2 Unix SMB/CIFS implementation.
3 Infrastructure for async SMB client requests
4 Copyright (C) Volker Lendecke 2008
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 * Read an smb packet asynchronously, discard keepalives
26 struct read_smb_state
{
27 struct tevent_context
*ev
;
32 static ssize_t
read_smb_more(uint8_t *buf
, size_t buflen
, void *private_data
);
33 static void read_smb_done(struct tevent_req
*subreq
);
35 static struct tevent_req
*read_smb_send(TALLOC_CTX
*mem_ctx
,
36 struct tevent_context
*ev
,
39 struct tevent_req
*result
, *subreq
;
40 struct read_smb_state
*state
;
42 result
= tevent_req_create(mem_ctx
, &state
, struct read_smb_state
);
49 subreq
= read_packet_send(state
, ev
, fd
, 4, read_smb_more
, NULL
);
53 tevent_req_set_callback(subreq
, read_smb_done
, result
);
60 static ssize_t
read_smb_more(uint8_t *buf
, size_t buflen
, void *private_data
)
63 return 0; /* We've been here, we're done */
65 return smb_len_large(buf
);
68 static void read_smb_done(struct tevent_req
*subreq
)
70 struct tevent_req
*req
= tevent_req_callback_data(
71 subreq
, struct tevent_req
);
72 struct read_smb_state
*state
= tevent_req_data(
73 req
, struct read_smb_state
);
77 len
= read_packet_recv(subreq
, state
, &state
->buf
, &err
);
80 tevent_req_error(req
, err
);
84 if (CVAL(state
->buf
, 0) == SMBkeepalive
) {
85 subreq
= read_packet_send(state
, state
->ev
, state
->fd
, 4,
87 if (tevent_req_nomem(subreq
, req
)) {
90 tevent_req_set_callback(subreq
, read_smb_done
, req
);
96 static ssize_t
read_smb_recv(struct tevent_req
*req
, TALLOC_CTX
*mem_ctx
,
97 uint8_t **pbuf
, int *perrno
)
99 struct read_smb_state
*state
= tevent_req_data(
100 req
, struct read_smb_state
);
102 if (tevent_req_is_unix_error(req
, perrno
)) {
105 *pbuf
= talloc_move(mem_ctx
, &state
->buf
);
106 return talloc_get_size(*pbuf
);
110 * Fetch an error out of a NBT packet
111 * @param[in] buf The SMB packet
112 * @retval The error, converted to NTSTATUS
115 NTSTATUS
cli_pull_error(char *buf
)
117 uint32_t flags2
= SVAL(buf
, smb_flg2
);
119 if (flags2
& FLAGS2_32_BIT_ERROR_CODES
) {
120 return NT_STATUS(IVAL(buf
, smb_rcls
));
123 /* if the client uses dos errors, but there is no error,
124 we should return no error here, otherwise it looks
125 like an unknown bad NT_STATUS. jmcd */
126 if (CVAL(buf
, smb_rcls
) == 0)
129 return NT_STATUS_DOS(CVAL(buf
, smb_rcls
), SVAL(buf
,smb_err
));
133 * Compatibility helper for the sync APIs: Fake NTSTATUS in cli->inbuf
134 * @param[in] cli The client connection that just received an error
135 * @param[in] status The error to set on "cli"
138 void cli_set_error(struct cli_state
*cli
, NTSTATUS status
)
140 uint32_t flags2
= SVAL(cli
->inbuf
, smb_flg2
);
142 if (NT_STATUS_IS_DOS(status
)) {
143 SSVAL(cli
->inbuf
, smb_flg2
,
144 flags2
& ~FLAGS2_32_BIT_ERROR_CODES
);
145 SCVAL(cli
->inbuf
, smb_rcls
, NT_STATUS_DOS_CLASS(status
));
146 SSVAL(cli
->inbuf
, smb_err
, NT_STATUS_DOS_CODE(status
));
150 SSVAL(cli
->inbuf
, smb_flg2
, flags2
| FLAGS2_32_BIT_ERROR_CODES
);
151 SIVAL(cli
->inbuf
, smb_rcls
, NT_STATUS_V(status
));
156 * Figure out if there is an andx command behind the current one
157 * @param[in] buf The smb buffer to look at
158 * @param[in] ofs The offset to the wct field that is followed by the cmd
159 * @retval Is there a command following?
162 static bool have_andx_command(const char *buf
, uint16_t ofs
)
165 size_t buflen
= talloc_get_size(buf
);
167 if ((ofs
== buflen
-1) || (ofs
== buflen
)) {
171 wct
= CVAL(buf
, ofs
);
174 * Not enough space for the command and a following pointer
178 return (CVAL(buf
, ofs
+1) != 0xff);
181 #define MAX_SMB_IOV 5
183 struct cli_smb_state
{
184 struct tevent_context
*ev
;
185 struct cli_state
*cli
;
186 uint8_t header
[smb_wct
+1]; /* Space for the header including the wct */
189 * For normal requests, cli_smb_req_send chooses a mid. Secondary
190 * trans requests need to use the mid of the primary request, so we
191 * need a place to store it. Assume it's set if != 0.
196 uint8_t bytecount_buf
[2];
198 struct iovec iov
[MAX_SMB_IOV
+3];
204 struct tevent_req
**chained_requests
;
207 static uint16_t cli_alloc_mid(struct cli_state
*cli
)
209 int num_pending
= talloc_array_length(cli
->pending
);
216 if ((result
== 0) || (result
== 0xffff)) {
220 for (i
=0; i
<num_pending
; i
++) {
221 if (result
== cli_smb_req_mid(cli
->pending
[i
])) {
226 if (i
== num_pending
) {
232 void cli_smb_req_unset_pending(struct tevent_req
*req
)
234 struct cli_smb_state
*state
= tevent_req_data(
235 req
, struct cli_smb_state
);
236 struct cli_state
*cli
= state
->cli
;
237 int num_pending
= talloc_array_length(cli
->pending
);
240 if (num_pending
== 1) {
242 * The pending read_smb tevent_req is a child of
243 * cli->pending. So if nothing is pending anymore, we need to
244 * delete the socket read fde.
246 TALLOC_FREE(cli
->pending
);
250 for (i
=0; i
<num_pending
; i
++) {
251 if (req
== cli
->pending
[i
]) {
255 if (i
== num_pending
) {
257 * Something's seriously broken. Just returning here is the
258 * right thing nevertheless, the point of this routine is to
259 * remove ourselves from cli->pending.
265 * Remove ourselves from the cli->pending array
267 if (num_pending
> 1) {
268 cli
->pending
[i
] = cli
->pending
[num_pending
-1];
272 * No NULL check here, we're shrinking by sizeof(void *), and
273 * talloc_realloc just adjusts the size for this.
275 cli
->pending
= talloc_realloc(NULL
, cli
->pending
, struct tevent_req
*,
280 static int cli_smb_req_destructor(struct tevent_req
*req
)
282 cli_smb_req_unset_pending(req
);
286 static void cli_smb_received(struct tevent_req
*subreq
);
288 bool cli_smb_req_set_pending(struct tevent_req
*req
)
290 struct cli_smb_state
*state
= tevent_req_data(
291 req
, struct cli_smb_state
);
292 struct cli_state
*cli
;
293 struct tevent_req
**pending
;
295 struct tevent_req
*subreq
;
298 num_pending
= talloc_array_length(cli
->pending
);
300 pending
= talloc_realloc(cli
, cli
->pending
, struct tevent_req
*,
302 if (pending
== NULL
) {
305 pending
[num_pending
] = req
;
306 cli
->pending
= pending
;
307 talloc_set_destructor(req
, cli_smb_req_destructor
);
309 if (num_pending
> 0) {
314 * We're the first ones, add the read_smb request that waits for the
315 * answer from the server
317 subreq
= read_smb_send(cli
->pending
, state
->ev
, cli
->fd
);
318 if (subreq
== NULL
) {
319 cli_smb_req_unset_pending(req
);
322 tevent_req_set_callback(subreq
, cli_smb_received
, cli
);
327 * Fetch a smb request's mid. Only valid after the request has been sent by
328 * cli_smb_req_send().
330 uint16_t cli_smb_req_mid(struct tevent_req
*req
)
332 struct cli_smb_state
*state
= tevent_req_data(
333 req
, struct cli_smb_state
);
334 return SVAL(state
->header
, smb_mid
);
337 void cli_smb_req_set_mid(struct tevent_req
*req
, uint16_t mid
)
339 struct cli_smb_state
*state
= tevent_req_data(
340 req
, struct cli_smb_state
);
344 static size_t iov_len(const struct iovec
*iov
, int count
)
348 for (i
=0; i
<count
; i
++) {
349 result
+= iov
[i
].iov_len
;
354 static uint8_t *iov_concat(TALLOC_CTX
*mem_ctx
, const struct iovec
*iov
,
357 size_t len
= iov_len(iov
, count
);
362 buf
= talloc_array(mem_ctx
, uint8_t, len
);
367 for (i
=0; i
<count
; i
++) {
368 memcpy(buf
+copied
, iov
[i
].iov_base
, iov
[i
].iov_len
);
369 copied
+= iov
[i
].iov_len
;
374 struct tevent_req
*cli_smb_req_create(TALLOC_CTX
*mem_ctx
,
375 struct event_context
*ev
,
376 struct cli_state
*cli
,
378 uint8_t additional_flags
,
379 uint8_t wct
, uint16_t *vwv
,
381 struct iovec
*bytes_iov
)
383 struct tevent_req
*result
;
384 struct cli_smb_state
*state
;
385 struct timeval endtime
;
387 if (iov_count
> MAX_SMB_IOV
) {
389 * Should not happen :-)
394 result
= tevent_req_create(mem_ctx
, &state
, struct cli_smb_state
);
395 if (result
== NULL
) {
400 state
->mid
= 0; /* Set to auto-choose in cli_smb_req_send */
401 state
->chain_num
= 0;
402 state
->chained_requests
= NULL
;
404 cli_setup_packet_buf(cli
, (char *)state
->header
);
405 SCVAL(state
->header
, smb_com
, smb_command
);
406 SSVAL(state
->header
, smb_tid
, cli
->cnum
);
407 SCVAL(state
->header
, smb_wct
, wct
);
411 SSVAL(state
->bytecount_buf
, 0, iov_len(bytes_iov
, iov_count
));
413 state
->iov
[0].iov_base
= (void *)state
->header
;
414 state
->iov
[0].iov_len
= sizeof(state
->header
);
415 state
->iov
[1].iov_base
= (void *)state
->vwv
;
416 state
->iov
[1].iov_len
= wct
* sizeof(uint16_t);
417 state
->iov
[2].iov_base
= (void *)state
->bytecount_buf
;
418 state
->iov
[2].iov_len
= sizeof(uint16_t);
420 if (iov_count
!= 0) {
421 memcpy(&state
->iov
[3], bytes_iov
,
422 iov_count
* sizeof(*bytes_iov
));
424 state
->iov_count
= iov_count
+ 3;
426 endtime
= timeval_current_ofs(0, cli
->timeout
* 1000);
427 if (!tevent_req_set_endtime(result
, ev
, endtime
)) {
428 tevent_req_nomem(NULL
, result
);
433 static NTSTATUS
cli_signv(struct cli_state
*cli
, struct iovec
*iov
, int count
,
439 * Obvious optimization: Make cli_calculate_sign_mac work with struct
440 * iovec directly. MD5Update would do that just fine.
443 if ((count
<= 0) || (iov
[0].iov_len
< smb_wct
)) {
444 return NT_STATUS_INVALID_PARAMETER
;
447 buf
= iov_concat(talloc_tos(), iov
, count
);
449 return NT_STATUS_NO_MEMORY
;
452 cli_calculate_sign_mac(cli
, (char *)buf
, seqnum
);
453 memcpy(iov
[0].iov_base
, buf
, iov
[0].iov_len
);
459 static void cli_smb_sent(struct tevent_req
*subreq
);
461 static NTSTATUS
cli_smb_req_iov_send(struct tevent_req
*req
,
462 struct cli_smb_state
*state
,
463 struct iovec
*iov
, int iov_count
)
465 struct tevent_req
*subreq
;
468 if (state
->cli
->fd
== -1) {
469 return NT_STATUS_CONNECTION_INVALID
;
472 if (iov
[0].iov_len
< smb_wct
) {
473 return NT_STATUS_INVALID_PARAMETER
;
476 if (state
->mid
!= 0) {
477 SSVAL(iov
[0].iov_base
, smb_mid
, state
->mid
);
479 uint16_t mid
= cli_alloc_mid(state
->cli
);
480 SSVAL(iov
[0].iov_base
, smb_mid
, mid
);
483 smb_setlen((char *)iov
[0].iov_base
, iov_len(iov
, iov_count
) - 4);
485 status
= cli_signv(state
->cli
, iov
, iov_count
, &state
->seqnum
);
487 if (!NT_STATUS_IS_OK(status
)) {
491 if (cli_encryption_on(state
->cli
)) {
494 buf
= (char *)iov_concat(talloc_tos(), iov
, iov_count
);
496 return NT_STATUS_NO_MEMORY
;
498 status
= cli_encrypt_message(state
->cli
, (char *)buf
,
501 if (!NT_STATUS_IS_OK(status
)) {
502 DEBUG(0, ("Error in encrypting client message: %s\n",
506 buf
= (char *)talloc_memdup(state
, enc_buf
,
510 return NT_STATUS_NO_MEMORY
;
512 iov
[0].iov_base
= (void *)buf
;
513 iov
[0].iov_len
= talloc_get_size(buf
);
516 subreq
= writev_send(state
, state
->ev
, state
->cli
->outgoing
,
517 state
->cli
->fd
, false, iov
, iov_count
);
518 if (subreq
== NULL
) {
519 return NT_STATUS_NO_MEMORY
;
521 tevent_req_set_callback(subreq
, cli_smb_sent
, req
);
525 NTSTATUS
cli_smb_req_send(struct tevent_req
*req
)
527 struct cli_smb_state
*state
= tevent_req_data(
528 req
, struct cli_smb_state
);
530 return cli_smb_req_iov_send(req
, state
, state
->iov
, state
->iov_count
);
533 struct tevent_req
*cli_smb_send(TALLOC_CTX
*mem_ctx
,
534 struct event_context
*ev
,
535 struct cli_state
*cli
,
537 uint8_t additional_flags
,
538 uint8_t wct
, uint16_t *vwv
,
540 const uint8_t *bytes
)
542 struct tevent_req
*req
;
546 iov
.iov_base
= CONST_DISCARD(void *, bytes
);
547 iov
.iov_len
= num_bytes
;
549 req
= cli_smb_req_create(mem_ctx
, ev
, cli
, smb_command
,
550 additional_flags
, wct
, vwv
, 1, &iov
);
555 status
= cli_smb_req_send(req
);
556 if (!NT_STATUS_IS_OK(status
)) {
557 tevent_req_nterror(req
, status
);
558 return tevent_req_post(req
, ev
);
563 static void cli_smb_sent(struct tevent_req
*subreq
)
565 struct tevent_req
*req
= tevent_req_callback_data(
566 subreq
, struct tevent_req
);
567 struct cli_smb_state
*state
= tevent_req_data(
568 req
, struct cli_smb_state
);
572 nwritten
= writev_recv(subreq
, &err
);
574 if (nwritten
== -1) {
575 if (state
->cli
->fd
!= -1) {
576 close(state
->cli
->fd
);
579 tevent_req_nterror(req
, map_nt_error_from_unix(err
));
583 switch (CVAL(state
->header
, smb_com
)) {
589 tevent_req_done(req
);
592 if ((CVAL(state
->header
, smb_wct
) == 8) &&
593 (CVAL(state
->vwv
+3, 0) == LOCKING_ANDX_OPLOCK_RELEASE
)) {
595 tevent_req_done(req
);
600 if (!cli_smb_req_set_pending(req
)) {
601 tevent_req_nterror(req
, NT_STATUS_NO_MEMORY
);
606 static void cli_smb_received(struct tevent_req
*subreq
)
608 struct cli_state
*cli
= tevent_req_callback_data(
609 subreq
, struct cli_state
);
610 struct tevent_req
*req
;
611 struct cli_smb_state
*state
;
620 received
= read_smb_recv(subreq
, talloc_tos(), &inbuf
, &err
);
622 if (received
== -1) {
627 status
= map_nt_error_from_unix(err
);
631 if ((IVAL(inbuf
, 4) != 0x424d53ff) /* 0xFF"SMB" */
632 && (SVAL(inbuf
, 4) != 0x45ff)) /* 0xFF"E" */ {
633 DEBUG(10, ("Got non-SMB PDU\n"));
634 status
= NT_STATUS_INVALID_NETWORK_RESPONSE
;
638 if (cli_encryption_on(cli
) && (CVAL(inbuf
, 0) == 0)) {
639 uint16_t enc_ctx_num
;
641 status
= get_enc_ctx_num(inbuf
, &enc_ctx_num
);
642 if (!NT_STATUS_IS_OK(status
)) {
643 DEBUG(10, ("get_enc_ctx_num returned %s\n",
648 if (enc_ctx_num
!= cli
->trans_enc_state
->enc_ctx_num
) {
649 DEBUG(10, ("wrong enc_ctx %d, expected %d\n",
651 cli
->trans_enc_state
->enc_ctx_num
));
652 status
= NT_STATUS_INVALID_HANDLE
;
656 status
= common_decrypt_buffer(cli
->trans_enc_state
,
658 if (!NT_STATUS_IS_OK(status
)) {
659 DEBUG(10, ("common_decrypt_buffer returned %s\n",
665 mid
= SVAL(inbuf
, smb_mid
);
666 num_pending
= talloc_array_length(cli
->pending
);
668 for (i
=0; i
<num_pending
; i
++) {
669 if (mid
== cli_smb_req_mid(cli
->pending
[i
])) {
673 if (i
== num_pending
) {
674 /* Dump unexpected reply */
679 oplock_break
= false;
683 * Paranoia checks that this is really an oplock break request.
685 oplock_break
= (smb_len(inbuf
) == 51); /* hdr + 8 words */
686 oplock_break
&= ((CVAL(inbuf
, smb_flg
) & FLAG_REPLY
) == 0);
687 oplock_break
&= (CVAL(inbuf
, smb_com
) == SMBlockingX
);
688 oplock_break
&= (SVAL(inbuf
, smb_vwv6
) == 0);
689 oplock_break
&= (SVAL(inbuf
, smb_vwv7
) == 0);
692 /* Dump unexpected reply */
698 req
= cli
->pending
[i
];
699 state
= tevent_req_data(req
, struct cli_smb_state
);
701 if (!oplock_break
/* oplock breaks are not signed */
702 && !cli_check_sign_mac(cli
, (char *)inbuf
, state
->seqnum
+1)) {
703 DEBUG(10, ("cli_check_sign_mac failed\n"));
705 status
= NT_STATUS_ACCESS_DENIED
;
709 if (state
->chained_requests
== NULL
) {
710 state
->inbuf
= talloc_move(state
, &inbuf
);
711 talloc_set_destructor(req
, NULL
);
712 cli_smb_req_destructor(req
);
713 tevent_req_done(req
);
715 struct tevent_req
**chain
= talloc_move(
716 talloc_tos(), &state
->chained_requests
);
717 int num_chained
= talloc_array_length(chain
);
719 for (i
=0; i
<num_chained
; i
++) {
720 state
= tevent_req_data(chain
[i
], struct
722 state
->inbuf
= inbuf
;
723 state
->chain_num
= i
;
724 tevent_req_done(chain
[i
]);
730 if (talloc_array_length(cli
->pending
) > 0) {
732 * Set up another read request for the other pending cli_smb
735 state
= tevent_req_data(cli
->pending
[0], struct cli_smb_state
);
736 subreq
= read_smb_send(cli
->pending
, state
->ev
, cli
->fd
);
737 if (subreq
== NULL
) {
738 status
= NT_STATUS_NO_MEMORY
;
741 tevent_req_set_callback(subreq
, cli_smb_received
, cli
);
746 * Cancel all pending requests. We don't do a for-loop walking
747 * cli->pending because that array changes in
748 * cli_smb_req_destructor().
750 while (talloc_array_length(cli
->pending
) > 0) {
751 req
= cli
->pending
[0];
752 talloc_set_destructor(req
, NULL
);
753 cli_smb_req_destructor(req
);
754 tevent_req_nterror(req
, status
);
758 NTSTATUS
cli_smb_recv(struct tevent_req
*req
,
759 TALLOC_CTX
*mem_ctx
, uint8_t **pinbuf
,
760 uint8_t min_wct
, uint8_t *pwct
, uint16_t **pvwv
,
761 uint32_t *pnum_bytes
, uint8_t **pbytes
)
763 struct cli_smb_state
*state
= tevent_req_data(
764 req
, struct cli_smb_state
);
765 NTSTATUS status
= NT_STATUS_OK
;
768 size_t wct_ofs
, bytes_offset
;
771 if (tevent_req_is_nterror(req
, &status
)) {
775 if (state
->inbuf
== NULL
) {
776 /* This was a request without a reply */
781 cmd
= CVAL(state
->inbuf
, smb_com
);
783 for (i
=0; i
<state
->chain_num
; i
++) {
784 if (i
< state
->chain_num
-1) {
786 return NT_STATUS_REQUEST_ABORTED
;
788 if (!is_andx_req(cmd
)) {
789 return NT_STATUS_INVALID_NETWORK_RESPONSE
;
793 if (!have_andx_command((char *)state
->inbuf
, wct_ofs
)) {
795 * This request was not completed because a previous
796 * request in the chain had received an error.
798 return NT_STATUS_REQUEST_ABORTED
;
801 wct_ofs
= SVAL(state
->inbuf
, wct_ofs
+ 3);
804 * Skip the all-present length field. No overflow, we've just
805 * put a 16-bit value into a size_t.
809 if (wct_ofs
+2 > talloc_get_size(state
->inbuf
)) {
810 return NT_STATUS_INVALID_NETWORK_RESPONSE
;
813 cmd
= CVAL(state
->inbuf
, wct_ofs
+ 1);
816 status
= cli_pull_error((char *)state
->inbuf
);
818 if (!have_andx_command((char *)state
->inbuf
, wct_ofs
)) {
820 if ((cmd
== SMBsesssetupX
)
822 status
, NT_STATUS_MORE_PROCESSING_REQUIRED
)) {
824 * NT_STATUS_MORE_PROCESSING_REQUIRED is a
825 * valid return code for session setup
830 if (NT_STATUS_IS_ERR(status
)) {
832 * The last command takes the error code. All
833 * further commands down the requested chain
834 * will get a NT_STATUS_REQUEST_ABORTED.
842 wct
= CVAL(state
->inbuf
, wct_ofs
);
843 bytes_offset
= wct_ofs
+ 1 + wct
* sizeof(uint16_t);
844 num_bytes
= SVAL(state
->inbuf
, bytes_offset
);
847 return NT_STATUS_INVALID_NETWORK_RESPONSE
;
851 * wct_ofs is a 16-bit value plus 4, wct is a 8-bit value, num_bytes
852 * is a 16-bit value. So bytes_offset being size_t should be far from
855 if ((bytes_offset
+ 2 > talloc_get_size(state
->inbuf
))
856 || (bytes_offset
> 0xffff)) {
857 return NT_STATUS_INVALID_NETWORK_RESPONSE
;
864 *pvwv
= (uint16_t *)(state
->inbuf
+ wct_ofs
+ 1);
866 if (pnum_bytes
!= NULL
) {
867 *pnum_bytes
= num_bytes
;
869 if (pbytes
!= NULL
) {
870 *pbytes
= (uint8_t *)state
->inbuf
+ bytes_offset
+ 2;
872 if ((mem_ctx
!= NULL
) && (pinbuf
!= NULL
)) {
873 *pinbuf
= talloc_move(mem_ctx
, &state
->inbuf
);
879 size_t cli_smb_wct_ofs(struct tevent_req
**reqs
, int num_reqs
)
884 wct_ofs
= smb_wct
- 4;
886 for (i
=0; i
<num_reqs
; i
++) {
887 struct cli_smb_state
*state
;
888 state
= tevent_req_data(reqs
[i
], struct cli_smb_state
);
889 wct_ofs
+= iov_len(state
->iov
+1, state
->iov_count
-1);
890 wct_ofs
= (wct_ofs
+ 3) & ~3;
895 NTSTATUS
cli_smb_chain_send(struct tevent_req
**reqs
, int num_reqs
)
897 struct cli_smb_state
*first_state
= tevent_req_data(
898 reqs
[0], struct cli_smb_state
);
899 struct cli_smb_state
*last_state
= tevent_req_data(
900 reqs
[num_reqs
-1], struct cli_smb_state
);
901 struct cli_smb_state
*state
;
903 size_t chain_padding
= 0;
905 struct iovec
*iov
= NULL
;
906 struct iovec
*this_iov
;
910 for (i
=0; i
<num_reqs
; i
++) {
911 state
= tevent_req_data(reqs
[i
], struct cli_smb_state
);
912 iovlen
+= state
->iov_count
;
915 iov
= talloc_array(last_state
, struct iovec
, iovlen
);
917 return NT_STATUS_NO_MEMORY
;
920 first_state
->chained_requests
= (struct tevent_req
**)talloc_memdup(
921 last_state
, reqs
, sizeof(*reqs
) * num_reqs
);
922 if (first_state
->chained_requests
== NULL
) {
924 return NT_STATUS_NO_MEMORY
;
927 wct_offset
= smb_wct
- 4;
930 for (i
=0; i
<num_reqs
; i
++) {
931 size_t next_padding
= 0;
934 state
= tevent_req_data(reqs
[i
], struct cli_smb_state
);
936 if (i
< num_reqs
-1) {
937 if (!is_andx_req(CVAL(state
->header
, smb_com
))
938 || CVAL(state
->header
, smb_wct
) < 2) {
940 TALLOC_FREE(first_state
->chained_requests
);
941 return NT_STATUS_INVALID_PARAMETER
;
945 wct_offset
+= iov_len(state
->iov
+1, state
->iov_count
-1) + 1;
946 if ((wct_offset
% 4) != 0) {
947 next_padding
= 4 - (wct_offset
% 4);
949 wct_offset
+= next_padding
;
952 if (i
< num_reqs
-1) {
953 struct cli_smb_state
*next_state
= tevent_req_data(
954 reqs
[i
+1], struct cli_smb_state
);
955 SCVAL(vwv
+0, 0, CVAL(next_state
->header
, smb_com
));
957 SSVAL(vwv
+1, 0, wct_offset
);
958 } else if (is_andx_req(CVAL(state
->header
, smb_com
))) {
959 /* properly end the chain */
960 SCVAL(vwv
+0, 0, 0xff);
961 SCVAL(vwv
+0, 1, 0xff);
966 this_iov
[0] = state
->iov
[0];
969 * This one is a bit subtle. We have to add
970 * chain_padding bytes between the requests, and we
971 * have to also include the wct field of the
972 * subsequent requests. We use the subsequent header
973 * for the padding, it contains the wct field in its
976 this_iov
[0].iov_len
= chain_padding
+1;
977 this_iov
[0].iov_base
= (void *)&state
->header
[
978 sizeof(state
->header
) - this_iov
[0].iov_len
];
979 memset(this_iov
[0].iov_base
, 0, this_iov
[0].iov_len
-1);
981 memcpy(this_iov
+1, state
->iov
+1,
982 sizeof(struct iovec
) * (state
->iov_count
-1));
983 this_iov
+= state
->iov_count
;
984 chain_padding
= next_padding
;
987 status
= cli_smb_req_iov_send(reqs
[0], last_state
, iov
, iovlen
);
988 if (!NT_STATUS_IS_OK(status
)) {
990 TALLOC_FREE(first_state
->chained_requests
);
997 uint8_t *cli_smb_inbuf(struct tevent_req
*req
)
999 struct cli_smb_state
*state
= tevent_req_data(
1000 req
, struct cli_smb_state
);
1001 return state
->inbuf
;
1004 bool cli_has_async_calls(struct cli_state
*cli
)
1006 return ((tevent_queue_length(cli
->outgoing
) != 0)
1007 || (talloc_array_length(cli
->pending
) != 0));
1010 struct cli_smb_oplock_break_waiter_state
{
1015 static void cli_smb_oplock_break_waiter_done(struct tevent_req
*subreq
);
1017 struct tevent_req
*cli_smb_oplock_break_waiter_send(TALLOC_CTX
*mem_ctx
,
1018 struct event_context
*ev
,
1019 struct cli_state
*cli
)
1021 struct tevent_req
*req
, *subreq
;
1022 struct cli_smb_oplock_break_waiter_state
*state
;
1023 struct cli_smb_state
*smb_state
;
1025 req
= tevent_req_create(mem_ctx
, &state
,
1026 struct cli_smb_oplock_break_waiter_state
);
1032 * Create a fake SMB request that we will never send out. This is only
1033 * used to be set into the pending queue with the right mid.
1035 subreq
= cli_smb_req_create(mem_ctx
, ev
, cli
, 0, 0, 0, NULL
, 0, NULL
);
1036 if (tevent_req_nomem(subreq
, req
)) {
1037 return tevent_req_post(req
, ev
);
1039 smb_state
= tevent_req_data(subreq
, struct cli_smb_state
);
1040 SSVAL(smb_state
->header
, smb_mid
, 0xffff);
1042 if (!cli_smb_req_set_pending(subreq
)) {
1043 tevent_req_nterror(req
, NT_STATUS_NO_MEMORY
);
1044 return tevent_req_post(req
, ev
);
1046 tevent_req_set_callback(subreq
, cli_smb_oplock_break_waiter_done
, req
);
1050 static void cli_smb_oplock_break_waiter_done(struct tevent_req
*subreq
)
1052 struct tevent_req
*req
= tevent_req_callback_data(
1053 subreq
, struct tevent_req
);
1054 struct cli_smb_oplock_break_waiter_state
*state
= tevent_req_data(
1055 req
, struct cli_smb_oplock_break_waiter_state
);
1063 status
= cli_smb_recv(subreq
, state
, &inbuf
, 8, &wct
, &vwv
,
1064 &num_bytes
, &bytes
);
1065 TALLOC_FREE(subreq
);
1066 if (!NT_STATUS_IS_OK(status
)) {
1067 tevent_req_nterror(req
, status
);
1070 state
->fnum
= SVAL(vwv
+2, 0);
1071 state
->level
= CVAL(vwv
+3, 1);
1072 tevent_req_done(req
);
1075 NTSTATUS
cli_smb_oplock_break_waiter_recv(struct tevent_req
*req
,
1079 struct cli_smb_oplock_break_waiter_state
*state
= tevent_req_data(
1080 req
, struct cli_smb_oplock_break_waiter_state
);
1083 if (tevent_req_is_nterror(req
, &status
)) {
1086 *pfnum
= state
->fnum
;
1087 *plevel
= state
->level
;
1088 return NT_STATUS_OK
;