|
|
/*++
Copyright (c) 1989 Microsoft Corporation
Module Name:
smbce.h
Abstract:
This module defines all functions, along with implementations for inline functions related to accessing the SMB connection engine
Revision History:
Balan Sethu Raman [SethuR] 6-March-1995
--*/
#ifndef _SMBCE_H_
#define _SMBCE_H_
#define SECURITY_KERNEL
#define SECURITY_NTLM
#include "security.h"
#include "secint.h"
#include "md5.h"
//
// The SMB protocol has a number of dialects. These reflect the extensions made
// to the core protocol over a period of time to cater to increasingly sophisticated
// file systems. The connection engine must be capable of dealing with different
// dialects implemented by server. The underlying Transport mechanism is used to
// uniquely identify the file server and the SMB protocol furnishes the remaining
// identification information to uniquely map an SMB onto a particular file opened by
// a particular client. The three important pieces of information are the SMB_TREE_ID,
// SMB_FILE_ID and SMB_USER_ID. These identify the particular connection made by a
// client machine, the particular file opened on that connection, and the user on
// behalf of whom the file has been opened. Note that there could be multiple
// connections from a client machine to a server machine. Therefore the unique id. is
// really connection based rather than machine based. The SMB connection engine
// data structures are built around these concepts.
//
// The known SMB dialects are as follows.
//
typedef enum _SMB_DIALECT_ { PCNET1_DIALECT, //XENIXCORE_DIALECT,
//MSNET103_DIALECT,
LANMAN10_DIALECT, WFW10_DIALECT, LANMAN12_DIALECT, LANMAN21_DIALECT, NTLANMAN_DIALECT} SMB_DIALECT, *PSMB_DIALECT;
#define NET_ROOT_FILESYSTEM_UNKOWN ((UCHAR)0)
#define NET_ROOT_FILESYSTEM_FAT ((UCHAR)1)
#define NET_ROOT_FILESYSTEM_NTFS ((UCHAR)2)
typedef UCHAR NET_ROOT_FILESYSTEM, *PNET_ROOT_FILESYSTEM;
//
// The SMBCE_NET_ROOT encapsulates the information pertaining to a share on a server.
//
//we restrict to the first 7 characters (HPFS386)
#define SMB_MAXIMUM_SUPPORTED_VOLUME_LABEL 7
#define MaximumNumberOfVNetRootContextsForScavenging 10
typedef struct _SMBCE_NET_ROOT_ { BOOLEAN DfsAware;
NET_ROOT_TYPE NetRootType; NET_ROOT_FILESYSTEM NetRootFileSystem;
SMB_USER_ID UserId;
ULONG MaximumReadBufferSize; ULONG MaximumWriteBufferSize;
LIST_ENTRY ClusterSizeSerializationQueue;
ULONG FileSystemAttributes;
LONG MaximumComponentNameLength;
USHORT CompressionFormatAndEngine; UCHAR CompressionUnitShift; UCHAR ChunkShift; UCHAR ClusterShift;
ULONG ChunkSize;
//CSC Stuff
CSC_ROOT_INFO sCscRootInfo;
ULONG CachedNumberOfSrvOpens;
BOOLEAN CscEnabled; //this, if we are to automatically build shadows
BOOLEAN CscShadowable; //this, if we are allowed to build shadows
USHORT CscFlags; // CSC flags as returned by the server
BOOLEAN UpdateCscShareRights; // indication to update share rights on the CSC database
BOOLEAN Disconnected;
LIST_ENTRY DirNotifyList; // head of a list of notify Irps.
PNOTIFY_SYNC pNotifySync; // used to synchronize the dir notify list.
LIST_ENTRY NotifyeeFobxList; // list of fobx's given to the fsrtl structure
FAST_MUTEX NotifyeeFobxListMutex;
union { struct { USHORT FileSystemNameLength; WCHAR FileSystemName[SMB_MAXIMUM_SUPPORTED_VOLUME_LABEL]; }; struct { USHORT Pad2; UCHAR FileSystemNameALength; UCHAR FileSystemNameA[SMB_MAXIMUM_SUPPORTED_VOLUME_LABEL]; UCHAR Pad; //this field is used for a null in a dbgprint; don't move it
}; };
//ULONG ClusterSize;
} SMBCE_NET_ROOT, *PSMBCE_NET_ROOT;
//
// There are two levels of security in the SMB protocol. User level security and Share level
// security. Corresponding to each user in the user level security mode there is a session.
//
// Typically the password, user name and domain name strings associated with the session entry
// revert to the default values, i.e., they are zero. In the event that they are not zero the
// SessionString represents a concatenated version of the password,user name and domain name in
// that order. This representation in a concatenated way yields us a savings of atleast 3
// USHORT's over other representations.
//
typedef enum _SECURITY_MODE_ { SECURITY_MODE_SHARE_LEVEL = 0, SECURITY_MODE_USER_LEVEL = 1} SECURITY_MODE, *PSECURITY_MODE;
#define SMBCE_SHARE_LEVEL_SERVER_USERID 0xffffffff
typedef enum _SESSION_TYPE_ { UNINITIALIZED_SESSION, LANMAN_SESSION, EXTENDED_NT_SESSION} SESSION_TYPE, *PSESSION_TYPE;
#define SMBCE_SESSION_FLAGS_LANMAN_SESSION_KEY_USED (0x2)
#define SMBCE_SESSION_FLAGS_NULL_CREDENTIALS (0x4)
#define SMBCE_SESSION_FLAGS_REMOTE_BOOT_SESSION (0x8)
#define SMBCE_SESSION_FLAGS_GUEST_SESSION (0x10)
#define SMBCE_SESSION_FLAGS_LOGGED_OFF (0x20)
#define SMBCE_SESSION_FLAGS_MARKED_FOR_DELETION (0x40)
#define SMBCE_SESSION_FLAGS_SECSIG_ENABLED (0x80)
typedef struct _SMBCE_SESSION_ { SESSION_TYPE Type; SMB_USER_ID UserId;
// Flags associated with the session.
ULONG Flags;
LUID LogonId; PUNICODE_STRING pUserName; PUNICODE_STRING pPassword; PUNICODE_STRING pUserDomainName;
UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH]; UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
// The credential and context handles.
CtxtHandle SecurityContextHandle; CredHandle CredentialHandle; ULONG SessionId; ULONG SessionKeyLength;
ULONG NumberOfActiveVNetRoot; ULONG TargetInfoLength; PUSHORT TargetInfoMarshalled;} SMBCE_SESSION, *PSMBCE_SESSION;
extern VOIDUninitializeSecurityContextsForSession(PSMBCE_SESSION pSession);
extern VOIDDeleteSecurityContextForSession(PSMBCE_SESSION pSession);
//
// SMBCE_*_SERVER -- This data structure encapsulates all the information related to a server.
// Since there are multiple dialects of the SMB protocol, the capabilities as well as the
// actions that need to be taken at the client machine are very different.
//
// Owing to the number of dialects of the SMB protocol we have two design possibilities.
// Either we define an all encompassing data structure and have a code path that
// uses the dialect and the capabilities of the connection to determine the action
// required, or we use a subclassing mechanism associated with a dispatch vector.
// The advantage of the second mechanism is that it can be developed incrementally and
// it is very easily extensible. The disadvantage of this mechanism is that it can
// lead to a very large footprint, if sufficient care is not exercised during
// factorization and we could have lots and lots of procedure calls which has an
// adverse effect on the code generated.
//
// We will adopt the second approach ( Thereby implicitly defining the metrics by
// which the code should be evaluated !! ).
//
// The types of SMBCE_SERVER's can be classified in the following hierarchy
//
// SMBCE_SERVER
//
// SMBCE_USER_LEVEL_SERVER
//
// SMBCE_NT_SERVER
//
// SMBCE_SHARE_LEVEL_SERVER
//
// The dispatch vector which defines the set of methods supported by all the connections
// (virtual functions in C++ terminology) are as follows
//
#define RAW_READ_CAPABILITY 0x0001
#define RAW_WRITE_CAPABILITY 0x0002
#define COMPRESSED_DATA_CAPABILITY 0x0008
#define ECHO_PROBE_IDLE 0x1
#define ECHO_PROBE_AWAITING_RESPONSE 0x2
#define CRYPT_TEXT_LEN MSV1_0_CHALLENGE_LENGTH
typedef struct _NTLANMAN_SERVER_ { ULONG NtCapabilities; GUID ServerGuid; ULONG SecurityBlobLength; PVOID pSecurityBlob;} NTLANMAN_SERVER, *PNTLANMAN_SERVER;
typedef struct _SMBCE_SERVER_ { // the server version count
ULONG Version;
// the dispatch vector
struct _SMBCE_SERVER_DISPATCH_VECTOR_ *pDispatch;
// the SMB dialect
SMB_DIALECT Dialect;
// More Server Capabilities
ULONG DialectFlags;
// the session key
ULONG SessionKey;
// the server Ip address
ULONG IpAddress;
// Security mode supported on the server
SECURITY_MODE SecurityMode;
// Time zone bias for conversion.
LARGE_INTEGER TimeZoneBias;
// Echo Expiry Time
LARGE_INTEGER EchoExpiryTime;
LONG SmbsReceivedSinceLastStrobe;
//CSC stuff
LONG CscState;
LONG EchoProbeState; LONG NumberOfEchoProbesSent;
// Maximum negotiated buffer size.
ULONG MaximumBufferSize;
// maximum buffer size for read/write operations
ULONG MaximumDiskFileReadBufferSize; ULONG MaximumNonDiskFileReadBufferSize; ULONG MaximumDiskFileWriteBufferSize; ULONG MaximumNonDiskFileWriteBufferSize;
// This is used to detect the number of server opens. If it is larger than 0,
// we shouldn't tear down the current transport in case the user provides the transport.
LONG NumberOfSrvOpens;
LONG NumberOfVNetRootContextsForScavenging;
LONG MidCounter;
// Maximum number of multiplexed requests
USHORT MaximumRequests;
// Maximum number of VC's
USHORT MaximumVCs;
// Server Capabilities
USHORT Capabilities;
// encrypt passwords
BOOLEAN EncryptPasswords;
BOOLEAN SecuritySignaturesEnabled;
BOOLEAN SecuritySignaturesRequired;
// distinguishes a loopback connections
BOOLEAN IsLoopBack;
// TRUE if the same server is being referred to by multiple names
BOOLEAN AliasedServers;
BOOLEAN IsRemoteBootServer;
// There are certain servers that return DF_NT_SMBS in the negotiate
// but do not support change notifies. This allows us to suppress
// change notify requests to those servers.
BOOLEAN ChangeNotifyNotSupported;
// avoid multiple event logs posted for security context failures
BOOLEAN EventLogPosted;
// The sessions on this server should use the extended timeout interval
BOOLEAN ExtendedSessTimeout;
USHORT EncryptionKeyLength; UCHAR EncryptionKey[CRYPT_TEXT_LEN];
// Dialect specific information
union { NTLANMAN_SERVER NtServer; };
MD5_CTX SmbSecuritySignatureIntermediateContext; ULONG SmbSecuritySignatureIndex; BOOLEAN IsFakeDfsServerForOfflineUse; BOOLEAN IsPinnedOffline;
} SMBCE_SERVER, *PSMBCE_SERVER;
typedefNTSTATUS(*PBUILD_SESSION_SETUP_SMB)( IN OUT struct _SMB_EXCHANGE *pExchange, IN OUT PGENERIC_ANDX pSmb, IN OUT PULONG pBufferSize );
typedefNTSTATUS(*PBUILD_TREE_CONNECT_SMB)( IN OUT struct _SMB_EXCHANGE *pExchange, IN OUT PGENERIC_ANDX pSmb, IN OUT PULONG pBufferSize );
typedef struct _SMBCE_SERVER_DISPATCH_VECTOR_ { PBUILD_SESSION_SETUP_SMB BuildSessionSetup; PBUILD_TREE_CONNECT_SMB BuildTreeConnect;} SMBCE_SERVER_DISPATCH_VECTOR, *PSMBCE_SERVER_DISPATCH_VECTOR;
#define SMBCE_SERVER_DIALECT_DISPATCH(pServer,Routine,Arguments) \
(*((pServer)->pDispatch->Routine))##Arguments
// The SMBCE engine process all requests in an asychronous fashion. Therefore for synchronous
// requests an additional mechanism is required for synchronization. The following data structure
// provides an easy way for implementing this synchronization.
//
// NOTE: For asynchronous resumption contexts the resumption routine can be invoked
// at DPC level.
#define SMBCE_RESUMPTION_CONTEXT_FLAG_ASYNCHRONOUS (0x1)
typedef struct SMBCE_RESUMPTION_CONTEXT { ULONG Flags; NTSTATUS Status; // the status
PVOID pContext; // a void pointer for clients to add additional context information
union { PRX_WORKERTHREAD_ROUTINE pRoutine; // asynchronous contexts
KEVENT Event; // the event for synchronization
}; BOOLEAN SecuritySignatureReturned;} SMBCE_RESUMPTION_CONTEXT, *PSMBCE_RESUMPTION_CONTEXT;
#define SmbCeIsResumptionContextAsynchronous(pResumptionContext) \
((pResumptionContext)->Flags & SMBCE_RESUMPTION_CONTEXT_FLAG_ASYNCHRONOUS)
INLINE VOIDSmbCeInitializeResumptionContext( PSMBCE_RESUMPTION_CONTEXT pResumptionContext){ KeInitializeEvent(&(pResumptionContext)->Event,NotificationEvent,FALSE); pResumptionContext->Status = STATUS_SUCCESS; pResumptionContext->Flags = 0; pResumptionContext->pContext = NULL;}
INLINE VOIDSmbCeInitializeAsynchronousResumptionContext( PSMBCE_RESUMPTION_CONTEXT pResumptionContext, PRX_WORKERTHREAD_ROUTINE pResumptionRoutine, PVOID pResumptionRoutineParam){ pResumptionContext->Status = STATUS_SUCCESS; pResumptionContext->Flags = SMBCE_RESUMPTION_CONTEXT_FLAG_ASYNCHRONOUS; pResumptionContext->pContext = pResumptionRoutineParam; pResumptionContext->pRoutine = pResumptionRoutine;}
INLINE VOIDSmbCeSuspend( PSMBCE_RESUMPTION_CONTEXT pResumptionContext){ ASSERT(!(pResumptionContext->Flags & SMBCE_RESUMPTION_CONTEXT_FLAG_ASYNCHRONOUS)); KeWaitForSingleObject( &pResumptionContext->Event, Executive, KernelMode, FALSE, NULL);}
INLINE VOIDSmbCeResume( PSMBCE_RESUMPTION_CONTEXT pResumptionContext){ if (!(pResumptionContext->Flags & SMBCE_RESUMPTION_CONTEXT_FLAG_ASYNCHRONOUS)) { KeSetEvent(&(pResumptionContext)->Event,0,FALSE); } else { if (RxShouldPostCompletion()) { RxDispatchToWorkerThread( MRxSmbDeviceObject, CriticalWorkQueue, pResumptionContext->pRoutine, pResumptionContext->pContext); } else { (pResumptionContext->pRoutine)(pResumptionContext->pContext); } }}
//
// The SMBCE_REQUEST struct encapsulates the continuation context associated. Typically
// the act of sending a SMB along an exchange results in a SMBCE_REQUEST structure being
// created with sufficient context information to resume the exchange upon reciept of
// response from the serve. The SMBCE_REQUEST conatins ebough information to identify
// the SMB for which the response is being obtained followed by enough context information
// to resume the exchange.
//
typedef enum _SMBCE_OPERATION_ { SMBCE_TRANCEIVE, SMBCE_RECEIVE, SMBCE_SEND, SMBCE_ASYNCHRONOUS_SEND, SMBCE_ACQUIRE_MID} SMBCE_OPERATION, *PSMBCE_OPERATION;
typedef enum _SMBCE_REQUEST_TYPE_ { ORDINARY_REQUEST, COPY_DATA_REQUEST, RECONNECT_REQUEST, ACQUIRE_MID_REQUEST} SMBCE_REQUEST_TYPE, *PSMBCE_REQUEST_TYPE;
typedef struct _SMBCE_GENERIC_REQUEST_ { SMBCE_REQUEST_TYPE Type;
// the exchange instance that originated this SMB
struct _SMB_EXCHANGE * pExchange;} SMBCE_GENERIC_REQUEST, *PSMBCE_GENERIC_REQUEST;
typedef struct _SMBCE_REQUEST_ { SMBCE_GENERIC_REQUEST;
// the type of request
SMBCE_OPERATION Operation;
// the virtual circuit along which this request was sent.
PRXCE_VC pVc;
// MPX Id of outgoing request.
SMB_MPX_ID Mid;
// the pedigree of the request
SMB_TREE_ID TreeId; // The Tree Id.
SMB_FILE_ID FileId; // The file id.
SMB_USER_ID UserId; // User Id. for cancel.
SMB_PROCESS_ID ProcessId; // Process Id. for cancel.
PMDL pSendBuffer; ULONG BytesSent;} SMBCE_REQUEST, *PSMBCE_REQUEST;
typedef struct _SMBCE_COPY_DATA_REQUEST_ { SMBCE_GENERIC_REQUEST;
// the virtual circuit along which this request was sent.
PRXCE_VC pVc;
// the buffer into whihc data is being copied.
PVOID pBuffer;
// the actual number of bytes copied
ULONG BytesCopied;} SMBCE_COPY_DATA_REQUEST, *PSMBCE_COPY_DATA_REQUEST;
typedef struct _SMBCE_RECONNECT_REQUEST_ { SMBCE_GENERIC_REQUEST;} SMBCE_RECONNECT_REQUEST, *PSMBCE_RECONNECT_REQUEST;
typedef struct _SMBCE_MID_REQUEST_ { SMBCE_GENERIC_REQUEST; PSMBCE_RESUMPTION_CONTEXT pResumptionContext;} SMBCE_MID_REQUEST, *PSMBCE_MID_REQUEST;
//
// extern function declarations
//
extern NTSTATUSBuildSessionSetupSmb( struct _SMB_EXCHANGE *pExchange, PGENERIC_ANDX pAndXSmb, PULONG pAndXSmbBufferSize);
extern NTSTATUSCoreBuildTreeConnectSmb( struct _SMB_EXCHANGE *pExchange, PGENERIC_ANDX pAndXSmb, PULONG pAndXSmbBufferSize);
extern NTSTATUSLmBuildTreeConnectSmb( struct _SMB_EXCHANGE *pExchange, PGENERIC_ANDX pAndXSmb, PULONG pAndXSmbBufferSize);
extern NTSTATUSNtBuildTreeConnectSmb( struct _SMB_EXCHANGE *pExchange, PGENERIC_ANDX pAndXSmb, PULONG pAndXSmbBufferSize);
extern NTSTATUSBuildNegotiateSmb( PVOID *pSmbBufferPointer, PULONG pSmbBufferLength, BOOLEAN RemoteBootSession);
extern NTSTATUSParseNegotiateResponse( IN OUT struct _SMB_ADMIN_EXCHANGE_ *pExchange, IN ULONG BytesIndicated, IN ULONG BytesAvailable, OUT PULONG pBytesTaken, IN PSMB_HEADER pSmbHeader, OUT PMDL *pDataBufferPointer, OUT PULONG pDataSize);
extern struct _MINIRDR_DISPATCH MRxSmbDispatch;
#endif // _SMBCE_H_
|
