From ebb9d4dc542eefbad8bb3d36e3b0ddb65402e192 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 2 Nov 2011 17:50:23 +0100 Subject: s4:smb_server/smb2: add the same SMB_SIGNING_AUTO logic as for smb1 metze --- source4/smb_server/smb2/negprot.c | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) (limited to 'source4/smb_server') diff --git a/source4/smb_server/smb2/negprot.c b/source4/smb_server/smb2/negprot.c index dd69c9fc7e..892953635c 100644 --- a/source4/smb_server/smb2/negprot.c +++ b/source4/smb_server/smb2/negprot.c @@ -97,6 +97,8 @@ static NTSTATUS smb2srv_negprot_backend(struct smb2srv_request *req, struct smb2 struct timeval boot_time; uint16_t i; uint16_t dialect = 0; + enum smb_signing_setting signing_setting; + struct loadparm_context *lp_ctx = req->smb_conn->lp_ctx; /* we only do one dialect for now */ if (io->in.dialect_count < 1) { @@ -119,12 +121,33 @@ static NTSTATUS smb2srv_negprot_backend(struct smb2srv_request *req, struct smb2 boot_time = timeval_current(); /* TODO: fix me */ ZERO_STRUCT(io->out); - switch (lpcfg_server_signing(req->smb_conn->lp_ctx)) { + + signing_setting = lpcfg_server_signing(lp_ctx); + if (signing_setting == SMB_SIGNING_AUTO) { + /* + * If we are a domain controller, SMB signing is + * really important, as it can prevent a number of + * attacks on communications between us and the + * clients + * + * However, it really sucks (no sendfile, CPU + * overhead) performance-wise when used on a + * file server, so disable it by default + * on non-DCs + */ + + if (lpcfg_server_role(lp_ctx) >= ROLE_DOMAIN_CONTROLLER) { + signing_setting = SMB_SIGNING_REQUIRED; + } else { + signing_setting = SMB_SIGNING_OFF; + } + } + + switch (signing_setting) { case SMB_SIGNING_OFF: io->out.security_mode = 0; break; case SMB_SIGNING_SUPPORTED: - case SMB_SIGNING_AUTO: io->out.security_mode = SMB2_NEGOTIATE_SIGNING_ENABLED; break; case SMB_SIGNING_REQUIRED: -- cgit