2 Unix SMB2 implementation.
4 Copyright (C) Andrew Bartlett 2001-2005
5 Copyright (C) Stefan Metzmacher 2005
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 #include "auth/auth.h"
24 #include "libcli/smb2/smb2.h"
25 #include "libcli/smb2/smb2_calls.h"
26 #include "smb_server/smb_server.h"
27 #include "smb_server/smb2/smb2_server.h"
28 #include "smbd/service_stream.h"
30 static NTSTATUS smb2srv_sesssetup_backend(struct smb2srv_request *req, struct smb2_session_setup *io)
33 struct smbsrv_session *smb_sess = NULL;
34 struct auth_session_info *session_info = NULL;
39 io->out.secblob = data_blob(NULL, 0);
41 vuid = BVAL(req->in.hdr, SMB2_HDR_UID);
44 * only when we got '0' we should allocate a new session
47 struct gensec_security *gensec_ctx;
49 status = gensec_server_start(req, &gensec_ctx,
50 req->smb_conn->connection->event.ctx);
51 if (!NT_STATUS_IS_OK(status)) {
52 DEBUG(1, ("Failed to start GENSEC server code: %s\n", nt_errstr(status)));
56 gensec_set_credentials(gensec_ctx, req->smb_conn->negotiate.server_credentials);
58 gensec_set_target_service(gensec_ctx, "cifs");
60 gensec_want_feature(gensec_ctx, GENSEC_FEATURE_SESSION_KEY);
62 status = gensec_start_mech_by_oid(gensec_ctx, GENSEC_OID_SPNEGO);
63 if (!NT_STATUS_IS_OK(status)) {
64 DEBUG(1, ("Failed to start GENSEC SPNEGO server code: %s\n", nt_errstr(status)));
68 /* allocate a new session */
69 smb_sess = smbsrv_session_new(req->smb_conn, gensec_ctx);
70 NT_STATUS_HAVE_NO_MEMORY(smb_sess);
71 status = smbsrv_smb2_init_tcons(smb_sess);
72 if (!NT_STATUS_IS_OK(status)) {
76 /* lookup an existing session */
77 smb_sess = smbsrv_session_find_sesssetup(req->smb_conn, vuid);
81 return NT_STATUS_USER_SESSION_DELETED;
84 if (!smb_sess->gensec_ctx) {
85 status = NT_STATUS_INTERNAL_ERROR;
86 DEBUG(1, ("Internal ERROR: no gensec_ctx on session: %s\n", nt_errstr(status)));
90 status = gensec_update(smb_sess->gensec_ctx, req, io->in.secblob, &io->out.secblob);
91 if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
92 io->out.uid = smb_sess->vuid;
94 } else if (!NT_STATUS_IS_OK(status)) {
98 status = gensec_session_info(smb_sess->gensec_ctx, &session_info);
99 if (!NT_STATUS_IS_OK(status)) {
103 /* Ensure this is marked as a 'real' vuid, not one
104 * simply valid for the session setup leg */
105 status = smbsrv_session_sesssetup_finished(smb_sess, session_info);
106 if (!NT_STATUS_IS_OK(status)) {
109 req->session = smb_sess;
111 io->out.uid = smb_sess->vuid;
115 talloc_free(smb_sess);
116 return auth_nt_status_squash(status);
119 static void smb2srv_sesssetup_send(struct smb2srv_request *req, struct smb2_session_setup *io)
123 if (NT_STATUS_IS_ERR(req->status) && !NT_STATUS_EQUAL(req->status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
124 smb2srv_send_error(req, req->status);
128 status = smb2srv_setup_reply(req, 0x08, io->out.secblob.length);
129 if (!NT_STATUS_IS_OK(status)) {
130 smbsrv_terminate_connection(req->smb_conn, nt_errstr(status));
135 SBVAL(req->out.hdr, SMB2_HDR_UID, io->out.uid);
137 SSVAL(req->out.body, 0x02, io->out._pad);
138 status = smb2_push_o16s16_blob(&req->out, 0x04, io->out.secblob);
139 if (!NT_STATUS_IS_OK(status)) {
140 smbsrv_terminate_connection(req->smb_conn, nt_errstr(status));
145 smb2srv_send_reply(req);
148 void smb2srv_sesssetup_recv(struct smb2srv_request *req)
150 struct smb2_session_setup *io;
153 if (req->in.body_size < 0x10) {
154 smb2srv_send_error(req, NT_STATUS_FOOBAR);
158 io = talloc(req, struct smb2_session_setup);
160 smbsrv_terminate_connection(req->smb_conn, nt_errstr(NT_STATUS_NO_MEMORY));
165 io->in._pad = SVAL(req->in.body, 0x02);
166 io->in.unknown2 = IVAL(req->in.body, 0x04);
167 io->in.unknown3 = IVAL(req->in.body, 0x08);
168 status = smb2_pull_o16s16_blob(&req->in, io, req->in.body+0x0C, &io->in.secblob);
169 if (!NT_STATUS_IS_OK(status)) {
170 smbsrv_terminate_connection(req->smb_conn, nt_errstr(status));
175 req->status = smb2srv_sesssetup_backend(req, io);
177 if (req->control_flags & SMB2SRV_REQ_CTRL_FLAG_NOT_REPLY) {
181 smb2srv_sesssetup_send(req, io);
184 static NTSTATUS smb2srv_logoff_backend(struct smb2srv_request *req)
186 /* TODO: call ntvfs backends to close file of this session */
187 talloc_free(req->session);
192 static void smb2srv_logoff_send(struct smb2srv_request *req)
196 if (NT_STATUS_IS_ERR(req->status)) {
197 smb2srv_send_error(req, req->status);
201 status = smb2srv_setup_reply(req, 0x04, 0);
202 if (!NT_STATUS_IS_OK(status)) {
203 smbsrv_terminate_connection(req->smb_conn, nt_errstr(status));
208 SSVAL(req->out.body, 0x02, 0);
210 smb2srv_send_reply(req);
213 void smb2srv_logoff_recv(struct smb2srv_request *req)
217 if (req->in.body_size < 0x04) {
218 smb2srv_send_error(req, NT_STATUS_FOOBAR);
222 _pad = SVAL(req->in.body, 0x02);
224 req->status = smb2srv_logoff_backend(req);
226 if (req->control_flags & SMB2SRV_REQ_CTRL_FLAG_NOT_REPLY) {
230 smb2srv_logoff_send(req);