]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
projects / thirdparty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3157cce)
CVE-2017-12151: s3:libsmb: make use of cli_state_is_encryption_on()
authorStefan Metzmacher <metze@samba.org>
Sat, 17 Dec 2016 09:36:49 +0000 (10:36 +0100)
committerStefan Metzmacher <metze@samba.org>
Mon, 4 Sep 2017 09:29:53 +0000 (11:29 +0200)
This will keep enforced encryption across dfs referrals.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12996

Signed-off-by: Stefan Metzmacher <metze@samba.org>
source3/libsmb/clidfs.c patch | blob | blame | history
source3/libsmb/libsmb_context.c patch | blob | blame | history

diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c
index fdcd66529c81c0adaf367605710938b9d126b241..b8edeb665bbe0bdb8a12eee9db20fabd7833a565 100644 (file)
--- a/source3/libsmb/clidfs.c
+++ b/source3/libsmb/clidfs.c
@@ -972,7 +972,7 @@ NTSTATUS cli_resolve_path(TALLOC_CTX *ctx,
                             "IPC$",
                             dfs_auth_info,
                             false,
-                            smb1cli_conn_encryption_on(rootcli->conn),
+                            cli_state_is_encryption_on(rootcli),
                             smbXcli_conn_protocol(rootcli->conn),
                             0,
                             0x20,
@@ -1030,7 +1030,7 @@ NTSTATUS cli_resolve_path(TALLOC_CTX *ctx,
                                dfs_refs[count].share,
                                dfs_auth_info,
                                false,
-                               smb1cli_conn_encryption_on(rootcli->conn),
+                               cli_state_is_encryption_on(rootcli),
                                smbXcli_conn_protocol(rootcli->conn),
                                0,
                                0x20,
diff --git a/source3/libsmb/libsmb_context.c b/source3/libsmb/libsmb_context.c
index ed6ca2b1b9fd0d7109120dd7cae3be2edae85cbd..b55cf1e2d154f53f8795a65aff8222cf1f41b3c9 100644 (file)
--- a/source3/libsmb/libsmb_context.c
+++ b/source3/libsmb/libsmb_context.c
@@ -486,7 +486,7 @@ smbc_option_get(SMBCCTX *context,
 
                 for (s = context->internal->servers; s; s = s->next) {
                         num_servers++;
-                        if (!smb1cli_conn_encryption_on(s->cli->conn)) {
+                        if (!cli_state_is_encryption_on(s->cli)) {
                                 return (void *)false;
                         }
                 }
Mirror of https://github.com/samba-team/samba.git