39 lines
1.3 KiB
Diff
39 lines
1.3 KiB
Diff
From a22fcb689187a7b1fa20d008026c91283e222390 Mon Sep 17 00:00:00 2001
|
|
From: Ralph Boehme <slow@samba.org>
|
|
Date: Tue, 20 Jun 2023 18:13:23 +0200
|
|
Subject: [PATCH 21/28] CVE-2023-3347: smbd: remove comment in
|
|
smbd_smb2_request_process_negprot()
|
|
|
|
This is just going to bitrot. Anyone who's interested can just grep for
|
|
"signing_mandatory" and look up what it does.
|
|
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15397
|
|
|
|
Signed-off-by: Ralph Boehme <slow@samba.org>
|
|
|
|
Conflict: NA
|
|
Reference: https://download.samba.org/pub/samba/patches/security/samba-4.17.10-security-2023-07-19.patch
|
|
---
|
|
source3/smbd/smb2_negprot.c | 6 ------
|
|
1 file changed, 6 deletions(-)
|
|
|
|
diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c
|
|
index baddbecaade..685a1460cef 100644
|
|
--- a/source3/smbd/smb2_negprot.c
|
|
+++ b/source3/smbd/smb2_negprot.c
|
|
@@ -361,12 +361,6 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
|
|
}
|
|
|
|
security_mode = SMB2_NEGOTIATE_SIGNING_ENABLED;
|
|
- /*
|
|
- * We use xconn->smb2.signing_mandatory set up via
|
|
- * srv_init_signing() -> smb2_srv_init_signing().
|
|
- * This calls lpcfg_server_signing_allowed() to get the correct
|
|
- * defaults, e.g. signing_required for an ad_dc.
|
|
- */
|
|
if (xconn->smb2.signing_mandatory) {
|
|
security_mode |= SMB2_NEGOTIATE_SIGNING_REQUIRED;
|
|
}
|
|
--
|
|
2.34.1
|