1 |
vip-ire |
1.1 |
From bbde6e61580e030a84d2f0ce1e47d54dd51f5d10 Mon Sep 17 00:00:00 2001 |
2 |
|
|
From: Stefan Metzmacher <metze@samba.org> |
3 |
|
|
Date: Wed, 18 May 2016 09:56:02 +0200 |
4 |
|
|
Subject: [PATCH] s3:smbd: fix anonymous authentication if signing is mandatory |
5 |
|
|
|
6 |
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11910 |
7 |
|
|
|
8 |
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org> |
9 |
|
|
Reviewed-by: Andreas Schneider <asn@samba.org> |
10 |
|
|
|
11 |
|
|
Autobuild-User(master): Stefan Metzmacher <metze@samba.org> |
12 |
|
|
Autobuild-Date(master): Wed May 18 15:49:46 CEST 2016 on sn-devel-144 |
13 |
|
|
|
14 |
|
|
(cherry picked from commit aa5760433b219de7b41d35ca7ad6d4d702b89adf) |
15 |
|
|
--- |
16 |
|
|
source3/smbd/sesssetup.c | 8 ++++++-- |
17 |
|
|
1 file changed, 6 insertions(+), 2 deletions(-) |
18 |
|
|
|
19 |
|
|
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c |
20 |
|
|
index 77b8077..5d92af1 100644 |
21 |
|
|
--- a/source3/smbd/sesssetup.c |
22 |
|
|
+++ b/source3/smbd/sesssetup.c |
23 |
|
|
@@ -135,6 +135,7 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req) |
24 |
|
|
struct smbXsrv_connection *xconn = req->xconn; |
25 |
|
|
struct smbd_server_connection *sconn = req->sconn; |
26 |
|
|
uint16_t action = 0; |
27 |
|
|
+ bool is_authenticated = false; |
28 |
|
|
NTTIME now = timeval_to_nttime(&req->request_time); |
29 |
|
|
struct smbXsrv_session *session = NULL; |
30 |
|
|
uint16_t smb_bufsize = SVAL(req->vwv+2, 0); |
31 |
|
|
@@ -328,12 +329,13 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req) |
32 |
|
|
sconn->num_users++; |
33 |
|
|
|
34 |
|
|
if (security_session_user_level(session_info, NULL) >= SECURITY_USER) { |
35 |
|
|
+ is_authenticated = true; |
36 |
|
|
session->compat->homes_snum = |
37 |
|
|
register_homes_share(session_info->unix_info->unix_name); |
38 |
|
|
} |
39 |
|
|
|
40 |
|
|
if (srv_is_signing_negotiated(xconn) && |
41 |
|
|
- action == 0 && |
42 |
|
|
+ is_authenticated && |
43 |
|
|
session->global->signing_key.length > 0) |
44 |
|
|
{ |
45 |
|
|
/* |
46 |
|
|
@@ -592,6 +594,7 @@ void reply_sesssetup_and_X(struct smb_request *req) |
47 |
|
|
struct auth_session_info *session_info = NULL; |
48 |
|
|
uint16 smb_flag2 = req->flags2; |
49 |
|
|
uint16_t action = 0; |
50 |
|
|
+ bool is_authenticated = false; |
51 |
|
|
NTTIME now = timeval_to_nttime(&req->request_time); |
52 |
|
|
struct smbXsrv_session *session = NULL; |
53 |
|
|
NTSTATUS nt_status; |
54 |
|
|
@@ -1029,12 +1032,13 @@ void reply_sesssetup_and_X(struct smb_request *req) |
55 |
|
|
sconn->num_users++; |
56 |
|
|
|
57 |
|
|
if (security_session_user_level(session_info, NULL) >= SECURITY_USER) { |
58 |
|
|
+ is_authenticated = true; |
59 |
|
|
session->compat->homes_snum = |
60 |
|
|
register_homes_share(session_info->unix_info->unix_name); |
61 |
|
|
} |
62 |
|
|
|
63 |
|
|
if (srv_is_signing_negotiated(xconn) && |
64 |
|
|
- action == 0 && |
65 |
|
|
+ is_authenticated && |
66 |
|
|
session->global->signing_key.length > 0) |
67 |
|
|
{ |
68 |
|
|
/* |
69 |
|
|
-- |
70 |
|
|
1.9.1 |
71 |
|
|
|