summaryrefslogtreecommitdiff
path: root/source3/libsmb
diff options
context:
space:
mode:
authorGerald (Jerry) Carter <jerry@samba.org>2007-10-10 15:34:30 -0500
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 15:34:30 -0500
commite5a951325a6cac8567af3a66de6d2df577508ae4 (patch)
tree34da9fe59f3c2d7f8edb072144443a9704197831 /source3/libsmb
parent57482469b32645250e92a7ffd003aeeb4a42235e (diff)
downloadsamba-e5a951325a6cac8567af3a66de6d2df577508ae4.tar.gz
samba-e5a951325a6cac8567af3a66de6d2df577508ae4.tar.bz2
samba-e5a951325a6cac8567af3a66de6d2df577508ae4.zip
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch.
(This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
Diffstat (limited to 'source3/libsmb')
-rw-r--r--source3/libsmb/cliconnect.c25
-rw-r--r--source3/libsmb/clidgram.c2
-rw-r--r--source3/libsmb/clientgen.c96
-rw-r--r--source3/libsmb/clierror.c5
-rw-r--r--source3/libsmb/clifile.c44
-rw-r--r--source3/libsmb/clifsinfo.c324
-rw-r--r--source3/libsmb/clilist.c4
-rw-r--r--source3/libsmb/climessage.c6
-rw-r--r--source3/libsmb/clioplock.c2
-rw-r--r--source3/libsmb/cliprint.c4
-rw-r--r--source3/libsmb/clireadwrite.c14
-rw-r--r--source3/libsmb/clitrans.c8
-rw-r--r--source3/libsmb/errormap.c106
-rw-r--r--source3/libsmb/libsmbclient.c76
-rw-r--r--source3/libsmb/smb_seal.c496
15 files changed, 112 insertions, 1100 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 820a904ea4..78cc63de50 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -98,7 +98,7 @@ static NTSTATUS cli_session_setup_lanman2(struct cli_state *cli,
/* send a session setup command */
memset(cli->outbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,10, 0, True);
+ set_message(cli->outbuf,10, 0, True);
SCVAL(cli->outbuf,smb_com,SMBsesssetupX);
cli_setup_packet(cli);
@@ -168,7 +168,7 @@ static NTSTATUS cli_session_setup_guest(struct cli_state *cli)
uint32 capabilities = cli_session_setup_capabilities(cli);
memset(cli->outbuf, '\0', smb_size);
- set_message(NULL,cli->outbuf,13,0,True);
+ set_message(cli->outbuf,13,0,True);
SCVAL(cli->outbuf,smb_com,SMBsesssetupX);
cli_setup_packet(cli);
@@ -228,7 +228,7 @@ static NTSTATUS cli_session_setup_plaintext(struct cli_state *cli,
fstr_sprintf( lanman, "Samba %s", SAMBA_VERSION_STRING);
memset(cli->outbuf, '\0', smb_size);
- set_message(NULL,cli->outbuf,13,0,True);
+ set_message(cli->outbuf,13,0,True);
SCVAL(cli->outbuf,smb_com,SMBsesssetupX);
cli_setup_packet(cli);
@@ -377,7 +377,7 @@ static NTSTATUS cli_session_setup_nt1(struct cli_state *cli, const char *user,
/* send a session setup command */
memset(cli->outbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,13,0,True);
+ set_message(cli->outbuf,13,0,True);
SCVAL(cli->outbuf,smb_com,SMBsesssetupX);
cli_setup_packet(cli);
@@ -457,7 +457,7 @@ static BOOL cli_session_setup_blob_send(struct cli_state *cli, DATA_BLOB blob)
/* send a session setup command */
memset(cli->outbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,12,0,True);
+ set_message(cli->outbuf,12,0,True);
SCVAL(cli->outbuf,smb_com,SMBsesssetupX);
cli_setup_packet(cli);
@@ -765,7 +765,7 @@ static NTSTATUS cli_session_setup_ntlmssp(struct cli_state *cli, const char *use
}
}
- /* we have a reference counter on ntlmssp_state, if we are signing
+ /* we have a reference conter on ntlmssp_state, if we are signing
then the state will be kept by the signing engine */
ntlmssp_end(&ntlmssp_state);
@@ -978,6 +978,7 @@ NTSTATUS cli_session_setup(struct cli_state *cli,
}
return NT_STATUS_OK;
+
}
/****************************************************************************
@@ -987,7 +988,7 @@ NTSTATUS cli_session_setup(struct cli_state *cli,
BOOL cli_ulogoff(struct cli_state *cli)
{
memset(cli->outbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,2,0,True);
+ set_message(cli->outbuf,2,0,True);
SCVAL(cli->outbuf,smb_com,SMBulogoffX);
cli_setup_packet(cli);
SSVAL(cli->outbuf,smb_vwv0,0xFF);
@@ -1064,7 +1065,7 @@ BOOL cli_send_tconX(struct cli_state *cli,
slprintf(fullshare, sizeof(fullshare)-1,
"\\\\%s\\%s", cli->desthost, share);
- set_message(NULL,cli->outbuf,4, 0, True);
+ set_message(cli->outbuf,4, 0, True);
SCVAL(cli->outbuf,smb_com,SMBtconX);
cli_setup_packet(cli);
@@ -1115,7 +1116,7 @@ BOOL cli_send_tconX(struct cli_state *cli,
BOOL cli_tdis(struct cli_state *cli)
{
memset(cli->outbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,0,0,True);
+ set_message(cli->outbuf,0,0,True);
SCVAL(cli->outbuf,smb_com,SMBtdis);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
cli_setup_packet(cli);
@@ -1147,7 +1148,7 @@ void cli_negprot_send(struct cli_state *cli)
memset(cli->outbuf,'\0',smb_size);
/* setup the protocol strings */
- set_message(NULL,cli->outbuf,0,0,True);
+ set_message(cli->outbuf,0,0,True);
p = smb_buf(cli->outbuf);
for (numprots=0;
@@ -1187,7 +1188,7 @@ BOOL cli_negprot(struct cli_state *cli)
numprots++)
plength += strlen(prots[numprots].name)+2;
- set_message(NULL,cli->outbuf,0,plength,True);
+ set_message(cli->outbuf,0,plength,True);
p = smb_buf(cli->outbuf);
for (numprots=0;
@@ -1720,7 +1721,7 @@ NTSTATUS cli_raw_tcon(struct cli_state *cli,
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf, 0, 0, True);
+ set_message(cli->outbuf, 0, 0, True);
SCVAL(cli->outbuf,smb_com,SMBtcon);
cli_setup_packet(cli);
diff --git a/source3/libsmb/clidgram.c b/source3/libsmb/clidgram.c
index 7a6ee17f4a..f170834fa9 100644
--- a/source3/libsmb/clidgram.c
+++ b/source3/libsmb/clidgram.c
@@ -69,7 +69,7 @@ BOOL cli_send_mailslot(struct messaging_context *msg_ctx,
/* Setup the smb part. */
ptr -= 4; /* XXX Ugliness because of handling of tcp SMB length. */
memcpy(tmp,ptr,4);
- set_message(NULL,ptr,17,strlen(mailslot) + 1 + len,True);
+ set_message(ptr,17,strlen(mailslot) + 1 + len,True);
memcpy(ptr,tmp,4);
SCVAL(ptr,smb_com,SMBtrans);
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index a23e0184d7..1e3af9a3d7 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -48,18 +48,15 @@ int cli_set_port(struct cli_state *cli, int port)
*MUST* be of size BUFFER_SIZE+SAFETY_MARGIN.
The timeout is in milliseconds
- This is exactly the same as receive_smb except that it can be set to never return
+ This is exactly the same as receive_smb except that it never returns
a session keepalive packet (just as receive_smb used to do).
receive_smb was changed to return keepalives as the oplock processing means this call
should never go into a blocking read.
****************************************************************************/
-static ssize_t client_receive_smb(struct cli_state *cli, BOOL eat_keepalives, size_t maxlen)
+static ssize_t client_receive_smb(int fd,char *buffer, unsigned int timeout, size_t maxlen)
{
ssize_t len;
- int fd = cli->fd;
- char *buffer = cli->inbuf;
- unsigned int timeout = cli->timeout;
for(;;) {
len = receive_smb_raw(fd, buffer, timeout, maxlen);
@@ -71,22 +68,8 @@ static ssize_t client_receive_smb(struct cli_state *cli, BOOL eat_keepalives, si
}
/* Ignore session keepalive packets. */
- if (eat_keepalives && (CVAL(buffer,0) == SMBkeepalive)) {
- continue;
- }
- break;
- }
-
- if (cli_encryption_on(cli)) {
- NTSTATUS status = cli_decrypt_message(cli);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, ("SMB decryption failed on incoming packet! Error %s\n",
- nt_errstr(status)));
- cli->smb_rw_error = READ_BAD_DECRYPT;
- close(cli->fd);
- cli->fd = -1;
- return -1;
- }
+ if(CVAL(buffer,0) != SMBkeepalive)
+ break;
}
show_msg(buffer);
return len;
@@ -96,7 +79,7 @@ static ssize_t client_receive_smb(struct cli_state *cli, BOOL eat_keepalives, si
Recv an smb.
****************************************************************************/
-BOOL cli_receive_smb_internal(struct cli_state *cli, BOOL eat_keepalives)
+BOOL cli_receive_smb(struct cli_state *cli)
{
ssize_t len;
@@ -105,12 +88,7 @@ BOOL cli_receive_smb_internal(struct cli_state *cli, BOOL eat_keepalives)
return False;
again:
- len = client_receive_smb(cli, eat_keepalives, 0);
-
- if (len >= 0 && !eat_keepalives && (CVAL(cli->inbuf,0) == SMBkeepalive)) {
- /* Give back the keepalive. */
- return True;
- }
+ len = client_receive_smb(cli->fd,cli->inbuf,cli->timeout, 0);
if (len > 0) {
/* it might be an oplock break request */
@@ -166,30 +144,11 @@ BOOL cli_receive_smb_internal(struct cli_state *cli, BOOL eat_keepalives)
close(cli->fd);
cli->fd = -1;
return False;
- }
-
+ };
return True;
}
/****************************************************************************
- Recv an smb - eat keepalives.
-****************************************************************************/
-
-BOOL cli_receive_smb(struct cli_state *cli)
-{
- return cli_receive_smb_internal(cli, True);
-}
-
-/****************************************************************************
- Recv an smb - return keepalives.
-****************************************************************************/
-
-BOOL cli_receive_smb_return_keepalive(struct cli_state *cli)
-{
- return cli_receive_smb_internal(cli, False);
-}
-
-/****************************************************************************
Read the data portion of a readX smb.
The timeout is in milliseconds
****************************************************************************/
@@ -205,7 +164,6 @@ ssize_t cli_receive_smb_data(struct cli_state *cli, char *buffer, size_t len)
/****************************************************************************
Read a smb readX header.
- We can only use this if encryption and signing are off.
****************************************************************************/
BOOL cli_receive_smb_readX_header(struct cli_state *cli)
@@ -218,7 +176,7 @@ BOOL cli_receive_smb_readX_header(struct cli_state *cli)
again:
/* Read up to the size of a readX header reply. */
- len = client_receive_smb(cli, True, (smb_size - 4) + 24);
+ len = client_receive_smb(cli->fd, cli->inbuf, cli->timeout, (smb_size - 4) + 24);
if (len > 0) {
/* it might be an oplock break request */
@@ -296,7 +254,7 @@ static ssize_t write_socket(int fd, const char *buf, size_t len)
DEBUG(6,("write_socket(%d,%d)\n",fd,(int)len));
ret = write_data(fd,buf,len);
-
+
DEBUG(6,("write_socket(%d,%d) wrote %d\n",fd,(int)len,(int)ret));
if(ret <= 0)
DEBUG(0,("write_socket: Error writing %d bytes to socket %d: ERRNO = %s\n",
@@ -314,36 +272,18 @@ BOOL cli_send_smb(struct cli_state *cli)
size_t len;
size_t nwritten=0;
ssize_t ret;
- char *buf_out = cli->outbuf;
- BOOL enc_on = cli_encryption_on(cli);
/* fd == -1 causes segfaults -- Tom (tom@ninja.nl) */
- if (cli->fd == -1) {
+ if (cli->fd == -1)
return False;
- }
cli_calculate_sign_mac(cli);
- if (enc_on) {
- NTSTATUS status = cli_encrypt_message(cli, &buf_out);
- if (!NT_STATUS_IS_OK(status)) {
- close(cli->fd);
- cli->fd = -1;
- cli->smb_rw_error = WRITE_ERROR;
- DEBUG(0,("Error in encrypting client message. Error %s\n",
- nt_errstr(status) ));
- return False;
- }
- }
-
- len = smb_len(buf_out) + 4;
+ len = smb_len(cli->outbuf) + 4;
while (nwritten < len) {
- ret = write_socket(cli->fd,buf_out+nwritten,len - nwritten);
+ ret = write_socket(cli->fd,cli->outbuf+nwritten,len - nwritten);
if (ret <= 0) {
- if (enc_on) {
- cli_free_enc_buffer(cli, buf_out);
- }
close(cli->fd);
cli->fd = -1;
cli->smb_rw_error = WRITE_ERROR;
@@ -353,14 +293,10 @@ BOOL cli_send_smb(struct cli_state *cli)
}
nwritten += ret;
}
-
- cli_free_enc_buffer(cli, buf_out);
-
/* Increment the mid so we can tell between responses. */
cli->mid++;
- if (!cli->mid) {
+ if (!cli->mid)
cli->mid++;
- }
return True;
}
@@ -401,7 +337,7 @@ void cli_setup_packet(struct cli_state *cli)
void cli_setup_bcc(struct cli_state *cli, void *p)
{
- set_message_bcc(NULL,cli->outbuf, PTR_DIFF(p, smb_buf(cli->outbuf)));
+ set_message_bcc(cli->outbuf, PTR_DIFF(p, smb_buf(cli->outbuf)));
}
/****************************************************************************
@@ -607,8 +543,6 @@ void cli_shutdown(struct cli_state *cli)
SAFE_FREE(cli->inbuf);
cli_free_signing_context(cli);
- cli_free_encryption_context(cli);
-
data_blob_free(&cli->secblob);
data_blob_free(&cli->user_session_key);
@@ -689,7 +623,7 @@ BOOL cli_echo(struct cli_state *cli, uint16 num_echos,
SMB_ASSERT(length < 1024);
memset(cli->outbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,1,length,True);
+ set_message(cli->outbuf,1,length,True);
SCVAL(cli->outbuf,smb_com,SMBecho);
SSVAL(cli->outbuf,smb_tid,65535);
SSVAL(cli->outbuf,smb_vwv0,num_echos);
diff --git a/source3/libsmb/clierror.c b/source3/libsmb/clierror.c
index 374fdfa5e4..be018074eb 100644
--- a/source3/libsmb/clierror.c
+++ b/source3/libsmb/clierror.c
@@ -83,7 +83,6 @@ static NTSTATUS cli_smb_rw_error_to_ntstatus(struct cli_state *cli)
case WRITE_ERROR:
return NT_STATUS_UNEXPECTED_NETWORK_ERROR;
case READ_BAD_SIG:
- case READ_BAD_DECRYPT:
return NT_STATUS_INVALID_PARAMETER;
default:
break;
@@ -133,10 +132,6 @@ const char *cli_errstr(struct cli_state *cli)
slprintf(cli_error_message, sizeof(cli_error_message) - 1,
"Server packet had invalid SMB signature!");
break;
- case READ_BAD_DECRYPT:
- slprintf(cli_error_message, sizeof(cli_error_message) - 1,
- "Server packet could not be decrypted !");
- break;
default:
slprintf(cli_error_message, sizeof(cli_error_message) - 1,
"Unknown error code %d\n", cli->smb_rw_error );
diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c
index 7e29c1bf1a..c7b39f0b8d 100644
--- a/source3/libsmb/clifile.c
+++ b/source3/libsmb/clifile.c
@@ -389,7 +389,7 @@ BOOL cli_rename(struct cli_state *cli, const char *fname_src, const char *fname_
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,1, 0, True);
+ set_message(cli->outbuf,1, 0, True);
SCVAL(cli->outbuf,smb_com,SMBmv);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -426,7 +426,7 @@ BOOL cli_ntrename(struct cli_state *cli, const char *fname_src, const char *fnam
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf, 4, 0, True);
+ set_message(cli->outbuf, 4, 0, True);
SCVAL(cli->outbuf,smb_com,SMBntrename);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -464,7 +464,7 @@ BOOL cli_nt_hardlink(struct cli_state *cli, const char *fname_src, const char *f
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf, 4, 0, True);
+ set_message(cli->outbuf, 4, 0, True);
SCVAL(cli->outbuf,smb_com,SMBntrename);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -502,7 +502,7 @@ BOOL cli_unlink_full(struct cli_state *cli, const char *fname, uint16 attrs)
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,1, 0,True);
+ set_message(cli->outbuf,1, 0,True);
SCVAL(cli->outbuf,smb_com,SMBunlink);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -547,7 +547,7 @@ BOOL cli_mkdir(struct cli_state *cli, const char *dname)
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,0, 0,True);
+ set_message(cli->outbuf,0, 0,True);
SCVAL(cli->outbuf,smb_com,SMBmkdir);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -582,7 +582,7 @@ BOOL cli_rmdir(struct cli_state *cli, const char *dname)
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,0, 0, True);
+ set_message(cli->outbuf,0, 0, True);
SCVAL(cli->outbuf,smb_com,SMBrmdir);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -664,7 +664,7 @@ int cli_nt_create_full(struct cli_state *cli, const char *fname,
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,24,0,True);
+ set_message(cli->outbuf,24,0,True);
SCVAL(cli->outbuf,smb_com,SMBntcreateX);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -758,7 +758,7 @@ int cli_open(struct cli_state *cli, const char *fname, int flags, int share_mode
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,15,0,True);
+ set_message(cli->outbuf,15,0,True);
SCVAL(cli->outbuf,smb_com,SMBopenX);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -805,7 +805,7 @@ BOOL cli_close(struct cli_state *cli, int fnum)
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,3,0,True);
+ set_message(cli->outbuf,3,0,True);
SCVAL(cli->outbuf,smb_com,SMBclose);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -837,7 +837,7 @@ NTSTATUS cli_locktype(struct cli_state *cli, int fnum,
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0', smb_size);
- set_message(NULL,cli->outbuf,8,0,True);
+ set_message(cli->outbuf,8,0,True);
SCVAL(cli->outbuf,smb_com,SMBlockingX);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -889,7 +889,7 @@ BOOL cli_lock(struct cli_state *cli, int fnum,
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0', smb_size);
- set_message(NULL,cli->outbuf,8,0,True);
+ set_message(cli->outbuf,8,0,True);
SCVAL(cli->outbuf,smb_com,SMBlockingX);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -942,7 +942,7 @@ BOOL cli_unlock(struct cli_state *cli, int fnum, uint32 offset, uint32 len)
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,8,0,True);
+ set_message(cli->outbuf,8,0,True);
SCVAL(cli->outbuf,smb_com,SMBlockingX);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -994,7 +994,7 @@ BOOL cli_lock64(struct cli_state *cli, int fnum,
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0', smb_size);
- set_message(NULL,cli->outbuf,8,0,True);
+ set_message(cli->outbuf,8,0,True);
SCVAL(cli->outbuf,smb_com,SMBlockingX);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -1049,7 +1049,7 @@ BOOL cli_unlock64(struct cli_state *cli, int fnum, SMB_BIG_UINT offset, SMB_BIG_
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,8,0,True);
+ set_message(cli->outbuf,8,0,True);
SCVAL(cli->outbuf,smb_com,SMBlockingX);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -1196,7 +1196,7 @@ BOOL cli_getattrE(struct cli_state *cli, int fd,
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,1,0,True);
+ set_message(cli->outbuf,1,0,True);
SCVAL(cli->outbuf,smb_com,SMBgetattrE);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -1248,7 +1248,7 @@ BOOL cli_getatr(struct cli_state *cli, const char *fname,
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,0,0,True);
+ set_message(cli->outbuf,0,0,True);
SCVAL(cli->outbuf,smb_com,SMBgetatr);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -1300,7 +1300,7 @@ BOOL cli_setattrE(struct cli_state *cli, int fd,
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,7,0,True);
+ set_message(cli->outbuf,7,0,True);
SCVAL(cli->outbuf,smb_com,SMBsetattrE);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -1339,7 +1339,7 @@ BOOL cli_setatr(struct cli_state *cli, const char *fname, uint16 attr, time_t t)
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,8,0,True);
+ set_message(cli->outbuf,8,0,True);
SCVAL(cli->outbuf,smb_com,SMBsetatr);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -1381,7 +1381,7 @@ BOOL cli_chkpath(struct cli_state *cli, const char *path)
*path2 = '\\';
memset(cli->outbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,0,0,True);
+ set_message(cli->outbuf,0,0,True);
SCVAL(cli->outbuf,smb_com,SMBcheckpath);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
cli_setup_packet(cli);
@@ -1408,7 +1408,7 @@ BOOL cli_chkpath(struct cli_state *cli, const char *path)
BOOL cli_dskattr(struct cli_state *cli, int *bsize, int *total, int *avail)
{
memset(cli->outbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,0,0,True);
+ set_message(cli->outbuf,0,0,True);
SCVAL(cli->outbuf,smb_com,SMBdskattr);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
cli_setup_packet(cli);
@@ -1437,7 +1437,7 @@ int cli_ctemp(struct cli_state *cli, const char *path, char **tmp_path)
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,3,0,True);
+ set_message(cli->outbuf,3,0,True);
SCVAL(cli->outbuf,smb_com,SMBctemp);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -1487,7 +1487,7 @@ NTSTATUS cli_raw_ioctl(struct cli_state *cli, int fnum, uint32 code, DATA_BLOB *
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf, 3, 0, True);
+ set_message(cli->outbuf, 3, 0, True);
SCVAL(cli->outbuf,smb_com,SMBioctl);
cli_setup_packet(cli);
diff --git a/source3/libsmb/clifsinfo.c b/source3/libsmb/clifsinfo.c
index 48865c98ca..d2f759b192 100644
--- a/source3/libsmb/clifsinfo.c
+++ b/source3/libsmb/clifsinfo.c
@@ -2,7 +2,6 @@
Unix SMB/CIFS implementation.
FS info functions
Copyright (C) Stefan (metze) Metzmacher 2003
- Copyright (C) Jeremy Allison 2007.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -302,326 +301,3 @@ cleanup:
return ret;
}
-
-/******************************************************************************
- Send/receive the request encryption blob.
-******************************************************************************/
-
-static NTSTATUS enc_blob_send_receive(struct cli_state *cli, DATA_BLOB *in, DATA_BLOB *out, DATA_BLOB *param_out)
-{
- uint16 setup;
- char param[4];
- char *rparam=NULL, *rdata=NULL;
- unsigned int rparam_count=0, rdata_count=0;
- NTSTATUS status = NT_STATUS_OK;
-
- setup = TRANSACT2_SETFSINFO;
-
- SSVAL(param,0,0);
- SSVAL(param,2,SMB_REQUEST_TRANSPORT_ENCRYPTION);
-
- if (!cli_send_trans(cli, SMBtrans2,
- NULL,
- 0, 0,
- &setup, 1, 0,
- param, 4, 0,
- (char *)in->data, in->length, CLI_BUFFER_SIZE)) {
- status = cli_nt_error(cli);
- goto out;
- }
-
- if (!cli_receive_trans(cli, SMBtrans2,
- &rparam, &rparam_count,
- &rdata, &rdata_count)) {
- status = cli_nt_error(cli);
- goto out;
- }
-
- if (cli_is_error(cli)) {
- status = cli_nt_error(cli);
- if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
- goto out;
- }
- }
-
- *out = data_blob(rdata, rdata_count);
- *param_out = data_blob(rparam, rparam_count);
-
- out:
-
- SAFE_FREE(rparam);
- SAFE_FREE(rdata);
- return status;
-}
-
-/******************************************************************************
- Make a client state struct.
-******************************************************************************/
-
-static struct smb_trans_enc_state *make_cli_enc_state(enum smb_trans_enc_type smb_enc_type)
-{
- struct smb_trans_enc_state *es = NULL;
- es = SMB_MALLOC_P(struct smb_trans_enc_state);
- if (!es) {
- return NULL;
- }
- ZERO_STRUCTP(es);
- es->smb_enc_type = smb_enc_type;
-
- if (smb_enc_type == SMB_TRANS_ENC_GSS) {
-#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5)
- es->s.gss_state = SMB_MALLOC_P(struct smb_tran_enc_state_gss);
- if (!es->s.gss_state) {
- SAFE_FREE(es);
- return NULL;
- }
- ZERO_STRUCTP(es->s.gss_state);
-#else
- DEBUG(0,("make_cli_enc_state: no krb5 compiled.\n"));
- SAFE_FREE(es);
- return NULL;
-#endif
- }
- return es;
-}
-
-/******************************************************************************
- Start a raw ntlmssp encryption.
-******************************************************************************/
-
-NTSTATUS cli_raw_ntlm_smb_encryption_start(struct cli_state *cli,
- const char *user,
- const char *pass,
- const char *domain)
-{
- DATA_BLOB blob_in = data_blob_null;
- DATA_BLOB blob_out = data_blob_null;
- DATA_BLOB param_out = data_blob_null;
- NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
- struct smb_trans_enc_state *es = make_cli_enc_state(SMB_TRANS_ENC_NTLM);
-
- if (!es) {
- return NT_STATUS_NO_MEMORY;
- }
- status = ntlmssp_client_start(&es->s.ntlmssp_state);
- if (!NT_STATUS_IS_OK(status)) {
- goto fail;
- }
-
- ntlmssp_want_feature(es->s.ntlmssp_state, NTLMSSP_FEATURE_SESSION_KEY);
- es->s.ntlmssp_state->neg_flags |= (NTLMSSP_NEGOTIATE_SIGN|NTLMSSP_NEGOTIATE_SEAL);
-
- if (!NT_STATUS_IS_OK(status = ntlmssp_set_username(es->s.ntlmssp_state, user))) {
- goto fail;
- }
- if (!NT_STATUS_IS_OK(status = ntlmssp_set_domain(es->s.ntlmssp_state, domain))) {
- goto fail;
- }
- if (!NT_STATUS_IS_OK(status = ntlmssp_set_password(es->s.ntlmssp_state, pass))) {
- goto fail;
- }
-
- do {
- status = ntlmssp_update(es->s.ntlmssp_state, blob_in, &blob_out);
- data_blob_free(&blob_in);
- data_blob_free(&param_out);
- if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED) || NT_STATUS_IS_OK(status)) {
- status = enc_blob_send_receive(cli, &blob_out, &blob_in, &param_out);
- }
- if (param_out.length == 2) {
- es->enc_ctx_num = SVAL(param_out.data, 0);
- }
- data_blob_free(&blob_out);
- } while (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED));
-
- data_blob_free(&blob_in);
-
- if (NT_STATUS_IS_OK(status)) {
- /* Replace the old state, if any. */
- if (cli->trans_enc_state) {
- common_free_encryption_state(&cli->trans_enc_state);
- }
- cli->trans_enc_state = es;
- cli->trans_enc_state->enc_on = True;
- es = NULL;
- }
-
- fail:
-
- common_free_encryption_state(&es);
- return status;
-}
-
-#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5)
-
-#ifndef SMB_GSS_REQUIRED_FLAGS
-#define SMB_GSS_REQUIRED_FLAGS (GSS_C_CONF_FLAG|GSS_C_INTEG_FLAG|GSS_C_MUTUAL_FLAG|GSS_C_REPLAY_FLAG|GSS_C_SEQUENCE_FLAG)
-#endif
-
-/******************************************************************************
- Get client gss blob to send to a server.
-******************************************************************************/
-
-static NTSTATUS make_cli_gss_blob(struct smb_trans_enc_state *es,
- const char *service,
- const char *host,
- NTSTATUS status_in,
- DATA_BLOB spnego_blob_in,
- DATA_BLOB *p_blob_out)
-{
- const char *krb_mechs[] = {OID_KERBEROS5, NULL};
- OM_uint32 ret;
- OM_uint32 min;
- gss_name_t srv_name;
- gss_buffer_desc input_name;
- gss_buffer_desc *p_tok_in;
- gss_buffer_desc tok_out, tok_in;
- DATA_BLOB blob_out = data_blob_null;
- DATA_BLOB blob_in = data_blob_null;
- char *host_princ_s = NULL;
- OM_uint32 ret_flags = 0;
- NTSTATUS status = NT_STATUS_OK;
-
- gss_OID_desc nt_hostbased_service =
- {10, CONST_DISCARD(char *,"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x04")};
-
- memset(&tok_out, '\0', sizeof(tok_out));
-
- /* Get a ticket for the service@host */
- asprintf(&host_princ_s, "%s@%s", service, host);
- if (host_princ_s == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
-
- input_name.value = host_princ_s;
- input_name.length = strlen(host_princ_s) + 1;
-
- ret = gss_import_name(&min,
- &input_name,
- &nt_hostbased_service,
- &srv_name);
-
- if (ret != GSS_S_COMPLETE) {
- SAFE_FREE(host_princ_s);
- return map_nt_error_from_gss(ret, min);
- }
-
- if (spnego_blob_in.length == 0) {
- p_tok_in = GSS_C_NO_BUFFER;
- } else {
- /* Remove the SPNEGO wrapper */
- if (!spnego_parse_auth_response(spnego_blob_in, status_in, OID_KERBEROS5, &blob_in)) {
- status = NT_STATUS_UNSUCCESSFUL;
- goto fail;
- }
- tok_in.value = blob_in.data;
- tok_in.length = blob_in.length;
- p_tok_in = &tok_in;
- }
-
- ret = gss_init_sec_context(&min,
- GSS_C_NO_CREDENTIAL, /* Use our default cred. */
- &es->s.gss_state->gss_ctx,
- srv_name,
- GSS_C_NO_OID, /* default OID. */
- GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG,
- GSS_C_INDEFINITE, /* requested ticket lifetime. */
- NULL, /* no channel bindings */
- p_tok_in,
- NULL, /* ignore mech type */
- &tok_out,
- &ret_flags,
- NULL); /* ignore time_rec */
-
- status = map_nt_error_from_gss(ret, min);
- if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status,NT_STATUS_MORE_PROCESSING_REQUIRED)) {
- ADS_STATUS adss = ADS_ERROR_GSS(ret, min);
- DEBUG(10,("make_cli_gss_blob: gss_init_sec_context failed with %s\n",
- ads_errstr(adss)));
- goto fail;
- }
-
- if ((ret_flags & SMB_GSS_REQUIRED_FLAGS) != SMB_GSS_REQUIRED_FLAGS) {
- status = NT_STATUS_ACCESS_DENIED;
- }
-
- blob_out = data_blob(tok_out.value, tok_out.length);
-
- /* Wrap in an SPNEGO wrapper */
- *p_blob_out = gen_negTokenTarg(krb_mechs, blob_out);
-
- fail:
-
- data_blob_free(&blob_out);
- data_blob_free(&blob_in);
- SAFE_FREE(host_princ_s);
- gss_release_name(&min, &srv_name);
- if (tok_out.value) {
- gss_release_buffer(&min, &tok_out);
- }
- return status;
-}
-
-/******************************************************************************
- Start a SPNEGO gssapi encryption context.
-******************************************************************************/
-
-NTSTATUS cli_gss_smb_encryption_start(struct cli_state *cli)
-{
- DATA_BLOB blob_recv = data_blob_null;
- DATA_BLOB blob_send = data_blob_null;
- DATA_BLOB param_out = data_blob_null;
- NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
- fstring fqdn;
- const char *servicename;
- struct smb_trans_enc_state *es = make_cli_enc_state(SMB_TRANS_ENC_GSS);
-
- if (!es) {
- return NT_STATUS_NO_MEMORY;
- }
-
- name_to_fqdn(fqdn, cli->desthost);
- strlower_m(fqdn);
-
- servicename = "cifs";
- status = make_cli_gss_blob(es, servicename, fqdn, NT_STATUS_OK, blob_recv, &blob_send);
- if (!NT_STATUS_EQUAL(status,NT_STATUS_MORE_PROCESSING_REQUIRED)) {
- servicename = "host";
- status = make_cli_gss_blob(es, servicename, fqdn, NT_STATUS_OK, blob_recv, &blob_send);
- if (!NT_STATUS_EQUAL(status,NT_STATUS_MORE_PROCESSING_REQUIRED)) {
- goto fail;
- }
- }
-
- do {
- data_blob_free(&blob_recv);
- status = enc_blob_send_receive(cli, &blob_send, &blob_recv, &param_out);
- if (param_out.length == 2) {
- es->enc_ctx_num = SVAL(param_out.data, 0);
- }
- data_blob_free(&blob_send);
- status = make_cli_gss_blob(es, servicename, fqdn, status, blob_recv, &blob_send);
- } while (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED));
- data_blob_free(&blob_recv);
-
- if (NT_STATUS_IS_OK(status)) {
- /* Replace the old state, if any. */
- if (cli->trans_enc_state) {
- common_free_encryption_state(&cli->trans_enc_state);
- }
- cli->trans_enc_state = es;
- cli->trans_enc_state->enc_on = True;
- es = NULL;
- }
-
- fail:
-
- common_free_encryption_state(&es);
- return status;
-}
-#else
-NTSTATUS cli_gss_smb_encryption_start(struct cli_state *cli)
-{
- return NT_STATUS_NOT_SUPPORTED;
-}
-#endif
diff --git a/source3/libsmb/clilist.c b/source3/libsmb/clilist.c
index 31012e6011..5da63096b1 100644
--- a/source3/libsmb/clilist.c
+++ b/source3/libsmb/clilist.c
@@ -417,7 +417,7 @@ int cli_list_old(struct cli_state *cli,const char *Mask,uint16 attribute,
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,2,0,True);
+ set_message(cli->outbuf,2,0,True);
SCVAL(cli->outbuf,smb_com,SMBsearch);
@@ -474,7 +474,7 @@ int cli_list_old(struct cli_state *cli,const char *Mask,uint16 attribute,
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,2,0,True);
+ set_message(cli->outbuf,2,0,True);
SCVAL(cli->outbuf,smb_com,SMBfclose);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
cli_setup_packet(cli);
diff --git a/source3/libsmb/climessage.c b/source3/libsmb/climessage.c
index 252f2cd725..46d7c1c3be 100644
--- a/source3/libsmb/climessage.c
+++ b/source3/libsmb/climessage.c
@@ -29,7 +29,7 @@ int cli_message_start_build(struct cli_state *cli, char *host, char *username)
/* construct a SMBsendstrt command */
memset(cli->outbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,0,0,True);
+ set_message(cli->outbuf,0,0,True);
SCVAL(cli->outbuf,smb_com,SMBsendstrt);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
cli_setup_packet(cli);
@@ -74,7 +74,7 @@ int cli_message_text_build(struct cli_state *cli, char *msg, int len, int grp)
char *p;
memset(cli->outbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,1,0,True);
+ set_message(cli->outbuf,1,0,True);
SCVAL(cli->outbuf,smb_com,SMBsendtxt);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
cli_setup_packet(cli);
@@ -124,7 +124,7 @@ int cli_message_end_build(struct cli_state *cli, int grp)
char *p;
memset(cli->outbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,1,0,True);
+ set_message(cli->outbuf,1,0,True);
SCVAL(cli->outbuf,smb_com,SMBsendend);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
diff --git a/source3/libsmb/clioplock.c b/source3/libsmb/clioplock.c
index 041de41cad..387c40b401 100644
--- a/source3/libsmb/clioplock.c
+++ b/source3/libsmb/clioplock.c
@@ -31,7 +31,7 @@ BOOL cli_oplock_ack(struct cli_state *cli, int fnum, unsigned char level)
cli->outbuf = buf;
memset(buf,'\0',smb_size);
- set_message(NULL,buf,8,0,True);
+ set_message(buf,8,0,True);
SCVAL(buf,smb_com,SMBlockingX);
SSVAL(buf,smb_tid, cli->cnum);
diff --git a/source3/libsmb/cliprint.c b/source3/libsmb/cliprint.c
index 08737f87e4..9e55e5cef3 100644
--- a/source3/libsmb/cliprint.c
+++ b/source3/libsmb/cliprint.c
@@ -193,7 +193,7 @@ int cli_spl_open(struct cli_state *cli, const char *fname, int flags, int share_
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,15,0,True);
+ set_message(cli->outbuf,15,0,True);
SCVAL(cli->outbuf,smb_com,SMBsplopen);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -240,7 +240,7 @@ BOOL cli_spl_close(struct cli_state *cli, int fnum)
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,3,0,True);
+ set_message(cli->outbuf,3,0,True);
SCVAL(cli->outbuf,smb_com,SMBsplclose);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
diff --git a/source3/libsmb/clireadwrite.c b/source3/libsmb/clireadwrite.c
index 7e479dc00a..ed80dfaf1a 100644
--- a/source3/libsmb/clireadwrite.c
+++ b/source3/libsmb/clireadwrite.c
@@ -34,7 +34,7 @@ static BOOL cli_issue_read(struct cli_state *cli, int fnum, off_t offset,
if ((SMB_BIG_UINT)offset >> 32)
bigoffset = True;
- set_message(NULL,cli->outbuf,bigoffset ? 12 : 10,0,True);
+ set_message(cli->outbuf,bigoffset ? 12 : 10,0,True);
SCVAL(cli->outbuf,smb_com,SMBreadX);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -76,9 +76,7 @@ ssize_t cli_read(struct cli_state *cli, int fnum, char *buf, off_t offset, size_
* rounded down to a multiple of 1024.
*/
- if (client_is_signing_on(cli) == False &&
- cli_encryption_on(cli) == False &&
- (cli->posix_capabilities & CIFS_UNIX_LARGE_READ_CAP)) {
+ if (client_is_signing_on(cli) == False && (cli->posix_capabilities & CIFS_UNIX_LARGE_READ_CAP)) {
readsize = CLI_SAMBA_MAX_POSIX_LARGE_READX_SIZE;
} else if (cli->capabilities & CAP_LARGE_READX) {
if (cli->is_samba) {
@@ -205,7 +203,7 @@ static BOOL cli_issue_readraw(struct cli_state *cli, int fnum, off_t offset,
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,10,0,True);
+ set_message(cli->outbuf,10,0,True);
SCVAL(cli->outbuf,smb_com,SMBreadbraw);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -314,9 +312,9 @@ static BOOL cli_issue_write(struct cli_state *cli, int fnum, off_t offset,
}
if (large_writex)
- set_message(NULL,cli->outbuf,14,0,True);
+ set_message(cli->outbuf,14,0,True);
else
- set_message(NULL,cli->outbuf,12,0,True);
+ set_message(cli->outbuf,12,0,True);
SCVAL(cli->outbuf,smb_com,SMBwriteX);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
@@ -428,7 +426,7 @@ ssize_t cli_smbwrite(struct cli_state *cli,
memset(cli->outbuf,'\0',smb_size);
memset(cli->inbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,5, 0,True);
+ set_message(cli->outbuf,5, 0,True);
SCVAL(cli->outbuf,smb_com,SMBwrite);
SSVAL(cli->outbuf,smb_tid,cli->cnum);
diff --git a/source3/libsmb/clitrans.c b/source3/libsmb/clitrans.c
index 752983377c..e859dce956 100644
--- a/source3/libsmb/clitrans.c
+++ b/source3/libsmb/clitrans.c
@@ -43,7 +43,7 @@ BOOL cli_send_trans(struct cli_state *cli, int trans,
this_ldata = MIN(ldata,cli->max_xmit - (500+lsetup*2+this_lparam));
memset(cli->outbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,14+lsetup,0,True);
+ set_message(cli->outbuf,14+lsetup,0,True);
SCVAL(cli->outbuf,smb_com,trans);
SSVAL(cli->outbuf,smb_tid, cli->cnum);
cli_setup_packet(cli);
@@ -112,7 +112,7 @@ BOOL cli_send_trans(struct cli_state *cli, int trans,
this_lparam = MIN(lparam-tot_param,cli->max_xmit - 500); /* hack */
this_ldata = MIN(ldata-tot_data,cli->max_xmit - (500+this_lparam));
- set_message(NULL,cli->outbuf,trans==SMBtrans?8:9,0,True);
+ set_message(cli->outbuf,trans==SMBtrans?8:9,0,True);
SCVAL(cli->outbuf,smb_com,(trans==SMBtrans ? SMBtranss : SMBtranss2));
outparam = smb_buf(cli->outbuf);
@@ -358,7 +358,7 @@ BOOL cli_send_nt_trans(struct cli_state *cli,
this_ldata = MIN(ldata,cli->max_xmit - (500+lsetup*2+this_lparam));
memset(cli->outbuf,'\0',smb_size);
- set_message(NULL,cli->outbuf,19+lsetup,0,True);
+ set_message(cli->outbuf,19+lsetup,0,True);
SCVAL(cli->outbuf,smb_com,SMBnttrans);
SSVAL(cli->outbuf,smb_tid, cli->cnum);
cli_setup_packet(cli);
@@ -419,7 +419,7 @@ BOOL cli_send_nt_trans(struct cli_state *cli,
this_lparam = MIN(lparam-tot_param,cli->max_xmit - 500); /* hack */
this_ldata = MIN(ldata-tot_data,cli->max_xmit - (500+this_lparam));
- set_message(NULL,cli->outbuf,18,0,True);
+ set_message(cli->outbuf,18,0,True);
SCVAL(cli->outbuf,smb_com,SMBnttranss);
/* XXX - these should probably be aligned */
diff --git a/source3/libsmb/errormap.c b/source3/libsmb/errormap.c
index 412126eeca..ce826ae999 100644
--- a/source3/libsmb/errormap.c
+++ b/source3/libsmb/errormap.c
@@ -4,7 +4,6 @@
* Copyright (C) Andrew Tridgell 2001
* Copyright (C) Andrew Bartlett 2001
* Copyright (C) Tim Potter 2000
- * Copyright (C) Jeremy Allison 2007
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -1503,108 +1502,3 @@ WERROR ntstatus_to_werror(NTSTATUS error)
/* a lame guess */
return W_ERROR(NT_STATUS_V(error) & 0xffff);
}
-
-#if defined(HAVE_GSSAPI)
-/*******************************************************************************
- Map between gssapi errors and NT status. I made these up :-(. JRA.
-*******************************************************************************/
-
-static const struct {
- unsigned long gss_err;
- NTSTATUS ntstatus;
-} gss_to_ntstatus_errormap[] = {
-#if defined(GSS_S_CALL_INACCESSIBLE_READ)
- {GSS_S_CALL_INACCESSIBLE_READ, NT_STATUS_INVALID_PARAMETER},
-#endif
-#if defined(GSS_S_CALL_INACCESSIBLE_WRITE)
- {GSS_S_CALL_INACCESSIBLE_WRITE, NT_STATUS_INVALID_PARAMETER},
-#endif
-#if defined(GSS_S_CALL_BAD_STRUCTURE)
- {GSS_S_CALL_BAD_STRUCTURE, NT_STATUS_INVALID_PARAMETER},
-#endif
-#if defined(GSS_S_BAD_MECH)
- {GSS_S_BAD_MECH, NT_STATUS_INVALID_PARAMETER},
-#endif
-#if defined(GSS_S_BAD_NAME)
- {GSS_S_BAD_NAME, NT_STATUS_INVALID_ACCOUNT_NAME},
-#endif
-#if defined(GSS_S_BAD_NAMETYPE)
- {GSS_S_BAD_NAMETYPE, NT_STATUS_INVALID_PARAMETER},
-#endif
-#if defined(GSS_S_BAD_BINDINGS)
- {GSS_S_BAD_BINDINGS, NT_STATUS_INVALID_PARAMETER},
-#endif
-#if defined(GSS_S_BAD_STATUS)
- {GSS_S_BAD_STATUS, NT_STATUS_UNSUCCESSFUL},
-#endif
-#if defined(GSS_S_BAD_SIG)
- {GSS_S_BAD_SIG, NT_STATUS_ACCESS_DENIED},
-#endif
-#if defined(GSS_S_NO_CRED)
- {GSS_S_NO_CRED, NT_STATUS_ACCESS_DENIED},
-#endif
-#if defined(GSS_S_NO_CONTEXT)
- {GSS_S_NO_CONTEXT, NT_STATUS_ACCESS_DENIED},
-#endif
-#if defined(GSS_S_DEFECTIVE_TOKEN)
- {GSS_S_DEFECTIVE_TOKEN, NT_STATUS_ACCESS_DENIED},
-#endif
-#if defined(GSS_S_DEFECTIVE_CREDENTIAL)
- {GSS_S_DEFECTIVE_CREDENTIAL, NT_STATUS_ACCESS_DENIED},
-#endif
-#if defined(GSS_S_CREDENTIALS_EXPIRED)
- {GSS_S_CREDENTIALS_EXPIRED, NT_STATUS_PASSWORD_EXPIRED},
-#endif
-#if defined(GSS_S_CONTEXT_EXPIRED)
- {GSS_S_CONTEXT_EXPIRED, NT_STATUS_PASSWORD_EXPIRED},
-#endif
-#if defined(GSS_S_BAD_QOP)
- {GSS_S_BAD_QOP, NT_STATUS_ACCESS_DENIED},
-#endif
-#if defined(GSS_S_UNAUTHORIZED)
- {GSS_S_UNAUTHORIZED, NT_STATUS_ACCESS_DENIED},
-#endif
-#if defined(GSS_S_UNAVAILABLE)
- {GSS_S_UNAVAILABLE, NT_STATUS_UNSUCCESSFUL},
-#endif
-#if defined(GSS_S_DUPLICATE_ELEMENT)
- {GSS_S_DUPLICATE_ELEMENT, NT_STATUS_INVALID_PARAMETER},
-#endif
-#if defined(GSS_S_NAME_NOT_MN)
- {GSS_S_NAME_NOT_MN, NT_STATUS_INVALID_PARAMETER},
-#endif
- { 0, NT_STATUS_OK }
-};
-
-/*********************************************************************
- Map an NT error code from a gssapi error code.
-*********************************************************************/
-
-NTSTATUS map_nt_error_from_gss(uint32 gss_maj, uint32 minor)
-{
- int i = 0;
-
- if (gss_maj == GSS_S_COMPLETE) {
- return NT_STATUS_OK;
- }
-
- if (gss_maj == GSS_S_CONTINUE_NEEDED) {
- return NT_STATUS_MORE_PROCESSING_REQUIRED;
- }
-
- if (gss_maj == GSS_S_FAILURE) {
- return map_nt_error_from_unix((int)minor);
- }
-
- /* Look through list */
- while(gss_to_ntstatus_errormap[i].gss_err != 0) {
- if (gss_to_ntstatus_errormap[i].gss_err == gss_maj) {
- return gss_to_ntstatus_errormap[i].ntstatus;
- }
- i++;
- }
-
- /* Default return */
- return NT_STATUS_ACCESS_DENIED;
-}
-#endif
diff --git a/source3/libsmb/libsmbclient.c b/source3/libsmb/libsmbclient.c
index 7394008786..45226a028c 100644
--- a/source3/libsmb/libsmbclient.c
+++ b/source3/libsmb/libsmbclient.c
@@ -2471,15 +2471,16 @@ net_share_enum_rpc(struct cli_state *cli,
void *state)
{
int i;
- NTSTATUS result;
- uint32 enum_hnd;
+ WERROR result;
+ ENUM_HND enum_hnd;
uint32 info_level = 1;
uint32 preferred_len = 0xffffffff;
- struct srvsvc_NetShareCtr1 ctr1;
- union srvsvc_NetShareCtr ctr;
+ uint32 type;
+ SRV_SHARE_INFO_CTR ctr;
+ fstring name = "";
+ fstring comment = "";
void *mem_ctx;
struct rpc_pipe_client *pipe_hnd;
- uint32 numentries;
NTSTATUS nt_status;
/* Open the server service pipe */
@@ -2497,28 +2498,37 @@ net_share_enum_rpc(struct cli_state *cli,
return -1;
}
- ZERO_STRUCT(ctr1);
- ctr.ctr1 = &ctr1;
-
/* Issue the NetShareEnum RPC call and retrieve the response */
- enum_hnd = 0;
- result = rpccli_srvsvc_NetShareEnum(pipe_hnd, mem_ctx, NULL,
- &info_level, &ctr, preferred_len,
- &numentries, &enum_hnd);
+ init_enum_hnd(&enum_hnd, 0);
+ result = rpccli_srvsvc_net_share_enum(pipe_hnd,
+ mem_ctx,
+ info_level,
+ &ctr,
+ preferred_len,
+ &enum_hnd);
/* Was it successful? */
- if (!NT_STATUS_IS_OK(result) || numentries == 0) {
+ if (!W_ERROR_IS_OK(result) || ctr.num_entries == 0) {
/* Nope. Go clean up. */
goto done;
}
/* For each returned entry... */
- for (i = 0; i < numentries; i++) {
+ for (i = 0; i < ctr.num_entries; i++) {
+
+ /* pull out the share name */
+ rpcstr_pull_unistr2_fstring(
+ name, &ctr.share.info1[i].info_1_str.uni_netname);
+
+ /* pull out the share's comment */
+ rpcstr_pull_unistr2_fstring(
+ comment, &ctr.share.info1[i].info_1_str.uni_remark);
+
+ /* Get the type value */
+ type = ctr.share.info1[i].info_1.type;
/* Add this share to the list */
- (*fn)(ctr.ctr1->array[i].name,
- ctr.ctr1->array[i].type,
- ctr.ctr1->array[i].comment, state);
+ (*fn)(name, type, comment, state);
}
done:
@@ -2529,7 +2539,7 @@ done:
TALLOC_FREE(mem_ctx);
/* Tell 'em if it worked */
- return NT_STATUS_IS_OK(result) ? 0 : -1;
+ return W_ERROR_IS_OK(result) ? 0 : -1;
}
@@ -4076,7 +4086,7 @@ sec_desc_parse(TALLOC_CTX *ctx,
fstring tok;
SEC_DESC *ret = NULL;
size_t sd_size;
- DOM_SID *grp_sid=NULL;
+ DOM_SID *group_sid=NULL;
DOM_SID *owner_sid=NULL;
SEC_ACL *dacl=NULL;
int revision=1;
@@ -4121,15 +4131,15 @@ sec_desc_parse(TALLOC_CTX *ctx,
}
if (StrnCaseCmp(tok,"GROUP:", 6) == 0) {
- if (grp_sid) {
+ if (group_sid) {
DEBUG(5, ("GROUP specified more than once!\n"));
goto done;
}
- grp_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
- if (!grp_sid ||
+ group_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
+ if (!group_sid ||
!convert_string_to_sid(ipc_cli, pol,
numeric,
- grp_sid, tok+6)) {
+ group_sid, tok+6)) {
DEBUG(5, ("Failed to parse group sid\n"));
goto done;
}
@@ -4137,15 +4147,15 @@ sec_desc_parse(TALLOC_CTX *ctx,
}
if (StrnCaseCmp(tok,"GROUP+:", 7) == 0) {
- if (grp_sid) {
+ if (group_sid) {
DEBUG(5, ("GROUP specified more than once!\n"));
goto done;
}
- grp_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
- if (!grp_sid ||
+ group_sid = SMB_CALLOC_ARRAY(DOM_SID, 1);
+ if (!group_sid ||
!convert_string_to_sid(ipc_cli, pol,
False,
- grp_sid, tok+6)) {
+ group_sid, tok+6)) {
DEBUG(5, ("Failed to parse group sid\n"));
goto done;
}
@@ -4183,10 +4193,10 @@ sec_desc_parse(TALLOC_CTX *ctx,
}
ret = make_sec_desc(ctx, revision, SEC_DESC_SELF_RELATIVE,
- owner_sid, grp_sid, NULL, dacl, &sd_size);
+ owner_sid, group_sid, NULL, dacl, &sd_size);
done:
- SAFE_FREE(grp_sid);
+ SAFE_FREE(group_sid);
SAFE_FREE(owner_sid);
return ret;
@@ -5132,7 +5142,7 @@ cacl_set(TALLOC_CTX *ctx,
SEC_DESC *sd = NULL, *old;
SEC_ACL *dacl = NULL;
DOM_SID *owner_sid = NULL;
- DOM_SID *grp_sid = NULL;
+ DOM_SID *group_sid = NULL;
uint32 i, j;
size_t sd_size;
int ret = 0;
@@ -5257,7 +5267,7 @@ cacl_set(TALLOC_CTX *ctx,
case SMBC_XATTR_MODE_SET:
old = sd;
owner_sid = old->owner_sid;
- grp_sid = old->group_sid;
+ group_sid = old->group_sid;
dacl = old->dacl;
break;
@@ -5266,7 +5276,7 @@ cacl_set(TALLOC_CTX *ctx,
break;
case SMBC_XATTR_MODE_CHGRP:
- grp_sid = sd->group_sid;
+ group_sid = sd->group_sid;
break;
}
@@ -5275,7 +5285,7 @@ cacl_set(TALLOC_CTX *ctx,
/* Create new security descriptor and set it */
sd = make_sec_desc(ctx, old->revision, SEC_DESC_SELF_RELATIVE,
- owner_sid, grp_sid, NULL, dacl, &sd_size);
+ owner_sid, group_sid, NULL, dacl, &sd_size);
fnum = cli_nt_create(cli, filename,
WRITE_DAC_ACCESS | WRITE_OWNER_ACCESS);
diff --git a/source3/libsmb/smb_seal.c b/source3/libsmb/smb_seal.c
deleted file mode 100644
index 33352b85ce..0000000000
--- a/source3/libsmb/smb_seal.c
+++ /dev/null
@@ -1,496 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- SMB Transport encryption (sealing) code.
- Copyright (C) Jeremy Allison 2007.
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include "includes.h"
-
-/******************************************************************************
- Pull out the encryption context for this packet. 0 means global context.
-******************************************************************************/
-
-NTSTATUS get_enc_ctx_num(char *buf, uint16 *p_enc_ctx_num)
-{
- if (smb_len(buf) < 8) {
- return NT_STATUS_INVALID_BUFFER_SIZE;
- }
-
- if (buf[4] == (char)0xFF) {
- if (buf[5] == 'S' && buf [6] == 'M' && buf[7] == 'B') {
- /* Not an encrypted buffer. */
- return NT_STATUS_NOT_FOUND;
- }
- if (buf[5] == 'E') {
- *p_enc_ctx_num = SVAL(buf,6);
- return NT_STATUS_OK;
- }
- }
- return NT_STATUS_INVALID_NETWORK_RESPONSE;
-}
-
-/******************************************************************************
- Generic code for client and server.
- Is encryption turned on ?
-******************************************************************************/
-
-BOOL common_encryption_on(struct smb_trans_enc_state *es)
-{
- return ((es != NULL) && es->enc_on);
-}
-
-/******************************************************************************
- Generic code for client and server.
- NTLM decrypt an incoming buffer.
- Abartlett tells me that SSPI puts the signature first before the encrypted
- output, so cope with the same for compatibility.
-******************************************************************************/
-
-NTSTATUS common_ntlm_decrypt_buffer(NTLMSSP_STATE *ntlmssp_state, char *buf)
-{
- NTSTATUS status;
- size_t buf_len = smb_len(buf) + 4; /* Don't forget the 4 length bytes. */
- size_t data_len;
- char *inbuf;
- DATA_BLOB sig;
-
- if (buf_len < 8 + NTLMSSP_SIG_SIZE) {
- return NT_STATUS_BUFFER_TOO_SMALL;
- }
-
- inbuf = (char *)smb_xmemdup(buf, buf_len);
-
- /* Adjust for the signature. */
- data_len = buf_len - 8 - NTLMSSP_SIG_SIZE;
-
- /* Point at the signature. */
- sig = data_blob_const(inbuf+8, NTLMSSP_SIG_SIZE);
-
- status = ntlmssp_unseal_packet(ntlmssp_state,
- (unsigned char *)inbuf + 8 + NTLMSSP_SIG_SIZE, /* 4 byte len + 0xFF 'E' <enc> <ctx> */
- data_len,
- (unsigned char *)inbuf + 8 + NTLMSSP_SIG_SIZE,
- data_len,
- &sig);
-
- if (!NT_STATUS_IS_OK(status)) {
- SAFE_FREE(inbuf);
- return status;
- }
-
- memcpy(buf + 8, inbuf + 8 + NTLMSSP_SIG_SIZE, data_len);
-
- /* Reset the length. */
- smb_setlen(inbuf, buf, data_len + 4);
-
- SAFE_FREE(inbuf);
- return NT_STATUS_OK;
-}
-
-/******************************************************************************
- Generic code for client and server.
- NTLM encrypt an outgoing buffer. Return the encrypted pointer in ppbuf_out.
- Abartlett tells me that SSPI puts the signature first before the encrypted
- output, so do the same for compatibility.
-******************************************************************************/
-
-NTSTATUS common_ntlm_encrypt_buffer(NTLMSSP_STATE *ntlmssp_state,
- uint16 enc_ctx_num,
- char *buf,
- char **ppbuf_out)
-{
- NTSTATUS status;
- char *buf_out;
- size_t data_len = smb_len(buf) - 4; /* Ignore the 0xFF SMB bytes. */
- DATA_BLOB sig;
-
- *ppbuf_out = NULL;
-
- if (data_len == 0) {
- return NT_STATUS_BUFFER_TOO_SMALL;
- }
-
- /*
- * We know smb_len can't return a value > 128k, so no int overflow
- * check needed.
- */
-
- buf_out = SMB_XMALLOC_ARRAY(char, 8 + NTLMSSP_SIG_SIZE + data_len);
-
- /* Copy the data from the original buffer. */
-
- memcpy(buf_out + 8 + NTLMSSP_SIG_SIZE, buf + 8, data_len);
-
- smb_set_enclen(buf_out, smb_len(buf) + NTLMSSP_SIG_SIZE, enc_ctx_num);
-
- sig = data_blob(NULL, NTLMSSP_SIG_SIZE);
-
- status = ntlmssp_seal_packet(ntlmssp_state,
- (unsigned char *)buf_out + 8 + NTLMSSP_SIG_SIZE, /* 4 byte len + 0xFF 'S' <enc> <ctx> */
- data_len,
- (unsigned char *)buf_out + 8 + NTLMSSP_SIG_SIZE,
- data_len,
- &sig);
-
- if (!NT_STATUS_IS_OK(status)) {
- data_blob_free(&sig);
- SAFE_FREE(buf_out);
- return status;
- }
-
- /* First 16 data bytes are signature for SSPI compatibility. */
- memcpy(buf_out + 8, sig.data, NTLMSSP_SIG_SIZE);
- *ppbuf_out = buf_out;
- return NT_STATUS_OK;
-}
-
-/******************************************************************************
- Generic code for client and server.
- gss-api decrypt an incoming buffer. We insist that the size of the
- unwrapped buffer must be smaller or identical to the incoming buffer.
-******************************************************************************/
-
-#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5)
-static NTSTATUS common_gss_decrypt_buffer(struct smb_tran_enc_state_gss *gss_state, char *buf)
-{
- gss_ctx_id_t gss_ctx = gss_state->gss_ctx;
- OM_uint32 ret = 0;
- OM_uint32 minor = 0;
- int flags_got = 0;
- gss_buffer_desc in_buf, out_buf;
- size_t buf_len = smb_len(buf) + 4; /* Don't forget the 4 length bytes. */
-
- if (buf_len < 8) {
- return NT_STATUS_BUFFER_TOO_SMALL;
- }
-
- in_buf.value = buf + 8;
- in_buf.length = buf_len - 8;
-
- ret = gss_unwrap(&minor,
- gss_ctx,
- &in_buf,
- &out_buf,
- &flags_got, /* did we get sign+seal ? */
- (gss_qop_t *) NULL);
-
- if (ret != GSS_S_COMPLETE) {
- ADS_STATUS adss = ADS_ERROR_GSS(ret, minor);
- DEBUG(0,("common_gss_encrypt_buffer: gss_unwrap failed. Error %s\n",
- ads_errstr(adss) ));
- return map_nt_error_from_gss(ret, minor);
- }
-
- if (out_buf.length > in_buf.length) {
- DEBUG(0,("common_gss_encrypt_buffer: gss_unwrap size (%u) too large (%u) !\n",
- (unsigned int)out_buf.length,
- (unsigned int)in_buf.length ));
- gss_release_buffer(&minor, &out_buf);
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- memcpy(buf + 8, out_buf.value, out_buf.length);
- smb_setlen((char *)out_buf.value, buf, out_buf.length + 4);
-
- gss_release_buffer(&minor, &out_buf);
- return NT_STATUS_OK;
-}
-
-/******************************************************************************
- Generic code for client and server.
- gss-api encrypt an outgoing buffer. Return the alloced encrypted pointer in buf_out.
-******************************************************************************/
-
-static NTSTATUS common_gss_encrypt_buffer(struct smb_tran_enc_state_gss *gss_state,
- uint16 enc_ctx_num,
- char *buf,
- char **ppbuf_out)
-{
- gss_ctx_id_t gss_ctx = gss_state->gss_ctx;
- OM_uint32 ret = 0;
- OM_uint32 minor = 0;
- int flags_got = 0;
- gss_buffer_desc in_buf, out_buf;
- size_t buf_len = smb_len(buf) + 4; /* Don't forget the 4 length bytes. */
-
- *ppbuf_out = NULL;
-
- if (buf_len < 8) {
- return NT_STATUS_BUFFER_TOO_SMALL;
- }
-
- in_buf.value = buf + 8;
- in_buf.length = buf_len - 8;
-
- ret = gss_wrap(&minor,
- gss_ctx,
- True, /* we want sign+seal. */
- GSS_C_QOP_DEFAULT,
- &in_buf,
- &flags_got, /* did we get sign+seal ? */
- &out_buf);
-
- if (ret != GSS_S_COMPLETE) {
- ADS_STATUS adss = ADS_ERROR_GSS(ret, minor);
- DEBUG(0,("common_gss_encrypt_buffer: gss_wrap failed. Error %s\n",
- ads_errstr(adss) ));
- return map_nt_error_from_gss(ret, minor);
- }
-
- if (!flags_got) {
- /* Sign+seal not supported. */
- gss_release_buffer(&minor, &out_buf);
- return NT_STATUS_NOT_SUPPORTED;
- }
-
- /* Ya see - this is why I *hate* gss-api. I don't
- * want to have to malloc another buffer of the
- * same size + 8 bytes just to get a continuous
- * header + buffer, but gss won't let me pass in
- * a pre-allocated buffer. Bastards (and you know
- * who you are....). I might fix this by
- * going to "encrypt_and_send" passing in a file
- * descriptor and doing scatter-gather write with
- * TCP cork on Linux. But I shouldn't have to
- * bother :-*(. JRA.
- */
-
- *ppbuf_out = (char *)SMB_MALLOC(out_buf.length + 8); /* We know this can't wrap. */
- if (!*ppbuf_out) {
- gss_release_buffer(&minor, &out_buf);
- return NT_STATUS_NO_MEMORY;
- }
-
- memcpy(*ppbuf_out+8, out_buf.value, out_buf.length);
- smb_set_enclen(*ppbuf_out, out_buf.length + 4, enc_ctx_num);
-
- gss_release_buffer(&minor, &out_buf);
- return NT_STATUS_OK;
-}
-#endif
-
-/******************************************************************************
- Generic code for client and server.
- Encrypt an outgoing buffer. Return the alloced encrypted pointer in buf_out.
-******************************************************************************/
-
-NTSTATUS common_encrypt_buffer(struct smb_trans_enc_state *es, char *buffer, char **buf_out)
-{
- if (!common_encryption_on(es)) {
- /* Not encrypting. */
- *buf_out = buffer;
- return NT_STATUS_OK;
- }
-
- switch (es->smb_enc_type) {
- case SMB_TRANS_ENC_NTLM:
- return common_ntlm_encrypt_buffer(es->s.ntlmssp_state, es->enc_ctx_num, buffer, buf_out);
-#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5)
- case SMB_TRANS_ENC_GSS:
- return common_gss_encrypt_buffer(es->s.gss_state, es->enc_ctx_num, buffer, buf_out);
-#endif
- default:
- return NT_STATUS_NOT_SUPPORTED;
- }
-}
-
-/******************************************************************************
- Generic code for client and server.
- Decrypt an incoming SMB buffer. Replaces the data within it.
- New data must be less than or equal to the current length.
-******************************************************************************/
-
-NTSTATUS common_decrypt_buffer(struct smb_trans_enc_state *es, char *buf)
-{
- if (!common_encryption_on(es)) {
- /* Not decrypting. */
- return NT_STATUS_OK;
- }
-
- switch (es->smb_enc_type) {
- case SMB_TRANS_ENC_NTLM:
- return common_ntlm_decrypt_buffer(es->s.ntlmssp_state, buf);
-#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5)
- case SMB_TRANS_ENC_GSS:
- return common_gss_decrypt_buffer(es->s.gss_state, buf);
-#endif
- default:
- return NT_STATUS_NOT_SUPPORTED;
- }
-}
-
-#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5)
-/******************************************************************************
- Shutdown a gss encryption state.
-******************************************************************************/
-
-static void common_free_gss_state(struct smb_tran_enc_state_gss **pp_gss_state)
-{
- OM_uint32 minor = 0;
- struct smb_tran_enc_state_gss *gss_state = *pp_gss_state;
-
- if (gss_state->creds != GSS_C_NO_CREDENTIAL) {
- gss_release_cred(&minor, &gss_state->creds);
- }
- if (gss_state->gss_ctx != GSS_C_NO_CONTEXT) {
- gss_delete_sec_context(&minor, &gss_state->gss_ctx, NULL);
- }
- SAFE_FREE(*pp_gss_state);
-}
-#endif
-
-/******************************************************************************
- Shutdown an encryption state.
-******************************************************************************/
-
-void common_free_encryption_state(struct smb_trans_enc_state **pp_es)
-{
- struct smb_trans_enc_state *es = *pp_es;
-
- if (es == NULL) {
- return;
- }
-
- if (es->smb_enc_type == SMB_TRANS_ENC_NTLM) {
- if (es->s.ntlmssp_state) {
- ntlmssp_end(&es->s.ntlmssp_state);
- }
- }
-#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5)
- if (es->smb_enc_type == SMB_TRANS_ENC_GSS) {
- /* Free the gss context handle. */
- if (es->s.gss_state) {
- common_free_gss_state(&es->s.gss_state);
- }
- }
-#endif
- SAFE_FREE(es);
- *pp_es = NULL;
-}
-
-/******************************************************************************
- Free an encryption-allocated buffer.
-******************************************************************************/
-
-void common_free_enc_buffer(struct smb_trans_enc_state *es, char *buf)
-{
- if (!common_encryption_on(es)) {
- return;
- }
-
- if (es->smb_enc_type == SMB_TRANS_ENC_NTLM) {
- SAFE_FREE(buf);
- return;
- }
-
-#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5)
- if (es->smb_enc_type == SMB_TRANS_ENC_GSS) {
- OM_uint32 min;
- gss_buffer_desc rel_buf;
- rel_buf.value = buf;
- rel_buf.length = smb_len(buf) + 4;
- gss_release_buffer(&min, &rel_buf);
- }
-#endif
-}
-
-/******************************************************************************
- Client side encryption.
-******************************************************************************/
-
-/******************************************************************************
- Is client encryption on ?
-******************************************************************************/
-
-BOOL cli_encryption_on(struct cli_state *cli)
-{
- /* If we supported multiple encrytion contexts
- * here we'd look up based on tid.
- */
- return common_encryption_on(cli->trans_enc_state);
-}
-
-/******************************************************************************
- Shutdown a client encryption state.
-******************************************************************************/
-
-void cli_free_encryption_context(struct cli_state *cli)
-{
- common_free_encryption_state(&cli->trans_enc_state);
-}
-
-/******************************************************************************
- Free an encryption-allocated buffer.
-******************************************************************************/
-
-void cli_free_enc_buffer(struct cli_state *cli, char *buf)
-{
- /* We know this is an smb buffer, and we
- * didn't malloc, only copy, for a keepalive,
- * so ignore session keepalives. */
-
- if(CVAL(buf,0) == SMBkeepalive) {
- return;
- }
-
- /* If we supported multiple encrytion contexts
- * here we'd look up based on tid.
- */
- common_free_enc_buffer(cli->trans_enc_state, buf);
-}
-
-/******************************************************************************
- Decrypt an incoming buffer.
-******************************************************************************/
-
-NTSTATUS cli_decrypt_message(struct cli_state *cli)
-{
- NTSTATUS status;
- uint16 enc_ctx_num;
-
- /* Ignore session keepalives. */
- if(CVAL(cli->inbuf,0) == SMBkeepalive) {
- return NT_STATUS_OK;
- }
-
- status = get_enc_ctx_num(cli->inbuf, &enc_ctx_num);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- if (enc_ctx_num != cli->trans_enc_state->enc_ctx_num) {
- return NT_STATUS_INVALID_HANDLE;
- }
-
- return common_decrypt_buffer(cli->trans_enc_state, cli->inbuf);
-}
-
-/******************************************************************************
- Encrypt an outgoing buffer. Return the encrypted pointer in buf_out.
-******************************************************************************/
-
-NTSTATUS cli_encrypt_message(struct cli_state *cli, char **buf_out)
-{
- /* Ignore session keepalives. */
- if(CVAL(cli->outbuf,0) == SMBkeepalive) {
- return NT_STATUS_OK;
- }
-
- /* If we supported multiple encrytion contexts
- * here we'd look up based on tid.
- */
- return common_encrypt_buffer(cli->trans_enc_state, cli->outbuf, buf_out);
-}