sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-04 16:58:42 +03:00
Code

CVE-2015-5296: s3:libsmb: force signing when requiring encryption in do_connect()

Browse Source 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11536

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This commit is contained in:
Stefan Metzmacher 2015-09-30 21:17:02 +02:00
parent acbb4ddb68
commit f8b0f7fd94
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
source3/libsmb/clidfs.c
View File

@ -114,6 +114,11 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx,
const char *domain;
NTSTATUS status;
int flags = 0;
int signing_state = get_cmdline_auth_info_signing_state(auth_info);
if (force_encrypt) {
signing_state = SMB_SIGNING_REQUIRED;
}
/* make a copy so we don't modify the global string 'service' */
servicename = talloc_strdup(ctx,share);
@ -152,7 +157,7 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx,
status = cli_connect_nb(
server, NULL, port, name_type, NULL,
get_cmdline_auth_info_signing_state(auth_info),
signing_state,
flags, &c);
if (!NT_STATUS_IS_OK(status)) {