smbd: Make SMB3 clients use encryption with "smb encrypt = auto"

Slight modification for 4.1 by Michael Adam <obnox@samba.org>
(s/xconn/conn/ in smb2_sesssetup.c)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Mar  3 10:40:42 CET 2015 on sn-devel-104

(cherry picked from commit b3385f74db54bd8a07a0be5515151b633c067da4)

2 files changed, 10 insertions, 0 deletions

diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 9f34a09931d..e7fc403c9be 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -190,6 +190,11 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
 		x->global->signing_required = true;
 	}
 
+	if ((lp_smb_encrypt(-1) > SMB_SIGNING_OFF) &&
+	    (conn->smb2.client.capabilities & SMB2_CAP_ENCRYPTION)) {
+		x->global->encryption_required = true;
+	}
+
 	if (lp_smb_encrypt(-1) == SMB_SIGNING_REQUIRED) {
 		x->global->encryption_required = true;
 	}
diff --git a/source3/smbd/smb2_tcon.c b/source3/smbd/smb2_tcon.c
index ef2e318b24c..bde05b5f360 100644
--- a/source3/smbd/smb2_tcon.c
+++ b/source3/smbd/smb2_tcon.c
@@ -236,6 +236,11 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req,
 		return NT_STATUS_BAD_NETWORK_NAME;
 	}
 
+	if ((lp_smb_encrypt(snum) > SMB_SIGNING_OFF) &&
+	    (conn->smb2.client.capabilities & SMB2_CAP_ENCRYPTION)) {
+		encryption_required = true;
+	}
+
 	if (lp_smb_encrypt(snum) == SMB_SIGNING_REQUIRED) {
 		encryption_required = true;
 	}