From e9eb56068573d89f8ce45f08220ca870b3daa669 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 16 Nov 2005 11:01:15 +0000 Subject: r11741: - the buffer code (first 2 bytes in the SMB2 body) seem to be the length of the fixed body part, and +1 if there's a dynamic part - there're 3 types of dynamic blobs with uint16_t offset/uint16_t size with uint16_t offset/uint32_t size with uint32_t offset/uint32_t size /* aligned to 8 bytes */ - strings are transmitted in UTF-16 with no termination and packet into a uint16/uint16 blob metze (This used to be commit 79103c51e5c752fbdb4d25a0047b65002828df89) --- source4/torture/smb2/connect.c | 25 ++++++++++++++++--------- source4/torture/smb2/scan.c | 7 +++---- source4/torture/smb2/util.c | 9 ++++----- 3 files changed, 23 insertions(+), 18 deletions(-) (limited to 'source4/torture/smb2') diff --git a/source4/torture/smb2/connect.c b/source4/torture/smb2/connect.c index 34f8d5aa9f..54f2920600 100644 --- a/source4/torture/smb2/connect.c +++ b/source4/torture/smb2/connect.c @@ -37,7 +37,6 @@ static NTSTATUS torture_smb2_close(struct smb2_tree *tree, struct smb2_handle ha TALLOC_CTX *tmp_ctx = talloc_new(tree); ZERO_STRUCT(io); - io.in.buffer_code = 0x18; io.in.flags = SMB2_CLOSE_FLAGS_FULL_INFORMATION; io.in.handle = handle; status = smb2_close(tree, &io); @@ -84,13 +83,10 @@ static NTSTATUS torture_smb2_write(struct smb2_tree *tree, struct smb2_handle ha } ZERO_STRUCT(w); - w.in.buffer_code = 0x31; w.in.offset = 0; w.in.handle = handle; w.in.data = data; - memset(w.in._pad, 0xff, 16); - status = smb2_write(tree, &w); if (!NT_STATUS_IS_OK(status)) { printf("write failed - %s\n", nt_errstr(status)); @@ -99,8 +95,6 @@ static NTSTATUS torture_smb2_write(struct smb2_tree *tree, struct smb2_handle ha torture_smb2_all_info(tree, handle); - memset(w.in._pad, 0xff, 16); - status = smb2_write(tree, &w); if (!NT_STATUS_IS_OK(status)) { printf("write failed - %s\n", nt_errstr(status)); @@ -110,7 +104,6 @@ static NTSTATUS torture_smb2_write(struct smb2_tree *tree, struct smb2_handle ha torture_smb2_all_info(tree, handle); ZERO_STRUCT(r); - r.in.buffer_code = 0x31; r.in.length = data.length; r.in.offset = 0; r.in.handle = handle; @@ -140,9 +133,21 @@ static struct smb2_handle torture_smb2_create(struct smb2_tree *tree, struct smb2_create io; NTSTATUS status; TALLOC_CTX *tmp_ctx = talloc_new(tree); + DATA_BLOB blob = data_blob(NULL, 0); + +#if 0 /* TODO: find out what this blob mean */ + uint8_t buf[0x18]; + + SIVAL(buf, 0x00, 0x00000000); + SIVAL(buf, 0x04, 0x00040010); + SIVAL(buf, 0x08, 0x00180000); + SIVAL(buf, 0x0C, 0x00000000); + SBVAL(buf, 0x10, 0x006C00466341784DLLU); + + blob = data_blob_const(buf, 0x18) +#endif ZERO_STRUCT(io); - io.in.buffer_code = 0x39; io.in.oplock_flags = 0; io.in.access_mask = SEC_RIGHTS_FILE_ALL; io.in.file_attr = FILE_ATTRIBUTE_NORMAL; @@ -153,8 +158,9 @@ static struct smb2_handle torture_smb2_create(struct smb2_tree *tree, NTCREATEX_SHARE_ACCESS_WRITE; io.in.create_options = NTCREATEX_OPTIONS_WRITE_THROUGH; io.in.fname = fname; + io.in.blob = blob; - status = smb2_create(tree, &io); + status = smb2_create(tree, tmp_ctx, &io); if (!NT_STATUS_IS_OK(status)) { printf("create1 failed - %s\n", nt_errstr(status)); return io.out.handle; @@ -197,6 +203,7 @@ BOOL torture_smb2_connect(void) h1 = torture_smb2_create(tree, "test9.dat"); h2 = torture_smb2_create(tree, "test9.dat"); +// h2 = torture_smb2_create(tree, "test9test9test9t9.dat"); torture_smb2_write(tree, h1); torture_smb2_close(tree, h1); torture_smb2_close(tree, h2); diff --git a/source4/torture/smb2/scan.c b/source4/torture/smb2/scan.c index 2f2ab82d0f..c2b14ba5c2 100644 --- a/source4/torture/smb2/scan.c +++ b/source4/torture/smb2/scan.c @@ -51,7 +51,6 @@ BOOL torture_smb2_getinfo_scan(void) } ZERO_STRUCT(cr); - cr.in.buffer_code = 0x39; cr.in.oplock_flags = 0; cr.in.access_mask = SEC_RIGHTS_FILE_ALL; cr.in.file_attr = FILE_ATTRIBUTE_NORMAL; @@ -62,8 +61,9 @@ BOOL torture_smb2_getinfo_scan(void) NTCREATEX_SHARE_ACCESS_WRITE; cr.in.create_options = NTCREATEX_OPTIONS_WRITE_THROUGH; cr.in.fname = fname; + cr.in.blob = data_blob(NULL, 0); - status = smb2_create(tree, &cr); + status = smb2_create(tree, mem_ctx, &cr); if (!NT_STATUS_IS_OK(status)) { printf("create of '%s' failed - %s\n", fname, nt_errstr(status)); return False; @@ -73,7 +73,6 @@ BOOL torture_smb2_getinfo_scan(void) ZERO_STRUCT(io); - io.in.buffer_code = 0x29; io.in.max_response_size = 0xFFFF; io.in.handle = handle; @@ -142,7 +141,7 @@ BOOL torture_smb2_scan(void) tree->session->transport->options.timeout = 3; for (opcode=0;opcode<1000;opcode++) { - req = smb2_request_init_tree(tree, opcode, 2); + req = smb2_request_init_tree(tree, opcode, 2, 0); SSVAL(req->out.body, 0, 0); smb2_transport_send(req); if (!smb2_request_receive(req)) { diff --git a/source4/torture/smb2/util.c b/source4/torture/smb2/util.c index 73217152ee..2c3965831a 100644 --- a/source4/torture/smb2/util.c +++ b/source4/torture/smb2/util.c @@ -124,7 +124,6 @@ NTSTATUS torture_smb2_testfile(struct smb2_tree *tree, const char *fname, NTSTATUS status; ZERO_STRUCT(io); - io.in.buffer_code = 0x39; io.in.oplock_flags = 0; io.in.access_mask = SEC_RIGHTS_FILE_ALL; io.in.file_attr = FILE_ATTRIBUTE_NORMAL; @@ -135,14 +134,14 @@ NTSTATUS torture_smb2_testfile(struct smb2_tree *tree, const char *fname, NTCREATEX_SHARE_ACCESS_WRITE; io.in.create_options = NTCREATEX_OPTIONS_DELETE_ON_CLOSE; io.in.fname = fname; + io.in.blob = data_blob(NULL, 0); - status = smb2_create(tree, &io); + status = smb2_create(tree, tree, &io); NT_STATUS_NOT_OK_RETURN(status); *handle = io.out.handle; ZERO_STRUCT(r); - r.in.buffer_code = 0x31; r.in.length = 5; r.in.offset = 0; r.in.handle = *handle; @@ -162,7 +161,6 @@ NTSTATUS torture_smb2_testdir(struct smb2_tree *tree, const char *fname, NTSTATUS status; ZERO_STRUCT(io); - io.in.buffer_code = 0x39; io.in.oplock_flags = 0; io.in.access_mask = SEC_RIGHTS_DIR_ALL; io.in.file_attr = FILE_ATTRIBUTE_DIRECTORY; @@ -170,8 +168,9 @@ NTSTATUS torture_smb2_testdir(struct smb2_tree *tree, const char *fname, io.in.share_access = NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_WRITE; io.in.create_options = NTCREATEX_OPTIONS_DIRECTORY; io.in.fname = fname; + io.in.blob = data_blob(NULL, 0); - status = smb2_create(tree, &io); + status = smb2_create(tree, tree, &io); NT_STATUS_NOT_OK_RETURN(status); *handle = io.out.handle; -- cgit