r11891: - added pipe_flags field in smb2_trans

- while running dcerpc over SMB2, the server will occasionally send us
  a oh-so-useful STATUS_PENDING result meaning "I don't have a result
  for you yet, but I'm working on it". These can be discarded :-)
(This used to be commit 24588a9c499536299d7aaf5b56ff73fb255290ca)

diff --git a/source4/include/nterr.h b/source4/include/nterr.h
index bfeb63169c2812d7b3f06636c081b3a4ec6991a9..08e3fa2db0f67327f66608a17170c7507ea0dcdc 100644 (file)
--- a/source4/include/nterr.h
+++ b/source4/include/nterr.h
@@ -34,6 +34,7 @@
 #define STATUS_INVALID_EA_FLAG            NT_STATUS(0x80000015)
 #define NT_STATUS_NO_MORE_ENTRIES         NT_STATUS(0x8000001a)
 
+#define STATUS_PENDING                    NT_STATUS(0x0103)
 #define STATUS_MORE_ENTRIES               NT_STATUS(0x0105)
 #define STATUS_SOME_UNMAPPED              NT_STATUS(0x0107)
 #define ERROR_INVALID_PARAMETER                  NT_STATUS(0x0057)

diff --git a/source4/libcli/smb2/smb2_calls.h b/source4/libcli/smb2/smb2_calls.h
index 07f74ca22933601797f8b593a5be0f8f5ede0aeb..e0a78937d589aa5d2280fa0f6b9d415a04059d76 100644 (file)
--- a/source4/libcli/smb2/smb2_calls.h
+++ b/source4/libcli/smb2/smb2_calls.h
@@ -304,9 +304,11 @@ struct smb2_find {
        } out;
 };
 
+#define SMB2_TRANS_PIPE_FLAGS 0x0011c017 /* what are these? */
+
 struct smb2_trans {
        struct {
-               uint32_t unknown1;
+               uint32_t pipe_flags;
                struct smb2_handle handle;
                uint32_t unknown2;
                uint32_t max_response_size;

diff --git a/source4/libcli/smb2/transport.c b/source4/libcli/smb2/transport.c
index 04767fa634230acd713a3980c1d16fa14bf96132..02ac587636aae46c2917aeefe885ca74d4e12b41 100644 (file)
--- a/source4/libcli/smb2/transport.c
+++ b/source4/libcli/smb2/transport.c
@@ -185,6 +185,13 @@ static NTSTATUS smb2_transport_finish_recv(void *private, DATA_BLOB blob)
        req->in.body_size = req->in.size - (SMB2_HDR_BODY+NBT_HDR_SIZE);
        req->status       = NT_STATUS(IVAL(hdr, SMB2_HDR_STATUS));
 
+       if (NT_STATUS_EQUAL(req->status, STATUS_PENDING)) {
+               /* the server has helpfully told us that this request is still being
+                  processed. how useful :) */
+               talloc_free(buffer);
+               return NT_STATUS_OK;
+       }
+
        buffer_code = SVAL(req->in.body, 0);
        req->in.dynamic = NULL;
        dynamic_size = req->in.body_size - (buffer_code & ~1);

diff --git a/source4/librpc/rpc/dcerpc_smb2.c b/source4/librpc/rpc/dcerpc_smb2.c
index 56d568a663de87a675edb84a094ae951ad43f993..d733ab47138e8b57705df69becbcae25831f9532 100644 (file)
--- a/source4/librpc/rpc/dcerpc_smb2.c
+++ b/source4/librpc/rpc/dcerpc_smb2.c
@@ -104,6 +104,9 @@ static void smb2_read_callback(struct smb2_request *req)
        ZERO_STRUCT(io);
        io.in.length = MIN(state->c->srv_max_xmit_frag, 
                           frag_length - state->data.length);
+       if (io.in.length < 16) {
+               io.in.length = 16;
+       }
        io.in.handle = smb->handle;
        
        req = smb2_read_send(smb->tree, &io);
@@ -228,9 +231,9 @@ static NTSTATUS smb2_send_trans_request(struct dcerpc_connection *c, DATA_BLOB *
        state->c = c;
        
        ZERO_STRUCT(io);
-       io.in.unknown1 = 0x0011c017;
+       io.in.pipe_flags = SMB2_TRANS_PIPE_FLAGS;
        io.in.handle = smb->handle;
-       io.in.max_response_size = 0x10000;
+       io.in.max_response_size = 0x1000;
        io.in.flags = 1;
        io.in.out = *blob;
 
@@ -383,7 +386,9 @@ struct composite_context *dcerpc_pipe_open_smb2_send(struct dcerpc_connection *c
                NTCREATEX_SHARE_ACCESS_READ |
                NTCREATEX_SHARE_ACCESS_WRITE;
        io.in.open_disposition = NTCREATEX_DISP_OPEN;
-       io.in.create_options   = 0x400040;
+       io.in.create_options   = 
+               NTCREATEX_OPTIONS_NON_DIRECTORY_FILE | 
+               NTCREATEX_OPTIONS_UNKNOWN_400000;
        io.in.impersonation    = NTCREATEX_IMPERSONATION_IMPERSONATION;
 
        if ((strncasecmp(pipe_name, "/pipe/", 6) == 0) ||