[PATCH]: SMB3 Encryption and "smb encrypt" option
Shekhar Amlekar
samlekar at in.ibm.com
Mon Sep 8 09:41:16 MDT 2014
Hi,
Currently, the smb encrypt option in Samba offers less flexibility in
configuring smb3 encryption against Win8/Win2k12 clients. Win2k12 offers
two options, EncryptData and RestrictUnencryptedAccess to enable, disable
and mandate encryption. However, the auto and disabled setting of smb
encrypt behave the same against win8/win2k12 clients.
Please find attached patches that change the behavior of smb encrypt
option as follows -
disabled --> EncryptData = no
auto --> EncryptData =yes, RejectUnencryptedAccess = no
mandatory --> EncryptData = yes, RejectEncryptedAccess = yes
I've changed the default to disabled. Would you please review and let me
know any comments that you may have,
regards,
shekhar.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-s3-smbd-smb2-turn-on-smb3-encryption-for-auto-settin.patch
Type: application/octet-stream
Size: 2428 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140908/bbf66b5f/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-lib-loadparm.c-change-the-default-for-smb-encrypt-op.patch
Type: application/octet-stream
Size: 861 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140908/bbf66b5f/attachment-0001.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0003-docs-smbencrypt.xml-documentation-changes-for-smb-en.patch
Type: application/octet-stream
Size: 2923 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140908/bbf66b5f/attachment-0002.obj>
More information about the samba-technical
mailing list