s3-libsmb: Fix error messages to correctly mention PLAINTEXT not LM

[nivanova/samba-autobuild/.git] / source3 / libsmb / cliconnect.c

diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index fe8c3a1631bf0b44420b1fddd2bf4b92a278bf3e..f46ce06e4c3ebc96493da6884a01bf2452f63d8f 100644 (file)
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -46,15 +46,15 @@
 *******************************************************/
 
 static NTSTATUS smb_bytes_talloc_string(TALLOC_CTX *mem_ctx,
-                                       char *inbuf,
+                                       const uint8_t *hdr,
                                        char **dest,
                                        uint8_t *src,
                                        size_t srclen,
                                        ssize_t *destlen)
 {
        *destlen = clistr_pull_talloc(mem_ctx,
-                               inbuf,
-                               SVAL(inbuf, smb_flg2),
+                               (const char *)hdr,
+                               SVAL(hdr, HDR_FLG2),
                                dest,
                                (char *)src,
                                srclen,
@@ -232,7 +232,7 @@ static void cli_session_setup_lanman2_done(struct tevent_req *subreq)
        struct cli_state *cli = state->cli;
        uint32_t num_bytes;
        uint8_t *in;
-       char *inbuf;
+       uint8_t *inhdr;
        uint8_t *bytes;
        uint8_t *p;
        NTSTATUS status;
@@ -248,14 +248,14 @@ static void cli_session_setup_lanman2_done(struct tevent_req *subreq)
                return;
        }
 
-       inbuf = (char *)in;
+       inhdr = in + NBT_HDR_SIZE;
        p = bytes;
 
-       cli_state_set_uid(state->cli, SVAL(inbuf, smb_uid));
+       cli_state_set_uid(state->cli, SVAL(inhdr, HDR_UID));
        cli->is_guestlogin = ((SVAL(vwv+2, 0) & 1) != 0);
 
        status = smb_bytes_talloc_string(cli,
-                                       inbuf,
+                                       inhdr,
                                        &cli->server_os,
                                        p,
                                        bytes+num_bytes-p,
@@ -268,7 +268,7 @@ static void cli_session_setup_lanman2_done(struct tevent_req *subreq)
        p += ret;
 
        status = smb_bytes_talloc_string(cli,
-                                       inbuf,
+                                       inhdr,
                                        &cli->server_type,
                                        p,
                                        bytes+num_bytes-p,
@@ -281,7 +281,7 @@ static void cli_session_setup_lanman2_done(struct tevent_req *subreq)
        p += ret;
 
        status = smb_bytes_talloc_string(cli,
-                                       inbuf,
+                                       inhdr,
                                        &cli->server_domain,
                                        p,
                                        bytes+num_bytes-p,
@@ -453,7 +453,7 @@ struct tevent_req *cli_session_setup_guest_send(TALLOC_CTX *mem_ctx,
                return NULL;
        }
 
-       status = cli_smb_req_send(subreq);
+       status = smb1cli_req_chain_submit(&subreq, 1);
        if (NT_STATUS_IS_OK(status)) {
                tevent_req_nterror(req, status);
                return tevent_req_post(req, ev);
@@ -470,7 +470,7 @@ static void cli_session_setup_guest_done(struct tevent_req *subreq)
        struct cli_state *cli = state->cli;
        uint32_t num_bytes;
        uint8_t *in;
-       char *inbuf;
+       uint8_t *inhdr;
        uint8_t *bytes;
        uint8_t *p;
        NTSTATUS status;
@@ -486,14 +486,14 @@ static void cli_session_setup_guest_done(struct tevent_req *subreq)
                return;
        }
 
-       inbuf = (char *)in;
+       inhdr = in + NBT_HDR_SIZE;
        p = bytes;
 
-       cli_state_set_uid(state->cli, SVAL(inbuf, smb_uid));
+       cli_state_set_uid(state->cli, SVAL(inhdr, HDR_UID));
        cli->is_guestlogin = ((SVAL(vwv+2, 0) & 1) != 0);
 
        status = smb_bytes_talloc_string(cli,
-                                       inbuf,
+                                       inhdr,
                                        &cli->server_os,
                                        p,
                                        bytes+num_bytes-p,
@@ -506,7 +506,7 @@ static void cli_session_setup_guest_done(struct tevent_req *subreq)
        p += ret;
 
        status = smb_bytes_talloc_string(cli,
-                                       inbuf,
+                                       inhdr,
                                        &cli->server_type,
                                        p,
                                        bytes+num_bytes-p,
@@ -519,7 +519,7 @@ static void cli_session_setup_guest_done(struct tevent_req *subreq)
        p += ret;
 
        status = smb_bytes_talloc_string(cli,
-                                       inbuf,
+                                       inhdr,
                                        &cli->server_domain,
                                        p,
                                        bytes+num_bytes-p,
@@ -674,7 +674,7 @@ static void cli_session_setup_plain_done(struct tevent_req *subreq)
        struct cli_state *cli = state->cli;
        uint32_t num_bytes;
        uint8_t *in;
-       char *inbuf;
+       uint8_t *inhdr;
        uint8_t *bytes;
        uint8_t *p;
        NTSTATUS status;
@@ -689,14 +689,14 @@ static void cli_session_setup_plain_done(struct tevent_req *subreq)
                return;
        }
 
-       inbuf = (char *)in;
+       inhdr = in + NBT_HDR_SIZE;
        p = bytes;
 
-       cli_state_set_uid(state->cli, SVAL(inbuf, smb_uid));
+       cli_state_set_uid(state->cli, SVAL(inhdr, HDR_UID));
        cli->is_guestlogin = ((SVAL(vwv+2, 0) & 1) != 0);
 
        status = smb_bytes_talloc_string(cli,
-                                       inbuf,
+                                       inhdr,
                                        &cli->server_os,
                                        p,
                                        bytes+num_bytes-p,
@@ -709,7 +709,7 @@ static void cli_session_setup_plain_done(struct tevent_req *subreq)
        p += ret;
 
        status = smb_bytes_talloc_string(cli,
-                                       inbuf,
+                                       inhdr,
                                        &cli->server_type,
                                        p,
                                        bytes+num_bytes-p,
@@ -722,7 +722,7 @@ static void cli_session_setup_plain_done(struct tevent_req *subreq)
        p += ret;
 
        status = smb_bytes_talloc_string(cli,
-                                       inbuf,
+                                       inhdr,
                                        &cli->server_domain,
                                        p,
                                        bytes+num_bytes-p,
@@ -1024,7 +1024,7 @@ static void cli_session_setup_nt1_done(struct tevent_req *subreq)
        struct cli_state *cli = state->cli;
        uint32_t num_bytes;
        uint8_t *in;
-       char *inbuf;
+       uint8_t *inhdr;
        uint8_t *bytes;
        uint8_t *p;
        NTSTATUS status;
@@ -1040,14 +1040,14 @@ static void cli_session_setup_nt1_done(struct tevent_req *subreq)
                return;
        }
 
-       inbuf = (char *)in;
+       inhdr = in + NBT_HDR_SIZE;
        p = bytes;
 
-       cli_state_set_uid(state->cli, SVAL(inbuf, smb_uid));
+       cli_state_set_uid(state->cli, SVAL(inhdr, HDR_UID));
        cli->is_guestlogin = ((SVAL(vwv+2, 0) & 1) != 0);
 
        status = smb_bytes_talloc_string(cli,
-                                       inbuf,
+                                       inhdr,
                                        &cli->server_os,
                                        p,
                                        bytes+num_bytes-p,
@@ -1059,7 +1059,7 @@ static void cli_session_setup_nt1_done(struct tevent_req *subreq)
        p += ret;
 
        status = smb_bytes_talloc_string(cli,
-                                       inbuf,
+                                       inhdr,
                                        &cli->server_type,
                                        p,
                                        bytes+num_bytes-p,
@@ -1071,7 +1071,7 @@ static void cli_session_setup_nt1_done(struct tevent_req *subreq)
        p += ret;
 
        status = smb_bytes_talloc_string(cli,
-                                       inbuf,
+                                       inhdr,
                                        &cli->server_domain,
                                        p,
                                        bytes+num_bytes-p,
@@ -1159,7 +1159,7 @@ struct cli_sesssetup_blob_state {
        struct iovec *recv_iov;
 
        NTSTATUS status;
-       char *inbuf;
+       uint8_t *inbuf;
        DATA_BLOB ret_blob;
 };
 
@@ -1295,7 +1295,8 @@ static void cli_sesssetup_blob_done(struct tevent_req *subreq)
        NTSTATUS status;
        uint8_t *p;
        uint16_t blob_length;
-       uint8_t *inbuf;
+       uint8_t *in;
+       uint8_t *inhdr;
        ssize_t ret;
 
        if (smbXcli_conn_protocol(state->cli->conn) >= PROTOCOL_SMB2_02) {
@@ -1303,7 +1304,7 @@ static void cli_sesssetup_blob_done(struct tevent_req *subreq)
                                                    &state->recv_iov,
                                                    &state->ret_blob);
        } else {
-               status = cli_smb_recv(subreq, state, &inbuf, 4, &wct, &vwv,
+               status = cli_smb_recv(subreq, state, &in, 4, &wct, &vwv,
                                      &num_bytes, &bytes);
                TALLOC_FREE(state->buf);
        }
@@ -1320,8 +1321,9 @@ static void cli_sesssetup_blob_done(struct tevent_req *subreq)
                goto next;
        }
 
-       state->inbuf = (char *)inbuf;
-       cli_state_set_uid(state->cli, SVAL(inbuf, smb_uid));
+       state->inbuf = in;
+       inhdr = in + NBT_HDR_SIZE;
+       cli_state_set_uid(state->cli, SVAL(inhdr, HDR_UID));
        cli->is_guestlogin = ((SVAL(vwv+2, 0) & 1) != 0);
 
        blob_length = SVAL(vwv+3, 0);
@@ -1334,7 +1336,7 @@ static void cli_sesssetup_blob_done(struct tevent_req *subreq)
        p = bytes + blob_length;
 
        status = smb_bytes_talloc_string(cli,
-                                       (char *)inbuf,
+                                       inhdr,
                                        &cli->server_os,
                                        p,
                                        bytes+num_bytes-p,
@@ -1347,7 +1349,7 @@ static void cli_sesssetup_blob_done(struct tevent_req *subreq)
        p += ret;
 
        status = smb_bytes_talloc_string(cli,
-                                       (char *)inbuf,
+                                       inhdr,
                                        &cli->server_type,
                                        p,
                                        bytes+num_bytes-p,
@@ -1360,7 +1362,7 @@ static void cli_sesssetup_blob_done(struct tevent_req *subreq)
        p += ret;
 
        status = smb_bytes_talloc_string(cli,
-                                       (char *)inbuf,
+                                       inhdr,
                                        &cli->server_domain,
                                        p,
                                        bytes+num_bytes-p,
@@ -1390,13 +1392,13 @@ next:
 static NTSTATUS cli_sesssetup_blob_recv(struct tevent_req *req,
                                        TALLOC_CTX *mem_ctx,
                                        DATA_BLOB *pblob,
-                                       char **pinbuf,
+                                       uint8_t **pinbuf,
                                        struct iovec **precv_iov)
 {
        struct cli_sesssetup_blob_state *state = tevent_req_data(
                req, struct cli_sesssetup_blob_state);
        NTSTATUS status;
-       char *inbuf;
+       uint8_t *inbuf;
        struct iovec *recv_iov;
 
        if (tevent_req_is_nterror(req, &status)) {
@@ -1503,7 +1505,7 @@ static void cli_session_setup_kerberos_done(struct tevent_req *subreq)
                subreq, struct tevent_req);
        struct cli_session_setup_kerberos_state *state = tevent_req_data(
                req, struct cli_session_setup_kerberos_state);
-       char *inbuf = NULL;
+       uint8_t *inbuf = NULL;
        struct iovec *recv_iov = NULL;
        NTSTATUS status;
 
@@ -1528,7 +1530,7 @@ static void cli_session_setup_kerberos_done(struct tevent_req *subreq)
        } else {
                if (smb1cli_conn_activate_signing(state->cli->conn, state->session_key_krb5,
                                           data_blob_null)
-                   && !smb1cli_conn_check_signing(state->cli->conn, (uint8_t *)inbuf, 1)) {
+                   && !smb1cli_conn_check_signing(state->cli->conn, inbuf, 1)) {
                        tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED);
                        return;
                }
@@ -1685,7 +1687,7 @@ static void cli_session_setup_ntlmssp_done(struct tevent_req *subreq)
        struct cli_session_setup_ntlmssp_state *state = tevent_req_data(
                req, struct cli_session_setup_ntlmssp_state);
        DATA_BLOB blob_in, msg_in, blob_out;
-       char *inbuf = NULL;
+       uint8_t *inbuf = NULL;
        struct iovec *recv_iov = NULL;
        bool parse_ret;
        NTSTATUS status;
@@ -1736,7 +1738,7 @@ static void cli_session_setup_ntlmssp_done(struct tevent_req *subreq)
                        if (smb1cli_conn_activate_signing(
                                    state->cli->conn, state->ntlmssp_state->session_key,
                                    data_blob_null)
-                           && !smb1cli_conn_check_signing(state->cli->conn, (uint8_t *)inbuf, 1)) {
+                           && !smb1cli_conn_check_signing(state->cli->conn, inbuf, 1)) {
                                tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED);
                                return;
                        }
@@ -2060,7 +2062,7 @@ NTSTATUS cli_session_setup(struct cli_state *cli,
 
                if ((sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) == 0 &&
                    !lp_client_plaintext_auth() && (*pass)) {
-                       DEBUG(1, ("Server requested LM password but 'client plaintext auth = no'"
+                       DEBUG(1, ("Server requested PLAINTEXT password but 'client plaintext auth = no'"
                                  " or 'client ntlmv2 auth = yes'\n"));
                        return NT_STATUS_ACCESS_DENIED;
                }
@@ -2099,7 +2101,7 @@ NTSTATUS cli_session_setup(struct cli_state *cli,
 
        if ((sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) == 0) {
                if (!lp_client_plaintext_auth() && (*pass)) {
-                       DEBUG(1, ("Server requested LM password but 'client plaintext auth = no'"
+                       DEBUG(1, ("Server requested PLAINTEXT password but 'client plaintext auth = no'"
                                  " or 'client ntlmv2 auth = yes'\n"));
                        return NT_STATUS_ACCESS_DENIED;
                }
@@ -2292,9 +2294,9 @@ struct tevent_req *cli_tcon_andx_create(TALLOC_CTX *mem_ctx,
                        uint8_t *tmp_pass;
 
                        if (!lp_client_plaintext_auth() && (*pass)) {
-                               DEBUG(1, ("Server requested plaintext "
+                               DEBUG(1, ("Server requested PLAINTEXT "
                                          "password but "
-                                         "'client lanman auth = no' or 'client ntlmv2 auth = yes'\n"));
+                                         "'client plaintext auth = no' or 'client ntlmv2 auth = yes'\n"));
                                goto access_denied;
                        }
 
@@ -2395,7 +2397,7 @@ struct tevent_req *cli_tcon_andx_send(TALLOC_CTX *mem_ctx,
        if (subreq == NULL) {
                return req;
        }
-       status = cli_smb_req_send(subreq);
+       status = smb1cli_req_chain_submit(&subreq, 1);
        if (!NT_STATUS_IS_OK(status)) {
                tevent_req_nterror(req, status);
                return tevent_req_post(req, ev);
@@ -2411,7 +2413,7 @@ static void cli_tcon_andx_done(struct tevent_req *subreq)
                req, struct cli_tcon_andx_state);
        struct cli_state *cli = state->cli;
        uint8_t *in;
-       char *inbuf;
+       uint8_t *inhdr;
        uint8_t wct;
        uint16_t *vwv;
        uint32_t num_bytes;
@@ -2426,12 +2428,12 @@ static void cli_tcon_andx_done(struct tevent_req *subreq)
                return;
        }
 
-       inbuf = (char *)in;
+       inhdr = in + NBT_HDR_SIZE;
 
        if (num_bytes) {
                if (clistr_pull_talloc(cli,
-                               inbuf,
-                               SVAL(inbuf, smb_flg2),
+                               (const char *)inhdr,
+                               SVAL(inhdr, HDR_FLG2),
                                &cli->dev,
                                bytes,
                                num_bytes,
@@ -2463,7 +2465,7 @@ static void cli_tcon_andx_done(struct tevent_req *subreq)
                cli->dfsroot = ((SVAL(vwv+2, 0) & SMB_SHARE_IN_DFS) != 0);
        }
 
-       cli->smb1.tid = SVAL(inbuf,smb_tid);
+       cli->smb1.tid = SVAL(inhdr, HDR_TID);
        tevent_req_done(req);
 }
 
@@ -2514,6 +2516,10 @@ NTSTATUS cli_tcon_andx(struct cli_state *cli, const char *share,
 NTSTATUS cli_tree_connect(struct cli_state *cli, const char *share,
                          const char *dev, const char *pass, int passlen)
 {
+       NTSTATUS status;
+       uint16_t max_xmit = 0;
+       uint16_t tid = 0;
+
        cli->share = talloc_strdup(cli, share);
        if (!cli->share) {
                return NT_STATUS_NO_MEMORY;
@@ -2523,7 +2529,17 @@ NTSTATUS cli_tree_connect(struct cli_state *cli, const char *share,
                return smb2cli_tcon(cli, share);
        }
 
-       return cli_tcon_andx(cli, share, dev, pass, passlen);
+       if (smbXcli_conn_protocol(cli->conn) >= PROTOCOL_LANMAN1) {
+               return cli_tcon_andx(cli, share, dev, pass, passlen);
+       }
+
+       status = cli_raw_tcon(cli, share, pass, dev, &max_xmit, &tid);
+       if (!NT_STATUS_IS_OK(status)) {
+               return status;
+       }
+       cli->smb1.tid = tid;
+
+       return NT_STATUS_OK;
 }
 
 /****************************************************************************
@@ -2821,8 +2837,8 @@ NTSTATUS cli_full_connection(struct cli_state **output_cli,
        }
 
        if (service) {
-               nt_status = cli_tcon_andx(cli, service, service_type, password,
-                                         pw_len);
+               nt_status = cli_tree_connect(cli, service, service_type,
+                                            password, pw_len);
                if (!NT_STATUS_IS_OK(nt_status)) {
                        DEBUG(1,("failed tcon_X with %s\n", nt_errstr(nt_status)));
                        cli_shutdown(cli);
@@ -2856,8 +2872,8 @@ NTSTATUS cli_raw_tcon(struct cli_state *cli,
        NTSTATUS status;
 
        if (!lp_client_plaintext_auth() && (*pass)) {
-               DEBUG(1, ("Server requested plaintext password but 'client "
-                         "plaintext auth' is disabled\n"));
+               DEBUG(1, ("Server requested PLAINTEXT password but 'client plaintext auth = no'"
+                         " or 'client ntlmv2 auth = yes'\n"));
                return NT_STATUS_ACCESS_DENIED;
        }