git.samba.org / bbaumbach / samba-autobuild / .git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ef1a66d)
CVE-2016-2019: libcli/smb: don't allow guest sessions if we require signing
authorStefan Metzmacher <metze@samba.org>
Wed, 20 Apr 2016 09:26:57 +0000 (11:26 +0200)
committerKarolin Seeger <kseeger@samba.org>
Thu, 7 Jul 2016 09:22:27 +0000 (11:22 +0200)
Note real anonymous sessions (with "" as username) don't hit this
as we don't even call smb2cli_session_set_session_key() in that case.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11860

Signed-off-by: Stefan Metzmacher <metze@samba.org>
libcli/smb/smbXcli_base.c patch | blob | history

diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index 135538b0746cb380105b4d5fe86785c8bc505637..0a2473ef632d6d965ff58875546330e5378e9b6a 100644 (file)
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -5312,6 +5312,10 @@ bool smbXcli_session_is_guest(struct smbXcli_session *session)
                return false;
        }
 
+       if (session->conn->mandatory_signing) {
+               return false;
+       }
+
        if (session->conn->protocol >= PROTOCOL_SMB2_02) {
                if (session->smb2->session_flags & SMB2_SESSION_FLAG_IS_GUEST) {
                        return true;
@@ -5571,7 +5575,7 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
                                         const struct iovec *recv_iov)
 {
        struct smbXcli_conn *conn = session->conn;
-       uint16_t no_sign_flags;
+       uint16_t no_sign_flags = 0;
        uint8_t session_key[16];
        bool check_signature = true;
        uint32_t hdr_flags;
@@ -5596,7 +5600,18 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
                return NT_STATUS_INVALID_PARAMETER_MIX;
        }
 
-       no_sign_flags = SMB2_SESSION_FLAG_IS_GUEST | SMB2_SESSION_FLAG_IS_NULL;
+       if (!conn->mandatory_signing) {
+               /*
+                * only allow guest sessions without
+                * mandatory signing.
+                *
+                * If we try an authentication with username != ""
+                * and the server let us in without verifying the
+                * password we don't have a negotiated session key
+                * for signing.
+                */
+               no_sign_flags = SMB2_SESSION_FLAG_IS_GUEST;
+       }
 
        if (session->smb2->session_flags & no_sign_flags) {
                session->smb2->should_sign = false;
Unnamed repository; edit this file 'description' to name the repository.