CVE-2016-2110: winbindd: add new_spnego to the WINBINDD_CCACHE_NTLMAUTH response
authorStefan Metzmacher <metze@samba.org>
Fri, 20 Nov 2015 13:06:18 +0000 (14:06 +0100)
committerStefan Metzmacher <metze@samba.org>
Tue, 12 Apr 2016 17:25:22 +0000 (19:25 +0200)
commit2063692367429d0767153b6a0d22627cb2c27d5f
tree0c4576e300380df406a64a346b34f99cf3765417
parent83c71586dc4d46ecc4a129e23f11aa192ca8002f
CVE-2016-2110: winbindd: add new_spnego to the WINBINDD_CCACHE_NTLMAUTH response

We don't need to change the protocol version because:

1. An old client may provide the "initial_blob"
   (which was and is still ignored when going
   via the wbcCredentialCache() function)
   and the new winbindd won't use new_spnego.

2. A new client will just get a zero byte
   from an old winbindd. As it uses talloc_zero() to
   create struct winbindd_response.

3. Changing the version number would introduce problems
   with backports to older Samba versions.

New clients which are capable of using the new_spnego field
will use "negotiate_blob" instead of "initial_blob".

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: G√ľnther Deschner <gd@samba.org>
nsswitch/libwbclient/wbc_pam.c
nsswitch/winbind_struct_protocol.h
source3/winbindd/winbindd_ccache_access.c