diff options
| author | Jeremy Allison <jra@samba.org> | 2007-03-21 00:25:08 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:18:46 -0500 |
| commit | 071db6fdbff694681fa1793ee678a9a0af3e266a (patch) | |
| tree | 53a916c3350b9b9a75fc647095c3f4bb78dc88cc /source3/libsmb/smb_signing.c | |
| parent | 6b0dcfa62d23980351e852eec05123c0a9823f1d (diff) | |
| download | samba-071db6fdbff694681fa1793ee678a9a0af3e266a.tar.gz samba-071db6fdbff694681fa1793ee678a9a0af3e266a.tar.xz samba-071db6fdbff694681fa1793ee678a9a0af3e266a.zip | |
r21897: Add in a basic raw NTLM encrypt request. Now
for testing.
Jeremy.
(This used to be commit 783a7b3085a155d9652cd725bf2960cd272cb554)
Diffstat (limited to 'source3/libsmb/smb_signing.c')
| -rw-r--r-- | source3/libsmb/smb_signing.c | 38 |
1 files changed, 34 insertions, 4 deletions
diff --git a/source3/libsmb/smb_signing.c b/source3/libsmb/smb_signing.c index df74b2db36a..66a15e94083 100644 --- a/source3/libsmb/smb_signing.c +++ b/source3/libsmb/smb_signing.c @@ -585,7 +585,9 @@ void cli_free_signing_context(struct cli_state *cli) void cli_calculate_sign_mac(struct cli_state *cli) { - cli->sign_info.sign_outgoing_message(cli->outbuf, &cli->sign_info); + if (!cli_encryption_on(cli)) { + cli->sign_info.sign_outgoing_message(cli->outbuf, &cli->sign_info); + } } /** @@ -596,6 +598,9 @@ void cli_calculate_sign_mac(struct cli_state *cli) BOOL cli_check_sign_mac(struct cli_state *cli) { + if (cli_encryption_on(cli)) { + return True; + } if (!cli->sign_info.check_incoming_message(cli->inbuf, &cli->sign_info, True)) { free_signing_context(&cli->sign_info); return False; @@ -612,6 +617,9 @@ BOOL client_set_trans_sign_state_on(struct cli_state *cli, uint16 mid) struct smb_sign_info *si = &cli->sign_info; struct smb_basic_signing_context *data = (struct smb_basic_signing_context *)si->signing_context; + if (cli_encryption_on(cli)) { + return True; + } if (!si->doing_signing) { return True; } @@ -637,6 +645,9 @@ BOOL client_set_trans_sign_state_off(struct cli_state *cli, uint16 mid) struct smb_sign_info *si = &cli->sign_info; struct smb_basic_signing_context *data = (struct smb_basic_signing_context *)si->signing_context; + if (cli_encryption_on(cli)) { + return True; + } if (!si->doing_signing) { return True; } @@ -798,8 +809,18 @@ BOOL srv_oplock_set_signing(BOOL onoff) BOOL srv_check_sign_mac(char *inbuf, BOOL must_be_ok) { /* Check if it's a session keepalive. */ - if(CVAL(inbuf,0) == SMBkeepalive) + if(CVAL(inbuf,0) == SMBkeepalive) { return True; + } + + /* + * If we have an encrypted transport + * don't sign - we're already doing that. + */ + + if (srv_encryption_on()) { + return True; + } return srv_sign_info.check_incoming_message(inbuf, &srv_sign_info, must_be_ok); } @@ -811,9 +832,18 @@ BOOL srv_check_sign_mac(char *inbuf, BOOL must_be_ok) void srv_calculate_sign_mac(char *outbuf) { /* Check if it's a session keepalive. */ - /* JRA Paranioa test - do we ever generate these in the server ? */ - if(CVAL(outbuf,0) == SMBkeepalive) + if(CVAL(outbuf,0) == SMBkeepalive) { return; + } + + /* + * If we have an encrypted transport + * don't check sign - we're already doing that. + */ + + if (srv_encryption_on()) { + return; + } srv_sign_info.sign_outgoing_message(outbuf, &srv_sign_info); } |