2 Unix SMB/CIFS implementation.
4 Copyright (C) Stefan Metzmacher 2014
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 #include "system/filesys.h"
23 #include "lib/util/server_id.h"
24 #include "smbd/smbd.h"
25 #include "smbd/globals.h"
26 #include "dbwrap/dbwrap.h"
27 #include "dbwrap/dbwrap_rbt.h"
28 #include "dbwrap/dbwrap_open.h"
29 #include "dbwrap/dbwrap_watch.h"
32 #include "auth/gensec/gensec.h"
33 #include "../lib/tsocket/tsocket.h"
34 #include "../libcli/security/security.h"
36 #include "lib/util/util_tdb.h"
37 #include "librpc/gen_ndr/ndr_smbXsrv.h"
39 #include "lib/util/tevent_ntstatus.h"
40 #include "lib/util/iov_buf.h"
42 struct smbXsrv_client_table
{
48 struct db_context
*db_ctx
;
52 static struct db_context
*smbXsrv_client_global_db_ctx
= NULL
;
54 NTSTATUS
smbXsrv_client_global_init(void)
56 const char *global_path
= NULL
;
57 struct db_context
*db_ctx
= NULL
;
59 if (smbXsrv_client_global_db_ctx
!= NULL
) {
64 * This contains secret information like client keys!
66 global_path
= lock_path(talloc_tos(), "smbXsrv_client_global.tdb");
67 if (global_path
== NULL
) {
68 return NT_STATUS_NO_MEMORY
;
71 db_ctx
= db_open(NULL
, global_path
,
75 TDB_INCOMPATIBLE_HASH
,
76 O_RDWR
| O_CREAT
, 0600,
82 status
= map_nt_error_from_unix_common(errno
);
87 smbXsrv_client_global_db_ctx
= db_ctx
;
94 * We need to store the keys in big endian so that dbwrap_rbt's memcmp
95 * has the same result as integer comparison between the uint32_t
98 * TODO: implement string based key
101 #define SMBXSRV_CLIENT_GLOBAL_TDB_KEY_SIZE 16
103 static TDB_DATA
smbXsrv_client_global_id_to_key(const struct GUID
*client_guid
,
106 TDB_DATA key
= { .dsize
= 0, };
110 status
= GUID_to_ndr_blob(client_guid
, talloc_tos(), &b
);
111 if (!NT_STATUS_IS_OK(status
)) {
114 memcpy(key_buf
, b
.data
, SMBXSRV_CLIENT_GLOBAL_TDB_KEY_SIZE
);
117 key
= make_tdb_data(key_buf
, SMBXSRV_CLIENT_GLOBAL_TDB_KEY_SIZE
);
122 static struct db_record
*smbXsrv_client_global_fetch_locked(
123 struct db_context
*db
,
124 const struct GUID
*client_guid
,
128 uint8_t key_buf
[SMBXSRV_CLIENT_GLOBAL_TDB_KEY_SIZE
];
129 struct db_record
*rec
= NULL
;
131 key
= smbXsrv_client_global_id_to_key(client_guid
, key_buf
);
133 rec
= dbwrap_fetch_locked(db
, mem_ctx
, key
);
136 struct GUID_txt_buf buf
;
137 DBG_DEBUG("Failed to lock guid [%s], key '%s'\n",
138 GUID_buf_string(client_guid
, &buf
),
139 hex_encode_talloc(talloc_tos(), key
.dptr
, key
.dsize
));
145 static NTSTATUS
smbXsrv_client_table_create(TALLOC_CTX
*mem_ctx
,
146 struct messaging_context
*msg_ctx
,
147 uint32_t max_clients
,
148 struct smbXsrv_client_table
**_table
)
150 struct smbXsrv_client_table
*table
;
153 if (max_clients
> 1) {
154 return NT_STATUS_INTERNAL_ERROR
;
157 table
= talloc_zero(mem_ctx
, struct smbXsrv_client_table
);
159 return NT_STATUS_NO_MEMORY
;
162 table
->local
.max_clients
= max_clients
;
164 status
= smbXsrv_client_global_init();
165 if (!NT_STATUS_IS_OK(status
)) {
170 table
->global
.db_ctx
= smbXsrv_client_global_db_ctx
;
176 static int smbXsrv_client_global_destructor(struct smbXsrv_client_global0
*global
)
181 static void smbXsrv_client_global_verify_record(struct db_record
*db_rec
,
185 struct smbXsrv_client_global0
**_g
)
190 struct smbXsrv_client_globalB global_blob
;
191 enum ndr_err_code ndr_err
;
192 struct smbXsrv_client_global0
*global
= NULL
;
194 TALLOC_CTX
*frame
= talloc_stackframe();
205 key
= dbwrap_record_get_key(db_rec
);
207 val
= dbwrap_record_get_value(db_rec
);
208 if (val
.dsize
== 0) {
217 blob
= data_blob_const(val
.dptr
, val
.dsize
);
219 ndr_err
= ndr_pull_struct_blob(&blob
, frame
, &global_blob
,
220 (ndr_pull_flags_fn_t
)ndr_pull_smbXsrv_client_globalB
);
221 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err
)) {
222 NTSTATUS status
= ndr_map_error2ntstatus(ndr_err
);
223 DBG_WARNING("smbXsrv_client_global_verify_record: "
224 "key '%s' ndr_pull_struct_blob - %s\n",
225 hex_encode_talloc(frame
, key
.dptr
, key
.dsize
),
231 DBG_DEBUG("client_global:\n");
232 if (DEBUGLVL(DBGLVL_DEBUG
)) {
233 NDR_PRINT_DEBUG(smbXsrv_client_globalB
, &global_blob
);
236 if (global_blob
.version
!= SMBXSRV_VERSION_0
) {
237 DBG_ERR("key '%s' use unsupported version %u\n",
238 hex_encode_talloc(frame
, key
.dptr
, key
.dsize
),
239 global_blob
.version
);
240 NDR_PRINT_DEBUG(smbXsrv_client_globalB
, &global_blob
);
245 global
= global_blob
.info
.info0
;
247 exists
= serverid_exists(&global
->server_id
);
249 struct server_id_buf tmp
;
251 DBG_NOTICE("key '%s' server_id %s does not exist.\n",
252 hex_encode_talloc(frame
, key
.dptr
, key
.dsize
),
253 server_id_str_buf(global
->server_id
, &tmp
));
254 if (DEBUGLVL(DBGLVL_NOTICE
)) {
255 NDR_PRINT_DEBUG(smbXsrv_client_globalB
, &global_blob
);
258 dbwrap_record_delete(db_rec
);
264 *_g
= talloc_move(mem_ctx
, &global
);
269 NTSTATUS
smb2srv_client_lookup_global(struct smbXsrv_client
*client
,
270 struct GUID client_guid
,
272 struct smbXsrv_client_global0
**_global
)
274 struct smbXsrv_client_table
*table
= client
->table
;
275 struct smbXsrv_client_global0
*global
= NULL
;
276 bool is_free
= false;
277 struct db_record
*db_rec
;
279 db_rec
= smbXsrv_client_global_fetch_locked(table
->global
.db_ctx
,
282 if (db_rec
== NULL
) {
283 return NT_STATUS_INTERNAL_DB_ERROR
;
286 smbXsrv_client_global_verify_record(db_rec
,
294 return NT_STATUS_OBJECTID_NOT_FOUND
;
301 NTSTATUS
smb2srv_client_connection_pass(struct smbd_smb2_request
*smb2req
,
302 struct smbXsrv_client_global0
*global
)
305 enum ndr_err_code ndr_err
;
307 struct smbXsrv_connection_pass0 pass_info0
;
308 struct smbXsrv_connection_passB pass_blob
;
312 pass_info0
.initial_connect_time
= global
->initial_connect_time
;
313 pass_info0
.client_guid
= global
->client_guid
;
315 reqlen
= iov_buflen(smb2req
->in
.vector
, smb2req
->in
.vector_count
);
317 return NT_STATUS_INVALID_BUFFER_SIZE
;
320 pass_info0
.negotiate_request
.length
= reqlen
;
321 pass_info0
.negotiate_request
.data
= talloc_array(talloc_tos(), uint8_t,
323 if (pass_info0
.negotiate_request
.data
== NULL
) {
324 return NT_STATUS_NO_MEMORY
;
326 iov_buf(smb2req
->in
.vector
, smb2req
->in
.vector_count
,
327 pass_info0
.negotiate_request
.data
,
328 pass_info0
.negotiate_request
.length
);
330 ZERO_STRUCT(pass_blob
);
331 pass_blob
.version
= smbXsrv_version_global_current();
332 pass_blob
.info
.info0
= &pass_info0
;
334 if (DEBUGLVL(DBGLVL_DEBUG
)) {
335 NDR_PRINT_DEBUG(smbXsrv_connection_passB
, &pass_blob
);
338 ndr_err
= ndr_push_struct_blob(&blob
, talloc_tos(), &pass_blob
,
339 (ndr_push_flags_fn_t
)ndr_push_smbXsrv_connection_passB
);
340 data_blob_free(&pass_info0
.negotiate_request
);
341 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err
)) {
342 status
= ndr_map_error2ntstatus(ndr_err
);
346 iov
.iov_base
= blob
.data
;
347 iov
.iov_len
= blob
.length
;
349 status
= messaging_send_iov(smb2req
->xconn
->client
->msg_ctx
,
351 MSG_SMBXSRV_CONNECTION_PASS
,
353 &smb2req
->xconn
->transport
.sock
, 1);
354 data_blob_free(&blob
);
355 if (!NT_STATUS_IS_OK(status
)) {
362 static NTSTATUS
smbXsrv_client_global_store(struct smbXsrv_client_global0
*global
)
364 struct smbXsrv_client_globalB global_blob
;
365 DATA_BLOB blob
= data_blob_null
;
369 enum ndr_err_code ndr_err
;
370 bool saved_stored
= global
->stored
;
373 * TODO: if we use other versions than '0'
374 * we would add glue code here, that would be able to
375 * store the information in the old format.
378 if (global
->db_rec
== NULL
) {
379 return NT_STATUS_INTERNAL_ERROR
;
382 key
= dbwrap_record_get_key(global
->db_rec
);
383 val
= dbwrap_record_get_value(global
->db_rec
);
385 ZERO_STRUCT(global_blob
);
386 global_blob
.version
= smbXsrv_version_global_current();
387 if (val
.dsize
>= 8) {
388 global_blob
.seqnum
= IVAL(val
.dptr
, 4);
390 global_blob
.seqnum
+= 1;
391 global_blob
.info
.info0
= global
;
393 global
->stored
= true;
394 ndr_err
= ndr_push_struct_blob(&blob
, global
->db_rec
, &global_blob
,
395 (ndr_push_flags_fn_t
)ndr_push_smbXsrv_client_globalB
);
396 global
->stored
= saved_stored
;
397 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err
)) {
398 status
= ndr_map_error2ntstatus(ndr_err
);
399 DBG_WARNING("key '%s' ndr_push - %s\n",
400 hex_encode_talloc(global
->db_rec
, key
.dptr
, key
.dsize
),
402 TALLOC_FREE(global
->db_rec
);
406 val
= make_tdb_data(blob
.data
, blob
.length
);
407 status
= dbwrap_record_store(global
->db_rec
, val
, TDB_REPLACE
);
408 if (!NT_STATUS_IS_OK(status
)) {
409 DBG_WARNING("key '%s' store - %s\n",
410 hex_encode_talloc(global
->db_rec
, key
.dptr
, key
.dsize
),
412 TALLOC_FREE(global
->db_rec
);
416 global
->stored
= true;
418 if (DEBUGLVL(DBGLVL_DEBUG
)) {
419 DBG_DEBUG("key '%s' stored\n",
420 hex_encode_talloc(global
->db_rec
, key
.dptr
, key
.dsize
));
421 NDR_PRINT_DEBUG(smbXsrv_client_globalB
, &global_blob
);
424 TALLOC_FREE(global
->db_rec
);
429 static NTSTATUS
smbXsrv_client_global_remove(struct smbXsrv_client_global0
*global
)
435 * TODO: if we use other versions than '0'
436 * we would add glue code here, that would be able to
437 * store the information in the old format.
440 if (global
->db_rec
== NULL
) {
441 return NT_STATUS_INTERNAL_ERROR
;
444 key
= dbwrap_record_get_key(global
->db_rec
);
446 status
= dbwrap_record_delete(global
->db_rec
);
447 if (!NT_STATUS_IS_OK(status
)) {
448 DBG_WARNING("key '%s' delete - %s\n",
449 hex_encode_talloc(global
->db_rec
, key
.dptr
, key
.dsize
),
451 TALLOC_FREE(global
->db_rec
);
454 global
->stored
= false;
455 DBG_DEBUG("key '%s' delete\n",
456 hex_encode_talloc(global
->db_rec
, key
.dptr
, key
.dsize
));
458 TALLOC_FREE(global
->db_rec
);
463 static int smbXsrv_client_destructor(struct smbXsrv_client
*client
)
467 status
= smbXsrv_client_remove(client
);
468 if (!NT_STATUS_IS_OK(status
)) {
469 DBG_ERR("smbXsrv_client_remove() failed: %s\n",
473 TALLOC_FREE(client
->global
);
478 static bool smbXsrv_client_connection_pass_filter(struct messaging_rec
*rec
, void *private_data
);
479 static void smbXsrv_client_connection_pass_loop(struct tevent_req
*subreq
);
481 NTSTATUS
smbXsrv_client_create(TALLOC_CTX
*mem_ctx
,
482 struct tevent_context
*ev_ctx
,
483 struct messaging_context
*msg_ctx
,
485 struct smbXsrv_client
**_client
)
487 struct smbXsrv_client_table
*table
;
488 struct smbXsrv_client
*client
= NULL
;
489 struct smbXsrv_client_global0
*global
= NULL
;
491 struct tevent_req
*subreq
= NULL
;
493 status
= smbXsrv_client_table_create(mem_ctx
,
497 if (!NT_STATUS_IS_OK(status
)) {
501 if (table
->local
.num_clients
>= table
->local
.max_clients
) {
503 return NT_STATUS_INSUFFICIENT_RESOURCES
;
506 client
= talloc_zero(mem_ctx
, struct smbXsrv_client
);
507 if (client
== NULL
) {
509 return NT_STATUS_NO_MEMORY
;
511 client
->raw_ev_ctx
= ev_ctx
;
512 client
->msg_ctx
= msg_ctx
;
514 client
->server_multi_channel_enabled
= lp_server_multi_channel_support();
516 client
->table
= talloc_move(client
, &table
);
517 table
= client
->table
;
519 global
= talloc_zero(client
, struct smbXsrv_client_global0
);
520 if (global
== NULL
) {
522 return NT_STATUS_NO_MEMORY
;
524 talloc_set_destructor(global
, smbXsrv_client_global_destructor
);
525 client
->global
= global
;
527 global
->initial_connect_time
= now
;
529 global
->server_id
= messaging_server_id(client
->msg_ctx
);
531 table
->local
.num_clients
+= 1;
533 talloc_set_destructor(client
, smbXsrv_client_destructor
);
535 if (DEBUGLVL(DBGLVL_DEBUG
)) {
536 struct smbXsrv_clientB client_blob
;
537 struct GUID_txt_buf buf
;
539 ZERO_STRUCT(client_blob
);
540 client_blob
.version
= SMBXSRV_VERSION_0
;
541 client_blob
.info
.info0
= client
;
543 DBG_DEBUG("client_guid[%s] stored\n",
544 GUID_buf_string(&global
->client_guid
, &buf
));
545 NDR_PRINT_DEBUG(smbXsrv_clientB
, &client_blob
);
548 subreq
= messaging_filtered_read_send(client
,
551 smbXsrv_client_connection_pass_filter
,
553 if (subreq
== NULL
) {
555 return NT_STATUS_NO_MEMORY
;
557 tevent_req_set_callback(subreq
, smbXsrv_client_connection_pass_loop
, client
);
563 static bool smbXsrv_client_connection_pass_filter(struct messaging_rec
*rec
, void *private_data
)
565 if (rec
->msg_type
!= MSG_SMBXSRV_CONNECTION_PASS
) {
569 if (rec
->num_fds
!= 1) {
573 if (rec
->buf
.length
< SMB2_HDR_BODY
) {
577 /* TODO: verify client_guid...? */
582 static void smbXsrv_client_connection_pass_loop(struct tevent_req
*subreq
)
584 struct smbXsrv_client
*client
=
585 tevent_req_callback_data(subreq
,
586 struct smbXsrv_client
);
587 struct smbXsrv_connection
*xconn
= NULL
;
589 struct messaging_rec
*rec
= NULL
;
590 struct smbXsrv_connection_passB pass_blob
;
591 enum ndr_err_code ndr_err
;
592 struct smbXsrv_connection_pass0
*pass_info0
= NULL
;
597 ret
= messaging_filtered_read_recv(subreq
, talloc_tos(), &rec
);
603 ndr_err
= ndr_pull_struct_blob(&rec
->buf
, rec
, &pass_blob
,
604 (ndr_pull_flags_fn_t
)ndr_pull_smbXsrv_connection_passB
);
605 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err
)) {
606 status
= ndr_map_error2ntstatus(ndr_err
);
607 DBG_WARNING("ndr_pull_struct_blob - %s\n", nt_errstr(status
));
611 DBG_DEBUG("MSG_SMBXSRV_CLIENT_CLOSE\n");
612 if (DEBUGLVL(DBGLVL_DEBUG
)) {
613 NDR_PRINT_DEBUG(smbXsrv_connection_passB
, &pass_blob
);
616 if (pass_blob
.version
!= SMBXSRV_VERSION_0
) {
617 DBG_ERR("ignore invalid version %u\n", pass_blob
.version
);
618 NDR_PRINT_DEBUG(smbXsrv_connection_passB
, &pass_blob
);
622 pass_info0
= pass_blob
.info
.info0
;
623 if (pass_info0
== NULL
) {
624 DBG_ERR("ignore NULL info %u\n", pass_blob
.version
);
625 NDR_PRINT_DEBUG(smbXsrv_connection_passB
, &pass_blob
);
629 if (!GUID_equal(&client
->global
->client_guid
, &pass_info0
->client_guid
))
631 struct GUID_txt_buf buf1
, buf2
;
633 DBG_WARNING("client's client_guid [%s] != passed guid [%s]\n",
634 GUID_buf_string(&client
->global
->client_guid
,
636 GUID_buf_string(&pass_info0
->client_guid
,
638 if (DEBUGLVL(DBGLVL_WARNING
)) {
639 NDR_PRINT_DEBUG(smbXsrv_connection_passB
, &pass_blob
);
644 if (client
->global
->initial_connect_time
!=
645 pass_info0
->initial_connect_time
)
647 DBG_WARNING("client's initial connect time [%s] (%llu) != "
648 "passed initial connect time [%s] (%llu)\n",
649 nt_time_string(talloc_tos(),
650 client
->global
->initial_connect_time
),
651 (unsigned long long)client
->global
->initial_connect_time
,
652 nt_time_string(talloc_tos(),
653 pass_info0
->initial_connect_time
),
654 (unsigned long long)pass_info0
->initial_connect_time
);
655 if (DEBUGLVL(DBGLVL_WARNING
)) {
656 NDR_PRINT_DEBUG(smbXsrv_connection_passB
, &pass_blob
);
661 SMB_ASSERT(rec
->num_fds
== 1);
662 sock_fd
= rec
->fds
[0];
664 DBG_ERR("got connection sockfd[%d]\n", sock_fd
);
665 NDR_PRINT_DEBUG(smbXsrv_connection_passB
, &pass_blob
);
666 status
= smbd_add_connection(client
, sock_fd
, &xconn
);
667 if (!NT_STATUS_IS_OK(status
)) {
670 DBG_ERR("smbd_add_connection => %s\n", nt_errstr(status
));
671 NDR_PRINT_DEBUG(smbXsrv_connection_passB
, &pass_blob
);
676 * Set seq_low to mid received in negprot
678 seq_low
= BVAL(pass_info0
->negotiate_request
.data
,
679 SMB2_HDR_MESSAGE_ID
);
681 xconn
->smb2
.client
.guid_verified
= true;
682 smbd_smb2_process_negprot(xconn
, seq_low
,
683 pass_info0
->negotiate_request
.data
,
684 pass_info0
->negotiate_request
.length
);
689 subreq
= messaging_filtered_read_send(client
,
692 smbXsrv_client_connection_pass_filter
,
694 if (subreq
== NULL
) {
696 r
= "messaging_read_send(MSG_SMBXSRV_CONNECTION_PASS failed";
697 exit_server_cleanly(r
);
700 tevent_req_set_callback(subreq
, smbXsrv_client_connection_pass_loop
, client
);
703 NTSTATUS
smbXsrv_client_update(struct smbXsrv_client
*client
)
705 struct smbXsrv_client_table
*table
= client
->table
;
708 if (client
->global
->db_rec
!= NULL
) {
709 struct GUID_txt_buf buf
;
710 DBG_ERR("guid [%s]: Called with db_rec != NULL'\n",
711 GUID_buf_string(&client
->global
->client_guid
,
713 return NT_STATUS_INTERNAL_ERROR
;
716 client
->global
->db_rec
= smbXsrv_client_global_fetch_locked(
717 table
->global
.db_ctx
,
718 &client
->global
->client_guid
,
719 client
->global
/* TALLOC_CTX */);
720 if (client
->global
->db_rec
== NULL
) {
721 return NT_STATUS_INTERNAL_DB_ERROR
;
724 status
= smbXsrv_client_global_store(client
->global
);
725 if (!NT_STATUS_IS_OK(status
)) {
726 struct GUID_txt_buf buf
;
727 DBG_ERR("client_guid[%s] store failed - %s\n",
728 GUID_buf_string(&client
->global
->client_guid
,
734 if (DEBUGLVL(DBGLVL_DEBUG
)) {
735 struct smbXsrv_clientB client_blob
;
736 struct GUID_txt_buf buf
;
738 ZERO_STRUCT(client_blob
);
739 client_blob
.version
= SMBXSRV_VERSION_0
;
740 client_blob
.info
.info0
= client
;
742 DBG_DEBUG("client_guid[%s] stored\n",
743 GUID_buf_string(&client
->global
->client_guid
,
745 NDR_PRINT_DEBUG(smbXsrv_clientB
, &client_blob
);
751 NTSTATUS
smbXsrv_client_remove(struct smbXsrv_client
*client
)
753 struct smbXsrv_client_table
*table
= client
->table
;
756 if (client
->global
->db_rec
!= NULL
) {
757 struct GUID_txt_buf buf
;
758 DBG_ERR("client_guid[%s]: Called with db_rec != NULL'\n",
759 GUID_buf_string(&client
->global
->client_guid
,
761 return NT_STATUS_INTERNAL_ERROR
;
764 if (!client
->global
->stored
) {
768 client
->global
->db_rec
= smbXsrv_client_global_fetch_locked(
769 table
->global
.db_ctx
,
770 &client
->global
->client_guid
,
771 client
->global
/* TALLOC_CTX */);
772 if (client
->global
->db_rec
== NULL
) {
773 return NT_STATUS_INTERNAL_DB_ERROR
;
776 status
= smbXsrv_client_global_remove(client
->global
);
777 if (!NT_STATUS_IS_OK(status
)) {
778 struct GUID_txt_buf buf
;
779 DBG_ERR("client_guid[%s] store failed - %s\n",
780 GUID_buf_string(&client
->global
->client_guid
, &buf
),
785 if (DEBUGLVL(DBGLVL_DEBUG
)) {
786 struct smbXsrv_clientB client_blob
;
787 struct GUID_txt_buf buf
;
789 ZERO_STRUCT(client_blob
);
790 client_blob
.version
= SMBXSRV_VERSION_0
;
791 client_blob
.info
.info0
= client
;
793 DBG_DEBUG("client_guid[%s] stored\n",
794 GUID_buf_string(&client
->global
->client_guid
, &buf
));
795 NDR_PRINT_DEBUG(smbXsrv_clientB
, &client_blob
);