summaryrefslogtreecommitdiff
path: root/source3/libsmb
diff options
context:
space:
mode:
Diffstat (limited to 'source3/libsmb')
-rw-r--r--source3/libsmb/async_smb.c52
-rw-r--r--source3/libsmb/cliconnect.c46
-rw-r--r--source3/libsmb/clientgen.c104
-rw-r--r--source3/libsmb/clikrb5.c30
-rw-r--r--source3/libsmb/clisigning.c87
-rw-r--r--source3/libsmb/clitrans.c54
-rw-r--r--source3/libsmb/dsgetdcname.c2
-rw-r--r--source3/libsmb/libsmb_dir.c8
-rw-r--r--source3/libsmb/libsmb_file.c7
-rw-r--r--source3/libsmb/libsmb_stat.c1
-rw-r--r--source3/libsmb/smb_seal.c3
-rw-r--r--source3/libsmb/smb_signing.c1020
-rw-r--r--source3/libsmb/unexpected.c2
13 files changed, 498 insertions, 918 deletions
diff --git a/source3/libsmb/async_smb.c b/source3/libsmb/async_smb.c
index e579d1c9f0..86fd5c8bef 100644
--- a/source3/libsmb/async_smb.c
+++ b/source3/libsmb/async_smb.c
@@ -550,7 +550,7 @@ void cli_chain_uncork(struct cli_state *cli)
_smb_setlen_large(((char *)req->outbuf), smblen);
}
- cli_calculate_sign_mac(cli, (char *)req->outbuf);
+ cli_calculate_sign_mac(cli, (char *)req->outbuf, &req->seqnum);
if (cli_encryption_on(cli)) {
NTSTATUS status;
@@ -811,9 +811,16 @@ NTSTATUS cli_pull_reply(struct async_req *req,
*/
-static NTSTATUS validate_smb_crypto(struct cli_state *cli, char *pdu)
+static NTSTATUS validate_smb_crypto(struct cli_state *cli, char *pdu,
+ struct cli_request **_req,
+ uint16_t *_mid)
{
NTSTATUS status;
+ struct cli_request *req = NULL;
+ uint16_t mid;
+
+ *_req = NULL;
+ *_mid = 0;
if ((IVAL(pdu, 4) != 0x424d53ff) /* 0xFF"SMB" */
&& (SVAL(pdu, 4) != 0x45ff)) /* 0xFF"E" */ {
@@ -846,11 +853,27 @@ static NTSTATUS validate_smb_crypto(struct cli_state *cli, char *pdu)
}
}
- if (!cli_check_sign_mac(cli, pdu)) {
+ mid = SVAL(pdu, smb_mid);
+
+ for (req = cli->outstanding_requests; req; req = req->next) {
+ if (req->mid == mid) {
+ break;
+ }
+ }
+
+ if (!req) {
+ /* oplock breaks are not signed */
+ goto done;
+ }
+
+ if (!cli_check_sign_mac(cli, pdu, req->seqnum+1)) {
DEBUG(10, ("cli_check_sign_mac failed\n"));
return NT_STATUS_ACCESS_DENIED;
}
+done:
+ *_req = req;
+ *_mid = mid;
return NT_STATUS_OK;
}
@@ -861,9 +884,9 @@ static NTSTATUS validate_smb_crypto(struct cli_state *cli, char *pdu)
static void handle_incoming_pdu(struct cli_state *cli)
{
- struct cli_request *req;
+ struct cli_request *req, *next;
uint16_t mid;
- size_t raw_pdu_len, buf_len, pdu_len, rest_len;
+ size_t raw_pdu_len, buf_len, rest_len;
char *pdu;
int i;
NTSTATUS status;
@@ -923,23 +946,13 @@ static void handle_incoming_pdu(struct cli_state *cli)
}
}
- status = validate_smb_crypto(cli, pdu);
+ status = validate_smb_crypto(cli, pdu, &req, &mid);
if (!NT_STATUS_IS_OK(status)) {
goto invalidate_requests;
}
- mid = SVAL(pdu, smb_mid);
-
DEBUG(10, ("handle_incoming_pdu: got mid %d\n", mid));
- for (req = cli->outstanding_requests; req; req = req->next) {
- if (req->mid == mid) {
- break;
- }
- }
-
- pdu_len = smb_len(pdu) + 4;
-
if (req == NULL) {
DEBUG(3, ("Request for mid %d not found, dumping PDU\n", mid));
@@ -978,8 +991,11 @@ static void handle_incoming_pdu(struct cli_state *cli)
DEBUG(10, ("handle_incoming_pdu: Aborting with %s\n",
nt_errstr(status)));
- for (req = cli->outstanding_requests; req; req = req->next) {
- async_req_nterror(req->async[0], status);
+ for (req = cli->outstanding_requests; req; req = next) {
+ next = req->next;
+ if (req->num_async) {
+ async_req_nterror(req->async[0], status);
+ }
}
return;
}
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index ebb01c44a6..aa1ca595a7 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -505,11 +505,7 @@ static NTSTATUS cli_session_setup_nt1(struct cli_state *cli, const char *user,
ok = cli_simple_set_signing(cli, session_key, nt_response);
#endif
if (ok) {
- /* 'resign' the last message, so we get the right sequence numbers
- for checking the first reply from the server */
- cli_calculate_sign_mac(cli, cli->outbuf);
-
- if (!cli_check_sign_mac(cli, cli->inbuf)) {
+ if (!cli_check_sign_mac(cli, cli->inbuf, 1)) {
result = NT_STATUS_ACCESS_DENIED;
goto end;
}
@@ -747,11 +743,7 @@ static ADS_STATUS cli_session_setup_kerberos(struct cli_state *cli, const char *
if (cli_simple_set_signing(
cli, session_key_krb5, data_blob_null)) {
- /* 'resign' the last message, so we get the right sequence numbers
- for checking the first reply from the server */
- cli_calculate_sign_mac(cli, cli->outbuf);
-
- if (!cli_check_sign_mac(cli, cli->inbuf)) {
+ if (!cli_check_sign_mac(cli, cli->inbuf, 1)) {
nt_status = NT_STATUS_ACCESS_DENIED;
goto nt_error;
}
@@ -873,11 +865,7 @@ static NTSTATUS cli_session_setup_ntlmssp(struct cli_state *cli, const char *use
if (cli_simple_set_signing(
cli, ntlmssp_state->session_key, data_blob_null)) {
- /* 'resign' the last message, so we get the right sequence numbers
- for checking the first reply from the server */
- cli_calculate_sign_mac(cli, cli->outbuf);
-
- if (!cli_check_sign_mac(cli, cli->inbuf)) {
+ if (!cli_check_sign_mac(cli, cli->inbuf, 1)) {
nt_status = NT_STATUS_ACCESS_DENIED;
}
}
@@ -1540,13 +1528,16 @@ NTSTATUS cli_negprot_recv(struct async_req *req)
cli->protocol = prots[protnum].prot;
- if ((cli->protocol < PROTOCOL_NT1) && cli->sign_info.mandatory_signing) {
+ if ((cli->protocol < PROTOCOL_NT1) &&
+ client_is_signing_mandatory(cli)) {
DEBUG(0,("cli_negprot: SMB signing is mandatory and the selected protocol level doesn't support it.\n"));
return NT_STATUS_ACCESS_DENIED;
}
if (cli->protocol >= PROTOCOL_NT1) {
struct timespec ts;
+ bool negotiated_smb_signing = false;
+
/* NT protocol */
cli->sec_mode = CVAL(vwv + 1, 0);
cli->max_mux = SVAL(vwv + 1, 1);
@@ -1579,22 +1570,24 @@ NTSTATUS cli_negprot_recv(struct async_req *req)
if (cli->sec_mode & NEGOTIATE_SECURITY_SIGNATURES_REQUIRED) {
/* Fail if server says signing is mandatory and we don't want to support it. */
- if (!cli->sign_info.allow_smb_signing) {
+ if (!client_is_signing_allowed(cli)) {
DEBUG(0,("cli_negprot: SMB signing is mandatory and we have disabled it.\n"));
return NT_STATUS_ACCESS_DENIED;
}
- cli->sign_info.negotiated_smb_signing = True;
- cli->sign_info.mandatory_signing = True;
- } else if (cli->sign_info.mandatory_signing && cli->sign_info.allow_smb_signing) {
+ negotiated_smb_signing = true;
+ } else if (client_is_signing_mandatory(cli) && client_is_signing_allowed(cli)) {
/* Fail if client says signing is mandatory and the server doesn't support it. */
if (!(cli->sec_mode & NEGOTIATE_SECURITY_SIGNATURES_ENABLED)) {
DEBUG(1,("cli_negprot: SMB signing is mandatory and the server doesn't support it.\n"));
return NT_STATUS_ACCESS_DENIED;
}
- cli->sign_info.negotiated_smb_signing = True;
- cli->sign_info.mandatory_signing = True;
+ negotiated_smb_signing = true;
} else if (cli->sec_mode & NEGOTIATE_SECURITY_SIGNATURES_ENABLED) {
- cli->sign_info.negotiated_smb_signing = True;
+ negotiated_smb_signing = true;
+ }
+
+ if (negotiated_smb_signing) {
+ cli_set_signing_negotiated(cli);
}
if (cli->capabilities & (CAP_LARGE_READX|CAP_LARGE_WRITEX)) {
@@ -1841,10 +1834,9 @@ static NTSTATUS open_smb_socket(const struct sockaddr_storage *pss,
tevent_req_set_callback(r445, smb_sock_connected, fd445);
tevent_req_set_callback(r139, smb_sock_connected, fd139);
- while ((fd139->fd == -1)
- && tevent_req_is_in_progress(r139)
- && (fd445->fd == -1)
- && tevent_req_is_in_progress(r445)) {
+ while ((fd445->fd == -1) && (fd139->fd == -1)
+ && (tevent_req_is_in_progress(r139)
+ || tevent_req_is_in_progress(r445))) {
event_loop_once(ev);
}
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index c1ba4e5c4f..6186387076 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -135,6 +135,79 @@ static ssize_t client_receive_smb(struct cli_state *cli, size_t maxlen)
return len;
}
+static bool cli_state_set_seqnum(struct cli_state *cli, uint16_t mid, uint32_t seqnum)
+{
+ struct cli_state_seqnum *c;
+
+ for (c = cli->seqnum; c; c = c->next) {
+ if (c->mid == mid) {
+ c->seqnum = seqnum;
+ return true;
+ }
+ }
+
+ c = talloc_zero(cli, struct cli_state_seqnum);
+ if (!c) {
+ return false;
+ }
+
+ c->mid = mid;
+ c->seqnum = seqnum;
+ c->persistent = false;
+ DLIST_ADD_END(cli->seqnum, c, struct cli_state_seqnum *);
+
+ return true;
+}
+
+bool cli_state_seqnum_persistent(struct cli_state *cli,
+ uint16_t mid)
+{
+ struct cli_state_seqnum *c;
+
+ for (c = cli->seqnum; c; c = c->next) {
+ if (c->mid == mid) {
+ c->persistent = true;
+ return true;
+ }
+ }
+
+ return false;
+}
+
+bool cli_state_seqnum_remove(struct cli_state *cli,
+ uint16_t mid)
+{
+ struct cli_state_seqnum *c;
+
+ for (c = cli->seqnum; c; c = c->next) {
+ if (c->mid == mid) {
+ DLIST_REMOVE(cli->seqnum, c);
+ TALLOC_FREE(c);
+ return true;
+ }
+ }
+
+ return false;
+}
+
+static uint32_t cli_state_get_seqnum(struct cli_state *cli, uint16_t mid)
+{
+ struct cli_state_seqnum *c;
+
+ for (c = cli->seqnum; c; c = c->next) {
+ if (c->mid == mid) {
+ uint32_t seqnum = c->seqnum;
+ if (!c->persistent) {
+ DLIST_REMOVE(cli->seqnum, c);
+ TALLOC_FREE(c);
+ }
+ return seqnum;
+ }
+ }
+
+ return 0;
+}
+
/****************************************************************************
Recv an smb.
****************************************************************************/
@@ -142,6 +215,8 @@ static ssize_t client_receive_smb(struct cli_state *cli, size_t maxlen)
bool cli_receive_smb(struct cli_state *cli)
{
ssize_t len;
+ uint16_t mid;
+ uint32_t seqnum;
/* fd == -1 causes segfaults -- Tom (tom@ninja.nl) */
if (cli->fd == -1)
@@ -177,7 +252,10 @@ bool cli_receive_smb(struct cli_state *cli)
return false;
}
- if (!cli_check_sign_mac(cli, cli->inbuf)) {
+ mid = SVAL(cli->inbuf,smb_mid);
+ seqnum = cli_state_get_seqnum(cli, mid);
+
+ if (!cli_check_sign_mac(cli, cli->inbuf, seqnum+1)) {
/*
* If we get a signature failure in sessionsetup, then
* the server sometimes just reflects the sent signature
@@ -264,12 +342,20 @@ bool cli_send_smb(struct cli_state *cli)
ssize_t ret;
char *buf_out = cli->outbuf;
bool enc_on = cli_encryption_on(cli);
+ uint32_t seqnum;
/* fd == -1 causes segfaults -- Tom (tom@ninja.nl) */
if (cli->fd == -1)
return false;
- cli_calculate_sign_mac(cli, cli->outbuf);
+ cli_calculate_sign_mac(cli, cli->outbuf, &seqnum);
+
+ if (!cli_state_set_seqnum(cli, cli->mid, seqnum)) {
+ DEBUG(0,("Failed to store mid[%u]/seqnum[%u]\n",
+ (unsigned int)cli->mid,
+ (unsigned int)seqnum));
+ return false;
+ }
if (enc_on) {
NTSTATUS status = cli_encrypt_message(cli, cli->outbuf,
@@ -506,6 +592,7 @@ struct cli_state *cli_initialise_ex(int signing_state)
cli->bufsize = CLI_BUFFER_SIZE+4;
cli->max_xmit = cli->bufsize;
cli->outbuf = (char *)SMB_MALLOC(cli->bufsize+SAFETY_MARGIN);
+ cli->seqnum = 0;
cli->inbuf = (char *)SMB_MALLOC(cli->bufsize+SAFETY_MARGIN);
cli->oplock_handler = cli_oplock_ack;
cli->case_sensitive = false;
@@ -556,9 +643,12 @@ struct cli_state *cli_initialise_ex(int signing_state)
#endif
/* initialise signing */
- cli->sign_info.allow_smb_signing = allow_smb_signing;
- cli->sign_info.mandatory_signing = mandatory_signing;
- cli_null_set_signing(cli);
+ cli->signing_state = smb_signing_init(cli,
+ allow_smb_signing,
+ mandatory_signing);
+ if (!cli->signing_state) {
+ goto error;
+ }
cli->initialised = 1;
@@ -641,7 +731,6 @@ void cli_shutdown(struct cli_state *cli)
SAFE_FREE(cli->outbuf);
SAFE_FREE(cli->inbuf);
- cli_free_signing_context(cli);
data_blob_free(&cli->secblob);
data_blob_free(&cli->user_session_key);
@@ -740,7 +829,6 @@ static void cli_echo_recv_helper(struct async_req *req)
cli_req->data.echo.num_echos -= 1;
if (cli_req->data.echo.num_echos == 0) {
- client_set_trans_sign_state_off(cli_req->cli, cli_req->mid);
async_req_done(req);
return;
}
@@ -782,8 +870,6 @@ struct async_req *cli_echo_send(TALLOC_CTX *mem_ctx, struct event_context *ev,
}
req = talloc_get_type_abort(result->private_data, struct cli_request);
- client_set_trans_sign_state_on(cli, req->mid);
-
req->data.echo.num_echos = num_echos;
req->data.echo.data.data = talloc_move(req, &data_copy);
req->data.echo.data.length = data.length;
diff --git a/source3/libsmb/clikrb5.c b/source3/libsmb/clikrb5.c
index 168ca63303..4ab31374e2 100644
--- a/source3/libsmb/clikrb5.c
+++ b/source3/libsmb/clikrb5.c
@@ -878,24 +878,30 @@ failed:
bool get_krb5_smb_session_key(krb5_context context, krb5_auth_context auth_context, DATA_BLOB *session_key, bool remote)
{
- krb5_keyblock *skey;
- krb5_error_code err;
- bool ret = False;
+ krb5_keyblock *skey = NULL;
+ krb5_error_code err = 0;
+ bool ret = false;
- if (remote)
+ if (remote) {
err = krb5_auth_con_getremotesubkey(context, auth_context, &skey);
- else
+ } else {
err = krb5_auth_con_getlocalsubkey(context, auth_context, &skey);
- if (err == 0 && skey != NULL) {
- DEBUG(10, ("Got KRB5 session key of length %d\n", (int)KRB5_KEY_LENGTH(skey)));
- *session_key = data_blob(KRB5_KEY_DATA(skey), KRB5_KEY_LENGTH(skey));
- dump_data_pw("KRB5 Session Key:\n", session_key->data, session_key->length);
+ }
- ret = True;
+ if (err || skey == NULL) {
+ DEBUG(10, ("KRB5 error getting session key %d\n", err));
+ goto done;
+ }
+ DEBUG(10, ("Got KRB5 session key of length %d\n", (int)KRB5_KEY_LENGTH(skey)));
+ *session_key = data_blob(KRB5_KEY_DATA(skey), KRB5_KEY_LENGTH(skey));
+ dump_data_pw("KRB5 Session Key:\n", session_key->data, session_key->length);
+
+ ret = true;
+
+ done:
+ if (skey) {
krb5_free_keyblock(context, skey);
- } else {
- DEBUG(10, ("KRB5 error getting session key %d\n", err));
}
return ret;
diff --git a/source3/libsmb/clisigning.c b/source3/libsmb/clisigning.c
new file mode 100644
index 0000000000..0d0e926e6c
--- /dev/null
+++ b/source3/libsmb/clisigning.c
@@ -0,0 +1,87 @@
+/*
+ Unix SMB/CIFS implementation.
+ SMB Signing Code
+ Copyright (C) Jeremy Allison 2003.
+ Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
+ Copyright (C) Stefan Metzmacher 2009
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+
+bool cli_simple_set_signing(struct cli_state *cli,
+ const DATA_BLOB user_session_key,
+ const DATA_BLOB response)
+{
+ bool ok;
+
+ ok = smb_signing_activate(cli->signing_state,
+ user_session_key,
+ response);
+ if (!ok) {
+ return false;
+ }
+
+ cli->readbraw_supported = false;
+ cli->writebraw_supported = false;
+
+ return true;
+}
+
+bool cli_temp_set_signing(struct cli_state *cli)
+{
+ return smb_signing_set_bsrspyl(cli->signing_state);
+}
+
+void cli_calculate_sign_mac(struct cli_state *cli, char *buf, uint32_t *seqnum)
+{
+ *seqnum = smb_signing_next_seqnum(cli->signing_state, false);
+ smb_signing_sign_pdu(cli->signing_state, (uint8_t *)buf, *seqnum);
+}
+
+bool cli_check_sign_mac(struct cli_state *cli, const char *buf, uint32_t seqnum)
+{
+ bool ok;
+
+ ok = smb_signing_check_pdu(cli->signing_state,
+ (const uint8_t *)buf,
+ seqnum);
+
+ if (!ok) {
+ return false;
+ }
+
+ return true;
+}
+
+void cli_set_signing_negotiated(struct cli_state *cli)
+{
+ smb_signing_set_negotiated(cli->signing_state);
+}
+
+bool client_is_signing_on(struct cli_state *cli)
+{
+ return smb_signing_is_active(cli->signing_state);
+}
+
+bool client_is_signing_allowed(struct cli_state *cli)
+{
+ return smb_signing_is_allowed(cli->signing_state);
+}
+
+bool client_is_signing_mandatory(struct cli_state *cli)
+{
+ return smb_signing_is_mandatory(cli->signing_state);
+}
diff --git a/source3/libsmb/clitrans.c b/source3/libsmb/clitrans.c
index 0266c0307e..c566972b21 100644
--- a/source3/libsmb/clitrans.c
+++ b/source3/libsmb/clitrans.c
@@ -94,14 +94,12 @@ bool cli_send_trans(struct cli_state *cli, int trans,
return False;
}
- /* Note we're in a trans state. Save the sequence
- * numbers for replies. */
- client_set_trans_sign_state_on(cli, mid);
+ cli_state_seqnum_persistent(cli, mid);
if (this_ldata < ldata || this_lparam < lparam) {
/* receive interim response */
if (!cli_receive_smb(cli) || cli_is_error(cli)) {
- client_set_trans_sign_state_off(cli, mid);
+ cli_state_seqnum_remove(cli, mid);
return(False);
}
@@ -137,12 +135,11 @@ bool cli_send_trans(struct cli_state *cli, int trans,
show_msg(cli->outbuf);
- client_set_trans_sign_state_off(cli, mid);
cli->mid = mid;
if (!cli_send_smb(cli)) {
+ cli_state_seqnum_remove(cli, mid);
return False;
}
- client_set_trans_sign_state_on(cli, mid);
tot_data += this_ldata;
tot_param += this_lparam;
@@ -165,10 +162,14 @@ bool cli_receive_trans(struct cli_state *cli,int trans,
unsigned int this_data,this_param;
NTSTATUS status;
bool ret = False;
+ uint16_t mid;
*data_len = *param_len = 0;
+ mid = SVAL(cli->inbuf,smb_mid);
+
if (!cli_receive_smb(cli)) {
+ cli_state_seqnum_remove(cli, mid);
return False;
}
@@ -179,6 +180,7 @@ bool cli_receive_trans(struct cli_state *cli,int trans,
DEBUG(0,("Expected %s response, got command 0x%02x\n",
trans==SMBtrans?"SMBtrans":"SMBtrans2",
CVAL(cli->inbuf,smb_com)));
+ cli_state_seqnum_remove(cli, mid);
return False;
}
@@ -331,6 +333,8 @@ bool cli_receive_trans(struct cli_state *cli,int trans,
out:
+ cli_state_seqnum_remove(cli, mid);
+
if (ret) {
/* Ensure the last 2 bytes of param and data are 2 null
* bytes. These are malloc'ed, but not included in any
@@ -344,7 +348,6 @@ bool cli_receive_trans(struct cli_state *cli,int trans,
}
}
- client_set_trans_sign_state_off(cli, SVAL(cli->inbuf,smb_mid));
return ret;
}
@@ -412,14 +415,12 @@ bool cli_send_nt_trans(struct cli_state *cli,
return False;
}
- /* Note we're in a trans state. Save the sequence
- * numbers for replies. */
- client_set_trans_sign_state_on(cli, mid);
+ cli_state_seqnum_persistent(cli, mid);
if (this_ldata < ldata || this_lparam < lparam) {
/* receive interim response */
if (!cli_receive_smb(cli) || cli_is_error(cli)) {
- client_set_trans_sign_state_off(cli, mid);
+ cli_state_seqnum_remove(cli, mid);
return(False);
}
@@ -454,12 +455,11 @@ bool cli_send_nt_trans(struct cli_state *cli,
show_msg(cli->outbuf);
- client_set_trans_sign_state_off(cli, mid);
cli->mid = mid;
if (!cli_send_smb(cli)) {
+ cli_state_seqnum_remove(cli, mid);
return False;
}
- client_set_trans_sign_state_on(cli, mid);
tot_data += this_ldata;
tot_param += this_lparam;
@@ -483,10 +483,14 @@ bool cli_receive_nt_trans(struct cli_state *cli,
uint8 eclass;
uint32 ecode;
bool ret = False;
+ uint16_t mid;
*data_len = *param_len = 0;
+ mid = SVAL(cli->inbuf,smb_mid);
+
if (!cli_receive_smb(cli)) {
+ cli_state_seqnum_remove(cli, mid);
return False;
}
@@ -496,6 +500,7 @@ bool cli_receive_nt_trans(struct cli_state *cli,
if (CVAL(cli->inbuf,smb_com) != SMBnttrans) {
DEBUG(0,("Expected SMBnttrans response, got command 0x%02x\n",
CVAL(cli->inbuf,smb_com)));
+ cli_state_seqnum_remove(cli, mid);
return(False);
}
@@ -669,6 +674,8 @@ bool cli_receive_nt_trans(struct cli_state *cli,
out:
+ cli_state_seqnum_remove(cli, mid);
+
if (ret) {
/* Ensure the last 2 bytes of param and data are 2 null
* bytes. These are malloc'ed, but not included in any
@@ -682,7 +689,6 @@ bool cli_receive_nt_trans(struct cli_state *cli,
}
}
- client_set_trans_sign_state_off(cli, SVAL(cli->inbuf,smb_mid));
return ret;
}
@@ -696,6 +702,7 @@ struct cli_trans_state {
struct event_context *ev;
uint8_t cmd;
uint16_t mid;
+ uint32_t seqnum;
const char *pipe_name;
uint16_t fid;
uint16_t function;
@@ -919,6 +926,7 @@ static struct async_req *cli_ship_trans(TALLOC_CTX *mem_ctx,
cli_req = talloc_get_type_abort(result->private_data,
struct cli_request);
state->mid = cli_req->mid;
+ state->seqnum = cli_req->seqnum;
} else {
uint16_t num_bytes = talloc_get_size(bytes);
/*
@@ -939,12 +947,10 @@ static struct async_req *cli_ship_trans(TALLOC_CTX *mem_ctx,
cli_req->recv_helper.fn = cli_trans_recv_helper;
cli_req->recv_helper.priv = state;
cli_req->mid = state->mid;
- client_set_trans_sign_state_off(state->cli, state->mid);
cli_chain_uncork(state->cli);
+ state->seqnum = cli_req->seqnum;
}
- client_set_trans_sign_state_on(state->cli, state->mid);
-
fail:
TALLOC_FREE(frame);
return result;
@@ -953,6 +959,8 @@ static struct async_req *cli_ship_trans(TALLOC_CTX *mem_ctx,
static void cli_trans_ship_rest(struct async_req *req,
struct cli_trans_state *state)
{
+ struct cli_request *cli_req;
+
state->secondary_request_ctx = talloc_new(state);
if (state->secondary_request_ctx == NULL) {
async_req_nterror(req, NT_STATUS_NO_MEMORY);
@@ -961,14 +969,19 @@ static void cli_trans_ship_rest(struct async_req *req,
while ((state->param_sent < state->num_param)
|| (state->data_sent < state->num_data)) {
- struct async_req *cli_req;
+ struct async_req *subreq;
- cli_req = cli_ship_trans(state->secondary_request_ctx, state);
- if (cli_req == NULL) {
+ subreq = cli_ship_trans(state->secondary_request_ctx, state);
+ if (subreq == NULL) {
async_req_nterror(req, NT_STATUS_NO_MEMORY);
return;
}
}
+
+ cli_req = talloc_get_type_abort(req->private_data,
+ struct cli_request);
+
+ cli_req->seqnum = state->seqnum;
}
static NTSTATUS cli_pull_trans(struct async_req *req,
@@ -1174,7 +1187,6 @@ static void cli_trans_recv_helper(struct async_req *req)
if ((state->rparam.total == state->rparam.received)
&& (state->rdata.total == state->rdata.received)) {
- client_set_trans_sign_state_off(state->cli, state->mid);
async_req_done(req);
}
}
diff --git a/source3/libsmb/dsgetdcname.c b/source3/libsmb/dsgetdcname.c
index 3491544175..1064a63d97 100644
--- a/source3/libsmb/dsgetdcname.c
+++ b/source3/libsmb/dsgetdcname.c
@@ -311,7 +311,7 @@ static uint32_t get_cldap_reply_server_flags(struct netlogon_samlogon_response *
/****************************************************************
****************************************************************/
-#define RETURN_ON_FALSE(x) if (!x) return false;
+#define RETURN_ON_FALSE(x) if (!(x)) return false;
static bool check_cldap_reply_required_flags(uint32_t ret_flags,
uint32_t req_flags)
diff --git a/source3/libsmb/libsmb_dir.c b/source3/libsmb/libsmb_dir.c
index 2255db6617..219bbe64e1 100644
--- a/source3/libsmb/libsmb_dir.c
+++ b/source3/libsmb/libsmb_dir.c
@@ -1171,7 +1171,8 @@ SMBC_mkdir_ctx(SMBCCTX *context,
srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
- TALLOC_FREE(frame);
+ errno = ENOENT;
+ TALLOC_FREE(frame);
return -1;
}
/*d_printf(">>>mkdir: resolved path as %s\n", targetpath);*/
@@ -1278,6 +1279,7 @@ SMBC_rmdir_ctx(SMBCCTX *context,
srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
+ errno = ENOENT;
TALLOC_FREE(frame);
return -1;
}
@@ -1561,6 +1563,7 @@ SMBC_chmod_ctx(SMBCCTX *context,
srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
+ errno = ENOENT;
TALLOC_FREE(frame);
return -1;
}
@@ -1753,6 +1756,7 @@ SMBC_unlink_ctx(SMBCCTX *context,
srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
+ errno = ENOENT;
TALLOC_FREE(frame);
return -1;
}
@@ -1927,6 +1931,7 @@ SMBC_rename_ctx(SMBCCTX *ocontext,
path1,
&targetcli1, &targetpath1)) {
d_printf("Could not resolve %s\n", path1);
+ errno = ENOENT;
TALLOC_FREE(frame);
return -1;
}
@@ -1944,6 +1949,7 @@ SMBC_rename_ctx(SMBCCTX *ocontext,
path2,
&targetcli2, &targetpath2)) {
d_printf("Could not resolve %s\n", path2);
+ errno = ENOENT;
TALLOC_FREE(frame);
return -1;
}
diff --git a/source3/libsmb/libsmb_file.c b/source3/libsmb/libsmb_file.c
index 06e41ad21e..aa02807092 100644
--- a/source3/libsmb/libsmb_file.c
+++ b/source3/libsmb/libsmb_file.c
@@ -119,6 +119,7 @@ SMBC_open_ctx(SMBCCTX *context,
srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
+ errno = ENOENT;
SAFE_FREE(file);
TALLOC_FREE(frame);
return NULL;
@@ -300,6 +301,7 @@ SMBC_read_ctx(SMBCCTX *context,
file->srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
+ errno = ENOENT;
TALLOC_FREE(frame);
return -1;
}
@@ -390,6 +392,7 @@ SMBC_write_ctx(SMBCCTX *context,
file->srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
+ errno = ENOENT;
TALLOC_FREE(frame);
return -1;
}
@@ -466,6 +469,7 @@ SMBC_close_ctx(SMBCCTX *context,
file->srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
+ errno = ENOENT;
TALLOC_FREE(frame);
return -1;
}
@@ -549,6 +553,7 @@ SMBC_getatr(SMBCCTX * context,
srv->cli, fixedpath,
&targetcli, &targetpath)) {
d_printf("Couldn't resolve %s\n", path);
+ errno = ENOENT;
TALLOC_FREE(frame);
return False;
}
@@ -762,6 +767,7 @@ SMBC_lseek_ctx(SMBCCTX *context,
file->srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
+ errno = ENOENT;
TALLOC_FREE(frame);
return -1;
}
@@ -854,6 +860,7 @@ SMBC_ftruncate_ctx(SMBCCTX *context,
file->srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
+ errno = ENOENT;
TALLOC_FREE(frame);
return -1;
}
diff --git a/source3/libsmb/libsmb_stat.c b/source3/libsmb/libsmb_stat.c
index dc904d2753..c2806daddb 100644
--- a/source3/libsmb/libsmb_stat.c
+++ b/source3/libsmb/libsmb_stat.c
@@ -261,6 +261,7 @@ SMBC_fstat_ctx(SMBCCTX *context,
file->srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
+ errno = ENOENT;
TALLOC_FREE(frame);
return -1;
}
diff --git a/source3/libsmb/smb_seal.c b/source3/libsmb/smb_seal.c
index 795c8bc14c..2f7305c5b6 100644
--- a/source3/libsmb/smb_seal.c
+++ b/source3/libsmb/smb_seal.c
@@ -136,7 +136,7 @@ NTSTATUS common_ntlm_encrypt_buffer(NTLMSSP_STATE *ntlmssp_state,
smb_set_enclen(buf_out, smb_len(buf) + NTLMSSP_SIG_SIZE, enc_ctx_num);
- sig = data_blob(NULL, NTLMSSP_SIG_SIZE);
+ ZERO_STRUCT(sig);
status = ntlmssp_seal_packet(ntlmssp_state,
(unsigned char *)buf_out + 8 + NTLMSSP_SIG_SIZE, /* 4 byte len + 0xFF 'S' <enc> <ctx> */
@@ -153,6 +153,7 @@ NTSTATUS common_ntlm_encrypt_buffer(NTLMSSP_STATE *ntlmssp_state,
/* First 16 data bytes are signature for SSPI compatibility. */
memcpy(buf_out + 8, sig.data, NTLMSSP_SIG_SIZE);
+ data_blob_free(&sig);
*ppbuf_out = buf_out;
return NT_STATUS_OK;
}
diff --git a/source3/libsmb/smb_signing.c b/source3/libsmb/smb_signing.c
index a3ed0e7572..32d2883965 100644
--- a/source3/libsmb/smb_signing.c
+++ b/source3/libsmb/smb_signing.c
@@ -1,8 +1,9 @@
-/*
+/*
Unix SMB/CIFS implementation.
SMB Signing Code
Copyright (C) Jeremy Allison 2003.
Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
+ Copyright (C) Stefan Metzmacher 2009
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -20,260 +21,89 @@
#include "includes.h"
-/* Lookup a packet's MID (multiplex id) and figure out it's sequence number */
-struct outstanding_packet_lookup {
- struct outstanding_packet_lookup *prev, *next;
- uint16 mid;
- uint32 reply_seq_num;
- bool can_delete; /* Set to False in trans state. */
-};
+/* Used by the SMB signing functions. */
-struct smb_basic_signing_context {
- DATA_BLOB mac_key;
- uint32 send_seq_num;
- struct outstanding_packet_lookup *outstanding_packet_list;
-};
-
-static bool store_sequence_for_reply(struct outstanding_packet_lookup **list,
- uint16 mid, uint32 reply_seq_num)
-{
- struct outstanding_packet_lookup *t;
+struct smb_signing_state {
+ /* is signing localy allowed */
+ bool allowed;
- /* Ensure we only add a mid once. */
- for (t = *list; t; t = t->next) {
- if (t->mid == mid) {
- return False;
- }
- }
+ /* is signing localy mandatory */
+ bool mandatory;
- t = SMB_XMALLOC_P(struct outstanding_packet_lookup);
- ZERO_STRUCTP(t);
+ /* is signing negotiated by the peer */
+ bool negotiated;
- t->mid = mid;
- t->reply_seq_num = reply_seq_num;
- t->can_delete = True;
+ /* send BSRSPYL signatures */
+ bool bsrspyl;
- /*
- * Add to the *start* of the list not the end of the list.
- * This ensures that the *last* send sequence with this mid
- * is returned by preference.
- * This can happen if the mid wraps and one of the early
- * mid numbers didn't get a reply and is still lurking on
- * the list. JRA. Found by Fran Fabrizio <fran@cis.uab.edu>.
- */
+ bool active; /* Have I ever seen a validly signed packet? */
- DLIST_ADD(*list, t);
- DEBUG(10,("store_sequence_for_reply: stored seq = %u mid = %u\n",
- (unsigned int)reply_seq_num, (unsigned int)mid ));
- return True;
-}
+ /* mac_key.length > 0 means signing is started */
+ DATA_BLOB mac_key;
-static bool get_sequence_for_reply(struct outstanding_packet_lookup **list,
- uint16 mid, uint32 *reply_seq_num)
-{
- struct outstanding_packet_lookup *t;
-
- for (t = *list; t; t = t->next) {
- if (t->mid == mid) {
- *reply_seq_num = t->reply_seq_num;
- DEBUG(10,("get_sequence_for_reply: found seq = %u mid = %u\n",
- (unsigned int)t->reply_seq_num, (unsigned int)t->mid ));
- if (t->can_delete) {
- DLIST_REMOVE(*list, t);
- SAFE_FREE(t);
- }
- return True;
- }
- }
- return False;
-}
+ /* the next expected seqnum */
+ uint32_t seqnum;
+};
-static bool set_sequence_can_delete_flag(struct outstanding_packet_lookup **list, uint16 mid, bool can_delete_entry)
+static void smb_signing_reset_info(struct smb_signing_state *si)
{
- struct outstanding_packet_lookup *t;
-
- for (t = *list; t; t = t->next) {
- if (t->mid == mid) {
- t->can_delete = can_delete_entry;
- return True;
- }
- }
- return False;
+ si->active = false;
+ si->bsrspyl = false;
+ data_blob_free(&si->mac_key);
+ si->seqnum = 0;
}
-/***********************************************************
- SMB signing - Common code before we set a new signing implementation
-************************************************************/
-
-static bool cli_set_smb_signing_common(struct cli_state *cli)
+struct smb_signing_state *smb_signing_init(TALLOC_CTX *mem_ctx,
+ bool allowed,
+ bool mandatory)
{
- if (!cli->sign_info.allow_smb_signing) {
- return False;
- }
+ struct smb_signing_state *si;
- if (!cli->sign_info.negotiated_smb_signing
- && !cli->sign_info.mandatory_signing) {
- return False;
+ si = talloc_zero(mem_ctx, struct smb_signing_state);
+ if (si == NULL) {
+ return NULL;
}
- if (cli->sign_info.doing_signing) {
- return False;
+ if (mandatory) {
+ allowed = true;
}
- if (cli->sign_info.free_signing_context)
- cli->sign_info.free_signing_context(&cli->sign_info);
-
- /* These calls are INCOMPATIBLE with SMB signing */
- cli->readbraw_supported = False;
- cli->writebraw_supported = False;
-
- return True;
-}
-
-/***********************************************************
- SMB signing - Common code for 'real' implementations
-************************************************************/
-
-static bool set_smb_signing_real_common(struct smb_sign_info *si)
-{
- if (si->mandatory_signing) {
- DEBUG(5, ("Mandatory SMB signing enabled!\n"));
- }
-
- si->doing_signing = True;
- DEBUG(5, ("SMB signing enabled!\n"));
-
- return True;
-}
-
-static void mark_packet_signed(char *outbuf)
-{
- uint16 flags2;
- flags2 = SVAL(outbuf,smb_flg2);
- flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES;
- SSVAL(outbuf,smb_flg2, flags2);
-}
-
-/***********************************************************
- SMB signing - NULL implementation - calculate a MAC to send.
-************************************************************/
-
-static void null_sign_outgoing_message(char *outbuf, struct smb_sign_info *si)
-{
- /* we can't zero out the sig, as we might be trying to send a
- session request - which is NBT-level, not SMB level and doesn't
- have the field */
- return;
-}
-
-/***********************************************************
- SMB signing - NULL implementation - check a MAC sent by server.
-************************************************************/
-
-static bool null_check_incoming_message(const char *inbuf,
- struct smb_sign_info *si,
- bool must_be_ok)
-{
- return True;
-}
-
-/***********************************************************
- SMB signing - NULL implementation - free signing context
-************************************************************/
-
-static void null_free_signing_context(struct smb_sign_info *si)
-{
- return;
-}
-
-/**
- SMB signing - NULL implementation - setup the MAC key.
-
- @note Used as an initialisation only - it will not correctly
- shut down a real signing mechanism
-*/
-
-static bool null_set_signing(struct smb_sign_info *si)
-{
- si->signing_context = NULL;
-
- si->sign_outgoing_message = null_sign_outgoing_message;
- si->check_incoming_message = null_check_incoming_message;
- si->free_signing_context = null_free_signing_context;
-
- return True;
-}
-
-/**
- * Free the signing context
- */
-
-static void free_signing_context(struct smb_sign_info *si)
-{
- if (si->free_signing_context) {
- si->free_signing_context(si);
- si->signing_context = NULL;
- }
+ si->allowed = allowed;
+ si->mandatory = mandatory;
- null_set_signing(si);
+ return si;
}
-
-static bool signing_good(const char *inbuf, struct smb_sign_info *si,
- bool good, uint32 seq, bool must_be_ok)
+static bool smb_signing_good(struct smb_signing_state *si,
+ bool good, uint32_t seq)
{
if (good) {
-
- if (!si->doing_signing) {
- si->doing_signing = True;
+ if (!si->active) {
+ si->active = true;
}
+ return true;
+ }
- if (!si->seen_valid) {
- si->seen_valid = True;
- }
-
- } else {
- if (!si->mandatory_signing && !si->seen_valid) {
-
- if (!must_be_ok) {
- return True;
- }
- /* Non-mandatory signing - just turn off if this is the first bad packet.. */
- DEBUG(5, ("srv_check_incoming_message: signing negotiated but not required and peer\n"
- "isn't sending correct signatures. Turning off.\n"));
- si->negotiated_smb_signing = False;
- si->allow_smb_signing = False;
- si->doing_signing = False;
- free_signing_context(si);
- return True;
- } else if (!must_be_ok) {
- /* This packet is known to be unsigned */
- return True;
- } else {
- /* Mandatory signing or bad packet after signing started - fail and disconnect. */
- if (seq)
- DEBUG(0, ("signing_good: BAD SIG: seq %u\n", (unsigned int)seq));
- return False;
- }
+ if (!si->mandatory && !si->active) {
+ /* Non-mandatory signing - just turn off if this is the first bad packet.. */
+ DEBUG(5, ("smb_signing_good: signing negotiated but not required and peer\n"
+ "isn't sending correct signatures. Turning off.\n"));
+ smb_signing_reset_info(si);
+ return true;
}
- return True;
-}
-/***********************************************************
- SMB signing - Simple implementation - calculate a MAC on the packet
-************************************************************/
+ /* Mandatory signing or bad packet after signing started - fail and disconnect. */
+ DEBUG(0, ("smb_signing_good: BAD SIG: seq %u\n", (unsigned int)seq));
+ return false;
+}
-static void simple_packet_signature(struct smb_basic_signing_context *data,
- const uchar *buf, uint32 seq_number,
- unsigned char calc_md5_mac[16])
+static void smb_signing_md5(const DATA_BLOB *mac_key,
+ const uint8_t *buf, uint32_t seq_number,
+ uint8_t calc_md5_mac[16])
{
const size_t offset_end_of_sig = (smb_ss_field + 8);
- unsigned char sequence_buf[8];
+ uint8_t sequence_buf[8];
struct MD5Context md5_ctx;
-#if 0
- /* JRA - apparently this is incorrect. */
- unsigned char key_buf[16];
-#endif
/*
* Firstly put the sequence number into the first 4 bytes.
@@ -282,7 +112,7 @@ static void simple_packet_signature(struct smb_basic_signing_context *data,
* We do this here, to avoid modifying the packet.
*/
- DEBUG(10,("simple_packet_signature: sequence number %u\n", seq_number ));
+ DEBUG(10,("smb_signing_md5: sequence number %u\n", seq_number ));
SIVAL(sequence_buf, 0, seq_number);
SIVAL(sequence_buf, 4, 0);
@@ -295,17 +125,7 @@ static void simple_packet_signature(struct smb_basic_signing_context *data,
MD5Init(&md5_ctx);
/* intialise with the key */
- MD5Update(&md5_ctx, data->mac_key.data, data->mac_key.length);
-#if 0
- /* JRA - apparently this is incorrect. */
- /* NB. When making and verifying SMB signatures, Windows apparently
- zero-pads the key to 128 bits if it isn't long enough.
- From Nalin Dahyabhai <nalin@redhat.com> */
- if (data->mac_key.length < sizeof(key_buf)) {
- memset(key_buf, 0, sizeof(key_buf));
- MD5Update(&md5_ctx, key_buf, sizeof(key_buf) - data->mac_key.length);
- }
-#endif
+ MD5Update(&md5_ctx, mac_key->data, mac_key->length);
/* copy in the first bit of the SMB header */
MD5Update(&md5_ctx, buf + 4, smb_ss_field - 4);
@@ -317,690 +137,234 @@ static void simple_packet_signature(struct smb_basic_signing_context *data,
MD5Update(&md5_ctx, buf + offset_end_of_sig,
smb_len(buf) - (offset_end_of_sig - 4));
- /* calculate the MD5 sig */
+ /* calculate the MD5 sig */
MD5Final(calc_md5_mac, &md5_ctx);
}
-
-/***********************************************************
- SMB signing - Client implementation - send the MAC.
-************************************************************/
-
-static void client_sign_outgoing_message(char *outbuf, struct smb_sign_info *si)
-{
- unsigned char calc_md5_mac[16];
- struct smb_basic_signing_context *data =
- (struct smb_basic_signing_context *)si->signing_context;
-
- if (!si->doing_signing)
- return;
-
- /* JRA Paranioa test - we should be able to get rid of this... */
- if (smb_len(outbuf) < (smb_ss_field + 8 - 4)) {
- DEBUG(1, ("client_sign_outgoing_message: Logic error. Can't check signature on short packet! smb_len = %u\n",
- smb_len(outbuf) ));
- abort();
- }
-
- /* mark the packet as signed - BEFORE we sign it...*/
- mark_packet_signed(outbuf);
-
- simple_packet_signature(data, (const unsigned char *)outbuf,
- data->send_seq_num, calc_md5_mac);
-
- DEBUG(10, ("client_sign_outgoing_message: sent SMB signature of\n"));
- dump_data(10, calc_md5_mac, 8);
-
- memcpy(&outbuf[smb_ss_field], calc_md5_mac, 8);
-
-/* cli->outbuf[smb_ss_field+2]=0;
- Uncomment this to test if the remote server actually verifies signatures...*/
-
- /* Instead of re-introducing the trans_info_conect we
- used to have here, we use the fact that during a
- SMBtrans/SMBtrans2/SMBnttrans send that the mid stays
- constant. This means that calling store_sequence_for_reply()
- will return False for all trans secondaries, as the mid is already
- on the stored sequence list. As the send_seqence_number must
- remain constant for all primary+secondary trans sends, we
- only increment the send sequence number when we successfully
- add a new entry to the outstanding sequence list. This means
- I can isolate the fix here rather than re-adding the trans
- signing on/off calls in libsmb/clitrans2.c JRA.
- */
-
- if (store_sequence_for_reply(&data->outstanding_packet_list, SVAL(outbuf,smb_mid), data->send_seq_num + 1)) {
- data->send_seq_num += 2;
- }
-}
-
-/***********************************************************
- SMB signing - Client implementation - check a MAC sent by server.
-************************************************************/
-
-static bool client_check_incoming_message(const char *inbuf,
- struct smb_sign_info *si,
- bool must_be_ok)
+uint32_t smb_signing_next_seqnum(struct smb_signing_state *si, bool oneway)
{
- bool good;
- uint32 reply_seq_number;
- unsigned char calc_md5_mac[16];
- unsigned char *server_sent_mac;
-
- struct smb_basic_signing_context *data =
- (struct smb_basic_signing_context *)si->signing_context;
+ uint32_t seqnum;
- if (!si->doing_signing)
- return True;
-
- if (smb_len(inbuf) < (smb_ss_field + 8 - 4)) {
- DEBUG(1, ("client_check_incoming_message: Can't check signature on short packet! smb_len = %u\n", smb_len(inbuf)));
- return False;
+ if (si->mac_key.length == 0) {
+ return 0;
}
- if (!get_sequence_for_reply(&data->outstanding_packet_list, SVAL(inbuf, smb_mid), &reply_seq_number)) {
- DEBUG(1, ("client_check_incoming_message: received message "
- "with mid %u with no matching send record.\n", (unsigned int)SVAL(inbuf, smb_mid) ));
- return False;
- }
-
- simple_packet_signature(data, (const unsigned char *)inbuf,
- reply_seq_number, calc_md5_mac);
-
- server_sent_mac = (unsigned char *)&inbuf[smb_ss_field];
- good = (memcmp(server_sent_mac, calc_md5_mac, 8) == 0);
-
- if (!good) {
- DEBUG(5, ("client_check_incoming_message: BAD SIG: wanted SMB signature of\n"));
- dump_data(5, calc_md5_mac, 8);
-
- DEBUG(5, ("client_check_incoming_message: BAD SIG: got SMB signature of\n"));
- dump_data(5, server_sent_mac, 8);
-#if 1 /* JRATEST */
- {
- int i;
- for (i = -5; i < 5; i++) {
- simple_packet_signature(data, (const unsigned char *)inbuf, reply_seq_number+i, calc_md5_mac);
- if (memcmp(server_sent_mac, calc_md5_mac, 8) == 0) {
- DEBUG(0,("client_check_incoming_message: out of seq. seq num %u matches. \
-We were expecting seq %u\n", reply_seq_number+i, reply_seq_number ));
- break;
- }
- }
- }
-#endif /* JRATEST */
-
+ seqnum = si->seqnum;
+ if (oneway) {
+ si->seqnum += 1;
} else {
- DEBUG(10, ("client_check_incoming_message: seq %u: got good SMB signature of\n", (unsigned int)reply_seq_number));
- dump_data(10, server_sent_mac, 8);
- }
- return signing_good(inbuf, si, good, reply_seq_number, must_be_ok);
-}
-
-/***********************************************************
- SMB signing - Simple implementation - free signing context
-************************************************************/
-
-static void simple_free_signing_context(struct smb_sign_info *si)
-{
- struct smb_basic_signing_context *data =
- (struct smb_basic_signing_context *)si->signing_context;
- struct outstanding_packet_lookup *list;
- struct outstanding_packet_lookup *next;
-
- for (list = data->outstanding_packet_list; list; list = next) {
- next = list->next;
- DLIST_REMOVE(data->outstanding_packet_list, list);
- SAFE_FREE(list);
+ si->seqnum += 2;
}
- data_blob_free(&data->mac_key);
-
- SAFE_FREE(si->signing_context);
-
- return;
+ return seqnum;
}
-/***********************************************************
- SMB signing - Simple implementation - setup the MAC key.
-************************************************************/
-
-bool cli_simple_set_signing(struct cli_state *cli,
- const DATA_BLOB user_session_key,
- const DATA_BLOB response)
+void smb_signing_cancel_reply(struct smb_signing_state *si, bool oneway)
{
- struct smb_basic_signing_context *data;
-
- if (!user_session_key.length)
- return False;
-
- if (!cli_set_smb_signing_common(cli)) {
- return False;
- }
-
- if (!set_smb_signing_real_common(&cli->sign_info)) {
- return False;
+ if (si->mac_key.length == 0) {
+ return;
}
- data = SMB_XMALLOC_P(struct smb_basic_signing_context);
- memset(data, '\0', sizeof(*data));
-
- cli->sign_info.signing_context = data;
-
- data->mac_key = data_blob(NULL, response.length + user_session_key.length);
-
- memcpy(&data->mac_key.data[0], user_session_key.data, user_session_key.length);
-
- DEBUG(10, ("cli_simple_set_signing: user_session_key\n"));
- dump_data(10, user_session_key.data, user_session_key.length);
-
- if (response.length) {
- memcpy(&data->mac_key.data[user_session_key.length],response.data, response.length);
- DEBUG(10, ("cli_simple_set_signing: response_data\n"));
- dump_data(10, response.data, response.length);
+ if (oneway) {
+ si->seqnum -= 1;
} else {
- DEBUG(10, ("cli_simple_set_signing: NULL response_data\n"));
+ si->seqnum -= 2;
}
-
- dump_data_pw("MAC ssession key is:\n", data->mac_key.data, data->mac_key.length);
-
- /* Initialise the sequence number */
- data->send_seq_num = 0;
-
- /* Initialise the list of outstanding packets */
- data->outstanding_packet_list = NULL;
-
- cli->sign_info.sign_outgoing_message = client_sign_outgoing_message;
- cli->sign_info.check_incoming_message = client_check_incoming_message;
- cli->sign_info.free_signing_context = simple_free_signing_context;
-
- return True;
}
-/***********************************************************
- SMB signing - TEMP implementation - calculate a MAC to send.
-************************************************************/
-
-static void temp_sign_outgoing_message(char *outbuf, struct smb_sign_info *si)
+void smb_signing_sign_pdu(struct smb_signing_state *si,
+ uint8_t *outbuf, uint32_t seqnum)
{
- /* mark the packet as signed - BEFORE we sign it...*/
- mark_packet_signed(outbuf);
-
- /* I wonder what BSRSPYL stands for - but this is what MS
- actually sends! */
- memcpy(&outbuf[smb_ss_field], "BSRSPYL ", 8);
- return;
-}
-
-/***********************************************************
- SMB signing - TEMP implementation - check a MAC sent by server.
-************************************************************/
+ uint8_t calc_md5_mac[16];
+ uint16_t flags2;
-static bool temp_check_incoming_message(const char *inbuf,
- struct smb_sign_info *si, bool foo)
-{
- return True;
-}
-
-/***********************************************************
- SMB signing - TEMP implementation - free signing context
-************************************************************/
-
-static void temp_free_signing_context(struct smb_sign_info *si)
-{
- return;
-}
-
-/***********************************************************
- SMB signing - NULL implementation - setup the MAC key.
-************************************************************/
-
-bool cli_null_set_signing(struct cli_state *cli)
-{
- return null_set_signing(&cli->sign_info);
-}
-
-/***********************************************************
- SMB signing - temp implementation - setup the MAC key.
-************************************************************/
-
-bool cli_temp_set_signing(struct cli_state *cli)
-{
- if (!cli_set_smb_signing_common(cli)) {
- return False;
- }
-
- cli->sign_info.signing_context = NULL;
-
- cli->sign_info.sign_outgoing_message = temp_sign_outgoing_message;
- cli->sign_info.check_incoming_message = temp_check_incoming_message;
- cli->sign_info.free_signing_context = temp_free_signing_context;
-
- return True;
-}
-
-void cli_free_signing_context(struct cli_state *cli)
-{
- free_signing_context(&cli->sign_info);
-}
-
-/**
- * Sign a packet with the current mechanism
- */
-
-void cli_calculate_sign_mac(struct cli_state *cli, char *buf)
-{
- cli->sign_info.sign_outgoing_message(buf, &cli->sign_info);
-}
-
-/**
- * Check a packet with the current mechanism
- * @return False if we had an established signing connection
- * which had a bad checksum, True otherwise.
- */
-
-bool cli_check_sign_mac(struct cli_state *cli, char *buf)
-{
- if (!cli->sign_info.check_incoming_message(buf, &cli->sign_info, True)) {
- free_signing_context(&cli->sign_info);
- return False;
- }
- return True;
-}
-
-/***********************************************************
- Enter trans/trans2/nttrans state.
-************************************************************/
-
-bool client_set_trans_sign_state_on(struct cli_state *cli, uint16 mid)
-{
- struct smb_sign_info *si = &cli->sign_info;
- struct smb_basic_signing_context *data = (struct smb_basic_signing_context *)si->signing_context;
-
- if (!si->doing_signing) {
- return True;
- }
-
- if (!data) {
- return False;
- }
-
- if (!set_sequence_can_delete_flag(&data->outstanding_packet_list, mid, False)) {
- return False;
- }
-
- return True;
-}
-
-/***********************************************************
- Leave trans/trans2/nttrans state.
-************************************************************/
-
-bool client_set_trans_sign_state_off(struct cli_state *cli, uint16 mid)
-{
- uint32 reply_seq_num;
- struct smb_sign_info *si = &cli->sign_info;
- struct smb_basic_signing_context *data = (struct smb_basic_signing_context *)si->signing_context;
-
- if (!si->doing_signing) {
- return True;
- }
-
- if (!data) {
- return False;
- }
-
- if (!set_sequence_can_delete_flag(&data->outstanding_packet_list, mid, True)) {
- return False;
- }
-
- /* Now delete the stored mid entry. */
- if (!get_sequence_for_reply(&data->outstanding_packet_list, mid, &reply_seq_num)) {
- return False;
- }
-
- return True;
-}
-
-/***********************************************************
- Is client signing on ?
-************************************************************/
-
-bool client_is_signing_on(struct cli_state *cli)
-{
- struct smb_sign_info *si = &cli->sign_info;
- return si->doing_signing;
-}
-
-/***********************************************************
- SMB signing - Server implementation - send the MAC.
-************************************************************/
-
-static void srv_sign_outgoing_message(char *outbuf, struct smb_sign_info *si)
-{
- unsigned char calc_md5_mac[16];
- struct smb_basic_signing_context *data =
- (struct smb_basic_signing_context *)si->signing_context;
- uint32 send_seq_number = data->send_seq_num-1;
- uint16 mid;
-
- if (!si->doing_signing) {
- return;
+ if (si->mac_key.length == 0) {
+ if (!si->bsrspyl) {
+ return;
+ }
}
/* JRA Paranioa test - we should be able to get rid of this... */
if (smb_len(outbuf) < (smb_ss_field + 8 - 4)) {
- DEBUG(1, ("srv_sign_outgoing_message: Logic error. Can't send signature on short packet! smb_len = %u\n",
- smb_len(outbuf) ));
+ DEBUG(1,("smb_signing_sign_pdu: Logic error. "
+ "Can't check signature on short packet! smb_len = %u\n",
+ smb_len(outbuf)));
abort();
}
/* mark the packet as signed - BEFORE we sign it...*/
- mark_packet_signed(outbuf);
-
- mid = SVAL(outbuf, smb_mid);
-
- /* See if this is a reply for a deferred packet. */
- get_sequence_for_reply(&data->outstanding_packet_list, mid, &send_seq_number);
+ flags2 = SVAL(outbuf,smb_flg2);
+ flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES;
+ SSVAL(outbuf, smb_flg2, flags2);
- simple_packet_signature(data, (const unsigned char *)outbuf, send_seq_number, calc_md5_mac);
+ if (si->bsrspyl) {
+ /* I wonder what BSRSPYL stands for - but this is what MS
+ actually sends! */
+ memcpy(calc_md5_mac, "BSRSPYL ", 8);
+ } else {
+ smb_signing_md5(&si->mac_key, outbuf,
+ seqnum, calc_md5_mac);
+ }
- DEBUG(10, ("srv_sign_outgoing_message: seq %u: sent SMB signature of\n", (unsigned int)send_seq_number));
+ DEBUG(10, ("smb_signing_sign_pdu: sent SMB signature of\n"));
dump_data(10, calc_md5_mac, 8);
memcpy(&outbuf[smb_ss_field], calc_md5_mac, 8);
-/* cli->outbuf[smb_ss_field+2]=0;
- Uncomment this to test if the remote client actually verifies signatures...*/
+/* outbuf[smb_ss_field+2]=0;
+ Uncomment this to test if the remote server actually verifies signatures...*/
}
-/***********************************************************
- SMB signing - Server implementation - check a MAC sent by server.
-************************************************************/
-
-static bool srv_check_incoming_message(const char *inbuf,
- struct smb_sign_info *si,
- bool must_be_ok)
+bool smb_signing_check_pdu(struct smb_signing_state *si,
+ const uint8_t *inbuf, uint32_t seqnum)
{
bool good;
- struct smb_basic_signing_context *data =
- (struct smb_basic_signing_context *)si->signing_context;
- uint32 reply_seq_number = data->send_seq_num;
- uint32 saved_seq;
- unsigned char calc_md5_mac[16];
- unsigned char *server_sent_mac;
+ uint8_t calc_md5_mac[16];
+ const uint8_t *reply_sent_mac;
- if (!si->doing_signing)
- return True;
+ if (si->mac_key.length == 0) {
+ return true;
+ }
if (smb_len(inbuf) < (smb_ss_field + 8 - 4)) {
- DEBUG(1, ("srv_check_incoming_message: Can't check signature on short packet! smb_len = %u\n", smb_len(inbuf)));
+ DEBUG(1,("smb_signing_check_pdu: Can't check signature "
+ "on short packet! smb_len = %u\n",
+ smb_len(inbuf)));
return False;
}
- /* We always increment the sequence number. */
- data->send_seq_num += 2;
-
- saved_seq = reply_seq_number;
- simple_packet_signature(data, (const unsigned char *)inbuf, reply_seq_number, calc_md5_mac);
+ smb_signing_md5(&si->mac_key, inbuf,
+ seqnum, calc_md5_mac);
- server_sent_mac = (unsigned char *)&inbuf[smb_ss_field];
- good = (memcmp(server_sent_mac, calc_md5_mac, 8) == 0);
+ reply_sent_mac = &inbuf[smb_ss_field];
+ good = (memcmp(reply_sent_mac, calc_md5_mac, 8) == 0);
if (!good) {
+ int i;
+ const int sign_range = 5;
- if (saved_seq) {
- DEBUG(0, ("srv_check_incoming_message: BAD SIG: seq %u wanted SMB signature of\n",
- (unsigned int)saved_seq));
- dump_data(5, calc_md5_mac, 8);
-
- DEBUG(0, ("srv_check_incoming_message: BAD SIG: seq %u got SMB signature of\n",
- (unsigned int)reply_seq_number));
- dump_data(5, server_sent_mac, 8);
- }
+ DEBUG(5, ("smb_signing_check_pdu: BAD SIG: wanted SMB signature of\n"));
+ dump_data(5, calc_md5_mac, 8);
-#if 1 /* JRATEST */
- {
- int i;
- reply_seq_number -= 5;
- for (i = 0; i < 10; i++, reply_seq_number++) {
- simple_packet_signature(data, (const unsigned char *)inbuf, reply_seq_number, calc_md5_mac);
- if (memcmp(server_sent_mac, calc_md5_mac, 8) == 0) {
- DEBUG(0,("srv_check_incoming_message: out of seq. seq num %u matches. \
-We were expecting seq %u\n", reply_seq_number, saved_seq ));
- break;
- }
+ DEBUG(5, ("smb_signing_check_pdu: BAD SIG: got SMB signature of\n"));
+ dump_data(5, reply_sent_mac, 8);
+
+ for (i = -sign_range; i < sign_range; i++) {
+ smb_signing_md5(&si->mac_key, inbuf,
+ seqnum+i, calc_md5_mac);
+ if (memcmp(reply_sent_mac, calc_md5_mac, 8) == 0) {
+ DEBUG(0,("smb_signing_check_pdu: "
+ "out of seq. seq num %u matches. "
+ "We were expecting seq %u\n",
+ (unsigned int)seqnum+i,
+ (unsigned int)seqnum));
+ break;
}
}
-#endif /* JRATEST */
-
} else {
- DEBUG(10, ("srv_check_incoming_message: seq %u: (current is %u) got good SMB signature of\n", (unsigned int)reply_seq_number, (unsigned int)data->send_seq_num));
- dump_data(10, server_sent_mac, 8);
+ DEBUG(10, ("smb_signing_check_pdu: seq %u: "
+ "got good SMB signature of\n",
+ (unsigned int)seqnum));
+ dump_data(10, reply_sent_mac, 8);
}
- return (signing_good(inbuf, si, good, saved_seq, must_be_ok));
+ return smb_signing_good(si, good, seqnum);
}
-/***********************************************************
- SMB signing - server API's.
-************************************************************/
-
-static struct smb_sign_info srv_sign_info = {
- null_sign_outgoing_message,
- null_check_incoming_message,
- null_free_signing_context,
- NULL,
- False,
- False,
- False,
- False
-};
-
-/***********************************************************
- Turn signing off or on for oplock break code.
-************************************************************/
-
-bool srv_oplock_set_signing(bool onoff)
+bool smb_signing_set_bsrspyl(struct smb_signing_state *si)
{
- bool ret = srv_sign_info.doing_signing;
- srv_sign_info.doing_signing = onoff;
- return ret;
-}
-
-/***********************************************************
- Called to validate an incoming packet from the client.
-************************************************************/
-
-bool srv_check_sign_mac(const char *inbuf, bool must_be_ok)
-{
- /* Check if it's a non-session message. */
- if(CVAL(inbuf,0)) {
- return True;
+ if (!si->negotiated) {
+ return false;
}
- return srv_sign_info.check_incoming_message(inbuf, &srv_sign_info, must_be_ok);
-}
-
-/***********************************************************
- Called to sign an outgoing packet to the client.
-************************************************************/
-
-void srv_calculate_sign_mac(char *outbuf)
-{
- /* Check if it's a non-session message. */
- if(CVAL(outbuf,0)) {
- return;
+ if (si->active) {
+ return false;
}
- srv_sign_info.sign_outgoing_message(outbuf, &srv_sign_info);
-}
+ si->bsrspyl = true;
-/***********************************************************
- Called by server to defer an outgoing packet.
-************************************************************/
+ return true;
+}
-void srv_defer_sign_response(uint16 mid)
+bool smb_signing_activate(struct smb_signing_state *si,
+ const DATA_BLOB user_session_key,
+ const DATA_BLOB response)
{
- struct smb_basic_signing_context *data;
-
- if (!srv_sign_info.doing_signing)
- return;
+ size_t len;
+ off_t ofs;
- data = (struct smb_basic_signing_context *)srv_sign_info.signing_context;
+ if (!user_session_key.length) {
+ return false;
+ }
- if (!data)
- return;
+ if (!si->negotiated) {
+ return false;
+ }
- /*
- * Ensure we only store this mid reply once...
- */
+ if (si->active) {
+ return false;
+ }
- store_sequence_for_reply(&data->outstanding_packet_list, mid,
- data->send_seq_num-1);
-}
+ if (si->mac_key.length > 0) {
+ return false;
+ }
-/***********************************************************
- Called to remove sequence records when a deferred packet is
- cancelled by mid. This should never find one....
-************************************************************/
+ smb_signing_reset_info(si);
-void srv_cancel_sign_response(uint16 mid, bool cancel)
-{
- struct smb_basic_signing_context *data;
- uint32 dummy_seq;
+ len = response.length + user_session_key.length;
+ si->mac_key = data_blob_talloc(si, NULL, len);
- if (!srv_sign_info.doing_signing)
- return;
+ ofs = 0;
+ memcpy(&si->mac_key.data[ofs], user_session_key.data, user_session_key.length);
- data = (struct smb_basic_signing_context *)srv_sign_info.signing_context;
+ DEBUG(10, ("smb_signing_activate: user_session_key\n"));
+ dump_data(10, user_session_key.data, user_session_key.length);
- if (!data)
- return;
+ if (response.length) {
+ ofs = user_session_key.length;
+ memcpy(&si->mac_key.data[ofs], response.data, response.length);
+ DEBUG(10, ("smb_signing_activate: response_data\n"));
+ dump_data(10, response.data, response.length);
+ } else {
+ DEBUG(10, ("smb_signing_activate: NULL response_data\n"));
+ }
- DEBUG(10,("srv_cancel_sign_response: for mid %u\n", (unsigned int)mid ));
+ dump_data_pw("smb_signing_activate: mac key is:\n",
+ si->mac_key.data, si->mac_key.length);
- while (get_sequence_for_reply(&data->outstanding_packet_list, mid, &dummy_seq))
- ;
+ /* Initialise the sequence number */
+ si->seqnum = 2;
- /* cancel doesn't send a reply so doesn't burn a sequence number. */
- if (cancel) {
- data->send_seq_num -= 1;
- }
+ return true;
}
-/***********************************************************
- Called by server negprot when signing has been negotiated.
-************************************************************/
-
-void srv_set_signing_negotiated(void)
+bool smb_signing_is_active(struct smb_signing_state *si)
{
- srv_sign_info.allow_smb_signing = True;
- srv_sign_info.negotiated_smb_signing = True;
- if (lp_server_signing() == Required)
- srv_sign_info.mandatory_signing = True;
-
- srv_sign_info.sign_outgoing_message = temp_sign_outgoing_message;
- srv_sign_info.check_incoming_message = temp_check_incoming_message;
- srv_sign_info.free_signing_context = temp_free_signing_context;
+ return si->active;
}
-/***********************************************************
- Returns whether signing is active. We can't use sendfile or raw
- reads/writes if it is.
-************************************************************/
-
-bool srv_is_signing_active(void)
+bool smb_signing_is_allowed(struct smb_signing_state *si)
{
- return srv_sign_info.doing_signing;
+ return si->allowed;
}
-
-/***********************************************************
- Returns whether signing is negotiated. We can't use it unless it was
- in the negprot.
-************************************************************/
-
-bool srv_is_signing_negotiated(void)
+bool smb_signing_is_mandatory(struct smb_signing_state *si)
{
- return srv_sign_info.negotiated_smb_signing;
+ return si->mandatory;
}
-/***********************************************************
- Returns whether signing is actually happening
-************************************************************/
-
-bool srv_signing_started(void)
+bool smb_signing_set_negotiated(struct smb_signing_state *si)
{
- struct smb_basic_signing_context *data;
-
- if (!srv_sign_info.doing_signing) {
- return False;
+ if (!si->allowed) {
+ return false;
}
- data = (struct smb_basic_signing_context *)srv_sign_info.signing_context;
- if (!data)
- return False;
+ si->negotiated = true;
- if (data->send_seq_num == 0) {
- return False;
- }
-
- return True;
+ return true;
}
-/***********************************************************
- Turn on signing from this packet onwards.
-************************************************************/
-
-void srv_set_signing(const DATA_BLOB user_session_key, const DATA_BLOB response)
+bool smb_signing_is_negotiated(struct smb_signing_state *si)
{
- struct smb_basic_signing_context *data;
-
- if (!user_session_key.length)
- return;
-
- if (!srv_sign_info.negotiated_smb_signing && !srv_sign_info.mandatory_signing) {
- DEBUG(5,("srv_set_signing: signing negotiated = %u, mandatory_signing = %u. Not allowing smb signing.\n",
- (unsigned int)srv_sign_info.negotiated_smb_signing,
- (unsigned int)srv_sign_info.mandatory_signing ));
- return;
- }
-
- /* Once we've turned on, ignore any more sessionsetups. */
- if (srv_sign_info.doing_signing) {
- return;
- }
-
- if (srv_sign_info.free_signing_context)
- srv_sign_info.free_signing_context(&srv_sign_info);
-
- srv_sign_info.doing_signing = True;
-
- data = SMB_XMALLOC_P(struct smb_basic_signing_context);
- memset(data, '\0', sizeof(*data));
-
- srv_sign_info.signing_context = data;
-
- data->mac_key = data_blob(NULL, response.length + user_session_key.length);
-
- memcpy(&data->mac_key.data[0], user_session_key.data, user_session_key.length);
- if (response.length)
- memcpy(&data->mac_key.data[user_session_key.length],response.data, response.length);
-
- dump_data_pw("MAC ssession key is:\n", data->mac_key.data, data->mac_key.length);
-
- DEBUG(3,("srv_set_signing: turning on SMB signing: signing negotiated = %s, mandatory_signing = %s.\n",
- BOOLSTR(srv_sign_info.negotiated_smb_signing),
- BOOLSTR(srv_sign_info.mandatory_signing) ));
-
- /* Initialise the sequence number */
- data->send_seq_num = 0;
-
- /* Initialise the list of outstanding packets */
- data->outstanding_packet_list = NULL;
-
- srv_sign_info.sign_outgoing_message = srv_sign_outgoing_message;
- srv_sign_info.check_incoming_message = srv_check_incoming_message;
- srv_sign_info.free_signing_context = simple_free_signing_context;
+ return si->negotiated;
}
diff --git a/source3/libsmb/unexpected.c b/source3/libsmb/unexpected.c
index df4d2119e2..d123e24aa8 100644
--- a/source3/libsmb/unexpected.c
+++ b/source3/libsmb/unexpected.c
@@ -162,6 +162,8 @@ static int traverse_match(TDB_CONTEXT *ttdb, TDB_DATA kbuf, TDB_DATA dbuf,
state->match_type,
ip,
port);
+ if (!p)
+ return 0;
if ((state->match_type == NMB_PACKET &&
p->packet.nmb.header.name_trn_id == state->match_id) ||