From f0f8de9d4a4e05445e427f00bb10eb34e1110a97 Mon Sep 17 00:00:00 2001
From: Isaac Boukris <iboukris@gmail.com>
Date: Thu, 20 Aug 2020 12:09:05 +0200
Subject: [PATCH] Add smb2cli_session_get_encryption_cipher()

When 'session->smb2->should_encrypt' is true, the client MUST encrypt
all transport messages (see also MS-SMB2 3.2.4.1.8).

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
---
 libcli/smb/smbXcli_base.c | 13 +++++++++++++
 libcli/smb/smbXcli_base.h |  1 +
 2 files changed, 14 insertions(+)

diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index 96726458676..3e020faca3c 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -6436,6 +6436,19 @@ NTSTATUS smb2cli_session_encryption_on(struct smbXcli_session *session)
 	return NT_STATUS_OK;
 }
 
+uint16_t smb2cli_session_get_encryption_cipher(struct smbXcli_session *session)
+{
+	if (session->conn->protocol < PROTOCOL_SMB2_24) {
+		return 0;
+	}
+
+	if (!session->smb2->should_encrypt) {
+		return 0;
+	}
+
+	return session->conn->smb2.server.cipher;
+}
+
 struct smbXcli_tcon *smbXcli_tcon_create(TALLOC_CTX *mem_ctx)
 {
 	struct smbXcli_tcon *tcon;
diff --git a/libcli/smb/smbXcli_base.h b/libcli/smb/smbXcli_base.h
index 2afc7165cd9..db5f5d58799 100644
--- a/libcli/smb/smbXcli_base.h
+++ b/libcli/smb/smbXcli_base.h
@@ -518,6 +518,7 @@ NTSTATUS smb2cli_session_set_channel_key(struct smbXcli_session *session,
 					 const DATA_BLOB channel_key,
 					 const struct iovec *recv_iov);
 NTSTATUS smb2cli_session_encryption_on(struct smbXcli_session *session);
+uint16_t smb2cli_session_get_encryption_cipher(struct smbXcli_session *session);
 
 struct smbXcli_tcon *smbXcli_tcon_create(TALLOC_CTX *mem_ctx);
 struct smbXcli_tcon *smbXcli_tcon_copy(TALLOC_CTX *mem_ctx,
-- 
2.47.3