48 lines
1.5 KiB
Diff
48 lines
1.5 KiB
Diff
From d2c3c0ccc6ec7f38b995545d31431d013bd7e047 Mon Sep 17 00:00:00 2001
|
|
From: Andreas Schneider <asn@samba.org>
|
|
Date: Mon, 4 Nov 2019 08:40:34 +0100
|
|
Subject: [PATCH 138/187] libcli:smb: Do not use gnutls_aead_cipher_encryptv2()
|
|
with GnuTLS 3.6.10
|
|
|
|
The gnutls_aead_cipher_encryptv2() implementation was released with a
|
|
bug. This wont be fixed before 3.6.11.
|
|
|
|
See https://gitlab.com/gnutls/gnutls/merge_requests/1085
|
|
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
Reviewed-by: Alexander Bokovoy <ab@samba.org>
|
|
(cherry picked from commit 176d0f0364bc1deb3c8df2f3bb928e01f89f216b)
|
|
---
|
|
libcli/smb/smb2_signing.c | 8 ++++++--
|
|
1 file changed, 6 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c
|
|
index 166ab9d83ff..7561a7a858d 100644
|
|
--- a/libcli/smb/smb2_signing.c
|
|
+++ b/libcli/smb/smb2_signing.c
|
|
@@ -478,7 +478,9 @@ NTSTATUS smb2_signing_encrypt_pdu(struct smb2_signing_key *encryption_key,
|
|
0,
|
|
16 - iv_size);
|
|
|
|
-#ifdef HAVE_GNUTLS_AEAD_CIPHER_ENCRYPTV2
|
|
+/* gnutls_aead_cipher_encryptv2() has a bug in version 3.6.10 */
|
|
+#if defined(HAVE_GNUTLS_AEAD_CIPHER_ENCRYPTV2) && \
|
|
+ GNUTLS_VERSION_NUMBER > 0x03060a
|
|
{
|
|
uint8_t tag[tag_size];
|
|
giovec_t auth_iov[1];
|
|
@@ -679,7 +681,9 @@ NTSTATUS smb2_signing_decrypt_pdu(struct smb2_signing_key *decryption_key,
|
|
}
|
|
}
|
|
|
|
-#ifdef HAVE_GNUTLS_AEAD_CIPHER_ENCRYPTV2
|
|
+/* gnutls_aead_cipher_encryptv2() has a bug in version 3.6.10 */
|
|
+#if defined(HAVE_GNUTLS_AEAD_CIPHER_ENCRYPTV2) && \
|
|
+ GNUTLS_VERSION_NUMBER > 0x03060a
|
|
{
|
|
giovec_t auth_iov[1];
|
|
|
|
--
|
|
2.23.0
|
|
|