diff options
Diffstat (limited to 'source3/libsmb')
| -rw-r--r-- | source3/libsmb/cliconnect.c | 94 | ||||
| -rw-r--r-- | source3/libsmb/clidfs.c | 311 | ||||
| -rw-r--r-- | source3/libsmb/clientgen.c | 88 | ||||
| -rw-r--r-- | source3/libsmb/clilist.c | 5 | ||||
| -rw-r--r-- | source3/libsmb/clireadwrite.c | 33 | ||||
| -rw-r--r-- | source3/libsmb/clitrans.c | 49 | ||||
| -rw-r--r-- | source3/libsmb/libsmb_context.c | 59 | ||||
| -rw-r--r-- | source3/libsmb/libsmb_dir.c | 37 | ||||
| -rw-r--r-- | source3/libsmb/libsmb_file.c | 35 | ||||
| -rw-r--r-- | source3/libsmb/libsmb_stat.c | 5 | ||||
| -rw-r--r-- | source3/libsmb/libsmb_xattr.c | 47 | ||||
| -rw-r--r-- | source3/libsmb/passchange.c | 18 | ||||
| -rw-r--r-- | source3/libsmb/pwd_cache.c | 61 | ||||
| -rw-r--r-- | source3/libsmb/trusts_util.c | 2 |
14 files changed, 405 insertions, 439 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index ec2932488e..ebb01c44a6 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -61,6 +61,7 @@ static NTSTATUS cli_session_setup_lanman2(struct cli_state *cli, { DATA_BLOB session_key = data_blob_null; DATA_BLOB lm_response = data_blob_null; + NTSTATUS status; fstring pword; char *p; @@ -129,7 +130,10 @@ static NTSTATUS cli_session_setup_lanman2(struct cli_state *cli, /* use the returned vuid from now on */ cli->vuid = SVAL(cli->inbuf,smb_uid); - fstrcpy(cli->user_name, user); + status = cli_set_username(cli, user); + if (!NT_STATUS_IS_OK(status)) { + return status; + } if (session_key.data) { /* Have plaintext orginal */ @@ -237,7 +241,10 @@ NTSTATUS cli_session_setup_guest_recv(struct async_req *req) cli->is_samba = True; } - fstrcpy(cli->user_name, ""); + status = cli_set_username(cli, ""); + if (!NT_STATUS_IS_OK(status)) { + return status; + } return NT_STATUS_OK; } @@ -289,6 +296,7 @@ static NTSTATUS cli_session_setup_plaintext(struct cli_state *cli, { uint32 capabilities = cli_session_setup_capabilities(cli); char *p; + NTSTATUS status; fstring lanman; fstr_sprintf( lanman, "Samba %s", samba_version_string()); @@ -349,8 +357,10 @@ static NTSTATUS cli_session_setup_plaintext(struct cli_state *cli, -1, STR_TERMINATE); p += clistr_pull(cli->inbuf, cli->server_domain, p, sizeof(fstring), -1, STR_TERMINATE); - fstrcpy(cli->user_name, user); - + status = cli_set_username(cli, user); + if (!NT_STATUS_IS_OK(status)) { + return status; + } if (strstr(cli->server_type, "Samba")) { cli->is_samba = True; } @@ -520,7 +530,10 @@ static NTSTATUS cli_session_setup_nt1(struct cli_state *cli, const char *user, cli->is_samba = True; } - fstrcpy(cli->user_name, user); + result = cli_set_username(cli, user); + if (!NT_STATUS_IS_OK(result)) { + goto end; + } if (session_key.data) { /* Have plaintext orginal */ @@ -898,6 +911,7 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user, DATA_BLOB blob; const char *p = NULL; char *account = NULL; + NTSTATUS status; DEBUG(3,("Doing spnego session setup (blob length=%lu)\n", (unsigned long)cli->secblob.length)); @@ -936,7 +950,10 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user, DEBUG(3,("got principal=%s\n", principal ? principal : "<null>")); - fstrcpy(cli->user_name, user); + status = cli_set_username(cli, user); + if (!NT_STATUS_IS_OK(status)) { + return ADS_ERROR_NT(status); + } #ifdef HAVE_KRB5 /* If password is set we reauthenticate to kerberos server @@ -1768,15 +1785,20 @@ bool cli_session_request(struct cli_state *cli, return(True); } -static void smb_sock_connected(struct async_req *req) +struct fd_struct { + int fd; +}; + +static void smb_sock_connected(struct tevent_req *req) { - int *pfd = (int *)req->async.priv; + struct fd_struct *pfd = tevent_req_callback_data( + req, struct fd_struct); int fd; NTSTATUS status; status = open_socket_out_defer_recv(req, &fd); if (NT_STATUS_IS_OK(status)) { - *pfd = fd; + pfd->fd = fd; } } @@ -1784,10 +1806,9 @@ static NTSTATUS open_smb_socket(const struct sockaddr_storage *pss, uint16_t *port, int timeout, int *pfd) { struct event_context *ev; - struct async_req *r139, *r445; - int fd139 = -1; - int fd445 = -1; - NTSTATUS status; + struct tevent_req *r139, *r445; + struct fd_struct *fd139, *fd445; + NTSTATUS status = NT_STATUS_NO_MEMORY; if (*port != 0) { return open_socket_out(pss, *port, timeout, pfd); @@ -1798,43 +1819,54 @@ static NTSTATUS open_smb_socket(const struct sockaddr_storage *pss, return NT_STATUS_NO_MEMORY; } + fd139 = talloc(ev, struct fd_struct); + if (fd139 == NULL) { + goto done; + } + fd139->fd = -1; + + fd445 = talloc(ev, struct fd_struct); + if (fd445 == NULL) { + goto done; + } + fd445->fd = -1; + r445 = open_socket_out_defer_send(ev, ev, timeval_set(0, 0), pss, 445, timeout); r139 = open_socket_out_defer_send(ev, ev, timeval_set(0, 3000), pss, 139, timeout); if ((r445 == NULL) || (r139 == NULL)) { - status = NT_STATUS_NO_MEMORY; goto done; } - r445->async.fn = smb_sock_connected; - r445->async.priv = &fd445; - r139->async.fn = smb_sock_connected; - r139->async.priv = &fd139; + tevent_req_set_callback(r445, smb_sock_connected, fd445); + tevent_req_set_callback(r139, smb_sock_connected, fd139); - while ((fd139 == -1) && (r139->state < ASYNC_REQ_DONE) - && (fd445 == -1) && (r445->state < ASYNC_REQ_DONE)) { + while ((fd139->fd == -1) + && tevent_req_is_in_progress(r139) + && (fd445->fd == -1) + && tevent_req_is_in_progress(r445)) { event_loop_once(ev); } - if ((fd139 != -1) && (fd445 != -1)) { - close(fd139); - fd139 = -1; + if ((fd139->fd != -1) && (fd445->fd != -1)) { + close(fd139->fd); + fd139->fd = -1; } - if (fd445 != -1) { + if (fd445->fd != -1) { *port = 445; - *pfd = fd445; + *pfd = fd445->fd; status = NT_STATUS_OK; goto done; } - if (fd139 != -1) { + if (fd139->fd != -1) { *port = 139; - *pfd = fd139; + *pfd = fd139->fd; status = NT_STATUS_OK; goto done; } - status = open_socket_out_defer_recv(r445, &fd445); + status = open_socket_out_defer_recv(r445, &fd445->fd); done: TALLOC_FREE(ev); return status; @@ -2101,7 +2133,11 @@ NTSTATUS cli_full_connection(struct cli_state **output_cli, } } - cli_init_creds(cli, user, domain, password); + nt_status = cli_init_creds(cli, user, domain, password); + if (!NT_STATUS_IS_OK(nt_status)) { + cli_shutdown(cli); + return nt_status; + } *output_cli = cli; return NT_STATUS_OK; diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c index 1153d8dc89..430807eb7f 100644 --- a/source3/libsmb/clidfs.c +++ b/source3/libsmb/clidfs.c @@ -3,7 +3,7 @@ client connect/disconnect routines Copyright (C) Andrew Tridgell 1994-1998 Copyright (C) Gerald (Jerry) Carter 2004 - Copyright (C) Jeremy Allison 2007 + Copyright (C) Jeremy Allison 2007-2009 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -32,25 +32,6 @@ as a separator when looking at the pathname part.... JRA. ********************************************************************/ -struct client_connection { - struct client_connection *prev, *next; - struct cli_state *cli; - char *mount; -}; - -static struct cm_cred_struct { - char *username; - char *password; - bool got_pass; - bool use_kerberos; - bool fallback_after_kerberos; - int signing_state; -} cm_creds; - -static void cm_set_password(const char *newpass); - -static struct client_connection *connections; - static bool cli_check_msdfs_proxy(TALLOC_CTX *ctx, struct cli_state *cli, const char *sharename, @@ -96,7 +77,7 @@ NTSTATUS cli_cm_force_encryption(struct cli_state *c, return status; } - + /******************************************************************** Return a connection to a server. ********************************************************************/ @@ -104,6 +85,7 @@ NTSTATUS cli_cm_force_encryption(struct cli_state *c, static struct cli_state *do_connect(TALLOC_CTX *ctx, const char *server, const char *share, + const struct user_auth_info *auth_info, bool show_sessetup, bool force_encrypt, int max_protocol, @@ -151,7 +133,7 @@ static struct cli_state *do_connect(TALLOC_CTX *ctx, zero_sockaddr(&ss); /* have to open a new connection */ - if (!(c=cli_initialise_ex(cm_creds.signing_state))) { + if (!(c=cli_initialise_ex(get_cmdline_auth_info_signing_state(auth_info)))) { d_printf("Connection to %s failed\n", server_n); if (c) { cli_shutdown(c); @@ -175,8 +157,9 @@ static struct cli_state *do_connect(TALLOC_CTX *ctx, max_protocol = PROTOCOL_NT1; } c->protocol = max_protocol; - c->use_kerberos = cm_creds.use_kerberos; - c->fallback_after_kerberos = cm_creds.fallback_after_kerberos; + c->use_kerberos = get_cmdline_auth_info_use_kerberos(auth_info); + c->fallback_after_kerberos = + get_cmdline_auth_info_fallback_after_kerberos(auth_info); if (!cli_session_request(c, &calling, &called)) { char *p; @@ -206,20 +189,8 @@ static struct cli_state *do_connect(TALLOC_CTX *ctx, return NULL; } - if (!cm_creds.got_pass && !cm_creds.use_kerberos) { - char *label = NULL; - char *pass; - label = talloc_asprintf(ctx, "Enter %s's password: ", - cm_creds.username); - pass = getpass(label); - if (pass) { - cm_set_password(pass); - } - TALLOC_FREE(label); - } - - username = cm_creds.username ? cm_creds.username : ""; - password = cm_creds.password ? cm_creds.password : ""; + username = get_cmdline_auth_info_username(auth_info); + password = get_cmdline_auth_info_password(auth_info); if (!NT_STATUS_IS_OK(cli_session_setup(c, username, password, strlen(password), @@ -227,8 +198,9 @@ static struct cli_state *do_connect(TALLOC_CTX *ctx, lp_workgroup()))) { /* If a password was not supplied then * try again with a null username. */ - if (password[0] || !username[0] || cm_creds.use_kerberos || - !NT_STATUS_IS_OK(cli_session_setup(c, "", + if (password[0] || !username[0] || + get_cmdline_auth_info_use_kerberos(auth_info) || + !NT_STATUS_IS_OK(cli_session_setup(c, "", "", 0, "", 0, lp_workgroup()))) { @@ -267,7 +239,7 @@ static struct cli_state *do_connect(TALLOC_CTX *ctx, lp_workgroup())) { cli_shutdown(c); return do_connect(ctx, newserver, - newshare, false, + newshare, auth_info, false, force_encrypt, max_protocol, port, name_type); } @@ -301,111 +273,90 @@ static struct cli_state *do_connect(TALLOC_CTX *ctx, /**************************************************************************** ****************************************************************************/ -static void cli_cm_set_mntpoint(struct cli_state *c, const char *mnt) +static void cli_set_mntpoint(struct cli_state *cli, const char *mnt) { - struct client_connection *p; - int i; - - for (p=connections,i=0; p; p=p->next,i++) { - if (strequal(p->cli->desthost, c->desthost) && - strequal(p->cli->share, c->share)) { - break; - } - } - - if (p) { - char *name = clean_name(NULL, mnt); - if (!name) { - return; - } - TALLOC_FREE(p->mount); - p->mount = talloc_strdup(p, name); - TALLOC_FREE(name); - } -} - -/**************************************************************************** -****************************************************************************/ - -const char *cli_cm_get_mntpoint(struct cli_state *c) -{ - struct client_connection *p; - int i; - - for (p=connections,i=0; p; p=p->next,i++) { - if (strequal(p->cli->desthost, c->desthost) && - strequal(p->cli->share, c->share)) { - break; - } - } - - if (p) { - return p->mount; + char *name = clean_name(NULL, mnt); + if (!name) { + return; } - return NULL; + TALLOC_FREE(cli->dfs_mountpoint); + cli->dfs_mountpoint = talloc_strdup(cli, name); + TALLOC_FREE(name); } /******************************************************************** - Add a new connection to the list + Add a new connection to the list. + referring_cli == NULL means a new initial connection. ********************************************************************/ static struct cli_state *cli_cm_connect(TALLOC_CTX *ctx, struct cli_state *referring_cli, const char *server, const char *share, + const struct user_auth_info *auth_info, bool show_hdr, bool force_encrypt, int max_protocol, int port, int name_type) { - struct client_connection *node; - - /* NB This must be the null context here... JRA. */ - node = TALLOC_ZERO_ARRAY(NULL, struct client_connection, 1); - if (!node) { - return NULL; - } + struct cli_state *cli; - node->cli = do_connect(ctx, server, share, + cli = do_connect(ctx, server, share, + auth_info, show_hdr, force_encrypt, max_protocol, port, name_type); - if ( !node->cli ) { - TALLOC_FREE( node ); + if (!cli ) { return NULL; } - DLIST_ADD( connections, node ); - - cli_cm_set_mntpoint(node->cli, ""); + /* Enter into the list. */ + if (referring_cli) { + DLIST_ADD_END(referring_cli, cli, struct cli_state *); + } if (referring_cli && referring_cli->posix_capabilities) { uint16 major, minor; uint32 caplow, caphigh; - if (cli_unix_extensions_version(node->cli, &major, + if (cli_unix_extensions_version(cli, &major, &minor, &caplow, &caphigh)) { - cli_set_unix_extensions_capabilities(node->cli, + cli_set_unix_extensions_capabilities(cli, major, minor, caplow, caphigh); } } - return node->cli; + return cli; } /******************************************************************** - Return a connection to a server. + Return a connection to a server on a particular share. ********************************************************************/ -static struct cli_state *cli_cm_find(const char *server, const char *share) +static struct cli_state *cli_cm_find(struct cli_state *cli, + const char *server, + const char *share) { - struct client_connection *p; + struct cli_state *p; - for (p=connections; p; p=p->next) { - if ( strequal(server, p->cli->desthost) && - strequal(share,p->cli->share)) { - return p->cli; + if (cli == NULL) { + return NULL; + } + + /* Search to the start of the list. */ + for (p = cli; p; p = p->prev) { + if (strequal(server, p->desthost) && + strequal(share,p->share)) { + return p; + } + } + + /* Search to the end of the list. */ + for (p = cli->next; p; p = p->next) { + if (strequal(server, p->desthost) && + strequal(share,p->share)) { + return p; } } @@ -413,82 +364,68 @@ static struct cli_state *cli_cm_find(const char *server, const char *share) } /**************************************************************************** - Open a client connection to a \\server\share. Set's the current *cli - global variable as a side-effect (but only if the connection is successful). + Open a client connection to a \\server\share. ****************************************************************************/ struct cli_state *cli_cm_open(TALLOC_CTX *ctx, struct cli_state *referring_cli, const char *server, const char *share, + const struct user_auth_info *auth_info, bool show_hdr, bool force_encrypt, int max_protocol, int port, int name_type) { - struct cli_state *c; + /* Try to reuse an existing connection in this list. */ + struct cli_state *c = cli_cm_find(referring_cli, server, share); - /* try to reuse an existing connection */ - - c = cli_cm_find(server, share); - if (!c) { - c = cli_cm_connect(ctx, referring_cli, - server, share, show_hdr, force_encrypt, - max_protocol, port, name_type); + if (c) { + return c; } - return c; -} - -/**************************************************************************** -****************************************************************************/ - -void cli_cm_shutdown(void) -{ - struct client_connection *p, *x; - - for (p=connections; p;) { - cli_shutdown(p->cli); - x = p; - p = p->next; - - TALLOC_FREE(x); + if (auth_info == NULL) { + /* Can't do a new connection + * without auth info. */ + d_printf("cli_cm_open() Unable to open connection [\\%s\\%s] " + "without auth info\n", + server, share ); + return NULL; } - connections = NULL; - return; + return cli_cm_connect(ctx, + referring_cli, + server, + share, + auth_info, + show_hdr, + force_encrypt, + max_protocol, + port, + name_type); } /**************************************************************************** ****************************************************************************/ -void cli_cm_display(void) +void cli_cm_display(const struct cli_state *cli) { - struct client_connection *p; int i; - for ( p=connections,i=0; p; p=p->next,i++ ) { + for (i=0; cli; cli = cli->next,i++ ) { d_printf("%d:\tserver=%s, share=%s\n", - i, p->cli->desthost, p->cli->share ); + i, cli->desthost, cli->share ); } } /**************************************************************************** ****************************************************************************/ -static void cm_set_password(const char *newpass) -{ - SAFE_FREE(cm_creds.password); - cm_creds.password = SMB_STRDUP(newpass); - if (cm_creds.password) { - cm_creds.got_pass = true; - } -} - /**************************************************************************** ****************************************************************************/ +#if 0 void cli_cm_set_credentials(struct user_auth_info *auth_info) { SAFE_FREE(cm_creds.username); @@ -503,51 +440,7 @@ void cli_cm_set_credentials(struct user_auth_info *auth_info) cm_creds.fallback_after_kerberos = false; cm_creds.signing_state = get_cmdline_auth_info_signing_state(auth_info); } - -/**************************************************************************** -****************************************************************************/ - -void cli_cm_set_signing_state(int state) -{ - cm_creds.signing_state = state; -} - -/**************************************************************************** -****************************************************************************/ - -void cli_cm_set_username(const char *username) -{ - SAFE_FREE(cm_creds.username); - cm_creds.username = SMB_STRDUP(username); -} - -/**************************************************************************** -****************************************************************************/ - -void cli_cm_set_password(const char *newpass) -{ - SAFE_FREE(cm_creds.password); - cm_creds.password = SMB_STRDUP(newpass); - if (cm_creds.password) { - cm_creds.got_pass = true; - } -} - -/**************************************************************************** -****************************************************************************/ - -void cli_cm_set_use_kerberos(void) -{ - cm_creds.use_kerberos = true; -} - -/**************************************************************************** -****************************************************************************/ - -void cli_cm_set_fallback_after_kerberos(void) -{ - cm_creds.fallback_after_kerberos = true; -} +#endif /********************************************************************** split a dfs path into the server, share name, and extrapath components @@ -658,13 +551,23 @@ static char *cli_dfs_make_full_path(TALLOC_CTX *ctx, struct cli_state *cli, const char *dir) { + char path_sep = '\\'; + /* Ensure the extrapath doesn't start with a separator. */ while (IS_DIRECTORY_SEP(*dir)) { dir++; } - return talloc_asprintf(ctx, "\\%s\\%s\\%s", - cli->desthost, cli->share, dir); + if (cli->posix_capabilities & CIFS_UNIX_POSIX_PATHNAMES_CAP) { + path_sep = '/'; + } + return talloc_asprintf(ctx, "%c%s%c%s%c%s", + path_sep, + cli->desthost, + path_sep, + cli->share, + path_sep, + dir); } /******************************************************************** @@ -817,6 +720,7 @@ bool cli_dfs_get_referral(TALLOC_CTX *ctx, bool cli_resolve_path(TALLOC_CTX *ctx, const char *mountpt, + const struct user_auth_info *dfs_auth_info, struct cli_state *rootcli, const char *path, struct cli_state **targetcli, @@ -897,13 +801,16 @@ bool cli_resolve_path(TALLOC_CTX *ctx, /* Check for the referral. */ - if (!(cli_ipc = cli_cm_open(ctx, rootcli, - rootcli->desthost, - "IPC$", false, - (rootcli->trans_enc_state != NULL), - rootcli->protocol, - 0, - 0x20))) { + if (!(cli_ipc = cli_cm_open(ctx, + rootcli, + rootcli->desthost, + "IPC$", + dfs_auth_info, + false, + (rootcli->trans_enc_state != NULL), + rootcli->protocol, + 0, + 0x20))) { return false; } @@ -947,6 +854,7 @@ bool cli_resolve_path(TALLOC_CTX *ctx, if ((*targetcli = cli_cm_open(ctx, rootcli, server, share, + dfs_auth_info, false, (rootcli->trans_enc_state != NULL), rootcli->protocol, @@ -998,7 +906,7 @@ bool cli_resolve_path(TALLOC_CTX *ctx, return false; } - cli_cm_set_mntpoint(*targetcli, newmount); + cli_set_mntpoint(*targetcli, newmount); /* Check for another dfs referral, note that we are not checking for loops here. */ @@ -1006,6 +914,7 @@ bool cli_resolve_path(TALLOC_CTX *ctx, if (!strequal(*pp_targetpath, "\\") && !strequal(*pp_targetpath, "/")) { if (cli_resolve_path(ctx, newmount, + dfs_auth_info, *targetcli, *pp_targetpath, &newcli, diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index 2983f7771a..c1ba4e5c4f 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -409,23 +409,68 @@ void cli_setup_bcc(struct cli_state *cli, void *p) } /**************************************************************************** + Initialize Domain, user or password. +****************************************************************************/ + +NTSTATUS cli_set_domain(struct cli_state *cli, const char *domain) +{ + TALLOC_FREE(cli->domain); + cli->domain = talloc_strdup(cli, domain ? domain : ""); + if (cli->domain == NULL) { + return NT_STATUS_NO_MEMORY; + } + return NT_STATUS_OK; +} + +NTSTATUS cli_set_username(struct cli_state *cli, const char *username) +{ + TALLOC_FREE(cli->user_name); + cli->user_name = talloc_strdup(cli, username ? username : ""); + if (cli->user_name == NULL) { + return NT_STATUS_NO_MEMORY; + } + return NT_STATUS_OK; +} + +NTSTATUS cli_set_password(struct cli_state *cli, const char *password) +{ + TALLOC_FREE(cli->password); + + /* Password can be NULL. */ + if (password) { + cli->password = talloc_strdup(cli, password); + if (cli->password == NULL) { + return NT_STATUS_NO_MEMORY; + } + } else { + /* Use zero NTLMSSP hashes and session key. */ + cli->password = NULL; + } + + return NT_STATUS_OK; +} + +/**************************************************************************** Initialise credentials of a client structure. ****************************************************************************/ -void cli_init_creds(struct cli_state *cli, const char *username, const char *domain, const char *password) +NTSTATUS cli_init_creds(struct cli_state *cli, const char *username, const char *domain, const char *password) { - fstrcpy(cli->domain, domain); - fstrcpy(cli->user_name, username); - pwd_set_cleartext(&cli->pwd, password); - if (!*username) { - cli->pwd.null_pwd = true; + NTSTATUS status = cli_set_username(cli, username); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + status = cli_set_domain(cli, domain); + if (!NT_STATUS_IS_OK(status)) { + return status; } + DEBUG(10,("cli_init_creds: user %s domain %s\n", cli->user_name, cli->domain)); - DEBUG(10,("cli_init_creds: user %s domain %s\n", cli->user_name, cli->domain)); + return cli_set_password(cli, password); } /**************************************************************************** - Initialise a client structure. Always returns a malloc'ed struct. + Initialise a client structure. Always returns a talloc'ed struct. Set the signing state (used from the command line). ****************************************************************************/ @@ -446,6 +491,10 @@ struct cli_state *cli_initialise_ex(int signing_state) return NULL; } + cli->dfs_mountpoint = talloc_strdup(cli, ""); + if (!cli->dfs_mountpoint) { + goto error; + } cli->port = 0; cli->fd = -1; cli->cnum = -1; @@ -521,7 +570,7 @@ struct cli_state *cli_initialise_ex(int signing_state) SAFE_FREE(cli->inbuf); SAFE_FREE(cli->outbuf); - SAFE_FREE(cli); + TALLOC_FREE(cli); return NULL; } @@ -550,6 +599,27 @@ void cli_nt_pipes_close(struct cli_state *cli) void cli_shutdown(struct cli_state *cli) { + if (cli->prev == NULL) { + /* + * Possible head of a DFS list, + * shutdown all subsidiary DFS + * connections. + */ + struct cli_state *p, *next; + + for (p = cli->next; p; p = next) { + next = p->next; + cli_shutdown(p); + } + } else { + /* + * We're a subsidiary connection. + * Just remove ourselves from the + * DFS list. + */ + DLIST_REMOVE(cli->prev, cli); + } + cli_nt_pipes_close(cli); /* diff --git a/source3/libsmb/clilist.c b/source3/libsmb/clilist.c index e604725493..a84a64794b 100644 --- a/source3/libsmb/clilist.c +++ b/source3/libsmb/clilist.c @@ -244,7 +244,6 @@ int cli_list_new(struct cli_state *cli,const char *Mask,uint16 attribute, unsigned int param_len, data_len; uint16 setup; char *param; - const char *mnt; uint32 resume_key = 0; TALLOC_CTX *frame = talloc_stackframe(); DATA_BLOB last_name_raw = data_blob(NULL, 0); @@ -457,8 +456,6 @@ int cli_list_new(struct cli_state *cli,const char *Mask,uint16 attribute, First = False; } - mnt = cli_cm_get_mntpoint( cli ); - /* see if the server disconnected or the connection otherwise failed */ if (cli_is_error(cli)) { total_received = -1; @@ -479,7 +476,7 @@ int cli_list_new(struct cli_state *cli,const char *Mask,uint16 attribute, info_level)); break; } - fn(mnt,&finfo, Mask, state); + fn(cli->dfs_mountpoint, &finfo, Mask, state); } } diff --git a/source3/libsmb/clireadwrite.c b/source3/libsmb/clireadwrite.c index 7e7cf0d682..f2f447b4c9 100644 --- a/source3/libsmb/clireadwrite.c +++ b/source3/libsmb/clireadwrite.c @@ -930,11 +930,8 @@ struct cli_push_state { uint16_t mode; off_t start_offset; size_t window_size; - bool caller_buffers; - size_t (*source)(uint8_t *inbuf, size_t n, - const uint8_t **outbuf, - void *priv); + size_t (*source)(uint8_t *buf, size_t n, void *priv); void *priv; bool eof; @@ -966,21 +963,13 @@ static bool cli_push_write_setup(struct async_req *req, substate->req = req; substate->idx = idx; substate->ofs = state->next_offset; - if (state->caller_buffers) { - substate->buf = NULL; - } else { - substate->buf = talloc_array(substate, uint8_t, - state->chunk_size); - if (!substate->buf) { - talloc_free(substate); - return false; - } + substate->buf = talloc_array(substate, uint8_t, state->chunk_size); + if (!substate->buf) { + talloc_free(substate); + return false; } - - /* source function can overwrite substate->buf... */ substate->size = state->source(substate->buf, state->chunk_size, - (const uint8_t **)&substate->buf, state->priv); if (substate->size == 0) { state->eof = true; @@ -1013,9 +1002,7 @@ struct async_req *cli_push_send(TALLOC_CTX *mem_ctx, struct event_context *ev, struct cli_state *cli, uint16_t fnum, uint16_t mode, off_t start_offset, size_t window_size, - bool caller_buffers, - size_t (*source)(uint8_t *inbuf, size_t n, - const uint8_t **outbuf, + size_t (*source)(uint8_t *buf, size_t n, void *priv), void *priv) { @@ -1032,7 +1019,6 @@ struct async_req *cli_push_send(TALLOC_CTX *mem_ctx, struct event_context *ev, state->fnum = fnum; state->start_offset = start_offset; state->mode = mode; - state->caller_buffers = caller_buffers; state->source = source; state->priv = priv; state->eof = false; @@ -1122,10 +1108,7 @@ NTSTATUS cli_push_recv(struct async_req *req) NTSTATUS cli_push(struct cli_state *cli, uint16_t fnum, uint16_t mode, off_t start_offset, size_t window_size, - bool caller_buffers, - size_t (*source)(uint8_t *inbuf, size_t n, - const uint8_t **outbuf, - void *priv), + size_t (*source)(uint8_t *buf, size_t n, void *priv), void *priv) { TALLOC_CTX *frame = talloc_stackframe(); @@ -1146,7 +1129,7 @@ NTSTATUS cli_push(struct cli_state *cli, uint16_t fnum, uint16_t mode, } req = cli_push_send(frame, ev, cli, fnum, mode, start_offset, - window_size, caller_buffers, source, priv); + window_size, source, priv); if (req == NULL) { goto nomem; } diff --git a/source3/libsmb/clitrans.c b/source3/libsmb/clitrans.c index 69e2be3af7..0266c0307e 100644 --- a/source3/libsmb/clitrans.c +++ b/source3/libsmb/clitrans.c @@ -112,9 +112,6 @@ bool cli_send_trans(struct cli_state *cli, int trans, this_lparam = MIN(lparam-tot_param,cli->max_xmit - 500); /* hack */ this_ldata = MIN(ldata-tot_data,cli->max_xmit - (500+this_lparam)); - client_set_trans_sign_state_off(cli, mid); - client_set_trans_sign_state_on(cli, mid); - cli_set_message(cli->outbuf,trans==SMBtrans?8:9,0,True); SCVAL(cli->outbuf,smb_com,(trans==SMBtrans ? SMBtranss : SMBtranss2)); @@ -138,20 +135,14 @@ bool cli_send_trans(struct cli_state *cli, int trans, memcpy(outdata,data+tot_data,this_ldata); cli_setup_bcc(cli, outdata+this_ldata); - /* - * Save the mid we're using. We need this for finding - * signing replies. - */ - mid = cli->mid; - show_msg(cli->outbuf); + + client_set_trans_sign_state_off(cli, mid); + cli->mid = mid; if (!cli_send_smb(cli)) { - client_set_trans_sign_state_off(cli, mid); return False; } - - /* Ensure we use the same mid for the secondaries. */ - cli->mid = mid; + client_set_trans_sign_state_on(cli, mid); tot_data += this_ldata; tot_param += this_lparam; @@ -461,21 +452,14 @@ bool cli_send_nt_trans(struct cli_state *cli, memcpy(outdata,data+tot_data,this_ldata); cli_setup_bcc(cli, outdata+this_ldata); - /* - * Save the mid we're using. We need this for finding - * signing replies. - */ - mid = cli->mid; - show_msg(cli->outbuf); + client_set_trans_sign_state_off(cli, mid); + cli->mid = mid; if (!cli_send_smb(cli)) { - client_set_trans_sign_state_off(cli, mid); return False; } - - /* Ensure we use the same mid for the secondaries. */ - cli->mid = mid; + client_set_trans_sign_state_on(cli, mid); tot_data += this_ldata; tot_param += this_lparam; @@ -747,6 +731,7 @@ static struct async_req *cli_ship_trans(TALLOC_CTX *mem_ctx, uint16_t this_data = 0; uint32_t useable_space; uint8_t cmd; + uint8_t pad[3]; frame = talloc_stackframe(); @@ -759,9 +744,16 @@ static struct async_req *cli_ship_trans(TALLOC_CTX *mem_ctx, param_offset = smb_size - 4; + bytes = TALLOC_ARRAY(talloc_tos(), uint8_t, 0); /* padding */ + if (bytes == NULL) { + goto fail; + } + switch (cmd) { case SMBtrans: - bytes = TALLOC_ZERO_P(talloc_tos(), uint8_t); /* padding */ + pad[0] = 0; + bytes = (uint8_t *)talloc_append_blob(talloc_tos(), bytes, + data_blob_const(pad, 1)); if (bytes == NULL) { goto fail; } @@ -775,13 +767,14 @@ static struct async_req *cli_ship_trans(TALLOC_CTX *mem_ctx, param_offset += talloc_get_size(bytes); break; case SMBtrans2: - bytes = TALLOC_ARRAY(talloc_tos(), uint8_t, 3); /* padding */ + pad[0] = 0; + pad[1] = 'D'; /* Copy this from "old" 3.0 behaviour */ + pad[2] = ' '; + bytes = (uint8_t *)talloc_append_blob(talloc_tos(), bytes, + data_blob_const(pad, 3)); if (bytes == NULL) { goto fail; } - bytes[0] = 0; - bytes[1] = 'D'; /* Copy this from "old" 3.0 behaviour */ - bytes[2] = ' '; wct = 14 + state->num_setup; param_offset += talloc_get_size(bytes); break; diff --git a/source3/libsmb/libsmb_context.c b/source3/libsmb/libsmb_context.c index 4c12d18ab7..f09e9c6287 100644 --- a/source3/libsmb/libsmb_context.c +++ b/source3/libsmb/libsmb_context.c @@ -203,6 +203,9 @@ smbc_free_context(SMBCCTX *context, DEBUG(3, ("Context %p successfully freed\n", context)); + /* Free any DFS auth context. */ + TALLOC_FREE(context->internal->auth_info); + SAFE_FREE(context->internal); SAFE_FREE(context); @@ -625,32 +628,20 @@ smbc_version(void) return samba_version_string(); } - /* * Set the credentials so DFS will work when following referrals. + * This function is broken and must be removed. No SMBCCTX arg... + * JRA. */ + void smbc_set_credentials(const char *workgroup, - const char *user, - const char *password, - smbc_bool use_kerberos, - const char *signing_state) + const char *user, + const char *password, + smbc_bool use_kerberos, + const char *signing_state) { - struct user_auth_info *auth_info; - - auth_info = user_auth_info_init(talloc_tos()); - if (auth_info == NULL) { - return; - } - set_cmdline_auth_info_username(auth_info, user); - set_cmdline_auth_info_password(auth_info, password); - set_cmdline_auth_info_use_kerberos(auth_info, use_kerberos); - if (! set_cmdline_auth_info_signing_state(auth_info, signing_state)) { - DEBUG(0, ("Invalid signing state: %s", signing_state)); - } - set_global_myworkgroup(workgroup); - cli_cm_set_credentials(auth_info); - TALLOC_FREE(auth_info); + d_printf("smbc_set_credentials is obsolete. Replace with smbc_set_credentials_with_fallback().\n"); } void smbc_set_credentials_with_fallback(SMBCCTX *context, @@ -660,7 +651,11 @@ void smbc_set_credentials_with_fallback(SMBCCTX *context, { smbc_bool use_kerberos = false; const char *signing_state = "off"; - + struct user_auth_info *auth_info = user_auth_info_init(NULL); + + if (auth_info) { + } + if (! context || ! workgroup || ! *workgroup || ! user || ! *user || @@ -669,6 +664,13 @@ void smbc_set_credentials_with_fallback(SMBCCTX *context, return; } + auth_info = user_auth_info_init(NULL); + + if (auth_info) { + DEBUG(0, ("smbc_set_credentials_with_fallback: allocation fail\n")); + return; + } + if (smbc_getOptionUseKerberos(context)) { use_kerberos = True; } @@ -681,10 +683,15 @@ void smbc_set_credentials_with_fallback(SMBCCTX *context, signing_state = "force"; } - smbc_set_credentials(workgroup, user, password, - use_kerberos, signing_state); + set_cmdline_auth_info_username(auth_info, user); + set_cmdline_auth_info_password(auth_info, password); + set_cmdline_auth_info_use_kerberos(auth_info, use_kerberos); + set_cmdline_auth_info_signing_state(auth_info, signing_state); + set_cmdline_auth_info_fallback_after_kerberos(auth_info, + smbc_getOptionFallbackAfterKerberos(context)); + set_global_myworkgroup(workgroup); - if (smbc_getOptionFallbackAfterKerberos(context)) { - cli_cm_set_fallback_after_kerberos(); - } + TALLOC_FREE(context->internal->auth_info); + + context->internal->auth_info = auth_info; } diff --git a/source3/libsmb/libsmb_dir.c b/source3/libsmb/libsmb_dir.c index 56661af70b..2255db6617 100644 --- a/source3/libsmb/libsmb_dir.c +++ b/source3/libsmb/libsmb_dir.c @@ -770,8 +770,9 @@ SMBC_opendir_ctx(SMBCCTX *context, return NULL; } - if (!cli_resolve_path(frame, "", srv->cli, path, - &targetcli, &targetpath)) { + if (!cli_resolve_path(frame, "", context->internal->auth_info, + srv->cli, path, + &targetcli, &targetpath)) { d_printf("Could not resolve %s\n", path); if (dir) { SAFE_FREE(dir->fname); @@ -1166,8 +1167,9 @@ SMBC_mkdir_ctx(SMBCCTX *context, } /*d_printf(">>>mkdir: resolving %s\n", path);*/ - if (!cli_resolve_path(frame, "", srv->cli, path, - &targetcli, &targetpath)) { + if (!cli_resolve_path(frame, "", context->internal->auth_info, + srv->cli, path, + &targetcli, &targetpath)) { d_printf("Could not resolve %s\n", path); TALLOC_FREE(frame); return -1; @@ -1272,8 +1274,9 @@ SMBC_rmdir_ctx(SMBCCTX *context, } /*d_printf(">>>rmdir: resolving %s\n", path);*/ - if (!cli_resolve_path(frame, "", srv->cli, path, - &targetcli, &targetpath)) { + if (!cli_resolve_path(frame, "", context->internal->auth_info, + srv->cli, path, + &targetcli, &targetpath)) { d_printf("Could not resolve %s\n", path); TALLOC_FREE(frame); return -1; @@ -1554,8 +1557,9 @@ SMBC_chmod_ctx(SMBCCTX *context, } /*d_printf(">>>unlink: resolving %s\n", path);*/ - if (!cli_resolve_path(frame, "", srv->cli, path, - &targetcli, &targetpath)) { + if (!cli_resolve_path(frame, "", context->internal->auth_info, + srv->cli, path, + &targetcli, &targetpath)) { d_printf("Could not resolve %s\n", path); TALLOC_FREE(frame); return -1; @@ -1745,8 +1749,9 @@ SMBC_unlink_ctx(SMBCCTX *context, } /*d_printf(">>>unlink: resolving %s\n", path);*/ - if (!cli_resolve_path(frame, "", srv->cli, path, - &targetcli, &targetpath)) { + if (!cli_resolve_path(frame, "", context->internal->auth_info, + srv->cli, path, + &targetcli, &targetpath)) { d_printf("Could not resolve %s\n", path); TALLOC_FREE(frame); return -1; @@ -1917,8 +1922,10 @@ SMBC_rename_ctx(SMBCCTX *ocontext, password1); /*d_printf(">>>rename: resolving %s\n", path1);*/ - if (!cli_resolve_path(frame, "", srv->cli, path1, - &targetcli1, &targetpath1)) { + if (!cli_resolve_path(frame, "", ocontext->internal->auth_info, + srv->cli, + path1, + &targetcli1, &targetpath1)) { d_printf("Could not resolve %s\n", path1); TALLOC_FREE(frame); return -1; @@ -1932,8 +1939,10 @@ SMBC_rename_ctx(SMBCCTX *ocontext, /*d_printf(">>>rename: resolved path as %s\n", targetpath1);*/ /*d_printf(">>>rename: resolving %s\n", path2);*/ - if (!cli_resolve_path(frame, "", srv->cli, path2, - &targetcli2, &targetpath2)) { + if (!cli_resolve_path(frame, "", ncontext->internal->auth_info, + srv->cli, + path2, + &targetcli2, &targetpath2)) { d_printf("Could not resolve %s\n", path2); TALLOC_FREE(frame); return -1; diff --git a/source3/libsmb/libsmb_file.c b/source3/libsmb/libsmb_file.c index 28256bb241..06e41ad21e 100644 --- a/source3/libsmb/libsmb_file.c +++ b/source3/libsmb/libsmb_file.c @@ -115,8 +115,9 @@ SMBC_open_ctx(SMBCCTX *context, ZERO_STRUCTP(file); /*d_printf(">>>open: resolving %s\n", path);*/ - if (!cli_resolve_path(frame, "", srv->cli, path, - &targetcli, &targetpath)) { + if (!cli_resolve_path(frame, "", context->internal->auth_info, + srv->cli, path, + &targetcli, &targetpath)) { d_printf("Could not resolve %s\n", path); SAFE_FREE(file); TALLOC_FREE(frame); @@ -295,8 +296,9 @@ SMBC_read_ctx(SMBCCTX *context, } /*d_printf(">>>read: resolving %s\n", path);*/ - if (!cli_resolve_path(frame, "", file->srv->cli, path, - &targetcli, &targetpath)) { + if (!cli_resolve_path(frame, "", context->internal->auth_info, + file->srv->cli, path, + &targetcli, &targetpath)) { d_printf("Could not resolve %s\n", path); TALLOC_FREE(frame); return -1; @@ -384,8 +386,9 @@ SMBC_write_ctx(SMBCCTX *context, } /*d_printf(">>>write: resolving %s\n", path);*/ - if (!cli_resolve_path(frame, "", file->srv->cli, path, - &targetcli, &targetpath)) { + if (!cli_resolve_path(frame, "", context->internal->auth_info, + file->srv->cli, path, + &targetcli, &targetpath)) { d_printf("Could not resolve %s\n", path); TALLOC_FREE(frame); return -1; @@ -459,8 +462,9 @@ SMBC_close_ctx(SMBCCTX *context, } /*d_printf(">>>close: resolving %s\n", path);*/ - if (!cli_resolve_path(frame, "", file->srv->cli, path, - &targetcli, &targetpath)) { + if (!cli_resolve_path(frame, "", context->internal->auth_info, + file->srv->cli, path, + &targetcli, &targetpath)) { d_printf("Could not resolve %s\n", path); TALLOC_FREE(frame); return -1; @@ -541,8 +545,9 @@ SMBC_getatr(SMBCCTX * context, } DEBUG(4,("SMBC_getatr: sending qpathinfo\n")); - if (!cli_resolve_path(frame, "", srv->cli, fixedpath, - &targetcli, &targetpath)) { + if (!cli_resolve_path(frame, "", context->internal->auth_info, + srv->cli, fixedpath, + &targetcli, &targetpath)) { d_printf("Couldn't resolve %s\n", path); TALLOC_FREE(frame); return False; @@ -753,8 +758,9 @@ SMBC_lseek_ctx(SMBCCTX *context, } /*d_printf(">>>lseek: resolving %s\n", path);*/ - if (!cli_resolve_path(frame, "", file->srv->cli, path, - &targetcli, &targetpath)) { + if (!cli_resolve_path(frame, "", context->internal->auth_info, + file->srv->cli, path, + &targetcli, &targetpath)) { d_printf("Could not resolve %s\n", path); TALLOC_FREE(frame); return -1; @@ -844,8 +850,9 @@ SMBC_ftruncate_ctx(SMBCCTX *context, } /*d_printf(">>>fstat: resolving %s\n", path);*/ - if (!cli_resolve_path(frame, "", file->srv->cli, path, - &targetcli, &targetpath)) { + if (!cli_resolve_path(frame, "", context->internal->auth_info, + file->srv->cli, path, + &targetcli, &targetpath)) { d_printf("Could not resolve %s\n", path); TALLOC_FREE(frame); return -1; diff --git a/source3/libsmb/libsmb_stat.c b/source3/libsmb/libsmb_stat.c index f8571ff110..dc904d2753 100644 --- a/source3/libsmb/libsmb_stat.c +++ b/source3/libsmb/libsmb_stat.c @@ -257,8 +257,9 @@ SMBC_fstat_ctx(SMBCCTX *context, } /*d_printf(">>>fstat: resolving %s\n", path);*/ - if (!cli_resolve_path(frame, "", file->srv->cli, path, - &targetcli, &targetpath)) { + if (!cli_resolve_path(frame, "", context->internal->auth_info, + file->srv->cli, path, + &targetcli, &targetpath)) { d_printf("Could not resolve %s\n", path); TALLOC_FREE(frame); return -1; diff --git a/source3/libsmb/libsmb_xattr.c b/source3/libsmb/libsmb_xattr.c index 70fbc27883..e4a0a05586 100644 --- a/source3/libsmb/libsmb_xattr.c +++ b/source3/libsmb/libsmb_xattr.c @@ -166,7 +166,7 @@ sort_acl(SEC_ACL *the_acl) /* convert a SID to a string, either numeric or username/group */ static void convert_sid_to_string(struct cli_state *ipc_cli, - POLICY_HND *pol, + struct policy_handle *pol, fstring str, bool numeric, DOM_SID *sid) @@ -211,7 +211,7 @@ convert_sid_to_string(struct cli_state *ipc_cli, /* convert a string to a SID, either numeric or username/group */ static bool convert_string_to_sid(struct cli_state *ipc_cli, - POLICY_HND *pol, + struct policy_handle *pol, bool numeric, DOM_SID *sid, const char *str) @@ -255,7 +255,7 @@ done: /* parse an ACE in the same format as print_ace() */ static bool parse_ace(struct cli_state *ipc_cli, - POLICY_HND *pol, + struct policy_handle *pol, SEC_ACE *ace, bool numeric, char *str) @@ -422,7 +422,7 @@ add_ace(SEC_ACL **the_acl, static SEC_DESC * sec_desc_parse(TALLOC_CTX *ctx, struct cli_state *ipc_cli, - POLICY_HND *pol, + struct policy_handle *pol, bool numeric, const char *str) { @@ -702,7 +702,7 @@ cacl_get(SMBCCTX *context, TALLOC_CTX *ctx, SMBCSRV *srv, struct cli_state *ipc_cli, - POLICY_HND *pol, + struct policy_handle *pol, char *filename, char *attr_name, char *buf, @@ -891,7 +891,8 @@ cacl_get(SMBCCTX *context, /* Point to the portion after "system.nt_sec_desc." */ name += 19; /* if (all) this will be invalid but unused */ - if (!cli_resolve_path(ctx, "", cli, filename, + if (!cli_resolve_path(ctx, "", context->internal->auth_info, + cli, filename, &targetcli, &targetpath)) { DEBUG(5, ("cacl_get Could not resolve %s\n", filename)); @@ -1496,14 +1497,15 @@ cacl_get(SMBCCTX *context, set the ACLs on a file given an ascii description *******************************************************/ static int -cacl_set(TALLOC_CTX *ctx, - struct cli_state *cli, - struct cli_state *ipc_cli, - POLICY_HND *pol, - const char *filename, - char *the_acl, - int mode, - int flags) +cacl_set(SMBCCTX *context, + TALLOC_CTX *ctx, + struct cli_state *cli, + struct cli_state *ipc_cli, + struct policy_handle *pol, + const char *filename, + char *the_acl, + int mode, + int flags) { int fnum; int err = 0; @@ -1547,8 +1549,9 @@ cacl_set(TALLOC_CTX *ctx, return -1; } - if (!cli_resolve_path(ctx, "", cli, filename, - &targetcli, &targetpath)) { + if (!cli_resolve_path(ctx, "", context->internal->auth_info, + cli, filename, + &targetcli, &targetpath)) { DEBUG(5,("cacl_set: Could not resolve %s\n", filename)); errno = ENOENT; return -1; @@ -1793,7 +1796,7 @@ SMBC_setxattr_ctx(SMBCCTX *context, } if (ipc_srv) { - ret = cacl_set(talloc_tos(), srv->cli, + ret = cacl_set(context, talloc_tos(), srv->cli, ipc_srv->cli, &ipc_srv->pol, path, namevalue, (*namevalue == '*' @@ -1857,7 +1860,7 @@ SMBC_setxattr_ctx(SMBCCTX *context, errno = ENOMEM; ret = -1; } else { - ret = cacl_set(talloc_tos(), srv->cli, + ret = cacl_set(context, talloc_tos(), srv->cli, ipc_srv->cli, &ipc_srv->pol, path, namevalue, (*namevalue == '*' @@ -1887,7 +1890,7 @@ SMBC_setxattr_ctx(SMBCCTX *context, errno = ENOMEM; ret = -1; } else { - ret = cacl_set(talloc_tos(), srv->cli, + ret = cacl_set(context, talloc_tos(), srv->cli, ipc_srv->cli, &ipc_srv->pol, path, namevalue, SMBC_XATTR_MODE_CHOWN, 0); } @@ -1914,7 +1917,7 @@ SMBC_setxattr_ctx(SMBCCTX *context, errno = ENOMEM; ret = -1; } else { - ret = cacl_set(talloc_tos(), srv->cli, + ret = cacl_set(context, talloc_tos(), srv->cli, ipc_srv->cli, &ipc_srv->pol, path, namevalue, SMBC_XATTR_MODE_CHGRP, 0); } @@ -2216,7 +2219,7 @@ SMBC_removexattr_ctx(SMBCCTX *context, StrCaseCmp(name, "system.nt_sec_desc.*+") == 0) { /* Yup. */ - ret = cacl_set(talloc_tos(), srv->cli, + ret = cacl_set(context, talloc_tos(), srv->cli, ipc_srv->cli, &ipc_srv->pol, path, NULL, SMBC_XATTR_MODE_REMOVE_ALL, 0); TALLOC_FREE(frame); @@ -2236,7 +2239,7 @@ SMBC_removexattr_ctx(SMBCCTX *context, StrnCaseCmp(name, "system.nt_sec_desc.acl+", 23) == 0) { /* Yup. */ - ret = cacl_set(talloc_tos(), srv->cli, + ret = cacl_set(context, talloc_tos(), srv->cli, ipc_srv->cli, &ipc_srv->pol, path, CONST_DISCARD(char *, name) + 19, SMBC_XATTR_MODE_REMOVE, 0); diff --git a/source3/libsmb/passchange.c b/source3/libsmb/passchange.c index f9ff4b3191..45cd392a5a 100644 --- a/source3/libsmb/passchange.c +++ b/source3/libsmb/passchange.c @@ -133,9 +133,17 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam return result; } - cli_init_creds(cli, "", "", NULL); + result = cli_init_creds(cli, "", "", NULL); + if (!NT_STATUS_IS_OK(result)) { + cli_shutdown(cli); + return result; + } } else { - cli_init_creds(cli, user_name, "", old_passwd); + result = cli_init_creds(cli, user_name, "", old_passwd); + if (!NT_STATUS_IS_OK(result)) { + cli_shutdown(cli); + return result; + } } result = cli_tcon_andx(cli, "IPC$", "IPC", "", 1); @@ -222,7 +230,11 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam TALLOC_FREE(pipe_hnd); /* Try anonymous NTLMSSP... */ - cli_init_creds(cli, "", "", NULL); + result = cli_init_creds(cli, "", "", NULL); + if (!NT_STATUS_IS_OK(result)) { + cli_shutdown(cli); + return result; + } result = NT_STATUS_UNSUCCESSFUL; diff --git a/source3/libsmb/pwd_cache.c b/source3/libsmb/pwd_cache.c deleted file mode 100644 index 071e729e8c..0000000000 --- a/source3/libsmb/pwd_cache.c +++ /dev/null @@ -1,61 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Password cacheing. obfuscation is planned - Copyright (C) Luke Kenneth Casson Leighton 1996-1998 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" - -/**************************************************************************** - Initialises a password structure. -****************************************************************************/ - -static void pwd_init(struct pwd_info *pwd) -{ - memset((char *)pwd->password , '\0', sizeof(pwd->password )); - - pwd->null_pwd = True; /* safest option... */ -} - -/**************************************************************************** - Stores a cleartext password. -****************************************************************************/ - -void pwd_set_cleartext(struct pwd_info *pwd, const char *clr) -{ - pwd_init(pwd); - if (clr) { - fstrcpy(pwd->password, clr); - pwd->null_pwd = False; - } else { - pwd->null_pwd = True; - } - - pwd->cleartext = True; -} - -/**************************************************************************** - Gets a cleartext password. -****************************************************************************/ - -void pwd_get_cleartext(struct pwd_info *pwd, fstring clr) -{ - if (pwd->cleartext) - fstrcpy(clr, pwd->password); - else - clr[0] = 0; - -} diff --git a/source3/libsmb/trusts_util.c b/source3/libsmb/trusts_util.c index f0595695d2..5b6bc00c57 100644 --- a/source3/libsmb/trusts_util.c +++ b/source3/libsmb/trusts_util.c @@ -99,7 +99,7 @@ bool enumerate_domain_trusts( TALLOC_CTX *mem_ctx, const char *domain, char ***domain_names, uint32 *num_domains, DOM_SID **sids ) { - POLICY_HND pol; + struct policy_handle pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; fstring dc_name; struct sockaddr_storage dc_ss; |