summaryrefslogtreecommitdiff
path: root/source3/smbd/smb2_ioctl.c
diff options
context:
space:
mode:
authorDavid Disseldorp <ddiss@suse.de>2013-01-15 17:22:57 +0100
committerJeremy Allison <jra@samba.org>2013-01-16 23:15:06 +0100
commit14bd6c8b0954ad58ac4e3e157835594c26bfa97a (patch)
tree77c02b03dc0460cab603b71a1ba339560369f681 /source3/smbd/smb2_ioctl.c
parent958b21c28dacad38cd64e79ca7d77cd8acc20dd0 (diff)
downloadsamba-14bd6c8b0954ad58ac4e3e157835594c26bfa97a.tar.gz
samba-14bd6c8b0954ad58ac4e3e157835594c26bfa97a.tar.bz2
samba-14bd6c8b0954ad58ac4e3e157835594c26bfa97a.zip
smb2_ioctl: split ioctl handler code on device type
Add per device type ioctl handler source files for FSCTL_DFS, FSCTL_FILESYSTEM, FSCTL_NAMED_PIPE and FSCTL_NETWORK_FILESYSTEM. Reviewed by: Jeremy Allison <jra@samba.org>
Diffstat (limited to 'source3/smbd/smb2_ioctl.c')
-rw-r--r--source3/smbd/smb2_ioctl.c375
1 files changed, 20 insertions, 355 deletions
diff --git a/source3/smbd/smb2_ioctl.c b/source3/smbd/smb2_ioctl.c
index 1c7b94dbec..ea29cd460d 100644
--- a/source3/smbd/smb2_ioctl.c
+++ b/source3/smbd/smb2_ioctl.c
@@ -23,9 +23,8 @@
#include "smbd/globals.h"
#include "../libcli/smb/smb_common.h"
#include "../lib/util/tevent_ntstatus.h"
-#include "rpc_server/srv_pipe_hnd.h"
#include "include/ntioctl.h"
-#include "../librpc/ndr/libndr.h"
+#include "smb2_ioctl_private.h"
static struct tevent_req *smbd_smb2_ioctl_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
@@ -328,179 +327,6 @@ static void smbd_smb2_request_ioctl_done(struct tevent_req *subreq)
}
}
-static NTSTATUS fsctl_dfs_get_refers(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct connection_struct *conn,
- DATA_BLOB *in_input,
- uint32_t in_max_output,
- DATA_BLOB *out_output)
-{
- uint16_t in_max_referral_level;
- DATA_BLOB in_file_name_buffer;
- char *in_file_name_string;
- size_t in_file_name_string_size;
- bool ok;
- bool overflow = false;
- NTSTATUS status;
- int dfs_size;
- char *dfs_data = NULL;
- DATA_BLOB output;
-
- if (!IS_IPC(conn)) {
- return NT_STATUS_INVALID_DEVICE_REQUEST;
- }
-
- if (!lp_host_msdfs()) {
- return NT_STATUS_FS_DRIVER_REQUIRED;
- }
-
- if (in_input->length < (2 + 2)) {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- in_max_referral_level = SVAL(in_input->data, 0);
- in_file_name_buffer.data = in_input->data + 2;
- in_file_name_buffer.length = in_input->length - 2;
-
- ok = convert_string_talloc(mem_ctx, CH_UTF16, CH_UNIX,
- in_file_name_buffer.data,
- in_file_name_buffer.length,
- &in_file_name_string,
- &in_file_name_string_size);
- if (!ok) {
- return NT_STATUS_ILLEGAL_CHARACTER;
- }
-
- dfs_size = setup_dfs_referral(conn,
- in_file_name_string,
- in_max_referral_level,
- &dfs_data, &status);
- if (dfs_size < 0) {
- return status;
- }
-
- if (dfs_size > in_max_output) {
- /*
- * TODO: we need a testsuite for this
- */
- overflow = true;
- dfs_size = in_max_output;
- }
-
- output = data_blob_talloc(mem_ctx, (uint8_t *)dfs_data, dfs_size);
- SAFE_FREE(dfs_data);
- if ((dfs_size > 0) && (output.data == NULL)) {
- return NT_STATUS_NO_MEMORY;
- }
- *out_output = output;
-
- if (overflow) {
- return STATUS_BUFFER_OVERFLOW;
- }
- return NT_STATUS_OK;
-}
-
-static NTSTATUS fsctl_validate_neg_info(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct smbXsrv_connection *conn,
- DATA_BLOB *in_input,
- uint32_t in_max_output,
- DATA_BLOB *out_output,
- bool *disconnect)
-{
- uint32_t in_capabilities;
- DATA_BLOB in_guid_blob;
- struct GUID in_guid;
- uint16_t in_security_mode;
- uint16_t in_num_dialects;
- uint16_t i;
- DATA_BLOB out_guid_blob;
- NTSTATUS status;
-
- if (in_input->length < 0x18) {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- in_capabilities = IVAL(in_input->data, 0x00);
- in_guid_blob = data_blob_const(in_input->data + 0x04, 16);
- in_security_mode = SVAL(in_input->data, 0x14);
- in_num_dialects = SVAL(in_input->data, 0x16);
-
- if (in_input->length < (0x18 + in_num_dialects*2)) {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- if (in_max_output < 0x18) {
- return NT_STATUS_BUFFER_TOO_SMALL;
- }
-
- status = GUID_from_ndr_blob(&in_guid_blob, &in_guid);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- if (in_num_dialects != conn->smb2.client.num_dialects) {
- *disconnect = true;
- return NT_STATUS_ACCESS_DENIED;
- }
-
- for (i=0; i < in_num_dialects; i++) {
- uint16_t v = SVAL(in_input->data, 0x18 + i*2);
-
- if (conn->smb2.client.dialects[i] != v) {
- *disconnect = true;
- return NT_STATUS_ACCESS_DENIED;
- }
- }
-
- if (GUID_compare(&in_guid, &conn->smb2.client.guid) != 0) {
- *disconnect = true;
- return NT_STATUS_ACCESS_DENIED;
- }
-
- if (in_security_mode != conn->smb2.client.security_mode) {
- *disconnect = true;
- return NT_STATUS_ACCESS_DENIED;
- }
-
- if (in_capabilities != conn->smb2.client.capabilities) {
- *disconnect = true;
- return NT_STATUS_ACCESS_DENIED;
- }
-
- status = GUID_to_ndr_blob(&conn->smb2.server.guid, mem_ctx,
- &out_guid_blob);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- *out_output = data_blob_talloc(mem_ctx, NULL, 0x18);
- if (out_output->data == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
-
- SIVAL(out_output->data, 0x00, conn->smb2.server.capabilities);
- memcpy(out_output->data+0x04, out_guid_blob.data, 16);
- SIVAL(out_output->data, 0x14, conn->smb2.server.security_mode);
- SIVAL(out_output->data, 0x16, conn->smb2.server.dialect);
-
- return NT_STATUS_OK;
-}
-
-
-struct smbd_smb2_ioctl_state {
- struct smbd_smb2_request *smb2req;
- struct smb_request *smbreq;
- files_struct *fsp;
- DATA_BLOB in_input;
- uint32_t in_max_output;
- DATA_BLOB out_output;
- bool disconnect;
-};
-
-static void smbd_smb2_ioctl_pipe_write_done(struct tevent_req *subreq);
-static void smbd_smb2_ioctl_pipe_read_done(struct tevent_req *subreq);
-
static struct tevent_req *smbd_smb2_ioctl_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct smbd_smb2_request *smb2req,
@@ -513,7 +339,6 @@ static struct tevent_req *smbd_smb2_ioctl_send(TALLOC_CTX *mem_ctx,
struct tevent_req *req;
struct smbd_smb2_ioctl_state *state;
struct smb_request *smbreq;
- struct tevent_req *subreq;
req = tevent_req_create(mem_ctx, &state,
struct smbd_smb2_ioctl_state);
@@ -538,194 +363,34 @@ static struct tevent_req *smbd_smb2_ioctl_send(TALLOC_CTX *mem_ctx,
}
state->smbreq = smbreq;
- switch (in_ctl_code) {
- case 0x00060194: /* FSCTL_DFS_GET_REFERRALS */
- {
- status = fsctl_dfs_get_refers(state, ev, state->smbreq->conn,
- &state->in_input,
- state->in_max_output,
- &state->out_output);
- if (!tevent_req_nterror(req, status)) {
- tevent_req_done(req);
- }
- return tevent_req_post(req, ev);
- }
- case 0x0011C017: /* FSCTL_PIPE_TRANSCEIVE */
-
- if (!IS_IPC(smbreq->conn)) {
- tevent_req_nterror(req, NT_STATUS_NOT_SUPPORTED);
- return tevent_req_post(req, ev);
- }
-
- if (fsp == NULL) {
- tevent_req_nterror(req, NT_STATUS_FILE_CLOSED);
- return tevent_req_post(req, ev);
- }
-
- if (!fsp_is_np(fsp)) {
- tevent_req_nterror(req, NT_STATUS_FILE_CLOSED);
- return tevent_req_post(req, ev);
- }
-
- DEBUG(10,("smbd_smb2_ioctl_send: np_write_send of size %u\n",
- (unsigned int)in_input.length ));
-
- subreq = np_write_send(state, ev,
- fsp->fake_file_handle,
- in_input.data,
- in_input.length);
- if (tevent_req_nomem(subreq, req)) {
- return tevent_req_post(req, ev);
- }
- tevent_req_set_callback(subreq,
- smbd_smb2_ioctl_pipe_write_done,
- req);
- return req;
-
- case FSCTL_VALIDATE_NEGOTIATE_INFO:
- {
- status = fsctl_validate_neg_info(state, ev,
- state->smbreq->sconn->conn,
- &state->in_input,
- state->in_max_output,
- &state->out_output,
- &state->disconnect);
- if (!tevent_req_nterror(req, status)) {
- tevent_req_done(req);
- }
- return tevent_req_post(req, ev);
- }
-
- default: {
- uint8_t *out_data = NULL;
- uint32_t out_data_len = 0;
- NTSTATUS status;
-
- if (fsp == NULL) {
- tevent_req_nterror(req, NT_STATUS_FILE_CLOSED);
- return tevent_req_post(req, ev);
- }
-
- status = SMB_VFS_FSCTL(fsp,
- state,
- in_ctl_code,
- smbreq->flags2,
- in_input.data,
- in_input.length,
- &out_data,
- in_max_output,
- &out_data_len);
- state->out_output = data_blob_const(out_data, out_data_len);
- if (NT_STATUS_IS_OK(status)) {
- tevent_req_done(req);
- return tevent_req_post(req, ev);
- }
-
- if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
- if (IS_IPC(smbreq->conn)) {
- status = NT_STATUS_FS_DRIVER_REQUIRED;
- } else {
- status = NT_STATUS_INVALID_DEVICE_REQUEST;
- }
+ switch (in_ctl_code & IOCTL_DEV_TYPE_MASK) {
+ case FSCTL_DFS:
+ return smb2_ioctl_dfs(in_ctl_code, ev, req, state);
+ break;
+ case FSCTL_FILESYSTEM:
+ return smb2_ioctl_filesys(in_ctl_code, ev, req, state);
+ break;
+ case FSCTL_NAMED_PIPE:
+ return smb2_ioctl_named_pipe(in_ctl_code, ev, req, state);
+ break;
+ case FSCTL_NETWORK_FILESYSTEM:
+ return smb2_ioctl_network_fs(in_ctl_code, ev, req, state);
+ break;
+ default:
+ if (IS_IPC(smbreq->conn)) {
+ tevent_req_nterror(req, NT_STATUS_FS_DRIVER_REQUIRED);
+ } else {
+ tevent_req_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
}
- tevent_req_nterror(req, status);
return tevent_req_post(req, ev);
- }
+ break;
}
tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
return tevent_req_post(req, ev);
}
-static void smbd_smb2_ioctl_pipe_write_done(struct tevent_req *subreq)
-{
- struct tevent_req *req = tevent_req_callback_data(subreq,
- struct tevent_req);
- struct smbd_smb2_ioctl_state *state = tevent_req_data(req,
- struct smbd_smb2_ioctl_state);
- NTSTATUS status;
- ssize_t nwritten = -1;
-
- status = np_write_recv(subreq, &nwritten);
-
- DEBUG(10,("smbd_smb2_ioctl_pipe_write_done: received %ld\n",
- (long int)nwritten ));
-
- TALLOC_FREE(subreq);
- if (!NT_STATUS_IS_OK(status)) {
- NTSTATUS old = status;
- status = nt_status_np_pipe(old);
- tevent_req_nterror(req, status);
- return;
- }
-
- if (nwritten != state->in_input.length) {
- tevent_req_nterror(req, NT_STATUS_PIPE_NOT_AVAILABLE);
- return;
- }
-
- state->out_output = data_blob_talloc(state, NULL, state->in_max_output);
- if (state->in_max_output > 0 &&
- tevent_req_nomem(state->out_output.data, req)) {
- return;
- }
-
- DEBUG(10,("smbd_smb2_ioctl_pipe_write_done: issuing np_read_send "
- "of size %u\n",
- (unsigned int)state->out_output.length ));
-
- subreq = np_read_send(state->smbreq->conn,
- state->smb2req->sconn->ev_ctx,
- state->fsp->fake_file_handle,
- state->out_output.data,
- state->out_output.length);
- if (tevent_req_nomem(subreq, req)) {
- return;
- }
- tevent_req_set_callback(subreq, smbd_smb2_ioctl_pipe_read_done, req);
-}
-
-static void smbd_smb2_ioctl_pipe_read_done(struct tevent_req *subreq)
-{
- struct tevent_req *req = tevent_req_callback_data(subreq,
- struct tevent_req);
- struct smbd_smb2_ioctl_state *state = tevent_req_data(req,
- struct smbd_smb2_ioctl_state);
- NTSTATUS status;
- NTSTATUS old;
- ssize_t nread = -1;
- bool is_data_outstanding = false;
-
- status = np_read_recv(subreq, &nread, &is_data_outstanding);
- TALLOC_FREE(subreq);
-
- old = status;
- status = nt_status_np_pipe(old);
-
- DEBUG(10,("smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = %d "
- "is_data_outstanding = %d, status = %s%s%s\n",
- (int)nread,
- (int)is_data_outstanding,
- nt_errstr(old),
- NT_STATUS_EQUAL(old, status)?"":" => ",
- NT_STATUS_EQUAL(old, status)?"":nt_errstr(status)));
-
- if (!NT_STATUS_IS_OK(status)) {
- tevent_req_nterror(req, status);
- return;
- }
-
- state->out_output.length = nread;
-
- if (is_data_outstanding) {
- tevent_req_nterror(req, STATUS_BUFFER_OVERFLOW);
- return;
- }
-
- tevent_req_done(req);
-}
-
static NTSTATUS smbd_smb2_ioctl_recv(struct tevent_req *req,
TALLOC_CTX *mem_ctx,
DATA_BLOB *out_output,