From 84f4313aa9b86b4ceada42d6a3d80821d6fc7d0b Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 2 Oct 2024 15:03:21 +0200 Subject: [PATCH] libcli/auth: don't allow any unexpected upgrades of negotiate_flags Only remove the unsupported flags from state->current_flags for the next try... BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425 Signed-off-by: Stefan Metzmacher Reviewed-by: Douglas Bagnall (cherry picked from commit a9040c8ce76cb9911c4c0c5d623cc479e49f460d) --- libcli/auth/netlogon_creds_cli.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/libcli/auth/netlogon_creds_cli.c b/libcli/auth/netlogon_creds_cli.c index 154906342b7..1a196620751 100644 --- a/libcli/auth/netlogon_creds_cli.c +++ b/libcli/auth/netlogon_creds_cli.c @@ -1478,14 +1478,16 @@ static void netlogon_creds_cli_auth_srvauth_done(struct tevent_req *subreq) } if (NT_STATUS_EQUAL(result, NT_STATUS_ACCESS_DENIED)) { - uint32_t tmp_flags = state->context->client.proposed_flags; - if ((state->current_flags == tmp_flags) && - (state->creds->negotiate_flags != tmp_flags)) - { + uint32_t prop_f = state->context->client.proposed_flags; + uint32_t cli_f = state->current_flags; + uint32_t srv_f = state->creds->negotiate_flags; + uint32_t nego_f = cli_f & srv_f; + + if (cli_f == prop_f && nego_f != prop_f) { /* * lets retry with the negotiated flags */ - state->current_flags = state->creds->negotiate_flags; + state->current_flags = nego_f; netlogon_creds_cli_auth_challenge_start(req); return; } -- 2.47.2