r12225: r11729@cabra: derrell | 2005-12-13 22:59:45 -0500

[samba.git] / source3 / libsmb / clientgen.c

diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index ed1286d627dee2dd60fe411e444340ec6200a6e1..2f980adcf8733f4a99005047f5aa0b1a7ec10626 100644 (file)
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -18,8 +18,6 @@
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 */
 
-#define NO_SYSLOG
-
 #include "includes.h"
 
 /****************************************************************************
@@ -59,7 +57,7 @@ static BOOL client_receive_smb(int fd,char *buffer, unsigned int timeout)
        BOOL ret;
 
        for(;;) {
-               ret = receive_smb(fd, buffer, timeout);
+               ret = receive_smb_raw(fd, buffer, timeout);
 
                if (!ret) {
                        DEBUG(10,("client_receive_smb failed\n"));
@@ -114,9 +112,32 @@ BOOL cli_receive_smb(struct cli_state *cli)
                cli->smb_rw_error = smb_read_error;
                close(cli->fd);
                cli->fd = -1;
+               return ret;
        }
 
-       return ret;
+       if (!cli_check_sign_mac(cli)) {
+               DEBUG(0, ("SMB Signature verification failed on incoming packet!\n"));
+               cli->smb_rw_error = READ_BAD_SIG;
+               close(cli->fd);
+               cli->fd = -1;
+               return False;
+       };
+       return True;
+}
+
+static ssize_t write_socket(int fd, const char *buf, size_t len)
+{
+        ssize_t ret=0;
+                                                                                                                                            
+        DEBUG(6,("write_socket(%d,%d)\n",fd,(int)len));
+        ret = write_data(fd,buf,len);
+                                                                                                                                            
+        DEBUG(6,("write_socket(%d,%d) wrote %d\n",fd,(int)len,(int)ret));
+        if(ret <= 0)
+                DEBUG(0,("write_socket: Error writing %d bytes to socket %d: ERRNO = %s\n",
+                        (int)len, fd, strerror(errno) ));
+                                                                                                                                            
+        return(ret);
 }
 
 /****************************************************************************
@@ -133,7 +154,7 @@ BOOL cli_send_smb(struct cli_state *cli)
        if (cli->fd == -1)
                return False;
 
-       cli_caclulate_sign_mac(cli);
+       cli_calculate_sign_mac(cli);
 
        len = smb_len(cli->outbuf) + 4;
 
@@ -149,6 +170,10 @@ BOOL cli_send_smb(struct cli_state *cli)
                }
                nwritten += ret;
        }
+       /* Increment the mid so we can tell between responses. */
+       cli->mid++;
+       if (!cli->mid)
+               cli->mid++;
        return True;
 }
 
@@ -164,17 +189,21 @@ void cli_setup_packet(struct cli_state *cli)
        SSVAL(cli->outbuf,smb_mid,cli->mid);
        if (cli->protocol > PROTOCOL_CORE) {
                uint16 flags2;
-               SCVAL(cli->outbuf,smb_flg,0x8);
+               if (cli->case_sensitive) {
+                       SCVAL(cli->outbuf,smb_flg,0x0);
+               } else {
+                       /* Default setting, case insensitive. */
+                       SCVAL(cli->outbuf,smb_flg,0x8);
+               }
                flags2 = FLAGS2_LONG_PATH_COMPONENTS;
                if (cli->capabilities & CAP_UNICODE)
                        flags2 |= FLAGS2_UNICODE_STRINGS;
+               if (cli->capabilities & CAP_DFS)
+                       flags2 |= FLAGS2_DFS_PATHNAMES;
                if (cli->capabilities & CAP_STATUS32)
                        flags2 |= FLAGS2_32_BIT_ERROR_CODES;
                if (cli->use_spnego)
                        flags2 |= FLAGS2_EXTENDED_SECURITY;
-               if (cli->sign_info.use_smb_signing 
-                   || cli->sign_info.temp_smb_signing)
-                       flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES;
                SSVAL(cli->outbuf,smb_flg2, flags2);
        }
 }
@@ -192,18 +221,37 @@ void cli_setup_bcc(struct cli_state *cli, void *p)
  Initialise credentials of a client structure.
 ****************************************************************************/
 
-void cli_init_creds(struct cli_state *cli, const struct ntuser_creds *usr)
+void cli_init_creds(struct cli_state *cli, const char *username, const char *domain, const char *password)
 {
-        /* copy_nt_creds(&cli->usr, usr); */
-       safe_strcpy(cli->domain   , usr->domain   , sizeof(usr->domain   )-1);
-       safe_strcpy(cli->user_name, usr->user_name, sizeof(usr->user_name)-1);
-       memcpy(&cli->pwd, &usr->pwd, sizeof(usr->pwd));
-        cli->ntlmssp_flags = usr->ntlmssp_flags;
-        cli->ntlmssp_cli_flgs = usr != NULL ? usr->ntlmssp_flags : 0;
-
-        DEBUG(10,("cli_init_creds: user %s domain %s flgs: %x\nntlmssp_cli_flgs:%x\n",
-               cli->user_name, cli->domain,
-               cli->ntlmssp_flags,cli->ntlmssp_cli_flgs));
+       fstrcpy(cli->domain, domain);
+       fstrcpy(cli->user_name, username);
+       pwd_set_cleartext(&cli->pwd, password);
+       if (!*username) {
+               cli->pwd.null_pwd = True;
+       }
+
+        DEBUG(10,("cli_init_creds: user %s domain %s\n", cli->user_name, cli->domain));
+}
+
+/****************************************************************************
+ Set the signing state (used from the command line).
+****************************************************************************/
+
+void cli_setup_signing_state(struct cli_state *cli, int signing_state)
+{
+       if (signing_state == Undefined)
+               return;
+
+       if (signing_state == False) {
+               cli->sign_info.allow_smb_signing = False;
+               cli->sign_info.mandatory_signing = False;
+               return;
+       }
+
+       cli->sign_info.allow_smb_signing = True;
+
+       if (signing_state == Required) 
+               cli->sign_info.mandatory_signing = True;
 }
 
 /****************************************************************************
@@ -221,7 +269,7 @@ struct cli_state *cli_initialise(struct cli_state *cli)
        }
 
        if (!cli) {
-               cli = (struct cli_state *)malloc(sizeof(*cli));
+               cli = SMB_MALLOC_P(struct cli_state);
                if (!cli)
                        return NULL;
                ZERO_STRUCTP(cli);
@@ -243,11 +291,15 @@ struct cli_state *cli_initialise(struct cli_state *cli)
        cli->timeout = 20000; /* Timeout is in milliseconds. */
        cli->bufsize = CLI_BUFFER_SIZE+4;
        cli->max_xmit = cli->bufsize;
-       cli->outbuf = (char *)malloc(cli->bufsize);
-       cli->inbuf = (char *)malloc(cli->bufsize);
+       cli->outbuf = (char *)SMB_MALLOC(cli->bufsize+SAFETY_MARGIN);
+       cli->inbuf = (char *)SMB_MALLOC(cli->bufsize+SAFETY_MARGIN);
        cli->oplock_handler = cli_oplock_ack;
-       if (lp_use_spnego())
-               cli->use_spnego = True;
+       cli->case_sensitive = False;
+       cli->smb_rw_error = 0;
+
+       cli->use_spnego = lp_client_use_spnego();
+
+       cli->capabilities = CAP_UNICODE | CAP_STATUS32 | CAP_DFS;
 
        /* Set the CLI_FORCE_DOSERR environment variable to test
           client routines using DOS errors instead of STATUS32
@@ -255,9 +307,11 @@ struct cli_state *cli_initialise(struct cli_state *cli)
        if (getenv("CLI_FORCE_DOSERR"))
                cli->force_dos_errors = True;
 
-       /* A way to attempt to force SMB signing */
-       if (getenv("CLI_FORCE_SMB_SIGNING"))
-               cli->sign_info.negotiated_smb_signing = True;
+       if (lp_client_signing()) 
+               cli->sign_info.allow_smb_signing = True;
+
+       if (lp_client_signing() == Required) 
+               cli->sign_info.mandatory_signing = True;
                                    
        if (!cli->outbuf || !cli->inbuf)
                 goto error;
@@ -268,7 +322,15 @@ struct cli_state *cli_initialise(struct cli_state *cli)
        memset(cli->outbuf, 0, cli->bufsize);
        memset(cli->inbuf, 0, cli->bufsize);
 
-       cli->nt_pipe_fnum = 0;
+
+#if defined(DEVELOPER)
+       /* just because we over-allocate, doesn't mean it's right to use it */
+       clobber_region(FUNCTION_MACRO, __LINE__, cli->outbuf+cli->bufsize, SAFETY_MARGIN);
+       clobber_region(FUNCTION_MACRO, __LINE__, cli->inbuf+cli->bufsize, SAFETY_MARGIN);
+#endif
+
+       /* initialise signing */
+       cli_null_set_signing(cli);
 
        cli->initialised = 1;
        cli->allocated = alloced_cli;
@@ -288,24 +350,87 @@ struct cli_state *cli_initialise(struct cli_state *cli)
         return NULL;
 }
 
+/****************************************************************************
+ External interface.
+ Close an open named pipe over SMB. Free any authentication data.
+ ****************************************************************************/
+
+void cli_rpc_pipe_close(struct rpc_pipe_client *cli)
+{
+       if (!cli_close(cli->cli, cli->fnum)) {
+               DEBUG(0,("cli_rpc_pipe_close: cli_close failed on pipe %s, "
+                         "fnum 0x%x "
+                         "to machine %s.  Error was %s\n",
+                         cli->pipe_name,
+                         (int) cli->fnum,
+                         cli->cli->desthost,
+                         cli_errstr(cli->cli)));
+       }
+
+       if (cli->auth.cli_auth_data_free_func) {
+               (*cli->auth.cli_auth_data_free_func)(&cli->auth);
+       }
+
+       DEBUG(10,("cli_rpc_pipe_close: closed pipe %s to machine %s\n",
+               cli->pipe_name, cli->cli->desthost ));
+
+       DLIST_REMOVE(cli->cli->pipe_list, cli);
+       talloc_destroy(cli->mem_ctx);
+}
+
+/****************************************************************************
+ Close all pipes open on this session.
+****************************************************************************/
+
+void cli_nt_pipes_close(struct cli_state *cli)
+{
+       struct rpc_pipe_client *cp, *next;
+
+       for (cp = cli->pipe_list; cp; cp = next) {
+               next = cp->next;
+               cli_rpc_pipe_close(cp);
+       }
+}
+
 /****************************************************************************
  Close a client connection and free the memory without destroying cli itself.
 ****************************************************************************/
 
 void cli_close_connection(struct cli_state *cli)
 {
+       cli_nt_pipes_close(cli);
+
+       /*
+        * tell our peer to free his resources.  Wihtout this, when an
+        * application attempts to do a graceful shutdown and calls
+        * smbc_free_context() to clean up all connections, some connections
+        * can remain active on the peer end, until some (long) timeout period
+        * later.  This tree disconnect forces the peer to clean up, since the
+        * connection will be going away.
+        *
+        * Also, do not do tree disconnect when cli->smb_rw_error is DO_NOT_DO_TDIS
+        * the only user for this so far is smbmount which passes opened connection
+        * down to kernel's smbfs module.
+        */
+       if ( (cli->cnum != (uint16)-1) && (cli->smb_rw_error != DO_NOT_DO_TDIS ) ) {
+               cli_tdis(cli);
+       }
+        
        SAFE_FREE(cli->outbuf);
        SAFE_FREE(cli->inbuf);
 
+       cli_free_signing_context(cli);
        data_blob_free(&cli->secblob);
+       data_blob_free(&cli->user_session_key);
 
        if (cli->mem_ctx) {
                talloc_destroy(cli->mem_ctx);
                cli->mem_ctx = NULL;
        }
 
-       if (cli->fd != -1) 
+       if (cli->fd != -1) {
                close(cli->fd);
+       }
        cli->fd = -1;
        cli->smb_rw_error = 0;
 }
@@ -319,8 +444,9 @@ void cli_shutdown(struct cli_state *cli)
        BOOL allocated = cli->allocated;
        cli_close_connection(cli);
        ZERO_STRUCTP(cli);
-       if (allocated)
+       if (allocated) {
                free(cli);
+       }
 }
 
 /****************************************************************************
@@ -343,9 +469,21 @@ uint16 cli_setpid(struct cli_state *cli, uint16 pid)
        return ret;
 }
 
+/****************************************************************************
+ Set the case sensitivity flag on the packets. Returns old state.
+****************************************************************************/
+
+BOOL cli_set_case_sensitive(struct cli_state *cli, BOOL case_sensitive)
+{
+       BOOL ret = cli->case_sensitive;
+       cli->case_sensitive = case_sensitive;
+       return ret;
+}
+
 /****************************************************************************
 Send a keepalive packet to the server
 ****************************************************************************/
+
 BOOL cli_send_keepalive(struct cli_state *cli)
 {
         if (cli->fd == -1) {
@@ -360,3 +498,36 @@ BOOL cli_send_keepalive(struct cli_state *cli)
         }
         return True;
 }
+
+/****************************************************************************
+ Send/receive a SMBecho command: ping the server
+****************************************************************************/
+
+BOOL cli_echo(struct cli_state *cli, unsigned char *data, size_t length)
+{
+       char *p;
+
+       SMB_ASSERT(length < 1024);
+
+       memset(cli->outbuf,'\0',smb_size);
+       set_message(cli->outbuf,1,length,True);
+       SCVAL(cli->outbuf,smb_com,SMBecho);
+       SSVAL(cli->outbuf,smb_tid,65535);
+       SSVAL(cli->outbuf,smb_vwv0,1);
+       cli_setup_packet(cli);
+       p = smb_buf(cli->outbuf);
+       memcpy(p, data, length);
+       p += length;
+
+       cli_setup_bcc(cli, p);
+
+       cli_send_smb(cli);
+       if (!cli_receive_smb(cli)) {
+               return False;
+       }
+
+       if (cli_is_error(cli)) {
+               return False;
+       }
+       return True;
+}