From 4b64ec546f0cb982866b1f66aa8f8844f25c91c9 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 23 Jul 2012 11:38:31 +0200 Subject: [PATCH] libcli/smb: set should_encrypt = true if we got SMB2_SESSION_FLAG_ENCRYPT_DATA metze Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Mon Jul 23 20:14:07 CEST 2012 on sn-devel-104 --- libcli/smb/smbXcli_base.c | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c index b85c5ab9a85..326a43df055 100644 --- a/libcli/smb/smbXcli_base.c +++ b/libcli/smb/smbXcli_base.c @@ -2427,13 +2427,14 @@ struct tevent_req *smb2cli_req_create(TALLOC_CTX *mem_ctx, state->smb2.should_sign = true; } - if (cmd == SMB2_OP_SESSSETUP) { + if (cmd == SMB2_OP_SESSSETUP && + session->smb2.channel_signing_key.length == 0) { state->smb2.should_encrypt = false; } if (state->smb2.should_encrypt) { state->smb2.should_sign = false; - }; + } } state->smb2.recv_iov = talloc_zero_array(state, struct iovec, 3); @@ -4382,6 +4383,18 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session, session->smb2.should_sign = true; } + if (session->smb2.session_flags & SMB2_SESSION_FLAG_ENCRYPT_DATA) { + session->smb2.should_encrypt = true; + } + + if (conn->protocol < PROTOCOL_SMB2_24) { + session->smb2.should_encrypt = false; + } + + if (!(conn->smb2.server.capabilities & SMB2_CAP_ENCRYPTION)) { + session->smb2.should_encrypt = false; + } + generate_random_buffer((uint8_t *)&session->smb2.channel_nonce, sizeof(session->smb2.channel_nonce)); session->smb2.channel_next = 1;