r26651: libsmb: Allow specifying signing policy from higher up.
authorJelmer Vernooij <jelmer@samba.org>
Thu, 3 Jan 2008 23:21:58 +0000 (17:21 -0600)
committerStefan Metzmacher <metze@samba.org>
Thu, 3 Jan 2008 18:33:36 +0000 (12:33 -0600)
The number of arguments is getting a bit excessive now, so it
probably makes sense to pass in the smbcli_options struct rather than
all members individually and add a convenience function for obtaining a
smbcli_options struct from a loadparm context.

17 files changed:
source/client/client.c
source/libcli/cliconnect.c
source/libcli/raw/clitransport.c
source/libcli/raw/clitree.c
source/libcli/raw/libcliraw.h
source/libcli/raw/smb_signing.c
source/libcli/smb_composite/connect.c
source/libcli/smb_composite/fetchfile.c
source/libcli/smb_composite/fsinfo.c
source/libcli/smb_composite/smb_composite.h
source/librpc/rpc/dcerpc_connect.c
source/ntvfs/cifs/vfs_cifs.c
source/scripting/ejs/smbcalls_cli.c
source/torture/basic/base.c
source/torture/basic/misc.c
source/torture/raw/lockbench.c
source/torture/raw/openbench.c

index 7ce3268..259966d 100644 (file)
@@ -3065,7 +3065,7 @@ static int do_host_query(struct loadparm_context *lp_ctx, const char *query_host
 /****************************************************************************
 handle a message operation
 ****************************************************************************/
-static int do_message_op(const char *netbios_name, const char *desthost, const char **destports, const char *destip, int name_type, struct resolve_context *resolve_ctx, int max_xmit, int max_mux, bool use_spnego)
+static int do_message_op(const char *netbios_name, const char *desthost, const char **destports, const char *destip, int name_type, struct resolve_context *resolve_ctx, int max_xmit, int max_mux, bool use_spnego, enum smb_signing_state signing)
 {
        struct nbt_name called, calling;
        const char *server_name;
@@ -3077,7 +3077,7 @@ static int do_message_op(const char *netbios_name, const char *desthost, const c
 
        server_name = destip ? destip : desthost;
 
-       if (!(cli=smbcli_state_init(NULL)) || !smbcli_socket_connect(cli, server_name, destports, resolve_ctx, max_xmit, max_mux, use_spnego)) {
+       if (!(cli=smbcli_state_init(NULL)) || !smbcli_socket_connect(cli, server_name, destports, resolve_ctx, max_xmit, max_mux, use_spnego, signing)) {
                d_printf("Connection to %s failed\n", server_name);
                return 1;
        }
@@ -3225,7 +3225,7 @@ static int do_message_op(const char *netbios_name, const char *desthost, const c
        }
 
        if (message) {
-               return do_message_op(lp_netbios_name(cmdline_lp_ctx), desthost, lp_smb_ports(cmdline_lp_ctx), dest_ip, name_type, lp_resolve_context(cmdline_lp_ctx), lp_max_xmit(cmdline_lp_ctx), lp_maxmux(cmdline_lp_ctx), lp_nt_status_support(cmdline_lp_ctx) && lp_use_spnego(cmdline_lp_ctx));
+               return do_message_op(lp_netbios_name(cmdline_lp_ctx), desthost, lp_smb_ports(cmdline_lp_ctx), dest_ip, name_type, lp_resolve_context(cmdline_lp_ctx), lp_max_xmit(cmdline_lp_ctx), lp_maxmux(cmdline_lp_ctx), lp_nt_status_support(cmdline_lp_ctx) && lp_use_spnego(cmdline_lp_ctx), lp_client_signing(cmdline_lp_ctx));
        }
        
        if (!do_connect(ctx, lp_resolve_context(cmdline_lp_ctx), desthost, lp_smb_ports(cmdline_lp_ctx), service, cmdline_credentials))
index c13dde9..c1fadaa 100644 (file)
   wrapper around smbcli_sock_connect()
 */
 bool smbcli_socket_connect(struct smbcli_state *cli, const char *server, 
-                          const char **ports, struct resolve_context *resolve_ctx,
-                          int max_xmit, int max_mux, bool use_spnego)
+                          const char **ports, 
+                          struct resolve_context *resolve_ctx,
+                          int max_xmit, int max_mux, bool use_spnego,
+                          enum smb_signing_state signing)
 {
        struct smbcli_socket *sock;
 
@@ -42,7 +44,7 @@ bool smbcli_socket_connect(struct smbcli_state *cli, const char *server,
        if (sock == NULL) return false;
        
        cli->transport = smbcli_transport_init(sock, cli, true, max_xmit,
-                                              max_mux, use_spnego);
+                                              max_mux, use_spnego, signing);
        if (!cli->transport) {
                return false;
        }
index bdaeaeb..3ca828d 100644 (file)
@@ -76,7 +76,8 @@ struct smbcli_transport *smbcli_transport_init(struct smbcli_socket *sock,
                                               bool primary, 
                                               int max_xmit,
                                               int max_mux,
-                                              bool use_spnego)
+                                              bool use_spnego,
+                                              enum smb_signing_state signing)
 {
        struct smbcli_transport *transport;
 
@@ -93,6 +94,7 @@ struct smbcli_transport *smbcli_transport_init(struct smbcli_socket *sock,
        transport->options.max_xmit = max_xmit;
        transport->options.max_mux = max_mux;
        transport->options.request_timeout = SMB_REQUEST_TIMEOUT;
+       transport->options.signing = signing;
 
        transport->negotiate.max_xmit = transport->options.max_xmit;
 
index 94fa373..3d8a676 100644 (file)
@@ -198,8 +198,7 @@ NTSTATUS smbcli_tree_full_connection(TALLOC_CTX *parent_ctx,
        io.in.max_protocol = lp_cli_maxprotocol(global_loadparm);
        io.in.unicode = lp_unicode(global_loadparm);
        io.in.use_spnego = lp_use_spnego(global_loadparm) && lp_nt_status_support(global_loadparm);
-
-
+       io.in.signing = lp_client_signing(global_loadparm);
        
        status = smb_composite_connect(&io, parent_ctx, resolve_ctx, ev);
        if (NT_STATUS_IS_OK(status)) {
index 6c97e61..dd6904d 100644 (file)
@@ -97,6 +97,7 @@ struct smbcli_options {
        uint32_t max_xmit;
        uint16_t max_mux;
        int request_timeout;
+       enum smb_signing_state signing;
 };
 
 /* this is the context for the client transport layer */
index e19e81a..0053710 100644 (file)
@@ -383,7 +383,7 @@ bool smbcli_init_signing(struct smbcli_transport *transport)
                return false;
        }
        
-       switch (lp_client_signing(global_loadparm)) {
+       switch (transport->options.signing) {
        case SMB_SIGNING_OFF:
                transport->negotiate.sign_info.allow_smb_signing = false;
                break;
index bdefe39..e45a8a2 100644 (file)
@@ -309,7 +309,8 @@ static NTSTATUS connect_socket(struct composite_context *c,
        state->transport = smbcli_transport_init(state->sock, state, true, 
                                                 io->in.max_xmit,
                                                 io->in.max_mux,
-                                                io->in.use_spnego);
+                                                io->in.use_spnego,
+                                                io->in.signing);
        NT_STATUS_HAVE_NO_MEMORY(state->transport);
 
        if (is_ipaddress(state->sock->hostname) &&
index 893eb85..5fa48b4 100644 (file)
@@ -154,7 +154,8 @@ struct composite_context *smb_composite_fetchfile_send(struct smb_composite_fetc
        state->connect->in.unicode = lp_unicode(global_loadparm);
        state->connect->in.use_spnego = lp_use_spnego(global_loadparm) && 
                lp_nt_status_support(global_loadparm);
-
+       state->connect->in.signing = lp_client_signing(global_loadparm);
+       
        state->creq = smb_composite_connect_send(state->connect, state, 
                                                 lp_resolve_context(global_loadparm), event_ctx);
        if (state->creq == NULL) goto failed;
index bf425ad..b6a5a5f 100644 (file)
@@ -160,6 +160,7 @@ struct composite_context *smb_composite_fsinfo_send(struct smbcli_tree *tree,
        state->connect->in.unicode = lp_unicode(global_loadparm);
        state->connect->in.use_spnego = lp_use_spnego(global_loadparm) && 
                lp_nt_status_support(global_loadparm);
+       state->connect->in.signing = lp_client_signing(global_loadparm);
 
        c->state = COMPOSITE_STATE_IN_PROGRESS;
        state->stage = FSINFO_CONNECT;
index 41ce4b0..dd193fc 100644 (file)
@@ -27,6 +27,8 @@
   particularly designed to be used in async applications
 */
 
+#include "libcli/raw/signing.h"
+
 
 /*
   a composite open/read(s)/close request that loads a whole file
@@ -97,6 +99,7 @@ struct smb_composite_connect {
                int max_xmit;
                int max_mux;
                int max_protocol;
+               enum smb_signing_state signing;
        } in;
        struct {
                struct smbcli_tree *tree;
index 26bccbb..9bd503c 100644 (file)
@@ -125,6 +125,7 @@ static struct composite_context *dcerpc_pipe_connect_ncacn_np_smb_send(TALLOC_CT
        conn->in.max_protocol = lp_cli_maxprotocol(lp_ctx);
        conn->in.unicode = lp_unicode(lp_ctx);
        conn->in.use_spnego = lp_use_spnego(lp_ctx) && lp_nt_status_support(lp_ctx);
+       conn->in.signing = lp_client_signing(lp_ctx);
 
        /*
         * provide proper credentials - user supplied, but allow a
index 0b4cbb8..0b0c9b1 100644 (file)
@@ -208,6 +208,7 @@ static NTSTATUS cvfs_connect(struct ntvfs_module_context *ntvfs,
        io.in.max_protocol = lp_cli_maxprotocol(ntvfs->ctx->lp_ctx);
        io.in.unicode = lp_unicode(ntvfs->ctx->lp_ctx);
        io.in.use_spnego = lp_use_spnego(ntvfs->ctx->lp_ctx) && lp_nt_status_support(ntvfs->ctx->lp_ctx);
+       io.in.signing = lp_client_signing(ntvfs->ctx->lp_ctx);
        
        creq = smb_composite_connect_send(&io, private, 
                                          lp_resolve_context(ntvfs->ctx->lp_ctx),
index b66318d..5e61a4d 100644 (file)
@@ -451,6 +451,7 @@ static int ejs_tree_connect(MprVarHandle eid, int argc, char **argv)
        io.in.max_protocol = lp_cli_maxprotocol(global_loadparm);
        io.in.unicode = lp_unicode(global_loadparm);
        io.in.use_spnego = lp_use_spnego(global_loadparm) && lp_nt_status_support(global_loadparm);
+       io.in.signing = lp_client_signing(global_loadparm);
 
        result = smb_composite_connect(&io, mem_ctx, 
                                       lp_resolve_context(global_loadparm), 
index 9820a02..fcd7884 100644 (file)
@@ -51,7 +51,7 @@ static struct smbcli_state *open_nbt_connection(struct torture_context *tctx)
                goto failed;
        }
 
-       if (!smbcli_socket_connect(cli, host, lp_smb_ports(tctx->lp_ctx), lp_resolve_context(tctx->lp_ctx), lp_max_xmit(tctx->lp_ctx), lp_maxmux(tctx->lp_ctx), lp_nt_status_support(tctx->lp_ctx) && lp_use_spnego(tctx->lp_ctx))) {
+       if (!smbcli_socket_connect(cli, host, lp_smb_ports(tctx->lp_ctx), lp_resolve_context(tctx->lp_ctx), lp_max_xmit(tctx->lp_ctx), lp_maxmux(tctx->lp_ctx), lp_nt_status_support(tctx->lp_ctx) && lp_use_spnego(tctx->lp_ctx), lp_client_signing(tctx->lp_ctx))) {
                torture_comment(tctx, "Failed to connect with %s\n", host);
                goto failed;
        }
index f4cb47e..986a457 100644 (file)
@@ -827,6 +827,7 @@ static struct composite_context *torture_connect_async(
        smb->in.max_protocol = lp_cli_maxprotocol(tctx->lp_ctx);
        smb->in.unicode = lp_unicode(tctx->lp_ctx);
        smb->in.use_spnego = lp_use_spnego(tctx->lp_ctx) && lp_nt_status_support(tctx->lp_ctx);
+       smb->in.signing = lp_client_signing(tctx->lp_ctx);
        
        return smb_composite_connect_send(smb,mem_ctx,
                                          lp_resolve_context(tctx->lp_ctx),ev);
index ea570e5..5093816 100644 (file)
@@ -199,6 +199,7 @@ static void reopen_connection(struct event_context *ev, struct timed_event *te,
        io->in.max_protocol = lp_cli_maxprotocol(state->tctx->lp_ctx);
        io->in.unicode = lp_unicode(state->tctx->lp_ctx);
        io->in.use_spnego = lp_use_spnego(state->tctx->lp_ctx) && lp_nt_status_support(state->tctx->lp_ctx);
+       io->in.signing = lp_client_signing(state->tctx->lp_ctx);
 
        /* kill off the remnants of the old connection */
        talloc_free(state->tree);
index 0582905..7f4752c 100644 (file)
@@ -137,6 +137,7 @@ static void reopen_connection(struct event_context *ev, struct timed_event *te,
        io->in.max_protocol = lp_cli_maxprotocol(state->tctx->lp_ctx);
        io->in.unicode = lp_unicode(state->tctx->lp_ctx);
        io->in.use_spnego = lp_use_spnego(state->tctx->lp_ctx) && lp_nt_status_support(state->tctx->lp_ctx);
+       io->in.signing = lp_client_signing(state->tctx->lp_ctx);
 
        /* kill off the remnants of the old connection */
        talloc_free(state->tree);