]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
projects / thirdparty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: dab41de)
CVE-2016-2118: librpc: change the default auth level from DCERPC_AUTH_LEVEL_CONNECT...
authorStefan Metzmacher <metze@samba.org>
Tue, 15 Dec 2015 13:49:36 +0000 (14:49 +0100)
committerStefan Metzmacher <metze@samba.org>
Wed, 30 Mar 2016 02:08:20 +0000 (04:08 +0200)
ncacn_ip_tcp:server should get the same protection as ncacn_np:server
if authentication and smb signing is used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
librpc/rpc/binding.c patch | blob | blame | history

diff --git a/librpc/rpc/binding.c b/librpc/rpc/binding.c
index 37e0c4f54f6722abc5cd661d9ec6fbcedc027238..6407a8d4ee16709548c314c71d9ee865bf1aed33 100644 (file)
--- a/librpc/rpc/binding.c
+++ b/librpc/rpc/binding.c
@@ -591,7 +591,7 @@ _PUBLIC_ void dcerpc_binding_get_auth_info(const struct dcerpc_binding *b,
        } else if (b->flags & DCERPC_CONNECT) {
                auth_level = DCERPC_AUTH_LEVEL_CONNECT;
        } else if (auth_type != DCERPC_AUTH_TYPE_NONE) {
-               auth_level = DCERPC_AUTH_LEVEL_CONNECT;
+               auth_level = DCERPC_AUTH_LEVEL_INTEGRITY;
        } else {
                auth_level = DCERPC_AUTH_LEVEL_NONE;
        }
Mirror of https://github.com/samba-team/samba.git