summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/libcli/raw/interfaces.h23
-rw-r--r--source4/libcli/smb2/session.c22
-rw-r--r--source4/smb_server/smb2/sesssetup.c15
3 files changed, 28 insertions, 32 deletions
diff --git a/source4/libcli/raw/interfaces.h b/source4/libcli/raw/interfaces.h
index 00ab788184..4211dadb2d 100644
--- a/source4/libcli/raw/interfaces.h
+++ b/source4/libcli/raw/interfaces.h
@@ -373,29 +373,22 @@ union smb_sesssetup {
enum smb_sesssetup_level level;
struct {
- /* NOTE: this was 0x11 = 0x10 + 1 in vista-CTP
- * and changed in vista-beta2, but both server's
- * can handle the 0x18 clients
- */
- /* static body buffer 24 (0x18) bytes */
- /* uint16_t buffer_code; 0x19 = 0x18 + 1 */
- uint16_t _pad;
- uint32_t unknown2; /* 0x0000000F(vista-CTP) 0x00000007(vista-beta2) */
- uint32_t unknown3; /* 0x0000000 */
+ /* static body 24 (0x18) bytes */
+ uint8_t vc_number;
+ uint8_t security_mode;
+ uint32_t capabilities;
+ uint32_t channel;
/* uint16_t secblob_ofs */
/* uint16_t secblob_size */
- uint64_t unknown4; /* 0x0000000000000000 only present in vista-beta2 */
-
+ uint64_t previous_sessionid;
/* dynamic body */
DATA_BLOB secblob;
} in;
struct {
- /* static body buffer 8 (0x08) bytes */
- /* uint16_t buffer_code; 0x09 = 0x08 +1 */
- uint16_t _pad;
+ /* body buffer 8 (0x08) bytes */
+ uint16_t session_flags;
/* uint16_t secblob_ofs */
/* uint16_t secblob_size */
-
/* dynamic body */
DATA_BLOB secblob;
diff --git a/source4/libcli/smb2/session.c b/source4/libcli/smb2/session.c
index a784ea65d8..d06688a598 100644
--- a/source4/libcli/smb2/session.c
+++ b/source4/libcli/smb2/session.c
@@ -75,9 +75,11 @@ struct smb2_request *smb2_session_setup_send(struct smb2_session *session,
if (req == NULL) return NULL;
SBVAL(req->out.hdr, SMB2_HDR_UID, session->uid);
- SSVAL(req->out.body, 0x02, io->in._pad); /* pad */
- SIVAL(req->out.body, 0x04, io->in.unknown2);
- SIVAL(req->out.body, 0x08, io->in.unknown3);
+ SCVAL(req->out.body, 0x02, io->in.vc_number);
+ SCVAL(req->out.body, 0x03, io->in.security_mode);
+ SIVAL(req->out.body, 0x04, io->in.capabilities);
+ SIVAL(req->out.body, 0x08, io->in.channel);
+ SBVAL(req->out.body, 0x10, io->in.previous_sessionid);
req->session = session;
@@ -86,7 +88,6 @@ struct smb2_request *smb2_session_setup_send(struct smb2_session *session,
talloc_free(req);
return NULL;
}
- SBVAL(req->out.body, 0x10, io->in.unknown4);
smb2_transport_send(req);
@@ -110,8 +111,8 @@ NTSTATUS smb2_session_setup_recv(struct smb2_request *req, TALLOC_CTX *mem_ctx,
SMB2_CHECK_PACKET_RECV(req, 0x08, true);
- io->out._pad = SVAL(req->in.body, 0x02);
- io->out.uid = BVAL(req->in.hdr, SMB2_HDR_UID);
+ io->out.session_flags = SVAL(req->in.body, 0x02);
+ io->out.uid = BVAL(req->in.hdr, SMB2_HDR_UID);
status = smb2_pull_o16s16_blob(&req->in, mem_ctx, req->in.body+0x04, &io->out.secblob);
if (!NT_STATUS_IS_OK(status)) {
@@ -206,10 +207,11 @@ struct composite_context *smb2_session_setup_spnego_send(struct smb2_session *se
c->private_data = state;
ZERO_STRUCT(state->io);
- state->io.in._pad = 0x0000;
- state->io.in.unknown2 = 0x0000000F;
- state->io.in.unknown3 = 0x00000000;
- state->io.in.unknown4 = 0; /* uint64_t */
+ state->io.in.vc_number = 0;
+ state->io.in.security_mode = 0;
+ state->io.in.capabilities = 0;
+ state->io.in.channel = 0;
+ state->io.in.previous_sessionid = 0;
c->status = gensec_set_credentials(session->gensec, credentials);
if (!composite_is_ok(c)) return c;
diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c
index 636f5f0e27..b4c78a2ebd 100644
--- a/source4/smb_server/smb2/sesssetup.c
+++ b/source4/smb_server/smb2/sesssetup.c
@@ -48,7 +48,7 @@ static void smb2srv_sesssetup_send(struct smb2srv_request *req, union smb_sessse
SSVAL(req->out.hdr, SMB2_HDR_UNKNOWN1, unknown1);
SBVAL(req->out.hdr, SMB2_HDR_UID, io->smb2.out.uid);
- SSVAL(req->out.body, 0x02, io->smb2.out._pad);
+ SSVAL(req->out.body, 0x02, io->smb2.out.session_flags);
SMB2SRV_CHECK(smb2_push_o16s16_blob(&req->out, 0x04, io->smb2.out.secblob));
smb2srv_send_reply(req);
@@ -108,7 +108,7 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses
struct smbsrv_session *smb_sess = NULL;
uint64_t vuid;
- io->smb2.out._pad = 0;
+ io->smb2.out.session_flags = 0;
io->smb2.out.uid = 0;
io->smb2.out.secblob = data_blob(NULL, 0);
@@ -192,12 +192,13 @@ void smb2srv_sesssetup_recv(struct smb2srv_request *req)
SMB2SRV_CHECK_BODY_SIZE(req, 0x18, true);
SMB2SRV_TALLOC_IO_PTR(io, union smb_sesssetup);
- io->smb2.level = RAW_SESSSETUP_SMB2;
- io->smb2.in._pad = SVAL(req->in.body, 0x02);
- io->smb2.in.unknown2 = IVAL(req->in.body, 0x04);
- io->smb2.in.unknown3 = IVAL(req->in.body, 0x08);
+ io->smb2.level = RAW_SESSSETUP_SMB2;
+ io->smb2.in.vc_number = CVAL(req->in.body, 0x02);
+ io->smb2.in.security_mode = CVAL(req->in.body, 0x03);
+ io->smb2.in.capabilities = IVAL(req->in.body, 0x04);
+ io->smb2.in.channel = IVAL(req->in.body, 0x08);
+ io->smb2.in.previous_sessionid = BVAL(req->in.body, 0x10);
SMB2SRV_CHECK(smb2_pull_o16s16_blob(&req->in, io, req->in.body+0x0C, &io->smb2.in.secblob));
- io->smb2.in.unknown4 = BVAL(req->in.body, 0x10);
smb2srv_sesssetup_backend(req, io);
}