/**************************************************************************** Old style search next. ****************************************************************************/ static NTSTATUS smb_raw_search_close_old(struct smbcli_tree *tree, union smb_search_close *io) { struct smbcli_request *req; uint8_t var_block[21]; req = smbcli_request_setup(tree, SMBfclose, 2, 0); if (!req) { return NT_STATUS_NO_MEMORY; } SSVAL(req->out.vwv, VWV(0), io->fclose.in.max_count); SSVAL(req->out.vwv, VWV(1), io->fclose.in.search_attrib); smbcli_req_append_ascii4(req, "", STR_TERMINATE); SCVAL(var_block, 0, io->fclose.in.id.reserved); memcpy(&var_block[1], io->fclose.in.id.name, 11); SCVAL(var_block, 12, io->fclose.in.id.handle); SIVAL(var_block, 13, io->fclose.in.id.server_cookie); SIVAL(var_block, 17, io->fclose.in.id.client_cookie); smbcli_req_append_var_block(req, var_block, 21); if (!smbcli_request_send(req) || !smbcli_request_receive(req)) { return smbcli_request_destroy(req); } return smbcli_request_destroy(req); }
/**************************************************************************** Query FS Info - SMBdskattr call (async send) ****************************************************************************/ static struct smbcli_request *smb_raw_dskattr_send(struct smbcli_tree *tree, union smb_fsinfo *fsinfo) { struct smbcli_request *req; req = smbcli_request_setup(tree, SMBdskattr, 0, 0); if (!smbcli_request_send(req)) { smbcli_request_destroy(req); return NULL; } return req; }
/* scan for valid base SMB requests */ bool torture_smb_scan(struct torture_context *torture) { static struct smbcli_state *cli; int op; struct smbcli_request *req; NTSTATUS status; for (op=0x0;op<=0xFF;op++) { if (op == SMBreadbraw) continue; if (!torture_open_connection(&cli, torture, 0)) { return false; } req = smbcli_request_setup(cli->tree, op, 0, 0); if (!smbcli_request_send(req)) { smbcli_request_destroy(req); break; } usleep(10000); smbcli_transport_process(cli->transport); if (req->state > SMBCLI_REQUEST_RECV) { status = smbcli_request_simple_recv(req); printf("op=0x%x status=%s\n", op, nt_errstr(status)); torture_close_connection(cli); continue; } sleep(1); smbcli_transport_process(cli->transport); if (req->state > SMBCLI_REQUEST_RECV) { status = smbcli_request_simple_recv(req); printf("op=0x%x status=%s\n", op, nt_errstr(status)); } else { printf("op=0x%x no reply\n", op); smbcli_request_destroy(req); continue; /* don't attempt close! */ } torture_close_connection(cli); } printf("smb scan finished\n"); return true; }
/**************************************************************************** Old style search next. ****************************************************************************/ static NTSTATUS smb_raw_search_next_old(struct smbcli_tree *tree, TALLOC_CTX *mem_ctx, union smb_search_next *io, void *private_data, smbcli_search_callback callback) { struct smbcli_request *req; uint8_t var_block[21]; uint8_t op = SMBsearch; if (io->generic.level == RAW_SEARCH_FFIRST) { op = SMBffirst; } req = smbcli_request_setup(tree, op, 2, 0); if (!req) { return NT_STATUS_NO_MEMORY; } SSVAL(req->out.vwv, VWV(0), io->search_next.in.max_count); SSVAL(req->out.vwv, VWV(1), io->search_next.in.search_attrib); smbcli_req_append_ascii4(req, "", STR_TERMINATE); SCVAL(var_block, 0, io->search_next.in.id.reserved); memcpy(&var_block[1], io->search_next.in.id.name, 11); SCVAL(var_block, 12, io->search_next.in.id.handle); SIVAL(var_block, 13, io->search_next.in.id.server_cookie); SIVAL(var_block, 17, io->search_next.in.id.client_cookie); smbcli_req_append_var_block(req, var_block, 21); if (!smbcli_request_send(req) || !smbcli_request_receive(req)) { return smbcli_request_destroy(req); } if (NT_STATUS_IS_OK(req->status)) { io->search_next.out.count = SVAL(req->in.vwv, VWV(0)); smb_raw_search_backend(req, mem_ctx, io->search_next.out.count, private_data, callback); } return smbcli_request_destroy(req); }
/* Implements trans2findclose2 */ NTSTATUS smb_raw_search_close(struct smbcli_tree *tree, union smb_search_close *io) { struct smbcli_request *req; if (io->generic.level == RAW_FINDCLOSE_FCLOSE) { return smb_raw_search_close_old(tree, io); } req = smbcli_request_setup(tree, SMBfindclose, 1, 0); if (!req) { return NT_STATUS_NO_MEMORY; } SSVAL(req->out.vwv, VWV(0), io->findclose.in.handle); if (smbcli_request_send(req)) { (void) smbcli_request_receive(req); } return smbcli_request_destroy(req); }
/**************************************************************************** Old style search first. ****************************************************************************/ static NTSTATUS smb_raw_search_first_old(struct smbcli_tree *tree, TALLOC_CTX *mem_ctx, union smb_search_first *io, void *private_data, smbcli_search_callback callback) { struct smbcli_request *req; uint8_t op = SMBsearch; if (io->generic.level == RAW_SEARCH_FFIRST) { op = SMBffirst; } else if (io->generic.level == RAW_SEARCH_FUNIQUE) { op = SMBfunique; } req = smbcli_request_setup(tree, op, 2, 0); if (!req) { return NT_STATUS_NO_MEMORY; } SSVAL(req->out.vwv, VWV(0), io->search_first.in.max_count); SSVAL(req->out.vwv, VWV(1), io->search_first.in.search_attrib); smbcli_req_append_ascii4(req, io->search_first.in.pattern, STR_TERMINATE); smbcli_req_append_var_block(req, NULL, 0); if (!smbcli_request_send(req) || !smbcli_request_receive(req)) { return smbcli_request_destroy(req); } if (NT_STATUS_IS_OK(req->status)) { io->search_first.out.count = SVAL(req->in.vwv, VWV(0)); smb_raw_search_backend(req, mem_ctx, io->search_first.out.count, private_data, callback); } return smbcli_request_destroy(req); }