CVE-2017-12150: libgpo: make use of SMB_SIGNING_REQUIRED in gpo_connect_server()

It's important that we use a signed connection to get the GPOs! BUG: https://bugzilla.samba.org/show_bug.cgi?id=12997 Signed-off-by: Stefan Metzmacher <metze@samba.org>
author: Stefan Metzmacher <metze@samba.org> 2016-12-12 05:49:46 +0100
committer: Karolin Seeger <kseeger@samba.org> 2017-09-20 13:04:10 +0200
commit: 6ca2cfaff9d0b4203f6964d39a0930938a099e03 (patch)
tree: ac2be9da4a426dd4da77ea8e10a5d882f81f1316
parent: 9c1ead502bc3258d444ea0cd5f3148653419d298 (diff)
download: samba-6ca2cfaff9d0b4203f6964d39a0930938a099e03.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/libgpo/gpo_fetch.c b/libgpo/gpo_fetch.c
index 836bc23f2d2..3740d4e4b57 100644
--- a/libgpo/gpo_fetch.c
+++ b/libgpo/gpo_fetch.c
@@ -133,7 +133,7 @@ static NTSTATUS gpo_connect_server(ADS_STRUCT *ads,
 			ads->auth.password,
 			CLI_FULL_CONNECTION_USE_KERBEROS |
 			CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS,
-			Undefined);
+			SMB_SIGNING_REQUIRED);
 	if (!NT_STATUS_IS_OK(result)) {
 		DEBUG(10,("check_refresh_gpo: "
 				"failed to connect: %s\n",
author	Stefan Metzmacher <metze@samba.org>	2016-12-12 05:49:46 +0100
committer	Karolin Seeger <kseeger@samba.org>	2017-09-20 13:04:10 +0200
commit	6ca2cfaff9d0b4203f6964d39a0930938a099e03 (patch)
tree	ac2be9da4a426dd4da77ea8e10a5d882f81f1316
parent	9c1ead502bc3258d444ea0cd5f3148653419d298 (diff)
download	samba-6ca2cfaff9d0b4203f6964d39a0930938a099e03.tar.gz