| Message ID | 20200412060926.30733-1-lsahlber@redhat.com |
|---|---|
| State | New |
| Headers | show |
| Series | cifs: dump the session id and keys also for SMB2 sessions | expand |
tentatively merged into cifs-2.6.git for-next On Sun, Apr 12, 2020 at 1:11 AM Ronnie Sahlberg <lsahlber@redhat.com> wrote: > > We already dump these keys for SMB3, lets also dump it for SMB2 > sessions so that we can use the session key in wireshark to check and validate > that the signatures are correct. > > Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com> > --- > fs/cifs/smb2pdu.c | 15 +++++++++++++++ > 1 file changed, 15 insertions(+) > > diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c > index 28c0be5e69b7..3ddb0fe6889a 100644 > --- a/fs/cifs/smb2pdu.c > +++ b/fs/cifs/smb2pdu.c > @@ -1541,6 +1541,21 @@ SMB2_sess_auth_rawntlmssp_authenticate(struct SMB2_sess_data *sess_data) > } > > rc = SMB2_sess_establish_session(sess_data); > +#ifdef CONFIG_CIFS_DEBUG_DUMP_KEYS > + if (ses->server->dialect < SMB30_PROT_ID) { > + cifs_dbg(VFS, "%s: dumping generated SMB2 session keys\n", __func__); > + /* > + * The session id is opaque in terms of endianness, so we can't > + * print it as a long long. we dump it as we got it on the wire > + */ > + cifs_dbg(VFS, "Session Id %*ph\n", (int)sizeof(ses->Suid), > + &ses->Suid); > + cifs_dbg(VFS, "Session Key %*ph\n", > + SMB2_NTLMV2_SESSKEY_SIZE, ses->auth_key.response); > + cifs_dbg(VFS, "Signing Key %*ph\n", > + SMB3_SIGN_KEY_SIZE, ses->auth_key.response); > + } > +#endif > out: > kfree(ntlmssp_blob); > SMB2_sess_free_buffer(sess_data); > -- > 2.13.6 >
Ronnie Sahlberg <lsahlber@redhat.com> writes: > We already dump these keys for SMB3, lets also dump it for SMB2 > sessions so that we can use the session key in wireshark to check and validate > that the signatures are correct. Sounds useful :) Reviewed-by: Aurelien Aptel <aaptel@suse.com> Cheers,
diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c index 28c0be5e69b7..3ddb0fe6889a 100644 --- a/fs/cifs/smb2pdu.c +++ b/fs/cifs/smb2pdu.c @@ -1541,6 +1541,21 @@ SMB2_sess_auth_rawntlmssp_authenticate(struct SMB2_sess_data *sess_data) } rc = SMB2_sess_establish_session(sess_data); +#ifdef CONFIG_CIFS_DEBUG_DUMP_KEYS + if (ses->server->dialect < SMB30_PROT_ID) { + cifs_dbg(VFS, "%s: dumping generated SMB2 session keys\n", __func__); + /* + * The session id is opaque in terms of endianness, so we can't + * print it as a long long. we dump it as we got it on the wire + */ + cifs_dbg(VFS, "Session Id %*ph\n", (int)sizeof(ses->Suid), + &ses->Suid); + cifs_dbg(VFS, "Session Key %*ph\n", + SMB2_NTLMV2_SESSKEY_SIZE, ses->auth_key.response); + cifs_dbg(VFS, "Signing Key %*ph\n", + SMB3_SIGN_KEY_SIZE, ses->auth_key.response); + } +#endif out: kfree(ntlmssp_blob); SMB2_sess_free_buffer(sess_data);
We already dump these keys for SMB3, lets also dump it for SMB2 sessions so that we can use the session key in wireshark to check and validate that the signatures are correct. Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com> --- fs/cifs/smb2pdu.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+)