git.samba.org
/
bbaumbach
/
samba-autobuild
/
.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
1da744b
)
CVE-2016-2112: s4:libcli/ldap: auto upgrade to SIGN after STRONG_AUTH_REQUIRED
author
Stefan Metzmacher
<metze@samba.org>
Fri, 18 Dec 2015 07:29:50 +0000
(08:29 +0100)
committer
Stefan Metzmacher
<metze@samba.org>
Tue, 12 Apr 2016 17:25:24 +0000
(19:25 +0200)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
source4/libcli/ldap/ldap_bind.c
patch
|
blob
|
history
diff --git
a/source4/libcli/ldap/ldap_bind.c
b/source4/libcli/ldap/ldap_bind.c
index 79478e775d8115c52cabb7d8234c7f0bd359106d..c5d821982c6acc41bd538e5286f1159029ce83b6 100644
(file)
--- a/
source4/libcli/ldap/ldap_bind.c
+++ b/
source4/libcli/ldap/ldap_bind.c
@@
-437,6
+437,13
@@
try_logon_again:
result = response->r.BindResponse.response.resultcode;
+ if (result == LDAP_STRONG_AUTH_REQUIRED) {
+ if (wrap_flags == 0) {
+ wrap_flags = ADS_AUTH_SASL_SIGN;
+ goto try_logon_again;
+ }
+ }
+
if (result == LDAP_INVALID_CREDENTIALS) {
/*
try a second time on invalid credentials, to