Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 : SMB torture tester - scanning functions
4 : Copyright (C) Andrew Tridgell 2001
5 :
6 : This program is free software; you can redistribute it and/or modify
7 : it under the terms of the GNU General Public License as published by
8 : the Free Software Foundation; either version 3 of the License, or
9 : (at your option) any later version.
10 :
11 : This program is distributed in the hope that it will be useful,
12 : but WITHOUT ANY WARRANTY; without even the implied warranty of
13 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 : GNU General Public License for more details.
15 :
16 : You should have received a copy of the GNU General Public License
17 : along with this program. If not, see <http://www.gnu.org/licenses/>.
18 : */
19 :
20 : #include "includes.h"
21 : #include "libcli/libcli.h"
22 : #include "torture/util.h"
23 : #include "libcli/raw/raw_proto.h"
24 : #include "system/filesys.h"
25 : #include "param/param.h"
26 : #include "torture/basic/proto.h"
27 :
28 : #define VERBOSE 0
29 : #define OP_MIN 0
30 : #define OP_MAX 100
31 : #define PARAM_SIZE 1024
32 :
33 : /****************************************************************************
34 : look for a partial hit
35 : ****************************************************************************/
36 0 : static void trans2_check_hit(const char *format, int op, int level, NTSTATUS status)
37 : {
38 0 : if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_LEVEL) ||
39 0 : NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED) ||
40 0 : NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED) ||
41 0 : NT_STATUS_EQUAL(status, NT_STATUS_UNSUCCESSFUL) ||
42 0 : NT_STATUS_EQUAL(status, NT_STATUS_INVALID_INFO_CLASS)) {
43 0 : return;
44 : }
45 : #if VERBOSE
46 : printf("possible %s hit op=%3d level=%5d status=%s\n",
47 : format, op, level, nt_errstr(status));
48 : #endif
49 : }
50 :
51 : /****************************************************************************
52 : check for existence of a trans2 call
53 : ****************************************************************************/
54 0 : static NTSTATUS try_trans2(struct smbcli_state *cli,
55 : int op,
56 : uint8_t *param, uint8_t *data,
57 : int param_len, int data_len,
58 : int *rparam_len, int *rdata_len)
59 : {
60 0 : NTSTATUS status;
61 0 : struct smb_trans2 t2;
62 0 : uint16_t setup = op;
63 0 : TALLOC_CTX *mem_ctx;
64 :
65 0 : mem_ctx = talloc_init("try_trans2");
66 :
67 0 : t2.in.max_param = UINT16_MAX;
68 0 : t2.in.max_data = UINT16_MAX;
69 0 : t2.in.max_setup = 10;
70 0 : t2.in.flags = 0;
71 0 : t2.in.timeout = 0;
72 0 : t2.in.setup_count = 1;
73 0 : t2.in.setup = &setup;
74 0 : t2.in.params.data = param;
75 0 : t2.in.params.length = param_len;
76 0 : t2.in.data.data = data;
77 0 : t2.in.data.length = data_len;
78 :
79 0 : status = smb_raw_trans2(cli->tree, mem_ctx, &t2);
80 :
81 0 : *rparam_len = t2.out.params.length;
82 0 : *rdata_len = t2.out.data.length;
83 :
84 0 : talloc_free(mem_ctx);
85 :
86 0 : return status;
87 : }
88 :
89 :
90 0 : static NTSTATUS try_trans2_len(struct smbcli_state *cli,
91 : const char *format,
92 : int op, int level,
93 : uint8_t *param, uint8_t *data,
94 : int param_len, int *data_len,
95 : int *rparam_len, int *rdata_len)
96 : {
97 0 : NTSTATUS ret=NT_STATUS_OK;
98 :
99 0 : ret = try_trans2(cli, op, param, data, param_len,
100 : PARAM_SIZE, rparam_len, rdata_len);
101 : #if VERBOSE
102 : printf("op=%d level=%d ret=%s\n", op, level, nt_errstr(ret));
103 : #endif
104 0 : if (!NT_STATUS_IS_OK(ret)) return ret;
105 :
106 0 : *data_len = 0;
107 0 : while (*data_len < PARAM_SIZE) {
108 0 : ret = try_trans2(cli, op, param, data, param_len,
109 : *data_len, rparam_len, rdata_len);
110 0 : if (NT_STATUS_IS_OK(ret)) break;
111 0 : *data_len += 2;
112 : }
113 0 : if (NT_STATUS_IS_OK(ret)) {
114 0 : printf("found %s level=%d data_len=%d rparam_len=%d rdata_len=%d\n",
115 : format, level, *data_len, *rparam_len, *rdata_len);
116 : } else {
117 0 : trans2_check_hit(format, op, level, ret);
118 : }
119 0 : return ret;
120 : }
121 :
122 :
123 : /****************************************************************************
124 : check whether a trans2 opnum exists at all
125 : ****************************************************************************/
126 0 : static bool trans2_op_exists(struct smbcli_state *cli, int op)
127 : {
128 0 : int data_len = PARAM_SIZE;
129 0 : int param_len = PARAM_SIZE;
130 0 : int rparam_len, rdata_len;
131 0 : uint8_t *param, *data;
132 0 : NTSTATUS status1, status2;
133 0 : TALLOC_CTX *mem_ctx;
134 :
135 0 : mem_ctx = talloc_init("trans2_op_exists");
136 :
137 : /* try with a info level only */
138 :
139 0 : param = talloc_array(mem_ctx, uint8_t, param_len);
140 0 : data = talloc_array(mem_ctx, uint8_t, data_len);
141 :
142 0 : memset(param, 0xFF, param_len);
143 0 : memset(data, 0xFF, data_len);
144 :
145 0 : status1 = try_trans2(cli, 0xFFFF, param, data, param_len, data_len,
146 : &rparam_len, &rdata_len);
147 :
148 0 : status2 = try_trans2(cli, op, param, data, param_len, data_len,
149 : &rparam_len, &rdata_len);
150 :
151 0 : if (NT_STATUS_EQUAL(status1, status2)) {
152 0 : talloc_free(mem_ctx);
153 0 : return false;
154 : }
155 :
156 0 : printf("Found op %d (status=%s)\n", op, nt_errstr(status2));
157 :
158 0 : talloc_free(mem_ctx);
159 0 : return true;
160 : }
161 :
162 : /****************************************************************************
163 : check for existence of a trans2 call
164 : ****************************************************************************/
165 0 : static bool scan_trans2(
166 : struct smbcli_state *cli, int op, int level,
167 : int fnum, int dnum, int qfnum, const char *fname)
168 : {
169 0 : int data_len = 0;
170 0 : int param_len = 0;
171 0 : int rparam_len, rdata_len;
172 0 : uint8_t *param, *data;
173 0 : NTSTATUS status;
174 0 : TALLOC_CTX *mem_ctx;
175 :
176 0 : mem_ctx = talloc_init("scan_trans2");
177 :
178 0 : data = talloc_array(mem_ctx, uint8_t, PARAM_SIZE);
179 0 : param = talloc_array(mem_ctx, uint8_t, PARAM_SIZE);
180 :
181 0 : memset(data, 0, PARAM_SIZE);
182 0 : data_len = 4;
183 :
184 : /* try with a info level only */
185 0 : param_len = 2;
186 0 : SSVAL(param, 0, level);
187 0 : status = try_trans2_len(cli, "void", op, level, param, data, param_len,
188 : &data_len, &rparam_len, &rdata_len);
189 0 : if (NT_STATUS_IS_OK(status)) {
190 0 : talloc_free(mem_ctx);
191 0 : return true;
192 : }
193 :
194 : /* try with a file descriptor */
195 0 : param_len = 6;
196 0 : SSVAL(param, 0, fnum);
197 0 : SSVAL(param, 2, level);
198 0 : SSVAL(param, 4, 0);
199 0 : status = try_trans2_len(cli, "fnum", op, level, param, data, param_len,
200 : &data_len, &rparam_len, &rdata_len);
201 0 : if (NT_STATUS_IS_OK(status)) {
202 0 : talloc_free(mem_ctx);
203 0 : return true;
204 : }
205 :
206 : /* try with a quota file descriptor */
207 0 : param_len = 6;
208 0 : SSVAL(param, 0, qfnum);
209 0 : SSVAL(param, 2, level);
210 0 : SSVAL(param, 4, 0);
211 0 : status = try_trans2_len(cli, "qfnum", op, level, param, data, param_len,
212 : &data_len, &rparam_len, &rdata_len);
213 0 : if (NT_STATUS_IS_OK(status)) {
214 0 : talloc_free(mem_ctx);
215 0 : return true;
216 : }
217 :
218 : /* try with a notify style */
219 0 : param_len = 6;
220 0 : SSVAL(param, 0, dnum);
221 0 : SSVAL(param, 2, dnum);
222 0 : SSVAL(param, 4, level);
223 0 : status = try_trans2_len(cli, "notify", op, level, param, data,
224 : param_len, &data_len, &rparam_len, &rdata_len);
225 0 : if (NT_STATUS_IS_OK(status)) {
226 0 : talloc_free(mem_ctx);
227 0 : return true;
228 : }
229 :
230 : /* try with a file name */
231 0 : param_len = 6;
232 0 : SSVAL(param, 0, level);
233 0 : SSVAL(param, 2, 0);
234 0 : SSVAL(param, 4, 0);
235 0 : param_len += push_string(
236 0 : ¶m[6], fname, PARAM_SIZE-7,
237 : STR_TERMINATE|STR_UNICODE);
238 :
239 0 : status = try_trans2_len(cli, "fname", op, level, param, data, param_len,
240 : &data_len, &rparam_len, &rdata_len);
241 0 : if (NT_STATUS_IS_OK(status)) {
242 0 : talloc_free(mem_ctx);
243 0 : return true;
244 : }
245 :
246 : /* try with a new file name */
247 0 : param_len = 6;
248 0 : SSVAL(param, 0, level);
249 0 : SSVAL(param, 2, 0);
250 0 : SSVAL(param, 4, 0);
251 0 : param_len += push_string(
252 0 : ¶m[6], "\\newfile.dat", PARAM_SIZE-7,
253 : STR_TERMINATE|STR_UNICODE);
254 :
255 0 : status = try_trans2_len(cli, "newfile", op, level, param, data,
256 : param_len, &data_len, &rparam_len, &rdata_len);
257 0 : smbcli_unlink(cli->tree, "\\newfile.dat");
258 0 : smbcli_rmdir(cli->tree, "\\newfile.dat");
259 0 : if (NT_STATUS_IS_OK(status)) {
260 0 : talloc_free(mem_ctx);
261 0 : return true;
262 : }
263 :
264 : /* try dfs style */
265 0 : smbcli_mkdir(cli->tree, "\\testdir");
266 0 : param_len = 2;
267 0 : SSVAL(param, 0, level);
268 0 : param_len += push_string(
269 0 : ¶m[2], "\\testdir", PARAM_SIZE-3,
270 : STR_TERMINATE|STR_UNICODE);
271 :
272 0 : status = try_trans2_len(cli, "dfs", op, level, param, data, param_len,
273 : &data_len, &rparam_len, &rdata_len);
274 0 : smbcli_rmdir(cli->tree, "\\testdir");
275 0 : if (NT_STATUS_IS_OK(status)) {
276 0 : talloc_free(mem_ctx);
277 0 : return true;
278 : }
279 :
280 0 : talloc_free(mem_ctx);
281 0 : return false;
282 : }
283 :
284 0 : bool torture_trans2_scan(struct torture_context *torture,
285 : struct smbcli_state *cli)
286 : {
287 0 : int op, level;
288 0 : const char *fname = "\\scanner.dat";
289 0 : int fnum, dnum, qfnum;
290 :
291 0 : fnum = smbcli_open(cli->tree, fname, O_RDWR | O_CREAT | O_TRUNC, DENY_NONE);
292 0 : if (fnum == -1) {
293 0 : printf("file open failed - %s\n", smbcli_errstr(cli->tree));
294 : }
295 0 : dnum = smbcli_nt_create_full(cli->tree, "\\",
296 : 0,
297 : SEC_RIGHTS_FILE_READ,
298 : FILE_ATTRIBUTE_NORMAL,
299 : NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE,
300 : NTCREATEX_DISP_OPEN,
301 : NTCREATEX_OPTIONS_DIRECTORY, 0);
302 0 : if (dnum == -1) {
303 0 : printf("directory open failed - %s\n", smbcli_errstr(cli->tree));
304 : }
305 0 : qfnum = smbcli_nt_create_full(cli->tree, "\\$Extend\\$Quota:$Q:$INDEX_ALLOCATION",
306 : NTCREATEX_FLAGS_EXTENDED,
307 : SEC_FLAG_MAXIMUM_ALLOWED,
308 : 0,
309 : NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_WRITE,
310 : NTCREATEX_DISP_OPEN,
311 : 0, 0);
312 0 : if (qfnum == -1) {
313 0 : printf("quota open failed - %s\n", smbcli_errstr(cli->tree));
314 : }
315 :
316 0 : for (op=OP_MIN; op<=OP_MAX; op++) {
317 :
318 0 : if (!trans2_op_exists(cli, op)) {
319 0 : continue;
320 : }
321 :
322 0 : for (level = 0; level <= 50; level++) {
323 0 : scan_trans2(cli, op, level, fnum, dnum, qfnum, fname);
324 : }
325 :
326 0 : for (level = 0x100; level <= 0x130; level++) {
327 0 : scan_trans2(cli, op, level, fnum, dnum, qfnum, fname);
328 : }
329 :
330 0 : for (level = 1000; level < 1050; level++) {
331 0 : scan_trans2(cli, op, level, fnum, dnum, qfnum, fname);
332 : }
333 : }
334 :
335 0 : return true;
336 : }
337 :
338 :
339 :
340 :
341 : /****************************************************************************
342 : look for a partial hit
343 : ****************************************************************************/
344 0 : static void nttrans_check_hit(const char *format, int op, int level, NTSTATUS status)
345 : {
346 0 : if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_LEVEL) ||
347 0 : NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED) ||
348 0 : NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED) ||
349 0 : NT_STATUS_EQUAL(status, NT_STATUS_UNSUCCESSFUL) ||
350 0 : NT_STATUS_EQUAL(status, NT_STATUS_INVALID_INFO_CLASS)) {
351 0 : return;
352 : }
353 : #if VERBOSE
354 : printf("possible %s hit op=%3d level=%5d status=%s\n",
355 : format, op, level, nt_errstr(status));
356 : #endif
357 : }
358 :
359 : /****************************************************************************
360 : check for existence of a nttrans call
361 : ****************************************************************************/
362 0 : static NTSTATUS try_nttrans(struct smbcli_state *cli,
363 : int op,
364 : uint8_t *param, uint8_t *data,
365 : int param_len, int data_len,
366 : int *rparam_len, int *rdata_len)
367 : {
368 0 : struct smb_nttrans parms;
369 0 : DATA_BLOB ntparam_blob, ntdata_blob;
370 0 : TALLOC_CTX *mem_ctx;
371 0 : NTSTATUS status;
372 :
373 0 : mem_ctx = talloc_init("try_nttrans");
374 :
375 0 : ntparam_blob.length = param_len;
376 0 : ntparam_blob.data = param;
377 0 : ntdata_blob.length = data_len;
378 0 : ntdata_blob.data = data;
379 :
380 0 : parms.in.max_param = UINT32_MAX;
381 0 : parms.in.max_data = UINT32_MAX;
382 0 : parms.in.max_setup = 0;
383 0 : parms.in.setup_count = 0;
384 0 : parms.in.function = op;
385 0 : parms.in.params = ntparam_blob;
386 0 : parms.in.data = ntdata_blob;
387 :
388 0 : status = smb_raw_nttrans(cli->tree, mem_ctx, &parms);
389 :
390 0 : if (NT_STATUS_IS_ERR(status)) {
391 0 : DEBUG(1,("Failed to send NT_TRANS\n"));
392 0 : talloc_free(mem_ctx);
393 0 : return status;
394 : }
395 0 : *rparam_len = parms.out.params.length;
396 0 : *rdata_len = parms.out.data.length;
397 :
398 0 : talloc_free(mem_ctx);
399 :
400 0 : return status;
401 : }
402 :
403 :
404 0 : static NTSTATUS try_nttrans_len(struct smbcli_state *cli,
405 : const char *format,
406 : int op, int level,
407 : uint8_t *param, uint8_t *data,
408 : int param_len, int *data_len,
409 : int *rparam_len, int *rdata_len)
410 : {
411 0 : NTSTATUS ret=NT_STATUS_OK;
412 :
413 0 : ret = try_nttrans(cli, op, param, data, param_len,
414 : PARAM_SIZE, rparam_len, rdata_len);
415 : #if VERBOSE
416 : printf("op=%d level=%d ret=%s\n", op, level, nt_errstr(ret));
417 : #endif
418 0 : if (!NT_STATUS_IS_OK(ret)) return ret;
419 :
420 0 : *data_len = 0;
421 0 : while (*data_len < PARAM_SIZE) {
422 0 : ret = try_nttrans(cli, op, param, data, param_len,
423 : *data_len, rparam_len, rdata_len);
424 0 : if (NT_STATUS_IS_OK(ret)) break;
425 0 : *data_len += 2;
426 : }
427 0 : if (NT_STATUS_IS_OK(ret)) {
428 0 : printf("found %s level=%d data_len=%d rparam_len=%d rdata_len=%d\n",
429 : format, level, *data_len, *rparam_len, *rdata_len);
430 : } else {
431 0 : nttrans_check_hit(format, op, level, ret);
432 : }
433 0 : return ret;
434 : }
435 :
436 : /****************************************************************************
437 : check for existence of a nttrans call
438 : ****************************************************************************/
439 0 : static bool scan_nttrans(struct smbcli_state *cli, int op, int level,
440 : int fnum, int dnum, const char *fname)
441 : {
442 0 : int data_len = 0;
443 0 : int param_len = 0;
444 0 : int rparam_len, rdata_len;
445 0 : uint8_t *param, *data;
446 0 : NTSTATUS status;
447 0 : TALLOC_CTX *mem_ctx;
448 :
449 0 : mem_ctx = talloc_init("scan_nttrans");
450 :
451 0 : param = talloc_array(mem_ctx, uint8_t, PARAM_SIZE);
452 0 : data = talloc_array(mem_ctx, uint8_t, PARAM_SIZE);
453 0 : memset(data, 0, PARAM_SIZE);
454 0 : data_len = 4;
455 :
456 : /* try with a info level only */
457 0 : param_len = 2;
458 0 : SSVAL(param, 0, level);
459 0 : status = try_nttrans_len(cli, "void", op, level, param, data, param_len,
460 : &data_len, &rparam_len, &rdata_len);
461 0 : if (NT_STATUS_IS_OK(status)) {
462 0 : talloc_free(mem_ctx);
463 0 : return true;
464 : }
465 :
466 : /* try with a file descriptor */
467 0 : param_len = 6;
468 0 : SSVAL(param, 0, fnum);
469 0 : SSVAL(param, 2, level);
470 0 : SSVAL(param, 4, 0);
471 0 : status = try_nttrans_len(cli, "fnum", op, level, param, data, param_len,
472 : &data_len, &rparam_len, &rdata_len);
473 0 : if (NT_STATUS_IS_OK(status)) {
474 0 : talloc_free(mem_ctx);
475 0 : return true;
476 : }
477 :
478 : /* try with a notify style */
479 0 : param_len = 6;
480 0 : SSVAL(param, 0, dnum);
481 0 : SSVAL(param, 2, dnum);
482 0 : SSVAL(param, 4, level);
483 0 : status = try_nttrans_len(cli, "notify", op, level, param, data,
484 : param_len, &data_len, &rparam_len, &rdata_len);
485 0 : if (NT_STATUS_IS_OK(status)) {
486 0 : talloc_free(mem_ctx);
487 0 : return true;
488 : }
489 :
490 : /* try with a file name */
491 0 : param_len = 6;
492 0 : SSVAL(param, 0, level);
493 0 : SSVAL(param, 2, 0);
494 0 : SSVAL(param, 4, 0);
495 0 : param_len += push_string(
496 0 : ¶m[6], fname, PARAM_SIZE,
497 : STR_TERMINATE | STR_UNICODE);
498 :
499 0 : status = try_nttrans_len(cli, "fname", op, level, param, data,
500 : param_len, &data_len, &rparam_len, &rdata_len);
501 0 : if (NT_STATUS_IS_OK(status)) {
502 0 : talloc_free(mem_ctx);
503 0 : return true;
504 : }
505 :
506 : /* try with a new file name */
507 0 : param_len = 6;
508 0 : SSVAL(param, 0, level);
509 0 : SSVAL(param, 2, 0);
510 0 : SSVAL(param, 4, 0);
511 0 : param_len += push_string(
512 0 : ¶m[6], "\\newfile.dat", PARAM_SIZE,
513 : STR_TERMINATE | STR_UNICODE);
514 :
515 0 : status = try_nttrans_len(cli, "newfile", op, level, param, data,
516 : param_len, &data_len, &rparam_len, &rdata_len);
517 0 : smbcli_unlink(cli->tree, "\\newfile.dat");
518 0 : smbcli_rmdir(cli->tree, "\\newfile.dat");
519 0 : if (NT_STATUS_IS_OK(status)) {
520 0 : talloc_free(mem_ctx);
521 0 : return true;
522 : }
523 :
524 : /* try dfs style */
525 0 : smbcli_mkdir(cli->tree, "\\testdir");
526 0 : param_len = 2;
527 0 : SSVAL(param, 0, level);
528 0 : param_len += push_string(¶m[2], "\\testdir", PARAM_SIZE,
529 : STR_TERMINATE | STR_UNICODE);
530 :
531 0 : status = try_nttrans_len(cli, "dfs", op, level, param, data, param_len,
532 : &data_len, &rparam_len, &rdata_len);
533 0 : smbcli_rmdir(cli->tree, "\\testdir");
534 0 : if (NT_STATUS_IS_OK(status)) {
535 0 : talloc_free(mem_ctx);
536 0 : return true;
537 : }
538 :
539 0 : talloc_free(mem_ctx);
540 0 : return false;
541 : }
542 :
543 :
544 0 : bool torture_nttrans_scan(struct torture_context *torture,
545 : struct smbcli_state *cli)
546 : {
547 0 : int op, level;
548 0 : const char *fname = "\\scanner.dat";
549 0 : int fnum, dnum;
550 :
551 0 : fnum = smbcli_open(cli->tree, fname, O_RDWR | O_CREAT | O_TRUNC,
552 : DENY_NONE);
553 0 : dnum = smbcli_open(cli->tree, "\\", O_RDONLY, DENY_NONE);
554 :
555 0 : for (op=OP_MIN; op<=OP_MAX; op++) {
556 0 : printf("Scanning op=%d\n", op);
557 0 : for (level = 0; level <= 50; level++) {
558 0 : scan_nttrans(cli, op, level, fnum, dnum, fname);
559 : }
560 :
561 0 : for (level = 0x100; level <= 0x130; level++) {
562 0 : scan_nttrans(cli, op, level, fnum, dnum, fname);
563 : }
564 :
565 0 : for (level = 1000; level < 1050; level++) {
566 0 : scan_nttrans(cli, op, level, fnum, dnum, fname);
567 : }
568 : }
569 :
570 0 : printf("nttrans scan finished\n");
571 0 : return true;
572 : }
573 :
574 :
575 : /* scan for valid base SMB requests */
576 0 : bool torture_smb_scan(struct torture_context *torture)
577 : {
578 0 : static struct smbcli_state *cli;
579 0 : int op;
580 0 : struct smbcli_request *req;
581 0 : NTSTATUS status;
582 :
583 0 : for (op=0x0;op<=0xFF;op++) {
584 0 : if (op == SMBreadbraw) continue;
585 :
586 0 : if (!torture_open_connection(&cli, torture, 0)) {
587 0 : return false;
588 : }
589 :
590 0 : req = smbcli_request_setup(cli->tree, op, 0, 0);
591 :
592 0 : if (!smbcli_request_send(req)) {
593 0 : smbcli_request_destroy(req);
594 0 : break;
595 : }
596 :
597 0 : usleep(10000);
598 0 : smbcli_transport_process(cli->transport);
599 0 : if (req->state > SMBCLI_REQUEST_RECV) {
600 0 : status = smbcli_request_simple_recv(req);
601 0 : printf("op=0x%x status=%s\n", op, nt_errstr(status));
602 0 : torture_close_connection(cli);
603 0 : continue;
604 : }
605 :
606 0 : sleep(1);
607 0 : smbcli_transport_process(cli->transport);
608 0 : if (req->state > SMBCLI_REQUEST_RECV) {
609 0 : status = smbcli_request_simple_recv(req);
610 0 : printf("op=0x%x status=%s\n", op, nt_errstr(status));
611 : } else {
612 0 : printf("op=0x%x no reply\n", op);
613 0 : smbcli_request_destroy(req);
614 0 : continue; /* don't attempt close! */
615 : }
616 :
617 0 : torture_close_connection(cli);
618 : }
619 :
620 :
621 0 : printf("smb scan finished\n");
622 0 : return true;
623 : }
|
