If signing is not required we should not require it for reauthentication.
Windows clients would otherwise fail to reauthenticate.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10958
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
382019656ee164fd21455ed7d7b5e9e18bd0ca72)
if (x != NULL) {
signing_required = x->global->signing_required;
encryption_required = x->global->encryption_required;
-
- if (opcode == SMB2_OP_SESSSETUP &&
- x->global->signing_key.length > 0) {
- signing_required = true;
- }
}
req->do_signing = false;
conn_clear_vuid_caches(conn->sconn, session->compat->vuid);
+ if (security_session_user_level(session_info, NULL) >= SECURITY_USER) {
+ smb2req->do_signing = true;
+ }
+
*out_session_id = session->global->session_wire_id;
return NT_STATUS_OK;