2009-05-15 11:20:34 +02:00
/*
Unix SMB / CIFS implementation .
Core SMB2 server
Copyright ( C ) Stefan Metzmacher 2009
2010-05-17 13:05:22 -07:00
Copyright ( C ) Jeremy Allison 2010
2009-05-15 11:20:34 +02:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 3 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program . If not , see < http : //www.gnu.org/licenses/>.
*/
# include "includes.h"
2011-03-22 16:57:01 +01:00
# include "smbd/smbd.h"
2009-05-15 11:20:34 +02:00
# include "smbd/globals.h"
2009-08-12 17:52:55 +02:00
# include "../libcli/smb/smb_common.h"
2011-07-26 15:11:47 +10:00
# include "../auth/gensec/gensec.h"
2011-03-24 13:46:20 +01:00
# include "auth.h"
2011-06-16 16:03:03 +02:00
# include "../lib/tsocket/tsocket.h"
2011-07-19 11:57:05 +10:00
# include "../libcli/security/security.h"
2012-05-12 10:16:41 +02:00
# include "../lib/util/tevent_ntstatus.h"
2009-05-15 11:20:34 +02:00
2019-06-26 16:41:05 +12:00
# include "lib/crypto/gnutls_helpers.h"
2018-10-22 17:48:43 +02:00
# include <gnutls/gnutls.h>
# include <gnutls/crypto.h>
2018-03-21 12:01:05 -07:00
# undef DBGC_CLASS
# define DBGC_CLASS DBGC_SMB2
2015-05-02 16:21:25 +02:00
static struct tevent_req * smbd_smb2_session_setup_wrap_send ( TALLOC_CTX * mem_ctx ,
2012-05-12 10:16:41 +02:00
struct tevent_context * ev ,
struct smbd_smb2_request * smb2req ,
uint64_t in_session_id ,
uint8_t in_flags ,
uint8_t in_security_mode ,
uint64_t in_previous_session_id ,
DATA_BLOB in_security_buffer ) ;
2015-05-02 16:21:25 +02:00
static NTSTATUS smbd_smb2_session_setup_wrap_recv ( struct tevent_req * req ,
2012-05-12 10:16:41 +02:00
uint16_t * out_session_flags ,
TALLOC_CTX * mem_ctx ,
DATA_BLOB * out_security_buffer ,
uint64_t * out_session_id ) ;
2012-05-12 10:20:55 +02:00
static void smbd_smb2_request_sesssetup_done ( struct tevent_req * subreq ) ;
2010-05-17 13:05:22 -07:00
NTSTATUS smbd_smb2_request_process_sesssetup ( struct smbd_smb2_request * smb2req )
2009-05-15 11:20:34 +02:00
{
const uint8_t * inhdr ;
const uint8_t * inbody ;
uint64_t in_session_id ;
2012-05-12 09:48:19 +02:00
uint8_t in_flags ;
2009-05-22 22:58:39 +02:00
uint8_t in_security_mode ;
2012-04-18 15:00:06 +02:00
uint64_t in_previous_session_id ;
2009-05-15 11:20:34 +02:00
uint16_t in_security_offset ;
uint16_t in_security_length ;
DATA_BLOB in_security_buffer ;
NTSTATUS status ;
2012-05-12 10:20:55 +02:00
struct tevent_req * subreq ;
2009-05-15 11:20:34 +02:00
2011-09-06 14:01:43 +02:00
status = smbd_smb2_request_verify_sizes ( smb2req , 0x19 ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return smbd_smb2_request_error ( smb2req , status ) ;
2009-05-15 11:20:34 +02:00
}
2012-08-05 15:00:23 +02:00
inhdr = SMBD_SMB2_IN_HDR_PTR ( smb2req ) ;
inbody = SMBD_SMB2_IN_BODY_PTR ( smb2req ) ;
2009-05-15 11:20:34 +02:00
2012-04-18 15:00:06 +02:00
in_session_id = BVAL ( inhdr , SMB2_HDR_SESSION_ID ) ;
2012-05-12 09:48:19 +02:00
in_flags = CVAL ( inbody , 0x02 ) ;
2012-04-18 15:00:06 +02:00
in_security_mode = CVAL ( inbody , 0x03 ) ;
/* Capabilities = IVAL(inbody, 0x04) */
/* Channel = IVAL(inbody, 0x08) */
2009-05-15 11:20:34 +02:00
in_security_offset = SVAL ( inbody , 0x0C ) ;
in_security_length = SVAL ( inbody , 0x0E ) ;
2012-04-18 15:00:06 +02:00
in_previous_session_id = BVAL ( inbody , 0x10 ) ;
2009-05-15 11:20:34 +02:00
2012-08-05 15:00:23 +02:00
if ( in_security_offset ! = ( SMB2_HDR_BODY + SMBD_SMB2_IN_BODY_LEN ( smb2req ) ) ) {
2010-05-17 13:05:22 -07:00
return smbd_smb2_request_error ( smb2req , NT_STATUS_INVALID_PARAMETER ) ;
2009-05-15 11:20:34 +02:00
}
2012-08-05 15:00:23 +02:00
if ( in_security_length > SMBD_SMB2_IN_DYN_LEN ( smb2req ) ) {
2010-05-17 13:05:22 -07:00
return smbd_smb2_request_error ( smb2req , NT_STATUS_INVALID_PARAMETER ) ;
2009-05-15 11:20:34 +02:00
}
2012-08-05 15:00:23 +02:00
in_security_buffer . data = SMBD_SMB2_IN_DYN_PTR ( smb2req ) ;
2009-05-15 11:20:34 +02:00
in_security_buffer . length = in_security_length ;
2015-05-02 16:21:25 +02:00
subreq = smbd_smb2_session_setup_wrap_send ( smb2req ,
2018-12-27 15:18:55 +01:00
smb2req - > sconn - > ev_ctx ,
2015-05-02 16:21:25 +02:00
smb2req ,
in_session_id ,
in_flags ,
in_security_mode ,
in_previous_session_id ,
in_security_buffer ) ;
2012-05-12 10:20:55 +02:00
if ( subreq = = NULL ) {
return smbd_smb2_request_error ( smb2req , NT_STATUS_NO_MEMORY ) ;
}
tevent_req_set_callback ( subreq , smbd_smb2_request_sesssetup_done , smb2req ) ;
2019-01-24 09:10:11 +01:00
/*
* Avoid sending a STATUS_PENDING message , which
* matches a Windows Server and avoids problems with
* MacOS clients .
*
* Even after 90 seconds a Windows Server doesn ' t return
* STATUS_PENDING if using NTLMSSP against a non reachable
* trusted domain .
*/
return smbd_smb2_request_pending_queue ( smb2req , subreq , 0 ) ;
2012-05-12 10:20:55 +02:00
}
static void smbd_smb2_request_sesssetup_done ( struct tevent_req * subreq )
{
struct smbd_smb2_request * smb2req =
tevent_req_callback_data ( subreq ,
struct smbd_smb2_request ) ;
uint8_t * outhdr ;
DATA_BLOB outbody ;
DATA_BLOB outdyn ;
2013-12-10 17:49:44 +01:00
uint16_t out_session_flags = 0 ;
uint64_t out_session_id = 0 ;
2012-05-12 10:20:55 +02:00
uint16_t out_security_offset ;
DATA_BLOB out_security_buffer = data_blob_null ;
NTSTATUS status ;
NTSTATUS error ; /* transport error */
2015-05-02 16:21:25 +02:00
status = smbd_smb2_session_setup_wrap_recv ( subreq ,
& out_session_flags ,
smb2req ,
& out_security_buffer ,
& out_session_id ) ;
2012-05-12 10:20:55 +02:00
TALLOC_FREE ( subreq ) ;
2009-05-15 11:20:34 +02:00
if ( ! NT_STATUS_IS_OK ( status ) & &
! NT_STATUS_EQUAL ( status , NT_STATUS_MORE_PROCESSING_REQUIRED ) ) {
status = nt_status_squash ( status ) ;
2012-05-12 10:20:55 +02:00
error = smbd_smb2_request_error ( smb2req , status ) ;
if ( ! NT_STATUS_IS_OK ( error ) ) {
2014-06-11 12:15:48 +02:00
smbd_server_connection_terminate ( smb2req - > xconn ,
2012-05-12 10:20:55 +02:00
nt_errstr ( error ) ) ;
return ;
}
return ;
2009-05-15 11:20:34 +02:00
}
out_security_offset = SMB2_HDR_BODY + 0x08 ;
2012-08-05 15:00:23 +02:00
outhdr = SMBD_SMB2_OUT_HDR_PTR ( smb2req ) ;
2009-05-15 11:20:34 +02:00
2013-12-04 14:59:07 +01:00
outbody = smbd_smb2_generate_outbody ( smb2req , 0x08 ) ;
2009-05-15 11:20:34 +02:00
if ( outbody . data = = NULL ) {
2012-05-12 10:20:55 +02:00
error = smbd_smb2_request_error ( smb2req , NT_STATUS_NO_MEMORY ) ;
if ( ! NT_STATUS_IS_OK ( error ) ) {
2014-06-11 12:15:48 +02:00
smbd_server_connection_terminate ( smb2req - > xconn ,
2012-05-12 10:20:55 +02:00
nt_errstr ( error ) ) ;
return ;
}
return ;
2009-05-15 11:20:34 +02:00
}
SBVAL ( outhdr , SMB2_HDR_SESSION_ID , out_session_id ) ;
SSVAL ( outbody . data , 0x00 , 0x08 + 1 ) ; /* struct size */
2009-05-22 22:58:39 +02:00
SSVAL ( outbody . data , 0x02 ,
out_session_flags ) ; /* session flags */
2009-05-15 11:20:34 +02:00
SSVAL ( outbody . data , 0x04 ,
out_security_offset ) ; /* security buffer offset */
SSVAL ( outbody . data , 0x06 ,
out_security_buffer . length ) ; /* security buffer length */
outdyn = out_security_buffer ;
2012-05-12 10:20:55 +02:00
error = smbd_smb2_request_done_ex ( smb2req , status , outbody , & outdyn ,
__location__ ) ;
if ( ! NT_STATUS_IS_OK ( error ) ) {
2014-06-11 12:15:48 +02:00
smbd_server_connection_terminate ( smb2req - > xconn ,
2012-05-12 10:20:55 +02:00
nt_errstr ( error ) ) ;
return ;
}
2009-05-15 11:20:34 +02:00
}
2012-03-27 11:09:05 +02:00
static NTSTATUS smbd_smb2_auth_generic_return ( struct smbXsrv_session * session ,
2015-07-29 16:48:55 +02:00
struct smbXsrv_session_auth0 * * _auth ,
2010-05-17 13:05:22 -07:00
struct smbd_smb2_request * smb2req ,
uint8_t in_security_mode ,
2012-05-17 00:30:43 +02:00
struct auth_session_info * session_info ,
2010-05-17 18:22:19 -07:00
uint16_t * out_session_flags ,
uint64_t * out_session_id )
2010-05-17 13:05:22 -07:00
{
2012-03-16 15:01:27 +01:00
NTSTATUS status ;
2011-09-21 03:56:30 +02:00
bool guest = false ;
2012-03-16 15:01:27 +01:00
uint8_t session_key [ 16 ] ;
2012-03-27 11:09:05 +02:00
struct smbXsrv_session * x = session ;
2015-07-29 16:48:55 +02:00
struct smbXsrv_session_auth0 * auth = * _auth ;
2014-06-12 10:47:51 +02:00
struct smbXsrv_connection * xconn = smb2req - > xconn ;
2015-07-29 17:42:55 +02:00
size_t i ;
2021-03-05 18:24:27 +01:00
struct smb2_signing_derivations derivations = {
. signing = NULL ,
2014-10-10 14:04:25 +02:00
} ;
2021-03-05 18:24:27 +01:00
DATA_BLOB preauth_hash = data_blob_null ;
2014-10-10 14:04:25 +02:00
2015-07-29 16:48:55 +02:00
* _auth = NULL ;
2014-10-10 14:04:25 +02:00
if ( xconn - > protocol > = PROTOCOL_SMB3_10 ) {
struct smbXsrv_preauth * preauth ;
2018-10-22 17:48:43 +02:00
gnutls_hash_hd_t hash_hnd ;
int rc ;
2014-10-10 14:04:25 +02:00
2015-07-29 16:48:55 +02:00
preauth = talloc_move ( smb2req , & auth - > preauth ) ;
2014-10-10 14:04:25 +02:00
2018-10-22 17:48:43 +02:00
rc = gnutls_hash_init ( & hash_hnd , GNUTLS_DIG_SHA512 ) ;
if ( rc < 0 ) {
2019-06-11 14:44:10 +02:00
return gnutls_error_to_ntstatus ( rc , NT_STATUS_HASH_NOT_SUPPORTED ) ;
2018-10-22 17:48:43 +02:00
}
rc = gnutls_hash ( hash_hnd ,
preauth - > sha512_value ,
sizeof ( preauth - > sha512_value ) ) ;
if ( rc < 0 ) {
gnutls_hash_deinit ( hash_hnd , NULL ) ;
return NT_STATUS_ACCESS_DENIED ;
}
2014-10-10 14:04:25 +02:00
for ( i = 1 ; i < smb2req - > in . vector_count ; i + + ) {
2018-10-22 17:48:43 +02:00
rc = gnutls_hash ( hash_hnd ,
smb2req - > in . vector [ i ] . iov_base ,
smb2req - > in . vector [ i ] . iov_len ) ;
if ( rc < 0 ) {
gnutls_hash_deinit ( hash_hnd , NULL ) ;
return NT_STATUS_ACCESS_DENIED ;
}
2014-10-10 14:04:25 +02:00
}
2018-10-22 17:48:43 +02:00
gnutls_hash_deinit ( hash_hnd , preauth - > sha512_value ) ;
2014-10-10 14:04:25 +02:00
2021-03-05 18:24:27 +01:00
preauth_hash = data_blob_const ( preauth - > sha512_value ,
2014-10-10 14:04:25 +02:00
sizeof ( preauth - > sha512_value ) ) ;
}
2011-09-21 03:56:30 +02:00
2021-03-05 18:24:27 +01:00
smb2_signing_derivations_fill_const_stack ( & derivations ,
xconn - > protocol ,
preauth_hash ) ;
2009-05-22 22:58:39 +02:00
if ( ( in_security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED ) | |
2015-07-15 10:57:03 +02:00
( xconn - > smb2 . server . security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED ) )
{
2015-11-15 10:49:38 +01:00
x - > global - > signing_flags = SMBXSRV_SIGNING_REQUIRED ;
2009-05-22 22:58:39 +02:00
}
2020-05-26 09:34:54 +02:00
if ( ( lp_server_smb_encrypt ( - 1 ) > = SMB_ENCRYPTION_DESIRED ) & &
2015-02-25 16:59:26 +01:00
( xconn - > smb2 . client . capabilities & SMB2_CAP_ENCRYPTION ) ) {
2015-11-09 17:23:29 +01:00
x - > global - > encryption_flags = SMBXSRV_ENCRYPTION_DESIRED ;
2015-02-25 16:59:26 +01:00
}
2020-05-26 09:34:54 +02:00
if ( lp_server_smb_encrypt ( - 1 ) = = SMB_ENCRYPTION_REQUIRED ) {
2015-11-09 17:23:29 +01:00
x - > global - > encryption_flags = SMBXSRV_ENCRYPTION_REQUIRED |
SMBXSRV_ENCRYPTION_DESIRED ;
2012-08-08 06:25:10 +02:00
}
2012-03-27 11:09:05 +02:00
if ( security_session_user_level ( session_info , NULL ) < SECURITY_USER ) {
2016-04-20 16:34:28 +02:00
if ( security_session_user_level ( session_info , NULL ) = = SECURITY_GUEST ) {
* out_session_flags | = SMB2_SESSION_FLAG_IS_GUEST ;
}
2009-05-22 22:58:39 +02:00
/* force no signing */
2015-11-15 10:49:38 +01:00
x - > global - > signing_flags & = ~ SMBXSRV_SIGNING_REQUIRED ;
2016-04-20 16:34:28 +02:00
/* we map anonymous to guest internally */
2011-09-21 03:56:30 +02:00
guest = true ;
2009-05-22 22:58:39 +02:00
}
2015-11-09 17:23:29 +01:00
if ( guest & & ( x - > global - > encryption_flags & SMBXSRV_ENCRYPTION_REQUIRED ) ) {
2012-08-08 06:25:10 +02:00
DEBUG ( 1 , ( " reject guest session as encryption is required \n " ) ) ;
return NT_STATUS_ACCESS_DENIED ;
}
2014-10-13 11:07:01 +02:00
if ( xconn - > smb2 . server . cipher = = 0 ) {
2015-11-09 17:23:29 +01:00
if ( x - > global - > encryption_flags & SMBXSRV_ENCRYPTION_REQUIRED ) {
2012-08-08 06:25:10 +02:00
DEBUG ( 1 , ( " reject session with dialect[0x%04X] "
" as encryption is required \n " ,
2014-06-12 10:47:51 +02:00
xconn - > smb2 . server . dialect ) ) ;
2012-08-08 06:25:10 +02:00
return NT_STATUS_ACCESS_DENIED ;
}
2015-11-13 10:35:58 +01:00
} else {
x - > global - > channels [ 0 ] . encryption_cipher = xconn - > smb2 . server . cipher ;
2012-08-08 06:25:10 +02:00
}
2015-11-09 17:23:29 +01:00
if ( x - > global - > encryption_flags & SMBXSRV_ENCRYPTION_DESIRED ) {
2012-08-08 06:25:10 +02:00
* out_session_flags | = SMB2_SESSION_FLAG_ENCRYPT_DATA ;
}
2012-03-16 15:01:27 +01:00
ZERO_STRUCT ( session_key ) ;
2012-03-27 11:09:05 +02:00
memcpy ( session_key , session_info - > session_key . data ,
MIN ( session_info - > session_key . length , sizeof ( session_key ) ) ) ;
2012-03-16 15:01:27 +01:00
2019-03-13 18:07:17 +01:00
x - > global - > signing_key = talloc_zero ( x - > global ,
struct smb2_signing_key ) ;
if ( x - > global - > signing_key = = NULL ) {
ZERO_STRUCT ( session_key ) ;
return NT_STATUS_NO_MEMORY ;
}
2019-03-13 18:56:05 +01:00
talloc_set_destructor ( x - > global - > signing_key ,
smb2_signing_key_destructor ) ;
2019-03-13 18:07:17 +01:00
x - > global - > signing_key - > blob =
x - > global - > signing_key_blob =
data_blob_talloc ( x - > global ,
session_key ,
sizeof ( session_key ) ) ;
if ( ! smb2_signing_key_valid ( x - > global - > signing_key ) ) {
2012-03-16 15:01:27 +01:00
ZERO_STRUCT ( session_key ) ;
return NT_STATUS_NO_MEMORY ;
}
2014-06-12 10:47:51 +02:00
if ( xconn - > protocol > = PROTOCOL_SMB2_24 ) {
2021-03-05 18:24:27 +01:00
const struct smb2_signing_derivation * d = derivations . signing ;
2012-03-16 15:01:27 +01:00
2019-06-11 12:03:33 +02:00
status = smb2_key_derivation ( session_key , sizeof ( session_key ) ,
d - > label . data , d - > label . length ,
d - > context . data , d - > context . length ,
2020-11-09 14:22:24 +01:00
x - > global - > signing_key - > blob . data ,
x - > global - > signing_key - > blob . length ) ;
2019-06-11 12:03:33 +02:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2012-03-16 15:01:27 +01:00
}
2014-06-12 10:47:51 +02:00
if ( xconn - > protocol > = PROTOCOL_SMB2_24 ) {
2021-03-05 18:24:27 +01:00
const struct smb2_signing_derivation * d = derivations . cipher_c2s ;
2012-08-08 09:32:22 +02:00
2019-03-14 10:10:34 +01:00
x - > global - > decryption_key =
talloc_zero ( x - > global , struct smb2_signing_key ) ;
if ( x - > global - > decryption_key = = NULL ) {
ZERO_STRUCT ( session_key ) ;
return NT_STATUS_NO_MEMORY ;
}
x - > global - > decryption_key - > blob =
x - > global - > decryption_key_blob =
data_blob_talloc ( x - > global - > decryption_key ,
session_key ,
sizeof ( session_key ) ) ;
if ( ! smb2_signing_key_valid ( x - > global - > decryption_key ) ) {
2012-08-08 09:32:22 +02:00
ZERO_STRUCT ( session_key ) ;
return NT_STATUS_NO_MEMORY ;
}
2019-03-14 10:10:34 +01:00
talloc_keep_secret ( x - > global - > decryption_key - > blob . data ) ;
2012-08-08 09:32:22 +02:00
2019-06-11 12:03:33 +02:00
status = smb2_key_derivation ( session_key , sizeof ( session_key ) ,
d - > label . data , d - > label . length ,
d - > context . data , d - > context . length ,
2020-11-09 14:22:24 +01:00
x - > global - > decryption_key - > blob . data ,
x - > global - > decryption_key - > blob . length ) ;
2019-06-11 12:03:33 +02:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2012-08-08 09:32:22 +02:00
}
2014-06-12 10:47:51 +02:00
if ( xconn - > protocol > = PROTOCOL_SMB2_24 ) {
2021-03-05 18:24:27 +01:00
const struct smb2_signing_derivation * d = derivations . cipher_s2c ;
2015-05-20 14:01:44 +02:00
size_t nonce_size ;
2012-08-08 09:32:22 +02:00
2019-03-14 10:02:27 +01:00
x - > global - > encryption_key =
talloc_zero ( x - > global , struct smb2_signing_key ) ;
if ( x - > global - > encryption_key = = NULL ) {
ZERO_STRUCT ( session_key ) ;
return NT_STATUS_NO_MEMORY ;
}
x - > global - > encryption_key - > blob =
x - > global - > encryption_key_blob =
data_blob_talloc ( x - > global - > encryption_key ,
session_key ,
sizeof ( session_key ) ) ;
if ( ! smb2_signing_key_valid ( x - > global - > encryption_key ) ) {
2012-08-08 09:32:22 +02:00
ZERO_STRUCT ( session_key ) ;
return NT_STATUS_NO_MEMORY ;
}
2019-03-14 10:02:27 +01:00
talloc_keep_secret ( x - > global - > encryption_key - > blob . data ) ;
2012-08-08 09:32:22 +02:00
2019-06-11 12:03:33 +02:00
status = smb2_key_derivation ( session_key , sizeof ( session_key ) ,
d - > label . data , d - > label . length ,
d - > context . data , d - > context . length ,
2020-11-09 14:22:24 +01:00
x - > global - > encryption_key - > blob . data ,
x - > global - > encryption_key - > blob . length ) ;
2019-06-11 12:03:33 +02:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2012-08-22 10:30:52 +02:00
2015-05-20 14:01:44 +02:00
/*
* CCM and GCM algorithms must never have their
* nonce wrap , or the security of the whole
* communication and the keys is destroyed .
* We must drop the connection once we have
* transfered too much data .
*
* NOTE : We assume nonces greater than 8 bytes .
*/
2019-07-31 15:28:34 +02:00
generate_nonce_buffer ( ( uint8_t * ) & x - > nonce_high_random ,
sizeof ( x - > nonce_high_random ) ) ;
2015-05-20 14:01:44 +02:00
switch ( xconn - > smb2 . server . cipher ) {
case SMB2_ENCRYPTION_AES128_CCM :
2019-02-26 18:11:27 +01:00
nonce_size = SMB2_AES_128_CCM_NONCE_SIZE ;
2015-05-20 14:01:44 +02:00
break ;
case SMB2_ENCRYPTION_AES128_GCM :
2019-02-26 18:11:27 +01:00
nonce_size = gnutls_cipher_get_iv_size ( GNUTLS_CIPHER_AES_128_GCM ) ;
2015-05-20 14:01:44 +02:00
break ;
default :
2015-06-16 15:50:30 -07:00
nonce_size = 0 ;
break ;
2015-05-20 14:01:44 +02:00
}
x - > nonce_high_max = SMB2_NONCE_HIGH_MAX ( nonce_size ) ;
x - > nonce_high = 0 ;
x - > nonce_low = 0 ;
2012-08-08 09:32:22 +02:00
}
2019-03-13 16:44:53 +01:00
x - > global - > application_key =
2019-03-13 18:07:17 +01:00
data_blob_dup_talloc ( x - > global , x - > global - > signing_key - > blob ) ;
2012-03-16 15:01:27 +01:00
if ( x - > global - > application_key . data = = NULL ) {
ZERO_STRUCT ( session_key ) ;
return NT_STATUS_NO_MEMORY ;
}
2019-03-13 18:07:17 +01:00
talloc_keep_secret ( x - > global - > application_key . data ) ;
2012-03-16 15:01:27 +01:00
2014-06-12 10:47:51 +02:00
if ( xconn - > protocol > = PROTOCOL_SMB2_24 ) {
2021-03-05 18:24:27 +01:00
const struct smb2_signing_derivation * d = derivations . application ;
2012-03-16 15:01:27 +01:00
2019-06-11 12:03:33 +02:00
status = smb2_key_derivation ( session_key , sizeof ( session_key ) ,
d - > label . data , d - > label . length ,
d - > context . data , d - > context . length ,
2020-11-09 14:22:24 +01:00
x - > global - > application_key . data ,
x - > global - > application_key . length ) ;
2019-06-11 12:03:33 +02:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2012-03-16 15:01:27 +01:00
}
libsmb,s3/smbd: dump SMB3+ session keys if debug parm is set
Use of previously added smb.conf global param.
Sample usage:
$ smbclient //localhost/scratch --option='debugencryption=yes' \
-e -mSMB3 -U aaptel%aaptel -c quit
debug encryption: dumping generated session keys
Session Id [0000] 26 48 BF FD 00 00 00 00 &H......
Session Key [0000] 63 D6 CA BC 08 C8 4A D2 45 F6 AE 35 AB 4A B3 3B c.....J. E..5.J.;
Signing Key [0000] 4E FE 35 92 AC 13 14 FC C9 17 62 B1 82 20 A4 12 N.5..... ..b.. ..
App Key [0000] A5 0F F4 8B 2F FB 0D FF F2 BF EE 39 E6 6D F5 0A ..../... ...9.m..
ServerIn Key [0000] 2A 02 7E E1 D3 58 D8 12 4C 63 76 AE 59 17 5A E4 *.~..X.. Lcv.Y.Z.
ServerOut Key [0000] 59 F2 5B 7F 66 8F 31 A0 A5 E4 A8 D8 2F BA 00 38 Y.[.f.1. ..../..8
We can now simply pass -ouat:smb2_seskey_list:<sesid>,<seskey> to
wireshark or tshark:
$ tshark -ouat:smb2_seskey_list:2648BFFD00000000,63D6CABC08C84AD245F6AE35AB4AB33B \
-Y smb2 -r capture.pcap -Tfields -e _ws.col.Info
Negotiate Protocol Response
Negotiate Protocol Request
Negotiate Protocol Response
Session Setup Request, NTLMSSP_NEGOTIATE
Session Setup Response, Error: STATUS_MORE_PROCESSING_REQUIRED, NTLMSSP_CHALLENGE
Session Setup Request, NTLMSSP_AUTH, User: WORKGROUP\aaptel
Session Setup Response
Tree Connect Request Tree: \\localhost\IPC$
Tree Connect Response
Decrypted SMB3;Ioctl Request FSCTL_DFS_GET_REFERRALS, File: \localhost\scratch
Decrypted SMB3;Ioctl Response, Error: STATUS_NOT_FOUND
Decrypted SMB3;Tree Disconnect Request
Decrypted SMB3;Tree Disconnect Response
Decrypted SMB3;Tree Connect Request Tree: \\localhost\scratch
Decrypted SMB3;Tree Connect Response
Decrypted SMB3;Tree Disconnect Request
Decrypted SMB3;Tree Disconnect Response
For more info on Wireshark decryption support see
https://wiki.samba.org/index.php/Wireshark_Decryption
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-by: Noel Power <npower@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Sat Feb 9 21:43:25 CET 2019 on sn-devel-144
2019-02-08 12:13:25 +01:00
if ( xconn - > protocol > = PROTOCOL_SMB3_00 & & lp_debug_encryption ( ) ) {
DEBUG ( 0 , ( " debug encryption: dumping generated session keys \n " ) ) ;
DEBUGADD ( 0 , ( " Session Id " ) ) ;
dump_data ( 0 , ( uint8_t * ) & session - > global - > session_wire_id ,
sizeof ( session - > global - > session_wire_id ) ) ;
DEBUGADD ( 0 , ( " Session Key " ) ) ;
dump_data ( 0 , session_key , sizeof ( session_key ) ) ;
DEBUGADD ( 0 , ( " Signing Key " ) ) ;
2019-03-13 18:07:17 +01:00
dump_data ( 0 , x - > global - > signing_key - > blob . data ,
x - > global - > signing_key - > blob . length ) ;
libsmb,s3/smbd: dump SMB3+ session keys if debug parm is set
Use of previously added smb.conf global param.
Sample usage:
$ smbclient //localhost/scratch --option='debugencryption=yes' \
-e -mSMB3 -U aaptel%aaptel -c quit
debug encryption: dumping generated session keys
Session Id [0000] 26 48 BF FD 00 00 00 00 &H......
Session Key [0000] 63 D6 CA BC 08 C8 4A D2 45 F6 AE 35 AB 4A B3 3B c.....J. E..5.J.;
Signing Key [0000] 4E FE 35 92 AC 13 14 FC C9 17 62 B1 82 20 A4 12 N.5..... ..b.. ..
App Key [0000] A5 0F F4 8B 2F FB 0D FF F2 BF EE 39 E6 6D F5 0A ..../... ...9.m..
ServerIn Key [0000] 2A 02 7E E1 D3 58 D8 12 4C 63 76 AE 59 17 5A E4 *.~..X.. Lcv.Y.Z.
ServerOut Key [0000] 59 F2 5B 7F 66 8F 31 A0 A5 E4 A8 D8 2F BA 00 38 Y.[.f.1. ..../..8
We can now simply pass -ouat:smb2_seskey_list:<sesid>,<seskey> to
wireshark or tshark:
$ tshark -ouat:smb2_seskey_list:2648BFFD00000000,63D6CABC08C84AD245F6AE35AB4AB33B \
-Y smb2 -r capture.pcap -Tfields -e _ws.col.Info
Negotiate Protocol Response
Negotiate Protocol Request
Negotiate Protocol Response
Session Setup Request, NTLMSSP_NEGOTIATE
Session Setup Response, Error: STATUS_MORE_PROCESSING_REQUIRED, NTLMSSP_CHALLENGE
Session Setup Request, NTLMSSP_AUTH, User: WORKGROUP\aaptel
Session Setup Response
Tree Connect Request Tree: \\localhost\IPC$
Tree Connect Response
Decrypted SMB3;Ioctl Request FSCTL_DFS_GET_REFERRALS, File: \localhost\scratch
Decrypted SMB3;Ioctl Response, Error: STATUS_NOT_FOUND
Decrypted SMB3;Tree Disconnect Request
Decrypted SMB3;Tree Disconnect Response
Decrypted SMB3;Tree Connect Request Tree: \\localhost\scratch
Decrypted SMB3;Tree Connect Response
Decrypted SMB3;Tree Disconnect Request
Decrypted SMB3;Tree Disconnect Response
For more info on Wireshark decryption support see
https://wiki.samba.org/index.php/Wireshark_Decryption
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-by: Noel Power <npower@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Sat Feb 9 21:43:25 CET 2019 on sn-devel-144
2019-02-08 12:13:25 +01:00
DEBUGADD ( 0 , ( " App Key " ) ) ;
dump_data ( 0 , x - > global - > application_key . data ,
x - > global - > application_key . length ) ;
/* In server code, ServerIn is the decryption key */
DEBUGADD ( 0 , ( " ServerIn Key " ) ) ;
2019-03-14 10:10:34 +01:00
dump_data ( 0 , x - > global - > decryption_key - > blob . data ,
x - > global - > decryption_key - > blob . length ) ;
libsmb,s3/smbd: dump SMB3+ session keys if debug parm is set
Use of previously added smb.conf global param.
Sample usage:
$ smbclient //localhost/scratch --option='debugencryption=yes' \
-e -mSMB3 -U aaptel%aaptel -c quit
debug encryption: dumping generated session keys
Session Id [0000] 26 48 BF FD 00 00 00 00 &H......
Session Key [0000] 63 D6 CA BC 08 C8 4A D2 45 F6 AE 35 AB 4A B3 3B c.....J. E..5.J.;
Signing Key [0000] 4E FE 35 92 AC 13 14 FC C9 17 62 B1 82 20 A4 12 N.5..... ..b.. ..
App Key [0000] A5 0F F4 8B 2F FB 0D FF F2 BF EE 39 E6 6D F5 0A ..../... ...9.m..
ServerIn Key [0000] 2A 02 7E E1 D3 58 D8 12 4C 63 76 AE 59 17 5A E4 *.~..X.. Lcv.Y.Z.
ServerOut Key [0000] 59 F2 5B 7F 66 8F 31 A0 A5 E4 A8 D8 2F BA 00 38 Y.[.f.1. ..../..8
We can now simply pass -ouat:smb2_seskey_list:<sesid>,<seskey> to
wireshark or tshark:
$ tshark -ouat:smb2_seskey_list:2648BFFD00000000,63D6CABC08C84AD245F6AE35AB4AB33B \
-Y smb2 -r capture.pcap -Tfields -e _ws.col.Info
Negotiate Protocol Response
Negotiate Protocol Request
Negotiate Protocol Response
Session Setup Request, NTLMSSP_NEGOTIATE
Session Setup Response, Error: STATUS_MORE_PROCESSING_REQUIRED, NTLMSSP_CHALLENGE
Session Setup Request, NTLMSSP_AUTH, User: WORKGROUP\aaptel
Session Setup Response
Tree Connect Request Tree: \\localhost\IPC$
Tree Connect Response
Decrypted SMB3;Ioctl Request FSCTL_DFS_GET_REFERRALS, File: \localhost\scratch
Decrypted SMB3;Ioctl Response, Error: STATUS_NOT_FOUND
Decrypted SMB3;Tree Disconnect Request
Decrypted SMB3;Tree Disconnect Response
Decrypted SMB3;Tree Connect Request Tree: \\localhost\scratch
Decrypted SMB3;Tree Connect Response
Decrypted SMB3;Tree Disconnect Request
Decrypted SMB3;Tree Disconnect Response
For more info on Wireshark decryption support see
https://wiki.samba.org/index.php/Wireshark_Decryption
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-by: Noel Power <npower@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Sat Feb 9 21:43:25 CET 2019 on sn-devel-144
2019-02-08 12:13:25 +01:00
DEBUGADD ( 0 , ( " ServerOut Key " ) ) ;
2019-03-14 10:02:27 +01:00
dump_data ( 0 , x - > global - > encryption_key - > blob . data ,
x - > global - > encryption_key - > blob . length ) ;
libsmb,s3/smbd: dump SMB3+ session keys if debug parm is set
Use of previously added smb.conf global param.
Sample usage:
$ smbclient //localhost/scratch --option='debugencryption=yes' \
-e -mSMB3 -U aaptel%aaptel -c quit
debug encryption: dumping generated session keys
Session Id [0000] 26 48 BF FD 00 00 00 00 &H......
Session Key [0000] 63 D6 CA BC 08 C8 4A D2 45 F6 AE 35 AB 4A B3 3B c.....J. E..5.J.;
Signing Key [0000] 4E FE 35 92 AC 13 14 FC C9 17 62 B1 82 20 A4 12 N.5..... ..b.. ..
App Key [0000] A5 0F F4 8B 2F FB 0D FF F2 BF EE 39 E6 6D F5 0A ..../... ...9.m..
ServerIn Key [0000] 2A 02 7E E1 D3 58 D8 12 4C 63 76 AE 59 17 5A E4 *.~..X.. Lcv.Y.Z.
ServerOut Key [0000] 59 F2 5B 7F 66 8F 31 A0 A5 E4 A8 D8 2F BA 00 38 Y.[.f.1. ..../..8
We can now simply pass -ouat:smb2_seskey_list:<sesid>,<seskey> to
wireshark or tshark:
$ tshark -ouat:smb2_seskey_list:2648BFFD00000000,63D6CABC08C84AD245F6AE35AB4AB33B \
-Y smb2 -r capture.pcap -Tfields -e _ws.col.Info
Negotiate Protocol Response
Negotiate Protocol Request
Negotiate Protocol Response
Session Setup Request, NTLMSSP_NEGOTIATE
Session Setup Response, Error: STATUS_MORE_PROCESSING_REQUIRED, NTLMSSP_CHALLENGE
Session Setup Request, NTLMSSP_AUTH, User: WORKGROUP\aaptel
Session Setup Response
Tree Connect Request Tree: \\localhost\IPC$
Tree Connect Response
Decrypted SMB3;Ioctl Request FSCTL_DFS_GET_REFERRALS, File: \localhost\scratch
Decrypted SMB3;Ioctl Response, Error: STATUS_NOT_FOUND
Decrypted SMB3;Tree Disconnect Request
Decrypted SMB3;Tree Disconnect Response
Decrypted SMB3;Tree Connect Request Tree: \\localhost\scratch
Decrypted SMB3;Tree Connect Response
Decrypted SMB3;Tree Disconnect Request
Decrypted SMB3;Tree Disconnect Response
For more info on Wireshark decryption support see
https://wiki.samba.org/index.php/Wireshark_Decryption
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-by: Noel Power <npower@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Sat Feb 9 21:43:25 CET 2019 on sn-devel-144
2019-02-08 12:13:25 +01:00
}
2012-03-16 15:01:27 +01:00
ZERO_STRUCT ( session_key ) ;
2019-03-13 18:07:17 +01:00
x - > global - > channels [ 0 ] . signing_key =
talloc_zero ( x - > global - > channels , struct smb2_signing_key ) ;
if ( x - > global - > channels [ 0 ] . signing_key = = NULL ) {
2012-03-16 15:01:27 +01:00
return NT_STATUS_NO_MEMORY ;
}
2019-03-13 18:56:05 +01:00
talloc_set_destructor ( x - > global - > channels [ 0 ] . signing_key ,
smb2_signing_key_destructor ) ;
2019-03-13 18:07:17 +01:00
x - > global - > channels [ 0 ] . signing_key - > blob =
x - > global - > channels [ 0 ] . signing_key_blob =
data_blob_dup_talloc ( x - > global - > channels [ 0 ] . signing_key ,
x - > global - > signing_key - > blob ) ;
if ( ! smb2_signing_key_valid ( x - > global - > channels [ 0 ] . signing_key ) ) {
return NT_STATUS_NO_MEMORY ;
}
talloc_keep_secret ( x - > global - > channels [ 0 ] . signing_key - > blob . data ) ;
2009-05-22 22:58:39 +02:00
2012-03-16 15:01:27 +01:00
data_blob_clear_free ( & session_info - > session_key ) ;
session_info - > session_key = data_blob_dup_talloc ( session_info ,
x - > global - > application_key ) ;
if ( session_info - > session_key . data = = NULL ) {
return NT_STATUS_NO_MEMORY ;
}
2019-03-13 18:07:17 +01:00
talloc_keep_secret ( session_info - > session_key . data ) ;
2012-03-16 15:01:27 +01:00
2012-03-27 11:09:05 +02:00
smb2req - > sconn - > num_users + + ;
2009-05-27 18:33:45 +02:00
2012-03-27 11:09:05 +02:00
if ( security_session_user_level ( session_info , NULL ) > = SECURITY_USER ) {
2019-12-29 08:31:45 +01:00
session - > homes_snum =
2012-03-27 11:09:05 +02:00
register_homes_share ( session_info - > unix_info - > unix_name ) ;
2010-05-17 18:22:19 -07:00
}
2012-03-27 11:09:05 +02:00
set_current_user_info ( session_info - > unix_info - > sanitized_username ,
session_info - > unix_info - > unix_name ,
session_info - > info - > domain_name ) ;
2012-01-25 05:22:38 +01:00
reload_services ( smb2req - > sconn , conn_snum_used , true ) ;
2010-05-17 18:22:19 -07:00
2012-03-27 11:09:05 +02:00
session - > status = NT_STATUS_OK ;
2015-07-29 17:07:29 +02:00
session - > global - > auth_session_info = talloc_move ( session - > global ,
& session_info ) ;
2012-03-27 11:09:05 +02:00
session - > global - > auth_session_info_seqnum + = 1 ;
2015-07-29 17:42:55 +02:00
for ( i = 0 ; i < session - > global - > num_channels ; i + + ) {
struct smbXsrv_channel_global0 * _c =
& session - > global - > channels [ i ] ;
_c - > auth_session_info_seqnum =
session - > global - > auth_session_info_seqnum ;
}
2014-06-12 09:49:28 +02:00
session - > global - > auth_time = timeval_to_nttime ( & smb2req - > request_time ) ;
2015-07-29 16:48:55 +02:00
session - > global - > expiration_time = gensec_expire_time ( auth - > gensec ) ;
2012-03-16 15:01:27 +01:00
2012-08-27 11:03:25 +02:00
if ( ! session_claim ( session ) ) {
DEBUG ( 1 , ( " smb2: Failed to claim session "
" for vuid=%llu \n " ,
2019-12-29 14:33:00 +01:00
( unsigned long long ) session - > global - > session_wire_id ) ) ;
2012-08-27 11:03:25 +02:00
return NT_STATUS_LOGON_FAILURE ;
}
2015-07-29 16:48:55 +02:00
TALLOC_FREE ( auth ) ;
2012-03-27 11:09:05 +02:00
status = smbXsrv_session_update ( session ) ;
2012-03-16 15:01:27 +01:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
DEBUG ( 0 , ( " smb2: Failed to update session for vuid=%llu - %s \n " ,
2019-12-29 14:33:00 +01:00
( unsigned long long ) session - > global - > session_wire_id ,
2012-03-16 15:01:27 +01:00
nt_errstr ( status ) ) ) ;
return NT_STATUS_LOGON_FAILURE ;
}
2009-05-22 22:58:39 +02:00
/*
* we attach the session to the request
* so that the response can be signed
*/
2011-09-21 03:56:30 +02:00
if ( ! guest ) {
2010-05-17 13:05:22 -07:00
smb2req - > do_signing = true ;
}
global_client_caps | = ( CAP_LEVEL_II_OPLOCKS | CAP_STATUS32 ) ;
2010-05-17 18:22:19 -07:00
2012-03-27 11:09:05 +02:00
* out_session_id = session - > global - > session_wire_id ;
2017-06-15 23:01:18 +02:00
smb2req - > last_session_id = session - > global - > session_wire_id ;
2010-05-17 18:22:19 -07:00
2010-05-17 13:05:22 -07:00
return NT_STATUS_OK ;
}
2012-05-14 14:24:08 +02:00
static NTSTATUS smbd_smb2_reauth_generic_return ( struct smbXsrv_session * session ,
2015-07-29 16:48:55 +02:00
struct smbXsrv_session_auth0 * * _auth ,
2012-05-14 14:24:08 +02:00
struct smbd_smb2_request * smb2req ,
2012-05-17 00:30:43 +02:00
struct auth_session_info * session_info ,
2012-05-14 14:24:08 +02:00
uint16_t * out_session_flags ,
uint64_t * out_session_id )
{
NTSTATUS status ;
struct smbXsrv_session * x = session ;
2015-07-29 16:48:55 +02:00
struct smbXsrv_session_auth0 * auth = * _auth ;
2015-09-09 15:08:56 +02:00
struct smbXsrv_connection * xconn = smb2req - > xconn ;
2015-07-29 17:44:37 +02:00
size_t i ;
2015-07-29 16:48:55 +02:00
* _auth = NULL ;
2012-05-14 14:24:08 +02:00
data_blob_clear_free ( & session_info - > session_key ) ;
session_info - > session_key = data_blob_dup_talloc ( session_info ,
x - > global - > application_key ) ;
if ( session_info - > session_key . data = = NULL ) {
return NT_STATUS_NO_MEMORY ;
}
2019-03-13 18:07:17 +01:00
talloc_keep_secret ( session_info - > session_key . data ) ;
2012-05-14 14:24:08 +02:00
2019-12-29 08:31:45 +01:00
session - > homes_snum =
2012-05-14 14:24:08 +02:00
register_homes_share ( session_info - > unix_info - > unix_name ) ;
set_current_user_info ( session_info - > unix_info - > sanitized_username ,
session_info - > unix_info - > unix_name ,
session_info - > info - > domain_name ) ;
reload_services ( smb2req - > sconn , conn_snum_used , true ) ;
2018-11-08 17:31:41 +01:00
if ( security_session_user_level ( session_info , NULL ) > = SECURITY_USER ) {
smb2req - > do_signing = true ;
}
2012-05-14 14:24:08 +02:00
session - > status = NT_STATUS_OK ;
TALLOC_FREE ( session - > global - > auth_session_info ) ;
2015-07-29 17:07:29 +02:00
session - > global - > auth_session_info = talloc_move ( session - > global ,
& session_info ) ;
2012-05-14 14:24:08 +02:00
session - > global - > auth_session_info_seqnum + = 1 ;
2015-07-29 17:44:37 +02:00
for ( i = 0 ; i < session - > global - > num_channels ; i + + ) {
struct smbXsrv_channel_global0 * _c =
& session - > global - > channels [ i ] ;
_c - > auth_session_info_seqnum =
session - > global - > auth_session_info_seqnum ;
}
2014-06-12 09:49:28 +02:00
session - > global - > auth_time = timeval_to_nttime ( & smb2req - > request_time ) ;
2015-07-29 16:48:55 +02:00
session - > global - > expiration_time = gensec_expire_time ( auth - > gensec ) ;
2012-05-14 14:24:08 +02:00
2015-07-29 16:48:55 +02:00
TALLOC_FREE ( auth ) ;
2012-05-14 14:24:08 +02:00
status = smbXsrv_session_update ( session ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
DEBUG ( 0 , ( " smb2: Failed to update session for vuid=%llu - %s \n " ,
2019-12-29 14:33:00 +01:00
( unsigned long long ) session - > global - > session_wire_id ,
2012-05-14 14:24:08 +02:00
nt_errstr ( status ) ) ) ;
return NT_STATUS_LOGON_FAILURE ;
}
2019-12-29 14:33:00 +01:00
conn_clear_vuid_caches ( xconn - > client - > sconn ,
session - > global - > session_wire_id ) ;
2012-05-14 14:24:08 +02:00
* out_session_id = session - > global - > session_wire_id ;
return NT_STATUS_OK ;
}
2015-07-29 17:05:52 +02:00
static NTSTATUS smbd_smb2_bind_auth_return ( struct smbXsrv_session * session ,
struct smbXsrv_session_auth0 * * _auth ,
struct smbd_smb2_request * smb2req ,
struct auth_session_info * session_info ,
uint16_t * out_session_flags ,
uint64_t * out_session_id )
{
NTSTATUS status ;
struct smbXsrv_session * x = session ;
struct smbXsrv_session_auth0 * auth = * _auth ;
struct smbXsrv_connection * xconn = smb2req - > xconn ;
struct smbXsrv_channel_global0 * c = NULL ;
uint8_t session_key [ 16 ] ;
size_t i ;
2021-03-05 18:24:27 +01:00
struct smb2_signing_derivations derivations = {
. signing = NULL ,
2015-07-29 17:05:52 +02:00
} ;
2021-03-05 18:24:27 +01:00
DATA_BLOB preauth_hash = data_blob_null ;
2015-07-29 17:05:52 +02:00
bool ok ;
* _auth = NULL ;
if ( xconn - > protocol > = PROTOCOL_SMB3_10 ) {
struct smbXsrv_preauth * preauth ;
2018-10-22 17:48:43 +02:00
gnutls_hash_hd_t hash_hnd = NULL ;
int rc ;
2015-07-29 17:05:52 +02:00
preauth = talloc_move ( smb2req , & auth - > preauth ) ;
2018-10-22 17:48:43 +02:00
rc = gnutls_hash_init ( & hash_hnd , GNUTLS_DIG_SHA512 ) ;
if ( rc < 0 ) {
2019-06-11 14:44:10 +02:00
return gnutls_error_to_ntstatus ( rc , NT_STATUS_HASH_NOT_SUPPORTED ) ;
2018-10-22 17:48:43 +02:00
}
rc = gnutls_hash ( hash_hnd ,
preauth - > sha512_value ,
sizeof ( preauth - > sha512_value ) ) ;
if ( rc < 0 ) {
gnutls_hash_deinit ( hash_hnd , NULL ) ;
2019-06-11 14:44:10 +02:00
return gnutls_error_to_ntstatus ( rc , NT_STATUS_HASH_NOT_SUPPORTED ) ;
2018-10-22 17:48:43 +02:00
}
2015-07-29 17:05:52 +02:00
for ( i = 1 ; i < smb2req - > in . vector_count ; i + + ) {
2018-10-22 17:48:43 +02:00
rc = gnutls_hash ( hash_hnd ,
smb2req - > in . vector [ i ] . iov_base ,
smb2req - > in . vector [ i ] . iov_len ) ;
if ( rc < 0 ) {
gnutls_hash_deinit ( hash_hnd , NULL ) ;
2019-06-11 14:44:10 +02:00
return gnutls_error_to_ntstatus ( rc , NT_STATUS_HASH_NOT_SUPPORTED ) ;
2018-10-22 17:48:43 +02:00
}
2015-07-29 17:05:52 +02:00
}
2018-10-22 17:48:43 +02:00
gnutls_hash_deinit ( hash_hnd , preauth - > sha512_value ) ;
2015-07-29 17:05:52 +02:00
2021-03-05 18:24:27 +01:00
preauth_hash = data_blob_const ( preauth - > sha512_value ,
2015-07-29 17:05:52 +02:00
sizeof ( preauth - > sha512_value ) ) ;
}
2021-03-05 18:24:27 +01:00
smb2_signing_derivations_fill_const_stack ( & derivations ,
xconn - > protocol ,
preauth_hash ) ;
2015-07-29 17:05:52 +02:00
status = smbXsrv_session_find_channel ( session , xconn , & c ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
ok = security_token_is_sid ( session_info - > security_token ,
& x - > global - > auth_session_info - > security_token - > sids [ 0 ] ) ;
if ( ! ok ) {
return NT_STATUS_NOT_SUPPORTED ;
}
if ( session_info - > session_key . length = = 0 ) {
/* See [MS-SMB2] 3.3.5.2.4 for the return code. */
return NT_STATUS_NOT_SUPPORTED ;
}
ZERO_STRUCT ( session_key ) ;
memcpy ( session_key , session_info - > session_key . data ,
MIN ( session_info - > session_key . length , sizeof ( session_key ) ) ) ;
2019-03-13 18:07:17 +01:00
c - > signing_key = talloc_zero ( x - > global , struct smb2_signing_key ) ;
if ( c - > signing_key = = NULL ) {
ZERO_STRUCT ( session_key ) ;
return NT_STATUS_NO_MEMORY ;
}
2019-03-13 18:56:05 +01:00
talloc_set_destructor ( c - > signing_key ,
smb2_signing_key_destructor ) ;
2019-03-13 18:07:17 +01:00
c - > signing_key - > blob =
c - > signing_key_blob =
data_blob_talloc ( c - > signing_key ,
session_key ,
sizeof ( session_key ) ) ;
if ( ! smb2_signing_key_valid ( c - > signing_key ) ) {
2015-07-29 17:05:52 +02:00
ZERO_STRUCT ( session_key ) ;
return NT_STATUS_NO_MEMORY ;
}
2019-03-13 18:07:17 +01:00
talloc_keep_secret ( c - > signing_key - > blob . data ) ;
2015-07-29 17:05:52 +02:00
if ( xconn - > protocol > = PROTOCOL_SMB2_24 ) {
2021-03-05 18:24:27 +01:00
const struct smb2_signing_derivation * d = derivations . signing ;
2015-07-29 17:05:52 +02:00
2019-06-11 12:03:33 +02:00
status = smb2_key_derivation ( session_key , sizeof ( session_key ) ,
d - > label . data , d - > label . length ,
d - > context . data , d - > context . length ,
2020-11-09 14:22:24 +01:00
c - > signing_key - > blob . data ,
c - > signing_key - > blob . length ) ;
2019-06-11 12:03:33 +02:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2015-07-29 17:05:52 +02:00
}
ZERO_STRUCT ( session_key ) ;
TALLOC_FREE ( auth ) ;
status = smbXsrv_session_update ( session ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
DEBUG ( 0 , ( " smb2: Failed to update session for vuid=%llu - %s \n " ,
2019-12-29 14:33:00 +01:00
( unsigned long long ) session - > global - > session_wire_id ,
2015-07-29 17:05:52 +02:00
nt_errstr ( status ) ) ) ;
return NT_STATUS_LOGON_FAILURE ;
}
* out_session_id = session - > global - > session_wire_id ;
return NT_STATUS_OK ;
}
2012-05-12 10:16:41 +02:00
struct smbd_smb2_session_setup_state {
struct tevent_context * ev ;
struct smbd_smb2_request * smb2req ;
uint64_t in_session_id ;
uint8_t in_flags ;
uint8_t in_security_mode ;
uint64_t in_previous_session_id ;
DATA_BLOB in_security_buffer ;
2012-05-16 15:56:15 +02:00
struct smbXsrv_session * session ;
2015-07-29 16:48:55 +02:00
struct smbXsrv_session_auth0 * auth ;
2012-05-17 00:30:43 +02:00
struct auth_session_info * session_info ;
2012-05-12 10:16:41 +02:00
uint16_t out_session_flags ;
DATA_BLOB out_security_buffer ;
uint64_t out_session_id ;
} ;
2012-05-17 00:30:43 +02:00
static void smbd_smb2_session_setup_gensec_done ( struct tevent_req * subreq ) ;
2012-05-17 00:32:40 +02:00
static void smbd_smb2_session_setup_previous_done ( struct tevent_req * subreq ) ;
2014-06-12 09:19:29 +02:00
static void smbd_smb2_session_setup_auth_return ( struct tevent_req * req ) ;
2012-05-16 16:05:48 +02:00
2012-05-12 10:16:41 +02:00
static struct tevent_req * smbd_smb2_session_setup_send ( TALLOC_CTX * mem_ctx ,
struct tevent_context * ev ,
struct smbd_smb2_request * smb2req ,
uint64_t in_session_id ,
uint8_t in_flags ,
uint8_t in_security_mode ,
uint64_t in_previous_session_id ,
DATA_BLOB in_security_buffer )
{
struct tevent_req * req ;
struct smbd_smb2_session_setup_state * state ;
NTSTATUS status ;
2012-05-16 15:56:15 +02:00
NTTIME now = timeval_to_nttime ( & smb2req - > request_time ) ;
2012-05-16 16:05:48 +02:00
struct tevent_req * subreq ;
2015-07-29 11:19:55 +02:00
struct smbXsrv_channel_global0 * c = NULL ;
2016-01-21 18:59:34 +01:00
enum security_user_level seclvl ;
2012-05-12 10:16:41 +02:00
req = tevent_req_create ( mem_ctx , & state ,
struct smbd_smb2_session_setup_state ) ;
if ( req = = NULL ) {
return NULL ;
}
state - > ev = ev ;
state - > smb2req = smb2req ;
state - > in_session_id = in_session_id ;
state - > in_flags = in_flags ;
state - > in_security_mode = in_security_mode ;
state - > in_previous_session_id = in_previous_session_id ;
state - > in_security_buffer = in_security_buffer ;
2012-07-26 00:11:13 +02:00
if ( in_flags & SMB2_SESSION_FLAG_BINDING ) {
2014-06-12 08:38:48 +02:00
if ( smb2req - > xconn - > protocol < PROTOCOL_SMB2_22 ) {
2012-07-26 00:11:13 +02:00
tevent_req_nterror ( req , NT_STATUS_REQUEST_NOT_ACCEPTED ) ;
return tevent_req_post ( req , ev ) ;
}
2016-01-21 18:59:34 +01:00
if ( ! smb2req - > xconn - > client - > server_multi_channel_enabled ) {
tevent_req_nterror ( req , NT_STATUS_REQUEST_NOT_ACCEPTED ) ;
return tevent_req_post ( req , ev ) ;
}
if ( in_session_id = = 0 ) {
tevent_req_nterror ( req , NT_STATUS_INVALID_PARAMETER ) ;
return tevent_req_post ( req , ev ) ;
}
if ( smb2req - > session = = NULL ) {
tevent_req_nterror ( req , NT_STATUS_USER_SESSION_DELETED ) ;
return tevent_req_post ( req , ev ) ;
}
if ( ! smb2req - > do_signing ) {
tevent_req_nterror ( req , NT_STATUS_INVALID_PARAMETER ) ;
return tevent_req_post ( req , ev ) ;
}
status = smbXsrv_session_find_channel ( smb2req - > session ,
smb2req - > xconn ,
& c ) ;
if ( NT_STATUS_IS_OK ( status ) ) {
2019-03-13 18:07:17 +01:00
if ( ! smb2_signing_key_valid ( c - > signing_key ) ) {
2016-01-21 18:59:34 +01:00
goto auth ;
}
tevent_req_nterror ( req , NT_STATUS_REQUEST_NOT_ACCEPTED ) ;
return tevent_req_post ( req , ev ) ;
}
2012-07-26 00:11:13 +02:00
/*
2016-01-21 18:59:34 +01:00
* OLD : 3.00 NEW 3.02 = > INVALID_PARAMETER
* OLD : 3.02 NEW 3.00 = > INVALID_PARAMETER
* OLD : 2.10 NEW 3.02 = > ACCESS_DENIED
* OLD : 3.02 NEW 2.10 = > ACCESS_DENIED
2012-07-26 00:11:13 +02:00
*/
2016-01-21 18:59:34 +01:00
if ( smb2req - > session - > global - > connection_dialect
< SMB2_DIALECT_REVISION_222 )
{
tevent_req_nterror ( req , NT_STATUS_ACCESS_DENIED ) ;
return tevent_req_post ( req , ev ) ;
}
if ( smb2req - > xconn - > smb2 . server . dialect
< SMB2_DIALECT_REVISION_222 )
{
tevent_req_nterror ( req , NT_STATUS_ACCESS_DENIED ) ;
return tevent_req_post ( req , ev ) ;
}
if ( smb2req - > session - > global - > connection_dialect
! = smb2req - > xconn - > smb2 . server . dialect )
{
tevent_req_nterror ( req , NT_STATUS_INVALID_PARAMETER ) ;
return tevent_req_post ( req , ev ) ;
}
seclvl = security_session_user_level (
smb2req - > session - > global - > auth_session_info ,
NULL ) ;
if ( seclvl < SECURITY_USER ) {
tevent_req_nterror ( req , NT_STATUS_NOT_SUPPORTED ) ;
return tevent_req_post ( req , ev ) ;
}
status = smbXsrv_session_add_channel ( smb2req - > session ,
smb2req - > xconn ,
2019-10-04 10:02:56 +02:00
now ,
2016-01-21 18:59:34 +01:00
& c ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
tevent_req_nterror ( req , status ) ;
return tevent_req_post ( req , ev ) ;
}
status = smbXsrv_session_update ( smb2req - > session ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
tevent_req_nterror ( req , status ) ;
return tevent_req_post ( req , ev ) ;
}
2012-07-26 00:11:13 +02:00
}
2016-01-21 18:59:34 +01:00
auth :
2012-05-16 15:56:15 +02:00
if ( state - > in_session_id = = 0 ) {
/* create a new session */
2014-06-12 08:38:48 +02:00
status = smbXsrv_session_create ( state - > smb2req - > xconn ,
2012-05-16 15:56:15 +02:00
now , & state - > session ) ;
if ( tevent_req_nterror ( req , status ) ) {
return tevent_req_post ( req , ev ) ;
}
2015-05-02 16:27:26 +02:00
smb2req - > session = state - > session ;
2012-05-16 15:56:15 +02:00
} else {
2014-09-15 00:10:11 +02:00
if ( smb2req - > session = = NULL ) {
tevent_req_nterror ( req , NT_STATUS_USER_SESSION_DELETED ) ;
return tevent_req_post ( req , ev ) ;
}
state - > session = smb2req - > session ;
status = state - > session - > status ;
2012-05-16 15:56:15 +02:00
if ( NT_STATUS_EQUAL ( status , NT_STATUS_NETWORK_SESSION_EXPIRED ) ) {
status = NT_STATUS_OK ;
}
2015-07-29 16:48:55 +02:00
if ( NT_STATUS_EQUAL ( status , NT_STATUS_MORE_PROCESSING_REQUIRED ) ) {
status = NT_STATUS_OK ;
2012-05-16 15:56:15 +02:00
}
2015-07-29 16:48:55 +02:00
if ( tevent_req_nterror ( req , status ) ) {
2012-05-16 15:56:15 +02:00
return tevent_req_post ( req , ev ) ;
}
2015-07-29 16:48:55 +02:00
if ( ! ( in_flags & SMB2_SESSION_FLAG_BINDING ) ) {
state - > session - > status = NT_STATUS_MORE_PROCESSING_REQUIRED ;
}
2012-05-16 15:56:15 +02:00
}
2015-07-29 11:19:55 +02:00
status = smbXsrv_session_find_channel ( smb2req - > session ,
smb2req - > xconn , & c ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
tevent_req_nterror ( req , status ) ;
return tevent_req_post ( req , ev ) ;
}
2015-07-29 16:48:55 +02:00
status = smbXsrv_session_find_auth ( state - > session , smb2req - > xconn ,
now , & state - > auth ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
status = smbXsrv_session_create_auth ( state - > session ,
smb2req - > xconn , now ,
in_flags , in_security_mode ,
& state - > auth ) ;
if ( tevent_req_nterror ( req , status ) ) {
return tevent_req_post ( req , ev ) ;
}
}
if ( state - > auth - > gensec = = NULL ) {
status = auth_generic_prepare ( state - > auth ,
2014-06-12 10:47:51 +02:00
state - > smb2req - > xconn - > remote_address ,
2017-02-23 14:31:52 +13:00
state - > smb2req - > xconn - > local_address ,
2017-02-20 14:17:34 +13:00
" SMB2 " ,
2015-07-29 16:48:55 +02:00
& state - > auth - > gensec ) ;
2012-05-16 15:56:15 +02:00
if ( tevent_req_nterror ( req , status ) ) {
return tevent_req_post ( req , ev ) ;
}
2015-07-29 16:48:55 +02:00
gensec_want_feature ( state - > auth - > gensec , GENSEC_FEATURE_SESSION_KEY ) ;
gensec_want_feature ( state - > auth - > gensec , GENSEC_FEATURE_UNIX_TOKEN ) ;
2017-03-06 14:10:17 +13:00
gensec_want_feature ( state - > auth - > gensec , GENSEC_FEATURE_SMB_TRANSPORT ) ;
2012-05-16 15:56:15 +02:00
2015-07-29 16:48:55 +02:00
status = gensec_start_mech_by_oid ( state - > auth - > gensec ,
2012-05-16 15:56:15 +02:00
GENSEC_OID_SPNEGO ) ;
if ( tevent_req_nterror ( req , status ) ) {
return tevent_req_post ( req , ev ) ;
}
}
2015-07-29 16:48:55 +02:00
status = smbXsrv_session_update ( state - > session ) ;
if ( tevent_req_nterror ( req , status ) ) {
return tevent_req_post ( req , ev ) ;
}
2012-05-16 15:56:15 +02:00
become_root ( ) ;
2012-05-16 16:05:48 +02:00
subreq = gensec_update_send ( state , state - > ev ,
2015-07-29 16:48:55 +02:00
state - > auth - > gensec ,
2012-05-16 16:05:48 +02:00
state - > in_security_buffer ) ;
2012-05-16 15:56:15 +02:00
unbecome_root ( ) ;
2012-05-16 16:05:48 +02:00
if ( tevent_req_nomem ( subreq , req ) ) {
return tevent_req_post ( req , ev ) ;
}
2012-05-17 00:30:43 +02:00
tevent_req_set_callback ( subreq , smbd_smb2_session_setup_gensec_done , req ) ;
2012-05-16 16:05:48 +02:00
return req ;
}
2012-05-17 00:30:43 +02:00
static void smbd_smb2_session_setup_gensec_done ( struct tevent_req * subreq )
2012-05-16 16:05:48 +02:00
{
struct tevent_req * req =
tevent_req_callback_data ( subreq ,
struct tevent_req ) ;
struct smbd_smb2_session_setup_state * state =
tevent_req_data ( req ,
struct smbd_smb2_session_setup_state ) ;
NTSTATUS status ;
become_root ( ) ;
status = gensec_update_recv ( subreq , state ,
& state - > out_security_buffer ) ;
unbecome_root ( ) ;
TALLOC_FREE ( subreq ) ;
2012-05-16 15:56:15 +02:00
if ( ! NT_STATUS_EQUAL ( status , NT_STATUS_MORE_PROCESSING_REQUIRED ) & &
! NT_STATUS_IS_OK ( status ) ) {
tevent_req_nterror ( req , status ) ;
2012-05-16 16:05:48 +02:00
return ;
2012-05-16 15:56:15 +02:00
}
if ( NT_STATUS_EQUAL ( status , NT_STATUS_MORE_PROCESSING_REQUIRED ) ) {
state - > out_session_id = state - > session - > global - > session_wire_id ;
2015-07-29 16:48:55 +02:00
state - > smb2req - > preauth = state - > auth - > preauth ;
2012-05-16 15:56:15 +02:00
tevent_req_nterror ( req , status ) ;
2012-05-16 16:05:48 +02:00
return ;
2012-05-16 15:56:15 +02:00
}
2015-07-29 16:48:55 +02:00
status = gensec_session_info ( state - > auth - > gensec ,
2015-07-29 17:07:29 +02:00
state ,
2012-05-17 00:30:43 +02:00
& state - > session_info ) ;
if ( tevent_req_nterror ( req , status ) ) {
return ;
}
2012-05-17 00:32:40 +02:00
if ( ( state - > in_previous_session_id ! = 0 ) & &
( state - > session - > global - > session_wire_id ! =
state - > in_previous_session_id ) )
{
subreq = smb2srv_session_close_previous_send ( state , state - > ev ,
2014-06-12 10:47:51 +02:00
state - > smb2req - > xconn ,
2012-05-17 00:32:40 +02:00
state - > session_info ,
state - > in_previous_session_id ,
state - > session - > global - > session_wire_id ) ;
if ( tevent_req_nomem ( subreq , req ) ) {
return ;
}
tevent_req_set_callback ( subreq ,
smbd_smb2_session_setup_previous_done ,
req ) ;
return ;
}
2014-06-12 09:19:29 +02:00
smbd_smb2_session_setup_auth_return ( req ) ;
2012-05-17 00:32:40 +02:00
}
static void smbd_smb2_session_setup_previous_done ( struct tevent_req * subreq )
{
struct tevent_req * req =
tevent_req_callback_data ( subreq ,
struct tevent_req ) ;
NTSTATUS status ;
status = smb2srv_session_close_previous_recv ( subreq ) ;
TALLOC_FREE ( subreq ) ;
if ( tevent_req_nterror ( req , status ) ) {
return ;
}
2014-06-12 09:19:29 +02:00
smbd_smb2_session_setup_auth_return ( req ) ;
}
static void smbd_smb2_session_setup_auth_return ( struct tevent_req * req )
{
struct smbd_smb2_session_setup_state * state =
tevent_req_data ( req ,
struct smbd_smb2_session_setup_state ) ;
NTSTATUS status ;
2015-07-29 17:05:52 +02:00
if ( state - > in_flags & SMB2_SESSION_FLAG_BINDING ) {
status = smbd_smb2_bind_auth_return ( state - > session ,
& state - > auth ,
state - > smb2req ,
state - > session_info ,
& state - > out_session_flags ,
& state - > out_session_id ) ;
if ( tevent_req_nterror ( req , status ) ) {
return ;
}
tevent_req_done ( req ) ;
return ;
}
2012-05-16 15:56:15 +02:00
if ( state - > session - > global - > auth_session_info ! = NULL ) {
status = smbd_smb2_reauth_generic_return ( state - > session ,
2015-07-29 16:48:55 +02:00
& state - > auth ,
2012-05-16 15:56:15 +02:00
state - > smb2req ,
2012-05-17 00:30:43 +02:00
state - > session_info ,
2012-05-16 15:56:15 +02:00
& state - > out_session_flags ,
& state - > out_session_id ) ;
if ( tevent_req_nterror ( req , status ) ) {
2012-05-16 16:05:48 +02:00
return ;
2012-05-16 15:56:15 +02:00
}
tevent_req_done ( req ) ;
2012-05-16 16:05:48 +02:00
return ;
2012-05-12 10:16:41 +02:00
}
2012-05-16 15:56:15 +02:00
status = smbd_smb2_auth_generic_return ( state - > session ,
2015-07-29 16:48:55 +02:00
& state - > auth ,
2012-05-16 15:56:15 +02:00
state - > smb2req ,
state - > in_security_mode ,
2012-05-17 00:30:43 +02:00
state - > session_info ,
2012-05-16 15:56:15 +02:00
& state - > out_session_flags ,
& state - > out_session_id ) ;
2012-05-12 10:16:41 +02:00
if ( tevent_req_nterror ( req , status ) ) {
2012-05-16 16:05:48 +02:00
return ;
2012-05-12 10:16:41 +02:00
}
tevent_req_done ( req ) ;
2012-05-16 16:05:48 +02:00
return ;
2012-05-12 10:16:41 +02:00
}
static NTSTATUS smbd_smb2_session_setup_recv ( struct tevent_req * req ,
uint16_t * out_session_flags ,
TALLOC_CTX * mem_ctx ,
DATA_BLOB * out_security_buffer ,
uint64_t * out_session_id )
{
struct smbd_smb2_session_setup_state * state =
tevent_req_data ( req ,
struct smbd_smb2_session_setup_state ) ;
NTSTATUS status ;
2015-05-02 16:21:25 +02:00
if ( tevent_req_is_nterror ( req , & status ) ) {
if ( ! NT_STATUS_EQUAL ( status , NT_STATUS_MORE_PROCESSING_REQUIRED ) ) {
tevent_req_received ( req ) ;
return nt_status_squash ( status ) ;
}
} else {
status = NT_STATUS_OK ;
}
* out_session_flags = state - > out_session_flags ;
* out_security_buffer = state - > out_security_buffer ;
* out_session_id = state - > out_session_id ;
talloc_steal ( mem_ctx , out_security_buffer - > data ) ;
tevent_req_received ( req ) ;
return status ;
}
struct smbd_smb2_session_setup_wrap_state {
struct tevent_context * ev ;
struct smbd_smb2_request * smb2req ;
uint64_t in_session_id ;
uint8_t in_flags ;
uint8_t in_security_mode ;
uint64_t in_previous_session_id ;
DATA_BLOB in_security_buffer ;
uint16_t out_session_flags ;
DATA_BLOB out_security_buffer ;
uint64_t out_session_id ;
NTSTATUS error ;
} ;
static void smbd_smb2_session_setup_wrap_setup_done ( struct tevent_req * subreq ) ;
static void smbd_smb2_session_setup_wrap_shutdown_done ( struct tevent_req * subreq ) ;
static struct tevent_req * smbd_smb2_session_setup_wrap_send ( TALLOC_CTX * mem_ctx ,
struct tevent_context * ev ,
struct smbd_smb2_request * smb2req ,
uint64_t in_session_id ,
uint8_t in_flags ,
uint8_t in_security_mode ,
uint64_t in_previous_session_id ,
DATA_BLOB in_security_buffer )
{
struct tevent_req * req ;
struct smbd_smb2_session_setup_wrap_state * state ;
struct tevent_req * subreq ;
req = tevent_req_create ( mem_ctx , & state ,
struct smbd_smb2_session_setup_wrap_state ) ;
if ( req = = NULL ) {
return NULL ;
}
state - > ev = ev ;
state - > smb2req = smb2req ;
state - > in_session_id = in_session_id ;
state - > in_flags = in_flags ;
state - > in_security_mode = in_security_mode ;
state - > in_previous_session_id = in_previous_session_id ;
state - > in_security_buffer = in_security_buffer ;
subreq = smbd_smb2_session_setup_send ( state , state - > ev ,
state - > smb2req ,
state - > in_session_id ,
state - > in_flags ,
state - > in_security_mode ,
state - > in_previous_session_id ,
state - > in_security_buffer ) ;
if ( tevent_req_nomem ( subreq , req ) ) {
return tevent_req_post ( req , ev ) ;
}
tevent_req_set_callback ( subreq ,
smbd_smb2_session_setup_wrap_setup_done , req ) ;
return req ;
}
static void smbd_smb2_session_setup_wrap_setup_done ( struct tevent_req * subreq )
{
struct tevent_req * req =
tevent_req_callback_data ( subreq ,
struct tevent_req ) ;
struct smbd_smb2_session_setup_wrap_state * state =
tevent_req_data ( req ,
struct smbd_smb2_session_setup_wrap_state ) ;
NTSTATUS status ;
status = smbd_smb2_session_setup_recv ( subreq ,
& state - > out_session_flags ,
state ,
& state - > out_security_buffer ,
& state - > out_session_id ) ;
TALLOC_FREE ( subreq ) ;
if ( NT_STATUS_IS_OK ( status ) ) {
tevent_req_done ( req ) ;
return ;
}
if ( NT_STATUS_EQUAL ( status , NT_STATUS_MORE_PROCESSING_REQUIRED ) ) {
tevent_req_nterror ( req , status ) ;
return ;
}
if ( state - > smb2req - > session = = NULL ) {
tevent_req_nterror ( req , status ) ;
return ;
}
state - > error = status ;
subreq = smb2srv_session_shutdown_send ( state , state - > ev ,
state - > smb2req - > session ,
state - > smb2req ) ;
if ( tevent_req_nomem ( subreq , req ) ) {
return ;
}
tevent_req_set_callback ( subreq ,
smbd_smb2_session_setup_wrap_shutdown_done ,
req ) ;
}
static void smbd_smb2_session_setup_wrap_shutdown_done ( struct tevent_req * subreq )
{
struct tevent_req * req =
tevent_req_callback_data ( subreq ,
struct tevent_req ) ;
struct smbd_smb2_session_setup_wrap_state * state =
tevent_req_data ( req ,
struct smbd_smb2_session_setup_wrap_state ) ;
NTSTATUS status ;
status = smb2srv_session_shutdown_recv ( subreq ) ;
TALLOC_FREE ( subreq ) ;
if ( tevent_req_nterror ( req , status ) ) {
return ;
}
/*
* we may need to sign the response , so we need to keep
* the session until the response is sent to the wire .
*/
talloc_steal ( state - > smb2req , state - > smb2req - > session ) ;
tevent_req_nterror ( req , state - > error ) ;
}
static NTSTATUS smbd_smb2_session_setup_wrap_recv ( struct tevent_req * req ,
uint16_t * out_session_flags ,
TALLOC_CTX * mem_ctx ,
DATA_BLOB * out_security_buffer ,
uint64_t * out_session_id )
{
struct smbd_smb2_session_setup_wrap_state * state =
tevent_req_data ( req ,
struct smbd_smb2_session_setup_wrap_state ) ;
NTSTATUS status ;
2012-05-12 10:16:41 +02:00
if ( tevent_req_is_nterror ( req , & status ) ) {
if ( ! NT_STATUS_EQUAL ( status , NT_STATUS_MORE_PROCESSING_REQUIRED ) ) {
tevent_req_received ( req ) ;
2012-05-16 15:32:08 +02:00
return nt_status_squash ( status ) ;
2012-05-12 10:16:41 +02:00
}
} else {
status = NT_STATUS_OK ;
}
* out_session_flags = state - > out_session_flags ;
* out_security_buffer = state - > out_security_buffer ;
* out_session_id = state - > out_session_id ;
talloc_steal ( mem_ctx , out_security_buffer - > data ) ;
tevent_req_received ( req ) ;
return status ;
}
2014-03-10 09:53:18 +01:00
static struct tevent_req * smbd_smb2_logoff_send ( TALLOC_CTX * mem_ctx ,
struct tevent_context * ev ,
struct smbd_smb2_request * smb2req ) ;
static NTSTATUS smbd_smb2_logoff_recv ( struct tevent_req * req ) ;
static void smbd_smb2_request_logoff_done ( struct tevent_req * subreq ) ;
2009-05-15 11:40:19 +02:00
NTSTATUS smbd_smb2_request_process_logoff ( struct smbd_smb2_request * req )
{
2011-09-06 14:01:43 +02:00
NTSTATUS status ;
2014-03-10 09:53:18 +01:00
struct tevent_req * subreq = NULL ;
2009-05-15 11:40:19 +02:00
2011-09-06 14:01:43 +02:00
status = smbd_smb2_request_verify_sizes ( req , 0x04 ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return smbd_smb2_request_error ( req , status ) ;
2009-05-15 11:40:19 +02:00
}
2018-12-27 15:18:55 +01:00
subreq = smbd_smb2_logoff_send ( req , req - > sconn - > ev_ctx , req ) ;
2014-03-10 09:53:18 +01:00
if ( subreq = = NULL ) {
return smbd_smb2_request_error ( req , NT_STATUS_NO_MEMORY ) ;
}
tevent_req_set_callback ( subreq , smbd_smb2_request_logoff_done , req ) ;
2009-05-15 11:40:19 +02:00
/*
2019-02-12 08:27:43 +01:00
* Avoid sending a STATUS_PENDING message , it ' s very likely
* the client won ' t expect that .
2009-05-15 11:40:19 +02:00
*/
2019-02-12 08:27:43 +01:00
return smbd_smb2_request_pending_queue ( req , subreq , 0 ) ;
2014-03-10 09:53:18 +01:00
}
static void smbd_smb2_request_logoff_done ( struct tevent_req * subreq )
{
struct smbd_smb2_request * smb2req =
tevent_req_callback_data ( subreq ,
struct smbd_smb2_request ) ;
DATA_BLOB outbody ;
NTSTATUS status ;
NTSTATUS error ;
status = smbd_smb2_logoff_recv ( subreq ) ;
TALLOC_FREE ( subreq ) ;
2012-03-27 11:09:05 +02:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
2014-03-10 09:53:18 +01:00
error = smbd_smb2_request_error ( smb2req , status ) ;
if ( ! NT_STATUS_IS_OK ( error ) ) {
2014-06-11 12:15:48 +02:00
smbd_server_connection_terminate ( smb2req - > xconn ,
2014-03-10 09:53:18 +01:00
nt_errstr ( error ) ) ;
return ;
}
return ;
}
outbody = smbd_smb2_generate_outbody ( smb2req , 0x04 ) ;
if ( outbody . data = = NULL ) {
error = smbd_smb2_request_error ( smb2req , NT_STATUS_NO_MEMORY ) ;
if ( ! NT_STATUS_IS_OK ( error ) ) {
2014-06-11 12:15:48 +02:00
smbd_server_connection_terminate ( smb2req - > xconn ,
2014-03-10 09:53:18 +01:00
nt_errstr ( error ) ) ;
return ;
}
return ;
}
SSVAL ( outbody . data , 0x00 , 0x04 ) ; /* struct size */
SSVAL ( outbody . data , 0x02 , 0 ) ; /* reserved */
error = smbd_smb2_request_done ( smb2req , outbody , NULL ) ;
if ( ! NT_STATUS_IS_OK ( error ) ) {
2014-06-11 12:15:48 +02:00
smbd_server_connection_terminate ( smb2req - > xconn ,
2014-03-10 09:53:18 +01:00
nt_errstr ( error ) ) ;
return ;
}
}
2015-05-02 16:20:06 +02:00
struct smbd_smb2_logoff_state {
2014-03-10 09:53:18 +01:00
struct smbd_smb2_request * smb2req ;
} ;
2015-05-02 16:20:06 +02:00
static void smbd_smb2_logoff_shutdown_done ( struct tevent_req * subreq ) ;
2014-03-10 09:53:18 +01:00
2014-03-10 09:53:18 +01:00
static struct tevent_req * smbd_smb2_logoff_send ( TALLOC_CTX * mem_ctx ,
struct tevent_context * ev ,
struct smbd_smb2_request * smb2req )
{
struct tevent_req * req ;
2015-05-02 16:20:06 +02:00
struct smbd_smb2_logoff_state * state ;
2014-03-10 09:53:18 +01:00
struct tevent_req * subreq ;
2014-03-10 09:53:18 +01:00
req = tevent_req_create ( mem_ctx , & state ,
2015-05-02 16:20:06 +02:00
struct smbd_smb2_logoff_state ) ;
2014-03-10 09:53:18 +01:00
if ( req = = NULL ) {
return NULL ;
}
state - > smb2req = smb2req ;
2015-05-02 16:20:06 +02:00
subreq = smb2srv_session_shutdown_send ( state , ev ,
smb2req - > session ,
smb2req ) ;
2014-03-10 09:53:18 +01:00
if ( tevent_req_nomem ( subreq , req ) ) {
return tevent_req_post ( req , ev ) ;
}
2015-05-02 16:20:06 +02:00
tevent_req_set_callback ( subreq , smbd_smb2_logoff_shutdown_done , req ) ;
2014-03-10 09:53:18 +01:00
return req ;
}
2015-05-02 16:20:06 +02:00
static void smbd_smb2_logoff_shutdown_done ( struct tevent_req * subreq )
2014-03-10 09:53:18 +01:00
{
struct tevent_req * req = tevent_req_callback_data (
subreq , struct tevent_req ) ;
2015-05-02 16:20:06 +02:00
struct smbd_smb2_logoff_state * state = tevent_req_data (
req , struct smbd_smb2_logoff_state ) ;
2014-03-10 09:53:18 +01:00
NTSTATUS status ;
2016-04-13 17:44:26 +02:00
bool ok ;
const struct GUID * client_guid =
2020-07-08 10:15:56 +02:00
& state - > smb2req - > session - > client - > global - > client_guid ;
2014-03-10 09:53:18 +01:00
2015-05-02 16:20:06 +02:00
status = smb2srv_session_shutdown_recv ( subreq ) ;
if ( tevent_req_nterror ( req , status ) ) {
return ;
}
2014-03-10 09:53:18 +01:00
TALLOC_FREE ( subreq ) ;
2016-04-13 17:44:26 +02:00
if ( ! GUID_all_zero ( client_guid ) ) {
ok = remote_arch_cache_delete ( client_guid ) ;
if ( ! ok ) {
/* Most likely not an error, but not in cache */
DBG_DEBUG ( " Deletion from remote arch cache failed \n " ) ;
}
}
2014-03-10 09:53:18 +01:00
/*
* As we ' ve been awoken , we may have changed
* uid in the meantime . Ensure we ' re still
* root ( SMB2_OP_LOGOFF has . as_root = true ) .
*/
change_to_root_user ( ) ;
2014-03-10 09:53:18 +01:00
status = smbXsrv_session_logoff ( state - > smb2req - > session ) ;
if ( tevent_req_nterror ( req , status ) ) {
2014-03-10 09:53:18 +01:00
return ;
2012-03-27 11:09:05 +02:00
}
2009-05-15 11:40:19 +02:00
/*
* we may need to sign the response , so we need to keep
* the session until the response is sent to the wire .
*/
2014-03-10 09:53:18 +01:00
talloc_steal ( state - > smb2req , state - > smb2req - > session ) ;
2009-05-15 11:40:19 +02:00
2014-03-10 09:53:18 +01:00
tevent_req_done ( req ) ;
}
2009-05-15 11:40:19 +02:00
2014-03-10 09:53:18 +01:00
static NTSTATUS smbd_smb2_logoff_recv ( struct tevent_req * req )
{
return tevent_req_simple_recv_ntstatus ( req ) ;
2009-05-15 11:40:19 +02:00
}