2 Unix SMB/CIFS implementation.
4 Copyright (C) Jeremy Allison 2003.
5 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
6 Copyright (C) Stefan Metzmacher 2009
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "smbd/smbd.h"
24 #include "smbd/globals.h"
25 #include "../libcli/smb/smb_signing.h"
26 #include "lib/param/param.h"
28 /***********************************************************
29 Called to validate an incoming packet from the client.
30 ************************************************************/
32 bool srv_check_sign_mac(struct smbd_server_connection
*conn
,
33 const char *inbuf
, uint32_t *seqnum
,
39 /* Check if it's a non-session message. */
45 inhdr
= (const uint8_t *)inbuf
+ NBT_HDR_SIZE
;
47 if (trusted_channel
) {
50 if (len
< (HDR_SS_FIELD
+ 8)) {
51 DEBUG(1,("smb_signing_check_pdu: Can't check signature "
52 "on short packet! smb_len = %u\n",
57 status
= NT_STATUS(IVAL(inhdr
, HDR_SS_FIELD
+ 4));
58 if (!NT_STATUS_IS_OK(status
)) {
59 DEBUG(1,("smb_signing_check_pdu: trusted channel passed %s\n",
64 *seqnum
= IVAL(inhdr
, HDR_SS_FIELD
);
68 *seqnum
= smb_signing_next_seqnum(conn
->smb1
.signing_state
, false);
69 return smb_signing_check_pdu(conn
->smb1
.signing_state
,
74 /***********************************************************
75 Called to sign an outgoing packet to the client.
76 ************************************************************/
78 void srv_calculate_sign_mac(struct smbd_server_connection
*conn
,
79 char *outbuf
, uint32_t seqnum
)
84 /* Check if it's a non-session message. */
89 len
= smb_len(outbuf
);
90 outhdr
= (uint8_t *)outbuf
+ NBT_HDR_SIZE
;
92 smb_signing_sign_pdu(conn
->smb1
.signing_state
, outhdr
, len
, seqnum
);
96 /***********************************************************
97 Called to indicate a oneway request
98 ************************************************************/
99 void srv_cancel_sign_response(struct smbd_server_connection
*conn
)
101 smb_signing_cancel_reply(conn
->smb1
.signing_state
, true);
104 struct smbd_shm_signing
{
106 uint8_t *shm_pointer
;
108 /* we know the signing engine will only allocate 2 chunks */
115 static int smbd_shm_signing_destructor(struct smbd_shm_signing
*s
)
117 anonymous_shared_free(s
->shm_pointer
);
121 static void *smbd_shm_signing_alloc(TALLOC_CTX
*mem_ctx
, size_t len
)
123 struct smbd_shm_signing
*s
= talloc_get_type_abort(mem_ctx
,
124 struct smbd_shm_signing
);
126 if (s
->ptr1
== NULL
) {
129 s
->len1
+= (8 - (len
% 8));
131 if (s
->len1
> s
->shm_size
) {
136 s
->ptr1
= s
->shm_pointer
;
140 if (s
->ptr2
== NULL
) {
142 if (s
->len2
> (s
->shm_size
- s
->len1
)) {
147 s
->ptr2
= s
->shm_pointer
+ s
->len1
;
155 static void smbd_shm_signing_free(TALLOC_CTX
*mem_ctx
, void *ptr
)
157 struct smbd_shm_signing
*s
= talloc_get_type_abort(mem_ctx
,
158 struct smbd_shm_signing
);
160 if (s
->ptr2
== ptr
) {
166 /***********************************************************
167 Called by server negprot when signing has been negotiated.
168 ************************************************************/
170 bool srv_init_signing(struct smbd_server_connection
*conn
)
174 bool mandatory
= false;
176 struct loadparm_context
*lp_ctx
= loadparm_init_s3(conn
, loadparm_s3_helpers());
177 if (lp_ctx
== NULL
) {
178 DEBUG(10, ("loadparm_init_s3 failed\n"));
183 * if the client and server allow signing,
184 * we desire to use it.
186 * This matches Windows behavior and is needed
187 * because not every client that requires signing
188 * sends FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED.
191 allowed
= desired
= lpcfg_server_signing_allowed(lp_ctx
, &mandatory
);
192 talloc_unlink(conn
, lp_ctx
);
194 if (lp_async_smb_echo_handler()) {
195 struct smbd_shm_signing
*s
;
197 /* setup the signing state in shared memory */
198 s
= talloc_zero(conn
, struct smbd_shm_signing
);
204 (uint8_t *)anonymous_shared_allocate(s
->shm_size
);
205 if (s
->shm_pointer
== NULL
) {
209 talloc_set_destructor(s
, smbd_shm_signing_destructor
);
210 conn
->smb1
.signing_state
= smb_signing_init_ex(s
,
211 allowed
, desired
, mandatory
,
212 smbd_shm_signing_alloc
,
213 smbd_shm_signing_free
);
214 if (!conn
->smb1
.signing_state
) {
220 conn
->smb1
.signing_state
= smb_signing_init(conn
,
221 allowed
, desired
, mandatory
);
222 if (!conn
->smb1
.signing_state
) {
229 void srv_set_signing_negotiated(struct smbd_server_connection
*conn
,
230 bool allowed
, bool mandatory
)
232 smb_signing_set_negotiated(conn
->smb1
.signing_state
,
236 /***********************************************************
237 Returns whether signing is active. We can't use sendfile or raw
238 reads/writes if it is.
239 ************************************************************/
241 bool srv_is_signing_active(struct smbd_server_connection
*conn
)
243 return smb_signing_is_active(conn
->smb1
.signing_state
);
247 /***********************************************************
248 Returns whether signing is negotiated. We can't use it unless it was
250 ************************************************************/
252 bool srv_is_signing_negotiated(struct smbd_server_connection
*conn
)
254 return smb_signing_is_negotiated(conn
->smb1
.signing_state
);
257 /***********************************************************
258 Turn on signing from this packet onwards.
259 ************************************************************/
261 void srv_set_signing(struct smbd_server_connection
*conn
,
262 const DATA_BLOB user_session_key
,
263 const DATA_BLOB response
)
268 if (!user_session_key
.length
)
271 negotiated
= smb_signing_is_negotiated(conn
->smb1
.signing_state
);
272 mandatory
= smb_signing_is_mandatory(conn
->smb1
.signing_state
);
274 if (!negotiated
&& !mandatory
) {
275 DEBUG(5,("srv_set_signing: signing negotiated = %u, "
276 "mandatory_signing = %u. Not allowing smb signing.\n",
277 negotiated
, mandatory
));
281 if (!smb_signing_activate(conn
->smb1
.signing_state
,
282 user_session_key
, response
)) {
286 DEBUG(3,("srv_set_signing: turning on SMB signing: "
287 "signing negotiated = %u, mandatory_signing = %u.\n",
288 negotiated
, mandatory
));