2 Unix SMB/CIFS implementation.
4 SMB2 composite connection setup
6 Copyright (C) Andrew Tridgell 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "lib/util/tevent_ntstatus.h"
25 #include "libcli/raw/libcliraw.h"
26 #include "libcli/raw/raw_proto.h"
27 #include "libcli/smb2/smb2.h"
28 #include "libcli/smb2/smb2_calls.h"
29 #include "libcli/composite/composite.h"
30 #include "libcli/resolve/resolve.h"
31 #include "param/param.h"
32 #include "auth/credentials/credentials.h"
33 #include "../libcli/smb/smbXcli_base.h"
34 #include "smb2_constants.h"
36 struct smb2_connect_state {
37 struct tevent_context *ev;
38 struct cli_credentials *credentials;
39 bool fallback_to_anonymous;
40 uint64_t previous_session_id;
41 struct resolve_context *resolve_ctx;
46 const char *socket_options;
47 struct nbt_name calling, called;
48 struct gensec_settings *gensec_settings;
49 struct smbcli_options options;
50 struct smb2_transport *transport;
51 struct smb2_session *session;
52 struct smb2_tree *tree;
55 static void smb2_connect_session_start(struct tevent_req *req);
56 static void smb2_connect_socket_done(struct composite_context *creq);
59 a composite function that does a full negprot/sesssetup/tcon, returning
62 struct tevent_req *smb2_connect_send(TALLOC_CTX *mem_ctx,
63 struct tevent_context *ev,
67 struct resolve_context *resolve_ctx,
68 struct cli_credentials *credentials,
69 bool fallback_to_anonymous,
70 struct smbXcli_conn **existing_conn,
71 uint64_t previous_session_id,
72 const struct smbcli_options *options,
73 const char *socket_options,
74 struct gensec_settings *gensec_settings)
76 struct tevent_req *req;
77 struct smb2_connect_state *state;
78 struct composite_context *creq;
79 static const char *default_ports[] = { "445", "139", NULL };
80 enum smb_encryption_setting encryption_state =
81 cli_credentials_get_smb_encryption(credentials);
83 req = tevent_req_create(mem_ctx, &state,
84 struct smb2_connect_state);
90 state->credentials = credentials;
91 state->fallback_to_anonymous = fallback_to_anonymous;
92 state->previous_session_id = previous_session_id;
93 state->options = *options;
97 state->resolve_ctx = resolve_ctx;
98 state->socket_options = socket_options;
99 state->gensec_settings = gensec_settings;
101 if (state->ports == NULL) {
102 state->ports = default_ports;
105 if (encryption_state >= SMB_ENCRYPTION_DESIRED) {
106 state->options.signing = SMB_SIGNING_REQUIRED;
109 make_nbt_name_client(&state->calling,
110 cli_credentials_get_workstation(credentials));
112 nbt_choose_called_name(state, &state->called,
113 host, NBT_NAME_SERVER);
115 state->unc = talloc_asprintf(state, "\\\\%s\\%s",
116 state->host, state->share);
117 if (tevent_req_nomem(state->unc, req)) {
118 return tevent_req_post(req, ev);
121 if (existing_conn != NULL) {
124 status = smb2_transport_raw_init(state, ev,
128 if (tevent_req_nterror(req, status)) {
129 return tevent_req_post(req, ev);
132 smb2_connect_session_start(req);
133 if (!tevent_req_is_in_progress(req)) {
134 return tevent_req_post(req, ev);
140 creq = smbcli_sock_connect_send(state, NULL, state->ports,
141 state->host, state->resolve_ctx,
142 state->ev, state->socket_options,
145 if (tevent_req_nomem(creq, req)) {
146 return tevent_req_post(req, ev);
148 creq->async.fn = smb2_connect_socket_done;
149 creq->async.private_data = req;
154 static void smb2_connect_negprot_done(struct tevent_req *subreq);
156 static void smb2_connect_socket_done(struct composite_context *creq)
158 struct tevent_req *req =
159 talloc_get_type_abort(creq->async.private_data,
161 struct smb2_connect_state *state =
163 struct smb2_connect_state);
164 struct smbcli_socket *sock;
165 struct tevent_req *subreq;
167 uint32_t timeout_msec;
168 enum protocol_types min_protocol;
170 status = smbcli_sock_connect_recv(creq, state, &sock);
171 if (tevent_req_nterror(req, status)) {
175 state->transport = smb2_transport_init(sock, state, &state->options);
176 if (tevent_req_nomem(state->transport, req)) {
180 timeout_msec = state->transport->options.request_timeout * 1000;
181 min_protocol = state->transport->options.min_protocol;
182 if (min_protocol < PROTOCOL_SMB2_02) {
183 min_protocol = PROTOCOL_SMB2_02;
186 subreq = smbXcli_negprot_send(state, state->ev,
187 state->transport->conn, timeout_msec,
189 state->transport->options.max_protocol,
190 state->transport->options.max_credits,
192 if (tevent_req_nomem(subreq, req)) {
195 tevent_req_set_callback(subreq, smb2_connect_negprot_done, req);
198 static void smb2_connect_session_done(struct tevent_req *subreq);
200 static void smb2_connect_negprot_done(struct tevent_req *subreq)
202 struct tevent_req *req =
203 tevent_req_callback_data(subreq,
207 status = smbXcli_negprot_recv(subreq, NULL, NULL);
209 if (tevent_req_nterror(req, status)) {
213 smb2_connect_session_start(req);
216 static void smb2_connect_session_start(struct tevent_req *req)
218 struct smb2_connect_state *state =
220 struct smb2_connect_state);
221 struct smb2_transport *transport = state->transport;
222 struct tevent_req *subreq = NULL;
224 state->session = smb2_session_init(transport, state->gensec_settings, state);
225 if (tevent_req_nomem(state->session, req)) {
229 if (state->options.only_negprot) {
230 state->tree = smb2_tree_init(state->session, state, true);
231 if (tevent_req_nomem(state->tree, req)) {
234 tevent_req_done(req);
238 subreq = smb2_session_setup_spnego_send(state, state->ev,
241 state->previous_session_id);
242 if (tevent_req_nomem(subreq, req)) {
245 tevent_req_set_callback(subreq, smb2_connect_session_done, req);
248 static void smb2_connect_enc_start(struct tevent_req *req);
249 static void smb2_connect_tcon_start(struct tevent_req *req);
250 static void smb2_connect_tcon_done(struct tevent_req *subreq);
252 static void smb2_connect_session_done(struct tevent_req *subreq)
254 struct tevent_req *req =
255 tevent_req_callback_data(subreq,
257 struct smb2_connect_state *state =
259 struct smb2_connect_state);
262 status = smb2_session_setup_spnego_recv(subreq);
264 if (!NT_STATUS_IS_OK(status) &&
265 !cli_credentials_is_anonymous(state->credentials) &&
266 state->fallback_to_anonymous) {
267 struct cli_credentials *anon_creds = NULL;
270 * The transport was moved to session,
271 * we need to revert that before removing
272 * the old broken session.
274 state->transport = talloc_move(state, &state->session->transport);
275 TALLOC_FREE(state->session);
277 anon_creds = cli_credentials_init_anon(state);
278 if (tevent_req_nomem(anon_creds, req)) {
281 cli_credentials_set_workstation(anon_creds,
282 cli_credentials_get_workstation(state->credentials),
286 * retry with anonymous credentials
288 state->credentials = anon_creds;
289 smb2_connect_session_start(req);
292 if (tevent_req_nterror(req, status)) {
296 state->tree = smb2_tree_init(state->session, state, true);
297 if (tevent_req_nomem(state->tree, req)) {
301 smb2_connect_enc_start(req);
304 static void smb2_connect_enc_start(struct tevent_req *req)
306 struct smb2_connect_state *state =
308 struct smb2_connect_state);
309 enum smb_encryption_setting encryption_state =
310 cli_credentials_get_smb_encryption(state->credentials);
313 if (encryption_state < SMB_ENCRYPTION_DESIRED) {
314 smb2_connect_tcon_start(req);
318 status = smb2cli_session_encryption_on(state->session->smbXcli);
319 if (!NT_STATUS_IS_OK(status)) {
320 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
321 if (encryption_state < SMB_ENCRYPTION_REQUIRED) {
322 smb2_connect_tcon_start(req);
326 DBG_ERR("Encryption required and server doesn't support "
327 "SMB3 encryption - failing connect\n");
328 tevent_req_nterror(req, status);
332 DBG_ERR("Encryption required and setup failed with error %s.\n",
334 tevent_req_nterror(req, NT_STATUS_PROTOCOL_NOT_SUPPORTED);
338 smb2_connect_tcon_start(req);
341 static void smb2_connect_tcon_start(struct tevent_req *req)
343 struct smb2_connect_state *state =
345 struct smb2_connect_state);
346 struct tevent_req *subreq = NULL;
347 uint32_t timeout_msec;
349 timeout_msec = state->transport->options.request_timeout * 1000;
351 subreq = smb2cli_tcon_send(state, state->ev,
352 state->transport->conn,
354 state->session->smbXcli,
355 state->tree->smbXcli,
358 if (tevent_req_nomem(subreq, req)) {
361 tevent_req_set_callback(subreq, smb2_connect_tcon_done, req);
364 static void smb2_connect_tcon_done(struct tevent_req *subreq)
366 struct tevent_req *req =
367 tevent_req_callback_data(subreq,
371 status = smb2cli_tcon_recv(subreq);
372 if (tevent_req_nterror(req, status)) {
376 tevent_req_done(req);
379 NTSTATUS smb2_connect_recv(struct tevent_req *req,
381 struct smb2_tree **tree)
383 struct smb2_connect_state *state =
385 struct smb2_connect_state);
388 if (tevent_req_is_nterror(req, &status)) {
389 tevent_req_received(req);
393 *tree = talloc_move(mem_ctx, &state->tree);
395 tevent_req_received(req);
400 sync version of smb2_connect
402 NTSTATUS smb2_connect_ext(TALLOC_CTX *mem_ctx,
406 struct resolve_context *resolve_ctx,
407 struct cli_credentials *credentials,
408 struct smbXcli_conn **existing_conn,
409 uint64_t previous_session_id,
410 struct smb2_tree **tree,
411 struct tevent_context *ev,
412 const struct smbcli_options *options,
413 const char *socket_options,
414 struct gensec_settings *gensec_settings)
416 struct tevent_req *subreq;
419 TALLOC_CTX *frame = talloc_stackframe();
422 return NT_STATUS_NO_MEMORY;
425 subreq = smb2_connect_send(frame,
432 false, /* fallback_to_anonymous */
438 if (subreq == NULL) {
440 return NT_STATUS_NO_MEMORY;
443 ok = tevent_req_poll(subreq, ev);
445 status = map_nt_error_from_unix_common(errno);
450 status = smb2_connect_recv(subreq, mem_ctx, tree);
452 if (!NT_STATUS_IS_OK(status)) {
461 NTSTATUS smb2_connect(TALLOC_CTX *mem_ctx,
465 struct resolve_context *resolve_ctx,
466 struct cli_credentials *credentials,
467 struct smb2_tree **tree,
468 struct tevent_context *ev,
469 const struct smbcli_options *options,
470 const char *socket_options,
471 struct gensec_settings *gensec_settings)
475 status = smb2_connect_ext(mem_ctx, host, ports, share, resolve_ctx,
477 NULL, /* existing_conn */
478 0, /* previous_session_id */
479 tree, ev, options, socket_options,