struct {
DATA_BLOB signing_key;
} smb2_channel;
+
+ /*
+ * this should be a short term hack
+ * until the upper layers have implemented
+ * re-authentication.
+ */
+ bool disconnect_expired;
};
struct smbXcli_tcon {
+ bool is_smb1;
+ uint32_t fs_attributes;
+
struct {
uint16_t tcon_id;
uint16_t optional_support;
*/
struct iovec *recv_iov;
+ /*
+ * the expected max for the response dyn_len
+ */
+ uint32_t max_dyn_len;
+
uint16_t credit_charge;
bool should_sign;
status = NT_STATUS_INVALID_PARAMETER_MIX;
goto fail;
}
- ev = tevent_context_init(frame);
+ ev = samba_tevent_context_init(frame);
if (ev == NULL) {
goto fail;
}
return conn->smb1.max_xmit;
}
+bool smb1cli_conn_req_possible(struct smbXcli_conn *conn)
+{
+ size_t pending;
+ uint16_t possible = conn->smb1.server.max_mux;
+
+ pending = tevent_queue_length(conn->outgoing);
+ if (pending >= possible) {
+ return false;
+ }
+ pending += talloc_array_length(conn->pending);
+ if (pending >= possible) {
+ return false;
+ }
+
+ return true;
+}
+
uint32_t smb1cli_conn_server_session_key(struct smbXcli_conn *conn)
{
return conn->smb1.server.session_key;
size_t num_pending = talloc_array_length(conn->pending);
uint16_t result;
+ if (conn->protocol == PROTOCOL_NONE) {
+ /*
+ * This is what windows sends on the SMB1 Negprot request
+ * and some vendors reuse the SMB1 MID as SMB2 sequence number.
+ */
+ return 0;
+ }
+
while (true) {
size_t i;
if (tcon) {
tid = tcon->smb1.tcon_id;
+
+ if (tcon->fs_attributes & FILE_CASE_SENSITIVE_SEARCH) {
+ clear_flags |= FLAG_CASELESS_PATHNAMES;
+ } else {
+ /* Default setting, case insensitive. */
+ additional_flags |= FLAG_CASELESS_PATHNAMES;
+ }
+
+ if (smbXcli_conn_dfs_supported(conn) &&
+ smbXcli_tcon_is_dfs_share(tcon))
+ {
+ additional_flags2 |= FLAGS2_DFS_PATHNAMES;
+ }
}
state->smb1.recv_cmd = 0xFF;
if (subreq != conn->read_smb_req) {
DEBUG(1, ("Internal error: cli_smb_received called with "
"unexpected subreq\n"));
- status = NT_STATUS_INTERNAL_ERROR;
- smbXcli_conn_disconnect(conn, status);
+ smbXcli_conn_disconnect(conn, NT_STATUS_INTERNAL_ERROR);
TALLOC_FREE(frame);
return;
}
* tevent_req_done().
*/
return;
- } else if (!NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
+ }
+
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
/*
* We got an error, so notify all pending requests
*/
uint8_t *hdr;
uint8_t cmd;
uint32_t wct_ofs;
+ NTSTATUS status;
+ size_t min_size = MIN_SMB_SIZE;
- buflen = smb_len_nbt(buf);
+ buflen = smb_len_tcp(buf);
taken = 0;
hdr = buf + NBT_HDR_SIZE;
- if (buflen < MIN_SMB_SIZE) {
+ status = smb1cli_pull_raw_error(hdr);
+ if (NT_STATUS_IS_ERR(status)) {
+ /*
+ * This is an ugly hack to support OS/2
+ * which skips the byte_count in the DATA block
+ * on some error responses.
+ *
+ * See bug #9096
+ */
+ min_size -= sizeof(uint16_t);
+ }
+
+ if (buflen < min_size) {
return NT_STATUS_INVALID_NETWORK_RESPONSE;
}
size_t needed;
/*
- * we need at least WCT and BCC
+ * we need at least WCT
*/
- needed = sizeof(uint8_t) + sizeof(uint16_t);
+ needed = sizeof(uint8_t);
if (len < needed) {
DEBUG(10, ("%s: %d bytes left, expected at least %d\n",
__location__, (int)len, (int)needed));
goto inval;
}
+ if ((num_iov == 1) &&
+ (len == needed) &&
+ NT_STATUS_IS_ERR(status))
+ {
+ /*
+ * This is an ugly hack to support OS/2
+ * which skips the byte_count in the DATA block
+ * on some error responses.
+ *
+ * See bug #9096
+ */
+ iov_tmp = talloc_realloc(mem_ctx, iov, struct iovec,
+ num_iov + 2);
+ if (iov_tmp == NULL) {
+ TALLOC_FREE(iov);
+ return NT_STATUS_NO_MEMORY;
+ }
+ iov = iov_tmp;
+ cur = &iov[num_iov];
+ num_iov += 2;
+
+ cur[0].iov_len = 0;
+ cur[0].iov_base = hdr + (wct_ofs + sizeof(uint8_t));
+ cur[1].iov_len = 0;
+ cur[1].iov_base = cur[0].iov_base;
+
+ taken += needed;
+ break;
+ }
+
+ /*
+ * we need at least BCC
+ */
+ needed += sizeof(uint16_t);
+ if (len < needed) {
+ DEBUG(10, ("%s: %d bytes left, expected at least %d\n",
+ __location__, (int)len, (int)needed));
+ goto inval;
+ }
+
/*
* Now we check if the specified bytes are there
*/
uint16_t mid;
bool oplock_break;
uint8_t *inhdr = inbuf + NBT_HDR_SIZE;
- size_t len = smb_len_nbt(inbuf);
+ size_t len = smb_len_tcp(inbuf);
struct iovec *iov = NULL;
int num_iov = 0;
struct tevent_req **chain = NULL;
cmd = CVAL(inhdr, HDR_COM);
status = smb1cli_pull_raw_error(inhdr);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_NETWORK_SESSION_EXPIRED) &&
+ (state->session != NULL) && state->session->disconnect_expired)
+ {
+ /*
+ * this should be a short term hack
+ * until the upper layers have implemented
+ * re-authentication.
+ */
+ return status;
+ }
+
if (state->smb1.chained_requests == NULL) {
if (num_iov != 3) {
return NT_STATUS_INVALID_NETWORK_RESPONSE;
|| (talloc_array_length(conn->pending) != 0));
}
+bool smbXcli_conn_dfs_supported(struct smbXcli_conn *conn)
+{
+ if (conn->protocol >= PROTOCOL_SMB2_02) {
+ return (smb2cli_conn_server_capabilities(conn) & SMB2_CAP_DFS);
+ }
+
+ return (smb1cli_conn_capabilities(conn) & CAP_DFS);
+}
+
+bool smb2cli_conn_req_possible(struct smbXcli_conn *conn, uint32_t *max_dyn_len)
+{
+ uint16_t credits = 1;
+
+ if (conn->smb2.cur_credits == 0) {
+ if (max_dyn_len != NULL) {
+ *max_dyn_len = 0;
+ }
+ return false;
+ }
+
+ if (conn->smb2.server.capabilities & SMB2_CAP_LARGE_MTU) {
+ credits = conn->smb2.cur_credits;
+ }
+
+ if (max_dyn_len != NULL) {
+ *max_dyn_len = credits * 65536;
+ }
+
+ return true;
+}
+
uint32_t smb2cli_conn_server_capabilities(struct smbXcli_conn *conn)
{
return conn->smb2.server.capabilities;
0, /* timeout */
tcon, session,
fixed, fixed_len,
- NULL, 0);
+ NULL, 0, 0);
if (subreq == NULL) {
return false;
}
const uint8_t *fixed,
uint16_t fixed_len,
const uint8_t *dyn,
- uint32_t dyn_len)
+ uint32_t dyn_len,
+ uint32_t max_dyn_len)
{
struct tevent_req *req;
struct smbXcli_req_state *state;
state->smb2.fixed_len = fixed_len;
state->smb2.dyn = dyn;
state->smb2.dyn_len = dyn_len;
+ state->smb2.max_dyn_len = max_dyn_len;
if (state->smb2.should_encrypt) {
SIVAL(state->smb2.transform, SMB2_TF_PROTOCOL_ID, SMB2_TF_MAGIC);
}
if (state->conn->smb2.server.capabilities & SMB2_CAP_LARGE_MTU) {
- charge = (MAX(state->smb2.dyn_len, 1) - 1)/ 65536 + 1;
+ uint32_t max_dyn_len = 1;
+
+ max_dyn_len = MAX(max_dyn_len, state->smb2.dyn_len);
+ max_dyn_len = MAX(max_dyn_len, state->smb2.max_dyn_len);
+
+ charge = (max_dyn_len - 1)/ 65536 + 1;
} else {
charge = 1;
}
const uint8_t *fixed,
uint16_t fixed_len,
const uint8_t *dyn,
- uint32_t dyn_len)
+ uint32_t dyn_len,
+ uint32_t max_dyn_len)
{
struct tevent_req *req;
NTSTATUS status;
additional_flags, clear_flags,
timeout_msec,
tcon, session,
- fixed, fixed_len, dyn, dyn_len);
+ fixed, fixed_len,
+ dyn, dyn_len,
+ max_dyn_len);
if (req == NULL) {
return NULL;
}
struct smbXcli_session *s;
uint64_t uid;
struct iovec tf_iov[2];
+ size_t enc_len;
NTSTATUS status;
if (len < SMB2_TF_HDR_SIZE) {
taken += tf_len;
hdr = first_hdr + taken;
- len = IVAL(tf, SMB2_TF_MSG_SIZE);
+ enc_len = IVAL(tf, SMB2_TF_MSG_SIZE);
uid = BVAL(tf, SMB2_TF_SESSION_ID);
+ if (len < SMB2_TF_HDR_SIZE + enc_len) {
+ DEBUG(10, ("%d bytes left, expected at least %d\n",
+ (int)len,
+ (int)(SMB2_TF_HDR_SIZE + enc_len)));
+ goto inval;
+ }
+
s = conn->sessions;
for (; s; s = s->next) {
if (s->smb2->session_id != uid) {
tf_iov[0].iov_base = (void *)tf;
tf_iov[0].iov_len = tf_len;
tf_iov[1].iov_base = (void *)hdr;
- tf_iov[1].iov_len = len;
+ tf_iov[1].iov_len = enc_len;
status = smb2_signing_decrypt_pdu(s->smb2->decryption_key,
conn->protocol,
return status;
}
- verified_buflen = taken + len;
+ verified_buflen = taken + enc_len;
+ len = enc_len;
}
/*
}
}
+ if (NT_STATUS_EQUAL(status, NT_STATUS_NETWORK_SESSION_EXPIRED) &&
+ (session != NULL) && session->disconnect_expired)
+ {
+ /*
+ * this should be a short term hack
+ * until the upper layers have implemented
+ * re-authentication.
+ */
+ return status;
+ }
+
smbXcli_req_unset_pending(req);
/*
{PROTOCOL_SMB2_22, SMB2_DIALECT_REVISION_222},
{PROTOCOL_SMB2_24, SMB2_DIALECT_REVISION_224},
{PROTOCOL_SMB3_00, SMB3_DIALECT_REVISION_300},
+ {PROTOCOL_SMB3_02, SMB3_DIALECT_REVISION_302},
};
struct smbXcli_negprot_state {
if (server_security_mode & NEGOTIATE_SECURITY_SIGNATURES_ENABLED) {
server_signing = "supported";
server_allowed = true;
+ } else if (conn->mandatory_signing) {
+ /*
+ * We have mandatory signing as client
+ * lets assume the server will look at our
+ * FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED
+ * flag in the session setup
+ */
+ server_signing = "not announced";
+ server_allowed = true;
}
if (server_security_mode & NEGOTIATE_SECURITY_SIGNATURES_REQUIRED) {
server_signing = "required";
state->timeout_msec,
NULL, NULL, /* tcon, session */
state->smb2.fixed, sizeof(state->smb2.fixed),
- state->smb2.dyn, dialect_count*2);
+ state->smb2.dyn, dialect_count*2,
+ UINT16_MAX); /* max_dyn_len */
}
static void smbXcli_negprot_smb2_done(struct tevent_req *subreq)
/*
* we got an SMB2 answer, which consumed sequence number 0
- * so we need to use 1 as the next one
+ * so we need to use 1 as the next one.
+ *
+ * we also need to set the current credits to 0
+ * as we consumed the initial one. The SMB2 answer
+ * hopefully grant us a new credit.
*/
conn->smb2.mid = 1;
+ conn->smb2.cur_credits = 0;
tevent_req_set_callback(subreq, smbXcli_negprot_smb2_done, req);
conn->dispatch_incoming = smb2cli_conn_dispatch_incoming;
return smb2cli_conn_dispatch_incoming(conn, tmp_mem, inbuf);
status = NT_STATUS_INVALID_PARAMETER_MIX;
goto fail;
}
- ev = tevent_context_init(frame);
+ ev = samba_tevent_context_init(frame);
if (ev == NULL) {
goto fail;
}
return session;
}
+struct smbXcli_session *smbXcli_session_copy(TALLOC_CTX *mem_ctx,
+ struct smbXcli_session *src)
+{
+ struct smbXcli_session *session;
+
+ session = talloc_zero(mem_ctx, struct smbXcli_session);
+ if (session == NULL) {
+ return NULL;
+ }
+ session->smb2 = talloc_zero(session, struct smb2cli_session);
+ if (session->smb2 == NULL) {
+ talloc_free(session);
+ return NULL;
+ }
+
+ session->conn = src->conn;
+ *session->smb2 = *src->smb2;
+ session->smb2_channel = src->smb2_channel;
+ session->disconnect_expired = src->disconnect_expired;
+
+ DLIST_ADD_END(src->conn->sessions, session, struct smbXcli_session *);
+ talloc_set_destructor(session, smbXcli_session_destructor);
+
+ return session;
+}
+
+
NTSTATUS smbXcli_session_application_key(struct smbXcli_session *session,
TALLOC_CTX *mem_ctx,
DATA_BLOB *key)
return NT_STATUS_OK;
}
+void smbXcli_session_set_disconnect_expired(struct smbXcli_session *session)
+{
+ session->disconnect_expired = true;
+}
+
uint16_t smb1cli_session_current_id(struct smbXcli_session *session)
{
return session->smb1.session_id;
struct smbXcli_conn *conn = session->conn;
uint16_t no_sign_flags;
uint8_t session_key[16];
+ bool check_signature = true;
+ uint32_t hdr_flags;
NTSTATUS status;
if (conn == NULL) {
return NT_STATUS_INVALID_PARAMETER_MIX;
}
+ if (recv_iov[0].iov_len != SMB2_HDR_BODY) {
+ return NT_STATUS_INVALID_PARAMETER_MIX;
+ }
+
no_sign_flags = SMB2_SESSION_FLAG_IS_GUEST | SMB2_SESSION_FLAG_IS_NULL;
if (session->smb2->session_flags & no_sign_flags) {
return NT_STATUS_NO_MEMORY;
}
- status = smb2_signing_check_pdu(session->smb2_channel.signing_key,
- session->conn->protocol,
- recv_iov, 3);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
+ check_signature = conn->mandatory_signing;
+
+ hdr_flags = IVAL(recv_iov[0].iov_base, SMB2_HDR_FLAGS);
+ if (hdr_flags & SMB2_HDR_FLAG_SIGNED) {
+ /*
+ * Sadly some vendors don't sign the
+ * final SMB2 session setup response
+ *
+ * At least Windows and Samba are always doing this
+ * if there's a session key available.
+ *
+ * We only check the signature if it's mandatory
+ * or SMB2_HDR_FLAG_SIGNED is provided.
+ */
+ check_signature = true;
+ }
+
+ if (check_signature) {
+ status = smb2_signing_check_pdu(session->smb2_channel.signing_key,
+ session->conn->protocol,
+ recv_iov, 3);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
}
session->smb2->should_sign = false;
return NT_STATUS_OK;
}
+NTSTATUS smb2cli_session_encryption_on(struct smbXcli_session *session)
+{
+ if (session->smb2->should_encrypt) {
+ return NT_STATUS_OK;
+ }
+
+ if (session->conn->protocol < PROTOCOL_SMB2_24) {
+ return NT_STATUS_NOT_SUPPORTED;
+ }
+
+ if (!(session->conn->smb2.server.capabilities & SMB2_CAP_ENCRYPTION)) {
+ return NT_STATUS_NOT_SUPPORTED;
+ }
+
+ if (session->smb2->signing_key.data == NULL) {
+ return NT_STATUS_NOT_SUPPORTED;
+ }
+ session->smb2->should_encrypt = true;
+ return NT_STATUS_OK;
+}
+
struct smbXcli_tcon *smbXcli_tcon_create(TALLOC_CTX *mem_ctx)
{
struct smbXcli_tcon *tcon;
return tcon;
}
+void smbXcli_tcon_set_fs_attributes(struct smbXcli_tcon *tcon,
+ uint32_t fs_attributes)
+{
+ tcon->fs_attributes = fs_attributes;
+}
+
+uint32_t smbXcli_tcon_get_fs_attributes(struct smbXcli_tcon *tcon)
+{
+ return tcon->fs_attributes;
+}
+
+bool smbXcli_tcon_is_dfs_share(struct smbXcli_tcon *tcon)
+{
+ if (tcon == NULL) {
+ return false;
+ }
+
+ if (tcon->is_smb1) {
+ if (tcon->smb1.optional_support & SMB_SHARE_IN_DFS) {
+ return true;
+ }
+
+ return false;
+ }
+
+ if (tcon->smb2.capabilities & SMB2_SHARE_CAP_DFS) {
+ return true;
+ }
+
+ return false;
+}
+
uint16_t smb1cli_tcon_current_id(struct smbXcli_tcon *tcon)
{
return tcon->smb1.tcon_id;
void smb1cli_tcon_set_id(struct smbXcli_tcon *tcon, uint16_t tcon_id)
{
+ tcon->is_smb1 = true;
tcon->smb1.tcon_id = tcon_id;
}
const char *service,
const char *fs_type)
{
+ tcon->is_smb1 = true;
+ tcon->fs_attributes = 0;
tcon->smb1.tcon_id = tcon_id;
tcon->smb1.optional_support = optional_support;
tcon->smb1.maximal_access = maximal_access;
uint32_t capabilities,
uint32_t maximal_access)
{
+ tcon->is_smb1 = false;
+ tcon->fs_attributes = 0;
tcon->smb2.tcon_id = tcon_id;
tcon->smb2.type = type;
tcon->smb2.flags = flags;
tcon->smb2.should_encrypt = true;
}
}
+
+bool smb2cli_tcon_is_encryption_on(struct smbXcli_tcon *tcon)
+{
+ return tcon->smb2.should_encrypt;
+}