From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 28 Apr 2016 00:36:35 +0000 (+0200)
Subject: CVE-2016-2019: s3:libsmb: add comment regarding smbXcli_session_is_guest() with manda... 
X-Git-Tag: samba-4.2.14~3
X-Git-Url: http://git.samba.org/?p=samba.git;a=commitdiff_plain;h=db256b6163fc010b4d895366327a81ee7e0eb24a

CVE-2016-2019: s3:libsmb: add comment regarding smbXcli_session_is_guest() with mandatory signing

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11860

Signed-off-by: Stefan Metzmacher <metze@samba.org>
---

diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 420fe3c5e04..3de379616b5 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -1606,6 +1606,9 @@ static void cli_session_setup_gensec_remote_done(struct tevent_req *subreq)
 			 * have a negotiated session key.
 			 *
 			 * So just pretend we are completely done.
+			 *
+			 * Note that smbXcli_session_is_guest()
+			 * always returns false if we require signing.
 			 */
 			state->blob_in = data_blob_null;
 			state->local_ready = true;