diff mbox series

cifs: dump the session id and keys also for SMB2 sessions

Message ID 20200412060926.30733-1-lsahlber@redhat.com (mailing list archive)
State New, archived
Headers show
Series cifs: dump the session id and keys also for SMB2 sessions | expand

Commit Message

Ronnie Sahlberg April 12, 2020, 6:09 a.m. UTC
We already dump these keys for SMB3, lets also dump it for SMB2
sessions so that we can use the session key in wireshark to check and validate
that the signatures are correct.

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
---
 fs/cifs/smb2pdu.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

Comments

Steve French April 12, 2020, 9:51 p.m. UTC | #1
tentatively merged into cifs-2.6.git for-next

On Sun, Apr 12, 2020 at 1:11 AM Ronnie Sahlberg <lsahlber@redhat.com> wrote:
>
> We already dump these keys for SMB3, lets also dump it for SMB2
> sessions so that we can use the session key in wireshark to check and validate
> that the signatures are correct.
>
> Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
> ---
>  fs/cifs/smb2pdu.c | 15 +++++++++++++++
>  1 file changed, 15 insertions(+)
>
> diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
> index 28c0be5e69b7..3ddb0fe6889a 100644
> --- a/fs/cifs/smb2pdu.c
> +++ b/fs/cifs/smb2pdu.c
> @@ -1541,6 +1541,21 @@ SMB2_sess_auth_rawntlmssp_authenticate(struct SMB2_sess_data *sess_data)
>         }
>
>         rc = SMB2_sess_establish_session(sess_data);
> +#ifdef CONFIG_CIFS_DEBUG_DUMP_KEYS
> +       if (ses->server->dialect < SMB30_PROT_ID) {
> +               cifs_dbg(VFS, "%s: dumping generated SMB2 session keys\n", __func__);
> +               /*
> +                * The session id is opaque in terms of endianness, so we can't
> +                * print it as a long long. we dump it as we got it on the wire
> +                */
> +               cifs_dbg(VFS, "Session Id    %*ph\n", (int)sizeof(ses->Suid),
> +                        &ses->Suid);
> +               cifs_dbg(VFS, "Session Key   %*ph\n",
> +                        SMB2_NTLMV2_SESSKEY_SIZE, ses->auth_key.response);
> +               cifs_dbg(VFS, "Signing Key   %*ph\n",
> +                        SMB3_SIGN_KEY_SIZE, ses->auth_key.response);
> +       }
> +#endif
>  out:
>         kfree(ntlmssp_blob);
>         SMB2_sess_free_buffer(sess_data);
> --
> 2.13.6
>
Aurélien Aptel April 15, 2020, 8 a.m. UTC | #2
Ronnie Sahlberg <lsahlber@redhat.com> writes:
> We already dump these keys for SMB3, lets also dump it for SMB2
> sessions so that we can use the session key in wireshark to check and validate
> that the signatures are correct.

Sounds useful :)

Reviewed-by: Aurelien Aptel <aaptel@suse.com>

Cheers,
diff mbox series

Patch

diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
index 28c0be5e69b7..3ddb0fe6889a 100644
--- a/fs/cifs/smb2pdu.c
+++ b/fs/cifs/smb2pdu.c
@@ -1541,6 +1541,21 @@  SMB2_sess_auth_rawntlmssp_authenticate(struct SMB2_sess_data *sess_data)
 	}
 
 	rc = SMB2_sess_establish_session(sess_data);
+#ifdef CONFIG_CIFS_DEBUG_DUMP_KEYS
+	if (ses->server->dialect < SMB30_PROT_ID) {
+		cifs_dbg(VFS, "%s: dumping generated SMB2 session keys\n", __func__);
+		/*
+		 * The session id is opaque in terms of endianness, so we can't
+		 * print it as a long long. we dump it as we got it on the wire
+		 */
+		cifs_dbg(VFS, "Session Id    %*ph\n", (int)sizeof(ses->Suid),
+			 &ses->Suid);
+		cifs_dbg(VFS, "Session Key   %*ph\n",
+			 SMB2_NTLMV2_SESSKEY_SIZE, ses->auth_key.response);
+		cifs_dbg(VFS, "Signing Key   %*ph\n",
+			 SMB3_SIGN_KEY_SIZE, ses->auth_key.response);
+	}
+#endif
 out:
 	kfree(ntlmssp_blob);
 	SMB2_sess_free_buffer(sess_data);