2 Unix SMB/CIFS implementation.
5 Copyright (C) Stefan Metzmacher 2009
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "smbd/smbd.h"
23 #include "smbd/globals.h"
24 #include "../libcli/smb/smb_common.h"
26 #include "../lib/util/tevent_ntstatus.h"
28 static struct tevent_req *smbd_smb2_find_send(TALLOC_CTX *mem_ctx,
29 struct tevent_context *ev,
30 struct smbd_smb2_request *smb2req,
31 uint8_t in_file_info_class,
33 uint32_t in_file_index,
34 uint64_t in_file_id_volatile,
35 uint32_t in_output_buffer_length,
36 const char *in_file_name);
37 static NTSTATUS smbd_smb2_find_recv(struct tevent_req *req,
39 DATA_BLOB *out_output_buffer);
41 static void smbd_smb2_request_find_done(struct tevent_req *subreq);
42 NTSTATUS smbd_smb2_request_process_find(struct smbd_smb2_request *req)
45 const uint8_t *inbody;
46 int i = req->current_idx;
47 size_t expected_body_size = 0x21;
49 uint8_t in_file_info_class;
51 uint32_t in_file_index;
52 uint64_t in_file_id_persistent;
53 uint64_t in_file_id_volatile;
54 uint16_t in_file_name_offset;
55 uint16_t in_file_name_length;
56 DATA_BLOB in_file_name_buffer;
57 char *in_file_name_string;
58 size_t in_file_name_string_size;
59 uint32_t in_output_buffer_length;
60 struct tevent_req *subreq;
63 inhdr = (const uint8_t *)req->in.vector[i+0].iov_base;
64 if (req->in.vector[i+1].iov_len != (expected_body_size & 0xFFFFFFFE)) {
65 return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
68 inbody = (const uint8_t *)req->in.vector[i+1].iov_base;
70 body_size = SVAL(inbody, 0x00);
71 if (body_size != expected_body_size) {
72 return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
75 in_file_info_class = CVAL(inbody, 0x02);
76 in_flags = CVAL(inbody, 0x03);
77 in_file_index = IVAL(inbody, 0x04);
78 in_file_id_persistent = BVAL(inbody, 0x08);
79 in_file_id_volatile = BVAL(inbody, 0x10);
80 in_file_name_offset = SVAL(inbody, 0x18);
81 in_file_name_length = SVAL(inbody, 0x1A);
82 in_output_buffer_length = IVAL(inbody, 0x1C);
84 if (in_file_name_offset == 0 && in_file_name_length == 0) {
86 } else if (in_file_name_offset !=
87 (SMB2_HDR_BODY + (body_size & 0xFFFFFFFE))) {
88 return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
91 if (in_file_name_length > req->in.vector[i+2].iov_len) {
92 return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
95 /* The output header is 8 bytes. */
96 if (in_output_buffer_length <= 8) {
97 return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
100 DEBUG(10,("smbd_smb2_request_find_done: in_output_buffer_length = %u\n",
101 (unsigned int)in_output_buffer_length ));
103 /* Take into account the output header. */
104 in_output_buffer_length -= 8;
106 in_file_name_buffer.data = (uint8_t *)req->in.vector[i+2].iov_base;
107 in_file_name_buffer.length = in_file_name_length;
109 ok = convert_string_talloc(req, CH_UTF16, CH_UNIX,
110 in_file_name_buffer.data,
111 in_file_name_buffer.length,
112 &in_file_name_string,
113 &in_file_name_string_size);
115 return smbd_smb2_request_error(req, NT_STATUS_ILLEGAL_CHARACTER);
118 if (req->compat_chain_fsp) {
120 } else if (in_file_id_persistent != in_file_id_volatile) {
121 return smbd_smb2_request_error(req, NT_STATUS_FILE_CLOSED);
124 subreq = smbd_smb2_find_send(req,
125 req->sconn->smb2.event_ctx,
131 in_output_buffer_length,
132 in_file_name_string);
133 if (subreq == NULL) {
134 return smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
136 tevent_req_set_callback(subreq, smbd_smb2_request_find_done, req);
138 return smbd_smb2_request_pending_queue(req, subreq);
141 static void smbd_smb2_request_find_done(struct tevent_req *subreq)
143 struct smbd_smb2_request *req = tevent_req_callback_data(subreq,
144 struct smbd_smb2_request);
145 int i = req->current_idx;
149 uint16_t out_output_buffer_offset;
150 DATA_BLOB out_output_buffer = data_blob_null;
152 NTSTATUS error; /* transport error */
154 status = smbd_smb2_find_recv(subreq,
158 if (!NT_STATUS_IS_OK(status)) {
159 error = smbd_smb2_request_error(req, status);
160 if (!NT_STATUS_IS_OK(error)) {
161 smbd_server_connection_terminate(req->sconn,
168 out_output_buffer_offset = SMB2_HDR_BODY + 0x08;
170 outhdr = (uint8_t *)req->out.vector[i].iov_base;
172 outbody = data_blob_talloc(req->out.vector, NULL, 0x08);
173 if (outbody.data == NULL) {
174 error = smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
175 if (!NT_STATUS_IS_OK(error)) {
176 smbd_server_connection_terminate(req->sconn,
183 SSVAL(outbody.data, 0x00, 0x08 + 1); /* struct size */
184 SSVAL(outbody.data, 0x02,
185 out_output_buffer_offset); /* output buffer offset */
186 SIVAL(outbody.data, 0x04,
187 out_output_buffer.length); /* output buffer length */
189 DEBUG(10,("smbd_smb2_request_find_done: out_output_buffer.length = %u\n",
190 (unsigned int)out_output_buffer.length ));
192 outdyn = out_output_buffer;
194 error = smbd_smb2_request_done(req, outbody, &outdyn);
195 if (!NT_STATUS_IS_OK(error)) {
196 smbd_server_connection_terminate(req->sconn,
202 struct smbd_smb2_find_state {
203 struct smbd_smb2_request *smb2req;
204 DATA_BLOB out_output_buffer;
207 static struct tevent_req *smbd_smb2_find_send(TALLOC_CTX *mem_ctx,
208 struct tevent_context *ev,
209 struct smbd_smb2_request *smb2req,
210 uint8_t in_file_info_class,
212 uint32_t in_file_index,
213 uint64_t in_file_id_volatile,
214 uint32_t in_output_buffer_length,
215 const char *in_file_name)
217 struct tevent_req *req;
218 struct smbd_smb2_find_state *state;
219 struct smb_request *smbreq;
220 connection_struct *conn = smb2req->tcon->compat_conn;
223 NTSTATUS empty_status;
229 int last_entry_off = 0;
232 uint32_t dirtype = FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_DIRECTORY;
233 bool dont_descend = false;
234 bool ask_sharemode = true;
236 req = tevent_req_create(mem_ctx, &state,
237 struct smbd_smb2_find_state);
241 state->smb2req = smb2req;
242 state->out_output_buffer = data_blob_null;
244 DEBUG(10,("smbd_smb2_find_send: file_id[0x%016llX]\n",
245 (unsigned long long)in_file_id_volatile));
247 smbreq = smbd_smb2_fake_smb_request(smb2req);
248 if (tevent_req_nomem(smbreq, req)) {
249 return tevent_req_post(req, ev);
252 fsp = file_fsp(smbreq, (uint16_t)in_file_id_volatile);
254 tevent_req_nterror(req, NT_STATUS_FILE_CLOSED);
255 return tevent_req_post(req, ev);
257 if (conn != fsp->conn) {
258 tevent_req_nterror(req, NT_STATUS_FILE_CLOSED);
259 return tevent_req_post(req, ev);
261 if (smb2req->session->vuid != fsp->vuid) {
262 tevent_req_nterror(req, NT_STATUS_FILE_CLOSED);
263 return tevent_req_post(req, ev);
266 if (!fsp->is_directory) {
267 tevent_req_nterror(req, NT_STATUS_NOT_SUPPORTED);
268 return tevent_req_post(req, ev);
271 if (strcmp(in_file_name, "") == 0) {
272 tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_INVALID);
273 return tevent_req_post(req, ev);
275 if (strcmp(in_file_name, "\\") == 0) {
276 tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_INVALID);
277 return tevent_req_post(req, ev);
279 if (strcmp(in_file_name, "/") == 0) {
280 tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_INVALID);
281 return tevent_req_post(req, ev);
284 if (in_output_buffer_length > 0x10000) {
285 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
286 return tevent_req_post(req, ev);
289 switch (in_file_info_class) {
290 case SMB2_FIND_DIRECTORY_INFO:
291 info_level = SMB_FIND_FILE_DIRECTORY_INFO;
294 case SMB2_FIND_FULL_DIRECTORY_INFO:
295 info_level = SMB_FIND_FILE_FULL_DIRECTORY_INFO;
298 case SMB2_FIND_BOTH_DIRECTORY_INFO:
299 info_level = SMB_FIND_FILE_BOTH_DIRECTORY_INFO;
302 case SMB2_FIND_NAME_INFO:
303 info_level = SMB_FIND_FILE_NAMES_INFO;
306 case SMB2_FIND_ID_BOTH_DIRECTORY_INFO:
307 info_level = SMB_FIND_ID_BOTH_DIRECTORY_INFO;
310 case SMB2_FIND_ID_FULL_DIRECTORY_INFO:
311 info_level = SMB_FIND_ID_FULL_DIRECTORY_INFO;
315 tevent_req_nterror(req, NT_STATUS_INVALID_INFO_CLASS);
316 return tevent_req_post(req, ev);
319 if (in_flags & SMB2_CONTINUE_FLAG_REOPEN) {
323 if (fsp->dptr == NULL) {
326 if (!(fsp->access_mask & SEC_DIR_LIST)) {
327 tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED);
328 return tevent_req_post(req, ev);
331 wcard_has_wild = ms_has_wild(in_file_name);
333 status = dptr_create(conn,
335 fsp->fsp_name->base_name,
336 false, /* old_handle */
337 false, /* expect_close */
339 in_file_name, /* wcard */
343 if (!NT_STATUS_IS_OK(status)) {
344 tevent_req_nterror(req, status);
345 return tevent_req_post(req, ev);
348 empty_status = NT_STATUS_NO_SUCH_FILE;
350 empty_status = STATUS_NO_MORE_FILES;
353 if (in_flags & SMB2_CONTINUE_FLAG_RESTART) {
354 dptr_SeekDir(fsp->dptr, 0);
357 if (in_flags & SMB2_CONTINUE_FLAG_SINGLE) {
360 max_count = UINT16_MAX;
363 #define DIR_ENTRY_SAFETY_MARGIN 4096
365 state->out_output_buffer = data_blob_talloc(state, NULL,
366 in_output_buffer_length + DIR_ENTRY_SAFETY_MARGIN);
367 if (tevent_req_nomem(state->out_output_buffer.data, req)) {
368 return tevent_req_post(req, ev);
371 state->out_output_buffer.length = 0;
372 pdata = (char *)state->out_output_buffer.data;
375 * end_data must include the safety margin as it's what is
376 * used to determine if pushed strings have been truncated.
378 end_data = pdata + in_output_buffer_length + DIR_ENTRY_SAFETY_MARGIN - 1;
383 DEBUG(8,("smbd_smb2_find_send: dirpath=<%s> dontdescend=<%s>, "
384 "in_output_buffer_length = %u\n",
385 fsp->fsp_name->base_name, lp_dontdescend(SNUM(conn)),
386 (unsigned int)in_output_buffer_length ));
387 if (in_list(fsp->fsp_name->base_name,lp_dontdescend(SNUM(conn)),
388 conn->case_sensitive)) {
392 ask_sharemode = lp_parm_bool(SNUM(conn),
393 "smbd", "search ask sharemode",
398 bool got_exact_match = false;
399 bool out_of_space = false;
400 int space_remaining = in_output_buffer_length - off;
402 SMB_ASSERT(space_remaining >= 0);
404 ok = smbd_dirptr_lanman2_entry(state,
411 false, /* requires_resume_key */
414 8, /* align to 8 bytes */
415 false, /* no padding */
425 off = (int)PTR_DIFF(pdata, base_data);
429 SIVAL(state->out_output_buffer.data, last_entry_off, 0);
430 tevent_req_done(req);
431 return tevent_req_post(req, ev);
432 } else if (out_of_space) {
433 tevent_req_nterror(req, NT_STATUS_INFO_LENGTH_MISMATCH);
434 return tevent_req_post(req, ev);
436 tevent_req_nterror(req, empty_status);
437 return tevent_req_post(req, ev);
442 state->out_output_buffer.length = off;
444 if (num < max_count) {
448 SIVAL(state->out_output_buffer.data, last_entry_off, 0);
449 tevent_req_done(req);
450 return tevent_req_post(req, ev);
453 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
454 return tevent_req_post(req, ev);
457 static NTSTATUS smbd_smb2_find_recv(struct tevent_req *req,
459 DATA_BLOB *out_output_buffer)
462 struct smbd_smb2_find_state *state = tevent_req_data(req,
463 struct smbd_smb2_find_state);
465 if (tevent_req_is_nterror(req, &status)) {
466 tevent_req_received(req);
470 *out_output_buffer = state->out_output_buffer;
471 talloc_steal(mem_ctx, out_output_buffer->data);
473 tevent_req_received(req);
git.samba.org / samba.git / blob