git.samba.org / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 44dd523) | patch
CVE-2016-2114: s3:smbd: use the correct default values for "smb signing"
authorStefan Metzmacher <metze@samba.org>
Wed, 15 Jul 2015 08:57:03 +0000 (10:57 +0200)
committerStefan Metzmacher <metze@samba.org>
Tue, 12 Apr 2016 17:25:25 +0000 (19:25 +0200)
commit5cb4ee27f8eb9f77d7c5a5353cf4b4f0f91db850
treece012038d34a9e9aadfae7e8531b6aa8a27bf06ctree
parent44dd523d6c91745edecb1fc66b4abc54a6a94c30commit | diff
CVE-2016-2114: s3:smbd: use the correct default values for "smb signing"

This means an ad_dc will now require signing by default.
This matches the default behavior of Windows dc and avoids
man in the middle attacks.

The main logic for this hides in lpcfg_server_signing_allowed().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11687

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
source3/smbd/negprot.c diff | blob | history
source3/smbd/smb2_negprot.c diff | blob | history
source3/smbd/smb2_sesssetup.c diff | blob | history
Samba Shared Repository