From 08634e26e45d3dd935727e43587a137c72417cd3 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Thu, 24 Jul 2003 06:19:37 +0000
Subject: SMB signing is now working with change notify. Need to fix the
 disconnect when bad signature received, plus check the oplock breaks....
 Jermey. (This used to be commit dd83931a00ec0a2c4b78b939c54bc101ec82312f)

---
 source3/libsmb/smb_signing.c | 46 +++++++++++++++++++++++++++-----------------
 source3/smbd/notify.c        |  2 +-
 source3/smbd/nttrans.c       |  2 ++
 3 files changed, 31 insertions(+), 19 deletions(-)

diff --git a/source3/libsmb/smb_signing.c b/source3/libsmb/smb_signing.c
index 36c4147af8..1fe3f99c8a 100644
--- a/source3/libsmb/smb_signing.c
+++ b/source3/libsmb/smb_signing.c
@@ -61,8 +61,6 @@ static BOOL get_sequence_for_reply(struct outstanding_packet_lookup **list,
 			return True;
 		}
 	}
-	DEBUG(0, ("Unexpected incoming packet, it's MID (%u) does not match"
-		  " a MID in our outstanding list!\n", mid));
 	return False;
 }
 
@@ -501,6 +499,8 @@ static void srv_sign_outgoing_message(char *outbuf, struct smb_sign_info *si)
 {
 	unsigned char calc_md5_mac[16];
 	struct smb_basic_signing_context *data = si->signing_context;
+	uint32 send_seq_number = data->send_seq_num;
+	BOOL was_deferred_packet;
 
 	if (!si->doing_signing)
 		return;
@@ -515,7 +515,12 @@ static void srv_sign_outgoing_message(char *outbuf, struct smb_sign_info *si)
 	/* mark the packet as signed - BEFORE we sign it...*/
 	mark_packet_signed(outbuf);
 
-	simple_packet_signature(data, outbuf, data->send_seq_num, calc_md5_mac);
+	/* See if this is a reply for a deferred packet. */
+	was_deferred_packet = get_sequence_for_reply(&data->outstanding_packet_list, 
+				    SVAL(outbuf, smb_mid), 
+				    &send_seq_number);
+
+	simple_packet_signature(data, outbuf, send_seq_number, calc_md5_mac);
 
 	DEBUG(10, ("srv_sign_outgoing_message: sent SMB signature of\n"));
 	dump_data(10, calc_md5_mac, 8);
@@ -525,13 +530,8 @@ static void srv_sign_outgoing_message(char *outbuf, struct smb_sign_info *si)
 /*	cli->outbuf[smb_ss_field+2]=0; 
 	Uncomment this to test if the remote server actually verifies signatures...*/
 
-	data->send_seq_num++;
-#if 0 /* JRATEST */
-	store_sequence_for_reply(&data->outstanding_packet_list, 
-				 SVAL(outbuf,smb_mid),
-				 data->send_seq_num);
-	data->send_seq_num++;
-#endif /* JRATEST */
+	if (!was_deferred_packet)
+		data->send_seq_num++;
 }
 
 /***********************************************************
@@ -555,16 +555,8 @@ static BOOL srv_check_incoming_message(char *inbuf, struct smb_sign_info *si)
 		return False;
 	}
 
-#if 0 /* JRATEST */
-	if (!get_sequence_for_reply(&data->outstanding_packet_list, 
-				    SVAL(inbuf, smb_mid), 
-				    &reply_seq_number)) {
-		return False;
-	}
-#else /* JRATEST */
 	reply_seq_number = data->send_seq_num;
 	data->send_seq_num++;
-#endif /* JRATEST */
 
 	simple_packet_signature(data, inbuf, reply_seq_number, calc_md5_mac);
 
@@ -634,6 +626,24 @@ void srv_calculate_sign_mac(char *outbuf)
 	srv_sign_info.sign_outgoing_message(outbuf, &srv_sign_info);
 }
 
+/***********************************************************
+ Called by server to defer an outgoing packet.
+************************************************************/
+
+void srv_defer_sign_response(uint16 mid)
+{
+	struct smb_basic_signing_context *data;
+
+	if (!srv_sign_info.doing_signing)
+		return;
+
+	data = (struct smb_basic_signing_context *)srv_sign_info.signing_context;
+
+	store_sequence_for_reply(&data->outstanding_packet_list, 
+				 mid, data->send_seq_num);
+	data->send_seq_num++;
+}
+
 /***********************************************************
  Called by server negprot when signing has been negotiated.
 ************************************************************/
diff --git a/source3/smbd/notify.c b/source3/smbd/notify.c
index de1b331778..a0398d5a10 100644
--- a/source3/smbd/notify.c
+++ b/source3/smbd/notify.c
@@ -178,7 +178,7 @@ BOOL change_notify_set(char *inbuf, files_struct *fsp, connection_struct *conn,
 	struct change_notify *cnbp;
 
 	if((cnbp = (struct change_notify *)malloc(sizeof(*cnbp))) == NULL) {
-		DEBUG(0,("call_nt_transact_notify_change: malloc fail !\n" ));
+		DEBUG(0,("change_notify_set: malloc fail !\n" ));
 		return -1;
 	}
 
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index c574d9d563..a2c29620c9 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -1494,6 +1494,8 @@ static int call_nt_transact_notify_change(connection_struct *conn, char *inbuf,
 	DEBUG(3,("call_nt_transact_notify_change: notify change called on directory \
 name = %s\n", fsp->fsp_name ));
 
+	srv_defer_sign_response(SVAL(inbuf,smb_mid));
+
 	return -1;
 }
 
-- 
cgit