source3/libsmb/unexpected.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    handle unexpected packets
   4    Copyright (C) Andrew Tridgell 2000
   5
   6    This program is free software; you can redistribute it and/or modify
   7    it under the terms of the GNU General Public License as published by
   8    the Free Software Foundation; either version 3 of the License, or
   9    (at your option) any later version.
  10
  11    This program is distributed in the hope that it will be useful,
  12    but WITHOUT ANY WARRANTY; without even the implied warranty of
  13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14    GNU General Public License for more details.
  15
  16    You should have received a copy of the GNU General Public License
  17    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18
  19 */
  20
  21 #include "includes.h"
  22 #include "../lib/util/tevent_ntstatus.h"
  23 #include "lib/async_req/async_sock.h"
  24 #include "libsmb/nmblib.h"
  25
  26 static const char *nmbd_socket_dir(void)
  27 {
  28         return lp_parm_const_string(-1, "nmbd", "socket dir",
  29                                     get_dyn_NMBDSOCKETDIR());
  30 }
  31
  32 struct nb_packet_query {
  33         enum packet_type type;
  34         size_t mailslot_namelen;
  35         int trn_id;
  36 };
  37
  38 struct nb_packet_client;
  39
  40 struct nb_packet_server {
  41         struct tevent_context *ev;
  42         int listen_sock;
  43         int max_clients;
  44         int num_clients;
  45         struct nb_packet_client *clients;
  46 };
  47
  48 struct nb_packet_client {
  49         struct nb_packet_client *prev, *next;
  50         struct nb_packet_server *server;
  51
  52         enum packet_type type;
  53         int trn_id;
  54         char *mailslot_name;
  55
  56         int sock;
  57         struct tevent_req *read_req;
  58         struct tevent_queue *out_queue;
  59 };
  60
  61 static int nb_packet_server_destructor(struct nb_packet_server *s);
  62 static void nb_packet_server_listener(struct tevent_context *ev,
  63                                       struct tevent_fd *fde,
  64                                       uint16_t flags,
  65                                       void *private_data);
  66
  67 NTSTATUS nb_packet_server_create(TALLOC_CTX *mem_ctx,
  68                                  struct tevent_context *ev,
  69                                  int max_clients,
  70                                  struct nb_packet_server **presult)
  71 {
  72         struct nb_packet_server *result;
  73         struct tevent_fd *fde;
  74         NTSTATUS status;
  75         int rc;
  76
  77         result = talloc_zero(mem_ctx, struct nb_packet_server);
  78         if (result == NULL) {
  79                 status = NT_STATUS_NO_MEMORY;
  80                 goto fail;
  81         }
  82         result->ev = ev;
  83         result->max_clients = max_clients;
  84
  85         result->listen_sock = create_pipe_sock(
  86                 nmbd_socket_dir(), "unexpected", 0755);
  87         if (result->listen_sock == -1) {
  88                 status = map_nt_error_from_unix(errno);
  89                 goto fail;
  90         }
  91         rc = listen(result->listen_sock, 5);
  92         if (rc < 0) {
  93                 status = map_nt_error_from_unix(errno);
  94                 goto fail;
  95         }
  96         talloc_set_destructor(result, nb_packet_server_destructor);
  97
  98         fde = tevent_add_fd(ev, result, result->listen_sock, TEVENT_FD_READ,
  99                             nb_packet_server_listener, result);
 100         if (fde == NULL) {
 101                 status = NT_STATUS_NO_MEMORY;
 102                 goto fail;
 103         }
 104
 105         *presult = result;
 106         return NT_STATUS_OK;
 107 fail:
 108         TALLOC_FREE(result);
 109         return status;
 110 }
 111
 112 static int nb_packet_server_destructor(struct nb_packet_server *s)
 113 {
 114         if (s->listen_sock != -1) {
 115                 close(s->listen_sock);
 116                 s->listen_sock = -1;
 117         }
 118         return 0;
 119 }
 120
 121 static int nb_packet_client_destructor(struct nb_packet_client *c);
 122 static ssize_t nb_packet_client_more(uint8_t *buf, size_t buflen,
 123                                      void *private_data);
 124 static void nb_packet_got_query(struct tevent_req *req);
 125 static void nb_packet_client_read_done(struct tevent_req *req);
 126
 127 static void nb_packet_server_listener(struct tevent_context *ev,
 128                                       struct tevent_fd *fde,
 129                                       uint16_t flags,
 130                                       void *private_data)
 131 {
 132         struct nb_packet_server *server = talloc_get_type_abort(
 133                 private_data, struct nb_packet_server);
 134         struct nb_packet_client *client;
 135         struct tevent_req *req;
 136         struct sockaddr_un sunaddr;
 137         socklen_t len;
 138         int sock;
 139
 140         len = sizeof(sunaddr);
 141
 142         sock = accept(server->listen_sock, (struct sockaddr *)(void *)&sunaddr,
 143                       &len);
 144         if (sock == -1) {
 145                 return;
 146         }
 147         DEBUG(6,("accepted socket %d\n", sock));
 148
 149         client = talloc_zero(server, struct nb_packet_client);
 150         if (client == NULL) {
 151                 DEBUG(10, ("talloc failed\n"));
 152                 close(sock);
 153                 return;
 154         }
 155         client->sock = sock;
 156         client->server = server;
 157         talloc_set_destructor(client, nb_packet_client_destructor);
 158
 159         client->out_queue = tevent_queue_create(
 160                 client, "unexpected packet output");
 161         if (client->out_queue == NULL) {
 162                 DEBUG(10, ("tevent_queue_create failed\n"));
 163                 TALLOC_FREE(client);
 164                 return;
 165         }
 166
 167         req = read_packet_send(client, ev, client->sock,
 168                                sizeof(struct nb_packet_query),
 169                                nb_packet_client_more, NULL);
 170         if (req == NULL) {
 171                 DEBUG(10, ("read_packet_send failed\n"));
 172                 TALLOC_FREE(client);
 173                 return;
 174         }
 175         tevent_req_set_callback(req, nb_packet_got_query, client);
 176
 177         DLIST_ADD(server->clients, client);
 178         server->num_clients += 1;
 179
 180         if (server->num_clients > server->max_clients) {
 181                 DEBUG(10, ("Too many clients, dropping oldest\n"));
 182
 183                 /*
 184                  * no TALLOC_FREE here, don't mess with the list structs
 185                  */
 186                 talloc_free(server->clients->prev);
 187         }
 188 }
 189
 190 static ssize_t nb_packet_client_more(uint8_t *buf, size_t buflen,
 191                                      void *private_data)
 192 {
 193         struct nb_packet_query q;
 194         if (buflen > sizeof(struct nb_packet_query)) {
 195                 return 0;
 196         }
 197         /* Take care of alignment */
 198         memcpy(&q, buf, sizeof(q));
 199         if (q.mailslot_namelen > 1024) {
 200                 DEBUG(10, ("Got invalid mailslot namelen %d\n",
 201                            (int)q.mailslot_namelen));
 202                 return -1;
 203         }
 204         return q.mailslot_namelen;
 205 }
 206
 207 static int nb_packet_client_destructor(struct nb_packet_client *c)
 208 {
 209         if (c->sock != -1) {
 210                 close(c->sock);
 211                 c->sock = -1;
 212         }
 213         DLIST_REMOVE(c->server->clients, c);
 214         c->server->num_clients -= 1;
 215         return 0;
 216 }
 217
 218 static void nb_packet_got_query(struct tevent_req *req)
 219 {
 220         struct nb_packet_client *client = tevent_req_callback_data(
 221                 req, struct nb_packet_client);
 222         struct nb_packet_query q;
 223         uint8_t *buf;
 224         ssize_t nread, nwritten;
 225         int err;
 226         char c;
 227
 228         nread = read_packet_recv(req, talloc_tos(), &buf, &err);
 229         TALLOC_FREE(req);
 230         if (nread < (ssize_t)sizeof(struct nb_packet_query)) {
 231                 DEBUG(10, ("read_packet_recv returned %d (%s)\n",
 232                            (int)nread,
 233                            (nread == -1) ? strerror(err) : "wrong length"));
 234                 TALLOC_FREE(client);
 235                 return;
 236         }
 237
 238         /* Take care of alignment */
 239         memcpy(&q, buf, sizeof(q));
 240
 241         if (nread != sizeof(struct nb_packet_query) + q.mailslot_namelen) {
 242                 DEBUG(10, ("nb_packet_got_query: Invalid mailslot namelength\n"));
 243                 TALLOC_FREE(client);
 244                 return;
 245         }
 246
 247         client->trn_id = q.trn_id;
 248         client->type = q.type;
 249         if (q.mailslot_namelen > 0) {
 250                 client->mailslot_name = talloc_strndup(
 251                         client, (char *)buf + sizeof(q),
 252                         q.mailslot_namelen);
 253                 if (client->mailslot_name == NULL) {
 254                         TALLOC_FREE(client);
 255                         return;
 256                 }
 257         }
 258
 259         /*
 260          * Yes, this is a blocking write of 1 byte into a unix
 261          * domain socket that has never been written to. Highly
 262          * unlikely that this actually blocks.
 263          */
 264         c = 0;
 265         nwritten = sys_write(client->sock, &c, sizeof(c));
 266         if (nwritten != sizeof(c)) {
 267                 DEBUG(10, ("Could not write success indicator to client: %s\n",
 268                            strerror(errno)));
 269                 TALLOC_FREE(client);
 270                 return;
 271         }
 272
 273         client->read_req = read_packet_send(client, client->server->ev,
 274                                             client->sock, 1, NULL, NULL);
 275         if (client->read_req == NULL) {
 276                 DEBUG(10, ("Could not activate reader for client exit "
 277                            "detection\n"));
 278                 TALLOC_FREE(client);
 279                 return;
 280         }
 281         tevent_req_set_callback(client->read_req, nb_packet_client_read_done,
 282                                 client);
 283 }
 284
 285 static void nb_packet_client_read_done(struct tevent_req *req)
 286 {
 287         struct nb_packet_client *client = tevent_req_callback_data(
 288                 req, struct nb_packet_client);
 289         ssize_t nread;
 290         uint8_t *buf;
 291         int err;
 292
 293         nread = read_packet_recv(req, talloc_tos(), &buf, &err);
 294         TALLOC_FREE(req);
 295         if (nread == 1) {
 296                 DEBUG(10, ("Protocol error, received data on write-only "
 297                            "unexpected socket: 0x%2.2x\n", (*buf)));
 298         }
 299         TALLOC_FREE(client);
 300 }
 301
 302 static void nb_packet_client_send(struct nb_packet_client *client,
 303                                   struct packet_struct *p);
 304
 305 void nb_packet_dispatch(struct nb_packet_server *server,
 306                         struct packet_struct *p)
 307 {
 308         struct nb_packet_client *c;
 309         uint16_t trn_id;
 310
 311         switch (p->packet_type) {
 312         case NMB_PACKET:
 313                 trn_id = p->packet.nmb.header.name_trn_id;
 314                 break;
 315         case DGRAM_PACKET:
 316                 trn_id = p->packet.dgram.header.dgm_id;
 317                 break;
 318         default:
 319                 DEBUG(10, ("Got invalid packet type %d\n",
 320                            (int)p->packet_type));
 321                 return;
 322         }
 323         for (c = server->clients; c != NULL; c = c->next) {
 324
 325                 if (c->type != p->packet_type) {
 326                         DEBUG(10, ("client expects packet %d, got %d\n",
 327                                    c->type, p->packet_type));
 328                         continue;
 329                 }
 330
 331                 if (p->packet_type == NMB_PACKET) {
 332                         /*
 333                          * See if the client specified transaction
 334                          * ID. Filter if it did.
 335                          */
 336                         if ((c->trn_id != -1) &&
 337                             (c->trn_id != trn_id)) {
 338                                 DEBUG(10, ("client expects trn %d, got %d\n",
 339                                            c->trn_id, trn_id));
 340                                 continue;
 341                         }
 342                 } else {
 343                         /*
 344                          * See if the client specified a mailslot
 345                          * name. Filter if it did.
 346                          */
 347                         if ((c->mailslot_name != NULL) &&
 348                             !match_mailslot_name(p, c->mailslot_name)) {
 349                                 continue;
 350                         }
 351                 }
 352                 nb_packet_client_send(c, p);
 353         }
 354 }
 355
 356 struct nb_packet_client_header {
 357         size_t len;
 358         enum packet_type type;
 359         time_t timestamp;
 360         struct in_addr ip;
 361         int port;
 362 };
 363
 364 struct nb_packet_client_state {
 365         struct nb_packet_client *client;
 366         struct iovec iov[2];
 367         struct nb_packet_client_header hdr;
 368         char buf[1024];
 369 };
 370
 371 static void nb_packet_client_send_done(struct tevent_req *req);
 372
 373 static void nb_packet_client_send(struct nb_packet_client *client,
 374                                   struct packet_struct *p)
 375 {
 376         struct nb_packet_client_state *state;
 377         struct tevent_req *req;
 378
 379         if (tevent_queue_length(client->out_queue) > 10) {
 380                 /*
 381                  * Skip clients that don't listen anyway, some form of DoS
 382                  * protection
 383                  */
 384                 return;
 385         }
 386
 387         state = talloc_zero(client, struct nb_packet_client_state);
 388         if (state == NULL) {
 389                 DEBUG(10, ("talloc failed\n"));
 390                 return;
 391         }
 392
 393         state->client = client;
 394
 395         state->hdr.ip = p->ip;
 396         state->hdr.port = p->port;
 397         state->hdr.timestamp = p->timestamp;
 398         state->hdr.type = p->packet_type;
 399         state->hdr.len = build_packet(state->buf, sizeof(state->buf), p);
 400
 401         state->iov[0].iov_base = (char *)&state->hdr;
 402         state->iov[0].iov_len = sizeof(state->hdr);
 403         state->iov[1].iov_base = state->buf;
 404         state->iov[1].iov_len = state->hdr.len;
 405
 406         TALLOC_FREE(client->read_req);
 407
 408         req = writev_send(client, client->server->ev, client->out_queue,
 409                           client->sock, true, state->iov, 2);
 410         if (req == NULL) {
 411                 DEBUG(10, ("writev_send failed\n"));
 412                 return;
 413         }
 414         tevent_req_set_callback(req, nb_packet_client_send_done, state);
 415 }
 416
 417 static void nb_packet_client_send_done(struct tevent_req *req)
 418 {
 419         struct nb_packet_client_state *state = tevent_req_callback_data(
 420                 req, struct nb_packet_client_state);
 421         struct nb_packet_client *client = state->client;
 422         ssize_t nwritten;
 423         int err;
 424
 425         nwritten = writev_recv(req, &err);
 426
 427         TALLOC_FREE(req);
 428         TALLOC_FREE(state);
 429
 430         if (nwritten == -1) {
 431                 DEBUG(10, ("writev failed: %s\n", strerror(err)));
 432                 TALLOC_FREE(client);
 433         }
 434
 435         if (tevent_queue_length(client->out_queue) == 0) {
 436                 client->read_req = read_packet_send(client, client->server->ev,
 437                                                     client->sock, 1,
 438                                                     NULL, NULL);
 439                 if (client->read_req == NULL) {
 440                         DEBUG(10, ("Could not activate reader for client exit "
 441                                    "detection\n"));
 442                         TALLOC_FREE(client);
 443                         return;
 444                 }
 445                 tevent_req_set_callback(client->read_req,
 446                                         nb_packet_client_read_done,
 447                                         client);
 448         }
 449 }
 450
 451 struct nb_packet_reader {
 452         int sock;
 453 };
 454
 455 struct nb_packet_reader_state {
 456         struct tevent_context *ev;
 457         struct sockaddr_un addr;
 458         struct nb_packet_query query;
 459         const char *mailslot_name;
 460         struct iovec iov[2];
 461         char c;
 462         struct nb_packet_reader *reader;
 463 };
 464
 465 static int nb_packet_reader_destructor(struct nb_packet_reader *r);
 466 static void nb_packet_reader_connected(struct tevent_req *subreq);
 467 static void nb_packet_reader_sent_query(struct tevent_req *subreq);
 468 static void nb_packet_reader_got_ack(struct tevent_req *subreq);
 469
 470 struct tevent_req *nb_packet_reader_send(TALLOC_CTX *mem_ctx,
 471                                          struct tevent_context *ev,
 472                                          enum packet_type type,
 473                                          int trn_id,
 474                                          const char *mailslot_name)
 475 {
 476         struct tevent_req *req, *subreq;
 477         struct nb_packet_reader_state *state;
 478         char *path;
 479
 480         req = tevent_req_create(mem_ctx, &state,
 481                                 struct nb_packet_reader_state);
 482         if (req == NULL) {
 483                 return NULL;
 484         }
 485         state->ev = ev;
 486         state->query.trn_id = trn_id;
 487         state->query.type = type;
 488         state->mailslot_name = mailslot_name;
 489
 490         if (mailslot_name != NULL) {
 491                 state->query.mailslot_namelen = strlen(mailslot_name);
 492         }
 493
 494         state->reader = talloc_zero(state, struct nb_packet_reader);
 495         if (tevent_req_nomem(state->reader, req)) {
 496                 return tevent_req_post(req, ev);
 497         }
 498
 499         path = talloc_asprintf(talloc_tos(), "%s/%s", nmbd_socket_dir(),
 500                                "unexpected");
 501         if (tevent_req_nomem(path, req)) {
 502                 return tevent_req_post(req, ev);
 503         }
 504         state->addr.sun_family = AF_UNIX;
 505         strlcpy(state->addr.sun_path, path, sizeof(state->addr.sun_path));
 506         TALLOC_FREE(path);
 507
 508         state->reader->sock = socket(AF_UNIX, SOCK_STREAM, 0);
 509         if (state->reader->sock == -1) {
 510                 tevent_req_nterror(req, map_nt_error_from_unix(errno));
 511                 return tevent_req_post(req, ev);
 512         }
 513         talloc_set_destructor(state->reader, nb_packet_reader_destructor);
 514
 515         subreq = async_connect_send(state, ev, state->reader->sock,
 516                                     (struct sockaddr *)(void *)&state->addr,
 517                                     sizeof(state->addr), NULL, NULL, NULL);
 518         if (tevent_req_nomem(subreq, req)) {
 519                 return tevent_req_post(req, ev);
 520         }
 521         tevent_req_set_callback(subreq, nb_packet_reader_connected, req);
 522         return req;
 523 }
 524
 525 static int nb_packet_reader_destructor(struct nb_packet_reader *r)
 526 {
 527         if (r->sock != -1) {
 528                 close(r->sock);
 529                 r->sock = -1;
 530         }
 531         return 0;
 532 }
 533
 534 static void nb_packet_reader_connected(struct tevent_req *subreq)
 535 {
 536         struct tevent_req *req = tevent_req_callback_data(
 537                 subreq, struct tevent_req);
 538         struct nb_packet_reader_state *state = tevent_req_data(
 539                 req, struct nb_packet_reader_state);
 540         int res, err;
 541         int num_iovecs = 1;
 542
 543         res = async_connect_recv(subreq, &err);
 544         TALLOC_FREE(subreq);
 545         if (res == -1) {
 546                 DEBUG(10, ("async_connect failed: %s\n", strerror(err)));
 547                 tevent_req_nterror(req, map_nt_error_from_unix(err));
 548                 return;
 549         }
 550
 551         state->iov[0].iov_base = (char *)&state->query;
 552         state->iov[0].iov_len = sizeof(state->query);
 553
 554         if (state->mailslot_name != NULL) {
 555                 num_iovecs = 2;
 556                 state->iov[1].iov_base = discard_const_p(
 557                         char, state->mailslot_name);
 558                 state->iov[1].iov_len = state->query.mailslot_namelen;
 559         }
 560
 561         subreq = writev_send(state, state->ev, NULL, state->reader->sock,
 562                              true, state->iov, num_iovecs);
 563         if (tevent_req_nomem(subreq, req)) {
 564                 return;
 565         }
 566         tevent_req_set_callback(subreq, nb_packet_reader_sent_query, req);
 567 }
 568
 569 static void nb_packet_reader_sent_query(struct tevent_req *subreq)
 570 {
 571         struct tevent_req *req = tevent_req_callback_data(
 572                 subreq, struct tevent_req);
 573         struct nb_packet_reader_state *state = tevent_req_data(
 574                 req, struct nb_packet_reader_state);
 575         ssize_t written;
 576         int err;
 577
 578         written = writev_recv(subreq, &err);
 579         TALLOC_FREE(subreq);
 580         if (written == -1) {
 581                 tevent_req_nterror(req, map_nt_error_from_unix(err));
 582                 return;
 583         }
 584         if (written != sizeof(state->query) + state->query.mailslot_namelen) {
 585                 tevent_req_nterror(req, NT_STATUS_UNEXPECTED_IO_ERROR);
 586                 return;
 587         }
 588         subreq = read_packet_send(state, state->ev, state->reader->sock,
 589                                   sizeof(state->c), NULL, NULL);
 590         if (tevent_req_nomem(subreq, req)) {
 591                 return;
 592         }
 593         tevent_req_set_callback(subreq, nb_packet_reader_got_ack, req);
 594 }
 595
 596 static void nb_packet_reader_got_ack(struct tevent_req *subreq)
 597 {
 598         struct tevent_req *req = tevent_req_callback_data(
 599                 subreq, struct tevent_req);
 600         struct nb_packet_reader_state *state = tevent_req_data(
 601                 req, struct nb_packet_reader_state);
 602         ssize_t nread;
 603         int err;
 604         uint8_t *buf;
 605
 606         nread = read_packet_recv(subreq, state, &buf, &err);
 607         TALLOC_FREE(subreq);
 608         if (nread == -1) {
 609                 DEBUG(10, ("read_packet_recv returned %s\n",
 610                            strerror(err)));
 611                 tevent_req_nterror(req, map_nt_error_from_unix(err));
 612                 return;
 613         }
 614         if (nread != sizeof(state->c)) {
 615                 DEBUG(10, ("read = %d, expected %d\n", (int)nread,
 616                            (int)sizeof(state->c)));
 617                 tevent_req_nterror(req, NT_STATUS_UNEXPECTED_IO_ERROR);
 618                 return;
 619         }
 620         tevent_req_done(req);
 621 }
 622
 623 NTSTATUS nb_packet_reader_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
 624                                struct nb_packet_reader **preader)
 625 {
 626         struct nb_packet_reader_state *state = tevent_req_data(
 627                 req, struct nb_packet_reader_state);
 628         NTSTATUS status;
 629
 630         if (tevent_req_is_nterror(req, &status)) {
 631                 return status;
 632         }
 633         *preader = talloc_move(mem_ctx, &state->reader);
 634         return NT_STATUS_OK;
 635 }
 636
 637 struct nb_packet_read_state {
 638         struct nb_packet_client_header hdr;
 639         uint8_t *buf;
 640         size_t buflen;
 641 };
 642
 643 static ssize_t nb_packet_read_more(uint8_t *buf, size_t buflen, void *p);
 644 static void nb_packet_read_done(struct tevent_req *subreq);
 645
 646 struct tevent_req *nb_packet_read_send(TALLOC_CTX *mem_ctx,
 647                                        struct tevent_context *ev,
 648                                        struct nb_packet_reader *reader)
 649 {
 650         struct tevent_req *req, *subreq;
 651         struct nb_packet_read_state *state;
 652
 653         req = tevent_req_create(mem_ctx, &state, struct nb_packet_read_state);
 654         if (req == NULL) {
 655                 return NULL;
 656         }
 657         subreq = read_packet_send(state, ev, reader->sock,
 658                                   sizeof(struct nb_packet_client_header),
 659                                   nb_packet_read_more, state);
 660         if (tevent_req_nomem(subreq, req)) {
 661                 return tevent_req_post(req, ev);
 662         }
 663         tevent_req_set_callback(subreq, nb_packet_read_done, req);
 664         return req;
 665 }
 666
 667 static ssize_t nb_packet_read_more(uint8_t *buf, size_t buflen, void *p)
 668 {
 669         struct nb_packet_read_state *state = talloc_get_type_abort(
 670                 p, struct nb_packet_read_state);
 671
 672         if (buflen > sizeof(struct nb_packet_client_header)) {
 673                 /*
 674                  * Been here, done
 675                  */
 676                 return 0;
 677         }
 678         memcpy(&state->hdr, buf, sizeof(struct nb_packet_client_header));
 679         return state->hdr.len;
 680 }
 681
 682 static void nb_packet_read_done(struct tevent_req *subreq)
 683 {
 684         struct tevent_req *req = tevent_req_callback_data(
 685                 subreq, struct tevent_req);
 686         struct nb_packet_read_state *state = tevent_req_data(
 687                 req, struct nb_packet_read_state);
 688         ssize_t nread;
 689         int err;
 690
 691         nread = read_packet_recv(subreq, state, &state->buf, &err);
 692         if (nread == -1) {
 693                 tevent_req_nterror(req, map_nt_error_from_unix(err));
 694                 return;
 695         }
 696         state->buflen = nread;
 697         tevent_req_done(req);
 698 }
 699
 700 NTSTATUS nb_packet_read_recv(struct tevent_req *req,
 701                              struct packet_struct **ppacket)
 702 {
 703         struct nb_packet_read_state *state = tevent_req_data(
 704                 req, struct nb_packet_read_state);
 705         struct nb_packet_client_header hdr;
 706         struct packet_struct *packet;
 707         NTSTATUS status;
 708
 709         if (tevent_req_is_nterror(req, &status)) {
 710                 return status;
 711         }
 712
 713         memcpy(&hdr, state->buf, sizeof(hdr));
 714
 715         packet = parse_packet(
 716                 (char *)state->buf + sizeof(struct nb_packet_client_header),
 717                 state->buflen - sizeof(struct nb_packet_client_header),
 718                 state->hdr.type, state->hdr.ip, state->hdr.port);
 719         if (packet == NULL) {
 720                 return NT_STATUS_INVALID_NETWORK_RESPONSE;
 721         }
 722         *ppacket = packet;
 723         return NT_STATUS_OK;
 724 }