search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
r3294: Fix for SMB signing with 56-bit DES session keys. From Nalin Dahyabhai <nalin...
[Samba/nascimento.git] / source3 / libsmb / smb_signing.c
blobb02a13c73e12f73738023c04da787a0696dad441
1 /*
2 Unix SMB/CIFS implementation.
3 SMB Signing Code
4 Copyright (C) Jeremy Allison 2003.
5 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 */
21
22 #include "includes.h"
23
24 /* Lookup a packet's MID (multiplex id) and figure out it's sequence number */
25 struct outstanding_packet_lookup {
26 uint16 mid;
27 uint32 reply_seq_num;
28 struct outstanding_packet_lookup *prev, *next;
29 };
30
31 /* Store the data for an ongoing trans/trans2/nttrans operation. */
32 struct trans_info_context {
33 uint16 mid;
34 uint32 send_seq_num;
35 uint32 reply_seq_num;
36 };
37
38 struct smb_basic_signing_context {
39 DATA_BLOB mac_key;
40 uint32 send_seq_num;
41 struct trans_info_context *trans_info;
42 struct outstanding_packet_lookup *outstanding_packet_list;
43 };
44
45 static BOOL store_sequence_for_reply(struct outstanding_packet_lookup **list,
46 uint16 mid, uint32 reply_seq_num)
47 {
48 struct outstanding_packet_lookup *t;
49
50 /* Ensure we only add a mid once. */
51 for (t = *list; t; t = t->next) {
52 if (t->mid == mid) {
53 return False;
54 }
55 }
56
57 t = smb_xmalloc(sizeof(*t));
58 ZERO_STRUCTP(t);
59
60 t->mid = mid;
61 t->reply_seq_num = reply_seq_num;
62
63 /*
64 * Add to the *start* of the list not the end of the list.
65 * This ensures that the *last* send sequence with this mid
66 * is returned by preference.
67 * This can happen if the mid wraps and one of the early
68 * mid numbers didn't get a reply and is still lurking on
69 * the list. JRA. Found by Fran Fabrizio <fran@cis.uab.edu>.
70 */
71
72 DLIST_ADD(*list, t);
73 DEBUG(10,("store_sequence_for_reply: stored seq = %u mid = %u\n",
74 (unsigned int)reply_seq_num, (unsigned int)mid ));
75 return True;
76 }
77
78 static BOOL get_sequence_for_reply(struct outstanding_packet_lookup **list,
79 uint16 mid, uint32 *reply_seq_num)
80 {
81 struct outstanding_packet_lookup *t;
82
83 for (t = *list; t; t = t->next) {
84 if (t->mid == mid) {
85 *reply_seq_num = t->reply_seq_num;
86 DEBUG(10,("get_sequence_for_reply: found seq = %u mid = %u\n",
87 (unsigned int)t->reply_seq_num, (unsigned int)t->mid ));
88 DLIST_REMOVE(*list, t);
89 SAFE_FREE(t);
90 return True;
91 }
92 }
93 return False;
94 }
95
96 /***********************************************************
97 SMB signing - Common code before we set a new signing implementation
98 ************************************************************/
99
100 static BOOL cli_set_smb_signing_common(struct cli_state *cli)
101 {
102 if (!cli->sign_info.negotiated_smb_signing
103 && !cli->sign_info.mandatory_signing) {
104 return False;
105 }
106
107 if (cli->sign_info.doing_signing) {
108 return False;
109 }
110
111 if (cli->sign_info.free_signing_context)
112 cli->sign_info.free_signing_context(&cli->sign_info);
113
114 /* These calls are INCOMPATIBLE with SMB signing */
115 cli->readbraw_supported = False;
116 cli->writebraw_supported = False;
117
118 return True;
119 }
120
121 /***********************************************************
122 SMB signing - Common code for 'real' implementations
123 ************************************************************/
124
125 static BOOL set_smb_signing_real_common(struct smb_sign_info *si)
126 {
127 if (si->mandatory_signing) {
128 DEBUG(5, ("Mandatory SMB signing enabled!\n"));
129 }
130
131 si->doing_signing = True;
132 DEBUG(5, ("SMB signing enabled!\n"));
133
134 return True;
135 }
136
137 static void mark_packet_signed(char *outbuf)
138 {
139 uint16 flags2;
140 flags2 = SVAL(outbuf,smb_flg2);
141 flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES;
142 SSVAL(outbuf,smb_flg2, flags2);
143 }
144
145 /***********************************************************
146 SMB signing - NULL implementation - calculate a MAC to send.
147 ************************************************************/
148
149 static void null_sign_outgoing_message(char *outbuf, struct smb_sign_info *si)
150 {
151 /* we can't zero out the sig, as we might be trying to send a
152 session request - which is NBT-level, not SMB level and doesn't
153 have the field */
154 return;
155 }
156
157 /***********************************************************
158 SMB signing - NULL implementation - check a MAC sent by server.
159 ************************************************************/
160
161 static BOOL null_check_incoming_message(char *inbuf, struct smb_sign_info *si, BOOL must_be_ok)
162 {
163 return True;
164 }
165
166 /***********************************************************
167 SMB signing - NULL implementation - free signing context
168 ************************************************************/
169
170 static void null_free_signing_context(struct smb_sign_info *si)
171 {
172 return;
173 }
174
175 /**
176 SMB signing - NULL implementation - setup the MAC key.
177
178 @note Used as an initialisation only - it will not correctly
179 shut down a real signing mechanism
180 */
181
182 static BOOL null_set_signing(struct smb_sign_info *si)
183 {
184 si->signing_context = NULL;
185
186 si->sign_outgoing_message = null_sign_outgoing_message;
187 si->check_incoming_message = null_check_incoming_message;
188 si->free_signing_context = null_free_signing_context;
189
190 return True;
191 }
192
193 /**
194 * Free the signing context
195 */
196
197 static void free_signing_context(struct smb_sign_info *si)
198 {
199 if (si->free_signing_context) {
200 si->free_signing_context(si);
201 si->signing_context = NULL;
202 }
203
204 null_set_signing(si);
205 }
206
207
208 static BOOL signing_good(char *inbuf, struct smb_sign_info *si, BOOL good, uint32 seq, BOOL must_be_ok)
209 {
210 if (good) {
211
212 if (!si->doing_signing) {
213 si->doing_signing = True;
214 }
215
216 if (!si->seen_valid) {
217 si->seen_valid = True;
218 }
219
220 } else {
221 if (!si->mandatory_signing && !si->seen_valid) {
222
223 if (!must_be_ok) {
224 return True;
225 }
226 /* Non-mandatory signing - just turn off if this is the first bad packet.. */
227 DEBUG(5, ("srv_check_incoming_message: signing negotiated but not required and peer\n"
228 "isn't sending correct signatures. Turning off.\n"));
229 si->negotiated_smb_signing = False;
230 si->allow_smb_signing = False;
231 si->doing_signing = False;
232 free_signing_context(si);
233 return True;
234 } else if (!must_be_ok) {
235 /* This packet is known to be unsigned */
236 return True;
237 } else {
238 /* Mandatory signing or bad packet after signing started - fail and disconnect. */
239 if (seq)
240 DEBUG(0, ("signing_good: BAD SIG: seq %u\n", (unsigned int)seq));
241 return False;
242 }
243 }
244 return True;
245 }
246
247 /***********************************************************
248 SMB signing - Simple implementation - calculate a MAC on the packet
249 ************************************************************/
250
251 static void simple_packet_signature(struct smb_basic_signing_context *data,
252 const uchar *buf, uint32 seq_number,
253 unsigned char calc_md5_mac[16])
254 {
255 const size_t offset_end_of_sig = (smb_ss_field + 8);
256 unsigned char sequence_buf[8];
257 struct MD5Context md5_ctx;
258 unsigned char key_buf[16];
259
260 /*
261 * Firstly put the sequence number into the first 4 bytes.
262 * and zero out the next 4 bytes.
263 *
264 * We do this here, to avoid modifying the packet.
265 */
266
267 DEBUG(10,("simple_packet_signature: sequence number %u\n", seq_number ));
268
269 SIVAL(sequence_buf, 0, seq_number);
270 SIVAL(sequence_buf, 4, 0);
271
272 /* Calculate the 16 byte MAC - but don't alter the data in the
273 incoming packet.
274
275 This makes for a bit of fussing about, but it's not too bad.
276 */
277 MD5Init(&md5_ctx);
278
279 /* intialise with the key */
280 /* NB. When making and verifying SMB signatures, Windows apparently
281 zero-pads the key to 128 bits if it isn't long enough.
282 From Nalin Dahyabhai <nalin@redhat.com> */
283 MD5Update(&md5_ctx, data->mac_key.data, data->mac_key.length);
284 if (data->mac_key.length < sizeof(key_buf)) {
285 memset(key_buf, 0, sizeof(key_buf));
286 MD5Update(&md5_ctx, key_buf, sizeof(key_buf) - data->mac_key.length);
287 }
288
289 /* copy in the first bit of the SMB header */
290 MD5Update(&md5_ctx, buf + 4, smb_ss_field - 4);
291
292 /* copy in the sequence number, instead of the signature */
293 MD5Update(&md5_ctx, sequence_buf, sizeof(sequence_buf));
294
295 /* copy in the rest of the packet in, skipping the signature */
296 MD5Update(&md5_ctx, buf + offset_end_of_sig,
297 smb_len(buf) - (offset_end_of_sig - 4));
298
299 /* calculate the MD5 sig */
300 MD5Final(calc_md5_mac, &md5_ctx);
301 }
302
303
304 /***********************************************************
305 SMB signing - Client implementation - send the MAC.
306 ************************************************************/
307
308 static void client_sign_outgoing_message(char *outbuf, struct smb_sign_info *si)
309 {
310 unsigned char calc_md5_mac[16];
311 struct smb_basic_signing_context *data = si->signing_context;
312 uint32 send_seq_num;
313
314 if (!si->doing_signing)
315 return;
316
317 /* JRA Paranioa test - we should be able to get rid of this... */
318 if (smb_len(outbuf) < (smb_ss_field + 8 - 4)) {
319 DEBUG(1, ("client_sign_outgoing_message: Logic error. Can't check signature on short packet! smb_len = %u\n",
320 smb_len(outbuf) ));
321 abort();
322 }
323
324 /* mark the packet as signed - BEFORE we sign it...*/
325 mark_packet_signed(outbuf);
326
327 if (data->trans_info)
328 send_seq_num = data->trans_info->send_seq_num;
329 else
330 send_seq_num = data->send_seq_num;
331
332 simple_packet_signature(data, (const unsigned char *)outbuf, send_seq_num, calc_md5_mac);
333
334 DEBUG(10, ("client_sign_outgoing_message: sent SMB signature of\n"));
335 dump_data(10, (const char *)calc_md5_mac, 8);
336
337 memcpy(&outbuf[smb_ss_field], calc_md5_mac, 8);
338
339 /* cli->outbuf[smb_ss_field+2]=0;
340 Uncomment this to test if the remote server actually verifies signatures...*/
341
342 if (data->trans_info)
343 return;
344
345 data->send_seq_num++;
346 store_sequence_for_reply(&data->outstanding_packet_list,
347 SVAL(outbuf,smb_mid), data->send_seq_num);
348 data->send_seq_num++;
349 }
350
351 /***********************************************************
352 SMB signing - Client implementation - check a MAC sent by server.
353 ************************************************************/
354
355 static BOOL client_check_incoming_message(char *inbuf, struct smb_sign_info *si, BOOL must_be_ok)
356 {
357 BOOL good;
358 uint32 reply_seq_number;
359 uint32 saved_seq;
360 unsigned char calc_md5_mac[16];
361 unsigned char *server_sent_mac;
362
363 struct smb_basic_signing_context *data = si->signing_context;
364
365 if (!si->doing_signing)
366 return True;
367
368 if (smb_len(inbuf) < (smb_ss_field + 8 - 4)) {
369 DEBUG(1, ("client_check_incoming_message: Can't check signature on short packet! smb_len = %u\n", smb_len(inbuf)));
370 return False;
371 }
372
373 if (data->trans_info) {
374 reply_seq_number = data->trans_info->reply_seq_num;
375 } else if (!get_sequence_for_reply(&data->outstanding_packet_list,
376 SVAL(inbuf, smb_mid), &reply_seq_number)) {
377 DEBUG(1, ("client_check_incoming_message: failed to get sequence number %u for reply.\n",
378 (unsigned int) SVAL(inbuf, smb_mid) ));
379 return False;
380 }
381
382 saved_seq = reply_seq_number;
383 simple_packet_signature(data, (const unsigned char *)inbuf, reply_seq_number, calc_md5_mac);
384
385 server_sent_mac = (unsigned char *)&inbuf[smb_ss_field];
386 good = (memcmp(server_sent_mac, calc_md5_mac, 8) == 0);
387
388 if (!good) {
389 DEBUG(5, ("client_check_incoming_message: BAD SIG: wanted SMB signature of\n"));
390 dump_data(5, (const char *)calc_md5_mac, 8);
391
392 DEBUG(5, ("client_check_incoming_message: BAD SIG: got SMB signature of\n"));
393 dump_data(5, (const char *)server_sent_mac, 8);
394 #if 1 /* JRATEST */
395 {
396 int i;
397 reply_seq_number -= 5;
398 for (i = 0; i < 10; i++, reply_seq_number++) {
399 simple_packet_signature(data, (const unsigned char *)inbuf, reply_seq_number, calc_md5_mac);
400 if (memcmp(server_sent_mac, calc_md5_mac, 8) == 0) {
401 DEBUG(0,("client_check_incoming_message: out of seq. seq num %u matches. \
402 We were expecting seq %u\n", reply_seq_number, saved_seq ));
403 break;
404 }
405 }
406 }
407 #endif /* JRATEST */
408
409 } else {
410 DEBUG(10, ("client_check_incoming_message: seq %u: got good SMB signature of\n", (unsigned int)reply_seq_number));
411 dump_data(10, (const char *)server_sent_mac, 8);
412 }
413 return signing_good(inbuf, si, good, saved_seq, must_be_ok);
414 }
415
416 /***********************************************************
417 SMB signing - Simple implementation - free signing context
418 ************************************************************/
419
420 static void simple_free_signing_context(struct smb_sign_info *si)
421 {
422 struct smb_basic_signing_context *data = si->signing_context;
423 struct outstanding_packet_lookup *list = data->outstanding_packet_list;
424
425 while (list) {
426 struct outstanding_packet_lookup *old_head = list;
427 DLIST_REMOVE(list, list);
428 SAFE_FREE(old_head);
429 }
430
431 data_blob_free(&data->mac_key);
432
433 if (data->trans_info)
434 SAFE_FREE(data->trans_info);
435
436 SAFE_FREE(si->signing_context);
437
438 return;
439 }
440
441 /***********************************************************
442 SMB signing - Simple implementation - setup the MAC key.
443 ************************************************************/
444
445 BOOL cli_simple_set_signing(struct cli_state *cli,
446 const DATA_BLOB user_session_key,
447 const DATA_BLOB response)
448 {
449 struct smb_basic_signing_context *data;
450
451 if (!user_session_key.length)
452 return False;
453
454 if (!cli_set_smb_signing_common(cli)) {
455 return False;
456 }
457
458 if (!set_smb_signing_real_common(&cli->sign_info)) {
459 return False;
460 }
461
462 data = smb_xmalloc(sizeof(*data));
463 memset(data, '\0', sizeof(*data));
464
465 cli->sign_info.signing_context = data;
466
467 data->mac_key = data_blob(NULL, response.length + user_session_key.length);
468
469 memcpy(&data->mac_key.data[0], user_session_key.data, user_session_key.length);
470
471 DEBUG(10, ("cli_simple_set_signing: user_session_key\n"));
472 dump_data(10, (const char *)user_session_key.data, user_session_key.length);
473
474 if (response.length) {
475 memcpy(&data->mac_key.data[user_session_key.length],response.data, response.length);
476 DEBUG(10, ("cli_simple_set_signing: response_data\n"));
477 dump_data(10, (const char *)response.data, response.length);
478 } else {
479 DEBUG(10, ("cli_simple_set_signing: NULL response_data\n"));
480 }
481
482 dump_data_pw("MAC ssession key is:\n", data->mac_key.data, data->mac_key.length);
483
484 /* Initialise the sequence number */
485 data->send_seq_num = 0;
486
487 /* Initialise the list of outstanding packets */
488 data->outstanding_packet_list = NULL;
489
490 cli->sign_info.sign_outgoing_message = client_sign_outgoing_message;
491 cli->sign_info.check_incoming_message = client_check_incoming_message;
492 cli->sign_info.free_signing_context = simple_free_signing_context;
493
494 return True;
495 }
496
497 /***********************************************************
498 Tell client code we are in a multiple trans reply state.
499 We call this after the last outgoing trans2 packet (which
500 has incremented the sequence numbers), so we must save the
501 current mid and sequence number -2.
502 ************************************************************/
503
504 void cli_signing_trans_start(struct cli_state *cli, uint16 mid)
505 {
506 struct smb_basic_signing_context *data = cli->sign_info.signing_context;
507 uint32 reply_seq_num;
508
509 if (!cli->sign_info.doing_signing || !data)
510 return;
511
512 data->trans_info = smb_xmalloc(sizeof(struct trans_info_context));
513 ZERO_STRUCTP(data->trans_info);
514
515 /* This ensures the sequence is pulled off the outstanding packet list */
516 if (!get_sequence_for_reply(&data->outstanding_packet_list,
517 mid, &reply_seq_num)) {
518 DEBUG(1, ("get_sequence_for_reply failed - did we enter the trans signing state without sending a packet?\n"));
519 return;
520 }
521
522 data->trans_info->send_seq_num = reply_seq_num - 1;
523 data->trans_info->mid = mid;
524 data->trans_info->reply_seq_num = reply_seq_num;
525
526 DEBUG(10,("cli_signing_trans_start: storing mid = %u, reply_seq_num = %u, send_seq_num = %u \
527 data->send_seq_num = %u\n",
528 (unsigned int)data->trans_info->mid,
529 (unsigned int)data->trans_info->reply_seq_num,
530 (unsigned int)data->trans_info->send_seq_num,
531 (unsigned int)data->send_seq_num ));
532 }
533
534 /***********************************************************
535 Tell client code we are out of a multiple trans reply state.
536 ************************************************************/
537
538 void cli_signing_trans_stop(struct cli_state *cli)
539 {
540 struct smb_basic_signing_context *data = cli->sign_info.signing_context;
541
542 if (!cli->sign_info.doing_signing || !data)
543 return;
544
545 DEBUG(10,("cli_signing_trans_stop: freeing mid = %u, reply_seq_num = %u, send_seq_num = %u \
546 data->send_seq_num = %u\n",
547 (unsigned int)data->trans_info->mid,
548 (unsigned int)data->trans_info->reply_seq_num,
549 (unsigned int)data->trans_info->send_seq_num,
550 (unsigned int)data->send_seq_num ));
551
552 SAFE_FREE(data->trans_info);
553 data->trans_info = NULL;
554 }
555
556 /***********************************************************
557 SMB signing - TEMP implementation - calculate a MAC to send.
558 ************************************************************/
559
560 static void temp_sign_outgoing_message(char *outbuf, struct smb_sign_info *si)
561 {
562 /* mark the packet as signed - BEFORE we sign it...*/
563 mark_packet_signed(outbuf);
564
565 /* I wonder what BSRSPYL stands for - but this is what MS
566 actually sends! */
567 memcpy(&outbuf[smb_ss_field], "BSRSPYL ", 8);
568 return;
569 }
570
571 /***********************************************************
572 SMB signing - TEMP implementation - check a MAC sent by server.
573 ************************************************************/
574
575 static BOOL temp_check_incoming_message(char *inbuf, struct smb_sign_info *si, BOOL foo)
576 {
577 return True;
578 }
579
580 /***********************************************************
581 SMB signing - TEMP implementation - free signing context
582 ************************************************************/
583
584 static void temp_free_signing_context(struct smb_sign_info *si)
585 {
586 return;
587 }
588
589 /***********************************************************
590 SMB signing - NULL implementation - setup the MAC key.
591 ************************************************************/
592
593 BOOL cli_null_set_signing(struct cli_state *cli)
594 {
595 return null_set_signing(&cli->sign_info);
596 }
597
598 /***********************************************************
599 SMB signing - temp implementation - setup the MAC key.
600 ************************************************************/
601
602 BOOL cli_temp_set_signing(struct cli_state *cli)
603 {
604 if (!cli_set_smb_signing_common(cli)) {
605 return False;
606 }
607
608 cli->sign_info.signing_context = NULL;
609
610 cli->sign_info.sign_outgoing_message = temp_sign_outgoing_message;
611 cli->sign_info.check_incoming_message = temp_check_incoming_message;
612 cli->sign_info.free_signing_context = temp_free_signing_context;
613
614 return True;
615 }
616
617 void cli_free_signing_context(struct cli_state *cli)
618 {
619 free_signing_context(&cli->sign_info);
620 }
621
622 /**
623 * Sign a packet with the current mechanism
624 */
625
626 void cli_calculate_sign_mac(struct cli_state *cli)
627 {
628 cli->sign_info.sign_outgoing_message(cli->outbuf, &cli->sign_info);
629 }
630
631 /**
632 * Check a packet with the current mechanism
633 * @return False if we had an established signing connection
634 * which had a bad checksum, True otherwise.
635 */
636
637 BOOL cli_check_sign_mac(struct cli_state *cli)
638 {
639 if (!cli->sign_info.check_incoming_message(cli->inbuf, &cli->sign_info, True)) {
640 free_signing_context(&cli->sign_info);
641 return False;
642 }
643 return True;
644 }
645
646 /***********************************************************
647 SMB signing - Server implementation - send the MAC.
648 ************************************************************/
649
650 static void srv_sign_outgoing_message(char *outbuf, struct smb_sign_info *si)
651 {
652 unsigned char calc_md5_mac[16];
653 struct smb_basic_signing_context *data = si->signing_context;
654 uint32 send_seq_number = data->send_seq_num;
655 BOOL was_deferred_packet = False;
656 uint16 mid;
657
658 if (!si->doing_signing) {
659 return;
660 }
661
662 /* JRA Paranioa test - we should be able to get rid of this... */
663 if (smb_len(outbuf) < (smb_ss_field + 8 - 4)) {
664 DEBUG(1, ("srv_sign_outgoing_message: Logic error. Can't send signature on short packet! smb_len = %u\n",
665 smb_len(outbuf) ));
666 abort();
667 }
668
669 /* mark the packet as signed - BEFORE we sign it...*/
670 mark_packet_signed(outbuf);
671
672 mid = SVAL(outbuf, smb_mid);
673
674 /* See if this is a reply for a deferred packet. */
675 was_deferred_packet = get_sequence_for_reply(&data->outstanding_packet_list, mid, &send_seq_number);
676
677 if (data->trans_info && (data->trans_info->mid == mid)) {
678 /* This is a reply in a trans stream. Use the sequence
679 * number associated with the stream mid. */
680 send_seq_number = data->trans_info->send_seq_num;
681 }
682
683 simple_packet_signature(data, (const unsigned char *)outbuf, send_seq_number, calc_md5_mac);
684
685 DEBUG(10, ("srv_sign_outgoing_message: seq %u: sent SMB signature of\n", (unsigned int)send_seq_number));
686 dump_data(10, (const char *)calc_md5_mac, 8);
687
688 memcpy(&outbuf[smb_ss_field], calc_md5_mac, 8);
689
690 /* cli->outbuf[smb_ss_field+2]=0;
691 Uncomment this to test if the remote client actually verifies signatures...*/
692
693 /* Don't mess with the sequence number for a deferred packet. */
694 if (was_deferred_packet) {
695 return;
696 }
697
698 if (!data->trans_info) {
699 /* Always increment if not in a trans stream. */
700 data->send_seq_num++;
701 } else if ((data->trans_info->send_seq_num == data->send_seq_num) || (data->trans_info->mid != mid)) {
702 /* Increment if this is the first reply in a trans stream or a
703 * packet that doesn't belong to this stream (different mid). */
704 data->send_seq_num++;
705 }
706 }
707
708 /***********************************************************
709 Is an incoming packet an oplock break reply ?
710 ************************************************************/
711
712 static BOOL is_oplock_break(char *inbuf)
713 {
714 if (CVAL(inbuf,smb_com) != SMBlockingX)
715 return False;
716
717 if (!(CVAL(inbuf,smb_vwv3) & LOCKING_ANDX_OPLOCK_RELEASE))
718 return False;
719
720 DEBUG(10,("is_oplock_break: Packet is oplock break\n"));
721 return True;
722 }
723
724 /***********************************************************
725 SMB signing - Server implementation - check a MAC sent by server.
726 ************************************************************/
727
728 static BOOL srv_check_incoming_message(char *inbuf, struct smb_sign_info *si, BOOL must_be_ok)
729 {
730 BOOL good;
731 struct smb_basic_signing_context *data = si->signing_context;
732 uint32 reply_seq_number = data->send_seq_num;
733 uint32 saved_seq;
734 unsigned char calc_md5_mac[16];
735 unsigned char *server_sent_mac;
736 uint mid;
737
738 if (!si->doing_signing)
739 return True;
740
741 if (smb_len(inbuf) < (smb_ss_field + 8 - 4)) {
742 DEBUG(1, ("srv_check_incoming_message: Can't check signature on short packet! smb_len = %u\n", smb_len(inbuf)));
743 return False;
744 }
745
746 mid = SVAL(inbuf, smb_mid);
747
748 /* Is this part of a trans stream ? */
749 if (data->trans_info && (data->trans_info->mid == mid)) {
750 /* If so we don't increment the sequence. */
751 reply_seq_number = data->trans_info->reply_seq_num;
752 } else {
753 /* We always increment the sequence number. */
754 data->send_seq_num++;
755
756 /* If we get an asynchronous oplock break reply and there
757 * isn't a reply pending we need to re-sync the sequence
758 * number.
759 */
760 if (is_oplock_break(inbuf)) {
761 DEBUG(10,("srv_check_incoming_message: oplock break at seq num %u\n", data->send_seq_num));
762 data->send_seq_num++;
763 }
764 }
765
766 saved_seq = reply_seq_number;
767 simple_packet_signature(data, (const unsigned char *)inbuf, reply_seq_number, calc_md5_mac);
768
769 server_sent_mac = (unsigned char *)&inbuf[smb_ss_field];
770 good = (memcmp(server_sent_mac, calc_md5_mac, 8) == 0);
771
772 if (!good) {
773
774 if (saved_seq) {
775 DEBUG(0, ("srv_check_incoming_message: BAD SIG: seq %u wanted SMB signature of\n",
776 (unsigned int)saved_seq));
777 dump_data(5, (const char *)calc_md5_mac, 8);
778
779 DEBUG(0, ("srv_check_incoming_message: BAD SIG: seq %u got SMB signature of\n",
780 (unsigned int)reply_seq_number));
781 dump_data(5, (const char *)server_sent_mac, 8);
782 }
783
784 #if 1 /* JRATEST */
785 {
786 int i;
787 reply_seq_number -= 5;
788 for (i = 0; i < 10; i++, reply_seq_number++) {
789 simple_packet_signature(data, (const unsigned char *)inbuf, reply_seq_number, calc_md5_mac);
790 if (memcmp(server_sent_mac, calc_md5_mac, 8) == 0) {
791 DEBUG(0,("srv_check_incoming_message: out of seq. seq num %u matches. \
792 We were expecting seq %u\n", reply_seq_number, saved_seq ));
793 break;
794 }
795 }
796 }
797 #endif /* JRATEST */
798
799 } else {
800 DEBUG(10, ("srv_check_incoming_message: seq %u: (current is %u) got good SMB signature of\n", (unsigned int)reply_seq_number, (unsigned int)data->send_seq_num));
801 dump_data(10, (const char *)server_sent_mac, 8);
802 }
803
804 return (signing_good(inbuf, si, good, saved_seq, must_be_ok));
805 }
806
807 /***********************************************************
808 SMB signing - server API's.
809 ************************************************************/
810
811 static struct smb_sign_info srv_sign_info = {
812 null_sign_outgoing_message,
813 null_check_incoming_message,
814 null_free_signing_context,
815 NULL,
816 False,
817 False,
818 False,
819 False
820 };
821
822 /***********************************************************
823 Turn signing off or on for oplock break code.
824 ************************************************************/
825
826 BOOL srv_oplock_set_signing(BOOL onoff)
827 {
828 BOOL ret = srv_sign_info.doing_signing;
829 srv_sign_info.doing_signing = onoff;
830 return ret;
831 }
832
833 /***********************************************************
834 Called to validate an incoming packet from the client.
835 ************************************************************/
836
837 BOOL srv_check_sign_mac(char *inbuf, BOOL must_be_ok)
838 {
839 /* Check if it's a session keepalive. */
840 if(CVAL(inbuf,0) == SMBkeepalive)
841 return True;
842
843 return srv_sign_info.check_incoming_message(inbuf, &srv_sign_info, must_be_ok);
844 }
845
846 /***********************************************************
847 Called to sign an outgoing packet to the client.
848 ************************************************************/
849
850 void srv_calculate_sign_mac(char *outbuf)
851 {
852 /* Check if it's a session keepalive. */
853 /* JRA Paranioa test - do we ever generate these in the server ? */
854 if(CVAL(outbuf,0) == SMBkeepalive)
855 return;
856
857 srv_sign_info.sign_outgoing_message(outbuf, &srv_sign_info);
858 }
859
860 /***********************************************************
861 Called by server to defer an outgoing packet.
862 ************************************************************/
863
864 void srv_defer_sign_response(uint16 mid)
865 {
866 struct smb_basic_signing_context *data;
867
868 if (!srv_sign_info.doing_signing)
869 return;
870
871 data = (struct smb_basic_signing_context *)srv_sign_info.signing_context;
872
873 if (!data)
874 return;
875
876 /*
877 * Ensure we only store this mid reply once...
878 */
879
880 if (store_sequence_for_reply(&data->outstanding_packet_list, mid, data->send_seq_num)) {
881 data->send_seq_num++;
882 }
883 }
884
885 /***********************************************************
886 Called to remove sequence records when a deferred packet is
887 cancelled by mid. This should never find one....
888 ************************************************************/
889
890 void srv_cancel_sign_response(uint16 mid)
891 {
892 struct smb_basic_signing_context *data;
893 uint32 dummy_seq;
894
895 if (!srv_sign_info.doing_signing)
896 return;
897
898 data = (struct smb_basic_signing_context *)srv_sign_info.signing_context;
899
900 if (!data)
901 return;
902
903 DEBUG(10,("srv_cancel_sign_response: for mid %u\n", (unsigned int)mid ));
904
905 while (get_sequence_for_reply(&data->outstanding_packet_list, mid, &dummy_seq))
906 ;
907 }
908
909 /***********************************************************
910 Called by server negprot when signing has been negotiated.
911 ************************************************************/
912
913 void srv_set_signing_negotiated(void)
914 {
915 srv_sign_info.allow_smb_signing = True;
916 srv_sign_info.negotiated_smb_signing = True;
917 if (lp_server_signing() == Required)
918 srv_sign_info.mandatory_signing = True;
919
920 srv_sign_info.sign_outgoing_message = temp_sign_outgoing_message;
921 srv_sign_info.check_incoming_message = temp_check_incoming_message;
922 srv_sign_info.free_signing_context = temp_free_signing_context;
923 }
924
925 /***********************************************************
926 Returns whether signing is active. We can't use sendfile or raw
927 reads/writes if it is.
928 ************************************************************/
929
930 BOOL srv_is_signing_active(void)
931 {
932 return srv_sign_info.doing_signing;
933 }
934
935
936 /***********************************************************
937 Returns whether signing is negotiated. We can't use it unless it was
938 in the negprot.
939 ************************************************************/
940
941 BOOL srv_is_signing_negotiated(void)
942 {
943 return srv_sign_info.negotiated_smb_signing;
944 }
945
946 /***********************************************************
947 Returns whether signing is actually happening
948 ************************************************************/
949
950 BOOL srv_signing_started(void)
951 {
952 struct smb_basic_signing_context *data;
953
954 if (!srv_sign_info.doing_signing) {
955 return False;
956 }
957
958 data = (struct smb_basic_signing_context *)srv_sign_info.signing_context;
959 if (!data)
960 return False;
961
962 if (data->send_seq_num == 0) {
963 return False;
964 }
965
966 return True;
967 }
968
969
970 /***********************************************************
971 Tell server code we are in a multiple trans reply state.
972 ************************************************************/
973
974 void srv_signing_trans_start(uint16 mid)
975 {
976 struct smb_basic_signing_context *data;
977
978 if (!srv_sign_info.doing_signing)
979 return;
980
981 data = (struct smb_basic_signing_context *)srv_sign_info.signing_context;
982 if (!data)
983 return;
984
985 data->trans_info = smb_xmalloc(sizeof(struct trans_info_context));
986 ZERO_STRUCTP(data->trans_info);
987
988 data->trans_info->reply_seq_num = data->send_seq_num-1;
989 data->trans_info->mid = mid;
990 data->trans_info->send_seq_num = data->send_seq_num;
991
992 DEBUG(10,("srv_signing_trans_start: storing mid = %u, reply_seq_num = %u, send_seq_num = %u \
993 data->send_seq_num = %u\n",
994 (unsigned int)mid,
995 (unsigned int)data->trans_info->reply_seq_num,
996 (unsigned int)data->trans_info->send_seq_num,
997 (unsigned int)data->send_seq_num ));
998 }
999
1000 /***********************************************************
1001 Tell server code we are out of a multiple trans reply state.
1002 ************************************************************/
1003
1004 void srv_signing_trans_stop(void)
1005 {
1006 struct smb_basic_signing_context *data;
1007
1008 if (!srv_sign_info.doing_signing)
1009 return;
1010
1011 data = (struct smb_basic_signing_context *)srv_sign_info.signing_context;
1012 if (!data || !data->trans_info)
1013 return;
1014
1015 DEBUG(10,("srv_signing_trans_stop: removing mid = %u, reply_seq_num = %u, send_seq_num = %u \
1016 data->send_seq_num = %u\n",
1017 (unsigned int)data->trans_info->mid,
1018 (unsigned int)data->trans_info->reply_seq_num,
1019 (unsigned int)data->trans_info->send_seq_num,
1020 (unsigned int)data->send_seq_num ));
1021
1022 SAFE_FREE(data->trans_info);
1023 data->trans_info = NULL;
1024 }
1025
1026 /***********************************************************
1027 Turn on signing from this packet onwards.
1028 ************************************************************/
1029
1030 void srv_set_signing(const DATA_BLOB user_session_key, const DATA_BLOB response)
1031 {
1032 struct smb_basic_signing_context *data;
1033
1034 if (!user_session_key.length)
1035 return;
1036
1037 if (!srv_sign_info.negotiated_smb_signing && !srv_sign_info.mandatory_signing) {
1038 DEBUG(5,("srv_set_signing: signing negotiated = %u, mandatory_signing = %u. Not allowing smb signing.\n",
1039 (unsigned int)srv_sign_info.negotiated_smb_signing,
1040 (unsigned int)srv_sign_info.mandatory_signing ));
1041 return;
1042 }
1043
1044 /* Once we've turned on, ignore any more sessionsetups. */
1045 if (srv_sign_info.doing_signing) {
1046 return;
1047 }
1048
1049 if (srv_sign_info.free_signing_context)
1050 srv_sign_info.free_signing_context(&srv_sign_info);
1051
1052 srv_sign_info.doing_signing = True;
1053
1054 data = smb_xmalloc(sizeof(*data));
1055 memset(data, '\0', sizeof(*data));
1056
1057 srv_sign_info.signing_context = data;
1058
1059 data->mac_key = data_blob(NULL, response.length + user_session_key.length);
1060
1061 memcpy(&data->mac_key.data[0], user_session_key.data, user_session_key.length);
1062 if (response.length)
1063 memcpy(&data->mac_key.data[user_session_key.length],response.data, response.length);
1064
1065 dump_data_pw("MAC ssession key is:\n", data->mac_key.data, data->mac_key.length);
1066
1067 DEBUG(3,("srv_set_signing: turning on SMB signing: signing negotiated = %s, mandatory_signing = %s.\n",
1068 BOOLSTR(srv_sign_info.negotiated_smb_signing),
1069 BOOLSTR(srv_sign_info.mandatory_signing) ));
1070
1071 /* Initialise the sequence number */
1072 data->send_seq_num = 0;
1073
1074 /* Initialise the list of outstanding packets */
1075 data->outstanding_packet_list = NULL;
1076
1077 srv_sign_info.sign_outgoing_message = srv_sign_outgoing_message;
1078 srv_sign_info.check_incoming_message = srv_check_incoming_message;
1079 srv_sign_info.free_signing_context = simple_free_signing_context;
1080 }