diff options
author | Andrew Bartlett <abartlet@samba.org> | 2011-10-15 14:56:11 +1100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2011-10-18 13:13:33 +1100 |
commit | 3f9ab2e8e7437ad2775ecd7b87c20804089b58cb (patch) | |
tree | 31780e01e1e9db7dbf67fa84f85c2a6d2adc00e5 | |
parent | 86d684e4d663141370b7332a9ab37e46f6ef68db (diff) | |
download | samba-3f9ab2e8e7437ad2775ecd7b87c20804089b58cb.tar.gz samba-3f9ab2e8e7437ad2775ecd7b87c20804089b58cb.tar.bz2 samba-3f9ab2e8e7437ad2775ecd7b87c20804089b58cb.zip |
ntlmssp: Refuse to seal if we did not negotiate to sign
Signed-off-by: Stefan Metzmacher <metze@samba.org>
-rw-r--r-- | auth/ntlmssp/ntlmssp_sign.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/auth/ntlmssp/ntlmssp_sign.c b/auth/ntlmssp/ntlmssp_sign.c index 019ea3ce3b..a5c57d8423 100644 --- a/auth/ntlmssp/ntlmssp_sign.c +++ b/auth/ntlmssp/ntlmssp_sign.c @@ -274,6 +274,11 @@ NTSTATUS ntlmssp_seal_packet(struct ntlmssp_state *ntlmssp_state, return NT_STATUS_INVALID_PARAMETER; } + if (!(ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SIGN)) { + DEBUG(3, ("NTLMSSP Sealing not negotiated - cannot seal packet!\n")); + return NT_STATUS_INVALID_PARAMETER; + } + if (!ntlmssp_state->session_key.length) { DEBUG(3, ("NO session key, cannot seal packet\n")); return NT_STATUS_NO_USER_SESSION_KEY; |