smbclient modified to use cli_establish_connection(). smbclient therefore

now uses improved authentication.  smbclient now "broken" for "scripts"
based on DEBUG() output.  cli_establish_connection() requires modification
to support old scripts.
(This used to be commit b0539d43407cb2b0bab7977908de09b21b145218)

3 files changed, 61 insertions, 63 deletions

diff --git a/source3/client/client.c b/source3/client/client.c
index 895cfb1456..7214b4746e 100644
--- a/source3/client/client.c
+++ b/source3/client/client.c
@@ -1622,13 +1622,20 @@ return a connection to a server
 *******************************************************/
 struct cli_state *do_connect(char *server, char *share, int smb_port)
 {
-	struct cli_state *c;
-	struct nmb_name called, calling;
+	struct cli_state *smb_cli;
+	struct nmb_name called, calling, stupid_smbserver_called;
 	char *server_n;
 	struct in_addr ip;
 	extern struct in_addr ipzero;
 
-	if (*share == '\\') {
+	if ((smb_cli=cli_initialise(NULL)) == NULL)
+	{
+		DEBUG(1,("cli_initialise failed\n"));
+		return NULL;
+	}
+
+	if (*share == '\\')
+	{
 		server = share+2;
 		share = strchr(server,'\\');
 		if (!share) return NULL;
@@ -1642,78 +1649,52 @@ struct cli_state *do_connect(char *server, char *share, int smb_port)
 
 	make_nmb_name(&calling, global_myname, 0x0, "");
 	make_nmb_name(&called , server, name_type, "");
+	make_nmb_name(&stupid_smbserver_called , "*SMBSERVER", 0x20, scope);
 
-	if (smb_port == 0)
-	  smb_port = 139;   /* If not set, set to 139, FIXME, NUMBERS BAD */
+	fstrcpy(smb_cli->user_name, username);
+	fstrcpy(smb_cli->domain, workgroup);
 
- again:
 	ip = ipzero;
 	if (have_ip) ip = dest_ip;
 
-	/* have to open a new connection */
-	if (!(c=cli_initialise(NULL)) || (cli_set_port(c, smb_port) == 0) ||
-            !cli_connect(c, server_n, &ip)) {
-		DEBUG(0,("Connection to %s failed\n", server_n));
+	if (cli_set_port(smb_cli, smb_port) == 0)
+	{
 		return NULL;
 	}
 
-	if (!cli_session_request(c, &calling, &called)) {
-		DEBUG(0,("session request to %s failed\n", called.name));
-		cli_shutdown(c);
-		if (strcmp(called.name, "*SMBSERVER")) {
-			make_nmb_name(&called , "*SMBSERVER", 0x20, "");
-			goto again;
+	/* set the password cache info */
+	if (got_pass)
+	{
+		if (password[0] == 0)
+		{
+			pwd_set_nullpwd(&(smb_cli->pwd));
 		}
-		return NULL;
-	}
-
-	DEBUG(4,(" session request ok\n"));
-
-	if (!cli_negprot(c)) {
-		DEBUG(0,("protocol negotiation failed\n"));
-		cli_shutdown(c);
-		return NULL;
-	}
-
-	if (!got_pass) {
-		char *pass = getpass("Password: ");
-		if (pass) {
-			pstrcpy(password, pass);
+		else
+		{
+			/* generate 16 byte hashes */
+			pwd_make_lm_nt_16(&(smb_cli->pwd), password);
 		}
 	}
-
-	if (!cli_session_setup(c, username, 
-			       password, strlen(password),
-			       password, strlen(password),
-			       workgroup)) {
-		DEBUG(0,("session setup failed: %s\n", cli_errstr(c)));
-		return NULL;
+	else 
+	{
+		pwd_read(&(smb_cli->pwd), "Password:", True);
 	}
 
-	/*
-	 * These next two lines are needed to emulate
-	 * old client behaviour for people who have
-	 * scripts based on client output.
-	 * QUESTION ? Do we want to have a 'client compatibility
-	 * mode to turn these on/off ? JRA.
-	 */
+	/* paranoia: destroy the local copy of the password */
+	bzero(password, sizeof(password)); 
 
-	if (*c->server_domain || *c->server_os || *c->server_type)
-		DEBUG(1,("Domain=[%s] OS=[%s] Server=[%s]\n",
-			c->server_domain,c->server_os,c->server_type));
-	
-	DEBUG(4,(" session setup ok\n"));
+	smb_cli->use_ntlmv2 = lp_client_ntlmv2();
 
-	if (!cli_send_tconX(c, share, "?????",
-			    password, strlen(password)+1)) {
-		DEBUG(0,("tree connect failed: %s\n", cli_errstr(c)));
-		cli_shutdown(c);
+	if (!cli_establish_connection(smb_cli, server, &ip, &calling, &called,
+	                              share, "?????", False, True) &&
+	    !cli_establish_connection(smb_cli, server, &ip,
+	                              &calling, &stupid_smbserver_called,
+	                              share, "?????", False, True))
+	{
 		return NULL;
 	}
-
-	DEBUG(4,(" tconx ok\n"));
-
-	return c;
+		
+	return smb_cli;
 }
 
 
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index 8d3508d98f..cc51ab0c4b 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -754,6 +754,7 @@ BOOL cli_session_setup_x(struct cli_state *cli,
 		strupper(p);
 		p = skip_string(p,1);
 		pstrcpy(p,user_domain);
+		strupper(p);
 		p = skip_string(p,1);
 		pstrcpy(p,"Unix");p = skip_string(p,1);
 		CVAL(p, 0) = 0; p++;
@@ -2851,6 +2852,16 @@ BOOL cli_establish_connection(struct cli_state *cli,
 			return False;
 		}
 
+		DEBUG(1,("session setup ok\n"));
+
+		if (*cli->server_domain || *cli->server_os || *cli->server_type)
+		{
+			DEBUG(1,("Domain=[%s] OS=[%s] Server=[%s]\n",
+			     cli->server_domain,
+		             cli->server_os,
+		             cli->server_type));
+		}
+	
 		if (do_tcon)
 		{
 			if (!cli_send_tconX(cli, service, service_type,
diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c
index 852e5327cf..abee4f3f19 100644
--- a/source3/libsmb/smbencrypt.c
+++ b/source3/libsmb/smbencrypt.c
@@ -239,11 +239,17 @@ static char np_cli_chal[58] =
 
 void SMBgenclientchals(char *lm_cli_chal,
 				char *nt_cli_chal, int *nt_cli_chal_len,
-				const char *srv, const char *domain)
+				const char *srv, const char *dom)
 {
 	NTTIME nt_time;
 	int srv_len = strlen(srv);
-	int dom_len = strlen(domain);
+	int dom_len = strlen(dom);
+	fstring server;
+	fstring domain;
+	fstrcpy(server, srv);
+	fstrcpy(domain, dom);
+	strupper(server);
+	strupper(domain);
 
 	generate_random_buffer(lm_cli_chal, 8, False);
 	unix_to_nt_time(&nt_time, time(NULL));
@@ -271,13 +277,13 @@ void SMBgenclientchals(char *lm_cli_chal,
 	*nt_cli_chal_len += 2;
 	SSVAL(nt_cli_chal, 30, srv_len*2);
 	*nt_cli_chal_len += 2;
-	ascii_to_unibuf(nt_cli_chal+(*nt_cli_chal_len), srv, srv_len*2);
+	ascii_to_unibuf(nt_cli_chal+(*nt_cli_chal_len), server, srv_len*2);
 	*nt_cli_chal_len += srv_len*2;
 
 	SSVAL(nt_cli_chal, 24, (*nt_cli_chal_len)+16);
 	SSVAL(nt_cli_chal, 26, (*nt_cli_chal_len)+15);
 
-	DEBUG(100,("SMBgenclientchals: srv %s, dom %s\n", srv, domain));
+	DEBUG(100,("SMBgenclientchals: srv %s, dom %s\n", server, domain));
 	dump_data(100, nt_cli_chal, *nt_cli_chal_len);
 }
 
@@ -294,7 +300,7 @@ void ntv2_owf_gen(const uchar owf[16],
 	int domain_l = strlen(domain_n);
 
 	_my_mbstowcsupper((int16*)user_u, user_n  , user_l*2  );
-	_my_mbstowcs((int16*)dom_u , domain_n, domain_l*2);
+	_my_mbstowcsupper((int16*)dom_u , domain_n, domain_l*2);
 
 	hmac_md5_init_limK_to_64(owf, 16, &ctx);
 	hmac_md5_update(user_u, user_l*2, &ctx);