From 204cbe3645c59b43175beeadad792b4a00e80da3 Mon Sep 17 00:00:00 2001
From: Michael Adam <obnox@samba.org>
Date: Tue, 30 Jun 2015 14:16:19 +0200
Subject: Introduce setting "desired" for 'smb encrypt' and 'client/server
 signing'

This should trigger the behaviour where the server requires
signing when the client supports it, but does not reject
clients that don't support it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
---
 source4/smb_server/smb2/negprot.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'source4/smb_server')

diff --git a/source4/smb_server/smb2/negprot.c b/source4/smb_server/smb2/negprot.c
index 81f2547a8e0..b48b1700bf0 100644
--- a/source4/smb_server/smb2/negprot.c
+++ b/source4/smb_server/smb2/negprot.c
@@ -150,6 +150,7 @@ static NTSTATUS smb2srv_negprot_backend(struct smb2srv_request *req, struct smb2
 	case SMB_SIGNING_OFF:
 		io->out.security_mode = 0;
 		break;
+	case SMB_SIGNING_DESIRED:
 	case SMB_SIGNING_IF_REQUIRED:
 		io->out.security_mode = SMB2_NEGOTIATE_SIGNING_ENABLED;
 		break;
-- 
cgit v1.2.1