composite_error(c, NT_STATUS_ACCESS_DENIED);
return;
}
- transport->signing.doing_signing = false;
+ transport->signing_required = false;
break;
case SMB_SIGNING_SUPPORTED:
case SMB_SIGNING_AUTO:
if (transport->negotiate.security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) {
- transport->signing.doing_signing = true;
+ transport->signing_required = true;
} else {
- transport->signing.doing_signing = false;
+ transport->signing_required = false;
}
break;
case SMB_SIGNING_REQUIRED:
if (transport->negotiate.security_mode & SMB2_NEGOTIATE_SIGNING_ENABLED) {
- transport->signing.doing_signing = true;
+ transport->signing_required = true;
} else {
composite_error(c, NT_STATUS_ACCESS_DENIED);
return;
return;
}
- if (session->transport->signing.doing_signing) {
+ if (session->transport->signing_required) {
if (session->session_key.length != 16) {
DEBUG(2,("Wrong session key length %u for SMB2 signing\n",
(unsigned)session->session_key.length));
composite_error(c, NT_STATUS_ACCESS_DENIED);
return;
}
- session->transport->signing.signing_started = true;
+ session->signing_active = true;
}
composite_done(c);
ZERO_STRUCT(state->io);
state->io.in.vc_number = 0;
- if (session->transport->signing.doing_signing) {
+ if (session->transport->signing_required) {
state->io.in.security_mode =
SMB2_NEGOTIATE_SIGNING_ENABLED | SMB2_NEGOTIATE_SIGNING_REQUIRED;
}
struct smb2_handle;
-struct smb2_signing_context {
- bool doing_signing;
- bool signing_started;
-};
-
/*
information returned from the negotiate process
*/
} oplock;
struct smbcli_options options;
- struct smb2_signing_context signing;
+
+ bool signing_required;
};
struct gensec_security *gensec;
uint64_t uid;
DATA_BLOB session_key;
+ bool signing_active;
};
req->in.body_size = req->in.size - (SMB2_HDR_BODY+NBT_HDR_SIZE);
req->status = NT_STATUS(IVAL(hdr, SMB2_HDR_STATUS));
- if (req->session && transport->signing.doing_signing) {
+ if (req->session && req->session->signing_active) {
status = smb2_check_signature(&req->in,
req->session->session_key);
if (!NT_STATUS_IS_OK(status)) {
}
/* possibly sign the message */
- if (req->transport->signing.doing_signing &&
- req->transport->signing.signing_started &&
- req->session) {
+ if (req->session && req->session->signing_active) {
status = smb2_sign_message(&req->out, req->session->session_key);
if (!NT_STATUS_IS_OK(status)) {
req->state = SMB2_REQUEST_ERROR;
git.samba.org / kai / samba.git / commitdiff