1 /*
2 * This file and its contents are supplied under the terms of the
3 * Common Development and Distribution License ("CDDL"), version 1.0.
4 * You may only use this file in accordance with the terms of version
5 * 1.0 of the CDDL.
6 *
7 * A full copy of the text of the CDDL should have accompanied this
8 * source. A copy of the CDDL is also available via the Internet at
9 * http://www.illumos.org/license/CDDL.
10 */
11
12 /*
13 * Copyright 2014 Nexenta Systems, Inc. All rights reserved.
14 */
15
16 /*
17 * Dispatch function for SMB2_SESSION_SETUP
18 *
19 * Note that the Capabilities supplied in this request are an inferior
20 * subset of those given to us previously in the SMB2 Negotiate request.
21 * We need to remember the full set of capabilities from SMB2 Negotiate,
22 * and therefore ignore the subset of capabilities supplied here.
23 */
24
25 #include <smbsrv/smb2_kproto.h>
26
27 static void smb2_ss_adjust_credits(smb_request_t *);
28
29 smb_sdrc_t
30 smb2_session_setup(smb_request_t *sr)
31 {
32 smb_arg_sessionsetup_t *sinfo;
33 uint16_t StructureSize;
34 uint8_t Flags;
35 uint8_t SecurityMode;
36 uint32_t Capabilities; /* ignored - see above */
37 uint32_t Channel;
38 uint16_t SecBufOffset;
39 uint16_t SecBufLength;
40 uint64_t PrevSessionId;
41 uint16_t SessionFlags;
42 uint32_t status;
43 int skip;
44 int rc = 0;
45
46 sinfo = smb_srm_zalloc(sr, sizeof (smb_arg_sessionsetup_t));
47 sr->sr_ssetup = sinfo;
48
49 rc = smb_mbc_decodef(
50 &sr->smb_data, "wbbllwwq",
51 &StructureSize, /* w */
52 &Flags, /* b */
53 &SecurityMode, /* b */
54 &Capabilities, /* l */
55 &Channel, /* l */
56 &SecBufOffset, /* w */
57 &SecBufLength, /* w */
58 &PrevSessionId); /* q */
59 if (rc)
60 return (SDRC_ERROR);
61
62 /*
63 * We're normally positioned at the security buffer now,
64 * but there could be some padding before it.
65 */
66 skip = (SecBufOffset + sr->smb2_cmd_hdr) -
67 sr->smb_data.chain_offset;
68 if (skip < 0)
69 return (SDRC_ERROR);
70 if (skip > 0)
71 (void) smb_mbc_decodef(&sr->smb_data, "#.", skip);
72
73 /*
74 * Get the security buffer
75 */
76 sinfo->ssi_iseclen = SecBufLength;
77 sinfo->ssi_isecblob = smb_srm_zalloc(sr, sinfo->ssi_iseclen);
78 rc = smb_mbc_decodef(&sr->smb_data, "#c",
79 sinfo->ssi_iseclen, sinfo->ssi_isecblob);
80 if (rc)
81 return (SDRC_ERROR);
82
83 /*
84 * The real auth. work happens in here.
85 */
86 status = smb_authenticate_ext(sr);
87
88 SecBufOffset = SMB2_HDR_SIZE + 8;
89 SecBufLength = sinfo->ssi_oseclen;
90 SessionFlags = 0;
91
92 switch (status) {
93
94 case NT_STATUS_SUCCESS: /* Authenticated */
95 if (sr->uid_user->u_flags & SMB_USER_FLAG_GUEST)
96 SessionFlags |= SMB2_SESSION_FLAG_IS_GUEST;
97 if (sr->uid_user->u_flags & SMB_USER_FLAG_ANON)
98 SessionFlags |= SMB2_SESSION_FLAG_IS_NULL;
99 smb2_ss_adjust_credits(sr);
100 break;
101
102 /*
103 * This is not really an error, but tells the client
104 * it should send another session setup request.
105 * Not smb2_put_error because we send a payload.
106 */
107 case NT_STATUS_MORE_PROCESSING_REQUIRED:
108 sr->smb2_status = status;
109 break;
110
111 default:
112 SecBufLength = 0;
113 sr->smb2_status = status;
114 break;
115 }
116
117 /*
118 * SMB2 Session Setup reply
119 */
120
121 rc = smb_mbc_encodef(
122 &sr->reply,
123 "wwww#c",
124 9, /* StructSize */ /* w */
125 SessionFlags, /* w */
126 SecBufOffset, /* w */
127 SecBufLength, /* w */
128 SecBufLength, /* # */
129 sinfo->ssi_osecblob); /* c */
130 if (rc)
131 return (SDRC_ERROR);
132
133 return (SDRC_SUCCESS);
134 }
135
136 /*
137 * After a successful authentication, raise s_max_credits up to the
138 * normal maximum that clients are allowed to request. Also, if we
139 * haven't yet given them their initial credits, do that now.
140 *
141 * Normally, clients will request some credits with session setup,
142 * but in case they don't request enough to raise s_cur_credits
143 * up to the configured initial_credits, increase the requested
144 * credits of this SR sufficiently to make that happen. The actual
145 * increase happens in the dispatch code after we return.
146 */
147 static void
148 smb2_ss_adjust_credits(smb_request_t *sr)
149 {
150 smb_session_t *s = sr->session;
151
152 mutex_enter(&s->s_credits_mutex);
153 s->s_max_credits = s->s_cfg.skc_maximum_credits;
154
155 if (s->s_cur_credits < s->s_cfg.skc_initial_credits) {
156 uint16_t grant;
157
158 /* How many credits we want to grant with this SR. */
159 grant = s->s_cfg.skc_initial_credits - s->s_cur_credits;
160
161 /*
162 * Do we need to increase the smb2_credit_request?
163 * One might prefer to read this expression as:
164 * ((credit_request - credit_charge) < grant)
165 * but we know credit_charge == 1 and would rather not
166 * deal with a possibly negative value on the left,
167 * so adding credit_charge to both sides...
168 */
169 if (sr->smb2_credit_request < (grant + 1)) {
170 sr->smb2_credit_request = (grant + 1);
171 }
172 }
173
174 mutex_exit(&s->s_credits_mutex);
175 }