r15162: Patch for bug #3668. Windows has a bug with LARGE_READX

[ira/wip.git] / source3 / libsmb / cliconnect.c

diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 659e12429222ab6d72eae47c219d7fd50dbf1b5e..6b5de6d1439b6d29f1341cd274f43926c28c9436 100644 (file)
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -19,10 +19,9 @@
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 */
 
-#define NO_SYSLOG
-
 #include "includes.h"
 
+extern pstring user_socket_options;
 
 static const struct {
        int prot;
@@ -151,7 +150,7 @@ static uint32 cli_session_setup_capabilities(struct cli_state *cli)
        if (cli->use_level_II_oplocks)
                capabilities |= CAP_LEVEL_II_OPLOCKS;
 
-       capabilities |= (cli->capabilities & (CAP_UNICODE|CAP_LARGE_FILES|CAP_LARGE_READX|CAP_LARGE_WRITEX));
+       capabilities |= (cli->capabilities & (CAP_UNICODE|CAP_LARGE_FILES|CAP_LARGE_READX|CAP_LARGE_WRITEX|CAP_DFS));
        return capabilities;
 }
 
@@ -164,6 +163,7 @@ static BOOL cli_session_setup_guest(struct cli_state *cli)
        char *p;
        uint32 capabilities = cli_session_setup_capabilities(cli);
 
+       memset(cli->outbuf, '\0', smb_size);
        set_message(cli->outbuf,13,0,True);
        SCVAL(cli->outbuf,smb_com,SMBsesssetupX);
        cli_setup_packet(cli);
@@ -199,6 +199,10 @@ static BOOL cli_session_setup_guest(struct cli_state *cli)
        p += clistr_pull(cli, cli->server_type, p, sizeof(fstring), -1, STR_TERMINATE);
        p += clistr_pull(cli, cli->server_domain, p, sizeof(fstring), -1, STR_TERMINATE);
 
+       if (strstr(cli->server_type, "Samba")) {
+               cli->is_samba = True;
+       }
+
        fstrcpy(cli->user_name, "");
 
        return True;
@@ -263,6 +267,10 @@ static BOOL cli_session_setup_plaintext(struct cli_state *cli, const char *user,
        p += clistr_pull(cli, cli->server_domain, p, sizeof(fstring), -1, STR_TERMINATE);
        fstrcpy(cli->user_name, user);
 
+       if (strstr(cli->server_type, "Samba")) {
+               cli->is_samba = True;
+       }
+
        return True;
 }
 
@@ -408,6 +416,10 @@ static BOOL cli_session_setup_nt1(struct cli_state *cli, const char *user,
        p += clistr_pull(cli, cli->server_type, p, sizeof(fstring), -1, STR_TERMINATE);
        p += clistr_pull(cli, cli->server_domain, p, sizeof(fstring), -1, STR_TERMINATE);
 
+       if (strstr(cli->server_type, "Samba")) {
+               cli->is_samba = True;
+       }
+
        fstrcpy(cli->user_name, user);
 
        if (session_key.data) {
@@ -533,7 +545,7 @@ static ADS_STATUS cli_session_setup_kerberos(struct cli_state *cli, const char *
        DEBUG(2,("Doing kerberos session setup\n"));
 
        /* generate the encapsulated kerberos5 ticket */
-       rc = spnego_gen_negTokenTarg(principal, 0, &negTokenTarg, &session_key_krb5);
+       rc = spnego_gen_negTokenTarg(principal, 0, &negTokenTarg, &session_key_krb5, 0);
 
        if (rc) {
                DEBUG(1, ("spnego_gen_negTokenTarg failed: %s\n", error_message(rc)));
@@ -601,7 +613,7 @@ static NTSTATUS cli_session_setup_ntlmssp(struct cli_state *cli, const char *use
                nt_status = ntlmssp_update(ntlmssp_state, 
                                                  blob_in, &blob_out);
                data_blob_free(&blob_in);
-               if (NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
+               if (NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED) || NT_STATUS_IS_OK(nt_status)) {
                        if (turn == 1) {
                                /* and wrap it in a SPNEGO wrapper */
                                msg1 = gen_negTokenInit(OID_NTLMSSP, blob_out);
@@ -702,7 +714,9 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user,
        char *principal;
        char *OIDs[ASN1_MAX_OIDS];
        int i;
+#ifdef HAVE_KRB5
        BOOL got_kerberos_mechanism = False;
+#endif
        DATA_BLOB blob;
 
        DEBUG(3,("Doing spnego session setup (blob length=%lu)\n", (unsigned long)cli->secblob.length));
@@ -731,10 +745,12 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user,
        /* make sure the server understands kerberos */
        for (i=0;OIDs[i];i++) {
                DEBUG(3,("got OID=%s\n", OIDs[i]));
+#ifdef HAVE_KRB5
                if (strcmp(OIDs[i], OID_KERBEROS5_OLD) == 0 ||
                    strcmp(OIDs[i], OID_KERBEROS5) == 0) {
                        got_kerberos_mechanism = True;
                }
+#endif
                free(OIDs[i]);
        }
        DEBUG(3,("got principal=%s\n", principal));
@@ -752,18 +768,22 @@ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user,
                        int ret;
                        
                        use_in_memory_ccache();
-                       ret = kerberos_kinit_password(user, pass, 0 /* no time correction for now */, NULL, NULL);
+                       ret = kerberos_kinit_password(user, pass, 0 /* no time correction for now */, NULL);
                        
                        if (ret){
                                SAFE_FREE(principal);
                                DEBUG(0, ("Kinit failed: %s\n", error_message(ret)));
+                               if (cli->fallback_after_kerberos)
+                                       goto ntlmssp;
                                return ADS_ERROR_KRB5(ret);
                        }
                }
                
                rc = cli_session_setup_kerberos(cli, principal, domain);
-               SAFE_FREE(principal);
-               return rc;
+               if (ADS_ERR_OK(rc) || !cli->fallback_after_kerberos) {
+                       SAFE_FREE(principal);
+                       return rc;
+               }
        }
 #endif
 
@@ -857,14 +877,20 @@ BOOL cli_session_setup(struct cli_state *cli,
                        DEBUG(3, ("SPNEGO login failed: %s\n", ads_errstr(status)));
                        return False;
                }
-               return True;
+       } else {
+               /* otherwise do a NT1 style session setup */
+               if ( !cli_session_setup_nt1(cli, user, pass, passlen, ntpass, ntpasslen, workgroup) ) {
+                       DEBUG(3,("cli_session_setup: NT1 session setup failed!\n"));
+                       return False;
+               }
        }
 
-       /* otherwise do a NT1 style session setup */
+       if (strstr(cli->server_type, "Samba")) {
+               cli->is_samba = True;
+       }
+
+       return True;
 
-       return cli_session_setup_nt1(cli, user, 
-                                    pass, passlen, ntpass, ntpasslen,
-                                    workgroup);        
 }
 
 /****************************************************************************
@@ -884,7 +910,12 @@ BOOL cli_ulogoff(struct cli_state *cli)
        if (!cli_receive_smb(cli))
                return False;
 
-       return !cli_is_error(cli);
+       if (cli_is_error(cli)) {
+               return False;
+       }
+
+        cli->cnum = -1;
+        return True;
 }
 
 /****************************************************************************
@@ -968,6 +999,13 @@ BOOL cli_send_tconX(struct cli_state *cli,
                /* almost certainly win95 - enable bug fixes */
                cli->win95 = True;
        }
+       
+       /* Make sure that we have the optional support 16-bit field.  WCT > 2 */
+       /* Avoids issues when connecting to Win9x boxes sharing files */
+
+       cli->dfsroot = False;
+       if ( (CVAL(cli->inbuf, smb_wct))>2 && cli->protocol >= PROTOCOL_LANMAN2 )
+               cli->dfsroot = (SVAL( cli->inbuf, smb_vwv2 ) & SMB_SHARE_IN_DFS) ? True : False;
 
        cli->cnum = SVAL(cli->inbuf,smb_tid);
        return True;
@@ -1137,9 +1175,9 @@ BOOL cli_negprot(struct cli_state *cli)
                if (cli->capabilities & (CAP_LARGE_READX|CAP_LARGE_WRITEX)) {
                        SAFE_FREE(cli->outbuf);
                        SAFE_FREE(cli->inbuf);
-                       cli->outbuf = (char *)SMB_MALLOC(CLI_MAX_LARGE_READX_SIZE+SAFETY_MARGIN);
-                       cli->inbuf = (char *)SMB_MALLOC(CLI_MAX_LARGE_READX_SIZE+SAFETY_MARGIN);
-                       cli->bufsize = CLI_MAX_LARGE_READX_SIZE;
+                       cli->outbuf = (char *)SMB_MALLOC(CLI_SAMBA_MAX_LARGE_READX_SIZE+SAFETY_MARGIN);
+                       cli->inbuf = (char *)SMB_MALLOC(CLI_SAMBA_MAX_LARGE_READX_SIZE+SAFETY_MARGIN);
+                       cli->bufsize = CLI_SAMBA_MAX_LARGE_READX_SIZE;
                }
 
        } else if (cli->protocol >= PROTOCOL_LANMAN1) {
@@ -1151,7 +1189,7 @@ BOOL cli_negprot(struct cli_state *cli)
                cli->serverzone = SVALS(cli->inbuf,smb_vwv10);
                cli->serverzone *= 60;
                /* this time is converted to GMT by make_unix_date */
-               cli->servertime = make_unix_date(cli->inbuf+smb_vwv8);
+               cli->servertime = cli_make_unix_date(cli,cli->inbuf+smb_vwv8);
                cli->readbraw_supported = ((SVAL(cli->inbuf,smb_vwv5) & 0x1) != 0);
                cli->writebraw_supported = ((SVAL(cli->inbuf,smb_vwv5) & 0x2) != 0);
                cli->secblob = data_blob(smb_buf(cli->inbuf),smb_buflen(cli->inbuf));
@@ -1159,7 +1197,7 @@ BOOL cli_negprot(struct cli_state *cli)
                /* the old core protocol */
                cli->use_spnego = False;
                cli->sec_mode = 0;
-               cli->serverzone = TimeDiff(time(NULL));
+               cli->serverzone = get_time_zone(time(NULL));
        }
 
        cli->max_xmit = MIN(cli->max_xmit, CLI_BUFFER_SIZE);
@@ -1180,7 +1218,6 @@ BOOL cli_session_request(struct cli_state *cli,
 {
        char *p;
        int len = 4;
-       extern pstring user_socket_options;
 
        memcpy(&(cli->calling), calling, sizeof(*calling));
        memcpy(&(cli->called ), called , sizeof(*called ));
@@ -1270,7 +1307,6 @@ BOOL cli_session_request(struct cli_state *cli,
 
 BOOL cli_connect(struct cli_state *cli, const char *host, struct in_addr *ip)
 {
-       extern pstring user_socket_options;
        int name_type = 0x20;
        char *p;
 
@@ -1320,25 +1356,6 @@ BOOL cli_connect(struct cli_state *cli, const char *host, struct in_addr *ip)
        return True;
 }
 
-/****************************************************************************
- Initialise client credentials for authenticated pipe access.
-****************************************************************************/
-
-void init_creds(struct ntuser_creds *creds, const char* username,
-                      const char* domain, const char* password)
-{
-       ZERO_STRUCTP(creds);
-
-       pwd_set_cleartext(&creds->pwd, password);
-
-       fstrcpy(creds->user_name, username);
-       fstrcpy(creds->domain, domain);
-
-       if (!*username) {
-               creds->pwd.null_pwd = True;
-       }
-}
-
 /**
    establishes a connection to after the negprot. 
    @param output_cli A fully initialised cli structure, non-null only on success
@@ -1390,10 +1407,14 @@ again:
        DEBUG(3,("Connecting to host=%s\n", dest_host));
        
        if (!cli_connect(cli, dest_host, &ip)) {
-               DEBUG(1,("cli_full_connection: failed to connect to %s (%s)\n",
+               DEBUG(1,("cli_start_connection: failed to connect to %s (%s)\n",
                         nmb_namestr(&called), inet_ntoa(ip)));
                cli_shutdown(cli);
-               return NT_STATUS_UNSUCCESSFUL;
+               if (is_zero_ip(ip)) {
+                       return NT_STATUS_BAD_NETWORK_NAME;
+               } else {
+                       return NT_STATUS_CONNECTION_REFUSED;
+               }
        }
 
        if (retry)
@@ -1411,7 +1432,7 @@ again:
                        make_nmb_name(&called , "*SMBSERVER", 0x20);
                        goto again;
                }
-               return NT_STATUS_UNSUCCESSFUL;
+               return NT_STATUS_BAD_NETWORK_NAME;
        }
 
        cli_setup_signing_state(cli, signing_state);
@@ -1423,7 +1444,10 @@ again:
 
        if (!cli_negprot(cli)) {
                DEBUG(1,("failed negprot\n"));
-               nt_status = NT_STATUS_UNSUCCESSFUL;
+               nt_status = cli_nt_error(cli);
+               if (NT_STATUS_IS_OK(nt_status)) {
+                       nt_status = NT_STATUS_UNSUCCESSFUL;
+               }
                cli_shutdown(cli);
                return nt_status;
        }
@@ -1457,7 +1481,6 @@ NTSTATUS cli_full_connection(struct cli_state **output_cli,
                             int signing_state,
                             BOOL *retry) 
 {
-       struct ntuser_creds creds;
        NTSTATUS nt_status;
        struct cli_state *cli = NULL;
 
@@ -1496,8 +1519,7 @@ NTSTATUS cli_full_connection(struct cli_state **output_cli,
                }
        }
 
-       init_creds(&creds, user, domain, password);
-       cli_init_creds(cli, &creds);
+       cli_init_creds(cli, user, domain, password);
 
        *output_cli = cli;
        return NT_STATUS_OK;