along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-struct smb2_options {
- uint32_t timeout;
-};
+#ifndef __LIBCLI_SMB2_SMB2_H__
+#define __LIBCLI_SMB2_SMB2_H__
+
+#include "libcli/raw/request.h"
+#include "libcli/raw/libcliraw.h"
+
+struct smb2_handle;
+struct smb2_lease_break;
/*
- information returned from the negotiate response
+ information returned from the negotiate process
*/
struct smb2_negotiate {
DATA_BLOB secblob;
+ NTTIME system_time;
+ NTTIME server_start_time;
+ uint16_t security_mode;
+ uint16_t dialect_revision;
};
/* this is the context for the smb2 transport layer */
/* socket level info */
struct smbcli_socket *socket;
- struct smb2_options options;
struct smb2_negotiate negotiate;
/* next seqnum to allocate */
for a packet */
struct {
void (*func)(struct smb2_transport *, void *);
- void *private;
+ void *private_data;
uint_t period;
} idle;
+
+ struct {
+ /* a oplock break request handler */
+ bool (*handler)(struct smb2_transport *transport,
+ const struct smb2_handle *handle,
+ uint8_t level, void *private_data);
+ /* private data passed to the oplock handler */
+ void *private_data;
+ } oplock;
+
+ struct {
+ /* a lease break request handler */
+ bool (*handler)(struct smb2_transport *transport,
+ const struct smb2_lease_break *lease_break,
+ void *private_data);
+ /* private data passed to the oplock handler */
+ void *private_data;
+ } lease;
+
+ struct smbcli_options options;
+
+ bool signing_required;
};
struct gensec_security *gensec;
uint64_t uid;
DATA_BLOB session_key;
+ bool signing_active;
};
* this will be moved when some dynamic data is pushed
*/
uint8_t *dynamic;
+
+ /* this is used to range check and align strings and buffers */
+ struct request_bufinfo bufinfo;
};
*/
struct {
void (*fn)(struct smb2_request *);
- void *private;
+ void *private_data;
} async;
};
#define SMB2_MIN_SIZE 0x42
+#define SMB2_MIN_SIZE_NO_BODY 0x40
-/* offsets into header elements */
+/* offsets into header elements for a sync SMB2 request */
+#define SMB2_HDR_PROTOCOL_ID 0x00
#define SMB2_HDR_LENGTH 0x04
-#define SMB2_HDR_PAD1 0x06
+#define SMB2_HDR_EPOCH 0x06
#define SMB2_HDR_STATUS 0x08
#define SMB2_HDR_OPCODE 0x0c
-#define SMB2_HDR_UNKNOWN1 0x0e
+#define SMB2_HDR_CREDIT 0x0e
#define SMB2_HDR_FLAGS 0x10
-#define SMB2_HDR_CHAIN_OFFSET 0x14
-#define SMB2_HDR_SEQNUM 0x18
+#define SMB2_HDR_NEXT_COMMAND 0x14
+#define SMB2_HDR_MESSAGE_ID 0x18
#define SMB2_HDR_PID 0x20
#define SMB2_HDR_TID 0x24
-#define SMB2_HDR_UID 0x28 /* 64 bit */
-#define SMB2_HDR_SIG 0x30 /* guess ... */
+#define SMB2_HDR_SESSION_ID 0x28
+#define SMB2_HDR_SIGNATURE 0x30 /* 16 bytes */
#define SMB2_HDR_BODY 0x40
+/* header flags */
+#define SMB2_HDR_FLAG_REDIRECT 0x01
+#define SMB2_HDR_FLAG_ASYNC 0x02
+#define SMB2_HDR_FLAG_CHAINED 0x04
+#define SMB2_HDR_FLAG_SIGNED 0x08
+#define SMB2_HDR_FLAG_DFS 0x10000000
+
/* SMB2 opcodes */
#define SMB2_OP_NEGPROT 0x00
#define SMB2_OP_SESSSETUP 0x01
#define SMB2_MAGIC 0x424D53FE /* 0xFE 'S' 'M' 'B' */
+/* the dialects we support */
+#define SMB2_DIALECT_REVISION 0x202
+#define SMB21_DIALECT_REVISION 0x210
+#define SMB2_LONGHORN_BETA_DIALECT_REVISION 0x0 /* early beta dialect */
+
+/* SMB2 negotiate security_mode */
+#define SMB2_NEGOTIATE_SIGNING_ENABLED 0x01
+#define SMB2_NEGOTIATE_SIGNING_REQUIRED 0x02
+
+/* SMB2 capabilities - only 1 so far. I'm sure more will be added */
+#define SMB2_CAP_DFS 0x00000001
+/* so we can spot new caps as added */
+#define SMB2_CAP_ALL SMB2_CAP_DFS
+
+/* SMB2 share flags */
+#define SMB2_SHAREFLAG_MANUAL_CACHING 0x0000
+#define SMB2_SHAREFLAG_AUTO_CACHING 0x0010
+#define SMB2_SHAREFLAG_VDO_CACHING 0x0020
+#define SMB2_SHAREFLAG_NO_CACHING 0x0030
+#define SMB2_SHAREFLAG_DFS 0x0001
+#define SMB2_SHAREFLAG_DFS_ROOT 0x0002
+#define SMB2_SHAREFLAG_RESTRICT_EXCLUSIVE_OPENS 0x0100
+#define SMB2_SHAREFLAG_FORCE_SHARED_DELETE 0x0200
+#define SMB2_SHAREFLAG_ALLOW_NAMESPACE_CACHING 0x0400
+#define SMB2_SHAREFLAG_ACCESS_BASED_DIRECTORY_ENUM 0x0800
+#define SMB2_SHAREFLAG_ALL 0x0F33
+
+/* SMB2 create security flags */
+#define SMB2_SECURITY_DYNAMIC_TRACKING 0x01
+#define SMB2_SECURITY_EFFECTIVE_ONLY 0x02
+
+/* SMB2 requested oplock levels */
+#define SMB2_OPLOCK_LEVEL_NONE 0x00
+#define SMB2_OPLOCK_LEVEL_II 0x01
+#define SMB2_OPLOCK_LEVEL_EXCLUSIVE 0x08
+#define SMB2_OPLOCK_LEVEL_BATCH 0x09
+#define SMB2_OPLOCK_LEVEL_LEASE 0xFF
+
+/* SMB2 lease bits */
+#define SMB2_LEASE_NONE 0x00
+#define SMB2_LEASE_READ 0x01
+#define SMB2_LEASE_HANDLE 0x02
+#define SMB2_LEASE_WRITE 0x04
+
+/* SMB2 lease break flags */
+#define SMB2_NOTIFY_BREAK_LEASE_FLAG_ACK_REQUIRED 0x01
+
+/* SMB2 impersonation levels */
+#define SMB2_IMPERSONATION_ANONYMOUS 0x00
+#define SMB2_IMPERSONATION_IDENTIFICATION 0x01
+#define SMB2_IMPERSONATION_IMPERSONATION 0x02
+#define SMB2_IMPERSONATION_DELEGATE 0x03
+
+/* SMB2 create tags */
+#define SMB2_CREATE_TAG_EXTA "ExtA"
+#define SMB2_CREATE_TAG_MXAC "MxAc"
+#define SMB2_CREATE_TAG_SECD "SecD"
+#define SMB2_CREATE_TAG_DHNQ "DHnQ"
+#define SMB2_CREATE_TAG_DHNC "DHnC"
+#define SMB2_CREATE_TAG_ALSI "AlSi"
+#define SMB2_CREATE_TAG_TWRP "TWrp"
+#define SMB2_CREATE_TAG_QFID "QFid"
+#define SMB2_CREATE_TAG_RQLS "RqLs"
+
+/* SMB2 Create ignore some more create_options */
+#define SMB2_CREATE_OPTIONS_NOT_SUPPORTED_MASK (NTCREATEX_OPTIONS_TREE_CONNECTION | \
+ NTCREATEX_OPTIONS_OPFILTER)
+
/*
check that a body has the expected size
*/
return NT_STATUS_INVALID_PARAMETER; \
} \
} while (0)
+
+#endif