search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
r25551: Convert to standard bool type.
[Samba.git] / source / smb_server / smb / sesssetup.c
blob57e2f28b8afa4e671c60bc1ca5b3dc764526dcd6
1
2 /*
3 Unix SMB/CIFS implementation.
4 handle SMBsessionsetup
5 Copyright (C) Andrew Tridgell 1998-2001
6 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2001-2005
7 Copyright (C) Jim McDonough 2002
8 Copyright (C) Luke Howard 2003
9 Copyright (C) Stefan Metzmacher 2005
10
11 This program is free software; you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 3 of the License, or
14 (at your option) any later version.
15
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
20
21 You should have received a copy of the GNU General Public License
22 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 */
24
25 #include "includes.h"
26 #include "version.h"
27 #include "auth/credentials/credentials.h"
28 #include "auth/gensec/gensec.h"
29 #include "auth/auth.h"
30 #include "smb_server/smb_server.h"
31 #include "smbd/service_stream.h"
32 #include "librpc/gen_ndr/nbt.h"
33 #include "param/param.h"
34
35 /*
36 setup the OS, Lanman and domain portions of a session setup reply
37 */
38 static void sesssetup_common_strings(struct smbsrv_request *req,
39 char **os, char **lanman, char **domain)
40 {
41 (*os) = talloc_asprintf(req, "Unix");
42 (*lanman) = talloc_asprintf(req, "Samba %s", SAMBA_VERSION_STRING);
43 (*domain) = talloc_asprintf(req, "%s", lp_workgroup(global_loadparm));
44 }
45
46 static void smbsrv_sesssetup_backend_send(struct smbsrv_request *req,
47 union smb_sesssetup *sess,
48 NTSTATUS status)
49 {
50 if (NT_STATUS_IS_OK(status)) {
51 req->smb_conn->negotiate.done_sesssetup = true;
52 /* we need to keep the session long term */
53 req->session = talloc_steal(req->smb_conn, req->session);
54 }
55 smbsrv_reply_sesssetup_send(req, sess, status);
56 }
57
58 static void sesssetup_old_send(struct auth_check_password_request *areq,
59 void *private_data)
60 {
61 struct smbsrv_request *req = talloc_get_type(private_data, struct smbsrv_request);
62 union smb_sesssetup *sess = talloc_get_type(req->io_ptr, union smb_sesssetup);
63 struct auth_serversupplied_info *server_info = NULL;
64 struct auth_session_info *session_info;
65 struct smbsrv_session *smb_sess;
66 NTSTATUS status;
67
68 status = auth_check_password_recv(areq, req, &server_info);
69 if (!NT_STATUS_IS_OK(status)) goto failed;
70
71 /* This references server_info into session_info */
72 status = auth_generate_session_info(req, server_info, &session_info);
73 if (!NT_STATUS_IS_OK(status)) goto failed;
74
75 /* allocate a new session */
76 smb_sess = smbsrv_session_new(req->smb_conn, req, NULL);
77 if (!smb_sess) {
78 status = NT_STATUS_INSUFFICIENT_RESOURCES;
79 goto failed;
80 }
81
82 /* Ensure this is marked as a 'real' vuid, not one
83 * simply valid for the session setup leg */
84 status = smbsrv_session_sesssetup_finished(smb_sess, session_info);
85 if (!NT_STATUS_IS_OK(status)) goto failed;
86
87 /* To correctly process any AndX packet (like a tree connect)
88 * we need to fill in the session on the request here */
89 req->session = smb_sess;
90 sess->old.out.vuid = smb_sess->vuid;
91
92 failed:
93 status = auth_nt_status_squash(status);
94 smbsrv_sesssetup_backend_send(req, sess, status);
95 }
96
97 /*
98 handler for old style session setup
99 */
100 static void sesssetup_old(struct smbsrv_request *req, union smb_sesssetup *sess)
101 {
102 struct auth_usersupplied_info *user_info = NULL;
103 struct socket_address *remote_address;
104 const char *remote_machine = NULL;
105
106 sess->old.out.vuid = 0;
107 sess->old.out.action = 0;
108
109 sesssetup_common_strings(req,
110 &sess->old.out.os,
111 &sess->old.out.lanman,
112 &sess->old.out.domain);
113
114 if (!req->smb_conn->negotiate.done_sesssetup) {
115 req->smb_conn->negotiate.max_send = sess->old.in.bufsize;
116 }
117
118 if (req->smb_conn->negotiate.calling_name) {
119 remote_machine = req->smb_conn->negotiate.calling_name->name;
120 }
121
122 remote_address = socket_get_peer_addr(req->smb_conn->connection->socket, req);
123 if (!remote_address) goto nomem;
124
125 if (!remote_machine) {
126 remote_machine = remote_address->addr;
127 }
128
129 user_info = talloc(req, struct auth_usersupplied_info);
130 if (!user_info) goto nomem;
131
132 user_info->mapped_state = false;
133 user_info->logon_parameters = 0;
134 user_info->flags = 0;
135 user_info->client.account_name = sess->old.in.user;
136 user_info->client.domain_name = sess->old.in.domain;
137 user_info->workstation_name = remote_machine;
138 user_info->remote_host = talloc_steal(user_info, remote_address);
139
140 user_info->password_state = AUTH_PASSWORD_RESPONSE;
141 user_info->password.response.lanman = sess->old.in.password;
142 user_info->password.response.lanman.data = talloc_steal(user_info, sess->old.in.password.data);
143 user_info->password.response.nt = data_blob(NULL, 0);
144
145 auth_check_password_send(req->smb_conn->negotiate.auth_context, user_info,
146 sesssetup_old_send, req);
147 return;
148
149 nomem:
150 smbsrv_sesssetup_backend_send(req, sess, NT_STATUS_NO_MEMORY);
151 }
152
153 static void sesssetup_nt1_send(struct auth_check_password_request *areq,
154 void *private_data)
155 {
156 struct smbsrv_request *req = talloc_get_type(private_data, struct smbsrv_request);
157 union smb_sesssetup *sess = talloc_get_type(req->io_ptr, union smb_sesssetup);
158 struct auth_serversupplied_info *server_info = NULL;
159 struct auth_session_info *session_info;
160 struct smbsrv_session *smb_sess;
161 NTSTATUS status;
162
163 status = auth_check_password_recv(areq, req, &server_info);
164 if (!NT_STATUS_IS_OK(status)) goto failed;
165
166 /* This references server_info into session_info */
167 status = auth_generate_session_info(req, server_info, &session_info);
168 if (!NT_STATUS_IS_OK(status)) goto failed;
169
170 /* allocate a new session */
171 smb_sess = smbsrv_session_new(req->smb_conn, req, NULL);
172 if (!smb_sess) {
173 status = NT_STATUS_INSUFFICIENT_RESOURCES;
174 goto failed;
175 }
176
177 /* Ensure this is marked as a 'real' vuid, not one
178 * simply valid for the session setup leg */
179 status = smbsrv_session_sesssetup_finished(smb_sess, session_info);
180 if (!NT_STATUS_IS_OK(status)) goto failed;
181
182 /* To correctly process any AndX packet (like a tree connect)
183 * we need to fill in the session on the request here */
184 req->session = smb_sess;
185 sess->nt1.out.vuid = smb_sess->vuid;
186
187 if (!session_info->server_info->authenticated) {
188 /* don't try signing as anonymous */
189 goto done;
190 }
191
192 if (!smbsrv_setup_signing(req->smb_conn, &session_info->session_key, &sess->nt1.in.password2)) {
193 /* Already signing, or disabled */
194 goto done;
195 }
196
197 /* Force check of the request packet, now we know the session key */
198 smbsrv_signing_check_incoming(req);
199 /* TODO: why don't we check the result here? */
200
201 /* Unfortunetly win2k3 as a client doesn't sign the request
202 * packet here, so we have to force signing to start again */
203
204 smbsrv_signing_restart(req->smb_conn, &session_info->session_key, &sess->nt1.in.password2);
205
206 done:
207 status = NT_STATUS_OK;
208 failed:
209 status = auth_nt_status_squash(status);
210 smbsrv_sesssetup_backend_send(req, sess, status);
211 }
212
213 /*
214 handler for NT1 style session setup
215 */
216 static void sesssetup_nt1(struct smbsrv_request *req, union smb_sesssetup *sess)
217 {
218 NTSTATUS status;
219 struct auth_context *auth_context;
220 struct auth_usersupplied_info *user_info = NULL;
221 struct socket_address *remote_address;
222 const char *remote_machine = NULL;
223
224 sess->nt1.out.vuid = 0;
225 sess->nt1.out.action = 0;
226
227 sesssetup_common_strings(req,
228 &sess->nt1.out.os,
229 &sess->nt1.out.lanman,
230 &sess->nt1.out.domain);
231
232 if (!req->smb_conn->negotiate.done_sesssetup) {
233 req->smb_conn->negotiate.max_send = sess->nt1.in.bufsize;
234 req->smb_conn->negotiate.client_caps = sess->nt1.in.capabilities;
235 }
236
237 if (req->smb_conn->negotiate.oid) {
238 if (sess->nt1.in.user && *sess->nt1.in.user) {
239 /* We can't accept a normal login, because we
240 * don't have a challenge */
241 status = NT_STATUS_LOGON_FAILURE;
242 goto failed;
243 }
244
245 /* TODO: should we use just "anonymous" here? */
246 status = auth_context_create(req,
247 req->smb_conn->connection->event.ctx,
248 req->smb_conn->connection->msg_ctx,
249 &auth_context);
250 if (!NT_STATUS_IS_OK(status)) goto failed;
251 } else {
252 auth_context = req->smb_conn->negotiate.auth_context;
253 }
254
255 if (req->smb_conn->negotiate.calling_name) {
256 remote_machine = req->smb_conn->negotiate.calling_name->name;
257 }
258
259 remote_address = socket_get_peer_addr(req->smb_conn->connection->socket, req);
260 if (!remote_address) goto nomem;
261
262 if (!remote_machine) {
263 remote_machine = remote_address->addr;
264 }
265
266 user_info = talloc(req, struct auth_usersupplied_info);
267 if (!user_info) goto nomem;
268
269 user_info->mapped_state = false;
270 user_info->logon_parameters = 0;
271 user_info->flags = 0;
272 user_info->client.account_name = sess->nt1.in.user;
273 user_info->client.domain_name = sess->nt1.in.domain;
274 user_info->workstation_name = remote_machine;
275 user_info->remote_host = talloc_steal(user_info, remote_address);
276
277 user_info->password_state = AUTH_PASSWORD_RESPONSE;
278 user_info->password.response.lanman = sess->nt1.in.password1;
279 user_info->password.response.lanman.data = talloc_steal(user_info, sess->nt1.in.password1.data);
280 user_info->password.response.nt = sess->nt1.in.password2;
281 user_info->password.response.nt.data = talloc_steal(user_info, sess->nt1.in.password2.data);
282
283 auth_check_password_send(auth_context, user_info,
284 sesssetup_nt1_send, req);
285 return;
286
287 nomem:
288 status = NT_STATUS_NO_MEMORY;
289 failed:
290 status = auth_nt_status_squash(status);
291 smbsrv_sesssetup_backend_send(req, sess, status);
292 }
293
294 struct sesssetup_spnego_state {
295 struct smbsrv_request *req;
296 union smb_sesssetup *sess;
297 struct smbsrv_session *smb_sess;
298 };
299
300 static void sesssetup_spnego_send(struct gensec_update_request *greq, void *private_data)
301 {
302 struct sesssetup_spnego_state *s = talloc_get_type(private_data,
303 struct sesssetup_spnego_state);
304 struct smbsrv_request *req = s->req;
305 union smb_sesssetup *sess = s->sess;
306 struct smbsrv_session *smb_sess = s->smb_sess;
307 struct auth_session_info *session_info = NULL;
308 NTSTATUS status;
309 NTSTATUS skey_status;
310 DATA_BLOB session_key;
311
312 status = gensec_update_recv(greq, req, &sess->spnego.out.secblob);
313 if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
314 goto done;
315 } else if (!NT_STATUS_IS_OK(status)) {
316 goto failed;
317 }
318
319 status = gensec_session_info(smb_sess->gensec_ctx, &session_info);
320 if (!NT_STATUS_IS_OK(status)) goto failed;
321
322 skey_status = gensec_session_key(smb_sess->gensec_ctx, &session_key);
323 if (NT_STATUS_IS_OK(skey_status) &&
324 session_info->server_info->authenticated &&
325 smbsrv_setup_signing(req->smb_conn, &session_key, NULL)) {
326 /* Force check of the request packet, now we know the session key */
327 smbsrv_signing_check_incoming(req);
328
329 smbsrv_signing_restart(req->smb_conn, &session_key, NULL);
330 }
331
332 /* Ensure this is marked as a 'real' vuid, not one
333 * simply valid for the session setup leg */
334 status = smbsrv_session_sesssetup_finished(smb_sess, session_info);
335 if (!NT_STATUS_IS_OK(status)) goto failed;
336
337 req->session = smb_sess;
338
339 done:
340 sess->spnego.out.vuid = smb_sess->vuid;
341 failed:
342 status = auth_nt_status_squash(status);
343 smbsrv_sesssetup_backend_send(req, sess, status);
344 if (!NT_STATUS_IS_OK(status) &&
345 !NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
346 talloc_free(smb_sess);
347 }
348 }
349
350 /*
351 handler for SPNEGO style session setup
352 */
353 static void sesssetup_spnego(struct smbsrv_request *req, union smb_sesssetup *sess)
354 {
355 NTSTATUS status;
356 struct smbsrv_session *smb_sess = NULL;
357 struct sesssetup_spnego_state *s = NULL;
358 uint16_t vuid;
359
360 sess->spnego.out.vuid = 0;
361 sess->spnego.out.action = 0;
362
363 sesssetup_common_strings(req,
364 &sess->spnego.out.os,
365 &sess->spnego.out.lanman,
366 &sess->spnego.out.workgroup);
367
368 if (!req->smb_conn->negotiate.done_sesssetup) {
369 req->smb_conn->negotiate.max_send = sess->spnego.in.bufsize;
370 req->smb_conn->negotiate.client_caps = sess->spnego.in.capabilities;
371 }
372
373 vuid = SVAL(req->in.hdr,HDR_UID);
374
375 /* lookup an existing session */
376 smb_sess = smbsrv_session_find_sesssetup(req->smb_conn, vuid);
377 if (!smb_sess) {
378 struct gensec_security *gensec_ctx;
379
380 status = gensec_server_start(req,
381 req->smb_conn->connection->event.ctx,
382 req->smb_conn->connection->msg_ctx,
383 &gensec_ctx);
384 if (!NT_STATUS_IS_OK(status)) {
385 DEBUG(1, ("Failed to start GENSEC server code: %s\n", nt_errstr(status)));
386 goto failed;
387 }
388
389 gensec_set_credentials(gensec_ctx, req->smb_conn->negotiate.server_credentials);
390
391 gensec_set_target_service(gensec_ctx, "cifs");
392
393 gensec_want_feature(gensec_ctx, GENSEC_FEATURE_SESSION_KEY);
394
395 status = gensec_start_mech_by_oid(gensec_ctx, req->smb_conn->negotiate.oid);
396 if (!NT_STATUS_IS_OK(status)) {
397 DEBUG(1, ("Failed to start GENSEC %s server code: %s\n",
398 gensec_get_name_by_oid(req->smb_conn->negotiate.oid), nt_errstr(status)));
399 goto failed;
400 }
401
402 /* allocate a new session */
403 smb_sess = smbsrv_session_new(req->smb_conn, req->smb_conn, gensec_ctx);
404 if (!smb_sess) {
405 status = NT_STATUS_INSUFFICIENT_RESOURCES;
406 goto failed;
407 }
408 }
409
410 if (!smb_sess) {
411 status = NT_STATUS_ACCESS_DENIED;
412 goto failed;
413 }
414
415 if (!smb_sess->gensec_ctx) {
416 status = NT_STATUS_INTERNAL_ERROR;
417 DEBUG(1, ("Internal ERROR: no gensec_ctx on session: %s\n", nt_errstr(status)));
418 goto failed;
419 }
420
421 s = talloc(req, struct sesssetup_spnego_state);
422 if (!s) goto nomem;
423 s->req = req;
424 s->sess = sess;
425 s->smb_sess = smb_sess;
426
427 gensec_update_send(smb_sess->gensec_ctx, sess->spnego.in.secblob,
428 sesssetup_spnego_send, s);
429 return;
430
431 nomem:
432 status = NT_STATUS_NO_MEMORY;
433 failed:
434 talloc_free(smb_sess);
435 status = auth_nt_status_squash(status);
436 smbsrv_sesssetup_backend_send(req, sess, status);
437 }
438
439 /*
440 backend for sessionsetup call - this takes all 3 variants of the call
441 */
442 void smbsrv_sesssetup_backend(struct smbsrv_request *req,
443 union smb_sesssetup *sess)
444 {
445 switch (sess->old.level) {
446 case RAW_SESSSETUP_OLD:
447 sesssetup_old(req, sess);
448 return;
449
450 case RAW_SESSSETUP_NT1:
451 sesssetup_nt1(req, sess);
452 return;
453
454 case RAW_SESSSETUP_SPNEGO:
455 sesssetup_spnego(req, sess);
456 return;
457
458 case RAW_SESSSETUP_SMB2:
459 break;
460 }
461
462 smbsrv_sesssetup_backend_send(req, sess, NT_STATUS_INVALID_LEVEL);
463 }
Samba GIT mirror