NetApp found that we never set the smb signing flags2.

This was found during testing at the CIFS plugfest.

No other client seems to honour or use this bit, but it is quite
ligitimately required by the spec.

Andrew Bartlett

diff --git a/source4/smb_server/smb/request.c b/source4/smb_server/smb/request.c
index c7fa2d7d8abca1959b121b2c961d5c9bc20b90ef..eb3e100b96c4d3d354381f43e4ad5687a06c2ec4 100644 (file)
--- a/source4/smb_server/smb/request.c
+++ b/source4/smb_server/smb/request.c
@@ -140,6 +140,10 @@ void smbsrv_setup_reply(struct smbsrv_request *req, uint_t wct, size_t buflen)
                flags2 |= FLAGS2_32_BIT_ERROR_CODES;
        }
 
+       if (req->smb_conn->signing.allow_smb_signing || req->smb_conn->signing.mandatory_signing) {
+               flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES; 
+       }
+       
        req->out.hdr = req->out.buffer + NBT_HDR_SIZE;
        req->out.vwv = req->out.hdr + HDR_VWV;
        req->out.wct = wct;