warren/markbase
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Fix SMB 2.x signing key: use session_base_key directly (not KDF)

Browse Source
This commit is contained in:
Warren
2026-06-24 22:29:05 +08:00
parent 6f223c9232
commit 12ddec24b4
1 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
vendor/smb-server/src/handlers/session_setup.rs vendored
View File

@@ -168,7 +168,7 @@ pub async fn handle(
.lock()
.unwrap_or_else(|poisoned| poisoned.into_inner());
let (acceptor, raw_form) = (&pair.0, pair.1);
let lookup = |u: &str, _d: &str| -> Option<UserCreds> { users.get(u).cloned() };
let lookup = |u: &str, _d: &str| -> Option<UserCreds> { users.get(&u.to_lowercase()).cloned() };
let outcome = match acceptor.authenticate(&inner_token, lookup) {
Ok(o) => o,
Err(e) => {
@@ -186,9 +186,14 @@ pub async fn handle(
let session_base_key = outcome.session_key;
let dialect = *conn.dialect.read().await;
// Signing key derivation per MS-SMB2 §3.1.4.1:
// - SMB 2.0.2/2.1: signing_key = session_base_key (direct, HMAC-SHA256)
// - SMB 3.0/3.0.2: signing_key = SMB2_kdf(session_key, "SMB2AESCMAC", "SmbSign") (AES-CMAC)
// - SMB 3.1.1: signing_key derived later with preauth hash
let signing_key = match dialect {
Some(Dialect::Smb311) => [0u8; 16],
Some(_) => signing_key_30(&session_base_key),
Some(Dialect::Smb311) => [0u8; 16], // Derived in dispatch with preauth hash
Some(Dialect::Smb300) | Some(Dialect::Smb302) => signing_key_30(&session_base_key),
Some(Dialect::Smb202) | Some(Dialect::Smb210) | Some(Dialect::Smb2Wildcard) => session_base_key, // Direct for SMB 2.x
None => return HandlerResponse::err(ntstatus::STATUS_INVALID_PARAMETER),
};