From 57b04e805d1b6a8857547d511d551637c49d3d32 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sat, 27 Feb 2016 04:23:58 +0100 Subject: [PATCH] CVE-2016-2115: s3:winbindd: use lp_client_ipc_{min,max}_protocol() BUG: https://bugzilla.samba.org/show_bug.cgi?id=11756 Signed-off-by: Stefan Metzmacher Reviewed-by: Ralph Boehme --- source3/include/proto.h | 1 - source3/param/loadparm.c | 9 --------- source3/winbindd/winbindd_cm.c | 4 ++-- 3 files changed, 2 insertions(+), 12 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index a6573fbf4ec..afbbff09bb9 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -896,7 +896,6 @@ const char *lp_idmap_backend(const char *domain_name); const char *lp_idmap_default_backend (void); int lp_security(void); int lp_client_max_protocol(void); -int lp_winbindd_max_protocol(void); int lp_client_ipc_min_protocol(void); int lp_client_ipc_max_protocol(void); int lp_client_ipc_signing(void); diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index a893c5db939..e251a988c55 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -4438,15 +4438,6 @@ int lp_client_max_protocol(void) return client_max_protocol; } -int lp_winbindd_max_protocol(void) -{ - int client_max_protocol = lp__client_max_protocol(); - if (client_max_protocol == PROTOCOL_DEFAULT) { - return PROTOCOL_LATEST; - } - return client_max_protocol; -} - int lp_client_ipc_min_protocol(void) { int client_ipc_min_protocol = lp__client_ipc_min_protocol(); diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index 56e946765b6..e404c09dd63 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -1049,8 +1049,8 @@ static NTSTATUS cm_prepare_connection(struct winbindd_domain *domain, cli_set_timeout(*cli, 10000); /* 10 seconds */ result = smbXcli_negprot((*cli)->conn, (*cli)->timeout, - lp_client_min_protocol(), - lp_winbindd_max_protocol()); + lp_client_ipc_min_protocol(), + lp_client_ipc_max_protocol()); if (!NT_STATUS_IS_OK(result)) { DEBUG(1, ("cli_negprot failed: %s\n", nt_errstr(result))); -- 2.34.1