CVE-2016-2110(<=4.2): auth/credentials: pass server_timestamp to cli_credentials_get_...

This fixes the build in 4.2 and older versions.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

diff --git a/source4/winbind/wb_pam_auth.c b/source4/winbind/wb_pam_auth.c
index c84b51f4fe937c302b61f6f5e80cd7ff697722cb..bb9cf42d77258e7d607a6a1f6cad2c23f34c8c98 100644 (file)
--- a/source4/winbind/wb_pam_auth.c
+++ b/source4/winbind/wb_pam_auth.c
@@ -250,7 +250,9 @@ struct composite_context *wb_cmd_pam_auth_send(TALLOC_CTX *mem_ctx,
                cli_credentials_get_domain(credentials));
 
        status = cli_credentials_get_ntlm_response(
-               credentials, mem_ctx, &flags, chal, names_blob,
+               credentials, mem_ctx, &flags, chal,
+               NULL, /* server_timestamp */
+               names_blob,
                &lm_resp, &nt_resp, NULL, NULL);
        if (!NT_STATUS_IS_OK(status)) {
                return NULL;