From: Ralph Boehme <slow@samba.org>
Date: Fri, 9 Nov 2018 14:34:24 +0000 (+0100)
Subject: s4:torture/smb2/session: require a signed session setup reauth response
X-Git-Tag: samba-4.8.8~23
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b79e847e35145ad04b7582f64a3c6aeae36212d8;p=thirdparty%2Fsamba.git

s4:torture/smb2/session: require a signed session setup reauth response

All existing tests using this function require signing, so currently
this passes. A subsequent commit adds a test where neither client nor
server require signing and that's where this trap will explode.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13661

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit ffc424ee6bedc3c208acb4c0c83da836a12d6123)
---

diff --git a/source4/torture/smb2/session.c b/source4/torture/smb2/session.c
index 65cc53ba337..a088754ec00 100644
--- a/source4/torture/smb2/session.c
+++ b/source4/torture/smb2/session.c
@@ -1154,12 +1154,20 @@ static bool test_session_expire1i(struct torture_context *tctx,
 		 */
 		cli_credentials_invalidate_ccache(credentials, CRED_SPECIFIED);
 
+		if (!force_encryption) {
+			smb2cli_session_require_signed_response(
+				tree->session->smbXcli, true);
+		}
+
 		torture_comment(tctx, "reauth => OK\n");
 		status = smb2_session_setup_spnego(tree->session,
 						   credentials,
 						   0 /* previous_session_id */);
 		torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
 					"smb2_session_setup_spnego failed");
+
+		smb2cli_session_require_signed_response(
+			tree->session->smbXcli, false);
 	}
 
 	ZERO_STRUCT(qfinfo.access_information.out);