1 /* 2 * This file and its contents are supplied under the terms of the 3 * Common Development and Distribution License ("CDDL"), version 1.0. 4 * You may only use this file in accordance with the terms of version 5 * 1.0 of the CDDL. 6 * 7 * A full copy of the text of the CDDL should have accompanied this 8 * source. A copy of the CDDL is also available via the Internet at 9 * http://www.illumos.org/license/CDDL. 10 */ 11 12 /* 13 * Copyright 2019 Nexenta Systems, Inc. All rights reserved. 14 * Copyright 2022 RackTop Systems, Inc. 15 */ 16 17 /* 18 * Dispatch function for SMB2_NEGOTIATE 19 */ 20 21 #include <smbsrv/smb2_kproto.h> 22 #include <smbsrv/smb2.h> 23 #include <sys/random.h> 24 25 /* 26 * Note from [MS-SMB2] Sec. 2.2.3: Windows servers return 27 * invalid parameter if the dialect count is greater than 64 28 * This is here (and not in smb2.h) because this is technically 29 * an implementation detail, not protocol specification. 30 */ 31 #define SMB2_NEGOTIATE_MAX_DIALECTS 64 32 33 static int smb2_negotiate_common(smb_request_t *, uint16_t); 34 35 /* List of supported capabilities. Can be patched for testing. */ 36 uint32_t smb2srv_capabilities = 37 SMB2_CAP_DFS | 38 SMB2_CAP_LEASING | 39 SMB2_CAP_LARGE_MTU | 40 SMB2_CAP_PERSISTENT_HANDLES | 41 SMB2_CAP_ENCRYPTION; 42 43 /* These are the only capabilities defined for SMB2.X */ 44 #define SMB_2X_CAPS (SMB2_CAP_DFS | SMB2_CAP_LEASING | SMB2_CAP_LARGE_MTU) 45 46 /* 47 * These are not intended as customer tunables, but dev. & test folks 48 * might want to adjust them (with caution). 49 * 50 * smb2_tcp_bufsize is the TCP buffer size, applied to the network socket 51 * with setsockopt SO_SNDBUF, SO_RCVBUF. These set the TCP window size. 52 * This is also used as a "sanity limit" for internal send/reply message 53 * allocations. Note that with compounding SMB2 messages may contain 54 * multiple requests/responses. This size should be large enough for 55 * at least a few SMB2 requests, and at least 2X smb2_max_rwsize. 56 * 57 * smb2_max_rwsize is what we put in the SMB2 negotiate response to tell 58 * the client the largest read and write request size we'll support. 59 * For now, we're using contiguous allocations, so keep this at 64KB 60 * so that (even with message overhead) allocations stay below 128KB, 61 * avoiding kmem_alloc -> page_create_va thrashing. 62 * 63 * smb2_max_trans is the largest "transact" send or receive, which is 64 * used for directory listings and info set/get operations. 65 */ 66 uint32_t smb2_tcp_bufsize = (1<<22); /* 4MB */ 67 uint32_t smb2_max_rwsize = (1<<16); /* 64KB */ 68 uint32_t smb2_max_trans = (1<<16); /* 64KB */ 69 70 /* 71 * With clients (e.g. HP scanners) that don't advertise SMB2_CAP_LARGE_MTU 72 * (including all clients using dialect < SMB 2.1), use a "conservative" value 73 * for max r/w size because some older clients misbehave with larger values. 74 * 64KB is recommended in the [MS-SMB2] spec. (3.3.5.3.1 SMB 2.1 or SMB 3.x 75 * Support) as the minimum so we'll use that. 76 */ 77 uint32_t smb2_old_rwsize = (1<<16); /* 64KB */ 78 79 /* 80 * List of all SMB2 versions we implement. Note that the 81 * versions we support may be limited by the 82 * _cfg.skc_max_protocol and min_protocol settings. 83 */ 84 static uint16_t smb2_versions[] = { 85 0x202, /* SMB 2.002 */ 86 0x210, /* SMB 2.1 */ 87 0x300, /* SMB 3.0 */ 88 0x302, /* SMB 3.02 */ 89 0x311, /* SMB 3.11 */ 90 }; 91 static uint16_t smb2_nversions = 92 sizeof (smb2_versions) / sizeof (smb2_versions[0]); 93 94 enum smb2_neg_ctx_type { 95 SMB2_PREAUTH_INTEGRITY_CAPS = 1, 96 SMB2_ENCRYPTION_CAPS = 2, 97 SMB2_COMPRESSION_CAPS = 3, /* not imlemented */ 98 SMB2_NETNAME_NEGOTIATE_CONTEXT_ID = 5 /* not imlemented */ 99 }; 100 101 typedef struct smb2_negotiate_ctx { 102 uint16_t type; 103 uint16_t datalen; 104 } smb2_neg_ctx_t; 105 106 #define SMB31_PREAUTH_CTX_SALT_LEN 32 107 108 /* 109 * SMB 3.1.1 originally specified a single hashing algorithm - SHA-512 - and 110 * two encryption ones - AES-128-CCM and AES-128-GCM. 111 * Windows Server 2022 and Windows 11 introduced two further encryption 112 * algorithms - AES-256-CCM and AES-256-GCM. 113 */ 114 #define MAX_HASHID_NUM (1) 115 #define MAX_CIPHER_NUM (8) 116 117 typedef struct smb2_preauth_integrity_caps { 118 uint16_t picap_hash_count; 119 uint16_t picap_salt_len; 120 uint16_t picap_hash_id; 121 uint8_t picap_salt[SMB31_PREAUTH_CTX_SALT_LEN]; 122 } smb2_preauth_caps_t; 123 124 typedef struct smb2_encryption_caps { 125 uint16_t encap_cipher_count; 126 uint16_t encap_cipher_ids[MAX_CIPHER_NUM]; 127 } smb2_encrypt_caps_t; 128 129 /* 130 * The contexts we support 131 */ 132 typedef struct smb2_preauth_neg_ctx { 133 smb2_neg_ctx_t neg_ctx; 134 smb2_preauth_caps_t preauth_caps; 135 } smb2_preauth_neg_ctx_t; 136 137 typedef struct smb2_encrypt_neg_ctx { 138 smb2_neg_ctx_t neg_ctx; 139 smb2_encrypt_caps_t encrypt_caps; 140 } smb2_encrypt_neg_ctx_t; 141 142 typedef struct smb2_neg_ctxs { 143 uint32_t offset; 144 uint16_t count; 145 smb2_preauth_neg_ctx_t preauth_ctx; 146 smb2_encrypt_neg_ctx_t encrypt_ctx; 147 } smb2_neg_ctxs_t; 148 149 #define NEG_CTX_INFO_OFFSET (SMB2_HDR_SIZE + 28) 150 #define NEG_CTX_OFFSET_OFFSET (SMB2_HDR_SIZE + 64) 151 #define NEG_CTX_MAX_COUNT (16) 152 #define NEG_CTX_MAX_DATALEN (256) 153 154 #define STATUS_SMB_NO_PREAUTH_INEGRITY_HASH_OVERLAP (0xC05D0000) 155 156 #define STATUS_PREAUTH_HASH_OVERLAP \ 157 STATUS_SMB_NO_PREAUTH_INEGRITY_HASH_OVERLAP 158 159 typedef struct smb2_arg_negotiate { 160 struct smb2_neg_ctxs neg_in_ctxs; 161 struct smb2_neg_ctxs neg_out_ctxs; 162 uint16_t neg_dialect_cnt; 163 uint16_t neg_dialects[SMB2_NEGOTIATE_MAX_DIALECTS]; 164 uint16_t neg_highest_dialect; 165 } smb2_arg_negotiate_t; 166 167 168 static boolean_t 169 smb2_supported_version(smb_session_t *s, uint16_t version) 170 { 171 int i; 172 173 if (version > s->s_cfg.skc_max_protocol || 174 version < s->s_cfg.skc_min_protocol) 175 return (B_FALSE); 176 for (i = 0; i < smb2_nversions; i++) 177 if (version == smb2_versions[i]) 178 return (B_TRUE); 179 return (B_FALSE); 180 } 181 182 static uint16_t 183 smb2_find_best_dialect(smb_session_t *s, uint16_t cl_versions[], 184 uint16_t version_cnt) 185 { 186 uint16_t best_version = 0; 187 int i; 188 189 for (i = 0; i < version_cnt; i++) 190 if (smb2_supported_version(s, cl_versions[i]) && 191 best_version < cl_versions[i]) 192 best_version = cl_versions[i]; 193 194 return (best_version); 195 } 196 197 /* 198 * This function should be called only for dialect >= 0x311 199 * Negotiate context list should contain exactly one 200 * SMB2_PREAUTH_INTEGRITY_CAPS context. 201 * Otherwise STATUS_INVALID_PARAMETER. 202 * It should contain at least 1 hash algorith what server does support. 203 * Otehrwise STATUS_SMB_NO_PREAUTH_INEGRITY_HASH_OVERLAP. 204 */ 205 static uint32_t 206 smb31_decode_neg_ctxs(smb_request_t *sr) 207 { 208 smb_session_t *s = sr->session; 209 smb2_arg_negotiate_t *nego = sr->arg.other; 210 smb2_neg_ctxs_t *neg_ctxs = &nego->neg_in_ctxs; 211 smb2_preauth_caps_t *picap = &neg_ctxs->preauth_ctx.preauth_caps; 212 smb2_encrypt_caps_t *encap = &neg_ctxs->encrypt_ctx.encrypt_caps; 213 boolean_t found_sha512 = B_FALSE; 214 boolean_t found_cipher = B_FALSE; 215 uint32_t ciphers = sr->sr_server->sv_cfg.skc_encrypt_ciphers; 216 uint32_t status = 0; 217 int32_t skip; 218 int found_preauth_ctx = 0; 219 int found_encrypt_ctx = 0; 220 int cnt, i; 221 int rc; 222 223 /* 224 * There should be exactly 1 SMB2_PREAUTH_INTEGRITY_CAPS negotiate ctx. 225 * SMB2_ENCRYPTION_CAPS is optional one. 226 * If there is no contexts or there are to many then stop parsing. 227 */ 228 cnt = neg_ctxs->count; 229 if (cnt < 1 || cnt > NEG_CTX_MAX_COUNT) { 230 status = NT_STATUS_INVALID_PARAMETER; 231 goto errout; 232 } 233 234 /* 235 * Cannot proceed parsing if the first context isn't aligned by 8. 236 */ 237 if (neg_ctxs->offset % 8 != 0) { 238 status = NT_STATUS_INVALID_PARAMETER; 239 goto errout; 240 } 241 242 if ((skip = neg_ctxs->offset - sr->command.chain_offset) != 0 && 243 smb_mbc_decodef(&sr->command, "#.", skip) != 0) { 244 status = NT_STATUS_INVALID_PARAMETER; 245 goto errout; 246 } 247 248 /* 249 * Parse negotiate contexts. Ignore non-decoding errors to fill 250 * as much as possible data for dtrace probe. 251 */ 252 for (i = 0; i < cnt; i++) { 253 smb2_neg_ctx_t neg_ctx; 254 int32_t ctx_end_off; 255 int32_t ctx_next_off; 256 257 if (i > 0) { 258 if ((skip = ctx_next_off - ctx_end_off) != 0 && 259 smb_mbc_decodef(&sr->command, "#.", skip) != 0) { 260 status = NT_STATUS_INVALID_PARAMETER; 261 goto errout; 262 } 263 } 264 265 rc = smb_mbc_decodef( 266 &sr->command, "ww4.", 267 &neg_ctx.type, /* w */ 268 &neg_ctx.datalen); /* w */ 269 if (rc != 0) { 270 status = NT_STATUS_INVALID_PARAMETER; 271 goto errout; 272 } 273 274 /* 275 * We got something crazy 276 */ 277 if (neg_ctx.datalen > NEG_CTX_MAX_DATALEN) { 278 status = NT_STATUS_INVALID_PARAMETER; 279 goto errout; 280 } 281 282 ctx_end_off = sr->command.chain_offset + neg_ctx.datalen; 283 ctx_next_off = P2ROUNDUP(ctx_end_off, 8); 284 285 switch (neg_ctx.type) { 286 case SMB2_PREAUTH_INTEGRITY_CAPS: 287 memcpy(&neg_ctxs->preauth_ctx.neg_ctx, &neg_ctx, 288 sizeof (neg_ctx)); 289 290 if (found_preauth_ctx++ != 0) { 291 status = NT_STATUS_INVALID_PARAMETER; 292 continue; 293 } 294 295 rc = smb_mbc_decodef( 296 &sr->command, "ww", 297 &picap->picap_hash_count, /* w */ 298 &picap->picap_salt_len); /* w */ 299 if (rc != 0 || picap->picap_hash_count > 300 MAX_HASHID_NUM) { 301 status = NT_STATUS_INVALID_PARAMETER; 302 goto errout; 303 } 304 305 /* 306 * Get hash id 307 */ 308 rc = smb_mbc_decodef( 309 &sr->command, "#w", 310 picap->picap_hash_count, 311 &picap->picap_hash_id); /* w */ 312 if (rc != 0) { 313 status = NT_STATUS_INVALID_PARAMETER; 314 goto errout; 315 } 316 317 /* 318 * Get salt 319 */ 320 rc = smb_mbc_decodef( 321 &sr->command, "#c", 322 sizeof (picap->picap_salt), 323 &picap->picap_salt[0]); /* w */ 324 if (rc != 0) { 325 status = NT_STATUS_INVALID_PARAMETER; 326 goto errout; 327 } 328 329 /* 330 * In SMB 0x311 there should be exactly 1 preauth 331 * negotiate context, and there should be exactly 1 332 * hash value in the list - SHA512. 333 */ 334 if (picap->picap_hash_count != 1) { 335 status = NT_STATUS_INVALID_PARAMETER; 336 continue; 337 } 338 339 if (picap->picap_hash_id == SMB3_HASH_SHA512) 340 found_sha512 = B_TRUE; 341 break; 342 case SMB2_ENCRYPTION_CAPS: 343 memcpy(&neg_ctxs->preauth_ctx.neg_ctx, &neg_ctx, 344 sizeof (neg_ctx)); 345 346 if (found_encrypt_ctx++ != 0) { 347 status = NT_STATUS_INVALID_PARAMETER; 348 continue; 349 } 350 351 rc = smb_mbc_decodef( 352 &sr->command, "w", 353 &encap->encap_cipher_count); /* w */ 354 if (rc != 0 || encap->encap_cipher_count > 355 MAX_CIPHER_NUM) { 356 status = NT_STATUS_INVALID_PARAMETER; 357 goto errout; 358 } 359 360 /* 361 * Get cipher list 362 */ 363 rc = smb_mbc_decodef( 364 &sr->command, "#w", 365 encap->encap_cipher_count, 366 &encap->encap_cipher_ids[0]); /* w */ 367 if (rc != 0) { 368 status = NT_STATUS_INVALID_PARAMETER; 369 goto errout; 370 } 371 372 /* 373 * Select the first enabled cipher. 374 * Client should list more prioritized ciphers first. 375 */ 376 for (int k = 0; k < encap->encap_cipher_count; k++) { 377 uint16_t c = encap->encap_cipher_ids[k]; 378 379 if (c <= SMB3_CIPHER_MAX && 380 (SMB3_CIPHER_BIT(c) & ciphers) != 0) { 381 s->smb31_enc_cipherid = c; 382 found_cipher = B_TRUE; 383 break; 384 } 385 } 386 break; 387 default: 388 ; 389 } 390 } 391 392 if (status) 393 goto errout; 394 395 /* Not found mandatory SMB2_PREAUTH_INTEGRITY_CAPS ctx */ 396 if (found_preauth_ctx != 1 || found_encrypt_ctx > 1) { 397 status = NT_STATUS_INVALID_PARAMETER; 398 goto errout; 399 } 400 401 if (!found_sha512) { 402 status = STATUS_PREAUTH_HASH_OVERLAP; 403 goto errout; 404 } 405 406 s->smb31_preauth_hashid = SMB3_HASH_SHA512; 407 408 if (!found_cipher) 409 s->smb31_enc_cipherid = 0; 410 411 /* Initialize out = in */ 412 nego->neg_out_ctxs = nego->neg_in_ctxs; 413 414 errout: 415 return (status); 416 } 417 418 static int 419 smb31_encode_neg_ctxs(smb_request_t *sr) 420 { 421 smb_session_t *s = sr->session; 422 smb2_arg_negotiate_t *nego = sr->arg.other; 423 smb2_neg_ctxs_t *neg_ctxs = &nego->neg_out_ctxs; 424 smb2_preauth_caps_t *picap = &neg_ctxs->preauth_ctx.preauth_caps; 425 smb2_encrypt_caps_t *encap = &neg_ctxs->encrypt_ctx.encrypt_caps; 426 uint16_t salt_len = sizeof (picap->picap_salt); 427 uint32_t preauth_ctx_len = 6 + salt_len; 428 uint32_t enc_ctx_len = 4; 429 uint32_t neg_ctx_off = NEG_CTX_OFFSET_OFFSET + 430 P2ROUNDUP(sr->sr_cfg->skc_negtok_len, 8); 431 uint32_t rc; 432 433 if ((rc = smb_mbc_put_align(&sr->reply, 8)) != 0) 434 return (rc); 435 436 ASSERT3S(neg_ctx_off, ==, sr->reply.chain_offset); 437 438 picap->picap_hash_id = s->smb31_preauth_hashid; 439 picap->picap_salt_len = salt_len; 440 441 (void) random_get_pseudo_bytes(picap->picap_salt, salt_len); 442 443 rc = smb_mbc_encodef( 444 &sr->reply, "ww4.", 445 SMB2_PREAUTH_INTEGRITY_CAPS, 446 preauth_ctx_len 447 /* 4. */); /* reserved */ 448 if (rc != 0) 449 return (rc); 450 451 rc = smb_mbc_encodef( 452 &sr->reply, "www#c", 453 1, /* hash algo count */ 454 salt_len, /* salt length */ 455 s->smb31_preauth_hashid, /* hash id */ 456 salt_len, /* salt length */ 457 picap->picap_salt); 458 if (rc != 0) 459 return (rc); 460 461 /* 462 * If we did not get SMB2_ENCRYPTION_CAPS, don't send one. 463 */ 464 if (encap->encap_cipher_count == 0) 465 return (0); 466 467 /* 468 * Encode SMB2_ENCRYPTION_CAPS response. 469 */ 470 if ((rc = smb_mbc_put_align(&sr->reply, 8)) != 0) 471 return (rc); 472 473 rc = smb_mbc_encodef( 474 &sr->reply, "ww4.", 475 SMB2_ENCRYPTION_CAPS, 476 enc_ctx_len 477 /* 4. */); /* reserved */ 478 479 rc = smb_mbc_encodef( 480 &sr->reply, "ww", 481 1, /* cipher count */ 482 s->smb31_enc_cipherid); /* encrypt. cipher id */ 483 484 return (rc); 485 } 486 487 /* 488 * Helper for the (SMB1) smb_com_negotiate(). This is the 489 * very unusual protocol interaction where an SMB1 negotiate 490 * gets an SMB2 negotiate response. This is the normal way 491 * clients first find out if the server supports SMB2. 492 * 493 * Note: This sends an SMB2 reply _itself_ and then returns 494 * SDRC_NO_REPLY so the caller will not send an SMB1 reply. 495 * Also, this is called directly from the reader thread, so 496 * we know this is the only thread using this session. 497 * Otherwise, this is similar to smb2_newrq_negotiate(). 498 * 499 * The caller frees this request. 500 */ 501 smb_sdrc_t 502 smb1_negotiate_smb2(smb_request_t *sr) 503 { 504 smb_session_t *s = sr->session; 505 smb_arg_negotiate_t *negprot = sr->sr_negprot; 506 uint16_t smb2_version; 507 508 /* 509 * Note: In the SMB1 negotiate command handler, we 510 * agreed with one of the SMB2 dialects. If that 511 * dialect was "SMB 2.002", we'll respond here with 512 * version 0x202 and negotiation is done. If that 513 * dialect was "SMB 2.???", we'll respond here with 514 * the "wildcard" version 0x2FF, and the client will 515 * come back with an SMB2 negotiate. 516 */ 517 switch (negprot->ni_dialect) { 518 case DIALECT_SMB2002: /* SMB 2.002 (a.k.a. SMB2.0) */ 519 smb2_version = SMB_VERS_2_002; 520 s->dialect = smb2_version; 521 s->s_state = SMB_SESSION_STATE_NEGOTIATED; 522 /* Allow normal SMB2 requests now. */ 523 s->newrq_func = smb2sr_newrq; 524 break; 525 case DIALECT_SMB2XXX: /* SMB 2.??? (wildcard vers) */ 526 /* 527 * Expecting an SMB2 negotiate next, so keep the 528 * initial s->newrq_func. 529 */ 530 smb2_version = 0x2FF; 531 break; 532 default: 533 return (SDRC_DROP_VC); 534 } 535 536 /* 537 * We did not decode an SMB2 header, so make sure 538 * the SMB2 header fields are initialized. 539 * (Most are zero from smb_request_alloc.) 540 * Also, the SMB1 common dispatch code reserved space 541 * for an SMB1 header, which we need to undo here. 542 */ 543 sr->smb2_reply_hdr = sr->reply.chain_offset = 0; 544 sr->smb2_cmd_code = SMB2_NEGOTIATE; 545 sr->smb2_hdr_flags = SMB2_FLAGS_SERVER_TO_REDIR; 546 547 /* 548 * Also setup SMB2 negotiate args (empty here). 549 * SMB1 args free'd by smb_srm_fini(sr) 550 */ 551 sr->arg.other = smb_srm_zalloc(sr, sizeof (smb2_arg_negotiate_t)); 552 553 (void) smb2_encode_header(sr, B_FALSE); 554 if (smb2_negotiate_common(sr, smb2_version) != 0) 555 sr->smb2_status = NT_STATUS_INTERNAL_ERROR; 556 if (sr->smb2_status != 0) 557 smb2sr_put_error(sr, sr->smb2_status); 558 (void) smb2_encode_header(sr, B_TRUE); 559 560 smb2_send_reply(sr); 561 562 /* 563 * We sent the reply, so tell the SMB1 dispatch 564 * it should NOT (also) send a reply. 565 */ 566 return (SDRC_NO_REPLY); 567 } 568 569 /* 570 * SMB2 Negotiate gets special handling. This is called directly by 571 * the reader thread (see smbsr_newrq_initial) with what _should_ be 572 * an SMB2 Negotiate. Only the "\feSMB" header has been checked 573 * when this is called, so this needs to check the SMB command, 574 * if it's Negotiate execute it, then send the reply, etc. 575 * 576 * Since this is called directly from the reader thread, we 577 * know this is the only thread currently using this session. 578 * This has to duplicate some of what smb2sr_work does as a 579 * result of bypassing the normal dispatch mechanism. 580 * 581 * The caller always frees this request. 582 * 583 * Return value is 0 for success, and anything else will 584 * terminate the reader thread (drop the connection). 585 */ 586 int 587 smb2_newrq_negotiate(smb_request_t *sr) 588 { 589 smb_session_t *s = sr->session; 590 smb2_arg_negotiate_t *nego; 591 int rc; 592 uint32_t nctx_status = 0; 593 uint32_t status = 0; 594 uint32_t neg_ctx_off; 595 uint16_t neg_ctx_cnt; 596 uint16_t struct_size; 597 uint16_t dialect_cnt; 598 uint16_t best_version; 599 600 nego = smb_srm_zalloc(sr, sizeof (smb2_arg_negotiate_t)); 601 sr->arg.other = nego; // for dtrace 602 603 sr->smb2_cmd_hdr = sr->command.chain_offset; 604 rc = smb2_decode_header(sr); 605 if (rc != 0) 606 return (rc); 607 608 if (sr->smb2_hdr_flags & SMB2_FLAGS_SERVER_TO_REDIR) 609 return (-1); 610 611 if ((sr->smb2_cmd_code != SMB2_NEGOTIATE) || 612 (sr->smb2_next_command != 0)) 613 return (-1); 614 615 /* 616 * Decode SMB2 Negotiate (fixed-size part) 617 */ 618 rc = smb_mbc_decodef( 619 &sr->command, "www..l16clw..", 620 &struct_size, /* w */ 621 &dialect_cnt, /* w */ 622 &s->cli_secmode, /* w */ 623 /* reserved (..) */ 624 &s->capabilities, /* l */ 625 s->clnt_uuid, /* 16c */ 626 &neg_ctx_off, /* l */ 627 &neg_ctx_cnt); /* w */ 628 /* reserverd (..) */ 629 if (rc != 0) 630 return (rc); 631 if (struct_size != 36) 632 return (-1); 633 634 /* 635 * Decode SMB2 Negotiate (variable part) 636 * 637 * Be somewhat tolerant while decoding the variable part 638 * so we can return errors instead of dropping the client. 639 * Will limit decoding to the size of cli_dialects here, 640 * and do error checks on the decoded dialect_cnt after the 641 * dtrace start probe. 642 */ 643 if (dialect_cnt > SMB2_NEGOTIATE_MAX_DIALECTS) 644 nego->neg_dialect_cnt = SMB2_NEGOTIATE_MAX_DIALECTS; 645 else 646 nego->neg_dialect_cnt = dialect_cnt; 647 if (nego->neg_dialect_cnt > 0) { 648 rc = smb_mbc_decodef(&sr->command, "#w", 649 nego->neg_dialect_cnt, 650 nego->neg_dialects); 651 if (rc != 0) 652 return (rc); // short msg 653 } 654 655 best_version = smb2_find_best_dialect(s, nego->neg_dialects, 656 nego->neg_dialect_cnt); 657 658 if (best_version >= SMB_VERS_3_11) { 659 nego->neg_in_ctxs.offset = neg_ctx_off; 660 nego->neg_in_ctxs.count = neg_ctx_cnt; 661 nctx_status = smb31_decode_neg_ctxs(sr); 662 /* check nctx_status below */ 663 } 664 665 DTRACE_SMB2_START(op__Negotiate, smb_request_t *, sr); 666 667 sr->smb2_credit_response = 1; 668 sr->smb2_hdr_flags |= SMB2_FLAGS_SERVER_TO_REDIR; 669 (void) smb2_encode_header(sr, B_FALSE); 670 671 /* 672 * NOW start validating things (NOT before here) 673 */ 674 675 /* 676 * [MS-SMB2] 3.3.5.2.4 Verifying the Signature 677 * "If the SMB2 header of the SMB2 NEGOTIATE request has the 678 * SMB2_FLAGS_SIGNED bit set in the Flags field, the server 679 * MUST fail the request with STATUS_INVALID_PARAMETER." 680 */ 681 if ((sr->smb2_hdr_flags & SMB2_FLAGS_SIGNED) != 0) { 682 sr->smb2_hdr_flags &= ~SMB2_FLAGS_SIGNED; 683 status = NT_STATUS_INVALID_PARAMETER; 684 goto errout; 685 } 686 687 /* 688 * [MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request 689 * "If the DialectCount of the SMB2 NEGOTIATE Request is 0, the 690 * server MUST fail the request with STATUS_INVALID_PARAMETER." 691 * Checking the decoded value here, not the constrained one. 692 */ 693 if (dialect_cnt == 0 || 694 dialect_cnt > SMB2_NEGOTIATE_MAX_DIALECTS) { 695 status = NT_STATUS_INVALID_PARAMETER; 696 goto errout; 697 } 698 699 /* 700 * We decoded the offered dialects above, and 701 * determined which was the highest we support. 702 * 703 * [MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request 704 * "If a common dialect is not found, the server MUST fail 705 * the request with STATUS_NOT_SUPPORTED." 706 */ 707 if (best_version == 0) { 708 status = NT_STATUS_NOT_SUPPORTED; 709 goto errout; 710 } 711 712 /* 713 * Check for problems with the negotiate contexts. 714 */ 715 if (nctx_status != 0) { 716 status = nctx_status; 717 goto errout; 718 } 719 720 /* Allow normal SMB2 requests now. */ 721 s->dialect = best_version; 722 s->s_state = SMB_SESSION_STATE_NEGOTIATED; 723 s->newrq_func = smb2sr_newrq; 724 725 if (smb2_negotiate_common(sr, best_version) != 0) 726 status = NT_STATUS_INTERNAL_ERROR; 727 728 if (s->dialect >= SMB_VERS_3_11 && status == 0) { 729 if (smb31_encode_neg_ctxs(sr) != 0) 730 status = NT_STATUS_INTERNAL_ERROR; 731 } 732 733 errout: 734 sr->smb2_status = status; 735 DTRACE_SMB2_DONE(op__Negotiate, smb_request_t *, sr); 736 737 if (sr->smb2_status != 0) 738 smb2sr_put_error(sr, sr->smb2_status); 739 (void) smb2_encode_header(sr, B_TRUE); 740 741 if (s->dialect >= SMB_VERS_3_11 && sr->smb2_status == 0) { 742 ASSERT3U(s->smb31_preauth_hashid, !=, 0); 743 if (smb31_preauth_sha512_calc(sr, &sr->reply, 744 s->smb31_preauth_hashval, 745 s->smb31_preauth_hashval) != 0) 746 cmn_err(CE_WARN, "(1) Preauth hash calculation " 747 "failed"); 748 } 749 750 smb2_send_reply(sr); 751 752 return (rc); 753 } 754 755 /* 756 * Common parts of SMB2 Negotiate, used for both the 757 * SMB1-to-SMB2 style, and straight SMB2 style. 758 * Do negotiation decisions and encode the reply. 759 * The caller does the network send. 760 * 761 * Return value is 0 for success, else error. 762 */ 763 static int 764 smb2_negotiate_common(smb_request_t *sr, uint16_t version) 765 { 766 timestruc_t boot_tv, now_tv; 767 smb_session_t *s = sr->session; 768 smb2_arg_negotiate_t *nego = sr->arg.other; 769 int rc; 770 uint32_t max_rwsize; 771 uint16_t secmode; 772 uint16_t neg_ctx_cnt = 0; 773 uint32_t neg_ctx_off = 0; 774 775 /* 776 * Negotiation itself. First the Security Mode. 777 */ 778 secmode = SMB2_NEGOTIATE_SIGNING_ENABLED; 779 if (sr->sr_cfg->skc_signing_required) 780 secmode |= SMB2_NEGOTIATE_SIGNING_REQUIRED; 781 s->srv_secmode = secmode; 782 783 s->cmd_max_bytes = smb2_tcp_bufsize; 784 s->reply_max_bytes = smb2_tcp_bufsize; 785 786 /* 787 * "The number of credits held by the client MUST be considered 788 * as 1 when the connection is established." [MS-SMB2] 789 * We leave credits at 1 until the first successful 790 * session setup is completed. 791 */ 792 s->s_cur_credits = s->s_max_credits = 1; 793 sr->smb2_credit_response = 1; 794 795 boot_tv.tv_sec = smb_get_boottime(); 796 boot_tv.tv_nsec = 0; 797 now_tv.tv_sec = gethrestime_sec(); 798 now_tv.tv_nsec = 0; 799 800 /* 801 * If the version is 0x2FF, we haven't completed negotiate. 802 * Don't initialize until we have our final request. 803 */ 804 if (version != 0x2FF) 805 smb2_sign_init_mech(s); 806 if (version >= 0x311) 807 smb31_preauth_init_mech(s); 808 809 /* 810 * [MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request 811 * 812 * The SMB2.x capabilities are returned without regard for 813 * what capabilities the client provided in the request. 814 * The SMB3.x capabilities returned are the traditional 815 * logical AND of server and client capabilities, except 816 * for the SMB2.x capabilities which are what the server 817 * supports (regardless of the client capabilities). 818 * 819 * One additional check: If KCF is missing something we 820 * require for encryption, turn off that capability. 821 */ 822 if (s->dialect < SMB_VERS_2_1) { 823 /* SMB 2.002 */ 824 s->srv_cap = smb2srv_capabilities & SMB2_CAP_DFS; 825 } else if (s->dialect < SMB_VERS_3_0) { 826 /* SMB 2.x */ 827 s->srv_cap = smb2srv_capabilities & SMB_2X_CAPS; 828 } else { 829 /* SMB 3.0 or later */ 830 s->srv_cap = smb2srv_capabilities & 831 (SMB_2X_CAPS | s->capabilities); 832 833 if (s->dialect < SMB_VERS_3_11) 834 s->smb31_enc_cipherid = SMB3_CIPHER_AES128_CCM; 835 /* else from negotiate context */ 836 837 if ((s->srv_cap & SMB2_CAP_ENCRYPTION) != 0 && 838 smb3_encrypt_init_mech(s) != 0) { 839 s->srv_cap &= ~SMB2_CAP_ENCRYPTION; 840 } 841 842 if (s->dialect >= SMB_VERS_3_11) { 843 smb2_encrypt_caps_t *encap = 844 &nego->neg_in_ctxs.encrypt_ctx.encrypt_caps; 845 846 neg_ctx_cnt = 1; // always have preauth 847 848 if (encap->encap_cipher_count != 0) 849 neg_ctx_cnt++; 850 851 neg_ctx_off = NEG_CTX_OFFSET_OFFSET + 852 P2ROUNDUP(sr->sr_cfg->skc_negtok_len, 8); 853 854 ASSERT3U(s->smb31_preauth_hashid, !=, 0); 855 856 if (smb31_preauth_sha512_calc(sr, &sr->command, 857 s->smb31_preauth_hashval, 858 s->smb31_preauth_hashval) != 0) 859 cmn_err(CE_WARN, "(0) Preauth hash calculation " 860 "failed"); 861 } 862 } 863 864 /* 865 * See notes above smb2_max_rwsize, smb2_old_rwsize 866 */ 867 if (s->capabilities & SMB2_CAP_LARGE_MTU) 868 max_rwsize = smb2_max_rwsize; 869 else 870 max_rwsize = smb2_old_rwsize; 871 872 rc = smb_mbc_encodef( 873 &sr->reply, 874 "wwww#cllllTTwwl#c", 875 65, /* StructSize */ /* w */ 876 s->srv_secmode, /* w */ 877 version, /* w */ 878 neg_ctx_cnt, /* w */ 879 UUID_LEN, /* # */ 880 &s->s_cfg.skc_machine_uuid, /* c */ 881 s->srv_cap, /* l */ 882 smb2_max_trans, /* l */ 883 max_rwsize, /* l */ 884 max_rwsize, /* l */ 885 &now_tv, /* T */ 886 &boot_tv, /* T */ 887 128, /* SecBufOff */ /* w */ 888 sr->sr_cfg->skc_negtok_len, /* w */ 889 neg_ctx_off, /* l */ 890 sr->sr_cfg->skc_negtok_len, /* # */ 891 sr->sr_cfg->skc_negtok); /* c */ 892 893 /* Note: smb31_encode_neg_ctxs() follows in caller */ 894 895 /* smb2_send_reply(sr); in caller */ 896 897 (void) ksocket_setsockopt(s->sock, SOL_SOCKET, 898 SO_SNDBUF, (const void *)&smb2_tcp_bufsize, 899 sizeof (smb2_tcp_bufsize), CRED()); 900 (void) ksocket_setsockopt(s->sock, SOL_SOCKET, 901 SO_RCVBUF, (const void *)&smb2_tcp_bufsize, 902 sizeof (smb2_tcp_bufsize), CRED()); 903 904 return (rc); 905 } 906 907 /* 908 * SMB2 Dispatch table handler, which will run if we see an 909 * SMB2_NEGOTIATE after the initial negotiation is done. 910 * That would be a protocol error. 911 */ 912 smb_sdrc_t 913 smb2_negotiate(smb_request_t *sr) 914 { 915 sr->smb2_status = NT_STATUS_INVALID_PARAMETER; 916 return (SDRC_ERROR); 917 } 918 919 /* 920 * VALIDATE_NEGOTIATE_INFO [MS-SMB2] 2.2.32.6 921 */ 922 uint32_t 923 smb2_nego_validate(smb_request_t *sr, smb_fsctl_t *fsctl) 924 { 925 smb_session_t *s = sr->session; 926 int rc; 927 928 /* 929 * The spec. says to parse the VALIDATE_NEGOTIATE_INFO here 930 * and verify that the original negotiate was not modified. 931 * 932 * One interesting requirement here is that we MUST reply 933 * with exactly the same information as we returned in our 934 * original reply to the SMB2 negotiate on this session. 935 * If we don't the client closes the connection. 936 */ 937 938 uint32_t capabilities; 939 uint16_t secmode; 940 uint16_t num_dialects; 941 uint16_t dialects[SMB2_NEGOTIATE_MAX_DIALECTS]; 942 uint8_t clnt_guid[16]; 943 944 if (s->dialect >= SMB_VERS_3_11) 945 goto drop; 946 947 /* 948 * [MS-SMB2] 3.3.5.2.4 Verifying the Signature 949 * 950 * If the dialect is SMB3 and the message was successfully 951 * decrypted we MUST skip processing of the signature. 952 */ 953 if (!sr->encrypted && (sr->smb2_hdr_flags & SMB2_FLAGS_SIGNED) == 0) 954 goto drop; 955 956 if (fsctl->InputCount < 24) 957 goto drop; 958 959 (void) smb_mbc_decodef(fsctl->in_mbc, "l16cww", 960 &capabilities, /* l */ 961 &clnt_guid, /* 16c */ 962 &secmode, /* w */ 963 &num_dialects); /* w */ 964 965 if (num_dialects == 0 || num_dialects > SMB2_NEGOTIATE_MAX_DIALECTS) 966 goto drop; 967 if (secmode != s->cli_secmode) 968 goto drop; 969 if (capabilities != s->capabilities) 970 goto drop; 971 if (memcmp(clnt_guid, s->clnt_uuid, sizeof (clnt_guid)) != 0) 972 goto drop; 973 974 rc = smb_mbc_decodef(fsctl->in_mbc, "#w", num_dialects, dialects); 975 if (rc != 0) 976 goto drop; 977 978 /* 979 * MS-SMB2 says we should compare the dialects array with the 980 * one sent previously, but that appears to be unnecessary 981 * as long as we end up with the same dialect. 982 */ 983 if (smb2_find_best_dialect(s, dialects, num_dialects) != s->dialect) 984 goto drop; 985 986 rc = smb_mbc_encodef( 987 fsctl->out_mbc, "l#cww", 988 s->srv_cap, /* l */ 989 UUID_LEN, /* # */ 990 &s->s_cfg.skc_machine_uuid, /* c */ 991 s->srv_secmode, /* w */ 992 s->dialect); /* w */ 993 if (rc == 0) 994 return (rc); 995 996 drop: 997 smb_session_disconnect(s); 998 return (NT_STATUS_ACCESS_DENIED); 999 } 1000