CVE-2016-2110: auth/gensec: add gensec_may_reset_crypto() infrastructure

author Stefan Metzmacher <metze@samba.org>

Tue, 17 Dec 2013 10:49:31 +0000 (11:49 +0100)

committer Stefan Metzmacher <metze@samba.org>

Mon, 28 Mar 2016 22:42:07 +0000 (00:42 +0200)
author Stefan Metzmacher <metze@samba.org>
Tue, 17 Dec 2013 10:49:31 +0000 (11:49 +0100)
committer Stefan Metzmacher <metze@samba.org>
Mon, 28 Mar 2016 22:42:07 +0000 (00:42 +0200)
diff --git a/auth/gensec/gensec.c b/auth/gensec/gensec.c

index 548091a54ea1f7ea7873ac4340a38e82e44b6170..4d0968b298f74706620a93ab8471a4ff7883ede2 100644 (file)
--- a/auth/gensec/gensec.c
+++ b/auth/gensec/gensec.c
@@ -30,6 +30,16 @@
  #include "auth/gensec/gensec_internal.h"
  #include "librpc/gen_ndr/dcerpc.h"
  
+_PRIVATE_ NTSTATUS gensec_may_reset_crypto(struct gensec_security *gensec_security,
+                                          bool full_reset)
+{
+       if (!gensec_security->ops->may_reset_crypto) {
+               return NT_STATUS_OK;
+       }
+
+       return gensec_security->ops->may_reset_crypto(gensec_security, full_reset);
+}
+
  /*
    wrappers for the gensec function pointers
  */
diff --git a/auth/gensec/gensec_internal.h b/auth/gensec/gensec_internal.h

index 27511966ca9ad17fd64d49454a78b178b0400886..55352417e99a5e7b29f6603e0916b09a1914ff66 100644 (file)
--- a/auth/gensec/gensec_internal.h
+++ b/auth/gensec/gensec_internal.h
@@ -47,6 +47,8 @@ struct gensec_security_ops {
         NTSTATUS (*update_recv)(struct tevent_req *req,
                                 TALLOC_CTX *out_mem_ctx,
                                 DATA_BLOB *out);
+       NTSTATUS (*may_reset_crypto)(struct gensec_security *gensec_security,
+                                    bool full_reset);
         NTSTATUS (*seal_packet)(struct gensec_security *gensec_security, TALLOC_CTX *sig_mem_ctx,
                                 uint8_t *data, size_t length,
                                 const uint8_t *whole_pdu, size_t pdu_length,
@@ -121,4 +123,7 @@ struct gensec_critical_sizes {
         int sizeof_gensec_security;
  };
  
+NTSTATUS gensec_may_reset_crypto(struct gensec_security *gensec_security,
+                                bool full_reset);
+
  #endif /* __GENSEC_H__ */
diff --git a/auth/gensec/spnego.c b/auth/gensec/spnego.c

index 7978f7bcab4d6db5a80c5463f962dc300c3eaa49..1d4b172e476ed628df3f18ff89df71f42d439f7d 100644 (file)
--- a/auth/gensec/spnego.c
+++ b/auth/gensec/spnego.c
@@ -1426,7 +1426,14 @@ static NTSTATUS gensec_spnego_update_wrapper(struct gensec_security *gensec_secu
         data_blob_free(&spnego_state->in_frag);
         spnego_state->in_needed = 0;
         if (NT_STATUS_IS_OK(status)) {
+               bool reset_full = true;
+
                 gensec_security->child_security = spnego_state->sub_sec_security;
+
+               reset_full = !spnego_state->done_mic_check;
+
+               status = gensec_may_reset_crypto(spnego_state->sub_sec_security,
+                                                reset_full);
         }
         if (!NT_STATUS_IS_OK(status) &&
             !NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
author	Stefan Metzmacher <metze@samba.org>
	Tue, 17 Dec 2013 10:49:31 +0000 (11:49 +0100)
committer	Stefan Metzmacher <metze@samba.org>
	Mon, 28 Mar 2016 22:42:07 +0000 (00:42 +0200)
auth/gensec/gensec.c		patch \| blob \| blame \| history
auth/gensec/gensec_internal.h		patch \| blob \| blame \| history
auth/gensec/spnego.c		patch \| blob \| blame \| history