Added SSL support from Christian Starkjohann <cs@obdev.at>

This patch may not yet compile with -DUSE_SSL enabled, further
Makefile changes may be needed. But it was important to get
this code in place before I go off to USENIX.
Jeremy.
(This used to be commit 31e768369fdc61e07c59630c86c62239f3d3f3f7)

1 files changed, 25 insertions, 0 deletions

diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 25ec11abaa..45a63a544a 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -2810,6 +2810,10 @@ max can be %d\n", num_interfaces, FD_SETSIZE));
 static void process_smb(char *inbuf, char *outbuf)
 {
   extern int Client;
+#ifdef USE_SSL
+  extern BOOL sslEnabled;     /* don't use function for performance reasons */
+  static int sslConnected = 0;
+#endif /* USE_SSL */
   static int trans_num;
   int msg_type = CVAL(inbuf,0);
   int32 len = smb_len(inbuf);
@@ -2834,6 +2838,18 @@ static void process_smb(char *inbuf, char *outbuf)
   DEBUG(6,("got message type 0x%x of len 0x%x\n",msg_type,len));
   DEBUG(3,("%s Transaction %d of length %d\n",timestring(),trans_num,nread));
 
+#ifdef USE_SSL
+    if(sslEnabled && !sslConnected){
+        sslConnected = sslutil_negotiate_ssl(Client, msg_type);
+        if(sslConnected < 0){   /* an error occured */
+            exit_server("SSL negotiation failed");
+        }else if(sslConnected){
+            trans_num++;
+            return;
+        }
+    }
+#endif  /* USE_SSL */
+
 #ifdef WITH_VTP
   if(trans_num == 1 && VT_Check(inbuf)) 
   {
@@ -5425,6 +5441,15 @@ static void usage(char *pname)
   if (!reload_services(False))
     return(-1);	
 
+#ifdef USE_SSL
+  {
+    extern BOOL sslEnabled;
+    sslEnabled = lp_ssl_enabled();
+    if(sslEnabled)
+      sslutil_init(True);
+  }
+#endif        /* USE_SSL */
+
   codepage_initialise(lp_client_code_page());
 
   pstrcpy(global_myworkgroup, lp_workgroup());