summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2003-07-17 00:48:21 +0000
committerJeremy Allison <jra@samba.org>2003-07-17 00:48:21 +0000
commitf1b6cd794dd5de853c4b068361a326160a3d0384 (patch)
tree4a2d3f677b6ed96d05f420a3580a086574115954
parent6ab5e14494ed6b579658f4fe3410759582d909cd (diff)
downloadsamba-f1b6cd794dd5de853c4b068361a326160a3d0384.tar.gz
samba-f1b6cd794dd5de853c4b068361a326160a3d0384.tar.bz2
samba-f1b6cd794dd5de853c4b068361a326160a3d0384.zip
Putting the framework for server signing in place. Ensure we don't use
sendfile when signing (I need to add this for readbraw/writebraw too...). Jeremy. (This used to be commit f2e84f1ba67b13ff29e24a38099b559d9033a680)
-rw-r--r--source3/libsmb/smb_signing.c72
-rw-r--r--source3/param/loadparm.c11
-rw-r--r--source3/smbd/negprot.c12
3 files changed, 89 insertions, 6 deletions
diff --git a/source3/libsmb/smb_signing.c b/source3/libsmb/smb_signing.c
index 683a382369..8e3a4ff8d8 100644
--- a/source3/libsmb/smb_signing.c
+++ b/source3/libsmb/smb_signing.c
@@ -479,24 +479,86 @@ BOOL cli_check_sign_mac(struct cli_state *cli)
SMB signing - server API's.
************************************************************/
+static struct smb_sign_info srv_sign_info = {
+ null_sign_outgoing_message,
+ null_check_incoming_message,
+ null_free_signing_context,
+ NULL,
+ False,
+ False,
+ False,
+ False
+};
+
+/***********************************************************
+ Turn on signing after sending an oplock break.
+************************************************************/
+
void srv_enable_signing(void)
{
+ srv_sign_info.doing_signing = True;
}
+/***********************************************************
+ Turn off signing before sending an oplock break.
+************************************************************/
+
void srv_disable_signing(void)
{
+ srv_sign_info.doing_signing = False;
}
-BOOL srv_check_sign_mac(char *buf)
+/***********************************************************
+ Called to validate an incoming packet from the client.
+************************************************************/
+
+BOOL srv_check_sign_mac(char *inbuf)
{
- return True;
+ if (!srv_sign_info.doing_signing)
+ return True;
+
+ /* Check if it's a session keepalive. */
+ if(CVAL(inbuf,0) == SMBkeepalive)
+ return True;
+
+ if (smb_len(inbuf) < (smb_ss_field + 8 - 4)) {
+ DEBUG(1, ("srv_check_sign_mac: Can't check signature on short packet! smb_len = %u\n", smb_len(inbuf) ));
+ return False;
+ }
+
+ return srv_sign_info.check_incoming_message(inbuf, &srv_sign_info);
}
-void srv_calculate_sign_mac(char *buf)
+/***********************************************************
+ Called to sign an outgoing packet to the client.
+************************************************************/
+
+void srv_calculate_sign_mac(char *outbuf)
{
+ if (!srv_sign_info.doing_signing)
+ return;
+
+ /* Check if it's a session keepalive. */
+ /* JRA Paranioa test - do we ever generate these in the server ? */
+ if(CVAL(outbuf,0) == SMBkeepalive)
+ return;
+
+ /* JRA Paranioa test - we should be able to get rid of this... */
+ if (smb_len(outbuf) < (smb_ss_field + 8 - 4)) {
+ DEBUG(1, ("srv_calculate_sign_mac: Logic error. Can't check signature on short packet! smb_len = %u\n",
+ smb_len(outbuf) ));
+ abort();
+ }
+
+ srv_sign_info.sign_outgoing_message(outbuf, &srv_sign_info);
}
-BOOL allow_sendfile(void)
+/***********************************************************
+ Returns whether signing is active. We can't use sendfile or raw
+ reads/writes if it is.
+************************************************************/
+
+BOOL srv_signing_active(void)
{
- return True;
+ return srv_sign_info.doing_signing;
}
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 3739407810..1af8d51114 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -1864,7 +1864,7 @@ FN_LOCAL_BOOL(lp_inherit_acls, bInheritACLS)
FN_LOCAL_BOOL(lp_use_client_driver, bUseClientDriver)
FN_LOCAL_BOOL(lp_default_devmode, bDefaultDevmode)
FN_LOCAL_BOOL(lp_nt_acl_support, bNTAclSupport)
-FN_LOCAL_BOOL(lp_use_sendfile, bUseSendfile)
+FN_LOCAL_BOOL(_lp_use_sendfile, bUseSendfile)
FN_LOCAL_BOOL(lp_profile_acls, bProfileAcls)
FN_LOCAL_BOOL(lp_map_acl_inherit, bMap_acl_inherit)
FN_LOCAL_INTEGER(lp_create_mask, iCreate_mask)
@@ -4291,3 +4291,12 @@ int lp_maxprintjobs(int snum)
return maxjobs;
}
+
+/*******************************************************************
+ Ensure we don't use sendfile if server smb signing is active.
+********************************************************************/
+
+BOOL lp_use_sendfile(int snum)
+{
+ return (_lp_use_sendfile(snum) && !srv_signing_active());
+}
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index f452dd845b..0b58eb3eb2 100644
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -277,6 +277,14 @@ static int reply_nt1(char *inbuf, char *outbuf)
if (global_encrypted_passwords_negotiated)
secword |= NEGOTIATE_SECURITY_CHALLENGE_RESPONSE;
+ if (lp_server_signing()) {
+ secword |= NEGOTIATE_SECURITY_SIGNATURES_ENABLED;
+ /* No raw mode with smb signing. */
+ capabilities &= ~CAP_RAW_MODE;
+ if (lp_server_signing() == Required)
+ secword |=NEGOTIATE_SECURITY_SIGNATURES_REQUIRED;
+ }
+
set_message(outbuf,17,0,True);
SCVAL(outbuf,smb_vwv1,secword);
@@ -521,6 +529,10 @@ int reply_negprot(connection_struct *conn,
DEBUG( 5, ( "negprot index=%d\n", choice ) );
+ if ((lp_server_signing() == Required) && (Protocol < PROTOCOL_NT1)) {
+ exit_server("SMB signing is required and client negotiated a downlevel protocol");
+ }
+
END_PROFILE(SMBnegprot);
return(outsize);
}