mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
0732499f23
Add debug option to dump in the log the session id & keys in smbd and libsmb-based code for offline decryption. Wireshark can make use of this to decrypt encrypted traffic. Signed-off-by: Aurelien Aptel <aaptel@suse.com> Reviewed-by: Noel Power <npower@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org>
23 lines
853 B
XML
23 lines
853 B
XML
<samba:parameter name="debug encryption"
|
|
context="G"
|
|
type="boolean"
|
|
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
|
<description>
|
|
<para>
|
|
This option will make the smbd server and client code using
|
|
libsmb (smbclient, smbget, smbspool, ...) dump the Session Id,
|
|
the decrypted Session Key, the Signing Key, the Application Key,
|
|
the Encryption Key and the Decryption Key every time an SMB3+
|
|
session is established. This information will be printed in logs
|
|
at level 0.
|
|
</para>
|
|
<para>
|
|
Warning: access to these values enables the decryption of any
|
|
encrypted traffic on the dumped sessions. This option should
|
|
only be enabled for debugging purposes.
|
|
</para>
|
|
</description>
|
|
|
|
<value type="default">no</value>
|
|
</samba:parameter>
|