diff options
author | Volker Lendecke <vl@samba.org> | 2015-02-25 16:59:26 +0100 |
---|---|---|
committer | Volker Lendecke <vl@samba.org> | 2015-03-03 10:40:42 +0100 |
commit | b3385f74db54bd8a07a0be5515151b633c067da4 (patch) | |
tree | c9d2f60077581c02f91dfae1249b4eeceabc36a8 /source3 | |
parent | a3adad7a1799703c6620d7e6590321d796291831 (diff) | |
download | samba-b3385f74db54bd8a07a0be5515151b633c067da4.tar.gz samba-b3385f74db54bd8a07a0be5515151b633c067da4.tar.xz samba-b3385f74db54bd8a07a0be5515151b633c067da4.zip |
smbd: Make SMB3 clients use encryption with "smb encrypt = auto"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Mar 3 10:40:42 CET 2015 on sn-devel-104
Diffstat (limited to 'source3')
-rw-r--r-- | source3/smbd/smb2_sesssetup.c | 5 | ||||
-rw-r--r-- | source3/smbd/smb2_tcon.c | 5 |
2 files changed, 10 insertions, 0 deletions
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c index 2f58e44f55..fb7edce38c 100644 --- a/source3/smbd/smb2_sesssetup.c +++ b/source3/smbd/smb2_sesssetup.c @@ -190,6 +190,11 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session, x->global->signing_required = true; } + if ((lp_smb_encrypt(-1) > SMB_SIGNING_OFF) && + (xconn->smb2.client.capabilities & SMB2_CAP_ENCRYPTION)) { + x->global->encryption_required = true; + } + if (lp_smb_encrypt(-1) == SMB_SIGNING_REQUIRED) { x->global->encryption_required = true; } diff --git a/source3/smbd/smb2_tcon.c b/source3/smbd/smb2_tcon.c index bf33fcbf72..cf085a5258 100644 --- a/source3/smbd/smb2_tcon.c +++ b/source3/smbd/smb2_tcon.c @@ -235,6 +235,11 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req, return NT_STATUS_BAD_NETWORK_NAME; } + if ((lp_smb_encrypt(snum) > SMB_SIGNING_OFF) && + (conn->smb2.client.capabilities & SMB2_CAP_ENCRYPTION)) { + encryption_required = true; + } + if (lp_smb_encrypt(snum) == SMB_SIGNING_REQUIRED) { encryption_required = true; } |