From: Ralph Boehme <slow@samba.org>
Date: Tue, 20 Jun 2023 16:13:23 +0000 (+0200)
Subject: CVE-2023-3347: smbd: remove comment in smbd_smb2_request_process_negprot()
X-Git-Tag: samba-4.17.10~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a22fcb689187a7b1fa20d008026c91283e222390;p=thirdparty%2Fsamba.git

CVE-2023-3347: smbd: remove comment in smbd_smb2_request_process_negprot()

This is just going to bitrot. Anyone who's interested can just grep for
"signing_mandatory" and look up what it does.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15397

Signed-off-by: Ralph Boehme <slow@samba.org>
---

diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c
index baddbecaade..685a1460cef 100644
--- a/source3/smbd/smb2_negprot.c
+++ b/source3/smbd/smb2_negprot.c
@@ -361,12 +361,6 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
 	}
 
 	security_mode = SMB2_NEGOTIATE_SIGNING_ENABLED;
-	/*
-	 * We use xconn->smb2.signing_mandatory set up via
-	 * srv_init_signing() -> smb2_srv_init_signing().
-	 * This calls lpcfg_server_signing_allowed() to get the correct
-	 * defaults, e.g. signing_required for an ad_dc.
-	 */
 	if (xconn->smb2.signing_mandatory) {
 		security_mode |= SMB2_NEGOTIATE_SIGNING_REQUIRED;
 	}