From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 12 Jun 2014 13:10:11 +0000 (+0200)
Subject: s3:smb2_server: use the global signing key to check if signing is required
X-Git-Tag: samba-4.0.26~78
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a7bee718e69db2b0dbfa24ad3ba705ce59cb77de;p=thirdparty%2Fsamba.git

s3:smb2_server: use the global signing key to check if signing is required

If we have a channel session key, we also always have a global session key.

For multi-channel it's possible that the channel session key is not in place
yet, in that case the global session key needs to be used.

In both cases (reauth or session bind) we session setup requests need to be
signed.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 7e006d11134cdc37ea0fc13110fe5bbfb9de3f14)
---

diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index b46f9944a16..fe58ca57105 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -1912,7 +1912,7 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
 		encryption_required = x->global->encryption_required;
 
 		if (opcode == SMB2_OP_SESSSETUP &&
-		    x->global->channels[0].signing_key.length) {
+		    x->global->signing_key.length > 0) {
 			signing_required = true;
 		}
 	}