diff options
| author | Andreas Schneider <asn@samba.org> | 2020-05-28 18:11:31 +0200 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2020-08-19 16:22:42 +0000 |
| commit | 6f552204d4614ad97310fb4ab81a06d21d4b9af7 (patch) | |
| tree | bd697feb90d36fd51d2919287cb0cc40723f1684 | |
| parent | 62a4705dbcff71b7885db18a0005b29ecf8a2c03 (diff) | |
| download | samba-6f552204d4614ad97310fb4ab81a06d21d4b9af7.tar.gz | |
s3:client: Turn off smb signing for message op
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
| -rw-r--r-- | python/samba/gpclass.py | 2 | ||||
| -rw-r--r-- | python/samba/netcmd/domain_backup.py | 2 | ||||
| -rw-r--r-- | python/samba/netcmd/gpo.py | 2 | ||||
| -rw-r--r-- | python/samba/tests/dcerpc/raw_testcase.py | 2 | ||||
| -rw-r--r-- | source3/client/client.c | 5 | ||||
| -rw-r--r-- | source3/libsmb/pylibsmb.c | 20 |
6 files changed, 17 insertions, 16 deletions
diff --git a/python/samba/gpclass.py b/python/samba/gpclass.py index a807a44e84e..7f64e75d40b 100644 --- a/python/samba/gpclass.py +++ b/python/samba/gpclass.py @@ -399,7 +399,7 @@ def check_refresh_gpo_list(dc_hostname, lp, creds, gpos): # Force signing for the connection saved_signing_state = creds.get_smb_signing() creds.set_smb_signing(SMB_SIGNING_REQUIRED) - conn = libsmb.Conn(dc_hostname, 'sysvol', lp=s3_lp, creds=creds, sign=True) + conn = libsmb.Conn(dc_hostname, 'sysvol', lp=s3_lp, creds=creds) # Reset signing state creds.set_smb_signing(saved_signing_state) cache_path = lp.cache_path('gpo_cache') diff --git a/python/samba/netcmd/domain_backup.py b/python/samba/netcmd/domain_backup.py index a9e0ba5bc67..2977b071ec3 100644 --- a/python/samba/netcmd/domain_backup.py +++ b/python/samba/netcmd/domain_backup.py @@ -120,7 +120,7 @@ def smb_sysvol_conn(server, lp, creds): # Force signing for the connection saved_signing_state = creds.get_smb_signing() creds.set_smb_signing(SMB_SIGNING_REQUIRED) - conn = libsmb.Conn(server, "sysvol", lp=s3_lp, creds=creds, sign=True) + conn = libsmb.Conn(server, "sysvol", lp=s3_lp, creds=creds) # Reset signing state creds.set_smb_signing(saved_signing_state) return conn diff --git a/python/samba/netcmd/gpo.py b/python/samba/netcmd/gpo.py index 0f2f6520fc3..bbaa0c17881 100644 --- a/python/samba/netcmd/gpo.py +++ b/python/samba/netcmd/gpo.py @@ -392,7 +392,7 @@ def smb_connection(dc_hostname, service, lp, creds): # the SMB bindings rely on having a s3 loadparm s3_lp = s3param.get_context() s3_lp.load(lp.configfile) - conn = libsmb.Conn(dc_hostname, service, lp=s3_lp, creds=creds, sign=True) + conn = libsmb.Conn(dc_hostname, service, lp=s3_lp, creds=creds) except Exception: raise CommandError("Error connecting to '%s' using SMB" % dc_hostname) # Reset signing state diff --git a/python/samba/tests/dcerpc/raw_testcase.py b/python/samba/tests/dcerpc/raw_testcase.py index 95a7d6ff60e..f1c097ebe6d 100644 --- a/python/samba/tests/dcerpc/raw_testcase.py +++ b/python/samba/tests/dcerpc/raw_testcase.py @@ -45,7 +45,7 @@ class smb_pipe_socket(object): saved_signing_state = creds.get_smb_ipc_signing() creds.set_smb_ipc_signing(SMB_SIGNING_REQUIRED) self.smbconn = libsmb.Conn(target_hostname, 'IPC$', lp3, - creds=creds, ipc=True, sign=True) + creds=creds, ipc=True) creds.set_smb_ipc_signing(saved_signing_state) self.smbfid = self.smbconn.create(pipename, DesiredAccess=0x12019f, diff --git a/source3/client/client.c b/source3/client/client.c index f65293849d0..30287ffd253 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -6228,7 +6228,10 @@ static int do_message_op(struct user_auth_info *a_info) status = cli_connect_nb(desthost, have_ip ? &dest_ss : NULL, port ? port : NBT_SMB_PORT, name_type, - lp_netbios_name(), SMB_SIGNING_DEFAULT, 0, &cli); + lp_netbios_name(), + SMB_SIGNING_OFF, + 0, + &cli); if (!NT_STATUS_IS_OK(status)) { d_printf("Connection to %s failed. Error %s\n", desthost, nt_errstr(status)); return 1; diff --git a/source3/libsmb/pylibsmb.c b/source3/libsmb/pylibsmb.c index 3579a040830..f8a4d56cf53 100644 --- a/source3/libsmb/pylibsmb.c +++ b/source3/libsmb/pylibsmb.c @@ -440,9 +440,7 @@ static int py_cli_state_init(struct py_cli_state *self, PyObject *args, PyObject *py_lp = Py_None; PyObject *py_multi_threaded = Py_False; bool multi_threaded = false; - PyObject *py_sign = Py_False; - bool sign = false; - int signing_state = SMB_SIGNING_DEFAULT; + enum smb_signing_setting signing_state = SMB_SIGNING_DEFAULT; PyObject *py_force_smb1 = Py_False; bool force_smb1 = false; PyObject *py_ipc = Py_False; @@ -453,7 +451,7 @@ static int py_cli_state_init(struct py_cli_state *self, PyObject *args, static const char *kwlist[] = { "host", "share", "lp", "creds", - "multi_threaded", "sign", "force_smb1", + "multi_threaded", "force_smb1", "ipc", NULL }; @@ -465,11 +463,10 @@ static int py_cli_state_init(struct py_cli_state *self, PyObject *args, } ret = ParseTupleAndKeywords( - args, kwds, "ssO|O!OOOO", kwlist, + args, kwds, "ssO|O!OOO", kwlist, &host, &share, &py_lp, py_type_Credentials, &creds, &py_multi_threaded, - &py_sign, &py_force_smb1, &py_ipc); @@ -480,13 +477,8 @@ static int py_cli_state_init(struct py_cli_state *self, PyObject *args, } multi_threaded = PyObject_IsTrue(py_multi_threaded); - sign = PyObject_IsTrue(py_sign); force_smb1 = PyObject_IsTrue(py_force_smb1); - if (sign) { - signing_state = SMB_SIGNING_REQUIRED; - } - if (force_smb1) { /* * As most of the cli_*_send() function @@ -532,6 +524,12 @@ static int py_cli_state_init(struct py_cli_state *self, PyObject *args, cli_creds = PyCredentials_AsCliCredentials(creds); } + if (use_ipc) { + signing_state = cli_credentials_get_smb_ipc_signing(cli_creds); + } else { + signing_state = cli_credentials_get_smb_signing(cli_creds); + } + req = cli_full_connection_creds_send( NULL, self->ev, "myname", host, NULL, 0, share, "?????", cli_creds, flags, signing_state); |