From 3e227d8544a020d1aea24c38c9ca45a75d14c3f1 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 7 Sep 2011 20:35:51 +0200 Subject: [PATCH] s3:libsmb: pass CLI_FULL_CONNECTION_* flags via cli_connect_nb() metze Autobuild-User: Stefan Metzmacher Autobuild-Date: Thu Sep 8 10:21:50 CEST 2011 on sn-devel-104 --- source3/auth/auth_server.c | 7 +++---- source3/client/client.c | 2 +- source3/libsmb/cliconnect.c | 5 ++--- source3/libsmb/clidfs.c | 18 +++++++++++++----- source3/libsmb/libsmb_server.c | 29 +++++++++++++++-------------- source3/libsmb/passchange.c | 2 +- source3/libsmb/proto.h | 2 +- source3/nmbd/nmbd_synclists.c | 2 +- source3/torture/locktest.c | 16 ++++++++++------ source3/torture/masktest.c | 2 +- source3/torture/torture.c | 25 ++++++++++++++----------- source3/utils/net_rpc.c | 2 +- source3/utils/net_time.c | 2 +- source3/web/diagnose.c | 2 +- 14 files changed, 65 insertions(+), 51 deletions(-) diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c index 4582d980c2d..1cc252400b2 100644 --- a/source3/auth/auth_server.c +++ b/source3/auth/auth_server.c @@ -43,6 +43,8 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx) bool connected_ok = False; struct named_mutex *mutex = NULL; NTSTATUS status; + /* security = server just can't function with spnego */ + int flags = CLI_FULL_CONNECTION_DONT_SPNEGO; pserver = talloc_strdup(mem_ctx, lp_passwordserver()); p = pserver; @@ -85,7 +87,7 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx) } status = cli_connect_nb(desthost, &dest_ss, 0, 0x20, - lp_netbios_name(), Undefined, &cli); + lp_netbios_name(), Undefined, flags, &cli); if (NT_STATUS_IS_OK(status)) { DEBUG(3,("connected to password server %s\n",desthost)); connected_ok = True; @@ -101,9 +103,6 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx) return NULL; } - /* security = server just can't function with spnego */ - cli->use_spnego = False; - DEBUG(3,("got session\n")); status = cli_negprot(cli); diff --git a/source3/client/client.c b/source3/client/client.c index 110614ecd22..30f8b8baf4a 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -5230,7 +5230,7 @@ static int do_message_op(struct user_auth_info *a_info) status = cli_connect_nb(desthost, have_ip ? &dest_ss : NULL, port ? port : 139, name_type, - lp_netbios_name(), Undefined, &cli); + lp_netbios_name(), Undefined, 0, &cli); if (!NT_STATUS_IS_OK(status)) { d_printf("Connection to %s failed. Error %s\n", desthost, nt_errstr(status)); return 1; diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index e3e2bc4e0b5..58cf7a8e585 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -2846,7 +2846,7 @@ fail: NTSTATUS cli_connect_nb(const char *host, const struct sockaddr_storage *dest_ss, uint16_t port, int name_type, const char *myname, - int signing_state, struct cli_state **pcli) + int signing_state, int flags, struct cli_state **pcli) { TALLOC_CTX *frame = talloc_stackframe(); struct cli_state *cli; @@ -2854,7 +2854,6 @@ NTSTATUS cli_connect_nb(const char *host, const struct sockaddr_storage *dest_ss int fd = -1; char *desthost; char *p; - int flags = 0; desthost = talloc_strdup(talloc_tos(), host); if (desthost == NULL) { @@ -2905,7 +2904,7 @@ NTSTATUS cli_start_connection(struct cli_state **output_cli, struct cli_state *cli; nt_status = cli_connect_nb(dest_host, dest_ss, port, 0x20, my_name, - signing_state, &cli); + signing_state, flags, &cli); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(10, ("cli_connect_nb failed: %s\n", nt_errstr(nt_status))); diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c index a40ef896e8c..68a6724d242 100644 --- a/source3/libsmb/clidfs.c +++ b/source3/libsmb/clidfs.c @@ -95,6 +95,7 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx, const char *username; const char *password; NTSTATUS status; + int flags = 0; /* make a copy so we don't modify the global string 'service' */ servicename = talloc_strdup(ctx,share); @@ -118,9 +119,20 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx, return NT_STATUS_INVALID_PARAMETER; } + if (get_cmdline_auth_info_use_kerberos(auth_info)) { + flags |= CLI_FULL_CONNECTION_USE_KERBEROS; + } + if (get_cmdline_auth_info_fallback_after_kerberos(auth_info)) { + flags |= CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS; + } + if (get_cmdline_auth_info_use_ccache(auth_info)) { + flags |= CLI_FULL_CONNECTION_USE_CCACHE; + } + status = cli_connect_nb( server, NULL, port, name_type, NULL, - get_cmdline_auth_info_signing_state(auth_info), &c); + get_cmdline_auth_info_signing_state(auth_info), + flags, &c); if (!NT_STATUS_IS_OK(status)) { d_printf("Connection to %s failed (Error %s)\n", @@ -133,10 +145,6 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx, max_protocol = PROTOCOL_NT1; } c->protocol = max_protocol; - c->use_kerberos = get_cmdline_auth_info_use_kerberos(auth_info); - c->fallback_after_kerberos = - get_cmdline_auth_info_fallback_after_kerberos(auth_info); - c->use_ccache = get_cmdline_auth_info_use_ccache(auth_info); DEBUG(4,(" session request ok\n")); diff --git a/source3/libsmb/libsmb_server.c b/source3/libsmb/libsmb_server.c index 6446252022f..005f2cdf8e8 100644 --- a/source3/libsmb/libsmb_server.c +++ b/source3/libsmb/libsmb_server.c @@ -253,6 +253,7 @@ SMBC_server_internal(TALLOC_CTX *ctx, const char *username_used; NTSTATUS status; char *newserver, *newshare; + int flags = 0; ZERO_STRUCT(c); *in_cache = false; @@ -401,13 +402,25 @@ SMBC_server_internal(TALLOC_CTX *ctx, status = NT_STATUS_UNSUCCESSFUL; + if (smbc_getOptionUseKerberos(context)) { + flags |= CLI_FULL_CONNECTION_USE_KERBEROS; + } + + if (smbc_getOptionFallbackAfterKerberos(context)) { + flags |= CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS; + } + + if (smbc_getOptionUseCCache(context)) { + flags |= CLI_FULL_CONNECTION_USE_CCACHE; + } + if (share == NULL || *share == '\0' || is_ipc) { /* * Try 139 first for IPC$ */ status = cli_connect_nb(server_n, NULL, 139, 0x20, smbc_getNetbiosName(context), - Undefined, &c); + Undefined, flags, &c); } if (!NT_STATUS_IS_OK(status)) { @@ -416,7 +429,7 @@ SMBC_server_internal(TALLOC_CTX *ctx, */ status = cli_connect_nb(server_n, NULL, 0, 0x20, smbc_getNetbiosName(context), - Undefined, &c); + Undefined, flags, &c); } if (!NT_STATUS_IS_OK(status)) { @@ -424,18 +437,6 @@ SMBC_server_internal(TALLOC_CTX *ctx, return NULL; } - if (smbc_getOptionUseKerberos(context)) { - c->use_kerberos = True; - } - - if (smbc_getOptionFallbackAfterKerberos(context)) { - c->fallback_after_kerberos = True; - } - - if (smbc_getOptionUseCCache(context)) { - c->use_ccache = True; - } - cli_set_timeout(c, smbc_getTimeout(context)); status = cli_negprot(c); diff --git a/source3/libsmb/passchange.c b/source3/libsmb/passchange.c index bf2103db684..e5c336f8828 100644 --- a/source3/libsmb/passchange.c +++ b/source3/libsmb/passchange.c @@ -56,7 +56,7 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam *err_str = NULL; result = cli_connect_nb(remote_machine, NULL, 0, 0x20, NULL, - Undefined, &cli); + Undefined, 0, &cli); if (!NT_STATUS_IS_OK(result)) { if (asprintf(err_str, "Unable to connect to SMB server on " "machine %s. Error was : %s.\n", diff --git a/source3/libsmb/proto.h b/source3/libsmb/proto.h index 8ff0a1b2d6a..83da457b535 100644 --- a/source3/libsmb/proto.h +++ b/source3/libsmb/proto.h @@ -74,7 +74,7 @@ struct tevent_req *cli_negprot_send(TALLOC_CTX *mem_ctx, NTSTATUS cli_negprot_recv(struct tevent_req *req); NTSTATUS cli_connect_nb(const char *host, const struct sockaddr_storage *dest_ss, uint16_t port, int name_type, const char *myname, - int signing_state, struct cli_state **pcli); + int signing_state, int flags, struct cli_state **pcli); NTSTATUS cli_start_connection(struct cli_state **output_cli, const char *my_name, const char *dest_host, diff --git a/source3/nmbd/nmbd_synclists.c b/source3/nmbd/nmbd_synclists.c index 964975e1a52..a5fd3566927 100644 --- a/source3/nmbd/nmbd_synclists.c +++ b/source3/nmbd/nmbd_synclists.c @@ -82,7 +82,7 @@ static void sync_child(char *name, int nm_type, in_addr_to_sockaddr_storage(&ss, ip); status = cli_connect_nb(name, &ss, 139, nm_type, - get_local_machine_name(), Undefined, + get_local_machine_name(), Undefined, 0, &cli); if (!NT_STATUS_IS_OK(status)) { return; diff --git a/source3/torture/locktest.c b/source3/torture/locktest.c index d6c544d8e82..da3b9a7cdf8 100644 --- a/source3/torture/locktest.c +++ b/source3/torture/locktest.c @@ -169,6 +169,7 @@ static struct cli_state *connect_one(char *share, int snum) fstring myname; static int count; NTSTATUS status; + int flags = 0; fstrcpy(server,share+2); share = strchr_m(server,'\\'); @@ -182,16 +183,21 @@ static struct cli_state *connect_one(char *share, int snum) /* have to open a new connection */ - status = cli_connect_nb(server_n, NULL, 0, 0x20, myname, Undefined, - &c); + if (use_kerberos) { + flags |= CLI_FULL_CONNECTION_USE_KERBEROS; + } + if (use_oplocks) { + flags |= CLI_FULL_CONNECTION_OPLOCKS; + } + + status = cli_connect_nb(server_n, NULL, 0, 0x20, myname, + Undefined, flags, &c); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("Connection to %s failed. Error %s\n", server_n, nt_errstr(status))); return NULL; } - c->use_kerberos = use_kerberos; - status = cli_negprot(c); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("protocol negotiation failed: %s\n", @@ -246,8 +252,6 @@ static struct cli_state *connect_one(char *share, int snum) DEBUG(4,(" tconx ok\n")); - c->use_oplocks = use_oplocks; - return c; } diff --git a/source3/torture/masktest.c b/source3/torture/masktest.c index 05f9c60806a..6a4bb6e1d1e 100644 --- a/source3/torture/masktest.c +++ b/source3/torture/masktest.c @@ -179,7 +179,7 @@ static struct cli_state *connect_one(char *share) server_n = server; - status = cli_connect_nb(server, NULL, 0, 0x20, "masktest", Undefined, + status = cli_connect_nb(server, NULL, 0, 0x20, "masktest", Undefined, 0, &c); if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("Connection to %s failed. Error %s\n", server_n, diff --git a/source3/torture/torture.c b/source3/torture/torture.c index f07026d17ac..495875b27ac 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -181,19 +181,28 @@ static struct cli_state *open_nbt_connection(void) { struct cli_state *c; NTSTATUS status; + int flags = 0; + + if (use_oplocks) { + flags |= CLI_FULL_CONNECTION_OPLOCKS; + } + + if (use_level_II_oplocks) { + flags |= CLI_FULL_CONNECTION_LEVEL_II_OPLOCKS; + } + + if (use_kerberos) { + flags |= CLI_FULL_CONNECTION_USE_KERBEROS; + } status = cli_connect_nb(host, NULL, port_to_use, 0x20, myname, - signing_state, &c); + signing_state, flags, &c); if (!NT_STATUS_IS_OK(status)) { printf("Failed to connect with %s. Error %s\n", host, nt_errstr(status) ); return NULL; } - c->use_kerberos = use_kerberos; - cli_set_timeout(c, 120000); /* set a really long timeout (2 minutes) */ - if (use_oplocks) c->use_oplocks = True; - if (use_level_II_oplocks) c->use_level_II_oplocks = True; return c; } @@ -3545,18 +3554,12 @@ static bool run_oplock2(int dummy) return False; } - cli1->use_oplocks = True; - cli1->use_level_II_oplocks = True; - if (!torture_open_connection(&cli2, 1)) { use_level_II_oplocks = False; use_oplocks = saved_use_oplocks; return False; } - cli2->use_oplocks = True; - cli2->use_level_II_oplocks = True; - cli_unlink(cli1, fname, FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN); cli_sockopt(cli1, sockops); diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 04e6e687e3e..9ed4ead2f2f 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -7092,7 +7092,7 @@ bool net_rpc_check(struct net_context *c, unsigned flags) return false; status = cli_connect_nb(server_name, &server_ss, 0, 0x20, - lp_netbios_name(), Undefined, &cli); + lp_netbios_name(), Undefined, 0, &cli); if (!NT_STATUS_IS_OK(status)) { return false; } diff --git a/source3/utils/net_time.c b/source3/utils/net_time.c index cc97412a8d0..6fc3f96f654 100644 --- a/source3/utils/net_time.c +++ b/source3/utils/net_time.c @@ -33,7 +33,7 @@ static time_t cli_servertime(const char *host, NTSTATUS status; status = cli_connect_nb(host, dest_ss, 0, 0x20, lp_netbios_name(), - Undefined, &cli); + Undefined, 0, &cli); if (!NT_STATUS_IS_OK(status)) { fprintf(stderr, _("Can't contact server %s. Error %s\n"), host, nt_errstr(status)); diff --git a/source3/web/diagnose.c b/source3/web/diagnose.c index abb4d79b9a7..d840f236062 100644 --- a/source3/web/diagnose.c +++ b/source3/web/diagnose.c @@ -71,7 +71,7 @@ bool smbd_running(void) in_addr_to_sockaddr_storage(&ss, loopback_ip); status = cli_connect_nb("localhost", &ss, 0, 0x20, lp_netbios_name(), - Undefined, &cli); + Undefined, 0, &cli); if (!NT_STATUS_IS_OK(status)) { return false; } -- 2.34.1