Line | Count | Source (jump to first uncovered line) |
1 | | /*************************************************************************** |
2 | | * _ _ ____ _ |
3 | | * Project ___| | | | _ \| | |
4 | | * / __| | | | |_) | | |
5 | | * | (__| |_| | _ <| |___ |
6 | | * \___|\___/|_| \_\_____| |
7 | | * |
8 | | * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. |
9 | | * Copyright (C) Bill Nagel <wnagel@tycoint.com>, Exacq Technologies |
10 | | * |
11 | | * This software is licensed as described in the file COPYING, which |
12 | | * you should have received as part of this distribution. The terms |
13 | | * are also available at https://curl.se/docs/copyright.html. |
14 | | * |
15 | | * You may opt to use, copy, modify, merge, publish, distribute and/or sell |
16 | | * copies of the Software, and permit persons to whom the Software is |
17 | | * furnished to do so, under the terms of the COPYING file. |
18 | | * |
19 | | * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY |
20 | | * KIND, either express or implied. |
21 | | * |
22 | | * SPDX-License-Identifier: curl |
23 | | * |
24 | | ***************************************************************************/ |
25 | | |
26 | | #include "curl_setup.h" |
27 | | |
28 | | #if !defined(CURL_DISABLE_SMB) && defined(USE_CURL_NTLM_CORE) |
29 | | |
30 | | #ifdef _WIN32 |
31 | | #define getpid GetCurrentProcessId |
32 | | #endif |
33 | | |
34 | | #include "smb.h" |
35 | | #include "urldata.h" |
36 | | #include "sendf.h" |
37 | | #include "multiif.h" |
38 | | #include "cfilters.h" |
39 | | #include "connect.h" |
40 | | #include "progress.h" |
41 | | #include "transfer.h" |
42 | | #include "vtls/vtls.h" |
43 | | #include "curl_ntlm_core.h" |
44 | | #include "escape.h" |
45 | | #include "curl_endian.h" |
46 | | |
47 | | /* The last #include files should be: */ |
48 | | #include "curl_memory.h" |
49 | | #include "memdebug.h" |
50 | | |
51 | | /* |
52 | | * Definitions for SMB protocol data structures |
53 | | */ |
54 | | #if defined(_MSC_VER) || defined(__ILEC400__) |
55 | | # define PACK |
56 | | # pragma pack(push) |
57 | | # pragma pack(1) |
58 | | #elif defined(__GNUC__) |
59 | | # define PACK __attribute__((packed)) |
60 | | #else |
61 | | # define PACK |
62 | | #endif |
63 | | |
64 | 0 | #define SMB_COM_CLOSE 0x04 |
65 | 0 | #define SMB_COM_READ_ANDX 0x2e |
66 | 0 | #define SMB_COM_WRITE_ANDX 0x2f |
67 | 0 | #define SMB_COM_TREE_DISCONNECT 0x71 |
68 | 0 | #define SMB_COM_NEGOTIATE 0x72 |
69 | 0 | #define SMB_COM_SETUP_ANDX 0x73 |
70 | 0 | #define SMB_COM_TREE_CONNECT_ANDX 0x75 |
71 | 0 | #define SMB_COM_NT_CREATE_ANDX 0xa2 |
72 | 0 | #define SMB_COM_NO_ANDX_COMMAND 0xff |
73 | | |
74 | 0 | #define SMB_WC_CLOSE 0x03 |
75 | 0 | #define SMB_WC_READ_ANDX 0x0c |
76 | 0 | #define SMB_WC_WRITE_ANDX 0x0e |
77 | 0 | #define SMB_WC_SETUP_ANDX 0x0d |
78 | 0 | #define SMB_WC_TREE_CONNECT_ANDX 0x04 |
79 | 0 | #define SMB_WC_NT_CREATE_ANDX 0x18 |
80 | | |
81 | 0 | #define SMB_FLAGS_CANONICAL_PATHNAMES 0x10 |
82 | 0 | #define SMB_FLAGS_CASELESS_PATHNAMES 0x08 |
83 | | #define SMB_FLAGS2_UNICODE_STRINGS 0x8000 |
84 | | #define SMB_FLAGS2_IS_LONG_NAME 0x0040 |
85 | | #define SMB_FLAGS2_KNOWS_LONG_NAME 0x0001 |
86 | | |
87 | | #define SMB_CAP_LARGE_FILES 0x08 |
88 | | #define SMB_GENERIC_WRITE 0x40000000 |
89 | | #define SMB_GENERIC_READ 0x80000000 |
90 | | #define SMB_FILE_SHARE_ALL 0x07 |
91 | | #define SMB_FILE_OPEN 0x01 |
92 | | #define SMB_FILE_OVERWRITE_IF 0x05 |
93 | | |
94 | | #define SMB_ERR_NOACCESS 0x00050001 |
95 | | |
96 | | struct smb_header { |
97 | | unsigned char nbt_type; |
98 | | unsigned char nbt_flags; |
99 | | unsigned short nbt_length; |
100 | | unsigned char magic[4]; |
101 | | unsigned char command; |
102 | | unsigned int status; |
103 | | unsigned char flags; |
104 | | unsigned short flags2; |
105 | | unsigned short pid_high; |
106 | | unsigned char signature[8]; |
107 | | unsigned short pad; |
108 | | unsigned short tid; |
109 | | unsigned short pid; |
110 | | unsigned short uid; |
111 | | unsigned short mid; |
112 | | } PACK; |
113 | | |
114 | | struct smb_negotiate_response { |
115 | | struct smb_header h; |
116 | | unsigned char word_count; |
117 | | unsigned short dialect_index; |
118 | | unsigned char security_mode; |
119 | | unsigned short max_mpx_count; |
120 | | unsigned short max_number_vcs; |
121 | | unsigned int max_buffer_size; |
122 | | unsigned int max_raw_size; |
123 | | unsigned int session_key; |
124 | | unsigned int capabilities; |
125 | | unsigned int system_time_low; |
126 | | unsigned int system_time_high; |
127 | | unsigned short server_time_zone; |
128 | | unsigned char encryption_key_length; |
129 | | unsigned short byte_count; |
130 | | char bytes[1]; |
131 | | } PACK; |
132 | | |
133 | | struct andx { |
134 | | unsigned char command; |
135 | | unsigned char pad; |
136 | | unsigned short offset; |
137 | | } PACK; |
138 | | |
139 | | struct smb_setup { |
140 | | unsigned char word_count; |
141 | | struct andx andx; |
142 | | unsigned short max_buffer_size; |
143 | | unsigned short max_mpx_count; |
144 | | unsigned short vc_number; |
145 | | unsigned int session_key; |
146 | | unsigned short lengths[2]; |
147 | | unsigned int pad; |
148 | | unsigned int capabilities; |
149 | | unsigned short byte_count; |
150 | | char bytes[1024]; |
151 | | } PACK; |
152 | | |
153 | | struct smb_tree_connect { |
154 | | unsigned char word_count; |
155 | | struct andx andx; |
156 | | unsigned short flags; |
157 | | unsigned short pw_len; |
158 | | unsigned short byte_count; |
159 | | char bytes[1024]; |
160 | | } PACK; |
161 | | |
162 | | struct smb_nt_create { |
163 | | unsigned char word_count; |
164 | | struct andx andx; |
165 | | unsigned char pad; |
166 | | unsigned short name_length; |
167 | | unsigned int flags; |
168 | | unsigned int root_fid; |
169 | | unsigned int access; |
170 | | curl_off_t allocation_size; |
171 | | unsigned int ext_file_attributes; |
172 | | unsigned int share_access; |
173 | | unsigned int create_disposition; |
174 | | unsigned int create_options; |
175 | | unsigned int impersonation_level; |
176 | | unsigned char security_flags; |
177 | | unsigned short byte_count; |
178 | | char bytes[1024]; |
179 | | } PACK; |
180 | | |
181 | | struct smb_nt_create_response { |
182 | | struct smb_header h; |
183 | | unsigned char word_count; |
184 | | struct andx andx; |
185 | | unsigned char op_lock_level; |
186 | | unsigned short fid; |
187 | | unsigned int create_disposition; |
188 | | |
189 | | curl_off_t create_time; |
190 | | curl_off_t last_access_time; |
191 | | curl_off_t last_write_time; |
192 | | curl_off_t last_change_time; |
193 | | unsigned int ext_file_attributes; |
194 | | curl_off_t allocation_size; |
195 | | curl_off_t end_of_file; |
196 | | } PACK; |
197 | | |
198 | | struct smb_read { |
199 | | unsigned char word_count; |
200 | | struct andx andx; |
201 | | unsigned short fid; |
202 | | unsigned int offset; |
203 | | unsigned short max_bytes; |
204 | | unsigned short min_bytes; |
205 | | unsigned int timeout; |
206 | | unsigned short remaining; |
207 | | unsigned int offset_high; |
208 | | unsigned short byte_count; |
209 | | } PACK; |
210 | | |
211 | | struct smb_write { |
212 | | struct smb_header h; |
213 | | unsigned char word_count; |
214 | | struct andx andx; |
215 | | unsigned short fid; |
216 | | unsigned int offset; |
217 | | unsigned int timeout; |
218 | | unsigned short write_mode; |
219 | | unsigned short remaining; |
220 | | unsigned short pad; |
221 | | unsigned short data_length; |
222 | | unsigned short data_offset; |
223 | | unsigned int offset_high; |
224 | | unsigned short byte_count; |
225 | | unsigned char pad2; |
226 | | } PACK; |
227 | | |
228 | | struct smb_close { |
229 | | unsigned char word_count; |
230 | | unsigned short fid; |
231 | | unsigned int last_mtime; |
232 | | unsigned short byte_count; |
233 | | } PACK; |
234 | | |
235 | | struct smb_tree_disconnect { |
236 | | unsigned char word_count; |
237 | | unsigned short byte_count; |
238 | | } PACK; |
239 | | |
240 | | #if defined(_MSC_VER) || defined(__ILEC400__) |
241 | | # pragma pack(pop) |
242 | | #endif |
243 | | |
244 | | /* Local API functions */ |
245 | | static CURLcode smb_setup_connection(struct Curl_easy *data, |
246 | | struct connectdata *conn); |
247 | | static CURLcode smb_connect(struct Curl_easy *data, bool *done); |
248 | | static CURLcode smb_connection_state(struct Curl_easy *data, bool *done); |
249 | | static CURLcode smb_do(struct Curl_easy *data, bool *done); |
250 | | static CURLcode smb_request_state(struct Curl_easy *data, bool *done); |
251 | | static CURLcode smb_disconnect(struct Curl_easy *data, |
252 | | struct connectdata *conn, bool dead); |
253 | | static int smb_getsock(struct Curl_easy *data, struct connectdata *conn, |
254 | | curl_socket_t *socks); |
255 | | static CURLcode smb_parse_url_path(struct Curl_easy *data, |
256 | | struct connectdata *conn); |
257 | | |
258 | | /* |
259 | | * SMB handler interface |
260 | | */ |
261 | | const struct Curl_handler Curl_handler_smb = { |
262 | | "SMB", /* scheme */ |
263 | | smb_setup_connection, /* setup_connection */ |
264 | | smb_do, /* do_it */ |
265 | | ZERO_NULL, /* done */ |
266 | | ZERO_NULL, /* do_more */ |
267 | | smb_connect, /* connect_it */ |
268 | | smb_connection_state, /* connecting */ |
269 | | smb_request_state, /* doing */ |
270 | | smb_getsock, /* proto_getsock */ |
271 | | smb_getsock, /* doing_getsock */ |
272 | | ZERO_NULL, /* domore_getsock */ |
273 | | ZERO_NULL, /* perform_getsock */ |
274 | | smb_disconnect, /* disconnect */ |
275 | | ZERO_NULL, /* write_resp */ |
276 | | ZERO_NULL, /* connection_check */ |
277 | | ZERO_NULL, /* attach connection */ |
278 | | PORT_SMB, /* defport */ |
279 | | CURLPROTO_SMB, /* protocol */ |
280 | | CURLPROTO_SMB, /* family */ |
281 | | PROTOPT_NONE /* flags */ |
282 | | }; |
283 | | |
284 | | #ifdef USE_SSL |
285 | | /* |
286 | | * SMBS handler interface |
287 | | */ |
288 | | const struct Curl_handler Curl_handler_smbs = { |
289 | | "SMBS", /* scheme */ |
290 | | smb_setup_connection, /* setup_connection */ |
291 | | smb_do, /* do_it */ |
292 | | ZERO_NULL, /* done */ |
293 | | ZERO_NULL, /* do_more */ |
294 | | smb_connect, /* connect_it */ |
295 | | smb_connection_state, /* connecting */ |
296 | | smb_request_state, /* doing */ |
297 | | smb_getsock, /* proto_getsock */ |
298 | | smb_getsock, /* doing_getsock */ |
299 | | ZERO_NULL, /* domore_getsock */ |
300 | | ZERO_NULL, /* perform_getsock */ |
301 | | smb_disconnect, /* disconnect */ |
302 | | ZERO_NULL, /* write_resp */ |
303 | | ZERO_NULL, /* connection_check */ |
304 | | ZERO_NULL, /* attach connection */ |
305 | | PORT_SMBS, /* defport */ |
306 | | CURLPROTO_SMBS, /* protocol */ |
307 | | CURLPROTO_SMB, /* family */ |
308 | | PROTOPT_SSL /* flags */ |
309 | | }; |
310 | | #endif |
311 | | |
312 | 0 | #define MAX_PAYLOAD_SIZE 0x8000 |
313 | 0 | #define MAX_MESSAGE_SIZE (MAX_PAYLOAD_SIZE + 0x1000) |
314 | 0 | #define CLIENTNAME "curl" |
315 | 0 | #define SERVICENAME "?????" |
316 | | |
317 | | /* Append a string to an SMB message */ |
318 | | #define MSGCAT(str) \ |
319 | 0 | do { \ |
320 | 0 | strcpy(p, (str)); \ |
321 | 0 | p += strlen(str); \ |
322 | 0 | } while(0) |
323 | | |
324 | | /* Append a null-terminated string to an SMB message */ |
325 | | #define MSGCATNULL(str) \ |
326 | 0 | do { \ |
327 | 0 | strcpy(p, (str)); \ |
328 | 0 | p += strlen(str) + 1; \ |
329 | 0 | } while(0) |
330 | | |
331 | | /* SMB is mostly little endian */ |
332 | | #if (defined(__BYTE_ORDER__) && __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) || \ |
333 | | defined(__OS400__) |
334 | | static unsigned short smb_swap16(unsigned short x) |
335 | | { |
336 | | return (unsigned short) ((x << 8) | ((x >> 8) & 0xff)); |
337 | | } |
338 | | |
339 | | static unsigned int smb_swap32(unsigned int x) |
340 | | { |
341 | | return (x << 24) | ((x << 8) & 0xff0000) | ((x >> 8) & 0xff00) | |
342 | | ((x >> 24) & 0xff); |
343 | | } |
344 | | |
345 | | static curl_off_t smb_swap64(curl_off_t x) |
346 | | { |
347 | | return ((curl_off_t) smb_swap32((unsigned int) x) << 32) | |
348 | | smb_swap32((unsigned int) (x >> 32)); |
349 | | } |
350 | | |
351 | | #else |
352 | 0 | # define smb_swap16(x) (x) |
353 | 0 | # define smb_swap32(x) (x) |
354 | 0 | # define smb_swap64(x) (x) |
355 | | #endif |
356 | | |
357 | | /* SMB request state */ |
358 | | enum smb_req_state { |
359 | | SMB_REQUESTING, |
360 | | SMB_TREE_CONNECT, |
361 | | SMB_OPEN, |
362 | | SMB_DOWNLOAD, |
363 | | SMB_UPLOAD, |
364 | | SMB_CLOSE, |
365 | | SMB_TREE_DISCONNECT, |
366 | | SMB_DONE |
367 | | }; |
368 | | |
369 | | /* SMB request data */ |
370 | | struct smb_request { |
371 | | enum smb_req_state state; |
372 | | char *path; |
373 | | unsigned short tid; /* Even if we connect to the same tree as another */ |
374 | | unsigned short fid; /* request, the tid will be different */ |
375 | | CURLcode result; |
376 | | }; |
377 | | |
378 | | static void conn_state(struct Curl_easy *data, enum smb_conn_state newstate) |
379 | 0 | { |
380 | 0 | struct smb_conn *smbc = &data->conn->proto.smbc; |
381 | | #if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS) |
382 | | /* For debug purposes */ |
383 | | static const char * const names[] = { |
384 | | "SMB_NOT_CONNECTED", |
385 | | "SMB_CONNECTING", |
386 | | "SMB_NEGOTIATE", |
387 | | "SMB_SETUP", |
388 | | "SMB_CONNECTED", |
389 | | /* LAST */ |
390 | | }; |
391 | | |
392 | | if(smbc->state != newstate) |
393 | | infof(data, "SMB conn %p state change from %s to %s", |
394 | | (void *)smbc, names[smbc->state], names[newstate]); |
395 | | #endif |
396 | |
|
397 | 0 | smbc->state = newstate; |
398 | 0 | } |
399 | | |
400 | | static void request_state(struct Curl_easy *data, |
401 | | enum smb_req_state newstate) |
402 | 0 | { |
403 | 0 | struct smb_request *req = data->req.p.smb; |
404 | | #if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS) |
405 | | /* For debug purposes */ |
406 | | static const char * const names[] = { |
407 | | "SMB_REQUESTING", |
408 | | "SMB_TREE_CONNECT", |
409 | | "SMB_OPEN", |
410 | | "SMB_DOWNLOAD", |
411 | | "SMB_UPLOAD", |
412 | | "SMB_CLOSE", |
413 | | "SMB_TREE_DISCONNECT", |
414 | | "SMB_DONE", |
415 | | /* LAST */ |
416 | | }; |
417 | | |
418 | | if(req->state != newstate) |
419 | | infof(data, "SMB request %p state change from %s to %s", |
420 | | (void *)req, names[req->state], names[newstate]); |
421 | | #endif |
422 | |
|
423 | 0 | req->state = newstate; |
424 | 0 | } |
425 | | |
426 | | /* this should setup things in the connection, not in the easy |
427 | | handle */ |
428 | | static CURLcode smb_setup_connection(struct Curl_easy *data, |
429 | | struct connectdata *conn) |
430 | 0 | { |
431 | 0 | struct smb_request *req; |
432 | | |
433 | | /* Initialize the request state */ |
434 | 0 | data->req.p.smb = req = calloc(1, sizeof(struct smb_request)); |
435 | 0 | if(!req) |
436 | 0 | return CURLE_OUT_OF_MEMORY; |
437 | | |
438 | | /* Parse the URL path */ |
439 | 0 | return smb_parse_url_path(data, conn); |
440 | 0 | } |
441 | | |
442 | | static CURLcode smb_connect(struct Curl_easy *data, bool *done) |
443 | 0 | { |
444 | 0 | struct connectdata *conn = data->conn; |
445 | 0 | struct smb_conn *smbc = &conn->proto.smbc; |
446 | 0 | char *slash; |
447 | |
|
448 | 0 | (void) done; |
449 | | |
450 | | /* Check we have a username and password to authenticate with */ |
451 | 0 | if(!data->state.aptr.user) |
452 | 0 | return CURLE_LOGIN_DENIED; |
453 | | |
454 | | /* Initialize the connection state */ |
455 | 0 | smbc->state = SMB_CONNECTING; |
456 | 0 | smbc->recv_buf = malloc(MAX_MESSAGE_SIZE); |
457 | 0 | if(!smbc->recv_buf) |
458 | 0 | return CURLE_OUT_OF_MEMORY; |
459 | | |
460 | | /* Multiple requests are allowed with this connection */ |
461 | 0 | connkeep(conn, "SMB default"); |
462 | | |
463 | | /* Parse the username, domain, and password */ |
464 | 0 | slash = strchr(conn->user, '/'); |
465 | 0 | if(!slash) |
466 | 0 | slash = strchr(conn->user, '\\'); |
467 | |
|
468 | 0 | if(slash) { |
469 | 0 | smbc->user = slash + 1; |
470 | 0 | smbc->domain = strdup(conn->user); |
471 | 0 | if(!smbc->domain) |
472 | 0 | return CURLE_OUT_OF_MEMORY; |
473 | 0 | smbc->domain[slash - conn->user] = 0; |
474 | 0 | } |
475 | 0 | else { |
476 | 0 | smbc->user = conn->user; |
477 | 0 | smbc->domain = strdup(conn->host.name); |
478 | 0 | if(!smbc->domain) |
479 | 0 | return CURLE_OUT_OF_MEMORY; |
480 | 0 | } |
481 | | |
482 | 0 | return CURLE_OK; |
483 | 0 | } |
484 | | |
485 | | static CURLcode smb_recv_message(struct Curl_easy *data, void **msg) |
486 | 0 | { |
487 | 0 | struct connectdata *conn = data->conn; |
488 | 0 | curl_socket_t sockfd = conn->sock[FIRSTSOCKET]; |
489 | 0 | struct smb_conn *smbc = &conn->proto.smbc; |
490 | 0 | char *buf = smbc->recv_buf; |
491 | 0 | ssize_t bytes_read; |
492 | 0 | size_t nbt_size; |
493 | 0 | size_t msg_size; |
494 | 0 | size_t len = MAX_MESSAGE_SIZE - smbc->got; |
495 | 0 | CURLcode result; |
496 | |
|
497 | 0 | result = Curl_read(data, sockfd, buf + smbc->got, len, &bytes_read); |
498 | 0 | if(result) |
499 | 0 | return result; |
500 | | |
501 | 0 | if(!bytes_read) |
502 | 0 | return CURLE_OK; |
503 | | |
504 | 0 | smbc->got += bytes_read; |
505 | | |
506 | | /* Check for a 32-bit nbt header */ |
507 | 0 | if(smbc->got < sizeof(unsigned int)) |
508 | 0 | return CURLE_OK; |
509 | | |
510 | 0 | nbt_size = Curl_read16_be((const unsigned char *) |
511 | 0 | (buf + sizeof(unsigned short))) + |
512 | 0 | sizeof(unsigned int); |
513 | 0 | if(smbc->got < nbt_size) |
514 | 0 | return CURLE_OK; |
515 | | |
516 | 0 | msg_size = sizeof(struct smb_header); |
517 | 0 | if(nbt_size >= msg_size + 1) { |
518 | | /* Add the word count */ |
519 | 0 | msg_size += 1 + ((unsigned char) buf[msg_size]) * sizeof(unsigned short); |
520 | 0 | if(nbt_size >= msg_size + sizeof(unsigned short)) { |
521 | | /* Add the byte count */ |
522 | 0 | msg_size += sizeof(unsigned short) + |
523 | 0 | Curl_read16_le((const unsigned char *)&buf[msg_size]); |
524 | 0 | if(nbt_size < msg_size) |
525 | 0 | return CURLE_READ_ERROR; |
526 | 0 | } |
527 | 0 | } |
528 | | |
529 | 0 | *msg = buf; |
530 | |
|
531 | 0 | return CURLE_OK; |
532 | 0 | } |
533 | | |
534 | | static void smb_pop_message(struct connectdata *conn) |
535 | 0 | { |
536 | 0 | struct smb_conn *smbc = &conn->proto.smbc; |
537 | |
|
538 | 0 | smbc->got = 0; |
539 | 0 | } |
540 | | |
541 | | static void smb_format_message(struct Curl_easy *data, struct smb_header *h, |
542 | | unsigned char cmd, size_t len) |
543 | 0 | { |
544 | 0 | struct connectdata *conn = data->conn; |
545 | 0 | struct smb_conn *smbc = &conn->proto.smbc; |
546 | 0 | struct smb_request *req = data->req.p.smb; |
547 | 0 | unsigned int pid; |
548 | |
|
549 | 0 | memset(h, 0, sizeof(*h)); |
550 | 0 | h->nbt_length = htons((unsigned short) (sizeof(*h) - sizeof(unsigned int) + |
551 | 0 | len)); |
552 | 0 | memcpy((char *)h->magic, "\xffSMB", 4); |
553 | 0 | h->command = cmd; |
554 | 0 | h->flags = SMB_FLAGS_CANONICAL_PATHNAMES | SMB_FLAGS_CASELESS_PATHNAMES; |
555 | 0 | h->flags2 = smb_swap16(SMB_FLAGS2_IS_LONG_NAME | SMB_FLAGS2_KNOWS_LONG_NAME); |
556 | 0 | h->uid = smb_swap16(smbc->uid); |
557 | 0 | h->tid = smb_swap16(req->tid); |
558 | 0 | pid = getpid(); |
559 | 0 | h->pid_high = smb_swap16((unsigned short)(pid >> 16)); |
560 | 0 | h->pid = smb_swap16((unsigned short) pid); |
561 | 0 | } |
562 | | |
563 | | static CURLcode smb_send(struct Curl_easy *data, ssize_t len, |
564 | | size_t upload_size) |
565 | 0 | { |
566 | 0 | struct connectdata *conn = data->conn; |
567 | 0 | struct smb_conn *smbc = &conn->proto.smbc; |
568 | 0 | ssize_t bytes_written; |
569 | 0 | CURLcode result; |
570 | |
|
571 | 0 | result = Curl_nwrite(data, FIRSTSOCKET, data->state.ulbuf, |
572 | 0 | len, &bytes_written); |
573 | 0 | if(result) |
574 | 0 | return result; |
575 | | |
576 | 0 | if(bytes_written != len) { |
577 | 0 | smbc->send_size = len; |
578 | 0 | smbc->sent = bytes_written; |
579 | 0 | } |
580 | |
|
581 | 0 | smbc->upload_size = upload_size; |
582 | |
|
583 | 0 | return CURLE_OK; |
584 | 0 | } |
585 | | |
586 | | static CURLcode smb_flush(struct Curl_easy *data) |
587 | 0 | { |
588 | 0 | struct connectdata *conn = data->conn; |
589 | 0 | struct smb_conn *smbc = &conn->proto.smbc; |
590 | 0 | ssize_t bytes_written; |
591 | 0 | ssize_t len = smbc->send_size - smbc->sent; |
592 | 0 | CURLcode result; |
593 | |
|
594 | 0 | if(!smbc->send_size) |
595 | 0 | return CURLE_OK; |
596 | | |
597 | 0 | result = Curl_nwrite(data, FIRSTSOCKET, |
598 | 0 | data->state.ulbuf + smbc->sent, |
599 | 0 | len, &bytes_written); |
600 | 0 | if(result) |
601 | 0 | return result; |
602 | | |
603 | 0 | if(bytes_written != len) |
604 | 0 | smbc->sent += bytes_written; |
605 | 0 | else |
606 | 0 | smbc->send_size = 0; |
607 | |
|
608 | 0 | return CURLE_OK; |
609 | 0 | } |
610 | | |
611 | | static CURLcode smb_send_message(struct Curl_easy *data, unsigned char cmd, |
612 | | const void *msg, size_t msg_len) |
613 | 0 | { |
614 | 0 | CURLcode result = Curl_get_upload_buffer(data); |
615 | 0 | if(result) |
616 | 0 | return result; |
617 | 0 | smb_format_message(data, (struct smb_header *)data->state.ulbuf, |
618 | 0 | cmd, msg_len); |
619 | 0 | memcpy(data->state.ulbuf + sizeof(struct smb_header), |
620 | 0 | msg, msg_len); |
621 | |
|
622 | 0 | return smb_send(data, sizeof(struct smb_header) + msg_len, 0); |
623 | 0 | } |
624 | | |
625 | | static CURLcode smb_send_negotiate(struct Curl_easy *data) |
626 | 0 | { |
627 | 0 | const char *msg = "\x00\x0c\x00\x02NT LM 0.12"; |
628 | |
|
629 | 0 | return smb_send_message(data, SMB_COM_NEGOTIATE, msg, 15); |
630 | 0 | } |
631 | | |
632 | | static CURLcode smb_send_setup(struct Curl_easy *data) |
633 | 0 | { |
634 | 0 | struct connectdata *conn = data->conn; |
635 | 0 | struct smb_conn *smbc = &conn->proto.smbc; |
636 | 0 | struct smb_setup msg; |
637 | 0 | char *p = msg.bytes; |
638 | 0 | unsigned char lm_hash[21]; |
639 | 0 | unsigned char lm[24]; |
640 | 0 | unsigned char nt_hash[21]; |
641 | 0 | unsigned char nt[24]; |
642 | |
|
643 | 0 | size_t byte_count = sizeof(lm) + sizeof(nt); |
644 | 0 | byte_count += strlen(smbc->user) + strlen(smbc->domain); |
645 | 0 | byte_count += strlen(OS) + strlen(CLIENTNAME) + 4; /* 4 null chars */ |
646 | 0 | if(byte_count > sizeof(msg.bytes)) |
647 | 0 | return CURLE_FILESIZE_EXCEEDED; |
648 | | |
649 | 0 | Curl_ntlm_core_mk_lm_hash(conn->passwd, lm_hash); |
650 | 0 | Curl_ntlm_core_lm_resp(lm_hash, smbc->challenge, lm); |
651 | 0 | Curl_ntlm_core_mk_nt_hash(conn->passwd, nt_hash); |
652 | 0 | Curl_ntlm_core_lm_resp(nt_hash, smbc->challenge, nt); |
653 | |
|
654 | 0 | memset(&msg, 0, sizeof(msg)); |
655 | 0 | msg.word_count = SMB_WC_SETUP_ANDX; |
656 | 0 | msg.andx.command = SMB_COM_NO_ANDX_COMMAND; |
657 | 0 | msg.max_buffer_size = smb_swap16(MAX_MESSAGE_SIZE); |
658 | 0 | msg.max_mpx_count = smb_swap16(1); |
659 | 0 | msg.vc_number = smb_swap16(1); |
660 | 0 | msg.session_key = smb_swap32(smbc->session_key); |
661 | 0 | msg.capabilities = smb_swap32(SMB_CAP_LARGE_FILES); |
662 | 0 | msg.lengths[0] = smb_swap16(sizeof(lm)); |
663 | 0 | msg.lengths[1] = smb_swap16(sizeof(nt)); |
664 | 0 | memcpy(p, lm, sizeof(lm)); |
665 | 0 | p += sizeof(lm); |
666 | 0 | memcpy(p, nt, sizeof(nt)); |
667 | 0 | p += sizeof(nt); |
668 | 0 | MSGCATNULL(smbc->user); |
669 | 0 | MSGCATNULL(smbc->domain); |
670 | 0 | MSGCATNULL(OS); |
671 | 0 | MSGCATNULL(CLIENTNAME); |
672 | 0 | byte_count = p - msg.bytes; |
673 | 0 | msg.byte_count = smb_swap16((unsigned short)byte_count); |
674 | |
|
675 | 0 | return smb_send_message(data, SMB_COM_SETUP_ANDX, &msg, |
676 | 0 | sizeof(msg) - sizeof(msg.bytes) + byte_count); |
677 | 0 | } |
678 | | |
679 | | static CURLcode smb_send_tree_connect(struct Curl_easy *data) |
680 | 0 | { |
681 | 0 | struct smb_tree_connect msg; |
682 | 0 | struct connectdata *conn = data->conn; |
683 | 0 | struct smb_conn *smbc = &conn->proto.smbc; |
684 | 0 | char *p = msg.bytes; |
685 | |
|
686 | 0 | size_t byte_count = strlen(conn->host.name) + strlen(smbc->share); |
687 | 0 | byte_count += strlen(SERVICENAME) + 5; /* 2 nulls and 3 backslashes */ |
688 | 0 | if(byte_count > sizeof(msg.bytes)) |
689 | 0 | return CURLE_FILESIZE_EXCEEDED; |
690 | | |
691 | 0 | memset(&msg, 0, sizeof(msg)); |
692 | 0 | msg.word_count = SMB_WC_TREE_CONNECT_ANDX; |
693 | 0 | msg.andx.command = SMB_COM_NO_ANDX_COMMAND; |
694 | 0 | msg.pw_len = 0; |
695 | 0 | MSGCAT("\\\\"); |
696 | 0 | MSGCAT(conn->host.name); |
697 | 0 | MSGCAT("\\"); |
698 | 0 | MSGCATNULL(smbc->share); |
699 | 0 | MSGCATNULL(SERVICENAME); /* Match any type of service */ |
700 | 0 | byte_count = p - msg.bytes; |
701 | 0 | msg.byte_count = smb_swap16((unsigned short)byte_count); |
702 | |
|
703 | 0 | return smb_send_message(data, SMB_COM_TREE_CONNECT_ANDX, &msg, |
704 | 0 | sizeof(msg) - sizeof(msg.bytes) + byte_count); |
705 | 0 | } |
706 | | |
707 | | static CURLcode smb_send_open(struct Curl_easy *data) |
708 | 0 | { |
709 | 0 | struct smb_request *req = data->req.p.smb; |
710 | 0 | struct smb_nt_create msg; |
711 | 0 | size_t byte_count; |
712 | |
|
713 | 0 | if((strlen(req->path) + 1) > sizeof(msg.bytes)) |
714 | 0 | return CURLE_FILESIZE_EXCEEDED; |
715 | | |
716 | 0 | memset(&msg, 0, sizeof(msg)); |
717 | 0 | msg.word_count = SMB_WC_NT_CREATE_ANDX; |
718 | 0 | msg.andx.command = SMB_COM_NO_ANDX_COMMAND; |
719 | 0 | byte_count = strlen(req->path); |
720 | 0 | msg.name_length = smb_swap16((unsigned short)byte_count); |
721 | 0 | msg.share_access = smb_swap32(SMB_FILE_SHARE_ALL); |
722 | 0 | if(data->state.upload) { |
723 | 0 | msg.access = smb_swap32(SMB_GENERIC_READ | SMB_GENERIC_WRITE); |
724 | 0 | msg.create_disposition = smb_swap32(SMB_FILE_OVERWRITE_IF); |
725 | 0 | } |
726 | 0 | else { |
727 | 0 | msg.access = smb_swap32(SMB_GENERIC_READ); |
728 | 0 | msg.create_disposition = smb_swap32(SMB_FILE_OPEN); |
729 | 0 | } |
730 | 0 | msg.byte_count = smb_swap16((unsigned short) ++byte_count); |
731 | 0 | strcpy(msg.bytes, req->path); |
732 | |
|
733 | 0 | return smb_send_message(data, SMB_COM_NT_CREATE_ANDX, &msg, |
734 | 0 | sizeof(msg) - sizeof(msg.bytes) + byte_count); |
735 | 0 | } |
736 | | |
737 | | static CURLcode smb_send_close(struct Curl_easy *data) |
738 | 0 | { |
739 | 0 | struct smb_request *req = data->req.p.smb; |
740 | 0 | struct smb_close msg; |
741 | |
|
742 | 0 | memset(&msg, 0, sizeof(msg)); |
743 | 0 | msg.word_count = SMB_WC_CLOSE; |
744 | 0 | msg.fid = smb_swap16(req->fid); |
745 | |
|
746 | 0 | return smb_send_message(data, SMB_COM_CLOSE, &msg, sizeof(msg)); |
747 | 0 | } |
748 | | |
749 | | static CURLcode smb_send_tree_disconnect(struct Curl_easy *data) |
750 | 0 | { |
751 | 0 | struct smb_tree_disconnect msg; |
752 | |
|
753 | 0 | memset(&msg, 0, sizeof(msg)); |
754 | |
|
755 | 0 | return smb_send_message(data, SMB_COM_TREE_DISCONNECT, &msg, sizeof(msg)); |
756 | 0 | } |
757 | | |
758 | | static CURLcode smb_send_read(struct Curl_easy *data) |
759 | 0 | { |
760 | 0 | struct smb_request *req = data->req.p.smb; |
761 | 0 | curl_off_t offset = data->req.offset; |
762 | 0 | struct smb_read msg; |
763 | |
|
764 | 0 | memset(&msg, 0, sizeof(msg)); |
765 | 0 | msg.word_count = SMB_WC_READ_ANDX; |
766 | 0 | msg.andx.command = SMB_COM_NO_ANDX_COMMAND; |
767 | 0 | msg.fid = smb_swap16(req->fid); |
768 | 0 | msg.offset = smb_swap32((unsigned int) offset); |
769 | 0 | msg.offset_high = smb_swap32((unsigned int) (offset >> 32)); |
770 | 0 | msg.min_bytes = smb_swap16(MAX_PAYLOAD_SIZE); |
771 | 0 | msg.max_bytes = smb_swap16(MAX_PAYLOAD_SIZE); |
772 | |
|
773 | 0 | return smb_send_message(data, SMB_COM_READ_ANDX, &msg, sizeof(msg)); |
774 | 0 | } |
775 | | |
776 | | static CURLcode smb_send_write(struct Curl_easy *data) |
777 | 0 | { |
778 | 0 | struct smb_write *msg; |
779 | 0 | struct smb_request *req = data->req.p.smb; |
780 | 0 | curl_off_t offset = data->req.offset; |
781 | 0 | curl_off_t upload_size = data->req.size - data->req.bytecount; |
782 | 0 | CURLcode result = Curl_get_upload_buffer(data); |
783 | 0 | if(result) |
784 | 0 | return result; |
785 | 0 | msg = (struct smb_write *)data->state.ulbuf; |
786 | |
|
787 | 0 | if(upload_size >= MAX_PAYLOAD_SIZE - 1) /* There is one byte of padding */ |
788 | 0 | upload_size = MAX_PAYLOAD_SIZE - 1; |
789 | |
|
790 | 0 | memset(msg, 0, sizeof(*msg)); |
791 | 0 | msg->word_count = SMB_WC_WRITE_ANDX; |
792 | 0 | msg->andx.command = SMB_COM_NO_ANDX_COMMAND; |
793 | 0 | msg->fid = smb_swap16(req->fid); |
794 | 0 | msg->offset = smb_swap32((unsigned int) offset); |
795 | 0 | msg->offset_high = smb_swap32((unsigned int) (offset >> 32)); |
796 | 0 | msg->data_length = smb_swap16((unsigned short) upload_size); |
797 | 0 | msg->data_offset = smb_swap16(sizeof(*msg) - sizeof(unsigned int)); |
798 | 0 | msg->byte_count = smb_swap16((unsigned short) (upload_size + 1)); |
799 | |
|
800 | 0 | smb_format_message(data, &msg->h, SMB_COM_WRITE_ANDX, |
801 | 0 | sizeof(*msg) - sizeof(msg->h) + (size_t) upload_size); |
802 | |
|
803 | 0 | return smb_send(data, sizeof(*msg), (size_t) upload_size); |
804 | 0 | } |
805 | | |
806 | | static CURLcode smb_send_and_recv(struct Curl_easy *data, void **msg) |
807 | 0 | { |
808 | 0 | struct connectdata *conn = data->conn; |
809 | 0 | struct smb_conn *smbc = &conn->proto.smbc; |
810 | 0 | CURLcode result; |
811 | 0 | *msg = NULL; /* if it returns early */ |
812 | | |
813 | | /* Check if there is data in the transfer buffer */ |
814 | 0 | if(!smbc->send_size && smbc->upload_size) { |
815 | 0 | size_t nread = smbc->upload_size > (size_t)data->set.upload_buffer_size ? |
816 | 0 | (size_t)data->set.upload_buffer_size : smbc->upload_size; |
817 | 0 | data->req.upload_fromhere = data->state.ulbuf; |
818 | 0 | result = Curl_fillreadbuffer(data, nread, &nread); |
819 | 0 | if(result && result != CURLE_AGAIN) |
820 | 0 | return result; |
821 | 0 | if(!nread) |
822 | 0 | return CURLE_OK; |
823 | | |
824 | 0 | smbc->upload_size -= nread; |
825 | 0 | smbc->send_size = nread; |
826 | 0 | smbc->sent = 0; |
827 | 0 | } |
828 | | |
829 | | /* Check if there is data to send */ |
830 | 0 | if(smbc->send_size) { |
831 | 0 | result = smb_flush(data); |
832 | 0 | if(result) |
833 | 0 | return result; |
834 | 0 | } |
835 | | |
836 | | /* Check if there is still data to be sent */ |
837 | 0 | if(smbc->send_size || smbc->upload_size) |
838 | 0 | return CURLE_AGAIN; |
839 | | |
840 | 0 | return smb_recv_message(data, msg); |
841 | 0 | } |
842 | | |
843 | | static CURLcode smb_connection_state(struct Curl_easy *data, bool *done) |
844 | 0 | { |
845 | 0 | struct connectdata *conn = data->conn; |
846 | 0 | struct smb_conn *smbc = &conn->proto.smbc; |
847 | 0 | struct smb_negotiate_response *nrsp; |
848 | 0 | struct smb_header *h; |
849 | 0 | CURLcode result; |
850 | 0 | void *msg = NULL; |
851 | |
|
852 | 0 | if(smbc->state == SMB_CONNECTING) { |
853 | 0 | #ifdef USE_SSL |
854 | 0 | if((conn->handler->flags & PROTOPT_SSL)) { |
855 | 0 | bool ssl_done = FALSE; |
856 | 0 | result = Curl_conn_connect(data, FIRSTSOCKET, FALSE, &ssl_done); |
857 | 0 | if(result && result != CURLE_AGAIN) |
858 | 0 | return result; |
859 | 0 | if(!ssl_done) |
860 | 0 | return CURLE_OK; |
861 | 0 | } |
862 | 0 | #endif |
863 | | |
864 | 0 | result = smb_send_negotiate(data); |
865 | 0 | if(result) { |
866 | 0 | connclose(conn, "SMB: failed to send negotiate message"); |
867 | 0 | return result; |
868 | 0 | } |
869 | | |
870 | 0 | conn_state(data, SMB_NEGOTIATE); |
871 | 0 | } |
872 | | |
873 | | /* Send the previous message and check for a response */ |
874 | 0 | result = smb_send_and_recv(data, &msg); |
875 | 0 | if(result && result != CURLE_AGAIN) { |
876 | 0 | connclose(conn, "SMB: failed to communicate"); |
877 | 0 | return result; |
878 | 0 | } |
879 | | |
880 | 0 | if(!msg) |
881 | 0 | return CURLE_OK; |
882 | | |
883 | 0 | h = msg; |
884 | |
|
885 | 0 | switch(smbc->state) { |
886 | 0 | case SMB_NEGOTIATE: |
887 | 0 | if((smbc->got < sizeof(*nrsp) + sizeof(smbc->challenge) - 1) || |
888 | 0 | h->status) { |
889 | 0 | connclose(conn, "SMB: negotiation failed"); |
890 | 0 | return CURLE_COULDNT_CONNECT; |
891 | 0 | } |
892 | 0 | nrsp = msg; |
893 | 0 | memcpy(smbc->challenge, nrsp->bytes, sizeof(smbc->challenge)); |
894 | 0 | smbc->session_key = smb_swap32(nrsp->session_key); |
895 | 0 | result = smb_send_setup(data); |
896 | 0 | if(result) { |
897 | 0 | connclose(conn, "SMB: failed to send setup message"); |
898 | 0 | return result; |
899 | 0 | } |
900 | 0 | conn_state(data, SMB_SETUP); |
901 | 0 | break; |
902 | | |
903 | 0 | case SMB_SETUP: |
904 | 0 | if(h->status) { |
905 | 0 | connclose(conn, "SMB: authentication failed"); |
906 | 0 | return CURLE_LOGIN_DENIED; |
907 | 0 | } |
908 | 0 | smbc->uid = smb_swap16(h->uid); |
909 | 0 | conn_state(data, SMB_CONNECTED); |
910 | 0 | *done = true; |
911 | 0 | break; |
912 | | |
913 | 0 | default: |
914 | 0 | smb_pop_message(conn); |
915 | 0 | return CURLE_OK; /* ignore */ |
916 | 0 | } |
917 | | |
918 | 0 | smb_pop_message(conn); |
919 | |
|
920 | 0 | return CURLE_OK; |
921 | 0 | } |
922 | | |
923 | | /* |
924 | | * Convert a timestamp from the Windows world (100 nsec units from 1 Jan 1601) |
925 | | * to Posix time. Cap the output to fit within a time_t. |
926 | | */ |
927 | | static void get_posix_time(time_t *out, curl_off_t timestamp) |
928 | 0 | { |
929 | 0 | timestamp -= 116444736000000000; |
930 | 0 | timestamp /= 10000000; |
931 | | #if SIZEOF_TIME_T < SIZEOF_CURL_OFF_T |
932 | | if(timestamp > TIME_T_MAX) |
933 | | *out = TIME_T_MAX; |
934 | | else if(timestamp < TIME_T_MIN) |
935 | | *out = TIME_T_MIN; |
936 | | else |
937 | | #endif |
938 | 0 | *out = (time_t) timestamp; |
939 | 0 | } |
940 | | |
941 | | static CURLcode smb_request_state(struct Curl_easy *data, bool *done) |
942 | 0 | { |
943 | 0 | struct connectdata *conn = data->conn; |
944 | 0 | struct smb_request *req = data->req.p.smb; |
945 | 0 | struct smb_header *h; |
946 | 0 | struct smb_conn *smbc = &conn->proto.smbc; |
947 | 0 | enum smb_req_state next_state = SMB_DONE; |
948 | 0 | unsigned short len; |
949 | 0 | unsigned short off; |
950 | 0 | CURLcode result; |
951 | 0 | void *msg = NULL; |
952 | 0 | const struct smb_nt_create_response *smb_m; |
953 | |
|
954 | 0 | if(data->state.upload && (data->state.infilesize < 0)) { |
955 | 0 | failf(data, "SMB upload needs to know the size up front"); |
956 | 0 | return CURLE_SEND_ERROR; |
957 | 0 | } |
958 | | |
959 | | /* Start the request */ |
960 | 0 | if(req->state == SMB_REQUESTING) { |
961 | 0 | result = smb_send_tree_connect(data); |
962 | 0 | if(result) { |
963 | 0 | connclose(conn, "SMB: failed to send tree connect message"); |
964 | 0 | return result; |
965 | 0 | } |
966 | | |
967 | 0 | request_state(data, SMB_TREE_CONNECT); |
968 | 0 | } |
969 | | |
970 | | /* Send the previous message and check for a response */ |
971 | 0 | result = smb_send_and_recv(data, &msg); |
972 | 0 | if(result && result != CURLE_AGAIN) { |
973 | 0 | connclose(conn, "SMB: failed to communicate"); |
974 | 0 | return result; |
975 | 0 | } |
976 | | |
977 | 0 | if(!msg) |
978 | 0 | return CURLE_OK; |
979 | | |
980 | 0 | h = msg; |
981 | |
|
982 | 0 | switch(req->state) { |
983 | 0 | case SMB_TREE_CONNECT: |
984 | 0 | if(h->status) { |
985 | 0 | req->result = CURLE_REMOTE_FILE_NOT_FOUND; |
986 | 0 | if(h->status == smb_swap32(SMB_ERR_NOACCESS)) |
987 | 0 | req->result = CURLE_REMOTE_ACCESS_DENIED; |
988 | 0 | break; |
989 | 0 | } |
990 | 0 | req->tid = smb_swap16(h->tid); |
991 | 0 | next_state = SMB_OPEN; |
992 | 0 | break; |
993 | | |
994 | 0 | case SMB_OPEN: |
995 | 0 | if(h->status || smbc->got < sizeof(struct smb_nt_create_response)) { |
996 | 0 | req->result = CURLE_REMOTE_FILE_NOT_FOUND; |
997 | 0 | if(h->status == smb_swap32(SMB_ERR_NOACCESS)) |
998 | 0 | req->result = CURLE_REMOTE_ACCESS_DENIED; |
999 | 0 | next_state = SMB_TREE_DISCONNECT; |
1000 | 0 | break; |
1001 | 0 | } |
1002 | 0 | smb_m = (const struct smb_nt_create_response*) msg; |
1003 | 0 | req->fid = smb_swap16(smb_m->fid); |
1004 | 0 | data->req.offset = 0; |
1005 | 0 | if(data->state.upload) { |
1006 | 0 | data->req.size = data->state.infilesize; |
1007 | 0 | Curl_pgrsSetUploadSize(data, data->req.size); |
1008 | 0 | next_state = SMB_UPLOAD; |
1009 | 0 | } |
1010 | 0 | else { |
1011 | 0 | data->req.size = smb_swap64(smb_m->end_of_file); |
1012 | 0 | if(data->req.size < 0) { |
1013 | 0 | req->result = CURLE_WEIRD_SERVER_REPLY; |
1014 | 0 | next_state = SMB_CLOSE; |
1015 | 0 | } |
1016 | 0 | else { |
1017 | 0 | Curl_pgrsSetDownloadSize(data, data->req.size); |
1018 | 0 | if(data->set.get_filetime) |
1019 | 0 | get_posix_time(&data->info.filetime, smb_m->last_change_time); |
1020 | 0 | next_state = SMB_DOWNLOAD; |
1021 | 0 | } |
1022 | 0 | } |
1023 | 0 | break; |
1024 | | |
1025 | 0 | case SMB_DOWNLOAD: |
1026 | 0 | if(h->status || smbc->got < sizeof(struct smb_header) + 14) { |
1027 | 0 | req->result = CURLE_RECV_ERROR; |
1028 | 0 | next_state = SMB_CLOSE; |
1029 | 0 | break; |
1030 | 0 | } |
1031 | 0 | len = Curl_read16_le(((const unsigned char *) msg) + |
1032 | 0 | sizeof(struct smb_header) + 11); |
1033 | 0 | off = Curl_read16_le(((const unsigned char *) msg) + |
1034 | 0 | sizeof(struct smb_header) + 13); |
1035 | 0 | if(len > 0) { |
1036 | 0 | if(off + sizeof(unsigned int) + len > smbc->got) { |
1037 | 0 | failf(data, "Invalid input packet"); |
1038 | 0 | result = CURLE_RECV_ERROR; |
1039 | 0 | } |
1040 | 0 | else |
1041 | 0 | result = Curl_client_write(data, CLIENTWRITE_BODY, |
1042 | 0 | (char *)msg + off + sizeof(unsigned int), |
1043 | 0 | len); |
1044 | 0 | if(result) { |
1045 | 0 | req->result = result; |
1046 | 0 | next_state = SMB_CLOSE; |
1047 | 0 | break; |
1048 | 0 | } |
1049 | 0 | } |
1050 | 0 | data->req.offset += len; |
1051 | 0 | next_state = (len < MAX_PAYLOAD_SIZE) ? SMB_CLOSE : SMB_DOWNLOAD; |
1052 | 0 | break; |
1053 | | |
1054 | 0 | case SMB_UPLOAD: |
1055 | 0 | if(h->status || smbc->got < sizeof(struct smb_header) + 6) { |
1056 | 0 | req->result = CURLE_UPLOAD_FAILED; |
1057 | 0 | next_state = SMB_CLOSE; |
1058 | 0 | break; |
1059 | 0 | } |
1060 | 0 | len = Curl_read16_le(((const unsigned char *) msg) + |
1061 | 0 | sizeof(struct smb_header) + 5); |
1062 | 0 | data->req.bytecount += len; |
1063 | 0 | data->req.offset += len; |
1064 | 0 | Curl_pgrsSetUploadCounter(data, data->req.bytecount); |
1065 | 0 | if(data->req.bytecount >= data->req.size) |
1066 | 0 | next_state = SMB_CLOSE; |
1067 | 0 | else |
1068 | 0 | next_state = SMB_UPLOAD; |
1069 | 0 | break; |
1070 | | |
1071 | 0 | case SMB_CLOSE: |
1072 | | /* We don't care if the close failed, proceed to tree disconnect anyway */ |
1073 | 0 | next_state = SMB_TREE_DISCONNECT; |
1074 | 0 | break; |
1075 | | |
1076 | 0 | case SMB_TREE_DISCONNECT: |
1077 | 0 | next_state = SMB_DONE; |
1078 | 0 | break; |
1079 | | |
1080 | 0 | default: |
1081 | 0 | smb_pop_message(conn); |
1082 | 0 | return CURLE_OK; /* ignore */ |
1083 | 0 | } |
1084 | | |
1085 | 0 | smb_pop_message(conn); |
1086 | |
|
1087 | 0 | switch(next_state) { |
1088 | 0 | case SMB_OPEN: |
1089 | 0 | result = smb_send_open(data); |
1090 | 0 | break; |
1091 | | |
1092 | 0 | case SMB_DOWNLOAD: |
1093 | 0 | result = smb_send_read(data); |
1094 | 0 | break; |
1095 | | |
1096 | 0 | case SMB_UPLOAD: |
1097 | 0 | result = smb_send_write(data); |
1098 | 0 | break; |
1099 | | |
1100 | 0 | case SMB_CLOSE: |
1101 | 0 | result = smb_send_close(data); |
1102 | 0 | break; |
1103 | | |
1104 | 0 | case SMB_TREE_DISCONNECT: |
1105 | 0 | result = smb_send_tree_disconnect(data); |
1106 | 0 | break; |
1107 | | |
1108 | 0 | case SMB_DONE: |
1109 | 0 | result = req->result; |
1110 | 0 | *done = true; |
1111 | 0 | break; |
1112 | | |
1113 | 0 | default: |
1114 | 0 | break; |
1115 | 0 | } |
1116 | | |
1117 | 0 | if(result) { |
1118 | 0 | connclose(conn, "SMB: failed to send message"); |
1119 | 0 | return result; |
1120 | 0 | } |
1121 | | |
1122 | 0 | request_state(data, next_state); |
1123 | |
|
1124 | 0 | return CURLE_OK; |
1125 | 0 | } |
1126 | | |
1127 | | static CURLcode smb_disconnect(struct Curl_easy *data, |
1128 | | struct connectdata *conn, bool dead) |
1129 | 0 | { |
1130 | 0 | struct smb_conn *smbc = &conn->proto.smbc; |
1131 | 0 | (void) dead; |
1132 | 0 | (void) data; |
1133 | 0 | Curl_safefree(smbc->share); |
1134 | 0 | Curl_safefree(smbc->domain); |
1135 | 0 | Curl_safefree(smbc->recv_buf); |
1136 | 0 | return CURLE_OK; |
1137 | 0 | } |
1138 | | |
1139 | | static int smb_getsock(struct Curl_easy *data, |
1140 | | struct connectdata *conn, curl_socket_t *socks) |
1141 | 0 | { |
1142 | 0 | (void)data; |
1143 | 0 | socks[0] = conn->sock[FIRSTSOCKET]; |
1144 | 0 | return GETSOCK_READSOCK(0) | GETSOCK_WRITESOCK(0); |
1145 | 0 | } |
1146 | | |
1147 | | static CURLcode smb_do(struct Curl_easy *data, bool *done) |
1148 | 0 | { |
1149 | 0 | struct connectdata *conn = data->conn; |
1150 | 0 | struct smb_conn *smbc = &conn->proto.smbc; |
1151 | |
|
1152 | 0 | *done = FALSE; |
1153 | 0 | if(smbc->share) { |
1154 | 0 | return CURLE_OK; |
1155 | 0 | } |
1156 | 0 | return CURLE_URL_MALFORMAT; |
1157 | 0 | } |
1158 | | |
1159 | | static CURLcode smb_parse_url_path(struct Curl_easy *data, |
1160 | | struct connectdata *conn) |
1161 | 0 | { |
1162 | 0 | struct smb_request *req = data->req.p.smb; |
1163 | 0 | struct smb_conn *smbc = &conn->proto.smbc; |
1164 | 0 | char *path; |
1165 | 0 | char *slash; |
1166 | | |
1167 | | /* URL decode the path */ |
1168 | 0 | CURLcode result = Curl_urldecode(data->state.up.path, 0, &path, NULL, |
1169 | 0 | REJECT_CTRL); |
1170 | 0 | if(result) |
1171 | 0 | return result; |
1172 | | |
1173 | | /* Parse the path for the share */ |
1174 | 0 | smbc->share = strdup((*path == '/' || *path == '\\') ? path + 1 : path); |
1175 | 0 | free(path); |
1176 | 0 | if(!smbc->share) |
1177 | 0 | return CURLE_OUT_OF_MEMORY; |
1178 | | |
1179 | 0 | slash = strchr(smbc->share, '/'); |
1180 | 0 | if(!slash) |
1181 | 0 | slash = strchr(smbc->share, '\\'); |
1182 | | |
1183 | | /* The share must be present */ |
1184 | 0 | if(!slash) { |
1185 | 0 | Curl_safefree(smbc->share); |
1186 | 0 | failf(data, "missing share in URL path for SMB"); |
1187 | 0 | return CURLE_URL_MALFORMAT; |
1188 | 0 | } |
1189 | | |
1190 | | /* Parse the path for the file path converting any forward slashes into |
1191 | | backslashes */ |
1192 | 0 | *slash++ = 0; |
1193 | 0 | req->path = slash; |
1194 | |
|
1195 | 0 | for(; *slash; slash++) { |
1196 | 0 | if(*slash == '/') |
1197 | 0 | *slash = '\\'; |
1198 | 0 | } |
1199 | 0 | return CURLE_OK; |
1200 | 0 | } |
1201 | | |
1202 | | #endif /* CURL_DISABLE_SMB && USE_CURL_NTLM_CORE && |
1203 | | SIZEOF_CURL_OFF_T > 4 */ |