From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 26 Oct 2021 15:42:41 +0000 (+0200)
Subject: CVE-2020-25717: s3:rpcclient: start with authoritative = 1
X-Git-Tag: ldb-2.5.0~256
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=4cda41677ccb6d68289bafdf4d486e85b6beb2a7;p=thirdparty%2Fsamba.git

CVE-2020-25717: s3:rpcclient: start with authoritative = 1

This is not strictly needed, but makes it easier to audit
that we don't miss important places.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/source3/rpcclient/cmd_netlogon.c b/source3/rpcclient/cmd_netlogon.c
index 18e1862ebaa..bb5b9dafed4 100644
--- a/source3/rpcclient/cmd_netlogon.c
+++ b/source3/rpcclient/cmd_netlogon.c
@@ -497,7 +497,7 @@ static NTSTATUS cmd_netlogon_sam_logon(struct rpc_pipe_client *cli,
 	uint32_t logon_param = 0;
 	const char *workstation = NULL;
 	struct netr_SamInfo3 *info3 = NULL;
-	uint8_t authoritative = 0;
+	uint8_t authoritative = 1;
 	uint32_t flags = 0;
 	uint16_t validation_level;
 	union netr_Validation *validation = NULL;