port latest changes from SAMBA_3_0 tree

(This used to be commit 3101c236b8241dc0183995ffceed551876427de4)
author: Simo Sorce <idra@samba.org> 2003-08-02 20:06:57 +0000
committer: Simo Sorce <idra@samba.org> 2003-08-02 20:06:57 +0000
commit: 04bf12b176d5abe06b7f1401810369bcafe0b611 (patch)
tree: 8bb6627c3ffa4cab902787b874206f8012a33e3a /source3/libsmb/smb_signing.c
parent: 7efce478976e2ac71bcaf4e4d1049bb263634711 (diff)
download: samba-04bf12b176d5abe06b7f1401810369bcafe0b611.tar.gz
samba-04bf12b176d5abe06b7f1401810369bcafe0b611.tar.bz2
samba-04bf12b176d5abe06b7f1401810369bcafe0b611.zip
1 files changed, 622 insertions, 108 deletions
diff --git a/source3/libsmb/smb_signing.c b/source3/libsmb/smb_signing.c
index d4f77bf07c..4167452953 100644
--- a/source3/libsmb/smb_signing.c
+++ b/source3/libsmb/smb_signing.c
@@ -1,7 +1,7 @@
 /* 
    Unix SMB/CIFS implementation.
    SMB Signing Code
-   Copyright (C) Jeremy Allison 2002.
+   Copyright (C) Jeremy Allison 2003.
    Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
    
    This program is free software; you can redistribute it and/or modify
@@ -28,9 +28,17 @@ struct outstanding_packet_lookup {
 	struct outstanding_packet_lookup *prev, *next;
 };
 
+/* Store the data for an ongoing trans/trans2/nttrans operation. */
+struct trans_info_context {
+	uint16 mid;
+	uint32 send_seq_num;
+	uint32 reply_seq_num;
+};
+
 struct smb_basic_signing_context {
 	DATA_BLOB mac_key;
 	uint32 send_seq_num;
+	struct trans_info_context *trans_info;
 	struct outstanding_packet_lookup *outstanding_packet_list;
 };
 
@@ -46,6 +54,8 @@ static void store_sequence_for_reply(struct outstanding_packet_lookup **list,
 	DLIST_ADD_END(*list, t, tmp);
 	t->mid = mid;
 	t->reply_seq_num = reply_seq_num;
+	DEBUG(10,("store_sequence_for_reply: stored seq = %u mid = %u\n",
+			(unsigned int)reply_seq_num, (unsigned int)mid ));
 }
 
 static BOOL get_sequence_for_reply(struct outstanding_packet_lookup **list,
@@ -56,12 +66,13 @@ static BOOL get_sequence_for_reply(struct outstanding_packet_lookup **list,
 	for (t = *list; t; t = t->next) {
 		if (t->mid == mid) {
 			*reply_seq_num = t->reply_seq_num;
+			DEBUG(10,("get_sequence_for_reply: found seq = %u mid = %u\n",
+				(unsigned int)t->reply_seq_num, (unsigned int)t->mid ));
 			DLIST_REMOVE(*list, t);
+			SAFE_FREE(t);
 			return True;
 		}
 	}
-	DEBUG(0, ("Unexpected incoming packet, it's MID (%u) does not match"
-		  " a MID in our outstanding list!\n", mid));
 	return False;
 }
 
@@ -81,7 +92,7 @@ static BOOL cli_set_smb_signing_common(struct cli_state *cli)
 	}
 	
 	if (cli->sign_info.free_signing_context)
-		cli->sign_info.free_signing_context(cli);
+		cli->sign_info.free_signing_context(&cli->sign_info);
 
 	/* These calls are INCOMPATIBLE with SMB signing */
 	cli->readbraw_supported = False;
@@ -94,42 +105,107 @@ static BOOL cli_set_smb_signing_common(struct cli_state *cli)
  SMB signing - Common code for 'real' implementations
 ************************************************************/
 
-static BOOL cli_set_smb_signing_real_common(struct cli_state *cli) 
+static BOOL set_smb_signing_real_common(struct smb_sign_info *si)
 {
-	if (cli->sign_info.mandatory_signing) {
+	if (si->mandatory_signing) {
 		DEBUG(5, ("Mandatory SMB signing enabled!\n"));
-		cli->sign_info.doing_signing = True;
 	}
 
+	si->doing_signing = True;
 	DEBUG(5, ("SMB signing enabled!\n"));
 
 	return True;
 }
 
-static void cli_mark_packet_signed(struct cli_state *cli) 
+static void mark_packet_signed(char *outbuf)
 {
 	uint16 flags2;
-	flags2 = SVAL(cli->outbuf,smb_flg2);
+	flags2 = SVAL(outbuf,smb_flg2);
 	flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES;
-	SSVAL(cli->outbuf,smb_flg2, flags2);
+	SSVAL(outbuf,smb_flg2, flags2);
+}
+
+/***********************************************************
+ SMB signing - NULL implementation - calculate a MAC to send.
+************************************************************/
+
+static void null_sign_outgoing_message(char *outbuf, struct smb_sign_info *si)
+{
+	/* we can't zero out the sig, as we might be trying to send a
+	   session request - which is NBT-level, not SMB level and doesn't
+	   have the field */
+	return;
+}
+
+/***********************************************************
+ SMB signing - NULL implementation - check a MAC sent by server.
+************************************************************/
+
+static BOOL null_check_incoming_message(char *inbuf, struct smb_sign_info *si)
+{
+	return True;
 }
 
-static BOOL cli_signing_good(struct cli_state *cli, BOOL good) 
+/***********************************************************
+ SMB signing - NULL implementation - free signing context
+************************************************************/
+
+static void null_free_signing_context(struct smb_sign_info *si)
 {
-	DEBUG(10, ("got SMB signature of\n"));
-	dump_data(10,&cli->inbuf[smb_ss_field] , 8);
+	return;
+}
 
-	if (good && !cli->sign_info.doing_signing) {
-		cli->sign_info.doing_signing = True;
+/**
+ SMB signing - NULL implementation - setup the MAC key.
+
+ @note Used as an initialisation only - it will not correctly
+       shut down a real signing mechanism
+*/
+
+static BOOL null_set_signing(struct smb_sign_info *si)
+{
+	si->signing_context = NULL;
+	
+	si->sign_outgoing_message = null_sign_outgoing_message;
+	si->check_incoming_message = null_check_incoming_message;
+	si->free_signing_context = null_free_signing_context;
+
+	return True;
+}
+
+/**
+ * Free the signing context
+ */
+ 
+static void free_signing_context(struct smb_sign_info *si)
+{
+	if (si->free_signing_context) {
+		si->free_signing_context(si);
+		si->signing_context = NULL;
+	}
+
+	null_set_signing(si);
+}
+
+
+static BOOL signing_good(char *inbuf, struct smb_sign_info *si, BOOL good) 
+{
+	if (good && !si->doing_signing) {
+		si->doing_signing = True;
 	}
 
 	if (!good) {
-		if (cli->sign_info.doing_signing) {
-			DEBUG(1, ("SMB signature check failed!\n"));
+		if (si->doing_signing) {
+			struct smb_basic_signing_context *data = si->signing_context;
+
+			/* W2K sends a bad first signature but the sign engine is on.... JRA. */
+			if (data->send_seq_num > 1)
+				DEBUG(1, ("signing_good: SMB signature check failed!\n"));
+
 			return False;
 		} else {
-			DEBUG(3, ("Server did not sign reply correctly\n"));
-			cli_free_signing_context(cli);
+			DEBUG(3, ("signing_good: Peer did not sign reply correctly\n"));
+			free_signing_context(si);
 			return False;
 		}
 	}
@@ -155,13 +231,15 @@ static void simple_packet_signature(struct smb_basic_signing_context *data,
 	 * We do this here, to avoid modifying the packet.
 	 */
 
+	DEBUG(10,("simple_packet_signature: sequence number %u\n", seq_number ));
+
 	SIVAL(sequence_buf, 0, seq_number);
 	SIVAL(sequence_buf, 4, 0);
 
 	/* Calculate the 16 byte MAC - but don't alter the data in the
 	   incoming packet.
 	   
-	   This makes for a bit for fussing about, but it's not too bad.
+	   This makes for a bit of fussing about, but it's not too bad.
 	*/
 	MD5Init(&md5_ctx);
 
@@ -179,82 +257,130 @@ static void simple_packet_signature(struct smb_basic_signing_context *data,
 	MD5Update(&md5_ctx, buf + offset_end_of_sig, 
 		  smb_len(buf) - (offset_end_of_sig - 4));
 
-	/* caclulate the MD5 sig */ 
+	/* calculate the MD5 sig */ 
 	MD5Final(calc_md5_mac, &md5_ctx);
 }
 
 
 /***********************************************************
- SMB signing - Simple implementation - send the MAC.
+ SMB signing - Client implementation - send the MAC.
 ************************************************************/
 
-static void cli_simple_sign_outgoing_message(struct cli_state *cli)
+static void client_sign_outgoing_message(char *outbuf, struct smb_sign_info *si)
 {
 	unsigned char calc_md5_mac[16];
-	struct smb_basic_signing_context *data = cli->sign_info.signing_context;
+	struct smb_basic_signing_context *data = si->signing_context;
+	uint32 send_seq_num;
+
+	if (!si->doing_signing)
+		return;
+
+	/* JRA Paranioa test - we should be able to get rid of this... */
+	if (smb_len(outbuf) < (smb_ss_field + 8 - 4)) {
+		DEBUG(1, ("client_sign_outgoing_message: Logic error. Can't check signature on short packet! smb_len = %u\n",
+					smb_len(outbuf) ));
+		abort();
+	}
 
 	/* mark the packet as signed - BEFORE we sign it...*/
-	cli_mark_packet_signed(cli);
+	mark_packet_signed(outbuf);
 
-	simple_packet_signature(data, cli->outbuf, data->send_seq_num, 
-				calc_md5_mac);
+	if (data->trans_info)
+		send_seq_num = data->trans_info->send_seq_num;
+	else
+		send_seq_num = data->send_seq_num;
 
-	DEBUG(10, ("sent SMB signature of\n"));
+	simple_packet_signature(data, outbuf, send_seq_num, calc_md5_mac);
+
+	DEBUG(10, ("client_sign_outgoing_message: sent SMB signature of\n"));
 	dump_data(10, calc_md5_mac, 8);
 
-	memcpy(&cli->outbuf[smb_ss_field], calc_md5_mac, 8);
+	memcpy(&outbuf[smb_ss_field], calc_md5_mac, 8);
 
 /*	cli->outbuf[smb_ss_field+2]=0; 
 	Uncomment this to test if the remote server actually verifies signatures...*/
 
+	if (data->trans_info)
+		return;
+
 	data->send_seq_num++;
 	store_sequence_for_reply(&data->outstanding_packet_list, 
-				 cli->mid, 
+				 SVAL(outbuf,smb_mid),
 				 data->send_seq_num);
 	data->send_seq_num++;
 }
 
 /***********************************************************
- SMB signing - Simple implementation - check a MAC sent by server.
+ SMB signing - Client implementation - check a MAC sent by server.
 ************************************************************/
 
-static BOOL cli_simple_check_incoming_message(struct cli_state *cli)
+static BOOL client_check_incoming_message(char *inbuf, struct smb_sign_info *si)
 {
 	BOOL good;
 	uint32 reply_seq_number;
 	unsigned char calc_md5_mac[16];
 	unsigned char *server_sent_mac;
 
-	struct smb_basic_signing_context *data = cli->sign_info.signing_context;
+	struct smb_basic_signing_context *data = si->signing_context;
+
+	if (!si->doing_signing)
+		return True;
 
-	if (!get_sequence_for_reply(&data->outstanding_packet_list, 
-				    SVAL(cli->inbuf, smb_mid), 
+	if (smb_len(inbuf) < (smb_ss_field + 8 - 4)) {
+		DEBUG(1, ("client_check_incoming_message: Can't check signature on short packet! smb_len = %u\n", smb_len(inbuf)));
+		return False;
+	}
+
+	if (data->trans_info) {
+		reply_seq_number = data->trans_info->reply_seq_num;
+	} else if (!get_sequence_for_reply(&data->outstanding_packet_list, 
+				    SVAL(inbuf, smb_mid), 
 				    &reply_seq_number)) {
+		DEBUG(1, ("client_check_incoming_message: failed to get sequence number %u for reply.\n",
+					(unsigned int) SVAL(inbuf, smb_mid) ));
 		return False;
 	}
 
-	simple_packet_signature(data, cli->inbuf, reply_seq_number, calc_md5_mac);
+	simple_packet_signature(data, inbuf, reply_seq_number, calc_md5_mac);
 
-	server_sent_mac = &cli->inbuf[smb_ss_field];
+	server_sent_mac = &inbuf[smb_ss_field];
 	good = (memcmp(server_sent_mac, calc_md5_mac, 8) == 0);
 	
 	if (!good) {
-		DEBUG(5, ("BAD SIG: wanted SMB signature of\n"));
+		DEBUG(5, ("client_check_incoming_message: BAD SIG: wanted SMB signature of\n"));
 		dump_data(5, calc_md5_mac, 8);
 		
-		DEBUG(5, ("BAD SIG: got SMB signature of\n"));
+		DEBUG(5, ("client_check_incoming_message: BAD SIG: got SMB signature of\n"));
 		dump_data(5, server_sent_mac, 8);
+#if 1 /* JRATEST */
+		{
+			int i;
+			reply_seq_number -= 5;
+			for (i = 0; i < 10; i++, reply_seq_number++) {
+				simple_packet_signature(data, inbuf, reply_seq_number, calc_md5_mac);
+				if (memcmp(server_sent_mac, calc_md5_mac, 8) == 0) {
+					DEBUG(0,("client_check_incoming_message: out of seq. seq num %u matches.\n",
+							reply_seq_number ));
+					break;
+				}
+			}
+		}
+#endif /* JRATEST */
+
+	} else {
+		DEBUG(10, ("client_check_incoming_message:: seq %u: got good SMB signature of\n", (unsigned int)reply_seq_number));
+		dump_data(10, server_sent_mac, 8);
 	}
-	return cli_signing_good(cli, good);
+	return signing_good(inbuf, si, good);
 }
 
 /***********************************************************
  SMB signing - Simple implementation - free signing context
 ************************************************************/
 
-static void cli_simple_free_signing_context(struct cli_state *cli)
+static void simple_free_signing_context(struct smb_sign_info *si)
 {
-	struct smb_basic_signing_context *data = cli->sign_info.signing_context;
+	struct smb_basic_signing_context *data = si->signing_context;
 	struct outstanding_packet_lookup *list = data->outstanding_packet_list;
 	
 	while (list) {
@@ -264,7 +390,11 @@ static void cli_simple_free_signing_context(struct cli_state *cli)
 	}
 
 	data_blob_free(&data->mac_key);
-	SAFE_FREE(cli->sign_info.signing_context);
+
+	if (data->trans_info)
+		SAFE_FREE(data->trans_info);
+
+	SAFE_FREE(si->signing_context);
 
 	return;
 }
@@ -284,18 +414,29 @@ BOOL cli_simple_set_signing(struct cli_state *cli, const uchar user_session_key[
 		return False;
 	}
 
-	if (!cli_set_smb_signing_real_common(cli)) {
+	if (!set_smb_signing_real_common(&cli->sign_info)) {
 		return False;
 	}
 
 	data = smb_xmalloc(sizeof(*data));
+	memset(data, '\0', sizeof(*data));
 
 	cli->sign_info.signing_context = data;
 	
 	data->mac_key = data_blob(NULL, response.length + 16);
 
 	memcpy(&data->mac_key.data[0], user_session_key, 16);
-	memcpy(&data->mac_key.data[16],response.data, response.length);
+
+	DEBUG(10, ("cli_simple_set_signing: user_session_key\n"));
+	dump_data(10, user_session_key, 16);
+
+	if (response.length) {
+		memcpy(&data->mac_key.data[16],response.data, response.length);
+		DEBUG(10, ("cli_simple_set_signing: response_data\n"));
+		dump_data(10, response.data, response.length);
+	} else {
+		DEBUG(10, ("cli_simple_set_signing: NULL response_data\n"));
+	}
 
 	/* Initialise the sequence number */
 	data->send_seq_num = 0;
@@ -303,73 +444,68 @@ BOOL cli_simple_set_signing(struct cli_state *cli, const uchar user_session_key[
 	/* Initialise the list of outstanding packets */
 	data->outstanding_packet_list = NULL;
 
-	cli->sign_info.sign_outgoing_message = cli_simple_sign_outgoing_message;
-	cli->sign_info.check_incoming_message = cli_simple_check_incoming_message;
-	cli->sign_info.free_signing_context = cli_simple_free_signing_context;
+	cli->sign_info.sign_outgoing_message = client_sign_outgoing_message;
+	cli->sign_info.check_incoming_message = client_check_incoming_message;
+	cli->sign_info.free_signing_context = simple_free_signing_context;
 
 	return True;
 }
 
 /***********************************************************
- SMB signing - NULL implementation - calculate a MAC to send.
+ Tell client code we are in a multiple trans reply state.
 ************************************************************/
 
-static void cli_null_sign_outgoing_message(struct cli_state *cli)
+void cli_signing_trans_start(struct cli_state *cli)
 {
-	/* we can't zero out the sig, as we might be trying to send a
-	   session request - which is NBT-level, not SMB level and doesn't
-	   have the field */
-	return;
-}
+	struct smb_basic_signing_context *data = cli->sign_info.signing_context;
 
-/***********************************************************
- SMB signing - NULL implementation - check a MAC sent by server.
-************************************************************/
+	if (!cli->sign_info.doing_signing || !data)
+		return;
 
-static BOOL cli_null_check_incoming_message(struct cli_state *cli)
-{
-	return True;
+	data->trans_info = smb_xmalloc(sizeof(struct trans_info_context));
+	ZERO_STRUCTP(data->trans_info);
+
+	data->trans_info->send_seq_num = data->send_seq_num;
+	data->trans_info->mid = SVAL(cli->outbuf,smb_mid);
+	data->trans_info->reply_seq_num = data->send_seq_num+1;
+
+	DEBUG(10,("cli_signing_trans_start: storing mid = %u, reply_seq_num = %u, send_seq_num = %u \
+data->send_seq_num = %u\n",
+			(unsigned int)data->trans_info->mid,
+			(unsigned int)data->trans_info->reply_seq_num,
+			(unsigned int)data->trans_info->send_seq_num,
+			(unsigned int)data->send_seq_num ));
 }
 
 /***********************************************************
- SMB signing - NULL implementation - free signing context
+ Tell client code we are out of a multiple trans reply state.
 ************************************************************/
 
-static void cli_null_free_signing_context(struct cli_state *cli)
+void cli_signing_trans_stop(struct cli_state *cli)
 {
-	return;
-}
+	struct smb_basic_signing_context *data = cli->sign_info.signing_context;
 
-/**
- SMB signing - NULL implementation - setup the MAC key.
+	if (!cli->sign_info.doing_signing || !data)
+		return;
 
- @note Used as an initialisation only - it will not correctly
-       shut down a real signing mechanism
-*/
+	SAFE_FREE(data->trans_info);
+	data->trans_info = NULL;
 
-BOOL cli_null_set_signing(struct cli_state *cli)
-{
-	cli->sign_info.signing_context = NULL;
-	
-	cli->sign_info.sign_outgoing_message = cli_null_sign_outgoing_message;
-	cli->sign_info.check_incoming_message = cli_null_check_incoming_message;
-	cli->sign_info.free_signing_context = cli_null_free_signing_context;
-
-	return True;
+	data->send_seq_num += 2;
 }
 
 /***********************************************************
  SMB signing - TEMP implementation - calculate a MAC to send.
 ************************************************************/
 
-static void cli_temp_sign_outgoing_message(struct cli_state *cli)
+static void temp_sign_outgoing_message(char *outbuf, struct smb_sign_info *si)
 {
 	/* mark the packet as signed - BEFORE we sign it...*/
-	cli_mark_packet_signed(cli);
+	mark_packet_signed(outbuf);
 
 	/* I wonder what BSRSPYL stands for - but this is what MS 
 	   actually sends! */
-	memcpy(&cli->outbuf[smb_ss_field], "BSRSPYL ", 8);
+	memcpy(&outbuf[smb_ss_field], "BSRSPYL ", 8);
 	return;
 }
 
@@ -377,7 +513,7 @@ static void cli_temp_sign_outgoing_message(struct cli_state *cli)
  SMB signing - TEMP implementation - check a MAC sent by server.
 ************************************************************/
 
-static BOOL cli_temp_check_incoming_message(struct cli_state *cli)
+static BOOL temp_check_incoming_message(char *inbuf, struct smb_sign_info *si)
 {
 	return True;
 }
@@ -386,7 +522,7 @@ static BOOL cli_temp_check_incoming_message(struct cli_state *cli)
  SMB signing - TEMP implementation - free signing context
 ************************************************************/
 
-static void cli_temp_free_signing_context(struct cli_state *cli)
+static void temp_free_signing_context(struct smb_sign_info *si)
 {
 	return;
 }
@@ -395,6 +531,15 @@ static void cli_temp_free_signing_context(struct cli_state *cli)
  SMB signing - NULL implementation - setup the MAC key.
 ************************************************************/
 
+BOOL cli_null_set_signing(struct cli_state *cli)
+{
+	return null_set_signing(&cli->sign_info);
+}
+
+/***********************************************************
+ SMB signing - temp implementation - setup the MAC key.
+************************************************************/
+
 BOOL cli_temp_set_signing(struct cli_state *cli)
 {
 	if (!cli_set_smb_signing_common(cli)) {
@@ -403,58 +548,427 @@ BOOL cli_temp_set_signing(struct cli_state *cli)
 
 	cli->sign_info.signing_context = NULL;
 	
-	cli->sign_info.sign_outgoing_message = cli_temp_sign_outgoing_message;
-	cli->sign_info.check_incoming_message = cli_temp_check_incoming_message;
-	cli->sign_info.free_signing_context = cli_temp_free_signing_context;
+	cli->sign_info.sign_outgoing_message = temp_sign_outgoing_message;
+	cli->sign_info.check_incoming_message = temp_check_incoming_message;
+	cli->sign_info.free_signing_context = temp_free_signing_context;
 
 	return True;
 }
 
-/**
- * Free the signing context
- */
- 
-void cli_free_signing_context(struct cli_state *cli) 
+void cli_free_signing_context(struct cli_state *cli)
 {
-	if (cli->sign_info.free_signing_context) 
-		cli->sign_info.free_signing_context(cli);
-
-	cli_null_set_signing(cli);
+	free_signing_context(&cli->sign_info);
 }
 
 /**
  * Sign a packet with the current mechanism
  */
  
-void cli_caclulate_sign_mac(struct cli_state *cli)
+void cli_calculate_sign_mac(struct cli_state *cli)
 {
-	cli->sign_info.sign_outgoing_message(cli);
+	cli->sign_info.sign_outgoing_message(cli->outbuf, &cli->sign_info);
 }
 
 /**
  * Check a packet with the current mechanism
  * @return False if we had an established signing connection
- *         which had a back checksum, True otherwise
+ *         which had a bad checksum, True otherwise.
  */
  
 BOOL cli_check_sign_mac(struct cli_state *cli) 
 {
+	if (!cli->sign_info.check_incoming_message(cli->inbuf, &cli->sign_info)) {
+		free_signing_context(&cli->sign_info);	
+		return False;
+	}
+	return True;
+}
+
+static BOOL packet_is_oplock_break(char *buf)
+{
+	if (CVAL(buf,smb_com) != SMBlockingX)
+		return False;
+
+	if (CVAL(buf,smb_vwv3) != LOCKING_ANDX_OPLOCK_RELEASE)
+		return False;
+
+	return True;
+}
+
+/***********************************************************
+ SMB signing - Server implementation - send the MAC.
+************************************************************/
+
+static void srv_sign_outgoing_message(char *outbuf, struct smb_sign_info *si)
+{
+	unsigned char calc_md5_mac[16];
+	struct smb_basic_signing_context *data = si->signing_context;
+	uint32 send_seq_number = data->send_seq_num;
+	BOOL was_deferred_packet = False;
+	uint16 mid;
+
+	if (!si->doing_signing) {
+		if (si->allow_smb_signing && si->negotiated_smb_signing) {
+			mid = SVAL(outbuf, smb_mid);
+
+			was_deferred_packet = get_sequence_for_reply(&data->outstanding_packet_list, 
+						    mid, &send_seq_number);
+			if (!was_deferred_packet) {
+				/*
+				 * Is this an outgoing oplock break ? If so, store the
+				 * mid in the outstanding list. 
+				 */
+
+				if (packet_is_oplock_break(outbuf)) {
+					store_sequence_for_reply(&data->outstanding_packet_list, 
+								 mid, data->send_seq_num);
+				}
+
+				data->send_seq_num++;
+			}
+		}
+		return;
+	}
+
+	/* JRA Paranioa test - we should be able to get rid of this... */
+	if (smb_len(outbuf) < (smb_ss_field + 8 - 4)) {
+		DEBUG(1, ("srv_sign_outgoing_message: Logic error. Can't send signature on short packet! smb_len = %u\n",
+					smb_len(outbuf) ));
+		abort();
+	}
+
+	/* mark the packet as signed - BEFORE we sign it...*/
+	mark_packet_signed(outbuf);
+
+	mid = SVAL(outbuf, smb_mid);
+
+	/* See if this is a reply for a deferred packet. */
+	was_deferred_packet = get_sequence_for_reply(&data->outstanding_packet_list, mid, &send_seq_number);
+
+	if (data->trans_info && (data->trans_info->mid == mid)) {
+		/* This is a reply in a trans stream. Use the sequence
+		 * number associated with the stream mid. */
+		send_seq_number = data->trans_info->send_seq_num;
+	}
+
+	simple_packet_signature(data, outbuf, send_seq_number, calc_md5_mac);
+
+	DEBUG(10, ("srv_sign_outgoing_message: seq %u: sent SMB signature of\n", (unsigned int)send_seq_number));
+	dump_data(10, calc_md5_mac, 8);
+
+	memcpy(&outbuf[smb_ss_field], calc_md5_mac, 8);
+
+/*	cli->outbuf[smb_ss_field+2]=0; 
+	Uncomment this to test if the remote server actually verifies signatures...*/
+
+	if (!was_deferred_packet) {
+	       	if (!data->trans_info) {
+			/* Always increment if not in a trans stream. */
+			data->send_seq_num++;
+		} else if ((data->trans_info->send_seq_num == data->send_seq_num) || (data->trans_info->mid != mid)) {
+			/* Increment if this is the first reply in a trans stream or a
+			 * packet that doesn't belong to this stream (different mid). */
+			data->send_seq_num++;
+		}
+	}
+}
+
+/***********************************************************
+ SMB signing - Server implementation - check a MAC sent by server.
+************************************************************/
+
+static BOOL srv_check_incoming_message(char *inbuf, struct smb_sign_info *si)
+{
 	BOOL good;
+	struct smb_basic_signing_context *data = si->signing_context;
+	uint32 reply_seq_number = data->send_seq_num;
+	unsigned char calc_md5_mac[16];
+	unsigned char *server_sent_mac;
+	uint mid;
+
+	if (!si->doing_signing)
+		return True;
 
-	if (smb_len(cli->inbuf) < (smb_ss_field + 8 - 4)) {
-		DEBUG(cli->sign_info.doing_signing ? 1 : 10, ("Can't check signature on short packet! smb_len = %u\n", smb_len(cli->inbuf)));
-		good = False;
+	if (smb_len(inbuf) < (smb_ss_field + 8 - 4)) {
+		DEBUG(1, ("srv_check_incoming_message: Can't check signature on short packet! smb_len = %u\n", smb_len(inbuf)));
+		return False;
+	}
+
+	mid = SVAL(inbuf, smb_mid);
+
+	/* Is this part of a trans stream ? */
+	if (data->trans_info && (data->trans_info->mid == mid)) {
+		/* If so we don't increment the sequence. */
+		reply_seq_number = data->trans_info->reply_seq_num;
 	} else {
-		good = cli->sign_info.check_incoming_message(cli);
+		/* We always increment the sequence number. */
+		data->send_seq_num++;
+		/* Oplock break requests store an outgoing mid in the packet list. */
+		if (packet_is_oplock_break(inbuf))
+			get_sequence_for_reply(&data->outstanding_packet_list, mid, &reply_seq_number);
 	}
 
+	simple_packet_signature(data, inbuf, reply_seq_number, calc_md5_mac);
+
+	server_sent_mac = &inbuf[smb_ss_field];
+	good = (memcmp(server_sent_mac, calc_md5_mac, 8) == 0);
+	
 	if (!good) {
-		if (cli->sign_info.doing_signing) {
-			return False;
-		} else {
-			cli_free_signing_context(cli);	
+
+		DEBUG(5, ("srv_check_incoming_message: BAD SIG: wanted SMB signature of\n"));
+		dump_data(5, calc_md5_mac, 8);
+		
+		DEBUG(5, ("srv_check_incoming_message: BAD SIG: got SMB signature of\n"));
+		dump_data(5, server_sent_mac, 8);
+
+#if 1 /* JRATEST */
+		{
+			int i;
+			reply_seq_number -= 5;
+			for (i = 0; i < 10; i++, reply_seq_number++) {
+				simple_packet_signature(data, inbuf, reply_seq_number, calc_md5_mac);
+				if (memcmp(server_sent_mac, calc_md5_mac, 8) == 0) {
+					DEBUG(0,("srv_check_incoming_message: out of seq. seq num %u matches.\n",
+							reply_seq_number ));
+					break;
+				}
+			}
 		}
+#endif /* JRATEST */
+
+	} else {
+		DEBUG(10, ("srv_check_incoming_message: seq %u: got good SMB signature of\n", (unsigned int)reply_seq_number));
+		dump_data(10, server_sent_mac, 8);
 	}
+	return signing_good(inbuf, si, good);
+}
 
-	return True;
+/***********************************************************
+ SMB signing - server API's.
+************************************************************/
+
+static struct smb_sign_info srv_sign_info = {
+	null_sign_outgoing_message,
+	null_check_incoming_message,
+	null_free_signing_context,
+	NULL,
+	False,
+	False,
+	False,
+	False
+};
+
+/***********************************************************
+ Turn signing off or on for oplock break code.
+************************************************************/
+
+BOOL srv_oplock_set_signing(BOOL onoff)
+{
+	BOOL ret = srv_sign_info.doing_signing;
+	srv_sign_info.doing_signing = onoff;
+	return ret;
+}
+
+/***********************************************************
+ Called to validate an incoming packet from the client.
+************************************************************/
+
+BOOL srv_check_sign_mac(char *inbuf)
+{
+	/* Check if it's a session keepalive. */
+	if(CVAL(inbuf,0) == SMBkeepalive)
+		return True;
+
+	return srv_sign_info.check_incoming_message(inbuf, &srv_sign_info);
+}
+
+/***********************************************************
+ Called to sign an outgoing packet to the client.
+************************************************************/
+
+void srv_calculate_sign_mac(char *outbuf)
+{
+	/* Check if it's a session keepalive. */
+	/* JRA Paranioa test - do we ever generate these in the server ? */
+	if(CVAL(outbuf,0) == SMBkeepalive)
+		return;
+
+	srv_sign_info.sign_outgoing_message(outbuf, &srv_sign_info);
+}
+
+/***********************************************************
+ Called by server to defer an outgoing packet.
+************************************************************/
+
+void srv_defer_sign_response(uint16 mid)
+{
+	struct smb_basic_signing_context *data;
+
+	if (!srv_sign_info.doing_signing)
+		return;
+
+	data = (struct smb_basic_signing_context *)srv_sign_info.signing_context;
+
+	if (!data)
+		return;
+
+	store_sequence_for_reply(&data->outstanding_packet_list, 
+				 mid, data->send_seq_num);
+	data->send_seq_num++;
+}
+
+/***********************************************************
+ Called to remove sequence records when a deferred packet is
+ cancelled by mid. This should never find one....
+************************************************************/
+
+void srv_cancel_sign_response(uint16 mid)
+{
+	struct smb_basic_signing_context *data;
+	uint32 dummy_seq;
+
+	if (!srv_sign_info.doing_signing)
+		return;
+
+	data = (struct smb_basic_signing_context *)srv_sign_info.signing_context;
+
+	if (!data)
+		return;
+
+	DEBUG(10,("srv_cancel_sign_response: for mid %u\n", (unsigned int)mid ));
+
+	while (get_sequence_for_reply(&data->outstanding_packet_list, mid, &dummy_seq))
+		;
+}
+
+/***********************************************************
+ Called by server negprot when signing has been negotiated.
+************************************************************/
+
+void srv_set_signing_negotiated(void)
+{
+	srv_sign_info.allow_smb_signing = True;
+	srv_sign_info.negotiated_smb_signing = True;
+	if (lp_server_signing() == Required)
+		srv_sign_info.mandatory_signing = True;
+
+	srv_sign_info.sign_outgoing_message = temp_sign_outgoing_message;
+	srv_sign_info.check_incoming_message = temp_check_incoming_message;
+	srv_sign_info.free_signing_context = temp_free_signing_context;
+}
+
+/***********************************************************
+ Returns whether signing is active. We can't use sendfile or raw
+ reads/writes if it is.
+************************************************************/
+
+BOOL srv_is_signing_active(void)
+{
+	return srv_sign_info.doing_signing;
+}
+
+/***********************************************************
+ Tell server code we are in a multiple trans reply state.
+************************************************************/
+
+void srv_signing_trans_start(uint16 mid)
+{
+	struct smb_basic_signing_context *data;
+
+	if (!srv_sign_info.doing_signing)
+		return;
+
+	data = (struct smb_basic_signing_context *)srv_sign_info.signing_context;
+	if (!data)
+		return;
+
+	data->trans_info = smb_xmalloc(sizeof(struct trans_info_context));
+	ZERO_STRUCTP(data->trans_info);
+
+	data->trans_info->reply_seq_num = data->send_seq_num-1;
+	data->trans_info->mid = mid;
+	data->trans_info->send_seq_num = data->send_seq_num;
+
+	DEBUG(10,("srv_signing_trans_start: storing mid = %u, reply_seq_num = %u, send_seq_num = %u \
+data->send_seq_num = %u\n",
+			(unsigned int)mid,
+			(unsigned int)data->trans_info->reply_seq_num,
+			(unsigned int)data->trans_info->send_seq_num,
+			(unsigned int)data->send_seq_num ));
+}
+
+/***********************************************************
+ Tell server code we are out of a multiple trans reply state.
+************************************************************/
+
+void srv_signing_trans_stop(void)
+{
+	struct smb_basic_signing_context *data;
+
+	if (!srv_sign_info.doing_signing)
+		return;
+
+	data = (struct smb_basic_signing_context *)srv_sign_info.signing_context;
+	if (!data || !data->trans_info)
+		return;
+
+	DEBUG(10,("srv_signing_trans_stop: removing mid = %u, reply_seq_num = %u, send_seq_num = %u \
+data->send_seq_num = %u\n",
+			(unsigned int)data->trans_info->mid,
+			(unsigned int)data->trans_info->reply_seq_num,
+			(unsigned int)data->trans_info->send_seq_num,
+			(unsigned int)data->send_seq_num ));
+
+	SAFE_FREE(data->trans_info);
+	data->trans_info = NULL;
+}
+
+/***********************************************************
+ Turn on signing from this packet onwards. 
+************************************************************/
+
+void srv_set_signing(const uchar user_session_key[16], const DATA_BLOB response)
+{
+	struct smb_basic_signing_context *data;
+
+	if (!user_session_key)
+		return;
+
+	if (!srv_sign_info.negotiated_smb_signing && !srv_sign_info.mandatory_signing) {
+		DEBUG(5,("srv_set_signing: signing negotiated = %u, mandatory_signing = %u. Not allowing smb signing.\n",
+			(unsigned int)srv_sign_info.negotiated_smb_signing,
+			(unsigned int)srv_sign_info.mandatory_signing ));
+		return;
+	}
+
+	/* Once we've turned on, ignore any more sessionsetups. */
+	if (srv_sign_info.doing_signing) {
+		return;
+	}
+	
+	if (srv_sign_info.free_signing_context)
+		srv_sign_info.free_signing_context(&srv_sign_info);
+	
+	srv_sign_info.doing_signing = True;
+
+	data = smb_xmalloc(sizeof(*data));
+	memset(data, '\0', sizeof(*data));
+
+	srv_sign_info.signing_context = data;
+	
+	data->mac_key = data_blob(NULL, response.length + 16);
+
+	memcpy(&data->mac_key.data[0], user_session_key, 16);
+	if (response.length)
+		memcpy(&data->mac_key.data[16],response.data, response.length);
+
+	/* Initialise the sequence number */
+	data->send_seq_num = 0;
+
+	/* Initialise the list of outstanding packets */
+	data->outstanding_packet_list = NULL;
+
+	srv_sign_info.sign_outgoing_message = srv_sign_outgoing_message;
+	srv_sign_info.check_incoming_message = srv_check_incoming_message;
+	srv_sign_info.free_signing_context = simple_free_signing_context;
 }
author	Simo Sorce <idra@samba.org>	2003-08-02 20:06:57 +0000
committer	Simo Sorce <idra@samba.org>	2003-08-02 20:06:57 +0000
commit	04bf12b176d5abe06b7f1401810369bcafe0b611 (patch)
tree	8bb6627c3ffa4cab902787b874206f8012a33e3a /source3/libsmb/smb_signing.c
parent	7efce478976e2ac71bcaf4e4d1049bb263634711 (diff)
download	samba-04bf12b176d5abe06b7f1401810369bcafe0b611.tar.gz samba-04bf12b176d5abe06b7f1401810369bcafe0b611.tar.bz2 samba-04bf12b176d5abe06b7f1401810369bcafe0b611.zip