summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2003-10-21 21:18:58 +0000
committerJeremy Allison <jra@samba.org>2003-10-21 21:18:58 +0000
commitdb8e98175c47cddd89e07b5e1c4c8b5f88651ccc (patch)
treeedbf4a702c7dc1b8acc468a4f7fa5ae217c6ed2b
parentaf4263e46e744bde8d637a2fff016f1a6ca3e543 (diff)
downloadsamba-db8e98175c47cddd89e07b5e1c4c8b5f88651ccc.tar.gz
samba-db8e98175c47cddd89e07b5e1c4c8b5f88651ccc.tar.bz2
samba-db8e98175c47cddd89e07b5e1c4c8b5f88651ccc.zip
Patch from Stefan Metzmacher <metze@metzemix.de> to fix signing problems
when reverse connecting back to a client for printer notify. Jeremy. (This used to be commit 7fde193efeb856ec325d5d563f1e710c45dc65d7)
-rw-r--r--source3/lib/util_sock.c19
-rw-r--r--source3/libsmb/clientgen.c2
-rw-r--r--source3/rpc_server/srv_spoolss_nt.c3
-rw-r--r--source3/smbd/blocking.c2
4 files changed, 21 insertions, 5 deletions
diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c
index b8b8471708..5a1f631ba4 100644
--- a/source3/lib/util_sock.c
+++ b/source3/lib/util_sock.c
@@ -497,9 +497,10 @@ ssize_t read_smb_length(int fd,char *inbuf,unsigned int timeout)
BUFFER_SIZE+SAFETY_MARGIN.
The timeout is in milliseconds.
This function will return on receipt of a session keepalive packet.
+ Doesn't check the MAC on signed packets.
****************************************************************************/
-BOOL receive_smb(int fd,char *buffer, unsigned int timeout)
+BOOL receive_smb_raw(int fd,char *buffer, unsigned int timeout)
{
ssize_t len,ret;
@@ -509,7 +510,7 @@ BOOL receive_smb(int fd,char *buffer, unsigned int timeout)
len = read_smb_length_return_keepalive(fd,buffer,timeout);
if (len < 0) {
- DEBUG(10,("receive_smb: length < 0!\n"));
+ DEBUG(10,("receive_smb_raw: length < 0!\n"));
/*
* Correct fix. smb_read_error may have already been
@@ -552,6 +553,20 @@ BOOL receive_smb(int fd,char *buffer, unsigned int timeout)
}
}
+ return True;
+}
+
+/****************************************************************************
+ Wrapper for receive_smb_raw().
+ Checks the MAC on signed packets.
+****************************************************************************/
+
+BOOL receive_smb(int fd,char *buffer, unsigned int timeout)
+{
+ if (!receive_smb_raw(fd, buffer, timeout)) {
+ return False;
+ }
+
/* Check the incoming SMB signature. */
if (!srv_check_sign_mac(buffer)) {
DEBUG(0, ("receive_smb: SMB Signature verification failed on incoming packet!\n"));
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index 0a134f715d..9b54acf775 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -59,7 +59,7 @@ static BOOL client_receive_smb(int fd,char *buffer, unsigned int timeout)
BOOL ret;
for(;;) {
- ret = receive_smb(fd, buffer, timeout);
+ ret = receive_smb_raw(fd, buffer, timeout);
if (!ret) {
DEBUG(10,("client_receive_smb failed\n"));
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index f2fb02176b..15578f6148 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -2598,7 +2598,8 @@ static BOOL spoolss_connect_to_client(struct cli_state *the_cli,
}
the_cli->protocol = PROTOCOL_NT1;
-
+ cli_setup_signing_state(the_cli, lp_client_signing());
+
if (!cli_negprot(the_cli)) {
DEBUG(0,("spoolss_connect_to_client: machine %s rejected the negotiate protocol. Error was : %s.\n", remote_machine, cli_errstr(the_cli) ));
cli_shutdown(the_cli);
diff --git a/source3/smbd/blocking.c b/source3/smbd/blocking.c
index f43790bfe0..c0512d5539 100644
--- a/source3/smbd/blocking.c
+++ b/source3/smbd/blocking.c
@@ -149,7 +149,7 @@ for fnum = %d, name = %s\n", length, (int)blr->expire_time, lock_timeout,
blr->fsp->fnum, blr->fsp->fsp_name ));
/* Push the MID of this packet on the signing queue. */
- srv_defer_sign_response(SVAL(inbuf,smb_mid), True);
+ srv_defer_sign_response(SVAL(inbuf,smb_mid));
return True;
}