git.samba.org / obnox / samba / samba-obnox.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
libcli/smb: Add smbXcli_conn_use_large_files
[obnox/samba/samba-obnox.git] / libcli / smb / smbXcli_base.c
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index e9592e78a2db4ac8b5bcb54e7b92d32591d497be..2a406e1cd0e52e649c2c18e2bbe4f318b62462d6 100644 (file)
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -128,27 +128,42 @@ struct smbXcli_conn {
        struct smbXcli_session *sessions;
 };
 
+struct smb2cli_session {
+       uint64_t session_id;
+       uint16_t session_flags;
+       DATA_BLOB application_key;
+       DATA_BLOB signing_key;
+       bool should_sign;
+       bool should_encrypt;
+       DATA_BLOB encryption_key;
+       DATA_BLOB decryption_key;
+       uint64_t nonce_high;
+       uint64_t nonce_low;
+       uint16_t channel_sequence;
+};
+
 struct smbXcli_session {
        struct smbXcli_session *prev, *next;
        struct smbXcli_conn *conn;
 
        struct {
                uint16_t session_id;
+               DATA_BLOB application_key;
+               bool protected_key;
        } smb1;
 
+       struct smb2cli_session *smb2;
+
        struct {
-               uint64_t session_id;
-               uint16_t session_flags;
-               DATA_BLOB application_key;
                DATA_BLOB signing_key;
-               bool should_sign;
-               bool should_encrypt;
-               DATA_BLOB encryption_key;
-               DATA_BLOB decryption_key;
-               uint64_t channel_nonce;
-               uint64_t channel_next;
-               DATA_BLOB channel_signing_key;
-       } smb2;
+       } smb2_channel;
+
+       /*
+        * this should be a short term hack
+        * until the upper layers have implemented
+        * re-authentication.
+        */
+       bool disconnect_expired;
 };
 
 struct smbXcli_tcon {
@@ -167,6 +182,7 @@ struct smbXcli_tcon {
                uint32_t flags;
                uint32_t capabilities;
                uint32_t maximal_access;
+               bool should_encrypt;
        } smb2;
 };
 
@@ -174,6 +190,7 @@ struct smbXcli_req_state {
        struct tevent_context *ev;
        struct smbXcli_conn *conn;
        struct smbXcli_session *session; /* maybe NULL */
+       struct smbXcli_tcon *tcon; /* maybe NULL */
 
        uint8_t length_hdr[4];
 
@@ -233,6 +250,7 @@ struct smbXcli_req_state {
 
                bool should_sign;
                bool should_encrypt;
+               uint64_t encryption_session_id;
 
                bool signing_skipped;
                bool notify_async;
@@ -393,6 +411,19 @@ enum protocol_types smbXcli_conn_protocol(struct smbXcli_conn *conn)
        return conn->protocol;
 }
 
+bool smbXcli_conn_use_large_files(struct smbXcli_conn *conn)
+{
+       if (conn->protocol >= PROTOCOL_SMB2_02) {
+               return true;
+       }
+
+       if (smb1cli_conn_capabilities(conn) & CAP_LARGE_FILES) {
+               return true;
+       }
+
+       return false;
+}
+
 bool smbXcli_conn_use_unicode(struct smbXcli_conn *conn)
 {
        if (conn->protocol >= PROTOCOL_SMB2_02) {
@@ -543,7 +574,7 @@ NTSTATUS smbXcli_conn_samba_suicide(struct smbXcli_conn *conn,
                status = NT_STATUS_INVALID_PARAMETER_MIX;
                goto fail;
        }
-       ev = tevent_context_init(frame);
+       ev = samba_tevent_context_init(frame);
        if (ev == NULL) {
                goto fail;
        }
@@ -624,7 +655,10 @@ bool smb1cli_conn_activate_signing(struct smbXcli_conn *conn,
 bool smb1cli_conn_check_signing(struct smbXcli_conn *conn,
                                const uint8_t *buf, uint32_t seqnum)
 {
-       return smb_signing_check_pdu(conn->smb1.signing, buf, seqnum);
+       const uint8_t *hdr = buf + NBT_HDR_SIZE;
+       size_t len = smb_len_nbt(buf);
+
+       return smb_signing_check_pdu(conn->smb1.signing, hdr, len, seqnum);
 }
 
 bool smb1cli_conn_signing_is_active(struct smbXcli_conn *conn)
@@ -903,6 +937,8 @@ static bool smbXcli_conn_receive_next(struct smbXcli_conn *conn)
 
 void smbXcli_conn_disconnect(struct smbXcli_conn *conn, NTSTATUS status)
 {
+       struct smbXcli_session *session;
+
        tevent_queue_stop(conn->outgoing);
 
        if (conn->read_fd != -1) {
@@ -914,6 +950,18 @@ void smbXcli_conn_disconnect(struct smbXcli_conn *conn, NTSTATUS status)
        conn->read_fd = -1;
        conn->write_fd = -1;
 
+       session = conn->sessions;
+       if (talloc_array_length(conn->pending) == 0) {
+               /*
+                * if we do not have pending requests
+                * there is no need to update the channel_sequence
+                */
+               session = NULL;
+       }
+       for (; session; session = session->next) {
+               smb2cli_session_increment_channel_sequence(session);
+       }
+
        /*
         * Cancel all pending requests. We do not do a for-loop walking
         * conn->pending because that array changes in
@@ -1114,7 +1162,6 @@ static bool smb1cli_req_cancel(struct tevent_req *req)
        uint8_t flags;
        uint16_t flags2;
        uint32_t pid;
-       uint16_t tid;
        uint16_t mid;
        struct tevent_req *subreq;
        NTSTATUS status;
@@ -1123,7 +1170,6 @@ static bool smb1cli_req_cancel(struct tevent_req *req)
        flags2 = SVAL(state->smb1.hdr, HDR_FLG2);
        pid  = SVAL(state->smb1.hdr, HDR_PID);
        pid |= SVAL(state->smb1.hdr, HDR_PIDHIGH)<<16;
-       tid = SVAL(state->smb1.hdr, HDR_TID);
        mid = SVAL(state->smb1.hdr, HDR_MID);
 
        subreq = smb1cli_req_create(state, state->ev,
@@ -1132,7 +1178,8 @@ static bool smb1cli_req_cancel(struct tevent_req *req)
                                    flags, 0,
                                    flags2, 0,
                                    0, /* timeout */
-                                   pid, tid,
+                                   pid,
+                                   state->tcon,
                                    state->session,
                                    0, NULL, /* vwv */
                                    0, NULL); /* bytes */
@@ -1169,7 +1216,7 @@ struct tevent_req *smb1cli_req_create(TALLOC_CTX *mem_ctx,
                                      uint16_t clear_flags2,
                                      uint32_t timeout_msec,
                                      uint32_t pid,
-                                     uint16_t tid,
+                                     struct smbXcli_tcon *tcon,
                                      struct smbXcli_session *session,
                                      uint8_t wct, uint16_t *vwv,
                                      int iov_count,
@@ -1180,6 +1227,7 @@ struct tevent_req *smb1cli_req_create(TALLOC_CTX *mem_ctx,
        uint8_t flags = 0;
        uint16_t flags2 = 0;
        uint16_t uid = 0;
+       uint16_t tid = 0;
 
        if (iov_count > MAX_SMB_IOV) {
                /*
@@ -1196,11 +1244,16 @@ struct tevent_req *smb1cli_req_create(TALLOC_CTX *mem_ctx,
        state->ev = ev;
        state->conn = conn;
        state->session = session;
+       state->tcon = tcon;
 
        if (session) {
                uid = session->smb1.session_id;
        }
 
+       if (tcon) {
+               tid = tcon->smb1.tcon_id;
+       }
+
        state->smb1.recv_cmd = 0xFF;
        state->smb1.recv_status = NT_STATUS_INTERNAL_ERROR;
        state->smb1.recv_iov = talloc_zero_array(state, struct iovec, 3);
@@ -1311,15 +1364,17 @@ static NTSTATUS smb1cli_conn_signv(struct smbXcli_conn *conn,
 
        frame = talloc_stackframe();
 
-       buf = smbXcli_iov_concat(frame, iov, iov_count);
+       buf = smbXcli_iov_concat(frame, &iov[1], iov_count - 1);
        if (buf == NULL) {
                return NT_STATUS_NO_MEMORY;
        }
 
        *seqnum = smb_signing_next_seqnum(conn->smb1.signing,
                                          one_way_seqnum);
-       smb_signing_sign_pdu(conn->smb1.signing, buf, *seqnum);
-       memcpy(iov[1].iov_base, buf+4, iov[1].iov_len);
+       smb_signing_sign_pdu(conn->smb1.signing,
+                            buf, talloc_get_size(buf),
+                            *seqnum);
+       memcpy(iov[1].iov_base, buf, iov[1].iov_len);
 
        TALLOC_FREE(frame);
        return NT_STATUS_OK;
@@ -1443,7 +1498,7 @@ struct tevent_req *smb1cli_req_send(TALLOC_CTX *mem_ctx,
                                    uint16_t clear_flags2,
                                    uint32_t timeout_msec,
                                    uint32_t pid,
-                                   uint16_t tid,
+                                   struct smbXcli_tcon *tcon,
                                    struct smbXcli_session *session,
                                    uint8_t wct, uint16_t *vwv,
                                    uint32_t num_bytes,
@@ -1460,7 +1515,7 @@ struct tevent_req *smb1cli_req_send(TALLOC_CTX *mem_ctx,
                                 additional_flags, clear_flags,
                                 additional_flags2, clear_flags2,
                                 timeout_msec,
-                                pid, tid, session,
+                                pid, tcon, session,
                                 wct, vwv, 1, &iov);
        if (req == NULL) {
                return NULL;
@@ -1573,13 +1628,27 @@ static NTSTATUS smb1cli_inbuf_parse_chain(uint8_t *buf, TALLOC_CTX *mem_ctx,
        uint8_t *hdr;
        uint8_t cmd;
        uint32_t wct_ofs;
+       NTSTATUS status;
+       size_t min_size = MIN_SMB_SIZE;
 
-       buflen = smb_len_nbt(buf);
+       buflen = smb_len_tcp(buf);
        taken = 0;
 
        hdr = buf + NBT_HDR_SIZE;
 
-       if (buflen < MIN_SMB_SIZE) {
+       status = smb1cli_pull_raw_error(hdr);
+       if (NT_STATUS_IS_ERR(status)) {
+               /*
+                * This is an ugly hack to support OS/2
+                * which skips the byte_count in the DATA block
+                * on some error responses.
+                *
+                * See bug #9096
+                */
+               min_size -= sizeof(uint16_t);
+       }
+
+       if (buflen < min_size) {
                return NT_STATUS_INVALID_NETWORK_RESPONSE;
        }
 
@@ -1620,9 +1689,9 @@ static NTSTATUS smb1cli_inbuf_parse_chain(uint8_t *buf, TALLOC_CTX *mem_ctx,
                size_t needed;
 
                /*
-                * we need at least WCT and BCC
+                * we need at least WCT
                 */
-               needed = sizeof(uint8_t) + sizeof(uint16_t);
+               needed = sizeof(uint8_t);
                if (len < needed) {
                        DEBUG(10, ("%s: %d bytes left, expected at least %d\n",
                                   __location__, (int)len, (int)needed));
@@ -1640,6 +1709,46 @@ static NTSTATUS smb1cli_inbuf_parse_chain(uint8_t *buf, TALLOC_CTX *mem_ctx,
                        goto inval;
                }
 
+               if ((num_iov == 1) &&
+                   (len == needed) &&
+                   NT_STATUS_IS_ERR(status))
+               {
+                       /*
+                        * This is an ugly hack to support OS/2
+                        * which skips the byte_count in the DATA block
+                        * on some error responses.
+                        *
+                        * See bug #9096
+                        */
+                       iov_tmp = talloc_realloc(mem_ctx, iov, struct iovec,
+                                                num_iov + 2);
+                       if (iov_tmp == NULL) {
+                               TALLOC_FREE(iov);
+                               return NT_STATUS_NO_MEMORY;
+                       }
+                       iov = iov_tmp;
+                       cur = &iov[num_iov];
+                       num_iov += 2;
+
+                       cur[0].iov_len = 0;
+                       cur[0].iov_base = hdr + (wct_ofs + sizeof(uint8_t));
+                       cur[1].iov_len = 0;
+                       cur[1].iov_base = cur[0].iov_base;
+
+                       taken += needed;
+                       break;
+               }
+
+               /*
+                * we need at least BCC
+                */
+               needed += sizeof(uint16_t);
+               if (len < needed) {
+                       DEBUG(10, ("%s: %d bytes left, expected at least %d\n",
+                                  __location__, (int)len, (int)needed));
+                       goto inval;
+               }
+
                /*
                 * Now we check if the specified bytes are there
                 */
@@ -1748,7 +1857,8 @@ static NTSTATUS smb1cli_conn_dispatch_incoming(struct smbXcli_conn *conn,
        uint8_t cmd;
        uint16_t mid;
        bool oplock_break;
-       const uint8_t *inhdr = inbuf + NBT_HDR_SIZE;
+       uint8_t *inhdr = inbuf + NBT_HDR_SIZE;
+       size_t len = smb_len_tcp(inbuf);
        struct iovec *iov = NULL;
        int num_iov = 0;
        struct tevent_req **chain = NULL;
@@ -1776,8 +1886,8 @@ static NTSTATUS smb1cli_conn_dispatch_incoming(struct smbXcli_conn *conn,
                        }
                }
 
-               state->smb1.recv_iov[0].iov_base = (void *)(inbuf + NBT_HDR_SIZE);
-               state->smb1.recv_iov[0].iov_len = smb_len_nbt(inbuf);
+               state->smb1.recv_iov[0].iov_base = (void *)(inhdr);
+               state->smb1.recv_iov[0].iov_len = len;
                ZERO_STRUCT(state->smb1.recv_iov[1]);
                ZERO_STRUCT(state->smb1.recv_iov[2]);
 
@@ -1824,6 +1934,8 @@ static NTSTATUS smb1cli_conn_dispatch_incoming(struct smbXcli_conn *conn,
                                   nt_errstr(status)));
                        return status;
                }
+               inhdr = inbuf + NBT_HDR_SIZE;
+               len = smb_len_nbt(inbuf);
        }
 
        mid = SVAL(inhdr, HDR_MID);
@@ -1845,7 +1957,7 @@ static NTSTATUS smb1cli_conn_dispatch_incoming(struct smbXcli_conn *conn,
                /*
                 * Paranoia checks that this is really an oplock break request.
                 */
-               oplock_break = (smb_len_nbt(inbuf) == 51); /* hdr + 8 words */
+               oplock_break = (len == 51); /* hdr + 8 words */
                oplock_break &= ((CVAL(inhdr, HDR_FLG) & FLAG_REPLY) == 0);
                oplock_break &= (CVAL(inhdr, HDR_COM) == SMBlockingX);
                oplock_break &= (SVAL(inhdr, HDR_VWV+VWV(6)) == 0);
@@ -1862,7 +1974,7 @@ static NTSTATUS smb1cli_conn_dispatch_incoming(struct smbXcli_conn *conn,
 
        if (!oplock_break /* oplock breaks are not signed */
            && !smb_signing_check_pdu(conn->smb1.signing,
-                                     inbuf, state->smb1.seqnum+1)) {
+                                     inhdr, len, state->smb1.seqnum+1)) {
                DEBUG(10, ("cli_check_sign_mac failed\n"));
                return NT_STATUS_ACCESS_DENIED;
        }
@@ -1878,6 +1990,17 @@ static NTSTATUS smb1cli_conn_dispatch_incoming(struct smbXcli_conn *conn,
        cmd = CVAL(inhdr, HDR_COM);
        status = smb1cli_pull_raw_error(inhdr);
 
+       if (NT_STATUS_EQUAL(status, NT_STATUS_NETWORK_SESSION_EXPIRED) &&
+           (state->session != NULL) && state->session->disconnect_expired)
+       {
+               /*
+                * this should be a short term hack
+                * until the upper layers have implemented
+                * re-authentication.
+                */
+               return status;
+       }
+
        if (state->smb1.chained_requests == NULL) {
                if (num_iov != 3) {
                        return NT_STATUS_INVALID_NETWORK_RESPONSE;
@@ -2320,6 +2443,15 @@ bool smbXcli_conn_has_async_calls(struct smbXcli_conn *conn)
                || (talloc_array_length(conn->pending) != 0));
 }
 
+bool smbXcli_conn_dfs_supported(struct smbXcli_conn *conn)
+{
+       if(conn->protocol >= PROTOCOL_SMB2_02) {
+               return (smb2cli_conn_server_capabilities(conn) & SMB2_CAP_DFS);
+       }
+
+       return (smb1cli_conn_capabilities(conn) & CAP_DFS);
+}
+
 uint32_t smb2cli_conn_server_capabilities(struct smbXcli_conn *conn)
 {
        return conn->smb2.server.capabilities;
@@ -2359,10 +2491,9 @@ static bool smb2cli_req_cancel(struct tevent_req *req)
                tevent_req_data(req,
                struct smbXcli_req_state);
        uint32_t flags = IVAL(state->smb2.hdr, SMB2_HDR_FLAGS);
-       uint32_t pid = IVAL(state->smb2.hdr, SMB2_HDR_PID);
-       uint32_t tid = IVAL(state->smb2.hdr, SMB2_HDR_TID);
        uint64_t mid = BVAL(state->smb2.hdr, SMB2_HDR_MESSAGE_ID);
        uint64_t aid = BVAL(state->smb2.hdr, SMB2_HDR_ASYNC_ID);
+       struct smbXcli_tcon *tcon = state->tcon;
        struct smbXcli_session *session = state->session;
        uint8_t *fixed = state->smb2.pad;
        uint16_t fixed_len = 4;
@@ -2378,7 +2509,7 @@ static bool smb2cli_req_cancel(struct tevent_req *req)
                                    SMB2_OP_CANCEL,
                                    flags, 0,
                                    0, /* timeout */
-                                   pid, tid, session,
+                                   tcon, session,
                                    fixed, fixed_len,
                                    NULL, 0);
        if (subreq == NULL) {
@@ -2386,13 +2517,17 @@ static bool smb2cli_req_cancel(struct tevent_req *req)
        }
        substate = tevent_req_data(subreq, struct smbXcli_req_state);
 
+       /*
+        * clear everything but the SMB2_HDR_FLAG_ASYNC flag
+        * e.g. if SMB2_HDR_FLAG_CHAINED is set we get INVALID_PARAMETER back
+        */
+       flags &= SMB2_HDR_FLAG_ASYNC;
+
        if (flags & SMB2_HDR_FLAG_ASYNC) {
                mid = 0;
        }
 
        SIVAL(substate->smb2.hdr, SMB2_HDR_FLAGS, flags);
-       SIVAL(substate->smb2.hdr, SMB2_HDR_PID, pid);
-       SIVAL(substate->smb2.hdr, SMB2_HDR_TID, tid);
        SBVAL(substate->smb2.hdr, SMB2_HDR_MESSAGE_ID, mid);
        SBVAL(substate->smb2.hdr, SMB2_HDR_ASYNC_ID, aid);
 
@@ -2420,8 +2555,7 @@ struct tevent_req *smb2cli_req_create(TALLOC_CTX *mem_ctx,
                                      uint32_t additional_flags,
                                      uint32_t clear_flags,
                                      uint32_t timeout_msec,
-                                     uint32_t pid,
-                                     uint32_t tid,
+                                     struct smbXcli_tcon *tcon,
                                      struct smbXcli_session *session,
                                      const uint8_t *fixed,
                                      uint16_t fixed_len,
@@ -2431,7 +2565,10 @@ struct tevent_req *smb2cli_req_create(TALLOC_CTX *mem_ctx,
        struct tevent_req *req;
        struct smbXcli_req_state *state;
        uint32_t flags = 0;
+       uint32_t tid = 0;
        uint64_t uid = 0;
+       bool use_channel_sequence = false;
+       uint16_t channel_sequence = 0;
 
        req = tevent_req_create(mem_ctx, &state,
                                struct smbXcli_req_state);
@@ -2442,30 +2579,47 @@ struct tevent_req *smb2cli_req_create(TALLOC_CTX *mem_ctx,
        state->ev = ev;
        state->conn = conn;
        state->session = session;
+       state->tcon = tcon;
+
+       if (conn->smb2.server.capabilities & SMB2_CAP_PERSISTENT_HANDLES) {
+               use_channel_sequence = true;
+       } else if (conn->smb2.server.capabilities & SMB2_CAP_MULTI_CHANNEL) {
+               use_channel_sequence = true;
+       }
 
        if (session) {
-               uid = session->smb2.session_id;
+               uid = session->smb2->session_id;
 
-               state->smb2.should_sign = session->smb2.should_sign;
-               state->smb2.should_encrypt = session->smb2.should_encrypt;
+               if (use_channel_sequence) {
+                       channel_sequence = session->smb2->channel_sequence;
+               }
 
-               /* TODO: turn on encryption based on the tree connect. */
+               state->smb2.should_sign = session->smb2->should_sign;
+               state->smb2.should_encrypt = session->smb2->should_encrypt;
 
                if (cmd == SMB2_OP_SESSSETUP &&
-                   session->smb2.signing_key.length != 0) {
+                   session->smb2->signing_key.length != 0) {
                        state->smb2.should_sign = true;
                }
 
                if (cmd == SMB2_OP_SESSSETUP &&
-                   session->smb2.channel_signing_key.length == 0) {
+                   session->smb2_channel.signing_key.length == 0) {
                        state->smb2.should_encrypt = false;
                }
+       }
+
+       if (tcon) {
+               tid = tcon->smb2.tcon_id;
 
-               if (state->smb2.should_encrypt) {
-                       state->smb2.should_sign = false;
+               if (tcon->smb2.should_encrypt) {
+                       state->smb2.should_encrypt = true;
                }
        }
 
+       if (state->smb2.should_encrypt) {
+               state->smb2.should_sign = false;
+       }
+
        state->smb2.recv_iov = talloc_zero_array(state, struct iovec, 3);
        if (state->smb2.recv_iov == NULL) {
                TALLOC_FREE(req);
@@ -2488,8 +2642,9 @@ struct tevent_req *smb2cli_req_create(TALLOC_CTX *mem_ctx,
        SIVAL(state->smb2.hdr, SMB2_HDR_PROTOCOL_ID,    SMB2_MAGIC);
        SSVAL(state->smb2.hdr, SMB2_HDR_LENGTH,         SMB2_HDR_BODY);
        SSVAL(state->smb2.hdr, SMB2_HDR_OPCODE,         cmd);
+       SSVAL(state->smb2.hdr, SMB2_HDR_CHANNEL_SEQUENCE, channel_sequence);
        SIVAL(state->smb2.hdr, SMB2_HDR_FLAGS,          flags);
-       SIVAL(state->smb2.hdr, SMB2_HDR_PID,            pid);
+       SIVAL(state->smb2.hdr, SMB2_HDR_PID,            0); /* reserved */
        SIVAL(state->smb2.hdr, SMB2_HDR_TID,            tid);
        SBVAL(state->smb2.hdr, SMB2_HDR_SESSION_ID,     uid);
 
@@ -2541,14 +2696,17 @@ NTSTATUS smb2cli_req_compound_submit(struct tevent_req **reqs,
        struct tevent_req *subreq;
        struct iovec *iov;
        int i, num_iov, nbt_len;
+       int tf_iov = -1;
+       const DATA_BLOB *encryption_key = NULL;
+       uint64_t encryption_session_id = 0;
 
        /*
-        * 1 for the nbt length
-        * per request: TRANSFORM, HDR, fixed, dyn, padding
+        * 1 for the nbt length, optional TRANSFORM
+        * per request: HDR, fixed, dyn, padding
         * -1 because the last one does not need padding
         */
 
-       iov = talloc_array(reqs[0], struct iovec, 1 + 5*num_reqs - 1);
+       iov = talloc_array(reqs[0], struct iovec, 1 + 1 + 4*num_reqs - 1);
        if (iov == NULL) {
                return NT_STATUS_NO_MEMORY;
        }
@@ -2556,8 +2714,65 @@ NTSTATUS smb2cli_req_compound_submit(struct tevent_req **reqs,
        num_iov = 1;
        nbt_len = 0;
 
+       /*
+        * the session of the first request that requires encryption
+        * specifies the encryption key.
+        */
+       for (i=0; i<num_reqs; i++) {
+               if (!tevent_req_is_in_progress(reqs[i])) {
+                       return NT_STATUS_INTERNAL_ERROR;
+               }
+
+               state = tevent_req_data(reqs[i], struct smbXcli_req_state);
+
+               if (!smbXcli_conn_is_connected(state->conn)) {
+                       return NT_STATUS_CONNECTION_DISCONNECTED;
+               }
+
+               if ((state->conn->protocol != PROTOCOL_NONE) &&
+                   (state->conn->protocol < PROTOCOL_SMB2_02)) {
+                       return NT_STATUS_REVISION_MISMATCH;
+               }
+
+               if (state->session == NULL) {
+                       continue;
+               }
+
+               if (!state->smb2.should_encrypt) {
+                       continue;
+               }
+
+               encryption_key = &state->session->smb2->encryption_key;
+               if (encryption_key->length == 0) {
+                       return NT_STATUS_INVALID_PARAMETER_MIX;
+               }
+
+               encryption_session_id = state->session->smb2->session_id;
+
+               tf_iov = num_iov;
+               iov[num_iov].iov_base = state->smb2.transform;
+               iov[num_iov].iov_len  = sizeof(state->smb2.transform);
+               num_iov += 1;
+
+               SBVAL(state->smb2.transform, SMB2_TF_PROTOCOL_ID, SMB2_TF_MAGIC);
+               SBVAL(state->smb2.transform, SMB2_TF_NONCE,
+                     state->session->smb2->nonce_low);
+               SBVAL(state->smb2.transform, SMB2_TF_NONCE+8,
+                     state->session->smb2->nonce_high);
+               SBVAL(state->smb2.transform, SMB2_TF_SESSION_ID,
+                     encryption_session_id);
+
+               state->session->smb2->nonce_low += 1;
+               if (state->session->smb2->nonce_low == 0) {
+                       state->session->smb2->nonce_high += 1;
+                       state->session->smb2->nonce_low += 1;
+               }
+
+               nbt_len += SMB2_TF_HDR_SIZE;
+               break;
+       }
+
        for (i=0; i<num_reqs; i++) {
-               int tf_iov;
                int hdr_iov;
                size_t reqlen;
                bool ret;
@@ -2567,7 +2782,6 @@ NTSTATUS smb2cli_req_compound_submit(struct tevent_req **reqs,
                uint16_t credits;
                uint64_t mid;
                const DATA_BLOB *signing_key = NULL;
-               const DATA_BLOB *encryption_key = NULL;
 
                if (!tevent_req_is_in_progress(reqs[i])) {
                        return NT_STATUS_INTERNAL_ERROR;
@@ -2627,13 +2841,13 @@ NTSTATUS smb2cli_req_compound_submit(struct tevent_req **reqs,
                SBVAL(state->smb2.hdr, SMB2_HDR_MESSAGE_ID, mid);
 
 skip_credits:
-               if (state->session) {
+               if (state->session && encryption_key == NULL) {
                        /*
                         * We prefer the channel signing key if it is
                         * already there.
                         */
                        if (state->smb2.should_sign) {
-                               signing_key = &state->session->smb2.channel_signing_key;
+                               signing_key = &state->session->smb2_channel.signing_key;
                        }
 
                        /*
@@ -2641,7 +2855,7 @@ skip_credits:
                         * signing key and try that one.
                         */
                        if (signing_key && signing_key->length == 0) {
-                               signing_key = &state->session->smb2.signing_key;
+                               signing_key = &state->session->smb2->signing_key;
                        }
 
                        /*
@@ -2651,17 +2865,6 @@ skip_credits:
                        if (signing_key && signing_key->length == 0) {
                                signing_key = NULL;
                        }
-
-                       if (state->smb2.should_encrypt) {
-                               encryption_key = &state->session->smb2.encryption_key;
-                       }
-               }
-
-               if (encryption_key) {
-                       tf_iov = num_iov;
-                       iov[num_iov].iov_base = state->smb2.transform;
-                       iov[num_iov].iov_len  = sizeof(state->smb2.transform);
-                       num_iov += 1;
                }
 
                hdr_iov = num_iov;
@@ -2694,48 +2897,9 @@ skip_credits:
                        SIVAL(state->smb2.hdr, SMB2_HDR_NEXT_COMMAND, reqlen);
                }
 
-               if (encryption_key) {
-                       NTSTATUS status;
-                       uint8_t *buf;
-                       int vi;
-
-                       SBVAL(state->smb2.transform, SMB2_TF_NONCE, mid);
-                       SBVAL(state->smb2.transform, SMB2_TF_NONCE+8,
-                             state->session->smb2.channel_nonce);
-                       SBVAL(state->smb2.transform, SMB2_TF_MSG_SIZE,
-                             reqlen);
-
-                       buf = talloc_array(iov, uint8_t, reqlen);
-                       if (buf == NULL) {
-                               return NT_STATUS_NO_MEMORY;
-                       }
-
-                       reqlen += SMB2_TF_HDR_SIZE;
-
-                       /*
-                        * We copy the buffers before encrypting them,
-                        * this is at least currently needed for the
-                        * to keep state->smb2.hdr.
-                        *
-                        * Also the callers may expect there buffers
-                        * to be const.
-                        */
-                       for (vi = hdr_iov; vi < num_iov; vi++) {
-                               struct iovec *v = &iov[vi];
-                               const uint8_t *o = (const uint8_t *)v->iov_base;
-
-                               memcpy(buf, o, v->iov_len);
-                               v->iov_base = (void *)buf;
-                               buf += v->iov_len;
-                       }
+               state->smb2.encryption_session_id = encryption_session_id;
 
-                       status = smb2_signing_encrypt_pdu(*encryption_key,
-                                               state->session->conn->protocol,
-                                               &iov[tf_iov], num_iov - tf_iov);
-                       if (!NT_STATUS_IS_OK(status)) {
-                               return status;
-                       }
-               } else if (signing_key) {
+               if (signing_key != NULL) {
                        NTSTATUS status;
 
                        status = smb2_signing_sign_pdu(*signing_key,
@@ -2759,6 +2923,42 @@ skip_credits:
        iov[0].iov_base = state->length_hdr;
        iov[0].iov_len  = sizeof(state->length_hdr);
 
+       if (encryption_key != NULL) {
+               NTSTATUS status;
+               size_t buflen = nbt_len - SMB2_TF_HDR_SIZE;
+               uint8_t *buf;
+               int vi;
+
+               buf = talloc_array(iov, uint8_t, buflen);
+               if (buf == NULL) {
+                       return NT_STATUS_NO_MEMORY;
+               }
+
+               /*
+                * We copy the buffers before encrypting them,
+                * this is at least currently needed for the
+                * to keep state->smb2.hdr.
+                *
+                * Also the callers may expect there buffers
+                * to be const.
+                */
+               for (vi = tf_iov + 1; vi < num_iov; vi++) {
+                       struct iovec *v = &iov[vi];
+                       const uint8_t *o = (const uint8_t *)v->iov_base;
+
+                       memcpy(buf, o, v->iov_len);
+                       v->iov_base = (void *)buf;
+                       buf += v->iov_len;
+               }
+
+               status = smb2_signing_encrypt_pdu(*encryption_key,
+                                       state->conn->protocol,
+                                       &iov[tf_iov], num_iov - tf_iov);
+               if (!NT_STATUS_IS_OK(status)) {
+                       return status;
+               }
+       }
+
        if (state->conn->dispatch_incoming == NULL) {
                state->conn->dispatch_incoming = smb2cli_conn_dispatch_incoming;
        }
@@ -2788,8 +2988,7 @@ struct tevent_req *smb2cli_req_send(TALLOC_CTX *mem_ctx,
                                    uint32_t additional_flags,
                                    uint32_t clear_flags,
                                    uint32_t timeout_msec,
-                                   uint32_t pid,
-                                   uint32_t tid,
+                                   struct smbXcli_tcon *tcon,
                                    struct smbXcli_session *session,
                                    const uint8_t *fixed,
                                    uint16_t fixed_len,
@@ -2802,7 +3001,7 @@ struct tevent_req *smb2cli_req_send(TALLOC_CTX *mem_ctx,
        req = smb2cli_req_create(mem_ctx, ev, conn, cmd,
                                 additional_flags, clear_flags,
                                 timeout_msec,
-                                pid, tid, session,
+                                tcon, session,
                                 fixed, fixed_len, dyn, dyn_len);
        if (req == NULL) {
                return NULL;
@@ -2848,6 +3047,9 @@ static NTSTATUS smb2cli_inbuf_parse_compound(struct smbXcli_conn *conn,
        int num_iov = 0;
        size_t taken = 0;
        uint8_t *first_hdr = buf;
+       size_t verified_buflen = 0;
+       uint8_t *tf = NULL;
+       size_t tf_len = 0;
 
        iov = talloc_array(mem_ctx, struct iovec, num_iov);
        if (iov == NULL) {
@@ -2855,8 +3057,6 @@ static NTSTATUS smb2cli_inbuf_parse_compound(struct smbXcli_conn *conn,
        }
 
        while (taken < buflen) {
-               uint8_t *tf = NULL;
-               size_t tf_len = 0;
                size_t len = buflen - taken;
                uint8_t *hdr = first_hdr + taken;
                struct iovec *cur;
@@ -2865,6 +3065,13 @@ static NTSTATUS smb2cli_inbuf_parse_compound(struct smbXcli_conn *conn,
                uint16_t body_size;
                struct iovec *iov_tmp;
 
+               if (verified_buflen > taken) {
+                       len = verified_buflen - taken;
+               } else {
+                       tf = NULL;
+                       tf_len = 0;
+               }
+
                if (len < 4) {
                        DEBUG(10, ("%d bytes left, expected at least %d\n",
                                   (int)len, 4));
@@ -2874,6 +3081,7 @@ static NTSTATUS smb2cli_inbuf_parse_compound(struct smbXcli_conn *conn,
                        struct smbXcli_session *s;
                        uint64_t uid;
                        struct iovec tf_iov[2];
+                       size_t enc_len;
                        NTSTATUS status;
 
                        if (len < SMB2_TF_HDR_SIZE) {
@@ -2886,12 +3094,19 @@ static NTSTATUS smb2cli_inbuf_parse_compound(struct smbXcli_conn *conn,
                        taken += tf_len;
 
                        hdr = first_hdr + taken;
-                       len = IVAL(tf, SMB2_TF_MSG_SIZE);
+                       enc_len = IVAL(tf, SMB2_TF_MSG_SIZE);
                        uid = BVAL(tf, SMB2_TF_SESSION_ID);
 
+                       if (len < SMB2_TF_HDR_SIZE + enc_len) {
+                               DEBUG(10, ("%d bytes left, expected at least %d\n",
+                                          (int)len,
+                                          (int)(SMB2_TF_HDR_SIZE + enc_len)));
+                               goto inval;
+                       }
+
                        s = conn->sessions;
                        for (; s; s = s->next) {
-                               if (s->smb2.session_id != uid) {
+                               if (s->smb2->session_id != uid) {
                                        continue;
                                }
                                break;
@@ -2906,15 +3121,18 @@ static NTSTATUS smb2cli_inbuf_parse_compound(struct smbXcli_conn *conn,
                        tf_iov[0].iov_base = (void *)tf;
                        tf_iov[0].iov_len = tf_len;
                        tf_iov[1].iov_base = (void *)hdr;
-                       tf_iov[1].iov_len = len;
+                       tf_iov[1].iov_len = enc_len;
 
-                       status = smb2_signing_decrypt_pdu(s->smb2.decryption_key,
+                       status = smb2_signing_decrypt_pdu(s->smb2->decryption_key,
                                                          conn->protocol,
                                                          tf_iov, 2);
                        if (!NT_STATUS_IS_OK(status)) {
                                TALLOC_FREE(iov);
                                return status;
                        }
+
+                       verified_buflen = taken + enc_len;
+                       len = enc_len;
                }
 
                /*
@@ -2948,9 +3166,6 @@ static NTSTATUS smb2cli_inbuf_parse_compound(struct smbXcli_conn *conn,
                        if (next_command_ofs > full_size) {
                                goto inval;
                        }
-                       if (tf && next_command_ofs < len) {
-                               goto inval;
-                       }
                        full_size = next_command_ofs;
                }
                if (body_size < 2) {
@@ -3047,6 +3262,7 @@ static NTSTATUS smb2cli_conn_dispatch_incoming(struct smbXcli_conn *conn,
                uint32_t new_credits;
                struct smbXcli_session *session = NULL;
                const DATA_BLOB *signing_key = NULL;
+               bool was_encrypted = false;
 
                new_credits = conn->smb2.cur_credits;
                new_credits += credits;
@@ -3115,7 +3331,7 @@ static NTSTATUS smb2cli_conn_dispatch_incoming(struct smbXcli_conn *conn,
 
                                s = state->conn->sessions;
                                for (; s; s = s->next) {
-                                       if (s->smb2.session_id != uid) {
+                                       if (s->smb2->session_id != uid) {
                                                continue;
                                        }
 
@@ -3129,7 +3345,7 @@ static NTSTATUS smb2cli_conn_dispatch_incoming(struct smbXcli_conn *conn,
                        }
 
                        last_session = session;
-                       signing_key = &session->smb2.channel_signing_key;
+                       signing_key = &session->smb2_channel.signing_key;
                }
 
                if (opcode == SMB2_OP_SESSSETUP) {
@@ -3143,7 +3359,7 @@ static NTSTATUS smb2cli_conn_dispatch_incoming(struct smbXcli_conn *conn,
                         */
                        if (signing_key && signing_key->length == 0 &&
                            !NT_STATUS_IS_OK(status)) {
-                               signing_key = &session->smb2.signing_key;
+                               signing_key = &session->smb2->signing_key;
                        }
 
                        if (signing_key && signing_key->length == 0) {
@@ -3164,6 +3380,26 @@ static NTSTATUS smb2cli_conn_dispatch_incoming(struct smbXcli_conn *conn,
                        }
                }
 
+               if (cur[0].iov_len == SMB2_TF_HDR_SIZE) {
+                       const uint8_t *tf = (const uint8_t *)cur[0].iov_base;
+                       uint64_t uid = BVAL(tf, SMB2_TF_SESSION_ID);
+
+                       /*
+                        * If the response was encrypted in a SMB2_TRANSFORM
+                        * pdu, which belongs to the correct session,
+                        * we do not need to do signing checks
+                        *
+                        * It could be the session the response belongs to
+                        * or the session that was used to encrypt the
+                        * SMB2_TRANSFORM request.
+                        */
+                       if ((session && session->smb2->session_id == uid) ||
+                           (state->smb2.encryption_session_id == uid)) {
+                               signing_key = NULL;
+                               was_encrypted = true;
+                       }
+               }
+
                if (NT_STATUS_EQUAL(status, NT_STATUS_USER_SESSION_DELETED)) {
                        /*
                         * if the server returns NT_STATUS_USER_SESSION_DELETED
@@ -3171,9 +3407,24 @@ static NTSTATUS smb2cli_conn_dispatch_incoming(struct smbXcli_conn *conn,
                         * propagate the NT_STATUS_USER_SESSION_DELETED
                         * status to the caller.
                         */
+                       state->smb2.signing_skipped = true;
                        signing_key = NULL;
-               } else if (state->smb2.should_encrypt) {
-                       if (cur[0].iov_len != SMB2_TF_HDR_SIZE) {
+               }
+
+               if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
+                       /*
+                        * if the server returns
+                        * NT_STATUS_INVALID_PARAMETER
+                        * the response might not be encrypted.
+                        */
+                       if (state->smb2.should_encrypt && !was_encrypted) {
+                               state->smb2.signing_skipped = true;
+                               signing_key = NULL;
+                       }
+               }
+
+               if (state->smb2.should_encrypt && !was_encrypted) {
+                       if (!state->smb2.signing_skipped) {
                                return NT_STATUS_ACCESS_DENIED;
                        }
                }
@@ -3231,6 +3482,17 @@ static NTSTATUS smb2cli_conn_dispatch_incoming(struct smbXcli_conn *conn,
                        }
                }
 
+               if (NT_STATUS_EQUAL(status, NT_STATUS_NETWORK_SESSION_EXPIRED) &&
+                   (session != NULL) && session->disconnect_expired)
+               {
+                       /*
+                        * this should be a short term hack
+                        * until the upper layers have implemented
+                        * re-authentication.
+                        */
+                       return status;
+               }
+
                smbXcli_req_unset_pending(req);
 
                /*
@@ -3806,6 +4068,15 @@ static void smbXcli_negprot_smb1_done(struct tevent_req *subreq)
                if (server_security_mode & NEGOTIATE_SECURITY_SIGNATURES_ENABLED) {
                        server_signing = "supported";
                        server_allowed = true;
+               } else if (conn->mandatory_signing) {
+                       /*
+                        * We have mandatory signing as client
+                        * lets assume the server will look at our
+                        * FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED
+                        * flag in the session setup
+                        */
+                       server_signing = "not announced";
+                       server_allowed = true;
                }
                if (server_security_mode & NEGOTIATE_SECURITY_SIGNATURES_REQUIRED) {
                        server_signing = "required";
@@ -3993,7 +4264,7 @@ static struct tevent_req *smbXcli_negprot_smb2_subreq(struct smbXcli_negprot_sta
                                state->conn, SMB2_OP_NEGPROT,
                                0, 0, /* flags */
                                state->timeout_msec,
-                               0xFEFF, 0, NULL, /* pid, tid, session */
+                               NULL, NULL, /* tcon, session */
                                state->smb2.fixed, sizeof(state->smb2.fixed),
                                state->smb2.dyn, dialect_count*2);
 }
@@ -4190,7 +4461,7 @@ NTSTATUS smbXcli_negprot(struct smbXcli_conn *conn,
                status = NT_STATUS_INVALID_PARAMETER_MIX;
                goto fail;
        }
-       ev = tevent_context_init(frame);
+       ev = samba_tevent_context_init(frame);
        if (ev == NULL) {
                goto fail;
        }
@@ -4229,6 +4500,11 @@ struct smbXcli_session *smbXcli_session_create(TALLOC_CTX *mem_ctx,
        if (session == NULL) {
                return NULL;
        }
+       session->smb2 = talloc_zero(session, struct smb2cli_session);
+       if (session->smb2 == NULL) {
+               talloc_free(session);
+               return NULL;
+       }
        talloc_set_destructor(session, smbXcli_session_destructor);
 
        DLIST_ADD_END(conn->sessions, session, struct smbXcli_session *);
@@ -4237,6 +4513,68 @@ struct smbXcli_session *smbXcli_session_create(TALLOC_CTX *mem_ctx,
        return session;
 }
 
+struct smbXcli_session *smbXcli_session_copy(TALLOC_CTX *mem_ctx,
+                                               struct smbXcli_session *src)
+{
+       struct smbXcli_session *session;
+
+       session = talloc_zero(mem_ctx, struct smbXcli_session);
+       if (session == NULL) {
+               return NULL;
+       }
+       session->smb2 = talloc_zero(session, struct smb2cli_session);
+       if (session->smb2 == NULL) {
+               talloc_free(session);
+               return NULL;
+       }
+
+       session->conn = src->conn;
+       *session->smb2 = *src->smb2;
+       session->smb2_channel = src->smb2_channel;
+       session->disconnect_expired = src->disconnect_expired;
+
+       DLIST_ADD_END(src->conn->sessions, session, struct smbXcli_session *);
+       talloc_set_destructor(session, smbXcli_session_destructor);
+
+       return session;
+}
+
+
+NTSTATUS smbXcli_session_application_key(struct smbXcli_session *session,
+                                        TALLOC_CTX *mem_ctx,
+                                        DATA_BLOB *key)
+{
+       const DATA_BLOB *application_key;
+
+       *key = data_blob_null;
+
+       if (session->conn == NULL) {
+               return NT_STATUS_NO_USER_SESSION_KEY;
+       }
+
+       if (session->conn->protocol >= PROTOCOL_SMB2_02) {
+               application_key = &session->smb2->application_key;
+       } else {
+               application_key = &session->smb1.application_key;
+       }
+
+       if (application_key->length == 0) {
+               return NT_STATUS_NO_USER_SESSION_KEY;
+       }
+
+       *key = data_blob_dup_talloc(mem_ctx, *application_key);
+       if (key->data == NULL) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       return NT_STATUS_OK;
+}
+
+void smbXcli_session_set_disconnect_expired(struct smbXcli_session *session)
+{
+       session->disconnect_expired = true;
+}
+
 uint16_t smb1cli_session_current_id(struct smbXcli_session *session)
 {
        return session->smb1.session_id;
@@ -4248,6 +4586,67 @@ void smb1cli_session_set_id(struct smbXcli_session *session,
        session->smb1.session_id = session_id;
 }
 
+NTSTATUS smb1cli_session_set_session_key(struct smbXcli_session *session,
+                                        const DATA_BLOB _session_key)
+{
+       struct smbXcli_conn *conn = session->conn;
+       uint8_t session_key[16];
+
+       if (conn == NULL) {
+               return NT_STATUS_INVALID_PARAMETER_MIX;
+       }
+
+       if (session->smb1.application_key.length != 0) {
+               /*
+                * TODO: do not allow this...
+                *
+                * return NT_STATUS_INVALID_PARAMETER_MIX;
+                */
+               data_blob_clear_free(&session->smb1.application_key);
+               session->smb1.protected_key = false;
+       }
+
+       if (_session_key.length == 0) {
+               return NT_STATUS_OK;
+       }
+
+       ZERO_STRUCT(session_key);
+       memcpy(session_key, _session_key.data,
+              MIN(_session_key.length, sizeof(session_key)));
+
+       session->smb1.application_key = data_blob_talloc(session,
+                                                        session_key,
+                                                        sizeof(session_key));
+       ZERO_STRUCT(session_key);
+       if (session->smb1.application_key.data == NULL) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       session->smb1.protected_key = false;
+
+       return NT_STATUS_OK;
+}
+
+NTSTATUS smb1cli_session_protect_session_key(struct smbXcli_session *session)
+{
+       if (session->smb1.protected_key) {
+               /* already protected */
+               return NT_STATUS_OK;
+       }
+
+       if (session->smb1.application_key.length != 16) {
+               return NT_STATUS_INVALID_PARAMETER_MIX;
+       }
+
+       smb_key_derivation(session->smb1.application_key.data,
+                          session->smb1.application_key.length,
+                          session->smb1.application_key.data);
+
+       session->smb1.protected_key = true;
+
+       return NT_STATUS_OK;
+}
+
 uint8_t smb2cli_session_security_mode(struct smbXcli_session *session)
 {
        struct smbXcli_conn *conn = session->conn;
@@ -4267,38 +4666,25 @@ uint8_t smb2cli_session_security_mode(struct smbXcli_session *session)
 
 uint64_t smb2cli_session_current_id(struct smbXcli_session *session)
 {
-       return session->smb2.session_id;
+       return session->smb2->session_id;
 }
 
 uint16_t smb2cli_session_get_flags(struct smbXcli_session *session)
 {
-       return session->smb2.session_flags;
-}
-
-NTSTATUS smb2cli_session_application_key(struct smbXcli_session *session,
-                                        TALLOC_CTX *mem_ctx,
-                                        DATA_BLOB *key)
-{
-       *key = data_blob_null;
-
-       if (session->smb2.application_key.length == 0) {
-               return NT_STATUS_NO_USER_SESSION_KEY;
-       }
-
-       *key = data_blob_dup_talloc(mem_ctx, session->smb2.application_key);
-       if (key->data == NULL) {
-               return NT_STATUS_NO_MEMORY;
-       }
-
-       return NT_STATUS_OK;
+       return session->smb2->session_flags;
 }
 
 void smb2cli_session_set_id_and_flags(struct smbXcli_session *session,
                                      uint64_t session_id,
                                      uint16_t session_flags)
 {
-       session->smb2.session_id = session_id;
-       session->smb2.session_flags = session_flags;
+       session->smb2->session_id = session_id;
+       session->smb2->session_flags = session_flags;
+}
+
+void smb2cli_session_increment_channel_sequence(struct smbXcli_session *session)
+{
+       session->smb2->channel_sequence += 1;
 }
 
 NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
@@ -4316,12 +4702,12 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
 
        no_sign_flags = SMB2_SESSION_FLAG_IS_GUEST | SMB2_SESSION_FLAG_IS_NULL;
 
-       if (session->smb2.session_flags & no_sign_flags) {
-               session->smb2.should_sign = false;
+       if (session->smb2->session_flags & no_sign_flags) {
+               session->smb2->should_sign = false;
                return NT_STATUS_OK;
        }
 
-       if (session->smb2.signing_key.length != 0) {
+       if (session->smb2->signing_key.length != 0) {
                return NT_STATUS_INVALID_PARAMETER_MIX;
        }
 
@@ -4329,10 +4715,10 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
        memcpy(session_key, _session_key.data,
               MIN(_session_key.length, sizeof(session_key)));
 
-       session->smb2.signing_key = data_blob_talloc(session,
+       session->smb2->signing_key = data_blob_talloc(session,
                                                     session_key,
                                                     sizeof(session_key));
-       if (session->smb2.signing_key.data == NULL) {
+       if (session->smb2->signing_key.data == NULL) {
                ZERO_STRUCT(session_key);
                return NT_STATUS_NO_MEMORY;
        }
@@ -4344,12 +4730,12 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
                smb2_key_derivation(session_key, sizeof(session_key),
                                    label.data, label.length,
                                    context.data, context.length,
-                                   session->smb2.signing_key.data);
+                                   session->smb2->signing_key.data);
        }
 
-       session->smb2.encryption_key = data_blob_dup_talloc(session,
-                                               session->smb2.signing_key);
-       if (session->smb2.encryption_key.data == NULL) {
+       session->smb2->encryption_key = data_blob_dup_talloc(session,
+                                               session->smb2->signing_key);
+       if (session->smb2->encryption_key.data == NULL) {
                ZERO_STRUCT(session_key);
                return NT_STATUS_NO_MEMORY;
        }
@@ -4361,12 +4747,12 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
                smb2_key_derivation(session_key, sizeof(session_key),
                                    label.data, label.length,
                                    context.data, context.length,
-                                   session->smb2.encryption_key.data);
+                                   session->smb2->encryption_key.data);
        }
 
-       session->smb2.decryption_key = data_blob_dup_talloc(session,
-                                               session->smb2.signing_key);
-       if (session->smb2.decryption_key.data == NULL) {
+       session->smb2->decryption_key = data_blob_dup_talloc(session,
+                                               session->smb2->signing_key);
+       if (session->smb2->decryption_key.data == NULL) {
                ZERO_STRUCT(session_key);
                return NT_STATUS_NO_MEMORY;
        }
@@ -4378,12 +4764,12 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
                smb2_key_derivation(session_key, sizeof(session_key),
                                    label.data, label.length,
                                    context.data, context.length,
-                                   session->smb2.decryption_key.data);
+                                   session->smb2->decryption_key.data);
        }
 
-       session->smb2.application_key = data_blob_dup_talloc(session,
-                                               session->smb2.signing_key);
-       if (session->smb2.application_key.data == NULL) {
+       session->smb2->application_key = data_blob_dup_talloc(session,
+                                               session->smb2->signing_key);
+       if (session->smb2->application_key.data == NULL) {
                ZERO_STRUCT(session_key);
                return NT_STATUS_NO_MEMORY;
        }
@@ -4395,49 +4781,49 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
                smb2_key_derivation(session_key, sizeof(session_key),
                                    label.data, label.length,
                                    context.data, context.length,
-                                   session->smb2.application_key.data);
+                                   session->smb2->application_key.data);
        }
        ZERO_STRUCT(session_key);
 
-       session->smb2.channel_signing_key = data_blob_dup_talloc(session,
-                                               session->smb2.signing_key);
-       if (session->smb2.channel_signing_key.data == NULL) {
+       session->smb2_channel.signing_key = data_blob_dup_talloc(session,
+                                               session->smb2->signing_key);
+       if (session->smb2_channel.signing_key.data == NULL) {
                return NT_STATUS_NO_MEMORY;
        }
 
-       status = smb2_signing_check_pdu(session->smb2.channel_signing_key,
+       status = smb2_signing_check_pdu(session->smb2_channel.signing_key,
                                        session->conn->protocol,
                                        recv_iov, 3);
        if (!NT_STATUS_IS_OK(status)) {
                return status;
        }
 
-       session->smb2.should_sign = false;
-       session->smb2.should_encrypt = false;
+       session->smb2->should_sign = false;
+       session->smb2->should_encrypt = false;
 
        if (conn->desire_signing) {
-               session->smb2.should_sign = true;
+               session->smb2->should_sign = true;
        }
 
        if (conn->smb2.server.security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) {
-               session->smb2.should_sign = true;
+               session->smb2->should_sign = true;
        }
 
-       if (session->smb2.session_flags & SMB2_SESSION_FLAG_ENCRYPT_DATA) {
-               session->smb2.should_encrypt = true;
+       if (session->smb2->session_flags & SMB2_SESSION_FLAG_ENCRYPT_DATA) {
+               session->smb2->should_encrypt = true;
        }
 
        if (conn->protocol < PROTOCOL_SMB2_24) {
-               session->smb2.should_encrypt = false;
+               session->smb2->should_encrypt = false;
        }
 
        if (!(conn->smb2.server.capabilities & SMB2_CAP_ENCRYPTION)) {
-               session->smb2.should_encrypt = false;
+               session->smb2->should_encrypt = false;
        }
 
-       generate_random_buffer((uint8_t *)&session->smb2.channel_nonce,
-                              sizeof(session->smb2.channel_nonce));
-       session->smb2.channel_next = 1;
+       generate_random_buffer((uint8_t *)&session->smb2->nonce_high,
+                              sizeof(session->smb2->nonce_high));
+       session->smb2->nonce_low = 1;
 
        return NT_STATUS_OK;
 }
@@ -4449,11 +4835,7 @@ NTSTATUS smb2cli_session_create_channel(TALLOC_CTX *mem_ctx,
 {
        struct smbXcli_session *session2;
 
-       if (session1->smb2.signing_key.length == 0) {
-               return NT_STATUS_INVALID_PARAMETER_MIX;
-       }
-
-       if (session1->smb2.channel_next == 0) {
+       if (session1->smb2->signing_key.length == 0) {
                return NT_STATUS_INVALID_PARAMETER_MIX;
        }
 
@@ -4465,37 +4847,9 @@ NTSTATUS smb2cli_session_create_channel(TALLOC_CTX *mem_ctx,
        if (session2 == NULL) {
                return NT_STATUS_NO_MEMORY;
        }
-       session2->smb2.session_id = session1->smb2.session_id;
-       session2->smb2.session_flags = session1->smb2.session_flags;
-
-       session2->smb2.signing_key = data_blob_dup_talloc(session2,
-                                               session1->smb2.signing_key);
-       if (session2->smb2.signing_key.data == NULL) {
-               return NT_STATUS_NO_MEMORY;
-       }
-
-       session2->smb2.application_key = data_blob_dup_talloc(session2,
-                                               session1->smb2.application_key);
-       if (session2->smb2.application_key.data == NULL) {
-               return NT_STATUS_NO_MEMORY;
-       }
-
-       session2->smb2.should_sign = session1->smb2.should_sign;
-       session2->smb2.should_encrypt = session1->smb2.should_encrypt;
-
-       session2->smb2.channel_nonce = session1->smb2.channel_nonce;
-       session2->smb2.channel_nonce += session1->smb2.channel_next;
-       session1->smb2.channel_next++;
-
-       session2->smb2.encryption_key = data_blob_dup_talloc(session2,
-                                               session1->smb2.encryption_key);
-       if (session2->smb2.encryption_key.data == NULL) {
-               return NT_STATUS_NO_MEMORY;
-       }
-
-       session2->smb2.decryption_key = data_blob_dup_talloc(session2,
-                                               session1->smb2.decryption_key);
-       if (session2->smb2.decryption_key.data == NULL) {
+       session2->smb2 = talloc_reference(session2, session1->smb2);
+       if (session2->smb2 == NULL) {
+               talloc_free(session2);
                return NT_STATUS_NO_MEMORY;
        }
 
@@ -4519,7 +4873,7 @@ NTSTATUS smb2cli_session_set_channel_key(struct smbXcli_session *session,
                return NT_STATUS_INVALID_PARAMETER_MIX;
        }
 
-       if (session->smb2.channel_signing_key.length != 0) {
+       if (session->smb2_channel.signing_key.length != 0) {
                return NT_STATUS_INVALID_PARAMETER_MIX;
        }
 
@@ -4527,10 +4881,10 @@ NTSTATUS smb2cli_session_set_channel_key(struct smbXcli_session *session,
        memcpy(channel_key, _channel_key.data,
               MIN(_channel_key.length, sizeof(channel_key)));
 
-       session->smb2.channel_signing_key = data_blob_talloc(session,
+       session->smb2_channel.signing_key = data_blob_talloc(session,
                                                channel_key,
                                                sizeof(channel_key));
-       if (session->smb2.channel_signing_key.data == NULL) {
+       if (session->smb2_channel.signing_key.data == NULL) {
                ZERO_STRUCT(channel_key);
                return NT_STATUS_NO_MEMORY;
        }
@@ -4542,11 +4896,11 @@ NTSTATUS smb2cli_session_set_channel_key(struct smbXcli_session *session,
                smb2_key_derivation(channel_key, sizeof(channel_key),
                                    label.data, label.length,
                                    context.data, context.length,
-                                   session->smb2.channel_signing_key.data);
+                                   session->smb2_channel.signing_key.data);
        }
        ZERO_STRUCT(channel_key);
 
-       status = smb2_signing_check_pdu(session->smb2.channel_signing_key,
+       status = smb2_signing_check_pdu(session->smb2_channel.signing_key,
                                        session->conn->protocol,
                                        recv_iov, 3);
        if (!NT_STATUS_IS_OK(status)) {
@@ -4611,7 +4965,13 @@ uint32_t smb2cli_tcon_current_id(struct smbXcli_tcon *tcon)
        return tcon->smb2.tcon_id;
 }
 
+uint32_t smb2cli_tcon_capabilities(struct smbXcli_tcon *tcon)
+{
+       return tcon->smb2.capabilities;
+}
+
 void smb2cli_tcon_set_values(struct smbXcli_tcon *tcon,
+                            struct smbXcli_session *session,
                             uint32_t tcon_id,
                             uint8_t type,
                             uint32_t flags,
@@ -4623,4 +4983,16 @@ void smb2cli_tcon_set_values(struct smbXcli_tcon *tcon,
        tcon->smb2.flags = flags;
        tcon->smb2.capabilities = capabilities;
        tcon->smb2.maximal_access = maximal_access;
+
+       tcon->smb2.should_encrypt = false;
+
+       if (session == NULL) {
+               return;
+       }
+
+       tcon->smb2.should_encrypt = session->smb2->should_encrypt;
+
+       if (flags & SMB2_SHAREFLAG_ENCRYPT_DATA) {
+               tcon->smb2.should_encrypt = true;
+       }
 }
Michael's Samba GIT