Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
-#define NO_SYSLOG
-
#include "includes.h"
+extern pstring user_socket_options;
static const struct {
int prot;
if (cli->use_level_II_oplocks)
capabilities |= CAP_LEVEL_II_OPLOCKS;
- capabilities |= (cli->capabilities & (CAP_UNICODE|CAP_LARGE_FILES|CAP_LARGE_READX|CAP_LARGE_WRITEX));
+ capabilities |= (cli->capabilities & (CAP_UNICODE|CAP_LARGE_FILES|CAP_LARGE_READX|CAP_LARGE_WRITEX|CAP_DFS));
return capabilities;
}
char *p;
uint32 capabilities = cli_session_setup_capabilities(cli);
+ memset(cli->outbuf, '\0', smb_size);
set_message(cli->outbuf,13,0,True);
SCVAL(cli->outbuf,smb_com,SMBsesssetupX);
cli_setup_packet(cli);
p += clistr_pull(cli, cli->server_type, p, sizeof(fstring), -1, STR_TERMINATE);
p += clistr_pull(cli, cli->server_domain, p, sizeof(fstring), -1, STR_TERMINATE);
+ if (strstr(cli->server_type, "Samba")) {
+ cli->is_samba = True;
+ }
+
fstrcpy(cli->user_name, "");
return True;
p += clistr_pull(cli, cli->server_domain, p, sizeof(fstring), -1, STR_TERMINATE);
fstrcpy(cli->user_name, user);
+ if (strstr(cli->server_type, "Samba")) {
+ cli->is_samba = True;
+ }
+
return True;
}
p += clistr_pull(cli, cli->server_type, p, sizeof(fstring), -1, STR_TERMINATE);
p += clistr_pull(cli, cli->server_domain, p, sizeof(fstring), -1, STR_TERMINATE);
+ if (strstr(cli->server_type, "Samba")) {
+ cli->is_samba = True;
+ }
+
fstrcpy(cli->user_name, user);
if (session_key.data) {
DEBUG(2,("Doing kerberos session setup\n"));
/* generate the encapsulated kerberos5 ticket */
- rc = spnego_gen_negTokenTarg(principal, 0, &negTokenTarg, &session_key_krb5);
+ rc = spnego_gen_negTokenTarg(principal, 0, &negTokenTarg, &session_key_krb5, 0);
if (rc) {
DEBUG(1, ("spnego_gen_negTokenTarg failed: %s\n", error_message(rc)));
nt_status = ntlmssp_update(ntlmssp_state,
blob_in, &blob_out);
data_blob_free(&blob_in);
- if (NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
+ if (NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED) || NT_STATUS_IS_OK(nt_status)) {
if (turn == 1) {
/* and wrap it in a SPNEGO wrapper */
msg1 = gen_negTokenInit(OID_NTLMSSP, blob_out);
char *principal;
char *OIDs[ASN1_MAX_OIDS];
int i;
+#ifdef HAVE_KRB5
BOOL got_kerberos_mechanism = False;
+#endif
DATA_BLOB blob;
DEBUG(3,("Doing spnego session setup (blob length=%lu)\n", (unsigned long)cli->secblob.length));
/* make sure the server understands kerberos */
for (i=0;OIDs[i];i++) {
DEBUG(3,("got OID=%s\n", OIDs[i]));
+#ifdef HAVE_KRB5
if (strcmp(OIDs[i], OID_KERBEROS5_OLD) == 0 ||
strcmp(OIDs[i], OID_KERBEROS5) == 0) {
got_kerberos_mechanism = True;
}
+#endif
free(OIDs[i]);
}
DEBUG(3,("got principal=%s\n", principal));
int ret;
use_in_memory_ccache();
- ret = kerberos_kinit_password(user, pass, 0 /* no time correction for now */, NULL, NULL);
+ ret = kerberos_kinit_password(user, pass, 0 /* no time correction for now */, NULL);
if (ret){
SAFE_FREE(principal);
DEBUG(0, ("Kinit failed: %s\n", error_message(ret)));
+ if (cli->fallback_after_kerberos)
+ goto ntlmssp;
return ADS_ERROR_KRB5(ret);
}
}
rc = cli_session_setup_kerberos(cli, principal, domain);
- SAFE_FREE(principal);
- return rc;
+ if (ADS_ERR_OK(rc) || !cli->fallback_after_kerberos) {
+ SAFE_FREE(principal);
+ return rc;
+ }
}
#endif
DEBUG(3, ("SPNEGO login failed: %s\n", ads_errstr(status)));
return False;
}
- return True;
+ } else {
+ /* otherwise do a NT1 style session setup */
+ if ( !cli_session_setup_nt1(cli, user, pass, passlen, ntpass, ntpasslen, workgroup) ) {
+ DEBUG(3,("cli_session_setup: NT1 session setup failed!\n"));
+ return False;
+ }
}
- /* otherwise do a NT1 style session setup */
+ if (strstr(cli->server_type, "Samba")) {
+ cli->is_samba = True;
+ }
+
+ return True;
- return cli_session_setup_nt1(cli, user,
- pass, passlen, ntpass, ntpasslen,
- workgroup);
}
/****************************************************************************
if (!cli_receive_smb(cli))
return False;
- return !cli_is_error(cli);
+ if (cli_is_error(cli)) {
+ return False;
+ }
+
+ cli->cnum = -1;
+ return True;
}
/****************************************************************************
/* almost certainly win95 - enable bug fixes */
cli->win95 = True;
}
+
+ /* Make sure that we have the optional support 16-bit field. WCT > 2 */
+ /* Avoids issues when connecting to Win9x boxes sharing files */
+
+ cli->dfsroot = False;
+ if ( (CVAL(cli->inbuf, smb_wct))>2 && cli->protocol >= PROTOCOL_LANMAN2 )
+ cli->dfsroot = (SVAL( cli->inbuf, smb_vwv2 ) & SMB_SHARE_IN_DFS) ? True : False;
cli->cnum = SVAL(cli->inbuf,smb_tid);
return True;
if (cli->capabilities & (CAP_LARGE_READX|CAP_LARGE_WRITEX)) {
SAFE_FREE(cli->outbuf);
SAFE_FREE(cli->inbuf);
- cli->outbuf = (char *)SMB_MALLOC(CLI_MAX_LARGE_READX_SIZE+SAFETY_MARGIN);
- cli->inbuf = (char *)SMB_MALLOC(CLI_MAX_LARGE_READX_SIZE+SAFETY_MARGIN);
- cli->bufsize = CLI_MAX_LARGE_READX_SIZE;
+ cli->outbuf = (char *)SMB_MALLOC(CLI_SAMBA_MAX_LARGE_READX_SIZE+SAFETY_MARGIN);
+ cli->inbuf = (char *)SMB_MALLOC(CLI_SAMBA_MAX_LARGE_READX_SIZE+SAFETY_MARGIN);
+ cli->bufsize = CLI_SAMBA_MAX_LARGE_READX_SIZE;
}
} else if (cli->protocol >= PROTOCOL_LANMAN1) {
cli->serverzone = SVALS(cli->inbuf,smb_vwv10);
cli->serverzone *= 60;
/* this time is converted to GMT by make_unix_date */
- cli->servertime = make_unix_date(cli->inbuf+smb_vwv8);
+ cli->servertime = cli_make_unix_date(cli,cli->inbuf+smb_vwv8);
cli->readbraw_supported = ((SVAL(cli->inbuf,smb_vwv5) & 0x1) != 0);
cli->writebraw_supported = ((SVAL(cli->inbuf,smb_vwv5) & 0x2) != 0);
cli->secblob = data_blob(smb_buf(cli->inbuf),smb_buflen(cli->inbuf));
/* the old core protocol */
cli->use_spnego = False;
cli->sec_mode = 0;
- cli->serverzone = TimeDiff(time(NULL));
+ cli->serverzone = get_time_zone(time(NULL));
}
cli->max_xmit = MIN(cli->max_xmit, CLI_BUFFER_SIZE);
{
char *p;
int len = 4;
- extern pstring user_socket_options;
memcpy(&(cli->calling), calling, sizeof(*calling));
memcpy(&(cli->called ), called , sizeof(*called ));
BOOL cli_connect(struct cli_state *cli, const char *host, struct in_addr *ip)
{
- extern pstring user_socket_options;
int name_type = 0x20;
char *p;
return True;
}
-/****************************************************************************
- Initialise client credentials for authenticated pipe access.
-****************************************************************************/
-
-void init_creds(struct ntuser_creds *creds, const char* username,
- const char* domain, const char* password)
-{
- ZERO_STRUCTP(creds);
-
- pwd_set_cleartext(&creds->pwd, password);
-
- fstrcpy(creds->user_name, username);
- fstrcpy(creds->domain, domain);
-
- if (!*username) {
- creds->pwd.null_pwd = True;
- }
-}
-
/**
establishes a connection to after the negprot.
@param output_cli A fully initialised cli structure, non-null only on success
DEBUG(3,("Connecting to host=%s\n", dest_host));
if (!cli_connect(cli, dest_host, &ip)) {
- DEBUG(1,("cli_full_connection: failed to connect to %s (%s)\n",
+ DEBUG(1,("cli_start_connection: failed to connect to %s (%s)\n",
nmb_namestr(&called), inet_ntoa(ip)));
cli_shutdown(cli);
- return NT_STATUS_UNSUCCESSFUL;
+ if (is_zero_ip(ip)) {
+ return NT_STATUS_BAD_NETWORK_NAME;
+ } else {
+ return NT_STATUS_CONNECTION_REFUSED;
+ }
}
if (retry)
make_nmb_name(&called , "*SMBSERVER", 0x20);
goto again;
}
- return NT_STATUS_UNSUCCESSFUL;
+ return NT_STATUS_BAD_NETWORK_NAME;
}
cli_setup_signing_state(cli, signing_state);
if (!cli_negprot(cli)) {
DEBUG(1,("failed negprot\n"));
- nt_status = NT_STATUS_UNSUCCESSFUL;
+ nt_status = cli_nt_error(cli);
+ if (NT_STATUS_IS_OK(nt_status)) {
+ nt_status = NT_STATUS_UNSUCCESSFUL;
+ }
cli_shutdown(cli);
return nt_status;
}
int signing_state,
BOOL *retry)
{
- struct ntuser_creds creds;
NTSTATUS nt_status;
struct cli_state *cli = NULL;
}
}
- init_creds(&creds, user, domain, password);
- cli_init_creds(cli, &creds);
+ cli_init_creds(cli, user, domain, password);
*output_cli = cli;
return NT_STATUS_OK;