瀏覽代碼

Fix Share listing on OSX smbX server

Julien 'Lta' BALLET 11 年之前
父節點
當前提交
d810c0863d
共有 4 個文件被更改,包括 22 次插入17 次删除
  1. 2 1
      src/netbios_session.c
  2. 1 1
      src/smb_session.c
  3. 15 11
      src/smb_share.c
  4. 4 4
      src/smb_spnego.c

+ 2 - 1
src/netbios_session.c

@@ -214,7 +214,8 @@ ssize_t           netbios_session_packet_recv(netbios_session *s, void **data)
 
   if (sofar > total)
   {
-    BDSM_dbg("netbios_session_packet_recv: Packet size mismatch\n");
+    BDSM_dbg("netbios_session_packet_recv: Packet size mismatch (%ld/%ld)\n",
+              sofar, total);
     return(-1);
   }
 

+ 1 - 1
src/smb_session.c

@@ -240,7 +240,7 @@ static int        smb_session_login_ntlm(smb_session *s, const char *domain,
 
   req = (smb_session_req *)msg->packet->payload;
   req->wct              = 13;
-  req->max_buffer       = SMB_IO_BUFSIZE;
+  req->max_buffer       = SMB_SESSION_MAX_BUFFER;
   req->mpx_count        = 16; // XXX ?
   req->vc_count         = 1;
   //req->session_key      = s->srv.session_key; // XXX Useless on the wire?

+ 15 - 11
src/smb_share.c

@@ -171,12 +171,13 @@ void            smb_share_list_destroy(smb_share_list list)
 // PS: Worst function _EVER_. I don't understand a bit myself
 size_t          smb_share_get_list(smb_session *s, char ***list)
 {
-  smb_message         *req, resp;
-  smb_trans_req       *trans;
+  smb_message           *req, resp;
+  smb_trans_req         *trans;
   smb_tid               ipc_tid;
   smb_fd                srvscv_fd;
   uint16_t              rpc_len;
-  ssize_t               res;
+  ssize_t               res, frag_len_cursor;
+
 
   assert(s != NULL && list != NULL);
   *list = NULL;
@@ -292,29 +293,31 @@ size_t          smb_share_get_list(smb_session *s, char ***list)
   smb_message_put8(req, 0);     // Packet type = 'request'
   smb_message_put8(req, 0x03);  // Packet flags = ??
   smb_message_put32(req, 0x10); // Representation = little endian/ASCII. Damn
-  smb_message_put16(req, 88);   // Data len again
+  // Let's save the cursor here to update that later
+  frag_len_cursor = req->cursor;
+  smb_message_put16(req, 0);    // Data len again (frag length)
   smb_message_put16(req, 0);    // Auth len ?
-  smb_message_put32(req, 20);   // Call ID ?
+  smb_message_put32(req, 12);   // Call ID ?
   smb_message_put32(req, 64);   // Alloc hint ?
   smb_message_put16(req, 0);    // Context ID ?
   smb_message_put16(req, 15);   // OpNum = NetShareEnumAll
 
   // Pointer to server UNC
   smb_message_put32(req, 0x00020000);   // Referent ID ?
-  smb_message_put32(req, 8);            // Max count
+  smb_message_put32(req, strlen(s->srv.name) + 1);            // Max count
   smb_message_put32(req, 0);            // Offset
-  smb_message_put32(req, 8);            // Actual count
+  smb_message_put32(req, strlen(s->srv.name) + 1);            // Actual count
     // The server name, supposed to be downcased
   smb_message_put_utf16(req, "", s->srv.name, strlen(s->srv.name) + 1);
   if ((strlen(s->srv.name) % 2) == 0) // It won't be aligned with the terminating byte
-  smb_message_put16(req, 0);
+    smb_message_put16(req, 0);
 
 
   smb_message_put32(req, 1);            // Level 1 ?
   smb_message_put32(req, 1);            // Ctr ?
   smb_message_put32(req, 0x00020004);   // Referent ID ?
   smb_message_put64(req, 0);            // Count/Null Pointer to NetShareInfo1
-  smb_message_put32(req, rpc_len);      // Max Buffer
+  smb_message_put32(req, 0xffffffff);   // Max Buffer (0xffffffff required by smbX)
 
   smb_message_put32(req, 0x00020008);   // Referent ID ?
   smb_message_put32(req, 0);            // Resume ?
@@ -323,8 +326,9 @@ size_t          smb_share_get_list(smb_session *s, char ***list)
   trans->bct              = req->cursor - sizeof(smb_trans_req);
   trans->data_count       = trans->bct - 17; // 17 -> padding + \PIPE\ + padding
   trans->total_data_count = trans->data_count;
-  trans->data_offset      = trans->data_count - 4;
-  trans->param_offset     = trans->data_count - 4;
+  req->packet->payload[frag_len_cursor] = trans->data_count; // (data_count SHOULD stay < 256)
+  trans->data_offset      = 84;
+  trans->param_offset     = 84;
 
 
   // Let's send this ugly pile of shit over the network !

+ 4 - 4
src/smb_spnego.c

@@ -78,10 +78,10 @@ static int      negotiate(smb_session *s, const char *domain, const char *user)
   smb_message_set_default_flags(msg);
   smb_message_set_andx_members(msg);
   req = (smb_session_xsec_req *)msg->packet->payload;
-  msg->packet->header.mux_id  = 1;
+  //msg->packet->header.mux_id  = 1;
 
   req->wct              = 12;
-  req->max_buffer       = SMB_IO_BUFSIZE;
+  req->max_buffer       = SMB_SESSION_MAX_BUFFER;
   req->mpx_count        = 16; // XXX ?
   req->vc_count         = 1;
   req->caps             = s->srv.caps; // XXX caps & our_caps_mask
@@ -227,11 +227,11 @@ static int      auth(smb_session *s, const char *domain, const char *user,
   msg = smb_message_new(SMB_CMD_SETUP, 512);
   smb_message_set_default_flags(msg);
   smb_message_set_andx_members(msg);
-  msg->packet->header.mux_id = 2;
+  //msg->packet->header.mux_id = 2;
   req = (smb_session_xsec_req *)msg->packet->payload;
 
   req->wct              = 12;
-  req->max_buffer       = SMB_IO_BUFSIZE;
+  req->max_buffer       = SMB_SESSION_MAX_BUFFER;
   req->mpx_count        = 16; // XXX ?
   req->vc_count         = 1;
   req->caps             = s->srv.caps; // XXX caps & our_caps_mask