From 13b0776f60f6a0f35a4afc2b3d3c6b5ec9c1ca6a Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Mon, 21 Mar 2005 23:35:58 +0000 Subject: r5929: Use cli_credentials for the SMB functions as well. Fix a couple of bugs in the new cli_credentials code (This used to be commit 4ad481cfe5cde514d2ef9646147239f3faaa6173) --- source4/client/client.c | 4 +--- source4/include/credentials.h | 2 -- source4/lib/cmdline/popt_common.c | 5 ++--- source4/lib/credentials.c | 13 +++++++++++-- source4/libcli/cliconnect.c | 26 +++++++------------------- source4/libcli/raw/clitree.c | 11 +++++------ source4/librpc/rpc/dcerpc_util.c | 10 ++++------ source4/torture/gentest.c | 29 +++++++++++------------------ source4/torture/locktest.c | 16 ++++------------ source4/torture/masktest.c | 19 +++++-------------- source4/torture/torture.c | 12 ++---------- 11 files changed, 52 insertions(+), 95 deletions(-) diff --git a/source4/client/client.c b/source4/client/client.c index cd580dc756..a1a055c9be 100644 --- a/source4/client/client.c +++ b/source4/client/client.c @@ -3045,9 +3045,7 @@ static struct smbcli_state *do_connect(const char *server, const char *share, st } status = smbcli_full_connection(NULL, &c, lp_netbios_name(), server, - share, NULL, cli_credentials_get_username(cred), - cli_credentials_get_domain(cred), - cli_credentials_get_password(cred)); + share, NULL, cred); if (!NT_STATUS_IS_OK(status)) { d_printf("Connection to \\\\%s\\%s failed - %s\n", server, share, nt_errstr(status)); diff --git a/source4/include/credentials.h b/source4/include/credentials.h index a97bcfa333..7b223dad5a 100644 --- a/source4/include/credentials.h +++ b/source4/include/credentials.h @@ -51,5 +51,3 @@ struct cli_credentials { void *priv_data; }; - -#define cli_credentials_is_anonymous(c) (!(c) || !(c)->username || !(c)->username[0]) diff --git a/source4/lib/cmdline/popt_common.c b/source4/lib/cmdline/popt_common.c index 0792a16b3d..b0b5073e62 100644 --- a/source4/lib/cmdline/popt_common.c +++ b/source4/lib/cmdline/popt_common.c @@ -195,11 +195,10 @@ static void popt_common_credentials_callback(poptContext con, { char *lp; - cli_credentials_parse_string(cmdline_credentials,arg, CRED_SPECIFIED); + cli_credentials_parse_string(cmdline_credentials, arg, CRED_SPECIFIED); if ((lp=strchr_m(arg,'%'))) { - *lp = 0; - memset(strchr_m(arg,'%')+1,'X',strlen(cmdline_credentials->password)); + memset(lp,0,strlen(cmdline_credentials->password)); } } break; diff --git a/source4/lib/credentials.c b/source4/lib/credentials.c index 1c65bd2aff..2601028e7e 100644 --- a/source4/lib/credentials.c +++ b/source4/lib/credentials.c @@ -298,8 +298,7 @@ void cli_credentials_guess(struct cli_credentials *cred) if (getenv("USER")) { cli_credentials_parse_string(cred, getenv("USER"), CRED_GUESSED); if ((p = strchr_m(getenv("USER"),'%'))) { - *p = 0; - memset(strchr_m(getenv("USER"),'%')+1,'X',strlen(cred->password)); + memset(p,0,strlen(cred->password)); } } @@ -319,3 +318,13 @@ void cli_credentials_guess(struct cli_credentials *cred) cli_credentials_parse_password_file(cred, getenv("PASSWD_FILE"), CRED_GUESSED); } } + +BOOL cli_credentials_is_anonymous(struct cli_credentials *credentials) +{ + const char *username = cli_credentials_get_username(credentials); + + if (!username || !username[0]) + return True; + + return False; +} diff --git a/source4/libcli/cliconnect.c b/source4/libcli/cliconnect.c index f391b6bc0d..3834d49e49 100644 --- a/source4/libcli/cliconnect.c +++ b/source4/libcli/cliconnect.c @@ -63,9 +63,7 @@ NTSTATUS smbcli_negprot(struct smbcli_state *cli) /* wrapper around smb_raw_session_setup() */ NTSTATUS smbcli_session_setup(struct smbcli_state *cli, - const char *user, - const char *password, - const char *domain) + struct cli_credentials *credentials) { struct smb_composite_sesssetup setup; NTSTATUS status; @@ -79,19 +77,19 @@ NTSTATUS smbcli_session_setup(struct smbcli_state *cli, setup.in.sesskey = cli->transport->negotiate.sesskey; setup.in.capabilities = cli->transport->negotiate.capabilities; - if (!user || !user[0]) { + if (cli_credentials_is_anonymous(credentials)) { setup.in.password = NULL; setup.in.user = ""; setup.in.domain = ""; setup.in.capabilities &= ~CAP_EXTENDED_SECURITY; } else { if (cli->transport->negotiate.sec_mode & NEGOTIATE_SECURITY_USER_LEVEL) { - setup.in.password = password; + setup.in.password = cli_credentials_get_password(credentials); } else { setup.in.password = NULL; } - setup.in.user = user; - setup.in.domain = domain; + setup.in.user = cli_credentials_get_username(credentials); + setup.in.domain = cli_credentials_get_domain(credentials); } status = smb_composite_sesssetup(cli->session, &setup); @@ -155,29 +153,19 @@ NTSTATUS smbcli_full_connection(TALLOC_CTX *parent_ctx, const char *host, const char *sharename, const char *devtype, - const char *username, - const char *domain, - const char *password) + struct cli_credentials *credentials) { struct smbcli_tree *tree; NTSTATUS status; - char *p; TALLOC_CTX *mem_ctx; mem_ctx = talloc_init("smbcli_full_connection"); *ret_cli = NULL; - /* if the username is of the form DOMAIN\username then split out the domain */ - p = strpbrk(username, "\\/"); - if (p) { - domain = talloc_strndup(mem_ctx, username, PTR_DIFF(p, username)); - username = talloc_strdup(mem_ctx, p+1); - } - status = smbcli_tree_full_connection(parent_ctx, &tree, myname, host, 0, sharename, devtype, - username, domain, password); + credentials); if (!NT_STATUS_IS_OK(status)) { goto done; } diff --git a/source4/libcli/raw/clitree.c b/source4/libcli/raw/clitree.c index 74db1c6952..0559c64dc1 100644 --- a/source4/libcli/raw/clitree.c +++ b/source4/libcli/raw/clitree.c @@ -167,8 +167,7 @@ NTSTATUS smbcli_tree_full_connection(TALLOC_CTX *parent_ctx, const char *my_name, const char *dest_host, int port, const char *service, const char *service_type, - const char *user, const char *domain, - const char *password) + struct cli_credentials *credentials) { struct smb_composite_connect io; NTSTATUS status; @@ -179,10 +178,10 @@ NTSTATUS smbcli_tree_full_connection(TALLOC_CTX *parent_ctx, io.in.calling_name = strupper_talloc(parent_ctx, my_name); io.in.service = service; io.in.service_type = service_type; - io.in.domain = domain; - io.in.user = user; - if (user && user[0]) { - io.in.password = password; + io.in.domain = cli_credentials_get_domain(credentials); + io.in.user = cli_credentials_get_username(credentials); + if (!cli_credentials_is_anonymous(credentials)) { + io.in.password = cli_credentials_get_password(credentials); } else { io.in.password = NULL; } diff --git a/source4/librpc/rpc/dcerpc_util.c b/source4/librpc/rpc/dcerpc_util.c index 4b245fd24d..ed4015c878 100644 --- a/source4/librpc/rpc/dcerpc_util.c +++ b/source4/librpc/rpc/dcerpc_util.c @@ -914,11 +914,11 @@ NTSTATUS dcerpc_pipe_auth(struct dcerpc_pipe *p, /* remember the binding string for possible secondary connections */ p->conn->binding_string = dcerpc_binding_string(p, binding); - if (cli_credentials_is_anonymous(credentials) && + if (!cli_credentials_is_anonymous(credentials) && (binding->flags & DCERPC_SCHANNEL_ANY)) { status = dcerpc_bind_auth_schannel(p, pipe_uuid, pipe_version, credentials); - } else if (cli_credentials_is_anonymous(credentials)) { + } else if (!cli_credentials_is_anonymous(credentials)) { uint8_t auth_type; if (binding->flags & DCERPC_AUTH_SPNEGO) { auth_type = DCERPC_AUTH_TYPE_SPNEGO; @@ -984,15 +984,13 @@ static NTSTATUS dcerpc_pipe_connect_ncacn_np(struct dcerpc_pipe **pp, cli_credentials_get_workstation(credentials), binding->host, "ipc$", NULL, - "", "", NULL); + NULL); } else { status = smbcli_full_connection(p->conn, &cli, cli_credentials_get_workstation(credentials), binding->host, "ipc$", NULL, - cli_credentials_get_username(credentials), - cli_credentials_get_domain(credentials), - cli_credentials_get_password(credentials)); + credentials); } if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("Failed to connect to %s - %s\n", binding->host, nt_errstr(status))); diff --git a/source4/torture/gentest.c b/source4/torture/gentest.c index 19fa03df8c..92d6da9fef 100644 --- a/source4/torture/gentest.c +++ b/source4/torture/gentest.c @@ -60,8 +60,7 @@ static struct { struct smbcli_state *cli[NINSTANCES]; char *server_name; char *share_name; - char *username; - char *password; + struct cli_credentials credentials; } servers[NSERVERS]; /* the seeds and flags for each operation */ @@ -176,14 +175,13 @@ static BOOL connect_servers(void) NTSTATUS status; printf("Connecting to \\\\%s\\%s as %s - instance %d\n", servers[i].server_name, servers[i].share_name, - servers[i].username, j); + servers[i].credentials.username, j); + status = smbcli_full_connection(NULL, &servers[i].cli[j], "gentest", servers[i].server_name, - servers[i].share_name, NULL, - servers[i].username, - lp_workgroup(), - servers[i].password); + servers[i].share_name, NULL, + &servers[i].credentials); if (!NT_STATUS_IS_OK(status)) { printf("Failed to connect to \\\\%s\\%s - %s\n", servers[i].server_name, servers[i].share_name, @@ -2137,13 +2135,8 @@ static void usage(void) while ((opt = getopt(argc, argv, "U:s:o:ad:i:AOhS:LFXC")) != EOF) { switch (opt) { case 'U': - i = servers[0].username?1:0; - if (!split_username(optarg, - &servers[i].username, - &servers[i].password)) { - printf("Must supply USER%%PASS\n"); - return -1; - } + i = servers[0].credentials.username?1:0; + cli_credentials_parse_string(&servers[0].credentials, optarg, CRED_SPECIFIED); break; case 'd': DEBUGLEVEL = atoi(optarg); @@ -2193,13 +2186,13 @@ static void usage(void) gentest_init_subsystems; - if (!servers[0].username) { + if (!servers[0].credentials.username) { usage(); return -1; } - if (!servers[1].username) { - servers[1].username = servers[0].username; - servers[1].password = servers[0].password; + if (!servers[1].credentials.username) { + servers[1].credentials.username = servers[0].credentials.username; + servers[1].credentials.password = servers[0].credentials.password; } printf("seed=%u\n", options.seed); diff --git a/source4/torture/locktest.c b/source4/torture/locktest.c index 74f348638c..005f9af71b 100644 --- a/source4/torture/locktest.c +++ b/source4/torture/locktest.c @@ -47,10 +47,7 @@ static BOOL zero_zero; #define NASTY_POSIX_LOCK_HACK 0 -static struct { - char *username; - char *password; -} servers[NSERVERS]; +static struct cli_credentials servers[NSERVERS]; enum lock_op {OP_LOCK, OP_UNLOCK, OP_REOPEN}; @@ -124,8 +121,7 @@ static struct smbcli_state *connect_one(char *share, int snum) status = smbcli_full_connection(NULL, &c, myname, server, share, NULL, - servers[snum].username, lp_workgroup(), - servers[snum].password); + &servers[snum]); if (!NT_STATUS_IS_OK(status)) { sleep(2); } @@ -487,12 +483,8 @@ static void usage(void) switch (opt) { case 'U': i = servers[0].username?1:0; - if (!split_username(optarg, - &servers[i].username, - &servers[i].password)) { - printf("Must supply USER%%PASS\n"); - return -1; - } + cli_credentials_parse_string(&servers[0], optarg, CRED_SPECIFIED); + break; case 'R': lock_range = strtol(optarg, NULL, 0); diff --git a/source4/torture/masktest.c b/source4/torture/masktest.c index 4c71385ad0..00a0c2688d 100644 --- a/source4/torture/masktest.c +++ b/source4/torture/masktest.c @@ -25,8 +25,7 @@ #include "libcli/raw/libcliraw.h" #include "system/time.h" -static fstring password; -static fstring username; +static struct cli_credentials credentials; static BOOL showall = False; static BOOL old_list = False; static const char *maskchars = "<>\"?*abc."; @@ -81,8 +80,7 @@ static struct smbcli_state *connect_one(char *share) status = smbcli_full_connection(NULL, &c, "masktest", server, share, NULL, - username, lp_workgroup(), - password); + &credentials); if (!NT_STATUS_IS_OK(status)) { return NULL; @@ -274,7 +272,6 @@ static void usage(void) char *share; struct smbcli_state *cli; int opt; - char *p; int seed; setlinebuf(stdout); @@ -300,9 +297,8 @@ static void usage(void) lp_load(dyn_CONFIGFILE,True,False,False); load_interfaces(); - if (getenv("USER")) { - fstrcpy(username,getenv("USER")); - } + ZERO_STRUCT(credentials); + cli_credentials_guess(&credentials); seed = time(NULL); @@ -326,12 +322,7 @@ static void usage(void) lp_set_cmdline("max protocol", optarg); break; case 'U': - fstrcpy(username,optarg); - p = strchr_m(username,'%'); - if (p) { - *p = 0; - fstrcpy(password, p+1); - } + cli_credentials_parse_string(&credentials, optarg, CRED_SPECIFIED); break; case 's': seed = atoi(optarg); diff --git a/source4/torture/torture.c b/source4/torture/torture.c index dce91452f1..cdc9efbf7c 100644 --- a/source4/torture/torture.c +++ b/source4/torture/torture.c @@ -80,16 +80,12 @@ BOOL torture_open_connection_share(struct smbcli_state **c, const char *sharename) { NTSTATUS status; - const char *username = cli_credentials_get_username(cmdline_credentials); - const char *userdomain = cli_credentials_get_domain(cmdline_credentials); - const char *password = cli_credentials_get_password(cmdline_credentials); status = smbcli_full_connection(NULL, c, lp_netbios_name(), hostname, sharename, NULL, - username, username[0]?userdomain:"", - password); + cmdline_credentials); if (!NT_STATUS_IS_OK(status)) { printf("Failed to open connection - %s\n", nt_errstr(status)); return False; @@ -726,16 +722,12 @@ static BOOL run_tcon_devtype_test(void) BOOL ret = True; const char *host = lp_parm_string(-1, "torture", "host"); const char *share = lp_parm_string(-1, "torture", "share"); - const char *username = cli_credentials_get_username(cmdline_credentials); - const char *userdomain = cli_credentials_get_domain(cmdline_credentials); - const char *password = cli_credentials_get_password(cmdline_credentials); status = smbcli_full_connection(NULL, &cli1, lp_netbios_name(), host, share, NULL, - username, userdomain, - password); + cmdline_credentials); if (!NT_STATUS_IS_OK(status)) { printf("could not open connection\n"); -- cgit