From ecd496f06654e8316260c9a6ddab5e473f9cc452 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 17 Mar 2007 00:32:54 +0000 Subject: r21865: Add in the stubs for SMB transport encryption. Will flesh these out as I implement. Don't add to SAMBA_3_0_25, this is experimental code. NFSv4 you're now officially on notice... :-). Jeremy. (This used to be commit 5bfe638f2172e272741997100ee5ae8ff280494d) --- source3/lib/util_sock.c | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) (limited to 'source3/lib') diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c index 2866a443d4..663502bef0 100644 --- a/source3/lib/util_sock.c +++ b/source3/lib/util_sock.c @@ -732,15 +732,28 @@ BOOL receive_smb_raw(int fd, char *buffer, unsigned int timeout) BOOL receive_smb(int fd, char *buffer, unsigned int timeout) { + NTSTATUS status; + if (!receive_smb_raw(fd, buffer, timeout)) { return False; } + status = srv_decrypt_buffer(buffer); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("receive_smb: SMB decryption failed on incoming packet! Error %s\n", + nt_errstr(status) )); + if (smb_read_error == 0) { + smb_read_error = READ_BAD_DECRYPT; + } + return False; + } + /* Check the incoming SMB signature. */ if (!srv_check_sign_mac(buffer, True)) { DEBUG(0, ("receive_smb: SMB Signature verification failed on incoming packet!\n")); - if (smb_read_error == 0) + if (smb_read_error == 0) { smb_read_error = READ_BAD_SIG; + } return False; }; @@ -753,6 +766,7 @@ BOOL receive_smb(int fd, char *buffer, unsigned int timeout) BOOL send_smb(int fd, char *buffer) { + NTSTATUS status; size_t len; size_t nwritten=0; ssize_t ret; @@ -760,6 +774,13 @@ BOOL send_smb(int fd, char *buffer) /* Sign the outgoing packet if required. */ srv_calculate_sign_mac(buffer); + status = srv_encrypt_buffer(buffer); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("send_smb: SMB encryption failed on outgoing packet! Error %s\n", + nt_errstr(status) )); + return False; + } + len = smb_len(buffer) + 4; while (nwritten < len) { -- cgit