|
@@ -0,0 +1,135 @@
|
|
|
+
|
|
|
+ *
|
|
|
+ * You can redistribute this program and/or modify it under the terms of
|
|
|
+ * the GNU Lesser Public License as published by the Free Software Foundation,
|
|
|
+ * either version 3 of the License, or (at your option) any later version.
|
|
|
+ */
|
|
|
+using System;
|
|
|
+using System.Collections.Generic;
|
|
|
+using System.Text;
|
|
|
+using SMBLibrary.Authentication;
|
|
|
+using SMBLibrary.SMB1;
|
|
|
+using Utilities;
|
|
|
+
|
|
|
+namespace SMBLibrary.Server.SMB1
|
|
|
+{
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ public class SessionSetupHelper
|
|
|
+ {
|
|
|
+ internal static SMB1Command GetSessionSetupResponse(SMB1Header header, SessionSetupAndXRequest request, INTLMAuthenticationProvider users, SMB1ConnectionState state)
|
|
|
+ {
|
|
|
+ SessionSetupAndXResponse response = new SessionSetupAndXResponse();
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ User user;
|
|
|
+ try
|
|
|
+ {
|
|
|
+ user = users.Authenticate(request.AccountName, request.OEMPassword, request.UnicodePassword);
|
|
|
+ }
|
|
|
+ catch (EmptyPasswordNotAllowedException)
|
|
|
+ {
|
|
|
+ header.Status = NTStatus.STATUS_ACCOUNT_RESTRICTION;
|
|
|
+ return new ErrorResponse(CommandName.SMB_COM_SESSION_SETUP_ANDX);
|
|
|
+ }
|
|
|
+
|
|
|
+ if (user != null)
|
|
|
+ {
|
|
|
+ response.PrimaryDomain = request.PrimaryDomain;
|
|
|
+ header.UID = state.AddConnectedUser(user.AccountName);
|
|
|
+ }
|
|
|
+ else if (users.EnableGuestLogin)
|
|
|
+ {
|
|
|
+ response.Action = SessionSetupAction.SetupGuest;
|
|
|
+ response.PrimaryDomain = request.PrimaryDomain;
|
|
|
+ header.UID = state.AddConnectedUser("Guest");
|
|
|
+ }
|
|
|
+ else
|
|
|
+ {
|
|
|
+ header.Status = NTStatus.STATUS_LOGON_FAILURE;
|
|
|
+ return new ErrorResponse(CommandName.SMB_COM_SESSION_SETUP_ANDX);
|
|
|
+ }
|
|
|
+ if ((request.Capabilities & ServerCapabilities.LargeRead) > 0)
|
|
|
+ {
|
|
|
+ state.LargeRead = true;
|
|
|
+ }
|
|
|
+ if ((request.Capabilities & ServerCapabilities.LargeWrite) > 0)
|
|
|
+ {
|
|
|
+ state.LargeWrite = true;
|
|
|
+ }
|
|
|
+ response.NativeOS = String.Empty;
|
|
|
+ response.NativeLanMan = String.Empty;
|
|
|
+
|
|
|
+ return response;
|
|
|
+ }
|
|
|
+
|
|
|
+ internal static SMB1Command GetSessionSetupResponseExtended(SMB1Header header, SessionSetupAndXRequestExtended request, INTLMAuthenticationProvider users, SMB1ConnectionState state)
|
|
|
+ {
|
|
|
+ SessionSetupAndXResponseExtended response = new SessionSetupAndXResponseExtended();
|
|
|
+
|
|
|
+
|
|
|
+ byte[] messageBytes = request.SecurityBlob;
|
|
|
+ bool isRawMessage = true;
|
|
|
+ if (!AuthenticationMessageUtils.IsSignatureValid(messageBytes))
|
|
|
+ {
|
|
|
+ messageBytes = GSSAPIHelper.GetNTLMSSPMessage(request.SecurityBlob);
|
|
|
+ isRawMessage = false;
|
|
|
+ }
|
|
|
+ if (!AuthenticationMessageUtils.IsSignatureValid(messageBytes))
|
|
|
+ {
|
|
|
+ header.Status = NTStatus.STATUS_NOT_IMPLEMENTED;
|
|
|
+ return new ErrorResponse(CommandName.SMB_COM_SESSION_SETUP_ANDX);
|
|
|
+ }
|
|
|
+
|
|
|
+ MessageTypeName messageType = AuthenticationMessageUtils.GetMessageType(messageBytes);
|
|
|
+ if (messageType == MessageTypeName.Negotiate)
|
|
|
+ {
|
|
|
+ byte[] challengeMessageBytes = users.GetChallengeMessageBytes(messageBytes);
|
|
|
+ if (isRawMessage)
|
|
|
+ {
|
|
|
+ response.SecurityBlob = challengeMessageBytes;
|
|
|
+ }
|
|
|
+ else
|
|
|
+ {
|
|
|
+ response.SecurityBlob = GSSAPIHelper.GetGSSTokenResponseBytesFromNTLMSSPMessage(challengeMessageBytes);
|
|
|
+ }
|
|
|
+ header.Status = NTStatus.STATUS_MORE_PROCESSING_REQUIRED;
|
|
|
+ }
|
|
|
+ else
|
|
|
+ {
|
|
|
+ User user;
|
|
|
+ try
|
|
|
+ {
|
|
|
+ user = users.Authenticate(messageBytes);
|
|
|
+ }
|
|
|
+ catch (EmptyPasswordNotAllowedException)
|
|
|
+ {
|
|
|
+ header.Status = NTStatus.STATUS_ACCOUNT_RESTRICTION;
|
|
|
+ return new ErrorResponse(CommandName.SMB_COM_SESSION_SETUP_ANDX);
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+ if (user != null)
|
|
|
+ {
|
|
|
+ header.UID = state.AddConnectedUser(user.AccountName);
|
|
|
+ }
|
|
|
+ else if (users.EnableGuestLogin)
|
|
|
+ {
|
|
|
+ response.Action = SessionSetupAction.SetupGuest;
|
|
|
+ header.UID = state.AddConnectedUser("Guest");
|
|
|
+ }
|
|
|
+ else
|
|
|
+ {
|
|
|
+ header.Status = NTStatus.STATUS_LOGON_FAILURE;
|
|
|
+ return new ErrorResponse(CommandName.SMB_COM_SESSION_SETUP_ANDX);
|
|
|
+ }
|
|
|
+ }
|
|
|
+ response.NativeOS = String.Empty;
|
|
|
+ response.NativeLanMan = String.Empty;
|
|
|
+
|
|
|
+ return response;
|
|
|
+ }
|
|
|
+ }
|
|
|
+}
|