/*
send a create request
*/
struct smb2_request *smb2_create_send(struct smb2_tree *tree, struct smb2_create *io)
{
struct smb2_request *req;
NTSTATUS status;
DATA_BLOB blob = data_blob(NULL, 0);
req = smb2_request_init_tree(tree, SMB2_OP_CREATE, 0x38, True, 0);
if (req == NULL) return NULL;
SSVAL(req->out.body, 0x02, io->in.oplock_flags);
SIVAL(req->out.body, 0x04, io->in.impersonation);
SIVAL(req->out.body, 0x08, io->in.unknown3[0]);
SIVAL(req->out.body, 0x0C, io->in.unknown3[1]);
SIVAL(req->out.body, 0x10, io->in.unknown3[2]);
SIVAL(req->out.body, 0x14, io->in.unknown3[3]);
SIVAL(req->out.body, 0x18, io->in.access_mask);
SIVAL(req->out.body, 0x1C, io->in.file_attr);
SIVAL(req->out.body, 0x20, io->in.share_access);
SIVAL(req->out.body, 0x24, io->in.open_disposition);
SIVAL(req->out.body, 0x28, io->in.create_options);
status = smb2_push_o16s16_string(&req->out, 0x2C, io->in.fname);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
return NULL;
}
if (io->in.eas.num_eas != 0) {
DATA_BLOB b = data_blob_talloc(req, NULL,
ea_list_size_chained(io->in.eas.num_eas, io->in.eas.eas));
ea_put_list_chained(b.data, io->in.eas.num_eas, io->in.eas.eas);
status = smb2_create_blob_add(req, &blob, CREATE_TAG_EXTA, b, False);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
return NULL;
}
data_blob_free(&b);
}
/* an empty MxAc tag seems to be used to ask the server to
return the maximum access mask allowed on the file */
status = smb2_create_blob_add(req, &blob, CREATE_TAG_MXAC, data_blob(NULL, 0), True);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
return NULL;
}
status = smb2_push_o32s32_blob(&req->out, 0x30, blob);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
return NULL;
}
smb2_transport_send(req);
return req;
}
/*
Open a file using NTTRANS CREATE - async send
*/
static struct smbcli_request *smb_raw_nttrans_create_send(struct smbcli_tree *tree,
union smb_open *parms)
{
struct smb_nttrans nt;
uint8_t *params;
TALLOC_CTX *mem_ctx = talloc_new(tree);
uint16_t fname_len;
DATA_BLOB sd_blob, ea_blob;
struct smbcli_request *req;
nt.in.max_setup = 0;
nt.in.max_param = 101;
nt.in.max_data = 0;
nt.in.setup_count = 0;
nt.in.function = NT_TRANSACT_CREATE;
nt.in.setup = NULL;
sd_blob = data_blob(NULL, 0);
ea_blob = data_blob(NULL, 0);
if (parms->ntcreatex.in.sec_desc) {
enum ndr_err_code ndr_err;
ndr_err = ndr_push_struct_blob(&sd_blob, mem_ctx,
parms->ntcreatex.in.sec_desc,
(ndr_push_flags_fn_t)ndr_push_security_descriptor);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
talloc_free(mem_ctx);
return NULL;
}
}
if (parms->ntcreatex.in.ea_list) {
uint32_t ea_size = ea_list_size_chained(parms->ntcreatex.in.ea_list->num_eas,
parms->ntcreatex.in.ea_list->eas, 4);
ea_blob = data_blob_talloc(mem_ctx, NULL, ea_size);
if (ea_blob.data == NULL) {
return NULL;
}
ea_put_list_chained(ea_blob.data,
parms->ntcreatex.in.ea_list->num_eas,
parms->ntcreatex.in.ea_list->eas, 4);
}
nt.in.params = data_blob_talloc(mem_ctx, NULL, 53);
if (nt.in.params.data == NULL) {
talloc_free(mem_ctx);
return NULL;
}
/* build the parameter section */
params = nt.in.params.data;
SIVAL(params, 0, parms->ntcreatex.in.flags);
SIVAL(params, 4, parms->ntcreatex.in.root_fid.fnum);
SIVAL(params, 8, parms->ntcreatex.in.access_mask);
SBVAL(params, 12, parms->ntcreatex.in.alloc_size);
SIVAL(params, 20, parms->ntcreatex.in.file_attr);
SIVAL(params, 24, parms->ntcreatex.in.share_access);
SIVAL(params, 28, parms->ntcreatex.in.open_disposition);
SIVAL(params, 32, parms->ntcreatex.in.create_options);
SIVAL(params, 36, sd_blob.length);
SIVAL(params, 40, ea_blob.length);
SIVAL(params, 48, parms->ntcreatex.in.impersonation);
SCVAL(params, 52, parms->ntcreatex.in.security_flags);
/* the empty string first forces the correct alignment */
smbcli_blob_append_string(tree->session, mem_ctx, &nt.in.params,"", 0);
fname_len = smbcli_blob_append_string(tree->session, mem_ctx, &nt.in.params,
parms->ntcreatex.in.fname, STR_TERMINATE);
SIVAL(nt.in.params.data, 44, fname_len);
/* build the data section */
nt.in.data = data_blob_talloc(mem_ctx, NULL, sd_blob.length + ea_blob.length);
memcpy(nt.in.data.data, sd_blob.data, sd_blob.length);
memcpy(nt.in.data.data+sd_blob.length, ea_blob.data, ea_blob.length);
/* send the request on its way */
req = smb_raw_nttrans_send(tree, &nt);
talloc_free(mem_ctx);
return req;
}
NTSTATUS smbsrv_push_passthru_fileinfo(TALLOC_CTX *mem_ctx,
DATA_BLOB *blob,
enum smb_fileinfo_level level,
union smb_fileinfo *st,
int default_str_flags)
{
uint_t i;
size_t list_size;
switch (level) {
case RAW_FILEINFO_BASIC_INFORMATION:
BLOB_CHECK(smbsrv_blob_grow_data(mem_ctx, blob, 40));
push_nttime(blob->data, 0, st->basic_info.out.create_time);
push_nttime(blob->data, 8, st->basic_info.out.access_time);
push_nttime(blob->data, 16, st->basic_info.out.write_time);
push_nttime(blob->data, 24, st->basic_info.out.change_time);
SIVAL(blob->data, 32, st->basic_info.out.attrib);
SIVAL(blob->data, 36, 0); /* padding */
return NT_STATUS_OK;
case RAW_FILEINFO_NETWORK_OPEN_INFORMATION:
BLOB_CHECK(smbsrv_blob_grow_data(mem_ctx, blob, 56));
push_nttime(blob->data, 0, st->network_open_information.out.create_time);
push_nttime(blob->data, 8, st->network_open_information.out.access_time);
push_nttime(blob->data, 16, st->network_open_information.out.write_time);
push_nttime(blob->data, 24, st->network_open_information.out.change_time);
SBVAL(blob->data, 32, st->network_open_information.out.alloc_size);
SBVAL(blob->data, 40, st->network_open_information.out.size);
SIVAL(blob->data, 48, st->network_open_information.out.attrib);
SIVAL(blob->data, 52, 0); /* padding */
return NT_STATUS_OK;
case RAW_FILEINFO_STANDARD_INFORMATION:
BLOB_CHECK(smbsrv_blob_grow_data(mem_ctx, blob, 24));
SBVAL(blob->data, 0, st->standard_info.out.alloc_size);
SBVAL(blob->data, 8, st->standard_info.out.size);
SIVAL(blob->data, 16, st->standard_info.out.nlink);
SCVAL(blob->data, 20, st->standard_info.out.delete_pending);
SCVAL(blob->data, 21, st->standard_info.out.directory);
SSVAL(blob->data, 22, 0); /* padding */
return NT_STATUS_OK;
case RAW_FILEINFO_ATTRIBUTE_TAG_INFORMATION:
BLOB_CHECK(smbsrv_blob_grow_data(mem_ctx, blob, 8));
SIVAL(blob->data, 0, st->attribute_tag_information.out.attrib);
SIVAL(blob->data, 4, st->attribute_tag_information.out.reparse_tag);
return NT_STATUS_OK;
case RAW_FILEINFO_EA_INFORMATION:
BLOB_CHECK(smbsrv_blob_grow_data(mem_ctx, blob, 4));
SIVAL(blob->data, 0, st->ea_info.out.ea_size);
return NT_STATUS_OK;
case RAW_FILEINFO_MODE_INFORMATION:
BLOB_CHECK(smbsrv_blob_grow_data(mem_ctx, blob, 4));
SIVAL(blob->data, 0, st->mode_information.out.mode);
return NT_STATUS_OK;
case RAW_FILEINFO_ALIGNMENT_INFORMATION:
BLOB_CHECK(smbsrv_blob_grow_data(mem_ctx, blob, 4));
SIVAL(blob->data, 0,
st->alignment_information.out.alignment_requirement);
return NT_STATUS_OK;
case RAW_FILEINFO_ACCESS_INFORMATION:
BLOB_CHECK(smbsrv_blob_grow_data(mem_ctx, blob, 4));
SIVAL(blob->data, 0, st->access_information.out.access_flags);
return NT_STATUS_OK;
case RAW_FILEINFO_POSITION_INFORMATION:
BLOB_CHECK(smbsrv_blob_grow_data(mem_ctx, blob, 8));
SBVAL(blob->data, 0, st->position_information.out.position);
return NT_STATUS_OK;
case RAW_FILEINFO_COMPRESSION_INFORMATION:
BLOB_CHECK(smbsrv_blob_grow_data(mem_ctx, blob, 16));
SBVAL(blob->data, 0, st->compression_info.out.compressed_size);
SSVAL(blob->data, 8, st->compression_info.out.format);
SCVAL(blob->data, 10, st->compression_info.out.unit_shift);
SCVAL(blob->data, 11, st->compression_info.out.chunk_shift);
SCVAL(blob->data, 12, st->compression_info.out.cluster_shift);
SSVAL(blob->data, 13, 0); /* 3 bytes padding */
SCVAL(blob->data, 15, 0);
return NT_STATUS_OK;
case RAW_FILEINFO_INTERNAL_INFORMATION:
BLOB_CHECK(smbsrv_blob_grow_data(mem_ctx, blob, 8));
SBVAL(blob->data, 0, st->internal_information.out.file_id);
return NT_STATUS_OK;
case RAW_FILEINFO_ALL_INFORMATION:
BLOB_CHECK(smbsrv_blob_grow_data(mem_ctx, blob, 72));
push_nttime(blob->data, 0, st->all_info.out.create_time);
push_nttime(blob->data, 8, st->all_info.out.access_time);
push_nttime(blob->data, 16, st->all_info.out.write_time);
push_nttime(blob->data, 24, st->all_info.out.change_time);
SIVAL(blob->data, 32, st->all_info.out.attrib);
SIVAL(blob->data, 36, 0); /* padding */
SBVAL(blob->data, 40, st->all_info.out.alloc_size);
SBVAL(blob->data, 48, st->all_info.out.size);
SIVAL(blob->data, 56, st->all_info.out.nlink);
SCVAL(blob->data, 60, st->all_info.out.delete_pending);
SCVAL(blob->data, 61, st->all_info.out.directory);
SSVAL(blob->data, 62, 0); /* padding */
SIVAL(blob->data, 64, st->all_info.out.ea_size);
BLOB_CHECK(smbsrv_blob_append_string(mem_ctx, blob,
st->all_info.out.fname.s,
68, default_str_flags,
STR_UNICODE));
return NT_STATUS_OK;
case RAW_FILEINFO_NAME_INFORMATION:
BLOB_CHECK(smbsrv_blob_grow_data(mem_ctx, blob, 4));
BLOB_CHECK(smbsrv_blob_append_string(mem_ctx, blob,
st->name_info.out.fname.s,
0, default_str_flags,
STR_UNICODE));
return NT_STATUS_OK;
case RAW_FILEINFO_ALT_NAME_INFORMATION:
BLOB_CHECK(smbsrv_blob_grow_data(mem_ctx, blob, 4));
BLOB_CHECK(smbsrv_blob_append_string(mem_ctx, blob,
st->alt_name_info.out.fname.s,
0, default_str_flags,
STR_UNICODE));
return NT_STATUS_OK;
case RAW_FILEINFO_STREAM_INFORMATION:
for (i=0;i<st->stream_info.out.num_streams;i++) {
uint32_t data_size = blob->length;
uint8_t *data;
BLOB_CHECK(smbsrv_blob_grow_data(mem_ctx, blob, data_size + 24));
data = blob->data + data_size;
SBVAL(data, 8, st->stream_info.out.streams[i].size);
SBVAL(data, 16, st->stream_info.out.streams[i].alloc_size);
BLOB_CHECK(smbsrv_blob_append_string(mem_ctx, blob,
st->stream_info.out.streams[i].stream_name.s,
data_size + 4, default_str_flags,
STR_UNICODE));
if (i == st->stream_info.out.num_streams - 1) {
SIVAL(blob->data, data_size, 0);
} else {
BLOB_CHECK(smbsrv_blob_fill_data(mem_ctx, blob, (blob->length+7)&~7));
SIVAL(blob->data, data_size,
blob->length - data_size);
}
}
return NT_STATUS_OK;
case RAW_FILEINFO_SMB2_ALL_EAS:
/* if no eas are returned the backend should
* have returned NO_EAS_ON_FILE or NO_MORE_EAS
*
* so it's a programmer error if num_eas == 0
*/
if (st->all_eas.out.num_eas == 0) {
smb_panic("0 eas for SMB2_ALL_EAS - programmer error in ntvfs backend");
}
list_size = ea_list_size_chained(st->all_eas.out.num_eas,
st->all_eas.out.eas);
BLOB_CHECK(smbsrv_blob_grow_data(mem_ctx, blob, list_size));
ea_put_list_chained(blob->data,
st->all_eas.out.num_eas,
st->all_eas.out.eas);
return NT_STATUS_OK;
case RAW_FILEINFO_SMB2_ALL_INFORMATION:
BLOB_CHECK(smbsrv_blob_grow_data(mem_ctx, blob, 0x64));
push_nttime(blob->data, 0x00, st->all_info2.out.create_time);
push_nttime(blob->data, 0x08, st->all_info2.out.access_time);
push_nttime(blob->data, 0x10, st->all_info2.out.write_time);
push_nttime(blob->data, 0x18, st->all_info2.out.change_time);
SIVAL(blob->data, 0x20, st->all_info2.out.attrib);
SIVAL(blob->data, 0x24, st->all_info2.out.unknown1);
SBVAL(blob->data, 0x28, st->all_info2.out.alloc_size);
SBVAL(blob->data, 0x30, st->all_info2.out.size);
SIVAL(blob->data, 0x38, st->all_info2.out.nlink);
SCVAL(blob->data, 0x3C, st->all_info2.out.delete_pending);
SCVAL(blob->data, 0x3D, st->all_info2.out.directory);
SSVAL(blob->data, 0x3E, 0); /* padding */
SBVAL(blob->data, 0x40, st->all_info2.out.file_id);
SIVAL(blob->data, 0x48, st->all_info2.out.ea_size);
SIVAL(blob->data, 0x4C, st->all_info2.out.access_mask);
SBVAL(blob->data, 0x50, st->all_info2.out.position);
SBVAL(blob->data, 0x58, st->all_info2.out.mode);
BLOB_CHECK(smbsrv_blob_append_string(mem_ctx, blob,
st->all_info2.out.fname.s,
0x60, default_str_flags,
STR_UNICODE));
return NT_STATUS_OK;
default:
return NT_STATUS_INVALID_LEVEL;
}
return NT_STATUS_INVALID_LEVEL;
}
/*
send a create request
*/
struct smb2_request *smb2_create_send(struct smb2_tree *tree, struct smb2_create *io)
{
struct smb2_request *req;
NTSTATUS status;
DATA_BLOB blob;
struct smb2_create_blobs blobs;
int i;
ZERO_STRUCT(blobs);
req = smb2_request_init_tree(tree, SMB2_OP_CREATE, 0x38, true, 0);
if (req == NULL) return NULL;
SCVAL(req->out.body, 0x02, io->in.security_flags);
SCVAL(req->out.body, 0x03, io->in.oplock_level);
SIVAL(req->out.body, 0x04, io->in.impersonation_level);
SBVAL(req->out.body, 0x08, io->in.create_flags);
SBVAL(req->out.body, 0x10, io->in.reserved);
SIVAL(req->out.body, 0x18, io->in.desired_access);
SIVAL(req->out.body, 0x1C, io->in.file_attributes);
SIVAL(req->out.body, 0x20, io->in.share_access);
SIVAL(req->out.body, 0x24, io->in.create_disposition);
SIVAL(req->out.body, 0x28, io->in.create_options);
status = smb2_push_o16s16_string(&req->out, 0x2C, io->in.fname);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
return NULL;
}
/* now add all the optional blobs */
if (io->in.eas.num_eas != 0) {
DATA_BLOB b = data_blob_talloc(req, NULL,
ea_list_size_chained(io->in.eas.num_eas, io->in.eas.eas, 4));
ea_put_list_chained(b.data, io->in.eas.num_eas, io->in.eas.eas, 4);
status = smb2_create_blob_add(req, &blobs,
SMB2_CREATE_TAG_EXTA, b);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
return NULL;
}
data_blob_free(&b);
}
/* an empty MxAc tag seems to be used to ask the server to
return the maximum access mask allowed on the file */
if (io->in.query_maximal_access) {
/* TODO: MS-SMB2 2.2.13.2.5 says this can contain a timestamp? What to do
with that if it doesn't match? */
status = smb2_create_blob_add(req, &blobs,
SMB2_CREATE_TAG_MXAC, data_blob(NULL, 0));
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
return NULL;
}
}
if (io->in.alloc_size != 0) {
uint8_t data[8];
SBVAL(data, 0, io->in.alloc_size);
status = smb2_create_blob_add(req, &blobs,
SMB2_CREATE_TAG_ALSI, data_blob_const(data, 8));
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
return NULL;
}
}
if (io->in.durable_open) {
status = smb2_create_blob_add(req, &blobs,
SMB2_CREATE_TAG_DHNQ, data_blob_talloc_zero(req, 16));
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
return NULL;
}
}
if (io->in.durable_handle) {
uint8_t data[16];
smb2_push_handle(data, io->in.durable_handle);
status = smb2_create_blob_add(req, &blobs,
SMB2_CREATE_TAG_DHNC, data_blob_const(data, 16));
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
return NULL;
}
}
if (io->in.timewarp) {
uint8_t data[8];
SBVAL(data, 0, io->in.timewarp);
status = smb2_create_blob_add(req, &blobs,
SMB2_CREATE_TAG_TWRP, data_blob_const(data, 8));
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
return NULL;
}
}
if (io->in.sec_desc) {
enum ndr_err_code ndr_err;
DATA_BLOB sd_blob;
ndr_err = ndr_push_struct_blob(&sd_blob, req, io->in.sec_desc,
(ndr_push_flags_fn_t)ndr_push_security_descriptor);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
talloc_free(req);
return NULL;
}
status = smb2_create_blob_add(req, &blobs,
SMB2_CREATE_TAG_SECD, sd_blob);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
return NULL;
}
}
if (io->in.query_on_disk_id) {
status = smb2_create_blob_add(req, &blobs,
SMB2_CREATE_TAG_QFID, data_blob(NULL, 0));
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
return NULL;
}
}
if (io->in.lease_request) {
uint8_t data[32];
memcpy(&data[0], &io->in.lease_request->lease_key, 16);
SIVAL(data, 16, io->in.lease_request->lease_state);
SIVAL(data, 20, io->in.lease_request->lease_flags);
SBVAL(data, 24, io->in.lease_request->lease_duration);
status = smb2_create_blob_add(req, &blobs,
SMB2_CREATE_TAG_RQLS,
data_blob_const(data, 32));
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
return NULL;
}
}
/* and any custom blobs */
for (i=0;i<io->in.blobs.num_blobs;i++) {
status = smb2_create_blob_add(req, &blobs,
io->in.blobs.blobs[i].tag,
io->in.blobs.blobs[i].data);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
return NULL;
}
}
status = smb2_create_blob_push(req, &blob, blobs);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
return NULL;
}
status = smb2_push_o32s32_blob(&req->out, 0x30, blob);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
return NULL;
}
data_blob_free(&blob);
smb2_transport_send(req);
return req;
}
