Bug 14990 - We should refuse to send unencrypted session keys in SamLogonWithFlags
Summary: We should refuse to send unencrypted session keys in SamLogonWithFlags
Status: NEW
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB (show other bugs)
Version: unspecified
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Samba QA Contact
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2022-02-25 20:58 UTC by Andrew Bartlett
Modified: 2022-02-25 20:58 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Andrew Bartlett 2022-02-25 20:58:49 UTC 
https://dirkjanm.io/a-different-way-of-abusing-zerologon/ shows that the protocol layering allows access to this line:
https://git.samba.org/?p=samba.git;a=blob;f=libcli/auth/credentials.c#l872 via SamLogonWithFlags(), which is not restricted to schannel.

I think we should fail the operation, but perhaps this doesn't matter given how strictly we lock down secure channel these days.