Core SMB2 server
Copyright (C) Stefan Metzmacher 2009
+ Copyright (C) Jeremy Allison 2010
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
*/
#include "includes.h"
+#include "smbd/smbd.h"
#include "smbd/globals.h"
-#include "../source4/libcli/smb2/smb2_constants.h"
+#include "../libcli/smb/smb_common.h"
+#include "../lib/util/tevent_ntstatus.h"
+
+struct smbd_smb2_notify_state {
+ struct smbd_smb2_request *smb2req;
+ struct smb_request *smbreq;
+ struct tevent_immediate *im;
+ NTSTATUS status;
+ DATA_BLOB out_output_buffer;
+};
static struct tevent_req *smbd_smb2_notify_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct smbd_smb2_request *smb2req,
+ struct files_struct *in_fsp,
uint16_t in_flags,
uint32_t in_output_buffer_length,
- uint64_t in_file_id_volatile,
uint64_t in_completion_filter);
static NTSTATUS smbd_smb2_notify_recv(struct tevent_req *req,
TALLOC_CTX *mem_ctx,
static void smbd_smb2_request_notify_done(struct tevent_req *subreq);
NTSTATUS smbd_smb2_request_process_notify(struct smbd_smb2_request *req)
{
- const uint8_t *inhdr;
+ NTSTATUS status;
const uint8_t *inbody;
int i = req->current_idx;
- size_t expected_body_size = 0x20;
- size_t body_size;
uint16_t in_flags;
uint32_t in_output_buffer_length;
uint64_t in_file_id_persistent;
uint64_t in_file_id_volatile;
+ struct files_struct *in_fsp;
uint64_t in_completion_filter;
struct tevent_req *subreq;
- inhdr = (const uint8_t *)req->in.vector[i+0].iov_base;
- if (req->in.vector[i+1].iov_len != (expected_body_size & 0xFFFFFFFE)) {
- return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
+ status = smbd_smb2_request_verify_sizes(req, 0x20);
+ if (!NT_STATUS_IS_OK(status)) {
+ return smbd_smb2_request_error(req, status);
}
-
inbody = (const uint8_t *)req->in.vector[i+1].iov_base;
- body_size = SVAL(inbody, 0x00);
- if (body_size != expected_body_size) {
- return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
- }
-
in_flags = SVAL(inbody, 0x02);
in_output_buffer_length = IVAL(inbody, 0x04);
in_file_id_persistent = BVAL(inbody, 0x08);
* 0x00010000 is what Windows 7 uses,
* Windows 2008 uses 0x00080000
*/
- if (in_output_buffer_length > 0x00010000) {
+ if (in_output_buffer_length > req->sconn->smb2.max_trans) {
return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
}
- if (req->compat_chain_fsp) {
- /* skip check */
- } else if (in_file_id_persistent != 0) {
+ in_fsp = file_fsp_smb2(req, in_file_id_persistent, in_file_id_volatile);
+ if (in_fsp == NULL) {
return smbd_smb2_request_error(req, NT_STATUS_FILE_CLOSED);
}
- subreq = smbd_smb2_notify_send(req,
- req->sconn->smb2.event_ctx,
- req,
+ subreq = smbd_smb2_notify_send(req, req->sconn->smb2.event_ctx,
+ req, in_fsp,
in_flags,
in_output_buffer_length,
- in_file_id_volatile,
in_completion_filter);
if (subreq == NULL) {
return smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
}
tevent_req_set_callback(subreq, smbd_smb2_request_notify_done, req);
- if (tevent_req_is_in_progress(subreq)) {
- return smbd_smb2_request_pending_queue(req);
- }
-
- return NT_STATUS_OK;
+ return smbd_smb2_request_pending_queue(req, subreq);
}
static void smbd_smb2_request_notify_done(struct tevent_req *subreq)
NTSTATUS status;
NTSTATUS error; /* transport error */
+ if (req->cancelled) {
+ struct smbd_smb2_notify_state *state = tevent_req_data(subreq,
+ struct smbd_smb2_notify_state);
+ const uint8_t *inhdr = (const uint8_t *)req->in.vector[i].iov_base;
+ uint64_t mid = BVAL(inhdr, SMB2_HDR_MESSAGE_ID);
+
+ DEBUG(10,("smbd_smb2_request_notify_done: cancelled mid %llu\n",
+ (unsigned long long)mid ));
+ error = smbd_smb2_request_error(req, NT_STATUS_CANCELLED);
+ if (!NT_STATUS_IS_OK(error)) {
+ smbd_server_connection_terminate(req->sconn,
+ nt_errstr(error));
+ return;
+ }
+ TALLOC_FREE(state->im);
+ return;
+ }
+
status = smbd_smb2_notify_recv(subreq,
req,
&out_output_buffer);
}
}
-struct smbd_smb2_notify_state {
- struct smbd_smb2_request *smb2req;
- struct tevent_immediate *im;
- NTSTATUS status;
- DATA_BLOB out_output_buffer;
-};
-
static void smbd_smb2_notify_reply(struct smb_request *smbreq,
NTSTATUS error_code,
uint8_t *buf, size_t len);
static void smbd_smb2_notify_reply_trigger(struct tevent_context *ctx,
struct tevent_immediate *im,
void *private_data);
+static bool smbd_smb2_notify_cancel(struct tevent_req *req);
static struct tevent_req *smbd_smb2_notify_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct smbd_smb2_request *smb2req,
+ struct files_struct *fsp,
uint16_t in_flags,
uint32_t in_output_buffer_length,
- uint64_t in_file_id_volatile,
uint64_t in_completion_filter)
{
struct tevent_req *req;
struct smbd_smb2_notify_state *state;
struct smb_request *smbreq;
connection_struct *conn = smb2req->tcon->compat_conn;
- files_struct *fsp;
bool recursive = (in_flags & 0x0001) ? true : false;
NTSTATUS status;
state->out_output_buffer = data_blob_null;
state->im = NULL;
- DEBUG(10,("smbd_smb2_notify_send: file_id[0x%016llX]\n",
- (unsigned long long)in_file_id_volatile));
+ DEBUG(10,("smbd_smb2_notify_send: %s - fnum[%d]\n",
+ fsp_str_dbg(fsp), fsp->fnum));
smbreq = smbd_smb2_fake_smb_request(smb2req);
if (tevent_req_nomem(smbreq, req)) {
return tevent_req_post(req, ev);
}
+ state->smbreq = smbreq;
smbreq->async_priv = (void *)req;
- fsp = file_fsp(smbreq, (uint16_t)in_file_id_volatile);
- if (fsp == NULL) {
- tevent_req_nterror(req, NT_STATUS_FILE_CLOSED);
- return tevent_req_post(req, ev);
- }
- if (conn != fsp->conn) {
- tevent_req_nterror(req, NT_STATUS_FILE_CLOSED);
- return tevent_req_post(req, ev);
- }
- if (smb2req->session->vuid != fsp->vuid) {
- tevent_req_nterror(req, NT_STATUS_FILE_CLOSED);
- return tevent_req_post(req, ev);
- }
-
{
char *filter_string;
* here.
*/
- change_notify_reply(fsp->conn, smbreq,
+ change_notify_reply(smbreq,
NT_STATUS_OK,
in_output_buffer_length,
fsp->notify,
return tevent_req_post(req, ev);
}
+ /* allow this request to be canceled */
+ tevent_req_set_cancel_fn(req, smbd_smb2_notify_cancel);
+
return req;
}
tevent_req_done(req);
}
+static bool smbd_smb2_notify_cancel(struct tevent_req *req)
+{
+ struct smbd_smb2_notify_state *state = tevent_req_data(req,
+ struct smbd_smb2_notify_state);
+
+ smbd_notify_cancel_by_smbreq(state->smbreq);
+
+ state->smb2req->cancelled = true;
+ tevent_req_done(req);
+ return true;
+}
+
static NTSTATUS smbd_smb2_notify_recv(struct tevent_req *req,
TALLOC_CTX *mem_ctx,
DATA_BLOB *out_output_buffer)
git.samba.org / ddiss / samba.git / blobdiff