From: Stefan Metzmacher <metze@samba.org>
Date: Sat, 12 Dec 2015 21:23:18 +0000 (+0100)
Subject: CVE-2016-2111: s4:torture/rpc: fix rpc.pac ntlmv2 test
X-Git-Tag: samba-4.2.10~182
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=eafd2ce23ac7d2b9a146f6473fec47a66b391e23;p=thirdparty%2Fsamba.git

CVE-2016-2111: s4:torture/rpc: fix rpc.pac ntlmv2 test

The computer name of the NTLMv2 blob needs to match
the schannel connection.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
---

diff --git a/source4/torture/rpc/remote_pac.c b/source4/torture/rpc/remote_pac.c
index 83fc8390680..aaf08e04713 100644
--- a/source4/torture/rpc/remote_pac.c
+++ b/source4/torture/rpc/remote_pac.c
@@ -729,8 +729,8 @@ static bool test_S2U4Self(struct torture_context *tctx,
 	chal = data_blob_const(ninfo.challenge,
 			       sizeof(ninfo.challenge));
 
-	names_blob = NTLMv2_generate_names_blob(tctx, cli_credentials_get_workstation(client_creds),
-						cli_credentials_get_domain(client_creds));
+	names_blob = NTLMv2_generate_names_blob(tctx, cli_credentials_get_workstation(server_creds),
+						cli_credentials_get_domain(server_creds));
 
 	status = cli_credentials_get_ntlm_response(client_creds, tctx,
 						   &flags,