s3: Pass smbd_server_connection to is_encrypted_packet

4 files changed, 11 insertions, 8 deletions

diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 2d2c56112c..7e3c5f6734 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -202,7 +202,7 @@ int srv_set_message(char *buf,
 static bool valid_smb_header(struct smbd_server_connection *sconn,
 			     const uint8_t *inbuf)
 {
-	if (is_encrypted_packet(inbuf)) {
+	if (is_encrypted_packet(sconn, inbuf)) {
 		return true;
 	}
 	/*
@@ -464,7 +464,7 @@ static NTSTATUS receive_smb_talloc(TALLOC_CTX *mem_ctx,
 		return status;
 	}
 
-	if (is_encrypted_packet((uint8_t *)*buffer)) {
+	if (is_encrypted_packet(sconn, (uint8_t *)*buffer)) {
 		status = srv_decrypt_buffer(*buffer);
 		if (!NT_STATUS_IS_OK(status)) {
 			DEBUG(0, ("receive_smb_talloc: SMB decryption failed on "
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index 289c012b48..0f4036f574 100644
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -937,7 +937,8 @@ void reply_getattrE(struct smb_request *req);
 
 /* The following definitions come from smbd/seal.c  */
 
-bool is_encrypted_packet(const uint8_t *inbuf);
+bool is_encrypted_packet(struct smbd_server_connection *sconn,
+			 const uint8_t *inbuf);
 void srv_free_enc_buffer(char *buf);
 NTSTATUS srv_decrypt_buffer(char *buf);
 NTSTATUS srv_encrypt_buffer(char *buf, char **buf_out);
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index cd07c6d57d..124c6109fe 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -3158,7 +3158,7 @@ void reply_readbraw(struct smb_request *req)
 	START_PROFILE(SMBreadbraw);
 
 	if (srv_is_signing_active(sconn) ||
-	    is_encrypted_packet(req->inbuf)) {
+	    is_encrypted_packet(sconn, req->inbuf)) {
 		exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
 			"raw reads/writes are disallowed.");
 	}
@@ -3582,7 +3582,8 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req,
 	 */
 
 	if (!req_is_in_chain(req) &&
-	    !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) &&
+	    !is_encrypted_packet(req->sconn, req->inbuf) &&
+	    (fsp->base_fsp == NULL) &&
 	    (fsp->wcp == NULL) &&
 	    lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) {
 		uint8 headerbuf[smb_size + 12 * 2];
@@ -3787,7 +3788,7 @@ void reply_read_and_X(struct smb_request *req)
 			}
 			/* We currently don't do this on signed or sealed data. */
 			if (srv_is_signing_active(req->sconn) ||
-			    is_encrypted_packet(req->inbuf)) {
+			    is_encrypted_packet(req->sconn, req->inbuf)) {
 				reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
 				END_PROFILE(SMBreadX);
 				return;
@@ -4414,7 +4415,7 @@ bool is_valid_writeX_buffer(struct smbd_server_connection *sconn,
 	unsigned int doff = 0;
 	size_t len = smb_len_large(inbuf);
 
-	if (is_encrypted_packet(inbuf)) {
+	if (is_encrypted_packet(sconn, inbuf)) {
 		/* Can't do this on encrypted
 		 * connections. */
 		return false;
diff --git a/source3/smbd/seal.c b/source3/smbd/seal.c
index 1b9b3b07df..6a1b056aac 100644
--- a/source3/smbd/seal.c
+++ b/source3/smbd/seal.c
@@ -55,7 +55,8 @@ static uint16_t srv_enc_ctx(const struct smb_srv_trans_enc_ctx *ec)
  Is this an incoming encrypted packet ?
 ******************************************************************************/
 
-bool is_encrypted_packet(const uint8_t *inbuf)
+bool is_encrypted_packet(struct smbd_server_connection *sconn,
+			 const uint8_t *inbuf)
 {
 	NTSTATUS status;
 	uint16_t enc_num;