]> git.ipfire.org Git - thirdparty/samba.git/commit
projects / thirdparty / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 65deaae) | patch
CVE-2016-2110: auth/gensec: add gensec_may_reset_crypto() infrastructure
authorStefan Metzmacher <metze@samba.org>
Tue, 17 Dec 2013 10:49:31 +0000 (11:49 +0100)
committerStefan Metzmacher <metze@samba.org>
Mon, 28 Mar 2016 22:42:07 +0000 (00:42 +0200)
commit2e35e39fc33071c03f3b1c60641e2f87d37ef3b0
tree7d193bd062f33f4189a8e71caa6e1b4da239ea17tree
parent65deaae1f249fa4cc1f9d5471cc77cfe8c032b2dcommit | diff
CVE-2016-2110: auth/gensec: add gensec_may_reset_crypto() infrastructure

[MS-SPNG] requires the NTLMSSP RC4 states to be reset after
the SPNEGO exchange with mechListMic verification (new_spnego).

This provides the infrastructure for this feature.

The 'reset_full' parameter is needed to support the broken
behavior that windows only resets the RC4 states but not the
sequence numbers. Which means this functionality is completely
useless... But we want to work against all windows versions...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
auth/gensec/gensec.c diff | blob | blame | history
auth/gensec/gensec_internal.h diff | blob | blame | history
auth/gensec/spnego.c diff | blob | blame | history
Mirror of https://github.com/samba-team/samba.git