CVE-2018-1139 s3-utils: use enum ntlm_auth_level in ntlm_password_che…

…ck(). BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360 CVE-2018-1139: Weak authentication protocol allowed. Guenther Signed-off-by: Guenther Deschner <[email protected]> Reviewed-by: Andreas Schneider <[email protected]> Reviewed-by: Jeremy Allison <[email protected]> Reviewed-by: Gary Lockyer <[email protected]>
masumbuet · Aug 14, 2018 · 947cf38 · 947cf38
1 parent 1d89fe9
commit 947cf38
Showing 1 changed file with 4 additions and 2 deletions.
diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
@@ -1014,7 +1014,7 @@ static NTSTATUS local_pw_check(struct auth4_context *auth4_context,
 	*pauthoritative = 1;
 
 	nt_status = ntlm_password_check(mem_ctx,
-					true, true, 0,
+					true, NTLM_AUTH_ON, 0,
 					&auth4_context->challenge.data,
 					&user_info->password.response.lanman,
 					&user_info->password.response.nt,
@@ -1735,7 +1735,9 @@ static void manage_ntlm_server_1_request(enum stdio_helper_mode stdio_helper_mod
 
 				nt_lm_owf_gen (opt_password, nt_pw.hash, lm_pw.hash);
 				nt_status = ntlm_password_check(mem_ctx,
-								true, true, 0,
+								true,
+								NTLM_AUTH_ON,
+								0,
 								&challenge,
 								&lm_response,
 								&nt_response,