From 2f74901802dc1ef40467e62f1880d958e6c69eef Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 25 Nov 2005 05:46:46 +0000 Subject: r11891: - added pipe_flags field in smb2_trans - while running dcerpc over SMB2, the server will occasionally send us a oh-so-useful STATUS_PENDING result meaning "I don't have a result for you yet, but I'm working on it". These can be discarded :-) (This used to be commit 24588a9c499536299d7aaf5b56ff73fb255290ca) --- source4/include/nterr.h | 1 + source4/libcli/smb2/smb2_calls.h | 4 +++- source4/libcli/smb2/transport.c | 7 +++++++ source4/librpc/rpc/dcerpc_smb2.c | 11 ++++++++--- 4 files changed, 19 insertions(+), 4 deletions(-) (limited to 'source4') diff --git a/source4/include/nterr.h b/source4/include/nterr.h index bfeb63169c..08e3fa2db0 100644 --- a/source4/include/nterr.h +++ b/source4/include/nterr.h @@ -34,6 +34,7 @@ #define STATUS_INVALID_EA_FLAG NT_STATUS(0x80000015) #define NT_STATUS_NO_MORE_ENTRIES NT_STATUS(0x8000001a) +#define STATUS_PENDING NT_STATUS(0x0103) #define STATUS_MORE_ENTRIES NT_STATUS(0x0105) #define STATUS_SOME_UNMAPPED NT_STATUS(0x0107) #define ERROR_INVALID_PARAMETER NT_STATUS(0x0057) diff --git a/source4/libcli/smb2/smb2_calls.h b/source4/libcli/smb2/smb2_calls.h index 07f74ca229..e0a78937d5 100644 --- a/source4/libcli/smb2/smb2_calls.h +++ b/source4/libcli/smb2/smb2_calls.h @@ -304,9 +304,11 @@ struct smb2_find { } out; }; +#define SMB2_TRANS_PIPE_FLAGS 0x0011c017 /* what are these? */ + struct smb2_trans { struct { - uint32_t unknown1; + uint32_t pipe_flags; struct smb2_handle handle; uint32_t unknown2; uint32_t max_response_size; diff --git a/source4/libcli/smb2/transport.c b/source4/libcli/smb2/transport.c index 04767fa634..02ac587636 100644 --- a/source4/libcli/smb2/transport.c +++ b/source4/libcli/smb2/transport.c @@ -185,6 +185,13 @@ static NTSTATUS smb2_transport_finish_recv(void *private, DATA_BLOB blob) req->in.body_size = req->in.size - (SMB2_HDR_BODY+NBT_HDR_SIZE); req->status = NT_STATUS(IVAL(hdr, SMB2_HDR_STATUS)); + if (NT_STATUS_EQUAL(req->status, STATUS_PENDING)) { + /* the server has helpfully told us that this request is still being + processed. how useful :) */ + talloc_free(buffer); + return NT_STATUS_OK; + } + buffer_code = SVAL(req->in.body, 0); req->in.dynamic = NULL; dynamic_size = req->in.body_size - (buffer_code & ~1); diff --git a/source4/librpc/rpc/dcerpc_smb2.c b/source4/librpc/rpc/dcerpc_smb2.c index 56d568a663..d733ab4713 100644 --- a/source4/librpc/rpc/dcerpc_smb2.c +++ b/source4/librpc/rpc/dcerpc_smb2.c @@ -104,6 +104,9 @@ static void smb2_read_callback(struct smb2_request *req) ZERO_STRUCT(io); io.in.length = MIN(state->c->srv_max_xmit_frag, frag_length - state->data.length); + if (io.in.length < 16) { + io.in.length = 16; + } io.in.handle = smb->handle; req = smb2_read_send(smb->tree, &io); @@ -228,9 +231,9 @@ static NTSTATUS smb2_send_trans_request(struct dcerpc_connection *c, DATA_BLOB * state->c = c; ZERO_STRUCT(io); - io.in.unknown1 = 0x0011c017; + io.in.pipe_flags = SMB2_TRANS_PIPE_FLAGS; io.in.handle = smb->handle; - io.in.max_response_size = 0x10000; + io.in.max_response_size = 0x1000; io.in.flags = 1; io.in.out = *blob; @@ -383,7 +386,9 @@ struct composite_context *dcerpc_pipe_open_smb2_send(struct dcerpc_connection *c NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE; io.in.open_disposition = NTCREATEX_DISP_OPEN; - io.in.create_options = 0x400040; + io.in.create_options = + NTCREATEX_OPTIONS_NON_DIRECTORY_FILE | + NTCREATEX_OPTIONS_UNKNOWN_400000; io.in.impersonation = NTCREATEX_IMPERSONATION_IMPERSONATION; if ((strncasecmp(pipe_name, "/pipe/", 6) == 0) || -- cgit