diff options
Diffstat (limited to 'source3/libsmb')
-rw-r--r-- | source3/libsmb/cliconnect.c | 103 |
1 files changed, 56 insertions, 47 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index ae00dc5489..3e4b6f0545 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -55,16 +55,19 @@ static void cli_set_session_key (struct cli_state *cli, const DATA_BLOB session_ Do an old lanman2 style session setup. ****************************************************************************/ -static BOOL cli_session_setup_lanman2(struct cli_state *cli, const char *user, - const char *pass, size_t passlen, const char *workgroup) +static NTSTATUS cli_session_setup_lanman2(struct cli_state *cli, + const char *user, + const char *pass, size_t passlen, + const char *workgroup) { DATA_BLOB session_key = data_blob(NULL, 0); DATA_BLOB lm_response = data_blob(NULL, 0); fstring pword; char *p; - if (passlen > sizeof(pword)-1) - return False; + if (passlen > sizeof(pword)-1) { + return NT_STATUS_INVALID_PARAMETER; + } /* LANMAN servers predate NT status codes and Unicode and ignore those smb flags so we must disable the corresponding default capabilities @@ -82,7 +85,7 @@ static BOOL cli_session_setup_lanman2(struct cli_state *cli, const char *user, lm_response = data_blob(NULL, 24); if (!SMBencrypt(pass, cli->secblob.data,(uchar *)lm_response.data)) { DEBUG(1, ("Password is > 14 chars in length, and is therefore incompatible with Lanman authentication\n")); - return False; + return NT_STATUS_ACCESS_DENIED; } } else if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) && passlen == 24) { /* Encrypted mode needed, and encrypted password supplied. */ @@ -115,14 +118,15 @@ static BOOL cli_session_setup_lanman2(struct cli_state *cli, const char *user, p += clistr_push(cli, p, "Samba", -1, STR_TERMINATE); cli_setup_bcc(cli, p); - cli_send_smb(cli); - if (!cli_receive_smb(cli)) - return False; + if (!cli_send_smb(cli) || !cli_receive_smb(cli)) { + return cli_nt_error(cli); + } show_msg(cli->inbuf); - if (cli_is_error(cli)) - return False; + if (cli_is_error(cli)) { + return cli_nt_error(cli); + } /* use the returned vuid from now on */ cli->vuid = SVAL(cli->inbuf,smb_uid); @@ -133,7 +137,7 @@ static BOOL cli_session_setup_lanman2(struct cli_state *cli, const char *user, cli_set_session_key(cli, session_key); } - return True; + return NT_STATUS_OK; } /**************************************************************************** @@ -158,7 +162,7 @@ static uint32 cli_session_setup_capabilities(struct cli_state *cli) Do a NT1 guest session setup. ****************************************************************************/ -static BOOL cli_session_setup_guest(struct cli_state *cli) +static NTSTATUS cli_session_setup_guest(struct cli_state *cli) { char *p; uint32 capabilities = cli_session_setup_capabilities(cli); @@ -183,14 +187,15 @@ static BOOL cli_session_setup_guest(struct cli_state *cli) p += clistr_push(cli, p, "Samba", -1, STR_TERMINATE); cli_setup_bcc(cli, p); - cli_send_smb(cli); - if (!cli_receive_smb(cli)) - return False; + if (!cli_send_smb(cli) || !cli_receive_smb(cli)) { + return cli_nt_error(cli); + } show_msg(cli->inbuf); - if (cli_is_error(cli)) - return False; + if (cli_is_error(cli)) { + return cli_nt_error(cli); + } cli->vuid = SVAL(cli->inbuf,smb_uid); @@ -205,15 +210,16 @@ static BOOL cli_session_setup_guest(struct cli_state *cli) fstrcpy(cli->user_name, ""); - return True; + return NT_STATUS_OK; } /**************************************************************************** Do a NT1 plaintext session setup. ****************************************************************************/ -static BOOL cli_session_setup_plaintext(struct cli_state *cli, const char *user, - const char *pass, const char *workgroup) +static NTSTATUS cli_session_setup_plaintext(struct cli_state *cli, + const char *user, const char *pass, + const char *workgroup) { uint32 capabilities = cli_session_setup_capabilities(cli); char *p; @@ -252,14 +258,15 @@ static BOOL cli_session_setup_plaintext(struct cli_state *cli, const char *user, p += clistr_push(cli, p, lanman, -1, STR_TERMINATE); cli_setup_bcc(cli, p); - cli_send_smb(cli); - if (!cli_receive_smb(cli)) - return False; + if (!cli_send_smb(cli) || !cli_receive_smb(cli)) { + return cli_nt_error(cli); + } show_msg(cli->inbuf); - if (cli_is_error(cli)) - return False; + if (cli_is_error(cli)) { + return cli_nt_error(cli); + } cli->vuid = SVAL(cli->inbuf,smb_uid); p = smb_buf(cli->inbuf); @@ -272,7 +279,7 @@ static BOOL cli_session_setup_plaintext(struct cli_state *cli, const char *user, cli->is_samba = True; } - return True; + return NT_STATUS_OK; } /**************************************************************************** @@ -285,16 +292,16 @@ static BOOL cli_session_setup_plaintext(struct cli_state *cli, const char *user, @param workgroup The user's domain. ****************************************************************************/ -static BOOL cli_session_setup_nt1(struct cli_state *cli, const char *user, - const char *pass, size_t passlen, - const char *ntpass, size_t ntpasslen, - const char *workgroup) +static NTSTATUS cli_session_setup_nt1(struct cli_state *cli, const char *user, + const char *pass, size_t passlen, + const char *ntpass, size_t ntpasslen, + const char *workgroup) { uint32 capabilities = cli_session_setup_capabilities(cli); DATA_BLOB lm_response = data_blob(NULL, 0); DATA_BLOB nt_response = data_blob(NULL, 0); DATA_BLOB session_key = data_blob(NULL, 0); - BOOL ret = False; + NTSTATUS result; char *p; if (passlen == 0) { @@ -316,7 +323,7 @@ static BOOL cli_session_setup_nt1(struct cli_state *cli, const char *user, &lm_response, &nt_response, &session_key)) { data_blob_free(&names_blob); data_blob_free(&server_chal); - return False; + return NT_STATUS_ACCESS_DENIED; } data_blob_free(&names_blob); data_blob_free(&server_chal); @@ -398,14 +405,14 @@ static BOOL cli_session_setup_nt1(struct cli_state *cli, const char *user, cli_setup_bcc(cli, p); if (!cli_send_smb(cli) || !cli_receive_smb(cli)) { - ret = False; + result = cli_nt_error(cli); goto end; } /* show_msg(cli->inbuf); */ if (cli_is_error(cli)) { - ret = False; + result = cli_nt_error(cli); goto end; } @@ -428,12 +435,12 @@ static BOOL cli_session_setup_nt1(struct cli_state *cli, const char *user, cli_set_session_key(cli, session_key); } - ret = True; + result = NT_STATUS_OK; end: data_blob_free(&lm_response); data_blob_free(&nt_response); data_blob_free(&session_key); - return ret; + return result; } /**************************************************************************** @@ -844,24 +851,22 @@ NTSTATUS cli_session_setup(struct cli_state *cli, return NT_STATUS_ACCESS_DENIED; } - return cli_session_setup_lanman2(cli, user, pass, passlen, workgroup) ? - NT_STATUS_OK : cli_nt_error(cli); + return cli_session_setup_lanman2(cli, user, pass, passlen, + workgroup); } /* if no user is supplied then we have to do an anonymous connection. passwords are ignored */ if (!user || !*user) - return cli_session_setup_guest(cli) ? - NT_STATUS_OK : cli_nt_error(cli); + return cli_session_setup_guest(cli); /* if the server is share level then send a plaintext null password at this point. The password is sent in the tree connect */ if ((cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL) == 0) - return cli_session_setup_plaintext(cli, user, "", workgroup) ? - NT_STATUS_OK : cli_nt_error(cli); + return cli_session_setup_plaintext(cli, user, "", workgroup); /* if the server doesn't support encryption then we have to use plaintext. The second password is ignored */ @@ -872,8 +877,7 @@ NTSTATUS cli_session_setup(struct cli_state *cli, " is disabled\n")); return NT_STATUS_ACCESS_DENIED; } - return cli_session_setup_plaintext(cli, user, pass, workgroup) ? - NT_STATUS_OK : cli_nt_error(cli); + return cli_session_setup_plaintext(cli, user, pass, workgroup); } /* if the server supports extended security then use SPNEGO */ @@ -885,10 +889,15 @@ NTSTATUS cli_session_setup(struct cli_state *cli, return ads_ntstatus(status); } } else { + NTSTATUS status; + /* otherwise do a NT1 style session setup */ - if ( !cli_session_setup_nt1(cli, user, pass, passlen, ntpass, ntpasslen, workgroup) ) { - DEBUG(3,("cli_session_setup: NT1 session setup failed!\n")); - return cli_nt_error(cli); + status = cli_session_setup_nt1(cli, user, pass, passlen, + ntpass, ntpasslen, workgroup); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(3,("cli_session_setup: NT1 session setup " + "failed: %s\n", nt_errstr(status))); + return status; } } |