[Pkg-samba-maint] [samba] 10/12: CVE-2017-12151: s3:libsmb: make use of cli_state_is_encryption_on()
Mathieu Parent
sathieu at moszumanska.debian.org
Thu Sep 21 07:26:03 UTC 2017
This is an automated email from the git hooks/post-receive script.
sathieu pushed a commit to branch stretch-security
in repository samba.
commit 17b3e3af8ff6d3c608a101e556f9227799d4ed74
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat Dec 17 10:36:49 2016 +0100
CVE-2017-12151: s3:libsmb: make use of cli_state_is_encryption_on()
This will keep enforced encryption across dfs referrals.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12996
Signed-off-by: Stefan Metzmacher <metze at samba.org>
---
source3/libsmb/clidfs.c | 4 ++--
source3/libsmb/libsmb_context.c | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c
index 3b3e6b9..074f8ed 100644
--- a/source3/libsmb/clidfs.c
+++ b/source3/libsmb/clidfs.c
@@ -954,7 +954,7 @@ NTSTATUS cli_resolve_path(TALLOC_CTX *ctx,
"IPC$",
dfs_auth_info,
false,
- smb1cli_conn_encryption_on(rootcli->conn),
+ cli_state_is_encryption_on(rootcli),
smbXcli_conn_protocol(rootcli->conn),
0,
0x20,
@@ -1012,7 +1012,7 @@ NTSTATUS cli_resolve_path(TALLOC_CTX *ctx,
dfs_refs[count].share,
dfs_auth_info,
false,
- smb1cli_conn_encryption_on(rootcli->conn),
+ cli_state_is_encryption_on(rootcli),
smbXcli_conn_protocol(rootcli->conn),
0,
0x20,
diff --git a/source3/libsmb/libsmb_context.c b/source3/libsmb/libsmb_context.c
index a956058..74adade 100644
--- a/source3/libsmb/libsmb_context.c
+++ b/source3/libsmb/libsmb_context.c
@@ -486,7 +486,7 @@ smbc_option_get(SMBCCTX *context,
for (s = context->internal->servers; s; s = s->next) {
num_servers++;
- if (!smb1cli_conn_encryption_on(s->cli->conn)) {
+ if (!cli_state_is_encryption_on(s->cli)) {
return (void *)false;
}
}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-samba/samba.git
More information about the Pkg-samba-maint
mailing list