r21882: The server part of the code has to use an AUTH_NTLMSSP struct,

not just an NTLMSSP - grr. This complicates the re-use of
common client and server code but I think I've got it right.
Not turned on of valgrinded yet, but you can see it start
to take shape !
Jeremy.
(This used to be commit 60fc9c0aedf42dcd9df2ef9f1df07eaf3bca9bce)

4 files changed, 287 insertions, 1 deletions

diff --git a/source3/smbd/seal.c b/source3/smbd/seal.c
new file mode 100644
index 0000000000..2dd4fc8b62
--- /dev/null
+++ b/source3/smbd/seal.c
@@ -0,0 +1,257 @@
+/* 
+   Unix SMB/CIFS implementation.
+   SMB Transport encryption (sealing) code - server code.
+   Copyright (C) Jeremy Allison 2007.
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+/******************************************************************************
+ Server side encryption.
+******************************************************************************/
+
+/******************************************************************************
+ Global server state.
+******************************************************************************/
+
+struct smb_srv_trans_enc_ctx {
+	struct smb_trans_enc_state *es;
+	AUTH_NTLMSSP_STATE *auth_ntlmssp_state; /* Must be kept in sync with pointer in ec->ntlmssp_state. */
+};
+
+static struct smb_srv_trans_enc_ctx *partial_srv_trans_enc_ctx;
+static struct smb_srv_trans_enc_ctx *srv_trans_enc_ctx;
+
+/******************************************************************************
+ Is server encryption on ?
+******************************************************************************/
+
+BOOL srv_encryption_on(void)
+{
+	if (srv_trans_enc_ctx) {
+		return common_encryption_on(srv_trans_enc_ctx->es);
+	}
+	return False;
+}
+
+/******************************************************************************
+ Shutdown a server encryption state.
+******************************************************************************/
+
+static void srv_free_encryption_context(struct smb_srv_trans_enc_ctx **pp_ec)
+{
+	struct smb_srv_trans_enc_ctx *ec = *pp_ec;
+
+	if (!ec) {
+		return;
+	}
+
+	if (ec->es) {
+		struct smb_trans_enc_state *es = ec->es;
+		if (es->smb_enc_type == SMB_TRANS_ENC_NTLM &&
+				ec->auth_ntlmssp_state) {
+			auth_ntlmssp_end(&ec->auth_ntlmssp_state);
+			/* The auth_ntlmssp_end killed this already. */
+			es->ntlmssp_state = NULL;
+		}
+		common_free_encryption_state(&ec->es);
+	}
+
+	SAFE_FREE(ec);
+	*pp_ec = NULL;
+}
+
+/******************************************************************************
+ Free an encryption-allocated buffer.
+******************************************************************************/
+
+void srv_free_enc_buffer(char *buf)
+{
+	if (srv_trans_enc_ctx) {
+		return common_free_enc_buffer(srv_trans_enc_ctx->es, buf);
+	}
+}
+
+/******************************************************************************
+ Decrypt an incoming buffer.
+******************************************************************************/
+
+NTSTATUS srv_decrypt_buffer(char *buf)
+{
+	if (srv_trans_enc_ctx) {
+		return common_decrypt_buffer(srv_trans_enc_ctx->es, buf);
+	}
+	return NT_STATUS_OK;
+}
+
+/******************************************************************************
+ Encrypt an outgoing buffer. Return the encrypted pointer in buf_out.
+******************************************************************************/
+
+NTSTATUS srv_encrypt_buffer(char *buffer, char **buf_out)
+{
+	if (srv_trans_enc_ctx) {
+		return common_encrypt_buffer(srv_trans_enc_ctx->es, buffer, buf_out);
+	}
+	/* Not encrypting. */
+	*buf_out = buffer;
+	return NT_STATUS_OK;
+}
+
+/******************************************************************************
+ Do the gss encryption negotiation. Parameters are in/out.
+ Until success we do everything on the partial enc ctx.
+******************************************************************************/
+
+#if defined(HAVE_GSSAPI_SUPPORT) && defined(HAVE_KRB5)
+static NTSTATUS srv_enc_spnego_gss_negotiate(char **ppdata, size_t *p_data_size, DATA_BLOB *psecblob)
+{
+	return NT_STATUS_NOT_SUPPORTED;
+}
+#endif
+
+/******************************************************************************
+ Do the SPNEGO encryption negotiation. Parameters are in/out.
+ Covers the NTLM case. Based off code in smbd/sesssionsetup.c
+ Until success we do everything on the partial enc ctx.
+******************************************************************************/
+
+static NTSTATUS srv_enc_spnego_negotiate(unsigned char **ppdata, size_t *p_data_size)
+{
+	NTSTATUS status;
+	DATA_BLOB blob = data_blob(NULL,0);
+	DATA_BLOB secblob = data_blob(NULL, 0);
+	DATA_BLOB chal = data_blob(NULL, 0);
+	DATA_BLOB response = data_blob(NULL, 0);
+	BOOL got_kerberos_mechanism = False;
+	struct smb_srv_trans_enc_ctx *ec = NULL;
+
+	blob = data_blob_const(*ppdata, *p_data_size);
+
+	status = parse_spnego_mechanisms(blob, &secblob, &got_kerberos_mechanism);
+	if (!NT_STATUS_IS_OK(status)) {
+		return nt_status_squash(status);
+	}
+
+	/* We should have no partial context at this point. */
+
+	srv_free_encryption_context(&partial_srv_trans_enc_ctx);
+
+	partial_srv_trans_enc_ctx = SMB_MALLOC_P(struct smb_srv_trans_enc_ctx);
+	if (!partial_srv_trans_enc_ctx) {
+		data_blob_free(&secblob);
+		return NT_STATUS_NO_MEMORY;
+	}
+	ZERO_STRUCTP(partial_srv_trans_enc_ctx);
+
+#if defined(HAVE_GSSAPI_SUPPORT) && defined(HAVE_KRB5)
+	if (got_kerberos_mechanism && lp_use_kerberos_keytab()) ) {
+		status = srv_enc_spnego_gss_negotiate(ppdata, p_data_size, &secblob);
+		if (!NT_STATUS_IS_OK(status)) {
+			data_blob_free(&secblob);
+			srv_free_encryption_context(&partial_srv_trans_enc_ctx);
+		}
+		return status;
+	}
+#endif
+
+	/* Deal with an NTLM enc. setup. */
+	ec = partial_srv_trans_enc_ctx;
+
+	status = auth_ntlmssp_start(&ec->auth_ntlmssp_state);
+	if (!NT_STATUS_IS_OK(status)) {
+		srv_free_encryption_context(&partial_srv_trans_enc_ctx);
+		return nt_status_squash(status);
+	}
+
+	status = auth_ntlmssp_update(ec->auth_ntlmssp_state, secblob, &chal);
+	data_blob_free(&secblob);
+
+	/* status here should be NT_STATUS_MORE_PROCESSING_REQUIRED
+	 * for success ... */
+
+	response = spnego_gen_auth_response(&chal, status, OID_NTLMSSP);
+	data_blob_free(&chal);
+
+	SAFE_FREE(*ppdata);
+	*ppdata = response.data;
+	*p_data_size = response.length;
+
+	return status;
+}
+
+/******************************************************************************
+ Complete a SPNEGO encryption negotiation. Parameters are in/out.
+******************************************************************************/
+
+static NTSTATUS srv_enc_spnego_auth(unsigned char **ppdata, size_t *p_data_size)
+{
+	return NT_STATUS_NOT_SUPPORTED;
+}
+
+/******************************************************************************
+ Do the SPNEGO encryption negotiation. Parameters are in/out.
+******************************************************************************/
+
+NTSTATUS srv_request_encryption_setup(unsigned char **ppdata, size_t *p_data_size)
+{
+	unsigned char *pdata = *ppdata;
+
+	if (*p_data_size < 1) {
+		return NT_STATUS_INVALID_PARAMETER;
+	}
+
+	if (pdata[0] == ASN1_APPLICATION(0)) {
+		/* 
+		 * Until success we do everything on the partial
+		 * enc state.
+		 */
+		/* its a negTokenTarg packet */
+		return srv_enc_spnego_negotiate(ppdata, p_data_size);
+	}
+
+	if (pdata[0] == ASN1_CONTEXT(1)) {
+		/* Its a auth packet */
+		return srv_enc_spnego_auth(ppdata, p_data_size);
+	}
+
+	return NT_STATUS_INVALID_PARAMETER;
+}
+
+/******************************************************************************
+ Negotiation was successful - turn on server-side encryption.
+******************************************************************************/
+
+void srv_encryption_start(void)
+{
+	srv_free_encryption_context(&srv_trans_enc_ctx);
+	/* Steal the partial pointer. Deliberate shallow copy. */
+	srv_trans_enc_ctx = partial_srv_trans_enc_ctx;
+	srv_trans_enc_ctx->es->enc_on = True;
+
+	partial_srv_trans_enc_ctx = NULL;
+}
+
+/******************************************************************************
+ Shutdown all server contexts.
+******************************************************************************/
+
+void server_encryption_shutdown(void)
+{
+	srv_free_encryption_context(&partial_srv_trans_enc_ctx);
+	srv_free_encryption_context(&srv_trans_enc_ctx);
+}
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 3f4313ce7f..348d3354d7 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -743,6 +743,8 @@ static void exit_server_common(enum server_exit_reason how,
 	locking_end();
 	printing_end();
 
+	server_encryption_shutdown();
+
 	if (how != SERVER_EXIT_NORMAL) {
 		int oldlevel = DEBUGLEVEL;
 		char *last_inbuf = get_InBuffer();
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index ff1b2821cc..91f4a9e12f 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -634,7 +634,7 @@ static BOOL reply_spnego_ntlmssp(connection_struct *conn, char *inbuf, char *out
  Is this a krb5 mechanism ?
 ****************************************************************************/
 
-static NTSTATUS parse_spnego_mechanisms(DATA_BLOB blob_in, DATA_BLOB *pblob_out, BOOL *p_is_krb5)
+NTSTATUS parse_spnego_mechanisms(DATA_BLOB blob_in, DATA_BLOB *pblob_out, BOOL *p_is_krb5)
 {
 	char *OIDs[ASN1_MAX_OIDS];
 	int i;
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index deb5db1baf..25fd6621e9 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -2758,6 +2758,33 @@ cap_low = 0x%x, cap_high = 0x%x\n",
 				}
 				break;
 			}
+		case SMB_REQUEST_TRANSPORT_ENCRYPTION:
+			{
+				NTSTATUS status;
+				size_t data_len = total_data;
+
+				if (!lp_unix_extensions()) {
+					return ERROR_NT(NT_STATUS_INVALID_LEVEL);
+				}
+
+				DEBUG( 4,("call_trans2setfsinfo: request transport encrption.\n"));
+
+				status = srv_request_encryption_setup((unsigned char **)&pdata, &data_len);
+
+				if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
+					error_packet_set(outbuf, 0, 0, status, __LINE__,__FILE__);
+				} else if (!NT_STATUS_IS_OK(status)) {
+					return ERROR_NT(status);
+				}
+
+				send_trans2_replies( outbuf, bufsize, params, 0, pdata, data_len, max_data_bytes);
+
+				if (NT_STATUS_IS_OK(status)) {
+					/* Server-side transport encryption is now *on*. */
+					srv_encryption_start();
+				}
+				return -1;
+			}
 		case SMB_FS_QUOTA_INFORMATION:
 			{
 				files_struct *fsp = NULL;