s3:smb2_server: check xconn->smb2.server.cipher instead of xconn->smb2.server.capabil...

SMB 3.10 and later won't have SMB2_CAP_ENCRYPTION anymore.

xconn->smb2.server.cipher == 0 is the indication that we don't support encryption on the connection.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index 710020878037e205a595612ef1505c43e9fc13d7..0150d0c3f468efcdf11254f571ac4682237cd571 100644 (file)
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -356,7 +356,7 @@ static NTSTATUS smbd_smb2_inbuf_parse_compound(struct smbXsrv_connection *xconn,
                                goto inval;
                        }
 
-                       if (!(xconn->smb2.server.capabilities & SMB2_CAP_ENCRYPTION)) {
+                       if (xconn->smb2.server.cipher == 0) {
                                DEBUG(10, ("Got SMB2_TRANSFORM header, "
                                           "but not negotiated "
                                           "client[0x%08X] server[0x%08X]\n",

diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 366ca586fce9bf9174cf03df7f0dda795594528a..78cafe8f78e7512e55ac03c7539d0c3c1e5d4bf0 100644 (file)
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -208,7 +208,7 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
                return NT_STATUS_ACCESS_DENIED;
        }
 
-       if (!(xconn->smb2.server.capabilities & SMB2_CAP_ENCRYPTION)) {
+       if (xconn->smb2.server.cipher == 0) {
                if (x->global->encryption_required) {
                        DEBUG(1,("reject session with dialect[0x%04X] "
                                 "as encryption is required\n",

diff --git a/source3/smbd/smb2_tcon.c b/source3/smbd/smb2_tcon.c
index 278fb6fa3d1c5e119a3833029d7aab2822e45813..bf33fcbf723a526765b7d39e77e667744c4ad613 100644 (file)
--- a/source3/smbd/smb2_tcon.c
+++ b/source3/smbd/smb2_tcon.c
@@ -249,7 +249,7 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req,
                return NT_STATUS_ACCESS_DENIED;
        }
 
-       if (!(conn->smb2.server.capabilities & SMB2_CAP_ENCRYPTION)) {
+       if (conn->smb2.server.cipher == 0) {
                if (encryption_required) {
                        DEBUG(1,("reject tcon with dialect[0x%04X] "
                                 "as encryption is required for service %s\n",