--- /dev/null
+<samba:parameter name="debug encryption"
+ context="G"
+ type="boolean"
+ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
+ <description>
+ <para>
+ This option will make the smbd server and client code using
+ libsmb (smbclient, smbget, smbspool, ...) dump the Session Id,
+ the decrypted Session Key, the Signing Key, the Application Key,
+ the Encryption Key and the Decryption Key every time an SMB3+
+ session is established. This information will be printed in logs
+ at level 0.
+ </para>
+ <para>
+ Warning: access to these values enables the decryption of any
+ encrypted traffic on the dumped sessions. This option should
+ only be enabled for debugging purposes.
+ </para>
+ </description>
+
+ <value type="default">no</value>
+</samba:parameter>
lpcfg_do_global_parameter(lp_ctx, "store dos attributes", "yes");
+ lpcfg_do_global_parameter(lp_ctx, "debug encryption", "no");
+
for (i = 0; parm_table[i].label; i++) {
if (!(lp_ctx->flags[i] & FLAG_CMDLINE)) {
lp_ctx->flags[i] |= FLAG_DEFAULT;