2
Unix SMB/CIFS implementation.
3
Pipe SMB reply routines
4
Copyright (C) Andrew Tridgell 1992-1998
5
Copyright (C) Luke Kenneth Casson Leighton 1996-1998
6
Copyright (C) Paul Ashton 1997-1998.
7
Copyright (C) Jeremy Allison 2005.
9
This program is free software; you can redistribute it and/or modify
10
it under the terms of the GNU General Public License as published by
11
the Free Software Foundation; either version 2 of the License, or
12
(at your option) any later version.
14
This program is distributed in the hope that it will be useful,
15
but WITHOUT ANY WARRANTY; without even the implied warranty of
16
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17
GNU General Public License for more details.
19
You should have received a copy of the GNU General Public License
20
along with this program; if not, write to the Free Software
21
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24
This file handles reply_ calls on named pipes that the server
25
makes to handle specific protocols
31
#define PIPE "\\PIPE\\"
32
#define PIPELEN strlen(PIPE)
34
#define MAX_PIPE_NAME_LEN 24
36
/* PIPE/<name>/<pid>/<pnum> */
37
#define PIPEDB_KEY_FORMAT "PIPE/%s/%u/%d"
40
struct process_id pid;
44
char name[MAX_PIPE_NAME_LEN];
49
extern struct pipe_id_info pipe_names[];
51
/****************************************************************************
52
Reply to an open and X on a named pipe.
53
This code is basically stolen from reply_open_and_X with some
54
wrinkles to handle pipes.
55
****************************************************************************/
57
int reply_open_pipe_and_X(connection_struct *conn,
58
char *inbuf,char *outbuf,int length,int bufsize)
62
uint16 vuid = SVAL(inbuf, smb_uid);
64
int size=0,fmode=0,mtime=0,rmode=0;
67
/* XXXX we need to handle passed times, sattr and flags */
68
srvstr_pull_buf(inbuf, pipe_name, smb_buf(inbuf), sizeof(pipe_name), STR_TERMINATE);
70
/* If the name doesn't start \PIPE\ then this is directed */
71
/* at a mailslot or something we really, really don't understand, */
72
/* not just something we really don't understand. */
73
if ( strncmp(pipe_name,PIPE,PIPELEN) != 0 ) {
74
return(ERROR_DOS(ERRSRV,ERRaccess));
77
DEBUG(4,("Opening pipe %s.\n", pipe_name));
79
/* See if it is one we want to handle. */
80
for( i = 0; pipe_names[i].client_pipe ; i++ ) {
81
if( strequal(pipe_name,pipe_names[i].client_pipe)) {
86
if (pipe_names[i].client_pipe == NULL) {
87
return(ERROR_BOTH(NT_STATUS_OBJECT_NAME_NOT_FOUND,ERRDOS,ERRbadpipe));
90
/* Strip \PIPE\ off the name. */
91
pstrcpy(fname, pipe_name + PIPELEN);
95
* Hack for NT printers... JRA.
97
if(should_fail_next_srvsvc_open(fname))
98
return(ERROR(ERRSRV,ERRaccess));
101
/* Known pipes arrive with DIR attribs. Remove it so a regular file */
102
/* can be opened and add it in after the open. */
103
DEBUG(3,("Known pipe %s opening.\n",fname));
105
p = open_rpc_pipe_p(fname, conn, vuid);
107
return(ERROR_DOS(ERRSRV,ERRnofids));
110
/* Prepare the reply */
111
set_message(outbuf,15,0,True);
113
/* Mark the opened file as an existing named pipe in message mode. */
114
SSVAL(outbuf,smb_vwv9,2);
115
SSVAL(outbuf,smb_vwv10,0xc700);
118
DEBUG(4,("Resetting open result to open from create.\n"));
122
SSVAL(outbuf,smb_vwv2, p->pnum);
123
SSVAL(outbuf,smb_vwv3,fmode);
124
srv_put_dos_date3(outbuf,smb_vwv4,mtime);
125
SIVAL(outbuf,smb_vwv6,size);
126
SSVAL(outbuf,smb_vwv8,rmode);
127
SSVAL(outbuf,smb_vwv11,0x0001);
129
return chain_reply(inbuf,outbuf,length,bufsize);
132
/****************************************************************************
133
Reply to a write on a pipe.
134
****************************************************************************/
136
int reply_pipe_write(char *inbuf,char *outbuf,int length,int dum_bufsize)
138
smb_np_struct *p = get_rpc_pipe_p(inbuf,smb_vwv0);
139
uint16 vuid = SVAL(inbuf,smb_uid);
140
size_t numtowrite = SVAL(inbuf,smb_vwv1);
146
return(ERROR_DOS(ERRDOS,ERRbadfid));
149
if (p->vuid != vuid) {
150
return ERROR_NT(NT_STATUS_INVALID_HANDLE);
153
data = smb_buf(inbuf) + 3;
155
if (numtowrite == 0) {
158
nwritten = write_to_pipe(p, data, numtowrite);
161
if ((nwritten == 0 && numtowrite != 0) || (nwritten < 0)) {
162
return (UNIXERROR(ERRDOS,ERRnoaccess));
165
outsize = set_message(outbuf,1,0,True);
167
SSVAL(outbuf,smb_vwv0,nwritten);
169
DEBUG(3,("write-IPC pnum=%04x nwritten=%d\n", p->pnum, nwritten));
174
/****************************************************************************
175
Reply to a write and X.
177
This code is basically stolen from reply_write_and_X with some
178
wrinkles to handle pipes.
179
****************************************************************************/
181
int reply_pipe_write_and_X(char *inbuf,char *outbuf,int length,int bufsize)
183
smb_np_struct *p = get_rpc_pipe_p(inbuf,smb_vwv2);
184
uint16 vuid = SVAL(inbuf,smb_uid);
185
size_t numtowrite = SVAL(inbuf,smb_vwv10);
187
int smb_doff = SVAL(inbuf, smb_vwv11);
188
BOOL pipe_start_message_raw = ((SVAL(inbuf, smb_vwv7) & (PIPE_START_MESSAGE|PIPE_RAW_MODE)) ==
189
(PIPE_START_MESSAGE|PIPE_RAW_MODE));
193
return(ERROR_DOS(ERRDOS,ERRbadfid));
196
if (p->vuid != vuid) {
197
return ERROR_NT(NT_STATUS_INVALID_HANDLE);
200
data = smb_base(inbuf) + smb_doff;
202
if (numtowrite == 0) {
205
if(pipe_start_message_raw) {
207
* For the start of a message in named pipe byte mode,
208
* the first two bytes are a length-of-pdu field. Ignore
209
* them (we don't trust the client). JRA.
212
DEBUG(0,("reply_pipe_write_and_X: start of message set and not enough data sent.(%u)\n",
213
(unsigned int)numtowrite ));
214
return (UNIXERROR(ERRDOS,ERRnoaccess));
220
nwritten = write_to_pipe(p, data, numtowrite);
223
if ((nwritten == 0 && numtowrite != 0) || (nwritten < 0)) {
224
return (UNIXERROR(ERRDOS,ERRnoaccess));
227
set_message(outbuf,6,0,True);
229
nwritten = (pipe_start_message_raw ? nwritten + 2 : nwritten);
230
SSVAL(outbuf,smb_vwv2,nwritten);
232
DEBUG(3,("writeX-IPC pnum=%04x nwritten=%d\n", p->pnum, nwritten));
234
return chain_reply(inbuf,outbuf,length,bufsize);
237
/****************************************************************************
238
Reply to a read and X.
239
This code is basically stolen from reply_read_and_X with some
240
wrinkles to handle pipes.
241
****************************************************************************/
243
int reply_pipe_read_and_X(char *inbuf,char *outbuf,int length,int bufsize)
245
smb_np_struct *p = get_rpc_pipe_p(inbuf,smb_vwv2);
246
int smb_maxcnt = SVAL(inbuf,smb_vwv5);
247
int smb_mincnt = SVAL(inbuf,smb_vwv6);
252
/* we don't use the offset given to use for pipe reads. This
253
is deliberate, instead we always return the next lump of
256
uint32 smb_offs = IVAL(inbuf,smb_vwv3);
260
return(ERROR_DOS(ERRDOS,ERRbadfid));
263
set_message(outbuf,12,0,True);
264
data = smb_buf(outbuf);
266
nread = read_from_pipe(p, data, smb_maxcnt, &unused);
269
return(UNIXERROR(ERRDOS,ERRnoaccess));
272
SSVAL(outbuf,smb_vwv5,nread);
273
SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf));
274
SSVAL(smb_buf(outbuf),-2,nread);
276
DEBUG(3,("readX-IPC pnum=%04x min=%d max=%d nread=%d\n",
277
p->pnum, smb_mincnt, smb_maxcnt, nread));
279
/* Ensure we set up the message length to include the data length read. */
280
set_message_bcc(outbuf,nread);
281
return chain_reply(inbuf,outbuf,length,bufsize);
284
/****************************************************************************
286
****************************************************************************/
288
int reply_pipe_close(connection_struct *conn, char *inbuf,char *outbuf)
290
smb_np_struct *p = get_rpc_pipe_p(inbuf,smb_vwv0);
291
int outsize = set_message(outbuf,0,0,True);
294
return(ERROR_DOS(ERRDOS,ERRbadfid));
297
DEBUG(5,("reply_pipe_close: pnum:%x\n", p->pnum));
299
if (!close_rpc_pipe_hnd(p)) {
300
return ERROR_DOS(ERRDOS,ERRbadfid);
303
/* TODO: REMOVE PIPE FROM DB */