2 Unix SMB/CIFS implementation.
4 Copyright (C) Volker Lendecke 2011
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 #include "system/network.h"
22 #include "../lib/util/tevent_ntstatus.h"
23 #include "../libcli/smb/smb_common.h"
24 #include "../libcli/smb/smbXcli_base.h"
26 struct smb2cli_session_setup_state
{
27 struct smbXcli_session
*session
;
30 struct iovec
*recv_iov
;
31 DATA_BLOB out_security_buffer
;
35 static void smb2cli_session_setup_done(struct tevent_req
*subreq
);
37 struct tevent_req
*smb2cli_session_setup_send(TALLOC_CTX
*mem_ctx
,
38 struct tevent_context
*ev
,
39 struct smbXcli_conn
*conn
,
40 uint32_t timeout_msec
,
41 struct smbXcli_session
*session
,
43 uint32_t in_capabilities
,
45 uint64_t in_previous_session_id
,
46 const DATA_BLOB
*in_security_buffer
)
48 struct tevent_req
*req
, *subreq
;
49 struct smb2cli_session_setup_state
*state
;
53 uint8_t security_mode
;
54 uint16_t security_buffer_offset
= 0;
55 uint16_t security_buffer_length
= 0;
57 req
= tevent_req_create(mem_ctx
, &state
,
58 struct smb2cli_session_setup_state
);
63 if (session
== NULL
) {
64 tevent_req_nterror(req
, NT_STATUS_INVALID_PARAMETER_MIX
);
65 return tevent_req_post(req
, ev
);
67 state
->session
= session
;
68 security_mode
= smb2cli_session_security_mode(session
);
70 if (in_security_buffer
) {
71 if (in_security_buffer
->length
> UINT16_MAX
) {
72 tevent_req_nterror(req
, NT_STATUS_INVALID_PARAMETER_MIX
);
73 return tevent_req_post(req
, ev
);
75 security_buffer_offset
= SMB2_HDR_BODY
+ 24;
76 security_buffer_length
= in_security_buffer
->length
;
82 SCVAL(buf
, 2, in_flags
);
83 SCVAL(buf
, 3, security_mode
);
84 SIVAL(buf
, 4, in_capabilities
);
85 SIVAL(buf
, 8, in_channel
);
86 SSVAL(buf
, 12, security_buffer_offset
);
87 SSVAL(buf
, 14, security_buffer_length
);
88 SBVAL(buf
, 16, in_previous_session_id
);
90 if (security_buffer_length
> 0) {
91 dyn
= in_security_buffer
->data
;
92 dyn_len
= in_security_buffer
->length
;
94 dyn
= state
->dyn_pad
;;
95 dyn_len
= sizeof(state
->dyn_pad
);
98 subreq
= smb2cli_req_send(state
, ev
,
99 conn
, SMB2_OP_SESSSETUP
,
105 state
->fixed
, sizeof(state
->fixed
),
107 if (tevent_req_nomem(subreq
, req
)) {
108 return tevent_req_post(req
, ev
);
110 tevent_req_set_callback(subreq
, smb2cli_session_setup_done
, req
);
114 static void smb2cli_session_setup_done(struct tevent_req
*subreq
)
116 struct tevent_req
*req
=
117 tevent_req_callback_data(subreq
,
119 struct smb2cli_session_setup_state
*state
=
121 struct smb2cli_session_setup_state
);
123 uint64_t current_session_id
;
125 uint16_t session_flags
;
126 uint16_t expected_offset
= 0;
127 uint16_t security_buffer_offset
;
128 uint16_t security_buffer_length
;
129 uint8_t *security_buffer_data
= NULL
;
132 static const struct smb2cli_req_expected_response expected
[] = {
134 .status
= NT_STATUS_MORE_PROCESSING_REQUIRED
,
138 .status
= NT_STATUS_OK
,
143 status
= smb2cli_req_recv(subreq
, state
, &state
->recv_iov
,
144 expected
, ARRAY_SIZE(expected
));
146 if (!NT_STATUS_IS_OK(status
) &&
147 !NT_STATUS_EQUAL(status
, NT_STATUS_MORE_PROCESSING_REQUIRED
)) {
148 tevent_req_nterror(req
, status
);
152 hdr
= (const uint8_t *)state
->recv_iov
[0].iov_base
;
153 body
= (const uint8_t *)state
->recv_iov
[1].iov_base
;
155 session_id
= BVAL(hdr
, SMB2_HDR_SESSION_ID
);
156 session_flags
= SVAL(body
, 2);
158 security_buffer_offset
= SVAL(body
, 4);
159 security_buffer_length
= SVAL(body
, 6);
161 if (security_buffer_length
> 0) {
162 expected_offset
= SMB2_HDR_BODY
+ 8;
164 if (security_buffer_offset
!= 0) {
165 security_buffer_data
= (uint8_t *)state
->recv_iov
[2].iov_base
;
166 expected_offset
= SMB2_HDR_BODY
+ 8;
169 if (security_buffer_offset
!= expected_offset
) {
170 tevent_req_nterror(req
, NT_STATUS_INVALID_NETWORK_RESPONSE
);
173 if (security_buffer_length
> state
->recv_iov
[2].iov_len
) {
174 tevent_req_nterror(req
, NT_STATUS_INVALID_NETWORK_RESPONSE
);
178 state
->out_security_buffer
.data
= security_buffer_data
;
179 state
->out_security_buffer
.length
= security_buffer_length
;
181 current_session_id
= smb2cli_session_current_id(state
->session
);
182 if (current_session_id
== 0) {
183 /* A new session was requested */
184 current_session_id
= session_id
;
187 if (current_session_id
!= session_id
) {
188 tevent_req_nterror(req
, NT_STATUS_INVALID_NETWORK_RESPONSE
);
192 smb2cli_session_set_id_and_flags(state
->session
,
193 session_id
, session_flags
);
195 state
->status
= status
;
196 tevent_req_done(req
);
199 NTSTATUS
smb2cli_session_setup_recv(struct tevent_req
*req
,
201 struct iovec
**recv_iov
,
202 DATA_BLOB
*out_security_buffer
)
204 struct smb2cli_session_setup_state
*state
=
206 struct smb2cli_session_setup_state
);
210 if (tevent_req_is_nterror(req
, &status
)) {
211 tevent_req_received(req
);
215 if (recv_iov
== NULL
) {
219 *recv_iov
= talloc_move(mem_ctx
, &state
->recv_iov
);
221 *out_security_buffer
= state
->out_security_buffer
;
224 * Return the status from the server:
225 * NT_STATUS_MORE_PROCESSING_REQUIRED or
228 status
= state
->status
;
229 tevent_req_received(req
);