From 910d61bcd1fbfc6fc406d4384f305f5210e92d56 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 18 Nov 2005 14:13:49 +0000 Subject: r11789: - add the start of a SMB2 server - it does Negprot and SessionSetup yet the rest returns NT_STATUS_NOT_IMPLEMENTED - it's off by default, enable with: smbsrv:enable smb2 = yes - negotition in the SMB Negprot isn't supported yet - it's only tested with smbtorture SMB2-CONNECT not with vista as client metze (This used to be commit 08b31d5f618d2e416cb9812ad3a49754cd7212b8) --- source4/smb_server/smb2/sesssetup.c | 185 ++++++++++++++++++++++++++++++++++++ 1 file changed, 185 insertions(+) create mode 100644 source4/smb_server/smb2/sesssetup.c (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c new file mode 100644 index 0000000000..af0c074dac --- /dev/null +++ b/source4/smb_server/smb2/sesssetup.c @@ -0,0 +1,185 @@ +/* + Unix SMB2 implementation. + + Copyright (C) Andrew Bartlett 2001-2005 + Copyright (C) Stefan Metzmacher 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" +#include "auth/auth.h" +#include "libcli/smb2/smb2.h" +#include "libcli/smb2/smb2_calls.h" +#include "smb_server/smb_server.h" +#include "smb_server/smb2/smb2_server.h" +#include "smbd/service_stream.h" + +struct smb2srv_session { + struct smb2srv_session *prev,*next; + uint64_t uid; + struct gensec_security *gensec_ctx; + struct auth_session_info *session_info; +}; + +static NTSTATUS smb2srv_sesssetup_backend(struct smb2srv_request *req, struct smb2_session_setup *io) +{ + NTSTATUS status = NT_STATUS_ACCESS_DENIED; + struct smbsrv_session *smb_sess = NULL; + struct auth_session_info *session_info = NULL; + uint64_t vuid; + + io->out._pad = 0; + io->out.uid = 0; + io->out.secblob = data_blob(NULL, 0); + + vuid = BVAL(req->in.hdr, SMB2_HDR_UID); + + /* TODO: we're stricter than the SMB version till we have + * SMB2-CONTEXT test + */ + if (vuid == 0) { + struct gensec_security *gensec_ctx; + + status = gensec_server_start(req, &gensec_ctx, + req->smb_conn->connection->event.ctx); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("Failed to start GENSEC server code: %s\n", nt_errstr(status))); + return status; + } + + gensec_set_credentials(gensec_ctx, req->smb_conn->negotiate.server_credentials); + + gensec_set_target_service(gensec_ctx, "cifs"); + + gensec_want_feature(gensec_ctx, GENSEC_FEATURE_SESSION_KEY); + + status = gensec_start_mech_by_oid(gensec_ctx, GENSEC_OID_SPNEGO); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("Failed to start GENSEC SPNEGO server code: %s\n", nt_errstr(status))); + return status; + } + + /* allocate a new session */ + smb_sess = smbsrv_session_new(req->smb_conn, gensec_ctx); + } else { + /* lookup an existing session */ + smb_sess = smbsrv_session_find_sesssetup(req->smb_conn, vuid); + } + + if (!smb_sess) { + return NT_STATUS_ACCESS_DENIED; + } + + if (!smb_sess->gensec_ctx) { + status = NT_STATUS_INTERNAL_ERROR; + DEBUG(1, ("Internal ERROR: no gensec_ctx on session: %s\n", nt_errstr(status))); + goto failed; + } + + status = gensec_update(smb_sess->gensec_ctx, req, io->in.secblob, &io->out.secblob); + if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + io->out.uid = smb_sess->vuid; + return status; + } else if (!NT_STATUS_IS_OK(status)) { + goto failed; + } + + status = gensec_session_info(smb_sess->gensec_ctx, &session_info); + if (!NT_STATUS_IS_OK(status)) { + goto failed; + } + + /* Ensure this is marked as a 'real' vuid, not one + * simply valid for the session setup leg */ + status = smbsrv_session_sesssetup_finished(smb_sess, session_info); + if (!NT_STATUS_IS_OK(status)) { + goto failed; + } + req->session = smb_sess; + + io->out.uid = smb_sess->vuid; + return status; + +failed: + talloc_free(smb_sess); + return auth_nt_status_squash(status); +} + +static void smb2srv_sesssetup_send(struct smb2srv_request *req, struct smb2_session_setup *io) +{ + NTSTATUS status; + + if (NT_STATUS_IS_ERR(req->status) && !NT_STATUS_EQUAL(req->status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + smb2srv_send_error(req, req->status); + return; + } + + status = smb2srv_setup_reply(req, 0x08, io->out.secblob.length); + if (!NT_STATUS_IS_OK(status)) { + smbsrv_terminate_connection(req->smb_conn, nt_errstr(status)); + talloc_free(req); + return; + } + + SIVAL(req->out.hdr, SMB2_HDR_STATUS, NT_STATUS_V(req->status)); + SBVAL(req->out.hdr, SMB2_HDR_UID, io->out.uid); + + SSVAL(req->out.body, 0x02, io->out._pad); + status = smb2_push_o16s16_blob(&req->out, 0x04, io->out.secblob); + if (!NT_STATUS_IS_OK(status)) { + smbsrv_terminate_connection(req->smb_conn, nt_errstr(status)); + talloc_free(req); + return; + } + + smb2srv_send_reply(req); +} + +void smb2srv_sesssetup_recv(struct smb2srv_request *req) +{ + struct smb2_session_setup *io; + NTSTATUS status; + + if (req->in.body_size < 0x10) { + smb2srv_send_error(req, NT_STATUS_FOOBAR); + return; + } + + io = talloc(req, struct smb2_session_setup); + if (!io) { + smbsrv_terminate_connection(req->smb_conn, nt_errstr(NT_STATUS_NO_MEMORY)); + talloc_free(req); + return; + } + + io->in._pad = SVAL(req->in.body, 0x02); + io->in.unknown2 = IVAL(req->in.body, 0x04); + io->in.unknown3 = IVAL(req->in.body, 0x08); + status = smb2_pull_o16s16_blob(&req->in, io, req->in.body+0x0C, &io->in.secblob); + if (!NT_STATUS_IS_OK(status)) { + smbsrv_terminate_connection(req->smb_conn, nt_errstr(status)); + talloc_free(req); + return; + } + + req->status = smb2srv_sesssetup_backend(req, io); + + if (req->control_flags & SMB2SRV_REQ_CTRL_FLAG_NOT_REPLY) { + talloc_free(req); + return; + } + smb2srv_sesssetup_send(req, io); +} -- cgit From 2634f22bfcd5172ae20e9fa0d236aee91c43c1ae Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 6 Dec 2005 13:26:24 +0000 Subject: r12092: - add dummy functions for the missing SMB2 opcodes - implement keepalive and logoff metze (This used to be commit 859ab627f45a5acca1deb66b8abdc38eaf49e5a2) --- source4/smb_server/smb2/sesssetup.c | 57 +++++++++++++++++++++++++++++++------ 1 file changed, 49 insertions(+), 8 deletions(-) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index af0c074dac..7915590464 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -27,13 +27,6 @@ #include "smb_server/smb2/smb2_server.h" #include "smbd/service_stream.h" -struct smb2srv_session { - struct smb2srv_session *prev,*next; - uint64_t uid; - struct gensec_security *gensec_ctx; - struct auth_session_info *session_info; -}; - static NTSTATUS smb2srv_sesssetup_backend(struct smb2srv_request *req, struct smb2_session_setup *io) { NTSTATUS status = NT_STATUS_ACCESS_DENIED; @@ -134,7 +127,6 @@ static void smb2srv_sesssetup_send(struct smb2srv_request *req, struct smb2_sess return; } - SIVAL(req->out.hdr, SMB2_HDR_STATUS, NT_STATUS_V(req->status)); SBVAL(req->out.hdr, SMB2_HDR_UID, io->out.uid); SSVAL(req->out.body, 0x02, io->out._pad); @@ -183,3 +175,52 @@ void smb2srv_sesssetup_recv(struct smb2srv_request *req) } smb2srv_sesssetup_send(req, io); } + +static NTSTATUS smb2srv_logoff_backend(struct smb2srv_request *req) +{ + /* TODO: call ntvfs backends to close file of this session */ + talloc_free(req->session); + req->session = NULL; + return NT_STATUS_OK; +} + +static void smb2srv_logoff_send(struct smb2srv_request *req) +{ + NTSTATUS status; + + if (NT_STATUS_IS_ERR(req->status)) { + smb2srv_send_error(req, req->status); + return; + } + + status = smb2srv_setup_reply(req, 0x04, 0); + if (!NT_STATUS_IS_OK(status)) { + smbsrv_terminate_connection(req->smb_conn, nt_errstr(status)); + talloc_free(req); + return; + } + + SSVAL(req->out.body, 0x02, 0); + + smb2srv_send_reply(req); +} + +void smb2srv_logoff_recv(struct smb2srv_request *req) +{ + uint16_t _pad; + + if (req->in.body_size < 0x04) { + smb2srv_send_error(req, NT_STATUS_FOOBAR); + return; + } + + _pad = SVAL(req->in.body, 0x02); + + req->status = smb2srv_logoff_backend(req); + + if (req->control_flags & SMB2SRV_REQ_CTRL_FLAG_NOT_REPLY) { + talloc_free(req); + return; + } + smb2srv_logoff_send(req); +} -- cgit From 273f340376452bd072b68d0601dde3f7b43b62db Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 6 Dec 2005 17:59:20 +0000 Subject: r12102: for SMB2 we need to allocate tcons per session metze (This used to be commit 4d527ac005086c2db954578b4126ca128e436e01) --- source4/smb_server/smb2/sesssetup.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index 7915590464..288671ddd3 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -67,6 +67,11 @@ static NTSTATUS smb2srv_sesssetup_backend(struct smb2srv_request *req, struct sm /* allocate a new session */ smb_sess = smbsrv_session_new(req->smb_conn, gensec_ctx); + status = smbsrv_smb2_init_tcons(smb_sess); + if (!NT_STATUS_IS_OK(status)) { + talloc_free(smb_sess); + smb_sess = NULL; + } } else { /* lookup an existing session */ smb_sess = smbsrv_session_find_sesssetup(req->smb_conn, vuid); -- cgit From 3edfa552a28e002dda3baa7c7117bbbe8dfccae7 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 7 Dec 2005 07:14:13 +0000 Subject: r12113: in SMB2 we should only allocate a new session when the client sends UID = 0, otherwise we return NT_STATUS_USER_SESSION_DELETED metze (This used to be commit 15973be48e3da0a49130911b9d3f192338c23783) --- source4/smb_server/smb2/sesssetup.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index 288671ddd3..b263196165 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -29,7 +29,7 @@ static NTSTATUS smb2srv_sesssetup_backend(struct smb2srv_request *req, struct smb2_session_setup *io) { - NTSTATUS status = NT_STATUS_ACCESS_DENIED; + NTSTATUS status; struct smbsrv_session *smb_sess = NULL; struct auth_session_info *session_info = NULL; uint64_t vuid; @@ -40,8 +40,8 @@ static NTSTATUS smb2srv_sesssetup_backend(struct smb2srv_request *req, struct sm vuid = BVAL(req->in.hdr, SMB2_HDR_UID); - /* TODO: we're stricter than the SMB version till we have - * SMB2-CONTEXT test + /* + * only when we got '0' we should allocate a new session */ if (vuid == 0) { struct gensec_security *gensec_ctx; @@ -67,10 +67,10 @@ static NTSTATUS smb2srv_sesssetup_backend(struct smb2srv_request *req, struct sm /* allocate a new session */ smb_sess = smbsrv_session_new(req->smb_conn, gensec_ctx); + NT_STATUS_HAVE_NO_MEMORY(smb_sess); status = smbsrv_smb2_init_tcons(smb_sess); if (!NT_STATUS_IS_OK(status)) { - talloc_free(smb_sess); - smb_sess = NULL; + goto failed; } } else { /* lookup an existing session */ @@ -78,7 +78,7 @@ static NTSTATUS smb2srv_sesssetup_backend(struct smb2srv_request *req, struct sm } if (!smb_sess) { - return NT_STATUS_ACCESS_DENIED; + return NT_STATUS_USER_SESSION_DELETED; } if (!smb_sess->gensec_ctx) { -- cgit From bc141c795767cc765731c607f1fb047811da6e03 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Fri, 28 Apr 2006 01:55:17 +0000 Subject: r15304: Fix smbd build, more updates on getting --enable-dso to build again (This used to be commit 3ef9326386ba1c210166302cbcf02d2ed3f19944) --- source4/smb_server/smb2/sesssetup.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index b263196165..6d94d43155 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -24,6 +24,7 @@ #include "libcli/smb2/smb2.h" #include "libcli/smb2/smb2_calls.h" #include "smb_server/smb_server.h" +#include "smb_server/service_smb_proto.h" #include "smb_server/smb2/smb2_server.h" #include "smbd/service_stream.h" -- cgit From dc86ab3e454d7219608d01879145dec5609acaa3 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 11 May 2006 10:47:37 +0000 Subject: r15532: add a BOOL body_dynamic_present, because the body_dynamic_size can be 0 also if the dynamic flag should be set metze (This used to be commit 7829100e1ee79f4f5d24004af221288e19c09b3e) --- source4/smb_server/smb2/sesssetup.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index 6d94d43155..a5b9cf50bd 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -126,7 +126,7 @@ static void smb2srv_sesssetup_send(struct smb2srv_request *req, struct smb2_sess return; } - status = smb2srv_setup_reply(req, 0x08, io->out.secblob.length); + status = smb2srv_setup_reply(req, 0x08, True, io->out.secblob.length); if (!NT_STATUS_IS_OK(status)) { smbsrv_terminate_connection(req->smb_conn, nt_errstr(status)); talloc_free(req); @@ -199,7 +199,7 @@ static void smb2srv_logoff_send(struct smb2srv_request *req) return; } - status = smb2srv_setup_reply(req, 0x04, 0); + status = smb2srv_setup_reply(req, 0x04, False, 0); if (!NT_STATUS_IS_OK(status)) { smbsrv_terminate_connection(req->smb_conn, nt_errstr(status)); talloc_free(req); -- cgit From 681a7f21e2aa92941a9e5b5b4fd91e216a2ac54d Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sat, 20 May 2006 10:59:26 +0000 Subject: r15742: use union smb_sessetup metze (This used to be commit de7e856a464c1c986be3687a7b97527b734240ce) --- source4/smb_server/smb2/sesssetup.c | 37 +++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 18 deletions(-) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index a5b9cf50bd..31ad9a7fe4 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -28,16 +28,16 @@ #include "smb_server/smb2/smb2_server.h" #include "smbd/service_stream.h" -static NTSTATUS smb2srv_sesssetup_backend(struct smb2srv_request *req, struct smb2_session_setup *io) +static NTSTATUS smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_sesssetup *io) { NTSTATUS status; struct smbsrv_session *smb_sess = NULL; struct auth_session_info *session_info = NULL; uint64_t vuid; - io->out._pad = 0; - io->out.uid = 0; - io->out.secblob = data_blob(NULL, 0); + io->smb2.out._pad = 0; + io->smb2.out.uid = 0; + io->smb2.out.secblob = data_blob(NULL, 0); vuid = BVAL(req->in.hdr, SMB2_HDR_UID); @@ -88,9 +88,9 @@ static NTSTATUS smb2srv_sesssetup_backend(struct smb2srv_request *req, struct sm goto failed; } - status = gensec_update(smb_sess->gensec_ctx, req, io->in.secblob, &io->out.secblob); + status = gensec_update(smb_sess->gensec_ctx, req, io->smb2.in.secblob, &io->smb2.out.secblob); if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { - io->out.uid = smb_sess->vuid; + io->smb2.out.uid = smb_sess->vuid; return status; } else if (!NT_STATUS_IS_OK(status)) { goto failed; @@ -109,7 +109,7 @@ static NTSTATUS smb2srv_sesssetup_backend(struct smb2srv_request *req, struct sm } req->session = smb_sess; - io->out.uid = smb_sess->vuid; + io->smb2.out.uid = smb_sess->vuid; return status; failed: @@ -117,7 +117,7 @@ failed: return auth_nt_status_squash(status); } -static void smb2srv_sesssetup_send(struct smb2srv_request *req, struct smb2_session_setup *io) +static void smb2srv_sesssetup_send(struct smb2srv_request *req, union smb_sesssetup *io) { NTSTATUS status; @@ -126,17 +126,17 @@ static void smb2srv_sesssetup_send(struct smb2srv_request *req, struct smb2_sess return; } - status = smb2srv_setup_reply(req, 0x08, True, io->out.secblob.length); + status = smb2srv_setup_reply(req, 0x08, True, io->smb2.out.secblob.length); if (!NT_STATUS_IS_OK(status)) { smbsrv_terminate_connection(req->smb_conn, nt_errstr(status)); talloc_free(req); return; } - SBVAL(req->out.hdr, SMB2_HDR_UID, io->out.uid); + SBVAL(req->out.hdr, SMB2_HDR_UID, io->smb2.out.uid); - SSVAL(req->out.body, 0x02, io->out._pad); - status = smb2_push_o16s16_blob(&req->out, 0x04, io->out.secblob); + SSVAL(req->out.body, 0x02, io->smb2.out._pad); + status = smb2_push_o16s16_blob(&req->out, 0x04, io->smb2.out.secblob); if (!NT_STATUS_IS_OK(status)) { smbsrv_terminate_connection(req->smb_conn, nt_errstr(status)); talloc_free(req); @@ -148,7 +148,7 @@ static void smb2srv_sesssetup_send(struct smb2srv_request *req, struct smb2_sess void smb2srv_sesssetup_recv(struct smb2srv_request *req) { - struct smb2_session_setup *io; + union smb_sesssetup *io; NTSTATUS status; if (req->in.body_size < 0x10) { @@ -156,17 +156,18 @@ void smb2srv_sesssetup_recv(struct smb2srv_request *req) return; } - io = talloc(req, struct smb2_session_setup); + io = talloc(req, union smb_sesssetup); if (!io) { smbsrv_terminate_connection(req->smb_conn, nt_errstr(NT_STATUS_NO_MEMORY)); talloc_free(req); return; } - io->in._pad = SVAL(req->in.body, 0x02); - io->in.unknown2 = IVAL(req->in.body, 0x04); - io->in.unknown3 = IVAL(req->in.body, 0x08); - status = smb2_pull_o16s16_blob(&req->in, io, req->in.body+0x0C, &io->in.secblob); + io->smb2.level = RAW_SESSSETUP_SMB2; + io->smb2.in._pad = SVAL(req->in.body, 0x02); + io->smb2.in.unknown2 = IVAL(req->in.body, 0x04); + io->smb2.in.unknown3 = IVAL(req->in.body, 0x08); + status = smb2_pull_o16s16_blob(&req->in, io, req->in.body+0x0C, &io->smb2.in.secblob); if (!NT_STATUS_IS_OK(status)) { smbsrv_terminate_connection(req->smb_conn, nt_errstr(status)); talloc_free(req); -- cgit From 63d0c5a0570908cee293cca3300a4b50f48f8afd Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 30 Jun 2006 11:07:47 +0000 Subject: r16708: the packet format of SMB2 SessionSetup has changed, there're 8 more unknown bytes... Note: - vista-CTP also support this as a server, but uses the old format as client - but vista-beta2 only uses and accept the new format metze (This used to be commit b3bdd4afdefc9ad3550f86a0aa6e6c90bf8ab416) --- source4/smb_server/smb2/sesssetup.c | 47 +++++++------------------------------ 1 file changed, 8 insertions(+), 39 deletions(-) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index 31ad9a7fe4..6d472c26d4 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -126,22 +126,12 @@ static void smb2srv_sesssetup_send(struct smb2srv_request *req, union smb_sessse return; } - status = smb2srv_setup_reply(req, 0x08, True, io->smb2.out.secblob.length); - if (!NT_STATUS_IS_OK(status)) { - smbsrv_terminate_connection(req->smb_conn, nt_errstr(status)); - talloc_free(req); - return; - } + SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x08, True, io->smb2.out.secblob.length)); SBVAL(req->out.hdr, SMB2_HDR_UID, io->smb2.out.uid); SSVAL(req->out.body, 0x02, io->smb2.out._pad); - status = smb2_push_o16s16_blob(&req->out, 0x04, io->smb2.out.secblob); - if (!NT_STATUS_IS_OK(status)) { - smbsrv_terminate_connection(req->smb_conn, nt_errstr(status)); - talloc_free(req); - return; - } + SMB2SRV_CHECK(smb2_push_o16s16_blob(&req->out, 0x04, io->smb2.out.secblob)); smb2srv_send_reply(req); } @@ -151,31 +141,18 @@ void smb2srv_sesssetup_recv(struct smb2srv_request *req) union smb_sesssetup *io; NTSTATUS status; - if (req->in.body_size < 0x10) { - smb2srv_send_error(req, NT_STATUS_FOOBAR); - return; - } - io = talloc(req, union smb_sesssetup); - if (!io) { - smbsrv_terminate_connection(req->smb_conn, nt_errstr(NT_STATUS_NO_MEMORY)); - talloc_free(req); - return; - } + SMB2SRV_CHECK_BODY_SIZE(req, 0x18, True); + SMB2SRV_TALLOC_IO_PTR(io, union smb_sesssetup); io->smb2.level = RAW_SESSSETUP_SMB2; io->smb2.in._pad = SVAL(req->in.body, 0x02); io->smb2.in.unknown2 = IVAL(req->in.body, 0x04); io->smb2.in.unknown3 = IVAL(req->in.body, 0x08); - status = smb2_pull_o16s16_blob(&req->in, io, req->in.body+0x0C, &io->smb2.in.secblob); - if (!NT_STATUS_IS_OK(status)) { - smbsrv_terminate_connection(req->smb_conn, nt_errstr(status)); - talloc_free(req); - return; - } + SMB2SRV_CHECK(smb2_pull_o16s16_blob(&req->in, io, req->in.body+0x0C, &io->smb2.in.secblob)); + io->smb2.in.unknown4 = BVAL(req->in.body, 0x10); req->status = smb2srv_sesssetup_backend(req, io); - if (req->control_flags & SMB2SRV_REQ_CTRL_FLAG_NOT_REPLY) { talloc_free(req); return; @@ -200,12 +177,7 @@ static void smb2srv_logoff_send(struct smb2srv_request *req) return; } - status = smb2srv_setup_reply(req, 0x04, False, 0); - if (!NT_STATUS_IS_OK(status)) { - smbsrv_terminate_connection(req->smb_conn, nt_errstr(status)); - talloc_free(req); - return; - } + SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x04, False, 0)); SSVAL(req->out.body, 0x02, 0); @@ -216,10 +188,7 @@ void smb2srv_logoff_recv(struct smb2srv_request *req) { uint16_t _pad; - if (req->in.body_size < 0x04) { - smb2srv_send_error(req, NT_STATUS_FOOBAR); - return; - } + SMB2SRV_CHECK_BODY_SIZE(req, 0x04, False); _pad = SVAL(req->in.body, 0x02); -- cgit From 6acd9aed93b09b74e53a3b854085c6c8fab41819 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sat, 1 Jul 2006 14:14:11 +0000 Subject: r16734: the 2 bytes after the opcode and before the flags, is no padding... the following patch is needed for vista beta2 to connect to samba4 metze (This used to be commit 58baae8fc463cd2c4e4ce532c153ad80313b03eb) --- source4/smb_server/smb2/sesssetup.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index 6d472c26d4..e1c326bb9d 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -119,16 +119,21 @@ failed: static void smb2srv_sesssetup_send(struct smb2srv_request *req, union smb_sesssetup *io) { - NTSTATUS status; + uint16_t unknown1; - if (NT_STATUS_IS_ERR(req->status) && !NT_STATUS_EQUAL(req->status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + if (NT_STATUS_IS_OK(req->status)) { + unknown1 = 0x0003; + } else if (NT_STATUS_EQUAL(req->status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + unknown1 = 0x0002; + } else { smb2srv_send_error(req, req->status); return; } SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x08, True, io->smb2.out.secblob.length)); - SBVAL(req->out.hdr, SMB2_HDR_UID, io->smb2.out.uid); + SSVAL(req->out.hdr, SMB2_HDR_UNKNOWN1, unknown1); + SBVAL(req->out.hdr, SMB2_HDR_UID, io->smb2.out.uid); SSVAL(req->out.body, 0x02, io->smb2.out._pad); SMB2SRV_CHECK(smb2_push_o16s16_blob(&req->out, 0x04, io->smb2.out.secblob)); @@ -139,8 +144,6 @@ static void smb2srv_sesssetup_send(struct smb2srv_request *req, union smb_sessse void smb2srv_sesssetup_recv(struct smb2srv_request *req) { union smb_sesssetup *io; - NTSTATUS status; - SMB2SRV_CHECK_BODY_SIZE(req, 0x18, True); SMB2SRV_TALLOC_IO_PTR(io, union smb_sesssetup); @@ -170,8 +173,6 @@ static NTSTATUS smb2srv_logoff_backend(struct smb2srv_request *req) static void smb2srv_logoff_send(struct smb2srv_request *req) { - NTSTATUS status; - if (NT_STATUS_IS_ERR(req->status)) { smb2srv_send_error(req, req->status); return; -- cgit From 28b8ec0156e99d7bddc2aa243f6631a66c94a078 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 27 Jul 2006 10:03:54 +0000 Subject: r17268: change the smb2 session setup to use the new gensec_update_send/recv() api metze (This used to be commit 14ecc563431335c99df33f4a454b3b02380ae165) --- source4/smb_server/smb2/sesssetup.c | 152 +++++++++++++++++++++--------------- 1 file changed, 91 insertions(+), 61 deletions(-) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index e1c326bb9d..a2d8713054 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -28,11 +28,78 @@ #include "smb_server/smb2/smb2_server.h" #include "smbd/service_stream.h" -static NTSTATUS smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_sesssetup *io) +static void smb2srv_sesssetup_send(struct smb2srv_request *req, union smb_sesssetup *io) +{ + uint16_t unknown1; + + if (NT_STATUS_IS_OK(req->status)) { + unknown1 = 0x0003; + } else if (NT_STATUS_EQUAL(req->status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + unknown1 = 0x0002; + } else { + smb2srv_send_error(req, req->status); + return; + } + + SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x08, True, io->smb2.out.secblob.length)); + + SSVAL(req->out.hdr, SMB2_HDR_UNKNOWN1, unknown1); + SBVAL(req->out.hdr, SMB2_HDR_UID, io->smb2.out.uid); + + SSVAL(req->out.body, 0x02, io->smb2.out._pad); + SMB2SRV_CHECK(smb2_push_o16s16_blob(&req->out, 0x04, io->smb2.out.secblob)); + + smb2srv_send_reply(req); +} + +struct smb2srv_sesssetup_callback_ctx { + struct smb2srv_request *req; + union smb_sesssetup *io; + struct smbsrv_session *smb_sess; +}; + +static void smb2srv_sesssetup_callback(struct gensec_update_request *greq, void *private_data) +{ + struct smb2srv_sesssetup_callback_ctx *ctx = talloc_get_type(private_data, + struct smb2srv_sesssetup_callback_ctx); + struct smb2srv_request *req = ctx->req; + union smb_sesssetup *io = ctx->io; + struct smbsrv_session *smb_sess = ctx->smb_sess;; + struct auth_session_info *session_info = NULL; + NTSTATUS status; + + status = gensec_update_recv(greq, req, &io->smb2.out.secblob); + if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + goto done; + } else if (!NT_STATUS_IS_OK(status)) { + goto failed; + } + + status = gensec_session_info(smb_sess->gensec_ctx, &session_info); + if (!NT_STATUS_IS_OK(status)) { + goto failed; + } + + /* Ensure this is marked as a 'real' vuid, not one + * simply valid for the session setup leg */ + status = smbsrv_session_sesssetup_finished(smb_sess, session_info); + if (!NT_STATUS_IS_OK(status)) { + goto failed; + } + req->session = smb_sess; + +done: + io->smb2.out.uid = smb_sess->vuid; +failed: + req->status = auth_nt_status_squash(status); + smb2srv_sesssetup_send(req, io); +} + +static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_sesssetup *io) { NTSTATUS status; + struct smb2srv_sesssetup_callback_ctx *callback_ctx; struct smbsrv_session *smb_sess = NULL; - struct auth_session_info *session_info = NULL; uint64_t vuid; io->smb2.out._pad = 0; @@ -51,7 +118,7 @@ static NTSTATUS smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb req->smb_conn->connection->event.ctx); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("Failed to start GENSEC server code: %s\n", nt_errstr(status))); - return status; + goto failed; } gensec_set_credentials(gensec_ctx, req->smb_conn->negotiate.server_credentials); @@ -63,12 +130,15 @@ static NTSTATUS smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb status = gensec_start_mech_by_oid(gensec_ctx, GENSEC_OID_SPNEGO); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("Failed to start GENSEC SPNEGO server code: %s\n", nt_errstr(status))); - return status; + goto failed; } /* allocate a new session */ smb_sess = smbsrv_session_new(req->smb_conn, gensec_ctx); - NT_STATUS_HAVE_NO_MEMORY(smb_sess); + if (!smb_sess) { + status = NT_STATUS_INSUFFICIENT_RESOURCES; + goto failed; + } status = smbsrv_smb2_init_tcons(smb_sess); if (!NT_STATUS_IS_OK(status)) { goto failed; @@ -79,7 +149,8 @@ static NTSTATUS smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb } if (!smb_sess) { - return NT_STATUS_USER_SESSION_DELETED; + status = NT_STATUS_USER_SESSION_DELETED; + goto failed; } if (!smb_sess->gensec_ctx) { @@ -88,57 +159,21 @@ static NTSTATUS smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb goto failed; } - status = gensec_update(smb_sess->gensec_ctx, req, io->smb2.in.secblob, &io->smb2.out.secblob); - if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { - io->smb2.out.uid = smb_sess->vuid; - return status; - } else if (!NT_STATUS_IS_OK(status)) { - goto failed; - } - - status = gensec_session_info(smb_sess->gensec_ctx, &session_info); - if (!NT_STATUS_IS_OK(status)) { - goto failed; - } - - /* Ensure this is marked as a 'real' vuid, not one - * simply valid for the session setup leg */ - status = smbsrv_session_sesssetup_finished(smb_sess, session_info); - if (!NT_STATUS_IS_OK(status)) { - goto failed; - } - req->session = smb_sess; - - io->smb2.out.uid = smb_sess->vuid; - return status; - + callback_ctx = talloc(req, struct smb2srv_sesssetup_callback_ctx); + if (!callback_ctx) goto nomem; + callback_ctx->req = req; + callback_ctx->io = io; + callback_ctx->smb_sess = smb_sess; + + gensec_update_send(smb_sess->gensec_ctx, io->smb2.in.secblob, + smb2srv_sesssetup_callback, callback_ctx); + return; +nomem: + status = NT_STATUS_NO_MEMORY; failed: talloc_free(smb_sess); - return auth_nt_status_squash(status); -} - -static void smb2srv_sesssetup_send(struct smb2srv_request *req, union smb_sesssetup *io) -{ - uint16_t unknown1; - - if (NT_STATUS_IS_OK(req->status)) { - unknown1 = 0x0003; - } else if (NT_STATUS_EQUAL(req->status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { - unknown1 = 0x0002; - } else { - smb2srv_send_error(req, req->status); - return; - } - - SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x08, True, io->smb2.out.secblob.length)); - - SSVAL(req->out.hdr, SMB2_HDR_UNKNOWN1, unknown1); - SBVAL(req->out.hdr, SMB2_HDR_UID, io->smb2.out.uid); - - SSVAL(req->out.body, 0x02, io->smb2.out._pad); - SMB2SRV_CHECK(smb2_push_o16s16_blob(&req->out, 0x04, io->smb2.out.secblob)); - - smb2srv_send_reply(req); + req->status = auth_nt_status_squash(status); + smb2srv_sesssetup_send(req, io); } void smb2srv_sesssetup_recv(struct smb2srv_request *req) @@ -155,12 +190,7 @@ void smb2srv_sesssetup_recv(struct smb2srv_request *req) SMB2SRV_CHECK(smb2_pull_o16s16_blob(&req->in, io, req->in.body+0x0C, &io->smb2.in.secblob)); io->smb2.in.unknown4 = BVAL(req->in.body, 0x10); - req->status = smb2srv_sesssetup_backend(req, io); - if (req->control_flags & SMB2SRV_REQ_CTRL_FLAG_NOT_REPLY) { - talloc_free(req); - return; - } - smb2srv_sesssetup_send(req, io); + smb2srv_sesssetup_backend(req, io); } static NTSTATUS smb2srv_logoff_backend(struct smb2srv_request *req) -- cgit From 34bf6f60af7fcb6349d4e98466cfd6f19a4e22ee Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 28 Jul 2006 23:35:11 +0000 Subject: r17297: Some compilers don't seem to like the ;; Andrew Bartlett (This used to be commit f814fae4002241f73a3a411ade96e5c58f973055) --- source4/smb_server/smb2/sesssetup.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index a2d8713054..44425b9070 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -64,7 +64,7 @@ static void smb2srv_sesssetup_callback(struct gensec_update_request *greq, void struct smb2srv_sesssetup_callback_ctx); struct smb2srv_request *req = ctx->req; union smb_sesssetup *io = ctx->io; - struct smbsrv_session *smb_sess = ctx->smb_sess;; + struct smbsrv_session *smb_sess = ctx->smb_sess; struct auth_session_info *session_info = NULL; NTSTATUS status; -- cgit From 7a845bcb0141a895d5685afcef1ffe7f93428d0f Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 31 Jul 2006 14:05:08 +0000 Subject: r17341: pass a messaging context to auth_context_create() and gensec_server_start(). calling them with NULL for event context or messaging context is no longer allowed! metze (This used to be commit 679ac74e71b111344f1097ab389c0b83a9247710) --- source4/smb_server/smb2/sesssetup.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index 44425b9070..2615eed683 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -114,8 +114,10 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses if (vuid == 0) { struct gensec_security *gensec_ctx; - status = gensec_server_start(req, &gensec_ctx, - req->smb_conn->connection->event.ctx); + status = gensec_server_start(req, + req->smb_conn->connection->event.ctx, + req->smb_conn->connection->msg_ctx, + &gensec_ctx); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("Failed to start GENSEC server code: %s\n", nt_errstr(status))); goto failed; -- cgit From 13dbee3ffea6065a826f010e50c9b4eb2c6ad109 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 7 Nov 2006 00:48:36 +0000 Subject: r19598: Ahead of a merge to current lorikeet-heimdal: Break up auth/auth.h not to include the world. Add credentials_krb5.h with the kerberos dependent prototypes. Andrew Bartlett (This used to be commit 2b569c42e0fbb596ea82484d0e1cb22e193037b9) --- source4/smb_server/smb2/sesssetup.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index 2615eed683..c99b443a35 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -20,6 +20,8 @@ */ #include "includes.h" +#include "auth/credentials/credentials.h" +#include "auth/gensec/gensec.h" #include "auth/auth.h" #include "libcli/smb2/smb2.h" #include "libcli/smb2/smb2_calls.h" -- cgit From d3e28ccd4824adce2feed9fe53cf2d4d393d607a Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 20 May 2007 09:44:03 +0000 Subject: r23020: a better fix for the memory leak - this one doesn't stuff up spnego :) (This used to be commit 9a8da730a725fc9fc1a3e407273e688f44eadfe1) --- source4/smb_server/smb2/sesssetup.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index c99b443a35..3439f2f068 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -95,6 +95,10 @@ done: failed: req->status = auth_nt_status_squash(status); smb2srv_sesssetup_send(req, io); + if (!NT_STATUS_IS_OK(status) && ! + NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + talloc_free(smb_sess); + } } static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_sesssetup *io) @@ -138,7 +142,7 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses } /* allocate a new session */ - smb_sess = smbsrv_session_new(req->smb_conn, gensec_ctx); + smb_sess = smbsrv_session_new(req->smb_conn, req->smb_conn, gensec_ctx); if (!smb_sess) { status = NT_STATUS_INSUFFICIENT_RESOURCES; goto failed; -- cgit From 0479a2f1cbae51fcd8dbdc3c148c808421fb4d25 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 10 Jul 2007 02:07:03 +0000 Subject: r23792: convert Samba4 to GPLv3 There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa) --- source4/smb_server/smb2/sesssetup.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index 3439f2f068..76f89d43d2 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -6,7 +6,7 @@ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or + the Free Software Foundation; either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, @@ -15,8 +15,7 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + along with this program. If not, see . */ #include "includes.h" -- cgit From 0c56f8dac31c51a42dedf2a1da9fd76896855b19 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sat, 6 Oct 2007 22:10:49 +0000 Subject: r25551: Convert to standard bool type. (This used to be commit c9651e2c5c078edee7b91085e936a93625c8d708) --- source4/smb_server/smb2/sesssetup.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index 76f89d43d2..7d72193e6e 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -42,7 +42,7 @@ static void smb2srv_sesssetup_send(struct smb2srv_request *req, union smb_sessse return; } - SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x08, True, io->smb2.out.secblob.length)); + SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x08, true, io->smb2.out.secblob.length)); SSVAL(req->out.hdr, SMB2_HDR_UNKNOWN1, unknown1); SBVAL(req->out.hdr, SMB2_HDR_UID, io->smb2.out.uid); @@ -187,7 +187,7 @@ void smb2srv_sesssetup_recv(struct smb2srv_request *req) { union smb_sesssetup *io; - SMB2SRV_CHECK_BODY_SIZE(req, 0x18, True); + SMB2SRV_CHECK_BODY_SIZE(req, 0x18, true); SMB2SRV_TALLOC_IO_PTR(io, union smb_sesssetup); io->smb2.level = RAW_SESSSETUP_SMB2; @@ -215,7 +215,7 @@ static void smb2srv_logoff_send(struct smb2srv_request *req) return; } - SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x04, False, 0)); + SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x04, false, 0)); SSVAL(req->out.body, 0x02, 0); @@ -226,7 +226,7 @@ void smb2srv_logoff_recv(struct smb2srv_request *req) { uint16_t _pad; - SMB2SRV_CHECK_BODY_SIZE(req, 0x04, False); + SMB2SRV_CHECK_BODY_SIZE(req, 0x04, false); _pad = SVAL(req->in.body, 0x02); -- cgit From ecea5ce24553989103d4a06296b24f4d29f30a36 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Mon, 3 Dec 2007 17:41:50 +0100 Subject: r26260: Store loadparm context in gensec context. (This used to be commit b9e3a4862e267be39d603fed8207a237c3d72081) --- source4/smb_server/smb2/sesssetup.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index 7d72193e6e..5c8d0144be 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -28,6 +28,7 @@ #include "smb_server/service_smb_proto.h" #include "smb_server/smb2/smb2_server.h" #include "smbd/service_stream.h" +#include "param/param.h" static void smb2srv_sesssetup_send(struct smb2srv_request *req, union smb_sesssetup *io) { @@ -121,6 +122,7 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses status = gensec_server_start(req, req->smb_conn->connection->event.ctx, + global_loadparm, req->smb_conn->connection->msg_ctx, &gensec_ctx); if (!NT_STATUS_IS_OK(status)) { -- cgit From b83a7a135f3247f553cb04173646b2d871b97235 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Mon, 3 Dec 2007 21:25:17 +0100 Subject: r26268: Avoid more use of global_loadparm - put lp_ctx in smb_server and wbsrv_connection. (This used to be commit 7c008664238ed966cb82adf5b25b22157bb50730) --- source4/smb_server/smb2/sesssetup.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index 5c8d0144be..636f5f0e27 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -122,7 +122,7 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses status = gensec_server_start(req, req->smb_conn->connection->event.ctx, - global_loadparm, + req->smb_conn->lp_ctx, req->smb_conn->connection->msg_ctx, &gensec_ctx); if (!NT_STATUS_IS_OK(status)) { -- cgit From 416360895f36d41ce8d29c25ef08e2b8b4e38571 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 12 Feb 2008 16:43:38 +1100 Subject: converted SMB2 session setup to use WSPP protocol field names (This used to be commit 3c2af0fdc4916dce32c2690e49dde0852d1a0c50) --- source4/smb_server/smb2/sesssetup.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index 636f5f0e27..b4c78a2ebd 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -48,7 +48,7 @@ static void smb2srv_sesssetup_send(struct smb2srv_request *req, union smb_sessse SSVAL(req->out.hdr, SMB2_HDR_UNKNOWN1, unknown1); SBVAL(req->out.hdr, SMB2_HDR_UID, io->smb2.out.uid); - SSVAL(req->out.body, 0x02, io->smb2.out._pad); + SSVAL(req->out.body, 0x02, io->smb2.out.session_flags); SMB2SRV_CHECK(smb2_push_o16s16_blob(&req->out, 0x04, io->smb2.out.secblob)); smb2srv_send_reply(req); @@ -108,7 +108,7 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses struct smbsrv_session *smb_sess = NULL; uint64_t vuid; - io->smb2.out._pad = 0; + io->smb2.out.session_flags = 0; io->smb2.out.uid = 0; io->smb2.out.secblob = data_blob(NULL, 0); @@ -192,12 +192,13 @@ void smb2srv_sesssetup_recv(struct smb2srv_request *req) SMB2SRV_CHECK_BODY_SIZE(req, 0x18, true); SMB2SRV_TALLOC_IO_PTR(io, union smb_sesssetup); - io->smb2.level = RAW_SESSSETUP_SMB2; - io->smb2.in._pad = SVAL(req->in.body, 0x02); - io->smb2.in.unknown2 = IVAL(req->in.body, 0x04); - io->smb2.in.unknown3 = IVAL(req->in.body, 0x08); + io->smb2.level = RAW_SESSSETUP_SMB2; + io->smb2.in.vc_number = CVAL(req->in.body, 0x02); + io->smb2.in.security_mode = CVAL(req->in.body, 0x03); + io->smb2.in.capabilities = IVAL(req->in.body, 0x04); + io->smb2.in.channel = IVAL(req->in.body, 0x08); + io->smb2.in.previous_sessionid = BVAL(req->in.body, 0x10); SMB2SRV_CHECK(smb2_pull_o16s16_blob(&req->in, io, req->in.body+0x0C, &io->smb2.in.secblob)); - io->smb2.in.unknown4 = BVAL(req->in.body, 0x10); smb2srv_sesssetup_backend(req, io); } -- cgit From a2505c5a2cc2b7b692ffbcdd8c6b86000a15d2c7 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 12 Feb 2008 17:00:35 +1100 Subject: updated SMB2 header defines to match WSPP docs (This used to be commit d2c6ad55eca27f50a38fc6e2a85032eddb3f0aae) --- source4/smb_server/smb2/sesssetup.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index b4c78a2ebd..1aaacf897c 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -32,12 +32,12 @@ static void smb2srv_sesssetup_send(struct smb2srv_request *req, union smb_sesssetup *io) { - uint16_t unknown1; + uint16_t credit; if (NT_STATUS_IS_OK(req->status)) { - unknown1 = 0x0003; + credit = 0x0003; } else if (NT_STATUS_EQUAL(req->status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { - unknown1 = 0x0002; + credit = 0x0002; } else { smb2srv_send_error(req, req->status); return; @@ -45,8 +45,8 @@ static void smb2srv_sesssetup_send(struct smb2srv_request *req, union smb_sessse SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x08, true, io->smb2.out.secblob.length)); - SSVAL(req->out.hdr, SMB2_HDR_UNKNOWN1, unknown1); - SBVAL(req->out.hdr, SMB2_HDR_UID, io->smb2.out.uid); + SSVAL(req->out.hdr, SMB2_HDR_CREDIT, credit); + SBVAL(req->out.hdr, SMB2_HDR_SESSION_ID, io->smb2.out.uid); SSVAL(req->out.body, 0x02, io->smb2.out.session_flags); SMB2SRV_CHECK(smb2_push_o16s16_blob(&req->out, 0x04, io->smb2.out.secblob)); @@ -112,7 +112,7 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses io->smb2.out.uid = 0; io->smb2.out.secblob = data_blob(NULL, 0); - vuid = BVAL(req->in.hdr, SMB2_HDR_UID); + vuid = BVAL(req->in.hdr, SMB2_HDR_SESSION_ID); /* * only when we got '0' we should allocate a new session -- cgit From de4c962638835274bd68680b2d338c074d8fab88 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 29 May 2008 19:32:04 +1000 Subject: fix from WSPP SMB2 test 11 (This used to be commit 81612b7854725837e8487bf97b87bff6548b6ad3) --- source4/smb_server/smb2/sesssetup.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index 1aaacf897c..d386bfc72d 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -158,7 +158,8 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses } if (!smb_sess) { - status = NT_STATUS_USER_SESSION_DELETED; + /* see WSPP test suite - test 11 */ + status = NT_STATUS_REQUEST_NOT_ACCEPTED; goto failed; } -- cgit From e97cf207fac5e4101376d2a10dd95a93a9a1e0fb Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 6 Jun 2008 22:10:30 -0700 Subject: added server side SMB2 signing (This used to be commit 8e919dcb0826a5b25d037ee6144af5f7cb21f3ae) --- source4/smb_server/smb2/sesssetup.c | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index d386bfc72d..482dd181c2 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -177,6 +177,15 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses gensec_update_send(smb_sess->gensec_ctx, io->smb2.in.secblob, smb2srv_sesssetup_callback, callback_ctx); + + /* note that we ignore SMB2_NEGOTIATE_SIGNING_ENABLED from the client. + This is deliberate as windows does not set it even when it does + set SMB2_NEGOTIATE_SIGNING_REQUIRED */ + if ((io->smb2.in.security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) || + lp_server_signing(req->smb_conn->lp_ctx) == SMB_SIGNING_REQUIRED) { + req->smb_conn->doing_signing = true; + } + return; nomem: status = NT_STATUS_NO_MEMORY; -- cgit From e4ad580b99c5b372353c285569204ab94c177748 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 7 Jun 2008 08:14:25 -0700 Subject: fixed mandatory signing Metze pointed out that if signing is mandatory in the server then we need to reject packets without the signed flag if the packet contains a session id. (This used to be commit 056f16e664e581bab1c07759e99ad4f6685c58eb) --- source4/smb_server/smb2/sesssetup.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index 482dd181c2..9fb3220005 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -181,8 +181,7 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses /* note that we ignore SMB2_NEGOTIATE_SIGNING_ENABLED from the client. This is deliberate as windows does not set it even when it does set SMB2_NEGOTIATE_SIGNING_REQUIRED */ - if ((io->smb2.in.security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) || - lp_server_signing(req->smb_conn->lp_ctx) == SMB_SIGNING_REQUIRED) { + if (io->smb2.in.security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) { req->smb_conn->doing_signing = true; } -- cgit From 8623e2cc4ca3b7fefcdc943c1da8a89b805f5d29 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 9 Jun 2008 21:45:19 +0200 Subject: smb2srv: correctly hold the signing state per session metze (This used to be commit 5b3ba3f3556e8031133128853cd2324ee3852aa1) --- source4/smb_server/smb2/sesssetup.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index 9fb3220005..6e3e963794 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -90,6 +90,10 @@ static void smb2srv_sesssetup_callback(struct gensec_update_request *greq, void } req->session = smb_sess; + if (smb_sess->smb2_signing.required) { + /* activate smb2 signing on the session */ + smb_sess->smb2_signing.active = true; + } done: io->smb2.out.uid = smb_sess->vuid; failed: @@ -182,7 +186,15 @@ static void smb2srv_sesssetup_backend(struct smb2srv_request *req, union smb_ses This is deliberate as windows does not set it even when it does set SMB2_NEGOTIATE_SIGNING_REQUIRED */ if (io->smb2.in.security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) { - req->smb_conn->doing_signing = true; + smb_sess->smb2_signing.required = true; + } else if (req->smb_conn->smb2_signing_required) { + /* + * if required signing was negotiates in SMB2 Negotiate + * then the client made an error not using it here + */ + DEBUG(1, ("SMB2 signing required on the connection but not used on session\n")); + req->status = NT_STATUS_FOOBAR; + goto failed; } return; -- cgit From 0251096a89d9740f6bf2dfcf41594957424f887d Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 9 Jun 2008 21:57:05 +0200 Subject: smb2srv: sign SMB2 Logoff replies metze (This used to be commit 2844e361730a6bc640ea89d0e10059deca1ca867) --- source4/smb_server/smb2/sesssetup.c | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) (limited to 'source4/smb_server/smb2/sesssetup.c') diff --git a/source4/smb_server/smb2/sesssetup.c b/source4/smb_server/smb2/sesssetup.c index 6e3e963794..9f8765d6e9 100644 --- a/source4/smb_server/smb2/sesssetup.c +++ b/source4/smb_server/smb2/sesssetup.c @@ -224,11 +224,25 @@ void smb2srv_sesssetup_recv(struct smb2srv_request *req) smb2srv_sesssetup_backend(req, io); } -static NTSTATUS smb2srv_logoff_backend(struct smb2srv_request *req) +static int smb2srv_cleanup_session_destructor(struct smbsrv_session **session) { /* TODO: call ntvfs backends to close file of this session */ - talloc_free(req->session); - req->session = NULL; + DEBUG(0,("free session[%p]\n", *session)); + talloc_free(*session); + return 0; +} + +static NTSTATUS smb2srv_logoff_backend(struct smb2srv_request *req) +{ + struct smbsrv_session **session_ptr; + + /* we need to destroy the session after sending the reply */ + session_ptr = talloc(req, struct smbsrv_session *); + NT_STATUS_HAVE_NO_MEMORY(session_ptr); + + *session_ptr = req->session; + talloc_set_destructor(session_ptr, smb2srv_cleanup_session_destructor); + return NT_STATUS_OK; } -- cgit