Add smb2cli_session_get_encryption_cipher()

When 'session->smb2->should_encrypt' is true, the client MUST encrypt
all transport messages (see also MS-SMB2 3.2.4.1.8).

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index 967264586767f0dca5db9a8cd4e1bf81d2c26c03..3e020faca3c5d02f7401688419eca73be81de230 100644 (file)
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -6436,6 +6436,19 @@ NTSTATUS smb2cli_session_encryption_on(struct smbXcli_session *session)
        return NT_STATUS_OK;
 }
 
+uint16_t smb2cli_session_get_encryption_cipher(struct smbXcli_session *session)
+{
+       if (session->conn->protocol < PROTOCOL_SMB2_24) {
+               return 0;
+       }
+
+       if (!session->smb2->should_encrypt) {
+               return 0;
+       }
+
+       return session->conn->smb2.server.cipher;
+}
+
 struct smbXcli_tcon *smbXcli_tcon_create(TALLOC_CTX *mem_ctx)
 {
        struct smbXcli_tcon *tcon;

diff --git a/libcli/smb/smbXcli_base.h b/libcli/smb/smbXcli_base.h
index 2afc7165cd97942f3df3e11fa954715f51f37408..db5f5d587997879bcceeff2778ba1ec6b4fd5b1e 100644 (file)
--- a/libcli/smb/smbXcli_base.h
+++ b/libcli/smb/smbXcli_base.h
@@ -518,6 +518,7 @@ NTSTATUS smb2cli_session_set_channel_key(struct smbXcli_session *session,
                                         const DATA_BLOB channel_key,
                                         const struct iovec *recv_iov);
 NTSTATUS smb2cli_session_encryption_on(struct smbXcli_session *session);
+uint16_t smb2cli_session_get_encryption_cipher(struct smbXcli_session *session);
 
 struct smbXcli_tcon *smbXcli_tcon_create(TALLOC_CTX *mem_ctx);
 struct smbXcli_tcon *smbXcli_tcon_copy(TALLOC_CTX *mem_ctx,