1 /*
2 Unix SMB/CIFS implementation.
3
4 SMB2 client tree handling
5
6 Copyright (C) Andrew Tridgell 2005
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
21 */
22
23 #include "includes.h"
24 #include "libcli/raw/libcliraw.h"
25 #include "libcli/smb2/smb2.h"
26 #include "libcli/smb2/smb2_calls.h"
27
28 #define CREATE_TAG_EXTA 0x41747845 /* "ExtA" */
29 #define CREATE_TAG_MXAC 0x6341784D /* "MxAc" */
30
31 /*
32 add a blob to a smb2_create attribute blob
33 */
smb2_create_blob_add(TALLOC_CTX * mem_ctx,DATA_BLOB * blob,uint32_t tag,DATA_BLOB add,BOOL last)34 static NTSTATUS smb2_create_blob_add(TALLOC_CTX *mem_ctx, DATA_BLOB *blob,
35 uint32_t tag,
36 DATA_BLOB add, BOOL last)
37 {
38 NTSTATUS status;
39 uint32_t ofs = blob->length;
40 uint8_t pad = smb2_padding_size(add.length, 8);
41 status = data_blob_realloc(mem_ctx, blob, blob->length + 0x18 + add.length + pad);
42 NT_STATUS_NOT_OK_RETURN(status);
43
44 if (last) {
45 SIVAL(blob->data, ofs+0x00, 0);
46 } else {
47 SIVAL(blob->data, ofs+0x00, 0x18 + add.length + pad);
48 }
49 SSVAL(blob->data, ofs+0x04, 0x10); /* offset of tag */
50 SIVAL(blob->data, ofs+0x06, 0x04); /* tag length */
51 SSVAL(blob->data, ofs+0x0A, 0x18); /* offset of data */
52 SIVAL(blob->data, ofs+0x0C, add.length);
53 SIVAL(blob->data, ofs+0x10, tag);
54 SIVAL(blob->data, ofs+0x14, 0); /* pad? */
55 memcpy(blob->data+ofs+0x18, add.data, add.length);
56 memset(blob->data+ofs+0x18+add.length, 0, pad);
57
58 return NT_STATUS_OK;
59 }
60
61 /*
62 send a create request
63 */
smb2_create_send(struct smb2_tree * tree,struct smb2_create * io)64 struct smb2_request *smb2_create_send(struct smb2_tree *tree, struct smb2_create *io)
65 {
66 struct smb2_request *req;
67 NTSTATUS status;
68 DATA_BLOB blob = data_blob(NULL, 0);
69
70 req = smb2_request_init_tree(tree, SMB2_OP_CREATE, 0x38, True, 0);
71 if (req == NULL) return NULL;
72
73 SSVAL(req->out.body, 0x02, io->in.oplock_flags);
74 SIVAL(req->out.body, 0x04, io->in.impersonation);
75 SIVAL(req->out.body, 0x08, io->in.unknown3[0]);
76 SIVAL(req->out.body, 0x0C, io->in.unknown3[1]);
77 SIVAL(req->out.body, 0x10, io->in.unknown3[2]);
78 SIVAL(req->out.body, 0x14, io->in.unknown3[3]);
79 SIVAL(req->out.body, 0x18, io->in.access_mask);
80 SIVAL(req->out.body, 0x1C, io->in.file_attr);
81 SIVAL(req->out.body, 0x20, io->in.share_access);
82 SIVAL(req->out.body, 0x24, io->in.open_disposition);
83 SIVAL(req->out.body, 0x28, io->in.create_options);
84
85 status = smb2_push_o16s16_string(&req->out, 0x2C, io->in.fname);
86 if (!NT_STATUS_IS_OK(status)) {
87 talloc_free(req);
88 return NULL;
89 }
90
91 if (io->in.eas.num_eas != 0) {
92 DATA_BLOB b = data_blob_talloc(req, NULL,
93 ea_list_size_chained(io->in.eas.num_eas, io->in.eas.eas));
94 ea_put_list_chained(b.data, io->in.eas.num_eas, io->in.eas.eas);
95 status = smb2_create_blob_add(req, &blob, CREATE_TAG_EXTA, b, False);
96 if (!NT_STATUS_IS_OK(status)) {
97 talloc_free(req);
98 return NULL;
99 }
100 data_blob_free(&b);
101 }
102
103 /* an empty MxAc tag seems to be used to ask the server to
104 return the maximum access mask allowed on the file */
105 status = smb2_create_blob_add(req, &blob, CREATE_TAG_MXAC, data_blob(NULL, 0), True);
106
107 if (!NT_STATUS_IS_OK(status)) {
108 talloc_free(req);
109 return NULL;
110 }
111 status = smb2_push_o32s32_blob(&req->out, 0x30, blob);
112 if (!NT_STATUS_IS_OK(status)) {
113 talloc_free(req);
114 return NULL;
115 }
116
117 smb2_transport_send(req);
118
119 return req;
120 }
121
122
123 /*
124 recv a create reply
125 */
smb2_create_recv(struct smb2_request * req,TALLOC_CTX * mem_ctx,struct smb2_create * io)126 NTSTATUS smb2_create_recv(struct smb2_request *req, TALLOC_CTX *mem_ctx, struct smb2_create *io)
127 {
128 NTSTATUS status;
129
130 if (!smb2_request_receive(req) ||
131 !smb2_request_is_ok(req)) {
132 return smb2_request_destroy(req);
133 }
134
135 SMB2_CHECK_PACKET_RECV(req, 0x58, True);
136
137 io->out.oplock_flags = SVAL(req->in.body, 0x02);
138 io->out.create_action = IVAL(req->in.body, 0x04);
139 io->out.create_time = smbcli_pull_nttime(req->in.body, 0x08);
140 io->out.access_time = smbcli_pull_nttime(req->in.body, 0x10);
141 io->out.write_time = smbcli_pull_nttime(req->in.body, 0x18);
142 io->out.change_time = smbcli_pull_nttime(req->in.body, 0x20);
143 io->out.alloc_size = BVAL(req->in.body, 0x28);
144 io->out.size = BVAL(req->in.body, 0x30);
145 io->out.file_attr = IVAL(req->in.body, 0x38);
146 io->out._pad = IVAL(req->in.body, 0x3C);
147 smb2_pull_handle(req->in.body+0x40, &io->out.file.handle);
148 status = smb2_pull_o32s32_blob(&req->in, mem_ctx, req->in.body+0x50, &io->out.blob);
149 if (!NT_STATUS_IS_OK(status)) {
150 smb2_request_destroy(req);
151 return status;
152 }
153
154 return smb2_request_destroy(req);
155 }
156
157 /*
158 sync create request
159 */
smb2_create(struct smb2_tree * tree,TALLOC_CTX * mem_ctx,struct smb2_create * io)160 NTSTATUS smb2_create(struct smb2_tree *tree, TALLOC_CTX *mem_ctx, struct smb2_create *io)
161 {
162 struct smb2_request *req = smb2_create_send(tree, io);
163 return smb2_create_recv(req, mem_ctx, io);
164 }
165