Changeset 988 for vendor/current/source4/libcli/raw

vendor/current/source4/libcli/raw/clioplock.c

-              r414
+              r988
         req = smbcli_request_setup(tree, SMBlockingX, 8, 0);
+        if (req == NULL) {
+                return false;
+        }
         SSVAL(req->out.vwv,VWV(0),0xFF);
 …
         SSVAL(req->out.vwv,VWV(7),0);
+        /* this request does not expect a reply, so tell the signing
+           subsystem not to allocate an id for a reply */
+        req->one_way_request = 1;
+        ret = smbcli_request_send(req);
+        /*
+         * The low level code knows it is a
+         * one way request by looking at SMBlockingX,
+         * wct == 8 and LOCKING_ANDX_OPLOCK_RELEASE
+         */
+        ret = smbcli_request_send(req);
         return ret;

vendor/current/source4/libcli/raw/clisession.c

-              r414
+              r988
 #include "libcli/raw/raw_proto.h"
 #include "system/filesys.h"
+#include "../libcli/smb/smbXcli_base.h"
 #define SETUP_REQUEST_SESSION(cmd, wct, buflen) do { \
 …
         session->vuid = UID_FIELD_INVALID;
         session->options = options;
+        /*
+         * for now session->vuid is still used by the callers, but we call:
+         * smb1cli_session_set_id(session->smbXcli, session->vuid);
+         * before using session->smbXcli, in future we should remove
+         * session->vuid.
+         */
+        session->smbXcli = smbXcli_session_create(session, transport->conn);
+        if (session->smbXcli == NULL) {
+                talloc_free(session);
+                return NULL;
+        }
         capabilities = transport->negotiate.capabilities;
 …
                 flags2 |= FLAGS2_EXTENDED_SECURITY;
+        }
         if (session->transport->negotiate.sign_info.doing_signing) {
+        if (smb1cli_conn_signing_is_active(session->transport->conn)) {
                 flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES;
+        }

vendor/current/source4/libcli/raw/clisocket.c

-              r740
+              r988
 #include "includes.h"
+#include "system/network.h"
+#include "../lib/async_req/async_sock.h"
+#include "../lib/util/tevent_ntstatus.h"
 #include "lib/events/events.h"
 #include "libcli/raw/libcliraw.h"
 …
 #include "param/param.h"
 #include "libcli/raw/raw_proto.h"
+#include "../libcli/smb/read_smb.h"
+struct smbcli_transport_connect_state {
+        struct tevent_context *ev;
+        struct socket_context *sock;
+        struct tevent_req *io_req;
+        uint8_t *request;
+        struct iovec iov;
+        uint8_t *response;
+};
+static void smbcli_transport_connect_cleanup(struct tevent_req *req,
+                                             enum tevent_req_state req_state);
+static void smbcli_transport_connect_writev_done(struct tevent_req *subreq);
+static void smbcli_transport_connect_read_smb_done(struct tevent_req *subreq);
+static struct tevent_req *smbcli_transport_connect_send(TALLOC_CTX *mem_ctx,
+                                                 struct tevent_context *ev,
+                                                 struct socket_context *sock,
+                                                 uint16_t port,
+                                                 uint32_t timeout_msec,
+                                                 struct nbt_name *calling,
+                                                 struct nbt_name *called)
+{
+        struct tevent_req *req;
+        struct smbcli_transport_connect_state *state;
+        struct tevent_req *subreq;
+        DATA_BLOB calling_blob, called_blob;
+        uint8_t *p;
+        NTSTATUS status;
+        req = tevent_req_create(mem_ctx, &state,
+                                struct smbcli_transport_connect_state);
+        if (req == NULL) {
+                return NULL;
+        }
+        state->ev = ev;
+        state->sock = sock;
+        if (port != 139) {
+                tevent_req_done(req);
+                return tevent_req_post(req, ev);
+        }
+        tevent_req_set_cleanup_fn(req, smbcli_transport_connect_cleanup);
+        status = nbt_name_to_blob(state, &calling_blob, calling);
+        if (tevent_req_nterror(req, status)) {
+                return tevent_req_post(req, ev);
+        }
+        status = nbt_name_to_blob(state, &called_blob, called);
+        if (tevent_req_nterror(req, status)) {
+                return tevent_req_post(req, ev);
+        }
+        state->request = talloc_array(state, uint8_t,
+                                      NBT_HDR_SIZE +
+                                      called_blob.length +
+                                      calling_blob.length);
+        if (tevent_req_nomem(state->request, req)) {
+                return tevent_req_post(req, ev);
+        }
+        /* put in the destination name */
+        p = state->request + NBT_HDR_SIZE;
+        memcpy(p, called_blob.data, called_blob.length);
+        p += called_blob.length;
+        memcpy(p, calling_blob.data, calling_blob.length);
+        p += calling_blob.length;
+        _smb_setlen_nbt(state->request,
+                        PTR_DIFF(p, state->request) - NBT_HDR_SIZE);
+        SCVAL(state->request, 0, NBSSrequest);
+        state->iov.iov_len = talloc_array_length(state->request);
+        state->iov.iov_base = (void *)state->request;
+        subreq = writev_send(state, ev, NULL,
+                             sock->fd,
+                             true, /* err_on_readability */
+                             &state->iov, 1);
+        if (tevent_req_nomem(subreq, req)) {
+                return tevent_req_post(req, ev);
+        }
+        tevent_req_set_callback(subreq,
+                                smbcli_transport_connect_writev_done,
+                                req);
+        state->io_req = subreq;
+        if (timeout_msec > 0) {
+                struct timeval endtime;
+                endtime = timeval_current_ofs_msec(timeout_msec);
+                if (!tevent_req_set_endtime(req, ev, endtime)) {
+                        return tevent_req_post(req, ev);
+                }
+        }
+        return req;
+}
+static void smbcli_transport_connect_cleanup(struct tevent_req *req,
+                                             enum tevent_req_state req_state)
+{
+        struct smbcli_transport_connect_state *state =
+                tevent_req_data(req,
+                struct smbcli_transport_connect_state);
+        TALLOC_FREE(state->io_req);
+        if (state->sock == NULL) {
+                return;
+        }
+        if (state->sock->fd == -1) {
+                return;
+        }
+        if (req_state == TEVENT_REQ_DONE) {
+                /*
+                 * we keep the socket open for the caller to use
+                 */
+                state->sock = NULL;
+                return;
+        }
+        close(state->sock->fd);
+        state->sock->fd = -1;
+        state->sock = NULL;
+}
+static void smbcli_transport_connect_writev_done(struct tevent_req *subreq)
+{
+        struct tevent_req *req =
+                tevent_req_callback_data(subreq,
+                struct tevent_req);
+        struct smbcli_transport_connect_state *state =
+                tevent_req_data(req,
+                struct smbcli_transport_connect_state);
+        ssize_t ret;
+        int err;
+        state->io_req = NULL;
+        ret = writev_recv(subreq, &err);
+        TALLOC_FREE(subreq);
+        if (ret == -1) {
+                NTSTATUS status = map_nt_error_from_unix_common(err);
+                tevent_req_nterror(req, status);
+                return;
+        }
+        subreq = read_smb_send(state, state->ev,
+                               state->sock->fd);
+        if (tevent_req_nomem(subreq, req)) {
+                return;
+        }
+        tevent_req_set_callback(subreq,
+                                smbcli_transport_connect_read_smb_done,
+                                req);
+        state->io_req = subreq;
+}
+static void smbcli_transport_connect_read_smb_done(struct tevent_req *subreq)
+{
+        struct tevent_req *req =
+                tevent_req_callback_data(subreq,
+                struct tevent_req);
+        struct smbcli_transport_connect_state *state =
+                tevent_req_data(req,
+                struct smbcli_transport_connect_state);
+        ssize_t ret;
+        int err;
+        NTSTATUS status;
+        uint8_t error;
+        state->io_req = NULL;
+        ret = read_smb_recv(subreq, state,
+                            &state->response, &err);
+        TALLOC_FREE(subreq);
+        if (ret == -1) {
+                status = map_nt_error_from_unix_common(err);
+                tevent_req_nterror(req, status);
+                return;
+        }
+        if (ret < 4) {
+                tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);
+                return;
+        }
+        switch (CVAL(state->response, 0)) {
+        case NBSSpositive:
+                tevent_req_done(req);
+                return;
+        case NBSSnegative:
+                if (ret < 5) {
+                        tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);
+                        return;
+                }
+                error = CVAL(state->response, 4);
+                switch (error) {
+                case 0x80:
+                case 0x81:
+                        status = NT_STATUS_REMOTE_NOT_LISTENING;
+                        break;
+                case 0x82:
+                        status = NT_STATUS_RESOURCE_NAME_NOT_FOUND;
+                        break;
+                case 0x83:
+                        status = NT_STATUS_REMOTE_RESOURCES;
+                        break;
+                default:
+                        status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+                        break;
+                }
+                break;
+        case NBSSretarget:
+                DEBUG(1,("Warning: session retarget not supported\n"));
+                status = NT_STATUS_NOT_SUPPORTED;
+                break;
+        default:
+                status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+                break;
+        }
+        tevent_req_nterror(req, status);
+}
+static NTSTATUS smbcli_transport_connect_recv(struct tevent_req *req)
+{
+        return tevent_req_simple_recv_ntstatus(req);
+}
 struct sock_connect_state {
 …
         const char *socket_options;
         struct smbcli_socket *result;
+        struct socket_connect_multi_ex multi_ex;
+        struct nbt_name calling;
+        struct nbt_name called;
 };
 …
   if port is 0 then choose 445 then 139
 */
+static struct tevent_req *smbcli_sock_establish_send(TALLOC_CTX *mem_ctx,
+                                                     struct tevent_context *ev,
+                                                     struct socket_context *sock,
+                                                     struct socket_address *addr,
+                                                     void *private_data)
+{
+        struct sock_connect_state *state =
+                talloc_get_type_abort(private_data,
+                struct sock_connect_state);
+        uint32_t timeout_msec = 15 * 1000;
+        return smbcli_transport_connect_send(state,
+                                             ev,
+                                             sock,
+                                             addr->port,
+                                             timeout_msec,
+                                             &state->calling,
+                                             &state->called);
+}
+static NTSTATUS smbcli_sock_establish_recv(struct tevent_req *req)
+{
+        return smbcli_transport_connect_recv(req);
+}
 static void smbcli_sock_connect_recv_conn(struct composite_context *ctx);
 …
                                                    struct resolve_context *resolve_ctx,
                                                    struct tevent_context *event_ctx,
+                                                   const char *socket_options)
+                                                   const char *socket_options,
+                                                   struct nbt_name *calling,
+                                                   struct nbt_name *called)
+{
         struct composite_context *result, *ctx;
         struct sock_connect_state *state;
+        NTSTATUS status;
         int i;
 …
+        }
+        ctx = socket_connect_multi_send(state, host_addr,
+                                        state->num_ports, state->ports,
+                                        resolve_ctx,
+                                        state->ctx->event_ctx);
+        state->multi_ex.private_data = state;
+        state->multi_ex.establish_send = smbcli_sock_establish_send;
+        state->multi_ex.establish_recv = smbcli_sock_establish_recv;
+        status = nbt_name_dup(state, calling, &state->calling);
+        if (!NT_STATUS_IS_OK(status)) {
+                goto failed;
+        }
+        status = nbt_name_dup(state, called, &state->called);
+        if (!NT_STATUS_IS_OK(status)) {
+                goto failed;
+        }
+        ctx = socket_connect_multi_ex_send(state, host_addr,
+                                           state->num_ports, state->ports,
+                                           resolve_ctx,
+                                           state->ctx->event_ctx,
+                                           &state->multi_ex);
         if (ctx == NULL) goto failed;
         ctx->async.fn = smbcli_sock_connect_recv_conn;
 …
         uint16_t port;
         state->ctx->status = socket_connect_multi_recv(ctx, state, &sock,
                                                        &port);
+        state->ctx->status = socket_connect_multi_ex_recv(ctx, state, &sock,
+                                                          &port);
         if (!composite_is_ok(state->ctx)) return;
 …
                              struct resolve_context *resolve_ctx,
                              struct tevent_context *event_ctx,
+                                 const char *socket_options,
+                             const char *socket_options,
+                             struct nbt_name *calling,
+                             struct nbt_name *called,
                              struct smbcli_socket **result)
+{
 …
                 smbcli_sock_connect_send(mem_ctx, host_addr, ports, host_name,
                                          resolve_ctx,
+                                         event_ctx, socket_options);
+                                         event_ctx, socket_options,
+                                         calling, called);
         return smbcli_sock_connect_recv(c, mem_ctx, result);
+}
-/****************************************************************************
- mark the socket as dead
-****************************************************************************/
-_PUBLIC_ void smbcli_sock_dead(struct smbcli_socket *sock)
+{
-        talloc_free(sock->event.fde);
-        sock->event.fde = NULL;
-        talloc_free(sock->sock);
-        sock->sock = NULL;
+}
-/****************************************************************************
- Set socket options on a open connection.
-****************************************************************************/
-void smbcli_sock_set_options(struct smbcli_socket *sock, const char *options)
+{
-        socket_set_option(sock->sock, options, NULL);
+}
-/****************************************************************************
-resolve a hostname and connect
-****************************************************************************/
-_PUBLIC_ struct smbcli_socket *smbcli_sock_connect_byname(const char *host, const char **ports,
-                                                 TALLOC_CTX *mem_ctx,
-                                                 struct resolve_context *resolve_ctx,
-                                                 struct tevent_context *event_ctx,
-                                                 const char *socket_options)
+{
-        int name_type = NBT_NAME_SERVER;
-        const char *address;
-        NTSTATUS status;
-        struct nbt_name nbt_name;
-        char *name, *p;
-        TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
-        struct smbcli_socket *result;
-        if (event_ctx == NULL) {
-                DEBUG(0, ("Invalid NULL event context passed in as parameter\n"));
-                return NULL;
+        }
-        if (tmp_ctx == NULL) {
-                DEBUG(0, ("talloc_new failed\n"));
-                return NULL;
+        }
-        name = talloc_strdup(tmp_ctx, host);
-        if (name == NULL) {
-                DEBUG(0, ("talloc_strdup failed\n"));
-                talloc_free(tmp_ctx);
-                return NULL;
+        }
-        /* allow hostnames of the form NAME#xx and do a netbios lookup */
-        if ((p = strchr(name, '#'))) {
-                name_type = strtol(p+1, NULL, 16);
-                *p = 0;
+        }
-        make_nbt_name(&nbt_name, host, name_type);
-        status = resolve_name(resolve_ctx, &nbt_name, tmp_ctx, &address, event_ctx);
-        if (!NT_STATUS_IS_OK(status)) {
-                talloc_free(tmp_ctx);
-                return NULL;
+        }
-        status = smbcli_sock_connect(mem_ctx, address, ports, name, resolve_ctx,
-                                     event_ctx,
-                                         socket_options, &result);
-        if (!NT_STATUS_IS_OK(status)) {
-                DEBUG(9, ("smbcli_sock_connect failed: %s\n",
-                          nt_errstr(status)));
-                talloc_free(tmp_ctx);
-                return NULL;
+        }
-        talloc_free(tmp_ctx);
-        return result;
+}

vendor/current/source4/libcli/raw/clitransport.c

-              r740
+              r988
 #include "includes.h"
+#include "system/network.h"
+#include "../lib/async_req/async_sock.h"
+#include "../lib/util/tevent_ntstatus.h"
 #include "libcli/raw/libcliraw.h"
 #include "libcli/raw/raw_proto.h"
 #include "lib/socket/socket.h"
-#include "../lib/util/dlinklist.h"
 #include "lib/events/events.h"
-#include "lib/stream/packet.h"
 #include "librpc/gen_ndr/ndr_nbt.h"
 #include "../libcli/nbt/libnbt.h"
+/*
+  an event has happened on the socket
+*/
+static void smbcli_transport_event_handler(struct tevent_context *ev,
+                                           struct tevent_fd *fde,
+                                           uint16_t flags, void *private_data)
+{
+        struct smbcli_transport *transport = talloc_get_type(private_data,
+                                                             struct smbcli_transport);
+        if (flags & EVENT_FD_READ) {
+                packet_recv(transport->packet);
+                return;
+        }
+        if (flags & EVENT_FD_WRITE) {
+                packet_queue_run(transport->packet);
+        }
+}
+#include "../libcli/smb/smbXcli_base.h"
+#include "../libcli/smb/read_smb.h"
 /*
 …
         return 0;
+}
-/*
-  handle receive errors
-*/
-static void smbcli_transport_error(void *private_data, NTSTATUS status)
+{
-        struct smbcli_transport *transport = talloc_get_type(private_data, struct smbcli_transport);
-        smbcli_transport_dead(transport, status);
+}
-static NTSTATUS smbcli_transport_finish_recv(void *private_data, DATA_BLOB blob);
 /*
 …
+{
         struct smbcli_transport *transport;
+        uint32_t smb1_capabilities;
         transport = talloc_zero(parent_ctx, struct smbcli_transport);
         if (!transport) return NULL;
+        if (primary) {
+                transport->socket = talloc_steal(transport, sock);
+        } else {
+                transport->socket = talloc_reference(transport, sock);
+        }
+        transport->negotiate.protocol = PROTOCOL_NT1;
+        transport->ev = sock->event.ctx;
         transport->options = *options;
+        transport->negotiate.max_xmit = transport->options.max_xmit;
+        /* setup the stream -> packet parser */
+        transport->packet = packet_init(transport);
+        if (transport->packet == NULL) {
+                talloc_free(transport);
+        if (transport->options.max_protocol == PROTOCOL_DEFAULT) {
+                transport->options.max_protocol = PROTOCOL_NT1;
+        }
+        if (transport->options.max_protocol > PROTOCOL_NT1) {
+                transport->options.max_protocol = PROTOCOL_NT1;
+        }
+        TALLOC_FREE(sock->event.fde);
+        TALLOC_FREE(sock->event.te);
+        smb1_capabilities = 0;
+        smb1_capabilities |= CAP_LARGE_FILES;
+        smb1_capabilities |= CAP_NT_SMBS | CAP_RPC_REMOTE_APIS;
+        smb1_capabilities |= CAP_LOCK_AND_READ | CAP_NT_FIND;
+        smb1_capabilities |= CAP_DFS | CAP_W2K_SMBS;
+        smb1_capabilities |= CAP_LARGE_READX|CAP_LARGE_WRITEX;
+        smb1_capabilities |= CAP_LWIO;
+        if (options->ntstatus_support) {
+                smb1_capabilities |= CAP_STATUS32;
+        }
+        if (options->unicode) {
+                smb1_capabilities |= CAP_UNICODE;
+        }
+        if (options->use_spnego) {
+                smb1_capabilities |= CAP_EXTENDED_SECURITY;
+        }
+        if (options->use_level2_oplocks) {
+                smb1_capabilities |= CAP_LEVEL_II_OPLOCKS;
+        }
+        transport->conn = smbXcli_conn_create(transport,
+                                              sock->sock->fd,
+                                              sock->hostname,
+                                              options->signing,
+                                              smb1_capabilities,
+                                              NULL, /* client_guid */
+); /* smb2_capabilities */
+        if (transport->conn == NULL) {
+                TALLOC_FREE(sock);
+                TALLOC_FREE(transport);
                 return NULL;
+        }
+        packet_set_private(transport->packet, transport);
+        packet_set_socket(transport->packet, transport->socket->sock);
+        packet_set_callback(transport->packet, smbcli_transport_finish_recv);
+        packet_set_full_request(transport->packet, packet_full_request_nbt);
+        packet_set_error_handler(transport->packet, smbcli_transport_error);
+        packet_set_event_context(transport->packet, transport->socket->event.ctx);
+        packet_set_nofree(transport->packet);
+        packet_set_initial_read(transport->packet, 4);
+        smbcli_init_signing(transport);
+        ZERO_STRUCT(transport->called);
+        /* take over event handling from the socket layer - it only
+           handles events up until we are connected */
+        talloc_free(transport->socket->event.fde);
+        transport->socket->event.fde = event_add_fd(transport->socket->event.ctx,
+                                                    transport->socket->sock,
+                                                    socket_get_fd(transport->socket->sock),
+                                                    EVENT_FD_READ,
+                                                    smbcli_transport_event_handler,
+                                                    transport);
+        packet_set_fde(transport->packet, transport->socket->event.fde);
+        packet_set_serialise(transport->packet);
+        sock->sock->fd = -1;
+        TALLOC_FREE(sock);
         talloc_set_destructor(transport, transport_destructor);
 …
 void smbcli_transport_dead(struct smbcli_transport *transport, NTSTATUS status)
+{
-        smbcli_sock_dead(transport->socket);
         if (NT_STATUS_EQUAL(NT_STATUS_UNSUCCESSFUL, status)) {
                 status = NT_STATUS_UNEXPECTED_NETWORK_ERROR;
+        }
+        /* kill only the first pending receive - this is so that if
+         that async function frees the connection we don't die trying
+         to use old memory. The caller has to cope with only one
+         network error */
+        if (transport->pending_recv) {
+                struct smbcli_request *req = transport->pending_recv;
+                req->state = SMBCLI_REQUEST_ERROR;
+                req->status = status;
+                DLIST_REMOVE(transport->pending_recv, req);
+                if (req->async.fn) {
+                        req->async.fn(req);
+                }
+        }
+}
+/*
+  send a session request
+*/
+struct smbcli_request *smbcli_transport_connect_send(struct smbcli_transport *transport,
+                                                     struct nbt_name *calling,
+                                                     struct nbt_name *called)
+{
+        uint8_t *p;
+        struct smbcli_request *req;
+        DATA_BLOB calling_blob, called_blob;
+        TALLOC_CTX *tmp_ctx = talloc_new(transport);
+        NTSTATUS status;
+        status = nbt_name_dup(transport, called, &transport->called);
+        if (!NT_STATUS_IS_OK(status)) goto failed;
+        status = nbt_name_to_blob(tmp_ctx, &calling_blob, calling);
+        if (!NT_STATUS_IS_OK(status)) goto failed;
+        status = nbt_name_to_blob(tmp_ctx, &called_blob, called);
+        if (!NT_STATUS_IS_OK(status)) goto failed;
+        /* allocate output buffer */
+        req = smbcli_request_setup_nonsmb(transport,
+                                          NBT_HDR_SIZE +
+                                          calling_blob.length + called_blob.length);
+        if (req == NULL) goto failed;
+        /* put in the destination name */
+        p = req->out.buffer + NBT_HDR_SIZE;
+        memcpy(p, called_blob.data, called_blob.length);
+        p += called_blob.length;
+        memcpy(p, calling_blob.data, calling_blob.length);
+        p += calling_blob.length;
+        _smb_setlen(req->out.buffer, PTR_DIFF(p, req->out.buffer) - NBT_HDR_SIZE);
+        SCVAL(req->out.buffer,0,0x81);
+        if (!smbcli_request_send(req)) {
+                smbcli_request_destroy(req);
+                goto failed;
+        }
+        talloc_free(tmp_ctx);
+        return req;
+failed:
+        talloc_free(tmp_ctx);
+        return NULL;
+}
+/*
+  map a session request error to a NTSTATUS
+ */
+static NTSTATUS map_session_refused_error(uint8_t error)
+{
+        switch (error) {
+        case 0x80:
+        case 0x81:
+                return NT_STATUS_REMOTE_NOT_LISTENING;
+        case 0x82:
+                return NT_STATUS_RESOURCE_NAME_NOT_FOUND;
+        case 0x83:
+                return NT_STATUS_REMOTE_RESOURCES;
+        }
+        return NT_STATUS_UNEXPECTED_IO_ERROR;
+}
+/*
+  finish a smbcli_transport_connect()
+*/
+NTSTATUS smbcli_transport_connect_recv(struct smbcli_request *req)
+{
+        NTSTATUS status;
+        if (!smbcli_request_receive(req)) {
+                smbcli_request_destroy(req);
+                return NT_STATUS_UNEXPECTED_NETWORK_ERROR;
+        }
+        switch (CVAL(req->in.buffer,0)) {
+        case 0x82:
+                status = NT_STATUS_OK;
+                break;
+        case 0x83:
+                status = map_session_refused_error(CVAL(req->in.buffer,4));
+                break;
+        case 0x84:
+                DEBUG(1,("Warning: session retarget not supported\n"));
+                status = NT_STATUS_NOT_SUPPORTED;
+                break;
+        default:
+                status = NT_STATUS_UNEXPECTED_IO_ERROR;
+                break;
+        }
+        smbcli_request_destroy(req);
+        return status;
+}
+/*
+  send a session request (if needed)
+*/
+bool smbcli_transport_connect(struct smbcli_transport *transport,
+                              struct nbt_name *calling,
+                              struct nbt_name *called)
+{
+        struct smbcli_request *req;
+        NTSTATUS status;
+        if (transport->socket->port == 445) {
+                return true;
+        }
+        req = smbcli_transport_connect_send(transport,
+                                            calling, called);
+        status = smbcli_transport_connect_recv(req);
+        return NT_STATUS_IS_OK(status);
+}
+/****************************************************************************
+get next mid in sequence
+****************************************************************************/
+uint16_t smbcli_transport_next_mid(struct smbcli_transport *transport)
+{
+        uint16_t mid;
+        struct smbcli_request *req;
+        mid = transport->next_mid;
+again:
+        /* now check to see if this mid is being used by one of the
+           pending requests. This is quite efficient because the list is
+           usually very short */
+        /* the zero mid is reserved for requests that don't have a mid */
+        if (mid == 0) mid = 1;
+        for (req=transport->pending_recv; req; req=req->next) {
+                if (req->mid == mid) {
+                        mid++;
+                        goto again;
+                }
+        }
+        transport->next_mid = mid+1;
+        return mid;
+        if (NT_STATUS_IS_OK(status)) {
+                status = NT_STATUS_LOCAL_DISCONNECT;
+        }
+        smbXcli_conn_disconnect(transport->conn, status);
+}
 …
         struct smbcli_transport *transport = talloc_get_type(private_data,
                                                              struct smbcli_transport);
+        struct timeval next = timeval_add(&t, 0, transport->idle.period);
+        transport->socket->event.te = event_add_timed(transport->socket->event.ctx,
+                                                      transport,
+                                                      next,
+                                                      idle_handler, transport);
+        struct timeval next;
         transport->idle.func(transport, transport->idle.private_data);
+        next = timeval_current_ofs_usec(transport->idle.period);
+        transport->idle.te = tevent_add_timer(transport->ev,
+                                              transport,
+                                              next,
+                                              idle_handler,
+                                              transport);
+}
 …
                                    void *private_data)
+{
+        TALLOC_FREE(transport->idle.te);
         transport->idle.func = idle_func;
         transport->idle.private_data = private_data;
         transport->idle.period = period;
+        if (transport->socket->event.te != NULL) {
+                talloc_free(transport->socket->event.te);
+        }
+        transport->socket->event.te = event_add_timed(transport->socket->event.ctx,
+                                                      transport,
+                                                      timeval_current_ofs(0, period),
+                                                      idle_handler, transport);
+}
+/*
+  we have a full request in our receive buffer - match it to a pending request
+  and process
+ */
+static NTSTATUS smbcli_transport_finish_recv(void *private_data, DATA_BLOB blob)
+{
+        struct smbcli_transport *transport = talloc_get_type(private_data,
+                                                             struct smbcli_transport);
+        uint8_t *buffer, *hdr, *vwv;
+        int len;
+        uint16_t wct=0, mid = 0, op = 0;
+        struct smbcli_request *req = NULL;
+        buffer = blob.data;
+        len = blob.length;
+        hdr = buffer+NBT_HDR_SIZE;
+        vwv = hdr + HDR_VWV;
+        /* see if it could be an oplock break request */
+        if (smbcli_handle_oplock_break(transport, len, hdr, vwv)) {
+                talloc_free(buffer);
+                return NT_STATUS_OK;
+        }
+        /* at this point we need to check for a readbraw reply, as
+           these can be any length */
+        if (transport->readbraw_pending) {
+                transport->readbraw_pending = 0;
+                /* it must match the first entry in the pending queue
+                   as the client is not allowed to have outstanding
+                   readbraw requests */
+                req = transport->pending_recv;
+                if (!req) goto error;
+                req->in.buffer = buffer;
+                talloc_steal(req, buffer);
+                req->in.size = len;
+                req->in.allocated = req->in.size;
+                goto async;
+        }
+        if (len >= MIN_SMB_SIZE) {
+                /* extract the mid for matching to pending requests */
+                mid = SVAL(hdr, HDR_MID);
+                wct = CVAL(hdr, HDR_WCT);
+                op  = CVAL(hdr, HDR_COM);
+        }
+        /* match the incoming request against the list of pending requests */
+        for (req=transport->pending_recv; req; req=req->next) {
+                if (req->mid == mid) break;
+        }
+        /* see if it's a ntcancel reply for the current MID */
+        req = smbcli_handle_ntcancel_reply(req, len, hdr);
+        if (!req) {
+                DEBUG(1,("Discarding unmatched reply with mid %d op %d\n", mid, op));
+                goto error;
+        }
+        /* fill in the 'in' portion of the matching request */
+        req->in.buffer = buffer;
+        talloc_steal(req, buffer);
+        req->in.size = len;
+        req->in.allocated = req->in.size;
+        /* handle NBT session replies */
+        if (req->in.size >= 4 && req->in.buffer[0] != 0) {
+                req->status = NT_STATUS_OK;
+                goto async;
+        }
+        /* handle non-SMB replies */
+        if (req->in.size < NBT_HDR_SIZE + MIN_SMB_SIZE) {
+                req->state = SMBCLI_REQUEST_ERROR;
+                goto error;
+        }
+        if (req->in.size < NBT_HDR_SIZE + MIN_SMB_SIZE + VWV(wct)) {
+                DEBUG(2,("bad reply size for mid %d\n", mid));
+                req->status = NT_STATUS_UNSUCCESSFUL;
+                req->state = SMBCLI_REQUEST_ERROR;
+                goto error;
+        }
+        req->in.hdr = hdr;
+        req->in.vwv = vwv;
+        req->in.wct = wct;
+        if (req->in.size >= NBT_HDR_SIZE + MIN_SMB_SIZE + VWV(wct)) {
+                req->in.data = req->in.vwv + VWV(wct) + 2;
+                req->in.data_size = SVAL(req->in.vwv, VWV(wct));
+                if (req->in.size < NBT_HDR_SIZE + MIN_SMB_SIZE + VWV(wct) + req->in.data_size) {
+                        DEBUG(3,("bad data size for mid %d\n", mid));
+                        /* blergh - w2k3 gives a bogus data size values in some
+                           openX replies */
+                        req->in.data_size = req->in.size - (NBT_HDR_SIZE + MIN_SMB_SIZE + VWV(wct));
+                }
+        }
+        req->in.ptr = req->in.data;
+        req->flags2 = SVAL(req->in.hdr, HDR_FLG2);
+        smb_setup_bufinfo(req);
+        if (!(req->flags2 & FLAGS2_32_BIT_ERROR_CODES)) {
+                int eclass = CVAL(req->in.hdr,HDR_RCLS);
+                int code = SVAL(req->in.hdr,HDR_ERR);
+                if (eclass == 0 && code == 0) {
+                        transport->error.e.nt_status = NT_STATUS_OK;
+                } else {
+                        transport->error.e.nt_status = NT_STATUS_DOS(eclass, code);
+                }
+        } else {
+                transport->error.e.nt_status = NT_STATUS(IVAL(req->in.hdr, HDR_RCLS));
+        }
+        req->status = transport->error.e.nt_status;
+        if (NT_STATUS_IS_OK(req->status)) {
+                transport->error.etype = ETYPE_NONE;
+        } else {
+                transport->error.etype = ETYPE_SMB;
+        }
+        if (!smbcli_request_check_sign_mac(req)) {
+                transport->error.etype = ETYPE_SOCKET;
+                transport->error.e.socket_error = SOCKET_READ_BAD_SIG;
+                req->state = SMBCLI_REQUEST_ERROR;
+                req->status = NT_STATUS_ACCESS_DENIED;
+                goto error;
+        };
+async:
+        /* if this request has an async handler then call that to
+           notify that the reply has been received. This might destroy
+           the request so it must happen last */
+        req->state = SMBCLI_REQUEST_DONE;
+        if (req->recv_helper.fn) {
+                /*
+                 * let the recv helper decide in
+                 * what state the request really is
+                 */
+                req->state = req->recv_helper.fn(req);
+                /* if more parts are needed, wait for them */
+                if (req->state <= SMBCLI_REQUEST_RECV) {
+                        return NT_STATUS_OK;
+                }
+        }
+        DLIST_REMOVE(transport->pending_recv, req);
+        if (req->async.fn) {
+                req->async.fn(req);
+        }
+        return NT_STATUS_OK;
+error:
+        if (req) {
+                DLIST_REMOVE(transport->pending_recv, req);
+                req->state = SMBCLI_REQUEST_ERROR;
+                if (req->async.fn) {
+                        req->async.fn(req);
+                }
+        } else {
+                talloc_free(buffer);
+        }
+        return NT_STATUS_OK;
+        transport->idle.te = tevent_add_timer(transport->ev,
+                                              transport,
+                                              timeval_current_ofs_usec(period),
+                                              idle_handler,
+                                              transport);
+}
 …
 _PUBLIC_ bool smbcli_transport_process(struct smbcli_transport *transport)
+{
+        NTSTATUS status;
+        size_t npending;
+        packet_queue_run(transport->packet);
+        if (transport->socket->sock == NULL) {
+        struct tevent_req *subreq = NULL;
+        int ret;
+        if (!smbXcli_conn_is_connected(transport->conn)) {
                 return false;
+        }
+        status = socket_pending(transport->socket->sock, &npending);
+        if (NT_STATUS_IS_OK(status) && npending > 0) {
+                packet_recv(transport->packet);
+        }
+        if (transport->socket->sock == NULL) {
+        if (!smbXcli_conn_has_async_calls(transport->conn)) {
+                return true;
+        }
+        /*
+         * do not block for more than 500 micro seconds
+         */
+        subreq = tevent_wakeup_send(transport,
+                                    transport->ev,
+                                    timeval_current_ofs_usec(500));
+        if (subreq == NULL) {
                 return false;
+        }
+        ret = tevent_loop_once(transport->ev);
+        if (ret != 0) {
+                return false;
+        }
+        TALLOC_FREE(subreq);
+        if (!smbXcli_conn_is_connected(transport->conn)) {
+                return false;
+        }
         return true;
+}
+/*
+  handle timeouts of individual smb requests
+*/
+static void smbcli_timeout_handler(struct tevent_context *ev, struct tevent_timer *te,
+                                   struct timeval t, void *private_data)
+{
+        struct smbcli_request *req = talloc_get_type(private_data, struct smbcli_request);
+        if (req->state == SMBCLI_REQUEST_RECV) {
+                DLIST_REMOVE(req->transport->pending_recv, req);
+        }
+        req->status = NT_STATUS_IO_TIMEOUT;
+        req->state = SMBCLI_REQUEST_ERROR;
+        if (req->async.fn) {
+                req->async.fn(req);
+        }
+}
+/*
+  destroy a request
+*/
+static int smbcli_request_destructor(struct smbcli_request *req)
+{
+        if (req->state == SMBCLI_REQUEST_RECV) {
+                DLIST_REMOVE(req->transport->pending_recv, req);
+        }
+        return 0;
+}
+static void smbcli_transport_break_handler(struct tevent_req *subreq);
+static void smbcli_request_done(struct tevent_req *subreq);
+struct tevent_req *smbcli_transport_setup_subreq(struct smbcli_request *req)
+{
+        struct smbcli_transport *transport = req->transport;
+        uint8_t smb_command;
+        uint8_t additional_flags;
+        uint8_t clear_flags;
+        uint16_t additional_flags2;
+        uint16_t clear_flags2;
+        uint32_t pid;
+        struct smbXcli_tcon *tcon = NULL;
+        struct smbXcli_session *session = NULL;
+        uint32_t timeout_msec = transport->options.request_timeout * 1000;
+        struct iovec *bytes_iov = NULL;
+        struct tevent_req *subreq = NULL;
+        smb_command = SVAL(req->out.hdr, HDR_COM);
+        additional_flags = CVAL(req->out.hdr, HDR_FLG);
+        additional_flags2 = SVAL(req->out.hdr, HDR_FLG2);
+        pid  = SVAL(req->out.hdr, HDR_PID);
+        pid |= SVAL(req->out.hdr, HDR_PIDHIGH)<<16;
+        clear_flags = ~additional_flags;
+        clear_flags2 = ~additional_flags2;
+        if (req->session) {
+                session = req->session->smbXcli;
+        }
+        if (req->tree) {
+                tcon = req->tree->smbXcli;
+        }
+        bytes_iov = talloc(req, struct iovec);
+        if (bytes_iov == NULL) {
+                return NULL;
+        }
+        bytes_iov->iov_base = (void *)req->out.data;
+        bytes_iov->iov_len = req->out.data_size;
+        subreq = smb1cli_req_create(req,
+                                    transport->ev,
+                                    transport->conn,
+                                    smb_command,
+                                    additional_flags,
+                                    clear_flags,
+                                    additional_flags2,
+                                    clear_flags2,
+                                    timeout_msec,
+                                    pid,
+                                    tcon,
+                                    session,
+                                    req->out.wct,
+                                    (uint16_t *)req->out.vwv,
+, bytes_iov);
+        if (subreq == NULL) {
+                return NULL;
+        }
+        ZERO_STRUCT(req->out);
+        return subreq;
+}
 /*
 …
 void smbcli_transport_send(struct smbcli_request *req)
+{
         DATA_BLOB blob;
+        struct smbcli_transport *transport = req->transport;
         NTSTATUS status;
+        /* check if the transport is dead */
+        if (req->transport->socket->sock == NULL) {
+        bool need_pending_break = false;
+        struct tevent_req *subreq = NULL;
+        size_t i;
+        size_t num_subreqs = 0;
+        if (transport->oplock.handler) {
+                need_pending_break = true;
+        }
+        if (transport->break_subreq) {
+                need_pending_break = false;
+        }
+        if (need_pending_break) {
+                subreq = smb1cli_req_create(transport,
+                                            transport->ev,
+                                            transport->conn,
+, /* smb_command */
+, /* additional_flags */
+, /* clear_flags */
+, /* additional_flags2 */
+, /* clear_flags2 */
+, /* timeout_msec */
+, /* pid */
+                                            NULL, /* tcon */
+                                            NULL, /* session */
+, /* wct */
+                                            NULL, /* vwv */
+, /* iov_count */
+                                            NULL); /* bytes_iov */
+                if (subreq != NULL) {
+                        smb1cli_req_set_mid(subreq, 0xFFFF);
+                        smbXcli_req_set_pending(subreq);
+                        tevent_req_set_callback(subreq,
+                                                smbcli_transport_break_handler,
+                                                transport);
+                        transport->break_subreq = subreq;
+                        subreq = NULL;
+                }
+        }
+        subreq = smbcli_transport_setup_subreq(req);
+        if (subreq == NULL) {
                 req->state = SMBCLI_REQUEST_ERROR;
                 req->status = NT_STATUS_NET_WRITE_FAULT;
+                req->status = NT_STATUS_NO_MEMORY;
                 return;
+        }
+        blob = data_blob_const(req->out.buffer, req->out.size);
+        status = packet_send(req->transport->packet, blob);
+        for (i = 0; i < ARRAY_SIZE(req->subreqs); i++) {
+                if (req->subreqs[i] == NULL) {
+                        req->subreqs[i] = subreq;
+                        subreq = NULL;
+                }
+                if (req->subreqs[i] == NULL) {
+                        break;
+                }
+                if (!tevent_req_is_in_progress(req->subreqs[i])) {
+                        req->state = SMBCLI_REQUEST_ERROR;
+                        req->status = NT_STATUS_INTERNAL_ERROR;
+                        return;
+                }
+        }
+        num_subreqs = i;
+        req->state = SMBCLI_REQUEST_RECV;
+        tevent_req_set_callback(req->subreqs[0], smbcli_request_done, req);
+        status = smb1cli_req_chain_submit(req->subreqs, num_subreqs);
         if (!NT_STATUS_IS_OK(status)) {
+                req->status = status;
                 req->state = SMBCLI_REQUEST_ERROR;
+                req->status = status;
+                smbXcli_conn_disconnect(transport->conn, status);
+        }
+}
+static void smbcli_request_done(struct tevent_req *subreq)
+{
+        struct smbcli_request *req =
+                tevent_req_callback_data(subreq,
+                struct smbcli_request);
+        struct smbcli_transport *transport = req->transport;
+        ssize_t len;
+        size_t i;
+        uint8_t *hdr = NULL;
+        uint8_t wct = 0;
+        uint16_t *vwv = NULL;
+        uint32_t num_bytes = 0;
+        uint8_t *bytes = NULL;
+        struct iovec *recv_iov = NULL;
+        uint8_t *inbuf = NULL;
+        req->status = smb1cli_req_recv(req->subreqs[0], req,
+                                       &recv_iov,
+                                       &hdr,
+                                       &wct,
+                                       &vwv,
+                                       NULL, /* pvwv_offset */
+                                       &num_bytes,
+                                       &bytes,
+                                       NULL, /* pbytes_offset */
+                                       &inbuf,
+                                       NULL, 0); /* expected */
+        TALLOC_FREE(req->subreqs[0]);
+        if (!NT_STATUS_IS_OK(req->status)) {
+                if (recv_iov == NULL) {
+                        req->state = SMBCLI_REQUEST_ERROR;
+                        transport->error.e.nt_status = req->status;
+                        transport->error.etype = ETYPE_SOCKET;
+                        if (req->async.fn) {
+                                req->async.fn(req);
+                        }
+                        return;
+                }
+        }
+        /*
+         * For SMBreadBraw hdr is NULL
+         */
+        len = recv_iov[0].iov_len;
+        for (i=1; hdr != NULL && i < 3; i++) {
+                uint8_t *p = recv_iov[i-1].iov_base;
+                uint8_t *c1 = recv_iov[i].iov_base;
+                uint8_t *c2 = p + recv_iov[i-1].iov_len;
+                len += recv_iov[i].iov_len;
+                c2 += i;
+                len += i;
+                if (recv_iov[i].iov_len == 0) {
+                        continue;
+                }
+                if (c1 != c2) {
+                        req->state = SMBCLI_REQUEST_ERROR;
+                        req->status = NT_STATUS_INTERNAL_ERROR;
+                        transport->error.e.nt_status = req->status;
+                        transport->error.etype = ETYPE_SMB;
+                        if (req->async.fn) {
+                                req->async.fn(req);
+                        }
+                        return;
+                }
+        }
+        /* fill in the 'in' portion of the matching request */
+        req->in.buffer = inbuf;
+        req->in.size = NBT_HDR_SIZE + len;
+        req->in.allocated = req->in.size;
+        req->in.hdr = hdr;
+        req->in.vwv = (uint8_t *)vwv;
+        req->in.wct = wct;
+        req->in.data = bytes;
+        req->in.data_size = num_bytes;
+        req->in.ptr = req->in.data;
+        if (hdr != NULL) {
+                req->flags2 = SVAL(req->in.hdr, HDR_FLG2);
+        }
+        smb_setup_bufinfo(req);
+        transport->error.e.nt_status = req->status;
+        if (NT_STATUS_IS_OK(req->status)) {
+                transport->error.etype = ETYPE_NONE;
+        } else {
+                transport->error.etype = ETYPE_SMB;
+        }
+        req->state = SMBCLI_REQUEST_DONE;
+        if (req->async.fn) {
+                req->async.fn(req);
+        }
+}
+static void smbcli_transport_break_handler(struct tevent_req *subreq)
+{
+        struct smbcli_transport *transport =
+                tevent_req_callback_data(subreq,
+                struct smbcli_transport);
+        NTSTATUS status;
+        struct iovec *recv_iov = NULL;
+        uint8_t *hdr = NULL;
+        uint16_t *vwv = NULL;
+        const struct smb1cli_req_expected_response expected[] = {
+        {
+                .status = NT_STATUS_OK,
+                .wct = 8,
+        }
+        };
+        uint16_t tid;
+        uint16_t fnum;
+        uint8_t level;
+        transport->break_subreq = NULL;
+        status = smb1cli_req_recv(subreq, transport,
+                                  &recv_iov,
+                                  &hdr,
+                                  NULL, /* pwct */
+                                  &vwv,
+                                  NULL, /* pvwv_offset */
+                                  NULL, /* pnum_bytes */
+                                  NULL, /* pbytes */
+                                  NULL, /* pbytes_offset */
+                                  NULL, /* pinbuf */
+                                  expected,
+                                  ARRAY_SIZE(expected));
+        TALLOC_FREE(subreq);
+        if (!NT_STATUS_IS_OK(status)) {
+                TALLOC_FREE(recv_iov);
+                smbcli_transport_dead(transport, status);
                 return;
+        }
+        packet_queue_run(req->transport->packet);
+        if (req->transport->socket->sock == NULL) {
+                req->state = SMBCLI_REQUEST_ERROR;
+                req->status = NT_STATUS_NET_WRITE_FAULT;
+                return;
+        }
+        if (req->one_way_request) {
+                req->state = SMBCLI_REQUEST_DONE;
+                smbcli_request_destroy(req);
+                return;
+        }
+        req->state = SMBCLI_REQUEST_RECV;
+        DLIST_ADD(req->transport->pending_recv, req);
+        /* add a timeout */
+        if (req->transport->options.request_timeout) {
+                event_add_timed(req->transport->socket->event.ctx, req,
+                                timeval_current_ofs(req->transport->options.request_timeout, 0),
+                                smbcli_timeout_handler, req);
+        }
+        talloc_set_destructor(req, smbcli_request_destructor);
+        /*
+         * Setup the subreq to handle the
+         * next incoming SMB2 Break.
+         */
+        subreq = smb1cli_req_create(transport,
+                                    transport->ev,
+                                    transport->conn,
+, /* smb_command */
+, /* additional_flags */
+, /* clear_flags */
+, /* additional_flags2 */
+, /* clear_flags2 */
+, /* timeout_msec */
+, /* pid */
+                                    NULL, /* tcon */
+                                    NULL, /* session */
+, /* wct */
+                                    NULL, /* vwv */
+, /* iov_count */
+                                    NULL); /* bytes_iov */
+        if (subreq != NULL) {
+                smb1cli_req_set_mid(subreq, 0xFFFF);
+                smbXcli_req_set_pending(subreq);
+                tevent_req_set_callback(subreq,
+                                        smbcli_transport_break_handler,
+                                        transport);
+                transport->break_subreq = subreq;
+        }
+        tid = SVAL(hdr, HDR_TID);
+        fnum = SVAL(vwv+2, 0);
+        level = CVAL(vwv+3, 1);
+        TALLOC_FREE(recv_iov);
+        if (transport->oplock.handler) {
+                transport->oplock.handler(transport, tid, fnum, level,
+                                          transport->oplock.private_data);
+        } else {
+                DEBUG(5,("Got SMB oplock break with no handler\n"));
+        }
+}

vendor/current/source4/libcli/raw/clitree.c

-              r740
+              r988
 #include "libcli/raw/raw_proto.h"
 #include "libcli/smb_composite/smb_composite.h"
+#include "../libcli/smb/smbXcli_base.h"
 #define SETUP_REQUEST_TREE(cmd, wct, buflen) do { \
 …
+        }
+        tree->smbXcli = smbXcli_tcon_create(tree);
+        if (tree->smbXcli == NULL) {
+                talloc_free(tree);
+                return NULL;
+        }
         return tree;
 …
                 ZERO_STRUCT(parms->tconx.out);
                 parms->tconx.out.tid = SVAL(req->in.hdr, HDR_TID);
+                if (req->in.wct >= 4) {
+                        parms->tconx.out.options = SVAL(req->in.vwv, VWV(3));
+                if (req->in.wct >= 3) {
+                        parms->tconx.out.options = SVAL(req->in.vwv, VWV(2));
+                }
+                if (req->in.wct >= 7) {
+                        parms->tconx.out.max_access = IVAL(req->in.vwv, VWV(3));
+                        parms->tconx.out.guest_max_access = IVAL(req->in.vwv, VWV(5));
+                }
 …
         if (!tree) return NT_STATUS_OK;
         req = smbcli_request_setup(tree, SMBtdis, 0, 0);
+        if (req == NULL) {
+                return NT_STATUS_NO_MEMORY;
+        }
         if (smbcli_request_send(req)) {

vendor/current/source4/libcli/raw/interfaces.h

-              r740
+              r988
 #define __LIBCLI_RAW_INTERFACES_H__
 #include "libcli/raw/smb.h"
+#include "source4/libcli/raw/smb.h"
 #include "../libcli/smb/smb_common.h"
 #include "librpc/gen_ndr/misc.h" /* for struct GUID */
+#include "librpc/gen_ndr/smb2_lease_struct.h"
 /* this structure is just a wrapper for a string, the only reason we
 …
 };
-/*
-  SMB2 lease structure (per MS-SMB2 2.2.13)
-*/
-struct smb2_lease_key {
-        uint64_t data[2];
-};
-struct smb2_lease {
-        struct smb2_lease_key lease_key;
-        uint32_t lease_state;
-        uint32_t lease_flags; /* should be 0 */
-        uint64_t lease_duration; /* should be 0 */
-};
 struct smb2_lease_break {
         struct smb2_lease current_lease;
+        uint16_t new_epoch; /* only for v2 leases */
         uint32_t break_flags;
         uint32_t new_lease_state;
 …
                 struct {
                         uint16_t options;
+                        uint32_t max_access;
+                        uint32_t guest_max_access;
                         char *dev_type;
                         char *fs_type;
 …
         RAW_SFILEINFO_UNIX_BASIC              = SMB_SFILEINFO_UNIX_BASIC,
         RAW_SFILEINFO_UNIX_INFO2              = SMB_SFILEINFO_UNIX_INFO2,
         RAW_SFILEINFO_UNIX_LINK               = SMB_SFILEINFO_UNIX_LINK,
         RAW_SFILEINFO_UNIX_HLINK              = SMB_SFILEINFO_UNIX_HLINK,
+        RAW_SFILEINFO_UNIX_LINK               = SMB_SET_FILE_UNIX_LINK,
+        RAW_SFILEINFO_UNIX_HLINK              = SMB_SET_FILE_UNIX_HLINK,
         RAW_SFILEINFO_BASIC_INFORMATION       = SMB_SFILEINFO_BASIC_INFORMATION,
         RAW_SFILEINFO_RENAME_INFORMATION      = SMB_SFILEINFO_RENAME_INFORMATION,
 …
         } unix_link, unix_hlink;
         /* RAW_FILEINFO_SET_SEC_DESC */
+        /* RAW_SFILEINFO_SEC_DESC */
         struct {
                 enum smb_setfileinfo_level level;
 …
                    RAW_QFS_QUOTA_INFORMATION              = SMB_QFS_QUOTA_INFORMATION,
                    RAW_QFS_FULL_SIZE_INFORMATION          = SMB_QFS_FULL_SIZE_INFORMATION,
+                   RAW_QFS_OBJECTID_INFORMATION           = SMB_QFS_OBJECTID_INFORMATION};
+                   RAW_QFS_OBJECTID_INFORMATION           = SMB_QFS_OBJECTID_INFORMATION,
+                   RAW_QFS_SECTOR_SIZE_INFORMATION        = SMB_QFS_SECTOR_SIZE_INFORMATION,
+};
 …
                 } out;
         } objectid_information;
+};
+        /* trans2 RAW_QFS_SECTOR_SIZE_INFORMATION interface */
+        struct {
+                enum smb_fsinfo_level level;
+                struct smb2_handle handle; /* only for smb2 */
+                struct {
+                        uint32_t logical_bytes_per_sector;
+                        uint32_t phys_bytes_per_sector_atomic;
+                        uint32_t phys_bytes_per_sector_perf;
+                        uint32_t fs_effective_phys_bytes_per_sector_atomic;
+                        uint32_t flags;
+                        uint32_t byte_off_sector_align;
+                        uint32_t byte_off_partition_align;
+                } out;
+        } sector_size_info;
+};
+enum smb_setfsinfo_level {
+                RAW_SETFS_UNIX_INFO                      = SMB_SET_CIFS_UNIX_INFO};
+union smb_setfsinfo {
+        /* generic interface */
+        struct {
+                enum smb_setfsinfo_level level;
+        } generic;
+        /* TRANS2 RAW_QFS_UNIX_INFO interface */
+        struct {
+                enum smb_setfsinfo_level level;
+                struct {
+                        uint16_t major_version;
+                        uint16_t minor_version;
+                        uint64_t capability;
+                } in;
+        } unix_info;
+};
 enum smb_open_level {
 …
                         bool   durable_open;
                         struct smb2_handle *durable_handle;
+                        /* data for durable handle v2 */
+                        bool durable_open_v2;
+                        struct GUID create_guid;
+                        bool persistent_open;
+                        uint32_t timeout;
+                        struct smb2_handle *durable_handle_v2;
                         bool   query_maximal_access;
                         NTTIME timewarp;
                         bool   query_on_disk_id;
                         struct smb2_lease *lease_request;
+                        struct smb2_lease *lease_request_v2;
+                        struct GUID *app_instance_id;
                         /* and any additional blobs the caller wants */
                         struct smb2_create_blobs blobs;
 …
                         uint8_t on_disk_id[32];
                         struct smb2_lease lease_response;
+                        struct smb2_lease lease_response_v2;
+                        bool durable_open;
+                        /* durable handle v2 */
+                        bool durable_open_v2;
+                        bool persistent_open;
+                        uint32_t timeout;
                         /* tagged blobs in the reply */
 …
                         uint16_t compaction_mode;
                         uint32_t nread;
+                        uint16_t flags2;
+                        uint16_t data_offset;
                 } out;
         } readx, generic;
 …
                 uint32_t  ea_size;
                 uint64_t file_id;
+                uint8_t short_name_buf[24];
                 struct smb_wire_string short_name;
                 struct smb_wire_string name;

vendor/current/source4/libcli/raw/libcliraw.h

-              r740
+              r988
 #define __LIBCLI_RAW_H__
+#include "../libcli/smb/smb_common.h"
 #include "libcli/raw/request.h"
 #include "librpc/gen_ndr/nbt.h"
+#include "libcli/raw/interfaces.h"
 struct smbcli_tree;  /* forward declare */
 …
         uint8_t sec_mode;               /* security mode returned by negprot */
-        uint8_t key_len;
-        DATA_BLOB server_guid;      /* server_guid */
         DATA_BLOB secblob;      /* cryptkey or negTokenInit blob */
         uint32_t sesskey;
-        struct smb_signing_context sign_info;
         /* capabilities that the server reported */
 …
         int server_zone;
         time_t server_time;
         unsigned int readbraw_supported:1;
         unsigned int writebraw_supported:1;
         unsigned int lockread_supported:1;
-        char *server_domain;
 };
 …
         unsigned int unicode:1;
         unsigned int ntstatus_support:1;
+        int min_protocol;
         int max_protocol;
         uint32_t max_xmit;
         uint16_t max_mux;
         int request_timeout;
+        enum smb_signing_state signing;
+        enum smb_signing_setting signing;
+        uint32_t smb2_capabilities;
+        struct GUID client_guid;
 };
 /* this is the context for the client transport layer */
 struct smbcli_transport {
+        /* socket level info */
+        struct smbcli_socket *socket;
+        /* the next mid to be allocated - needed for signing and
+           request matching */
+        uint16_t next_mid;
+        struct tevent_context *ev; /* TODO: remove this !!! */
+        struct smbXcli_conn *conn;
         /* negotiated protocol information */
         struct smbcli_negotiate negotiate;
 …
         struct smbcli_options options;
-        /* is a readbraw pending? we need to handle that case
-           specially on receiving packets */
-        unsigned int readbraw_pending:1;
         /* an idle function - if this is defined then it will be
            called once every period microseconds while we are waiting
 …
                 void *private_data;
                 unsigned int period;
+                struct tevent_timer *te;
         } idle;
 …
                 void *private_data;
         } oplock;
+        /* a list of async requests that are pending for receive on this connection */
+        struct smbcli_request *pending_recv;
+        /* remember the called name - some sub-protocols require us to
+           know the server name */
+        struct nbt_name called;
+        /* context of the stream -> packet parser */
+        struct packet_context *packet;
+        struct tevent_req *break_subreq;
 };
 …
         /* after a session setup the server provides us with
            a vuid identifying the security context */
+        struct smbXcli_session *smbXcli;
         uint16_t vuid;
 …
            the user to control these for torture testing */
         uint16_t flags2;
-        DATA_BLOB user_session_key;
         /* the spnego context if we use extented security */
 …
         struct smbcli_session *session;
+        struct smbXcli_tcon *smbXcli;
         uint16_t tid;                   /* tree id, aka cnum */
         char *device;
 …
  * This will allow requests to be multi-threaded. */
 struct smbcli_request {
         /* allow a request to be part of a list of requests */
         struct smbcli_request *next, *prev;
+        /* smbXcli_req */
+        struct tevent_req *subreqs[2];
         /* each request is in one of 4 possible states */
 …
         struct smbcli_tree *tree;
-        /* a receive helper, smbcli_transport_finish_recv will not call
-           req->async.fn callback handler unless the recv_helper returns
-           a value > SMBCLI_REQUEST_RECV. */
-        struct {
-                enum smbcli_request_state (*fn)(struct smbcli_request *);
-                void *private_data;
-        } recv_helper;
         /* the flags2 from the SMB request, in raw form (host byte
            order). Used to parse strings */
 …
            or code detecting error. */
         NTSTATUS status;
-        /* the sequence number of this packet - used for signing */
-        unsigned int seq_num;
-        /* list of ntcancel request for this requests */
-        struct smbcli_request *ntcancel;
-        /* set if this is a one-way request, meaning we are not
-           expecting a reply from the server. */
-        unsigned int one_way_request:1;
-        /* set this when the request should only increment the signing
-           counter by one */
-        unsigned int sign_single_increment:1;
         /* the caller wants to do the signing check */
 …
         bool do_not_free;
-        /* the mid of this packet - used to match replies */
-        uint16_t mid;
         struct smb_request_buffer in;
         struct smb_request_buffer out;
+        struct smb_trans2 trans2;
+        struct smb_nttrans nttrans;
         /* information on what to do with a reply when it is received
 …
       goto failed; \
+}
-#include "libcli/raw/interfaces.h"
 NTSTATUS smb_raw_read_recv(struct smbcli_request *req, union smb_read *parms);
 …
 NTSTATUS smbcli_request_destroy(struct smbcli_request *req);
 struct smbcli_request *smb_raw_write_send(struct smbcli_tree *tree, union smb_write *parms);
+NTSTATUS smb_raw_write_recv(struct smbcli_request *req, union smb_write *parms);
 struct smbcli_request *smb_raw_close_send(struct smbcli_tree *tree, union smb_close *parms);
 NTSTATUS smb_raw_open_recv(struct smbcli_request *req, TALLOC_CTX *mem_ctx, union smb_open *parms);
 …
 const char *smbcli_errstr(struct smbcli_tree *tree);
 NTSTATUS smb_raw_fsinfo(struct smbcli_tree *tree, TALLOC_CTX *mem_ctx, union smb_fsinfo *fsinfo);
+NTSTATUS smb_raw_setfsinfo(struct smbcli_tree *tree, TALLOC_CTX *mem_ctx, union smb_setfsinfo *set_fsinfo);
 NTSTATUS smb_raw_pathinfo(struct smbcli_tree *tree, TALLOC_CTX *mem_ctx, union smb_fileinfo *parms);
 NTSTATUS smb_raw_shadow_data(struct smbcli_tree *tree, TALLOC_CTX *mem_ctx, struct smb_shadow_copy *info);
 …
                        struct smb_trans2 *parms);
-struct smbcli_socket *smbcli_sock_connect_byname(const char *host, const char **ports,
-                                                 TALLOC_CTX *mem_ctx,
-                                                 struct resolve_context *resolve_ctx,
-                                                 struct tevent_context *event_ctx,
-                                                 const char *socket_options);
-void smbcli_sock_dead(struct smbcli_socket *sock);
 #endif /* __LIBCLI_RAW__H__ */

vendor/current/source4/libcli/raw/raweas.c

-              r740
+              r988
+                }
+                if (ofs + next_ofs < ofs) {
+                        return NT_STATUS_INVALID_PARAMETER;
+                }
                 ofs += next_ofs;
+                if (ofs+4 > blob->length) {
+                if (ofs+4 > blob->length || ofs+4 < ofs) {
                         return NT_STATUS_INVALID_PARAMETER;
+                }

vendor/current/source4/libcli/raw/rawfile.c

-              r740
+              r988
         if (!req) return NULL; \
 } while (0)
-/**
- Return a string representing a CIFS attribute for a file.
-**/
-char *attrib_string(TALLOC_CTX *mem_ctx, uint32_t attrib)
+{
-        int i, len;
-        const struct {
-                char c;
-                uint16_t attr;
-        } attr_strs[] = {
-                {'V', FILE_ATTRIBUTE_VOLUME},
-                {'D', FILE_ATTRIBUTE_DIRECTORY},
-                {'A', FILE_ATTRIBUTE_ARCHIVE},
-                {'H', FILE_ATTRIBUTE_HIDDEN},
-                {'S', FILE_ATTRIBUTE_SYSTEM},
-                {'N', FILE_ATTRIBUTE_NORMAL},
-                {'R', FILE_ATTRIBUTE_READONLY},
-                {'d', FILE_ATTRIBUTE_DEVICE},
-                {'t', FILE_ATTRIBUTE_TEMPORARY},
-                {'s', FILE_ATTRIBUTE_SPARSE},
-                {'r', FILE_ATTRIBUTE_REPARSE_POINT},
-                {'c', FILE_ATTRIBUTE_COMPRESSED},
-                {'o', FILE_ATTRIBUTE_OFFLINE},
-                {'n', FILE_ATTRIBUTE_NONINDEXED},
-                {'e', FILE_ATTRIBUTE_ENCRYPTED}
-        };
-        char *ret;
-        ret = talloc_array(mem_ctx, char, ARRAY_SIZE(attr_strs)+1);
-        if (!ret) {
-                return NULL;
+        }
-        for (len=i=0; i<ARRAY_SIZE(attr_strs); i++) {
-                if (attrib & attr_strs[i].attr) {
-                        ret[len++] = attr_strs[i].c;
+                }
+        }
-        ret[len] = 0;
-        talloc_set_name_const(ret, ret);
-        return ret;
+}
 /****************************************************************************
 …
+        }
         case RAW_LOCK_SMB2:
+        case RAW_LOCK_SMB2_BREAK:
                 return NULL;
+        }
 …
         struct smbcli_request *req;
         SETUP_REQUEST(SMBchkpth, 0, 0);
+        SETUP_REQUEST(SMBcheckpath, 0, 0);
         smbcli_req_append_ascii4(req, parms->chkpath.in.path, STR_TERMINATE);

vendor/current/source4/libcli/raw/rawfileinfo.c

-              r740
+              r988
                 bool ret;
                 void *vstr;
+                size_t converted_size = 0;
                 io->streams =
                         talloc_realloc(mem_ctx, io->streams, struct stream_struct, n+1);
 …
                 ret = convert_string_talloc(io->streams,
                                              CH_UTF16, CH_UNIX,
                                              blob.data+ofs+24, nlen, &vstr, NULL, false);
+                                             blob.data+ofs+24, nlen, &vstr, &converted_size);
                 if (!ret) {
                         return NT_STATUS_ILLEGAL_CHARACTER;

vendor/current/source4/libcli/raw/rawfsinfo.c

-              r740
+              r988
         req = smbcli_request_setup(tree, SMBdskattr, 0, 0);
+        if (req == NULL) {
+                return NULL;
+        }
         if (!smbcli_request_send(req)) {
 …
+                }
                 break;
+        case RAW_QFS_SECTOR_SIZE_INFORMATION:
+                QFS_CHECK_SIZE(28);
+                fsinfo->sector_size_info.out.logical_bytes_per_sector
+                                                        = IVAL(blob.data,  0);
+                fsinfo->sector_size_info.out.phys_bytes_per_sector_atomic
+                                                        = IVAL(blob.data,  4);
+                fsinfo->sector_size_info.out.phys_bytes_per_sector_perf
+                                                        = IVAL(blob.data,  8);
+                fsinfo->sector_size_info.out.fs_effective_phys_bytes_per_sector_atomic
+                                                        = IVAL(blob.data, 12);
+                fsinfo->sector_size_info.out.flags      = IVAL(blob.data, 16);
+                fsinfo->sector_size_info.out.byte_off_sector_align
+                                                        = IVAL(blob.data, 20);
+                fsinfo->sector_size_info.out.byte_off_partition_align
+                                                        = IVAL(blob.data, 24);
+                break;
+        }
 …
                 return smb_raw_fsinfo_passthru_parse(blob, mem_ctx,
                                                      RAW_QFS_OBJECTID_INFORMATION, fsinfo);
+        case RAW_QFS_SECTOR_SIZE_INFORMATION:
+                return smb_raw_fsinfo_passthru_parse(blob, mem_ctx,
+                                RAW_QFS_SECTOR_SIZE_INFORMATION, fsinfo);
+        }
 …
         return smb_raw_fsinfo_recv(req, mem_ctx, fsinfo);
+}
+/****************************************************************************
+ Set FSInfo raw interface (async recv)
+****************************************************************************/
+static NTSTATUS smb_raw_setfsinfo_recv(struct smbcli_request *req,
+                             TALLOC_CTX *mem_ctx,
+                             union smb_setfsinfo *set_fsinfo)
+{
+        DATA_BLOB blob = data_blob_null;
+        NTSTATUS status;
+        if (set_fsinfo->generic.level != RAW_SETFS_UNIX_INFO) {
+                return NT_STATUS_INVALID_PARAMETER;
+        }
+        status = smb_raw_qfsinfo_blob_recv(req, mem_ctx, &blob);
+        data_blob_free(&blob);
+        return status;
+}
+/****************************************************************************
+ Set FSInfo raw interface (async send)
+****************************************************************************/
+static struct smbcli_request *smb_raw_setfsinfo_send(struct smbcli_tree *tree,
+                                                TALLOC_CTX *mem_ctx,
+                                                union smb_setfsinfo *set_fsinfo)
+{
+        struct smb_trans2 tp;
+        uint16_t info_level;
+        uint16_t setup = TRANSACT2_SETFSINFO;
+        if (set_fsinfo->generic.level != RAW_SETFS_UNIX_INFO) {
+                return NULL;
+        }
+        tp.in.max_setup = 0;
+        tp.in.flags = 0;
+        tp.in.timeout = 0;
+        tp.in.setup_count = 1;
+        tp.in.max_param = 0;
+        tp.in.max_data = 0xFFFF;
+        tp.in.setup = &setup;
+        tp.in.timeout = 0;
+        tp.in.params = data_blob_talloc(mem_ctx, NULL, 4);
+        if (!tp.in.params.data) {
+                return NULL;
+        }
+        info_level = (uint16_t)set_fsinfo->generic.level;
+        SSVAL(tp.in.params.data, 0, 0);
+        SSVAL(tp.in.params.data, 2, info_level);
+        tp.in.data = data_blob_talloc(mem_ctx, NULL, 12);
+        if (!tp.in.data.data) {
+                return NULL;
+        }
+        SSVAL(tp.in.data.data, 0, set_fsinfo->unix_info.in.major_version);
+        SSVAL(tp.in.data.data, 2, set_fsinfo->unix_info.in.minor_version);
+        SBVAL(tp.in.data.data, 4, set_fsinfo->unix_info.in.capability);
+        return smb_raw_trans2_send(tree, &tp);
+}
+/****************************************************************************
+ Set FSInfo raw interface (sync interface)
+****************************************************************************/
+_PUBLIC_ NTSTATUS smb_raw_setfsinfo(struct smbcli_tree *tree,
+                        TALLOC_CTX *mem_ctx,
+                        union smb_setfsinfo *set_fsinfo)
+{
+        struct smbcli_request *req = smb_raw_setfsinfo_send(tree, mem_ctx, set_fsinfo);
+        return smb_raw_setfsinfo_recv(req, mem_ctx, set_fsinfo);
+}

vendor/current/source4/libcli/raw/rawnegotiate.c

-              r740
+              r988
 #include "includes.h"
+#include <tevent.h>
+#include "system/time.h"
 #include "libcli/raw/libcliraw.h"
 #include "libcli/raw/raw_proto.h"
+#include "system/time.h"
+#include "../libcli/smb/smbXcli_base.h"
+#include "../lib/util/tevent_ntstatus.h"
+static const struct {
+        enum protocol_types prot;
+        const char *name;
+} prots[] = {
+        {PROTOCOL_CORE,"PC NETWORK PROGRAM 1.0"},
+        {PROTOCOL_COREPLUS,"MICROSOFT NETWORKS 1.03"},
+        {PROTOCOL_LANMAN1,"MICROSOFT NETWORKS 3.0"},
+        {PROTOCOL_LANMAN1,"LANMAN1.0"},
+        {PROTOCOL_LANMAN1,"Windows for Workgroups 3.1a"},
+        {PROTOCOL_LANMAN2,"LM1.2X002"},
+        {PROTOCOL_LANMAN2,"DOS LANMAN2.1"},
+        {PROTOCOL_LANMAN2,"LANMAN2.1"},
+        {PROTOCOL_LANMAN2,"Samba"},
+        {PROTOCOL_NT1,"NT LANMAN 1.0"},
+        {PROTOCOL_NT1,"NT LM 0.12"},
+#if 0
+        /* we don't yet handle chaining a SMB transport onto SMB2 */
+        {PROTOCOL_SMB2,"SMB 2.002"},
+#endif
+struct smb_raw_negotiate_state {
+        struct smbcli_transport *transport;
 };
+/*
+  Send a negprot command.
+*/
+struct smbcli_request *smb_raw_negotiate_send(struct smbcli_transport *transport,
+                                              bool unicode,
+                                              int maxprotocol)
+static void smb_raw_negotiate_done(struct tevent_req *subreq);
+struct tevent_req *smb_raw_negotiate_send(TALLOC_CTX *mem_ctx,
+                                          struct tevent_context *ev,
+                                          struct smbcli_transport *transport,
+                                          int minprotocol,
+                                          int maxprotocol)
+{
+        struct smbcli_request *req;
+        int i;
+        uint16_t flags2 = 0;
+        struct tevent_req *req;
+        struct smb_raw_negotiate_state *state;
+        struct tevent_req *subreq;
+        uint32_t timeout_msec = transport->options.request_timeout * 1000;
+        req = smbcli_request_setup_transport(transport, SMBnegprot, 0, 0);
+        if (!req) {
+        req = tevent_req_create(mem_ctx, &state,
+                                struct smb_raw_negotiate_state);;
+        if (req == NULL) {
                 return NULL;
+        }
+        state->transport = transport;
+        flags2 |= FLAGS2_32_BIT_ERROR_CODES;
+        if (unicode) {
+                flags2 |= FLAGS2_UNICODE_STRINGS;
+        }
+        flags2 |= FLAGS2_EXTENDED_ATTRIBUTES;
+        flags2 |= FLAGS2_LONG_PATH_COMPONENTS;
+        flags2 |= FLAGS2_IS_LONG_NAME;
+        if (transport->options.use_spnego) {
+                flags2 |= FLAGS2_EXTENDED_SECURITY;
+        if (maxprotocol > PROTOCOL_NT1) {
+                maxprotocol = PROTOCOL_NT1;
+        }
+        SSVAL(req->out.hdr,HDR_FLG2, flags2);
+        subreq = smbXcli_negprot_send(state, ev,
+                                      transport->conn,
+                                      timeout_msec,
+                                      minprotocol,
+                                      maxprotocol);
+        if (tevent_req_nomem(subreq, req)) {
+                return tevent_req_post(req, ev);
+        }
+        tevent_req_set_callback(subreq, smb_raw_negotiate_done, req);
+        /* setup the protocol strings */
+        for (i=0; i < ARRAY_SIZE(prots) && prots[i].prot <= maxprotocol; i++) {
+                smbcli_req_append_bytes(req, (const uint8_t *)"\2", 1);
+                smbcli_req_append_string(req, prots[i].name, STR_TERMINATE | STR_ASCII);
+        return req;
+}
+static void smb_raw_negotiate_done(struct tevent_req *subreq)
+{
+        struct tevent_req *req =
+                tevent_req_callback_data(subreq,
+                struct tevent_req);
+        struct smb_raw_negotiate_state *state =
+                tevent_req_data(req,
+                struct smb_raw_negotiate_state);
+        struct smbcli_negotiate *n = &state->transport->negotiate;
+        struct smbXcli_conn *c = state->transport->conn;
+        NTSTATUS status;
+        NTTIME ntt;
+        status = smbXcli_negprot_recv(subreq);
+        TALLOC_FREE(subreq);
+        if (tevent_req_nterror(req, status)) {
+                return;
+        }
+        if (!smbcli_request_send(req)) {
+                smbcli_request_destroy(req);
+                return NULL;
+        n->protocol = smbXcli_conn_protocol(c);
+        n->sec_mode = smb1cli_conn_server_security_mode(c);
+        n->max_mux  = smbXcli_conn_max_requests(c);
+        n->max_xmit = smb1cli_conn_max_xmit(c);
+        n->sesskey  = smb1cli_conn_server_session_key(c);
+        n->capabilities = smb1cli_conn_capabilities(c);;
+        /* this time arrives in real GMT */
+        ntt = smbXcli_conn_server_system_time(c);
+        n->server_time = nt_time_to_unix(ntt);
+        n->server_zone = smb1cli_conn_server_time_zone(c);
+        if (n->capabilities & CAP_EXTENDED_SECURITY) {
+                const DATA_BLOB *b = smbXcli_conn_server_gss_blob(c);
+                if (b) {
+                        n->secblob = *b;
+                }
+        } else {
+                const uint8_t *p = smb1cli_conn_server_challenge(c);
+                if (p) {
+                        n->secblob = data_blob_const(p, 8);
+                }
+        }
+        return req;
+        n->readbraw_supported = smb1cli_conn_server_readbraw(c);
+        n->readbraw_supported = smb1cli_conn_server_writebraw(c);
+        n->lockread_supported = smb1cli_conn_server_lockread(c);
+        tevent_req_done(req);
+}
 …
  Send a negprot command.
 */
 NTSTATUS smb_raw_negotiate_recv(struct smbcli_request *req)
+NTSTATUS smb_raw_negotiate_recv(struct tevent_req *req)
+{
+        struct smbcli_transport *transport = req->transport;
+        int protocol;
+        if (!smbcli_request_receive(req) ||
+            smbcli_request_is_error(req)) {
+                return smbcli_request_destroy(req);
+        }
+        SMBCLI_CHECK_MIN_WCT(req, 1);
+        protocol = SVALS(req->in.vwv, VWV(0));
+        if (protocol >= ARRAY_SIZE(prots) || protocol < 0) {
+                req->status = NT_STATUS_UNSUCCESSFUL;
+                return smbcli_request_destroy(req);
+        }
+        transport->negotiate.protocol = prots[protocol].prot;
+        if (transport->negotiate.protocol >= PROTOCOL_NT1) {
+                NTTIME ntt;
+                /* NT protocol */
+                SMBCLI_CHECK_WCT(req, 17);
+                transport->negotiate.sec_mode = CVAL(req->in.vwv,VWV(1));
+                transport->negotiate.max_mux  = SVAL(req->in.vwv,VWV(1)+1);
+                transport->negotiate.max_xmit = IVAL(req->in.vwv,VWV(3)+1);
+                transport->negotiate.sesskey  = IVAL(req->in.vwv,VWV(7)+1);
+                transport->negotiate.capabilities = IVAL(req->in.vwv,VWV(9)+1);
+                /* this time arrives in real GMT */
+                ntt = smbcli_pull_nttime(req->in.vwv, VWV(11)+1);
+                transport->negotiate.server_time = nt_time_to_unix(ntt);
+                transport->negotiate.server_zone = SVALS(req->in.vwv,VWV(15)+1) * 60;
+                transport->negotiate.key_len = CVAL(req->in.vwv,VWV(16)+1);
+                if (transport->negotiate.capabilities & CAP_EXTENDED_SECURITY) {
+                        if (req->in.data_size < 16) {
+                                goto failed;
+                        }
+                        transport->negotiate.server_guid = smbcli_req_pull_blob(&req->in.bufinfo, transport, req->in.data, 16);
+                        transport->negotiate.secblob = smbcli_req_pull_blob(&req->in.bufinfo, transport, req->in.data + 16, req->in.data_size - 16);
+                } else {
+                        if (req->in.data_size < (transport->negotiate.key_len)) {
+                                goto failed;
+                        }
+                        transport->negotiate.secblob = smbcli_req_pull_blob(&req->in.bufinfo, transport, req->in.data, transport->negotiate.key_len);
+                        smbcli_req_pull_string(&req->in.bufinfo, transport, &transport->negotiate.server_domain,
+                                            req->in.data+transport->negotiate.key_len,
+                                            req->in.data_size-transport->negotiate.key_len, STR_UNICODE|STR_NOALIGN);
+                        /* here comes the server name */
+                }
+                if (transport->negotiate.capabilities & CAP_RAW_MODE) {
+                        transport->negotiate.readbraw_supported = true;
+                        transport->negotiate.writebraw_supported = true;
+                }
+                if (transport->negotiate.capabilities & CAP_LOCK_AND_READ)
+                        transport->negotiate.lockread_supported = true;
+        } else if (transport->negotiate.protocol >= PROTOCOL_LANMAN1) {
+                SMBCLI_CHECK_WCT(req, 13);
+                transport->negotiate.sec_mode = SVAL(req->in.vwv,VWV(1));
+                transport->negotiate.max_xmit = SVAL(req->in.vwv,VWV(2));
+                transport->negotiate.sesskey =  IVAL(req->in.vwv,VWV(6));
+                transport->negotiate.server_zone = SVALS(req->in.vwv,VWV(10)) * 60;
+                /* this time is converted to GMT by raw_pull_dos_date */
+                transport->negotiate.server_time = raw_pull_dos_date(transport,
+                                                                     req->in.vwv+VWV(8));
+                if ((SVAL(req->in.vwv,VWV(5)) & 0x1)) {
+                        transport->negotiate.readbraw_supported = 1;
+                }
+                if ((SVAL(req->in.vwv,VWV(5)) & 0x2)) {
+                        transport->negotiate.writebraw_supported = 1;
+                }
+                transport->negotiate.secblob = smbcli_req_pull_blob(&req->in.bufinfo, transport,
+                                                                 req->in.data, req->in.data_size);
+        } else {
+                /* the old core protocol */
+                transport->negotiate.sec_mode = 0;
+                transport->negotiate.server_time = time(NULL);
+                transport->negotiate.max_xmit = transport->options.max_xmit;
+                transport->negotiate.server_zone = get_time_zone(transport->negotiate.server_time);
+        }
+        /* a way to force ascii SMB */
+        if (!transport->options.unicode) {
+                transport->negotiate.capabilities &= ~CAP_UNICODE;
+        }
+        if (!transport->options.ntstatus_support) {
+                transport->negotiate.capabilities &= ~CAP_STATUS32;
+        }
+        if (!transport->options.use_level2_oplocks) {
+                transport->negotiate.capabilities &= ~CAP_LEVEL_II_OPLOCKS;
+        }
+failed:
+        return smbcli_request_destroy(req);
+        return tevent_req_simple_recv_ntstatus(req);
+}
 …
  Send a negprot command (sync interface)
 */
+NTSTATUS smb_raw_negotiate(struct smbcli_transport *transport, bool unicode, int maxprotocol)
+NTSTATUS smb_raw_negotiate(struct smbcli_transport *transport, bool unicode,
+                           int minprotocol, int maxprotocol)
+{
+        struct smbcli_request *req = smb_raw_negotiate_send(transport, unicode, maxprotocol);
+        return smb_raw_negotiate_recv(req);
+        NTSTATUS status = NT_STATUS_INTERNAL_ERROR;
+        struct tevent_req *subreq = NULL;
+        bool ok;
+        subreq = smb_raw_negotiate_send(transport,
+                                        transport->ev,
+                                        transport,
+                                        minprotocol,
+                                        maxprotocol);
+        if (subreq == NULL) {
+                return NT_STATUS_NO_MEMORY;
+        }
+        ok = tevent_req_poll(subreq, transport->ev);
+        if (!ok) {
+                status = map_nt_error_from_unix_common(errno);
+                goto failed;
+        }
+        status = smb_raw_negotiate_recv(subreq);
+failed:
+        TALLOC_FREE(subreq);
+        return status;
+}

vendor/current/source4/libcli/raw/rawnotify.c

-              r740
+              r988
 #include "includes.h"
+#include <tevent.h>
 #include "libcli/raw/libcliraw.h"
 #include "libcli/raw/raw_proto.h"
-#include "../lib/util/dlinklist.h"
 /****************************************************************************
 …
 /****************************************************************************
-  handle ntcancel replies from the server,
-  as the MID of the real reply and the ntcancel reply is the same
-  we need to do find out to what request the reply belongs
-****************************************************************************/
-struct smbcli_request *smbcli_handle_ntcancel_reply(struct smbcli_request *req,
-                                                    size_t len, const uint8_t *hdr)
+{
-        struct smbcli_request *ntcancel;
-        if (!req) return req;
-        if (!req->ntcancel) return req;
-        if (len >= MIN_SMB_SIZE + NBT_HDR_SIZE &&
-            (CVAL(hdr, HDR_FLG) & FLAG_REPLY) &&
-             CVAL(hdr,HDR_COM) == SMBntcancel) {
-                ntcancel = req->ntcancel;
-                DLIST_REMOVE(req->ntcancel, ntcancel);
-                /*
-                 * TODO: untill we understand how the
-                 *       smb_signing works for this case we
-                 *       return NULL, to just ignore the packet
-                 */
-                /*return ntcancel;*/
-                return NULL;
+        }
-        return req;
+}
-/****************************************************************************
  Send a NT Cancel request - used to hurry along a pending request. Usually
  used to cancel a pending change notify request
 …
 NTSTATUS smb_raw_ntcancel(struct smbcli_request *oldreq)
+{
         struct smbcli_request *req;
+        bool ok;
+        req = smbcli_request_setup_transport(oldreq->transport, SMBntcancel, 0, 0);
+        if (oldreq->subreqs[0] == NULL) {
+                return NT_STATUS_OK;
+        }
+        SSVAL(req->out.hdr, HDR_MID, SVAL(oldreq->out.hdr, HDR_MID));
+        SSVAL(req->out.hdr, HDR_PID, SVAL(oldreq->out.hdr, HDR_PID));
+        SSVAL(req->out.hdr, HDR_TID, SVAL(oldreq->out.hdr, HDR_TID));
+        SSVAL(req->out.hdr, HDR_UID, SVAL(oldreq->out.hdr, HDR_UID));
+        /* this request does not expect a reply, so tell the signing
+           subsystem not to allocate an id for a reply */
+        req->sign_single_increment = 1;
+        req->one_way_request = 1;
+        /*
+         * smbcli_request_send() free's oneway requests
+         * but we want to keep it under oldreq->ntcancel
+         */
+        req->do_not_free = true;
+        talloc_steal(oldreq, req);
+        smbcli_request_send(req);
+        DLIST_ADD_END(oldreq->ntcancel, req, struct smbcli_request *);
+        ok = tevent_req_cancel(oldreq->subreqs[0]);
+        if (!ok) {
+                return NT_STATUS_INTERNAL_ERROR;
+        }
         return NT_STATUS_OK;

vendor/current/source4/libcli/raw/rawreadwrite.c

-              r414
+              r988
+        }
-        /* the transport layer needs to know that a readbraw is pending
-           and handle receives a little differently */
-        if (parms->generic.level == RAW_READ_READBRAW) {
-                tree->session->transport->readbraw_pending = 1;
+        }
         return req;
+}
 …
                 parms->readx.out.compaction_mode = SVAL(req->in.vwv, VWV(3));
                 parms->readx.out.nread = SVAL(req->in.vwv, VWV(5));
+                parms->readx.out.flags2 = req->flags2;
+                parms->readx.out.data_offset = SVAL(req->in.vwv, VWV(6));
                 /* handle oversize replies for non-chained readx replies with
 …
  raw write interface (async recv)
 ****************************************************************************/
 NTSTATUS smb_raw_write_recv(struct smbcli_request *req, union smb_write *parms)
+_PUBLIC_ NTSTATUS smb_raw_write_recv(struct smbcli_request *req, union smb_write *parms)
+{
         if (!smbcli_request_receive(req) ||

vendor/current/source4/libcli/raw/rawrequest.c

-              r740
+              r988
 #include "libcli/raw/libcliraw.h"
 #include "libcli/raw/raw_proto.h"
-#include "../lib/util/dlinklist.h"
 #include "lib/events/events.h"
 #include "librpc/ndr/libndr.h"
 #include "librpc/gen_ndr/ndr_misc.h"
+#include "../libcli/smb/smbXcli_base.h"
 /* we over allocate the data buffer to prevent too many realloc calls */
 …
         if (!req) return NT_STATUS_UNSUCCESSFUL;
-        if (req->transport) {
-                /* remove it from the list of pending requests (a null op if
-                   its not in the list) */
-                DLIST_REMOVE(req->transport->pending_recv, req);
+        }
         if (req->state == SMBCLI_REQUEST_ERROR &&
             NT_STATUS_IS_OK(req->status)) {
 …
 /*
   low-level function to setup a request buffer for a non-SMB packet
+  at the transport level
+*/
 struct smbcli_request *smbcli_request_setup_nonsmb(struct smbcli_transport *transport, size_t size)
+  setup a SMB packet at transport level
+*/
+struct smbcli_request *smbcli_request_setup_transport(struct smbcli_transport *transport,
+                                                      uint8_t command, unsigned int wct, unsigned int buflen)
+{
         struct smbcli_request *req;
+        req = talloc(transport, struct smbcli_request);
+        size_t size;
+        size = NBT_HDR_SIZE + MIN_SMB_SIZE + wct*2 + buflen;
+        req = talloc_zero(transport, struct smbcli_request);
         if (!req) {
                 return NULL;
+        }
-        ZERO_STRUCTP(req);
         /* setup the request context */
         req->state = SMBCLI_REQUEST_INIT;
         req->transport = transport;
-        req->session = NULL;
-        req->tree = NULL;
         req->out.size = size;
 …
         req->out.allocated = req->out.size + REQ_OVER_ALLOCATION;
         req->out.buffer = talloc_array(req, uint8_t, req->out.allocated);
+        req->out.buffer = talloc_zero_array(req, uint8_t, req->out.allocated);
         if (!req->out.buffer) {
                 return NULL;
+        }
-        SIVAL(req->out.buffer, 0, 0);
-        return req;
+}
-/*
-  setup a SMB packet at transport level
-*/
-struct smbcli_request *smbcli_request_setup_transport(struct smbcli_transport *transport,
-                                                      uint8_t command, unsigned int wct, unsigned int buflen)
+{
-        struct smbcli_request *req;
-        req = smbcli_request_setup_nonsmb(transport, NBT_HDR_SIZE + MIN_SMB_SIZE + wct*2 + buflen);
-        if (!req) return NULL;
         req->out.hdr = req->out.buffer + NBT_HDR_SIZE;
         req->out.vwv = req->out.hdr + HDR_VWV;
 …
         SSVAL(req->out.hdr,HDR_FLG2, 0);
-        if (command != SMBtranss && command != SMBtranss2) {
-                /* assign a mid */
-                req->mid = smbcli_transport_next_mid(transport);
+        }
         /* copy the pid, uid and mid to the request */
         SSVAL(req->out.hdr, HDR_PID, 0);
         SSVAL(req->out.hdr, HDR_UID, 0);
         SSVAL(req->out.hdr, HDR_MID, req->mid);
+        SSVAL(req->out.hdr, HDR_MID, 0);
         SSVAL(req->out.hdr, HDR_TID,0);
         SSVAL(req->out.hdr, HDR_PIDHIGH,0);
 …
         if (!req) return NULL;
+        smb1cli_session_set_id(session->smbXcli, session->vuid);
         req->session = session;
 …
         req = smbcli_request_setup_session(tree->session, command, wct, buflen);
         if (req) {
+                smb1cli_tcon_set_id(tree->smbXcli, tree->tid);
                 req->tree = tree;
                 SSVAL(req->out.hdr,HDR_TID,tree->tid);
 …
                                       unsigned int wct, size_t buflen)
+{
+        unsigned int new_size = 1 + (wct*2) + 2 + buflen;
+        SSVAL(req->out.vwv, VWV(0), command);
+        SSVAL(req->out.vwv, VWV(1), req->out.size - NBT_HDR_SIZE);
+        smbcli_req_grow_allocation(req, req->out.data_size + new_size);
+        req->out.vwv = req->out.buffer + req->out.size + 1;
+        SCVAL(req->out.vwv, -1, wct);
+        size_t wct_ofs;
+        size_t size;
+        /*
+         * here we only support one chained command
+         * If someone needs longer chains, the low
+         * level code should be used directly.
+         */
+        if (req->subreqs[0] != NULL) {
+                return NT_STATUS_INVALID_PARAMETER_MIX;
+        }
+        if (req->subreqs[1] != NULL) {
+                return NT_STATUS_INVALID_PARAMETER_MIX;
+        }
+        req->subreqs[0] = smbcli_transport_setup_subreq(req);
+        if (req->subreqs[0] == NULL) {
+                return NT_STATUS_NO_MEMORY;
+        }
+        wct_ofs = smb1cli_req_wct_ofs(req->subreqs, 1);
+        size = NBT_HDR_SIZE + wct_ofs + 1 + VWV(wct) + 2 + buflen;
+        req->out.size = size;
+        /* over allocate by a small amount */
+        req->out.allocated = req->out.size + REQ_OVER_ALLOCATION;
+        req->out.buffer = talloc_zero_array(req, uint8_t, req->out.allocated);
+        if (!req->out.buffer) {
+                return NT_STATUS_NO_MEMORY;
+        }
+        req->out.hdr = req->out.buffer + NBT_HDR_SIZE;
+        req->out.vwv = req->out.hdr + wct_ofs;
+        req->out.wct = wct;
+        req->out.data = req->out.vwv + VWV(wct) + 2;
+        req->out.data_size = buflen;
+        req->out.ptr = req->out.data;
+        SCVAL(req->out.hdr, HDR_WCT, wct);
         SSVAL(req->out.vwv, VWV(wct), buflen);
+        req->out.size += new_size;
+        req->out.data_size += new_size;
+        memcpy(req->out.hdr, "\377SMB", 4);
+        SCVAL(req->out.hdr,HDR_COM,command);
+        SCVAL(req->out.hdr,HDR_FLG, FLAG_CASELESS_PATHNAMES);
+        SSVAL(req->out.hdr,HDR_FLG2, 0);
+        /* copy the pid, uid and mid to the request */
+        SSVAL(req->out.hdr, HDR_PID, 0);
+        SSVAL(req->out.hdr, HDR_UID, 0);
+        SSVAL(req->out.hdr, HDR_MID, 0);
+        SSVAL(req->out.hdr, HDR_TID,0);
+        SSVAL(req->out.hdr, HDR_PIDHIGH,0);
+        SIVAL(req->out.hdr, HDR_RCLS, 0);
+        memset(req->out.hdr+HDR_SS_FIELD, 0, 10);
+        if (req->session != NULL) {
+                SSVAL(req->out.hdr, HDR_FLG2, req->session->flags2);
+                SSVAL(req->out.hdr, HDR_PID, req->session->pid & 0xFFFF);
+                SSVAL(req->out.hdr, HDR_PIDHIGH, req->session->pid >> 16);
+                SSVAL(req->out.hdr, HDR_UID, req->session->vuid);
+        }
+        if (req->tree != NULL) {
+                SSVAL(req->out.hdr, HDR_TID, req->tree->tid);
+        }
         return NT_STATUS_OK;
 …
 /*
   aadvance to the next chained reply in a request
+  advance to the next chained reply in a request
 */
 NTSTATUS smbcli_chained_advance(struct smbcli_request *req)
+{
+        uint8_t *buffer;
+        if (CVAL(req->in.vwv, VWV(0)) == SMB_CHAIN_NONE) {
+                return NT_STATUS_NOT_FOUND;
+        }
+        buffer = req->in.hdr + SVAL(req->in.vwv, VWV(1));
+        if (buffer + 3 > req->in.buffer + req->in.size) {
+                return NT_STATUS_BUFFER_TOO_SMALL;
+        }
+        req->in.vwv = buffer + 1;
+        req->in.wct = CVAL(buffer, 0);
+        if (buffer + 3 + req->in.wct*2 > req->in.buffer + req->in.size) {
+                return NT_STATUS_BUFFER_TOO_SMALL;
+        }
+        req->in.data = req->in.vwv + 2 + req->in.wct * 2;
+        req->in.data_size = SVAL(req->in.vwv, VWV(req->in.wct));
+        /* fix the bufinfo */
+        struct smbcli_transport *transport = req->transport;
+        uint8_t *hdr = NULL;
+        uint8_t wct = 0;
+        uint16_t *vwv = NULL;
+        uint32_t num_bytes = 0;
+        uint8_t *bytes = NULL;
+        struct iovec *recv_iov = NULL;
+        uint8_t *inbuf = NULL;
+        if (req->subreqs[0] != NULL) {
+                return NT_STATUS_INVALID_PARAMETER_MIX;
+        }
+        if (req->subreqs[1] == NULL) {
+                return NT_STATUS_INVALID_PARAMETER_MIX;
+        }
+        req->status = smb1cli_req_recv(req->subreqs[1], req,
+                                       &recv_iov,
+                                       &hdr,
+                                       &wct,
+                                       &vwv,
+                                       NULL, /* pvwv_offset */
+                                       &num_bytes,
+                                       &bytes,
+                                       NULL, /* pbytes_offset */
+                                       &inbuf,
+                                       NULL, 0); /* expected */
+        TALLOC_FREE(req->subreqs[1]);
+        if (!NT_STATUS_IS_OK(req->status)) {
+                if (recv_iov == NULL) {
+                        req->state = SMBCLI_REQUEST_ERROR;
+                        return req->status;
+                }
+        }
+        /* fill in the 'in' portion of the matching request */
+        req->in.buffer = inbuf;
+        req->in.size = NBT_HDR_SIZE + PTR_DIFF(bytes, hdr) + num_bytes;
+        req->in.allocated = req->in.size;
+        req->in.hdr = hdr;
+        req->in.vwv = (uint8_t *)vwv;
+        req->in.wct = wct;
+        req->in.data = bytes;
+        req->in.data_size = num_bytes;
+        req->in.ptr = req->in.data;
+        req->flags2 = SVAL(req->in.hdr, HDR_FLG2);
         smb_setup_bufinfo(req);
+        if (buffer + 3 + req->in.wct*2 + req->in.data_size >
+            req->in.buffer + req->in.size) {
+                return NT_STATUS_BUFFER_TOO_SMALL;
+        }
+        transport->error.e.nt_status = req->status;
+        if (NT_STATUS_IS_OK(req->status)) {
+                transport->error.etype = ETYPE_NONE;
+        } else {
+                transport->error.etype = ETYPE_SMB;
+        }
+        req->state = SMBCLI_REQUEST_DONE;
         return NT_STATUS_OK;
 …
 bool smbcli_request_send(struct smbcli_request *req)
+{
-        if (IVAL(req->out.buffer, 0) == 0) {
-                _smb_setlen(req->out.buffer, req->out.size - NBT_HDR_SIZE);
+        }
-        smbcli_request_calculate_sign_mac(req);
         smbcli_transport_send(req);
         return true;
+}
 …
         /* keep receiving packets until this one is replied to */
         while (req->state <= SMBCLI_REQUEST_RECV) {
                 if (event_loop_once(req->transport->socket->event.ctx) != 0) {
+                if (tevent_loop_once(req->transport->ev) != 0) {
                         return false;
+                }
 …
         return req->state == SMBCLI_REQUEST_DONE;
+}
-/*
-  handle oplock break requests from the server - return true if the request was
-  an oplock break
-*/
-bool smbcli_handle_oplock_break(struct smbcli_transport *transport, unsigned int len, const uint8_t *hdr, const uint8_t *vwv)
+{
-        /* we must be very fussy about what we consider an oplock break to avoid
-           matching readbraw replies */
-        if (len != MIN_SMB_SIZE + VWV(8) + NBT_HDR_SIZE ||
-            (CVAL(hdr, HDR_FLG) & FLAG_REPLY) ||
-            CVAL(hdr,HDR_COM) != SMBlockingX ||
-            SVAL(hdr, HDR_MID) != 0xFFFF ||
-            SVAL(vwv,VWV(6)) != 0 ||
-            SVAL(vwv,VWV(7)) != 0) {
-                return false;
+        }
-        if (transport->oplock.handler) {
-                uint16_t tid = SVAL(hdr, HDR_TID);
-                uint16_t fnum = SVAL(vwv,VWV(2));
-                uint8_t level = CVAL(vwv,VWV(3)+1);
-                transport->oplock.handler(transport, tid, fnum, level, transport->oplock.private_data);
+        }
-        return true;
+}
 …
+        }
         ret = convert_string_talloc(mem_ctx, CH_UTF16, CH_UNIX, src, src_len2, (void **)dest, &ret_size, false);
+        ret = convert_string_talloc(mem_ctx, CH_UTF16, CH_UNIX, src, src_len2, (void **)dest, &ret_size);
         if (!ret) {
                 *dest = NULL;
 …
+        }
         ret = convert_string_talloc(mem_ctx, CH_DOS, CH_UNIX, src, src_len2, (void **)dest, &ret_size, false);
+        ret = convert_string_talloc(mem_ctx, CH_DOS, CH_UNIX, src, src_len2, (void **)dest, &ret_size);
         if (!ret) {
 …
         src_len2 = utf16_len_n(src, src_len);
         ret = convert_string_talloc(mem_ctx, CH_UTF16, CH_UNIX, src, src_len2, (void **)&dest2, &ret_size, false);
+        ret = convert_string_talloc(mem_ctx, CH_UTF16, CH_UNIX, src, src_len2, (void **)&dest2, &ret_size);
         if (!ret) {
                 *dest = NULL;
 …
+        }
         ret = convert_string_talloc(mem_ctx, CH_DOS, CH_UNIX, src, src_len2, (void **)&dest2, &ret_size, false);
+        ret = convert_string_talloc(mem_ctx, CH_DOS, CH_UNIX, src, src_len2, (void **)&dest2, &ret_size);
         if (!ret) {

vendor/current/source4/libcli/raw/rawsearch.c

r740	r988
457	457	&data->id_both_directory_info.short_name,
458	458	68, 70, STR_LEN8BIT \| STR_UNICODE);
	459	memcpy(data->id_both_directory_info.short_name_buf, blob->data + 70, 24);
459	460	data->id_both_directory_info.file_id = BVAL(blob->data, 96);
460	461	len = smbcli_blob_pull_string(NULL, mem_ctx, blob,

vendor/current/source4/libcli/raw/rawsetfileinfo.c

-              r740
+              r988
                 NEED_BLOB(20);
                 SIVAL(blob->data, 0, parms->rename_information.in.overwrite);
+                SIVAL(blob->data, 4, 0);
                 SBVAL(blob->data, 8, parms->rename_information.in.root_fid);
                 len = smbcli_blob_append_string(NULL, mem_ctx, blob,
 …
                                                     parms, blob);
+                /* Unhandled levels */
+        /* Unhandled levels */
         case RAW_SFILEINFO_UNIX_LINK:
         case RAW_SFILEINFO_UNIX_HLINK:
         case RAW_SFILEINFO_RENAME_INFORMATION_SMB2:
+        case RAW_SFILEINFO_LINK_INFORMATION:
                 break;
+        }

vendor/current/source4/libcli/raw/rawshadow.c

r414	r988
23	23	#include "libcli/raw/libcliraw.h"
24	24	#include "libcli/raw/raw_proto.h"
25		#include "~~libcli/raw/ioctl~~.h"
	25	#include "../libcli/smb/smb_constants.h"
26	26
27	27	/*

vendor/current/source4/libcli/raw/rawtrans.c

-              r740
+              r988
 #include "includes.h"
 #include "../lib/util/dlinklist.h"
+#include <tevent.h>
 #include "libcli/raw/libcliraw.h"
 #include "libcli/raw/raw_proto.h"
+#define TORTURE_TRANS_DATA 0
+/*
+  check out of bounds for incoming data
+*/
+static bool raw_trans_oob(struct smbcli_request *req,
+                          unsigned int offset, unsigned int count)
+{
+        uint8_t *ptr;
+        if (count == 0) {
+                return false;
+        }
+        ptr = req->in.hdr + offset;
+        /* be careful with wraparound! */
+        if ((uintptr_t)ptr < (uintptr_t)req->in.data ||
+            (uintptr_t)ptr >= (uintptr_t)req->in.data + req->in.data_size ||
+            count > req->in.data_size ||
+            (uintptr_t)ptr + count > (uintptr_t)req->in.data + req->in.data_size) {
+                return true;
+        }
+        return false;
+}
+static size_t raw_trans_space_left(struct smbcli_request *req)
+{
+        if (req->transport->negotiate.max_xmit <= req->out.size) {
+                return 0;
+        }
+        return req->transport->negotiate.max_xmit - req->out.size;
+}
+struct smb_raw_trans2_recv_state {
+        uint8_t command;
+        uint32_t params_total;
+        uint32_t data_total;
+        uint32_t params_left;
+        uint32_t data_left;
+        bool got_first;
+        uint32_t recvd_data;
+        uint32_t recvd_param;
+        struct smb_trans2 io;
+};
+#include "../libcli/smb/smbXcli_base.h"
+static void smb_raw_trans_backend_done(struct tevent_req *subreq);
+static struct smbcli_request *smb_raw_trans_backend_send(struct smbcli_tree *tree,
+                                                         struct smb_trans2 *parms,
+                                                         uint8_t command)
+{
+        struct smbcli_request *req;
+        uint8_t additional_flags;
+        uint8_t clear_flags;
+        uint16_t additional_flags2;
+        uint16_t clear_flags2;
+        uint32_t pid;
+        struct smbXcli_tcon *tcon = NULL;
+        struct smbXcli_session *session = NULL;
+        const char *pipe_name = NULL;
+        uint8_t s;
+        uint32_t timeout_msec;
+        uint32_t tmp;
+        tmp = parms->in.params.length + parms->in.data.length;
+        req = smbcli_request_setup(tree, command, parms->in.setup_count, tmp);
+        if (req == NULL) {
+                return NULL;
+        }
+        additional_flags = CVAL(req->out.hdr, HDR_FLG);
+        additional_flags2 = SVAL(req->out.hdr, HDR_FLG2);
+        pid  = SVAL(req->out.hdr, HDR_PID);
+        pid |= SVAL(req->out.hdr, HDR_PIDHIGH)<<16;
+        if (req->session) {
+                session = req->session->smbXcli;
+        }
+        if (req->tree) {
+                tcon = req->tree->smbXcli;
+        }
+        clear_flags = ~additional_flags;
+        clear_flags2 = ~additional_flags2;
+        timeout_msec = req->transport->options.request_timeout * 1000;
+        for (s=0; s < parms->in.setup_count; s++) {
+                SSVAL(req->out.vwv, VWV(s), parms->in.setup[s]);
+        }
+        memcpy(req->out.data,
+               parms->in.params.data,
+               parms->in.params.length);
+        memcpy(req->out.data + parms->in.params.length,
+               parms->in.data.data,
+               parms->in.data.length);
+        if (command == SMBtrans && parms->in.trans_name) {
+                pipe_name = parms->in.trans_name;
+        }
+        req->subreqs[0] = smb1cli_trans_send(req,
+                                             req->transport->ev,
+                                             req->transport->conn,
+                                             command,
+                                             additional_flags,
+                                             clear_flags,
+                                             additional_flags2,
+                                             clear_flags2,
+                                             timeout_msec,
+                                             pid,
+                                             tcon,
+                                             session,
+                                             pipe_name,
+xFFFF, /* fid */
+, /* function */
+                                             parms->in.flags,
+                                             (uint16_t *)req->out.vwv,
+                                             parms->in.setup_count,
+                                             parms->in.max_setup,
+                                             req->out.data,
+                                             parms->in.params.length,
+                                             parms->in.max_param,
+                                             req->out.data+
+                                             parms->in.params.length,
+                                             parms->in.data.length,
+                                             parms->in.max_data);
+        if (req->subreqs[0] == NULL) {
+                talloc_free(req);
+                return NULL;
+        }
+        tevent_req_set_callback(req->subreqs[0],
+                                smb_raw_trans_backend_done,
+                                req);
+        return req;
+}
+static void smb_raw_trans_backend_done(struct tevent_req *subreq)
+{
+        struct smbcli_request *req =
+                tevent_req_callback_data(subreq,
+                struct smbcli_request);
+        struct smbcli_transport *transport = req->transport;
+        uint16_t *setup = NULL;
+        uint8_t num_setup = 0;
+        uint8_t s;
+        uint8_t *param = NULL;
+        uint32_t num_param = 0;
+        uint8_t *data = NULL;
+        uint32_t num_data = 0;
+        req->status = smb1cli_trans_recv(req->subreqs[0], req,
+                                         &req->flags2,
+                                         &setup,
+, /* min_setup */
+                                         &num_setup,
+                                         &param,
+, /* min_param */
+                                         &num_param,
+                                         &data,
+, /* min_data */
+                                         &num_data);
+        TALLOC_FREE(req->subreqs[0]);
+        if (NT_STATUS_IS_ERR(req->status)) {
+                req->state = SMBCLI_REQUEST_ERROR;
+                transport->error.e.nt_status = req->status;
+                transport->error.etype = ETYPE_SMB;
+                if (req->async.fn) {
+                        req->async.fn(req);
+                }
+                return;
+        }
+        req->trans2.out.setup_count = num_setup;
+        req->trans2.out.setup = talloc_array(req, uint16_t, num_setup);
+        if (req->trans2.out.setup == NULL) {
+                req->state = SMBCLI_REQUEST_ERROR;
+                req->status = NT_STATUS_NO_MEMORY;
+                transport->error.e.nt_status = req->status;
+                transport->error.etype = ETYPE_SMB;
+                if (req->async.fn) {
+                        req->async.fn(req);
+                }
+                return;
+        }
+        for (s = 0; s < num_setup; s++) {
+                req->trans2.out.setup[s] = SVAL(setup, VWV(s));
+        }
+        req->trans2.out.params.data = param;
+        req->trans2.out.params.length = num_param;
+        req->trans2.out.data.data = data;
+        req->trans2.out.data.length = num_data;
+        transport->error.e.nt_status = req->status;
+        if (NT_STATUS_IS_OK(req->status)) {
+                transport->error.etype = ETYPE_NONE;
+        } else {
+                transport->error.etype = ETYPE_SMB;
+        }
+        req->state = SMBCLI_REQUEST_DONE;
+        if (req->async.fn) {
+                req->async.fn(req);
+        }
+}
+static NTSTATUS smb_raw_trans_backend_recv(struct smbcli_request *req,
+                                           TALLOC_CTX *mem_ctx,
+                                           struct smb_trans2 *parms)
+{
+        if (!smbcli_request_receive(req) ||
+            smbcli_request_is_error(req)) {
+                goto failed;
+        }
+        parms->out = req->trans2.out;
+        talloc_steal(mem_ctx, parms->out.setup);
+        talloc_steal(mem_ctx, parms->out.params.data);
+        talloc_steal(mem_ctx, parms->out.data.data);
+failed:
+        return smbcli_request_destroy(req);
+}
+_PUBLIC_ struct smbcli_request *smb_raw_trans_send(struct smbcli_tree *tree,
+                                       struct smb_trans2 *parms)
+{
+        return smb_raw_trans_backend_send(tree, parms, SMBtrans);
+}
+_PUBLIC_ NTSTATUS smb_raw_trans_recv(struct smbcli_request *req,
+                             TALLOC_CTX *mem_ctx,
+                             struct smb_trans2 *parms)
+{
+        return smb_raw_trans_backend_recv(req, mem_ctx, parms);
+}
+_PUBLIC_ NTSTATUS smb_raw_trans(struct smbcli_tree *tree,
+                       TALLOC_CTX *mem_ctx,
+                       struct smb_trans2 *parms)
+{
+        struct smbcli_request *req;
+        req = smb_raw_trans_send(tree, parms);
+        if (!req) return NT_STATUS_UNSUCCESSFUL;
+        return smb_raw_trans_recv(req, mem_ctx, parms);
+}
+struct smbcli_request *smb_raw_trans2_send(struct smbcli_tree *tree,
+                                       struct smb_trans2 *parms)
+{
+        return smb_raw_trans_backend_send(tree, parms, SMBtrans2);
+}
 NTSTATUS smb_raw_trans2_recv(struct smbcli_request *req,
 …
                              struct smb_trans2 *parms)
+{
+        struct smb_raw_trans2_recv_state *state;
+        if (!smbcli_request_receive(req) ||
+            smbcli_request_is_error(req)) {
+                goto failed;
+        }
+        state = talloc_get_type(req->recv_helper.private_data,
+                                struct smb_raw_trans2_recv_state);
+        parms->out = state->io.out;
+        talloc_steal(mem_ctx, parms->out.setup);
+        talloc_steal(mem_ctx, parms->out.params.data);
+        talloc_steal(mem_ctx, parms->out.data.data);
+        talloc_free(state);
+        ZERO_STRUCT(req->recv_helper);
+failed:
+        return smbcli_request_destroy(req);
+}
+static enum smbcli_request_state smb_raw_trans2_ship_rest(struct smbcli_request *req,
+                                                          struct smb_raw_trans2_recv_state *state);
+/*
+ * This helper returns SMBCLI_REQUEST_RECV until all data has arrived
+ */
+static enum smbcli_request_state smb_raw_trans2_recv_helper(struct smbcli_request *req)
+{
+        struct smb_raw_trans2_recv_state *state = talloc_get_type(req->recv_helper.private_data,
+                                                  struct smb_raw_trans2_recv_state);
+        uint16_t param_count, param_ofs, param_disp;
+        uint16_t data_count, data_ofs, data_disp;
+        uint16_t total_data, total_param;
+        uint8_t setup_count;
+        /*
+         * An NT RPC pipe call can return ERRDOS, ERRmoredata
+         * to a trans call. This is not an error and should not
+         * be treated as such.
+         */
+        if (smbcli_request_is_error(req)) {
+                goto failed;
+        }
+        if (state->params_left > 0 || state->data_left > 0) {
+                return smb_raw_trans2_ship_rest(req, state);
+        }
+        SMBCLI_CHECK_MIN_WCT(req, 10);
+        total_data = SVAL(req->in.vwv, VWV(1));
+        total_param = SVAL(req->in.vwv, VWV(0));
+        setup_count = CVAL(req->in.vwv, VWV(9));
+        param_count = SVAL(req->in.vwv, VWV(3));
+        param_ofs   = SVAL(req->in.vwv, VWV(4));
+        param_disp  = SVAL(req->in.vwv, VWV(5));
+        data_count = SVAL(req->in.vwv, VWV(6));
+        data_ofs   = SVAL(req->in.vwv, VWV(7));
+        data_disp  = SVAL(req->in.vwv, VWV(8));
+        if (!state->got_first) {
+                if (total_param > 0) {
+                        state->io.out.params = data_blob_talloc(state, NULL, total_param);
+                        if (!state->io.out.params.data) {
+                                goto nomem;
+                        }
+                }
+                if (total_data > 0) {
+                        state->io.out.data = data_blob_talloc(state, NULL, total_data);
+                        if (!state->io.out.data.data) {
+                                goto nomem;
+                        }
+                }
+                if (setup_count > 0) {
+                        uint16_t i;
+                        SMBCLI_CHECK_WCT(req, 10 + setup_count);
+                        state->io.out.setup_count = setup_count;
+                        state->io.out.setup = talloc_array(state, uint16_t, setup_count);
+                        if (!state->io.out.setup) {
+                                goto nomem;
+                        }
+                        for (i=0; i < setup_count; i++) {
+                                state->io.out.setup[i] = SVAL(req->in.vwv, VWV(10+i));
+                        }
+                }
+                state->got_first = true;
+        }
+        if (total_data > state->io.out.data.length ||
+            total_param > state->io.out.params.length) {
+                /* they must *only* shrink */
+                DEBUG(1,("smb_raw_trans2_recv_helper: data/params expanded!\n"));
+                req->status = NT_STATUS_BUFFER_TOO_SMALL;
+                goto failed;
+        }
+        state->io.out.data.length = total_data;
+        state->io.out.params.length = total_param;
+        if (data_count + data_disp > total_data ||
+            param_count + param_disp > total_param) {
+                DEBUG(1,("smb_raw_trans2_recv_helper: Buffer overflow\n"));
+                req->status = NT_STATUS_BUFFER_TOO_SMALL;
+                goto failed;
+        }
+        /* check the server isn't being nasty */
+        if (raw_trans_oob(req, param_ofs, param_count) ||
+            raw_trans_oob(req, data_ofs, data_count)) {
+                DEBUG(1,("smb_raw_trans2_recv_helper: out of bounds parameters!\n"));
+                req->status = NT_STATUS_BUFFER_TOO_SMALL;
+                goto failed;
+        }
+        if (data_count) {
+                memcpy(state->io.out.data.data + data_disp,
+                       req->in.hdr + data_ofs,
+                       data_count);
+        }
+        if (param_count) {
+                memcpy(state->io.out.params.data + param_disp,
+                       req->in.hdr + param_ofs,
+                       param_count);
+        }
+        state->recvd_param += param_count;
+        state->recvd_data += data_count;
+        if (state->recvd_data < total_data ||
+            state->recvd_param < total_param) {
+                /* we don't need the in buffer any more */
+                talloc_free(req->in.buffer);
+                ZERO_STRUCT(req->in);
+                /* we still wait for more data */
+                DEBUG(10,("smb_raw_trans2_recv_helper: more data needed\n"));
+                return SMBCLI_REQUEST_RECV;
+        }
+        DEBUG(10,("smb_raw_trans2_recv_helper: done\n"));
+        return SMBCLI_REQUEST_DONE;
+nomem:
+        req->status = NT_STATUS_NO_MEMORY;
+failed:
+        return SMBCLI_REQUEST_ERROR;
+}
+_PUBLIC_ NTSTATUS smb_raw_trans_recv(struct smbcli_request *req,
+                             TALLOC_CTX *mem_ctx,
+                             struct smb_trans2 *parms)
+{
+        return smb_raw_trans2_recv(req, mem_ctx, parms);
+}
+/*
+  trans/trans2 raw async interface - only BLOBs used in this interface.
+*/
+struct smbcli_request *smb_raw_trans_send_backend(struct smbcli_tree *tree,
+                                                  struct smb_trans2 *parms,
+                                                  uint8_t command)
+{
+        struct smb_raw_trans2_recv_state *state;
+        struct smbcli_request *req;
+        int i;
+        int padding;
+        size_t space_left;
+        size_t namelen = 0;
+        DATA_BLOB params_chunk;
+        uint16_t ofs;
+        uint16_t params_ofs = 0;
+        DATA_BLOB data_chunk;
+        uint16_t data_ofs = 0;
+        if (parms->in.params.length > UINT16_MAX ||
+            parms->in.data.length > UINT16_MAX) {
+                DEBUG(3,("Attempt to send invalid trans2 request (params %u, data %u)\n",
+                         (unsigned)parms->in.params.length, (unsigned)parms->in.data.length));
+                return NULL;
+        }
+        if (command == SMBtrans)
+                padding = 1;
+        else
+                padding = 3;
+        req = smbcli_request_setup(tree, command,
++ parms->in.setup_count,
+                                   padding);
+        if (!req) {
+                return NULL;
+        }
+        state = talloc_zero(req, struct smb_raw_trans2_recv_state);
+        if (!state) {
+                smbcli_request_destroy(req);
+                return NULL;
+        }
+        state->command = command;
+        /* make sure we don't leak data via the padding */
+        memset(req->out.data, 0, padding);
+        /* Watch out, this changes the req->out.* pointers */
+        if (command == SMBtrans && parms->in.trans_name) {
+                namelen = smbcli_req_append_string(req, parms->in.trans_name,
+                                                STR_TERMINATE);
+        }
+        ofs = PTR_DIFF(req->out.data,req->out.hdr)+padding+namelen;
+        /* see how much bytes of the params block we can ship in the first request */
+        space_left = raw_trans_space_left(req);
+        params_chunk.length = MIN(parms->in.params.length, space_left);
+        params_chunk.data = parms->in.params.data;
+        params_ofs = ofs;
+        state->params_left = parms->in.params.length - params_chunk.length;
+        if (state->params_left > 0) {
+                /* we copy the whole params block, if needed we can optimize that latter */
+                state->io.in.params = data_blob_talloc(state, NULL, parms->in.params.length);
+                if (!state->io.in.params.data) {
+                        smbcli_request_destroy(req);
+                        return NULL;
+                }
+                memcpy(state->io.in.params.data,
+                       parms->in.params.data,
+                       parms->in.params.length);
+        }
+        /* see how much bytes of the data block we can ship in the first request */
+        space_left -= params_chunk.length;
+#if TORTURE_TRANS_DATA
+        if (space_left > 1) {
+                space_left /= 2;
+        }
+#endif
+        data_chunk.length = MIN(parms->in.data.length, space_left);
+        data_chunk.data = parms->in.data.data;
+        data_ofs = params_ofs + params_chunk.length;
+        state->data_left = parms->in.data.length - data_chunk.length;
+        if (state->data_left > 0) {
+                /* we copy the whole params block, if needed we can optimize that latter */
+                state->io.in.data = data_blob_talloc(state, NULL, parms->in.data.length);
+                if (!state->io.in.data.data) {
+                        smbcli_request_destroy(req);
+                        return NULL;
+                }
+                memcpy(state->io.in.data.data,
+                       parms->in.data.data,
+                       parms->in.data.length);
+        }
+        state->params_total = parms->in.params.length;
+        state->data_total = parms->in.data.length;
+        /* primary request */
+        SSVAL(req->out.vwv,VWV(0),parms->in.params.length);
+        SSVAL(req->out.vwv,VWV(1),parms->in.data.length);
+        SSVAL(req->out.vwv,VWV(2),parms->in.max_param);
+        SSVAL(req->out.vwv,VWV(3),parms->in.max_data);
+        SCVAL(req->out.vwv,VWV(4),parms->in.max_setup);
+        SCVAL(req->out.vwv,VWV(4)+1,0); /* reserved */
+        SSVAL(req->out.vwv,VWV(5),parms->in.flags);
+        SIVAL(req->out.vwv,VWV(6),parms->in.timeout);
+        SSVAL(req->out.vwv,VWV(8),0); /* reserved */
+        SSVAL(req->out.vwv,VWV(9),params_chunk.length);
+        SSVAL(req->out.vwv,VWV(10),params_ofs);
+        SSVAL(req->out.vwv,VWV(11),data_chunk.length);
+        SSVAL(req->out.vwv,VWV(12),data_ofs);
+        SCVAL(req->out.vwv,VWV(13),parms->in.setup_count);
+        SCVAL(req->out.vwv,VWV(13)+1,0); /* reserved */
+        for (i=0;i<parms->in.setup_count;i++)   {
+                SSVAL(req->out.vwv,VWV(14)+VWV(i),parms->in.setup[i]);
+        }
+        smbcli_req_append_blob(req, &params_chunk);
+        smbcli_req_append_blob(req, &data_chunk);
+        /* add the helper which will check that all multi-part replies are
+           in before an async client callack will be issued */
+        req->recv_helper.fn = smb_raw_trans2_recv_helper;
+        req->recv_helper.private_data = state;
+        if (!smbcli_request_send(req)) {
+                smbcli_request_destroy(req);
+                return NULL;
+        }
+        return req;
+}
+static enum smbcli_request_state smb_raw_trans2_ship_next(struct smbcli_request *req,
+                                                          struct smb_raw_trans2_recv_state *state)
+{
+        struct smbcli_request *req2;
+        size_t space_left;
+        DATA_BLOB params_chunk;
+        uint16_t ofs;
+        uint16_t params_ofs = 0;
+        uint16_t params_disp = 0;
+        DATA_BLOB data_chunk;
+        uint16_t data_ofs = 0;
+        uint16_t data_disp = 0;
+        uint8_t wct;
+        if (state->command == SMBtrans2) {
+                wct = 9;
+        } else {
+                wct = 8;
+        }
+        req2 = smbcli_request_setup(req->tree, state->command+1, wct, 0);
+        if (!req2) {
+                goto nomem;
+        }
+        req2->mid = req->mid;
+        SSVAL(req2->out.hdr, HDR_MID, req2->mid);
+        ofs = PTR_DIFF(req2->out.data,req2->out.hdr);
+        /* see how much bytes of the params block we can ship in the first request */
+        space_left = raw_trans_space_left(req2);
+        params_disp = state->io.in.params.length - state->params_left;
+        params_chunk.length = MIN(state->params_left, space_left);
+        params_chunk.data = state->io.in.params.data + params_disp;
+        params_ofs = ofs;
+        state->params_left -= params_chunk.length;
+        /* see how much bytes of the data block we can ship in the first request */
+        space_left -= params_chunk.length;
+#if TORTURE_TRANS_DATA
+        if (space_left > 1) {
+                space_left /= 2;
+        }
+#endif
+        data_disp = state->io.in.data.length - state->data_left;
+        data_chunk.length = MIN(state->data_left, space_left);
+        data_chunk.data = state->io.in.data.data + data_disp;
+        data_ofs = params_ofs+params_chunk.length;
+        state->data_left -= data_chunk.length;
+        SSVAL(req2->out.vwv,VWV(0), state->params_total);
+        SSVAL(req2->out.vwv,VWV(1), state->data_total);
+        SSVAL(req2->out.vwv,VWV(2), params_chunk.length);
+        SSVAL(req2->out.vwv,VWV(3), params_ofs);
+        SSVAL(req2->out.vwv,VWV(4), params_disp);
+        SSVAL(req2->out.vwv,VWV(5), data_chunk.length);
+        SSVAL(req2->out.vwv,VWV(6), data_ofs);
+        SSVAL(req2->out.vwv,VWV(7), data_disp);
+        if (wct == 9) {
+                SSVAL(req2->out.vwv,VWV(8), 0xFFFF);
+        }
+        smbcli_req_append_blob(req2, &params_chunk);
+        smbcli_req_append_blob(req2, &data_chunk);
+        /*
+         * it's a one way request but we need
+         * the seq_num, so we destroy req2 by hand
+         */
+        if (!smbcli_request_send(req2)) {
+                goto failed;
+        }
+        req->seq_num = req2->seq_num;
+        smbcli_request_destroy(req2);
+        return SMBCLI_REQUEST_RECV;
+nomem:
+        req->status = NT_STATUS_NO_MEMORY;
+failed:
+        if (req2) {
+                req->status = smbcli_request_destroy(req2);
+        }
+        return SMBCLI_REQUEST_ERROR;
+}
+static enum smbcli_request_state smb_raw_trans2_ship_rest(struct smbcli_request *req,
+                                                          struct smb_raw_trans2_recv_state *state)
+{
+        enum smbcli_request_state ret = SMBCLI_REQUEST_ERROR;
+        while (state->params_left > 0 || state->data_left > 0) {
+                ret = smb_raw_trans2_ship_next(req, state);
+                if (ret != SMBCLI_REQUEST_RECV) {
+                        break;
+                }
+        }
+        return ret;
+}
+/*
+  trans/trans2 raw async interface - only BLOBs used in this interface.
+  note that this doesn't yet support multi-part requests
+*/
+_PUBLIC_ struct smbcli_request *smb_raw_trans_send(struct smbcli_tree *tree,
+                                       struct smb_trans2 *parms)
+{
+        return smb_raw_trans_send_backend(tree, parms, SMBtrans);
+}
+struct smbcli_request *smb_raw_trans2_send(struct smbcli_tree *tree,
+                                       struct smb_trans2 *parms)
+{
+        return smb_raw_trans_send_backend(tree, parms, SMBtrans2);
+}
+/*
+  trans2 synchronous blob interface
+*/
+        return smb_raw_trans_backend_recv(req, mem_ctx, parms);
+}
 NTSTATUS smb_raw_trans2(struct smbcli_tree *tree,
                         TALLOC_CTX *mem_ctx,
 …
+}
+/*
+  trans synchronous blob interface
+*/
+_PUBLIC_ NTSTATUS smb_raw_trans(struct smbcli_tree *tree,
+                       TALLOC_CTX *mem_ctx,
+                       struct smb_trans2 *parms)
+static void smb_raw_nttrans_done(struct tevent_req *subreq);
+struct smbcli_request *smb_raw_nttrans_send(struct smbcli_tree *tree,
+                                            struct smb_nttrans *parms)
+{
         struct smbcli_request *req;
+        req = smb_raw_trans_send(tree, parms);
+        if (!req) return NT_STATUS_UNSUCCESSFUL;
+        return smb_raw_trans_recv(req, mem_ctx, parms);
+}
+struct smb_raw_nttrans_recv_state {
+        uint32_t params_total;
+        uint32_t data_total;
+        uint32_t params_left;
+        uint32_t data_left;
+        bool got_first;
+        uint32_t recvd_data;
+        uint32_t recvd_param;
+        struct smb_nttrans io;
+};
+        uint8_t additional_flags;
+        uint8_t clear_flags;
+        uint16_t additional_flags2;
+        uint16_t clear_flags2;
+        uint32_t pid;
+        struct smbXcli_tcon *tcon = NULL;
+        struct smbXcli_session *session = NULL;
+        uint32_t timeout_msec;
+        uint32_t tmp;
+        tmp = parms->in.params.length + parms->in.data.length;
+        req = smbcli_request_setup(tree, SMBnttrans, parms->in.setup_count, tmp);
+        if (req == NULL) {
+                return NULL;
+        }
+        additional_flags = CVAL(req->out.hdr, HDR_FLG);
+        additional_flags2 = SVAL(req->out.hdr, HDR_FLG2);
+        pid  = SVAL(req->out.hdr, HDR_PID);
+        pid |= SVAL(req->out.hdr, HDR_PIDHIGH)<<16;
+        if (req->session) {
+                session = req->session->smbXcli;
+        }
+        if (req->tree) {
+                tcon = req->tree->smbXcli;
+        }
+        clear_flags = ~additional_flags;
+        clear_flags2 = ~additional_flags2;
+        timeout_msec = req->transport->options.request_timeout * 1000;
+        memcpy(req->out.vwv,
+               parms->in.setup,
+               parms->in.setup_count * 2);
+        memcpy(req->out.data,
+               parms->in.params.data,
+               parms->in.params.length);
+        memcpy(req->out.data + parms->in.params.length,
+               parms->in.data.data,
+               parms->in.data.length);
+        req->subreqs[0] = smb1cli_trans_send(req,
+                                             req->transport->ev,
+                                             req->transport->conn,
+                                             SMBnttrans,
+                                             additional_flags,
+                                             clear_flags,
+                                             additional_flags2,
+                                             clear_flags2,
+                                             timeout_msec,
+                                             pid,
+                                             tcon,
+                                             session,
+                                             NULL, /* pipe_name */
+xFFFF, /* fid */
+                                             parms->in.function,
+, /* flags */
+                                             (uint16_t *)req->out.vwv,
+                                             parms->in.setup_count,
+                                             parms->in.max_setup,
+                                             req->out.data,
+                                             parms->in.params.length,
+                                             parms->in.max_param,
+                                             req->out.data+
+                                             parms->in.params.length,
+                                             parms->in.data.length,
+                                             parms->in.max_data);
+        if (req->subreqs[0] == NULL) {
+                talloc_free(req);
+                return NULL;
+        }
+        tevent_req_set_callback(req->subreqs[0],
+                                smb_raw_nttrans_done,
+                                req);
+        return req;
+}
+static void smb_raw_nttrans_done(struct tevent_req *subreq)
+{
+        struct smbcli_request *req =
+                tevent_req_callback_data(subreq,
+                struct smbcli_request);
+        struct smbcli_transport *transport = req->transport;
+        uint16_t *setup = NULL;
+        uint8_t num_setup = 0;
+        uint8_t *param = NULL;
+        uint32_t num_param = 0;
+        uint8_t *data = NULL;
+        uint32_t num_data = 0;
+        req->status = smb1cli_trans_recv(req->subreqs[0], req,
+                                         &req->flags2,
+                                         &setup,
+, /* min_setup */
+                                         &num_setup,
+                                         &param,
+, /* min_param */
+                                         &num_param,
+                                         &data,
+, /* min_data */
+                                         &num_data);
+        TALLOC_FREE(req->subreqs[0]);
+        if (NT_STATUS_IS_ERR(req->status)) {
+                req->state = SMBCLI_REQUEST_ERROR;
+                transport->error.e.nt_status = req->status;
+                transport->error.etype = ETYPE_SMB;
+                if (req->async.fn) {
+                        req->async.fn(req);
+                }
+                return;
+        }
+        req->nttrans.out.setup_count = num_setup;
+        req->nttrans.out.setup = (uint8_t *)setup;
+        req->nttrans.out.params.data = param;
+        req->nttrans.out.params.length = num_param;
+        req->nttrans.out.data.data = data;
+        req->nttrans.out.data.length = num_data;
+        transport->error.e.nt_status = req->status;
+        if (NT_STATUS_IS_OK(req->status)) {
+                transport->error.etype = ETYPE_NONE;
+        } else {
+                transport->error.etype = ETYPE_SMB;
+        }
+        req->state = SMBCLI_REQUEST_DONE;
+        if (req->async.fn) {
+                req->async.fn(req);
+        }
+}
 NTSTATUS smb_raw_nttrans_recv(struct smbcli_request *req,
 …
                               struct smb_nttrans *parms)
+{
-        struct smb_raw_nttrans_recv_state *state;
         if (!smbcli_request_receive(req) ||
             smbcli_request_is_error(req)) {
 …
+        }
+        state = talloc_get_type(req->recv_helper.private_data,
+                                struct smb_raw_nttrans_recv_state);
+        parms->out = state->io.out;
+        parms->out = req->nttrans.out;
         talloc_steal(mem_ctx, parms->out.setup);
         talloc_steal(mem_ctx, parms->out.params.data);
         talloc_steal(mem_ctx, parms->out.data.data);
-        talloc_free(state);
-        ZERO_STRUCT(req->recv_helper);
 failed:
         return smbcli_request_destroy(req);
+}
-static enum smbcli_request_state smb_raw_nttrans_ship_rest(struct smbcli_request *req,
-                                                           struct smb_raw_nttrans_recv_state *state);
-/*
- * This helper returns SMBCLI_REQUEST_RECV until all data has arrived
- */
-static enum smbcli_request_state smb_raw_nttrans_recv_helper(struct smbcli_request *req)
+{
-        struct smb_raw_nttrans_recv_state *state = talloc_get_type(req->recv_helper.private_data,
-                                                   struct smb_raw_nttrans_recv_state);
-        uint32_t param_count, param_ofs, param_disp;
-        uint32_t data_count, data_ofs, data_disp;
-        uint32_t total_data, total_param;
-        uint8_t setup_count;
-        /*
-         * An NT RPC pipe call can return ERRDOS, ERRmoredata
-         * to a trans call. This is not an error and should not
-         * be treated as such.
-         */
-        if (smbcli_request_is_error(req)) {
-                goto failed;
+        }
-        /* sanity check */
-        if (CVAL(req->in.hdr, HDR_COM) != SMBnttrans) {
-                DEBUG(0,("smb_raw_nttrans_recv_helper: Expected %s response, got command 0x%02x\n",
-                         "SMBnttrans",
-                         CVAL(req->in.hdr,HDR_COM)));
-                req->status = NT_STATUS_INVALID_NETWORK_RESPONSE;
-                goto failed;
+        }
-        if (state->params_left > 0 || state->data_left > 0) {
-                return smb_raw_nttrans_ship_rest(req, state);
+        }
-        /* this is the first packet of the response */
-        SMBCLI_CHECK_MIN_WCT(req, 18);
-        total_param = IVAL(req->in.vwv, 3);
-        total_data  = IVAL(req->in.vwv, 7);
-        setup_count = CVAL(req->in.vwv, 35);
-        param_count = IVAL(req->in.vwv, 11);
-        param_ofs   = IVAL(req->in.vwv, 15);
-        param_disp  = IVAL(req->in.vwv, 19);
-        data_count = IVAL(req->in.vwv, 23);
-        data_ofs   = IVAL(req->in.vwv, 27);
-        data_disp  = IVAL(req->in.vwv, 31);
-        if (!state->got_first) {
-                if (total_param > 0) {
-                        state->io.out.params = data_blob_talloc(state, NULL, total_param);
-                        if (!state->io.out.params.data) {
-                                goto nomem;
+                        }
+                }
-                if (total_data > 0) {
-                        state->io.out.data = data_blob_talloc(state, NULL, total_data);
-                        if (!state->io.out.data.data) {
-                                goto nomem;
+                        }
+                }
-                if (setup_count > 0) {
-                        SMBCLI_CHECK_WCT(req, 18 + setup_count);
-                        state->io.out.setup_count = setup_count;
-                        state->io.out.setup = talloc_array(state, uint8_t,
-                                                           setup_count * VWV(1));
-                        if (!state->io.out.setup) {
-                                goto nomem;
+                        }
-                        memcpy(state->io.out.setup, (uint8_t *)req->out.vwv + VWV(18),
-                               setup_count * VWV(1));
+                }
-                state->got_first = true;
+        }
-        if (total_data > state->io.out.data.length ||
-            total_param > state->io.out.params.length) {
-                /* they must *only* shrink */
-                DEBUG(1,("smb_raw_nttrans_recv_helper: data/params expanded!\n"));
-                req->status = NT_STATUS_BUFFER_TOO_SMALL;
-                goto failed;
+        }
-        state->io.out.data.length = total_data;
-        state->io.out.params.length = total_param;
-        if (data_count + data_disp > total_data ||
-            param_count + param_disp > total_param) {
-                DEBUG(1,("smb_raw_nttrans_recv_helper: Buffer overflow\n"));
-                req->status = NT_STATUS_BUFFER_TOO_SMALL;
-                goto failed;
+        }
-        /* check the server isn't being nasty */
-        if (raw_trans_oob(req, param_ofs, param_count) ||
-            raw_trans_oob(req, data_ofs, data_count)) {
-                DEBUG(1,("smb_raw_nttrans_recv_helper: out of bounds parameters!\n"));
-                req->status = NT_STATUS_BUFFER_TOO_SMALL;
-                goto failed;
+        }
-        if (data_count) {
-                memcpy(state->io.out.data.data + data_disp,
-                       req->in.hdr + data_ofs,
-                       data_count);
+        }
-        if (param_count) {
-                memcpy(state->io.out.params.data + param_disp,
-                       req->in.hdr + param_ofs,
-                       param_count);
+        }
-        state->recvd_param += param_count;
-        state->recvd_data += data_count;
-        if (state->recvd_data < total_data ||
-            state->recvd_param < total_param) {
-                /* we don't need the in buffer any more */
-                talloc_free(req->in.buffer);
-                ZERO_STRUCT(req->in);
-                /* we still wait for more data */
-                DEBUG(10,("smb_raw_nttrans_recv_helper: more data needed\n"));
-                return SMBCLI_REQUEST_RECV;
+        }
-        DEBUG(10,("smb_raw_nttrans_recv_helper: done\n"));
-        return SMBCLI_REQUEST_DONE;
-nomem:
-        req->status = NT_STATUS_NO_MEMORY;
-failed:
-        return SMBCLI_REQUEST_ERROR;
+}
-/****************************************************************************
- nttrans raw - only BLOBs used in this interface.
- at the moment we only handle a single primary request
-****************************************************************************/
-struct smbcli_request *smb_raw_nttrans_send(struct smbcli_tree *tree,
-                                         struct smb_nttrans *parms)
+{
-        struct smbcli_request *req;
-        struct smb_raw_nttrans_recv_state *state;
-        uint32_t ofs;
-        size_t space_left;
-        DATA_BLOB params_chunk;
-        uint32_t params_ofs;
-        DATA_BLOB data_chunk;
-        uint32_t data_ofs;
-        int align = 0;
-        /* only align if there are parameters or data */
-        if (parms->in.params.length || parms->in.data.length) {
-                align = 3;
+        }
-        req = smbcli_request_setup(tree, SMBnttrans,
-+ parms->in.setup_count, align);
-        if (!req) {
-                return NULL;
+        }
-        state = talloc_zero(req, struct smb_raw_nttrans_recv_state);
-        if (!state) {
-                talloc_free(req);
-                return NULL;
+        }
-        /* fill in SMB parameters */
-        if (align != 0) {
-                memset(req->out.data, 0, align);
+        }
-        ofs = PTR_DIFF(req->out.data,req->out.hdr)+align;
-        /* see how much bytes of the params block we can ship in the first request */
-        space_left = raw_trans_space_left(req);
-        params_chunk.length = MIN(parms->in.params.length, space_left);
-        params_chunk.data = parms->in.params.data;
-        params_ofs = ofs;
-        state->params_left = parms->in.params.length - params_chunk.length;
-        if (state->params_left > 0) {
-                /* we copy the whole params block, if needed we can optimize that latter */
-                state->io.in.params = data_blob_talloc(state, NULL, parms->in.params.length);
-                if (!state->io.in.params.data) {
-                        smbcli_request_destroy(req);
-                        return NULL;
+                }
-                memcpy(state->io.in.params.data,
-                       parms->in.params.data,
-                       parms->in.params.length);
+        }
-        /* see how much bytes of the data block we can ship in the first request */
-        space_left -= params_chunk.length;
-#if TORTURE_TRANS_DATA
-        if (space_left > 1) {
-                space_left /= 2;
+        }
-#endif
-        data_chunk.length = MIN(parms->in.data.length, space_left);
-        data_chunk.data = parms->in.data.data;
-        data_ofs = params_ofs + params_chunk.length;
-        state->data_left = parms->in.data.length - data_chunk.length;
-        if (state->data_left > 0) {
-                /* we copy the whole params block, if needed we can optimize that latter */
-                state->io.in.data = data_blob_talloc(state, NULL, parms->in.data.length);
-                if (!state->io.in.data.data) {
-                        smbcli_request_destroy(req);
-                        return NULL;
+                }
-                memcpy(state->io.in.data.data,
-                       parms->in.data.data,
-                       parms->in.data.length);
+        }
-        state->params_total = parms->in.params.length;
-        state->data_total = parms->in.data.length;
-        SCVAL(req->out.vwv,  0, parms->in.max_setup);
-        SSVAL(req->out.vwv,  1, 0); /* reserved */
-        SIVAL(req->out.vwv,  3, parms->in.params.length);
-        SIVAL(req->out.vwv,  7, parms->in.data.length);
-        SIVAL(req->out.vwv, 11, parms->in.max_param);
-        SIVAL(req->out.vwv, 15, parms->in.max_data);
-        SIVAL(req->out.vwv, 19, params_chunk.length);
-        SIVAL(req->out.vwv, 23, params_ofs);
-        SIVAL(req->out.vwv, 27, data_chunk.length);
-        SIVAL(req->out.vwv, 31, data_ofs);
-        SCVAL(req->out.vwv, 35, parms->in.setup_count);
-        SSVAL(req->out.vwv, 36, parms->in.function);
-        memcpy(req->out.vwv + VWV(19), parms->in.setup,
-               sizeof(uint16_t) * parms->in.setup_count);
-        smbcli_req_append_blob(req, &params_chunk);
-        smbcli_req_append_blob(req, &data_chunk);
-        /* add the helper which will check that all multi-part replies are
-           in before an async client callack will be issued */
-        req->recv_helper.fn = smb_raw_nttrans_recv_helper;
-        req->recv_helper.private_data = state;
-        if (!smbcli_request_send(req)) {
-                smbcli_request_destroy(req);
-                return NULL;
+        }
-        return req;
+}
-static enum smbcli_request_state smb_raw_nttrans_ship_next(struct smbcli_request *req,
-                                                           struct smb_raw_nttrans_recv_state *state)
+{
-        struct smbcli_request *req2;
-        size_t space_left;
-        DATA_BLOB params_chunk;
-        uint32_t ofs;
-        uint32_t params_ofs = 0;
-        uint32_t params_disp = 0;
-        DATA_BLOB data_chunk;
-        uint32_t data_ofs = 0;
-        uint32_t data_disp = 0;
-        req2 = smbcli_request_setup(req->tree, SMBnttranss, 18, 0);
-        if (!req2) {
-                goto nomem;
+        }
-        req2->mid = req->mid;
-        SSVAL(req2->out.hdr, HDR_MID, req2->mid);
-        ofs = PTR_DIFF(req2->out.data,req2->out.hdr);
-        /* see how much bytes of the params block we can ship in the first request */
-        space_left = raw_trans_space_left(req2);
-        params_disp = state->io.in.params.length - state->params_left;
-        params_chunk.length = MIN(state->params_left, space_left);
-        params_chunk.data = state->io.in.params.data + params_disp;
-        params_ofs = ofs;
-        state->params_left -= params_chunk.length;
-        /* see how much bytes of the data block we can ship in the first request */
-        space_left -= params_chunk.length;
-#if TORTURE_TRANS_DATA
-        if (space_left > 1) {
-                space_left /= 2;
+        }
-#endif
-        data_disp = state->io.in.data.length - state->data_left;
-        data_chunk.length = MIN(state->data_left, space_left);
-        data_chunk.data = state->io.in.data.data + data_disp;
-        data_ofs = params_ofs+params_chunk.length;
-        state->data_left -= data_chunk.length;
-        SSVAL(req2->out.vwv,0, 0); /* reserved */
-        SCVAL(req2->out.vwv,2, 0); /* reserved */
-        SIVAL(req2->out.vwv,3, state->params_total);
-        SIVAL(req2->out.vwv,7, state->data_total);
-        SIVAL(req2->out.vwv,11, params_chunk.length);
-        SIVAL(req2->out.vwv,15, params_ofs);
-        SIVAL(req2->out.vwv,19, params_disp);
-        SIVAL(req2->out.vwv,23, data_chunk.length);
-        SIVAL(req2->out.vwv,27, data_ofs);
-        SIVAL(req2->out.vwv,31, data_disp);
-        SCVAL(req2->out.vwv,35, 0); /* reserved */
-        smbcli_req_append_blob(req2, &params_chunk);
-        smbcli_req_append_blob(req2, &data_chunk);
-        /*
-         * it's a one way request but we need
-         * the seq_num, so we destroy req2 by hand
-         */
-        if (!smbcli_request_send(req2)) {
-                goto failed;
+        }
-        req->seq_num = req2->seq_num;
-        smbcli_request_destroy(req2);
-        return SMBCLI_REQUEST_RECV;
-nomem:
-        req->status = NT_STATUS_NO_MEMORY;
-failed:
-        if (req2) {
-                req->status = smbcli_request_destroy(req2);
+        }
-        return SMBCLI_REQUEST_ERROR;
+}
-static enum smbcli_request_state smb_raw_nttrans_ship_rest(struct smbcli_request *req,
-                                                           struct smb_raw_nttrans_recv_state *state)
+{
-        enum smbcli_request_state ret = SMBCLI_REQUEST_ERROR;
-        while (state->params_left > 0 || state->data_left > 0) {
-                ret = smb_raw_nttrans_ship_next(req, state);
-                if (ret != SMBCLI_REQUEST_RECV) {
-                        break;
+                }
+        }
-        return ret;
+}
 /****************************************************************************

vendor/current/source4/libcli/raw/signing.h

-              r414
+              r988
 };
-enum smb_signing_state {
-        SMB_SIGNING_OFF, SMB_SIGNING_SUPPORTED,
-        SMB_SIGNING_REQUIRED, SMB_SIGNING_AUTO};
 struct smb_signing_context {
         enum smb_signing_engine_state signing_state;

vendor/current/source4/libcli/raw/smb.h

-              r740
+              r988
 */
 #ifndef _SMB_H
 #define _SMB_H
+#ifndef _RAW_SMB_H
+#define _RAW_SMB_H
 /* deny modes */
 …
 #define NTCREATEX_ACTION_UNKNOWN 5
-#define SMB_MAGIC 0x424D53FF /* 0xFF 'S' 'M' 'B' */
-/* the basic packet size, assuming no words or bytes. Does not include the NBT header */
-#define MIN_SMB_SIZE 35
-/* when using NBT encapsulation every packet has a 4 byte header */
-#define NBT_HDR_SIZE 4
-/* offsets into message header for common items - NOTE: These have
-   changed from being offsets from the base of the NBT packet to the base of the SMB packet.
-   this has reduced all these values by 4
-*/
-#define HDR_COM 4
-#define HDR_RCLS 5
-#define HDR_REH 6
-#define HDR_ERR 7
-#define HDR_FLG 9
-#define HDR_FLG2 10
-#define HDR_PIDHIGH 12
-#define HDR_SS_FIELD 14
-#define HDR_TID 24
-#define HDR_PID 26
-#define HDR_UID 28
-#define HDR_MID 30
-#define HDR_WCT 32
-#define HDR_VWV 33
-/* types of buffers in core SMB protocol */
-#define SMB_DATA_BLOCK 0x1
-#define SMB_ASCII4     0x4
-/* flag defines. CIFS spec 3.1.1 */
-#define FLAG_SUPPORT_LOCKREAD       0x01
-#define FLAG_CLIENT_BUF_AVAIL       0x02
-#define FLAG_RESERVED               0x04
-#define FLAG_CASELESS_PATHNAMES     0x08
-#define FLAG_CANONICAL_PATHNAMES    0x10
-#define FLAG_REQUEST_OPLOCK         0x20
-#define FLAG_REQUEST_BATCH_OPLOCK   0x40
-#define FLAG_REPLY                  0x80
-/* the complete */
-#define SMBmkdir      0x00   /* create directory */
-#define SMBrmdir      0x01   /* delete directory */
-#define SMBopen       0x02   /* open file */
-#define SMBcreate     0x03   /* create file */
-#define SMBclose      0x04   /* close file */
-#define SMBflush      0x05   /* flush file */
-#define SMBunlink     0x06   /* delete file */
-#define SMBmv         0x07   /* rename file */
-#define SMBgetatr     0x08   /* get file attributes */
-#define SMBsetatr     0x09   /* set file attributes */
-#define SMBread       0x0A   /* read from file */
-#define SMBwrite      0x0B   /* write to file */
-#define SMBlock       0x0C   /* lock byte range */
-#define SMBunlock     0x0D   /* unlock byte range */
-#define SMBctemp      0x0E   /* create temporary file */
-#define SMBmknew      0x0F   /* make new file */
-#define SMBchkpth     0x10   /* check directory path */
-#define SMBexit       0x11   /* process exit */
-#define SMBlseek      0x12   /* seek */
-#define SMBtcon       0x70   /* tree connect */
-#define SMBtconX      0x75   /* tree connect and X*/
-#define SMBtdis       0x71   /* tree disconnect */
-#define SMBnegprot    0x72   /* negotiate protocol */
-#define SMBdskattr    0x80   /* get disk attributes */
-#define SMBsearch     0x81   /* search directory */
-#define SMBsplopen    0xC0   /* open print spool file */
-#define SMBsplwr      0xC1   /* write to print spool file */
-#define SMBsplclose   0xC2   /* close print spool file */
-#define SMBsplretq    0xC3   /* return print queue */
-#define SMBsends      0xD0   /* send single block message */
-#define SMBsendb      0xD1   /* send broadcast message */
-#define SMBfwdname    0xD2   /* forward user name */
-#define SMBcancelf    0xD3   /* cancel forward */
-#define SMBgetmac     0xD4   /* get machine name */
-#define SMBsendstrt   0xD5   /* send start of multi-block message */
-#define SMBsendend    0xD6   /* send end of multi-block message */
-#define SMBsendtxt    0xD7   /* send text of multi-block message */
-/* Core+ protocol */
-#define SMBlockread       0x13   /* Lock a range and read */
-#define SMBwriteunlock 0x14 /* write then range then unlock it */
-#define SMBreadbraw   0x1a  /* read a block of data with no smb header */
-#define SMBwritebraw  0x1d  /* write a block of data with no smb header */
-#define SMBwritec     0x20  /* secondary write request */
-#define SMBwriteclose 0x2c  /* write a file then close it */
-/* dos extended protocol */
-#define SMBreadBraw      0x1A   /* read block raw */
-#define SMBreadBmpx      0x1B   /* read block multiplexed */
-#define SMBreadBs        0x1C   /* read block (secondary response) */
-#define SMBwriteBraw     0x1D   /* write block raw */
-#define SMBwriteBmpx     0x1E   /* write block multiplexed */
-#define SMBwriteBs       0x1F   /* write block (secondary request) */
-#define SMBwriteC        0x20   /* write complete response */
-#define SMBsetattrE      0x22   /* set file attributes expanded */
-#define SMBgetattrE      0x23   /* get file attributes expanded */
-#define SMBlockingX      0x24   /* lock/unlock byte ranges and X */
-#define SMBtrans         0x25   /* transaction - name, bytes in/out */
-#define SMBtranss        0x26   /* transaction (secondary request/response) */
-#define SMBioctl         0x27   /* IOCTL */
-#define SMBioctls        0x28   /* IOCTL  (secondary request/response) */
-#define SMBcopy          0x29   /* copy */
-#define SMBmove          0x2A   /* move */
-#define SMBecho          0x2B   /* echo */
-#define SMBopenX         0x2D   /* open and X */
-#define SMBreadX         0x2E   /* read and X */
-#define SMBwriteX        0x2F   /* write and X */
-#define SMBsesssetupX    0x73   /* Session Set Up & X (including User Logon) */
-#define SMBffirst        0x82   /* find first */
-#define SMBfunique       0x83   /* find unique */
-#define SMBfclose        0x84   /* find close */
-#define SMBkeepalive     0x85   /* keepalive */
-#define SMBinvalid       0xFE   /* invalid command */
-/* Extended 2.0 protocol */
-#define SMBtrans2        0x32   /* TRANS2 protocol set */
-#define SMBtranss2       0x33   /* TRANS2 protocol set, secondary command */
-#define SMBfindclose     0x34   /* Terminate a TRANSACT2_FINDFIRST */
-#define SMBfindnclose    0x35   /* Terminate a TRANSACT2_FINDNOTIFYFIRST */
-#define SMBulogoffX      0x74   /* user logoff */
-/* NT SMB extensions. */
-#define SMBnttrans       0xA0   /* NT transact */
-#define SMBnttranss      0xA1   /* NT transact secondary */
-#define SMBntcreateX     0xA2   /* NT create and X */
-#define SMBntcancel      0xA4   /* NT cancel */
-#define SMBntrename      0xA5   /* NT rename */
-/* used to indicate end of chain */
-#define SMB_CHAIN_NONE   0xFF
-/* These are the trans subcommands */
-#define TRANSACT_SETNAMEDPIPEHANDLESTATE  0x01
-#define TRANSACT_DCERPCCMD                0x26
-#define TRANSACT_WAITNAMEDPIPEHANDLESTATE 0x53
-/* These are the NT transact sub commands. */
-#define NT_TRANSACT_CREATE                1
-#define NT_TRANSACT_IOCTL                 2
-#define NT_TRANSACT_SET_SECURITY_DESC     3
-#define NT_TRANSACT_NOTIFY_CHANGE         4
-#define NT_TRANSACT_RENAME                5
-#define NT_TRANSACT_QUERY_SECURITY_DESC   6
-/* this is used on a TConX. I'm not sure the name is very helpful though */
-#define SMB_SUPPORT_SEARCH_BITS        0x0001
-#define SMB_SHARE_IN_DFS               0x0002
 /* Named pipe write mode flags. Used in writeX calls. */
 #define PIPE_RAW_MODE 0x4
 …
 #define DESIRED_ACCESS_PIPE 0x2019f
-/* FileAttributes (search attributes) field */
-#define FILE_ATTRIBUTE_READONLY         0x0001
-#define FILE_ATTRIBUTE_HIDDEN           0x0002
-#define FILE_ATTRIBUTE_SYSTEM           0x0004
-#define FILE_ATTRIBUTE_VOLUME           0x0008
-#define FILE_ATTRIBUTE_DIRECTORY        0x0010
-#define FILE_ATTRIBUTE_ARCHIVE          0x0020
-#define FILE_ATTRIBUTE_DEVICE           0x0040
-#define FILE_ATTRIBUTE_NORMAL           0x0080
-#define FILE_ATTRIBUTE_TEMPORARY        0x0100
-#define FILE_ATTRIBUTE_SPARSE           0x0200
-#define FILE_ATTRIBUTE_REPARSE_POINT    0x0400
-#define FILE_ATTRIBUTE_COMPRESSED       0x0800
-#define FILE_ATTRIBUTE_OFFLINE          0x1000
-#define FILE_ATTRIBUTE_NONINDEXED       0x2000
-#define FILE_ATTRIBUTE_ENCRYPTED        0x4000
-#define FILE_ATTRIBUTE_ALL_MASK         0x7FFF
-/* Flags - combined with attributes. */
-#define FILE_FLAG_WRITE_THROUGH    0x80000000L
-#define FILE_FLAG_NO_BUFFERING     0x20000000L
-#define FILE_FLAG_RANDOM_ACCESS    0x10000000L
-#define FILE_FLAG_SEQUENTIAL_SCAN  0x08000000L
-#define FILE_FLAG_DELETE_ON_CLOSE  0x04000000L
-#define FILE_FLAG_BACKUP_SEMANTICS 0x02000000L /* only if backup/restore privilege? */
-#define FILE_FLAG_POSIX_SEMANTICS  0x01000000L
-/* Responses when opening a file. */
-#define FILE_WAS_SUPERSEDED 0
-#define FILE_WAS_OPENED 1
-#define FILE_WAS_CREATED 2
-#define FILE_WAS_OVERWRITTEN 3
-/* File type flags */
-#define FILE_TYPE_DISK  0
-#define FILE_TYPE_BYTE_MODE_PIPE 1
-#define FILE_TYPE_MESSAGE_MODE_PIPE 2
-#define FILE_TYPE_PRINTER 3
-#define FILE_TYPE_COMM_DEVICE 4
-#define FILE_TYPE_UNKNOWN 0xFFFF
 /* Flag for NT transact rename call. */
 #define RENAME_REPLACE_IF_EXISTS 1
 …
 #define RENAME_FLAG_RENAME                   0x104
 #define RENAME_FLAG_COPY                     0x105
-/* Filesystem Attributes. */
-#define FILE_CASE_SENSITIVE_SEARCH 0x01
-#define FILE_CASE_PRESERVED_NAMES 0x02
-#define FILE_UNICODE_ON_DISK 0x04
-/* According to cifs9f, this is 4, not 8 */
-/* Acconding to testing, this actually sets the security attribute! */
-#define FILE_PERSISTENT_ACLS 0x08
-/* These entries added from cifs9f --tsb */
-#define FILE_FILE_COMPRESSION 0x10
-#define FILE_VOLUME_QUOTAS 0x20
-/* I think this is wrong. JRA #define FILE_DEVICE_IS_MOUNTED 0x20 */
-#define FILE_VOLUME_SPARSE_FILE 0x40
-#define FILE_VOLUME_IS_COMPRESSED 0x8000
 /* ChangeNotify flags. */
 …
 /* where to find the base of the SMB packet proper */
 /* REWRITE TODO: smb_base needs to be removed */
 #define smb_base(buf) (((char *)(buf))+4)
+#define smb_base(buf) (((const char *)(buf))+4)
 /* we don't allow server strings to be longer than 48 characters as
 …
 #define BROWSER_CONSTANT        0xaa55
-/* Sercurity mode bits. */
-#define NEGOTIATE_SECURITY_USER_LEVEL           0x01
-#define NEGOTIATE_SECURITY_CHALLENGE_RESPONSE   0x02
-#define NEGOTIATE_SECURITY_SIGNATURES_ENABLED   0x04
-#define NEGOTIATE_SECURITY_SIGNATURES_REQUIRED  0x08
-/* NT Flags2 bits - cifs6.txt section 3.1.2 */
-#define FLAGS2_LONG_PATH_COMPONENTS    0x0001
-#define FLAGS2_EXTENDED_ATTRIBUTES     0x0002
-#define FLAGS2_SMB_SECURITY_SIGNATURES 0x0004
-#define FLAGS2_IS_LONG_NAME            0x0040
-#define FLAGS2_EXTENDED_SECURITY       0x0800
-#define FLAGS2_DFS_PATHNAMES           0x1000
-#define FLAGS2_READ_PERMIT_EXECUTE     0x2000
-#define FLAGS2_32_BIT_ERROR_CODES      0x4000
-#define FLAGS2_UNICODE_STRINGS         0x8000
-/* CIFS protocol capabilities */
-#define CAP_RAW_MODE            0x00000001
-#define CAP_MPX_MODE            0x00000002
-#define CAP_UNICODE             0x00000004
-#define CAP_LARGE_FILES         0x00000008
-#define CAP_NT_SMBS             0x00000010
-#define CAP_RPC_REMOTE_APIS     0x00000020
-#define CAP_STATUS32            0x00000040
-#define CAP_LEVEL_II_OPLOCKS    0x00000080
-#define CAP_LOCK_AND_READ       0x00000100
-#define CAP_NT_FIND             0x00000200
-#define CAP_DFS                 0x00001000
-#define CAP_W2K_SMBS            0x00002000
-#define CAP_LARGE_READX         0x00004000
-#define CAP_LARGE_WRITEX        0x00008000
-#define CAP_UNIX                0x00800000 /* Capabilities for UNIX extensions. Created by HP. */
-#define CAP_EXTENDED_SECURITY   0x80000000
 /*
  * Global value meaning that the smb_uid field should be
 …
 #define UID_FIELD_INVALID 0
-/* Lock types. */
-#define LOCKING_ANDX_EXCLUSIVE_LOCK  0x00
-#define LOCKING_ANDX_SHARED_LOCK     0x01
-#define LOCKING_ANDX_OPLOCK_RELEASE  0x02
-#define LOCKING_ANDX_CHANGE_LOCKTYPE 0x04
-#define LOCKING_ANDX_CANCEL_LOCK     0x08
-#define LOCKING_ANDX_LARGE_FILES     0x10
-/*
- * Bits we test with.
- */
-#define OPLOCK_NONE      0
-#define OPLOCK_EXCLUSIVE 1
-#define OPLOCK_BATCH     2
-#define OPLOCK_LEVEL_II  4
-#define CORE_OPLOCK_GRANTED (1<<5)
-#define EXTENDED_OPLOCK_GRANTED (1<<15)
-/*
- * Return values for oplock types.
- */
-#define NO_OPLOCK_RETURN 0
-#define EXCLUSIVE_OPLOCK_RETURN 1
-#define BATCH_OPLOCK_RETURN 2
-#define LEVEL_II_OPLOCK_RETURN 3
-/* oplock levels sent in oplock break */
-#define OPLOCK_BREAK_TO_NONE     0
-#define OPLOCK_BREAK_TO_LEVEL_II 1
-#define CMD_REPLY 0x8000
 /* The maximum length of a trust account password.
 …
 #define FS_ATTR_NAMED_STREAMS                     0x00040000
+#define smb_len(buf) (PVAL(buf,3)|(PVAL(buf,2)<<8)|(PVAL(buf,1)<<16))
+#define _smb_setlen(buf,len) do {(buf)[0] = 0; (buf)[1] = ((len)&0x10000)>>16; \
+        (buf)[2] = ((len)&0xFF00)>>8; (buf)[3] = (len)&0xFF;} while (0)
+#define _smb2_setlen(buf,len) do {(buf)[0] = 0; (buf)[1] = ((len)&0xFF0000)>>16; \
+        (buf)[2] = ((len)&0xFF00)>>8; (buf)[3] = (len)&0xFF;} while (0)
+#include "libcli/raw/trans2.h"
+#include "source4/libcli/raw/trans2.h"
 #include "libcli/raw/interfaces.h"
+#endif /* _SMB_H */
+#include "libcli/smb/smb_common.h"
+#endif /* _RAW_SMB_H */

vendor/current/source4/libcli/raw/smb_signing.c

-              r746
+              r988
+}
-/***********************************************************
- SMB signing - Common code before we set a new signing implementation
-************************************************************/
-static bool smbcli_set_smb_signing_common(struct smbcli_transport *transport)
+{
-        if (!set_smb_signing_common(&transport->negotiate.sign_info)) {
-                return false;
+        }
-        if (!(transport->negotiate.sec_mode &
-              (NEGOTIATE_SECURITY_SIGNATURES_REQUIRED|NEGOTIATE_SECURITY_SIGNATURES_ENABLED))) {
-                DEBUG(5, ("SMB Signing is not negotiated by the peer\n"));
-                return false;
+        }
-        /* These calls are INCOMPATIBLE with SMB signing */
-        transport->negotiate.readbraw_supported = false;
-        transport->negotiate.writebraw_supported = false;
-        return true;
+}
 void mark_packet_signed(struct smb_request_buffer *out)
+{
 …
+}
-static void smbcli_req_allocate_seq_num(struct smbcli_request *req)
+{
-        req->seq_num = req->transport->negotiate.sign_info.next_seq_num;
-        /* some requests (eg. NTcancel) are one way, and the sequence number
-           should be increased by 1 not 2 */
-        if (req->sign_single_increment) {
-                req->transport->negotiate.sign_info.next_seq_num += 1;
-        } else {
-                req->transport->negotiate.sign_info.next_seq_num += 2;
+        }
+}
-/***********************************************************
- SMB signing - Simple implementation - calculate a MAC to send.
-************************************************************/
-void smbcli_request_calculate_sign_mac(struct smbcli_request *req)
+{
-#if 0
-        /* enable this when packet signing is preventing you working out why valgrind
-           says that data is uninitialised */
-        file_save("pkt.dat", req->out.buffer, req->out.size);
-#endif
-        switch (req->transport->negotiate.sign_info.signing_state) {
-        case SMB_SIGNING_ENGINE_OFF:
-                break;
-        case SMB_SIGNING_ENGINE_BSRSPYL:
-                /* mark the packet as signed - BEFORE we sign it...*/
-                mark_packet_signed(&req->out);
-                /* I wonder what BSRSPYL stands for - but this is what MS
-                   actually sends! */
-                memcpy((req->out.hdr + HDR_SS_FIELD), "BSRSPYL ", 8);
-                break;
-        case SMB_SIGNING_ENGINE_ON:
-                smbcli_req_allocate_seq_num(req);
-                sign_outgoing_message(&req->out,
-                                      &req->transport->negotiate.sign_info.mac_key,
-                                      req->seq_num);
-                break;
+        }
-        return;
+}
 /**
  SMB signing - NULL implementation
 …
         return true;
+}
-/**
- SMB signing - TEMP implementation - setup the MAC key.
-*/
-bool smbcli_temp_set_signing(struct smbcli_transport *transport)
+{
-        if (!smbcli_set_smb_signing_common(transport)) {
-                return false;
+        }
-        DEBUG(5, ("BSRSPYL SMB signing enabled\n"));
-        smbcli_set_signing_off(&transport->negotiate.sign_info);
-        transport->negotiate.sign_info.mac_key = data_blob(NULL, 0);
-        transport->negotiate.sign_info.signing_state = SMB_SIGNING_ENGINE_BSRSPYL;
-        return true;
+}
-/***********************************************************
- SMB signing - Simple implementation - check a MAC sent by server.
-************************************************************/
-/**
- * Check a packet supplied by the server.
- * @return false if we had an established signing connection
- *         which had a back checksum, true otherwise
- */
-bool smbcli_request_check_sign_mac(struct smbcli_request *req)
+{
-        bool good;
-        if (!req->transport->negotiate.sign_info.doing_signing &&
-            req->sign_caller_checks) {
-                return true;
+        }
-        req->sign_caller_checks = false;
-        switch (req->transport->negotiate.sign_info.signing_state)
+        {
-        case SMB_SIGNING_ENGINE_OFF:
-                return true;
-        case SMB_SIGNING_ENGINE_BSRSPYL:
-                return true;
-        case SMB_SIGNING_ENGINE_ON:
+        {
-                if (req->in.size < (HDR_SS_FIELD + 8)) {
-                        return false;
-                } else {
-                        good = check_signed_incoming_message(&req->in,
-                                                             &req->transport->negotiate.sign_info.mac_key,
-                                                             req->seq_num+1);
-                        return signing_good(&req->transport->negotiate.sign_info,
-                                            req->seq_num+1, good);
+                }
+        }
+        }
-        return false;
+}
 /***********************************************************
 …
+}
-/***********************************************************
- SMB signing - Simple implementation - setup the MAC key.
-************************************************************/
-bool smbcli_transport_simple_set_signing(struct smbcli_transport *transport,
-                                         const DATA_BLOB user_session_key,
-                                         const DATA_BLOB response)
+{
-        if (!smbcli_set_smb_signing_common(transport)) {
-                return false;
+        }
-        return smbcli_simple_set_signing(transport,
-                                         &transport->negotiate.sign_info,
-                                         &user_session_key,
-                                         &response);
+}
-bool smbcli_init_signing(struct smbcli_transport *transport)
+{
-        transport->negotiate.sign_info.next_seq_num = 0;
-        transport->negotiate.sign_info.mac_key = data_blob(NULL, 0);
-        if (!smbcli_set_signing_off(&transport->negotiate.sign_info)) {
-                return false;
+        }
-        switch (transport->options.signing) {
-        case SMB_SIGNING_OFF:
-                transport->negotiate.sign_info.allow_smb_signing = false;
-                break;
-        case SMB_SIGNING_SUPPORTED:
-        case SMB_SIGNING_AUTO:
-                transport->negotiate.sign_info.allow_smb_signing = true;
-                break;
-        case SMB_SIGNING_REQUIRED:
-                transport->negotiate.sign_info.allow_smb_signing = true;
-                transport->negotiate.sign_info.mandatory_signing = true;
-                break;
+        }
-        return true;
+}

vendor/current/source4/libcli/raw/trans2.h

-              r414
+              r988
 #ifndef _TRANS2_H_
 #define _TRANS2_H_
-/* These are the TRANS2 sub commands */
-#define TRANSACT2_OPEN                        0
-#define TRANSACT2_FINDFIRST                   1
-#define TRANSACT2_FINDNEXT                    2
-#define TRANSACT2_QFSINFO                     3
-#define TRANSACT2_SETFSINFO                   4
-#define TRANSACT2_QPATHINFO                   5
-#define TRANSACT2_SETPATHINFO                 6
-#define TRANSACT2_QFILEINFO                   7
-#define TRANSACT2_SETFILEINFO                 8
-#define TRANSACT2_FSCTL                       9
-#define TRANSACT2_IOCTL                     0xA
-#define TRANSACT2_FINDNOTIFYFIRST           0xB
-#define TRANSACT2_FINDNOTIFYNEXT            0xC
-#define TRANSACT2_MKDIR                     0xD
-#define TRANSACT2_SESSION_SETUP             0xE
-#define TRANSACT2_GET_DFS_REFERRAL         0x10
-#define TRANSACT2_REPORT_DFS_INCONSISTANCY 0x11
 …
 #define SMB_QFS_FULL_SIZE_INFORMATION                   1007
 #define SMB_QFS_OBJECTID_INFORMATION                    1008
+#define SMB_QFS_SECTOR_SIZE_INFORMATION                 1011
 …
 #define QFS_TYPE_VIRTUAL                        0x40
+/* SMB_QFS_SECTOR_SIZE_INFORMATION values */
+#define QFS_SSINFO_FLAGS_ALIGNED_DEVICE                 0x00000001
+#define QFS_SSINFO_FLAGS_PARTITION_ALIGNED_ON_DEVICE    0x00000002
+#define QFS_SSINFO_FLAGS_NO_SEEK_PENALTY                0x00000004
+#define QFS_SSINFO_FLAGS_TRIM_ENABLED                   0x00000008
+#define QFS_SSINFO_OFFSET_UNKNOWN                       0xffffffff
 /*
 …
 #define SMB_QFS_MAC_FS_INFO                     0x301
-/* UNIX CIFS Extensions - created by HP */
-/*
- * UNIX CIFS Extensions have the range 0x200 - 0x2FF reserved.
- * Supposedly Microsoft have agreed to this.
- */
-#define MIN_UNIX_INFO_LEVEL 0x200
-#define MAX_UNIX_INFO_LEVEL 0x2FF
-#define INFO_LEVEL_IS_UNIX(level) (((level) >= MIN_UNIX_INFO_LEVEL) && ((level) <= MAX_UNIX_INFO_LEVEL))
-#define SMB_MODE_NO_CHANGE                 0xFFFFFFFF     /* file mode value which */
-                                              /* means "don't change it" */
-#define SMB_UID_NO_CHANGE                  0xFFFFFFFF
-#define SMB_GID_NO_CHANGE                  0xFFFFFFFF
-#define SMB_SIZE_NO_CHANGE_LO              0xFFFFFFFF
-#define SMB_SIZE_NO_CHANGE_HI              0xFFFFFFFF
-#define SMB_TIME_NO_CHANGE_LO              0xFFFFFFFF
-#define SMB_TIME_NO_CHANGE_HI              0xFFFFFFFF
-/*
-UNIX_BASIC  info level:
-Offset Size         Name
-      LARGE_INTEGER EndOfFile                File size
-      LARGE_INTEGER Blocks                   Number of bytes used on disk (st_blocks).
-     LARGE_INTEGER CreationTime             Creation time
-     LARGE_INTEGER LastAccessTime           Last access time
-     LARGE_INTEGER LastModificationTime     Last modification time
-     LARGE_INTEGER Uid                      Numeric user id for the owner
-     LARGE_INTEGER Gid                      Numeric group id of owner
-     ULONG Type                             Enumeration specifying the pathname type:
--- File
--- Directory
--- Symbolic link
--- Character device
--- Block device
--- FIFO (named pipe)
--- Unix domain socket
-     LARGE_INTEGER devmajor                 Major device number if type is device
-     LARGE_INTEGER devminor                 Minor device number if type is device
-     LARGE_INTEGER uniqueid                 This is a server-assigned unique id for the file. The client
-                                              will typically map this onto an inode number. The scope of
-                                              uniqueness is the share.
-     LARGE_INTEGER permissions              Standard UNIX file permissions  - see below.
-     LARGE_INTEGER nlinks                   The number of directory entries that map to this entry
-                                              (number of hard links)
-- end.
-*/
-/*
-SMB_QUERY_FILE_UNIX_INFO2 is SMB_QUERY_FILE_UNIX_BASIC with create
-time and file flags appended. The corresponding info level for
-findfirst/findnext is SMB_FIND_FILE_UNIX_UNIX2.
-Size    Offset  Value
----------------------
-      LARGE_INTEGER EndOfFile          File size
-      LARGE_INTEGER Blocks             Number of blocks used on disk
-     LARGE_INTEGER ChangeTime         Attribute change time
-     LARGE_INTEGER LastAccessTime           Last access time
-     LARGE_INTEGER LastModificationTime     Last modification time
-     LARGE_INTEGER Uid                Numeric user id for the owner
-     LARGE_INTEGER Gid                Numeric group id of owner
-     ULONG Type                       Enumeration specifying the file type
-     LARGE_INTEGER devmajor           Major device number if type is device
-     LARGE_INTEGER devminor           Minor device number if type is device
-     LARGE_INTEGER uniqueid           This is a server-assigned unique id
-     LARGE_INTEGER permissions        Standard UNIX permissions
-     LARGE_INTEGER nlinks             Number of hard link)
-    LARGE_INTEGER CreationTime       Create/birth time
-    ULONG FileFlags                  File flags enumeration
-    ULONG FileFlagsMask              Mask of valid flags
-*/
-/* UNIX filetype mappings. */
-#define UNIX_TYPE_FILE      0
-#define UNIX_TYPE_DIR       1
-#define UNIX_TYPE_SYMLINK   2
-#define UNIX_TYPE_CHARDEV   3
-#define UNIX_TYPE_BLKDEV    4
-#define UNIX_TYPE_FIFO      5
-#define UNIX_TYPE_SOCKET    6
-#define UNIX_TYPE_UNKNOWN   0xFFFFFFFF
-/*
- * Oh this is fun. "Standard UNIX permissions" has no
- * meaning in POSIX. We need to define the mapping onto
- * and off the wire as this was not done in the original HP
- * spec. JRA.
- */
-#define UNIX_X_OTH                      0000001
-#define UNIX_W_OTH                      0000002
-#define UNIX_R_OTH                      0000004
-#define UNIX_X_GRP                      0000010
-#define UNIX_W_GRP                      0000020
-#define UNIX_R_GRP                      0000040
-#define UNIX_X_USR                      0000100
-#define UNIX_W_USR                      0000200
-#define UNIX_R_USR                      0000400
-#define UNIX_STICKY                     0001000
-#define UNIX_SET_GID                    0002000
-#define UNIX_SET_UID                    0004000
-/* Masks for the above */
-#define UNIX_OTH_MASK                   0000007
-#define UNIX_GRP_MASK                   0000070
-#define UNIX_USR_MASK                   0000700
-#define UNIX_PERM_MASK                  0000777
-#define UNIX_EXTRA_MASK                 0007000
-#define UNIX_ALL_MASK                   0007777
-/* Flags for the file_flags field in UNIX_INFO2: */
-#define EXT_SECURE_DELETE               0x00000001
-#define EXT_ENABLE_UNDELETE             0x00000002
-#define EXT_SYNCHRONOUS                 0x00000004
-#define EXT_IMMUTABLE                   0x00000008
-#define EXT_OPEN_APPEND_ONLY            0x00000010
-#define EXT_DO_NOT_BACKUP               0x00000020
-#define EXT_NO_UPDATE_ATIME             0x00000040
-#define EXT_HIDDEN                      0x00000080
-#define SMB_QFILEINFO_UNIX_LINK         0x201
-#define SMB_SFILEINFO_UNIX_LINK         0x201
-#define SMB_SFILEINFO_UNIX_HLINK        0x203
-/*
- Info level for QVOLINFO - returns version of CIFS UNIX extensions, plus
--bits worth of capability fun :-).
-*/
-#define SMB_QUERY_CIFS_UNIX_INFO      0x200
-/* Returns the following.
-  UINT16             major version number
-  UINT16             minor version number
-  LARGE_INTEGER      capability bitfield
-*/
-#define CIFS_UNIX_MAJOR_VERSION 1
-#define CIFS_UNIX_MINOR_VERSION 0
-#define CIFS_UNIX_FCNTL_LOCKS_CAP           0x1
-#define CIFS_UNIX_POSIX_ACLS_CAP            0x2
-/* ... more as we think of them :-). */
 #endif

Context Navigation

Legend:

vendor/current/source4/libcli/raw/clioplock.c

vendor/current/source4/libcli/raw/clisession.c

vendor/current/source4/libcli/raw/clisocket.c

vendor/current/source4/libcli/raw/clitransport.c

vendor/current/source4/libcli/raw/clitree.c

vendor/current/source4/libcli/raw/interfaces.h

vendor/current/source4/libcli/raw/libcliraw.h

vendor/current/source4/libcli/raw/raweas.c

vendor/current/source4/libcli/raw/rawfile.c

vendor/current/source4/libcli/raw/rawfileinfo.c

vendor/current/source4/libcli/raw/rawfsinfo.c

vendor/current/source4/libcli/raw/rawnegotiate.c

vendor/current/source4/libcli/raw/rawnotify.c

vendor/current/source4/libcli/raw/rawreadwrite.c

vendor/current/source4/libcli/raw/rawrequest.c

vendor/current/source4/libcli/raw/rawsearch.c

vendor/current/source4/libcli/raw/rawsetfileinfo.c

vendor/current/source4/libcli/raw/rawshadow.c

vendor/current/source4/libcli/raw/rawtrans.c

vendor/current/source4/libcli/raw/signing.h

vendor/current/source4/libcli/raw/smb.h

vendor/current/source4/libcli/raw/smb_signing.c

vendor/current/source4/libcli/raw/trans2.h

Download in other formats: