From 410fb90322cf47780a9af4f5e38e57fcfa528471 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 16 May 2006 16:50:50 +0000 Subject: r15640: - NT IOCTL calls also have an 'in' data_blob - fix the receive code of NT IOCTL's we only need the NTTRANS data payload not the SMB payload here metze (This used to be commit 358d03143f0a78344c1af720e33ebe2619df09df) --- source4/libcli/raw/interfaces.h | 1 + source4/libcli/raw/rawioctl.c | 23 ++++++++++++++++------- source4/smb_server/smb/nttrans.c | 4 +--- source4/torture/raw/ioctl.c | 2 ++ 4 files changed, 20 insertions(+), 10 deletions(-) diff --git a/source4/libcli/raw/interfaces.h b/source4/libcli/raw/interfaces.h index d9387cc6e2..e0696b45ec 100644 --- a/source4/libcli/raw/interfaces.h +++ b/source4/libcli/raw/interfaces.h @@ -1716,6 +1716,7 @@ union smb_ioctl { uint32_t function; BOOL fsctl; uint8_t filter; + DATA_BLOB blob; } in; struct { DATA_BLOB blob; diff --git a/source4/libcli/raw/rawioctl.c b/source4/libcli/raw/rawioctl.c index 49237fe9da..77c8c80158 100644 --- a/source4/libcli/raw/rawioctl.c +++ b/source4/libcli/raw/rawioctl.c @@ -86,7 +86,7 @@ static struct smbcli_request *smb_raw_ntioctl_send(struct smbcli_tree *tree, SCVAL(setup, 7, parms->ntioctl.in.filter); nt.in.function = NT_TRANSACT_IOCTL; nt.in.params = data_blob(NULL, 0); - nt.in.data = data_blob(NULL, 0); + nt.in.data = parms->ntioctl.in.blob; return smb_raw_nttrans_send(tree, &nt); } @@ -98,13 +98,22 @@ static NTSTATUS smb_raw_ntioctl_recv(struct smbcli_request *req, TALLOC_CTX *mem_ctx, union smb_ioctl *parms) { - if (!smbcli_request_receive(req) || - smbcli_request_is_error(req)) { - return smbcli_request_destroy(req); - } + NTSTATUS status; + struct smb_nttrans nt; + TALLOC_CTX *tmp_mem; - parms->ntioctl.out.blob = smbcli_req_pull_blob(req, mem_ctx, req->in.data, -1); - return smbcli_request_destroy(req); + tmp_mem = talloc_new(mem_ctx); + NT_STATUS_HAVE_NO_MEMORY(tmp_mem); + + status = smb_raw_nttrans_recv(req, tmp_mem, &nt); + if (!NT_STATUS_IS_OK(status)) goto fail; + + parms->ntioctl.out.blob = nt.out.data; + talloc_steal(mem_ctx, parms->ntioctl.out.blob.data); + +fail: + talloc_free(tmp_mem); + return status; } diff --git a/source4/smb_server/smb/nttrans.c b/source4/smb_server/smb/nttrans.c index e2fc962196..9154546693 100644 --- a/source4/smb_server/smb/nttrans.c +++ b/source4/smb_server/smb/nttrans.c @@ -304,7 +304,6 @@ static NTSTATUS nttrans_ioctl(struct smbsrv_request *req, uint16_t fnum; uint8_t filter; BOOL fsctl; - DATA_BLOB *blob; NTSTATUS status; /* should have at least 4 setup words */ @@ -320,13 +319,12 @@ static NTSTATUS nttrans_ioctl(struct smbsrv_request *req, fsctl = CVAL(trans->in.setup, 6); filter = CVAL(trans->in.setup, 7); - blob = &trans->in.data; - nt->ntioctl.level = RAW_IOCTL_NTIOCTL; nt->ntioctl.in.file.fnum = fnum; nt->ntioctl.in.function = function; nt->ntioctl.in.fsctl = fsctl; nt->ntioctl.in.filter = filter; + nt->ntioctl.in.blob = trans->in.data; status = nttrans_setup_reply(op, trans, 0, 0, 1); NT_STATUS_NOT_OK_RETURN(status); diff --git a/source4/torture/raw/ioctl.c b/source4/torture/raw/ioctl.c index 22e90bed8a..cd93047576 100644 --- a/source4/torture/raw/ioctl.c +++ b/source4/torture/raw/ioctl.c @@ -105,6 +105,7 @@ static BOOL test_fsctl(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) nt.ntioctl.in.file.fnum = fnum; nt.ntioctl.in.fsctl = True; nt.ntioctl.in.filter = 0; + nt.ntioctl.in.blob = data_blob(NULL, 0); status = smb_raw_ioctl(cli->tree, mem_ctx, &nt); CHECK_STATUS(status, NT_STATUS_OK); @@ -115,6 +116,7 @@ static BOOL test_fsctl(struct smbcli_state *cli, TALLOC_CTX *mem_ctx) nt.ntioctl.in.file.fnum = fnum; nt.ntioctl.in.fsctl = True; nt.ntioctl.in.filter = 0; + nt.ntioctl.in.blob = data_blob(NULL, 0); status = smb_raw_ioctl(cli->tree, mem_ctx, &nt); if (NT_STATUS_IS_OK(status)) { -- cgit