Unix SMB/CIFS implementation.
SMB client generic functions
Copyright (C) Andrew Tridgell 1994-1998
+ Copyright (C) Jeremy Allison 2007.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-#define NO_SYSLOG
-
#include "includes.h"
+extern int smb_read_error;
+
/****************************************************************************
Change the timeout (in milliseconds).
****************************************************************************/
should never go into a blocking read.
****************************************************************************/
-static BOOL client_receive_smb(int fd,char *buffer, unsigned int timeout)
+static ssize_t client_receive_smb(int fd,char *buffer, unsigned int timeout, size_t maxlen)
{
- BOOL ret;
+ ssize_t len;
for(;;) {
- ret = receive_smb(fd, buffer, timeout);
+ len = receive_smb_raw(fd, buffer, timeout, maxlen);
- if (!ret) {
+ if (len < 0) {
DEBUG(10,("client_receive_smb failed\n"));
show_msg(buffer);
- return ret;
+ return len;
}
/* Ignore session keepalive packets. */
break;
}
show_msg(buffer);
- return ret;
+ return len;
}
/****************************************************************************
BOOL cli_receive_smb(struct cli_state *cli)
{
- extern int smb_read_error;
- BOOL ret;
+ ssize_t len;
/* fd == -1 causes segfaults -- Tom (tom@ninja.nl) */
if (cli->fd == -1)
return False;
again:
- ret = client_receive_smb(cli->fd,cli->inbuf,cli->timeout);
+ len = client_receive_smb(cli->fd,cli->inbuf,cli->timeout, 0);
- if (ret) {
+ if (len > 0) {
/* it might be an oplock break request */
if (!(CVAL(cli->inbuf, smb_flg) & FLAG_REPLY) &&
CVAL(cli->inbuf,smb_com) == SMBlockingX &&
if (cli->oplock_handler) {
int fnum = SVAL(cli->inbuf,smb_vwv2);
unsigned char level = CVAL(cli->inbuf,smb_vwv3+1);
- if (!cli->oplock_handler(cli, fnum, level)) return False;
+ if (!cli->oplock_handler(cli, fnum, level)) {
+ return False;
+ }
}
/* try to prevent loops */
SCVAL(cli->inbuf,smb_com,0xFF);
}
/* If the server is not responding, note that now */
-
- if (!ret) {
+ if (len < 0) {
+ DEBUG(0, ("Receiving SMB: Server stopped responding\n"));
cli->smb_rw_error = smb_read_error;
close(cli->fd);
cli->fd = -1;
- return ret;
+ return False;
}
if (!cli_check_sign_mac(cli)) {
+ /*
+ * If we get a signature failure in sessionsetup, then
+ * the server sometimes just reflects the sent signature
+ * back to us. Detect this and allow the upper layer to
+ * retrieve the correct Windows error message.
+ */
+ if (CVAL(cli->outbuf,smb_com) == SMBsesssetupX &&
+ (smb_len(cli->inbuf) > (smb_ss_field + 8 - 4)) &&
+ (SVAL(cli->inbuf,smb_flg2) & FLAGS2_SMB_SECURITY_SIGNATURES) &&
+ memcmp(&cli->outbuf[smb_ss_field],&cli->inbuf[smb_ss_field],8) == 0 &&
+ cli_is_error(cli)) {
+
+ /*
+ * Reflected signature on login error.
+ * Set bad sig but don't close fd.
+ */
+ cli->smb_rw_error = READ_BAD_SIG;
+ return True;
+ }
+
DEBUG(0, ("SMB Signature verification failed on incoming packet!\n"));
cli->smb_rw_error = READ_BAD_SIG;
close(cli->fd);
return True;
}
+/****************************************************************************
+ Read the data portion of a readX smb.
+ The timeout is in milliseconds
+****************************************************************************/
+
+ssize_t cli_receive_smb_data(struct cli_state *cli, char *buffer, size_t len)
+{
+ if (cli->timeout > 0) {
+ return read_socket_with_timeout(cli->fd, buffer, len, len, cli->timeout);
+ } else {
+ return read_data(cli->fd, buffer, len);
+ }
+}
+
+/****************************************************************************
+ Read a smb readX header.
+****************************************************************************/
+
+BOOL cli_receive_smb_readX_header(struct cli_state *cli)
+{
+ ssize_t len, offset;
+
+ if (cli->fd == -1)
+ return False;
+
+ again:
+
+ /* Read up to the size of a readX header reply. */
+ len = client_receive_smb(cli->fd, cli->inbuf, cli->timeout, (smb_size - 4) + 24);
+
+ if (len > 0) {
+ /* it might be an oplock break request */
+ if (!(CVAL(cli->inbuf, smb_flg) & FLAG_REPLY) &&
+ CVAL(cli->inbuf,smb_com) == SMBlockingX &&
+ SVAL(cli->inbuf,smb_vwv6) == 0 &&
+ SVAL(cli->inbuf,smb_vwv7) == 0) {
+ ssize_t total_len = smb_len(cli->inbuf);
+
+ if (total_len > CLI_SAMBA_MAX_LARGE_READX_SIZE+SAFETY_MARGIN) {
+ goto read_err;
+ }
+
+ /* Read the rest of the data. */
+ if ((total_len - len > 0) &&
+ !cli_receive_smb_data(cli,cli->inbuf+len,total_len - len)) {
+ goto read_err;
+ }
+
+ if (cli->oplock_handler) {
+ int fnum = SVAL(cli->inbuf,smb_vwv2);
+ unsigned char level = CVAL(cli->inbuf,smb_vwv3+1);
+ if (!cli->oplock_handler(cli, fnum, level)) return False;
+ }
+ /* try to prevent loops */
+ SCVAL(cli->inbuf,smb_com,0xFF);
+ goto again;
+ }
+ }
+
+ /* If it's not the above size it probably was an error packet. */
+
+ if ((len == (smb_size - 4) + 24) && !cli_is_error(cli)) {
+ /* Check it's a non-chained readX reply. */
+ if (!(CVAL(cli->inbuf, smb_flg) & FLAG_REPLY) ||
+ (CVAL(cli->inbuf,smb_vwv0) != 0xFF) ||
+ (CVAL(cli->inbuf,smb_com) != SMBreadX)) {
+ /*
+ * We're not coping here with asnyc replies to
+ * other calls. Punt here - we need async client
+ * libs for this.
+ */
+ goto read_err;
+ }
+
+ /*
+ * We know it's a readX reply - ensure we've read the
+ * padding bytes also.
+ */
+
+ offset = SVAL(cli->inbuf,smb_vwv6);
+ if (offset > len) {
+ ssize_t ret;
+ size_t padbytes = offset - len;
+ ret = cli_receive_smb_data(cli,smb_buf(cli->inbuf),padbytes);
+ if (ret != padbytes) {
+ goto read_err;
+ }
+ }
+ }
+
+ return True;
+
+ read_err:
+
+ cli->smb_rw_error = smb_read_error = READ_ERROR;
+ close(cli->fd);
+ cli->fd = -1;
+ return False;
+}
+
+static ssize_t write_socket(int fd, const char *buf, size_t len)
+{
+ ssize_t ret=0;
+
+ DEBUG(6,("write_socket(%d,%d)\n",fd,(int)len));
+ ret = write_data(fd,buf,len);
+
+ DEBUG(6,("write_socket(%d,%d) wrote %d\n",fd,(int)len,(int)ret));
+ if(ret <= 0)
+ DEBUG(0,("write_socket: Error writing %d bytes to socket %d: ERRNO = %s\n",
+ (int)len, fd, strerror(errno) ));
+
+ return(ret);
+}
+
/****************************************************************************
Send an smb to a fd.
****************************************************************************/
if (cli->fd == -1)
return False;
- cli_caclulate_sign_mac(cli);
+ cli_calculate_sign_mac(cli);
len = smb_len(cli->outbuf) + 4;
}
nwritten += ret;
}
+ /* Increment the mid so we can tell between responses. */
+ cli->mid++;
+ if (!cli->mid)
+ cli->mid++;
return True;
}
SSVAL(cli->outbuf,smb_mid,cli->mid);
if (cli->protocol > PROTOCOL_CORE) {
uint16 flags2;
- SCVAL(cli->outbuf,smb_flg,0x8);
+ if (cli->case_sensitive) {
+ SCVAL(cli->outbuf,smb_flg,0x0);
+ } else {
+ /* Default setting, case insensitive. */
+ SCVAL(cli->outbuf,smb_flg,0x8);
+ }
flags2 = FLAGS2_LONG_PATH_COMPONENTS;
if (cli->capabilities & CAP_UNICODE)
flags2 |= FLAGS2_UNICODE_STRINGS;
+ if ((cli->capabilities & CAP_DFS) && cli->dfsroot)
+ flags2 |= FLAGS2_DFS_PATHNAMES;
if (cli->capabilities & CAP_STATUS32)
flags2 |= FLAGS2_32_BIT_ERROR_CODES;
if (cli->use_spnego)
Initialise credentials of a client structure.
****************************************************************************/
-void cli_init_creds(struct cli_state *cli, const struct ntuser_creds *usr)
+void cli_init_creds(struct cli_state *cli, const char *username, const char *domain, const char *password)
{
- /* copy_nt_creds(&cli->usr, usr); */
- fstrcpy(cli->domain , usr->domain);
- fstrcpy(cli->user_name, usr->user_name);
- memcpy(&cli->pwd, &usr->pwd, sizeof(usr->pwd));
- cli->ntlmssp_flags = usr->ntlmssp_flags;
- cli->ntlmssp_cli_flgs = usr != NULL ? usr->ntlmssp_flags : 0;
-
- DEBUG(10,("cli_init_creds: user %s domain %s flgs: %x\nntlmssp_cli_flgs:%x\n",
- cli->user_name, cli->domain,
- cli->ntlmssp_flags,cli->ntlmssp_cli_flgs));
+ fstrcpy(cli->domain, domain);
+ fstrcpy(cli->user_name, username);
+ pwd_set_cleartext(&cli->pwd, password);
+ if (!*username) {
+ cli->pwd.null_pwd = True;
+ }
+
+ DEBUG(10,("cli_init_creds: user %s domain %s\n", cli->user_name, cli->domain));
+}
+
+/****************************************************************************
+ Set the signing state (used from the command line).
+****************************************************************************/
+
+void cli_setup_signing_state(struct cli_state *cli, int signing_state)
+{
+ if (signing_state == Undefined)
+ return;
+
+ if (signing_state == False) {
+ cli->sign_info.allow_smb_signing = False;
+ cli->sign_info.mandatory_signing = False;
+ return;
+ }
+
+ cli->sign_info.allow_smb_signing = True;
+
+ if (signing_state == Required)
+ cli->sign_info.mandatory_signing = True;
}
/****************************************************************************
- Initialise a client structure.
+ Initialise a client structure. Always returns a malloc'ed struct.
****************************************************************************/
-struct cli_state *cli_initialise(struct cli_state *cli)
+struct cli_state *cli_initialise(void)
{
- BOOL alloced_cli = False;
+ struct cli_state *cli = NULL;
/* Check the effective uid - make sure we are not setuid */
if (is_setuid_root()) {
return NULL;
}
+ cli = SMB_MALLOC_P(struct cli_state);
if (!cli) {
- cli = (struct cli_state *)malloc(sizeof(*cli));
- if (!cli)
- return NULL;
- ZERO_STRUCTP(cli);
- alloced_cli = True;
+ return NULL;
}
- if (cli->initialised)
- cli_close_connection(cli);
-
ZERO_STRUCTP(cli);
cli->port = 0;
cli->timeout = 20000; /* Timeout is in milliseconds. */
cli->bufsize = CLI_BUFFER_SIZE+4;
cli->max_xmit = cli->bufsize;
- cli->outbuf = (char *)malloc(cli->bufsize+SAFETY_MARGIN);
- cli->inbuf = (char *)malloc(cli->bufsize+SAFETY_MARGIN);
+ cli->outbuf = (char *)SMB_MALLOC(cli->bufsize+SAFETY_MARGIN);
+ cli->inbuf = (char *)SMB_MALLOC(cli->bufsize+SAFETY_MARGIN);
cli->oplock_handler = cli_oplock_ack;
+ cli->case_sensitive = False;
+ cli->smb_rw_error = 0;
cli->use_spnego = lp_client_use_spnego();
- cli->capabilities = CAP_UNICODE | CAP_STATUS32;
+ cli->capabilities = CAP_UNICODE | CAP_STATUS32 | CAP_DFS;
/* Set the CLI_FORCE_DOSERR environment variable to test
client routines using DOS errors instead of STATUS32
if (lp_client_signing())
cli->sign_info.allow_smb_signing = True;
+
+ if (lp_client_signing() == Required)
+ cli->sign_info.mandatory_signing = True;
if (!cli->outbuf || !cli->inbuf)
goto error;
memset(cli->outbuf, 0, cli->bufsize);
memset(cli->inbuf, 0, cli->bufsize);
- /* just becouse we over-allocate, doesn't mean it's right to use it */
+
+#if defined(DEVELOPER)
+ /* just because we over-allocate, doesn't mean it's right to use it */
clobber_region(FUNCTION_MACRO, __LINE__, cli->outbuf+cli->bufsize, SAFETY_MARGIN);
clobber_region(FUNCTION_MACRO, __LINE__, cli->inbuf+cli->bufsize, SAFETY_MARGIN);
+#endif
/* initialise signing */
cli_null_set_signing(cli);
- cli->nt_pipe_fnum = 0;
- cli->saved_netlogon_pipe_fnum = 0;
-
cli->initialised = 1;
- cli->allocated = alloced_cli;
return cli;
SAFE_FREE(cli->inbuf);
SAFE_FREE(cli->outbuf);
+ SAFE_FREE(cli);
+ return NULL;
+}
- if (alloced_cli)
- SAFE_FREE(cli);
+/****************************************************************************
+ External interface.
+ Close an open named pipe over SMB. Free any authentication data.
+ Returns False if the cli_close call failed.
+ ****************************************************************************/
- return NULL;
+BOOL cli_rpc_pipe_close(struct rpc_pipe_client *cli)
+{
+ BOOL ret;
+
+ if (!cli) {
+ return False;
+ }
+
+ ret = cli_close(cli->cli, cli->fnum);
+
+ if (!ret) {
+ DEBUG(1,("cli_rpc_pipe_close: cli_close failed on pipe %s, "
+ "fnum 0x%x "
+ "to machine %s. Error was %s\n",
+ cli->pipe_name,
+ (int) cli->fnum,
+ cli->cli->desthost,
+ cli_errstr(cli->cli)));
+ }
+
+ if (cli->auth.cli_auth_data_free_func) {
+ (*cli->auth.cli_auth_data_free_func)(&cli->auth);
+ }
+
+ DEBUG(10,("cli_rpc_pipe_close: closed pipe %s to machine %s\n",
+ cli->pipe_name, cli->cli->desthost ));
+
+ DLIST_REMOVE(cli->cli->pipe_list, cli);
+ talloc_destroy(cli->mem_ctx);
+ return ret;
}
/****************************************************************************
- Close a client connection and free the memory without destroying cli itself.
+ Close all pipes open on this session.
****************************************************************************/
-void cli_close_connection(struct cli_state *cli)
+void cli_nt_pipes_close(struct cli_state *cli)
+{
+ struct rpc_pipe_client *cp, *next;
+
+ for (cp = cli->pipe_list; cp; cp = next) {
+ next = cp->next;
+ cli_rpc_pipe_close(cp);
+ }
+}
+
+/****************************************************************************
+ Shutdown a client structure.
+****************************************************************************/
+
+void cli_shutdown(struct cli_state *cli)
{
+ cli_nt_pipes_close(cli);
+
+ /*
+ * tell our peer to free his resources. Wihtout this, when an
+ * application attempts to do a graceful shutdown and calls
+ * smbc_free_context() to clean up all connections, some connections
+ * can remain active on the peer end, until some (long) timeout period
+ * later. This tree disconnect forces the peer to clean up, since the
+ * connection will be going away.
+ *
+ * Also, do not do tree disconnect when cli->smb_rw_error is DO_NOT_DO_TDIS
+ * the only user for this so far is smbmount which passes opened connection
+ * down to kernel's smbfs module.
+ */
+ if ( (cli->cnum != (uint16)-1) && (cli->smb_rw_error != DO_NOT_DO_TDIS ) ) {
+ cli_tdis(cli);
+ }
+
SAFE_FREE(cli->outbuf);
SAFE_FREE(cli->inbuf);
cli_free_signing_context(cli);
data_blob_free(&cli->secblob);
+ data_blob_free(&cli->user_session_key);
if (cli->mem_ctx) {
talloc_destroy(cli->mem_ctx);
cli->mem_ctx = NULL;
}
- if (cli->fd != -1)
+ if (cli->fd != -1) {
close(cli->fd);
+ }
cli->fd = -1;
cli->smb_rw_error = 0;
-}
-
-/****************************************************************************
- Shutdown a client structure.
-****************************************************************************/
-
-void cli_shutdown(struct cli_state *cli)
-{
- BOOL allocated = cli->allocated;
- cli_close_connection(cli);
- ZERO_STRUCTP(cli);
- if (allocated)
- free(cli);
+ SAFE_FREE(cli);
}
/****************************************************************************
return ret;
}
+/****************************************************************************
+ Set the case sensitivity flag on the packets. Returns old state.
+****************************************************************************/
+
+BOOL cli_set_case_sensitive(struct cli_state *cli, BOOL case_sensitive)
+{
+ BOOL ret = cli->case_sensitive;
+ cli->case_sensitive = case_sensitive;
+ return ret;
+}
+
/****************************************************************************
Send a keepalive packet to the server
****************************************************************************/
+
BOOL cli_send_keepalive(struct cli_state *cli)
{
if (cli->fd == -1) {
}
return True;
}
+
+/****************************************************************************
+ Send/receive a SMBecho command: ping the server
+****************************************************************************/
+
+BOOL cli_echo(struct cli_state *cli, uint16 num_echos,
+ unsigned char *data, size_t length)
+{
+ char *p;
+ int i;
+
+ SMB_ASSERT(length < 1024);
+
+ memset(cli->outbuf,'\0',smb_size);
+ set_message(cli->outbuf,1,length,True);
+ SCVAL(cli->outbuf,smb_com,SMBecho);
+ SSVAL(cli->outbuf,smb_tid,65535);
+ SSVAL(cli->outbuf,smb_vwv0,num_echos);
+ cli_setup_packet(cli);
+ p = smb_buf(cli->outbuf);
+ memcpy(p, data, length);
+ p += length;
+
+ cli_setup_bcc(cli, p);
+
+ cli_send_smb(cli);
+
+ for (i=0; i<num_echos; i++) {
+ if (!cli_receive_smb(cli)) {
+ return False;
+ }
+
+ if (cli_is_error(cli)) {
+ return False;
+ }
+ }
+
+ return True;
+}
git.samba.org / samba.git / blobdiff