From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 26 Oct 2021 15:42:41 +0000 (+0200)
Subject: CVE-2020-25717: s4:smb_server: start with authoritative = 1
X-Git-Tag: ldb-2.5.0~260
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=9a2351581416223a4486c33378f430f510a03db4;p=thirdparty%2Fsamba.git

CVE-2020-25717: s4:smb_server: start with authoritative = 1

This is not strictly needed, but makes it easier to audit
that we don't miss important places.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/source4/smb_server/smb/sesssetup.c b/source4/smb_server/smb/sesssetup.c
index 68cdd70feff..8428ca3fabb 100644
--- a/source4/smb_server/smb/sesssetup.c
+++ b/source4/smb_server/smb/sesssetup.c
@@ -102,7 +102,7 @@ static void sesssetup_old_send(struct tevent_req *subreq)
 	struct auth_session_info *session_info;
 	struct smbsrv_session *smb_sess;
 	NTSTATUS status;
-	uint8_t authoritative = 0;
+	uint8_t authoritative = 1;
 	uint32_t flags;
 
 	status = auth_check_password_recv(subreq, req, &user_info_dc,
@@ -243,7 +243,7 @@ static void sesssetup_nt1_send(struct tevent_req *subreq)
 	struct auth_user_info_dc *user_info_dc = NULL;
 	struct auth_session_info *session_info;
 	struct smbsrv_session *smb_sess;
-	uint8_t authoritative = 0;
+	uint8_t authoritative = 1;
 	uint32_t flags;
 	NTSTATUS status;