diff options
-rw-r--r-- | source3/client/smbspool.c | 9 | ||||
-rw-r--r-- | source3/include/proto.h | 10 | ||||
-rw-r--r-- | source3/libsmb/cliconnect.c | 197 | ||||
-rw-r--r-- | source3/libsmb/clidfs.c | 9 | ||||
-rw-r--r-- | source3/libsmb/libsmb_server.c | 17 | ||||
-rw-r--r-- | source3/libsmb/passchange.c | 10 | ||||
-rw-r--r-- | source3/nmbd/nmbd_synclists.c | 2 | ||||
-rw-r--r-- | source3/torture/locktest.c | 7 | ||||
-rw-r--r-- | source3/torture/masktest.c | 7 | ||||
-rw-r--r-- | source3/torture/torture.c | 20 | ||||
-rw-r--r-- | source3/utils/net_rpc.c | 4 | ||||
-rw-r--r-- | source3/utils/smbcacls.c | 10 | ||||
-rw-r--r-- | source3/winbindd/winbindd_cm.c | 9 |
13 files changed, 210 insertions, 101 deletions
diff --git a/source3/client/smbspool.c b/source3/client/smbspool.c index 1910ccd4fe..7943cf5828 100644 --- a/source3/client/smbspool.c +++ b/source3/client/smbspool.c @@ -432,10 +432,13 @@ smb_complete_connection(const char *myname, return NULL; } - if (!cli_send_tconX(cli, share, "?????", password, strlen(password) + 1)) { - fprintf(stderr, "ERROR: Tree connect failed (%s)\n", cli_errstr(cli)); + nt_status = cli_tcon_andx(cli, share, "?????", password, + strlen(password) + 1); + if (!NT_STATUS_IS_OK(nt_status)) { + fprintf(stderr, "ERROR: Tree connect failed (%s)\n", + nt_errstr(nt_status)); - if (get_exit_code(cli, cli_nt_error(cli)) == 2) { + if (get_exit_code(cli, nt_status) == 2) { *need_auth = true; } diff --git a/source3/include/proto.h b/source3/include/proto.h index 943ab5e3f1..b06d8d6758 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -2328,8 +2328,14 @@ struct async_req *cli_session_setup_guest_send(TALLOC_CTX *mem_ctx, struct cli_state *cli); NTSTATUS cli_session_setup_guest_recv(struct async_req *req); bool cli_ulogoff(struct cli_state *cli); -bool cli_send_tconX(struct cli_state *cli, - const char *share, const char *dev, const char *pass, int passlen); +struct async_req *cli_tcon_andx_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, + struct cli_state *cli, + const char *share, const char *dev, + const char *pass, int passlen); +NTSTATUS cli_tcon_andx_recv(struct async_req *req); +NTSTATUS cli_tcon_andx(struct cli_state *cli, const char *share, + const char *dev, const char *pass, int passlen); bool cli_tdis(struct cli_state *cli); void cli_negprot_sendsync(struct cli_state *cli); NTSTATUS cli_negprot(struct cli_state *cli); diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index e1bba90329..ed5adc5694 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -1173,13 +1173,17 @@ bool cli_ulogoff(struct cli_state *cli) Send a tconX. ****************************************************************************/ -bool cli_send_tconX(struct cli_state *cli, - const char *share, const char *dev, const char *pass, int passlen) +struct async_req *cli_tcon_andx_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, + struct cli_state *cli, + const char *share, const char *dev, + const char *pass, int passlen) { - fstring fullshare, pword; - char *p; - memset(cli->outbuf,'\0',smb_size); - memset(cli->inbuf,'\0',smb_size); + fstring pword; + char *tmp = NULL; + struct async_req *result; + uint16_t vwv[4]; + uint8_t *bytes; fstrcpy(cli->share, share); @@ -1187,9 +1191,10 @@ bool cli_send_tconX(struct cli_state *cli, if (cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL) { passlen = 1; pass = ""; - } else if (!pass) { - DEBUG(1, ("Server not using user level security and no password supplied.\n")); - return False; + } else if (pass == NULL) { + DEBUG(1, ("Server not using user level security and no " + "password supplied.\n")); + goto access_denied; } if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) && @@ -1198,28 +1203,32 @@ bool cli_send_tconX(struct cli_state *cli, DEBUG(1, ("Server requested LANMAN password " "(share-level security) but " "'client lanman auth' is disabled\n")); - return False; + goto access_denied; } /* - * Non-encrypted passwords - convert to DOS codepage before encryption. + * Non-encrypted passwords - convert to DOS codepage before + * encryption. */ passlen = 24; - SMBencrypt(pass,cli->secblob.data,(uchar *)pword); + SMBencrypt(pass, cli->secblob.data, (uchar *)pword); } else { - if((cli->sec_mode & (NEGOTIATE_SECURITY_USER_LEVEL|NEGOTIATE_SECURITY_CHALLENGE_RESPONSE)) == 0) { + if((cli->sec_mode & (NEGOTIATE_SECURITY_USER_LEVEL + |NEGOTIATE_SECURITY_CHALLENGE_RESPONSE)) + == 0) { if (!lp_client_plaintext_auth() && (*pass)) { DEBUG(1, ("Server requested plaintext " "password but 'client plaintext " "auth' is disabled\n")); - return False; + goto access_denied; } /* - * Non-encrypted passwords - convert to DOS codepage before using. + * Non-encrypted passwords - convert to DOS codepage + * before using. */ - passlen = clistr_push(cli, pword, pass, sizeof(pword), STR_TERMINATE); - + passlen = clistr_push(cli, pword, pass, sizeof(pword), + STR_TERMINATE); } else { if (passlen) { memcpy(pword, pass, passlen); @@ -1227,52 +1236,139 @@ bool cli_send_tconX(struct cli_state *cli, } } - slprintf(fullshare, sizeof(fullshare)-1, - "\\\\%s\\%s", cli->desthost, share); + SCVAL(vwv+0, 0, 0xFF); + SCVAL(vwv+0, 1, 0); + SSVAL(vwv+1, 0, 0); + SSVAL(vwv+2, 0, TCONX_FLAG_EXTENDED_RESPONSE); + SSVAL(vwv+3, 0, passlen); - cli_set_message(cli->outbuf,4, 0, True); - SCVAL(cli->outbuf,smb_com,SMBtconX); - cli_setup_packet(cli); + if (passlen) { + bytes = (uint8_t *)talloc_memdup(talloc_tos(), pword, passlen); + } else { + bytes = talloc_array(talloc_tos(), uint8_t, 0); + } - SSVAL(cli->outbuf,smb_vwv0,0xFF); - SSVAL(cli->outbuf,smb_vwv2,TCONX_FLAG_EXTENDED_RESPONSE); - SSVAL(cli->outbuf,smb_vwv3,passlen); + /* + * Add the sharename + */ + tmp = talloc_asprintf_strupper_m(talloc_tos(), "\\\\%s\\%s", + cli->desthost, share); + if (tmp == NULL) { + TALLOC_FREE(bytes); + return NULL; + } + bytes = smb_bytes_push_str(bytes, cli_ucs2(cli), tmp, strlen(tmp)+1, + NULL); + TALLOC_FREE(tmp); - p = smb_buf(cli->outbuf); - if (passlen) { - memcpy(p,pword,passlen); + /* + * Add the devicetype + */ + tmp = talloc_strdup_upper(talloc_tos(), dev); + if (tmp == NULL) { + TALLOC_FREE(bytes); + return NULL; } - p += passlen; - p += clistr_push(cli, p, fullshare, -1, STR_TERMINATE |STR_UPPER); - p += clistr_push(cli, p, dev, -1, STR_TERMINATE |STR_UPPER | STR_ASCII); + bytes = smb_bytes_push_str(bytes, false, tmp, strlen(tmp)+1, NULL); + TALLOC_FREE(tmp); - cli_setup_bcc(cli, p); + if (bytes == NULL) { + return NULL; + } - cli_send_smb(cli); - if (!cli_receive_smb(cli)) - return False; + result = cli_request_send(mem_ctx, ev, cli, SMBtconX, 0, + 4, vwv, 0, talloc_get_size(bytes), bytes); + TALLOC_FREE(bytes); + return result; - if (cli_is_error(cli)) - return False; + access_denied: + result = async_req_new(mem_ctx); + if (async_post_status(result, ev, NT_STATUS_ACCESS_DENIED)) { + return result; + } + TALLOC_FREE(result); + return NULL; +} - clistr_pull(cli->inbuf, cli->dev, smb_buf(cli->inbuf), sizeof(fstring), - -1, STR_TERMINATE|STR_ASCII); +NTSTATUS cli_tcon_andx_recv(struct async_req *req) +{ + struct cli_request *cli_req = talloc_get_type_abort( + req->private_data, struct cli_request); + struct cli_state *cli = cli_req->cli; + uint8_t wct; + uint16_t *vwv; + uint16_t num_bytes; + uint8_t *bytes; + NTSTATUS status; - if (cli->protocol >= PROTOCOL_NT1 && - smb_buflen(cli->inbuf) == 3) { + if (async_req_is_error(req, &status)) { + return status; + } + + status = cli_pull_reply(req, &wct, &vwv, &num_bytes, &bytes); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + clistr_pull(cli_req->inbuf, cli->dev, bytes, sizeof(fstring), + num_bytes, STR_TERMINATE|STR_ASCII); + + if ((cli->protocol >= PROTOCOL_NT1) && (num_bytes == 3)) { /* almost certainly win95 - enable bug fixes */ cli->win95 = True; } - /* Make sure that we have the optional support 16-bit field. WCT > 2 */ - /* Avoids issues when connecting to Win9x boxes sharing files */ + /* + * Make sure that we have the optional support 16-bit field. WCT > 2. + * Avoids issues when connecting to Win9x boxes sharing files + */ - cli->dfsroot = False; - if ( (CVAL(cli->inbuf, smb_wct))>2 && cli->protocol >= PROTOCOL_LANMAN2 ) - cli->dfsroot = (SVAL( cli->inbuf, smb_vwv2 ) & SMB_SHARE_IN_DFS) ? True : False; + cli->dfsroot = false; - cli->cnum = SVAL(cli->inbuf,smb_tid); - return True; + if ((wct > 2) && (cli->protocol >= PROTOCOL_LANMAN2)) { + cli->dfsroot = ((SVAL(vwv+2, 0) & SMB_SHARE_IN_DFS) != 0); + } + + cli->cnum = SVAL(cli_req->inbuf,smb_tid); + return NT_STATUS_OK; +} + +NTSTATUS cli_tcon_andx(struct cli_state *cli, const char *share, + const char *dev, const char *pass, int passlen) +{ + TALLOC_CTX *frame = talloc_stackframe(); + struct event_context *ev; + struct async_req *req; + NTSTATUS status; + + if (cli->fd_event != NULL) { + /* + * Can't use sync call while an async call is in flight + */ + status = NT_STATUS_INVALID_PARAMETER; + goto fail; + } + + ev = event_context_init(frame); + if (ev == NULL) { + status = NT_STATUS_NO_MEMORY; + goto fail; + } + + req = cli_tcon_andx_send(frame, ev, cli, share, dev, pass, passlen); + if (req == NULL) { + status = NT_STATUS_NO_MEMORY; + goto fail; + } + + while (req->state < ASYNC_REQ_DONE) { + event_loop_once(ev); + } + + status = cli_tcon_andx_recv(req); + fail: + TALLOC_FREE(frame); + return status; } /**************************************************************************** @@ -1956,8 +2052,9 @@ NTSTATUS cli_full_connection(struct cli_state **output_cli, } if (service) { - if (!cli_send_tconX(cli, service, service_type, password, pw_len)) { - nt_status = cli_nt_error(cli); + nt_status = cli_tcon_andx(cli, service, service_type, password, + pw_len); + if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(1,("failed tcon_X with %s\n", nt_errstr(nt_status))); cli_shutdown(cli); if (NT_STATUS_IS_OK(nt_status)) { diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c index f853e4e670..e642f169f9 100644 --- a/source3/libsmb/clidfs.c +++ b/source3/libsmb/clidfs.c @@ -275,9 +275,10 @@ static struct cli_state *do_connect(TALLOC_CTX *ctx, /* must be a normal share */ - if (!cli_send_tconX(c, sharename, "?????", - password, strlen(password)+1)) { - d_printf("tree connect failed: %s\n", cli_errstr(c)); + status = cli_tcon_andx(c, sharename, "?????", + password, strlen(password)+1); + if (!NT_STATUS_IS_OK(status)) { + d_printf("tree connect failed: %s\n", nt_errstr(status)); cli_shutdown(c); return NULL; } @@ -1077,7 +1078,7 @@ static bool cli_check_msdfs_proxy(TALLOC_CTX *ctx, /* check for the referral */ - if (!cli_send_tconX(cli, "IPC$", "IPC", NULL, 0)) { + if (!NT_STATUS_IS_OK(cli_tcon_andx(cli, "IPC$", "IPC", NULL, 0))) { return false; } diff --git a/source3/libsmb/libsmb_server.c b/source3/libsmb/libsmb_server.c index 0ece5bb649..6d7a86241a 100644 --- a/source3/libsmb/libsmb_server.c +++ b/source3/libsmb/libsmb_server.c @@ -300,11 +300,11 @@ SMBC_server(TALLOC_CTX *ctx, * tid. */ - if (!cli_send_tconX(srv->cli, share, "?????", - *pp_password, - strlen(*pp_password)+1)) { - - errno = SMBC_errno(context, srv->cli); + status = cli_tcon_andx(srv->cli, share, "?????", + *pp_password, + strlen(*pp_password)+1); + if (!NT_STATUS_IS_OK(status)) { + errno = map_errno_from_nt_status(status); cli_shutdown(srv->cli); srv->cli = NULL; smbc_getFunctionRemoveCachedServer(context)(context, @@ -501,9 +501,10 @@ again: DEBUG(4,(" session setup ok\n")); - if (!cli_send_tconX(c, share, "?????", - *pp_password, strlen(*pp_password)+1)) { - errno = SMBC_errno(context, c); + status = cli_tcon_andx(c, share, "?????", *pp_password, + strlen(*pp_password)+1); + if (!NT_STATUS_IS_OK(status)) { + errno = map_errno_from_nt_status(status); cli_shutdown(c); return NULL; } diff --git a/source3/libsmb/passchange.c b/source3/libsmb/passchange.c index 76b06088d6..f9ff4b3191 100644 --- a/source3/libsmb/passchange.c +++ b/source3/libsmb/passchange.c @@ -138,13 +138,13 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam cli_init_creds(cli, user_name, "", old_passwd); } - if (!cli_send_tconX(cli, "IPC$", "IPC", "", 1)) { - if (asprintf(err_str, "machine %s rejected the tconX on the IPC$ " - "share. Error was : %s.\n", - remote_machine, cli_errstr(cli)) == -1) { + result = cli_tcon_andx(cli, "IPC$", "IPC", "", 1); + if (!NT_STATUS_IS_OK(result)) { + if (asprintf(err_str, "machine %s rejected the tconX on the " + "IPC$ share. Error was : %s.\n", + remote_machine, nt_errstr(result))) { *err_str = NULL; } - result = cli_nt_error(cli); cli_shutdown(cli); return result; } diff --git a/source3/nmbd/nmbd_synclists.c b/source3/nmbd/nmbd_synclists.c index 3e672aef25..5da0da81e5 100644 --- a/source3/nmbd/nmbd_synclists.c +++ b/source3/nmbd/nmbd_synclists.c @@ -109,7 +109,7 @@ static void sync_child(char *name, int nm_type, return; } - if (!cli_send_tconX(cli, "IPC$", "IPC", "", 1)) { + if (!NT_STATUS_IS_OK(cli_tcon_andx(cli, "IPC$", "IPC", "", 1))) { cli_shutdown(cli); return; } diff --git a/source3/torture/locktest.c b/source3/torture/locktest.c index 1bff95f4f3..4e8dcdd09a 100644 --- a/source3/torture/locktest.c +++ b/source3/torture/locktest.c @@ -257,9 +257,10 @@ static struct cli_state *connect_one(char *share, int snum) DEBUG(4,(" session setup ok\n")); - if (!cli_send_tconX(c, share, "?????", - password[snum], strlen(password[snum])+1)) { - DEBUG(0,("tree connect failed: %s\n", cli_errstr(c))); + status = cli_tcon_andx(c, share, "?????", password[snum], + strlen(password[snum])+1); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0,("tree connect failed: %s\n", nt_errstr(status))); cli_shutdown(c); return NULL; } diff --git a/source3/torture/masktest.c b/source3/torture/masktest.c index 2c3bda1d43..fb562c8075 100644 --- a/source3/torture/masktest.c +++ b/source3/torture/masktest.c @@ -249,9 +249,10 @@ static struct cli_state *connect_one(char *share) DEBUG(4,(" session setup ok\n")); - if (!cli_send_tconX(c, share, "?????", - password, strlen(password)+1)) { - DEBUG(0,("tree connect failed: %s\n", cli_errstr(c))); + status = cli_tcon_andx(c, share, "?????", password, + strlen(password)+1); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0,("tree connect failed: %s\n", nt_errstr(status))); cli_shutdown(c); return NULL; } diff --git a/source3/torture/torture.c b/source3/torture/torture.c index 85233bc0ae..1210a36a39 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -1101,6 +1101,7 @@ static bool run_tcon_test(int dummy) uint16 vuid1, vuid2; char buf[4]; bool ret = True; + NTSTATUS status; memset(buf, '\0', sizeof(buf)); @@ -1127,10 +1128,11 @@ static bool run_tcon_test(int dummy) return False; } - if (!cli_send_tconX(cli, share, "?????", - password, strlen(password)+1)) { + status = cli_tcon_andx(cli, share, "?????", + password, strlen(password)+1); + if (!NT_STATUS_IS_OK(status)) { printf("%s refused 2nd tree connect (%s)\n", host, - cli_errstr(cli)); + nt_errstr(status)); cli_shutdown(cli); return False; } @@ -1239,14 +1241,14 @@ static bool tcon_devtest(struct cli_state *cli, const char *return_devtype, NTSTATUS expected_error) { - bool status; + NTSTATUS status; bool ret; - status = cli_send_tconX(cli, myshare, devtype, - password, strlen(password)+1); + status = cli_tcon_andx(cli, myshare, devtype, + password, strlen(password)+1); if (NT_STATUS_IS_OK(expected_error)) { - if (status) { + if (NT_STATUS_IS_OK(status)) { if (strcmp(cli->dev, return_devtype) == 0) { ret = True; } else { @@ -1264,7 +1266,7 @@ static bool tcon_devtest(struct cli_state *cli, } cli_tdis(cli); } else { - if (status) { + if (NT_STATUS_IS_OK(status)) { printf("tconx to share %s with type %s " "should have failed but succeeded\n", myshare, devtype); @@ -2157,7 +2159,7 @@ static bool run_fdsesstest(int dummy) return False; saved_cnum = cli->cnum; - if (!cli_send_tconX(cli, share, "?????", "", 1)) + if (!NT_STATUS_IS_OK(cli_tcon_andx(cli, share, "?????", "", 1))) return False; new_cnum = cli->cnum; cli->cnum = saved_cnum; diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 0f59f02746..a37bbbd566 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -3022,7 +3022,7 @@ static int rpc_share_list(struct net_context *c, int argc, const char **argv) static bool check_share_availability(struct cli_state *cli, const char *netname) { - if (!cli_send_tconX(cli, netname, "A:", "", 0)) { + if (!NT_STATUS_IS_OK(cli_tcon_andx(cli, netname, "A:", "", 0))) { d_printf("skipping [%s]: not a file share.\n", netname); return false; } @@ -4281,7 +4281,7 @@ static void show_userlist(struct rpc_pipe_client *pipe_hnd, cnum = cli->cnum; - if (!cli_send_tconX(cli, netname, "A:", "", 0)) { + if (!NT_STATUS_IS_OK(cli_tcon_andx(cli, netname, "A:", "", 0))) { return; } diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index f07b5011c8..c12778f8c7 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -76,8 +76,9 @@ static NTSTATUS cli_lsa_lookup_sid(struct cli_state *cli, char **domains; char **names; - if (!cli_send_tconX(cli, "IPC$", "?????", "", 0)) { - return cli_nt_error(cli); + status = cli_tcon_andx(cli, "IPC$", "?????", "", 0); + if (!NT_STATUS_IS_OK(status)) { + return status; } status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id, @@ -124,8 +125,9 @@ static NTSTATUS cli_lsa_lookup_name(struct cli_state *cli, DOM_SID *sids; enum lsa_SidType *types; - if (!cli_send_tconX(cli, "IPC$", "?????", "", 0)) { - return cli_nt_error(cli); + status = cli_tcon_andx(cli, "IPC$", "?????", "", 0); + if (!NT_STATUS_IS_OK(status)) { + return status; } status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id, diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index ab1218c560..35768fe7f2 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -961,15 +961,10 @@ static NTSTATUS cm_prepare_connection(const struct winbindd_domain *domain, winbindd_set_locator_kdc_envs(domain); - if (!cli_send_tconX(*cli, "IPC$", "IPC", "", 0)) { - - result = cli_nt_error(*cli); + result = cli_tcon_andx(*cli, "IPC$", "IPC", "", 0); + if (!NT_STATUS_IS_OK(result)) { DEBUG(1,("failed tcon_X with %s\n", nt_errstr(result))); - - if (NT_STATUS_IS_OK(result)) - result = NT_STATUS_UNSUCCESSFUL; - goto done; } |