/*******************************************************************
reads or writes a structure.
********************************************************************/
char* samr_io_q_close(BOOL io, SAMR_Q_CLOSE *q_u, char *q, char *base, int align, int depth)
{
if (q_u == NULL) return NULL;
DEBUG(5,("%s%04x samr_io_q_unknown_1\n", tab_depth(depth), PTR_DIFF(q, base)));
depth++;
q = align_offset(q, base, align);
q = smb_io_pol_hnd(io, &(q_u->pol), q, base, align, depth);
q = align_offset(q, base, align);
return q;
}
/*******************************************************************
reads or writes a structure.
********************************************************************/
char* samr_io_r_unknown_24(BOOL io, SAMR_R_UNKNOWN_24 *r_u, char *q, char *base, int align, int depth)
{
if (r_u == NULL) return NULL;
DEBUG(5,("%s%04x samr_io_r_unknown_24\n", tab_depth(depth), PTR_DIFF(q, base)));
depth++;
q = align_offset(q, base, align);
DBG_RW_IVAL("ptr ", depth, base, io, q, r_u->ptr ); q += 4;
DBG_RW_SVAL("unknown_0 ", depth, base, io, q, r_u->unknown_0 ); q += 2;
DBG_RW_SVAL("unknown_1 ", depth, base, io, q, r_u->unknown_1 ); q += 2;
DBG_RW_PCVAL(False, "padding_0 ", depth, base, io, q, r_u->padding_0 , sizeof(r_u->padding_0)); q += sizeof(r_u->padding_0);
q = smb_io_time(io, &(r_u->expiry), q, base, align, depth);
DBG_RW_PCVAL(False, "padding_1 ", depth, base, io, q, r_u->padding_1 , sizeof(r_u->padding_1)); q += sizeof(r_u->padding_1);
q = smb_io_unihdr (io, &(r_u->hdr_mach_acct), q, base, align, depth);
DBG_RW_IVAL("padding_2 ", depth, base, io, q, r_u->padding_2 ); q += 4;
DBG_RW_IVAL("ptr_1 ", depth, base, io, q, r_u->ptr_1 ); q += 4;
DBG_RW_PCVAL(False, "padding_3 ", depth, base, io, q, r_u->padding_3 , sizeof(r_u->padding_3)); q += sizeof(r_u->padding_3);
DBG_RW_IVAL("padding_4 ", depth, base, io, q, r_u->padding_4 ); q += 4;
DBG_RW_IVAL("ptr_2 ", depth, base, io, q, r_u->ptr_2 ); q += 4;
DBG_RW_IVAL("padding_5 ", depth, base, io, q, r_u->padding_5 ); q += 4;
DBG_RW_IVAL("ptr_3 ", depth, base, io, q, r_u->ptr_3 ); q += 4;
DBG_RW_PCVAL(False, "padding_6 ", depth, base, io, q, r_u->padding_6 , sizeof(r_u->padding_6)); q += sizeof(r_u->padding_6);
DBG_RW_IVAL("unknown_id_0", depth, base, io, q, r_u->unknown_id_0); q += 4;
DBG_RW_SVAL("unknown_2 ", depth, base, io, q, r_u->unknown_2 ); q += 2;
DBG_RW_IVAL("unknown_3 ", depth, base, io, q, r_u->unknown_3 ); q += 4;
DBG_RW_SVAL("unknown_4 ", depth, base, io, q, r_u->unknown_4 ); q += 2;
DBG_RW_SVAL("unknown_5 ", depth, base, io, q, r_u->unknown_5 ); q += 2;
DBG_RW_PCVAL(False, "padding_7 ", depth, base, io, q, r_u->padding_7 , sizeof(r_u->padding_7)); q += sizeof(r_u->padding_7);
DBG_RW_IVAL("padding_8 ", depth, base, io, q, r_u->padding_8 ); q += 4;
q = smb_io_unistr2(io, &(r_u->uni_mach_acct), q, base, align, depth);
q = align_offset(q, base, align);
DBG_RW_PCVAL(False, "padding_9 ", depth, base, io, q, r_u->padding_9 , sizeof(r_u->padding_9)); q += sizeof(r_u->padding_9);
DBG_RW_IVAL("status", depth, base, io, q, r_u->status); q += 4;
return q;
}
/*******************************************************************
reads or writes a structure.
********************************************************************/
char* samr_io_r_open_secret(BOOL io, SAMR_R_OPEN_SECRET *r_u, char *q, char *base, int align, int depth)
{
if (r_u == NULL) return NULL;
DEBUG(5,("%s%04x samr_io_r_open_secret\n", tab_depth(depth), PTR_DIFF(q, base)));
depth++;
q = align_offset(q, base, align);
q = smb_io_pol_hnd(io, &(r_u->pol), q, base, align, depth);
q = align_offset(q, base, align);
DBG_RW_IVAL("status", depth, base, io, q, r_u->status); q += 4;
return q;
}
int qcow2_snapshot_load_tmp(BlockDriverState *bs, const char *snapshot_name)
{
int i, snapshot_index, l1_size2;
BDRVQcowState *s = bs->opaque;
QCowSnapshot *sn;
snapshot_index = find_snapshot_by_id_or_name(bs, snapshot_name);
if (snapshot_index < 0) {
return -ENOENT;
}
sn = &s->snapshots[snapshot_index];
s->l1_size = sn->l1_size;
l1_size2 = s->l1_size * sizeof(uint64_t);
if (s->l1_table != NULL) {
g_free(s->l1_table);
}
s->l1_table_offset = sn->l1_table_offset;
s->l1_table = g_malloc0(align_offset(l1_size2, 512));
if (bdrv_pread(bs->file, sn->l1_table_offset,
s->l1_table, l1_size2) != l1_size2) {
return -1;
}
for(i = 0; i < s->l1_size; i++) {
be64_to_cpus(&s->l1_table[i]);
}
return 0;
}
/*******************************************************************
reads or writes a structure.
********************************************************************/
char* samr_io_q_open_policy(BOOL io, SAMR_Q_OPEN_POLICY *q_u, char *q, char *base, int align, int depth)
{
if (q_u == NULL) return NULL;
DEBUG(5,("%s%04x samr_io_q_open_policy\n", tab_depth(depth), PTR_DIFF(q, base)));
depth++;
q = align_offset(q, base, align);
DBG_RW_IVAL("ptr_srv_name", depth, base, io, q, q_u->ptr_srv_name); q += 4;
q = smb_io_unistr2(io, &(q_u->uni_srv_name), q, base, align, depth);
q = align_offset(q, base, align);
DBG_RW_IVAL("unknown_0 ", depth, base, io, q, q_u->unknown_0 ); q += 4;
return q;
}
/*******************************************************************
reads or writes a structure.
********************************************************************/
char* samr_io_q_unknown_24(BOOL io, SAMR_Q_UNKNOWN_24 *q_u, char *q, char *base, int align, int depth)
{
if (q_u == NULL) return NULL;
DEBUG(5,("%s%04x samr_io_q_unknown_24\n", tab_depth(depth), PTR_DIFF(q, base)));
depth++;
q = align_offset(q, base, align);
q = smb_io_pol_hnd(io, &(q_u->pol), q, base, align, depth);
q = align_offset(q, base, align);
DBG_RW_SVAL("unknown_0", depth, base, io, q, q_u->unknown_0); q += 2; /* 0x0015 or 0x0011 */
q = align_offset(q, base, align);
return q;
}
int qcow2_snapshot_load_tmp(BlockDriverState *bs,
const char *snapshot_id,
const char *name,
Error **errp)
{
int i, snapshot_index;
BDRVQcow2State *s = bs->opaque;
QCowSnapshot *sn;
uint64_t *new_l1_table;
int new_l1_bytes;
int ret;
assert(bs->read_only);
/* Search the snapshot */
snapshot_index = find_snapshot_by_id_and_name(bs, snapshot_id, name);
if (snapshot_index < 0) {
error_setg(errp,
"Can't find snapshot");
return -ENOENT;
}
sn = &s->snapshots[snapshot_index];
/* Allocate and read in the snapshot's L1 table */
if (sn->l1_size > QCOW_MAX_L1_SIZE / sizeof(uint64_t)) {
error_setg(errp, "Snapshot L1 table too large");
return -EFBIG;
}
new_l1_bytes = sn->l1_size * sizeof(uint64_t);
new_l1_table = qemu_try_blockalign(bs->file->bs,
align_offset(new_l1_bytes, 512));
if (new_l1_table == NULL) {
return -ENOMEM;
}
ret = bdrv_pread(bs->file->bs, sn->l1_table_offset,
new_l1_table, new_l1_bytes);
if (ret < 0) {
error_setg(errp, "Failed to read l1 table for snapshot");
qemu_vfree(new_l1_table);
return ret;
}
/* Switch the L1 table */
qemu_vfree(s->l1_table);
s->l1_size = sn->l1_size;
s->l1_table_offset = sn->l1_table_offset;
s->l1_table = new_l1_table;
for(i = 0;i < s->l1_size; i++) {
be64_to_cpus(&s->l1_table[i]);
}
return 0;
}
void *chain_allocator::allocate(size_t n)
{
if (n > m_block_size)
{
return NULL;
}
int offset = align_offset(m_pcurrent_chunk->m_block_pointer);
if (m_pcurrent_chunk->m_block_pointer + n+offset > m_block_size)
{
InterlockedExchange(&m_pcurrent_chunk->m_block_pointer,0);
claim_block();
}
offset = align_offset(m_pcurrent_chunk->m_block_pointer);
char * ptr = & m_pcurrent_chunk->m_pblock[ m_pcurrent_chunk->m_block_pointer+ offset];
InterlockedExchange(&m_pcurrent_chunk->m_block_pointer,m_pcurrent_chunk->m_block_pointer + offset+n);
m_pcurrent_chunk->Increase();
return ptr;
}
/*******************************************************************
reads or writes a structure.
********************************************************************/
char* samr_io_q_open_secret(BOOL io, SAMR_Q_OPEN_SECRET *q_u, char *q, char *base, int align, int depth)
{
if (q_u == NULL) return NULL;
DEBUG(5,("%s%04x samr_io_q_open_secret\n", tab_depth(depth), PTR_DIFF(q, base)));
depth++;
q = align_offset(q, base, align);
q = smb_io_pol_hnd(io, &(q_u->pol), q, base, align, depth);
q = align_offset(q, base, align);
DBG_RW_IVAL("unknown_0", depth, base, io, q, q_u->unknown_0); q += 4;
q = smb_io_dom_sid(io, &(q_u->dom_sid), q, base, align, depth);
q = align_offset(q, base, align);
return q;
}
int qcow2_read_snapshots(BlockDriverState *bs)
{
BDRVQcowState *s = bs->opaque;
QCowSnapshotHeader h;
QCowSnapshot *sn;
int i, id_str_size, name_size;
int64_t offset;
uint32_t extra_data_size;
if (!s->nb_snapshots) {
s->snapshots = NULL;
s->snapshots_size = 0;
return 0;
}
offset = s->snapshots_offset;
s->snapshots = qemu_mallocz(s->nb_snapshots * sizeof(QCowSnapshot));
for(i = 0; i < s->nb_snapshots; i++) {
offset = align_offset(offset, 8);
if (bdrv_pread(s->hd, offset, &h, sizeof(h)) != sizeof(h))
goto fail;
offset += sizeof(h);
sn = s->snapshots + i;
sn->l1_table_offset = be64_to_cpu(h.l1_table_offset);
sn->l1_size = be32_to_cpu(h.l1_size);
sn->vm_state_size = be32_to_cpu(h.vm_state_size);
sn->date_sec = be32_to_cpu(h.date_sec);
sn->date_nsec = be32_to_cpu(h.date_nsec);
sn->vm_clock_nsec = be64_to_cpu(h.vm_clock_nsec);
extra_data_size = be32_to_cpu(h.extra_data_size);
id_str_size = be16_to_cpu(h.id_str_size);
name_size = be16_to_cpu(h.name_size);
offset += extra_data_size;
sn->id_str = qemu_malloc(id_str_size + 1);
if (bdrv_pread(s->hd, offset, sn->id_str, id_str_size) != id_str_size)
goto fail;
offset += id_str_size;
sn->id_str[id_str_size] = '\0';
sn->name = qemu_malloc(name_size + 1);
if (bdrv_pread(s->hd, offset, sn->name, name_size) != name_size)
goto fail;
offset += name_size;
sn->name[name_size] = '\0';
}
s->snapshots_size = offset - s->snapshots_offset;
return 0;
fail:
qcow2_free_snapshots(bs);
return -1;
}
/*******************************************************************
reads or writes a structure.
********************************************************************/
char* samr_io_q_unknown_32(BOOL io, SAMR_Q_UNKNOWN_32 *q_u, char *q, char *base, int align, int depth)
{
if (q_u == NULL) return NULL;
DEBUG(5,("%s%04x samr_io_q_unknown_32\n", tab_depth(depth), PTR_DIFF(q, base)));
depth++;
q = align_offset(q, base, align);
q = smb_io_pol_hnd(io, &(q_u->pol), q, base, align, depth);
q = align_offset(q, base, align);
q = smb_io_unihdr (io, &(q_u->hdr_mach_acct), q, base, align, depth);
q = smb_io_unistr2(io, &(q_u->uni_mach_acct), q, base, align, depth);
q = align_offset(q, base, align);
DBG_RW_IVAL("unknown_0", depth, base, io, q, q_u->unknown_0); q += 4;
DBG_RW_SVAL("unknown_1", depth, base, io, q, q_u->unknown_1); q += 2;
DBG_RW_SVAL("unknown_2", depth, base, io, q, q_u->unknown_2); q += 2;
return q;
}
/*******************************************************************
reads or writes a structure.
********************************************************************/
char* samr_io_q_lookup_rids(BOOL io, SAMR_Q_LOOKUP_RIDS *q_u, char *q, char *base, int align, int depth)
{
if (q_u == NULL) return NULL;
DEBUG(5,("%s%04x samr_io_q_lookup_rids\n", tab_depth(depth), PTR_DIFF(q, base)));
depth++;
q = align_offset(q, base, align);
q = smb_io_pol_hnd(io, &(q_u->pol), q, base, align, depth);
q = align_offset(q, base, align);
DBG_RW_IVAL("num_rids1", depth, base, io, q, q_u->num_rids1); q += 4;
DBG_RW_IVAL("rid ", depth, base, io, q, q_u->rid ); q += 4;
DBG_RW_IVAL("ptr ", depth, base, io, q, q_u->ptr ); q += 4;
DBG_RW_IVAL("num_rids2", depth, base, io, q, q_u->num_rids2); q += 4;
q = smb_io_unihdr (io, &(q_u->hdr_mach_acct), q, base, align, depth);
q = smb_io_unistr2(io, &(q_u->uni_mach_acct), q, base, align, depth);
q = align_offset(q, base, align);
return q;
}
int qcow2_snapshot_load_tmp(BlockDriverState *bs, const char *snapshot_name)
{
int i, snapshot_index;
BDRVQcowState *s = bs->opaque;
QCowSnapshot *sn;
uint64_t *new_l1_table;
int new_l1_bytes;
int ret;
assert(bs->read_only);
/* Search the snapshot */
snapshot_index = find_snapshot_by_id_or_name(bs, snapshot_name);
if (snapshot_index < 0) {
return -ENOENT;
}
sn = &s->snapshots[snapshot_index];
/* Allocate and read in the snapshot's L1 table */
new_l1_bytes = s->l1_size * sizeof(uint64_t);
new_l1_table = g_malloc0(align_offset(new_l1_bytes, 512));
ret = bdrv_pread(bs->file, sn->l1_table_offset, new_l1_table, new_l1_bytes);
if (ret < 0) {
g_free(new_l1_table);
return ret;
}
/* Switch the L1 table */
g_free(s->l1_table);
s->l1_size = sn->l1_size;
s->l1_table_offset = sn->l1_table_offset;
s->l1_table = new_l1_table;
for(i = 0; i < s->l1_size; i++) {
be64_to_cpus(&s->l1_table[i]);
}
return 0;
}
/*******************************************************************
reads or writes a structure.
********************************************************************/
char* samr_io_r_lookup_rids(BOOL io, SAMR_R_LOOKUP_RIDS *r_u, char *q, char *base, int align, int depth)
{
if (r_u == NULL) return NULL;
DEBUG(5,("%s%04x samr_io_r_lookup_rids\n", tab_depth(depth), PTR_DIFF(q, base)));
depth++;
q = align_offset(q, base, align);
DBG_RW_IVAL("num_entries ", depth, base, io, q, r_u->num_entries ); q += 4;
DBG_RW_IVAL("undoc_buffer", depth, base, io, q, r_u->undoc_buffer); q += 4;
DBG_RW_IVAL("num_entries2", depth, base, io, q, r_u->num_entries2); q += 4;
q = smb_io_dom_rid3(io, &(r_u->dom_rid[0]), q, base, align, depth);
DBG_RW_IVAL("num_entries3", depth, base, io, q, r_u->num_entries3); q += 4;
DBG_RW_IVAL("status", depth, base, io, q, r_u->status); q += 4;
return q;
}
/****************************************************************************
do a LSA Authenticate 2
****************************************************************************/
BOOL do_lsa_auth2(uint16 fnum, uint32 call_id,
char *logon_srv, char *acct_name, uint16 sec_chan, char *comp_name,
DOM_CHAL *clnt_chal, uint32 neg_flags, DOM_CHAL *srv_chal)
{
char *rparam = NULL;
char *rdata = NULL;
char *p;
int rdrcnt,rprcnt;
pstring data; /* only 1024 bytes */
uint16 setup[2]; /* only need 2 uint16 setup parameters */
LSA_Q_AUTH_2 q_a;
BOOL valid_chal = False;
if (srv_chal == NULL || clnt_chal == NULL) return False;
/* create and send a MSRPC command with api LSA_AUTH2 */
DEBUG(4,("LSA Authenticate 2: srv:%s acct:%s sc:%x mc: %s chal %s neg: %lx\n",
logon_srv, acct_name, sec_chan, comp_name,
credstr(clnt_chal->data), neg_flags));
/* store the parameters */
make_q_auth_2(&q_a, logon_srv, acct_name, sec_chan, comp_name,
clnt_chal, neg_flags);
/* turn parameters into data stream */
p = lsa_io_q_auth_2(False, &q_a, data + 0x18, data, 4, 0);
/* create the request RPC_HDR_RR _after_ the main data: length is now known */
create_rpc_request(call_id, LSA_AUTH2, data, PTR_DIFF(p, data));
/* create setup parameters. */
setup[0] = 0x0026; /* 0x26 indicates "transact named pipe" */
setup[1] = fnum; /* file handle, from the SMBcreateX pipe, earlier */
/* send the data on \PIPE\ */
if (cli_call_api("\\PIPE\\", 0,
0, PTR_DIFF(p, data), 2,
1024, BUFFER_SIZE,
&rprcnt,&rdrcnt,
NULL, data, setup,
&rparam,&rdata))
{
LSA_R_AUTH_2 r_a;
RPC_HDR_RR hdr;
int hdr_len;
int pkt_len;
DEBUG(5, ("cli_call_api: return OK\n"));
p = rdata;
if (p) p = smb_io_rpc_hdr_rr (True, &hdr, p, rdata, 4, 0);
if (p) p = align_offset(p, rdata, 4); /* oh, what a surprise */
hdr_len = PTR_DIFF(p, rdata);
if (p && hdr_len != hdr.hdr.frag_len - hdr.alloc_hint)
{
/* header length not same as calculated header length */
DEBUG(2,("do_lsa_auth2: hdr_len %x != frag_len-alloc_hint %x\n",
hdr_len, hdr.hdr.frag_len - hdr.alloc_hint));
p = NULL;
}
if (p) p = lsa_io_r_auth_2(True, &r_a, p, rdata, 4, 0);
pkt_len = PTR_DIFF(p, rdata);
if (p && pkt_len != hdr.hdr.frag_len)
{
/* packet data size not same as reported fragment length */
DEBUG(2,("do_lsa_auth2: pkt_len %x != frag_len \n",
pkt_len, hdr.hdr.frag_len));
p = NULL;
}
if (p && r_a.status != 0)
{
/* report error code */
DEBUG(0,("LSA_AUTH2: nt_status error %lx\n", r_a.status));
p = NULL;
}
if (p && r_a.srv_flgs.neg_flags != q_a.clnt_flgs.neg_flags)
{
/* report different neg_flags */
DEBUG(0,("LSA_AUTH2: error neg_flags (q,r) differ - (%lx,%lx)\n",
q_a.clnt_flgs.neg_flags, r_a.srv_flgs.neg_flags));
p = NULL;
}
if (p)
{
/* ok, at last: we're happy. return the challenge */
memcpy(srv_chal, r_a.srv_chal.data, sizeof(srv_chal->data));
valid_chal = True;
}
}
if (rparam) free(rparam);
if (rdata) free(rdata);
return valid_chal;
}
/***************************************************************************
do a LSA SAM Logoff
****************************************************************************/
BOOL do_lsa_sam_logoff(uint16 fnum, uint32 call_id,
uchar sess_key[8], DOM_CRED *sto_clnt_cred,
char *logon_srv, char *comp_name,
DOM_CRED *clnt_cred, DOM_CRED *rtn_cred,
uint16 logon_level, uint16 switch_value, DOM_ID_INFO_1 *id1,
DOM_CRED *srv_cred)
{
char *rparam = NULL;
char *rdata = NULL;
char *p;
int rdrcnt,rprcnt;
pstring data; /* only 1024 bytes */
uint16 setup[2]; /* only need 2 uint16 setup parameters */
LSA_Q_SAM_LOGOFF q_s;
BOOL valid_cred = False;
if (srv_cred == NULL || clnt_cred == NULL || rtn_cred == NULL) return False;
/* create and send a MSRPC command with api LSA_SAMLOGON */
DEBUG(4,("LSA SAM Logoff: srv:%s mc:%s clnt %s %lx rtn: %s %lx ll: %d\n",
logon_srv, comp_name,
credstr(clnt_cred->challenge.data), clnt_cred->timestamp.time,
credstr(rtn_cred->challenge.data), rtn_cred ->timestamp.time,
logon_level));
/* store the parameters */
make_sam_info(&(q_s.sam_id), logon_srv, comp_name,
clnt_cred, rtn_cred, logon_level, switch_value, id1);
/* turn parameters into data stream */
p = lsa_io_q_sam_logoff(False, &q_s, data + 0x18, data, 4, 0);
/* create the request RPC_HDR_RR _after_ the main data: length is now known */
create_rpc_request(call_id, LSA_SAMLOGOFF, data, PTR_DIFF(p, data));
/* create setup parameters. */
setup[0] = 0x0026; /* 0x26 indicates "transact named pipe" */
setup[1] = fnum; /* file handle, from the SMBcreateX pipe, earlier */
/* send the data on \PIPE\ */
if (cli_call_api("\\PIPE\\", 0,
0, PTR_DIFF(p, data), 2,
1024, BUFFER_SIZE,
&rprcnt,&rdrcnt,
NULL, data, setup,
&rparam,&rdata))
{
LSA_R_SAM_LOGOFF r_s;
RPC_HDR_RR hdr;
int hdr_len;
int pkt_len;
DEBUG(5, ("cli_call_api: return OK\n"));
p = rdata;
if (p) p = smb_io_rpc_hdr_rr (True, &hdr, p, rdata, 4, 0);
if (p) p = align_offset(p, rdata, 4); /* oh, what a surprise */
hdr_len = PTR_DIFF(p, rdata);
if (p && hdr_len != hdr.hdr.frag_len - hdr.alloc_hint)
{
/* header length not same as calculated header length */
DEBUG(2,("do_lsa_sam_logoff: hdr_len %x != frag_len-alloc_hint %x\n",
hdr_len, hdr.hdr.frag_len - hdr.alloc_hint));
p = NULL;
}
if (p) p = lsa_io_r_sam_logoff(True, &r_s, p, rdata, 4, 0);
pkt_len = PTR_DIFF(p, rdata);
if (p && pkt_len != hdr.hdr.frag_len)
{
/* packet data size not same as reported fragment length */
DEBUG(2,("do_lsa_sam_logoff: pkt_len %x != frag_len \n",
pkt_len, hdr.hdr.frag_len));
p = NULL;
}
if (p && r_s.status != 0)
{
/* report error code */
DEBUG(0,("LSA_SAMLOGOFF: nt_status error %lx\n", r_s.status));
p = NULL;
}
if (p)
{
if (clnt_deal_with_creds(sess_key, sto_clnt_cred, &(r_s.srv_creds)))
{
DEBUG(5, ("do_lsa_sam_logoff: server credential check OK\n"));
/* ok, at last: we're happy. return the challenge */
memcpy(srv_cred, &(r_s.srv_creds), sizeof(r_s.srv_creds));
valid_cred = True;
}
else
{
DEBUG(5, ("do_lsa_sam_logoff: server credential check failed\n"));
}
}
}
if (rparam) free(rparam);
if (rdata) free(rdata);
return valid_cred;
}
static inline int calc_dir_entry_size(size_t name_size, size_t extra_data_size)
{
return align_offset(sizeof(Qcow2BitmapDirEntry) +
name_size + extra_data_size, 8);
}
/* add at the end of the file a new list of snapshots */
static int qcow2_write_snapshots(BlockDriverState *bs)
{
BDRVQcowState *s = bs->opaque;
QCowSnapshot *sn;
QCowSnapshotHeader h;
QCowSnapshotExtraData extra;
int i, name_size, id_str_size, snapshots_size;
struct {
uint32_t nb_snapshots;
uint64_t snapshots_offset;
} QEMU_PACKED header_data;
int64_t offset, snapshots_offset;
int ret;
/* compute the size of the snapshots */
offset = 0;
for(i = 0; i < s->nb_snapshots; i++) {
sn = s->snapshots + i;
offset = align_offset(offset, 8);
offset += sizeof(h);
offset += sizeof(extra);
offset += strlen(sn->id_str);
offset += strlen(sn->name);
}
snapshots_size = offset;
/* Allocate space for the new snapshot list */
snapshots_offset = qcow2_alloc_clusters(bs, snapshots_size);
offset = snapshots_offset;
if (offset < 0) {
return offset;
}
ret = bdrv_flush(bs);
if (ret < 0) {
return ret;
}
/* The snapshot list position has not yet been updated, so these clusters
* must indeed be completely free */
ret = qcow2_pre_write_overlap_check(bs, QCOW2_OL_DEFAULT, offset,
s->snapshots_size);
if (ret < 0) {
return ret;
}
/* Write all snapshots to the new list */
for(i = 0; i < s->nb_snapshots; i++) {
sn = s->snapshots + i;
memset(&h, 0, sizeof(h));
h.l1_table_offset = cpu_to_be64(sn->l1_table_offset);
h.l1_size = cpu_to_be32(sn->l1_size);
/* If it doesn't fit in 32 bit, older implementations should treat it
* as a disk-only snapshot rather than truncate the VM state */
if (sn->vm_state_size <= 0xffffffff) {
h.vm_state_size = cpu_to_be32(sn->vm_state_size);
}
h.date_sec = cpu_to_be32(sn->date_sec);
h.date_nsec = cpu_to_be32(sn->date_nsec);
h.vm_clock_nsec = cpu_to_be64(sn->vm_clock_nsec);
h.extra_data_size = cpu_to_be32(sizeof(extra));
memset(&extra, 0, sizeof(extra));
extra.vm_state_size_large = cpu_to_be64(sn->vm_state_size);
extra.disk_size = cpu_to_be64(sn->disk_size);
id_str_size = strlen(sn->id_str);
name_size = strlen(sn->name);
h.id_str_size = cpu_to_be16(id_str_size);
h.name_size = cpu_to_be16(name_size);
offset = align_offset(offset, 8);
ret = bdrv_pwrite(bs->file, offset, &h, sizeof(h));
if (ret < 0) {
goto fail;
}
offset += sizeof(h);
ret = bdrv_pwrite(bs->file, offset, &extra, sizeof(extra));
if (ret < 0) {
goto fail;
}
offset += sizeof(extra);
ret = bdrv_pwrite(bs->file, offset, sn->id_str, id_str_size);
if (ret < 0) {
goto fail;
}
offset += id_str_size;
ret = bdrv_pwrite(bs->file, offset, sn->name, name_size);
if (ret < 0) {
goto fail;
}
offset += name_size;
}
/*
* Update the header to point to the new snapshot table. This requires the
* new table and its refcounts to be stable on disk.
*/
ret = bdrv_flush(bs);
if (ret < 0) {
goto fail;
}
QEMU_BUILD_BUG_ON(offsetof(QCowHeader, snapshots_offset) !=
offsetof(QCowHeader, nb_snapshots) + sizeof(header_data.nb_snapshots));
header_data.nb_snapshots = cpu_to_be32(s->nb_snapshots);
header_data.snapshots_offset = cpu_to_be64(snapshots_offset);
ret = bdrv_pwrite_sync(bs->file, offsetof(QCowHeader, nb_snapshots),
&header_data, sizeof(header_data));
if (ret < 0) {
goto fail;
}
/* free the old snapshot table */
qcow2_free_clusters(bs, s->snapshots_offset, s->snapshots_size,
QCOW2_DISCARD_SNAPSHOT);
s->snapshots_offset = snapshots_offset;
s->snapshots_size = snapshots_size;
return 0;
fail:
return ret;
}
int qcow2_read_snapshots(BlockDriverState *bs)
{
BDRVQcowState *s = bs->opaque;
QCowSnapshotHeader h;
QCowSnapshotExtraData extra;
QCowSnapshot *sn;
int i, id_str_size, name_size;
int64_t offset;
uint32_t extra_data_size;
int ret;
if (!s->nb_snapshots) {
s->snapshots = NULL;
s->snapshots_size = 0;
return 0;
}
offset = s->snapshots_offset;
s->snapshots = g_malloc0(s->nb_snapshots * sizeof(QCowSnapshot));
for(i = 0; i < s->nb_snapshots; i++) {
/* Read statically sized part of the snapshot header */
offset = align_offset(offset, 8);
ret = bdrv_pread(bs->file, offset, &h, sizeof(h));
if (ret < 0) {
goto fail;
}
offset += sizeof(h);
sn = s->snapshots + i;
sn->l1_table_offset = be64_to_cpu(h.l1_table_offset);
sn->l1_size = be32_to_cpu(h.l1_size);
sn->vm_state_size = be32_to_cpu(h.vm_state_size);
sn->date_sec = be32_to_cpu(h.date_sec);
sn->date_nsec = be32_to_cpu(h.date_nsec);
sn->vm_clock_nsec = be64_to_cpu(h.vm_clock_nsec);
extra_data_size = be32_to_cpu(h.extra_data_size);
id_str_size = be16_to_cpu(h.id_str_size);
name_size = be16_to_cpu(h.name_size);
/* Read extra data */
ret = bdrv_pread(bs->file, offset, &extra,
MIN(sizeof(extra), extra_data_size));
if (ret < 0) {
goto fail;
}
offset += extra_data_size;
if (extra_data_size >= 8) {
sn->vm_state_size = be64_to_cpu(extra.vm_state_size_large);
}
if (extra_data_size >= 16) {
sn->disk_size = be64_to_cpu(extra.disk_size);
} else {
sn->disk_size = bs->total_sectors * BDRV_SECTOR_SIZE;
}
/* Read snapshot ID */
sn->id_str = g_malloc(id_str_size + 1);
ret = bdrv_pread(bs->file, offset, sn->id_str, id_str_size);
if (ret < 0) {
goto fail;
}
offset += id_str_size;
sn->id_str[id_str_size] = '\0';
/* Read snapshot name */
sn->name = g_malloc(name_size + 1);
ret = bdrv_pread(bs->file, offset, sn->name, name_size);
if (ret < 0) {
goto fail;
}
offset += name_size;
sn->name[name_size] = '\0';
}
s->snapshots_size = offset - s->snapshots_offset;
return 0;
fail:
qcow2_free_snapshots(bs);
return ret;
}
DEBUG(5,("%s%04x samr_io_r_open_policy\n", tab_depth(depth), PTR_DIFF(q, base)));
depth++;
q = align_offset(q, base, align);
q = smb_io_pol_hnd(io, &(r_u->pol), q, base, align, depth);
q = align_offset(q, base, align);
DBG_RW_IVAL("status", depth, base, io, q, r_u->status); q += 4;
return q;
}
#if 0
/*******************************************************************
reads or writes a structure.
********************************************************************/
char* lsa_io_(BOOL io, *, char *q, char *base, int align, int depth)
{
if (== NULL) return NULL;
q = align_offset(q, base, align);
DBG_RW_IVAL("", depth, base, io, q, ); q += 4;
return q;
}
#endif
#endif
/****************************************************************************
do a LSA Request Challenge
****************************************************************************/
BOOL do_lsa_req_chal(uint16 fnum, uint32 call_id,
char *desthost, char *myhostname,
DOM_CHAL *clnt_chal, DOM_CHAL *srv_chal)
{
char *rparam = NULL;
char *rdata = NULL;
char *p;
int rdrcnt,rprcnt;
pstring data; /* only 1024 bytes */
uint16 setup[2]; /* only need 2 uint16 setup parameters */
LSA_Q_REQ_CHAL q_c;
BOOL valid_chal = False;
if (srv_chal == NULL || clnt_chal == NULL) return False;
/* create and send a MSRPC command with api LSA_REQCHAL */
DEBUG(4,("LSA Request Challenge from %s to %s: %s\n",
desthost, myhostname, credstr(clnt_chal->data)));
/* store the parameters */
make_q_req_chal(&q_c, desthost, myhostname, clnt_chal);
/* turn parameters into data stream */
p = lsa_io_q_req_chal(False, &q_c, data + 0x18, data, 4, 0);
/* create the request RPC_HDR_RR _after_ the main data: length is now known */
create_rpc_request(call_id, LSA_REQCHAL, data, PTR_DIFF(p, data));
/* create setup parameters. */
setup[0] = 0x0026; /* 0x26 indicates "transact named pipe" */
setup[1] = fnum; /* file handle, from the SMBcreateX pipe, earlier */
/* send the data on \PIPE\ */
if (cli_call_api("\\PIPE\\", 0,
0, PTR_DIFF(p, data), 2,
1024, BUFFER_SIZE,
&rprcnt,&rdrcnt,
NULL, data, setup,
&rparam,&rdata))
{
LSA_R_REQ_CHAL r_c;
RPC_HDR_RR hdr;
int hdr_len;
int pkt_len;
DEBUG(5, ("cli_call_api: return OK\n"));
p = rdata;
if (p) p = smb_io_rpc_hdr_rr (True, &hdr, p, rdata, 4, 0);
if (p) p = align_offset(p, rdata, 4); /* oh, what a surprise */
hdr_len = PTR_DIFF(p, rdata);
if (p && hdr_len != hdr.hdr.frag_len - hdr.alloc_hint)
{
/* header length not same as calculated header length */
DEBUG(2,("do_lsa_req_chal: hdr_len %x != frag_len-alloc_hint %x\n",
hdr_len, hdr.hdr.frag_len - hdr.alloc_hint));
p = NULL;
}
if (p) p = lsa_io_r_req_chal(True, &r_c, p, rdata, 4, 0);
pkt_len = PTR_DIFF(p, rdata);
if (p && pkt_len != hdr.hdr.frag_len)
{
/* packet data size not same as reported fragment length */
DEBUG(2,("do_lsa_req_chal: pkt_len %x != frag_len \n",
pkt_len, hdr.hdr.frag_len));
p = NULL;
}
if (p && r_c.status != 0)
{
/* report error code */
DEBUG(0,("LSA_REQ_CHAL: nt_status error %lx\n", r_c.status));
p = NULL;
}
if (p)
{
/* ok, at last: we're happy. return the challenge */
memcpy(srv_chal, r_c.srv_chal.data, sizeof(srv_chal->data));
valid_chal = True;
}
}
if (rparam) free(rparam);
if (rdata) free(rdata);
return valid_chal;
}
/* add at the end of the file a new list of snapshots */
static int qcow_write_snapshots(BlockDriverState *bs)
{
BDRVQcowState *s = bs->opaque;
QCowSnapshot *sn;
QCowSnapshotHeader h;
int i, name_size, id_str_size, snapshots_size;
uint64_t data64;
uint32_t data32;
int64_t offset, snapshots_offset;
/* compute the size of the snapshots */
offset = 0;
for(i = 0; i < s->nb_snapshots; i++) {
sn = s->snapshots + i;
offset = align_offset(offset, 8);
offset += sizeof(h);
offset += strlen(sn->id_str);
offset += strlen(sn->name);
}
snapshots_size = offset;
snapshots_offset = qcow2_alloc_clusters(bs, snapshots_size);
offset = snapshots_offset;
for(i = 0; i < s->nb_snapshots; i++) {
sn = s->snapshots + i;
memset(&h, 0, sizeof(h));
h.l1_table_offset = cpu_to_be64(sn->l1_table_offset);
h.l1_size = cpu_to_be32(sn->l1_size);
h.vm_state_size = cpu_to_be32(sn->vm_state_size);
h.date_sec = cpu_to_be32(sn->date_sec);
h.date_nsec = cpu_to_be32(sn->date_nsec);
h.vm_clock_nsec = cpu_to_be64(sn->vm_clock_nsec);
id_str_size = strlen(sn->id_str);
name_size = strlen(sn->name);
h.id_str_size = cpu_to_be16(id_str_size);
h.name_size = cpu_to_be16(name_size);
offset = align_offset(offset, 8);
if (bdrv_pwrite(s->hd, offset, &h, sizeof(h)) != sizeof(h))
goto fail;
offset += sizeof(h);
if (bdrv_pwrite(s->hd, offset, sn->id_str, id_str_size) != id_str_size)
goto fail;
offset += id_str_size;
if (bdrv_pwrite(s->hd, offset, sn->name, name_size) != name_size)
goto fail;
offset += name_size;
}
/* update the various header fields */
data64 = cpu_to_be64(snapshots_offset);
if (bdrv_pwrite(s->hd, offsetof(QCowHeader, snapshots_offset),
&data64, sizeof(data64)) != sizeof(data64))
goto fail;
data32 = cpu_to_be32(s->nb_snapshots);
if (bdrv_pwrite(s->hd, offsetof(QCowHeader, nb_snapshots),
&data32, sizeof(data32)) != sizeof(data32))
goto fail;
/* free the old snapshot table */
qcow2_free_clusters(bs, s->snapshots_offset, s->snapshots_size);
s->snapshots_offset = snapshots_offset;
s->snapshots_size = snapshots_size;
return 0;
fail:
return -1;
}