2005-11-09 11:11:50 +03:00
/*
Unix SMB / CIFS mplementation .
helper layer for breaking up streams into discrete requests
Copyright ( C ) Andrew Tridgell 2005
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-10 06:07:03 +04:00
the Free Software Foundation ; either version 3 of the License , or
2005-11-09 11:11:50 +03:00
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
2007-07-10 06:07:03 +04:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2005-11-09 11:11:50 +03:00
*/
# include "includes.h"
2008-10-11 23:31:42 +04:00
# include "../lib/util/dlinklist.h"
2005-11-09 11:11:50 +03:00
# include "lib/events/events.h"
# include "lib/socket/socket.h"
# include "lib/stream/packet.h"
2006-08-30 15:29:34 +04:00
# include "libcli/raw/smb.h"
2005-11-09 11:11:50 +03:00
struct packet_context {
packet_callback_fn_t callback ;
packet_full_request_fn_t full_request ;
packet_error_handler_fn_t error_handler ;
DATA_BLOB partial ;
uint32_t num_read ;
2005-11-10 07:26:00 +03:00
uint32_t initial_read ;
2005-11-09 11:11:50 +03:00
struct socket_context * sock ;
2008-12-29 22:24:57 +03:00
struct tevent_context * ev ;
2005-11-09 11:11:50 +03:00
size_t packet_size ;
2009-02-02 10:22:01 +03:00
void * private_data ;
2008-12-29 22:24:57 +03:00
struct tevent_fd * fde ;
2007-10-05 22:03:01 +04:00
bool serialise ;
2005-11-14 05:45:28 +03:00
int processing ;
2007-10-05 22:03:01 +04:00
bool recv_disable ;
2010-09-07 05:55:47 +04:00
bool recv_need_enable ;
2007-10-05 22:03:01 +04:00
bool nofree ;
2005-11-09 16:33:53 +03:00
2007-10-05 22:03:01 +04:00
bool busy ;
bool destructor_called ;
2005-11-23 03:30:58 +03:00
2009-02-18 09:37:45 +03:00
bool unreliable_select ;
2005-11-09 16:33:53 +03:00
struct send_element {
struct send_element * next , * prev ;
DATA_BLOB blob ;
size_t nsent ;
r17197: This patch moves the encryption of bulk data on SASL negotiated security
contexts from the application layer into the socket layer.
This improves a number of correctness aspects, as we now allow LDAP
packets to cross multiple SASL packets. It should also make it much
easier to write async LDAP tests from windows clients, as they use SASL
by default. It is also vital to allowing OpenLDAP clients to use GSSAPI
against Samba4, as it negotiates a rather small SASL buffer size.
This patch mirrors the earlier work done to move TLS into the socket
layer.
Unusual in this pstch is the extra read callback argument I take. As
SASL is a layer on top of a socket, it is entirely possible for the
SASL layer to drain a socket dry, but for the caller not to have read
all the decrypted data. This would leave the system without an event
to restart the read (as the socket is dry).
As such, I re-invoke the read handler from a timed callback, which
should trigger on the next running of the event loop. I believe that
the TLS code does require a similar callback.
In trying to understand why this is required, imagine a SASL-encrypted
LDAP packet in the following formation:
+-----------------+---------------------+
| SASL Packet #1 | SASL Packet #2 |
----------------------------------------+
| LDAP Packet #1 | LDAP Packet #2 |
----------------------------------------+
In the old code, this was illegal, but it is perfectly standard
SASL-encrypted LDAP. Without the callback, we would read and process
the first LDAP packet, and the SASL code would have read the second SASL
packet (to decrypt enough data for the LDAP packet), and no data would
remain on the socket.
Without data on the socket, read events stop. That is why I add timed
events, until the SASL buffer is drained.
Another approach would be to add a hack to the event system, to have it
pretend there remained data to read off the network (but that is ugly).
In improving the code, to handle more real-world cases, I've been able
to remove almost all the special-cases in the testnonblock code. The
only special case is that we must use a deterministic partial packet
when calling send, rather than a random length. (1 + n/2). This is
needed because of the way the SASL and TLS code works, and the 'resend
on failure' requirements.
Andrew Bartlett
(This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
2006-07-23 06:50:08 +04:00
packet_send_callback_fn_t send_callback ;
void * send_callback_private ;
2005-11-09 16:33:53 +03:00
} * send_queue ;
2005-11-09 11:11:50 +03:00
} ;
2005-11-23 03:30:58 +03:00
/*
a destructor used when we are processing packets to prevent freeing of this
context while it is being used
*/
2006-05-24 11:34:11 +04:00
static int packet_destructor ( struct packet_context * pc )
2005-11-23 03:30:58 +03:00
{
if ( pc - > busy ) {
2007-10-05 22:03:01 +04:00
pc - > destructor_called = true ;
2005-11-23 03:30:58 +03:00
/* now we refuse the talloc_free() request. The free will
happen again in the packet_recv ( ) code */
return - 1 ;
}
return 0 ;
}
2005-11-09 11:11:50 +03:00
/*
initialise a packet receiver
*/
2006-03-07 19:50:07 +03:00
_PUBLIC_ struct packet_context * packet_init ( TALLOC_CTX * mem_ctx )
2005-11-09 11:11:50 +03:00
{
2005-11-23 03:30:58 +03:00
struct packet_context * pc = talloc_zero ( mem_ctx , struct packet_context ) ;
if ( pc ! = NULL ) {
talloc_set_destructor ( pc , packet_destructor ) ;
}
return pc ;
2005-11-09 11:11:50 +03:00
}
/*
set the request callback , called when a full request is ready
*/
2006-03-07 19:50:07 +03:00
_PUBLIC_ void packet_set_callback ( struct packet_context * pc , packet_callback_fn_t callback )
2005-11-09 11:11:50 +03:00
{
pc - > callback = callback ;
}
/*
set the error handler
*/
2006-03-07 19:50:07 +03:00
_PUBLIC_ void packet_set_error_handler ( struct packet_context * pc , packet_error_handler_fn_t handler )
2005-11-09 11:11:50 +03:00
{
pc - > error_handler = handler ;
}
/*
set the private pointer passed to the callback functions
*/
2009-02-02 10:22:01 +03:00
_PUBLIC_ void packet_set_private ( struct packet_context * pc , void * private_data )
2005-11-09 11:11:50 +03:00
{
2009-02-02 10:22:01 +03:00
pc - > private_data = private_data ;
2005-11-09 11:11:50 +03:00
}
/*
set the full request callback . Should return as follows :
NT_STATUS_OK = = blob is a full request .
STATUS_MORE_ENTRIES = = blob is not complete yet
any error = = blob is not a valid
*/
2006-03-07 19:50:07 +03:00
_PUBLIC_ void packet_set_full_request ( struct packet_context * pc , packet_full_request_fn_t callback )
2005-11-09 11:11:50 +03:00
{
pc - > full_request = callback ;
}
/*
2006-05-03 00:15:47 +04:00
set a socket context to use . You must set a socket_context
2005-11-09 11:11:50 +03:00
*/
2006-03-07 19:50:07 +03:00
_PUBLIC_ void packet_set_socket ( struct packet_context * pc , struct socket_context * sock )
2005-11-09 11:11:50 +03:00
{
pc - > sock = sock ;
}
/*
set an event context . If this is set then the code will ensure that
packets arrive with separate events , by creating a immediate event
for any secondary packets when more than one packet is read at one
time on a socket . This can matter for code that relies on not
getting more than one packet per event
*/
2008-12-29 22:24:57 +03:00
_PUBLIC_ void packet_set_event_context ( struct packet_context * pc , struct tevent_context * ev )
2005-11-09 11:11:50 +03:00
{
pc - > ev = ev ;
}
2005-11-09 13:50:39 +03:00
/*
2005-11-14 06:45:57 +03:00
tell the packet layer the fde for the socket
2005-11-09 13:50:39 +03:00
*/
2008-12-29 22:24:57 +03:00
_PUBLIC_ void packet_set_fde ( struct packet_context * pc , struct tevent_fd * fde )
2005-11-09 13:50:39 +03:00
{
pc - > fde = fde ;
}
2005-11-14 06:45:57 +03:00
/*
tell the packet layer to serialise requests , so we don ' t process two
requests at once on one connection . You must have set the
event_context and fde
*/
2006-03-07 19:50:07 +03:00
_PUBLIC_ void packet_set_serialise ( struct packet_context * pc )
2005-11-14 06:45:57 +03:00
{
2007-10-05 22:03:01 +04:00
pc - > serialise = true ;
2005-11-14 06:45:57 +03:00
}
2005-11-10 07:26:00 +03:00
/*
tell the packet layer how much to read when starting a new packet
this ensures it doesn ' t overread
*/
2006-03-07 19:50:07 +03:00
_PUBLIC_ void packet_set_initial_read ( struct packet_context * pc , uint32_t initial_read )
2005-11-10 07:26:00 +03:00
{
pc - > initial_read = initial_read ;
}
2005-11-10 14:10:40 +03:00
/*
tell the packet system not to steal / free blobs given to packet_send ( )
*/
2006-03-07 19:50:07 +03:00
_PUBLIC_ void packet_set_nofree ( struct packet_context * pc )
2005-11-10 14:10:40 +03:00
{
2007-10-05 22:03:01 +04:00
pc - > nofree = true ;
2005-11-10 14:10:40 +03:00
}
2009-02-18 09:37:45 +03:00
/*
tell the packet system that select / poll / epoll on the underlying
socket may not be a reliable way to determine if data is available
for receive . This happens with underlying socket systems such as the
one implemented on top of GNUTLS , where there may be data in
encryption / compression buffers that could be received by
socket_recv ( ) , while there is no data waiting at the real socket
level as seen by select / poll / epoll . The GNUTLS library is supposed
to cope with this by always leaving some data sitting in the socket
buffer , but it does not seem to be reliable .
*/
_PUBLIC_ void packet_set_unreliable_select ( struct packet_context * pc )
{
pc - > unreliable_select = true ;
}
2005-11-09 11:11:50 +03:00
/*
tell the caller we have an error
*/
static void packet_error ( struct packet_context * pc , NTSTATUS status )
{
pc - > sock = NULL ;
if ( pc - > error_handler ) {
2009-02-02 10:22:01 +03:00
pc - > error_handler ( pc - > private_data , status ) ;
2005-11-09 11:11:50 +03:00
return ;
}
/* default error handler is to free the callers private pointer */
if ( ! NT_STATUS_EQUAL ( status , NT_STATUS_END_OF_FILE ) ) {
DEBUG ( 0 , ( " packet_error on %s - %s \n " ,
2009-02-02 10:22:01 +03:00
talloc_get_name ( pc - > private_data ) , nt_errstr ( status ) ) ) ;
2005-11-09 11:11:50 +03:00
}
2009-02-02 10:22:01 +03:00
talloc_free ( pc - > private_data ) ;
2005-11-09 11:11:50 +03:00
return ;
}
/*
tell the caller we have EOF
*/
static void packet_eof ( struct packet_context * pc )
{
packet_error ( pc , NT_STATUS_END_OF_FILE ) ;
}
/*
used to put packets on event boundaries
*/
2008-12-29 22:24:57 +03:00
static void packet_next_event ( struct tevent_context * ev , struct tevent_timer * te ,
2009-02-02 10:22:01 +03:00
struct timeval t , void * private_data )
2005-11-09 11:11:50 +03:00
{
2009-02-02 10:22:01 +03:00
struct packet_context * pc = talloc_get_type ( private_data , struct packet_context ) ;
2005-11-10 08:12:28 +03:00
if ( pc - > num_read ! = 0 & & pc - > packet_size ! = 0 & &
pc - > packet_size < = pc - > num_read ) {
2005-11-10 07:26:00 +03:00
packet_recv ( pc ) ;
}
2005-11-09 11:11:50 +03:00
}
2005-11-23 03:30:58 +03:00
2005-11-09 11:11:50 +03:00
/*
call this when the socket becomes readable to kick off the whole
stream parsing process
*/
2006-03-07 19:50:07 +03:00
_PUBLIC_ void packet_recv ( struct packet_context * pc )
2005-11-09 11:11:50 +03:00
{
size_t npending ;
NTSTATUS status ;
2005-11-10 08:12:28 +03:00
size_t nread = 0 ;
2005-11-09 11:11:50 +03:00
DATA_BLOB blob ;
2009-02-18 09:37:45 +03:00
bool recv_retry = false ;
2005-11-09 11:11:50 +03:00
2005-11-09 13:50:39 +03:00
if ( pc - > processing ) {
2010-05-25 23:28:35 +04:00
TEVENT_FD_NOT_READABLE ( pc - > fde ) ;
2005-11-14 05:45:28 +03:00
pc - > processing + + ;
2005-11-09 13:50:39 +03:00
return ;
}
2005-11-10 07:26:00 +03:00
if ( pc - > recv_disable ) {
2010-09-07 05:55:47 +04:00
pc - > recv_need_enable = true ;
2010-05-25 23:28:35 +04:00
TEVENT_FD_NOT_READABLE ( pc - > fde ) ;
2005-11-10 07:26:00 +03:00
return ;
}
2005-11-09 11:11:50 +03:00
if ( pc - > packet_size ! = 0 & & pc - > num_read > = pc - > packet_size ) {
goto next_partial ;
}
if ( pc - > packet_size ! = 0 ) {
/* we've already worked out how long this next packet is, so skip the
socket_pending ( ) call */
npending = pc - > packet_size - pc - > num_read ;
2005-11-10 07:26:00 +03:00
} else if ( pc - > initial_read ! = 0 ) {
npending = pc - > initial_read - pc - > num_read ;
2005-11-09 11:11:50 +03:00
} else {
2006-05-03 00:15:47 +04:00
if ( pc - > sock ) {
2005-11-09 11:11:50 +03:00
status = socket_pending ( pc - > sock , & npending ) ;
} else {
status = NT_STATUS_CONNECTION_DISCONNECTED ;
}
if ( ! NT_STATUS_IS_OK ( status ) ) {
packet_error ( pc , status ) ;
return ;
}
}
if ( npending = = 0 ) {
packet_eof ( pc ) ;
return ;
}
2009-02-18 09:37:45 +03:00
again :
2006-07-25 04:57:27 +04:00
if ( npending + pc - > num_read < npending ) {
packet_error ( pc , NT_STATUS_INVALID_PARAMETER ) ;
return ;
}
if ( npending + pc - > num_read < pc - > num_read ) {
packet_error ( pc , NT_STATUS_INVALID_PARAMETER ) ;
return ;
}
2005-11-09 11:11:50 +03:00
/* possibly expand the partial packet buffer */
if ( npending + pc - > num_read > pc - > partial . length ) {
2007-08-29 17:07:03 +04:00
if ( ! data_blob_realloc ( pc , & pc - > partial , npending + pc - > num_read ) ) {
packet_error ( pc , NT_STATUS_NO_MEMORY ) ;
2005-11-09 11:11:50 +03:00
return ;
}
}
2006-07-25 04:57:27 +04:00
if ( pc - > partial . length < pc - > num_read + npending ) {
packet_error ( pc , NT_STATUS_INVALID_PARAMETER ) ;
return ;
}
if ( ( uint8_t * ) pc - > partial . data + pc - > num_read < ( uint8_t * ) pc - > partial . data ) {
packet_error ( pc , NT_STATUS_INVALID_PARAMETER ) ;
return ;
}
if ( ( uint8_t * ) pc - > partial . data + pc - > num_read + npending < ( uint8_t * ) pc - > partial . data ) {
packet_error ( pc , NT_STATUS_INVALID_PARAMETER ) ;
return ;
}
2006-05-03 00:15:47 +04:00
status = socket_recv ( pc - > sock , pc - > partial . data + pc - > num_read ,
npending , & nread ) ;
2005-11-09 11:11:50 +03:00
if ( NT_STATUS_IS_ERR ( status ) ) {
packet_error ( pc , status ) ;
return ;
}
2009-02-18 09:37:45 +03:00
if ( recv_retry & & NT_STATUS_EQUAL ( status , STATUS_MORE_ENTRIES ) ) {
nread = 0 ;
status = NT_STATUS_OK ;
}
2005-11-09 11:11:50 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
return ;
}
2009-02-18 09:37:45 +03:00
if ( nread = = 0 & & ! recv_retry ) {
2005-11-09 11:11:50 +03:00
packet_eof ( pc ) ;
return ;
}
pc - > num_read + = nread ;
2009-02-18 09:37:45 +03:00
if ( pc - > unreliable_select & & nread ! = 0 ) {
recv_retry = true ;
status = socket_pending ( pc - > sock , & npending ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
packet_error ( pc , status ) ;
return ;
}
if ( npending ! = 0 ) {
goto again ;
}
}
2005-11-09 11:11:50 +03:00
next_partial :
2005-11-10 08:12:28 +03:00
if ( pc - > partial . length ! = pc - > num_read ) {
2007-08-29 17:07:03 +04:00
if ( ! data_blob_realloc ( pc , & pc - > partial , pc - > num_read ) ) {
packet_error ( pc , NT_STATUS_NO_MEMORY ) ;
2005-11-10 08:12:28 +03:00
return ;
}
}
/* see if its a full request */
2005-11-09 11:11:50 +03:00
blob = pc - > partial ;
blob . length = pc - > num_read ;
2009-02-02 10:22:01 +03:00
status = pc - > full_request ( pc - > private_data , blob , & pc - > packet_size ) ;
2005-11-09 11:11:50 +03:00
if ( NT_STATUS_IS_ERR ( status ) ) {
packet_error ( pc , status ) ;
return ;
}
if ( ! NT_STATUS_IS_OK ( status ) ) {
return ;
}
if ( pc - > packet_size > pc - > num_read ) {
/* the caller made an error */
2005-11-30 05:08:15 +03:00
DEBUG ( 0 , ( " Invalid packet_size %lu greater than num_read %lu \n " ,
( long ) pc - > packet_size , ( long ) pc - > num_read ) ) ;
2005-11-09 11:11:50 +03:00
packet_error ( pc , NT_STATUS_INVALID_PARAMETER ) ;
return ;
}
/* it is a full request - give it to the caller */
blob = pc - > partial ;
2005-11-10 07:49:02 +03:00
blob . length = pc - > num_read ;
2005-11-09 11:11:50 +03:00
if ( pc - > packet_size < pc - > num_read ) {
pc - > partial = data_blob_talloc ( pc , blob . data + pc - > packet_size ,
pc - > num_read - pc - > packet_size ) ;
if ( pc - > partial . data = = NULL ) {
packet_error ( pc , NT_STATUS_NO_MEMORY ) ;
return ;
}
2006-07-25 04:57:27 +04:00
/* Trunate the blob sent to the caller to only the packet length */
2007-08-29 17:07:03 +04:00
if ( ! data_blob_realloc ( pc , & blob , pc - > packet_size ) ) {
packet_error ( pc , NT_STATUS_NO_MEMORY ) ;
2005-11-10 16:52:07 +03:00
return ;
}
2005-11-09 11:11:50 +03:00
} else {
pc - > partial = data_blob ( NULL , 0 ) ;
}
pc - > num_read - = pc - > packet_size ;
pc - > packet_size = 0 ;
2005-11-09 13:50:39 +03:00
if ( pc - > serialise ) {
2005-11-14 05:45:28 +03:00
pc - > processing = 1 ;
2005-11-09 13:50:39 +03:00
}
2005-11-09 11:11:50 +03:00
2007-10-05 22:03:01 +04:00
pc - > busy = true ;
2005-11-23 03:30:58 +03:00
2009-02-02 10:22:01 +03:00
status = pc - > callback ( pc - > private_data , blob ) ;
2005-11-09 13:50:39 +03:00
2007-10-05 22:03:01 +04:00
pc - > busy = false ;
2005-11-23 03:30:58 +03:00
if ( pc - > destructor_called ) {
talloc_free ( pc ) ;
return ;
}
2005-11-14 05:45:28 +03:00
if ( pc - > processing ) {
if ( pc - > processing > 1 ) {
2010-05-25 23:28:35 +04:00
TEVENT_FD_READABLE ( pc - > fde ) ;
2005-11-14 05:45:28 +03:00
}
pc - > processing = 0 ;
2005-11-09 13:50:39 +03:00
}
2005-11-09 11:11:50 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
packet_error ( pc , status ) ;
return ;
}
r17197: This patch moves the encryption of bulk data on SASL negotiated security
contexts from the application layer into the socket layer.
This improves a number of correctness aspects, as we now allow LDAP
packets to cross multiple SASL packets. It should also make it much
easier to write async LDAP tests from windows clients, as they use SASL
by default. It is also vital to allowing OpenLDAP clients to use GSSAPI
against Samba4, as it negotiates a rather small SASL buffer size.
This patch mirrors the earlier work done to move TLS into the socket
layer.
Unusual in this pstch is the extra read callback argument I take. As
SASL is a layer on top of a socket, it is entirely possible for the
SASL layer to drain a socket dry, but for the caller not to have read
all the decrypted data. This would leave the system without an event
to restart the read (as the socket is dry).
As such, I re-invoke the read handler from a timed callback, which
should trigger on the next running of the event loop. I believe that
the TLS code does require a similar callback.
In trying to understand why this is required, imagine a SASL-encrypted
LDAP packet in the following formation:
+-----------------+---------------------+
| SASL Packet #1 | SASL Packet #2 |
----------------------------------------+
| LDAP Packet #1 | LDAP Packet #2 |
----------------------------------------+
In the old code, this was illegal, but it is perfectly standard
SASL-encrypted LDAP. Without the callback, we would read and process
the first LDAP packet, and the SASL code would have read the second SASL
packet (to decrypt enough data for the LDAP packet), and no data would
remain on the socket.
Without data on the socket, read events stop. That is why I add timed
events, until the SASL buffer is drained.
Another approach would be to add a hack to the event system, to have it
pretend there remained data to read off the network (but that is ugly).
In improving the code, to handle more real-world cases, I've been able
to remove almost all the special-cases in the testnonblock code. The
only special case is that we must use a deterministic partial packet
when calling send, rather than a random length. (1 + n/2). This is
needed because of the way the SASL and TLS code works, and the 'resend
on failure' requirements.
Andrew Bartlett
(This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
2006-07-23 06:50:08 +04:00
/* Have we consumed the whole buffer yet? */
2005-11-09 11:11:50 +03:00
if ( pc - > partial . length = = 0 ) {
return ;
}
2005-11-10 07:26:00 +03:00
2005-11-09 11:11:50 +03:00
/* we got multiple packets in one tcp read */
if ( pc - > ev = = NULL ) {
goto next_partial ;
}
blob = pc - > partial ;
blob . length = pc - > num_read ;
2009-02-02 10:22:01 +03:00
status = pc - > full_request ( pc - > private_data , blob , & pc - > packet_size ) ;
2005-11-09 11:11:50 +03:00
if ( NT_STATUS_IS_ERR ( status ) ) {
packet_error ( pc , status ) ;
return ;
}
if ( ! NT_STATUS_IS_OK ( status ) ) {
return ;
}
2010-05-25 23:28:35 +04:00
tevent_add_timer ( pc - > ev , pc , timeval_zero ( ) , packet_next_event , pc ) ;
2005-11-09 11:11:50 +03:00
}
2005-11-10 07:26:00 +03:00
/*
temporarily disable receiving
*/
2006-03-07 19:50:07 +03:00
_PUBLIC_ void packet_recv_disable ( struct packet_context * pc )
2005-11-10 07:26:00 +03:00
{
2007-10-05 22:03:01 +04:00
pc - > recv_disable = true ;
2005-11-10 07:26:00 +03:00
}
/*
re - enable receiving
*/
2006-03-07 19:50:07 +03:00
_PUBLIC_ void packet_recv_enable ( struct packet_context * pc )
2005-11-10 07:26:00 +03:00
{
2010-09-07 05:55:47 +04:00
if ( pc - > recv_need_enable ) {
pc - > recv_need_enable = false ;
2010-05-25 23:28:35 +04:00
TEVENT_FD_READABLE ( pc - > fde ) ;
2010-09-07 05:55:47 +04:00
}
2007-10-05 22:03:01 +04:00
pc - > recv_disable = false ;
2005-11-10 07:26:00 +03:00
if ( pc - > num_read ! = 0 & & pc - > packet_size > = pc - > num_read ) {
2010-05-25 23:28:35 +04:00
tevent_add_timer ( pc - > ev , pc , timeval_zero ( ) , packet_next_event , pc ) ;
2005-11-10 07:26:00 +03:00
}
}
2005-11-09 16:33:53 +03:00
/*
trigger a run of the send queue
*/
2006-03-07 19:50:07 +03:00
_PUBLIC_ void packet_queue_run ( struct packet_context * pc )
2005-11-09 16:33:53 +03:00
{
while ( pc - > send_queue ) {
struct send_element * el = pc - > send_queue ;
NTSTATUS status ;
size_t nwritten ;
DATA_BLOB blob = data_blob_const ( el - > blob . data + el - > nsent ,
el - > blob . length - el - > nsent ) ;
2006-05-03 00:15:47 +04:00
status = socket_send ( pc - > sock , & blob , & nwritten ) ;
2005-11-09 16:33:53 +03:00
if ( NT_STATUS_IS_ERR ( status ) ) {
r17197: This patch moves the encryption of bulk data on SASL negotiated security
contexts from the application layer into the socket layer.
This improves a number of correctness aspects, as we now allow LDAP
packets to cross multiple SASL packets. It should also make it much
easier to write async LDAP tests from windows clients, as they use SASL
by default. It is also vital to allowing OpenLDAP clients to use GSSAPI
against Samba4, as it negotiates a rather small SASL buffer size.
This patch mirrors the earlier work done to move TLS into the socket
layer.
Unusual in this pstch is the extra read callback argument I take. As
SASL is a layer on top of a socket, it is entirely possible for the
SASL layer to drain a socket dry, but for the caller not to have read
all the decrypted data. This would leave the system without an event
to restart the read (as the socket is dry).
As such, I re-invoke the read handler from a timed callback, which
should trigger on the next running of the event loop. I believe that
the TLS code does require a similar callback.
In trying to understand why this is required, imagine a SASL-encrypted
LDAP packet in the following formation:
+-----------------+---------------------+
| SASL Packet #1 | SASL Packet #2 |
----------------------------------------+
| LDAP Packet #1 | LDAP Packet #2 |
----------------------------------------+
In the old code, this was illegal, but it is perfectly standard
SASL-encrypted LDAP. Without the callback, we would read and process
the first LDAP packet, and the SASL code would have read the second SASL
packet (to decrypt enough data for the LDAP packet), and no data would
remain on the socket.
Without data on the socket, read events stop. That is why I add timed
events, until the SASL buffer is drained.
Another approach would be to add a hack to the event system, to have it
pretend there remained data to read off the network (but that is ugly).
In improving the code, to handle more real-world cases, I've been able
to remove almost all the special-cases in the testnonblock code. The
only special case is that we must use a deterministic partial packet
when calling send, rather than a random length. (1 + n/2). This is
needed because of the way the SASL and TLS code works, and the 'resend
on failure' requirements.
Andrew Bartlett
(This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
2006-07-23 06:50:08 +04:00
packet_error ( pc , status ) ;
2005-11-09 16:33:53 +03:00
return ;
}
if ( ! NT_STATUS_IS_OK ( status ) ) {
return ;
}
el - > nsent + = nwritten ;
if ( el - > nsent = = el - > blob . length ) {
DLIST_REMOVE ( pc - > send_queue , el ) ;
r17197: This patch moves the encryption of bulk data on SASL negotiated security
contexts from the application layer into the socket layer.
This improves a number of correctness aspects, as we now allow LDAP
packets to cross multiple SASL packets. It should also make it much
easier to write async LDAP tests from windows clients, as they use SASL
by default. It is also vital to allowing OpenLDAP clients to use GSSAPI
against Samba4, as it negotiates a rather small SASL buffer size.
This patch mirrors the earlier work done to move TLS into the socket
layer.
Unusual in this pstch is the extra read callback argument I take. As
SASL is a layer on top of a socket, it is entirely possible for the
SASL layer to drain a socket dry, but for the caller not to have read
all the decrypted data. This would leave the system without an event
to restart the read (as the socket is dry).
As such, I re-invoke the read handler from a timed callback, which
should trigger on the next running of the event loop. I believe that
the TLS code does require a similar callback.
In trying to understand why this is required, imagine a SASL-encrypted
LDAP packet in the following formation:
+-----------------+---------------------+
| SASL Packet #1 | SASL Packet #2 |
----------------------------------------+
| LDAP Packet #1 | LDAP Packet #2 |
----------------------------------------+
In the old code, this was illegal, but it is perfectly standard
SASL-encrypted LDAP. Without the callback, we would read and process
the first LDAP packet, and the SASL code would have read the second SASL
packet (to decrypt enough data for the LDAP packet), and no data would
remain on the socket.
Without data on the socket, read events stop. That is why I add timed
events, until the SASL buffer is drained.
Another approach would be to add a hack to the event system, to have it
pretend there remained data to read off the network (but that is ugly).
In improving the code, to handle more real-world cases, I've been able
to remove almost all the special-cases in the testnonblock code. The
only special case is that we must use a deterministic partial packet
when calling send, rather than a random length. (1 + n/2). This is
needed because of the way the SASL and TLS code works, and the 'resend
on failure' requirements.
Andrew Bartlett
(This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
2006-07-23 06:50:08 +04:00
if ( el - > send_callback ) {
2008-07-07 20:55:59 +04:00
pc - > busy = true ;
r17197: This patch moves the encryption of bulk data on SASL negotiated security
contexts from the application layer into the socket layer.
This improves a number of correctness aspects, as we now allow LDAP
packets to cross multiple SASL packets. It should also make it much
easier to write async LDAP tests from windows clients, as they use SASL
by default. It is also vital to allowing OpenLDAP clients to use GSSAPI
against Samba4, as it negotiates a rather small SASL buffer size.
This patch mirrors the earlier work done to move TLS into the socket
layer.
Unusual in this pstch is the extra read callback argument I take. As
SASL is a layer on top of a socket, it is entirely possible for the
SASL layer to drain a socket dry, but for the caller not to have read
all the decrypted data. This would leave the system without an event
to restart the read (as the socket is dry).
As such, I re-invoke the read handler from a timed callback, which
should trigger on the next running of the event loop. I believe that
the TLS code does require a similar callback.
In trying to understand why this is required, imagine a SASL-encrypted
LDAP packet in the following formation:
+-----------------+---------------------+
| SASL Packet #1 | SASL Packet #2 |
----------------------------------------+
| LDAP Packet #1 | LDAP Packet #2 |
----------------------------------------+
In the old code, this was illegal, but it is perfectly standard
SASL-encrypted LDAP. Without the callback, we would read and process
the first LDAP packet, and the SASL code would have read the second SASL
packet (to decrypt enough data for the LDAP packet), and no data would
remain on the socket.
Without data on the socket, read events stop. That is why I add timed
events, until the SASL buffer is drained.
Another approach would be to add a hack to the event system, to have it
pretend there remained data to read off the network (but that is ugly).
In improving the code, to handle more real-world cases, I've been able
to remove almost all the special-cases in the testnonblock code. The
only special case is that we must use a deterministic partial packet
when calling send, rather than a random length. (1 + n/2). This is
needed because of the way the SASL and TLS code works, and the 'resend
on failure' requirements.
Andrew Bartlett
(This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
2006-07-23 06:50:08 +04:00
el - > send_callback ( el - > send_callback_private ) ;
2008-07-07 20:55:59 +04:00
pc - > busy = false ;
if ( pc - > destructor_called ) {
talloc_free ( pc ) ;
return ;
}
r17197: This patch moves the encryption of bulk data on SASL negotiated security
contexts from the application layer into the socket layer.
This improves a number of correctness aspects, as we now allow LDAP
packets to cross multiple SASL packets. It should also make it much
easier to write async LDAP tests from windows clients, as they use SASL
by default. It is also vital to allowing OpenLDAP clients to use GSSAPI
against Samba4, as it negotiates a rather small SASL buffer size.
This patch mirrors the earlier work done to move TLS into the socket
layer.
Unusual in this pstch is the extra read callback argument I take. As
SASL is a layer on top of a socket, it is entirely possible for the
SASL layer to drain a socket dry, but for the caller not to have read
all the decrypted data. This would leave the system without an event
to restart the read (as the socket is dry).
As such, I re-invoke the read handler from a timed callback, which
should trigger on the next running of the event loop. I believe that
the TLS code does require a similar callback.
In trying to understand why this is required, imagine a SASL-encrypted
LDAP packet in the following formation:
+-----------------+---------------------+
| SASL Packet #1 | SASL Packet #2 |
----------------------------------------+
| LDAP Packet #1 | LDAP Packet #2 |
----------------------------------------+
In the old code, this was illegal, but it is perfectly standard
SASL-encrypted LDAP. Without the callback, we would read and process
the first LDAP packet, and the SASL code would have read the second SASL
packet (to decrypt enough data for the LDAP packet), and no data would
remain on the socket.
Without data on the socket, read events stop. That is why I add timed
events, until the SASL buffer is drained.
Another approach would be to add a hack to the event system, to have it
pretend there remained data to read off the network (but that is ugly).
In improving the code, to handle more real-world cases, I've been able
to remove almost all the special-cases in the testnonblock code. The
only special case is that we must use a deterministic partial packet
when calling send, rather than a random length. (1 + n/2). This is
needed because of the way the SASL and TLS code works, and the 'resend
on failure' requirements.
Andrew Bartlett
(This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
2006-07-23 06:50:08 +04:00
}
2005-11-09 16:33:53 +03:00
talloc_free ( el ) ;
}
}
/* we're out of requests to send, so don't wait for write
events any more */
2010-05-25 23:28:35 +04:00
TEVENT_FD_NOT_WRITEABLE ( pc - > fde ) ;
2005-11-09 16:33:53 +03:00
}
/*
r17197: This patch moves the encryption of bulk data on SASL negotiated security
contexts from the application layer into the socket layer.
This improves a number of correctness aspects, as we now allow LDAP
packets to cross multiple SASL packets. It should also make it much
easier to write async LDAP tests from windows clients, as they use SASL
by default. It is also vital to allowing OpenLDAP clients to use GSSAPI
against Samba4, as it negotiates a rather small SASL buffer size.
This patch mirrors the earlier work done to move TLS into the socket
layer.
Unusual in this pstch is the extra read callback argument I take. As
SASL is a layer on top of a socket, it is entirely possible for the
SASL layer to drain a socket dry, but for the caller not to have read
all the decrypted data. This would leave the system without an event
to restart the read (as the socket is dry).
As such, I re-invoke the read handler from a timed callback, which
should trigger on the next running of the event loop. I believe that
the TLS code does require a similar callback.
In trying to understand why this is required, imagine a SASL-encrypted
LDAP packet in the following formation:
+-----------------+---------------------+
| SASL Packet #1 | SASL Packet #2 |
----------------------------------------+
| LDAP Packet #1 | LDAP Packet #2 |
----------------------------------------+
In the old code, this was illegal, but it is perfectly standard
SASL-encrypted LDAP. Without the callback, we would read and process
the first LDAP packet, and the SASL code would have read the second SASL
packet (to decrypt enough data for the LDAP packet), and no data would
remain on the socket.
Without data on the socket, read events stop. That is why I add timed
events, until the SASL buffer is drained.
Another approach would be to add a hack to the event system, to have it
pretend there remained data to read off the network (but that is ugly).
In improving the code, to handle more real-world cases, I've been able
to remove almost all the special-cases in the testnonblock code. The
only special case is that we must use a deterministic partial packet
when calling send, rather than a random length. (1 + n/2). This is
needed because of the way the SASL and TLS code works, and the 'resend
on failure' requirements.
Andrew Bartlett
(This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
2006-07-23 06:50:08 +04:00
put a packet in the send queue . When the packet is actually sent ,
call send_callback .
2009-10-18 08:56:16 +04:00
Useful for operations that must occur after sending a message , such
r17197: This patch moves the encryption of bulk data on SASL negotiated security
contexts from the application layer into the socket layer.
This improves a number of correctness aspects, as we now allow LDAP
packets to cross multiple SASL packets. It should also make it much
easier to write async LDAP tests from windows clients, as they use SASL
by default. It is also vital to allowing OpenLDAP clients to use GSSAPI
against Samba4, as it negotiates a rather small SASL buffer size.
This patch mirrors the earlier work done to move TLS into the socket
layer.
Unusual in this pstch is the extra read callback argument I take. As
SASL is a layer on top of a socket, it is entirely possible for the
SASL layer to drain a socket dry, but for the caller not to have read
all the decrypted data. This would leave the system without an event
to restart the read (as the socket is dry).
As such, I re-invoke the read handler from a timed callback, which
should trigger on the next running of the event loop. I believe that
the TLS code does require a similar callback.
In trying to understand why this is required, imagine a SASL-encrypted
LDAP packet in the following formation:
+-----------------+---------------------+
| SASL Packet #1 | SASL Packet #2 |
----------------------------------------+
| LDAP Packet #1 | LDAP Packet #2 |
----------------------------------------+
In the old code, this was illegal, but it is perfectly standard
SASL-encrypted LDAP. Without the callback, we would read and process
the first LDAP packet, and the SASL code would have read the second SASL
packet (to decrypt enough data for the LDAP packet), and no data would
remain on the socket.
Without data on the socket, read events stop. That is why I add timed
events, until the SASL buffer is drained.
Another approach would be to add a hack to the event system, to have it
pretend there remained data to read off the network (but that is ugly).
In improving the code, to handle more real-world cases, I've been able
to remove almost all the special-cases in the testnonblock code. The
only special case is that we must use a deterministic partial packet
when calling send, rather than a random length. (1 + n/2). This is
needed because of the way the SASL and TLS code works, and the 'resend
on failure' requirements.
Andrew Bartlett
(This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
2006-07-23 06:50:08 +04:00
as the switch to SASL encryption after as sucessful LDAP bind relpy .
2005-11-09 16:33:53 +03:00
*/
r17197: This patch moves the encryption of bulk data on SASL negotiated security
contexts from the application layer into the socket layer.
This improves a number of correctness aspects, as we now allow LDAP
packets to cross multiple SASL packets. It should also make it much
easier to write async LDAP tests from windows clients, as they use SASL
by default. It is also vital to allowing OpenLDAP clients to use GSSAPI
against Samba4, as it negotiates a rather small SASL buffer size.
This patch mirrors the earlier work done to move TLS into the socket
layer.
Unusual in this pstch is the extra read callback argument I take. As
SASL is a layer on top of a socket, it is entirely possible for the
SASL layer to drain a socket dry, but for the caller not to have read
all the decrypted data. This would leave the system without an event
to restart the read (as the socket is dry).
As such, I re-invoke the read handler from a timed callback, which
should trigger on the next running of the event loop. I believe that
the TLS code does require a similar callback.
In trying to understand why this is required, imagine a SASL-encrypted
LDAP packet in the following formation:
+-----------------+---------------------+
| SASL Packet #1 | SASL Packet #2 |
----------------------------------------+
| LDAP Packet #1 | LDAP Packet #2 |
----------------------------------------+
In the old code, this was illegal, but it is perfectly standard
SASL-encrypted LDAP. Without the callback, we would read and process
the first LDAP packet, and the SASL code would have read the second SASL
packet (to decrypt enough data for the LDAP packet), and no data would
remain on the socket.
Without data on the socket, read events stop. That is why I add timed
events, until the SASL buffer is drained.
Another approach would be to add a hack to the event system, to have it
pretend there remained data to read off the network (but that is ugly).
In improving the code, to handle more real-world cases, I've been able
to remove almost all the special-cases in the testnonblock code. The
only special case is that we must use a deterministic partial packet
when calling send, rather than a random length. (1 + n/2). This is
needed because of the way the SASL and TLS code works, and the 'resend
on failure' requirements.
Andrew Bartlett
(This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
2006-07-23 06:50:08 +04:00
_PUBLIC_ NTSTATUS packet_send_callback ( struct packet_context * pc , DATA_BLOB blob ,
packet_send_callback_fn_t send_callback ,
2009-02-02 10:22:01 +03:00
void * private_data )
2005-11-09 16:33:53 +03:00
{
struct send_element * el ;
el = talloc ( pc , struct send_element ) ;
NT_STATUS_HAVE_NO_MEMORY ( el ) ;
2016-02-05 13:32:18 +03:00
DLIST_ADD_END ( pc - > send_queue , el ) ;
2005-11-09 16:33:53 +03:00
el - > blob = blob ;
el - > nsent = 0 ;
r17197: This patch moves the encryption of bulk data on SASL negotiated security
contexts from the application layer into the socket layer.
This improves a number of correctness aspects, as we now allow LDAP
packets to cross multiple SASL packets. It should also make it much
easier to write async LDAP tests from windows clients, as they use SASL
by default. It is also vital to allowing OpenLDAP clients to use GSSAPI
against Samba4, as it negotiates a rather small SASL buffer size.
This patch mirrors the earlier work done to move TLS into the socket
layer.
Unusual in this pstch is the extra read callback argument I take. As
SASL is a layer on top of a socket, it is entirely possible for the
SASL layer to drain a socket dry, but for the caller not to have read
all the decrypted data. This would leave the system without an event
to restart the read (as the socket is dry).
As such, I re-invoke the read handler from a timed callback, which
should trigger on the next running of the event loop. I believe that
the TLS code does require a similar callback.
In trying to understand why this is required, imagine a SASL-encrypted
LDAP packet in the following formation:
+-----------------+---------------------+
| SASL Packet #1 | SASL Packet #2 |
----------------------------------------+
| LDAP Packet #1 | LDAP Packet #2 |
----------------------------------------+
In the old code, this was illegal, but it is perfectly standard
SASL-encrypted LDAP. Without the callback, we would read and process
the first LDAP packet, and the SASL code would have read the second SASL
packet (to decrypt enough data for the LDAP packet), and no data would
remain on the socket.
Without data on the socket, read events stop. That is why I add timed
events, until the SASL buffer is drained.
Another approach would be to add a hack to the event system, to have it
pretend there remained data to read off the network (but that is ugly).
In improving the code, to handle more real-world cases, I've been able
to remove almost all the special-cases in the testnonblock code. The
only special case is that we must use a deterministic partial packet
when calling send, rather than a random length. (1 + n/2). This is
needed because of the way the SASL and TLS code works, and the 'resend
on failure' requirements.
Andrew Bartlett
(This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
2006-07-23 06:50:08 +04:00
el - > send_callback = send_callback ;
2009-02-02 10:22:01 +03:00
el - > send_callback_private = private_data ;
2005-11-10 14:10:40 +03:00
/* if we aren't going to free the packet then we must reference it
to ensure it doesn ' t disappear before going out */
if ( pc - > nofree ) {
2005-11-10 16:52:07 +03:00
if ( ! talloc_reference ( el , blob . data ) ) {
return NT_STATUS_NO_MEMORY ;
}
2005-11-10 14:10:40 +03:00
} else {
talloc_steal ( el , blob . data ) ;
}
2005-11-09 16:33:53 +03:00
2009-02-02 10:22:01 +03:00
if ( private_data & & ! talloc_reference ( el , private_data ) ) {
r17197: This patch moves the encryption of bulk data on SASL negotiated security
contexts from the application layer into the socket layer.
This improves a number of correctness aspects, as we now allow LDAP
packets to cross multiple SASL packets. It should also make it much
easier to write async LDAP tests from windows clients, as they use SASL
by default. It is also vital to allowing OpenLDAP clients to use GSSAPI
against Samba4, as it negotiates a rather small SASL buffer size.
This patch mirrors the earlier work done to move TLS into the socket
layer.
Unusual in this pstch is the extra read callback argument I take. As
SASL is a layer on top of a socket, it is entirely possible for the
SASL layer to drain a socket dry, but for the caller not to have read
all the decrypted data. This would leave the system without an event
to restart the read (as the socket is dry).
As such, I re-invoke the read handler from a timed callback, which
should trigger on the next running of the event loop. I believe that
the TLS code does require a similar callback.
In trying to understand why this is required, imagine a SASL-encrypted
LDAP packet in the following formation:
+-----------------+---------------------+
| SASL Packet #1 | SASL Packet #2 |
----------------------------------------+
| LDAP Packet #1 | LDAP Packet #2 |
----------------------------------------+
In the old code, this was illegal, but it is perfectly standard
SASL-encrypted LDAP. Without the callback, we would read and process
the first LDAP packet, and the SASL code would have read the second SASL
packet (to decrypt enough data for the LDAP packet), and no data would
remain on the socket.
Without data on the socket, read events stop. That is why I add timed
events, until the SASL buffer is drained.
Another approach would be to add a hack to the event system, to have it
pretend there remained data to read off the network (but that is ugly).
In improving the code, to handle more real-world cases, I've been able
to remove almost all the special-cases in the testnonblock code. The
only special case is that we must use a deterministic partial packet
when calling send, rather than a random length. (1 + n/2). This is
needed because of the way the SASL and TLS code works, and the 'resend
on failure' requirements.
Andrew Bartlett
(This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
2006-07-23 06:50:08 +04:00
return NT_STATUS_NO_MEMORY ;
}
2010-05-25 23:28:35 +04:00
TEVENT_FD_WRITEABLE ( pc - > fde ) ;
2005-11-09 16:33:53 +03:00
return NT_STATUS_OK ;
}
r17197: This patch moves the encryption of bulk data on SASL negotiated security
contexts from the application layer into the socket layer.
This improves a number of correctness aspects, as we now allow LDAP
packets to cross multiple SASL packets. It should also make it much
easier to write async LDAP tests from windows clients, as they use SASL
by default. It is also vital to allowing OpenLDAP clients to use GSSAPI
against Samba4, as it negotiates a rather small SASL buffer size.
This patch mirrors the earlier work done to move TLS into the socket
layer.
Unusual in this pstch is the extra read callback argument I take. As
SASL is a layer on top of a socket, it is entirely possible for the
SASL layer to drain a socket dry, but for the caller not to have read
all the decrypted data. This would leave the system without an event
to restart the read (as the socket is dry).
As such, I re-invoke the read handler from a timed callback, which
should trigger on the next running of the event loop. I believe that
the TLS code does require a similar callback.
In trying to understand why this is required, imagine a SASL-encrypted
LDAP packet in the following formation:
+-----------------+---------------------+
| SASL Packet #1 | SASL Packet #2 |
----------------------------------------+
| LDAP Packet #1 | LDAP Packet #2 |
----------------------------------------+
In the old code, this was illegal, but it is perfectly standard
SASL-encrypted LDAP. Without the callback, we would read and process
the first LDAP packet, and the SASL code would have read the second SASL
packet (to decrypt enough data for the LDAP packet), and no data would
remain on the socket.
Without data on the socket, read events stop. That is why I add timed
events, until the SASL buffer is drained.
Another approach would be to add a hack to the event system, to have it
pretend there remained data to read off the network (but that is ugly).
In improving the code, to handle more real-world cases, I've been able
to remove almost all the special-cases in the testnonblock code. The
only special case is that we must use a deterministic partial packet
when calling send, rather than a random length. (1 + n/2). This is
needed because of the way the SASL and TLS code works, and the 'resend
on failure' requirements.
Andrew Bartlett
(This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
2006-07-23 06:50:08 +04:00
/*
put a packet in the send queue
*/
_PUBLIC_ NTSTATUS packet_send ( struct packet_context * pc , DATA_BLOB blob )
{
return packet_send_callback ( pc , blob , NULL , NULL ) ;
}
2005-11-09 11:11:50 +03:00
/*
a full request checker for NBT formatted packets ( first 3 bytes are length )
*/
2009-02-02 10:22:01 +03:00
_PUBLIC_ NTSTATUS packet_full_request_nbt ( void * private_data , DATA_BLOB blob , size_t * size )
2005-11-09 11:11:50 +03:00
{
if ( blob . length < 4 ) {
return STATUS_MORE_ENTRIES ;
}
2011-10-19 16:00:12 +04:00
/*
* Note : that we use smb_len_tcp ( ) instead
* of smb_len_nbt ( ) as this function is not
* used for nbt and the source4 copy
* of smb_len ( ) was smb_len_tcp ( )
*/
* size = 4 + smb_len_tcp ( blob . data ) ;
2005-11-10 03:25:57 +03:00
if ( * size > blob . length ) {
2005-11-09 11:11:50 +03:00
return STATUS_MORE_ENTRIES ;
}
return NT_STATUS_OK ;
}
2005-11-09 16:33:53 +03:00
2005-11-10 03:25:57 +03:00
/*
work out if a packet is complete for protocols that use a 32 bit network byte
order length
*/
2009-02-02 10:22:01 +03:00
_PUBLIC_ NTSTATUS packet_full_request_u32 ( void * private_data , DATA_BLOB blob , size_t * size )
2005-11-10 03:25:57 +03:00
{
if ( blob . length < 4 ) {
return STATUS_MORE_ENTRIES ;
}
* size = 4 + RIVAL ( blob . data , 0 ) ;
if ( * size > blob . length ) {
return STATUS_MORE_ENTRIES ;
}
return NT_STATUS_OK ;
}
2012-03-06 11:49:16 +04:00
_PUBLIC_ NTSTATUS packet_full_request_u16 ( void * private_data , DATA_BLOB blob , size_t * size )
{
if ( blob . length < 2 ) {
return STATUS_MORE_ENTRIES ;
}
* size = 2 + RSVAL ( blob . data , 0 ) ;
if ( * size > blob . length ) {
return STATUS_MORE_ENTRIES ;
}
return NT_STATUS_OK ;
}
