*/
#include "includes.h"
-#include "../libcli/auth/ntlmssp.h"
+#include "../auth/ntlmssp/ntlmssp.h"
#include "smb_crypt.h"
+#include "libsmb/libsmb.h"
+#include "ntlmssp_wrap.h"
+
/******************************************************************************
Pull out the encryption context for this packet. 0 means global context.
output, so cope with the same for compatibility.
******************************************************************************/
-NTSTATUS common_ntlm_decrypt_buffer(struct ntlmssp_state *ntlmssp_state, char *buf)
+static NTSTATUS common_ntlm_decrypt_buffer(struct auth_ntlmssp_state *auth_ntlmssp_state, char *buf)
{
NTSTATUS status;
size_t buf_len = smb_len(buf) + 4; /* Don't forget the 4 length bytes. */
/* Point at the signature. */
sig = data_blob_const(inbuf+8, NTLMSSP_SIG_SIZE);
- status = ntlmssp_unseal_packet(ntlmssp_state,
+ status = auth_ntlmssp_unseal_packet(auth_ntlmssp_state,
(unsigned char *)inbuf + 8 + NTLMSSP_SIG_SIZE, /* 4 byte len + 0xFF 'E' <enc> <ctx> */
data_len,
(unsigned char *)inbuf + 8 + NTLMSSP_SIG_SIZE,
output, so do the same for compatibility.
******************************************************************************/
-NTSTATUS common_ntlm_encrypt_buffer(struct ntlmssp_state *ntlmssp_state,
+static NTSTATUS common_ntlm_encrypt_buffer(struct auth_ntlmssp_state *auth_ntlmssp_state,
uint16 enc_ctx_num,
char *buf,
char **ppbuf_out)
ZERO_STRUCT(sig);
- status = ntlmssp_seal_packet(ntlmssp_state,
+ status = auth_ntlmssp_seal_packet(auth_ntlmssp_state,
frame,
(unsigned char *)buf_out + 8 + NTLMSSP_SIG_SIZE, /* 4 byte len + 0xFF 'S' <enc> <ctx> */
data_len,
switch (es->smb_enc_type) {
case SMB_TRANS_ENC_NTLM:
- return common_ntlm_encrypt_buffer(es->s.ntlmssp_state, es->enc_ctx_num, buffer, buf_out);
+ return common_ntlm_encrypt_buffer(es->s.auth_ntlmssp_state, es->enc_ctx_num, buffer, buf_out);
#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5)
case SMB_TRANS_ENC_GSS:
return common_gss_encrypt_buffer(es->s.gss_state, es->enc_ctx_num, buffer, buf_out);
switch (es->smb_enc_type) {
case SMB_TRANS_ENC_NTLM:
- return common_ntlm_decrypt_buffer(es->s.ntlmssp_state, buf);
+ return common_ntlm_decrypt_buffer(es->s.auth_ntlmssp_state, buf);
#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5)
case SMB_TRANS_ENC_GSS:
return common_gss_decrypt_buffer(es->s.gss_state, buf);
}
if (es->smb_enc_type == SMB_TRANS_ENC_NTLM) {
- if (es->s.ntlmssp_state) {
- TALLOC_FREE(es->s.ntlmssp_state);
+ if (es->s.auth_ntlmssp_state) {
+ TALLOC_FREE(es->s.auth_ntlmssp_state);
}
}
#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5)
}
#endif
}
-
-/******************************************************************************
- Client side encryption.
-******************************************************************************/
-
-/******************************************************************************
- Is client encryption on ?
-******************************************************************************/
-
-bool cli_encryption_on(struct cli_state *cli)
-{
- /* If we supported multiple encrytion contexts
- * here we'd look up based on tid.
- */
- return common_encryption_on(cli->trans_enc_state);
-}
-
-/******************************************************************************
- Shutdown a client encryption state.
-******************************************************************************/
-
-void cli_free_encryption_context(struct cli_state *cli)
-{
- common_free_encryption_state(&cli->trans_enc_state);
-}
-
-/******************************************************************************
- Free an encryption-allocated buffer.
-******************************************************************************/
-
-void cli_free_enc_buffer(struct cli_state *cli, char *buf)
-{
- /* We know this is an smb buffer, and we
- * didn't malloc, only copy, for a keepalive,
- * so ignore non-session messages. */
-
- if(CVAL(buf,0)) {
- return;
- }
-
- /* If we supported multiple encrytion contexts
- * here we'd look up based on tid.
- */
- common_free_enc_buffer(cli->trans_enc_state, buf);
-}
-
-/******************************************************************************
- Decrypt an incoming buffer.
-******************************************************************************/
-
-NTSTATUS cli_decrypt_message(struct cli_state *cli)
-{
- NTSTATUS status;
- uint16 enc_ctx_num;
-
- /* Ignore non-session messages. */
- if(CVAL(cli->inbuf,0)) {
- return NT_STATUS_OK;
- }
-
- status = get_enc_ctx_num((const uint8_t *)cli->inbuf, &enc_ctx_num);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- if (enc_ctx_num != cli->trans_enc_state->enc_ctx_num) {
- return NT_STATUS_INVALID_HANDLE;
- }
-
- return common_decrypt_buffer(cli->trans_enc_state, cli->inbuf);
-}
-
-/******************************************************************************
- Encrypt an outgoing buffer. Return the encrypted pointer in buf_out.
-******************************************************************************/
-
-NTSTATUS cli_encrypt_message(struct cli_state *cli, char *buf, char **buf_out)
-{
- /* Ignore non-session messages. */
- if (CVAL(buf,0)) {
- return NT_STATUS_OK;
- }
-
- /* If we supported multiple encrytion contexts
- * here we'd look up based on tid.
- */
- return common_encrypt_buffer(cli->trans_enc_state, buf, buf_out);
-}