W00t! Client smb signing is now working correctly with krb5 and w2k server.

Server code *should* also work (I'll check shortly). May be the odd memory
leak. Problem was we (a) weren't setting signing on in the client krb5 sessionsetup
code (b) we need to ask for a subkey... (c). The client and server need to
ask for local and remote subkeys respectively.
Thanks to Paul Nelson @ Thursby for some sage advice on this :-).
Jeremy.
(This used to be commit 3f9e3b60709df5ab755045a093e642510d4cde00)

1 files changed, 15 insertions, 0 deletions

diff --git a/source3/libsmb/smb_signing.c b/source3/libsmb/smb_signing.c
index 4a98b84826..977d5e3905 100644
--- a/source3/libsmb/smb_signing.c
+++ b/source3/libsmb/smb_signing.c
@@ -330,6 +330,21 @@ static BOOL client_check_incoming_message(char *inbuf, struct smb_sign_info *si)
 		
 		DEBUG(5, ("client_check_incoming_message: BAD SIG: got SMB signature of\n"));
 		dump_data(5, server_sent_mac, 8);
+#if 0 /* JRATEST */
+		{
+			int i;
+			reply_seq_number -= 5;
+			for (i = 0; i < 10; i++, reply_seq_number++) {
+				simple_packet_signature(data, inbuf, reply_seq_number, calc_md5_mac);
+				if (memcmp(server_sent_mac, calc_md5_mac, 8) == 0) {
+					DEBUG(0,("client_check_incoming_message: out of seq. seq num %u matches.\n",
+							reply_seq_number ));
+					break;
+				}
+			}
+		}
+#endif /* JRATEST */
+
 	}
 	return signing_good(inbuf, si, good);
 }