summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/smbd/globals.h14
-rw-r--r--source3/smbd/process.c9
-rw-r--r--source3/smbd/smb2_server.c60
-rw-r--r--source3/smbd/smb2_sesssetup.c118
4 files changed, 138 insertions, 63 deletions
diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h
index aaea100a65..9eadc99c0e 100644
--- a/source3/smbd/globals.h
+++ b/source3/smbd/globals.h
@@ -494,8 +494,8 @@ struct smbd_smb2_session {
uint64_t vuid;
struct gensec_security *gensec_security;
struct auth_session_info *session_info;
- DATA_BLOB session_key;
- bool do_signing;
+
+ struct smbXsrv_session *smbXsrv;
struct user_struct *compat_vuser;
@@ -532,6 +532,8 @@ struct user_struct {
struct auth_session_info *session_info;
struct gensec_security *gensec_security;
+
+ struct smbXsrv_session0 *session;
};
struct smbd_server_connection {
@@ -672,14 +674,6 @@ struct smbd_server_connection {
struct tstream_context *stream;
bool negprot_2ff;
struct {
- /* an id tree used to allocate vuids */
- /* this holds info on session vuids that are already
- * validated for this VC */
- struct idr_context *idtree;
-
- /* this is the limit of vuid values for this connection */
- uint64_t limit;
-
struct smbd_smb2_session *list;
} sessions;
struct {
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 77c4804a38..e25fbc77c1 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -3157,9 +3157,18 @@ static void smbd_id_cache_kill(struct messaging_context *msg_ctx,
NTSTATUS smbXsrv_connection_init_tables(struct smbXsrv_connection *conn,
enum protocol_types protocol)
{
+ NTSTATUS status;
+
set_Protocol(protocol);
conn->protocol = protocol;
+ if (protocol >= PROTOCOL_SMB2_02) {
+ status = smb2srv_session_table_init(conn);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ }
+
return NT_STATUS_OK;
}
diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index 5d30aa4890..f49c05cd56 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -108,11 +108,6 @@ static NTSTATUS smbd_initialize_smb2(struct smbd_server_connection *sconn)
return NT_STATUS_NO_MEMORY;
}
- sconn->smb2.sessions.idtree = idr_init(sconn);
- if (sconn->smb2.sessions.idtree == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
- sconn->smb2.sessions.limit = 0x0000FFFE;
sconn->smb2.sessions.list = NULL;
sconn->smb2.seqnum_low = 0;
sconn->smb2.credits_granted = 0;
@@ -816,9 +811,13 @@ static NTSTATUS smb2_send_async_interim_response(const struct smbd_smb2_request
/* Re-sign if needed. */
if (nreq->do_signing) {
NTSTATUS status;
- status = smb2_signing_sign_pdu(nreq->session->session_key,
- get_Protocol(),
- &nreq->out.vector[i], 3);
+ struct smbXsrv_session *x = nreq->session->smbXsrv;
+ struct smbXsrv_connection *conn = x->connection;
+ DATA_BLOB signing_key = x->global->channels[0].signing_key;
+
+ status = smb2_signing_sign_pdu(signing_key,
+ conn->protocol,
+ &nreq->out.vector[i], 3);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
@@ -1101,10 +1100,13 @@ static void smbd_smb2_request_pending_timer(struct tevent_context *ev,
if (req->do_signing) {
NTSTATUS status;
+ struct smbXsrv_session *x = req->session->smbXsrv;
+ struct smbXsrv_connection *conn = x->connection;
+ DATA_BLOB signing_key = x->global->channels[0].signing_key;
- status = smb2_signing_sign_pdu(req->session->session_key,
- get_Protocol(),
- &state->vector[1], 2);
+ status = smb2_signing_sign_pdu(signing_key,
+ conn->protocol,
+ &state->vector[1], 2);
if (!NT_STATUS_IS_OK(status)) {
smbd_server_connection_terminate(req->sconn,
nt_errstr(status));
@@ -1247,8 +1249,10 @@ static NTSTATUS smbd_smb2_request_check_session(struct smbd_smb2_request *req)
int i = req->current_idx;
uint32_t in_flags;
uint64_t in_session_id;
- void *p;
struct smbd_smb2_session *session;
+ struct smbXsrv_session *smbXsrv;
+ NTSTATUS status;
+ NTTIME now = timeval_to_nttime(&req->request_time);
req->session = NULL;
req->tcon = NULL;
@@ -1263,12 +1267,13 @@ static NTSTATUS smbd_smb2_request_check_session(struct smbd_smb2_request *req)
}
/* lookup an existing session */
- p = idr_find(req->sconn->smb2.sessions.idtree, in_session_id);
- if (p == NULL) {
- return NT_STATUS_USER_SESSION_DELETED;
+ status = smb2srv_session_lookup(req->sconn->conn,
+ in_session_id, now,
+ &smbXsrv);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
}
- session = talloc_get_type_abort(p, struct smbd_smb2_session);
-
+ session = smbXsrv->smb2sess;
if (!NT_STATUS_IS_OK(session->status)) {
return NT_STATUS_ACCESS_DENIED;
}
@@ -1388,6 +1393,7 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
NTSTATUS session_status;
uint32_t allowed_flags;
NTSTATUS return_value;
+ struct smbXsrv_session *x = NULL;
inhdr = (const uint8_t *)req->in.vector[i].iov_base;
@@ -1439,23 +1445,29 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
* we defer the check of the session_status
*/
session_status = smbd_smb2_request_check_session(req);
+ if (req->session) {
+ x = req->session->smbXsrv;
+ }
req->do_signing = false;
if (flags & SMB2_HDR_FLAG_SIGNED) {
+ struct smbXsrv_connection *conn = x->connection;
+ DATA_BLOB signing_key = x->global->channels[0].signing_key;
+
if (!NT_STATUS_IS_OK(session_status)) {
return smbd_smb2_request_error(req, session_status);
}
req->do_signing = true;
- status = smb2_signing_check_pdu(req->session->session_key,
- get_Protocol(),
+ status = smb2_signing_check_pdu(signing_key,
+ conn->protocol,
&req->in.vector[i], 3);
if (!NT_STATUS_IS_OK(status)) {
return smbd_smb2_request_error(req, status);
}
} else if (opcode == SMB2_OP_CANCEL) {
/* Cancel requests are allowed to skip the signing */
- } else if (req->session && req->session->do_signing) {
+ } else if (x && x->global->signing_required) {
return smbd_smb2_request_error(req, NT_STATUS_ACCESS_DENIED);
}
@@ -1937,8 +1949,12 @@ static NTSTATUS smbd_smb2_request_reply(struct smbd_smb2_request *req)
if (req->do_signing) {
NTSTATUS status;
- status = smb2_signing_sign_pdu(req->session->session_key,
- get_Protocol(),
+ struct smbXsrv_session *x = req->session->smbXsrv;
+ struct smbXsrv_connection *conn = x->connection;
+ DATA_BLOB signing_key = x->global->channels[0].signing_key;
+
+ status = smb2_signing_sign_pdu(signing_key,
+ conn->protocol,
&req->out.vector[i], 3);
if (!NT_STATUS_IS_OK(status)) {
return status;
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 36084a4df6..bc13ffbf72 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -187,7 +187,6 @@ static int smbd_smb2_session_destructor(struct smbd_smb2_session *session)
talloc_free(session->tcons.list);
}
- idr_remove(session->sconn->smb2.sessions.idtree, session->vuid);
DLIST_REMOVE(session->sconn->smb2.sessions.list, session);
invalidate_vuid(session->sconn, session->vuid);
@@ -195,6 +194,9 @@ static int smbd_smb2_session_destructor(struct smbd_smb2_session *session)
session->status = NT_STATUS_USER_SESSION_DELETED;
session->sconn = NULL;
+ session->smbXsrv->compat = NULL;
+ TALLOC_FREE(session->smbXsrv);
+
return 0;
}
@@ -206,11 +208,14 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbd_smb2_session *session,
uint16_t *out_session_flags,
uint64_t *out_session_id)
{
+ NTSTATUS status;
bool guest = false;
+ uint8_t session_key[16];
+ struct smbXsrv_session *x = session->smbXsrv;
if ((in_security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) ||
lp_server_signing() == SMB_SIGNING_REQUIRED) {
- session->do_signing = true;
+ x->global->signing_required = true;
}
if (security_session_user_level(session->session_info, NULL) < SECURITY_USER) {
@@ -218,11 +223,39 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbd_smb2_session *session,
*out_session_flags |= SMB2_SESSION_FLAG_IS_GUEST;
*out_session_flags |= SMB2_SESSION_FLAG_IS_NULL;
/* force no signing */
- session->do_signing = false;
+ x->global->signing_required = false;
guest = true;
}
- session->session_key = session->session_info->session_key;
+ ZERO_STRUCT(session_key);
+ memcpy(session_key, session->session_info->session_key.data,
+ MIN(session->session_info->session_key.length, sizeof(session_key)));
+
+ x->global->signing_key = data_blob_talloc(x->global,
+ session_key,
+ sizeof(session_key));
+ if (x->global->signing_key.data == NULL) {
+ ZERO_STRUCT(session_key);
+ TALLOC_FREE(session);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ x->global->application_key = data_blob_dup_talloc(x->global,
+ x->global->signing_key);
+ if (x->global->application_key.data == NULL) {
+ ZERO_STRUCT(session_key);
+ TALLOC_FREE(session);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ ZERO_STRUCT(session_key);
+
+ x->global->channels[0].signing_key = data_blob_dup_talloc(x->global->channels,
+ x->global->signing_key);
+ if (x->global->channels[0].signing_key.data == NULL) {
+ TALLOC_FREE(session);
+ return NT_STATUS_NO_MEMORY;
+ }
session->compat_vuser = talloc_zero(session, struct user_struct);
if (session->compat_vuser == NULL) {
@@ -256,6 +289,21 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbd_smb2_session *session,
reload_services(smb2req->sconn, conn_snum_used, true);
+ session->smbXsrv->status = NT_STATUS_OK;
+ session->smbXsrv->global->auth_session_info = session->session_info;
+ session->smbXsrv->global->auth_session_info_seqnum += 1;
+ session->smbXsrv->global->channels[0].auth_session_info_seqnum =
+ session->smbXsrv->global->auth_session_info_seqnum;
+
+ status = smbXsrv_session_update(session->smbXsrv);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("smb2: Failed to update session for vuid=%llu - %s\n",
+ (unsigned long long)session->compat_vuser->vuid,
+ nt_errstr(status)));
+ TALLOC_FREE(session);
+ return NT_STATUS_LOGON_FAILURE;
+ }
+
session->status = NT_STATUS_OK;
/*
@@ -351,55 +399,63 @@ static NTSTATUS smbd_smb2_session_setup(struct smbd_smb2_request *smb2req,
DATA_BLOB *out_security_buffer,
uint64_t *out_session_id)
{
- struct smbd_smb2_session *session;
+ struct smbd_smb2_session *smb2sess;
+ struct smbXsrv_session *session;
+ NTSTATUS status;
+ NTTIME now = timeval_to_nttime(&smb2req->request_time);
*out_session_flags = 0;
*out_session_id = 0;
if (in_session_id == 0) {
- int id;
-
/* create a new session */
- session = talloc_zero(smb2req->sconn, struct smbd_smb2_session);
- if (session == NULL) {
+ smb2sess = talloc_zero(smb2req->sconn, struct smbd_smb2_session);
+ if (smb2sess == NULL) {
return NT_STATUS_NO_MEMORY;
}
- session->status = NT_STATUS_MORE_PROCESSING_REQUIRED;
- id = idr_get_new_random(smb2req->sconn->smb2.sessions.idtree,
- session,
- smb2req->sconn->smb2.sessions.limit);
- if (id == -1) {
- return NT_STATUS_INSUFFICIENT_RESOURCES;
+
+ status = smbXsrv_session_create(smb2req->sconn->conn,
+ now, &session);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
}
- session->vuid = id;
+ smb2sess->smbXsrv = session;
+ session->smb2sess = smb2sess;
+ talloc_set_destructor(smb2sess, smbd_smb2_session_destructor);
- session->tcons.idtree = idr_init(session);
- if (session->tcons.idtree == NULL) {
+ smb2sess->status = NT_STATUS_MORE_PROCESSING_REQUIRED;
+ smb2sess->vuid = session->global->session_wire_id;
+
+ smb2sess->tcons.idtree = idr_init(smb2sess);
+ if (smb2sess->tcons.idtree == NULL) {
return NT_STATUS_NO_MEMORY;
}
- session->tcons.limit = 0x0000FFFE;
- session->tcons.list = NULL;
+ smb2sess->tcons.limit = 0x0000FFFE;
+ smb2sess->tcons.list = NULL;
- DLIST_ADD_END(smb2req->sconn->smb2.sessions.list, session,
+ DLIST_ADD_END(smb2req->sconn->smb2.sessions.list, smb2sess,
struct smbd_smb2_session *);
- session->sconn = smb2req->sconn;
- talloc_set_destructor(session, smbd_smb2_session_destructor);
+ smb2sess->sconn = smb2req->sconn;
} else {
- void *p;
+ status = smb2srv_session_lookup(smb2req->sconn->conn,
+ in_session_id, now,
+ &session);
+ if (NT_STATUS_IS_OK(status)) {
+ return NT_STATUS_REQUEST_NOT_ACCEPTED;
+ }
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
- /* lookup an existing session */
- p = idr_find(smb2req->sconn->smb2.sessions.idtree, in_session_id);
- if (p == NULL) {
- return NT_STATUS_USER_SESSION_DELETED;
+ return status;
}
- session = talloc_get_type_abort(p, struct smbd_smb2_session);
+
+ smb2sess = session->smb2sess;
}
- if (NT_STATUS_IS_OK(session->status)) {
+ if (NT_STATUS_IS_OK(smb2sess->status)) {
return NT_STATUS_REQUEST_NOT_ACCEPTED;
}
- return smbd_smb2_auth_generic(session,
+ return smbd_smb2_auth_generic(smb2sess,
smb2req,
in_security_mode,
in_previous_session_id,