From c16c90a1cb3b0e2ceadd3dea835a4e69acfc2fae Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 9 Mar 2009 09:47:59 +0100
Subject: s3:smbd: use new simplified snb_signing code in the server

We keep the seqnum/mid mapping in the smb_request structure.

This also moves one global variable into the
smbd_server_connection struct.

metze
---
 source3/smbd/reply.c | 24 +++++++++++++++---------
 1 file changed, 15 insertions(+), 9 deletions(-)

(limited to 'source3/smbd/reply.c')

diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 8b560bd8ca..6f19a58178 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -497,7 +497,7 @@ void reply_special(char *inbuf)
 	DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
 		    msg_type, msg_flags));
 
-	srv_send_smb(smbd_server_fd(), outbuf, false, NULL);
+	srv_send_smb(smbd_server_fd(), outbuf, false, 0, false, NULL);
 	return;
 }
 
@@ -2766,7 +2766,8 @@ static void send_file_readbraw(connection_struct *conn,
 	 */
 
 	if ( !req_is_in_chain(req) && (nread > 0) && (fsp->base_fsp == NULL) &&
-	    (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn)) ) {
+	    (fsp->wcp == NULL) &&
+	    lp_use_sendfile(SNUM(conn), smbd_server_conn->signing_state) ) {
 		ssize_t sendfile_read = -1;
 		char header[4];
 		DATA_BLOB header_blob;
@@ -2870,7 +2871,8 @@ void reply_readbraw(struct smb_request *req)
 
 	START_PROFILE(SMBreadbraw);
 
-	if (srv_is_signing_active() || is_encrypted_packet(req->inbuf)) {
+	if (srv_is_signing_active(smbd_server_conn) ||
+	    is_encrypted_packet(req->inbuf)) {
 		exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
 			"raw reads/writes are disallowed.");
 	}
@@ -3274,7 +3276,8 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req,
 
 	if (!req_is_in_chain(req) &&
 	    !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) &&
-	    lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) {
+	    (fsp->wcp == NULL) &&
+	    lp_use_sendfile(SNUM(conn), smbd_server_conn->signing_state) ) {
 		uint8 headerbuf[smb_size + 12 * 2];
 		DATA_BLOB header;
 
@@ -3450,7 +3453,8 @@ void reply_read_and_X(struct smb_request *req)
 				return;
 			}
 			/* We currently don't do this on signed or sealed data. */
-			if (srv_is_signing_active() || is_encrypted_packet(req->inbuf)) {
+			if (srv_is_signing_active(smbd_server_conn) ||
+			    is_encrypted_packet(req->inbuf)) {
 				reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
 				END_PROFILE(SMBreadX);
 				return;
@@ -3558,7 +3562,7 @@ void reply_writebraw(struct smb_request *req)
 	 */
 	SCVAL(req->inbuf,smb_com,SMBwritec);
 
-	if (srv_is_signing_active()) {
+	if (srv_is_signing_active(smbd_server_conn)) {
 		END_PROFILE(SMBwritebraw);
 		exit_server_cleanly("reply_writebraw: SMB signing is active - "
 				"raw reads/writes are disallowed.");
@@ -3653,9 +3657,10 @@ void reply_writebraw(struct smb_request *req)
 	SSVALS(buf,smb_vwv0,0xFFFF);
 	show_msg(buf);
 	if (!srv_send_smb(smbd_server_fd(),
-			buf,
-			IS_CONN_ENCRYPTED(conn),
-			&req->pcd)) {
+			  buf,
+			  false, 0, /* no signing */
+			  IS_CONN_ENCRYPTED(conn),
+			  &req->pcd)) {
 		exit_server_cleanly("reply_writebraw: srv_send_smb "
 			"failed.");
 	}
@@ -4757,6 +4762,7 @@ void reply_echo(struct smb_request *req)
 		show_msg((char *)req->outbuf);
 		if (!srv_send_smb(smbd_server_fd(),
 				(char *)req->outbuf,
+				true, req->seqnum+1,
 				IS_CONN_ENCRYPTED(conn)||req->encrypted,
 				cur_pcd))
 			exit_server_cleanly("reply_echo: srv_send_smb failed.");
-- 
cgit