SessionSetupHelper.cs 4.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101
  1. /* Copyright (C) 2017 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
  2. *
  3. * You can redistribute this program and/or modify it under the terms of
  4. * the GNU Lesser Public License as published by the Free Software Foundation,
  5. * either version 3 of the License, or (at your option) any later version.
  6. */
  7. using System;
  8. using System.Collections.Generic;
  9. using SMBLibrary.Authentication;
  10. using SMBLibrary.SMB2;
  11. using Utilities;
  12. namespace SMBLibrary.Server.SMB2
  13. {
  14. /// <summary>
  15. /// Session Setup helper
  16. /// </summary>
  17. public class SessionSetupHelper
  18. {
  19. internal static SMB2Command GetSessionSetupResponse(SessionSetupRequest request, INTLMAuthenticationProvider users, SMB2ConnectionState state)
  20. {
  21. // [MS-SMB2] Windows [..] will also accept raw Kerberos messages and implicit NTLM messages as part of GSS authentication.
  22. SessionSetupResponse response = new SessionSetupResponse();
  23. byte[] messageBytes = request.SecurityBuffer;
  24. bool isRawMessage = true;
  25. if (!AuthenticationMessageUtils.IsSignatureValid(messageBytes))
  26. {
  27. messageBytes = GSSAPIHelper.GetNTLMSSPMessage(request.SecurityBuffer);
  28. isRawMessage = false;
  29. }
  30. if (!AuthenticationMessageUtils.IsSignatureValid(messageBytes))
  31. {
  32. return new ErrorResponse(request.CommandName, NTStatus.STATUS_NOT_SUPPORTED);
  33. }
  34. // According to [MS-SMB2] 3.3.5.5.3, response.Header.SessionID must be allocated if the server returns STATUS_MORE_PROCESSING_REQUIRED
  35. if (request.Header.SessionID == 0)
  36. {
  37. ulong? sessionID = state.AllocateSessionID();
  38. if (!sessionID.HasValue)
  39. {
  40. return new ErrorResponse(request.CommandName, NTStatus.STATUS_TOO_MANY_SESSIONS);
  41. }
  42. response.Header.SessionID = sessionID.Value;
  43. }
  44. MessageTypeName messageType = AuthenticationMessageUtils.GetMessageType(messageBytes);
  45. if (messageType == MessageTypeName.Negotiate)
  46. {
  47. NegotiateMessage negotiateMessage = new NegotiateMessage(messageBytes);
  48. ChallengeMessage challengeMessage = users.GetChallengeMessage(negotiateMessage);
  49. if (isRawMessage)
  50. {
  51. response.SecurityBuffer = challengeMessage.GetBytes();
  52. }
  53. else
  54. {
  55. response.SecurityBuffer = GSSAPIHelper.GetGSSTokenResponseBytesFromNTLMSSPMessage(challengeMessage.GetBytes());
  56. }
  57. response.Header.Status = NTStatus.STATUS_MORE_PROCESSING_REQUIRED;
  58. }
  59. else // MessageTypeName.Authenticate
  60. {
  61. AuthenticateMessage authenticateMessage = new AuthenticateMessage(messageBytes);
  62. bool loginSuccess;
  63. try
  64. {
  65. loginSuccess = users.Authenticate(authenticateMessage);
  66. }
  67. catch (EmptyPasswordNotAllowedException)
  68. {
  69. state.LogToServer(Severity.Information, "User '{0}' authentication using an empty password was rejected", authenticateMessage.UserName);
  70. return new ErrorResponse(request.CommandName, NTStatus.STATUS_ACCOUNT_RESTRICTION);
  71. }
  72. if (loginSuccess)
  73. {
  74. state.LogToServer(Severity.Information, "User '{0}' authenticated successfully", authenticateMessage.UserName);
  75. state.CreateSession(request.Header.SessionID, authenticateMessage.UserName);
  76. }
  77. else if (users.FallbackToGuest(authenticateMessage.UserName))
  78. {
  79. state.LogToServer(Severity.Information, "User '{0}' failed authentication. logged in as guest", authenticateMessage.UserName);
  80. state.CreateSession(request.Header.SessionID, "Guest");
  81. response.SessionFlags = SessionFlags.IsGuest;
  82. }
  83. else
  84. {
  85. state.LogToServer(Severity.Information, "User '{0}' failed authentication", authenticateMessage.UserName);
  86. return new ErrorResponse(request.CommandName, NTStatus.STATUS_LOGON_FAILURE);
  87. }
  88. if (!isRawMessage)
  89. {
  90. response.SecurityBuffer = GSSAPIHelper.GetGSSTokenAcceptCompletedResponse();
  91. }
  92. }
  93. return response;
  94. }
  95. }
  96. }