8d96e45531
enabled by default in NETSMB and smbfs.ko. With the most of modern SMB providers requiring encryption by default, there is little sense left in keeping the crypto part of NETSMB optional at the build time. This will also return smbfs.ko to its former properties users are rather accustomed to. Discussed with: freebsd-stable, re (scottl) Not objected by: bp, tjr (silence) MFC after: 5 days
928 lines
24 KiB
C
928 lines
24 KiB
C
/*-
|
|
* Copyright (c) 2000-2001 Boris Popov
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
* 3. All advertising materials mentioning features or use of this software
|
|
* must display the following acknowledgement:
|
|
* This product includes software developed by Boris Popov.
|
|
* 4. Neither the name of the author nor the names of any co-contributors
|
|
* may be used to endorse or promote products derived from this software
|
|
* without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*/
|
|
|
|
/*
|
|
* various SMB requests. Most of the routines merely packs data into mbufs.
|
|
*/
|
|
|
|
#include <sys/cdefs.h>
|
|
__FBSDID("$FreeBSD$");
|
|
|
|
#include <sys/param.h>
|
|
#include <sys/systm.h>
|
|
#include <sys/kernel.h>
|
|
#include <sys/malloc.h>
|
|
#include <sys/proc.h>
|
|
#include <sys/lock.h>
|
|
#include <sys/sysctl.h>
|
|
#include <sys/socket.h>
|
|
#include <sys/uio.h>
|
|
|
|
#include <sys/iconv.h>
|
|
|
|
#include <netsmb/smb.h>
|
|
#include <netsmb/smb_subr.h>
|
|
#include <netsmb/smb_rq.h>
|
|
#include <netsmb/smb_conn.h>
|
|
#include <netsmb/smb_tran.h>
|
|
|
|
#include "opt_netsmb.h"
|
|
|
|
struct smb_dialect {
|
|
int d_id;
|
|
const char * d_name;
|
|
};
|
|
|
|
static struct smb_dialect smb_dialects[] = {
|
|
{SMB_DIALECT_CORE, "PC NETWORK PROGRAM 1.0"},
|
|
{SMB_DIALECT_COREPLUS, "MICROSOFT NETWORKS 1.03"},
|
|
{SMB_DIALECT_LANMAN1_0, "MICROSOFT NETWORKS 3.0"},
|
|
{SMB_DIALECT_LANMAN1_0, "LANMAN1.0"},
|
|
{SMB_DIALECT_LANMAN2_0, "LM1.2X002"},
|
|
{SMB_DIALECT_LANMAN2_0, "Samba"},
|
|
{SMB_DIALECT_NTLM0_12, "NT LANMAN 1.0"},
|
|
{SMB_DIALECT_NTLM0_12, "NT LM 0.12"},
|
|
{-1, NULL}
|
|
};
|
|
|
|
#define SMB_DIALECT_MAX (sizeof(smb_dialects) / sizeof(struct smb_dialect) - 2)
|
|
|
|
static u_int32_t
|
|
smb_vc_maxread(struct smb_vc *vcp)
|
|
{
|
|
/*
|
|
* Specs say up to 64k data bytes, but Windows traffic
|
|
* uses 60k... no doubt for some good reason.
|
|
*
|
|
* Don't exceed the server's buffer size if signatures
|
|
* are enabled otherwise Windows 2003 chokes. Allow space
|
|
* for the SMB header & a little bit extra.
|
|
*/
|
|
if ((vcp->vc_sopt.sv_caps & SMB_CAP_LARGE_READX) &&
|
|
(vcp->vc_hflags2 & SMB_FLAGS2_SECURITY_SIGNATURE) == 0)
|
|
return (60*1024);
|
|
else
|
|
return (vcp->vc_sopt.sv_maxtx - SMB_HDRLEN - 64);
|
|
}
|
|
|
|
static u_int32_t
|
|
smb_vc_maxwrite(struct smb_vc *vcp)
|
|
{
|
|
/*
|
|
* See comment above.
|
|
*/
|
|
if ((vcp->vc_sopt.sv_caps & SMB_CAP_LARGE_WRITEX) &&
|
|
(vcp->vc_hflags2 & SMB_FLAGS2_SECURITY_SIGNATURE) == 0)
|
|
return (60*1024);
|
|
else
|
|
return (vcp->vc_sopt.sv_maxtx - SMB_HDRLEN - 64);
|
|
}
|
|
|
|
static int
|
|
smb_smb_nomux(struct smb_vc *vcp, struct smb_cred *scred, const char *name)
|
|
{
|
|
if (scred->scr_td->td_proc == vcp->vc_iod->iod_p)
|
|
return 0;
|
|
SMBERROR("wrong function called(%s)\n", name);
|
|
return EINVAL;
|
|
}
|
|
|
|
int
|
|
smb_smb_negotiate(struct smb_vc *vcp, struct smb_cred *scred)
|
|
{
|
|
struct smb_dialect *dp;
|
|
struct smb_sopt *sp = NULL;
|
|
struct smb_rq *rqp;
|
|
struct mbchain *mbp;
|
|
struct mdchain *mdp;
|
|
u_int8_t wc, stime[8], sblen;
|
|
u_int16_t dindex, tw, tw1, swlen, bc;
|
|
int error, maxqsz;
|
|
|
|
if (smb_smb_nomux(vcp, scred, __func__) != 0)
|
|
return EINVAL;
|
|
vcp->vc_hflags = 0;
|
|
vcp->vc_hflags2 = 0;
|
|
vcp->obj.co_flags &= ~(SMBV_ENCRYPT);
|
|
sp = &vcp->vc_sopt;
|
|
bzero(sp, sizeof(struct smb_sopt));
|
|
error = smb_rq_alloc(VCTOCP(vcp), SMB_COM_NEGOTIATE, scred, &rqp);
|
|
if (error)
|
|
return error;
|
|
smb_rq_getrequest(rqp, &mbp);
|
|
smb_rq_wstart(rqp);
|
|
smb_rq_wend(rqp);
|
|
smb_rq_bstart(rqp);
|
|
for(dp = smb_dialects; dp->d_id != -1; dp++) {
|
|
mb_put_uint8(mbp, SMB_DT_DIALECT);
|
|
smb_put_dstring(mbp, vcp, dp->d_name, SMB_CS_NONE);
|
|
}
|
|
smb_rq_bend(rqp);
|
|
error = smb_rq_simple(rqp);
|
|
SMBSDEBUG("%d\n", error);
|
|
if (error)
|
|
goto bad;
|
|
smb_rq_getreply(rqp, &mdp);
|
|
do {
|
|
error = md_get_uint8(mdp, &wc);
|
|
if (error)
|
|
break;
|
|
error = md_get_uint16le(mdp, &dindex);
|
|
if (error)
|
|
break;
|
|
if (dindex > 7) {
|
|
SMBERROR("Don't know how to talk with server %s (%d)\n", "xxx", dindex);
|
|
error = EBADRPC;
|
|
break;
|
|
}
|
|
dp = smb_dialects + dindex;
|
|
sp->sv_proto = dp->d_id;
|
|
SMBSDEBUG("Dialect %s (%d, %d)\n", dp->d_name, dindex, wc);
|
|
error = EBADRPC;
|
|
if (dp->d_id >= SMB_DIALECT_NTLM0_12) {
|
|
if (wc != 17)
|
|
break;
|
|
md_get_uint8(mdp, &sp->sv_sm);
|
|
md_get_uint16le(mdp, &sp->sv_maxmux);
|
|
md_get_uint16le(mdp, &sp->sv_maxvcs);
|
|
md_get_uint32le(mdp, &sp->sv_maxtx);
|
|
md_get_uint32le(mdp, &sp->sv_maxraw);
|
|
md_get_uint32le(mdp, &sp->sv_skey);
|
|
md_get_uint32le(mdp, &sp->sv_caps);
|
|
md_get_mem(mdp, stime, 8, MB_MSYSTEM);
|
|
md_get_uint16le(mdp, (u_int16_t*)&sp->sv_tz);
|
|
md_get_uint8(mdp, &sblen);
|
|
if (sblen && (sp->sv_sm & SMB_SM_ENCRYPT)) {
|
|
if (sblen != SMB_MAXCHALLENGELEN) {
|
|
SMBERROR("Unexpected length of security blob (%d)\n", sblen);
|
|
break;
|
|
}
|
|
error = md_get_uint16(mdp, &bc);
|
|
if (error)
|
|
break;
|
|
if (sp->sv_caps & SMB_CAP_EXT_SECURITY)
|
|
md_get_mem(mdp, NULL, 16, MB_MSYSTEM);
|
|
error = md_get_mem(mdp, vcp->vc_ch, sblen, MB_MSYSTEM);
|
|
if (error)
|
|
break;
|
|
vcp->vc_chlen = sblen;
|
|
vcp->obj.co_flags |= SMBV_ENCRYPT;
|
|
}
|
|
if (sp->sv_sm & SMB_SM_SIGS_REQUIRE)
|
|
vcp->vc_hflags2 |= SMB_FLAGS2_SECURITY_SIGNATURE;
|
|
vcp->vc_hflags2 |= SMB_FLAGS2_KNOWS_LONG_NAMES;
|
|
if (dp->d_id == SMB_DIALECT_NTLM0_12 &&
|
|
sp->sv_maxtx < 4096 &&
|
|
(sp->sv_caps & SMB_CAP_NT_SMBS) == 0) {
|
|
vcp->obj.co_flags |= SMBV_WIN95;
|
|
SMBSDEBUG("Win95 detected\n");
|
|
}
|
|
} else if (dp->d_id > SMB_DIALECT_CORE) {
|
|
md_get_uint16le(mdp, &tw);
|
|
sp->sv_sm = tw;
|
|
md_get_uint16le(mdp, &tw);
|
|
sp->sv_maxtx = tw;
|
|
md_get_uint16le(mdp, &sp->sv_maxmux);
|
|
md_get_uint16le(mdp, &sp->sv_maxvcs);
|
|
md_get_uint16le(mdp, &tw); /* rawmode */
|
|
md_get_uint32le(mdp, &sp->sv_skey);
|
|
if (wc == 13) { /* >= LANMAN1 */
|
|
md_get_uint16(mdp, &tw); /* time */
|
|
md_get_uint16(mdp, &tw1); /* date */
|
|
md_get_uint16le(mdp, (u_int16_t*)&sp->sv_tz);
|
|
md_get_uint16le(mdp, &swlen);
|
|
if (swlen > SMB_MAXCHALLENGELEN)
|
|
break;
|
|
md_get_uint16(mdp, NULL); /* mbz */
|
|
if (md_get_uint16(mdp, &bc) != 0)
|
|
break;
|
|
if (bc < swlen)
|
|
break;
|
|
if (swlen && (sp->sv_sm & SMB_SM_ENCRYPT)) {
|
|
error = md_get_mem(mdp, vcp->vc_ch, swlen, MB_MSYSTEM);
|
|
if (error)
|
|
break;
|
|
vcp->vc_chlen = swlen;
|
|
vcp->obj.co_flags |= SMBV_ENCRYPT;
|
|
}
|
|
}
|
|
vcp->vc_hflags2 |= SMB_FLAGS2_KNOWS_LONG_NAMES;
|
|
} else { /* an old CORE protocol */
|
|
sp->sv_maxmux = 1;
|
|
}
|
|
error = 0;
|
|
} while (0);
|
|
if (error == 0) {
|
|
vcp->vc_maxvcs = sp->sv_maxvcs;
|
|
if (vcp->vc_maxvcs <= 1) {
|
|
if (vcp->vc_maxvcs == 0)
|
|
vcp->vc_maxvcs = 1;
|
|
}
|
|
if (sp->sv_maxtx <= 0 || sp->sv_maxtx > 0xffff)
|
|
sp->sv_maxtx = 1024;
|
|
else
|
|
sp->sv_maxtx = min(sp->sv_maxtx,
|
|
63*1024 + SMB_HDRLEN + 16);
|
|
SMB_TRAN_GETPARAM(vcp, SMBTP_RCVSZ, &maxqsz);
|
|
vcp->vc_rxmax = min(smb_vc_maxread(vcp), maxqsz - 1024);
|
|
SMB_TRAN_GETPARAM(vcp, SMBTP_SNDSZ, &maxqsz);
|
|
vcp->vc_wxmax = min(smb_vc_maxwrite(vcp), maxqsz - 1024);
|
|
vcp->vc_txmax = min(sp->sv_maxtx, maxqsz);
|
|
SMBSDEBUG("TZ = %d\n", sp->sv_tz);
|
|
SMBSDEBUG("CAPS = %x\n", sp->sv_caps);
|
|
SMBSDEBUG("MAXMUX = %d\n", sp->sv_maxmux);
|
|
SMBSDEBUG("MAXVCS = %d\n", sp->sv_maxvcs);
|
|
SMBSDEBUG("MAXRAW = %d\n", sp->sv_maxraw);
|
|
SMBSDEBUG("MAXTX = %d\n", sp->sv_maxtx);
|
|
}
|
|
bad:
|
|
smb_rq_done(rqp);
|
|
return error;
|
|
}
|
|
|
|
int
|
|
smb_smb_ssnsetup(struct smb_vc *vcp, struct smb_cred *scred)
|
|
{
|
|
struct smb_rq *rqp;
|
|
struct mbchain *mbp;
|
|
/* u_int8_t wc;
|
|
u_int16_t tw, tw1;*/
|
|
smb_uniptr unipp, ntencpass = NULL;
|
|
char *pp, *up, *pbuf, *encpass;
|
|
int error, plen, uniplen, ulen, upper;
|
|
|
|
upper = 0;
|
|
|
|
again:
|
|
|
|
vcp->vc_smbuid = SMB_UID_UNKNOWN;
|
|
|
|
if (smb_smb_nomux(vcp, scred, __func__) != 0)
|
|
return EINVAL;
|
|
|
|
error = smb_rq_alloc(VCTOCP(vcp), SMB_COM_SESSION_SETUP_ANDX, scred, &rqp);
|
|
if (error)
|
|
return error;
|
|
pbuf = malloc(SMB_MAXPASSWORDLEN + 1, M_SMBTEMP, M_WAITOK);
|
|
encpass = malloc(24, M_SMBTEMP, M_WAITOK);
|
|
if (vcp->vc_sopt.sv_sm & SMB_SM_USER) {
|
|
/*
|
|
* We try w/o uppercasing first so Samba mixed case
|
|
* passwords work. If that fails we come back and try
|
|
* uppercasing to satisfy OS/2 and Windows for Workgroups.
|
|
*/
|
|
if (upper++) {
|
|
iconv_convstr(vcp->vc_toupper, pbuf,
|
|
smb_vc_getpass(vcp)/*, SMB_MAXPASSWORDLEN*/);
|
|
} else {
|
|
strncpy(pbuf, smb_vc_getpass(vcp), SMB_MAXPASSWORDLEN);
|
|
pbuf[SMB_MAXPASSWORDLEN] = '\0';
|
|
}
|
|
if (!SMB_UNICODE_STRINGS(vcp))
|
|
iconv_convstr(vcp->vc_toserver, pbuf, pbuf/*,
|
|
SMB_MAXPASSWORDLEN*/);
|
|
|
|
if (vcp->vc_sopt.sv_sm & SMB_SM_ENCRYPT) {
|
|
uniplen = plen = 24;
|
|
smb_encrypt(pbuf, vcp->vc_ch, encpass);
|
|
ntencpass = malloc(uniplen, M_SMBTEMP, M_WAITOK);
|
|
if (SMB_UNICODE_STRINGS(vcp)) {
|
|
strncpy(pbuf, smb_vc_getpass(vcp),
|
|
SMB_MAXPASSWORDLEN);
|
|
pbuf[SMB_MAXPASSWORDLEN] = '\0';
|
|
} else
|
|
iconv_convstr(vcp->vc_toserver, pbuf,
|
|
smb_vc_getpass(vcp)/*,
|
|
SMB_MAXPASSWORDLEN*/);
|
|
smb_ntencrypt(pbuf, vcp->vc_ch, (u_char*)ntencpass);
|
|
pp = encpass;
|
|
unipp = ntencpass;
|
|
} else {
|
|
plen = strlen(pbuf) + 1;
|
|
pp = pbuf;
|
|
uniplen = plen * 2;
|
|
ntencpass = malloc(uniplen, M_SMBTEMP, M_WAITOK);
|
|
smb_strtouni(ntencpass, smb_vc_getpass(vcp));
|
|
plen--;
|
|
|
|
/*
|
|
* The uniplen is zeroed because Samba cannot deal
|
|
* with this 2nd cleartext password. This Samba
|
|
* "bug" is actually a workaround for problems in
|
|
* Microsoft clients.
|
|
*/
|
|
uniplen = 0/*-= 2*/;
|
|
unipp = ntencpass;
|
|
}
|
|
} else {
|
|
/*
|
|
* In the share security mode password will be used
|
|
* only in the tree authentication
|
|
*/
|
|
pp = "";
|
|
plen = 1;
|
|
unipp = &smb_unieol;
|
|
uniplen = 0 /* sizeof(smb_unieol) */;
|
|
}
|
|
smb_rq_wstart(rqp);
|
|
mbp = &rqp->sr_rq;
|
|
up = vcp->vc_username;
|
|
ulen = strlen(up) + 1;
|
|
/*
|
|
* If userid is null we are attempting anonymous browse login
|
|
* so passwords must be zero length.
|
|
*/
|
|
if (ulen == 1)
|
|
plen = uniplen = 0;
|
|
mb_put_uint8(mbp, 0xff);
|
|
mb_put_uint8(mbp, 0);
|
|
mb_put_uint16le(mbp, 0);
|
|
mb_put_uint16le(mbp, vcp->vc_sopt.sv_maxtx);
|
|
mb_put_uint16le(mbp, vcp->vc_sopt.sv_maxmux);
|
|
mb_put_uint16le(mbp, vcp->vc_number);
|
|
mb_put_uint32le(mbp, vcp->vc_sopt.sv_skey);
|
|
mb_put_uint16le(mbp, plen);
|
|
if (SMB_DIALECT(vcp) < SMB_DIALECT_NTLM0_12) {
|
|
mb_put_uint32le(mbp, 0);
|
|
smb_rq_wend(rqp);
|
|
smb_rq_bstart(rqp);
|
|
mb_put_mem(mbp, pp, plen, MB_MSYSTEM);
|
|
smb_put_dstring(mbp, vcp, up, SMB_CS_NONE);
|
|
} else {
|
|
mb_put_uint16le(mbp, uniplen);
|
|
mb_put_uint32le(mbp, 0); /* reserved */
|
|
mb_put_uint32le(mbp, vcp->obj.co_flags & SMBV_UNICODE ?
|
|
SMB_CAP_UNICODE : 0);
|
|
smb_rq_wend(rqp);
|
|
smb_rq_bstart(rqp);
|
|
mb_put_mem(mbp, pp, plen, MB_MSYSTEM);
|
|
mb_put_mem(mbp, (caddr_t)unipp, uniplen, MB_MSYSTEM);
|
|
smb_put_dstring(mbp, vcp, up, SMB_CS_NONE); /* AccountName */
|
|
smb_put_dstring(mbp, vcp, vcp->vc_domain, SMB_CS_NONE); /* PrimaryDomain */
|
|
smb_put_dstring(mbp, vcp, "FreeBSD", SMB_CS_NONE); /* Client's OS */
|
|
smb_put_dstring(mbp, vcp, "NETSMB", SMB_CS_NONE); /* Client name */
|
|
}
|
|
smb_rq_bend(rqp);
|
|
if (ntencpass)
|
|
free(ntencpass, M_SMBTEMP);
|
|
if (vcp->vc_hflags2 & SMB_FLAGS2_SECURITY_SIGNATURE)
|
|
smb_calcmackey(vcp);
|
|
error = smb_rq_simple(rqp);
|
|
SMBSDEBUG("%d\n", error);
|
|
if (error) {
|
|
if (rqp->sr_errclass == ERRDOS && rqp->sr_serror == ERRnoaccess)
|
|
error = EAUTH;
|
|
goto bad;
|
|
}
|
|
vcp->vc_smbuid = rqp->sr_rpuid;
|
|
bad:
|
|
free(encpass, M_SMBTEMP);
|
|
free(pbuf, M_SMBTEMP);
|
|
smb_rq_done(rqp);
|
|
if (error && upper == 1 && vcp->vc_sopt.sv_sm & SMB_SM_USER)
|
|
goto again;
|
|
return error;
|
|
}
|
|
|
|
int
|
|
smb_smb_ssnclose(struct smb_vc *vcp, struct smb_cred *scred)
|
|
{
|
|
struct smb_rq *rqp;
|
|
struct mbchain *mbp;
|
|
int error;
|
|
|
|
if (vcp->vc_smbuid == SMB_UID_UNKNOWN)
|
|
return 0;
|
|
|
|
if (smb_smb_nomux(vcp, scred, __func__) != 0)
|
|
return EINVAL;
|
|
|
|
error = smb_rq_alloc(VCTOCP(vcp), SMB_COM_LOGOFF_ANDX, scred, &rqp);
|
|
if (error)
|
|
return error;
|
|
mbp = &rqp->sr_rq;
|
|
smb_rq_wstart(rqp);
|
|
mb_put_uint8(mbp, 0xff);
|
|
mb_put_uint8(mbp, 0);
|
|
mb_put_uint16le(mbp, 0);
|
|
smb_rq_wend(rqp);
|
|
smb_rq_bstart(rqp);
|
|
smb_rq_bend(rqp);
|
|
error = smb_rq_simple(rqp);
|
|
SMBSDEBUG("%d\n", error);
|
|
smb_rq_done(rqp);
|
|
return error;
|
|
}
|
|
|
|
static char smb_any_share[] = "?????";
|
|
|
|
static char *
|
|
smb_share_typename(int stype)
|
|
{
|
|
char *pp;
|
|
|
|
switch (stype) {
|
|
case SMB_ST_DISK:
|
|
pp = "A:";
|
|
break;
|
|
case SMB_ST_PRINTER:
|
|
pp = smb_any_share; /* can't use LPT: here... */
|
|
break;
|
|
case SMB_ST_PIPE:
|
|
pp = "IPC";
|
|
break;
|
|
case SMB_ST_COMM:
|
|
pp = "COMM";
|
|
break;
|
|
case SMB_ST_ANY:
|
|
default:
|
|
pp = smb_any_share;
|
|
break;
|
|
}
|
|
return pp;
|
|
}
|
|
|
|
int
|
|
smb_smb_treeconnect(struct smb_share *ssp, struct smb_cred *scred)
|
|
{
|
|
struct smb_vc *vcp;
|
|
struct smb_rq rq, *rqp = &rq;
|
|
struct mbchain *mbp;
|
|
char *pp, *pbuf, *encpass;
|
|
int error, plen, caseopt, upper;
|
|
|
|
upper = 0;
|
|
|
|
again:
|
|
|
|
#if 0
|
|
/* Disable Unicode for SMB_COM_TREE_CONNECT_ANDX requests */
|
|
if (SSTOVC(ssp)->vc_hflags2 & SMB_FLAGS2_UNICODE) {
|
|
vcp = SSTOVC(ssp);
|
|
if (vcp->vc_toserver) {
|
|
iconv_close(vcp->vc_toserver);
|
|
/* Use NULL until UTF-8 -> ASCII works */
|
|
vcp->vc_toserver = NULL;
|
|
}
|
|
if (vcp->vc_tolocal) {
|
|
iconv_close(vcp->vc_tolocal);
|
|
/* Use NULL until ASCII -> UTF-8 works*/
|
|
vcp->vc_tolocal = NULL;
|
|
}
|
|
vcp->vc_hflags2 &= ~SMB_FLAGS2_UNICODE;
|
|
}
|
|
#endif
|
|
|
|
ssp->ss_tid = SMB_TID_UNKNOWN;
|
|
error = smb_rq_alloc(SSTOCP(ssp), SMB_COM_TREE_CONNECT_ANDX, scred, &rqp);
|
|
if (error)
|
|
return error;
|
|
vcp = rqp->sr_vc;
|
|
caseopt = SMB_CS_NONE;
|
|
if (vcp->vc_sopt.sv_sm & SMB_SM_USER) {
|
|
plen = 1;
|
|
pp = "";
|
|
pbuf = NULL;
|
|
encpass = NULL;
|
|
} else {
|
|
pbuf = malloc(SMB_MAXPASSWORDLEN + 1, M_SMBTEMP, M_WAITOK);
|
|
encpass = malloc(24, M_SMBTEMP, M_WAITOK);
|
|
/*
|
|
* We try w/o uppercasing first so Samba mixed case
|
|
* passwords work. If that fails we come back and try
|
|
* uppercasing to satisfy OS/2 and Windows for Workgroups.
|
|
*/
|
|
if (upper++) {
|
|
iconv_convstr(vcp->vc_toupper, pbuf,
|
|
smb_share_getpass(ssp)/*,
|
|
SMB_MAXPASSWORDLEN*/);
|
|
} else {
|
|
strncpy(pbuf, smb_share_getpass(ssp),
|
|
SMB_MAXPASSWORDLEN);
|
|
pbuf[SMB_MAXPASSWORDLEN] = '\0';
|
|
}
|
|
if (vcp->vc_sopt.sv_sm & SMB_SM_ENCRYPT) {
|
|
plen = 24;
|
|
smb_encrypt(pbuf, vcp->vc_ch, encpass);
|
|
pp = encpass;
|
|
} else {
|
|
plen = strlen(pbuf) + 1;
|
|
pp = pbuf;
|
|
}
|
|
}
|
|
mbp = &rqp->sr_rq;
|
|
smb_rq_wstart(rqp);
|
|
mb_put_uint8(mbp, 0xff);
|
|
mb_put_uint8(mbp, 0);
|
|
mb_put_uint16le(mbp, 0);
|
|
mb_put_uint16le(mbp, 0); /* Flags */
|
|
mb_put_uint16le(mbp, plen);
|
|
smb_rq_wend(rqp);
|
|
smb_rq_bstart(rqp);
|
|
mb_put_mem(mbp, pp, plen, MB_MSYSTEM);
|
|
smb_put_dmem(mbp, vcp, "\\\\", 2, caseopt);
|
|
pp = vcp->vc_srvname;
|
|
smb_put_dmem(mbp, vcp, pp, strlen(pp), caseopt);
|
|
smb_put_dmem(mbp, vcp, "\\", 1, caseopt);
|
|
pp = ssp->ss_name;
|
|
smb_put_dstring(mbp, vcp, pp, caseopt);
|
|
pp = smb_share_typename(ssp->ss_type);
|
|
smb_put_dstring(mbp, vcp, pp, caseopt);
|
|
smb_rq_bend(rqp);
|
|
error = smb_rq_simple(rqp);
|
|
SMBSDEBUG("%d\n", error);
|
|
if (error)
|
|
goto bad;
|
|
ssp->ss_tid = rqp->sr_rptid;
|
|
ssp->ss_vcgenid = vcp->vc_genid;
|
|
ssp->ss_flags |= SMBS_CONNECTED;
|
|
bad:
|
|
if (encpass)
|
|
free(encpass, M_SMBTEMP);
|
|
if (pbuf)
|
|
free(pbuf, M_SMBTEMP);
|
|
smb_rq_done(rqp);
|
|
if (error && upper == 1)
|
|
goto again;
|
|
return error;
|
|
}
|
|
|
|
int
|
|
smb_smb_treedisconnect(struct smb_share *ssp, struct smb_cred *scred)
|
|
{
|
|
struct smb_rq *rqp;
|
|
struct mbchain *mbp;
|
|
int error;
|
|
|
|
if (ssp->ss_tid == SMB_TID_UNKNOWN)
|
|
return 0;
|
|
error = smb_rq_alloc(SSTOCP(ssp), SMB_COM_TREE_DISCONNECT, scred, &rqp);
|
|
if (error)
|
|
return error;
|
|
mbp = &rqp->sr_rq;
|
|
smb_rq_wstart(rqp);
|
|
smb_rq_wend(rqp);
|
|
smb_rq_bstart(rqp);
|
|
smb_rq_bend(rqp);
|
|
error = smb_rq_simple(rqp);
|
|
SMBSDEBUG("%d\n", error);
|
|
smb_rq_done(rqp);
|
|
ssp->ss_tid = SMB_TID_UNKNOWN;
|
|
return error;
|
|
}
|
|
|
|
static __inline int
|
|
smb_smb_readx(struct smb_share *ssp, u_int16_t fid, int *len, int *rresid,
|
|
struct uio *uio, struct smb_cred *scred)
|
|
{
|
|
struct smb_rq *rqp;
|
|
struct mbchain *mbp;
|
|
struct mdchain *mdp;
|
|
u_int8_t wc;
|
|
int error;
|
|
u_int16_t residhi, residlo, off, doff;
|
|
u_int32_t resid;
|
|
|
|
error = smb_rq_alloc(SSTOCP(ssp), SMB_COM_READ_ANDX, scred, &rqp);
|
|
if (error)
|
|
return error;
|
|
smb_rq_getrequest(rqp, &mbp);
|
|
smb_rq_wstart(rqp);
|
|
mb_put_uint8(mbp, 0xff); /* no secondary command */
|
|
mb_put_uint8(mbp, 0); /* MBZ */
|
|
mb_put_uint16le(mbp, 0); /* offset to secondary */
|
|
mb_put_mem(mbp, (caddr_t)&fid, sizeof(fid), MB_MSYSTEM);
|
|
mb_put_uint32le(mbp, uio->uio_offset);
|
|
*len = min(SSTOVC(ssp)->vc_rxmax, *len);
|
|
mb_put_uint16le(mbp, *len); /* MaxCount */
|
|
mb_put_uint16le(mbp, *len); /* MinCount (only indicates blocking) */
|
|
mb_put_uint32le(mbp, (unsigned)*len >> 16); /* MaxCountHigh */
|
|
mb_put_uint16le(mbp, *len); /* Remaining ("obsolete") */
|
|
mb_put_uint32le(mbp, uio->uio_offset >> 32); /* OffsetHigh */
|
|
smb_rq_wend(rqp);
|
|
smb_rq_bstart(rqp);
|
|
smb_rq_bend(rqp);
|
|
do {
|
|
error = smb_rq_simple(rqp);
|
|
if (error)
|
|
break;
|
|
smb_rq_getreply(rqp, &mdp);
|
|
off = SMB_HDRLEN;
|
|
md_get_uint8(mdp, &wc);
|
|
off++;
|
|
if (wc != 12) {
|
|
error = EBADRPC;
|
|
break;
|
|
}
|
|
md_get_uint8(mdp, NULL);
|
|
off++;
|
|
md_get_uint8(mdp, NULL);
|
|
off++;
|
|
md_get_uint16le(mdp, NULL);
|
|
off += 2;
|
|
md_get_uint16le(mdp, NULL);
|
|
off += 2;
|
|
md_get_uint16le(mdp, NULL); /* data compaction mode */
|
|
off += 2;
|
|
md_get_uint16le(mdp, NULL);
|
|
off += 2;
|
|
md_get_uint16le(mdp, &residlo);
|
|
off += 2;
|
|
md_get_uint16le(mdp, &doff); /* data offset */
|
|
off += 2;
|
|
md_get_uint16le(mdp, &residhi);
|
|
off += 2;
|
|
resid = (residhi << 16) | residlo;
|
|
md_get_mem(mdp, NULL, 4 * 2, MB_MSYSTEM);
|
|
off += 4*2;
|
|
md_get_uint16le(mdp, NULL); /* ByteCount */
|
|
off += 2;
|
|
if (doff > off) /* pad byte(s)? */
|
|
md_get_mem(mdp, NULL, doff - off, MB_MSYSTEM);
|
|
if (resid == 0) {
|
|
*rresid = resid;
|
|
break;
|
|
}
|
|
error = md_get_uio(mdp, uio, resid);
|
|
if (error)
|
|
break;
|
|
*rresid = resid;
|
|
} while(0);
|
|
smb_rq_done(rqp);
|
|
return (error);
|
|
}
|
|
|
|
static __inline int
|
|
smb_smb_writex(struct smb_share *ssp, u_int16_t fid, int *len, int *rresid,
|
|
struct uio *uio, struct smb_cred *scred)
|
|
{
|
|
struct smb_rq *rqp;
|
|
struct mbchain *mbp;
|
|
struct mdchain *mdp;
|
|
int error;
|
|
u_int8_t wc;
|
|
u_int16_t resid;
|
|
|
|
error = smb_rq_alloc(SSTOCP(ssp), SMB_COM_WRITE_ANDX, scred, &rqp);
|
|
if (error)
|
|
return (error);
|
|
smb_rq_getrequest(rqp, &mbp);
|
|
smb_rq_wstart(rqp);
|
|
mb_put_uint8(mbp, 0xff); /* no secondary command */
|
|
mb_put_uint8(mbp, 0); /* MBZ */
|
|
mb_put_uint16le(mbp, 0); /* offset to secondary */
|
|
mb_put_mem(mbp, (caddr_t)&fid, sizeof(fid), MB_MSYSTEM);
|
|
mb_put_uint32le(mbp, uio->uio_offset);
|
|
mb_put_uint32le(mbp, 0); /* MBZ (timeout) */
|
|
mb_put_uint16le(mbp, 0); /* !write-thru */
|
|
mb_put_uint16le(mbp, 0);
|
|
*len = min(SSTOVC(ssp)->vc_wxmax, *len);
|
|
mb_put_uint16le(mbp, (unsigned)*len >> 16);
|
|
mb_put_uint16le(mbp, *len);
|
|
mb_put_uint16le(mbp, 64); /* data offset from header start */
|
|
mb_put_uint32le(mbp, uio->uio_offset >> 32); /* OffsetHigh */
|
|
smb_rq_wend(rqp);
|
|
smb_rq_bstart(rqp);
|
|
do {
|
|
mb_put_uint8(mbp, 0xee); /* mimic xp pad byte! */
|
|
error = mb_put_uio(mbp, uio, *len);
|
|
if (error)
|
|
break;
|
|
smb_rq_bend(rqp);
|
|
error = smb_rq_simple(rqp);
|
|
if (error)
|
|
break;
|
|
smb_rq_getreply(rqp, &mdp);
|
|
md_get_uint8(mdp, &wc);
|
|
if (wc != 6) {
|
|
error = EBADRPC;
|
|
break;
|
|
}
|
|
md_get_uint8(mdp, NULL);
|
|
md_get_uint8(mdp, NULL);
|
|
md_get_uint16le(mdp, NULL);
|
|
md_get_uint16le(mdp, &resid);
|
|
*rresid = resid;
|
|
} while(0);
|
|
|
|
smb_rq_done(rqp);
|
|
return (error);
|
|
}
|
|
|
|
static __inline int
|
|
smb_smb_read(struct smb_share *ssp, u_int16_t fid,
|
|
int *len, int *rresid, struct uio *uio, struct smb_cred *scred)
|
|
{
|
|
struct smb_rq *rqp;
|
|
struct mbchain *mbp;
|
|
struct mdchain *mdp;
|
|
u_int16_t resid, bc;
|
|
u_int8_t wc;
|
|
int error, rlen, blksz;
|
|
|
|
if (SSTOVC(ssp)->vc_sopt.sv_caps & SMB_CAP_LARGE_READX)
|
|
return (smb_smb_readx(ssp, fid, len, rresid, uio, scred));
|
|
|
|
error = smb_rq_alloc(SSTOCP(ssp), SMB_COM_READ, scred, &rqp);
|
|
if (error)
|
|
return error;
|
|
|
|
blksz = SSTOVC(ssp)->vc_txmax - SMB_HDRLEN - 16;
|
|
rlen = *len = min(blksz, *len);
|
|
|
|
smb_rq_getrequest(rqp, &mbp);
|
|
smb_rq_wstart(rqp);
|
|
mb_put_mem(mbp, (caddr_t)&fid, sizeof(fid), MB_MSYSTEM);
|
|
mb_put_uint16le(mbp, rlen);
|
|
mb_put_uint32le(mbp, uio->uio_offset);
|
|
mb_put_uint16le(mbp, min(uio->uio_resid, 0xffff));
|
|
smb_rq_wend(rqp);
|
|
smb_rq_bstart(rqp);
|
|
smb_rq_bend(rqp);
|
|
do {
|
|
error = smb_rq_simple(rqp);
|
|
if (error)
|
|
break;
|
|
smb_rq_getreply(rqp, &mdp);
|
|
md_get_uint8(mdp, &wc);
|
|
if (wc != 5) {
|
|
error = EBADRPC;
|
|
break;
|
|
}
|
|
md_get_uint16le(mdp, &resid);
|
|
md_get_mem(mdp, NULL, 4 * 2, MB_MSYSTEM);
|
|
md_get_uint16le(mdp, &bc);
|
|
md_get_uint8(mdp, NULL); /* ignore buffer type */
|
|
md_get_uint16le(mdp, &resid);
|
|
if (resid == 0) {
|
|
*rresid = resid;
|
|
break;
|
|
}
|
|
error = md_get_uio(mdp, uio, resid);
|
|
if (error)
|
|
break;
|
|
*rresid = resid;
|
|
} while(0);
|
|
smb_rq_done(rqp);
|
|
return error;
|
|
}
|
|
|
|
int
|
|
smb_read(struct smb_share *ssp, u_int16_t fid, struct uio *uio,
|
|
struct smb_cred *scred)
|
|
{
|
|
int tsize, len, resid;
|
|
int error = 0;
|
|
|
|
tsize = uio->uio_resid;
|
|
while (tsize > 0) {
|
|
len = tsize;
|
|
error = smb_smb_read(ssp, fid, &len, &resid, uio, scred);
|
|
if (error)
|
|
break;
|
|
tsize -= resid;
|
|
if (resid < len)
|
|
break;
|
|
}
|
|
return error;
|
|
}
|
|
|
|
static __inline int
|
|
smb_smb_write(struct smb_share *ssp, u_int16_t fid, int *len, int *rresid,
|
|
struct uio *uio, struct smb_cred *scred)
|
|
{
|
|
struct smb_rq *rqp;
|
|
struct mbchain *mbp;
|
|
struct mdchain *mdp;
|
|
u_int16_t resid;
|
|
u_int8_t wc;
|
|
int error, blksz;
|
|
|
|
if (*len && SSTOVC(ssp)->vc_sopt.sv_caps & SMB_CAP_LARGE_WRITEX)
|
|
return (smb_smb_writex(ssp, fid, len, rresid, uio, scred));
|
|
|
|
blksz = SSTOVC(ssp)->vc_txmax - SMB_HDRLEN - 16;
|
|
if (blksz > 0xffff)
|
|
blksz = 0xffff;
|
|
|
|
resid = *len = min(blksz, *len);
|
|
|
|
error = smb_rq_alloc(SSTOCP(ssp), SMB_COM_WRITE, scred, &rqp);
|
|
if (error)
|
|
return error;
|
|
smb_rq_getrequest(rqp, &mbp);
|
|
smb_rq_wstart(rqp);
|
|
mb_put_mem(mbp, (caddr_t)&fid, sizeof(fid), MB_MSYSTEM);
|
|
mb_put_uint16le(mbp, resid);
|
|
mb_put_uint32le(mbp, uio->uio_offset);
|
|
mb_put_uint16le(mbp, min(uio->uio_resid, 0xffff));
|
|
smb_rq_wend(rqp);
|
|
smb_rq_bstart(rqp);
|
|
mb_put_uint8(mbp, SMB_DT_DATA);
|
|
mb_put_uint16le(mbp, resid);
|
|
do {
|
|
error = mb_put_uio(mbp, uio, resid);
|
|
if (error)
|
|
break;
|
|
smb_rq_bend(rqp);
|
|
error = smb_rq_simple(rqp);
|
|
if (error)
|
|
break;
|
|
smb_rq_getreply(rqp, &mdp);
|
|
md_get_uint8(mdp, &wc);
|
|
if (wc != 1) {
|
|
error = EBADRPC;
|
|
break;
|
|
}
|
|
md_get_uint16le(mdp, &resid);
|
|
*rresid = resid;
|
|
} while(0);
|
|
smb_rq_done(rqp);
|
|
return error;
|
|
}
|
|
|
|
int
|
|
smb_write(struct smb_share *ssp, u_int16_t fid, struct uio *uio,
|
|
struct smb_cred *scred)
|
|
{
|
|
int error = 0, len, tsize, resid;
|
|
struct uio olduio;
|
|
|
|
tsize = uio->uio_resid;
|
|
olduio = *uio;
|
|
while (tsize > 0) {
|
|
len = tsize;
|
|
error = smb_smb_write(ssp, fid, &len, &resid, uio, scred);
|
|
if (error)
|
|
break;
|
|
if (resid < len) {
|
|
error = EIO;
|
|
break;
|
|
}
|
|
tsize -= resid;
|
|
}
|
|
if (error) {
|
|
/*
|
|
* Errors can happen on the copyin, the rpc, etc. So they
|
|
* imply resid is unreliable. The only safe thing is
|
|
* to pretend zero bytes made it. We needn't restore the
|
|
* iovs because callers don't depend on them in error
|
|
* paths - uio_resid and uio_offset are what matter.
|
|
*/
|
|
*uio = olduio;
|
|
}
|
|
return error;
|
|
}
|
|
|
|
int
|
|
smb_smb_echo(struct smb_vc *vcp, struct smb_cred *scred)
|
|
{
|
|
struct smb_rq *rqp;
|
|
struct mbchain *mbp;
|
|
int error;
|
|
|
|
error = smb_rq_alloc(VCTOCP(vcp), SMB_COM_ECHO, scred, &rqp);
|
|
if (error)
|
|
return error;
|
|
mbp = &rqp->sr_rq;
|
|
smb_rq_wstart(rqp);
|
|
mb_put_uint16le(mbp, 1);
|
|
smb_rq_wend(rqp);
|
|
smb_rq_bstart(rqp);
|
|
mb_put_uint32le(mbp, 0);
|
|
smb_rq_bend(rqp);
|
|
error = smb_rq_simple(rqp);
|
|
SMBSDEBUG("%d\n", error);
|
|
smb_rq_done(rqp);
|
|
return error;
|
|
}
|