| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145 |
- /* Copyright (C) 2017-2020 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
- *
- * You can redistribute this program and/or modify it under the terms of
- * the GNU Lesser Public License as published by the Free Software Foundation,
- * either version 3 of the License, or (at your option) any later version.
- */
- using System;
- using System.Collections.Generic;
- using SMBLibrary.Authentication.GSSAPI;
- using SMBLibrary.NetBios;
- using SMBLibrary.SMB2;
- using Utilities;
- namespace SMBLibrary.Server.SMB2
- {
- /// <summary>
- /// Negotiate helper
- /// </summary>
- internal class NegotiateHelper
- {
- public const string SMB2002Dialect = "SMB 2.002";
- public const string SMB2xxxDialect = "SMB 2.???";
- public const uint ServerMaxTransactSize = 65536;
- public const uint ServerMaxReadSize = 65536;
- public const uint ServerMaxWriteSize = 65536;
- public const uint ServerMaxTransactSizeLargeMTU = 8388608;
- public const uint ServerMaxReadSizeLargeMTU = 8388608;
- public const uint ServerMaxWriteSizeLargeMTU = 8388608;
- // Special case - SMB2 client initially connecting using SMB1
- internal static SMB2Command GetNegotiateResponse(List<string> smb2Dialects, GSSProvider securityProvider, ConnectionState state, SMBTransportType transportType, Guid serverGuid, DateTime serverStartTime)
- {
- NegotiateResponse response = new NegotiateResponse();
- response.Header.Credits = 1;
- if (smb2Dialects.Contains(SMB2xxxDialect))
- {
- response.DialectRevision = SMB2Dialect.SMB2xx;
- }
- else if (smb2Dialects.Contains(SMB2002Dialect))
- {
- state.Dialect = SMBDialect.SMB202;
- response.DialectRevision = SMB2Dialect.SMB202;
- }
- else
- {
- throw new ArgumentException("SMB2 dialect is not present");
- }
- response.SecurityMode = SecurityMode.SigningEnabled;
- response.ServerGuid = serverGuid;
- if (state.Dialect != SMBDialect.SMB202 && transportType == SMBTransportType.DirectTCPTransport)
- {
- response.Capabilities = Capabilities.LargeMTU;
- response.MaxTransactSize = ServerMaxTransactSizeLargeMTU;
- response.MaxReadSize = ServerMaxReadSizeLargeMTU;
- response.MaxWriteSize = ServerMaxWriteSizeLargeMTU;
- // [MS-SMB2] 3.3.5.2 Receiving Any Message - If the length of the message exceeds Connection.MaxTransactSize + 256, the server MUST disconnect the connection.
- int maxPacketSize = SessionPacket.HeaderLength + (int)ServerMaxTransactSize + 256;
- if (maxPacketSize > state.ReceiveBuffer.Buffer.Length)
- {
- state.ReceiveBuffer.IncreaseBufferSize(maxPacketSize);
- }
- }
- else
- {
- response.MaxTransactSize = ServerMaxTransactSize;
- response.MaxReadSize = ServerMaxReadSize;
- response.MaxWriteSize = ServerMaxWriteSize;
- }
- response.SystemTime = DateTime.Now;
- response.ServerStartTime = serverStartTime;
- response.SecurityBuffer = securityProvider.GetSPNEGOTokenInitBytes();
- return response;
- }
- internal static SMB2Command GetNegotiateResponse(NegotiateRequest request, GSSProvider securityProvider, ConnectionState state, SMBTransportType transportType, Guid serverGuid, DateTime serverStartTime)
- {
- NegotiateResponse response = new NegotiateResponse();
- if (request.Dialects.Contains(SMB2Dialect.SMB210))
- {
- state.Dialect = SMBDialect.SMB210;
- response.DialectRevision = SMB2Dialect.SMB210;
- }
- else if (request.Dialects.Contains(SMB2Dialect.SMB202))
- {
- state.Dialect = SMBDialect.SMB202;
- response.DialectRevision = SMB2Dialect.SMB202;
- }
- else
- {
- state.LogToServer(Severity.Verbose, "Negotiate failure: None of the requested SMB2 dialects is supported");
- return new ErrorResponse(request.CommandName, NTStatus.STATUS_NOT_SUPPORTED);
- }
- response.SecurityMode = SecurityMode.SigningEnabled;
- response.ServerGuid = serverGuid;
- if (state.Dialect != SMBDialect.SMB202 && transportType == SMBTransportType.DirectTCPTransport)
- {
- response.Capabilities = Capabilities.LargeMTU;
- response.MaxTransactSize = ServerMaxTransactSizeLargeMTU;
- response.MaxReadSize = ServerMaxReadSizeLargeMTU;
- response.MaxWriteSize = ServerMaxWriteSizeLargeMTU;
- // [MS-SMB2] 3.3.5.2 Receiving Any Message - If the length of the message exceeds Connection.MaxTransactSize + 256, the server MUST disconnect the connection.
- int maxPacketSize = SessionPacket.HeaderLength + (int)ServerMaxTransactSize + 256;
- if (maxPacketSize > state.ReceiveBuffer.Buffer.Length)
- {
- state.ReceiveBuffer.IncreaseBufferSize(maxPacketSize);
- }
- }
- else
- {
- response.MaxTransactSize = ServerMaxTransactSize;
- response.MaxReadSize = ServerMaxReadSize;
- response.MaxWriteSize = ServerMaxWriteSize;
- }
- response.SystemTime = DateTime.Now;
- response.ServerStartTime = serverStartTime;
- response.SecurityBuffer = securityProvider.GetSPNEGOTokenInitBytes();
- return response;
- }
- internal static List<string> FindSMB2Dialects(SMBLibrary.SMB1.SMB1Message message)
- {
- if (message.Commands.Count > 0 && message.Commands[0] is SMBLibrary.SMB1.NegotiateRequest)
- {
- SMBLibrary.SMB1.NegotiateRequest request = (SMBLibrary.SMB1.NegotiateRequest)message.Commands[0];
- return FindSMB2Dialects(request);
- }
- return new List<string>();
- }
- internal static List<string> FindSMB2Dialects(SMBLibrary.SMB1.NegotiateRequest request)
- {
- List<string> result = new List<string>();
- if (request.Dialects.Contains(SMB2002Dialect))
- {
- result.Add(SMB2002Dialect);
- }
- if (request.Dialects.Contains(SMB2xxxDialect))
- {
- result.Add(SMB2xxxDialect);
- }
- return result;
- }
- }
- }
|
