mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
smbstatus: show encrpytion state of tree connects
Show the encrpytion state of tcons in smbstatus. This is SMB3 only. CIFS UNIX extensions encryption will be added in a later commit. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
This commit is contained in:
parent
83a557dfad
commit
780743d1b2
@ -41,6 +41,7 @@ struct connections_forall_session {
|
||||
gid_t gid;
|
||||
fstring machine;
|
||||
fstring addr;
|
||||
uint16_t cipher;
|
||||
};
|
||||
|
||||
static int collect_sessions_fn(struct smbXsrv_session_global0 *global,
|
||||
@ -62,6 +63,7 @@ static int collect_sessions_fn(struct smbXsrv_session_global0 *global,
|
||||
}
|
||||
fstrcpy(sess.machine, global->channels[0].remote_name);
|
||||
fstrcpy(sess.addr, global->channels[0].remote_address);
|
||||
sess.cipher = global->channels[0].encryption_cipher;
|
||||
|
||||
status = dbwrap_store(state->session_by_pid,
|
||||
make_tdb_data((void*)&id, sizeof(id)),
|
||||
@ -123,6 +125,8 @@ static int traverse_tcon_fn(struct smbXsrv_tcon_global0 *global,
|
||||
fstrcpy(data.addr, sess.addr);
|
||||
fstrcpy(data.machine, sess.machine);
|
||||
data.start = nt_time_to_unix(global->creation_time);
|
||||
data.encryption_flags = global->encryption_flags;
|
||||
data.cipher = sess.cipher;
|
||||
|
||||
state->count++;
|
||||
|
||||
|
@ -33,6 +33,8 @@ struct connections_data {
|
||||
fstring addr;
|
||||
fstring machine;
|
||||
time_t start;
|
||||
uint8_t encryption_flags;
|
||||
uint16_t cipher;
|
||||
};
|
||||
|
||||
/* The following definitions come from lib/conn_tdb.c */
|
||||
|
@ -303,6 +303,8 @@ static int traverse_connections(const struct connections_key *key,
|
||||
TALLOC_CTX *mem_ctx = (TALLOC_CTX *)private_data;
|
||||
struct server_id_buf tmp;
|
||||
char *timestr = NULL;
|
||||
int result = 0;
|
||||
const char *encryption = "-";
|
||||
|
||||
if (crec->cnum == TID_FIELD_INVALID)
|
||||
return 0;
|
||||
@ -317,13 +319,30 @@ static int traverse_connections(const struct connections_key *key,
|
||||
return -1;
|
||||
}
|
||||
|
||||
d_printf("%-12s %-7s %-13s %-32s\n",
|
||||
if (smbXsrv_is_encrypted(crec->encryption_flags)) {
|
||||
switch (crec->cipher) {
|
||||
case SMB2_ENCRYPTION_AES128_CCM:
|
||||
encryption = "AES-128-CCM";
|
||||
break;
|
||||
case SMB2_ENCRYPTION_AES128_GCM:
|
||||
encryption = "AES-128-GCM";
|
||||
break;
|
||||
default:
|
||||
encryption = "???";
|
||||
result = -1;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
d_printf("%-12s %-7s %-13s %-32s %-10s\n",
|
||||
crec->servicename, server_id_str_buf(crec->pid, &tmp),
|
||||
crec->machine, timestr);
|
||||
crec->machine,
|
||||
timestr,
|
||||
encryption);
|
||||
|
||||
TALLOC_FREE(timestr);
|
||||
|
||||
return 0;
|
||||
return result;
|
||||
}
|
||||
|
||||
static int traverse_sessionid(const char *key, struct sessionid *session,
|
||||
@ -585,8 +604,8 @@ int main(int argc, const char *argv[])
|
||||
goto done;
|
||||
}
|
||||
|
||||
d_printf("\n%-12s %-7s %-13s %-32s\n", "Service", "pid", "machine", "Connected at");
|
||||
d_printf("-------------------------------------------------------------\n");
|
||||
d_printf("\n%-12s %-7s %-13s %-32s %-10s\n", "Service", "pid", "Machine", "Connected at", "Encryption");
|
||||
d_printf("---------------------------------------------------------------------------------\n");
|
||||
|
||||
connections_forall_read(traverse_connections, frame);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user