CVE-2016-2110: libcli/auth: pass server_timestamp to SMBNTLMv2encrypt_hash()
[samba.git] / source4 / auth / ntlm / auth_util.c
index 16977fa00a3b60f368bb3a2b2a4d61fa146c3964..3e5a0da59c2ebeab3f65d0792d9b4d8399b9074d 100644 (file)
@@ -350,7 +350,9 @@ NTSTATUS encrypt_user_info(TALLOC_CTX *mem_ctx, struct auth4_context *auth_conte
                                if (!SMBNTLMv2encrypt_hash(user_info_temp,
                                                           user_info_in->client.account_name, 
                                                           user_info_in->client.domain_name, 
-                                                          user_info_in->password.hash.nt->hash, &chall_blob,
+                                                          user_info_in->password.hash.nt->hash,
+                                                          &chall_blob,
+                                                          NULL, /* server_timestamp */
                                                           &names_blob,
                                                           &lmv2_response, &ntlmv2_response, 
                                                           &lmv2_session_key, &ntlmv2_session_key)) {