SMB2: Retrieve SessionKey from GSS mechanism and store it in SMB2Session

SMBLibrary/Server/ConnectionState/SMB2ConnectionState.cs

@@ -44,9 +44,9 @@ namespace SMBLibrary.Server
             return null;
         }
 
-        public SMB2Session CreateSession(ulong sessionID, string userName, string machineName, object accessToken)
+        public SMB2Session CreateSession(ulong sessionID, string userName, string machineName, byte[] sessionKey, object accessToken)
         {
-            SMB2Session session = new SMB2Session(this, sessionID, userName, machineName, accessToken);
+            SMB2Session session = new SMB2Session(this, sessionID, userName, machineName, sessionKey, accessToken);
             m_sessions.Add(sessionID, session);
             return session;
         }

SMBLibrary/Server/ConnectionState/SMB2Session.cs

@@ -16,6 +16,7 @@ namespace SMBLibrary.Server
     {
         private SMB2ConnectionState m_connection;
         private ulong m_sessionID;
+        private byte[] m_sessionKey;
         private SecurityContext m_securityContext;
 
         // Key is TreeID
@@ -28,10 +29,11 @@ namespace SMBLibrary.Server
         // Key is the persistent portion of the FileID
         private Dictionary<ulong, OpenSearch> m_openSearches = new Dictionary<ulong, OpenSearch>();
 
-        public SMB2Session(SMB2ConnectionState connection, ulong sessionID, string userName, string machineName, object accessToken)
+        public SMB2Session(SMB2ConnectionState connection, ulong sessionID, string userName, string machineName, byte[] sessionKey, object accessToken)
         {
             m_connection = connection;
             m_sessionID = sessionID;
+            m_sessionKey = sessionKey;
             m_securityContext = new SecurityContext(userName, machineName, connection.ClientEndPoint, connection.AuthenticationContext, accessToken);
         }
 
@@ -138,6 +140,14 @@ namespace SMBLibrary.Server
             m_openSearches.Remove(fileID);
         }
 
+        public byte[] SessionKey
+        {
+            get
+            {
+                return m_sessionKey;
+            }
+        }
+
         public SecurityContext SecurityContext
         {
             get

SMBLibrary/Server/SMB2/SessionSetupHelper.cs

@@ -55,17 +55,18 @@ namespace SMBLibrary.Server.SMB2
             {
                 string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string;
                 string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string;
+                byte[] sessionKey = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.SessionKey) as byte[];
                 object accessToken = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.AccessToken);
                 bool? isGuest = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.IsGuest) as bool?;
                 if (!isGuest.HasValue || !isGuest.Value)
                 {
                     state.LogToServer(Severity.Information, "User '{0}' authenticated successfully.", userName);
-                    state.CreateSession(request.Header.SessionID, userName, machineName, accessToken);
+                    state.CreateSession(request.Header.SessionID, userName, machineName, sessionKey, accessToken);
                 }
                 else
                 {
                     state.LogToServer(Severity.Information, "User '{0}' failed authentication, logged in as guest.", userName);
-                    state.CreateSession(request.Header.SessionID, "Guest", machineName, accessToken);
+                    state.CreateSession(request.Header.SessionID, "Guest", machineName, sessionKey, accessToken);
                     response.SessionFlags = SessionFlags.IsGuest;
                 }
             }