summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--libcli/smb/smbXcli_base.c24
-rw-r--r--libcli/smb/smbXcli_base.h1
2 files changed, 25 insertions, 0 deletions
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index 29dba8cbc0..c6e3b2a6ce 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -149,6 +149,7 @@ struct smbXcli_session {
struct {
uint16_t session_id;
DATA_BLOB application_key;
+ bool protected_key;
} smb1;
struct smb2cli_session *smb2;
@@ -4360,6 +4361,7 @@ NTSTATUS smb1cli_session_set_session_key(struct smbXcli_session *session,
* return NT_STATUS_INVALID_PARAMETER_MIX;
*/
data_blob_clear_free(&session->smb1.application_key);
+ session->smb1.protected_key = false;
}
if (_session_key.length == 0) {
@@ -4378,6 +4380,28 @@ NTSTATUS smb1cli_session_set_session_key(struct smbXcli_session *session,
return NT_STATUS_NO_MEMORY;
}
+ session->smb1.protected_key = false;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS smb1cli_session_protect_session_key(struct smbXcli_session *session)
+{
+ if (session->smb1.protected_key) {
+ /* already protected */
+ return NT_STATUS_OK;
+ }
+
+ if (session->smb1.application_key.length != 16) {
+ return NT_STATUS_INVALID_PARAMETER_MIX;
+ }
+
+ smb_key_derivation(session->smb1.application_key.data,
+ session->smb1.application_key.length,
+ session->smb1.application_key.data);
+
+ session->smb1.protected_key = true;
+
return NT_STATUS_OK;
}
diff --git a/libcli/smb/smbXcli_base.h b/libcli/smb/smbXcli_base.h
index 3f78cd5da7..689369e4a9 100644
--- a/libcli/smb/smbXcli_base.h
+++ b/libcli/smb/smbXcli_base.h
@@ -256,6 +256,7 @@ void smb1cli_session_set_id(struct smbXcli_session* session,
uint16_t session_id);
NTSTATUS smb1cli_session_set_session_key(struct smbXcli_session *session,
const DATA_BLOB _session_key);
+NTSTATUS smb1cli_session_protect_session_key(struct smbXcli_session *session);
uint8_t smb2cli_session_security_mode(struct smbXcli_session *session);
uint64_t smb2cli_session_current_id(struct smbXcli_session *session);
uint16_t smb2cli_session_get_flags(struct smbXcli_session *session);