summaryrefslogtreecommitdiff
path: root/source3/include
diff options
context:
space:
mode:
Diffstat (limited to 'source3/include')
-rw-r--r--source3/include/async_smb.h2
-rw-r--r--source3/include/client.h10
-rw-r--r--source3/include/includes.h1
-rw-r--r--source3/include/proto.h59
-rw-r--r--source3/include/smb.h17
-rw-r--r--source3/include/smb_signing.h46
6 files changed, 100 insertions, 35 deletions
diff --git a/source3/include/async_smb.h b/source3/include/async_smb.h
index 7fc4ff7d27..2ac1101a1e 100644
--- a/source3/include/async_smb.h
+++ b/source3/include/async_smb.h
@@ -63,6 +63,8 @@ struct cli_request {
*/
uint16_t mid;
+ uint32_t seqnum;
+
/**
* The bytes we have to ship to the server
*/
diff --git a/source3/include/client.h b/source3/include/client.h
index 320a90e66b..db19f34a9d 100644
--- a/source3/include/client.h
+++ b/source3/include/client.h
@@ -166,6 +166,13 @@ struct smb_trans_enc_state {
} s;
};
+struct cli_state_seqnum {
+ struct cli_state_seqnum *prev, *next;
+ uint16_t mid;
+ uint32_t seqnum;
+ bool persistent;
+};
+
struct cli_state {
/**
* A list of subsidiary connections for DFS.
@@ -217,6 +224,7 @@ struct cli_state {
size_t max_xmit;
size_t max_mux;
char *outbuf;
+ struct cli_state_seqnum *seqnum;
char *inbuf;
unsigned int bufsize;
int initialised;
@@ -231,7 +239,7 @@ struct cli_state {
TALLOC_CTX *call_mem_ctx;
#endif
- smb_sign_info sign_info;
+ struct smb_signing_state *signing_state;
struct smb_trans_enc_state *trans_enc_state; /* Setup if we're encrypting SMB's. */
diff --git a/source3/include/includes.h b/source3/include/includes.h
index 4bf4b5c735..c883e17713 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -598,6 +598,7 @@ struct smb_iconv_convenience *lp_iconv_convenience(void *lp_ctx);
#include "messages.h"
#include "locking.h"
#include "smb_perfcount.h"
+#include "smb_signing.h"
#include "smb.h"
#include "nameserv.h"
#include "secrets.h"
diff --git a/source3/include/proto.h b/source3/include/proto.h
index c84b1cb9ac..c8dce13916 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -2410,6 +2410,10 @@ bool receive_getdc_response(TALLOC_CTX *mem_ctx,
int cli_set_message(char *buf,int num_words,int num_bytes,bool zero);
unsigned int cli_set_timeout(struct cli_state *cli, unsigned int timeout);
void cli_set_port(struct cli_state *cli, int port);
+bool cli_state_seqnum_persistent(struct cli_state *cli,
+ uint16_t mid);
+bool cli_state_seqnum_remove(struct cli_state *cli,
+ uint16_t mid);
bool cli_receive_smb(struct cli_state *cli);
ssize_t cli_receive_smb_data(struct cli_state *cli, char *buffer, size_t len);
bool cli_receive_smb_readX_header(struct cli_state *cli);
@@ -3181,29 +3185,34 @@ void cli_free_enc_buffer(struct cli_state *cli, char *buf);
NTSTATUS cli_decrypt_message(struct cli_state *cli);
NTSTATUS cli_encrypt_message(struct cli_state *cli, char *buf, char **buf_out);
-/* The following definitions come from libsmb/smb_signing.c */
+/* The following definitions come from libsmb/clisigning.c */
bool cli_simple_set_signing(struct cli_state *cli,
const DATA_BLOB user_session_key,
const DATA_BLOB response);
-bool cli_null_set_signing(struct cli_state *cli);
bool cli_temp_set_signing(struct cli_state *cli);
-void cli_free_signing_context(struct cli_state *cli);
-void cli_calculate_sign_mac(struct cli_state *cli, char *buf);
-bool cli_check_sign_mac(struct cli_state *cli, char *buf);
-bool client_set_trans_sign_state_on(struct cli_state *cli, uint16 mid);
-bool client_set_trans_sign_state_off(struct cli_state *cli, uint16 mid);
+void cli_calculate_sign_mac(struct cli_state *cli, char *buf, uint32_t *seqnum);
+bool cli_check_sign_mac(struct cli_state *cli, const char *buf, uint32_t seqnum);
bool client_is_signing_on(struct cli_state *cli);
-bool srv_oplock_set_signing(bool onoff);
-bool srv_check_sign_mac(const char *inbuf, bool must_be_ok);
-void srv_calculate_sign_mac(char *outbuf);
-void srv_defer_sign_response(uint16 mid);
-void srv_cancel_sign_response(uint16 mid, bool cancel);
-void srv_set_signing_negotiated(void);
-bool srv_is_signing_active(void);
-bool srv_is_signing_negotiated(void);
-bool srv_signing_started(void);
-void srv_set_signing(const DATA_BLOB user_session_key, const DATA_BLOB response);
+bool client_is_signing_allowed(struct cli_state *cli);
+bool client_is_signing_mandatory(struct cli_state *cli);
+void cli_set_signing_negotiated(struct cli_state *cli);
+
+/* The following definitions come from smbd/signing.c */
+
+struct smbd_server_connection;
+bool srv_check_sign_mac(struct smbd_server_connection *conn,
+ const char *inbuf, uint32_t *seqnum);
+void srv_calculate_sign_mac(struct smbd_server_connection *conn,
+ char *outbuf, uint32_t seqnum);
+void srv_cancel_sign_response(struct smbd_server_connection *conn);
+bool srv_init_signing(struct smbd_server_connection *conn);
+void srv_set_signing_negotiated(struct smbd_server_connection *conn);
+bool srv_is_signing_active(struct smbd_server_connection *conn);
+bool srv_is_signing_negotiated(struct smbd_server_connection *conn);
+void srv_set_signing(struct smbd_server_connection *conn,
+ const DATA_BLOB user_session_key,
+ const DATA_BLOB response);
/* The following definitions come from libsmb/smbdes.c */
@@ -4347,7 +4356,7 @@ const char *lp_printcapname(void);
bool lp_disable_spoolss( void );
void lp_set_spoolss_state( uint32 state );
uint32 lp_get_spoolss_state( void );
-bool lp_use_sendfile(int snum);
+bool lp_use_sendfile(int snum, struct smb_signing_state *signing_state);
void set_use_sendfile(int snum, bool val);
void set_store_dos_attributes(int snum, bool val);
void lp_set_mangling_method(const char *new_method);
@@ -6722,7 +6731,9 @@ SEC_DESC *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fname);
void smbd_setup_sig_term_handler(void);
void smbd_setup_sig_hup_handler(void);
-bool srv_send_smb(int fd, char *buffer, bool do_encrypt,
+bool srv_send_smb(int fd, char *buffer,
+ bool no_signing, uint32_t seqnum,
+ bool do_encrypt,
struct smb_perfcount_data *pcd);
int srv_set_message(char *buf,
int num_words,
@@ -7219,6 +7230,16 @@ NTSTATUS idmap_sid_to_gid(const char *domname, DOM_SID *sid, gid_t *gid);
NTSTATUS nss_info_template_init( void );
+/* The following definitions come from lib/avahi.c */
+
+struct AvahiPoll *tevent_avahi_poll(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev);
+
+/* The following definitions come from smbd/avahi_register.c */
+
+void *avahi_start_register(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
+ uint16_t port);
+
/* Misc protos */
#endif /* _PROTO_H_ */
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 281a218256..84aa36a364 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -621,6 +621,7 @@ struct smb_request {
uint16 flags2;
uint16 smbpid;
uint16 mid;
+ uint32_t seqnum;
uint16 vuid;
uint16 tid;
uint8 wct;
@@ -722,6 +723,7 @@ struct pending_message_list {
struct timeval request_time; /* When was this first issued? */
struct timed_event *te;
struct smb_perfcount_data pcd;
+ uint32_t seqnum;
bool encrypted;
DATA_BLOB buf;
DATA_BLOB private_data;
@@ -1847,21 +1849,6 @@ struct ip_service {
/* Special name type used to cause a _kerberos DNS lookup. */
#define KDC_NAME_TYPE 0xDCDC
-/* Used by the SMB signing functions. */
-
-typedef struct smb_sign_info {
- void (*sign_outgoing_message)(char *outbuf, struct smb_sign_info *si);
- bool (*check_incoming_message)(const char *inbuf, struct smb_sign_info *si, bool must_be_ok);
- void (*free_signing_context)(struct smb_sign_info *si);
- void *signing_context;
-
- bool negotiated_smb_signing;
- bool allow_smb_signing;
- bool doing_signing;
- bool mandatory_signing;
- bool seen_valid; /* Have I ever seen a validly signed packet? */
-} smb_sign_info;
-
struct ea_struct {
uint8 flags;
char *name;
diff --git a/source3/include/smb_signing.h b/source3/include/smb_signing.h
new file mode 100644
index 0000000000..770c40cb35
--- /dev/null
+++ b/source3/include/smb_signing.h
@@ -0,0 +1,46 @@
+/*
+ Unix SMB/CIFS implementation.
+ SMB Signing Code
+ Copyright (C) Jeremy Allison 2003.
+ Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
+ Copyright (C) Stefan Metzmacher 2009
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef _SMB_SIGNING_H_
+#define _SMB_SIGNING_H_
+
+struct smb_signing_state;
+
+struct smb_signing_state *smb_signing_init(TALLOC_CTX *mem_ctx,
+ bool allowed,
+ bool mandatory);
+uint32_t smb_signing_next_seqnum(struct smb_signing_state *si, bool oneway);
+void smb_signing_cancel_reply(struct smb_signing_state *si, bool oneway);
+void smb_signing_sign_pdu(struct smb_signing_state *si,
+ uint8_t *outbuf, uint32_t seqnum);
+bool smb_signing_check_pdu(struct smb_signing_state *si,
+ const uint8_t *inbuf, uint32_t seqnum);
+bool smb_signing_set_bsrspyl(struct smb_signing_state *si);
+bool smb_signing_activate(struct smb_signing_state *si,
+ const DATA_BLOB user_session_key,
+ const DATA_BLOB response);
+bool smb_signing_is_active(struct smb_signing_state *si);
+bool smb_signing_is_allowed(struct smb_signing_state *si);
+bool smb_signing_is_mandatory(struct smb_signing_state *si);
+bool smb_signing_set_negotiated(struct smb_signing_state *si);
+bool smb_signing_is_negotiated(struct smb_signing_state *si);
+
+#endif /* _SMB_SIGNING_H_ */
generated by cgit (git 2.34.1) at 2025-01-25 11:20:44 +0000