1 /* 2 * This file and its contents are supplied under the terms of the 3 * Common Development and Distribution License ("CDDL"), version 1.0. 4 * You may only use this file in accordance with the terms of version 5 * 1.0 of the CDDL. 6 * 7 * A full copy of the text of the CDDL should have accompanied this 8 * source. A copy of the CDDL is also available via the Internet at 9 * http://www.illumos.org/license/CDDL. 10 */ 11 12 /* 13 * Copyright 2019 Nexenta Systems, Inc. All rights reserved. 14 * Copyright 2021 RackTop Systems, Inc. 15 */ 16 17 /* 18 * Dispatch function for SMB2_NEGOTIATE 19 */ 20 21 #include <smbsrv/smb2_kproto.h> 22 #include <smbsrv/smb2.h> 23 #include <sys/random.h> 24 25 static int smb2_negotiate_common(smb_request_t *, uint16_t); 26 27 /* List of supported capabilities. Can be patched for testing. */ 28 uint32_t smb2srv_capabilities = 29 SMB2_CAP_DFS | 30 SMB2_CAP_LEASING | 31 SMB2_CAP_LARGE_MTU | 32 SMB2_CAP_PERSISTENT_HANDLES | 33 SMB2_CAP_ENCRYPTION; 34 35 /* These are the only capabilities defined for SMB2.X */ 36 #define SMB_2X_CAPS (SMB2_CAP_DFS | SMB2_CAP_LEASING | SMB2_CAP_LARGE_MTU) 37 38 /* 39 * These are not intended as customer tunables, but dev. & test folks 40 * might want to adjust them (with caution). 41 * 42 * smb2_tcp_bufsize is the TCP buffer size, applied to the network socket 43 * with setsockopt SO_SNDBUF, SO_RCVBUF. These set the TCP window size. 44 * This is also used as a "sanity limit" for internal send/reply message 45 * allocations. Note that with compounding SMB2 messages may contain 46 * multiple requests/responses. This size should be large enough for 47 * at least a few SMB2 requests, and at least 2X smb2_max_rwsize. 48 * 49 * smb2_max_rwsize is what we put in the SMB2 negotiate response to tell 50 * the client the largest read and write request size we'll support. 51 * For now, we're using contiguous allocations, so keep this at 64KB 52 * so that (even with message overhead) allocations stay below 128KB, 53 * avoiding kmem_alloc -> page_create_va thrashing. 54 * 55 * smb2_max_trans is the largest "transact" send or receive, which is 56 * used for directory listings and info set/get operations. 57 */ 58 uint32_t smb2_tcp_bufsize = (1<<22); /* 4MB */ 59 uint32_t smb2_max_rwsize = (1<<16); /* 64KB */ 60 uint32_t smb2_max_trans = (1<<16); /* 64KB */ 61 62 /* 63 * With clients (e.g. HP scanners) that don't advertise SMB2_CAP_LARGE_MTU 64 * (including all clients using dialect < SMB 2.1), use a "conservative" value 65 * for max r/w size because some older clients misbehave with larger values. 66 * 64KB is recommended in the [MS-SMB2] spec. (3.3.5.3.1 SMB 2.1 or SMB 3.x 67 * Support) as the minimum so we'll use that. 68 */ 69 uint32_t smb2_old_rwsize = (1<<16); /* 64KB */ 70 71 /* 72 * List of all SMB2 versions we implement. Note that the 73 * versions we support may be limited by the 74 * _cfg.skc_max_protocol and min_protocol settings. 75 */ 76 static uint16_t smb2_versions[] = { 77 0x202, /* SMB 2.002 */ 78 0x210, /* SMB 2.1 */ 79 0x300, /* SMB 3.0 */ 80 0x302, /* SMB 3.02 */ 81 0x311, /* SMB 3.11 */ 82 }; 83 static uint16_t smb2_nversions = 84 sizeof (smb2_versions) / sizeof (smb2_versions[0]); 85 86 static boolean_t 87 smb2_supported_version(smb_session_t *s, uint16_t version) 88 { 89 int i; 90 91 if (version > s->s_cfg.skc_max_protocol || 92 version < s->s_cfg.skc_min_protocol) 93 return (B_FALSE); 94 for (i = 0; i < smb2_nversions; i++) 95 if (version == smb2_versions[i]) 96 return (B_TRUE); 97 return (B_FALSE); 98 } 99 100 /* 101 * Helper for the (SMB1) smb_com_negotiate(). This is the 102 * very unusual protocol interaction where an SMB1 negotiate 103 * gets an SMB2 negotiate response. This is the normal way 104 * clients first find out if the server supports SMB2. 105 * 106 * Note: This sends an SMB2 reply _itself_ and then returns 107 * SDRC_NO_REPLY so the caller will not send an SMB1 reply. 108 * Also, this is called directly from the reader thread, so 109 * we know this is the only thread using this session. 110 * 111 * The caller frees this request. 112 */ 113 smb_sdrc_t 114 smb1_negotiate_smb2(smb_request_t *sr) 115 { 116 smb_session_t *s = sr->session; 117 smb_arg_negotiate_t *negprot = sr->sr_negprot; 118 uint16_t smb2_version; 119 120 /* 121 * Note: In the SMB1 negotiate command handler, we 122 * agreed with one of the SMB2 dialects. If that 123 * dialect was "SMB 2.002", we'll respond here with 124 * version 0x202 and negotiation is done. If that 125 * dialect was "SMB 2.???", we'll respond here with 126 * the "wildcard" version 0x2FF, and the client will 127 * come back with an SMB2 negotiate. 128 */ 129 switch (negprot->ni_dialect) { 130 case DIALECT_SMB2002: /* SMB 2.002 (a.k.a. SMB2.0) */ 131 smb2_version = SMB_VERS_2_002; 132 s->dialect = smb2_version; 133 s->s_state = SMB_SESSION_STATE_NEGOTIATED; 134 /* Allow normal SMB2 requests now. */ 135 s->newrq_func = smb2sr_newrq; 136 break; 137 case DIALECT_SMB2XXX: /* SMB 2.??? (wildcard vers) */ 138 /* 139 * Expecting an SMB2 negotiate next, so keep the 140 * initial s->newrq_func. 141 */ 142 smb2_version = 0x2FF; 143 break; 144 default: 145 return (SDRC_DROP_VC); 146 } 147 148 /* 149 * We did not decode an SMB2 header, so make sure 150 * the SMB2 header fields are initialized. 151 * (Most are zero from smb_request_alloc.) 152 * Also, the SMB1 common dispatch code reserved space 153 * for an SMB1 header, which we need to undo here. 154 */ 155 sr->smb2_reply_hdr = sr->reply.chain_offset = 0; 156 sr->smb2_cmd_code = SMB2_NEGOTIATE; 157 sr->smb2_hdr_flags = SMB2_FLAGS_SERVER_TO_REDIR; 158 159 (void) smb2_encode_header(sr, B_FALSE); 160 if (smb2_negotiate_common(sr, smb2_version) != 0) 161 sr->smb2_status = NT_STATUS_INTERNAL_ERROR; 162 if (sr->smb2_status != 0) 163 smb2sr_put_error(sr, sr->smb2_status); 164 (void) smb2_encode_header(sr, B_TRUE); 165 166 smb2_send_reply(sr); 167 168 /* 169 * We sent the reply, so tell the SMB1 dispatch 170 * it should NOT (also) send a reply. 171 */ 172 return (SDRC_NO_REPLY); 173 } 174 175 static uint16_t 176 smb2_find_best_dialect(smb_session_t *s, uint16_t cl_versions[], 177 uint16_t version_cnt) 178 { 179 uint16_t best_version = 0; 180 int i; 181 182 for (i = 0; i < version_cnt; i++) 183 if (smb2_supported_version(s, cl_versions[i]) && 184 best_version < cl_versions[i]) 185 best_version = cl_versions[i]; 186 187 return (best_version); 188 } 189 190 /* 191 * SMB2 Negotiate gets special handling. This is called directly by 192 * the reader thread (see smbsr_newrq_initial) with what _should_ be 193 * an SMB2 Negotiate. Only the "\feSMB" header has been checked 194 * when this is called, so this needs to check the SMB command, 195 * if it's Negotiate execute it, then send the reply, etc. 196 * 197 * Since this is called directly from the reader thread, we 198 * know this is the only thread currently using this session. 199 * This has to duplicate some of what smb2sr_work does as a 200 * result of bypassing the normal dispatch mechanism. 201 * 202 * The caller always frees this request. 203 * 204 * Return value is 0 for success, and anything else will 205 * terminate the reader thread (drop the connection). 206 */ 207 enum smb2_neg_ctx_type { 208 SMB2_PREAUTH_INTEGRITY_CAPS = 1, 209 SMB2_ENCRYPTION_CAPS = 2, 210 SMB2_COMPRESSION_CAPS = 3, /* not imlemented */ 211 SMB2_NETNAME_NEGOTIATE_CONTEXT_ID = 5 /* not imlemented */ 212 }; 213 214 typedef struct smb2_negotiate_ctx { 215 uint16_t type; 216 uint16_t datalen; 217 } smb2_neg_ctx_t; 218 219 #define SMB31_PREAUTH_CTX_SALT_LEN 32 220 221 /* 222 * SMB 3.1.1 originally specified a single hashing algorithm - SHA-512 - and 223 * two encryption ones - AES-128-CCM and AES-128-GCM. 224 * Windows Server 2022 and Windows 11 introduced two further encryption 225 * algorithms - AES-256-CCM and AES-256-GCM. 226 */ 227 #define MAX_HASHID_NUM (1) 228 #define MAX_CIPHER_NUM (4) 229 230 typedef struct smb2_preauth_integrity_caps { 231 uint16_t picap_hash_count; 232 uint16_t picap_salt_len; 233 uint16_t picap_hash_id; 234 uint8_t picap_salt[SMB31_PREAUTH_CTX_SALT_LEN]; 235 } smb2_preauth_caps_t; 236 237 typedef struct smb2_encryption_caps { 238 uint16_t encap_cipher_count; 239 uint16_t encap_cipher_ids[MAX_CIPHER_NUM]; 240 } smb2_encrypt_caps_t; 241 242 /* 243 * The contexts we support 244 */ 245 typedef struct smb2_preauth_neg_ctx { 246 smb2_neg_ctx_t neg_ctx; 247 smb2_preauth_caps_t preauth_caps; 248 } smb2_preauth_neg_ctx_t; 249 250 typedef struct smb2_encrypt_neg_ctx { 251 smb2_neg_ctx_t neg_ctx; 252 smb2_encrypt_caps_t encrypt_caps; 253 } smb2_encrypt_neg_ctx_t; 254 255 typedef struct smb2_neg_ctxs { 256 uint32_t offset; 257 uint16_t count; 258 smb2_preauth_neg_ctx_t preauth_ctx; 259 smb2_encrypt_neg_ctx_t encrypt_ctx; 260 } smb2_neg_ctxs_t; 261 262 #define NEG_CTX_INFO_OFFSET (SMB2_HDR_SIZE + 28) 263 #define NEG_CTX_OFFSET_OFFSET (SMB2_HDR_SIZE + 64) 264 #define NEG_CTX_MAX_COUNT (16) 265 #define NEG_CTX_MAX_DATALEN (256) 266 267 #define STATUS_SMB_NO_PREAUTH_INEGRITY_HASH_OVERLAP (0xC05D0000) 268 269 #define STATUS_PREAUTH_HASH_OVERLAP \ 270 STATUS_SMB_NO_PREAUTH_INEGRITY_HASH_OVERLAP 271 272 #define SMB3_CIPHER_ENABLED(c, f) ((c) <= SMB3_CIPHER_MAX && \ 273 SMB3_CIPHER_BIT(c) & (f)) 274 275 /* 276 * This function should be called only for dialect >= 0x311 277 * Negotiate context list should contain exactly one 278 * SMB2_PREAUTH_INTEGRITY_CAPS context. 279 * Otherwise STATUS_INVALID_PARAMETER. 280 * It should contain at least 1 hash algorith what server does support. 281 * Otehrwise STATUS_SMB_NO_PREAUTH_INEGRITY_HASH_OVERLAP. 282 */ 283 static uint32_t 284 smb31_decode_neg_ctxs(smb_request_t *sr, smb2_neg_ctxs_t *neg_ctxs) 285 { 286 smb_session_t *s = sr->session; 287 smb2_preauth_caps_t *picap = &neg_ctxs->preauth_ctx.preauth_caps; 288 smb2_encrypt_caps_t *encap = &neg_ctxs->encrypt_ctx.encrypt_caps; 289 boolean_t found_sha512 = B_FALSE; 290 boolean_t found_cipher = B_FALSE; 291 uint16_t ciphers = sr->sr_server->sv_cfg.skc_encrypt_cipher; 292 uint32_t status = 0; 293 int32_t skip; 294 int found_preauth_ctx = 0; 295 int found_encrypt_ctx = 0; 296 int cnt, i; 297 int rc; 298 299 sr->command.chain_offset = NEG_CTX_INFO_OFFSET; 300 301 rc = smb_mbc_decodef(&sr->command, "lw2.", 302 &neg_ctxs->offset, /* l */ 303 &neg_ctxs->count); /* w */ 304 if (rc != 0) { 305 status = NT_STATUS_INVALID_PARAMETER; 306 goto errout; 307 } 308 /* 309 * There should be exactly 1 SMB2_PREAUTH_INTEGRITY_CAPS negotiate ctx. 310 * SMB2_ENCRYPTION_CAPS is optional one. 311 * If there is no contexts or there are to many then stop parsing. 312 */ 313 cnt = neg_ctxs->count; 314 if (cnt < 1 || cnt > NEG_CTX_MAX_COUNT) { 315 status = NT_STATUS_INVALID_PARAMETER; 316 goto errout; 317 } 318 319 /* 320 * Cannot proceed parsing if the first context isn't aligned by 8. 321 */ 322 if (neg_ctxs->offset % 8 != 0) { 323 status = NT_STATUS_INVALID_PARAMETER; 324 goto errout; 325 } 326 327 if ((skip = neg_ctxs->offset - sr->command.chain_offset) != 0 && 328 smb_mbc_decodef(&sr->command, "#.", skip) != 0) { 329 status = NT_STATUS_INVALID_PARAMETER; 330 goto errout; 331 } 332 333 /* 334 * Parse negotiate contexts. Ignore non-decoding errors to fill 335 * as much as possible data for dtrace probe. 336 */ 337 for (i = 0; i < cnt; i++) { 338 smb2_neg_ctx_t neg_ctx; 339 int32_t ctx_end_off; 340 int32_t ctx_next_off; 341 342 if (i > 0) { 343 if ((skip = ctx_next_off - ctx_end_off) != 0 && 344 smb_mbc_decodef(&sr->command, "#.", skip) != 0) { 345 status = NT_STATUS_INVALID_PARAMETER; 346 goto errout; 347 } 348 } 349 350 rc = smb_mbc_decodef( 351 &sr->command, "ww4.", 352 &neg_ctx.type, /* w */ 353 &neg_ctx.datalen); /* w */ 354 if (rc != 0) { 355 status = NT_STATUS_INVALID_PARAMETER; 356 goto errout; 357 } 358 359 /* 360 * We got something crazy 361 */ 362 if (neg_ctx.datalen > NEG_CTX_MAX_DATALEN) { 363 status = NT_STATUS_INVALID_PARAMETER; 364 goto errout; 365 } 366 367 ctx_end_off = sr->command.chain_offset + neg_ctx.datalen; 368 ctx_next_off = P2ROUNDUP(ctx_end_off, 8); 369 370 switch (neg_ctx.type) { 371 case SMB2_PREAUTH_INTEGRITY_CAPS: 372 memcpy(&neg_ctxs->preauth_ctx.neg_ctx, &neg_ctx, 373 sizeof (neg_ctx)); 374 375 if (found_preauth_ctx++ != 0) { 376 status = NT_STATUS_INVALID_PARAMETER; 377 continue; 378 } 379 380 rc = smb_mbc_decodef( 381 &sr->command, "ww", 382 &picap->picap_hash_count, /* w */ 383 &picap->picap_salt_len); /* w */ 384 if (rc != 0 || picap->picap_hash_count > 385 MAX_HASHID_NUM) { 386 status = NT_STATUS_INVALID_PARAMETER; 387 goto errout; 388 } 389 390 /* 391 * Get hash id 392 */ 393 rc = smb_mbc_decodef( 394 &sr->command, "#w", 395 picap->picap_hash_count, 396 &picap->picap_hash_id); /* w */ 397 if (rc != 0) { 398 status = NT_STATUS_INVALID_PARAMETER; 399 goto errout; 400 } 401 402 /* 403 * Get salt 404 */ 405 rc = smb_mbc_decodef( 406 &sr->command, "#c", 407 sizeof (picap->picap_salt), 408 &picap->picap_salt[0]); /* w */ 409 if (rc != 0) { 410 status = NT_STATUS_INVALID_PARAMETER; 411 goto errout; 412 } 413 414 /* 415 * In SMB 0x311 there should be exactly 1 preauth 416 * negotiate context, and there should be exactly 1 417 * hash value in the list - SHA512. 418 */ 419 if (picap->picap_hash_count != 1) { 420 status = NT_STATUS_INVALID_PARAMETER; 421 continue; 422 } 423 424 if (picap->picap_hash_id == SMB3_HASH_SHA512) 425 found_sha512 = B_TRUE; 426 break; 427 case SMB2_ENCRYPTION_CAPS: 428 memcpy(&neg_ctxs->preauth_ctx.neg_ctx, &neg_ctx, 429 sizeof (neg_ctx)); 430 431 if (found_encrypt_ctx++ != 0) { 432 status = NT_STATUS_INVALID_PARAMETER; 433 continue; 434 } 435 436 rc = smb_mbc_decodef( 437 &sr->command, "w", 438 &encap->encap_cipher_count); /* w */ 439 if (rc != 0 || encap->encap_cipher_count > 440 MAX_CIPHER_NUM) { 441 status = NT_STATUS_INVALID_PARAMETER; 442 goto errout; 443 } 444 445 /* 446 * Get cipher list 447 */ 448 rc = smb_mbc_decodef( 449 &sr->command, "#w", 450 encap->encap_cipher_count, 451 &encap->encap_cipher_ids[0]); /* w */ 452 if (rc != 0) { 453 status = NT_STATUS_INVALID_PARAMETER; 454 goto errout; 455 } 456 457 /* 458 * Select the first enabled cipher. 459 * Client should list more prioritized ciphers first. 460 */ 461 for (int k = 0; k < encap->encap_cipher_count; k++) { 462 uint16_t c = encap->encap_cipher_ids[k]; 463 464 if (SMB3_CIPHER_ENABLED(c, ciphers)) { 465 s->smb31_enc_cipherid = c; 466 found_cipher = B_TRUE; 467 break; 468 } 469 } 470 break; 471 default: 472 ; 473 } 474 } 475 476 if (status) 477 goto errout; 478 479 /* Not found mandatory SMB2_PREAUTH_INTEGRITY_CAPS ctx */ 480 if (found_preauth_ctx != 1 || found_encrypt_ctx > 1) { 481 status = NT_STATUS_INVALID_PARAMETER; 482 goto errout; 483 } 484 485 if (!found_sha512) { 486 status = STATUS_PREAUTH_HASH_OVERLAP; 487 goto errout; 488 } 489 490 s->smb31_preauth_hashid = SMB3_HASH_SHA512; 491 492 if (!found_cipher) 493 s->smb31_enc_cipherid = 0; 494 495 errout: 496 return (status); 497 } 498 499 static int 500 smb31_encode_neg_ctxs(smb_request_t *sr, smb2_neg_ctxs_t *neg_ctxs) 501 { 502 smb_session_t *s = sr->session; 503 smb2_preauth_caps_t *picap = &neg_ctxs->preauth_ctx.preauth_caps; 504 smb2_encrypt_caps_t *encap = &neg_ctxs->encrypt_ctx.encrypt_caps; 505 uint16_t salt_len = sizeof (picap->picap_salt); 506 uint32_t preauth_ctx_len = 6 + salt_len; 507 uint32_t enc_ctx_len = 4; 508 uint32_t neg_ctx_off = NEG_CTX_OFFSET_OFFSET + 509 P2ROUNDUP(sr->sr_cfg->skc_negtok_len, 8); 510 uint32_t rc; 511 512 bzero(neg_ctxs, sizeof (*neg_ctxs)); 513 514 if ((rc = smb_mbc_put_align(&sr->reply, 8)) != 0) 515 return (rc); 516 517 ASSERT3S(neg_ctx_off, ==, sr->reply.chain_offset); 518 519 encap->encap_cipher_ids[0] = s->smb31_enc_cipherid; 520 picap->picap_hash_id = s->smb31_preauth_hashid; 521 picap->picap_salt_len = salt_len; 522 523 (void) random_get_pseudo_bytes(picap->picap_salt, salt_len); 524 525 rc = smb_mbc_encodef( 526 &sr->reply, "ww4.", 527 SMB2_PREAUTH_INTEGRITY_CAPS, 528 preauth_ctx_len 529 /* 4. */); /* reserved */ 530 if (rc != 0) 531 return (rc); 532 533 rc = smb_mbc_encodef( 534 &sr->reply, "www#c", 535 1, /* hash algo count */ 536 salt_len, /* salt length */ 537 s->smb31_preauth_hashid, /* hash id */ 538 salt_len, /* salt length */ 539 picap->picap_salt); 540 541 /* aligned on 8-bytes boundary */ 542 if (rc != 0 || s->smb31_enc_cipherid == 0) { 543 cmn_err(CE_NOTE, "Encryption is not supported"); 544 return (rc); 545 } 546 547 if ((rc = smb_mbc_put_align(&sr->reply, 8)) != 0) 548 return (rc); 549 550 rc = smb_mbc_encodef( 551 &sr->reply, "ww4.", 552 SMB2_ENCRYPTION_CAPS, 553 enc_ctx_len 554 /* 4. */); /* reserved */ 555 556 rc = smb_mbc_encodef( 557 &sr->reply, "ww", 558 1, /* cipher count */ 559 s->smb31_enc_cipherid); /* encrypt. cipher id */ 560 561 return (rc); 562 } 563 564 int 565 smb2_newrq_negotiate(smb_request_t *sr) 566 { 567 smb_session_t *s = sr->session; 568 smb2_neg_ctxs_t neg_in_ctxs; 569 smb2_neg_ctxs_t neg_out_ctxs; 570 smb2_arg_negotiate_t *nego2 = &sr->sr_nego2; 571 int rc; 572 uint32_t status = 0; 573 uint16_t struct_size; 574 uint16_t best_version; 575 576 bzero(&neg_in_ctxs, sizeof (neg_in_ctxs)); 577 bzero(&neg_out_ctxs, sizeof (neg_out_ctxs)); 578 579 sr->smb2_cmd_hdr = sr->command.chain_offset; 580 rc = smb2_decode_header(sr); 581 if (rc != 0) 582 return (rc); 583 584 if (sr->smb2_hdr_flags & SMB2_FLAGS_SERVER_TO_REDIR) 585 return (-1); 586 587 if ((sr->smb2_cmd_code != SMB2_NEGOTIATE) || 588 (sr->smb2_next_command != 0)) 589 return (-1); 590 591 /* 592 * Decode SMB2 Negotiate (fixed-size part) 593 */ 594 rc = smb_mbc_decodef( 595 &sr->command, "www..l16c8.", 596 &struct_size, /* w */ 597 &s->cli_dialect_cnt, /* w */ 598 &s->cli_secmode, /* w */ 599 /* reserved (..) */ 600 &s->capabilities, /* l */ 601 s->clnt_uuid); /* 16c */ 602 /* start_time 8. */ 603 if (rc != 0) 604 return (rc); 605 if (struct_size != 36) 606 return (-1); 607 608 /* 609 * Decode SMB2 Negotiate (variable part) 610 * 611 * Be somewhat tolerant while decoding the variable part 612 * so we can return errors instead of dropping the client. 613 * Will limit decoding to the size of cli_dialects here, 614 * and do the error checks on s->cli_dialect_cnt after the 615 * dtrace start probe. 616 */ 617 if (s->cli_dialect_cnt > 0 && 618 s->cli_dialect_cnt <= SMB2_NEGOTIATE_MAX_DIALECTS && 619 smb_mbc_decodef(&sr->command, "#w", s->cli_dialect_cnt, 620 s->cli_dialects) != 0) { 621 /* decode error; force an error below */ 622 s->cli_dialect_cnt = 0; 623 } 624 625 /* 626 * [MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request 627 * "If the DialectCount of the SMB2 NEGOTIATE Request is 0, the 628 * server MUST fail the request with STATUS_INVALID_PARAMETER." 629 */ 630 if (s->cli_dialect_cnt == 0 || 631 s->cli_dialect_cnt > SMB2_NEGOTIATE_MAX_DIALECTS) { 632 status = NT_STATUS_INVALID_PARAMETER; 633 } 634 635 /* 636 * The client offers an array of protocol versions it 637 * supports, which we have decoded into s->cli_dialects[]. 638 * We walk the array and pick the highest supported. 639 * 640 * [MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request 641 * "If a common dialect is not found, the server MUST fail 642 * the request with STATUS_NOT_SUPPORTED." 643 */ 644 645 if (status == 0) { 646 best_version = smb2_find_best_dialect(s, s->cli_dialects, 647 s->cli_dialect_cnt); 648 if (best_version >= SMB_VERS_3_11) { 649 status = smb31_decode_neg_ctxs(sr, &neg_in_ctxs); 650 nego2->neg_in_ctxs = &neg_in_ctxs; 651 } else if (best_version == 0) { 652 status = NT_STATUS_NOT_SUPPORTED; 653 } 654 } 655 656 DTRACE_SMB2_START(op__Negotiate, smb_request_t *, sr); 657 nego2->neg_in_ctxs = NULL; 658 659 sr->smb2_hdr_flags |= SMB2_FLAGS_SERVER_TO_REDIR; 660 (void) smb2_encode_header(sr, B_FALSE); 661 662 if (status != 0) 663 goto errout; 664 665 /* 666 * [MS-SMB2] 3.3.5.2.4 Verifying the Signature 667 * "If the SMB2 header of the SMB2 NEGOTIATE request has the 668 * SMB2_FLAGS_SIGNED bit set in the Flags field, the server 669 * MUST fail the request with STATUS_INVALID_PARAMETER." 670 */ 671 if ((sr->smb2_hdr_flags & SMB2_FLAGS_SIGNED) != 0) { 672 sr->smb2_hdr_flags &= ~SMB2_FLAGS_SIGNED; 673 status = NT_STATUS_INVALID_PARAMETER; 674 goto errout; 675 } 676 677 s->dialect = best_version; 678 679 /* Allow normal SMB2 requests now. */ 680 s->s_state = SMB_SESSION_STATE_NEGOTIATED; 681 s->newrq_func = smb2sr_newrq; 682 683 if (smb2_negotiate_common(sr, best_version) != 0) 684 status = NT_STATUS_INTERNAL_ERROR; 685 686 if (s->dialect >= SMB_VERS_3_11 && status == 0) { 687 if (smb31_encode_neg_ctxs(sr, &neg_out_ctxs) != 0) 688 status = NT_STATUS_INTERNAL_ERROR; 689 nego2->neg_out_ctxs = &neg_out_ctxs; 690 } 691 692 errout: 693 sr->smb2_status = status; 694 DTRACE_SMB2_DONE(op__Negotiate, smb_request_t *, sr); 695 nego2->neg_out_ctxs = NULL; 696 697 if (sr->smb2_status != 0) 698 smb2sr_put_error(sr, sr->smb2_status); 699 (void) smb2_encode_header(sr, B_TRUE); 700 701 if (s->dialect >= SMB_VERS_3_11 && sr->smb2_status == 0) { 702 ASSERT3U(s->smb31_preauth_hashid, !=, 0); 703 if (smb31_preauth_sha512_calc(sr, &sr->reply, 704 s->smb31_preauth_hashval, 705 s->smb31_preauth_hashval) != 0) 706 cmn_err(CE_WARN, "(1) Preauth hash calculation " 707 "failed"); 708 } 709 710 smb2_send_reply(sr); 711 712 return (rc); 713 } 714 715 /* 716 * Common parts of SMB2 Negotiate, used for both the 717 * SMB1-to-SMB2 style, and straight SMB2 style. 718 * Do negotiation decisions and encode the reply. 719 * The caller does the network send. 720 * 721 * Return value is 0 for success, else error. 722 */ 723 static int 724 smb2_negotiate_common(smb_request_t *sr, uint16_t version) 725 { 726 timestruc_t boot_tv, now_tv; 727 smb_session_t *s = sr->session; 728 int rc; 729 uint32_t max_rwsize; 730 uint16_t secmode; 731 uint16_t neg_ctx_cnt = 0; 732 uint32_t neg_ctx_off = 0; 733 734 /* 735 * Negotiation itself. First the Security Mode. 736 */ 737 secmode = SMB2_NEGOTIATE_SIGNING_ENABLED; 738 if (sr->sr_cfg->skc_signing_required) 739 secmode |= SMB2_NEGOTIATE_SIGNING_REQUIRED; 740 s->srv_secmode = secmode; 741 742 s->cmd_max_bytes = smb2_tcp_bufsize; 743 s->reply_max_bytes = smb2_tcp_bufsize; 744 745 /* 746 * "The number of credits held by the client MUST be considered 747 * as 1 when the connection is established." [MS-SMB2] 748 * We leave credits at 1 until the first successful 749 * session setup is completed. 750 */ 751 s->s_cur_credits = s->s_max_credits = 1; 752 sr->smb2_credit_response = 1; 753 754 boot_tv.tv_sec = smb_get_boottime(); 755 boot_tv.tv_nsec = 0; 756 now_tv.tv_sec = gethrestime_sec(); 757 now_tv.tv_nsec = 0; 758 759 /* 760 * If the version is 0x2FF, we haven't completed negotiate. 761 * Don't initialize until we have our final request. 762 */ 763 if (version != 0x2FF) 764 smb2_sign_init_mech(s); 765 if (version >= 0x311) 766 smb31_preauth_init_mech(s); 767 768 /* 769 * [MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request 770 * 771 * The SMB2.x capabilities are returned without regard for 772 * what capabilities the client provided in the request. 773 * The SMB3.x capabilities returned are the traditional 774 * logical AND of server and client capabilities. 775 * 776 * One additional check: If KCF is missing something we 777 * require for encryption, turn off that capability. 778 */ 779 if (s->dialect < SMB_VERS_2_1) { 780 /* SMB 2.002 */ 781 s->srv_cap = smb2srv_capabilities & SMB2_CAP_DFS; 782 } else if (s->dialect < SMB_VERS_3_0) { 783 /* SMB 2.x */ 784 s->srv_cap = smb2srv_capabilities & SMB_2X_CAPS; 785 } else { 786 /* SMB 3.0 or later */ 787 s->srv_cap = smb2srv_capabilities & 788 (SMB_2X_CAPS | s->capabilities); 789 if ((s->srv_cap & SMB2_CAP_ENCRYPTION) != 0 && 790 smb3_encrypt_init_mech(s) != 0) { 791 s->srv_cap &= ~SMB2_CAP_ENCRYPTION; 792 s->smb31_enc_cipherid = 0; 793 } 794 795 if (s->dialect >= SMB_VERS_3_11) { 796 neg_ctx_cnt = s->smb31_enc_cipherid == 0 ? 1 : 2; 797 neg_ctx_off = NEG_CTX_OFFSET_OFFSET + 798 P2ROUNDUP(sr->sr_cfg->skc_negtok_len, 8); 799 800 ASSERT3U(s->smb31_preauth_hashid, !=, 0); 801 802 if (smb31_preauth_sha512_calc(sr, &sr->command, 803 s->smb31_preauth_hashval, 804 s->smb31_preauth_hashval) != 0) 805 cmn_err(CE_WARN, "(0) Preauth hash calculation " 806 "failed"); 807 } 808 } 809 810 /* 811 * See notes above smb2_max_rwsize, smb2_old_rwsize 812 */ 813 if (s->capabilities & SMB2_CAP_LARGE_MTU) 814 max_rwsize = smb2_max_rwsize; 815 else 816 max_rwsize = smb2_old_rwsize; 817 818 rc = smb_mbc_encodef( 819 &sr->reply, 820 "wwww#cllllTTwwl#c", 821 65, /* StructSize */ /* w */ 822 s->srv_secmode, /* w */ 823 version, /* w */ 824 neg_ctx_cnt, /* w */ 825 UUID_LEN, /* # */ 826 &s->s_cfg.skc_machine_uuid, /* c */ 827 s->srv_cap, /* l */ 828 smb2_max_trans, /* l */ 829 max_rwsize, /* l */ 830 max_rwsize, /* l */ 831 &now_tv, /* T */ 832 &boot_tv, /* T */ 833 128, /* SecBufOff */ /* w */ 834 sr->sr_cfg->skc_negtok_len, /* w */ 835 neg_ctx_off, /* l */ 836 sr->sr_cfg->skc_negtok_len, /* # */ 837 sr->sr_cfg->skc_negtok); /* c */ 838 839 840 841 /* smb2_send_reply(sr); in caller */ 842 843 (void) ksocket_setsockopt(s->sock, SOL_SOCKET, 844 SO_SNDBUF, (const void *)&smb2_tcp_bufsize, 845 sizeof (smb2_tcp_bufsize), CRED()); 846 (void) ksocket_setsockopt(s->sock, SOL_SOCKET, 847 SO_RCVBUF, (const void *)&smb2_tcp_bufsize, 848 sizeof (smb2_tcp_bufsize), CRED()); 849 850 return (rc); 851 } 852 853 /* 854 * SMB2 Dispatch table handler, which will run if we see an 855 * SMB2_NEGOTIATE after the initial negotiation is done. 856 * That would be a protocol error. 857 */ 858 smb_sdrc_t 859 smb2_negotiate(smb_request_t *sr) 860 { 861 sr->smb2_status = NT_STATUS_INVALID_PARAMETER; 862 return (SDRC_ERROR); 863 } 864 865 /* 866 * VALIDATE_NEGOTIATE_INFO [MS-SMB2] 2.2.32.6 867 */ 868 uint32_t 869 smb2_nego_validate(smb_request_t *sr, smb_fsctl_t *fsctl) 870 { 871 smb_session_t *s = sr->session; 872 boolean_t smb311 = s->s_cfg.skc_max_protocol >= SMB_VERS_3_11; 873 int rc; 874 875 /* 876 * The spec. says to parse the VALIDATE_NEGOTIATE_INFO here 877 * and verify that the original negotiate was not modified. 878 * 879 * One interesting requirement here is that we MUST reply 880 * with exactly the same information as we returned in our 881 * original reply to the SMB2 negotiate on this session. 882 * If we don't the client closes the connection. 883 */ 884 885 uint32_t capabilities; 886 uint16_t secmode; 887 uint16_t num_dialects; 888 uint16_t dialects[SMB2_NEGOTIATE_MAX_DIALECTS]; 889 uint8_t clnt_guid[16]; 890 891 if (s->dialect >= SMB_VERS_3_11) 892 goto drop; 893 894 /* 895 * [MS-SMB2] 3.3.5.2.4 Verifying the Signature 896 * 897 * If the dialect is SMB3 and the message was successfully 898 * decrypted we MUST skip processing of the signature. 899 */ 900 if (!sr->encrypted && (sr->smb2_hdr_flags & SMB2_FLAGS_SIGNED) == 0) 901 goto drop; 902 903 if (fsctl->InputCount < 24) 904 goto drop; 905 906 (void) smb_mbc_decodef(fsctl->in_mbc, "l16cww", 907 &capabilities, /* l */ 908 &clnt_guid, /* 16c */ 909 &secmode, /* w */ 910 &num_dialects); /* w */ 911 912 if (num_dialects == 0 || num_dialects > SMB2_NEGOTIATE_MAX_DIALECTS) 913 goto drop; 914 if (smb311 && num_dialects != s->cli_dialect_cnt) 915 goto drop; 916 if (secmode != s->cli_secmode) 917 goto drop; 918 if (capabilities != s->capabilities) 919 goto drop; 920 if (memcmp(clnt_guid, s->clnt_uuid, sizeof (clnt_guid)) != 0) 921 goto drop; 922 923 if (fsctl->InputCount < (24 + num_dialects * sizeof (*dialects))) 924 goto drop; 925 926 rc = smb_mbc_decodef(fsctl->in_mbc, "#w", num_dialects, dialects); 927 if (rc != 0) 928 goto drop; 929 930 if (smb311) { 931 for (int i = 0; i < num_dialects; i++) { 932 if (dialects[i] != s->cli_dialects[i]) 933 goto drop; 934 } 935 } else { 936 if (smb2_find_best_dialect(s, dialects, num_dialects) != 937 s->dialect) 938 goto drop; 939 } 940 941 rc = smb_mbc_encodef( 942 fsctl->out_mbc, "l#cww", 943 s->srv_cap, /* l */ 944 UUID_LEN, /* # */ 945 &s->s_cfg.skc_machine_uuid, /* c */ 946 s->srv_secmode, /* w */ 947 s->dialect); /* w */ 948 if (rc == 0) 949 return (rc); 950 951 drop: 952 smb_session_disconnect(s); 953 return (NT_STATUS_ACCESS_DENIED); 954 } 955