[PATCH] cifs: dump the session id and keys also for SMB2 sessions

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] cifs: dump the session id and keys also for SMB2 sessions
@ 2020-04-12  6:09 Ronnie Sahlberg
  2020-04-12 21:51 ` Steve French
  2020-04-15  8:00 ` Aurélien Aptel
  0 siblings, 2 replies; 3+ messages in thread
From: Ronnie Sahlberg @ 2020-04-12  6:09 UTC (permalink / raw)
  To: linux-cifs; +Cc: Ronnie Sahlberg

We already dump these keys for SMB3, lets also dump it for SMB2
sessions so that we can use the session key in wireshark to check and validate
that the signatures are correct.

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
---
 fs/cifs/smb2pdu.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
index 28c0be5e69b7..3ddb0fe6889a 100644
--- a/fs/cifs/smb2pdu.c
+++ b/fs/cifs/smb2pdu.c
@@ -1541,6 +1541,21 @@ SMB2_sess_auth_rawntlmssp_authenticate(struct SMB2_sess_data *sess_data)
 	}
 
 	rc = SMB2_sess_establish_session(sess_data);
+#ifdef CONFIG_CIFS_DEBUG_DUMP_KEYS
+	if (ses->server->dialect < SMB30_PROT_ID) {
+		cifs_dbg(VFS, "%s: dumping generated SMB2 session keys\n", __func__);
+		/*
+		 * The session id is opaque in terms of endianness, so we can't
+		 * print it as a long long. we dump it as we got it on the wire
+		 */
+		cifs_dbg(VFS, "Session Id    %*ph\n", (int)sizeof(ses->Suid),
+			 &ses->Suid);
+		cifs_dbg(VFS, "Session Key   %*ph\n",
+			 SMB2_NTLMV2_SESSKEY_SIZE, ses->auth_key.response);
+		cifs_dbg(VFS, "Signing Key   %*ph\n",
+			 SMB3_SIGN_KEY_SIZE, ses->auth_key.response);
+	}
+#endif
 out:
 	kfree(ntlmssp_blob);
 	SMB2_sess_free_buffer(sess_data);
-- 
2.13.6


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] cifs: dump the session id and keys also for SMB2 sessions
  2020-04-12  6:09 [PATCH] cifs: dump the session id and keys also for SMB2 sessions Ronnie Sahlberg
@ 2020-04-12 21:51 ` Steve French
  2020-04-15  8:00 ` Aurélien Aptel
  1 sibling, 0 replies; 3+ messages in thread
From: Steve French @ 2020-04-12 21:51 UTC (permalink / raw)
  To: Ronnie Sahlberg; +Cc: linux-cifs

tentatively merged into cifs-2.6.git for-next

On Sun, Apr 12, 2020 at 1:11 AM Ronnie Sahlberg <lsahlber@redhat.com> wrote:
>
> We already dump these keys for SMB3, lets also dump it for SMB2
> sessions so that we can use the session key in wireshark to check and validate
> that the signatures are correct.
>
> Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
> ---
>  fs/cifs/smb2pdu.c | 15 +++++++++++++++
>  1 file changed, 15 insertions(+)
>
> diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
> index 28c0be5e69b7..3ddb0fe6889a 100644
> --- a/fs/cifs/smb2pdu.c
> +++ b/fs/cifs/smb2pdu.c
> @@ -1541,6 +1541,21 @@ SMB2_sess_auth_rawntlmssp_authenticate(struct SMB2_sess_data *sess_data)
>         }
>
>         rc = SMB2_sess_establish_session(sess_data);
> +#ifdef CONFIG_CIFS_DEBUG_DUMP_KEYS
> +       if (ses->server->dialect < SMB30_PROT_ID) {
> +               cifs_dbg(VFS, "%s: dumping generated SMB2 session keys\n", __func__);
> +               /*
> +                * The session id is opaque in terms of endianness, so we can't
> +                * print it as a long long. we dump it as we got it on the wire
> +                */
> +               cifs_dbg(VFS, "Session Id    %*ph\n", (int)sizeof(ses->Suid),
> +                        &ses->Suid);
> +               cifs_dbg(VFS, "Session Key   %*ph\n",
> +                        SMB2_NTLMV2_SESSKEY_SIZE, ses->auth_key.response);
> +               cifs_dbg(VFS, "Signing Key   %*ph\n",
> +                        SMB3_SIGN_KEY_SIZE, ses->auth_key.response);
> +       }
> +#endif
>  out:
>         kfree(ntlmssp_blob);
>         SMB2_sess_free_buffer(sess_data);
> --
> 2.13.6
>


-- 
Thanks,

Steve

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] cifs: dump the session id and keys also for SMB2 sessions
  2020-04-12  6:09 [PATCH] cifs: dump the session id and keys also for SMB2 sessions Ronnie Sahlberg
  2020-04-12 21:51 ` Steve French
@ 2020-04-15  8:00 ` Aurélien Aptel
  1 sibling, 0 replies; 3+ messages in thread
From: Aurélien Aptel @ 2020-04-15  8:00 UTC (permalink / raw)
  To: Ronnie Sahlberg, linux-cifs; +Cc: Ronnie Sahlberg

Ronnie Sahlberg <lsahlber@redhat.com> writes:
> We already dump these keys for SMB3, lets also dump it for SMB2
> sessions so that we can use the session key in wireshark to check and validate
> that the signatures are correct.

Sounds useful :)

Reviewed-by: Aurelien Aptel <aaptel@suse.com>

Cheers,
-- 
Aurélien Aptel / SUSE Labs Samba Team
GPG: 1839 CB5F 9F5B FB9B AA97  8C99 03C8 A49B 521B D5D3
SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nürnberg, DE
GF: Felix Imendörffer, Mary Higgins, Sri Rasiah HRB 247165 (AG München)

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2020-04-15  8:01 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-04-12  6:09 [PATCH] cifs: dump the session id and keys also for SMB2 sessions Ronnie Sahlberg
2020-04-12 21:51 ` Steve French
2020-04-15  8:00 ` Aurélien Aptel

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.