Home Explore Help
Sign In
coder
/
SMBLibrary-Fork
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: e639361c9c
Branches Tags
SMBLibrary-F...
/
SMBLibrary
/
Server
/
SMB2
/
SessionSetupHelper.cs

SessionSetupHelper.cs 4.5 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879 
  1. /* Copyright (C) 2017 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
    2. 

  2.  * 
    3. 

  3.  * You can redistribute this program and/or modify it under the terms of
    4. 

  4.  * the GNU Lesser Public License as published by the Free Software Foundation,
    5. 

  5.  * either version 3 of the License, or (at your option) any later version.
    6. 

  6.  */
    7. 

  7. using System;
    8. 

  8. using System.Collections.Generic;
    9. 

  9. using SMBLibrary.Authentication.GSSAPI;
    10. 

  10. using SMBLibrary.Authentication.NTLM;
    11. 

  11. using SMBLibrary.SMB2;
    12. 

  12. using Utilities;
    13. 

  13. 

  14. namespace SMBLibrary.Server.SMB2
    15. 

  15. {
    16. 

  16.     /// <summary>
    17. 

  17.     /// Session Setup helper
    18. 

  18.     /// </summary>
    19. 

  19.     internal class SessionSetupHelper
    20. 

  20.     {
    21. 

  21.         internal static SMB2Command GetSessionSetupResponse(SessionSetupRequest request, GSSProvider securityProvider, SMB2ConnectionState state)
    22. 

  22.         {
    23. 

  23.             // [MS-SMB2] Windows [..] will also accept raw Kerberos messages and implicit NTLM messages as part of GSS authentication.
    24. 

  24.             SessionSetupResponse response = new SessionSetupResponse();
    25. 

  25.             byte[] outputToken;
    26. 

  26.             NTStatus status = securityProvider.AcceptSecurityContext(ref state.AuthenticationContext, request.SecurityBuffer, out outputToken);
    27. 

  27.             if (status != NTStatus.STATUS_SUCCESS && status != NTStatus.SEC_I_CONTINUE_NEEDED)
    28. 

  28.             {
    29. 

  29.                 string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string;
    30. 

  30.                 string domainName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.DomainName) as string;
    31. 

  31.                 string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string;
    32. 

  32.                 state.LogToServer(Severity.Information, "User '{0}' failed authentication (Domain: '{1}', Workstation: '{2}'), NTStatus: {3}", userName, domainName, machineName, status);
    33. 

  33.                 return new ErrorResponse(request.CommandName, status);
    34. 

  34.             }
    35. 

  35. 

  36.             if (outputToken != null)
    37. 

  37.             {
    38. 

  38.                 response.SecurityBuffer = outputToken;
    39. 

  39.             }
    40. 

  40. 

  41.             // According to [MS-SMB2] 3.3.5.5.3, response.Header.SessionID must be allocated if the server returns STATUS_MORE_PROCESSING_REQUIRED
    42. 

  42.             if (request.Header.SessionID == 0)
    43. 

  43.             {
    44. 

  44.                 ulong? sessionID = state.AllocateSessionID();
    45. 

  45.                 if (!sessionID.HasValue)
    46. 

  46.                 {
    47. 

  47.                     return new ErrorResponse(request.CommandName, NTStatus.STATUS_TOO_MANY_SESSIONS);
    48. 

  48.                 }
    49. 

  49.                 response.Header.SessionID = sessionID.Value;
    50. 

  50.             }
    51. 

  51. 

  52.             if (status == NTStatus.SEC_I_CONTINUE_NEEDED)
    53. 

  53.             {
    54. 

  54.                 response.Header.Status = NTStatus.STATUS_MORE_PROCESSING_REQUIRED;
    55. 

  55.             }
    56. 

  56.             else // status == STATUS_SUCCESS
    57. 

  57.             {
    58. 

  58.                 string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string;
    59. 

  59.                 string domainName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.DomainName) as string;
    60. 

  60.                 string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string;
    61. 

  61.                 byte[] sessionKey = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.SessionKey) as byte[];
    62. 

  62.                 object accessToken = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.AccessToken);
    63. 

  63.                 bool? isGuest = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.IsGuest) as bool?;
    64. 

  64.                 if (!isGuest.HasValue || !isGuest.Value)
    65. 

  65.                 {
    66. 

  66.                     state.LogToServer(Severity.Information, "User '{0}' authenticated successfully (Domain: '{1}', Workstation: '{2}').", userName, domainName, machineName);
    67. 

  67.                     state.CreateSession(request.Header.SessionID, userName, machineName, sessionKey, accessToken);
    68. 

  68.                 }
    69. 

  69.                 else
    70. 

  70.                 {
    71. 

  71.                     state.LogToServer(Severity.Information, "User '{0}' failed authentication (Domain: '{1}', Workstation: '{2}'), logged in as guest.", userName, domainName, machineName);
    72. 

  72.                     state.CreateSession(request.Header.SessionID, "Guest", machineName, sessionKey, accessToken);
    73. 

  73.                     response.SessionFlags = SessionFlags.IsGuest;
    74. 

  74.                 }
    75. 

  75.             }
    76. 

  76.             return response;
    77. 

  77.         }
    78. 

  78.     }
    79. 

  79. }
    80.