libcli:smb: Prefer AES-GCM over AES-CCM with GnuTLS

author Andreas Schneider <asn@samba.org>

Fri, 15 Mar 2019 15:25:28 +0000 (16:25 +0100)

committer Andrew Bartlett <abartlet@samba.org>

Tue, 27 Aug 2019 04:44:41 +0000 (04:44 +0000)
author Andreas Schneider <asn@samba.org>
Fri, 15 Mar 2019 15:25:28 +0000 (16:25 +0100)
committer Andrew Bartlett <abartlet@samba.org>
Tue, 27 Aug 2019 04:44:41 +0000 (04:44 +0000)
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c

index 93cd936dde989c73aba93b282a782422862b263b..0115cbbec1854400e39ceb45161780b6b80d12b9 100644 (file)
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -4789,12 +4789,9 @@ static struct tevent_req *smbXcli_negprot_smb2_subreq(struct smbXcli_negprot_sta
                 }
  
                 SSVAL(p, 0, 2); /* ChiperCount */
-               /*
-                * For now we preferr CCM because our implementation
-                * is faster than GCM, see bug #11451.
-                */
-               SSVAL(p, 2, SMB2_ENCRYPTION_AES128_CCM);
-               SSVAL(p, 4, SMB2_ENCRYPTION_AES128_GCM);
+
+               SSVAL(p, 2, SMB2_ENCRYPTION_AES128_GCM);
+               SSVAL(p, 4, SMB2_ENCRYPTION_AES128_CCM);
  
                 status = smb2_negotiate_context_add(
                         state, &c, SMB2_ENCRYPTION_CAPABILITIES, p, 6);
author	Andreas Schneider <asn@samba.org>
	Fri, 15 Mar 2019 15:25:28 +0000 (16:25 +0100)
committer	Andrew Bartlett <abartlet@samba.org>
	Tue, 27 Aug 2019 04:44:41 +0000 (04:44 +0000)