1 /* 2 * This file and its contents are supplied under the terms of the 3 * Common Development and Distribution License ("CDDL"), version 1.0. 4 * You may only use this file in accordance with the terms of version 5 * 1.0 of the CDDL. 6 * 7 * A full copy of the text of the CDDL should have accompanied this 8 * source. A copy of the CDDL is also available via the Internet at 9 * http://www.illumos.org/license/CDDL. 10 */ 11 12 /* 13 * Copyright 2019 Nexenta Systems, Inc. All rights reserved. 14 * Copyright 2021 RackTop Systems, Inc. 15 */ 16 17 /* 18 * Dispatch function for SMB2_NEGOTIATE 19 */ 20 21 #include <smbsrv/smb2_kproto.h> 22 #include <smbsrv/smb2.h> 23 #include <sys/random.h> 24 25 static int smb2_negotiate_common(smb_request_t *, uint16_t); 26 27 /* List of supported capabilities. Can be patched for testing. */ 28 uint32_t smb2srv_capabilities = 29 SMB2_CAP_DFS | 30 SMB2_CAP_LEASING | 31 SMB2_CAP_LARGE_MTU | 32 SMB2_CAP_PERSISTENT_HANDLES | 33 SMB2_CAP_ENCRYPTION; 34 35 /* These are the only capabilities defined for SMB2.X */ 36 #define SMB_2X_CAPS (SMB2_CAP_DFS | SMB2_CAP_LEASING | SMB2_CAP_LARGE_MTU) 37 38 /* 39 * These are not intended as customer tunables, but dev. & test folks 40 * might want to adjust them (with caution). 41 * 42 * smb2_tcp_bufsize is the TCP buffer size, applied to the network socket 43 * with setsockopt SO_SNDBUF, SO_RCVBUF. These set the TCP window size. 44 * This is also used as a "sanity limit" for internal send/reply message 45 * allocations. Note that with compounding SMB2 messages may contain 46 * multiple requests/responses. This size should be large enough for 47 * at least a few SMB2 requests, and at least 2X smb2_max_rwsize. 48 * 49 * smb2_max_rwsize is what we put in the SMB2 negotiate response to tell 50 * the client the largest read and write request size we'll support. 51 * For now, we're using contiguous allocations, so keep this at 64KB 52 * so that (even with message overhead) allocations stay below 128KB, 53 * avoiding kmem_alloc -> page_create_va thrashing. 54 * 55 * smb2_max_trans is the largest "transact" send or receive, which is 56 * used for directory listings and info set/get operations. 57 */ 58 uint32_t smb2_tcp_bufsize = (1<<22); /* 4MB */ 59 uint32_t smb2_max_rwsize = (1<<16); /* 64KB */ 60 uint32_t smb2_max_trans = (1<<16); /* 64KB */ 61 62 /* 63 * With clients (e.g. HP scanners) that don't advertise SMB2_CAP_LARGE_MTU 64 * (including all clients using dialect < SMB 2.1), use a "conservative" value 65 * for max r/w size because some older clients misbehave with larger values. 66 * 64KB is recommended in the [MS-SMB2] spec. (3.3.5.3.1 SMB 2.1 or SMB 3.x 67 * Support) as the minimum so we'll use that. 68 */ 69 uint32_t smb2_old_rwsize = (1<<16); /* 64KB */ 70 71 /* 72 * List of all SMB2 versions we implement. Note that the 73 * versions we support may be limited by the 74 * _cfg.skc_max_protocol and min_protocol settings. 75 */ 76 static uint16_t smb2_versions[] = { 77 0x202, /* SMB 2.002 */ 78 0x210, /* SMB 2.1 */ 79 0x300, /* SMB 3.0 */ 80 0x302, /* SMB 3.02 */ 81 0x311, /* SMB 3.11 */ 82 }; 83 static uint16_t smb2_nversions = 84 sizeof (smb2_versions) / sizeof (smb2_versions[0]); 85 86 static boolean_t 87 smb2_supported_version(smb_session_t *s, uint16_t version) 88 { 89 int i; 90 91 if (version > s->s_cfg.skc_max_protocol || 92 version < s->s_cfg.skc_min_protocol) 93 return (B_FALSE); 94 for (i = 0; i < smb2_nversions; i++) 95 if (version == smb2_versions[i]) 96 return (B_TRUE); 97 return (B_FALSE); 98 } 99 100 /* 101 * Helper for the (SMB1) smb_com_negotiate(). This is the 102 * very unusual protocol interaction where an SMB1 negotiate 103 * gets an SMB2 negotiate response. This is the normal way 104 * clients first find out if the server supports SMB2. 105 * 106 * Note: This sends an SMB2 reply _itself_ and then returns 107 * SDRC_NO_REPLY so the caller will not send an SMB1 reply. 108 * Also, this is called directly from the reader thread, so 109 * we know this is the only thread using this session. 110 * 111 * The caller frees this request. 112 */ 113 smb_sdrc_t 114 smb1_negotiate_smb2(smb_request_t *sr) 115 { 116 smb_session_t *s = sr->session; 117 smb_arg_negotiate_t *negprot = sr->sr_negprot; 118 uint16_t smb2_version; 119 120 /* 121 * Note: In the SMB1 negotiate command handler, we 122 * agreed with one of the SMB2 dialects. If that 123 * dialect was "SMB 2.002", we'll respond here with 124 * version 0x202 and negotiation is done. If that 125 * dialect was "SMB 2.???", we'll respond here with 126 * the "wildcard" version 0x2FF, and the client will 127 * come back with an SMB2 negotiate. 128 */ 129 switch (negprot->ni_dialect) { 130 case DIALECT_SMB2002: /* SMB 2.002 (a.k.a. SMB2.0) */ 131 smb2_version = SMB_VERS_2_002; 132 s->dialect = smb2_version; 133 s->s_state = SMB_SESSION_STATE_NEGOTIATED; 134 /* Allow normal SMB2 requests now. */ 135 s->newrq_func = smb2sr_newrq; 136 break; 137 case DIALECT_SMB2XXX: /* SMB 2.??? (wildcard vers) */ 138 /* 139 * Expecting an SMB2 negotiate next, so keep the 140 * initial s->newrq_func. 141 */ 142 smb2_version = 0x2FF; 143 break; 144 default: 145 return (SDRC_DROP_VC); 146 } 147 148 /* 149 * We did not decode an SMB2 header, so make sure 150 * the SMB2 header fields are initialized. 151 * (Most are zero from smb_request_alloc.) 152 * Also, the SMB1 common dispatch code reserved space 153 * for an SMB1 header, which we need to undo here. 154 */ 155 sr->smb2_reply_hdr = sr->reply.chain_offset = 0; 156 sr->smb2_cmd_code = SMB2_NEGOTIATE; 157 sr->smb2_hdr_flags = SMB2_FLAGS_SERVER_TO_REDIR; 158 159 (void) smb2_encode_header(sr, B_FALSE); 160 if (smb2_negotiate_common(sr, smb2_version) != 0) 161 sr->smb2_status = NT_STATUS_INTERNAL_ERROR; 162 if (sr->smb2_status != 0) 163 smb2sr_put_error(sr, sr->smb2_status); 164 (void) smb2_encode_header(sr, B_TRUE); 165 166 smb2_send_reply(sr); 167 168 /* 169 * We sent the reply, so tell the SMB1 dispatch 170 * it should NOT (also) send a reply. 171 */ 172 return (SDRC_NO_REPLY); 173 } 174 175 static uint16_t 176 smb2_find_best_dialect(smb_session_t *s, uint16_t cl_versions[], 177 uint16_t version_cnt) 178 { 179 uint16_t best_version = 0; 180 int i; 181 182 for (i = 0; i < version_cnt; i++) 183 if (smb2_supported_version(s, cl_versions[i]) && 184 best_version < cl_versions[i]) 185 best_version = cl_versions[i]; 186 187 return (best_version); 188 } 189 190 /* 191 * SMB2 Negotiate gets special handling. This is called directly by 192 * the reader thread (see smbsr_newrq_initial) with what _should_ be 193 * an SMB2 Negotiate. Only the "\feSMB" header has been checked 194 * when this is called, so this needs to check the SMB command, 195 * if it's Negotiate execute it, then send the reply, etc. 196 * 197 * Since this is called directly from the reader thread, we 198 * know this is the only thread currently using this session. 199 * This has to duplicate some of what smb2sr_work does as a 200 * result of bypassing the normal dispatch mechanism. 201 * 202 * The caller always frees this request. 203 * 204 * Return value is 0 for success, and anything else will 205 * terminate the reader thread (drop the connection). 206 */ 207 enum smb2_neg_ctx_type { 208 SMB2_PREAUTH_INTEGRITY_CAPS = 1, 209 SMB2_ENCRYPTION_CAPS = 2, 210 SMB2_COMPRESSION_CAPS = 3, /* not imlemented */ 211 SMB2_NETNAME_NEGOTIATE_CONTEXT_ID = 5 /* not imlemented */ 212 }; 213 214 typedef struct smb2_negotiate_ctx { 215 uint16_t type; 216 uint16_t datalen; 217 } smb2_neg_ctx_t; 218 219 #define SMB31_PREAUTH_CTX_SALT_LEN 32 220 221 /* 222 * SMB 3.1.1 originally specified a single hashing algorithm - SHA-512 - and 223 * two encryption ones - AES-128-CCM and AES-128-GCM. 224 * Windows Server 2022 and Windows 11 introduced two further encryption 225 * algorithms - AES-256-CCM and AES-256-GCM. 226 */ 227 #define MAX_HASHID_NUM (1) 228 #define MAX_CIPHER_NUM (4) 229 230 typedef struct smb2_preauth_integrity_caps { 231 uint16_t picap_hash_count; 232 uint16_t picap_salt_len; 233 uint16_t picap_hash_id; 234 uint8_t picap_salt[SMB31_PREAUTH_CTX_SALT_LEN]; 235 } smb2_preauth_caps_t; 236 237 typedef struct smb2_encryption_caps { 238 uint16_t encap_cipher_count; 239 uint16_t encap_cipher_ids[MAX_CIPHER_NUM]; 240 } smb2_encrypt_caps_t; 241 242 /* 243 * The contexts we support 244 */ 245 typedef struct smb2_preauth_neg_ctx { 246 smb2_neg_ctx_t neg_ctx; 247 smb2_preauth_caps_t preauth_caps; 248 } smb2_preauth_neg_ctx_t; 249 250 typedef struct smb2_encrypt_neg_ctx { 251 smb2_neg_ctx_t neg_ctx; 252 smb2_encrypt_caps_t encrypt_caps; 253 } smb2_encrypt_neg_ctx_t; 254 255 typedef struct smb2_neg_ctxs { 256 uint32_t offset; 257 uint16_t count; 258 smb2_preauth_neg_ctx_t preauth_ctx; 259 smb2_encrypt_neg_ctx_t encrypt_ctx; 260 } smb2_neg_ctxs_t; 261 262 #define NEG_CTX_INFO_OFFSET (SMB2_HDR_SIZE + 28) 263 #define NEG_CTX_OFFSET_OFFSET (SMB2_HDR_SIZE + 64) 264 #define NEG_CTX_MAX_COUNT (16) 265 #define NEG_CTX_MAX_DATALEN (256) 266 267 #define STATUS_SMB_NO_PREAUTH_INEGRITY_HASH_OVERLAP (0xC05D0000) 268 269 #define STATUS_PREAUTH_HASH_OVERLAP \ 270 STATUS_SMB_NO_PREAUTH_INEGRITY_HASH_OVERLAP 271 272 /* 273 * This function should be called only for dialect >= 0x311 274 * Negotiate context list should contain exactly one 275 * SMB2_PREAUTH_INTEGRITY_CAPS context. 276 * Otherwise STATUS_INVALID_PARAMETER. 277 * It should contain at least 1 hash algorith what server does support. 278 * Otehrwise STATUS_SMB_NO_PREAUTH_INEGRITY_HASH_OVERLAP. 279 */ 280 static uint32_t 281 smb31_decode_neg_ctxs(smb_request_t *sr, smb2_neg_ctxs_t *neg_ctxs) 282 { 283 smb_session_t *s = sr->session; 284 smb2_preauth_caps_t *picap = &neg_ctxs->preauth_ctx.preauth_caps; 285 smb2_encrypt_caps_t *encap = &neg_ctxs->encrypt_ctx.encrypt_caps; 286 boolean_t preauth_sha512_enabled = B_FALSE; 287 boolean_t encrypt_ccm_enabled = B_FALSE; 288 boolean_t encrypt_gcm_enabled = B_FALSE; 289 uint16_t cipher = sr->sr_server->sv_cfg.skc_encrypt_cipher; 290 uint32_t status = 0; 291 int32_t skip; 292 int found_preauth_ctx = 0; 293 int found_encrypt_ctx = 0; 294 int cnt, i; 295 int rc; 296 297 sr->command.chain_offset = NEG_CTX_INFO_OFFSET; 298 299 rc = smb_mbc_decodef(&sr->command, "lw2.", 300 &neg_ctxs->offset, /* l */ 301 &neg_ctxs->count); /* w */ 302 if (rc != 0) { 303 status = NT_STATUS_INVALID_PARAMETER; 304 goto errout; 305 } 306 /* 307 * There should be exactly 1 SMB2_PREAUTH_INTEGRITY_CAPS negotiate ctx. 308 * SMB2_ENCRYPTION_CAPS is optional one. 309 * If there is no contexts or there are to many then stop parsing. 310 */ 311 cnt = neg_ctxs->count; 312 if (cnt < 1 || cnt > NEG_CTX_MAX_COUNT) { 313 status = NT_STATUS_INVALID_PARAMETER; 314 goto errout; 315 } 316 317 /* 318 * Cannot proceed parsing if the first context isn't aligned by 8. 319 */ 320 if (neg_ctxs->offset % 8 != 0) { 321 status = NT_STATUS_INVALID_PARAMETER; 322 goto errout; 323 } 324 325 if ((skip = neg_ctxs->offset - sr->command.chain_offset) != 0 && 326 smb_mbc_decodef(&sr->command, "#.", skip) != 0) { 327 status = NT_STATUS_INVALID_PARAMETER; 328 goto errout; 329 } 330 331 /* 332 * Parse negotiate contexts. Ignore non-decoding errors to fill 333 * as much as possible data for dtrace probe. 334 */ 335 for (i = 0; i < cnt; i++) { 336 smb2_neg_ctx_t neg_ctx; 337 int32_t ctx_end_off; 338 int32_t ctx_next_off; 339 340 if (i > 0) { 341 if ((skip = ctx_next_off - ctx_end_off) != 0 && 342 smb_mbc_decodef(&sr->command, "#.", skip) != 0) { 343 status = NT_STATUS_INVALID_PARAMETER; 344 goto errout; 345 } 346 } 347 348 rc = smb_mbc_decodef( 349 &sr->command, "ww4.", 350 &neg_ctx.type, /* w */ 351 &neg_ctx.datalen); /* w */ 352 if (rc != 0) { 353 status = NT_STATUS_INVALID_PARAMETER; 354 goto errout; 355 } 356 357 /* 358 * We got something crazy 359 */ 360 if (neg_ctx.datalen > NEG_CTX_MAX_DATALEN) { 361 status = NT_STATUS_INVALID_PARAMETER; 362 goto errout; 363 } 364 365 ctx_end_off = sr->command.chain_offset + neg_ctx.datalen; 366 ctx_next_off = P2ROUNDUP(ctx_end_off, 8); 367 368 switch (neg_ctx.type) { 369 case SMB2_PREAUTH_INTEGRITY_CAPS: 370 memcpy(&neg_ctxs->preauth_ctx.neg_ctx, &neg_ctx, 371 sizeof (neg_ctx)); 372 373 if (found_preauth_ctx++ != 0) { 374 status = NT_STATUS_INVALID_PARAMETER; 375 continue; 376 } 377 378 rc = smb_mbc_decodef( 379 &sr->command, "ww", 380 &picap->picap_hash_count, /* w */ 381 &picap->picap_salt_len); /* w */ 382 if (rc != 0 || picap->picap_hash_count > 383 MAX_HASHID_NUM) { 384 status = NT_STATUS_INVALID_PARAMETER; 385 goto errout; 386 } 387 388 /* 389 * Get hash id 390 */ 391 rc = smb_mbc_decodef( 392 &sr->command, "#w", 393 picap->picap_hash_count, 394 &picap->picap_hash_id); /* w */ 395 if (rc != 0) { 396 status = NT_STATUS_INVALID_PARAMETER; 397 goto errout; 398 } 399 400 /* 401 * Get salt 402 */ 403 rc = smb_mbc_decodef( 404 &sr->command, "#c", 405 sizeof (picap->picap_salt), 406 &picap->picap_salt[0]); /* w */ 407 if (rc != 0) { 408 status = NT_STATUS_INVALID_PARAMETER; 409 goto errout; 410 } 411 412 /* 413 * In SMB 0x311 there should be exactly 1 preauth 414 * negotiate context, and there should be exactly 1 415 * hash value in the list - SHA512. 416 */ 417 if (picap->picap_hash_count != 1) { 418 status = NT_STATUS_INVALID_PARAMETER; 419 continue; 420 } 421 422 if (picap->picap_hash_id == SMB3_HASH_SHA512) 423 preauth_sha512_enabled = B_TRUE; 424 break; 425 case SMB2_ENCRYPTION_CAPS: 426 memcpy(&neg_ctxs->preauth_ctx.neg_ctx, &neg_ctx, 427 sizeof (neg_ctx)); 428 429 if (found_encrypt_ctx++ != 0) { 430 status = NT_STATUS_INVALID_PARAMETER; 431 continue; 432 } 433 434 rc = smb_mbc_decodef( 435 &sr->command, "w", 436 &encap->encap_cipher_count); /* w */ 437 if (rc != 0 || encap->encap_cipher_count > 438 MAX_CIPHER_NUM) { 439 status = NT_STATUS_INVALID_PARAMETER; 440 goto errout; 441 } 442 443 /* 444 * Get cipher list 445 */ 446 rc = smb_mbc_decodef( 447 &sr->command, "#w", 448 encap->encap_cipher_count, 449 &encap->encap_cipher_ids[0]); /* w */ 450 if (rc != 0) { 451 status = NT_STATUS_INVALID_PARAMETER; 452 goto errout; 453 } 454 455 for (int k = 0; k < encap->encap_cipher_count; k++) { 456 switch (encap->encap_cipher_ids[k]) { 457 case SMB3_CIPHER_AES128_CCM: 458 encrypt_ccm_enabled = B_TRUE; 459 break; 460 case SMB3_CIPHER_AES128_GCM: 461 encrypt_gcm_enabled = B_TRUE; 462 break; 463 default: 464 ; 465 } 466 } 467 break; 468 default: 469 ; 470 } 471 } 472 473 if (status) 474 goto errout; 475 476 /* Not found mandatory SMB2_PREAUTH_INTEGRITY_CAPS ctx */ 477 if (found_preauth_ctx != 1 || found_encrypt_ctx > 1) { 478 status = NT_STATUS_INVALID_PARAMETER; 479 goto errout; 480 } 481 482 if (!preauth_sha512_enabled) { 483 status = STATUS_PREAUTH_HASH_OVERLAP; 484 goto errout; 485 } 486 487 s->smb31_preauth_hashid = SMB3_HASH_SHA512; 488 489 switch (cipher) { 490 case SMB3_CIPHER_AES128_GCM: 491 if (encrypt_gcm_enabled) { 492 s->smb31_enc_cipherid = SMB3_CIPHER_AES128_GCM; 493 break; 494 } 495 /* FALLTHROUGH */ 496 case SMB3_CIPHER_AES128_CCM: 497 if (encrypt_ccm_enabled) { 498 s->smb31_enc_cipherid = SMB3_CIPHER_AES128_CCM; 499 break; 500 } 501 /* FALLTHROUGH */ 502 default: 503 s->smb31_enc_cipherid = 0; 504 } 505 506 errout: 507 return (status); 508 } 509 510 static int 511 smb31_encode_neg_ctxs(smb_request_t *sr, smb2_neg_ctxs_t *neg_ctxs) 512 { 513 smb_session_t *s = sr->session; 514 smb2_preauth_caps_t *picap = &neg_ctxs->preauth_ctx.preauth_caps; 515 smb2_encrypt_caps_t *encap = &neg_ctxs->encrypt_ctx.encrypt_caps; 516 uint16_t salt_len = sizeof (picap->picap_salt); 517 uint32_t preauth_ctx_len = 6 + salt_len; 518 uint32_t enc_ctx_len = 4; 519 uint32_t neg_ctx_off = NEG_CTX_OFFSET_OFFSET + 520 P2ROUNDUP(sr->sr_cfg->skc_negtok_len, 8); 521 uint32_t rc; 522 523 bzero(neg_ctxs, sizeof (*neg_ctxs)); 524 525 if ((rc = smb_mbc_put_align(&sr->reply, 8)) != 0) 526 return (rc); 527 528 ASSERT3S(neg_ctx_off, ==, sr->reply.chain_offset); 529 530 encap->encap_cipher_ids[0] = s->smb31_enc_cipherid; 531 picap->picap_hash_id = s->smb31_preauth_hashid; 532 picap->picap_salt_len = salt_len; 533 534 (void) random_get_pseudo_bytes(picap->picap_salt, salt_len); 535 536 rc = smb_mbc_encodef( 537 &sr->reply, "ww4.", 538 SMB2_PREAUTH_INTEGRITY_CAPS, 539 preauth_ctx_len 540 /* 4. */); /* reserved */ 541 if (rc != 0) 542 return (rc); 543 544 rc = smb_mbc_encodef( 545 &sr->reply, "www#c", 546 1, /* hash algo count */ 547 salt_len, /* salt length */ 548 s->smb31_preauth_hashid, /* hash id */ 549 salt_len, /* salt length */ 550 picap->picap_salt); 551 552 /* aligned on 8-bytes boundary */ 553 if (rc != 0 || s->smb31_enc_cipherid == 0) { 554 cmn_err(CE_NOTE, "Encryption is not supported"); 555 return (rc); 556 } 557 558 if ((rc = smb_mbc_put_align(&sr->reply, 8)) != 0) 559 return (rc); 560 561 rc = smb_mbc_encodef( 562 &sr->reply, "ww4.", 563 SMB2_ENCRYPTION_CAPS, 564 enc_ctx_len 565 /* 4. */); /* reserved */ 566 567 rc = smb_mbc_encodef( 568 &sr->reply, "ww", 569 1, /* cipher count */ 570 s->smb31_enc_cipherid); /* encrypt. cipher id */ 571 572 return (rc); 573 } 574 575 int 576 smb2_newrq_negotiate(smb_request_t *sr) 577 { 578 smb_session_t *s = sr->session; 579 smb2_neg_ctxs_t neg_in_ctxs; 580 smb2_neg_ctxs_t neg_out_ctxs; 581 smb2_arg_negotiate_t *nego2 = &sr->sr_nego2; 582 int rc; 583 uint32_t status = 0; 584 uint16_t struct_size; 585 uint16_t best_version; 586 587 bzero(&neg_in_ctxs, sizeof (neg_in_ctxs)); 588 bzero(&neg_out_ctxs, sizeof (neg_out_ctxs)); 589 590 sr->smb2_cmd_hdr = sr->command.chain_offset; 591 rc = smb2_decode_header(sr); 592 if (rc != 0) 593 return (rc); 594 595 if (sr->smb2_hdr_flags & SMB2_FLAGS_SERVER_TO_REDIR) 596 return (-1); 597 598 if ((sr->smb2_cmd_code != SMB2_NEGOTIATE) || 599 (sr->smb2_next_command != 0)) 600 return (-1); 601 602 /* 603 * Decode SMB2 Negotiate (fixed-size part) 604 */ 605 rc = smb_mbc_decodef( 606 &sr->command, "www..l16c8.", 607 &struct_size, /* w */ 608 &s->cli_dialect_cnt, /* w */ 609 &s->cli_secmode, /* w */ 610 /* reserved (..) */ 611 &s->capabilities, /* l */ 612 s->clnt_uuid); /* 16c */ 613 /* start_time 8. */ 614 if (rc != 0) 615 return (rc); 616 if (struct_size != 36) 617 return (-1); 618 619 /* 620 * Decode SMB2 Negotiate (variable part) 621 * 622 * Be somewhat tolerant while decoding the variable part 623 * so we can return errors instead of dropping the client. 624 * Will limit decoding to the size of cli_dialects here, 625 * and do the error checks on s->cli_dialect_cnt after the 626 * dtrace start probe. 627 */ 628 if (s->cli_dialect_cnt > 0 && 629 s->cli_dialect_cnt <= SMB2_NEGOTIATE_MAX_DIALECTS && 630 smb_mbc_decodef(&sr->command, "#w", s->cli_dialect_cnt, 631 s->cli_dialects) != 0) { 632 /* decode error; force an error below */ 633 s->cli_dialect_cnt = 0; 634 } 635 636 /* 637 * [MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request 638 * "If the DialectCount of the SMB2 NEGOTIATE Request is 0, the 639 * server MUST fail the request with STATUS_INVALID_PARAMETER." 640 */ 641 if (s->cli_dialect_cnt == 0 || 642 s->cli_dialect_cnt > SMB2_NEGOTIATE_MAX_DIALECTS) { 643 status = NT_STATUS_INVALID_PARAMETER; 644 } 645 646 /* 647 * The client offers an array of protocol versions it 648 * supports, which we have decoded into s->cli_dialects[]. 649 * We walk the array and pick the highest supported. 650 * 651 * [MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request 652 * "If a common dialect is not found, the server MUST fail 653 * the request with STATUS_NOT_SUPPORTED." 654 */ 655 656 if (status == 0) { 657 best_version = smb2_find_best_dialect(s, s->cli_dialects, 658 s->cli_dialect_cnt); 659 if (best_version >= SMB_VERS_3_11) { 660 status = smb31_decode_neg_ctxs(sr, &neg_in_ctxs); 661 nego2->neg_in_ctxs = &neg_in_ctxs; 662 } else if (best_version == 0) { 663 status = NT_STATUS_NOT_SUPPORTED; 664 } 665 } 666 667 DTRACE_SMB2_START(op__Negotiate, smb_request_t *, sr); 668 nego2->neg_in_ctxs = NULL; 669 670 sr->smb2_hdr_flags |= SMB2_FLAGS_SERVER_TO_REDIR; 671 (void) smb2_encode_header(sr, B_FALSE); 672 673 if (status != 0) 674 goto errout; 675 676 /* 677 * [MS-SMB2] 3.3.5.2.4 Verifying the Signature 678 * "If the SMB2 header of the SMB2 NEGOTIATE request has the 679 * SMB2_FLAGS_SIGNED bit set in the Flags field, the server 680 * MUST fail the request with STATUS_INVALID_PARAMETER." 681 */ 682 if ((sr->smb2_hdr_flags & SMB2_FLAGS_SIGNED) != 0) { 683 sr->smb2_hdr_flags &= ~SMB2_FLAGS_SIGNED; 684 status = NT_STATUS_INVALID_PARAMETER; 685 goto errout; 686 } 687 688 s->dialect = best_version; 689 690 /* Allow normal SMB2 requests now. */ 691 s->s_state = SMB_SESSION_STATE_NEGOTIATED; 692 s->newrq_func = smb2sr_newrq; 693 694 if (smb2_negotiate_common(sr, best_version) != 0) 695 status = NT_STATUS_INTERNAL_ERROR; 696 697 if (s->dialect >= SMB_VERS_3_11 && status == 0) { 698 if (smb31_encode_neg_ctxs(sr, &neg_out_ctxs) != 0) 699 status = NT_STATUS_INTERNAL_ERROR; 700 nego2->neg_out_ctxs = &neg_out_ctxs; 701 } 702 703 errout: 704 sr->smb2_status = status; 705 DTRACE_SMB2_DONE(op__Negotiate, smb_request_t *, sr); 706 nego2->neg_out_ctxs = NULL; 707 708 if (sr->smb2_status != 0) 709 smb2sr_put_error(sr, sr->smb2_status); 710 (void) smb2_encode_header(sr, B_TRUE); 711 712 if (s->dialect >= SMB_VERS_3_11 && sr->smb2_status == 0) { 713 ASSERT3U(s->smb31_preauth_hashid, !=, 0); 714 if (smb31_preauth_sha512_calc(sr, &sr->reply, 715 s->smb31_preauth_hashval, 716 s->smb31_preauth_hashval) != 0) 717 cmn_err(CE_WARN, "(1) Preauth hash calculation " 718 "failed"); 719 } 720 721 smb2_send_reply(sr); 722 723 return (rc); 724 } 725 726 /* 727 * Common parts of SMB2 Negotiate, used for both the 728 * SMB1-to-SMB2 style, and straight SMB2 style. 729 * Do negotiation decisions and encode the reply. 730 * The caller does the network send. 731 * 732 * Return value is 0 for success, else error. 733 */ 734 static int 735 smb2_negotiate_common(smb_request_t *sr, uint16_t version) 736 { 737 timestruc_t boot_tv, now_tv; 738 smb_session_t *s = sr->session; 739 int rc; 740 uint32_t max_rwsize; 741 uint16_t secmode; 742 uint16_t neg_ctx_cnt = 0; 743 uint32_t neg_ctx_off = 0; 744 745 /* 746 * Negotiation itself. First the Security Mode. 747 */ 748 secmode = SMB2_NEGOTIATE_SIGNING_ENABLED; 749 if (sr->sr_cfg->skc_signing_required) 750 secmode |= SMB2_NEGOTIATE_SIGNING_REQUIRED; 751 s->srv_secmode = secmode; 752 753 s->cmd_max_bytes = smb2_tcp_bufsize; 754 s->reply_max_bytes = smb2_tcp_bufsize; 755 756 /* 757 * "The number of credits held by the client MUST be considered 758 * as 1 when the connection is established." [MS-SMB2] 759 * We leave credits at 1 until the first successful 760 * session setup is completed. 761 */ 762 s->s_cur_credits = s->s_max_credits = 1; 763 sr->smb2_credit_response = 1; 764 765 boot_tv.tv_sec = smb_get_boottime(); 766 boot_tv.tv_nsec = 0; 767 now_tv.tv_sec = gethrestime_sec(); 768 now_tv.tv_nsec = 0; 769 770 /* 771 * If the version is 0x2FF, we haven't completed negotiate. 772 * Don't initialize until we have our final request. 773 */ 774 if (version != 0x2FF) 775 smb2_sign_init_mech(s); 776 if (version >= 0x311) 777 smb31_preauth_init_mech(s); 778 779 /* 780 * [MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request 781 * 782 * The SMB2.x capabilities are returned without regard for 783 * what capabilities the client provided in the request. 784 * The SMB3.x capabilities returned are the traditional 785 * logical AND of server and client capabilities. 786 * 787 * One additional check: If KCF is missing something we 788 * require for encryption, turn off that capability. 789 */ 790 if (s->dialect < SMB_VERS_2_1) { 791 /* SMB 2.002 */ 792 s->srv_cap = smb2srv_capabilities & SMB2_CAP_DFS; 793 } else if (s->dialect < SMB_VERS_3_0) { 794 /* SMB 2.x */ 795 s->srv_cap = smb2srv_capabilities & SMB_2X_CAPS; 796 } else { 797 /* SMB 3.0 or later */ 798 s->srv_cap = smb2srv_capabilities & 799 (SMB_2X_CAPS | s->capabilities); 800 if ((s->srv_cap & SMB2_CAP_ENCRYPTION) != 0 && 801 smb3_encrypt_init_mech(s) != 0) { 802 s->srv_cap &= ~SMB2_CAP_ENCRYPTION; 803 s->smb31_enc_cipherid = 0; 804 } 805 806 if (s->dialect >= SMB_VERS_3_11) { 807 neg_ctx_cnt = s->smb31_enc_cipherid == 0 ? 1 : 2; 808 neg_ctx_off = NEG_CTX_OFFSET_OFFSET + 809 P2ROUNDUP(sr->sr_cfg->skc_negtok_len, 8); 810 811 ASSERT3U(s->smb31_preauth_hashid, !=, 0); 812 813 if (smb31_preauth_sha512_calc(sr, &sr->command, 814 s->smb31_preauth_hashval, 815 s->smb31_preauth_hashval) != 0) 816 cmn_err(CE_WARN, "(0) Preauth hash calculation " 817 "failed"); 818 } 819 } 820 821 /* 822 * See notes above smb2_max_rwsize, smb2_old_rwsize 823 */ 824 if (s->capabilities & SMB2_CAP_LARGE_MTU) 825 max_rwsize = smb2_max_rwsize; 826 else 827 max_rwsize = smb2_old_rwsize; 828 829 rc = smb_mbc_encodef( 830 &sr->reply, 831 "wwww#cllllTTwwl#c", 832 65, /* StructSize */ /* w */ 833 s->srv_secmode, /* w */ 834 version, /* w */ 835 neg_ctx_cnt, /* w */ 836 UUID_LEN, /* # */ 837 &s->s_cfg.skc_machine_uuid, /* c */ 838 s->srv_cap, /* l */ 839 smb2_max_trans, /* l */ 840 max_rwsize, /* l */ 841 max_rwsize, /* l */ 842 &now_tv, /* T */ 843 &boot_tv, /* T */ 844 128, /* SecBufOff */ /* w */ 845 sr->sr_cfg->skc_negtok_len, /* w */ 846 neg_ctx_off, /* l */ 847 sr->sr_cfg->skc_negtok_len, /* # */ 848 sr->sr_cfg->skc_negtok); /* c */ 849 850 851 852 /* smb2_send_reply(sr); in caller */ 853 854 (void) ksocket_setsockopt(s->sock, SOL_SOCKET, 855 SO_SNDBUF, (const void *)&smb2_tcp_bufsize, 856 sizeof (smb2_tcp_bufsize), CRED()); 857 (void) ksocket_setsockopt(s->sock, SOL_SOCKET, 858 SO_RCVBUF, (const void *)&smb2_tcp_bufsize, 859 sizeof (smb2_tcp_bufsize), CRED()); 860 861 return (rc); 862 } 863 864 /* 865 * SMB2 Dispatch table handler, which will run if we see an 866 * SMB2_NEGOTIATE after the initial negotiation is done. 867 * That would be a protocol error. 868 */ 869 smb_sdrc_t 870 smb2_negotiate(smb_request_t *sr) 871 { 872 sr->smb2_status = NT_STATUS_INVALID_PARAMETER; 873 return (SDRC_ERROR); 874 } 875 876 /* 877 * VALIDATE_NEGOTIATE_INFO [MS-SMB2] 2.2.32.6 878 */ 879 uint32_t 880 smb2_nego_validate(smb_request_t *sr, smb_fsctl_t *fsctl) 881 { 882 smb_session_t *s = sr->session; 883 boolean_t smb311 = s->s_cfg.skc_max_protocol >= SMB_VERS_3_11; 884 int rc; 885 886 /* 887 * The spec. says to parse the VALIDATE_NEGOTIATE_INFO here 888 * and verify that the original negotiate was not modified. 889 * 890 * One interesting requirement here is that we MUST reply 891 * with exactly the same information as we returned in our 892 * original reply to the SMB2 negotiate on this session. 893 * If we don't the client closes the connection. 894 */ 895 896 uint32_t capabilities; 897 uint16_t secmode; 898 uint16_t num_dialects; 899 uint16_t dialects[SMB2_NEGOTIATE_MAX_DIALECTS]; 900 uint8_t clnt_guid[16]; 901 902 if (s->dialect >= SMB_VERS_3_11) 903 goto drop; 904 905 /* 906 * [MS-SMB2] 3.3.5.2.4 Verifying the Signature 907 * 908 * If the dialect is SMB3 and the message was successfully 909 * decrypted we MUST skip processing of the signature. 910 */ 911 if (!sr->encrypted && (sr->smb2_hdr_flags & SMB2_FLAGS_SIGNED) == 0) 912 goto drop; 913 914 if (fsctl->InputCount < 24) 915 goto drop; 916 917 (void) smb_mbc_decodef(fsctl->in_mbc, "l16cww", 918 &capabilities, /* l */ 919 &clnt_guid, /* 16c */ 920 &secmode, /* w */ 921 &num_dialects); /* w */ 922 923 if (num_dialects == 0 || num_dialects > SMB2_NEGOTIATE_MAX_DIALECTS) 924 goto drop; 925 if (smb311 && num_dialects != s->cli_dialect_cnt) 926 goto drop; 927 if (secmode != s->cli_secmode) 928 goto drop; 929 if (capabilities != s->capabilities) 930 goto drop; 931 if (memcmp(clnt_guid, s->clnt_uuid, sizeof (clnt_guid)) != 0) 932 goto drop; 933 934 if (fsctl->InputCount < (24 + num_dialects * sizeof (*dialects))) 935 goto drop; 936 937 rc = smb_mbc_decodef(fsctl->in_mbc, "#w", num_dialects, dialects); 938 if (rc != 0) 939 goto drop; 940 941 if (smb311) { 942 for (int i = 0; i < num_dialects; i++) { 943 if (dialects[i] != s->cli_dialects[i]) 944 goto drop; 945 } 946 } else { 947 if (smb2_find_best_dialect(s, dialects, num_dialects) != 948 s->dialect) 949 goto drop; 950 } 951 952 rc = smb_mbc_encodef( 953 fsctl->out_mbc, "l#cww", 954 s->srv_cap, /* l */ 955 UUID_LEN, /* # */ 956 &s->s_cfg.skc_machine_uuid, /* c */ 957 s->srv_secmode, /* w */ 958 s->dialect); /* w */ 959 if (rc == 0) 960 return (rc); 961 962 drop: 963 smb_session_disconnect(s); 964 return (NT_STATUS_ACCESS_DENIED); 965 } 966