From a22fcb689187a7b1fa20d008026c91283e222390 Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow@samba.org>
Date: Tue, 20 Jun 2023 18:13:23 +0200
Subject: [PATCH 21/28] CVE-2023-3347: smbd: remove comment in
 smbd_smb2_request_process_negprot()

This is just going to bitrot. Anyone who's interested can just grep for
"signing_mandatory" and look up what it does.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15397

Signed-off-by: Ralph Boehme <slow@samba.org>

Conflict: NA
Reference: https://download.samba.org/pub/samba/patches/security/samba-4.17.10-security-2023-07-19.patch
---
 source3/smbd/smb2_negprot.c | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c
index baddbecaade..685a1460cef 100644
--- a/source3/smbd/smb2_negprot.c
+++ b/source3/smbd/smb2_negprot.c
@@ -361,12 +361,6 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
 	}
 
 	security_mode = SMB2_NEGOTIATE_SIGNING_ENABLED;
-	/*
-	 * We use xconn->smb2.signing_mandatory set up via
-	 * srv_init_signing() -> smb2_srv_init_signing().
-	 * This calls lpcfg_server_signing_allowed() to get the correct
-	 * defaults, e.g. signing_required for an ad_dc.
-	 */
 	if (xconn->smb2.signing_mandatory) {
 		security_mode |= SMB2_NEGOTIATE_SIGNING_REQUIRED;
 	}
-- 
2.34.1