From 80adeb01fee5aef5cd05963c4ceb9f1319bc390b Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow@samba.org>
Date: Tue, 22 Mar 2016 16:25:32 +0100
Subject: CVE-2016-2114: libcli/smb: let mandatory signing imply allowed
 signing
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11687

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
---
 libcli/smb/smb_signing.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'libcli')

diff --git a/libcli/smb/smb_signing.c b/libcli/smb/smb_signing.c
index e128e8f8a0b..a7bc819f489 100644
--- a/libcli/smb/smb_signing.c
+++ b/libcli/smb/smb_signing.c
@@ -424,6 +424,10 @@ bool smb_signing_set_negotiated(struct smb_signing_state *si,
 		return true;
 	}
 
+	if (mandatory) {
+		allowed = true;
+	}
+
 	if (!si->allowed && mandatory) {
 		return false;
 	}
-- 
cgit v1.2.1