s3/smbd: ensure global "smb encrypt = off" is effective for SMB 1 clients
If encryption is disabled globally, per definition we shouldn't allow
enabling encryption on individual shares.
The behaviour of setting
[Global]
smb encrypt = off
[share_required]
smb encrypt = required
[share_desired]
smb encrypt = desired
must be to completely deny access to the share "share_required" and an
unencrypted connection to "share_desired".
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12520
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit
43a90cee46bb7a70f7973c4fc51eee7634e43145)