use Windows named pipe using cmd 2d: NT Create AndX Request
Jeremy Allison
jra at samba.org
Mon Mar 14 18:15:23 MDT 2011
On Mon, Mar 14, 2011 at 12:11:03PM -0500, Josh Moore wrote:
> I'm trying to connect to a Windows named pipe that is shared over SMB.
>
> For context, see Windows Server code:
> http://msdn.microsoft.com/en-us/library/aa365588%28v=VS.85%29.aspx
> A modification needed for the server (see the note about permissions at the end):
> http://msdn.microsoft.com/en-us/library/aa365150%28v=vs.85%29.aspx
> Windows Client code:
> http://msdn.microsoft.com/en-us/library/aa365592%28v=VS.85%29.aspx
> This all works OK in Windows. No problem.
>
> The Server side in my application is created in Windows by a competing company. I have no control over it (otherwise it would be a TCP server). I do have Wireshark packet captures of successful communication. And, of course, I have the bare-bones Windows server and client (above) to run on test machines.
> I want to implement the Client side in Linux using libsmbclient.
>
> I've started with the testread.c example. It reads text files OK on file shares, e.g. smb://10.0.0.2/c/textfile.txt
> I tried to get it to connect to the named pipe by giving it various path names, e.g. smb://10.0.0.2/IPC$/mynamedpipe
>
> It starts out OK by sending a Tree Connect AndX Request to path \\10.0.0.2\IPC$
>
> Then, I think I want to send a SMB packet with the SMB Command field byte having value "a2" (hexadecimal). This is an "NT Create AndX Request".
> Instead, all it seems I can send is SMB Command value "2d", "Open AndX Request".
>
> I tried changing "smbc_open(path, O_RDONLY, 0)" to "smbc_creat(path, 0)", but that didn't do it.
>
> Would it be possible to send this other type of Samba command (a2)?
Not at present. Unfortunately libsmbclient internally is using the
internal Samba API cli_open(), which uses the old DOS SMBopenX call
on the wire.
A decent patch might be to change smbc_open() and smbc_creat()
to use NtCreateX instead, or extend the libsmbclient API to
expose the cli_ntcreate() internal Samba API call.
Jeremy.
More information about the samba-technical
mailing list