diff options
author | Andrew Bartlett <abartlet@samba.org> | 2003-03-18 12:01:47 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2003-03-18 12:01:47 +0000 |
commit | 892599fb92b6158e86a3934c8f2045ee457f38e3 (patch) | |
tree | daf6bb11844cc1bbd8afecc2c7329a090a3f986e /source3/libsmb/clientgen.c | |
parent | 50e9b88dff56e70ad03eb104cb151fe21112b984 (diff) | |
download | samba-892599fb92b6158e86a3934c8f2045ee457f38e3.tar.gz samba-892599fb92b6158e86a3934c8f2045ee457f38e3.tar.xz samba-892599fb92b6158e86a3934c8f2045ee457f38e3.zip |
Merge from HEAD:
A much better SMB signing module, that allows for mulitple signing algorithms
and correctly backs down from signing when the server cannot sign the reply.
This also attempts to enable SMB signing on NTLMSSP connections, but I don't
know what NTLMSSP flags to set yet.
This would allow 'client use signing' to be set by default, for server
compatability. (A seperate option value should be provided for mandetory
signing, which would not back down).
Andrew Bartlett
(This used to be commit 1c87be7a3d127201a6ab78d22d17c971af16b86b)
Diffstat (limited to 'source3/libsmb/clientgen.c')
-rw-r--r-- | source3/libsmb/clientgen.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index 9598f4ac96..3cae643c38 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -177,9 +177,6 @@ void cli_setup_packet(struct cli_state *cli) flags2 |= FLAGS2_32_BIT_ERROR_CODES; if (cli->use_spnego) flags2 |= FLAGS2_EXTENDED_SECURITY; - if (cli->sign_info.use_smb_signing - || cli->sign_info.temp_smb_signing) - flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES; SSVAL(cli->outbuf,smb_flg2, flags2); } } @@ -200,8 +197,8 @@ void cli_setup_bcc(struct cli_state *cli, void *p) void cli_init_creds(struct cli_state *cli, const struct ntuser_creds *usr) { /* copy_nt_creds(&cli->usr, usr); */ - safe_strcpy(cli->domain , usr->domain , sizeof(usr->domain )-1); - safe_strcpy(cli->user_name, usr->user_name, sizeof(usr->user_name)-1); + fstrcpy(cli->domain , usr->domain); + fstrcpy(cli->user_name, usr->user_name); memcpy(&cli->pwd, &usr->pwd, sizeof(usr->pwd)); cli->ntlmssp_flags = usr->ntlmssp_flags; cli->ntlmssp_cli_flgs = usr != NULL ? usr->ntlmssp_flags : 0; @@ -262,6 +259,9 @@ struct cli_state *cli_initialise(struct cli_state *cli) if (getenv("CLI_FORCE_DOSERR")) cli->force_dos_errors = True; + /* initialise signing */ + cli_null_set_signing(cli); + if (lp_client_signing()) cli->sign_info.allow_smb_signing = True; @@ -303,6 +303,7 @@ void cli_close_connection(struct cli_state *cli) SAFE_FREE(cli->outbuf); SAFE_FREE(cli->inbuf); + cli_free_signing_context(cli); data_blob_free(&cli->secblob); if (cli->mem_ctx) { @@ -314,6 +315,7 @@ void cli_close_connection(struct cli_state *cli) close(cli->fd); cli->fd = -1; cli->smb_rw_error = 0; + } /**************************************************************************** |