summaryrefslogtreecommitdiffstats
path: root/source4/libcli/smb2/transport.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--source4/libcli/smb2/transport.c557
1 files changed, 557 insertions, 0 deletions
diff --git a/source4/libcli/smb2/transport.c b/source4/libcli/smb2/transport.c
new file mode 100644
index 0000000..292ca0f
--- /dev/null
+++ b/source4/libcli/smb2/transport.c
@@ -0,0 +1,557 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ SMB2 client transport context management functions
+
+ Copyright (C) Andrew Tridgell 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "system/network.h"
+#include "libcli/raw/libcliraw.h"
+#include "libcli/raw/raw_proto.h"
+#include "libcli/smb2/smb2.h"
+#include "libcli/smb2/smb2_calls.h"
+#include "lib/socket/socket.h"
+#include "lib/events/events.h"
+#include "../lib/util/dlinklist.h"
+#include "../libcli/smb/smbXcli_base.h"
+#include "librpc/ndr/libndr.h"
+
+/*
+ destroy a transport
+ */
+static int transport_destructor(struct smb2_transport *transport)
+{
+ smb2_transport_dead(transport, NT_STATUS_LOCAL_DISCONNECT);
+ return 0;
+}
+
+/*
+ create a transport structure based on an established socket
+*/
+struct smb2_transport *smb2_transport_init(struct smbcli_socket *sock,
+ TALLOC_CTX *parent_ctx,
+ struct smbcli_options *options)
+{
+ struct smb2_transport *transport;
+
+ transport = talloc_zero(parent_ctx, struct smb2_transport);
+ if (!transport) return NULL;
+
+ transport->ev = sock->event.ctx;
+ transport->options = *options;
+
+ if (transport->options.max_protocol == PROTOCOL_DEFAULT) {
+ transport->options.max_protocol = PROTOCOL_LATEST;
+ }
+
+ if (transport->options.max_protocol < PROTOCOL_SMB2_02) {
+ transport->options.max_protocol = PROTOCOL_LATEST;
+ }
+
+ TALLOC_FREE(sock->event.fde);
+ TALLOC_FREE(sock->event.te);
+
+ transport->conn = smbXcli_conn_create(transport,
+ sock->sock->fd,
+ sock->hostname,
+ options->signing,
+ 0, /* smb1_capabilities */
+ &options->client_guid,
+ options->smb2_capabilities,
+ &options->smb3_capabilities);
+ if (transport->conn == NULL) {
+ talloc_free(transport);
+ return NULL;
+ }
+ sock->sock->fd = -1;
+ TALLOC_FREE(sock);
+
+ talloc_set_destructor(transport, transport_destructor);
+
+ return transport;
+}
+
+/*
+ create a transport structure based on an established socket
+*/
+NTSTATUS smb2_transport_raw_init(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct smbXcli_conn **_conn,
+ const struct smbcli_options *options,
+ struct smb2_transport **_transport)
+{
+ struct smb2_transport *transport = NULL;
+ enum protocol_types protocol;
+
+ if (*_conn == NULL) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ protocol = smbXcli_conn_protocol(*_conn);
+ if (protocol < PROTOCOL_SMB2_02) {
+ return NT_STATUS_REVISION_MISMATCH;
+ }
+
+ transport = talloc_zero(mem_ctx, struct smb2_transport);
+ if (transport == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ transport->ev = ev;
+ transport->options = *options;
+ transport->conn = talloc_move(transport, _conn);
+
+ talloc_set_destructor(transport, transport_destructor);
+ *_transport = transport;
+ return NT_STATUS_OK;
+}
+
+/*
+ mark the transport as dead
+*/
+void smb2_transport_dead(struct smb2_transport *transport, NTSTATUS status)
+{
+ if (NT_STATUS_EQUAL(NT_STATUS_UNSUCCESSFUL, status)) {
+ status = NT_STATUS_UNEXPECTED_NETWORK_ERROR;
+ }
+ if (NT_STATUS_IS_OK(status)) {
+ status = NT_STATUS_LOCAL_DISCONNECT;
+ }
+
+ smbXcli_conn_disconnect(transport->conn, status);
+}
+
+static void smb2_request_done(struct tevent_req *subreq);
+static void smb2_transport_break_handler(struct tevent_req *subreq);
+
+/*
+ put a request into the send queue
+*/
+void smb2_transport_send(struct smb2_request *req)
+{
+ NTSTATUS status;
+ struct smb2_transport *transport = req->transport;
+ struct tevent_req **reqs = transport->compound.reqs;
+ size_t num_reqs = talloc_array_length(reqs);
+ size_t i;
+ uint16_t cmd = SVAL(req->out.hdr, SMB2_HDR_OPCODE);
+ uint32_t additional_flags = IVAL(req->out.hdr, SMB2_HDR_FLAGS);
+ uint32_t clear_flags = 0;
+ struct smbXcli_tcon *tcon = NULL;
+ struct smbXcli_session *session = NULL;
+ bool need_pending_break = false;
+ size_t hdr_ofs;
+ size_t pdu_len;
+ DATA_BLOB body = data_blob_null;
+ DATA_BLOB dyn = data_blob_null;
+ uint32_t timeout_msec = transport->options.request_timeout * 1000;
+
+ if (transport->oplock.handler) {
+ need_pending_break = true;
+ }
+
+ if (transport->lease.handler) {
+ need_pending_break = true;
+ }
+
+ if (transport->break_subreq) {
+ need_pending_break = false;
+ }
+
+ if (need_pending_break) {
+ struct tevent_req *subreq;
+
+ subreq = smb2cli_req_create(transport,
+ transport->ev,
+ transport->conn,
+ SMB2_OP_BREAK,
+ 0, /* additional_flags */
+ 0, /*clear_flags */
+ 0, /* timeout_msec */
+ NULL, /* tcon */
+ NULL, /* session */
+ NULL, /* body */
+ 0, /* body_fixed */
+ NULL, /* dyn */
+ 0, /* dyn_len */
+ 0); /* max_dyn_len */
+ if (subreq != NULL) {
+ smbXcli_req_set_pending(subreq);
+ tevent_req_set_callback(subreq,
+ smb2_transport_break_handler,
+ transport);
+ transport->break_subreq = subreq;
+ }
+ }
+
+ if (req->session) {
+ session = req->session->smbXcli;
+ }
+
+ if (req->tree) {
+ tcon = req->tree->smbXcli;
+ }
+
+ if (transport->compound.related) {
+ additional_flags |= SMB2_HDR_FLAG_CHAINED;
+ }
+
+ hdr_ofs = PTR_DIFF(req->out.hdr, req->out.buffer);
+ pdu_len = req->out.size - hdr_ofs;
+ body.data = req->out.body;
+ body.length = req->out.body_fixed;
+ dyn.data = req->out.body + req->out.body_fixed;
+ dyn.length = pdu_len - (SMB2_HDR_BODY + req->out.body_fixed);
+
+ req->subreq = smb2cli_req_create(req,
+ transport->ev,
+ transport->conn,
+ cmd,
+ additional_flags,
+ clear_flags,
+ timeout_msec,
+ tcon,
+ session,
+ body.data, body.length,
+ dyn.data, dyn.length,
+ 0); /* max_dyn_len */
+ if (req->subreq == NULL) {
+ req->state = SMB2_REQUEST_ERROR;
+ req->status = NT_STATUS_NO_MEMORY;
+ return;
+ }
+
+ if (!tevent_req_is_in_progress(req->subreq)) {
+ req->state = SMB2_REQUEST_ERROR;
+ req->status = NT_STATUS_INTERNAL_ERROR;/* TODO */
+ return;
+ }
+
+ tevent_req_set_callback(req->subreq, smb2_request_done, req);
+
+ smb2cli_req_set_notify_async(req->subreq);
+ if (req->credit_charge) {
+ smb2cli_req_set_credit_charge(req->subreq, req->credit_charge);
+ }
+
+ ZERO_STRUCT(req->out);
+ req->state = SMB2_REQUEST_RECV;
+
+ if (num_reqs > 0) {
+ for (i=0; i < num_reqs; i++) {
+ if (reqs[i] != NULL) {
+ continue;
+ }
+
+ reqs[i] = req->subreq;
+ i++;
+ break;
+ }
+
+ if (i < num_reqs) {
+ return;
+ }
+ } else {
+ reqs = &req->subreq;
+ num_reqs = 1;
+ }
+ status = smb2cli_req_compound_submit(reqs, num_reqs);
+
+ TALLOC_FREE(transport->compound.reqs);
+ transport->compound.related = false;
+
+ if (!NT_STATUS_IS_OK(status)) {
+ req->status = status;
+ req->state = SMB2_REQUEST_ERROR;
+ smbXcli_conn_disconnect(transport->conn, status);
+ }
+}
+
+static void smb2_request_done(struct tevent_req *subreq)
+{
+ struct smb2_request *req =
+ tevent_req_callback_data(subreq,
+ struct smb2_request);
+ ssize_t len;
+ size_t i;
+
+ req->recv_iov = NULL;
+
+ req->status = smb2cli_req_recv(req->subreq, req, &req->recv_iov, NULL, 0);
+ if (NT_STATUS_EQUAL(req->status, NT_STATUS_PENDING)) {
+ struct timeval endtime = smbXcli_req_endtime(subreq);
+ bool ok;
+
+ req->cancel.can_cancel = true;
+ if (timeval_is_zero(&endtime)) {
+ return;
+ }
+
+ ok = tevent_req_set_endtime(
+ subreq, req->transport->ev, endtime);
+ if (!ok) {
+ req->status = NT_STATUS_INTERNAL_ERROR;
+ req->state = SMB2_REQUEST_ERROR;
+ if (req->async.fn) {
+ req->async.fn(req);
+ }
+ return;
+ }
+ return;
+ }
+ TALLOC_FREE(req->subreq);
+ if (!NT_STATUS_IS_OK(req->status)) {
+ if (req->recv_iov == NULL) {
+ req->state = SMB2_REQUEST_ERROR;
+ if (req->async.fn) {
+ req->async.fn(req);
+ }
+ return;
+ }
+ }
+
+ len = req->recv_iov[0].iov_len;
+ for (i=1; i < 3; i++) {
+ uint8_t *p = req->recv_iov[i-1].iov_base;
+ uint8_t *c1 = req->recv_iov[i].iov_base;
+ uint8_t *c2 = p + req->recv_iov[i-1].iov_len;
+
+ len += req->recv_iov[i].iov_len;
+
+ if (req->recv_iov[i].iov_len == 0) {
+ continue;
+ }
+
+ if (c1 != c2) {
+ req->status = NT_STATUS_INTERNAL_ERROR;
+ req->state = SMB2_REQUEST_ERROR;
+ if (req->async.fn) {
+ req->async.fn(req);
+ }
+ return;
+ }
+ }
+
+ req->in.buffer = req->recv_iov[0].iov_base;
+ req->in.size = len;
+ req->in.allocated = req->in.size;
+
+ req->in.hdr = req->recv_iov[0].iov_base;
+ req->in.body = req->recv_iov[1].iov_base;
+ req->in.dynamic = req->recv_iov[2].iov_base;
+ req->in.body_fixed = req->recv_iov[1].iov_len;
+ req->in.body_size = req->in.body_fixed;
+ req->in.body_size += req->recv_iov[2].iov_len;
+
+ smb2_setup_bufinfo(req);
+
+ req->state = SMB2_REQUEST_DONE;
+ if (req->async.fn) {
+ req->async.fn(req);
+ }
+}
+
+static void smb2_transport_break_handler(struct tevent_req *subreq)
+{
+ struct smb2_transport *transport =
+ tevent_req_callback_data(subreq,
+ struct smb2_transport);
+ NTSTATUS status;
+ uint8_t *body;
+ uint16_t len = 0;
+ bool lease;
+ struct iovec *recv_iov = NULL;
+
+ transport->break_subreq = NULL;
+
+ status = smb2cli_req_recv(subreq, transport, &recv_iov, NULL, 0);
+ TALLOC_FREE(subreq);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(recv_iov);
+ smb2_transport_dead(transport, status);
+ return;
+ }
+
+ /*
+ * Setup the subreq to handle the
+ * next incoming SMB2 Break.
+ */
+ subreq = smb2cli_req_create(transport,
+ transport->ev,
+ transport->conn,
+ SMB2_OP_BREAK,
+ 0, /* additional_flags */
+ 0, /*clear_flags */
+ 0, /* timeout_msec */
+ NULL, /* tcon */
+ NULL, /* session */
+ NULL, /* body */
+ 0, /* body_fixed */
+ NULL, /* dyn */
+ 0, /* dyn_len */
+ 0); /* max_dyn_len */
+ if (subreq != NULL) {
+ smbXcli_req_set_pending(subreq);
+ tevent_req_set_callback(subreq,
+ smb2_transport_break_handler,
+ transport);
+ transport->break_subreq = subreq;
+ }
+
+ body = recv_iov[1].iov_base;
+
+ len = recv_iov[1].iov_len;
+ if (recv_iov[1].iov_len >= 2) {
+ len = CVAL(body, 0x00);
+ if (len != recv_iov[1].iov_len) {
+ len = recv_iov[1].iov_len;
+ }
+ }
+
+ if (len == 24) {
+ lease = false;
+ } else if (len == 44) {
+ lease = true;
+ } else {
+ DEBUG(1,("Discarding smb2 oplock reply of invalid size %u\n",
+ (unsigned)len));
+ TALLOC_FREE(recv_iov);
+ status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ smb2_transport_dead(transport, status);
+ return;
+ }
+
+ if (!lease && transport->oplock.handler) {
+ struct smb2_handle h;
+ uint8_t level;
+
+ level = CVAL(body, 0x02);
+ smb2_pull_handle(body+0x08, &h);
+
+ TALLOC_FREE(recv_iov);
+
+ transport->oplock.handler(transport, &h, level,
+ transport->oplock.private_data);
+ } else if (lease && transport->lease.handler) {
+ struct smb2_lease_break lb;
+
+ ZERO_STRUCT(lb);
+ lb.new_epoch = SVAL(body, 0x2);
+ lb.break_flags = SVAL(body, 0x4);
+ memcpy(&lb.current_lease.lease_key, body+0x8,
+ sizeof(struct smb2_lease_key));
+ lb.current_lease.lease_state = SVAL(body, 0x18);
+ lb.new_lease_state = SVAL(body, 0x1C);
+ lb.break_reason = SVAL(body, 0x20);
+ lb.access_mask_hint = SVAL(body, 0x24);
+ lb.share_mask_hint = SVAL(body, 0x28);
+
+ TALLOC_FREE(recv_iov);
+
+ transport->lease.handler(transport, &lb,
+ transport->lease.private_data);
+ } else {
+ DEBUG(5,("Got SMB2 %s break with no handler\n",
+ lease ? "lease" : "oplock"));
+ }
+ TALLOC_FREE(recv_iov);
+}
+
+NTSTATUS smb2_transport_compound_start(struct smb2_transport *transport,
+ uint32_t num)
+{
+ TALLOC_FREE(transport->compound.reqs);
+ ZERO_STRUCT(transport->compound);
+
+ transport->compound.reqs = talloc_zero_array(transport,
+ struct tevent_req *,
+ num);
+ if (transport->compound.reqs == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ return NT_STATUS_OK;
+}
+
+void smb2_transport_compound_set_related(struct smb2_transport *transport,
+ bool related)
+{
+ transport->compound.related = related;
+}
+
+void smb2_transport_credits_ask_num(struct smb2_transport *transport,
+ uint16_t ask_num)
+{
+ smb2cli_conn_set_max_credits(transport->conn, ask_num);
+}
+
+static void idle_handler(struct tevent_context *ev,
+ struct tevent_timer *te, struct timeval t, void *private_data)
+{
+ struct smb2_transport *transport = talloc_get_type(private_data,
+ struct smb2_transport);
+ struct timeval next;
+
+ transport->idle.func(transport, transport->idle.private_data);
+
+ if (transport->idle.func == NULL) {
+ return;
+ }
+
+ if (!smbXcli_conn_is_connected(transport->conn)) {
+ return;
+ }
+
+ next = timeval_current_ofs_usec(transport->idle.period);
+ transport->idle.te = tevent_add_timer(transport->ev,
+ transport,
+ next,
+ idle_handler,
+ transport);
+}
+
+/*
+ setup the idle handler for a transport
+ the period is in microseconds
+*/
+void smb2_transport_idle_handler(struct smb2_transport *transport,
+ void (*idle_func)(struct smb2_transport *, void *),
+ uint64_t period,
+ void *private_data)
+{
+ TALLOC_FREE(transport->idle.te);
+ ZERO_STRUCT(transport->idle);
+
+ if (idle_func == NULL) {
+ return;
+ }
+
+ if (!smbXcli_conn_is_connected(transport->conn)) {
+ return;
+ }
+
+ transport->idle.func = idle_func;
+ transport->idle.private_data = private_data;
+ transport->idle.period = period;
+
+ transport->idle.te = tevent_add_timer(transport->ev,
+ transport,
+ timeval_current_ofs_usec(period),
+ idle_handler,
+ transport);
+}