2 Unix SMB/CIFS implementation.
4 Copyright (C) Stefan (metze) Metzmacher 2003
5 Copyright (C) Jeremy Allison 2007
6 Copyright (C) Andrew Bartlett 2011
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "libsmb/libsmb.h"
24 #include "../lib/util/tevent_ntstatus.h"
25 #include "async_smb.h"
26 #include "../libcli/smb/smb_seal.h"
28 #include "auth_generic.h"
29 #include "auth/gensec/gensec.h"
30 #include "../libcli/smb/smbXcli_base.h"
31 #include "auth/credentials/credentials.h"
32 #include "../librpc/gen_ndr/ndr_security.h"
34 /****************************************************************************
35 Get UNIX extensions version info.
36 ****************************************************************************/
38 struct cli_unix_extensions_version_state {
39 struct cli_state *cli;
42 uint16_t major, minor;
43 uint32_t caplow, caphigh;
46 static void cli_unix_extensions_version_done(struct tevent_req *subreq);
48 struct tevent_req *cli_unix_extensions_version_send(TALLOC_CTX *mem_ctx,
49 struct tevent_context *ev,
50 struct cli_state *cli)
52 struct tevent_req *req, *subreq;
53 struct cli_unix_extensions_version_state *state;
55 req = tevent_req_create(mem_ctx, &state,
56 struct cli_unix_extensions_version_state);
61 SSVAL(state->setup, 0, TRANSACT2_QFSINFO);
62 SSVAL(state->param, 0, SMB_QUERY_CIFS_UNIX_INFO);
64 subreq = cli_trans_send(state, ev, cli, 0, SMBtrans2,
69 if (tevent_req_nomem(subreq, req)) {
70 return tevent_req_post(req, ev);
72 tevent_req_set_callback(subreq, cli_unix_extensions_version_done, req);
76 static void cli_unix_extensions_version_done(struct tevent_req *subreq)
78 struct tevent_req *req = tevent_req_callback_data(
79 subreq, struct tevent_req);
80 struct cli_unix_extensions_version_state *state = tevent_req_data(
81 req, struct cli_unix_extensions_version_state);
86 status = cli_trans_recv(subreq, state, NULL, NULL, 0, NULL,
87 NULL, 0, NULL, &data, 12, &num_data);
89 if (!NT_STATUS_IS_OK(status)) {
90 tevent_req_nterror(req, status);
94 state->major = SVAL(data, 0);
95 state->minor = SVAL(data, 2);
96 state->caplow = IVAL(data, 4);
97 state->caphigh = IVAL(data, 8);
102 NTSTATUS cli_unix_extensions_version_recv(struct tevent_req *req,
103 uint16_t *pmajor, uint16_t *pminor,
107 struct cli_unix_extensions_version_state *state = tevent_req_data(
108 req, struct cli_unix_extensions_version_state);
111 if (tevent_req_is_nterror(req, &status)) {
114 *pmajor = state->major;
115 *pminor = state->minor;
116 *pcaplow = state->caplow;
117 *pcaphigh = state->caphigh;
118 state->cli->server_posix_capabilities = *pcaplow;
122 NTSTATUS cli_unix_extensions_version(struct cli_state *cli, uint16_t *pmajor,
123 uint16_t *pminor, uint32_t *pcaplow,
126 TALLOC_CTX *frame = talloc_stackframe();
127 struct tevent_context *ev;
128 struct tevent_req *req;
129 NTSTATUS status = NT_STATUS_OK;
131 if (smbXcli_conn_has_async_calls(cli->conn)) {
133 * Can't use sync call while an async call is in flight
135 status = NT_STATUS_INVALID_PARAMETER;
139 ev = samba_tevent_context_init(frame);
141 status = NT_STATUS_NO_MEMORY;
145 req = cli_unix_extensions_version_send(frame, ev, cli);
147 status = NT_STATUS_NO_MEMORY;
151 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
155 status = cli_unix_extensions_version_recv(req, pmajor, pminor, pcaplow,
162 /****************************************************************************
163 Set UNIX extensions capabilities.
164 ****************************************************************************/
166 struct cli_set_unix_extensions_capabilities_state {
167 struct cli_state *cli;
173 static void cli_set_unix_extensions_capabilities_done(
174 struct tevent_req *subreq);
176 struct tevent_req *cli_set_unix_extensions_capabilities_send(
177 TALLOC_CTX *mem_ctx, struct tevent_context *ev, struct cli_state *cli,
178 uint16_t major, uint16_t minor, uint32_t caplow, uint32_t caphigh)
180 struct tevent_req *req, *subreq;
181 struct cli_set_unix_extensions_capabilities_state *state;
183 req = tevent_req_create(
185 struct cli_set_unix_extensions_capabilities_state);
191 SSVAL(state->setup+0, 0, TRANSACT2_SETFSINFO);
193 SSVAL(state->param, 0, 0);
194 SSVAL(state->param, 2, SMB_SET_CIFS_UNIX_INFO);
196 SSVAL(state->data, 0, major);
197 SSVAL(state->data, 2, minor);
198 SIVAL(state->data, 4, caplow);
199 SIVAL(state->data, 8, caphigh);
201 subreq = cli_trans_send(state, ev, cli, 0, SMBtrans2,
205 state->data, 12, 560);
206 if (tevent_req_nomem(subreq, req)) {
207 return tevent_req_post(req, ev);
209 tevent_req_set_callback(
210 subreq, cli_set_unix_extensions_capabilities_done, req);
214 static void cli_set_unix_extensions_capabilities_done(
215 struct tevent_req *subreq)
217 struct tevent_req *req = tevent_req_callback_data(
218 subreq, struct tevent_req);
219 struct cli_set_unix_extensions_capabilities_state *state = tevent_req_data(
220 req, struct cli_set_unix_extensions_capabilities_state);
222 NTSTATUS status = cli_trans_recv(subreq, NULL, NULL, NULL, 0, NULL,
223 NULL, 0, NULL, NULL, 0, NULL);
224 if (NT_STATUS_IS_OK(status)) {
225 state->cli->requested_posix_capabilities = IVAL(state->data, 4);
227 tevent_req_simple_finish_ntstatus(subreq, status);
230 NTSTATUS cli_set_unix_extensions_capabilities_recv(struct tevent_req *req)
232 return tevent_req_simple_recv_ntstatus(req);
235 NTSTATUS cli_set_unix_extensions_capabilities(struct cli_state *cli,
236 uint16_t major, uint16_t minor,
237 uint32_t caplow, uint32_t caphigh)
239 struct tevent_context *ev;
240 struct tevent_req *req;
241 NTSTATUS status = NT_STATUS_NO_MEMORY;
243 if (smbXcli_conn_has_async_calls(cli->conn)) {
244 return NT_STATUS_INVALID_PARAMETER;
246 ev = samba_tevent_context_init(talloc_tos());
250 req = cli_set_unix_extensions_capabilities_send(
251 ev, ev, cli, major, minor, caplow, caphigh);
255 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
258 status = cli_set_unix_extensions_capabilities_recv(req);
264 struct cli_get_fs_attr_info_state {
270 static void cli_get_fs_attr_info_done(struct tevent_req *subreq);
272 struct tevent_req *cli_get_fs_attr_info_send(TALLOC_CTX *mem_ctx,
273 struct tevent_context *ev,
274 struct cli_state *cli)
276 struct tevent_req *subreq, *req;
277 struct cli_get_fs_attr_info_state *state;
279 req = tevent_req_create(mem_ctx, &state,
280 struct cli_get_fs_attr_info_state);
284 SSVAL(state->setup+0, 0, TRANSACT2_QFSINFO);
285 SSVAL(state->param+0, 0, SMB_QUERY_FS_ATTRIBUTE_INFO);
287 subreq = cli_trans_send(state, ev, cli, 0, SMBtrans2,
292 if (tevent_req_nomem(subreq, req)) {
293 return tevent_req_post(req, ev);
295 tevent_req_set_callback(subreq, cli_get_fs_attr_info_done, req);
299 static void cli_get_fs_attr_info_done(struct tevent_req *subreq)
301 struct tevent_req *req = tevent_req_callback_data(
302 subreq, struct tevent_req);
303 struct cli_get_fs_attr_info_state *state = tevent_req_data(
304 req, struct cli_get_fs_attr_info_state);
309 status = cli_trans_recv(subreq, talloc_tos(), NULL, NULL, 0, NULL,
310 NULL, 0, NULL, &data, 12, &num_data);
312 if (!NT_STATUS_IS_OK(status)) {
313 tevent_req_nterror(req, status);
316 state->fs_attr = IVAL(data, 0);
318 tevent_req_done(req);
321 NTSTATUS cli_get_fs_attr_info_recv(struct tevent_req *req, uint32_t *fs_attr)
323 struct cli_get_fs_attr_info_state *state = tevent_req_data(
324 req, struct cli_get_fs_attr_info_state);
327 if (tevent_req_is_nterror(req, &status)) {
330 *fs_attr = state->fs_attr;
334 NTSTATUS cli_get_fs_attr_info(struct cli_state *cli, uint32_t *fs_attr)
336 struct tevent_context *ev;
337 struct tevent_req *req;
338 NTSTATUS status = NT_STATUS_NO_MEMORY;
340 if (smbXcli_conn_protocol(cli->conn) >= PROTOCOL_SMB2_02) {
341 return cli_smb2_get_fs_attr_info(cli, fs_attr);
344 if (smbXcli_conn_has_async_calls(cli->conn)) {
345 return NT_STATUS_INVALID_PARAMETER;
347 ev = samba_tevent_context_init(talloc_tos());
351 req = cli_get_fs_attr_info_send(ev, ev, cli);
355 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
358 status = cli_get_fs_attr_info_recv(req, fs_attr);
364 NTSTATUS cli_get_fs_volume_info(struct cli_state *cli,
367 uint32_t *pserial_number,
371 uint16_t recv_flags2;
375 uint32_t rdata_count;
377 char *volume_name = NULL;
379 SSVAL(setup, 0, TRANSACT2_QFSINFO);
380 SSVAL(param,0,SMB_QUERY_FS_VOLUME_INFO);
382 status = cli_trans(talloc_tos(), cli, SMBtrans2,
390 &rdata, 18, &rdata_count);
391 if (!NT_STATUS_IS_OK(status)) {
397 ts = interpret_long_date((char *)rdata);
400 if (pserial_number) {
401 *pserial_number = IVAL(rdata,8);
403 nlen = IVAL(rdata,12);
404 if (nlen > (rdata_count - 18)) {
406 return NT_STATUS_INVALID_NETWORK_RESPONSE;
409 clistr_pull_talloc(mem_ctx,
415 if (volume_name == NULL) {
416 status = map_nt_error_from_unix(errno);
421 /* todo: but not yet needed
422 * return the other stuff
425 *_volume_name = volume_name;
430 NTSTATUS cli_get_fs_full_size_info(struct cli_state *cli,
431 uint64_t *total_allocation_units,
432 uint64_t *caller_allocation_units,
433 uint64_t *actual_allocation_units,
434 uint64_t *sectors_per_allocation_unit,
435 uint64_t *bytes_per_sector)
439 uint8_t *rdata = NULL;
440 uint32_t rdata_count;
443 SSVAL(setup, 0, TRANSACT2_QFSINFO);
444 SSVAL(param, 0, SMB_FS_FULL_SIZE_INFORMATION);
446 status = cli_trans(talloc_tos(), cli, SMBtrans2,
448 setup, 1, 0, /* setup */
449 param, 2, 0, /* param */
450 NULL, 0, 560, /* data */
452 NULL, 0, NULL, /* rsetup */
453 NULL, 0, NULL, /* rparam */
454 &rdata, 32, &rdata_count); /* rdata */
455 if (!NT_STATUS_IS_OK(status)) {
459 if (total_allocation_units) {
460 *total_allocation_units = BIG_UINT(rdata, 0);
462 if (caller_allocation_units) {
463 *caller_allocation_units = BIG_UINT(rdata,8);
465 if (actual_allocation_units) {
466 *actual_allocation_units = BIG_UINT(rdata,16);
468 if (sectors_per_allocation_unit) {
469 *sectors_per_allocation_unit = IVAL(rdata,24);
471 if (bytes_per_sector) {
472 *bytes_per_sector = IVAL(rdata,28);
480 NTSTATUS cli_get_posix_fs_info(struct cli_state *cli,
481 uint32_t *optimal_transfer_size,
482 uint32_t *block_size,
483 uint64_t *total_blocks,
484 uint64_t *blocks_available,
485 uint64_t *user_blocks_available,
486 uint64_t *total_file_nodes,
487 uint64_t *free_file_nodes,
488 uint64_t *fs_identifier)
492 uint8_t *rdata = NULL;
493 uint32_t rdata_count;
496 SSVAL(setup, 0, TRANSACT2_QFSINFO);
497 SSVAL(param,0,SMB_QUERY_POSIX_FS_INFO);
499 status = cli_trans(talloc_tos(), cli, SMBtrans2, NULL, 0, 0, 0,
504 NULL, 0, NULL, /* rsetup */
505 NULL, 0, NULL, /* rparam */
506 &rdata, 56, &rdata_count);
507 if (!NT_STATUS_IS_OK(status)) {
511 if (optimal_transfer_size) {
512 *optimal_transfer_size = IVAL(rdata, 0);
515 *block_size = IVAL(rdata,4);
518 *total_blocks = BIG_UINT(rdata,8);
520 if (blocks_available) {
521 *blocks_available = BIG_UINT(rdata,16);
523 if (user_blocks_available) {
524 *user_blocks_available = BIG_UINT(rdata,24);
526 if (total_file_nodes) {
527 *total_file_nodes = BIG_UINT(rdata,32);
529 if (free_file_nodes) {
530 *free_file_nodes = BIG_UINT(rdata,40);
533 *fs_identifier = BIG_UINT(rdata,48);
539 /******************************************************************************
540 Send/receive the request encryption blob.
541 ******************************************************************************/
543 static NTSTATUS enc_blob_send_receive(struct cli_state *cli, DATA_BLOB *in, DATA_BLOB *out, DATA_BLOB *param_out)
547 uint8_t *rparam=NULL, *rdata=NULL;
548 uint32_t num_rparam, num_rdata;
551 SSVAL(setup+0, 0, TRANSACT2_SETFSINFO);
553 SSVAL(param,2,SMB_REQUEST_TRANSPORT_ENCRYPTION);
555 status = cli_trans(talloc_tos(), cli, SMBtrans2, NULL, 0, 0, 0,
558 (uint8_t *)in->data, in->length, CLI_BUFFER_SIZE,
559 NULL, /* recv_flags */
560 NULL, 0, NULL, /* rsetup */
561 &rparam, 0, &num_rparam,
562 &rdata, 0, &num_rdata);
564 if (!NT_STATUS_IS_OK(status) &&
565 !NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
569 *out = data_blob(rdata, num_rdata);
570 *param_out = data_blob(rparam, num_rparam);
577 /******************************************************************************
578 Start a raw ntlmssp encryption.
579 ******************************************************************************/
581 NTSTATUS cli_raw_ntlm_smb_encryption_start(struct cli_state *cli,
586 DATA_BLOB blob_in = data_blob_null;
587 DATA_BLOB blob_out = data_blob_null;
588 DATA_BLOB param_out = data_blob_null;
589 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
590 struct auth_generic_state *auth_generic_state;
591 struct smb_trans_enc_state *es = talloc_zero(NULL, struct smb_trans_enc_state);
593 return NT_STATUS_NO_MEMORY;
595 status = auth_generic_client_prepare(es,
596 &auth_generic_state);
597 if (!NT_STATUS_IS_OK(status)) {
601 gensec_want_feature(auth_generic_state->gensec_security, GENSEC_FEATURE_SESSION_KEY);
602 gensec_want_feature(auth_generic_state->gensec_security, GENSEC_FEATURE_SEAL);
604 if (!NT_STATUS_IS_OK(status = auth_generic_set_username(auth_generic_state, user))) {
607 if (!NT_STATUS_IS_OK(status = auth_generic_set_domain(auth_generic_state, domain))) {
610 if (!NT_STATUS_IS_OK(status = auth_generic_set_password(auth_generic_state, pass))) {
614 if (!NT_STATUS_IS_OK(status = auth_generic_client_start(auth_generic_state, GENSEC_OID_NTLMSSP))) {
619 status = gensec_update(auth_generic_state->gensec_security, auth_generic_state,
621 data_blob_free(&blob_in);
622 data_blob_free(¶m_out);
623 if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED) || NT_STATUS_IS_OK(status)) {
624 NTSTATUS trans_status = enc_blob_send_receive(cli,
628 if (!NT_STATUS_EQUAL(trans_status,
629 NT_STATUS_MORE_PROCESSING_REQUIRED) &&
630 !NT_STATUS_IS_OK(trans_status)) {
631 status = trans_status;
633 if (param_out.length == 2) {
634 es->enc_ctx_num = SVAL(param_out.data, 0);
638 data_blob_free(&blob_out);
639 } while (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED));
641 data_blob_free(&blob_in);
643 if (NT_STATUS_IS_OK(status)) {
646 * Replace the old state, if any.
647 * We only need the gensec_security part from here.
649 es->gensec_security = talloc_move(es,
650 &auth_generic_state->gensec_security);
651 smb1cli_conn_set_encryption(cli->conn, es);
660 /******************************************************************************
661 Start a SPNEGO gssapi encryption context.
662 ******************************************************************************/
664 NTSTATUS cli_gss_smb_encryption_start(struct cli_state *cli)
666 DATA_BLOB blob_recv = data_blob_null;
667 DATA_BLOB blob_send = data_blob_null;
668 DATA_BLOB param_out = data_blob_null;
669 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
670 struct auth_generic_state *auth_generic_state;
671 struct smb_trans_enc_state *es = talloc_zero(NULL, struct smb_trans_enc_state);
674 return NT_STATUS_NO_MEMORY;
677 status = auth_generic_client_prepare(es,
678 &auth_generic_state);
679 if (!NT_STATUS_IS_OK(status)) {
683 gensec_want_feature(auth_generic_state->gensec_security, GENSEC_FEATURE_SESSION_KEY);
684 gensec_want_feature(auth_generic_state->gensec_security, GENSEC_FEATURE_SEAL);
686 cli_credentials_set_kerberos_state(auth_generic_state->credentials,
687 CRED_MUST_USE_KERBEROS);
689 status = gensec_set_target_service(auth_generic_state->gensec_security, "cifs");
690 if (!NT_STATUS_IS_OK(status)) {
694 status = gensec_set_target_hostname(auth_generic_state->gensec_security,
695 smbXcli_conn_remote_name(cli->conn));
696 if (!NT_STATUS_IS_OK(status)) {
700 if (!NT_STATUS_IS_OK(status = auth_generic_client_start(auth_generic_state, GENSEC_OID_SPNEGO))) {
704 status = gensec_update(auth_generic_state->gensec_security, talloc_tos(),
705 blob_recv, &blob_send);
708 data_blob_free(&blob_recv);
709 status = enc_blob_send_receive(cli, &blob_send, &blob_recv, ¶m_out);
710 if (param_out.length == 2) {
711 es->enc_ctx_num = SVAL(param_out.data, 0);
713 data_blob_free(&blob_send);
714 status = gensec_update(auth_generic_state->gensec_security, talloc_tos(),
715 blob_recv, &blob_send);
716 } while (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED));
717 data_blob_free(&blob_recv);
719 if (NT_STATUS_IS_OK(status)) {
720 if (!gensec_have_feature(auth_generic_state->gensec_security,
721 GENSEC_FEATURE_SIGN) ||
722 !gensec_have_feature(auth_generic_state->gensec_security,
723 GENSEC_FEATURE_SEAL)) {
724 status = NT_STATUS_ACCESS_DENIED;
728 if (NT_STATUS_IS_OK(status)) {
731 * Replace the old state, if any.
732 * We only need the gensec_security part from here.
734 es->gensec_security = talloc_move(es,
735 &auth_generic_state->gensec_security);
736 smb1cli_conn_set_encryption(cli->conn, es);
744 /********************************************************************
745 Ensure a connection is encrypted.
746 ********************************************************************/
748 NTSTATUS cli_force_encryption(struct cli_state *c,
749 const char *username,
750 const char *password,
753 uint16_t major, minor;
754 uint32_t caplow, caphigh;
757 if (!SERVER_HAS_UNIX_CIFS(c)) {
758 return NT_STATUS_NOT_SUPPORTED;
761 status = cli_unix_extensions_version(c, &major, &minor, &caplow,
763 if (!NT_STATUS_IS_OK(status)) {
764 DEBUG(10, ("cli_force_encryption: cli_unix_extensions_version "
765 "returned %s\n", nt_errstr(status)));
766 return NT_STATUS_UNKNOWN_REVISION;
769 if (!(caplow & CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP)) {
770 return NT_STATUS_UNSUPPORTED_COMPRESSION;
773 if (c->use_kerberos) {
774 return cli_gss_smb_encryption_start(c);
776 return cli_raw_ntlm_smb_encryption_start(c,
782 /****************************************************************************
783 Do a UNIX extensions SMB_QUERY_POSIX_WHOAMI call.
784 ****************************************************************************/
786 struct posix_whoami_state {
796 struct dom_sid *sids;
799 static void cli_posix_whoami_done(struct tevent_req *subreq);
801 struct tevent_req *cli_posix_whoami_send(TALLOC_CTX *mem_ctx,
802 struct tevent_context *ev,
803 struct cli_state *cli)
805 struct tevent_req *req = NULL, *subreq = NULL;
806 struct posix_whoami_state *state = NULL;
808 req = tevent_req_create(mem_ctx, &state, struct posix_whoami_state);
813 /* Setup setup word. */
814 SSVAL(state->setup, 0, TRANSACT2_QFSINFO);
815 SSVAL(state->param, 0, SMB_QUERY_POSIX_WHOAMI);
817 state->max_rdata = 62*1024;
819 subreq = cli_trans_send(state, /* mem ctx. */
821 cli, /* cli_state. */
822 0, /* additional_flags2 */
823 SMBtrans2, /* cmd. */
824 NULL, /* pipe name. */
828 state->setup, /* setup. */
829 1, /* num setup uint16_t words. */
830 0, /* max returned setup. */
831 state->param, /* param. */
833 0, /* max returned param. */
836 state->max_rdata); /* max returned data. */
838 if (tevent_req_nomem(subreq, req)) {
839 return tevent_req_post(req, ev);
841 tevent_req_set_callback(subreq, cli_posix_whoami_done, req);
845 static void cli_posix_whoami_done(struct tevent_req *subreq)
847 struct tevent_req *req = tevent_req_callback_data(
848 subreq, struct tevent_req);
849 struct posix_whoami_state *state = tevent_req_data(
850 req, struct posix_whoami_state);
851 uint8_t *rdata = NULL;
853 uint32_t num_rdata = 0;
857 status = cli_trans_recv(subreq,
870 if (tevent_req_nterror(req, status)) {
875 * Not strictly needed - cli_trans_recv()
876 * will ensure at least 40 bytes here. Added
877 * as more of a reminder to be careful when
878 * parsing network packets in C.
881 if (num_rdata < 40 || rdata + num_rdata < rdata) {
882 tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);
886 state->guest = (IVAL(rdata, 0) & SMB_WHOAMI_GUEST);
887 state->uid = BVAL(rdata, 8);
888 state->gid = BVAL(rdata, 16);
889 state->num_gids = IVAL(rdata, 24);
890 state->num_sids = IVAL(rdata, 28);
892 state->gids = talloc_array(state, uint64_t, state->num_gids);
893 if (tevent_req_nomem(state->gids, req)) {
896 state->sids = talloc_array(state, struct dom_sid, state->num_sids);
897 if (tevent_req_nomem(state->sids, req)) {
903 for (i = 0; i < state->num_gids; i++) {
904 if (p + 8 > rdata + num_rdata) {
905 tevent_req_nterror(req,
906 NT_STATUS_INVALID_NETWORK_RESPONSE);
909 state->gids[i] = BVAL(p, 0);
913 num_rdata -= (p - rdata);
915 for (i = 0; i < state->num_sids; i++) {
917 DATA_BLOB in = data_blob_const(p, num_rdata);
918 enum ndr_err_code ndr_err;
920 ndr_err = ndr_pull_struct_blob(&in,
923 (ndr_pull_flags_fn_t)ndr_pull_dom_sid);
924 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
925 tevent_req_nterror(req,
926 NT_STATUS_INVALID_NETWORK_RESPONSE);
930 sid_size = ndr_size_dom_sid(&state->sids[i], 0);
932 if (sid_size > num_rdata) {
933 tevent_req_nterror(req,
934 NT_STATUS_INVALID_NETWORK_RESPONSE);
939 num_rdata -= sid_size;
941 tevent_req_done(req);
944 NTSTATUS cli_posix_whoami_recv(struct tevent_req *req,
951 struct dom_sid **psids,
955 struct posix_whoami_state *state = tevent_req_data(
956 req, struct posix_whoami_state);
958 if (tevent_req_is_nterror(req, &status)) {
969 *pnum_gids = state->num_gids;
972 *pgids = talloc_move(mem_ctx, &state->gids);
975 *pnum_sids = state->num_sids;
978 *psids = talloc_move(mem_ctx, &state->sids);
981 *pguest = state->guest;
986 NTSTATUS cli_posix_whoami(struct cli_state *cli,
993 struct dom_sid **sids,
996 TALLOC_CTX *frame = talloc_stackframe();
997 struct tevent_context *ev = NULL;
998 struct tevent_req *req = NULL;
999 NTSTATUS status = NT_STATUS_OK;
1001 if (smbXcli_conn_has_async_calls(cli->conn)) {
1003 * Can't use sync call while an async call is in flight
1005 status = NT_STATUS_INVALID_PARAMETER;
1009 ev = samba_tevent_context_init(frame);
1011 status = NT_STATUS_NO_MEMORY;
1015 req = cli_posix_whoami_send(frame,
1019 status = NT_STATUS_NO_MEMORY;
1023 if (!tevent_req_poll_ntstatus(req, ev, &status)) {
1027 status = cli_posix_whoami_recv(req,