git.samba.org
/
samba.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
f24f26a
)
libcli:smb: Prefer AES-GCM over AES-CCM with GnuTLS
author
Andreas Schneider
<asn@samba.org>
Fri, 15 Mar 2019 15:25:28 +0000
(16:25 +0100)
committer
Andrew Bartlett
<abartlet@samba.org>
Tue, 27 Aug 2019 04:44:41 +0000
(
04:44
+0000)
The AES-GCM implementation in GnuTLS is faster.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Adapted to remove Samba AES support
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
libcli/smb/smbXcli_base.c
patch
|
blob
|
history
diff --git
a/libcli/smb/smbXcli_base.c
b/libcli/smb/smbXcli_base.c
index 93cd936dde989c73aba93b282a782422862b263b..0115cbbec1854400e39ceb45161780b6b80d12b9 100644
(file)
--- a/
libcli/smb/smbXcli_base.c
+++ b/
libcli/smb/smbXcli_base.c
@@
-4789,12
+4789,9
@@
static struct tevent_req *smbXcli_negprot_smb2_subreq(struct smbXcli_negprot_sta
}
SSVAL(p, 0, 2); /* ChiperCount */
- /*
- * For now we preferr CCM because our implementation
- * is faster than GCM, see bug #11451.
- */
- SSVAL(p, 2, SMB2_ENCRYPTION_AES128_CCM);
- SSVAL(p, 4, SMB2_ENCRYPTION_AES128_GCM);
+
+ SSVAL(p, 2, SMB2_ENCRYPTION_AES128_GCM);
+ SSVAL(p, 4, SMB2_ENCRYPTION_AES128_CCM);
status = smb2_negotiate_context_add(
state, &c, SMB2_ENCRYPTION_CAPABILITIES, p, 6);