summaryrefslogtreecommitdiff
path: root/auth
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-10-15 14:56:11 +1100
committerAndrew Bartlett <abartlet@samba.org>2011-10-18 13:13:33 +1100
commit3f9ab2e8e7437ad2775ecd7b87c20804089b58cb (patch)
tree31780e01e1e9db7dbf67fa84f85c2a6d2adc00e5 /auth
parent86d684e4d663141370b7332a9ab37e46f6ef68db (diff)
downloadsamba-3f9ab2e8e7437ad2775ecd7b87c20804089b58cb.tar.gz
samba-3f9ab2e8e7437ad2775ecd7b87c20804089b58cb.tar.bz2
samba-3f9ab2e8e7437ad2775ecd7b87c20804089b58cb.zip
ntlmssp: Refuse to seal if we did not negotiate to sign
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'auth')
-rw-r--r--auth/ntlmssp/ntlmssp_sign.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/auth/ntlmssp/ntlmssp_sign.c b/auth/ntlmssp/ntlmssp_sign.c
index 019ea3ce3b..a5c57d8423 100644
--- a/auth/ntlmssp/ntlmssp_sign.c
+++ b/auth/ntlmssp/ntlmssp_sign.c
@@ -274,6 +274,11 @@ NTSTATUS ntlmssp_seal_packet(struct ntlmssp_state *ntlmssp_state,
return NT_STATUS_INVALID_PARAMETER;
}
+ if (!(ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SIGN)) {
+ DEBUG(3, ("NTLMSSP Sealing not negotiated - cannot seal packet!\n"));
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
if (!ntlmssp_state->session_key.length) {
DEBUG(3, ("NO session key, cannot seal packet\n"));
return NT_STATUS_NO_USER_SESSION_KEY;