37 lines
1.2 KiB
Diff
37 lines
1.2 KiB
Diff
From 5a222ac37183ba5dd717d81c7e57f78e59695a67 Mon Sep 17 00:00:00 2001
|
|
From: Ralph Boehme <slow@samba.org>
|
|
Date: Tue, 20 Jun 2023 18:13:23 +0200
|
|
Subject: [PATCH 4/5] CVE-2023-3347: smbd: remove comment in
|
|
smbd_smb2_request_process_negprot()
|
|
|
|
This is just going to bitrot. Anyone who's interested can just grep for
|
|
"signing_mandatory" and look up what it does.
|
|
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15397
|
|
|
|
Signed-off-by: Ralph Boehme <slow@samba.org>
|
|
---
|
|
source3/smbd/smb2_negprot.c | 6 ------
|
|
1 file changed, 6 deletions(-)
|
|
|
|
diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c
|
|
index 9d4ce160e5c..885769be24d 100644
|
|
--- a/source3/smbd/smb2_negprot.c
|
|
+++ b/source3/smbd/smb2_negprot.c
|
|
@@ -368,12 +368,6 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
|
|
}
|
|
|
|
security_mode = SMB2_NEGOTIATE_SIGNING_ENABLED;
|
|
- /*
|
|
- * We use xconn->smb2.signing_mandatory set up via
|
|
- * srv_init_signing() -> smb2_srv_init_signing().
|
|
- * This calls lpcfg_server_signing_allowed() to get the correct
|
|
- * defaults, e.g. signing_required for an ad_dc.
|
|
- */
|
|
if (xconn->smb2.signing_mandatory) {
|
|
security_mode |= SMB2_NEGOTIATE_SIGNING_REQUIRED;
|
|
}
|
|
--
|
|
2.39.3
|
|
|