diff --git a/SMBLibrary/Server/ConnectionState/SMB2ConnectionState.cs b/SMBLibrary/Server/ConnectionState/SMB2ConnectionState.cs index 9d20cb8..71255cd 100644 --- a/SMBLibrary/Server/ConnectionState/SMB2ConnectionState.cs +++ b/SMBLibrary/Server/ConnectionState/SMB2ConnectionState.cs @@ -44,9 +44,9 @@ namespace SMBLibrary.Server return null; } - public SMB2Session CreateSession(ulong sessionID, string userName, string machineName, object accessToken) + public SMB2Session CreateSession(ulong sessionID, string userName, string machineName, byte[] sessionKey, object accessToken) { - SMB2Session session = new SMB2Session(this, sessionID, userName, machineName, accessToken); + SMB2Session session = new SMB2Session(this, sessionID, userName, machineName, sessionKey, accessToken); m_sessions.Add(sessionID, session); return session; } diff --git a/SMBLibrary/Server/ConnectionState/SMB2Session.cs b/SMBLibrary/Server/ConnectionState/SMB2Session.cs index 8aa72b3..40ac787 100644 --- a/SMBLibrary/Server/ConnectionState/SMB2Session.cs +++ b/SMBLibrary/Server/ConnectionState/SMB2Session.cs @@ -16,6 +16,7 @@ namespace SMBLibrary.Server { private SMB2ConnectionState m_connection; private ulong m_sessionID; + private byte[] m_sessionKey; private SecurityContext m_securityContext; // Key is TreeID @@ -28,10 +29,11 @@ namespace SMBLibrary.Server // Key is the persistent portion of the FileID private Dictionary m_openSearches = new Dictionary(); - public SMB2Session(SMB2ConnectionState connection, ulong sessionID, string userName, string machineName, object accessToken) + public SMB2Session(SMB2ConnectionState connection, ulong sessionID, string userName, string machineName, byte[] sessionKey, object accessToken) { m_connection = connection; m_sessionID = sessionID; + m_sessionKey = sessionKey; m_securityContext = new SecurityContext(userName, machineName, connection.ClientEndPoint, connection.AuthenticationContext, accessToken); } @@ -138,6 +140,14 @@ namespace SMBLibrary.Server m_openSearches.Remove(fileID); } + public byte[] SessionKey + { + get + { + return m_sessionKey; + } + } + public SecurityContext SecurityContext { get diff --git a/SMBLibrary/Server/SMB2/SessionSetupHelper.cs b/SMBLibrary/Server/SMB2/SessionSetupHelper.cs index a46bc50..57c216b 100644 --- a/SMBLibrary/Server/SMB2/SessionSetupHelper.cs +++ b/SMBLibrary/Server/SMB2/SessionSetupHelper.cs @@ -55,17 +55,18 @@ namespace SMBLibrary.Server.SMB2 { string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string; string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string; + byte[] sessionKey = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.SessionKey) as byte[]; object accessToken = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.AccessToken); bool? isGuest = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.IsGuest) as bool?; if (!isGuest.HasValue || !isGuest.Value) { state.LogToServer(Severity.Information, "User '{0}' authenticated successfully.", userName); - state.CreateSession(request.Header.SessionID, userName, machineName, accessToken); + state.CreateSession(request.Header.SessionID, userName, machineName, sessionKey, accessToken); } else { state.LogToServer(Severity.Information, "User '{0}' failed authentication, logged in as guest.", userName); - state.CreateSession(request.Header.SessionID, "Guest", machineName, accessToken); + state.CreateSession(request.Header.SessionID, "Guest", machineName, sessionKey, accessToken); response.SessionFlags = SessionFlags.IsGuest; } }