CVE-2016-2114: s4:smb2_server: fix session setup with required signing

The client can't sign the session setup request...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11687

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c
index 35a148403007409de3fa9d76c4bb266fbf92e505..36adafdb89108510d2aad7bd9bbcc4026f4fc0eb 100644 (file)
--- a/source4/smb_server/smb2/sesssetup.c
+++ b/source4/smb_server/smb2/sesssetup.c
@@ -201,14 +201,6 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses
           set SMB2_NEGOTIATE_SIGNING_REQUIRED */
        if (io->smb2.in.security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) {
                smb_sess->smb2_signing.required = true;
-       } else if (req->smb_conn->smb2_signing_required) {
-               /*
-                * if required signing was negotiates in SMB2 Negotiate
-                * then the client made an error not using it here
-                */
-               DEBUG(1, ("SMB2 signing required on the connection but not used on session\n"));
-               req->status = NT_STATUS_FOOBAR;
-               goto failed;
        }
 
        /* disable receipt of more packets on this socket until we've