1: /***************************************************************************
2: * _ _ ____ _
3: * Project ___| | | | _ \| |
4: * / __| | | | |_) | |
5: * | (__| |_| | _ <| |___
6: * \___|\___/|_| \_\_____|
7: *
8: * Copyright (C) 2014, Bill Nagel <wnagel@tycoint.com>, Exacq Technologies
9: * Copyright (C) 2016-2019, Daniel Stenberg, <daniel@haxx.se>, et al.
10: *
11: * This software is licensed as described in the file COPYING, which
12: * you should have received as part of this distribution. The terms
13: * are also available at https://curl.haxx.se/docs/copyright.html.
14: *
15: * You may opt to use, copy, modify, merge, publish, distribute and/or sell
16: * copies of the Software, and permit persons to whom the Software is
17: * furnished to do so, under the terms of the COPYING file.
18: *
19: * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
20: * KIND, either express or implied.
21: *
22: ***************************************************************************/
23:
24: #include "curl_setup.h"
25:
26: #if !defined(CURL_DISABLE_SMB) && defined(USE_NTLM) && \
27: (CURL_SIZEOF_CURL_OFF_T > 4)
28:
29: #if !defined(USE_WINDOWS_SSPI) || defined(USE_WIN32_CRYPTO)
30:
31: #define BUILDING_CURL_SMB_C
32:
33: #ifdef HAVE_PROCESS_H
34: #include <process.h>
35: #ifdef CURL_WINDOWS_APP
36: #define getpid GetCurrentProcessId
37: #elif !defined(MSDOS)
38: #define getpid _getpid
39: #endif
40: #endif
41:
42: #include "smb.h"
43: #include "urldata.h"
44: #include "sendf.h"
45: #include "multiif.h"
46: #include "connect.h"
47: #include "progress.h"
48: #include "transfer.h"
49: #include "vtls/vtls.h"
50: #include "curl_ntlm_core.h"
51: #include "escape.h"
52: #include "curl_endian.h"
53:
54: /* The last #include files should be: */
55: #include "curl_memory.h"
56: #include "memdebug.h"
57:
58: /* Local API functions */
59: static CURLcode smb_setup_connection(struct connectdata *conn);
60: static CURLcode smb_connect(struct connectdata *conn, bool *done);
61: static CURLcode smb_connection_state(struct connectdata *conn, bool *done);
62: static CURLcode smb_do(struct connectdata *conn, bool *done);
63: static CURLcode smb_request_state(struct connectdata *conn, bool *done);
64: static CURLcode smb_done(struct connectdata *conn, CURLcode status,
65: bool premature);
66: static CURLcode smb_disconnect(struct connectdata *conn, bool dead);
67: static int smb_getsock(struct connectdata *conn, curl_socket_t *socks);
68: static CURLcode smb_parse_url_path(struct connectdata *conn);
69:
70: /*
71: * SMB handler interface
72: */
73: const struct Curl_handler Curl_handler_smb = {
74: "SMB", /* scheme */
75: smb_setup_connection, /* setup_connection */
76: smb_do, /* do_it */
77: smb_done, /* done */
78: ZERO_NULL, /* do_more */
79: smb_connect, /* connect_it */
80: smb_connection_state, /* connecting */
81: smb_request_state, /* doing */
82: smb_getsock, /* proto_getsock */
83: smb_getsock, /* doing_getsock */
84: ZERO_NULL, /* domore_getsock */
85: ZERO_NULL, /* perform_getsock */
86: smb_disconnect, /* disconnect */
87: ZERO_NULL, /* readwrite */
88: ZERO_NULL, /* connection_check */
89: PORT_SMB, /* defport */
90: CURLPROTO_SMB, /* protocol */
91: PROTOPT_NONE /* flags */
92: };
93:
94: #ifdef USE_SSL
95: /*
96: * SMBS handler interface
97: */
98: const struct Curl_handler Curl_handler_smbs = {
99: "SMBS", /* scheme */
100: smb_setup_connection, /* setup_connection */
101: smb_do, /* do_it */
102: smb_done, /* done */
103: ZERO_NULL, /* do_more */
104: smb_connect, /* connect_it */
105: smb_connection_state, /* connecting */
106: smb_request_state, /* doing */
107: smb_getsock, /* proto_getsock */
108: smb_getsock, /* doing_getsock */
109: ZERO_NULL, /* domore_getsock */
110: ZERO_NULL, /* perform_getsock */
111: smb_disconnect, /* disconnect */
112: ZERO_NULL, /* readwrite */
113: ZERO_NULL, /* connection_check */
114: PORT_SMBS, /* defport */
115: CURLPROTO_SMBS, /* protocol */
116: PROTOPT_SSL /* flags */
117: };
118: #endif
119:
120: #define MAX_PAYLOAD_SIZE 0x8000
121: #define MAX_MESSAGE_SIZE (MAX_PAYLOAD_SIZE + 0x1000)
122: #define CLIENTNAME "curl"
123: #define SERVICENAME "?????"
124:
125: /* Append a string to an SMB message */
126: #define MSGCAT(str) \
127: strcpy(p, (str)); \
128: p += strlen(str);
129:
130: /* Append a null-terminated string to an SMB message */
131: #define MSGCATNULL(str) \
132: strcpy(p, (str)); \
133: p += strlen(str) + 1;
134:
135: /* SMB is mostly little endian */
136: #if (defined(__BYTE_ORDER__) && __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) || \
137: defined(__OS400__)
138: static unsigned short smb_swap16(unsigned short x)
139: {
140: return (unsigned short) ((x << 8) | ((x >> 8) & 0xff));
141: }
142:
143: static unsigned int smb_swap32(unsigned int x)
144: {
145: return (x << 24) | ((x << 8) & 0xff0000) | ((x >> 8) & 0xff00) |
146: ((x >> 24) & 0xff);
147: }
148:
149: static curl_off_t smb_swap64(curl_off_t x)
150: {
151: return ((curl_off_t) smb_swap32((unsigned int) x) << 32) |
152: smb_swap32((unsigned int) (x >> 32));
153: }
154:
155: #else
156: # define smb_swap16(x) (x)
157: # define smb_swap32(x) (x)
158: # define smb_swap64(x) (x)
159: #endif
160:
161: /* SMB request state */
162: enum smb_req_state {
163: SMB_REQUESTING,
164: SMB_TREE_CONNECT,
165: SMB_OPEN,
166: SMB_DOWNLOAD,
167: SMB_UPLOAD,
168: SMB_CLOSE,
169: SMB_TREE_DISCONNECT,
170: SMB_DONE
171: };
172:
173: /* SMB request data */
174: struct smb_request {
175: enum smb_req_state state;
176: char *path;
177: unsigned short tid; /* Even if we connect to the same tree as another */
178: unsigned short fid; /* request, the tid will be different */
179: CURLcode result;
180: };
181:
182: static void conn_state(struct connectdata *conn, enum smb_conn_state newstate)
183: {
184: struct smb_conn *smbc = &conn->proto.smbc;
185: #if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
186: /* For debug purposes */
187: static const char * const names[] = {
188: "SMB_NOT_CONNECTED",
189: "SMB_CONNECTING",
190: "SMB_NEGOTIATE",
191: "SMB_SETUP",
192: "SMB_CONNECTED",
193: /* LAST */
194: };
195:
196: if(smbc->state != newstate)
197: infof(conn->data, "SMB conn %p state change from %s to %s\n",
198: (void *)smbc, names[smbc->state], names[newstate]);
199: #endif
200:
201: smbc->state = newstate;
202: }
203:
204: static void request_state(struct connectdata *conn,
205: enum smb_req_state newstate)
206: {
207: struct smb_request *req = conn->data->req.protop;
208: #if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
209: /* For debug purposes */
210: static const char * const names[] = {
211: "SMB_REQUESTING",
212: "SMB_TREE_CONNECT",
213: "SMB_OPEN",
214: "SMB_DOWNLOAD",
215: "SMB_UPLOAD",
216: "SMB_CLOSE",
217: "SMB_TREE_DISCONNECT",
218: "SMB_DONE",
219: /* LAST */
220: };
221:
222: if(req->state != newstate)
223: infof(conn->data, "SMB request %p state change from %s to %s\n",
224: (void *)req, names[req->state], names[newstate]);
225: #endif
226:
227: req->state = newstate;
228: }
229:
230: /* this should setup things in the connection, not in the easy
231: handle */
232: static CURLcode smb_setup_connection(struct connectdata *conn)
233: {
234: struct smb_request *req;
235:
236: /* Initialize the request state */
237: conn->data->req.protop = req = calloc(1, sizeof(struct smb_request));
238: if(!req)
239: return CURLE_OUT_OF_MEMORY;
240:
241: /* Parse the URL path */
242: return smb_parse_url_path(conn);
243: }
244:
245: static CURLcode smb_connect(struct connectdata *conn, bool *done)
246: {
247: struct smb_conn *smbc = &conn->proto.smbc;
248: char *slash;
249:
250: (void) done;
251:
252: /* Check we have a username and password to authenticate with */
253: if(!conn->bits.user_passwd)
254: return CURLE_LOGIN_DENIED;
255:
256: /* Initialize the connection state */
257: smbc->state = SMB_CONNECTING;
258: smbc->recv_buf = malloc(MAX_MESSAGE_SIZE);
259: if(!smbc->recv_buf)
260: return CURLE_OUT_OF_MEMORY;
261:
262: /* Multiple requests are allowed with this connection */
263: connkeep(conn, "SMB default");
264:
265: /* Parse the username, domain, and password */
266: slash = strchr(conn->user, '/');
267: if(!slash)
268: slash = strchr(conn->user, '\\');
269:
270: if(slash) {
271: smbc->user = slash + 1;
272: smbc->domain = strdup(conn->user);
273: if(!smbc->domain)
274: return CURLE_OUT_OF_MEMORY;
275: smbc->domain[slash - conn->user] = 0;
276: }
277: else {
278: smbc->user = conn->user;
279: smbc->domain = strdup(conn->host.name);
280: if(!smbc->domain)
281: return CURLE_OUT_OF_MEMORY;
282: }
283:
284: return CURLE_OK;
285: }
286:
287: static CURLcode smb_recv_message(struct connectdata *conn, void **msg)
288: {
289: struct smb_conn *smbc = &conn->proto.smbc;
290: char *buf = smbc->recv_buf;
291: ssize_t bytes_read;
292: size_t nbt_size;
293: size_t msg_size;
294: size_t len = MAX_MESSAGE_SIZE - smbc->got;
295: CURLcode result;
296:
297: result = Curl_read(conn, FIRSTSOCKET, buf + smbc->got, len, &bytes_read);
298: if(result)
299: return result;
300:
301: if(!bytes_read)
302: return CURLE_OK;
303:
304: smbc->got += bytes_read;
305:
306: /* Check for a 32-bit nbt header */
307: if(smbc->got < sizeof(unsigned int))
308: return CURLE_OK;
309:
310: nbt_size = Curl_read16_be((const unsigned char *)
311: (buf + sizeof(unsigned short))) +
312: sizeof(unsigned int);
313: if(smbc->got < nbt_size)
314: return CURLE_OK;
315:
316: msg_size = sizeof(struct smb_header);
317: if(nbt_size >= msg_size + 1) {
318: /* Add the word count */
319: msg_size += 1 + ((unsigned char) buf[msg_size]) * sizeof(unsigned short);
320: if(nbt_size >= msg_size + sizeof(unsigned short)) {
321: /* Add the byte count */
322: msg_size += sizeof(unsigned short) +
323: Curl_read16_le((const unsigned char *)&buf[msg_size]);
324: if(nbt_size < msg_size)
325: return CURLE_READ_ERROR;
326: }
327: }
328:
329: *msg = buf;
330:
331: return CURLE_OK;
332: }
333:
334: static void smb_pop_message(struct connectdata *conn)
335: {
336: struct smb_conn *smbc = &conn->proto.smbc;
337:
338: smbc->got = 0;
339: }
340:
341: static void smb_format_message(struct connectdata *conn, struct smb_header *h,
342: unsigned char cmd, size_t len)
343: {
344: struct smb_conn *smbc = &conn->proto.smbc;
345: struct smb_request *req = conn->data->req.protop;
346: unsigned int pid;
347:
348: memset(h, 0, sizeof(*h));
349: h->nbt_length = htons((unsigned short) (sizeof(*h) - sizeof(unsigned int) +
350: len));
351: memcpy((char *)h->magic, "\xffSMB", 4);
352: h->command = cmd;
353: h->flags = SMB_FLAGS_CANONICAL_PATHNAMES | SMB_FLAGS_CASELESS_PATHNAMES;
354: h->flags2 = smb_swap16(SMB_FLAGS2_IS_LONG_NAME | SMB_FLAGS2_KNOWS_LONG_NAME);
355: h->uid = smb_swap16(smbc->uid);
356: h->tid = smb_swap16(req->tid);
357: pid = getpid();
358: h->pid_high = smb_swap16((unsigned short)(pid >> 16));
359: h->pid = smb_swap16((unsigned short) pid);
360: }
361:
362: static CURLcode smb_send(struct connectdata *conn, ssize_t len,
363: size_t upload_size)
364: {
365: struct smb_conn *smbc = &conn->proto.smbc;
366: ssize_t bytes_written;
367: CURLcode result;
368:
369: result = Curl_write(conn, FIRSTSOCKET, conn->data->state.ulbuf,
370: len, &bytes_written);
371: if(result)
372: return result;
373:
374: if(bytes_written != len) {
375: smbc->send_size = len;
376: smbc->sent = bytes_written;
377: }
378:
379: smbc->upload_size = upload_size;
380:
381: return CURLE_OK;
382: }
383:
384: static CURLcode smb_flush(struct connectdata *conn)
385: {
386: struct smb_conn *smbc = &conn->proto.smbc;
387: ssize_t bytes_written;
388: ssize_t len = smbc->send_size - smbc->sent;
389: CURLcode result;
390:
391: if(!smbc->send_size)
392: return CURLE_OK;
393:
394: result = Curl_write(conn, FIRSTSOCKET,
395: conn->data->state.ulbuf + smbc->sent,
396: len, &bytes_written);
397: if(result)
398: return result;
399:
400: if(bytes_written != len)
401: smbc->sent += bytes_written;
402: else
403: smbc->send_size = 0;
404:
405: return CURLE_OK;
406: }
407:
408: static CURLcode smb_send_message(struct connectdata *conn, unsigned char cmd,
409: const void *msg, size_t msg_len)
410: {
411: CURLcode result = Curl_get_upload_buffer(conn->data);
412: if(result)
413: return result;
414: smb_format_message(conn, (struct smb_header *)conn->data->state.ulbuf,
415: cmd, msg_len);
416: memcpy(conn->data->state.ulbuf + sizeof(struct smb_header),
417: msg, msg_len);
418:
419: return smb_send(conn, sizeof(struct smb_header) + msg_len, 0);
420: }
421:
422: static CURLcode smb_send_negotiate(struct connectdata *conn)
423: {
424: const char *msg = "\x00\x0c\x00\x02NT LM 0.12";
425:
426: return smb_send_message(conn, SMB_COM_NEGOTIATE, msg, 15);
427: }
428:
429: static CURLcode smb_send_setup(struct connectdata *conn)
430: {
431: struct smb_conn *smbc = &conn->proto.smbc;
432: struct smb_setup msg;
433: char *p = msg.bytes;
434: unsigned char lm_hash[21];
435: unsigned char lm[24];
436: unsigned char nt_hash[21];
437: unsigned char nt[24];
438:
439: size_t byte_count = sizeof(lm) + sizeof(nt);
440: byte_count += strlen(smbc->user) + strlen(smbc->domain);
441: byte_count += strlen(OS) + strlen(CLIENTNAME) + 4; /* 4 null chars */
442: if(byte_count > sizeof(msg.bytes))
443: return CURLE_FILESIZE_EXCEEDED;
444:
445: Curl_ntlm_core_mk_lm_hash(conn->data, conn->passwd, lm_hash);
446: Curl_ntlm_core_lm_resp(lm_hash, smbc->challenge, lm);
447: #ifdef USE_NTRESPONSES
448: Curl_ntlm_core_mk_nt_hash(conn->data, conn->passwd, nt_hash);
449: Curl_ntlm_core_lm_resp(nt_hash, smbc->challenge, nt);
450: #else
451: memset(nt, 0, sizeof(nt));
452: #endif
453:
454: memset(&msg, 0, sizeof(msg));
455: msg.word_count = SMB_WC_SETUP_ANDX;
456: msg.andx.command = SMB_COM_NO_ANDX_COMMAND;
457: msg.max_buffer_size = smb_swap16(MAX_MESSAGE_SIZE);
458: msg.max_mpx_count = smb_swap16(1);
459: msg.vc_number = smb_swap16(1);
460: msg.session_key = smb_swap32(smbc->session_key);
461: msg.capabilities = smb_swap32(SMB_CAP_LARGE_FILES);
462: msg.lengths[0] = smb_swap16(sizeof(lm));
463: msg.lengths[1] = smb_swap16(sizeof(nt));
464: memcpy(p, lm, sizeof(lm));
465: p += sizeof(lm);
466: memcpy(p, nt, sizeof(nt));
467: p += sizeof(nt);
468: MSGCATNULL(smbc->user);
469: MSGCATNULL(smbc->domain);
470: MSGCATNULL(OS);
471: MSGCATNULL(CLIENTNAME);
472: byte_count = p - msg.bytes;
473: msg.byte_count = smb_swap16((unsigned short)byte_count);
474:
475: return smb_send_message(conn, SMB_COM_SETUP_ANDX, &msg,
476: sizeof(msg) - sizeof(msg.bytes) + byte_count);
477: }
478:
479: static CURLcode smb_send_tree_connect(struct connectdata *conn)
480: {
481: struct smb_tree_connect msg;
482: struct smb_conn *smbc = &conn->proto.smbc;
483: char *p = msg.bytes;
484:
485: size_t byte_count = strlen(conn->host.name) + strlen(smbc->share);
486: byte_count += strlen(SERVICENAME) + 5; /* 2 nulls and 3 backslashes */
487: if(byte_count > sizeof(msg.bytes))
488: return CURLE_FILESIZE_EXCEEDED;
489:
490: memset(&msg, 0, sizeof(msg));
491: msg.word_count = SMB_WC_TREE_CONNECT_ANDX;
492: msg.andx.command = SMB_COM_NO_ANDX_COMMAND;
493: msg.pw_len = 0;
494: MSGCAT("\\\\");
495: MSGCAT(conn->host.name);
496: MSGCAT("\\");
497: MSGCATNULL(smbc->share);
498: MSGCATNULL(SERVICENAME); /* Match any type of service */
499: byte_count = p - msg.bytes;
500: msg.byte_count = smb_swap16((unsigned short)byte_count);
501:
502: return smb_send_message(conn, SMB_COM_TREE_CONNECT_ANDX, &msg,
503: sizeof(msg) - sizeof(msg.bytes) + byte_count);
504: }
505:
506: static CURLcode smb_send_open(struct connectdata *conn)
507: {
508: struct smb_request *req = conn->data->req.protop;
509: struct smb_nt_create msg;
510: size_t byte_count;
511:
512: if((strlen(req->path) + 1) > sizeof(msg.bytes))
513: return CURLE_FILESIZE_EXCEEDED;
514:
515: memset(&msg, 0, sizeof(msg));
516: msg.word_count = SMB_WC_NT_CREATE_ANDX;
517: msg.andx.command = SMB_COM_NO_ANDX_COMMAND;
518: byte_count = strlen(req->path);
519: msg.name_length = smb_swap16((unsigned short)byte_count);
520: msg.share_access = smb_swap32(SMB_FILE_SHARE_ALL);
521: if(conn->data->set.upload) {
522: msg.access = smb_swap32(SMB_GENERIC_READ | SMB_GENERIC_WRITE);
523: msg.create_disposition = smb_swap32(SMB_FILE_OVERWRITE_IF);
524: }
525: else {
526: msg.access = smb_swap32(SMB_GENERIC_READ);
527: msg.create_disposition = smb_swap32(SMB_FILE_OPEN);
528: }
529: msg.byte_count = smb_swap16((unsigned short) ++byte_count);
530: strcpy(msg.bytes, req->path);
531:
532: return smb_send_message(conn, SMB_COM_NT_CREATE_ANDX, &msg,
533: sizeof(msg) - sizeof(msg.bytes) + byte_count);
534: }
535:
536: static CURLcode smb_send_close(struct connectdata *conn)
537: {
538: struct smb_request *req = conn->data->req.protop;
539: struct smb_close msg;
540:
541: memset(&msg, 0, sizeof(msg));
542: msg.word_count = SMB_WC_CLOSE;
543: msg.fid = smb_swap16(req->fid);
544:
545: return smb_send_message(conn, SMB_COM_CLOSE, &msg, sizeof(msg));
546: }
547:
548: static CURLcode smb_send_tree_disconnect(struct connectdata *conn)
549: {
550: struct smb_tree_disconnect msg;
551:
552: memset(&msg, 0, sizeof(msg));
553:
554: return smb_send_message(conn, SMB_COM_TREE_DISCONNECT, &msg, sizeof(msg));
555: }
556:
557: static CURLcode smb_send_read(struct connectdata *conn)
558: {
559: struct smb_request *req = conn->data->req.protop;
560: curl_off_t offset = conn->data->req.offset;
561: struct smb_read msg;
562:
563: memset(&msg, 0, sizeof(msg));
564: msg.word_count = SMB_WC_READ_ANDX;
565: msg.andx.command = SMB_COM_NO_ANDX_COMMAND;
566: msg.fid = smb_swap16(req->fid);
567: msg.offset = smb_swap32((unsigned int) offset);
568: msg.offset_high = smb_swap32((unsigned int) (offset >> 32));
569: msg.min_bytes = smb_swap16(MAX_PAYLOAD_SIZE);
570: msg.max_bytes = smb_swap16(MAX_PAYLOAD_SIZE);
571:
572: return smb_send_message(conn, SMB_COM_READ_ANDX, &msg, sizeof(msg));
573: }
574:
575: static CURLcode smb_send_write(struct connectdata *conn)
576: {
577: struct smb_write *msg;
578: struct smb_request *req = conn->data->req.protop;
579: curl_off_t offset = conn->data->req.offset;
580: curl_off_t upload_size = conn->data->req.size - conn->data->req.bytecount;
581: CURLcode result = Curl_get_upload_buffer(conn->data);
582: if(result)
583: return result;
584: msg = (struct smb_write *)conn->data->state.ulbuf;
585:
586: if(upload_size >= MAX_PAYLOAD_SIZE - 1) /* There is one byte of padding */
587: upload_size = MAX_PAYLOAD_SIZE - 1;
588:
589: memset(msg, 0, sizeof(*msg));
590: msg->word_count = SMB_WC_WRITE_ANDX;
591: msg->andx.command = SMB_COM_NO_ANDX_COMMAND;
592: msg->fid = smb_swap16(req->fid);
593: msg->offset = smb_swap32((unsigned int) offset);
594: msg->offset_high = smb_swap32((unsigned int) (offset >> 32));
595: msg->data_length = smb_swap16((unsigned short) upload_size);
596: msg->data_offset = smb_swap16(sizeof(*msg) - sizeof(unsigned int));
597: msg->byte_count = smb_swap16((unsigned short) (upload_size + 1));
598:
599: smb_format_message(conn, &msg->h, SMB_COM_WRITE_ANDX,
600: sizeof(*msg) - sizeof(msg->h) + (size_t) upload_size);
601:
602: return smb_send(conn, sizeof(*msg), (size_t) upload_size);
603: }
604:
605: static CURLcode smb_send_and_recv(struct connectdata *conn, void **msg)
606: {
607: struct smb_conn *smbc = &conn->proto.smbc;
608: CURLcode result;
609: *msg = NULL; /* if it returns early */
610:
611: /* Check if there is data in the transfer buffer */
612: if(!smbc->send_size && smbc->upload_size) {
613: size_t nread = smbc->upload_size > conn->data->set.upload_buffer_size ?
614: conn->data->set.upload_buffer_size :
615: smbc->upload_size;
616: conn->data->req.upload_fromhere = conn->data->state.ulbuf;
617: result = Curl_fillreadbuffer(conn, nread, &nread);
618: if(result && result != CURLE_AGAIN)
619: return result;
620: if(!nread)
621: return CURLE_OK;
622:
623: smbc->upload_size -= nread;
624: smbc->send_size = nread;
625: smbc->sent = 0;
626: }
627:
628: /* Check if there is data to send */
629: if(smbc->send_size) {
630: result = smb_flush(conn);
631: if(result)
632: return result;
633: }
634:
635: /* Check if there is still data to be sent */
636: if(smbc->send_size || smbc->upload_size)
637: return CURLE_AGAIN;
638:
639: return smb_recv_message(conn, msg);
640: }
641:
642: static CURLcode smb_connection_state(struct connectdata *conn, bool *done)
643: {
644: struct smb_conn *smbc = &conn->proto.smbc;
645: struct smb_negotiate_response *nrsp;
646: struct smb_header *h;
647: CURLcode result;
648: void *msg = NULL;
649:
650: if(smbc->state == SMB_CONNECTING) {
651: #ifdef USE_SSL
652: if((conn->handler->flags & PROTOPT_SSL)) {
653: bool ssl_done = FALSE;
654: result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, &ssl_done);
655: if(result && result != CURLE_AGAIN)
656: return result;
657: if(!ssl_done)
658: return CURLE_OK;
659: }
660: #endif
661:
662: result = smb_send_negotiate(conn);
663: if(result) {
664: connclose(conn, "SMB: failed to send negotiate message");
665: return result;
666: }
667:
668: conn_state(conn, SMB_NEGOTIATE);
669: }
670:
671: /* Send the previous message and check for a response */
672: result = smb_send_and_recv(conn, &msg);
673: if(result && result != CURLE_AGAIN) {
674: connclose(conn, "SMB: failed to communicate");
675: return result;
676: }
677:
678: if(!msg)
679: return CURLE_OK;
680:
681: h = msg;
682:
683: switch(smbc->state) {
684: case SMB_NEGOTIATE:
685: if((smbc->got < sizeof(*nrsp) + sizeof(smbc->challenge) - 1) ||
686: h->status) {
687: connclose(conn, "SMB: negotiation failed");
688: return CURLE_COULDNT_CONNECT;
689: }
690: nrsp = msg;
691: memcpy(smbc->challenge, nrsp->bytes, sizeof(smbc->challenge));
692: smbc->session_key = smb_swap32(nrsp->session_key);
693: result = smb_send_setup(conn);
694: if(result) {
695: connclose(conn, "SMB: failed to send setup message");
696: return result;
697: }
698: conn_state(conn, SMB_SETUP);
699: break;
700:
701: case SMB_SETUP:
702: if(h->status) {
703: connclose(conn, "SMB: authentication failed");
704: return CURLE_LOGIN_DENIED;
705: }
706: smbc->uid = smb_swap16(h->uid);
707: conn_state(conn, SMB_CONNECTED);
708: *done = true;
709: break;
710:
711: default:
712: smb_pop_message(conn);
713: return CURLE_OK; /* ignore */
714: }
715:
716: smb_pop_message(conn);
717:
718: return CURLE_OK;
719: }
720:
721: /*
722: * Convert a timestamp from the Windows world (100 nsec units from 1 Jan 1601)
723: * to Posix time. Cap the output to fit within a time_t.
724: */
725: static void get_posix_time(time_t *out, curl_off_t timestamp)
726: {
727: timestamp -= 116444736000000000;
728: timestamp /= 10000000;
729: #if SIZEOF_TIME_T < SIZEOF_CURL_OFF_T
730: if(timestamp > TIME_T_MAX)
731: *out = TIME_T_MAX;
732: else if(timestamp < TIME_T_MIN)
733: *out = TIME_T_MIN;
734: else
735: #endif
736: *out = (time_t) timestamp;
737: }
738:
739: static CURLcode smb_request_state(struct connectdata *conn, bool *done)
740: {
741: struct smb_request *req = conn->data->req.protop;
742: struct smb_header *h;
743: struct smb_conn *smbc = &conn->proto.smbc;
744: enum smb_req_state next_state = SMB_DONE;
745: unsigned short len;
746: unsigned short off;
747: CURLcode result;
748: void *msg = NULL;
749: const struct smb_nt_create_response *smb_m;
750:
751: /* Start the request */
752: if(req->state == SMB_REQUESTING) {
753: result = smb_send_tree_connect(conn);
754: if(result) {
755: connclose(conn, "SMB: failed to send tree connect message");
756: return result;
757: }
758:
759: request_state(conn, SMB_TREE_CONNECT);
760: }
761:
762: /* Send the previous message and check for a response */
763: result = smb_send_and_recv(conn, &msg);
764: if(result && result != CURLE_AGAIN) {
765: connclose(conn, "SMB: failed to communicate");
766: return result;
767: }
768:
769: if(!msg)
770: return CURLE_OK;
771:
772: h = msg;
773:
774: switch(req->state) {
775: case SMB_TREE_CONNECT:
776: if(h->status) {
777: req->result = CURLE_REMOTE_FILE_NOT_FOUND;
778: if(h->status == smb_swap32(SMB_ERR_NOACCESS))
779: req->result = CURLE_REMOTE_ACCESS_DENIED;
780: break;
781: }
782: req->tid = smb_swap16(h->tid);
783: next_state = SMB_OPEN;
784: break;
785:
786: case SMB_OPEN:
787: if(h->status || smbc->got < sizeof(struct smb_nt_create_response)) {
788: req->result = CURLE_REMOTE_FILE_NOT_FOUND;
789: if(h->status == smb_swap32(SMB_ERR_NOACCESS))
790: req->result = CURLE_REMOTE_ACCESS_DENIED;
791: next_state = SMB_TREE_DISCONNECT;
792: break;
793: }
794: smb_m = (const struct smb_nt_create_response*) msg;
795: req->fid = smb_swap16(smb_m->fid);
796: conn->data->req.offset = 0;
797: if(conn->data->set.upload) {
798: conn->data->req.size = conn->data->state.infilesize;
799: Curl_pgrsSetUploadSize(conn->data, conn->data->req.size);
800: next_state = SMB_UPLOAD;
801: }
802: else {
803: smb_m = (const struct smb_nt_create_response*) msg;
804: conn->data->req.size = smb_swap64(smb_m->end_of_file);
805: if(conn->data->req.size < 0) {
806: req->result = CURLE_WEIRD_SERVER_REPLY;
807: next_state = SMB_CLOSE;
808: }
809: else {
810: Curl_pgrsSetDownloadSize(conn->data, conn->data->req.size);
811: if(conn->data->set.get_filetime)
812: get_posix_time(&conn->data->info.filetime, smb_m->last_change_time);
813: next_state = SMB_DOWNLOAD;
814: }
815: }
816: break;
817:
818: case SMB_DOWNLOAD:
819: if(h->status || smbc->got < sizeof(struct smb_header) + 14) {
820: req->result = CURLE_RECV_ERROR;
821: next_state = SMB_CLOSE;
822: break;
823: }
824: len = Curl_read16_le(((const unsigned char *) msg) +
825: sizeof(struct smb_header) + 11);
826: off = Curl_read16_le(((const unsigned char *) msg) +
827: sizeof(struct smb_header) + 13);
828: if(len > 0) {
829: if(off + sizeof(unsigned int) + len > smbc->got) {
830: failf(conn->data, "Invalid input packet");
831: result = CURLE_RECV_ERROR;
832: }
833: else
834: result = Curl_client_write(conn, CLIENTWRITE_BODY,
835: (char *)msg + off + sizeof(unsigned int),
836: len);
837: if(result) {
838: req->result = result;
839: next_state = SMB_CLOSE;
840: break;
841: }
842: }
843: conn->data->req.bytecount += len;
844: conn->data->req.offset += len;
845: Curl_pgrsSetDownloadCounter(conn->data, conn->data->req.bytecount);
846: next_state = (len < MAX_PAYLOAD_SIZE) ? SMB_CLOSE : SMB_DOWNLOAD;
847: break;
848:
849: case SMB_UPLOAD:
850: if(h->status || smbc->got < sizeof(struct smb_header) + 6) {
851: req->result = CURLE_UPLOAD_FAILED;
852: next_state = SMB_CLOSE;
853: break;
854: }
855: len = Curl_read16_le(((const unsigned char *) msg) +
856: sizeof(struct smb_header) + 5);
857: conn->data->req.bytecount += len;
858: conn->data->req.offset += len;
859: Curl_pgrsSetUploadCounter(conn->data, conn->data->req.bytecount);
860: if(conn->data->req.bytecount >= conn->data->req.size)
861: next_state = SMB_CLOSE;
862: else
863: next_state = SMB_UPLOAD;
864: break;
865:
866: case SMB_CLOSE:
867: /* We don't care if the close failed, proceed to tree disconnect anyway */
868: next_state = SMB_TREE_DISCONNECT;
869: break;
870:
871: case SMB_TREE_DISCONNECT:
872: next_state = SMB_DONE;
873: break;
874:
875: default:
876: smb_pop_message(conn);
877: return CURLE_OK; /* ignore */
878: }
879:
880: smb_pop_message(conn);
881:
882: switch(next_state) {
883: case SMB_OPEN:
884: result = smb_send_open(conn);
885: break;
886:
887: case SMB_DOWNLOAD:
888: result = smb_send_read(conn);
889: break;
890:
891: case SMB_UPLOAD:
892: result = smb_send_write(conn);
893: break;
894:
895: case SMB_CLOSE:
896: result = smb_send_close(conn);
897: break;
898:
899: case SMB_TREE_DISCONNECT:
900: result = smb_send_tree_disconnect(conn);
901: break;
902:
903: case SMB_DONE:
904: result = req->result;
905: *done = true;
906: break;
907:
908: default:
909: break;
910: }
911:
912: if(result) {
913: connclose(conn, "SMB: failed to send message");
914: return result;
915: }
916:
917: request_state(conn, next_state);
918:
919: return CURLE_OK;
920: }
921:
922: static CURLcode smb_done(struct connectdata *conn, CURLcode status,
923: bool premature)
924: {
925: (void) premature;
926: Curl_safefree(conn->data->req.protop);
927: return status;
928: }
929:
930: static CURLcode smb_disconnect(struct connectdata *conn, bool dead)
931: {
932: struct smb_conn *smbc = &conn->proto.smbc;
933: (void) dead;
934: Curl_safefree(smbc->share);
935: Curl_safefree(smbc->domain);
936: Curl_safefree(smbc->recv_buf);
937: return CURLE_OK;
938: }
939:
940: static int smb_getsock(struct connectdata *conn, curl_socket_t *socks)
941: {
942: socks[0] = conn->sock[FIRSTSOCKET];
943: return GETSOCK_READSOCK(0) | GETSOCK_WRITESOCK(0);
944: }
945:
946: static CURLcode smb_do(struct connectdata *conn, bool *done)
947: {
948: struct smb_conn *smbc = &conn->proto.smbc;
949:
950: *done = FALSE;
951: if(smbc->share) {
952: return CURLE_OK;
953: }
954: return CURLE_URL_MALFORMAT;
955: }
956:
957: static CURLcode smb_parse_url_path(struct connectdata *conn)
958: {
959: struct Curl_easy *data = conn->data;
960: struct smb_request *req = data->req.protop;
961: struct smb_conn *smbc = &conn->proto.smbc;
962: char *path;
963: char *slash;
964:
965: /* URL decode the path */
966: CURLcode result = Curl_urldecode(data, data->state.up.path, 0, &path, NULL,
967: TRUE);
968: if(result)
969: return result;
970:
971: /* Parse the path for the share */
972: smbc->share = strdup((*path == '/' || *path == '\\') ? path + 1 : path);
973: free(path);
974: if(!smbc->share)
975: return CURLE_OUT_OF_MEMORY;
976:
977: slash = strchr(smbc->share, '/');
978: if(!slash)
979: slash = strchr(smbc->share, '\\');
980:
981: /* The share must be present */
982: if(!slash) {
983: Curl_safefree(smbc->share);
984: return CURLE_URL_MALFORMAT;
985: }
986:
987: /* Parse the path for the file path converting any forward slashes into
988: backslashes */
989: *slash++ = 0;
990: req->path = slash;
991:
992: for(; *slash; slash++) {
993: if(*slash == '/')
994: *slash = '\\';
995: }
996: return CURLE_OK;
997: }
998:
999: #endif /* !USE_WINDOWS_SSPI || USE_WIN32_CRYPTO */
1000:
1001: #endif /* CURL_DISABLE_SMB && USE_NTLM && CURL_SIZEOF_CURL_OFF_T > 4 */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to smb.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / curl / lib