source3/smbd/smb2_ioctl_named_pipe.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    Core SMB2 server
   4
   5    Copyright (C) Stefan Metzmacher 2009
   6
   7    This program is free software; you can redistribute it and/or modify
   8    it under the terms of the GNU General Public License as published by
   9    the Free Software Foundation; either version 3 of the License, or
  10    (at your option) any later version.
  11
  12    This program is distributed in the hope that it will be useful,
  13    but WITHOUT ANY WARRANTY; without even the implied warranty of
  14    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15    GNU General Public License for more details.
  16
  17    You should have received a copy of the GNU General Public License
  18    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  19 */
  20
  21 #include "includes.h"
  22 #include "smbd/smbd.h"
  23 #include "smbd/globals.h"
  24 #include "../libcli/smb/smb_common.h"
  25 #include "../lib/util/tevent_ntstatus.h"
  26 #include "rpc_server/srv_pipe_hnd.h"
  27 #include "include/ntioctl.h"
  28 #include "smb2_ioctl_private.h"
  29
  30 static void smbd_smb2_ioctl_pipe_write_done(struct tevent_req *subreq);
  31 static void smbd_smb2_ioctl_pipe_read_done(struct tevent_req *subreq);
  32
  33 struct tevent_req *smb2_ioctl_named_pipe(uint32_t ctl_code,
  34                                          struct tevent_context *ev,
  35                                          struct tevent_req *req,
  36                                          struct smbd_smb2_ioctl_state *state)
  37 {
  38         NTSTATUS status;
  39         uint8_t *out_data = NULL;
  40         uint32_t out_data_len = 0;
  41
  42         if (ctl_code == FSCTL_PIPE_TRANSCEIVE) {
  43                 struct tevent_req *subreq;
  44
  45                 if (!IS_IPC(state->smbreq->conn)) {
  46                         tevent_req_nterror(req, NT_STATUS_NOT_SUPPORTED);
  47                         return tevent_req_post(req, ev);
  48                 }
  49
  50                 if (state->fsp == NULL) {
  51                         tevent_req_nterror(req, NT_STATUS_FILE_CLOSED);
  52                         return tevent_req_post(req, ev);
  53                 }
  54
  55                 if (!fsp_is_np(state->fsp)) {
  56                         tevent_req_nterror(req, NT_STATUS_FILE_CLOSED);
  57                         return tevent_req_post(req, ev);
  58                 }
  59
  60                 DEBUG(10,("smbd_smb2_ioctl_send: np_write_send of size %u\n",
  61                         (unsigned int)state->in_input.length ));
  62
  63                 subreq = np_write_send(state, ev,
  64                                        state->fsp->fake_file_handle,
  65                                        state->in_input.data,
  66                                        state->in_input.length);
  67                 if (tevent_req_nomem(subreq, req)) {
  68                         return tevent_req_post(req, ev);
  69                 }
  70                 tevent_req_set_callback(subreq,
  71                                         smbd_smb2_ioctl_pipe_write_done,
  72                                         req);
  73                 return req;
  74         }
  75
  76         if (state->fsp == NULL) {
  77                 status = NT_STATUS_NOT_SUPPORTED;
  78         } else {
  79                 status = SMB_VFS_FSCTL(state->fsp,
  80                                        state,
  81                                        ctl_code,
  82                                        state->smbreq->flags2,
  83                                        state->in_input.data,
  84                                        state->in_input.length,
  85                                        &out_data,
  86                                        state->in_max_output,
  87                                        &out_data_len);
  88                 state->out_output = data_blob_const(out_data, out_data_len);
  89                 if (NT_STATUS_IS_OK(status)) {
  90                         tevent_req_done(req);
  91                         return tevent_req_post(req, ev);
  92                 }
  93         }
  94
  95         if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
  96                 if (IS_IPC(state->smbreq->conn)) {
  97                         status = NT_STATUS_FS_DRIVER_REQUIRED;
  98                 } else {
  99                         status = NT_STATUS_INVALID_DEVICE_REQUEST;
 100                 }
 101         }
 102
 103         tevent_req_nterror(req, status);
 104         return tevent_req_post(req, ev);
 105 }
 106
 107 static void smbd_smb2_ioctl_pipe_write_done(struct tevent_req *subreq)
 108 {
 109         struct tevent_req *req = tevent_req_callback_data(subreq,
 110                                  struct tevent_req);
 111         struct smbd_smb2_ioctl_state *state = tevent_req_data(req,
 112                                               struct smbd_smb2_ioctl_state);
 113         NTSTATUS status;
 114         ssize_t nwritten = -1;
 115
 116         status = np_write_recv(subreq, &nwritten);
 117
 118         DEBUG(10,("smbd_smb2_ioctl_pipe_write_done: received %ld\n",
 119                 (long int)nwritten ));
 120
 121         TALLOC_FREE(subreq);
 122         if (!NT_STATUS_IS_OK(status)) {
 123                 tevent_req_nterror(req, status);
 124                 return;
 125         }
 126
 127         if (nwritten != state->in_input.length) {
 128                 tevent_req_nterror(req, NT_STATUS_PIPE_NOT_AVAILABLE);
 129                 return;
 130         }
 131
 132         state->out_output = data_blob_talloc(state, NULL, state->in_max_output);
 133         if (state->in_max_output > 0 &&
 134             tevent_req_nomem(state->out_output.data, req)) {
 135                 return;
 136         }
 137
 138         DEBUG(10,("smbd_smb2_ioctl_pipe_write_done: issuing np_read_send "
 139                 "of size %u\n",
 140                 (unsigned int)state->out_output.length ));
 141
 142         subreq = np_read_send(state->smbreq->conn,
 143                               state->smb2req->sconn->ev_ctx,
 144                               state->fsp->fake_file_handle,
 145                               state->out_output.data,
 146                               state->out_output.length);
 147         if (tevent_req_nomem(subreq, req)) {
 148                 return;
 149         }
 150         tevent_req_set_callback(subreq, smbd_smb2_ioctl_pipe_read_done, req);
 151 }
 152
 153 static void smbd_smb2_ioctl_pipe_read_done(struct tevent_req *subreq)
 154 {
 155         struct tevent_req *req = tevent_req_callback_data(subreq,
 156                                  struct tevent_req);
 157         struct smbd_smb2_ioctl_state *state = tevent_req_data(req,
 158                                               struct smbd_smb2_ioctl_state);
 159         NTSTATUS status;
 160         ssize_t nread = -1;
 161         bool is_data_outstanding = false;
 162
 163         status = np_read_recv(subreq, &nread, &is_data_outstanding);
 164
 165         DEBUG(10,("smbd_smb2_ioctl_pipe_read_done: np_read_recv nread = %d "
 166                  "is_data_outstanding = %d, status = %s\n",
 167                 (int)nread,
 168                 (int)is_data_outstanding,
 169                 nt_errstr(status) ));
 170
 171         TALLOC_FREE(subreq);
 172         if (!NT_STATUS_IS_OK(status)) {
 173                 tevent_req_nterror(req, status);
 174                 return;
 175         }
 176
 177         state->out_output.length = nread;
 178
 179         if (is_data_outstanding) {
 180                 tevent_req_nterror(req, STATUS_BUFFER_OVERFLOW);
 181                 return;
 182         }
 183
 184         tevent_req_done(req);
 185 }