diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2002-06-16 05:03:11 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2002-06-16 05:03:11 +0000 |
| commit | a54afa45be41a46432470b6fa3f29050f09b47ba (patch) | |
| tree | 7e887467bacc955fcca93a3c519ce2635e05ff8c /source3/libsmb | |
| parent | 60ad5b69808c0ebfecd13c8f741f4e5687742899 (diff) | |
| download | samba-a54afa45be41a46432470b6fa3f29050f09b47ba.tar.gz samba-a54afa45be41a46432470b6fa3f29050f09b47ba.tar.bz2 samba-a54afa45be41a46432470b6fa3f29050f09b47ba.zip | |
Two things: Check how many paramaters that the LDAP libs take for the
rebind proc (some give an extra paramter to pass a void* paramater) and
some small changes for the SMB signing code to reset things when the
signing starts, and to 'turn off' signing if the session setup failed.
Andrew Bartlett
(This used to be commit a8805a34e5d96eeb5ffe15681b241d5a449a6144)
Diffstat (limited to 'source3/libsmb')
| -rw-r--r-- | source3/libsmb/cliconnect.c | 11 | ||||
| -rw-r--r-- | source3/libsmb/smbencrypt.c | 10 |
2 files changed, 12 insertions, 9 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index 135238b9a7..893d194a87 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -258,6 +258,7 @@ static BOOL cli_session_setup_nt1(struct cli_state *cli, char *user, uint32 capabilities = cli_session_setup_capabilities(cli); fstring pword, ntpword; char *p; + BOOL tried_signing = False; if (passlen > sizeof(pword)-1 || ntpasslen > sizeof(ntpword)-1) { return False; @@ -269,15 +270,15 @@ static BOOL cli_session_setup_nt1(struct cli_state *cli, char *user, ntpasslen = 24; SMBencrypt((uchar *)pass,cli->secblob.data,(uchar *)pword); SMBNTencrypt((uchar *)pass,cli->secblob.data,(uchar *)ntpword); + if (!cli->sign_info.use_smb_signing && cli->sign_info.negotiated_smb_signing) { + cli_calculate_mac_key(cli, (uchar *)pass, (uchar *)ntpword); + tried_signing = True; + } } else { memcpy(pword, pass, passlen); memcpy(ntpword, ntpass, ntpasslen); } - if (cli->sign_info.negotiated_smb_signing) { - cli_calculate_mac_key(cli, (uchar *)pass, (uchar *)ntpword); - } - /* send a session setup command */ memset(cli->outbuf,'\0',smb_size); @@ -308,7 +309,7 @@ static BOOL cli_session_setup_nt1(struct cli_state *cli, char *user, show_msg(cli->inbuf); - if (cli_is_error(cli) || SVAL(cli->inbuf,smb_vwv2) /* guest */) { + if (tried_signing && (cli_is_error(cli) || SVAL(cli->inbuf,smb_vwv2) /* guest */)) { /* We only use it if we have a successful non-guest connect */ cli->sign_info.use_smb_signing = False; } diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c index 9ae6da0ced..95434d0ae4 100644 --- a/source3/libsmb/smbencrypt.c +++ b/source3/libsmb/smbencrypt.c @@ -345,6 +345,12 @@ void cli_calculate_mac_key(struct cli_state *cli, const unsigned char *ntpasswd, cli->sign_info.mac_key_len = 40; cli->sign_info.use_smb_signing = True; + /* These calls are INCONPATIBLE with SMB signing */ + cli->readbraw_supported = False; + cli->writebraw_supported = False; + + /* Reset the sequence number in case we had a previous (aborted) attempt */ + cli->sign_info.send_seq_num = 0; } /*********************************************************** @@ -360,10 +366,6 @@ void cli_caclulate_sign_mac(struct cli_state *cli) return; } - /* These calls are INCONPATIBLE with SMB signing */ - cli->readbraw_supported = False; - cli->writebraw_supported = False; - /* * Firstly put the sequence number into the first 4 bytes. * and zero out the next 4 bytes. |