From dd836aac9dde796be3fb9a883d2e3982db6512fd Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 8 Sep 2011 16:39:14 +0200
Subject: s3:libsmb: make use of SMB_CAP_BOTH/CLIENT_MASK in
 cli_session_setup_capabilities()

This matches a w2k3 client.

metze
---
 source3/libsmb/cliconnect.c | 38 +++++++++++++++++++++++++-------------
 1 file changed, 25 insertions(+), 13 deletions(-)

(limited to 'source3')

diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index e15d099086..24af427d1f 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -357,18 +357,31 @@ static NTSTATUS cli_session_setup_lanman2(struct cli_state *cli, const char *use
  Work out suitable capabilities to offer the server.
 ****************************************************************************/
 
-static uint32 cli_session_setup_capabilities(struct cli_state *cli)
+static uint32_t cli_session_setup_capabilities(struct cli_state *cli,
+					       uint32_t sesssetup_capabilities)
 {
-	uint32 capabilities = CAP_NT_SMBS;
+	uint32_t client_capabilities = cli_state_capabilities(cli);
 
-	if (!cli->force_dos_errors)
-		capabilities |= CAP_STATUS32;
+	/*
+	 * We only send capabilities based on the mask for:
+	 * - client only flags
+	 * - flags used in both directions
+	 *
+	 * We do not echo the server only flags.
+	 */
+	client_capabilities &= (SMB_CAP_BOTH_MASK | SMB_CAP_CLIENT_MASK);
 
-	if (cli->use_level_II_oplocks)
-		capabilities |= CAP_LEVEL_II_OPLOCKS;
+	/*
+	 * Session Setup specific flags CAP_DYNAMIC_REAUTH
+	 * and CAP_EXTENDED_SECURITY are passed by the caller.
+	 * We need that in order to do guest logins even if
+	 * CAP_EXTENDED_SECURITY is negotiated.
+	 */
+	client_capabilities &= ~(CAP_DYNAMIC_REAUTH|CAP_EXTENDED_SECURITY);
+	sesssetup_capabilities &= (CAP_DYNAMIC_REAUTH|CAP_EXTENDED_SECURITY);
+	client_capabilities |= sesssetup_capabilities;
 
-	capabilities |= (cli_state_capabilities(cli) & (CAP_UNICODE|CAP_LARGE_FILES|CAP_LARGE_READX|CAP_LARGE_WRITEX|CAP_DFS));
-	return capabilities;
+	return client_capabilities;
 }
 
 /****************************************************************************
@@ -412,7 +425,7 @@ struct tevent_req *cli_session_setup_guest_create(TALLOC_CTX *mem_ctx,
 	SSVAL(vwv+8, 0, 0);
 	SSVAL(vwv+9, 0, 0);
 	SSVAL(vwv+10, 0, 0);
-	SIVAL(vwv+11, 0, cli_session_setup_capabilities(cli));
+	SIVAL(vwv+11, 0, cli_session_setup_capabilities(cli, 0));
 
 	bytes = talloc_array(state, uint8_t, 0);
 
@@ -627,7 +640,7 @@ static struct tevent_req *cli_session_setup_plain_send(
 	SSVAL(vwv+8, 0, 0);
 	SSVAL(vwv+9, 0, 0);
 	SSVAL(vwv+10, 0, 0);
-	SIVAL(vwv+11, 0, cli_session_setup_capabilities(cli));
+	SIVAL(vwv+11, 0, cli_session_setup_capabilities(cli, 0));
 
 	bytes = talloc_array(state, uint8_t, 0);
 	bytes = smb_bytes_push_str(bytes, cli_ucs2(cli), pass, strlen(pass)+1,
@@ -972,7 +985,7 @@ static struct tevent_req *cli_session_setup_nt1_send(
 	SSVAL(vwv+8, 0, nt_response.length);
 	SSVAL(vwv+9, 0, 0);
 	SSVAL(vwv+10, 0, 0);
-	SIVAL(vwv+11, 0, cli_session_setup_capabilities(cli));
+	SIVAL(vwv+11, 0, cli_session_setup_capabilities(cli, 0));
 
 	bytes = talloc_array(state, uint8_t,
 			     lm_response.length + nt_response.length);
@@ -1226,8 +1239,7 @@ static bool cli_sesssetup_blob_next(struct cli_sesssetup_blob_state *state,
 	SSVAL(state->vwv+8, 0, 0);
 	SSVAL(state->vwv+9, 0, 0);
 	SIVAL(state->vwv+10, 0,
-	      cli_session_setup_capabilities(state->cli)
-	      | CAP_EXTENDED_SECURITY);
+		cli_session_setup_capabilities(state->cli, CAP_EXTENDED_SECURITY));
 
 	state->buf = (uint8_t *)talloc_memdup(state, state->blob.data,
 					      thistime);
-- 
cgit