summaryrefslogtreecommitdiff
path: root/source3/lib
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2007-03-17 00:32:54 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:18:40 -0500
commitecd496f06654e8316260c9a6ddab5e473f9cc452 (patch)
tree818b389212a4939094eebb4f60ee2ce83d1d7527 /source3/lib
parentc2fd7de44e7ba8a7d93110a6f579878697ceaa8d (diff)
downloadsamba-ecd496f06654e8316260c9a6ddab5e473f9cc452.tar.gz
samba-ecd496f06654e8316260c9a6ddab5e473f9cc452.tar.bz2
samba-ecd496f06654e8316260c9a6ddab5e473f9cc452.zip
r21865: Add in the stubs for SMB transport encryption. Will flesh
these out as I implement. Don't add to SAMBA_3_0_25, this is experimental code. NFSv4 you're now officially on notice... :-). Jeremy. (This used to be commit 5bfe638f2172e272741997100ee5ae8ff280494d)
Diffstat (limited to 'source3/lib')
-rw-r--r--source3/lib/util_sock.c23
1 files changed, 22 insertions, 1 deletions
diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c
index 2866a443d4..663502bef0 100644
--- a/source3/lib/util_sock.c
+++ b/source3/lib/util_sock.c
@@ -732,15 +732,28 @@ BOOL receive_smb_raw(int fd, char *buffer, unsigned int timeout)
BOOL receive_smb(int fd, char *buffer, unsigned int timeout)
{
+ NTSTATUS status;
+
if (!receive_smb_raw(fd, buffer, timeout)) {
return False;
}
+ status = srv_decrypt_buffer(buffer);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("receive_smb: SMB decryption failed on incoming packet! Error %s\n",
+ nt_errstr(status) ));
+ if (smb_read_error == 0) {
+ smb_read_error = READ_BAD_DECRYPT;
+ }
+ return False;
+ }
+
/* Check the incoming SMB signature. */
if (!srv_check_sign_mac(buffer, True)) {
DEBUG(0, ("receive_smb: SMB Signature verification failed on incoming packet!\n"));
- if (smb_read_error == 0)
+ if (smb_read_error == 0) {
smb_read_error = READ_BAD_SIG;
+ }
return False;
};
@@ -753,6 +766,7 @@ BOOL receive_smb(int fd, char *buffer, unsigned int timeout)
BOOL send_smb(int fd, char *buffer)
{
+ NTSTATUS status;
size_t len;
size_t nwritten=0;
ssize_t ret;
@@ -760,6 +774,13 @@ BOOL send_smb(int fd, char *buffer)
/* Sign the outgoing packet if required. */
srv_calculate_sign_mac(buffer);
+ status = srv_encrypt_buffer(buffer);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("send_smb: SMB encryption failed on outgoing packet! Error %s\n",
+ nt_errstr(status) ));
+ return False;
+ }
+
len = smb_len(buffer) + 4;
while (nwritten < len) {