From 4a7b792bc6d463a3aa4e1150a271ed6b929276cc Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 23 Sep 2013 20:51:30 +0200
Subject: [PATCH] s3:smb2_server: don't rely on the SMB2_HDR_FLAG_SIGNED if
 signing is required

Windows (at least the test suites) may skip the SMB2_HDR_FLAG_SIGNED
in a reauth session setup, but still provide a valid signature.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
---
 source3/smbd/smb2_server.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index b031c6d153..cf5e37e5a4 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -1993,7 +1993,7 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
 
 	if (req->do_encryption) {
 		signing_required = false;
-	} else if (flags & SMB2_HDR_FLAG_SIGNED) {
+	} else if (signing_required || (flags & SMB2_HDR_FLAG_SIGNED)) {
 		DATA_BLOB signing_key;
 
 		if (x == NULL) {
-- 
2.34.1