74 lines
2.3 KiB
Diff
74 lines
2.3 KiB
Diff
From 59131d6c345864dcf1ed3331c52ce35ddc5db2dc Mon Sep 17 00:00:00 2001
|
|
From: Ralph Boehme <slow@samba.org>
|
|
Date: Wed, 21 Jun 2023 15:10:58 +0200
|
|
Subject: [PATCH 3/5] CVE-2023-3347: smbd: inline smb2_srv_init_signing() code
|
|
in srv_init_signing()
|
|
|
|
It's now a one-line function, imho the overall code is simpler if that code is
|
|
just inlined.
|
|
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15397
|
|
|
|
Signed-off-by: Ralph Boehme <slow@samba.org>
|
|
---
|
|
source3/smbd/proto.h | 2 --
|
|
source3/smbd/smb2_signing.c | 19 ++++++-------------
|
|
2 files changed, 6 insertions(+), 15 deletions(-)
|
|
|
|
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
|
|
index 3884617e77b..78e1b48be09 100644
|
|
--- a/source3/smbd/proto.h
|
|
+++ b/source3/smbd/proto.h
|
|
@@ -52,8 +52,6 @@ struct dcesrv_context;
|
|
|
|
/* The following definitions come from smbd/smb2_signing.c */
|
|
|
|
-bool smb2_srv_init_signing(struct loadparm_context *lp_ctx,
|
|
- struct smbXsrv_connection *conn);
|
|
bool srv_init_signing(struct smbXsrv_connection *conn);
|
|
|
|
/* The following definitions come from smbd/aio.c */
|
|
diff --git a/source3/smbd/smb2_signing.c b/source3/smbd/smb2_signing.c
|
|
index c1f876f9cd7..ef4a54d5710 100644
|
|
--- a/source3/smbd/smb2_signing.c
|
|
+++ b/source3/smbd/smb2_signing.c
|
|
@@ -26,21 +26,10 @@
|
|
#include "lib/param/param.h"
|
|
#include "smb2_signing.h"
|
|
|
|
-bool smb2_srv_init_signing(struct loadparm_context *lp_ctx,
|
|
- struct smbXsrv_connection *conn)
|
|
-{
|
|
- /*
|
|
- * For SMB2 all we need to know is if signing is mandatory.
|
|
- * It is always allowed and desired, whatever the smb.conf says.
|
|
- */
|
|
- (void)lpcfg_server_signing_allowed(lp_ctx, &conn->smb2.signing_mandatory);
|
|
- return true;
|
|
-}
|
|
-
|
|
bool srv_init_signing(struct smbXsrv_connection *conn)
|
|
{
|
|
struct loadparm_context *lp_ctx = NULL;
|
|
- bool ok;
|
|
+ bool ok = true;
|
|
|
|
lp_ctx = loadparm_init_s3(conn, loadparm_s3_helpers());
|
|
if (lp_ctx == NULL) {
|
|
@@ -51,7 +40,11 @@ bool srv_init_signing(struct smbXsrv_connection *conn)
|
|
#if defined(WITH_SMB1SERVER)
|
|
if (conn->protocol >= PROTOCOL_SMB2_02) {
|
|
#endif
|
|
- ok = smb2_srv_init_signing(lp_ctx, conn);
|
|
+ /*
|
|
+ * For SMB2 all we need to know is if signing is mandatory.
|
|
+ * It is always allowed and desired, whatever the smb.conf says.
|
|
+ */
|
|
+ (void)lpcfg_server_signing_allowed(lp_ctx, &conn->smb2.signing_mandatory);
|
|
#if defined(WITH_SMB1SERVER)
|
|
} else {
|
|
ok = smb1_srv_init_signing(lp_ctx, conn);
|
|
--
|
|
2.39.3
|
|
|