search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3:smbd/signing: use smbd_server_connection as talloc parent for its smb1 signing...
[Samba/gebeck_regimport.git] / source3 / smbd / signing.c
blobf4a8d2a2fdaf62fe97ebe5a89a4638b5b39f6cf5
1 /*
2 Unix SMB/CIFS implementation.
3 SMB Signing Code
4 Copyright (C) Jeremy Allison 2003.
5 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
6 Copyright (C) Stefan Metzmacher 2009
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23 #include "smbd/smbd.h"
24 #include "smbd/globals.h"
25 #include "../libcli/smb/smb_signing.h"
26
27 /***********************************************************
28 Called to validate an incoming packet from the client.
29 ************************************************************/
30
31 bool srv_check_sign_mac(struct smbd_server_connection *conn,
32 const char *inbuf, uint32_t *seqnum,
33 bool trusted_channel)
34 {
35 /* Check if it's a non-session message. */
36 if(CVAL(inbuf,0)) {
37 return true;
38 }
39
40 if (trusted_channel) {
41 NTSTATUS status;
42
43 if (smb_len(inbuf) < (smb_ss_field + 8 - 4)) {
44 DEBUG(1,("smb_signing_check_pdu: Can't check signature "
45 "on short packet! smb_len = %u\n",
46 smb_len(inbuf)));
47 return false;
48 }
49
50 status = NT_STATUS(IVAL(inbuf, smb_ss_field + 4));
51 if (!NT_STATUS_IS_OK(status)) {
52 DEBUG(1,("smb_signing_check_pdu: trusted channel passed %s\n",
53 nt_errstr(status)));
54 return false;
55 }
56
57 *seqnum = IVAL(inbuf, smb_ss_field);
58 return true;
59 }
60
61 *seqnum = smb_signing_next_seqnum(conn->smb1.signing_state, false);
62 return smb_signing_check_pdu(conn->smb1.signing_state,
63 (const uint8_t *)inbuf,
64 *seqnum);
65 }
66
67 /***********************************************************
68 Called to sign an outgoing packet to the client.
69 ************************************************************/
70
71 void srv_calculate_sign_mac(struct smbd_server_connection *conn,
72 char *outbuf, uint32_t seqnum)
73 {
74 /* Check if it's a non-session message. */
75 if(CVAL(outbuf,0)) {
76 return;
77 }
78
79 smb_signing_sign_pdu(conn->smb1.signing_state, (uint8_t *)outbuf, seqnum);
80 }
81
82
83 /***********************************************************
84 Called to indicate a oneway request
85 ************************************************************/
86 void srv_cancel_sign_response(struct smbd_server_connection *conn)
87 {
88 smb_signing_cancel_reply(conn->smb1.signing_state, true);
89 }
90
91 struct smbd_shm_signing {
92 size_t shm_size;
93 uint8_t *shm_pointer;
94
95 /* we know the signing engine will only allocate 2 chunks */
96 uint8_t *ptr1;
97 size_t len1;
98 uint8_t *ptr2;
99 size_t len2;
100 };
101
102 static int smbd_shm_signing_destructor(struct smbd_shm_signing *s)
103 {
104 anonymous_shared_free(s->shm_pointer);
105 return 0;
106 }
107
108 static void *smbd_shm_signing_alloc(TALLOC_CTX *mem_ctx, size_t len)
109 {
110 struct smbd_shm_signing *s = talloc_get_type_abort(mem_ctx,
111 struct smbd_shm_signing);
112
113 if (s->ptr1 == NULL) {
114 s->len1 = len;
115 if (len % 8) {
116 s->len1 += (8 - (len % 8));
117 }
118 if (s->len1 > s->shm_size) {
119 s->len1 = 0;
120 errno = ENOMEM;
121 return NULL;
122 }
123 s->ptr1 = s->shm_pointer;
124 return s->ptr1;
125 }
126
127 if (s->ptr2 == NULL) {
128 s->len2 = len;
129 if (s->len2 > (s->shm_size - s->len1)) {
130 s->len2 = 0;
131 errno = ENOMEM;
132 return NULL;
133 }
134 s->ptr2 = s->shm_pointer + s->len1;
135 return s->ptr2;
136 }
137
138 errno = ENOMEM;
139 return NULL;
140 }
141
142 static void smbd_shm_signing_free(TALLOC_CTX *mem_ctx, void *ptr)
143 {
144 struct smbd_shm_signing *s = talloc_get_type_abort(mem_ctx,
145 struct smbd_shm_signing);
146
147 if (s->ptr2 == ptr) {
148 s->ptr2 = NULL;
149 s->len2 = 0;
150 }
151 }
152
153 /***********************************************************
154 Called by server negprot when signing has been negotiated.
155 ************************************************************/
156
157 bool srv_init_signing(struct smbd_server_connection *conn)
158 {
159 bool allowed = true;
160 bool desired;
161 bool mandatory = false;
162
163 switch (lp_server_signing()) {
164 case SMB_SIGNING_REQUIRED:
165 mandatory = true;
166 break;
167 case SMB_SIGNING_IF_REQUIRED:
168 break;
169 case SMB_SIGNING_DEFAULT:
170 case SMB_SIGNING_OFF:
171 allowed = false;
172 break;
173 }
174
175 /*
176 * if the client and server allow signing,
177 * we desire to use it.
178 *
179 * This matches Windows behavior and is needed
180 * because not every client that requires signing
181 * sends FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED.
182 */
183 desired = allowed;
184
185 if (lp_async_smb_echo_handler()) {
186 struct smbd_shm_signing *s;
187
188 /* setup the signing state in shared memory */
189 s = talloc_zero(conn, struct smbd_shm_signing);
190 if (s == NULL) {
191 return false;
192 }
193 s->shm_size = 4096;
194 s->shm_pointer =
195 (uint8_t *)anonymous_shared_allocate(s->shm_size);
196 if (s->shm_pointer == NULL) {
197 talloc_free(s);
198 return false;
199 }
200 talloc_set_destructor(s, smbd_shm_signing_destructor);
201 conn->smb1.signing_state = smb_signing_init_ex(s,
202 allowed, desired, mandatory,
203 smbd_shm_signing_alloc,
204 smbd_shm_signing_free);
205 if (!conn->smb1.signing_state) {
206 return false;
207 }
208 return true;
209 }
210
211 conn->smb1.signing_state = smb_signing_init(conn,
212 allowed, desired, mandatory);
213 if (!conn->smb1.signing_state) {
214 return false;
215 }
216
217 return true;
218 }
219
220 void srv_set_signing_negotiated(struct smbd_server_connection *conn,
221 bool allowed, bool mandatory)
222 {
223 smb_signing_set_negotiated(conn->smb1.signing_state,
224 allowed, mandatory);
225 }
226
227 /***********************************************************
228 Returns whether signing is active. We can't use sendfile or raw
229 reads/writes if it is.
230 ************************************************************/
231
232 bool srv_is_signing_active(struct smbd_server_connection *conn)
233 {
234 return smb_signing_is_active(conn->smb1.signing_state);
235 }
236
237
238 /***********************************************************
239 Returns whether signing is negotiated. We can't use it unless it was
240 in the negprot.
241 ************************************************************/
242
243 bool srv_is_signing_negotiated(struct smbd_server_connection *conn)
244 {
245 return smb_signing_is_negotiated(conn->smb1.signing_state);
246 }
247
248 /***********************************************************
249 Turn on signing from this packet onwards.
250 ************************************************************/
251
252 void srv_set_signing(struct smbd_server_connection *conn,
253 const DATA_BLOB user_session_key,
254 const DATA_BLOB response)
255 {
256 bool negotiated;
257 bool mandatory;
258
259 if (!user_session_key.length)
260 return;
261
262 negotiated = smb_signing_is_negotiated(conn->smb1.signing_state);
263 mandatory = smb_signing_is_mandatory(conn->smb1.signing_state);
264
265 if (!negotiated && !mandatory) {
266 DEBUG(5,("srv_set_signing: signing negotiated = %u, "
267 "mandatory_signing = %u. Not allowing smb signing.\n",
268 negotiated, mandatory));
269 return;
270 }
271
272 if (!smb_signing_activate(conn->smb1.signing_state,
273 user_session_key, response)) {
274 return;
275 }
276
277 DEBUG(3,("srv_set_signing: turning on SMB signing: "
278 "signing negotiated = %u, mandatory_signing = %u.\n",
279 negotiated, mandatory));
280 }
281
reg import