[PATCH] smbclient: Enable "notify" cmd for SMB2

Volker Lendecke Volker.Lendecke at SerNet.DE
Tue Jul 25 13:27:51 UTC 2017


Hi!

Review appreciated!

Thanks, Volker

-- 
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
-------------- next part --------------
From 882dd61836b1533d361fe800c7793be39d978417 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 25 Jul 2017 12:11:37 +0200
Subject: [PATCH 1/3] libsmb: Add smb2cli_notify()

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 libcli/smb/smb2cli_notify.c | 178 ++++++++++++++++++++++++++++++++++++++++++++
 libcli/smb/smbXcli_base.h   |  26 +++++++
 libcli/smb/wscript          |   1 +
 3 files changed, 205 insertions(+)
 create mode 100644 libcli/smb/smb2cli_notify.c

diff --git a/libcli/smb/smb2cli_notify.c b/libcli/smb/smb2cli_notify.c
new file mode 100644
index 00000000000..0a23cf9ad03
--- /dev/null
+++ b/libcli/smb/smb2cli_notify.c
@@ -0,0 +1,178 @@
+/*
+   Unix SMB/CIFS implementation.
+   smb2 lib
+   Copyright (C) Volker Lendecke 2017
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "system/network.h"
+#include "lib/util/tevent_ntstatus.h"
+#include "smb_common.h"
+#include "smbXcli_base.h"
+#include "librpc/gen_ndr/ndr_notify.h"
+
+struct smb2cli_notify_state {
+	uint8_t fixed[32];
+
+	struct iovec *recv_iov;
+	uint8_t *data;
+	uint32_t data_length;
+};
+
+static void smb2cli_notify_done(struct tevent_req *subreq);
+
+struct tevent_req *smb2cli_notify_send(TALLOC_CTX *mem_ctx,
+				       struct tevent_context *ev,
+				       struct smbXcli_conn *conn,
+				       uint32_t timeout_msec,
+				       struct smbXcli_session *session,
+				       struct smbXcli_tcon *tcon,
+				       uint32_t output_buffer_length,
+				       uint64_t fid_persistent,
+				       uint64_t fid_volatile,
+				       uint32_t completion_filter,
+				       bool recursive)
+{
+	struct tevent_req *req, *subreq;
+	struct smb2cli_notify_state *state;
+	uint8_t *fixed;
+
+	req = tevent_req_create(mem_ctx, &state,
+				struct smb2cli_notify_state);
+	if (req == NULL) {
+		return NULL;
+	}
+	fixed = state->fixed;
+	SSVAL(fixed, 0, 32);
+	SSVAL(fixed, 2, recursive ? SMB2_WATCH_TREE : 0);
+	SIVAL(fixed, 4, output_buffer_length);
+	SBVAL(fixed, 8, fid_persistent);
+	SBVAL(fixed, 16, fid_volatile);
+	SIVAL(fixed, 24, completion_filter);
+	SIVAL(fixed, 28, 0); 	/* reserved */
+
+	subreq = smb2cli_req_send(state, ev, conn, SMB2_OP_NOTIFY,
+				  0, 0, /* flags */
+				  timeout_msec,
+				  tcon,
+				  session,
+				  state->fixed, sizeof(state->fixed),
+				  NULL, 0, /* dyn* */
+				  0); /* max_dyn_len */
+	if (tevent_req_nomem(subreq, req)) {
+		return tevent_req_post(req, ev);
+	}
+	tevent_req_set_callback(subreq, smb2cli_notify_done, req);
+	return req;
+}
+
+static void smb2cli_notify_done(struct tevent_req *subreq)
+{
+	struct tevent_req *req = tevent_req_callback_data(
+		subreq, struct tevent_req);
+	struct smb2cli_notify_state *state = tevent_req_data(
+		req, struct smb2cli_notify_state);
+	NTSTATUS status;
+	struct iovec *iov;
+	uint16_t data_offset;
+	static const struct smb2cli_req_expected_response expected[] = {
+	{
+		.status = NT_STATUS_OK,
+		.body_size = 0x09
+	}
+	};
+
+	status = smb2cli_req_recv(subreq, state, &iov,
+				  expected, ARRAY_SIZE(expected));
+	TALLOC_FREE(subreq);
+	if (tevent_req_nterror(req, status)) {
+		return;
+	}
+
+	data_offset = SVAL(iov[1].iov_base, 2);
+	state->data_length = IVAL(iov[1].iov_base, 4);
+
+	if ((data_offset != SMB2_HDR_BODY + 8) ||
+	    (state->data_length > iov[2].iov_len)) {
+		tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);
+		return;
+	}
+
+	state->recv_iov = iov;
+	state->data = (uint8_t *)iov[2].iov_base;
+	tevent_req_done(req);
+}
+
+NTSTATUS smb2cli_notify_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
+			     uint8_t **data, uint32_t *data_length)
+{
+	struct smb2cli_notify_state *state = tevent_req_data(
+		req, struct smb2cli_notify_state);
+	NTSTATUS status;
+
+	if (tevent_req_is_nterror(req, &status)) {
+		return status;
+	}
+	talloc_steal(mem_ctx, state->recv_iov);
+	*data_length = state->data_length;
+	*data = state->data;
+	return NT_STATUS_OK;
+}
+
+NTSTATUS smb2cli_notify(struct smbXcli_conn *conn,
+			uint32_t timeout_msec,
+			struct smbXcli_session *session,
+			struct smbXcli_tcon *tcon,
+			uint32_t output_buffer_length,
+			uint64_t fid_persistent,
+			uint64_t fid_volatile,
+			uint32_t completion_filter,
+			bool recursive,
+			TALLOC_CTX *mem_ctx,
+			uint8_t **data,
+			uint32_t *data_length)
+{
+	TALLOC_CTX *frame = talloc_stackframe();
+	struct tevent_context *ev;
+	struct tevent_req *req;
+	NTSTATUS status = NT_STATUS_NO_MEMORY;
+
+	if (smbXcli_conn_has_async_calls(conn)) {
+		/*
+		 * Can't use sync call while an async call is in flight
+		 */
+		status = NT_STATUS_INVALID_PARAMETER;
+		goto fail;
+	}
+	ev = samba_tevent_context_init(frame);
+	if (ev == NULL) {
+		goto fail;
+	}
+	req = smb2cli_notify_send(frame, ev, conn, timeout_msec,
+				  session, tcon, output_buffer_length,
+				  fid_persistent, fid_volatile,
+				  completion_filter, recursive);
+	if (req == NULL) {
+		goto fail;
+	}
+	if (!tevent_req_poll_ntstatus(req, ev, &status)) {
+		goto fail;
+	}
+	status = smb2cli_notify_recv(req, mem_ctx, data, data_length);
+ fail:
+	TALLOC_FREE(frame);
+	return status;
+}
diff --git a/libcli/smb/smbXcli_base.h b/libcli/smb/smbXcli_base.h
index 52fec9a5044..338f0a4886f 100644
--- a/libcli/smb/smbXcli_base.h
+++ b/libcli/smb/smbXcli_base.h
@@ -806,6 +806,32 @@ NTSTATUS smb2cli_query_directory(struct smbXcli_conn *conn,
 				 uint8_t **data,
 				 uint32_t *data_length);
 
+struct tevent_req *smb2cli_notify_send(TALLOC_CTX *mem_ctx,
+				       struct tevent_context *ev,
+				       struct smbXcli_conn *conn,
+				       uint32_t timeout_msec,
+				       struct smbXcli_session *session,
+				       struct smbXcli_tcon *tcon,
+				       uint32_t output_buffer_length,
+				       uint64_t fid_persistent,
+				       uint64_t fid_volatile,
+				       uint32_t completion_filter,
+				       bool recursive);
+NTSTATUS smb2cli_notify_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
+			     uint8_t **data, uint32_t *data_length);
+NTSTATUS smb2cli_notify(struct smbXcli_conn *conn,
+			uint32_t timeout_msec,
+			struct smbXcli_session *session,
+			struct smbXcli_tcon *tcon,
+			uint32_t output_buffer_length,
+			uint64_t fid_persistent,
+			uint64_t fid_volatile,
+			uint32_t completion_filter,
+			bool recursive,
+			TALLOC_CTX *mem_ctx,
+			uint8_t **data,
+			uint32_t *data_length);
+
 struct tevent_req *smb2cli_ioctl_send(TALLOC_CTX *mem_ctx,
 				      struct tevent_context *ev,
 				      struct smbXcli_conn *conn,
diff --git a/libcli/smb/wscript b/libcli/smb/wscript
index e6628266ddc..53a5c213953 100644
--- a/libcli/smb/wscript
+++ b/libcli/smb/wscript
@@ -39,6 +39,7 @@ def build(bld):
            smb2cli_flush.c
            smb2cli_set_info.c
            smb2cli_query_info.c
+           smb2cli_notify.c
            smb2cli_query_directory.c
            smb2cli_ioctl.c
            smb2cli_echo.c
-- 
2.11.0


From 13d62db9e12b1d66b40faaac52e397b2ed712ea9 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 25 Jul 2017 12:12:02 +0200
Subject: [PATCH 2/3] libsmb: Add cli_smb2_notify

We have to do the parsing manually. Looking at librpc/gen_ndr/ndr_notify.c we
have the following code snippet:

  size_FileName1_0 = strlen_m(r->FileName1);
  NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->FileName1,
                             size_FileName1_0, sizeof(uint16_t),
                             CH_UTF16));

which means that we take strlen_m(r->FileName1) before we pull
it off the wire. Not sure how to fix this, but that is clearly
broken pidl output. Once that is fixed, we can convert this
to ndr_pull_struct.

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source3/libsmb/cli_smb2_fnum.c | 92 ++++++++++++++++++++++++++++++++++++++++++
 source3/libsmb/cli_smb2_fnum.h |  5 +++
 2 files changed, 97 insertions(+)

diff --git a/source3/libsmb/cli_smb2_fnum.c b/source3/libsmb/cli_smb2_fnum.c
index 6967555797a..7c5296c7203 100644
--- a/source3/libsmb/cli_smb2_fnum.c
+++ b/source3/libsmb/cli_smb2_fnum.c
@@ -3794,3 +3794,95 @@ NTSTATUS cli_smb2_ftruncate(struct cli_state *cli,
 	TALLOC_FREE(frame);
 	return status;
 }
+
+NTSTATUS cli_smb2_notify(struct cli_state *cli, uint16_t fnum,
+			 uint32_t buffer_size, uint32_t completion_filter,
+			 bool recursive, TALLOC_CTX *mem_ctx,
+			 struct notify_change **pchanges,
+			 uint32_t *pnum_changes)
+{
+	NTSTATUS status;
+	struct smb2_hnd *ph = NULL;
+	TALLOC_CTX *frame = talloc_stackframe();
+	uint8_t *base;
+	uint32_t len, ofs;
+	struct notify_change *changes = NULL;
+	size_t num_changes = 0;
+
+	if (smbXcli_conn_has_async_calls(cli->conn)) {
+		/*
+		 * Can't use sync call while an async call is in flight
+		 */
+		status = NT_STATUS_INVALID_PARAMETER;
+		goto fail;
+	}
+
+	if (smbXcli_conn_protocol(cli->conn) < PROTOCOL_SMB2_02) {
+		status = NT_STATUS_INVALID_PARAMETER;
+		goto fail;
+	}
+
+	status = map_fnum_to_smb2_handle(cli, fnum, &ph);
+	if (!NT_STATUS_IS_OK(status)) {
+		goto fail;
+	}
+
+	status = smb2cli_notify(cli->conn, cli->timeout,
+				cli->smb2.session, cli->smb2.tcon,
+				buffer_size,
+				ph->fid_persistent, ph->fid_volatile,
+				completion_filter, recursive,
+				frame, &base, &len);
+
+	ofs = 0;
+
+	while (len - ofs >= 12) {
+		struct notify_change *tmp;
+		struct notify_change *c;
+		uint32_t next_ofs = IVAL(base, ofs);
+		uint32_t file_name_length = IVAL(base, ofs+8);
+		size_t namelen;
+		bool ok;
+
+		tmp = talloc_realloc(frame, changes, struct notify_change,
+				     num_changes + 1);
+		if (tmp == NULL) {
+			status = NT_STATUS_NO_MEMORY;
+			goto fail;
+		}
+		changes = tmp;
+		c = &changes[num_changes];
+		num_changes += 1;
+
+		if (smb_buffer_oob(len, ofs, next_ofs) ||
+		    smb_buffer_oob(len, ofs+12, file_name_length)) {
+			status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+			goto fail;
+		}
+
+		c->action = IVAL(base, ofs+4);
+
+		ok = convert_string_talloc(changes, CH_UTF16LE, CH_UNIX,
+					   base + ofs + 12, file_name_length,
+					   &c->name, &namelen);
+		if (!ok) {
+			status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+			goto fail;
+		}
+
+		if (next_ofs == 0) {
+			break;
+		}
+		ofs += next_ofs;
+	}
+
+	*pchanges = talloc_move(mem_ctx, &changes);
+	*pnum_changes = num_changes;
+	status = NT_STATUS_OK;
+
+fail:
+	cli->raw_status = status;
+
+	TALLOC_FREE(frame);
+	return status;
+}
diff --git a/source3/libsmb/cli_smb2_fnum.h b/source3/libsmb/cli_smb2_fnum.h
index 190ec59971b..c5a489c128c 100644
--- a/source3/libsmb/cli_smb2_fnum.h
+++ b/source3/libsmb/cli_smb2_fnum.h
@@ -219,4 +219,9 @@ NTSTATUS cli_smb2_shadow_copy_data(TALLOC_CTX *mem_ctx,
 NTSTATUS cli_smb2_ftruncate(struct cli_state *cli,
 			uint16_t fnum,
 			uint64_t newsize);
+NTSTATUS cli_smb2_notify(struct cli_state *cli, uint16_t fnum,
+			 uint32_t buffer_size, uint32_t completion_filter,
+			 bool recursive, TALLOC_CTX *mem_ctx,
+			 struct notify_change **pchanges,
+			 uint32_t *pnum_changes);
 #endif /* __SMB2CLI_FNUM_H__ */
-- 
2.11.0


From 45913f9920d3d1b49125c3ac927cc94f7b53a923 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 25 Jul 2017 12:30:47 +0200
Subject: [PATCH 3/3] libsmb: Enable "cli_notify" for SMB2+

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 source3/libsmb/clifile.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c
index 1455fbdbdfd..828448f2d5a 100644
--- a/source3/libsmb/clifile.c
+++ b/source3/libsmb/clifile.c
@@ -5602,11 +5602,19 @@ NTSTATUS cli_notify(struct cli_state *cli, uint16_t fnum, uint32_t buffer_size,
 		    TALLOC_CTX *mem_ctx, uint32_t *pnum_changes,
 		    struct notify_change **pchanges)
 {
-	TALLOC_CTX *frame = talloc_stackframe();
+	TALLOC_CTX *frame;
 	struct tevent_context *ev;
 	struct tevent_req *req;
 	NTSTATUS status = NT_STATUS_NO_MEMORY;
 
+	if (smbXcli_conn_protocol(cli->conn) >= PROTOCOL_SMB2_02) {
+		return cli_smb2_notify(cli, fnum, buffer_size,
+				       completion_filter, recursive,
+				       mem_ctx, pchanges, pnum_changes);
+	}
+
+	frame = talloc_stackframe();
+
 	if (smbXcli_conn_has_async_calls(cli->conn)) {
 		/*
 		 * Can't use sync call while an async call is in flight
-- 
2.11.0



More information about the samba-technical mailing list