1 /* 2 * This file and its contents are supplied under the terms of the 3 * Common Development and Distribution License ("CDDL"), version 1.0. 4 * You may only use this file in accordance with the terms of version 5 * 1.0 of the CDDL. 6 * 7 * A full copy of the text of the CDDL should have accompanied this 8 * source. A copy of the CDDL is also available via the Internet at 9 * http://www.illumos.org/license/CDDL. 10 */ 11 12 /* 13 * Copyright 2019 Nexenta Systems, Inc. All rights reserved. 14 * Copyright 2022 RackTop Systems, Inc. 15 */ 16 17 /* 18 * Dispatch function for SMB2_NEGOTIATE 19 */ 20 21 #include <smbsrv/smb2_kproto.h> 22 #include <smbsrv/smb2.h> 23 #include <sys/random.h> 24 25 /* 26 * Note from [MS-SMB2] Sec. 2.2.3: Windows servers return 27 * invalid parameter if the dialect count is greater than 64 28 * This is here (and not in smb2.h) because this is technically 29 * an implementation detail, not protocol specification. 30 */ 31 #define SMB2_NEGOTIATE_MAX_DIALECTS 64 32 33 static int smb2_negotiate_common(smb_request_t *, uint16_t); 34 35 /* List of supported capabilities. Can be patched for testing. */ 36 uint32_t smb2srv_capabilities = 37 SMB2_CAP_DFS | 38 SMB2_CAP_LEASING | 39 SMB2_CAP_LARGE_MTU | 40 SMB2_CAP_PERSISTENT_HANDLES | 41 #ifndef _FAKE_KERNEL 42 SMB2_CAP_ENCRYPTION | 43 #endif 44 0; 45 46 /* These are the only capabilities defined for SMB2.X */ 47 #define SMB_2X_CAPS (SMB2_CAP_DFS | SMB2_CAP_LEASING | SMB2_CAP_LARGE_MTU) 48 49 /* 50 * These are not intended as customer tunables, but dev. & test folks 51 * might want to adjust them (with caution). 52 * 53 * smb2_tcp_bufsize is the TCP buffer size, applied to the network socket 54 * with setsockopt SO_SNDBUF, SO_RCVBUF. These set the TCP window size. 55 * This is also used as a "sanity limit" for internal send/reply message 56 * allocations. Note that with compounding SMB2 messages may contain 57 * multiple requests/responses. This size should be large enough for 58 * at least a few SMB2 requests, and at least 2X smb2_max_rwsize. 59 * 60 * smb2_max_rwsize is what we put in the SMB2 negotiate response to tell 61 * the client the largest read and write request size we'll support. 62 * For now, we're using contiguous allocations, so keep this at 64KB 63 * so that (even with message overhead) allocations stay below 128KB, 64 * avoiding kmem_alloc -> page_create_va thrashing. 65 * 66 * smb2_max_trans is the largest "transact" send or receive, which is 67 * used for directory listings and info set/get operations. 68 */ 69 uint32_t smb2_tcp_bufsize = (1<<22); /* 4MB */ 70 uint32_t smb2_max_rwsize = (1<<16); /* 64KB */ 71 uint32_t smb2_max_trans = (1<<16); /* 64KB */ 72 73 /* 74 * With clients (e.g. HP scanners) that don't advertise SMB2_CAP_LARGE_MTU 75 * (including all clients using dialect < SMB 2.1), use a "conservative" value 76 * for max r/w size because some older clients misbehave with larger values. 77 * 64KB is recommended in the [MS-SMB2] spec. (3.3.5.3.1 SMB 2.1 or SMB 3.x 78 * Support) as the minimum so we'll use that. 79 */ 80 uint32_t smb2_old_rwsize = (1<<16); /* 64KB */ 81 82 /* 83 * List of all SMB2 versions we implement. Note that the 84 * versions we support may be limited by the 85 * _cfg.skc_max_protocol and min_protocol settings. 86 */ 87 static uint16_t smb2_versions[] = { 88 0x202, /* SMB 2.002 */ 89 0x210, /* SMB 2.1 */ 90 0x300, /* SMB 3.0 */ 91 0x302, /* SMB 3.02 */ 92 0x311, /* SMB 3.11 */ 93 }; 94 static uint16_t smb2_nversions = 95 sizeof (smb2_versions) / sizeof (smb2_versions[0]); 96 97 enum smb2_neg_ctx_type { 98 SMB2_PREAUTH_INTEGRITY_CAPS = 1, 99 SMB2_ENCRYPTION_CAPS = 2, 100 SMB2_COMPRESSION_CAPS = 3, /* not imlemented */ 101 SMB2_NETNAME_NEGOTIATE_CONTEXT_ID = 5 /* not imlemented */ 102 }; 103 104 typedef struct smb2_negotiate_ctx { 105 uint16_t type; 106 uint16_t datalen; 107 } smb2_neg_ctx_t; 108 109 #define SMB31_PREAUTH_CTX_SALT_LEN 32 110 111 /* 112 * SMB 3.1.1 originally specified a single hashing algorithm - SHA-512 - and 113 * two encryption ones - AES-128-CCM and AES-128-GCM. 114 * Windows Server 2022 and Windows 11 introduced two further encryption 115 * algorithms - AES-256-CCM and AES-256-GCM. 116 */ 117 #define MAX_HASHID_NUM (1) 118 #define MAX_CIPHER_NUM (8) 119 120 typedef struct smb2_preauth_integrity_caps { 121 uint16_t picap_hash_count; 122 uint16_t picap_salt_len; 123 uint16_t picap_hash_id; 124 uint8_t picap_salt[SMB31_PREAUTH_CTX_SALT_LEN]; 125 } smb2_preauth_caps_t; 126 127 typedef struct smb2_encryption_caps { 128 uint16_t encap_cipher_count; 129 uint16_t encap_cipher_ids[MAX_CIPHER_NUM]; 130 } smb2_encrypt_caps_t; 131 132 /* 133 * The contexts we support 134 */ 135 typedef struct smb2_preauth_neg_ctx { 136 smb2_neg_ctx_t neg_ctx; 137 smb2_preauth_caps_t preauth_caps; 138 } smb2_preauth_neg_ctx_t; 139 140 typedef struct smb2_encrypt_neg_ctx { 141 smb2_neg_ctx_t neg_ctx; 142 smb2_encrypt_caps_t encrypt_caps; 143 } smb2_encrypt_neg_ctx_t; 144 145 typedef struct smb2_neg_ctxs { 146 uint32_t offset; 147 uint16_t count; 148 smb2_preauth_neg_ctx_t preauth_ctx; 149 smb2_encrypt_neg_ctx_t encrypt_ctx; 150 } smb2_neg_ctxs_t; 151 152 #define NEG_CTX_INFO_OFFSET (SMB2_HDR_SIZE + 28) 153 #define NEG_CTX_OFFSET_OFFSET (SMB2_HDR_SIZE + 64) 154 #define NEG_CTX_MAX_COUNT (16) 155 #define NEG_CTX_MAX_DATALEN (256) 156 157 #define STATUS_SMB_NO_PREAUTH_INEGRITY_HASH_OVERLAP (0xC05D0000) 158 159 #define STATUS_PREAUTH_HASH_OVERLAP \ 160 STATUS_SMB_NO_PREAUTH_INEGRITY_HASH_OVERLAP 161 162 typedef struct smb2_arg_negotiate { 163 struct smb2_neg_ctxs neg_in_ctxs; 164 struct smb2_neg_ctxs neg_out_ctxs; 165 uint16_t neg_dialect_cnt; 166 uint16_t neg_dialects[SMB2_NEGOTIATE_MAX_DIALECTS]; 167 uint16_t neg_highest_dialect; 168 } smb2_arg_negotiate_t; 169 170 171 static boolean_t 172 smb2_supported_version(smb_session_t *s, uint16_t version) 173 { 174 int i; 175 176 if (version > s->s_cfg.skc_max_protocol || 177 version < s->s_cfg.skc_min_protocol) 178 return (B_FALSE); 179 for (i = 0; i < smb2_nversions; i++) 180 if (version == smb2_versions[i]) 181 return (B_TRUE); 182 return (B_FALSE); 183 } 184 185 static uint16_t 186 smb2_find_best_dialect(smb_session_t *s, uint16_t cl_versions[], 187 uint16_t version_cnt) 188 { 189 uint16_t best_version = 0; 190 int i; 191 192 for (i = 0; i < version_cnt; i++) 193 if (smb2_supported_version(s, cl_versions[i]) && 194 best_version < cl_versions[i]) 195 best_version = cl_versions[i]; 196 197 return (best_version); 198 } 199 200 /* 201 * This function should be called only for dialect >= 0x311 202 * Negotiate context list should contain exactly one 203 * SMB2_PREAUTH_INTEGRITY_CAPS context. 204 * Otherwise STATUS_INVALID_PARAMETER. 205 * It should contain at least 1 hash algorith what server does support. 206 * Otehrwise STATUS_SMB_NO_PREAUTH_INEGRITY_HASH_OVERLAP. 207 */ 208 static uint32_t 209 smb31_decode_neg_ctxs(smb_request_t *sr) 210 { 211 smb_session_t *s = sr->session; 212 smb2_arg_negotiate_t *nego = sr->arg.other; 213 smb2_neg_ctxs_t *neg_ctxs = &nego->neg_in_ctxs; 214 smb2_preauth_caps_t *picap = &neg_ctxs->preauth_ctx.preauth_caps; 215 smb2_encrypt_caps_t *encap = &neg_ctxs->encrypt_ctx.encrypt_caps; 216 boolean_t found_sha512 = B_FALSE; 217 boolean_t found_cipher = B_FALSE; 218 uint32_t ciphers = sr->sr_server->sv_cfg.skc_encrypt_ciphers; 219 uint32_t status = 0; 220 int32_t skip; 221 int found_preauth_ctx = 0; 222 int found_encrypt_ctx = 0; 223 int cnt, i; 224 int rc; 225 226 /* 227 * There should be exactly 1 SMB2_PREAUTH_INTEGRITY_CAPS negotiate ctx. 228 * SMB2_ENCRYPTION_CAPS is optional one. 229 * If there is no contexts or there are to many then stop parsing. 230 */ 231 cnt = neg_ctxs->count; 232 if (cnt < 1 || cnt > NEG_CTX_MAX_COUNT) { 233 status = NT_STATUS_INVALID_PARAMETER; 234 goto errout; 235 } 236 237 /* 238 * Cannot proceed parsing if the first context isn't aligned by 8. 239 */ 240 if (neg_ctxs->offset % 8 != 0) { 241 status = NT_STATUS_INVALID_PARAMETER; 242 goto errout; 243 } 244 245 if ((skip = neg_ctxs->offset - sr->command.chain_offset) != 0 && 246 smb_mbc_decodef(&sr->command, "#.", skip) != 0) { 247 status = NT_STATUS_INVALID_PARAMETER; 248 goto errout; 249 } 250 251 /* 252 * Parse negotiate contexts. Ignore non-decoding errors to fill 253 * as much as possible data for dtrace probe. 254 */ 255 for (i = 0; i < cnt; i++) { 256 smb2_neg_ctx_t neg_ctx; 257 int32_t ctx_end_off; 258 int32_t ctx_next_off; 259 260 if (i > 0) { 261 if ((skip = ctx_next_off - ctx_end_off) != 0 && 262 smb_mbc_decodef(&sr->command, "#.", skip) != 0) { 263 status = NT_STATUS_INVALID_PARAMETER; 264 goto errout; 265 } 266 } 267 268 rc = smb_mbc_decodef( 269 &sr->command, "ww4.", 270 &neg_ctx.type, /* w */ 271 &neg_ctx.datalen); /* w */ 272 if (rc != 0) { 273 status = NT_STATUS_INVALID_PARAMETER; 274 goto errout; 275 } 276 277 /* 278 * We got something crazy 279 */ 280 if (neg_ctx.datalen > NEG_CTX_MAX_DATALEN) { 281 status = NT_STATUS_INVALID_PARAMETER; 282 goto errout; 283 } 284 285 ctx_end_off = sr->command.chain_offset + neg_ctx.datalen; 286 ctx_next_off = P2ROUNDUP(ctx_end_off, 8); 287 288 switch (neg_ctx.type) { 289 case SMB2_PREAUTH_INTEGRITY_CAPS: 290 memcpy(&neg_ctxs->preauth_ctx.neg_ctx, &neg_ctx, 291 sizeof (neg_ctx)); 292 293 if (found_preauth_ctx++ != 0) { 294 status = NT_STATUS_INVALID_PARAMETER; 295 continue; 296 } 297 298 rc = smb_mbc_decodef( 299 &sr->command, "ww", 300 &picap->picap_hash_count, /* w */ 301 &picap->picap_salt_len); /* w */ 302 if (rc != 0 || picap->picap_hash_count > 303 MAX_HASHID_NUM) { 304 status = NT_STATUS_INVALID_PARAMETER; 305 goto errout; 306 } 307 308 /* 309 * Get hash id 310 */ 311 rc = smb_mbc_decodef( 312 &sr->command, "#w", 313 picap->picap_hash_count, 314 &picap->picap_hash_id); /* w */ 315 if (rc != 0) { 316 status = NT_STATUS_INVALID_PARAMETER; 317 goto errout; 318 } 319 320 /* 321 * Get salt 322 */ 323 rc = smb_mbc_decodef( 324 &sr->command, "#c", 325 sizeof (picap->picap_salt), 326 &picap->picap_salt[0]); /* w */ 327 if (rc != 0) { 328 status = NT_STATUS_INVALID_PARAMETER; 329 goto errout; 330 } 331 332 /* 333 * In SMB 0x311 there should be exactly 1 preauth 334 * negotiate context, and there should be exactly 1 335 * hash value in the list - SHA512. 336 */ 337 if (picap->picap_hash_count != 1) { 338 status = NT_STATUS_INVALID_PARAMETER; 339 continue; 340 } 341 342 if (picap->picap_hash_id == SMB3_HASH_SHA512) 343 found_sha512 = B_TRUE; 344 break; 345 case SMB2_ENCRYPTION_CAPS: 346 memcpy(&neg_ctxs->preauth_ctx.neg_ctx, &neg_ctx, 347 sizeof (neg_ctx)); 348 349 if (found_encrypt_ctx++ != 0) { 350 status = NT_STATUS_INVALID_PARAMETER; 351 continue; 352 } 353 354 rc = smb_mbc_decodef( 355 &sr->command, "w", 356 &encap->encap_cipher_count); /* w */ 357 if (rc != 0 || encap->encap_cipher_count > 358 MAX_CIPHER_NUM) { 359 status = NT_STATUS_INVALID_PARAMETER; 360 goto errout; 361 } 362 363 /* 364 * Get cipher list 365 */ 366 rc = smb_mbc_decodef( 367 &sr->command, "#w", 368 encap->encap_cipher_count, 369 &encap->encap_cipher_ids[0]); /* w */ 370 if (rc != 0) { 371 status = NT_STATUS_INVALID_PARAMETER; 372 goto errout; 373 } 374 375 /* 376 * Select the first enabled cipher. 377 * Client should list more prioritized ciphers first. 378 */ 379 for (int k = 0; k < encap->encap_cipher_count; k++) { 380 uint16_t c = encap->encap_cipher_ids[k]; 381 382 if (c <= SMB3_CIPHER_MAX && 383 (SMB3_CIPHER_BIT(c) & ciphers) != 0) { 384 s->smb31_enc_cipherid = c; 385 found_cipher = B_TRUE; 386 break; 387 } 388 } 389 break; 390 default: 391 ; 392 } 393 } 394 395 if (status) 396 goto errout; 397 398 /* Not found mandatory SMB2_PREAUTH_INTEGRITY_CAPS ctx */ 399 if (found_preauth_ctx != 1 || found_encrypt_ctx > 1) { 400 status = NT_STATUS_INVALID_PARAMETER; 401 goto errout; 402 } 403 404 if (!found_sha512) { 405 status = STATUS_PREAUTH_HASH_OVERLAP; 406 goto errout; 407 } 408 409 s->smb31_preauth_hashid = SMB3_HASH_SHA512; 410 411 if (!found_cipher) 412 s->smb31_enc_cipherid = 0; 413 414 /* Initialize out = in */ 415 nego->neg_out_ctxs = nego->neg_in_ctxs; 416 417 errout: 418 return (status); 419 } 420 421 static int 422 smb31_encode_neg_ctxs(smb_request_t *sr) 423 { 424 smb_session_t *s = sr->session; 425 smb2_arg_negotiate_t *nego = sr->arg.other; 426 smb2_neg_ctxs_t *neg_ctxs = &nego->neg_out_ctxs; 427 smb2_preauth_caps_t *picap = &neg_ctxs->preauth_ctx.preauth_caps; 428 smb2_encrypt_caps_t *encap = &neg_ctxs->encrypt_ctx.encrypt_caps; 429 uint16_t salt_len = sizeof (picap->picap_salt); 430 uint32_t preauth_ctx_len = 6 + salt_len; 431 uint32_t enc_ctx_len = 4; 432 uint32_t neg_ctx_off = NEG_CTX_OFFSET_OFFSET + 433 P2ROUNDUP(sr->sr_cfg->skc_negtok_len, 8); 434 uint32_t rc; 435 436 if ((rc = smb_mbc_put_align(&sr->reply, 8)) != 0) 437 return (rc); 438 439 ASSERT3S(neg_ctx_off, ==, sr->reply.chain_offset); 440 441 picap->picap_hash_id = s->smb31_preauth_hashid; 442 picap->picap_salt_len = salt_len; 443 444 (void) random_get_pseudo_bytes(picap->picap_salt, salt_len); 445 446 rc = smb_mbc_encodef( 447 &sr->reply, "ww4.", 448 SMB2_PREAUTH_INTEGRITY_CAPS, 449 preauth_ctx_len 450 /* 4. */); /* reserved */ 451 if (rc != 0) 452 return (rc); 453 454 rc = smb_mbc_encodef( 455 &sr->reply, "www#c", 456 1, /* hash algo count */ 457 salt_len, /* salt length */ 458 s->smb31_preauth_hashid, /* hash id */ 459 salt_len, /* salt length */ 460 picap->picap_salt); 461 if (rc != 0) 462 return (rc); 463 464 /* 465 * If we did not get SMB2_ENCRYPTION_CAPS, don't send one. 466 */ 467 if (encap->encap_cipher_count == 0) 468 return (0); 469 470 /* 471 * Encode SMB2_ENCRYPTION_CAPS response. 472 */ 473 if ((rc = smb_mbc_put_align(&sr->reply, 8)) != 0) 474 return (rc); 475 476 rc = smb_mbc_encodef( 477 &sr->reply, "ww4.", 478 SMB2_ENCRYPTION_CAPS, 479 enc_ctx_len 480 /* 4. */); /* reserved */ 481 482 rc = smb_mbc_encodef( 483 &sr->reply, "ww", 484 1, /* cipher count */ 485 s->smb31_enc_cipherid); /* encrypt. cipher id */ 486 487 return (rc); 488 } 489 490 /* 491 * Helper for the (SMB1) smb_com_negotiate(). This is the 492 * very unusual protocol interaction where an SMB1 negotiate 493 * gets an SMB2 negotiate response. This is the normal way 494 * clients first find out if the server supports SMB2. 495 * 496 * Note: This sends an SMB2 reply _itself_ and then returns 497 * SDRC_NO_REPLY so the caller will not send an SMB1 reply. 498 * Also, this is called directly from the reader thread, so 499 * we know this is the only thread using this session. 500 * Otherwise, this is similar to smb2_newrq_negotiate(). 501 * 502 * The caller frees this request. 503 */ 504 smb_sdrc_t 505 smb1_negotiate_smb2(smb_request_t *sr) 506 { 507 smb_session_t *s = sr->session; 508 smb_arg_negotiate_t *negprot = sr->sr_negprot; 509 uint16_t smb2_version; 510 511 /* 512 * Note: In the SMB1 negotiate command handler, we 513 * agreed with one of the SMB2 dialects. If that 514 * dialect was "SMB 2.002", we'll respond here with 515 * version 0x202 and negotiation is done. If that 516 * dialect was "SMB 2.???", we'll respond here with 517 * the "wildcard" version 0x2FF, and the client will 518 * come back with an SMB2 negotiate. 519 */ 520 switch (negprot->ni_dialect) { 521 case DIALECT_SMB2002: /* SMB 2.002 (a.k.a. SMB2.0) */ 522 smb2_version = SMB_VERS_2_002; 523 s->dialect = smb2_version; 524 s->s_state = SMB_SESSION_STATE_NEGOTIATED; 525 /* Allow normal SMB2 requests now. */ 526 s->newrq_func = smb2sr_newrq; 527 break; 528 case DIALECT_SMB2XXX: /* SMB 2.??? (wildcard vers) */ 529 /* 530 * Expecting an SMB2 negotiate next, so keep the 531 * initial s->newrq_func. 532 */ 533 smb2_version = 0x2FF; 534 break; 535 default: 536 return (SDRC_DROP_VC); 537 } 538 539 /* 540 * We did not decode an SMB2 header, so make sure 541 * the SMB2 header fields are initialized. 542 * (Most are zero from smb_request_alloc.) 543 * Also, the SMB1 common dispatch code reserved space 544 * for an SMB1 header, which we need to undo here. 545 */ 546 sr->smb2_reply_hdr = sr->reply.chain_offset = 0; 547 sr->smb2_cmd_code = SMB2_NEGOTIATE; 548 sr->smb2_hdr_flags = SMB2_FLAGS_SERVER_TO_REDIR; 549 550 /* 551 * Also setup SMB2 negotiate args (empty here). 552 * SMB1 args free'd by smb_srm_fini(sr) 553 */ 554 sr->arg.other = smb_srm_zalloc(sr, sizeof (smb2_arg_negotiate_t)); 555 556 (void) smb2_encode_header(sr, B_FALSE); 557 if (smb2_negotiate_common(sr, smb2_version) != 0) 558 sr->smb2_status = NT_STATUS_INTERNAL_ERROR; 559 if (sr->smb2_status != 0) 560 smb2sr_put_error(sr, sr->smb2_status); 561 (void) smb2_encode_header(sr, B_TRUE); 562 563 smb2_send_reply(sr); 564 565 /* 566 * We sent the reply, so tell the SMB1 dispatch 567 * it should NOT (also) send a reply. 568 */ 569 return (SDRC_NO_REPLY); 570 } 571 572 /* 573 * SMB2 Negotiate gets special handling. This is called directly by 574 * the reader thread (see smbsr_newrq_initial) with what _should_ be 575 * an SMB2 Negotiate. Only the "\feSMB" header has been checked 576 * when this is called, so this needs to check the SMB command, 577 * if it's Negotiate execute it, then send the reply, etc. 578 * 579 * Since this is called directly from the reader thread, we 580 * know this is the only thread currently using this session. 581 * This has to duplicate some of what smb2sr_work does as a 582 * result of bypassing the normal dispatch mechanism. 583 * 584 * The caller always frees this request. 585 * 586 * Return value is 0 for success, and anything else will 587 * terminate the reader thread (drop the connection). 588 */ 589 int 590 smb2_newrq_negotiate(smb_request_t *sr) 591 { 592 smb_session_t *s = sr->session; 593 smb2_arg_negotiate_t *nego; 594 int rc; 595 uint32_t nctx_status = 0; 596 uint32_t status = 0; 597 uint32_t neg_ctx_off; 598 uint16_t neg_ctx_cnt; 599 uint16_t struct_size; 600 uint16_t dialect_cnt; 601 uint16_t best_version; 602 603 nego = smb_srm_zalloc(sr, sizeof (smb2_arg_negotiate_t)); 604 sr->arg.other = nego; // for dtrace 605 606 sr->smb2_cmd_hdr = sr->command.chain_offset; 607 rc = smb2_decode_header(sr); 608 if (rc != 0) 609 return (rc); 610 611 if (sr->smb2_hdr_flags & SMB2_FLAGS_SERVER_TO_REDIR) 612 return (-1); 613 614 if ((sr->smb2_cmd_code != SMB2_NEGOTIATE) || 615 (sr->smb2_next_command != 0)) 616 return (-1); 617 618 /* 619 * Decode SMB2 Negotiate (fixed-size part) 620 */ 621 rc = smb_mbc_decodef( 622 &sr->command, "www..l16clw..", 623 &struct_size, /* w */ 624 &dialect_cnt, /* w */ 625 &s->cli_secmode, /* w */ 626 /* reserved (..) */ 627 &s->capabilities, /* l */ 628 s->clnt_uuid, /* 16c */ 629 &neg_ctx_off, /* l */ 630 &neg_ctx_cnt); /* w */ 631 /* reserverd (..) */ 632 if (rc != 0) 633 return (rc); 634 if (struct_size != 36) 635 return (-1); 636 637 /* 638 * Decode SMB2 Negotiate (variable part) 639 * 640 * Be somewhat tolerant while decoding the variable part 641 * so we can return errors instead of dropping the client. 642 * Will limit decoding to the size of cli_dialects here, 643 * and do error checks on the decoded dialect_cnt after the 644 * dtrace start probe. 645 */ 646 if (dialect_cnt > SMB2_NEGOTIATE_MAX_DIALECTS) 647 nego->neg_dialect_cnt = SMB2_NEGOTIATE_MAX_DIALECTS; 648 else 649 nego->neg_dialect_cnt = dialect_cnt; 650 if (nego->neg_dialect_cnt > 0) { 651 rc = smb_mbc_decodef(&sr->command, "#w", 652 nego->neg_dialect_cnt, 653 nego->neg_dialects); 654 if (rc != 0) 655 return (rc); // short msg 656 } 657 658 best_version = smb2_find_best_dialect(s, nego->neg_dialects, 659 nego->neg_dialect_cnt); 660 661 if (best_version >= SMB_VERS_3_11) { 662 nego->neg_in_ctxs.offset = neg_ctx_off; 663 nego->neg_in_ctxs.count = neg_ctx_cnt; 664 nctx_status = smb31_decode_neg_ctxs(sr); 665 /* check nctx_status below */ 666 } 667 668 DTRACE_SMB2_START(op__Negotiate, smb_request_t *, sr); 669 670 sr->smb2_credit_response = 1; 671 sr->smb2_hdr_flags |= SMB2_FLAGS_SERVER_TO_REDIR; 672 (void) smb2_encode_header(sr, B_FALSE); 673 674 /* 675 * NOW start validating things (NOT before here) 676 */ 677 678 /* 679 * [MS-SMB2] 3.3.5.2.4 Verifying the Signature 680 * "If the SMB2 header of the SMB2 NEGOTIATE request has the 681 * SMB2_FLAGS_SIGNED bit set in the Flags field, the server 682 * MUST fail the request with STATUS_INVALID_PARAMETER." 683 */ 684 if ((sr->smb2_hdr_flags & SMB2_FLAGS_SIGNED) != 0) { 685 sr->smb2_hdr_flags &= ~SMB2_FLAGS_SIGNED; 686 status = NT_STATUS_INVALID_PARAMETER; 687 goto errout; 688 } 689 690 /* 691 * [MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request 692 * "If the DialectCount of the SMB2 NEGOTIATE Request is 0, the 693 * server MUST fail the request with STATUS_INVALID_PARAMETER." 694 * Checking the decoded value here, not the constrained one. 695 */ 696 if (dialect_cnt == 0 || 697 dialect_cnt > SMB2_NEGOTIATE_MAX_DIALECTS) { 698 status = NT_STATUS_INVALID_PARAMETER; 699 goto errout; 700 } 701 702 /* 703 * We decoded the offered dialects above, and 704 * determined which was the highest we support. 705 * 706 * [MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request 707 * "If a common dialect is not found, the server MUST fail 708 * the request with STATUS_NOT_SUPPORTED." 709 */ 710 if (best_version == 0) { 711 status = NT_STATUS_NOT_SUPPORTED; 712 goto errout; 713 } 714 715 /* 716 * Check for problems with the negotiate contexts. 717 */ 718 if (nctx_status != 0) { 719 status = nctx_status; 720 goto errout; 721 } 722 723 /* Allow normal SMB2 requests now. */ 724 s->dialect = best_version; 725 s->s_state = SMB_SESSION_STATE_NEGOTIATED; 726 s->newrq_func = smb2sr_newrq; 727 728 if (smb2_negotiate_common(sr, best_version) != 0) 729 status = NT_STATUS_INTERNAL_ERROR; 730 731 if (s->dialect >= SMB_VERS_3_11 && status == 0) { 732 if (smb31_encode_neg_ctxs(sr) != 0) 733 status = NT_STATUS_INTERNAL_ERROR; 734 } 735 736 errout: 737 sr->smb2_status = status; 738 DTRACE_SMB2_DONE(op__Negotiate, smb_request_t *, sr); 739 740 if (sr->smb2_status != 0) 741 smb2sr_put_error(sr, sr->smb2_status); 742 (void) smb2_encode_header(sr, B_TRUE); 743 744 if (s->dialect >= SMB_VERS_3_11 && sr->smb2_status == 0) { 745 ASSERT3U(s->smb31_preauth_hashid, !=, 0); 746 if (smb31_preauth_sha512_calc(sr, &sr->reply, 747 s->smb31_preauth_hashval, 748 s->smb31_preauth_hashval) != 0) 749 cmn_err(CE_WARN, "(1) Preauth hash calculation " 750 "failed"); 751 } 752 753 smb2_send_reply(sr); 754 755 return (rc); 756 } 757 758 /* 759 * Common parts of SMB2 Negotiate, used for both the 760 * SMB1-to-SMB2 style, and straight SMB2 style. 761 * Do negotiation decisions and encode the reply. 762 * The caller does the network send. 763 * 764 * Return value is 0 for success, else error. 765 */ 766 static int 767 smb2_negotiate_common(smb_request_t *sr, uint16_t version) 768 { 769 timestruc_t boot_tv, now_tv; 770 smb_session_t *s = sr->session; 771 smb2_arg_negotiate_t *nego = sr->arg.other; 772 int rc; 773 uint32_t max_rwsize; 774 uint16_t secmode; 775 uint16_t neg_ctx_cnt = 0; 776 uint32_t neg_ctx_off = 0; 777 778 /* 779 * Negotiation itself. First the Security Mode. 780 */ 781 secmode = SMB2_NEGOTIATE_SIGNING_ENABLED; 782 if (sr->sr_cfg->skc_signing_required) 783 secmode |= SMB2_NEGOTIATE_SIGNING_REQUIRED; 784 s->srv_secmode = secmode; 785 786 s->cmd_max_bytes = smb2_tcp_bufsize; 787 s->reply_max_bytes = smb2_tcp_bufsize; 788 789 /* 790 * "The number of credits held by the client MUST be considered 791 * as 1 when the connection is established." [MS-SMB2] 792 * We leave credits at 1 until the first successful 793 * session setup is completed. 794 */ 795 s->s_cur_credits = s->s_max_credits = 1; 796 sr->smb2_credit_response = 1; 797 798 boot_tv.tv_sec = smb_get_boottime(); 799 boot_tv.tv_nsec = 0; 800 now_tv.tv_sec = gethrestime_sec(); 801 now_tv.tv_nsec = 0; 802 803 /* 804 * If the version is 0x2FF, we haven't completed negotiate. 805 * Don't initialize until we have our final request. 806 */ 807 if (version != 0x2FF) 808 smb2_sign_init_mech(s); 809 if (version >= 0x311) 810 smb31_preauth_init_mech(s); 811 812 /* 813 * [MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request 814 * 815 * The SMB2.x capabilities are returned without regard for 816 * what capabilities the client provided in the request. 817 * The SMB3.x capabilities returned are the traditional 818 * logical AND of server and client capabilities, except 819 * for the SMB2.x capabilities which are what the server 820 * supports (regardless of the client capabilities). 821 * 822 * One additional check: If KCF is missing something we 823 * require for encryption, turn off that capability. 824 */ 825 if (s->dialect < SMB_VERS_2_1) { 826 /* SMB 2.002 */ 827 s->srv_cap = smb2srv_capabilities & SMB2_CAP_DFS; 828 } else if (s->dialect < SMB_VERS_3_0) { 829 /* SMB 2.x */ 830 s->srv_cap = smb2srv_capabilities & SMB_2X_CAPS; 831 } else { 832 /* SMB 3.0 or later */ 833 s->srv_cap = smb2srv_capabilities & 834 (SMB_2X_CAPS | s->capabilities); 835 836 if (s->dialect < SMB_VERS_3_11) 837 s->smb31_enc_cipherid = SMB3_CIPHER_AES128_CCM; 838 /* else from negotiate context */ 839 840 if ((s->srv_cap & SMB2_CAP_ENCRYPTION) != 0 && 841 smb3_encrypt_init_mech(s) != 0) { 842 s->srv_cap &= ~SMB2_CAP_ENCRYPTION; 843 } 844 845 if (s->dialect >= SMB_VERS_3_11) { 846 smb2_encrypt_caps_t *encap = 847 &nego->neg_in_ctxs.encrypt_ctx.encrypt_caps; 848 849 neg_ctx_cnt = 1; // always have preauth 850 851 if (encap->encap_cipher_count != 0) 852 neg_ctx_cnt++; 853 854 neg_ctx_off = NEG_CTX_OFFSET_OFFSET + 855 P2ROUNDUP(sr->sr_cfg->skc_negtok_len, 8); 856 857 ASSERT3U(s->smb31_preauth_hashid, !=, 0); 858 859 if (smb31_preauth_sha512_calc(sr, &sr->command, 860 s->smb31_preauth_hashval, 861 s->smb31_preauth_hashval) != 0) 862 cmn_err(CE_WARN, "(0) Preauth hash calculation " 863 "failed"); 864 } 865 } 866 867 /* 868 * See notes above smb2_max_rwsize, smb2_old_rwsize 869 */ 870 if (s->capabilities & SMB2_CAP_LARGE_MTU) 871 max_rwsize = smb2_max_rwsize; 872 else 873 max_rwsize = smb2_old_rwsize; 874 875 rc = smb_mbc_encodef( 876 &sr->reply, 877 "wwww#cllllTTwwl#c", 878 65, /* StructSize */ /* w */ 879 s->srv_secmode, /* w */ 880 version, /* w */ 881 neg_ctx_cnt, /* w */ 882 UUID_LEN, /* # */ 883 &s->s_cfg.skc_machine_uuid, /* c */ 884 s->srv_cap, /* l */ 885 smb2_max_trans, /* l */ 886 max_rwsize, /* l */ 887 max_rwsize, /* l */ 888 &now_tv, /* T */ 889 &boot_tv, /* T */ 890 128, /* SecBufOff */ /* w */ 891 sr->sr_cfg->skc_negtok_len, /* w */ 892 neg_ctx_off, /* l */ 893 sr->sr_cfg->skc_negtok_len, /* # */ 894 sr->sr_cfg->skc_negtok); /* c */ 895 896 /* Note: smb31_encode_neg_ctxs() follows in caller */ 897 898 /* smb2_send_reply(sr); in caller */ 899 900 (void) ksocket_setsockopt(s->sock, SOL_SOCKET, 901 SO_SNDBUF, (const void *)&smb2_tcp_bufsize, 902 sizeof (smb2_tcp_bufsize), CRED()); 903 (void) ksocket_setsockopt(s->sock, SOL_SOCKET, 904 SO_RCVBUF, (const void *)&smb2_tcp_bufsize, 905 sizeof (smb2_tcp_bufsize), CRED()); 906 907 return (rc); 908 } 909 910 /* 911 * SMB2 Dispatch table handler, which will run if we see an 912 * SMB2_NEGOTIATE after the initial negotiation is done. 913 * That would be a protocol error. 914 */ 915 smb_sdrc_t 916 smb2_negotiate(smb_request_t *sr) 917 { 918 sr->smb2_status = NT_STATUS_INVALID_PARAMETER; 919 return (SDRC_ERROR); 920 } 921 922 /* 923 * VALIDATE_NEGOTIATE_INFO [MS-SMB2] 2.2.32.6 924 */ 925 uint32_t 926 smb2_nego_validate(smb_request_t *sr, smb_fsctl_t *fsctl) 927 { 928 smb_session_t *s = sr->session; 929 int rc; 930 931 /* 932 * The spec. says to parse the VALIDATE_NEGOTIATE_INFO here 933 * and verify that the original negotiate was not modified. 934 * 935 * One interesting requirement here is that we MUST reply 936 * with exactly the same information as we returned in our 937 * original reply to the SMB2 negotiate on this session. 938 * If we don't the client closes the connection. 939 */ 940 941 uint32_t capabilities; 942 uint16_t secmode; 943 uint16_t num_dialects; 944 uint16_t dialects[SMB2_NEGOTIATE_MAX_DIALECTS]; 945 uint8_t clnt_guid[16]; 946 947 if (s->dialect >= SMB_VERS_3_11) 948 goto drop; 949 950 /* 951 * [MS-SMB2] 3.3.5.2.4 Verifying the Signature 952 * 953 * If the dialect is SMB3 and the message was successfully 954 * decrypted we MUST skip processing of the signature. 955 */ 956 if (!sr->encrypted && (sr->smb2_hdr_flags & SMB2_FLAGS_SIGNED) == 0) 957 goto drop; 958 959 if (fsctl->InputCount < 24) 960 goto drop; 961 962 (void) smb_mbc_decodef(fsctl->in_mbc, "l16cww", 963 &capabilities, /* l */ 964 &clnt_guid, /* 16c */ 965 &secmode, /* w */ 966 &num_dialects); /* w */ 967 968 if (num_dialects == 0 || num_dialects > SMB2_NEGOTIATE_MAX_DIALECTS) 969 goto drop; 970 if (secmode != s->cli_secmode) 971 goto drop; 972 if (capabilities != s->capabilities) 973 goto drop; 974 if (memcmp(clnt_guid, s->clnt_uuid, sizeof (clnt_guid)) != 0) 975 goto drop; 976 977 rc = smb_mbc_decodef(fsctl->in_mbc, "#w", num_dialects, dialects); 978 if (rc != 0) 979 goto drop; 980 981 /* 982 * MS-SMB2 says we should compare the dialects array with the 983 * one sent previously, but that appears to be unnecessary 984 * as long as we end up with the same dialect. 985 */ 986 if (smb2_find_best_dialect(s, dialects, num_dialects) != s->dialect) 987 goto drop; 988 989 rc = smb_mbc_encodef( 990 fsctl->out_mbc, "l#cww", 991 s->srv_cap, /* l */ 992 UUID_LEN, /* # */ 993 &s->s_cfg.skc_machine_uuid, /* c */ 994 s->srv_secmode, /* w */ 995 s->dialect); /* w */ 996 if (rc == 0) 997 return (rc); 998 999 drop: 1000 smb_session_disconnect(s); 1001 return (NT_STATUS_ACCESS_DENIED); 1002 } 1003