diff options
| author | Jeremy Allison <jra@samba.org> | 2008-01-04 12:56:23 -0800 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2008-01-04 12:56:23 -0800 |
| commit | 9254bb4ef1c3c3a52ea8e935edb0e7a86ec3ea7a (patch) | |
| tree | d4b770708ccb2a8b100d6817ee039f41b6e1ac00 /source3/smbd/seal.c | |
| parent | 517ad5318d3d196713b96f69eff8e2f5d38d922a (diff) | |
| download | samba-9254bb4ef1c3c3a52ea8e935edb0e7a86ec3ea7a.tar.gz samba-9254bb4ef1c3c3a52ea8e935edb0e7a86ec3ea7a.tar.bz2 samba-9254bb4ef1c3c3a52ea8e935edb0e7a86ec3ea7a.zip | |
Refactor the crypto code after a very helpful conversation
with Volker. Mostly making sure we have data on the incoming
packet type, not stored in the smb header.
Jeremy.
(This used to be commit c4e5a505043965eec77b5bb9bc60957e8f3b97c8)
Diffstat (limited to 'source3/smbd/seal.c')
| -rw-r--r-- | source3/smbd/seal.c | 44 |
1 files changed, 29 insertions, 15 deletions
diff --git a/source3/smbd/seal.c b/source3/smbd/seal.c index 24ecb77fd5..21fca73fea 100644 --- a/source3/smbd/seal.c +++ b/source3/smbd/seal.c @@ -36,24 +36,37 @@ static struct smb_srv_trans_enc_ctx *partial_srv_trans_enc_ctx; static struct smb_srv_trans_enc_ctx *srv_trans_enc_ctx; /****************************************************************************** - Is server encryption on ? + Return global enc context - this must change if we ever do multiple contexts. ******************************************************************************/ -bool srv_encryption_on(void) +uint16_t srv_enc_ctx(void) { - if (srv_trans_enc_ctx) { - return common_encryption_on(srv_trans_enc_ctx->es); - } - return false; + return srv_trans_enc_ctx->es->enc_ctx_num; } /****************************************************************************** - Return global enc context - this must change if we ever do multiple contexts. + Is this an incoming encrypted packet ? ******************************************************************************/ -uint16 srv_enc_ctx(void) +bool is_encrypted_packet(const uint8_t *inbuf) { - return srv_trans_enc_ctx->es->enc_ctx_num; + NTSTATUS status; + uint16_t enc_num; + + /* Ignore non-session messages. */ + if(CVAL(inbuf,0)) { + return false; + } + + status = get_enc_ctx_num(inbuf, &enc_num); + if (!NT_STATUS_IS_OK(status)) { + return false; + } + + if (srv_trans_enc_ctx && enc_num == srv_enc_ctx()) { + return true; + } + return false; } /****************************************************************************** @@ -292,9 +305,9 @@ void srv_free_enc_buffer(char *buf) { /* We know this is an smb buffer, and we * didn't malloc, only copy, for a keepalive, - * so ignore session keepalives. */ + * so ignore non-session messages. */ - if(CVAL(buf,0) == SMBkeepalive) { + if(CVAL(buf,0)) { return; } @@ -309,8 +322,8 @@ void srv_free_enc_buffer(char *buf) NTSTATUS srv_decrypt_buffer(char *buf) { - /* Ignore session keepalives. */ - if(CVAL(buf,0) == SMBkeepalive) { + /* Ignore non-session messages. */ + if(CVAL(buf,0)) { return NT_STATUS_OK; } @@ -329,8 +342,8 @@ NTSTATUS srv_encrypt_buffer(char *buf, char **buf_out) { *buf_out = buf; - /* Ignore session keepalives. */ - if(CVAL(buf,0) == SMBkeepalive) { + /* Ignore non-session messages. */ + if(CVAL(buf,0)) { return NT_STATUS_OK; } @@ -698,6 +711,7 @@ NTSTATUS srv_encryption_start(connection_struct *conn) srv_trans_enc_ctx->es->enc_on = true; partial_srv_trans_enc_ctx = NULL; + return NT_STATUS_OK; } |