git.samba.org / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 007ed89)
libcli/smb: fix non mendatory signing against some vendor SMB2 servers.
authorStefan Metzmacher <metze@samba.org>
Tue, 17 Sep 2013 02:12:30 +0000 (04:12 +0200)
committerKarolin Seeger <kseeger@samba.org>
Thu, 19 Sep 2013 08:17:38 +0000 (10:17 +0200)
Windows and Samba always sign the final session setup response
even if signing is not mendatory, but it ensures that the signing
key is correctly in place.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10146

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Sep 17 09:40:10 CEST 2013 on sn-devel-104
(cherry picked from commit af290a03cef63c3b08446c1980de064a3b1c8804)

libcli/smb/smbXcli_base.c patch | blob | history

diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index 1e91975b128da2992e79828fda2ec39dad2451a9..9d187cd773b28b07a167e65d7d7d6d24a1e19bca 100644 (file)
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -4841,7 +4841,16 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
                                        session->conn->protocol,
                                        recv_iov, 3);
        if (!NT_STATUS_IS_OK(status)) {
-               return status;
+               /*
+                * Sadly some vendors don't sign the
+                * final SMB2 session setup response
+                *
+                * At least Windows and Samba are always doing this
+                * if there's a session key available.
+                */
+               if (conn->mandatory_signing) {
+                       return status;
+               }
        }
 
        session->smb2->should_sign = false;
Samba Shared Repository