From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 2 Nov 2011 18:07:45 +0000 (+0100)
Subject: s3:smbd: make use of SMB_SIGNING_* constants
X-Git-Url: http://git.samba.org/?a=commitdiff_plain;h=caa134672c053f56360ef602b7f8b9d66b216ad3;p=metze%2Fsamba%2Fwip.git

s3:smbd: make use of SMB_SIGNING_* constants

metze
---

diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index a0ed52d65907..3afa8b19e361 100644
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -368,16 +368,16 @@ static void reply_nt1(struct smb_request *req, uint16 choice)
 		secword |= NEGOTIATE_SECURITY_CHALLENGE_RESPONSE;
 	}
 
-	if (lp_server_signing()) {
+	if (lp_server_signing() != SMB_SIGNING_OFF) {
 	       	if (lp_security() >= SEC_USER) {
 			secword |= NEGOTIATE_SECURITY_SIGNATURES_ENABLED;
 			/* No raw mode with smb signing. */
 			capabilities &= ~CAP_RAW_MODE;
-			if (lp_server_signing() == Required)
+			if (lp_server_signing() == SMB_SIGNING_REQUIRED)
 				secword |=NEGOTIATE_SECURITY_SIGNATURES_REQUIRED;
 		} else {
 			DEBUG(0,("reply_nt1: smb signing is incompatible with share level security !\n"));
-			if (lp_server_signing() == Required) {
+			if (lp_server_signing() == SMB_SIGNING_REQUIRED) {
 				exit_server_cleanly("reply_nt1: smb signing required and share level security selected.");
 			}
 		}
@@ -736,7 +736,8 @@ void reply_negprot(struct smb_request *req)
 
 	DEBUG( 5, ( "negprot index=%d\n", choice ) );
 
-	if ((lp_server_signing() == Required) && (get_Protocol() < PROTOCOL_NT1)) {
+	if ((lp_server_signing() == SMB_SIGNING_REQUIRED)
+	    && (get_Protocol() < PROTOCOL_NT1)) {
 		exit_server_cleanly("SMB signing is required and "
 			"client negotiated a downlevel protocol");
 	}
diff --git a/source3/smbd/signing.c b/source3/smbd/signing.c
index 9d2e02213313..8e4c50fbee7a 100644
--- a/source3/smbd/signing.c
+++ b/source3/smbd/signing.c
@@ -161,12 +161,13 @@ bool srv_init_signing(struct smbd_server_connection *conn)
 	bool mandatory = false;
 
 	switch (lp_server_signing()) {
-	case Required:
+	case SMB_SIGNING_REQUIRED:
 		mandatory = true;
 		break;
-	case True:
+	case SMB_SIGNING_IF_REQUIRED:
 		break;
-	case False:
+	case SMB_SIGNING_DEFAULT:
+	case SMB_SIGNING_OFF:
 		allowed = false;
 		break;
 	}
diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c
index 1733728c5f06..ba5566209490 100644
--- a/source3/smbd/smb2_negprot.c
+++ b/source3/smbd/smb2_negprot.c
@@ -186,7 +186,7 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
 	}
 
 	security_mode = SMB2_NEGOTIATE_SIGNING_ENABLED;
-	if (lp_server_signing() == Required) {
+	if (lp_server_signing() == SMB_SIGNING_REQUIRED) {
 		security_mode |= SMB2_NEGOTIATE_SIGNING_REQUIRED;
 	}
 
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 6e06b9fe00e2..64fa44605916 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -223,7 +223,7 @@ static NTSTATUS smbd_smb2_session_setup_krb5(struct smbd_smb2_session *session,
 	}
 
 	if ((in_security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) ||
-	     lp_server_signing() == Required) {
+	     lp_server_signing() == SMB_SIGNING_REQUIRED) {
 		session->do_signing = true;
 	}
 
@@ -434,7 +434,7 @@ static NTSTATUS smbd_smb2_common_ntlmssp_auth_return(struct smbd_smb2_session *s
 	bool guest = false;
 
 	if ((in_security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) ||
-	    lp_server_signing() == Required) {
+	    lp_server_signing() == SMB_SIGNING_REQUIRED) {
 		session->do_signing = true;
 	}