git.samba.org
/
amitay
/
samba.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
9c1ead5
)
CVE-2017-12150: libgpo: make use of SMB_SIGNING_REQUIRED in gpo_connect_server()
author
Stefan Metzmacher
<metze@samba.org>
Mon, 12 Dec 2016 04:49:46 +0000
(
05:49
+0100)
committer
Karolin Seeger
<kseeger@samba.org>
Wed, 20 Sep 2017 11:04:10 +0000
(13:04 +0200)
It's important that we use a signed connection to get the GPOs!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12997
Signed-off-by: Stefan Metzmacher <metze@samba.org>
libgpo/gpo_fetch.c
patch
|
blob
|
history
diff --git
a/libgpo/gpo_fetch.c
b/libgpo/gpo_fetch.c
index 836bc23f2d286986ffbfcd3248996eb21680904e..3740d4e4b577a249521a0f42e8007631e4de5052 100644
(file)
--- a/
libgpo/gpo_fetch.c
+++ b/
libgpo/gpo_fetch.c
@@
-133,7
+133,7
@@
static NTSTATUS gpo_connect_server(ADS_STRUCT *ads,
ads->auth.password,
CLI_FULL_CONNECTION_USE_KERBEROS |
CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS,
-
Undefined
);
+
SMB_SIGNING_REQUIRED
);
if (!NT_STATUS_IS_OK(result)) {
DEBUG(10,("check_refresh_gpo: "
"failed to connect: %s\n",