Print this page
NEX-5665 SMB2 oplock leases
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
NEX-5665 SMB2 oplock leases
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
NEX-1643 dtrace provider for smbsrv
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Matt Barden <matt.barden@nexenta.com>
NEX-5273 SMB 3 Encryption
Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
SUP-672 Zero-padded IP address strings returned by SMB server...
Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>
Reviewed by: Kevin Crowe <kevin.crowe@nexenta.com>
SUP-866 smbd lwps stuck in libsocket recv() for no apparent reason
SMB-152 mem leak in smb_authenticate_ext/smb_authsock_sendrecv
SMB-55 SMB2 signing
SMB-11 SMB2 message parse & dispatch
SMB-12 SMB2 Negotiate Protocol
SMB-13 SMB2 Session Setup
SMB-14 SMB2 Logoff
SMB-15 SMB2 Tree Connect
SMB-16 SMB2 Tree Disconnect
SMB-17 SMB2 Create
SMB-18 SMB2 Close
SMB-19 SMB2 Flush
SMB-20 SMB2 Read
SMB-21 SMB2 Write
SMB-22 SMB2 Lock/Unlock
SMB-23 SMB2 Ioctl
SMB-24 SMB2 Cancel
SMB-25 SMB2 Echo
SMB-26 SMB2 Query Dir
SMB-27 SMB2 Change Notify
SMB-28 SMB2 Query Info
SMB-29 SMB2 Set Info
SMB-30 SMB2 Oplocks
SMB-53 SMB2 Create Context options
(SMB2 code review cleanup 1, 2, 3)
SMB-56 extended security NTLMSSP, inbound
SMB-50 User-mode SMB server
Includes work by these authors:
Thomas Keiser <thomas.keiser@nexenta.com>
Albert Lee <trisk@nexenta.com>
SUP-694 panic on bad mutex in smb_event_wait()
SMB-65 SMB server in non-global zones (data structure changes)
Many things move to the smb_server_t object, and
many functions gain an sv arg (which server).
*** 18,28 ****
*
* CDDL HEADER END
*/
/*
* Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
! * Copyright 2014 Nexenta Systems, Inc. All rights reserved.
*/
#include <sys/types.h>
#include <sys/sid.h>
#include <sys/priv_names.h>
--- 18,28 ----
*
* CDDL HEADER END
*/
/*
* Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
! * Copyright 2017 Nexenta Systems, Inc. All rights reserved.
*/
#include <sys/types.h>
#include <sys/sid.h>
#include <sys/priv_names.h>
*** 187,208 ****
cmn_err(CE_NOTE,
"SmbSessonSetupX: client %s invalid request",
sr->session->ip_addr_str);
}
! DTRACE_SMB_2(op__SessionSetupX__start, smb_request_t *, sr,
! smb_arg_sessionsetup_t, sinfo);
return ((rc == 0) ? SDRC_SUCCESS : SDRC_ERROR);
}
void
smb_post_session_setup_andx(smb_request_t *sr)
{
smb_arg_sessionsetup_t *sinfo = sr->sr_ssetup;
! DTRACE_SMB_2(op__SessionSetupX__done, smb_request_t *, sr,
! smb_arg_sessionsetup_t, sinfo);
if (sinfo->ssi_lmpwd != NULL)
bzero(sinfo->ssi_lmpwd, sinfo->ssi_lmpwlen);
if (sinfo->ssi_ntpwd != NULL)
--- 187,206 ----
cmn_err(CE_NOTE,
"SmbSessonSetupX: client %s invalid request",
sr->session->ip_addr_str);
}
! DTRACE_SMB_START(op__SessionSetupX, smb_request_t *, sr);
return ((rc == 0) ? SDRC_SUCCESS : SDRC_ERROR);
}
void
smb_post_session_setup_andx(smb_request_t *sr)
{
smb_arg_sessionsetup_t *sinfo = sr->sr_ssetup;
! DTRACE_SMB_DONE(op__SessionSetupX, smb_request_t *, sr);
if (sinfo->ssi_lmpwd != NULL)
bzero(sinfo->ssi_lmpwd, sinfo->ssi_lmpwlen);
if (sinfo->ssi_ntpwd != NULL)
*** 235,252 ****
/* This is a first (or only) call */
sr->session->smb_msg_size = sinfo->ssi_maxbufsize;
sr->session->smb_max_mpx = sinfo->ssi_maxmpxcount;
sr->session->capabilities = sinfo->ssi_capabilities;
-
- if (!smb_oplock_levelII)
- sr->session->capabilities &= ~CAP_LEVEL_II_OPLOCKS;
-
sr->session->native_os = sinfo->ssi_native_os;
sr->session->native_lm = sinfo->ssi_native_lm;
}
/*
* The "meat" of authentication happens here.
*/
if (sinfo->ssi_type == SMB_SSNSETUP_NTLM012_EXTSEC)
status = smb_authenticate_ext(sr);
--- 233,253 ----
/* This is a first (or only) call */
sr->session->smb_msg_size = sinfo->ssi_maxbufsize;
sr->session->smb_max_mpx = sinfo->ssi_maxmpxcount;
sr->session->capabilities = sinfo->ssi_capabilities;
sr->session->native_os = sinfo->ssi_native_os;
sr->session->native_lm = sinfo->ssi_native_lm;
}
+ /* RejectUnencryptedAccess precludes SMB1 access */
+ if (sr->sr_server->sv_cfg.skc_encrypt == SMB_CONFIG_REQUIRED) {
+ smbsr_error(sr, NT_STATUS_ACCESS_DENIED,
+ ERRDOS, ERROR_ACCESS_DENIED);
+ return (SDRC_ERROR);
+ }
+
/*
* The "meat" of authentication happens here.
*/
if (sinfo->ssi_type == SMB_SSNSETUP_NTLM012_EXTSEC)
status = smb_authenticate_ext(sr);
*** 292,301 ****
--- 293,303 ----
case NT_STATUS_INTERNAL_ERROR:
default:
smbsr_error(sr, status, ERRSRV, ERRsrverror);
return (SDRC_ERROR);
+
}
action = SMB_USER_IS_GUEST(sr->uid_user) ? 1 : 0;
switch (sinfo->ssi_type) {