diff options
author | Andrew Tridgell <tridge@samba.org> | 2008-05-30 17:03:54 +1000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2008-05-30 17:03:54 +1000 |
commit | beaa01e403dda7557a6acdf0181d79d58a33bbbe (patch) | |
tree | 88c5930b546271d0bb9700096bdcdb6d97448e33 /source4/libcli/smb2/session.c | |
parent | 27f465619b2d8e01397b6d15434c9f2c577c5457 (diff) | |
download | samba-beaa01e403dda7557a6acdf0181d79d58a33bbbe.tar.gz samba-beaa01e403dda7557a6acdf0181d79d58a33bbbe.tar.bz2 samba-beaa01e403dda7557a6acdf0181d79d58a33bbbe.zip |
implemented client side SMB2 signing
This doessn't work against Windows yet, and I've submitted a WSPP
request for clarification of the docs to try and find out
why. Meanwhile this is no worse than what we had, as it only gets used
when the server demands signing, and we didn't work then anyway.
(This used to be commit b788096add3586d7277efcd3bf5ca7f3a604cb7a)
Diffstat (limited to 'source4/libcli/smb2/session.c')
-rw-r--r-- | source4/libcli/smb2/session.c | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/source4/libcli/smb2/session.c b/source4/libcli/smb2/session.c index 29af6652f2..54915d8535 100644 --- a/source4/libcli/smb2/session.c +++ b/source4/libcli/smb2/session.c @@ -164,8 +164,8 @@ static void session_request_handler(struct smb2_request *req) session_key_err = gensec_session_key(session->gensec, &session_key); if (NT_STATUS_IS_OK(session_key_err)) { - session->session_key = session_key; - } + session->transport->signing.session_key = session_key; + } } session->uid = state->io.out.uid; @@ -187,6 +187,14 @@ static void session_request_handler(struct smb2_request *req) return; } + if (session->transport->signing.doing_signing) { + c->status = smb2_start_signing(session->transport); + if (!NT_STATUS_IS_OK(c->status)) { + composite_error(c, c->status); + return; + } + } + composite_done(c); } @@ -208,7 +216,10 @@ struct composite_context *smb2_session_setup_spnego_send(struct smb2_session *se ZERO_STRUCT(state->io); state->io.in.vc_number = 0; - state->io.in.security_mode = 0; + if (session->transport->signing.doing_signing) { + state->io.in.security_mode = + SMB2_NEGOTIATE_SIGNING_ENABLED | SMB2_NEGOTIATE_SIGNING_REQUIRED; + } state->io.in.capabilities = 0; state->io.in.channel = 0; state->io.in.previous_sessionid = 0; |