internal static SMB2Command GetCreateResponse(CreateRequest request, ISMBShare share, SMB2ConnectionState state)
{
SMB2Session session = state.GetSession(request.Header.SessionID);
string path = request.Name;
if (!path.StartsWith(@"\"))
{
path = @"\" + path;
}
FileAccess createAccess = NTFileStoreHelper.ToCreateFileAccess(request.DesiredAccess, request.CreateDisposition);
if (share is FileSystemShare)
{
if (!((FileSystemShare)share).HasAccess(session.SecurityContext, path, createAccess))
{
state.LogToServer(Severity.Verbose, "Create: Opening '{0}{1}' failed. User '{2}' was denied access.", share.Name, path, session.UserName);
return(new ErrorResponse(request.CommandName, NTStatus.STATUS_ACCESS_DENIED));
}
}
object handle;
FileStatus fileStatus;
// GetFileInformation/FileNetworkOpenInformation requires FILE_READ_ATTRIBUTES
AccessMask desiredAccess = request.DesiredAccess | (AccessMask)FileAccessMask.FILE_READ_ATTRIBUTES;
NTStatus createStatus = share.FileStore.CreateFile(out handle, out fileStatus, path, desiredAccess, request.FileAttributes, request.ShareAccess, request.CreateDisposition, request.CreateOptions, session.SecurityContext);
if (createStatus != NTStatus.STATUS_SUCCESS)
{
state.LogToServer(Severity.Verbose, "Create: Opening '{0}{1}' failed. NTStatus: {2}.", share.Name, path, createStatus);
return(new ErrorResponse(request.CommandName, createStatus));
}
FileAccess fileAccess = NTFileStoreHelper.ToFileAccess(desiredAccess);
FileID? fileID = session.AddOpenFile(request.Header.TreeID, share.Name, path, handle, fileAccess);
if (fileID == null)
{
share.FileStore.CloseFile(handle);
state.LogToServer(Severity.Verbose, "Create: Opening '{0}{1}' failed. Too many open files.", share.Name, path);
return(new ErrorResponse(request.CommandName, NTStatus.STATUS_TOO_MANY_OPENED_FILES));
}
string fileAccessString = fileAccess.ToString().Replace(", ", "|");
string shareAccessString = request.ShareAccess.ToString().Replace(", ", "|");
state.LogToServer(Severity.Verbose, "Create: Opened '{0}{1}', FileAccess: {2}, ShareAccess: {3}. (SessionID: {4}, TreeID: {5}, FileId: {6})", share.Name, path, fileAccessString, shareAccessString, request.Header.SessionID, request.Header.TreeID, fileID.Value.Volatile);
if (share is NamedPipeShare)
{
return(CreateResponseForNamedPipe(fileID.Value, FileStatus.FILE_OPENED));
}
else
{
FileNetworkOpenInformation fileInfo = NTFileStoreHelper.GetNetworkOpenInformation(share.FileStore, handle);
CreateResponse response = CreateResponseFromFileSystemEntry(fileInfo, fileID.Value, fileStatus);
return(response);
}
}
internal static SMB2Command GetCreateResponse(CreateRequest request, ISMBShare share, SMB2ConnectionState state)
{
SMB2Session session = state.GetSession(request.Header.SessionID);
string path = request.Name;
if (!path.StartsWith(@"\"))
{
path = @"\" + path;
}
FileAccess createAccess = NTFileStoreHelper.ToCreateFileAccess(request.DesiredAccess, request.CreateDisposition);
if (share is FileSystemShare)
{
if (!((FileSystemShare)share).HasAccess(session.SecurityContext, path, createAccess))
{
state.LogToServer(Severity.Verbose, "Create: Opening '{0}{1}' failed. User '{2}' was denied access.", share.Name, path, session.UserName);
return(new ErrorResponse(request.CommandName, NTStatus.STATUS_ACCESS_DENIED));
}
}
object handle;
FileStatus fileStatus;
NTStatus createStatus = share.FileStore.CreateFile(out handle, out fileStatus, path, request.DesiredAccess, request.ShareAccess, request.CreateDisposition, request.CreateOptions, session.SecurityContext);
if (createStatus != NTStatus.STATUS_SUCCESS)
{
state.LogToServer(Severity.Verbose, "Create: Opening '{0}{1}' failed. NTStatus: '{2}'.", share.Name, path, createStatus);
return(new ErrorResponse(request.CommandName, createStatus));
}
state.LogToServer(Severity.Verbose, "Create: Opened '{0}{1}'.", share.Name, path);
FileID?fileID = session.AddOpenFile(request.Header.TreeID, path, handle);
if (fileID == null)
{
share.FileStore.CloseFile(handle);
return(new ErrorResponse(request.CommandName, NTStatus.STATUS_TOO_MANY_OPENED_FILES));
}
if (share is NamedPipeShare)
{
return(CreateResponseForNamedPipe(fileID.Value, FileStatus.FILE_OPENED));
}
else
{
FileNetworkOpenInformation fileInfo = NTFileStoreHelper.GetNetworkOpenInformation(share.FileStore, handle);
CreateResponse response = CreateResponseFromFileSystemEntry(fileInfo, fileID.Value, fileStatus);
if (request.RequestedOplockLevel == OplockLevel.Batch)
{
response.OplockLevel = OplockLevel.Batch;
}
return(response);
}
}
internal static SMB1Command GetOpenAndXResponse(SMB1Header header, OpenAndXRequest request, ISMBShare share, SMB1ConnectionState state)
{
SMB1Session session = state.GetSession(header.UID);
bool isExtended = (request.Flags & OpenFlags.SMB_OPEN_EXTENDED_RESPONSE) > 0;
string path = request.FileName;
if (!path.StartsWith(@"\"))
{
path = @"\" + path;
}
AccessMask desiredAccess;
ShareAccess shareAccess;
CreateDisposition createDisposition;
try
{
desiredAccess = ToAccessMask(request.AccessMode.AccessMode);
shareAccess = ToShareAccess(request.AccessMode.SharingMode);
createDisposition = ToCreateDisposition(request.OpenMode);
}
catch (ArgumentException)
{
// Invalid input according to MS-CIFS
header.Status = NTStatus.STATUS_OS2_INVALID_ACCESS;
return(new ErrorResponse(request.CommandName));
}
CreateOptions createOptions = ToCreateOptions(request.AccessMode);
FileAccess createAccess = NTFileStoreHelper.ToCreateFileAccess(desiredAccess, createDisposition);
if (share is FileSystemShare)
{
if (!((FileSystemShare)share).HasAccess(session.SecurityContext, path, createAccess))
{
state.LogToServer(Severity.Verbose, "OpenAndX: Opening '{0}{1}' failed. User '{2}' was denied access.", share.Name, request.FileName, session.UserName);
header.Status = NTStatus.STATUS_ACCESS_DENIED;
return(new ErrorResponse(request.CommandName));
}
}
object handle;
FileStatus fileStatus;
header.Status = share.FileStore.CreateFile(out handle, out fileStatus, path, desiredAccess, 0, shareAccess, createDisposition, createOptions, session.SecurityContext);
if (header.Status != NTStatus.STATUS_SUCCESS)
{
state.LogToServer(Severity.Verbose, "OpenAndX: Opening '{0}{1}' failed. NTStatus: {2}.", share.Name, path, header.Status);
return(new ErrorResponse(request.CommandName));
}
FileAccess fileAccess = ToFileAccess(request.AccessMode.AccessMode);
ushort? fileID = session.AddOpenFile(header.TID, share.Name, path, handle, fileAccess);
if (!fileID.HasValue)
{
share.FileStore.CloseFile(handle);
state.LogToServer(Severity.Verbose, "Create: Opening '{0}{1}' failed. Too many open files.", share.Name, path);
header.Status = NTStatus.STATUS_TOO_MANY_OPENED_FILES;
return(new ErrorResponse(request.CommandName));
}
state.LogToServer(Severity.Verbose, "OpenAndX: Opened '{0}{1}'. (UID: {2}, TID: {3}, FID: {4})", share.Name, path, header.UID, header.TID, fileID.Value);
OpenResult openResult = ToOpenResult(fileStatus);
if (share is NamedPipeShare)
{
if (isExtended)
{
return(CreateResponseExtendedForNamedPipe(fileID.Value, openResult));
}
else
{
return(CreateResponseForNamedPipe(fileID.Value, openResult));
}
}
else // FileSystemShare
{
FileNetworkOpenInformation fileInfo = NTFileStoreHelper.GetNetworkOpenInformation(share.FileStore, handle);
if (isExtended)
{
return(CreateResponseExtendedFromFileInfo(fileInfo, fileID.Value, openResult));
}
else
{
return(CreateResponseFromFileInfo(fileInfo, fileID.Value, openResult));
}
}
}
internal static SMB1Command GetNTCreateResponse(SMB1Header header, NTCreateAndXRequest request, ISMBShare share, SMB1ConnectionState state)
{
SMB1Session session = state.GetSession(header.UID);
bool isExtended = (request.Flags & NTCreateFlags.NT_CREATE_REQUEST_EXTENDED_RESPONSE) > 0;
string path = request.FileName;
FileAccess createAccess = NTFileStoreHelper.ToCreateFileAccess(request.DesiredAccess, request.CreateDisposition);
if (share is FileSystemShare)
{
if (!((FileSystemShare)share).HasAccess(session.SecurityContext, path, createAccess))
{
state.LogToServer(Severity.Verbose, "Create: Opening '{0}{1}' failed. User '{2}' was denied access.", share.Name, request.FileName, session.UserName);
header.Status = NTStatus.STATUS_ACCESS_DENIED;
return(new ErrorResponse(request.CommandName));
}
}
object handle;
FileStatus fileStatus;
NTStatus createStatus = share.FileStore.CreateFile(out handle, out fileStatus, path, request.DesiredAccess, request.ShareAccess, request.CreateDisposition, request.CreateOptions, session.SecurityContext);
if (createStatus != NTStatus.STATUS_SUCCESS)
{
state.LogToServer(Severity.Verbose, "Create: Opening '{0}{1}' failed. NTStatus: '{2}'.", share.Name, path, createStatus);
header.Status = createStatus;
return(new ErrorResponse(request.CommandName));
}
state.LogToServer(Severity.Verbose, "Create: Opened '{0}{1}'.", share.Name, path);
ushort?fileID = session.AddOpenFile(header.TID, path, handle);
if (!fileID.HasValue)
{
share.FileStore.CloseFile(handle);
header.Status = NTStatus.STATUS_TOO_MANY_OPENED_FILES;
return(new ErrorResponse(request.CommandName));
}
if (share is NamedPipeShare)
{
if (isExtended)
{
return(CreateResponseExtendedForNamedPipe(fileID.Value, FileStatus.FILE_OPENED));
}
else
{
return(CreateResponseForNamedPipe(fileID.Value, FileStatus.FILE_OPENED));
}
}
else // FileSystemShare
{
FileNetworkOpenInformation fileInfo = NTFileStoreHelper.GetNetworkOpenInformation(share.FileStore, handle);
if (isExtended)
{
NTCreateAndXResponseExtended response = CreateResponseExtendedFromFileInformation(fileInfo, fileID.Value, fileStatus);
if ((request.Flags & NTCreateFlags.NT_CREATE_REQUEST_OPBATCH) > 0)
{
response.OpLockLevel = OpLockLevel.BatchOpLockGranted;
}
return(response);
}
else
{
NTCreateAndXResponse response = CreateResponseFromFileInformation(fileInfo, fileID.Value, fileStatus);
if ((request.Flags & NTCreateFlags.NT_CREATE_REQUEST_OPBATCH) > 0)
{
response.OpLockLevel = OpLockLevel.BatchOpLockGranted;
}
return(response);
}
}
}
internal static SMB1Command GetNTCreateResponse(SMB1Header header, NTCreateAndXRequest request, ISMBShare share, SMB1ConnectionState state)
{
SMB1Session session = state.GetSession(header.UID);
bool isExtended = (request.Flags & NTCreateFlags.NT_CREATE_REQUEST_EXTENDED_RESPONSE) > 0;
string path = request.FileName;
if (!path.StartsWith(@"\"))
{
path = @"\" + path;
}
FileAccess createAccess = NTFileStoreHelper.ToCreateFileAccess(request.DesiredAccess, request.CreateDisposition);
if (share is FileSystemShare)
{
if (!((FileSystemShare)share).HasAccess(session.SecurityContext, path, createAccess))
{
state.LogToServer(Severity.Verbose, "Create: Opening '{0}{1}' failed. User '{2}' was denied access.", share.Name, request.FileName, session.UserName);
header.Status = NTStatus.STATUS_ACCESS_DENIED;
return(new ErrorResponse(request.CommandName));
}
}
object handle;
FileStatus fileStatus;
FileAttributes fileAttributes = ToFileAttributes(request.ExtFileAttributes);
// GetFileInformation/FileNetworkOpenInformation requires FILE_READ_ATTRIBUTES
AccessMask desiredAccess = request.DesiredAccess | (AccessMask)FileAccessMask.FILE_READ_ATTRIBUTES;
NTStatus createStatus = share.FileStore.CreateFile(out handle, out fileStatus, path, desiredAccess, fileAttributes, request.ShareAccess, request.CreateDisposition, request.CreateOptions, session.SecurityContext);
if (createStatus != NTStatus.STATUS_SUCCESS)
{
state.LogToServer(Severity.Verbose, "Create: Opening '{0}{1}' failed. NTStatus: {2}.", share.Name, path, createStatus);
header.Status = createStatus;
return(new ErrorResponse(request.CommandName));
}
FileAccess fileAccess = NTFileStoreHelper.ToFileAccess(desiredAccess);
ushort? fileID = session.AddOpenFile(header.TID, share.Name, path, handle, fileAccess);
if (!fileID.HasValue)
{
share.FileStore.CloseFile(handle);
state.LogToServer(Severity.Verbose, "Create: Opening '{0}{1}' failed. Too many open files.", share.Name, path);
header.Status = NTStatus.STATUS_TOO_MANY_OPENED_FILES;
return(new ErrorResponse(request.CommandName));
}
string fileAccessString = fileAccess.ToString().Replace(", ", "|");
string shareAccessString = request.ShareAccess.ToString().Replace(", ", "|");
state.LogToServer(Severity.Verbose, "Create: Opened '{0}{1}', FileAccess: {2}, ShareAccess: {3}. (UID: {4}, TID: {5}, FID: {6})", share.Name, path, fileAccessString, shareAccessString, header.UID, header.TID, fileID.Value);
if (share is NamedPipeShare)
{
if (isExtended)
{
return(CreateResponseExtendedForNamedPipe(fileID.Value, FileStatus.FILE_OPENED));
}
else
{
return(CreateResponseForNamedPipe(fileID.Value, FileStatus.FILE_OPENED));
}
}
else // FileSystemShare
{
FileNetworkOpenInformation fileInfo = NTFileStoreHelper.GetNetworkOpenInformation(share.FileStore, handle);
if (isExtended)
{
NTCreateAndXResponseExtended response = CreateResponseExtendedFromFileInformation(fileInfo, fileID.Value, fileStatus);
return(response);
}
else
{
NTCreateAndXResponse response = CreateResponseFromFileInformation(fileInfo, fileID.Value, fileStatus);
return(response);
}
}
}
public NTStatus CreateFile(out object handle, out FileStatus fileStatus, string path, AccessMask desiredAccess, FileAttributes fileAttributes, ShareAccess shareAccess, CreateDisposition createDisposition, CreateOptions createOptions, SecurityContext securityContext)
{
handle = null;
fileStatus = FileStatus.FILE_DOES_NOT_EXIST;
FileAccess createAccess = NTFileStoreHelper.ToCreateFileAccess(desiredAccess, createDisposition);
bool requestedWriteAccess = (createAccess & FileAccess.Write) > 0;
bool forceDirectory = (createOptions & CreateOptions.FILE_DIRECTORY_FILE) > 0;
bool forceFile = (createOptions & CreateOptions.FILE_NON_DIRECTORY_FILE) > 0;
if (forceDirectory & (createDisposition != CreateDisposition.FILE_CREATE &&
createDisposition != CreateDisposition.FILE_OPEN &&
createDisposition != CreateDisposition.FILE_OPEN_IF &&
createDisposition != CreateDisposition.FILE_SUPERSEDE))
{
return(NTStatus.STATUS_INVALID_PARAMETER);
}
// Windows will try to access named streams (alternate data streams) regardless of the FILE_NAMED_STREAMS flag, we need to prevent this behaviour.
if (!m_fileSystem.SupportsNamedStreams && path.Contains(":"))
{
// Windows Server 2003 will return STATUS_OBJECT_NAME_NOT_FOUND
return(NTStatus.STATUS_NO_SUCH_FILE);
}
FileSystemEntry entry = null;
try
{
entry = m_fileSystem.GetEntry(path);
}
catch (FileNotFoundException)
{
}
catch (DirectoryNotFoundException)
{
}
catch (Exception ex)
{
if (ex is IOException || ex is UnauthorizedAccessException)
{
NTStatus status = ToNTStatus(ex);
Log(Severity.Verbose, "CreateFile: Error retrieving '{0}'. {1}.", path, status);
return(status);
}
else
{
throw;
}
}
if (createDisposition == CreateDisposition.FILE_OPEN)
{
if (entry == null)
{
return(NTStatus.STATUS_NO_SUCH_FILE);
}
fileStatus = FileStatus.FILE_EXISTS;
if (entry.IsDirectory && forceFile)
{
return(NTStatus.STATUS_FILE_IS_A_DIRECTORY);
}
if (!entry.IsDirectory && forceDirectory)
{
return(NTStatus.STATUS_OBJECT_PATH_INVALID);
}
}
else if (createDisposition == CreateDisposition.FILE_CREATE)
{
if (entry != null)
{
// File already exists, fail the request
Log(Severity.Verbose, "CreateFile: File '{0}' already exists.", path);
fileStatus = FileStatus.FILE_EXISTS;
return(NTStatus.STATUS_OBJECT_NAME_COLLISION);
}
if (!requestedWriteAccess)
{
return(NTStatus.STATUS_ACCESS_DENIED);
}
try
{
if (forceDirectory)
{
Log(Severity.Information, "CreateFile: Creating directory '{0}'", path);
entry = m_fileSystem.CreateDirectory(path);
}
else
{
Log(Severity.Information, "CreateFile: Creating file '{0}'", path);
entry = m_fileSystem.CreateFile(path);
}
}
catch (Exception ex)
{
if (ex is IOException || ex is UnauthorizedAccessException)
{
NTStatus status = ToNTStatus(ex);
Log(Severity.Verbose, "CreateFile: Error creating '{0}'. {1}.", path, status);
return(status);
}
else
{
throw;
}
}
fileStatus = FileStatus.FILE_CREATED;
}
else if (createDisposition == CreateDisposition.FILE_OPEN_IF ||
createDisposition == CreateDisposition.FILE_OVERWRITE ||
createDisposition == CreateDisposition.FILE_OVERWRITE_IF ||
createDisposition == CreateDisposition.FILE_SUPERSEDE)
{
if (entry == null)
{
if (createDisposition == CreateDisposition.FILE_OVERWRITE)
{
return(NTStatus.STATUS_OBJECT_PATH_NOT_FOUND);
}
if (!requestedWriteAccess)
{
return(NTStatus.STATUS_ACCESS_DENIED);
}
try
{
if (forceDirectory)
{
Log(Severity.Information, "CreateFile: Creating directory '{0}'", path);
entry = m_fileSystem.CreateDirectory(path);
}
else
{
Log(Severity.Information, "CreateFile: Creating file '{0}'", path);
entry = m_fileSystem.CreateFile(path);
}
}
catch (Exception ex)
{
if (ex is IOException || ex is UnauthorizedAccessException)
{
NTStatus status = ToNTStatus(ex);
Log(Severity.Verbose, "CreateFile: Error creating '{0}'. {1}.", path, status);
return(status);
}
else
{
throw;
}
}
fileStatus = FileStatus.FILE_CREATED;
}
else
{
fileStatus = FileStatus.FILE_EXISTS;
if (createDisposition == CreateDisposition.FILE_OPEN_IF)
{
if (entry.IsDirectory && forceFile)
{
return(NTStatus.STATUS_FILE_IS_A_DIRECTORY);
}
if (!entry.IsDirectory && forceDirectory)
{
return(NTStatus.STATUS_OBJECT_PATH_INVALID);
}
}
else
{
if (!requestedWriteAccess)
{
return(NTStatus.STATUS_ACCESS_DENIED);
}
if (createDisposition == CreateDisposition.FILE_OVERWRITE ||
createDisposition == CreateDisposition.FILE_OVERWRITE_IF)
{
// Truncate the file
try
{
Stream temp = m_fileSystem.OpenFile(path, FileMode.Truncate, FileAccess.ReadWrite, FileShare.ReadWrite, FileOptions.None);
temp.Close();
}
catch (Exception ex)
{
if (ex is IOException || ex is UnauthorizedAccessException)
{
NTStatus status = ToNTStatus(ex);
Log(Severity.Verbose, "CreateFile: Error truncating '{0}'. {1}.", path, status);
return(status);
}
else
{
throw;
}
}
fileStatus = FileStatus.FILE_OVERWRITTEN;
}
else if (createDisposition == CreateDisposition.FILE_SUPERSEDE)
{
// Delete the old file
try
{
m_fileSystem.Delete(path);
}
catch (Exception ex)
{
if (ex is IOException || ex is UnauthorizedAccessException)
{
NTStatus status = ToNTStatus(ex);
Log(Severity.Verbose, "CreateFile: Error deleting '{0}'. {1}.", path, status);
return(status);
}
else
{
throw;
}
}
try
{
if (forceDirectory)
{
Log(Severity.Information, "CreateFile: Creating directory '{0}'", path);
entry = m_fileSystem.CreateDirectory(path);
}
else
{
Log(Severity.Information, "CreateFile: Creating file '{0}'", path);
entry = m_fileSystem.CreateFile(path);
}
}
catch (Exception ex)
{
if (ex is IOException || ex is UnauthorizedAccessException)
{
NTStatus status = ToNTStatus(ex);
Log(Severity.Verbose, "CreateFile: Error creating '{0}'. {1}.", path, status);
return(status);
}
else
{
throw;
}
}
fileStatus = FileStatus.FILE_SUPERSEDED;
}
}
}
}
else
{
return(NTStatus.STATUS_INVALID_PARAMETER);
}
FileAccess fileAccess = NTFileStoreHelper.ToFileAccess(desiredAccess);
Stream stream;
if (fileAccess == (FileAccess)0 || entry.IsDirectory)
{
stream = null;
}
else
{
// Note that SetFileInformationByHandle/FILE_DISPOSITION_INFO has no effect if the handle was opened with FILE_DELETE_ON_CLOSE.
NTStatus openStatus = OpenFileStream(out stream, path, fileAccess, shareAccess, createOptions);
if (openStatus != NTStatus.STATUS_SUCCESS)
{
return(openStatus);
}
}
bool deleteOnClose = (createOptions & CreateOptions.FILE_DELETE_ON_CLOSE) > 0;
handle = new FileHandle(path, entry.IsDirectory, stream, deleteOnClose);
if (fileStatus != FileStatus.FILE_CREATED &&
fileStatus != FileStatus.FILE_OVERWRITTEN &&
fileStatus != FileStatus.FILE_SUPERSEDED)
{
fileStatus = FileStatus.FILE_OPENED;
}
return(NTStatus.STATUS_SUCCESS);
}