Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

2604 lines
77 KiB

  1. /*++
  2. Copyright (c) 1989 Microsoft Corporation
  3. Module Name:
  4. Init.c
  5. Abstract:
  6. This module implements the DRIVER_INITIALIZATION routine for the SMB mini rdr.
  7. Author:
  8. Balan Sethu Raman [SethuR] 7-Mar-1995
  9. Revision History:
  10. --*/
  11. #include "precomp.h"
  12. #pragma hdrstop
  13. #include "ntverp.h"
  14. #include "ntbowsif.h"
  15. #include <bowpub.h>
  16. #include "netevent.h"
  17. #include "nvisible.h"
  18. #include <ntddbrow.h>
  19. BOOL IsTerminalServicesServer();
  20. #define RDBSS_DRIVER_LOAD_STRING L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\Rdbss"
  21. #ifdef ALLOC_PRAGMA
  22. #pragma alloc_text(PAGE, DriverEntry)
  23. #pragma alloc_text(PAGE, MRxSmbInitUnwind)
  24. #pragma alloc_text(PAGE, MRxSmbInitUnwindSmb)
  25. #pragma alloc_text(PAGE, MRxSmbInitUnwindBowser)
  26. #pragma alloc_text(PAGE, MRxSmbUnload)
  27. #pragma alloc_text(PAGE, MRxSmbInitializeTables)
  28. #pragma alloc_text(PAGE, MRxSmbStart)
  29. #pragma alloc_text(PAGE, MRxSmbStop)
  30. #pragma alloc_text(PAGE, MRxSmbInitializeSecurity)
  31. #pragma alloc_text(PAGE, MRxSmbUninitializeSecurity)
  32. #pragma alloc_text(PAGE, MRxSmbReadMiscellaneousRegistryParameters)
  33. #pragma alloc_text(PAGE, SmbCeGetConfigurationInformation)
  34. #pragma alloc_text(PAGE, MRxSmbFsdDispatch)
  35. #pragma alloc_text(PAGE, MRxSmbDeallocateForFcb)
  36. #pragma alloc_text(PAGE, MRxSmbDeallocateForFobx)
  37. #pragma alloc_text(PAGE, MRxSmbGetUlongRegistryParameter)
  38. #pragma alloc_text(PAGE, MRxSmbPreUnload)
  39. #pragma alloc_text(PAGE, IsTerminalServicesServer)
  40. #endif
  41. extern ERESOURCE s_SmbCeDbResource;
  42. extern ERESOURCE s_SmbSecuritySignatureResource;
  43. NTSYSAPI
  44. NTSTATUS
  45. NTAPI
  46. ZwLoadDriver(
  47. IN PUNICODE_STRING DriverServiceName
  48. );
  49. //
  50. // Global data declarations .
  51. //
  52. PVOID MRxSmbPoRegistrationState = NULL;
  53. FAST_MUTEX MRxSmbSerializationMutex;
  54. FAST_MUTEX MRxSmbReadWriteMutex;
  55. MRXSMB_CONFIGURATION MRxSmbConfiguration;
  56. MRXSMB_STATE MRxSmbState = MRXSMB_STARTABLE;
  57. SMBCE_CONTEXT SmbCeContext;
  58. PMDL s_pEchoSmbMdl = NULL;
  59. ULONG s_EchoSmbLength = 0;
  60. BOOLEAN EnablePlainTextPassword = FALSE;
  61. BOOLEAN SetupInProgress = FALSE;
  62. BOOLEAN EnableWmiLog = FALSE;
  63. BOOLEAN Win9xSessionRestriction = FALSE;
  64. ULONG OffLineFileTimeoutInterval = 1000; // in seconds
  65. ULONG ExtendedSessTimeoutInterval = 1000; // in seconds
  66. ULONG MaxNumOfExchangesForPipelineReadWrite = 8;
  67. #ifdef EXPLODE_POOLTAGS
  68. ULONG MRxSmbExplodePoolTags = 1;
  69. #else
  70. ULONG MRxSmbExplodePoolTags = 0;
  71. #endif
  72. //
  73. // This counts any SMBs sent out which could make the contents of the Get
  74. // File Attributes cache stale.
  75. //
  76. ULONG NameCacheGFAInvalidate;
  77. // local functions forward declarations
  78. NTSTATUS
  79. MRxSmbDeleteRegistryParameter(
  80. HANDLE ParametersHandle,
  81. PWCHAR ParameterName
  82. );
  83. //
  84. // Mini Redirector global variables.
  85. //
  86. struct _MINIRDR_DISPATCH MRxSmbDispatch;
  87. PRDBSS_DEVICE_OBJECT MRxSmbDeviceObject;
  88. MRXSMB_GLOBAL_PADDING MrxSmbCeGlobalPadding;
  89. LIST_ENTRY ExchangesWaitingForServerResponseBuffer;
  90. LONG NumOfBuffersForServerResponseInUse;
  91. BOOLEAN MRxSmbEnableCompression = FALSE;
  92. BOOLEAN MRxSmbSecuritySignaturesRequired = FALSE;
  93. BOOLEAN MRxSmbSecuritySignaturesEnabled = TRUE;
  94. BOOLEAN MRxSmbEnableCachingOnWriteOnlyOpens = FALSE;
  95. BOOLEAN MRxSmbEnableDownLevelLogOff = FALSE;
  96. ULONG MRxSmbConnectionIdLevel = 0;
  97. BOOLEAN UniqueFileNames = FALSE;
  98. BOOLEAN DisableByteRangeLockingOnReadOnlyFiles = FALSE;
  99. FAST_MUTEX MRxSmbFileInfoCacheLock;
  100. //
  101. // The following variable controls whether clientside cacheing is enabled or not.
  102. // It is the responsibility of the Csc routines themselves to do the right things
  103. // is CSC is not enabled because we will make the calls anyway.
  104. //
  105. BOOLEAN MRxSmbIsCscEnabled = TRUE;
  106. BOOLEAN MRxSmbIsCscEnabledForDisconnected = TRUE;
  107. BOOLEAN MRxSmbCscTransitionEnabledByDefault = FALSE;
  108. BOOLEAN MRxSmbEnableDisconnectedRB = FALSE; // don't transition remoteboot machine to disconnected state
  109. BOOLEAN MRxSmbCscAutoDialEnabled = FALSE;
  110. //
  111. // If this flag is TRUE, we strictly obey the transport binding order. If it is FALSE,
  112. // we can use whatever transport we want to connect to the remote server.
  113. //
  114. BOOLEAN MRxSmbObeyBindingOrder = FALSE;
  115. ULONG MRxSmbBuildNumber = VER_PRODUCTBUILD;
  116. #ifdef RX_PRIVATE_BUILD
  117. ULONG MRxSmbPrivateBuild = 1;
  118. #else
  119. ULONG MRxSmbPrivateBuild = 0;
  120. #endif
  121. //
  122. // MRxSmbSecurityInitialized indicates whether MRxSmbInitializeSecurity
  123. // has been called.
  124. //
  125. BOOLEAN MRxSmbSecurityInitialized = FALSE;
  126. //
  127. // MRxSmbBootedRemotely indicates that the machine did a remote boot.
  128. //
  129. BOOLEAN MRxSmbBootedRemotely = FALSE;
  130. //
  131. // MRxSmbUseKernelSecurity indicates that the machine should use kernel mode security APIs
  132. // during this remote boot boot.
  133. //
  134. BOOLEAN MRxSmbUseKernelModeSecurity = FALSE;
  135. LIST_ENTRY MRxSmbPagingFilesSrvOpenList;
  136. //
  137. // These variables will, in the near future, be passed from the kernel to the
  138. // redirector to tell it which share is the remote boot share and how to log on
  139. // to the server.
  140. //
  141. PKEY_VALUE_PARTIAL_INFORMATION MRxSmbRemoteBootRootValue = NULL;
  142. PKEY_VALUE_PARTIAL_INFORMATION MRxSmbRemoteBootMachineDirectoryValue = NULL;
  143. UNICODE_STRING MRxSmbRemoteBootShare;
  144. UNICODE_STRING MRxSmbRemoteBootPath;
  145. UNICODE_STRING MRxSmbRemoteSetupPath;
  146. UNICODE_STRING MRxSmbRemoteBootMachineName;
  147. UNICODE_STRING MRxSmbRemoteBootMachinePassword;
  148. UNICODE_STRING MRxSmbRemoteBootMachineDomain;
  149. UCHAR MRxSmbRemoteBootMachineSid[RI_SECRET_SID_SIZE];
  150. RI_SECRET MRxSmbRemoteBootSecret;
  151. #if defined(REMOTE_BOOT)
  152. BOOLEAN MRxSmbRemoteBootSecretValid = FALSE;
  153. BOOLEAN MRxSmbRemoteBootDoMachineLogon;
  154. BOOLEAN MRxSmbRemoteBootUsePassword2;
  155. #endif // defined(REMOTE_BOOT)
  156. //
  157. // for LoopBack detection
  158. //
  159. GUID CachedServerGuid;
  160. UNICODE_STRING MRxSmbRemoteBootRedirectionPrefix;
  161. UNICODE_PREFIX_TABLE MRxSmbRemoteBootRedirectionTable;
  162. //declare the shadow debugtrace controlpoints
  163. RXDT_DefineCategory(CREATE);
  164. RXDT_DefineCategory(CLEANUP);
  165. RXDT_DefineCategory(CLOSE);
  166. RXDT_DefineCategory(READ);
  167. RXDT_DefineCategory(WRITE);
  168. RXDT_DefineCategory(LOCKCTRL);
  169. RXDT_DefineCategory(FLUSH);
  170. RXDT_DefineCategory(PREFIX);
  171. RXDT_DefineCategory(FCBSTRUCTS);
  172. RXDT_DefineCategory(DISPATCH);
  173. RXDT_DefineCategory(EA);
  174. RXDT_DefineCategory(DEVFCB);
  175. RXDT_DefineCategory(DISCCODE); //this shouldn't be a shadow
  176. RXDT_DefineCategory(BROWSER); //this shouldn't be a shadow
  177. RXDT_DefineCategory(CONNECT); //this shouldn't be a shadow
  178. typedef enum _MRXSMB_INIT_STATES {
  179. MRXSMBINIT_ALL_INITIALIZATION_COMPLETED,
  180. MRXSMBINIT_STARTED_BROWSER,
  181. MRXSMBINIT_INITIALIZED_FOR_CSC,
  182. MRXSMBINIT_MINIRDR_REGISTERED,
  183. MRXSMBINIT_START
  184. } MRXSMB_INIT_STATES;
  185. NTSTATUS
  186. MRxSmbFsdDispatch (
  187. IN PDEVICE_OBJECT DeviceObject,
  188. IN PIRP Irp
  189. );
  190. NTSTATUS
  191. MRxSmbCheckTransportName(
  192. IN PIRP Irp,
  193. OUT PSMBCEDB_SERVER_ENTRY *ppServerEntry
  194. );
  195. NTSTATUS
  196. SmbCeGetServersWithExtendedSessTimeout();
  197. NTSTATUS
  198. DriverEntry(
  199. IN PDRIVER_OBJECT DriverObject,
  200. IN PUNICODE_STRING RegistryPath
  201. )
  202. /*++
  203. Routine Description:
  204. This is the initialization routine for the SMB mini redirector
  205. Arguments:
  206. DriverObject - Pointer to driver object created by the system.
  207. Return Value:
  208. RXSTATUS - The function value is the final status from the initialization
  209. operation.
  210. --*/
  211. {
  212. NTSTATUS Status;
  213. MRXSMB_INIT_STATES MRxSmbInitState = 0;
  214. UNICODE_STRING SmbMiniRedirectorName;
  215. PAGED_CODE();
  216. #ifdef MONOLITHIC_MINIRDR
  217. DbgPrint("InitWrapper\n");
  218. Status = RxDriverEntry(DriverObject, RegistryPath);
  219. DbgPrint("BackFromInitWrapper %p\n",Status);
  220. if (Status != STATUS_SUCCESS) {
  221. DbgPrint("Wrapper failed to initialize. Status = %08lx\n",Status);
  222. return(Status);
  223. }
  224. #endif
  225. NameCacheGFAInvalidate = 0;
  226. RtlZeroMemory(&MRxSmbStatistics,sizeof(MRxSmbStatistics));
  227. KeQuerySystemTime(&MRxSmbStatistics.StatisticsStartTime);
  228. RtlZeroMemory(&MrxSmbCeGlobalPadding,sizeof(MrxSmbCeGlobalPadding));
  229. MmInitializeMdl(&MrxSmbCeGlobalPadding.Mdl,&MrxSmbCeGlobalPadding.Pad[0],SMBCE_PADDING_DATA_SIZE);
  230. MmBuildMdlForNonPagedPool(&MrxSmbCeGlobalPadding.Mdl);
  231. ExInitializeFastMutex(&MRxSmbSerializationMutex);
  232. ExInitializeFastMutex(&MRxSmbReadWriteMutex);
  233. Status = MRxSmbInitializeTransport();
  234. if (Status != STATUS_SUCCESS) {
  235. RxDbgTrace( 0, (DEBUG_TRACE_ALWAYS), ("MRxSmbDriverEntry failed to init transport data structures: %08lx\n", Status ));
  236. return(STATUS_UNSUCCESSFUL);
  237. }
  238. MRxSmbReadMiscellaneousRegistryParameters();
  239. try {
  240. //
  241. // Initialize the discardable code functions before doing anything else.
  242. //
  243. RdrInitializeDiscardableCode();
  244. MRxSmbInitState = MRXSMBINIT_START;
  245. RtlInitUnicodeString(&SmbMiniRedirectorName,DD_NFS_DEVICE_NAME_U);
  246. RxDbgTrace( 0, (DEBUG_TRACE_ALWAYS), ("MRxSmbDriverEntry: DriverObject =%p\n", DriverObject ));
  247. Status = RxRegisterMinirdr(&MRxSmbDeviceObject,
  248. DriverObject,
  249. &MRxSmbDispatch,
  250. 0, //register with unc and for mailslots
  251. &SmbMiniRedirectorName,
  252. 0, //IN ULONG DeviceExtensionSize,
  253. FILE_DEVICE_NETWORK_FILE_SYSTEM, //IN DEVICE_TYPE DeviceType,
  254. FILE_REMOTE_DEVICE //IN ULONG DeviceCharacteristics
  255. );
  256. if (Status!=STATUS_SUCCESS) {
  257. RxDbgTrace( 0, (DEBUG_TRACE_ALWAYS), ("MRxSmbDriverEntry failed: %08lx\n", Status ));
  258. try_return(Status);
  259. }
  260. MRxSmbInitState = MRXSMBINIT_MINIRDR_REGISTERED;
  261. Status = MRxSmbInitializeCSC(&SmbMiniRedirectorName);
  262. if (!NT_SUCCESS( Status )) {
  263. try_return( Status );
  264. }
  265. MRxSmbInitState = MRXSMBINIT_INITIALIZED_FOR_CSC;
  266. // init the browser.....BUT DONT TRUST IT!!!!
  267. try {
  268. // Setup the browser
  269. Status = BowserDriverEntry(DriverObject, RegistryPath);
  270. } except(EXCEPTION_EXECUTE_HANDLER) {
  271. // We had some trouble trying to start up the browser.....sigh.
  272. Status = GetExceptionCode();
  273. DbgPrint("Browser didn't start....%08lx\n", Status);
  274. }
  275. if (!NT_SUCCESS( Status )) {
  276. try_return( Status );
  277. }
  278. MRxSmbInitState = MRXSMBINIT_STARTED_BROWSER;
  279. //for all this stuff, there's no undo.....so no extra state
  280. Status = MRxSmbInitializeTables();
  281. if (!NT_SUCCESS( Status )) {
  282. try_return(Status);
  283. }
  284. RtlInitUnicodeString(&SmbCeContext.ComputerName,NULL);
  285. RtlInitUnicodeString(&SmbCeContext.DomainName,NULL);
  286. RtlInitUnicodeString(&SmbCeContext.OperatingSystem, NULL);
  287. RtlInitUnicodeString(&SmbCeContext.LanmanType, NULL);
  288. RtlInitUnicodeString(&SmbCeContext.Transports, NULL);
  289. RtlInitUnicodeString(&SmbCeContext.ServersWithExtendedSessTimeout, NULL);
  290. RtlInitUnicodeString(&MRxSmbRemoteBootMachineName, NULL);
  291. RtlInitUnicodeString(&MRxSmbRemoteBootMachineDomain, NULL);
  292. RtlInitUnicodeString(&MRxSmbRemoteBootMachinePassword, NULL);
  293. SmbCeGetConfigurationInformation();
  294. SmbCeGetServersWithExtendedSessTimeout();
  295. try_exit: NOTHING;
  296. } finally {
  297. if (Status != STATUS_SUCCESS) {
  298. MRxSmbInitUnwind(DriverObject,MRxSmbInitState);
  299. }
  300. }
  301. if (Status != STATUS_SUCCESS) {
  302. DbgPrint("MRxSmb failed to start with %08lx %08lx\n",Status,MRxSmbInitState);
  303. return(Status);
  304. }
  305. // Do not setup Unload Routine. This prevents mrxsmb from being unloaded individually
  306. //setup the driverdispatch for people who come in here directly....like the browser
  307. //CODE.IMPROVEMENT we should change this code so that the things that aren't examined
  308. // in MRxSmbFsdDispatch are routed directly, i.e. reads and writes
  309. {ULONG i;
  310. for (i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; i++) {
  311. DriverObject->MajorFunction[i] = (PDRIVER_DISPATCH)MRxSmbFsdDispatch;
  312. }}
  313. Status = IoWMIRegistrationControl ((PDEVICE_OBJECT)MRxSmbDeviceObject, WMIREG_ACTION_REGISTER);
  314. if (Status != STATUS_SUCCESS) {
  315. DbgPrint("MRxSmb fails to register WMI %lx\n",Status);
  316. } else {
  317. EnableWmiLog = TRUE;
  318. }
  319. //and get out
  320. return STATUS_SUCCESS;
  321. }
  322. VOID
  323. MRxSmbPreUnload(
  324. VOID
  325. )
  326. /*++
  327. Routine Description:
  328. Arguments:
  329. Return Value:
  330. Notes:
  331. --*/
  332. {
  333. PDRIVER_OBJECT DriverObject = ((PDEVICE_OBJECT)MRxSmbDeviceObject)->DriverObject;
  334. PAGED_CODE();
  335. if (EnableWmiLog) {
  336. NTSTATUS Status;
  337. Status = IoWMIRegistrationControl ((PDEVICE_OBJECT)MRxSmbDeviceObject, WMIREG_ACTION_DEREGISTER);
  338. if (Status != STATUS_SUCCESS) {
  339. DbgPrint("MRxSmb fails to deregister WMI %lx\n",Status);
  340. }
  341. }
  342. //ASSERT(!"Starting to unload!");
  343. //RxUnregisterMinirdr(MRxSmbDeviceObject);
  344. MRxSmbInitUnwindSmb(DriverObject, MRXSMBINIT_ALL_INITIALIZATION_COMPLETED);
  345. // free the pool associated with the resource
  346. ExDeleteResource(&s_SmbCeDbResource);
  347. ExDeleteResource(&s_SmbSecuritySignatureResource);
  348. RxDbgTrace( 0, (DEBUG_TRACE_ALWAYS), ("MRxSmbPreUnload exit: DriverObject =%p\n", DriverObject) );
  349. }
  350. VOID
  351. MRxSmbInitUnwind(
  352. IN PDRIVER_OBJECT DriverObject,
  353. IN MRXSMB_INIT_STATES MRxSmbInitState
  354. )
  355. /*++
  356. Routine Description:
  357. This routine does the common uninit work for unwinding from a bad driver entry or for unloading.
  358. Arguments:
  359. RxInitState - tells how far we got into the intialization
  360. Return Value:
  361. None
  362. --*/
  363. {
  364. PAGED_CODE();
  365. MRxSmbInitUnwindSmb(DriverObject, MRxSmbInitState);
  366. MRxSmbInitUnwindBowser(DriverObject, MRxSmbInitState);
  367. }
  368. VOID
  369. MRxSmbInitUnwindSmb(
  370. IN PDRIVER_OBJECT DriverObject,
  371. IN MRXSMB_INIT_STATES MRxSmbInitState
  372. )
  373. /*++
  374. Routine Description:
  375. This routine does the common uninit work for SMB for unwinding from a bad driver entry or for unloading.
  376. Arguments:
  377. RxInitState - tells how far we got into the intialization
  378. Return Value:
  379. None
  380. --*/
  381. {
  382. PAGED_CODE();
  383. switch (MRxSmbInitState) {
  384. case MRXSMBINIT_ALL_INITIALIZATION_COMPLETED:
  385. //Nothing extra to do...this is just so that the constant in RxUnload doesn't change.......
  386. //lack of break intentional
  387. #ifdef MRXSMB_BUILD_FOR_CSC
  388. case MRXSMBINIT_INITIALIZED_FOR_CSC:
  389. MRxSmbUninitializeCSC();
  390. //lack of break intentional
  391. #endif
  392. case MRXSMBINIT_MINIRDR_REGISTERED:
  393. RxUnregisterMinirdr(MRxSmbDeviceObject);
  394. //lack of break intentional
  395. }
  396. }
  397. VOID
  398. MRxSmbInitUnwindBowser(
  399. IN PDRIVER_OBJECT DriverObject,
  400. IN MRXSMB_INIT_STATES MRxSmbInitState
  401. )
  402. /*++
  403. Routine Description:
  404. This routine does the common uninit work for bowser for unwinding from a bad driver entry or for unloading.
  405. Arguments:
  406. RxInitState - tells how far we got into the intialization
  407. Return Value:
  408. None
  409. --*/
  410. {
  411. switch (MRxSmbInitState) {
  412. case MRXSMBINIT_ALL_INITIALIZATION_COMPLETED:
  413. case MRXSMBINIT_STARTED_BROWSER:
  414. BowserUnload(DriverObject);
  415. case MRXSMBINIT_START:
  416. RdrUninitializeDiscardableCode();
  417. break;
  418. }
  419. }
  420. VOID
  421. MRxSmbUnload(
  422. IN PDRIVER_OBJECT DriverObject
  423. )
  424. /*++
  425. Routine Description:
  426. This is the unload routine for the SMB mini redirector.
  427. Arguments:
  428. DriverObject - pointer to the driver object for the MRxSmb
  429. Return Value:
  430. None
  431. --*/
  432. {
  433. PAGED_CODE();
  434. RxDbgTrace( 0, (DEBUG_TRACE_ALWAYS), ("MRxSmbUnload: DriverObject =%p\n", DriverObject) );
  435. MRxSmbInitUnwindBowser(DriverObject,MRXSMBINIT_ALL_INITIALIZATION_COMPLETED);
  436. }
  437. NTSTATUS
  438. MRxSmbInitializeTables(
  439. void
  440. )
  441. /*++
  442. Routine Description:
  443. This routine sets up the mini redirector dispatch vector and also calls to initialize any other tables needed.
  444. Return Value:
  445. RXSTATUS - The return status for the operation
  446. --*/
  447. {
  448. PAGED_CODE();
  449. // Ensure that the SMB mini redirector context satisfies the size constraints
  450. ASSERT(sizeof(MRXSMB_RX_CONTEXT) <= MRX_CONTEXT_SIZE);
  451. //local minirdr dispatch table init
  452. ZeroAndInitializeNodeType( &MRxSmbDispatch, RDBSS_NTC_MINIRDR_DISPATCH, sizeof(MINIRDR_DISPATCH));
  453. // SMB mini redirector extension sizes and allocation policies.
  454. // CODE.IMPROVEMENT -- currently we do not allocate the NET_ROOT and SRV_CALL extensions
  455. // in the wrapper. Except for V_NET_ROOT wherein it is shared across multiple instances in
  456. // the wrapper all the other data structure management should be left to the wrappers
  457. MRxSmbDispatch.MRxFlags = (RDBSS_MANAGE_FCB_EXTENSION |
  458. RDBSS_MANAGE_SRV_OPEN_EXTENSION |
  459. RDBSS_MANAGE_FOBX_EXTENSION);
  460. MRxSmbDispatch.MRxSrvCallSize = 0;
  461. MRxSmbDispatch.MRxNetRootSize = 0;
  462. MRxSmbDispatch.MRxVNetRootSize = 0;
  463. MRxSmbDispatch.MRxFcbSize = sizeof(MRX_SMB_FCB);
  464. MRxSmbDispatch.MRxSrvOpenSize = sizeof(MRX_SMB_SRV_OPEN);
  465. MRxSmbDispatch.MRxFobxSize = sizeof(MRX_SMB_FOBX);
  466. // Mini redirector cancel routine ..
  467. MRxSmbDispatch.MRxCancel = NULL;
  468. // Mini redirector Start/Stop
  469. MRxSmbDispatch.MRxStart = MRxSmbStart;
  470. MRxSmbDispatch.MRxStop = MRxSmbStop;
  471. MRxSmbDispatch.MRxDevFcbXXXControlFile = MRxSmbDevFcbXXXControlFile;
  472. // Mini redirector name resolution
  473. MRxSmbDispatch.MRxCreateSrvCall = MRxSmbCreateSrvCall;
  474. MRxSmbDispatch.MRxSrvCallWinnerNotify = MRxSmbSrvCallWinnerNotify;
  475. MRxSmbDispatch.MRxCreateVNetRoot = MRxSmbCreateVNetRoot;
  476. MRxSmbDispatch.MRxUpdateNetRootState = MRxSmbUpdateNetRootState;
  477. MRxSmbDispatch.MRxExtractNetRootName = MRxSmbExtractNetRootName;
  478. MRxSmbDispatch.MRxFinalizeSrvCall = MRxSmbFinalizeSrvCall;
  479. MRxSmbDispatch.MRxFinalizeNetRoot = MRxSmbFinalizeNetRoot;
  480. MRxSmbDispatch.MRxFinalizeVNetRoot = MRxSmbFinalizeVNetRoot;
  481. // File System Object Creation/Deletion.
  482. MRxSmbDispatch.MRxCreate = MRxSmbCreate;
  483. MRxSmbDispatch.MRxCollapseOpen = MRxSmbCollapseOpen;
  484. MRxSmbDispatch.MRxShouldTryToCollapseThisOpen = MRxSmbShouldTryToCollapseThisOpen;
  485. MRxSmbDispatch.MRxExtendForCache = MRxSmbExtendForCache;
  486. MRxSmbDispatch.MRxExtendForNonCache = MRxSmbExtendForNonCache;
  487. MRxSmbDispatch.MRxTruncate = MRxSmbTruncate;
  488. MRxSmbDispatch.MRxCleanupFobx = MRxSmbCleanupFobx;
  489. MRxSmbDispatch.MRxCloseSrvOpen = MRxSmbCloseSrvOpen;
  490. MRxSmbDispatch.MRxFlush = MRxSmbFlush;
  491. MRxSmbDispatch.MRxForceClosed = MRxSmbForcedClose;
  492. MRxSmbDispatch.MRxDeallocateForFcb = MRxSmbDeallocateForFcb;
  493. MRxSmbDispatch.MRxDeallocateForFobx = MRxSmbDeallocateForFobx;
  494. MRxSmbDispatch.MRxIsLockRealizable = MRxSmbIsLockRealizable;
  495. MRxSmbDispatch.MRxAreFilesAliased = MRxSmbAreFilesAliased;
  496. // File System Objects query/Set
  497. MRxSmbDispatch.MRxQueryDirectory = MRxSmbQueryDirectory;
  498. MRxSmbDispatch.MRxQueryVolumeInfo = MRxSmbQueryVolumeInformation;
  499. MRxSmbDispatch.MRxSetVolumeInfo = MRxSmbSetVolumeInformation;
  500. MRxSmbDispatch.MRxQueryEaInfo = MRxSmbQueryEaInformation;
  501. MRxSmbDispatch.MRxSetEaInfo = MRxSmbSetEaInformation;
  502. MRxSmbDispatch.MRxQuerySdInfo = MRxSmbQuerySecurityInformation;
  503. MRxSmbDispatch.MRxSetSdInfo = MRxSmbSetSecurityInformation;
  504. MRxSmbDispatch.MRxQueryQuotaInfo = MRxSmbQueryQuotaInformation;
  505. MRxSmbDispatch.MRxSetQuotaInfo = MRxSmbSetQuotaInformation;
  506. MRxSmbDispatch.MRxQueryFileInfo = MRxSmbQueryFileInformation;
  507. MRxSmbDispatch.MRxSetFileInfo = MRxSmbSetFileInformation;
  508. MRxSmbDispatch.MRxSetFileInfoAtCleanup
  509. = MRxSmbSetFileInformationAtCleanup;
  510. MRxSmbDispatch.MRxIsValidDirectory= MRxSmbIsValidDirectory;
  511. // Buffering state change
  512. MRxSmbDispatch.MRxComputeNewBufferingState = MRxSmbComputeNewBufferingState;
  513. // New MRX functions
  514. MRxSmbDispatch.MRxPreparseName = MRxSmbPreparseName;
  515. // File System Object I/O
  516. MRxSmbDispatch.MRxLowIOSubmit[LOWIO_OP_READ] = MRxSmbRead;
  517. MRxSmbDispatch.MRxLowIOSubmit[LOWIO_OP_WRITE] = MRxSmbWrite;
  518. MRxSmbDispatch.MRxLowIOSubmit[LOWIO_OP_SHAREDLOCK] = MRxSmbLocks;
  519. MRxSmbDispatch.MRxLowIOSubmit[LOWIO_OP_EXCLUSIVELOCK] = MRxSmbLocks;
  520. MRxSmbDispatch.MRxLowIOSubmit[LOWIO_OP_UNLOCK] = MRxSmbLocks;
  521. MRxSmbDispatch.MRxLowIOSubmit[LOWIO_OP_UNLOCK_MULTIPLE] = MRxSmbLocks;
  522. MRxSmbDispatch.MRxLowIOSubmit[LOWIO_OP_FSCTL] = MRxSmbFsCtl;
  523. MRxSmbDispatch.MRxLowIOSubmit[LOWIO_OP_IOCTL] = MRxSmbIoCtl;
  524. //CODE.IMPROVEMENT shouldn't flush come thru lowio???
  525. MRxSmbDispatch.MRxLowIOSubmit[LOWIO_OP_NOTIFY_CHANGE_DIRECTORY] = MRxSmbNotifyChangeDirectory;
  526. //no longer a field MRxSmbDispatch.MRxUnlockRoutine = MRxSmbUnlockRoutine;
  527. // Miscellanous
  528. MRxSmbDispatch.MRxCompleteBufferingStateChangeRequest = MRxSmbCompleteBufferingStateChangeRequest;
  529. MRxSmbDispatch.MRxGetConnectionId = MRxSmbGetConnectionId;
  530. // initialize the paging file list
  531. InitializeListHead(&MRxSmbPagingFilesSrvOpenList);
  532. // The list contains the exchanges waiting on pre-allcate buffer in case of Security
  533. // Signature checking is actived and no more buffer can be allocated
  534. InitializeListHead(&ExchangesWaitingForServerResponseBuffer);
  535. NumOfBuffersForServerResponseInUse = 0;
  536. // initialize the mutex which protect the file info cache expire timer
  537. ExInitializeFastMutex(&MRxSmbFileInfoCacheLock);
  538. //
  539. // now callout to initialize other tables
  540. SmbPseInitializeTables();
  541. return(STATUS_SUCCESS);
  542. }
  543. BOOLEAN AlreadyStarted = FALSE;
  544. NTSTATUS
  545. MRxSmbStart(
  546. PRX_CONTEXT RxContext,
  547. IN OUT PRDBSS_DEVICE_OBJECT RxDeviceObject
  548. )
  549. /*++
  550. Routine Description:
  551. This routine completes the initialization of the mini redirector fromn the
  552. RDBSS perspective. Note that this is different from the initialization done
  553. in DriverEntry. Any initialization that depends on RDBSS should be done as
  554. part of this routine while the initialization that is independent of RDBSS
  555. should be done in the DriverEntry routine.
  556. Arguments:
  557. RxContext - Supplies the Irp that was used to startup the rdbss
  558. Return Value:
  559. RXSTATUS - The return status for the operation
  560. --*/
  561. {
  562. NTSTATUS Status;
  563. MRXSMB_STATE CurrentState;
  564. PAGED_CODE();
  565. //
  566. // If this is a normal start (from the workstation service), change state from
  567. // START_IN_PROGRESS to STARTED. If this is a remote boot start (from ioinit),
  568. // don't change state. This is necessary to allow the workstation service to
  569. // initialize correctly when it finally comes up.
  570. //
  571. if (RxContext->LowIoContext.ParamsFor.FsCtl.FsControlCode == FSCTL_LMR_START) {
  572. CurrentState = (MRXSMB_STATE)
  573. InterlockedCompareExchange(
  574. (PLONG)&MRxSmbState,
  575. MRXSMB_STARTED,
  576. MRXSMB_START_IN_PROGRESS);
  577. } else {
  578. CurrentState = MRXSMB_START_IN_PROGRESS;
  579. }
  580. if (CurrentState == MRXSMB_START_IN_PROGRESS) {
  581. MRxSmbPoRegistrationState = PoRegisterSystemState(
  582. NULL,0);
  583. // Initialize the SMB connection engine data structures
  584. Status = SmbCeDbInit();
  585. if (NT_SUCCESS(Status)) {
  586. //
  587. // If this is a normal start, initialize the security related data
  588. // structures. If this is a remote boot start, we can't initialize
  589. // security yet because user mode hasn't started yet.
  590. //
  591. if (RxContext->LowIoContext.ParamsFor.FsCtl.FsControlCode == FSCTL_LMR_START) {
  592. Status = MRxSmbInitializeSecurity();
  593. }
  594. if (NT_SUCCESS(Status)) {
  595. Status = SmbMrxInitializeStufferFacilities();
  596. } else {
  597. RxLogFailure (
  598. MRxSmbDeviceObject,
  599. NULL,
  600. EVENT_RDR_UNEXPECTED_ERROR,
  601. Status);
  602. }
  603. if (NT_SUCCESS(Status)) {
  604. Status = MRxSmbInitializeRecurrentServices();
  605. } else {
  606. RxLogFailure (
  607. MRxSmbDeviceObject,
  608. NULL,
  609. EVENT_RDR_UNEXPECTED_ERROR,
  610. Status);
  611. }
  612. if (Status == STATUS_SUCCESS) {
  613. if (Status != STATUS_SUCCESS) {
  614. RxLogFailure (
  615. MRxSmbDeviceObject,
  616. NULL,
  617. EVENT_RDR_UNEXPECTED_ERROR,
  618. Status);
  619. }
  620. } else {
  621. RxLogFailure (
  622. MRxSmbDeviceObject,
  623. NULL,
  624. EVENT_RDR_UNEXPECTED_ERROR,
  625. Status);
  626. }
  627. Status = SeRegisterLogonSessionTerminatedRoutine(
  628. (PSE_LOGON_SESSION_TERMINATED_ROUTINE)
  629. MRxSmbLogonSessionTerminationHandler);
  630. }
  631. } else if (MRxSmbState == MRXSMB_STARTED) {
  632. Status = STATUS_REDIRECTOR_STARTED;
  633. } else {
  634. Status = STATUS_UNSUCCESSFUL;
  635. }
  636. return Status;
  637. }
  638. NTSTATUS
  639. MRxSmbStop(
  640. PRX_CONTEXT RxContext,
  641. IN OUT PRDBSS_DEVICE_OBJECT RxDeviceObject
  642. )
  643. /*++
  644. Routine Description:
  645. This routine is used to activate the mini redirector from the RDBSS perspective
  646. Arguments:
  647. RxContext - the context that was used to start the mini redirector
  648. pContext - the SMB mini rdr context passed in at registration time.
  649. Return Value:
  650. RXSTATUS - The return status for the operation
  651. --*/
  652. {
  653. NTSTATUS Status;
  654. PAGED_CODE();
  655. PoUnregisterSystemState(
  656. MRxSmbPoRegistrationState);
  657. Status = MRxSmbUninitializeSecurity();
  658. if (NT_SUCCESS(Status)) {
  659. Status = SmbMrxFinalizeStufferFacilities();
  660. }
  661. ASSERT(NT_SUCCESS(Status));
  662. SeUnregisterLogonSessionTerminatedRoutine(
  663. (PSE_LOGON_SESSION_TERMINATED_ROUTINE)
  664. MRxSmbLogonSessionTerminationHandler);
  665. // tear down the recurrent services
  666. MRxSmbTearDownRecurrentServices();
  667. // Tear down the connection engine database
  668. SmbCeDbTearDown();
  669. // Tear down the registration for notifications
  670. MRxSmbDeregisterForPnpNotifications();
  671. // Wait for all the work items to be processed
  672. RxSpinDownMRxDispatcher(MRxSmbDeviceObject);
  673. // Deallocate the configuration strings ....
  674. if (SmbCeContext.ComputerName.Buffer != NULL) {
  675. RxFreePool(SmbCeContext.ComputerName.Buffer);
  676. SmbCeContext.ComputerName.Buffer = NULL;
  677. }
  678. if (SmbCeContext.OperatingSystem.Buffer != NULL) {
  679. RxFreePool(SmbCeContext.OperatingSystem.Buffer);
  680. SmbCeContext.OperatingSystem.Buffer = NULL;
  681. }
  682. if (SmbCeContext.LanmanType.Buffer != NULL) {
  683. RxFreePool(SmbCeContext.LanmanType.Buffer);
  684. SmbCeContext.LanmanType.Buffer = NULL;
  685. }
  686. if (SmbCeContext.DomainName.Buffer != NULL) {
  687. RxFreePool(SmbCeContext.DomainName.Buffer);
  688. SmbCeContext.DomainName.Buffer = NULL;
  689. }
  690. if (SmbCeContext.Transports.Buffer != NULL) {
  691. // the transports buffer is at the end of a larger buffer (by 12 bytes)
  692. // allocated to read the value from the registry. recover the original buffer
  693. // pointer in orer to free.
  694. PKEY_VALUE_PARTIAL_INFORMATION TransportsValueFromRegistry;
  695. TransportsValueFromRegistry = CONTAINING_RECORD(
  696. SmbCeContext.Transports.Buffer,
  697. KEY_VALUE_PARTIAL_INFORMATION,
  698. Data[0]
  699. );
  700. //DbgPrint("b1 %08lx b2 %08lx\n", TransportsValueFromRegistry,SmbCeContext.Transports.Buffer);
  701. RxFreePool(TransportsValueFromRegistry);
  702. SmbCeContext.Transports.Buffer = NULL;
  703. SmbCeContext.Transports.Length = 0;
  704. SmbCeContext.Transports.MaximumLength = 0;
  705. }
  706. if (SmbCeContext.ServersWithExtendedSessTimeout.Buffer != NULL) {
  707. // the transports buffer is at the end of a larger buffer (by 12 bytes)
  708. // allocated to read the value from the registry. recover the original buffer
  709. // pointer in orer to free.
  710. PKEY_VALUE_PARTIAL_INFORMATION ServersValueFromRegistry;
  711. ServersValueFromRegistry = CONTAINING_RECORD(
  712. SmbCeContext.ServersWithExtendedSessTimeout.Buffer,
  713. KEY_VALUE_PARTIAL_INFORMATION,
  714. Data[0]
  715. );
  716. //DbgPrint("b1 %08lx b2 %08lx\n", TransportsValueFromRegistry,SmbCeContext.Transports.Buffer);
  717. RxFreePool(ServersValueFromRegistry);
  718. SmbCeContext.ServersWithExtendedSessTimeout.Buffer = NULL;
  719. SmbCeContext.ServersWithExtendedSessTimeout.Length = 0;
  720. SmbCeContext.ServersWithExtendedSessTimeout.MaximumLength = 0;
  721. }
  722. RtlFreeUnicodeString(&MRxSmbRemoteBootMachineName);
  723. RtlFreeUnicodeString(&MRxSmbRemoteBootMachineDomain);
  724. RtlFreeUnicodeString(&MRxSmbRemoteBootMachinePassword);
  725. // MRxSmbUninitializeCSC();
  726. if (s_pNegotiateSmb != NULL) {
  727. RxFreePool(s_pNegotiateSmb - TRANSPORT_HEADER_SIZE);
  728. s_pNegotiateSmb = NULL;
  729. }
  730. if (s_pNegotiateSmbRemoteBoot != NULL) {
  731. RxFreePool(s_pNegotiateSmbRemoteBoot - TRANSPORT_HEADER_SIZE);
  732. s_pNegotiateSmbRemoteBoot = NULL;
  733. }
  734. return(STATUS_SUCCESS);
  735. }
  736. NTSTATUS
  737. MRxSmbInitializeSecurity (VOID)
  738. /*++
  739. Routine Description:
  740. This routine initializes the SMB miniredirector security .
  741. Arguments:
  742. None.
  743. Return Value:
  744. None.
  745. Note:
  746. This API can only be called from a FS process.
  747. --*/
  748. {
  749. NTSTATUS Status = STATUS_SUCCESS;
  750. PAGED_CODE();
  751. #ifndef WIN9X
  752. // DbgBreakPoint();
  753. if (MRxSmbSecurityInitialized)
  754. return STATUS_SUCCESS;
  755. if ( NULL == InitSecurityInterfaceW() ) {
  756. ASSERT(FALSE);
  757. Status = STATUS_INVALID_PARAMETER;
  758. } else {
  759. MRxSmbSecurityInitialized = TRUE;
  760. Status = STATUS_SUCCESS;
  761. }
  762. #endif
  763. ASSERT(IoGetCurrentProcess() == RxGetRDBSSProcess());
  764. return Status;
  765. }
  766. NTSTATUS
  767. MRxSmbUninitializeSecurity(VOID)
  768. /*++
  769. Routine Description:
  770. Arguments:
  771. None.
  772. Return Value:
  773. None.
  774. Note:
  775. This API can only be called from a FS process.
  776. --*/
  777. {
  778. NTSTATUS Status = STATUS_SUCCESS;
  779. PAGED_CODE();
  780. return Status;
  781. }
  782. //
  783. // Remote boot needs to use the ComputerName value, not ActiveComputerName, because
  784. // ActiveComputerName is volatile and is set relatively late in system initialization.
  785. //
  786. #define SMBMRX_CONFIG_COMPUTER_NAME \
  787. L"\\Registry\\Machine\\System\\CurrentControlSet\\Control\\ComputerName\\ActiveComputerName"
  788. #define SMBMRX_CONFIG_COMPUTER_NAME_NONVOLATILE \
  789. L"\\Registry\\Machine\\System\\CurrentControlSet\\Control\\ComputerName\\ComputerName"
  790. #define COMPUTERNAME L"ComputerName"
  791. #define SMBMRX_CONFIG_TRANSPORTS \
  792. L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\LanmanWorkStation\\Linkage"
  793. #define TRANSPORT_BINDINGS L"Bind"
  794. #define SMB_SERVER_PARAMETERS \
  795. L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\LanManServer\\Parameters"
  796. BOOL
  797. IsTerminalServicesServer()
  798. /*++
  799. Routine Description:
  800. This routine determines whether this is a TS machine, and that we should enable
  801. the per-user connectivity for multiplexing
  802. Arguments:
  803. None
  804. Return Value:
  805. TRUE for machines that are SERVER or better, and are running non-single-user TS.
  806. FALSE for all others.
  807. --*/
  808. {
  809. RTL_OSVERSIONINFOEXW Osvi;
  810. DWORD TypeMask;
  811. DWORDLONG ConditionMask;
  812. // First make sure that its a TS machine
  813. memset(&Osvi, 0, sizeof(OSVERSIONINFOEX));
  814. Osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEX);
  815. Osvi.wSuiteMask = VER_SUITE_TERMINAL;
  816. TypeMask = VER_SUITENAME;
  817. ConditionMask = 0;
  818. VER_SET_CONDITION(ConditionMask, VER_SUITENAME, VER_AND);
  819. if( NT_SUCCESS(RtlVerifyVersionInfo(&Osvi, TypeMask, ConditionMask)) )
  820. {
  821. // Now make sure this isn't single-user TS
  822. Osvi.wSuiteMask = VER_SUITE_SINGLEUSERTS;
  823. TypeMask = VER_SUITENAME;
  824. ConditionMask = 0;
  825. VER_SET_CONDITION(ConditionMask, VER_SUITENAME, VER_AND);
  826. return !NT_SUCCESS(RtlVerifyVersionInfo(&Osvi, TypeMask, ConditionMask));
  827. }
  828. else
  829. {
  830. return FALSE;
  831. }
  832. }
  833. VOID
  834. MRxSmbReadMiscellaneousRegistryParameters()
  835. {
  836. NTSTATUS Status;
  837. OBJECT_ATTRIBUTES ObjectAttributes;
  838. UNICODE_STRING UnicodeString;
  839. UNICODE_STRING WorkStationParametersRegistryKeyName;
  840. HANDLE ParametersHandle;
  841. ULONG Temp;
  842. KEY_VALUE_PARTIAL_INFORMATION InitialPartialInformationValue;
  843. #if defined(REMOTE_BOOT)
  844. PKEY_VALUE_PARTIAL_INFORMATION RbrListFromRegistry;
  845. ULONG AllocationLength;
  846. PWCHAR RbrList;
  847. PWCHAR redirectionEntry;
  848. UNICODE_STRING prefix;
  849. PRBR_PREFIX prefixEntry;
  850. ULONG prefixEntryLength;
  851. PWCHAR DefaultRbrList =
  852. L"L\\pagefile.sys\0"
  853. L"L\\temp\0"
  854. L"L\\tmp\0"
  855. L"R\\\0"
  856. ;
  857. #endif // defined(REMOTE_BOOT)
  858. PAGED_CODE();
  859. RtlInitUnicodeString(&UnicodeString, SMBMRX_MINIRDR_PARAMETERS);
  860. InitializeObjectAttributes(
  861. &ObjectAttributes,
  862. &UnicodeString,
  863. OBJ_CASE_INSENSITIVE,
  864. NULL,
  865. NULL
  866. );
  867. Status = ZwOpenKey (&ParametersHandle, KEY_READ, &ObjectAttributes);
  868. if (NT_SUCCESS(Status)) {
  869. if (0) {
  870. MRxSmbGetUlongRegistryParameter(
  871. ParametersHandle,
  872. L"NoPreciousServerSetup",
  873. (PULONG)&Temp,
  874. FALSE
  875. );
  876. }
  877. Status = MRxSmbGetUlongRegistryParameter(
  878. ParametersHandle,
  879. L"DeferredOpensEnabled",
  880. (PULONG)&Temp,
  881. FALSE );
  882. if (NT_SUCCESS(Status))
  883. MRxSmbDeferredOpensEnabled = (BOOLEAN)Temp;
  884. Status = MRxSmbGetUlongRegistryParameter(
  885. ParametersHandle,
  886. L"OplocksDisabled",
  887. (PULONG)&Temp,
  888. FALSE );
  889. if (NT_SUCCESS(Status))
  890. MRxSmbOplocksDisabled = (BOOLEAN)Temp;
  891. MRxSmbIsCscEnabled = TRUE;
  892. //this should be a macro......
  893. Status = MRxSmbGetUlongRegistryParameter(
  894. ParametersHandle,
  895. L"CscEnabled",
  896. (PULONG)&Temp,
  897. FALSE );
  898. if (NT_SUCCESS(Status)) {
  899. MRxSmbIsCscEnabled = (BOOLEAN)Temp;
  900. }
  901. //this would be the end of the macro.......
  902. if (MRxSmbIsCscEnabled) {
  903. //this should be a macro......
  904. Status = MRxSmbGetUlongRegistryParameter(
  905. ParametersHandle,
  906. L"CscEnabledDCON",
  907. (PULONG)&Temp,
  908. FALSE );
  909. if (NT_SUCCESS(Status))
  910. MRxSmbIsCscEnabledForDisconnected = (BOOLEAN)Temp;
  911. //this would be the end of the macro.......
  912. Status = MRxSmbGetUlongRegistryParameter(
  913. ParametersHandle,
  914. L"CscEnableTransitionByDefault",
  915. (PULONG)&Temp,
  916. FALSE );
  917. if (NT_SUCCESS(Status))
  918. MRxSmbCscTransitionEnabledByDefault = (BOOLEAN)Temp;
  919. Status = MRxSmbGetUlongRegistryParameter(
  920. ParametersHandle,
  921. L"CscEnableAutoDial",
  922. (PULONG)&Temp,
  923. FALSE );
  924. if (NT_SUCCESS(Status))
  925. MRxSmbCscAutoDialEnabled = (BOOLEAN)Temp;
  926. } else {
  927. MRxSmbIsCscEnabledForDisconnected = FALSE;
  928. }
  929. Status = MRxSmbGetUlongRegistryParameter(
  930. ParametersHandle,
  931. L"EnableCompression",
  932. (PULONG)&Temp,
  933. FALSE);
  934. if (NT_SUCCESS(Status) &&
  935. (Temp != 0)) {
  936. MRxSmbEnableCompression = TRUE;
  937. }
  938. Status = MRxSmbGetUlongRegistryParameter(
  939. ParametersHandle,
  940. L"IgnoreBindingOrder",
  941. (PULONG)&Temp,
  942. FALSE);
  943. if (NT_SUCCESS(Status)) {
  944. MRxSmbObeyBindingOrder = !((BOOLEAN)Temp);
  945. }
  946. #if defined(REMOTE_BOOT)
  947. RbrList = DefaultRbrList;
  948. RtlInitUnicodeString(&UnicodeString, L"RemoteBootRedirectionList");
  949. Status = ZwQueryValueKey(
  950. ParametersHandle,
  951. &UnicodeString,
  952. KeyValuePartialInformation,
  953. &InitialPartialInformationValue,
  954. sizeof(InitialPartialInformationValue),
  955. &Temp);
  956. if (Status== STATUS_BUFFER_OVERFLOW) {
  957. Status = STATUS_SUCCESS;
  958. }
  959. if (NT_SUCCESS(Status)) {
  960. AllocationLength = sizeof(KEY_VALUE_PARTIAL_INFORMATION)
  961. + InitialPartialInformationValue.DataLength;
  962. RbrListFromRegistry = RxAllocatePoolWithTag(
  963. PagedPool,
  964. AllocationLength,
  965. MRXSMB_MISC_POOLTAG);
  966. if (RbrListFromRegistry != NULL) {
  967. Status = ZwQueryValueKey(
  968. ParametersHandle,
  969. &UnicodeString,
  970. KeyValuePartialInformation,
  971. RbrListFromRegistry,
  972. AllocationLength,
  973. &Temp);
  974. if (NT_SUCCESS(Status) &&
  975. (RbrListFromRegistry->DataLength > 0) &&
  976. (RbrListFromRegistry->Type == REG_MULTI_SZ)) {
  977. RbrList = (PWCHAR)(&RbrListFromRegistry->Data[0]);
  978. }
  979. }
  980. }
  981. RtlInitializeUnicodePrefix( &MRxSmbRemoteBootRedirectionTable );
  982. for ( redirectionEntry = RbrList; *redirectionEntry != 0; ) {
  983. BOOLEAN redirect;
  984. if ( *redirectionEntry == L'L' ) {
  985. redirect = TRUE;
  986. redirectionEntry++;
  987. } else if ( *redirectionEntry == L'R' ) {
  988. redirect = FALSE;
  989. redirectionEntry++;
  990. } else {
  991. redirect = TRUE;
  992. }
  993. RtlInitUnicodeString( &prefix, redirectionEntry );
  994. redirectionEntry = (PWCHAR)((PCHAR)redirectionEntry + prefix.MaximumLength);
  995. prefixEntryLength = sizeof(RBR_PREFIX) + prefix.MaximumLength;
  996. prefixEntry = RxAllocatePoolWithTag(
  997. PagedPool,
  998. prefixEntryLength,
  999. MRXSMB_MISC_POOLTAG
  1000. );
  1001. if ( prefixEntry != NULL ) {
  1002. prefixEntry->Redirect = redirect;
  1003. prefixEntry->Prefix.Buffer = (PWCH)(prefixEntry + 1);
  1004. prefixEntry->Prefix.MaximumLength = prefix.Length + sizeof(WCHAR);
  1005. RtlCopyUnicodeString( &prefixEntry->Prefix, &prefix );
  1006. if ( !RtlInsertUnicodePrefix(
  1007. &MRxSmbRemoteBootRedirectionTable,
  1008. &prefixEntry->Prefix,
  1009. &prefixEntry->TableEntry
  1010. ) ) {
  1011. //
  1012. // The prefix is already in the table. Ignore the duplicate.
  1013. //
  1014. RxFreePool( prefixEntry );
  1015. }
  1016. }
  1017. }
  1018. #endif // defined(REMOTE_BOOT)
  1019. ZwClose(ParametersHandle);
  1020. }
  1021. // For server terminal services machines, we multiplex based on LUID.
  1022. if( IsTerminalServicesServer() && !MRxSmbIsCscEnabled )
  1023. {
  1024. MRxSmbConnectionIdLevel = 2;
  1025. }
  1026. RtlInitUnicodeString(&WorkStationParametersRegistryKeyName, SMBMRX_WORKSTATION_PARAMETERS);
  1027. InitializeObjectAttributes(
  1028. &ObjectAttributes,
  1029. &WorkStationParametersRegistryKeyName,
  1030. OBJ_CASE_INSENSITIVE,
  1031. NULL,
  1032. NULL
  1033. );
  1034. Status = ZwOpenKey(&ParametersHandle, KEY_READ, &ObjectAttributes);
  1035. if (NT_SUCCESS(Status)) {
  1036. Status = MRxSmbGetUlongRegistryParameter(
  1037. ParametersHandle,
  1038. L"RequireSecuritySignature",
  1039. (PULONG)&Temp,
  1040. FALSE);
  1041. if (NT_SUCCESS(Status) && (Temp != 0)) {
  1042. MRxSmbSecuritySignaturesEnabled = TRUE;
  1043. MRxSmbSecuritySignaturesRequired = TRUE;
  1044. } else {
  1045. Status = MRxSmbGetUlongRegistryParameter(
  1046. ParametersHandle,
  1047. L"EnableSecuritySignature",
  1048. (PULONG)&Temp,
  1049. FALSE);
  1050. if( NT_SUCCESS(Status) )
  1051. {
  1052. if( Temp != 0 )
  1053. {
  1054. MRxSmbSecuritySignaturesEnabled = TRUE;
  1055. }
  1056. else
  1057. {
  1058. MRxSmbSecuritySignaturesEnabled = FALSE;
  1059. }
  1060. }
  1061. }
  1062. Status = MRxSmbGetUlongRegistryParameter(
  1063. ParametersHandle,
  1064. L"EnablePlainTextPassword",
  1065. (PULONG)&Temp,
  1066. FALSE );
  1067. if (NT_SUCCESS(Status))
  1068. EnablePlainTextPassword = (BOOLEAN)Temp;
  1069. Status = MRxSmbGetUlongRegistryParameter(
  1070. ParametersHandle,
  1071. L"OffLineFileTimeoutIntervalInSeconds",
  1072. (PULONG)&Temp,
  1073. FALSE );
  1074. if (NT_SUCCESS(Status))
  1075. OffLineFileTimeoutInterval = (ULONG)Temp;
  1076. Status = MRxSmbGetUlongRegistryParameter(
  1077. ParametersHandle,
  1078. L"ExtendedSessTimeout",
  1079. (PULONG)&Temp,
  1080. FALSE );
  1081. if (NT_SUCCESS(Status))
  1082. ExtendedSessTimeoutInterval = (ULONG)Temp;
  1083. Status = MRxSmbGetUlongRegistryParameter(
  1084. ParametersHandle,
  1085. L"MaxNumOfExchangesForPipelineReadWrite",
  1086. (PULONG)&Temp,
  1087. FALSE );
  1088. if (NT_SUCCESS(Status))
  1089. MaxNumOfExchangesForPipelineReadWrite = (ULONG)Temp;
  1090. Status = MRxSmbGetUlongRegistryParameter(
  1091. ParametersHandle,
  1092. L"Win9xSessionRestriction",
  1093. (PULONG)&Temp,
  1094. FALSE );
  1095. if (NT_SUCCESS(Status))
  1096. Win9xSessionRestriction = (BOOLEAN)Temp;
  1097. Status = MRxSmbGetUlongRegistryParameter(
  1098. ParametersHandle,
  1099. L"EnableCachingOnWriteOnlyOpens",
  1100. (PULONG)&Temp,
  1101. FALSE );
  1102. if (NT_SUCCESS(Status))
  1103. MRxSmbEnableCachingOnWriteOnlyOpens = (BOOLEAN)Temp;
  1104. Status = MRxSmbGetUlongRegistryParameter(
  1105. ParametersHandle,
  1106. L"DisableByteRangeLockingOnReadOnlyFiles",
  1107. (PULONG)&Temp,
  1108. FALSE );
  1109. if (NT_SUCCESS(Status))
  1110. DisableByteRangeLockingOnReadOnlyFiles = (BOOLEAN)Temp;
  1111. Status = MRxSmbGetUlongRegistryParameter(
  1112. ParametersHandle,
  1113. L"UniqueFileNames",
  1114. (PULONG)&Temp,
  1115. FALSE );
  1116. if (NT_SUCCESS(Status))
  1117. UniqueFileNames = (BOOLEAN)Temp;
  1118. //
  1119. // Modified LOGOFF behavior for downlevel servers.
  1120. //
  1121. MRxSmbEnableDownLevelLogOff = FALSE;
  1122. Status = MRxSmbGetUlongRegistryParameter(
  1123. ParametersHandle,
  1124. L"EnableDownLevelLogOff",
  1125. (PULONG)&Temp,
  1126. FALSE);
  1127. if ( NT_SUCCESS( Status ) ) {
  1128. if( Temp != 0 )
  1129. {
  1130. MRxSmbEnableDownLevelLogOff = TRUE;
  1131. }
  1132. }
  1133. ZwClose(ParametersHandle);
  1134. }
  1135. // Detect if system setup in progress
  1136. RtlInitUnicodeString(&WorkStationParametersRegistryKeyName, SYSTEM_SETUP_PARAMETERS);
  1137. InitializeObjectAttributes(
  1138. &ObjectAttributes,
  1139. &WorkStationParametersRegistryKeyName,
  1140. OBJ_CASE_INSENSITIVE,
  1141. NULL,
  1142. NULL
  1143. );
  1144. Status = ZwOpenKey(&ParametersHandle, KEY_READ, &ObjectAttributes);
  1145. if (NT_SUCCESS(Status)) {
  1146. Status = MRxSmbGetUlongRegistryParameter(
  1147. ParametersHandle,
  1148. L"SystemSetupInProgress",
  1149. (PULONG)&Temp,
  1150. FALSE );
  1151. if (NT_SUCCESS(Status))
  1152. SetupInProgress = (BOOLEAN)Temp;
  1153. ZwClose(ParametersHandle);
  1154. }
  1155. // initialize event log parameter so that it can translate dos error into text description
  1156. RtlInitUnicodeString(&WorkStationParametersRegistryKeyName, EVENTLOG_MRXSMB_PARAMETERS);
  1157. InitializeObjectAttributes(
  1158. &ObjectAttributes,
  1159. &WorkStationParametersRegistryKeyName,
  1160. OBJ_CASE_INSENSITIVE,
  1161. NULL,
  1162. NULL
  1163. );
  1164. Status = ZwOpenKey(&ParametersHandle, KEY_READ, &ObjectAttributes);
  1165. if (NT_SUCCESS(Status)) {
  1166. ULONG Storage[16];
  1167. PKEY_VALUE_PARTIAL_INFORMATION Value;
  1168. ULONG ValueSize;
  1169. NTSTATUS Status;
  1170. ULONG BytesRead;
  1171. RtlInitUnicodeString(&UnicodeString, L"ParameterMessageFile");
  1172. Value = (PKEY_VALUE_PARTIAL_INFORMATION)Storage;
  1173. ValueSize = sizeof(Storage);
  1174. Status = ZwQueryValueKey(
  1175. ParametersHandle,
  1176. &UnicodeString,
  1177. KeyValuePartialInformation,
  1178. Value,
  1179. ValueSize,
  1180. &BytesRead);
  1181. if (Status != STATUS_SUCCESS || Value->Type != REG_EXPAND_SZ) {
  1182. UNICODE_STRING UnicodeString1;
  1183. RtlInitUnicodeString(&UnicodeString1, L"%SystemRoot%\\System32\\kernel32.dll");
  1184. Status = ZwSetValueKey(
  1185. ParametersHandle,
  1186. &UnicodeString,
  1187. 0,
  1188. REG_EXPAND_SZ,
  1189. UnicodeString1.Buffer,
  1190. UnicodeString1.Length+sizeof(NULL));
  1191. }
  1192. ZwClose(ParametersHandle);
  1193. }
  1194. //
  1195. // Get Server GUID for Loopback Detection
  1196. // Server Restart updates cached GUID ????
  1197. //
  1198. RtlInitUnicodeString( &UnicodeString, SMB_SERVER_PARAMETERS );
  1199. InitializeObjectAttributes(
  1200. &ObjectAttributes,
  1201. &UnicodeString,
  1202. OBJ_CASE_INSENSITIVE,
  1203. NULL,
  1204. NULL
  1205. );
  1206. Status = ZwOpenKey( &ParametersHandle, KEY_READ, &ObjectAttributes );
  1207. if( NT_SUCCESS( Status ) ) {
  1208. ULONG BytesRead;
  1209. ULONG regValue[ sizeof( KEY_VALUE_PARTIAL_INFORMATION ) + sizeof( GUID ) ];
  1210. ULONG regValueSize = sizeof( regValue );
  1211. RtlInitUnicodeString( &UnicodeString, L"Guid" );
  1212. Status = ZwQueryValueKey( ParametersHandle,
  1213. &UnicodeString,
  1214. KeyValuePartialInformation,
  1215. (PKEY_VALUE_PARTIAL_INFORMATION)&regValue,
  1216. regValueSize,
  1217. &BytesRead
  1218. );
  1219. RtlCopyMemory(&CachedServerGuid,
  1220. ((PKEY_VALUE_PARTIAL_INFORMATION)&regValue)->Data,
  1221. sizeof(GUID));
  1222. ZwClose(ParametersHandle);
  1223. }
  1224. }
  1225. NTSTATUS
  1226. SmbCeGetConfigurationInformation()
  1227. {
  1228. ULONG Storage[256];
  1229. UNICODE_STRING UnicodeString;
  1230. HANDLE hRegistryKey;
  1231. NTSTATUS Status;
  1232. ULONG BytesRead;
  1233. OBJECT_ATTRIBUTES ObjectAttributes;
  1234. PKEY_VALUE_FULL_INFORMATION Value = (PKEY_VALUE_FULL_INFORMATION)Storage;
  1235. KEY_VALUE_PARTIAL_INFORMATION InitialPartialInformationValue;
  1236. ULONG AllocationLength;
  1237. PKEY_VALUE_PARTIAL_INFORMATION TransportsValueFromRegistry;
  1238. PAGED_CODE();
  1239. IF_NOT_MRXSMB_CSC_ENABLED {
  1240. MRxSmbReadMiscellaneousRegistryParameters();
  1241. }
  1242. // Obtain the list of transports associated with SMB redirector. This is stored
  1243. // as a multivalued string and is used subsequently to weed out the
  1244. // appropriate transports. This is a two step process; first we try to find out
  1245. // how much space we need; then we allocate; then we read in. unfortunately, the kind of
  1246. // structure that we have to use to get the value has a header on it, so we have to offset the
  1247. // returned pointer both here and in the free routine.
  1248. //CODE.IMPROVEMENT we should perhaps get a subroutine going that does all this
  1249. //also, there are no log entries.
  1250. //also, we should be doing partial_infos instead of full
  1251. RtlInitUnicodeString(&UnicodeString, SMBMRX_CONFIG_TRANSPORTS);
  1252. InitializeObjectAttributes(
  1253. &ObjectAttributes,
  1254. &UnicodeString, // name
  1255. OBJ_CASE_INSENSITIVE, // attributes
  1256. NULL, // root
  1257. NULL); // security descriptor
  1258. Status = ZwOpenKey (&hRegistryKey, KEY_READ, &ObjectAttributes);
  1259. if (!NT_SUCCESS(Status)) {
  1260. return Status;
  1261. }
  1262. RtlInitUnicodeString(&UnicodeString, TRANSPORT_BINDINGS);
  1263. Status = ZwQueryValueKey(
  1264. hRegistryKey,
  1265. &UnicodeString,
  1266. KeyValuePartialInformation,
  1267. &InitialPartialInformationValue,
  1268. sizeof(InitialPartialInformationValue),
  1269. &BytesRead);
  1270. if (Status== STATUS_BUFFER_OVERFLOW) {
  1271. Status = STATUS_SUCCESS;
  1272. }
  1273. if (!NT_SUCCESS(Status)) {
  1274. ZwClose(hRegistryKey);
  1275. return Status;
  1276. }
  1277. AllocationLength = sizeof(KEY_VALUE_PARTIAL_INFORMATION)
  1278. + InitialPartialInformationValue.DataLength;
  1279. if (0) {
  1280. DbgPrint("SizeofBindingInfo=%08lx %08lx\n",
  1281. AllocationLength,
  1282. InitialPartialInformationValue.DataLength);
  1283. }
  1284. if (SmbCeContext.Transports.Buffer != NULL) {
  1285. // the transports buffer is at the end of a larger buffer (by 12 bytes)
  1286. // allocated to read the value from the registry. recover the original buffer
  1287. // pointer in orer to free.
  1288. TransportsValueFromRegistry = CONTAINING_RECORD(
  1289. SmbCeContext.Transports.Buffer,
  1290. KEY_VALUE_PARTIAL_INFORMATION,
  1291. Data[0]
  1292. );
  1293. //DbgPrint("b1 %08lx b2 %08lx\n", TransportsValueFromRegistry,SmbCeContext.Transports.Buffer);
  1294. RxFreePool(TransportsValueFromRegistry);
  1295. SmbCeContext.Transports.Buffer = NULL;
  1296. SmbCeContext.Transports.Length = 0;
  1297. SmbCeContext.Transports.MaximumLength = 0;
  1298. }
  1299. (PBYTE)TransportsValueFromRegistry = RxAllocatePoolWithTag(
  1300. PagedPool,
  1301. AllocationLength,
  1302. MRXSMB_MISC_POOLTAG);
  1303. if (TransportsValueFromRegistry == NULL) {
  1304. ZwClose(hRegistryKey);
  1305. return(STATUS_INSUFFICIENT_RESOURCES);
  1306. }
  1307. Status = ZwQueryValueKey(
  1308. hRegistryKey,
  1309. &UnicodeString,
  1310. KeyValuePartialInformation,
  1311. TransportsValueFromRegistry,
  1312. AllocationLength,
  1313. &BytesRead);
  1314. if (NT_SUCCESS(Status) &&
  1315. (TransportsValueFromRegistry->DataLength > 0) &&
  1316. (TransportsValueFromRegistry->Type == REG_MULTI_SZ)) {
  1317. SmbCeContext.Transports.MaximumLength =
  1318. SmbCeContext.Transports.Length = (USHORT)TransportsValueFromRegistry->DataLength;
  1319. SmbCeContext.Transports.Buffer = (PWCHAR)(&TransportsValueFromRegistry->Data[0]);
  1320. //DbgPrint("b1 %08lx b2 %08lx\n", TransportsValueFromRegistry,SmbCeContext.Transports.Buffer);
  1321. } else {
  1322. RxLog(("Invalid Transport Binding string... using all transports"));
  1323. SmbLog(LOG,
  1324. SmbCeGetConfigurationInformation,
  1325. LOGULONG(Status));
  1326. RxFreePool(TransportsValueFromRegistry);
  1327. TransportsValueFromRegistry = NULL;
  1328. }
  1329. ZwClose(hRegistryKey);
  1330. return Status;
  1331. }
  1332. NTSTATUS
  1333. SmbCeGetComputerName(
  1334. VOID
  1335. )
  1336. {
  1337. ULONG Storage[256];
  1338. UNICODE_STRING UnicodeString;
  1339. HANDLE hRegistryKey;
  1340. NTSTATUS Status;
  1341. ULONG BytesRead;
  1342. OBJECT_ATTRIBUTES ObjectAttributes;
  1343. PKEY_VALUE_FULL_INFORMATION Value = (PKEY_VALUE_FULL_INFORMATION)Storage;
  1344. KEY_VALUE_PARTIAL_INFORMATION InitialPartialInformationValue;
  1345. ULONG AllocationLength;
  1346. PAGED_CODE();
  1347. ASSERT(SmbCeContext.ComputerName.Buffer == NULL);
  1348. // Obtain the computer name. This is used in formulating the local NETBIOS address
  1349. RtlInitUnicodeString(&SmbCeContext.ComputerName, NULL);
  1350. if (!MRxSmbBootedRemotely) {
  1351. RtlInitUnicodeString(&UnicodeString, SMBMRX_CONFIG_COMPUTER_NAME);
  1352. } else {
  1353. //
  1354. // For remote boot, we are initializing long before the volatile
  1355. // ActiveComputerNameKey is created, so we need to read from the
  1356. // nonvolatile key instead. This is not a problem, because we know
  1357. // that the computer name hasn't been changed since the computer was
  1358. // booted -- since we're very early in the boot sequence -- so the
  1359. // nonvolatile key has the correct computer name.
  1360. //
  1361. RtlInitUnicodeString(&UnicodeString, SMBMRX_CONFIG_COMPUTER_NAME_NONVOLATILE);
  1362. }
  1363. InitializeObjectAttributes(
  1364. &ObjectAttributes,
  1365. &UnicodeString, // name
  1366. OBJ_CASE_INSENSITIVE, // attributes
  1367. NULL, // root
  1368. NULL); // security descriptor
  1369. Status = ZwOpenKey (&hRegistryKey, KEY_READ, &ObjectAttributes);
  1370. if (!NT_SUCCESS(Status)) {
  1371. return Status;
  1372. }
  1373. RtlInitUnicodeString(&UnicodeString, COMPUTERNAME);
  1374. Status = ZwQueryValueKey(
  1375. hRegistryKey,
  1376. &UnicodeString,
  1377. KeyValueFullInformation,
  1378. Value,
  1379. sizeof(Storage),
  1380. &BytesRead);
  1381. if (NT_SUCCESS(Status)) {
  1382. // Rtl conversion routines require NULL char to be excluded from the
  1383. // length.
  1384. SmbCeContext.ComputerName.MaximumLength =
  1385. SmbCeContext.ComputerName.Length = (USHORT)Value->DataLength - sizeof(WCHAR);
  1386. SmbCeContext.ComputerName.Buffer = RxAllocatePoolWithTag(
  1387. PagedPool,
  1388. SmbCeContext.ComputerName.Length,
  1389. MRXSMB_MISC_POOLTAG);
  1390. if (SmbCeContext.ComputerName.Buffer != NULL) {
  1391. RtlCopyMemory(SmbCeContext.ComputerName.Buffer,
  1392. (PCHAR)Value+Value->DataOffset,
  1393. Value->DataLength - sizeof(WCHAR));
  1394. } else {
  1395. Status = STATUS_INSUFFICIENT_RESOURCES;
  1396. }
  1397. }
  1398. ZwClose(hRegistryKey);
  1399. return Status;
  1400. }
  1401. NTSTATUS
  1402. SmbCeGetOperatingSystemInformation(
  1403. VOID
  1404. )
  1405. {
  1406. ULONG Storage[256], Storage2[256];
  1407. UNICODE_STRING UnicodeString;
  1408. HANDLE hRegistryKey;
  1409. NTSTATUS Status, Status2;
  1410. ULONG BytesRead;
  1411. OBJECT_ATTRIBUTES ObjectAttributes;
  1412. PKEY_VALUE_FULL_INFORMATION Value = (PKEY_VALUE_FULL_INFORMATION)Storage;
  1413. PKEY_VALUE_FULL_INFORMATION Value2 = (PKEY_VALUE_FULL_INFORMATION)Storage2;
  1414. KEY_VALUE_PARTIAL_INFORMATION InitialPartialInformationValue;
  1415. ULONG AllocationLength;
  1416. PAGED_CODE();
  1417. ASSERT(SmbCeContext.OperatingSystem.Buffer == NULL);
  1418. ASSERT(SmbCeContext.LanmanType.Buffer == NULL);
  1419. RtlInitUnicodeString(&UnicodeString, RDR_CONFIG_CURRENT_WINDOWS_VERSION);
  1420. InitializeObjectAttributes(
  1421. &ObjectAttributes,
  1422. &UnicodeString, // name
  1423. OBJ_CASE_INSENSITIVE, // attributes
  1424. NULL, // root
  1425. NULL); // security descriptor
  1426. Status = ZwOpenKey (&hRegistryKey, KEY_READ, &ObjectAttributes);
  1427. if (!NT_SUCCESS(Status)) {
  1428. return Status;
  1429. }
  1430. RtlInitUnicodeString(&UnicodeString, RDR_CONFIG_OPERATING_SYSTEM);
  1431. Status = ZwQueryValueKey(
  1432. hRegistryKey,
  1433. &UnicodeString,
  1434. KeyValueFullInformation,
  1435. Value,
  1436. sizeof(Storage),
  1437. &BytesRead);
  1438. if (NT_SUCCESS(Status)) {
  1439. // check for existance of Service Pack String
  1440. RtlInitUnicodeString(&UnicodeString, L"CSDVersion");
  1441. Status2 = ZwQueryValueKey(
  1442. hRegistryKey,
  1443. &UnicodeString,
  1444. KeyValueFullInformation,
  1445. Value2,
  1446. sizeof(Storage2),
  1447. &BytesRead);
  1448. SmbCeContext.OperatingSystem.MaximumLength =
  1449. (USHORT)Value->DataLength + sizeof(RDR_CONFIG_OPERATING_SYSTEM_NAME) - sizeof(WCHAR);
  1450. if(NT_SUCCESS(Status2)) {
  1451. SmbCeContext.OperatingSystem.MaximumLength += (USHORT)Value2->DataLength;
  1452. }
  1453. SmbCeContext.OperatingSystem.Length = SmbCeContext.OperatingSystem.MaximumLength - sizeof(WCHAR);
  1454. SmbCeContext.OperatingSystem.Buffer = RxAllocatePoolWithTag(
  1455. PagedPool,
  1456. SmbCeContext.OperatingSystem.MaximumLength,
  1457. MRXSMB_MISC_POOLTAG);
  1458. if (SmbCeContext.OperatingSystem.Buffer != NULL) {
  1459. RtlCopyMemory(SmbCeContext.OperatingSystem.Buffer,
  1460. RDR_CONFIG_OPERATING_SYSTEM_NAME,
  1461. sizeof(RDR_CONFIG_OPERATING_SYSTEM_NAME));
  1462. RtlCopyMemory((SmbCeContext.OperatingSystem.Buffer +
  1463. (sizeof(RDR_CONFIG_OPERATING_SYSTEM_NAME)/sizeof(WCHAR)) - 1),
  1464. (PCHAR)Value+Value->DataOffset,
  1465. Value->DataLength);
  1466. if(NT_SUCCESS(Status2)) {
  1467. // add a space
  1468. RtlCopyMemory(SmbCeContext.OperatingSystem.Buffer +
  1469. (sizeof(RDR_CONFIG_OPERATING_SYSTEM_NAME) + Value->DataLength)/sizeof(WCHAR) - 2,
  1470. L" ",
  1471. sizeof(WCHAR));
  1472. RtlCopyMemory(SmbCeContext.OperatingSystem.Buffer +
  1473. (sizeof(RDR_CONFIG_OPERATING_SYSTEM_NAME) + Value->DataLength)/sizeof(WCHAR) - 1,
  1474. (PCHAR)Value2+Value2->DataOffset,
  1475. Value2->DataLength);
  1476. }
  1477. } else {
  1478. Status = STATUS_INSUFFICIENT_RESOURCES;
  1479. }
  1480. }
  1481. if (NT_SUCCESS(Status)) {
  1482. RtlInitUnicodeString(&UnicodeString, RDR_CONFIG_OPERATING_SYSTEM_VERSION);
  1483. Status = ZwQueryValueKey(
  1484. hRegistryKey,
  1485. &UnicodeString,
  1486. KeyValueFullInformation,
  1487. Value,
  1488. sizeof(Storage),
  1489. &BytesRead);
  1490. if (NT_SUCCESS(Status)) {
  1491. SmbCeContext.LanmanType.MaximumLength =
  1492. SmbCeContext.LanmanType.Length = (USHORT)Value->DataLength +
  1493. sizeof(RDR_CONFIG_OPERATING_SYSTEM_NAME) -
  1494. sizeof(WCHAR);
  1495. SmbCeContext.LanmanType.Buffer = RxAllocatePoolWithTag(
  1496. PagedPool,
  1497. SmbCeContext.LanmanType.Length,
  1498. MRXSMB_MISC_POOLTAG);
  1499. if (SmbCeContext.LanmanType.Buffer != NULL) {
  1500. RtlCopyMemory(
  1501. SmbCeContext.LanmanType.Buffer,
  1502. RDR_CONFIG_OPERATING_SYSTEM_NAME,
  1503. sizeof(RDR_CONFIG_OPERATING_SYSTEM_NAME));
  1504. RtlCopyMemory(
  1505. (SmbCeContext.LanmanType.Buffer +
  1506. (sizeof(RDR_CONFIG_OPERATING_SYSTEM_NAME)/sizeof(WCHAR)) - 1),
  1507. (PCHAR)Value+Value->DataOffset,
  1508. Value->DataLength);
  1509. } else {
  1510. Status = STATUS_INSUFFICIENT_RESOURCES;
  1511. }
  1512. }
  1513. }
  1514. ZwClose(hRegistryKey);
  1515. return Status;
  1516. }
  1517. NTSTATUS
  1518. MRxSmbPnpIrpCompletion(
  1519. PDEVICE_OBJECT pDeviceObject,
  1520. PIRP pIrp,
  1521. PVOID pContext)
  1522. /*++
  1523. Routine Description:
  1524. This routine completes the PNP irp for SMB mini redirector.
  1525. Arguments:
  1526. DeviceObject - Supplies the device object for the packet being processed.
  1527. pIrp - Supplies the Irp being processed
  1528. pContext - the completion context
  1529. --*/
  1530. {
  1531. PKEVENT pCompletionEvent = pContext;
  1532. KeSetEvent(
  1533. pCompletionEvent,
  1534. IO_NO_INCREMENT,
  1535. FALSE);
  1536. return STATUS_MORE_PROCESSING_REQUIRED;
  1537. }
  1538. NTSTATUS
  1539. MRxSmbProcessPnpIrp(
  1540. PIRP pIrp)
  1541. /*++
  1542. Routine Description:
  1543. This routine initiates the processing of PNP irps for SMB mini redirector.
  1544. Arguments:
  1545. pIrp - Supplies the Irp being processed
  1546. Notes:
  1547. The query target device relation is the only call that is implemented
  1548. currently. This is done by returing the PDO associated with the transport
  1549. connection object. In any case this routine assumes the responsibility of
  1550. completing the IRP and return STATUS_PENDING.
  1551. This routine also writes an error log entry when the underlying transport
  1552. fails the request. This should help us isolate the responsibility.
  1553. --*/
  1554. {
  1555. NTSTATUS Status;
  1556. PIO_STACK_LOCATION IrpSp = IoGetCurrentIrpStackLocation( pIrp );
  1557. IoMarkIrpPending(pIrp);
  1558. if ((IrpSp->MinorFunction == IRP_MN_QUERY_DEVICE_RELATIONS) &&
  1559. (IrpSp->Parameters.QueryDeviceRelations.Type==TargetDeviceRelation)) {
  1560. PIRP pAssociatedIrp;
  1561. PFILE_OBJECT pConnectionFileObject = NULL;
  1562. PMRX_FCB pFcb = NULL;
  1563. PSMBCEDB_SERVER_ENTRY pServerEntry = NULL;
  1564. BOOLEAN ServerTransportReferenced = FALSE;
  1565. // Locate the transport connection object for the associated file object
  1566. // and forward the query to that device.
  1567. if ((IrpSp->FileObject != NULL) &&
  1568. ((pFcb = IrpSp->FileObject->FsContext) != NULL) &&
  1569. (NodeTypeIsFcb(pFcb))) {
  1570. PMRX_SRV_CALL pSrvCall;
  1571. PMRX_NET_ROOT pNetRoot;
  1572. if (((pNetRoot = pFcb->pNetRoot) != NULL) &&
  1573. ((pSrvCall = pNetRoot->pSrvCall) != NULL)) {
  1574. pServerEntry = pSrvCall->Context;
  1575. if (pServerEntry != NULL) {
  1576. SmbCeAcquireResource();
  1577. Status = SmbCeReferenceServerTransport(&pServerEntry->pTransport);
  1578. if (Status == STATUS_SUCCESS) {
  1579. pConnectionFileObject = SmbCepReferenceEndpointFileObject(
  1580. pServerEntry->pTransport);
  1581. ServerTransportReferenced = TRUE;
  1582. }
  1583. SmbCeReleaseResource();
  1584. }
  1585. }
  1586. }
  1587. if (pConnectionFileObject != NULL) {
  1588. PDEVICE_OBJECT pRelatedDeviceObject;
  1589. PIO_STACK_LOCATION pIrpStackLocation,
  1590. pAssociatedIrpStackLocation;
  1591. pRelatedDeviceObject = IoGetRelatedDeviceObject(pConnectionFileObject);
  1592. pAssociatedIrp = IoAllocateIrp(
  1593. pRelatedDeviceObject->StackSize,
  1594. FALSE);
  1595. if (pAssociatedIrp != NULL) {
  1596. KEVENT CompletionEvent;
  1597. KeInitializeEvent( &CompletionEvent,
  1598. SynchronizationEvent,
  1599. FALSE );
  1600. // Fill up the associated IRP and call the underlying driver.
  1601. pAssociatedIrpStackLocation = IoGetNextIrpStackLocation(pAssociatedIrp);
  1602. pIrpStackLocation = IoGetCurrentIrpStackLocation(pIrp);
  1603. *pAssociatedIrpStackLocation = *pIrpStackLocation;
  1604. pAssociatedIrpStackLocation->FileObject = pConnectionFileObject;
  1605. pAssociatedIrpStackLocation->DeviceObject = pRelatedDeviceObject;
  1606. IoSetCompletionRoutine(
  1607. pAssociatedIrp,
  1608. MRxSmbPnpIrpCompletion,
  1609. &CompletionEvent,
  1610. TRUE,TRUE,TRUE);
  1611. pAssociatedIrp->IoStatus.Status = STATUS_NOT_SUPPORTED;
  1612. Status = IoCallDriver(pRelatedDeviceObject,pAssociatedIrp);
  1613. if (Status == STATUS_PENDING) {
  1614. (VOID) KeWaitForSingleObject(
  1615. &CompletionEvent,
  1616. Executive,
  1617. KernelMode,
  1618. FALSE,
  1619. (PLARGE_INTEGER) NULL );
  1620. }
  1621. pIrp->IoStatus = pAssociatedIrp->IoStatus;
  1622. Status = pIrp->IoStatus.Status;
  1623. if (!NT_SUCCESS(Status)) {
  1624. MRxSmbLogTransportError(
  1625. &pServerEntry->pTransport->pTransport->RxCeTransport.Name,
  1626. &SmbCeContext.DomainName,
  1627. Status,
  1628. EVENT_RDR_CONNECTION);
  1629. }
  1630. ObDereferenceObject(pConnectionFileObject);
  1631. IoFreeIrp(pAssociatedIrp);
  1632. } else {
  1633. Status = STATUS_INSUFFICIENT_RESOURCES;
  1634. }
  1635. } else {
  1636. Status = STATUS_INVALID_DEVICE_REQUEST;
  1637. }
  1638. if (ServerTransportReferenced) {
  1639. SmbCeDereferenceServerTransport(&pServerEntry->pTransport);
  1640. }
  1641. } else {
  1642. Status = STATUS_INVALID_DEVICE_REQUEST;
  1643. }
  1644. if (Status != STATUS_PENDING) {
  1645. pIrp->IoStatus.Status = Status;
  1646. IoCompleteRequest(pIrp,IO_NO_INCREMENT);
  1647. Status = STATUS_PENDING;
  1648. }
  1649. return STATUS_PENDING;
  1650. }
  1651. WML_CONTROL_GUID_REG MRxSmb_ControlGuids[] = {
  1652. { // 8fc7e81a-f733-42e0-9708-cfdae07ed969 MRxSmb
  1653. 0x8fc7e81a,0xf733,0x42e0,{0x97,0x08,0xcf,0xda,0xe0,0x7e,0xd9,0x69},
  1654. { // eab93e5c-02ce-4e33-9419-901d82868816
  1655. {0xeab93e5c,0x02ce,0x4e33,{0x94,0x19,0x90,0x1d,0x82,0x86,0x88,0x16},},
  1656. // 56a0dee7-be12-4cf1-b7e0-976b0d174944
  1657. {0x56a0dee7,0xbe12,0x4cf1,{0xb7,0xe0,0x97,0x6b,0x0d,0x17,0x49,0x44},},
  1658. // ecabc730-60bf-481e-b92b-2749f8272d9d
  1659. {0xecabc730,0x60bf,0x481e,{0xb9,0x2b,0x27,0x49,0xf8,0x27,0x2d,0x9d},}
  1660. },
  1661. },
  1662. };
  1663. #define MRxSmb_ControlGuids_len 1
  1664. NTSTATUS
  1665. MRxSmbProcessSystemControlIrp(
  1666. IN PDEVICE_OBJECT DeviceObject,
  1667. IN PIRP Irp
  1668. )
  1669. /*++
  1670. Routine Description:
  1671. This is the common routine for doing System control operations called
  1672. by both the fsd and fsp threads
  1673. Arguments:
  1674. Irp - Supplies the Irp to process
  1675. InFsp - Indicates if this is the fsp thread or someother thread
  1676. Return Value:
  1677. RXSTATUS - The return status for the operation
  1678. --*/
  1679. {
  1680. NTSTATUS Status;
  1681. WML_TINY_INFO Info;
  1682. UNICODE_STRING RegPath;
  1683. PAGED_CODE();
  1684. if (EnableWmiLog) {
  1685. RtlInitUnicodeString (&RegPath, L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\MRxSmb");
  1686. RtlZeroMemory (&Info, sizeof(Info));
  1687. Info.ControlGuids = MRxSmb_ControlGuids;
  1688. Info.GuidCount = MRxSmb_ControlGuids_len;
  1689. Info.DriverRegPath = &RegPath;
  1690. Status = WmlTinySystemControl(&Info,DeviceObject,Irp);
  1691. if (Status != STATUS_SUCCESS) {
  1692. //DbgPrint("MRxSmb WMI control return %lx\n", Status);
  1693. }
  1694. } else {
  1695. Status = STATUS_INVALID_DEVICE_REQUEST;
  1696. Irp->IoStatus.Status = Status;
  1697. IoCompleteRequest(Irp, IO_NO_INCREMENT);
  1698. }
  1699. return Status;
  1700. }
  1701. extern LONG BowserDebugTraceLevel;
  1702. NTSTATUS
  1703. MRxSmbFsdDispatch (
  1704. IN PDEVICE_OBJECT DeviceObject,
  1705. IN PIRP Irp
  1706. )
  1707. /*++
  1708. Routine Description:
  1709. This routine implements the FSD dispatch for the smbmini DRIVER object.
  1710. Arguments:
  1711. DeviceObject - Supplies the device object for the packet being processed.
  1712. Irp - Supplies the Irp being processed
  1713. Return Value:
  1714. RXSTATUS - The Fsd status for the Irp
  1715. Notes:
  1716. This routine centralizes the logic required to dela with special cases in
  1717. handling various requests directed to the redirector.
  1718. 1) The Browser is built as part of the redirector driver ( mrxsmb.sys ) for
  1719. historical reasons ( carryover effect from the old redirector ). Hence this
  1720. routine serves as the switching point for redirecting requests to the browser
  1721. or the redirector depending on the device object.
  1722. 2) The browser occasionally specifies a transport name in its open requests.
  1723. This is a request by the browser to override the transport priority
  1724. otherwise specified. In such cases this routine invokes the appropriate
  1725. preprocessing before passing on the request to the wrapper.
  1726. 3) The DFS driver also specifies additional parameters in its open requests.
  1727. In such cases this routine invokes the appropriate preprocessing routine.
  1728. 4) The PNP IRP for returning device relations are subverted by the mini
  1729. redirector for SMB
  1730. (2) (3) and (4) are legitimate uses of the wrapper architecture in which each
  1731. mini redirector is given the ability to customize the response to IRPs
  1732. passed in by the I/O subsystem. This is typically done by overiding the
  1733. dispatch vector.
  1734. --*/
  1735. {
  1736. PIO_STACK_LOCATION IrpSp = IoGetCurrentIrpStackLocation( Irp ); //ok4ioget
  1737. UCHAR MajorFunctionCode = IrpSp->MajorFunction;
  1738. ULONG MinorFunctionCode = IrpSp->MinorFunction;
  1739. BOOLEAN ForwardRequestToWrapper = TRUE;
  1740. PSMBCEDB_SERVER_ENTRY pServerEntry = NULL;
  1741. NTSTATUS Status;
  1742. PAGED_CODE();
  1743. if (DeviceObject == (PDEVICE_OBJECT)BowserDeviceObject) {
  1744. switch (MajorFunctionCode) {
  1745. case IRP_MJ_DEVICE_CONTROL:
  1746. {
  1747. ULONG IoControlCode = IrpSp->Parameters.DeviceIoControl.IoControlCode;
  1748. Status = BowserFsdDeviceIoControlFile(BowserDeviceObject, Irp);
  1749. if ((Status == STATUS_SUCCESS) &&
  1750. (MinorFunctionCode == IRP_MN_USER_FS_REQUEST) &&
  1751. (IoControlCode == IOCTL_LMDR_START)) {
  1752. MRxSmbRegisterForPnpNotifications();
  1753. }
  1754. }
  1755. return Status;
  1756. case IRP_MJ_QUERY_INFORMATION:
  1757. return BowserFsdQueryInformationFile(BowserDeviceObject, Irp);
  1758. case IRP_MJ_CREATE:
  1759. return BowserFsdCreate(BowserDeviceObject, Irp);
  1760. case IRP_MJ_CLEANUP:
  1761. return BowserFsdCleanup(BowserDeviceObject, Irp);
  1762. case IRP_MJ_CLOSE:
  1763. return BowserFsdClose(BowserDeviceObject, Irp);
  1764. default:
  1765. Irp->IoStatus.Status = STATUS_NOT_IMPLEMENTED;
  1766. Irp->IoStatus.Information = 0;
  1767. IoCompleteRequest(Irp, IO_NO_INCREMENT );
  1768. return (STATUS_NOT_IMPLEMENTED);
  1769. }
  1770. }
  1771. ASSERT(DeviceObject==(PDEVICE_OBJECT)MRxSmbDeviceObject);
  1772. if (DeviceObject!=(PDEVICE_OBJECT)MRxSmbDeviceObject) {
  1773. Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST;
  1774. Irp->IoStatus.Information = 0;
  1775. IoCompleteRequest(Irp, IO_NO_INCREMENT );
  1776. return (STATUS_INVALID_DEVICE_REQUEST);
  1777. }
  1778. if (IrpSp->MajorFunction == IRP_MJ_SYSTEM_CONTROL) {
  1779. return MRxSmbProcessSystemControlIrp(DeviceObject,Irp);
  1780. }
  1781. Status = STATUS_SUCCESS;
  1782. FsRtlEnterFileSystem();
  1783. if (IrpSp->MajorFunction == IRP_MJ_PNP) {
  1784. ForwardRequestToWrapper = FALSE;
  1785. Status = MRxSmbProcessPnpIrp(Irp);
  1786. } else {
  1787. if (IrpSp->MajorFunction == IRP_MJ_CREATE) {
  1788. Status = CscPreProcessCreateIrp(Irp);
  1789. }
  1790. if (Status == STATUS_SUCCESS) {
  1791. Status = MRxSmbCheckTransportName(Irp, &pServerEntry);
  1792. }
  1793. }
  1794. FsRtlExitFileSystem();
  1795. if ((Status == STATUS_SUCCESS) &&
  1796. ForwardRequestToWrapper){
  1797. Status = RxFsdDispatch((PRDBSS_DEVICE_OBJECT)MRxSmbDeviceObject,Irp);
  1798. } else if (Status != STATUS_PENDING) {
  1799. Irp->IoStatus.Status = Status;
  1800. Irp->IoStatus.Information = 0;
  1801. IoCompleteRequest(Irp, IO_NO_INCREMENT );
  1802. }
  1803. if (pServerEntry != NULL ) {
  1804. FsRtlEnterFileSystem();
  1805. pServerEntry->TransportSpecifiedByUser = 0;
  1806. SmbCeDereferenceServerEntry(pServerEntry);
  1807. FsRtlExitFileSystem();
  1808. }
  1809. return Status;
  1810. }
  1811. NTSTATUS
  1812. MRxSmbDeallocateForFcb (
  1813. IN OUT PMRX_FCB pFcb
  1814. )
  1815. {
  1816. PAGED_CODE();
  1817. MRxSmbCscDeallocateForFcb(pFcb);
  1818. return(STATUS_SUCCESS);
  1819. }
  1820. NTSTATUS
  1821. MRxSmbDeallocateForFobx (
  1822. IN OUT PMRX_FOBX pFobx
  1823. )
  1824. {
  1825. PAGED_CODE();
  1826. IF_DEBUG {
  1827. PMRX_SMB_FOBX smbFobx = MRxSmbGetFileObjectExtension(pFobx);
  1828. PMRX_SRV_OPEN SrvOpen = pFobx->pSrvOpen;
  1829. PMRX_FCB Fcb = SrvOpen->pFcb;
  1830. if (smbFobx && FlagOn(smbFobx->Enumeration.Flags,SMBFOBX_ENUMFLAG_LOUD_FINALIZE)) {
  1831. DbgPrint("Finalizobx side buffer %p %p %p %pon %wZ\n",
  1832. 0, 0, // sidebuffer, count
  1833. smbFobx,pFobx,GET_ALREADY_PREFIXED_NAME(SrvOpen,Fcb)
  1834. );
  1835. }
  1836. }
  1837. return(STATUS_SUCCESS);
  1838. }
  1839. NTSTATUS
  1840. MRxSmbDeleteRegistryParameter(
  1841. HANDLE ParametersHandle,
  1842. PWCHAR ParameterName
  1843. )
  1844. {
  1845. UNICODE_STRING UnicodeString;
  1846. NTSTATUS Status;
  1847. PAGED_CODE(); //INIT
  1848. RtlInitUnicodeString(&UnicodeString, ParameterName);
  1849. Status = ZwDeleteValueKey(ParametersHandle,
  1850. &UnicodeString);
  1851. ASSERT(NT_SUCCESS(Status));
  1852. return(Status);
  1853. }
  1854. NTSTATUS
  1855. MRxSmbGetUlongRegistryParameter(
  1856. HANDLE ParametersHandle,
  1857. PWCHAR ParameterName,
  1858. PULONG ParamUlong,
  1859. BOOLEAN LogFailure
  1860. )
  1861. {
  1862. ULONG Storage[16];
  1863. PKEY_VALUE_PARTIAL_INFORMATION Value;
  1864. ULONG ValueSize;
  1865. UNICODE_STRING UnicodeString;
  1866. NTSTATUS Status;
  1867. ULONG BytesRead;
  1868. PAGED_CODE(); //INIT
  1869. Value = (PKEY_VALUE_PARTIAL_INFORMATION)Storage;
  1870. ValueSize = sizeof(Storage);
  1871. RtlInitUnicodeString(&UnicodeString, ParameterName);
  1872. Status = ZwQueryValueKey(ParametersHandle,
  1873. &UnicodeString,
  1874. KeyValuePartialInformation,
  1875. Value,
  1876. ValueSize,
  1877. &BytesRead);
  1878. if (NT_SUCCESS(Status)) {
  1879. if (Value->Type == REG_DWORD) {
  1880. PULONG ConfigValue = (PULONG)&Value->Data[0];
  1881. *ParamUlong = *((PULONG)ConfigValue);
  1882. return(STATUS_SUCCESS);
  1883. } else {
  1884. Status = STATUS_INVALID_PARAMETER;
  1885. }
  1886. }
  1887. if (!LogFailure) { return Status; }
  1888. RxLogFailureWithBuffer(
  1889. MRxSmbDeviceObject,
  1890. NULL,
  1891. EVENT_RDR_CANT_READ_REGISTRY,
  1892. Status,
  1893. ParameterName,
  1894. (USHORT)(wcslen(ParameterName)*sizeof(WCHAR))
  1895. );
  1896. return Status;
  1897. }
  1898. NTSTATUS
  1899. SmbCeGetServersWithExtendedSessTimeout()
  1900. {
  1901. ULONG Storage[256];
  1902. UNICODE_STRING UnicodeString;
  1903. HANDLE hRegistryKey;
  1904. NTSTATUS Status;
  1905. ULONG BytesRead;
  1906. OBJECT_ATTRIBUTES ObjectAttributes;
  1907. PKEY_VALUE_FULL_INFORMATION Value = (PKEY_VALUE_FULL_INFORMATION)Storage;
  1908. KEY_VALUE_PARTIAL_INFORMATION InitialPartialInformationValue;
  1909. ULONG AllocationLength;
  1910. PKEY_VALUE_PARTIAL_INFORMATION ServersValueFromRegistry;
  1911. PAGED_CODE();
  1912. // Obtain the list of servers associated with extended session timeout.
  1913. // This is required by third party server which handles SMB sessions with different processes.
  1914. // The time to process requests on different sessions can be varied dramatically.
  1915. RtlInitUnicodeString(&UnicodeString, SMBMRX_WORKSTATION_PARAMETERS);
  1916. InitializeObjectAttributes(
  1917. &ObjectAttributes,
  1918. &UnicodeString, // name
  1919. OBJ_CASE_INSENSITIVE, // attributes
  1920. NULL, // root
  1921. NULL); // security descriptor
  1922. Status = ZwOpenKey (&hRegistryKey, KEY_READ, &ObjectAttributes);
  1923. if (!NT_SUCCESS(Status)) {
  1924. //DbgPrint("SmbCeGetServersWithExtendedSessTimeout ZwOpenKey failed %x\n",Status);
  1925. return Status;
  1926. }
  1927. RtlInitUnicodeString(&UnicodeString, L"ServersWithExtendedSessTimeout");
  1928. Status = ZwQueryValueKey(
  1929. hRegistryKey,
  1930. &UnicodeString,
  1931. KeyValuePartialInformation,
  1932. &InitialPartialInformationValue,
  1933. sizeof(InitialPartialInformationValue),
  1934. &BytesRead);
  1935. if (Status== STATUS_BUFFER_OVERFLOW) {
  1936. Status = STATUS_SUCCESS;
  1937. }
  1938. if (!NT_SUCCESS(Status)) {
  1939. ZwClose(hRegistryKey);
  1940. return Status;
  1941. }
  1942. AllocationLength = sizeof(KEY_VALUE_PARTIAL_INFORMATION)
  1943. + InitialPartialInformationValue.DataLength;
  1944. if (0) {
  1945. DbgPrint("SizeofBindingInfo=%08lx %08lx\n",
  1946. AllocationLength,
  1947. InitialPartialInformationValue.DataLength);
  1948. }
  1949. ASSERT(SmbCeContext.ServersWithExtendedSessTimeout.Buffer == NULL);
  1950. (PBYTE)ServersValueFromRegistry = RxAllocatePoolWithTag(
  1951. PagedPool,
  1952. AllocationLength,
  1953. MRXSMB_MISC_POOLTAG);
  1954. if (ServersValueFromRegistry == NULL) {
  1955. ZwClose(hRegistryKey);
  1956. return(STATUS_INSUFFICIENT_RESOURCES);
  1957. }
  1958. Status = ZwQueryValueKey(
  1959. hRegistryKey,
  1960. &UnicodeString,
  1961. KeyValuePartialInformation,
  1962. ServersValueFromRegistry,
  1963. AllocationLength,
  1964. &BytesRead);
  1965. if (NT_SUCCESS(Status) &&
  1966. (ServersValueFromRegistry->DataLength > 0) &&
  1967. (ServersValueFromRegistry->Type == REG_MULTI_SZ)) {
  1968. SmbCeContext.ServersWithExtendedSessTimeout.MaximumLength =
  1969. SmbCeContext.ServersWithExtendedSessTimeout.Length = (USHORT)ServersValueFromRegistry->DataLength;
  1970. SmbCeContext.ServersWithExtendedSessTimeout.Buffer = (PWCHAR)(&ServersValueFromRegistry->Data[0]);
  1971. //DbgPrint("b1 %08lx b2 %08lx\n", ServersValueFromRegistry,SmbCeContext.ServersWithExtendedSessTimeout.Buffer);
  1972. } else {
  1973. RxLog(("Invalid Transport Binding string... using all transports"));
  1974. SmbLog(LOG,
  1975. SmbCeGetConfigurationInformation,
  1976. LOGULONG(Status));
  1977. RxFreePool(ServersValueFromRegistry);
  1978. ServersValueFromRegistry = NULL;
  1979. }
  1980. ZwClose(hRegistryKey);
  1981. return Status;
  1982. }
  1983.