Print this page
NEX-1643 dtrace provider for smbsrv
Also illumos 1841:
DTrace smb provider was mis-implemented, doesn't exist.
Add back handlers for read/write raw, so that
legacy dtrace consumers can find the probes.
Kill extra arg in smb_negotiate
Fix missing "done" probe with smb_notify
Add example consumer: smb-trace.d
fix soi_pid
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/fs/smbsrv/smb_session_setup_andx.c
+++ new/usr/src/uts/common/fs/smbsrv/smb_session_setup_andx.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21 /*
22 22 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23 23 * Copyright 2016 Nexenta Systems, Inc. All rights reserved.
24 24 */
25 25
26 26 #include <sys/types.h>
27 27 #include <sys/sid.h>
28 28 #include <sys/priv_names.h>
29 29 #include <sys/socket.h>
30 30 #include <netinet/in.h>
31 31 #include <smbsrv/smb_idmap.h>
32 32 #include <smbsrv/smb_kproto.h>
33 33 #include <smbsrv/smb_token.h>
34 34
35 35 smb_sdrc_t
36 36 smb_pre_session_setup_andx(smb_request_t *sr)
37 37 {
38 38 smb_arg_sessionsetup_t *sinfo;
39 39 char *native_os;
40 40 char *native_lm;
41 41 int rc = 0;
42 42
43 43 sinfo = smb_srm_zalloc(sr, sizeof (smb_arg_sessionsetup_t));
44 44 sr->sr_ssetup = sinfo;
45 45
46 46 /*
47 47 * Enforce the minimum word count seen in the old protocol,
48 48 * to make sure we have enough to decode the common stuff.
49 49 * Further wcnt checks below.
50 50 */
51 51 if (sr->smb_wct < 10) {
52 52 rc = -1;
53 53 goto done;
54 54 }
55 55
56 56 /*
57 57 * Parse common part of SMB session setup.
58 58 * skip: vcnumber(2), sesskey(4)
59 59 */
60 60 rc = smbsr_decode_vwv(sr, "b.www6.",
61 61 &sr->andx_com, &sr->andx_off,
62 62 &sinfo->ssi_maxbufsize, &sinfo->ssi_maxmpxcount);
63 63 if (rc != 0)
64 64 goto done;
65 65
66 66 if (sr->session->dialect < NT_LM_0_12) {
67 67
68 68 sinfo->ssi_type = SMB_SSNSETUP_PRE_NTLM012;
69 69 sinfo->ssi_capabilities = 0;
70 70
71 71 rc = smbsr_decode_vwv(sr, "w4.",
72 72 &sinfo->ssi_lmpwlen);
73 73 if (rc != 0)
74 74 goto done;
75 75
76 76 sinfo->ssi_lmpwd = smb_srm_zalloc(sr, sinfo->ssi_lmpwlen + 1);
77 77 rc = smbsr_decode_data(sr, "%#c", sr, sinfo->ssi_lmpwlen,
78 78 sinfo->ssi_lmpwd);
79 79 if (rc != 0)
80 80 goto done;
81 81
82 82 sinfo->ssi_lmpwd[sinfo->ssi_lmpwlen] = 0;
83 83
84 84 if (smbsr_decode_data(sr, "%u", sr, &sinfo->ssi_user) != 0)
85 85 sinfo->ssi_user = "";
86 86
87 87 if (smbsr_decode_data(sr, "%u", sr, &sinfo->ssi_domain) != 0)
88 88 sinfo->ssi_domain = "";
89 89
90 90 goto part2;
91 91 }
92 92
93 93 /*
94 94 * We have dialect >= NT_LM_0_12
95 95 */
96 96 if (sr->smb_wct == 13) {
97 97 /* Old style (non-extended) request. */
98 98 sinfo->ssi_type = SMB_SSNSETUP_NTLM012_NOEXT;
99 99
100 100 rc = smbsr_decode_vwv(sr, "ww4.l",
101 101 &sinfo->ssi_lmpwlen,
102 102 &sinfo->ssi_ntpwlen,
103 103 &sinfo->ssi_capabilities);
104 104 if (rc != 0)
105 105 goto done;
106 106
107 107 /* paranoid: ignore cap. ext. sec. here */
108 108 sinfo->ssi_capabilities &= ~CAP_EXTENDED_SECURITY;
109 109
110 110 sinfo->ssi_lmpwd = smb_srm_zalloc(sr, sinfo->ssi_lmpwlen + 1);
111 111 sinfo->ssi_ntpwd = smb_srm_zalloc(sr, sinfo->ssi_ntpwlen + 1);
112 112
113 113 rc = smbsr_decode_data(sr, "%#c#cuu", sr,
114 114 sinfo->ssi_lmpwlen, sinfo->ssi_lmpwd,
115 115 sinfo->ssi_ntpwlen, sinfo->ssi_ntpwd,
116 116 &sinfo->ssi_user, &sinfo->ssi_domain);
117 117 if (rc != 0)
118 118 goto done;
119 119
120 120 sinfo->ssi_lmpwd[sinfo->ssi_lmpwlen] = 0;
121 121 sinfo->ssi_ntpwd[sinfo->ssi_ntpwlen] = 0;
122 122
123 123 goto part2;
124 124 }
125 125
126 126 if (sr->smb_wct == 12) {
127 127 /* New style (extended) request. */
128 128 sinfo->ssi_type = SMB_SSNSETUP_NTLM012_EXTSEC;
129 129
130 130 rc = smbsr_decode_vwv(sr, "w4.l",
131 131 &sinfo->ssi_iseclen,
132 132 &sinfo->ssi_capabilities);
133 133 if (rc != 0)
134 134 goto done;
135 135
136 136 if ((sinfo->ssi_capabilities & CAP_EXTENDED_SECURITY) == 0) {
137 137 rc = -1;
138 138 goto done;
139 139 }
140 140
141 141 sinfo->ssi_isecblob = smb_srm_zalloc(sr, sinfo->ssi_iseclen);
142 142 rc = smbsr_decode_data(sr, "%#c", sr,
143 143 sinfo->ssi_iseclen, sinfo->ssi_isecblob);
144 144 if (rc != 0)
145 145 goto done;
146 146
147 147 goto part2;
148 148 }
149 149
150 150 /* Invalid message */
151 151 rc = -1;
152 152 goto done;
153 153
154 154 part2:
155 155 /*
156 156 * Get the "Native OS" and "Native LanMan" strings.
157 157 * These are not critical to protocol function, so
158 158 * if we can't parse them, just guess "NT".
159 159 * These strings are free'd with the sr.
160 160 *
161 161 * In NTLM 0.12, the padding between the Native OS and Native LM
162 162 * is a bit strange. On NT4.0, there is a 2 byte pad between the
163 163 * OS (Windows NT 1381) and LM (Windows NT 4.0). On Windows 2000,
164 164 * there is no padding between the OS (Windows 2000 2195) and LM
165 165 * (Windows 2000 5.0). If the padding is removed from the decode
166 166 * string the NT4.0 LM comes out as an empty string. So if the
167 167 * client's native OS is Win NT, assume extra padding.
168 168 */
169 169 rc = smbsr_decode_data(sr, "%u", sr, &native_os);
170 170 if (rc != 0 || native_os == NULL)
171 171 sinfo->ssi_native_os = NATIVE_OS_WINNT;
172 172 else
173 173 sinfo->ssi_native_os = smbnative_os_value(native_os);
174 174
175 175 if (sinfo->ssi_native_os == NATIVE_OS_WINNT)
176 176 rc = smbsr_decode_data(sr, "%,u", sr, &native_lm);
177 177 else
178 178 rc = smbsr_decode_data(sr, "%u", sr, &native_lm);
179 179 if (rc != 0 || native_lm == NULL)
180 180 sinfo->ssi_native_lm = NATIVE_LM_NT;
181 181 else
|
↓ open down ↓ |
181 lines elided |
↑ open up ↑ |
182 182 sinfo->ssi_native_lm = smbnative_lm_value(native_lm);
183 183 rc = 0;
184 184
185 185 done:
186 186 if (rc != 0) {
187 187 cmn_err(CE_NOTE,
188 188 "SmbSessonSetupX: client %s invalid request",
189 189 sr->session->ip_addr_str);
190 190 }
191 191
192 - DTRACE_SMB_2(op__SessionSetupX__start, smb_request_t *, sr,
193 - smb_arg_sessionsetup_t, sinfo);
192 + DTRACE_SMB_1(op__SessionSetupX__start, smb_request_t *, sr);
194 193 return ((rc == 0) ? SDRC_SUCCESS : SDRC_ERROR);
195 194 }
196 195
197 196 void
198 197 smb_post_session_setup_andx(smb_request_t *sr)
199 198 {
200 199 smb_arg_sessionsetup_t *sinfo = sr->sr_ssetup;
201 200
202 - DTRACE_SMB_2(op__SessionSetupX__done, smb_request_t *, sr,
203 - smb_arg_sessionsetup_t, sinfo);
201 + DTRACE_SMB_1(op__SessionSetupX__done, smb_request_t *, sr);
204 202
205 203 if (sinfo->ssi_lmpwd != NULL)
206 204 bzero(sinfo->ssi_lmpwd, sinfo->ssi_lmpwlen);
207 205
208 206 if (sinfo->ssi_ntpwd != NULL)
209 207 bzero(sinfo->ssi_ntpwd, sinfo->ssi_ntpwlen);
210 208 }
211 209
212 210 /*
213 211 *
214 212 * NT systems use different native OS and native LanMan values dependent on
215 213 * whether they are acting as a client or a server. NT 4.0 server responds
216 214 * with the following values:
217 215 *
218 216 * NativeOS: Windows NT 4.0
219 217 * NativeLM: NT LAN Manager 4.0
220 218 */
221 219 smb_sdrc_t
222 220 smb_com_session_setup_andx(smb_request_t *sr)
223 221 {
224 222 smb_arg_sessionsetup_t *sinfo = sr->sr_ssetup;
225 223 uint32_t status;
226 224 uint16_t action;
227 225 int rc;
228 226
229 227 /*
230 228 * Some stuff we do only in the first in a (possible)
231 229 * sequence of session setup requests.
232 230 */
233 231 if (sinfo->ssi_type != SMB_SSNSETUP_NTLM012_EXTSEC ||
234 232 sr->smb_uid == 0 || sr->smb_uid == 0xFFFF) {
235 233
236 234 /* This is a first (or only) call */
237 235 sr->session->smb_msg_size = sinfo->ssi_maxbufsize;
238 236 sr->session->smb_max_mpx = sinfo->ssi_maxmpxcount;
239 237 sr->session->capabilities = sinfo->ssi_capabilities;
240 238
241 239 if (!smb_oplock_levelII)
242 240 sr->session->capabilities &= ~CAP_LEVEL_II_OPLOCKS;
243 241
244 242 sr->session->native_os = sinfo->ssi_native_os;
245 243 sr->session->native_lm = sinfo->ssi_native_lm;
246 244 }
247 245
248 246 /* RejectUnencryptedAccess precludes SMB1 access */
249 247 if (sr->sr_server->sv_cfg.skc_encrypt == SMB_CONFIG_REQUIRED) {
250 248 smbsr_error(sr, NT_STATUS_ACCESS_DENIED,
251 249 ERRDOS, ERROR_ACCESS_DENIED);
252 250 return (SDRC_ERROR);
253 251 }
254 252
255 253 /*
256 254 * The "meat" of authentication happens here.
257 255 */
258 256 if (sinfo->ssi_type == SMB_SSNSETUP_NTLM012_EXTSEC)
259 257 status = smb_authenticate_ext(sr);
260 258 else
261 259 status = smb_authenticate_old(sr);
262 260
263 261 switch (status) {
264 262
265 263 case NT_STATUS_SUCCESS:
266 264 break;
267 265
268 266 /*
269 267 * This is not really an error, but tells the client
270 268 * it should send another session setup request.
271 269 */
272 270 case NT_STATUS_MORE_PROCESSING_REQUIRED:
273 271 smbsr_error(sr, status, 0, 0);
274 272 break;
275 273
276 274 case NT_STATUS_ACCESS_DENIED:
277 275 smbsr_error(sr, status, ERRDOS, ERROR_ACCESS_DENIED);
278 276 return (SDRC_ERROR);
279 277
280 278 case NT_STATUS_TOO_MANY_SESSIONS:
281 279 smbsr_error(sr, status, ERRSRV, ERRtoomanyuids);
282 280 return (SDRC_ERROR);
283 281
284 282 case NT_STATUS_NO_LOGON_SERVERS:
285 283 smbsr_error(sr, status, ERRDOS, ERROR_NO_LOGON_SERVERS);
286 284 return (SDRC_ERROR);
287 285
288 286 case NT_STATUS_NETLOGON_NOT_STARTED:
289 287 smbsr_error(sr, status, ERRDOS, ERROR_NETLOGON_NOT_STARTED);
290 288 return (SDRC_ERROR);
291 289
292 290 case NT_STATUS_USER_SESSION_DELETED:
293 291 smbsr_error(sr, status, ERRSRV, ERRbaduid);
294 292 return (SDRC_ERROR);
295 293
296 294 case NT_STATUS_INSUFF_SERVER_RESOURCES:
297 295 smbsr_error(sr, status, ERRSRV, ERRnoresource);
298 296 return (SDRC_ERROR);
299 297
300 298 case NT_STATUS_INTERNAL_ERROR:
301 299 default:
302 300 smbsr_error(sr, status, ERRSRV, ERRsrverror);
303 301 return (SDRC_ERROR);
304 302
305 303 }
306 304
307 305 action = SMB_USER_IS_GUEST(sr->uid_user) ? 1 : 0;
308 306
309 307 switch (sinfo->ssi_type) {
310 308
311 309 default:
312 310 case SMB_SSNSETUP_PRE_NTLM012:
313 311 case SMB_SSNSETUP_NTLM012_NOEXT:
314 312
315 313 rc = smbsr_encode_result(sr, 3, VAR_BCC, "bb.www%uuu",
316 314 3,
317 315 sr->andx_com,
318 316 -1, /* andx_off */
319 317 action,
320 318 VAR_BCC,
321 319 sr,
322 320 sr->sr_cfg->skc_native_os,
323 321 sr->sr_cfg->skc_native_lm,
324 322 sr->sr_cfg->skc_nbdomain);
325 323 break;
326 324
327 325 case SMB_SSNSETUP_NTLM012_EXTSEC:
328 326
329 327 rc = smbsr_encode_result(sr, 4, VAR_BCC, "bb.wwww%#cuuu",
330 328 4,
331 329 sr->andx_com,
332 330 -1, /* andx_off */
333 331 action,
334 332 sinfo->ssi_oseclen,
335 333 VAR_BCC,
336 334 sr,
337 335 sinfo->ssi_oseclen,
338 336 sinfo->ssi_osecblob,
339 337 sr->sr_cfg->skc_native_os,
340 338 sr->sr_cfg->skc_native_lm,
341 339 sr->sr_cfg->skc_nbdomain);
342 340 break;
343 341 }
344 342
345 343 return ((rc == 0) ? SDRC_SUCCESS : SDRC_ERROR);
346 344 }
|
↓ open down ↓ |
133 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX