#include "msdfs.h"
#include "trans2.h"
#include "libsmb/nmblib.h"
+#include "../libcli/smb/smbXcli_base.h"
/********************************************************************
Important point.
const char *domain,
const char *sharename)
{
- NTSTATUS status = cli_force_encryption(c,
+ NTSTATUS status;
+
+ if (smbXcli_conn_protocol(c->conn) >= PROTOCOL_SMB2_02) {
+ status = smb2cli_session_encryption_on(c->smb2.session);
+ if (NT_STATUS_EQUAL(status,NT_STATUS_NOT_SUPPORTED)) {
+ d_printf("Encryption required and "
+ "server doesn't support "
+ "SMB3 encryption - failing connect\n");
+ } else if (!NT_STATUS_IS_OK(status)) {
+ d_printf("Encryption required and "
+ "setup failed with error %s.\n",
+ nt_errstr(status));
+ }
+ return status;
+ }
+
+ status = cli_force_encryption(c,
username,
password,
domain);
const char *username;
const char *password;
NTSTATUS status;
+ int flags = 0;
/* make a copy so we don't modify the global string 'service' */
servicename = talloc_strdup(ctx,share);
return NT_STATUS_INVALID_PARAMETER;
}
+ if (get_cmdline_auth_info_use_kerberos(auth_info)) {
+ flags |= CLI_FULL_CONNECTION_USE_KERBEROS;
+ }
+ if (get_cmdline_auth_info_fallback_after_kerberos(auth_info)) {
+ flags |= CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS;
+ }
+ if (get_cmdline_auth_info_use_ccache(auth_info)) {
+ flags |= CLI_FULL_CONNECTION_USE_CCACHE;
+ }
+ if (get_cmdline_auth_info_use_pw_nt_hash(auth_info)) {
+ flags |= CLI_FULL_CONNECTION_USE_NT_HASH;
+ }
+
status = cli_connect_nb(
server, NULL, port, name_type, NULL,
- get_cmdline_auth_info_signing_state(auth_info), &c);
+ get_cmdline_auth_info_signing_state(auth_info),
+ flags, &c);
if (!NT_STATUS_IS_OK(status)) {
d_printf("Connection to %s failed (Error %s)\n",
if (max_protocol == 0) {
max_protocol = PROTOCOL_NT1;
}
- c->protocol = max_protocol;
- c->use_kerberos = get_cmdline_auth_info_use_kerberos(auth_info);
- c->fallback_after_kerberos =
- get_cmdline_auth_info_fallback_after_kerberos(auth_info);
- c->use_ccache = get_cmdline_auth_info_use_ccache(auth_info);
-
DEBUG(4,(" session request ok\n"));
- status = cli_negprot(c);
+ status = smbXcli_negprot(c->conn, c->timeout,
+ lp_client_min_protocol(),
+ max_protocol);
if (!NT_STATUS_IS_OK(status)) {
d_printf("protocol negotiation failed: %s\n",
return status;
}
+ if (smbXcli_conn_protocol(c->conn) >= PROTOCOL_SMB2_02) {
+ /* Ensure we ask for some initial credits. */
+ smb2cli_conn_set_max_credits(c->conn, DEFAULT_SMB2_MAX_CREDITS);
+ }
+
username = get_cmdline_auth_info_username(auth_info);
password = get_cmdline_auth_info_password(auth_info);
lp_workgroup()))) {
d_printf("session setup failed: %s\n",
nt_errstr(status));
- if (NT_STATUS_V(cli_nt_error(c)) ==
- NT_STATUS_V(NT_STATUS_MORE_PROCESSING_REQUIRED))
+ if (NT_STATUS_EQUAL(status,
+ NT_STATUS_MORE_PROCESSING_REQUIRED))
d_printf("did you forget to run kinit?\n");
cli_shutdown(c);
return status;
here before trying to connect to the original share.
cli_check_msdfs_proxy() will fail if it is a normal share. */
- if ((cli_state_capabilities(c) & CAP_DFS) &&
+ if (smbXcli_conn_dfs_supported(c->conn) &&
cli_check_msdfs_proxy(ctx, c, sharename,
&newserver, &newshare,
force_encrypt,
/* must be a normal share */
- status = cli_tcon_andx(c, sharename, "?????",
- password, strlen(password)+1);
+ status = cli_tree_connect(c, sharename, "?????",
+ password, strlen(password)+1);
if (!NT_STATUS_IS_OK(status)) {
d_printf("tree connect failed: %s\n", nt_errstr(status));
cli_shutdown(c);
static void cli_set_mntpoint(struct cli_state *cli, const char *mnt)
{
- char *name = clean_name(NULL, mnt);
+ TALLOC_CTX *frame = talloc_stackframe();
+ char *name = clean_name(frame, mnt);
if (!name) {
+ TALLOC_FREE(frame);
return;
}
TALLOC_FREE(cli->dfs_mountpoint);
cli->dfs_mountpoint = talloc_strdup(cli, name);
- TALLOC_FREE(name);
+ TALLOC_FREE(frame);
}
/********************************************************************
/* Search to the start of the list. */
for (p = cli; p; p = DLIST_PREV(p)) {
const char *remote_name =
- cli_state_remote_name(p);
+ smbXcli_conn_remote_name(p->conn);
if (strequal(server, remote_name) &&
strequal(share,p->share)) {
/* Search to the end of the list. */
for (p = cli->next; p; p = p->next) {
const char *remote_name =
- cli_state_remote_name(p);
+ smbXcli_conn_remote_name(p->conn);
if (strequal(server, remote_name) &&
strequal(share,p->share)) {
for (i=0; cli; cli = cli->next,i++ ) {
d_printf("%d:\tserver=%s, share=%s\n",
- i, cli_state_remote_name(cli), cli->share);
+ i, smbXcli_conn_remote_name(cli->conn), cli->share);
}
}
}
return talloc_asprintf(ctx, "%c%s%c%s%c%s",
path_sep,
- cli_state_remote_name(cli),
+ smbXcli_conn_remote_name(cli->conn),
path_sep,
cli->share,
path_sep,
{
/* only deal with DS when we negotiated NT_STATUS codes and UNICODE */
- if (!(cli_state_capabilities(cli) & CAP_UNICODE)) {
+ if (!(smbXcli_conn_use_unicode(cli->conn))) {
return false;
}
- if (!(cli_state_capabilities(cli) & CAP_STATUS32)) {
+ if (!(smb1cli_conn_capabilities(cli->conn) & CAP_STATUS32)) {
return false;
}
if (NT_STATUS_EQUAL(status, expected)) {
size_t *num_refs,
size_t *consumed)
{
- unsigned int data_len = 0;
unsigned int param_len = 0;
- uint16_t setup[1];
uint16_t recv_flags2;
uint8_t *param = NULL;
uint8_t *rdata = NULL;
*num_refs = 0;
*refs = NULL;
- SSVAL(setup, 0, TRANSACT2_GET_DFS_REFERRAL);
-
param = talloc_array(talloc_tos(), uint8_t, 2);
if (!param) {
status = NT_STATUS_NO_MEMORY;
}
SSVAL(param, 0, 0x03); /* max referral level */
- param = trans2_bytes_push_str(param, cli_ucs2(cli),
+ param = trans2_bytes_push_str(param, smbXcli_conn_use_unicode(cli->conn),
path, strlen(path)+1,
NULL);
if (!param) {
param_len = talloc_get_size(param);
path_ucs = (smb_ucs2_t *)¶m[2];
- status = cli_trans(talloc_tos(), cli, SMBtrans2,
- NULL, 0xffff, 0, 0,
- setup, 1, 0,
- param, param_len, 2,
- NULL, 0, cli->max_xmit,
- &recv_flags2,
- NULL, 0, NULL, /* rsetup */
- NULL, 0, NULL,
- &rdata, 4, &data_len);
- if (!NT_STATUS_IS_OK(status)) {
- goto out;
- }
+ if (smbXcli_conn_protocol(cli->conn) >= PROTOCOL_SMB2_02) {
+ DATA_BLOB in_input_buffer;
+ DATA_BLOB in_output_buffer = data_blob_null;
+ DATA_BLOB out_input_buffer = data_blob_null;
+ DATA_BLOB out_output_buffer = data_blob_null;
+
+ in_input_buffer.data = param;
+ in_input_buffer.length = param_len;
+
+ status = smb2cli_ioctl(cli->conn,
+ cli->timeout,
+ cli->smb2.session,
+ cli->smb2.tcon,
+ UINT64_MAX, /* in_fid_persistent */
+ UINT64_MAX, /* in_fid_volatile */
+ FSCTL_DFS_GET_REFERRALS,
+ 0, /* in_max_input_length */
+ &in_input_buffer,
+ CLI_BUFFER_SIZE, /* in_max_output_length */
+ &in_output_buffer,
+ SMB2_IOCTL_FLAG_IS_FSCTL,
+ talloc_tos(),
+ &out_input_buffer,
+ &out_output_buffer);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto out;
+ }
+
+ if (out_output_buffer.length < 4) {
+ status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto out;
+ }
+
+ recv_flags2 = FLAGS2_UNICODE_STRINGS;
+ rdata = out_output_buffer.data;
+ endp = (char *)rdata + out_output_buffer.length;
+ } else {
+ unsigned int data_len = 0;
+ uint16_t setup[1];
+
+ SSVAL(setup, 0, TRANSACT2_GET_DFS_REFERRAL);
+
+ status = cli_trans(talloc_tos(), cli, SMBtrans2,
+ NULL, 0xffff, 0, 0,
+ setup, 1, 0,
+ param, param_len, 2,
+ NULL, 0, CLI_BUFFER_SIZE,
+ &recv_flags2,
+ NULL, 0, NULL, /* rsetup */
+ NULL, 0, NULL,
+ &rdata, 4, &data_len);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto out;
+ }
- endp = (char *)rdata + data_len;
+ endp = (char *)rdata + data_len;
+ }
consumed_ucs = SVAL(rdata, 0);
num_referrals = SVAL(rdata, 2);
SMB_STRUCT_STAT sbuf;
uint32 attributes;
NTSTATUS status;
+ struct smbXcli_tcon *root_tcon = NULL;
+ struct smbXcli_tcon *target_tcon = NULL;
if ( !rootcli || !path || !targetcli ) {
return NT_STATUS_INVALID_PARAMETER;
/* Don't do anything if this is not a DFS root. */
- if ( !rootcli->dfsroot) {
+ if (smbXcli_conn_protocol(rootcli->conn) >= PROTOCOL_SMB2_02) {
+ root_tcon = rootcli->smb2.tcon;
+ } else {
+ root_tcon = rootcli->smb1.tcon;
+ }
+
+ if (!smbXcli_tcon_is_dfs_share(root_tcon)) {
*targetcli = rootcli;
*pp_targetpath = talloc_strdup(ctx, path);
if (!*pp_targetpath) {
status = cli_cm_open(ctx,
rootcli,
- cli_state_remote_name(rootcli),
+ smbXcli_conn_remote_name(rootcli->conn),
"IPC$",
dfs_auth_info,
false,
- (rootcli->trans_enc_state != NULL),
- rootcli->protocol,
+ smb1cli_conn_encryption_on(rootcli->conn),
+ smbXcli_conn_protocol(rootcli->conn),
0,
0x20,
&cli_ipc);
share,
dfs_auth_info,
false,
- (rootcli->trans_enc_state != NULL),
- rootcli->protocol,
+ smb1cli_conn_encryption_on(rootcli->conn),
+ smbXcli_conn_protocol(rootcli->conn),
0,
0x20,
targetcli);
done:
+ if (smbXcli_conn_protocol((*targetcli)->conn) >= PROTOCOL_SMB2_02) {
+ target_tcon = (*targetcli)->smb2.tcon;
+ } else {
+ target_tcon = (*targetcli)->smb1.tcon;
+ }
+
/* If returning true ensure we return a dfs root full path. */
- if ((*targetcli)->dfsroot) {
+ if (smbXcli_tcon_is_dfs_share(target_tcon)) {
dfs_path = talloc_strdup(ctx, *pp_targetpath);
if (!dfs_path) {
return NT_STATUS_NO_MEMORY;
return false;
}
- remote_name = cli_state_remote_name(cli);
+ remote_name = smbXcli_conn_remote_name(cli->conn);
cnum = cli_state_get_tid(cli);
/* special case. never check for a referral on the IPC$ share */
/* check for the referral */
- if (!NT_STATUS_IS_OK(cli_tcon_andx(cli, "IPC$", "IPC", NULL, 0))) {
+ if (!NT_STATUS_IS_OK(cli_tree_connect(cli, "IPC$", "IPC", NULL, 0))) {
return false;
}