macros to go along with the lib/replace/ portability layer code
Copyright (C) Andrew Tridgell 2005
- Copyright (C) Jelmer Vernooij 2006
+ Copyright (C) Jelmer Vernooij 2006-2008
Copyright (C) Jeremy Allison 2007.
** NOTE! The following LGPL license applies to the replace
int rep_setegid(gid_t);
#endif
+#if (defined(USE_SETRESUID) && !defined(HAVE_SETRESUID_DECL))
+/* stupid glibc */
+int setresuid(uid_t ruid, uid_t euid, uid_t suid);
+#endif
+#if (defined(USE_SETRESUID) && !defined(HAVE_SETRESGID_DECL))
+int setresgid(gid_t rgid, gid_t egid, gid_t sgid);
+#endif
+
#ifndef HAVE_CHOWN
#define chown rep_chown
int rep_chown(const char *path, uid_t uid, gid_t gid);
struct socket_address *);
void *private_data;
} unexpected;
+
+ uint32_t wack_timeout;
};
req->received_wack = true;
/* although there can be a timeout in the packet, w2k3 screws it up,
so better to set it ourselves */
- req->timeout = lp_parm_int(global_loadparm, NULL, "nbt", "wack_timeout", 30);
+ req->timeout = nbtsock->wack_timeout;
req->te = event_add_timed(req->nbtsock->event_ctx, req,
timeval_current_ofs(req->timeout, 0),
nbt_name_socket_timeout, req);
nbtsock->send_queue = NULL;
nbtsock->num_pending = 0;
+ nbtsock->wack_timeout = 30;
nbtsock->incoming.handler = NULL;
nbtsock->unexpected.handler = NULL;
nbtsock->iconv_convenience = iconv_convenience;
return NULL;
ev = s4_event_context_init(ret->mem_ctx);
- ret->socket = nbt_name_socket_init(ret->mem_ctx, ev, py_iconv_convenience(ret->mem_ctx));
+ ret->socket = nbt_name_socket_init(ret->mem_ctx, ev,
+ py_iconv_convenience(ret->mem_ctx));
return (PyObject *)ret;
}
*****************************************************************************/
NTSTATUS nt_status_string_to_code(const char *nt_status_str);
+/** Used by ntstatus_dos_equal: */
+extern bool ntstatus_check_dos_mapping;
+
#define NT_STATUS_IS_OK(x) (NT_STATUS_V(x) == 0)
#define NT_STATUS_IS_ERR(x) ((NT_STATUS_V(x) & 0xc0000000) == 0xc0000000)
/* checking for DOS error mapping here is ugly, but unfortunately the
/* avoid recursion */
if (flags & LIBNDR_FLAG_NO_NDR_SIZE) return 0;
- ndr = ndr_push_init_ctx(NULL, lp_iconv_convenience(global_loadparm));
+ ndr = ndr_push_init_ctx(NULL, global_iconv_convenience);
if (!ndr) return 0;
ndr->flags |= flags | LIBNDR_FLAG_NO_NDR_SIZE;
status = push(ndr, NDR_SCALARS|NDR_BUFFERS, discard_const(p));
/* avoid recursion */
if (flags & LIBNDR_FLAG_NO_NDR_SIZE) return 0;
- ndr = ndr_push_init_ctx(NULL, lp_iconv_convenience(global_loadparm));
+ ndr = ndr_push_init_ctx(NULL, global_iconv_convenience);
if (!ndr) return 0;
ndr->flags |= flags | LIBNDR_FLAG_NO_NDR_SIZE;
$self->pidl("}");
$self->pidl("");
+ $self->pidl("status = dcerpc_init(lp_ctx);");
+ $self->pidl("if (!NT_STATUS_IS_OK(status)) {");
+ $self->indent;
+ $self->pidl("PyErr_SetNTSTATUS(status);");
+ $self->pidl("return;");
+ $self->deindent;
+ $self->pidl("}");
+
$self->pidl("credentials = cli_credentials_from_py_object(py_credentials);");
$self->pidl("if (credentials == NULL) {");
$self->indent;
}
$self->pidl("");
- $self->pidl("status = dcerpc_init();");
- $self->pidl("if (!NT_STATUS_IS_OK(status)) {");
- $self->indent;
- $self->pidl("PyErr_SetNTSTATUS(status);");
- $self->pidl("return;");
- $self->deindent;
- $self->pidl("}");
-
$self->deindent;
$self->pidl("}");
return ($self->{res_hdr}, $self->{res});
PERL="$(PERL)" $(srcdir)/script/tests/selftest.sh ${selftest_prefix} all "${smbtorture4_path}"
SELFTEST_FORMAT = plain
+selftestdir = ../selftest
selftest:: all torture timelimit
- @../selftest/selftest.pl --prefix=st --target=samba3 \
+ @$(selftestdir)/selftest.pl --prefix=st --target=samba3 \
--testlist="$(srcdir)/selftest/tests.sh|" \
--expected-failures=$(srcdir)/selftest/knownfail \
--exclude=$(srcdir)/selftest/skip \
default_shared_modules="$default_shared_modules vfs_syncops"
fi
-AC_CACHE_CHECK([for sig_atomic_t type],samba_cv_sig_atomic_t, [
- AC_TRY_COMPILE([
-#include <sys/types.h>
-#if STDC_HEADERS
-#include <stdlib.h>
-#include <stddef.h>
-#endif
-#include <signal.h>],[sig_atomic_t i = 0],
- samba_cv_sig_atomic_t=yes,samba_cv_sig_atomic_t=no)])
-if test x"$samba_cv_sig_atomic_t" = x"yes"; then
- AC_DEFINE(HAVE_SIG_ATOMIC_T_TYPE,1,[Whether we have the atomic_t variable type])
-fi
-
AC_CACHE_CHECK([for struct sigevent type],samba_cv_struct_sigevent, [
AC_TRY_COMPILE([
#include <sys/types.h>
AC_DEFINE(HAVE_STRUCT_TIMESPEC,1,[Whether we have struct timespec])
fi
-# stupid headers have the functions but no declaration. grrrr.
-AC_HAVE_DECL(errno, [#include <errno.h>])
-AC_HAVE_DECL(setresuid, [#include <unistd.h>])
-AC_HAVE_DECL(setresgid, [#include <unistd.h>])
-
# and glibc has setresuid under linux but the function does
# nothing until kernel 2.1.44! very dumb.
AC_CACHE_CHECK([for real setresuid],samba_cv_have_setresuid,[
EXTRA_BIN_PROGS="$EXTRA_BIN_PROGS bin/smbrun\$(EXEEXT)"
fi
-AC_CHECK_FUNCS(waitpid getcwd strdup strndup strnlen strerror fchown chmod fchmod mknod mknod64)
-AC_CHECK_FUNCS(strtol strtoll strtoul strtoull strtouq __strtoull)
+AC_CHECK_FUNCS(getcwd fchown chmod fchmod mknod mknod64)
+AC_CHECK_FUNCS(strtol)
AC_CHECK_FUNCS(fstat strchr chflags)
-AC_CHECK_FUNCS(getrlimit fsync fdatasync memset strlcpy strlcat setpgid)
-AC_CHECK_FUNCS(memmove setsid glob strpbrk pipe crypt16 getauthuid)
-AC_CHECK_FUNCS(strftime sigprocmask sigblock sigaction sigset innetgr setnetgrent getnetgrent endnetgrent)
+AC_CHECK_FUNCS(getrlimit fsync fdatasync setpgid)
+AC_CHECK_FUNCS(setsid glob strpbrk crypt16 getauthuid)
+AC_CHECK_FUNCS(sigprocmask sigblock sigaction sigset innetgr setnetgrent getnetgrent endnetgrent)
AC_CHECK_FUNCS(initgroups select poll rdchk getgrnam getgrent pathconf)
-AC_CHECK_FUNCS(setpriv setgidx setuidx setgroups sysconf mktime rename ftruncate chsize stat64 fstat64)
-AC_CHECK_FUNCS(lstat64 fopen64 atexit grantpt dup2 lseek64 ftruncate64)
-AC_CHECK_FUNCS(fseek64 fseeko64 ftell64 ftello64 setluid getpwanam setlinebuf)
+AC_CHECK_FUNCS(setpriv setgidx setuidx setgroups sysconf stat64 fstat64)
+AC_CHECK_FUNCS(lstat64 fopen64 atexit grantpt lseek64 ftruncate64)
+AC_CHECK_FUNCS(fseek64 fseeko64 ftell64 ftello64 setluid getpwanam)
AC_CHECK_FUNCS(opendir64 readdir64 seekdir64 telldir64 rewinddir64 closedir64)
AC_CHECK_FUNCS(getpwent_r)
-AC_CHECK_FUNCS(getdents getdents64)
-AC_CHECK_FUNCS(srandom random srand rand setenv usleep strcasecmp fcvt fcvtl)
+AC_CHECK_FUNCS(getdents64)
+AC_CHECK_FUNCS(setenv strcasecmp fcvt fcvtl)
AC_CHECK_FUNCS(syslog vsyslog timegm)
AC_CHECK_FUNCS(setlocale nl_langinfo)
AC_CHECK_FUNCS(nanosleep)
AC_CHECK_FUNCS(memalign posix_memalign hstrerror)
AC_CHECK_HEADERS(sys/mman.h)
# setbuffer, shmget, shm_open are needed for smbtorture
-AC_CHECK_FUNCS(setbuffer shmget shm_open)
+AC_CHECK_FUNCS(shmget shm_open)
# Find a method of generating a stack trace
AC_CHECK_HEADERS(execinfo.h libexc.h libunwind.h)
};
#endif
-#ifndef MIN
-#define MIN(a,b) ((a)<(b)?(a):(b))
-#endif
-
-#ifndef MAX
-#define MAX(a,b) ((a)>(b)?(a):(b))
-#endif
-
#ifdef HAVE_BROKEN_GETGROUPS
#define GID_T int
#else
#endif
/* Samba 3 doesn't use iconv_convenience: */
-extern void *global_loadparm;
+extern void *global_iconv_convenience;
extern void *cmdline_lp_ctx;
struct smb_iconv_convenience *lp_iconv_convenience(void *lp_ctx);
#include "modules/nfs4_acls.h"
#include "nsswitch/libwbclient/wbclient.h"
-/***** automatically generated prototypes *****/
+/***** prototypes *****/
#ifndef NO_PROTO_H
#include "proto.h"
#endif
#define ULTRIX_AUTH 1
#endif
-#if (defined(USE_SETRESUID) && !defined(HAVE_SETRESUID_DECL))
-/* stupid glibc */
-int setresuid(uid_t ruid, uid_t euid, uid_t suid);
-#endif
-#if (defined(USE_SETRESUID) && !defined(HAVE_SETRESGID_DECL))
-int setresgid(gid_t rgid, gid_t egid, gid_t sgid);
-#endif
-
/* yuck, I'd like a better way of doing this */
#define DIRP_SIZE (256 + 32)
int asprintf_strupper_m(char **strp, const char *fmt, ...) PRINTF_ATTRIBUTE(2,3);
char *talloc_asprintf_strupper_m(TALLOC_CTX *t, const char *fmt, ...) PRINTF_ATTRIBUTE(2,3);
-/* we used to use these fns, but now we have good replacements
- for snprintf and vsnprintf */
-#define slprintf snprintf
-#define vslprintf vsnprintf
-
/*
* Veritas File System. Often in addition to native.
* Quotas different.
ndr->print(ndr, "%-25s: %s", name, print_sockaddr(addr, sizeof(addr), ss));
}
-void *global_loadparm;
+void *global_iconv_convenience;
void *cmdline_lp_ctx;
struct smb_iconv_convenience *lp_iconv_convenience(void *lp_ctx)
{
all:: bin/samba4 bin/regpatch4 bin/regdiff4 bin/regshell4 bin/regtree4 bin/smbclient4
torture:: bin/smbtorture4
everything:: $(patsubst %,%4,$(BINARIES))
+
+SELFTEST4 = $(LD_LIBPATH_OVERRIDE) $(PERL) $(selftestdir)/selftest.pl --prefix=st4 \
+ --builddir=$(builddir) --srcdir=$(samba4srcdir) \
+ --expected-failures=$(samba4srcdir)/selftest/knownfail \
+ --format=$(SELFTEST_FORMAT) \
+ --exclude=$(samba4srcdir)/selftest/skip --testlist="$(samba4srcdir)/selftest/tests.sh|" \
+ $(TEST4_OPTIONS)
+
+SELFTEST4_NOSLOW_OPTS = --exclude=$(samba4srcdir)/selftest/slow
+SELFTEST4_QUICK_OPTS = $(SELFTEST4_NOSLOW_OPTS) --quick --include=$(samba4srcdir)/selftest/quick
+
+slowtest4:: everything
+ $(SELFTEST4) $(DEFAULT_TEST_OPTIONS) --immediate $(TESTS)
+
+test4:: everything
+ $(SELFTEST4) $(SELFTEST4_NOSLOW_OPTS) $(DEFAULT_TEST_OPTIONS) --immediate \
+ $(TESTS)
+
+testone4:: everything
+ $(SELFTEST4) $(SELFTEST4_NOSLOW_OPTS) $(DEFAULT_TEST_OPTIONS) --one $(TESTS)
+
+test4-swrap:: everything
+ $(SELFTEST4) $(SELFTEST4_NOSLOW_OPTS) --socket-wrapper --immediate $(TESTS)
+
+test4-swrap-pcap:: everything
+ $(SELFTEST4) $(SELFTEST4_NOSLOW_OPTS) --socket-wrapper-pcap --immediate $(TESTS)
+
+test4-swrap-keep-pcap:: everything
+ $(SELFTEST4) $(SELFTEST4_NOSLOW_OPTS) --socket-wrapper-keep-pcap --immediate $(TESTS)
+
+test4-noswrap:: everything
+ $(SELFTEST4) $(SELFTEST4_NOSLOW_OPTS) --immediate $(TESTS)
+
+quicktest4:: all
+ $(SELFTEST4) $(SELFTEST4_QUICK_OPTS) --socket-wrapper --immediate $(TESTS)
+
+quicktestone4:: all
+ $(SELFTEST4) $(SELFTEST4_QUICK_OPTS) --socket-wrapper --one $(TESTS)
+
+testenv4:: everything
+ $(SELFTEST4) $(SELFTEST4_NOSLOW_OPTS) --socket-wrapper --testenv
+
+testenv4-%:: everything
+ SELFTEST_TESTENV=$* $(SELFTEST4) $(SELFTEST4_NOSLOW_OPTS) --socket-wrapper --testenv
+
+test4-%::
+ $(MAKE) test TESTS=$*
+
+valgrindtest4:: valgrindtest-all
+
+valgrindtest4-quick:: all
+ SMBD_VALGRIND="xterm -n server -e $(selftestdir)/valgrind_run $(LD_LIBPATH_OVERRIDE)" \
+ VALGRIND="valgrind -q --num-callers=30 --log-file=${selftest_prefix}/valgrind.log" \
+ $(SELFTEST4) $(SELFTEST4_QUICK_OPTS) --immediate --socket-wrapper $(TESTS)
+
+valgrindtest4-all:: everything
+ SMBD_VALGRIND="xterm -n server -e $(selftestdir)/valgrind_run $(LD_LIBPATH_OVERRIDE)" \
+ VALGRIND="valgrind -q --num-callers=30 --log-file=${selftest_prefix}/valgrind.log" \
+ $(SELFTEST4) $(SELFTEST4_NOSLOW_OPTS) --immediate --socket-wrapper $(TESTS)
+
+valgrindtest4-env:: everything
+ SMBD_VALGRIND="xterm -n server -e $(selftestdir)/valgrind_run $(LD_LIBPATH_OVERRIDE)" \
+ VALGRIND="valgrind -q --num-callers=30 --log-file=${selftest_prefix}/valgrind.log" \
+ $(SELFTEST4) $(SELFTEST4_NOSLOW_OPTS) --socket-wrapper --testenv
+
+gdbtest4:: gdbtest4-all
+
+gdbtest4-quick:: all
+ SMBD_VALGRIND="xterm -n server -e $(selftestdir)/gdb_run $(LD_LIBPATH_OVERRIDE)" \
+ $(SELFTEST4) $(SELFTEST4_QUICK_OPTS) --immediate --socket-wrapper $(TESTS)
+
+gdbtest4-all:: everything
+ SMBD_VALGRIND="xterm -n server -e $(selftestdir)/gdb_run $(LD_LIBPATH_OVERRIDE)" \
+ $(SELFTEST4) $(SELFTEST4_NOSLOW_OPTS) --immediate --socket-wrapper $(TESTS)
+
+gdbtest4-env:: everything
+ SMBD_VALGRIND="xterm -n server -e $(selftestdir)/gdb_run $(LD_LIBPATH_OVERRIDE)" \
+ $(SELFTEST4) $(SELFTEST4_NOSLOW_OPTS) --socket-wrapper --testenv
+
return generic_security_ops;
}
+bool gensec_security_ops_enabled(struct gensec_security_ops *ops,
+ struct loadparm_context *lp_ctx)
+{
+ return lp_parm_bool(lp_ctx, NULL, "gensec", ops->name, ops->enabled);
+}
+
/* Sometimes we want to force only kerberos, sometimes we want to
* force it's avoidance. The old list could be either
* gensec_security_all(), or from cli_credentials_gensec_list() (ie,
j = 0;
for (i=0; old_gensec_list && old_gensec_list[i]; i++) {
int oid_idx;
+
for (oid_idx = 0; old_gensec_list[i]->oid && old_gensec_list[i]->oid[oid_idx]; oid_idx++) {
if (strcmp(old_gensec_list[i]->oid[oid_idx], GENSEC_OID_SPNEGO) == 0) {
new_gensec_list[j] = old_gensec_list[i];
}
backends = gensec_security_mechs(gensec_security, mem_ctx);
for (i=0; backends && backends[i]; i++) {
+ if (!gensec_security_ops_enabled(backends[i],
+ gensec_security->settings->lp_ctx))
+ continue;
if (backends[i]->auth_type == auth_type) {
backend = backends[i];
talloc_free(mem_ctx);
}
backends = gensec_security_mechs(gensec_security, mem_ctx);
for (i=0; backends && backends[i]; i++) {
+ if (gensec_security != NULL &&
+ !gensec_security_ops_enabled(backends[i],
+ gensec_security->settings->lp_ctx))
+ continue;
if (backends[i]->oid) {
for (j=0; backends[i]->oid[j]; j++) {
if (backends[i]->oid[j] &&
}
backends = gensec_security_mechs(gensec_security, mem_ctx);
for (i=0; backends && backends[i]; i++) {
+ if (!gensec_security_ops_enabled(backends[i], gensec_security->settings->lp_ctx))
+ continue;
if (backends[i]->sasl_name
&& (strcmp(backends[i]->sasl_name, sasl_name) == 0)) {
backend = backends[i];
}
backends = gensec_security_mechs(gensec_security, mem_ctx);
for (i=0; backends && backends[i]; i++) {
+ if (gensec_security != NULL &&
+ !gensec_security_ops_enabled(backends[i], gensec_security->settings->lp_ctx))
+ continue;
if (backends[i]->name
&& (strcmp(backends[i]->name, name) == 0)) {
backend = backends[i];
/* Find backends in our preferred order, by walking our list,
* then looking in the supplied list */
for (i=0; backends && backends[i]; i++) {
+ if (gensec_security != NULL &&
+ !gensec_security_ops_enabled(backends[i], gensec_security->settings->lp_ctx))
+ continue;
for (sasl_idx = 0; sasl_names[sasl_idx]; sasl_idx++) {
if (!backends[i]->sasl_name ||
!(strcmp(backends[i]->sasl_name,
/* Find backends in our preferred order, by walking our list,
* then looking in the supplied list */
for (i=0; backends && backends[i]; i++) {
+ if (gensec_security != NULL &&
+ !gensec_security_ops_enabled(backends[i], gensec_security->settings->lp_ctx))
+ continue;
if (!backends[i]->oid) {
continue;
}
* Return OIDS from the security subsystems listed
*/
-const char **gensec_security_oids_from_ops(TALLOC_CTX *mem_ctx,
+const char **gensec_security_oids_from_ops(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
struct gensec_security_ops **ops,
const char *skip)
{
}
for (i=0; ops && ops[i]; i++) {
+ if (gensec_security != NULL &&
+ !gensec_security_ops_enabled(ops[i], gensec_security->settings->lp_ctx)) {
+ continue;
+ }
if (!ops[i]->oid) {
continue;
}
{
struct gensec_security_ops **ops
= gensec_security_mechs(gensec_security, mem_ctx);
- return gensec_security_oids_from_ops(mem_ctx, ops, skip);
+ return gensec_security_oids_from_ops(gensec_security, mem_ctx, ops, skip);
}
(*gensec_security)->event_ctx = ev;
(*gensec_security)->msg_ctx = msg;
+ SMB_ASSERT(settings->lp_ctx != NULL);
(*gensec_security)->settings = talloc_reference(*gensec_security, settings);
return NT_STATUS_OK;
{
NTSTATUS status;
+ if (settings == NULL) {
+ DEBUG(0,("gensec_client_start: no settings given!\n"));
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+
status = gensec_start(mem_ctx, ev, settings, NULL, gensec_security);
if (!NT_STATUS_IS_OK(status)) {
return status;
return NT_STATUS_INTERNAL_ERROR;
}
+ if (!settings) {
+ DEBUG(0,("gensec_server_start: no settings given!\n"));
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+
status = gensec_start(mem_ctx, ev, settings, msg, gensec_security);
if (!NT_STATUS_IS_OK(status)) {
return status;
return gensec_start_mech(gensec_security);
}
-_PUBLIC_ const char *gensec_get_name_by_authtype(uint8_t authtype)
+_PUBLIC_ const char *gensec_get_name_by_authtype(struct gensec_security *gensec_security, uint8_t authtype)
{
const struct gensec_security_ops *ops;
- ops = gensec_security_by_authtype(NULL, authtype);
+ ops = gensec_security_by_authtype(gensec_security, authtype);
if (ops) {
return ops->name;
}
}
-_PUBLIC_ const char *gensec_get_name_by_oid(const char *oid_string)
+_PUBLIC_ const char *gensec_get_name_by_oid(struct gensec_security *gensec_security,
+ const char *oid_string)
{
const struct gensec_security_ops *ops;
- ops = gensec_security_by_oid(NULL, oid_string);
+ ops = gensec_security_by_oid(gensec_security, oid_string);
if (ops) {
return ops->name;
}
_PUBLIC_ NTSTATUS gensec_start_mech_by_oid(struct gensec_security *gensec_security,
const char *mech_oid)
{
+ SMB_ASSERT(gensec_security != NULL);
+
gensec_security->ops = gensec_security_by_oid(gensec_security, mech_oid);
if (!gensec_security->ops) {
DEBUG(3, ("Could not find GENSEC backend for oid=%s\n", mech_oid));
*/
NTSTATUS gensec_register(const struct gensec_security_ops *ops)
{
- if (!lp_parm_bool(global_loadparm, NULL, "gensec", ops->name, ops->enabled)) {
- DEBUG(2,("gensec subsystem %s is disabled\n", ops->name));
- return NT_STATUS_OK;
- }
-
if (gensec_security_by_name(NULL, ops->name) != NULL) {
/* its already registered! */
DEBUG(0,("GENSEC backend '%s' already registered\n",
DATA_BLOB *session_key);
NTSTATUS gensec_start_mech_by_oid(struct gensec_security *gensec_security,
const char *mech_oid);
-const char *gensec_get_name_by_oid(const char *oid_string);
+const char *gensec_get_name_by_oid(struct gensec_security *gensec_security, const char *oid_string);
struct cli_credentials *gensec_get_credentials(struct gensec_security *gensec_security);
struct socket_address *gensec_get_peer_addr(struct gensec_security *gensec_security);
NTSTATUS gensec_init(struct loadparm_context *lp_ctx);
DATA_BLOB *sig);
NTSTATUS gensec_start_mech_by_authtype(struct gensec_security *gensec_security,
uint8_t auth_type, uint8_t auth_level);
-const char *gensec_get_name_by_authtype(uint8_t authtype);
+const char *gensec_get_name_by_authtype(struct gensec_security *gensec_security, uint8_t authtype);
NTSTATUS gensec_server_start(TALLOC_CTX *mem_ctx,
struct event_context *ev,
struct gensec_settings *settings,
DATA_BLOB *out);
struct gensec_security_ops **gensec_security_all(void);
+bool gensec_security_ops_enabled(struct gensec_security_ops *ops, struct loadparm_context *lp_ctx);
struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx,
struct gensec_security_ops **old_gensec_list,
struct cli_credentials *creds);
for (i=0; all_ops[i]; i++) {
bool is_spnego;
NTSTATUS nt_status;
+
+ if (gensec_security != NULL &&
+ !gensec_security_ops_enabled(all_ops[i], gensec_security->settings->lp_ctx))
+ continue;
+
if (!all_ops[i]->oid) {
continue;
}
spnego.negTokenTarg.supportedMech &&
strcmp(spnego.negTokenTarg.supportedMech, spnego_state->neg_oid) != 0) {
DEBUG(3,("GENSEC SPNEGO: client preferred mech (%s) not accepted, server wants: %s\n",
- gensec_get_name_by_oid(spnego.negTokenTarg.supportedMech),
- gensec_get_name_by_oid(spnego_state->neg_oid)));
+ gensec_get_name_by_oid(gensec_security, spnego.negTokenTarg.supportedMech),
+ gensec_get_name_by_oid(gensec_security, spnego_state->neg_oid)));
talloc_free(spnego_state->sub_sec_security);
nt_status = gensec_subcontext_start(spnego_state,
}
io.in.dest_ports = lp_smb_ports(ctx->auth_ctx->lp_ctx);
io.in.socket_options = lp_socket_options(ctx->auth_ctx->lp_ctx);
+ io.in.gensec_settings = lp_gensec_settings(mem_ctx, ctx->auth_ctx->lp_ctx);
io.in.called_name = strupper_talloc(mem_ctx, io.in.dest_host);
struct smbcli_options *smb_options,
const char *socket_options,
struct smbcli_session_options *smb_session_options,
- struct smb_iconv_convenience *iconv_convenience)
+ struct smb_iconv_convenience *iconv_convenience,
+ struct gensec_settings *gensec_settings)
{
int options = 0;
const char * path = NULL;
check_arg_numeric("ibs"), options,
socket_options,
smb_options, smb_session_options,
- iconv_convenience);
+ iconv_convenience,
+ gensec_settings);
} else if (strcmp(which, "of") == 0) {
options |= DD_WRITE;
path = check_arg_pathname("of");
check_arg_numeric("obs"), options,
socket_options,
smb_options, smb_session_options,
- iconv_convenience);
+ iconv_convenience,
+ gensec_settings);
} else {
SMB_ASSERT(0);
return(NULL);
if (!(ifile = open_file(lp_resolve_context(lp_ctx), ev, "if",
lp_smb_ports(lp_ctx), &options,
lp_socket_options(lp_ctx),
- &session_options, lp_iconv_convenience(lp_ctx)))) {
+ &session_options, lp_iconv_convenience(lp_ctx),
+ lp_gensec_settings(lp_ctx, lp_ctx)))) {
return(FILESYS_EXIT_CODE);
}
lp_smb_ports(lp_ctx), &options,
lp_socket_options(lp_ctx),
&session_options,
- lp_iconv_convenience(lp_ctx)))) {
+ lp_iconv_convenience(lp_ctx),
+ lp_gensec_settings(lp_ctx, lp_ctx)))) {
return(FILESYS_EXIT_CODE);
}
const char *socket_options,
struct smbcli_options *smb_options,
struct smbcli_session_options *smb_session_options,
- struct smb_iconv_convenience *iconv_convenience);
+ struct smb_iconv_convenience *iconv_convenience,
+ struct gensec_settings *gensec_settings);
bool dd_fill_block(struct dd_iohandle * h, uint8_t * buf,
uint64_t * buf_size, uint64_t need_size, uint64_t block_size);
bool dd_flush_block(struct dd_iohandle * h, uint8_t * buf,
const char *socket_options,
struct smbcli_options *options,
struct smbcli_session_options *session_options,
- struct smb_iconv_convenience *iconv_convenience)
+ struct smb_iconv_convenience *iconv_convenience,
+ struct gensec_settings *gensec_settings)
{
NTSTATUS ret;
struct smbcli_state * cli = NULL;
cmdline_credentials, resolve_ctx,
ev, options,
session_options,
- iconv_convenience);
+ iconv_convenience,
+ gensec_settings);
if (!NT_STATUS_IS_OK(ret)) {
fprintf(stderr, "%s: connecting to //%s/%s: %s\n",
const char *socket_options,
struct smbcli_options *smb_options,
struct smbcli_session_options *smb_session_options,
- struct smb_iconv_convenience *iconv_convenience)
+ struct smb_iconv_convenience *iconv_convenience,
+ struct gensec_settings *gensec_settings)
{
struct cifs_handle * smbh;
if ((smbh->cli = init_smb_session(resolve_ctx, ev, host, ports, share,
socket_options,
smb_options, smb_session_options,
- iconv_convenience)) == NULL) {
+ iconv_convenience,
+ gensec_settings)) == NULL) {
return(NULL);
}
const char *socket_options,
struct smbcli_options *smb_options,
struct smbcli_session_options *smb_session_options,
- struct smb_iconv_convenience *iconv_convenience)
+ struct smb_iconv_convenience *iconv_convenience,
+ struct gensec_settings *gensec_settings)
{
if (file_exist(path)) {
return(open_fd_handle(path, io_size, options));
io_size, options,
socket_options, smb_options,
smb_session_options,
- iconv_convenience));
+ iconv_convenience,
+ gensec_settings));
}
return(open_fd_handle(path, io_size, options));
struct cli_credentials *cred,
struct smbcli_options *options,
struct smbcli_session_options *session_options,
- struct smb_iconv_convenience *iconv_convenience)
+ struct smb_iconv_convenience *iconv_convenience,
+ struct gensec_settings *gensec_settings)
{
NTSTATUS status;
char *server, *share;
socket_options,
cred, resolve_ctx,
ev_ctx, options, session_options,
- iconv_convenience);
+ iconv_convenience,
+ gensec_settings);
if (!NT_STATUS_IS_OK(status)) {
d_printf("Connection to \\\\%s\\%s failed - %s\n",
server, share, nt_errstr(status));
desthost, lp_smb_ports(cmdline_lp_ctx), service,
lp_socket_options(cmdline_lp_ctx),
cmdline_credentials, &smb_options, &smb_session_options,
- lp_iconv_convenience(cmdline_lp_ctx)))
+ lp_iconv_convenience(cmdline_lp_ctx),
+ lp_gensec_settings(ctx, cmdline_lp_ctx)))
return 1;
if (base_directory)
--- /dev/null
+/*
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "krb5_locl.h"
+
+RCSID("$Id: get_addrs.c 23815 2008-09-13 09:21:03Z lha $");
+
+#ifdef __osf__
+/* hate */
+struct rtentry;
+struct mbuf;
+#endif
+#ifdef HAVE_NET_IF_H
+#include <net/if.h>
+#endif
+#include <ifaddrs.h>
+
+static krb5_error_code
+gethostname_fallback (krb5_context context, krb5_addresses *res)
+{
+ krb5_error_code ret;
+ char hostname[MAXHOSTNAMELEN];
+ struct hostent *hostent;
+
+ if (gethostname (hostname, sizeof(hostname))) {
+ ret = errno;
+ krb5_set_error_message(context, ret, "gethostname: %s", strerror(ret));
+ return ret;
+ }
+ hostent = roken_gethostbyname (hostname);
+ if (hostent == NULL) {
+ ret = errno;
+ krb5_set_error_message (context, ret, "gethostbyname %s: %s",
+ hostname, strerror(ret));
+ return ret;
+ }
+ res->len = 1;
+ res->val = malloc (sizeof(*res->val));
+ if (res->val == NULL) {
+ krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
+ return ENOMEM;
+ }
+ res->val[0].addr_type = hostent->h_addrtype;
+ res->val[0].address.data = NULL;
+ res->val[0].address.length = 0;
+ ret = krb5_data_copy (&res->val[0].address,
+ hostent->h_addr,
+ hostent->h_length);
+ if (ret) {
+ free (res->val);
+ return ret;
+ }
+ return 0;
+}
+
+enum {
+ LOOP = 1, /* do include loopback interfaces */
+ LOOP_IF_NONE = 2, /* include loopback if no other if's */
+ EXTRA_ADDRESSES = 4, /* include extra addresses */
+ SCAN_INTERFACES = 8 /* scan interfaces for addresses */
+};
+
+/*
+ * Try to figure out the addresses of all configured interfaces with a
+ * lot of magic ioctls.
+ */
+
+static krb5_error_code
+find_all_addresses (krb5_context context, krb5_addresses *res, int flags)
+{
+ struct sockaddr sa_zero;
+ struct ifaddrs *ifa0, *ifa;
+ krb5_error_code ret = ENXIO;
+ unsigned int num, idx;
+ krb5_addresses ignore_addresses;
+
+ res->val = NULL;
+
+ if (getifaddrs(&ifa0) == -1) {
+ ret = errno;
+ krb5_set_error_message(context, ret, "getifaddrs: %s", strerror(ret));
+ return (ret);
+ }
+
+ memset(&sa_zero, 0, sizeof(sa_zero));
+
+ /* First, count all the ifaddrs. */
+ for (ifa = ifa0, num = 0; ifa != NULL; ifa = ifa->ifa_next, num++)
+ /* nothing */;
+
+ if (num == 0) {
+ freeifaddrs(ifa0);
+ krb5_set_error_message(context, ENXIO, N_("no addresses found", ""));
+ return (ENXIO);
+ }
+
+ if (flags & EXTRA_ADDRESSES) {
+ /* we'll remove the addresses we don't care about */
+ ret = krb5_get_ignore_addresses(context, &ignore_addresses);
+ if(ret)
+ return ret;
+ }
+
+ /* Allocate storage for them. */
+ res->val = calloc(num, sizeof(*res->val));
+ if (res->val == NULL) {
+ krb5_free_addresses(context, &ignore_addresses);
+ freeifaddrs(ifa0);
+ krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
+ return ENOMEM;
+ }
+
+ /* Now traverse the list. */
+ for (ifa = ifa0, idx = 0; ifa != NULL; ifa = ifa->ifa_next) {
+ if ((ifa->ifa_flags & IFF_UP) == 0)
+ continue;
+ if (ifa->ifa_addr == NULL)
+ continue;
+ if (memcmp(ifa->ifa_addr, &sa_zero, sizeof(sa_zero)) == 0)
+ continue;
+ if (krb5_sockaddr_uninteresting(ifa->ifa_addr))
+ continue;
+ if ((ifa->ifa_flags & IFF_LOOPBACK) != 0) {
+ /* We'll deal with the LOOP_IF_NONE case later. */
+ if ((flags & LOOP) == 0)
+ continue;
+ }
+
+ ret = krb5_sockaddr2address(context, ifa->ifa_addr, &res->val[idx]);
+ if (ret) {
+ /*
+ * The most likely error here is going to be "Program
+ * lacks support for address type". This is no big
+ * deal -- just continue, and we'll listen on the
+ * addresses who's type we *do* support.
+ */
+ continue;
+ }
+ /* possibly skip this address? */
+ if((flags & EXTRA_ADDRESSES) &&
+ krb5_address_search(context, &res->val[idx], &ignore_addresses)) {
+ krb5_free_address(context, &res->val[idx]);
+ flags &= ~LOOP_IF_NONE; /* we actually found an address,
+ so don't add any loop-back
+ addresses */
+ continue;
+ }
+
+ idx++;
+ }
+
+ /*
+ * If no addresses were found, and LOOP_IF_NONE is set, then find
+ * the loopback addresses and add them to our list.
+ */
+ if ((flags & LOOP_IF_NONE) != 0 && idx == 0) {
+ for (ifa = ifa0; ifa != NULL; ifa = ifa->ifa_next) {
+ if ((ifa->ifa_flags & IFF_UP) == 0)
+ continue;
+ if (ifa->ifa_addr == NULL)
+ continue;
+ if (memcmp(ifa->ifa_addr, &sa_zero, sizeof(sa_zero)) == 0)
+ continue;
+ if (krb5_sockaddr_uninteresting(ifa->ifa_addr))
+ continue;
+
+ if ((ifa->ifa_flags & IFF_LOOPBACK) != 0) {
+ ret = krb5_sockaddr2address(context,
+ ifa->ifa_addr, &res->val[idx]);
+ if (ret) {
+ /*
+ * See comment above.
+ */
+ continue;
+ }
+ if((flags & EXTRA_ADDRESSES) &&
+ krb5_address_search(context, &res->val[idx],
+ &ignore_addresses)) {
+ krb5_free_address(context, &res->val[idx]);
+ continue;
+ }
+ idx++;
+ }
+ }
+ }
+
+ if (flags & EXTRA_ADDRESSES)
+ krb5_free_addresses(context, &ignore_addresses);
+ freeifaddrs(ifa0);
+ if (ret) {
+ free(res->val);
+ res->val = NULL;
+ } else
+ res->len = idx; /* Now a count. */
+ return (ret);
+}
+
+static krb5_error_code
+get_addrs_int (krb5_context context, krb5_addresses *res, int flags)
+{
+ krb5_error_code ret = -1;
+
+ if (flags & SCAN_INTERFACES) {
+ ret = find_all_addresses (context, res, flags);
+ if(ret || res->len == 0)
+ ret = gethostname_fallback (context, res);
+ } else {
+ res->len = 0;
+ res->val = NULL;
+ ret = 0;
+ }
+
+ if(ret == 0 && (flags & EXTRA_ADDRESSES)) {
+ krb5_addresses a;
+ /* append user specified addresses */
+ ret = krb5_get_extra_addresses(context, &a);
+ if(ret) {
+ krb5_free_addresses(context, res);
+ return ret;
+ }
+ ret = krb5_append_addresses(context, res, &a);
+ if(ret) {
+ krb5_free_addresses(context, res);
+ return ret;
+ }
+ krb5_free_addresses(context, &a);
+ }
+ if(res->len == 0) {
+ free(res->val);
+ res->val = NULL;
+ }
+ return ret;
+}
+
+/*
+ * Try to get all addresses, but return the one corresponding to
+ * `hostname' if we fail.
+ *
+ * Only include loopback address if there are no other.
+ */
+
+krb5_error_code KRB5_LIB_FUNCTION
+krb5_get_all_client_addrs (krb5_context context, krb5_addresses *res)
+{
+ int flags = LOOP_IF_NONE | EXTRA_ADDRESSES;
+
+ if (context->scan_interfaces)
+ flags |= SCAN_INTERFACES;
+
+ return get_addrs_int (context, res, flags);
+}
+
+/*
+ * Try to get all local addresses that a server should listen to.
+ * If that fails, we return the address corresponding to `hostname'.
+ */
+
+krb5_error_code KRB5_LIB_FUNCTION
+krb5_get_all_server_addrs (krb5_context context, krb5_addresses *res)
+{
+ return get_addrs_int (context, res, LOOP | SCAN_INTERFACES);
+}
$(heimdalsrcdir)/lib/krb5/free_host_realm.o \
$(heimdalsrcdir)/lib/krb5/generate_seq_number.o \
$(heimdalsrcdir)/lib/krb5/generate_subkey.o \
+ $(heimdalsrcdir)/lib/krb5/get_addrs.o \
$(heimdalsrcdir)/lib/krb5/get_cred.o \
$(heimdalsrcdir)/lib/krb5/get_default_principal.o \
$(heimdalsrcdir)/lib/krb5/get_default_realm.o \
#include "lib/socket/netif.h"
#include "param/param.h"
-/**
- get the list of IP addresses for configured interfaces
-*/
-krb5_error_code KRB5_LIB_FUNCTION krb5_get_all_client_addrs(krb5_context context, krb5_addresses *res)
-{
- int i;
- struct interface *ifaces;
-
- load_interfaces(NULL, lp_interfaces(global_loadparm), &ifaces);
-
- res->len = iface_count(ifaces);
- res->val = malloc_array_p(HostAddress, res->len);
- if (res->val == NULL) {
- talloc_free(ifaces);
- return ENOMEM;
- }
- for (i=0;i<res->len;i++) {
- const char *ip = iface_n_ip(ifaces, i);
- res->val[i].addr_type = AF_INET;
- res->val[i].address.length = 4;
- res->val[i].address.data = malloc(4);
- if (res->val[i].address.data == NULL) {
- talloc_free(ifaces);
- return ENOMEM;
- }
- ((struct in_addr *)res->val[i].address.data)->s_addr = inet_addr(ip);
- }
-
- talloc_free(ifaces);
-
- return 0;
-}
-
#include "heimdal/lib/krb5/krb5_locl.h"
const krb5_cc_ops krb5_scc_ops = {
= gensec_use_kerberos_mechs(conn, backends, conn->server_credentials);
int i, j = 0;
for (i = 0; ops && ops[i]; i++) {
+ if (!gensec_security_ops_enabled(ops[i], conn->lp_ctx))
+ continue;
+
if (ops[i]->sasl_name && ops[i]->server_start) {
char *sasl_name = talloc_strdup(conn, ops[i]->sasl_name);
#include "version.h"
#include "lib/cmdline/popt_common.h"
#include "param/param.h"
-#include "dynconfig/dynconfig.h"
/* Handle command line options:
* -d,--debuglevel
if (reason == POPT_CALLBACK_REASON_POST) {
if (lp_configfile(cmdline_lp_ctx) == NULL) {
- if (getenv("SMB_CONF_PATH"))
- lp_load(cmdline_lp_ctx, getenv("SMB_CONF_PATH"));
- else
- lp_load(cmdline_lp_ctx, dyn_CONFIGFILE);
+ lp_load_default(cmdline_lp_ctx);
}
/* Hook any 'every Samba program must do this, after
* the smb.conf is setup' functions here */
pname++;
if (reason == POPT_CALLBACK_REASON_PRE) {
- if (global_loadparm != NULL) {
- cmdline_lp_ctx = global_loadparm;
- } else {
- cmdline_lp_ctx = global_loadparm = loadparm_init(talloc_autofree_context());
- }
+ cmdline_lp_ctx = loadparm_init(talloc_autofree_context());
/* Hook for 'almost the first thing to do in a samba program' here */
/* setup for panics */
}
if (reason == POPT_CALLBACK_REASON_POST) {
- cli_credentials_guess(cmdline_credentials, global_loadparm);
+ cli_credentials_guess(cmdline_credentials, cmdline_lp_ctx);
if (!dont_ask) {
cli_credentials_set_cmdline_callbacks(cmdline_credentials);
PyAPI_DATA(PyTypeObject) messaging_Type;
PyAPI_DATA(PyTypeObject) irpc_ClientConnectionType;
+/* FIXME: This prototype should be in param/pyparam.h */
+struct loadparm_context *py_default_loadparm_context(TALLOC_CTX *mem_ctx);
+
static bool server_id_from_py(PyObject *object, struct server_id *server_id)
{
if (!PyTuple_Check(object)) {
ev = s4_event_context_init(ret->mem_ctx);
if (messaging_path == NULL) {
- messaging_path = lp_messaging_path(ret->mem_ctx, global_loadparm);
+ messaging_path = lp_messaging_path(ret->mem_ctx,
+ py_default_loadparm_context(ret->mem_ctx));
} else {
messaging_path = talloc_strdup(ret->mem_ctx, messaging_path);
}
ev = s4_event_context_init(ret->mem_ctx);
if (messaging_path == NULL) {
- messaging_path = lp_messaging_path(ret->mem_ctx, global_loadparm);
+ messaging_path = lp_messaging_path(ret->mem_ctx,
+ py_default_loadparm_context(ret->mem_ctx));
} else {
messaging_path = talloc_strdup(ret->mem_ctx, messaging_path);
}
struct dcerpc_pipe *p;
struct rpc_registry_context *rctx;
- dcerpc_init();
+ dcerpc_init(lp_ctx);
rctx = talloc(NULL, struct rpc_registry_context);
if (!(flags & SOCKET_FLAG_BLOCK) &&
type == SOCKET_TYPE_STREAM &&
- lp_parm_bool(global_loadparm, NULL, "socket", "testnonblock", false)) {
+ getenv("SOCKET_TESTNONBLOCK") != NULL) {
(*new_sock)->flags |= SOCKET_FLAG_TESTNONBLOCK;
}
DEBUG(1, ("OK : %s\n", msg)); \
}
-void wmi_init(struct com_context **ctx, struct cli_credentials *credentials)
+void wmi_init(struct com_context **ctx, struct cli_credentials *credentials,
+ struct loadparm_context *lp_ctx)
{
- dcerpc_init();
+ dcerpc_init(lp_ctx);
ndr_table_init();
/* FIXME: Register DCOM proxies? */
struct event_context *ev,
struct smbcli_options *options,
struct smbcli_session_options *session_options,
- struct smb_iconv_convenience *iconv_convenience)
+ struct smb_iconv_convenience *iconv_convenience,
+ struct gensec_settings *gensec_settings)
{
struct smbcli_tree *tree;
NTSTATUS status;
credentials, resolve_ctx, ev,
options,
session_options,
- iconv_convenience);
+ iconv_convenience,
+ gensec_settings);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
struct event_context *ev,
struct smbcli_options *options,
struct smbcli_session_options *session_options,
- struct smb_iconv_convenience *iconv_convenience)
+ struct smb_iconv_convenience *iconv_convenience,
+ struct gensec_settings *gensec_settings)
{
struct smb_composite_connect io;
NTSTATUS status;
io.in.service = service;
io.in.service_type = service_type;
io.in.credentials = credentials;
+ io.in.gensec_settings = gensec_settings;
io.in.fallback_to_anonymous = false;
/* This workgroup gets sent out by the SPNEGO session setup.
struct resolve_context;
struct cli_credentials;
+struct gensec_settings;
/* default timeout for all smb requests */
#define SMB_REQUEST_TIMEOUT 60
const char *share;
const char **ports;
const char *socket_options;
+ struct gensec_settings *gensec_settings;
struct smbcli_options options;
struct smb2_negprot negprot;
struct smb2_tree_connect tcon;
break;
}
- state->session = smb2_session_init(transport, lp_gensec_settings(transport, global_loadparm), state, true);
+ state->session = smb2_session_init(transport, state->gensec_settings, state, true);
if (composite_nomem(state->session, c)) return;
creq = smb2_session_setup_spnego_send(state->session, state->credentials);
struct cli_credentials *credentials,
struct event_context *ev,
struct smbcli_options *options,
- const char *socket_options)
+ const char *socket_options,
+ struct gensec_settings *gensec_settings)
{
struct composite_context *c;
struct smb2_connect_state *state;
if (composite_nomem(state->share, c)) return c;
state->resolve_ctx = talloc_reference(state, resolve_ctx);
state->socket_options = talloc_reference(state, socket_options);
- if (composite_nomem(state->socket_options, c)) return c;
+ state->gensec_settings = talloc_reference(state, gensec_settings);
ZERO_STRUCT(name);
name.name = host;
struct smb2_tree **tree,
struct event_context *ev,
struct smbcli_options *options,
- const char *socket_options)
+ const char *socket_options,
+ struct gensec_settings *gensec_settings)
{
struct composite_context *c = smb2_connect_send(mem_ctx, host, ports,
share, resolve_ctx,
credentials, ev, options,
- socket_options);
+ socket_options,
+ gensec_settings);
return smb2_connect_recv(c, mem_ctx, tree);
}
state->io_setup->in.capabilities = state->transport->negotiate.capabilities;
state->io_setup->in.credentials = io->in.credentials;
state->io_setup->in.workgroup = io->in.workgroup;
- state->io_setup->in.gensec_settings = lp_gensec_settings(state->io_setup, global_loadparm);
+ state->io_setup->in.gensec_settings = io->in.gensec_settings;
state->creq = smb_composite_sesssetup_send(state->session, state->io_setup);
NT_STATUS_HAVE_NO_MEMORY(state->creq);
state = talloc_zero(c, struct connect_state);
if (state == NULL) goto failed;
+ if (io->in.gensec_settings == NULL) goto failed;
state->io = io;
c->state = COMPOSITE_STATE_IN_PROGRESS;
state->connect->in.credentials = io->in.credentials;
state->connect->in.fallback_to_anonymous = false;
state->connect->in.workgroup = io->in.workgroup;
+ state->connect->in.gensec_settings = io->in.gensec_settings;
state->connect->in.iconv_convenience = io->in.iconv_convenience;
state->connect->in.options = io->in.options;
state->connect->in.fallback_to_anonymous = false;
state->connect->in.workgroup = io->in.workgroup;
state->connect->in.iconv_convenience = io->in.iconv_convenience;
+ state->connect->in.gensec_settings = io->in.gensec_settings;
state->connect->in.options = tree->session->transport->options;
state->connect->in.session_options = tree->session->options;
status = gensec_start_mech_by_oid(session->gensec, chosen_oid);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to start set GENSEC client mechanism %s: %s\n",
- gensec_get_name_by_oid(chosen_oid), nt_errstr(status)));
+ gensec_get_name_by_oid(session->gensec, chosen_oid), nt_errstr(status)));
chosen_oid = GENSEC_OID_NTLMSSP;
status = gensec_start_mech_by_oid(session->gensec, chosen_oid);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to start set (fallback) GENSEC client mechanism %s: %s\n",
- gensec_get_name_by_oid(chosen_oid), nt_errstr(status)));
+ gensec_get_name_by_oid(session->gensec, chosen_oid),
+ nt_errstr(status)));
return status;
}
}
status = gensec_start_mech_by_oid(session->gensec, chosen_oid);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to start set GENSEC client mechanism %s: %s\n",
- gensec_get_name_by_oid(chosen_oid), nt_errstr(status)));
+ gensec_get_name_by_oid(session->gensec, chosen_oid), nt_errstr(status)));
}
}
if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED) &&
!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed initial gensec_update with mechanism %s: %s\n",
- gensec_get_name_by_oid(chosen_oid), nt_errstr(status)));
+ gensec_get_name_by_oid(session->gensec, chosen_oid),
+ nt_errstr(status)));
return status;
}
state->gensec_status = status;
struct smbcli_session_options session_options;
struct resolve_context *resolve_ctx;
struct smb_iconv_convenience *iconv_convenience;
+ struct gensec_settings *gensec_settings;
} in;
struct {
uint8_t *data;
struct smbcli_options options;
struct smbcli_session_options session_options;
struct smb_iconv_convenience *iconv_convenience;
+ struct gensec_settings *gensec_settings;
} in;
struct {
struct smbcli_tree *tree;
const char *workgroup;
enum smb_fsinfo_level level;
struct smb_iconv_convenience *iconv_convenience;
+ struct gensec_settings *gensec_settings;
} in;
struct {
*/
#include "includes.h"
-#include "param/param.h"
#include "librpc/ndr/libndr.h"
/* This map was extracted by the ERRMAPEXTRACT smbtorture command.
{NT_STATUS(0x80000025), W_ERROR(0x962)},
{NT_STATUS(0x80000288), W_ERROR(0x48d)},
{NT_STATUS(0x80000289), W_ERROR(0x48e)},
- {NT_STATUS_OK, WERR_OK}};
+ {NT_STATUS_OK, WERR_OK}
+};
+bool ntstatus_check_dos_mapping = true;
/*
check if a DOS encoded NTSTATUS code maps to the given NTSTATUS code
the mapping of dos codes, as we want to catch the cases where
a forced dos code is needed
*/
- if (lp_nt_status_support(global_loadparm)) {
+ if (ntstatus_check_dos_mapping) {
return NT_STATUS_V(status1) == NT_STATUS_V(status2);
}
#include "lib/events/events.h"
#include "param/param.h"
+/* FIXME: This prototype should be in param/pyparam.h */
+struct loadparm_context *py_default_loadparm_context(TALLOC_CTX *mem_ctx);
+
static struct libnet_context *py_net_ctx(PyObject *obj, struct event_context *ev)
{
/* FIXME: Use obj */
- return libnet_context_init(ev, global_loadparm);
+ return libnet_context_init(ev, py_default_loadparm_context(NULL));
}
static PyObject *py_net_join(PyObject *cls, PyObject *args, PyObject *kwargs)
#include "auth/gensec/gensec.h"
#include "param/param.h"
-_PUBLIC_ NTSTATUS dcerpc_init(void)
+_PUBLIC_ NTSTATUS dcerpc_init(struct loadparm_context *lp_ctx)
{
- return gensec_init(global_loadparm);
+ return gensec_init(lp_ctx);
}
static void dcerpc_connection_dead(struct dcerpc_connection *conn, NTSTATUS status);
struct loadparm_context *lp_ctx,
uint8_t auth_level);
struct event_context *dcerpc_event_context(struct dcerpc_pipe *p);
-NTSTATUS dcerpc_init(void);
+NTSTATUS dcerpc_init(struct loadparm_context *lp_ctx);
struct smbcli_tree *dcerpc_smb_tree(struct dcerpc_connection *c);
uint16_t dcerpc_smb_fnum(struct dcerpc_connection *c);
NTSTATUS dcerpc_secondary_context(struct dcerpc_pipe *p,
auth_type, auth_level);
if (!NT_STATUS_IS_OK(c->status)) {
DEBUG(1, ("Failed to start GENSEC client mechanism %s: %s\n",
- gensec_get_name_by_authtype(auth_type),
+ gensec_get_name_by_authtype(sec->generic_state, auth_type),
nt_errstr(c->status)));
composite_error(c, c->status);
return c;
conn->in.service = "IPC$";
conn->in.service_type = NULL;
conn->in.workgroup = lp_workgroup(lp_ctx);
-
+ conn->in.gensec_settings = lp_gensec_settings(conn, lp_ctx);
conn->in.iconv_convenience = lp_iconv_convenience(lp_ctx);
lp_smbcli_options(lp_ctx, &conn->in.options);
s->io.creds,
c->event_ctx,
&options,
- lp_socket_options(lp_ctx)
+ lp_socket_options(lp_ctx),
+ lp_gensec_settings(mem_ctx, lp_ctx)
);
composite_continue(c, conn_req, continue_smb2_connect, c);
return c;
io.in.service = remote_share;
io.in.service_type = "?????";
io.in.iconv_convenience = lp_iconv_convenience(ntvfs->ctx->lp_ctx);
+ io.in.gensec_settings = lp_gensec_settings(private, ntvfs->ctx->lp_ctx);
lp_smbcli_options(ntvfs->ctx->lp_ctx, &io.in.options);
lp_smbcli_session_options(ntvfs->ctx->lp_ctx, &io.in.session_options);
lp_resolve_context(ntvfs->ctx->lp_ctx),
credentials,
ntvfs->ctx->event_ctx, &options,
- lp_socket_options(ntvfs->ctx->lp_ctx)
+ lp_socket_options(ntvfs->ctx->lp_ctx),
+ lp_gensec_settings(private, ntvfs->ctx->lp_ctx)
);
status = smb2_connect_recv(creq, private, &tree);
/* maybe setup the inotify fd */
if (ctx->private_data == NULL) {
NTSTATUS status;
- if (!lp_parm_bool(global_loadparm, NULL, "notify", "inotify", true)) {
- return NT_STATUS_INVALID_SYSTEM_SERVICE;
- }
-
status = inotify_setup(ctx);
NT_STATUS_NOT_OK_RETURN(status);
}
}
for (i=0;i<num_backends;i++) {
+ char *enable_opt_name;
+ bool enabled;
+
+ enable_opt_name = talloc_asprintf(mem_ctx, "notify:%s",
+ backends[i].name);
+ enabled = share_bool_option(scfg, enable_opt_name, true);
+ talloc_free(enable_opt_name);
+
+ if (!enabled)
+ continue;
+
if (strcasecmp(backends[i].name, bname) == 0) {
bname = backends[i].name;
break;
};
-struct loadparm_context *global_loadparm = NULL;
-
#define NUMPARAMETERS (sizeof(parm_table) / sizeof(struct parm_struct))
bool lp_load_default(struct loadparm_context *lp_ctx)
{
- return lp_load(lp_ctx, dyn_CONFIGFILE);
+ if (getenv("SMB_CONF_PATH"))
+ return lp_load(lp_ctx, getenv("SMB_CONF_PATH"));
+ else
+ return lp_load(lp_ctx, dyn_CONFIGFILE);
}
/**
reload_charcnv(lp_ctx);
+ /* FIXME: ntstatus_check_dos_mapping = lp_nt_status_support(lp_ctx); */
+
+ /* FIXME: This is a bit of a hack, but we can't use a global, since
+ * not everything that uses lp also uses the socket library */
+ if (lp_parm_bool(lp_ctx, NULL, "socket", "testnonblock", false)) {
+ setenv("SOCKET_TESTNONBLOCK", "1", 1);
+ } else {
+ unsetenv("SOCKET_TESTNONBLOCK");
+ }
+
/* FIXME: Check locale in environment for this: */
if (strcmp(lp_display_charset(lp_ctx), lp_unix_charset(lp_ctx)) != 0)
d_set_iconv(smb_iconv_open(lp_display_charset(lp_ctx), lp_unix_charset(lp_ctx)));
struct gensec_settings *settings = talloc(mem_ctx, struct gensec_settings);
if (settings == NULL)
return NULL;
+ SMB_ASSERT(lp_ctx != NULL);
settings->lp_ctx = talloc_reference(settings, lp_ctx);
settings->iconv_convenience = lp_iconv_convenience(lp_ctx);
settings->target_hostname = lp_parm_string(lp_ctx, NULL, "gensec", "target_hostname");
void reload_charcnv(struct loadparm_context *lp_ctx);
-extern _DEPRECATED_ struct loadparm_context *global_loadparm;
-
struct loadparm_service *lp_default_service(struct loadparm_context *lp_ctx);
struct parm_struct *lp_parm_table(void);
int lp_server_role(struct loadparm_context *);
return lp_ctx;
}
+struct loadparm_context *py_default_loadparm_context(TALLOC_CTX *mem_ctx)
+{
+ struct loadparm_context *ret;
+ ret = loadparm_init(mem_ctx);
+ if (!lp_load_default(ret))
+ return NULL;
+ return ret;
+}
+
%}
return lp_ctx;
}
+struct loadparm_context *py_default_loadparm_context(TALLOC_CTX *mem_ctx)
+{
+ struct loadparm_context *ret;
+ ret = loadparm_init(mem_ctx);
+ if (!lp_load_default(ret))
+ return NULL;
+ return ret;
+}
+
#ifdef __cplusplus
extern "C" {
status = gensec_start_mech_by_oid(gensec_ctx, req->smb_conn->negotiate.oid);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to start GENSEC %s server code: %s\n",
- gensec_get_name_by_oid(req->smb_conn->negotiate.oid), nt_errstr(status)));
+ gensec_get_name_by_oid(gensec_ctx, req->smb_conn->negotiate.oid), nt_errstr(status)));
goto failed;
}
const char *os2_fname = ".+,;=[].";
const char *dname = "samba3_errordir";
union smb_open io;
- TALLOC_CTX *mem_ctx = talloc_init("samba3_errorpaths");
NTSTATUS status;
- if (mem_ctx == NULL) {
- torture_comment(tctx, "talloc_init failed\n");
- return false;
- }
-
nt_status_support = lp_nt_status_support(tctx->lp_ctx);
if (!lp_set_cmdline(tctx->lp_ctx, "nt status support", "yes")) {
io.ntcreatex.in.security_flags = 0;
io.ntcreatex.in.fname = dname;
- status = smb_raw_open(cli_nt->tree, mem_ctx, &io);
+ status = smb_raw_open(cli_nt->tree, tctx, &io);
if (!NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION)) {
torture_comment(tctx, "(%s) incorrect status %s should be %s\n",
__location__, nt_errstr(status),
nt_errstr(NT_STATUS_OBJECT_NAME_COLLISION));
goto fail;
}
- status = smb_raw_open(cli_dos->tree, mem_ctx, &io);
+ status = smb_raw_open(cli_dos->tree, tctx, &io);
if (!NT_STATUS_EQUAL(status, NT_STATUS_DOS(ERRDOS, ERRfilexists))) {
torture_comment(tctx, "(%s) incorrect status %s should be %s\n",
__location__, nt_errstr(status),
}
io.ntcreatex.in.create_options = NTCREATEX_OPTIONS_DIRECTORY;
- status = smb_raw_open(cli_nt->tree, mem_ctx, &io);
+ status = smb_raw_open(cli_nt->tree, tctx, &io);
if (!NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION)) {
torture_comment(tctx, "(%s) incorrect status %s should be %s\n",
__location__, nt_errstr(status),
goto fail;
}
- status = smb_raw_open(cli_dos->tree, mem_ctx, &io);
+ status = smb_raw_open(cli_dos->tree, tctx, &io);
if (!NT_STATUS_EQUAL(status, NT_STATUS_DOS(ERRDOS, ERRfilexists))) {
torture_comment(tctx, "(%s) incorrect status %s should be %s\n",
__location__, nt_errstr(status),
io.ntcreatex.in.fname = fname;
io.ntcreatex.in.flags = 0;
- status = smb_raw_open(cli_nt->tree, mem_ctx, &io);
+ status = smb_raw_open(cli_nt->tree, tctx, &io);
if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_A_DIRECTORY)) {
torture_comment(tctx, "ntcreate as dir gave %s, "
"expected NT_STATUS_NOT_A_DIRECTORY\n",
smbcli_close(cli_nt->tree, io.ntcreatex.out.file.fnum);
}
- status = smb_raw_open(cli_dos->tree, mem_ctx, &io);
+ status = smb_raw_open(cli_dos->tree, tctx, &io);
if (!NT_STATUS_EQUAL(status, NT_STATUS_DOS(ERRDOS,
ERRbaddirectory))) {
torture_comment(tctx, "ntcreate as dir gave %s, "
smb->in.credentials=cmdline_credentials;
smb->in.fallback_to_anonymous=false;
smb->in.iconv_convenience = lp_iconv_convenience(tctx->lp_ctx);
+ smb->in.gensec_settings = lp_gensec_settings(mem_ctx, tctx->lp_ctx);
smb->in.workgroup=workgroup;
lp_smbcli_options(tctx->lp_ctx, &smb->in.options);
lp_smbcli_session_options(tctx->lp_ctx, &smb->in.session_options);
servers[i].credentials,
&servers[i].smb2_tree[j],
ev, &smb_options,
- lp_socket_options(lp_ctx)
+ lp_socket_options(lp_ctx),
+ lp_gensec_settings(lp_ctx, lp_ctx)
);
} else {
status = smbcli_tree_full_connection(NULL,
lp_resolve_context(lp_ctx), ev,
&smb_options,
&smb_session_options,
- lp_iconv_convenience(lp_ctx));
+ lp_iconv_convenience(lp_ctx),
+ lp_gensec_settings(lp_ctx, lp_ctx));
}
if (!NT_STATUS_IS_OK(status)) {
printf("Failed to connect to \\\\%s\\%s - %s\n",
servers[snum],
lp_resolve_context(lp_ctx),
ev, &options, &session_options,
- lp_iconv_convenience(lp_ctx));
+ lp_iconv_convenience(lp_ctx),
+ lp_gensec_settings(mem_ctx, lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
sleep(2);
}
char *share, const char **ports,
struct smb_options *options,
struct smb_options *session_options,
+ struct gensec_settings *gensec_settings,
struct event_context *ev)
{
struct smbcli_state *c;
nt_status = smbcli_full_connection(NULL,
&c, myname, server_n, ports, share, NULL,
username, lp_workgroup(), password, ev,
- options, session_options);
+ options, session_options, gensec_settings);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("smbcli_full_connection failed with error %s\n", nt_errstr(nt_status)));
return NULL;
const char **ports,
struct smbcli_options *options,
struct smbcli_session_options *session_options,
+ struct gensec_settings *gensec_settings,
struct event_context *ev,
char *share1, char *share2)
{
smbcli_ulogoff(cli[server][conn]);
talloc_free(cli[server][conn]);
}
- cli[server][conn] = connect_one(mem_ctx, share[server], ports, options, session_options, ev);
+ cli[server][conn] = connect_one(mem_ctx, share[server], ports, options, session_options, gensec_settings, ev);
if (!cli[server][conn]) {
DEBUG(0,("Failed to connect to %s\n", share[server]));
exit(1);
const char **ports,
struct smbcli_options *options,
struct smbcli_session_options *session_options,
+ struct gensec_settings *gensec_settings,
struct event_context *ev)
{
struct smbcli_state *cli[NSERVERS][NCONNECTIONS];
recorded[n].needed = true;
}
- reconnect(mem_ctx, cli, nfs, fnum, ports, options, session_options, ev, share1, share2);
+ reconnect(mem_ctx, cli, nfs, fnum, ports, options, session_options, gensec_settings, ev, share1, share2);
open_files(cli, nfs, fnum);
n = retest(cli, nfs, fnum, numops);
}
close_files(cli, nfs, fnum);
- reconnect(mem_ctx, cli, nfs, fnum, ports, options, session_options, ev, share1, share2);
+ reconnect(mem_ctx, cli, nfs, fnum, ports, options, session_options, gensec_settings, ev, share1, share2);
open_files(cli, nfs, fnum);
showall = true;
n1 = retest(cli, nfs, fnum, n);
locking_init(1);
lp_smbcli_options(lp_ctx, &options);
lp_smbcli_session_options(lp_ctx, &session_options);
- test_locks(mem_ctx, share1, share2, nfspath1, nfspath2, lp_smb_ports(lp_ctx),
- &options, &session_options, ev);
+ test_locks(mem_ctx, share1, share2, nfspath1, nfspath2,
+ lp_smb_ports(lp_ctx),
+ &options, &session_options, lp_gensec_settings(lp_ctx), ev);
return(0);
}
const char *socket_options,
struct smbcli_options *options,
struct smbcli_session_options *session_options,
- struct smb_iconv_convenience *iconv_convenience)
+ struct smb_iconv_convenience *iconv_convenience,
+ struct gensec_settings *gensec_settings)
{
struct smbcli_state *c;
char *server;
socket_options,
cmdline_credentials, resolve_ctx, ev,
options, session_options,
- iconv_convenience);
+ iconv_convenience,
+ gensec_settings);
if (!NT_STATUS_IS_OK(status)) {
return NULL;
cli = connect_one(lp_resolve_context(lp_ctx), ev, mem_ctx, share,
lp_smb_ports(lp_ctx), lp_socket_options(lp_ctx),
&options, &session_options,
- lp_iconv_convenience(lp_ctx));
+ lp_iconv_convenience(lp_ctx),
+ lp_gensec_settings(mem_ctx, lp_ctx));
if (!cli) {
DEBUG(0,("Failed to connect to %s\n", share));
exit(1);
io2.in.filename = fname;
io2.in.resolve_ctx = lp_resolve_context(tctx->lp_ctx);
io2.in.iconv_convenience = lp_iconv_convenience(tctx->lp_ctx);
+ io2.in.gensec_settings = lp_gensec_settings(tctx, tctx->lp_ctx);
lp_smbcli_options(tctx->lp_ctx, &io2.in.options);
lp_smbcli_session_options(tctx->lp_ctx, &io2.in.session_options);
io1.in.workgroup = lp_workgroup(tctx->lp_ctx);
io1.in.level = RAW_QFS_OBJECTID_INFORMATION;
io1.in.iconv_convenience = lp_iconv_convenience(tctx->lp_ctx);
+ io1.in.gensec_settings = lp_gensec_settings(tctx, tctx->lp_ctx);
printf("testing parallel queryfsinfo [Object ID] with %d ops\n", torture_numops);
io->in.dest_host = state->dest_host;
io->in.dest_ports = state->dest_ports;
+ io->in.gensec_settings = lp_gensec_settings(state->mem_ctx, state->tctx->lp_ctx);
io->in.socket_options = lp_socket_options(state->tctx->lp_ctx);
io->in.called_name = state->called_name;
io->in.service = share;
io->in.credentials = cmdline_credentials;
io->in.fallback_to_anonymous = false;
io->in.workgroup = lp_workgroup(state->tctx->lp_ctx);
+ io->in.gensec_settings = lp_gensec_settings(state->mem_ctx, state->tctx->lp_ctx);
lp_smbcli_options(state->tctx->lp_ctx, &io->in.options);
lp_smbcli_session_options(state->tctx->lp_ctx, &io->in.session_options);
NULL, lp_socket_options(tctx->lp_ctx), cmdline_credentials,
lp_resolve_context(tctx->lp_ctx),
tctx->ev, &options, &session_options,
- lp_iconv_convenience(tctx->lp_ctx));
+ lp_iconv_convenience(tctx->lp_ctx),
+ lp_gensec_settings(tctx, tctx->lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
printf("Failed to open connection - %s\n", nt_errstr(status));
return false;
NULL, lp_socket_options(tctx->lp_ctx), cmdline_credentials,
lp_resolve_context(tctx->lp_ctx),
tctx->ev, &options, &session_options,
- lp_iconv_convenience(tctx->lp_ctx));
+ lp_iconv_convenience(tctx->lp_ctx),
+ lp_gensec_settings(tctx, tctx->lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
printf("failed to connect to //%s/%s: %s\n",
machine_account,
lp_resolve_context(torture->lp_ctx),
torture->ev, &options, &session_options,
- lp_iconv_convenience(torture->lp_ctx));
+ lp_iconv_convenience(torture->lp_ctx),
+ lp_gensec_settings(torture, torture->lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("%s failed to connect to IPC$ with workstation credentials\n",
TORTURE_NETBIOS_NAME));
machine_account,
lp_resolve_context(torture->lp_ctx),
torture->ev, &options, &session_options,
- lp_iconv_convenience(torture->lp_ctx));
+ lp_iconv_convenience(torture->lp_ctx),
+ lp_gensec_settings(torture, torture->lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("%s failed to connect to IPC$ with workstation credentials\n",
TORTURE_NETBIOS_NAME));
continue;
}
if (W_ERROR_IS_OK(r.out.result)) {
- const char *name = gensec_get_name_by_authtype(i);
+ const char *name = gensec_get_name_by_authtype(NULL, i);
ret = true;
if (name) {
printf("\tprinciple name for proto %u (%s) is '%s'\n",
NTSTATUS status;
struct dcerpc_binding *binding;
+ dcerpc_init(tctx->lp_ctx);
+
status = torture_rpc_binding(tctx, &binding);
if (NT_STATUS_IS_ERR(status))
return status;
{
struct torture_suite *suite = torture_suite_create(talloc_autofree_context(), "RPC");
- dcerpc_init();
-
ndr_table_init();
torture_suite_add_simple_test(suite, "LSA", torture_rpc_lsa);
cmdline_credentials,
lp_resolve_context(torture->lp_ctx),
torture->ev, &options, &session_options,
- lp_iconv_convenience(torture->lp_ctx));
+ lp_iconv_convenience(torture->lp_ctx),
+ lp_gensec_settings(torture, torture->lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
d_printf("smbcli_full_connection failed: %s\n",
nt_errstr(status));
cmdline_credentials,
lp_resolve_context(torture->lp_ctx),
torture->ev, &options, &session_options,
- lp_iconv_convenience(torture->lp_ctx));
+ lp_iconv_convenience(torture->lp_ctx),
+ lp_gensec_settings(torture, torture->lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
d_printf("smbcli_full_connection failed: %s\n",
nt_errstr(status));
anon_creds,
lp_resolve_context(torture->lp_ctx),
torture->ev, &options, &session_options,
- lp_iconv_convenience(torture->lp_ctx));
+ lp_iconv_convenience(torture->lp_ctx),
+ lp_gensec_settings(torture, torture->lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
d_printf("smbcli_full_connection failed: %s\n",
nt_errstr(status));
"IPC$", NULL, lp_socket_options(tctx->lp_ctx),
smb_creds, lp_resolve_context(tctx->lp_ctx),
tctx->ev, &options, &session_options,
- lp_iconv_convenience(tctx->lp_ctx));
+ lp_iconv_convenience(tctx->lp_ctx),
+ lp_gensec_settings(tctx, tctx->lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
d_printf("smbcli_full_connection failed: %s\n",
nt_errstr(status));
"IPC$", NULL, lp_socket_options(torture->lp_ctx), cmdline_credentials,
lp_resolve_context(torture->lp_ctx),
torture->ev, &options, &session_options,
- lp_iconv_convenience(torture->lp_ctx));
+ lp_iconv_convenience(torture->lp_ctx),
+ lp_gensec_settings(torture, torture->lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
d_printf("(%s) smbcli_full_connection failed: %s\n",
__location__, nt_errstr(status));
lp_socket_options(torture->lp_ctx), anon_creds,
lp_resolve_context(torture->lp_ctx),
torture->ev, &options, &session_options,
- lp_iconv_convenience(torture->lp_ctx));
+ lp_iconv_convenience(torture->lp_ctx),
+ lp_gensec_settings(torture, torture->lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
d_printf("(%s) anon smbcli_full_connection failed: %s\n",
__location__, nt_errstr(status));
share,
lp_resolve_context(torture->lp_ctx),
credentials, &tree, torture->ev, &options,
- lp_socket_options(torture->lp_ctx));
+ lp_socket_options(torture->lp_ctx),
+ lp_gensec_settings(torture, torture->lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
printf("Connection failed - %s\n", nt_errstr(status));
return false;
share,
lp_resolve_context(torture->lp_ctx),
credentials, &tree, torture->ev, &options,
- lp_socket_options(torture->lp_ctx));
+ lp_socket_options(torture->lp_ctx),
+ lp_gensec_settings(mem_ctx, torture->lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
printf("Connection failed - %s\n", nt_errstr(status));
return false;
lp_resolve_context(tctx->lp_ctx),
credentials, tree,
tctx->ev, &options,
- lp_socket_options(tctx->lp_ctx)
+ lp_socket_options(tctx->lp_ctx),
+ lp_gensec_settings(tctx, tctx->lp_ctx)
);
if (!NT_STATUS_IS_OK(status)) {
printf("Failed to connect to SMB2 share \\\\%s\\%s - %s\n",
#include "torture/smbtorture.h"
#include "../lib/util/dlinklist.h"
#include "librpc/rpc/dcerpc.h"
+#include "auth/gensec/gensec.h"
#include "param/param.h"
#include "auth/credentials/credentials.h"
torture->lp_ctx = cmdline_lp_ctx;
+ gensec_init(cmdline_lp_ctx);
+
if (argc_new == 0) {
printf("You must specify a test to run, or 'ALL'\n");
} else if (shell) {
cmdline_credentials,
lp_resolve_context(tctx->lp_ctx),
tctx->ev, &options, &session_options,
- lp_iconv_convenience(tctx->lp_ctx));
+ lp_iconv_convenience(tctx->lp_ctx),
+ lp_gensec_settings(tctx, tctx->lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
printf("failed to connect to //%s/%s: %s\n",
share, NULL, lp_socket_options(tctx->lp_ctx),
creds, lp_resolve_context(tctx->lp_ctx),
tctx->ev, &options, &session_options,
- lp_iconv_convenience(tctx->lp_ctx));
+ lp_iconv_convenience(tctx->lp_ctx),
+ lp_gensec_settings(tctx, tctx->lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
printf("failed to connect to //%s/%s: %s\n",
cmdline_credentials,
lp_resolve_context(tctx->lp_ctx),
ev, &options, &session_options,
- lp_iconv_convenience(tctx->lp_ctx));
+ lp_iconv_convenience(tctx->lp_ctx),
+ lp_gensec_settings(tctx, tctx->lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
printf("Failed to open connection - %s\n", nt_errstr(status));
return false;
return net_usage(ctx, argc, argv);
}
- dcerpc_init();
+ dcerpc_init(cmdline_lp_ctx);
ev = s4_event_context_init(NULL);
if (!ev) {