From 4b64ec546f0cb982866b1f66aa8f8844f25c91c9 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 23 Jul 2012 11:38:31 +0200
Subject: libcli/smb: set should_encrypt = true if we got
 SMB2_SESSION_FLAG_ENCRYPT_DATA

metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jul 23 20:14:07 CEST 2012 on sn-devel-104
---
 libcli/smb/smbXcli_base.c | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

(limited to 'libcli/smb')

diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index b85c5ab9a8..326a43df05 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -2427,13 +2427,14 @@ struct tevent_req *smb2cli_req_create(TALLOC_CTX *mem_ctx,
 			state->smb2.should_sign = true;
 		}
 
-		if (cmd == SMB2_OP_SESSSETUP) {
+		if (cmd == SMB2_OP_SESSSETUP &&
+		    session->smb2.channel_signing_key.length == 0) {
 			state->smb2.should_encrypt = false;
 		}
 
 		if (state->smb2.should_encrypt) {
 			state->smb2.should_sign = false;
-		};
+		}
 	}
 
 	state->smb2.recv_iov = talloc_zero_array(state, struct iovec, 3);
@@ -4382,6 +4383,18 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
 		session->smb2.should_sign = true;
 	}
 
+	if (session->smb2.session_flags & SMB2_SESSION_FLAG_ENCRYPT_DATA) {
+		session->smb2.should_encrypt = true;
+	}
+
+	if (conn->protocol < PROTOCOL_SMB2_24) {
+		session->smb2.should_encrypt = false;
+	}
+
+	if (!(conn->smb2.server.capabilities & SMB2_CAP_ENCRYPTION)) {
+		session->smb2.should_encrypt = false;
+	}
+
 	generate_random_buffer((uint8_t *)&session->smb2.channel_nonce,
 			       sizeof(session->smb2.channel_nonce));
 	session->smb2.channel_next = 1;
-- 
cgit