diff options
Diffstat (limited to 'source4/libcli')
-rw-r--r-- | source4/libcli/raw/rawnegotiate.c | 4 | ||||
-rw-r--r-- | source4/libcli/smb2/negprot.c | 43 | ||||
-rw-r--r-- | source4/libcli/smb2/smb2_calls.h | 24 |
3 files changed, 36 insertions, 35 deletions
diff --git a/source4/libcli/raw/rawnegotiate.c b/source4/libcli/raw/rawnegotiate.c index fc7725cc55..1f5e34779b 100644 --- a/source4/libcli/raw/rawnegotiate.c +++ b/source4/libcli/raw/rawnegotiate.c @@ -40,6 +40,10 @@ static const struct { {PROTOCOL_LANMAN2,"Samba"}, {PROTOCOL_NT1,"NT LANMAN 1.0"}, {PROTOCOL_NT1,"NT LM 0.12"}, +#if 0 + /* we don't yet handle chaining a SMB transport onto SMB2 */ + {PROTOCOL_SMB2,"SMB 2.002"}, +#endif }; /* diff --git a/source4/libcli/smb2/negprot.c b/source4/libcli/smb2/negprot.c index a678ebe229..6b879e2add 100644 --- a/source4/libcli/smb2/negprot.c +++ b/source4/libcli/smb2/negprot.c @@ -32,7 +32,6 @@ struct smb2_request *smb2_negprot_send(struct smb2_transport *transport, { struct smb2_request *req; uint16_t size = 0x24 + io->in.dialect_count*2; - DATA_BLOB guid_blob; enum ndr_err_code ndr_err; int i; @@ -40,20 +39,16 @@ struct smb2_request *smb2_negprot_send(struct smb2_transport *transport, if (req == NULL) return NULL; - ndr_err = ndr_push_struct_blob(&guid_blob, req, NULL, - &io->in.client_guid, - (ndr_push_flags_fn_t)ndr_push_GUID); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err) || guid_blob.length != 16) { - talloc_free(req); - return NULL; - } - SSVAL(req->out.body, 0x00, 0x24); SSVAL(req->out.body, 0x02, io->in.dialect_count); SSVAL(req->out.body, 0x04, io->in.security_mode); SSVAL(req->out.body, 0x06, io->in.reserved); SIVAL(req->out.body, 0x08, io->in.capabilities); - memcpy(req->out.body+0x0C, guid_blob.data, guid_blob.length); + ndr_err = smbcli_push_guid(req->out.body, 0x0C, &io->in.client_guid); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + talloc_free(req); + return NULL; + } smbcli_push_nttime(req->out.body, 0x1C, io->in.start_time); for (i=0;i<io->in.dialect_count;i++) { SSVAL(req->out.body, 0x24 + i*2, io->in.dialects[i]); @@ -71,6 +66,7 @@ NTSTATUS smb2_negprot_recv(struct smb2_request *req, TALLOC_CTX *mem_ctx, struct smb2_negprot *io) { NTSTATUS status; + enum ndr_err_code ndr_err; if (!smb2_request_receive(req) || smb2_request_is_error(req)) { @@ -79,24 +75,27 @@ NTSTATUS smb2_negprot_recv(struct smb2_request *req, TALLOC_CTX *mem_ctx, SMB2_CHECK_PACKET_RECV(req, 0x40, true); - io->out._pad = SVAL(req->in.body, 0x02); - io->out.unknown2 = IVAL(req->in.body, 0x04); - memcpy(io->out.sessid, req->in.body + 0x08, 16); - io->out.unknown3 = IVAL(req->in.body, 0x18); - io->out.unknown4 = SVAL(req->in.body, 0x1C); - io->out.unknown5 = IVAL(req->in.body, 0x1E); - io->out.unknown6 = IVAL(req->in.body, 0x22); - io->out.unknown7 = SVAL(req->in.body, 0x26); - io->out.current_time = smbcli_pull_nttime(req->in.body, 0x28); - io->out.boot_time = smbcli_pull_nttime(req->in.body, 0x30); + io->out.security_mode = SVAL(req->in.body, 0x02); + io->out.dialect_revision = SVAL(req->in.body, 0x04); + io->out.reserved = SVAL(req->in.body, 0x06); + ndr_err = smbcli_pull_guid(req->in.body, 0x08, &io->in.client_guid); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + smb2_request_destroy(req); + return NT_STATUS_INTERNAL_ERROR; + } + io->out.capabilities = IVAL(req->in.body, 0x18); + io->out.max_transact_size = IVAL(req->in.body, 0x1C); + io->out.max_read_size = IVAL(req->in.body, 0x20); + io->out.max_write_size = IVAL(req->in.body, 0x24); + io->out.system_time = smbcli_pull_nttime(req->in.body, 0x28); + io->out.server_start_time = smbcli_pull_nttime(req->in.body, 0x30); + io->out.reserved2 = IVAL(req->in.body, 0x3C); status = smb2_pull_o16s16_blob(&req->in, mem_ctx, req->in.body+0x38, &io->out.secblob); if (!NT_STATUS_IS_OK(status)) { smb2_request_destroy(req); return status; } - - io->out.unknown9 = IVAL(req->in.body, 0x3C); return smb2_request_destroy(req); } diff --git a/source4/libcli/smb2/smb2_calls.h b/source4/libcli/smb2/smb2_calls.h index 41fb35b8f3..423d9d1579 100644 --- a/source4/libcli/smb2/smb2_calls.h +++ b/source4/libcli/smb2/smb2_calls.h @@ -35,21 +35,19 @@ struct smb2_negprot { struct { /* static body buffer 64 (0x40) bytes */ /* uint16_t buffer_code; 0x41 = 0x40 + 1 */ - uint16_t _pad; - uint32_t unknown2; /* 0x06 */ - uint8_t sessid[16]; - uint32_t unknown3; /* 0x0d */ - uint16_t unknown4; /* 0x00 */ - uint32_t unknown5; /* 0x01 */ - uint32_t unknown6; /* 0x01 */ - uint16_t unknown7; /* 0x01 */ - NTTIME current_time; - NTTIME boot_time; + uint16_t security_mode; + uint16_t dialect_revision; + uint16_t reserved; + struct GUID server_guid; + uint32_t capabilities; + uint32_t max_transact_size; + uint32_t max_read_size; + uint32_t max_write_size; + NTTIME system_time; + NTTIME server_start_time; /* uint16_t secblob_ofs */ /* uint16_t secblob_size */ - uint32_t unknown9; /* 0x204d4c20 */ - - /* dynamic body buffer */ + uint32_t reserved2; DATA_BLOB secblob; } out; }; |