diff options
| author | Stefan Metzmacher <metze@samba.org> | 2014-04-15 10:08:12 +0200 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2014-04-16 10:07:56 +0200 |
| commit | a56c35a4deec9745ff27a66ddc85db48c5dfaf97 (patch) | |
| tree | b0f88e5f593f67a2a17d56b8e1b1cc248ee07ede /source3/smbd/signing.c | |
| parent | 6d6bd9612c758906f575aa8269adc672c5976f4a (diff) | |
| download | samba-a56c35a4deec9745ff27a66ddc85db48c5dfaf97.tar.gz samba-a56c35a4deec9745ff27a66ddc85db48c5dfaf97.tar.xz samba-a56c35a4deec9745ff27a66ddc85db48c5dfaf97.zip | |
s3:smbd: always allow SMB1 signing, but only announce it if configured.
Always allow the client to turn on SMB1 signing using
FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Apr 16 10:07:56 CEST 2014 on sn-devel-104
Diffstat (limited to 'source3/smbd/signing.c')
| -rw-r--r-- | source3/smbd/signing.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/source3/smbd/signing.c b/source3/smbd/signing.c index 295c9f1b79..b7683cdc9d 100644 --- a/source3/smbd/signing.c +++ b/source3/smbd/signing.c @@ -169,7 +169,7 @@ static void smbd_shm_signing_free(TALLOC_CTX *mem_ctx, void *ptr) bool srv_init_signing(struct smbd_server_connection *conn) { - bool allowed; + bool allowed = true; bool desired; bool mandatory = false; @@ -186,9 +186,12 @@ bool srv_init_signing(struct smbd_server_connection *conn) * This matches Windows behavior and is needed * because not every client that requires signing * sends FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED. + * + * Note that we'll always allow signing if the client + * does send FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED. */ - allowed = desired = lpcfg_server_signing_allowed(lp_ctx, &mandatory); + desired = lpcfg_server_signing_allowed(lp_ctx, &mandatory); talloc_unlink(conn, lp_ctx); if (lp_async_smb_echo_handler()) { |