diff options
Diffstat (limited to 'source3/libsmb')
| -rw-r--r-- | source3/libsmb/clientgen.c | 15 | ||||
| -rw-r--r-- | source3/libsmb/clierror.c | 107 | ||||
| -rw-r--r-- | source3/libsmb/clifile.c | 49 | ||||
| -rw-r--r-- | source3/libsmb/clirap.c | 2 | ||||
| -rw-r--r-- | source3/libsmb/libsmb_cache.c | 8 | ||||
| -rw-r--r-- | source3/libsmb/libsmbclient.c | 293 | ||||
| -rw-r--r-- | source3/libsmb/netlogon_unigrp.c | 37 | ||||
| -rw-r--r-- | source3/libsmb/ntlmssp.c | 2 | ||||
| -rw-r--r-- | source3/libsmb/ntlmssp_sign.c | 26 | ||||
| -rw-r--r-- | source3/libsmb/smb_signing.c | 17 | ||||
| -rw-r--r-- | source3/libsmb/trust_passwd.c (renamed from source3/libsmb/trusts_util.c) | 66 |
11 files changed, 146 insertions, 476 deletions
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index 81cb61d757..81b3bbcab5 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -118,10 +118,7 @@ BOOL cli_receive_smb(struct cli_state *cli) } if (!cli_check_sign_mac(cli)) { - DEBUG(0, ("SMB Signature verification failed on incoming packet!\n")); - cli->smb_rw_error = READ_BAD_SIG; - close(cli->fd); - cli->fd = -1; + DEBUG(0, ("SMB Signiture verification failed on incoming packet!\n")); return False; }; return True; @@ -262,6 +259,9 @@ struct cli_state *cli_initialise(struct cli_state *cli) if (getenv("CLI_FORCE_DOSERR")) cli->force_dos_errors = True; + /* initialise signing */ + cli_null_set_signing(cli); + if (lp_client_signing()) cli->sign_info.allow_smb_signing = True; @@ -274,13 +274,6 @@ struct cli_state *cli_initialise(struct cli_state *cli) memset(cli->outbuf, 0, cli->bufsize); memset(cli->inbuf, 0, cli->bufsize); - /* just becouse we over-allocate, doesn't mean it's right to use it */ - clobber_region(FUNCTION_MACRO, __LINE__, cli->outbuf+cli->bufsize, SAFETY_MARGIN); - clobber_region(FUNCTION_MACRO, __LINE__, cli->inbuf+cli->bufsize, SAFETY_MARGIN); - - /* initialise signing */ - cli_null_set_signing(cli); - cli->nt_pipe_fnum = 0; cli->saved_netlogon_pipe_fnum = 0; diff --git a/source3/libsmb/clierror.c b/source3/libsmb/clierror.c index 9ee181a90f..12a7b5dba1 100644 --- a/source3/libsmb/clierror.c +++ b/source3/libsmb/clierror.c @@ -2,7 +2,6 @@ Unix SMB/CIFS implementation. client error handling routines Copyright (C) Andrew Tridgell 1994-1998 - Copyright (C) Jelmer Vernooij 2003 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -96,21 +95,17 @@ const char *cli_errstr(struct cli_state *cli) break; case READ_EOF: slprintf(cli_error_message, sizeof(cli_error_message) - 1, - "Call returned zero bytes (EOF)" ); + "Call returned zero bytes (EOF)\n" ); break; case READ_ERROR: slprintf(cli_error_message, sizeof(cli_error_message) - 1, - "Read error: %s", strerror(errno) ); + "Read error: %s\n", strerror(errno) ); break; case WRITE_ERROR: slprintf(cli_error_message, sizeof(cli_error_message) - 1, - "Write error: %s", strerror(errno) ); + "Write error: %s\n", strerror(errno) ); break; - case READ_BAD_SIG: - slprintf(cli_error_message, sizeof(cli_error_message) - 1, - "Server packet had invalid SMB signiture!"); - break; - default: + default: slprintf(cli_error_message, sizeof(cli_error_message) - 1, "Unknown error code %d\n", cli->smb_rw_error ); break; @@ -225,104 +220,16 @@ static struct { int error; } nt_errno_map[] = { {NT_STATUS_ACCESS_VIOLATION, EACCES}, + {NT_STATUS_NO_SUCH_FILE, ENOENT}, + {NT_STATUS_NO_SUCH_DEVICE, ENODEV}, {NT_STATUS_INVALID_HANDLE, EBADF}, + {NT_STATUS_NO_MEMORY, ENOMEM}, {NT_STATUS_ACCESS_DENIED, EACCES}, {NT_STATUS_OBJECT_NAME_NOT_FOUND, ENOENT}, {NT_STATUS_SHARING_VIOLATION, EBUSY}, {NT_STATUS_OBJECT_PATH_INVALID, ENOTDIR}, {NT_STATUS_OBJECT_NAME_COLLISION, EEXIST}, {NT_STATUS_PATH_NOT_COVERED, ENOENT}, - {NT_STATUS_UNSUCCESSFUL, EINVAL}, - {NT_STATUS_NOT_IMPLEMENTED, ENOSYS}, - {NT_STATUS_IN_PAGE_ERROR, EFAULT}, - {NT_STATUS_BAD_NETWORK_NAME, ENOENT}, -#ifdef EDQUOT - {NT_STATUS_PAGEFILE_QUOTA, EDQUOT}, - {NT_STATUS_QUOTA_EXCEEDED, EDQUOT}, - {NT_STATUS_REGISTRY_QUOTA_LIMIT, EDQUOT}, - {NT_STATUS_LICENSE_QUOTA_EXCEEDED, EDQUOT}, -#endif -#ifdef ETIME - {NT_STATUS_TIMER_NOT_CANCELED, ETIME}, -#endif - {NT_STATUS_INVALID_PARAMETER, EINVAL}, - {NT_STATUS_NO_SUCH_DEVICE, ENODEV}, - {NT_STATUS_NO_SUCH_FILE, ENOENT}, -#ifdef ENODATA - {NT_STATUS_END_OF_FILE, ENODATA}, -#endif -#ifdef ENOMEDIUM - {NT_STATUS_NO_MEDIA_IN_DEVICE, ENOMEDIUM}, - {NT_STATUS_NO_MEDIA, ENOMEDIUM}, -#endif - {NT_STATUS_NONEXISTENT_SECTOR, ESPIPE}, - {NT_STATUS_NO_MEMORY, ENOMEM}, - {NT_STATUS_CONFLICTING_ADDRESSES, EADDRINUSE}, - {NT_STATUS_NOT_MAPPED_VIEW, EINVAL}, - {NT_STATUS_UNABLE_TO_FREE_VM, EADDRINUSE}, - {NT_STATUS_ACCESS_DENIED, EACCES}, - {NT_STATUS_BUFFER_TOO_SMALL, ENOBUFS}, - {NT_STATUS_WRONG_PASSWORD, EACCES}, - {NT_STATUS_LOGON_FAILURE, EACCES}, - {NT_STATUS_INVALID_WORKSTATION, EACCES}, - {NT_STATUS_INVALID_LOGON_HOURS, EACCES}, - {NT_STATUS_PASSWORD_EXPIRED, EACCES}, - {NT_STATUS_ACCOUNT_DISABLED, EACCES}, - {NT_STATUS_DISK_FULL, ENOSPC}, - {NT_STATUS_INVALID_PIPE_STATE, EPIPE}, - {NT_STATUS_PIPE_BUSY, EPIPE}, - {NT_STATUS_PIPE_DISCONNECTED, EPIPE}, - {NT_STATUS_PIPE_NOT_AVAILABLE, ENOSYS}, - {NT_STATUS_FILE_IS_A_DIRECTORY, EISDIR}, - {NT_STATUS_NOT_SUPPORTED, ENOSYS}, - {NT_STATUS_NOT_A_DIRECTORY, ENOTDIR}, - {NT_STATUS_DIRECTORY_NOT_EMPTY, ENOTEMPTY}, - {NT_STATUS_NETWORK_UNREACHABLE, ENETUNREACH}, - {NT_STATUS_HOST_UNREACHABLE, EHOSTUNREACH}, - {NT_STATUS_CONNECTION_ABORTED, ECONNABORTED}, - {NT_STATUS_CONNECTION_REFUSED, ECONNREFUSED}, - {NT_STATUS_TOO_MANY_LINKS, EMLINK}, - {NT_STATUS_NETWORK_BUSY, EBUSY}, - {NT_STATUS_DEVICE_DOES_NOT_EXIST, ENODEV}, -#ifdef ELIBACC - {NT_STATUS_DLL_NOT_FOUND, ELIBACC}, -#endif - {NT_STATUS_PIPE_BROKEN, EPIPE}, - {NT_STATUS_REMOTE_NOT_LISTENING, ECONNREFUSED}, - {NT_STATUS_NETWORK_ACCESS_DENIED, EACCES}, - {NT_STATUS_TOO_MANY_OPENED_FILES, EMFILE}, -#ifdef EPROTO - {NT_STATUS_DEVICE_PROTOCOL_ERROR, EPROTO}, -#endif - {NT_STATUS_FLOAT_OVERFLOW, ERANGE}, - {NT_STATUS_FLOAT_UNDERFLOW, ERANGE}, - {NT_STATUS_INTEGER_OVERFLOW, ERANGE}, - {NT_STATUS_MEDIA_WRITE_PROTECTED, EROFS}, - {NT_STATUS_PIPE_CONNECTED, EISCONN}, - {NT_STATUS_MEMORY_NOT_ALLOCATED, EFAULT}, - {NT_STATUS_FLOAT_INEXACT_RESULT, ERANGE}, - {NT_STATUS_ILL_FORMED_PASSWORD, EACCES}, - {NT_STATUS_PASSWORD_RESTRICTION, EACCES}, - {NT_STATUS_ACCOUNT_RESTRICTION, EACCES}, - {NT_STATUS_PORT_CONNECTION_REFUSED, ECONNREFUSED}, - {NT_STATUS_NAME_TOO_LONG, ENAMETOOLONG}, - {NT_STATUS_REMOTE_DISCONNECT, ESHUTDOWN}, - {NT_STATUS_CONNECTION_DISCONNECTED, ECONNABORTED}, - {NT_STATUS_CONNECTION_RESET, ENETRESET}, -#ifdef ENOTUNIQ - {NT_STATUS_IP_ADDRESS_CONFLICT1, ENOTUNIQ}, - {NT_STATUS_IP_ADDRESS_CONFLICT2, ENOTUNIQ}, -#endif - {NT_STATUS_PORT_MESSAGE_TOO_LONG, EMSGSIZE}, - {NT_STATUS_PROTOCOL_UNREACHABLE, ENOPROTOOPT}, - {NT_STATUS_ADDRESS_ALREADY_EXISTS, EADDRINUSE}, - {NT_STATUS_PORT_UNREACHABLE, EHOSTUNREACH}, - {NT_STATUS_IO_TIMEOUT, ETIMEDOUT}, - {NT_STATUS_RETRY, EAGAIN}, -#ifdef ECOMM - {NT_STATUS_NET_WRITE_FAULT, ECOMM}, -#endif - {NT_STATUS(0), 0} }; diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c index b771e135f4..d86f36405d 100644 --- a/source3/libsmb/clifile.c +++ b/source3/libsmb/clifile.c @@ -375,11 +375,9 @@ int cli_nt_delete_on_close(struct cli_state *cli, int fnum, BOOL flag) Used in smbtorture. ****************************************************************************/ -int cli_nt_create_full(struct cli_state *cli, const char *fname, - uint32 CreatFlags, uint32 DesiredAccess, +int cli_nt_create_full(struct cli_state *cli, const char *fname, uint32 DesiredAccess, uint32 FileAttributes, uint32 ShareAccess, - uint32 CreateDisposition, uint32 CreateOptions, - uint8 SecuityFlags) + uint32 CreateDisposition, uint32 CreateOptions) { char *p; int len; @@ -395,9 +393,9 @@ int cli_nt_create_full(struct cli_state *cli, const char *fname, SSVAL(cli->outbuf,smb_vwv0,0xFF); if (cli->use_oplocks) - CreatFlags |= (REQUEST_OPLOCK|REQUEST_BATCH_OPLOCK); - - SIVAL(cli->outbuf,smb_ntcreate_Flags, CreatFlags); + SIVAL(cli->outbuf,smb_ntcreate_Flags, REQUEST_OPLOCK|REQUEST_BATCH_OPLOCK); + else + SIVAL(cli->outbuf,smb_ntcreate_Flags, 0); SIVAL(cli->outbuf,smb_ntcreate_RootDirectoryFid, 0x0); SIVAL(cli->outbuf,smb_ntcreate_DesiredAccess, DesiredAccess); SIVAL(cli->outbuf,smb_ntcreate_FileAttributes, FileAttributes); @@ -405,7 +403,6 @@ int cli_nt_create_full(struct cli_state *cli, const char *fname, SIVAL(cli->outbuf,smb_ntcreate_CreateDisposition, CreateDisposition); SIVAL(cli->outbuf,smb_ntcreate_CreateOptions, CreateOptions); SIVAL(cli->outbuf,smb_ntcreate_ImpersonationLevel, 0x02); - SCVAL(cli->outbuf,smb_ntcreate_SecurityFlags, SecuityFlags); p = smb_buf(cli->outbuf); /* this alignment and termination is critical for netapp filers. Don't change */ @@ -436,8 +433,8 @@ int cli_nt_create_full(struct cli_state *cli, const char *fname, int cli_nt_create(struct cli_state *cli, const char *fname, uint32 DesiredAccess) { - return cli_nt_create_full(cli, fname, 0, DesiredAccess, 0, - FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_EXISTS_OPEN, 0x0, 0x0); + return cli_nt_create_full(cli, fname, DesiredAccess, 0, + FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_EXISTS_OPEN, 0x0); } /**************************************************************************** @@ -945,6 +942,7 @@ BOOL cli_setatr(struct cli_state *cli, const char *fname, uint16 attr, time_t t) /**************************************************************************** Check for existance of a dir. ****************************************************************************/ + BOOL cli_chkpath(struct cli_state *cli, const char *path) { pstring path2; @@ -1051,34 +1049,3 @@ int cli_ctemp(struct cli_state *cli, const char *path, char **tmp_path) return SVAL(cli->inbuf,smb_vwv0); } - - -/* - send a raw ioctl - used by the torture code -*/ -NTSTATUS cli_raw_ioctl(struct cli_state *cli, int fnum, uint32 code, DATA_BLOB *blob) -{ - memset(cli->outbuf,'\0',smb_size); - memset(cli->inbuf,'\0',smb_size); - - set_message(cli->outbuf, 3, 0, True); - SCVAL(cli->outbuf,smb_com,SMBioctl); - cli_setup_packet(cli); - - SSVAL(cli->outbuf, smb_vwv0, fnum); - SSVAL(cli->outbuf, smb_vwv1, code>>16); - SSVAL(cli->outbuf, smb_vwv2, (code&0xFFFF)); - - cli_send_smb(cli); - if (!cli_receive_smb(cli)) { - return NT_STATUS_UNEXPECTED_NETWORK_ERROR; - } - - if (cli_is_error(cli)) { - return cli_nt_error(cli); - } - - *blob = data_blob(NULL, 0); - - return NT_STATUS_OK; -} diff --git a/source3/libsmb/clirap.c b/source3/libsmb/clirap.c index f05a65762b..224c37046c 100644 --- a/source3/libsmb/clirap.c +++ b/source3/libsmb/clirap.c @@ -233,7 +233,7 @@ BOOL cli_NetServerEnum(struct cli_state *cli, char *workgroup, uint32 stype, SIVAL(p,0,stype); p += 4; - push_ascii(p, workgroup, sizeof(pstring)-PTR_DIFF(p,param)-1, STR_TERMINATE|STR_UPPER); + p += push_pstring_base(p, workgroup, param); if (cli_api(cli, param, PTR_DIFF(p,param), 8, /* params, length, max */ diff --git a/source3/libsmb/libsmb_cache.c b/source3/libsmb/libsmb_cache.c index 67dc686b48..b1620042f3 100644 --- a/source3/libsmb/libsmb_cache.c +++ b/source3/libsmb/libsmb_cache.c @@ -50,8 +50,8 @@ struct smbc_server_cache { * This function is only used if the external cache is not enabled */ static int smbc_add_cached_server(SMBCCTX * context, SMBCSRV * new, - const char * server, const char * share, - const char * workgroup, const char * username) + char * server, char * share, + char * workgroup, char * username) { struct smbc_server_cache * srvcache = NULL; @@ -108,8 +108,8 @@ static int smbc_add_cached_server(SMBCCTX * context, SMBCSRV * new, * returns server_fd on success, -1 on error (not found) * This function is only used if the external cache is not enabled */ -static SMBCSRV * smbc_get_cached_server(SMBCCTX * context, const char * server, - const char * share, const char * workgroup, const char * user) +static SMBCSRV * smbc_get_cached_server(SMBCCTX * context, char * server, + char * share, char * workgroup, char * user) { struct smbc_server_cache * srv = NULL; diff --git a/source3/libsmb/libsmbclient.c b/source3/libsmb/libsmbclient.c index 69c4d8f7a7..92353d8c30 100644 --- a/source3/libsmb/libsmbclient.c +++ b/source3/libsmb/libsmbclient.c @@ -52,87 +52,6 @@ extern BOOL in_client; */ static int smbc_initialized = 0; -static int -hex2int( unsigned int _char ) -{ - if ( _char >= 'A' && _char <='F') - return _char - 'A' + 10; - if ( _char >= 'a' && _char <='f') - return _char - 'a' + 10; - if ( _char >= '0' && _char <='9') - return _char - '0'; - return -1; -} - -static void -decode_urlpart(char *segment, size_t sizeof_segment) -{ - int old_length = strlen(segment); - int new_length = 0; - int new_length2 = 0; - int i = 0; - pstring new_segment; - char *new_usegment = 0; - - if ( !old_length ) { - return; - } - - /* make a copy of the old one */ - new_usegment = (char*)malloc( old_length * 3 + 1 ); - - while( i < old_length ) { - int bReencode = False; - unsigned char character = segment[ i++ ]; - if ((character <= ' ') || (character > 127)) - bReencode = True; - - new_usegment [ new_length2++ ] = character; - if (character == '%' ) { - int a = i+1 < old_length ? hex2int( segment[i] ) : -1; - int b = i+1 < old_length ? hex2int( segment[i+1] ) : -1; - if ((a == -1) || (b == -1)) { /* Only replace if sequence is valid */ - /* Contains stray %, make sure to re-encode! */ - bReencode = True; - } else { - /* Valid %xx sequence */ - character = a * 16 + b; /* Replace with value of %dd */ - if (!character) - break; /* Stop at %00 */ - - new_usegment [ new_length2++ ] = (unsigned char) segment[i++]; - new_usegment [ new_length2++ ] = (unsigned char) segment[i++]; - } - } - if (bReencode) { - unsigned int c = character / 16; - new_length2--; - new_usegment [ new_length2++ ] = '%'; - - c += (c > 9) ? ('A' - 10) : '0'; - new_usegment[ new_length2++ ] = c; - - c = character % 16; - c += (c > 9) ? ('A' - 10) : '0'; - new_usegment[ new_length2++ ] = c; - } - - new_segment [ new_length++ ] = character; - } - new_segment [ new_length ] = 0; - - free(new_usegment); - - /* realloc it with unix charset */ - pull_utf8_allocate((void**)&new_usegment, new_segment); - - /* this assumes (very safely) that removing %aa sequences - only shortens the string */ - strncpy(segment, new_usegment, sizeof_segment); - - free(new_usegment); -} - /* * Function to parse a path and turn it into components * @@ -178,7 +97,7 @@ smbc_parse_path(SMBCCTX *context, const char *fname, char *server, char *share, p += 2; /* Skip the // or \\ */ if (*p == (char)0) - goto decoding; + return 0; if (*p == '/') { @@ -239,7 +158,7 @@ smbc_parse_path(SMBCCTX *context, const char *fname, char *server, char *share, } - if (*p == (char)0) goto decoding; /* That's it ... */ + if (*p == (char)0) return 0; /* That's it ... */ if (!next_token(&p, share, "/", sizeof(fstring))) { @@ -248,16 +167,9 @@ smbc_parse_path(SMBCCTX *context, const char *fname, char *server, char *share, } pstrcpy(path, p); - + all_string_sub(path, "/", "\\", 0); - decoding: - decode_urlpart(path, sizeof(pstring)); - decode_urlpart(server, sizeof(fstring)); - decode_urlpart(share, sizeof(fstring)); - decode_urlpart(user, sizeof(fstring)); - decode_urlpart(password, sizeof(fstring)); - return 0; } @@ -355,16 +267,15 @@ int smbc_remove_unused_server(SMBCCTX * context, SMBCSRV * srv) */ SMBCSRV *smbc_server(SMBCCTX *context, - const char *server, const char *share, - fstring workgroup, fstring username, - fstring password) + char *server, char *share, + char *workgroup, char *username, + char *password) { SMBCSRV *srv=NULL; int auth_called = 0; struct cli_state c; struct nmb_name called, calling; - char *p; - const char *server_n = server; + char *p, *server_n = server; fstring group; pstring ipenv; struct in_addr ip; @@ -818,6 +729,27 @@ static int smbc_close_ctx(SMBCCTX *context, SMBCFILE *file) } + if (!file->file) { + + return context->closedir(context, file); + + } + + if (!cli_close(&file->srv->cli, file->cli_fd)) { + DEBUG(3, ("cli_close failed on %s. purging server.\n", + file->fname)); + /* Deallocate slot and remove the server + * from the server cache if unused */ + errno = smbc_errno(context, &file->srv->cli); + srv = file->srv; + DLIST_REMOVE(context->internal->_files, file); + SAFE_FREE(file->fname); + SAFE_FREE(file); + context->callbacks.remove_unused_server_fn(context, srv); + + return -1; + } + DLIST_REMOVE(context->internal->_files, file); SAFE_FREE(file->fname); SAFE_FREE(file); @@ -1071,16 +1003,12 @@ static off_t smbc_lseek_ctx(SMBCCTX *context, SMBCFILE *file, off_t offset, int case SEEK_END: if (!cli_qfileinfo(&file->srv->cli, file->cli_fd, NULL, &size, NULL, NULL, - NULL, NULL, NULL)) - { - SMB_BIG_UINT b_size = size; - if (!cli_getattrE(&file->srv->cli, file->cli_fd, NULL, &b_size, NULL, NULL, - NULL)) - { + NULL, NULL, NULL) && + !cli_getattrE(&file->srv->cli, file->cli_fd, NULL, &size, NULL, NULL, + NULL)) { + errno = EINVAL; return -1; - } else - size = b_size; } file->offset = size + offset; break; @@ -1278,15 +1206,12 @@ static int smbc_fstat_ctx(SMBCCTX *context, SMBCFILE *file, struct stat *st) } if (!cli_qfileinfo(&file->srv->cli, file->cli_fd, - &mode, &size, &c_time, &a_time, &m_time, NULL, &ino)) { - SMB_BIG_UINT b_size = size; - if (!cli_getattrE(&file->srv->cli, file->cli_fd, - &mode, &b_size, &c_time, &a_time, &m_time)) { + &mode, &size, &c_time, &a_time, &m_time, NULL, &ino) && + !cli_getattrE(&file->srv->cli, file->cli_fd, + &mode, &size, &c_time, &a_time, &m_time)) { errno = EINVAL; return -1; - } else - size = b_size; } @@ -1339,13 +1264,6 @@ static int add_dirent(SMBCFILE *dir, const char *name, const char *comment, uint { struct smbc_dirent *dirent; int size; - char *u_name = NULL, *u_comment = NULL; - size_t u_name_len = 0, u_comment_len = 0; - - if (name) - u_name_len = push_utf8_allocate(&u_name, name); - if (comment) - u_comment_len = push_utf8_allocate(&u_comment, comment); /* * Allocate space for the dirent, which must be increased by the @@ -1353,7 +1271,8 @@ static int add_dirent(SMBCFILE *dir, const char *name, const char *comment, uint * The null on the name is already accounted for. */ - size = sizeof(struct smbc_dirent) + u_name_len + u_comment_len + 1; + size = sizeof(struct smbc_dirent) + (name?strlen(name):0) + + (comment?strlen(comment):0) + 1; dirent = malloc(size); @@ -1402,17 +1321,14 @@ static int add_dirent(SMBCFILE *dir, const char *name, const char *comment, uint dir->dir_end->dirent = dirent; dirent->smbc_type = type; - dirent->namelen = u_name_len; - dirent->commentlen = u_comment_len; + dirent->namelen = (name?strlen(name):0); + dirent->commentlen = (comment?strlen(comment):0); dirent->dirlen = size; - strncpy(dirent->name, (u_name?u_name:""), dirent->namelen + 1); + strncpy(dirent->name, (name?name:""), dirent->namelen + 1); dirent->comment = (char *)(&dirent->name + dirent->namelen + 1); - strncpy(dirent->comment, (u_comment?u_comment:""), dirent->commentlen + 1); - - SAFE_FREE(u_comment); - SAFE_FREE(u_name); + strncpy(dirent->comment, (comment?comment:""), dirent->commentlen + 1); return 0; @@ -1478,8 +1394,7 @@ dir_list_fn(file_info *finfo, const char *mask, void *state) static SMBCFILE *smbc_opendir_ctx(SMBCCTX *context, const char *fname) { - fstring server, share, user, password; - pstring workgroup; + fstring server, share, user, password, workgroup; pstring path; SMBCSRV *srv = NULL; SMBCFILE *dir = NULL; @@ -1487,29 +1402,29 @@ static SMBCFILE *smbc_opendir_ctx(SMBCCTX *context, const char *fname) if (!context || !context->internal || !context->internal->_initialized) { - DEBUG(4, ("no valid context\n")); + errno = EINVAL; return NULL; } if (!fname) { - DEBUG(4, ("no valid fname\n")); + errno = EINVAL; return NULL; + } if (smbc_parse_path(context, fname, server, share, path, user, password)) { - DEBUG(4, ("no valid path\n")); + errno = EINVAL; return NULL; - } - DEBUG(4, ("parsed path: fname='%s' server='%s' share='%s' path='%s'\n", fname, server, share, path)); + } if (user[0] == (char)0) fstrcpy(user, context->user); - pstrcpy(workgroup, context->workgroup); + fstrcpy(workgroup, context->workgroup); dir = malloc(sizeof(*dir)); @@ -1530,74 +1445,64 @@ static SMBCFILE *smbc_opendir_ctx(SMBCCTX *context, const char *fname) dir->dir_list = dir->dir_next = dir->dir_end = NULL; if (server[0] == (char)0) { - struct in_addr server_ip; - if (share[0] != (char)0 || path[0] != (char)0) { + if (share[0] != (char)0 || path[0] != (char)0) { + errno = EINVAL; if (dir) { SAFE_FREE(dir->fname); SAFE_FREE(dir); } return NULL; + } /* We have server and share and path empty ... so list the workgroups */ /* first try to get the LMB for our workgroup, and if that fails, */ /* try the DMB */ - pstrcpy(workgroup, lp_workgroup()); - - if (!find_master_ip(workgroup, &server_ip)) { - struct user_auth_info u_info; - struct cli_state *cli; + if (!(resolve_name(context->workgroup, &rem_ip, 0x1d) || + resolve_name(context->workgroup, &rem_ip, 0x1b))) { + + errno = EINVAL; /* Something wrong with smb.conf? */ + return NULL; - DEBUG(4, ("Unable to find master browser for workgroup %s\n", - workgroup)); + } - /* find the name of the server ... */ - pstrcpy(u_info.username, user); - pstrcpy(u_info.password, password); + dir->dir_type = SMBC_WORKGROUP; - if (!(cli = get_ipc_connect_master_ip_bcast(workgroup, &u_info))) { - DEBUG(4, ("Unable to find master browser by " - "broadcast\n")); - errno = ENOENT; - return NULL; - } + /* find the name of the server ... */ - fstrcpy(server, cli->desthost); + if (!name_status_find("*", 0, 0, rem_ip, server)) { - cli_shutdown(cli); - } else { - if (!name_status_find("*", 0, 0, server_ip, server)) { - errno = ENOENT; + DEBUG(0,("Could not get the name of local/domain master browser for server %s\n", server)); + errno = EINVAL; return NULL; - } - } - DEBUG(4, ("using workgroup %s %s\n", workgroup, server)); + } - /* - * Get a connection to IPC$ on the server if we do not already have one - */ + /* + * Get a connection to IPC$ on the server if we do not already have one + */ srv = smbc_server(context, server, "IPC$", workgroup, user, password); - if (!srv) { - - if (dir) { - SAFE_FREE(dir->fname); - SAFE_FREE(dir); - } - return NULL; - } - + if (!srv) { + + if (dir) { + SAFE_FREE(dir->fname); + SAFE_FREE(dir); + } + + return NULL; + + } + dir->srv = srv; - dir->dir_type = SMBC_WORKGROUP; /* Now, list the stuff ... */ - if (!cli_NetServerEnum(&srv->cli, workgroup, SV_TYPE_DOMAIN_ENUM, list_fn, + if (!cli_NetServerEnum(&srv->cli, workgroup, 0x80000000, list_fn, (void *)dir)) { if (dir) { @@ -1655,7 +1560,7 @@ static SMBCFILE *smbc_opendir_ctx(SMBCCTX *context, const char *fname) srv = smbc_server(context, buserver, "IPC$", workgroup, user, password); if (!srv) { - DEBUG(0, ("got no contact to IPC$\n")); + if (dir) { SAFE_FREE(dir->fname); SAFE_FREE(dir); @@ -2153,7 +2058,6 @@ static int smbc_rmdir_ctx(SMBCCTX *context, const char *fname) static off_t smbc_telldir_ctx(SMBCCTX *context, SMBCFILE *dir) { - off_t ret_val; /* Squash warnings about cast */ if (!context || !context->internal || !context->internal->_initialized) { @@ -2177,11 +2081,7 @@ static off_t smbc_telldir_ctx(SMBCCTX *context, SMBCFILE *dir) } - /* - * We return the pointer here as the offset - */ - ret_val = (int)dir->dir_next; - return ret_val; + return (off_t) dir->dir_next; } @@ -2221,9 +2121,8 @@ struct smbc_dir_list *smbc_check_dir_ent(struct smbc_dir_list *list, static int smbc_lseekdir_ctx(SMBCCTX *context, SMBCFILE *dir, off_t offset) { - long int l_offset = offset; /* Handle problems of size */ - struct smbc_dirent *dirent = (struct smbc_dirent *)l_offset; - struct smbc_dir_list *list_ent = (struct smbc_dir_list *)NULL; + struct smbc_dirent *dirent = (struct smbc_dirent *)offset; + struct smbc_dir_list *list_ent = NULL; if (!context || !context->internal || !context->internal->_initialized) { @@ -2670,10 +2569,10 @@ SMBCCTX * smbc_init_context(SMBCCTX * context) if (!smbc_initialized) { /* Do some library wide intialisations the first time we get called */ - /* Set this to what the user wants */ - DEBUGLEVEL = context->debug; + /* Do we still need this ? */ + DEBUGLEVEL = 10; - setup_logging( "libsmbclient", True); + setup_logging( "libsmbclient", False); /* Here we would open the smb.conf file if needed ... */ @@ -2688,16 +2587,13 @@ SMBCCTX * smbc_init_context(SMBCCTX * context) if (!lp_load(conf, True, False, False)) { /* - * Well, if that failed, try the dyn_CONFIGFILE - * Which points to the standard locn, and if that - * fails, silently ignore it and use the internal - * defaults ... + * Hmmm, what the hell do we do here ... we could not parse the + * config file ... We must return an error ... and keep info around + * about why we failed */ - - if (!lp_load(dyn_CONFIGFILE, True, False, False)) { - DEBUG(5, ("Could not load either config file: %s or %s\n", - conf, dyn_CONFIGFILE)); - } + + errno = ENOENT; /* FIXME: Figure out the correct error response */ + return NULL; } reopen_logs(); /* Get logging working ... */ @@ -2744,8 +2640,8 @@ SMBCCTX * smbc_init_context(SMBCCTX * context) slprintf(context->netbios_name, 16, "smbc%s%d", context->user, pid); } } - - DEBUG(1, ("Using netbios name %s.\n", context->netbios_name)); + DEBUG(0,("Using netbios name %s.\n", context->netbios_name)); + if (!context->workgroup) { if (lp_workgroup()) { @@ -2756,8 +2652,7 @@ SMBCCTX * smbc_init_context(SMBCCTX * context) context->workgroup = strdup("samba"); } } - - DEBUG(1, ("Using workgroup %s.\n", context->workgroup)); + DEBUG(0,("Using workgroup %s.\n", context->workgroup)); /* shortest timeout is 1 second */ if (context->timeout > 0 && context->timeout < 1000) diff --git a/source3/libsmb/netlogon_unigrp.c b/source3/libsmb/netlogon_unigrp.c index 466410d800..fa2fe32f35 100644 --- a/source3/libsmb/netlogon_unigrp.c +++ b/source3/libsmb/netlogon_unigrp.c @@ -22,7 +22,6 @@ */ #include "includes.h" -#define UNIGROUP_PREFIX "UNIGROUP" /* Handle for netlogon_unigrp.tdb database. It is used internally @@ -51,22 +50,17 @@ BOOL uni_group_cache_init(void) BOOL uni_group_cache_store_netlogon(TALLOC_CTX *mem_ctx, NET_USER_INFO_3 *user) { TDB_DATA key,data; - fstring keystr, sid_string; - DOM_SID user_sid; - unsigned int i; + fstring keystr; + int i; if (!uni_group_cache_init()) { DEBUG(0,("uni_group_cache_store_netlogon: cannot open netlogon_unigrp.tdb for write!\n")); return False; } - sid_copy(&user_sid, &user->dom_sid.sid); - sid_append_rid(&user_sid, user->user_rid); - - /* Prepare key as USER-SID string */ - slprintf(keystr, sizeof(keystr), "%s/%s", - UNIGROUP_PREFIX, - sid_to_string(sid_string, &user_sid)); + /* Prepare key as DOMAIN-SID/USER-RID string */ + slprintf(keystr, sizeof(keystr), "%s/%d", + sid_string_static(&user->dom_sid.sid), user->user_rid); key.dptr = keystr; key.dsize = strlen(keystr) + 1; @@ -96,15 +90,14 @@ BOOL uni_group_cache_store_netlogon(TALLOC_CTX *mem_ctx, NET_USER_INFO_3 *user) and elements are array[0] ... array[num_elements-1] */ -DOM_SID **uni_group_cache_fetch(DOM_SID *domain, DOM_SID *user_sid, +uint32* uni_group_cache_fetch(DOM_SID *domain, uint32 user_rid, TALLOC_CTX *mem_ctx, uint32 *num_groups) { TDB_DATA key,data; fstring keystr; - DOM_SID **groups; + uint32 *groups; uint32 i; uint32 group_count; - fstring sid_string; if (!domain) { DEBUG(1,("uni_group_cache_fetch: expected non-null domain sid\n")); @@ -130,9 +123,8 @@ DOM_SID **uni_group_cache_fetch(DOM_SID *domain, DOM_SID *user_sid, *num_groups = 0; /* Fetch universal groups */ - slprintf(keystr, sizeof(keystr), "%s/%s", - UNIGROUP_PREFIX, - sid_to_string(sid_string, user_sid)); + slprintf(keystr, sizeof(keystr), "%s/%d", + sid_string_static(domain), user_rid); key.dptr = keystr; key.dsize = strlen(keystr) + 1; data = tdb_fetch(netlogon_unigrp_tdb, key); @@ -144,17 +136,12 @@ DOM_SID **uni_group_cache_fetch(DOM_SID *domain, DOM_SID *user_sid, /* Transfer data to receiver's memory context */ group_count = IVAL(&((uint32*)data.dptr)[0],0); - groups = talloc(mem_ctx, (group_count)*sizeof(*groups)); + groups = talloc(mem_ctx, (group_count)*sizeof(uint32)); if (groups) { for(i=0; i<group_count; i++) { - groups[i] = talloc(mem_ctx, sizeof(**groups)); - if (!groups[i]) { - DEBUG(1,("uni_group_cache_fetch: cannot allocate uni groups in receiver's memory context\n")); - return NULL; - } - sid_copy(groups[i], domain); - sid_append_rid(groups[i], IVAL(&((uint32*)data.dptr)[i+1],0)); + groups[i] = IVAL(&((uint32*)data.dptr)[i+1],0); } + } else { DEBUG(1,("uni_group_cache_fetch: cannot allocate uni groups in receiver's memory context\n")); } diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c index d54655d17f..c179b98abf 100644 --- a/source3/libsmb/ntlmssp.c +++ b/source3/libsmb/ntlmssp.c @@ -385,7 +385,7 @@ NTSTATUS ntlmssp_server_update(NTLMSSP_STATE *ntlmssp_state, } else if (ntlmssp_command == NTLMSSP_AUTH) { return ntlmssp_server_auth(ntlmssp_state, request, reply); } else { - DEBUG(1, ("unknown NTLMSSP command %u, expected %u\n", ntlmssp_command, ntlmssp_state->expected_state)); + DEBUG(1, ("unknown NTLMSSP command %u expected %u\n", ntlmssp_command, ntlmssp_state->expected_state)); return NT_STATUS_INVALID_PARAMETER; } } diff --git a/source3/libsmb/ntlmssp_sign.c b/source3/libsmb/ntlmssp_sign.c index 5426263fb9..8f6bd0c691 100644 --- a/source3/libsmb/ntlmssp_sign.c +++ b/source3/libsmb/ntlmssp_sign.c @@ -92,14 +92,8 @@ static void calc_ntlmv2_hash(unsigned char hash[16], char digest[16], calc_hash(hash, digest, 16); } -enum ntlmssp_direction { - NTLMSSP_SEND, - NTLMSSP_RECEIVE -}; - static NTSTATUS ntlmssp_make_packet_signiture(NTLMSSP_CLIENT_STATE *ntlmssp_state, const uchar *data, size_t length, - enum ntlmssp_direction direction, DATA_BLOB *sig) { if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_NTLM2) { @@ -116,14 +110,8 @@ static NTSTATUS ntlmssp_make_packet_signiture(NTLMSSP_CLIENT_STATE *ntlmssp_stat if (!msrpc_gen(sig, "Bd", digest, sizeof(digest), ntlmssp_state->ntlmssp_seq_num)) { return NT_STATUS_NO_MEMORY; } - switch (direction) { - case NTLMSSP_SEND: - NTLMSSPcalc_ap(ntlmssp_state->cli_sign_hash, sig->data, sig->length); - break; - case NTLMSSP_RECEIVE: - NTLMSSPcalc_ap(ntlmssp_state->cli_sign_hash, sig->data, sig->length); - break; - } + + NTLMSSPcalc_ap(ntlmssp_state->cli_seal_hash, sig->data, sig->length); } else { uint32 crc; crc = crc32_calc_buffer(data, length); @@ -141,7 +129,7 @@ NTSTATUS ntlmssp_client_sign_packet(NTLMSSP_CLIENT_STATE *ntlmssp_state, DATA_BLOB *sig) { ntlmssp_state->ntlmssp_seq_num++; - return ntlmssp_make_packet_signiture(ntlmssp_state, data, length, NTLMSSP_SEND, sig); + return ntlmssp_make_packet_signiture(ntlmssp_state, data, length, sig); } /** @@ -163,7 +151,7 @@ NTSTATUS ntlmssp_client_check_packet(NTLMSSP_CLIENT_STATE *ntlmssp_state, } nt_status = ntlmssp_make_packet_signiture(ntlmssp_state, data, - length, NTLMSSP_RECEIVE, &local_sig); + length, &local_sig); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0, ("NTLMSSP packet check failed with %s\n", nt_errstr(nt_status))); @@ -173,12 +161,6 @@ NTSTATUS ntlmssp_client_check_packet(NTLMSSP_CLIENT_STATE *ntlmssp_state, if (memcmp(sig->data, local_sig.data, MIN(sig->length, local_sig.length)) == 0) { return NT_STATUS_OK; } else { - DEBUG(5, ("BAD SIG: wanted signature of\n")); - dump_data(5, local_sig.data, local_sig.length); - - DEBUG(5, ("BAD SIG: got signature of\n")); - dump_data(5, sig->data, sig->length); - DEBUG(0, ("NTLMSSP packet check failed due to invalid signiture!\n")); return NT_STATUS_ACCESS_DENIED; } diff --git a/source3/libsmb/smb_signing.c b/source3/libsmb/smb_signing.c index 4e9b895a1b..9bbf7ef91c 100644 --- a/source3/libsmb/smb_signing.c +++ b/source3/libsmb/smb_signing.c @@ -160,6 +160,11 @@ static BOOL cli_simple_check_incoming_message(struct cli_state *cli) SIVAL(sequence_buf, 0, data->reply_seq_num); SIVAL(sequence_buf, 4, 0); + if (smb_len(cli->inbuf) < (offset_end_of_sig - 4)) { + DEBUG(1, ("Can't check signature on short packet! smb_len = %u\n", smb_len(cli->inbuf))); + return False; + } + /* get a copy of the server-sent mac */ memcpy(server_sent_mac, &cli->inbuf[smb_ss_field], sizeof(server_sent_mac)); @@ -270,7 +275,7 @@ static BOOL cli_ntlmssp_check_incoming_message(struct cli_state *cli) { BOOL good; NTSTATUS nt_status; - DATA_BLOB sig = data_blob(&cli->inbuf[smb_ss_field], 8); + DATA_BLOB sig = data_blob(&cli->outbuf[smb_ss_field], 8); NTLMSSP_CLIENT_STATE *ntlmssp_state = cli->sign_info.signing_context; @@ -455,14 +460,8 @@ void cli_caclulate_sign_mac(struct cli_state *cli) BOOL cli_check_sign_mac(struct cli_state *cli) { BOOL good; - - if (smb_len(cli->inbuf) < (smb_ss_field + 8 - 4)) { - DEBUG(cli->sign_info.doing_signing ? 1 : 10, ("Can't check signature on short packet! smb_len = %u\n", smb_len(cli->inbuf))); - good = False; - } else { - good = cli->sign_info.check_incoming_message(cli); - } - + good = cli->sign_info.check_incoming_message(cli); + if (!good) { if (cli->sign_info.doing_signing) { return False; diff --git a/source3/libsmb/trusts_util.c b/source3/libsmb/trust_passwd.c index b8f84ba890..cf9fd58b13 100644 --- a/source3/libsmb/trusts_util.c +++ b/source3/libsmb/trust_passwd.c @@ -1,8 +1,7 @@ /* * Unix SMB/CIFS implementation. - * Routines to operate on various trust relationships - * Copyright (C) Andrew Bartlett 2001 - * Copyright (C) Rafal Szczesniak 2003 + * Routines to change trust account passwords. + * Copyright (C) Andrew Bartlett 2001. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -114,63 +113,4 @@ NTSTATUS trust_pw_find_change_and_store_it(struct cli_state *cli, TALLOC_CTX *me return trust_pw_change_and_store_it(cli, mem_ctx, old_trust_passwd_hash); -} - - -/** - * Verify whether or not given domain is trusted. - * - * @param domain_name name of the domain to be verified - * @return true if domain is one of the trusted once or - * false if otherwise - **/ - -BOOL is_trusted_domain(const char* dom_name) -{ - int enum_ctx = 0; - const int trustdom_size = 10; - int num_domains, i; - TRUSTDOM **domains; - NTSTATUS result; - fstring trustdom_name; - DOM_SID trustdom_sid; - TALLOC_CTX *mem_ctx; - - /* - * Query the secrets db as an ultimate source of information - * about trusted domain names. This is PDC or BDC case. - */ - mem_ctx = talloc_init("is_trusted_domain"); - - do { - result = secrets_get_trusted_domains(mem_ctx, &enum_ctx, trustdom_size, - &num_domains, &domains); - /* compare each returned entry against incoming connection's domain */ - for (i = 0; i < num_domains; i++) { - pull_ucs2_fstring(trustdom_name, domains[i]->name); - if (strequal(trustdom_name, dom_name)) { - talloc_destroy(mem_ctx); - return True; - } - } - } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); - - talloc_destroy(mem_ctx); - - /* - * Query the trustdom_cache updated periodically. The only - * way for domain member server. - */ - if (trustdom_cache_enable() && - trustdom_cache_fetch(dom_name, &trustdom_sid)) { - trustdom_cache_shutdown(); - return True; - } - - /* - * if nothing's been found, then give up here, although - * the last resort might be to query the PDC. - */ - return False; -} - +} |