Revert "Fix bug #9222 - smbd ignores the "server signing = no" setting for SMB2."

This reverts commit dfd3c31a3f9eea96854b2d22574856368e86b245.

As Metze pointed out:

From MS-SMB2 section 2.2.4:

SMB2_NEGOTIATE_SIGNING_ENABLED

When set, indicates that security signatures are enabled
on the server. The server MUST set this bit, and the client MUST return
STATUS_INVALID_NETWORK_RESPONSE if the flag is missing.

I'll submit a documentation bug to fix #9222 that way.

1 files changed, 4 insertions, 6 deletions

diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c
index 826e0d1d2a..6adc5819ec 100644
--- a/source3/smbd/smb2_negprot.c
+++ b/source3/smbd/smb2_negprot.c
@@ -92,7 +92,7 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
 	DATA_BLOB security_buffer;
 	size_t expected_dyn_size = 0;
 	size_t c;
-	uint16_t security_mode = 0;
+	uint16_t security_mode;
 	uint16_t dialect_count;
 	uint16_t in_security_mode;
 	uint32_t in_capabilities;
@@ -244,11 +244,9 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
 		return smbd_smb2_request_error(req, NT_STATUS_INTERNAL_ERROR);
 	}
 
-	if (lp_server_signing() != SMB_SIGNING_OFF) {
-		security_mode = SMB2_NEGOTIATE_SIGNING_ENABLED;
-		if (lp_server_signing() == SMB_SIGNING_REQUIRED) {
-			security_mode |= SMB2_NEGOTIATE_SIGNING_REQUIRED;
-		}
+	security_mode = SMB2_NEGOTIATE_SIGNING_ENABLED;
+	if (lp_server_signing() == SMB_SIGNING_REQUIRED) {
+		security_mode |= SMB2_NEGOTIATE_SIGNING_REQUIRED;
 	}
 
 	capabilities = 0;