1 /* 2 * This file and its contents are supplied under the terms of the 3 * Common Development and Distribution License ("CDDL"), version 1.0. 4 * You may only use this file in accordance with the terms of version 5 * 1.0 of the CDDL. 6 * 7 * A full copy of the text of the CDDL should have accompanied this 8 * source. A copy of the CDDL is also available via the Internet at 9 * http://www.illumos.org/license/CDDL. 10 */ 11 12 /* 13 * Copyright 2013-2021 Tintri by DDN, Inc. All rights reserved. 14 * Copyright 2022 RackTop Systems, Inc. 15 */ 16 17 /* 18 * Dispatch function for SMB2_NEGOTIATE 19 */ 20 21 #include <smbsrv/smb2_kproto.h> 22 #include <smbsrv/smb2.h> 23 #include <sys/random.h> 24 25 /* 26 * Note from [MS-SMB2] Sec. 2.2.3: Windows servers return 27 * invalid parameter if the dialect count is greater than 64 28 * This is here (and not in smb2.h) because this is technically 29 * an implementation detail, not protocol specification. 30 */ 31 #define SMB2_NEGOTIATE_MAX_DIALECTS 64 32 33 static int smb2_negotiate_common(smb_request_t *, uint16_t); 34 35 /* List of supported capabilities. Can be patched for testing. */ 36 uint32_t smb2srv_capabilities = 37 SMB2_CAP_DFS | 38 SMB2_CAP_LEASING | 39 SMB2_CAP_LARGE_MTU | 40 SMB2_CAP_PERSISTENT_HANDLES | 41 SMB2_CAP_ENCRYPTION; 42 43 /* These are the only capabilities defined for SMB2.X */ 44 #define SMB_2X_CAPS (SMB2_CAP_DFS | SMB2_CAP_LEASING | SMB2_CAP_LARGE_MTU) 45 46 /* 47 * These are not intended as customer tunables, but dev. & test folks 48 * might want to adjust them (with caution). 49 * 50 * smb2_tcp_bufsize is the TCP buffer size, applied to the network socket 51 * with setsockopt SO_SNDBUF, SO_RCVBUF. These set the TCP window size. 52 * This is also used as a "sanity limit" for internal send/reply message 53 * allocations. Note that with compounding SMB2 messages may contain 54 * multiple requests/responses. This size should be large enough for 55 * at least a few SMB2 requests, and at least 2X smb2_max_rwsize. 56 * 57 * smb2_max_rwsize is what we put in the SMB2 negotiate response to tell 58 * the client the largest read and write request size we'll support. 59 * One megabyte is a compromise between efficiency on fast networks 60 * and memory consumption (for the buffers) on the server side. 61 * 62 * smb2_max_trans is the largest "transact" send or receive, which is 63 * used for directory listings and info set/get operations. 64 */ 65 uint32_t smb2_tcp_bufsize = (1<<22); /* 4MB */ 66 uint32_t smb2_max_rwsize = (1<<20); /* 1MB */ 67 uint32_t smb2_max_trans = (1<<16); /* 64KB */ 68 69 /* 70 * With clients (e.g. HP scanners) that don't advertise SMB2_CAP_LARGE_MTU 71 * (including all clients using dialect < SMB 2.1), use a "conservative" value 72 * for max r/w size because some older clients misbehave with larger values. 73 * 64KB is recommended in the [MS-SMB2] spec. (3.3.5.3.1 SMB 2.1 or SMB 3.x 74 * Support) as the minimum so we'll use that. 75 */ 76 uint32_t smb2_old_rwsize = (1<<16); /* 64KB */ 77 78 /* 79 * List of all SMB2 versions we implement. Note that the 80 * versions we support may be limited by the 81 * _cfg.skc_max_protocol and min_protocol settings. 82 */ 83 static uint16_t smb2_versions[] = { 84 0x202, /* SMB 2.002 */ 85 0x210, /* SMB 2.1 */ 86 0x300, /* SMB 3.0 */ 87 0x302, /* SMB 3.02 */ 88 0x311, /* SMB 3.11 */ 89 }; 90 static uint16_t smb2_nversions = 91 sizeof (smb2_versions) / sizeof (smb2_versions[0]); 92 93 enum smb2_neg_ctx_type { 94 SMB2_PREAUTH_INTEGRITY_CAPS = 1, 95 SMB2_ENCRYPTION_CAPS = 2, 96 SMB2_COMPRESSION_CAPS = 3, /* not imlemented */ 97 SMB2_NETNAME_NEGOTIATE_CONTEXT_ID = 5 /* not imlemented */ 98 }; 99 100 typedef struct smb2_negotiate_ctx { 101 uint16_t type; 102 uint16_t datalen; 103 } smb2_neg_ctx_t; 104 105 #define SMB31_PREAUTH_CTX_SALT_LEN 32 106 107 /* 108 * SMB 3.1.1 originally specified a single hashing algorithm - SHA-512 - and 109 * two encryption ones - AES-128-CCM and AES-128-GCM. 110 * Windows Server 2022 and Windows 11 introduced two further encryption 111 * algorithms - AES-256-CCM and AES-256-GCM. 112 */ 113 #define MAX_HASHID_NUM (1) 114 #define MAX_CIPHER_NUM (8) 115 116 typedef struct smb2_preauth_integrity_caps { 117 uint16_t picap_hash_count; 118 uint16_t picap_salt_len; 119 uint16_t picap_hash_id; 120 uint8_t picap_salt[SMB31_PREAUTH_CTX_SALT_LEN]; 121 } smb2_preauth_caps_t; 122 123 typedef struct smb2_encryption_caps { 124 uint16_t encap_cipher_count; 125 uint16_t encap_cipher_ids[MAX_CIPHER_NUM]; 126 } smb2_encrypt_caps_t; 127 128 /* 129 * The contexts we support 130 */ 131 typedef struct smb2_preauth_neg_ctx { 132 smb2_neg_ctx_t neg_ctx; 133 smb2_preauth_caps_t preauth_caps; 134 } smb2_preauth_neg_ctx_t; 135 136 typedef struct smb2_encrypt_neg_ctx { 137 smb2_neg_ctx_t neg_ctx; 138 smb2_encrypt_caps_t encrypt_caps; 139 } smb2_encrypt_neg_ctx_t; 140 141 typedef struct smb2_neg_ctxs { 142 uint32_t offset; 143 uint16_t count; 144 smb2_preauth_neg_ctx_t preauth_ctx; 145 smb2_encrypt_neg_ctx_t encrypt_ctx; 146 } smb2_neg_ctxs_t; 147 148 #define NEG_CTX_INFO_OFFSET (SMB2_HDR_SIZE + 28) 149 #define NEG_CTX_OFFSET_OFFSET (SMB2_HDR_SIZE + 64) 150 #define NEG_CTX_MAX_COUNT (16) 151 #define NEG_CTX_MAX_DATALEN (256) 152 153 #define STATUS_SMB_NO_PREAUTH_INEGRITY_HASH_OVERLAP (0xC05D0000) 154 155 #define STATUS_PREAUTH_HASH_OVERLAP \ 156 STATUS_SMB_NO_PREAUTH_INEGRITY_HASH_OVERLAP 157 158 typedef struct smb2_arg_negotiate { 159 struct smb2_neg_ctxs neg_in_ctxs; 160 struct smb2_neg_ctxs neg_out_ctxs; 161 uint16_t neg_dialect_cnt; 162 uint16_t neg_dialects[SMB2_NEGOTIATE_MAX_DIALECTS]; 163 uint16_t neg_highest_dialect; 164 } smb2_arg_negotiate_t; 165 166 167 static boolean_t 168 smb2_supported_version(smb_session_t *s, uint16_t version) 169 { 170 int i; 171 172 if (version > s->s_cfg.skc_max_protocol || 173 version < s->s_cfg.skc_min_protocol) 174 return (B_FALSE); 175 for (i = 0; i < smb2_nversions; i++) 176 if (version == smb2_versions[i]) 177 return (B_TRUE); 178 return (B_FALSE); 179 } 180 181 static uint16_t 182 smb2_find_best_dialect(smb_session_t *s, uint16_t cl_versions[], 183 uint16_t version_cnt) 184 { 185 uint16_t best_version = 0; 186 int i; 187 188 for (i = 0; i < version_cnt; i++) 189 if (smb2_supported_version(s, cl_versions[i]) && 190 best_version < cl_versions[i]) 191 best_version = cl_versions[i]; 192 193 return (best_version); 194 } 195 196 /* 197 * This function should be called only for dialect >= 0x311 198 * Negotiate context list should contain exactly one 199 * SMB2_PREAUTH_INTEGRITY_CAPS context. 200 * Otherwise STATUS_INVALID_PARAMETER. 201 * It should contain at least 1 hash algorith what server does support. 202 * Otehrwise STATUS_SMB_NO_PREAUTH_INEGRITY_HASH_OVERLAP. 203 */ 204 static uint32_t 205 smb31_decode_neg_ctxs(smb_request_t *sr) 206 { 207 smb_session_t *s = sr->session; 208 smb2_arg_negotiate_t *nego = sr->arg.other; 209 smb2_neg_ctxs_t *neg_ctxs = &nego->neg_in_ctxs; 210 smb2_preauth_caps_t *picap = &neg_ctxs->preauth_ctx.preauth_caps; 211 smb2_encrypt_caps_t *encap = &neg_ctxs->encrypt_ctx.encrypt_caps; 212 boolean_t found_sha512 = B_FALSE; 213 boolean_t found_cipher = B_FALSE; 214 uint32_t ciphers = sr->sr_server->sv_cfg.skc_encrypt_ciphers; 215 uint32_t status = 0; 216 int32_t skip; 217 int found_preauth_ctx = 0; 218 int found_encrypt_ctx = 0; 219 int cnt, i; 220 int rc; 221 222 /* 223 * There should be exactly 1 SMB2_PREAUTH_INTEGRITY_CAPS negotiate ctx. 224 * SMB2_ENCRYPTION_CAPS is optional one. 225 * If there is no contexts or there are to many then stop parsing. 226 */ 227 cnt = neg_ctxs->count; 228 if (cnt < 1 || cnt > NEG_CTX_MAX_COUNT) { 229 status = NT_STATUS_INVALID_PARAMETER; 230 goto errout; 231 } 232 233 /* 234 * Cannot proceed parsing if the first context isn't aligned by 8. 235 */ 236 if (neg_ctxs->offset % 8 != 0) { 237 status = NT_STATUS_INVALID_PARAMETER; 238 goto errout; 239 } 240 241 if ((skip = neg_ctxs->offset - sr->command.chain_offset) != 0 && 242 smb_mbc_decodef(&sr->command, "#.", skip) != 0) { 243 status = NT_STATUS_INVALID_PARAMETER; 244 goto errout; 245 } 246 247 /* 248 * Parse negotiate contexts. Ignore non-decoding errors to fill 249 * as much as possible data for dtrace probe. 250 */ 251 for (i = 0; i < cnt; i++) { 252 smb2_neg_ctx_t neg_ctx; 253 int32_t ctx_end_off; 254 int32_t ctx_next_off; 255 256 if (i > 0) { 257 if ((skip = ctx_next_off - ctx_end_off) != 0 && 258 smb_mbc_decodef(&sr->command, "#.", skip) != 0) { 259 status = NT_STATUS_INVALID_PARAMETER; 260 goto errout; 261 } 262 } 263 264 rc = smb_mbc_decodef( 265 &sr->command, "ww4.", 266 &neg_ctx.type, /* w */ 267 &neg_ctx.datalen); /* w */ 268 if (rc != 0) { 269 status = NT_STATUS_INVALID_PARAMETER; 270 goto errout; 271 } 272 273 /* 274 * We got something crazy 275 */ 276 if (neg_ctx.datalen > NEG_CTX_MAX_DATALEN) { 277 status = NT_STATUS_INVALID_PARAMETER; 278 goto errout; 279 } 280 281 ctx_end_off = sr->command.chain_offset + neg_ctx.datalen; 282 ctx_next_off = P2ROUNDUP(ctx_end_off, 8); 283 284 switch (neg_ctx.type) { 285 case SMB2_PREAUTH_INTEGRITY_CAPS: 286 memcpy(&neg_ctxs->preauth_ctx.neg_ctx, &neg_ctx, 287 sizeof (neg_ctx)); 288 289 if (found_preauth_ctx++ != 0) { 290 status = NT_STATUS_INVALID_PARAMETER; 291 continue; 292 } 293 294 rc = smb_mbc_decodef( 295 &sr->command, "ww", 296 &picap->picap_hash_count, /* w */ 297 &picap->picap_salt_len); /* w */ 298 if (rc != 0 || picap->picap_hash_count > 299 MAX_HASHID_NUM) { 300 status = NT_STATUS_INVALID_PARAMETER; 301 goto errout; 302 } 303 304 /* 305 * Get hash id 306 */ 307 rc = smb_mbc_decodef( 308 &sr->command, "#w", 309 picap->picap_hash_count, 310 &picap->picap_hash_id); /* w */ 311 if (rc != 0) { 312 status = NT_STATUS_INVALID_PARAMETER; 313 goto errout; 314 } 315 316 /* 317 * Get salt 318 */ 319 rc = smb_mbc_decodef( 320 &sr->command, "#c", 321 sizeof (picap->picap_salt), 322 &picap->picap_salt[0]); /* w */ 323 if (rc != 0) { 324 status = NT_STATUS_INVALID_PARAMETER; 325 goto errout; 326 } 327 328 /* 329 * In SMB 0x311 there should be exactly 1 preauth 330 * negotiate context, and there should be exactly 1 331 * hash value in the list - SHA512. 332 */ 333 if (picap->picap_hash_count != 1) { 334 status = NT_STATUS_INVALID_PARAMETER; 335 continue; 336 } 337 338 if (picap->picap_hash_id == SMB3_HASH_SHA512) 339 found_sha512 = B_TRUE; 340 break; 341 case SMB2_ENCRYPTION_CAPS: 342 memcpy(&neg_ctxs->preauth_ctx.neg_ctx, &neg_ctx, 343 sizeof (neg_ctx)); 344 345 if (found_encrypt_ctx++ != 0) { 346 status = NT_STATUS_INVALID_PARAMETER; 347 continue; 348 } 349 350 rc = smb_mbc_decodef( 351 &sr->command, "w", 352 &encap->encap_cipher_count); /* w */ 353 if (rc != 0 || encap->encap_cipher_count > 354 MAX_CIPHER_NUM) { 355 status = NT_STATUS_INVALID_PARAMETER; 356 goto errout; 357 } 358 359 /* 360 * Get cipher list 361 */ 362 rc = smb_mbc_decodef( 363 &sr->command, "#w", 364 encap->encap_cipher_count, 365 &encap->encap_cipher_ids[0]); /* w */ 366 if (rc != 0) { 367 status = NT_STATUS_INVALID_PARAMETER; 368 goto errout; 369 } 370 371 /* 372 * Select the first enabled cipher. 373 * Client should list more prioritized ciphers first. 374 */ 375 for (int k = 0; k < encap->encap_cipher_count; k++) { 376 uint16_t c = encap->encap_cipher_ids[k]; 377 378 if (c <= SMB3_CIPHER_MAX && 379 (SMB3_CIPHER_BIT(c) & ciphers) != 0) { 380 s->smb31_enc_cipherid = c; 381 found_cipher = B_TRUE; 382 break; 383 } 384 } 385 break; 386 default: 387 ; 388 } 389 } 390 391 if (status) 392 goto errout; 393 394 /* Not found mandatory SMB2_PREAUTH_INTEGRITY_CAPS ctx */ 395 if (found_preauth_ctx != 1 || found_encrypt_ctx > 1) { 396 status = NT_STATUS_INVALID_PARAMETER; 397 goto errout; 398 } 399 400 if (!found_sha512) { 401 status = STATUS_PREAUTH_HASH_OVERLAP; 402 goto errout; 403 } 404 405 s->smb31_preauth_hashid = SMB3_HASH_SHA512; 406 407 if (!found_cipher) 408 s->smb31_enc_cipherid = 0; 409 410 /* Initialize out = in */ 411 nego->neg_out_ctxs = nego->neg_in_ctxs; 412 413 errout: 414 return (status); 415 } 416 417 static int 418 smb31_encode_neg_ctxs(smb_request_t *sr) 419 { 420 smb_session_t *s = sr->session; 421 smb2_arg_negotiate_t *nego = sr->arg.other; 422 smb2_neg_ctxs_t *neg_ctxs = &nego->neg_out_ctxs; 423 smb2_preauth_caps_t *picap = &neg_ctxs->preauth_ctx.preauth_caps; 424 smb2_encrypt_caps_t *encap = &neg_ctxs->encrypt_ctx.encrypt_caps; 425 uint16_t salt_len = sizeof (picap->picap_salt); 426 uint32_t preauth_ctx_len = 6 + salt_len; 427 uint32_t enc_ctx_len = 4; 428 uint32_t neg_ctx_off = NEG_CTX_OFFSET_OFFSET + 429 P2ROUNDUP(sr->sr_cfg->skc_negtok_len, 8); 430 uint32_t rc; 431 432 if ((rc = smb_mbc_put_align(&sr->reply, 8)) != 0) 433 return (rc); 434 435 ASSERT3S(neg_ctx_off, ==, sr->reply.chain_offset); 436 437 picap->picap_hash_id = s->smb31_preauth_hashid; 438 picap->picap_salt_len = salt_len; 439 440 (void) random_get_pseudo_bytes(picap->picap_salt, salt_len); 441 442 rc = smb_mbc_encodef( 443 &sr->reply, "ww4.", 444 SMB2_PREAUTH_INTEGRITY_CAPS, 445 preauth_ctx_len 446 /* 4. */); /* reserved */ 447 if (rc != 0) 448 return (rc); 449 450 rc = smb_mbc_encodef( 451 &sr->reply, "www#c", 452 1, /* hash algo count */ 453 salt_len, /* salt length */ 454 s->smb31_preauth_hashid, /* hash id */ 455 salt_len, /* salt length */ 456 picap->picap_salt); 457 if (rc != 0) 458 return (rc); 459 460 /* 461 * If we did not get SMB2_ENCRYPTION_CAPS, don't send one. 462 */ 463 if (encap->encap_cipher_count == 0) 464 return (0); 465 466 /* 467 * Encode SMB2_ENCRYPTION_CAPS response. 468 */ 469 if ((rc = smb_mbc_put_align(&sr->reply, 8)) != 0) 470 return (rc); 471 472 rc = smb_mbc_encodef( 473 &sr->reply, "ww4.", 474 SMB2_ENCRYPTION_CAPS, 475 enc_ctx_len 476 /* 4. */); /* reserved */ 477 478 rc = smb_mbc_encodef( 479 &sr->reply, "ww", 480 1, /* cipher count */ 481 s->smb31_enc_cipherid); /* encrypt. cipher id */ 482 483 return (rc); 484 } 485 486 /* 487 * Helper for the (SMB1) smb_com_negotiate(). This is the 488 * very unusual protocol interaction where an SMB1 negotiate 489 * gets an SMB2 negotiate response. This is the normal way 490 * clients first find out if the server supports SMB2. 491 * 492 * Note: This sends an SMB2 reply _itself_ and then returns 493 * SDRC_NO_REPLY so the caller will not send an SMB1 reply. 494 * Also, this is called directly from the reader thread, so 495 * we know this is the only thread using this session. 496 * Otherwise, this is similar to smb2_newrq_negotiate(). 497 * 498 * The caller frees this request. 499 */ 500 smb_sdrc_t 501 smb1_negotiate_smb2(smb_request_t *sr) 502 { 503 smb_session_t *s = sr->session; 504 smb_arg_negotiate_t *negprot = sr->sr_negprot; 505 uint16_t smb2_version; 506 507 /* 508 * Note: In the SMB1 negotiate command handler, we 509 * agreed with one of the SMB2 dialects. If that 510 * dialect was "SMB 2.002", we'll respond here with 511 * version 0x202 and negotiation is done. If that 512 * dialect was "SMB 2.???", we'll respond here with 513 * the "wildcard" version 0x2FF, and the client will 514 * come back with an SMB2 negotiate. 515 */ 516 switch (negprot->ni_dialect) { 517 case DIALECT_SMB2002: /* SMB 2.002 (a.k.a. SMB2.0) */ 518 smb2_version = SMB_VERS_2_002; 519 s->dialect = smb2_version; 520 s->s_state = SMB_SESSION_STATE_NEGOTIATED; 521 /* Allow normal SMB2 requests now. */ 522 s->newrq_func = smb2sr_newrq; 523 break; 524 case DIALECT_SMB2XXX: /* SMB 2.??? (wildcard vers) */ 525 /* 526 * Expecting an SMB2 negotiate next, so keep the 527 * initial s->newrq_func. 528 */ 529 smb2_version = 0x2FF; 530 break; 531 default: 532 return (SDRC_DROP_VC); 533 } 534 535 /* 536 * We did not decode an SMB2 header, so make sure 537 * the SMB2 header fields are initialized. 538 * (Most are zero from smb_request_alloc.) 539 * Also, the SMB1 common dispatch code reserved space 540 * for an SMB1 header, which we need to undo here. 541 */ 542 sr->smb2_reply_hdr = sr->reply.chain_offset = 0; 543 sr->smb2_cmd_code = SMB2_NEGOTIATE; 544 sr->smb2_hdr_flags = SMB2_FLAGS_SERVER_TO_REDIR; 545 546 /* 547 * Also setup SMB2 negotiate args (empty here). 548 * SMB1 args free'd by smb_srm_fini(sr) 549 */ 550 sr->arg.other = smb_srm_zalloc(sr, sizeof (smb2_arg_negotiate_t)); 551 552 (void) smb2_encode_header(sr, B_FALSE); 553 if (smb2_negotiate_common(sr, smb2_version) != 0) 554 sr->smb2_status = NT_STATUS_INTERNAL_ERROR; 555 if (sr->smb2_status != 0) 556 smb2sr_put_error(sr, sr->smb2_status); 557 (void) smb2_encode_header(sr, B_TRUE); 558 559 smb2_send_reply(sr); 560 561 /* 562 * We sent the reply, so tell the SMB1 dispatch 563 * it should NOT (also) send a reply. 564 */ 565 return (SDRC_NO_REPLY); 566 } 567 568 /* 569 * SMB2 Negotiate gets special handling. This is called directly by 570 * the reader thread (see smbsr_newrq_initial) with what _should_ be 571 * an SMB2 Negotiate. Only the "\feSMB" header has been checked 572 * when this is called, so this needs to check the SMB command, 573 * if it's Negotiate execute it, then send the reply, etc. 574 * 575 * Since this is called directly from the reader thread, we 576 * know this is the only thread currently using this session. 577 * This has to duplicate some of what smb2sr_work does as a 578 * result of bypassing the normal dispatch mechanism. 579 * 580 * The caller always frees this request. 581 * 582 * Return value is 0 for success, and anything else will 583 * terminate the reader thread (drop the connection). 584 */ 585 int 586 smb2_newrq_negotiate(smb_request_t *sr) 587 { 588 smb_session_t *s = sr->session; 589 smb2_arg_negotiate_t *nego; 590 int rc; 591 uint32_t nctx_status = 0; 592 uint32_t status = 0; 593 uint32_t neg_ctx_off; 594 uint16_t neg_ctx_cnt; 595 uint16_t struct_size; 596 uint16_t dialect_cnt; 597 uint16_t best_version; 598 599 nego = smb_srm_zalloc(sr, sizeof (smb2_arg_negotiate_t)); 600 sr->arg.other = nego; // for dtrace 601 602 sr->smb2_cmd_hdr = sr->command.chain_offset; 603 rc = smb2_decode_header(sr); 604 if (rc != 0) 605 return (rc); 606 607 if (sr->smb2_hdr_flags & SMB2_FLAGS_SERVER_TO_REDIR) 608 return (-1); 609 610 if ((sr->smb2_cmd_code != SMB2_NEGOTIATE) || 611 (sr->smb2_next_command != 0)) 612 return (-1); 613 614 /* 615 * Decode SMB2 Negotiate (fixed-size part) 616 */ 617 rc = smb_mbc_decodef( 618 &sr->command, "www..l16clw..", 619 &struct_size, /* w */ 620 &dialect_cnt, /* w */ 621 &s->cli_secmode, /* w */ 622 /* reserved (..) */ 623 &s->capabilities, /* l */ 624 s->clnt_uuid, /* 16c */ 625 &neg_ctx_off, /* l */ 626 &neg_ctx_cnt); /* w */ 627 /* reserverd (..) */ 628 if (rc != 0) 629 return (rc); 630 if (struct_size != 36) 631 return (-1); 632 633 /* 634 * Decode SMB2 Negotiate (variable part) 635 * 636 * Be somewhat tolerant while decoding the variable part 637 * so we can return errors instead of dropping the client. 638 * Will limit decoding to the size of cli_dialects here, 639 * and do error checks on the decoded dialect_cnt after the 640 * dtrace start probe. 641 */ 642 if (dialect_cnt > SMB2_NEGOTIATE_MAX_DIALECTS) 643 nego->neg_dialect_cnt = SMB2_NEGOTIATE_MAX_DIALECTS; 644 else 645 nego->neg_dialect_cnt = dialect_cnt; 646 if (nego->neg_dialect_cnt > 0) { 647 rc = smb_mbc_decodef(&sr->command, "#w", 648 nego->neg_dialect_cnt, 649 nego->neg_dialects); 650 if (rc != 0) 651 return (rc); // short msg 652 } 653 654 best_version = smb2_find_best_dialect(s, nego->neg_dialects, 655 nego->neg_dialect_cnt); 656 657 if (best_version >= SMB_VERS_3_11) { 658 nego->neg_in_ctxs.offset = neg_ctx_off; 659 nego->neg_in_ctxs.count = neg_ctx_cnt; 660 nctx_status = smb31_decode_neg_ctxs(sr); 661 /* check nctx_status below */ 662 } 663 664 DTRACE_SMB2_START(op__Negotiate, smb_request_t *, sr); 665 666 sr->smb2_credit_response = 1; 667 sr->smb2_hdr_flags |= SMB2_FLAGS_SERVER_TO_REDIR; 668 (void) smb2_encode_header(sr, B_FALSE); 669 670 /* 671 * NOW start validating things (NOT before here) 672 */ 673 674 /* 675 * [MS-SMB2] 3.3.5.2.4 Verifying the Signature 676 * "If the SMB2 header of the SMB2 NEGOTIATE request has the 677 * SMB2_FLAGS_SIGNED bit set in the Flags field, the server 678 * MUST fail the request with STATUS_INVALID_PARAMETER." 679 */ 680 if ((sr->smb2_hdr_flags & SMB2_FLAGS_SIGNED) != 0) { 681 sr->smb2_hdr_flags &= ~SMB2_FLAGS_SIGNED; 682 status = NT_STATUS_INVALID_PARAMETER; 683 goto errout; 684 } 685 686 /* 687 * [MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request 688 * "If the DialectCount of the SMB2 NEGOTIATE Request is 0, the 689 * server MUST fail the request with STATUS_INVALID_PARAMETER." 690 * Checking the decoded value here, not the constrained one. 691 */ 692 if (dialect_cnt == 0 || 693 dialect_cnt > SMB2_NEGOTIATE_MAX_DIALECTS) { 694 status = NT_STATUS_INVALID_PARAMETER; 695 goto errout; 696 } 697 698 /* 699 * We decoded the offered dialects above, and 700 * determined which was the highest we support. 701 * 702 * [MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request 703 * "If a common dialect is not found, the server MUST fail 704 * the request with STATUS_NOT_SUPPORTED." 705 */ 706 if (best_version == 0) { 707 status = NT_STATUS_NOT_SUPPORTED; 708 goto errout; 709 } 710 711 /* 712 * Check for problems with the negotiate contexts. 713 */ 714 if (nctx_status != 0) { 715 status = nctx_status; 716 goto errout; 717 } 718 719 /* Allow normal SMB2 requests now. */ 720 s->dialect = best_version; 721 s->s_state = SMB_SESSION_STATE_NEGOTIATED; 722 s->newrq_func = smb2sr_newrq; 723 724 if (smb2_negotiate_common(sr, best_version) != 0) 725 status = NT_STATUS_INTERNAL_ERROR; 726 727 if (s->dialect >= SMB_VERS_3_11 && status == 0) { 728 if (smb31_encode_neg_ctxs(sr) != 0) 729 status = NT_STATUS_INTERNAL_ERROR; 730 } 731 732 errout: 733 sr->smb2_status = status; 734 DTRACE_SMB2_DONE(op__Negotiate, smb_request_t *, sr); 735 736 if (sr->smb2_status != 0) 737 smb2sr_put_error(sr, sr->smb2_status); 738 (void) smb2_encode_header(sr, B_TRUE); 739 740 if (s->dialect >= SMB_VERS_3_11 && sr->smb2_status == 0) { 741 ASSERT3U(s->smb31_preauth_hashid, !=, 0); 742 if (smb31_preauth_sha512_calc(sr, &sr->reply, 743 s->smb31_preauth_hashval, 744 s->smb31_preauth_hashval) != 0) 745 cmn_err(CE_WARN, "(1) Preauth hash calculation " 746 "failed"); 747 } 748 749 smb2_send_reply(sr); 750 751 return (rc); 752 } 753 754 /* 755 * Common parts of SMB2 Negotiate, used for both the 756 * SMB1-to-SMB2 style, and straight SMB2 style. 757 * Do negotiation decisions and encode the reply. 758 * The caller does the network send. 759 * 760 * Return value is 0 for success, else error. 761 */ 762 static int 763 smb2_negotiate_common(smb_request_t *sr, uint16_t version) 764 { 765 timestruc_t boot_tv, now_tv; 766 smb_session_t *s = sr->session; 767 smb2_arg_negotiate_t *nego = sr->arg.other; 768 int rc; 769 uint32_t max_rwsize; 770 uint16_t secmode; 771 uint16_t neg_ctx_cnt = 0; 772 uint32_t neg_ctx_off = 0; 773 774 /* 775 * Negotiation itself. First the Security Mode. 776 */ 777 secmode = SMB2_NEGOTIATE_SIGNING_ENABLED; 778 if (sr->sr_cfg->skc_signing_required) 779 secmode |= SMB2_NEGOTIATE_SIGNING_REQUIRED; 780 s->srv_secmode = secmode; 781 782 s->cmd_max_bytes = smb2_tcp_bufsize; 783 s->reply_max_bytes = smb2_tcp_bufsize; 784 785 /* 786 * "The number of credits held by the client MUST be considered 787 * as 1 when the connection is established." [MS-SMB2] 788 * We leave credits at 1 until the first successful 789 * session setup is completed. 790 */ 791 s->s_cur_credits = s->s_max_credits = 1; 792 sr->smb2_credit_response = 1; 793 794 boot_tv.tv_sec = smb_get_boottime(); 795 boot_tv.tv_nsec = 0; 796 now_tv.tv_sec = gethrestime_sec(); 797 now_tv.tv_nsec = 0; 798 799 /* 800 * If the version is 0x2FF, we haven't completed negotiate. 801 * Don't initialize until we have our final request. 802 */ 803 if (version != 0x2FF) 804 smb2_sign_init_mech(s); 805 if (version >= 0x311) 806 smb31_preauth_init_mech(s); 807 808 /* 809 * [MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request 810 * 811 * The SMB2.x capabilities are returned without regard for 812 * what capabilities the client provided in the request. 813 * The SMB3.x capabilities returned are the traditional 814 * logical AND of server and client capabilities, except 815 * for the SMB2.x capabilities which are what the server 816 * supports (regardless of the client capabilities). 817 * 818 * One additional check: If KCF is missing something we 819 * require for encryption, turn off that capability. 820 */ 821 if (s->dialect < SMB_VERS_2_1) { 822 /* SMB 2.002 */ 823 s->srv_cap = smb2srv_capabilities & SMB2_CAP_DFS; 824 } else if (s->dialect < SMB_VERS_3_0) { 825 /* SMB 2.x */ 826 s->srv_cap = smb2srv_capabilities & SMB_2X_CAPS; 827 } else { 828 /* SMB 3.0 or later */ 829 s->srv_cap = smb2srv_capabilities & 830 (SMB_2X_CAPS | s->capabilities); 831 832 if (s->dialect < SMB_VERS_3_11) 833 s->smb31_enc_cipherid = SMB3_CIPHER_AES128_CCM; 834 /* else from negotiate context */ 835 836 if ((s->srv_cap & SMB2_CAP_ENCRYPTION) != 0 && 837 smb3_encrypt_init_mech(s) != 0) { 838 s->srv_cap &= ~SMB2_CAP_ENCRYPTION; 839 } 840 841 if (s->dialect >= SMB_VERS_3_11) { 842 smb2_encrypt_caps_t *encap = 843 &nego->neg_in_ctxs.encrypt_ctx.encrypt_caps; 844 845 neg_ctx_cnt = 1; // always have preauth 846 847 if (encap->encap_cipher_count != 0) 848 neg_ctx_cnt++; 849 850 neg_ctx_off = NEG_CTX_OFFSET_OFFSET + 851 P2ROUNDUP(sr->sr_cfg->skc_negtok_len, 8); 852 853 ASSERT3U(s->smb31_preauth_hashid, !=, 0); 854 855 if (smb31_preauth_sha512_calc(sr, &sr->command, 856 s->smb31_preauth_hashval, 857 s->smb31_preauth_hashval) != 0) 858 cmn_err(CE_WARN, "(0) Preauth hash calculation " 859 "failed"); 860 } 861 } 862 863 /* 864 * See notes above smb2_max_rwsize, smb2_old_rwsize 865 */ 866 if (s->capabilities & SMB2_CAP_LARGE_MTU) 867 max_rwsize = smb2_max_rwsize; 868 else 869 max_rwsize = smb2_old_rwsize; 870 871 rc = smb_mbc_encodef( 872 &sr->reply, 873 "wwww#cllllTTwwl#c", 874 65, /* StructSize */ /* w */ 875 s->srv_secmode, /* w */ 876 version, /* w */ 877 neg_ctx_cnt, /* w */ 878 UUID_LEN, /* # */ 879 &s->s_cfg.skc_machine_uuid, /* c */ 880 s->srv_cap, /* l */ 881 smb2_max_trans, /* l */ 882 max_rwsize, /* l */ 883 max_rwsize, /* l */ 884 &now_tv, /* T */ 885 &boot_tv, /* T */ 886 128, /* SecBufOff */ /* w */ 887 sr->sr_cfg->skc_negtok_len, /* w */ 888 neg_ctx_off, /* l */ 889 sr->sr_cfg->skc_negtok_len, /* # */ 890 sr->sr_cfg->skc_negtok); /* c */ 891 892 /* Note: smb31_encode_neg_ctxs() follows in caller */ 893 894 /* smb2_send_reply(sr); in caller */ 895 896 (void) ksocket_setsockopt(s->sock, SOL_SOCKET, 897 SO_SNDBUF, (const void *)&smb2_tcp_bufsize, 898 sizeof (smb2_tcp_bufsize), CRED()); 899 (void) ksocket_setsockopt(s->sock, SOL_SOCKET, 900 SO_RCVBUF, (const void *)&smb2_tcp_bufsize, 901 sizeof (smb2_tcp_bufsize), CRED()); 902 903 return (rc); 904 } 905 906 /* 907 * SMB2 Dispatch table handler, which will run if we see an 908 * SMB2_NEGOTIATE after the initial negotiation is done. 909 * That would be a protocol error. 910 */ 911 smb_sdrc_t 912 smb2_negotiate(smb_request_t *sr) 913 { 914 sr->smb2_status = NT_STATUS_INVALID_PARAMETER; 915 return (SDRC_ERROR); 916 } 917 918 /* 919 * VALIDATE_NEGOTIATE_INFO [MS-SMB2] 2.2.32.6 920 */ 921 uint32_t 922 smb2_nego_validate(smb_request_t *sr, smb_fsctl_t *fsctl) 923 { 924 smb_session_t *s = sr->session; 925 int rc; 926 927 /* 928 * The spec. says to parse the VALIDATE_NEGOTIATE_INFO here 929 * and verify that the original negotiate was not modified. 930 * 931 * One interesting requirement here is that we MUST reply 932 * with exactly the same information as we returned in our 933 * original reply to the SMB2 negotiate on this session. 934 * If we don't the client closes the connection. 935 */ 936 937 uint32_t capabilities; 938 uint16_t secmode; 939 uint16_t num_dialects; 940 uint16_t dialects[SMB2_NEGOTIATE_MAX_DIALECTS]; 941 uint8_t clnt_guid[16]; 942 943 if (s->dialect >= SMB_VERS_3_11) 944 goto drop; 945 946 /* 947 * [MS-SMB2] 3.3.5.2.4 Verifying the Signature 948 * 949 * If the dialect is SMB3 and the message was successfully 950 * decrypted we MUST skip processing of the signature. 951 */ 952 if (!sr->encrypted && (sr->smb2_hdr_flags & SMB2_FLAGS_SIGNED) == 0) 953 goto drop; 954 955 if (fsctl->InputCount < 24) 956 goto drop; 957 958 (void) smb_mbc_decodef(fsctl->in_mbc, "l16cww", 959 &capabilities, /* l */ 960 &clnt_guid, /* 16c */ 961 &secmode, /* w */ 962 &num_dialects); /* w */ 963 964 if (num_dialects == 0 || num_dialects > SMB2_NEGOTIATE_MAX_DIALECTS) 965 goto drop; 966 if (secmode != s->cli_secmode) 967 goto drop; 968 if (capabilities != s->capabilities) 969 goto drop; 970 if (memcmp(clnt_guid, s->clnt_uuid, sizeof (clnt_guid)) != 0) 971 goto drop; 972 973 rc = smb_mbc_decodef(fsctl->in_mbc, "#w", num_dialects, dialects); 974 if (rc != 0) 975 goto drop; 976 977 /* 978 * MS-SMB2 says we should compare the dialects array with the 979 * one sent previously, but that appears to be unnecessary 980 * as long as we end up with the same dialect. 981 */ 982 if (smb2_find_best_dialect(s, dialects, num_dialects) != s->dialect) 983 goto drop; 984 985 rc = smb_mbc_encodef( 986 fsctl->out_mbc, "l#cww", 987 s->srv_cap, /* l */ 988 UUID_LEN, /* # */ 989 &s->s_cfg.skc_machine_uuid, /* c */ 990 s->srv_secmode, /* w */ 991 s->dialect); /* w */ 992 if (rc == 0) 993 return (rc); 994 995 drop: 996 smb_session_disconnect(s); 997 return (NT_STATUS_ACCESS_DENIED); 998 } 999