s3:smbd: make use of SMB_SIGNING_* constants

metze

diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index a0ed52d659072e1889bebb019075936277551ca6..3afa8b19e361326c31073bef3cad3e7a4146a812 100644 (file)
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -368,16 +368,16 @@ static void reply_nt1(struct smb_request *req, uint16 choice)
                secword |= NEGOTIATE_SECURITY_CHALLENGE_RESPONSE;
        }
 
-       if (lp_server_signing()) {
+       if (lp_server_signing() != SMB_SIGNING_OFF) {
                if (lp_security() >= SEC_USER) {
                        secword |= NEGOTIATE_SECURITY_SIGNATURES_ENABLED;
                        /* No raw mode with smb signing. */
                        capabilities &= ~CAP_RAW_MODE;
-                       if (lp_server_signing() == Required)
+                       if (lp_server_signing() == SMB_SIGNING_REQUIRED)
                                secword |=NEGOTIATE_SECURITY_SIGNATURES_REQUIRED;
                } else {
                        DEBUG(0,("reply_nt1: smb signing is incompatible with share level security !\n"));
-                       if (lp_server_signing() == Required) {
+                       if (lp_server_signing() == SMB_SIGNING_REQUIRED) {
                                exit_server_cleanly("reply_nt1: smb signing required and share level security selected.");
                        }
                }
@@ -736,7 +736,8 @@ void reply_negprot(struct smb_request *req)
 
        DEBUG( 5, ( "negprot index=%d\n", choice ) );
 
-       if ((lp_server_signing() == Required) && (get_Protocol() < PROTOCOL_NT1)) {
+       if ((lp_server_signing() == SMB_SIGNING_REQUIRED)
+           && (get_Protocol() < PROTOCOL_NT1)) {
                exit_server_cleanly("SMB signing is required and "
                        "client negotiated a downlevel protocol");
        }

diff --git a/source3/smbd/signing.c b/source3/smbd/signing.c
index 9d2e022133132898f4e89948eb3c13a8528f6fe4..8e4c50fbee7a88d8961eed1a34a5bf5e4dfce5c6 100644 (file)
--- a/source3/smbd/signing.c
+++ b/source3/smbd/signing.c
@@ -161,12 +161,13 @@ bool srv_init_signing(struct smbd_server_connection *conn)
        bool mandatory = false;
 
        switch (lp_server_signing()) {
-       case Required:
+       case SMB_SIGNING_REQUIRED:
                mandatory = true;
                break;
-       case True:
+       case SMB_SIGNING_IF_REQUIRED:
                break;
-       case False:
+       case SMB_SIGNING_DEFAULT:
+       case SMB_SIGNING_OFF:
                allowed = false;
                break;
        }

diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c
index 1733728c5f0661bd78de55633c484cf8c979ca1b..ba556620949070cae0f00b224e100bef19e41da3 100644 (file)
--- a/source3/smbd/smb2_negprot.c
+++ b/source3/smbd/smb2_negprot.c
@@ -186,7 +186,7 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
        }
 
        security_mode = SMB2_NEGOTIATE_SIGNING_ENABLED;
-       if (lp_server_signing() == Required) {
+       if (lp_server_signing() == SMB_SIGNING_REQUIRED) {
                security_mode |= SMB2_NEGOTIATE_SIGNING_REQUIRED;
        }
 

diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 6e06b9fe00e207fb9ea8697c8cfb209316302c6f..64fa44605916caafc46fc6379f1df344e3eca19b 100644 (file)
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -223,7 +223,7 @@ static NTSTATUS smbd_smb2_session_setup_krb5(struct smbd_smb2_session *session,
        }
 
        if ((in_security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) ||
-            lp_server_signing() == Required) {
+            lp_server_signing() == SMB_SIGNING_REQUIRED) {
                session->do_signing = true;
        }
 
@@ -434,7 +434,7 @@ static NTSTATUS smbd_smb2_common_ntlmssp_auth_return(struct smbd_smb2_session *s
        bool guest = false;
 
        if ((in_security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) ||
-           lp_server_signing() == Required) {
+           lp_server_signing() == SMB_SIGNING_REQUIRED) {
                session->do_signing = true;
        }