CVE-2017-12150: s3:lib: get_cmdline_auth_info_signing_state smb_encrypt SMB_SIGNING_R...

This is an addition to the fixes for CVE-2015-5296.

It applies to smb2mount -e, smbcacls -e and smbcquotas -e.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12997

Signed-off-by: Stefan Metzmacher <metze@samba.org>

diff --git a/source3/lib/util_cmdline.c b/source3/lib/util_cmdline.c
index 80142e2f82b4c75687d0957a78daa8a1ac8ce6c8..90ee67c4cb7663e1a5f28f16092ebebbd4a7fd1e 100644 (file)
--- a/source3/lib/util_cmdline.c
+++ b/source3/lib/util_cmdline.c
@@ -265,6 +265,9 @@ void set_cmdline_auth_info_signing_state_raw(struct user_auth_info *auth_info,
 
 int get_cmdline_auth_info_signing_state(const struct user_auth_info *auth_info)
 {
+       if (auth_info->smb_encrypt) {
+               return SMB_SIGNING_REQUIRED;
+       }
        return auth_info->signing_state;
 }