summaryrefslogtreecommitdiff
path: root/source3/libsmb
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2002-06-16 05:03:11 +0000
committerAndrew Bartlett <abartlet@samba.org>2002-06-16 05:03:11 +0000
commita54afa45be41a46432470b6fa3f29050f09b47ba (patch)
tree7e887467bacc955fcca93a3c519ce2635e05ff8c /source3/libsmb
parent60ad5b69808c0ebfecd13c8f741f4e5687742899 (diff)
downloadsamba-a54afa45be41a46432470b6fa3f29050f09b47ba.tar.gz
samba-a54afa45be41a46432470b6fa3f29050f09b47ba.tar.bz2
samba-a54afa45be41a46432470b6fa3f29050f09b47ba.zip
Two things: Check how many paramaters that the LDAP libs take for the
rebind proc (some give an extra paramter to pass a void* paramater) and some small changes for the SMB signing code to reset things when the signing starts, and to 'turn off' signing if the session setup failed. Andrew Bartlett (This used to be commit a8805a34e5d96eeb5ffe15681b241d5a449a6144)
Diffstat (limited to 'source3/libsmb')
-rw-r--r--source3/libsmb/cliconnect.c11
-rw-r--r--source3/libsmb/smbencrypt.c10
2 files changed, 12 insertions, 9 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 135238b9a7..893d194a87 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -258,6 +258,7 @@ static BOOL cli_session_setup_nt1(struct cli_state *cli, char *user,
uint32 capabilities = cli_session_setup_capabilities(cli);
fstring pword, ntpword;
char *p;
+ BOOL tried_signing = False;
if (passlen > sizeof(pword)-1 || ntpasslen > sizeof(ntpword)-1) {
return False;
@@ -269,15 +270,15 @@ static BOOL cli_session_setup_nt1(struct cli_state *cli, char *user,
ntpasslen = 24;
SMBencrypt((uchar *)pass,cli->secblob.data,(uchar *)pword);
SMBNTencrypt((uchar *)pass,cli->secblob.data,(uchar *)ntpword);
+ if (!cli->sign_info.use_smb_signing && cli->sign_info.negotiated_smb_signing) {
+ cli_calculate_mac_key(cli, (uchar *)pass, (uchar *)ntpword);
+ tried_signing = True;
+ }
} else {
memcpy(pword, pass, passlen);
memcpy(ntpword, ntpass, ntpasslen);
}
- if (cli->sign_info.negotiated_smb_signing) {
- cli_calculate_mac_key(cli, (uchar *)pass, (uchar *)ntpword);
- }
-
/* send a session setup command */
memset(cli->outbuf,'\0',smb_size);
@@ -308,7 +309,7 @@ static BOOL cli_session_setup_nt1(struct cli_state *cli, char *user,
show_msg(cli->inbuf);
- if (cli_is_error(cli) || SVAL(cli->inbuf,smb_vwv2) /* guest */) {
+ if (tried_signing && (cli_is_error(cli) || SVAL(cli->inbuf,smb_vwv2) /* guest */)) {
/* We only use it if we have a successful non-guest connect */
cli->sign_info.use_smb_signing = False;
}
diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c
index 9ae6da0ced..95434d0ae4 100644
--- a/source3/libsmb/smbencrypt.c
+++ b/source3/libsmb/smbencrypt.c
@@ -345,6 +345,12 @@ void cli_calculate_mac_key(struct cli_state *cli, const unsigned char *ntpasswd,
cli->sign_info.mac_key_len = 40;
cli->sign_info.use_smb_signing = True;
+ /* These calls are INCONPATIBLE with SMB signing */
+ cli->readbraw_supported = False;
+ cli->writebraw_supported = False;
+
+ /* Reset the sequence number in case we had a previous (aborted) attempt */
+ cli->sign_info.send_seq_num = 0;
}
/***********************************************************
@@ -360,10 +366,6 @@ void cli_caclulate_sign_mac(struct cli_state *cli)
return;
}
- /* These calls are INCONPATIBLE with SMB signing */
- cli->readbraw_supported = False;
- cli->writebraw_supported = False;
-
/*
* Firstly put the sequence number into the first 4 bytes.
* and zero out the next 4 bytes.