diff options
-rw-r--r-- | source3/client/smbmount.c | 3 | ||||
-rw-r--r-- | source3/libsmb/clientgen.c | 5 | ||||
-rw-r--r-- | source3/libsmb/smbencrypt.c | 38 |
3 files changed, 45 insertions, 1 deletions
diff --git a/source3/client/smbmount.c b/source3/client/smbmount.c index f90c56859f..573b2fe2f6 100644 --- a/source3/client/smbmount.c +++ b/source3/client/smbmount.c @@ -157,6 +157,9 @@ static struct cli_state *do_connection(char *the_service) /* SPNEGO doesn't work till we get NTSTATUS error support */ c->use_spnego = False; + /* The kernel doesn't yet know how to sign it's packets */ + c->sign_info->allow_smb_signing = False; + if (!cli_session_request(c, &calling, &called)) { char *p; DEBUG(0,("%d: session request to %s failed (%s)\n", diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index 3d0bad6c99..b35c7ea2ed 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -114,9 +114,12 @@ BOOL cli_receive_smb(struct cli_state *cli) cli->smb_rw_error = smb_read_error; close(cli->fd); cli->fd = -1; + return ret; } - return ret; + if (!cli_check_sign_mac(cli)) { + DEBUG(0, ("SMB Signiture verification failed on incoming packet!\n")); + }; } /**************************************************************************** diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c index 022a57ef6a..a30a48a020 100644 --- a/source3/libsmb/smbencrypt.c +++ b/source3/libsmb/smbencrypt.c @@ -5,6 +5,7 @@ Modified by Jeremy Allison 1995. Copyright (C) Jeremy Allison 1995-2000. Copyright (C) Luke Kennethc Casson Leighton 1996-2000. + Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -420,3 +421,40 @@ void cli_caclulate_sign_mac(struct cli_state *cli) cli->sign_info.reply_seq_num = cli->sign_info.send_seq_num; cli->sign_info.send_seq_num++; } + +/*********************************************************** + SMB signing - check a MAC sent by server. +************************************************************/ + +BOOL cli_check_sign_mac(struct cli_state *cli) +{ + unsigned char calc_md5_mac[16]; + unsigned char server_sent_mac[8]; + struct MD5Context md5_ctx; + + if (cli->sign_info.temp_smb_signing) { + return True; + } + + if (!cli->sign_info.use_smb_signing) { + return True; + } + + /* + * Firstly put the sequence number into the first 4 bytes. + * and zero out the next 4 bytes. + */ + + memcpy(server_sent_mac, &cli->inbuf[smb_ss_field], sizeof(server_sent_mac)); + + SIVAL(cli->inbuf, smb_ss_field, cli->sign_info.reply_seq_num); + SIVAL(cli->inbuf, smb_ss_field + 4, 0); + + /* Calculate the 16 byte MAC and place first 8 bytes into the field. */ + MD5Init(&md5_ctx); + MD5Update(&md5_ctx, cli->sign_info.mac_key, cli->sign_info.mac_key_len); + MD5Update(&md5_ctx, cli->inbuf + 4, smb_len(cli->inbuf)); + MD5Final(calc_md5_mac, &md5_ctx); + + return (memcmp(server_sent_mac, calc_md5_mac, 8) == 0); +} |