diff options
author | tjr <tjr@FreeBSD.org> | 2004-01-02 22:38:42 +0000 |
---|---|---|
committer | tjr <tjr@FreeBSD.org> | 2004-01-02 22:38:42 +0000 |
commit | 622d03664527d3d3fe721e79f2dd24ecc197b6be (patch) | |
tree | 29bfe46dba0ee266c5a94f793d668ed1a19215ab /sys/netsmb/smb_subr.h | |
parent | 48774c9608c496e940be2db40ae36281f17e0e3d (diff) | |
download | FreeBSD-src-622d03664527d3d3fe721e79f2dd24ecc197b6be.zip FreeBSD-src-622d03664527d3d3fe721e79f2dd24ecc197b6be.tar.gz |
Add support for SMB request signing, which prevents "man in the middle"
attacks and is required to connect to Windows 2003 servers in their
default configuration. This adds an extra field to the SMB header
containing the truncated 64-bit MD5 digest of a key (a function of the
user's password and the server's authentication challenge), an implicit
sequence number, and the message data itself. As signing each message
imposes a significant performance penalty, we only enable it if the
server will not let us connect without it; this should eventually become
an option to mount_smbfs.
Diffstat (limited to 'sys/netsmb/smb_subr.h')
-rw-r--r-- | sys/netsmb/smb_subr.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/sys/netsmb/smb_subr.h b/sys/netsmb/smb_subr.h index 276190f..62c084a 100644 --- a/sys/netsmb/smb_subr.h +++ b/sys/netsmb/smb_subr.h @@ -114,6 +114,7 @@ void smb_strfree(char *s); void smb_memfree(void *s); void *smb_zmalloc(unsigned long size, struct malloc_type *type, int flags); +int smb_calcmackey(struct smb_vc *vcp); int smb_encrypt(const u_char *apwd, u_char *C8, u_char *RN); int smb_ntencrypt(const u_char *apwd, u_char *C8, u_char *RN); int smb_maperror(int eclass, int eno); @@ -123,5 +124,7 @@ int smb_put_dstring(struct mbchain *mbp, struct smb_vc *vcp, const char *src, int caseopt); int smb_put_string(struct smb_rq *rqp, const char *src); int smb_put_asunistring(struct smb_rq *rqp, const char *src); +int smb_rq_sign(struct smb_rq *rqp); +int smb_rq_verify(struct smb_rq *rqp); #endif /* !_NETSMB_SMB_SUBR_H_ */ |