From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 23 Sep 2013 18:51:30 +0000 (+0200)
Subject: s3:smb2_server: don't rely on the SMB2_HDR_FLAG_SIGNED if signing is required
X-Git-Tag: samba-4.1.19~39
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f687a770c6fe7f40e5b4b88668444775006fcb39;p=thirdparty%2Fsamba.git

s3:smb2_server: don't rely on the SMB2_HDR_FLAG_SIGNED if signing is required

Windows (at least the test suites) may skip the SMB2_HDR_FLAG_SIGNED
in a reauth session setup, but still provide a valid signature.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 4a7b792bc6d463a3aa4e1150a271ed6b929276cc)
---

diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index 1e4bedae39c..9c4e18713d8 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -1970,7 +1970,7 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
 
 	if (req->do_encryption) {
 		signing_required = false;
-	} else if (flags & SMB2_HDR_FLAG_SIGNED) {
+	} else if (signing_required || (flags & SMB2_HDR_FLAG_SIGNED)) {
 		DATA_BLOB signing_key;
 
 		if (x == NULL) {