[SCM] Samba Shared Repository - branch master updated
Stefan Metzmacher
metze at samba.org
Thu Sep 15 06:01:06 MDT 2011
The branch, master has been updated
via ef8dc2d s3:libsmb: move cli->server{zone,time} to cli->conn.smb1.server.{time_zone,system_time}
via aca5e33 s3:libsmb: split cli->secblob into cli->conn.smb1.server.{guid,gss_blob,challenge,workgroup}
via 935eb48 s3:auth_server: make use of cli_state_server_challenge()
via bc72a9c s3:libsmb: make use of cli_state_server_gss_blob()
via 1f6060a s3:libsmb: make use of cli_state_server_challenge()
via a00f543 s3:libsmb: add cli_state_server_challenge() and cli_state_server_gss_blob()
via a1e2aff s3:libsmb: remove the guid from the cli->secblob in spnego mode
via 4a79d21 s3:libsmb: make sure cli->secblob.length is 8 if we get a challenge
via 18bec89 s3:libsmb: restructure cli_negprot_done() secblob handling a bit
via dcf5497 s3:libsmb: move cli->sesskey to cli->conn.smb1.server.session_key
via abca5f1 s3:libsmb: detect lock_read and write_unlock support
via 14e8ef1 s3:libsmb: move cli->*braw_supported to cli->conn.smb1.server.*braw
via 596aa96 s3:libsmb: move cli->sec_mode to cli->conn.smb1.server.security_mode
via 8f44105 s3:libsmb: move cli->max_mux to cli->conn.smb1.server.max_mux
via 768581e s3:libsmb: move cli->max_xmit to cli->conn.smb1.max_xmit
via b02d27a s3:libsmb: move cli->smb1.mid to cli->conn.smb1.mid
via 595f002 s3:libsmb: move cli->capabilities to cli->conn.smb1.capabilities
via 74a581a s3:libsmb: move cli->protocol to cli->conn.protocol
from 17c6e0a s3:libsmb: don't set cli->protocol in cli_state_create()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit ef8dc2d30e5387b38ac1a05eaece8f22326a24f8
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Sep 13 21:45:25 2011 +0200
s3:libsmb: move cli->server{zone,time} to cli->conn.smb1.server.{time_zone,system_time}
metze
Autobuild-User: Stefan Metzmacher <metze at samba.org>
Autobuild-Date: Thu Sep 15 14:00:29 CEST 2011 on sn-devel-104
commit aca5e33b006d62d9a7fbf42584f93f94bda9dac4
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Sep 13 21:34:35 2011 +0200
s3:libsmb: split cli->secblob into cli->conn.smb1.server.{guid,gss_blob,challenge,workgroup}
metze
commit 935eb488774bfb76e05b87d94c8ccd4c07f6608f
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Sep 13 21:51:52 2011 +0200
s3:auth_server: make use of cli_state_server_challenge()
metze
commit bc72a9c169dbaab1dd078e61c9cc1ee06e2b2995
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Sep 13 21:17:02 2011 +0200
s3:libsmb: make use of cli_state_server_gss_blob()
metze
commit 1f6060a3c1ae4057102a30d3afb12e6ec1a36a1b
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Sep 13 21:17:02 2011 +0200
s3:libsmb: make use of cli_state_server_challenge()
metze
commit a00f543aa61971bc38de385d8db85337e9b52e65
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Sep 13 20:41:09 2011 +0200
s3:libsmb: add cli_state_server_challenge() and cli_state_server_gss_blob()
metze
commit a1e2affd0fed1efba7f4b892e7b9abfa01abc2c8
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Sep 13 21:14:05 2011 +0200
s3:libsmb: remove the guid from the cli->secblob in spnego mode
metze
commit 4a79d213c25c3708bbdb905ebc1e677ba50fe154
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Sep 13 21:13:21 2011 +0200
s3:libsmb: make sure cli->secblob.length is 8 if we get a challenge
metze
commit 18bec89b90a3f11d7020f170a54a4ecc0cc2187c
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Sep 13 21:12:44 2011 +0200
s3:libsmb: restructure cli_negprot_done() secblob handling a bit
metze
commit dcf54977d705c2e0c06741a2c3618f663d3a0fcd
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Sep 13 18:45:36 2011 +0200
s3:libsmb: move cli->sesskey to cli->conn.smb1.server.session_key
metze
commit abca5f17c38f5ced2d03d66f99f91f895bf00851
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Sep 13 18:09:42 2011 +0200
s3:libsmb: detect lock_read and write_unlock support
metze
commit 14e8ef14a0cf44476160d3c0a12d0166002987a0
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Sep 13 18:07:58 2011 +0200
s3:libsmb: move cli->*braw_supported to cli->conn.smb1.server.*braw
This is currently unused, but we might use it in future.
metze
commit 596aa96d1746c84c30b8bea395ce1195a418a202
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Sep 13 16:48:18 2011 +0200
s3:libsmb: move cli->sec_mode to cli->conn.smb1.server.security_mode
metze
commit 8f44105cc424a7f0a354ac06d5022c72ce73b004
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Sep 13 16:31:58 2011 +0200
s3:libsmb: move cli->max_mux to cli->conn.smb1.server.max_mux
metze
commit 768581eee524540ef576ce2cf56c0b5fbfe862d9
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Sep 13 15:00:59 2011 +0200
s3:libsmb: move cli->max_xmit to cli->conn.smb1.max_xmit
And keep cli->conn.smb1.client.max_xmit and
cli->conn.smb1.server.max_xmit.
metze
commit b02d27ae056b08372861de4980fca1e03cb8d091
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Sep 13 15:07:29 2011 +0200
s3:libsmb: move cli->smb1.mid to cli->conn.smb1.mid
metze
commit 595f0020d4bc6c43adf4e73021e5fffab3354bfd
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Sep 13 15:00:59 2011 +0200
s3:libsmb: move cli->capabilities to cli->conn.smb1.capabilities
And keep cli->conn.smb1.client.capabilities and
cli->conn.smb1.server_capabilities.
metze
commit 74a581afe55d54090d46aa60b6377b930f11a76f
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Sep 13 14:38:38 2011 +0200
s3:libsmb: move cli->protocol to cli->conn.protocol
metze
-----------------------------------------------------------------------
Summary of changes:
source3/auth/auth_server.c | 12 +--
source3/include/client.h | 44 ++++++--
source3/libsmb/async_smb.c | 2 +-
source3/libsmb/cliconnect.c | 243 ++++++++++++++++++++++++++++++++-----------
source3/libsmb/clientgen.c | 58 +++++++----
source3/libsmb/clisigning.c | 3 -
source3/libsmb/proto.h | 2 +
7 files changed, 256 insertions(+), 108 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c
index 1df0853..8a9e5cd 100644
--- a/source3/auth/auth_server.c
+++ b/source3/auth/auth_server.c
@@ -231,6 +231,7 @@ static DATA_BLOB auth_get_challenge_server(const struct auth_context *auth_conte
if (cli) {
uint16_t sec_mode = cli_state_security_mode(cli);
+ const uint8_t *server_challenge = cli_state_server_challenge(cli);
DEBUG(3,("using password server validation\n"));
@@ -244,11 +245,6 @@ static DATA_BLOB auth_get_challenge_server(const struct auth_context *auth_conte
*my_private_data =
(void *)make_server_security_state(cli);
return data_blob_null;
- } else if (cli->secblob.length < 8) {
- /* We can't do much if we don't get a full challenge */
- DEBUG(2,("make_auth_info_server: Didn't receive a full challenge from server\n"));
- cli_shutdown(cli);
- return data_blob_null;
}
if (!(*my_private_data = (void *)make_server_security_state(cli))) {
@@ -257,7 +253,7 @@ static DATA_BLOB auth_get_challenge_server(const struct auth_context *auth_conte
/* The return must be allocated on the caller's mem_ctx, as our own will be
destoyed just after the call. */
- return data_blob_talloc(discard_const_p(TALLOC_CTX, auth_context), cli->secblob.data,8);
+ return data_blob_talloc(discard_const_p(TALLOC_CTX, auth_context), server_challenge ,8);
} else {
return data_blob_null;
}
@@ -313,7 +309,9 @@ static NTSTATUS check_smbserver_security(const struct auth_context *auth_context
return NT_STATUS_LOGON_FAILURE;
}
} else {
- if (memcmp(cli->secblob.data, auth_context->challenge.data, 8) != 0) {
+ const uint8_t *server_challenge = cli_state_server_challenge(cli);
+
+ if (memcmp(server_challenge, auth_context->challenge.data, 8) != 0) {
DEBUG(1,("the challenge that the password server (%s) supplied us is not the one we gave our client. This just can't work :-(\n", cli_state_remote_name(cli)));
return NT_STATUS_LOGON_FAILURE;
}
diff --git a/source3/include/client.h b/source3/include/client.h
index 8a26e73..37c1dcd 100644
--- a/source3/include/client.h
+++ b/source3/include/client.h
@@ -42,8 +42,6 @@ struct cli_state {
* A list of subsidiary connections for DFS.
*/
struct cli_state *prev, *next;
- enum protocol_types protocol;
- int sec_mode;
int rap_error;
NTSTATUS raw_status; /* maybe via NT_STATUS_DOS() */
@@ -64,19 +62,10 @@ struct cli_state {
char *share;
char *dev;
- DATA_BLOB secblob; /* cryptkey or negTokenInit */
- uint32 sesskey;
- int serverzone;
- uint32 servertime;
- int readbraw_supported;
- int writebraw_supported;
int timeout; /* in milliseconds. */
- size_t max_xmit;
- size_t max_mux;
int initialised;
int win95;
bool is_guestlogin;
- uint32 capabilities;
/* What the server offered. */
uint32_t server_posix_capabilities;
/* What the client requested. */
@@ -126,10 +115,41 @@ struct cli_state {
NTSTATUS (*dispatch_incoming)(struct cli_state *cli,
TALLOC_CTX *frame,
uint8_t *inbuf);
+
+ enum protocol_types protocol;
+
+ struct {
+ struct {
+ uint32_t capabilities;
+ uint32_t max_xmit;
+ } client;
+
+ struct {
+ uint32_t capabilities;
+ uint32_t max_xmit;
+ uint16_t max_mux;
+ uint16_t security_mode;
+ bool readbraw;
+ bool writebraw;
+ bool lockread;
+ bool writeunlock;
+ uint32_t session_key;
+ struct GUID guid;
+ DATA_BLOB gss_blob;
+ uint8_t challenge[8];
+ const char *workgroup;
+ int time_zone;
+ time_t system_time;
+ } server;
+
+ uint32_t capabilities;
+ uint32_t max_xmit;
+
+ uint16_t mid;
+ } smb1;
} conn;
struct {
- uint16_t mid;
uint16_t pid;
uint16_t vc_num;
uint16_t tid;
diff --git a/source3/libsmb/async_smb.c b/source3/libsmb/async_smb.c
index e55d5bd..cb4e630 100644
--- a/source3/libsmb/async_smb.c
+++ b/source3/libsmb/async_smb.c
@@ -106,7 +106,7 @@ static uint16_t cli_alloc_mid(struct cli_state *cli)
while (true) {
int i;
- result = cli->smb1.mid++;
+ result = cli->conn.smb1.mid++;
if ((result == 0) || (result == 0xffff)) {
continue;
}
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 23518ea..fd3c1d4 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -33,6 +33,7 @@
#include "async_smb.h"
#include "libsmb/nmblib.h"
#include "read_smb.h"
+#include "librpc/ndr/libndr.h"
static const struct {
int prot;
@@ -152,7 +153,7 @@ static struct tevent_req *cli_session_setup_lanman2_send(
return tevent_req_post(req, ev);
}
- if (!SMBencrypt(pass, cli->secblob.data,
+ if (!SMBencrypt(pass, cli_state_server_challenge(cli),
(uint8_t *)lm_response.data)) {
DEBUG(1, ("Password is > 14 chars in length, and is "
"therefore incompatible with Lanman "
@@ -847,11 +848,9 @@ static struct tevent_req *cli_session_setup_nt1_send(
DATA_BLOB server_chal;
DATA_BLOB names_blob;
- server_chal = data_blob(cli->secblob.data,
- MIN(cli->secblob.length, 8));
- if (tevent_req_nomem(server_chal.data, req)) {
- return tevent_req_post(req, ev);
- }
+ server_chal =
+ data_blob_const(cli_state_server_challenge(cli),
+ 8);
/*
* note that the 'workgroup' here is a best
@@ -871,13 +870,11 @@ static struct tevent_req *cli_session_setup_nt1_send(
&lm_response, &nt_response,
NULL, &session_key)) {
data_blob_free(&names_blob);
- data_blob_free(&server_chal);
tevent_req_nterror(
req, NT_STATUS_ACCESS_DENIED);
return tevent_req_post(req, ev);
}
data_blob_free(&names_blob);
- data_blob_free(&server_chal);
} else {
uchar nt_hash[16];
@@ -891,7 +888,7 @@ static struct tevent_req *cli_session_setup_nt1_send(
return tevent_req_post(req, ev);
}
- SMBNTencrypt(pass, cli->secblob.data,
+ SMBNTencrypt(pass, cli_state_server_challenge(cli),
nt_response.data);
#endif
/* non encrypted password supplied. Ignore ntpass. */
@@ -902,7 +899,8 @@ static struct tevent_req *cli_session_setup_nt1_send(
return tevent_req_post(req, ev);
}
- if (!SMBencrypt(pass,cli->secblob.data,
+ if (!SMBencrypt(pass,
+ cli_state_server_challenge(cli),
lm_response.data)) {
/*
* Oops, the LM response is
@@ -1777,15 +1775,21 @@ static ADS_STATUS cli_session_setup_spnego(struct cli_state *cli,
char *principal = NULL;
char *OIDs[ASN1_MAX_OIDS];
int i;
- DATA_BLOB blob;
+ DATA_BLOB *server_blob;
+ DATA_BLOB blob = data_blob_null;
const char *p = NULL;
char *account = NULL;
NTSTATUS status;
- DEBUG(3,("Doing spnego session setup (blob length=%lu)\n", (unsigned long)cli->secblob.length));
+ server_blob = cli_state_server_gss_blob(cli);
+ if (server_blob) {
+ blob = data_blob(server_blob->data, server_blob->length);
+ }
+
+ DEBUG(3,("Doing spnego session setup (blob length=%lu)\n", (unsigned long)blob.length));
/* the server might not even do spnego */
- if (cli->secblob.length <= 16) {
+ if (blob.length == 0) {
DEBUG(3,("server didn't supply a full spnego negprot\n"));
goto ntlmssp;
}
@@ -1794,9 +1798,6 @@ static ADS_STATUS cli_session_setup_spnego(struct cli_state *cli,
file_save("negprot.dat", cli->secblob.data, cli->secblob.length);
#endif
- /* there is 16 bytes of GUID before the real spnego packet starts */
- blob = data_blob(cli->secblob.data+16, cli->secblob.length-16);
-
/* The server sent us the first part of the SPNEGO exchange in the
* negprot reply. It is WRONG to depend on the principal sent in the
* negprot reply, but right now we do it. If we don't receive one,
@@ -2223,7 +2224,7 @@ struct tevent_req *cli_tcon_andx_create(TALLOC_CTX *mem_ctx,
* Non-encrypted passwords - convert to DOS codepage before
* encryption.
*/
- SMBencrypt(pass, cli->secblob.data, p24);
+ SMBencrypt(pass, cli_state_server_challenge(cli), p24);
passlen = 24;
pass = (const char *)p24;
} else {
@@ -2581,11 +2582,11 @@ struct tevent_req *cli_negprot_send(TALLOC_CTX *mem_ctx,
}
}
- tmp_protocol = cli->protocol;
- cli->protocol = state->max_protocol;
+ tmp_protocol = cli->conn.protocol;
+ cli->conn.protocol = state->max_protocol;
subreq = cli_smb_send(state, ev, cli, SMBnegprot, 0, 0, NULL,
talloc_get_size(bytes), bytes);
- cli->protocol = tmp_protocol;
+ cli->conn.protocol = tmp_protocol;
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
}
@@ -2600,6 +2601,7 @@ static void cli_negprot_done(struct tevent_req *subreq)
struct cli_negprot_state *state = tevent_req_data(
req, struct cli_negprot_state);
struct cli_state *cli = state->cli;
+ uint8_t flags;
uint8_t wct;
uint16_t *vwv;
uint32_t num_bytes;
@@ -2607,10 +2609,30 @@ static void cli_negprot_done(struct tevent_req *subreq)
NTSTATUS status;
uint16_t protnum;
uint8_t *inbuf;
+ uint32_t client_capabilities = cli->conn.smb1.client.capabilities;
uint32_t both_capabilities;
uint32_t server_capabilities = 0;
+ uint32_t capabilities;
+ uint32_t client_max_xmit = cli->conn.smb1.client.max_xmit;
+ uint32_t server_max_xmit = 0;
+ uint32_t max_xmit;
+ uint32_t server_max_mux = 0;
+ uint16_t server_security_mode = 0;
+ uint32_t server_session_key = 0;
+ bool server_readbraw = false;
+ bool server_writebraw = false;
+ bool server_lockread = false;
+ bool server_writeunlock = false;
+ struct GUID server_guid = GUID_zero();
+ DATA_BLOB server_gss_blob = data_blob_null;
+ uint8_t server_challenge[8];
+ char *server_workgroup = NULL;
+ int server_time_zone = 0;
+ time_t server_system_time = 0;
enum protocol_types protocol;
+ ZERO_STRUCT(server_challenge);
+
status = cli_smb_recv(subreq, state, &inbuf, 1, &wct, &vwv,
&num_bytes, &bytes);
TALLOC_FREE(subreq);
@@ -2619,6 +2641,8 @@ static void cli_negprot_done(struct tevent_req *subreq)
return;
}
+ flags = CVAL(inbuf, smb_flg);
+
protnum = SVAL(vwv, 0);
if ((protnum >= ARRAY_SIZE(prots))
@@ -2636,6 +2660,11 @@ static void cli_negprot_done(struct tevent_req *subreq)
return;
}
+ if (flags & FLAG_SUPPORT_LOCKREAD) {
+ server_lockread = true;
+ server_writeunlock = true;
+ }
+
if (protocol >= PROTOCOL_NT1) {
struct timespec ts;
const char *client_signing = NULL;
@@ -2643,6 +2672,7 @@ static void cli_negprot_done(struct tevent_req *subreq)
bool server_allowed;
const char *server_signing = NULL;
bool ok;
+ uint16_t key_len;
if (wct != 0x11) {
tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);
@@ -2650,31 +2680,76 @@ static void cli_negprot_done(struct tevent_req *subreq)
}
/* NT protocol */
- cli->sec_mode = CVAL(vwv + 1, 0);
- cli->max_mux = SVAL(vwv + 1, 1);
- cli->max_xmit = IVAL(vwv + 3, 1);
- cli->sesskey = IVAL(vwv + 7, 1);
- cli->serverzone = SVALS(vwv + 15, 1);
- cli->serverzone *= 60;
+ server_security_mode = CVAL(vwv + 1, 0);
+ server_max_mux = SVAL(vwv + 1, 1);
+ server_max_xmit = IVAL(vwv + 3, 1);
+ server_session_key = IVAL(vwv + 7, 1);
+ server_time_zone = SVALS(vwv + 15, 1);
+ server_time_zone *= 60;
/* this time arrives in real GMT */
ts = interpret_long_date(((char *)(vwv+11))+1);
- cli->servertime = ts.tv_sec;
- cli->secblob = data_blob(bytes, num_bytes);
+ server_system_time = ts.tv_sec;
server_capabilities = IVAL(vwv + 9, 1);
+
+ key_len = CVAL(vwv + 16, 1);
+
if (server_capabilities & CAP_RAW_MODE) {
- cli->readbraw_supported = True;
- cli->writebraw_supported = True;
+ server_readbraw = true;
+ server_writebraw = true;
+ }
+ if (server_capabilities & CAP_LOCK_AND_READ) {
+ server_lockread = true;
}
- /* work out if they sent us a workgroup */
- if (!(server_capabilities & CAP_EXTENDED_SECURITY) &&
- smb_buflen(inbuf) > 8) {
+
+ if (server_capabilities & CAP_EXTENDED_SECURITY) {
+ DATA_BLOB blob1, blob2;
+
+ if (num_bytes < 16) {
+ tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);
+ return;
+ }
+
+ blob1 = data_blob_const(bytes, 16);
+ GUID_from_data_blob(&blob1, &server_guid);
+
+ blob1 = data_blob_const(bytes+16, num_bytes-16);
+ blob2 = data_blob_dup_talloc(state, &blob1);
+ if (blob1.length > 0 &&
+ tevent_req_nomem(blob2.data, req)) {
+ return;
+ }
+ server_gss_blob = blob2;
+ } else {
+ DATA_BLOB blob1;
ssize_t ret;
- status = smb_bytes_talloc_string(
- cli, (char *)inbuf, &cli->server_domain,
- bytes + 8, num_bytes - 8, &ret);
- if (tevent_req_nterror(req, status)) {
+
+ if (num_bytes < key_len) {
+ tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);
+ return;
+ }
+
+ if (key_len != 0 && key_len != 8) {
+ tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);
return;
}
+
+ if (key_len == 8) {
+ memcpy(server_challenge, bytes, 8);
+ }
+
+ blob1 = data_blob_const(bytes+key_len, num_bytes-key_len);
+ if (blob1.length > 0) {
+ ret = pull_string_talloc(state,
+ (char *)inbuf,
+ SVAL(inbuf, smb_flg2),
+ &server_workgroup,
+ blob1.data, blob1.length,
+ STR_TERMINATE);
+ if (ret == -1) {
+ tevent_req_oom(req);
+ return;
+ }
+ }
}
client_signing = "disabled";
@@ -2686,11 +2761,11 @@ static void cli_negprot_done(struct tevent_req *subreq)
}
server_signing = "not supported";
- if (cli->sec_mode & NEGOTIATE_SECURITY_SIGNATURES_ENABLED) {
+ if (server_security_mode & NEGOTIATE_SECURITY_SIGNATURES_ENABLED) {
server_signing = "supported";
server_allowed = true;
}
- if (cli->sec_mode & NEGOTIATE_SECURITY_SIGNATURES_REQUIRED) {
+ if (server_security_mode & NEGOTIATE_SECURITY_SIGNATURES_REQUIRED) {
server_signing = "required";
server_mandatory = true;
}
@@ -2712,38 +2787,45 @@ static void cli_negprot_done(struct tevent_req *subreq)
return;
}
- cli->sec_mode = SVAL(vwv + 1, 0);
- cli->max_xmit = SVAL(vwv + 2, 0);
- cli->max_mux = SVAL(vwv + 3, 0);
- cli->sesskey = IVAL(vwv + 6, 0);
- cli->serverzone = SVALS(vwv + 10, 0);
- cli->serverzone *= 60;
+ server_security_mode = SVAL(vwv + 1, 0);
+ server_max_xmit = SVAL(vwv + 2, 0);
+ server_max_mux = SVAL(vwv + 3, 0);
+ server_session_key = IVAL(vwv + 6, 0);
+ server_time_zone = SVALS(vwv + 10, 0);
+ server_time_zone *= 60;
/* this time is converted to GMT by make_unix_date */
- cli->servertime = make_unix_date(
- (char *)(vwv + 8), cli->serverzone);
- cli->readbraw_supported = ((SVAL(vwv + 5, 0) & 0x1) != 0);
- cli->writebraw_supported = ((SVAL(vwv + 5, 0) & 0x2) != 0);
- cli->secblob = data_blob(bytes, num_bytes);
+ server_system_time = make_unix_date(
+ (char *)(vwv + 8), server_time_zone);
+ server_readbraw = ((SVAL(vwv + 5, 0) & 0x1) != 0);
+ server_writebraw = ((SVAL(vwv + 5, 0) & 0x2) != 0);
+
+ if (num_bytes != 0 && num_bytes != 8) {
+ tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);
+ return;
+ }
+
+ if (num_bytes == 8) {
+ memcpy(server_challenge, bytes, 8);
+ }
} else {
/* the old core protocol */
- cli->sec_mode = 0;
- cli->serverzone = get_time_zone(time(NULL));
- cli->max_xmit = 1024;
- cli->max_mux = 1;
+ server_time_zone = get_time_zone(time(NULL));
+ server_system_time = 0;
+ server_max_xmit = 1024;
+ server_max_mux = 1;
+ server_security_mode = 0;
}
- if (cli->max_xmit < 1024) {
+ if (server_max_xmit < 1024) {
tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);
return;
}
- if (cli->max_mux < 1) {
+ if (server_max_mux < 1) {
tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);
return;
}
- cli->max_xmit = MIN(cli->max_xmit, CLI_BUFFER_SIZE);
-
/*
--
Samba Shared Repository
More information about the samba-cvs
mailing list