libcli/smb: fix non mendatory signing against some vendor SMB2 servers.

Windows and Samba always sign the final session setup response
even if signing is not mendatory, but it ensures that the signing
key is correctly in place.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10146

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Sep 17 09:40:10 CEST 2013 on sn-devel-104

diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index 0fd3d4c2a034efa3a0aa9976dbd34162a5f7542c..f59f1f7ad288b3c06ed6fa92fb8a9579c58406b2 100644 (file)
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -4843,7 +4843,16 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
                                        session->conn->protocol,
                                        recv_iov, 3);
        if (!NT_STATUS_IS_OK(status)) {
-               return status;
+               /*
+                * Sadly some vendors don't sign the
+                * final SMB2 session setup response
+                *
+                * At least Windows and Samba are always doing this
+                * if there's a session key available.
+                */
+               if (conn->mandatory_signing) {
+                       return status;
+               }
        }
 
        session->smb2->should_sign = false;