case SMB_SIGNING_DESIRED:
case SMB_SIGNING_IF_REQUIRED:
break;
- case SMB_SIGNING_DEFAULT:
case SMB_SIGNING_OFF:
allowed = false;
break;
+ case SMB_SIGNING_DEFAULT:
+ case SMB_SIGNING_IPC_DEFAULT:
+ smb_panic(__location__);
+ break;
}
return allowed;
conn->desire_signing = true;
conn->mandatory_signing = false;
break;
+ case SMB_SIGNING_IPC_DEFAULT:
case SMB_SIGNING_REQUIRED:
/* always */
conn->allow_signing = true;
#define PROTOCOL_LATEST PROTOCOL_SMB3_11
enum smb_signing_setting {
+ SMB_SIGNING_IPC_DEFAULT = -2, /* Only used in C code */
SMB_SIGNING_DEFAULT = -1,
SMB_SIGNING_OFF = 0,
SMB_SIGNING_IF_REQUIRED = 1,
use_level_II_oplocks = true;
}
+ if (signing_state == SMB_SIGNING_IPC_DEFAULT) {
+ /*
+ * Ensure for IPC/RPC the default is to require
+ * signing unless explicitly turned off by the
+ * administrator.
+ */
+ signing_state = lp_client_ipc_signing();
+ }
+
if (signing_state == SMB_SIGNING_DEFAULT) {
signing_state = lp_client_signing();
}
switch (signing_setting) {
case SMB_SIGNING_DEFAULT:
+ case SMB_SIGNING_IPC_DEFAULT:
smb_panic(__location__);
break;
case SMB_SIGNING_OFF: