CVE-2016-2114: libcli/smb: let mandatory signing imply allowed signing

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11687

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

diff --git a/libcli/smb/smb_signing.c b/libcli/smb/smb_signing.c
index e128e8f8a0bd77ca35a10af4251beb1f0d493e02..a7bc819f48965c8e040b74fd4635f827005bbc9d 100644 (file)
--- a/libcli/smb/smb_signing.c
+++ b/libcli/smb/smb_signing.c
@@ -424,6 +424,10 @@ bool smb_signing_set_negotiated(struct smb_signing_state *si,
                return true;
        }
 
+       if (mandatory) {
+               allowed = true;
+       }
+
        if (!si->allowed && mandatory) {
                return false;
        }