libcli/smb: defer failing for missing NEGOTIATE_SECURITY_SIGNATURES_ENABLED

Windows servers take a look at the FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED
flag during a session setup and turn on signing if the client requires it.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

1 files changed, 9 insertions, 0 deletions

diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index 4c60a05693..cd995e9f85 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -4046,6 +4046,15 @@ static void smbXcli_negprot_smb1_done(struct tevent_req *subreq)
 		if (server_security_mode & NEGOTIATE_SECURITY_SIGNATURES_ENABLED) {
 			server_signing = "supported";
 			server_allowed = true;
+		} else if (conn->mandatory_signing) {
+			/*
+			 * We have mandatory signing as client
+			 * lets assume the server will look at our
+			 * FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED
+			 * flag in the session setup
+			 */
+			server_signing = "not announced";
+			server_allowed = true;
 		}
 		if (server_security_mode & NEGOTIATE_SECURITY_SIGNATURES_REQUIRED) {
 			server_signing = "required";