source3/smbd/smb1_message.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    SMB messaging
   4    Copyright (C) Andrew Tridgell 1992-1998
   5
   6    This program is free software; you can redistribute it and/or modify
   7    it under the terms of the GNU General Public License as published by
   8    the Free Software Foundation; either version 3 of the License, or
   9    (at your option) any later version.
  10
  11    This program is distributed in the hope that it will be useful,
  12    but WITHOUT ANY WARRANTY; without even the implied warranty of
  13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14    GNU General Public License for more details.
  15
  16    You should have received a copy of the GNU General Public License
  17    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18 */
  19 /*
  20    This file handles the messaging system calls for winpopup style
  21    messages
  22 */
  23
  24
  25 #include "includes.h"
  26 #include "system/filesys.h"
  27 #include "smbd/smbd.h"
  28 #include "smbd/globals.h"
  29 #include "smbprofile.h"
  30 #include "source3/lib/substitute.h"
  31
  32 struct msg_state {
  33         char *from;
  34         char *to;
  35         char *msg;
  36 };
  37
  38 /****************************************************************************
  39  Deliver the message.
  40 ****************************************************************************/
  41
  42 static void msg_deliver(struct msg_state *state)
  43 {
  44         TALLOC_CTX *frame = talloc_stackframe();
  45         const struct loadparm_substitution *lp_sub =
  46                 loadparm_s3_global_substitution();
  47         char *name = NULL;
  48         int i;
  49         int fd;
  50         char *msg;
  51         size_t len;
  52         ssize_t sz;
  53         fstring alpha_buf;
  54         char *s;
  55         mode_t mask;
  56
  57         if (! (*lp_message_command(frame, lp_sub))) {
  58                 DEBUG(1,("no messaging command specified\n"));
  59                 goto done;
  60         }
  61
  62         /* put it in a temporary file */
  63         name = talloc_asprintf(talloc_tos(), "%s/msg.XXXXXX", tmpdir());
  64         if (!name) {
  65                 goto done;
  66         }
  67         mask = umask(S_IRWXO | S_IRWXG);
  68         fd = mkstemp(name);
  69         umask(mask);
  70
  71         if (fd == -1) {
  72                 DEBUG(1, ("can't open message file %s: %s\n", name,
  73                           strerror(errno)));
  74                 goto done;
  75         }
  76
  77         /*
  78          * Incoming message is in DOS codepage format. Convert to UNIX.
  79          */
  80
  81         if (!convert_string_talloc(talloc_tos(), CH_DOS, CH_UNIX, state->msg,
  82                                    talloc_get_size(state->msg), (void *)&msg,
  83                                    &len)) {
  84                 DEBUG(3, ("Conversion failed, delivering message in DOS "
  85                           "codepage format\n"));
  86                 msg = state->msg;
  87         }
  88
  89         for (i = 0; i < len; i++) {
  90                 if ((msg[i] == '\r') &&
  91                     (i < (len-1)) && (msg[i+1] == '\n')) {
  92                         continue;
  93                 }
  94                 sz = write(fd, &msg[i], 1);
  95                 if ( sz != 1 ) {
  96                         DEBUG(0, ("Write error to fd %d: %ld(%s)\n", fd,
  97                                   (long)sz, strerror(errno)));
  98                 }
  99         }
 100
 101         close(fd);
 102
 103         /* run the command */
 104         s = lp_message_command(frame, lp_sub);
 105         if (s == NULL) {
 106                 goto done;
 107         }
 108
 109         alpha_strcpy(alpha_buf, state->from, NULL, sizeof(alpha_buf));
 110
 111         s = talloc_string_sub(talloc_tos(), s, "%f", alpha_buf);
 112         if (s == NULL) {
 113                 goto done;
 114         }
 115
 116         alpha_strcpy(alpha_buf, state->to, NULL, sizeof(alpha_buf));
 117
 118         s = talloc_string_sub(talloc_tos(), s, "%t", alpha_buf);
 119         if (s == NULL) {
 120                 goto done;
 121         }
 122
 123         s = talloc_sub_basic(talloc_tos(), get_current_username(),
 124                              get_current_user_info_domain(), s);
 125         if (s == NULL) {
 126                 goto done;
 127         }
 128
 129         s = talloc_string_sub(talloc_tos(), s, "%s", name);
 130         if (s == NULL) {
 131                 goto done;
 132         }
 133         smbrun(s, NULL, NULL);
 134
 135  done:
 136         TALLOC_FREE(frame);
 137         return;
 138 }
 139
 140 /****************************************************************************
 141  Reply to a sends.
 142  conn POINTER CAN BE NULL HERE !
 143 ****************************************************************************/
 144
 145 void reply_sends(struct smb_request *req)
 146 {
 147         const struct loadparm_substitution *lp_sub =
 148                 loadparm_s3_global_substitution();
 149         struct msg_state *state;
 150         int len;
 151         const uint8_t *msg;
 152         const uint8_t *p;
 153
 154         START_PROFILE(SMBsends);
 155
 156         if (!(*lp_message_command(talloc_tos(), lp_sub))) {
 157                 reply_nterror(req, NT_STATUS_REQUEST_NOT_ACCEPTED);
 158                 END_PROFILE(SMBsends);
 159                 return;
 160         }
 161
 162         state = talloc_zero(talloc_tos(), struct msg_state);
 163
 164         p = req->buf + 1;
 165         p += srvstr_pull_req_talloc(
 166                 state, req, &state->from, p, STR_ASCII|STR_TERMINATE) + 1;
 167         p += srvstr_pull_req_talloc(
 168                 state, req, &state->to, p, STR_ASCII|STR_TERMINATE) + 1;
 169
 170         msg = p;
 171
 172         len = SVAL(msg,0);
 173         len = MIN(len, smbreq_bufrem(req, msg+2));
 174
 175         state->msg = talloc_array(state, char, len);
 176
 177         if (state->msg == NULL) {
 178                 reply_nterror(req, NT_STATUS_NO_MEMORY);
 179                 END_PROFILE(SMBsends);
 180                 return;
 181         }
 182
 183         memcpy(state->msg, msg+2, len);
 184
 185         msg_deliver(state);
 186
 187         reply_smb1_outbuf(req, 0, 0);
 188
 189         END_PROFILE(SMBsends);
 190         return;
 191 }
 192
 193 /****************************************************************************
 194  Reply to a sendstrt.
 195  conn POINTER CAN BE NULL HERE !
 196 ****************************************************************************/
 197
 198 void reply_sendstrt(struct smb_request *req)
 199 {
 200         const struct loadparm_substitution *lp_sub =
 201                 loadparm_s3_global_substitution();
 202         struct smbXsrv_connection *xconn = req->xconn;
 203         const uint8_t *p;
 204
 205         START_PROFILE(SMBsendstrt);
 206
 207         if (!(*lp_message_command(talloc_tos(), lp_sub))) {
 208                 reply_nterror(req, NT_STATUS_REQUEST_NOT_ACCEPTED);
 209                 END_PROFILE(SMBsendstrt);
 210                 return;
 211         }
 212
 213         TALLOC_FREE(xconn->smb1.msg_state);
 214
 215         xconn->smb1.msg_state = talloc_zero(xconn, struct msg_state);
 216
 217         if (xconn->smb1.msg_state == NULL) {
 218                 reply_nterror(req, NT_STATUS_NO_MEMORY);
 219                 END_PROFILE(SMBsendstrt);
 220                 return;
 221         }
 222
 223         p = req->buf+1;
 224         p += srvstr_pull_req_talloc(
 225                 xconn->smb1.msg_state, req,
 226                 &xconn->smb1.msg_state->from, p,
 227                 STR_ASCII|STR_TERMINATE) + 1;
 228         p += srvstr_pull_req_talloc(
 229                 xconn->smb1.msg_state, req,
 230                 &xconn->smb1.msg_state->to, p,
 231                 STR_ASCII|STR_TERMINATE) + 1;
 232
 233         DEBUG(3, ("SMBsendstrt (from %s to %s)\n",
 234                   xconn->smb1.msg_state->from,
 235                   xconn->smb1.msg_state->to));
 236
 237         reply_smb1_outbuf(req, 0, 0);
 238
 239         END_PROFILE(SMBsendstrt);
 240         return;
 241 }
 242
 243 /****************************************************************************
 244  Reply to a sendtxt.
 245  conn POINTER CAN BE NULL HERE !
 246 ****************************************************************************/
 247
 248 void reply_sendtxt(struct smb_request *req)
 249 {
 250         const struct loadparm_substitution *lp_sub =
 251                 loadparm_s3_global_substitution();
 252         struct smbXsrv_connection *xconn = req->xconn;
 253         int len;
 254         const char *msg;
 255         char *tmp;
 256         size_t old_len;
 257
 258         START_PROFILE(SMBsendtxt);
 259
 260         if (! (*lp_message_command(talloc_tos(), lp_sub))) {
 261                 reply_nterror(req, NT_STATUS_REQUEST_NOT_ACCEPTED);
 262                 END_PROFILE(SMBsendtxt);
 263                 return;
 264         }
 265
 266         if ((xconn->smb1.msg_state == NULL) || (req->buflen < 3)) {
 267                 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
 268                 END_PROFILE(SMBsendtxt);
 269                 return;
 270         }
 271
 272         msg = (const char *)req->buf + 1;
 273
 274         old_len = talloc_get_size(xconn->smb1.msg_state->msg);
 275
 276         len = MIN(SVAL(msg, 0), smbreq_bufrem(req, msg+2));
 277
 278         tmp = talloc_realloc(xconn->smb1.msg_state,
 279                              xconn->smb1.msg_state->msg,
 280                              char, old_len + len);
 281
 282         if (tmp == NULL) {
 283                 reply_nterror(req, NT_STATUS_NO_MEMORY);
 284                 END_PROFILE(SMBsendtxt);
 285                 return;
 286         }
 287
 288         xconn->smb1.msg_state->msg = tmp;
 289
 290         memcpy(&xconn->smb1.msg_state->msg[old_len], msg+2, len);
 291
 292         DEBUG( 3, ( "SMBsendtxt\n" ) );
 293
 294         reply_smb1_outbuf(req, 0, 0);
 295
 296         END_PROFILE(SMBsendtxt);
 297         return;
 298 }
 299
 300 /****************************************************************************
 301  Reply to a sendend.
 302  conn POINTER CAN BE NULL HERE !
 303 ****************************************************************************/
 304
 305 void reply_sendend(struct smb_request *req)
 306 {
 307         const struct loadparm_substitution *lp_sub =
 308                 loadparm_s3_global_substitution();
 309         struct smbXsrv_connection *xconn = req->xconn;
 310         START_PROFILE(SMBsendend);
 311
 312         if (! (*lp_message_command(talloc_tos(), lp_sub))) {
 313                 reply_nterror(req, NT_STATUS_REQUEST_NOT_ACCEPTED);
 314                 END_PROFILE(SMBsendend);
 315                 return;
 316         }
 317
 318         if (xconn->smb1.msg_state == NULL) {
 319                 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
 320                 END_PROFILE(SMBsendend);
 321                 return;
 322         }
 323
 324         DEBUG(3,("SMBsendend\n"));
 325
 326         msg_deliver(xconn->smb1.msg_state);
 327
 328         TALLOC_FREE(xconn->smb1.msg_state);
 329
 330         reply_smb1_outbuf(req, 0, 0);
 331
 332         END_PROFILE(SMBsendend);
 333         return;
 334 }