CVE-2016-2110: auth/ntlmssp: don't allow a downgrade from NTLMv2 to LM_AUTH
authorStefan Metzmacher <metze@samba.org>
Tue, 1 Dec 2015 14:01:09 +0000 (15:01 +0100)
committerStefan Metzmacher <metze@samba.org>
Tue, 12 Apr 2016 17:25:22 +0000 (19:25 +0200)
man smb.conf says "client ntlmv2 auth = yes" the default disables,
"client lanman auth = yes":

  ...
  Likewise, if the client ntlmv2 auth parameter is enabled, then only NTLMv2
  logins will be attempted.
  ...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: G√ľnther Deschner <gd@samba.org>
auth/ntlmssp/ntlmssp_client.c

index 8a7d58ff57312cf614c02b66f1972b764ac8636e..839d0595460e8b07dd6b47aacbdd261a4426be4b 100644 (file)
@@ -632,6 +632,8 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security)
 
        if (ntlmssp_state->use_ntlmv2) {
                ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2;
+               ntlmssp_state->allow_lm_response = false;
+               ntlmssp_state->allow_lm_key = false;
        }
 
        if (gensec_security->want_features & GENSEC_FEATURE_SESSION_KEY) {