From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 23 Dec 2015 15:17:04 +0000 (+0100)
Subject: CVE-2016-2113: s4:librpc/rpc: verify the rpc_proxy certificate and hostname if configured
X-Git-Tag: samba-4.2.10~146
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=95da9fcb15188477966bc8bb2cab589e4753c4e3;p=thirdparty%2Fsamba.git

CVE-2016-2113: s4:librpc/rpc: verify the rpc_proxy certificate and hostname if configured

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11752

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
---

diff --git a/source4/librpc/rpc/dcerpc_roh.c b/source4/librpc/rpc/dcerpc_roh.c
index c4842fb8cb6..6da29787fbe 100644
--- a/source4/librpc/rpc/dcerpc_roh.c
+++ b/source4/librpc/rpc/dcerpc_roh.c
@@ -185,10 +185,17 @@ struct tevent_req *dcerpc_pipe_open_roh_send(struct dcecli_connection *conn,
 
 	/* Initialize TLS */
 	if (use_tls) {
-		status = tstream_tls_params_client(state->roh, NULL, NULL,
-						   lpcfg_tls_priority(lp_ctx),
-						   TLS_VERIFY_PEER_NO_CHECK,
-						   NULL,
+		char *ca_file = lpcfg_tls_cafile(state, lp_ctx);
+		char *crl_file = lpcfg_tls_crlfile(state, lp_ctx);
+		const char *tls_priority = lpcfg_tls_priority(lp_ctx);
+		enum tls_verify_peer_state verify_peer =
+			lpcfg_tls_verify_peer(lp_ctx);
+
+		status = tstream_tls_params_client(state->roh,
+						   ca_file, crl_file,
+						   tls_priority,
+						   verify_peer,
+						   state->rpc_proxy,
 						   &state->tls_params);
 		if (!NT_STATUS_IS_OK(status)) {
 			DEBUG(0,("%s: Failed tstream_tls_params_client - %s\n",