CVE-2016-2115: s3:libsmb: use SMB_SIGNING_IPC_DEFAULT and lp_client_ipc_{min,max...

[samba.git] / source3 / libsmb / passchange.c

diff --git a/source3/libsmb/passchange.c b/source3/libsmb/passchange.c
index 4676b7266e59ef4ee3e36830c4fdbfbf4289fbb6..49b9ad60964ffe6d38e65e10f098c22c9e098caa 100644 (file)
--- a/source3/libsmb/passchange.c
+++ b/source3/libsmb/passchange.c
@@ -57,7 +57,7 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam
        *err_str = NULL;
 
        result = cli_connect_nb(remote_machine, NULL, 0, 0x20, NULL,
-                               SMB_SIGNING_DEFAULT, 0, &cli);
+                               SMB_SIGNING_IPC_DEFAULT, 0, &cli);
        if (!NT_STATUS_IS_OK(result)) {
                if (asprintf(err_str, "Unable to connect to SMB server on "
                         "machine %s. Error was : %s.\n",
@@ -67,8 +67,9 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam
                return result;
        }
 
-       result = smbXcli_negprot(cli->conn, cli->timeout, PROTOCOL_CORE,
-                                PROTOCOL_NT1);
+       result = smbXcli_negprot(cli->conn, cli->timeout,
+                                lp_client_ipc_min_protocol(),
+                                lp_client_ipc_max_protocol());
 
        if (!NT_STATUS_IS_OK(result)) {
                if (asprintf(err_str, "machine %s rejected the negotiate "