CVE-2020-25717: s3:ntlm_auth: start with authoritative = 1

This is not strictly needed, but makes it easier to audit
that we don't miss important places.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556

Signed-off-by: Stefan Metzmacher <metze@samba.org>

diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index 7d7e603dc6f366abe0d29c67b6e89bc9af3548b5..78a00858fe6b34bdf8c49eb734a65b663d4533e8 100644 (file)
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -1768,7 +1768,7 @@ static void manage_ntlm_server_1_request(enum stdio_helper_mode stdio_helper_mod
                                TALLOC_FREE(mem_ctx);
 
                        } else {
-                               uint8_t authoritative = 0;
+                               uint8_t authoritative = 1;
 
                                if (!domain) {
                                        domain = smb_xstrdup(get_winbind_domain());
@@ -2284,7 +2284,7 @@ static bool check_auth_crap(void)
        char *hex_lm_key;
        char *hex_user_session_key;
        char *error_string;
-       uint8_t authoritative = 0;
+       uint8_t authoritative = 1;
 
        setbuf(stdout, NULL);
 

diff --git a/source3/utils/ntlm_auth_diagnostics.c b/source3/utils/ntlm_auth_diagnostics.c
index 41591a8de33920eee193dbb729f7cac4ff583ccb..fc0fc19bacb4280088e162ea35427b552ac796c7 100644 (file)
--- a/source3/utils/ntlm_auth_diagnostics.c
+++ b/source3/utils/ntlm_auth_diagnostics.c
@@ -54,7 +54,7 @@ static bool test_lm_ntlm_broken(enum ntlm_break break_which)
        DATA_BLOB lm_response = data_blob(NULL, 24);
        DATA_BLOB nt_response = data_blob(NULL, 24);
        DATA_BLOB session_key = data_blob(NULL, 16);
-       uint8_t authoritative = 0;
+       uint8_t authoritative = 1;
        uchar lm_key[8];
        uchar user_session_key[16];
        uchar lm_hash[16];
@@ -177,7 +177,7 @@ static bool test_ntlm_in_lm(void)
        NTSTATUS nt_status;
        uint32_t flags = 0;
        DATA_BLOB nt_response = data_blob(NULL, 24);
-       uint8_t authoritative = 0;
+       uint8_t authoritative = 1;
        uchar lm_key[8];
        uchar lm_hash[16];
        uchar user_session_key[16];
@@ -245,7 +245,7 @@ static bool test_ntlm_in_both(void)
        uint32_t flags = 0;
        DATA_BLOB nt_response = data_blob(NULL, 24);
        DATA_BLOB session_key = data_blob(NULL, 16);
-       uint8_t authoritative = 0;
+       uint8_t authoritative = 1;
        uint8_t lm_key[8];
        uint8_t lm_hash[16];
        uint8_t user_session_key[16];
@@ -322,7 +322,7 @@ static bool test_lmv2_ntlmv2_broken(enum ntlm_break break_which)
        DATA_BLOB lmv2_response = data_blob_null;
        DATA_BLOB ntlmv2_session_key = data_blob_null;
        DATA_BLOB names_blob = NTLMv2_generate_names_blob(NULL, get_winbind_netbios_name(), get_winbind_domain());
-       uint8_t authoritative = 0;
+       uint8_t authoritative = 1;
        uchar user_session_key[16];
        DATA_BLOB chall = get_challenge();
        char *error_string;
@@ -452,7 +452,7 @@ static bool test_plaintext(enum ntlm_break break_which)
        char *password;
        smb_ucs2_t *nt_response_ucs2;
        size_t converted_size;
-       uint8_t authoritative = 0;
+       uint8_t authoritative = 1;
        uchar user_session_key[16];
        uchar lm_key[16];
        static const uchar zeros[8] = { 0, };