private uint SessionSetup( Packet_Header_Flags_Values headerFlags, SESSION_SETUP_Request_Flags sessionSetupFlags, SESSION_SETUP_Request_SecurityMode_Values securityMode, SESSION_SETUP_Request_Capabilities_Values capabilities, ulong previousSessionId, SecurityPackageType securityPackageType, string serverName, byte[] token, out byte[] serverGssToken, ushort creditRequest = 64) { Packet_Header header; SESSION_SETUP_Response sessionSetupResponse; uint status; status = client.SessionSetup( 1, creditRequest, headerFlags, messageId++, sessionId, sessionSetupFlags, securityMode, capabilities, previousSessionId, token, out sessionId, out serverGssToken, out header, out sessionSetupResponse); return(status); }
private SESSION_SETUP_Request_SecurityMode_Values GetSessionSetupSecurityMode(SigningEnabledType signingEnabledType, SigningRequiredType signingRequiredType) { SESSION_SETUP_Request_SecurityMode_Values securityMode = SESSION_SETUP_Request_SecurityMode_Values.NONE; if (signingEnabledType == SigningEnabledType.SigningEnabledSet) { securityMode |= SESSION_SETUP_Request_SecurityMode_Values.NEGOTIATE_SIGNING_ENABLED; } if (signingRequiredType == SigningRequiredType.SigningRequiredSet) { securityMode |= SESSION_SETUP_Request_SecurityMode_Values.NEGOTIATE_SIGNING_REQUIRED; } return(securityMode); }
/// <summary> /// Send an SMB2 SESSION_SETUP request with specified parameters /// </summary> /// <param name="headerFlags">A Flags field indicates how to process the operation.</param> /// <param name="sessionSetupFlags">To bind an existing session to a new connection,set to SMB2_SESSION_FLAG_BINDING to bind; otherwise set it to NONE.</param> /// <param name="securityMode">The security mode field specifies whether SMB signing is enabled, required at the server, or both</param> /// <param name="capabilities">Specifies protocol capabilities for the client.</param> /// <param name="token">Gss token to send</param> /// <param name="serverToken">GssToken returned from server</param> /// <param name="isResponseEncryptedSessionFlag">check if SESSION_FLAG_ENCRYPT_DATA returned from server</param> /// <param name="creditRequest">The number of credits the client is requesting. Default value is 64.</param> /// <param name="previousSessionId">For reconnect, set it to previous sessionId, otherwise set it to 0. Default value is 0.</param> /// <returns>The status code for SESSION_SETUP Response.</returns> public uint SessionSetup( Packet_Header_Flags_Values headerFlags, SESSION_SETUP_Request_Flags sessionSetupFlags, SESSION_SETUP_Request_SecurityMode_Values securityMode, SESSION_SETUP_Request_Capabilities_Values capabilities, byte[] token, out byte[] serverToken, out bool isResponseEncryptedSessionFlag, ushort creditRequest = 64, ulong previousSessionId = 0) { Packet_Header header; SESSION_SETUP_Response sessionSetupResponse; ulong messageId = generateMessageId(sequenceWindow); ushort creditCharge = generateCreditCharge(1); // Need to consume credit from sequence window first according to TD ConsumeCredit(messageId, creditCharge); uint status = Smb2Client.SessionSetup( 1, creditRequest, headerFlags, messageId, sessionId, sessionSetupFlags, securityMode, capabilities, previousSessionId, token, out sessionId, out serverToken, out header, out sessionSetupResponse); isResponseEncryptedSessionFlag = sessionSetupResponse.SessionFlags.HasFlag(SessionFlags_Values.SESSION_FLAG_ENCRYPT_DATA); ProduceCredit(messageId, header); return(status); }
public uint SessionSetup( SESSION_SETUP_Request_SecurityMode_Values securityMode, SESSION_SETUP_Request_Capabilities_Values capabilities, SecurityPackageType securityPackageType, string serverName, byte[] token, out byte[] serverGssToken, ushort creditRequest = 64) { return(SessionSetup( Packet_Header_Flags_Values.NONE, SESSION_SETUP_Request_Flags.NONE, securityMode, capabilities, 0, securityPackageType, serverName, token, out serverGssToken, creditRequest)); }
/// <summary> /// Send an SMB2 SESSION_SETUP request with specified parameters /// </summary> /// <param name="headerFlags">A Flags field indicates how to process the operation.</param> /// <param name="sessionSetupFlags">To bind an existing session to a new connection,set to SMB2_SESSION_FLAG_BINDING to bind; otherwise set it to NONE.</param> /// <param name="securityMode">The security mode field specifies whether SMB signing is enabled, required at the server, or both</param> /// <param name="capabilities">Specifies protocol capabilities for the client.</param> /// <param name="token">Gss token to send</param> /// <param name="serverToken">GssToken returned from server</param> /// <param name="creditRequest">The number of credits the client is requesting. Default value is 64.</param> /// <param name="previousSessionId">For reconnect, set it to previous sessionId, otherwise set it to 0. Default value is 0.</param> /// <returns>The status code for SESSION_SETUP Response.</returns> public uint SessionSetup( Packet_Header_Flags_Values headerFlags, SESSION_SETUP_Request_Flags sessionSetupFlags, SESSION_SETUP_Request_SecurityMode_Values securityMode, SESSION_SETUP_Request_Capabilities_Values capabilities, byte[] token, out byte[] serverToken, ushort creditRequest = 64, ulong previousSessionId = 0) { Packet_Header header; SESSION_SETUP_Response sessionSetupResponse; ulong messageId = generateMessageId(sequenceWindow); ushort creditCharge = generateCreditCharge(1); // Need to consume credit from sequence window first according to TD ConsumeCredit(messageId, creditCharge); uint status = Smb2Client.SessionSetup( 1, creditRequest, headerFlags, messageId, sessionId, sessionSetupFlags, securityMode, capabilities, previousSessionId, token, out sessionId, out serverToken, out header, out sessionSetupResponse); ProduceCredit(messageId, header); return status; }
public uint Smb2AlternativeChannelSessionSetup( Smb2OverSmbdTestClient mainChannelClient, string domainName, string userName, string password, string serverName, SESSION_SETUP_Request_SecurityMode_Values securityMode = SESSION_SETUP_Request_SecurityMode_Values.NEGOTIATE_SIGNING_ENABLED, SESSION_SETUP_Request_Capabilities_Values capabilities = SESSION_SETUP_Request_Capabilities_Values.GLOBAL_CAP_DFS, ushort creditRequest = 64) { sessionId = mainChannelClient.sessionId; sessionKey = mainChannelClient.sessionKey; Smb2SetSessionSigningAndEncryption(true, false); Packet_Header header; SESSION_SETUP_Response sessionSetupResponse; SspiClientSecurityContext sspiClientGss = new SspiClientSecurityContext( SecurityPackageType.Negotiate, new AccountCredential(domainName, userName, password), Smb2Utility.GetCifsServicePrincipalName(serverName), ClientSecurityContextAttribute.None, SecurityTargetDataRepresentation.SecurityNativeDrep ); // Server GSS token is used only for Negotiate authentication sspiClientGss.Initialize(gssToken); uint status; do { status = SessionSetup( 1, creditRequest, Packet_Header_Flags_Values.FLAGS_SIGNED, messageId, sessionId, SESSION_SETUP_Request_Flags.SESSION_FLAG_BINDING, securityMode, capabilities, 0, sspiClientGss.Token, out sessionId, out gssToken, out header, out sessionSetupResponse ); CalculateSmb2AvailableCredits(1, packetHeader.CreditRequestResponse); if ((status == Smb2Status.STATUS_MORE_PROCESSING_REQUIRED || status == Smb2Status.STATUS_SUCCESS) && gssToken != null && gssToken.Length > 0) { sspiClientGss.Initialize(gssToken); } } while (status == Smb2Status.STATUS_MORE_PROCESSING_REQUIRED); if (status == Smb2Status.STATUS_SUCCESS) { sessionKey = sspiClientGss.SessionKey; Smb2SetSessionSigningAndEncryption(true, false, true); } return(status); }