summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorVolker Lendecke <vl@samba.org>2011-08-05 16:49:20 +0200
committerVolker Lendecke <vl@samba.org>2011-08-25 21:36:19 +0200
commitf9ef138ec7a7a6507e0bd9d7d8753027c002b562 (patch)
treef4782ae2759070471d7439421e890990fe1e6154 /source3/smbd
parentb4b9918cc80ffae55c0c75a93c229c7a29bbb230 (diff)
downloadsamba-f9ef138ec7a7a6507e0bd9d7d8753027c002b562.tar.gz
samba-f9ef138ec7a7a6507e0bd9d7d8753027c002b562.tar.bz2
samba-f9ef138ec7a7a6507e0bd9d7d8753027c002b562.zip
s3: Pass smbd_server_connection to is_encrypted_packet
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/process.c4
-rw-r--r--source3/smbd/proto.h3
-rw-r--r--source3/smbd/reply.c9
-rw-r--r--source3/smbd/seal.c3
4 files changed, 11 insertions, 8 deletions
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 2d2c56112c..7e3c5f6734 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -202,7 +202,7 @@ int srv_set_message(char *buf,
static bool valid_smb_header(struct smbd_server_connection *sconn,
const uint8_t *inbuf)
{
- if (is_encrypted_packet(inbuf)) {
+ if (is_encrypted_packet(sconn, inbuf)) {
return true;
}
/*
@@ -464,7 +464,7 @@ static NTSTATUS receive_smb_talloc(TALLOC_CTX *mem_ctx,
return status;
}
- if (is_encrypted_packet((uint8_t *)*buffer)) {
+ if (is_encrypted_packet(sconn, (uint8_t *)*buffer)) {
status = srv_decrypt_buffer(*buffer);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("receive_smb_talloc: SMB decryption failed on "
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index 289c012b48..0f4036f574 100644
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -937,7 +937,8 @@ void reply_getattrE(struct smb_request *req);
/* The following definitions come from smbd/seal.c */
-bool is_encrypted_packet(const uint8_t *inbuf);
+bool is_encrypted_packet(struct smbd_server_connection *sconn,
+ const uint8_t *inbuf);
void srv_free_enc_buffer(char *buf);
NTSTATUS srv_decrypt_buffer(char *buf);
NTSTATUS srv_encrypt_buffer(char *buf, char **buf_out);
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index cd07c6d57d..124c6109fe 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -3158,7 +3158,7 @@ void reply_readbraw(struct smb_request *req)
START_PROFILE(SMBreadbraw);
if (srv_is_signing_active(sconn) ||
- is_encrypted_packet(req->inbuf)) {
+ is_encrypted_packet(sconn, req->inbuf)) {
exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
"raw reads/writes are disallowed.");
}
@@ -3582,7 +3582,8 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req,
*/
if (!req_is_in_chain(req) &&
- !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) &&
+ !is_encrypted_packet(req->sconn, req->inbuf) &&
+ (fsp->base_fsp == NULL) &&
(fsp->wcp == NULL) &&
lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) {
uint8 headerbuf[smb_size + 12 * 2];
@@ -3787,7 +3788,7 @@ void reply_read_and_X(struct smb_request *req)
}
/* We currently don't do this on signed or sealed data. */
if (srv_is_signing_active(req->sconn) ||
- is_encrypted_packet(req->inbuf)) {
+ is_encrypted_packet(req->sconn, req->inbuf)) {
reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
END_PROFILE(SMBreadX);
return;
@@ -4414,7 +4415,7 @@ bool is_valid_writeX_buffer(struct smbd_server_connection *sconn,
unsigned int doff = 0;
size_t len = smb_len_large(inbuf);
- if (is_encrypted_packet(inbuf)) {
+ if (is_encrypted_packet(sconn, inbuf)) {
/* Can't do this on encrypted
* connections. */
return false;
diff --git a/source3/smbd/seal.c b/source3/smbd/seal.c
index 1b9b3b07df..6a1b056aac 100644
--- a/source3/smbd/seal.c
+++ b/source3/smbd/seal.c
@@ -55,7 +55,8 @@ static uint16_t srv_enc_ctx(const struct smb_srv_trans_enc_ctx *ec)
Is this an incoming encrypted packet ?
******************************************************************************/
-bool is_encrypted_packet(const uint8_t *inbuf)
+bool is_encrypted_packet(struct smbd_server_connection *sconn,
+ const uint8_t *inbuf)
{
NTSTATUS status;
uint16_t enc_num;