s3:libsmb: fix signing regression SMBC_server_internal()

commit d0062d312cbbf80afd78143ca5c0be68f2d72b03 introduced
SMBC_ENCRYPTLEVEL_DEFAULT as default, but the logic to enforce
signing wasn't adjusted, so we required smb signing by default.

That broke guest authentication for libsmbclient using applications.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14935

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Dec 27 16:38:11 UTC 2021 on sn-devel-184

diff --git a/selftest/knownfail.d/libsmbclient.noanon_list b/selftest/knownfail.d/libsmbclient.noanon_list
deleted file mode 100644 (file)
index 1901166..0000000
--- a/selftest/knownfail.d/libsmbclient.noanon_list
+++ /dev/null
@@ -1 +0,0 @@
-^samba4.libsmbclient.noanon_list.baduser

diff --git a/source3/libsmb/libsmb_server.c b/source3/libsmb/libsmb_server.c
index 3ac915e775d123efab6436f5ed6465fb654f5639..b92477c88fef0eb191efe48448f8b046ebe04c6f 100644 (file)
--- a/source3/libsmb/libsmb_server.c
+++ b/source3/libsmb/libsmb_server.c
@@ -498,7 +498,7 @@ SMBC_server_internal(TALLOC_CTX *ctx,
 
        status = NT_STATUS_UNSUCCESSFUL;
 
-       if (context->internal->smb_encryption_level != SMBC_ENCRYPTLEVEL_NONE) {
+       if (context->internal->smb_encryption_level > SMBC_ENCRYPTLEVEL_NONE) {
                signing_state = SMB_SIGNING_REQUIRED;
        }