From: Ralph Boehme <slow@samba.org>
Date: Fri, 18 Jul 2025 17:27:48 +0000 (+0200)
Subject: s4/libcli/smb2: pass lp_ctx to smb2_session_init() and remember debug encryption... 
X-Git-Tag: tdb-1.4.14~98
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=4824d9096c66be6eea05aa3d62ae6cfd8388bee6;p=thirdparty%2Fsamba.git

s4/libcli/smb2: pass lp_ctx to smb2_session_init() and remember debug encryption settings

Not yet used, that comes next.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
---

diff --git a/source4/libcli/smb2/connect.c b/source4/libcli/smb2/connect.c
index b1c2b56a3e0..92b3364c6c2 100644
--- a/source4/libcli/smb2/connect.c
+++ b/source4/libcli/smb2/connect.c
@@ -36,6 +36,7 @@
 struct smb2_connect_state {
 	struct tevent_context *ev;
 	struct cli_credentials *credentials;
+	struct loadparm_context *lp_ctx;
 	bool fallback_to_anonymous;
 	uint64_t previous_session_id;
 	struct resolve_context *resolve_ctx;
@@ -86,6 +87,7 @@ struct tevent_req *smb2_connect_send(TALLOC_CTX *mem_ctx,
 
 	state->ev = ev;
 	state->credentials = credentials;
+	state->lp_ctx = lp_ctx;
 	state->fallback_to_anonymous = fallback_to_anonymous;
 	state->previous_session_id = previous_session_id;
 	state->options = *options;
@@ -214,7 +216,10 @@ static void smb2_connect_session_start(struct tevent_req *req)
 	struct smb2_transport *transport = state->transport;
 	struct tevent_req *subreq = NULL;
 
-	state->session = smb2_session_init(transport, state->gensec_settings, state);
+	state->session = smb2_session_init(transport,
+					   state->lp_ctx,
+					   state->gensec_settings,
+					   state);
 	if (tevent_req_nomem(state->session, req)) {
 		return;
 	}
diff --git a/source4/libcli/smb2/session.c b/source4/libcli/smb2/session.c
index 322a7bd6860..3b31bf0b5d1 100644
--- a/source4/libcli/smb2/session.c
+++ b/source4/libcli/smb2/session.c
@@ -29,11 +29,13 @@
 #include "auth/gensec/gensec.h"
 #include "auth/credentials/credentials.h"
 #include "../libcli/smb/smbXcli_base.h"
+#include "lib/param/param.h"
 
 /**
   initialise a smb2_session structure
  */
 struct smb2_session *smb2_session_init(struct smb2_transport *transport,
+				       struct loadparm_context *lp_ctx,
 				       struct gensec_settings *settings,
 				       TALLOC_CTX *parent_ctx)
 {
@@ -45,6 +47,11 @@ struct smb2_session *smb2_session_init(struct smb2_transport *transport,
 		return NULL;
 	}
 	session->transport = talloc_steal(session, transport);
+	session->debug_encryption = lpcfg_debug_encryption(lp_ctx);
+	session->wireshark_keyfile = lpcfg_parm_string(lp_ctx,
+						       NULL,
+						       "debug encryption",
+						       "wireshark keyfile");
 
 	session->smbXcli = smbXcli_session_create(session, transport->conn);
 	if (session->smbXcli == NULL) {
diff --git a/source4/libcli/smb2/smb2.h b/source4/libcli/smb2/smb2.h
index 1e2f1859fb4..987b1f6bfcb 100644
--- a/source4/libcli/smb2/smb2.h
+++ b/source4/libcli/smb2/smb2.h
@@ -129,6 +129,8 @@ struct smb2_session {
 	struct smbXcli_session *smbXcli;
 	bool needs_bind;
 	bool anonymous_session_key;
+	bool debug_encryption;
+	const char *wireshark_keyfile;
 	DATA_BLOB forced_session_key;
 };
 
diff --git a/source4/torture/smb2/bench.c b/source4/torture/smb2/bench.c
index e16409bae18..48c7aabea4f 100644
--- a/source4/torture/smb2/bench.c
+++ b/source4/torture/smb2/bench.c
@@ -1475,6 +1475,7 @@ static void test_smb2_bench_session_setup_loop_do_setup(
 	struct test_smb2_bench_session_setup_shared_state *state = loop->state;
 
 	loop->session = smb2_session_init(loop->conn->transport,
+					  state->tctx->lp_ctx,
 					  state->gensec_settings,
 					  loop->conn->transport);
 	torture_assert_goto(state->tctx, loop->session != NULL,
diff --git a/source4/torture/smb2/secleak.c b/source4/torture/smb2/secleak.c
index ca709ed2f0f..10d4548d107 100644
--- a/source4/torture/smb2/secleak.c
+++ b/source4/torture/smb2/secleak.c
@@ -43,6 +43,7 @@ static bool try_failed_login(struct torture_context *tctx, struct smb2_tree *tre
 	bool result = true;
 
 	session = smb2_session_init(tree->session->transport,
+				    tctx->lp_ctx,
 				    lpcfg_gensec_settings(tctx, tctx->lp_ctx),
 				    tctx);
 	torture_assert(tctx, session, "Session initialization failed");
diff --git a/source4/torture/smb2/session.c b/source4/torture/smb2/session.c
index f8f4eac511f..9e80fb554c5 100644
--- a/source4/torture/smb2/session.c
+++ b/source4/torture/smb2/session.c
@@ -2451,6 +2451,7 @@ static bool test_session_bind_auth_mismatch(struct torture_context *tctx,
 	 * are mapped to guest.
 	 */
 	session3_1 = smb2_session_init(transport1,
+				       tctx->lp_ctx,
 				       lpcfg_gensec_settings(tctx, tctx->lp_ctx),
 				       tctx);
 	torture_assert(tctx, session3_1 != NULL, "smb2_session_channel failed");
@@ -2805,6 +2806,7 @@ static bool test_session_bind_negative_smbXtoX(struct torture_context *tctx,
 	 * session keys.
 	 */
 	session1_2 = smb2_session_init(transport2,
+				       tctx->lp_ctx,
 				       lpcfg_gensec_settings(tctx, tctx->lp_ctx),
 				       tree2_0);
 	torture_assert(tctx, session1_2 != NULL, "smb2_session_channel failed");
@@ -5772,6 +5774,7 @@ static bool test_session_anon_encryption2(struct torture_context *tctx,
 	torture_assert(tctx, ok, "smbXcli_session_is_authenticated(user)");
 
 	anon_session = smb2_session_init(transport,
+					 tctx->lp_ctx,
 					 lpcfg_gensec_settings(tctx, tctx->lp_ctx),
 					 tctx);
 	torture_assert(tctx, anon_session != NULL, "smb2_session_init(anon)");
@@ -5919,6 +5922,7 @@ static bool test_session_anon_encryption3(struct torture_context *tctx,
 	torture_assert(tctx, ok, "smbXcli_session_is_authenticated(user)");
 
 	anon_session = smb2_session_init(transport,
+					 tctx->lp_ctx,
 					 lpcfg_gensec_settings(tctx, tctx->lp_ctx),
 					 tctx);
 	torture_assert(tctx, anon_session != NULL, "smb2_session_init(anon)");
@@ -6153,6 +6157,7 @@ static bool test_session_anon_signing2(struct torture_context *tctx,
 	 */
 	session_id = smb2cli_session_current_id(anon_session->smbXcli);
 	anon_session_nosign = smb2_session_init(transport,
+						tctx->lp_ctx,
 					        lpcfg_gensec_settings(tctx, tctx->lp_ctx),
 					        tctx);
 	torture_assert(tctx, anon_session_nosign != NULL, "smb2_session_init(anon_nosign)");
diff --git a/source4/torture/smb2/util.c b/source4/torture/smb2/util.c
index 65989db0325..22b11e425b6 100644
--- a/source4/torture/smb2/util.c
+++ b/source4/torture/smb2/util.c
@@ -364,6 +364,7 @@ bool torture_smb2_session_setup(struct torture_context *tctx,
 	struct smb2_session *session;
 
 	session = smb2_session_init(transport,
+				    tctx->lp_ctx,
 				    lpcfg_gensec_settings(tctx, tctx->lp_ctx),
 				    mem_ctx);