Tree - rpms/samba - CentOS Git server

rpms / samba

Blame SOURCES/0114-libcli-smb-Use-a-smb2_signing_key-for-storing-the-de.patch

Blob History Raw

		b6b438	`From 225ae1ca2ea83fe0cb212b6675770d8053ff07ce Mon Sep 17 00:00:00 2001`
		b6b438	`From: Andreas Schneider <asn@samba.org>`
		b6b438	`Date: Thu, 14 Mar 2019 09:48:54 +0100`
		b6b438	`Subject: [PATCH 114/187] libcli:smb: Use a smb2_signing_key for storing the`
		b6b438	`decryption key`
		b6b438
		b6b438	`Signed-off-by: Andreas Schneider <asn@samba.org>`
		b6b438	`Reviewed-by: Andrew Bartlett <abartlet@samba.org>`
		b6b438	`(cherry picked from commit 87832f6140aa5afb42983a1291ba6faa250c7ea3)`
		b6b438	`---`
		b6b438	`libcli/smb/smbXcli_base.c \| 23 ++++++++++++++++-------`
		b6b438	`1 file changed, 16 insertions(+), 7 deletions(-)`
		b6b438
		b6b438	`diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c`
		b6b438	`index 52bc438c389..aa69c374d49 100644`
		b6b438	`--- a/libcli/smb/smbXcli_base.c`
		b6b438	`+++ b/libcli/smb/smbXcli_base.c`
		b6b438	`@@ -155,7 +155,7 @@ struct smb2cli_session {`
		b6b438	`bool should_sign;`
		b6b438	`bool should_encrypt;`
		b6b438	`struct smb2_signing_key *encryption_key;`
		b6b438	`- DATA_BLOB decryption_key;`
		b6b438	`+ struct smb2_signing_key *decryption_key;`
		b6b438	`uint64_t nonce_high_random;`
		b6b438	`uint64_t nonce_high_max;`
		b6b438	`uint64_t nonce_high;`
		b6b438	`@@ -3567,7 +3567,7 @@ static NTSTATUS smb2cli_inbuf_parse_compound(struct smbXcli_conn *conn,`
		b6b438	`tf_iov[1].iov_base = (void *)hdr;`
		b6b438	`tf_iov[1].iov_len = enc_len;`
		b6b438
		b6b438	`- status = smb2_signing_decrypt_pdu(s->smb2->decryption_key,`
		b6b438	`+ status = smb2_signing_decrypt_pdu(s->smb2->decryption_key->blob,`
		b6b438	`conn->smb2.server.cipher,`
		b6b438	`tf_iov, 2);`
		b6b438	`if (!NT_STATUS_IS_OK(status)) {`
		b6b438	`@@ -5747,11 +5747,11 @@ NTSTATUS smb2cli_session_decryption_key(struct smbXcli_session *session,`
		b6b438	`return NT_STATUS_NO_USER_SESSION_KEY;`
		b6b438	`}`
		b6b438
		b6b438	`- if (session->smb2->decryption_key.length == 0) {`
		b6b438	`+ if (!smb2_signing_key_valid(session->smb2->decryption_key)) {`
		b6b438	`return NT_STATUS_NO_USER_SESSION_KEY;`
		b6b438	`}`
		b6b438
		b6b438	`- *key = data_blob_dup_talloc(mem_ctx, session->smb2->decryption_key);`
		b6b438	`+ *key = data_blob_dup_talloc(mem_ctx, session->smb2->decryption_key->blob);`
		b6b438	`if (key->data == NULL) {`
		b6b438	`return NT_STATUS_NO_MEMORY;`
		b6b438	`}`
		b6b438	`@@ -6150,9 +6150,18 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,`
		b6b438	`}`
		b6b438
		b6b438	`session->smb2->decryption_key =`
		b6b438	`- data_blob_dup_talloc(session,`
		b6b438	`+ talloc_zero(session, struct smb2_signing_key);`
		b6b438	`+ if (session->smb2->decryption_key == NULL) {`
		b6b438	`+ ZERO_STRUCT(session_key);`
		b6b438	`+ return NT_STATUS_NO_MEMORY;`
		b6b438	`+ }`
		b6b438	`+ talloc_set_destructor(session->smb2->decryption_key,`
		b6b438	`+ smb2_signing_key_destructor);`
		b6b438	`+`
		b6b438	`+ session->smb2->decryption_key->blob =`
		b6b438	`+ data_blob_dup_talloc(session->smb2->decryption_key,`
		b6b438	`session->smb2->signing_key->blob);`
		b6b438	`- if (session->smb2->decryption_key.data == NULL) {`
		b6b438	`+ if (!smb2_signing_key_valid(session->smb2->decryption_key)) {`
		b6b438	`ZERO_STRUCT(session_key);`
		b6b438	`return NT_STATUS_NO_MEMORY;`
		b6b438	`}`
		b6b438	`@@ -6163,7 +6172,7 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,`
		b6b438	`status = smb2_key_derivation(session_key, sizeof(session_key),`
		b6b438	`d->label.data, d->label.length,`
		b6b438	`d->context.data, d->context.length,`
		b6b438	`- session->smb2->decryption_key.data);`
		b6b438	`+ session->smb2->decryption_key->blob.data);`
		b6b438	`if (!NT_STATUS_IS_OK(status)) {`
		b6b438	`return status;`
		b6b438	`}`
		b6b438	`--`
		b6b438	`2.23.0`
		b6b438

rpms / samba

Source Code

Blame SOURCES/0114-libcli-smb-Use-a-smb2_signing_key-for-storing-the-de.patch