diff options
author | Andrew Bartlett <abartlet@samba.org> | 2004-08-12 07:26:42 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:57:55 -0500 |
commit | f387277b7fa3dc190a6345394aaf79399b88851f (patch) | |
tree | 1f76b434ad6f347c8fa515fbf5cdcecd2b75e17c | |
parent | 9130e707c14dea336c934351a252a592d7d557c0 (diff) | |
download | samba-f387277b7fa3dc190a6345394aaf79399b88851f.tar.gz samba-f387277b7fa3dc190a6345394aaf79399b88851f.tar.bz2 samba-f387277b7fa3dc190a6345394aaf79399b88851f.zip |
r1768: Add some debugs to assist in SMB signing debugging.
Andrew Bartlett
(This used to be commit 32b45fc9e8ff1d0b73bbec1eb1d249af3ec52e46)
-rw-r--r-- | source4/libcli/raw/smb_signing.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/source4/libcli/raw/smb_signing.c b/source4/libcli/raw/smb_signing.c index 09da8e9983..0b9c2864d3 100644 --- a/source4/libcli/raw/smb_signing.c +++ b/source4/libcli/raw/smb_signing.c @@ -30,14 +30,17 @@ static BOOL set_smb_signing_common(struct smbcli_transport *transport) { if (!(transport->negotiate.sec_mode & (NEGOTIATE_SECURITY_SIGNATURES_REQUIRED|NEGOTIATE_SECURITY_SIGNATURES_ENABLED))) { + DEBUG(5, ("SMB Signing is not negotiated by the peer\n")); return False; } if (transport->negotiate.sign_info.doing_signing) { + DEBUG(5, ("SMB Signing already in progress, so we don't start it again\n")); return False; } if (!transport->negotiate.sign_info.allow_smb_signing) { + DEBUG(5, ("SMB Signing has been locally disabled\n")); return False; } @@ -61,9 +64,11 @@ static BOOL signing_good(struct smb_signing_context *sign_info, { if (good) { if (!sign_info->doing_signing) { + DEBUG(5, ("Seen valid packet, so turning signing on\n")); sign_info->doing_signing = True; } if (!sign_info->seen_valid) { + DEBUG(5, ("Seen valid packet, so marking signing as 'seen valid'\n")); sign_info->seen_valid = True; } } else { @@ -130,6 +135,11 @@ BOOL check_signed_incoming_message(struct request_buffer *in, DATA_BLOB *mac_key return False; } + if (!mac_key->length) { + /* NO key yet */ + return False; + } + /* its quite bogus to be guessing sequence numbers, but very useful when debugging signing implementations */ for (i = 0-sign_range; i <= 0+sign_range; i++) { @@ -229,6 +239,7 @@ void smbcli_request_calculate_sign_mac(struct smbcli_request *req) */ static BOOL smbcli_set_signing_off(struct smb_signing_context *sign_info) { + DEBUG(5, ("Shutdown SMB signing\n")); sign_info->doing_signing = False; data_blob_free(&sign_info->mac_key); sign_info->signing_state = SMB_SIGNING_ENGINE_OFF; @@ -244,6 +255,7 @@ BOOL smbcli_temp_set_signing(struct smbcli_transport *transport) if (!set_smb_signing_common(transport)) { return False; } + DEBUG(5, ("BSRSPYL SMB signing enabled\n")); smbcli_set_signing_off(&transport->negotiate.sign_info); transport->negotiate.sign_info.mac_key = data_blob(NULL, 0); |