From 49a335731a7139a5c66be596f3d544bef72a8556 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 3 Oct 2012 12:50:42 -0700 Subject: Revert "Fix bug #9222 - smbd ignores the "server signing = no" setting for SMB2." This reverts commit dfd3c31a3f9eea96854b2d22574856368e86b245. As Metze pointed out: From MS-SMB2 section 2.2.4: SMB2_NEGOTIATE_SIGNING_ENABLED When set, indicates that security signatures are enabled on the server. The server MUST set this bit, and the client MUST return STATUS_INVALID_NETWORK_RESPONSE if the flag is missing. I'll submit a documentation bug to fix #9222 that way. --- source3/smbd/smb2_negprot.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'source3/smbd/smb2_negprot.c') diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c index 826e0d1d2a..6adc5819ec 100644 --- a/source3/smbd/smb2_negprot.c +++ b/source3/smbd/smb2_negprot.c @@ -92,7 +92,7 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req) DATA_BLOB security_buffer; size_t expected_dyn_size = 0; size_t c; - uint16_t security_mode = 0; + uint16_t security_mode; uint16_t dialect_count; uint16_t in_security_mode; uint32_t in_capabilities; @@ -244,11 +244,9 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req) return smbd_smb2_request_error(req, NT_STATUS_INTERNAL_ERROR); } - if (lp_server_signing() != SMB_SIGNING_OFF) { - security_mode = SMB2_NEGOTIATE_SIGNING_ENABLED; - if (lp_server_signing() == SMB_SIGNING_REQUIRED) { - security_mode |= SMB2_NEGOTIATE_SIGNING_REQUIRED; - } + security_mode = SMB2_NEGOTIATE_SIGNING_ENABLED; + if (lp_server_signing() == SMB_SIGNING_REQUIRED) { + security_mode |= SMB2_NEGOTIATE_SIGNING_REQUIRED; } capabilities = 0; -- cgit