diff options
| author | Jeremy Allison <jra@samba.org> | 2007-03-17 00:32:54 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:18:40 -0500 |
| commit | ecd496f06654e8316260c9a6ddab5e473f9cc452 (patch) | |
| tree | 818b389212a4939094eebb4f60ee2ce83d1d7527 /source3/libsmb/clientgen.c | |
| parent | c2fd7de44e7ba8a7d93110a6f579878697ceaa8d (diff) | |
| download | samba-ecd496f06654e8316260c9a6ddab5e473f9cc452.tar.gz samba-ecd496f06654e8316260c9a6ddab5e473f9cc452.tar.bz2 samba-ecd496f06654e8316260c9a6ddab5e473f9cc452.zip | |
r21865: Add in the stubs for SMB transport encryption. Will flesh
these out as I implement. Don't add to SAMBA_3_0_25, this
is experimental code.
NFSv4 you're now officially on notice... :-).
Jeremy.
(This used to be commit 5bfe638f2172e272741997100ee5ae8ff280494d)
Diffstat (limited to 'source3/libsmb/clientgen.c')
| -rw-r--r-- | source3/libsmb/clientgen.c | 36 |
1 files changed, 31 insertions, 5 deletions
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index 68ecb131b1..cdf36d9b9c 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -54,9 +54,13 @@ int cli_set_port(struct cli_state *cli, int port) should never go into a blocking read. ****************************************************************************/ -static BOOL client_receive_smb(int fd,char *buffer, unsigned int timeout) +static BOOL client_receive_smb(struct cli_state *cli) { BOOL ret; + NTSTATUS status; + int fd = cli->fd; + char *buffer = cli->inbuf; + unsigned int timeout = cli->timeout; for(;;) { ret = receive_smb_raw(fd, buffer, timeout); @@ -71,6 +75,15 @@ static BOOL client_receive_smb(int fd,char *buffer, unsigned int timeout) if(CVAL(buffer,0) != SMBkeepalive) break; } + status = cli_decrypt_message(cli); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("SMB decryption failed on incoming packet! Error %s\n", + nt_errstr(status))); + cli->smb_rw_error = READ_BAD_DECRYPT; + close(cli->fd); + cli->fd = -1; + return False; + } show_msg(buffer); return ret; } @@ -88,7 +101,7 @@ BOOL cli_receive_smb(struct cli_state *cli) return False; again: - ret = client_receive_smb(cli->fd,cli->inbuf,cli->timeout); + ret = client_receive_smb(cli); if (ret) { /* it might be an oplock break request */ @@ -132,7 +145,7 @@ static ssize_t write_socket(int fd, const char *buf, size_t len) DEBUG(6,("write_socket(%d,%d)\n",fd,(int)len)); ret = write_data(fd,buf,len); - + DEBUG(6,("write_socket(%d,%d) wrote %d\n",fd,(int)len,(int)ret)); if(ret <= 0) DEBUG(0,("write_socket: Error writing %d bytes to socket %d: ERRNO = %s\n", @@ -147,16 +160,28 @@ static ssize_t write_socket(int fd, const char *buf, size_t len) BOOL cli_send_smb(struct cli_state *cli) { + NTSTATUS status; size_t len; size_t nwritten=0; ssize_t ret; /* fd == -1 causes segfaults -- Tom (tom@ninja.nl) */ - if (cli->fd == -1) + if (cli->fd == -1) { return False; + } cli_calculate_sign_mac(cli); + status = cli_encrypt_message(cli); + if (!NT_STATUS_IS_OK(status)) { + close(cli->fd); + cli->fd = -1; + cli->smb_rw_error = WRITE_ERROR; + DEBUG(0,("Error in encrypting client message. Error %s\n", + nt_errstr(status) )); + return False; + } + len = smb_len(cli->outbuf) + 4; while (nwritten < len) { @@ -173,8 +198,9 @@ BOOL cli_send_smb(struct cli_state *cli) } /* Increment the mid so we can tell between responses. */ cli->mid++; - if (!cli->mid) + if (!cli->mid) { cli->mid++; + } return True; } |