3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
  23  * Copyright 2014 Nexenta Systems, Inc.  All rights reserved.
  24  */
  25 
  26 #include <sys/types.h>
  27 #include <sys/sid.h>
  28 #include <sys/priv_names.h>
  29 #include <sys/socket.h>
  30 #include <netinet/in.h>
  31 #include <smbsrv/smb_idmap.h>
  32 #include <smbsrv/smb_kproto.h>
  33 #include <smbsrv/smb_token.h>
  34 
  35 smb_sdrc_t
  36 smb_pre_session_setup_andx(smb_request_t *sr)
  37 {
  38         smb_arg_sessionsetup_t  *sinfo;
  39         char                    *native_os;
  40         char                    *native_lm;
  41         int                     rc = 0;
  42 
  43         sinfo = smb_srm_zalloc(sr, sizeof (smb_arg_sessionsetup_t));

 172         else
 173                 sinfo->ssi_native_os = smbnative_os_value(native_os);
 174 
 175         if (sinfo->ssi_native_os == NATIVE_OS_WINNT)
 176                 rc = smbsr_decode_data(sr, "%,u", sr, &native_lm);
 177         else
 178                 rc = smbsr_decode_data(sr, "%u", sr, &native_lm);
 179         if (rc != 0 || native_lm == NULL)
 180                 sinfo->ssi_native_lm = NATIVE_LM_NT;
 181         else
 182                 sinfo->ssi_native_lm = smbnative_lm_value(native_lm);
 183         rc = 0;
 184 
 185 done:
 186         if (rc != 0) {
 187                 cmn_err(CE_NOTE,
 188                     "SmbSessonSetupX: client %s invalid request",
 189                     sr->session->ip_addr_str);
 190         }
 191 
 192         DTRACE_SMB_2(op__SessionSetupX__start, smb_request_t *, sr,
 193             smb_arg_sessionsetup_t, sinfo);
 194         return ((rc == 0) ? SDRC_SUCCESS : SDRC_ERROR);
 195 }
 196 
 197 void
 198 smb_post_session_setup_andx(smb_request_t *sr)
 199 {
 200         smb_arg_sessionsetup_t  *sinfo = sr->sr_ssetup;
 201 
 202         DTRACE_SMB_2(op__SessionSetupX__done, smb_request_t *, sr,
 203             smb_arg_sessionsetup_t, sinfo);
 204 
 205         if (sinfo->ssi_lmpwd != NULL)
 206                 bzero(sinfo->ssi_lmpwd, sinfo->ssi_lmpwlen);
 207 
 208         if (sinfo->ssi_ntpwd != NULL)
 209                 bzero(sinfo->ssi_ntpwd, sinfo->ssi_ntpwlen);
 210 }
 211 
 212 /*
 213  *
 214  * NT systems use different native OS and native LanMan values dependent on
 215  * whether they are acting as a client or a server.  NT 4.0 server responds
 216  * with the following values:
 217  *
 218  *      NativeOS:       Windows NT 4.0
 219  *      NativeLM:       NT LAN Manager 4.0
 220  */
 221 smb_sdrc_t
 222 smb_com_session_setup_andx(smb_request_t *sr)
 223 {
 224         smb_arg_sessionsetup_t  *sinfo = sr->sr_ssetup;
 225         uint32_t                status;
 226         uint16_t                action;
 227         int                     rc;
 228 
 229         /*
 230          * Some stuff we do only in the first in a (possible)
 231          * sequence of session setup requests.
 232          */
 233         if (sinfo->ssi_type != SMB_SSNSETUP_NTLM012_EXTSEC ||
 234             sr->smb_uid == 0 || sr->smb_uid == 0xFFFF) {
 235 
 236                 /* This is a first (or only) call */
 237                 sr->session->smb_msg_size = sinfo->ssi_maxbufsize;
 238                 sr->session->smb_max_mpx = sinfo->ssi_maxmpxcount;
 239                 sr->session->capabilities = sinfo->ssi_capabilities;
 240 
 241                 if (!smb_oplock_levelII)
 242                         sr->session->capabilities &= ~CAP_LEVEL_II_OPLOCKS;
 243 
 244                 sr->session->native_os = sinfo->ssi_native_os;
 245                 sr->session->native_lm = sinfo->ssi_native_lm;
 246         }
 247 







 248         /*
 249          * The "meat" of authentication happens here.
 250          */
 251         if (sinfo->ssi_type == SMB_SSNSETUP_NTLM012_EXTSEC)
 252                 status = smb_authenticate_ext(sr);
 253         else
 254                 status = smb_authenticate_old(sr);
 255 
 256         switch (status) {
 257 
 258         case NT_STATUS_SUCCESS:
 259                 break;
 260 
 261         /*
 262          * This is not really an error, but tells the client
 263          * it should send another session setup request.
 264          */
 265         case NT_STATUS_MORE_PROCESSING_REQUIRED:
 266                 smbsr_error(sr, status, 0, 0);
 267                 break;

 277         case NT_STATUS_NO_LOGON_SERVERS:
 278                 smbsr_error(sr, status, ERRDOS, ERROR_NO_LOGON_SERVERS);
 279                 return (SDRC_ERROR);
 280 
 281         case NT_STATUS_NETLOGON_NOT_STARTED:
 282                 smbsr_error(sr, status, ERRDOS, ERROR_NETLOGON_NOT_STARTED);
 283                 return (SDRC_ERROR);
 284 
 285         case NT_STATUS_USER_SESSION_DELETED:
 286                 smbsr_error(sr, status, ERRSRV, ERRbaduid);
 287                 return (SDRC_ERROR);
 288 
 289         case NT_STATUS_INSUFF_SERVER_RESOURCES:
 290                 smbsr_error(sr, status, ERRSRV, ERRnoresource);
 291                 return (SDRC_ERROR);
 292 
 293         case NT_STATUS_INTERNAL_ERROR:
 294         default:
 295                 smbsr_error(sr, status, ERRSRV, ERRsrverror);
 296                 return (SDRC_ERROR);

 297         }
 298 
 299         action = SMB_USER_IS_GUEST(sr->uid_user) ? 1 : 0;
 300 
 301         switch (sinfo->ssi_type) {
 302 
 303         default:
 304         case SMB_SSNSETUP_PRE_NTLM012:
 305         case SMB_SSNSETUP_NTLM012_NOEXT:
 306 
 307                 rc = smbsr_encode_result(sr, 3, VAR_BCC, "bb.www%uuu",
 308                     3,
 309                     sr->andx_com,
 310                     -1,                 /* andx_off */
 311                     action,
 312                     VAR_BCC,
 313                     sr,
 314                     sr->sr_cfg->skc_native_os,
 315                     sr->sr_cfg->skc_native_lm,
 316                     sr->sr_cfg->skc_nbdomain);

   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
  23  * Copyright 2017 Nexenta Systems, Inc.  All rights reserved.
  24  */
  25 
  26 #include <sys/types.h>
  27 #include <sys/sid.h>
  28 #include <sys/priv_names.h>
  29 #include <sys/socket.h>
  30 #include <netinet/in.h>
  31 #include <smbsrv/smb_idmap.h>
  32 #include <smbsrv/smb_kproto.h>
  33 #include <smbsrv/smb_token.h>
  34 
  35 smb_sdrc_t
  36 smb_pre_session_setup_andx(smb_request_t *sr)
  37 {
  38         smb_arg_sessionsetup_t  *sinfo;
  39         char                    *native_os;
  40         char                    *native_lm;
  41         int                     rc = 0;
  42 
  43         sinfo = smb_srm_zalloc(sr, sizeof (smb_arg_sessionsetup_t));

 172         else
 173                 sinfo->ssi_native_os = smbnative_os_value(native_os);
 174 
 175         if (sinfo->ssi_native_os == NATIVE_OS_WINNT)
 176                 rc = smbsr_decode_data(sr, "%,u", sr, &native_lm);
 177         else
 178                 rc = smbsr_decode_data(sr, "%u", sr, &native_lm);
 179         if (rc != 0 || native_lm == NULL)
 180                 sinfo->ssi_native_lm = NATIVE_LM_NT;
 181         else
 182                 sinfo->ssi_native_lm = smbnative_lm_value(native_lm);
 183         rc = 0;
 184 
 185 done:
 186         if (rc != 0) {
 187                 cmn_err(CE_NOTE,
 188                     "SmbSessonSetupX: client %s invalid request",
 189                     sr->session->ip_addr_str);
 190         }
 191 
 192         DTRACE_SMB_START(op__SessionSetupX, smb_request_t *, sr);

 193         return ((rc == 0) ? SDRC_SUCCESS : SDRC_ERROR);
 194 }
 195 
 196 void
 197 smb_post_session_setup_andx(smb_request_t *sr)
 198 {
 199         smb_arg_sessionsetup_t  *sinfo = sr->sr_ssetup;
 200 
 201         DTRACE_SMB_DONE(op__SessionSetupX, smb_request_t *, sr);

 202 
 203         if (sinfo->ssi_lmpwd != NULL)
 204                 bzero(sinfo->ssi_lmpwd, sinfo->ssi_lmpwlen);
 205 
 206         if (sinfo->ssi_ntpwd != NULL)
 207                 bzero(sinfo->ssi_ntpwd, sinfo->ssi_ntpwlen);
 208 }
 209 
 210 /*
 211  *
 212  * NT systems use different native OS and native LanMan values dependent on
 213  * whether they are acting as a client or a server.  NT 4.0 server responds
 214  * with the following values:
 215  *
 216  *      NativeOS:       Windows NT 4.0
 217  *      NativeLM:       NT LAN Manager 4.0
 218  */
 219 smb_sdrc_t
 220 smb_com_session_setup_andx(smb_request_t *sr)
 221 {
 222         smb_arg_sessionsetup_t  *sinfo = sr->sr_ssetup;
 223         uint32_t                status;
 224         uint16_t                action;
 225         int                     rc;
 226 
 227         /*
 228          * Some stuff we do only in the first in a (possible)
 229          * sequence of session setup requests.
 230          */
 231         if (sinfo->ssi_type != SMB_SSNSETUP_NTLM012_EXTSEC ||
 232             sr->smb_uid == 0 || sr->smb_uid == 0xFFFF) {
 233 
 234                 /* This is a first (or only) call */
 235                 sr->session->smb_msg_size = sinfo->ssi_maxbufsize;
 236                 sr->session->smb_max_mpx = sinfo->ssi_maxmpxcount;
 237                 sr->session->capabilities = sinfo->ssi_capabilities;




 238                 sr->session->native_os = sinfo->ssi_native_os;
 239                 sr->session->native_lm = sinfo->ssi_native_lm;
 240         }
 241 
 242         /* RejectUnencryptedAccess precludes SMB1 access */
 243         if (sr->sr_server->sv_cfg.skc_encrypt == SMB_CONFIG_REQUIRED) {
 244                 smbsr_error(sr, NT_STATUS_ACCESS_DENIED,
 245                     ERRDOS, ERROR_ACCESS_DENIED);
 246                 return (SDRC_ERROR);
 247         }
 248 
 249         /*
 250          * The "meat" of authentication happens here.
 251          */
 252         if (sinfo->ssi_type == SMB_SSNSETUP_NTLM012_EXTSEC)
 253                 status = smb_authenticate_ext(sr);
 254         else
 255                 status = smb_authenticate_old(sr);
 256 
 257         switch (status) {
 258 
 259         case NT_STATUS_SUCCESS:
 260                 break;
 261 
 262         /*
 263          * This is not really an error, but tells the client
 264          * it should send another session setup request.
 265          */
 266         case NT_STATUS_MORE_PROCESSING_REQUIRED:
 267                 smbsr_error(sr, status, 0, 0);
 268                 break;

 278         case NT_STATUS_NO_LOGON_SERVERS:
 279                 smbsr_error(sr, status, ERRDOS, ERROR_NO_LOGON_SERVERS);
 280                 return (SDRC_ERROR);
 281 
 282         case NT_STATUS_NETLOGON_NOT_STARTED:
 283                 smbsr_error(sr, status, ERRDOS, ERROR_NETLOGON_NOT_STARTED);
 284                 return (SDRC_ERROR);
 285 
 286         case NT_STATUS_USER_SESSION_DELETED:
 287                 smbsr_error(sr, status, ERRSRV, ERRbaduid);
 288                 return (SDRC_ERROR);
 289 
 290         case NT_STATUS_INSUFF_SERVER_RESOURCES:
 291                 smbsr_error(sr, status, ERRSRV, ERRnoresource);
 292                 return (SDRC_ERROR);
 293 
 294         case NT_STATUS_INTERNAL_ERROR:
 295         default:
 296                 smbsr_error(sr, status, ERRSRV, ERRsrverror);
 297                 return (SDRC_ERROR);
 298 
 299         }
 300 
 301         action = SMB_USER_IS_GUEST(sr->uid_user) ? 1 : 0;
 302 
 303         switch (sinfo->ssi_type) {
 304 
 305         default:
 306         case SMB_SSNSETUP_PRE_NTLM012:
 307         case SMB_SSNSETUP_NTLM012_NOEXT:
 308 
 309                 rc = smbsr_encode_result(sr, 3, VAR_BCC, "bb.www%uuu",
 310                     3,
 311                     sr->andx_com,
 312                     -1,                 /* andx_off */
 313                     action,
 314                     VAR_BCC,
 315                     sr,
 316                     sr->sr_cfg->skc_native_os,
 317                     sr->sr_cfg->skc_native_lm,
 318                     sr->sr_cfg->skc_nbdomain);