The branch, master has been updated
via 684c7116 smbd: Offer SMB 3.1.1 by default.
via 8a56fab s3:smb2_negprot: add support for negotiating SMB 3.1.0 and
SMB 3.1.1
via 4481fea s3:smb2_sesssetup.c: For SMB >= 3.1, derive crypto keys
from preauth
via 08845ad s3:smb2_negprot.c: add support SMB 3.1 negotiate contexts
via d944585 s3:smb2_server: allow SMB2_HDR_FLAG_PRIORITY_MASK for SMB
>= 3.1.1
via f424f8d smbd: offer SMB 3.0.2 by default.
via 02b223c s3:smb2_negprot: add support for negotiating SMB 3.0.2
via df78b16 s3:smb2_read: pass in_flags to smbd_smb2_read_send()
via d19517e s3:smb2_write: add simplified support for
SMB2_WRITEFLAG_WRITE_UNBUFFERED
via b1ea74a s3:smb2_create: treat the SVHDX_OPEN_DEVICE_CONTEXT in
smb2_create (not supported)
via 4770ede libcli/smb: SMB 3.0.2: define SVHDX_OPEN_DEVICE_CONTEXT
via e85be92 libcli/smb: SMB 3.0.2: define
FSCTL_QUERY_SHARED_VIRTUAL_DISK_SUPPORT
via a11aa8c libcli/smb: SMB 3.0.2: define
FSCTL_SVHDX_SYNC_TUNNEL_REQUEST
via 9aaeb67 libcli/smb: SMB 3.0.2: define
SMB2_WRITEFLAG_WRITE_UNBUFFERED
via a8c3d94 libcli/smb: SMB 3.0.2: define SMB2_READFLAG_READ_UNBUFFERED
via 79a7ecb s3:torture: handle PROTOCOL_SMB3_11
via e978584 libcli/smb: add support for SMB >= 3.1.1 io priorities
via 6ce14a9 libcli/smb: add define for SMB 3.1.1
SMB2_HDR_FLAG_PRIORITY_MASK and helper macros
via a554f02 libcli/smb: add PROTOCOL_SMB3_11 and
SMB3_DIALECT_REVISION_311
via c29ff00 libcli/smb: don't alter state->smb2.hdr when getting
STATUS_PENDING
via d3ed269 libcli: add new NTSTATUS codes from SMB 3.1
via fae184e libcli: add missing printable form of NT_STATUS_VHD_SHARED
via 5d626db s4:torture/smb2: fix crash a crash bug in
smb2.session.reconnect1
from ca157b3 vfs: Fix the O3 developer build
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 684c7116657c81d0d5000c76982310374c41c612
Author: Stefan Metzmacher <[email protected]>
Date: Fri Oct 10 15:24:55 2014 +0200
smbd: Offer SMB 3.1.1 by default.
Pair-Programmed-With: Michael Adam <[email protected]>
Signed-off-by: Stefan Metzmacher <[email protected]>
Signed-off-by: Michael Adam <[email protected]>
Autobuild-User(master): Michael Adam <[email protected]>
Autobuild-Date(master): Fri May 8 15:49:32 CEST 2015 on sn-devel-104
commit 8a56fab24d04a46ba5641c7211d9cefb6b6720d2
Author: Stefan Metzmacher <[email protected]>
Date: Mon Oct 13 11:01:59 2014 +0200
s3:smb2_negprot: add support for negotiating SMB 3.1.0 and SMB 3.1.1
Note: SMB 3.1.0 was used in a early preview versions of Windows 10.
Was later superseded by 3.1.1.
Pair-Programmed-With: Michael Adam <[email protected]>
Signed-off-by: Stefan Metzmacher <[email protected]>
Signed-off-by: Michael Adam <[email protected]>
commit 4481fea86a95df2abe558b67c31f4c86db75910a
Author: Stefan Metzmacher <[email protected]>
Date: Fri Oct 10 14:04:25 2014 +0200
s3:smb2_sesssetup.c: For SMB >= 3.1, derive crypto keys from preauth
This protects the full connection setup including
a posteriori verification of the negotiate messages,
by signing the final session setup response with a signing key
derived from the preauth hash and the authentication session key.
Pair-Programmed-With: Michael Adam <[email protected]>
Signed-off-by: Stefan Metzmacher <[email protected]>
Signed-off-by: Michael Adam <[email protected]>
commit 08845ad61641a66f9019a9ae35ff765d9d093ea9
Author: Michael Adam <[email protected]>
Date: Wed Oct 8 19:25:15 2014 +0200
s3:smb2_negprot.c: add support SMB 3.1 negotiate contexts
Used for:
- preauthentication validation
- negotiation of ciphers for sigingn and encryprtion
Pair-Programmed-With: Stefan Metzmacher <[email protected]>
Signed-off-by: Michael Adam <[email protected]>
Signed-off-by: Stefan Metzmacher <[email protected]>
commit d9445854199caff2be08f59fe74c5791cbe473d8
Author: Stefan Metzmacher <[email protected]>
Date: Fri May 8 08:17:00 2015 +0000
s3:smb2_server: allow SMB2_HDR_FLAG_PRIORITY_MASK for SMB >= 3.1.1
Signed-off-by: Stefan Metzmacher <[email protected]>
Reviewed-by: Michael Adam <[email protected]>
commit f424f8d1c2ea7e9396cded034d01b860e49b6161
Author: Michael Adam <[email protected]>
Date: Wed May 6 11:30:11 2015 +0200
smbd: offer SMB 3.0.2 by default.
Signed-off-by: Michael Adam <[email protected]>
Reviewed-by: Michael Adam <[email protected]>
commit 02b223ced398f40a016db83d41ad1581512002d1
Author: Stefan Metzmacher <[email protected]>
Date: Mon Oct 13 11:01:59 2014 +0200
s3:smb2_negprot: add support for negotiating SMB 3.0.2
Pair-Programmed-With: Michael Adam <[email protected]>
Signed-off-by: Stefan Metzmacher <[email protected]>
Signed-off-by: Michael Adam <[email protected]>
commit df78b1665836e87d4f128c2e46c898d1cb89dc2a
Author: Stefan Metzmacher <[email protected]>
Date: Wed May 6 10:52:57 2015 +0200
s3:smb2_read: pass in_flags to smbd_smb2_read_send()
For now we still ignore the flags.
Signed-off-by: Stefan Metzmacher <[email protected]>
commit d19517e7a4b414fab9ae2ff35541e143b46bf0d6
Author: Stefan Metzmacher <[email protected]>
Date: Wed May 6 10:42:29 2015 +0200
s3:smb2_write: add simplified support for SMB2_WRITEFLAG_WRITE_UNBUFFERED
TODO: we should add alignment checks.
Signed-off-by: Stefan Metzmacher <[email protected]>
commit b1ea74af4cd619bae3c73ff6ea14a9204ab6fee1
Author: Michael Adam <[email protected]>
Date: Wed May 6 00:38:55 2015 +0200
s3:smb2_create: treat the SVHDX_OPEN_DEVICE_CONTEXT in smb2_create (not
supported)
Pair-Programmed-With: Stefan Metzmacher <[email protected]>
Signed-off-by: Michael Adam <[email protected]>
Signed-off-by: Stefan Metzmacher <[email protected]>
commit 4770edec625364765a50247abd6222dc1d9148ea
Author: Michael Adam <[email protected]>
Date: Wed May 6 00:28:19 2015 +0200
libcli/smb: SMB 3.0.2: define SVHDX_OPEN_DEVICE_CONTEXT
Signed-off-by: Michael Adam <[email protected]>
Reviewed-by: Stefan Metzmacher <[email protected]>
commit e85be925cca07d01a122f91df61cb97c5bea8b6c
Author: Michael Adam <[email protected]>
Date: Wed May 6 00:56:34 2015 +0200
libcli/smb: SMB 3.0.2: define FSCTL_QUERY_SHARED_VIRTUAL_DISK_SUPPORT
Signed-off-by: Michael Adam <[email protected]>
Reviewed-by: Stefan Metzmacher <[email protected]>
commit a11aa8cf516a421265ecb9fdefe25827d0d22561
Author: Michael Adam <[email protected]>
Date: Wed May 6 00:55:27 2015 +0200
libcli/smb: SMB 3.0.2: define FSCTL_SVHDX_SYNC_TUNNEL_REQUEST
Signed-off-by: Michael Adam <[email protected]>
Reviewed-by: Stefan Metzmacher <[email protected]>
commit 9aaeb67084185c71869f5dc297af1f7da5b4cdab
Author: Michael Adam <[email protected]>
Date: Wed May 6 00:18:16 2015 +0200
libcli/smb: SMB 3.0.2: define SMB2_WRITEFLAG_WRITE_UNBUFFERED
Signed-off-by: Michael Adam <[email protected]>
Reviewed-by: Stefan Metzmacher <[email protected]>
commit a8c3d94a6b70efc927ea462575841e548981e28b
Author: Michael Adam <[email protected]>
Date: Wed May 6 00:16:34 2015 +0200
libcli/smb: SMB 3.0.2: define SMB2_READFLAG_READ_UNBUFFERED
Signed-off-by: Michael Adam <[email protected]>
Reviewed-by: Stefan Metzmacher <[email protected]>
commit 79a7ecba1404713233fc41a21130847b7e21c826
Author: Stefan Metzmacher <[email protected]>
Date: Wed Mar 4 07:03:44 2015 +0100
s3:torture: handle PROTOCOL_SMB3_11
Signed-off-by: Stefan Metzmacher <[email protected]>
commit e97858433e62c6f3571a65b951c5fc7c47ab8c2f
Author: Michael Adam <[email protected]>
Date: Fri May 8 12:52:23 2015 +0200
libcli/smb: add support for SMB >= 3.1.1 io priorities
Pair-Programmed-With: Stefan Metzmacher <[email protected]>
Signed-off-by: Michael Adam <[email protected]>
Signed-off-by: Stefan Metzmacher <[email protected]>
commit 6ce14a9a8bdcd3537f55d434389d5672e2472d54
Author: Stefan Metzmacher <[email protected]>
Date: Fri May 8 08:15:52 2015 +0000
libcli/smb: add define for SMB 3.1.1 SMB2_HDR_FLAG_PRIORITY_MASK and helper
macros
Signed-off-by: Stefan Metzmacher <[email protected]>
Reviewed-by: Michael Adam <[email protected]>
commit a554f02bc16068d3a42050e6e39608c65565c5f9
Author: Stefan Metzmacher <[email protected]>
Date: Wed Mar 4 07:02:38 2015 +0100
libcli/smb: add PROTOCOL_SMB3_11 and SMB3_DIALECT_REVISION_311
Signed-off-by: Stefan Metzmacher <[email protected]>
Reviewed-by: Michael Adam <[email protected]>
commit c29ff00fe4b2e9295c9796901452af06a4d15653
Author: Michael Adam <[email protected]>
Date: Fri May 8 12:05:06 2015 +0200
libcli/smb: don't alter state->smb2.hdr when getting STATUS_PENDING
We need to make sure smb2cli_req_get_sent_iov() returns what was sent
over the wire. This is required in order to correctly perform
the preauth calculation for SMB >= 3.1.
We keep separate variables for the cancel information we got
from a STATUS_PENDING response.
Pair-Programmed-With: Stefan Metzmacher <[email protected]>
Signed-off-by: Michael Adam <[email protected]>
Signed-off-by: Stefan Metzmacher <[email protected]>
commit d3ed269074f7d7ca833e1753cda3ab5c3d4edab4
Author: Michael Adam <[email protected]>
Date: Wed May 6 11:40:45 2015 +0200
libcli: add new NTSTATUS codes from SMB 3.1
NT_STATUS_SMB_NO_PREAUTH_INTEGRITY_HASH_OVERLAP
NT_STATUS_SMB_BAD_CLUSTER_DIALECT
Pair-Programmed-With: Stefan Metzmacher <[email protected]>
Signed-off-by: Michael Adam <[email protected]>
Signed-off-by: Stefan Metzmacher <[email protected]>
commit fae184e8050ca2ccecbea493f3861d065cd21dbe
Author: Michael Adam <[email protected]>
Date: Wed May 6 11:40:04 2015 +0200
libcli: add missing printable form of NT_STATUS_VHD_SHARED
Pair-Programmed-With: Stefan Metzmacher <[email protected]>
Signed-off-by: Michael Adam <[email protected]>
Signed-off-by: Stefan Metzmacher <[email protected]>
commit 5d626dbdd29a50d59693561468527050d1f30aa2
Author: Stefan Metzmacher <[email protected]>
Date: Fri May 8 08:52:16 2015 +0200
s4:torture/smb2: fix crash a crash bug in smb2.session.reconnect1
Signed-off-by: Stefan Metzmacher <[email protected]>
Reviewed-by: Michael Adam <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
docs-xml/manpages/smb.conf.5.xml | 7 +-
docs-xml/smbdotconf/protocol/clientmaxprotocol.xml | 7 +-
docs-xml/smbdotconf/protocol/servermaxprotocol.xml | 11 +-
lib/param/param_table.c | 3 +-
libcli/smb/smb2_constants.h | 9 +
libcli/smb/smbXcli_base.c | 57 +++--
libcli/smb/smbXcli_base.h | 3 +
libcli/smb/smb_constants.h | 7 +-
libcli/util/nterr.c | 3 +
libcli/util/ntstatus.h | 2 +
source3/librpc/idl/smbXsrv.idl | 1 +
source3/param/loadparm.c | 2 +-
source3/smbd/globals.h | 7 +
source3/smbd/smb2_create.c | 15 ++
source3/smbd/smb2_negprot.c | 246 ++++++++++++++++++++-
source3/smbd/smb2_read.c | 11 +
source3/smbd/smb2_server.c | 36 +++
source3/smbd/smb2_sesssetup.c | 98 ++++++--
source3/smbd/smb2_write.c | 5 +
source3/smbd/smbXsrv_session.c | 11 +
source3/torture/test_smb2.c | 3 +
source4/torture/smb2/session.c | 17 +-
22 files changed, 503 insertions(+), 58 deletions(-)
Changeset truncated at 500 lines:
diff --git a/docs-xml/manpages/smb.conf.5.xml b/docs-xml/manpages/smb.conf.5.xml
index e98d183..cb2f40b 100644
--- a/docs-xml/manpages/smb.conf.5.xml
+++ b/docs-xml/manpages/smb.conf.5.xml
@@ -470,8 +470,11 @@ chmod 1770 /usr/local/samba/lib/usershares
<varlistentry>
<term>%R</term>
- <listitem><para>the selected protocol level after protocol
negotiation. It can be one of CORE, COREPLUS,
- LANMAN1, LANMAN2, NT1, SMB2_02, SMB2_10, SMB2_22,
SMB2_24, SMB3_00, SMB3_02, SMB3_10 or SMB2_FF.</para></listitem>
+ <listitem><para>the selected protocol level after protocol
negotiation. It can be one of
+ CORE, COREPLUS, LANMAN1, LANMAN2, NT1,
+ SMB2_02, SMB2_10, SMB2_22, SMB2_24,
+ SMB3_00, SMB3_02, SMB3_10, SMB3_11
+ or SMB2_FF.</para></listitem>
</varlistentry>
<varlistentry>
diff --git a/docs-xml/smbdotconf/protocol/clientmaxprotocol.xml
b/docs-xml/smbdotconf/protocol/clientmaxprotocol.xml
index 1b16814..e68226f 100644
--- a/docs-xml/smbdotconf/protocol/clientmaxprotocol.xml
+++ b/docs-xml/smbdotconf/protocol/clientmaxprotocol.xml
@@ -64,10 +64,13 @@
<para><constant>SMB3_02</constant>: Windows 8.1 SMB3
version.</para>
</listitem>
<listitem>
- <para><constant>SMB3_10</constant>: Windows 10 technical
preview SMB3 version.</para>
+ <para><constant>SMB3_10</constant>: early Windows 10
technical preview SMB3 version.</para>
+ </listitem>
+ <listitem>
+ <para><constant>SMB3_11</constant>: Windows 10 technical
preview SMB3 version (maybe final).</para>
</listitem>
</itemizedlist>
- <para>By default SMB3 selects the SMB3_00 variant.</para>
+ <para>By default SMB3 selects the SMB3_11 variant.</para>
</listitem>
</itemizedlist>
diff --git a/docs-xml/smbdotconf/protocol/servermaxprotocol.xml
b/docs-xml/smbdotconf/protocol/servermaxprotocol.xml
index 41532a9..7321d22 100644
--- a/docs-xml/smbdotconf/protocol/servermaxprotocol.xml
+++ b/docs-xml/smbdotconf/protocol/servermaxprotocol.xml
@@ -49,8 +49,17 @@
<listitem>
<para><constant>SMB3_00</constant>: Windows 8 SMB3 version.
(mostly the same as SMB2_24)</para>
</listitem>
+ <listitem>
+ <para><constant>SMB3_02</constant>: Windows 8.1 SMB3
version.</para>
+ </listitem>
+ <listitem>
+ <para><constant>SMB3_10</constant>: early Windows 10
technical preview SMB3 version.</para>
+ </listitem>
+ <listitem>
+ <para><constant>SMB3_11</constant>: Windows 10 technical
preview SMB3 version (maybe final).</para>
+ </listitem>
</itemizedlist>
- <para>By default SMB3 selects the SMB3_00 variant.</para>
+ <para>By default SMB3 selects the SMB3_11 variant.</para>
</listitem>
</itemizedlist>
diff --git a/lib/param/param_table.c b/lib/param/param_table.c
index eede823..287839f 100644
--- a/lib/param/param_table.c
+++ b/lib/param/param_table.c
@@ -40,7 +40,8 @@
static const struct enum_list enum_protocol[] = {
{PROTOCOL_DEFAULT, "default"}, /* the caller decides what this means */
{PROTOCOL_SMB2_10, "SMB2"}, /* for now keep PROTOCOL_SMB2_10 */
- {PROTOCOL_SMB3_00, "SMB3"}, /* for now keep PROTOCOL_SMB3_00 */
+ {PROTOCOL_SMB3_11, "SMB3"}, /* for now keep PROTOCOL_SMB3_11 */
+ {PROTOCOL_SMB3_11, "SMB3_11"},
{PROTOCOL_SMB3_10, "SMB3_10"},
{PROTOCOL_SMB3_02, "SMB3_02"},
{PROTOCOL_SMB3_00, "SMB3_00"},
diff --git a/libcli/smb/smb2_constants.h b/libcli/smb/smb2_constants.h
index baee847..2bda4e9 100644
--- a/libcli/smb/smb2_constants.h
+++ b/libcli/smb/smb2_constants.h
@@ -63,9 +63,13 @@
#define SMB2_HDR_FLAG_ASYNC 0x02
#define SMB2_HDR_FLAG_CHAINED 0x04
#define SMB2_HDR_FLAG_SIGNED 0x08
+#define SMB2_HDR_FLAG_PRIORITY_MASK 0x70
#define SMB2_HDR_FLAG_DFS 0x10000000
#define SMB2_HDR_FLAG_REPLAY_OPERATION 0x20000000
+#define SMB2_PRIORITY_MASK_TO_VALUE(__m) (((__m) &
SMB2_HDR_FLAG_PRIORITY_MASK) >> 4)
+#define SMB2_PRIORITY_VALUE_TO_MASK(__v) (((__v) << 4) &
SMB2_HDR_FLAG_PRIORITY_MASK)
+
/* SMB2 opcodes */
#define SMB2_OP_NEGPROT 0x00
#define SMB2_OP_SESSSETUP 0x01
@@ -98,6 +102,7 @@
#define SMB3_DIALECT_REVISION_300 0x0300
#define SMB3_DIALECT_REVISION_302 0x0302
#define SMB3_DIALECT_REVISION_310 0x0310
+#define SMB3_DIALECT_REVISION_311 0x0311
#define SMB2_DIALECT_REVISION_2FF 0x02FF
/* SMB2 negotiate security_mode */
@@ -224,6 +229,7 @@
#define SMB2_CREATE_TAG_DH2C "DH2C"
#define SMB2_CREATE_TAG_AAPL "AAPL"
#define SMB2_CREATE_TAG_APP_INSTANCE_ID
"\x45\xBC\xA6\x6A\xEF\xA7\xF7\x4A\x90\x08\xFA\x46\x2E\x14\x4D\x74"
+#define SVHDX_OPEN_DEVICE_CONTEXT
"\x9C\xCB\xCF\x9E\x04\xC1\xE6\x43\x98\x0E\x15\x8D\xA1\xF6\xEC\x83"
/* SMB2 notify flags */
#define SMB2_WATCH_TREE 0x0001
@@ -256,7 +262,10 @@
#define SMB2_CLOSE_FLAGS_FULL_INFORMATION (0x01)
+#define SMB2_READFLAG_READ_UNBUFFERED 0x01
+
#define SMB2_WRITEFLAG_WRITE_THROUGH 0x00000001
+#define SMB2_WRITEFLAG_WRITE_UNBUFFERED 0x00000002
/* 2.2.31 SMB2 IOCTL Request */
#define SMB2_IOCTL_FLAG_IS_FSCTL 0x00000001
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index 9f73566..0754203 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -130,6 +130,8 @@ struct smbXcli_conn {
uint16_t cur_credits;
uint16_t max_credits;
+ uint8_t io_priority;
+
uint8_t preauth_sha512[64];
} smb2;
@@ -274,6 +276,9 @@ struct smbXcli_req_state {
bool signing_skipped;
bool notify_async;
bool got_async;
+ uint16_t cancel_flags;
+ uint64_t cancel_mid;
+ uint64_t cancel_aid;
} smb2;
};
@@ -402,6 +407,7 @@ struct smbXcli_conn *smbXcli_conn_create(TALLOC_CTX
*mem_ctx,
conn->smb2.cur_credits = 1;
conn->smb2.max_credits = 0;
+ conn->smb2.io_priority = 1;
talloc_set_destructor(conn, smbXcli_conn_destructor);
return conn;
@@ -2574,6 +2580,21 @@ void smb2cli_conn_set_max_credits(struct smbXcli_conn
*conn,
conn->smb2.max_credits = max_credits;
}
+uint8_t smb2cli_conn_get_io_priority(struct smbXcli_conn *conn)
+{
+ if (conn->protocol < PROTOCOL_SMB3_11) {
+ return 0;
+ }
+
+ return conn->smb2.io_priority;
+}
+
+void smb2cli_conn_set_io_priority(struct smbXcli_conn *conn,
+ uint8_t io_priority)
+{
+ conn->smb2.io_priority = io_priority;
+}
+
static void smb2cli_req_cancel_done(struct tevent_req *subreq);
static bool smb2cli_req_cancel(struct tevent_req *req)
@@ -2581,9 +2602,6 @@ static bool smb2cli_req_cancel(struct tevent_req *req)
struct smbXcli_req_state *state =
tevent_req_data(req,
struct smbXcli_req_state);
- uint32_t flags = IVAL(state->smb2.hdr, SMB2_HDR_FLAGS);
- uint64_t mid = BVAL(state->smb2.hdr, SMB2_HDR_MESSAGE_ID);
- uint64_t aid = BVAL(state->smb2.hdr, SMB2_HDR_ASYNC_ID);
struct smbXcli_tcon *tcon = state->tcon;
struct smbXcli_session *session = state->session;
uint8_t *fixed = state->smb2.pad;
@@ -2598,7 +2616,7 @@ static bool smb2cli_req_cancel(struct tevent_req *req)
subreq = smb2cli_req_create(state, state->ev,
state->conn,
SMB2_OP_CANCEL,
- flags, 0,
+ 0, 0, /* flags */
0, /* timeout */
tcon, session,
fixed, fixed_len,
@@ -2608,19 +2626,9 @@ static bool smb2cli_req_cancel(struct tevent_req *req)
}
substate = tevent_req_data(subreq, struct smbXcli_req_state);
- /*
- * clear everything but the SMB2_HDR_FLAG_ASYNC flag
- * e.g. if SMB2_HDR_FLAG_CHAINED is set we get INVALID_PARAMETER back
- */
- flags &= SMB2_HDR_FLAG_ASYNC;
-
- if (flags & SMB2_HDR_FLAG_ASYNC) {
- mid = 0;
- }
-
- SIVAL(substate->smb2.hdr, SMB2_HDR_FLAGS, flags);
- SBVAL(substate->smb2.hdr, SMB2_HDR_MESSAGE_ID, mid);
- SBVAL(substate->smb2.hdr, SMB2_HDR_ASYNC_ID, aid);
+ SIVAL(substate->smb2.hdr, SMB2_HDR_FLAGS, state->smb2.cancel_flags);
+ SBVAL(substate->smb2.hdr, SMB2_HDR_MESSAGE_ID, state->smb2.cancel_mid);
+ SBVAL(substate->smb2.hdr, SMB2_HDR_ASYNC_ID, state->smb2.cancel_aid);
status = smb2cli_req_compound_submit(&subreq, 1);
if (!NT_STATUS_IS_OK(status)) {
@@ -2684,6 +2692,10 @@ struct tevent_req *smb2cli_req_create(TALLOC_CTX
*mem_ctx,
use_replay_flag = true;
}
+ if (smbXcli_conn_protocol(conn) >= PROTOCOL_SMB3_11) {
+ flags |= SMB2_PRIORITY_VALUE_TO_MASK(conn->smb2.io_priority);
+ }
+
if (session) {
uid = session->smb2->session_id;
@@ -2965,6 +2977,10 @@ NTSTATUS smb2cli_req_compound_submit(struct tevent_req
**reqs,
SSVAL(state->smb2.hdr, SMB2_HDR_CREDIT, credits);
SBVAL(state->smb2.hdr, SMB2_HDR_MESSAGE_ID, mid);
+ state->smb2.cancel_flags = 0;
+ state->smb2.cancel_mid = mid;
+ state->smb2.cancel_aid = 0;
+
skip_credits:
if (state->session && encryption_key == NULL) {
/*
@@ -3431,9 +3447,9 @@ static NTSTATUS smb2cli_conn_dispatch_incoming(struct
smbXcli_conn *conn,
* even if the SMB2_HDR_FLAG_SIGNED flag
* is set.
*/
- req_flags |= SMB2_HDR_FLAG_ASYNC;
- SBVAL(state->smb2.hdr, SMB2_HDR_FLAGS, req_flags);
- SBVAL(state->smb2.hdr, SMB2_HDR_ASYNC_ID, async_id);
+ state->smb2.cancel_flags = SMB2_HDR_FLAG_ASYNC;
+ state->smb2.cancel_mid = 0;
+ state->smb2.cancel_aid = async_id;
if (state->smb2.notify_async) {
tevent_req_defer_callback(req, state->ev);
@@ -3805,6 +3821,7 @@ static const struct {
{PROTOCOL_SMB3_00, SMB3_DIALECT_REVISION_300},
{PROTOCOL_SMB3_02, SMB3_DIALECT_REVISION_302},
{PROTOCOL_SMB3_10, SMB3_DIALECT_REVISION_310},
+ {PROTOCOL_SMB3_11, SMB3_DIALECT_REVISION_311},
};
struct smbXcli_negprot_state {
diff --git a/libcli/smb/smbXcli_base.h b/libcli/smb/smbXcli_base.h
index 2e13b57..8f27c20 100644
--- a/libcli/smb/smbXcli_base.h
+++ b/libcli/smb/smbXcli_base.h
@@ -303,6 +303,9 @@ uint32_t smb2cli_conn_max_read_size(struct smbXcli_conn
*conn);
uint32_t smb2cli_conn_max_write_size(struct smbXcli_conn *conn);
void smb2cli_conn_set_max_credits(struct smbXcli_conn *conn,
uint16_t max_credits);
+uint8_t smb2cli_conn_get_io_priority(struct smbXcli_conn *conn);
+void smb2cli_conn_set_io_priority(struct smbXcli_conn *conn,
+ uint8_t io_priority);
struct tevent_req *smb2cli_req_create(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
diff --git a/libcli/smb/smb_constants.h b/libcli/smb/smb_constants.h
index 5d494f4..589b1a63 100644
--- a/libcli/smb/smb_constants.h
+++ b/libcli/smb/smb_constants.h
@@ -89,9 +89,10 @@ enum protocol_types {
PROTOCOL_SMB2_24,
PROTOCOL_SMB3_00,
PROTOCOL_SMB3_02,
- PROTOCOL_SMB3_10
+ PROTOCOL_SMB3_10,
+ PROTOCOL_SMB3_11
};
-#define PROTOCOL_LATEST PROTOCOL_SMB3_10
+#define PROTOCOL_LATEST PROTOCOL_SMB3_11
enum smb_signing_setting {
SMB_SIGNING_DEFAULT = -1,
@@ -528,6 +529,8 @@ enum csc_policy {
#define FSCTL_SET_INTEGRITY_INFORMATION (FSCTL_FILESYSTEM | FSCTL_ACCESS_READ \
| FSCTL_ACCESS_WRITE
| 0x0280 | FSCTL_METHOD_BUFFERED)
#define FSCTL_DUP_EXTENTS_TO_FILE (FSCTL_FILESYSTEM | FSCTL_ACCESS_WRITE
| 0x0344 | FSCTL_METHOD_BUFFERED)
+#define FSCTL_SVHDX_SYNC_TUNNEL_REQUEST (FSCTL_FILESYSTEM |
FSCTL_ACCESS_ANY | 0x0304 | FSCTL_METHOD_BUFFERED)
+#define FSCTL_QUERY_SHARED_VIRTUAL_DISK_SUPPORT (FSCTL_FILESYSTEM |
FSCTL_ACCESS_ANY | 0x0300 | FSCTL_METHOD_BUFFERED)
#define FSCTL_NAMED_PIPE 0x00110000
#define FSCTL_PIPE_PEEK (FSCTL_NAMED_PIPE |
FSCTL_ACCESS_READ | 0x000C | FSCTL_METHOD_BUFFERED)
diff --git a/libcli/util/nterr.c b/libcli/util/nterr.c
index dbf399b..8f2de99 100644
--- a/libcli/util/nterr.c
+++ b/libcli/util/nterr.c
@@ -1852,6 +1852,9 @@ const nt_err_code_struct nt_errs[] =
{ "NT_STATUS_VHD_CHILD_PARENT_SIZE_MISMATCH",
NT_STATUS_VHD_CHILD_PARENT_SIZE_MISMATCH },
{ "NT_STATUS_VHD_DIFFERENCING_CHAIN_CYCLE_DETECTED",
NT_STATUS_VHD_DIFFERENCING_CHAIN_CYCLE_DETECTED },
{ "NT_STATUS_VHD_DIFFERENCING_CHAIN_ERROR_IN_PARENT",
NT_STATUS_VHD_DIFFERENCING_CHAIN_ERROR_IN_PARENT },
+ { "NT_STATUS_VHD_SHARED", NT_STATUS_VHD_SHARED },
+ { "NT_STATUS_SMB_NO_PREAUTH_INTEGRITY_HASH_OVERLAP",
NT_STATUS_SMB_NO_PREAUTH_INTEGRITY_HASH_OVERLAP },
+ { "NT_STATUS_SMB_BAD_CLUSTER_DIALECT",
NT_STATUS_SMB_BAD_CLUSTER_DIALECT },
DOS_CODE(ERRDOS, ERRsuccess),
DOS_CODE(ERRDOS, ERRbadfunc),
diff --git a/libcli/util/ntstatus.h b/libcli/util/ntstatus.h
index 325930f..572093b 100644
--- a/libcli/util/ntstatus.h
+++ b/libcli/util/ntstatus.h
@@ -1892,6 +1892,8 @@ typedef uint32_t NTSTATUS;
#define NT_STATUS_VHD_DIFFERENCING_CHAIN_CYCLE_DETECTED NT_STATUS(0xC03A0018)
#define NT_STATUS_VHD_DIFFERENCING_CHAIN_ERROR_IN_PARENT NT_STATUS(0xC03A0019)
#define NT_STATUS_VHD_SHARED NT_STATUS(0xC05CFF0A)
+#define NT_STATUS_SMB_NO_PREAUTH_INTEGRITY_HASH_OVERLAP
NT_STATUS(0xC05D0000)
+#define NT_STATUS_SMB_BAD_CLUSTER_DIALECT NT_STATUS(0xC05D0001)
/* I use NT_STATUS_FOOBAR when I have no idea what error code to use -
* this means we need a torture test */
diff --git a/source3/librpc/idl/smbXsrv.idl b/source3/librpc/idl/smbXsrv.idl
index ec6d0ea..b3a24a5 100644
--- a/source3/librpc/idl/smbXsrv.idl
+++ b/source3/librpc/idl/smbXsrv.idl
@@ -190,6 +190,7 @@ interface smbXsrv
[ignore] gensec_security *gensec;
[ignore] user_struct *compat;
[ignore] smbXsrv_tcon_table *tcon_table;
+ [ignore] smbXsrv_preauth *preauth;
} smbXsrv_session;
typedef union {
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index a81a20a..6f8e145 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -643,7 +643,7 @@ static void init_globals(struct loadparm_context *lp_ctx,
bool reinit_globals)
Globals.large_readwrite = true;
Globals.max_log_size = 5000;
Globals.max_open_files = max_open_files();
- Globals.server_max_protocol = PROTOCOL_SMB3_00;
+ Globals.server_max_protocol = PROTOCOL_SMB3_11;
Globals.server_min_protocol = PROTOCOL_LANMAN1;
Globals._client_max_protocol = PROTOCOL_DEFAULT;
Globals.client_min_protocol = PROTOCOL_CORE;
diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h
index 22cf5d6..3ddafaf 100644
--- a/source3/smbd/globals.h
+++ b/source3/smbd/globals.h
@@ -344,6 +344,10 @@ bool push_deferred_open_message_smb2(struct
smbd_smb2_request *smb2req,
struct smbXsrv_client;
+struct smbXsrv_preauth {
+ uint8_t sha512_value[64];
+};
+
struct smbXsrv_connection {
struct smbXsrv_connection *prev, *next;
@@ -516,6 +520,8 @@ struct smbXsrv_connection {
uint16_t cipher;
} server;
+ struct smbXsrv_preauth preauth;
+
struct smbd_smb2_request *requests;
} smb2;
};
@@ -662,6 +668,7 @@ struct smbd_smb2_request {
* request/response of a compound chain
*/
DATA_BLOB last_key;
+ struct smbXsrv_preauth *preauth;
struct timeval request_time;
diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c
index c9cc9bd..880ceee 100644
--- a/source3/smbd/smb2_create.c
+++ b/source3/smbd/smb2_create.c
@@ -675,6 +675,7 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX
*mem_ctx,
struct smb2_lease lease;
struct smb2_lease *lease_ptr = NULL;
ssize_t lease_len = -1;
+ struct smb2_create_blob *svhdx = NULL;
exta = smb2_create_blob_find(&in_context_blobs,
SMB2_CREATE_TAG_EXTA);
@@ -688,6 +689,13 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX
*mem_ctx,
SMB2_CREATE_TAG_TWRP);
qfid = smb2_create_blob_find(&in_context_blobs,
SMB2_CREATE_TAG_QFID);
+ if (smb2req->xconn->protocol >= PROTOCOL_SMB3_02) {
+ /*
+ * This was introduced with SMB3_02
+ */
+ svhdx = smb2_create_blob_find(&in_context_blobs,
+
SVHDX_OPEN_DEVICE_CONTEXT);
+ }
fname = talloc_strdup(state, in_name);
if (tevent_req_nomem(fname, req)) {
@@ -902,6 +910,13 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX
*mem_ctx,
}
}
+ if (svhdx != NULL) {
+ /* SharedVHD is not yet supported */
+ tevent_req_nterror(
+ req, NT_STATUS_INVALID_DEVICE_REQUEST);
+ return tevent_req_post(req, ev);
+ }
+
/* these are ignored for SMB2 */
in_create_options &= ~(0x10);/* NTCREATEX_OPTIONS_SYNC_ALERT */
in_create_options &= ~(0x20);/* NTCREATEX_OPTIONS_ASYNC_ALERT */
diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c
index 9987967..63bac9e 100644
--- a/source3/smbd/smb2_negprot.c
+++ b/source3/smbd/smb2_negprot.c
@@ -22,6 +22,7 @@
#include "smbd/smbd.h"
#include "smbd/globals.h"
#include "../libcli/smb/smb_common.h"
+#include "../libcli/smb/smb2_negotiate_context.h"
#include "../lib/tsocket/tsocket.h"
#include "../librpc/ndr/libndr.h"
@@ -91,6 +92,9 @@ enum protocol_types smbd_smb2_protocol_dialect_match(const
uint8_t *indyn,
enum protocol_types proto;
uint16_t dialect;
} pd[] = {
+ { PROTOCOL_SMB3_11, SMB3_DIALECT_REVISION_311 },
+ { PROTOCOL_SMB3_10, SMB3_DIALECT_REVISION_310 },
+ { PROTOCOL_SMB3_02, SMB3_DIALECT_REVISION_302 },
{ PROTOCOL_SMB3_00, SMB3_DIALECT_REVISION_300 },
{ PROTOCOL_SMB2_24, SMB2_DIALECT_REVISION_224 },
{ PROTOCOL_SMB2_22, SMB2_DIALECT_REVISION_222 },
@@ -139,6 +143,13 @@ NTSTATUS smbd_smb2_request_process_negprot(struct
smbd_smb2_request *req)
uint32_t in_capabilities;
DATA_BLOB in_guid_blob;
struct GUID in_guid;
+ struct smb2_negotiate_contexts in_c = { .num_contexts = 0, };
+ struct smb2_negotiate_context *in_preauth = NULL;
+ struct smb2_negotiate_context *in_cipher = NULL;
+ struct smb2_negotiate_contexts out_c = { .num_contexts = 0, };
+ DATA_BLOB out_negotiate_context_blob = data_blob_null;
+ uint32_t out_negotiate_context_offset = 0;
+ uint16_t out_negotiate_context_count = 0;
uint16_t dialect = 0;
uint32_t capabilities;
DATA_BLOB out_guid_blob;
@@ -200,6 +211,53 @@ NTSTATUS smbd_smb2_request_process_negprot(struct
smbd_smb2_request *req)
return smbd_smb2_request_error(req, NT_STATUS_NOT_SUPPORTED);
}
+ if (protocol >= PROTOCOL_SMB3_10) {
+ uint32_t in_negotiate_context_offset = 0;
+ uint16_t in_negotiate_context_count = 0;
+ DATA_BLOB in_negotiate_context_blob = data_blob_null;
+ size_t ofs;
+
+ in_negotiate_context_offset = IVAL(inbody, 0x1C);
+ in_negotiate_context_count = SVAL(inbody, 0x20);
+
+ ofs = SMB2_HDR_BODY;
+ ofs += SMBD_SMB2_IN_BODY_LEN(req);
+ ofs += expected_dyn_size;
+ if ((ofs % 8) != 0) {
+ ofs += 8 - (ofs % 8);
+ }
+
+ if (in_negotiate_context_offset != ofs) {
+ return smbd_smb2_request_error(req,
+ NT_STATUS_INVALID_PARAMETER);
+ }
+
+ ofs -= SMB2_HDR_BODY;
+ ofs -= SMBD_SMB2_IN_BODY_LEN(req);
+
+ if (SMBD_SMB2_IN_DYN_LEN(req) < ofs) {
+ return smbd_smb2_request_error(req,
+ NT_STATUS_INVALID_PARAMETER);
+ }
+
+ in_negotiate_context_blob = data_blob_const(indyn,
+ SMBD_SMB2_IN_DYN_LEN(req));
+
+ in_negotiate_context_blob.data += ofs;
+ in_negotiate_context_blob.length -= ofs;
+
+ status = smb2_negotiate_context_parse(req,
+ in_negotiate_context_blob, &in_c);
+ if (!NT_STATUS_IS_OK(status)) {
--
Samba Shared Repository
