diff options
-rw-r--r-- | source3/include/client.h | 3 | ||||
-rw-r--r-- | source3/include/smb.h | 3 | ||||
-rw-r--r-- | source3/libsmb/clientgen.c | 23 | ||||
-rw-r--r-- | source3/libsmb/smbencrypt.c | 27 |
4 files changed, 45 insertions, 11 deletions
diff --git a/source3/include/client.h b/source3/include/client.h index 90ba30c7dd..e2eda54948 100644 --- a/source3/include/client.h +++ b/source3/include/client.h @@ -61,7 +61,8 @@ typedef struct smb_sign_info { BOOL use_smb_signing; size_t mac_key_len; uint8 mac_key[44]; - uint32 seq_num; + uint32 send_seq_num; + uint32 reply_seq_num; } smb_sign_info; struct cli_state { diff --git a/source3/include/smb.h b/source3/include/smb.h index 531f270c3d..6211ddef22 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -787,7 +787,8 @@ struct bitmap { #define smb_err 11 #define smb_flg 13 #define smb_flg2 14 -#define smb_reb 13 +#define smb_pidhigh 16 +#define smb_ss_field 18 #define smb_tid 28 #define smb_pid 30 #define smb_uid 32 diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index dee86b2b05..5f42148078 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -107,7 +107,7 @@ BOOL cli_receive_smb(struct cli_state *cli) } /**************************************************************************** - send an smb to a fd. + Send an smb to a fd. ****************************************************************************/ BOOL cli_send_smb(struct cli_state *cli) @@ -117,31 +117,34 @@ BOOL cli_send_smb(struct cli_state *cli) ssize_t ret; /* fd == -1 causes segfaults -- Tom (tom@ninja.nl) */ - if (cli->fd == -1) return False; + if (cli->fd == -1) + return False; + + if (SVAL(cli->outbuf,smb_flg2) & FLAGS2_SMB_SECUIRTY_SIGNITURES) + cli_caclulate_sign_mac(cli); len = smb_len(cli->outbuf) + 4; while (nwritten < len) { ret = write_socket(cli->fd,cli->outbuf+nwritten,len - nwritten); if (ret <= 0) { - close(cli->fd); - cli->fd = -1; - DEBUG(0,("Error writing %d bytes to client. %d\n", - (int)len,(int)ret)); + close(cli->fd); + cli->fd = -1; + DEBUG(0,("Error writing %d bytes to client. %d\n", (int)len,(int)ret)); return False; } nwritten += ret; } - return True; } /**************************************************************************** -setup basics in a outgoing packet + Setup basics in a outgoing packet. ****************************************************************************/ + void cli_setup_packet(struct cli_state *cli) { - cli->rap_error = 0; + cli->rap_error = 0; SSVAL(cli->outbuf,smb_pid,cli->pid); SSVAL(cli->outbuf,smb_uid,cli->vuid); SSVAL(cli->outbuf,smb_mid,cli->mid); @@ -158,6 +161,8 @@ void cli_setup_packet(struct cli_state *cli) if (cli->use_spnego) { flags2 |= FLAGS2_EXTENDED_SECURITY; } + if (cli->sign_info.use_smb_signing) + flags2 |= FLAGS2_SMB_SECUIRTY_SIGNITURES; SSVAL(cli->outbuf,smb_flg2, flags2); } } diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c index fa1eaedb5a..de469c0293 100644 --- a/source3/libsmb/smbencrypt.c +++ b/source3/libsmb/smbencrypt.c @@ -331,5 +331,32 @@ BOOL decode_pw_buffer(char in_buffer[516], char *new_pwrd, #endif return True; +} + +/*********************************************************** + SMB signing - calculate a MAC to send. +************************************************************/ +void cli_caclulate_sign_mac(struct cli_state *cli) +{ + unsigned char calc_md5_mac[16]; + struct MD5Context md5_ctx; + + /* + * Firstly put the sequence number into the first 4 bytes. + * and zero out the next 4 bytes. + */ + SIVAL(cli->outbuf, smb_ss_field, cli->sign_info.send_seq_num); + SIVAL(cli->outbuf, smb_ss_field + 4, 0); + + /* Calculate the 16 byte MAC and place first 8 bytes into the field. */ + MD5Init(&md5_ctx); + MD5Update(&md5_ctx, cli->sign_info.mac_key, cli->sign_info.mac_key_len); + MD5Update(&md5_ctx, cli->outbuf + 4, smb_len(cli->outbuf)); + MD5Final(calc_md5_mac, &md5_ctx); + + memcpy(&cli->outbuf[smb_ss_field], calc_md5_mac, 8); + cli->sign_info.send_seq_num++; + cli->sign_info.reply_seq_num = cli->sign_info.send_seq_num; + cli->sign_info.send_seq_num++; } |