2025-08-04 08:22:08 +03:00 · 2020-05-28 18:11:31 +02:00
parent 62a4705dbc
commit 6f552204d4
6 changed files with 17 additions and 16 deletions
--- a/python/samba/gpclass.py
+++ b/python/samba/gpclass.py
@ -399,7 +399,7 @@ def check_refresh_gpo_list(dc_hostname, lp, creds, gpos):
    # Force signing for the connection
    saved_signing_state = creds.get_smb_signing()
    creds.set_smb_signing(SMB_SIGNING_REQUIRED)
-    conn = libsmb.Conn(dc_hostname, 'sysvol', lp=s3_lp, creds=creds, sign=True)
+    conn = libsmb.Conn(dc_hostname, 'sysvol', lp=s3_lp, creds=creds)
    # Reset signing state
    creds.set_smb_signing(saved_signing_state)
    cache_path = lp.cache_path('gpo_cache')
--- a/python/samba/netcmd/domain_backup.py
+++ b/python/samba/netcmd/domain_backup.py
@ -120,7 +120,7 @@ def smb_sysvol_conn(server, lp, creds):
    # Force signing for the connection
    saved_signing_state = creds.get_smb_signing()
    creds.set_smb_signing(SMB_SIGNING_REQUIRED)
-    conn = libsmb.Conn(server, "sysvol", lp=s3_lp, creds=creds, sign=True)
+    conn = libsmb.Conn(server, "sysvol", lp=s3_lp, creds=creds)
    # Reset signing state
    creds.set_smb_signing(saved_signing_state)
    return conn
--- a/python/samba/netcmd/gpo.py
+++ b/python/samba/netcmd/gpo.py
@ -392,7 +392,7 @@ def smb_connection(dc_hostname, service, lp, creds):
        # the SMB bindings rely on having a s3 loadparm
        s3_lp = s3param.get_context()
        s3_lp.load(lp.configfile)
-        conn = libsmb.Conn(dc_hostname, service, lp=s3_lp, creds=creds, sign=True)
+        conn = libsmb.Conn(dc_hostname, service, lp=s3_lp, creds=creds)
    except Exception:
        raise CommandError("Error connecting to '%s' using SMB" % dc_hostname)
    # Reset signing state
--- a/python/samba/tests/dcerpc/raw_testcase.py
+++ b/python/samba/tests/dcerpc/raw_testcase.py
@ -45,7 +45,7 @@ class smb_pipe_socket(object):
        saved_signing_state = creds.get_smb_ipc_signing()
        creds.set_smb_ipc_signing(SMB_SIGNING_REQUIRED)
        self.smbconn = libsmb.Conn(target_hostname, 'IPC$', lp3,
-                                   creds=creds, ipc=True, sign=True)
+                                   creds=creds, ipc=True)
        creds.set_smb_ipc_signing(saved_signing_state)
        self.smbfid = self.smbconn.create(pipename,
                                          DesiredAccess=0x12019f,
--- a/source3/client/client.c
+++ b/source3/client/client.c
@ -6228,7 +6228,10 @@ static int do_message_op(struct user_auth_info *a_info)

 	status = cli_connect_nb(desthost, have_ip ? &dest_ss : NULL,
 				port ? port : NBT_SMB_PORT, name_type,
-				lp_netbios_name(), SMB_SIGNING_DEFAULT, 0, &cli);
+				lp_netbios_name(),
+				SMB_SIGNING_OFF,
+				0,
+				&cli);
 	if (!NT_STATUS_IS_OK(status)) {
 		d_printf("Connection to %s failed. Error %s\n", desthost, nt_errstr(status));
 		return 1;
--- a/source3/libsmb/pylibsmb.c
+++ b/source3/libsmb/pylibsmb.c
@ -440,9 +440,7 @@ static int py_cli_state_init(struct py_cli_state *self, PyObject *args,
 	PyObject *py_lp = Py_None;
 	PyObject *py_multi_threaded = Py_False;
 	bool multi_threaded = false;
-	PyObject *py_sign = Py_False;
-	bool sign = false;
-	int signing_state = SMB_SIGNING_DEFAULT;
+	enum smb_signing_setting signing_state = SMB_SIGNING_DEFAULT;
 	PyObject *py_force_smb1 = Py_False;
 	bool force_smb1 = false;
 	PyObject *py_ipc = Py_False;
@ -453,7 +451,7 @@ static int py_cli_state_init(struct py_cli_state *self, PyObject *args,

 	static const char *kwlist[] = {
 		"host", "share", "lp", "creds",
-		"multi_threaded", "sign", "force_smb1",
+		"multi_threaded", "force_smb1",
 		"ipc",
 		NULL
 	};
@ -465,11 +463,10 @@ static int py_cli_state_init(struct py_cli_state *self, PyObject *args,
 	}

 	ret = ParseTupleAndKeywords(
-		args, kwds, "ssO|O!OOOO", kwlist,
+		args, kwds, "ssO|O!OOO", kwlist,
 		&host, &share, &py_lp,
 		py_type_Credentials, &creds,
 		&py_multi_threaded,
-		&py_sign,
 		&py_force_smb1,
 		&py_ipc);

@ -480,13 +477,8 @@ static int py_cli_state_init(struct py_cli_state *self, PyObject *args,
 	}

 	multi_threaded = PyObject_IsTrue(py_multi_threaded);
-	sign = PyObject_IsTrue(py_sign);
 	force_smb1 = PyObject_IsTrue(py_force_smb1);

-	if (sign) {
-		signing_state = SMB_SIGNING_REQUIRED;
-	}
-
 	if (force_smb1) {
 		/*
 		 * As most of the cli_*_send() function
@ -532,6 +524,12 @@ static int py_cli_state_init(struct py_cli_state *self, PyObject *args,
 		cli_creds = PyCredentials_AsCliCredentials(creds);
 	}

+	if (use_ipc) {
+		signing_state = cli_credentials_get_smb_ipc_signing(cli_creds);
+	} else {
+		signing_state = cli_credentials_get_smb_signing(cli_creds);
+	}
+
 	req = cli_full_connection_creds_send(
 		NULL, self->ev, "myname", host, NULL, 0, share, "?????",
 		cli_creds, flags, signing_state);