From 4830921dcf46d040c2b21b071169e8b9f428da5a Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 25 Feb 2015 16:59:26 +0100 Subject: [PATCH] smbd: Make SMB3 clients use encryption with "smb encrypt = auto" Slight modification for 4.1 by Michael Adam (s/xconn/conn/ in smb2_sesssetup.c) BUG: https://bugzilla.samba.org/show_bug.cgi?id=11372 Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Mar 3 10:40:42 CET 2015 on sn-devel-104 (cherry picked from commit b3385f74db54bd8a07a0be5515151b633c067da4) --- source3/smbd/smb2_sesssetup.c | 5 +++++ source3/smbd/smb2_tcon.c | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c index 9f34a09..e7fc403 100644 --- a/source3/smbd/smb2_sesssetup.c +++ b/source3/smbd/smb2_sesssetup.c @@ -190,6 +190,11 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session, x->global->signing_required = true; } + if ((lp_smb_encrypt(-1) > SMB_SIGNING_OFF) && + (conn->smb2.client.capabilities & SMB2_CAP_ENCRYPTION)) { + x->global->encryption_required = true; + } + if (lp_smb_encrypt(-1) == SMB_SIGNING_REQUIRED) { x->global->encryption_required = true; } diff --git a/source3/smbd/smb2_tcon.c b/source3/smbd/smb2_tcon.c index ef2e318..bde05b5 100644 --- a/source3/smbd/smb2_tcon.c +++ b/source3/smbd/smb2_tcon.c @@ -236,6 +236,11 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req, return NT_STATUS_BAD_NETWORK_NAME; } + if ((lp_smb_encrypt(snum) > SMB_SIGNING_OFF) && + (conn->smb2.client.capabilities & SMB2_CAP_ENCRYPTION)) { + encryption_required = true; + } + if (lp_smb_encrypt(snum) == SMB_SIGNING_REQUIRED) { encryption_required = true; } -- 2.4.3