CVE-2016-2113: s4:lib/tls: implement infrastructure to do peer verification

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11752 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
author: Stefan Metzmacher <metze@samba.org> 2015-12-23 16:17:04 +0100
committer: Stefan Metzmacher <metze@samba.org> 2016-04-12 19:25:25 +0200
commit: 64a9cd2a38d8a9503560524f5a6feea25651f11c (patch)
tree: c3ed3e8de58336858e4e444d49523edc361d15ed /source4/libcli
parent: b5681c4125806af47a4842c02f8f5e0a1eb69e59 (diff)
download: samba-64a9cd2a38d8a9503560524f5a6feea25651f11c.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/source4/libcli/ldap/ldap_client.c b/source4/libcli/ldap/ldap_client.c
index 97a83cec4ab..152d5b9dbc7 100644
--- a/source4/libcli/ldap/ldap_client.c
+++ b/source4/libcli/ldap/ldap_client.c
@@ -475,6 +475,8 @@ _PUBLIC_ struct composite_context *ldap_connect_send(struct ldap_connection *con
 							   ca_file,
 							   crl_file,
 							   tls_priority,
+							   TLS_VERIFY_PEER_NO_CHECK,
+							   NULL,
 							   &state->tls_params);
 			if (!NT_STATUS_IS_OK(status)) {
 				composite_error(result, status);
author	Stefan Metzmacher <metze@samba.org>	2015-12-23 16:17:04 +0100
committer	Stefan Metzmacher <metze@samba.org>	2016-04-12 19:25:25 +0200
commit	64a9cd2a38d8a9503560524f5a6feea25651f11c (patch)
tree	c3ed3e8de58336858e4e444d49523edc361d15ed /source4/libcli
parent	b5681c4125806af47a4842c02f8f5e0a1eb69e59 (diff)
download	samba-64a9cd2a38d8a9503560524f5a6feea25651f11c.tar.gz