SMB1: Retrieve SessionKey from GSS mechanism and store it in SMB1Session

2025-07-06 09:43:16 +02:00 · 2017-03-04 11:23:44 +02:00 · 2017-03-04 11:23:44 +02:00 · e3dafa524f
commit e3dafa524f
parent 174e43f792
3 changed files with 13 additions and 9 deletions
--- a/SMBLibrary/Server/ConnectionState/SMB1ConnectionState.cs
+++ b/SMBLibrary/Server/ConnectionState/SMB1ConnectionState.cs
@ -52,20 +52,20 @@ namespace SMBLibrary.Server
            return null;
        }

-        public SMB1Session CreateSession(ushort userID, string userName, string machineName, object accessToken)
+        public SMB1Session CreateSession(ushort userID, string userName, string machineName, byte[] sessionKey, object accessToken)
        {
-            SMB1Session session = new SMB1Session(this, userID, userName, machineName, accessToken);
+            SMB1Session session = new SMB1Session(this, userID, userName, machineName, sessionKey, accessToken);
            m_sessions.Add(userID, session);
            return session;
        }

        /// <returns>null if all UserID values have already been allocated</returns>
-        public SMB1Session CreateSession(string userName, string machineName, object accessToken)
+        public SMB1Session CreateSession(string userName, string machineName, byte[] sessionKey, object accessToken)
        {
            ushort? userID = AllocateUserID();
            if (userID.HasValue)
            {
-                return CreateSession(userID.Value, userName, machineName, accessToken);
+                return CreateSession(userID.Value, userName, machineName, sessionKey, accessToken);
            }
            return null;
        }
--- a/SMBLibrary/Server/ConnectionState/SMB1Session.cs
+++ b/SMBLibrary/Server/ConnectionState/SMB1Session.cs
@ -17,6 +17,7 @@ namespace SMBLibrary.Server

        private SMB1ConnectionState m_connection;
        private ushort m_userID;
+        private byte[] m_sessionKey;
        private SecurityContext m_securityContext;

        // Key is TID
@ -29,10 +30,11 @@ namespace SMBLibrary.Server
        private Dictionary<ushort, OpenSearch> m_openSearches = new Dictionary<ushort, OpenSearch>();
        private ushort m_nextSearchHandle = 1;

-        public SMB1Session(SMB1ConnectionState connection, ushort userID, string userName, string machineName, object accessToken)
+        public SMB1Session(SMB1ConnectionState connection, ushort userID, string userName, string machineName, byte[] sessionKey, object accessToken)
        {
            m_connection = connection;
            m_userID = userID;
+            m_sessionKey = sessionKey;
            m_securityContext = new SecurityContext(userName, machineName, connection.ClientEndPoint, connection.AuthenticationContext, accessToken);
        }

--- a/SMBLibrary/Server/SMB1/SessionSetupHelper.cs
+++ b/SMBLibrary/Server/SMB1/SessionSetupHelper.cs
@ -33,18 +33,19 @@ namespace SMBLibrary.Server.SMB1
                return new ErrorResponse(request.CommandName);
            }

+            byte[] sessionKey = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.SessionKey) as byte[];
            object accessToken = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.AccessToken);
            bool? isGuest = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.IsGuest) as bool?;
            SMB1Session session;
            if (!isGuest.HasValue || !isGuest.Value)
            {
                state.LogToServer(Severity.Information, "User '{0}' authenticated successfully.", message.UserName);
-                session = state.CreateSession(message.UserName, message.WorkStation, accessToken);
+                session = state.CreateSession(message.UserName, message.WorkStation, sessionKey, accessToken);
            }
            else
            {
                state.LogToServer(Severity.Information, "User '{0}' failed authentication, logged in as guest.", message.UserName);
-                session = state.CreateSession("Guest", message.WorkStation, accessToken);
+                session = state.CreateSession("Guest", message.WorkStation, sessionKey, accessToken);
                response.Action = SessionSetupAction.SetupGuest;
            }

@ -110,17 +111,18 @@ namespace SMBLibrary.Server.SMB1
            {
                string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string;
                string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string;
+                byte[] sessionKey = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.SessionKey) as byte[];
                object accessToken = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.AccessToken);
                bool? isGuest = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.IsGuest) as bool?;
                if (!isGuest.HasValue || !isGuest.Value)
                {
                    state.LogToServer(Severity.Information, "User '{0}' authenticated successfully.", userName);
-                    state.CreateSession(header.UID, userName, machineName, accessToken);
+                    state.CreateSession(header.UID, userName, machineName, sessionKey, accessToken);
                }
                else
                {
                    state.LogToServer(Severity.Information, "User '{0}' failed authentication, logged in as guest.", userName);
-                    state.CreateSession(header.UID, "Guest", machineName, accessToken);
+                    state.CreateSession(header.UID, "Guest", machineName, sessionKey, accessToken);
                    response.Action = SessionSetupAction.SetupGuest;
                }
            }