2 Unix SMB/CIFS implementation.
3 default IPC$ NTVFS backend
5 Copyright (C) Andrew Tridgell 2003
6 Copyright (C) Stefan (metze) Metzmacher 2004-2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 this implements the IPC$ backend, called by the NTVFS subsystem to
23 handle requests on IPC$ shares
28 #include "../lib/util/dlinklist.h"
29 #include "ntvfs/ntvfs.h"
30 #include "../librpc/gen_ndr/rap.h"
31 #include "ntvfs/ipc/proto.h"
32 #include "libcli/raw/ioctl.h"
33 #include "param/param.h"
34 #include "../lib/tsocket/tsocket.h"
35 #include "../libcli/named_pipe_auth/npa_tstream.h"
36 #include "auth/auth.h"
37 #include "auth/auth_sam_reply.h"
38 #include "lib/socket/socket.h"
39 #include "auth/credentials/credentials.h"
40 #include "auth/credentials/credentials_krb5.h"
41 #include <gssapi/gssapi.h>
42 #include "system/locale.h"
44 /* this is the private structure used to keep the state of an open
45 ipc$ connection. It needs to keep information about all open
48 struct ntvfs_module_context *ntvfs;
50 /* a list of open pipes */
52 struct pipe_state *next, *prev;
53 struct ipc_private *ipriv;
54 const char *pipe_name;
55 struct ntvfs_handle *handle;
56 struct tstream_context *npipe;
58 uint16_t device_state;
59 uint64_t allocation_size;
60 struct tevent_queue *write_queue;
61 struct tevent_queue *read_queue;
67 find a open pipe give a file handle
69 static struct pipe_state *pipe_state_find(struct ipc_private *ipriv, struct ntvfs_handle *handle)
74 p = ntvfs_handle_get_backend_data(handle, ipriv->ntvfs);
77 s = talloc_get_type(p, struct pipe_state);
84 find a open pipe give a wire fnum
86 static struct pipe_state *pipe_state_find_key(struct ipc_private *ipriv, struct ntvfs_request *req, const DATA_BLOB *key)
88 struct ntvfs_handle *h;
90 h = ntvfs_handle_search_by_wire_key(ipriv->ntvfs, req, key);
93 return pipe_state_find(ipriv, h);
98 connect to a share - always works
100 static NTSTATUS ipc_connect(struct ntvfs_module_context *ntvfs,
101 struct ntvfs_request *req,
102 union smb_tcon* tcon)
104 struct ipc_private *ipriv;
105 const char *sharename;
107 switch (tcon->generic.level) {
109 sharename = tcon->tcon.in.service;
112 sharename = tcon->tconx.in.path;
115 sharename = tcon->smb2.in.path;
118 return NT_STATUS_INVALID_LEVEL;
121 if (strncmp(sharename, "\\\\", 2) == 0) {
122 char *p = strchr(sharename+2, '\\');
128 ntvfs->ctx->fs_type = talloc_strdup(ntvfs->ctx, "IPC");
129 NT_STATUS_HAVE_NO_MEMORY(ntvfs->ctx->fs_type);
131 ntvfs->ctx->dev_type = talloc_strdup(ntvfs->ctx, "IPC");
132 NT_STATUS_HAVE_NO_MEMORY(ntvfs->ctx->dev_type);
134 if (tcon->generic.level == RAW_TCON_TCONX) {
135 tcon->tconx.out.fs_type = ntvfs->ctx->fs_type;
136 tcon->tconx.out.dev_type = ntvfs->ctx->dev_type;
139 /* prepare the private state for this connection */
140 ipriv = talloc(ntvfs, struct ipc_private);
141 NT_STATUS_HAVE_NO_MEMORY(ipriv);
143 ntvfs->private_data = ipriv;
145 ipriv->ntvfs = ntvfs;
146 ipriv->pipe_list = NULL;
152 disconnect from a share
154 static NTSTATUS ipc_disconnect(struct ntvfs_module_context *ntvfs)
162 static NTSTATUS ipc_unlink(struct ntvfs_module_context *ntvfs,
163 struct ntvfs_request *req,
164 union smb_unlink *unl)
166 return NT_STATUS_ACCESS_DENIED;
170 check if a directory exists
172 static NTSTATUS ipc_chkpath(struct ntvfs_module_context *ntvfs,
173 struct ntvfs_request *req,
174 union smb_chkpath *cp)
176 return NT_STATUS_ACCESS_DENIED;
180 return info on a pathname
182 static NTSTATUS ipc_qpathinfo(struct ntvfs_module_context *ntvfs,
183 struct ntvfs_request *req, union smb_fileinfo *info)
185 switch (info->generic.level) {
186 case RAW_FILEINFO_GENERIC:
187 return NT_STATUS_INVALID_DEVICE_REQUEST;
188 case RAW_FILEINFO_GETATTR:
189 return NT_STATUS_ACCESS_DENIED;
191 return ntvfs_map_qpathinfo(ntvfs, req, info);
196 set info on a pathname
198 static NTSTATUS ipc_setpathinfo(struct ntvfs_module_context *ntvfs,
199 struct ntvfs_request *req, union smb_setfileinfo *st)
201 return NT_STATUS_ACCESS_DENIED;
206 destroy a open pipe structure
208 static int ipc_fd_destructor(struct pipe_state *p)
210 DLIST_REMOVE(p->ipriv->pipe_list, p);
211 ntvfs_handle_remove_backend_data(p->handle, p->ipriv->ntvfs);
215 struct ipc_open_state {
216 struct ipc_private *ipriv;
217 struct pipe_state *p;
218 struct ntvfs_request *req;
220 struct netr_SamInfo3 *info3;
223 static void ipc_open_done(struct tevent_req *subreq);
226 check the pipename is valid
228 static NTSTATUS validate_pipename(const char *name)
231 if (!isalnum(*name) && *name != '_') {
232 return NT_STATUS_INVALID_PARAMETER;
240 open a file - used for MSRPC pipes
242 static NTSTATUS ipc_open(struct ntvfs_module_context *ntvfs,
243 struct ntvfs_request *req, union smb_open *oi)
246 struct pipe_state *p;
247 struct ipc_private *ipriv = talloc_get_type_abort(ntvfs->private_data,
249 struct ntvfs_handle *h;
250 struct ipc_open_state *state;
251 struct tevent_req *subreq;
253 const char *directory;
254 const struct tsocket_address *client_addr;
255 const struct tsocket_address *server_addr;
257 DATA_BLOB delegated_creds = data_blob_null;
258 struct auth_user_info_dc user_info_dc;
260 switch (oi->generic.level) {
261 case RAW_OPEN_NTCREATEX:
262 case RAW_OPEN_NTTRANS_CREATE:
263 fname = oi->ntcreatex.in.fname;
266 fname = oi->openx.in.fname;
269 fname = oi->smb2.in.fname;
272 return NT_STATUS_NOT_SUPPORTED;
275 directory = talloc_asprintf(req, "%s/np",
276 lpcfg_ncalrpc_dir(ipriv->ntvfs->ctx->lp_ctx));
277 NT_STATUS_HAVE_NO_MEMORY(directory);
279 state = talloc(req, struct ipc_open_state);
280 NT_STATUS_HAVE_NO_MEMORY(state);
282 status = ntvfs_handle_new(ntvfs, req, &h);
283 NT_STATUS_NOT_OK_RETURN(status);
285 p = talloc(h, struct pipe_state);
286 NT_STATUS_HAVE_NO_MEMORY(p);
288 while (fname[0] == '\\') fname++;
290 /* check for valid characters in name */
291 fname = strlower_talloc(p, fname);
293 status = validate_pipename(fname);
294 NT_STATUS_NOT_OK_RETURN(status);
296 p->pipe_name = talloc_asprintf(p, "\\pipe\\%s", fname);
297 NT_STATUS_HAVE_NO_MEMORY(p->pipe_name);
302 p->write_queue = tevent_queue_create(p, "ipc_write_queue");
303 NT_STATUS_HAVE_NO_MEMORY(p->write_queue);
305 p->read_queue = tevent_queue_create(p, "ipc_read_queue");
306 NT_STATUS_HAVE_NO_MEMORY(p->read_queue);
308 state->ipriv = ipriv;
313 /* Disgusting hack to recreate the user_info_dc that should
314 * not be used that this layer in this way */
315 ZERO_STRUCT(user_info_dc);
316 user_info_dc.info = req->session_info->info;
317 user_info_dc.num_sids = req->session_info->torture->num_dc_sids;
318 user_info_dc.sids = req->session_info->torture->dc_sids;
320 status = auth_convert_user_info_dc_saminfo3(state,
323 NT_STATUS_NOT_OK_RETURN(status);
325 client_addr = ntvfs_get_local_address(ipriv->ntvfs);
326 server_addr = ntvfs_get_remote_address(ipriv->ntvfs);
328 if (req->session_info->credentials) {
329 struct gssapi_creds_container *gcc;
331 OM_uint32 minor_status;
332 gss_buffer_desc cred_token;
333 const char *error_string;
335 ret = cli_credentials_get_client_gss_creds(req->session_info->credentials,
336 ipriv->ntvfs->ctx->event_ctx,
337 ipriv->ntvfs->ctx->lp_ctx,
338 &gcc, &error_string);
343 gret = gss_export_cred(&minor_status,
346 if (gret != GSS_S_COMPLETE) {
347 return NT_STATUS_INTERNAL_ERROR;
350 if (cred_token.length) {
351 delegated_creds = data_blob_talloc(req,
354 gss_release_buffer(&minor_status, &cred_token);
355 NT_STATUS_HAVE_NO_MEMORY(delegated_creds.data);
361 subreq = tstream_npa_connect_send(p,
362 ipriv->ntvfs->ctx->event_ctx,
370 req->session_info->session_key,
372 NT_STATUS_HAVE_NO_MEMORY(subreq);
373 tevent_req_set_callback(subreq, ipc_open_done, state);
375 req->async_states->state |= NTVFS_ASYNC_STATE_ASYNC;
379 static void ipc_open_done(struct tevent_req *subreq)
381 struct ipc_open_state *state = tevent_req_callback_data(subreq,
382 struct ipc_open_state);
383 struct ipc_private *ipriv = state->ipriv;
384 struct pipe_state *p = state->p;
385 struct ntvfs_request *req = state->req;
386 union smb_open *oi = state->oi;
391 ret = tstream_npa_connect_recv(subreq, &sys_errno,
395 &p->allocation_size);
398 status = map_nt_error_from_unix(sys_errno);
402 DLIST_ADD(ipriv->pipe_list, p);
403 talloc_set_destructor(p, ipc_fd_destructor);
405 status = ntvfs_handle_set_backend_data(p->handle, ipriv->ntvfs, p);
406 if (!NT_STATUS_IS_OK(status)) {
410 switch (oi->generic.level) {
411 case RAW_OPEN_NTCREATEX:
412 ZERO_STRUCT(oi->ntcreatex.out);
413 oi->ntcreatex.out.file.ntvfs = p->handle;
414 oi->ntcreatex.out.oplock_level = 0;
415 oi->ntcreatex.out.create_action = NTCREATEX_ACTION_EXISTED;
416 oi->ntcreatex.out.create_time = 0;
417 oi->ntcreatex.out.access_time = 0;
418 oi->ntcreatex.out.write_time = 0;
419 oi->ntcreatex.out.change_time = 0;
420 oi->ntcreatex.out.attrib = FILE_ATTRIBUTE_NORMAL;
421 oi->ntcreatex.out.alloc_size = p->allocation_size;
422 oi->ntcreatex.out.size = 0;
423 oi->ntcreatex.out.file_type = p->file_type;
424 oi->ntcreatex.out.ipc_state = p->device_state;
425 oi->ntcreatex.out.is_directory = 0;
428 ZERO_STRUCT(oi->openx.out);
429 oi->openx.out.file.ntvfs = p->handle;
430 oi->openx.out.attrib = FILE_ATTRIBUTE_NORMAL;
431 oi->openx.out.write_time = 0;
432 oi->openx.out.size = 0;
433 oi->openx.out.access = 0;
434 oi->openx.out.ftype = p->file_type;
435 oi->openx.out.devstate = p->device_state;
436 oi->openx.out.action = 0;
437 oi->openx.out.unique_fid = 0;
438 oi->openx.out.access_mask = 0;
439 oi->openx.out.unknown = 0;
442 ZERO_STRUCT(oi->smb2.out);
443 oi->smb2.out.file.ntvfs = p->handle;
444 oi->smb2.out.oplock_level = oi->smb2.in.oplock_level;
445 oi->smb2.out.create_action = NTCREATEX_ACTION_EXISTED;
446 oi->smb2.out.create_time = 0;
447 oi->smb2.out.access_time = 0;
448 oi->smb2.out.write_time = 0;
449 oi->smb2.out.change_time = 0;
450 oi->smb2.out.alloc_size = p->allocation_size;
451 oi->smb2.out.size = 0;
452 oi->smb2.out.file_attr = FILE_ATTRIBUTE_NORMAL;
453 oi->smb2.out.reserved2 = 0;
460 req->async_states->status = status;
461 req->async_states->send_fn(req);
467 static NTSTATUS ipc_mkdir(struct ntvfs_module_context *ntvfs,
468 struct ntvfs_request *req, union smb_mkdir *md)
470 return NT_STATUS_ACCESS_DENIED;
476 static NTSTATUS ipc_rmdir(struct ntvfs_module_context *ntvfs,
477 struct ntvfs_request *req, struct smb_rmdir *rd)
479 return NT_STATUS_ACCESS_DENIED;
483 rename a set of files
485 static NTSTATUS ipc_rename(struct ntvfs_module_context *ntvfs,
486 struct ntvfs_request *req, union smb_rename *ren)
488 return NT_STATUS_ACCESS_DENIED;
494 static NTSTATUS ipc_copy(struct ntvfs_module_context *ntvfs,
495 struct ntvfs_request *req, struct smb_copy *cp)
497 return NT_STATUS_ACCESS_DENIED;
500 struct ipc_readv_next_vector_state {
507 static void ipc_readv_next_vector_init(struct ipc_readv_next_vector_state *s,
508 uint8_t *buf, size_t len)
513 s->len = MIN(len, UINT16_MAX);
516 static int ipc_readv_next_vector(struct tstream_context *stream,
519 struct iovec **_vector,
522 struct ipc_readv_next_vector_state *state =
523 (struct ipc_readv_next_vector_state *)private_data;
524 struct iovec *vector;
528 if (state->ofs == state->len) {
534 pending = tstream_pending_bytes(stream);
539 if (pending == 0 && state->ofs != 0) {
540 /* return a short read */
547 /* we want at least one byte and recheck again */
550 size_t missing = state->len - state->ofs;
551 if (pending > missing) {
552 /* there's more available */
553 state->remaining = pending - missing;
556 /* read what we can get and recheck in the next cycle */
561 vector = talloc_array(mem_ctx, struct iovec, 1);
566 vector[0].iov_base = (char *) (state->buf + state->ofs);
567 vector[0].iov_len = wanted;
569 state->ofs += wanted;
576 struct ipc_read_state {
577 struct ipc_private *ipriv;
578 struct pipe_state *p;
579 struct ntvfs_request *req;
581 struct ipc_readv_next_vector_state next_vector;
584 static void ipc_read_done(struct tevent_req *subreq);
589 static NTSTATUS ipc_read(struct ntvfs_module_context *ntvfs,
590 struct ntvfs_request *req, union smb_read *rd)
592 struct ipc_private *ipriv = talloc_get_type_abort(ntvfs->private_data,
594 struct pipe_state *p;
595 struct ipc_read_state *state;
596 struct tevent_req *subreq;
598 if (rd->generic.level != RAW_READ_GENERIC) {
599 return ntvfs_map_read(ntvfs, req, rd);
602 p = pipe_state_find(ipriv, rd->readx.in.file.ntvfs);
604 return NT_STATUS_INVALID_HANDLE;
607 state = talloc(req, struct ipc_read_state);
608 NT_STATUS_HAVE_NO_MEMORY(state);
610 state->ipriv = ipriv;
615 /* rd->readx.out.data is already allocated */
616 ipc_readv_next_vector_init(&state->next_vector,
618 rd->readx.in.maxcnt);
620 subreq = tstream_readv_pdu_queue_send(req,
621 ipriv->ntvfs->ctx->event_ctx,
624 ipc_readv_next_vector,
625 &state->next_vector);
626 NT_STATUS_HAVE_NO_MEMORY(subreq);
627 tevent_req_set_callback(subreq, ipc_read_done, state);
629 req->async_states->state |= NTVFS_ASYNC_STATE_ASYNC;
633 static void ipc_read_done(struct tevent_req *subreq)
635 struct ipc_read_state *state =
636 tevent_req_callback_data(subreq,
637 struct ipc_read_state);
638 struct ntvfs_request *req = state->req;
639 union smb_read *rd = state->rd;
644 ret = tstream_readv_pdu_queue_recv(subreq, &sys_errno);
647 status = map_nt_error_from_unix(sys_errno);
651 status = NT_STATUS_OK;
652 if (state->next_vector.remaining > 0) {
653 status = STATUS_BUFFER_OVERFLOW;
656 rd->readx.out.remaining = state->next_vector.remaining;
657 rd->readx.out.compaction_mode = 0;
658 rd->readx.out.nread = ret;
661 req->async_states->status = status;
662 req->async_states->send_fn(req);
665 struct ipc_write_state {
666 struct ipc_private *ipriv;
667 struct pipe_state *p;
668 struct ntvfs_request *req;
673 static void ipc_write_done(struct tevent_req *subreq);
678 static NTSTATUS ipc_write(struct ntvfs_module_context *ntvfs,
679 struct ntvfs_request *req, union smb_write *wr)
681 struct ipc_private *ipriv = talloc_get_type_abort(ntvfs->private_data,
683 struct pipe_state *p;
684 struct tevent_req *subreq;
685 struct ipc_write_state *state;
687 if (wr->generic.level != RAW_WRITE_GENERIC) {
688 return ntvfs_map_write(ntvfs, req, wr);
691 p = pipe_state_find(ipriv, wr->writex.in.file.ntvfs);
693 return NT_STATUS_INVALID_HANDLE;
696 state = talloc(req, struct ipc_write_state);
697 NT_STATUS_HAVE_NO_MEMORY(state);
699 state->ipriv = ipriv;
703 state->iov.iov_base = discard_const_p(void, wr->writex.in.data);
704 state->iov.iov_len = wr->writex.in.count;
706 subreq = tstream_writev_queue_send(state,
707 ipriv->ntvfs->ctx->event_ctx,
711 NT_STATUS_HAVE_NO_MEMORY(subreq);
712 tevent_req_set_callback(subreq, ipc_write_done, state);
714 req->async_states->state |= NTVFS_ASYNC_STATE_ASYNC;
718 static void ipc_write_done(struct tevent_req *subreq)
720 struct ipc_write_state *state =
721 tevent_req_callback_data(subreq,
722 struct ipc_write_state);
723 struct ntvfs_request *req = state->req;
724 union smb_write *wr = state->wr;
729 ret = tstream_writev_queue_recv(subreq, &sys_errno);
732 status = map_nt_error_from_unix(sys_errno);
736 status = NT_STATUS_OK;
738 wr->writex.out.nwritten = ret;
739 wr->writex.out.remaining = 0;
742 req->async_states->status = status;
743 req->async_states->send_fn(req);
749 static NTSTATUS ipc_seek(struct ntvfs_module_context *ntvfs,
750 struct ntvfs_request *req,
753 return NT_STATUS_ACCESS_DENIED;
759 static NTSTATUS ipc_flush(struct ntvfs_module_context *ntvfs,
760 struct ntvfs_request *req,
763 return NT_STATUS_ACCESS_DENIED;
769 static NTSTATUS ipc_close(struct ntvfs_module_context *ntvfs,
770 struct ntvfs_request *req, union smb_close *io)
772 struct ipc_private *ipriv = talloc_get_type_abort(ntvfs->private_data,
774 struct pipe_state *p;
776 if (io->generic.level != RAW_CLOSE_CLOSE) {
777 return ntvfs_map_close(ntvfs, req, io);
780 p = pipe_state_find(ipriv, io->close.in.file.ntvfs);
782 return NT_STATUS_INVALID_HANDLE;
793 static NTSTATUS ipc_exit(struct ntvfs_module_context *ntvfs,
794 struct ntvfs_request *req)
796 struct ipc_private *ipriv = talloc_get_type_abort(ntvfs->private_data,
798 struct pipe_state *p, *next;
800 for (p=ipriv->pipe_list; p; p=next) {
802 if (p->handle->session_info == req->session_info &&
803 p->handle->smbpid == req->smbpid) {
812 logoff - closing files open by the user
814 static NTSTATUS ipc_logoff(struct ntvfs_module_context *ntvfs,
815 struct ntvfs_request *req)
817 struct ipc_private *ipriv = talloc_get_type_abort(ntvfs->private_data,
819 struct pipe_state *p, *next;
821 for (p=ipriv->pipe_list; p; p=next) {
823 if (p->handle->session_info == req->session_info) {
832 setup for an async call
834 static NTSTATUS ipc_async_setup(struct ntvfs_module_context *ntvfs,
835 struct ntvfs_request *req,
844 static NTSTATUS ipc_cancel(struct ntvfs_module_context *ntvfs,
845 struct ntvfs_request *req)
847 return NT_STATUS_UNSUCCESSFUL;
853 static NTSTATUS ipc_lock(struct ntvfs_module_context *ntvfs,
854 struct ntvfs_request *req, union smb_lock *lck)
856 return NT_STATUS_ACCESS_DENIED;
860 set info on a open file
862 static NTSTATUS ipc_setfileinfo(struct ntvfs_module_context *ntvfs,
863 struct ntvfs_request *req, union smb_setfileinfo *info)
865 return NT_STATUS_ACCESS_DENIED;
869 query info on a open file
871 static NTSTATUS ipc_qfileinfo(struct ntvfs_module_context *ntvfs,
872 struct ntvfs_request *req, union smb_fileinfo *info)
874 struct ipc_private *ipriv = talloc_get_type_abort(ntvfs->private_data,
876 struct pipe_state *p = pipe_state_find(ipriv, info->generic.in.file.ntvfs);
878 return NT_STATUS_INVALID_HANDLE;
880 switch (info->generic.level) {
881 case RAW_FILEINFO_GENERIC:
883 ZERO_STRUCT(info->generic.out);
884 info->generic.out.attrib = FILE_ATTRIBUTE_NORMAL;
885 info->generic.out.fname.s = strrchr(p->pipe_name, '\\');
886 info->generic.out.alloc_size = 4096;
887 info->generic.out.nlink = 1;
888 /* What the heck? Match Win2k3: IPC$ pipes are delete pending */
889 info->generic.out.delete_pending = 1;
892 case RAW_FILEINFO_ALT_NAME_INFO:
893 case RAW_FILEINFO_ALT_NAME_INFORMATION:
894 case RAW_FILEINFO_STREAM_INFO:
895 case RAW_FILEINFO_STREAM_INFORMATION:
896 case RAW_FILEINFO_COMPRESSION_INFO:
897 case RAW_FILEINFO_COMPRESSION_INFORMATION:
898 case RAW_FILEINFO_NETWORK_OPEN_INFORMATION:
899 case RAW_FILEINFO_ATTRIBUTE_TAG_INFORMATION:
900 return NT_STATUS_INVALID_PARAMETER;
901 case RAW_FILEINFO_ALL_EAS:
902 return NT_STATUS_ACCESS_DENIED;
904 return ntvfs_map_qfileinfo(ntvfs, req, info);
910 return filesystem info
912 static NTSTATUS ipc_fsinfo(struct ntvfs_module_context *ntvfs,
913 struct ntvfs_request *req, union smb_fsinfo *fs)
915 return NT_STATUS_ACCESS_DENIED;
919 return print queue info
921 static NTSTATUS ipc_lpq(struct ntvfs_module_context *ntvfs,
922 struct ntvfs_request *req, union smb_lpq *lpq)
924 return NT_STATUS_ACCESS_DENIED;
928 list files in a directory matching a wildcard pattern
930 static NTSTATUS ipc_search_first(struct ntvfs_module_context *ntvfs,
931 struct ntvfs_request *req, union smb_search_first *io,
932 void *search_private,
933 bool (*callback)(void *, const union smb_search_data *))
935 return NT_STATUS_ACCESS_DENIED;
939 continue listing files in a directory
941 static NTSTATUS ipc_search_next(struct ntvfs_module_context *ntvfs,
942 struct ntvfs_request *req, union smb_search_next *io,
943 void *search_private,
944 bool (*callback)(void *, const union smb_search_data *))
946 return NT_STATUS_ACCESS_DENIED;
950 end listing files in a directory
952 static NTSTATUS ipc_search_close(struct ntvfs_module_context *ntvfs,
953 struct ntvfs_request *req, union smb_search_close *io)
955 return NT_STATUS_ACCESS_DENIED;
958 struct ipc_trans_state {
959 struct ipc_private *ipriv;
960 struct pipe_state *p;
961 struct ntvfs_request *req;
962 struct smb_trans2 *trans;
963 struct iovec writev_iov;
964 struct ipc_readv_next_vector_state next_vector;
967 static void ipc_trans_writev_done(struct tevent_req *subreq);
968 static void ipc_trans_readv_done(struct tevent_req *subreq);
970 /* SMBtrans - handle a DCERPC command */
971 static NTSTATUS ipc_dcerpc_cmd(struct ntvfs_module_context *ntvfs,
972 struct ntvfs_request *req, struct smb_trans2 *trans)
974 struct ipc_private *ipriv = talloc_get_type_abort(ntvfs->private_data,
976 struct pipe_state *p;
979 struct ipc_trans_state *state;
980 struct tevent_req *subreq;
983 * the fnum is in setup[1], a 16 bit value
984 * the setup[*] values are already in host byteorder
985 * but ntvfs_handle_search_by_wire_key() expects
988 SSVAL(&fnum, 0, trans->in.setup[1]);
989 fnum_key = data_blob_const(&fnum, 2);
991 p = pipe_state_find_key(ipriv, req, &fnum_key);
993 return NT_STATUS_INVALID_HANDLE;
997 * Trans requests are only allowed
998 * if no other Trans or Read is active
1000 if (tevent_queue_length(p->read_queue) > 0) {
1001 return NT_STATUS_PIPE_BUSY;
1004 state = talloc(req, struct ipc_trans_state);
1005 NT_STATUS_HAVE_NO_MEMORY(state);
1007 trans->out.setup_count = 0;
1008 trans->out.setup = NULL;
1009 trans->out.params = data_blob(NULL, 0);
1010 trans->out.data = data_blob_talloc(req, NULL, trans->in.max_data);
1011 NT_STATUS_HAVE_NO_MEMORY(trans->out.data.data);
1013 state->ipriv = ipriv;
1016 state->trans = trans;
1017 state->writev_iov.iov_base = (char *) trans->in.data.data;
1018 state->writev_iov.iov_len = trans->in.data.length;
1020 ipc_readv_next_vector_init(&state->next_vector,
1021 trans->out.data.data,
1022 trans->out.data.length);
1024 subreq = tstream_writev_queue_send(state,
1025 ipriv->ntvfs->ctx->event_ctx,
1028 &state->writev_iov, 1);
1029 NT_STATUS_HAVE_NO_MEMORY(subreq);
1030 tevent_req_set_callback(subreq, ipc_trans_writev_done, state);
1032 req->async_states->state |= NTVFS_ASYNC_STATE_ASYNC;
1033 return NT_STATUS_OK;
1036 static void ipc_trans_writev_done(struct tevent_req *subreq)
1038 struct ipc_trans_state *state =
1039 tevent_req_callback_data(subreq,
1040 struct ipc_trans_state);
1041 struct ipc_private *ipriv = state->ipriv;
1042 struct pipe_state *p = state->p;
1043 struct ntvfs_request *req = state->req;
1048 ret = tstream_writev_queue_recv(subreq, &sys_errno);
1049 TALLOC_FREE(subreq);
1051 status = NT_STATUS_PIPE_DISCONNECTED;
1053 } else if (ret == -1) {
1054 status = map_nt_error_from_unix(sys_errno);
1058 subreq = tstream_readv_pdu_queue_send(state,
1059 ipriv->ntvfs->ctx->event_ctx,
1062 ipc_readv_next_vector,
1063 &state->next_vector);
1065 status = NT_STATUS_NO_MEMORY;
1068 tevent_req_set_callback(subreq, ipc_trans_readv_done, state);
1072 req->async_states->status = status;
1073 req->async_states->send_fn(req);
1076 static void ipc_trans_readv_done(struct tevent_req *subreq)
1078 struct ipc_trans_state *state =
1079 tevent_req_callback_data(subreq,
1080 struct ipc_trans_state);
1081 struct ntvfs_request *req = state->req;
1082 struct smb_trans2 *trans = state->trans;
1087 ret = tstream_readv_pdu_queue_recv(subreq, &sys_errno);
1088 TALLOC_FREE(subreq);
1090 status = map_nt_error_from_unix(sys_errno);
1094 status = NT_STATUS_OK;
1095 if (state->next_vector.remaining > 0) {
1096 status = STATUS_BUFFER_OVERFLOW;
1099 trans->out.data.length = ret;
1102 req->async_states->status = status;
1103 req->async_states->send_fn(req);
1106 /* SMBtrans - set named pipe state */
1107 static NTSTATUS ipc_set_nm_pipe_state(struct ntvfs_module_context *ntvfs,
1108 struct ntvfs_request *req, struct smb_trans2 *trans)
1110 struct ipc_private *ipriv = talloc_get_type_abort(ntvfs->private_data,
1111 struct ipc_private);
1112 struct pipe_state *p;
1115 /* the fnum is in setup[1] */
1116 fnum_key = data_blob_const(&trans->in.setup[1], sizeof(trans->in.setup[1]));
1118 p = pipe_state_find_key(ipriv, req, &fnum_key);
1120 return NT_STATUS_INVALID_HANDLE;
1123 if (trans->in.params.length != 2) {
1124 return NT_STATUS_INVALID_PARAMETER;
1128 * TODO: pass this to the tstream_npa logic
1130 p->device_state = SVAL(trans->in.params.data, 0);
1132 trans->out.setup_count = 0;
1133 trans->out.setup = NULL;
1134 trans->out.params = data_blob(NULL, 0);
1135 trans->out.data = data_blob(NULL, 0);
1137 return NT_STATUS_OK;
1141 /* SMBtrans - used to provide access to SMB pipes */
1142 static NTSTATUS ipc_trans(struct ntvfs_module_context *ntvfs,
1143 struct ntvfs_request *req, struct smb_trans2 *trans)
1147 if (strequal(trans->in.trans_name, "\\PIPE\\LANMAN"))
1148 return ipc_rap_call(req, ntvfs->ctx->event_ctx, ntvfs->ctx->lp_ctx, trans);
1150 if (trans->in.setup_count != 2) {
1151 return NT_STATUS_INVALID_PARAMETER;
1154 switch (trans->in.setup[0]) {
1155 case TRANSACT_SETNAMEDPIPEHANDLESTATE:
1156 status = ipc_set_nm_pipe_state(ntvfs, req, trans);
1158 case TRANSACT_DCERPCCMD:
1159 status = ipc_dcerpc_cmd(ntvfs, req, trans);
1162 status = NT_STATUS_INVALID_PARAMETER;
1169 struct ipc_ioctl_state {
1170 struct ipc_private *ipriv;
1171 struct pipe_state *p;
1172 struct ntvfs_request *req;
1173 union smb_ioctl *io;
1174 struct iovec writev_iov;
1175 struct ipc_readv_next_vector_state next_vector;
1178 static void ipc_ioctl_writev_done(struct tevent_req *subreq);
1179 static void ipc_ioctl_readv_done(struct tevent_req *subreq);
1181 static NTSTATUS ipc_ioctl_smb2(struct ntvfs_module_context *ntvfs,
1182 struct ntvfs_request *req, union smb_ioctl *io)
1184 struct ipc_private *ipriv = talloc_get_type_abort(ntvfs->private_data,
1185 struct ipc_private);
1186 struct pipe_state *p;
1187 struct ipc_ioctl_state *state;
1188 struct tevent_req *subreq;
1190 switch (io->smb2.in.function) {
1191 case FSCTL_NAMED_PIPE_READ_WRITE:
1195 return NT_STATUS_FS_DRIVER_REQUIRED;
1198 p = pipe_state_find(ipriv, io->smb2.in.file.ntvfs);
1200 return NT_STATUS_INVALID_HANDLE;
1204 * Trans requests are only allowed
1205 * if no other Trans or Read is active
1207 if (tevent_queue_length(p->read_queue) > 0) {
1208 return NT_STATUS_PIPE_BUSY;
1211 state = talloc(req, struct ipc_ioctl_state);
1212 NT_STATUS_HAVE_NO_MEMORY(state);
1214 io->smb2.out._pad = 0;
1215 io->smb2.out.function = io->smb2.in.function;
1216 io->smb2.out.unknown2 = 0;
1217 io->smb2.out.unknown3 = 0;
1218 io->smb2.out.in = io->smb2.in.out;
1219 io->smb2.out.out = data_blob_talloc(req, NULL, io->smb2.in.max_response_size);
1220 NT_STATUS_HAVE_NO_MEMORY(io->smb2.out.out.data);
1222 state->ipriv = ipriv;
1226 state->writev_iov.iov_base = (char *) io->smb2.in.out.data;
1227 state->writev_iov.iov_len = io->smb2.in.out.length;
1229 ipc_readv_next_vector_init(&state->next_vector,
1230 io->smb2.out.out.data,
1231 io->smb2.out.out.length);
1233 subreq = tstream_writev_queue_send(state,
1234 ipriv->ntvfs->ctx->event_ctx,
1237 &state->writev_iov, 1);
1238 NT_STATUS_HAVE_NO_MEMORY(subreq);
1239 tevent_req_set_callback(subreq, ipc_ioctl_writev_done, state);
1241 req->async_states->state |= NTVFS_ASYNC_STATE_ASYNC;
1242 return NT_STATUS_OK;
1245 static void ipc_ioctl_writev_done(struct tevent_req *subreq)
1247 struct ipc_ioctl_state *state =
1248 tevent_req_callback_data(subreq,
1249 struct ipc_ioctl_state);
1250 struct ipc_private *ipriv = state->ipriv;
1251 struct pipe_state *p = state->p;
1252 struct ntvfs_request *req = state->req;
1257 ret = tstream_writev_queue_recv(subreq, &sys_errno);
1258 TALLOC_FREE(subreq);
1260 status = map_nt_error_from_unix(sys_errno);
1264 subreq = tstream_readv_pdu_queue_send(state,
1265 ipriv->ntvfs->ctx->event_ctx,
1268 ipc_readv_next_vector,
1269 &state->next_vector);
1271 status = NT_STATUS_NO_MEMORY;
1274 tevent_req_set_callback(subreq, ipc_ioctl_readv_done, state);
1278 req->async_states->status = status;
1279 req->async_states->send_fn(req);
1282 static void ipc_ioctl_readv_done(struct tevent_req *subreq)
1284 struct ipc_ioctl_state *state =
1285 tevent_req_callback_data(subreq,
1286 struct ipc_ioctl_state);
1287 struct ntvfs_request *req = state->req;
1288 union smb_ioctl *io = state->io;
1293 ret = tstream_readv_pdu_queue_recv(subreq, &sys_errno);
1294 TALLOC_FREE(subreq);
1296 status = map_nt_error_from_unix(sys_errno);
1300 status = NT_STATUS_OK;
1301 if (state->next_vector.remaining > 0) {
1302 status = STATUS_BUFFER_OVERFLOW;
1305 io->smb2.out.out.length = ret;
1308 req->async_states->status = status;
1309 req->async_states->send_fn(req);
1315 static NTSTATUS ipc_ioctl(struct ntvfs_module_context *ntvfs,
1316 struct ntvfs_request *req, union smb_ioctl *io)
1318 switch (io->generic.level) {
1319 case RAW_IOCTL_SMB2:
1320 return ipc_ioctl_smb2(ntvfs, req, io);
1322 case RAW_IOCTL_SMB2_NO_HANDLE:
1323 return NT_STATUS_FS_DRIVER_REQUIRED;
1326 return NT_STATUS_ACCESS_DENIED;
1332 initialialise the IPC backend, registering ourselves with the ntvfs subsystem
1334 NTSTATUS ntvfs_ipc_init(void)
1337 struct ntvfs_ops ops;
1338 NTVFS_CURRENT_CRITICAL_SIZES(vers);
1342 /* fill in the name and type */
1343 ops.name = "default";
1344 ops.type = NTVFS_IPC;
1346 /* fill in all the operations */
1347 ops.connect = ipc_connect;
1348 ops.disconnect = ipc_disconnect;
1349 ops.unlink = ipc_unlink;
1350 ops.chkpath = ipc_chkpath;
1351 ops.qpathinfo = ipc_qpathinfo;
1352 ops.setpathinfo = ipc_setpathinfo;
1353 ops.open = ipc_open;
1354 ops.mkdir = ipc_mkdir;
1355 ops.rmdir = ipc_rmdir;
1356 ops.rename = ipc_rename;
1357 ops.copy = ipc_copy;
1358 ops.ioctl = ipc_ioctl;
1359 ops.read = ipc_read;
1360 ops.write = ipc_write;
1361 ops.seek = ipc_seek;
1362 ops.flush = ipc_flush;
1363 ops.close = ipc_close;
1364 ops.exit = ipc_exit;
1365 ops.lock = ipc_lock;
1366 ops.setfileinfo = ipc_setfileinfo;
1367 ops.qfileinfo = ipc_qfileinfo;
1368 ops.fsinfo = ipc_fsinfo;
1370 ops.search_first = ipc_search_first;
1371 ops.search_next = ipc_search_next;
1372 ops.search_close = ipc_search_close;
1373 ops.trans = ipc_trans;
1374 ops.logoff = ipc_logoff;
1375 ops.async_setup = ipc_async_setup;
1376 ops.cancel = ipc_cancel;
1378 /* register ourselves with the NTVFS subsystem. */
1379 ret = ntvfs_register(&ops, &vers);
1381 if (!NT_STATUS_IS_OK(ret)) {
1382 DEBUG(0,("Failed to register IPC backend!\n"));