diff options
author | Jeremy Allison <jra@samba.org> | 2007-12-26 17:12:36 -0800 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2007-12-26 17:12:36 -0800 |
commit | afc93255d183eefb68e45b8ec6275f6a62cf9795 (patch) | |
tree | 712efc0cd3c95d30c0e44055b25807c41533bc1f /source3/lib/util_sock.c | |
parent | 23c965d9472058c566a1b9f8a44964acd5c8a446 (diff) | |
download | samba-afc93255d183eefb68e45b8ec6275f6a62cf9795.tar.gz samba-afc93255d183eefb68e45b8ec6275f6a62cf9795.tar.bz2 samba-afc93255d183eefb68e45b8ec6275f6a62cf9795.zip |
Add SMB encryption. Still fixing client decrypt but
negotiation works.
Jeremy.
(This used to be commit d78045601af787731f0737b8627450018902b104)
Diffstat (limited to 'source3/lib/util_sock.c')
-rw-r--r-- | source3/lib/util_sock.c | 30 |
1 files changed, 27 insertions, 3 deletions
diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c index 8f1bd9e686..d16a8f079a 100644 --- a/source3/lib/util_sock.c +++ b/source3/lib/util_sock.c @@ -1287,6 +1287,17 @@ bool receive_smb(int fd, char *buffer, unsigned int timeout, enum smb_read_error return false; } + if (srv_encryption_on()) { + NTSTATUS status = srv_decrypt_buffer(buffer); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("receive_smb: SMB decryption failed " + "on incoming packet! Error %s\n", + nt_errstr(status) )); + cond_set_smb_read_error(pre, SMB_READ_BAD_DECRYPT); + return false; + } + } + /* Check the incoming SMB signature. */ if (!srv_check_sign_mac(buffer, true)) { DEBUG(0, ("receive_smb: SMB Signature verification " @@ -1307,22 +1318,35 @@ bool send_smb(int fd, char *buffer) size_t len; size_t nwritten=0; ssize_t ret; + char *buf_out = buffer; /* Sign the outgoing packet if required. */ - srv_calculate_sign_mac(buffer); + srv_calculate_sign_mac(buf_out); + + if (srv_encryption_on()) { + NTSTATUS status = srv_encrypt_buffer(buffer, &buf_out); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("send_smb: SMB encryption failed " + "on outgoing packet! Error %s\n", + nt_errstr(status) )); + return false; + } + } - len = smb_len(buffer) + 4; + len = smb_len(buf_out) + 4; while (nwritten < len) { - ret = write_data(fd,buffer+nwritten,len - nwritten); + ret = write_data(fd,buf_out+nwritten,len - nwritten); if (ret <= 0) { DEBUG(0,("Error writing %d bytes to client. %d. (%s)\n", (int)len,(int)ret, strerror(errno) )); + srv_free_enc_buffer(buf_out); return false; } nwritten += ret; } + srv_free_enc_buffer(buf_out); return true; } |