2 * Copyright (c) 2000-2001 Boris Popov
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by Boris Popov.
16 * 4. Neither the name of the author nor the names of any co-contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 * various SMB requests. Most of the routines merely packs data into mbufs.
37 #include <sys/param.h>
38 #include <sys/systm.h>
39 #include <sys/kernel.h>
40 #include <sys/malloc.h>
43 #include <sys/sysctl.h>
44 #include <sys/socket.h>
47 #include <sys/iconv.h>
49 #include <netsmb/smb.h>
50 #include <netsmb/smb_subr.h>
51 #include <netsmb/smb_rq.h>
52 #include <netsmb/smb_conn.h>
53 #include <netsmb/smb_tran.h>
60 static struct smb_dialect smb_dialects[] = {
61 {SMB_DIALECT_CORE, "PC NETWORK PROGRAM 1.0"},
62 {SMB_DIALECT_COREPLUS, "MICROSOFT NETWORKS 1.03"},
63 {SMB_DIALECT_LANMAN1_0, "MICROSOFT NETWORKS 3.0"},
64 {SMB_DIALECT_LANMAN1_0, "LANMAN1.0"},
65 {SMB_DIALECT_LANMAN2_0, "LM1.2X002"},
66 {SMB_DIALECT_LANMAN2_0, "Samba"},
67 {SMB_DIALECT_NTLM0_12, "NT LANMAN 1.0"},
68 {SMB_DIALECT_NTLM0_12, "NT LM 0.12"},
72 #define SMB_DIALECT_MAX (sizeof(smb_dialects) / sizeof(struct smb_dialect) - 2)
75 smb_smb_nomux(struct smb_vc *vcp, struct smb_cred *scred, const char *name)
77 if (scred->scr_p == vcp->vc_iod->iod_p)
79 SMBERROR("wrong function called(%s)\n", name);
84 smb_smb_negotiate(struct smb_vc *vcp, struct smb_cred *scred)
86 struct smb_dialect *dp;
87 struct smb_sopt *sp = NULL;
91 u_int8_t wc, stime[8], sblen;
92 u_int16_t dindex, tw, tw1, swlen, bc;
95 if (smb_smb_nomux(vcp, scred, __FUNCTION__) != 0)
99 vcp->obj.co_flags &= ~(SMBV_ENCRYPT);
101 bzero(sp, sizeof(struct smb_sopt));
102 error = smb_rq_alloc(VCTOCP(vcp), SMB_COM_NEGOTIATE, scred, &rqp);
105 smb_rq_getrequest(rqp, &mbp);
109 for(dp = smb_dialects; dp->d_id != -1; dp++) {
110 mb_put_uint8(mbp, SMB_DT_DIALECT);
111 smb_put_dstring(mbp, vcp, dp->d_name, SMB_CS_NONE);
114 error = smb_rq_simple(rqp);
115 SMBSDEBUG("%d\n", error);
118 smb_rq_getreply(rqp, &mdp);
120 error = md_get_uint8(mdp, &wc);
123 error = md_get_uint16le(mdp, &dindex);
127 SMBERROR("Don't know how to talk with server %s (%d)\n", "xxx", dindex);
131 dp = smb_dialects + dindex;
132 sp->sv_proto = dp->d_id;
133 SMBSDEBUG("Dialect %s (%d, %d)\n", dp->d_name, dindex, wc);
135 if (dp->d_id >= SMB_DIALECT_NTLM0_12) {
138 md_get_uint8(mdp, &sp->sv_sm);
139 md_get_uint16le(mdp, &sp->sv_maxmux);
140 md_get_uint16le(mdp, &sp->sv_maxvcs);
141 md_get_uint32le(mdp, &sp->sv_maxtx);
142 md_get_uint32le(mdp, &sp->sv_maxraw);
143 md_get_uint32le(mdp, &sp->sv_skey);
144 md_get_uint32le(mdp, &sp->sv_caps);
145 md_get_mem(mdp, stime, 8, MB_MSYSTEM);
146 md_get_uint16le(mdp, (u_int16_t*)&sp->sv_tz);
147 md_get_uint8(mdp, &sblen);
148 if (sblen && (sp->sv_sm & SMB_SM_ENCRYPT)) {
149 if (sblen != SMB_MAXCHALLENGELEN) {
150 SMBERROR("Unexpected length of security blob (%d)\n", sblen);
153 error = md_get_uint16(mdp, &bc);
156 if (sp->sv_caps & SMB_CAP_EXT_SECURITY)
157 md_get_mem(mdp, NULL, 16, MB_MSYSTEM);
158 error = md_get_mem(mdp, vcp->vc_ch, sblen, MB_MSYSTEM);
161 vcp->vc_chlen = sblen;
162 vcp->obj.co_flags |= SMBV_ENCRYPT;
164 vcp->vc_hflags2 |= SMB_FLAGS2_KNOWS_LONG_NAMES;
165 if (dp->d_id == SMB_DIALECT_NTLM0_12 &&
166 sp->sv_maxtx < 4096 &&
167 (sp->sv_caps & SMB_CAP_NT_SMBS) == 0) {
168 vcp->obj.co_flags |= SMBV_WIN95;
169 SMBSDEBUG("Win95 detected\n");
171 } else if (dp->d_id > SMB_DIALECT_CORE) {
172 md_get_uint16le(mdp, &tw);
174 md_get_uint16le(mdp, &tw);
176 md_get_uint16le(mdp, &sp->sv_maxmux);
177 md_get_uint16le(mdp, &sp->sv_maxvcs);
178 md_get_uint16le(mdp, &tw); /* rawmode */
179 md_get_uint32le(mdp, &sp->sv_skey);
180 if (wc == 13) { /* >= LANMAN1 */
181 md_get_uint16(mdp, &tw); /* time */
182 md_get_uint16(mdp, &tw1); /* date */
183 md_get_uint16le(mdp, (u_int16_t*)&sp->sv_tz);
184 md_get_uint16le(mdp, &swlen);
185 if (swlen > SMB_MAXCHALLENGELEN)
187 md_get_uint16(mdp, NULL); /* mbz */
188 if (md_get_uint16(mdp, &bc) != 0)
192 if (swlen && (sp->sv_sm & SMB_SM_ENCRYPT)) {
193 error = md_get_mem(mdp, vcp->vc_ch, swlen, MB_MSYSTEM);
196 vcp->vc_chlen = swlen;
197 vcp->obj.co_flags |= SMBV_ENCRYPT;
200 vcp->vc_hflags2 |= SMB_FLAGS2_KNOWS_LONG_NAMES;
201 } else { /* an old CORE protocol */
207 vcp->vc_maxvcs = sp->sv_maxvcs;
208 if (vcp->vc_maxvcs <= 1) {
209 if (vcp->vc_maxvcs == 0)
212 if (sp->sv_maxtx <= 0 || sp->sv_maxtx > 0xffff)
214 SMB_TRAN_GETPARAM(vcp, SMBTP_SNDSZ, &maxqsz);
215 vcp->vc_txmax = min(sp->sv_maxtx, maxqsz);
216 SMBSDEBUG("TZ = %d\n", sp->sv_tz);
217 SMBSDEBUG("CAPS = %x\n", sp->sv_caps);
218 SMBSDEBUG("MAXMUX = %d\n", sp->sv_maxmux);
219 SMBSDEBUG("MAXVCS = %d\n", sp->sv_maxvcs);
220 SMBSDEBUG("MAXRAW = %d\n", sp->sv_maxraw);
221 SMBSDEBUG("MAXTX = %d\n", sp->sv_maxtx);
229 smb_smb_ssnsetup(struct smb_vc *vcp, struct smb_cred *scred)
235 smb_uniptr unipp, ntencpass = NULL;
236 char *pp, *up, *pbuf, *encpass;
237 int error, plen, uniplen, ulen;
239 vcp->vc_smbuid = SMB_UID_UNKNOWN;
241 if (smb_smb_nomux(vcp, scred, __FUNCTION__) != 0)
244 error = smb_rq_alloc(VCTOCP(vcp), SMB_COM_SESSION_SETUP_ANDX, scred, &rqp);
247 pbuf = malloc(SMB_MAXPASSWORDLEN + 1, M_SMBTEMP, M_WAITOK);
248 encpass = malloc(24, M_SMBTEMP, M_WAITOK);
249 if (vcp->vc_sopt.sv_sm & SMB_SM_USER) {
250 iconv_convstr(vcp->vc_toupper, pbuf, smb_vc_getpass(vcp));
251 iconv_convstr(vcp->vc_toserver, pbuf, pbuf);
252 if (vcp->vc_sopt.sv_sm & SMB_SM_ENCRYPT) {
254 smb_encrypt(pbuf, vcp->vc_ch, encpass);
255 ntencpass = malloc(uniplen, M_SMBTEMP, M_WAITOK);
256 iconv_convstr(vcp->vc_toserver, pbuf, smb_vc_getpass(vcp));
257 smb_ntencrypt(pbuf, vcp->vc_ch, (u_char*)ntencpass);
261 plen = strlen(pbuf) + 1;
264 ntencpass = malloc(uniplen, M_SMBTEMP, M_WAITOK);
265 smb_strtouni(ntencpass, smb_vc_getpass(vcp));
272 * In the share security mode password will be used
273 * only in the tree authentication
278 uniplen = sizeof(smb_unieol);
282 up = vcp->vc_username;
283 ulen = strlen(up) + 1;
284 mb_put_uint8(mbp, 0xff);
285 mb_put_uint8(mbp, 0);
286 mb_put_uint16le(mbp, 0);
287 mb_put_uint16le(mbp, vcp->vc_sopt.sv_maxtx);
288 mb_put_uint16le(mbp, vcp->vc_sopt.sv_maxmux);
289 mb_put_uint16le(mbp, vcp->vc_number);
290 mb_put_uint32le(mbp, vcp->vc_sopt.sv_skey);
291 mb_put_uint16le(mbp, plen);
292 if (SMB_DIALECT(vcp) < SMB_DIALECT_NTLM0_12) {
293 mb_put_uint32le(mbp, 0);
296 mb_put_mem(mbp, pp, plen, MB_MSYSTEM);
297 smb_put_dstring(mbp, vcp, up, SMB_CS_NONE);
299 mb_put_uint16le(mbp, uniplen);
300 mb_put_uint32le(mbp, 0); /* reserved */
301 mb_put_uint32le(mbp, 0); /* my caps */
304 mb_put_mem(mbp, pp, plen, MB_MSYSTEM);
305 mb_put_mem(mbp, (caddr_t)unipp, uniplen, MB_MSYSTEM);
306 smb_put_dstring(mbp, vcp, up, SMB_CS_NONE); /* AccountName */
307 smb_put_dstring(mbp, vcp, vcp->vc_domain, SMB_CS_NONE); /* PrimaryDomain */
308 smb_put_dstring(mbp, vcp, "FreeBSD", SMB_CS_NONE); /* Client's OS */
309 smb_put_dstring(mbp, vcp, "NETSMB", SMB_CS_NONE); /* Client name */
313 free(ntencpass, M_SMBTEMP);
314 error = smb_rq_simple(rqp);
315 SMBSDEBUG("%d\n", error);
317 if (rqp->sr_errclass == ERRDOS && rqp->sr_serror == ERRnoaccess)
321 vcp->vc_smbuid = rqp->sr_rpuid;
323 free(encpass, M_SMBTEMP);
324 free(pbuf, M_SMBTEMP);
330 smb_smb_ssnclose(struct smb_vc *vcp, struct smb_cred *scred)
336 if (vcp->vc_smbuid == SMB_UID_UNKNOWN)
339 if (smb_smb_nomux(vcp, scred, __FUNCTION__) != 0)
342 error = smb_rq_alloc(VCTOCP(vcp), SMB_COM_LOGOFF_ANDX, scred, &rqp);
347 mb_put_uint8(mbp, 0xff);
348 mb_put_uint8(mbp, 0);
349 mb_put_uint16le(mbp, 0);
353 error = smb_rq_simple(rqp);
354 SMBSDEBUG("%d\n", error);
359 static char smb_any_share[] = "?????";
362 smb_share_typename(int stype)
371 pp = smb_any_share; /* can't use LPT: here... */
388 smb_smb_treeconnect(struct smb_share *ssp, struct smb_cred *scred)
391 struct smb_rq rq, *rqp = &rq;
393 char *pp, *pbuf, *encpass;
394 int error, plen, caseopt;
396 ssp->ss_tid = SMB_TID_UNKNOWN;
397 error = smb_rq_alloc(SSTOCP(ssp), SMB_COM_TREE_CONNECT_ANDX, scred, &rqp);
401 caseopt = SMB_CS_NONE;
402 if (vcp->vc_sopt.sv_sm & SMB_SM_USER) {
408 pbuf = malloc(SMB_MAXPASSWORDLEN + 1, M_SMBTEMP, M_WAITOK);
409 encpass = malloc(24, M_SMBTEMP, M_WAITOK);
410 iconv_convstr(vcp->vc_toupper, pbuf, smb_share_getpass(ssp));
411 iconv_convstr(vcp->vc_toserver, pbuf, pbuf);
412 if (vcp->vc_sopt.sv_sm & SMB_SM_ENCRYPT) {
414 smb_encrypt(pbuf, vcp->vc_ch, encpass);
417 plen = strlen(pbuf) + 1;
423 mb_put_uint8(mbp, 0xff);
424 mb_put_uint8(mbp, 0);
425 mb_put_uint16le(mbp, 0);
426 mb_put_uint16le(mbp, 0); /* Flags */
427 mb_put_uint16le(mbp, plen);
430 mb_put_mem(mbp, pp, plen, MB_MSYSTEM);
431 smb_put_dmem(mbp, vcp, "\\\\", 2, caseopt);
432 pp = vcp->vc_srvname;
433 smb_put_dmem(mbp, vcp, pp, strlen(pp), caseopt);
434 smb_put_dmem(mbp, vcp, "\\", 1, caseopt);
436 smb_put_dstring(mbp, vcp, pp, caseopt);
437 pp = smb_share_typename(ssp->ss_type);
438 smb_put_dstring(mbp, vcp, pp, caseopt);
440 error = smb_rq_simple(rqp);
441 SMBSDEBUG("%d\n", error);
444 ssp->ss_tid = rqp->sr_rptid;
445 ssp->ss_vcgenid = vcp->vc_genid;
446 ssp->ss_flags |= SMBS_CONNECTED;
449 free(encpass, M_SMBTEMP);
451 free(pbuf, M_SMBTEMP);
457 smb_smb_treedisconnect(struct smb_share *ssp, struct smb_cred *scred)
463 if (ssp->ss_tid == SMB_TID_UNKNOWN)
465 error = smb_rq_alloc(SSTOCP(ssp), SMB_COM_TREE_DISCONNECT, scred, &rqp);
473 error = smb_rq_simple(rqp);
474 SMBSDEBUG("%d\n", error);
476 ssp->ss_tid = SMB_TID_UNKNOWN;
481 smb_smb_read(struct smb_share *ssp, u_int16_t fid,
482 int *len, int *rresid, struct uio *uio, struct smb_cred *scred)
489 int error, rlen, blksz;
491 error = smb_rq_alloc(SSTOCP(ssp), SMB_COM_READ, scred, &rqp);
495 blksz = SSTOVC(ssp)->vc_txmax - SMB_HDRLEN - 16;
496 rlen = *len = min(blksz, *len);
498 smb_rq_getrequest(rqp, &mbp);
500 mb_put_mem(mbp, (caddr_t)&fid, sizeof(fid), MB_MSYSTEM);
501 mb_put_uint16le(mbp, rlen);
502 mb_put_uint32le(mbp, uio->uio_offset);
503 mb_put_uint16le(mbp, min(uio->uio_resid, 0xffff));
508 error = smb_rq_simple(rqp);
511 smb_rq_getreply(rqp, &mdp);
512 md_get_uint8(mdp, &wc);
517 md_get_uint16le(mdp, &resid);
518 md_get_mem(mdp, NULL, 4 * 2, MB_MSYSTEM);
519 md_get_uint16le(mdp, &bc);
520 md_get_uint8(mdp, NULL); /* ignore buffer type */
521 md_get_uint16le(mdp, &resid);
526 error = md_get_uio(mdp, uio, resid);
536 smb_read(struct smb_share *ssp, u_int16_t fid, struct uio *uio,
537 struct smb_cred *scred)
539 int tsize, len, resid;
542 tsize = uio->uio_resid;
545 error = smb_smb_read(ssp, fid, &len, &resid, uio, scred);
556 smb_smb_write(struct smb_share *ssp, u_int16_t fid, int *len, int *rresid,
557 struct uio *uio, struct smb_cred *scred)
566 blksz = SSTOVC(ssp)->vc_txmax - SMB_HDRLEN - 16;
570 resid = *len = min(blksz, *len);
572 error = smb_rq_alloc(SSTOCP(ssp), SMB_COM_WRITE, scred, &rqp);
575 smb_rq_getrequest(rqp, &mbp);
577 mb_put_mem(mbp, (caddr_t)&fid, sizeof(fid), MB_MSYSTEM);
578 mb_put_uint16le(mbp, resid);
579 mb_put_uint32le(mbp, uio->uio_offset);
580 mb_put_uint16le(mbp, min(uio->uio_resid, 0xffff));
583 mb_put_uint8(mbp, SMB_DT_DATA);
584 mb_put_uint16le(mbp, resid);
586 error = mb_put_uio(mbp, uio, resid);
590 error = smb_rq_simple(rqp);
593 smb_rq_getreply(rqp, &mdp);
594 md_get_uint8(mdp, &wc);
599 md_get_uint16le(mdp, &resid);
607 smb_write(struct smb_share *ssp, u_int16_t fid, struct uio *uio,
608 struct smb_cred *scred)
610 int error = 0, len, tsize, resid;
614 * review: manage iov more precisely
616 if (uio->uio_iovcnt != 1) {
617 SMBERROR("can't handle iovcnt > 1\n");
620 tsize = uio->uio_resid;
624 error = smb_smb_write(ssp, fid, &len, &resid, uio, scred);
640 smb_smb_echo(struct smb_vc *vcp, struct smb_cred *scred)
646 error = smb_rq_alloc(VCTOCP(vcp), SMB_COM_ECHO, scred, &rqp);
651 mb_put_uint16le(mbp, 1);
654 mb_put_uint32le(mbp, 0);
656 error = smb_rq_simple(rqp);
657 SMBSDEBUG("%d\n", error);