From e4ad580b99c5b372353c285569204ab94c177748 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Sat, 7 Jun 2008 08:14:25 -0700
Subject: fixed mandatory signing

Metze pointed out that if signing is mandatory in the server then we
need to reject packets without the signed flag if the packet contains
a session id.
(This used to be commit 056f16e664e581bab1c07759e99ad4f6685c58eb)
---
 source4/smb_server/smb2/sesssetup.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'source4/smb_server/smb2/sesssetup.c')

diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c
index 482dd181c2..9fb3220005 100644
--- a/source4/smb_server/smb2/sesssetup.c
+++ b/source4/smb_server/smb2/sesssetup.c
@@ -181,8 +181,7 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses
 	/* note that we ignore SMB2_NEGOTIATE_SIGNING_ENABLED from the client.
 	   This is deliberate as windows does not set it even when it does 
 	   set SMB2_NEGOTIATE_SIGNING_REQUIRED */
-	if ((io->smb2.in.security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) ||
-	    lp_server_signing(req->smb_conn->lp_ctx) == SMB_SIGNING_REQUIRED) {
+	if (io->smb2.in.security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) {
 		req->smb_conn->doing_signing = true;
 	}
 
-- 
cgit