Merge pull request #33 from kishikawakatsumi/fix-shareenumall-permiss…

…ions Fix permission settings for ShareEnumAll requests
kishikawakatsumi · Jul 22, 2024 · 4bf1603 · 4bf1603
2 parents fea8eeb + 298eb96
commit 4bf1603
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 9 deletions.
diff --git a/Sources/SMBClient/Messages/Header.swift b/Sources/SMBClient/Messages/Header.swift
@@ -7,7 +7,7 @@ public struct Header {
   public let status: UInt32
   public let command: UInt16
   public let creditRequestResponse: UInt16
-  public let flags: Flags
+  public internal(set) var flags: Flags
   public internal(set) var nextCommand: UInt32
   public let messageId: UInt64
   public let reserved: UInt32
@@ -16,7 +16,7 @@ public struct Header {
   public internal(set) var signature: Data
 
   public init(
-    creditCharge: UInt16 = 0,
+    creditCharge: UInt16 = 1,
     command: Command,
     creditRequest: UInt16 = 0,
     flags: Flags,

diff --git a/Sources/SMBClient/Messages/SessionSetup.swift b/Sources/SMBClient/Messages/SessionSetup.swift
@@ -58,7 +58,7 @@ public enum SessionSetup {
       header = Header(
         creditCharge: 1,
         command: .sessionSetup,
-        creditRequest: 64,
+        creditRequest: 0,
         flags: [],
         nextCommand: 0,
         messageId: messageId,

diff --git a/Sources/SMBClient/NTLM.swift b/Sources/SMBClient/NTLM.swift
@@ -18,7 +18,6 @@ public enum NTLM {
         .negotiateVersion,
         .negotiateTargetInfo,
         .negotiateExtendedSecurity,
-        .negotiateTargetTypeServer,
         .negotiateAlwaysSign,
         .negotiateNetware,
         .negotiateSeal,
@@ -203,13 +202,11 @@ public enum NTLM {
       self.encryptedRandomSessionKey = Fields(value: encryptedRandomSessionKey ?? Data(), offset: self.workstationName.bufferOffset + UInt32(self.workstationName.len))
 
       negotiateFlags = [
-        .negotiate56,
         .negotiateKeyExchange,
         .negotiate128,
         .negotiateVersion,
         .negotiateTargetInfo,
         .negotiateExtendedSecurity,
-        .negotiateTargetTypeServer,
         .negotiateAlwaysSign,
         .negotiateNetware,
         .negotiateSeal,

diff --git a/Sources/SMBClient/Session.swift b/Sources/SMBClient/Session.swift
@@ -68,11 +68,11 @@ public class Session {
     try await treeConnect(path: "IPC$")
 
     let createResponse = try await create(
-      desiredAccess: [],
+      desiredAccess: [.readData, .writeData, .appendData, .readAttributes],
       fileAttributes: [.normal],
       shareAccess: [.read, .write],
       createDisposition: .open,
-      createOptions: [],
+      createOptions: [.nonDirectoryFile],
       name: "srvsvc"
     )
     try await bind(fileId: createResponse.fileId)
@@ -717,8 +717,10 @@ public class Session {
 
   private func sign(_ payload: Data) -> Data {
     if let signingKey {
-      let signature = Crypto.hmacSHA256(key: signingKey, data: payload)[..<16]
       var header = Header(data: payload[..<64])
+      header.flags = header.flags.union(.signed)
+
+      let signature = Crypto.hmacSHA256(key: signingKey, data: header.encoded() + payload[64...])[..<16]
       header.signature = signature
       return header.encoded() + payload[64...]
     } else {