1*0Sstevel@tonic-gate /* 2*0Sstevel@tonic-gate * CDDL HEADER START 3*0Sstevel@tonic-gate * 4*0Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5*0Sstevel@tonic-gate * Common Development and Distribution License, Version 1.0 only 6*0Sstevel@tonic-gate * (the "License"). You may not use this file except in compliance 7*0Sstevel@tonic-gate * with the License. 8*0Sstevel@tonic-gate * 9*0Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10*0Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 11*0Sstevel@tonic-gate * See the License for the specific language governing permissions 12*0Sstevel@tonic-gate * and limitations under the License. 13*0Sstevel@tonic-gate * 14*0Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 15*0Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16*0Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 17*0Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 18*0Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 19*0Sstevel@tonic-gate * 20*0Sstevel@tonic-gate * CDDL HEADER END 21*0Sstevel@tonic-gate */ 22*0Sstevel@tonic-gate /* 23*0Sstevel@tonic-gate * Copyright (c) 1999-2000 by Sun Microsystems, Inc. 24*0Sstevel@tonic-gate * All rights reserved. 25*0Sstevel@tonic-gate */ 26*0Sstevel@tonic-gate 27*0Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 28*0Sstevel@tonic-gate 29*0Sstevel@tonic-gate /* 30*0Sstevel@tonic-gate * References used throughout this code: 31*0Sstevel@tonic-gate * 32*0Sstevel@tonic-gate * [CIFS/1.0] : A Common Internet File System (CIFS/1.0) Protocol 33*0Sstevel@tonic-gate * Internet Engineering Task Force (IETF) draft 34*0Sstevel@tonic-gate * Paul J. Leach, Microsoft, Dec. 1997 35*0Sstevel@tonic-gate * 36*0Sstevel@tonic-gate * [X/Open-SMB] : X/Open CAE Specification; 37*0Sstevel@tonic-gate * Protocols for X/Open PC Interworking: SMB, Version 2 38*0Sstevel@tonic-gate * X/Open Document Number: C209 39*0Sstevel@tonic-gate */ 40*0Sstevel@tonic-gate 41*0Sstevel@tonic-gate #include <fcntl.h> 42*0Sstevel@tonic-gate #include <stdio.h> 43*0Sstevel@tonic-gate #include <stdlib.h> 44*0Sstevel@tonic-gate #include <string.h> 45*0Sstevel@tonic-gate 46*0Sstevel@tonic-gate #include "snoop.h" 47*0Sstevel@tonic-gate 48*0Sstevel@tonic-gate /* some macros just for compactness */ 49*0Sstevel@tonic-gate #define GETLINE get_line(0, 0) 50*0Sstevel@tonic-gate #define DECARGS int flags, uchar_t *data, int len, char *extrainfo 51*0Sstevel@tonic-gate 52*0Sstevel@tonic-gate /* 53*0Sstevel@tonic-gate * SMB Format (header) 54*0Sstevel@tonic-gate * [X/Open-SMB, Sec. 5.1] 55*0Sstevel@tonic-gate */ 56*0Sstevel@tonic-gate struct smb { 57*0Sstevel@tonic-gate uchar_t idf[4]; /* identifier, contains 0xff, 'SMB' */ 58*0Sstevel@tonic-gate uchar_t com; /* command code */ 59*0Sstevel@tonic-gate uchar_t rcls; /* error class */ 60*0Sstevel@tonic-gate uchar_t res; 61*0Sstevel@tonic-gate uchar_t err[2]; /* error code */ 62*0Sstevel@tonic-gate uchar_t flags; 63*0Sstevel@tonic-gate uchar_t flags2[2]; 64*0Sstevel@tonic-gate uchar_t re[12]; 65*0Sstevel@tonic-gate uchar_t tid[2]; 66*0Sstevel@tonic-gate uchar_t pid[2]; 67*0Sstevel@tonic-gate uchar_t uid[2]; 68*0Sstevel@tonic-gate uchar_t mid[2]; 69*0Sstevel@tonic-gate /* 70*0Sstevel@tonic-gate * immediately after the above 32 byte header: 71*0Sstevel@tonic-gate * unsigned char WordCount; 72*0Sstevel@tonic-gate * unsigned short ParameterWords[ WordCount ]; 73*0Sstevel@tonic-gate * unsigned short ByteCount; 74*0Sstevel@tonic-gate * unsigned char ParameterBytes[ ByteCount ]; 75*0Sstevel@tonic-gate */ 76*0Sstevel@tonic-gate }; 77*0Sstevel@tonic-gate 78*0Sstevel@tonic-gate /* smb flags */ 79*0Sstevel@tonic-gate #define SERVER_RESPONSE 0x80 80*0Sstevel@tonic-gate 81*0Sstevel@tonic-gate static void interpret_sesssetupX(DECARGS); 82*0Sstevel@tonic-gate static void interpret_tconX(DECARGS); 83*0Sstevel@tonic-gate static void interpret_trans(DECARGS); 84*0Sstevel@tonic-gate static void interpret_trans2(DECARGS); 85*0Sstevel@tonic-gate static void interpret_negprot(DECARGS); 86*0Sstevel@tonic-gate static void interpret_default(DECARGS); 87*0Sstevel@tonic-gate 88*0Sstevel@tonic-gate /* 89*0Sstevel@tonic-gate * Trans2 subcommand codes 90*0Sstevel@tonic-gate * [X/Open-SMB, Sec. 16.1.7] 91*0Sstevel@tonic-gate */ 92*0Sstevel@tonic-gate #define TRANS2_OPEN 0x00 93*0Sstevel@tonic-gate #define TRANS2_FIND_FIRST 0x01 94*0Sstevel@tonic-gate #define TRANS2_FIND_NEXT2 0x02 95*0Sstevel@tonic-gate #define TRANS2_QUERY_FS_INFORMATION 0x03 96*0Sstevel@tonic-gate #define TRANS2_QUERY_PATH_INFORMATION 0x05 97*0Sstevel@tonic-gate #define TRANS2_SET_PATH_INFORMATION 0x06 98*0Sstevel@tonic-gate #define TRANS2_QUERY_FILE_INFORMATION 0x07 99*0Sstevel@tonic-gate #define TRANS2_SET_FILE_INFORMATION 0x08 100*0Sstevel@tonic-gate #define TRANS2_CREATE_DIRECTORY 0x0D 101*0Sstevel@tonic-gate 102*0Sstevel@tonic-gate 103*0Sstevel@tonic-gate struct decode { 104*0Sstevel@tonic-gate char *name; 105*0Sstevel@tonic-gate void (*func)(DECARGS); 106*0Sstevel@tonic-gate char *callfmt; 107*0Sstevel@tonic-gate char *replyfmt; 108*0Sstevel@tonic-gate }; 109*0Sstevel@tonic-gate 110*0Sstevel@tonic-gate /* 111*0Sstevel@tonic-gate * SMB command codes (function names) 112*0Sstevel@tonic-gate * [X/Open-SMB, Sec. 5.2] 113*0Sstevel@tonic-gate */ 114*0Sstevel@tonic-gate static struct decode SMBtable[256] = { 115*0Sstevel@tonic-gate /* 0x00 */ 116*0Sstevel@tonic-gate { "mkdir", 0, 0, 0 }, 117*0Sstevel@tonic-gate { "rmdir", 0, 0, 0 }, 118*0Sstevel@tonic-gate { "open", 0, 0, 0 }, 119*0Sstevel@tonic-gate { "create", 0, 0, 0 }, 120*0Sstevel@tonic-gate 121*0Sstevel@tonic-gate { 122*0Sstevel@tonic-gate "close", 0, 123*0Sstevel@tonic-gate /* [X/Open-SMB, Sec. 7.10] */ 124*0Sstevel@tonic-gate "WFileID\0lLastModTime\0wByteCount\0\0", 125*0Sstevel@tonic-gate "wByteCount\0\0" 126*0Sstevel@tonic-gate }, 127*0Sstevel@tonic-gate 128*0Sstevel@tonic-gate { "flush", 0, 0, 0 }, 129*0Sstevel@tonic-gate { "unlink", 0, 0, 0 }, 130*0Sstevel@tonic-gate 131*0Sstevel@tonic-gate { 132*0Sstevel@tonic-gate "mv", 0, 133*0Sstevel@tonic-gate /* [X/Open-SMB, Sec. 7.11] */ 134*0Sstevel@tonic-gate "wFileAttributes\0wByteCount\0" 135*0Sstevel@tonic-gate "r\0UFileName\0r\0UNewPath\0\0", 136*0Sstevel@tonic-gate "wByteCount\0\0" 137*0Sstevel@tonic-gate }, 138*0Sstevel@tonic-gate 139*0Sstevel@tonic-gate { 140*0Sstevel@tonic-gate "getatr", 0, 141*0Sstevel@tonic-gate /* [X/Open-SMB, Sec. 8.4] */ 142*0Sstevel@tonic-gate "dBytecount\0r\0UFileName\0\0", 143*0Sstevel@tonic-gate "wFileAttributes\0lTime\0lSize\0R\0R\0R\0" 144*0Sstevel@tonic-gate "R\0R\0wByteCount\0\0" 145*0Sstevel@tonic-gate }, 146*0Sstevel@tonic-gate 147*0Sstevel@tonic-gate { "setatr", 0, 0, 0 }, 148*0Sstevel@tonic-gate 149*0Sstevel@tonic-gate { 150*0Sstevel@tonic-gate "read", 0, 151*0Sstevel@tonic-gate /* [X/Open-SMB, Sec. 7.4] */ 152*0Sstevel@tonic-gate "WFileID\0wI/0 Bytes\0LFileOffset\0" 153*0Sstevel@tonic-gate "WBytesLeft\0wByteCount\0\0", 154*0Sstevel@tonic-gate "WDataLength\0R\0R\0R\0R\0wByteCount\0\0" 155*0Sstevel@tonic-gate }, 156*0Sstevel@tonic-gate 157*0Sstevel@tonic-gate { 158*0Sstevel@tonic-gate "write", 0, 159*0Sstevel@tonic-gate /* [X/Open-SMB, Sec. 7.5] */ 160*0Sstevel@tonic-gate "WFileID\0wI/0 Bytes\0LFileOffset\0WBytesLeft\0" 161*0Sstevel@tonic-gate "wByteCount\0\0", 162*0Sstevel@tonic-gate "WDataLength\0wByteCount\0\0" 163*0Sstevel@tonic-gate }, 164*0Sstevel@tonic-gate 165*0Sstevel@tonic-gate { "lock", 0, 0, 0 }, 166*0Sstevel@tonic-gate { "unlock", 0, 0, 0 }, 167*0Sstevel@tonic-gate { "ctemp", 0, 0, 0 }, 168*0Sstevel@tonic-gate { "mknew", 0, 0, 0 }, 169*0Sstevel@tonic-gate 170*0Sstevel@tonic-gate /* 0x10 */ 171*0Sstevel@tonic-gate { 172*0Sstevel@tonic-gate "chkpth", 0, 173*0Sstevel@tonic-gate /* [X/Open-SMB, Sec. 8.7] */ 174*0Sstevel@tonic-gate "wByteCount\0r\0UFile\0\0", 175*0Sstevel@tonic-gate "wByteCount\0\0" 176*0Sstevel@tonic-gate }, 177*0Sstevel@tonic-gate 178*0Sstevel@tonic-gate { "exit", 0, 0, 0 }, 179*0Sstevel@tonic-gate { "lseek", 0, 0, 0 }, 180*0Sstevel@tonic-gate { "lockread", 0, 0, 0 }, 181*0Sstevel@tonic-gate { "writeunlock", 0, 0, 0 }, 182*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 183*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 184*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 185*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 186*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 187*0Sstevel@tonic-gate 188*0Sstevel@tonic-gate { 189*0Sstevel@tonic-gate "readbraw", 0, 190*0Sstevel@tonic-gate /* [X/Open-SMB, Sec. 10.1] */ 191*0Sstevel@tonic-gate "WFileID\0LFileOffset\0wMaxCount\0" 192*0Sstevel@tonic-gate "wMinCount\0lTimeout\0R\0wByteCount\0\0", 0 193*0Sstevel@tonic-gate }, 194*0Sstevel@tonic-gate 195*0Sstevel@tonic-gate { "readbmpx", 0, 0, 0 }, 196*0Sstevel@tonic-gate { "readbs", 0, 0, 0 }, 197*0Sstevel@tonic-gate { "writebraw", 0, 0, 0 }, 198*0Sstevel@tonic-gate { "writebmpx", 0, 0, 0 }, 199*0Sstevel@tonic-gate { "writebs", 0, 0, 0 }, 200*0Sstevel@tonic-gate 201*0Sstevel@tonic-gate /* 0x20 */ 202*0Sstevel@tonic-gate { "writec", 0, 0, 0 }, 203*0Sstevel@tonic-gate { "qrysrv", 0, 0, 0 }, 204*0Sstevel@tonic-gate { "setattrE", 0, 0, 0 }, 205*0Sstevel@tonic-gate { "getattrE", 0, 0, 0 }, 206*0Sstevel@tonic-gate 207*0Sstevel@tonic-gate { 208*0Sstevel@tonic-gate "lockingX", 0, 209*0Sstevel@tonic-gate /* [X/Open-SMB, Sec. 12.2] */ 210*0Sstevel@tonic-gate "wChainedCommand\0wNextOffset\0WFileID\0" 211*0Sstevel@tonic-gate "wLockType\0lOpenTimeout\0" 212*0Sstevel@tonic-gate "W#Unlocks\0W#Locks\0wByteCount\0\0", 0 213*0Sstevel@tonic-gate }, 214*0Sstevel@tonic-gate 215*0Sstevel@tonic-gate { "trans", interpret_trans, 0, 0 }, 216*0Sstevel@tonic-gate { "transs", 0, 0, 0 }, 217*0Sstevel@tonic-gate { "ioctl", 0, 0, 0 }, 218*0Sstevel@tonic-gate { "ioctls", 0, 0, 0 }, 219*0Sstevel@tonic-gate { "copy", 0, 0, 0 }, 220*0Sstevel@tonic-gate { "move", 0, 0, 0 }, 221*0Sstevel@tonic-gate { "echo", 0, 0, 0 }, 222*0Sstevel@tonic-gate { "writeclose", 0, 0, 0 }, 223*0Sstevel@tonic-gate 224*0Sstevel@tonic-gate { 225*0Sstevel@tonic-gate "openX", 0, 226*0Sstevel@tonic-gate /* [X/Open-SMB, Sec. 12.1] */ 227*0Sstevel@tonic-gate "wChainedCommand\0wNextOffset\0wFlags\0" 228*0Sstevel@tonic-gate "wMode\0wSearchAttributes\0wFileAttributes\0" 229*0Sstevel@tonic-gate "lTime\0wOpenFunction\0lFileSize\0lOpenTimeout\0" 230*0Sstevel@tonic-gate "R\0R\0wByteCount\0r\0UFileName\0\0", 231*0Sstevel@tonic-gate "wChainedCommand\0wNextOffset\0WFileID\0" 232*0Sstevel@tonic-gate "wAttributes\0lTime\0LSize\0wOpenMode\0" 233*0Sstevel@tonic-gate "wFileType\0wDeviceState\0wActionTaken\0" 234*0Sstevel@tonic-gate "lUniqueFileID\0R\0wBytecount\0\0" 235*0Sstevel@tonic-gate }, 236*0Sstevel@tonic-gate 237*0Sstevel@tonic-gate { "readX", 0, 0, 0 }, 238*0Sstevel@tonic-gate { "writeX", 0, 0, 0 }, 239*0Sstevel@tonic-gate 240*0Sstevel@tonic-gate /* 0x30 */ 241*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 242*0Sstevel@tonic-gate { "closeTD", 0, 0, 0 }, 243*0Sstevel@tonic-gate { "trans2", interpret_trans2, 0, 0 }, 244*0Sstevel@tonic-gate { "trans2s", 0, 0, 0 }, 245*0Sstevel@tonic-gate { 246*0Sstevel@tonic-gate "findclose", 0, 247*0Sstevel@tonic-gate /* [X/Open-SMB, Sec. 15.4 ] */ 248*0Sstevel@tonic-gate "WFileID\0wByteCount\0\0", 249*0Sstevel@tonic-gate "wByteCount\0\0" 250*0Sstevel@tonic-gate }, 251*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 252*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 253*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 254*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 255*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 256*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 257*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 258*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 259*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 260*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 261*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 262*0Sstevel@tonic-gate 263*0Sstevel@tonic-gate /* 0x40 */ 264*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 265*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 266*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 267*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 268*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 269*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 270*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 271*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 272*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 273*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 274*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 275*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 276*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 277*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 278*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 279*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 280*0Sstevel@tonic-gate 281*0Sstevel@tonic-gate /* 0x50 */ 282*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 283*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 284*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 285*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 286*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 287*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 288*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 289*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 290*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 291*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 292*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 293*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 294*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 295*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 296*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 297*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 298*0Sstevel@tonic-gate 299*0Sstevel@tonic-gate /* 0x60 */ 300*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 301*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 302*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 303*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 304*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 305*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 306*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 307*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 308*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 309*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 310*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 311*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 312*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 313*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 314*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 315*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 316*0Sstevel@tonic-gate 317*0Sstevel@tonic-gate /* 0x70 */ 318*0Sstevel@tonic-gate { "tcon", 0, 0, 0 }, 319*0Sstevel@tonic-gate { 320*0Sstevel@tonic-gate "tdis", 0, 321*0Sstevel@tonic-gate /* [X/Open-SMB, Sec. 6.3] */ 322*0Sstevel@tonic-gate "wByteCount\0\0", 323*0Sstevel@tonic-gate "wByteCount\0\0" 324*0Sstevel@tonic-gate }, 325*0Sstevel@tonic-gate { "negprot", interpret_negprot, 0, 0 }, 326*0Sstevel@tonic-gate { "sesssetupX", interpret_sesssetupX, 0, 0 }, 327*0Sstevel@tonic-gate { 328*0Sstevel@tonic-gate "uloggoffX", 0, 329*0Sstevel@tonic-gate /* [X/Open-SMB, Sec. 15.5] */ 330*0Sstevel@tonic-gate "wChainedCommand\0wNextOffset\0\0", 331*0Sstevel@tonic-gate "wChainedCommnad\0wNextOffset\0\0" }, 332*0Sstevel@tonic-gate { "tconX", interpret_tconX, 0, 0 }, 333*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 334*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 335*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 336*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 337*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 338*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 339*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 340*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 341*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 342*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 343*0Sstevel@tonic-gate 344*0Sstevel@tonic-gate /* 0x80 */ 345*0Sstevel@tonic-gate { "dskattr", 0, 0, 0 }, 346*0Sstevel@tonic-gate { "search", 0, 0, 0 }, 347*0Sstevel@tonic-gate { "ffirst", 0, 0, 0 }, 348*0Sstevel@tonic-gate { "funique", 0, 0, 0 }, 349*0Sstevel@tonic-gate { "fclose", 0, 0, 0 }, 350*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 351*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 352*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 353*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 354*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 355*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 356*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 357*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 358*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 359*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 360*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 361*0Sstevel@tonic-gate 362*0Sstevel@tonic-gate /* 0x90 */ 363*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 364*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 365*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 366*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 367*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 368*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 369*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 370*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 371*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 372*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 373*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 374*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 375*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 376*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 377*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 378*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 379*0Sstevel@tonic-gate 380*0Sstevel@tonic-gate /* 0xa0 */ 381*0Sstevel@tonic-gate /* 382*0Sstevel@tonic-gate * Command codes 0xa0 to 0xa7 are from 383*0Sstevel@tonic-gate * [CIFS/1.0, Sec. 5.1] 384*0Sstevel@tonic-gate */ 385*0Sstevel@tonic-gate { " NT_Trans", 0, 0, 0 }, 386*0Sstevel@tonic-gate { " NT_Trans2", 0, 0, 0 }, 387*0Sstevel@tonic-gate { 388*0Sstevel@tonic-gate " NT_CreateX", 0, 389*0Sstevel@tonic-gate /* [CIFS/1.0, Sec. 4.2.1] */ 390*0Sstevel@tonic-gate "wChainedCommand\0wNextOffset\0r\0" 391*0Sstevel@tonic-gate "wNameLength\0lCreateFlags\0lRootDirFID\0" 392*0Sstevel@tonic-gate "lDesiredAccess\0R\0R\0R\0R\0" 393*0Sstevel@tonic-gate "lNTFileAttributes\0lFileShareAccess\0" 394*0Sstevel@tonic-gate "R\0R\0lCreateOption\0lImpersonationLevel\0" 395*0Sstevel@tonic-gate "bSecurityFlags\0wByteCount\0r\0" 396*0Sstevel@tonic-gate "UFileName\0\0", 397*0Sstevel@tonic-gate "wChainedCommand\0wNextOffset\0" 398*0Sstevel@tonic-gate "bOplockLevel\0WFileID\0lCreateAction\0\0" 399*0Sstevel@tonic-gate }, 400*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 401*0Sstevel@tonic-gate { 402*0Sstevel@tonic-gate " NT_Cancel", 0, 403*0Sstevel@tonic-gate /* [CIFS/1.0, Sec. 4.1.8] */ 404*0Sstevel@tonic-gate "wByteCount\0", 0 405*0Sstevel@tonic-gate }, 406*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 407*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 408*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 409*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 410*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 411*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 412*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 413*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 414*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 415*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 416*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 417*0Sstevel@tonic-gate 418*0Sstevel@tonic-gate /* 0xb0 */ 419*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 420*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 421*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 422*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 423*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 424*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 425*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 426*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 427*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 428*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 429*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 430*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 431*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 432*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 433*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 434*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 435*0Sstevel@tonic-gate 436*0Sstevel@tonic-gate /* 0xc0 */ 437*0Sstevel@tonic-gate { "splopen", 0, 0, 0 }, 438*0Sstevel@tonic-gate { "splwr", 0, 0, 0 }, 439*0Sstevel@tonic-gate { "splclose", 0, 0, 0 }, 440*0Sstevel@tonic-gate { "splretq", 0, 0, 0 }, 441*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 442*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 443*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 444*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 445*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 446*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 447*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 448*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 449*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 450*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 451*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 452*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 453*0Sstevel@tonic-gate 454*0Sstevel@tonic-gate /* 0xd0 */ 455*0Sstevel@tonic-gate { "sends", 0, 0, 0 }, 456*0Sstevel@tonic-gate { "sendb", 0, 0, 0 }, 457*0Sstevel@tonic-gate { "fwdname", 0, 0, 0 }, 458*0Sstevel@tonic-gate { "cancelf", 0, 0, 0 }, 459*0Sstevel@tonic-gate { "getmac", 0, 0, 0 }, 460*0Sstevel@tonic-gate { "sendstrt", 0, 0, 0 }, 461*0Sstevel@tonic-gate { "sendend", 0, 0, 0 }, 462*0Sstevel@tonic-gate { "sendtxt", 0, 0, 0 }, 463*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 464*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 465*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 466*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 467*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 468*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 469*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 470*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 471*0Sstevel@tonic-gate 472*0Sstevel@tonic-gate /* 0xe0 */ 473*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 474*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 475*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 476*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 477*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 478*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 479*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 480*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 481*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 482*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 483*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 484*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 485*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 486*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 487*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 488*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 489*0Sstevel@tonic-gate 490*0Sstevel@tonic-gate /* 0xf0 */ 491*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 492*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 493*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 494*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 495*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 496*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 497*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 498*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 499*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 500*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 501*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 502*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 503*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 504*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 505*0Sstevel@tonic-gate { 0, 0, 0, 0 }, 506*0Sstevel@tonic-gate { 0, 0, 0, 0 } 507*0Sstevel@tonic-gate }; 508*0Sstevel@tonic-gate 509*0Sstevel@tonic-gate /* Helpers to get short and int values in Intel order. */ 510*0Sstevel@tonic-gate static ushort_t 511*0Sstevel@tonic-gate get2(uchar_t *p) { 512*0Sstevel@tonic-gate return (p[0] + (p[1]<<8)); 513*0Sstevel@tonic-gate } 514*0Sstevel@tonic-gate static uint_t 515*0Sstevel@tonic-gate get4(uchar_t *p) { 516*0Sstevel@tonic-gate return (p[0] + (p[1]<<8) + (p[2]<<16) + (p[3]<<24)); 517*0Sstevel@tonic-gate } 518*0Sstevel@tonic-gate 519*0Sstevel@tonic-gate /* 520*0Sstevel@tonic-gate * This is called by snoop_netbios.c. 521*0Sstevel@tonic-gate * This is the external entry point. 522*0Sstevel@tonic-gate */ 523*0Sstevel@tonic-gate void 524*0Sstevel@tonic-gate interpret_smb(int flags, uchar_t *data, int len) 525*0Sstevel@tonic-gate { 526*0Sstevel@tonic-gate struct smb *smb; 527*0Sstevel@tonic-gate char *call_reply_detail, *call_reply_sum; 528*0Sstevel@tonic-gate struct decode *decoder; 529*0Sstevel@tonic-gate char xtra[300]; 530*0Sstevel@tonic-gate char *line; 531*0Sstevel@tonic-gate 532*0Sstevel@tonic-gate smb = (struct smb *)data; 533*0Sstevel@tonic-gate decoder = &SMBtable[smb->com & 255]; 534*0Sstevel@tonic-gate if (smb->flags & SERVER_RESPONSE) { 535*0Sstevel@tonic-gate call_reply_detail = "SERVER RESPONSE"; 536*0Sstevel@tonic-gate call_reply_sum = "R"; 537*0Sstevel@tonic-gate } else { 538*0Sstevel@tonic-gate call_reply_detail = "CLIENT REQUEST"; 539*0Sstevel@tonic-gate call_reply_sum = "C"; 540*0Sstevel@tonic-gate } 541*0Sstevel@tonic-gate xtra[0] = '\0'; 542*0Sstevel@tonic-gate 543*0Sstevel@tonic-gate /* 544*0Sstevel@tonic-gate * SMB Header description 545*0Sstevel@tonic-gate * [X/Open-SMB, Sec. 5.1] 546*0Sstevel@tonic-gate */ 547*0Sstevel@tonic-gate if (flags & F_DTAIL) { 548*0Sstevel@tonic-gate show_header("SMB: ", "SMB Header", len); 549*0Sstevel@tonic-gate show_space(); 550*0Sstevel@tonic-gate sprintf(GETLINE, "%s", call_reply_detail); 551*0Sstevel@tonic-gate 552*0Sstevel@tonic-gate (void) sprintf(GETLINE, "Command code = 0x%x", 553*0Sstevel@tonic-gate smb->com); 554*0Sstevel@tonic-gate if (decoder->name) 555*0Sstevel@tonic-gate (void) sprintf(GETLINE, 556*0Sstevel@tonic-gate "Command name = SMB%s", decoder->name); 557*0Sstevel@tonic-gate 558*0Sstevel@tonic-gate show_space(); 559*0Sstevel@tonic-gate sprintf(GETLINE, "SMB Status:"); 560*0Sstevel@tonic-gate 561*0Sstevel@tonic-gate /* Error classes [X/Open-SMB, Sec. 5.6] */ 562*0Sstevel@tonic-gate switch (smb->rcls) { 563*0Sstevel@tonic-gate case 0x00: 564*0Sstevel@tonic-gate sprintf(GETLINE, 565*0Sstevel@tonic-gate " - Error class = No error"); 566*0Sstevel@tonic-gate break; 567*0Sstevel@tonic-gate case 0x01: 568*0Sstevel@tonic-gate sprintf(GETLINE, 569*0Sstevel@tonic-gate " - Error class = Operating System"); 570*0Sstevel@tonic-gate break; 571*0Sstevel@tonic-gate case 0x02: 572*0Sstevel@tonic-gate sprintf(GETLINE, 573*0Sstevel@tonic-gate " - Error class = LMX server"); 574*0Sstevel@tonic-gate break; 575*0Sstevel@tonic-gate case 0x03: 576*0Sstevel@tonic-gate sprintf(GETLINE, 577*0Sstevel@tonic-gate " - Error class = Hardware"); 578*0Sstevel@tonic-gate break; 579*0Sstevel@tonic-gate case 0xff: 580*0Sstevel@tonic-gate default: 581*0Sstevel@tonic-gate sprintf(GETLINE, 582*0Sstevel@tonic-gate " - Error class = Incorrect format."); 583*0Sstevel@tonic-gate break; 584*0Sstevel@tonic-gate } 585*0Sstevel@tonic-gate 586*0Sstevel@tonic-gate if (smb->err[0] != 0x00) { 587*0Sstevel@tonic-gate sprintf(GETLINE, 588*0Sstevel@tonic-gate " - Error code = %x", smb->err[0]); 589*0Sstevel@tonic-gate } else 590*0Sstevel@tonic-gate sprintf(GETLINE, " - Error code = No error"); 591*0Sstevel@tonic-gate 592*0Sstevel@tonic-gate show_space(); 593*0Sstevel@tonic-gate 594*0Sstevel@tonic-gate sprintf(GETLINE, "Header:"); 595*0Sstevel@tonic-gate sprintf(GETLINE, " - Tree ID (TID) = 0x%.4x", 596*0Sstevel@tonic-gate get2(smb->tid)); 597*0Sstevel@tonic-gate sprintf(GETLINE, " - Process ID (PID) = 0x%.4x", 598*0Sstevel@tonic-gate get2(smb->pid)); 599*0Sstevel@tonic-gate sprintf(GETLINE, " - User ID (UID) = 0x%.4x", 600*0Sstevel@tonic-gate get2(smb->uid)); 601*0Sstevel@tonic-gate sprintf(GETLINE, " - Multiplex ID (MID) = 0x%.4x", 602*0Sstevel@tonic-gate get2(smb->mid)); 603*0Sstevel@tonic-gate sprintf(GETLINE, " - Flags summary = 0x%.2x", 604*0Sstevel@tonic-gate smb->flags); 605*0Sstevel@tonic-gate sprintf(GETLINE, " - Flags2 summary = 0x%.4x", 606*0Sstevel@tonic-gate get2(smb->flags2)); 607*0Sstevel@tonic-gate show_space(); 608*0Sstevel@tonic-gate } 609*0Sstevel@tonic-gate 610*0Sstevel@tonic-gate if (decoder->func) 611*0Sstevel@tonic-gate (decoder->func)(flags, (uchar_t *)data, len, xtra); 612*0Sstevel@tonic-gate else 613*0Sstevel@tonic-gate interpret_default(flags, (uchar_t *)data, len, xtra); 614*0Sstevel@tonic-gate 615*0Sstevel@tonic-gate if (flags & F_SUM) { 616*0Sstevel@tonic-gate line = get_sum_line(); 617*0Sstevel@tonic-gate if (decoder->name) 618*0Sstevel@tonic-gate sprintf(line, 619*0Sstevel@tonic-gate "SMB %s Code=0x%x Name=SMB%s %sError=%x ", 620*0Sstevel@tonic-gate call_reply_sum, smb->com, decoder->name, xtra, 621*0Sstevel@tonic-gate smb->err[0]); 622*0Sstevel@tonic-gate 623*0Sstevel@tonic-gate else sprintf(line, "SMB %s Code=0x%x Error=%x ", 624*0Sstevel@tonic-gate call_reply_sum, smb->com, smb->err[0]); 625*0Sstevel@tonic-gate 626*0Sstevel@tonic-gate line += strlen(line); 627*0Sstevel@tonic-gate } 628*0Sstevel@tonic-gate 629*0Sstevel@tonic-gate if (flags & F_DTAIL) 630*0Sstevel@tonic-gate show_trailer(); 631*0Sstevel@tonic-gate } 632*0Sstevel@tonic-gate 633*0Sstevel@tonic-gate static void 634*0Sstevel@tonic-gate output_bytes(uchar_t *data, int bytecount) 635*0Sstevel@tonic-gate { 636*0Sstevel@tonic-gate int i; 637*0Sstevel@tonic-gate char buff[80]; 638*0Sstevel@tonic-gate char word[10]; 639*0Sstevel@tonic-gate 640*0Sstevel@tonic-gate buff[0] = word[0] = '\0'; 641*0Sstevel@tonic-gate sprintf(GETLINE, "Byte values (in hex):"); 642*0Sstevel@tonic-gate for (i = 0; i < bytecount; i++) { 643*0Sstevel@tonic-gate sprintf(word, "%.2x ", data[i]); 644*0Sstevel@tonic-gate strcat(buff, word); 645*0Sstevel@tonic-gate if ((i+1)%16 == 0 || i == (bytecount-1)) { 646*0Sstevel@tonic-gate sprintf(GETLINE, "%s", buff); 647*0Sstevel@tonic-gate strcpy(buff, ""); 648*0Sstevel@tonic-gate } 649*0Sstevel@tonic-gate } 650*0Sstevel@tonic-gate } 651*0Sstevel@tonic-gate 652*0Sstevel@tonic-gate /* 653*0Sstevel@tonic-gate * Based on the Unicode Standard, http://www.unicode.org/ 654*0Sstevel@tonic-gate * "The Unicode Standard: A Technical Introduction", June 1998 655*0Sstevel@tonic-gate */ 656*0Sstevel@tonic-gate static int 657*0Sstevel@tonic-gate unicode2ascii(char *outstr, int outlen, uchar_t *instr, int inlen) 658*0Sstevel@tonic-gate { 659*0Sstevel@tonic-gate int i = 0, j = 0; 660*0Sstevel@tonic-gate char c; 661*0Sstevel@tonic-gate 662*0Sstevel@tonic-gate while (i < inlen && j < (outlen-1)) { 663*0Sstevel@tonic-gate /* Show unicode chars >= 256 as '?' */ 664*0Sstevel@tonic-gate if (instr[i+1]) 665*0Sstevel@tonic-gate c = '?'; 666*0Sstevel@tonic-gate else 667*0Sstevel@tonic-gate c = instr[i]; 668*0Sstevel@tonic-gate if (c == '\0') 669*0Sstevel@tonic-gate break; 670*0Sstevel@tonic-gate outstr[j] = c; 671*0Sstevel@tonic-gate i += 2; 672*0Sstevel@tonic-gate j++; 673*0Sstevel@tonic-gate } 674*0Sstevel@tonic-gate outstr[j] = '\0'; 675*0Sstevel@tonic-gate return (j); 676*0Sstevel@tonic-gate } 677*0Sstevel@tonic-gate 678*0Sstevel@tonic-gate /* 679*0Sstevel@tonic-gate * TRANS2 information levels 680*0Sstevel@tonic-gate * [X/Open-SMB, Sec. 16.1.6] 681*0Sstevel@tonic-gate */ 682*0Sstevel@tonic-gate static void 683*0Sstevel@tonic-gate get_info_level(char *outstr, int value) 684*0Sstevel@tonic-gate { 685*0Sstevel@tonic-gate 686*0Sstevel@tonic-gate switch (value) { 687*0Sstevel@tonic-gate case 1: 688*0Sstevel@tonic-gate sprintf(outstr, "Standard"); break; 689*0Sstevel@tonic-gate case 2: 690*0Sstevel@tonic-gate sprintf(outstr, "Query EA Size"); break; 691*0Sstevel@tonic-gate case 3: 692*0Sstevel@tonic-gate sprintf(outstr, "Query EAS from List"); break; 693*0Sstevel@tonic-gate case 0x101: 694*0Sstevel@tonic-gate sprintf(outstr, "Directory Info"); break; 695*0Sstevel@tonic-gate case 0x102: 696*0Sstevel@tonic-gate sprintf(outstr, "Full Directory Info"); break; 697*0Sstevel@tonic-gate case 0x103: 698*0Sstevel@tonic-gate sprintf(outstr, "Names Info"); break; 699*0Sstevel@tonic-gate case 0x104: 700*0Sstevel@tonic-gate sprintf(outstr, "Both Directory Info"); break; 701*0Sstevel@tonic-gate default: 702*0Sstevel@tonic-gate sprintf(outstr, "Unknown"); break; 703*0Sstevel@tonic-gate } 704*0Sstevel@tonic-gate } 705*0Sstevel@tonic-gate 706*0Sstevel@tonic-gate /* 707*0Sstevel@tonic-gate * Interpret TRANS2_QUERY_PATH subcommand 708*0Sstevel@tonic-gate * [X/Open-SMB, Sec. 16.7] 709*0Sstevel@tonic-gate */ 710*0Sstevel@tonic-gate /* ARGSUSED */ 711*0Sstevel@tonic-gate static void 712*0Sstevel@tonic-gate output_trans2_querypath(int flags, uchar_t *data, char *xtra) 713*0Sstevel@tonic-gate { 714*0Sstevel@tonic-gate int length; 715*0Sstevel@tonic-gate char filename[256]; 716*0Sstevel@tonic-gate 717*0Sstevel@tonic-gate if (flags & F_SUM) { 718*0Sstevel@tonic-gate length = sprintf(xtra, "QueryPathInfo "); 719*0Sstevel@tonic-gate xtra += length; 720*0Sstevel@tonic-gate data += 6; 721*0Sstevel@tonic-gate (void) unicode2ascii(filename, 256, data, 512); 722*0Sstevel@tonic-gate sprintf(xtra, "File=%s ", filename); 723*0Sstevel@tonic-gate } 724*0Sstevel@tonic-gate 725*0Sstevel@tonic-gate if (flags & F_DTAIL) { 726*0Sstevel@tonic-gate sprintf(GETLINE, "FunctionName = QueryPathInfo"); 727*0Sstevel@tonic-gate sprintf(GETLINE, "InfoLevel = 0x%.4x", 728*0Sstevel@tonic-gate get2(data)); 729*0Sstevel@tonic-gate data += 6; 730*0Sstevel@tonic-gate (void) unicode2ascii(filename, 256, data, 512); 731*0Sstevel@tonic-gate sprintf(GETLINE, "FileName = %s", 732*0Sstevel@tonic-gate filename); 733*0Sstevel@tonic-gate } 734*0Sstevel@tonic-gate } 735*0Sstevel@tonic-gate 736*0Sstevel@tonic-gate /* 737*0Sstevel@tonic-gate * Interpret TRANS2_QUERY_FILE subcommand 738*0Sstevel@tonic-gate * [X/Open-SMB, Sec. 16.9] 739*0Sstevel@tonic-gate */ 740*0Sstevel@tonic-gate /* ARGSUSED */ 741*0Sstevel@tonic-gate static void 742*0Sstevel@tonic-gate output_trans2_queryfile(int flags, uchar_t *data, char *xtra) 743*0Sstevel@tonic-gate { 744*0Sstevel@tonic-gate int length; 745*0Sstevel@tonic-gate 746*0Sstevel@tonic-gate if (flags & F_SUM) { 747*0Sstevel@tonic-gate length = sprintf(xtra, "QueryFileInfo "); 748*0Sstevel@tonic-gate xtra += length; 749*0Sstevel@tonic-gate sprintf(xtra, "FileID=0x%x ", get2(data)); 750*0Sstevel@tonic-gate } 751*0Sstevel@tonic-gate 752*0Sstevel@tonic-gate if (flags & F_DTAIL) { 753*0Sstevel@tonic-gate sprintf(GETLINE, "FunctionName = QueryFileInfo"); 754*0Sstevel@tonic-gate sprintf(GETLINE, "FileID = 0x%.4x", 755*0Sstevel@tonic-gate get2(data)); 756*0Sstevel@tonic-gate data += 2; 757*0Sstevel@tonic-gate sprintf(GETLINE, "InfoLevel = 0x%.4x", 758*0Sstevel@tonic-gate get2(data)); 759*0Sstevel@tonic-gate } 760*0Sstevel@tonic-gate } 761*0Sstevel@tonic-gate 762*0Sstevel@tonic-gate /* 763*0Sstevel@tonic-gate * Interpret TRANS2_SET_FILE subcommand 764*0Sstevel@tonic-gate * [X/Open-SMB, Sec. 16.10] 765*0Sstevel@tonic-gate */ 766*0Sstevel@tonic-gate /* ARGSUSED */ 767*0Sstevel@tonic-gate static void 768*0Sstevel@tonic-gate output_trans2_setfile(int flags, uchar_t *data, char *xtra) 769*0Sstevel@tonic-gate { 770*0Sstevel@tonic-gate int length; 771*0Sstevel@tonic-gate 772*0Sstevel@tonic-gate if (flags & F_SUM) { 773*0Sstevel@tonic-gate length = sprintf(xtra, "SetFileInfo "); 774*0Sstevel@tonic-gate xtra += length; 775*0Sstevel@tonic-gate sprintf(xtra, "FileID=0x%x ", get2(data)); 776*0Sstevel@tonic-gate } 777*0Sstevel@tonic-gate 778*0Sstevel@tonic-gate if (flags & F_DTAIL) { 779*0Sstevel@tonic-gate sprintf(GETLINE, "FunctionName = SetFileInfo"); 780*0Sstevel@tonic-gate sprintf(GETLINE, "FileID = 0x%.4x", 781*0Sstevel@tonic-gate get2(data)); 782*0Sstevel@tonic-gate data += 2; 783*0Sstevel@tonic-gate sprintf(GETLINE, "InfoLevel = 0x%.4x", 784*0Sstevel@tonic-gate get2(data)); 785*0Sstevel@tonic-gate } 786*0Sstevel@tonic-gate } 787*0Sstevel@tonic-gate 788*0Sstevel@tonic-gate /* 789*0Sstevel@tonic-gate * Interpret TRANS2_FIND_FIRST subcommand 790*0Sstevel@tonic-gate * [X/Open-SMB, Sec. 16.3] 791*0Sstevel@tonic-gate */ 792*0Sstevel@tonic-gate /* ARGSUSED */ 793*0Sstevel@tonic-gate static void 794*0Sstevel@tonic-gate output_trans2_findfirst(int flags, uchar_t *data, char *xtra) 795*0Sstevel@tonic-gate { 796*0Sstevel@tonic-gate int length; 797*0Sstevel@tonic-gate char filename[256]; 798*0Sstevel@tonic-gate char infolevel[100]; 799*0Sstevel@tonic-gate 800*0Sstevel@tonic-gate if (flags & F_SUM) { 801*0Sstevel@tonic-gate length = sprintf(xtra, "Findfirst "); 802*0Sstevel@tonic-gate xtra += length; 803*0Sstevel@tonic-gate data += 12; 804*0Sstevel@tonic-gate (void) unicode2ascii(filename, 256, data, 512); 805*0Sstevel@tonic-gate sprintf(xtra, "File=%s ", filename); 806*0Sstevel@tonic-gate } 807*0Sstevel@tonic-gate 808*0Sstevel@tonic-gate if (flags & F_DTAIL) { 809*0Sstevel@tonic-gate sprintf(GETLINE, "FunctionName = Findfirst"); 810*0Sstevel@tonic-gate sprintf(GETLINE, "SearchAttributes = 0x%.4x", 811*0Sstevel@tonic-gate get2(data)); 812*0Sstevel@tonic-gate data += 2; 813*0Sstevel@tonic-gate sprintf(GETLINE, "FindCount = 0x%.4x", 814*0Sstevel@tonic-gate get2(data)); 815*0Sstevel@tonic-gate data += 2; 816*0Sstevel@tonic-gate sprintf(GETLINE, "FindFlags = 0x%.4x", 817*0Sstevel@tonic-gate get2(data)); 818*0Sstevel@tonic-gate data += 2; 819*0Sstevel@tonic-gate get_info_level(infolevel, get2(data)); 820*0Sstevel@tonic-gate sprintf(GETLINE, "InfoLevel = %s", 821*0Sstevel@tonic-gate infolevel); 822*0Sstevel@tonic-gate data += 6; 823*0Sstevel@tonic-gate (void) unicode2ascii(filename, 256, data, 512); 824*0Sstevel@tonic-gate sprintf(GETLINE, "FileName = %s", 825*0Sstevel@tonic-gate filename); 826*0Sstevel@tonic-gate } 827*0Sstevel@tonic-gate } 828*0Sstevel@tonic-gate 829*0Sstevel@tonic-gate 830*0Sstevel@tonic-gate /* 831*0Sstevel@tonic-gate * Interpret TRANS2_FIND_NEXT subcommand 832*0Sstevel@tonic-gate * [X/Open-SMB, Sec. 16.4] 833*0Sstevel@tonic-gate */ 834*0Sstevel@tonic-gate /* ARGSUSED */ 835*0Sstevel@tonic-gate static void 836*0Sstevel@tonic-gate output_trans2_findnext(int flags, uchar_t *data, char *xtra) 837*0Sstevel@tonic-gate { 838*0Sstevel@tonic-gate int length; 839*0Sstevel@tonic-gate char filename[256]; 840*0Sstevel@tonic-gate char infolevel[100]; 841*0Sstevel@tonic-gate 842*0Sstevel@tonic-gate if (flags & F_SUM) { 843*0Sstevel@tonic-gate length = sprintf(xtra, "Findnext "); 844*0Sstevel@tonic-gate xtra += length; 845*0Sstevel@tonic-gate data += 12; 846*0Sstevel@tonic-gate (void) unicode2ascii(filename, 256, data, 512); 847*0Sstevel@tonic-gate sprintf(xtra, "File=%s ", filename); 848*0Sstevel@tonic-gate } 849*0Sstevel@tonic-gate 850*0Sstevel@tonic-gate if (flags & F_DTAIL) { 851*0Sstevel@tonic-gate sprintf(GETLINE, "FunctionName = Findnext"); 852*0Sstevel@tonic-gate sprintf(GETLINE, "FileID = 0x%.4x", 853*0Sstevel@tonic-gate get2(data)); 854*0Sstevel@tonic-gate data += 2; 855*0Sstevel@tonic-gate sprintf(GETLINE, "FindCount = 0x%.4x", 856*0Sstevel@tonic-gate get2(data)); 857*0Sstevel@tonic-gate data += 2; 858*0Sstevel@tonic-gate get_info_level(infolevel, get2(data)); 859*0Sstevel@tonic-gate sprintf(GETLINE, "InfoLevel = %s", 860*0Sstevel@tonic-gate infolevel); 861*0Sstevel@tonic-gate data += 2; 862*0Sstevel@tonic-gate sprintf(GETLINE, "FindKey = 0x%.8x", 863*0Sstevel@tonic-gate get4(data)); 864*0Sstevel@tonic-gate data += 4; 865*0Sstevel@tonic-gate sprintf(GETLINE, "FindFlags = 0x%.4x", 866*0Sstevel@tonic-gate get2(data)); 867*0Sstevel@tonic-gate data += 2; 868*0Sstevel@tonic-gate (void) unicode2ascii(filename, 256, data, 512); 869*0Sstevel@tonic-gate sprintf(GETLINE, "FileName = %s", 870*0Sstevel@tonic-gate filename); 871*0Sstevel@tonic-gate } 872*0Sstevel@tonic-gate } 873*0Sstevel@tonic-gate 874*0Sstevel@tonic-gate /* 875*0Sstevel@tonic-gate * Interpret a "Negprot" SMB 876*0Sstevel@tonic-gate * [X/Open-SMB, Sec. 6.1] 877*0Sstevel@tonic-gate */ 878*0Sstevel@tonic-gate /* ARGSUSED */ 879*0Sstevel@tonic-gate static void 880*0Sstevel@tonic-gate interpret_negprot(int flags, uchar_t *data, int len, char *xtra) 881*0Sstevel@tonic-gate { 882*0Sstevel@tonic-gate int length; 883*0Sstevel@tonic-gate int bytecount; 884*0Sstevel@tonic-gate char dialect[256]; 885*0Sstevel@tonic-gate struct smb *smbdata; 886*0Sstevel@tonic-gate uchar_t *protodata; 887*0Sstevel@tonic-gate 888*0Sstevel@tonic-gate smbdata = (struct smb *)data; 889*0Sstevel@tonic-gate protodata = (uchar_t *)data + sizeof (struct smb); 890*0Sstevel@tonic-gate protodata++; /* skip wordcount */ 891*0Sstevel@tonic-gate 892*0Sstevel@tonic-gate if (smbdata->flags & SERVER_RESPONSE) { 893*0Sstevel@tonic-gate if (flags & F_SUM) { 894*0Sstevel@tonic-gate sprintf(xtra, "Dialect#=%d ", protodata[0]); 895*0Sstevel@tonic-gate } 896*0Sstevel@tonic-gate if (flags & F_DTAIL) { 897*0Sstevel@tonic-gate sprintf(GETLINE, "Protocol Index = %d", 898*0Sstevel@tonic-gate protodata[0]); 899*0Sstevel@tonic-gate } 900*0Sstevel@tonic-gate } else { 901*0Sstevel@tonic-gate /* 902*0Sstevel@tonic-gate * request packet: 903*0Sstevel@tonic-gate * short bytecount; 904*0Sstevel@tonic-gate * struct { char fmt; char name[]; } dialects 905*0Sstevel@tonic-gate */ 906*0Sstevel@tonic-gate bytecount = get2(protodata); 907*0Sstevel@tonic-gate protodata += 2; 908*0Sstevel@tonic-gate if (flags & F_SUM) { 909*0Sstevel@tonic-gate while (bytecount > 1) { 910*0Sstevel@tonic-gate length = sprintf(dialect, (char *)protodata+1); 911*0Sstevel@tonic-gate protodata += (length+2); 912*0Sstevel@tonic-gate bytecount -= (length+2); 913*0Sstevel@tonic-gate } 914*0Sstevel@tonic-gate sprintf(xtra, "LastDialect=%s ", dialect); 915*0Sstevel@tonic-gate } 916*0Sstevel@tonic-gate if (flags & F_DTAIL) { 917*0Sstevel@tonic-gate sprintf(GETLINE, "ByteCount = %d", bytecount); 918*0Sstevel@tonic-gate while (bytecount > 1) { 919*0Sstevel@tonic-gate length = sprintf(dialect, (char *)protodata+1); 920*0Sstevel@tonic-gate sprintf(GETLINE, "Dialect String = %s", 921*0Sstevel@tonic-gate dialect); 922*0Sstevel@tonic-gate protodata += (length+2); 923*0Sstevel@tonic-gate bytecount -= (length+2); 924*0Sstevel@tonic-gate } 925*0Sstevel@tonic-gate } 926*0Sstevel@tonic-gate } 927*0Sstevel@tonic-gate } 928*0Sstevel@tonic-gate 929*0Sstevel@tonic-gate /* 930*0Sstevel@tonic-gate * LAN Manager remote admin function names. 931*0Sstevel@tonic-gate * [X/Open-SMB, Appendix B.8] 932*0Sstevel@tonic-gate */ 933*0Sstevel@tonic-gate static const char *apinames[] = { 934*0Sstevel@tonic-gate "RNetShareEnum", 935*0Sstevel@tonic-gate "RNetShareGetInfo", 936*0Sstevel@tonic-gate "NetShareSetInfo", 937*0Sstevel@tonic-gate "NetShareAdd", 938*0Sstevel@tonic-gate "NetShareDel", 939*0Sstevel@tonic-gate "NetShareCheck", 940*0Sstevel@tonic-gate "NetSessionEnum", 941*0Sstevel@tonic-gate "NetSessionGetInfo", 942*0Sstevel@tonic-gate "NetSessionDel", 943*0Sstevel@tonic-gate "NetConnectionEnum", 944*0Sstevel@tonic-gate "NetFileEnum", 945*0Sstevel@tonic-gate "NetFileGetInfo", 946*0Sstevel@tonic-gate "NetFileClose", 947*0Sstevel@tonic-gate "RNetServerGetInfo", 948*0Sstevel@tonic-gate "NetServerSetInfo", 949*0Sstevel@tonic-gate "NetServerDiskEnum", 950*0Sstevel@tonic-gate "NetServerAdminCommand", 951*0Sstevel@tonic-gate "NetAuditOpen", 952*0Sstevel@tonic-gate "NetAuditClear", 953*0Sstevel@tonic-gate "NetErrorLogOpen", 954*0Sstevel@tonic-gate "NetErrorLogClear", 955*0Sstevel@tonic-gate "NetCharDevEnum", 956*0Sstevel@tonic-gate "NetCharDevGetInfo", 957*0Sstevel@tonic-gate "NetCharDevControl", 958*0Sstevel@tonic-gate "NetCharDevQEnum", 959*0Sstevel@tonic-gate "NetCharDevQGetInfo", 960*0Sstevel@tonic-gate "NetCharDevQSetInfo", 961*0Sstevel@tonic-gate "NetCharDevQPurge", 962*0Sstevel@tonic-gate "RNetCharDevQPurgeSelf", 963*0Sstevel@tonic-gate "NetMessageNameEnum", 964*0Sstevel@tonic-gate "NetMessageNameGetInfo", 965*0Sstevel@tonic-gate "NetMessageNameAdd", 966*0Sstevel@tonic-gate "NetMessageNameDel", 967*0Sstevel@tonic-gate "NetMessageNameFwd", 968*0Sstevel@tonic-gate "NetMessageNameUnFwd", 969*0Sstevel@tonic-gate "NetMessageBufferSend", 970*0Sstevel@tonic-gate "NetMessageFileSend", 971*0Sstevel@tonic-gate "NetMessageLogFileSet", 972*0Sstevel@tonic-gate "NetMessageLogFileGet", 973*0Sstevel@tonic-gate "NetServiceEnum", 974*0Sstevel@tonic-gate "RNetServiceInstall", 975*0Sstevel@tonic-gate "RNetServiceControl", 976*0Sstevel@tonic-gate "RNetAccessEnum", 977*0Sstevel@tonic-gate "RNetAccessGetInfo", 978*0Sstevel@tonic-gate "RNetAccessSetInfo", 979*0Sstevel@tonic-gate "RNetAccessAdd", 980*0Sstevel@tonic-gate "RNetAccessDel", 981*0Sstevel@tonic-gate "NetGroupEnum", 982*0Sstevel@tonic-gate "NetGroupAdd", 983*0Sstevel@tonic-gate "NetGroupDel", 984*0Sstevel@tonic-gate "NetGroupAddUser", 985*0Sstevel@tonic-gate "NetGroupDelUser", 986*0Sstevel@tonic-gate "NetGroupGetUsers", 987*0Sstevel@tonic-gate "NetUserEnum", 988*0Sstevel@tonic-gate "RNetUserAdd", 989*0Sstevel@tonic-gate "NetUserDel", 990*0Sstevel@tonic-gate "NetUserGetInfo", 991*0Sstevel@tonic-gate "RNetUserSetInfo", 992*0Sstevel@tonic-gate "RNetUserPasswordSet", 993*0Sstevel@tonic-gate "NetUserGetGroups", 994*0Sstevel@tonic-gate "NetWkstaLogon", 995*0Sstevel@tonic-gate "NetWkstaLogoff", 996*0Sstevel@tonic-gate "NetWkstaSetUID", 997*0Sstevel@tonic-gate "NetWkstaGetInfo", 998*0Sstevel@tonic-gate "NetWkstaSetInfo", 999*0Sstevel@tonic-gate "NetUseEnum", 1000*0Sstevel@tonic-gate "NetUseAdd", 1001*0Sstevel@tonic-gate "NetUseDel", 1002*0Sstevel@tonic-gate "NetUseGetInfo", 1003*0Sstevel@tonic-gate "DosPrintQEnum", 1004*0Sstevel@tonic-gate "DosPrintQGetInfo", 1005*0Sstevel@tonic-gate "DosPrintQSetInfo", 1006*0Sstevel@tonic-gate "DosPrintQAdd", 1007*0Sstevel@tonic-gate "DosPrintQDel", 1008*0Sstevel@tonic-gate "DosPrintQPause", 1009*0Sstevel@tonic-gate "DosPrintQContinue", 1010*0Sstevel@tonic-gate "DosPrintJobEnum", 1011*0Sstevel@tonic-gate "DosPrintJobGetInfo", 1012*0Sstevel@tonic-gate "RDosPrintJobSetInfo", 1013*0Sstevel@tonic-gate "DosPrintJobAdd", 1014*0Sstevel@tonic-gate "DosPrintJobSchedule", 1015*0Sstevel@tonic-gate "RDosPrintJobDel", 1016*0Sstevel@tonic-gate "RDosPrintJobPause", 1017*0Sstevel@tonic-gate "RDosPrintJobContinue", 1018*0Sstevel@tonic-gate "DosPrintDestEnum", 1019*0Sstevel@tonic-gate "DosPrintDestGetInfo", 1020*0Sstevel@tonic-gate "DosPrintDestControl", 1021*0Sstevel@tonic-gate "NetProfileSave", 1022*0Sstevel@tonic-gate "NetProfileLoad", 1023*0Sstevel@tonic-gate "NetStatisticsGet", 1024*0Sstevel@tonic-gate "NetStatisticsClear", 1025*0Sstevel@tonic-gate "NetRemoteTOD", 1026*0Sstevel@tonic-gate "NetBiosEnum", 1027*0Sstevel@tonic-gate "NetBiosGetInfo", 1028*0Sstevel@tonic-gate "NetServerEnum", 1029*0Sstevel@tonic-gate "I_NetServerEnum", 1030*0Sstevel@tonic-gate "NetServiceGetInfo", 1031*0Sstevel@tonic-gate "NetSplQmAbort", 1032*0Sstevel@tonic-gate "NetSplQmClose", 1033*0Sstevel@tonic-gate "NetSplQmEndDoc", 1034*0Sstevel@tonic-gate "NetSplQmOpen", 1035*0Sstevel@tonic-gate "NetSplQmStartDoc", 1036*0Sstevel@tonic-gate "NetSplQmWrite", 1037*0Sstevel@tonic-gate "DosPrintQPurge", 1038*0Sstevel@tonic-gate "NetServerEnum2" 1039*0Sstevel@tonic-gate }; 1040*0Sstevel@tonic-gate static const int apimax = ( 1041*0Sstevel@tonic-gate sizeof (apinames) / 1042*0Sstevel@tonic-gate sizeof (apinames[0])); 1043*0Sstevel@tonic-gate 1044*0Sstevel@tonic-gate /* 1045*0Sstevel@tonic-gate * Interpret a "trans" SMB 1046*0Sstevel@tonic-gate * [X/Open-SMB, Appendix B] 1047*0Sstevel@tonic-gate * 1048*0Sstevel@tonic-gate * This is very much like "trans2" below. 1049*0Sstevel@tonic-gate */ 1050*0Sstevel@tonic-gate /* ARGSUSED */ 1051*0Sstevel@tonic-gate static void 1052*0Sstevel@tonic-gate interpret_trans(int flags, uchar_t *data, int len, char *xtra) 1053*0Sstevel@tonic-gate { 1054*0Sstevel@tonic-gate struct smb *smb; 1055*0Sstevel@tonic-gate uchar_t *vwv; /* word parameters */ 1056*0Sstevel@tonic-gate int wordcount; 1057*0Sstevel@tonic-gate uchar_t *byteparms; 1058*0Sstevel@tonic-gate int bytecount; 1059*0Sstevel@tonic-gate int parambytes; 1060*0Sstevel@tonic-gate int paramoffset; 1061*0Sstevel@tonic-gate int setupcount; 1062*0Sstevel@tonic-gate int subcode; 1063*0Sstevel@tonic-gate uchar_t *setupdata; 1064*0Sstevel@tonic-gate uchar_t *params; 1065*0Sstevel@tonic-gate int apinum; 1066*0Sstevel@tonic-gate int isunicode; 1067*0Sstevel@tonic-gate char filename[256]; 1068*0Sstevel@tonic-gate 1069*0Sstevel@tonic-gate smb = (struct smb *)data; 1070*0Sstevel@tonic-gate vwv = (uchar_t *)data + sizeof (struct smb); 1071*0Sstevel@tonic-gate wordcount = *vwv++; 1072*0Sstevel@tonic-gate 1073*0Sstevel@tonic-gate byteparms = vwv + (2 * wordcount); 1074*0Sstevel@tonic-gate bytecount = get2(byteparms); 1075*0Sstevel@tonic-gate byteparms += 2; 1076*0Sstevel@tonic-gate 1077*0Sstevel@tonic-gate /* 1078*0Sstevel@tonic-gate * Print the lengths before we (potentially) bail out 1079*0Sstevel@tonic-gate * due to lack of data (so the user knows why we did). 1080*0Sstevel@tonic-gate */ 1081*0Sstevel@tonic-gate if (flags & F_DTAIL) { 1082*0Sstevel@tonic-gate sprintf(GETLINE, "WordCount = %d", wordcount); 1083*0Sstevel@tonic-gate sprintf(GETLINE, "ByteCount = %d", bytecount); 1084*0Sstevel@tonic-gate } 1085*0Sstevel@tonic-gate 1086*0Sstevel@tonic-gate /* Get length and location of params and setup data. */ 1087*0Sstevel@tonic-gate if (!(smb->flags & SERVER_RESPONSE)) { 1088*0Sstevel@tonic-gate /* CALL */ 1089*0Sstevel@tonic-gate if (wordcount < 14) 1090*0Sstevel@tonic-gate return; 1091*0Sstevel@tonic-gate parambytes = get2(vwv + (2 * 9)); 1092*0Sstevel@tonic-gate paramoffset = get2(vwv + (2 * 10)); 1093*0Sstevel@tonic-gate setupcount = *(vwv + (2 * 13)); 1094*0Sstevel@tonic-gate setupdata = vwv + (2 * 14); 1095*0Sstevel@tonic-gate } else { 1096*0Sstevel@tonic-gate /* REPLY */ 1097*0Sstevel@tonic-gate if (wordcount < 10) 1098*0Sstevel@tonic-gate return; 1099*0Sstevel@tonic-gate parambytes = get2(vwv + (2 * 3)); 1100*0Sstevel@tonic-gate paramoffset = get2(vwv + (2 * 4)); 1101*0Sstevel@tonic-gate setupcount = *(vwv + (2 * 9)); 1102*0Sstevel@tonic-gate setupdata = vwv + (2 * 10); 1103*0Sstevel@tonic-gate } 1104*0Sstevel@tonic-gate if (setupcount > 0) 1105*0Sstevel@tonic-gate subcode = get2(setupdata); 1106*0Sstevel@tonic-gate else 1107*0Sstevel@tonic-gate subcode = -1; /* invalid */ 1108*0Sstevel@tonic-gate 1109*0Sstevel@tonic-gate /* The parameters are offset from the SMB header. */ 1110*0Sstevel@tonic-gate params = data + paramoffset; 1111*0Sstevel@tonic-gate if (parambytes > 0) 1112*0Sstevel@tonic-gate apinum = params[0]; 1113*0Sstevel@tonic-gate else 1114*0Sstevel@tonic-gate apinum = -1; /* invalid */ 1115*0Sstevel@tonic-gate 1116*0Sstevel@tonic-gate /* Is the pathname in unicode? */ 1117*0Sstevel@tonic-gate isunicode = smb->flags2[1] & 0x80; 1118*0Sstevel@tonic-gate 1119*0Sstevel@tonic-gate if (flags & F_DTAIL && !(smb->flags & SERVER_RESPONSE)) { 1120*0Sstevel@tonic-gate /* This is a CALL. */ 1121*0Sstevel@tonic-gate /* print the word parameters */ 1122*0Sstevel@tonic-gate sprintf(GETLINE, "TotalParamBytes = %d", get2(vwv)); 1123*0Sstevel@tonic-gate sprintf(GETLINE, "TotalDataBytes = %d", get2(vwv+2)); 1124*0Sstevel@tonic-gate sprintf(GETLINE, "MaxParamBytes = %d", get2(vwv+4)); 1125*0Sstevel@tonic-gate sprintf(GETLINE, "MaxDataBytes = %d", get2(vwv+6)); 1126*0Sstevel@tonic-gate sprintf(GETLINE, "MaxSetupWords = %d", vwv[8]); 1127*0Sstevel@tonic-gate sprintf(GETLINE, "TransFlags = 0x%.4x", get2(vwv+10)); 1128*0Sstevel@tonic-gate sprintf(GETLINE, "Timeout = 0x%.8x", get4(vwv+12)); 1129*0Sstevel@tonic-gate /* skip Reserved2 */ 1130*0Sstevel@tonic-gate sprintf(GETLINE, "ParamBytes = 0x%.4x", parambytes); 1131*0Sstevel@tonic-gate sprintf(GETLINE, "ParamOffset = 0x%.4x", paramoffset); 1132*0Sstevel@tonic-gate sprintf(GETLINE, "DataBytes = 0x%.4x", get2(vwv+22)); 1133*0Sstevel@tonic-gate sprintf(GETLINE, "DataOffset = 0x%.4x", get2(vwv+24)); 1134*0Sstevel@tonic-gate sprintf(GETLINE, "SetupWords = %d", setupcount); 1135*0Sstevel@tonic-gate 1136*0Sstevel@tonic-gate /* That finishes the VWV, now the misc. stuff. */ 1137*0Sstevel@tonic-gate if (subcode >= 0) 1138*0Sstevel@tonic-gate sprintf(GETLINE, "Setup[0] = %d", subcode); 1139*0Sstevel@tonic-gate if (apinum >= 0) 1140*0Sstevel@tonic-gate sprintf(GETLINE, "APIcode = %d", apinum); 1141*0Sstevel@tonic-gate if (0 <= apinum && apinum < apimax) 1142*0Sstevel@tonic-gate sprintf(GETLINE, "APIname = %s", apinames[apinum]); 1143*0Sstevel@tonic-gate 1144*0Sstevel@tonic-gate /* Finally, print the byte parameters. */ 1145*0Sstevel@tonic-gate if (isunicode) { 1146*0Sstevel@tonic-gate byteparms += 1; /* alignment padding */ 1147*0Sstevel@tonic-gate (void) unicode2ascii( 1148*0Sstevel@tonic-gate filename, 256, byteparms, bytecount); 1149*0Sstevel@tonic-gate } else { 1150*0Sstevel@tonic-gate strcpy(filename, (char *)byteparms); 1151*0Sstevel@tonic-gate } 1152*0Sstevel@tonic-gate sprintf(GETLINE, "FileName = %s", filename); 1153*0Sstevel@tonic-gate } 1154*0Sstevel@tonic-gate 1155*0Sstevel@tonic-gate if (flags & F_DTAIL && smb->flags & SERVER_RESPONSE) { 1156*0Sstevel@tonic-gate /* This is a REPLY. */ 1157*0Sstevel@tonic-gate /* print the word parameters */ 1158*0Sstevel@tonic-gate sprintf(GETLINE, "TotalParamBytes = %d", get2(vwv)); 1159*0Sstevel@tonic-gate sprintf(GETLINE, "TotalDataBytes = %d", get2(vwv+2)); 1160*0Sstevel@tonic-gate /* skip Reserved */ 1161*0Sstevel@tonic-gate sprintf(GETLINE, "ParamBytes = 0x%.4x", parambytes); 1162*0Sstevel@tonic-gate sprintf(GETLINE, "ParamOffset = 0x%.4x", paramoffset); 1163*0Sstevel@tonic-gate sprintf(GETLINE, "ParamDispl. = 0x%.4x", get2(vwv+10)); 1164*0Sstevel@tonic-gate sprintf(GETLINE, "DataBytes = 0x%.4x", get2(vwv+12)); 1165*0Sstevel@tonic-gate sprintf(GETLINE, "DataOffset = 0x%.4x", get2(vwv+14)); 1166*0Sstevel@tonic-gate sprintf(GETLINE, "DataDispl. = 0x%.4x", get2(vwv+16)); 1167*0Sstevel@tonic-gate sprintf(GETLINE, "SetupWords = %d", setupcount); 1168*0Sstevel@tonic-gate 1169*0Sstevel@tonic-gate output_bytes(byteparms, bytecount); 1170*0Sstevel@tonic-gate } 1171*0Sstevel@tonic-gate } 1172*0Sstevel@tonic-gate 1173*0Sstevel@tonic-gate /* 1174*0Sstevel@tonic-gate * Interpret a "TconX" SMB 1175*0Sstevel@tonic-gate * [X/Open-SMB, Sec. 11.4] 1176*0Sstevel@tonic-gate */ 1177*0Sstevel@tonic-gate /* ARGSUSED */ 1178*0Sstevel@tonic-gate static void 1179*0Sstevel@tonic-gate interpret_tconX(int flags, uchar_t *data, int len, char *xtra) 1180*0Sstevel@tonic-gate { 1181*0Sstevel@tonic-gate int length; 1182*0Sstevel@tonic-gate int bytecount; 1183*0Sstevel@tonic-gate int passwordlength; 1184*0Sstevel@tonic-gate int wordcount; 1185*0Sstevel@tonic-gate char tempstring[256]; 1186*0Sstevel@tonic-gate struct smb *smbdata; 1187*0Sstevel@tonic-gate uchar_t *tcondata; 1188*0Sstevel@tonic-gate 1189*0Sstevel@tonic-gate smbdata = (struct smb *)data; 1190*0Sstevel@tonic-gate tcondata = (uchar_t *)data + sizeof (struct smb); 1191*0Sstevel@tonic-gate wordcount = *tcondata++; 1192*0Sstevel@tonic-gate 1193*0Sstevel@tonic-gate if (flags & F_SUM && !(smbdata->flags & SERVER_RESPONSE)) { 1194*0Sstevel@tonic-gate tcondata += 6; 1195*0Sstevel@tonic-gate passwordlength = get2(tcondata); 1196*0Sstevel@tonic-gate tcondata = tcondata + 4 + passwordlength; 1197*0Sstevel@tonic-gate length = sprintf(tempstring, (char *)tcondata); 1198*0Sstevel@tonic-gate sprintf(xtra, "Share=%s ", tempstring); 1199*0Sstevel@tonic-gate } 1200*0Sstevel@tonic-gate 1201*0Sstevel@tonic-gate if (flags & F_SUM && smbdata->flags & SERVER_RESPONSE) { 1202*0Sstevel@tonic-gate tcondata += 8; 1203*0Sstevel@tonic-gate length = sprintf(tempstring, (char *)tcondata); 1204*0Sstevel@tonic-gate sprintf(xtra, "Type=%s ", tempstring); 1205*0Sstevel@tonic-gate } 1206*0Sstevel@tonic-gate 1207*0Sstevel@tonic-gate if (flags & F_DTAIL && !(smbdata->flags & SERVER_RESPONSE)) { 1208*0Sstevel@tonic-gate sprintf(GETLINE, "WordCount = %d", wordcount); 1209*0Sstevel@tonic-gate sprintf(GETLINE, "ChainedCommand = 0x%.2x", 1210*0Sstevel@tonic-gate tcondata[0]); 1211*0Sstevel@tonic-gate tcondata += 2; 1212*0Sstevel@tonic-gate sprintf(GETLINE, "NextOffset = 0x%.4x", 1213*0Sstevel@tonic-gate get2(tcondata)); 1214*0Sstevel@tonic-gate tcondata += 2; 1215*0Sstevel@tonic-gate sprintf(GETLINE, "DisconnectFlag = 0x%.4x", 1216*0Sstevel@tonic-gate get2(tcondata)); 1217*0Sstevel@tonic-gate tcondata += 2; 1218*0Sstevel@tonic-gate passwordlength = get2(tcondata); 1219*0Sstevel@tonic-gate sprintf(GETLINE, "PasswordLength = 0x%.4x", 1220*0Sstevel@tonic-gate passwordlength); 1221*0Sstevel@tonic-gate tcondata += 2; 1222*0Sstevel@tonic-gate bytecount = get2(tcondata); 1223*0Sstevel@tonic-gate sprintf(GETLINE, "ByteCount = %d", bytecount); 1224*0Sstevel@tonic-gate tcondata = tcondata + 2 + passwordlength; 1225*0Sstevel@tonic-gate length = sprintf(tempstring, (char *)tcondata); 1226*0Sstevel@tonic-gate tcondata += (length+1); 1227*0Sstevel@tonic-gate sprintf(GETLINE, "FileName = %s", tempstring); 1228*0Sstevel@tonic-gate length = sprintf(tempstring, (char *)tcondata); 1229*0Sstevel@tonic-gate tcondata += (length+1); 1230*0Sstevel@tonic-gate sprintf(GETLINE, "ServiceName = %s", tempstring); 1231*0Sstevel@tonic-gate } 1232*0Sstevel@tonic-gate 1233*0Sstevel@tonic-gate if (flags & F_DTAIL && smbdata->flags & SERVER_RESPONSE) { 1234*0Sstevel@tonic-gate sprintf(GETLINE, "WordCount = %d", wordcount); 1235*0Sstevel@tonic-gate sprintf(GETLINE, "ChainedCommand = 0x%.2x", 1236*0Sstevel@tonic-gate tcondata[0]); 1237*0Sstevel@tonic-gate tcondata += 2; 1238*0Sstevel@tonic-gate sprintf(GETLINE, "NextOffset = 0x%.4x", 1239*0Sstevel@tonic-gate get2(tcondata)); 1240*0Sstevel@tonic-gate tcondata += 2; 1241*0Sstevel@tonic-gate sprintf(GETLINE, "OptionalSupport = 0x%.4x", 1242*0Sstevel@tonic-gate get2(tcondata)); 1243*0Sstevel@tonic-gate tcondata += 2; 1244*0Sstevel@tonic-gate bytecount = get2(tcondata); 1245*0Sstevel@tonic-gate sprintf(GETLINE, "ByteCount = %d", bytecount); 1246*0Sstevel@tonic-gate tcondata += 2; 1247*0Sstevel@tonic-gate length = sprintf(tempstring, (char *)tcondata); 1248*0Sstevel@tonic-gate tcondata += (length+1); 1249*0Sstevel@tonic-gate sprintf(GETLINE, "ServiceName = %s", tempstring); 1250*0Sstevel@tonic-gate length = sprintf(tempstring, (char *)tcondata); 1251*0Sstevel@tonic-gate tcondata += (length+1); 1252*0Sstevel@tonic-gate sprintf(GETLINE, "NativeFS = %s", tempstring); 1253*0Sstevel@tonic-gate } 1254*0Sstevel@tonic-gate } 1255*0Sstevel@tonic-gate 1256*0Sstevel@tonic-gate /* 1257*0Sstevel@tonic-gate * Interpret a "SesssetupX" SMB 1258*0Sstevel@tonic-gate * [X/Open-SMB, Sec. 11.3] 1259*0Sstevel@tonic-gate */ 1260*0Sstevel@tonic-gate /* ARGSUSED */ 1261*0Sstevel@tonic-gate static void 1262*0Sstevel@tonic-gate interpret_sesssetupX(int flags, uchar_t *data, int len, char *xtra) 1263*0Sstevel@tonic-gate { 1264*0Sstevel@tonic-gate int length; 1265*0Sstevel@tonic-gate int bytecount; 1266*0Sstevel@tonic-gate int passwordlength; 1267*0Sstevel@tonic-gate int isunicode; 1268*0Sstevel@tonic-gate int upasswordlength; 1269*0Sstevel@tonic-gate int wordcount; 1270*0Sstevel@tonic-gate int cap; 1271*0Sstevel@tonic-gate char tempstring[256]; 1272*0Sstevel@tonic-gate struct smb *smbdata; 1273*0Sstevel@tonic-gate uchar_t *setupdata; 1274*0Sstevel@tonic-gate 1275*0Sstevel@tonic-gate smbdata = (struct smb *)data; 1276*0Sstevel@tonic-gate setupdata = (uchar_t *)data + sizeof (struct smb); 1277*0Sstevel@tonic-gate wordcount = *setupdata++; 1278*0Sstevel@tonic-gate 1279*0Sstevel@tonic-gate isunicode = smbdata->flags2[1] & 0x80; 1280*0Sstevel@tonic-gate 1281*0Sstevel@tonic-gate if (flags & F_SUM && !(smbdata->flags & SERVER_RESPONSE)) { 1282*0Sstevel@tonic-gate if (wordcount != 13) 1283*0Sstevel@tonic-gate return; 1284*0Sstevel@tonic-gate setupdata += 14; 1285*0Sstevel@tonic-gate passwordlength = get2(setupdata); 1286*0Sstevel@tonic-gate setupdata += 2; 1287*0Sstevel@tonic-gate upasswordlength = get2(setupdata); 1288*0Sstevel@tonic-gate setupdata += 6; 1289*0Sstevel@tonic-gate cap = get4(setupdata); 1290*0Sstevel@tonic-gate setupdata = setupdata + 6 + passwordlength + upasswordlength; 1291*0Sstevel@tonic-gate if (isunicode) { 1292*0Sstevel@tonic-gate setupdata += 1; 1293*0Sstevel@tonic-gate (void) unicode2ascii(tempstring, 256, setupdata, 256); 1294*0Sstevel@tonic-gate sprintf(xtra, "Username=%s ", tempstring); 1295*0Sstevel@tonic-gate } else { 1296*0Sstevel@tonic-gate length = sprintf(tempstring, (char *)setupdata); 1297*0Sstevel@tonic-gate sprintf(xtra, "Username=%s ", tempstring); 1298*0Sstevel@tonic-gate } 1299*0Sstevel@tonic-gate } 1300*0Sstevel@tonic-gate 1301*0Sstevel@tonic-gate if (flags & F_DTAIL && !(smbdata->flags & SERVER_RESPONSE)) { 1302*0Sstevel@tonic-gate if (wordcount != 13) 1303*0Sstevel@tonic-gate return; 1304*0Sstevel@tonic-gate sprintf(GETLINE, "ChainedCommand = 0x%.2x", 1305*0Sstevel@tonic-gate setupdata[0]); 1306*0Sstevel@tonic-gate setupdata += 2; 1307*0Sstevel@tonic-gate sprintf(GETLINE, "NextOffset = 0x%.4x", 1308*0Sstevel@tonic-gate get2(setupdata)); 1309*0Sstevel@tonic-gate setupdata += 2; 1310*0Sstevel@tonic-gate sprintf(GETLINE, "MaxBufferSize = 0x%.4x", 1311*0Sstevel@tonic-gate get2(setupdata)); 1312*0Sstevel@tonic-gate setupdata += 2; 1313*0Sstevel@tonic-gate sprintf(GETLINE, "MaxMPXRequests = %d", 1314*0Sstevel@tonic-gate get2(setupdata)); 1315*0Sstevel@tonic-gate setupdata += 2; 1316*0Sstevel@tonic-gate sprintf(GETLINE, "VCNumber = %d", 1317*0Sstevel@tonic-gate get2(setupdata)); 1318*0Sstevel@tonic-gate setupdata += 2; 1319*0Sstevel@tonic-gate sprintf(GETLINE, "SessionKey = %d", 1320*0Sstevel@tonic-gate get4(setupdata)); 1321*0Sstevel@tonic-gate setupdata += 4; 1322*0Sstevel@tonic-gate passwordlength = get2(setupdata); 1323*0Sstevel@tonic-gate sprintf(GETLINE, "PasswordLength = 0x%.4x", 1324*0Sstevel@tonic-gate passwordlength); 1325*0Sstevel@tonic-gate setupdata += 2; 1326*0Sstevel@tonic-gate upasswordlength = get2(setupdata); 1327*0Sstevel@tonic-gate sprintf(GETLINE, "UnicodePasswordLength = 0x%.4x", 1328*0Sstevel@tonic-gate upasswordlength); 1329*0Sstevel@tonic-gate setupdata += 6; 1330*0Sstevel@tonic-gate cap = get4(setupdata); 1331*0Sstevel@tonic-gate sprintf(GETLINE, "Capabilities = 0x%0.8x", cap); 1332*0Sstevel@tonic-gate setupdata += 4; 1333*0Sstevel@tonic-gate bytecount = get2(setupdata); 1334*0Sstevel@tonic-gate sprintf(GETLINE, "ByteCount = %d", bytecount); 1335*0Sstevel@tonic-gate setupdata = setupdata + 2 + passwordlength + upasswordlength; 1336*0Sstevel@tonic-gate if (isunicode) { 1337*0Sstevel@tonic-gate setupdata++; 1338*0Sstevel@tonic-gate length = 2*unicode2ascii( 1339*0Sstevel@tonic-gate tempstring, 256, setupdata, 256); 1340*0Sstevel@tonic-gate if (length == 2) { 1341*0Sstevel@tonic-gate sprintf(GETLINE, 1342*0Sstevel@tonic-gate "AccountName = %s", tempstring); 1343*0Sstevel@tonic-gate sprintf(GETLINE, 1344*0Sstevel@tonic-gate "DomainName = %s", tempstring); 1345*0Sstevel@tonic-gate setupdata += 3; 1346*0Sstevel@tonic-gate } else { 1347*0Sstevel@tonic-gate setupdata += length; 1348*0Sstevel@tonic-gate sprintf(GETLINE, 1349*0Sstevel@tonic-gate "AccountName = %s", tempstring); 1350*0Sstevel@tonic-gate length = 2*unicode2ascii( 1351*0Sstevel@tonic-gate tempstring, 256, setupdata, 256); 1352*0Sstevel@tonic-gate setupdata += length; 1353*0Sstevel@tonic-gate sprintf(GETLINE, 1354*0Sstevel@tonic-gate "DomainName = %s", tempstring); 1355*0Sstevel@tonic-gate } 1356*0Sstevel@tonic-gate length = 2*unicode2ascii( 1357*0Sstevel@tonic-gate tempstring, 256, setupdata, 256); 1358*0Sstevel@tonic-gate setupdata += (length+2); 1359*0Sstevel@tonic-gate sprintf(GETLINE, 1360*0Sstevel@tonic-gate "NativeOS = %s", tempstring); 1361*0Sstevel@tonic-gate length = 2*unicode2ascii( 1362*0Sstevel@tonic-gate tempstring, 256, setupdata, 256); 1363*0Sstevel@tonic-gate sprintf(GETLINE, 1364*0Sstevel@tonic-gate "NativeLanman = %s", tempstring); 1365*0Sstevel@tonic-gate } else { 1366*0Sstevel@tonic-gate length = sprintf(tempstring, (char *)setupdata); 1367*0Sstevel@tonic-gate setupdata += (length+1); 1368*0Sstevel@tonic-gate sprintf(GETLINE, "AccountName = %s", tempstring); 1369*0Sstevel@tonic-gate length = sprintf(tempstring, (char *)setupdata); 1370*0Sstevel@tonic-gate setupdata += (length+1); 1371*0Sstevel@tonic-gate sprintf(GETLINE, "DomainName = %s", tempstring); 1372*0Sstevel@tonic-gate length = sprintf(tempstring, (char *)setupdata); 1373*0Sstevel@tonic-gate setupdata += (length+1); 1374*0Sstevel@tonic-gate sprintf(GETLINE, "NativeOS = %s", tempstring); 1375*0Sstevel@tonic-gate sprintf(tempstring, (char *)setupdata); 1376*0Sstevel@tonic-gate sprintf(GETLINE, "NativeLanman = %s", tempstring); 1377*0Sstevel@tonic-gate } 1378*0Sstevel@tonic-gate } 1379*0Sstevel@tonic-gate 1380*0Sstevel@tonic-gate if (flags & F_DTAIL && smbdata->flags & SERVER_RESPONSE) { 1381*0Sstevel@tonic-gate if (wordcount != 3) 1382*0Sstevel@tonic-gate return; 1383*0Sstevel@tonic-gate sprintf(GETLINE, "ChainedCommand = 0x%.2x", 1384*0Sstevel@tonic-gate setupdata[0]); 1385*0Sstevel@tonic-gate setupdata += 2; 1386*0Sstevel@tonic-gate sprintf(GETLINE, "NextOffset = 0x%.4x", 1387*0Sstevel@tonic-gate get2(setupdata)); 1388*0Sstevel@tonic-gate setupdata += 2; 1389*0Sstevel@tonic-gate sprintf(GETLINE, "SetupAction = 0x%.4x", 1390*0Sstevel@tonic-gate get2(setupdata)); 1391*0Sstevel@tonic-gate setupdata += 2; 1392*0Sstevel@tonic-gate bytecount = get2(setupdata); 1393*0Sstevel@tonic-gate sprintf(GETLINE, "ByteCount = %d", bytecount); 1394*0Sstevel@tonic-gate setupdata += 2; 1395*0Sstevel@tonic-gate length = sprintf(tempstring, (char *)setupdata); 1396*0Sstevel@tonic-gate setupdata += (length+1); 1397*0Sstevel@tonic-gate sprintf(GETLINE, "NativeOS = %s", tempstring); 1398*0Sstevel@tonic-gate length = sprintf(tempstring, (char *)setupdata); 1399*0Sstevel@tonic-gate setupdata += (length+1); 1400*0Sstevel@tonic-gate sprintf(GETLINE, "NativeLanman = %s", tempstring); 1401*0Sstevel@tonic-gate length = sprintf(tempstring, (char *)setupdata); 1402*0Sstevel@tonic-gate sprintf(GETLINE, "DomainName = %s", tempstring); 1403*0Sstevel@tonic-gate } 1404*0Sstevel@tonic-gate } 1405*0Sstevel@tonic-gate 1406*0Sstevel@tonic-gate /* 1407*0Sstevel@tonic-gate * Interpret "Trans2" SMB 1408*0Sstevel@tonic-gate * [X/Open-SMB, Sec. 16] 1409*0Sstevel@tonic-gate * 1410*0Sstevel@tonic-gate * This is very much like "trans" above. 1411*0Sstevel@tonic-gate */ 1412*0Sstevel@tonic-gate /* ARGSUSED */ 1413*0Sstevel@tonic-gate static void 1414*0Sstevel@tonic-gate interpret_trans2(int flags, uchar_t *data, int len, char *xtra) 1415*0Sstevel@tonic-gate { 1416*0Sstevel@tonic-gate struct smb *smb; 1417*0Sstevel@tonic-gate uchar_t *vwv; /* word parameters */ 1418*0Sstevel@tonic-gate int wordcount; 1419*0Sstevel@tonic-gate uchar_t *byteparms; 1420*0Sstevel@tonic-gate int bytecount; 1421*0Sstevel@tonic-gate int parambytes; 1422*0Sstevel@tonic-gate int paramoffset; 1423*0Sstevel@tonic-gate int setupcount; 1424*0Sstevel@tonic-gate int subcode; 1425*0Sstevel@tonic-gate uchar_t *setupdata; 1426*0Sstevel@tonic-gate uchar_t *params; 1427*0Sstevel@tonic-gate char *name; 1428*0Sstevel@tonic-gate 1429*0Sstevel@tonic-gate smb = (struct smb *)data; 1430*0Sstevel@tonic-gate vwv = (uchar_t *)data + sizeof (struct smb); 1431*0Sstevel@tonic-gate wordcount = *vwv++; 1432*0Sstevel@tonic-gate 1433*0Sstevel@tonic-gate byteparms = vwv + (2 * wordcount); 1434*0Sstevel@tonic-gate bytecount = get2(byteparms); 1435*0Sstevel@tonic-gate byteparms += 2; 1436*0Sstevel@tonic-gate 1437*0Sstevel@tonic-gate /* 1438*0Sstevel@tonic-gate * Print the lengths before we (potentially) bail out 1439*0Sstevel@tonic-gate * due to lack of data (so the user knows why we did). 1440*0Sstevel@tonic-gate */ 1441*0Sstevel@tonic-gate if (flags & F_DTAIL) { 1442*0Sstevel@tonic-gate sprintf(GETLINE, "WordCount = %d", wordcount); 1443*0Sstevel@tonic-gate sprintf(GETLINE, "ByteCount = %d", bytecount); 1444*0Sstevel@tonic-gate } 1445*0Sstevel@tonic-gate 1446*0Sstevel@tonic-gate /* Get length and location of params and setup data. */ 1447*0Sstevel@tonic-gate if (!(smb->flags & SERVER_RESPONSE)) { 1448*0Sstevel@tonic-gate /* CALL */ 1449*0Sstevel@tonic-gate if (wordcount < 14) 1450*0Sstevel@tonic-gate return; 1451*0Sstevel@tonic-gate parambytes = get2(vwv + (2 * 9)); 1452*0Sstevel@tonic-gate paramoffset = get2(vwv + (2 * 10)); 1453*0Sstevel@tonic-gate setupcount = *(vwv + (2 * 13)); 1454*0Sstevel@tonic-gate setupdata = vwv + (2 * 14); 1455*0Sstevel@tonic-gate } else { 1456*0Sstevel@tonic-gate /* REPLY */ 1457*0Sstevel@tonic-gate if (wordcount < 10) 1458*0Sstevel@tonic-gate return; 1459*0Sstevel@tonic-gate parambytes = get2(vwv + (2 * 3)); 1460*0Sstevel@tonic-gate paramoffset = get2(vwv + (2 * 4)); 1461*0Sstevel@tonic-gate setupcount = *(vwv + (2 * 9)); 1462*0Sstevel@tonic-gate setupdata = vwv + (2 * 10); 1463*0Sstevel@tonic-gate } 1464*0Sstevel@tonic-gate if (setupcount > 0) 1465*0Sstevel@tonic-gate subcode = get2(setupdata); 1466*0Sstevel@tonic-gate else 1467*0Sstevel@tonic-gate subcode = -1; /* invalid */ 1468*0Sstevel@tonic-gate 1469*0Sstevel@tonic-gate /* The parameters are offset from the SMB header. */ 1470*0Sstevel@tonic-gate params = data + paramoffset; 1471*0Sstevel@tonic-gate 1472*0Sstevel@tonic-gate if (flags & F_DTAIL && !(smb->flags & SERVER_RESPONSE)) { 1473*0Sstevel@tonic-gate /* This is a CALL. */ 1474*0Sstevel@tonic-gate /* print the word parameters */ 1475*0Sstevel@tonic-gate sprintf(GETLINE, "TotalParamBytes = %d", get2(vwv)); 1476*0Sstevel@tonic-gate sprintf(GETLINE, "TotalDataBytes = %d", get2(vwv+2)); 1477*0Sstevel@tonic-gate sprintf(GETLINE, "MaxParamBytes = %d", get2(vwv+4)); 1478*0Sstevel@tonic-gate sprintf(GETLINE, "MaxDataBytes = %d", get2(vwv+6)); 1479*0Sstevel@tonic-gate sprintf(GETLINE, "MaxSetupWords = %d", vwv[8]); 1480*0Sstevel@tonic-gate sprintf(GETLINE, "TransFlags = 0x%.4x", get2(vwv+10)); 1481*0Sstevel@tonic-gate sprintf(GETLINE, "Timeout = 0x%.8x", get4(vwv+12)); 1482*0Sstevel@tonic-gate /* skip Reserved2 */ 1483*0Sstevel@tonic-gate sprintf(GETLINE, "ParamBytes = 0x%.4x", parambytes); 1484*0Sstevel@tonic-gate sprintf(GETLINE, "ParamOffset = 0x%.4x", paramoffset); 1485*0Sstevel@tonic-gate sprintf(GETLINE, "DataBytes = 0x%.4x", get2(vwv+22)); 1486*0Sstevel@tonic-gate sprintf(GETLINE, "DataOffset = 0x%.4x", get2(vwv+24)); 1487*0Sstevel@tonic-gate sprintf(GETLINE, "SetupWords = %d", setupcount); 1488*0Sstevel@tonic-gate 1489*0Sstevel@tonic-gate /* That finishes the VWV, now the misc. stuff. */ 1490*0Sstevel@tonic-gate sprintf(GETLINE, "FunctionCode = %d", subcode); 1491*0Sstevel@tonic-gate } 1492*0Sstevel@tonic-gate 1493*0Sstevel@tonic-gate if (!(smb->flags & SERVER_RESPONSE)) { 1494*0Sstevel@tonic-gate /* This is a CALL. Do sub-function. */ 1495*0Sstevel@tonic-gate switch (subcode) { 1496*0Sstevel@tonic-gate case TRANS2_OPEN: 1497*0Sstevel@tonic-gate name = "Open"; 1498*0Sstevel@tonic-gate goto name_only; 1499*0Sstevel@tonic-gate case TRANS2_FIND_FIRST: 1500*0Sstevel@tonic-gate output_trans2_findfirst(flags, params, xtra); 1501*0Sstevel@tonic-gate break; 1502*0Sstevel@tonic-gate case TRANS2_FIND_NEXT2: 1503*0Sstevel@tonic-gate output_trans2_findnext(flags, params, xtra); 1504*0Sstevel@tonic-gate break; 1505*0Sstevel@tonic-gate case TRANS2_QUERY_FS_INFORMATION: 1506*0Sstevel@tonic-gate name = "QueryFSInfo"; 1507*0Sstevel@tonic-gate goto name_only; 1508*0Sstevel@tonic-gate case TRANS2_QUERY_PATH_INFORMATION: 1509*0Sstevel@tonic-gate output_trans2_querypath(flags, params, xtra); 1510*0Sstevel@tonic-gate break; 1511*0Sstevel@tonic-gate case TRANS2_SET_PATH_INFORMATION: 1512*0Sstevel@tonic-gate name = "SetPathInfo"; 1513*0Sstevel@tonic-gate goto name_only; 1514*0Sstevel@tonic-gate case TRANS2_QUERY_FILE_INFORMATION: 1515*0Sstevel@tonic-gate output_trans2_queryfile(flags, params, xtra); 1516*0Sstevel@tonic-gate break; 1517*0Sstevel@tonic-gate case TRANS2_SET_FILE_INFORMATION: 1518*0Sstevel@tonic-gate output_trans2_setfile(flags, params, xtra); 1519*0Sstevel@tonic-gate break; 1520*0Sstevel@tonic-gate case TRANS2_CREATE_DIRECTORY: 1521*0Sstevel@tonic-gate name = "CreateDir"; 1522*0Sstevel@tonic-gate goto name_only; 1523*0Sstevel@tonic-gate 1524*0Sstevel@tonic-gate default: 1525*0Sstevel@tonic-gate name = "Unknown"; 1526*0Sstevel@tonic-gate /* fall through */ 1527*0Sstevel@tonic-gate name_only: 1528*0Sstevel@tonic-gate if (flags & F_SUM) 1529*0Sstevel@tonic-gate sprintf(xtra, "%s ", name); 1530*0Sstevel@tonic-gate if (flags & F_DTAIL) 1531*0Sstevel@tonic-gate sprintf(GETLINE, "FunctionName = %s", name); 1532*0Sstevel@tonic-gate break; 1533*0Sstevel@tonic-gate } 1534*0Sstevel@tonic-gate } 1535*0Sstevel@tonic-gate 1536*0Sstevel@tonic-gate if (flags & F_DTAIL && smb->flags & SERVER_RESPONSE) { 1537*0Sstevel@tonic-gate /* This is a REPLY. */ 1538*0Sstevel@tonic-gate /* print the word parameters */ 1539*0Sstevel@tonic-gate sprintf(GETLINE, "TotalParamBytes = %d", get2(vwv)); 1540*0Sstevel@tonic-gate sprintf(GETLINE, "TotalDataBytes = %d", get2(vwv+2)); 1541*0Sstevel@tonic-gate /* skip Reserved */ 1542*0Sstevel@tonic-gate sprintf(GETLINE, "ParamBytes = 0x%.4x", parambytes); 1543*0Sstevel@tonic-gate sprintf(GETLINE, "ParamOffset = 0x%.4x", paramoffset); 1544*0Sstevel@tonic-gate sprintf(GETLINE, "ParamDispl. = 0x%.4x", get2(vwv+10)); 1545*0Sstevel@tonic-gate sprintf(GETLINE, "DataBytes = 0x%.4x", get2(vwv+12)); 1546*0Sstevel@tonic-gate sprintf(GETLINE, "DataOffset = 0x%.4x", get2(vwv+14)); 1547*0Sstevel@tonic-gate sprintf(GETLINE, "DataDispl. = 0x%.4x", get2(vwv+16)); 1548*0Sstevel@tonic-gate sprintf(GETLINE, "SetupWords = %d", setupcount); 1549*0Sstevel@tonic-gate 1550*0Sstevel@tonic-gate output_bytes(byteparms, bytecount); 1551*0Sstevel@tonic-gate } 1552*0Sstevel@tonic-gate } 1553*0Sstevel@tonic-gate 1554*0Sstevel@tonic-gate 1555*0Sstevel@tonic-gate static void 1556*0Sstevel@tonic-gate interpret_default(int flags, uchar_t *data, int len, char *xtra) 1557*0Sstevel@tonic-gate { 1558*0Sstevel@tonic-gate int slength; 1559*0Sstevel@tonic-gate int i; 1560*0Sstevel@tonic-gate int printit; 1561*0Sstevel@tonic-gate int wordcount; 1562*0Sstevel@tonic-gate char *outstr; 1563*0Sstevel@tonic-gate char *prfmt; 1564*0Sstevel@tonic-gate char *format; 1565*0Sstevel@tonic-gate char valuetype; 1566*0Sstevel@tonic-gate char word[10]; 1567*0Sstevel@tonic-gate char *label; 1568*0Sstevel@tonic-gate char tempstring[256]; 1569*0Sstevel@tonic-gate uchar_t *comdata, *limit; 1570*0Sstevel@tonic-gate char buff[80]; 1571*0Sstevel@tonic-gate struct smb *smbdata; 1572*0Sstevel@tonic-gate struct decode *decoder; 1573*0Sstevel@tonic-gate 1574*0Sstevel@tonic-gate smbdata = (struct smb *)data; 1575*0Sstevel@tonic-gate comdata = (uchar_t *)data + sizeof (struct smb); 1576*0Sstevel@tonic-gate wordcount = *comdata++; 1577*0Sstevel@tonic-gate limit = data + len; 1578*0Sstevel@tonic-gate 1579*0Sstevel@tonic-gate decoder = &SMBtable[smbdata->com & 255]; 1580*0Sstevel@tonic-gate 1581*0Sstevel@tonic-gate if (smbdata->flags & SERVER_RESPONSE) 1582*0Sstevel@tonic-gate format = decoder->replyfmt; 1583*0Sstevel@tonic-gate else 1584*0Sstevel@tonic-gate format = decoder->callfmt; 1585*0Sstevel@tonic-gate 1586*0Sstevel@tonic-gate if (!format || strlen(format) == 0) { 1587*0Sstevel@tonic-gate if (wordcount == 0 || flags & F_SUM) 1588*0Sstevel@tonic-gate return; 1589*0Sstevel@tonic-gate sprintf(GETLINE, "WordCount = %d", wordcount); 1590*0Sstevel@tonic-gate sprintf(GETLINE, "Word values (in hex):"); 1591*0Sstevel@tonic-gate for (i = 0; i < wordcount; i++) { 1592*0Sstevel@tonic-gate sprintf(word, "%.4x ", get2(comdata)); 1593*0Sstevel@tonic-gate comdata += 2; 1594*0Sstevel@tonic-gate if (comdata >= limit) 1595*0Sstevel@tonic-gate wordcount = i+1; /* terminate */ 1596*0Sstevel@tonic-gate strcat(buff, word); 1597*0Sstevel@tonic-gate if (((i+1) & 7) == 0 || i == (wordcount-1)) { 1598*0Sstevel@tonic-gate sprintf(GETLINE, "%s", buff); 1599*0Sstevel@tonic-gate strcpy(buff, ""); 1600*0Sstevel@tonic-gate } 1601*0Sstevel@tonic-gate } 1602*0Sstevel@tonic-gate return; 1603*0Sstevel@tonic-gate } 1604*0Sstevel@tonic-gate 1605*0Sstevel@tonic-gate 1606*0Sstevel@tonic-gate valuetype = format[0]; 1607*0Sstevel@tonic-gate while (valuetype != '\0') { 1608*0Sstevel@tonic-gate if (comdata >= limit) 1609*0Sstevel@tonic-gate break; 1610*0Sstevel@tonic-gate if ((flags & F_DTAIL) && valuetype != 'r' && valuetype != 'R') 1611*0Sstevel@tonic-gate outstr = GETLINE; 1612*0Sstevel@tonic-gate else 1613*0Sstevel@tonic-gate outstr = xtra + strlen(xtra); 1614*0Sstevel@tonic-gate label = format+1; 1615*0Sstevel@tonic-gate printit = (flags & F_DTAIL) || (valuetype <= 'Z'); 1616*0Sstevel@tonic-gate 1617*0Sstevel@tonic-gate switch (valuetype) { 1618*0Sstevel@tonic-gate case 'W': 1619*0Sstevel@tonic-gate case 'w': 1620*0Sstevel@tonic-gate prfmt = (flags & F_DTAIL) ? "%s = 0x%.4x" : "%s=0x%x "; 1621*0Sstevel@tonic-gate if (printit) 1622*0Sstevel@tonic-gate sprintf(outstr, prfmt, label, get2(comdata)); 1623*0Sstevel@tonic-gate comdata += 2; 1624*0Sstevel@tonic-gate break; 1625*0Sstevel@tonic-gate case 'D': 1626*0Sstevel@tonic-gate case 'd': 1627*0Sstevel@tonic-gate prfmt = (flags & F_DTAIL) ? "%s = %d" : "%s=%d "; 1628*0Sstevel@tonic-gate if (printit) 1629*0Sstevel@tonic-gate sprintf(outstr, prfmt, label, get2(comdata)); 1630*0Sstevel@tonic-gate comdata += 2; 1631*0Sstevel@tonic-gate break; 1632*0Sstevel@tonic-gate case 'L': 1633*0Sstevel@tonic-gate case 'l': 1634*0Sstevel@tonic-gate prfmt = (flags & F_DTAIL) ? "%s = 0x%.8x" : "%s=0x%x "; 1635*0Sstevel@tonic-gate if (printit) 1636*0Sstevel@tonic-gate sprintf(outstr, prfmt, label, get4(comdata)); 1637*0Sstevel@tonic-gate comdata += 4; 1638*0Sstevel@tonic-gate break; 1639*0Sstevel@tonic-gate case 'B': 1640*0Sstevel@tonic-gate case 'b': 1641*0Sstevel@tonic-gate prfmt = (flags & F_DTAIL) ? "%s = 0x%.2x" : "%s=0x%x "; 1642*0Sstevel@tonic-gate if (printit) 1643*0Sstevel@tonic-gate sprintf(outstr, prfmt, label, comdata[0]); 1644*0Sstevel@tonic-gate comdata += 1; 1645*0Sstevel@tonic-gate break; 1646*0Sstevel@tonic-gate case 'r': 1647*0Sstevel@tonic-gate comdata++; 1648*0Sstevel@tonic-gate break; 1649*0Sstevel@tonic-gate case 'R': 1650*0Sstevel@tonic-gate comdata += 2; 1651*0Sstevel@tonic-gate break; 1652*0Sstevel@tonic-gate case 'U': 1653*0Sstevel@tonic-gate case 'u': 1654*0Sstevel@tonic-gate prfmt = (flags & F_DTAIL) ? "%s = %s" : "%s=%s "; 1655*0Sstevel@tonic-gate slength = unicode2ascii(tempstring, 256, comdata, 256); 1656*0Sstevel@tonic-gate if (printit) 1657*0Sstevel@tonic-gate sprintf(outstr, prfmt, label, tempstring); 1658*0Sstevel@tonic-gate comdata += (slength*2 + 1); 1659*0Sstevel@tonic-gate break; 1660*0Sstevel@tonic-gate case 'S': 1661*0Sstevel@tonic-gate case 's': 1662*0Sstevel@tonic-gate prfmt = (flags & F_DTAIL) ? "%s = %s" : "%s=%s "; 1663*0Sstevel@tonic-gate slength = sprintf(tempstring, (char *)comdata); 1664*0Sstevel@tonic-gate if (printit) 1665*0Sstevel@tonic-gate sprintf(outstr, prfmt, label, tempstring); 1666*0Sstevel@tonic-gate comdata += (slength+1); 1667*0Sstevel@tonic-gate break; 1668*0Sstevel@tonic-gate } 1669*0Sstevel@tonic-gate format += (strlen(format) + 1); 1670*0Sstevel@tonic-gate valuetype = format[0]; 1671*0Sstevel@tonic-gate } 1672*0Sstevel@tonic-gate } 1673