[PATCH][SMB3] Add missing defines for new negotiate contexts

[PATCH][SMB3] Add missing defines for new negotiate contexts

[Steve French]

[-- Attachment #1: Type: text/plain, Size: 71 bytes --]

See updated MS-SMB2 - two new negotiate contexts



-- 
Thanks,

Steve

[-- Attachment #2: 0001-SMB3-Add-defines-for-new-negotiate-contexts.patch --]
[-- Type: text/x-patch, Size: 2562 bytes --]

From 137c7222c0f4abbc9ea2b2ab11c98c69e87613db Mon Sep 17 00:00:00 2001
From: Steve French <stfrench@microsoft.com>
Date: Thu, 18 Apr 2019 11:03:58 -0500
Subject: [PATCH] SMB3: Add defines for new negotiate contexts

See the latest MS-SMB2 protocol specification updates.
These will be needed for implementing compression support
on the wire for example.

Signed-off-by: Steve French <stfrench@microsoft.com>
---
 fs/cifs/smb2pdu.c |  5 +----
 fs/cifs/smb2pdu.h | 26 ++++++++++++++++++++++++++
 2 files changed, 27 insertions(+), 4 deletions(-)

diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
index ac92d066c724..3999ec5a6bb9 100644
--- a/fs/cifs/smb2pdu.c
+++ b/fs/cifs/smb2pdu.c
@@ -459,10 +459,7 @@ smb2_plain_req_init(__le16 smb2_command, struct cifs_tcon *tcon,
 	return rc;
 }
 
-
-#define SMB2_PREAUTH_INTEGRITY_CAPABILITIES	cpu_to_le16(1)
-#define SMB2_ENCRYPTION_CAPABILITIES		cpu_to_le16(2)
-#define SMB2_POSIX_EXTENSIONS_AVAILABLE		cpu_to_le16(0x100)
+/* For explanation of negotiate contexts see MS-SMB2 section 2.2.3.1 */
 
 static void
 build_preauth_ctxt(struct smb2_preauth_neg_context *pneg_ctxt)
diff --git a/fs/cifs/smb2pdu.h b/fs/cifs/smb2pdu.h
index bc9161a26400..e0725e98f175 100644
--- a/fs/cifs/smb2pdu.h
+++ b/fs/cifs/smb2pdu.h
@@ -251,6 +251,14 @@ struct smb2_negotiate_req {
 #define SMB2_NT_FIND			0x00100000
 #define SMB2_LARGE_FILES		0x00200000
 
+
+/* Negotiate Contexts - ContextTypes. See MS-SMB2 section 2.2.3.1 for details */
+#define SMB2_PREAUTH_INTEGRITY_CAPABILITIES	cpu_to_le16(1)
+#define SMB2_ENCRYPTION_CAPABILITIES		cpu_to_le16(2)
+#define SMB2_COMPRESSION_CAPABILITIES		cpu_to_le16(4)
+#define SMB2_NETNAME_NEGOTIATE_CONTEXT_ID	cpu_to_le16(5)
+#define SMB2_POSIX_EXTENSIONS_AVAILABLE		cpu_to_le16(0x100)
+
 struct smb2_neg_context {
 	__le16	ContextType;
 	__le16	DataLength;
@@ -288,6 +296,24 @@ struct smb2_encryption_neg_context {
 	__le16	Ciphers[1]; /* Ciphers[0] since only one used now */
 } __packed;
 
+/* See MS-SMB2 2.2.3.1.3 */
+#define SMB3_COMPRESS_NONE	0x0000
+#define SMB3_COMPRESS_LZNT1	0x0001
+#define SMB3_COMPRESS_LZ77	0x0002
+#define SMB3_COMPRESS_LZ77_HUFF	0x0003
+
+struct smb2_compression_capabilities_context {
+	__le16	CompressionAlgorithmCount;
+	__u16	Padding;
+	__u32	Reserved;
+	__u16	CompressionAlgorithms[1];
+} __packed;
+
+/*
+ * For smb2_netname_negotiate_context_id See MS-SMB2 2.2.3.1.4.
+ * Its struct simply contains NetName, an array of Unicode characters
+ */
+
 #define POSIX_CTXT_DATA_LEN	16
 struct smb2_posix_neg_context {
 	__le16	ContextType; /* 0x100 */
-- 
2.17.1

Re: [PATCH][SMB3] Add missing defines for new negotiate contexts

[Jeremy Allison]

On Thu, Apr 18, 2019 at 11:06:57AM -0500, Steve French via samba-technical wrote:
> See updated MS-SMB2 - two new negotiate contexts

Link to latest update ? Is this a draft update
or a full new version ?

Re: [PATCH][SMB3] Add missing defines for new negotiate contexts

[Steve French]

I got these from looking at the diff on the open specifications web site

https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-SMB2/%5bMS-SMB2%5d-190313-diff.pdf

On Thu, Apr 18, 2019 at 12:23 PM Jeremy Allison <jra@samba.org> wrote:
>
> On Thu, Apr 18, 2019 at 11:06:57AM -0500, Steve French via samba-technical wrote:
> > See updated MS-SMB2 - two new negotiate contexts
>
> Link to latest update ? Is this a draft update
> or a full new version ?



-- 
Thanks,

Steve

RE: [PATCH][SMB3] Add missing defines for new negotiate contexts

[Tom Talpey]

> -----Original Message-----
> From: linux-cifs-owner@vger.kernel.org <linux-cifs-owner@vger.kernel.org> On
> Behalf Of Jeremy Allison
> Sent: Thursday, April 18, 2019 1:24 PM
> To: Steve French <smfrench@gmail.com>
> Cc: CIFS <linux-cifs@vger.kernel.org>; samba-technical <samba-
> technical@lists.samba.org>
> Subject: Re: [PATCH][SMB3] Add missing defines for new negotiate contexts
> 
> On Thu, Apr 18, 2019 at 11:06:57AM -0500, Steve French via samba-technical
> wrote:
> > See updated MS-SMB2 - two new negotiate contexts
> 
> Link to latest update ? Is this a draft update
> or a full new version ?

The Windows protocol documents were updated on March 13 for the upcoming "19H1" update cycle.

MS-SMB2 version page, with latest, diffs, etc:

https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/5606ad47-5ee0-437a-817e-70c366052962

Tom.

RE: [PATCH][SMB3] Add missing defines for new negotiate contexts

[Tom Talpey]

> -----Original Message-----
> From: linux-cifs-owner@vger.kernel.org <linux-cifs-owner@vger.kernel.org> On
> Behalf Of Tom Talpey
> Sent: Monday, April 22, 2019 8:51 AM
> To: Jeremy Allison <jra@samba.org>; Steve French <smfrench@gmail.com>
> Cc: CIFS <linux-cifs@vger.kernel.org>; samba-technical <samba-
> technical@lists.samba.org>
> Subject: RE: [PATCH][SMB3] Add missing defines for new negotiate contexts
> 
> > -----Original Message-----
> > From: linux-cifs-owner@vger.kernel.org <linux-cifs-owner@vger.kernel.org>
> On
> > Behalf Of Jeremy Allison
> > Sent: Thursday, April 18, 2019 1:24 PM
> > To: Steve French <smfrench@gmail.com>
> > Cc: CIFS <linux-cifs@vger.kernel.org>; samba-technical <samba-
> > technical@lists.samba.org>
> > Subject: Re: [PATCH][SMB3] Add missing defines for new negotiate contexts
> >
> > On Thu, Apr 18, 2019 at 11:06:57AM -0500, Steve French via samba-technical
> > wrote:
> > > See updated MS-SMB2 - two new negotiate contexts
> >
> > Link to latest update ? Is this a draft update
> > or a full new version ?
> 
> The Windows protocol documents were updated on March 13 for the
> upcoming "19H1" update cycle.
> 
> MS-SMB2 version page, with latest, diffs, etc:
> 
> https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/5606ad47-5ee0-437a-817e-70c366052962

So, there was a defect in the published spec which we just corrected, there's a new
update online at the above page.

The value of the new compression contextid is actually "3", but the earlier document
incorrectly said "4". There were several other fixes and clarifications in the pipeline
which have also been included.

Redline diffs as well as the usual standard publication formats are available.

Tom.

Re: [PATCH][SMB3] Add missing defines for new negotiate contexts

[Stefan Metzmacher]

[-- Attachment #1.1: Type: text/plain, Size: 847 bytes --]

Hi Tom,

>> The Windows protocol documents were updated on March 13 for the
>> upcoming "19H1" update cycle.
>>
>> MS-SMB2 version page, with latest, diffs, etc:
>>
>> https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/5606ad47-5ee0-437a-817e-70c366052962
> 
> So, there was a defect in the published spec which we just corrected, there's a new
> update online at the above page.
> 
> The value of the new compression contextid is actually "3", but the earlier document
> incorrectly said "4". There were several other fixes and clarifications in the pipeline
> which have also been included.
> 
> Redline diffs as well as the usual standard publication formats are available.

There's no server behavior defined for
SMB2_NETNAME_NEGOTIATE_CONTEXT_ID. If there's none, why was it added at all?

metze




[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

RE: [PATCH][SMB3] Add missing defines for new negotiate contexts

[Tom Talpey]

> -----Original Message-----
> From: Stefan Metzmacher <metze@samba.org>
> Sent: Thursday, May 23, 2019 9:51 AM
> To: Tom Talpey <ttalpey@microsoft.com>; Jeremy Allison <jra@samba.org>;
> Steve French <smfrench@gmail.com>
> Cc: CIFS <linux-cifs@vger.kernel.org>; samba-technical <samba-
> technical@lists.samba.org>
> Subject: Re: [PATCH][SMB3] Add missing defines for new negotiate contexts
> 
> Hi Tom,
> 
> >> The Windows protocol documents were updated on March 13 for the
> >> upcoming "19H1" update cycle.
> >>
> >> MS-SMB2 version page, with latest, diffs, etc:
> >>
> >> https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-
> smb2/5606ad47-5ee0-437a-817e-70c366052962
> >
> > So, there was a defect in the published spec which we just corrected, there's a
> new
> > update online at the above page.
> >
> > The value of the new compression contextid is actually "3", but the earlier
> document
> > incorrectly said "4". There were several other fixes and clarifications in the
> pipeline
> > which have also been included.
> >
> > Redline diffs as well as the usual standard publication formats are available.
> 
> There's no server behavior defined for
> SMB2_NETNAME_NEGOTIATE_CONTEXT_ID. If there's none, why was it added
> at all?

It's an advisory payload, and can be used to direct the connection appropriately
by load balancers, servers hosting multiple names, and the like. It's basically the
same servername that will be presented later in SMB2_TREE_CONNECT, only it's
available early, prior to any SMB3 processing. Other possible uses are for logging
and diagnosis.

It has no actual function in the SMB3 protocol, so apart from defining the payload
it's not a matter for the MS-SMB2 document. We would hope, however, that clients
will include the context when sending SMB2_NEGOTIATE.

Tom.

Re: [PATCH][SMB3] Add missing defines for new negotiate contexts

[Jeremy Allison]

On Thu, May 23, 2019 at 06:24:16PM +0000, Tom Talpey via samba-technical wrote:
> > -----Original Message-----
> > From: Stefan Metzmacher <metze@samba.org>
> > Sent: Thursday, May 23, 2019 9:51 AM
> > To: Tom Talpey <ttalpey@microsoft.com>; Jeremy Allison <jra@samba.org>;
> > Steve French <smfrench@gmail.com>
> > Cc: CIFS <linux-cifs@vger.kernel.org>; samba-technical <samba-
> > technical@lists.samba.org>
> > Subject: Re: [PATCH][SMB3] Add missing defines for new negotiate contexts
> > 
> > Hi Tom,
> > 
> > >> The Windows protocol documents were updated on March 13 for the
> > >> upcoming "19H1" update cycle.
> > >>
> > >> MS-SMB2 version page, with latest, diffs, etc:
> > >>
> > >> https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-
> > smb2/5606ad47-5ee0-437a-817e-70c366052962
> > >
> > > So, there was a defect in the published spec which we just corrected, there's a
> > new
> > > update online at the above page.
> > >
> > > The value of the new compression contextid is actually "3", but the earlier
> > document
> > > incorrectly said "4". There were several other fixes and clarifications in the
> > pipeline
> > > which have also been included.
> > >
> > > Redline diffs as well as the usual standard publication formats are available.
> > 
> > There's no server behavior defined for
> > SMB2_NETNAME_NEGOTIATE_CONTEXT_ID. If there's none, why was it added
> > at all?
> 
> It's an advisory payload, and can be used to direct the connection appropriately
> by load balancers, servers hosting multiple names, and the like. It's basically the
> same servername that will be presented later in SMB2_TREE_CONNECT, only it's
> available early, prior to any SMB3 processing. Other possible uses are for logging
> and diagnosis.
> 
> It has no actual function in the SMB3 protocol, so apart from defining the payload
> it's not a matter for the MS-SMB2 document. We would hope, however, that clients
> will include the context when sending SMB2_NEGOTIATE.

IMHO Looks like a reinvention of the 'netbios name' field that
allowed us to do clever things with the smb.conf 'netbios
alias' parameter :-).

Re: [PATCH][SMB3] Add missing defines for new negotiate contexts

[Stefan Metzmacher]

[-- Attachment #1.1: Type: text/plain, Size: 1053 bytes --]

Hi Tom,

> It's an advisory payload, and can be used to direct the connection appropriately
> by load balancers, servers hosting multiple names, and the like. It's basically the
> same servername that will be presented later in SMB2_TREE_CONNECT, only it's
> available early, prior to any SMB3 processing. Other possible uses are for logging
> and diagnosis.

Ok, I think it should be explicitly stated, otherwise it's a bit
confusing, if it's completely missing from 3.3.5.4 Receiving an SMB2
NEGOTIATE Request.

> It has no actual function in the SMB3 protocol, so apart from defining the payload
> it's not a matter for the MS-SMB2 document. We would hope, however, that clients
> will include the context when sending SMB2_NEGOTIATE.

This might be an information leak if client or server require
encryption, as the unc in the tree connect is encrypted and the
negotiate value isn't. On the other side it's likely that the target
principal name is already visible in a kerberos ticket or the
NTLMSSP MsvAvTargetName.

metze


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 833 bytes --]