PageRenderTime 75ms CodeModel.GetById 44ms RepoModel.GetById 0ms app.codeStats 0ms

/freebsd5/sys/netncp/ncp_ncp.c

https://github.com/deathmaker1/kame
C | 495 lines | 405 code | 37 blank | 53 comment | 76 complexity | 0551b15457de0ea7662d4b13bf6aa4db MD5 | raw file
    

  1. /*
    2. 

  2.  * Copyright (c) 1999, 2000, 2001 Boris Popov
    3. 

  3.  * All rights reserved.
    4. 

  4.  *
    5. 

  5.  * Redistribution and use in source and binary forms, with or without
    6. 

  6.  * modification, are permitted provided that the following conditions
    7. 

  7.  * are met:
    8. 

  8.  * 1. Redistributions of source code must retain the above copyright
    9. 

  9.  *    notice, this list of conditions and the following disclaimer.
    10. 

  10.  * 2. Redistributions in binary form must reproduce the above copyright
    11. 

  11.  *    notice, this list of conditions and the following disclaimer in the
    12. 

  12.  *    documentation and/or other materials provided with the distribution.
    13. 

  13.  * 3. All advertising materials mentioning features or use of this software
    14. 

  14.  *    must display the following acknowledgement:
    15. 

  15.  *    This product includes software developed by Boris Popov.
    16. 

  16.  * 4. Neither the name of the author nor the names of any co-contributors
    17. 

  17.  *    may be used to endorse or promote products derived from this software
    18. 

  18.  *    without specific prior written permission.
    19. 

  19.  *
    20. 

  20.  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
    21. 

  21.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
    22. 

  22.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
    23. 

  23.  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
    24. 

  24.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
    25. 

  25.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
    26. 

  26.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    27. 

  27.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
    28. 

  28.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
    29. 

  29.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
    30. 

  30.  * SUCH DAMAGE.
    31. 

  31.  *
    32. 

  32.  * $FreeBSD: src/sys/netncp/ncp_ncp.c,v 1.12 2002/10/11 14:58:30 mike Exp $
    33. 

  33.  *
    34. 

  34.  * Core of NCP protocol
    35. 

  35.  */
    36. 

  36. 

  37. #include <sys/param.h>
    38. 

  38. #include <sys/errno.h>
    39. 

  39. #include <sys/systm.h>
    40. 

  40. #include <sys/proc.h>
    41. 

  41. #include <sys/signalvar.h>
    42. 

  42. #include <sys/sysctl.h>
    43. 

  43. #include <sys/mbuf.h>
    44. 

  44. #include <sys/uio.h>
    45. 

  45. 

  46. #include <netipx/ipx.h>
    47. 

  47. #include <netipx/ipx_var.h>
    48. 

  48. 

  49. #include <netncp/ncp.h>
    50. 

  50. #include <netncp/ncp_conn.h>
    51. 

  51. #include <netncp/ncp_sock.h>
    52. 

  52. #include <netncp/ncp_subr.h>
    53. 

  53. #include <netncp/ncp_ncp.h>
    54. 

  54. #include <netncp/ncp_rq.h>
    55. 

  55. #include <netncp/nwerror.h>
    56. 

  56. 

  57. #ifdef NCP_DATA_DEBUG
    58. 

  58. static
    59. 

  59. void m_dumpm(struct mbuf *m) {
    60. 

  60. 	char *p;
    61. 

  61. 	int len;
    62. 

  62. 	printf("d=");
    63. 

  63. 	while(m) {
    64. 

  64. 		p=mtod(m,char *);
    65. 

  65. 		len=m->m_len;
    66. 

  66. 		printf("(%d)",len);
    67. 

  67. 		while(len--){
    68. 

  68. 			printf("%02x ",((int)*(p++)) & 0xff);
    69. 

  69. 		}
    70. 

  70. 		m=m->m_next;
    71. 

  71. 	};
    72. 

  72. 	printf("\n");
    73. 

  73. }
    74. 

  74. #endif /* NCP_DATA_DEBUG */
    75. 

  75. 

  76. int
    77. 

  77. ncp_chkintr(struct ncp_conn *conn, struct proc *p)
    78. 

  78. {
    79. 

  79. 	sigset_t tmpset;
    80. 

  80. 

  81. 	if (p == NULL)
    82. 

  82. 		return 0;
    83. 

  83. 	tmpset = p->p_siglist;
    84. 

  84. 	SIGSETNAND(tmpset, p->p_sigmask);
    85. 

  85. 	SIGSETNAND(tmpset, p->p_sigignore);
    86. 

  86. 	if (SIGNOTEMPTY(p->p_siglist) && NCP_SIGMASK(tmpset))
    87. 

  87.                 return EINTR;
    88. 

  88. 	return 0;
    89. 

  89. }
    90. 

  90. 

  91. /*
    92. 

  92.  * Process initial NCP handshake (attach)
    93. 

  93.  * NOTE: Since all functions below may change conn attributes, they
    94. 

  94.  * should be called with LOCKED connection, also they use procp & ucred
    95. 

  95.  */
    96. 

  96. int
    97. 

  97. ncp_ncp_connect(struct ncp_conn *conn)
    98. 

  98. {
    99. 

  99. 	struct ncp_rq *rqp;
    100. 

  100. 	struct ncp_rphdr *rp;
    101. 

  101. 	int error;
    102. 

  102. 	
    103. 

  103. 	error = ncp_rq_alloc_any(NCP_ALLOC_SLOT, 0, conn, conn->procp, conn->ucred, &rqp);
    104. 

  104. 	if (error)
    105. 

  105. 		return error;
    106. 

  106. 

  107. 	conn->flags &= ~(NCPFL_SIGNACTIVE | NCPFL_SIGNWANTED |
    108. 

  108. 	    NCPFL_ATTACHED | NCPFL_LOGGED | NCPFL_INVALID);
    109. 

  109. 	conn->seq = 0;
    110. 

  110. 	error = ncp_request_int(rqp);
    111. 

  111. 	if (!error) {
    112. 

  112. 		rp = mtod(rqp->rp.md_top, struct ncp_rphdr*);
    113. 

  113. 		conn->connid = rp->conn_low + (rp->conn_high << 8);
    114. 

  114. 	}
    115. 

  115. 	ncp_rq_done(rqp);
    116. 

  116. 	if (error)
    117. 

  117. 		return error;
    118. 

  118. 	conn->flags |= NCPFL_ATTACHED | NCPFL_WASATTACHED;
    119. 

  119. 	return 0;
    120. 

  120. }
    121. 

  121. 

  122. int
    123. 

  123. ncp_ncp_disconnect(struct ncp_conn *conn)
    124. 

  124. {
    125. 

  125. 	struct ncp_rq *rqp;
    126. 

  126. 	int error;
    127. 

  127. 

  128. 	NCPSDEBUG("for connid=%d\n",conn->nc_id);
    129. 

  129. #ifdef NCPBURST
    130. 

  130. 	ncp_burst_disconnect(conn);
    131. 

  131. #endif
    132. 

  132. 	if (conn->flags & NCPFL_ATTACHED) {
    133. 

  133. 		error = ncp_rq_alloc_any(NCP_FREE_SLOT, 0, conn, conn->procp, conn->ucred, &rqp);
    134. 

  134. 		if (!error) {
    135. 

  135. 			ncp_request_int(rqp);
    136. 

  136. 			ncp_rq_done(rqp);
    137. 

  137. 		}
    138. 

  138. 	}
    139. 

  139. 	ncp_conn_invalidate(conn);
    140. 

  140. 	ncp_sock_disconnect(conn);
    141. 

  141. 	return 0;
    142. 

  142. }
    143. 

  143. 

  144. /*
    145. 

  145.  * All negotiation functions expect a locked connection
    146. 

  146.  */
    147. 

  147. 

  148. int
    149. 

  149. ncp_negotiate_buffersize(struct ncp_conn *conn, int size, int *target)
    150. 

  150. {
    151. 

  151. 	struct ncp_rq *rqp;
    152. 

  152. 	u_int16_t bsize;
    153. 

  153. 	int error;
    154. 

  154. 

  155. 	error = ncp_rq_alloc(0x21, conn, conn->procp, conn->ucred, &rqp);
    156. 

  156. 	if (error)
    157. 

  157. 		return error;
    158. 

  158. 	mb_put_uint16be(&rqp->rq, size);
    159. 

  159. 	error = ncp_request(rqp);
    160. 

  160. 	if (error)
    161. 

  161. 		return error;
    162. 

  162. 	md_get_uint16be(&rqp->rp, &bsize);
    163. 

  163. 	*target = min(bsize, size);
    164. 

  164. 	ncp_rq_done(rqp);
    165. 

  165. 	return error;
    166. 

  166. }
    167. 

  167. 

  168. static int
    169. 

  169. ncp_negotiate_size_and_options(struct ncp_conn *conn, int size, int options, 
    170. 

  170. 	    int *ret_size, u_int8_t *ret_options)
    171. 

  171. {
    172. 

  172. 	struct ncp_rq *rqp;
    173. 

  173. 	u_int16_t rs;
    174. 

  174. 	int error;
    175. 

  175. 

  176. 	error = ncp_rq_alloc(0x61, conn, conn->procp, conn->ucred, &rqp);
    177. 

  177. 	if (error)
    178. 

  178. 		return error;
    179. 

  179. 	mb_put_uint16be(&rqp->rq, size);
    180. 

  180. 	mb_put_uint8(&rqp->rq, options);
    181. 

  181. 	rqp->nr_minrplen = 2 + 2 + 1;
    182. 

  182. 	error = ncp_request(rqp);
    183. 

  183. 	if (error)
    184. 

  184. 		return error;
    185. 

  185. 	md_get_uint16be(&rqp->rp, &rs);
    186. 

  186. 	*ret_size = (rs == 0) ? size : min(rs, size);
    187. 

  187. 	md_get_uint16be(&rqp->rp, &rs);		/* skip echo socket */
    188. 

  188. 	md_get_uint8(&rqp->rp, ret_options);
    189. 

  189. 	ncp_rq_done(rqp);
    190. 

  190. 	return error;
    191. 

  191. }
    192. 

  192. 

  193. int
    194. 

  194. ncp_renegotiate_connparam(struct ncp_conn *conn, int buffsize, u_int8_t in_options)
    195. 

  195. {
    196. 

  196. 	u_int8_t options;
    197. 

  197. 	int neg_buffsize, error, sl, ckslevel, ilen;
    198. 

  198. 

  199. 	sl = conn->li.sig_level;
    200. 

  200. 	if (sl >= 2)
    201. 

  201. 		in_options |= NCP_SECURITY_LEVEL_SIGN_HEADERS;
    202. 

  202. 	if (conn->li.saddr.sa_family == AF_IPX) {
    203. 

  203. 		ilen = sizeof(ckslevel);
    204. 

  204. 		error = kernel_sysctlbyname(curproc, "net.ipx.ipx.checksum",
    205. 

  205. 		    &ckslevel, &ilen, NULL, 0, NULL);
    206. 

  206. 		if (error)
    207. 

  207. 			return error;
    208. 

  208. 		if (ckslevel == 2)
    209. 

  209. 			in_options |= NCP_IPX_CHECKSUM;
    210. 

  210. 	}
    211. 

  211. 	error = ncp_negotiate_size_and_options(conn, buffsize, in_options, 
    212. 

  212. 	    &neg_buffsize, &options);
    213. 

  213. 	if (!error) {
    214. 

  214. 		if (conn->li.saddr.sa_family == AF_IPX &&
    215. 

  215. 		    ((options ^ in_options) & NCP_IPX_CHECKSUM)) {
    216. 

  216. 			if (ckslevel == 2) {
    217. 

  217. 				printf("Server refuses to support IPX checksums\n");
    218. 

  218. 				return NWE_REQUESTER_FAILURE;
    219. 

  219. 			}
    220. 

  220. 			in_options |= NCP_IPX_CHECKSUM;
    221. 

  221. 			error = 1;
    222. 

  222. 		}
    223. 

  223. 		if ((options ^ in_options) & 2) {
    224. 

  224. 			if (sl == 0 || sl == 3)
    225. 

  225. 				return NWE_SIGNATURE_LEVEL_CONFLICT;
    226. 

  226. 			if (sl == 1) {
    227. 

  227. 				in_options |= NCP_SECURITY_LEVEL_SIGN_HEADERS;
    228. 

  228. 				error = 1;
    229. 

  229. 			}
    230. 

  230. 		}
    231. 

  231. 		if (error) {
    232. 

  232. 			error = ncp_negotiate_size_and_options(conn,
    233. 

  233. 		    	    buffsize, in_options, &neg_buffsize, &options);
    234. 

  234. 			if ((options ^ in_options) & 3) {
    235. 

  235. 				return NWE_SIGNATURE_LEVEL_CONFLICT;
    236. 

  236. 			}
    237. 

  237. 		}
    238. 

  238. 	} else {
    239. 

  239. 		in_options &= ~NCP_SECURITY_LEVEL_SIGN_HEADERS;
    240. 

  240. 		error = ncp_negotiate_buffersize(conn, NCP_DEFAULT_BUFSIZE,
    241. 

  241. 			      &neg_buffsize);
    242. 

  242. 	}			  
    243. 

  243. 	if (error) return error;
    244. 

  244. 	if ((neg_buffsize < 512) || (neg_buffsize > NCP_MAX_BUFSIZE))
    245. 

  245. 		return EINVAL;
    246. 

  246. 	conn->buffer_size = neg_buffsize;
    247. 

  247. 	if (in_options & NCP_SECURITY_LEVEL_SIGN_HEADERS)
    248. 

  248. 		conn->flags |= NCPFL_SIGNWANTED;
    249. 

  249. 	if (conn->li.saddr.sa_family == AF_IPX)
    250. 

  250. 		ncp_sock_checksum(conn, in_options & NCP_IPX_CHECKSUM);
    251. 

  251. 	return 0;
    252. 

  252. }
    253. 

  253. 

  254. void
    255. 

  255. ncp_check_rq(struct ncp_conn *conn){
    256. 

  256. 	return;
    257. 

  257. 	if (conn->flags & NCPFL_INTR) return;
    258. 

  258. 	/* first, check for signals */
    259. 

  259. 	if (ncp_chkintr(conn,conn->procp)) {
    260. 

  260. 		conn->flags |= NCPFL_INTR;
    261. 

  261. 	}
    262. 

  262. 	return;
    263. 

  263. }
    264. 

  264. 

  265. int
    266. 

  266. ncp_get_bindery_object_id(struct ncp_conn *conn, 
    267. 

  267. 		u_int16_t object_type, char *object_name, 
    268. 

  268. 		struct ncp_bindery_object *target,
    269. 

  269. 		struct proc *p,struct ucred *cred)
    270. 

  270. {
    271. 

  271. 	struct ncp_rq *rqp;
    272. 

  272. 	int error;
    273. 

  273. 

  274. 	error = ncp_rq_alloc_subfn(23, 53, conn, conn->procp, conn->ucred, &rqp);
    275. 

  275. 	mb_put_uint16be(&rqp->rq, object_type);
    276. 

  276. 	ncp_rq_pstring(rqp, object_name);
    277. 

  277. 	rqp->nr_minrplen = 54;
    278. 

  278. 	error = ncp_request(rqp);
    279. 

  279. 	if (error)
    280. 

  280. 		return error;
    281. 

  281. 	md_get_uint32be(&rqp->rp, &target->object_id);
    282. 

  282. 	md_get_uint16be(&rqp->rp, &target->object_type);
    283. 

  283. 	md_get_mem(&rqp->rp, (caddr_t)target->object_name, 48, MB_MSYSTEM);
    284. 

  284. 	ncp_rq_done(rqp);
    285. 

  285. 	return 0;
    286. 

  286. }
    287. 

  287. 

  288. /*
    289. 

  289.  * target is a 8-byte buffer
    290. 

  290.  */
    291. 

  291. int
    292. 

  292. ncp_get_encryption_key(struct ncp_conn *conn, char *target)
    293. 

  293. {
    294. 

  294. 	struct ncp_rq *rqp;
    295. 

  295. 	int error;
    296. 

  296. 

  297. 	error = ncp_rq_alloc_subfn(23, 23, conn, conn->procp, conn->ucred, &rqp);
    298. 

  298. 	if (error)
    299. 

  299. 		return error;
    300. 

  300. 	rqp->nr_minrplen = 8;
    301. 

  301. 	error = ncp_request(rqp);
    302. 

  302. 	if (error)
    303. 

  303. 		return error;
    304. 

  304. 	md_get_mem(&rqp->rp, target, 8, MB_MSYSTEM);
    305. 

  305. 	ncp_rq_done(rqp);
    306. 

  306. 	return error;
    307. 

  307. }
    308. 

  308. 

  309. /*
    310. 

  310.  * Initialize packet signatures. They a slightly modified MD4.
    311. 

  311.  * The first 16 bytes of logindata are the shuffled password,
    312. 

  312.  * the last 8 bytes the encryption key as received from the server.
    313. 

  313.  */
    314. 

  314. static int
    315. 

  315. ncp_sign_start(struct ncp_conn *conn, char *logindata)
    316. 

  316. {
    317. 

  317. 	char msg[64];
    318. 

  318. 	u_int32_t state[4];
    319. 

  319. 

  320. 	memcpy(msg, logindata, 24);
    321. 

  321. 	memcpy(msg + 24, "Authorized NetWare Client", 25);
    322. 

  322. 	bzero(msg + 24 + 25, sizeof(msg) - 24 - 25);
    323. 

  323. 

  324. 	conn->sign_state[0] = 0x67452301;
    325. 

  325. 	conn->sign_state[1] = 0xefcdab89;
    326. 

  326. 	conn->sign_state[2] = 0x98badcfe;
    327. 

  327. 	conn->sign_state[3] = 0x10325476;
    328. 

  328. 	ncp_sign(conn->sign_state, msg, state);
    329. 

  329. 	conn->sign_root[0] = state[0];
    330. 

  330. 	conn->sign_root[1] = state[1];
    331. 

  331. 	conn->flags |= NCPFL_SIGNACTIVE;
    332. 

  332. 	return 0;
    333. 

  333. }
    334. 

  334. 

  335. 

  336. int
    337. 

  337. ncp_login_encrypted(struct ncp_conn *conn, struct ncp_bindery_object *object,
    338. 

  338. 	const u_char *key, const u_char *passwd,
    339. 

  339. 	struct proc *p, struct ucred *cred)
    340. 

  340. {
    341. 

  341. 	struct ncp_rq *rqp;
    342. 

  342. 	struct mbchain *mbp;
    343. 

  343. 	u_int32_t tmpID = htonl(object->object_id);
    344. 

  344. 	u_char buf[16 + 8];
    345. 

  345. 	u_char encrypted[8];
    346. 

  346. 	int error;
    347. 

  347. 

  348. 	nw_keyhash((u_char*)&tmpID, passwd, strlen(passwd), buf);
    349. 

  349. 	nw_encrypt(key, buf, encrypted);
    350. 

  350. 

  351. 	error = ncp_rq_alloc_subfn(23, 24, conn, p, cred, &rqp);
    352. 

  352. 	if (error)
    353. 

  353. 		return error;
    354. 

  354. 	mbp = &rqp->rq;
    355. 

  355. 	mb_put_mem(mbp, encrypted, 8, MB_MSYSTEM);
    356. 

  356. 	mb_put_uint16be(mbp, object->object_type);
    357. 

  357. 	ncp_rq_pstring(rqp, object->object_name);
    358. 

  358. 	error = ncp_request(rqp);
    359. 

  359. 	if (!error)
    360. 

  360. 		ncp_rq_done(rqp);
    361. 

  361. 	if ((conn->flags & NCPFL_SIGNWANTED) &&
    362. 

  362. 	    (error == 0 || error == NWE_PASSWORD_EXPIRED)) {
    363. 

  363. 		bcopy(key, buf + 16, 8);
    364. 

  364. 		error = ncp_sign_start(conn, buf);
    365. 

  365. 	}
    366. 

  366. 	return error;
    367. 

  367. }
    368. 

  368. 

  369. int
    370. 

  370. ncp_login_unencrypted(struct ncp_conn *conn, u_int16_t object_type, 
    371. 

  371. 	const char *object_name, const u_char *passwd,
    372. 

  372. 	struct proc *p, struct ucred *cred)
    373. 

  373. {
    374. 

  374. 	struct ncp_rq *rqp;
    375. 

  375. 	int error;
    376. 

  376. 

  377. 	error = ncp_rq_alloc_subfn(23, 20, conn, p, cred, &rqp);
    378. 

  378. 	if (error)
    379. 

  379. 		return error;
    380. 

  380. 	mb_put_uint16be(&rqp->rq, object_type);
    381. 

  381. 	ncp_rq_pstring(rqp, object_name);
    382. 

  382. 	ncp_rq_pstring(rqp, passwd);
    383. 

  383. 	error = ncp_request(rqp);
    384. 

  384. 	if (!error)
    385. 

  385. 		ncp_rq_done(rqp);
    386. 

  386. 	return error;
    387. 

  387. }
    388. 

  388. 

  389. int
    390. 

  390. ncp_read(struct ncp_conn *conn, ncp_fh *file, struct uio *uiop, struct ucred *cred)
    391. 

  391. {
    392. 

  392. 	struct ncp_rq *rqp;
    393. 

  393. 	struct mbchain *mbp;
    394. 

  394. 	u_int16_t retlen = 0 ;
    395. 

  395. 	int error = 0, len = 0, tsiz, burstio;
    396. 

  396. 

  397. 	tsiz = uiop->uio_resid;
    398. 

  398. #ifdef NCPBURST
    399. 

  399. 	burstio = (ncp_burst_enabled && tsiz > conn->buffer_size);
    400. 

  400. #else
    401. 

  401. 	burstio = 0;
    402. 

  402. #endif
    403. 

  403. 

  404. 	while (tsiz > 0) {
    405. 

  405. 		if (!burstio) {
    406. 

  406. 			len = min(4096 - (uiop->uio_offset % 4096), tsiz);
    407. 

  407. 			len = min(len, conn->buffer_size);
    408. 

  408. 			error = ncp_rq_alloc(72, conn, uiop->uio_procp, cred, &rqp);
    409. 

  409. 			if (error)
    410. 

  410. 				break;
    411. 

  411. 			mbp = &rqp->rq;
    412. 

  412. 			mb_put_uint8(mbp, 0);
    413. 

  413. 			mb_put_mem(mbp, (caddr_t)file, 6, MB_MSYSTEM);
    414. 

  414. 			mb_put_uint32be(mbp, uiop->uio_offset);
    415. 

  415. 			mb_put_uint16be(mbp, len);
    416. 

  416. 			rqp->nr_minrplen = 2;
    417. 

  417. 			error = ncp_request(rqp);
    418. 

  418. 			if (error)
    419. 

  419. 				break;
    420. 

  420. 			md_get_uint16be(&rqp->rp, &retlen);
    421. 

  421. 			if (uiop->uio_offset & 1)
    422. 

  422. 				md_get_mem(&rqp->rp, NULL, 1, MB_MSYSTEM);
    423. 

  423. 			error = md_get_uio(&rqp->rp, uiop, retlen);
    424. 

  424. 			ncp_rq_done(rqp);
    425. 

  425. 		} else {
    426. 

  426. #ifdef NCPBURST
    427. 

  427. 			error = ncp_burst_read(conn, file, tsiz, &len, &retlen, uiop, cred);
    428. 

  428. #endif
    429. 

  429. 		}
    430. 

  430. 		if (error)
    431. 

  431. 			break;
    432. 

  432. 		tsiz -= retlen;
    433. 

  433. 		if (retlen < len)
    434. 

  434. 			break;
    435. 

  435. 	}
    436. 

  436. 	return (error);
    437. 

  437. }
    438. 

  438. 

  439. int
    440. 

  440. ncp_write(struct ncp_conn *conn, ncp_fh *file, struct uio *uiop, struct ucred *cred)
    441. 

  441. {
    442. 

  442. 	struct ncp_rq *rqp;
    443. 

  443. 	struct mbchain *mbp;
    444. 

  444. 	int error = 0, len, tsiz, backup;
    445. 

  445. 

  446. 	if (uiop->uio_iovcnt != 1) {
    447. 

  447. 		printf("%s: can't handle iovcnt>1 !!!\n", __func__);
    448. 

  448. 		return EIO;
    449. 

  449. 	}
    450. 

  450. 	tsiz = uiop->uio_resid;
    451. 

  451. 	while (tsiz > 0) {
    452. 

  452. 		len = min(4096 - (uiop->uio_offset % 4096), tsiz);
    453. 

  453. 		len = min(len, conn->buffer_size);
    454. 

  454. 		if (len == 0) {
    455. 

  455. 			printf("gotcha!\n");
    456. 

  456. 		}
    457. 

  457. 		/* rq head */
    458. 

  458. 		error = ncp_rq_alloc(73, conn, uiop->uio_procp, cred, &rqp);
    459. 

  459. 		if (error)
    460. 

  460. 			break;
    461. 

  461. 		mbp = &rqp->rq;
    462. 

  462. 		mb_put_uint8(mbp, 0);
    463. 

  463. 		mb_put_mem(mbp, (caddr_t)file, 6, MB_MSYSTEM);
    464. 

  464. 		mb_put_uint32be(mbp, uiop->uio_offset);
    465. 

  465. 		mb_put_uint16be(mbp, len);
    466. 

  466. 		error = mb_put_uio(mbp, uiop, len);
    467. 

  467. 		if (error) {
    468. 

  468. 			ncp_rq_done(rqp);
    469. 

  469. 			break;
    470. 

  470. 		}
    471. 

  471. 		error = ncp_request(rqp);
    472. 

  472. 		if (!error)
    473. 

  473. 			ncp_rq_done(rqp);
    474. 

  474. 		if (len == 0)
    475. 

  475. 			break;
    476. 

  476. 		if (error) {
    477. 

  477. 			backup = len;
    478. 

  478. 			uiop->uio_iov->iov_base =
    479. 

  479. 			    (char *)uiop->uio_iov->iov_base - backup;
    480. 

  480. 			uiop->uio_iov->iov_len += backup;
    481. 

  481. 			uiop->uio_offset -= backup;
    482. 

  482. 			uiop->uio_resid += backup;
    483. 

  483. 			break;
    484. 

  484. 		}
    485. 

  485. 		tsiz -= len;
    486. 

  486. 	}
    487. 

  487. 	if (error)
    488. 

  488. 		uiop->uio_resid = tsiz;
    489. 

  489. 	switch (error) {
    490. 

  490. 	    case NWE_INSUFFICIENT_SPACE:
    491. 

  491. 		error = ENOSPC;
    492. 

  492. 		break;
    493. 

  493. 	}
    494. 

  494. 	return (error);
    495. 

  495. }
    496. 

  496.