Print this page
NEX-17289 Minimal SMB 3.0.2 support
Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
NEX-10019 SMB server min_protocol setting
Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
NEX-5273 SMB 3 Encryption
Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
NEX-4598 SMB2 credit shortage with Mac client
Reviewed by: Bayard Bell <bayard.bell@nexenta.com>
Reviewed by: Kevin Crowe <kevin.crowe@nexenta.com>
Reviewed by: Matt Barden <Matt.Barden@nexenta.com>
NEX-3611 CLONE NEX-3550 Replace smb2_enable with max_protocol
Reviewed by: Yuri Pankov <Yuri.Pankov@nexenta.com>
NEX-1050 enable_smb2 should be smb2_enable
SMB-11 SMB2 message parse & dispatch
SMB-12 SMB2 Negotiate Protocol
SMB-13 SMB2 Session Setup
SMB-14 SMB2 Logoff
SMB-15 SMB2 Tree Connect
SMB-16 SMB2 Tree Disconnect
SMB-17 SMB2 Create
SMB-18 SMB2 Close
SMB-19 SMB2 Flush
SMB-20 SMB2 Read
SMB-21 SMB2 Write
SMB-22 SMB2 Lock/Unlock
SMB-23 SMB2 Ioctl
SMB-24 SMB2 Cancel
SMB-25 SMB2 Echo
SMB-26 SMB2 Query Dir
SMB-27 SMB2 Change Notify
SMB-28 SMB2 Query Info
SMB-29 SMB2 Set Info
SMB-30 SMB2 Oplocks
SMB-53 SMB2 Create Context options
(SMB2 code review cleanup 1, 2, 3)
SMB-56 extended security NTLMSSP, inbound
SMB-50 User-mode SMB server
Includes work by these authors:
Thomas Keiser <thomas.keiser@nexenta.com>
Albert Lee <trisk@nexenta.com>
re #6813 rb1757 port 2976 Child folder visibility through shares
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/smbsrv/smbinfo.h
+++ new/usr/src/uts/common/smbsrv/smbinfo.h
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
|
↓ open down ↓ |
12 lines elided |
↑ open up ↑ |
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21 /*
22 22 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23 - * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
23 + * Copyright 2018 Nexenta Systems, Inc. All rights reserved.
24 24 */
25 25
26 26 #ifndef _SMBSRV_SMBINFO_H
27 27 #define _SMBSRV_SMBINFO_H
28 28
29 29 #include <sys/types.h>
30 30 #include <sys/uuid.h>
31 31 #include <smbsrv/netbios.h>
32 32 #include <netinet/in.h>
33 33 #include <smbsrv/smb_inet.h>
34 34
35 35 #ifdef __cplusplus
36 36 extern "C" {
37 37 #endif
38 38
39 39 /*
40 40 * Native OS types used in SmbSessionSetupX.
41 41 */
42 42 #ifndef NATIVE_OS_DEFINED
43 43 #define NATIVE_OS_DEFINED
44 44
45 45 #define NATIVE_OS_UNKNOWN 0x00000000
46 46 #define NATIVE_OS_WINNT 0x00000001
47 47 #define NATIVE_OS_WIN95 0x00000002
48 48 #define NATIVE_OS_MACOS 0x00000003
49 49 #define NATIVE_OS_WIN2000 0x00000004
50 50
51 51 #endif /* NATIVE_OS_DEFINED */
52 52
53 53
54 54 /*
55 55 * Native lanman types in SmbSessionSetupX. Note that these values
56 56 * are not directly related to the negotiated protocol dialect.
57 57 */
58 58 #ifndef NATIVE_LANMAN_DEFINED
59 59 #define NATIVE_LANMAN_DEFINED
60 60
61 61 #define NATIVE_LM_NONE 0x00000000
62 62 #define NATIVE_LM_NT 0x00000001
63 63 #define NATIVE_LM_WIN2000 0x00000002
64 64
65 65 #endif /* NATIVE_LANMAN_DEFINED */
66 66
67 67
68 68 /* PDC types to be used in user authentication process */
69 69
70 70 #define PDC_UNKNOWN 0
71 71 #define PDC_WINNT 1
72 72 #define PDC_WIN2000 2
73 73 #define PDC_WINXP 3
74 74 #define PDC_SAMBA 4
75 75
76 76 /*
77 77 * Please replace the use of MAX_NETWORKS with SMB_PI_MAX_NETWORKS if
78 78 * you find it used in conjunction with smbparm_info and maybe one day
79 79 * there will be just a single definition (here) throughout the code.
80 80 */
81 81 #ifndef MAX_NETWORKS
82 82 #define MAX_NETWORKS 36
83 83 #endif /* MAX_NETWORKS */
84 84
85 85 #define SMB_PI_MAX_NETWORKS 36
86 86 #define SMB_PI_MAX_WINS 2
87 87
88 88 #define SMB_SECMODE_WORKGRP 1
89 89 #define SMB_SECMODE_DOMAIN 2
90 90
91 91 #define SMB_PI_MAX_HOST 48
92 92 #define SMB_PI_MAX_DOMAIN 256
93 93 #define SMB_PI_MAX_SCOPE 16
94 94 #define SMB_PI_MAX_COMMENT 58
95 95 #define SMB_PI_MAX_NATIVE_OS 32
96 96 #define SMB_PI_MAX_LANMAN 32
97 97 #define SMB_PI_MAX_NEGTOK 256 /* GUID and SMB negotiate token */
98 98
99 99 #define SMB_PI_KEEP_ALIVE_MIN (90 * 60)
100 100 /*
101 101 * Some older clients (Windows 98) only handle the low byte
102 102 * of the max workers value. If the low byte is less than
103 103 * SMB_PI_MAX_WORKERS_MIN we set it to SMB_PI_MAX_WORKERS_MIN.
104 104 * SMB_PI_MAX_WORKERS_MIN must therefore be < 256
105 105 */
106 106 #define SMB_PI_MAX_WORKERS_MIN 64
107 107 #define SMB_PI_MAX_WORKERS_DEF 1024
108 108 #define SMB_PI_MAX_WORKERS_MAX 16384
109 109
110 110 /*
111 111 * Min/max initial credit grant and credit limit we allow to be
112 112 * configured via SMB_CI_INITIAL_CREDITS, SMB_CI_MAXIMUM_CREDITS
113 113 */
114 114 #define SMB_PI_INITIAL_CREDITS_MIN 16
115 115 #define SMB_PI_INITIAL_CREDITS_DEF 20
116 116 #define SMB_PI_INITIAL_CREDITS_MAX 256
117 117
118 118 #define SMB_PI_MAXIMUM_CREDITS_MIN 64
119 119 #define SMB_PI_MAXIMUM_CREDITS_DEF 1000
120 120 #define SMB_PI_MAXIMUM_CREDITS_MAX 1024
121 121
122 122 /*
123 123 * sv_size is used by the RPC services and should be set to
|
↓ open down ↓ |
90 lines elided |
↑ open up ↑ |
124 124 * sizeof (smb_version_t).
125 125 */
126 126 typedef struct smb_version {
127 127 uint32_t sv_size;
128 128 uint32_t sv_major;
129 129 uint32_t sv_minor;
130 130 uint32_t sv_build_number;
131 131 uint32_t sv_platform_id;
132 132 } smb_version_t;
133 133
134 +typedef enum smb_cfg_val {
135 + SMB_CONFIG_DISABLED = 0,
136 + SMB_CONFIG_ENABLED = 1,
137 + SMB_CONFIG_REQUIRED = 2
138 +} smb_cfg_val_t;
139 +
140 +void smb_cfg_set_require(const char *, smb_cfg_val_t *);
141 +
134 142 /* See also: smb_ioc_cfg_t */
135 143 typedef struct smb_kmod_cfg {
136 144 uint32_t skc_maxworkers;
137 145 uint32_t skc_maxconnections;
138 146 uint32_t skc_keepalive;
139 147 int32_t skc_restrict_anon;
140 148 int32_t skc_signing_enable;
141 149 int32_t skc_signing_required;
142 150 int32_t skc_oplock_enable;
143 151 int32_t skc_sync_enable;
144 152 int32_t skc_secmode;
145 153 int32_t skc_netbios_enable;
146 154 int32_t skc_ipv6_enable;
147 155 int32_t skc_print_enable;
148 156 int32_t skc_traverse_mounts;
149 157 uint32_t skc_max_protocol; /* SMB_VERS_... */
158 + uint32_t skc_min_protocol; /* SMB_VERS_... */
159 + smb_cfg_val_t skc_encrypt; /* EncryptData and RejectUnencryptedAccess */
150 160 uint32_t skc_execflags;
151 161 uint32_t skc_negtok_len;
152 162 smb_version_t skc_version;
153 163 uint16_t skc_initial_credits;
154 164 uint16_t skc_maximum_credits;
155 165 uuid_t skc_machine_uuid;
156 166 uchar_t skc_negtok[SMB_PI_MAX_NEGTOK];
157 167 char skc_native_os[SMB_PI_MAX_NATIVE_OS];
158 168 char skc_native_lm[SMB_PI_MAX_LANMAN];
159 169 char skc_nbdomain[NETBIOS_NAME_SZ];
160 170 char skc_fqdn[SMB_PI_MAX_DOMAIN];
161 171 char skc_hostname[SMB_PI_MAX_HOST];
162 172 char skc_system_comment[SMB_PI_MAX_COMMENT];
163 173 } smb_kmod_cfg_t;
164 174
165 175 #define SMB_EXEC_MAP 0x01
166 176 #define SMB_EXEC_UNMAP 0x02
167 177 #define SMB_EXEC_TERM 0x04
168 178
169 179 #define SMB_EXEC_DISP_CONTINUE "continue"
170 180 #define SMB_EXEC_DISP_TERMINATE "terminate"
171 181
172 182 /*
173 183 * Major version numbers
174 184 */
175 185 #define SMB_MAJOR_NT 4 /* Windows 95/98/Me, Windows NT4.0 */
176 186 #define SMB_MAJOR_2000 5
177 187 #define SMB_MAJOR_XP 5
178 188 #define SMB_MAJOR_2003 5
179 189 #define SMB_MAJOR_VISTA 6
180 190 #define SMB_MAJOR_2008 6
181 191 #define SMB_MAJOR_2008R2 6
182 192 #define SMB_MAJOR_7 6
183 193
184 194 /*
185 195 * Minor version numbers
186 196 */
187 197 #define SMB_MINOR_NT 0
188 198 #define SMB_MINOR_2000 0
189 199 #define SMB_MINOR_XP 1
190 200 #define SMB_MINOR_2003 2
191 201 #define SMB_MINOR_VISTA 0
192 202 #define SMB_MINOR_2008 0
193 203 #define SMB_MINOR_2008R2 1
194 204 #define SMB_MINOR_7 1
195 205
196 206 /*
197 207 * Max version length in string format
198 208 */
199 209 #define SMB_VERSTR_LEN 8
200 210
201 211 int smbnative_os_value(const char *);
202 212 int smbnative_lm_value(const char *);
203 213 int smbnative_pdc_value(const char *);
204 214 const char *smbnative_os_str(smb_version_t *);
205 215 const char *smbnative_lm_str(smb_version_t *);
206 216
207 217 /*
208 218 * Support for passthrough authentication.
209 219 */
210 220 #define AUTH_USER_GRANT 0x00000000
211 221 #define AUTH_GUEST_GRANT 0x00000001
212 222 #define AUTH_IPC_ONLY_GRANT 0x00000002
|
↓ open down ↓ |
53 lines elided |
↑ open up ↑ |
213 223
214 224 /*
215 225 * Defined SMB1, SMB2(+) protocol versions, as returned by
216 226 * smb_config_get_max_protocol()
217 227 */
218 228 #define SMB_VERS_1 1 /* arbitrary value < 0x200 */
219 229 #define SMB_VERS_2_BASE 0x200 /* for (SMB2 or higher?) tests */
220 230 #define SMB_VERS_2_002 0x202 /* "2.002" */
221 231 #define SMB_VERS_2_1 0x210 /* "2.1" */
222 232 #define SMB_VERS_3_0 0x300 /* "3.0" */
233 +#define SMB_VERS_3_02 0x302 /* "3.02" */
223 234
224 235 #ifdef __cplusplus
225 236 }
226 237 #endif
227 238
228 239 #endif /* _SMBSRV_SMBINFO_H */
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX