1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
samba-mirror/libcli/smb
Stefan Metzmacher d81bffa0fb CVE-2016-2019: libcli/smb: don't allow guest sessions if we require signing
Note real anonymous sessions (with "" as username) don't hit this
as we don't even call smb2cli_session_set_session_key() in that case.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11860

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2016-07-07 11:22:27 +02:00
..
read_smb.c libcli/smb: use tevent_req_received(req) in read_smb_recv() 2015-06-12 17:08:18 +02:00
read_smb.h libcli/smb: remove unused includes from read_smb.h 2011-10-25 00:24:07 +02:00
smb1cli_close.c libcli/smb: add smb1cli_close* 2014-01-07 08:37:39 +01:00
smb1cli_create.c libcli/smb: add smb1cli_ntcreatex* 2014-01-07 08:37:39 +01:00
smb1cli_echo.c libcli: Fix a segfault calling smbXcli_req_set_pending() on NULL. 2014-09-23 04:23:05 +02:00
smb1cli_read.c libcli/smb: correctly handle STATUS_BUFFER_OVERFLOW in smb1cli_readx* 2015-12-01 00:38:23 +01:00
smb1cli_trans.c libsmb: Streamline smb1cli_trans a bit 2015-06-26 19:32:19 +02:00
smb1cli_write.c libcli/smb: add smb1cli_writex* 2014-01-07 08:37:39 +01:00
smb2_constants.h libcli/smb: In CCM and GCM mode we can't reuse nonces 2015-05-29 19:50:25 +02:00
smb2_create_blob.c libcli/smb: fix unitialized padding in smb2_create_blob_push_one() (bug #9209) 2012-10-27 10:05:22 +02:00
smb2_create_blob.h s3: client - rename 'struct smb2_create_returns' to 'struct smb_create_returns' so we can use this in SMB1 create returns as well. 2014-05-09 23:10:07 +02:00
smb2_create_ctx.h s3:smbd: add SMB2 AAPL create context defines 2014-12-04 22:11:07 +01:00
smb2_lease.c Revert "libcli/smb: mask off SMB2_LEASE_FLAG_PARENT_LEASE_KEY_SET for version 1" 2014-11-27 16:45:05 +01:00
smb2_lease.h libcli/smb: Add smb2_lease_equal() which compares client_guids and keys. 2014-11-07 22:41:47 +01:00
smb2_negotiate_context.c libcli/smb: add smb2_negotiate_context.c 2014-10-07 22:47:04 +02:00
smb2_negotiate_context.h libcli: SMB2: Pure SMB2-only negprot fix to make us behave as a Windows client does. 2014-11-26 19:05:37 +01:00
smb2_signing.c libcli:smb2: Use constant time memcmp() to verify the signature 2016-04-19 09:37:14 +02:00
smb2_signing.h libcli/smb: pass 'uint16_t cipher_id' to smb2_signing_[de|en]crypt_pdu() 2014-10-16 19:30:04 +02:00
smb2cli_close.c libcli/smb: pass max_dyn_len to smb2cli_req_send() 2013-08-15 09:07:06 +02:00
smb2cli_create.c libcli: Make smb2cli_create return blobs 2014-06-30 22:28:14 +02:00
smb2cli_echo.c libcli/smb: pass max_dyn_len to smb2cli_req_send() 2013-08-15 09:07:06 +02:00
smb2cli_flush.c libcli/smb: pass max_dyn_len to smb2cli_req_send() 2013-08-15 09:07:06 +02:00
smb2cli_ioctl.c libcli/smb: make sure we have a body size of 0x31 before dereferencing an ioctl response 2015-12-01 00:38:23 +01:00
smb2cli_query_directory.c Rename SMB2_OP_FIND to SMB2_OP_QUERY_DIRECTORY so that it conforms with the MS document MS-SMB2. 2015-03-27 01:24:47 +01:00
smb2cli_query_info.c libcli/smb: correctly handle STATUS_BUFFER_OVERFLOW in smb2cli_query_info* 2015-12-01 00:38:23 +01:00
smb2cli_read.c libcli/smb: correctly handle STATUS_BUFFER_OVERFLOW in smb2cli_read* 2015-12-01 00:38:23 +01:00
smb2cli_session.c libcli/smb: implement SMB 3.10 session setup 2014-10-07 22:47:04 +02:00
smb2cli_set_info.c libcli/smb: pass max_dyn_len to smb2cli_req_send() 2013-08-15 09:07:06 +02:00
smb2cli_tcon.c libcli/smb: pass tcon flags to the server for SMB 3.10 2014-10-07 22:47:04 +02:00
smb2cli_write.c libcli/smb: pass max_dyn_len to smb2cli_req_send() 2013-08-15 09:07:06 +02:00
smb_common.h libsmb: Move "struct smb2_lease" to common 2013-04-30 14:13:41 +02:00
smb_constants.h libcli/smb: add SMB1 session setup action flags 2016-04-28 16:51:16 +02:00
smb_seal.c Fix Bug 9422 - large read requests cause server to issue malformed reply 2012-11-30 03:27:07 +01:00
smb_seal.h libcli/smb: Convert struct smb_trans_enc_state to talloc 2012-01-31 20:17:10 +01:00
smb_signing.c CVE-2016-2114: libcli/smb: let mandatory signing imply allowed signing 2016-04-12 19:25:26 +02:00
smb_signing.h libcli/smb: add smb_signing_is_desired() 2014-04-16 07:50:05 +02:00
smb_unix_ext.h libcli/smb: add define SMB_ENCRYPTION_GSSAPI for CIFS encryption type 2016-01-22 07:52:21 +01:00
smb_util.h libcli/smb: add smb_buffer_oob() helper 2011-10-26 15:33:30 +02:00
smbXcli_base.c CVE-2016-2019: libcli/smb: don't allow guest sessions if we require signing 2016-07-07 11:22:27 +02:00
smbXcli_base.h libcli/smb: add smbXcli_session_is_guest() helper function 2016-04-28 16:51:16 +02:00
tstream_smbXcli_np.c CVE-2015-5370: libcli/smb: use a max timeout of 1 second in tstream_smbXcli_np_destructor() 2016-04-12 19:25:32 +02:00
tstream_smbXcli_np.h libcli/smb: make TSTREAM_SMBXCLI_NP_MAX_BUF_SIZE public 2014-03-25 00:45:28 +01:00
util.c libcli/smb: add smb_buffer_oob() helper 2011-10-26 15:33:30 +02:00
wscript Rename 'errors' to 'samba-errors' and make it public. 2016-01-13 07:47:04 +01:00