diff options
author | Volker Lendecke <vl@samba.org> | 2015-02-25 16:59:26 +0100 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2015-07-19 20:13:10 +0200 |
commit | 0b97972bb1e31acbded8c8b674594441c1544269 (patch) | |
tree | 060ec29c03d0ae0893b63df1c27abc42af42e01f | |
parent | 15b323d38c3730f697dd821a798503b9f890b6bd (diff) | |
download | samba-0b97972bb1e31acbded8c8b674594441c1544269.tar.gz |
smbd: Make SMB3 clients use encryption with "smb encrypt = auto"
Slight modification for 4.1 by Michael Adam <obnox@samba.org>
(s/xconn/conn/ in smb2_sesssetup.c)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Mar 3 10:40:42 CET 2015 on sn-devel-104
(cherry picked from commit b3385f74db54bd8a07a0be5515151b633c067da4)
-rw-r--r-- | source3/smbd/smb2_sesssetup.c | 5 | ||||
-rw-r--r-- | source3/smbd/smb2_tcon.c | 5 |
2 files changed, 10 insertions, 0 deletions
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c index 9f34a09931d..e7fc403c9be 100644 --- a/source3/smbd/smb2_sesssetup.c +++ b/source3/smbd/smb2_sesssetup.c @@ -190,6 +190,11 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session, x->global->signing_required = true; } + if ((lp_smb_encrypt(-1) > SMB_SIGNING_OFF) && + (conn->smb2.client.capabilities & SMB2_CAP_ENCRYPTION)) { + x->global->encryption_required = true; + } + if (lp_smb_encrypt(-1) == SMB_SIGNING_REQUIRED) { x->global->encryption_required = true; } diff --git a/source3/smbd/smb2_tcon.c b/source3/smbd/smb2_tcon.c index ef2e318b24c..bde05b5f360 100644 --- a/source3/smbd/smb2_tcon.c +++ b/source3/smbd/smb2_tcon.c @@ -236,6 +236,11 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req, return NT_STATUS_BAD_NETWORK_NAME; } + if ((lp_smb_encrypt(snum) > SMB_SIGNING_OFF) && + (conn->smb2.client.capabilities & SMB2_CAP_ENCRYPTION)) { + encryption_required = true; + } + if (lp_smb_encrypt(snum) == SMB_SIGNING_REQUIRED) { encryption_required = true; } |