SMB signing is now working with change notify. Need to fix the disconnect
authorJeremy Allison <jra@samba.org>
Thu, 24 Jul 2003 06:19:37 +0000 (06:19 +0000)
committerJeremy Allison <jra@samba.org>
Thu, 24 Jul 2003 06:19:37 +0000 (06:19 +0000)
when bad signature received, plus check the oplock breaks....
Jermey.

source/libsmb/smb_signing.c
source/smbd/notify.c
source/smbd/nttrans.c

index 36c4147af8f95107f0d32cf08e0e35973490ab80..1fe3f99c8affc9dbae0da1bdbe619e3e0a45a995 100644 (file)
@@ -61,8 +61,6 @@ static BOOL get_sequence_for_reply(struct outstanding_packet_lookup **list,
                        return True;
                }
        }
-       DEBUG(0, ("Unexpected incoming packet, it's MID (%u) does not match"
-                 " a MID in our outstanding list!\n", mid));
        return False;
 }
 
@@ -501,6 +499,8 @@ static void srv_sign_outgoing_message(char *outbuf, struct smb_sign_info *si)
 {
        unsigned char calc_md5_mac[16];
        struct smb_basic_signing_context *data = si->signing_context;
+       uint32 send_seq_number = data->send_seq_num;
+       BOOL was_deferred_packet;
 
        if (!si->doing_signing)
                return;
@@ -515,7 +515,12 @@ static void srv_sign_outgoing_message(char *outbuf, struct smb_sign_info *si)
        /* mark the packet as signed - BEFORE we sign it...*/
        mark_packet_signed(outbuf);
 
-       simple_packet_signature(data, outbuf, data->send_seq_num, calc_md5_mac);
+       /* See if this is a reply for a deferred packet. */
+       was_deferred_packet = get_sequence_for_reply(&data->outstanding_packet_list, 
+                                   SVAL(outbuf, smb_mid), 
+                                   &send_seq_number);
+
+       simple_packet_signature(data, outbuf, send_seq_number, calc_md5_mac);
 
        DEBUG(10, ("srv_sign_outgoing_message: sent SMB signature of\n"));
        dump_data(10, calc_md5_mac, 8);
@@ -525,13 +530,8 @@ static void srv_sign_outgoing_message(char *outbuf, struct smb_sign_info *si)
 /*     cli->outbuf[smb_ss_field+2]=0; 
        Uncomment this to test if the remote server actually verifies signatures...*/
 
-       data->send_seq_num++;
-#if 0 /* JRATEST */
-       store_sequence_for_reply(&data->outstanding_packet_list, 
-                                SVAL(outbuf,smb_mid),
-                                data->send_seq_num);
-       data->send_seq_num++;
-#endif /* JRATEST */
+       if (!was_deferred_packet)
+               data->send_seq_num++;
 }
 
 /***********************************************************
@@ -555,16 +555,8 @@ static BOOL srv_check_incoming_message(char *inbuf, struct smb_sign_info *si)
                return False;
        }
 
-#if 0 /* JRATEST */
-       if (!get_sequence_for_reply(&data->outstanding_packet_list, 
-                                   SVAL(inbuf, smb_mid), 
-                                   &reply_seq_number)) {
-               return False;
-       }
-#else /* JRATEST */
        reply_seq_number = data->send_seq_num;
        data->send_seq_num++;
-#endif /* JRATEST */
 
        simple_packet_signature(data, inbuf, reply_seq_number, calc_md5_mac);
 
@@ -634,6 +626,24 @@ void srv_calculate_sign_mac(char *outbuf)
        srv_sign_info.sign_outgoing_message(outbuf, &srv_sign_info);
 }
 
+/***********************************************************
+ Called by server to defer an outgoing packet.
+************************************************************/
+
+void srv_defer_sign_response(uint16 mid)
+{
+       struct smb_basic_signing_context *data;
+
+       if (!srv_sign_info.doing_signing)
+               return;
+
+       data = (struct smb_basic_signing_context *)srv_sign_info.signing_context;
+
+       store_sequence_for_reply(&data->outstanding_packet_list, 
+                                mid, data->send_seq_num);
+       data->send_seq_num++;
+}
+
 /***********************************************************
  Called by server negprot when signing has been negotiated.
 ************************************************************/
index de1b3317780dee3f360961b620fda0c23e71d24a..a0398d5a10739d35992e449e00540b790e41b4d9 100644 (file)
@@ -178,7 +178,7 @@ BOOL change_notify_set(char *inbuf, files_struct *fsp, connection_struct *conn,
        struct change_notify *cnbp;
 
        if((cnbp = (struct change_notify *)malloc(sizeof(*cnbp))) == NULL) {
-               DEBUG(0,("call_nt_transact_notify_change: malloc fail !\n" ));
+               DEBUG(0,("change_notify_set: malloc fail !\n" ));
                return -1;
        }
 
index c574d9d563a6508feb858a53dcbd00eaaa7813c5..a2c29620c95a1907174eec9bb3bdf1aeb1ab98c9 100644 (file)
@@ -1494,6 +1494,8 @@ static int call_nt_transact_notify_change(connection_struct *conn, char *inbuf,
        DEBUG(3,("call_nt_transact_notify_change: notify change called on directory \
 name = %s\n", fsp->fsp_name ));
 
+       srv_defer_sign_response(SVAL(inbuf,smb_mid));
+
        return -1;
 }