SMB1: Requests to the NamedPipeStore will not be blocked at the SMB layer

SMBLibrary/SMBLibrary.csproj

@@ -190,7 +190,7 @@
     <Compile Include="Server\Shares\ISMBShare.cs" />
     <Compile Include="Server\Shares\NamedPipeShare.cs" />
     <Compile Include="Server\Shares\ShareCollection.cs" />
-    <Compile Include="Server\SMB1\FileSystemResponseHelper.cs" />
+    <Compile Include="Server\SMB1\FileStoreResponseHelper.cs" />
     <Compile Include="Server\SMB1\NegotiateHelper.cs" />
     <Compile Include="Server\SMB1\NTCreateHelper.cs" />
     <Compile Include="Server\SMB1\NTTransactHelper.cs" />

SMBLibrary/Server/SMB1/FileSystemResponseHelper.cs

@@ -13,15 +13,18 @@ using Utilities;
 
 namespace SMBLibrary.Server.SMB1
 {
-    public class FileSystemResponseHelper
+    public class FileStoreResponseHelper
     {
-        internal static SMB1Command GetCreateDirectoryResponse(SMB1Header header, CreateDirectoryRequest request, FileSystemShare share, SMB1ConnectionState state)
+        internal static SMB1Command GetCreateDirectoryResponse(SMB1Header header, CreateDirectoryRequest request, ISMBShare share, SMB1ConnectionState state)
         {
             SMB1Session session = state.GetSession(header.UID);
-            if (!share.HasWriteAccess(session.UserName, request.DirectoryName, state.ClientEndPoint))
+            if (share is FileSystemShare)
             {
-                header.Status = NTStatus.STATUS_ACCESS_DENIED;
-                return new ErrorResponse(request.CommandName);
+                if (!((FileSystemShare)share).HasWriteAccess(session.UserName, request.DirectoryName, state.ClientEndPoint))
+                {
+                    header.Status = NTStatus.STATUS_ACCESS_DENIED;
+                    return new ErrorResponse(request.CommandName);
+                }
             }
 
             header.Status = SMB1FileStoreHelper.CreateDirectory(share.FileStore, request.DirectoryName);
@@ -33,13 +36,16 @@ namespace SMBLibrary.Server.SMB1
             return new CreateDirectoryResponse();
         }
 
-        internal static SMB1Command GetDeleteDirectoryResponse(SMB1Header header, DeleteDirectoryRequest request, FileSystemShare share, SMB1ConnectionState state)
+        internal static SMB1Command GetDeleteDirectoryResponse(SMB1Header header, DeleteDirectoryRequest request, ISMBShare share, SMB1ConnectionState state)
         {
             SMB1Session session = state.GetSession(header.UID);
-            if (!share.HasWriteAccess(session.UserName, request.DirectoryName, state.ClientEndPoint))
+            if (share is FileSystemShare)
             {
-                header.Status = NTStatus.STATUS_ACCESS_DENIED;
-                return new ErrorResponse(request.CommandName);
+                if (!((FileSystemShare)share).HasWriteAccess(session.UserName, request.DirectoryName, state.ClientEndPoint))
+                {
+                    header.Status = NTStatus.STATUS_ACCESS_DENIED;
+                    return new ErrorResponse(request.CommandName);
+                }
             }
 
             header.Status = SMB1FileStoreHelper.DeleteDirectory(share.FileStore, request.DirectoryName);
@@ -50,13 +56,16 @@ namespace SMBLibrary.Server.SMB1
             return new DeleteDirectoryResponse();
         }
 
-        internal static SMB1Command GetDeleteResponse(SMB1Header header, DeleteRequest request, FileSystemShare share, SMB1ConnectionState state)
+        internal static SMB1Command GetDeleteResponse(SMB1Header header, DeleteRequest request, ISMBShare share, SMB1ConnectionState state)
         {
             SMB1Session session = state.GetSession(header.UID);
-            if (!share.HasWriteAccess(session.UserName, request.FileName, state.ClientEndPoint))
+            if (share is FileSystemShare)
             {
-                header.Status = NTStatus.STATUS_ACCESS_DENIED;
-                return new ErrorResponse(request.CommandName);
+                if (!((FileSystemShare)share).HasWriteAccess(session.UserName, request.FileName, state.ClientEndPoint))
+                {
+                    header.Status = NTStatus.STATUS_ACCESS_DENIED;
+                    return new ErrorResponse(request.CommandName);
+                }
             }
 
             // [MS-CIFS] This command cannot delete directories or volumes.
@@ -68,18 +77,21 @@ namespace SMBLibrary.Server.SMB1
             return new DeleteResponse();
         }
 
-        internal static SMB1Command GetRenameResponse(SMB1Header header, RenameRequest request, FileSystemShare share, SMB1ConnectionState state)
+        internal static SMB1Command GetRenameResponse(SMB1Header header, RenameRequest request, ISMBShare share, SMB1ConnectionState state)
         {
             SMB1Session session = state.GetSession(header.UID);
-            if (!share.HasWriteAccess(session.UserName, request.OldFileName, state.ClientEndPoint))
+            if (share is FileSystemShare)
             {
-                header.Status = NTStatus.STATUS_ACCESS_DENIED;
-                return new ErrorResponse(request.CommandName);
-            }
-            if (!share.HasWriteAccess(session.UserName, request.NewFileName, state.ClientEndPoint))
-            {
-                header.Status = NTStatus.STATUS_ACCESS_DENIED;
-                return new ErrorResponse(request.CommandName);
+                if (!((FileSystemShare)share).HasWriteAccess(session.UserName, request.OldFileName, state.ClientEndPoint))
+                {
+                    header.Status = NTStatus.STATUS_ACCESS_DENIED;
+                    return new ErrorResponse(request.CommandName);
+                }
+                if (!((FileSystemShare)share).HasWriteAccess(session.UserName, request.NewFileName, state.ClientEndPoint))
+                {
+                    header.Status = NTStatus.STATUS_ACCESS_DENIED;
+                    return new ErrorResponse(request.CommandName);
+                }
             }
 
             header.Status = SMB1FileStoreHelper.Rename(share.FileStore, request.OldFileName, request.NewFileName, request.SearchAttributes);
@@ -90,13 +102,16 @@ namespace SMBLibrary.Server.SMB1
             return new RenameResponse();
         }
 
-        internal static SMB1Command GetCheckDirectoryResponse(SMB1Header header, CheckDirectoryRequest request, FileSystemShare share, SMB1ConnectionState state)
+        internal static SMB1Command GetCheckDirectoryResponse(SMB1Header header, CheckDirectoryRequest request, ISMBShare share, SMB1ConnectionState state)
         {
             SMB1Session session = state.GetSession(header.UID);
-            if (!share.HasReadAccess(session.UserName, request.DirectoryName, state.ClientEndPoint))
+            if (share is FileSystemShare)
             {
-                header.Status = NTStatus.STATUS_ACCESS_DENIED;
-                return new ErrorResponse(request.CommandName);
+                if (!((FileSystemShare)share).HasReadAccess(session.UserName, request.DirectoryName, state.ClientEndPoint))
+                {
+                    header.Status = NTStatus.STATUS_ACCESS_DENIED;
+                    return new ErrorResponse(request.CommandName);
+                }
             }
 
             header.Status = SMB1FileStoreHelper.CheckDirectory(share.FileStore, request.DirectoryName);
@@ -108,13 +123,16 @@ namespace SMBLibrary.Server.SMB1
             return new CheckDirectoryResponse();
         }
 
-        internal static SMB1Command GetQueryInformationResponse(SMB1Header header, QueryInformationRequest request, FileSystemShare share, SMB1ConnectionState state)
+        internal static SMB1Command GetQueryInformationResponse(SMB1Header header, QueryInformationRequest request, ISMBShare share, SMB1ConnectionState state)
         {
             SMB1Session session = state.GetSession(header.UID);
-            if (!share.HasReadAccess(session.UserName, request.FileName, state.ClientEndPoint))
+            if (share is FileSystemShare)
             {
-                header.Status = NTStatus.STATUS_ACCESS_DENIED;
-                return new ErrorResponse(request.CommandName);
+                if (!((FileSystemShare)share).HasReadAccess(session.UserName, request.FileName, state.ClientEndPoint))
+                {
+                    header.Status = NTStatus.STATUS_ACCESS_DENIED;
+                    return new ErrorResponse(request.CommandName);
+                }
             }
 
             FileNetworkOpenInformation fileInfo;
@@ -131,13 +149,16 @@ namespace SMBLibrary.Server.SMB1
             return response;
         }
 
-        internal static SMB1Command GetSetInformationResponse(SMB1Header header, SetInformationRequest request, FileSystemShare share, SMB1ConnectionState state)
+        internal static SMB1Command GetSetInformationResponse(SMB1Header header, SetInformationRequest request, ISMBShare share, SMB1ConnectionState state)
         {
             SMB1Session session = state.GetSession(header.UID);
-            if (!share.HasWriteAccess(session.UserName, request.FileName, state.ClientEndPoint))
+            if (share is FileSystemShare)
             {
-                header.Status = NTStatus.STATUS_ACCESS_DENIED;
-                return new ErrorResponse(request.CommandName);
+                if (!((FileSystemShare)share).HasWriteAccess(session.UserName, request.FileName, state.ClientEndPoint))
+                {
+                    header.Status = NTStatus.STATUS_ACCESS_DENIED;
+                    return new ErrorResponse(request.CommandName);
+                }
             }
 
             header.Status = SMB1FileStoreHelper.SetInformation(share.FileStore, request.FileName, request.FileAttributes, request.LastWriteTime);
@@ -149,7 +170,7 @@ namespace SMBLibrary.Server.SMB1
             return new SetInformationResponse();
         }
 
-        internal static SMB1Command GetSetInformation2Response(SMB1Header header, SetInformation2Request request, FileSystemShare share, SMB1ConnectionState state)
+        internal static SMB1Command GetSetInformation2Response(SMB1Header header, SetInformation2Request request, ISMBShare share, SMB1ConnectionState state)
         {
             SMB1Session session = state.GetSession(header.UID);
             OpenFileObject openFile = session.GetOpenFileObject(request.FID);
@@ -159,10 +180,13 @@ namespace SMBLibrary.Server.SMB1
                 return new ErrorResponse(request.CommandName);
             }
 
-            if (!share.HasWriteAccess(session.UserName, openFile.Path, state.ClientEndPoint))
+            if (share is FileSystemShare)
             {
-                header.Status = NTStatus.STATUS_ACCESS_DENIED;
-                return new ErrorResponse(request.CommandName);
+                if (!((FileSystemShare)share).HasWriteAccess(session.UserName, openFile.Path, state.ClientEndPoint))
+                {
+                    header.Status = NTStatus.STATUS_ACCESS_DENIED;
+                    return new ErrorResponse(request.CommandName);
+                }
             }
 
             header.Status = SMB1FileStoreHelper.SetInformation2(share.FileStore, openFile.Handle, request.CreationDateTime, request.LastAccessDateTime, request.LastWriteDateTime);

SMBLibrary/Server/SMBServer.SMB1.cs

@@ -144,23 +144,13 @@ namespace SMBLibrary.Server
 
                     if (command is CreateDirectoryRequest)
                     {
-                        if (!(share is FileSystemShare))
-                        {
-                            header.Status = NTStatus.STATUS_INVALID_PARAMETER;
-                            return new ErrorResponse(command.CommandName);
-                        }
                         CreateDirectoryRequest request = (CreateDirectoryRequest)command;
-                        return FileSystemResponseHelper.GetCreateDirectoryResponse(header, request, (FileSystemShare)share, state);
+                        return FileStoreResponseHelper.GetCreateDirectoryResponse(header, request, share, state);
                     }
                     else if (command is DeleteDirectoryRequest)
                     {
-                        if (!(share is FileSystemShare))
-                        {
-                            header.Status = NTStatus.STATUS_INVALID_PARAMETER;
-                            return new ErrorResponse(command.CommandName);
-                        }
                         DeleteDirectoryRequest request = (DeleteDirectoryRequest)command;
-                        return FileSystemResponseHelper.GetDeleteDirectoryResponse(header, request, (FileSystemShare)share, state);
+                        return FileStoreResponseHelper.GetDeleteDirectoryResponse(header, request, share, state);
                     }
                     else if (command is CloseRequest)
                     {
@@ -173,43 +163,23 @@ namespace SMBLibrary.Server
                     }
                     else if (command is DeleteRequest)
                     {
-                        if (!(share is FileSystemShare))
-                        {
-                            header.Status = NTStatus.STATUS_INVALID_PARAMETER;
-                            return new ErrorResponse(command.CommandName);
-                        }
                         DeleteRequest request = (DeleteRequest)command;
-                        return FileSystemResponseHelper.GetDeleteResponse(header, request, (FileSystemShare)share, state);
+                        return FileStoreResponseHelper.GetDeleteResponse(header, request, share, state);
                     }
                     else if (command is RenameRequest)
                     {
-                        if (!(share is FileSystemShare))
-                        {
-                            header.Status = NTStatus.STATUS_INVALID_PARAMETER;
-                            return new ErrorResponse(command.CommandName);
-                        }
                         RenameRequest request = (RenameRequest)command;
-                        return FileSystemResponseHelper.GetRenameResponse(header, request, (FileSystemShare)share, state);
+                        return FileStoreResponseHelper.GetRenameResponse(header, request, share, state);
                     }
                     else if (command is QueryInformationRequest)
                     {
-                        if (!(share is FileSystemShare))
-                        {
-                            header.Status = NTStatus.STATUS_INVALID_PARAMETER;
-                            return new ErrorResponse(command.CommandName);
-                        }
                         QueryInformationRequest request = (QueryInformationRequest)command;
-                        return FileSystemResponseHelper.GetQueryInformationResponse(header, request, (FileSystemShare)share, state);
+                        return FileStoreResponseHelper.GetQueryInformationResponse(header, request, share, state);
                     }
                     else if (command is SetInformationRequest)
                     {
-                        if (!(share is FileSystemShare))
-                        {
-                            header.Status = NTStatus.STATUS_INVALID_PARAMETER;
-                            return new ErrorResponse(command.CommandName);
-                        }
                         SetInformationRequest request = (SetInformationRequest)command;
-                        return FileSystemResponseHelper.GetSetInformationResponse(header, request, (FileSystemShare)share, state);
+                        return FileStoreResponseHelper.GetSetInformationResponse(header, request, share, state);
                     }
                     else if (command is ReadRequest)
                     {
@@ -223,13 +193,8 @@ namespace SMBLibrary.Server
                     }
                     else if (command is CheckDirectoryRequest)
                     {
-                        if (!(share is FileSystemShare))
-                        {
-                            header.Status = NTStatus.STATUS_INVALID_PARAMETER;
-                            return new ErrorResponse(command.CommandName);
-                        }
                         CheckDirectoryRequest request = (CheckDirectoryRequest)command;
-                        return FileSystemResponseHelper.GetCheckDirectoryResponse(header, request, (FileSystemShare)share, state);
+                        return FileStoreResponseHelper.GetCheckDirectoryResponse(header, request, share, state);
                     }
                     else if (command is WriteRawRequest)
                     {
@@ -241,13 +206,8 @@ namespace SMBLibrary.Server
                     }
                     else if (command is SetInformation2Request)
                     {
-                        if (!(share is FileSystemShare))
-                        {
-                            header.Status = NTStatus.STATUS_INVALID_PARAMETER;
-                            return new ErrorResponse(command.CommandName);
-                        }
                         SetInformation2Request request = (SetInformation2Request)command;
-                        return FileSystemResponseHelper.GetSetInformation2Response(header, request, (FileSystemShare)share, state);
+                        return FileStoreResponseHelper.GetSetInformation2Response(header, request, share, state);
                     }
                     else if (command is LockingAndXRequest)
                     {