Add dcerpc_transport_encrypted()

author Isaac Boukris <iboukris@gmail.com>

Thu, 20 Aug 2020 10:18:21 +0000 (12:18 +0200)

committer Isaac Boukris <iboukris@gmail.com>

Fri, 6 Nov 2020 09:58:32 +0000 (10:58 +0100)
author Isaac Boukris <iboukris@gmail.com>
Thu, 20 Aug 2020 10:18:21 +0000 (12:18 +0200)
committer Isaac Boukris <iboukris@gmail.com>
Fri, 6 Nov 2020 09:58:32 +0000 (10:58 +0100)
diff --git a/source4/librpc/rpc/dcerpc.h b/source4/librpc/rpc/dcerpc.h

index 6b0b841d64dee6dcef70acf7f22a8c6279d0b721..57124f107785da99658af426a2075b6af058157b 100644 (file)
--- a/source4/librpc/rpc/dcerpc.h
+++ b/source4/librpc/rpc/dcerpc.h
@@ -87,6 +87,7 @@ struct dcecli_connection {
         struct dcerpc_transport {
                 enum dcerpc_transport_t transport;
                 void *private_data;
+               bool encrypted;
  
                 struct tstream_context *stream;
                 /** to serialize write events */
@@ -181,6 +182,7 @@ NTSTATUS dcerpc_bind_auth_none(struct dcerpc_pipe *p,
                                const struct ndr_interface_table *table);
  NTSTATUS dcerpc_fetch_session_key(struct dcerpc_pipe *p,
                                   DATA_BLOB *session_key);
+bool dcerpc_transport_encrypted(struct dcerpc_pipe *p);
  struct composite_context;
  NTSTATUS dcerpc_secondary_connection_recv(struct composite_context *c,
                                           struct dcerpc_pipe **p2);
diff --git a/source4/librpc/rpc/dcerpc_smb.c b/source4/librpc/rpc/dcerpc_smb.c

index 8719ff9821ee287c740be8b66d0e1aeeee2bfd52..259de719928f84e49509a75cf2c4d3f59bc23470 100644 (file)
--- a/source4/librpc/rpc/dcerpc_smb.c
+++ b/source4/librpc/rpc/dcerpc_smb.c
@@ -147,6 +147,7 @@ static void dcerpc_pipe_open_smb_done(struct tevent_req *subreq)
                 struct dcerpc_pipe_open_smb_state);
         struct composite_context *ctx = state->ctx;
         struct dcecli_connection *c = state->c;
+       uint16_t enc_cipher;
  
         ctx->status = tstream_smbXcli_np_open_recv(subreq,
                                                    state->smb,
@@ -175,6 +176,16 @@ static void dcerpc_pipe_open_smb_done(struct tevent_req *subreq)
         /* Over-ride the default session key with the SMB session key */
         c->security_state.session_key = smb_session_key;
  
+       enc_cipher = smb2cli_session_get_encryption_cipher(state->smb->session);
+       switch (enc_cipher) {
+       case SMB2_ENCRYPTION_AES128_CCM:
+       case SMB2_ENCRYPTION_AES128_GCM:
+               c->transport.encrypted = true;
+               break;
+       default:
+               c->transport.encrypted = false;
+       }
+
         c->transport.private_data = talloc_move(c, &state->smb);
  
         composite_done(ctx);
diff --git a/source4/librpc/rpc/dcerpc_util.c b/source4/librpc/rpc/dcerpc_util.c

index bd79a072bc8c0787abf35719311a01bb4c7f5bb5..6ea27a8d9a3b73f86b7056f6974e304793567a11 100644 (file)
--- a/source4/librpc/rpc/dcerpc_util.c
+++ b/source4/librpc/rpc/dcerpc_util.c
@@ -743,6 +743,19 @@ _PUBLIC_ NTSTATUS dcerpc_fetch_session_key(struct dcerpc_pipe *p,
         return NT_STATUS_OK;
  }
  
+_PUBLIC_ bool dcerpc_transport_encrypted(struct dcerpc_pipe *p)
+{
+       if (p == NULL) {
+               return false;
+       }
+
+       if (p->conn == NULL) {
+               return false;
+       }
+
+       return p->conn->transport.encrypted;
+}
+
  /*
    create a secondary context from a primary connection
author	Isaac Boukris <iboukris@gmail.com>
	Thu, 20 Aug 2020 10:18:21 +0000 (12:18 +0200)
committer	Isaac Boukris <iboukris@gmail.com>
	Fri, 6 Nov 2020 09:58:32 +0000 (10:58 +0100)
source4/librpc/rpc/dcerpc.h		patch \| blob \| history
source4/librpc/rpc/dcerpc_smb.c		patch \| blob \| history
source4/librpc/rpc/dcerpc_util.c		patch \| blob \| history