From 4f5791ebd03eaec1c7da0865a383175b05102712 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 5 May 2024 19:47:29 +0200
Subject: Adding upstream version 2:4.17.12+dfsg.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 .../smbdotconf/security/serversmbsigningalgos.xml  | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 docs-xml/smbdotconf/security/serversmbsigningalgos.xml

(limited to 'docs-xml/smbdotconf/security/serversmbsigningalgos.xml')

diff --git a/docs-xml/smbdotconf/security/serversmbsigningalgos.xml b/docs-xml/smbdotconf/security/serversmbsigningalgos.xml
new file mode 100644
index 0000000..7884e60
--- /dev/null
+++ b/docs-xml/smbdotconf/security/serversmbsigningalgos.xml
@@ -0,0 +1,22 @@
+<samba:parameter name="server smb3 signing algorithms"
+                 context="G"
+                 type="list"
+                 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
+<description>
+	<para>This parameter specifies the availability and order of
+	signing algorithms which are available for negotiation in the SMB3_11 dialect.
+	</para>
+	<para>It is also possible to remove individual algorithms from the default list,
+	by prefixing them with '-'. This can avoid having to specify a hardcoded list.
+	</para>
+	<para>Note: that the removal of AES-128-CMAC from the list will result
+	in SMB3_00 and SMB3_02 being unavailable, and the removal of HMAC-SHA256
+	will result in SMB2_02 and SMB2_10 being unavailable, as these are the default and only
+	available algorithms for these dialects.
+	</para>
+</description>
+
+<value type="default">AES-128-GMAC, AES-128-CMAC, HMAC-SHA256</value>
+<value type="example">AES-128-CMAC, HMAC-SHA256</value>
+<value type="example">-AES-128-CMAC</value>
+</samba:parameter>
-- 
cgit v1.2.3