/// <summary>
/// Deep copy constructor.
/// </summary>
public SmbNegotiateResponsePacket(SmbNegotiateResponsePacket packet)
: base(packet)
{
this.InitDefaultValue();
this.smbParameters.WordCount = packet.SmbParameters.WordCount;
this.smbParameters.DialectIndex = packet.SmbParameters.DialectIndex;
this.smbParameters.SecurityMode = packet.SmbParameters.SecurityMode;
this.smbParameters.MaxMpxCount = packet.SmbParameters.MaxMpxCount;
this.smbParameters.MaxNumberVcs = packet.SmbParameters.MaxNumberVcs;
this.smbParameters.MaxBufferSize = packet.SmbParameters.MaxBufferSize;
this.smbParameters.MaxRawSize = packet.SmbParameters.MaxRawSize;
this.smbParameters.SessionKey = packet.SmbParameters.SessionKey;
this.smbParameters.Capabilities = packet.SmbParameters.Capabilities;
this.smbParameters.SystemTime = new FileTime();
this.smbParameters.SystemTime.Time = packet.SmbParameters.SystemTime.Time;
this.smbParameters.ServerTimeZone = packet.SmbParameters.ServerTimeZone;
this.smbParameters.EncryptionKeyLength = packet.SmbParameters.EncryptionKeyLength;
this.smbData.ByteCount = packet.SmbData.ByteCount;
this.smbData.ServerGuid = packet.smbData.ServerGuid;
if (packet.smbData.SecurityBlob != null)
{
this.smbData.SecurityBlob = new byte[packet.smbData.SecurityBlob.Length];
Array.Copy(packet.smbData.SecurityBlob, this.smbData.SecurityBlob, packet.smbData.SecurityBlob.Length);
}
else
{
this.smbData.SecurityBlob = new byte[0];
}
}
private bool SmbUpdateContextWithResponsePacket(SmbClientConnection connection, SmbPacket response)
{
if (response == null)
{
return false;
}
int connectionId = connection.ConnectionId;
SmbHeader smbHeader = response.SmbHeader;
// only process the response packet.
if (response.PacketType != SmbPacketType.BatchedResponse
&& response.PacketType != SmbPacketType.SingleResponse)
{
return false;
}
// packet status
SmbStatus packetStatus = (SmbStatus)smbHeader.Status;
// filter error packet
if (packetStatus != SmbStatus.STATUS_SUCCESS &&
packetStatus != SmbStatus.STATUS_MORE_PROCESSING_REQUIRED &&
packetStatus != SmbStatus.STATUS_BUFFER_OVERFLOW)
{
return false;
}
// process each special command
switch (smbHeader.Command)
{
#region Negotiate Response
case SmbCommand.SMB_COM_NEGOTIATE:
// implicit ntlm, decode using cifs sdk.
if (!smbClient.Capability.IsSupportsExtendedSecurity)
{
return false;
}
// down cast to negotiate response packet.
SmbNegotiateResponsePacket negotiate = response as SmbNegotiateResponsePacket;
// set negotiate flag
connection.NegotiateSent = true;
#region update security mode
SecurityModes securityModes = negotiate.SmbParameters.SecurityMode;
if (SecurityModes.NEGOTIATE_SECURITY_SIGNATURES_ENABLED
== (securityModes & SecurityModes.NEGOTIATE_SECURITY_SIGNATURES_ENABLED))
{
connection.ServerSigningState = SignState.ENABLED;
}
else if (SecurityModes.NEGOTIATE_SECURITY_SIGNATURES_REQUIRED
== (securityModes & SecurityModes.NEGOTIATE_SECURITY_SIGNATURES_REQUIRED))
{
connection.ServerSigningState = SignState.REQUIRED;
}
else
{
connection.ServerSigningState = SignState.DISABLED;
}
if (SecurityModes.NEGOTIATE_USER_SECURITY
== (securityModes & SecurityModes.NEGOTIATE_USER_SECURITY))
{
connection.UsesSharePasswords = false;
}
else
{
connection.UsesSharePasswords = true;
}
if (SecurityModes.NEGOTIATE_ENCRYPT_PASSWORDS
== (securityModes & SecurityModes.NEGOTIATE_ENCRYPT_PASSWORDS))
{
connection.IsClientEncryptPasswords = true;
}
else
{
connection.IsClientEncryptPasswords = false;
}
// update IsSignActive using the combination of the client's
// MessageSigningPolicy and the connection's ServerSigningState
smbClient.Context.UpdateSigningActive(connection);
#endregion
#region update server capabilities
connection.ServerCapabilities = (Capabilities)negotiate.SmbParameters.Capabilities;
if (Capabilities.CAP_INFOLEVEL_PASSTHRU
== (connection.ServerCapabilities & Capabilities.CAP_INFOLEVEL_PASSTHRU))
{
smbClient.Capability.IsUsePassThrough = true;
}
#endregion
#region update maxbuffersize
connection.MaxBufferSize = negotiate.SmbParameters.MaxBufferSize;
#endregion
this.AddOrUpdateConnection(connection);
break;
#endregion
#region Session Setup Response
case SmbCommand.SMB_COM_SESSION_SETUP_ANDX:
// implicit ntlm, decode using cifs sdk.
if (!smbClient.Capability.IsSupportsExtendedSecurity)
{
return false;
}
// the session to operation on.
SmbClientSession session = null;
// down-case the packet
SmbSessionSetupAndxResponsePacket packet = response as SmbSessionSetupAndxResponsePacket;
// if session exists, use it.
if (this.GetSession(connectionId, smbHeader.Uid) != null)
{
session = new SmbClientSession(this.GetSession(connectionId, smbHeader.Uid));
}
else
{
session = new SmbClientSession();
}
// if success, update context and session key.
if (packetStatus == SmbStatus.STATUS_SUCCESS)
{
// if spng, the SessionKey is null and the SecurityBlob from server contains data
// in this situation, need to initialize the SecurityBlob of server to generate the SessionKey
if (connection.GssApi.SessionKey == null
&& packet.SecurityBlob != null && packet.SecurityBlob.Length > 0)
{
connection.GssApi.Initialize(packet.SecurityBlob);
}
// get session key and store in the context
session.SessionKey = connection.GssApi.SessionKey;
// reset the gss api of connection
connection.GssApi = null;
// reset the securityblob when success
packet.SecurityBlob = null;
}
// update the security blob from server
connection.SecurityBlob = packet.SecurityBlob;
this.AddOrUpdateConnection(connection);
// update session
session.SessionUid = smbHeader.Uid;
session.ConnectionId = connectionId;
this.AddOrUpdateSession(session);
break;
#endregion
default:
return false;
}
return true;
}
protected override SmbPacket CreateSmbResponsePacket(
SmbPacket request,
SmbHeader smbHeader,
Channel channel)
{
SmbPacket smbPacket = null;
// error packet
SmbStatus packetStatus = (SmbStatus)smbHeader.Status;
// error packet
if (packetStatus != SmbStatus.STATUS_SUCCESS &&
packetStatus != SmbStatus.STATUS_MORE_PROCESSING_REQUIRED &&
packetStatus != SmbStatus.STATUS_BUFFER_OVERFLOW)
{
smbPacket = new SmbErrorResponsePacket();
smbPacket.SmbHeader = smbHeader;
return(smbPacket);
}
// success packet
switch (smbHeader.Command)
{
case SmbCommand.SMB_COM_NEGOTIATE:
if (smbClient.Capability.IsSupportsExtendedSecurity)
{
smbPacket = new SmbNegotiateResponsePacket();
}
else
{
smbPacket = new SmbNegotiateImplicitNtlmResponsePacket();
}
break;
case SmbCommand.SMB_COM_SESSION_SETUP_ANDX:
if (smbClient.Capability.IsSupportsExtendedSecurity)
{
smbPacket = new SmbSessionSetupAndxResponsePacket();
}
else
{
smbPacket = new SmbSessionSetupImplicitNtlmAndxResponsePacket();
}
break;
case SmbCommand.SMB_COM_TREE_CONNECT_ANDX:
smbPacket = new SmbTreeConnectAndxResponsePacket();
break;
case SmbCommand.SMB_COM_TREE_DISCONNECT:
smbPacket = new SmbTreeDisconnectResponsePacket();
break;
case SmbCommand.SMB_COM_LOGOFF_ANDX:
smbPacket = new SmbLogoffAndxResponsePacket();
break;
case SmbCommand.SMB_COM_NT_CREATE_ANDX:
smbPacket = new SmbNtCreateAndxResponsePacket();
break;
case SmbCommand.SMB_COM_CLOSE:
smbPacket = new SmbCloseResponsePacket();
break;
case SmbCommand.SMB_COM_OPEN_ANDX:
smbPacket = new SmbOpenAndxResponsePacket();
break;
case SmbCommand.SMB_COM_WRITE_ANDX:
smbPacket = new SmbWriteAndxResponsePacket();
break;
case SmbCommand.SMB_COM_READ_ANDX:
smbPacket = new SmbReadAndxResponsePacket();
break;
case SmbCommand.SMB_COM_TRANSACTION:
smbPacket = this.CreateTransactionResponsePacket(request, smbHeader, channel);
break;
case SmbCommand.SMB_COM_TRANSACTION2:
smbPacket = this.CreateTransaction2ResponsePacket(request, smbHeader, channel);
break;
case SmbCommand.SMB_COM_NT_TRANSACT:
smbPacket = this.CreateNtTransactionResponsePacket(request, smbHeader, channel);
break;
default:
break;
}
if (smbPacket != null)
{
smbPacket.SmbHeader = smbHeader;
return(smbPacket);
}
return(base.CreateSmbResponsePacket(request, smbHeader, channel));
}
/// <summary>
/// Verify whether the two response are equal or not.
/// </summary>
/// <param name="response"> The first SmbNegotiateResponsePacket.</param>
/// <param name="response2"> The second SmbNegotiateResponsePacket Response.</param>
private bool VerifyNegotiateResponse(
SmbNegotiateResponsePacket response,
SmbNegotiateResponsePacket response2)
{
return (response.IsSignRequired == response2.IsSignRequired)
&& (response.PacketType == response2.PacketType)
&& (response.SmbData.ByteCount == response2.SmbData.ByteCount)
&& CompareArrayEquals(response.SmbData.SecurityBlob, response2.SmbData.SecurityBlob)
&& (response.SmbData.ServerGuid == response2.SmbData.ServerGuid)
&& (response.SmbParameters.Capabilities == response2.SmbParameters.Capabilities)
&& (response.SmbParameters.DialectIndex == response2.SmbParameters.DialectIndex)
&& (response.SmbParameters.EncryptionKeyLength == response2.SmbParameters.EncryptionKeyLength)
&& (response.SmbParameters.MaxBufferSize == response2.SmbParameters.MaxBufferSize)
&& (response.SmbParameters.MaxMpxCount == response2.SmbParameters.MaxMpxCount)
&& (response.SmbParameters.MaxNumberVcs == response2.SmbParameters.MaxNumberVcs)
&& (response.SmbParameters.MaxRawSize == response2.SmbParameters.MaxRawSize)
&& (response.SmbParameters.SecurityMode == response2.SmbParameters.SecurityMode)
&& (response.SmbParameters.ServerTimeZone == response2.SmbParameters.ServerTimeZone)
&& (response.SmbParameters.SessionKey == response2.SmbParameters.SessionKey)
&& (response.SmbParameters.WordCount == response2.SmbParameters.WordCount);
}
