static
BOOLEAN
RdrTreeConnect2Complete(
PRDR_OP_CONTEXT pContext,
NTSTATUS status,
PVOID pParam
)
{
PRDR_TREE2 pTree = pParam;
BAIL_ON_NT_STATUS(status);
cleanup:
if (status != STATUS_PENDING)
{
RdrContinueContext(pContext->State.TreeConnect.pContinue, status, pTree);
RdrFreeTreeConnectContext(pContext);
}
return FALSE;
error:
if (status != STATUS_PENDING && pTree)
{
RdrTree2Release(pTree);
pTree = NULL;
}
goto cleanup;
}
static
BOOLEAN
RdrQueryDfsReferral2Complete(
PRDR_OP_CONTEXT pContext,
NTSTATUS status,
PVOID pParam
)
{
PSMB_PACKET pPacket = pParam;
PBYTE pOutput = NULL;
ULONG ulOutputSize = 0;
BAIL_ON_NT_STATUS(status);
status = pPacket->pSMB2Header->error;
switch (status)
{
case STATUS_NO_SUCH_FILE:
case STATUS_NO_SUCH_DEVICE:
case STATUS_NOT_FOUND:
/* Referral failed -- insert negative cache entry */
pOutput = NULL;
ulOutputSize = 0;
status = STATUS_SUCCESS;
break;
default:
BAIL_ON_NT_STATUS(status);
status = RdrSmb2DecodeIoctlResponse(pPacket, &pOutput, &ulOutputSize);
BAIL_ON_NT_STATUS(status);
}
status = RdrDfsRegisterNamespace(
pContext->State.DfsConnect.pwszNamespace,
(PDFS_RESPONSE_HEADER) pOutput,
(USHORT) ulOutputSize);
BAIL_ON_NT_STATUS(status);
status = RdrDfsConnectAttempt(pContext);
BAIL_ON_NT_STATUS(status);
cleanup:
RdrFreePacket(pPacket);
if (status != STATUS_PENDING)
{
RdrContinueContext(pContext->State.DfsConnect.pContinue, status, NULL);
RTL_FREE(&pContext->State.DfsConnect.pwszNamespace);
RTL_FREE(pContext->State.DfsConnect.ppwszCanonicalPath);
RTL_FREE(pContext->State.DfsConnect.ppwszFilePath);
RdrFreeContext(pContext);
}
return FALSE;
error:
goto cleanup;
}
VOID
RdrContinueContextList(
PLW_LIST_LINKS pList,
NTSTATUS status,
PVOID pParam
)
{
PRDR_OP_CONTEXT pContext = NULL;
PLW_LIST_LINKS pLink = NULL;
PLW_LIST_LINKS pNext = NULL;
for (pLink = pList->Next; pLink != pList; pLink = pNext)
{
pNext = pLink->Next;
pContext = LW_STRUCT_FROM_FIELD(pLink, RDR_OP_CONTEXT, Link);
LwListRemove(pLink);
if (RdrContinueContext(pContext, status, pParam))
{
LwListInsertBefore(pNext, pLink);
}
}
}
BOOLEAN
RdrProcessNegotiateResponse2(
PRDR_OP_CONTEXT pContext,
NTSTATUS status,
PVOID pParam
)
{
PRDR_SOCKET pSocket = pContext->State.TreeConnect.pSocket;
PSMB_PACKET pPacket = pParam;
BOOLEAN bFreeContext = FALSE;
BOOLEAN bSocketLocked = FALSE;
PRDR_SMB2_NEGOTIATE_RESPONSE_HEADER pHeader = NULL;
PBYTE pNegHint = NULL;
ULONG ulNegHintLength = 0;
BAIL_ON_NT_STATUS(status);
status = pPacket->pSMB2Header->error;
BAIL_ON_NT_STATUS(status);
LWIO_LOCK_MUTEX(bSocketLocked, &pSocket->mutex);
status = RdrSmb2DecodeNegotiateResponse(
pPacket,
&pHeader,
&pNegHint,
&ulNegHintLength);
BAIL_ON_NT_STATUS(status);
pSocket->ulMaxTransactSize = pHeader->ulMaxTransactionSize;
pSocket->ulMaxReadSize = pHeader->ulMaxReadSize;
pSocket->ulMaxWriteSize = pHeader->ulMaxWriteSize;
pSocket->capabilities = pHeader->ulCapabilities;
pSocket->ucSecurityMode = pHeader->ucSecurityMode;
pSocket->securityBlobLen = ulNegHintLength;
status = LwIoAllocateMemory(
pSocket->securityBlobLen,
(PVOID *) &pSocket->pSecurityBlob);
BAIL_ON_NT_STATUS(status);
memcpy(pSocket->pSecurityBlob,
pNegHint,
pSocket->securityBlobLen);
status = RdrSocketSetProtocol(pSocket, SMB_PROTOCOL_VERSION_2);
BAIL_ON_NT_STATUS(status);
pSocket->state = RDR_SOCKET_STATE_READY;
RdrNotifyContextList(
&pSocket->StateWaiters,
bSocketLocked,
&pSocket->mutex,
STATUS_SUCCESS,
pSocket);
LWIO_UNLOCK_MUTEX(bSocketLocked, &pSocket->mutex);
RdrNegotiateComplete2(pContext, STATUS_SUCCESS, pSocket);
status = STATUS_PENDING;
BAIL_ON_NT_STATUS(status);
cleanup:
LWIO_UNLOCK_MUTEX(bSocketLocked, &pSocket->mutex);
if (status != STATUS_PENDING)
{
RdrContinueContext(pContext->State.TreeConnect.pContinue, status, NULL);
bFreeContext = TRUE;
}
if (bFreeContext)
{
RdrFreeTreeConnectContext(pContext);
}
RdrFreePacket(pPacket);
return FALSE;
error:
if (status != STATUS_PENDING && pSocket)
{
LWIO_UNLOCK_MUTEX(bSocketLocked, &pSocket->mutex);
RdrSocketInvalidate(pSocket, status);
RdrSocketRelease(pSocket);
}
goto cleanup;
}
static
BOOLEAN
RdrSessionSetupComplete2(
PRDR_OP_CONTEXT pContext,
NTSTATUS status,
PVOID pParam
)
{
PRDR_SESSION2 pSession = pParam;
PRDR_TREE2 pTree = NULL;
BOOLEAN bTreeLocked = FALSE;
BOOLEAN bFreeContext = FALSE;
BAIL_ON_NT_STATUS(status);
status = RdrTree2FindOrCreate(
&pSession,
pContext->State.TreeConnect.pwszSharename,
&pTree);
BAIL_ON_NT_STATUS(status);
pContext->State.TreeConnect.pTree2 = pTree;
LWIO_LOCK_MUTEX(bTreeLocked, &pTree->mutex);
switch (pTree->state)
{
case RDR_TREE_STATE_NOT_READY:
pTree->state = RDR_TREE_STATE_INITIALIZING;
pContext->Continue = RdrFinishTreeConnect2;
status = RdrTransceiveTreeConnect2(pContext, pTree, pTree->pwszPath);
BAIL_ON_NT_STATUS(status);
break;
case RDR_TREE_STATE_INITIALIZING:
pContext->Continue = RdrTreeConnect2Complete;
LwListInsertTail(&pTree->StateWaiters, &pContext->Link);
bFreeContext = TRUE;
status = STATUS_PENDING;
break;
case RDR_TREE_STATE_READY:
RdrTreeConnect2Complete(pContext, status, pTree);
status = STATUS_PENDING;
BAIL_ON_NT_STATUS(status);
break;
case RDR_TREE_STATE_ERROR:
status = pTree->error;
BAIL_ON_NT_STATUS(status);
break;
}
cleanup:
LWIO_UNLOCK_MUTEX(bTreeLocked, &pTree->mutex);
if (status != STATUS_PENDING)
{
RdrContinueContext(pContext->State.TreeConnect.pContinue, status, NULL);
bFreeContext = TRUE;
}
if (bFreeContext)
{
RdrFreeTreeConnectContext(pContext);
}
return FALSE;
error:
if (status != STATUS_PENDING && pTree)
{
LWIO_UNLOCK_MUTEX(bTreeLocked, &pTree->mutex);
RdrTree2Invalidate(pTree, status);
RdrTree2Release(pTree);
}
if (status != STATUS_PENDING && pSession)
{
RdrSession2Release(pSession);
}
goto cleanup;
}
static
BOOLEAN
RdrProcessSessionSetupResponse2(
PRDR_OP_CONTEXT pContext,
NTSTATUS status,
PVOID pParam
)
{
PRDR_SESSION2 pSession = pContext->State.TreeConnect.pSession2;
PSMB_PACKET pPacket = pParam;
BOOLEAN bSessionLocked = FALSE;
BOOLEAN bFreeContext = FALSE;
BAIL_ON_NT_STATUS(status);
LWIO_LOCK_MUTEX(bSessionLocked, &pSession->mutex);
if (pPacket)
{
status = pPacket->pSMB2Header->error;
if (status == STATUS_MORE_PROCESSING_REQUIRED)
{
status = STATUS_SUCCESS;
}
BAIL_ON_NT_STATUS(status);
pSession->ullSessionId = pPacket->pSMB2Header->ullSessionId;
}
/* Save the packet on the context for RdrNegotiateGssContextWorkItem2 */
pContext->State.TreeConnect.pPacket = pPacket;
pPacket = NULL;
/* Dispatch a work item to negotiate the GSS context in a separate thread.
Because GSS-API could potentially block in a network call (KRB5)
or an IPC call (NTLM), calling into it directly from the socket task
could cause a deadlock. */
status = LwRtlQueueWorkItem(
gRdrRuntime.pThreadPool,
RdrNegotiateGssContextWorkItem2,
pContext,
0);
BAIL_ON_NT_STATUS(status);
status = STATUS_PENDING;
BAIL_ON_NT_STATUS(status);
cleanup:
LWIO_UNLOCK_MUTEX(bSessionLocked, &pSession->mutex);
if (status != STATUS_PENDING)
{
RdrContinueContext(pContext->State.TreeConnect.pContinue, status, NULL);
bFreeContext = TRUE;
}
if (bFreeContext)
{
RdrFreeTreeConnectContext(pContext);
}
RdrFreePacket(pPacket);
return FALSE;
error:
if (status != STATUS_PENDING && pSession)
{
LWIO_UNLOCK_MUTEX(bSessionLocked, &pSession->mutex);
RdrSession2Invalidate(pSession, status);
RdrSession2Release(pSession);
}
goto cleanup;
}
BOOLEAN
RdrNegotiateComplete2(
PRDR_OP_CONTEXT pContext,
NTSTATUS status,
PVOID pParam
)
{
PRDR_SOCKET pSocket = pParam;
PRDR_SESSION2 pSession = NULL;
BOOLEAN bSessionLocked = FALSE;
BOOLEAN bFreeContext = FALSE;
PIO_CREDS pCreds = pContext->State.TreeConnect.pCreds;
BAIL_ON_NT_STATUS(status);
if (pContext->State.TreeConnect.bStopOnDfs &&
pSocket->capabilities & RDR_SMB2_CAP_DFS)
{
status = STATUS_DFS_EXIT_PATH_FOUND;
BAIL_ON_NT_STATUS(status);
}
status = RdrSession2FindOrCreate(
&pSocket,
pContext->State.TreeConnect.pCreds,
pContext->State.TreeConnect.Uid,
&pSession);
BAIL_ON_NT_STATUS(status);
pContext->State.TreeConnect.pSession2 = pSession;
LWIO_LOCK_MUTEX(bSessionLocked, &pSession->mutex);
switch (pSession->state)
{
case RDR_SESSION_STATE_NOT_READY:
pSession->state = RDR_SESSION_STATE_INITIALIZING;
switch (pCreds->type)
{
case IO_CREDS_TYPE_KRB5_TGT:
status = SMBCredTokenToKrb5CredCache(
pCreds,
&pContext->State.TreeConnect.pszCachePath);
BAIL_ON_NT_STATUS(status);
break;
case IO_CREDS_TYPE_PLAIN:
break;
default:
status = STATUS_ACCESS_DENIED;
BAIL_ON_NT_STATUS(status);
}
LWIO_UNLOCK_MUTEX(bSessionLocked, &pSession->mutex);
RdrProcessSessionSetupResponse2(pContext, STATUS_SUCCESS, NULL);
status = STATUS_PENDING;
BAIL_ON_NT_STATUS(status);
break;
case RDR_SESSION_STATE_INITIALIZING:
pContext->Continue = RdrSessionSetupComplete2;
LwListInsertTail(&pSession->StateWaiters, &pContext->Link);
status = STATUS_PENDING;
BAIL_ON_NT_STATUS(status);
break;
case RDR_SESSION_STATE_READY:
LWIO_UNLOCK_MUTEX(bSessionLocked, &pSession->mutex);
RdrSessionSetupComplete2(pContext, status, pSession);
status = STATUS_PENDING;
BAIL_ON_NT_STATUS(status);
break;
case RDR_SESSION_STATE_ERROR:
status = pSession->error;
BAIL_ON_NT_STATUS(status);
break;
}
cleanup:
LWIO_UNLOCK_MUTEX(bSessionLocked, &pSession->mutex);
if (status != STATUS_PENDING)
{
RdrContinueContext(pContext->State.TreeConnect.pContinue, status, NULL);
bFreeContext = TRUE;
}
if (bFreeContext)
{
RdrFreeTreeConnectContext(pContext);
}
return FALSE;
error:
if (status != STATUS_PENDING && pSession)
{
LWIO_UNLOCK_MUTEX(bSessionLocked, &pSession->mutex);
if (status != STATUS_DFS_EXIT_PATH_FOUND)
{
RdrSession2Invalidate(pSession, status);
}
RdrSession2Release(pSession);
}
if (status != STATUS_PENDING && pSocket)
{
if (status != STATUS_DFS_EXIT_PATH_FOUND)
{
RdrSocketInvalidate(pSocket, status);
}
RdrSocketRelease(pSocket);
}
goto cleanup;
}
static
BOOLEAN
RdrProcessNegotiateResponse(
PRDR_OP_CONTEXT pContext,
NTSTATUS status,
PVOID pParam
)
{
PRDR_SOCKET pSocket = pContext->State.TreeConnect.pSocket;
PSMB_PACKET pPacket = pParam;
BOOLEAN bSocketLocked = FALSE;
BOOLEAN bFreeContext = FALSE;
PBYTE pGUID = NULL;
PBYTE pSecurityBlob = NULL;
DWORD securityBlobLen = 0;
NEGOTIATE_RESPONSE_HEADER* pHeader = NULL;
BAIL_ON_NT_STATUS(status);
/* As a special case, it is possible to receive an SMB2 negotiate response
* from an SMB1 negotiate request.
*/
if (pPacket->protocolVer == SMB_PROTOCOL_VERSION_2)
{
/* Short-circuit to SMB2 code path in connect2.c */
return RdrProcessNegotiateResponse2(pContext, status, pParam);
}
LWIO_LOCK_MUTEX(bSocketLocked, &pSocket->mutex);
status = pPacket->pSMBHeader->error;
BAIL_ON_NT_STATUS(status);
status = UnmarshallNegotiateResponse(
pPacket->pParams,
pPacket->bufferUsed - (pPacket->pParams - pPacket->pRawBuffer),
&pHeader,
&pGUID,
&pSecurityBlob,
&securityBlobLen);
BAIL_ON_NT_STATUS(status);
// byte order conversions
SMB_LTOH16_INPLACE(pHeader->dialectIndex);
SMB_LTOH8_INPLACE(pHeader->securityMode);
SMB_LTOH16_INPLACE(pHeader->maxMpxCount);
SMB_LTOH16_INPLACE(pHeader->maxNumberVcs);
SMB_LTOH32_INPLACE(pHeader->maxBufferSize);
SMB_LTOH32_INPLACE(pHeader->maxRawSize);
SMB_LTOH32_INPLACE(pHeader->sessionKey);
SMB_LTOH32_INPLACE(pHeader->capabilities);
SMB_LTOH32_INPLACE(pHeader->systemTimeLow);
SMB_LTOH32_INPLACE(pHeader->systemTimeHigh);
SMB_LTOH16_INPLACE(pHeader->serverTimeZone);
SMB_LTOH8_INPLACE(pHeader->encryptionKeyLength);
SMB_LTOH16_INPLACE(pHeader->byteCount);
pSocket->ulMaxTransactSize = pHeader->maxBufferSize;
pSocket->maxRawSize = pHeader->maxRawSize;
pSocket->sessionKey = pHeader->sessionKey;
pSocket->capabilities = pHeader->capabilities;
pSocket->ucSecurityMode = pHeader->securityMode;
pSocket->usMaxSlots = pHeader->maxMpxCount;
pSocket->securityBlobLen = securityBlobLen;
status = LwIoAllocateMemory(
pSocket->securityBlobLen,
(PVOID *) &pSocket->pSecurityBlob);
BAIL_ON_NT_STATUS(status);
memcpy(pSocket->pSecurityBlob,
pSecurityBlob,
pSocket->securityBlobLen);
status = RdrSocketSetProtocol(pSocket, SMB_PROTOCOL_VERSION_1);
BAIL_ON_NT_STATUS(status);
pSocket->state = RDR_SOCKET_STATE_READY;
RdrNotifyContextList(
&pSocket->StateWaiters,
bSocketLocked,
&pSocket->mutex,
STATUS_SUCCESS,
pSocket);
LWIO_UNLOCK_MUTEX(bSocketLocked, &pSocket->mutex);
RdrNegotiateComplete(pContext, STATUS_SUCCESS, pSocket);
status = STATUS_PENDING;
BAIL_ON_NT_STATUS(status);
cleanup:
LWIO_UNLOCK_MUTEX(bSocketLocked, &pSocket->mutex);
if (status != STATUS_PENDING)
{
RdrContinueContext(pContext->State.TreeConnect.pContinue, status, NULL);
bFreeContext = TRUE;
}
if (bFreeContext)
{
RdrFreeTreeConnectContext(pContext);
}
RdrFreePacket(pPacket);
return FALSE;
error:
if (status != STATUS_PENDING)
{
LWIO_UNLOCK_MUTEX(bSocketLocked, &pSocket->mutex);
RdrSocketInvalidate(pSocket, status);
RdrSocketRelease(pSocket);
}
goto cleanup;
}
static
BOOLEAN
RdrNegotiateComplete(
PRDR_OP_CONTEXT pContext,
NTSTATUS status,
PVOID pParam
)
{
PRDR_SOCKET pSocket = pParam;
PRDR_SESSION pSession = NULL;
BOOLEAN bSessionLocked = FALSE;
BOOLEAN bFreeContext = FALSE;
PIO_CREDS pCreds = pContext->State.TreeConnect.pCreds;
BAIL_ON_NT_STATUS(status);
/* Several op contexts could be queued with this function
* as the continue routine before we transition to SMB2 mode,
* so we need to hand off to the correct function in this case.
* Subsequent attempts should go straight to connect2.c
*/
if (pSocket->version == SMB_PROTOCOL_VERSION_2)
{
/* Short circuit to SMB2 session setup logic in connect2.c */
return RdrNegotiateComplete2(pContext, status, pParam);
}
if (pContext->State.TreeConnect.bStopOnDfs &&
pSocket->capabilities & CAP_DFS)
{
/* Abort tree connect because we need to do DFS referral processing first */
status = STATUS_DFS_EXIT_PATH_FOUND;
BAIL_ON_NT_STATUS(status);
}
status = RdrSessionFindOrCreate(
&pSocket,
pContext->State.TreeConnect.pCreds,
pContext->State.TreeConnect.Uid,
&pSession);
BAIL_ON_NT_STATUS(status);
pContext->State.TreeConnect.pSession = pSession;
LWIO_LOCK_MUTEX(bSessionLocked, &pSession->mutex);
switch (pSession->state)
{
case RDR_SESSION_STATE_NOT_READY:
pSession->state = RDR_SESSION_STATE_INITIALIZING;
switch (pCreds->type)
{
case IO_CREDS_TYPE_KRB5_TGT:
status = SMBCredTokenToKrb5CredCache(
pCreds,
&pContext->State.TreeConnect.pszCachePath);
BAIL_ON_NT_STATUS(status);
break;
case IO_CREDS_TYPE_PLAIN:
break;
default:
status = STATUS_ACCESS_DENIED;
BAIL_ON_NT_STATUS(status);
}
LWIO_UNLOCK_MUTEX(bSessionLocked, &pSession->mutex);
RdrProcessSessionSetupResponse(pContext, STATUS_SUCCESS, NULL);
status = STATUS_PENDING;
BAIL_ON_NT_STATUS(status);
break;
case RDR_SESSION_STATE_INITIALIZING:
pContext->Continue = RdrSessionSetupComplete;
LwListInsertTail(&pSession->StateWaiters, &pContext->Link);
status = STATUS_PENDING;
BAIL_ON_NT_STATUS(status);
break;
case RDR_SESSION_STATE_READY:
LWIO_UNLOCK_MUTEX(bSessionLocked, &pSession->mutex);
RdrSessionSetupComplete(pContext, status, pSession);
status = STATUS_PENDING;
BAIL_ON_NT_STATUS(status);
break;
case RDR_SESSION_STATE_ERROR:
status = pSession->error;
BAIL_ON_NT_STATUS(status);
break;
}
cleanup:
LWIO_UNLOCK_MUTEX(bSessionLocked, &pSession->mutex);
if (status != STATUS_PENDING)
{
RdrContinueContext(pContext->State.TreeConnect.pContinue, status, NULL);
bFreeContext = TRUE;
}
if (bFreeContext)
{
RdrFreeTreeConnectContext(pContext);
}
return FALSE;
error:
if (status != STATUS_PENDING && pSession)
{
LWIO_UNLOCK_MUTEX(bSessionLocked, &pSession->mutex);
if (status != STATUS_DFS_EXIT_PATH_FOUND)
{
RdrSessionInvalidate(pSession, status);
}
RdrSessionRelease(pSession);
}
if (status != STATUS_PENDING && pSocket)
{
if (status != STATUS_DFS_EXIT_PATH_FOUND)
{
RdrSocketInvalidate(pSocket, status);
}
RdrSocketRelease(pSocket);
}
goto cleanup;
}
