From 8b76b05fe7aafe4b2bdc32d477bf2a20be71b6f3 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 30 Nov 2015 09:13:14 +0100 Subject: [PATCH] CVE-2016-2110: ntlmssp.idl: add NTLMSSP_MIC_{OFFSET,SIZE} MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644 Signed-off-by: Stefan Metzmacher Reviewed-by: Günther Deschner --- librpc/idl/ntlmssp.idl | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/librpc/idl/ntlmssp.idl b/librpc/idl/ntlmssp.idl index 15c700e82de..f041e32d548 100644 --- a/librpc/idl/ntlmssp.idl +++ b/librpc/idl/ntlmssp.idl @@ -244,9 +244,12 @@ interface ntlmssp [default] NTLMv2_RESPONSE v2; } ntlmssp_NTLM_RESPONSE; + const int NTLMSSP_MIC_OFFSET = 72; + const int NTLMSSP_MIC_SIZE = 16; + typedef [flag(NDR_PAHEX)] struct { - uint8 MIC[16]; - } MIC; + uint8 MIC[NTLMSSP_MIC_SIZE]; + } ntlmssp_MIC; /* [MS-NLMP] 2.2.1.3 AUTHENTICATE_MESSAGE */ @@ -275,7 +278,7 @@ interface ntlmssp [switch_is(NegotiateFlags & NTLMSSP_NEGOTIATE_VERSION)] ntlmssp_Version Version; /* MIC (Message Integrity) is only included when the client has * sent a timestap Av struct in the CHALLENGE_MESSAGE AvPair */ - /* [flag(NDR_REMAINING)] MIC mic; */ + /* [flag(NDR_REMAINING)] ntlmssp_MIC mic; */ } AUTHENTICATE_MESSAGE; /* NTLMSSP signature version */ -- 2.25.1