From 4e004a0b5e7521a361444f6d67a3c2910c5688c2 Mon Sep 17 00:00:00 2001
From: Luke Leighton <lkcl@samba.org>
Date: Fri, 9 Oct 1998 19:34:57 +0000
Subject: basic client-side ntcreateX function (hard-wired values except
 filename) (This used to be commit caeb99201a1471bd709b4e8f07c57e5caabf0795)

---
 source3/include/proto.h       |  5 +++--
 source3/libsmb/clientgen.c    | 44 +++++++++++++++++++++++++++++++++++++++++++
 source3/rpc_client/cli_pipe.c | 39 ++++++++++++++++++++++++++------------
 source3/rpcclient/rpcclient.c |  1 +
 source3/smbd/nttrans.c        |  2 +-
 5 files changed, 76 insertions(+), 15 deletions(-)

diff --git a/source3/include/proto.h b/source3/include/proto.h
index b0c50cbca7..dec428a142 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -385,6 +385,7 @@ BOOL cli_rename(struct cli_state *cli, char *fname_src, char *fname_dst);
 BOOL cli_unlink(struct cli_state *cli, char *fname);
 BOOL cli_mkdir(struct cli_state *cli, char *dname);
 BOOL cli_rmdir(struct cli_state *cli, char *dname);
+int cli_nt_create(struct cli_state *cli, char *fname);
 int cli_open(struct cli_state *cli, char *fname, int flags, int share_mode);
 BOOL cli_close(struct cli_state *cli, int fnum);
 BOOL cli_lock(struct cli_state *cli, int fnum, uint32 offset, uint32 len, int timeout);
@@ -498,8 +499,8 @@ void E_old_pw_hash( unsigned char *p14, unsigned char *in, unsigned char *out);
 void cred_hash1(unsigned char *out,unsigned char *in,unsigned char *key);
 void cred_hash2(unsigned char *out,unsigned char *in,unsigned char *key);
 void cred_hash3(unsigned char *out,unsigned char *in,unsigned char *key, int forw);
-void NTLMSSPhash( unsigned char hash[256], unsigned char const key[5]);
-void NTLMSSPcalc( unsigned char hash[256], unsigned char *data, int len);
+void NTLMSSPhash( unsigned char hash[258], unsigned char key[5]);
+void NTLMSSPcalc( unsigned char hash[258], unsigned char *data, int len);
 void SamOEMhash( unsigned char *data, unsigned char *key, int val);
 
 /*The following definitions come from  libsmb/smbencrypt.c  */
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index 5ae84f763b..8eb832128c 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -973,6 +973,50 @@ BOOL cli_rmdir(struct cli_state *cli, char *dname)
 
 
 
+/****************************************************************************
+open a file
+****************************************************************************/
+int cli_nt_create(struct cli_state *cli, char *fname)
+{
+	char *p;
+
+	bzero(cli->outbuf,smb_size);
+	bzero(cli->inbuf,smb_size);
+
+	set_message(cli->outbuf,24,1 + strlen(fname),True);
+
+	CVAL(cli->outbuf,smb_com) = SMBntcreateX;
+	SSVAL(cli->outbuf,smb_tid,cli->cnum);
+	cli_setup_packet(cli);
+
+	SSVAL(cli->outbuf,smb_vwv0,0xFF);
+	SIVAL(cli->outbuf,smb_ntcreate_Flags, 0x06);
+	SIVAL(cli->outbuf,smb_ntcreate_RootDirectoryFid, 0x0);
+	SIVAL(cli->outbuf,smb_ntcreate_DesiredAccess, 0x2019f);
+	SIVAL(cli->outbuf,smb_ntcreate_FileAttributes, 0x0);
+	SIVAL(cli->outbuf,smb_ntcreate_ShareAccess, 0x03);
+	SIVAL(cli->outbuf,smb_ntcreate_CreateDisposition, 0x01);
+	SIVAL(cli->outbuf,smb_ntcreate_CreateOptions, 0x0);
+	SIVAL(cli->outbuf,smb_ntcreate_ImpersonationLevel, 0x02);
+	SSVAL(cli->outbuf,smb_ntcreate_NameLength, strlen(fname));
+
+	p = smb_buf(cli->outbuf);
+	pstrcpy(p,fname);
+	p = skip_string(p,1);
+
+	send_smb(cli->fd,cli->outbuf);
+	if (!client_receive_smb(cli->fd,cli->inbuf,cli->timeout)) {
+		return -1;
+	}
+
+	if (CVAL(cli->inbuf,smb_rcls) != 0) {
+		return -1;
+	}
+
+	return SVAL(cli->inbuf,smb_vwv2 + 1);
+}
+
+
 /****************************************************************************
 open a file
 ****************************************************************************/
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index 761f23f885..0b9a4e95e5 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -863,22 +863,37 @@ BOOL cli_nt_session_open(struct cli_state *cli, char *pipe_name, BOOL encrypted)
 	int fnum;
 
 	/******************* open the pipe *****************/
-	if ((fnum = cli_open(cli, pipe_name, O_CREAT|O_RDWR, DENY_NONE)) == -1)
+	if (IS_BITS_SET_ALL(cli->capabilities, CAP_NT_SMBS))
 	{
-		DEBUG(0,("cli_nt_session_open: cli_open failed on pipe %s to machine %s.  Error was %s\n",
-		         pipe_name, cli->desthost, cli_errstr(cli)));
-		return False;
+		if ((fnum = cli_nt_create(cli, &(pipe_name[5]))) == -1)
+		{
+			DEBUG(0,("cli_nt_session_open: cli_nt_create failed on pipe %s to machine %s.  Error was %s\n",
+				 &(pipe_name[5]), cli->desthost, cli_errstr(cli)));
+			return False;
+		}
+
+		cli->nt_pipe_fnum = (uint16)fnum;
 	}
+	else
+	{
+		if ((fnum = cli_open(cli, pipe_name, O_CREAT|O_RDWR, DENY_NONE)) == -1)
+		{
+			DEBUG(0,("cli_nt_session_open: cli_open failed on pipe %s to machine %s.  Error was %s\n",
+				 pipe_name, cli->desthost, cli_errstr(cli)));
+			return False;
+		}
 
-	cli->nt_pipe_fnum = (uint16)fnum;
+		cli->nt_pipe_fnum = (uint16)fnum;
+
+		/**************** Set Named Pipe State ***************/
+		if (!rpc_pipe_set_hnd_state(cli, pipe_name, 0x4300))
+		{
+			DEBUG(0,("cli_nt_session_open: pipe hnd state failed.  Error was %s\n",
+				  cli_errstr(cli)));
+			cli_close(cli, cli->nt_pipe_fnum);
+			return False;
+		}
 
-	/**************** Set Named Pipe State ***************/
-	if (!rpc_pipe_set_hnd_state(cli, pipe_name, 0x4300))
-	{
-		DEBUG(0,("cli_nt_session_open: pipe hnd state failed.  Error was %s\n",
-		          cli_errstr(cli)));
-		cli_close(cli, cli->nt_pipe_fnum);
-		return False;
 	}
 
 	/******************* bind request on pipe *****************/
diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index 2183f504c2..55bc0e15cc 100644
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -60,6 +60,7 @@ void rpcclient_init(void)
 {
 	bzero(smb_cli, sizeof(smb_cli));
 	cli_initialise(smb_cli);
+	smb_cli->capabilities |= CAP_NT_SMBS;
 }
 
 /****************************************************************************
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index b439ba9560..758c46a6cd 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -412,7 +412,7 @@ int reply_ntcreate_and_X(connection_struct *conn,
 	uint32 create_options = IVAL(inbuf,smb_ntcreate_CreateOptions);
 	uint32 fname_len = MIN(((uint32)SVAL(inbuf,smb_ntcreate_NameLength)),
 			       ((uint32)sizeof(fname)-1));
-    uint16 root_dir_fid = (uint16)IVAL(inbuf,smb_ntcreate_RootDirectoryFid);
+	uint16 root_dir_fid = (uint16)IVAL(inbuf,smb_ntcreate_RootDirectoryFid);
 	int smb_ofun;
 	int smb_open_mode;
 	int smb_attr = (file_attributes & SAMBA_ATTRIBUTES_MASK);
-- 
cgit