diff options
-rw-r--r-- | selftest/knownfail.d/session-expire | 2 | ||||
-rw-r--r-- | source3/smbd/smb2_server.c | 15 |
2 files changed, 10 insertions, 7 deletions
diff --git a/selftest/knownfail.d/session-expire b/selftest/knownfail.d/session-expire deleted file mode 100644 index 033564afb58..00000000000 --- a/selftest/knownfail.d/session-expire +++ /dev/null @@ -1,2 +0,0 @@ -^samba3.smb2.session krb5.expire1e -^samba3.smb2.session krb5.expire2e diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c index 177e5ffc2f2..af065e9e43f 100644 --- a/source3/smbd/smb2_server.c +++ b/source3/smbd/smb2_server.c @@ -2364,7 +2364,11 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) req->async_internal = false; req->do_signing = false; - req->do_encryption = false; + if (opcode != SMB2_OP_SESSSETUP) { + req->do_encryption = encryption_desired; + } else { + req->do_encryption = false; + } req->was_encrypted = false; if (intf_v->iov_len == SMB2_TF_HDR_SIZE) { const uint8_t *intf = SMBD_SMB2_IN_TF_PTR(req); @@ -2388,9 +2392,11 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) } req->was_encrypted = true; + req->do_encryption = true; } if (encryption_required && !req->was_encrypted) { + req->do_encryption = true; return smbd_smb2_request_error(req, NT_STATUS_ACCESS_DENIED); } @@ -2526,15 +2532,14 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) encryption_required = true; } if (encryption_required && !req->was_encrypted) { + req->do_encryption = true; return smbd_smb2_request_error(req, NT_STATUS_ACCESS_DENIED); + } else if (encryption_desired) { + req->do_encryption = true; } } - if (req->was_encrypted || encryption_desired) { - req->do_encryption = true; - } - if (req->session) { bool update_session_global = false; bool update_tcon_global = false; |