CVE-2016-2114: s4:smb2_server: fix session setup with required signing
authorStefan Metzmacher <metze@samba.org>
Thu, 16 Jul 2015 02:45:16 +0000 (04:45 +0200)
committerStefan Metzmacher <metze@samba.org>
Tue, 12 Apr 2016 17:25:25 +0000 (19:25 +0200)
The client can't sign the session setup request...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11687

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: G√ľnther Deschner <gd@samba.org>
source4/smb_server/smb2/sesssetup.c

index d4b8de60794cbf2db59220b6fbb7a7560c24c564..5e261a20e40ca3c5f9b5c4f7f5244bb3703d2603 100644 (file)
@@ -201,14 +201,6 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses
           set SMB2_NEGOTIATE_SIGNING_REQUIRED */
        if (io->smb2.in.security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) {
                smb_sess->smb2_signing.required = true;
-       } else if (req->smb_conn->smb2_signing_required) {
-               /*
-                * if required signing was negotiates in SMB2 Negotiate
-                * then the client made an error not using it here
-                */
-               DEBUG(1, ("SMB2 signing required on the connection but not used on session\n"));
-               req->status = NT_STATUS_FOOBAR;
-               goto failed;
        }
 
        /* disable receipt of more packets on this socket until we've