2 Unix SMB/CIFS implementation.
3 SMB trans2 alias scanner
4 Copyright (C) Andrew Tridgell 2003
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 #include "dlinklist.h"
23 #include "libcli/raw/libcliraw.h"
24 #include "torture/torture.h"
25 #include "libcli/libcli.h"
26 #include "torture/util.h"
28 int create_complex_file(struct smbcli_state *cli, TALLOC_CTX *mem_ctx, const char *fname);
31 struct trans2_blobs *next, *prev;
33 DATA_BLOB params, data;
36 /* look for aliases for a query */
37 static void gen_aliases(struct smbcli_state *cli, struct smb_trans2 *t2, int level_offset)
41 struct trans2_blobs *alias_blobs = NULL;
42 struct trans2_blobs *t2b, *t2b2;
43 int count=0, alias_count=0;
45 mem_ctx = talloc_init("aliases");
47 for (level=0;level<2000;level++) {
50 SSVAL(t2->in.params.data, level_offset, level);
52 status = smb_raw_trans2(cli->tree, mem_ctx, t2);
53 if (!NT_STATUS_IS_OK(status)) continue;
55 t2b = talloc(mem_ctx, struct trans2_blobs);
57 t2b->params = t2->out.params;
58 t2b->data = t2->out.data;
59 DLIST_ADD(alias_blobs, t2b);
60 d_printf("\tFound level %4u (0x%03x) of size %3d (0x%02x)\n",
62 (int)t2b->data.length, (int)t2b->data.length);
66 d_printf("Found %d levels with success status\n", count);
68 for (t2b=alias_blobs; t2b; t2b=t2b->next) {
69 for (t2b2=alias_blobs; t2b2; t2b2=t2b2->next) {
70 if (t2b->level >= t2b2->level) continue;
71 if (data_blob_equal(&t2b->params, &t2b2->params) &&
72 data_blob_equal(&t2b->data, &t2b2->data)) {
73 printf("\tLevel %u (0x%x) and level %u (0x%x) are possible aliases\n",
74 t2b->level, t2b->level, t2b2->level, t2b2->level);
80 d_printf("Found %d aliased levels\n", alias_count);
85 /* look for qfsinfo aliases */
86 static void qfsinfo_aliases(struct smbcli_state *cli)
89 uint16_t setup = TRANSACT2_QFSINFO;
91 d_printf("\nChecking for QFSINFO aliases\n");
94 t2.in.max_data = smb_raw_max_trans_data(cli->tree, 0);
98 t2.in.setup_count = 1;
100 t2.in.params = data_blob(NULL, 2);
101 t2.in.data = data_blob(NULL, 0);
103 gen_aliases(cli, &t2, 0);
106 /* look for qfileinfo aliases */
107 static void qfileinfo_aliases(struct smbcli_state *cli)
109 struct smb_trans2 t2;
110 uint16_t setup = TRANSACT2_QFILEINFO;
111 const char *fname = "\\qfileinfo_aliases.txt";
114 d_printf("\nChecking for QFILEINFO aliases\n");
117 t2.in.max_data = smb_raw_max_trans_data(cli->tree, 2);
121 t2.in.setup_count = 1;
122 t2.in.setup = &setup;
123 t2.in.params = data_blob(NULL, 4);
124 t2.in.data = data_blob(NULL, 0);
126 smbcli_unlink(cli->tree, fname);
127 fnum = create_complex_file(cli, cli, fname);
129 printf("ERROR: open of %s failed (%s)\n", fname, smbcli_errstr(cli->tree));
132 smbcli_write(cli->tree, fnum, 0, &t2, 0, sizeof(t2));
134 SSVAL(t2.in.params.data, 0, fnum);
136 gen_aliases(cli, &t2, 2);
138 smbcli_close(cli->tree, fnum);
139 smbcli_unlink(cli->tree, fname);
143 /* look for qpathinfo aliases */
144 static void qpathinfo_aliases(struct smbcli_state *cli)
146 struct smb_trans2 t2;
147 uint16_t setup = TRANSACT2_QPATHINFO;
148 const char *fname = "\\qpathinfo_aliases.txt";
152 mem_ctx = talloc_init("qpathinfo");
154 d_printf("\nChecking for QPATHINFO aliases\n");
157 t2.in.max_data = smb_raw_max_trans_data(cli->tree, 2);
161 t2.in.setup_count = 1;
162 t2.in.setup = &setup;
163 t2.in.params = data_blob_talloc(mem_ctx, NULL, 6);
164 t2.in.data = data_blob(NULL, 0);
166 smbcli_unlink(cli->tree, fname);
167 fnum = create_complex_file(cli, cli, fname);
169 printf("ERROR: open of %s failed (%s)\n", fname, smbcli_errstr(cli->tree));
172 smbcli_write(cli->tree, fnum, 0, &t2, 0, sizeof(t2));
173 smbcli_close(cli->tree, fnum);
175 SIVAL(t2.in.params.data, 2, 0);
177 smbcli_blob_append_string(cli->session, mem_ctx, &t2.in.params,
178 fname, STR_TERMINATE);
180 gen_aliases(cli, &t2, 0);
182 smbcli_unlink(cli->tree, fname);
183 talloc_free(mem_ctx);
187 /* look for trans2 findfirst aliases */
188 static void findfirst_aliases(struct smbcli_state *cli)
190 struct smb_trans2 t2;
191 uint16_t setup = TRANSACT2_FINDFIRST;
192 const char *fname = "\\findfirst_aliases.txt";
196 mem_ctx = talloc_init("findfirst");
198 d_printf("\nChecking for FINDFIRST aliases\n");
200 t2.in.max_param = 16;
201 t2.in.max_data = smb_raw_max_trans_data(cli->tree, 16);
205 t2.in.setup_count = 1;
206 t2.in.setup = &setup;
207 t2.in.params = data_blob_talloc(mem_ctx, NULL, 12);
208 t2.in.data = data_blob(NULL, 0);
210 smbcli_unlink(cli->tree, fname);
211 fnum = create_complex_file(cli, cli, fname);
213 printf("ERROR: open of %s failed (%s)\n", fname, smbcli_errstr(cli->tree));
216 smbcli_write(cli->tree, fnum, 0, &t2, 0, sizeof(t2));
217 smbcli_close(cli->tree, fnum);
219 SSVAL(t2.in.params.data, 0, 0);
220 SSVAL(t2.in.params.data, 2, 1);
221 SSVAL(t2.in.params.data, 4, FLAG_TRANS2_FIND_CLOSE);
222 SSVAL(t2.in.params.data, 6, 0);
223 SIVAL(t2.in.params.data, 8, 0);
225 smbcli_blob_append_string(cli->session, mem_ctx, &t2.in.params,
226 fname, STR_TERMINATE);
228 gen_aliases(cli, &t2, 6);
230 smbcli_unlink(cli->tree, fname);
231 talloc_free(mem_ctx);
236 /* look for aliases for a set function */
237 static void gen_set_aliases(struct smbcli_state *cli, struct smb_trans2 *t2, int level_offset)
241 struct trans2_blobs *alias_blobs = NULL;
242 struct trans2_blobs *t2b;
245 mem_ctx = talloc_init("aliases");
247 for (level=1;level<1100;level++) {
248 NTSTATUS status, status1;
249 SSVAL(t2->in.params.data, level_offset, level);
251 status1 = NT_STATUS_OK;
253 for (dsize=2; dsize<1024; dsize += 2) {
254 data_blob_free(&t2->in.data);
255 t2->in.data = data_blob(NULL, dsize);
256 data_blob_clear(&t2->in.data);
257 status = smb_raw_trans2(cli->tree, mem_ctx, t2);
258 /* some error codes mean that this whole level doesn't exist */
259 if (NT_STATUS_EQUAL(NT_STATUS_INVALID_LEVEL, status) ||
260 NT_STATUS_EQUAL(NT_STATUS_INVALID_INFO_CLASS, status) ||
261 NT_STATUS_EQUAL(NT_STATUS_NOT_SUPPORTED, status)) {
264 if (NT_STATUS_IS_OK(status)) break;
266 /* invalid parameter means that the level exists at this
267 size, but the contents are wrong (not surprising with
269 if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) break;
271 /* this is the usual code for 'wrong size' */
272 if (NT_STATUS_EQUAL(status, NT_STATUS_INFO_LENGTH_MISMATCH)) {
276 if (!NT_STATUS_EQUAL(status, status1)) {
277 printf("level=%d size=%d %s\n", level, dsize, nt_errstr(status));
282 if (!NT_STATUS_IS_OK(status) &&
283 !NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) continue;
285 t2b = talloc(mem_ctx, struct trans2_blobs);
287 t2b->params = t2->out.params;
288 t2b->data = t2->out.data;
289 DLIST_ADD(alias_blobs, t2b);
290 d_printf("\tFound level %4u (0x%03x) of size %3d (0x%02x)\n",
292 (int)t2->in.data.length, (int)t2->in.data.length);
296 d_printf("Found %d valid levels\n", count);
297 talloc_free(mem_ctx);
302 /* look for setfileinfo aliases */
303 static void setfileinfo_aliases(struct smbcli_state *cli)
305 struct smb_trans2 t2;
306 uint16_t setup = TRANSACT2_SETFILEINFO;
307 const char *fname = "\\setfileinfo_aliases.txt";
310 d_printf("\nChecking for SETFILEINFO aliases\n");
317 t2.in.setup_count = 1;
318 t2.in.setup = &setup;
319 t2.in.params = data_blob(NULL, 6);
320 t2.in.data = data_blob(NULL, 0);
322 smbcli_unlink(cli->tree, fname);
323 fnum = create_complex_file(cli, cli, fname);
325 printf("ERROR: open of %s failed (%s)\n", fname, smbcli_errstr(cli->tree));
328 smbcli_write(cli->tree, fnum, 0, &t2, 0, sizeof(t2));
330 SSVAL(t2.in.params.data, 0, fnum);
331 SSVAL(t2.in.params.data, 4, 0);
333 gen_set_aliases(cli, &t2, 2);
335 smbcli_close(cli->tree, fnum);
336 smbcli_unlink(cli->tree, fname);
339 /* look for setpathinfo aliases */
340 static void setpathinfo_aliases(struct smbcli_state *cli)
342 struct smb_trans2 t2;
343 uint16_t setup = TRANSACT2_SETPATHINFO;
344 const char *fname = "\\setpathinfo_aliases.txt";
348 mem_ctx = talloc_init("findfirst");
350 d_printf("\nChecking for SETPATHINFO aliases\n");
352 t2.in.max_param = 32;
353 t2.in.max_data = smb_raw_max_trans_data(cli->tree, 32);
357 t2.in.setup_count = 1;
358 t2.in.setup = &setup;
359 t2.in.params = data_blob_talloc(mem_ctx, NULL, 4);
360 t2.in.data = data_blob(NULL, 0);
362 smbcli_unlink(cli->tree, fname);
364 fnum = create_complex_file(cli, cli, fname);
366 printf("ERROR: open of %s failed (%s)\n", fname, smbcli_errstr(cli->tree));
369 smbcli_write(cli->tree, fnum, 0, &t2, 0, sizeof(t2));
370 smbcli_close(cli->tree, fnum);
372 SSVAL(t2.in.params.data, 2, 0);
374 smbcli_blob_append_string(cli->session, mem_ctx, &t2.in.params,
375 fname, STR_TERMINATE);
377 gen_set_aliases(cli, &t2, 0);
379 if (NT_STATUS_IS_ERR(smbcli_unlink(cli->tree, fname))) {
380 printf("unlink: %s\n", smbcli_errstr(cli->tree));
382 talloc_free(mem_ctx);
386 /* look for aliased info levels in trans2 calls */
387 BOOL torture_trans2_aliases(struct torture_context *torture)
389 struct smbcli_state *cli;
391 if (!torture_open_connection(&cli, 0)) {
396 qfsinfo_aliases(cli);
397 qfileinfo_aliases(cli);
398 qpathinfo_aliases(cli);
399 findfirst_aliases(cli);
400 setfileinfo_aliases(cli);
401 setpathinfo_aliases(cli);
403 if (!torture_close_connection(cli)) {
git.samba.org / tprouty / samba.git / blob