smb2_negotiate.c revision a90cf9f29973990687fa61de9f1f6ea22e924e40
/*
* This file and its contents are supplied under the terms of the
* Common Development and Distribution License ("CDDL"), version 1.0.
* You may only use this file in accordance with the terms of version
* 1.0 of the CDDL.
*
* A full copy of the text of the CDDL should have accompanied this
* source. A copy of the CDDL is also available via the Internet at
*/
/*
* Copyright 2015 Nexenta Systems, Inc. All rights reserved.
*/
/*
* Dispatch function for SMB2_NEGOTIATE
*/
#include <smbsrv/smb2_kproto.h>
/*
* These are not intended as customer tunables, but dev. & test folks
* might want to adjust them (with caution).
*
* smb2_tcp_bufsize is the TCP buffer size, applied to the network socket
* with setsockopt SO_SNDBUF, SO_RCVBUF. These set the TCP window size.
* allocations. Note that with compounding SMB2 messages may contain
* at least a few SMB2 requests, and at least 2X smb2_max_rwsize.
*
* smb2_max_rwsize is what we put in the SMB2 negotiate response to tell
* the client the largest read and write request size we'll support.
* One megabyte is a compromise between efficiency on fast networks
* and memory consumption (for the buffers) on the server side.
*
* smb2_max_trans is the largest "transact" send or receive, which is
*/
/*
* List of all SMB2 versions we implement. Note that the
* highest version we support may be limited by the
* _cfg.skc_max_protocol setting.
*/
static uint16_t smb2_versions[] = {
0x202, /* SMB 2.002 */
0x210, /* SMB 2.1 */
};
static uint16_t smb2_nversions =
sizeof (smb2_versions) / sizeof (smb2_versions[0]);
static boolean_t
{
int i;
return (B_FALSE);
for (i = 0; i < smb2_nversions; i++)
if (version == smb2_versions[i])
return (B_TRUE);
return (B_FALSE);
}
/*
* Helper for the (SMB1) smb_com_negotiate(). This is the
* very unusual protocol interaction where an SMB1 negotiate
* gets an SMB2 negotiate response. This is the normal way
* clients first find out if the server supports SMB2.
*
* Note: This sends an SMB2 reply _itself_ and then returns
* SDRC_NO_REPLY so the caller will not send an SMB1 reply.
* Also, this is called directly from the reader thread, so
* we know this is the only thread using this session.
*
* The caller frees this request.
*/
{
int rc;
/*
* Note: In the SMB1 negotiate command handler, we
* agreed with one of the SMB2 dialects. If that
* dialect was "SMB 2.002", we'll respond here with
* version 0x202 and negotiation is done. If that
* dialect was "SMB 2.???", we'll respond here with
* the "wildcard" version 0x2FF, and the client will
* come back with an SMB2 negotiate.
*/
switch (negprot->ni_dialect) {
case DIALECT_SMB2002: /* SMB 2.002 (a.k.a. SMB2.0) */
smb2_version = 0x202;
s->dialect = smb2_version;
/* Allow normal SMB2 requests now. */
s->newrq_func = smb2sr_newrq;
/*
* Translate SMB1 sec. mode to SMB2.
*/
secmode2 = 0;
if (s->secmode & NEGOTIATE_SECURITY_SIGNATURES_ENABLED)
break;
case DIALECT_SMB2XXX: /* SMB 2.??? (wildcard vers) */
/*
* Expecting an SMB2 negotiate next, so keep the
* initial s->newrq_func. Note that secmode is
* fiction good enough to pass the signing check
* in smb2_negotiate_common(). We'll check the
* real secmode when the 2nd negotiate comes.
*/
smb2_version = 0x2FF;
break;
default:
return (SDRC_DROP_VC);
}
/*
* We did not decode an SMB2 header, so make sure
* the SMB2 header fields are initialized.
* (Most are zero from smb_request_alloc.)
* Also, the SMB1 common dispatch code reserved space
* for an SMB1 header, which we need to undo here.
*/
if (rc != 0)
return (SDRC_DROP_VC);
return (SDRC_NO_REPLY);
}
/*
* SMB2 Negotiate gets special handling. This is called directly by
* the reader thread (see smbsr_newrq_initial) with what _should_ be
* an SMB2 Negotiate. Only the "\feSMB" header has been checked
* when this is called, so this needs to check the SMB command,
* if it's Negotiate execute it, then send the reply, etc.
*
* Since this is called directly from the reader thread, we
* know this is the only thread currently using this session.
* This has to duplicate some of what smb2sr_work does as a
* result of bypassing the normal dispatch mechanism.
*
* The caller always frees this request.
*/
int
{
int i, rc;
if (rc != 0)
return (rc);
(sr->smb2_next_command != 0))
return (SDRC_DROP_VC);
/*
* Decode SMB2 Negotiate (fixed-size part)
*/
&struct_size, /* w */
&version_cnt, /* w */
&s->secmode, /* w */
/* reserved (..) */
&s->capabilities); /* l */
/* clnt_uuid 16. */
/* start_time 8. */
if (rc != 0)
return (rc);
return (SDRC_DROP_VC);
/*
* Decode SMB2 Negotiate (variable part)
*/
if (rc != 0)
return (SDRC_DROP_VC);
/*
* The client offers an array of protocol versions it
* supports, which we have decoded into cl_versions[].
* We walk the array and pick the highest supported.
*/
best_version = 0;
for (i = 0; i < version_cnt; i++)
if (smb2_supported_version(s, cl_versions[i]) &&
best_version < cl_versions[i])
best_version = cl_versions[i];
if (best_version == 0)
return (SDRC_DROP_VC);
s->dialect = best_version;
/* Allow normal SMB2 requests now. */
s->newrq_func = smb2sr_newrq;
if (rc != 0)
return (SDRC_DROP_VC);
return (0);
}
/*
* Common parts of SMB2 Negotiate, used for both the
* SMB1-to-SMB2 style, and straight SMB2 style.
* Do negotiation decisions, encode, send the reply.
*/
static int
{
int rc;
sr->smb2_status = 0;
/*
* Negotiation itself. First the Security Mode.
* The caller stashed the client's secmode in s->secmode,
* which we validate, and then replace with the server's
* secmode, which is all we care about after this.
*/
/* Make sure client at least enables signing. */
}
}
/*
* "The number of credits held by the client MUST be considered
* as 1 when the connection is established." [MS-SMB2]
* We leave credits at 1 until the first successful
* session setup is completed.
*/
/*
* SMB2 negotiate reply
*/
if (sr->smb2_status != 0) {
return (-1); /* will drop */
}
"wwww#cllllTTwwl#c",
65, /* StructSize */ /* w */
s->secmode, /* w */
version, /* w */
0, /* reserved */ /* w */
UUID_LEN, /* # */
smb2srv_capabilities, /* l */
smb2_max_trans, /* l */
smb2_max_rwsize, /* l */
smb2_max_rwsize, /* l */
&now_tv, /* T */
&boot_tv, /* T */
128, /* SecBufOff */ /* w */
0, /* reserved */ /* l */
SO_SNDBUF, (const void *)&smb2_tcp_bufsize,
sizeof (smb2_tcp_bufsize), CRED());
SO_RCVBUF, (const void *)&smb2_tcp_bufsize,
sizeof (smb2_tcp_bufsize), CRED());
return (rc);
}
/*
* SMB2 Dispatch table handler, which will run if we see an
* SMB2_NEGOTIATE after the initial negotiation is done.
* That would be a protocol error.
*/
{
return (SDRC_ERROR);
}
/*
* VALIDATE_NEGOTIATE_INFO [MS-SMB2] 2.2.32.6
*/
{
int rc;
/*
* The spec. says to parse the VALIDATE_NEGOTIATE_INFO here
* and verify that the original negotiate was not modified.
* The only tampering we need worry about is secmode, and
* we're not taking that from the client, so don't bother.
*
* One interesting requirement here is that we MUST reply
* with exactly the same information as we returned in our
* original reply to the SMB2 negotiate on this session.
* If we don't the client closes the connection.
*/
smb2srv_capabilities, /* l */
UUID_LEN, /* # */
s->secmode, /* w */
s->dialect); /* w */
if (rc)
return (NT_STATUS_INTERNAL_ERROR);
return (0);
}