libcli/smb/smb2cli_query_info.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    smb2 lib
   4    Copyright (C) Stefan Metzmacher 2012
   5
   6    This program is free software; you can redistribute it and/or modify
   7    it under the terms of the GNU General Public License as published by
   8    the Free Software Foundation; either version 3 of the License, or
   9    (at your option) any later version.
  10
  11    This program is distributed in the hope that it will be useful,
  12    but WITHOUT ANY WARRANTY; without even the implied warranty of
  13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14    GNU General Public License for more details.
  15
  16    You should have received a copy of the GNU General Public License
  17    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18 */
  19
  20 #include "includes.h"
  21 #include "system/network.h"
  22 #include "lib/util/tevent_ntstatus.h"
  23 #include "smb_common.h"
  24 #include "smbXcli_base.h"
  25
  26 struct smb2cli_query_info_state {
  27         uint8_t fixed[0x28];
  28         uint8_t dyn_pad[1];
  29         uint32_t max_output_length;
  30         struct iovec *recv_iov;
  31         DATA_BLOB out_output_buffer;
  32 };
  33
  34 static void smb2cli_query_info_done(struct tevent_req *subreq);
  35
  36 struct tevent_req *smb2cli_query_info_send(TALLOC_CTX *mem_ctx,
  37                                            struct tevent_context *ev,
  38                                            struct smbXcli_conn *conn,
  39                                            uint32_t timeout_msec,
  40                                            struct smbXcli_session *session,
  41                                            struct smbXcli_tcon *tcon,
  42                                            uint8_t in_info_type,
  43                                            uint8_t in_file_info_class,
  44                                            uint32_t in_max_output_length,
  45                                            const DATA_BLOB *in_input_buffer,
  46                                            uint32_t in_additional_info,
  47                                            uint32_t in_flags,
  48                                            uint64_t in_fid_persistent,
  49                                            uint64_t in_fid_volatile)
  50 {
  51         struct tevent_req *req, *subreq;
  52         struct smb2cli_query_info_state *state;
  53         uint8_t *fixed;
  54         uint8_t *dyn;
  55         size_t dyn_len;
  56         uint16_t input_buffer_offset = 0;
  57         uint32_t input_buffer_length = 0;
  58
  59         req = tevent_req_create(mem_ctx, &state,
  60                                 struct smb2cli_query_info_state);
  61         if (req == NULL) {
  62                 return NULL;
  63         }
  64         state->max_output_length = in_max_output_length;
  65
  66         if (in_input_buffer) {
  67                 input_buffer_offset = SMB2_HDR_BODY+0x28;
  68                 input_buffer_length = in_input_buffer->length;
  69         }
  70
  71         fixed = state->fixed;
  72
  73         SSVAL(fixed, 0x00, 0x29);
  74         SCVAL(fixed, 0x02, in_info_type);
  75         SCVAL(fixed, 0x03, in_file_info_class); /* reserved */
  76         SIVAL(fixed, 0x04, in_max_output_length);
  77         SSVAL(fixed, 0x08, input_buffer_offset);
  78         SSVAL(fixed, 0x0A, 0); /* reserved */
  79         SIVAL(fixed, 0x0C, input_buffer_length);
  80         SIVAL(fixed, 0x10, in_additional_info);
  81         SIVAL(fixed, 0x14, in_flags);
  82         SBVAL(fixed, 0x18, in_fid_persistent);
  83         SBVAL(fixed, 0x20, in_fid_volatile);
  84
  85         if (input_buffer_length > 0) {
  86                 dyn = in_input_buffer->data;
  87                 dyn_len = in_input_buffer->length;
  88         } else {
  89                 dyn = state->dyn_pad;
  90                 dyn_len = sizeof(state->dyn_pad);
  91         }
  92
  93         subreq = smb2cli_req_send(state, ev, conn, SMB2_OP_GETINFO,
  94                                   0, 0, /* flags */
  95                                   timeout_msec,
  96                                   tcon,
  97                                   session,
  98                                   state->fixed, sizeof(state->fixed),
  99                                   dyn, dyn_len,
 100                                   in_max_output_length); /* max_dyn_len */
 101         if (tevent_req_nomem(subreq, req)) {
 102                 return tevent_req_post(req, ev);
 103         }
 104         tevent_req_set_callback(subreq, smb2cli_query_info_done, req);
 105         return req;
 106 }
 107
 108 static void smb2cli_query_info_done(struct tevent_req *subreq)
 109 {
 110         struct tevent_req *req =
 111                 tevent_req_callback_data(subreq,
 112                 struct tevent_req);
 113         struct smb2cli_query_info_state *state =
 114                 tevent_req_data(req,
 115                 struct smb2cli_query_info_state);
 116         NTSTATUS status;
 117         struct iovec *iov;
 118         uint8_t *fixed;
 119         uint8_t *dyn;
 120         size_t dyn_len;
 121         uint32_t dyn_ofs = SMB2_HDR_BODY + 0x08;
 122         uint32_t output_buffer_offset;
 123         uint32_t output_buffer_length;
 124         static const struct smb2cli_req_expected_response expected[] = {
 125         {
 126                 .status = NT_STATUS_OK,
 127                 .body_size = 0x09
 128         },
 129         {
 130                 .status = STATUS_BUFFER_OVERFLOW,
 131                 .body_size = 0x09
 132         }
 133         };
 134
 135         status = smb2cli_req_recv(subreq, state, &iov,
 136                                   expected, ARRAY_SIZE(expected));
 137         TALLOC_FREE(subreq);
 138         if (tevent_req_nterror(req, status)) {
 139                 return;
 140         }
 141
 142         state->recv_iov = iov;
 143         fixed = (uint8_t *)iov[1].iov_base;
 144         dyn = (uint8_t *)iov[2].iov_base;
 145         dyn_len = iov[2].iov_len;
 146
 147         output_buffer_offset = SVAL(fixed, 0x02);
 148         output_buffer_length = IVAL(fixed, 0x04);
 149
 150         if ((output_buffer_offset > 0) && (output_buffer_length > 0)) {
 151                 if (output_buffer_offset != dyn_ofs) {
 152                         tevent_req_nterror(
 153                                 req, NT_STATUS_INVALID_NETWORK_RESPONSE);
 154                         return;
 155                 }
 156
 157                 if (output_buffer_length > dyn_len) {
 158                         tevent_req_nterror(
 159                                 req, NT_STATUS_INVALID_NETWORK_RESPONSE);
 160                         return;
 161                 }
 162
 163                 if (output_buffer_length > state->max_output_length) {
 164                         tevent_req_nterror(
 165                                 req, NT_STATUS_INVALID_NETWORK_RESPONSE);
 166                         return;
 167                 }
 168
 169                 state->out_output_buffer.data = dyn;
 170                 state->out_output_buffer.length = output_buffer_length;
 171         }
 172
 173         tevent_req_done(req);
 174 }
 175
 176 NTSTATUS smb2cli_query_info_recv(struct tevent_req *req,
 177                                  TALLOC_CTX *mem_ctx,
 178                                  DATA_BLOB *out_output_buffer)
 179 {
 180         struct smb2cli_query_info_state *state =
 181                 tevent_req_data(req,
 182                 struct smb2cli_query_info_state);
 183         NTSTATUS status;
 184
 185         if (tevent_req_is_nterror(req, &status)) {
 186                 tevent_req_received(req);
 187                 return status;
 188         }
 189
 190         talloc_steal(mem_ctx, state->recv_iov);
 191         if (out_output_buffer) {
 192                 *out_output_buffer = state->out_output_buffer;
 193         }
 194
 195         tevent_req_received(req);
 196         return NT_STATUS_OK;
 197 }
 198
 199 NTSTATUS smb2cli_query_info(struct smbXcli_conn *conn,
 200                             uint32_t timeout_msec,
 201                             struct smbXcli_session *session,
 202                             struct smbXcli_tcon *tcon,
 203                             uint8_t in_info_type,
 204                             uint8_t in_file_info_class,
 205                             uint32_t in_max_output_length,
 206                             const DATA_BLOB *in_input_buffer,
 207                             uint32_t in_additional_info,
 208                             uint32_t in_flags,
 209                             uint64_t in_fid_persistent,
 210                             uint64_t in_fid_volatile,
 211                             TALLOC_CTX *mem_ctx,
 212                             DATA_BLOB *out_output_buffer)
 213 {
 214         TALLOC_CTX *frame = talloc_stackframe();
 215         struct tevent_context *ev;
 216         struct tevent_req *req;
 217         NTSTATUS status = NT_STATUS_NO_MEMORY;
 218
 219         if (smbXcli_conn_has_async_calls(conn)) {
 220                 /*
 221                  * Can't use sync call while an async call is in flight
 222                  */
 223                 status = NT_STATUS_INVALID_PARAMETER_MIX;
 224                 goto fail;
 225         }
 226         ev = samba_tevent_context_init(frame);
 227         if (ev == NULL) {
 228                 goto fail;
 229         }
 230         req = smb2cli_query_info_send(frame, ev,
 231                                       conn, timeout_msec,
 232                                       session, tcon,
 233                                       in_info_type,
 234                                       in_file_info_class,
 235                                       in_max_output_length,
 236                                       in_input_buffer,
 237                                       in_additional_info,
 238                                       in_flags,
 239                                       in_fid_persistent,
 240                                       in_fid_volatile);
 241         if (req == NULL) {
 242                 goto fail;
 243         }
 244         if (!tevent_req_poll_ntstatus(req, ev, &status)) {
 245                 goto fail;
 246         }
 247         status = smb2cli_query_info_recv(req, mem_ctx,
 248                                          out_output_buffer);
 249  fail:
 250         TALLOC_FREE(frame);
 251         return status;
 252 }