mirror of
https://github.com/samba-team/samba.git
synced 2025-01-22 22:04:08 +03:00
CVE-2023-3347: smbd: fix "server signing = mandatory"
This was broken by commit 1f3f6e20dc086a36de52bffd0bc36e15fb19e1c6 because when calling srv_init_signing() very early after accepting the connection in smbd_add_connection(), conn->protocol is still PROTOCOL_NONE. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15397 Signed-off-by: Ralph Boehme <slow@samba.org>
This commit is contained in:
parent
a22fcb6891
commit
6c1128b118
@ -1 +0,0 @@
|
||||
^samba3.smb2.session-require-signing.bug15397
|
@ -37,19 +37,16 @@ bool srv_init_signing(struct smbXsrv_connection *conn)
|
||||
return false;
|
||||
}
|
||||
|
||||
/*
|
||||
* For SMB2 all we need to know is if signing is mandatory.
|
||||
* It is always allowed and desired, whatever the smb.conf says.
|
||||
*/
|
||||
(void)lpcfg_server_signing_allowed(lp_ctx, &conn->smb2.signing_mandatory);
|
||||
|
||||
#if defined(WITH_SMB1SERVER)
|
||||
if (conn->protocol >= PROTOCOL_SMB2_02) {
|
||||
#endif
|
||||
/*
|
||||
* For SMB2 all we need to know is if signing is mandatory.
|
||||
* It is always allowed and desired, whatever the smb.conf says.
|
||||
*/
|
||||
(void)lpcfg_server_signing_allowed(lp_ctx, &conn->smb2.signing_mandatory);
|
||||
#if defined(WITH_SMB1SERVER)
|
||||
} else {
|
||||
ok = smb1_srv_init_signing(lp_ctx, conn);
|
||||
}
|
||||
ok = smb1_srv_init_signing(lp_ctx, conn);
|
||||
#endif
|
||||
|
||||
talloc_unlink(conn, lp_ctx);
|
||||
return ok;
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user