diff options
author | Andrew Bartlett <abartlet@samba.org> | 2002-06-16 04:21:56 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2002-06-16 04:21:56 +0000 |
commit | 60ad5b69808c0ebfecd13c8f741f4e5687742899 (patch) | |
tree | 8669807f3753437a6ab007614ed2fc7dd125d92c /source3/libsmb/smbencrypt.c | |
parent | ba73192c3cec720656f65ede44f82d9e6027a9aa (diff) | |
download | samba-60ad5b69808c0ebfecd13c8f741f4e5687742899.tar.gz samba-60ad5b69808c0ebfecd13c8f741f4e5687742899.tar.bz2 samba-60ad5b69808c0ebfecd13c8f741f4e5687742899.zip |
Fix up some of the SMB signing code:
The problem was that *all* packets were being signed, even packets before
signing was set up. (This broke the session request).
This fixes it to be an 'opt in' measure - that is, we only attempt to sign
things after we have got a valid, non-guest session setup as per the CIFS spec.
I've not tested this against an MS server, becouse my VMware is down, but
at least it doesn't break the build farm any more.
Andrew Bartlett
(This used to be commit 1dc5a8765876c1ca822e454651f8fd4a551965e9)
Diffstat (limited to 'source3/libsmb/smbencrypt.c')
-rw-r--r-- | source3/libsmb/smbencrypt.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c index 29e168f7bf..9ae6da0ced 100644 --- a/source3/libsmb/smbencrypt.c +++ b/source3/libsmb/smbencrypt.c @@ -343,6 +343,8 @@ void cli_calculate_mac_key(struct cli_state *cli, const unsigned char *ntpasswd, E_md4hash(ntpasswd,&cli->sign_info.mac_key[0]); memcpy(&cli->sign_info.mac_key[16],resp,24); cli->sign_info.mac_key_len = 40; + cli->sign_info.use_smb_signing = True; + } /*********************************************************** @@ -354,6 +356,14 @@ void cli_caclulate_sign_mac(struct cli_state *cli) unsigned char calc_md5_mac[16]; struct MD5Context md5_ctx; + if (!cli->sign_info.use_smb_signing) { + return; + } + + /* These calls are INCONPATIBLE with SMB signing */ + cli->readbraw_supported = False; + cli->writebraw_supported = False; + /* * Firstly put the sequence number into the first 4 bytes. * and zero out the next 4 bytes. |