1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

smbstatus: show encrpytion state of tree connects

Show the encrpytion state of tcons in smbstatus. This is SMB3 only. CIFS
UNIX extensions encryption will be added in a later commit.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This commit is contained in:
Ralph Boehme 2015-11-09 17:26:51 +01:00
parent 83a557dfad
commit 780743d1b2
3 changed files with 30 additions and 5 deletions

View File

@ -41,6 +41,7 @@ struct connections_forall_session {
gid_t gid;
fstring machine;
fstring addr;
uint16_t cipher;
};
static int collect_sessions_fn(struct smbXsrv_session_global0 *global,
@ -62,6 +63,7 @@ static int collect_sessions_fn(struct smbXsrv_session_global0 *global,
}
fstrcpy(sess.machine, global->channels[0].remote_name);
fstrcpy(sess.addr, global->channels[0].remote_address);
sess.cipher = global->channels[0].encryption_cipher;
status = dbwrap_store(state->session_by_pid,
make_tdb_data((void*)&id, sizeof(id)),
@ -123,6 +125,8 @@ static int traverse_tcon_fn(struct smbXsrv_tcon_global0 *global,
fstrcpy(data.addr, sess.addr);
fstrcpy(data.machine, sess.machine);
data.start = nt_time_to_unix(global->creation_time);
data.encryption_flags = global->encryption_flags;
data.cipher = sess.cipher;
state->count++;

View File

@ -33,6 +33,8 @@ struct connections_data {
fstring addr;
fstring machine;
time_t start;
uint8_t encryption_flags;
uint16_t cipher;
};
/* The following definitions come from lib/conn_tdb.c */

View File

@ -303,6 +303,8 @@ static int traverse_connections(const struct connections_key *key,
TALLOC_CTX *mem_ctx = (TALLOC_CTX *)private_data;
struct server_id_buf tmp;
char *timestr = NULL;
int result = 0;
const char *encryption = "-";
if (crec->cnum == TID_FIELD_INVALID)
return 0;
@ -317,13 +319,30 @@ static int traverse_connections(const struct connections_key *key,
return -1;
}
d_printf("%-12s %-7s %-13s %-32s\n",
if (smbXsrv_is_encrypted(crec->encryption_flags)) {
switch (crec->cipher) {
case SMB2_ENCRYPTION_AES128_CCM:
encryption = "AES-128-CCM";
break;
case SMB2_ENCRYPTION_AES128_GCM:
encryption = "AES-128-GCM";
break;
default:
encryption = "???";
result = -1;
break;
}
}
d_printf("%-12s %-7s %-13s %-32s %-10s\n",
crec->servicename, server_id_str_buf(crec->pid, &tmp),
crec->machine, timestr);
crec->machine,
timestr,
encryption);
TALLOC_FREE(timestr);
return 0;
return result;
}
static int traverse_sessionid(const char *key, struct sessionid *session,
@ -585,8 +604,8 @@ int main(int argc, const char *argv[])
goto done;
}
d_printf("\n%-12s %-7s %-13s %-32s\n", "Service", "pid", "machine", "Connected at");
d_printf("-------------------------------------------------------------\n");
d_printf("\n%-12s %-7s %-13s %-32s %-10s\n", "Service", "pid", "Machine", "Connected at", "Encryption");
d_printf("---------------------------------------------------------------------------------\n");
connections_forall_read(traverse_connections, frame);