diff options
-rw-r--r-- | source3/auth/auth_server.c | 9 | ||||
-rw-r--r-- | source3/include/proto.h | 2 | ||||
-rw-r--r-- | source3/libsmb/cliconnect.c | 33 | ||||
-rw-r--r-- | source3/libsmb/clidfs.c | 7 | ||||
-rw-r--r-- | source3/libsmb/libsmb_server.c | 4 | ||||
-rw-r--r-- | source3/libsmb/passchange.c | 6 | ||||
-rw-r--r-- | source3/nmbd/nmbd_synclists.c | 3 | ||||
-rw-r--r-- | source3/torture/locktest.c | 6 | ||||
-rw-r--r-- | source3/torture/masktest.c | 6 | ||||
-rw-r--r-- | source3/torture/torture.c | 19 | ||||
-rw-r--r-- | source3/utils/net_rpc.c | 3 | ||||
-rw-r--r-- | source3/utils/net_time.c | 6 | ||||
-rw-r--r-- | source3/winbindd/winbindd_cm.c | 7 |
13 files changed, 69 insertions, 42 deletions
diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c index e74e3f5b3b..466c4bf129 100644 --- a/source3/auth/auth_server.c +++ b/source3/auth/auth_server.c @@ -38,6 +38,7 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx) char *pserver = NULL; bool connected_ok = False; struct named_mutex *mutex = NULL; + NTSTATUS status; if (!(cli = cli_initialise())) return NULL; @@ -49,7 +50,6 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx) p = pserver; while(next_token_talloc(mem_ctx, &p, &desthost, LIST_SEP)) { - NTSTATUS status; desthost = talloc_sub_basic(mem_ctx, current_user_info.smb_name, @@ -112,9 +112,12 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx) DEBUG(3,("got session\n")); - if (!cli_negprot(cli)) { + status = cli_negprot(cli); + + if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(mutex); - DEBUG(1,("%s rejected the negprot\n",desthost)); + DEBUG(1, ("%s rejected the negprot: %s\n", + desthost, nt_errstr(status))); cli_shutdown(cli); return NULL; } diff --git a/source3/include/proto.h b/source3/include/proto.h index 536855c66e..8ec15da5d8 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -2365,7 +2365,7 @@ bool cli_send_tconX(struct cli_state *cli, const char *share, const char *dev, const char *pass, int passlen); bool cli_tdis(struct cli_state *cli); void cli_negprot_sendsync(struct cli_state *cli); -bool cli_negprot(struct cli_state *cli); +NTSTATUS cli_negprot(struct cli_state *cli); bool cli_session_request(struct cli_state *cli, struct nmb_name *calling, struct nmb_name *called); NTSTATUS cli_connect(struct cli_state *cli, diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index f7950823a7..f34b38106a 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -1241,7 +1241,7 @@ void cli_negprot_sendsync(struct cli_state *cli) Send a negprot command. ****************************************************************************/ -bool cli_negprot(struct cli_state *cli) +NTSTATUS cli_negprot(struct cli_state *cli) { char *p; int numprots; @@ -1279,21 +1279,25 @@ bool cli_negprot(struct cli_state *cli) SCVAL(smb_buf(cli->outbuf),0,2); cli_send_smb(cli); - if (!cli_receive_smb(cli)) - return False; + if (!cli_receive_smb(cli)) { + return NT_STATUS_UNEXPECTED_IO_ERROR; + } show_msg(cli->inbuf); - if (cli_is_error(cli) || - ((int)SVAL(cli->inbuf,smb_vwv0) >= numprots)) { - return(False); + if (cli_is_error(cli)) { + return cli_nt_error(cli); + } + + if ((int)SVAL(cli->inbuf,smb_vwv0) >= numprots) { + return NT_STATUS_INVALID_NETWORK_RESPONSE; } cli->protocol = prots[SVAL(cli->inbuf,smb_vwv0)].prot; if ((cli->protocol < PROTOCOL_NT1) && cli->sign_info.mandatory_signing) { DEBUG(0,("cli_negprot: SMB signing is mandatory and the selected protocol level doesn't support it.\n")); - return False; + return NT_STATUS_ACCESS_DENIED; } if (cli->protocol >= PROTOCOL_NT1) { @@ -1331,7 +1335,7 @@ bool cli_negprot(struct cli_state *cli) /* Fail if server says signing is mandatory and we don't want to support it. */ if (!cli->sign_info.allow_smb_signing) { DEBUG(0,("cli_negprot: SMB signing is mandatory and we have disabled it.\n")); - return False; + return NT_STATUS_ACCESS_DENIED; } cli->sign_info.negotiated_smb_signing = True; cli->sign_info.mandatory_signing = True; @@ -1339,7 +1343,7 @@ bool cli_negprot(struct cli_state *cli) /* Fail if client says signing is mandatory and the server doesn't support it. */ if (!(cli->sec_mode & NEGOTIATE_SECURITY_SIGNATURES_ENABLED)) { DEBUG(1,("cli_negprot: SMB signing is mandatory and the server doesn't support it.\n")); - return False; + return NT_STATUS_ACCESS_DENIED; } cli->sign_info.negotiated_smb_signing = True; cli->sign_info.mandatory_signing = True; @@ -1381,7 +1385,7 @@ bool cli_negprot(struct cli_state *cli) if (getenv("CLI_FORCE_ASCII")) cli->capabilities &= ~CAP_UNICODE; - return True; + return NT_STATUS_OK; } /**************************************************************************** @@ -1667,12 +1671,9 @@ again: cli->fallback_after_kerberos = true; } - if (!cli_negprot(cli)) { - DEBUG(1,("failed negprot\n")); - nt_status = cli_nt_error(cli); - if (NT_STATUS_IS_OK(nt_status)) { - nt_status = NT_STATUS_UNSUCCESSFUL; - } + nt_status = cli_negprot(cli); + if (!NT_STATUS_IS_OK(nt_status)) { + DEBUG(1, ("failed negprot: %s\n", nt_errstr(nt_status))); cli_shutdown(cli); return nt_status; } diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c index f0ac39fed0..4597e63c98 100644 --- a/source3/libsmb/clidfs.c +++ b/source3/libsmb/clidfs.c @@ -195,8 +195,11 @@ static struct cli_state *do_connect(TALLOC_CTX *ctx, DEBUG(4,(" session request ok\n")); - if (!cli_negprot(c)) { - d_printf("protocol negotiation failed\n"); + status = cli_negprot(c); + + if (!NT_STATUS_IS_OK(status)) { + d_printf("protocol negotiation failed: %s\n", + nt_errstr(status)); cli_shutdown(c); return NULL; } diff --git a/source3/libsmb/libsmb_server.c b/source3/libsmb/libsmb_server.c index 5e37871deb..f4714346d1 100644 --- a/source3/libsmb/libsmb_server.c +++ b/source3/libsmb/libsmb_server.c @@ -433,7 +433,9 @@ again: DEBUG(4,(" session request ok\n")); - if (!cli_negprot(c)) { + status = cli_negprot(c); + + if (!NT_STATUS_IS_OK(status)) { cli_shutdown(c); errno = ETIMEDOUT; return NULL; diff --git a/source3/libsmb/passchange.c b/source3/libsmb/passchange.c index 4c76234e0c..2746a4681e 100644 --- a/source3/libsmb/passchange.c +++ b/source3/libsmb/passchange.c @@ -71,10 +71,12 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam cli->protocol = PROTOCOL_NT1; - if (!cli_negprot(cli)) { + result = cli_negprot(cli); + + if (!NT_STATUS_IS_OK(result)) { asprintf(err_str, "machine %s rejected the negotiate " "protocol. Error was : %s.\n", - remote_machine, cli_errstr(cli) ); + remote_machine, nt_errstr(result)); result = cli_nt_error(cli); cli_shutdown(cli); return result; diff --git a/source3/nmbd/nmbd_synclists.c b/source3/nmbd/nmbd_synclists.c index 5a2f5c46b4..9e09060f27 100644 --- a/source3/nmbd/nmbd_synclists.c +++ b/source3/nmbd/nmbd_synclists.c @@ -100,7 +100,8 @@ static void sync_child(char *name, int nm_type, return; } - if (!cli_negprot(cli)) { + status = cli_negprot(cli); + if (!NT_STATUS_IS_OK(status)) { cli_shutdown(cli); return; } diff --git a/source3/torture/locktest.c b/source3/torture/locktest.c index 247c9abcc1..1bff95f4f3 100644 --- a/source3/torture/locktest.c +++ b/source3/torture/locktest.c @@ -212,8 +212,10 @@ static struct cli_state *connect_one(char *share, int snum) DEBUG(4,(" session request ok\n")); - if (!cli_negprot(c)) { - DEBUG(0,("protocol negotiation failed\n")); + status = cli_negprot(c); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("protocol negotiation failed: %s\n", + nt_errstr(status))); cli_shutdown(c); return NULL; } diff --git a/source3/torture/masktest.c b/source3/torture/masktest.c index 8fea15877f..2c3bda1d43 100644 --- a/source3/torture/masktest.c +++ b/source3/torture/masktest.c @@ -212,8 +212,10 @@ static struct cli_state *connect_one(char *share) DEBUG(4,(" session request ok\n")); - if (!cli_negprot(c)) { - DEBUG(0,("protocol negotiation failed\n")); + status = cli_negprot(c); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("protocol negotiation failed: %s\n", + nt_errstr(status))); cli_shutdown(c); return NULL; } diff --git a/source3/torture/torture.c b/source3/torture/torture.c index 601cfb9438..5584c22a8f 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -4726,6 +4726,7 @@ static bool run_error_map_extract(int dummy) { static struct cli_state *c_dos; static struct cli_state *c_nt; + NTSTATUS status; uint32 error; @@ -4744,8 +4745,11 @@ static bool run_error_map_extract(int dummy) { c_nt->use_spnego = False; - if (!cli_negprot(c_nt)) { - printf("%s rejected the NT-error negprot (%s)\n",host, cli_errstr(c_nt)); + status = cli_negprot(c_nt); + + if (!NT_STATUS_IS_OK(status)) { + printf("%s rejected the NT-error negprot (%s)\n", host, + nt_errstr(status)); cli_shutdown(c_nt); return False; } @@ -4765,8 +4769,10 @@ static bool run_error_map_extract(int dummy) { c_dos->use_spnego = False; c_dos->force_dos_errors = True; - if (!cli_negprot(c_dos)) { - printf("%s rejected the DOS-error negprot (%s)\n",host, cli_errstr(c_dos)); + status = cli_negprot(c_dos); + if (!NT_STATUS_IS_OK(status)) { + printf("%s rejected the DOS-error negprot (%s)\n", host, + nt_errstr(status)); cli_shutdown(c_dos); return False; } @@ -4839,9 +4845,10 @@ static bool run_sesssetup_bench(int dummy) return false; } - if (!cli_negprot(c)) { + status = cli_negprot(c); + if (!NT_STATUS_IS_OK(status)) { printf("%s rejected the NT-error negprot (%s)\n", host, - cli_errstr(c)); + nt_errstr(status)); cli_shutdown(c); return false; } diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index f69d3f9012..5c83b590c1 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -6326,7 +6326,8 @@ bool net_rpc_check(struct net_context *c, unsigned flags) if (!attempt_netbios_session_request(&cli, global_myname(), server_name, &server_ss)) goto done; - if (!cli_negprot(cli)) + status = cli_negprot(cli); + if (!NT_STATUS_IS_OK(status)) goto done; if (cli->protocol < PROTOCOL_NT1) goto done; diff --git a/source3/utils/net_time.c b/source3/utils/net_time.c index f569538fac..8be9ed922c 100644 --- a/source3/utils/net_time.c +++ b/source3/utils/net_time.c @@ -51,8 +51,10 @@ static time_t cli_servertime(const char *host, struct sockaddr_storage *pss, int fprintf(stderr,"Session request failed\n"); goto done; } - if (!cli_negprot(cli)) { - fprintf(stderr,"Protocol negotiation failed\n"); + status = cli_negprot(cli); + if (!NT_STATUS_IS_OK(status)) { + fprintf(stderr, "Protocol negotiation failed: %s\n", + nt_errstr(status)); goto done; } diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index 5f592fc6b7..3135b6a2a3 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -831,9 +831,10 @@ static NTSTATUS cm_prepare_connection(const struct winbindd_domain *domain, cli_setup_signing_state(*cli, Undefined); - if (!cli_negprot(*cli)) { - DEBUG(1, ("cli_negprot failed\n")); - result = NT_STATUS_UNSUCCESSFUL; + result = cli_negprot(*cli); + + if (!NT_STATUS_IS_OK(result)) { + DEBUG(1, ("cli_negprot failed: %s\n", nt_errstr(result))); goto done; } |