2 Unix SMB/CIFS implementation.
3 Connect to 445 and 139/nbsesssetup
4 Copyright (C) Volker Lendecke 2010
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 #include "../lib/async_req/async_sock.h"
22 #include "../lib/util/tevent_ntstatus.h"
23 #include "../lib/util/tevent_unix.h"
25 #include "async_smb.h"
26 #include "../libcli/smb/read_smb.h"
27 #include "libsmb/nmblib.h"
29 struct cli_session_request_state
{
30 struct tevent_context
*ev
;
34 uint8_t nb_session_response
;
37 static void cli_session_request_sent(struct tevent_req
*subreq
);
38 static void cli_session_request_recvd(struct tevent_req
*subreq
);
40 static struct tevent_req
*cli_session_request_send(TALLOC_CTX
*mem_ctx
,
41 struct tevent_context
*ev
,
43 const struct nmb_name
*called
,
44 const struct nmb_name
*calling
)
46 struct tevent_req
*req
, *subreq
;
47 struct cli_session_request_state
*state
;
49 req
= tevent_req_create(mem_ctx
, &state
,
50 struct cli_session_request_state
);
57 state
->iov
[1].iov_base
= name_mangle(
58 state
, called
->name
, called
->name_type
);
59 if (tevent_req_nomem(state
->iov
[1].iov_base
, req
)) {
60 return tevent_req_post(req
, ev
);
62 state
->iov
[1].iov_len
= name_len(
63 (unsigned char *)state
->iov
[1].iov_base
,
64 talloc_get_size(state
->iov
[1].iov_base
));
66 state
->iov
[2].iov_base
= name_mangle(
67 state
, calling
->name
, calling
->name_type
);
68 if (tevent_req_nomem(state
->iov
[2].iov_base
, req
)) {
69 return tevent_req_post(req
, ev
);
71 state
->iov
[2].iov_len
= name_len(
72 (unsigned char *)state
->iov
[2].iov_base
,
73 talloc_get_size(state
->iov
[2].iov_base
));
75 _smb_setlen(((char *)&state
->len_hdr
),
76 state
->iov
[1].iov_len
+ state
->iov
[2].iov_len
);
77 SCVAL((char *)&state
->len_hdr
, 0, 0x81);
79 state
->iov
[0].iov_base
= &state
->len_hdr
;
80 state
->iov
[0].iov_len
= sizeof(state
->len_hdr
);
82 subreq
= writev_send(state
, ev
, NULL
, sock
, true, state
->iov
, 3);
83 if (tevent_req_nomem(subreq
, req
)) {
84 return tevent_req_post(req
, ev
);
86 tevent_req_set_callback(subreq
, cli_session_request_sent
, req
);
90 static void cli_session_request_sent(struct tevent_req
*subreq
)
92 struct tevent_req
*req
= tevent_req_callback_data(
93 subreq
, struct tevent_req
);
94 struct cli_session_request_state
*state
= tevent_req_data(
95 req
, struct cli_session_request_state
);
99 ret
= writev_recv(subreq
, &err
);
102 tevent_req_error(req
, err
);
105 subreq
= read_smb_send(state
, state
->ev
, state
->sock
);
106 if (tevent_req_nomem(subreq
, req
)) {
109 tevent_req_set_callback(subreq
, cli_session_request_recvd
, req
);
112 static void cli_session_request_recvd(struct tevent_req
*subreq
)
114 struct tevent_req
*req
= tevent_req_callback_data(
115 subreq
, struct tevent_req
);
116 struct cli_session_request_state
*state
= tevent_req_data(
117 req
, struct cli_session_request_state
);
122 ret
= read_smb_recv(subreq
, talloc_tos(), &buf
, &err
);
130 tevent_req_error(req
, err
);
134 * In case of an error there is more information in the data
135 * portion according to RFC1002. We're not subtle enough to
136 * respond to the different error conditions, so drop the
139 state
->nb_session_response
= CVAL(buf
, 0);
140 tevent_req_done(req
);
143 static bool cli_session_request_recv(struct tevent_req
*req
, int *err
, uint8_t *resp
)
145 struct cli_session_request_state
*state
= tevent_req_data(
146 req
, struct cli_session_request_state
);
148 if (tevent_req_is_unix_error(req
, err
)) {
151 *resp
= state
->nb_session_response
;
155 struct nb_connect_state
{
156 struct tevent_context
*ev
;
157 const struct sockaddr_storage
*addr
;
158 const char *called_name
;
160 struct tevent_req
*session_subreq
;
161 struct nmb_name called
;
162 struct nmb_name calling
;
165 static void nb_connect_cleanup(struct tevent_req
*req
,
166 enum tevent_req_state req_state
);
167 static void nb_connect_connected(struct tevent_req
*subreq
);
168 static void nb_connect_done(struct tevent_req
*subreq
);
170 static struct tevent_req
*nb_connect_send(TALLOC_CTX
*mem_ctx
,
171 struct tevent_context
*ev
,
172 const struct sockaddr_storage
*addr
,
173 const char *called_name
,
175 const char *calling_name
,
178 struct tevent_req
*req
, *subreq
;
179 struct nb_connect_state
*state
;
181 req
= tevent_req_create(mem_ctx
, &state
, struct nb_connect_state
);
186 state
->called_name
= called_name
;
190 make_nmb_name(&state
->called
, called_name
, called_type
);
191 make_nmb_name(&state
->calling
, calling_name
, calling_type
);
193 tevent_req_set_cleanup_fn(req
, nb_connect_cleanup
);
195 subreq
= open_socket_out_send(state
, ev
, addr
, NBT_SMB_PORT
, 5000);
196 if (tevent_req_nomem(subreq
, req
)) {
197 return tevent_req_post(req
, ev
);
199 tevent_req_set_callback(subreq
, nb_connect_connected
, req
);
203 static void nb_connect_cleanup(struct tevent_req
*req
,
204 enum tevent_req_state req_state
)
206 struct nb_connect_state
*state
= tevent_req_data(
207 req
, struct nb_connect_state
);
210 * we need to free a pending request before closing the
211 * socket, see bug #11141
213 TALLOC_FREE(state
->session_subreq
);
215 if (req_state
== TEVENT_REQ_DONE
) {
217 * we keep the socket open for the caller to use
222 if (state
->sock
!= -1) {
230 static void nb_connect_connected(struct tevent_req
*subreq
)
232 struct tevent_req
*req
= tevent_req_callback_data(
233 subreq
, struct tevent_req
);
234 struct nb_connect_state
*state
= tevent_req_data(
235 req
, struct nb_connect_state
);
238 status
= open_socket_out_recv(subreq
, &state
->sock
);
240 if (!NT_STATUS_IS_OK(status
)) {
241 tevent_req_nterror(req
, status
);
244 subreq
= cli_session_request_send(state
, state
->ev
, state
->sock
,
245 &state
->called
, &state
->calling
);
246 if (tevent_req_nomem(subreq
, req
)) {
249 tevent_req_set_callback(subreq
, nb_connect_done
, req
);
250 state
->session_subreq
= subreq
;
253 static void nb_connect_done(struct tevent_req
*subreq
)
255 struct tevent_req
*req
= tevent_req_callback_data(
256 subreq
, struct tevent_req
);
257 struct nb_connect_state
*state
= tevent_req_data(
258 req
, struct nb_connect_state
);
263 state
->session_subreq
= NULL
;
265 ret
= cli_session_request_recv(subreq
, &err
, &resp
);
268 tevent_req_nterror(req
, map_nt_error_from_unix(err
));
273 * RFC1002: 0x82 - POSITIVE SESSION RESPONSE
278 * The server did not like our session request
283 if (strequal(state
->called_name
, "*SMBSERVER")) {
285 * Here we could try a name status request and
286 * use the first 0x20 type name.
289 req
, NT_STATUS_RESOURCE_NAME_NOT_FOUND
);
294 * We could be subtle and distinguish between
295 * different failure modes, but what we do here
296 * instead is just retry with *SMBSERVER type 0x20.
298 state
->called_name
= "*SMBSERVER";
299 make_nmb_name(&state
->called
, state
->called_name
, 0x20);
301 subreq
= open_socket_out_send(state
, state
->ev
, state
->addr
,
303 if (tevent_req_nomem(subreq
, req
)) {
306 tevent_req_set_callback(subreq
, nb_connect_connected
, req
);
310 tevent_req_done(req
);
314 static NTSTATUS
nb_connect_recv(struct tevent_req
*req
, int *sock
)
316 struct nb_connect_state
*state
= tevent_req_data(
317 req
, struct nb_connect_state
);
320 if (tevent_req_is_nterror(req
, &status
)) {
321 tevent_req_received(req
);
326 tevent_req_received(req
);
330 struct smbsock_connect_state
{
331 struct tevent_context
*ev
;
332 const struct sockaddr_storage
*addr
;
333 const char *called_name
;
335 const char *calling_name
;
336 uint8_t calling_type
;
337 struct tevent_req
*req_139
;
338 struct tevent_req
*req_445
;
343 static void smbsock_connect_cleanup(struct tevent_req
*req
,
344 enum tevent_req_state req_state
);
345 static void smbsock_connect_connected(struct tevent_req
*subreq
);
346 static void smbsock_connect_do_139(struct tevent_req
*subreq
);
348 struct tevent_req
*smbsock_connect_send(TALLOC_CTX
*mem_ctx
,
349 struct tevent_context
*ev
,
350 const struct sockaddr_storage
*addr
,
352 const char *called_name
,
354 const char *calling_name
,
357 struct tevent_req
*req
;
358 struct smbsock_connect_state
*state
;
360 req
= tevent_req_create(mem_ctx
, &state
, struct smbsock_connect_state
);
368 (called_name
!= NULL
) ? called_name
: "*SMBSERVER";
370 (called_type
!= -1) ? called_type
: 0x20;
371 state
->calling_name
=
372 (calling_name
!= NULL
) ? calling_name
: lp_netbios_name();
373 state
->calling_type
=
374 (calling_type
!= -1) ? calling_type
: 0x00;
376 tevent_req_set_cleanup_fn(req
, smbsock_connect_cleanup
);
378 if (port
== NBT_SMB_PORT
) {
379 if (lp_disable_netbios()) {
380 tevent_req_nterror(req
, NT_STATUS_NOT_SUPPORTED
);
381 return tevent_req_post(req
, ev
);
384 state
->req_139
= nb_connect_send(state
, state
->ev
, state
->addr
,
388 state
->calling_type
);
389 if (tevent_req_nomem(state
->req_139
, req
)) {
390 return tevent_req_post(req
, ev
);
392 tevent_req_set_callback(
393 state
->req_139
, smbsock_connect_connected
, req
);
397 state
->req_445
= open_socket_out_send(state
, ev
, addr
, port
,
399 if (tevent_req_nomem(state
->req_445
, req
)) {
400 return tevent_req_post(req
, ev
);
402 tevent_req_set_callback(
403 state
->req_445
, smbsock_connect_connected
, req
);
411 state
->req_445
= open_socket_out_send(state
, ev
, addr
, TCP_SMB_PORT
, 5000);
412 if (tevent_req_nomem(state
->req_445
, req
)) {
413 return tevent_req_post(req
, ev
);
415 tevent_req_set_callback(state
->req_445
, smbsock_connect_connected
,
419 * Check for disable_netbios
421 if (lp_disable_netbios()) {
426 * After 5 msecs, fire the 139 (NBT) request
428 state
->req_139
= tevent_wakeup_send(
429 state
, ev
, timeval_current_ofs(0, 5000));
430 if (tevent_req_nomem(state
->req_139
, req
)) {
431 TALLOC_FREE(state
->req_445
);
432 return tevent_req_post(req
, ev
);
434 tevent_req_set_callback(state
->req_139
, smbsock_connect_do_139
,
439 static void smbsock_connect_cleanup(struct tevent_req
*req
,
440 enum tevent_req_state req_state
)
442 struct smbsock_connect_state
*state
= tevent_req_data(
443 req
, struct smbsock_connect_state
);
446 * we need to free a pending request before closing the
447 * socket, see bug #11141
449 TALLOC_FREE(state
->req_445
);
450 TALLOC_FREE(state
->req_139
);
452 if (req_state
== TEVENT_REQ_DONE
) {
454 * we keep the socket open for the caller to use
459 if (state
->sock
!= -1) {
467 static void smbsock_connect_do_139(struct tevent_req
*subreq
)
469 struct tevent_req
*req
= tevent_req_callback_data(
470 subreq
, struct tevent_req
);
471 struct smbsock_connect_state
*state
= tevent_req_data(
472 req
, struct smbsock_connect_state
);
475 ret
= tevent_wakeup_recv(subreq
);
478 tevent_req_nterror(req
, NT_STATUS_INTERNAL_ERROR
);
481 state
->req_139
= nb_connect_send(state
, state
->ev
, state
->addr
,
485 state
->calling_type
);
486 if (tevent_req_nomem(state
->req_139
, req
)) {
489 tevent_req_set_callback(state
->req_139
, smbsock_connect_connected
,
493 static void smbsock_connect_connected(struct tevent_req
*subreq
)
495 struct tevent_req
*req
= tevent_req_callback_data(
496 subreq
, struct tevent_req
);
497 struct smbsock_connect_state
*state
= tevent_req_data(
498 req
, struct smbsock_connect_state
);
499 struct tevent_req
*unfinished_req
;
502 if (subreq
== state
->req_445
) {
504 status
= open_socket_out_recv(subreq
, &state
->sock
);
505 TALLOC_FREE(state
->req_445
);
506 unfinished_req
= state
->req_139
;
507 state
->port
= TCP_SMB_PORT
;
509 } else if (subreq
== state
->req_139
) {
511 status
= nb_connect_recv(subreq
, &state
->sock
);
512 TALLOC_FREE(state
->req_139
);
513 unfinished_req
= state
->req_445
;
514 state
->port
= NBT_SMB_PORT
;
517 tevent_req_nterror(req
, NT_STATUS_INTERNAL_ERROR
);
521 if (NT_STATUS_IS_OK(status
)) {
522 TALLOC_FREE(unfinished_req
);
523 state
->req_139
= NULL
;
524 state
->req_445
= NULL
;
525 tevent_req_done(req
);
528 if (unfinished_req
== NULL
) {
530 * Both requests failed
532 tevent_req_nterror(req
, status
);
536 * Do nothing, wait for the second request to come here.
540 NTSTATUS
smbsock_connect_recv(struct tevent_req
*req
, int *sock
,
543 struct smbsock_connect_state
*state
= tevent_req_data(
544 req
, struct smbsock_connect_state
);
547 if (tevent_req_is_nterror(req
, &status
)) {
548 tevent_req_received(req
);
553 if (ret_port
!= NULL
) {
554 *ret_port
= state
->port
;
556 tevent_req_received(req
);
560 NTSTATUS
smbsock_connect(const struct sockaddr_storage
*addr
, uint16_t port
,
561 const char *called_name
, int called_type
,
562 const char *calling_name
, int calling_type
,
563 int *pfd
, uint16_t *ret_port
, int sec_timeout
)
565 TALLOC_CTX
*frame
= talloc_stackframe();
566 struct tevent_context
*ev
;
567 struct tevent_req
*req
;
568 NTSTATUS status
= NT_STATUS_NO_MEMORY
;
570 ev
= samba_tevent_context_init(frame
);
574 req
= smbsock_connect_send(frame
, ev
, addr
, port
,
575 called_name
, called_type
,
576 calling_name
, calling_type
);
580 if ((sec_timeout
!= 0) &&
581 !tevent_req_set_endtime(
582 req
, ev
, timeval_current_ofs(sec_timeout
, 0))) {
585 if (!tevent_req_poll_ntstatus(req
, ev
, &status
)) {
588 status
= smbsock_connect_recv(req
, pfd
, ret_port
);
594 struct smbsock_any_connect_state
{
595 struct tevent_context
*ev
;
596 const struct sockaddr_storage
*addrs
;
597 const char **called_names
;
599 const char **calling_names
;
604 struct tevent_req
**requests
;
609 uint16_t chosen_port
;
613 static void smbsock_any_connect_cleanup(struct tevent_req
*req
,
614 enum tevent_req_state req_state
);
615 static bool smbsock_any_connect_send_next(
616 struct tevent_req
*req
, struct smbsock_any_connect_state
*state
);
617 static void smbsock_any_connect_trynext(struct tevent_req
*subreq
);
618 static void smbsock_any_connect_connected(struct tevent_req
*subreq
);
620 struct tevent_req
*smbsock_any_connect_send(TALLOC_CTX
*mem_ctx
,
621 struct tevent_context
*ev
,
622 const struct sockaddr_storage
*addrs
,
623 const char **called_names
,
625 const char **calling_names
,
627 size_t num_addrs
, uint16_t port
)
629 struct tevent_req
*req
, *subreq
;
630 struct smbsock_any_connect_state
*state
;
632 req
= tevent_req_create(mem_ctx
, &state
,
633 struct smbsock_any_connect_state
);
638 state
->addrs
= addrs
;
639 state
->num_addrs
= num_addrs
;
640 state
->called_names
= called_names
;
641 state
->called_types
= called_types
;
642 state
->calling_names
= calling_names
;
643 state
->calling_types
= calling_types
;
647 tevent_req_set_cleanup_fn(req
, smbsock_any_connect_cleanup
);
649 if (num_addrs
== 0) {
650 tevent_req_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
651 return tevent_req_post(req
, ev
);
654 state
->requests
= talloc_zero_array(state
, struct tevent_req
*,
656 if (tevent_req_nomem(state
->requests
, req
)) {
657 return tevent_req_post(req
, ev
);
659 if (!smbsock_any_connect_send_next(req
, state
)) {
660 return tevent_req_post(req
, ev
);
662 if (state
->num_sent
>= state
->num_addrs
) {
665 subreq
= tevent_wakeup_send(state
, ev
, timeval_current_ofs(0, 10000));
666 if (tevent_req_nomem(subreq
, req
)) {
667 return tevent_req_post(req
, ev
);
669 tevent_req_set_callback(subreq
, smbsock_any_connect_trynext
, req
);
673 static void smbsock_any_connect_cleanup(struct tevent_req
*req
,
674 enum tevent_req_state req_state
)
676 struct smbsock_any_connect_state
*state
= tevent_req_data(
677 req
, struct smbsock_any_connect_state
);
679 TALLOC_FREE(state
->requests
);
681 if (req_state
== TEVENT_REQ_DONE
) {
683 * Keep the socket open for the caller.
688 if (state
->fd
!= -1) {
694 static void smbsock_any_connect_trynext(struct tevent_req
*subreq
)
696 struct tevent_req
*req
= tevent_req_callback_data(
697 subreq
, struct tevent_req
);
698 struct smbsock_any_connect_state
*state
= tevent_req_data(
699 req
, struct smbsock_any_connect_state
);
702 ret
= tevent_wakeup_recv(subreq
);
705 tevent_req_nterror(req
, NT_STATUS_INTERNAL_ERROR
);
708 if (!smbsock_any_connect_send_next(req
, state
)) {
711 if (state
->num_sent
>= state
->num_addrs
) {
714 subreq
= tevent_wakeup_send(state
, state
->ev
,
715 tevent_timeval_set(0, 10000));
716 if (tevent_req_nomem(subreq
, req
)) {
719 tevent_req_set_callback(subreq
, smbsock_any_connect_trynext
, req
);
722 static bool smbsock_any_connect_send_next(
723 struct tevent_req
*req
, struct smbsock_any_connect_state
*state
)
725 struct tevent_req
*subreq
;
727 if (state
->num_sent
>= state
->num_addrs
) {
728 tevent_req_nterror(req
, NT_STATUS_INTERNAL_ERROR
);
731 subreq
= smbsock_connect_send(
732 state
->requests
, state
->ev
, &state
->addrs
[state
->num_sent
],
734 (state
->called_names
!= NULL
)
735 ? state
->called_names
[state
->num_sent
] : NULL
,
736 (state
->called_types
!= NULL
)
737 ? state
->called_types
[state
->num_sent
] : -1,
738 (state
->calling_names
!= NULL
)
739 ? state
->calling_names
[state
->num_sent
] : NULL
,
740 (state
->calling_types
!= NULL
)
741 ? state
->calling_types
[state
->num_sent
] : -1);
742 if (tevent_req_nomem(subreq
, req
)) {
745 tevent_req_set_callback(subreq
, smbsock_any_connect_connected
, req
);
747 state
->requests
[state
->num_sent
] = subreq
;
748 state
->num_sent
+= 1;
753 static void smbsock_any_connect_connected(struct tevent_req
*subreq
)
755 struct tevent_req
*req
= tevent_req_callback_data(
756 subreq
, struct tevent_req
);
757 struct smbsock_any_connect_state
*state
= tevent_req_data(
758 req
, struct smbsock_any_connect_state
);
761 uint16_t chosen_port
= 0;
763 size_t chosen_index
= 0;
765 for (i
=0; i
<state
->num_sent
; i
++) {
766 if (state
->requests
[i
] == subreq
) {
771 if (i
== state
->num_sent
) {
772 tevent_req_nterror(req
, NT_STATUS_INTERNAL_ERROR
);
776 status
= smbsock_connect_recv(subreq
, &fd
, &chosen_port
);
779 state
->requests
[chosen_index
] = NULL
;
781 if (NT_STATUS_IS_OK(status
)) {
783 * tevent_req_done() will kill all the other requests
784 * via smbsock_any_connect_cleanup().
787 state
->chosen_port
= chosen_port
;
788 state
->chosen_index
= chosen_index
;
789 tevent_req_done(req
);
793 state
->num_received
+= 1;
794 if (state
->num_received
< state
->num_addrs
) {
796 * More addrs pending, wait for the others
802 * This is the last response, none succeeded.
804 tevent_req_nterror(req
, status
);
808 NTSTATUS
smbsock_any_connect_recv(struct tevent_req
*req
, int *pfd
,
809 size_t *chosen_index
,
810 uint16_t *chosen_port
)
812 struct smbsock_any_connect_state
*state
= tevent_req_data(
813 req
, struct smbsock_any_connect_state
);
816 if (tevent_req_is_nterror(req
, &status
)) {
817 tevent_req_received(req
);
822 if (chosen_index
!= NULL
) {
823 *chosen_index
= state
->chosen_index
;
825 if (chosen_port
!= NULL
) {
826 *chosen_port
= state
->chosen_port
;
828 tevent_req_received(req
);
832 NTSTATUS
smbsock_any_connect(const struct sockaddr_storage
*addrs
,
833 const char **called_names
,
835 const char **calling_names
,
840 int *pfd
, size_t *chosen_index
,
841 uint16_t *chosen_port
)
843 TALLOC_CTX
*frame
= talloc_stackframe();
844 struct tevent_context
*ev
;
845 struct tevent_req
*req
;
846 NTSTATUS status
= NT_STATUS_NO_MEMORY
;
848 ev
= samba_tevent_context_init(frame
);
852 req
= smbsock_any_connect_send(frame
, ev
, addrs
,
853 called_names
, called_types
,
854 calling_names
, calling_types
,
859 if ((sec_timeout
!= 0) &&
860 !tevent_req_set_endtime(
861 req
, ev
, timeval_current_ofs(sec_timeout
, 0))) {
864 if (!tevent_req_poll_ntstatus(req
, ev
, &status
)) {
867 status
= smbsock_any_connect_recv(req
, pfd
, chosen_index
, chosen_port
);