From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 20 Nov 2015 08:29:11 +0000 (+0100)
Subject: CVE-2016-2110(<=4.2): auth/credentials: pass server_timestamp to cli_credentials_get_... 
X-Git-Tag: samba-4.2.10~195
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=741c532edbf5cd0fa1dff2a00c21055be832b833;p=thirdparty%2Fsamba.git

CVE-2016-2110(<=4.2): auth/credentials: pass server_timestamp to cli_credentials_get_ntlm_response()

This fixes the build in 4.2 and older versions.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
---

diff --git a/source4/winbind/wb_pam_auth.c b/source4/winbind/wb_pam_auth.c
index c84b51f4fe9..bb9cf42d772 100644
--- a/source4/winbind/wb_pam_auth.c
+++ b/source4/winbind/wb_pam_auth.c
@@ -250,7 +250,9 @@ struct composite_context *wb_cmd_pam_auth_send(TALLOC_CTX *mem_ctx,
 		cli_credentials_get_domain(credentials));
 
 	status = cli_credentials_get_ntlm_response(
-		credentials, mem_ctx, &flags, chal, names_blob,
+		credentials, mem_ctx, &flags, chal,
+		NULL, /* server_timestamp */
+		names_blob,
 		&lm_resp, &nt_resp, NULL, NULL);
 	if (!NT_STATUS_IS_OK(status)) {
 		return NULL;