diff options
-rw-r--r-- | source4/Makefile | 2 | ||||
-rw-r--r-- | source4/libcli/raw/interfaces.h | 38 | ||||
-rw-r--r-- | source4/libcli/smb2/connect.c | 2 | ||||
-rw-r--r-- | source4/libcli/smb2/create.c | 52 | ||||
-rw-r--r-- | source4/libcli/smb2/smb2.h | 50 | ||||
-rw-r--r-- | source4/libcli/smb2/smb2_calls.h | 2 | ||||
-rw-r--r-- | source4/libcli/smb2/tcon.c | 16 | ||||
-rw-r--r-- | source4/librpc/idl/idl_types.h | 5 | ||||
-rw-r--r-- | source4/librpc/idl/spoolss.idl | 11 | ||||
-rw-r--r-- | source4/librpc/rpc/dcerpc_smb2.c | 6 | ||||
-rw-r--r-- | source4/ntvfs/ipc/vfs_ipc.c | 4 | ||||
-rw-r--r-- | source4/ntvfs/ntvfs.h | 8 | ||||
-rw-r--r-- | source4/ntvfs/ntvfs_generic.c | 12 | ||||
-rw-r--r-- | source4/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 4 | ||||
-rw-r--r-- | source4/smb_server/smb2/fileio.c | 22 | ||||
-rw-r--r-- | source4/smb_server/smb2/tcon.c | 28 | ||||
-rw-r--r-- | source4/torture/rpc/eventlog.c | 10 | ||||
-rw-r--r-- | source4/torture/rpc/spoolss.c | 22 | ||||
-rw-r--r-- | source4/torture/smb2/connect.c | 10 | ||||
-rw-r--r-- | source4/torture/smb2/lock.c | 8 | ||||
-rw-r--r-- | source4/torture/smb2/util.c | 40 |
21 files changed, 208 insertions, 144 deletions
diff --git a/source4/Makefile b/source4/Makefile index a5f32e19d6..a99dc825f1 100644 --- a/source4/Makefile +++ b/source4/Makefile @@ -21,6 +21,7 @@ HOSTLD_FLAGS = $(LDFLAGS) default: all +include rules.mk include data.mk DEFAULT_HEADERS = $(srcdir)/lib/util/dlinklist.h \ @@ -175,7 +176,6 @@ testcov-html:: include pidl/config.mk include selftest/config.mk -include rules.mk showflags:: @echo ' pwd = '`/bin/pwd` diff --git a/source4/libcli/raw/interfaces.h b/source4/libcli/raw/interfaces.h index 4211dadb2d..ce6323f2e5 100644 --- a/source4/libcli/raw/interfaces.h +++ b/source4/libcli/raw/interfaces.h @@ -260,20 +260,19 @@ union smb_tcon { struct { /* static body buffer 8 (0x08) bytes */ - /* uint16_t buffer_code; 0x09 = 0x08 + 1 */ - uint16_t unknown1; /* 0x0000 */ + uint16_t reserved; /* uint16_t path_ofs */ /* uint16_t path_size */ - - /* dynamic body */ + /* dynamic body */ const char *path; /* as non-terminated UTF-16 on the wire */ } in; struct { /* static body buffer 16 (0x10) bytes */ /* uint16_t buffer_code; 0x10 */ - uint16_t unknown1; /* 0x02 */ - uint32_t unknown2; /* 0x00 */ - uint32_t unknown3; /* 0x00 */ + uint8_t share_type; + uint8_t reserved; + uint32_t flags; + uint32_t capabilities; uint32_t access_mask; /* extracted from the SMB2 header */ @@ -1553,16 +1552,16 @@ union smb_open { enum smb_open_level level; struct { /* static body buffer 56 (0x38) bytes */ - /* uint16_t buffer_code; 0x39 = 0x38 + 1 */ - uint16_t oplock_flags; /* SMB2_CREATE_FLAG_* */ - uint32_t impersonation; - uint32_t unknown3[4]; - uint32_t access_mask; - - uint32_t file_attr; - uint32_t share_access; - uint32_t open_disposition; - uint32_t create_options; + uint8_t security_flags; /* SMB2_SECURITY_* */ + uint8_t oplock_level; /* SMB2_OPLOCK_LEVEL_* */ + uint32_t impersonation_level; /* SMB2_IMPERSONATION_* */ + uint64_t create_flags; + uint64_t reserved; + uint32_t desired_access; + uint32_t file_attributes; + uint32_t share_access; /* NTCREATEX_SHARE_ACCESS_* */ + uint32_t create_disposition; /* NTCREATEX_DISP_* */ + uint32_t create_options; /* NTCREATEX_OPTIONS_* */ /* uint16_t fname_ofs */ /* uint16_t fname_size */ @@ -1580,7 +1579,8 @@ union smb_open { /* static body buffer 88 (0x58) bytes */ /* uint16_t buffer_code; 0x59 = 0x58 + 1 */ - uint16_t oplock_flags; /* SMB2_CREATE_FLAG_* */ + uint8_t oplock_level; + uint8_t reserved; uint32_t create_action; NTTIME create_time; NTTIME access_time; @@ -1589,7 +1589,7 @@ union smb_open { uint64_t alloc_size; uint64_t size; uint32_t file_attr; - uint32_t _pad; + uint32_t reserved2; /* struct smb2_handle handle;*/ /* uint32_t blob_ofs; */ /* uint32_t blob_size; */ diff --git a/source4/libcli/smb2/connect.c b/source4/libcli/smb2/connect.c index a2ae828fa5..535df11d9d 100644 --- a/source4/libcli/smb2/connect.c +++ b/source4/libcli/smb2/connect.c @@ -73,7 +73,7 @@ static void continue_session(struct composite_context *creq) state->tree = smb2_tree_init(state->session, state, true); if (composite_nomem(state->tree, c)) return; - state->tcon.in.unknown1 = 0x09; + state->tcon.in.reserved = 0; state->tcon.in.path = talloc_asprintf(state, "\\\\%s\\%s", state->host, state->share); if (composite_nomem(state->tcon.in.path, c)) return; diff --git a/source4/libcli/smb2/create.c b/source4/libcli/smb2/create.c index ba11c22e87..cca83a040c 100644 --- a/source4/libcli/smb2/create.c +++ b/source4/libcli/smb2/create.c @@ -24,34 +24,33 @@ #include "libcli/smb2/smb2.h" #include "libcli/smb2/smb2_calls.h" -#define CREATE_TAG_EXTA 0x41747845 /* "ExtA" */ -#define CREATE_TAG_MXAC 0x6341784D /* "MxAc" */ - /* add a blob to a smb2_create attribute blob */ NTSTATUS smb2_create_blob_add(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, - uint32_t tag, + const char *tag, DATA_BLOB add, bool last) { uint32_t ofs = blob->length; - uint8_t pad = smb2_padding_size(add.length, 8); - if (!data_blob_realloc(mem_ctx, blob, blob->length + 0x18 + add.length + pad)) + size_t tag_length = strlen(tag); + uint8_t pad = smb2_padding_size(add.length+tag_length, 8); + if (!data_blob_realloc(mem_ctx, blob, + blob->length + 0x14 + tag_length + add.length + pad)) return NT_STATUS_NO_MEMORY; if (last) { SIVAL(blob->data, ofs+0x00, 0); } else { - SIVAL(blob->data, ofs+0x00, 0x18 + add.length + pad); + SIVAL(blob->data, ofs+0x00, 0x14 + tag_length + add.length + pad); } SSVAL(blob->data, ofs+0x04, 0x10); /* offset of tag */ - SIVAL(blob->data, ofs+0x06, 0x04); /* tag length */ - SSVAL(blob->data, ofs+0x0A, 0x18); /* offset of data */ + SIVAL(blob->data, ofs+0x06, tag_length); /* tag length */ + SSVAL(blob->data, ofs+0x0A, 0x14 + tag_length); /* offset of data */ SIVAL(blob->data, ofs+0x0C, add.length); - SIVAL(blob->data, ofs+0x10, tag); - SIVAL(blob->data, ofs+0x14, 0); /* pad? */ - memcpy(blob->data+ofs+0x18, add.data, add.length); - memset(blob->data+ofs+0x18+add.length, 0, pad); + memcpy(blob->data+ofs+0x10, tag, tag_length); + SIVAL(blob->data, ofs+0x10+tag_length, 0); /* pad? */ + memcpy(blob->data+ofs+0x14+tag_length, add.data, add.length); + memset(blob->data+ofs+0x14+tag_length+add.length, 0, pad); return NT_STATUS_OK; } @@ -68,16 +67,15 @@ struct smb2_request *smb2_create_send(struct smb2_tree *tree, struct smb2_create req = smb2_request_init_tree(tree, SMB2_OP_CREATE, 0x38, true, 0); if (req == NULL) return NULL; - SSVAL(req->out.body, 0x02, io->in.oplock_flags); - SIVAL(req->out.body, 0x04, io->in.impersonation); - SIVAL(req->out.body, 0x08, io->in.unknown3[0]); - SIVAL(req->out.body, 0x0C, io->in.unknown3[1]); - SIVAL(req->out.body, 0x10, io->in.unknown3[2]); - SIVAL(req->out.body, 0x14, io->in.unknown3[3]); - SIVAL(req->out.body, 0x18, io->in.access_mask); - SIVAL(req->out.body, 0x1C, io->in.file_attr); + SCVAL(req->out.body, 0x02, io->in.security_flags); + SCVAL(req->out.body, 0x03, io->in.oplock_level); + SIVAL(req->out.body, 0x04, io->in.impersonation_level); + SBVAL(req->out.body, 0x08, io->in.create_flags); + SBVAL(req->out.body, 0x10, io->in.reserved); + SIVAL(req->out.body, 0x18, io->in.desired_access); + SIVAL(req->out.body, 0x1C, io->in.file_attributes); SIVAL(req->out.body, 0x20, io->in.share_access); - SIVAL(req->out.body, 0x24, io->in.open_disposition); + SIVAL(req->out.body, 0x24, io->in.create_disposition); SIVAL(req->out.body, 0x28, io->in.create_options); status = smb2_push_o16s16_string(&req->out, 0x2C, io->in.fname); @@ -90,7 +88,7 @@ struct smb2_request *smb2_create_send(struct smb2_tree *tree, struct smb2_create DATA_BLOB b = data_blob_talloc(req, NULL, ea_list_size_chained(io->in.eas.num_eas, io->in.eas.eas)); ea_put_list_chained(b.data, io->in.eas.num_eas, io->in.eas.eas); - status = smb2_create_blob_add(req, &blob, CREATE_TAG_EXTA, b, false); + status = smb2_create_blob_add(req, &blob, SMB2_CREATE_TAG_EXTA, b, false); if (!NT_STATUS_IS_OK(status)) { talloc_free(req); return NULL; @@ -100,7 +98,8 @@ struct smb2_request *smb2_create_send(struct smb2_tree *tree, struct smb2_create /* an empty MxAc tag seems to be used to ask the server to return the maximum access mask allowed on the file */ - status = smb2_create_blob_add(req, &blob, CREATE_TAG_MXAC, data_blob(NULL, 0), true); + status = smb2_create_blob_add(req, &blob, SMB2_CREATE_TAG_MXAC, + data_blob(NULL, 0), true); if (!NT_STATUS_IS_OK(status)) { talloc_free(req); @@ -132,7 +131,8 @@ NTSTATUS smb2_create_recv(struct smb2_request *req, TALLOC_CTX *mem_ctx, struct SMB2_CHECK_PACKET_RECV(req, 0x58, true); - io->out.oplock_flags = SVAL(req->in.body, 0x02); + io->out.oplock_level = CVAL(req->in.body, 0x02); + io->out.reserved = CVAL(req->in.body, 0x03); io->out.create_action = IVAL(req->in.body, 0x04); io->out.create_time = smbcli_pull_nttime(req->in.body, 0x08); io->out.access_time = smbcli_pull_nttime(req->in.body, 0x10); @@ -141,7 +141,7 @@ NTSTATUS smb2_create_recv(struct smb2_request *req, TALLOC_CTX *mem_ctx, struct io->out.alloc_size = BVAL(req->in.body, 0x28); io->out.size = BVAL(req->in.body, 0x30); io->out.file_attr = IVAL(req->in.body, 0x38); - io->out._pad = IVAL(req->in.body, 0x3C); + io->out.reserved2 = IVAL(req->in.body, 0x3C); smb2_pull_handle(req->in.body+0x40, &io->out.file.handle); status = smb2_pull_o32s32_blob(&req->in, mem_ctx, req->in.body+0x50, &io->out.blob); if (!NT_STATUS_IS_OK(status)) { diff --git a/source4/libcli/smb2/smb2.h b/source4/libcli/smb2/smb2.h index 60cf3e0173..db13ab69b3 100644 --- a/source4/libcli/smb2/smb2.h +++ b/source4/libcli/smb2/smb2.h @@ -195,6 +195,56 @@ struct smb2_request { #define SMB2_MAGIC 0x424D53FE /* 0xFE 'S' 'M' 'B' */ +/* SMB2 negotiate security_mode */ +#define SMB2_NEGOTIATE_SIGNING_ENABLED 0x01 +#define SMB2_NEGOTIATE_SIGNING_REQUIRED 0x02 + +/* SMB2 capabilities - only 1 so far. I'm sure more will be added */ +#define SMB2_CAP_DFS 0x0 +/* so we can spot new caps as added */ +#define SMB2_CAP_ALL SMB2_CAP_DFS + +/* SMB2 share flags */ +#define SMB2_SHAREFLAG_MANUAL_CACHING 0x0000 +#define SMB2_SHAREFLAG_AUTO_CACHING 0x0010 +#define SMB2_SHAREFLAG_VDO_CACHING 0x0020 +#define SMB2_SHAREFLAG_NO_CACHING 0x0030 +#define SMB2_SHAREFLAG_DFS 0x0001 +#define SMB2_SHAREFLAG_DFS_ROOT 0x0002 +#define SMB2_SHAREFLAG_RESTRICT_EXCLUSIVE_OPENS 0x0100 +#define SMB2_SHAREFLAG_FORCE_SHARED_DELETE 0x0200 +#define SMB2_SHAREFLAG_ALLOW_NAMESPACE_CACHING 0x0400 +#define SMB2_SHAREFLAG_ACCESS_BASED_DIRECTORY_ENUM 0x0800 +#define SMB2_SHAREFLAG_ALL 0x0F33 + +/* SMB2 create security flags */ +#define SMB2_SECURITY_DYNAMIC_TRACKING 0x01 +#define SMB2_SECURITY_EFFECTIVE_ONLY 0x02 + +/* SMB2 requested oplock levels */ +#define SMB2_OPLOCK_LEVEL_NONE 0x00 +#define SMB2_OPLOCK_LEVEL_II 0x01 +#define SMB2_OPLOCK_LEVEL_EXCLUSIVE 0x08 +#define SMB2_OPLOCK_LEVEL_BATCH 0x09 + +/* SMB2 impersonation levels */ +#define SMB2_IMPERSONATION_ANONYMOUS 0x00 +#define SMB2_IMPERSONATION_IDENTIFICATION 0x01 +#define SMB2_IMPERSONATION_IMPERSONATION 0x02 +#define SMB2_IMPERSONATION_DELEGATE 0x03 + +/* SMB2 create tags */ +#define SMB2_CREATE_TAG_EXTA "ExtA" +#define SMB2_CREATE_TAG_MXAC "MxAc" +#define SMB2_CREATE_TAG_SECD "SecD" +#define SMB2_CREATE_TAG_DHNQ "DHnQ" +#define SMB2_CREATE_TAG_DHNC "DHnC" +#define SMB2_CREATE_TAG_ALSI "AlSi" +#define SMB2_CREATE_TAG_TWRP "TWrp" +#define SMB2_CREATE_TAG_QFID "QFid" + + + /* check that a body has the expected size */ diff --git a/source4/libcli/smb2/smb2_calls.h b/source4/libcli/smb2/smb2_calls.h index 423d9d1579..f2e3019d83 100644 --- a/source4/libcli/smb2/smb2_calls.h +++ b/source4/libcli/smb2/smb2_calls.h @@ -35,7 +35,7 @@ struct smb2_negprot { struct { /* static body buffer 64 (0x40) bytes */ /* uint16_t buffer_code; 0x41 = 0x40 + 1 */ - uint16_t security_mode; + uint16_t security_mode; /* SMB2_NEGOTIATE_SIGNING_* */ uint16_t dialect_revision; uint16_t reserved; struct GUID server_guid; diff --git a/source4/libcli/smb2/tcon.c b/source4/libcli/smb2/tcon.c index 5a09970584..db35669d41 100644 --- a/source4/libcli/smb2/tcon.c +++ b/source4/libcli/smb2/tcon.c @@ -58,7 +58,7 @@ struct smb2_request *smb2_tree_connect_send(struct smb2_tree *tree, SBVAL(req->out.hdr, SMB2_HDR_SESSION_ID, tree->session->uid); - SSVAL(req->out.body, 0x02, io->in.unknown1); + SSVAL(req->out.body, 0x02, io->in.reserved); status = smb2_push_o16s16_string(&req->out, 0x04, io->in.path); if (!NT_STATUS_IS_OK(status)) { talloc_free(req); @@ -85,10 +85,18 @@ NTSTATUS smb2_tree_connect_recv(struct smb2_request *req, struct smb2_tree_conne io->out.tid = IVAL(req->in.hdr, SMB2_HDR_TID); - io->out.unknown1 = SVAL(req->in.body, 0x02); - io->out.unknown2 = IVAL(req->in.body, 0x04); - io->out.unknown3 = IVAL(req->in.body, 0x08); + io->out.share_type = CVAL(req->in.body, 0x02); + io->out.reserved = CVAL(req->in.body, 0x03); + io->out.flags = IVAL(req->in.body, 0x04); + io->out.capabilities= IVAL(req->in.body, 0x08); io->out.access_mask = IVAL(req->in.body, 0x0C); + + if (io->out.capabilities & ~SMB2_CAP_ALL) { + DEBUG(0,("Unknown capabilities mask 0x%x\n", io->out.capabilities)); + } + if (io->out.flags & ~SMB2_SHAREFLAG_ALL) { + DEBUG(0,("Unknown tcon shareflag 0x%x\n", io->out.flags)); + } return smb2_request_destroy(req); } diff --git a/source4/librpc/idl/idl_types.h b/source4/librpc/idl/idl_types.h index 01524c2984..9885ca5bf6 100644 --- a/source4/librpc/idl/idl_types.h +++ b/source4/librpc/idl/idl_types.h @@ -10,11 +10,6 @@ #define STR_UTF8 LIBNDR_FLAG_STR_UTF8 /* - a UCS2 string prefixed with [size], 32 bits -*/ -#define lstring [flag(STR_SIZE4)] string - -/* a null terminated UCS2 string */ #define nstring [flag(STR_NULLTERM)] string diff --git a/source4/librpc/idl/spoolss.idl b/source4/librpc/idl/spoolss.idl index 33b4dba7b2..2144393ebd 100644 --- a/source4/librpc/idl/spoolss.idl +++ b/source4/librpc/idl/spoolss.idl @@ -1407,12 +1407,13 @@ import "security.idl", "winreg.idl"; WERROR spoolss_EnumPrinterData( [in,ref] policy_handle *handle, [in] uint32 enum_index, + [out,ref,size_is(value_offered/2),charset(UTF16)] uint16 *value_name, [in] uint32 value_offered, - [out] lstring value_name, - [out] uint32 value_needed, - [out] uint32 printerdata_type, - [out] DATA_BLOB buffer, - [in,out,ref] uint32 *data_size + [out,ref] uint32 *value_needed, + [out,ref] uint32 *printerdata_type, + [out,ref] DATA_BLOB *buffer, + [in] uint32 data_offered, + [out,ref] uint32 *data_needed ); /******************/ diff --git a/source4/librpc/rpc/dcerpc_smb2.c b/source4/librpc/rpc/dcerpc_smb2.c index b06964d331..a0094b8bae 100644 --- a/source4/librpc/rpc/dcerpc_smb2.c +++ b/source4/librpc/rpc/dcerpc_smb2.c @@ -410,7 +410,7 @@ struct composite_context *dcerpc_pipe_open_smb2_send(struct dcerpc_pipe *p, state->ctx = ctx; ZERO_STRUCT(io); - io.in.access_mask = + io.in.desired_access = SEC_STD_READ_CONTROL | SEC_FILE_READ_ATTRIBUTE | SEC_FILE_WRITE_ATTRIBUTE | @@ -423,11 +423,11 @@ struct composite_context *dcerpc_pipe_open_smb2_send(struct dcerpc_pipe *p, io.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE; - io.in.open_disposition = NTCREATEX_DISP_OPEN; + io.in.create_disposition = NTCREATEX_DISP_OPEN; io.in.create_options = NTCREATEX_OPTIONS_NON_DIRECTORY_FILE | NTCREATEX_OPTIONS_UNKNOWN_400000; - io.in.impersonation = NTCREATEX_IMPERSONATION_IMPERSONATION; + io.in.impersonation_level = NTCREATEX_IMPERSONATION_IMPERSONATION; if ((strncasecmp(pipe_name, "/pipe/", 6) == 0) || (strncasecmp(pipe_name, "\\pipe\\", 6) == 0)) { diff --git a/source4/ntvfs/ipc/vfs_ipc.c b/source4/ntvfs/ipc/vfs_ipc.c index 81cd984f0b..92f0eadae1 100644 --- a/source4/ntvfs/ipc/vfs_ipc.c +++ b/source4/ntvfs/ipc/vfs_ipc.c @@ -322,7 +322,7 @@ static NTSTATUS ipc_open_smb2(struct ntvfs_module_context *ntvfs, NT_STATUS_NOT_OK_RETURN(status); oi->smb2.out.file.ntvfs = p->handle; - oi->smb2.out.oplock_flags = oi->smb2.in.oplock_flags; + oi->smb2.out.oplock_level = oi->smb2.in.oplock_level; oi->smb2.out.create_action = NTCREATEX_ACTION_EXISTED; oi->smb2.out.create_time = 0; oi->smb2.out.access_time = 0; @@ -331,7 +331,7 @@ static NTSTATUS ipc_open_smb2(struct ntvfs_module_context *ntvfs, oi->smb2.out.alloc_size = 4096; oi->smb2.out.size = 0; oi->smb2.out.file_attr = FILE_ATTRIBUTE_NORMAL; - oi->smb2.out._pad = 0; + oi->smb2.out.reserved2 = 0; oi->smb2.out.blob = data_blob(NULL, 0); return status; diff --git a/source4/ntvfs/ntvfs.h b/source4/ntvfs/ntvfs.h index fe5f956426..a708dbff51 100644 --- a/source4/ntvfs/ntvfs.h +++ b/source4/ntvfs/ntvfs.h @@ -32,9 +32,11 @@ struct ntvfs_module_context; struct ntvfs_request; /* each backend has to be one one of the following 3 basic types. In - * earlier versions of Samba backends needed to handle all types, now - * we implement them separately. */ -enum ntvfs_type {NTVFS_DISK, NTVFS_PRINT, NTVFS_IPC}; + earlier versions of Samba backends needed to handle all types, now + we implement them separately. + The values 1..3 match the SMB2 SMB2_SHARE_TYPE_* values + */ +enum ntvfs_type {NTVFS_DISK=1, NTVFS_IPC=2, NTVFS_PRINT=3}; /* the ntvfs operations structure - contains function pointers to the backend implementations of each operation */ diff --git a/source4/ntvfs/ntvfs_generic.c b/source4/ntvfs/ntvfs_generic.c index 7708f4fc80..5092e732b4 100644 --- a/source4/ntvfs/ntvfs_generic.c +++ b/source4/ntvfs/ntvfs_generic.c @@ -208,7 +208,7 @@ static NTSTATUS ntvfs_map_open_finish(struct ntvfs_module_context *ntvfs, case RAW_OPEN_SMB2: io->smb2.out.file.ntvfs = io2->generic.out.file.ntvfs; - io->smb2.out.oplock_flags = 0; + io->smb2.out.oplock_level = 0; io->smb2.out.create_action = io2->generic.out.create_action; io->smb2.out.create_time = io2->generic.out.create_time; io->smb2.out.access_time = io2->generic.out.access_time; @@ -217,7 +217,7 @@ static NTSTATUS ntvfs_map_open_finish(struct ntvfs_module_context *ntvfs, io->smb2.out.alloc_size = io2->generic.out.alloc_size; io->smb2.out.size = io2->generic.out.size; io->smb2.out.file_attr = io2->generic.out.attrib; - io->smb2.out._pad = 0; + io->smb2.out.reserved2 = 0; io->smb2.out.blob = data_blob(NULL, 0); break; @@ -486,13 +486,13 @@ _PUBLIC_ NTSTATUS ntvfs_map_open(struct ntvfs_module_context *ntvfs, case RAW_OPEN_SMB2: io2->generic.in.flags = 0; io2->generic.in.root_fid = 0; - io2->generic.in.access_mask = io->smb2.in.access_mask; + io2->generic.in.access_mask = io->smb2.in.desired_access; io2->generic.in.alloc_size = 0; - io2->generic.in.file_attr = io->smb2.in.file_attr; + io2->generic.in.file_attr = io->smb2.in.file_attributes; io2->generic.in.share_access = io->smb2.in.share_access; - io2->generic.in.open_disposition= io->smb2.in.open_disposition; + io2->generic.in.open_disposition= io->smb2.in.create_disposition; io2->generic.in.create_options = io->smb2.in.create_options; - io2->generic.in.impersonation = io->smb2.in.impersonation; + io2->generic.in.impersonation = io->smb2.in.impersonation_level; io2->generic.in.security_flags = 0; io2->generic.in.fname = io->smb2.in.fname; io2->generic.in.sec_desc = NULL; diff --git a/source4/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/source4/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm index 60d5bf8781..ef3eb3dbcf 100644 --- a/source4/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +++ b/source4/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm @@ -2149,9 +2149,9 @@ sub ParseFunctionPull($$) $self->pidl("NDR_PULL_ALLOC_N(ndr, r->out.$e->{NAME}, $size);"); if (grep(/in/, @{$e->{DIRECTION}})) { - $self->pidl("memcpy(r->out.$e->{NAME}, r->in.$e->{NAME}, $size * sizeof(*r->in.$e->{NAME}));"); + $self->pidl("memcpy(r->out.$e->{NAME}, r->in.$e->{NAME}, ($size) * sizeof(*r->in.$e->{NAME}));"); } else { - $self->pidl("memset(r->out.$e->{NAME}, 0, $size * sizeof(*r->out.$e->{NAME}));"); + $self->pidl("memset(r->out.$e->{NAME}, 0, ($size) * sizeof(*r->out.$e->{NAME}));"); } } else { $self->pidl("NDR_PULL_ALLOC(ndr, r->out.$e->{NAME});"); diff --git a/source4/smb_server/smb2/fileio.c b/source4/smb_server/smb2/fileio.c index 0e83c78615..567243ba94 100644 --- a/source4/smb_server/smb2/fileio.c +++ b/source4/smb_server/smb2/fileio.c @@ -34,7 +34,8 @@ static void smb2srv_create_send(struct ntvfs_request *ntvfs) SMB2SRV_CHECK_ASYNC_STATUS(io, union smb_open); SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x58, true, io->smb2.out.blob.length)); - SSVAL(req->out.body, 0x02, io->smb2.out.oplock_flags); + SCVAL(req->out.body, 0x02, io->smb2.out.oplock_level); + SCVAL(req->out.body, 0x03, io->smb2.out.reserved); SIVAL(req->out.body, 0x04, io->smb2.out.create_action); SBVAL(req->out.body, 0x08, io->smb2.out.create_time); SBVAL(req->out.body, 0x10, io->smb2.out.access_time); @@ -43,7 +44,7 @@ static void smb2srv_create_send(struct ntvfs_request *ntvfs) SBVAL(req->out.body, 0x28, io->smb2.out.alloc_size); SBVAL(req->out.body, 0x30, io->smb2.out.size); SIVAL(req->out.body, 0x38, io->smb2.out.file_attr); - SIVAL(req->out.body, 0x3C, io->smb2.out._pad); + SIVAL(req->out.body, 0x3C, io->smb2.out.reserved2); smb2srv_push_handle(req->out.body, 0x40, io->smb2.out.file.ntvfs); SMB2SRV_CHECK(smb2_push_o32s32_blob(&req->out, 0x50, io->smb2.out.blob)); @@ -64,16 +65,15 @@ void smb2srv_create_recv(struct smb2srv_request *req) SMB2SRV_SETUP_NTVFS_REQUEST(smb2srv_create_send, NTVFS_ASYNC_STATE_MAY_ASYNC); io->smb2.level = RAW_OPEN_SMB2; - io->smb2.in.oplock_flags = SVAL(req->in.body, 0x02); - io->smb2.in.impersonation = IVAL(req->in.body, 0x04); - io->smb2.in.unknown3[0] = IVAL(req->in.body, 0x08); - io->smb2.in.unknown3[1] = IVAL(req->in.body, 0x0C); - io->smb2.in.unknown3[2] = IVAL(req->in.body, 0x10); - io->smb2.in.unknown3[3] = IVAL(req->in.body, 0x14); - io->smb2.in.access_mask = IVAL(req->in.body, 0x18); - io->smb2.in.file_attr = IVAL(req->in.body, 0x1C); + io->smb2.in.security_flags = CVAL(req->in.body, 0x02); + io->smb2.in.oplock_level = CVAL(req->in.body, 0x03); + io->smb2.in.impersonation_level = IVAL(req->in.body, 0x04); + io->smb2.in.create_flags = BVAL(req->in.body, 0x08); + io->smb2.in.reserved = BVAL(req->in.body, 0x10); + io->smb2.in.desired_access = IVAL(req->in.body, 0x18); + io->smb2.in.file_attributes = IVAL(req->in.body, 0x1C); io->smb2.in.share_access = IVAL(req->in.body, 0x20); - io->smb2.in.open_disposition = IVAL(req->in.body, 0x24); + io->smb2.in.create_disposition = IVAL(req->in.body, 0x24); io->smb2.in.create_options = IVAL(req->in.body, 0x28); SMB2SRV_CHECK(smb2_pull_o16s16_string(&req->in, io, req->in.body+0x2C, &io->smb2.in.fname)); SMB2SRV_CHECK(smb2_pull_o32s32_blob(&req->in, io, req->in.body+0x30, &blob)); diff --git a/source4/smb_server/smb2/tcon.c b/source4/smb_server/smb2/tcon.c index 824a57b4a1..b375ce6b4b 100644 --- a/source4/smb_server/smb2/tcon.c +++ b/source4/smb_server/smb2/tcon.c @@ -240,8 +240,6 @@ static NTSTATUS smb2srv_tcon_backend(struct smb2srv_request *req, union smb_tcon struct smbsrv_tcon *tcon; NTSTATUS status; enum ntvfs_type type; - uint16_t type_smb2; - uint32_t unknown2; const char *service = io->smb2.in.path; struct share_config *scfg; const char *sharetype; @@ -270,16 +268,10 @@ static NTSTATUS smb2srv_tcon_backend(struct smb2srv_request *req, union smb_tcon sharetype = share_string_option(scfg, SHARE_TYPE, "DISK"); if (sharetype && strcmp(sharetype, "IPC") == 0) { type = NTVFS_IPC; - type_smb2 = 0x0002; - unknown2 = 0x00000030; } else if (sharetype && strcmp(sharetype, "PRINTER") == 0) { type = NTVFS_PRINT; - type_smb2 = 0x0003; - unknown2 = 0x00000000; } else { type = NTVFS_DISK; - type_smb2 = 0x0001; - unknown2 = 0x00000800; } tcon = smbsrv_smb2_tcon_new(req->session, scfg->name); @@ -344,10 +336,11 @@ static NTSTATUS smb2srv_tcon_backend(struct smb2srv_request *req, union smb_tcon goto failed; } - io->smb2.out.unknown1 = type_smb2; /* 1 - DISK, 2 - Print, 3 - IPC */ - io->smb2.out.unknown2 = unknown2; - io->smb2.out.unknown3 = 0x00000000; - io->smb2.out.access_mask= SEC_RIGHTS_FILE_ALL; + io->smb2.out.share_type = (unsigned)type; /* 1 - DISK, 2 - Print, 3 - IPC */ + io->smb2.out.reserved = 0; + io->smb2.out.flags = 0x00000000; + io->smb2.out.capabilities = 0; + io->smb2.out.access_mask = SEC_RIGHTS_FILE_ALL; io->smb2.out.tid = tcon->tid; @@ -367,7 +360,7 @@ static void smb2srv_tcon_send(struct smb2srv_request *req, union smb_tcon *io) smb2srv_send_error(req, req->status); return; } - if (io->smb2.out.unknown1 == 0x0002) { + if (io->smb2.out.share_type == NTVFS_IPC) { /* if it's an IPC share vista returns 0x0005 */ credit = 0x0005; } else { @@ -379,9 +372,10 @@ static void smb2srv_tcon_send(struct smb2srv_request *req, union smb_tcon *io) SIVAL(req->out.hdr, SMB2_HDR_TID, io->smb2.out.tid); SSVAL(req->out.hdr, SMB2_HDR_CREDIT,credit); - SSVAL(req->out.body, 0x02, io->smb2.out.unknown1); - SIVAL(req->out.body, 0x04, io->smb2.out.unknown2); - SIVAL(req->out.body, 0x08, io->smb2.out.unknown3); + SCVAL(req->out.body, 0x02, io->smb2.out.share_type); + SCVAL(req->out.body, 0x03, io->smb2.out.reserved); + SIVAL(req->out.body, 0x04, io->smb2.out.flags); + SIVAL(req->out.body, 0x08, io->smb2.out.capabilities); SIVAL(req->out.body, 0x0C, io->smb2.out.access_mask); smb2srv_send_reply(req); @@ -395,7 +389,7 @@ void smb2srv_tcon_recv(struct smb2srv_request *req) SMB2SRV_TALLOC_IO_PTR(io, union smb_tcon); io->smb2.level = RAW_TCON_SMB2; - io->smb2.in.unknown1 = SVAL(req->in.body, 0x02); + io->smb2.in.reserved = SVAL(req->in.body, 0x02); SMB2SRV_CHECK(smb2_pull_o16s16_string(&req->in, io, req->in.body+0x04, &io->smb2.in.path)); req->status = smb2srv_tcon_backend(req, io); diff --git a/source4/torture/rpc/eventlog.c b/source4/torture/rpc/eventlog.c index 047146edaf..feeeb9330b 100644 --- a/source4/torture/rpc/eventlog.c +++ b/source4/torture/rpc/eventlog.c @@ -67,11 +67,14 @@ static bool test_GetNumRecords(struct torture_context *tctx, struct dcerpc_pipe struct eventlog_GetNumRecords r; struct eventlog_CloseEventLog cr; struct policy_handle handle; + uint32_t number = 0; if (!get_policy_handle(tctx, p, &handle)) return false; + ZERO_STRUCT(r); r.in.handle = &handle; + r.out.number = &number; torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_GetNumRecords(p, tctx, &r), @@ -98,6 +101,7 @@ static bool test_ReadEventLog(struct torture_context *tctx, if (!get_policy_handle(tctx, p, &handle)) return false; + ZERO_STRUCT(r); r.in.offset = 0; r.in.handle = &handle; r.in.flags = EVENTLOG_BACKWARDS_READ|EVENTLOG_SEQUENTIAL_READ; @@ -107,11 +111,15 @@ static bool test_ReadEventLog(struct torture_context *tctx, struct eventlog_Record rec; struct ndr_pull *ndr; enum ndr_err_code ndr_err; + uint32_t sent_size = 0; + uint32_t real_size = 0; /* Read first for number of bytes in record */ r.in.number_of_bytes = 0; r.out.data = NULL; + r.out.sent_size = &sent_size; + r.out.real_size = &real_size; status = dcerpc_eventlog_ReadEventLogW(p, tctx, &r); @@ -119,8 +127,6 @@ static bool test_ReadEventLog(struct torture_context *tctx, break; } - torture_assert_ntstatus_ok(tctx, status, "ReadEventLog failed"); - torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_BUFFER_TOO_SMALL, "ReadEventLog failed"); diff --git a/source4/torture/rpc/spoolss.c b/source4/torture/rpc/spoolss.c index 23b4aad30b..4a6ff480c4 100644 --- a/source4/torture/rpc/spoolss.c +++ b/source4/torture/rpc/spoolss.c @@ -1178,16 +1178,23 @@ static bool test_EnumPrinterData(struct torture_context *tctx, struct dcerpc_pip NTSTATUS status; struct spoolss_EnumPrinterData r; + ZERO_STRUCT(r); r.in.handle = handle; r.in.enum_index = 0; do { - uint32_t data_size; - - r.in.value_offered = 0; - data_size = 0; - r.in.data_size = &data_size; - r.out.data_size = &data_size; + uint32_t value_size = 0; + uint32_t data_size = 0; + uint32_t printerdata_type = 0; + DATA_BLOB data = data_blob(NULL,0); + + r.in.value_offered = value_size; + r.out.value_needed = &value_size; + r.in.data_offered = data_size; + r.out.data_needed = &data_size; + + r.out.printerdata_type = &printerdata_type; + r.out.buffer = &data; torture_comment(tctx, "Testing EnumPrinterData\n"); @@ -1195,7 +1202,8 @@ static bool test_EnumPrinterData(struct torture_context *tctx, struct dcerpc_pip torture_assert_ntstatus_ok(tctx, status, "EnumPrinterData failed"); - r.in.value_offered = r.out.value_needed; + r.in.value_offered = value_size; + r.in.data_offered = data_size; status = dcerpc_spoolss_EnumPrinterData(p, tctx, &r); diff --git a/source4/torture/smb2/connect.c b/source4/torture/smb2/connect.c index f1bc63dbbb..0004ea958e 100644 --- a/source4/torture/smb2/connect.c +++ b/source4/torture/smb2/connect.c @@ -147,10 +147,10 @@ static struct smb2_handle torture_smb2_create(struct smb2_tree *tree, TALLOC_CTX *tmp_ctx = talloc_new(tree); ZERO_STRUCT(io); - io.in.oplock_flags = 0; - io.in.access_mask = SEC_RIGHTS_FILE_ALL; - io.in.file_attr = FILE_ATTRIBUTE_NORMAL; - io.in.open_disposition = NTCREATEX_DISP_OPEN_IF; + io.in.oplock_level = 0; + io.in.desired_access = SEC_RIGHTS_FILE_ALL; + io.in.file_attributes = FILE_ATTRIBUTE_NORMAL; + io.in.create_disposition = NTCREATEX_DISP_OPEN_IF; io.in.share_access = NTCREATEX_SHARE_ACCESS_DELETE| NTCREATEX_SHARE_ACCESS_READ| @@ -166,7 +166,7 @@ static struct smb2_handle torture_smb2_create(struct smb2_tree *tree, if (DEBUGLVL(1)) { printf("Open gave:\n"); - printf("oplock_flags = 0x%x\n", io.out.oplock_flags); + printf("oplock_flags = 0x%x\n", io.out.oplock_level); printf("create_action = 0x%x\n", io.out.create_action); printf("create_time = %s\n", nt_time_string(tmp_ctx, io.out.create_time)); printf("access_time = %s\n", nt_time_string(tmp_ctx, io.out.access_time)); diff --git a/source4/torture/smb2/lock.c b/source4/torture/smb2/lock.c index 98e412817b..3cf2e93ee0 100644 --- a/source4/torture/smb2/lock.c +++ b/source4/torture/smb2/lock.c @@ -238,10 +238,10 @@ static bool test_lock_read_write(struct torture_context *torture, CHECK_VALUE(lck.out.unknown1, 0); ZERO_STRUCT(cr); - cr.in.oplock_flags = 0; - cr.in.access_mask = SEC_RIGHTS_FILE_ALL; - cr.in.file_attr = FILE_ATTRIBUTE_NORMAL; - cr.in.open_disposition = NTCREATEX_DISP_OPEN_IF; + cr.in.oplock_level = 0; + cr.in.desired_access = SEC_RIGHTS_FILE_ALL; + cr.in.file_attributes = FILE_ATTRIBUTE_NORMAL; + cr.in.create_disposition = NTCREATEX_DISP_OPEN_IF; cr.in.share_access = NTCREATEX_SHARE_ACCESS_DELETE| NTCREATEX_SHARE_ACCESS_READ| diff --git a/source4/torture/smb2/util.c b/source4/torture/smb2/util.c index fe88296a32..219c2140d3 100644 --- a/source4/torture/smb2/util.c +++ b/source4/torture/smb2/util.c @@ -55,9 +55,9 @@ NTSTATUS smb2_util_unlink(struct smb2_tree *tree, const char *fname) NTSTATUS status; ZERO_STRUCT(io); - io.in.access_mask = SEC_RIGHTS_FILE_ALL; - io.in.file_attr = FILE_ATTRIBUTE_NORMAL; - io.in.open_disposition = NTCREATEX_DISP_OPEN; + io.in.desired_access = SEC_RIGHTS_FILE_ALL; + io.in.file_attributes = FILE_ATTRIBUTE_NORMAL; + io.in.create_disposition = NTCREATEX_DISP_OPEN; io.in.share_access = NTCREATEX_SHARE_ACCESS_DELETE| NTCREATEX_SHARE_ACCESS_READ| @@ -107,9 +107,9 @@ static NTSTATUS smb2_create_complex(struct smb2_tree *tree, const char *fname, smb2_util_unlink(tree, fname); ZERO_STRUCT(io); - io.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - io.in.file_attr = FILE_ATTRIBUTE_NORMAL; - io.in.open_disposition = NTCREATEX_DISP_OVERWRITE_IF; + io.in.desired_access = SEC_FLAG_MAXIMUM_ALLOWED; + io.in.file_attributes = FILE_ATTRIBUTE_NORMAL; + io.in.create_disposition = NTCREATEX_DISP_OVERWRITE_IF; io.in.share_access = NTCREATEX_SHARE_ACCESS_DELETE| NTCREATEX_SHARE_ACCESS_READ| @@ -119,8 +119,8 @@ static NTSTATUS smb2_create_complex(struct smb2_tree *tree, const char *fname, if (dir) { io.in.create_options = NTCREATEX_OPTIONS_DIRECTORY; io.in.share_access &= ~NTCREATEX_SHARE_ACCESS_DELETE; - io.in.file_attr = FILE_ATTRIBUTE_DIRECTORY; - io.in.open_disposition = NTCREATEX_DISP_CREATE; + io.in.file_attributes = FILE_ATTRIBUTE_DIRECTORY; + io.in.create_disposition = NTCREATEX_DISP_CREATE; } if (strchr(fname, ':') == NULL) { @@ -334,10 +334,10 @@ NTSTATUS torture_smb2_testfile(struct smb2_tree *tree, const char *fname, NTSTATUS status; ZERO_STRUCT(io); - io.in.oplock_flags = 0; - io.in.access_mask = SEC_RIGHTS_FILE_ALL; - io.in.file_attr = FILE_ATTRIBUTE_NORMAL; - io.in.open_disposition = NTCREATEX_DISP_OPEN_IF; + io.in.oplock_level = 0; + io.in.desired_access = SEC_RIGHTS_FILE_ALL; + io.in.file_attributes = FILE_ATTRIBUTE_NORMAL; + io.in.create_disposition = NTCREATEX_DISP_OPEN_IF; io.in.share_access = NTCREATEX_SHARE_ACCESS_DELETE| NTCREATEX_SHARE_ACCESS_READ| @@ -370,10 +370,10 @@ NTSTATUS torture_smb2_testdir(struct smb2_tree *tree, const char *fname, NTSTATUS status; ZERO_STRUCT(io); - io.in.oplock_flags = 0; - io.in.access_mask = SEC_RIGHTS_DIR_ALL; - io.in.file_attr = FILE_ATTRIBUTE_DIRECTORY; - io.in.open_disposition = NTCREATEX_DISP_OPEN_IF; + io.in.oplock_level = 0; + io.in.desired_access = SEC_RIGHTS_DIR_ALL; + io.in.file_attributes = FILE_ATTRIBUTE_DIRECTORY; + io.in.create_disposition = NTCREATEX_DISP_OPEN_IF; io.in.share_access = NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_WRITE|NTCREATEX_SHARE_ACCESS_DELETE; io.in.create_options = NTCREATEX_OPTIONS_DIRECTORY; io.in.fname = fname; @@ -422,10 +422,10 @@ NTSTATUS smb2_util_roothandle(struct smb2_tree *tree, struct smb2_handle *handle NTSTATUS status; ZERO_STRUCT(io); - io.in.oplock_flags = 0; - io.in.access_mask = SEC_STD_SYNCHRONIZE | SEC_DIR_READ_ATTRIBUTE | SEC_DIR_LIST; - io.in.file_attr = 0; - io.in.open_disposition = NTCREATEX_DISP_OPEN; + io.in.oplock_level = 0; + io.in.desired_access = SEC_STD_SYNCHRONIZE | SEC_DIR_READ_ATTRIBUTE | SEC_DIR_LIST; + io.in.file_attributes = 0; + io.in.create_disposition = NTCREATEX_DISP_OPEN; io.in.share_access = NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_DELETE; io.in.create_options = NTCREATEX_OPTIONS_ASYNC_ALERT; io.in.fname = ""; |