From 819ddd89707115f885412931aa4bbe11af7a055a Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sat, 24 Jun 2017 13:16:03 +0200 Subject: [PATCH] auth/ntlmssp: enforce NTLMSSP_NEGOTIATE_NTLM2 for the NTLMv2 client case Some servers may not announce the NTLMSSP_NEGOTIATE_NTLM2 (a.k.a. NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY) bit. But if we're acting as a client using NTLMv2 we need to enforce this flag, because it's not really a negotiationable in that case. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12862 Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison (cherry picked from commit 8ee4f8236830eb3fa1b273fa6927792a800f86bd) --- auth/ntlmssp/ntlmssp_util.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/auth/ntlmssp/ntlmssp_util.c b/auth/ntlmssp/ntlmssp_util.c index 4ae6101f025..9c7325a23e0 100644 --- a/auth/ntlmssp/ntlmssp_util.c +++ b/auth/ntlmssp/ntlmssp_util.c @@ -75,6 +75,27 @@ NTSTATUS ntlmssp_handle_neg_flags(struct ntlmssp_state *ntlmssp_state, { uint32_t missing_flags = ntlmssp_state->required_flags; + if (ntlmssp_state->use_ntlmv2) { + /* + * Using NTLMv2 as a client implies + * using NTLMSSP_NEGOTIATE_NTLM2 + * (NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY) + * + * Note that 'use_ntlmv2' is only set + * true in the client case. + * + * Even if the server has a bug and does not announce + * it, we need to assume it's present. + * + * Note that we also have the flag + * in ntlmssp_state->required_flags, + * see gensec_ntlmssp_client_start(). + * + * See bug #12862. + */ + flags |= NTLMSSP_NEGOTIATE_NTLM2; + } + if (flags & NTLMSSP_NEGOTIATE_UNICODE) { ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_UNICODE; ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_OEM; -- 2.13.2.725.g09c95d1e9-goog