diff options
author | Jeremy Allison <jra@samba.org> | 2007-12-27 16:54:07 -0800 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2007-12-27 16:54:07 -0800 |
commit | 675f41dc144fc0c150b44d931a9242f1ac1ebe5f (patch) | |
tree | 8efdd01e9f01ec21f9b5657cfe748c668c0d24fa /source3/smbd/trans2.c | |
parent | 94ee39c23f6e4a8c31701240795c288299d6bb08 (diff) | |
download | samba-675f41dc144fc0c150b44d931a9242f1ac1ebe5f.tar.gz samba-675f41dc144fc0c150b44d931a9242f1ac1ebe5f.tar.xz samba-675f41dc144fc0c150b44d931a9242f1ac1ebe5f.zip |
Add "smb encrypt" parameter. Can be set to "no, yes, required".
Currently if set required this is not enforced. I'll be adding
that soon.
Jeremy.
(This used to be commit df7e447623ac03d81bec384f5cfe83c3976cf7b2)
Diffstat (limited to 'source3/smbd/trans2.c')
-rw-r--r-- | source3/smbd/trans2.c | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 5a8fe41d27d..ee4787199e5 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -2729,11 +2729,27 @@ cBytesSector=%u, cUnitTotal=%u, cUnitAvail=%d\n", (unsigned int)bsize, (unsigned { bool large_write = lp_min_receive_file_size() && !srv_is_signing_active(); + int encrypt_caps = 0; if (!lp_unix_extensions()) { reply_nterror(req, NT_STATUS_INVALID_LEVEL); return; } + + switch (lp_smb_encrypt(SNUM(conn))) { + case 0: + encrypt_caps = 0; + break; + case 1: + case Auto: + encrypt_caps = CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP; + break; + case Required: + encrypt_caps = CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP| + CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP; + break; + } + data_len = 12; SSVAL(pdata,0,CIFS_UNIX_MAJOR_VERSION); SSVAL(pdata,2,CIFS_UNIX_MINOR_VERSION); @@ -2748,7 +2764,7 @@ cBytesSector=%u, cUnitTotal=%u, cUnitAvail=%d\n", (unsigned int)bsize, (unsigned CIFS_UNIX_EXTATTR_CAP| CIFS_UNIX_POSIX_PATH_OPERATIONS_CAP| CIFS_UNIX_LARGE_READ_CAP| - CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP| + encrypt_caps| (large_write ? CIFS_UNIX_LARGE_WRITE_CAP : 0)))); break; @@ -3016,6 +3032,13 @@ cap_low = 0x%x, cap_high = 0x%x\n", return; } + if (lp_smb_encrypt(SNUM(conn)) == false) { + reply_nterror( + req, + NT_STATUS_NOT_SUPPORTED); + return; + } + DEBUG( 4,("call_trans2setfsinfo: " "request transport encrption.\n")); |