[SCM] Samba Shared Repository - branch v4-0-test updated -
release-4-0-0alpha4-44-ge9fd9b8
Andrew Tridgell
tridge at samba.org
Sat Jun 7 15:31:34 GMT 2008
The branch, v4-0-test has been updated
via e9fd9b821c04d1cb7b574f539dd8169611e662aa (commit)
via 056f16e664e581bab1c07759e99ad4f6685c58eb (commit)
from 8e96f2edb003d997e71e9e237463882696279d0f (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -----------------------------------------------------------------
commit e9fd9b821c04d1cb7b574f539dd8169611e662aa
Author: Andrew Tridgell <tridge at samba.org>
Date: Sat Jun 7 08:30:51 2008 -0700
make signing per session in the SMB2 client library
Thanks to Metze for spotting this
commit 056f16e664e581bab1c07759e99ad4f6685c58eb
Author: Andrew Tridgell <tridge at samba.org>
Date: Sat Jun 7 08:14:25 2008 -0700
fixed mandatory signing
Metze pointed out that if signing is mandatory in the server then we
need to reject packets without the signed flag if the packet contains
a session id.
-----------------------------------------------------------------------
Summary of changes:
source/libcli/smb2/session.c | 6 +++---
source/libcli/smb2/smb2.h | 2 +-
source/libcli/smb2/tcon.c | 1 +
source/libcli/smb2/transport.c | 12 ++++++------
source/smb_server/smb2/negprot.c | 2 ++
source/smb_server/smb2/receive.c | 4 ++++
source/smb_server/smb2/sesssetup.c | 3 +--
7 files changed, 18 insertions(+), 12 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/libcli/smb2/session.c b/source/libcli/smb2/session.c
index 42fd484..9161631 100644
--- a/source/libcli/smb2/session.c
+++ b/source/libcli/smb2/session.c
@@ -164,7 +164,7 @@ static void session_request_handler(struct smb2_request *req)
session_key_err = gensec_session_key(session->gensec, &session_key);
if (NT_STATUS_IS_OK(session_key_err)) {
- session->transport->signing.session_key = session_key;
+ session->session_key = session_key;
}
}
@@ -188,9 +188,9 @@ static void session_request_handler(struct smb2_request *req)
}
if (session->transport->signing.doing_signing) {
- if (session->transport->signing.session_key.length != 16) {
+ if (session->session_key.length != 16) {
DEBUG(2,("Wrong session key length %u for SMB2 signing\n",
- (unsigned)session->transport->signing.session_key.length));
+ (unsigned)session->session_key.length));
composite_error(c, NT_STATUS_ACCESS_DENIED);
return;
}
diff --git a/source/libcli/smb2/smb2.h b/source/libcli/smb2/smb2.h
index 0903509..2b468d3 100644
--- a/source/libcli/smb2/smb2.h
+++ b/source/libcli/smb2/smb2.h
@@ -30,7 +30,6 @@ struct smb2_handle;
struct smb2_signing_context {
bool doing_signing;
bool signing_started;
- DATA_BLOB session_key;
};
/*
@@ -98,6 +97,7 @@ struct smb2_session {
struct smb2_transport *transport;
struct gensec_security *gensec;
uint64_t uid;
+ DATA_BLOB session_key;
};
diff --git a/source/libcli/smb2/tcon.c b/source/libcli/smb2/tcon.c
index db35669..ec7152b 100644
--- a/source/libcli/smb2/tcon.c
+++ b/source/libcli/smb2/tcon.c
@@ -57,6 +57,7 @@ struct smb2_request *smb2_tree_connect_send(struct smb2_tree *tree,
if (req == NULL) return NULL;
SBVAL(req->out.hdr, SMB2_HDR_SESSION_ID, tree->session->uid);
+ req->session = tree->session;
SSVAL(req->out.body, 0x02, io->in.reserved);
status = smb2_push_o16s16_string(&req->out, 0x04, io->in.path);
diff --git a/source/libcli/smb2/transport.c b/source/libcli/smb2/transport.c
index a9a9efb..6e0d523 100644
--- a/source/libcli/smb2/transport.c
+++ b/source/libcli/smb2/transport.c
@@ -235,10 +235,9 @@ static NTSTATUS smb2_transport_finish_recv(void *private, DATA_BLOB blob)
req->in.body_size = req->in.size - (SMB2_HDR_BODY+NBT_HDR_SIZE);
req->status = NT_STATUS(IVAL(hdr, SMB2_HDR_STATUS));
- if (transport->signing.signing_started &&
- transport->signing.doing_signing) {
+ if (req->session && transport->signing.doing_signing) {
status = smb2_check_signature(&req->in,
- transport->signing.session_key);
+ req->session->session_key);
if (!NT_STATUS_IS_OK(status)) {
/* the spec says to ignore packets with a bad signature */
talloc_free(buffer);
@@ -353,9 +352,10 @@ void smb2_transport_send(struct smb2_request *req)
}
/* possibly sign the message */
- if (req->transport->signing.doing_signing &&
- req->transport->signing.signing_started) {
- status = smb2_sign_message(&req->out, req->transport->signing.session_key);
+ if (req->transport->signing.doing_signing &&
+ req->transport->signing.signing_started &&
+ req->session) {
+ status = smb2_sign_message(&req->out, req->session->session_key);
if (!NT_STATUS_IS_OK(status)) {
req->state = SMB2_REQUEST_ERROR;
req->status = status;
diff --git a/source/smb_server/smb2/negprot.c b/source/smb_server/smb2/negprot.c
index 2da3900..3e6e2e1 100644
--- a/source/smb_server/smb2/negprot.c
+++ b/source/smb_server/smb2/negprot.c
@@ -121,6 +121,8 @@ static NTSTATUS smb2srv_negprot_backend(struct smb2srv_request *req, struct smb2
break;
case SMB_SIGNING_REQUIRED:
io->out.security_mode = SMB2_NEGOTIATE_SIGNING_ENABLED | SMB2_NEGOTIATE_SIGNING_REQUIRED;
+ /* force signing on immediately */
+ req->smb_conn->doing_signing = true;
break;
}
io->out.dialect_revision = SMB2_DIALECT_REVISION;
diff --git a/source/smb_server/smb2/receive.c b/source/smb_server/smb2/receive.c
index 3def8fe..2f4e9df 100644
--- a/source/smb_server/smb2/receive.c
+++ b/source/smb_server/smb2/receive.c
@@ -321,6 +321,10 @@ static NTSTATUS smb2srv_reply(struct smb2srv_request *req)
smb2srv_send_error(req, status);
return NT_STATUS_OK;
}
+ } else if (req->smb_conn->doing_signing && req->session != NULL) {
+ /* we require signing and this request was not signed */
+ smb2srv_send_error(req, NT_STATUS_ACCESS_DENIED);
+ return NT_STATUS_OK;
}
/* TODO: check the seqnum */
diff --git a/source/smb_server/smb2/sesssetup.c b/source/smb_server/smb2/sesssetup.c
index 482dd18..9fb3220 100644
--- a/source/smb_server/smb2/sesssetup.c
+++ b/source/smb_server/smb2/sesssetup.c
@@ -181,8 +181,7 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses
/* note that we ignore SMB2_NEGOTIATE_SIGNING_ENABLED from the client.
This is deliberate as windows does not set it even when it does
set SMB2_NEGOTIATE_SIGNING_REQUIRED */
- if ((io->smb2.in.security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) ||
- lp_server_signing(req->smb_conn->lp_ctx) == SMB_SIGNING_REQUIRED) {
+ if (io->smb2.in.security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) {
req->smb_conn->doing_signing = true;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list