sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-22 22:04:08 +03:00
Code

s3/smbd: ensure global "smb encrypt = off" is effective for share with "smb encrypt = desired"

Browse Source 
If encryption is disabled globally, per definition we shouldn't allow
enabling encryption on individual shares.

The behaviour of specifying

[Global]
  smb encrypt = off

[share]
  smb encrypt = desired

must be an unecrypted tree connect to the share "share".

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12520

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit b0b418c22558fa1df547df9bdac2642343ac39e1)
This commit is contained in:
Ralph Boehme 2017-01-16 12:56:10 +01:00 committed by Karolin Seeger
parent 3805e2ff50
commit ce51a27da3
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
source3/smbd/smb2_tcon.c
View File

@ -268,7 +268,8 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req,
}
if ((lp_smb_encrypt(snum) >= SMB_SIGNING_DESIRED) &&
(conn->smb2.client.capabilities & SMB2_CAP_ENCRYPTION)) {
(conn->smb2.server.cipher != 0))
{
encryption_desired = true;
}