summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2005-03-21 23:35:58 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:11:09 -0500
commit13b0776f60f6a0f35a4afc2b3d3c6b5ec9c1ca6a (patch)
tree8eddfcb0dd18a9cee4c1de4fbd3ee98f05cd27e6
parent05bc2d7b2c11a3583a6d1221cfbd618eb6730518 (diff)
downloadsamba-13b0776f60f6a0f35a4afc2b3d3c6b5ec9c1ca6a.tar.gz
samba-13b0776f60f6a0f35a4afc2b3d3c6b5ec9c1ca6a.tar.bz2
samba-13b0776f60f6a0f35a4afc2b3d3c6b5ec9c1ca6a.zip
r5929: Use cli_credentials for the SMB functions as well.
Fix a couple of bugs in the new cli_credentials code (This used to be commit 4ad481cfe5cde514d2ef9646147239f3faaa6173)
-rw-r--r--source4/client/client.c4
-rw-r--r--source4/include/credentials.h2
-rw-r--r--source4/lib/cmdline/popt_common.c5
-rw-r--r--source4/lib/credentials.c13
-rw-r--r--source4/libcli/cliconnect.c26
-rw-r--r--source4/libcli/raw/clitree.c11
-rw-r--r--source4/librpc/rpc/dcerpc_util.c10
-rw-r--r--source4/torture/gentest.c29
-rw-r--r--source4/torture/locktest.c16
-rw-r--r--source4/torture/masktest.c19
-rw-r--r--source4/torture/torture.c12
11 files changed, 52 insertions, 95 deletions
diff --git a/source4/client/client.c b/source4/client/client.c
index cd580dc756..a1a055c9be 100644
--- a/source4/client/client.c
+++ b/source4/client/client.c
@@ -3045,9 +3045,7 @@ static struct smbcli_state *do_connect(const char *server, const char *share, st
}
status = smbcli_full_connection(NULL, &c, lp_netbios_name(), server,
- share, NULL, cli_credentials_get_username(cred),
- cli_credentials_get_domain(cred),
- cli_credentials_get_password(cred));
+ share, NULL, cred);
if (!NT_STATUS_IS_OK(status)) {
d_printf("Connection to \\\\%s\\%s failed - %s\n",
server, share, nt_errstr(status));
diff --git a/source4/include/credentials.h b/source4/include/credentials.h
index a97bcfa333..7b223dad5a 100644
--- a/source4/include/credentials.h
+++ b/source4/include/credentials.h
@@ -51,5 +51,3 @@ struct cli_credentials {
void *priv_data;
};
-
-#define cli_credentials_is_anonymous(c) (!(c) || !(c)->username || !(c)->username[0])
diff --git a/source4/lib/cmdline/popt_common.c b/source4/lib/cmdline/popt_common.c
index 0792a16b3d..b0b5073e62 100644
--- a/source4/lib/cmdline/popt_common.c
+++ b/source4/lib/cmdline/popt_common.c
@@ -195,11 +195,10 @@ static void popt_common_credentials_callback(poptContext con,
{
char *lp;
- cli_credentials_parse_string(cmdline_credentials,arg, CRED_SPECIFIED);
+ cli_credentials_parse_string(cmdline_credentials, arg, CRED_SPECIFIED);
if ((lp=strchr_m(arg,'%'))) {
- *lp = 0;
- memset(strchr_m(arg,'%')+1,'X',strlen(cmdline_credentials->password));
+ memset(lp,0,strlen(cmdline_credentials->password));
}
}
break;
diff --git a/source4/lib/credentials.c b/source4/lib/credentials.c
index 1c65bd2aff..2601028e7e 100644
--- a/source4/lib/credentials.c
+++ b/source4/lib/credentials.c
@@ -298,8 +298,7 @@ void cli_credentials_guess(struct cli_credentials *cred)
if (getenv("USER")) {
cli_credentials_parse_string(cred, getenv("USER"), CRED_GUESSED);
if ((p = strchr_m(getenv("USER"),'%'))) {
- *p = 0;
- memset(strchr_m(getenv("USER"),'%')+1,'X',strlen(cred->password));
+ memset(p,0,strlen(cred->password));
}
}
@@ -319,3 +318,13 @@ void cli_credentials_guess(struct cli_credentials *cred)
cli_credentials_parse_password_file(cred, getenv("PASSWD_FILE"), CRED_GUESSED);
}
}
+
+BOOL cli_credentials_is_anonymous(struct cli_credentials *credentials)
+{
+ const char *username = cli_credentials_get_username(credentials);
+
+ if (!username || !username[0])
+ return True;
+
+ return False;
+}
diff --git a/source4/libcli/cliconnect.c b/source4/libcli/cliconnect.c
index f391b6bc0d..3834d49e49 100644
--- a/source4/libcli/cliconnect.c
+++ b/source4/libcli/cliconnect.c
@@ -63,9 +63,7 @@ NTSTATUS smbcli_negprot(struct smbcli_state *cli)
/* wrapper around smb_raw_session_setup() */
NTSTATUS smbcli_session_setup(struct smbcli_state *cli,
- const char *user,
- const char *password,
- const char *domain)
+ struct cli_credentials *credentials)
{
struct smb_composite_sesssetup setup;
NTSTATUS status;
@@ -79,19 +77,19 @@ NTSTATUS smbcli_session_setup(struct smbcli_state *cli,
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities = cli->transport->negotiate.capabilities;
- if (!user || !user[0]) {
+ if (cli_credentials_is_anonymous(credentials)) {
setup.in.password = NULL;
setup.in.user = "";
setup.in.domain = "";
setup.in.capabilities &= ~CAP_EXTENDED_SECURITY;
} else {
if (cli->transport->negotiate.sec_mode & NEGOTIATE_SECURITY_USER_LEVEL) {
- setup.in.password = password;
+ setup.in.password = cli_credentials_get_password(credentials);
} else {
setup.in.password = NULL;
}
- setup.in.user = user;
- setup.in.domain = domain;
+ setup.in.user = cli_credentials_get_username(credentials);
+ setup.in.domain = cli_credentials_get_domain(credentials);
}
status = smb_composite_sesssetup(cli->session, &setup);
@@ -155,29 +153,19 @@ NTSTATUS smbcli_full_connection(TALLOC_CTX *parent_ctx,
const char *host,
const char *sharename,
const char *devtype,
- const char *username,
- const char *domain,
- const char *password)
+ struct cli_credentials *credentials)
{
struct smbcli_tree *tree;
NTSTATUS status;
- char *p;
TALLOC_CTX *mem_ctx;
mem_ctx = talloc_init("smbcli_full_connection");
*ret_cli = NULL;
- /* if the username is of the form DOMAIN\username then split out the domain */
- p = strpbrk(username, "\\/");
- if (p) {
- domain = talloc_strndup(mem_ctx, username, PTR_DIFF(p, username));
- username = talloc_strdup(mem_ctx, p+1);
- }
-
status = smbcli_tree_full_connection(parent_ctx,
&tree, myname, host, 0, sharename, devtype,
- username, domain, password);
+ credentials);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
diff --git a/source4/libcli/raw/clitree.c b/source4/libcli/raw/clitree.c
index 74db1c6952..0559c64dc1 100644
--- a/source4/libcli/raw/clitree.c
+++ b/source4/libcli/raw/clitree.c
@@ -167,8 +167,7 @@ NTSTATUS smbcli_tree_full_connection(TALLOC_CTX *parent_ctx,
const char *my_name,
const char *dest_host, int port,
const char *service, const char *service_type,
- const char *user, const char *domain,
- const char *password)
+ struct cli_credentials *credentials)
{
struct smb_composite_connect io;
NTSTATUS status;
@@ -179,10 +178,10 @@ NTSTATUS smbcli_tree_full_connection(TALLOC_CTX *parent_ctx,
io.in.calling_name = strupper_talloc(parent_ctx, my_name);
io.in.service = service;
io.in.service_type = service_type;
- io.in.domain = domain;
- io.in.user = user;
- if (user && user[0]) {
- io.in.password = password;
+ io.in.domain = cli_credentials_get_domain(credentials);
+ io.in.user = cli_credentials_get_username(credentials);
+ if (!cli_credentials_is_anonymous(credentials)) {
+ io.in.password = cli_credentials_get_password(credentials);
} else {
io.in.password = NULL;
}
diff --git a/source4/librpc/rpc/dcerpc_util.c b/source4/librpc/rpc/dcerpc_util.c
index 4b245fd24d..ed4015c878 100644
--- a/source4/librpc/rpc/dcerpc_util.c
+++ b/source4/librpc/rpc/dcerpc_util.c
@@ -914,11 +914,11 @@ NTSTATUS dcerpc_pipe_auth(struct dcerpc_pipe *p,
/* remember the binding string for possible secondary connections */
p->conn->binding_string = dcerpc_binding_string(p, binding);
- if (cli_credentials_is_anonymous(credentials) &&
+ if (!cli_credentials_is_anonymous(credentials) &&
(binding->flags & DCERPC_SCHANNEL_ANY)) {
status = dcerpc_bind_auth_schannel(p, pipe_uuid, pipe_version,
credentials);
- } else if (cli_credentials_is_anonymous(credentials)) {
+ } else if (!cli_credentials_is_anonymous(credentials)) {
uint8_t auth_type;
if (binding->flags & DCERPC_AUTH_SPNEGO) {
auth_type = DCERPC_AUTH_TYPE_SPNEGO;
@@ -984,15 +984,13 @@ static NTSTATUS dcerpc_pipe_connect_ncacn_np(struct dcerpc_pipe **pp,
cli_credentials_get_workstation(credentials),
binding->host,
"ipc$", NULL,
- "", "", NULL);
+ NULL);
} else {
status = smbcli_full_connection(p->conn, &cli,
cli_credentials_get_workstation(credentials),
binding->host,
"ipc$", NULL,
- cli_credentials_get_username(credentials),
- cli_credentials_get_domain(credentials),
- cli_credentials_get_password(credentials));
+ credentials);
}
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("Failed to connect to %s - %s\n", binding->host, nt_errstr(status)));
diff --git a/source4/torture/gentest.c b/source4/torture/gentest.c
index 19fa03df8c..92d6da9fef 100644
--- a/source4/torture/gentest.c
+++ b/source4/torture/gentest.c
@@ -60,8 +60,7 @@ static struct {
struct smbcli_state *cli[NINSTANCES];
char *server_name;
char *share_name;
- char *username;
- char *password;
+ struct cli_credentials credentials;
} servers[NSERVERS];
/* the seeds and flags for each operation */
@@ -176,14 +175,13 @@ static BOOL connect_servers(void)
NTSTATUS status;
printf("Connecting to \\\\%s\\%s as %s - instance %d\n",
servers[i].server_name, servers[i].share_name,
- servers[i].username, j);
+ servers[i].credentials.username, j);
+
status = smbcli_full_connection(NULL, &servers[i].cli[j],
"gentest",
servers[i].server_name,
- servers[i].share_name, NULL,
- servers[i].username,
- lp_workgroup(),
- servers[i].password);
+ servers[i].share_name, NULL,
+ &servers[i].credentials);
if (!NT_STATUS_IS_OK(status)) {
printf("Failed to connect to \\\\%s\\%s - %s\n",
servers[i].server_name, servers[i].share_name,
@@ -2137,13 +2135,8 @@ static void usage(void)
while ((opt = getopt(argc, argv, "U:s:o:ad:i:AOhS:LFXC")) != EOF) {
switch (opt) {
case 'U':
- i = servers[0].username?1:0;
- if (!split_username(optarg,
- &servers[i].username,
- &servers[i].password)) {
- printf("Must supply USER%%PASS\n");
- return -1;
- }
+ i = servers[0].credentials.username?1:0;
+ cli_credentials_parse_string(&servers[0].credentials, optarg, CRED_SPECIFIED);
break;
case 'd':
DEBUGLEVEL = atoi(optarg);
@@ -2193,13 +2186,13 @@ static void usage(void)
gentest_init_subsystems;
- if (!servers[0].username) {
+ if (!servers[0].credentials.username) {
usage();
return -1;
}
- if (!servers[1].username) {
- servers[1].username = servers[0].username;
- servers[1].password = servers[0].password;
+ if (!servers[1].credentials.username) {
+ servers[1].credentials.username = servers[0].credentials.username;
+ servers[1].credentials.password = servers[0].credentials.password;
}
printf("seed=%u\n", options.seed);
diff --git a/source4/torture/locktest.c b/source4/torture/locktest.c
index 74f348638c..005f9af71b 100644
--- a/source4/torture/locktest.c
+++ b/source4/torture/locktest.c
@@ -47,10 +47,7 @@ static BOOL zero_zero;
#define NASTY_POSIX_LOCK_HACK 0
-static struct {
- char *username;
- char *password;
-} servers[NSERVERS];
+static struct cli_credentials servers[NSERVERS];
enum lock_op {OP_LOCK, OP_UNLOCK, OP_REOPEN};
@@ -124,8 +121,7 @@ static struct smbcli_state *connect_one(char *share, int snum)
status = smbcli_full_connection(NULL, &c, myname,
server,
share, NULL,
- servers[snum].username, lp_workgroup(),
- servers[snum].password);
+ &servers[snum]);
if (!NT_STATUS_IS_OK(status)) {
sleep(2);
}
@@ -487,12 +483,8 @@ static void usage(void)
switch (opt) {
case 'U':
i = servers[0].username?1:0;
- if (!split_username(optarg,
- &servers[i].username,
- &servers[i].password)) {
- printf("Must supply USER%%PASS\n");
- return -1;
- }
+ cli_credentials_parse_string(&servers[0], optarg, CRED_SPECIFIED);
+
break;
case 'R':
lock_range = strtol(optarg, NULL, 0);
diff --git a/source4/torture/masktest.c b/source4/torture/masktest.c
index 4c71385ad0..00a0c2688d 100644
--- a/source4/torture/masktest.c
+++ b/source4/torture/masktest.c
@@ -25,8 +25,7 @@
#include "libcli/raw/libcliraw.h"
#include "system/time.h"
-static fstring password;
-static fstring username;
+static struct cli_credentials credentials;
static BOOL showall = False;
static BOOL old_list = False;
static const char *maskchars = "<>\"?*abc.";
@@ -81,8 +80,7 @@ static struct smbcli_state *connect_one(char *share)
status = smbcli_full_connection(NULL, &c, "masktest",
server,
share, NULL,
- username, lp_workgroup(),
- password);
+ &credentials);
if (!NT_STATUS_IS_OK(status)) {
return NULL;
@@ -274,7 +272,6 @@ static void usage(void)
char *share;
struct smbcli_state *cli;
int opt;
- char *p;
int seed;
setlinebuf(stdout);
@@ -300,9 +297,8 @@ static void usage(void)
lp_load(dyn_CONFIGFILE,True,False,False);
load_interfaces();
- if (getenv("USER")) {
- fstrcpy(username,getenv("USER"));
- }
+ ZERO_STRUCT(credentials);
+ cli_credentials_guess(&credentials);
seed = time(NULL);
@@ -326,12 +322,7 @@ static void usage(void)
lp_set_cmdline("max protocol", optarg);
break;
case 'U':
- fstrcpy(username,optarg);
- p = strchr_m(username,'%');
- if (p) {
- *p = 0;
- fstrcpy(password, p+1);
- }
+ cli_credentials_parse_string(&credentials, optarg, CRED_SPECIFIED);
break;
case 's':
seed = atoi(optarg);
diff --git a/source4/torture/torture.c b/source4/torture/torture.c
index dce91452f1..cdc9efbf7c 100644
--- a/source4/torture/torture.c
+++ b/source4/torture/torture.c
@@ -80,16 +80,12 @@ BOOL torture_open_connection_share(struct smbcli_state **c,
const char *sharename)
{
NTSTATUS status;
- const char *username = cli_credentials_get_username(cmdline_credentials);
- const char *userdomain = cli_credentials_get_domain(cmdline_credentials);
- const char *password = cli_credentials_get_password(cmdline_credentials);
status = smbcli_full_connection(NULL,
c, lp_netbios_name(),
hostname,
sharename, NULL,
- username, username[0]?userdomain:"",
- password);
+ cmdline_credentials);
if (!NT_STATUS_IS_OK(status)) {
printf("Failed to open connection - %s\n", nt_errstr(status));
return False;
@@ -726,16 +722,12 @@ static BOOL run_tcon_devtype_test(void)
BOOL ret = True;
const char *host = lp_parm_string(-1, "torture", "host");
const char *share = lp_parm_string(-1, "torture", "share");
- const char *username = cli_credentials_get_username(cmdline_credentials);
- const char *userdomain = cli_credentials_get_domain(cmdline_credentials);
- const char *password = cli_credentials_get_password(cmdline_credentials);
status = smbcli_full_connection(NULL,
&cli1, lp_netbios_name(),
host,
share, NULL,
- username, userdomain,
- password);
+ cmdline_credentials);
if (!NT_STATUS_IS_OK(status)) {
printf("could not open connection\n");