[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha7-196-g918e628

Fri, 06 Mar 2009 07:23:45 -0800 

The branch, master has been updated
       via  918e6288fa775893a7e895334e05ce7780f89eaf (commit)
      from  5ce523bbed4196fda6716b71ef6080c3c5522838 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 918e6288fa775893a7e895334e05ce7780f89eaf
Author: Stefan Metzmacher <me...@samba.org>
Date:   Fri Mar 6 16:18:50 2009 +0100

    s3:libsmb: smb signing works the same for extented and non-extended security
    
    This is only cosmetic, but it makes it easier to understand.
    
    metze

-----------------------------------------------------------------------

Summary of changes:
 source3/libsmb/cliconnect.c |   23 ++++++++++++++++++-----
 1 files changed, 18 insertions(+), 5 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index ad11ee0..58e7dd1 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -379,6 +379,7 @@ static NTSTATUS cli_session_setup_nt1(struct cli_state 
*cli, const char *user,
        DATA_BLOB session_key = data_blob_null;
        NTSTATUS result;
        char *p;
+       bool ok;
 
        if (passlen == 0) {
                /* do nothing - guest login */
@@ -436,11 +437,7 @@ static NTSTATUS cli_session_setup_nt1(struct cli_state 
*cli, const char *user,
                        SMBsesskeygen_ntv1(nt_hash, NULL, session_key.data);
 #endif
                }
-#ifdef LANMAN_ONLY
-               cli_simple_set_signing(cli, session_key, lm_response); 
-#else
-               cli_simple_set_signing(cli, session_key, nt_response); 
-#endif
+               cli_temp_set_signing(cli);
        } else {
                /* pre-encrypted password supplied.  Only used for 
                   security=server, can't do
@@ -492,6 +489,22 @@ static NTSTATUS cli_session_setup_nt1(struct cli_state 
*cli, const char *user,
                goto end;
        }
 
+#ifdef LANMAN_ONLY
+       ok = cli_simple_set_signing(cli, session_key, lm_response);
+#else
+       ok = cli_simple_set_signing(cli, session_key, nt_response);
+#endif
+       if (ok) {
+               /* 'resign' the last message, so we get the right sequence 
numbers
+                  for checking the first reply from the server */
+               cli_calculate_sign_mac(cli, cli->outbuf);
+
+               if (!cli_check_sign_mac(cli, cli->inbuf)) {
+                       result = NT_STATUS_ACCESS_DENIED;
+                       goto end;
+               }
+       }
+
        /* use the returned vuid from now on */
        cli->vuid = SVAL(cli->inbuf,smb_uid);
        


-- 
Samba Shared Repository

Reply via email to