smbd/pipes.c

ソースコードを見る。

データ構造

struct  pipe_dbrec

関数

int reply_open_pipe_and_X (connection_struct *conn, char *inbuf, char *outbuf, int length, int bufsize)
int reply_pipe_write (char *inbuf, char *outbuf, int length, int dum_bufsize)
int reply_pipe_write_and_X (char *inbuf, char *outbuf, int length, int bufsize)
int reply_pipe_read_and_X (char *inbuf, char *outbuf, int length, int bufsize)
int reply_pipe_close (connection_struct *conn, char *inbuf, char *outbuf)

変数

pipe_id_info pipe_names []

関数

int reply_open_pipe_and_X ( connection_struct conn,
char *  inbuf,
char *  outbuf,
int  length,
int  bufsize 
)

pipes.c57 行で定義されています。

参照先 chain_reply()pipe_id_info::client_pipeopen_rpc_pipe_p()pipe_namessmb_np_struct::pnumset_message()sizesrv_put_dos_date3()strequal().

参照元 reply_open_and_X().

00059 {
00060         pstring fname;
00061         pstring pipe_name;
00062         uint16 vuid = SVAL(inbuf, smb_uid);
00063         smb_np_struct *p;
00064         int size=0,fmode=0,mtime=0,rmode=0;
00065         int i;
00066 
00067         /* XXXX we need to handle passed times, sattr and flags */
00068         srvstr_pull_buf(inbuf, pipe_name, smb_buf(inbuf), sizeof(pipe_name), STR_TERMINATE);
00069 
00070         /* If the name doesn't start \PIPE\ then this is directed */
00071         /* at a mailslot or something we really, really don't understand, */
00072         /* not just something we really don't understand. */
00073         if ( strncmp(pipe_name,PIPE,PIPELEN) != 0 ) {
00074                 return(ERROR_DOS(ERRSRV,ERRaccess));
00075         }
00076 
00077         DEBUG(4,("Opening pipe %s.\n", pipe_name));
00078 
00079         /* See if it is one we want to handle. */
00080         for( i = 0; pipe_names[i].client_pipe ; i++ ) {
00081                 if( strequal(pipe_name,pipe_names[i].client_pipe)) {
00082                         break;
00083                 }
00084         }
00085 
00086         if (pipe_names[i].client_pipe == NULL) {
00087                 return(ERROR_BOTH(NT_STATUS_OBJECT_NAME_NOT_FOUND,ERRDOS,ERRbadpipe));
00088         }
00089 
00090         /* Strip \PIPE\ off the name. */
00091         pstrcpy(fname, pipe_name + PIPELEN);
00092 
00093 #if 0
00094         /*
00095          * Hack for NT printers... JRA.
00096          */
00097     if(should_fail_next_srvsvc_open(fname))
00098       return(ERROR(ERRSRV,ERRaccess));
00099 #endif
00100 
00101         /* Known pipes arrive with DIR attribs. Remove it so a regular file */
00102         /* can be opened and add it in after the open. */
00103         DEBUG(3,("Known pipe %s opening.\n",fname));
00104 
00105         p = open_rpc_pipe_p(fname, conn, vuid);
00106         if (!p) {
00107                 return(ERROR_DOS(ERRSRV,ERRnofids));
00108         }
00109 
00110         /* Prepare the reply */
00111         set_message(outbuf,15,0,True);
00112 
00113         /* Mark the opened file as an existing named pipe in message mode. */
00114         SSVAL(outbuf,smb_vwv9,2);
00115         SSVAL(outbuf,smb_vwv10,0xc700);
00116 
00117         if (rmode == 2) {
00118                 DEBUG(4,("Resetting open result to open from create.\n"));
00119                 rmode = 1;
00120         }
00121 
00122         SSVAL(outbuf,smb_vwv2, p->pnum);
00123         SSVAL(outbuf,smb_vwv3,fmode);
00124         srv_put_dos_date3(outbuf,smb_vwv4,mtime);
00125         SIVAL(outbuf,smb_vwv6,size);
00126         SSVAL(outbuf,smb_vwv8,rmode);
00127         SSVAL(outbuf,smb_vwv11,0x0001);
00128 
00129         return chain_reply(inbuf,outbuf,length,bufsize);
00130 }

int reply_pipe_write ( char *  inbuf,
char *  outbuf,
int  length,
int  dum_bufsize 
)

pipes.c136 行で定義されています。

参照先 get_rpc_pipe_p()smb_np_struct::pnumset_message()smb_np_struct::vuidwrite_to_pipe().

参照元 reply_write().

00137 {
00138         smb_np_struct *p = get_rpc_pipe_p(inbuf,smb_vwv0);
00139         uint16 vuid = SVAL(inbuf,smb_uid);
00140         size_t numtowrite = SVAL(inbuf,smb_vwv1);
00141         int nwritten;
00142         int outsize;
00143         char *data;
00144 
00145         if (!p) {
00146                 return(ERROR_DOS(ERRDOS,ERRbadfid));
00147         }
00148 
00149         if (p->vuid != vuid) {
00150                 return ERROR_NT(NT_STATUS_INVALID_HANDLE);
00151         }
00152 
00153         data = smb_buf(inbuf) + 3;
00154 
00155         if (numtowrite == 0) {
00156                 nwritten = 0;
00157         } else {
00158                 nwritten = write_to_pipe(p, data, numtowrite);
00159         }
00160 
00161         if ((nwritten == 0 && numtowrite != 0) || (nwritten < 0)) {
00162                 return (UNIXERROR(ERRDOS,ERRnoaccess));
00163         }
00164   
00165         outsize = set_message(outbuf,1,0,True);
00166 
00167         SSVAL(outbuf,smb_vwv0,nwritten);
00168   
00169         DEBUG(3,("write-IPC pnum=%04x nwritten=%d\n", p->pnum, nwritten));
00170 
00171         return(outsize);
00172 }

int reply_pipe_write_and_X ( char *  inbuf,
char *  outbuf,
int  length,
int  bufsize 
)

pipes.c181 行で定義されています。

参照先 chain_reply()get_rpc_pipe_p()smb_np_struct::pnumset_message()smb_np_struct::vuidwrite_to_pipe().

参照元 reply_write_and_X().

00182 {
00183         smb_np_struct *p = get_rpc_pipe_p(inbuf,smb_vwv2);
00184         uint16 vuid = SVAL(inbuf,smb_uid);
00185         size_t numtowrite = SVAL(inbuf,smb_vwv10);
00186         int nwritten = -1;
00187         int smb_doff = SVAL(inbuf, smb_vwv11);
00188         BOOL pipe_start_message_raw = ((SVAL(inbuf, smb_vwv7) & (PIPE_START_MESSAGE|PIPE_RAW_MODE)) ==
00189                                                                 (PIPE_START_MESSAGE|PIPE_RAW_MODE));
00190         char *data;
00191 
00192         if (!p) {
00193                 return(ERROR_DOS(ERRDOS,ERRbadfid));
00194         }
00195 
00196         if (p->vuid != vuid) {
00197                 return ERROR_NT(NT_STATUS_INVALID_HANDLE);
00198         }
00199 
00200         data = smb_base(inbuf) + smb_doff;
00201 
00202         if (numtowrite == 0) {
00203                 nwritten = 0;
00204         } else {
00205                 if(pipe_start_message_raw) {
00206                         /*
00207                          * For the start of a message in named pipe byte mode,
00208                          * the first two bytes are a length-of-pdu field. Ignore
00209                          * them (we don't trust the client). JRA.
00210                          */
00211                        if(numtowrite < 2) {
00212                                 DEBUG(0,("reply_pipe_write_and_X: start of message set and not enough data sent.(%u)\n",
00213                                         (unsigned int)numtowrite ));
00214                                 return (UNIXERROR(ERRDOS,ERRnoaccess));
00215                         }
00216 
00217                         data += 2;
00218                         numtowrite -= 2;
00219                 }                        
00220                 nwritten = write_to_pipe(p, data, numtowrite);
00221         }
00222 
00223         if ((nwritten == 0 && numtowrite != 0) || (nwritten < 0)) {
00224                 return (UNIXERROR(ERRDOS,ERRnoaccess));
00225         }
00226   
00227         set_message(outbuf,6,0,True);
00228 
00229         nwritten = (pipe_start_message_raw ? nwritten + 2 : nwritten);
00230         SSVAL(outbuf,smb_vwv2,nwritten);
00231   
00232         DEBUG(3,("writeX-IPC pnum=%04x nwritten=%d\n", p->pnum, nwritten));
00233 
00234         return chain_reply(inbuf,outbuf,length,bufsize);
00235 }

int reply_pipe_read_and_X ( char *  inbuf,
char *  outbuf,
int  length,
int  bufsize 
)

pipes.c243 行で定義されています。

参照先 chain_reply()get_rpc_pipe_p()smb_np_struct::pnumread_from_pipe()set_message()set_message_bcc().

参照元 reply_read_and_X().

00244 {
00245         smb_np_struct *p = get_rpc_pipe_p(inbuf,smb_vwv2);
00246         int smb_maxcnt = SVAL(inbuf,smb_vwv5);
00247         int smb_mincnt = SVAL(inbuf,smb_vwv6);
00248         int nread = -1;
00249         char *data;
00250         BOOL unused;
00251 
00252         /* we don't use the offset given to use for pipe reads. This
00253            is deliberate, instead we always return the next lump of
00254            data on the pipe */
00255 #if 0
00256         uint32 smb_offs = IVAL(inbuf,smb_vwv3);
00257 #endif
00258 
00259         if (!p) {
00260                 return(ERROR_DOS(ERRDOS,ERRbadfid));
00261         }
00262 
00263         set_message(outbuf,12,0,True);
00264         data = smb_buf(outbuf);
00265 
00266         nread = read_from_pipe(p, data, smb_maxcnt, &unused);
00267 
00268         if (nread < 0) {
00269                 return(UNIXERROR(ERRDOS,ERRnoaccess));
00270         }
00271   
00272         SSVAL(outbuf,smb_vwv5,nread);
00273         SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf));
00274         SSVAL(smb_buf(outbuf),-2,nread);
00275   
00276         DEBUG(3,("readX-IPC pnum=%04x min=%d max=%d nread=%d\n",
00277                  p->pnum, smb_mincnt, smb_maxcnt, nread));
00278 
00279         /* Ensure we set up the message length to include the data length read. */
00280         set_message_bcc(outbuf,nread);
00281         return chain_reply(inbuf,outbuf,length,bufsize);
00282 }

int reply_pipe_close ( connection_struct conn,
char *  inbuf,
char *  outbuf 
)

pipes.c288 行で定義されています。

参照先 close_rpc_pipe_hnd()get_rpc_pipe_p()smb_np_struct::pnumset_message().

参照元 reply_close().

00289 {
00290         smb_np_struct *p = get_rpc_pipe_p(inbuf,smb_vwv0);
00291         int outsize = set_message(outbuf,0,0,True);
00292 
00293         if (!p) {
00294                 return(ERROR_DOS(ERRDOS,ERRbadfid));
00295         }
00296 
00297         DEBUG(5,("reply_pipe_close: pnum:%x\n", p->pnum));
00298 
00299         if (!close_rpc_pipe_hnd(p)) {
00300                 return ERROR_DOS(ERRDOS,ERRbadfid);
00301         }
00302         
00303         return(outsize);
00304 }

変数

struct pipe_id_info pipe_names[]

parse_rpc.c209 行で定義されています。

Sambaに対してSat Aug 29 21:24:27 2009に生成されました。  doxygen 1.4.7