CVE-2020-25717: s4:auth_simple: start with authoritative = 1

This is not strictly needed, but makes it easier to audit
that we don't miss important places.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/auth/ntlm/auth_simple.c b/source4/auth/ntlm/auth_simple.c
index 8df160cefc37f736c4d8b019a637f222f4951002..8301aec519ca94440a789fe7536aa6b28d8e8de0 100644 (file)
--- a/source4/auth/ntlm/auth_simple.c
+++ b/source4/auth/ntlm/auth_simple.c
@@ -150,7 +150,7 @@ static void authenticate_ldap_simple_bind_done(struct tevent_req *subreq)
        const struct tsocket_address *local_address = user_info->local_host;
        const char *transport_protection = AUTHZ_TRANSPORT_PROTECTION_NONE;
        struct auth_user_info_dc *user_info_dc = NULL;
-       uint8_t authoritative = 0;
+       uint8_t authoritative = 1;
        uint32_t flags = 0;
        NTSTATUS nt_status;