summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/auth/auth_server.c9
-rw-r--r--source3/include/proto.h2
-rw-r--r--source3/libsmb/cliconnect.c33
-rw-r--r--source3/libsmb/clidfs.c7
-rw-r--r--source3/libsmb/libsmb_server.c4
-rw-r--r--source3/libsmb/passchange.c6
-rw-r--r--source3/nmbd/nmbd_synclists.c3
-rw-r--r--source3/torture/locktest.c6
-rw-r--r--source3/torture/masktest.c6
-rw-r--r--source3/torture/torture.c19
-rw-r--r--source3/utils/net_rpc.c3
-rw-r--r--source3/utils/net_time.c6
-rw-r--r--source3/winbindd/winbindd_cm.c7
13 files changed, 69 insertions, 42 deletions
diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c
index e74e3f5b3b..466c4bf129 100644
--- a/source3/auth/auth_server.c
+++ b/source3/auth/auth_server.c
@@ -38,6 +38,7 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx)
char *pserver = NULL;
bool connected_ok = False;
struct named_mutex *mutex = NULL;
+ NTSTATUS status;
if (!(cli = cli_initialise()))
return NULL;
@@ -49,7 +50,6 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx)
p = pserver;
while(next_token_talloc(mem_ctx, &p, &desthost, LIST_SEP)) {
- NTSTATUS status;
desthost = talloc_sub_basic(mem_ctx,
current_user_info.smb_name,
@@ -112,9 +112,12 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx)
DEBUG(3,("got session\n"));
- if (!cli_negprot(cli)) {
+ status = cli_negprot(cli);
+
+ if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(mutex);
- DEBUG(1,("%s rejected the negprot\n",desthost));
+ DEBUG(1, ("%s rejected the negprot: %s\n",
+ desthost, nt_errstr(status)));
cli_shutdown(cli);
return NULL;
}
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 536855c66e..8ec15da5d8 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -2365,7 +2365,7 @@ bool cli_send_tconX(struct cli_state *cli,
const char *share, const char *dev, const char *pass, int passlen);
bool cli_tdis(struct cli_state *cli);
void cli_negprot_sendsync(struct cli_state *cli);
-bool cli_negprot(struct cli_state *cli);
+NTSTATUS cli_negprot(struct cli_state *cli);
bool cli_session_request(struct cli_state *cli,
struct nmb_name *calling, struct nmb_name *called);
NTSTATUS cli_connect(struct cli_state *cli,
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index f7950823a7..f34b38106a 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -1241,7 +1241,7 @@ void cli_negprot_sendsync(struct cli_state *cli)
Send a negprot command.
****************************************************************************/
-bool cli_negprot(struct cli_state *cli)
+NTSTATUS cli_negprot(struct cli_state *cli)
{
char *p;
int numprots;
@@ -1279,21 +1279,25 @@ bool cli_negprot(struct cli_state *cli)
SCVAL(smb_buf(cli->outbuf),0,2);
cli_send_smb(cli);
- if (!cli_receive_smb(cli))
- return False;
+ if (!cli_receive_smb(cli)) {
+ return NT_STATUS_UNEXPECTED_IO_ERROR;
+ }
show_msg(cli->inbuf);
- if (cli_is_error(cli) ||
- ((int)SVAL(cli->inbuf,smb_vwv0) >= numprots)) {
- return(False);
+ if (cli_is_error(cli)) {
+ return cli_nt_error(cli);
+ }
+
+ if ((int)SVAL(cli->inbuf,smb_vwv0) >= numprots) {
+ return NT_STATUS_INVALID_NETWORK_RESPONSE;
}
cli->protocol = prots[SVAL(cli->inbuf,smb_vwv0)].prot;
if ((cli->protocol < PROTOCOL_NT1) && cli->sign_info.mandatory_signing) {
DEBUG(0,("cli_negprot: SMB signing is mandatory and the selected protocol level doesn't support it.\n"));
- return False;
+ return NT_STATUS_ACCESS_DENIED;
}
if (cli->protocol >= PROTOCOL_NT1) {
@@ -1331,7 +1335,7 @@ bool cli_negprot(struct cli_state *cli)
/* Fail if server says signing is mandatory and we don't want to support it. */
if (!cli->sign_info.allow_smb_signing) {
DEBUG(0,("cli_negprot: SMB signing is mandatory and we have disabled it.\n"));
- return False;
+ return NT_STATUS_ACCESS_DENIED;
}
cli->sign_info.negotiated_smb_signing = True;
cli->sign_info.mandatory_signing = True;
@@ -1339,7 +1343,7 @@ bool cli_negprot(struct cli_state *cli)
/* Fail if client says signing is mandatory and the server doesn't support it. */
if (!(cli->sec_mode & NEGOTIATE_SECURITY_SIGNATURES_ENABLED)) {
DEBUG(1,("cli_negprot: SMB signing is mandatory and the server doesn't support it.\n"));
- return False;
+ return NT_STATUS_ACCESS_DENIED;
}
cli->sign_info.negotiated_smb_signing = True;
cli->sign_info.mandatory_signing = True;
@@ -1381,7 +1385,7 @@ bool cli_negprot(struct cli_state *cli)
if (getenv("CLI_FORCE_ASCII"))
cli->capabilities &= ~CAP_UNICODE;
- return True;
+ return NT_STATUS_OK;
}
/****************************************************************************
@@ -1667,12 +1671,9 @@ again:
cli->fallback_after_kerberos = true;
}
- if (!cli_negprot(cli)) {
- DEBUG(1,("failed negprot\n"));
- nt_status = cli_nt_error(cli);
- if (NT_STATUS_IS_OK(nt_status)) {
- nt_status = NT_STATUS_UNSUCCESSFUL;
- }
+ nt_status = cli_negprot(cli);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(1, ("failed negprot: %s\n", nt_errstr(nt_status)));
cli_shutdown(cli);
return nt_status;
}
diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c
index f0ac39fed0..4597e63c98 100644
--- a/source3/libsmb/clidfs.c
+++ b/source3/libsmb/clidfs.c
@@ -195,8 +195,11 @@ static struct cli_state *do_connect(TALLOC_CTX *ctx,
DEBUG(4,(" session request ok\n"));
- if (!cli_negprot(c)) {
- d_printf("protocol negotiation failed\n");
+ status = cli_negprot(c);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("protocol negotiation failed: %s\n",
+ nt_errstr(status));
cli_shutdown(c);
return NULL;
}
diff --git a/source3/libsmb/libsmb_server.c b/source3/libsmb/libsmb_server.c
index 5e37871deb..f4714346d1 100644
--- a/source3/libsmb/libsmb_server.c
+++ b/source3/libsmb/libsmb_server.c
@@ -433,7 +433,9 @@ again:
DEBUG(4,(" session request ok\n"));
- if (!cli_negprot(c)) {
+ status = cli_negprot(c);
+
+ if (!NT_STATUS_IS_OK(status)) {
cli_shutdown(c);
errno = ETIMEDOUT;
return NULL;
diff --git a/source3/libsmb/passchange.c b/source3/libsmb/passchange.c
index 4c76234e0c..2746a4681e 100644
--- a/source3/libsmb/passchange.c
+++ b/source3/libsmb/passchange.c
@@ -71,10 +71,12 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam
cli->protocol = PROTOCOL_NT1;
- if (!cli_negprot(cli)) {
+ result = cli_negprot(cli);
+
+ if (!NT_STATUS_IS_OK(result)) {
asprintf(err_str, "machine %s rejected the negotiate "
"protocol. Error was : %s.\n",
- remote_machine, cli_errstr(cli) );
+ remote_machine, nt_errstr(result));
result = cli_nt_error(cli);
cli_shutdown(cli);
return result;
diff --git a/source3/nmbd/nmbd_synclists.c b/source3/nmbd/nmbd_synclists.c
index 5a2f5c46b4..9e09060f27 100644
--- a/source3/nmbd/nmbd_synclists.c
+++ b/source3/nmbd/nmbd_synclists.c
@@ -100,7 +100,8 @@ static void sync_child(char *name, int nm_type,
return;
}
- if (!cli_negprot(cli)) {
+ status = cli_negprot(cli);
+ if (!NT_STATUS_IS_OK(status)) {
cli_shutdown(cli);
return;
}
diff --git a/source3/torture/locktest.c b/source3/torture/locktest.c
index 247c9abcc1..1bff95f4f3 100644
--- a/source3/torture/locktest.c
+++ b/source3/torture/locktest.c
@@ -212,8 +212,10 @@ static struct cli_state *connect_one(char *share, int snum)
DEBUG(4,(" session request ok\n"));
- if (!cli_negprot(c)) {
- DEBUG(0,("protocol negotiation failed\n"));
+ status = cli_negprot(c);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("protocol negotiation failed: %s\n",
+ nt_errstr(status)));
cli_shutdown(c);
return NULL;
}
diff --git a/source3/torture/masktest.c b/source3/torture/masktest.c
index 8fea15877f..2c3bda1d43 100644
--- a/source3/torture/masktest.c
+++ b/source3/torture/masktest.c
@@ -212,8 +212,10 @@ static struct cli_state *connect_one(char *share)
DEBUG(4,(" session request ok\n"));
- if (!cli_negprot(c)) {
- DEBUG(0,("protocol negotiation failed\n"));
+ status = cli_negprot(c);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("protocol negotiation failed: %s\n",
+ nt_errstr(status)));
cli_shutdown(c);
return NULL;
}
diff --git a/source3/torture/torture.c b/source3/torture/torture.c
index 601cfb9438..5584c22a8f 100644
--- a/source3/torture/torture.c
+++ b/source3/torture/torture.c
@@ -4726,6 +4726,7 @@ static bool run_error_map_extract(int dummy) {
static struct cli_state *c_dos;
static struct cli_state *c_nt;
+ NTSTATUS status;
uint32 error;
@@ -4744,8 +4745,11 @@ static bool run_error_map_extract(int dummy) {
c_nt->use_spnego = False;
- if (!cli_negprot(c_nt)) {
- printf("%s rejected the NT-error negprot (%s)\n",host, cli_errstr(c_nt));
+ status = cli_negprot(c_nt);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("%s rejected the NT-error negprot (%s)\n", host,
+ nt_errstr(status));
cli_shutdown(c_nt);
return False;
}
@@ -4765,8 +4769,10 @@ static bool run_error_map_extract(int dummy) {
c_dos->use_spnego = False;
c_dos->force_dos_errors = True;
- if (!cli_negprot(c_dos)) {
- printf("%s rejected the DOS-error negprot (%s)\n",host, cli_errstr(c_dos));
+ status = cli_negprot(c_dos);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("%s rejected the DOS-error negprot (%s)\n", host,
+ nt_errstr(status));
cli_shutdown(c_dos);
return False;
}
@@ -4839,9 +4845,10 @@ static bool run_sesssetup_bench(int dummy)
return false;
}
- if (!cli_negprot(c)) {
+ status = cli_negprot(c);
+ if (!NT_STATUS_IS_OK(status)) {
printf("%s rejected the NT-error negprot (%s)\n", host,
- cli_errstr(c));
+ nt_errstr(status));
cli_shutdown(c);
return false;
}
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index f69d3f9012..5c83b590c1 100644
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -6326,7 +6326,8 @@ bool net_rpc_check(struct net_context *c, unsigned flags)
if (!attempt_netbios_session_request(&cli, global_myname(),
server_name, &server_ss))
goto done;
- if (!cli_negprot(cli))
+ status = cli_negprot(cli);
+ if (!NT_STATUS_IS_OK(status))
goto done;
if (cli->protocol < PROTOCOL_NT1)
goto done;
diff --git a/source3/utils/net_time.c b/source3/utils/net_time.c
index f569538fac..8be9ed922c 100644
--- a/source3/utils/net_time.c
+++ b/source3/utils/net_time.c
@@ -51,8 +51,10 @@ static time_t cli_servertime(const char *host, struct sockaddr_storage *pss, int
fprintf(stderr,"Session request failed\n");
goto done;
}
- if (!cli_negprot(cli)) {
- fprintf(stderr,"Protocol negotiation failed\n");
+ status = cli_negprot(cli);
+ if (!NT_STATUS_IS_OK(status)) {
+ fprintf(stderr, "Protocol negotiation failed: %s\n",
+ nt_errstr(status));
goto done;
}
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 5f592fc6b7..3135b6a2a3 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -831,9 +831,10 @@ static NTSTATUS cm_prepare_connection(const struct winbindd_domain *domain,
cli_setup_signing_state(*cli, Undefined);
- if (!cli_negprot(*cli)) {
- DEBUG(1, ("cli_negprot failed\n"));
- result = NT_STATUS_UNSUCCESSFUL;
+ result = cli_negprot(*cli);
+
+ if (!NT_STATUS_IS_OK(result)) {
+ DEBUG(1, ("cli_negprot failed: %s\n", nt_errstr(result)));
goto done;
}