From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 15 Dec 2015 13:49:36 +0000 (+0100)
Subject: CVE-2016-2118: librpc: change the default auth level from DCERPC_AUTH_LEVEL_CONNECT... 
X-Git-Tag: samba-4.2.10~112
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=52aa7b60f3ca9325d30af9f8676471afcbda87be;p=thirdparty%2Fsamba.git

CVE-2016-2118: librpc: change the default auth level from DCERPC_AUTH_LEVEL_CONNECT to DCERPC_AUTH_LEVEL_INTEGRITY

ncacn_ip_tcp:server should get the same protection as ncacn_np:server
if authentication and smb signing is used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
---

diff --git a/librpc/rpc/binding.c b/librpc/rpc/binding.c
index 37e0c4f54f6..6407a8d4ee1 100644
--- a/librpc/rpc/binding.c
+++ b/librpc/rpc/binding.c
@@ -591,7 +591,7 @@ _PUBLIC_ void dcerpc_binding_get_auth_info(const struct dcerpc_binding *b,
 	} else if (b->flags & DCERPC_CONNECT) {
 		auth_level = DCERPC_AUTH_LEVEL_CONNECT;
 	} else if (auth_type != DCERPC_AUTH_TYPE_NONE) {
-		auth_level = DCERPC_AUTH_LEVEL_CONNECT;
+		auth_level = DCERPC_AUTH_LEVEL_INTEGRITY;
 	} else {
 		auth_level = DCERPC_AUTH_LEVEL_NONE;
 	}