Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 :
4 : SMB2 client ioctl call
5 :
6 : Copyright (C) Andrew Tridgell 2005
7 :
8 : This program is free software; you can redistribute it and/or modify
9 : it under the terms of the GNU General Public License as published by
10 : the Free Software Foundation; either version 3 of the License, or
11 : (at your option) any later version.
12 :
13 : This program is distributed in the hope that it will be useful,
14 : but WITHOUT ANY WARRANTY; without even the implied warranty of
15 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 : GNU General Public License for more details.
17 :
18 : You should have received a copy of the GNU General Public License
19 : along with this program. If not, see <http://www.gnu.org/licenses/>.
20 : */
21 :
22 : #include "includes.h"
23 : #include "libcli/smb2/smb2.h"
24 : #include "libcli/smb2/smb2_calls.h"
25 : #include "librpc/gen_ndr/ioctl.h"
26 :
27 : /*
28 : send a ioctl request
29 : */
30 1661 : struct smb2_request *smb2_ioctl_send(struct smb2_tree *tree, struct smb2_ioctl *io)
31 : {
32 2 : NTSTATUS status;
33 2 : struct smb2_request *req;
34 2 : uint64_t max_payload_in;
35 2 : uint64_t max_payload_out;
36 2 : size_t max_payload;
37 :
38 1663 : req = smb2_request_init_tree(tree, SMB2_OP_IOCTL, 0x38, true,
39 1661 : io->in.in.length+io->in.out.length);
40 1661 : if (req == NULL) return NULL;
41 :
42 1661 : SSVAL(req->out.body, 0x02, 0); /* pad */
43 1661 : SIVAL(req->out.body, 0x04, io->in.function);
44 1661 : smb2_push_handle(req->out.body+0x08, &io->in.file.handle);
45 :
46 1661 : status = smb2_push_o32s32_blob(&req->out, 0x18, io->in.out);
47 1661 : if (!NT_STATUS_IS_OK(status)) {
48 0 : talloc_free(req);
49 0 : return NULL;
50 : }
51 :
52 1661 : SIVAL(req->out.body, 0x20, io->in.max_input_response);
53 :
54 1661 : status = smb2_push_o32s32_blob(&req->out, 0x24, io->in.in);
55 1661 : if (!NT_STATUS_IS_OK(status)) {
56 0 : talloc_free(req);
57 0 : return NULL;
58 : }
59 :
60 1661 : SIVAL(req->out.body, 0x2C, io->in.max_output_response);
61 1661 : SBVAL(req->out.body, 0x30, io->in.flags);
62 :
63 1661 : max_payload_in = io->in.out.length + io->in.in.length;
64 1661 : max_payload_in = MIN(max_payload_in, UINT32_MAX);
65 1661 : max_payload_out = io->in.max_input_response + io->in.max_output_response;
66 1661 : max_payload_out = MIN(max_payload_out, UINT32_MAX);
67 :
68 1661 : max_payload = MAX(max_payload_in, max_payload_out);
69 1661 : req->credit_charge = (MAX(max_payload, 1) - 1)/ 65536 + 1;
70 :
71 1661 : smb2_transport_send(req);
72 :
73 1661 : return req;
74 : }
75 :
76 : /*
77 : * 3.3.4.4 Sending an Error Response
78 : */
79 1661 : static bool smb2_ioctl_is_failure(uint32_t ctl_code, NTSTATUS status,
80 : size_t data_size)
81 : {
82 1661 : if (NT_STATUS_IS_OK(status)) {
83 1322 : return false;
84 : }
85 :
86 339 : if (NT_STATUS_EQUAL(status, STATUS_BUFFER_OVERFLOW)
87 0 : && ((ctl_code == FSCTL_PIPE_TRANSCEIVE)
88 0 : || (ctl_code == FSCTL_PIPE_PEEK)
89 0 : || (ctl_code == FSCTL_DFS_GET_REFERRALS))) {
90 0 : return false;
91 : }
92 :
93 339 : if (((ctl_code == FSCTL_SRV_COPYCHUNK)
94 243 : || (ctl_code == FSCTL_SRV_COPYCHUNK_WRITE))
95 96 : && (data_size == sizeof(struct srv_copychunk_rsp))) {
96 : /*
97 : * copychunk responses may come with copychunk data or error
98 : * response data, independent of status.
99 : */
100 88 : return false;
101 : }
102 :
103 249 : return true;
104 : }
105 :
106 : /*
107 : recv a ioctl reply
108 : */
109 1661 : NTSTATUS smb2_ioctl_recv(struct smb2_request *req,
110 : TALLOC_CTX *mem_ctx, struct smb2_ioctl *io)
111 : {
112 2 : NTSTATUS status;
113 :
114 3320 : if (!smb2_request_receive(req) ||
115 1661 : smb2_ioctl_is_failure(io->in.function, req->status,
116 : req->in.bufinfo.data_size)) {
117 251 : return smb2_request_destroy(req);
118 : }
119 :
120 1410 : SMB2_CHECK_PACKET_RECV(req, 0x30, true);
121 :
122 1410 : io->out.reserved = SVAL(req->in.body, 0x02);
123 1410 : io->out.function = IVAL(req->in.body, 0x04);
124 1410 : smb2_pull_handle(req->in.body+0x08, &io->out.file.handle);
125 :
126 1410 : status = smb2_pull_o32s32_blob(&req->in, mem_ctx, req->in.body+0x18, &io->out.in);
127 1410 : if (!NT_STATUS_IS_OK(status)) {
128 0 : smb2_request_destroy(req);
129 0 : return status;
130 : }
131 :
132 1410 : status = smb2_pull_o32s32_blob(&req->in, mem_ctx, req->in.body+0x20, &io->out.out);
133 1410 : if (!NT_STATUS_IS_OK(status)) {
134 0 : smb2_request_destroy(req);
135 0 : return status;
136 : }
137 :
138 1410 : io->out.flags = IVAL(req->in.body, 0x28);
139 1410 : io->out.reserved2 = IVAL(req->in.body, 0x2C);
140 :
141 1410 : return smb2_request_destroy(req);
142 : }
143 :
144 : /*
145 : sync ioctl request
146 : */
147 1634 : NTSTATUS smb2_ioctl(struct smb2_tree *tree, TALLOC_CTX *mem_ctx, struct smb2_ioctl *io)
148 : {
149 1634 : struct smb2_request *req = smb2_ioctl_send(tree, io);
150 1634 : return smb2_ioctl_recv(req, mem_ctx, io);
151 : }
|
