CVE-2016-2110: auth/ntlmssp: let gensec_ntlmssp_client_start require NTLM2 (EXTENDED_...
authorStefan Metzmacher <metze@samba.org>
Tue, 1 Dec 2015 13:54:13 +0000 (14:54 +0100)
committerStefan Metzmacher <metze@samba.org>
Tue, 12 Apr 2016 17:25:22 +0000 (19:25 +0200)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: G√ľnther Deschner <gd@samba.org>
auth/ntlmssp/ntlmssp_client.c

index 1b7f87aa7a1dac0e8a2d1dbaaec26b33cbf7f59c..49933cb11b9cbc532cf0c0ddfc2d2065a87dd97f 100644 (file)
@@ -633,7 +633,7 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security)
        }
 
        if (ntlmssp_state->use_ntlmv2) {
        }
 
        if (ntlmssp_state->use_ntlmv2) {
-               ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2;
+               ntlmssp_state->required_flags |= NTLMSSP_NEGOTIATE_NTLM2;
                ntlmssp_state->allow_lm_response = false;
                ntlmssp_state->allow_lm_key = false;
        }
                ntlmssp_state->allow_lm_response = false;
                ntlmssp_state->allow_lm_key = false;
        }