CVE-2017-12150: libgpo: make use of SMB_SIGNING_REQUIRED in gpo_connect_server()

It's important that we use a signed connection to get the GPOs! BUG: https://bugzilla.samba.org/show_bug.cgi?id=12997 Signed-off-by: Stefan Metzmacher <metze@samba.org>
author: Stefan Metzmacher <metze@samba.org> 2016-12-12 05:49:46 +0100
committer: Stefan Metzmacher <metze@samba.org> 2017-09-04 11:34:43 +0200
commit: 5d296e6ea32ca2df035dd35e6f21b82390f87f86 (patch)
tree: b6e9e7dc10fa6c701f07b69c509aab80cc03aae4
parent: f82c235484d03e22ad78a79e9cf2f14c8455df56 (diff)
download: samba-5d296e6ea32ca2df035dd35e6f21b82390f87f86.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/libgpo/gpo_fetch.c b/libgpo/gpo_fetch.c
index 836bc23f2d2..3740d4e4b57 100644
--- a/libgpo/gpo_fetch.c
+++ b/libgpo/gpo_fetch.c
@@ -133,7 +133,7 @@ static NTSTATUS gpo_connect_server(ADS_STRUCT *ads,
 			ads->auth.password,
 			CLI_FULL_CONNECTION_USE_KERBEROS |
 			CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS,
-			Undefined);
+			SMB_SIGNING_REQUIRED);
 	if (!NT_STATUS_IS_OK(result)) {
 		DEBUG(10,("check_refresh_gpo: "
 				"failed to connect: %s\n",
author	Stefan Metzmacher <metze@samba.org>	2016-12-12 05:49:46 +0100
committer	Stefan Metzmacher <metze@samba.org>	2017-09-04 11:34:43 +0200
commit	5d296e6ea32ca2df035dd35e6f21b82390f87f86 (patch)
tree	b6e9e7dc10fa6c701f07b69c509aab80cc03aae4
parent	f82c235484d03e22ad78a79e9cf2f14c8455df56 (diff)
download	samba-5d296e6ea32ca2df035dd35e6f21b82390f87f86.tar.gz