DATA_BLOB session_key = data_blob(NULL, 0);
DATA_BLOB null_data_blob = data_blob(NULL, 0);
const char *chosen_oid = NULL;
+ bool bsrspyl = lp_parm_bool(global_loadparm, NULL, "smbcli", "spnego_start_with_bsrspyl", false);
state->setup.spnego.level = RAW_SESSSETUP_SPNEGO;
state->setup.spnego.in.bufsize = session->transport->options.max_xmit;
}
state->gensec_status = status;
- session_key_err = gensec_session_key(session->gensec, &session_key);
- if (NT_STATUS_IS_OK(session_key_err)) {
- smbcli_transport_simple_set_signing(session->transport, session_key, null_data_blob);
+ if (!bsrspyl) {
+ /*
+ * windows servers are happy to accept the first
+ * session setup request to be signed.
+ */
+ session_key_err = gensec_session_key(session->gensec, &session_key);
+ if (NT_STATUS_IS_OK(session_key_err)) {
+ smbcli_transport_simple_set_signing(session->transport, session_key, null_data_blob);
+ }
}
*req = smb_raw_sesssetup_send(session, &state->setup);
return NT_STATUS_NO_MEMORY;
}
+ if (bsrspyl) {
+ /*
+ * this code path demonstrates windows client behavior
+ * where the first client request has the BSRSYL signature
+ *
+ * but the reply will be signed by the server with the correct
+ * session key, which means that the seq_num counter has already
+ * started on the server, as if the request would have been signed.
+ */
+ session_key_err = gensec_session_key(session->gensec, &session_key);
+ if (NT_STATUS_IS_OK(session_key_err)) {
+ smbcli_transport_simple_set_signing(session->transport, session_key, null_data_blob);
+ session->transport->negotiate.sign_info.next_seq_num += 2;
+ }
+ }
+
if (NT_STATUS_IS_OK(session_key_err)) {
/*
* as the response might be signed with a session key from within the response
git.samba.org / metze / samba / wip.git / commitdiff