summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2003-02-02 00:11:12 +0000
committerAndrew Bartlett <abartlet@samba.org>2003-02-02 00:11:12 +0000
commitac2eeb7a8f49d389e024af82184b86e79bfd8976 (patch)
tree35302b2b4342d1d0cd8626bc484e63330bf96981 /source3
parentbdeb0de487dfa12fe178eb0b0430fff069ad047d (diff)
downloadsamba-ac2eeb7a8f49d389e024af82184b86e79bfd8976.tar.gz
samba-ac2eeb7a8f49d389e024af82184b86e79bfd8976.tar.bz2
samba-ac2eeb7a8f49d389e024af82184b86e79bfd8976.zip
More signing updates - start checking that the server isn't being spoofed.
Andrew Bartlett (This used to be commit b1c722e306533babeffeba9d8c7dcfa00e019423)
Diffstat (limited to 'source3')
-rw-r--r--source3/client/smbmount.c3
-rw-r--r--source3/libsmb/clientgen.c5
-rw-r--r--source3/libsmb/smbencrypt.c38
3 files changed, 45 insertions, 1 deletions
diff --git a/source3/client/smbmount.c b/source3/client/smbmount.c
index f90c56859f..573b2fe2f6 100644
--- a/source3/client/smbmount.c
+++ b/source3/client/smbmount.c
@@ -157,6 +157,9 @@ static struct cli_state *do_connection(char *the_service)
/* SPNEGO doesn't work till we get NTSTATUS error support */
c->use_spnego = False;
+ /* The kernel doesn't yet know how to sign it's packets */
+ c->sign_info->allow_smb_signing = False;
+
if (!cli_session_request(c, &calling, &called)) {
char *p;
DEBUG(0,("%d: session request to %s failed (%s)\n",
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index 3d0bad6c99..b35c7ea2ed 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -114,9 +114,12 @@ BOOL cli_receive_smb(struct cli_state *cli)
cli->smb_rw_error = smb_read_error;
close(cli->fd);
cli->fd = -1;
+ return ret;
}
- return ret;
+ if (!cli_check_sign_mac(cli)) {
+ DEBUG(0, ("SMB Signiture verification failed on incoming packet!\n"));
+ };
}
/****************************************************************************
diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c
index 022a57ef6a..a30a48a020 100644
--- a/source3/libsmb/smbencrypt.c
+++ b/source3/libsmb/smbencrypt.c
@@ -5,6 +5,7 @@
Modified by Jeremy Allison 1995.
Copyright (C) Jeremy Allison 1995-2000.
Copyright (C) Luke Kennethc Casson Leighton 1996-2000.
+ Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -420,3 +421,40 @@ void cli_caclulate_sign_mac(struct cli_state *cli)
cli->sign_info.reply_seq_num = cli->sign_info.send_seq_num;
cli->sign_info.send_seq_num++;
}
+
+/***********************************************************
+ SMB signing - check a MAC sent by server.
+************************************************************/
+
+BOOL cli_check_sign_mac(struct cli_state *cli)
+{
+ unsigned char calc_md5_mac[16];
+ unsigned char server_sent_mac[8];
+ struct MD5Context md5_ctx;
+
+ if (cli->sign_info.temp_smb_signing) {
+ return True;
+ }
+
+ if (!cli->sign_info.use_smb_signing) {
+ return True;
+ }
+
+ /*
+ * Firstly put the sequence number into the first 4 bytes.
+ * and zero out the next 4 bytes.
+ */
+
+ memcpy(server_sent_mac, &cli->inbuf[smb_ss_field], sizeof(server_sent_mac));
+
+ SIVAL(cli->inbuf, smb_ss_field, cli->sign_info.reply_seq_num);
+ SIVAL(cli->inbuf, smb_ss_field + 4, 0);
+
+ /* Calculate the 16 byte MAC and place first 8 bytes into the field. */
+ MD5Init(&md5_ctx);
+ MD5Update(&md5_ctx, cli->sign_info.mac_key, cli->sign_info.mac_key_len);
+ MD5Update(&md5_ctx, cli->inbuf + 4, smb_len(cli->inbuf));
+ MD5Final(calc_md5_mac, &md5_ctx);
+
+ return (memcmp(server_sent_mac, calc_md5_mac, 8) == 0);
+}