The branch, master has been updated via db94eefdd54 s3: smbd: Plumb in and use smbd_smb2_server_connection_read_handler() when server min protocol > NT1 (i.e. SMB2-only). via 5c180649fe6 s3: smbd: Add SMB2-only smbd_smb2_server_connection_read_handler(). via 4f4c40bc6e4 s3: smbd: Rename smbd_server_connection_read_handler() smbd_smb1_server_connection_read_handler() from 40f2070d3b2 s4:auth: let authenticate_ldap_simple_bind() pass down the mapped nt4names
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit db94eefdd540e5c143f4ace9bde0bf689b089c97 Author: Jeremy Allison <j...@samba.org> Date: Mon Mar 7 17:47:15 2022 -0800 s3: smbd: Plumb in and use smbd_smb2_server_connection_read_handler() when server min protocol > NT1 (i.e. SMB2-only). This will allow us to remove the SMB1 server specific code when we disable SMB1, and still retain the ability to negotiate up from SMB1 -> SMB2 for old clients. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: David Mulder <dmul...@samba.org> Autobuild-User(master): David Mulder <dmul...@samba.org> Autobuild-Date(master): Thu Mar 10 17:53:26 UTC 2022 on sn-devel-184 commit 5c180649fe6174bcf39b05963ca6e03bb38129a7 Author: Jeremy Allison <j...@samba.org> Date: Mon Mar 7 16:08:46 2022 -0800 s3: smbd: Add SMB2-only smbd_smb2_server_connection_read_handler(). Restricts negotiation to SMB2-only. This will make it easier to remove the SMB1-only parts of the server later. The only allowed pre-SMB2 requests are a NBSSrequest (to set the client NetBIOS name) and a 'normal' NBSSmessage containing an SMB1 negprot. This allows smbd_smb2_server_connection_read_handler() to work with older clients that use an initial SMB1negprot to bootstrap into SMB2. Eventually all other parts of the SMB1 server will be removed. Not yet used. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: David Mulder <dmul...@samba.org> commit 4f4c40bc6e442a31237e2ccd2f9c80a56f3d1401 Author: Jeremy Allison <j...@samba.org> Date: Mon Mar 7 17:45:23 2022 -0800 s3: smbd: Rename smbd_server_connection_read_handler() smbd_smb1_server_connection_read_handler() Matches the name for the SMB2 connection read handler we're about to use. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: David Mulder <dmul...@samba.org> ----------------------------------------------------------------------- Summary of changes: source3/smbd/process.c | 127 +++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 124 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/process.c b/source3/smbd/process.c index c7a346d8619..54b3bb88e01 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -2554,7 +2554,122 @@ static void smbd_server_connection_write_handler( /* TODO: make write nonblocking */ } -static void smbd_server_connection_read_handler( +static void smbd_smb2_server_connection_read_handler( + struct smbXsrv_connection *xconn, int fd) +{ + char lenbuf[NBT_HDR_SIZE]; + size_t len = 0; + uint8_t *buffer = NULL; + size_t bufferlen = 0; + NTSTATUS status; + uint8_t msg_type = 0; + + /* Read the first 4 bytes - contains length of remainder. */ + status = read_smb_length_return_keepalive(fd, lenbuf, 0, &len); + if (!NT_STATUS_IS_OK(status)) { + exit_server_cleanly("failed to receive request length"); + return; + } + + /* Integer wrap check. */ + if (len + NBT_HDR_SIZE < len) { + exit_server_cleanly("Invalid length on initial request"); + return; + } + + /* + * The +4 here can't wrap, we've checked the length above already. + */ + bufferlen = len+NBT_HDR_SIZE; + + buffer = talloc_array(talloc_tos(), uint8_t, bufferlen); + if (buffer == NULL) { + DBG_ERR("Could not allocate request inbuf of length %zu\n", + bufferlen); + exit_server_cleanly("talloc fail"); + return; + } + + /* Copy the NBT_HDR_SIZE length. */ + memcpy(buffer, lenbuf, sizeof(lenbuf)); + + status = read_packet_remainder(fd, (char *)buffer+NBT_HDR_SIZE, 0, len); + if (!NT_STATUS_IS_OK(status)) { + exit_server_cleanly("Failed to read remainder of initial request"); + return; + } + + /* Check the message type. */ + msg_type = PULL_LE_U8(buffer,0); + if (msg_type == NBSSrequest) { + /* + * clients can send this request before + * bootstrapping into SMB2. Cope with this + * message only, don't allow any other strange + * NBSS types. + */ + reply_special(xconn, (char *)buffer, bufferlen); + xconn->client->sconn->num_requests++; + return; + } + + /* Only a 'normal' message type allowed now. */ + if (msg_type != NBSSmessage) { + DBG_ERR("Invalid message type %d\n", msg_type); + exit_server_cleanly("Invalid message type for initial request"); + return; + } + + /* Could this be an SMB1 negprot bootstrap into SMB2 ? */ + if (bufferlen < smb_size) { + exit_server_cleanly("Invalid initial SMB1 or SMB2 packet"); + return; + } + if (valid_smb_header(buffer)) { + /* Can *only* allow an SMB1 negprot here. */ + uint8_t cmd = PULL_LE_U8(buffer, smb_com); + if (cmd != SMBnegprot) { + DBG_ERR("Incorrect SMB1 command 0x%hhx, " + "should be SMBnegprot (0x72)\n", + cmd); + exit_server_cleanly("Invalid initial SMB1 packet"); + } + /* Minimal process_smb(). */ + show_msg((char *)buffer); + construct_reply(xconn, + (char *)buffer, + bufferlen, + 0, + 0, + false, + NULL); + xconn->client->sconn->trans_num++; + xconn->client->sconn->num_requests++; + return; + + } else if (!smbd_is_smb2_header(buffer, bufferlen)) { + exit_server_cleanly("Invalid initial SMB2 packet"); + return; + } + + /* Here we know we're a valid SMB2 packet. */ + + /* + * Point at the start of the SMB2 PDU. + * len is the length of the SMB2 PDU. + */ + + status = smbd_smb2_process_negprot(xconn, + 0, + (const uint8_t *)buffer+NBT_HDR_SIZE, + len); + if (!NT_STATUS_IS_OK(status)) { + exit_server_cleanly("SMB2 negprot fail"); + } + return; +} + +static void smbd_smb1_server_connection_read_handler( struct smbXsrv_connection *xconn, int fd) { uint8_t *inbuf = NULL; @@ -2642,7 +2757,13 @@ static void smbd_server_connection_handler(struct tevent_context *ev, return; } if (flags & TEVENT_FD_READ) { - smbd_server_connection_read_handler(xconn, xconn->transport.sock); + if (lp_server_min_protocol() > PROTOCOL_NT1) { + smbd_smb2_server_connection_read_handler(xconn, + xconn->transport.sock); + } else { + smbd_smb1_server_connection_read_handler(xconn, + xconn->transport.sock); + } return; } } @@ -2670,7 +2791,7 @@ static void smbd_server_echo_handler(struct tevent_context *ev, return; } if (flags & TEVENT_FD_READ) { - smbd_server_connection_read_handler( + smbd_smb1_server_connection_read_handler( xconn, xconn->smb1.echo_handler.trusted_fd); return; } -- Samba Shared Repository