|
|
|
|
@ -81,6 +81,39 @@ static struct { |
|
|
|
|
#endif /* CONFIG_CIFS_WEAK_PW_HASH */ |
|
|
|
|
#endif /* CIFS_POSIX */ |
|
|
|
|
|
|
|
|
|
/* Allocates buffer into dst and copies smb string from src to it.
|
|
|
|
|
* caller is responsible for freeing dst if function returned 0. |
|
|
|
|
* returns: |
|
|
|
|
* on success - 0 |
|
|
|
|
* on failure - errno |
|
|
|
|
*/ |
|
|
|
|
static int |
|
|
|
|
cifs_strncpy_to_host(char **dst, const char *src, const int maxlen, |
|
|
|
|
const bool is_unicode, const struct nls_table *nls_codepage) |
|
|
|
|
{ |
|
|
|
|
int plen; |
|
|
|
|
|
|
|
|
|
if (is_unicode) { |
|
|
|
|
plen = UniStrnlen((wchar_t *)src, maxlen); |
|
|
|
|
*dst = kmalloc(plen + 2, GFP_KERNEL); |
|
|
|
|
if (!*dst) |
|
|
|
|
goto cifs_strncpy_to_host_ErrExit; |
|
|
|
|
cifs_strfromUCS_le(*dst, (__le16 *)src, plen, nls_codepage); |
|
|
|
|
} else { |
|
|
|
|
plen = strnlen(src, maxlen); |
|
|
|
|
*dst = kmalloc(plen + 2, GFP_KERNEL); |
|
|
|
|
if (!*dst) |
|
|
|
|
goto cifs_strncpy_to_host_ErrExit; |
|
|
|
|
strncpy(*dst, src, plen); |
|
|
|
|
} |
|
|
|
|
(*dst)[plen] = 0; |
|
|
|
|
return 0; |
|
|
|
|
|
|
|
|
|
cifs_strncpy_to_host_ErrExit: |
|
|
|
|
cERROR(1, ("Failed to allocate buffer for string\n")); |
|
|
|
|
return -ENOMEM; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Mark as invalid, all open files on tree connections since they
|
|
|
|
|
were closed when session to server was lost */ |
|
|
|
|
@ -3867,6 +3900,96 @@ GetInodeNumOut: |
|
|
|
|
return rc; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
/* parses DFS refferal V3 structure
|
|
|
|
|
* caller is responsible for freeing target_nodes |
|
|
|
|
* returns: |
|
|
|
|
* on success - 0 |
|
|
|
|
* on failure - errno |
|
|
|
|
*/ |
|
|
|
|
static int |
|
|
|
|
parse_DFS_REFERRALS(TRANSACTION2_GET_DFS_REFER_RSP *pSMBr, |
|
|
|
|
unsigned int *num_of_nodes, |
|
|
|
|
struct dfs_info3_param **target_nodes, |
|
|
|
|
const struct nls_table *nls_codepage) |
|
|
|
|
{ |
|
|
|
|
int i, rc = 0; |
|
|
|
|
char *data_end; |
|
|
|
|
bool is_unicode; |
|
|
|
|
struct dfs_referral_level_3 *ref; |
|
|
|
|
|
|
|
|
|
is_unicode = pSMBr->hdr.Flags2 & SMBFLG2_UNICODE; |
|
|
|
|
*num_of_nodes = le16_to_cpu(pSMBr->NumberOfReferrals); |
|
|
|
|
|
|
|
|
|
if (*num_of_nodes < 1) { |
|
|
|
|
cERROR(1, ("num_referrals: must be at least > 0," |
|
|
|
|
"but we get num_referrals = %d\n", *num_of_nodes)); |
|
|
|
|
rc = -EINVAL; |
|
|
|
|
goto parse_DFS_REFERRALS_exit; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
ref = (struct dfs_referral_level_3 *) &(pSMBr->referrals); |
|
|
|
|
if (ref->VersionNumber != 3) { |
|
|
|
|
cERROR(1, ("Referrals of V%d version are not supported," |
|
|
|
|
"should be V3", ref->VersionNumber)); |
|
|
|
|
rc = -EINVAL; |
|
|
|
|
goto parse_DFS_REFERRALS_exit; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
/* get the upper boundary of the resp buffer */ |
|
|
|
|
data_end = (char *)(&(pSMBr->PathConsumed)) + |
|
|
|
|
le16_to_cpu(pSMBr->t2.DataCount); |
|
|
|
|
|
|
|
|
|
cFYI(1, ("num_referrals: %d dfs flags: 0x%x ... \n", |
|
|
|
|
*num_of_nodes, |
|
|
|
|
le16_to_cpu(pSMBr->DFSFlags))); |
|
|
|
|
|
|
|
|
|
*target_nodes = kzalloc(sizeof(struct dfs_info3_param) * |
|
|
|
|
*num_of_nodes, GFP_KERNEL); |
|
|
|
|
if (*target_nodes == NULL) { |
|
|
|
|
cERROR(1, ("Failed to allocate buffer for target_nodes\n")); |
|
|
|
|
rc = -ENOMEM; |
|
|
|
|
goto parse_DFS_REFERRALS_exit; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
/* collect neccessary data from referrals */ |
|
|
|
|
for (i = 0; i < *num_of_nodes; i++) { |
|
|
|
|
char *temp; |
|
|
|
|
int max_len; |
|
|
|
|
struct dfs_info3_param *node = (*target_nodes)+i; |
|
|
|
|
|
|
|
|
|
node->flags = le16_to_cpu(pSMBr->DFSFlags); |
|
|
|
|
node->path_consumed = le16_to_cpu(pSMBr->PathConsumed); |
|
|
|
|
node->server_type = le16_to_cpu(ref->ServerType); |
|
|
|
|
node->ref_flag = le16_to_cpu(ref->ReferralEntryFlags); |
|
|
|
|
|
|
|
|
|
/* copy DfsPath */ |
|
|
|
|
temp = (char *)ref + le16_to_cpu(ref->DfsPathOffset); |
|
|
|
|
max_len = data_end - temp; |
|
|
|
|
rc = cifs_strncpy_to_host(&(node->path_name), temp, |
|
|
|
|
max_len, is_unicode, nls_codepage); |
|
|
|
|
if (rc) |
|
|
|
|
goto parse_DFS_REFERRALS_exit; |
|
|
|
|
|
|
|
|
|
/* copy link target UNC */ |
|
|
|
|
temp = (char *)ref + le16_to_cpu(ref->NetworkAddressOffset); |
|
|
|
|
max_len = data_end - temp; |
|
|
|
|
rc = cifs_strncpy_to_host(&(node->node_name), temp, |
|
|
|
|
max_len, is_unicode, nls_codepage); |
|
|
|
|
if (rc) |
|
|
|
|
goto parse_DFS_REFERRALS_exit; |
|
|
|
|
|
|
|
|
|
ref += ref->Size; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
parse_DFS_REFERRALS_exit: |
|
|
|
|
if (rc) { |
|
|
|
|
free_dfs_info_array(*target_nodes, *num_of_nodes); |
|
|
|
|
*target_nodes = NULL; |
|
|
|
|
*num_of_nodes = 0; |
|
|
|
|
} |
|
|
|
|
return rc; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
int |
|
|
|
|
CIFSGetDFSRefer(const int xid, struct cifsSesInfo *ses, |
|
|
|
|
const unsigned char *searchName, |
|
|
|
|
@ -3877,12 +4000,9 @@ CIFSGetDFSRefer(const int xid, struct cifsSesInfo *ses, |
|
|
|
|
/* TRANS2_GET_DFS_REFERRAL */ |
|
|
|
|
TRANSACTION2_GET_DFS_REFER_REQ *pSMB = NULL; |
|
|
|
|
TRANSACTION2_GET_DFS_REFER_RSP *pSMBr = NULL; |
|
|
|
|
struct dfs_referral_level_3 *referrals = NULL; |
|
|
|
|
int rc = 0; |
|
|
|
|
int bytes_returned; |
|
|
|
|
int name_len; |
|
|
|
|
unsigned int i; |
|
|
|
|
char *temp; |
|
|
|
|
__u16 params, byte_count; |
|
|
|
|
*num_of_nodes = 0; |
|
|
|
|
*target_nodes = NULL; |
|
|
|
|
@ -3960,80 +4080,19 @@ getDFSRetry: |
|
|
|
|
rc = validate_t2((struct smb_t2_rsp *)pSMBr); |
|
|
|
|
|
|
|
|
|
/* BB Also check if enough total bytes returned? */ |
|
|
|
|
if (rc || (pSMBr->ByteCount < 17)) |
|
|
|
|
if (rc || (pSMBr->ByteCount < 17)) { |
|
|
|
|
rc = -EIO; /* bad smb */ |
|
|
|
|
else { |
|
|
|
|
__u16 data_offset = le16_to_cpu(pSMBr->t2.DataOffset); |
|
|
|
|
__u16 data_count = le16_to_cpu(pSMBr->t2.DataCount); |
|
|
|
|
|
|
|
|
|
cFYI(1, ("Decoding GetDFSRefer response BCC: %d Offset %d", |
|
|
|
|
pSMBr->ByteCount, data_offset)); |
|
|
|
|
referrals = |
|
|
|
|
(struct dfs_referral_level_3 *) |
|
|
|
|
(8 /* sizeof start of data block */ + |
|
|
|
|
data_offset + |
|
|
|
|
(char *) &pSMBr->hdr.Protocol); |
|
|
|
|
cFYI(1, ("num_referrals: %d dfs flags: 0x%x ... \n" |
|
|
|
|
"for referral one refer size: 0x%x srv " |
|
|
|
|
"type: 0x%x refer flags: 0x%x ttl: 0x%x", |
|
|
|
|
le16_to_cpu(pSMBr->NumberOfReferrals), |
|
|
|
|
le16_to_cpu(pSMBr->DFSFlags), |
|
|
|
|
le16_to_cpu(referrals->ReferralSize), |
|
|
|
|
le16_to_cpu(referrals->ServerType), |
|
|
|
|
le16_to_cpu(referrals->ReferralFlags), |
|
|
|
|
le16_to_cpu(referrals->TimeToLive))); |
|
|
|
|
/* BB This field is actually two bytes in from start of
|
|
|
|
|
data block so we could do safety check that DataBlock |
|
|
|
|
begins at address of pSMBr->NumberOfReferrals */ |
|
|
|
|
*num_of_nodes = le16_to_cpu(pSMBr->NumberOfReferrals); |
|
|
|
|
|
|
|
|
|
/* BB Fix below so can return more than one referral */ |
|
|
|
|
if (*num_of_nodes > 1) |
|
|
|
|
*num_of_nodes = 1; |
|
|
|
|
|
|
|
|
|
/* get the length of the strings describing refs */ |
|
|
|
|
name_len = 0; |
|
|
|
|
for (i = 0; i < *num_of_nodes; i++) { |
|
|
|
|
/* make sure that DfsPathOffset not past end */ |
|
|
|
|
__u16 offset = le16_to_cpu(referrals->DfsPathOffset); |
|
|
|
|
if (offset > data_count) { |
|
|
|
|
/* if invalid referral, stop here and do
|
|
|
|
|
not try to copy any more */ |
|
|
|
|
*num_of_nodes = i; |
|
|
|
|
break; |
|
|
|
|
} |
|
|
|
|
temp = ((char *)referrals) + offset; |
|
|
|
|
goto GetDFSRefExit; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if (pSMBr->hdr.Flags2 & SMBFLG2_UNICODE) { |
|
|
|
|
name_len += UniStrnlen((wchar_t *)temp, |
|
|
|
|
data_count); |
|
|
|
|
} else { |
|
|
|
|
name_len += strnlen(temp, data_count); |
|
|
|
|
} |
|
|
|
|
referrals++; |
|
|
|
|
/* BB add check that referral pointer does
|
|
|
|
|
not fall off end PDU */ |
|
|
|
|
} |
|
|
|
|
/* BB add check for name_len bigger than bcc */ |
|
|
|
|
*target_nodes = |
|
|
|
|
kmalloc(name_len+1+(*num_of_nodes), |
|
|
|
|
GFP_KERNEL); |
|
|
|
|
if (*target_nodes == NULL) { |
|
|
|
|
rc = -ENOMEM; |
|
|
|
|
goto GetDFSRefExit; |
|
|
|
|
} |
|
|
|
|
cFYI(1, ("Decoding GetDFSRefer response BCC: %d Offset %d", |
|
|
|
|
pSMBr->ByteCount, |
|
|
|
|
le16_to_cpu(pSMBr->t2.DataOffset))); |
|
|
|
|
|
|
|
|
|
referrals = (struct dfs_referral_level_3 *) |
|
|
|
|
(8 /* sizeof data hdr */ + data_offset + |
|
|
|
|
(char *) &pSMBr->hdr.Protocol); |
|
|
|
|
/* parse returned result into more usable form */ |
|
|
|
|
rc = parse_DFS_REFERRALS(pSMBr, num_of_nodes, |
|
|
|
|
target_nodes, nls_codepage); |
|
|
|
|
|
|
|
|
|
for (i = 0; i < *num_of_nodes; i++) { |
|
|
|
|
temp = ((char *)referrals) + |
|
|
|
|
le16_to_cpu(referrals->DfsPathOffset); |
|
|
|
|
/* BB update target_uncs pointers */ |
|
|
|
|
referrals++; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
GetDFSRefExit: |
|
|
|
|
if (pSMB) |
|
|
|
|
cifs_buf_release(pSMB); |
|
|
|
|
|
Igor Mammedov
17 years ago
committed by