec_ntlmssp_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) {
|
||||
nt_status = ntlmssp_sign_init(ntlmssp_state);
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user