Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 : Core SMB2 server
4 :
5 : Copyright (C) Stefan Metzmacher 2009
6 :
7 : This program is free software; you can redistribute it and/or modify
8 : it under the terms of the GNU General Public License as published by
9 : the Free Software Foundation; either version 3 of the License, or
10 : (at your option) any later version.
11 :
12 : This program is distributed in the hope that it will be useful,
13 : but WITHOUT ANY WARRANTY; without even the implied warranty of
14 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 : GNU General Public License for more details.
16 :
17 : You should have received a copy of the GNU General Public License
18 : along with this program. If not, see <http://www.gnu.org/licenses/>.
19 : */
20 :
21 : #include "includes.h"
22 : #include "smbd/smbd.h"
23 : #include "smbd/globals.h"
24 : #include "../libcli/smb/smb_common.h"
25 : #include "../lib/util/tevent_ntstatus.h"
26 : #include "include/ntioctl.h"
27 : #include "smb2_ioctl_private.h"
28 :
29 : #undef DBGC_CLASS
30 : #define DBGC_CLASS DBGC_SMB2
31 :
32 10793 : static NTSTATUS fsctl_dfs_get_refers(TALLOC_CTX *mem_ctx,
33 : struct tevent_context *ev,
34 : struct connection_struct *conn,
35 : DATA_BLOB *in_input,
36 : uint32_t in_max_output,
37 : DATA_BLOB *out_output)
38 : {
39 0 : uint16_t in_max_referral_level;
40 0 : DATA_BLOB in_file_name_buffer;
41 0 : char *in_file_name_string;
42 0 : size_t in_file_name_string_size;
43 0 : bool ok;
44 10793 : bool overflow = false;
45 0 : NTSTATUS status;
46 0 : int dfs_size;
47 10793 : char *dfs_data = NULL;
48 0 : DATA_BLOB output;
49 :
50 10793 : if (!lp_host_msdfs()) {
51 0 : return NT_STATUS_FS_DRIVER_REQUIRED;
52 : }
53 :
54 10793 : if (in_input->length < (2 + 2)) {
55 0 : return NT_STATUS_INVALID_PARAMETER;
56 : }
57 :
58 10793 : in_max_referral_level = SVAL(in_input->data, 0);
59 10793 : in_file_name_buffer.data = in_input->data + 2;
60 10793 : in_file_name_buffer.length = in_input->length - 2;
61 :
62 10793 : ok = convert_string_talloc(mem_ctx, CH_UTF16, CH_UNIX,
63 10793 : in_file_name_buffer.data,
64 : in_file_name_buffer.length,
65 : &in_file_name_string,
66 : &in_file_name_string_size);
67 10793 : if (!ok) {
68 0 : return NT_STATUS_ILLEGAL_CHARACTER;
69 : }
70 :
71 10793 : dfs_size = setup_dfs_referral(conn,
72 : in_file_name_string,
73 : in_max_referral_level,
74 : &dfs_data, &status);
75 10793 : if (dfs_size < 0) {
76 6129 : return status;
77 : }
78 :
79 4664 : if (dfs_size > in_max_output) {
80 : /*
81 : * TODO: we need a testsuite for this
82 : */
83 0 : overflow = true;
84 0 : dfs_size = in_max_output;
85 : }
86 :
87 4664 : output = data_blob_talloc(mem_ctx, (uint8_t *)dfs_data, dfs_size);
88 4664 : SAFE_FREE(dfs_data);
89 4664 : if ((dfs_size > 0) && (output.data == NULL)) {
90 0 : return NT_STATUS_NO_MEMORY;
91 : }
92 4664 : *out_output = output;
93 :
94 4664 : if (overflow) {
95 0 : return STATUS_BUFFER_OVERFLOW;
96 : }
97 4664 : return NT_STATUS_OK;
98 : }
99 :
100 10793 : struct tevent_req *smb2_ioctl_dfs(uint32_t ctl_code,
101 : struct tevent_context *ev,
102 : struct tevent_req *req,
103 : struct smbd_smb2_ioctl_state *state)
104 : {
105 0 : NTSTATUS status;
106 :
107 10793 : switch (ctl_code) {
108 10793 : case FSCTL_DFS_GET_REFERRALS:
109 10793 : status = fsctl_dfs_get_refers(state, ev, state->smbreq->conn,
110 : &state->in_input,
111 : state->in_max_output,
112 : &state->out_output);
113 10793 : if (!tevent_req_nterror(req, status)) {
114 4664 : tevent_req_done(req);
115 : }
116 10793 : return tevent_req_post(req, ev);
117 0 : break;
118 0 : default: {
119 0 : uint8_t *out_data = NULL;
120 0 : uint32_t out_data_len = 0;
121 :
122 0 : if (state->fsp == NULL) {
123 0 : status = NT_STATUS_NOT_SUPPORTED;
124 : } else {
125 0 : status = SMB_VFS_FSCTL(state->fsp,
126 : state,
127 : ctl_code,
128 : state->smbreq->flags2,
129 : state->in_input.data,
130 : state->in_input.length,
131 : &out_data,
132 : state->in_max_output,
133 : &out_data_len);
134 0 : state->out_output = data_blob_const(out_data, out_data_len);
135 0 : if (NT_STATUS_IS_OK(status)) {
136 0 : tevent_req_done(req);
137 0 : return tevent_req_post(req, ev);
138 : }
139 : }
140 :
141 0 : if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
142 0 : if (IS_IPC(state->smbreq->conn)) {
143 0 : status = NT_STATUS_FS_DRIVER_REQUIRED;
144 : } else {
145 0 : status = NT_STATUS_INVALID_DEVICE_REQUEST;
146 : }
147 : }
148 :
149 0 : tevent_req_nterror(req, status);
150 0 : return tevent_req_post(req, ev);
151 0 : break;
152 : }
153 : }
154 :
155 : tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
156 : return tevent_req_post(req, ev);
157 : }
|