diff options
Diffstat (limited to 'source3/libsmb')
| -rw-r--r-- | source3/libsmb/cliconnect.c | 25 | ||||
| -rw-r--r-- | source3/libsmb/clidgram.c | 2 | ||||
| -rw-r--r-- | source3/libsmb/clientgen.c | 96 | ||||
| -rw-r--r-- | source3/libsmb/clierror.c | 5 | ||||
| -rw-r--r-- | source3/libsmb/clifile.c | 44 | ||||
| -rw-r--r-- | source3/libsmb/clifsinfo.c | 324 | ||||
| -rw-r--r-- | source3/libsmb/clilist.c | 4 | ||||
| -rw-r--r-- | source3/libsmb/climessage.c | 6 | ||||
| -rw-r--r-- | source3/libsmb/clioplock.c | 2 | ||||
| -rw-r--r-- | source3/libsmb/cliprint.c | 4 | ||||
| -rw-r--r-- | source3/libsmb/clireadwrite.c | 14 | ||||
| -rw-r--r-- | source3/libsmb/clitrans.c | 8 | ||||
| -rw-r--r-- | source3/libsmb/errormap.c | 106 | ||||
| -rw-r--r-- | source3/libsmb/libsmbclient.c | 76 | ||||
| -rw-r--r-- | source3/libsmb/smb_seal.c | 496 |
15 files changed, 112 insertions, 1100 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index 820a904ea4..78cc63de50 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -98,7 +98,7 @@ static NTSTATUS cli_session_setup_lanman2(struct cli_state *cli, /* send a session setup command */ memset(cli->outbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,10, 0, True); + set_message(cli->outbuf,10, 0, True); SCVAL(cli->outbuf,smb_com,SMBsesssetupX); cli_setup_packet(cli); @@ -168,7 +168,7 @@ static NTSTATUS cli_session_setup_guest(struct cli_state *cli) uint32 capabilities = cli_session_setup_capabilities(cli); memset(cli->outbuf, '\0', smb_size); - set_message(NULL,cli->outbuf,13,0,True); + set_message(cli->outbuf,13,0,True); SCVAL(cli->outbuf,smb_com,SMBsesssetupX); cli_setup_packet(cli); @@ -228,7 +228,7 @@ static NTSTATUS cli_session_setup_plaintext(struct cli_state *cli, fstr_sprintf( lanman, "Samba %s", SAMBA_VERSION_STRING); memset(cli->outbuf, '\0', smb_size); - set_message(NULL,cli->outbuf,13,0,True); + set_message(cli->outbuf,13,0,True); SCVAL(cli->outbuf,smb_com,SMBsesssetupX); cli_setup_packet(cli); @@ -377,7 +377,7 @@ static NTSTATUS cli_session_setup_nt1(struct cli_state *cli, const char *user, /* send a session setup command */ memset(cli->outbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,13,0,True); + set_message(cli->outbuf,13,0,True); SCVAL(cli->outbuf,smb_com,SMBsesssetupX); cli_setup_packet(cli); @@ -457,7 +457,7 @@ static BOOL cli_session_setup_blob_send(struct cli_state *cli, DATA_BLOB blob) /* send a session setup command */ memset(cli->outbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,12,0,True); + set_message(cli->outbuf,12,0,True); SCVAL(cli->outbuf,smb_com,SMBsesssetupX); cli_setup_packet(cli); @@ -765,7 +765,7 @@ static NTSTATUS cli_session_setup_ntlmssp(struct cli_state *cli, const char *use } } - /* we have a reference counter on ntlmssp_state, if we are signing + /* we have a reference conter on ntlmssp_state, if we are signing then the state will be kept by the signing engine */ ntlmssp_end(&ntlmssp_state); @@ -978,6 +978,7 @@ NTSTATUS cli_session_setup(struct cli_state *cli, } return NT_STATUS_OK; + } /**************************************************************************** @@ -987,7 +988,7 @@ NTSTATUS cli_session_setup(struct cli_state *cli, BOOL cli_ulogoff(struct cli_state *cli) { memset(cli->outbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,2,0,True); + set_message(cli->outbuf,2,0,True); SCVAL(cli->outbuf,smb_com,SMBulogoffX); cli_setup_packet(cli); SSVAL(cli->outbuf,smb_vwv0,0xFF); @@ -1064,7 +1065,7 @@ BOOL cli_send_tconX(struct cli_state *cli, slprintf(fullshare, sizeof(fullshare)-1, "\\\\%s\\%s", cli->desthost, share); - set_message(NULL,cli->outbuf,4, 0, True); + set_message(cli->outbuf,4, 0, True); SCVAL(cli->outbuf,smb_com,SMBtconX); cli_setup_packet(cli); @@ -1115,7 +1116,7 @@ BOOL cli_send_tconX(struct cli_state *cli, BOOL cli_tdis(struct cli_state *cli) { memset(cli->outbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,0,0,True); + set_message(cli->outbuf,0,0,True); SCVAL(cli->outbuf,smb_com,SMBtdis); SSVAL(cli->outbuf,smb_tid,cli->cnum); cli_setup_packet(cli); @@ -1147,7 +1148,7 @@ void cli_negprot_send(struct cli_state *cli) memset(cli->outbuf,'\0',smb_size); /* setup the protocol strings */ - set_message(NULL,cli->outbuf,0,0,True); + set_message(cli->outbuf,0,0,True); p = smb_buf(cli->outbuf); for (numprots=0; @@ -1187,7 +1188,7 @@ BOOL cli_negprot(struct cli_state *cli) numprots++) plength += strlen(prots[numprots].name)+2; - set_message(NULL,cli->outbuf,0,plength,True); + set_message(cli->outbuf,0,plength,True); p = smb_buf(cli->outbuf); for (numprots=0; @@ -1720,7 +1721,7 @@ NTSTATUS cli_raw_tcon(struct cli_state *cli, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf, 0, 0, True); + set_message(cli->outbuf, 0, 0, True); SCVAL(cli->outbuf,smb_com,SMBtcon); cli_setup_packet(cli); diff --git a/source3/libsmb/clidgram.c b/source3/libsmb/clidgram.c index 7a6ee17f4a..f170834fa9 100644 --- a/source3/libsmb/clidgram.c +++ b/source3/libsmb/clidgram.c @@ -69,7 +69,7 @@ BOOL cli_send_mailslot(struct messaging_context *msg_ctx, /* Setup the smb part. */ ptr -= 4; /* XXX Ugliness because of handling of tcp SMB length. */ memcpy(tmp,ptr,4); - set_message(NULL,ptr,17,strlen(mailslot) + 1 + len,True); + set_message(ptr,17,strlen(mailslot) + 1 + len,True); memcpy(ptr,tmp,4); SCVAL(ptr,smb_com,SMBtrans); diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index a23e0184d7..1e3af9a3d7 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -48,18 +48,15 @@ int cli_set_port(struct cli_state *cli, int port) *MUST* be of size BUFFER_SIZE+SAFETY_MARGIN. The timeout is in milliseconds - This is exactly the same as receive_smb except that it can be set to never return + This is exactly the same as receive_smb except that it never returns a session keepalive packet (just as receive_smb used to do). receive_smb was changed to return keepalives as the oplock processing means this call should never go into a blocking read. ****************************************************************************/ -static ssize_t client_receive_smb(struct cli_state *cli, BOOL eat_keepalives, size_t maxlen) +static ssize_t client_receive_smb(int fd,char *buffer, unsigned int timeout, size_t maxlen) { ssize_t len; - int fd = cli->fd; - char *buffer = cli->inbuf; - unsigned int timeout = cli->timeout; for(;;) { len = receive_smb_raw(fd, buffer, timeout, maxlen); @@ -71,22 +68,8 @@ static ssize_t client_receive_smb(struct cli_state *cli, BOOL eat_keepalives, si } /* Ignore session keepalive packets. */ - if (eat_keepalives && (CVAL(buffer,0) == SMBkeepalive)) { - continue; - } - break; - } - - if (cli_encryption_on(cli)) { - NTSTATUS status = cli_decrypt_message(cli); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(0, ("SMB decryption failed on incoming packet! Error %s\n", - nt_errstr(status))); - cli->smb_rw_error = READ_BAD_DECRYPT; - close(cli->fd); - cli->fd = -1; - return -1; - } + if(CVAL(buffer,0) != SMBkeepalive) + break; } show_msg(buffer); return len; @@ -96,7 +79,7 @@ static ssize_t client_receive_smb(struct cli_state *cli, BOOL eat_keepalives, si Recv an smb. ****************************************************************************/ -BOOL cli_receive_smb_internal(struct cli_state *cli, BOOL eat_keepalives) +BOOL cli_receive_smb(struct cli_state *cli) { ssize_t len; @@ -105,12 +88,7 @@ BOOL cli_receive_smb_internal(struct cli_state *cli, BOOL eat_keepalives) return False; again: - len = client_receive_smb(cli, eat_keepalives, 0); - - if (len >= 0 && !eat_keepalives && (CVAL(cli->inbuf,0) == SMBkeepalive)) { - /* Give back the keepalive. */ - return True; - } + len = client_receive_smb(cli->fd,cli->inbuf,cli->timeout, 0); if (len > 0) { /* it might be an oplock break request */ @@ -166,30 +144,11 @@ BOOL cli_receive_smb_internal(struct cli_state *cli, BOOL eat_keepalives) close(cli->fd); cli->fd = -1; return False; - } - + }; return True; } /**************************************************************************** - Recv an smb - eat keepalives. -****************************************************************************/ - -BOOL cli_receive_smb(struct cli_state *cli) -{ - return cli_receive_smb_internal(cli, True); -} - -/**************************************************************************** - Recv an smb - return keepalives. -****************************************************************************/ - -BOOL cli_receive_smb_return_keepalive(struct cli_state *cli) -{ - return cli_receive_smb_internal(cli, False); -} - -/**************************************************************************** Read the data portion of a readX smb. The timeout is in milliseconds ****************************************************************************/ @@ -205,7 +164,6 @@ ssize_t cli_receive_smb_data(struct cli_state *cli, char *buffer, size_t len) /**************************************************************************** Read a smb readX header. - We can only use this if encryption and signing are off. ****************************************************************************/ BOOL cli_receive_smb_readX_header(struct cli_state *cli) @@ -218,7 +176,7 @@ BOOL cli_receive_smb_readX_header(struct cli_state *cli) again: /* Read up to the size of a readX header reply. */ - len = client_receive_smb(cli, True, (smb_size - 4) + 24); + len = client_receive_smb(cli->fd, cli->inbuf, cli->timeout, (smb_size - 4) + 24); if (len > 0) { /* it might be an oplock break request */ @@ -296,7 +254,7 @@ static ssize_t write_socket(int fd, const char *buf, size_t len) DEBUG(6,("write_socket(%d,%d)\n",fd,(int)len)); ret = write_data(fd,buf,len); - + DEBUG(6,("write_socket(%d,%d) wrote %d\n",fd,(int)len,(int)ret)); if(ret <= 0) DEBUG(0,("write_socket: Error writing %d bytes to socket %d: ERRNO = %s\n", @@ -314,36 +272,18 @@ BOOL cli_send_smb(struct cli_state *cli) size_t len; size_t nwritten=0; ssize_t ret; - char *buf_out = cli->outbuf; - BOOL enc_on = cli_encryption_on(cli); /* fd == -1 causes segfaults -- Tom (tom@ninja.nl) */ - if (cli->fd == -1) { + if (cli->fd == -1) return False; - } cli_calculate_sign_mac(cli); - if (enc_on) { - NTSTATUS status = cli_encrypt_message(cli, &buf_out); - if (!NT_STATUS_IS_OK(status)) { - close(cli->fd); - cli->fd = -1; - cli->smb_rw_error = WRITE_ERROR; - DEBUG(0,("Error in encrypting client message. Error %s\n", - nt_errstr(status) )); - return False; - } - } - - len = smb_len(buf_out) + 4; + len = smb_len(cli->outbuf) + 4; while (nwritten < len) { - ret = write_socket(cli->fd,buf_out+nwritten,len - nwritten); + ret = write_socket(cli->fd,cli->outbuf+nwritten,len - nwritten); if (ret <= 0) { - if (enc_on) { - cli_free_enc_buffer(cli, buf_out); - } close(cli->fd); cli->fd = -1; cli->smb_rw_error = WRITE_ERROR; @@ -353,14 +293,10 @@ BOOL cli_send_smb(struct cli_state *cli) } nwritten += ret; } - - cli_free_enc_buffer(cli, buf_out); - /* Increment the mid so we can tell between responses. */ cli->mid++; - if (!cli->mid) { + if (!cli->mid) cli->mid++; - } return True; } @@ -401,7 +337,7 @@ void cli_setup_packet(struct cli_state *cli) void cli_setup_bcc(struct cli_state *cli, void *p) { - set_message_bcc(NULL,cli->outbuf, PTR_DIFF(p, smb_buf(cli->outbuf))); + set_message_bcc(cli->outbuf, PTR_DIFF(p, smb_buf(cli->outbuf))); } /**************************************************************************** @@ -607,8 +543,6 @@ void cli_shutdown(struct cli_state *cli) SAFE_FREE(cli->inbuf); cli_free_signing_context(cli); - cli_free_encryption_context(cli); - data_blob_free(&cli->secblob); data_blob_free(&cli->user_session_key); @@ -689,7 +623,7 @@ BOOL cli_echo(struct cli_state *cli, uint16 num_echos, SMB_ASSERT(length < 1024); memset(cli->outbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,1,length,True); + set_message(cli->outbuf,1,length,True); SCVAL(cli->outbuf,smb_com,SMBecho); SSVAL(cli->outbuf,smb_tid,65535); SSVAL(cli->outbuf,smb_vwv0,num_echos); diff --git a/source3/libsmb/clierror.c b/source3/libsmb/clierror.c index 374fdfa5e4..be018074eb 100644 --- a/source3/libsmb/clierror.c +++ b/source3/libsmb/clierror.c @@ -83,7 +83,6 @@ static NTSTATUS cli_smb_rw_error_to_ntstatus(struct cli_state *cli) case WRITE_ERROR: return NT_STATUS_UNEXPECTED_NETWORK_ERROR; case READ_BAD_SIG: - case READ_BAD_DECRYPT: return NT_STATUS_INVALID_PARAMETER; default: break; @@ -133,10 +132,6 @@ const char *cli_errstr(struct cli_state *cli) slprintf(cli_error_message, sizeof(cli_error_message) - 1, "Server packet had invalid SMB signature!"); break; - case READ_BAD_DECRYPT: - slprintf(cli_error_message, sizeof(cli_error_message) - 1, - "Server packet could not be decrypted !"); - break; default: slprintf(cli_error_message, sizeof(cli_error_message) - 1, "Unknown error code %d\n", cli->smb_rw_error ); diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c index 7e29c1bf1a..c7b39f0b8d 100644 --- a/source3/libsmb/clifile.c +++ b/source3/libsmb/clifile.c @@ -389,7 +389,7 @@ BOOL cli_rename(struct cli_state *cli, const char *fname_src, const char *fname_ memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,1, 0, True); + set_message(cli->outbuf,1, 0, True); SCVAL(cli->outbuf,smb_com,SMBmv); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -426,7 +426,7 @@ BOOL cli_ntrename(struct cli_state *cli, const char *fname_src, const char *fnam memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf, 4, 0, True); + set_message(cli->outbuf, 4, 0, True); SCVAL(cli->outbuf,smb_com,SMBntrename); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -464,7 +464,7 @@ BOOL cli_nt_hardlink(struct cli_state *cli, const char *fname_src, const char *f memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf, 4, 0, True); + set_message(cli->outbuf, 4, 0, True); SCVAL(cli->outbuf,smb_com,SMBntrename); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -502,7 +502,7 @@ BOOL cli_unlink_full(struct cli_state *cli, const char *fname, uint16 attrs) memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,1, 0,True); + set_message(cli->outbuf,1, 0,True); SCVAL(cli->outbuf,smb_com,SMBunlink); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -547,7 +547,7 @@ BOOL cli_mkdir(struct cli_state *cli, const char *dname) memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,0, 0,True); + set_message(cli->outbuf,0, 0,True); SCVAL(cli->outbuf,smb_com,SMBmkdir); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -582,7 +582,7 @@ BOOL cli_rmdir(struct cli_state *cli, const char *dname) memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,0, 0, True); + set_message(cli->outbuf,0, 0, True); SCVAL(cli->outbuf,smb_com,SMBrmdir); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -664,7 +664,7 @@ int cli_nt_create_full(struct cli_state *cli, const char *fname, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,24,0,True); + set_message(cli->outbuf,24,0,True); SCVAL(cli->outbuf,smb_com,SMBntcreateX); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -758,7 +758,7 @@ int cli_open(struct cli_state *cli, const char *fname, int flags, int share_mode memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,15,0,True); + set_message(cli->outbuf,15,0,True); SCVAL(cli->outbuf,smb_com,SMBopenX); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -805,7 +805,7 @@ BOOL cli_close(struct cli_state *cli, int fnum) memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,3,0,True); + set_message(cli->outbuf,3,0,True); SCVAL(cli->outbuf,smb_com,SMBclose); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -837,7 +837,7 @@ NTSTATUS cli_locktype(struct cli_state *cli, int fnum, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0', smb_size); - set_message(NULL,cli->outbuf,8,0,True); + set_message(cli->outbuf,8,0,True); SCVAL(cli->outbuf,smb_com,SMBlockingX); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -889,7 +889,7 @@ BOOL cli_lock(struct cli_state *cli, int fnum, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0', smb_size); - set_message(NULL,cli->outbuf,8,0,True); + set_message(cli->outbuf,8,0,True); SCVAL(cli->outbuf,smb_com,SMBlockingX); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -942,7 +942,7 @@ BOOL cli_unlock(struct cli_state *cli, int fnum, uint32 offset, uint32 len) memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,8,0,True); + set_message(cli->outbuf,8,0,True); SCVAL(cli->outbuf,smb_com,SMBlockingX); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -994,7 +994,7 @@ BOOL cli_lock64(struct cli_state *cli, int fnum, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0', smb_size); - set_message(NULL,cli->outbuf,8,0,True); + set_message(cli->outbuf,8,0,True); SCVAL(cli->outbuf,smb_com,SMBlockingX); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -1049,7 +1049,7 @@ BOOL cli_unlock64(struct cli_state *cli, int fnum, SMB_BIG_UINT offset, SMB_BIG_ memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,8,0,True); + set_message(cli->outbuf,8,0,True); SCVAL(cli->outbuf,smb_com,SMBlockingX); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -1196,7 +1196,7 @@ BOOL cli_getattrE(struct cli_state *cli, int fd, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,1,0,True); + set_message(cli->outbuf,1,0,True); SCVAL(cli->outbuf,smb_com,SMBgetattrE); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -1248,7 +1248,7 @@ BOOL cli_getatr(struct cli_state *cli, const char *fname, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,0,0,True); + set_message(cli->outbuf,0,0,True); SCVAL(cli->outbuf,smb_com,SMBgetatr); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -1300,7 +1300,7 @@ BOOL cli_setattrE(struct cli_state *cli, int fd, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,7,0,True); + set_message(cli->outbuf,7,0,True); SCVAL(cli->outbuf,smb_com,SMBsetattrE); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -1339,7 +1339,7 @@ BOOL cli_setatr(struct cli_state *cli, const char *fname, uint16 attr, time_t t) memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,8,0,True); + set_message(cli->outbuf,8,0,True); SCVAL(cli->outbuf,smb_com,SMBsetatr); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -1381,7 +1381,7 @@ BOOL cli_chkpath(struct cli_state *cli, const char *path) *path2 = '\\'; memset(cli->outbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,0,0,True); + set_message(cli->outbuf,0,0,True); SCVAL(cli->outbuf,smb_com,SMBcheckpath); SSVAL(cli->outbuf,smb_tid,cli->cnum); cli_setup_packet(cli); @@ -1408,7 +1408,7 @@ BOOL cli_chkpath(struct cli_state *cli, const char *path) BOOL cli_dskattr(struct cli_state *cli, int *bsize, int *total, int *avail) { memset(cli->outbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,0,0,True); + set_message(cli->outbuf,0,0,True); SCVAL(cli->outbuf,smb_com,SMBdskattr); SSVAL(cli->outbuf,smb_tid,cli->cnum); cli_setup_packet(cli); @@ -1437,7 +1437,7 @@ int cli_ctemp(struct cli_state *cli, const char *path, char **tmp_path) memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,3,0,True); + set_message(cli->outbuf,3,0,True); SCVAL(cli->outbuf,smb_com,SMBctemp); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -1487,7 +1487,7 @@ NTSTATUS cli_raw_ioctl(struct cli_state *cli, int fnum, uint32 code, DATA_BLOB * memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf, 3, 0, True); + set_message(cli->outbuf, 3, 0, True); SCVAL(cli->outbuf,smb_com,SMBioctl); cli_setup_packet(cli); diff --git a/source3/libsmb/clifsinfo.c b/source3/libsmb/clifsinfo.c index 48865c98ca..d2f759b192 100644 --- a/source3/libsmb/clifsinfo.c +++ b/source3/libsmb/clifsinfo.c @@ -2,7 +2,6 @@ Unix SMB/CIFS implementation. FS info functions Copyright (C) Stefan (metze) Metzmacher 2003 - Copyright (C) Jeremy Allison 2007. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -302,326 +301,3 @@ cleanup: return ret; } - -/****************************************************************************** - Send/receive the request encryption blob. -******************************************************************************/ - -static NTSTATUS enc_blob_send_receive(struct cli_state *cli, DATA_BLOB *in, DATA_BLOB *out, DATA_BLOB *param_out) -{ - uint16 setup; - char param[4]; - char *rparam=NULL, *rdata=NULL; - unsigned int rparam_count=0, rdata_count=0; - NTSTATUS status = NT_STATUS_OK; - - setup = TRANSACT2_SETFSINFO; - - SSVAL(param,0,0); - SSVAL(param,2,SMB_REQUEST_TRANSPORT_ENCRYPTION); - - if (!cli_send_trans(cli, SMBtrans2, - NULL, - 0, 0, - &setup, 1, 0, - param, 4, 0, - (char *)in->data, in->length, CLI_BUFFER_SIZE)) { - status = cli_nt_error(cli); - goto out; - } - - if (!cli_receive_trans(cli, SMBtrans2, - &rparam, &rparam_count, - &rdata, &rdata_count)) { - status = cli_nt_error(cli); - goto out; - } - - if (cli_is_error(cli)) { - status = cli_nt_error(cli); - if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { - goto out; - } - } - - *out = data_blob(rdata, rdata_count); - *param_out = data_blob(rparam, rparam_count); - - out: - - SAFE_FREE(rparam); - SAFE_FREE(rdata); - return status; -} - -/****************************************************************************** - Make a client state struct. -******************************************************************************/ - -static struct smb_trans_enc_state *make_cli_enc_state(enum smb_trans_enc_type smb_enc_type) -{ - struct smb_trans_enc_state *es = NULL; - es = SMB_MALLOC_P(struct smb_trans_enc_state); - if (!es) { - return NULL; - } - ZERO_STRUCTP(es); - es->smb_enc_type = smb_enc_type; - - if (smb_enc_type == SMB_TRANS_ENC_GSS) { -#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5) - es->s.gss_state = SMB_MALLOC_P(struct smb_tran_enc_state_gss); - if (!es->s.gss_state) { - SAFE_FREE(es); - return NULL; - } - ZERO_STRUCTP(es->s.gss_state); -#else - DEBUG(0,("make_cli_enc_state: no krb5 compiled.\n")); - SAFE_FREE(es); - return NULL; -#endif - } - return es; -} - -/****************************************************************************** - Start a raw ntlmssp encryption. -******************************************************************************/ - -NTSTATUS cli_raw_ntlm_smb_encryption_start(struct cli_state *cli, - const char *user, - const char *pass, - const char *domain) -{ - DATA_BLOB blob_in = data_blob_null; - DATA_BLOB blob_out = data_blob_null; - DATA_BLOB param_out = data_blob_null; - NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - struct smb_trans_enc_state *es = make_cli_enc_state(SMB_TRANS_ENC_NTLM); - - if (!es) { - return NT_STATUS_NO_MEMORY; - } - status = ntlmssp_client_start(&es->s.ntlmssp_state); - if (!NT_STATUS_IS_OK(status)) { - goto fail; - } - - ntlmssp_want_feature(es->s.ntlmssp_state, NTLMSSP_FEATURE_SESSION_KEY); - es->s.ntlmssp_state->neg_flags |= (NTLMSSP_NEGOTIATE_SIGN|NTLMSSP_NEGOTIATE_SEAL); - - if (!NT_STATUS_IS_OK(status = ntlmssp_set_username(es->s.ntlmssp_state, user))) { - goto fail; - } - if (!NT_STATUS_IS_OK(status = ntlmssp_set_domain(es->s.ntlmssp_state, domain))) { - goto fail; - } - if (!NT_STATUS_IS_OK(status = ntlmssp_set_password(es->s.ntlmssp_state, pass))) { - goto fail; - } - - do { - status = ntlmssp_update(es->s.ntlmssp_state, blob_in, &blob_out); - data_blob_free(&blob_in); - data_blob_free(¶m_out); - if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED) || NT_STATUS_IS_OK(status)) { - status = enc_blob_send_receive(cli, &blob_out, &blob_in, ¶m_out); - } - if (param_out.length == 2) { - es->enc_ctx_num = SVAL(param_out.data, 0); - } - data_blob_free(&blob_out); - } while (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)); - - data_blob_free(&blob_in); - - if (NT_STATUS_IS_OK(status)) { - /* Replace the old state, if any. */ - if (cli->trans_enc_state) { - common_free_encryption_state(&cli->trans_enc_state); - } - cli->trans_enc_state = es; - cli->trans_enc_state->enc_on = True; - es = NULL; - } - - fail: - - common_free_encryption_state(&es); - return status; -} - -#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5) - -#ifndef SMB_GSS_REQUIRED_FLAGS -#define SMB_GSS_REQUIRED_FLAGS (GSS_C_CONF_FLAG|GSS_C_INTEG_FLAG|GSS_C_MUTUAL_FLAG|GSS_C_REPLAY_FLAG|GSS_C_SEQUENCE_FLAG) -#endif - -/****************************************************************************** - Get client gss blob to send to a server. -******************************************************************************/ - -static NTSTATUS make_cli_gss_blob(struct smb_trans_enc_state *es, - const char *service, - const char *host, - NTSTATUS status_in, - DATA_BLOB spnego_blob_in, - DATA_BLOB *p_blob_out) -{ - const char *krb_mechs[] = {OID_KERBEROS5, NULL}; - OM_uint32 ret; - OM_uint32 min; - gss_name_t srv_name; - gss_buffer_desc input_name; - gss_buffer_desc *p_tok_in; - gss_buffer_desc tok_out, tok_in; - DATA_BLOB blob_out = data_blob_null; - DATA_BLOB blob_in = data_blob_null; - char *host_princ_s = NULL; - OM_uint32 ret_flags = 0; - NTSTATUS status = NT_STATUS_OK; - - gss_OID_desc nt_hostbased_service = - {10, CONST_DISCARD(char *,"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x04")}; - - memset(&tok_out, '\0', sizeof(tok_out)); - - /* Get a ticket for the service@host */ - asprintf(&host_princ_s, "%s@%s", service, host); - if (host_princ_s == NULL) { - return NT_STATUS_NO_MEMORY; - } - - input_name.value = host_princ_s; - input_name.length = strlen(host_princ_s) + 1; - - ret = gss_import_name(&min, - &input_name, - &nt_hostbased_service, - &srv_name); - - if (ret != GSS_S_COMPLETE) { - SAFE_FREE(host_princ_s); - return map_nt_error_from_gss(ret, min); - } - - if (spnego_blob_in.length == 0) { - p_tok_in = GSS_C_NO_BUFFER; - } else { - /* Remove the SPNEGO wrapper */ - if (!spnego_parse_auth_response(spnego_blob_in, status_in, OID_KERBEROS5, &blob_in)) { - status = NT_STATUS_UNSUCCESSFUL; - goto fail; - } - tok_in.value = blob_in.data; - tok_in.length = blob_in.length; - p_tok_in = &tok_in; - } - - ret = gss_init_sec_context(&min, - GSS_C_NO_CREDENTIAL, /* Use our default cred. */ - &es->s.gss_state->gss_ctx, - srv_name, - GSS_C_NO_OID, /* default OID. */ - GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG, - GSS_C_INDEFINITE, /* requested ticket lifetime. */ - NULL, /* no channel bindings */ - p_tok_in, - NULL, /* ignore mech type */ - &tok_out, - &ret_flags, - NULL); /* ignore time_rec */ - - status = map_nt_error_from_gss(ret, min); - if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status,NT_STATUS_MORE_PROCESSING_REQUIRED)) { - ADS_STATUS adss = ADS_ERROR_GSS(ret, min); - DEBUG(10,("make_cli_gss_blob: gss_init_sec_context failed with %s\n", - ads_errstr(adss))); - goto fail; - } - - if ((ret_flags & SMB_GSS_REQUIRED_FLAGS) != SMB_GSS_REQUIRED_FLAGS) { - status = NT_STATUS_ACCESS_DENIED; - } - - blob_out = data_blob(tok_out.value, tok_out.length); - - /* Wrap in an SPNEGO wrapper */ - *p_blob_out = gen_negTokenTarg(krb_mechs, blob_out); - - fail: - - data_blob_free(&blob_out); - data_blob_free(&blob_in); - SAFE_FREE(host_princ_s); - gss_release_name(&min, &srv_name); - if (tok_out.value) { - gss_release_buffer(&min, &tok_out); - } - return status; -} - -/****************************************************************************** - Start a SPNEGO gssapi encryption context. -******************************************************************************/ - -NTSTATUS cli_gss_smb_encryption_start(struct cli_state *cli) -{ - DATA_BLOB blob_recv = data_blob_null; - DATA_BLOB blob_send = data_blob_null; - DATA_BLOB param_out = data_blob_null; - NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - fstring fqdn; - const char *servicename; - struct smb_trans_enc_state *es = make_cli_enc_state(SMB_TRANS_ENC_GSS); - - if (!es) { - return NT_STATUS_NO_MEMORY; - } - - name_to_fqdn(fqdn, cli->desthost); - strlower_m(fqdn); - - servicename = "cifs"; - status = make_cli_gss_blob(es, servicename, fqdn, NT_STATUS_OK, blob_recv, &blob_send); - if (!NT_STATUS_EQUAL(status,NT_STATUS_MORE_PROCESSING_REQUIRED)) { - servicename = "host"; - status = make_cli_gss_blob(es, servicename, fqdn, NT_STATUS_OK, blob_recv, &blob_send); - if (!NT_STATUS_EQUAL(status,NT_STATUS_MORE_PROCESSING_REQUIRED)) { - goto fail; - } - } - - do { - data_blob_free(&blob_recv); - status = enc_blob_send_receive(cli, &blob_send, &blob_recv, ¶m_out); - if (param_out.length == 2) { - es->enc_ctx_num = SVAL(param_out.data, 0); - } - data_blob_free(&blob_send); - status = make_cli_gss_blob(es, servicename, fqdn, status, blob_recv, &blob_send); - } while (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)); - data_blob_free(&blob_recv); - - if (NT_STATUS_IS_OK(status)) { - /* Replace the old state, if any. */ - if (cli->trans_enc_state) { - common_free_encryption_state(&cli->trans_enc_state); - } - cli->trans_enc_state = es; - cli->trans_enc_state->enc_on = True; - es = NULL; - } - - fail: - - common_free_encryption_state(&es); - return status; -} -#else -NTSTATUS cli_gss_smb_encryption_start(struct cli_state *cli) -{ - return NT_STATUS_NOT_SUPPORTED; -} -#endif diff --git a/source3/libsmb/clilist.c b/source3/libsmb/clilist.c index 31012e6011..5da63096b1 100644 --- a/source3/libsmb/clilist.c +++ b/source3/libsmb/clilist.c @@ -417,7 +417,7 @@ int cli_list_old(struct cli_state *cli,const char *Mask,uint16 attribute, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,2,0,True); + set_message(cli->outbuf,2,0,True); SCVAL(cli->outbuf,smb_com,SMBsearch); @@ -474,7 +474,7 @@ int cli_list_old(struct cli_state *cli,const char *Mask,uint16 attribute, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,2,0,True); + set_message(cli->outbuf,2,0,True); SCVAL(cli->outbuf,smb_com,SMBfclose); SSVAL(cli->outbuf,smb_tid,cli->cnum); cli_setup_packet(cli); diff --git a/source3/libsmb/climessage.c b/source3/libsmb/climessage.c index 252f2cd725..46d7c1c3be 100644 --- a/source3/libsmb/climessage.c +++ b/source3/libsmb/climessage.c @@ -29,7 +29,7 @@ int cli_message_start_build(struct cli_state *cli, char *host, char *username) /* construct a SMBsendstrt command */ memset(cli->outbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,0,0,True); + set_message(cli->outbuf,0,0,True); SCVAL(cli->outbuf,smb_com,SMBsendstrt); SSVAL(cli->outbuf,smb_tid,cli->cnum); cli_setup_packet(cli); @@ -74,7 +74,7 @@ int cli_message_text_build(struct cli_state *cli, char *msg, int len, int grp) char *p; memset(cli->outbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,1,0,True); + set_message(cli->outbuf,1,0,True); SCVAL(cli->outbuf,smb_com,SMBsendtxt); SSVAL(cli->outbuf,smb_tid,cli->cnum); cli_setup_packet(cli); @@ -124,7 +124,7 @@ int cli_message_end_build(struct cli_state *cli, int grp) char *p; memset(cli->outbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,1,0,True); + set_message(cli->outbuf,1,0,True); SCVAL(cli->outbuf,smb_com,SMBsendend); SSVAL(cli->outbuf,smb_tid,cli->cnum); diff --git a/source3/libsmb/clioplock.c b/source3/libsmb/clioplock.c index 041de41cad..387c40b401 100644 --- a/source3/libsmb/clioplock.c +++ b/source3/libsmb/clioplock.c @@ -31,7 +31,7 @@ BOOL cli_oplock_ack(struct cli_state *cli, int fnum, unsigned char level) cli->outbuf = buf; memset(buf,'\0',smb_size); - set_message(NULL,buf,8,0,True); + set_message(buf,8,0,True); SCVAL(buf,smb_com,SMBlockingX); SSVAL(buf,smb_tid, cli->cnum); diff --git a/source3/libsmb/cliprint.c b/source3/libsmb/cliprint.c index 08737f87e4..9e55e5cef3 100644 --- a/source3/libsmb/cliprint.c +++ b/source3/libsmb/cliprint.c @@ -193,7 +193,7 @@ int cli_spl_open(struct cli_state *cli, const char *fname, int flags, int share_ memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,15,0,True); + set_message(cli->outbuf,15,0,True); SCVAL(cli->outbuf,smb_com,SMBsplopen); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -240,7 +240,7 @@ BOOL cli_spl_close(struct cli_state *cli, int fnum) memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,3,0,True); + set_message(cli->outbuf,3,0,True); SCVAL(cli->outbuf,smb_com,SMBsplclose); SSVAL(cli->outbuf,smb_tid,cli->cnum); diff --git a/source3/libsmb/clireadwrite.c b/source3/libsmb/clireadwrite.c index 7e479dc00a..ed80dfaf1a 100644 --- a/source3/libsmb/clireadwrite.c +++ b/source3/libsmb/clireadwrite.c @@ -34,7 +34,7 @@ static BOOL cli_issue_read(struct cli_state *cli, int fnum, off_t offset, if ((SMB_BIG_UINT)offset >> 32) bigoffset = True; - set_message(NULL,cli->outbuf,bigoffset ? 12 : 10,0,True); + set_message(cli->outbuf,bigoffset ? 12 : 10,0,True); SCVAL(cli->outbuf,smb_com,SMBreadX); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -76,9 +76,7 @@ ssize_t cli_read(struct cli_state *cli, int fnum, char *buf, off_t offset, size_ * rounded down to a multiple of 1024. */ - if (client_is_signing_on(cli) == False && - cli_encryption_on(cli) == False && - (cli->posix_capabilities & CIFS_UNIX_LARGE_READ_CAP)) { + if (client_is_signing_on(cli) == False && (cli->posix_capabilities & CIFS_UNIX_LARGE_READ_CAP)) { readsize = CLI_SAMBA_MAX_POSIX_LARGE_READX_SIZE; } else if (cli->capabilities & CAP_LARGE_READX) { if (cli->is_samba) { @@ -205,7 +203,7 @@ static BOOL cli_issue_readraw(struct cli_state *cli, int fnum, off_t offset, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,10,0,True); + set_message(cli->outbuf,10,0,True); SCVAL(cli->outbuf,smb_com,SMBreadbraw); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -314,9 +312,9 @@ static BOOL cli_issue_write(struct cli_state *cli, int fnum, off_t offset, } if (large_writex) - set_message(NULL,cli->outbuf,14,0,True); + set_message(cli->outbuf,14,0,True); else - set_message(NULL,cli->outbuf,12,0,True); + set_message(cli->outbuf,12,0,True); SCVAL(cli->outbuf,smb_com,SMBwriteX); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -428,7 +426,7 @@ ssize_t cli_smbwrite(struct cli_state *cli, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,5, 0,True); + set_message(cli->outbuf,5, 0,True); SCVAL(cli->outbuf,smb_com,SMBwrite); SSVAL(cli->outbuf,smb_tid,cli->cnum); diff --git a/source3/libsmb/clitrans.c b/source3/libsmb/clitrans.c index 752983377c..e859dce956 100644 --- a/source3/libsmb/clitrans.c +++ b/source3/libsmb/clitrans.c @@ -43,7 +43,7 @@ BOOL cli_send_trans(struct cli_state *cli, int trans, this_ldata = MIN(ldata,cli->max_xmit - (500+lsetup*2+this_lparam)); memset(cli->outbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,14+lsetup,0,True); + set_message(cli->outbuf,14+lsetup,0,True); SCVAL(cli->outbuf,smb_com,trans); SSVAL(cli->outbuf,smb_tid, cli->cnum); cli_setup_packet(cli); @@ -112,7 +112,7 @@ BOOL cli_send_trans(struct cli_state *cli, int trans, this_lparam = MIN(lparam-tot_param,cli->max_xmit - 500); /* hack */ this_ldata = MIN(ldata-tot_data,cli->max_xmit - (500+this_lparam)); - set_message(NULL,cli->outbuf,trans==SMBtrans?8:9,0,True); + set_message(cli->outbuf,trans==SMBtrans?8:9,0,True); SCVAL(cli->outbuf,smb_com,(trans==SMBtrans ? SMBtranss : SMBtranss2)); outparam = smb_buf(cli->outbuf); @@ -358,7 +358,7 @@ BOOL cli_send_nt_trans(struct cli_state *cli, this_ldata = MIN(ldata,cli->max_xmit - (500+lsetup*2+this_lparam)); memset(cli->outbuf,'\0',smb_size); - set_message(NULL,cli->outbuf,19+lsetup,0,True); + set_message(cli->outbuf,19+lsetup,0,True); SCVAL(cli->outbuf,smb_com,SMBnttrans); SSVAL(cli->outbuf,smb_tid, cli->cnum); cli_setup_packet(cli); @@ -419,7 +419,7 @@ BOOL cli_send_nt_trans(struct cli_state *cli, this_lparam = MIN(lparam-tot_param,cli->max_xmit - 500); /* hack */ this_ldata = MIN(ldata-tot_data,cli->max_xmit - (500+this_lparam)); - set_message(NULL,cli->outbuf,18,0,True); + set_message(cli->outbuf,18,0,True); SCVAL(cli->outbuf,smb_com,SMBnttranss); /* XXX - these should probably be aligned */ diff --git a/source3/libsmb/errormap.c b/source3/libsmb/errormap.c index 412126eeca..ce826ae999 100644 --- a/source3/libsmb/errormap.c +++ b/source3/libsmb/errormap.c @@ -4,7 +4,6 @@ * Copyright (C) Andrew Tridgell 2001 * Copyright (C) Andrew Bartlett 2001 * Copyright (C) Tim Potter 2000 - * Copyright (C) Jeremy Allison 2007 * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -1503,108 +1502,3 @@ WERROR ntstatus_to_werror(NTSTATUS error) /* a lame guess */ return W_ERROR(NT_STATUS_V(error) & 0xffff); } - -#if defined(HAVE_GSSAPI) -/******************************************************************************* - Map between gssapi errors and NT status. I made these up :-(. JRA. -*******************************************************************************/ - -static const struct { - unsigned long gss_err; - NTSTATUS ntstatus; -} gss_to_ntstatus_errormap[] = { -#if defined(GSS_S_CALL_INACCESSIBLE_READ) - {GSS_S_CALL_INACCESSIBLE_READ, NT_STATUS_INVALID_PARAMETER}, -#endif -#if defined(GSS_S_CALL_INACCESSIBLE_WRITE) - {GSS_S_CALL_INACCESSIBLE_WRITE, NT_STATUS_INVALID_PARAMETER}, -#endif -#if defined(GSS_S_CALL_BAD_STRUCTURE) - {GSS_S_CALL_BAD_STRUCTURE, NT_STATUS_INVALID_PARAMETER}, -#endif -#if defined(GSS_S_BAD_MECH) - {GSS_S_BAD_MECH, NT_STATUS_INVALID_PARAMETER}, -#endif -#if defined(GSS_S_BAD_NAME) - {GSS_S_BAD_NAME, NT_STATUS_INVALID_ACCOUNT_NAME}, -#endif -#if defined(GSS_S_BAD_NAMETYPE) - {GSS_S_BAD_NAMETYPE, NT_STATUS_INVALID_PARAMETER}, -#endif -#if defined(GSS_S_BAD_BINDINGS) - {GSS_S_BAD_BINDINGS, NT_STATUS_INVALID_PARAMETER}, -#endif -#if defined(GSS_S_BAD_STATUS) - {GSS_S_BAD_STATUS, NT_STATUS_UNSUCCESSFUL}, -#endif -#if defined(GSS_S_BAD_SIG) - {GSS_S_BAD_SIG, NT_STATUS_ACCESS_DENIED}, -#endif -#if defined(GSS_S_NO_CRED) - {GSS_S_NO_CRED, NT_STATUS_ACCESS_DENIED}, -#endif -#if defined(GSS_S_NO_CONTEXT) - {GSS_S_NO_CONTEXT, NT_STATUS_ACCESS_DENIED}, -#endif -#if defined(GSS_S_DEFECTIVE_TOKEN) - {GSS_S_DEFECTIVE_TOKEN, NT_STATUS_ACCESS_DENIED}, -#endif -#if defined(GSS_S_DEFECTIVE_CREDENTIAL) - {GSS_S_DEFECTIVE_CREDENTIAL, NT_STATUS_ACCESS_DENIED}, -#endif -#if defined(GSS_S_CREDENTIALS_EXPIRED) - {GSS_S_CREDENTIALS_EXPIRED, NT_STATUS_PASSWORD_EXPIRED}, -#endif -#if defined(GSS_S_CONTEXT_EXPIRED) - {GSS_S_CONTEXT_EXPIRED, NT_STATUS_PASSWORD_EXPIRED}, -#endif -#if defined(GSS_S_BAD_QOP) - {GSS_S_BAD_QOP, NT_STATUS_ACCESS_DENIED}, -#endif -#if defined(GSS_S_UNAUTHORIZED) - {GSS_S_UNAUTHORIZED, NT_STATUS_ACCESS_DENIED}, -#endif -#if defined(GSS_S_UNAVAILABLE) - {GSS_S_UNAVAILABLE, NT_STATUS_UNSUCCESSFUL}, -#endif -#if defined(GSS_S_DUPLICATE_ELEMENT) - {GSS_S_DUPLICATE_ELEMENT, NT_STATUS_INVALID_PARAMETER}, -#endif -#if defined(GSS_S_NAME_NOT_MN) - {GSS_S_NAME_NOT_MN, NT_STATUS_INVALID_PARAMETER}, -#endif - { 0, NT_STATUS_OK } -}; - -/********************************************************************* - Map an NT error code from a gssapi error code. -*********************************************************************/ - -NTSTATUS map_nt_error_from_gss(uint32 gss_maj, uint32 minor) -{ - int i = 0; - - if (gss_maj == GSS_S_COMPLETE) { - return NT_STATUS_OK; - } - - if (gss_maj == GSS_S_CONTINUE_NEEDED) { - return NT_STATUS_MORE_PROCESSING_REQUIRED; - } - - if (gss_maj == GSS_S_FAILURE) { - return map_nt_error_from_unix((int)minor); - } - - /* Look through list */ - while(gss_to_ntstatus_errormap[i].gss_err != 0) { - if (gss_to_ntstatus_errormap[i].gss_err == gss_maj) { - return gss_to_ntstatus_errormap[i].ntstatus; - } - i++; - } - - /* Default return */ - return NT_STATUS_ACCESS_DENIED; -} -#endif diff --git a/source3/libsmb/libsmbclient.c b/source3/libsmb/libsmbclient.c index 7394008786..45226a028c 100644 --- a/source3/libsmb/libsmbclient.c +++ b/source3/libsmb/libsmbclient.c @@ -2471,15 +2471,16 @@ net_share_enum_rpc(struct cli_state *cli, void *state) { int i; - NTSTATUS result; - uint32 enum_hnd; + WERROR result; + ENUM_HND enum_hnd; uint32 info_level = 1; uint32 preferred_len = 0xffffffff; - struct srvsvc_NetShareCtr1 ctr1; - union srvsvc_NetShareCtr ctr; + uint32 type; + SRV_SHARE_INFO_CTR ctr; + fstring name = ""; + fstring comment = ""; void *mem_ctx; struct rpc_pipe_client *pipe_hnd; - uint32 numentries; NTSTATUS nt_status; /* Open the server service pipe */ @@ -2497,28 +2498,37 @@ net_share_enum_rpc(struct cli_state *cli, return -1; } - ZERO_STRUCT(ctr1); - ctr.ctr1 = &ctr1; - /* Issue the NetShareEnum RPC call and retrieve the response */ - enum_hnd = 0; - result = rpccli_srvsvc_NetShareEnum(pipe_hnd, mem_ctx, NULL, - &info_level, &ctr, preferred_len, - &numentries, &enum_hnd); + init_enum_hnd(&enum_hnd, 0); + result = rpccli_srvsvc_net_share_enum(pipe_hnd, + mem_ctx, + info_level, + &ctr, + preferred_len, + &enum_hnd); /* Was it successful? */ - if (!NT_STATUS_IS_OK(result) || numentries == 0) { + if (!W_ERROR_IS_OK(result) || ctr.num_entries == 0) { /* Nope. Go clean up. */ goto done; } /* For each returned entry... */ - for (i = 0; i < numentries; i++) { + for (i = 0; i < ctr.num_entries; i++) { + + /* pull out the share name */ + rpcstr_pull_unistr2_fstring( + name, &ctr.share.info1[i].info_1_str.uni_netname); + + /* pull out the share's comment */ + rpcstr_pull_unistr2_fstring( + comment, &ctr.share.info1[i].info_1_str.uni_remark); + + /* Get the type value */ + type = ctr.share.info1[i].info_1.type; /* Add this share to the list */ - (*fn)(ctr.ctr1->array[i].name, - ctr.ctr1->array[i].type, - ctr.ctr1->array[i].comment, state); + (*fn)(name, type, comment, state); } done: @@ -2529,7 +2539,7 @@ done: TALLOC_FREE(mem_ctx); /* Tell 'em if it worked */ - return NT_STATUS_IS_OK(result) ? 0 : -1; + return W_ERROR_IS_OK(result) ? 0 : -1; } @@ -4076,7 +4086,7 @@ sec_desc_parse(TALLOC_CTX *ctx, fstring tok; SEC_DESC *ret = NULL; size_t sd_size; - DOM_SID *grp_sid=NULL; + DOM_SID *group_sid=NULL; DOM_SID *owner_sid=NULL; SEC_ACL *dacl=NULL; int revision=1; @@ -4121,15 +4131,15 @@ sec_desc_parse(TALLOC_CTX *ctx, } if (StrnCaseCmp(tok,"GROUP:", 6) == 0) { - if (grp_sid) { + if (group_sid) { DEBUG(5, ("GROUP specified more than once!\n")); goto done; } - grp_sid = SMB_CALLOC_ARRAY(DOM_SID, 1); - if (!grp_sid || + group_sid = SMB_CALLOC_ARRAY(DOM_SID, 1); + if (!group_sid || !convert_string_to_sid(ipc_cli, pol, numeric, - grp_sid, tok+6)) { + group_sid, tok+6)) { DEBUG(5, ("Failed to parse group sid\n")); goto done; } @@ -4137,15 +4147,15 @@ sec_desc_parse(TALLOC_CTX *ctx, } if (StrnCaseCmp(tok,"GROUP+:", 7) == 0) { - if (grp_sid) { + if (group_sid) { DEBUG(5, ("GROUP specified more than once!\n")); goto done; } - grp_sid = SMB_CALLOC_ARRAY(DOM_SID, 1); - if (!grp_sid || + group_sid = SMB_CALLOC_ARRAY(DOM_SID, 1); + if (!group_sid || !convert_string_to_sid(ipc_cli, pol, False, - grp_sid, tok+6)) { + group_sid, tok+6)) { DEBUG(5, ("Failed to parse group sid\n")); goto done; } @@ -4183,10 +4193,10 @@ sec_desc_parse(TALLOC_CTX *ctx, } ret = make_sec_desc(ctx, revision, SEC_DESC_SELF_RELATIVE, - owner_sid, grp_sid, NULL, dacl, &sd_size); + owner_sid, group_sid, NULL, dacl, &sd_size); done: - SAFE_FREE(grp_sid); + SAFE_FREE(group_sid); SAFE_FREE(owner_sid); return ret; @@ -5132,7 +5142,7 @@ cacl_set(TALLOC_CTX *ctx, SEC_DESC *sd = NULL, *old; SEC_ACL *dacl = NULL; DOM_SID *owner_sid = NULL; - DOM_SID *grp_sid = NULL; + DOM_SID *group_sid = NULL; uint32 i, j; size_t sd_size; int ret = 0; @@ -5257,7 +5267,7 @@ cacl_set(TALLOC_CTX *ctx, case SMBC_XATTR_MODE_SET: old = sd; owner_sid = old->owner_sid; - grp_sid = old->group_sid; + group_sid = old->group_sid; dacl = old->dacl; break; @@ -5266,7 +5276,7 @@ cacl_set(TALLOC_CTX *ctx, break; case SMBC_XATTR_MODE_CHGRP: - grp_sid = sd->group_sid; + group_sid = sd->group_sid; break; } @@ -5275,7 +5285,7 @@ cacl_set(TALLOC_CTX *ctx, /* Create new security descriptor and set it */ sd = make_sec_desc(ctx, old->revision, SEC_DESC_SELF_RELATIVE, - owner_sid, grp_sid, NULL, dacl, &sd_size); + owner_sid, group_sid, NULL, dacl, &sd_size); fnum = cli_nt_create(cli, filename, WRITE_DAC_ACCESS | WRITE_OWNER_ACCESS); diff --git a/source3/libsmb/smb_seal.c b/source3/libsmb/smb_seal.c deleted file mode 100644 index 33352b85ce..0000000000 --- a/source3/libsmb/smb_seal.c +++ /dev/null @@ -1,496 +0,0 @@ -/* - Unix SMB/CIFS implementation. - SMB Transport encryption (sealing) code. - Copyright (C) Jeremy Allison 2007. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" - -/****************************************************************************** - Pull out the encryption context for this packet. 0 means global context. -******************************************************************************/ - -NTSTATUS get_enc_ctx_num(char *buf, uint16 *p_enc_ctx_num) -{ - if (smb_len(buf) < 8) { - return NT_STATUS_INVALID_BUFFER_SIZE; - } - - if (buf[4] == (char)0xFF) { - if (buf[5] == 'S' && buf [6] == 'M' && buf[7] == 'B') { - /* Not an encrypted buffer. */ - return NT_STATUS_NOT_FOUND; - } - if (buf[5] == 'E') { - *p_enc_ctx_num = SVAL(buf,6); - return NT_STATUS_OK; - } - } - return NT_STATUS_INVALID_NETWORK_RESPONSE; -} - -/****************************************************************************** - Generic code for client and server. - Is encryption turned on ? -******************************************************************************/ - -BOOL common_encryption_on(struct smb_trans_enc_state *es) -{ - return ((es != NULL) && es->enc_on); -} - -/****************************************************************************** - Generic code for client and server. - NTLM decrypt an incoming buffer. - Abartlett tells me that SSPI puts the signature first before the encrypted - output, so cope with the same for compatibility. -******************************************************************************/ - -NTSTATUS common_ntlm_decrypt_buffer(NTLMSSP_STATE *ntlmssp_state, char *buf) -{ - NTSTATUS status; - size_t buf_len = smb_len(buf) + 4; /* Don't forget the 4 length bytes. */ - size_t data_len; - char *inbuf; - DATA_BLOB sig; - - if (buf_len < 8 + NTLMSSP_SIG_SIZE) { - return NT_STATUS_BUFFER_TOO_SMALL; - } - - inbuf = (char *)smb_xmemdup(buf, buf_len); - - /* Adjust for the signature. */ - data_len = buf_len - 8 - NTLMSSP_SIG_SIZE; - - /* Point at the signature. */ - sig = data_blob_const(inbuf+8, NTLMSSP_SIG_SIZE); - - status = ntlmssp_unseal_packet(ntlmssp_state, - (unsigned char *)inbuf + 8 + NTLMSSP_SIG_SIZE, /* 4 byte len + 0xFF 'E' <enc> <ctx> */ - data_len, - (unsigned char *)inbuf + 8 + NTLMSSP_SIG_SIZE, - data_len, - &sig); - - if (!NT_STATUS_IS_OK(status)) { - SAFE_FREE(inbuf); - return status; - } - - memcpy(buf + 8, inbuf + 8 + NTLMSSP_SIG_SIZE, data_len); - - /* Reset the length. */ - smb_setlen(inbuf, buf, data_len + 4); - - SAFE_FREE(inbuf); - return NT_STATUS_OK; -} - -/****************************************************************************** - Generic code for client and server. - NTLM encrypt an outgoing buffer. Return the encrypted pointer in ppbuf_out. - Abartlett tells me that SSPI puts the signature first before the encrypted - output, so do the same for compatibility. -******************************************************************************/ - -NTSTATUS common_ntlm_encrypt_buffer(NTLMSSP_STATE *ntlmssp_state, - uint16 enc_ctx_num, - char *buf, - char **ppbuf_out) -{ - NTSTATUS status; - char *buf_out; - size_t data_len = smb_len(buf) - 4; /* Ignore the 0xFF SMB bytes. */ - DATA_BLOB sig; - - *ppbuf_out = NULL; - - if (data_len == 0) { - return NT_STATUS_BUFFER_TOO_SMALL; - } - - /* - * We know smb_len can't return a value > 128k, so no int overflow - * check needed. - */ - - buf_out = SMB_XMALLOC_ARRAY(char, 8 + NTLMSSP_SIG_SIZE + data_len); - - /* Copy the data from the original buffer. */ - - memcpy(buf_out + 8 + NTLMSSP_SIG_SIZE, buf + 8, data_len); - - smb_set_enclen(buf_out, smb_len(buf) + NTLMSSP_SIG_SIZE, enc_ctx_num); - - sig = data_blob(NULL, NTLMSSP_SIG_SIZE); - - status = ntlmssp_seal_packet(ntlmssp_state, - (unsigned char *)buf_out + 8 + NTLMSSP_SIG_SIZE, /* 4 byte len + 0xFF 'S' <enc> <ctx> */ - data_len, - (unsigned char *)buf_out + 8 + NTLMSSP_SIG_SIZE, - data_len, - &sig); - - if (!NT_STATUS_IS_OK(status)) { - data_blob_free(&sig); - SAFE_FREE(buf_out); - return status; - } - - /* First 16 data bytes are signature for SSPI compatibility. */ - memcpy(buf_out + 8, sig.data, NTLMSSP_SIG_SIZE); - *ppbuf_out = buf_out; - return NT_STATUS_OK; -} - -/****************************************************************************** - Generic code for client and server. - gss-api decrypt an incoming buffer. We insist that the size of the - unwrapped buffer must be smaller or identical to the incoming buffer. -******************************************************************************/ - -#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5) -static NTSTATUS common_gss_decrypt_buffer(struct smb_tran_enc_state_gss *gss_state, char *buf) -{ - gss_ctx_id_t gss_ctx = gss_state->gss_ctx; - OM_uint32 ret = 0; - OM_uint32 minor = 0; - int flags_got = 0; - gss_buffer_desc in_buf, out_buf; - size_t buf_len = smb_len(buf) + 4; /* Don't forget the 4 length bytes. */ - - if (buf_len < 8) { - return NT_STATUS_BUFFER_TOO_SMALL; - } - - in_buf.value = buf + 8; - in_buf.length = buf_len - 8; - - ret = gss_unwrap(&minor, - gss_ctx, - &in_buf, - &out_buf, - &flags_got, /* did we get sign+seal ? */ - (gss_qop_t *) NULL); - - if (ret != GSS_S_COMPLETE) { - ADS_STATUS adss = ADS_ERROR_GSS(ret, minor); - DEBUG(0,("common_gss_encrypt_buffer: gss_unwrap failed. Error %s\n", - ads_errstr(adss) )); - return map_nt_error_from_gss(ret, minor); - } - - if (out_buf.length > in_buf.length) { - DEBUG(0,("common_gss_encrypt_buffer: gss_unwrap size (%u) too large (%u) !\n", - (unsigned int)out_buf.length, - (unsigned int)in_buf.length )); - gss_release_buffer(&minor, &out_buf); - return NT_STATUS_INVALID_PARAMETER; - } - - memcpy(buf + 8, out_buf.value, out_buf.length); - smb_setlen((char *)out_buf.value, buf, out_buf.length + 4); - - gss_release_buffer(&minor, &out_buf); - return NT_STATUS_OK; -} - -/****************************************************************************** - Generic code for client and server. - gss-api encrypt an outgoing buffer. Return the alloced encrypted pointer in buf_out. -******************************************************************************/ - -static NTSTATUS common_gss_encrypt_buffer(struct smb_tran_enc_state_gss *gss_state, - uint16 enc_ctx_num, - char *buf, - char **ppbuf_out) -{ - gss_ctx_id_t gss_ctx = gss_state->gss_ctx; - OM_uint32 ret = 0; - OM_uint32 minor = 0; - int flags_got = 0; - gss_buffer_desc in_buf, out_buf; - size_t buf_len = smb_len(buf) + 4; /* Don't forget the 4 length bytes. */ - - *ppbuf_out = NULL; - - if (buf_len < 8) { - return NT_STATUS_BUFFER_TOO_SMALL; - } - - in_buf.value = buf + 8; - in_buf.length = buf_len - 8; - - ret = gss_wrap(&minor, - gss_ctx, - True, /* we want sign+seal. */ - GSS_C_QOP_DEFAULT, - &in_buf, - &flags_got, /* did we get sign+seal ? */ - &out_buf); - - if (ret != GSS_S_COMPLETE) { - ADS_STATUS adss = ADS_ERROR_GSS(ret, minor); - DEBUG(0,("common_gss_encrypt_buffer: gss_wrap failed. Error %s\n", - ads_errstr(adss) )); - return map_nt_error_from_gss(ret, minor); - } - - if (!flags_got) { - /* Sign+seal not supported. */ - gss_release_buffer(&minor, &out_buf); - return NT_STATUS_NOT_SUPPORTED; - } - - /* Ya see - this is why I *hate* gss-api. I don't - * want to have to malloc another buffer of the - * same size + 8 bytes just to get a continuous - * header + buffer, but gss won't let me pass in - * a pre-allocated buffer. Bastards (and you know - * who you are....). I might fix this by - * going to "encrypt_and_send" passing in a file - * descriptor and doing scatter-gather write with - * TCP cork on Linux. But I shouldn't have to - * bother :-*(. JRA. - */ - - *ppbuf_out = (char *)SMB_MALLOC(out_buf.length + 8); /* We know this can't wrap. */ - if (!*ppbuf_out) { - gss_release_buffer(&minor, &out_buf); - return NT_STATUS_NO_MEMORY; - } - - memcpy(*ppbuf_out+8, out_buf.value, out_buf.length); - smb_set_enclen(*ppbuf_out, out_buf.length + 4, enc_ctx_num); - - gss_release_buffer(&minor, &out_buf); - return NT_STATUS_OK; -} -#endif - -/****************************************************************************** - Generic code for client and server. - Encrypt an outgoing buffer. Return the alloced encrypted pointer in buf_out. -******************************************************************************/ - -NTSTATUS common_encrypt_buffer(struct smb_trans_enc_state *es, char *buffer, char **buf_out) -{ - if (!common_encryption_on(es)) { - /* Not encrypting. */ - *buf_out = buffer; - return NT_STATUS_OK; - } - - switch (es->smb_enc_type) { - case SMB_TRANS_ENC_NTLM: - return common_ntlm_encrypt_buffer(es->s.ntlmssp_state, es->enc_ctx_num, buffer, buf_out); -#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5) - case SMB_TRANS_ENC_GSS: - return common_gss_encrypt_buffer(es->s.gss_state, es->enc_ctx_num, buffer, buf_out); -#endif - default: - return NT_STATUS_NOT_SUPPORTED; - } -} - -/****************************************************************************** - Generic code for client and server. - Decrypt an incoming SMB buffer. Replaces the data within it. - New data must be less than or equal to the current length. -******************************************************************************/ - -NTSTATUS common_decrypt_buffer(struct smb_trans_enc_state *es, char *buf) -{ - if (!common_encryption_on(es)) { - /* Not decrypting. */ - return NT_STATUS_OK; - } - - switch (es->smb_enc_type) { - case SMB_TRANS_ENC_NTLM: - return common_ntlm_decrypt_buffer(es->s.ntlmssp_state, buf); -#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5) - case SMB_TRANS_ENC_GSS: - return common_gss_decrypt_buffer(es->s.gss_state, buf); -#endif - default: - return NT_STATUS_NOT_SUPPORTED; - } -} - -#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5) -/****************************************************************************** - Shutdown a gss encryption state. -******************************************************************************/ - -static void common_free_gss_state(struct smb_tran_enc_state_gss **pp_gss_state) -{ - OM_uint32 minor = 0; - struct smb_tran_enc_state_gss *gss_state = *pp_gss_state; - - if (gss_state->creds != GSS_C_NO_CREDENTIAL) { - gss_release_cred(&minor, &gss_state->creds); - } - if (gss_state->gss_ctx != GSS_C_NO_CONTEXT) { - gss_delete_sec_context(&minor, &gss_state->gss_ctx, NULL); - } - SAFE_FREE(*pp_gss_state); -} -#endif - -/****************************************************************************** - Shutdown an encryption state. -******************************************************************************/ - -void common_free_encryption_state(struct smb_trans_enc_state **pp_es) -{ - struct smb_trans_enc_state *es = *pp_es; - - if (es == NULL) { - return; - } - - if (es->smb_enc_type == SMB_TRANS_ENC_NTLM) { - if (es->s.ntlmssp_state) { - ntlmssp_end(&es->s.ntlmssp_state); - } - } -#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5) - if (es->smb_enc_type == SMB_TRANS_ENC_GSS) { - /* Free the gss context handle. */ - if (es->s.gss_state) { - common_free_gss_state(&es->s.gss_state); - } - } -#endif - SAFE_FREE(es); - *pp_es = NULL; -} - -/****************************************************************************** - Free an encryption-allocated buffer. -******************************************************************************/ - -void common_free_enc_buffer(struct smb_trans_enc_state *es, char *buf) -{ - if (!common_encryption_on(es)) { - return; - } - - if (es->smb_enc_type == SMB_TRANS_ENC_NTLM) { - SAFE_FREE(buf); - return; - } - -#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5) - if (es->smb_enc_type == SMB_TRANS_ENC_GSS) { - OM_uint32 min; - gss_buffer_desc rel_buf; - rel_buf.value = buf; - rel_buf.length = smb_len(buf) + 4; - gss_release_buffer(&min, &rel_buf); - } -#endif -} - -/****************************************************************************** - Client side encryption. -******************************************************************************/ - -/****************************************************************************** - Is client encryption on ? -******************************************************************************/ - -BOOL cli_encryption_on(struct cli_state *cli) -{ - /* If we supported multiple encrytion contexts - * here we'd look up based on tid. - */ - return common_encryption_on(cli->trans_enc_state); -} - -/****************************************************************************** - Shutdown a client encryption state. -******************************************************************************/ - -void cli_free_encryption_context(struct cli_state *cli) -{ - common_free_encryption_state(&cli->trans_enc_state); -} - -/****************************************************************************** - Free an encryption-allocated buffer. -******************************************************************************/ - -void cli_free_enc_buffer(struct cli_state *cli, char *buf) -{ - /* We know this is an smb buffer, and we - * didn't malloc, only copy, for a keepalive, - * so ignore session keepalives. */ - - if(CVAL(buf,0) == SMBkeepalive) { - return; - } - - /* If we supported multiple encrytion contexts - * here we'd look up based on tid. - */ - common_free_enc_buffer(cli->trans_enc_state, buf); -} - -/****************************************************************************** - Decrypt an incoming buffer. -******************************************************************************/ - -NTSTATUS cli_decrypt_message(struct cli_state *cli) -{ - NTSTATUS status; - uint16 enc_ctx_num; - - /* Ignore session keepalives. */ - if(CVAL(cli->inbuf,0) == SMBkeepalive) { - return NT_STATUS_OK; - } - - status = get_enc_ctx_num(cli->inbuf, &enc_ctx_num); - if (!NT_STATUS_IS_OK(status)) { - return status; - } - - if (enc_ctx_num != cli->trans_enc_state->enc_ctx_num) { - return NT_STATUS_INVALID_HANDLE; - } - - return common_decrypt_buffer(cli->trans_enc_state, cli->inbuf); -} - -/****************************************************************************** - Encrypt an outgoing buffer. Return the encrypted pointer in buf_out. -******************************************************************************/ - -NTSTATUS cli_encrypt_message(struct cli_state *cli, char **buf_out) -{ - /* Ignore session keepalives. */ - if(CVAL(cli->outbuf,0) == SMBkeepalive) { - return NT_STATUS_OK; - } - - /* If we supported multiple encrytion contexts - * here we'd look up based on tid. - */ - return common_encrypt_buffer(cli->trans_enc_state, cli->outbuf, buf_out); -} |