libsmb: Add "smb_encryption_over_quic" to smb311_capabilities

Put here from the "client smb encryption over quic" settings

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

diff --git a/libcli/smb/smb2_negotiate_context.h b/libcli/smb/smb2_negotiate_context.h
index 645fb64a37706a25d38d27a2719aec78bfb1de08..7c061e4457b20917d7e116dbb475c26f52be9078 100644 (file)
--- a/libcli/smb/smb2_negotiate_context.h
+++ b/libcli/smb/smb2_negotiate_context.h
@@ -71,14 +71,17 @@ struct smb3_encryption_capabilities {
 struct smb311_capabilities {
        struct smb3_signing_capabilities signing;
        struct smb3_encryption_capabilities encryption;
+       bool smb_encryption_over_quic;
 };
 
 const char *smb3_signing_algorithm_name(uint16_t algo);
 const char *smb3_encryption_algorithm_name(uint16_t algo);
 
-struct smb311_capabilities smb311_capabilities_parse(const char *role,
-                               const char * const *signing_algos,
-                               const char * const *encryption_algos);
+struct smb311_capabilities smb311_capabilities_parse(
+       const char *role,
+       const char *const *signing_algos,
+       const char *const *encryption_algos,
+       bool smb_encryption_over_quic);
 
 NTSTATUS smb311_capabilities_check(const struct smb311_capabilities *c,
                                   const char *debug_prefix,

diff --git a/libcli/smb/util.c b/libcli/smb/util.c
index c42b21a6fb9f0d1c1589b1213a363382c372728d..5e84e0c15c7e478cb9dcd3e99acfd03d527fb5d3 100644 (file)
--- a/libcli/smb/util.c
+++ b/libcli/smb/util.c
@@ -542,9 +542,11 @@ static int32_t parse_enum_val(const struct enum_list *e,
        return ret;
 }
 
-struct smb311_capabilities smb311_capabilities_parse(const char *role,
-                               const char * const *signing_algos,
-                               const char * const *encryption_algos)
+struct smb311_capabilities smb311_capabilities_parse(
+       const char *role,
+       const char *const *signing_algos,
+       const char *const *encryption_algos,
+       bool smb_encryption_over_quic)
 {
        struct smb311_capabilities c = {
                .signing = {
@@ -553,6 +555,7 @@ struct smb311_capabilities smb311_capabilities_parse(const char *role,
                .encryption = {
                        .num_algos = 0,
                },
+               .smb_encryption_over_quic = smb_encryption_over_quic,
        };
        char sign_param[64] = { 0, };
        char enc_param[64] = { 0, };

diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index 49cef9f8a49462db4ed4d9f5d1762e738e2dc1d9..40da6d227e5071207bdeff8d4464dc74b901cc21 100644 (file)
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -78,9 +78,11 @@ struct cli_state *cli_state_create(TALLOC_CTX *mem_ctx,
        uint32_t smb1_capabilities = 0;
        uint32_t smb2_capabilities = 0;
        struct smb311_capabilities smb3_capabilities =
-               smb311_capabilities_parse("client",
+               smb311_capabilities_parse(
+                       "client",
                        lp_client_smb3_signing_algorithms(),
-                       lp_client_smb3_encryption_algorithms());
+                       lp_client_smb3_encryption_algorithms(),
+                       lp_client_smb_encryption_over_quic());
        struct GUID client_guid;
 
        if (!GUID_all_zero(&cli_state_client_guid)) {

diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c
index 7adf3ec13791aa3051aaa1616c02cfa4148246ba..d8faec16d8ce7923222c06a3582118da43c06762 100644 (file)
--- a/source3/smbd/smb2_negprot.c
+++ b/source3/smbd/smb2_negprot.c
@@ -220,9 +220,11 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
        struct smb2_negotiate_context *in_transport_caps = NULL;
        struct smb2_negotiate_contexts out_c = { .num_contexts = 0, };
        const struct smb311_capabilities default_smb3_capabilities =
-               smb311_capabilities_parse("server",
+               smb311_capabilities_parse(
+                       "server",
                        lp_server_smb3_signing_algorithms(),
-                       lp_server_smb3_encryption_algorithms());
+                       lp_server_smb3_encryption_algorithms(),
+                       true);
        DATA_BLOB out_negotiate_context_blob = data_blob_null;
        uint32_t out_negotiate_context_offset = 0;
        uint16_t out_negotiate_context_count = 0;

diff --git a/source4/param/loadparm.c b/source4/param/loadparm.c
index ad1da183f88ebc6af88f4d63f29b1f172b3ba778..fc02a2f4714a332a791ee21049fee7665c0eedc7 100644 (file)
--- a/source4/param/loadparm.c
+++ b/source4/param/loadparm.c
@@ -61,9 +61,11 @@ void lpcfg_smbcli_options(struct loadparm_context *lp_ctx,
                .max_credits = WINDOWS_CLIENT_PURE_SMB2_NEGPROT_INITIAL_CREDIT_ASK,
                .transports = smb_transports_parse("client smb transports",
                        lpcfg_client_smb_transports(lp_ctx)),
-               .smb3_capabilities = smb311_capabilities_parse("client",
+               .smb3_capabilities = smb311_capabilities_parse(
+                       "client",
                        lpcfg_client_smb3_signing_algorithms(lp_ctx),
-                       lpcfg_client_smb3_encryption_algorithms(lp_ctx)),
+                       lpcfg_client_smb3_encryption_algorithms(lp_ctx),
+                       lpcfg_client_smb_encryption_over_quic(lp_ctx)),
        };
 }