From afc93255d183eefb68e45b8ec6275f6a62cf9795 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 26 Dec 2007 17:12:36 -0800 Subject: Add SMB encryption. Still fixing client decrypt but negotiation works. Jeremy. (This used to be commit d78045601af787731f0737b8627450018902b104) --- source3/lib/util.c | 38 +++++++++++++------------------------- 1 file changed, 13 insertions(+), 25 deletions(-) (limited to 'source3/lib/util.c') diff --git a/source3/lib/util.c b/source3/lib/util.c index 11c14ea538..7f8a297fac 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -605,32 +605,30 @@ void show_msg(char *buf) } /******************************************************************* - Set the length and marker of an smb packet. + Set the length and marker of an encrypted smb packet. ********************************************************************/ -void smb_setlen(char *buf,int len) +void smb_set_enclen(char *buf,int len,uint16 enc_ctx_num) { _smb_setlen(buf,len); SCVAL(buf,4,0xFF); - SCVAL(buf,5,'S'); - SCVAL(buf,6,'M'); - SCVAL(buf,7,'B'); + SCVAL(buf,5,'E'); + SSVAL(buf,6,enc_ctx_num); } /******************************************************************* - Setup the word count and byte count for a smb message. + Set the length and marker of an smb packet. ********************************************************************/ -int set_message(char *buf,int num_words,int num_bytes,bool zero) +void smb_setlen(char *buf,int len) { - if (zero && (num_words || num_bytes)) { - memset(buf + smb_size,'\0',num_words*2 + num_bytes); - } - SCVAL(buf,smb_wct,num_words); - SSVAL(buf,smb_vwv + num_words*SIZEOFWORD,num_bytes); - smb_setlen(buf,smb_size + num_words*2 + num_bytes - 4); - return (smb_size + num_words*2 + num_bytes); + _smb_setlen(buf,len); + + SCVAL(buf,4,0xFF); + SCVAL(buf,5,'S'); + SCVAL(buf,6,'M'); + SCVAL(buf,7,'B'); } /******************************************************************* @@ -641,20 +639,10 @@ int set_message_bcc(char *buf,int num_bytes) { int num_words = CVAL(buf,smb_wct); SSVAL(buf,smb_vwv + num_words*SIZEOFWORD,num_bytes); - smb_setlen(buf,smb_size + num_words*2 + num_bytes - 4); + _smb_setlen(buf,smb_size + num_words*2 + num_bytes - 4); return (smb_size + num_words*2 + num_bytes); } -/******************************************************************* - Setup only the byte count for a smb message, using the end of the - message as a marker. -********************************************************************/ - -int set_message_end(void *outbuf,void *end_ptr) -{ - return set_message_bcc((char *)outbuf,PTR_DIFF(end_ptr,smb_buf((char *)outbuf))); -} - /******************************************************************* Add a data blob to the end of a smb_buf, adjusting bcc and smb_len. Return the bytes added -- cgit From 9baa97a46ebb92a5968ceba0fb5c2de51e6fa8f0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 5 Jan 2008 00:23:35 -0800 Subject: Add general '-e' option to enable smb encryption on tools. Jeremy. (This used to be commit 757653966fc1384159bd2d57c5670cd8af0cae96) --- source3/lib/util.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) (limited to 'source3/lib/util.c') diff --git a/source3/lib/util.c b/source3/lib/util.c index 7f8a297fac..81b9fc817b 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -289,7 +289,8 @@ static struct user_auth_info cmdline_auth_info = { NULL, /* password */ false, /* got_pass */ false, /* use_kerberos */ - Undefined /* signing state */ + Undefined, /* signing state */ + false /* smb_encrypt */ }; const char *get_cmdline_auth_info_username(void) @@ -362,11 +363,22 @@ void set_cmdline_auth_info_use_krb5_ticket(void) cmdline_auth_info.got_pass = true; } +/* This should only be used by lib/popt_common.c JRA */ +bool set_cmdline_auth_info_smb_encrypt(void) +{ + cmdline_auth_info.smb_encrypt = true; +} + bool get_cmdline_auth_info_got_pass(void) { return cmdline_auth_info.got_pass; } +bool get_cmdline_auth_info_smb_encrypt(void) +{ + return cmdline_auth_info.smb_encrypt; +} + bool get_cmdline_auth_info_copy(struct user_auth_info *info) { *info = cmdline_auth_info; -- cgit From 3d7a8a9fa14625279bcce03654465a88afe6db86 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 5 Jan 2008 01:16:09 -0800 Subject: Fix missing return - should be void. Jeremy. (This used to be commit 45ae90b77e53cd0cdf50939528dac4d2ca39b5c5) --- source3/lib/util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/lib/util.c') diff --git a/source3/lib/util.c b/source3/lib/util.c index 81b9fc817b..c69a1450a0 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -364,7 +364,7 @@ void set_cmdline_auth_info_use_krb5_ticket(void) } /* This should only be used by lib/popt_common.c JRA */ -bool set_cmdline_auth_info_smb_encrypt(void) +void set_cmdline_auth_info_smb_encrypt(void) { cmdline_auth_info.smb_encrypt = true; } -- cgit