smb_session_setup_andx.c revision 9fb67ea305c66b6a297583b9b0db6796b0dfe497
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * CDDL HEADER START
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * The contents of this file are subject to the terms of the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Common Development and Distribution License (the "License").
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * You may not use this file except in compliance with the License.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * See the License for the specific language governing permissions
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * and limitations under the License.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * When distributing Covered Code, include this CDDL HEADER in each
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * If applicable, add the following below this CDDL HEADER, with the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * fields enclosed by brackets "[]" replaced with your own identifying
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * information: Portions Copyright [yyyy] [name of copyright owner]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * CDDL HEADER END
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Use is subject to license terms.
7f667e74610492ddbce8ce60f52ece95d2401949jose borregostatic int smb_authenticate(smb_request_t *, smb_sessionsetup_info_t *,
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb DTRACE_SMB_1(op__SessionSetupX__start, smb_request_t *, sr);
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb DTRACE_SMB_1(op__SessionSetupX__done, smb_request_t *, sr);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_sessionsetup_info_t sinfo;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_session_key_t *session_key = NULL;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States char ipaddr_buf[INET6_ADDRSTRLEN];
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States int native_lm;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States int auth_res;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States int rc;
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego bzero(&sinfo, sizeof (smb_sessionsetup_info_t));
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw rc = smbsr_decode_vwv(sr, "b.wwwwlww4.l", &sr->andx_com,
7b59d02d2a384be9a08087b14defadd214b3c1ddjb if (rc != 0)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States sinfo.ssi_cipwd = smb_srm_zalloc(sr, sinfo.ssi_cipwlen + 1);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States sinfo.ssi_cspwd = smb_srm_zalloc(sr, sinfo.ssi_cspwlen + 1);
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * The padding between the Native OS and Native LM is a
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * bit strange. On NT4.0, there is a 2 byte pad between
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * the OS (Windows NT 1381) and LM (Windows NT 4.0).
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * On Windows 2000, there is no padding between the OS
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * (Windows 2000 2195) and LM (Windows 2000 5.0).
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * If the padding is removed from this decode string
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * the NT4.0 LM comes out as an empty string.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * So if the client's native OS is Win NT we consider
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * the padding otherwise we don't.
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (rc != 0)
fc724630b14603e4c1147df68b7bf45f7de7431fAlan Wright * If the Native Lanman cannot be determined,
fc724630b14603e4c1147df68b7bf45f7de7431fAlan Wright * default to Windows NT.
7b59d02d2a384be9a08087b14defadd214b3c1ddjb if (rc != 0)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States sinfo.ssi_cipwd = smb_srm_zalloc(sr, sinfo.ssi_cipwlen + 1);
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego rc = smbsr_decode_data(sr, "%#c", sr, sinfo.ssi_cipwlen,
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (rc != 0)
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Despite the CIFS/1.0 spec, the rest of this message is
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * not always present. We need to try to get the account
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * name and the primary domain but we don't care about the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * the native OS or native LanMan fields.
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego if (smbsr_decode_data(sr, "%u", sr, &sinfo.ssi_user) != 0)
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego if (smbsr_decode_data(sr, "%u", sr, &sinfo.ssi_domain) != 0)
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * If the sinfo.ssi_vcnumber is zero, we can discard any
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * other connections associated with this client.
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb smb_server_reconnection_check(sr->sr_server, sr->session);
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego auth_res = smb_authenticate(sr, &sinfo, &session_key);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (auth_res == SMB_AUTH_FAILED)
fc724630b14603e4c1147df68b7bf45f7de7431fAlan Wright native_lm = smbnative_lm_value(sinfo.ssi_native_lm);
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright sr->session->smb_msg_size = sinfo.ssi_maxbufsize;
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego sr->session->capabilities = sinfo.ssi_capabilities;
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Check to see if SMB signing is enable, but if it is already turned
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * on leave it.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * The first authenticated logon provides the MAC key and sequence
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * numbers for signing all further session on the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * same network connection.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw if (!(sr->session->signing.flags & SMB_SIGNING_ENABLED) &&
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw (sr->session->secmode & NEGOTIATE_SECURITY_SIGNATURES_ENABLED) &&
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego smb_sign_init(sr, session_key, (char *)sinfo.ssi_cspwd,
c8ec8eea9849cac239663c46be8a7f5d2ba7ca00jose borrego if (!(sr->smb_flg2 & SMB_FLAGS2_SMB_SECURITY_SIGNATURE) &&
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego (void) smb_inet_ntop(&sr->session->ipaddr, ipaddr_buf,
c8ec8eea9849cac239663c46be8a7f5d2ba7ca00jose borrego "SmbSessonSetupX: client %s is not capable of signing",
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smbnative_os_str(&sr->sr_cfg->skc_version),
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smbnative_lm_str(&sr->sr_cfg->skc_version),
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * Tries to authenticate the connected user.
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * It first tries to see if the user has already been authenticated.
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * If a match is found, the user structure in the session is duplicated
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * and the function returns. Otherwise, user information is passed to
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * smbd for authentication. If smbd can authenticate the user an access
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * token structure is returned. A cred_t and user structure is created
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * based on the returned access token.
7f667e74610492ddbce8ce60f52ece95d2401949jose borregosmb_authenticate(smb_request_t *sr, smb_sessionsetup_info_t *sinfo,
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States char *hostname = sr->sr_cfg->skc_hostname;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States int security = sr->sr_cfg->skc_secmode;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_token_t *usr_token = NULL;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_user_t *user = NULL;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_logon_t user_info;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States boolean_t need_lookup = B_FALSE;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States uint32_t privileges;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States cred_t *cr;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States char *buf = NULL;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States char *p;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States bzero(&user_info, sizeof (smb_logon_t));
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if ((*sinfo->ssi_user == '\0') &&
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (sinfo->ssi_cspwlen == 0) &&
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (sinfo->ssi_cipwlen == 1 && *sinfo->ssi_cipwd == '\0'))) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_e_username = "anonymous";
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_flags |= SMB_ATF_ANON;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_e_username = sinfo->ssi_user;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_e_domain = sinfo->ssi_domain;
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * Handle user@domain format.
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * We need to extract the user and domain names but
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * should keep the request data as is. This is important
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * for some forms of authentication.
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States buf = smb_mem_strdup(sinfo->ssi_user);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_e_username = buf;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_e_domain = p + 1;
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * See if this user has already been authenticated.
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * If no domain name is provided we cannot determine whether
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * this is a local or domain user when server is operating
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego * in domain mode, so lookup will be done after authentication.
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego user = smb_session_dup_user(sr->session, hostname,
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_e_username);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States } else if (*user_info.lg_e_domain != '\0') {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user = smb_session_dup_user(sr->session, user_info.lg_e_domain,
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_e_username);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_mem_free(buf);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_level = NETR_NETWORK_LOGON;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_domain = sinfo->ssi_domain;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_username = sinfo->ssi_user;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_workstation = sr->session->workstation;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_clnt_ipaddr = sr->session->ipaddr;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_local_ipaddr = sr->session->local_ipaddr;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_local_port = sr->session->s_local_port;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_challenge_key.val = sr->session->challenge_key;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_challenge_key.len = sr->session->challenge_len;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_nt_password.val = sinfo->ssi_cspwd;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_nt_password.len = sinfo->ssi_cspwlen;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_lm_password.val = sinfo->ssi_cipwd;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_lm_password.len = sinfo->ssi_cipwlen;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_native_os = sr->session->native_os;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States user_info.lg_native_lm = smbnative_lm_value(sinfo->ssi_native_lm);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States DTRACE_PROBE1(smb__sessionsetup__clntinfo, smb_logon_t *,
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States &user_info);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States usr_token = smb_get_token(&user_info);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_mem_free(buf);
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego usr_token->tkn_domain_name, usr_token->tkn_account_name);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States *session_key = smb_srm_zalloc(sr, sizeof (smb_session_key_t));
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego (void) memcpy(*session_key, usr_token->tkn_session_key,
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego if ((cr = smb_cred_create(usr_token, &privileges)) != NULL) {