1 /* 2 * This file and its contents are supplied under the terms of the 3 * Common Development and Distribution License ("CDDL"), version 1.0. 4 * You may only use this file in accordance with the terms of version 5 * 1.0 of the CDDL. 6 * 7 * A full copy of the text of the CDDL should have accompanied this 8 * source. A copy of the CDDL is also available via the Internet at 9 * http://www.illumos.org/license/CDDL. 10 */ 11 12 /* 13 * Copyright 2019 Nexenta Systems, Inc. All rights reserved. 14 * Copyright 2022 RackTop Systems, Inc. 15 */ 16 17 /* 18 * Dispatch function for SMB2_NEGOTIATE 19 */ 20 21 #include <smbsrv/smb2_kproto.h> 22 #include <smbsrv/smb2.h> 23 #include <sys/random.h> 24 25 /* 26 * Note from [MS-SMB2] Sec. 2.2.3: Windows servers return 27 * invalid parameter if the dialect count is greater than 64 28 * This is here (and not in smb2.h) because this is technically 29 * an implementation detail, not protocol specification. 30 */ 31 #define SMB2_NEGOTIATE_MAX_DIALECTS 64 32 33 static int smb2_negotiate_common(smb_request_t *, uint16_t); 34 35 /* List of supported capabilities. Can be patched for testing. */ 36 uint32_t smb2srv_capabilities = 37 SMB2_CAP_DFS | 38 SMB2_CAP_LEASING | 39 SMB2_CAP_LARGE_MTU | 40 SMB2_CAP_PERSISTENT_HANDLES | 41 #ifndef _FAKE_KERNEL 42 SMB2_CAP_ENCRYPTION | 43 #endif 44 0; 45 46 /* These are the only capabilities defined for SMB2.X */ 47 #define SMB_2X_CAPS (SMB2_CAP_DFS | SMB2_CAP_LEASING | SMB2_CAP_LARGE_MTU) 48 49 /* 50 * These are not intended as customer tunables, but dev. & test folks 51 * might want to adjust them (with caution). 52 * 53 * smb2_tcp_bufsize is the TCP buffer size, applied to the network socket 54 * with setsockopt SO_SNDBUF, SO_RCVBUF. These set the TCP window size. 55 * This is also used as a "sanity limit" for internal send/reply message 56 * allocations. Note that with compounding SMB2 messages may contain 57 * multiple requests/responses. This size should be large enough for 58 * at least a few SMB2 requests, and at least 2X smb2_max_rwsize. 59 * 60 * smb2_max_rwsize is what we put in the SMB2 negotiate response to tell 61 * the client the largest read and write request size we'll support. 62 * For now, we're using contiguous allocations, so keep this at 64KB 63 * so that (even with message overhead) allocations stay below 128KB, 64 * avoiding kmem_alloc -> page_create_va thrashing. 65 * 66 * smb2_max_trans is the largest "transact" send or receive, which is 67 * used for directory listings and info set/get operations. 68 */ 69 uint32_t smb2_tcp_bufsize = (1<<22); /* 4MB */ 70 uint32_t smb2_max_rwsize = (1<<16); /* 64KB */ 71 uint32_t smb2_max_trans = (1<<16); /* 64KB */ 72 73 /* 74 * With clients (e.g. HP scanners) that don't advertise SMB2_CAP_LARGE_MTU 75 * (including all clients using dialect < SMB 2.1), use a "conservative" value 76 * for max r/w size because some older clients misbehave with larger values. 77 * 64KB is recommended in the [MS-SMB2] spec. (3.3.5.3.1 SMB 2.1 or SMB 3.x 78 * Support) as the minimum so we'll use that. 79 */ 80 uint32_t smb2_old_rwsize = (1<<16); /* 64KB */ 81 82 /* 83 * List of all SMB2 versions we implement. Note that the 84 * versions we support may be limited by the 85 * _cfg.skc_max_protocol and min_protocol settings. 86 */ 87 static uint16_t smb2_versions[] = { 88 0x202, /* SMB 2.002 */ 89 0x210, /* SMB 2.1 */ 90 0x300, /* SMB 3.0 */ 91 0x302, /* SMB 3.02 */ 92 0x311, /* SMB 3.11 */ 93 }; 94 static uint16_t smb2_nversions = 95 sizeof (smb2_versions) / sizeof (smb2_versions[0]); 96 97 enum smb2_neg_ctx_type { 98 SMB2_PREAUTH_INTEGRITY_CAPS = 1, 99 SMB2_ENCRYPTION_CAPS = 2, 100 SMB2_COMPRESSION_CAPS = 3, /* not imlemented */ 101 SMB2_NETNAME_NEGOTIATE_CONTEXT_ID = 5 /* not imlemented */ 102 }; 103 104 typedef struct smb2_negotiate_ctx { 105 uint16_t type; 106 uint16_t datalen; 107 } smb2_neg_ctx_t; 108 109 #define SMB31_PREAUTH_CTX_SALT_LEN 32 110 111 /* 112 * SMB 3.1.1 originally specified a single hashing algorithm - SHA-512 - and 113 * two encryption ones - AES-128-CCM and AES-128-GCM. 114 * Windows Server 2022 and Windows 11 introduced two further encryption 115 * algorithms - AES-256-CCM and AES-256-GCM. 116 */ 117 #define MAX_HASHID_NUM (1) 118 #define MAX_CIPHER_NUM (4) 119 120 typedef struct smb2_preauth_integrity_caps { 121 uint16_t picap_hash_count; 122 uint16_t picap_salt_len; 123 uint16_t picap_hash_id; 124 uint8_t picap_salt[SMB31_PREAUTH_CTX_SALT_LEN]; 125 } smb2_preauth_caps_t; 126 127 typedef struct smb2_encryption_caps { 128 uint16_t encap_cipher_count; 129 uint16_t encap_cipher_ids[MAX_CIPHER_NUM]; 130 } smb2_encrypt_caps_t; 131 132 /* 133 * The contexts we support 134 */ 135 typedef struct smb2_preauth_neg_ctx { 136 smb2_neg_ctx_t neg_ctx; 137 smb2_preauth_caps_t preauth_caps; 138 } smb2_preauth_neg_ctx_t; 139 140 typedef struct smb2_encrypt_neg_ctx { 141 smb2_neg_ctx_t neg_ctx; 142 smb2_encrypt_caps_t encrypt_caps; 143 } smb2_encrypt_neg_ctx_t; 144 145 typedef struct smb2_neg_ctxs { 146 uint32_t offset; 147 uint16_t count; 148 smb2_preauth_neg_ctx_t preauth_ctx; 149 smb2_encrypt_neg_ctx_t encrypt_ctx; 150 } smb2_neg_ctxs_t; 151 152 #define NEG_CTX_INFO_OFFSET (SMB2_HDR_SIZE + 28) 153 #define NEG_CTX_OFFSET_OFFSET (SMB2_HDR_SIZE + 64) 154 #define NEG_CTX_MAX_COUNT (16) 155 #define NEG_CTX_MAX_DATALEN (256) 156 157 #define STATUS_SMB_NO_PREAUTH_INEGRITY_HASH_OVERLAP (0xC05D0000) 158 159 #define STATUS_PREAUTH_HASH_OVERLAP \ 160 STATUS_SMB_NO_PREAUTH_INEGRITY_HASH_OVERLAP 161 162 #define SMB3_CIPHER_ENABLED(c, f) ((c) <= SMB3_CIPHER_MAX && \ 163 SMB3_CIPHER_BIT(c) & (f)) 164 165 typedef struct smb2_arg_negotiate { 166 struct smb2_neg_ctxs neg_in_ctxs; 167 struct smb2_neg_ctxs neg_out_ctxs; 168 uint16_t neg_dialect_cnt; 169 uint16_t neg_dialects[SMB2_NEGOTIATE_MAX_DIALECTS]; 170 uint16_t neg_highest_dialect; 171 } smb2_arg_negotiate_t; 172 173 174 static boolean_t 175 smb2_supported_version(smb_session_t *s, uint16_t version) 176 { 177 int i; 178 179 if (version > s->s_cfg.skc_max_protocol || 180 version < s->s_cfg.skc_min_protocol) 181 return (B_FALSE); 182 for (i = 0; i < smb2_nversions; i++) 183 if (version == smb2_versions[i]) 184 return (B_TRUE); 185 return (B_FALSE); 186 } 187 188 static uint16_t 189 smb2_find_best_dialect(smb_session_t *s, uint16_t cl_versions[], 190 uint16_t version_cnt) 191 { 192 uint16_t best_version = 0; 193 int i; 194 195 for (i = 0; i < version_cnt; i++) 196 if (smb2_supported_version(s, cl_versions[i]) && 197 best_version < cl_versions[i]) 198 best_version = cl_versions[i]; 199 200 return (best_version); 201 } 202 203 /* 204 * This function should be called only for dialect >= 0x311 205 * Negotiate context list should contain exactly one 206 * SMB2_PREAUTH_INTEGRITY_CAPS context. 207 * Otherwise STATUS_INVALID_PARAMETER. 208 * It should contain at least 1 hash algorith what server does support. 209 * Otehrwise STATUS_SMB_NO_PREAUTH_INEGRITY_HASH_OVERLAP. 210 */ 211 static uint32_t 212 smb31_decode_neg_ctxs(smb_request_t *sr) 213 { 214 smb_session_t *s = sr->session; 215 smb2_arg_negotiate_t *nego = sr->arg.other; 216 smb2_neg_ctxs_t *neg_ctxs = &nego->neg_in_ctxs; 217 smb2_preauth_caps_t *picap = &neg_ctxs->preauth_ctx.preauth_caps; 218 smb2_encrypt_caps_t *encap = &neg_ctxs->encrypt_ctx.encrypt_caps; 219 boolean_t found_sha512 = B_FALSE; 220 boolean_t found_cipher = B_FALSE; 221 uint16_t ciphers = sr->sr_server->sv_cfg.skc_encrypt_cipher; 222 uint32_t status = 0; 223 int32_t skip; 224 int found_preauth_ctx = 0; 225 int found_encrypt_ctx = 0; 226 int cnt, i; 227 int rc; 228 229 /* 230 * There should be exactly 1 SMB2_PREAUTH_INTEGRITY_CAPS negotiate ctx. 231 * SMB2_ENCRYPTION_CAPS is optional one. 232 * If there is no contexts or there are to many then stop parsing. 233 */ 234 cnt = neg_ctxs->count; 235 if (cnt < 1 || cnt > NEG_CTX_MAX_COUNT) { 236 status = NT_STATUS_INVALID_PARAMETER; 237 goto errout; 238 } 239 240 /* 241 * Cannot proceed parsing if the first context isn't aligned by 8. 242 */ 243 if (neg_ctxs->offset % 8 != 0) { 244 status = NT_STATUS_INVALID_PARAMETER; 245 goto errout; 246 } 247 248 if ((skip = neg_ctxs->offset - sr->command.chain_offset) != 0 && 249 smb_mbc_decodef(&sr->command, "#.", skip) != 0) { 250 status = NT_STATUS_INVALID_PARAMETER; 251 goto errout; 252 } 253 254 /* 255 * Parse negotiate contexts. Ignore non-decoding errors to fill 256 * as much as possible data for dtrace probe. 257 */ 258 for (i = 0; i < cnt; i++) { 259 smb2_neg_ctx_t neg_ctx; 260 int32_t ctx_end_off; 261 int32_t ctx_next_off; 262 263 if (i > 0) { 264 if ((skip = ctx_next_off - ctx_end_off) != 0 && 265 smb_mbc_decodef(&sr->command, "#.", skip) != 0) { 266 status = NT_STATUS_INVALID_PARAMETER; 267 goto errout; 268 } 269 } 270 271 rc = smb_mbc_decodef( 272 &sr->command, "ww4.", 273 &neg_ctx.type, /* w */ 274 &neg_ctx.datalen); /* w */ 275 if (rc != 0) { 276 status = NT_STATUS_INVALID_PARAMETER; 277 goto errout; 278 } 279 280 /* 281 * We got something crazy 282 */ 283 if (neg_ctx.datalen > NEG_CTX_MAX_DATALEN) { 284 status = NT_STATUS_INVALID_PARAMETER; 285 goto errout; 286 } 287 288 ctx_end_off = sr->command.chain_offset + neg_ctx.datalen; 289 ctx_next_off = P2ROUNDUP(ctx_end_off, 8); 290 291 switch (neg_ctx.type) { 292 case SMB2_PREAUTH_INTEGRITY_CAPS: 293 memcpy(&neg_ctxs->preauth_ctx.neg_ctx, &neg_ctx, 294 sizeof (neg_ctx)); 295 296 if (found_preauth_ctx++ != 0) { 297 status = NT_STATUS_INVALID_PARAMETER; 298 continue; 299 } 300 301 rc = smb_mbc_decodef( 302 &sr->command, "ww", 303 &picap->picap_hash_count, /* w */ 304 &picap->picap_salt_len); /* w */ 305 if (rc != 0 || picap->picap_hash_count > 306 MAX_HASHID_NUM) { 307 status = NT_STATUS_INVALID_PARAMETER; 308 goto errout; 309 } 310 311 /* 312 * Get hash id 313 */ 314 rc = smb_mbc_decodef( 315 &sr->command, "#w", 316 picap->picap_hash_count, 317 &picap->picap_hash_id); /* w */ 318 if (rc != 0) { 319 status = NT_STATUS_INVALID_PARAMETER; 320 goto errout; 321 } 322 323 /* 324 * Get salt 325 */ 326 rc = smb_mbc_decodef( 327 &sr->command, "#c", 328 sizeof (picap->picap_salt), 329 &picap->picap_salt[0]); /* w */ 330 if (rc != 0) { 331 status = NT_STATUS_INVALID_PARAMETER; 332 goto errout; 333 } 334 335 /* 336 * In SMB 0x311 there should be exactly 1 preauth 337 * negotiate context, and there should be exactly 1 338 * hash value in the list - SHA512. 339 */ 340 if (picap->picap_hash_count != 1) { 341 status = NT_STATUS_INVALID_PARAMETER; 342 continue; 343 } 344 345 if (picap->picap_hash_id == SMB3_HASH_SHA512) 346 found_sha512 = B_TRUE; 347 break; 348 case SMB2_ENCRYPTION_CAPS: 349 memcpy(&neg_ctxs->preauth_ctx.neg_ctx, &neg_ctx, 350 sizeof (neg_ctx)); 351 352 if (found_encrypt_ctx++ != 0) { 353 status = NT_STATUS_INVALID_PARAMETER; 354 continue; 355 } 356 357 rc = smb_mbc_decodef( 358 &sr->command, "w", 359 &encap->encap_cipher_count); /* w */ 360 if (rc != 0 || encap->encap_cipher_count > 361 MAX_CIPHER_NUM) { 362 status = NT_STATUS_INVALID_PARAMETER; 363 goto errout; 364 } 365 366 /* 367 * Get cipher list 368 */ 369 rc = smb_mbc_decodef( 370 &sr->command, "#w", 371 encap->encap_cipher_count, 372 &encap->encap_cipher_ids[0]); /* w */ 373 if (rc != 0) { 374 status = NT_STATUS_INVALID_PARAMETER; 375 goto errout; 376 } 377 378 /* 379 * Select the first enabled cipher. 380 * Client should list more prioritized ciphers first. 381 */ 382 for (int k = 0; k < encap->encap_cipher_count; k++) { 383 uint16_t c = encap->encap_cipher_ids[k]; 384 385 if (SMB3_CIPHER_ENABLED(c, ciphers)) { 386 s->smb31_enc_cipherid = c; 387 found_cipher = B_TRUE; 388 break; 389 } 390 } 391 break; 392 default: 393 ; 394 } 395 } 396 397 if (status) 398 goto errout; 399 400 /* Not found mandatory SMB2_PREAUTH_INTEGRITY_CAPS ctx */ 401 if (found_preauth_ctx != 1 || found_encrypt_ctx > 1) { 402 status = NT_STATUS_INVALID_PARAMETER; 403 goto errout; 404 } 405 406 if (!found_sha512) { 407 status = STATUS_PREAUTH_HASH_OVERLAP; 408 goto errout; 409 } 410 411 s->smb31_preauth_hashid = SMB3_HASH_SHA512; 412 413 if (!found_cipher) 414 s->smb31_enc_cipherid = 0; 415 416 errout: 417 return (status); 418 } 419 420 static int 421 smb31_encode_neg_ctxs(smb_request_t *sr) 422 { 423 smb_session_t *s = sr->session; 424 smb2_arg_negotiate_t *nego = sr->arg.other; 425 smb2_neg_ctxs_t *neg_ctxs = &nego->neg_out_ctxs; 426 smb2_preauth_caps_t *picap = &neg_ctxs->preauth_ctx.preauth_caps; 427 smb2_encrypt_caps_t *encap = &neg_ctxs->encrypt_ctx.encrypt_caps; 428 uint16_t salt_len = sizeof (picap->picap_salt); 429 uint32_t preauth_ctx_len = 6 + salt_len; 430 uint32_t enc_ctx_len = 4; 431 uint32_t neg_ctx_off = NEG_CTX_OFFSET_OFFSET + 432 P2ROUNDUP(sr->sr_cfg->skc_negtok_len, 8); 433 uint32_t rc; 434 435 bzero(neg_ctxs, sizeof (*neg_ctxs)); 436 437 if ((rc = smb_mbc_put_align(&sr->reply, 8)) != 0) 438 return (rc); 439 440 ASSERT3S(neg_ctx_off, ==, sr->reply.chain_offset); 441 442 encap->encap_cipher_ids[0] = s->smb31_enc_cipherid; 443 picap->picap_hash_id = s->smb31_preauth_hashid; 444 picap->picap_salt_len = salt_len; 445 446 (void) random_get_pseudo_bytes(picap->picap_salt, salt_len); 447 448 rc = smb_mbc_encodef( 449 &sr->reply, "ww4.", 450 SMB2_PREAUTH_INTEGRITY_CAPS, 451 preauth_ctx_len 452 /* 4. */); /* reserved */ 453 if (rc != 0) 454 return (rc); 455 456 rc = smb_mbc_encodef( 457 &sr->reply, "www#c", 458 1, /* hash algo count */ 459 salt_len, /* salt length */ 460 s->smb31_preauth_hashid, /* hash id */ 461 salt_len, /* salt length */ 462 picap->picap_salt); 463 464 /* aligned on 8-bytes boundary */ 465 if (rc != 0 || s->smb31_enc_cipherid == 0) { 466 cmn_err(CE_NOTE, "Encryption is not supported"); 467 return (rc); 468 } 469 470 if ((rc = smb_mbc_put_align(&sr->reply, 8)) != 0) 471 return (rc); 472 473 rc = smb_mbc_encodef( 474 &sr->reply, "ww4.", 475 SMB2_ENCRYPTION_CAPS, 476 enc_ctx_len 477 /* 4. */); /* reserved */ 478 479 rc = smb_mbc_encodef( 480 &sr->reply, "ww", 481 1, /* cipher count */ 482 s->smb31_enc_cipherid); /* encrypt. cipher id */ 483 484 return (rc); 485 } 486 487 /* 488 * Helper for the (SMB1) smb_com_negotiate(). This is the 489 * very unusual protocol interaction where an SMB1 negotiate 490 * gets an SMB2 negotiate response. This is the normal way 491 * clients first find out if the server supports SMB2. 492 * 493 * Note: This sends an SMB2 reply _itself_ and then returns 494 * SDRC_NO_REPLY so the caller will not send an SMB1 reply. 495 * Also, this is called directly from the reader thread, so 496 * we know this is the only thread using this session. 497 * Otherwise, this is similar to smb2_newrq_negotiate(). 498 * 499 * The caller frees this request. 500 */ 501 smb_sdrc_t 502 smb1_negotiate_smb2(smb_request_t *sr) 503 { 504 smb_session_t *s = sr->session; 505 smb_arg_negotiate_t *negprot = sr->sr_negprot; 506 uint16_t smb2_version; 507 508 /* 509 * Note: In the SMB1 negotiate command handler, we 510 * agreed with one of the SMB2 dialects. If that 511 * dialect was "SMB 2.002", we'll respond here with 512 * version 0x202 and negotiation is done. If that 513 * dialect was "SMB 2.???", we'll respond here with 514 * the "wildcard" version 0x2FF, and the client will 515 * come back with an SMB2 negotiate. 516 */ 517 switch (negprot->ni_dialect) { 518 case DIALECT_SMB2002: /* SMB 2.002 (a.k.a. SMB2.0) */ 519 smb2_version = SMB_VERS_2_002; 520 s->dialect = smb2_version; 521 s->s_state = SMB_SESSION_STATE_NEGOTIATED; 522 /* Allow normal SMB2 requests now. */ 523 s->newrq_func = smb2sr_newrq; 524 break; 525 case DIALECT_SMB2XXX: /* SMB 2.??? (wildcard vers) */ 526 /* 527 * Expecting an SMB2 negotiate next, so keep the 528 * initial s->newrq_func. 529 */ 530 smb2_version = 0x2FF; 531 break; 532 default: 533 return (SDRC_DROP_VC); 534 } 535 536 /* 537 * We did not decode an SMB2 header, so make sure 538 * the SMB2 header fields are initialized. 539 * (Most are zero from smb_request_alloc.) 540 * Also, the SMB1 common dispatch code reserved space 541 * for an SMB1 header, which we need to undo here. 542 */ 543 sr->smb2_reply_hdr = sr->reply.chain_offset = 0; 544 sr->smb2_cmd_code = SMB2_NEGOTIATE; 545 sr->smb2_hdr_flags = SMB2_FLAGS_SERVER_TO_REDIR; 546 547 /* 548 * Also setup SMB2 negotiate args (empty here). 549 * SMB1 args free'd by smb_srm_fini(sr) 550 */ 551 sr->arg.other = smb_srm_zalloc(sr, sizeof (smb2_arg_negotiate_t)); 552 553 (void) smb2_encode_header(sr, B_FALSE); 554 if (smb2_negotiate_common(sr, smb2_version) != 0) 555 sr->smb2_status = NT_STATUS_INTERNAL_ERROR; 556 if (sr->smb2_status != 0) 557 smb2sr_put_error(sr, sr->smb2_status); 558 (void) smb2_encode_header(sr, B_TRUE); 559 560 smb2_send_reply(sr); 561 562 /* 563 * We sent the reply, so tell the SMB1 dispatch 564 * it should NOT (also) send a reply. 565 */ 566 return (SDRC_NO_REPLY); 567 } 568 569 /* 570 * SMB2 Negotiate gets special handling. This is called directly by 571 * the reader thread (see smbsr_newrq_initial) with what _should_ be 572 * an SMB2 Negotiate. Only the "\feSMB" header has been checked 573 * when this is called, so this needs to check the SMB command, 574 * if it's Negotiate execute it, then send the reply, etc. 575 * 576 * Since this is called directly from the reader thread, we 577 * know this is the only thread currently using this session. 578 * This has to duplicate some of what smb2sr_work does as a 579 * result of bypassing the normal dispatch mechanism. 580 * 581 * The caller always frees this request. 582 * 583 * Return value is 0 for success, and anything else will 584 * terminate the reader thread (drop the connection). 585 */ 586 int 587 smb2_newrq_negotiate(smb_request_t *sr) 588 { 589 smb_session_t *s = sr->session; 590 smb2_arg_negotiate_t *nego; 591 int rc; 592 uint32_t nctx_status = 0; 593 uint32_t status = 0; 594 uint32_t neg_ctx_off; 595 uint16_t neg_ctx_cnt; 596 uint16_t struct_size; 597 uint16_t dialect_cnt; 598 uint16_t best_version; 599 600 nego = smb_srm_zalloc(sr, sizeof (smb2_arg_negotiate_t)); 601 sr->arg.other = nego; // for dtrace 602 603 sr->smb2_cmd_hdr = sr->command.chain_offset; 604 rc = smb2_decode_header(sr); 605 if (rc != 0) 606 return (rc); 607 608 if (sr->smb2_hdr_flags & SMB2_FLAGS_SERVER_TO_REDIR) 609 return (-1); 610 611 if ((sr->smb2_cmd_code != SMB2_NEGOTIATE) || 612 (sr->smb2_next_command != 0)) 613 return (-1); 614 615 /* 616 * Decode SMB2 Negotiate (fixed-size part) 617 */ 618 rc = smb_mbc_decodef( 619 &sr->command, "www..l16clw..", 620 &struct_size, /* w */ 621 &dialect_cnt, /* w */ 622 &s->cli_secmode, /* w */ 623 /* reserved (..) */ 624 &s->capabilities, /* l */ 625 s->clnt_uuid, /* 16c */ 626 &neg_ctx_off, /* l */ 627 &neg_ctx_cnt); /* w */ 628 /* reserverd (..) */ 629 if (rc != 0) 630 return (rc); 631 if (struct_size != 36) 632 return (-1); 633 634 /* 635 * Decode SMB2 Negotiate (variable part) 636 * 637 * Be somewhat tolerant while decoding the variable part 638 * so we can return errors instead of dropping the client. 639 * Will limit decoding to the size of cli_dialects here, 640 * and do error checks on the decoded dialect_cnt after the 641 * dtrace start probe. 642 */ 643 if (dialect_cnt > SMB2_NEGOTIATE_MAX_DIALECTS) 644 nego->neg_dialect_cnt = SMB2_NEGOTIATE_MAX_DIALECTS; 645 else 646 nego->neg_dialect_cnt = dialect_cnt; 647 if (nego->neg_dialect_cnt > 0) { 648 rc = smb_mbc_decodef(&sr->command, "#w", 649 nego->neg_dialect_cnt, 650 nego->neg_dialects); 651 if (rc != 0) 652 return (rc); // short msg 653 } 654 655 best_version = smb2_find_best_dialect(s, nego->neg_dialects, 656 nego->neg_dialect_cnt); 657 658 if (best_version >= SMB_VERS_3_11) { 659 nego->neg_in_ctxs.offset = neg_ctx_off; 660 nego->neg_in_ctxs.count = neg_ctx_cnt; 661 nctx_status = smb31_decode_neg_ctxs(sr); 662 /* check nctx_status below */ 663 } 664 665 DTRACE_SMB2_START(op__Negotiate, smb_request_t *, sr); 666 667 sr->smb2_credit_response = 1; 668 sr->smb2_hdr_flags |= SMB2_FLAGS_SERVER_TO_REDIR; 669 (void) smb2_encode_header(sr, B_FALSE); 670 671 /* 672 * NOW start validating things (NOT before here) 673 */ 674 675 /* 676 * [MS-SMB2] 3.3.5.2.4 Verifying the Signature 677 * "If the SMB2 header of the SMB2 NEGOTIATE request has the 678 * SMB2_FLAGS_SIGNED bit set in the Flags field, the server 679 * MUST fail the request with STATUS_INVALID_PARAMETER." 680 */ 681 if ((sr->smb2_hdr_flags & SMB2_FLAGS_SIGNED) != 0) { 682 sr->smb2_hdr_flags &= ~SMB2_FLAGS_SIGNED; 683 status = NT_STATUS_INVALID_PARAMETER; 684 goto errout; 685 } 686 687 /* 688 * [MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request 689 * "If the DialectCount of the SMB2 NEGOTIATE Request is 0, the 690 * server MUST fail the request with STATUS_INVALID_PARAMETER." 691 * Checking the decoded value here, not the constrained one. 692 */ 693 if (dialect_cnt == 0 || 694 dialect_cnt > SMB2_NEGOTIATE_MAX_DIALECTS) { 695 status = NT_STATUS_INVALID_PARAMETER; 696 goto errout; 697 } 698 699 /* 700 * We decoded the offered dialects above, and 701 * determined which was the highest we support. 702 * 703 * [MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request 704 * "If a common dialect is not found, the server MUST fail 705 * the request with STATUS_NOT_SUPPORTED." 706 */ 707 if (best_version == 0) { 708 status = NT_STATUS_NOT_SUPPORTED; 709 goto errout; 710 } 711 712 /* 713 * Check for problems with the negotiate contexts. 714 */ 715 if (nctx_status != 0) { 716 status = nctx_status; 717 goto errout; 718 } 719 720 /* Allow normal SMB2 requests now. */ 721 s->dialect = best_version; 722 s->s_state = SMB_SESSION_STATE_NEGOTIATED; 723 s->newrq_func = smb2sr_newrq; 724 725 if (smb2_negotiate_common(sr, best_version) != 0) 726 status = NT_STATUS_INTERNAL_ERROR; 727 728 if (s->dialect >= SMB_VERS_3_11 && status == 0) { 729 if (smb31_encode_neg_ctxs(sr) != 0) 730 status = NT_STATUS_INTERNAL_ERROR; 731 } 732 733 errout: 734 sr->smb2_status = status; 735 DTRACE_SMB2_DONE(op__Negotiate, smb_request_t *, sr); 736 737 if (sr->smb2_status != 0) 738 smb2sr_put_error(sr, sr->smb2_status); 739 (void) smb2_encode_header(sr, B_TRUE); 740 741 if (s->dialect >= SMB_VERS_3_11 && sr->smb2_status == 0) { 742 ASSERT3U(s->smb31_preauth_hashid, !=, 0); 743 if (smb31_preauth_sha512_calc(sr, &sr->reply, 744 s->smb31_preauth_hashval, 745 s->smb31_preauth_hashval) != 0) 746 cmn_err(CE_WARN, "(1) Preauth hash calculation " 747 "failed"); 748 } 749 750 smb2_send_reply(sr); 751 752 return (rc); 753 } 754 755 /* 756 * Common parts of SMB2 Negotiate, used for both the 757 * SMB1-to-SMB2 style, and straight SMB2 style. 758 * Do negotiation decisions and encode the reply. 759 * The caller does the network send. 760 * 761 * Return value is 0 for success, else error. 762 */ 763 static int 764 smb2_negotiate_common(smb_request_t *sr, uint16_t version) 765 { 766 timestruc_t boot_tv, now_tv; 767 smb_session_t *s = sr->session; 768 int rc; 769 uint32_t max_rwsize; 770 uint16_t secmode; 771 uint16_t neg_ctx_cnt = 0; 772 uint32_t neg_ctx_off = 0; 773 774 /* 775 * Negotiation itself. First the Security Mode. 776 */ 777 secmode = SMB2_NEGOTIATE_SIGNING_ENABLED; 778 if (sr->sr_cfg->skc_signing_required) 779 secmode |= SMB2_NEGOTIATE_SIGNING_REQUIRED; 780 s->srv_secmode = secmode; 781 782 s->cmd_max_bytes = smb2_tcp_bufsize; 783 s->reply_max_bytes = smb2_tcp_bufsize; 784 785 /* 786 * "The number of credits held by the client MUST be considered 787 * as 1 when the connection is established." [MS-SMB2] 788 * We leave credits at 1 until the first successful 789 * session setup is completed. 790 */ 791 s->s_cur_credits = s->s_max_credits = 1; 792 sr->smb2_credit_response = 1; 793 794 boot_tv.tv_sec = smb_get_boottime(); 795 boot_tv.tv_nsec = 0; 796 now_tv.tv_sec = gethrestime_sec(); 797 now_tv.tv_nsec = 0; 798 799 /* 800 * If the version is 0x2FF, we haven't completed negotiate. 801 * Don't initialize until we have our final request. 802 */ 803 if (version != 0x2FF) 804 smb2_sign_init_mech(s); 805 if (version >= 0x311) 806 smb31_preauth_init_mech(s); 807 808 /* 809 * [MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request 810 * 811 * The SMB2.x capabilities are returned without regard for 812 * what capabilities the client provided in the request. 813 * The SMB3.x capabilities returned are the traditional 814 * logical AND of server and client capabilities. 815 * 816 * One additional check: If KCF is missing something we 817 * require for encryption, turn off that capability. 818 */ 819 if (s->dialect < SMB_VERS_2_1) { 820 /* SMB 2.002 */ 821 s->srv_cap = smb2srv_capabilities & SMB2_CAP_DFS; 822 } else if (s->dialect < SMB_VERS_3_0) { 823 /* SMB 2.x */ 824 s->srv_cap = smb2srv_capabilities & SMB_2X_CAPS; 825 } else { 826 /* SMB 3.0 or later */ 827 s->srv_cap = smb2srv_capabilities & 828 (SMB_2X_CAPS | s->capabilities); 829 if ((s->srv_cap & SMB2_CAP_ENCRYPTION) != 0 && 830 smb3_encrypt_init_mech(s) != 0) { 831 s->srv_cap &= ~SMB2_CAP_ENCRYPTION; 832 s->smb31_enc_cipherid = 0; 833 } 834 835 if (s->dialect >= SMB_VERS_3_11) { 836 neg_ctx_cnt = s->smb31_enc_cipherid == 0 ? 1 : 2; 837 neg_ctx_off = NEG_CTX_OFFSET_OFFSET + 838 P2ROUNDUP(sr->sr_cfg->skc_negtok_len, 8); 839 840 ASSERT3U(s->smb31_preauth_hashid, !=, 0); 841 842 if (smb31_preauth_sha512_calc(sr, &sr->command, 843 s->smb31_preauth_hashval, 844 s->smb31_preauth_hashval) != 0) 845 cmn_err(CE_WARN, "(0) Preauth hash calculation " 846 "failed"); 847 } 848 } 849 850 /* 851 * See notes above smb2_max_rwsize, smb2_old_rwsize 852 */ 853 if (s->capabilities & SMB2_CAP_LARGE_MTU) 854 max_rwsize = smb2_max_rwsize; 855 else 856 max_rwsize = smb2_old_rwsize; 857 858 rc = smb_mbc_encodef( 859 &sr->reply, 860 "wwww#cllllTTwwl#c", 861 65, /* StructSize */ /* w */ 862 s->srv_secmode, /* w */ 863 version, /* w */ 864 neg_ctx_cnt, /* w */ 865 UUID_LEN, /* # */ 866 &s->s_cfg.skc_machine_uuid, /* c */ 867 s->srv_cap, /* l */ 868 smb2_max_trans, /* l */ 869 max_rwsize, /* l */ 870 max_rwsize, /* l */ 871 &now_tv, /* T */ 872 &boot_tv, /* T */ 873 128, /* SecBufOff */ /* w */ 874 sr->sr_cfg->skc_negtok_len, /* w */ 875 neg_ctx_off, /* l */ 876 sr->sr_cfg->skc_negtok_len, /* # */ 877 sr->sr_cfg->skc_negtok); /* c */ 878 879 880 881 /* smb2_send_reply(sr); in caller */ 882 883 (void) ksocket_setsockopt(s->sock, SOL_SOCKET, 884 SO_SNDBUF, (const void *)&smb2_tcp_bufsize, 885 sizeof (smb2_tcp_bufsize), CRED()); 886 (void) ksocket_setsockopt(s->sock, SOL_SOCKET, 887 SO_RCVBUF, (const void *)&smb2_tcp_bufsize, 888 sizeof (smb2_tcp_bufsize), CRED()); 889 890 return (rc); 891 } 892 893 /* 894 * SMB2 Dispatch table handler, which will run if we see an 895 * SMB2_NEGOTIATE after the initial negotiation is done. 896 * That would be a protocol error. 897 */ 898 smb_sdrc_t 899 smb2_negotiate(smb_request_t *sr) 900 { 901 sr->smb2_status = NT_STATUS_INVALID_PARAMETER; 902 return (SDRC_ERROR); 903 } 904 905 /* 906 * VALIDATE_NEGOTIATE_INFO [MS-SMB2] 2.2.32.6 907 */ 908 uint32_t 909 smb2_nego_validate(smb_request_t *sr, smb_fsctl_t *fsctl) 910 { 911 smb_session_t *s = sr->session; 912 int rc; 913 914 /* 915 * The spec. says to parse the VALIDATE_NEGOTIATE_INFO here 916 * and verify that the original negotiate was not modified. 917 * 918 * One interesting requirement here is that we MUST reply 919 * with exactly the same information as we returned in our 920 * original reply to the SMB2 negotiate on this session. 921 * If we don't the client closes the connection. 922 */ 923 924 uint32_t capabilities; 925 uint16_t secmode; 926 uint16_t num_dialects; 927 uint16_t dialects[SMB2_NEGOTIATE_MAX_DIALECTS]; 928 uint8_t clnt_guid[16]; 929 930 if (s->dialect >= SMB_VERS_3_11) 931 goto drop; 932 933 /* 934 * [MS-SMB2] 3.3.5.2.4 Verifying the Signature 935 * 936 * If the dialect is SMB3 and the message was successfully 937 * decrypted we MUST skip processing of the signature. 938 */ 939 if (!sr->encrypted && (sr->smb2_hdr_flags & SMB2_FLAGS_SIGNED) == 0) 940 goto drop; 941 942 if (fsctl->InputCount < 24) 943 goto drop; 944 945 (void) smb_mbc_decodef(fsctl->in_mbc, "l16cww", 946 &capabilities, /* l */ 947 &clnt_guid, /* 16c */ 948 &secmode, /* w */ 949 &num_dialects); /* w */ 950 951 if (num_dialects == 0 || num_dialects > SMB2_NEGOTIATE_MAX_DIALECTS) 952 goto drop; 953 if (secmode != s->cli_secmode) 954 goto drop; 955 if (capabilities != s->capabilities) 956 goto drop; 957 if (memcmp(clnt_guid, s->clnt_uuid, sizeof (clnt_guid)) != 0) 958 goto drop; 959 960 rc = smb_mbc_decodef(fsctl->in_mbc, "#w", num_dialects, dialects); 961 if (rc != 0) 962 goto drop; 963 964 /* 965 * MS-SMB2 says we should compare the dialects array with the 966 * one sent previously, but that appears to be unnecessary 967 * as long as we end up with the same dialect. 968 */ 969 if (smb2_find_best_dialect(s, dialects, num_dialects) != s->dialect) 970 goto drop; 971 972 rc = smb_mbc_encodef( 973 fsctl->out_mbc, "l#cww", 974 s->srv_cap, /* l */ 975 UUID_LEN, /* # */ 976 &s->s_cfg.skc_machine_uuid, /* c */ 977 s->srv_secmode, /* w */ 978 s->dialect); /* w */ 979 if (rc == 0) 980 return (rc); 981 982 drop: 983 smb_session_disconnect(s); 984 return (NT_STATUS_ACCESS_DENIED); 985 } 986