From 1d15fc75a33b7368049876368f4b70c188bbd55e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 15 Mar 2013 15:05:31 -0700 Subject: [PATCH] Fix bug #9724 - is_encrypted_packet() function incorrectly used inside server. The is_encrypted_packet() function should only be used on the raw received data to determine if a packet came in encrypted. Once we're inside the SMB1 processing code in smbd/reply.c we should be looking at the smb1request->encrypted field to determine if a packet was really encrypted or not. Signed-off-by: Jeremy Allison Reviewed-by: Stefan Metzmacher Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Sat Mar 16 12:44:44 CET 2013 on sn-devel-104 --- source3/smbd/reply.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 64c4fdbe592..2c31f159171 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3294,8 +3294,7 @@ void reply_readbraw(struct smb_request *req) START_PROFILE(SMBreadbraw); - if (srv_is_signing_active(sconn) || - is_encrypted_packet(sconn, req->inbuf)) { + if (srv_is_signing_active(sconn) || req->encrypted) { exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - " "raw reads/writes are disallowed."); } @@ -3698,7 +3697,7 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, */ if (!req_is_in_chain(req) && - !is_encrypted_packet(req->sconn, req->inbuf) && + !req->encrypted && (fsp->base_fsp == NULL) && (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) { -- 2.11.4.GIT