static void smb2srv_ioctl_send(struct ntvfs_request *ntvfs)
{
struct smb2srv_request *req;
union smb_ioctl *io;
SMB2SRV_CHECK_ASYNC_STATUS_ERR(io, union smb_ioctl);
SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x30, True, 0));
SSVAL(req->out.body, 0x02, io->smb2.out._pad);
SIVAL(req->out.body, 0x04, io->smb2.out.function);
if (io->smb2.level == RAW_IOCTL_SMB2_NO_HANDLE) {
struct smb2_handle h;
h.data[0] = UINT64_MAX;
h.data[1] = UINT64_MAX;
smb2_push_handle(req->out.body + 0x08, &h);
} else {
smb2srv_push_handle(req->out.body, 0x08,io->smb2.in.file.ntvfs);
}
SMB2SRV_CHECK(smb2_push_o32s32_blob(&req->out, 0x18, io->smb2.out.in));
SMB2SRV_CHECK(smb2_push_o32s32_blob(&req->out, 0x20, io->smb2.out.out));
SIVAL(req->out.body, 0x28, io->smb2.out.unknown2);
SIVAL(req->out.body, 0x2C, io->smb2.out.unknown3);
smb2srv_send_reply(req);
}
static void smb2srv_tcon_send(struct smb2srv_request *req, union smb_tcon *io)
{
uint16_t unknown1;
if (!NT_STATUS_IS_OK(req->status)) {
smb2srv_send_error(req, req->status);
return;
}
if (io->smb2.out.unknown1 == 0x0002) {
/* if it's an IPC share vista returns 0x0005 */
unknown1 = 0x0005;
} else {
unknown1 = 0x0001;
}
SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x10, False, 0));
SIVAL(req->out.hdr, SMB2_HDR_TID, io->smb2.out.tid);
SSVAL(req->out.hdr, SMB2_HDR_UNKNOWN1,unknown1);
SSVAL(req->out.body, 0x02, io->smb2.out.unknown1);
SIVAL(req->out.body, 0x04, io->smb2.out.unknown2);
SIVAL(req->out.body, 0x08, io->smb2.out.unknown3);
SIVAL(req->out.body, 0x0C, io->smb2.out.access_mask);
smb2srv_send_reply(req);
}
static void smb2srv_create_send(struct ntvfs_request *ntvfs)
{
struct smb2srv_request *req;
union smb_open *io;
SMB2SRV_CHECK_ASYNC_STATUS(io, union smb_open);
SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x58, True, io->smb2.out.blob.length));
SSVAL(req->out.body, 0x02, io->smb2.out.oplock_flags);
SIVAL(req->out.body, 0x04, io->smb2.out.create_action);
SBVAL(req->out.body, 0x08, io->smb2.out.create_time);
SBVAL(req->out.body, 0x10, io->smb2.out.access_time);
SBVAL(req->out.body, 0x18, io->smb2.out.write_time);
SBVAL(req->out.body, 0x20, io->smb2.out.change_time);
SBVAL(req->out.body, 0x28, io->smb2.out.alloc_size);
SBVAL(req->out.body, 0x30, io->smb2.out.size);
SIVAL(req->out.body, 0x38, io->smb2.out.file_attr);
SIVAL(req->out.body, 0x3C, io->smb2.out._pad);
smb2srv_push_handle(req->out.body, 0x40, io->smb2.out.file.ntvfs);
SMB2SRV_CHECK(smb2_push_o32s32_blob(&req->out, 0x50, io->smb2.out.blob));
/* also setup the chained file handle */
req->chained_file_handle = req->_chained_file_handle;
smb2srv_push_handle(req->chained_file_handle, 0, io->smb2.out.file.ntvfs);
smb2srv_send_reply(req);
}
void smb2srv_send_error(struct smb2srv_request *req, NTSTATUS error)
{
NTSTATUS status;
if (req->smb_conn->connection->event.fde == NULL) {
/* the socket has been destroyed - no point trying to send an error! */
talloc_free(req);
return;
}
status = smb2srv_setup_reply(req, 8, true, 0);
if (!NT_STATUS_IS_OK(status)) {
smbsrv_terminate_connection(req->smb_conn, nt_errstr(status));
talloc_free(req);
return;
}
SIVAL(req->out.hdr, SMB2_HDR_STATUS, NT_STATUS_V(error));
SSVAL(req->out.body, 0x02, 0);
SIVAL(req->out.body, 0x04, 0);
req->chain_status = NT_STATUS_INVALID_PARAMETER;
smb2srv_send_reply(req);
}
static void smb2srv_notify_send(struct ntvfs_request *ntvfs)
{
struct smb2srv_request *req;
union smb_notify *io;
size_t size = 0;
int i;
uint8_t *p;
DATA_BLOB blob = data_blob(NULL, 0);
SMB2SRV_CHECK_ASYNC_STATUS(io, union smb_notify);
SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x08, True, 0));
#define MAX_BYTES_PER_CHAR 3
/* work out how big the reply buffer could be */
for (i=0;i<io->smb2.out.num_changes;i++) {
size += 12 + 3 + (1+strlen(io->smb2.out.changes[i].name.s)) * MAX_BYTES_PER_CHAR;
}
blob = data_blob_talloc(req, NULL, size);
if (size > 0 && !blob.data) {
SMB2SRV_CHECK(NT_STATUS_NO_MEMORY);
}
p = blob.data;
/* construct the changes buffer */
for (i=0;i<io->smb2.out.num_changes;i++) {
uint32_t ofs;
ssize_t len;
SIVAL(p, 4, io->smb2.out.changes[i].action);
len = push_string(p + 12, io->smb2.out.changes[i].name.s,
blob.length - (p+12 - blob.data), STR_UNICODE);
SIVAL(p, 8, len);
ofs = len + 12;
if (ofs & 3) {
int pad = 4 - (ofs & 3);
memset(p+ofs, 0, pad);
ofs += pad;
}
if (i == io->smb2.out.num_changes-1) {
SIVAL(p, 0, 0);
} else {
SIVAL(p, 0, ofs);
}
p += ofs;
}
blob.length = p - blob.data;
SMB2SRV_CHECK(smb2_push_o16s32_blob(&req->out, 0x02, blob));
smb2srv_send_reply(req);
}
NTSTATUS smb2srv_queue_pending(struct smb2srv_request *req)
{
NTSTATUS status;
bool signing_used = false;
int id;
uint16_t credits = SVAL(req->in.hdr, SMB2_HDR_CREDIT);
if (credits == 0) {
credits = 1;
}
if (req->pending_id) {
return NT_STATUS_INTERNAL_ERROR;
}
if (req->smb_conn->connection->event.fde == NULL) {
/* the socket has been destroyed - no point trying to send an error! */
return NT_STATUS_REMOTE_DISCONNECT;
}
id = idr_get_new_above(req->smb_conn->requests2.idtree_req, req,
1, req->smb_conn->requests2.idtree_limit);
if (id == -1) {
return NT_STATUS_INSUFFICIENT_RESOURCES;
}
DLIST_ADD_END(req->smb_conn->requests2.list, req, struct smb2srv_request *);
req->pending_id = id;
talloc_set_destructor(req, smb2srv_request_deny_destructor);
status = smb2srv_setup_reply(req, 8, true, 0);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
SIVAL(req->out.hdr, SMB2_HDR_STATUS, NT_STATUS_V(STATUS_PENDING));
SSVAL(req->out.hdr, SMB2_HDR_CREDIT, credits);
SSVAL(req->out.body, 0x02, 0);
SIVAL(req->out.body, 0x04, 0);
/* if the real reply will be signed set the signed flags, but don't sign */
if (req->is_signed) {
SIVAL(req->out.hdr, SMB2_HDR_FLAGS, IVAL(req->out.hdr, SMB2_HDR_FLAGS) | SMB2_HDR_FLAG_SIGNED);
signing_used = req->is_signed;
req->is_signed = false;
}
smb2srv_send_reply(req);
req->is_signed = signing_used;
talloc_set_destructor(req, smb2srv_request_destructor);
return NT_STATUS_OK;
}
static void smb2srv_lock_send(struct ntvfs_request *ntvfs)
{
struct smb2srv_request *req;
union smb_lock *io;
SMB2SRV_CHECK_ASYNC_STATUS_ERR(io, union smb_lock);
SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x04, False, 0));
SSVAL(req->out.body, 0x02, io->smb2.out.unknown1);
smb2srv_send_reply(req);
}
static void smb2srv_flush_send(struct ntvfs_request *ntvfs)
{
struct smb2srv_request *req;
union smb_flush *io;
SMB2SRV_CHECK_ASYNC_STATUS(io, union smb_flush);
SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x04, False, 0));
SSVAL(req->out.body, 0x02, 0);
smb2srv_send_reply(req);
}
static void smb2srv_write_send(struct ntvfs_request *ntvfs)
{
struct smb2srv_request *req;
union smb_write *io;
SMB2SRV_CHECK_ASYNC_STATUS(io, union smb_write);
SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x10, True, 0));
SSVAL(req->out.body, 0x02, io->smb2.out._pad);
SIVAL(req->out.body, 0x04, io->smb2.out.nwritten);
SBVAL(req->out.body, 0x08, io->smb2.out.unknown1);
smb2srv_send_reply(req);
}
static void smb2srv_read_send(struct ntvfs_request *ntvfs)
{
struct smb2srv_request *req;
union smb_read *io;
SMB2SRV_CHECK_ASYNC_STATUS(io, union smb_read);
SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x10, True, io->smb2.out.data.length));
/* TODO: avoid the memcpy */
SMB2SRV_CHECK(smb2_push_o16s32_blob(&req->out, 0x02, io->smb2.out.data));
SBVAL(req->out.body, 0x08, io->smb2.out.unknown1);
smb2srv_send_reply(req);
}
static void smb2srv_break_send(struct ntvfs_request *ntvfs)
{
struct smb2srv_request *req;
union smb_lock *io;
SMB2SRV_CHECK_ASYNC_STATUS_ERR(io, union smb_lock);
SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x18, false, 0));
SCVAL(req->out.body, 0x02, io->smb2_break.out.oplock_level);
SCVAL(req->out.body, 0x03, io->smb2_break.out.reserved);
SIVAL(req->out.body, 0x04, io->smb2_break.out.reserved2);
smb2srv_push_handle(req->out.body, 0x08,io->smb2_break.out.file.ntvfs);
smb2srv_send_reply(req);
}
static void smb2srv_create_send(struct ntvfs_request *ntvfs)
{
struct smb2srv_request *req;
union smb_open *io;
DATA_BLOB blob;
SMB2SRV_CHECK_ASYNC_STATUS(io, union smb_open);
/* setup the blobs we should give in the reply */
if (io->smb2.out.maximal_access != 0) {
uint32_t data[2];
SIVAL(data, 0, 0);
SIVAL(data, 4, io->smb2.out.maximal_access);
SMB2SRV_CHECK(smb2_create_blob_add(req, &io->smb2.out.blobs,
SMB2_CREATE_TAG_MXAC,
data_blob_const(data, 8)));
}
SMB2SRV_CHECK(smb2_create_blob_push(req, &blob, io->smb2.out.blobs));
SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x58, true, blob.length));
SCVAL(req->out.body, 0x02, io->smb2.out.oplock_level);
SCVAL(req->out.body, 0x03, io->smb2.out.reserved);
SIVAL(req->out.body, 0x04, io->smb2.out.create_action);
SBVAL(req->out.body, 0x08, io->smb2.out.create_time);
SBVAL(req->out.body, 0x10, io->smb2.out.access_time);
SBVAL(req->out.body, 0x18, io->smb2.out.write_time);
SBVAL(req->out.body, 0x20, io->smb2.out.change_time);
SBVAL(req->out.body, 0x28, io->smb2.out.alloc_size);
SBVAL(req->out.body, 0x30, io->smb2.out.size);
SIVAL(req->out.body, 0x38, io->smb2.out.file_attr);
SIVAL(req->out.body, 0x3C, io->smb2.out.reserved2);
smb2srv_push_handle(req->out.body, 0x40, io->smb2.out.file.ntvfs);
SMB2SRV_CHECK(smb2_push_o32s32_blob(&req->out, 0x50, blob));
/* also setup the chained file handle */
req->chained_file_handle = req->_chained_file_handle;
smb2srv_push_handle(req->chained_file_handle, 0, io->smb2.out.file.ntvfs);
smb2srv_send_reply(req);
}
static void smb2srv_sesssetup_send(struct smb2srv_request *req, union smb_sesssetup *io)
{
if (NT_STATUS_IS_OK(req->status)) {
/* nothing */
} else if (NT_STATUS_EQUAL(req->status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
/* nothing */
} else {
smb2srv_send_error(req, req->status);
return;
}
SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x08, true, io->smb2.out.secblob.length));
SBVAL(req->out.hdr, SMB2_HDR_SESSION_ID, io->smb2.out.uid);
SSVAL(req->out.body, 0x02, io->smb2.out.session_flags);
SMB2SRV_CHECK(smb2_push_o16s16_blob(&req->out, 0x04, io->smb2.out.secblob));
smb2srv_send_reply(req);
}
static void smb2srv_keepalive_send(struct smb2srv_request *req)
{
NTSTATUS status;
if (NT_STATUS_IS_ERR(req->status)) {
smb2srv_send_error(req, req->status);
return;
}
status = smb2srv_setup_reply(req, 0x04, false, 0);
if (!NT_STATUS_IS_OK(status)) {
smbsrv_terminate_connection(req->smb_conn, nt_errstr(status));
talloc_free(req);
return;
}
SSVAL(req->out.body, 0x02, 0);
smb2srv_send_reply(req);
}
static void smb2srv_close_send(struct ntvfs_request *ntvfs)
{
struct smb2srv_request *req;
union smb_close *io;
SMB2SRV_CHECK_ASYNC_STATUS(io, union smb_close);
SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x3C, False, 0));
SSVAL(req->out.body, 0x02, io->smb2.out.flags);
SIVAL(req->out.body, 0x04, io->smb2.out._pad);
SBVAL(req->out.body, 0x08, io->smb2.out.create_time);
SBVAL(req->out.body, 0x10, io->smb2.out.access_time);
SBVAL(req->out.body, 0x18, io->smb2.out.write_time);
SBVAL(req->out.body, 0x20, io->smb2.out.change_time);
SBVAL(req->out.body, 0x28, io->smb2.out.alloc_size);
SBVAL(req->out.body, 0x30, io->smb2.out.size);
SIVAL(req->out.body, 0x38, io->smb2.out.file_attr);
smb2srv_send_reply(req);
}
static void smb2srv_negprot_send(struct smb2srv_request *req, struct smb2_negprot *io)
{
NTSTATUS status;
if (NT_STATUS_IS_ERR(req->status)) {
smb2srv_send_error(req, req->status); /* TODO: is this correct? */
return;
}
status = smb2srv_setup_reply(req, 0x40, true, io->out.secblob.length);
if (!NT_STATUS_IS_OK(status)) {
smbsrv_terminate_connection(req->smb_conn, nt_errstr(status));
talloc_free(req);
return;
}
SSVAL(req->out.body, 0x02, io->out.security_mode);
SIVAL(req->out.body, 0x04, io->out.dialect_revision);
SIVAL(req->out.body, 0x06, io->out.reserved);
status = smbcli_push_guid(req->out.body, 0x08, &io->out.server_guid);
if (!NT_STATUS_IS_OK(status)) {
smbsrv_terminate_connection(req->smb_conn, nt_errstr(status));
talloc_free(req);
return;
}
SIVAL(req->out.body, 0x18, io->out.capabilities);
SIVAL(req->out.body, 0x1C, io->out.max_transact_size);
SIVAL(req->out.body, 0x20, io->out.max_read_size);
SIVAL(req->out.body, 0x24, io->out.max_write_size);
push_nttime(req->out.body, 0x28, io->out.system_time);
push_nttime(req->out.body, 0x30, io->out.server_start_time);
SIVAL(req->out.body, 0x3C, io->out.reserved2);
status = smb2_push_o16s16_blob(&req->out, 0x38, io->out.secblob);
if (!NT_STATUS_IS_OK(status)) {
smbsrv_terminate_connection(req->smb_conn, nt_errstr(status));
talloc_free(req);
return;
}
smb2srv_send_reply(req);
}
static void smb2srv_sesssetup_send(struct smb2srv_request *req, union smb_sesssetup *io)
{
uint16_t unknown1;
if (NT_STATUS_IS_OK(req->status)) {
unknown1 = 0x0003;
} else if (NT_STATUS_EQUAL(req->status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
unknown1 = 0x0002;
} else {
smb2srv_send_error(req, req->status);
return;
}
SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x08, True, io->smb2.out.secblob.length));
SSVAL(req->out.hdr, SMB2_HDR_UNKNOWN1, unknown1);
SBVAL(req->out.hdr, SMB2_HDR_UID, io->smb2.out.uid);
SSVAL(req->out.body, 0x02, io->smb2.out._pad);
SMB2SRV_CHECK(smb2_push_o16s16_blob(&req->out, 0x04, io->smb2.out.secblob));
smb2srv_send_reply(req);
}
static void smb2srv_negprot_send(struct smb2srv_request *req, struct smb2_negprot *io)
{
NTSTATUS status;
if (NT_STATUS_IS_ERR(req->status)) {
smb2srv_send_error(req, req->status); /* TODO: is this correct? */
return;
}
status = smb2srv_setup_reply(req, 0x40, True, io->out.secblob.length);
if (!NT_STATUS_IS_OK(status)) {
smbsrv_terminate_connection(req->smb_conn, nt_errstr(status));
talloc_free(req);
return;
}
SSVAL(req->out.body, 0x02, io->out._pad);
SIVAL(req->out.body, 0x04, io->out.unknown2);
memcpy(req->out.body+0x08, io->out.sessid, 16);
SIVAL(req->out.body, 0x18, io->out.unknown3);
SSVAL(req->out.body, 0x1C, io->out.unknown4);
SIVAL(req->out.body, 0x1E, io->out.unknown5);
SIVAL(req->out.body, 0x22, io->out.unknown6);
SSVAL(req->out.body, 0x26, io->out.unknown7);
push_nttime(req->out.body, 0x28, io->out.current_time);
push_nttime(req->out.body, 0x30, io->out.boot_time);
status = smb2_push_o16s16_blob(&req->out, 0x38, io->out.secblob);
if (!NT_STATUS_IS_OK(status)) {
smbsrv_terminate_connection(req->smb_conn, nt_errstr(status));
talloc_free(req);
return;
}
SIVAL(req->out.body, 0x3C, io->out.unknown9);
smb2srv_send_reply(req);
}
static void smb2srv_close_send(struct ntvfs_request *ntvfs)
{
struct smb2srv_request *req;
union smb_close *io;
SMB2SRV_CHECK_ASYNC_STATUS(io, union smb_close);
SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x3C, false, 0));
SSVAL(req->out.body, 0x02, io->smb2.out.flags);
SIVAL(req->out.body, 0x04, io->smb2.out._pad);
SBVAL(req->out.body, 0x08, io->smb2.out.create_time);
SBVAL(req->out.body, 0x10, io->smb2.out.access_time);
SBVAL(req->out.body, 0x18, io->smb2.out.write_time);
SBVAL(req->out.body, 0x20, io->smb2.out.change_time);
SBVAL(req->out.body, 0x28, io->smb2.out.alloc_size);
SBVAL(req->out.body, 0x30, io->smb2.out.size);
SIVAL(req->out.body, 0x38, io->smb2.out.file_attr);
/* also destroy the chained file handle */
req->chained_file_handle = NULL;
memset(req->_chained_file_handle, 0, sizeof(req->_chained_file_handle));
smb2srv_send_reply(req);
}