CVE-2016-2110: ntlmssp.idl: add NTLMSSP_MIC_{OFFSET,SIZE}
authorStefan Metzmacher <metze@samba.org>
Mon, 30 Nov 2015 08:13:14 +0000 (09:13 +0100)
committerStefan Metzmacher <metze@samba.org>
Tue, 12 Apr 2016 17:25:23 +0000 (19:25 +0200)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: G√ľnther Deschner <gd@samba.org>
librpc/idl/ntlmssp.idl

index 15c700e82de66a085a50bf5807dd42176c7fd51c..f041e32d548a52224035789f2a31a9aa4879a315 100644 (file)
@@ -244,9 +244,12 @@ interface ntlmssp
                [default] NTLMv2_RESPONSE v2;
        } ntlmssp_NTLM_RESPONSE;
 
                [default] NTLMv2_RESPONSE v2;
        } ntlmssp_NTLM_RESPONSE;
 
+       const int NTLMSSP_MIC_OFFSET = 72;
+       const int NTLMSSP_MIC_SIZE = 16;
+
        typedef [flag(NDR_PAHEX)] struct {
        typedef [flag(NDR_PAHEX)] struct {
-               uint8 MIC[16];
-       } MIC;
+               uint8 MIC[NTLMSSP_MIC_SIZE];
+       } ntlmssp_MIC;
 
        /* [MS-NLMP] 2.2.1.3 AUTHENTICATE_MESSAGE */
 
 
        /* [MS-NLMP] 2.2.1.3 AUTHENTICATE_MESSAGE */
 
@@ -275,7 +278,7 @@ interface ntlmssp
                [switch_is(NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)] ntlmssp_Version Version;
                /* MIC (Message Integrity) is only included when the client has
                 * sent a timestap Av struct in the CHALLENGE_MESSAGE AvPair */
                [switch_is(NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)] ntlmssp_Version Version;
                /* MIC (Message Integrity) is only included when the client has
                 * sent a timestap Av struct in the CHALLENGE_MESSAGE AvPair */
-               /* [flag(NDR_REMAINING)] MIC mic; */
+               /* [flag(NDR_REMAINING)] ntlmssp_MIC mic; */
        } AUTHENTICATE_MESSAGE;
 
        /* NTLMSSP signature version */
        } AUTHENTICATE_MESSAGE;
 
        /* NTLMSSP signature version */