search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix bug #9222 - smbd ignores the "server signing = no" setting for SMB2.
[Samba/gbeck.git] / source3 / smbd / smb2_sesssetup.c
blob8bdfd49644dfe2ae3f9b0d5a1658688054e34d7f
1 /*
2 Unix SMB/CIFS implementation.
3 Core SMB2 server
4
5 Copyright (C) Stefan Metzmacher 2009
6 Copyright (C) Jeremy Allison 2010
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23 #include "smbd/smbd.h"
24 #include "smbd/globals.h"
25 #include "../libcli/smb/smb_common.h"
26 #include "../auth/gensec/gensec.h"
27 #include "auth.h"
28 #include "../lib/tsocket/tsocket.h"
29 #include "../libcli/security/security.h"
30 #include "../lib/util/tevent_ntstatus.h"
31
32 static struct tevent_req *smbd_smb2_session_setup_send(TALLOC_CTX *mem_ctx,
33 struct tevent_context *ev,
34 struct smbd_smb2_request *smb2req,
35 uint64_t in_session_id,
36 uint8_t in_flags,
37 uint8_t in_security_mode,
38 uint64_t in_previous_session_id,
39 DATA_BLOB in_security_buffer);
40 static NTSTATUS smbd_smb2_session_setup_recv(struct tevent_req *req,
41 uint16_t *out_session_flags,
42 TALLOC_CTX *mem_ctx,
43 DATA_BLOB *out_security_buffer,
44 uint64_t *out_session_id);
45
46 static void smbd_smb2_request_sesssetup_done(struct tevent_req *subreq);
47
48 NTSTATUS smbd_smb2_request_process_sesssetup(struct smbd_smb2_request *smb2req)
49 {
50 const uint8_t *inhdr;
51 const uint8_t *inbody;
52 uint64_t in_session_id;
53 uint8_t in_flags;
54 uint8_t in_security_mode;
55 uint64_t in_previous_session_id;
56 uint16_t in_security_offset;
57 uint16_t in_security_length;
58 DATA_BLOB in_security_buffer;
59 NTSTATUS status;
60 struct tevent_req *subreq;
61
62 status = smbd_smb2_request_verify_sizes(smb2req, 0x19);
63 if (!NT_STATUS_IS_OK(status)) {
64 return smbd_smb2_request_error(smb2req, status);
65 }
66 inhdr = SMBD_SMB2_IN_HDR_PTR(smb2req);
67 inbody = SMBD_SMB2_IN_BODY_PTR(smb2req);
68
69 in_session_id = BVAL(inhdr, SMB2_HDR_SESSION_ID);
70
71 in_flags = CVAL(inbody, 0x02);
72 in_security_mode = CVAL(inbody, 0x03);
73 /* Capabilities = IVAL(inbody, 0x04) */
74 /* Channel = IVAL(inbody, 0x08) */
75 in_security_offset = SVAL(inbody, 0x0C);
76 in_security_length = SVAL(inbody, 0x0E);
77 in_previous_session_id = BVAL(inbody, 0x10);
78
79 if (in_security_offset != (SMB2_HDR_BODY + SMBD_SMB2_IN_BODY_LEN(smb2req))) {
80 return smbd_smb2_request_error(smb2req, NT_STATUS_INVALID_PARAMETER);
81 }
82
83 if (in_security_length > SMBD_SMB2_IN_DYN_LEN(smb2req)) {
84 return smbd_smb2_request_error(smb2req, NT_STATUS_INVALID_PARAMETER);
85 }
86
87 in_security_buffer.data = SMBD_SMB2_IN_DYN_PTR(smb2req);
88 in_security_buffer.length = in_security_length;
89
90 subreq = smbd_smb2_session_setup_send(smb2req,
91 smb2req->sconn->ev_ctx,
92 smb2req,
93 in_session_id,
94 in_flags,
95 in_security_mode,
96 in_previous_session_id,
97 in_security_buffer);
98 if (subreq == NULL) {
99 return smbd_smb2_request_error(smb2req, NT_STATUS_NO_MEMORY);
100 }
101 tevent_req_set_callback(subreq, smbd_smb2_request_sesssetup_done, smb2req);
102
103 return smbd_smb2_request_pending_queue(smb2req, subreq, 500);
104 }
105
106 static void smbd_smb2_request_sesssetup_done(struct tevent_req *subreq)
107 {
108 struct smbd_smb2_request *smb2req =
109 tevent_req_callback_data(subreq,
110 struct smbd_smb2_request);
111 uint8_t *outhdr;
112 DATA_BLOB outbody;
113 DATA_BLOB outdyn;
114 uint16_t out_session_flags;
115 uint64_t out_session_id;
116 uint16_t out_security_offset;
117 DATA_BLOB out_security_buffer = data_blob_null;
118 NTSTATUS status;
119 NTSTATUS error; /* transport error */
120
121 status = smbd_smb2_session_setup_recv(subreq,
122 &out_session_flags,
123 smb2req,
124 &out_security_buffer,
125 &out_session_id);
126 TALLOC_FREE(subreq);
127 if (!NT_STATUS_IS_OK(status) &&
128 !NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
129 status = nt_status_squash(status);
130 error = smbd_smb2_request_error(smb2req, status);
131 if (!NT_STATUS_IS_OK(error)) {
132 smbd_server_connection_terminate(smb2req->sconn,
133 nt_errstr(error));
134 return;
135 }
136 return;
137 }
138
139 out_security_offset = SMB2_HDR_BODY + 0x08;
140
141 outhdr = SMBD_SMB2_OUT_HDR_PTR(smb2req);
142
143 outbody = data_blob_talloc(smb2req->out.vector, NULL, 0x08);
144 if (outbody.data == NULL) {
145 error = smbd_smb2_request_error(smb2req, NT_STATUS_NO_MEMORY);
146 if (!NT_STATUS_IS_OK(error)) {
147 smbd_server_connection_terminate(smb2req->sconn,
148 nt_errstr(error));
149 return;
150 }
151 return;
152 }
153
154 SBVAL(outhdr, SMB2_HDR_SESSION_ID, out_session_id);
155
156 SSVAL(outbody.data, 0x00, 0x08 + 1); /* struct size */
157 SSVAL(outbody.data, 0x02,
158 out_session_flags); /* session flags */
159 SSVAL(outbody.data, 0x04,
160 out_security_offset); /* security buffer offset */
161 SSVAL(outbody.data, 0x06,
162 out_security_buffer.length); /* security buffer length */
163
164 outdyn = out_security_buffer;
165
166 error = smbd_smb2_request_done_ex(smb2req, status, outbody, &outdyn,
167 __location__);
168 if (!NT_STATUS_IS_OK(error)) {
169 smbd_server_connection_terminate(smb2req->sconn,
170 nt_errstr(error));
171 return;
172 }
173 }
174
175 static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
176 struct smbd_smb2_request *smb2req,
177 uint8_t in_security_mode,
178 struct auth_session_info *session_info,
179 uint16_t *out_session_flags,
180 uint64_t *out_session_id)
181 {
182 NTSTATUS status;
183 bool guest = false;
184 uint8_t session_key[16];
185 struct smbXsrv_session *x = session;
186 struct smbXsrv_connection *conn = session->connection;
187
188 if ((lp_server_signing() == SMB_SIGNING_OFF) &&
189 (in_security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED)) {
190 DEBUG(0,("SMB2 signing required and we have disabled it.\n"));
191 return NT_STATUS_ACCESS_DENIED;
192 }
193
194 if ((in_security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) ||
195 lp_server_signing() == SMB_SIGNING_REQUIRED) {
196 x->global->signing_required = true;
197 }
198
199 if (lp_smb_encrypt(-1) == SMB_SIGNING_REQUIRED) {
200 x->global->encryption_required = true;
201 }
202
203 if (security_session_user_level(session_info, NULL) < SECURITY_USER) {
204 /* we map anonymous to guest internally */
205 *out_session_flags |= SMB2_SESSION_FLAG_IS_GUEST;
206 *out_session_flags |= SMB2_SESSION_FLAG_IS_NULL;
207 /* force no signing */
208 x->global->signing_required = false;
209 guest = true;
210 }
211
212 if (guest && x->global->encryption_required) {
213 DEBUG(1,("reject guest session as encryption is required\n"));
214 return NT_STATUS_ACCESS_DENIED;
215 }
216
217 if (!(conn->smb2.server.capabilities & SMB2_CAP_ENCRYPTION)) {
218 if (x->global->encryption_required) {
219 DEBUG(1,("reject session with dialect[0x%04X] "
220 "as encryption is required\n",
221 conn->smb2.server.dialect));
222 return NT_STATUS_ACCESS_DENIED;
223 }
224 }
225
226 if (x->global->encryption_required) {
227 *out_session_flags |= SMB2_SESSION_FLAG_ENCRYPT_DATA;
228 }
229
230 ZERO_STRUCT(session_key);
231 memcpy(session_key, session_info->session_key.data,
232 MIN(session_info->session_key.length, sizeof(session_key)));
233
234 x->global->signing_key = data_blob_talloc(x->global,
235 session_key,
236 sizeof(session_key));
237 if (x->global->signing_key.data == NULL) {
238 ZERO_STRUCT(session_key);
239 return NT_STATUS_NO_MEMORY;
240 }
241
242 if (conn->protocol >= PROTOCOL_SMB2_24) {
243 const DATA_BLOB label = data_blob_string_const_null("SMB2AESCMAC");
244 const DATA_BLOB context = data_blob_string_const_null("SmbSign");
245
246 smb2_key_derivation(session_key, sizeof(session_key),
247 label.data, label.length,
248 context.data, context.length,
249 x->global->signing_key.data);
250 }
251
252 if (conn->protocol >= PROTOCOL_SMB2_24) {
253 const DATA_BLOB label = data_blob_string_const_null("SMB2AESCCM");
254 const DATA_BLOB context = data_blob_string_const_null("ServerIn ");
255
256 x->global->decryption_key = data_blob_talloc(x->global,
257 session_key,
258 sizeof(session_key));
259 if (x->global->decryption_key.data == NULL) {
260 ZERO_STRUCT(session_key);
261 return NT_STATUS_NO_MEMORY;
262 }
263
264 smb2_key_derivation(session_key, sizeof(session_key),
265 label.data, label.length,
266 context.data, context.length,
267 x->global->decryption_key.data);
268 }
269
270 if (conn->protocol >= PROTOCOL_SMB2_24) {
271 const DATA_BLOB label = data_blob_string_const_null("SMB2AESCCM");
272 const DATA_BLOB context = data_blob_string_const_null("ServerOut");
273
274 x->global->encryption_key = data_blob_talloc(x->global,
275 session_key,
276 sizeof(session_key));
277 if (x->global->encryption_key.data == NULL) {
278 ZERO_STRUCT(session_key);
279 return NT_STATUS_NO_MEMORY;
280 }
281
282 smb2_key_derivation(session_key, sizeof(session_key),
283 label.data, label.length,
284 context.data, context.length,
285 x->global->encryption_key.data);
286
287 generate_random_buffer((uint8_t *)&x->nonce_high, sizeof(x->nonce_high));
288 x->nonce_low = 1;
289 }
290
291 x->global->application_key = data_blob_dup_talloc(x->global,
292 x->global->signing_key);
293 if (x->global->application_key.data == NULL) {
294 ZERO_STRUCT(session_key);
295 return NT_STATUS_NO_MEMORY;
296 }
297
298 if (conn->protocol >= PROTOCOL_SMB2_24) {
299 const DATA_BLOB label = data_blob_string_const_null("SMB2APP");
300 const DATA_BLOB context = data_blob_string_const_null("SmbRpc");
301
302 smb2_key_derivation(session_key, sizeof(session_key),
303 label.data, label.length,
304 context.data, context.length,
305 x->global->application_key.data);
306 }
307 ZERO_STRUCT(session_key);
308
309 x->global->channels[0].signing_key = data_blob_dup_talloc(x->global->channels,
310 x->global->signing_key);
311 if (x->global->channels[0].signing_key.data == NULL) {
312 return NT_STATUS_NO_MEMORY;
313 }
314
315 data_blob_clear_free(&session_info->session_key);
316 session_info->session_key = data_blob_dup_talloc(session_info,
317 x->global->application_key);
318 if (session_info->session_key.data == NULL) {
319 return NT_STATUS_NO_MEMORY;
320 }
321
322 session->compat = talloc_zero(session, struct user_struct);
323 if (session->compat == NULL) {
324 return NT_STATUS_NO_MEMORY;
325 }
326 session->compat->session = session;
327 session->compat->homes_snum = -1;
328 session->compat->session_info = session_info;
329 session->compat->session_keystr = NULL;
330 session->compat->vuid = session->global->session_wire_id;
331 DLIST_ADD(smb2req->sconn->users, session->compat);
332 smb2req->sconn->num_users++;
333
334 if (security_session_user_level(session_info, NULL) >= SECURITY_USER) {
335 session->compat->homes_snum =
336 register_homes_share(session_info->unix_info->unix_name);
337 }
338
339 if (!session_claim(smb2req->sconn, session->compat)) {
340 DEBUG(1, ("smb2: Failed to claim session "
341 "for vuid=%llu\n",
342 (unsigned long long)session->compat->vuid));
343 return NT_STATUS_LOGON_FAILURE;
344 }
345
346 set_current_user_info(session_info->unix_info->sanitized_username,
347 session_info->unix_info->unix_name,
348 session_info->info->domain_name);
349
350 reload_services(smb2req->sconn, conn_snum_used, true);
351
352 session->status = NT_STATUS_OK;
353 session->global->auth_session_info = session_info;
354 session->global->auth_session_info_seqnum += 1;
355 session->global->channels[0].auth_session_info_seqnum =
356 session->global->auth_session_info_seqnum;
357 session->global->expiration_time = gensec_expire_time(session->gensec);
358
359 status = smbXsrv_session_update(session);
360 if (!NT_STATUS_IS_OK(status)) {
361 DEBUG(0, ("smb2: Failed to update session for vuid=%llu - %s\n",
362 (unsigned long long)session->compat->vuid,
363 nt_errstr(status)));
364 return NT_STATUS_LOGON_FAILURE;
365 }
366
367 /*
368 * we attach the session to the request
369 * so that the response can be signed
370 */
371 smb2req->session = session;
372 if (!guest) {
373 smb2req->do_signing = true;
374 }
375
376 global_client_caps |= (CAP_LEVEL_II_OPLOCKS|CAP_STATUS32);
377
378 *out_session_id = session->global->session_wire_id;
379
380 return NT_STATUS_OK;
381 }
382
383 static NTSTATUS smbd_smb2_reauth_generic_return(struct smbXsrv_session *session,
384 struct smbd_smb2_request *smb2req,
385 struct auth_session_info *session_info,
386 uint16_t *out_session_flags,
387 uint64_t *out_session_id)
388 {
389 NTSTATUS status;
390 struct smbXsrv_session *x = session;
391 struct smbXsrv_connection *conn = session->connection;
392
393 data_blob_clear_free(&session_info->session_key);
394 session_info->session_key = data_blob_dup_talloc(session_info,
395 x->global->application_key);
396 if (session_info->session_key.data == NULL) {
397 return NT_STATUS_NO_MEMORY;
398 }
399
400 session->compat->session_info = session_info;
401 session->compat->vuid = session->global->session_wire_id;
402
403 session->compat->homes_snum =
404 register_homes_share(session_info->unix_info->unix_name);
405
406 set_current_user_info(session_info->unix_info->sanitized_username,
407 session_info->unix_info->unix_name,
408 session_info->info->domain_name);
409
410 reload_services(smb2req->sconn, conn_snum_used, true);
411
412 session->status = NT_STATUS_OK;
413 TALLOC_FREE(session->global->auth_session_info);
414 session->global->auth_session_info = session_info;
415 session->global->auth_session_info_seqnum += 1;
416 session->global->channels[0].auth_session_info_seqnum =
417 session->global->auth_session_info_seqnum;
418 session->global->expiration_time = gensec_expire_time(session->gensec);
419
420 status = smbXsrv_session_update(session);
421 if (!NT_STATUS_IS_OK(status)) {
422 DEBUG(0, ("smb2: Failed to update session for vuid=%llu - %s\n",
423 (unsigned long long)session->compat->vuid,
424 nt_errstr(status)));
425 return NT_STATUS_LOGON_FAILURE;
426 }
427
428 conn_clear_vuid_caches(conn->sconn, session->compat->vuid);
429
430 *out_session_id = session->global->session_wire_id;
431
432 return NT_STATUS_OK;
433 }
434
435 struct smbd_smb2_session_setup_state {
436 struct tevent_context *ev;
437 struct smbd_smb2_request *smb2req;
438 uint64_t in_session_id;
439 uint8_t in_flags;
440 uint8_t in_security_mode;
441 uint64_t in_previous_session_id;
442 DATA_BLOB in_security_buffer;
443 struct smbXsrv_session *session;
444 struct auth_session_info *session_info;
445 uint16_t out_session_flags;
446 DATA_BLOB out_security_buffer;
447 uint64_t out_session_id;
448 /* The following pointer is owned by state->session. */
449 struct smbd_smb2_session_setup_state **pp_self_ref;
450 };
451
452 static int pp_self_ref_destructor(struct smbd_smb2_session_setup_state **pp_state)
453 {
454 (*pp_state)->session = NULL;
455 /*
456 * To make things clearer, ensure the pp_self_ref
457 * pointer is nulled out. We're never going to
458 * access this again.
459 */
460 (*pp_state)->pp_self_ref = NULL;
461 return 0;
462 }
463
464 static int smbd_smb2_session_setup_state_destructor(struct smbd_smb2_session_setup_state *state)
465 {
466 /*
467 * if state->session is not NULL,
468 * we remove the session on failure
469 */
470 TALLOC_FREE(state->session);
471 return 0;
472 }
473
474 static void smbd_smb2_session_setup_gensec_done(struct tevent_req *subreq);
475 static void smbd_smb2_session_setup_previous_done(struct tevent_req *subreq);
476
477 /************************************************************************
478 We have to tag the state->session pointer with memory talloc'ed
479 on it to ensure it gets NULL'ed out if the underlying struct smbXsrv_session
480 is deleted by shutdown whilst this request is in flight.
481 ************************************************************************/
482
483 static NTSTATUS tag_state_session_ptr(struct smbd_smb2_session_setup_state *state)
484 {
485 state->pp_self_ref = talloc_zero(state->session,
486 struct smbd_smb2_session_setup_state *);
487 if (state->pp_self_ref == NULL) {
488 return NT_STATUS_NO_MEMORY;
489 }
490 *state->pp_self_ref = state;
491 talloc_set_destructor(state->pp_self_ref, pp_self_ref_destructor);
492 return NT_STATUS_OK;
493 }
494
495 static struct tevent_req *smbd_smb2_session_setup_send(TALLOC_CTX *mem_ctx,
496 struct tevent_context *ev,
497 struct smbd_smb2_request *smb2req,
498 uint64_t in_session_id,
499 uint8_t in_flags,
500 uint8_t in_security_mode,
501 uint64_t in_previous_session_id,
502 DATA_BLOB in_security_buffer)
503 {
504 struct tevent_req *req;
505 struct smbd_smb2_session_setup_state *state;
506 NTSTATUS status;
507 NTTIME now = timeval_to_nttime(&smb2req->request_time);
508 struct tevent_req *subreq;
509
510 req = tevent_req_create(mem_ctx, &state,
511 struct smbd_smb2_session_setup_state);
512 if (req == NULL) {
513 return NULL;
514 }
515 state->ev = ev;
516 state->smb2req = smb2req;
517 state->in_session_id = in_session_id;
518 state->in_flags = in_flags;
519 state->in_security_mode = in_security_mode;
520 state->in_previous_session_id = in_previous_session_id;
521 state->in_security_buffer = in_security_buffer;
522
523 if (in_flags & SMB2_SESSION_FLAG_BINDING) {
524 if (smb2req->sconn->conn->protocol < PROTOCOL_SMB2_22) {
525 tevent_req_nterror(req, NT_STATUS_REQUEST_NOT_ACCEPTED);
526 return tevent_req_post(req, ev);
527 }
528
529 /*
530 * We do not support multi channel.
531 */
532 tevent_req_nterror(req, NT_STATUS_NOT_SUPPORTED);
533 return tevent_req_post(req, ev);
534 }
535
536 talloc_set_destructor(state, smbd_smb2_session_setup_state_destructor);
537
538 if (state->in_session_id == 0) {
539 /* create a new session */
540 status = smbXsrv_session_create(state->smb2req->sconn->conn,
541 now, &state->session);
542 if (tevent_req_nterror(req, status)) {
543 return tevent_req_post(req, ev);
544 }
545 } else {
546 status = smb2srv_session_lookup(state->smb2req->sconn->conn,
547 state->in_session_id, now,
548 &state->session);
549 if (NT_STATUS_EQUAL(status, NT_STATUS_NETWORK_SESSION_EXPIRED)) {
550 status = NT_STATUS_OK;
551 }
552 if (NT_STATUS_IS_OK(status)) {
553 state->session->status = NT_STATUS_MORE_PROCESSING_REQUIRED;
554 status = NT_STATUS_MORE_PROCESSING_REQUIRED;
555 TALLOC_FREE(state->session->gensec);
556 }
557 if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
558 tevent_req_nterror(req, status);
559 return tevent_req_post(req, ev);
560 }
561 }
562
563 status = tag_state_session_ptr(state);
564 if (tevent_req_nterror(req, status)) {
565 return tevent_req_post(req, ev);
566 }
567
568 if (state->session->gensec == NULL) {
569 status = auth_generic_prepare(state->session,
570 state->session->connection->remote_address,
571 &state->session->gensec);
572 if (tevent_req_nterror(req, status)) {
573 return tevent_req_post(req, ev);
574 }
575
576 gensec_want_feature(state->session->gensec, GENSEC_FEATURE_SESSION_KEY);
577 gensec_want_feature(state->session->gensec, GENSEC_FEATURE_UNIX_TOKEN);
578
579 status = gensec_start_mech_by_oid(state->session->gensec,
580 GENSEC_OID_SPNEGO);
581 if (tevent_req_nterror(req, status)) {
582 return tevent_req_post(req, ev);
583 }
584 }
585
586 become_root();
587 subreq = gensec_update_send(state, state->ev,
588 state->session->gensec,
589 state->in_security_buffer);
590 unbecome_root();
591 if (tevent_req_nomem(subreq, req)) {
592 return tevent_req_post(req, ev);
593 }
594 tevent_req_set_callback(subreq, smbd_smb2_session_setup_gensec_done, req);
595
596 return req;
597 }
598
599 static void smbd_smb2_session_setup_gensec_done(struct tevent_req *subreq)
600 {
601 struct tevent_req *req =
602 tevent_req_callback_data(subreq,
603 struct tevent_req);
604 struct smbd_smb2_session_setup_state *state =
605 tevent_req_data(req,
606 struct smbd_smb2_session_setup_state);
607 NTSTATUS status;
608
609 become_root();
610 status = gensec_update_recv(subreq, state,
611 &state->out_security_buffer);
612 unbecome_root();
613 TALLOC_FREE(subreq);
614 if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED) &&
615 !NT_STATUS_IS_OK(status)) {
616 tevent_req_nterror(req, status);
617 return;
618 }
619
620 if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
621 state->out_session_id = state->session->global->session_wire_id;
622 /* we want to keep the session */
623 TALLOC_FREE(state->pp_self_ref);
624 tevent_req_nterror(req, status);
625 return;
626 }
627
628 status = gensec_session_info(state->session->gensec,
629 state->session->global,
630 &state->session_info);
631 if (tevent_req_nterror(req, status)) {
632 return;
633 }
634
635 if ((state->in_previous_session_id != 0) &&
636 (state->session->global->session_wire_id !=
637 state->in_previous_session_id))
638 {
639 subreq = smb2srv_session_close_previous_send(state, state->ev,
640 state->session->connection,
641 state->session_info,
642 state->in_previous_session_id,
643 state->session->global->session_wire_id);
644 if (tevent_req_nomem(subreq, req)) {
645 return;
646 }
647 tevent_req_set_callback(subreq,
648 smbd_smb2_session_setup_previous_done,
649 req);
650 return;
651 }
652
653 if (state->session->global->auth_session_info != NULL) {
654 status = smbd_smb2_reauth_generic_return(state->session,
655 state->smb2req,
656 state->session_info,
657 &state->out_session_flags,
658 &state->out_session_id);
659 if (tevent_req_nterror(req, status)) {
660 return;
661 }
662 /* we want to keep the session */
663 TALLOC_FREE(state->pp_self_ref);
664 tevent_req_done(req);
665 return;
666 }
667
668 status = smbd_smb2_auth_generic_return(state->session,
669 state->smb2req,
670 state->in_security_mode,
671 state->session_info,
672 &state->out_session_flags,
673 &state->out_session_id);
674 if (tevent_req_nterror(req, status)) {
675 return;
676 }
677
678 /* we want to keep the session */
679 TALLOC_FREE(state->pp_self_ref);
680 tevent_req_done(req);
681 return;
682 }
683
684 static void smbd_smb2_session_setup_previous_done(struct tevent_req *subreq)
685 {
686 struct tevent_req *req =
687 tevent_req_callback_data(subreq,
688 struct tevent_req);
689 struct smbd_smb2_session_setup_state *state =
690 tevent_req_data(req,
691 struct smbd_smb2_session_setup_state);
692 NTSTATUS status;
693
694 status = smb2srv_session_close_previous_recv(subreq);
695 TALLOC_FREE(subreq);
696 if (tevent_req_nterror(req, status)) {
697 return;
698 }
699
700 if (state->session->global->auth_session_info != NULL) {
701 status = smbd_smb2_reauth_generic_return(state->session,
702 state->smb2req,
703 state->session_info,
704 &state->out_session_flags,
705 &state->out_session_id);
706 if (tevent_req_nterror(req, status)) {
707 return;
708 }
709 /* we want to keep the session */
710 TALLOC_FREE(state->pp_self_ref);
711 tevent_req_done(req);
712 return;
713 }
714
715 status = smbd_smb2_auth_generic_return(state->session,
716 state->smb2req,
717 state->in_security_mode,
718 state->session_info,
719 &state->out_session_flags,
720 &state->out_session_id);
721 if (tevent_req_nterror(req, status)) {
722 return;
723 }
724
725 /* we want to keep the session */
726 TALLOC_FREE(state->pp_self_ref);
727 tevent_req_done(req);
728 return;
729 }
730
731 static NTSTATUS smbd_smb2_session_setup_recv(struct tevent_req *req,
732 uint16_t *out_session_flags,
733 TALLOC_CTX *mem_ctx,
734 DATA_BLOB *out_security_buffer,
735 uint64_t *out_session_id)
736 {
737 struct smbd_smb2_session_setup_state *state =
738 tevent_req_data(req,
739 struct smbd_smb2_session_setup_state);
740 NTSTATUS status;
741
742 if (tevent_req_is_nterror(req, &status)) {
743 if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
744 tevent_req_received(req);
745 return nt_status_squash(status);
746 }
747 } else {
748 status = NT_STATUS_OK;
749 }
750
751 *out_session_flags = state->out_session_flags;
752 *out_security_buffer = state->out_security_buffer;
753 *out_session_id = state->out_session_id;
754
755 talloc_steal(mem_ctx, out_security_buffer->data);
756 tevent_req_received(req);
757 return status;
758 }
759
760 NTSTATUS smbd_smb2_request_process_logoff(struct smbd_smb2_request *req)
761 {
762 NTSTATUS status;
763 DATA_BLOB outbody;
764
765 status = smbd_smb2_request_verify_sizes(req, 0x04);
766 if (!NT_STATUS_IS_OK(status)) {
767 return smbd_smb2_request_error(req, status);
768 }
769
770 /*
771 * TODO: cancel all outstanding requests on the session
772 */
773 status = smbXsrv_session_logoff(req->session);
774 if (!NT_STATUS_IS_OK(status)) {
775 DEBUG(0, ("smbd_smb2_request_process_logoff: "
776 "smbXsrv_session_logoff() failed: %s\n",
777 nt_errstr(status)));
778 /*
779 * If we hit this case, there is something completely
780 * wrong, so we better disconnect the transport connection.
781 */
782 return status;
783 }
784
785 /*
786 * we may need to sign the response, so we need to keep
787 * the session until the response is sent to the wire.
788 */
789 talloc_steal(req, req->session);
790
791 outbody = data_blob_talloc(req->out.vector, NULL, 0x04);
792 if (outbody.data == NULL) {
793 return smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
794 }
795
796 SSVAL(outbody.data, 0x00, 0x04); /* struct size */
797 SSVAL(outbody.data, 0x02, 0); /* reserved */
798
799 return smbd_smb2_request_done(req, outbody, NULL);
800 }
WIP