CVE-2016-2110: auth/ntlmssp: don't allow a downgrade from NTLMv2 to LM_AUTH
authorStefan Metzmacher <metze@samba.org>
Tue, 1 Dec 2015 14:01:09 +0000 (15:01 +0100)
committerStefan Metzmacher <metze@samba.org>
Tue, 12 Apr 2016 17:25:22 +0000 (19:25 +0200)
commitdc6e28d69a7fcc299c08e4368d8f137e6b59ed3a
tree507f112aa5af287e71f4027fbbb7ca50725ec3a1
parent7a6b3efdc6451c3cbb157ad8d808f86d154625dd
CVE-2016-2110: auth/ntlmssp: don't allow a downgrade from NTLMv2 to LM_AUTH

man smb.conf says "client ntlmv2 auth = yes" the default disables,
"client lanman auth = yes":

  ...
  Likewise, if the client ntlmv2 auth parameter is enabled, then only NTLMv2
  logins will be attempted.
  ...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: G√ľnther Deschner <gd@samba.org>
auth/ntlmssp/ntlmssp_client.c