diff options
author | Jeremy Allison <jra@samba.org> | 2003-10-21 21:18:58 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2003-10-21 21:18:58 +0000 |
commit | db8e98175c47cddd89e07b5e1c4c8b5f88651ccc (patch) | |
tree | edbf4a702c7dc1b8acc468a4f7fa5ae217c6ed2b | |
parent | af4263e46e744bde8d637a2fff016f1a6ca3e543 (diff) | |
download | samba-db8e98175c47cddd89e07b5e1c4c8b5f88651ccc.tar.gz samba-db8e98175c47cddd89e07b5e1c4c8b5f88651ccc.tar.bz2 samba-db8e98175c47cddd89e07b5e1c4c8b5f88651ccc.zip |
Patch from Stefan Metzmacher <metze@metzemix.de> to fix signing problems
when reverse connecting back to a client for printer notify.
Jeremy.
(This used to be commit 7fde193efeb856ec325d5d563f1e710c45dc65d7)
-rw-r--r-- | source3/lib/util_sock.c | 19 | ||||
-rw-r--r-- | source3/libsmb/clientgen.c | 2 | ||||
-rw-r--r-- | source3/rpc_server/srv_spoolss_nt.c | 3 | ||||
-rw-r--r-- | source3/smbd/blocking.c | 2 |
4 files changed, 21 insertions, 5 deletions
diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c index b8b8471708..5a1f631ba4 100644 --- a/source3/lib/util_sock.c +++ b/source3/lib/util_sock.c @@ -497,9 +497,10 @@ ssize_t read_smb_length(int fd,char *inbuf,unsigned int timeout) BUFFER_SIZE+SAFETY_MARGIN. The timeout is in milliseconds. This function will return on receipt of a session keepalive packet. + Doesn't check the MAC on signed packets. ****************************************************************************/ -BOOL receive_smb(int fd,char *buffer, unsigned int timeout) +BOOL receive_smb_raw(int fd,char *buffer, unsigned int timeout) { ssize_t len,ret; @@ -509,7 +510,7 @@ BOOL receive_smb(int fd,char *buffer, unsigned int timeout) len = read_smb_length_return_keepalive(fd,buffer,timeout); if (len < 0) { - DEBUG(10,("receive_smb: length < 0!\n")); + DEBUG(10,("receive_smb_raw: length < 0!\n")); /* * Correct fix. smb_read_error may have already been @@ -552,6 +553,20 @@ BOOL receive_smb(int fd,char *buffer, unsigned int timeout) } } + return True; +} + +/**************************************************************************** + Wrapper for receive_smb_raw(). + Checks the MAC on signed packets. +****************************************************************************/ + +BOOL receive_smb(int fd,char *buffer, unsigned int timeout) +{ + if (!receive_smb_raw(fd, buffer, timeout)) { + return False; + } + /* Check the incoming SMB signature. */ if (!srv_check_sign_mac(buffer)) { DEBUG(0, ("receive_smb: SMB Signature verification failed on incoming packet!\n")); diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index 0a134f715d..9b54acf775 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -59,7 +59,7 @@ static BOOL client_receive_smb(int fd,char *buffer, unsigned int timeout) BOOL ret; for(;;) { - ret = receive_smb(fd, buffer, timeout); + ret = receive_smb_raw(fd, buffer, timeout); if (!ret) { DEBUG(10,("client_receive_smb failed\n")); diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index f2fb02176b..15578f6148 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -2598,7 +2598,8 @@ static BOOL spoolss_connect_to_client(struct cli_state *the_cli, } the_cli->protocol = PROTOCOL_NT1; - + cli_setup_signing_state(the_cli, lp_client_signing()); + if (!cli_negprot(the_cli)) { DEBUG(0,("spoolss_connect_to_client: machine %s rejected the negotiate protocol. Error was : %s.\n", remote_machine, cli_errstr(the_cli) )); cli_shutdown(the_cli); diff --git a/source3/smbd/blocking.c b/source3/smbd/blocking.c index f43790bfe0..c0512d5539 100644 --- a/source3/smbd/blocking.c +++ b/source3/smbd/blocking.c @@ -149,7 +149,7 @@ for fnum = %d, name = %s\n", length, (int)blr->expire_time, lock_timeout, blr->fsp->fnum, blr->fsp->fsp_name )); /* Push the MID of this packet on the signing queue. */ - srv_defer_sign_response(SVAL(inbuf,smb_mid), True); + srv_defer_sign_response(SVAL(inbuf,smb_mid)); return True; } |