smb_smb.c revision 9c9af2590af49bb395bc8d2eace0f2d4ea16d165
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Copyright (c) 2000-2001 Boris Popov
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * All rights reserved.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Redistribution and use in source and binary forms, with or without
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * modification, are permitted provided that the following conditions
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * 1. Redistributions of source code must retain the above copyright
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * notice, this list of conditions and the following disclaimer.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * 2. Redistributions in binary form must reproduce the above copyright
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * notice, this list of conditions and the following disclaimer in the
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * documentation and/or other materials provided with the distribution.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * 3. All advertising materials mentioning features or use of this software
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * must display the following acknowledgement:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * This product includes software developed by Boris Popov.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * 4. Neither the name of the author nor the names of any co-contributors
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * may be used to endorse or promote products derived from this software
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * without specific prior written permission.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * SUCH DAMAGE.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * $Id: smb_smb.c,v 1.35.100.2 2005/06/02 00:55:39 lindak Exp $
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Use is subject to license terms.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * various SMB requests. Most of the routines merely packs data into mbufs.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Largest size to use with LARGE_READ/LARGE_WRITE.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Specs say up to 64k data bytes, but Windows traffic
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * uses 60k... no doubt for some good reason.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * (Probably to keep 4k block alignment.)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * XXX: Move to smb.h maybe?
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Default timeout values, all in seconds.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Make these tunable (only via mdb for now).
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Debug/test feature to disable NTMLv2.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Set this to zero to skip NTLMv2
4bff34e37def8a90f9194d81bc345c52ba20086athurlowstatic int smb_smb_read(struct smb_share *ssp, u_int16_t fid,
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross uint32_t *lenp, uio_t *uiop, smb_cred_t *scred, int timo);
4bff34e37def8a90f9194d81bc345c52ba20086athurlowstatic int smb_smb_write(struct smb_share *ssp, u_int16_t fid,
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross uint32_t *lenp, uio_t *uiop, smb_cred_t *scred, int timo);
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Rossstatic int smb_smb_readx(struct smb_share *ssp, u_int16_t fid,
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross uint32_t *lenp, uio_t *uiop, smb_cred_t *scred, int timo);
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Rossstatic int smb_smb_writex(struct smb_share *ssp, u_int16_t fid,
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross uint32_t *lenp, uio_t *uiop, smb_cred_t *scred, int timo);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow const char *d_name;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow (sizeof (smb_dialects) / sizeof (struct smb_dialect) - 2)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Number of seconds between 1970 and 1601 year
4bff34e37def8a90f9194d81bc345c52ba20086athurlowsmb_time_local2server(struct timespec *tsp, int tzoff, long *seconds)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * XXX - what if we connected to the server when it was in
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * daylight savings/summer time and we've subsequently switched
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * to standard time, or vice versa, so that the time zone
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * offset we got from the server is now wrong?
4bff34e37def8a90f9194d81bc345c52ba20086athurlow /* - tz.tz_minuteswest * 60 - (wall_cmos_clock ? adjkerntz : 0) */
4bff34e37def8a90f9194d81bc345c52ba20086athurlowsmb_time_server2local(ulong_t seconds, int tzoff, struct timespec *tsp)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * XXX - what if we connected to the server when it was in
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * daylight savings/summer time and we've subsequently switched
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * to standard time, or vice versa, so that the time zone
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * offset we got from the server is now wrong?
4bff34e37def8a90f9194d81bc345c52ba20086athurlow /* + tz.tz_minuteswest * 60 + (wall_cmos_clock ? adjkerntz : 0); */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Time from server comes as UTC, so no need to use tz
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/*ARGSUSED*/
4bff34e37def8a90f9194d81bc345c52ba20086athurlowsmb_time_NT2local(u_int64_t nsec, int tzoff, struct timespec *tsp)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow smb_time_server2local(nsec / 10000000 - DIFF1970TO1601, 0, tsp);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/*ARGSUSED*/
4bff34e37def8a90f9194d81bc345c52ba20086athurlowsmb_time_local2NT(struct timespec *tsp, int tzoff, u_int64_t *nsec)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow *nsec = (((u_int64_t)(seconds) & ~1) + DIFF1970TO1601) *
4bff34e37def8a90f9194d81bc345c52ba20086athurlowextern int iconv_open(const char *to, const char *from, void **handle);
4bff34e37def8a90f9194d81bc345c52ba20086athurlowsmb_smb_negotiate(struct smb_vc *vcp, struct smb_cred *scred)
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * We set various flags below to keep track of
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * interesting things we learn from negotiation.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Clear all the flags except these two, which
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * are operational rather than protocol info.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross vcp->vc_flags &= (SMBV_GONE | SMBV_RECONNECTING);
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Now vc_hflags and vc_hflags2. Careful with this:
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Leave SMB_FLAGS2_UNICODE off so mb_put_dstring
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * marshalls the dialect strings in plain ascii.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * We'll turn that on below, if appropriate.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Note: These flags are marshalled into the request
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * when we call smb_rq_alloc, so changing them after
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * this point does not affect THIS request.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* User-level may ask for extended security. */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* Also clear any old key (for reconnect) */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow error = smb_rq_alloc(VCTOCP(vcp), SMB_COM_NEGOTIATE, scred, &rqp);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * This request should not wait for
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * connection state changes, etc.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow "Don't know how to talk with server %s (%d)\n",
4bff34e37def8a90f9194d81bc345c52ba20086athurlow "Server %s negotiated old dialect (%s)\n",
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SMBSDEBUG("Dialect %s (%d, %d)\n", dp->d_name, dindex, wc);
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* BEGIN CSTYLED */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Will we do SMB signing? Or block the connection?
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * The table below describes this logic. References:
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * [Windows Server Protocols: MS-SMB, sec. 3.2.4.2.3]
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * http://msdn.microsoft.com/en-us/library/cc212511.aspx
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * http://msdn.microsoft.com/en-us/library/cc212929.aspx
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Srv/Cli | Required | Enabled | If Required | Disabled
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * ------------+----------+------------+-------------+-----------
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Required | Signed | Signed | Signed | Blocked [1]
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * ------------+----------+------------+-------------+-----------
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Enabled | Signed | Signed | Not Signed | Not Signed
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * ------------+----------+------------+-------------+-----------
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * If Required | Signed | Not Signed | Not Signed | Not Signed
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * ------------+----------+------------+-------------+-----------
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Disabled | Blocked | Not Signed | Not Signed | Not Signed
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * [1] Like Windows 2003 and later, we don't really implement
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * the "Disabled" setting. Instead we implement "If Required",
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * so we always sign if the server requires signing.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* END CSTYLED */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Server requires signing.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Server enables signing (client's option).
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * If enabled locally, do signing.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* else not signing. */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Server does not support signing.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * If we "require" it, bail now.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross "but server has it disabled.\n");
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * They don't do NT error codes.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * If we send requests with
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * SMB_FLAGS2_ERR_STATUS set in
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Flags2, Windows 98, at least,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * appears to send replies with that
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * bit set even though it sends back
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * DOS error codes. (They probably
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * just use the request header as
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * a template for the reply header,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * and don't bother clearing that bit.)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Therefore, we clear that bit in
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * our vc_hflags2 field.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * 3 cases here:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * 1) Extended security.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Read bc bytes below for security blob.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Note that we DON'T put the Caps flag in outtok.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * outtoklen = bc
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * 2) No extended security, have challenge data and
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * possibly a domain name (which might be zero
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * bytes long, meaning "missing").
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Copy challenge stuff to vcp->vc_ch (sblen bytes),
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * then copy Cap flags and domain name (bc-sblen
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * bytes) to outtok.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * outtoklen = bc-sblen+4, where the 4 is for the
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Caps flag.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * 3) No extended security, no challenge data, just
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * possibly a domain name.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Copy Capsflags and domain name (bc) to outtok.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * outtoklen = bc+4, where 4 is for the Caps flag
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Sanity check: make sure the challenge length
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * isn't bigger than the byte count.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * For servers that don't support unicode
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * there are 2 things we could do:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * 1) Pass the server Caps flags up to the
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * user level so the logic up there will
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * know whether the domain name is unicode
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * (this is what I did).
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * 2) Try to convert the non-unicode string
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * to unicode. This doubles the length of
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * the outtok buffer and would be guessing that
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * the string was single-byte ascii, and that
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * might be wrong. Why ask for trouble?
4bff34e37def8a90f9194d81bc345c52ba20086athurlow /* Warning: NetApp may omit the GUID */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * No extended security.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Stick domain name, if present,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * and caps in outtok.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow /* first store server capability bits */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Then store the domain name if present;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * be sure to subtract 4 from the length
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * for the Caps flag.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Extended security.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Stick the rest of the buffer in outtok.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow vcp->vc_hflags2 &= ~(SMB_FLAGS2_EXT_SEC|SMB_FLAGS2_DFS|
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } else { /* an old CORE protocol */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } while (0);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow if (error == 0) {
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Maximum outstanding requests.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Max VCs between server and client.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * We only use one.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Maximum transfer size.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Sanity checks:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Spec. says lower limit is 1024. OK.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Let's be conservative about an upper limit here.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Win2k uses 16644 (and others) so 32k should be a
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * reasonable sanity limit for this value.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Note that this limit does NOT affect READX/WRITEX
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * with CAP_LARGE_xxx, which we nearly always use.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Max read/write sizes, WITHOUT overhead.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * This is just the payload size, so we must
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * leave room for the SMB headers, etc.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * This is just the vc_txmax value, but
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * reduced and rounded down. Tricky bit:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Servers typically give us a value that's
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * some nice "round" number, i.e 0x4000 plus
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * some overhead, i.e. Win2k: 16644==0x4104
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Subtract for the SMB header (32) and the
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * SMB command word and byte vectors (34?),
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * then round down to a 512 byte multiple.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * If the server supports Unicode, set up to use Unicode
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * when talking to them. Othewise, use code page 437.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * todo: if we can't determine the server's encoding, we
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * need to try a best-guess here.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow error = iconv_open(servercs, "utf-8", &servercshandle);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow error = iconv_open("utf-8", servercs, &localcshandle);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow if (error != 0) {
4bff34e37def8a90f9194d81bc345c52ba20086athurlowget_ascii_password(struct smb_vc *vcp, int upper, char *pbuf)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow strncpy(pbuf, smb_vc_getpass(vcp), SMB_MAXPASSWORDLEN);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/*ARGSUSED*/
4bff34e37def8a90f9194d81bc345c52ba20086athurlowadd_name_to_blob(uchar_t *blobnames, struct smb_vc *vcp, const uchar_t *name,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow uninamelen = smb_strtouni(uninamebuf, namebuf, namelen,
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Rossmake_ntlmv2_blob(struct smb_vc *vcp, u_int64_t client_nonce,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * XXX - the information at
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * http://davenport.sourceforge.net/ntlm.html#theNtlmv2Response
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * says that the "target information" comes from the Type 2 message,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * but, as we're not doing NTLMSSP, we don't have that.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Should we use the names from the NegProt response? Can we trust
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * the NegProt response? (I've seen captures where the primary
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * domain name has an extra byte in front of it.)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * For now, we don't trust it - we use vcp->vc_domain and
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * vcp->vc_srvname, instead. We upper-case them and convert
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * them to Unicode, as that's what's supposed to be in the blob.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow + 3*sizeof (struct ntlmv2_namehdr) + 4 + 2*domainlen + 2*srvlen;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow blobnames = add_name_to_blob(blobnames, vcp, (uchar_t *)vcp->vc_domain,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow blobnames = add_name_to_blob(blobnames, vcp, (uchar_t *)vcp->vc_srvname,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow blobnames = add_name_to_blob(blobnames, vcp, NULL, 0, NAMETYPE_EOL, 0);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * When not doing Kerberos, we can try, in order:
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * NTLM (and maybe LM)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * if the server supports encrypted passwords, or
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * plain-text with the ASCII password not upper-cased
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * plain-text with the ASCII password upper-cased
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * if it doesn't.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Rosstypedef enum {
4bff34e37def8a90f9194d81bc345c52ba20086athurlowsmb_smb_ssnsetup(struct smb_vc *vcp, struct smb_cred *scred)
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross char *ucdp = vcp->vc_domain; /* already upper case */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Most of the "capability" bits we offer should be copied
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * from those offered by the server, with a mask applied.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * This is the mask of capabilies copied from the server.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Some others get special handling below.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * This function tries authentication types in a
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * sequence going stronger to weaker, until it
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * succeeds or runs into "minauth" and fails.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Extended security is a special case because
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * fall-back requires a return to user-level and
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * a new connection, new SMB negotiate, etc.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Null session is also special - no fall-back.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Otherwise if the server supports encryption,
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * try NTLMv2, then NTLM, etc.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross else if ((vcp->vc_sopt.sv_sm & SMB_SM_USER) == 0) {
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* Share-level security. */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* Have SMB_SM_USER. Encryption? */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * This is normally disallowed
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * by the minauth check below.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * If server does not support encryption,
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * disable unicode too. (Spec. for this?)
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross if ((vcp->vc_sopt.sv_sm & SMB_SM_ENCRYPT) == 0) {
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Now disallow auth. types that fall below
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * the minimum strength configured.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * We hold no kmem here.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * See comment in smb_iod_sendrq()
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * about vc_smbuid initialization.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Within this switch, we may allocate either or both:
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * encpass, ntencpass (len: plen_alloc, uniplen_alloc)
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * and will free these below (see the label "bad")
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * With extended security, the whole blob is
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * passed in from user-level (vc_intok)
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* XXX Need Session Key */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* We hold no kmem here. */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Compute the LMv2 and NTLMv2 responses,
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * derived from the challenge, the user name,
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * the domain/workgroup into which we're
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * logging, and the Unicode password.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Construct the client nonce by getting
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * a bunch of random data.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Convert the user name to upper-case, as
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * that's what's used when computing LMv2
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * and NTLMv2 responses.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Compute the NTLMv2 hash, which is
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * derived from the NTLMv1 hash and
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * the upper-case user + domain.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Compute the LMv2 response, derived from
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * the v2hash, the server challenge, and
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * the client nonce (random bits).
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Note: kmem_alloc encpass (plen)
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Construct the blob.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Note: kmem_alloc ntlmv2_blob
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Compute the NTLMv2 response, derived
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * from the server challenge, the
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * user name, the domain/workgroup
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * into which we're logging, the
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * blob, and the v2 hash.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Note: kmem_alloc ntencpass (uniplen)
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * If we negotiated signing, compute the MAC key
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * and start signing messages, but only on the
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * first non-null session login.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross !(vcp->vc_hflags2 & SMB_FLAGS2_SECURITY_SIGNATURE)) {
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross vcp->vc_hflags2 |= SMB_FLAGS2_SECURITY_SIGNATURE;
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Compute the LM response, derived
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * from the challenge and the ASCII
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * password. (If minauth allows it.)
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Compute the NTLM response, derived from
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * the challenge and the NT hash.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * If we negotiated signing, compute the MAC key
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * and start signing messages, but only on the
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * first non-null session login.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross !(vcp->vc_hflags2 & SMB_FLAGS2_SECURITY_SIGNATURE)) {
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross vcp->vc_hflags2 |= SMB_FLAGS2_SECURITY_SIGNATURE;
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * We try w/o uppercasing first so Samba mixed case
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * passwords work. If that fails, we come back and
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * try uppercasing to satisfy OS/2 and Windows for
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Workgroups.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross get_ascii_password(vcp, (authtype == ClearUC), encpass);
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross (void) smb_strtouni(ntencpass, smb_vc_getpass(vcp), 0, 0);
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * The uniplen is zeroed because Samba cannot deal
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * with this 2nd cleartext password. This Samba
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * "bug" is actually a workaround for problems in
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Microsoft clients.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross } /* switch authtype */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross error = smb_rq_alloc(VCTOCP(vcp), SMB_COM_SESSION_SETUP_ANDX,
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Build the request.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * If userid is null we are attempting anonymous browse login
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * so passwords must be zero length.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow smb_put_dstring(mbp, vcp, up, SMB_CS_NONE); /* user */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow smb_put_dstring(mbp, vcp, ucdp, SMB_CS_NONE); /* domain */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow mb_put_mem(mbp, pp, plen, MB_MSYSTEM); /* password */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow mb_put_mem(mbp, (caddr_t)unipp, uniplen, MB_MSYSTEM);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow smb_put_dstring(mbp, vcp, up, SMB_CS_NONE); /* user */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow smb_put_dstring(mbp, vcp, ucdp, SMB_CS_NONE); /* dom */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow smb_put_dstring(mbp, vcp, NativeOS, SMB_CS_NONE); /* OS */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow smb_put_dstring(mbp, vcp, LanMan, SMB_CS_NONE); /* LAN Mgr */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * This request should not wait for
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * connection state changes, etc.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Parse the reply
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross error = md_get_mem(mdp, vcp->vc_outtok, bl, MB_MSYSTEM);
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Server OS, LANMGR, & Domain follow here.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * XXX: Should store these strings (later).
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Windows systems do not suport CAP_LARGE_...
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * when signing is enabled, so adjust sv_caps.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Match first 8 characters of server's OS
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * with the UCS-2LE string: "Windows "
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross "W\0i\0n\0d\0o\0w\0s\0 ";
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* align(2) */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross md_get_mem(mdp, osbuf, sizeof (osbuf), MB_MSYSTEM);
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross if (0 == bcmp(WindowsU, osbuf, sizeof (osbuf))) {
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* success! */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * When authentication fails and we're (possibly) doing
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * fall-back to another method, we have to reset things.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross vcp->vc_hflags2 &= ~SMB_FLAGS2_SECURITY_SIGNATURE;
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Shall we try again with another auth type?
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Note: We hold no kmem here.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* Error or not, we're done. (no fallback) */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * We're doing user-level authentication (so we are actually
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * sending authentication stuff over the wire), and we're
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * not doing extended security, and the stuff we tried
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * failed (or we we're trying to login a real user but
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * got granted guest access instead.)
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * See radar 4134676. This check works around the way a
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * certain old server grants limited Guest access when we
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * try NTLMv2, but works fine with NTLM. The fingerprint
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * we are looking for is DOS error codes and no-Unicode.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Note XP grants Guest access but uses Unicode and
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * NT error codes.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* force fallback */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* FALLTHROUGH */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* no more fallbacks */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SMBERROR("we declined ntlmv2 guest access. errno will be %d\n",
4bff34e37def8a90f9194d81bc345c52ba20086athurlowsmb_smb_ssnclose(struct smb_vc *vcp, struct smb_cred *scred)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow return (0);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow error = smb_rq_alloc(VCTOCP(vcp), SMB_COM_LOGOFF_ANDX, scred, &rqp);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Run this with a relatively short timeout.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * We don't really care about the result,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * as we're just trying to play nice and
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * "say goodbye" before we hangup.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * XXX: Add SMBLOGOFFTIMO somewhere?
4bff34e37def8a90f9194d81bc345c52ba20086athurlowstatic char *
4bff34e37def8a90f9194d81bc345c52ba20086athurlowsmb_smb_treeconnect(struct smb_share *ssp, struct smb_cred *scred)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow const char *pw;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Make this a "VC-level" request, so it will have
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * rqp->sr_share == NULL, and smb_iod_sendrq()
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * will send it with TID = SMB_TID_UNKNOWN
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * This also serves to bypass the wait for
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * share state changes, which this call is
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * trying to carry out.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * No longer need to set ssp->ss_tid
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * here, but it's harmless enough.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow error = smb_rq_alloc(VCTOCP(vcp), SMB_COM_TREE_CONNECT_ANDX,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow pbuf = kmem_alloc(SMB_MAXPASSWORDLEN + 1, KM_SLEEP);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * We try w/o uppercasing first so Samba mixed case
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * passwords work. If that fails we come back and try
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * uppercasing to satisfy OS/2 and Windows for Workgroups.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * We need to convert here to the server codeset.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Initially we will send the same stuff and see what happens
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * witout the conversion. REVISIT.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow iconv_convstr(vcp->vc_toserver, pbuf, pbuf, SMB_MAXPASSWORDLEN);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SMBSDEBUG("error %d from mb_put_mem for pp\n", error);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow error = smb_put_dmem(mbp, vcp, pp, strlen(pp), caseopt, NULL);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SMBSDEBUG("error %d from smb_put_dmem for srvname\n", error);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SMBSDEBUG("error %d from smb_put_dstring for ss_name\n", error);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow /* The type name is always ASCII */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow error = mb_put_mem(mbp, pp, strlen(pp) + 1, MB_MSYSTEM);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow SMBSDEBUG("error %d from mb_put_mem for ss_type\n", error);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Don't want to risk missing a successful
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * tree connect response.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow /* Success! */
4bff34e37def8a90f9194d81bc345c52ba20086athurlowsmb_smb_treedisconnect(struct smb_share *ssp, struct smb_cred *scred)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow return (0);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Build this as a "VC-level" request, so it will
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * avoid testing the _GONE flag on the share,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * which has already been set at this point.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Add the share pointer "by hand" below, so
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * smb_iod_sendrq will plug in the TID.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow error = smb_rq_alloc(VCTOCP(vcp), SMB_COM_TREE_DISCONNECT, scred, &rqp);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Run this with a relatively short timeout. (5 sec.)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * We don't really care about the result here, but we
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * do need to make sure we send this out, or we could
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * "leak" active tree IDs on interrupt or timeout.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * The NOINTR_SEND flag makes this request immune to
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * interrupt or timeout until the send is done.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Common function for read/write with UIO.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Called by netsmb smb_usr_rw,
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * smbfs_readvnode, smbfs_writevnode
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Rosssmb_rwuio(struct smb_share *ssp, uint16_t fid, uio_rw_t rw,
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross int (*iofun)(struct smb_share *, uint16_t, uint32_t *,
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Determine which function to use,
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * and the transfer size per call.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Using NT LM 0.12, so readx, writex.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Make sure we can represent the offset.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross if ((vcp->vc_sopt.sv_caps & SMB_CAP_LARGE_FILES) == 0 &&
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross (uiop->uio_loffset + uiop->uio_resid) > UINT32_MAX)
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross } else { /* UIO_WRITE */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross if (vcp->vc_sopt.sv_caps & SMB_CAP_LARGE_WRITEX)
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Using the old SMB_READ and SMB_WRITE so
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * we're limited to 32-bit offsets, etc.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * XXX: Someday, punt the old dialects.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross if ((uiop->uio_loffset + uiop->uio_resid) > UINT32_MAX)
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross } else { /* UIO_WRITE */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* Lint: uio_resid may be 64-bits */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross rlen = len = (uint32_t)min(maxlen, uiop->uio_resid);
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross error = (*iofun)(ssp, fid, &rlen, uiop, scred, timo);
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Note: the iofun called uio_update, so
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * not doing that here as one might expect.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Quit the loop either on error, or if we
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * transferred less then requested.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Stopped on an error after having
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * successfully transferred data.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Suppress this error.
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Rosssmb_smb_readx(struct smb_share *ssp, uint16_t fid, uint32_t *lenp,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow error = smb_rq_alloc(SSTOCP(ssp), SMB_COM_READ_ANDX, scred, &rqp);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow mb_put_mem(mbp, (caddr_t)&fid, sizeof (fid), MB_MSYSTEM);
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross mb_put_uint32le(mbp, offlo); /* offset (low part) */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* (only indicates blocking) */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross mb_put_uint16le(mbp, lenlo); /* Remaining ("obsolete") */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross mb_put_uint32le(mbp, offhi); /* offset (high part) */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow md_get_uint16le(mdp, NULL); /* data compaction mode */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross md_get_uint16le(mdp, &lenlo); /* data len ret. */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Does the data offset indicate padding?
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross * Add up the gets above, we have:
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* paranoid */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } while (0);
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Rosssmb_smb_writex(struct smb_share *ssp, uint16_t fid, uint32_t *lenp,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow error = smb_rq_alloc(SSTOCP(ssp), SMB_COM_WRITE_ANDX, scred, &rqp);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow mb_put_mem(mbp, (caddr_t)&fid, sizeof (fid), MB_MSYSTEM);
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross mb_put_uint32le(mbp, offlo); /* offset (low part) */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow mb_put_uint16le(mbp, 64); /* data offset from header start */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross mb_put_uint32le(mbp, offhi); /* offset (high part) */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross md_get_uint16le(mdp, &lenlo); /* data len ret. */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } while (0);
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Rosssmb_smb_read(struct smb_share *ssp, uint16_t fid, uint32_t *lenp,
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* This next is an "estimate" of planned reads. */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross todo = (uint16_t)min(uiop->uio_resid, UINT16_MAX);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow error = smb_rq_alloc(SSTOCP(ssp), SMB_COM_READ, scred, &rqp);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow mb_put_mem(mbp, (caddr_t)&fid, sizeof (fid), MB_MSYSTEM);
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross md_get_mem(mdp, NULL, 4 * 2, MB_MSYSTEM); /* res. */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* paranoid */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } while (0);
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Rosssmb_smb_write(struct smb_share *ssp, uint16_t fid, uint32_t *lenp,
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross /* This next is an "estimate" of planned writes. */
9c9af2590af49bb395bc8d2eace0f2d4ea16d165Gordon Ross todo = (uint16_t)min(uiop->uio_resid, UINT16_MAX);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow error = smb_rq_alloc(SSTOCP(ssp), SMB_COM_WRITE, scred, &rqp);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow mb_put_mem(mbp, (caddr_t)&fid, sizeof (fid), MB_MSYSTEM);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow } while (0);
4bff34e37def8a90f9194d81bc345c52ba20086athurlowsmb_smb_echo(struct smb_vc *vcp, struct smb_cred *scred, int timo)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow error = smb_rq_alloc(VCTOCP(vcp), SMB_COM_ECHO, scred, &rqp);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Note: the IOD calls this, so
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * this request must not wait for
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * connection state changes, etc.
4bff34e37def8a90f9194d81bc345c52ba20086athurlowsmb_smb_checkdir(struct smb_share *ssp, void *dnp, char *name,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow error = smb_rq_alloc(SSTOCP(ssp), SMB_COM_CHECK_DIRECTORY, scred, &rqp);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * All we need to do is marshall the path: "\\"
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * (the root of the share) into this request.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * We essentially in-line smbfs_fullpath() here,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * except no mb_put_padbyte (already aligned).
4bff34e37def8a90f9194d81bc345c52ba20086athurlow smb_put_dstring(mbp, SSTOVC(ssp), "\\", SMB_CS_NONE);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#endif /* APPLE */