ntlmssp: Refuse to seal if we did not negotiate to sign

Signed-off-by: Stefan Metzmacher <metze@samba.org>
author: Andrew Bartlett <abartlet@samba.org> 2011-10-15 14:56:11 +1100
committer: Andrew Bartlett <abartlet@samba.org> 2011-10-18 13:13:33 +1100
commit: 3f9ab2e8e7437ad2775ecd7b87c20804089b58cb (patch)
tree: 31780e01e1e9db7dbf67fa84f85c2a6d2adc00e5 /auth/ntlmssp
parent: 86d684e4d663141370b7332a9ab37e46f6ef68db (diff)
download: samba-3f9ab2e8e7437ad2775ecd7b87c20804089b58cb.tar.gz
samba-3f9ab2e8e7437ad2775ecd7b87c20804089b58cb.tar.bz2
samba-3f9ab2e8e7437ad2775ecd7b87c20804089b58cb.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/auth/ntlmssp/ntlmssp_sign.c b/auth/ntlmssp/ntlmssp_sign.c
index 019ea3ce3b..a5c57d8423 100644
--- a/auth/ntlmssp/ntlmssp_sign.c
+++ b/auth/ntlmssp/ntlmssp_sign.c
@@ -274,6 +274,11 @@ NTSTATUS ntlmssp_seal_packet(struct ntlmssp_state *ntlmssp_state,
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 
+	if (!(ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SIGN)) {
+		DEBUG(3, ("NTLMSSP Sealing not negotiated - cannot seal packet!\n"));
+		return NT_STATUS_INVALID_PARAMETER;
+	}
+
 	if (!ntlmssp_state->session_key.length) {
 		DEBUG(3, ("NO session key, cannot seal packet\n"));
 		return NT_STATUS_NO_USER_SESSION_KEY;
author	Andrew Bartlett <abartlet@samba.org>	2011-10-15 14:56:11 +1100
committer	Andrew Bartlett <abartlet@samba.org>	2011-10-18 13:13:33 +1100
commit	3f9ab2e8e7437ad2775ecd7b87c20804089b58cb (patch)
tree	31780e01e1e9db7dbf67fa84f85c2a6d2adc00e5 /auth/ntlmssp
parent	86d684e4d663141370b7332a9ab37e46f6ef68db (diff)
download	samba-3f9ab2e8e7437ad2775ecd7b87c20804089b58cb.tar.gz samba-3f9ab2e8e7437ad2775ecd7b87c20804089b58cb.tar.bz2 samba-3f9ab2e8e7437ad2775ecd7b87c20804089b58cb.zip