From 49e582e5dce443cd96820beeccdce9d46a492d2e Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Fri, 16 Jun 2023 17:25:57 +0200 Subject: [PATCH] CVE-XXX: smbd: fix "server signing = mandatory" This was broken by commit 1f3f6e20dc086a36de52bffd0bc36e15fb19e1c6 for SMB1->SMB2 NEGPROT protocol upgrade as we now only call srv_init_signing() once and very early after accepting the connection in smbd_add_connection(), so at that stage the SMB protocol is still SMB1, so smb2_srv_init_signing() isn't called at all. --- source3/smbd/smb2_negprot.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c index 408faf1481d4..b76c08a67c69 100644 --- a/source3/smbd/smb2_negprot.c +++ b/source3/smbd/smb2_negprot.c @@ -230,6 +230,11 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req) return smbd_smb2_request_error(req, NT_STATUS_NOT_SUPPORTED); } + ok = smb2_srv_init_signing(xconn); + if (!ok) { + return smbd_smb2_request_error(req, NT_STATUS_ACCESS_DENIED); + } + if (protocol >= PROTOCOL_SMB3_11) { uint32_t in_negotiate_context_offset = 0; uint16_t in_negotiate_context_count = 0; -- 2.40.0