CVE-2016-2115: s3:winbindd: use lp_client_ipc_{min,max}_protocol()
authorStefan Metzmacher <metze@samba.org>
Sat, 27 Feb 2016 03:23:58 +0000 (04:23 +0100)
committerStefan Metzmacher <metze@samba.org>
Tue, 12 Apr 2016 17:25:26 +0000 (19:25 +0200)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11756

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
source3/include/proto.h
source3/param/loadparm.c
source3/winbindd/winbindd_cm.c

index a6573fbf4ec4c025ae1f4dfd5d1df5275b08279c..afbbff09bb95e84ced90d4ad1af1a4ac045ab150 100644 (file)
@@ -896,7 +896,6 @@ const char *lp_idmap_backend(const char *domain_name);
 const char *lp_idmap_default_backend (void);
 int lp_security(void);
 int lp_client_max_protocol(void);
-int lp_winbindd_max_protocol(void);
 int lp_client_ipc_min_protocol(void);
 int lp_client_ipc_max_protocol(void);
 int lp_client_ipc_signing(void);
index a893c5db9396e31dfe45d1e01cb3b9bb2e036abb..e251a988c5514497955b4995e2bf11de1b1dc95d 100644 (file)
@@ -4438,15 +4438,6 @@ int lp_client_max_protocol(void)
        return client_max_protocol;
 }
 
-int lp_winbindd_max_protocol(void)
-{
-       int client_max_protocol = lp__client_max_protocol();
-       if (client_max_protocol == PROTOCOL_DEFAULT) {
-               return PROTOCOL_LATEST;
-       }
-       return client_max_protocol;
-}
-
 int lp_client_ipc_min_protocol(void)
 {
        int client_ipc_min_protocol = lp__client_ipc_min_protocol();
index 56e946765b653451f9301348063b89f7ca589e48..e404c09dd63a067b010da7c73977ce3bde35cf00 100644 (file)
@@ -1049,8 +1049,8 @@ static NTSTATUS cm_prepare_connection(struct winbindd_domain *domain,
        cli_set_timeout(*cli, 10000); /* 10 seconds */
 
        result = smbXcli_negprot((*cli)->conn, (*cli)->timeout,
-                                lp_client_min_protocol(),
-                                lp_winbindd_max_protocol());
+                                lp_client_ipc_min_protocol(),
+                                lp_client_ipc_max_protocol());
 
        if (!NT_STATUS_IS_OK(result)) {
                DEBUG(1, ("cli_negprot failed: %s\n", nt_errstr(result)));