summaryrefslogtreecommitdiff
path: root/source4/libcli/smb2
diff options
context:
space:
mode:
Diffstat (limited to 'source4/libcli/smb2')
-rw-r--r--source4/libcli/smb2/connect.c8
-rw-r--r--source4/libcli/smb2/negprot.c31
-rw-r--r--source4/libcli/smb2/smb2_calls.h13
3 files changed, 39 insertions, 13 deletions
diff --git a/source4/libcli/smb2/connect.c b/source4/libcli/smb2/connect.c
index 4518203183..a2ae828fa5 100644
--- a/source4/libcli/smb2/connect.c
+++ b/source4/libcli/smb2/connect.c
@@ -120,6 +120,7 @@ static void continue_socket(struct composite_context *creq)
struct smbcli_socket *sock;
struct smb2_transport *transport;
struct smb2_request *req;
+ uint16_t dialects[1];
c->status = smbcli_sock_connect_recv(creq, state, &sock);
if (!composite_is_ok(c)) return;
@@ -128,7 +129,12 @@ static void continue_socket(struct composite_context *creq)
if (composite_nomem(transport, c)) return;
ZERO_STRUCT(state->negprot);
- state->negprot.in.unknown1 = 0x0001;
+ state->negprot.in.dialect_count = 1;
+ state->negprot.in.security_mode = 0;
+ state->negprot.in.capabilities = 0;
+ unix_to_nt_time(&state->negprot.in.start_time, time(NULL));
+ dialects[0] = 0;
+ state->negprot.in.dialects = dialects;
req = smb2_negprot_send(transport, &state->negprot);
if (composite_nomem(req, c)) return;
diff --git a/source4/libcli/smb2/negprot.c b/source4/libcli/smb2/negprot.c
index 38fe0e7e53..a678ebe229 100644
--- a/source4/libcli/smb2/negprot.c
+++ b/source4/libcli/smb2/negprot.c
@@ -31,16 +31,33 @@ struct smb2_request *smb2_negprot_send(struct smb2_transport *transport,
struct smb2_negprot *io)
{
struct smb2_request *req;
-
- req = smb2_request_init(transport, SMB2_OP_NEGPROT, 0x26, false, 0);
+ uint16_t size = 0x24 + io->in.dialect_count*2;
+ DATA_BLOB guid_blob;
+ enum ndr_err_code ndr_err;
+ int i;
+
+ req = smb2_request_init(transport, SMB2_OP_NEGPROT, size, false, 0);
if (req == NULL) return NULL;
- /* this seems to be a bug, they use 0x24 but the length is 0x26 */
- SSVAL(req->out.body, 0x00, 0x24);
- SSVAL(req->out.body, 0x02, io->in.unknown1);
- memcpy(req->out.body+0x04, io->in.unknown2, 32);
- SSVAL(req->out.body, 0x24, io->in.unknown3);
+ ndr_err = ndr_push_struct_blob(&guid_blob, req, NULL,
+ &io->in.client_guid,
+ (ndr_push_flags_fn_t)ndr_push_GUID);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err) || guid_blob.length != 16) {
+ talloc_free(req);
+ return NULL;
+ }
+
+ SSVAL(req->out.body, 0x00, 0x24);
+ SSVAL(req->out.body, 0x02, io->in.dialect_count);
+ SSVAL(req->out.body, 0x04, io->in.security_mode);
+ SSVAL(req->out.body, 0x06, io->in.reserved);
+ SIVAL(req->out.body, 0x08, io->in.capabilities);
+ memcpy(req->out.body+0x0C, guid_blob.data, guid_blob.length);
+ smbcli_push_nttime(req->out.body, 0x1C, io->in.start_time);
+ for (i=0;i<io->in.dialect_count;i++) {
+ SSVAL(req->out.body, 0x24 + i*2, io->in.dialects[i]);
+ }
smb2_transport_send(req);
diff --git a/source4/libcli/smb2/smb2_calls.h b/source4/libcli/smb2/smb2_calls.h
index 6a551da4ae..41fb35b8f3 100644
--- a/source4/libcli/smb2/smb2_calls.h
+++ b/source4/libcli/smb2/smb2_calls.h
@@ -23,11 +23,14 @@
struct smb2_negprot {
struct {
- /* static body buffer 38 (0x26) bytes */
- /* uint16_t buffer_code; 0x24 (why?) */
- uint16_t unknown1; /* 0x0001 */
- uint8_t unknown2[32]; /* all zero */
- uint16_t unknown3; /* 0x00000 */
+ uint16_t dialect_count; /* size of dialects array */
+ uint16_t security_mode; /* 0==signing disabled
+ 1==signing enabled */
+ uint16_t reserved;
+ uint32_t capabilities;
+ struct GUID client_guid;
+ NTTIME start_time;
+ uint16_t *dialects;
} in;
struct {
/* static body buffer 64 (0x40) bytes */
generated by cgit (git 2.34.1) at 2024-06-28 09:27:08 +0000