1*8ccd4a63SDavid du Colombier #include "headers.h"
2*8ccd4a63SDavid du Colombier
3*8ccd4a63SDavid du Colombier SmbProcessResult
smbnegotiate(SmbSession * s,SmbHeader * h,uchar *,SmbBuffer * b)4*8ccd4a63SDavid du Colombier smbnegotiate(SmbSession *s, SmbHeader *h, uchar *, SmbBuffer *b)
5*8ccd4a63SDavid du Colombier {
6*8ccd4a63SDavid du Colombier ushort index;
7*8ccd4a63SDavid du Colombier int i;
8*8ccd4a63SDavid du Colombier uchar bufferformat;
9*8ccd4a63SDavid du Colombier
10*8ccd4a63SDavid du Colombier if (!smbcheckwordcount("negotiate", h, 0))
11*8ccd4a63SDavid du Colombier return SmbProcessResultFormat;
12*8ccd4a63SDavid du Colombier if (s->state != SmbSessionNeedNegotiate) {
13*8ccd4a63SDavid du Colombier /* this acts as a complete session reset */
14*8ccd4a63SDavid du Colombier smblogprint(-1, "smbnegotiate: called when already negotiated\n");
15*8ccd4a63SDavid du Colombier return SmbProcessResultUnimp;
16*8ccd4a63SDavid du Colombier }
17*8ccd4a63SDavid du Colombier i = 0;
18*8ccd4a63SDavid du Colombier index = 0xffff;
19*8ccd4a63SDavid du Colombier while (smbbuffergetb(b, &bufferformat)) {
20*8ccd4a63SDavid du Colombier char *s;
21*8ccd4a63SDavid du Colombier if (bufferformat != 0x02) {
22*8ccd4a63SDavid du Colombier smblogprint(-1, "smbnegotiate: unrecognised buffer format 0x%.2ux\n", bufferformat);
23*8ccd4a63SDavid du Colombier return SmbProcessResultFormat;
24*8ccd4a63SDavid du Colombier }
25*8ccd4a63SDavid du Colombier if (!smbbuffergetstr(b, 0, &s)) {
26*8ccd4a63SDavid du Colombier smblogprint(-1, "smbnegotiate: no null found\n");
27*8ccd4a63SDavid du Colombier return SmbProcessResultFormat;
28*8ccd4a63SDavid du Colombier }
29*8ccd4a63SDavid du Colombier smblogprint(h->command, "smbnegotiate: '%s'\n", s);
30*8ccd4a63SDavid du Colombier if (index == 0xffff && strcmp(s, "NT LM 0.12") == 0)
31*8ccd4a63SDavid du Colombier index = i;
32*8ccd4a63SDavid du Colombier i++;
33*8ccd4a63SDavid du Colombier free(s);
34*8ccd4a63SDavid du Colombier }
35*8ccd4a63SDavid du Colombier if (index != 0xffff) {
36*8ccd4a63SDavid du Colombier Tm *tm;
37*8ccd4a63SDavid du Colombier ulong capabilities;
38*8ccd4a63SDavid du Colombier ulong bytecountfixupoffset;
39*8ccd4a63SDavid du Colombier
40*8ccd4a63SDavid du Colombier h->wordcount = 17;
41*8ccd4a63SDavid du Colombier if (!smbbufferputheader(s->response, h, nil)
42*8ccd4a63SDavid du Colombier || !smbbufferputs(s->response, index)
43*8ccd4a63SDavid du Colombier || !smbbufferputb(s->response, 3) /* user security, encrypted */
44*8ccd4a63SDavid du Colombier || !smbbufferputs(s->response, 1) /* max mux */
45*8ccd4a63SDavid du Colombier || !smbbufferputs(s->response, 1) /* max vc */
46*8ccd4a63SDavid du Colombier || !smbbufferputl(s->response, smbglobals.maxreceive) /* max buffer size */
47*8ccd4a63SDavid du Colombier || !smbbufferputl(s->response, 0x10000) /* max raw */
48*8ccd4a63SDavid du Colombier || !smbbufferputl(s->response, threadid())) /* session key */
49*8ccd4a63SDavid du Colombier goto die;
50*8ccd4a63SDavid du Colombier /* <= Win2k insist upon this being set to ensure that they observe the prototol (!) */
51*8ccd4a63SDavid du Colombier capabilities = CAP_NT_SMBS;
52*8ccd4a63SDavid du Colombier if (smbglobals.unicode)
53*8ccd4a63SDavid du Colombier capabilities |= CAP_UNICODE;
54*8ccd4a63SDavid du Colombier tm = localtime(time(nil));
55*8ccd4a63SDavid du Colombier s->tzoff = tm->tzoff;
56*8ccd4a63SDavid du Colombier if (!smbbufferputl(s->response, capabilities)
57*8ccd4a63SDavid du Colombier || !smbbufferputv(s->response, nsec() / 100 + (vlong)10000000 * 11644473600LL)
58*8ccd4a63SDavid du Colombier || !smbbufferputs(s->response, -s->tzoff / 60)
59*8ccd4a63SDavid du Colombier || !smbbufferputb(s->response, 8)) /* crypt len */
60*8ccd4a63SDavid du Colombier goto die;
61*8ccd4a63SDavid du Colombier bytecountfixupoffset = smbbufferwriteoffset(s->response);
62*8ccd4a63SDavid du Colombier if (!smbbufferputs(s->response, 0))
63*8ccd4a63SDavid du Colombier goto die;
64*8ccd4a63SDavid du Colombier s->cs = auth_challenge("proto=mschap role=server");
65*8ccd4a63SDavid du Colombier if (s->cs == nil) {
66*8ccd4a63SDavid du Colombier smblogprint(h->command, "smbnegotiate: couldn't get mschap challenge\n");
67*8ccd4a63SDavid du Colombier return SmbProcessResultMisc;
68*8ccd4a63SDavid du Colombier }
69*8ccd4a63SDavid du Colombier if (s->cs->nchal != 8) {
70*8ccd4a63SDavid du Colombier smblogprint(h->command, "smbnegotiate: nchal %d\n", s->cs->nchal);
71*8ccd4a63SDavid du Colombier return SmbProcessResultMisc;
72*8ccd4a63SDavid du Colombier }
73*8ccd4a63SDavid du Colombier if (!smbbufferputbytes(s->response, s->cs->chal, s->cs->nchal)
74*8ccd4a63SDavid du Colombier || !smbbufferputstring(s->response, nil, SMB_STRING_UNICODE, smbglobals.primarydomain)
75*8ccd4a63SDavid du Colombier || !smbbufferfixuprelatives(s->response, bytecountfixupoffset))
76*8ccd4a63SDavid du Colombier goto die;
77*8ccd4a63SDavid du Colombier }
78*8ccd4a63SDavid du Colombier else {
79*8ccd4a63SDavid du Colombier h->wordcount = 1;
80*8ccd4a63SDavid du Colombier if (!smbbufferputheader(s->response, h, nil)
81*8ccd4a63SDavid du Colombier || !smbbufferputs(s->response, index)
82*8ccd4a63SDavid du Colombier || !smbbufferputs(s->response, 0))
83*8ccd4a63SDavid du Colombier goto die;
84*8ccd4a63SDavid du Colombier }
85*8ccd4a63SDavid du Colombier s->state = SmbSessionNeedSetup;
86*8ccd4a63SDavid du Colombier return SmbProcessResultReply;
87*8ccd4a63SDavid du Colombier die:
88*8ccd4a63SDavid du Colombier return SmbProcessResultDie;
89*8ccd4a63SDavid du Colombier }
90