From 282018a366dec480597c08df310a7826c079b692 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 14 Apr 2007 00:53:38 +0000 Subject: r22212: Cope with signature errors on sessionsetupX logins where the server just reflects our signature back to us. Allow the upper layer to see the real error. Jeremy. (This used to be commit 6cf0b93b1d8cb97dc665e14ace94a259def67724) --- source3/libsmb/clientgen.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'source3/libsmb') diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index e4712d2f65..de575e83a2 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -139,6 +139,26 @@ BOOL cli_receive_smb_internal(struct cli_state *cli, BOOL eat_keepalives) } if (!cli_check_sign_mac(cli)) { + /* + * If we get a signature failure in sessionsetup, then + * the server sometimes just reflects the sent signature + * back to us. Detect this and allow the upper layer to + * retrieve the correct Windows error message. + */ + if (CVAL(cli->outbuf,smb_com) == SMBsesssetupX && + (smb_len(cli->inbuf) > (smb_ss_field + 8 - 4)) && + (SVAL(cli->inbuf,smb_flg2) & FLAGS2_SMB_SECURITY_SIGNATURES) && + memcmp(&cli->outbuf[smb_ss_field],&cli->inbuf[smb_ss_field],8) == 0 && + cli_is_error(cli)) { + + /* + * Reflected signature on login error. + * Set bad sig but don't close fd. + */ + cli->smb_rw_error = READ_BAD_SIG; + return True; + } + DEBUG(0, ("SMB Signature verification failed on incoming packet!\n")); cli->smb_rw_error = READ_BAD_SIG; close(cli->fd); -- cgit