Patch for SMB Message Signing
Date: Fri, 18 Dec 2015 07:32:22 -0800
Please find attached a proposed patch for the SMB protocol support.
The attached patch file contains an enhancement for the SMB support in
the Curl libraries. Currently, uploading and downloading using the SMB
protocol fails when used against windows domain controllers, as these
machines require signing of the messages by default.
I've added a function to the smb.c file to create the Message
Authentication Codes (MAC), and sign the messages with them. I've also
added logic to the connection_state function to recognise when the
server requires the messages to be signed. In order to create the MAC
for signing, the full message needs to be hashed; therefore there are
some changes to the logic of smb_send_write to allow for the parameters
of the message, and the data from the uploading file to be joined at
Also added is a function to check the signatures of messages received
from the server.
Hopefully you can consider this patch for inclusion into the Curl
libraries. If you have any questions about this functionality, let me
know and I can go into more detail on the changes I've made.
Considering Office 365? Barracuda security and storage solutions can help. Learn more about Barracuda solutions for Office 365 at http://barracuda.com/office365.
This e-mail and any attachments to it contain confidential and proprietary material of Barracuda, its affiliates or agents, and is solely for the use of the intended recipient. Any review, use, disclosure, distribution or copying of this transmittal is prohibited except by or on behalf of the intended recipient. If you have received this transmittal in error, please notify the sender and destroy this e-mail and any attachments and all copies, whether electronic or printed.
- text/x-patch attachment: 0001-SMB-Implemented-MAC-signing-of-SMB-messages.patch