2.02, 2.10, 3.00, 3.02 : negotiate a specific version.
Default is to negotiate any SMB2 or SMB3 version.
seal : Enable SMB3 encryption.
+ sign : Require SMB2/3 signing.
NOTE:-
When using krb5cc mode use smb2_set_domain() and smb2_set_password() in the examples and applications
*/
void smb2_set_seal(struct smb2_context *smb2, int val);
+/*
+ * Set whether smb2 signing should be required or not
+ * 0 : do not require signing. This is the default.
+ * !0 : require signing.
+ */
+void smb2_set_sign(struct smb2_context *smb2, int val);
+
/*
* Set authentication method.
* SMB2_SEC_UNDEFINED (use KRB if available or NTLM if not)
if (!strcmp(args, "seal")) {
smb2->seal = 1;
+ } else if (!strcmp(args, "sign")) {
+ smb2->sign = 1;
} else if (!strcmp(args, "ndr32")) {
smb2->ndr = 1;
} else if (!strcmp(args, "ndr64")) {
smb2->seal = val;
}
+void smb2_set_sign(struct smb2_context *smb2, int val)
+{
+ smb2->sign = val;
+}
+
void smb2_set_authentication(struct smb2_context *smb2, int val)
{
smb2->sec = val;
}
}
+ if (smb2->sign &&
+ !(rep->security_mode & SMB2_NEGOTIATE_SIGNING_ENABLED)) {
+ smb2_set_error(smb2, "Signing requested but server "
+ "does not support signing.");
+ smb2_close_context(smb2);
+ c_data->cb(smb2, -ENOMEM, NULL, c_data->cb_data);
+ free_c_data(smb2, c_data);
+ return;
+ }
+
if (rep->security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) {
smb2->sign = 1;
}
smb2_set_domain
smb2_set_workstation
smb2_set_seal
+smb2_set_sign
smb2_stat
smb2_stat_async
smb2_statvfs