fixed mandatory signing

Metze pointed out that if signing is mandatory in the server then we
need to reject packets without the signed flag if the packet contains
a session id.
(This used to be commit 056f16e664e581bab1c07759e99ad4f6685c58eb)

1 files changed, 4 insertions, 0 deletions

diff --git a/source4/smb_server/smb2/receive.c b/source4/smb_server/smb2/receive.c
index 3def8fe563..2f4e9df2b6 100644
--- a/source4/smb_server/smb2/receive.c
+++ b/source4/smb_server/smb2/receive.c
@@ -321,6 +321,10 @@ static NTSTATUS smb2srv_reply(struct smb2srv_request *req)
 			smb2srv_send_error(req, status);
 			return NT_STATUS_OK;			
 		}
+	} else if (req->smb_conn->doing_signing && req->session != NULL) {
+		/* we require signing and this request was not signed */
+		smb2srv_send_error(req, NT_STATUS_ACCESS_DENIED);
+		return NT_STATUS_OK;					
 	}
 
 	/* TODO: check the seqnum */