2 Unix SMB2 implementation.
4 Copyright (C) Andrew Tridgell 2005
5 Copyright (C) Stefan Metzmacher 2005
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 #include "system/time.h"
24 #include "smbd/service_stream.h"
25 #include "libcli/smb2/smb2.h"
26 #include "smb_server/smb_server.h"
27 #include "smb_server/smb2/smb2_server.h"
28 #include "lib/stream/packet.h"
31 static struct smb2srv_request
*smb2srv_init_request(struct smbsrv_connection
*smb_conn
)
33 struct smb2srv_request
*req
;
35 req
= talloc_zero(smb_conn
, struct smb2srv_request
);
36 if (!req
) return NULL
;
38 req
->smb_conn
= smb_conn
;
43 NTSTATUS
smb2srv_setup_reply(struct smb2srv_request
*req
, uint_t body_fixed_size
, uint_t body_dynamic_size
)
45 req
->out
.size
= SMB2_HDR_BODY
+NBT_HDR_SIZE
+body_fixed_size
;
47 req
->out
.allocated
= req
->out
.size
+ body_dynamic_size
;
48 req
->out
.buffer
= talloc_size(req
, req
->out
.allocated
);
49 NT_STATUS_HAVE_NO_MEMORY(req
->out
.buffer
);
51 req
->out
.hdr
= req
->out
.buffer
+ NBT_HDR_SIZE
;
52 req
->out
.body
= req
->out
.hdr
+ SMB2_HDR_BODY
;
53 req
->out
.body_size
= body_fixed_size
;
54 req
->out
.dynamic
= (body_dynamic_size
? req
->out
.body
+ body_fixed_size
: NULL
);
56 SIVAL(req
->out
.hdr
, 0, SMB2_MAGIC
);
57 SSVAL(req
->out
.hdr
, SMB2_HDR_LENGTH
, SMB2_HDR_BODY
);
58 SSVAL(req
->out
.hdr
, SMB2_HDR_PAD1
, 0);
59 SIVAL(req
->out
.hdr
, SMB2_HDR_STATUS
, 0);
60 SSVAL(req
->out
.hdr
, SMB2_HDR_OPCODE
, SVAL(req
->in
.hdr
, SMB2_HDR_OPCODE
));
61 SSVAL(req
->out
.hdr
, SMB2_HDR_PAD2
, 0);
62 SIVAL(req
->out
.hdr
, SMB2_HDR_FLAGS
, 0x00000001);
63 SIVAL(req
->out
.hdr
, SMB2_HDR_UNKNOWN
, 0);
64 SBVAL(req
->out
.hdr
, SMB2_HDR_SEQNUM
, req
->seqnum
);
65 SIVAL(req
->out
.hdr
, SMB2_HDR_PID
, IVAL(req
->in
.hdr
, SMB2_HDR_PID
));
66 SIVAL(req
->out
.hdr
, SMB2_HDR_TID
, IVAL(req
->in
.hdr
, SMB2_HDR_TID
));
67 SBVAL(req
->out
.hdr
, SMB2_HDR_UID
, BVAL(req
->in
.hdr
, SMB2_HDR_UID
));
68 memset(req
->out
.hdr
+SMB2_HDR_SIG
, 0, 16);
70 /* set the length of the fixed body part and +1 if there's a dynamic part also */
71 SSVAL(req
->out
.body
, 0, body_fixed_size
+ (body_dynamic_size
?1:0));
74 * if we have a dynamic part, make sure the first byte
75 * which is always be part of the packet is initialized
77 if (body_dynamic_size
) {
78 SCVAL(req
->out
.dynamic
, 0, 0);
84 void smb2srv_send_reply(struct smb2srv_request
*req
)
89 if (req
->out
.size
> NBT_HDR_SIZE
) {
90 _smb_setlen(req
->out
.buffer
, req
->out
.size
- NBT_HDR_SIZE
);
93 blob
= data_blob_const(req
->out
.buffer
, req
->out
.size
);
94 status
= packet_send(req
->smb_conn
->packet
, blob
);
95 if (!NT_STATUS_IS_OK(status
)) {
96 smbsrv_terminate_connection(req
->smb_conn
, nt_errstr(status
));
101 void smb2srv_send_error(struct smb2srv_request
*req
, NTSTATUS error
)
105 status
= smb2srv_setup_reply(req
, 8, 1);
106 if (!NT_STATUS_IS_OK(status
)) {
107 smbsrv_terminate_connection(req
->smb_conn
, nt_errstr(status
));
112 SIVAL(req
->out
.hdr
, SMB2_HDR_STATUS
, NT_STATUS_V(error
));
114 SSVAL(req
->out
.body
, 0x02, 0);
115 SIVAL(req
->out
.body
, 0x04, 0);
117 smb2srv_send_reply(req
);
120 static NTSTATUS
smb2srv_reply(struct smb2srv_request
*req
)
124 opcode
= SVAL(req
->in
.hdr
, SMB2_HDR_OPCODE
);
125 req
->seqnum
= BVAL(req
->in
.hdr
, SMB2_HDR_SEQNUM
);
130 case SMB2_OP_NEGPROT
:
131 smb2srv_negprot_recv(req
);
133 case SMB2_OP_SESSSETUP
:
134 smb2srv_sesssetup_recv(req
);
137 smb2srv_tcon_recv(req
);
140 smb2srv_tdis_recv(req
);
143 smb2srv_create_recv(req
);
146 smb2srv_close_recv(req
);
149 smb2srv_read_recv(req
);
152 smb2srv_write_recv(req
);
155 smb2srv_cancel_recv(req
);
158 smb2srv_find_recv(req
);
161 smb2srv_notify_recv(req
);
163 case SMB2_OP_GETINFO
:
164 smb2srv_getinfo_recv(req
);
166 case SMB2_OP_SETINFO
:
167 smb2srv_setinfo_recv(req
);
170 smb2srv_break_recv(req
);
174 DEBUG(1,("Invalid SMB2 opcode: 0x%04X\n", opcode
));
175 smbsrv_terminate_connection(req
->smb_conn
, "Invalid SMB2 opcode");
179 NTSTATUS
smbsrv_recv_smb2_request(void *private, DATA_BLOB blob
)
181 struct smbsrv_connection
*smb_conn
= talloc_get_type(private, struct smbsrv_connection
);
182 struct smb2srv_request
*req
;
183 uint32_t protocol_version
;
184 uint16_t buffer_code
;
185 uint32_t dynamic_size
;
187 /* see if its a special NBT packet */
188 if (CVAL(blob
.data
,0) != 0) {
189 DEBUG(2,("Special NBT packet on SMB2 connection"));
190 smbsrv_terminate_connection(smb_conn
, "Special NBT packet on SMB2 connection");
194 if (blob
.length
< (NBT_HDR_SIZE
+ SMB2_MIN_SIZE
)) {
195 DEBUG(2,("Invalid SMB2 packet length count %d\n", blob
.length
));
196 smbsrv_terminate_connection(smb_conn
, "Invalid SMB2 packet");
200 protocol_version
= IVAL(blob
.data
, NBT_HDR_SIZE
);
202 if (protocol_version
!= SMB2_MAGIC
) {
203 DEBUG(2,("Invalid SMB packet: protocl prefix: 0x%08X\n", protocol_version
));
204 smbsrv_terminate_connection(smb_conn
, "NON-SMB2 packet");
208 req
= smb2srv_init_request(smb_conn
);
209 NT_STATUS_HAVE_NO_MEMORY(req
);
211 req
->in
.buffer
= talloc_steal(req
, blob
.data
);
212 req
->in
.size
= blob
.length
;
213 req
->request_time
= timeval_current();
214 req
->in
.allocated
= req
->in
.size
;
216 req
->in
.hdr
= req
->in
.buffer
+ NBT_HDR_SIZE
;
217 req
->in
.body
= req
->in
.hdr
+ SMB2_HDR_BODY
;
218 req
->in
.body_size
= req
->in
.size
- (SMB2_HDR_BODY
+NBT_HDR_SIZE
);
219 req
->in
.dynamic
= NULL
;
221 buffer_code
= SVAL(req
->in
.body
, 0);
222 dynamic_size
= req
->in
.body_size
- (buffer_code
& ~1);
224 if (dynamic_size
!= 0 && (buffer_code
& 1)) {
225 req
->in
.dynamic
= req
->in
.body
+ (buffer_code
& ~1);
226 if (smb2_oob(&req
->in
, req
->in
.dynamic
, dynamic_size
)) {
227 DEBUG(1,("SMB2 request invalid dynamic size 0x%x\n",
229 smb2srv_send_error(req
, NT_STATUS_INVALID_PARAMETER
);
235 * TODO: - make sure the length field is 64
236 * - make sure it's a request
239 return smb2srv_reply(req
);
243 * init the SMB2 protocol related stuff
245 NTSTATUS
smbsrv_init_smb2_connection(struct smbsrv_connection
*smb_conn
)
249 /* now initialise a few default values associated with this smb socket */
250 smb_conn
->negotiate
.max_send
= 0xFFFF;
252 /* this is the size that w2k uses, and it appears to be important for
254 smb_conn
->negotiate
.max_recv
= lp_max_xmit();
256 smb_conn
->negotiate
.zone_offset
= get_time_zone(time(NULL
));
258 smb_conn
->config
.security
= SEC_USER
;
259 smb_conn
->config
.nt_status_support
= True
;
261 status
= smbsrv_init_sessions(smb_conn
, UINT64_MAX
);
262 NT_STATUS_NOT_OK_RETURN(status
);
264 status
= smbsrv_init_tcons(smb_conn
, UINT32_MAX
);
265 NT_STATUS_NOT_OK_RETURN(status
);