diff options
author | Stefan Metzmacher <metze@samba.org> | 2016-12-12 05:49:46 +0100 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2017-09-13 09:19:48 -0700 |
commit | 95f6e5b574856453c3ef36ebe9ae86d8456e6404 (patch) | |
tree | dd7a5566dc49780b88077e345a0e6fc357ea16b4 | |
parent | 26b87d01b015c83a4670db62839f5c84b6e66478 (diff) | |
download | samba-95f6e5b574856453c3ef36ebe9ae86d8456e6404.tar.gz |
CVE-2017-12150: libgpo: make use of SMB_SIGNING_REQUIRED in gpo_connect_server()
It's important that we use a signed connection to get the GPOs!
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12997
Signed-off-by: Stefan Metzmacher <metze@samba.org>
-rw-r--r-- | libgpo/gpo_fetch.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/libgpo/gpo_fetch.c b/libgpo/gpo_fetch.c index 6b01544faee..cb969ff4270 100644 --- a/libgpo/gpo_fetch.c +++ b/libgpo/gpo_fetch.c @@ -133,7 +133,7 @@ static NTSTATUS gpo_connect_server(ADS_STRUCT *ads, ads->auth.password, CLI_FULL_CONNECTION_USE_KERBEROS | CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS, - Undefined); + SMB_SIGNING_REQUIRED); if (!NT_STATUS_IS_OK(result)) { DEBUG(10,("check_refresh_gpo: " "failed to connect: %s\n", |