From df059a541c1edc5e35168a065ae73aaeeca4daac Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 25 Jul 2017 12:11:37 +0200 Subject: [PATCH 1/6] libsmb: Add smb2cli_notify() Bug: https://bugzilla.samba.org/show_bug.cgi?id=13382 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison (cherry picked from commit ad33964f8c85b67a2d2b451bece208d8bfb8cad6) --- libcli/smb/smb2cli_notify.c | 178 ++++++++++++++++++++++++++++++++++++++++++++ libcli/smb/smbXcli_base.h | 26 +++++++ libcli/smb/wscript | 1 + 3 files changed, 205 insertions(+) create mode 100644 libcli/smb/smb2cli_notify.c diff --git a/libcli/smb/smb2cli_notify.c b/libcli/smb/smb2cli_notify.c new file mode 100644 index 00000000000..0a23cf9ad03 --- /dev/null +++ b/libcli/smb/smb2cli_notify.c @@ -0,0 +1,178 @@ +/* + Unix SMB/CIFS implementation. + smb2 lib + Copyright (C) Volker Lendecke 2017 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include "includes.h" +#include "system/network.h" +#include "lib/util/tevent_ntstatus.h" +#include "smb_common.h" +#include "smbXcli_base.h" +#include "librpc/gen_ndr/ndr_notify.h" + +struct smb2cli_notify_state { + uint8_t fixed[32]; + + struct iovec *recv_iov; + uint8_t *data; + uint32_t data_length; +}; + +static void smb2cli_notify_done(struct tevent_req *subreq); + +struct tevent_req *smb2cli_notify_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct smbXcli_conn *conn, + uint32_t timeout_msec, + struct smbXcli_session *session, + struct smbXcli_tcon *tcon, + uint32_t output_buffer_length, + uint64_t fid_persistent, + uint64_t fid_volatile, + uint32_t completion_filter, + bool recursive) +{ + struct tevent_req *req, *subreq; + struct smb2cli_notify_state *state; + uint8_t *fixed; + + req = tevent_req_create(mem_ctx, &state, + struct smb2cli_notify_state); + if (req == NULL) { + return NULL; + } + fixed = state->fixed; + SSVAL(fixed, 0, 32); + SSVAL(fixed, 2, recursive ? SMB2_WATCH_TREE : 0); + SIVAL(fixed, 4, output_buffer_length); + SBVAL(fixed, 8, fid_persistent); + SBVAL(fixed, 16, fid_volatile); + SIVAL(fixed, 24, completion_filter); + SIVAL(fixed, 28, 0); /* reserved */ + + subreq = smb2cli_req_send(state, ev, conn, SMB2_OP_NOTIFY, + 0, 0, /* flags */ + timeout_msec, + tcon, + session, + state->fixed, sizeof(state->fixed), + NULL, 0, /* dyn* */ + 0); /* max_dyn_len */ + if (tevent_req_nomem(subreq, req)) { + return tevent_req_post(req, ev); + } + tevent_req_set_callback(subreq, smb2cli_notify_done, req); + return req; +} + +static void smb2cli_notify_done(struct tevent_req *subreq) +{ + struct tevent_req *req = tevent_req_callback_data( + subreq, struct tevent_req); + struct smb2cli_notify_state *state = tevent_req_data( + req, struct smb2cli_notify_state); + NTSTATUS status; + struct iovec *iov; + uint16_t data_offset; + static const struct smb2cli_req_expected_response expected[] = { + { + .status = NT_STATUS_OK, + .body_size = 0x09 + } + }; + + status = smb2cli_req_recv(subreq, state, &iov, + expected, ARRAY_SIZE(expected)); + TALLOC_FREE(subreq); + if (tevent_req_nterror(req, status)) { + return; + } + + data_offset = SVAL(iov[1].iov_base, 2); + state->data_length = IVAL(iov[1].iov_base, 4); + + if ((data_offset != SMB2_HDR_BODY + 8) || + (state->data_length > iov[2].iov_len)) { + tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE); + return; + } + + state->recv_iov = iov; + state->data = (uint8_t *)iov[2].iov_base; + tevent_req_done(req); +} + +NTSTATUS smb2cli_notify_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx, + uint8_t **data, uint32_t *data_length) +{ + struct smb2cli_notify_state *state = tevent_req_data( + req, struct smb2cli_notify_state); + NTSTATUS status; + + if (tevent_req_is_nterror(req, &status)) { + return status; + } + talloc_steal(mem_ctx, state->recv_iov); + *data_length = state->data_length; + *data = state->data; + return NT_STATUS_OK; +} + +NTSTATUS smb2cli_notify(struct smbXcli_conn *conn, + uint32_t timeout_msec, + struct smbXcli_session *session, + struct smbXcli_tcon *tcon, + uint32_t output_buffer_length, + uint64_t fid_persistent, + uint64_t fid_volatile, + uint32_t completion_filter, + bool recursive, + TALLOC_CTX *mem_ctx, + uint8_t **data, + uint32_t *data_length) +{ + TALLOC_CTX *frame = talloc_stackframe(); + struct tevent_context *ev; + struct tevent_req *req; + NTSTATUS status = NT_STATUS_NO_MEMORY; + + if (smbXcli_conn_has_async_calls(conn)) { + /* + * Can't use sync call while an async call is in flight + */ + status = NT_STATUS_INVALID_PARAMETER; + goto fail; + } + ev = samba_tevent_context_init(frame); + if (ev == NULL) { + goto fail; + } + req = smb2cli_notify_send(frame, ev, conn, timeout_msec, + session, tcon, output_buffer_length, + fid_persistent, fid_volatile, + completion_filter, recursive); + if (req == NULL) { + goto fail; + } + if (!tevent_req_poll_ntstatus(req, ev, &status)) { + goto fail; + } + status = smb2cli_notify_recv(req, mem_ctx, data, data_length); + fail: + TALLOC_FREE(frame); + return status; +} diff --git a/libcli/smb/smbXcli_base.h b/libcli/smb/smbXcli_base.h index 2532084c524..20ef26e3353 100644 --- a/libcli/smb/smbXcli_base.h +++ b/libcli/smb/smbXcli_base.h @@ -811,6 +811,32 @@ NTSTATUS smb2cli_query_directory(struct smbXcli_conn *conn, uint8_t **data, uint32_t *data_length); +struct tevent_req *smb2cli_notify_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct smbXcli_conn *conn, + uint32_t timeout_msec, + struct smbXcli_session *session, + struct smbXcli_tcon *tcon, + uint32_t output_buffer_length, + uint64_t fid_persistent, + uint64_t fid_volatile, + uint32_t completion_filter, + bool recursive); +NTSTATUS smb2cli_notify_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx, + uint8_t **data, uint32_t *data_length); +NTSTATUS smb2cli_notify(struct smbXcli_conn *conn, + uint32_t timeout_msec, + struct smbXcli_session *session, + struct smbXcli_tcon *tcon, + uint32_t output_buffer_length, + uint64_t fid_persistent, + uint64_t fid_volatile, + uint32_t completion_filter, + bool recursive, + TALLOC_CTX *mem_ctx, + uint8_t **data, + uint32_t *data_length); + struct tevent_req *smb2cli_ioctl_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, struct smbXcli_conn *conn, diff --git a/libcli/smb/wscript b/libcli/smb/wscript index e6628266ddc..53a5c213953 100644 --- a/libcli/smb/wscript +++ b/libcli/smb/wscript @@ -39,6 +39,7 @@ def build(bld): smb2cli_flush.c smb2cli_set_info.c smb2cli_query_info.c + smb2cli_notify.c smb2cli_query_directory.c smb2cli_ioctl.c smb2cli_echo.c -- 2.11.0 From 9f3d32cd53efd2bfe6fa900f827eda8ae92c3772 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 25 Jul 2017 12:12:02 +0200 Subject: [PATCH 2/6] libsmb: Add cli_smb2_notify We have to do the parsing manually. Looking at librpc/gen_ndr/ndr_notify.c we have the following code snippet: size_FileName1_0 = strlen_m(r->FileName1); NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->FileName1, size_FileName1_0, sizeof(uint16_t), CH_UTF16)); which means that we take strlen_m(r->FileName1) before we pull it off the wire. Not sure how to fix this, but that is clearly broken pidl output. Once that is fixed, we can convert this to ndr_pull_struct. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13382 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison (cherry picked from commit 18011343d80a28fb46894d712b22c84dce067342) --- source3/libsmb/cli_smb2_fnum.c | 92 ++++++++++++++++++++++++++++++++++++++++++ source3/libsmb/cli_smb2_fnum.h | 5 +++ 2 files changed, 97 insertions(+) diff --git a/source3/libsmb/cli_smb2_fnum.c b/source3/libsmb/cli_smb2_fnum.c index 237e6bb2b54..78f61fbedd4 100644 --- a/source3/libsmb/cli_smb2_fnum.c +++ b/source3/libsmb/cli_smb2_fnum.c @@ -4089,3 +4089,95 @@ NTSTATUS cli_smb2_ftruncate(struct cli_state *cli, TALLOC_FREE(frame); return status; } + +NTSTATUS cli_smb2_notify(struct cli_state *cli, uint16_t fnum, + uint32_t buffer_size, uint32_t completion_filter, + bool recursive, TALLOC_CTX *mem_ctx, + struct notify_change **pchanges, + uint32_t *pnum_changes) +{ + NTSTATUS status; + struct smb2_hnd *ph = NULL; + TALLOC_CTX *frame = talloc_stackframe(); + uint8_t *base; + uint32_t len, ofs; + struct notify_change *changes = NULL; + size_t num_changes = 0; + + if (smbXcli_conn_has_async_calls(cli->conn)) { + /* + * Can't use sync call while an async call is in flight + */ + status = NT_STATUS_INVALID_PARAMETER; + goto fail; + } + + if (smbXcli_conn_protocol(cli->conn) < PROTOCOL_SMB2_02) { + status = NT_STATUS_INVALID_PARAMETER; + goto fail; + } + + status = map_fnum_to_smb2_handle(cli, fnum, &ph); + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + + status = smb2cli_notify(cli->conn, cli->timeout, + cli->smb2.session, cli->smb2.tcon, + buffer_size, + ph->fid_persistent, ph->fid_volatile, + completion_filter, recursive, + frame, &base, &len); + + ofs = 0; + + while (len - ofs >= 12) { + struct notify_change *tmp; + struct notify_change *c; + uint32_t next_ofs = IVAL(base, ofs); + uint32_t file_name_length = IVAL(base, ofs+8); + size_t namelen; + bool ok; + + tmp = talloc_realloc(frame, changes, struct notify_change, + num_changes + 1); + if (tmp == NULL) { + status = NT_STATUS_NO_MEMORY; + goto fail; + } + changes = tmp; + c = &changes[num_changes]; + num_changes += 1; + + if (smb_buffer_oob(len, ofs, next_ofs) || + smb_buffer_oob(len, ofs+12, file_name_length)) { + status = NT_STATUS_INVALID_NETWORK_RESPONSE; + goto fail; + } + + c->action = IVAL(base, ofs+4); + + ok = convert_string_talloc(changes, CH_UTF16LE, CH_UNIX, + base + ofs + 12, file_name_length, + &c->name, &namelen); + if (!ok) { + status = NT_STATUS_INVALID_NETWORK_RESPONSE; + goto fail; + } + + if (next_ofs == 0) { + break; + } + ofs += next_ofs; + } + + *pchanges = talloc_move(mem_ctx, &changes); + *pnum_changes = num_changes; + status = NT_STATUS_OK; + +fail: + cli->raw_status = status; + + TALLOC_FREE(frame); + return status; +} diff --git a/source3/libsmb/cli_smb2_fnum.h b/source3/libsmb/cli_smb2_fnum.h index 7b9026e92d3..3d9b6eb3fe6 100644 --- a/source3/libsmb/cli_smb2_fnum.h +++ b/source3/libsmb/cli_smb2_fnum.h @@ -237,4 +237,9 @@ NTSTATUS cli_smb2_shadow_copy_data(TALLOC_CTX *mem_ctx, NTSTATUS cli_smb2_ftruncate(struct cli_state *cli, uint16_t fnum, uint64_t newsize); +NTSTATUS cli_smb2_notify(struct cli_state *cli, uint16_t fnum, + uint32_t buffer_size, uint32_t completion_filter, + bool recursive, TALLOC_CTX *mem_ctx, + struct notify_change **pchanges, + uint32_t *pnum_changes); #endif /* __SMB2CLI_FNUM_H__ */ -- 2.11.0 From 5f764bba289725bd2d55644a8b760102f88b538a Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 25 Jul 2017 12:30:47 +0200 Subject: [PATCH 3/6] libsmb: Enable "cli_notify" for SMB2+ Bug: https://bugzilla.samba.org/show_bug.cgi?id=13382 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Jul 26 01:33:25 CEST 2017 on sn-devel-144 (cherry picked from commit 5005a3a6961d40fe349f76db67c980be7dc9f3ea) --- source3/libsmb/clifile.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c index 3fc0b8c2b8c..e942b27e175 100644 --- a/source3/libsmb/clifile.c +++ b/source3/libsmb/clifile.c @@ -5609,11 +5609,19 @@ NTSTATUS cli_notify(struct cli_state *cli, uint16_t fnum, uint32_t buffer_size, TALLOC_CTX *mem_ctx, uint32_t *pnum_changes, struct notify_change **pchanges) { - TALLOC_CTX *frame = talloc_stackframe(); + TALLOC_CTX *frame; struct tevent_context *ev; struct tevent_req *req; NTSTATUS status = NT_STATUS_NO_MEMORY; + if (smbXcli_conn_protocol(cli->conn) >= PROTOCOL_SMB2_02) { + return cli_smb2_notify(cli, fnum, buffer_size, + completion_filter, recursive, + mem_ctx, pchanges, pnum_changes); + } + + frame = talloc_stackframe(); + if (smbXcli_conn_has_async_calls(cli->conn)) { /* * Can't use sync call while an async call is in flight -- 2.11.0 From c3580a4f0d8163a4a300a70120075121cdfda1b1 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 30 Oct 2017 14:34:12 +0100 Subject: [PATCH 4/6] libsmb: Handle long-running smb2cli_notify This likely runs into a timeout. Properly cancel the smb2 request, allowing the higher-level caller to re-issue this request on an existing handle. I did not see a proper way to achieve this with tevent_req_set_endtime or something like that. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13382 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison (cherry picked from commit 91c0f497816bb88d8935a8a79c146c08379ecf53) --- libcli/smb/smb2cli_notify.c | 54 +++++++++++++++++++++++++++++++++++++-------- 1 file changed, 45 insertions(+), 9 deletions(-) diff --git a/libcli/smb/smb2cli_notify.c b/libcli/smb/smb2cli_notify.c index 0a23cf9ad03..34329ba16cc 100644 --- a/libcli/smb/smb2cli_notify.c +++ b/libcli/smb/smb2cli_notify.c @@ -30,9 +30,12 @@ struct smb2cli_notify_state { struct iovec *recv_iov; uint8_t *data; uint32_t data_length; + + struct tevent_req *subreq; }; static void smb2cli_notify_done(struct tevent_req *subreq); +static void smb2cli_notify_timedout(struct tevent_req *subreq); struct tevent_req *smb2cli_notify_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, @@ -64,21 +67,50 @@ struct tevent_req *smb2cli_notify_send(TALLOC_CTX *mem_ctx, SIVAL(fixed, 24, completion_filter); SIVAL(fixed, 28, 0); /* reserved */ - subreq = smb2cli_req_send(state, ev, conn, SMB2_OP_NOTIFY, - 0, 0, /* flags */ - timeout_msec, - tcon, - session, - state->fixed, sizeof(state->fixed), - NULL, 0, /* dyn* */ - 0); /* max_dyn_len */ + state->subreq = smb2cli_req_send(state, ev, conn, SMB2_OP_NOTIFY, + 0, 0, /* flags */ + 0, /* timeout_msec */ + tcon, + session, + state->fixed, sizeof(state->fixed), + NULL, 0, /* dyn* */ + 0); /* max_dyn_len */ + if (tevent_req_nomem(state->subreq, req)) { + return tevent_req_post(req, ev); + } + tevent_req_set_callback(state->subreq, smb2cli_notify_done, req); + + subreq = tevent_wakeup_send(state, ev, + timeval_current_ofs_msec(timeout_msec)); if (tevent_req_nomem(subreq, req)) { return tevent_req_post(req, ev); } - tevent_req_set_callback(subreq, smb2cli_notify_done, req); + tevent_req_set_callback(subreq, smb2cli_notify_timedout, req); + return req; } +static void smb2cli_notify_timedout(struct tevent_req *subreq) +{ + struct tevent_req *req = tevent_req_callback_data( + subreq, struct tevent_req); + struct smb2cli_notify_state *state = tevent_req_data( + req, struct smb2cli_notify_state); + bool ok; + + ok = tevent_wakeup_recv(subreq); + if (!ok) { + tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR); + return; + } + + ok = tevent_req_cancel(state->subreq); + if (!ok) { + tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR); + return; + } +} + static void smb2cli_notify_done(struct tevent_req *subreq) { struct tevent_req *req = tevent_req_callback_data( @@ -98,6 +130,10 @@ static void smb2cli_notify_done(struct tevent_req *subreq) status = smb2cli_req_recv(subreq, state, &iov, expected, ARRAY_SIZE(expected)); TALLOC_FREE(subreq); + + if (NT_STATUS_EQUAL(status, NT_STATUS_CANCELLED)) { + status = NT_STATUS_IO_TIMEOUT; + } if (tevent_req_nterror(req, status)) { return; } -- 2.11.0 From e1c05f1ccf993b9094ac392f54e9f75a7889c177 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 30 Oct 2017 14:36:46 +0100 Subject: [PATCH 5/6] libsmb: Handle IO_TIMEOUT in cli_smb2_notify properly Bug: https://bugzilla.samba.org/show_bug.cgi?id=13382 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison (cherry picked from commit abfe482828e8c1dc233d67657a4d11a91a731f70) --- source3/libsmb/cli_smb2_fnum.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/source3/libsmb/cli_smb2_fnum.c b/source3/libsmb/cli_smb2_fnum.c index 78f61fbedd4..8c6c1851d2f 100644 --- a/source3/libsmb/cli_smb2_fnum.c +++ b/source3/libsmb/cli_smb2_fnum.c @@ -4129,6 +4129,15 @@ NTSTATUS cli_smb2_notify(struct cli_state *cli, uint16_t fnum, completion_filter, recursive, frame, &base, &len); + if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) { + len = 0; + status = NT_STATUS_OK; + } + + if (!NT_STATUS_IS_OK(status)) { + goto fail; + } + ofs = 0; while (len - ofs >= 12) { -- 2.11.0 From a814390f62456937807fb2dbcd660211e9213394 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 30 Oct 2017 16:15:03 +0100 Subject: [PATCH 6/6] smbclient: Handle ENUM_DIR in "notify" command Bug: https://bugzilla.samba.org/show_bug.cgi?id=13382 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Apr 5 04:05:52 CEST 2018 on sn-devel-144 (cherry picked from commit 1452677ef0044815df0702de5424d4711e18144b) --- source3/client/client.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/source3/client/client.c b/source3/client/client.c index 0ee084ae128..639d9fa4489 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -4561,12 +4561,17 @@ static int cmd_notify(void) } while (1) { - uint32_t i, num_changes; - struct notify_change *changes; + uint32_t i; + uint32_t num_changes = 0; + struct notify_change *changes = NULL; status = cli_notify(cli, fnum, 1000, FILE_NOTIFY_CHANGE_ALL, true, talloc_tos(), &num_changes, &changes); + if (NT_STATUS_EQUAL(status, STATUS_NOTIFY_ENUM_DIR)) { + printf("NOTIFY_ENUM_DIR\n"); + status = NT_STATUS_OK; + } if (!NT_STATUS_IS_OK(status)) { d_printf("notify returned %s\n", nt_errstr(status)); -- 2.11.0