From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 3 Nov 2016 16:16:43 +0000 (+0100)
Subject: CVE-2017-12150: s3:lib: get_cmdline_auth_info_signing_state smb_encrypt SMB_SIGNING_R... 
X-Git-Tag: samba-4.4.16~10
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=428ede3dd3bbf3bba86ca1b321bedfcc9aebba79;p=thirdparty%2Fsamba.git

CVE-2017-12150: s3:lib: get_cmdline_auth_info_signing_state smb_encrypt SMB_SIGNING_REQUIRED

This is an addition to the fixes for CVE-2015-5296.

It applies to smb2mount -e, smbcacls -e and smbcquotas -e.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12997

Signed-off-by: Stefan Metzmacher <metze@samba.org>
---

diff --git a/source3/lib/util_cmdline.c b/source3/lib/util_cmdline.c
index 80c3ecdb462..539fa55d3a2 100644
--- a/source3/lib/util_cmdline.c
+++ b/source3/lib/util_cmdline.c
@@ -123,6 +123,9 @@ bool set_cmdline_auth_info_signing_state(struct user_auth_info *auth_info,
 
 int get_cmdline_auth_info_signing_state(const struct user_auth_info *auth_info)
 {
+	if (auth_info->smb_encrypt) {
+		return SMB_SIGNING_REQUIRED;
+	}
 	return auth_info->signing_state;
 }