git.samba.org / kseeger / samba-autobuild-v4-15-test / .git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 90bc67f)
s3:smbd: make sure we don't try to sign CANCEL response PDUs
authorStefan Metzmacher <metze@samba.org>
Tue, 13 Jul 2021 20:37:36 +0000 (22:37 +0200)
committerStefan Metzmacher <metze@samba.org>
Thu, 15 Jul 2021 00:06:31 +0000 (00:06 +0000)
Normally these are never generated, but it can happen when the
signing check fails.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
source3/smbd/smb2_server.c patch | blob | history

diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index 462689077b2c8ab50b17a34e98028a8b91965619..f359db0729d8b03ae35ed26c3ad4a5363b05f991 100644 (file)
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -3123,7 +3123,7 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
                 * If we have a signing key, we should
                 * sign the response
                 */
-               if (smb2_signing_key_valid(signing_key)) {
+               if (smb2_signing_key_valid(signing_key) && opcode != SMB2_OP_CANCEL) {
                        req->do_signing = true;
                }
 
@@ -3165,7 +3165,9 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
                 * Now that we know the request was correctly signed
                 * we have to sign the response too.
                 */
-               req->do_signing = true;
+               if (opcode != SMB2_OP_CANCEL) {
+                       req->do_signing = true;
+               }
 
                if (!NT_STATUS_IS_OK(session_status)) {
                        return smbd_smb2_request_error(req, session_status);
Unnamed repository; edit this file 'description' to name the repository.