search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
mount.cifs: check access of credential files before opening
[Samba.git] / source / libsmb / cliconnect.c
blob519d392e8ab78e4b41c4f4092b78b3eee46e215a
1 /*
2 Unix SMB/CIFS implementation.
3 client connect/disconnect routines
4 Copyright (C) Andrew Tridgell 1994-1998
5 Copyright (C) Andrew Bartlett 2001-2003
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 */
21
22 #include "includes.h"
23
24 extern pstring user_socket_options;
25
26 static const struct {
27 int prot;
28 const char *name;
29 } prots[] = {
30 {PROTOCOL_CORE,"PC NETWORK PROGRAM 1.0"},
31 {PROTOCOL_COREPLUS,"MICROSOFT NETWORKS 1.03"},
32 {PROTOCOL_LANMAN1,"MICROSOFT NETWORKS 3.0"},
33 {PROTOCOL_LANMAN1,"LANMAN1.0"},
34 {PROTOCOL_LANMAN2,"LM1.2X002"},
35 {PROTOCOL_LANMAN2,"DOS LANMAN2.1"},
36 {PROTOCOL_LANMAN2,"LANMAN2.1"},
37 {PROTOCOL_LANMAN2,"Samba"},
38 {PROTOCOL_NT1,"NT LANMAN 1.0"},
39 {PROTOCOL_NT1,"NT LM 0.12"},
40 {-1,NULL}
41 };
42
43 static const char *star_smbserver_name = "*SMBSERVER";
44
45 /**
46 * Set the user session key for a connection
47 * @param cli The cli structure to add it too
48 * @param session_key The session key used. (A copy of this is taken for the cli struct)
49 *
50 */
51
52 static void cli_set_session_key (struct cli_state *cli, const DATA_BLOB session_key)
53 {
54 cli->user_session_key = data_blob(session_key.data, session_key.length);
55 }
56
57 /****************************************************************************
58 Do an old lanman2 style session setup.
59 ****************************************************************************/
60
61 static NTSTATUS cli_session_setup_lanman2(struct cli_state *cli,
62 const char *user,
63 const char *pass, size_t passlen,
64 const char *workgroup)
65 {
66 DATA_BLOB session_key = data_blob(NULL, 0);
67 DATA_BLOB lm_response = data_blob(NULL, 0);
68 fstring pword;
69 char *p;
70
71 if (passlen > sizeof(pword)-1) {
72 return NT_STATUS_INVALID_PARAMETER;
73 }
74
75 /* LANMAN servers predate NT status codes and Unicode and ignore those
76 smb flags so we must disable the corresponding default capabilities
77 that would otherwise cause the Unicode and NT Status flags to be
78 set (and even returned by the server) */
79
80 cli->capabilities &= ~(CAP_UNICODE | CAP_STATUS32);
81
82 /* if in share level security then don't send a password now */
83 if (!(cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL))
84 passlen = 0;
85
86 if (passlen > 0 && (cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) && passlen != 24) {
87 /* Encrypted mode needed, and non encrypted password supplied. */
88 lm_response = data_blob(NULL, 24);
89 if (!SMBencrypt(pass, cli->secblob.data,(uchar *)lm_response.data)) {
90 DEBUG(1, ("Password is > 14 chars in length, and is therefore incompatible with Lanman authentication\n"));
91 return NT_STATUS_ACCESS_DENIED;
92 }
93 } else if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) && passlen == 24) {
94 /* Encrypted mode needed, and encrypted password supplied. */
95 lm_response = data_blob(pass, passlen);
96 } else if (passlen > 0) {
97 /* Plaintext mode needed, assume plaintext supplied. */
98 passlen = clistr_push(cli, pword, pass, sizeof(pword), STR_TERMINATE);
99 lm_response = data_blob(pass, passlen);
100 }
101
102 /* send a session setup command */
103 memset(cli->outbuf,'\0',smb_size);
104 set_message(cli->outbuf,10, 0, True);
105 SCVAL(cli->outbuf,smb_com,SMBsesssetupX);
106 cli_setup_packet(cli);
107
108 SCVAL(cli->outbuf,smb_vwv0,0xFF);
109 SSVAL(cli->outbuf,smb_vwv2,cli->max_xmit);
110 SSVAL(cli->outbuf,smb_vwv3,2);
111 SSVAL(cli->outbuf,smb_vwv4,1);
112 SIVAL(cli->outbuf,smb_vwv5,cli->sesskey);
113 SSVAL(cli->outbuf,smb_vwv7,lm_response.length);
114
115 p = smb_buf(cli->outbuf);
116 memcpy(p,lm_response.data,lm_response.length);
117 p += lm_response.length;
118 p += clistr_push(cli, p, user, -1, STR_TERMINATE|STR_UPPER);
119 p += clistr_push(cli, p, workgroup, -1, STR_TERMINATE|STR_UPPER);
120 p += clistr_push(cli, p, "Unix", -1, STR_TERMINATE);
121 p += clistr_push(cli, p, "Samba", -1, STR_TERMINATE);
122 cli_setup_bcc(cli, p);
123
124 if (!cli_send_smb(cli) || !cli_receive_smb(cli)) {
125 return cli_nt_error(cli);
126 }
127
128 show_msg(cli->inbuf);
129
130 if (cli_is_error(cli)) {
131 return cli_nt_error(cli);
132 }
133
134 /* use the returned vuid from now on */
135 cli->vuid = SVAL(cli->inbuf,smb_uid);
136 fstrcpy(cli->user_name, user);
137
138 if (session_key.data) {
139 /* Have plaintext orginal */
140 cli_set_session_key(cli, session_key);
141 }
142
143 return NT_STATUS_OK;
144 }
145
146 /****************************************************************************
147 Work out suitable capabilities to offer the server.
148 ****************************************************************************/
149
150 static uint32 cli_session_setup_capabilities(struct cli_state *cli)
151 {
152 uint32 capabilities = CAP_NT_SMBS;
153
154 if (!cli->force_dos_errors)
155 capabilities |= CAP_STATUS32;
156
157 if (cli->use_level_II_oplocks)
158 capabilities |= CAP_LEVEL_II_OPLOCKS;
159
160 capabilities |= (cli->capabilities & (CAP_UNICODE|CAP_LARGE_FILES|CAP_LARGE_READX|CAP_LARGE_WRITEX|CAP_DFS));
161 return capabilities;
162 }
163
164 /****************************************************************************
165 Do a NT1 guest session setup.
166 ****************************************************************************/
167
168 static NTSTATUS cli_session_setup_guest(struct cli_state *cli)
169 {
170 char *p;
171 uint32 capabilities = cli_session_setup_capabilities(cli);
172
173 memset(cli->outbuf, '\0', smb_size);
174 set_message(cli->outbuf,13,0,True);
175 SCVAL(cli->outbuf,smb_com,SMBsesssetupX);
176 cli_setup_packet(cli);
177
178 SCVAL(cli->outbuf,smb_vwv0,0xFF);
179 SSVAL(cli->outbuf,smb_vwv2,CLI_BUFFER_SIZE);
180 SSVAL(cli->outbuf,smb_vwv3,2);
181 SSVAL(cli->outbuf,smb_vwv4,cli->pid);
182 SIVAL(cli->outbuf,smb_vwv5,cli->sesskey);
183 SSVAL(cli->outbuf,smb_vwv7,0);
184 SSVAL(cli->outbuf,smb_vwv8,0);
185 SIVAL(cli->outbuf,smb_vwv11,capabilities);
186 p = smb_buf(cli->outbuf);
187 p += clistr_push(cli, p, "", -1, STR_TERMINATE); /* username */
188 p += clistr_push(cli, p, "", -1, STR_TERMINATE); /* workgroup */
189 p += clistr_push(cli, p, "Unix", -1, STR_TERMINATE);
190 p += clistr_push(cli, p, "Samba", -1, STR_TERMINATE);
191 cli_setup_bcc(cli, p);
192
193 if (!cli_send_smb(cli) || !cli_receive_smb(cli)) {
194 return cli_nt_error(cli);
195 }
196
197 show_msg(cli->inbuf);
198
199 if (cli_is_error(cli)) {
200 return cli_nt_error(cli);
201 }
202
203 cli->vuid = SVAL(cli->inbuf,smb_uid);
204
205 p = smb_buf(cli->inbuf);
206 p += clistr_pull(cli, cli->server_os, p, sizeof(fstring), -1, STR_TERMINATE);
207 p += clistr_pull(cli, cli->server_type, p, sizeof(fstring), -1, STR_TERMINATE);
208 p += clistr_pull(cli, cli->server_domain, p, sizeof(fstring), -1, STR_TERMINATE);
209
210 if (strstr(cli->server_type, "Samba")) {
211 cli->is_samba = True;
212 }
213
214 fstrcpy(cli->user_name, "");
215
216 return NT_STATUS_OK;
217 }
218
219 /****************************************************************************
220 Do a NT1 plaintext session setup.
221 ****************************************************************************/
222
223 static NTSTATUS cli_session_setup_plaintext(struct cli_state *cli,
224 const char *user, const char *pass,
225 const char *workgroup)
226 {
227 uint32 capabilities = cli_session_setup_capabilities(cli);
228 char *p;
229 fstring lanman;
230
231 fstr_sprintf( lanman, "Samba %s", SAMBA_VERSION_STRING);
232
233 memset(cli->outbuf, '\0', smb_size);
234 set_message(cli->outbuf,13,0,True);
235 SCVAL(cli->outbuf,smb_com,SMBsesssetupX);
236 cli_setup_packet(cli);
237
238 SCVAL(cli->outbuf,smb_vwv0,0xFF);
239 SSVAL(cli->outbuf,smb_vwv2,CLI_BUFFER_SIZE);
240 SSVAL(cli->outbuf,smb_vwv3,2);
241 SSVAL(cli->outbuf,smb_vwv4,cli->pid);
242 SIVAL(cli->outbuf,smb_vwv5,cli->sesskey);
243 SSVAL(cli->outbuf,smb_vwv8,0);
244 SIVAL(cli->outbuf,smb_vwv11,capabilities);
245 p = smb_buf(cli->outbuf);
246
247 /* check wether to send the ASCII or UNICODE version of the password */
248
249 if ( (capabilities & CAP_UNICODE) == 0 ) {
250 p += clistr_push(cli, p, pass, -1, STR_TERMINATE); /* password */
251 SSVAL(cli->outbuf,smb_vwv7,PTR_DIFF(p, smb_buf(cli->outbuf)));
252 } else {
253 /* For ucs2 passwords clistr_push calls ucs2_align, which causes
254 * the space taken by the unicode password to be one byte too
255 * long (as we're on an odd byte boundary here). Reduce the
256 * count by 1 to cope with this. Fixes smbclient against NetApp
257 * servers which can't cope. Fix from
258 * bryan.kolodziej@allenlund.com in bug #3840.
259 */
260 p += clistr_push(cli, p, pass, -1, STR_UNICODE|STR_TERMINATE); /* unicode password */
261 SSVAL(cli->outbuf,smb_vwv8,PTR_DIFF(p, smb_buf(cli->outbuf))-1);
262 }
263
264 p += clistr_push(cli, p, user, -1, STR_TERMINATE); /* username */
265 p += clistr_push(cli, p, workgroup, -1, STR_TERMINATE); /* workgroup */
266 p += clistr_push(cli, p, "Unix", -1, STR_TERMINATE);
267 p += clistr_push(cli, p, lanman, -1, STR_TERMINATE);
268 cli_setup_bcc(cli, p);
269
270 if (!cli_send_smb(cli) || !cli_receive_smb(cli)) {
271 return cli_nt_error(cli);
272 }
273
274 show_msg(cli->inbuf);
275
276 if (cli_is_error(cli)) {
277 return cli_nt_error(cli);
278 }
279
280 cli->vuid = SVAL(cli->inbuf,smb_uid);
281 p = smb_buf(cli->inbuf);
282 p += clistr_pull(cli, cli->server_os, p, sizeof(fstring), -1, STR_TERMINATE);
283 p += clistr_pull(cli, cli->server_type, p, sizeof(fstring), -1, STR_TERMINATE);
284 p += clistr_pull(cli, cli->server_domain, p, sizeof(fstring), -1, STR_TERMINATE);
285 fstrcpy(cli->user_name, user);
286
287 if (strstr(cli->server_type, "Samba")) {
288 cli->is_samba = True;
289 }
290
291 return NT_STATUS_OK;
292 }
293
294 /****************************************************************************
295 do a NT1 NTLM/LM encrypted session setup - for when extended security
296 is not negotiated.
297 @param cli client state to create do session setup on
298 @param user username
299 @param pass *either* cleartext password (passlen !=24) or LM response.
300 @param ntpass NT response, implies ntpasslen >=24, implies pass is not clear
301 @param workgroup The user's domain.
302 ****************************************************************************/
303
304 static NTSTATUS cli_session_setup_nt1(struct cli_state *cli, const char *user,
305 const char *pass, size_t passlen,
306 const char *ntpass, size_t ntpasslen,
307 const char *workgroup)
308 {
309 uint32 capabilities = cli_session_setup_capabilities(cli);
310 DATA_BLOB lm_response = data_blob(NULL, 0);
311 DATA_BLOB nt_response = data_blob(NULL, 0);
312 DATA_BLOB session_key = data_blob(NULL, 0);
313 NTSTATUS result;
314 char *p;
315
316 if (passlen == 0) {
317 /* do nothing - guest login */
318 } else if (passlen != 24) {
319 if (lp_client_ntlmv2_auth()) {
320 DATA_BLOB server_chal;
321 DATA_BLOB names_blob;
322 server_chal = data_blob(cli->secblob.data, MIN(cli->secblob.length, 8));
323
324 /* note that the 'workgroup' here is a best guess - we don't know
325 the server's domain at this point. The 'server name' is also
326 dodgy...
327 */
328 names_blob = NTLMv2_generate_names_blob(cli->called.name, workgroup);
329
330 if (!SMBNTLMv2encrypt(user, workgroup, pass, &server_chal,
331 &names_blob,
332 &lm_response, &nt_response, &session_key)) {
333 data_blob_free(&names_blob);
334 data_blob_free(&server_chal);
335 return NT_STATUS_ACCESS_DENIED;
336 }
337 data_blob_free(&names_blob);
338 data_blob_free(&server_chal);
339
340 } else {
341 uchar nt_hash[16];
342 E_md4hash(pass, nt_hash);
343
344 #ifdef LANMAN_ONLY
345 nt_response = data_blob(NULL, 0);
346 #else
347 nt_response = data_blob(NULL, 24);
348 SMBNTencrypt(pass,cli->secblob.data,nt_response.data);
349 #endif
350 /* non encrypted password supplied. Ignore ntpass. */
351 if (lp_client_lanman_auth()) {
352 lm_response = data_blob(NULL, 24);
353 if (!SMBencrypt(pass,cli->secblob.data, lm_response.data)) {
354 /* Oops, the LM response is invalid, just put
355 the NT response there instead */
356 data_blob_free(&lm_response);
357 lm_response = data_blob(nt_response.data, nt_response.length);
358 }
359 } else {
360 /* LM disabled, place NT# in LM field instead */
361 lm_response = data_blob(nt_response.data, nt_response.length);
362 }
363
364 session_key = data_blob(NULL, 16);
365 #ifdef LANMAN_ONLY
366 E_deshash(pass, session_key.data);
367 memset(&session_key.data[8], '\0', 8);
368 #else
369 SMBsesskeygen_ntv1(nt_hash, NULL, session_key.data);
370 #endif
371 }
372 #ifdef LANMAN_ONLY
373 cli_simple_set_signing(cli, session_key, lm_response);
374 #else
375 cli_simple_set_signing(cli, session_key, nt_response);
376 #endif
377 } else {
378 /* pre-encrypted password supplied. Only used for
379 security=server, can't do
380 signing because we don't have original key */
381
382 lm_response = data_blob(pass, passlen);
383 nt_response = data_blob(ntpass, ntpasslen);
384 }
385
386 /* send a session setup command */
387 memset(cli->outbuf,'\0',smb_size);
388
389 set_message(cli->outbuf,13,0,True);
390 SCVAL(cli->outbuf,smb_com,SMBsesssetupX);
391 cli_setup_packet(cli);
392
393 SCVAL(cli->outbuf,smb_vwv0,0xFF);
394 SSVAL(cli->outbuf,smb_vwv2,CLI_BUFFER_SIZE);
395 SSVAL(cli->outbuf,smb_vwv3,2);
396 SSVAL(cli->outbuf,smb_vwv4,cli->pid);
397 SIVAL(cli->outbuf,smb_vwv5,cli->sesskey);
398 SSVAL(cli->outbuf,smb_vwv7,lm_response.length);
399 SSVAL(cli->outbuf,smb_vwv8,nt_response.length);
400 SIVAL(cli->outbuf,smb_vwv11,capabilities);
401 p = smb_buf(cli->outbuf);
402 if (lm_response.length) {
403 memcpy(p,lm_response.data, lm_response.length); p += lm_response.length;
404 }
405 if (nt_response.length) {
406 memcpy(p,nt_response.data, nt_response.length); p += nt_response.length;
407 }
408 p += clistr_push(cli, p, user, -1, STR_TERMINATE);
409
410 /* Upper case here might help some NTLMv2 implementations */
411 p += clistr_push(cli, p, workgroup, -1, STR_TERMINATE|STR_UPPER);
412 p += clistr_push(cli, p, "Unix", -1, STR_TERMINATE);
413 p += clistr_push(cli, p, "Samba", -1, STR_TERMINATE);
414 cli_setup_bcc(cli, p);
415
416 if (!cli_send_smb(cli) || !cli_receive_smb(cli)) {
417 result = cli_nt_error(cli);
418 goto end;
419 }
420
421 /* show_msg(cli->inbuf); */
422
423 if (cli_is_error(cli)) {
424 result = cli_nt_error(cli);
425 goto end;
426 }
427
428 /* use the returned vuid from now on */
429 cli->vuid = SVAL(cli->inbuf,smb_uid);
430
431 p = smb_buf(cli->inbuf);
432 p += clistr_pull(cli, cli->server_os, p, sizeof(fstring), -1, STR_TERMINATE);
433 p += clistr_pull(cli, cli->server_type, p, sizeof(fstring), -1, STR_TERMINATE);
434 p += clistr_pull(cli, cli->server_domain, p, sizeof(fstring), -1, STR_TERMINATE);
435
436 if (strstr(cli->server_type, "Samba")) {
437 cli->is_samba = True;
438 }
439
440 fstrcpy(cli->user_name, user);
441
442 if (session_key.data) {
443 /* Have plaintext orginal */
444 cli_set_session_key(cli, session_key);
445 }
446
447 result = NT_STATUS_OK;
448 end:
449 data_blob_free(&lm_response);
450 data_blob_free(&nt_response);
451 data_blob_free(&session_key);
452 return result;
453 }
454
455 /****************************************************************************
456 Send a extended security session setup blob
457 ****************************************************************************/
458
459 static BOOL cli_session_setup_blob_send(struct cli_state *cli, DATA_BLOB blob)
460 {
461 uint32 capabilities = cli_session_setup_capabilities(cli);
462 char *p;
463
464 capabilities |= CAP_EXTENDED_SECURITY;
465
466 /* send a session setup command */
467 memset(cli->outbuf,'\0',smb_size);
468
469 set_message(cli->outbuf,12,0,True);
470 SCVAL(cli->outbuf,smb_com,SMBsesssetupX);
471
472 cli_setup_packet(cli);
473
474 SCVAL(cli->outbuf,smb_vwv0,0xFF);
475 SSVAL(cli->outbuf,smb_vwv2,CLI_BUFFER_SIZE);
476 SSVAL(cli->outbuf,smb_vwv3,2);
477 SSVAL(cli->outbuf,smb_vwv4,1);
478 SIVAL(cli->outbuf,smb_vwv5,0);
479 SSVAL(cli->outbuf,smb_vwv7,blob.length);
480 SIVAL(cli->outbuf,smb_vwv10,capabilities);
481 p = smb_buf(cli->outbuf);
482 memcpy(p, blob.data, blob.length);
483 p += blob.length;
484 p += clistr_push(cli, p, "Unix", -1, STR_TERMINATE);
485 p += clistr_push(cli, p, "Samba", -1, STR_TERMINATE);
486 cli_setup_bcc(cli, p);
487 return cli_send_smb(cli);
488 }
489
490 /****************************************************************************
491 Send a extended security session setup blob, returning a reply blob.
492 ****************************************************************************/
493
494 static DATA_BLOB cli_session_setup_blob_receive(struct cli_state *cli)
495 {
496 DATA_BLOB blob2 = data_blob(NULL, 0);
497 char *p;
498 size_t len;
499
500 if (!cli_receive_smb(cli))
501 return blob2;
502
503 show_msg(cli->inbuf);
504
505 if (cli_is_error(cli) && !NT_STATUS_EQUAL(cli_nt_error(cli),
506 NT_STATUS_MORE_PROCESSING_REQUIRED)) {
507 return blob2;
508 }
509
510 /* use the returned vuid from now on */
511 cli->vuid = SVAL(cli->inbuf,smb_uid);
512
513 p = smb_buf(cli->inbuf);
514
515 blob2 = data_blob(p, SVAL(cli->inbuf, smb_vwv3));
516
517 p += blob2.length;
518 p += clistr_pull(cli, cli->server_os, p, sizeof(fstring), -1, STR_TERMINATE);
519
520 /* w2k with kerberos doesn't properly null terminate this field */
521 len = smb_buflen(cli->inbuf) - PTR_DIFF(p, smb_buf(cli->inbuf));
522 p += clistr_pull(cli, cli->server_type, p, sizeof(fstring), len, 0);
523
524 return blob2;
525 }
526
527 #ifdef HAVE_KRB5
528 /****************************************************************************
529 Send a extended security session setup blob, returning a reply blob.
530 ****************************************************************************/
531
532 /* The following is calculated from :
533 * (smb_size-4) = 35
534 * (smb_wcnt * 2) = 24 (smb_wcnt == 12 in cli_session_setup_blob_send() )
535 * (strlen("Unix") + 1 + strlen("Samba") + 1) * 2 = 22 (unicode strings at
536 * end of packet.
537 */
538
539 #define BASE_SESSSETUP_BLOB_PACKET_SIZE (35 + 24 + 22)
540
541 static BOOL cli_session_setup_blob(struct cli_state *cli, DATA_BLOB blob)
542 {
543 int32 remaining = blob.length;
544 int32 cur = 0;
545 DATA_BLOB send_blob = data_blob(NULL, 0);
546 int32 max_blob_size = 0;
547 DATA_BLOB receive_blob = data_blob(NULL, 0);
548
549 if (cli->max_xmit < BASE_SESSSETUP_BLOB_PACKET_SIZE + 1) {
550 DEBUG(0,("cli_session_setup_blob: cli->max_xmit too small "
551 "(was %u, need minimum %u)\n",
552 (unsigned int)cli->max_xmit,
553 BASE_SESSSETUP_BLOB_PACKET_SIZE));
554 cli_set_nt_error(cli, NT_STATUS_INVALID_PARAMETER);
555 return False;
556 }
557
558 max_blob_size = cli->max_xmit - BASE_SESSSETUP_BLOB_PACKET_SIZE;
559
560 while ( remaining > 0) {
561 if (remaining >= max_blob_size) {
562 send_blob.length = max_blob_size;
563 remaining -= max_blob_size;
564 } else {
565 send_blob.length = remaining;
566 remaining = 0;
567 }
568
569 send_blob.data = &blob.data[cur];
570 cur += send_blob.length;
571
572 DEBUG(10, ("cli_session_setup_blob: Remaining (%u) sending (%u) current (%u)\n",
573 (unsigned int)remaining,
574 (unsigned int)send_blob.length,
575 (unsigned int)cur ));
576
577 if (!cli_session_setup_blob_send(cli, send_blob)) {
578 DEBUG(0, ("cli_session_setup_blob: send failed\n"));
579 return False;
580 }
581
582 receive_blob = cli_session_setup_blob_receive(cli);
583 data_blob_free(&receive_blob);
584
585 if (cli_is_error(cli) &&
586 !NT_STATUS_EQUAL( cli_get_nt_error(cli),
587 NT_STATUS_MORE_PROCESSING_REQUIRED)) {
588 DEBUG(0, ("cli_session_setup_blob: recieve failed (%s)\n",
589 nt_errstr(cli_get_nt_error(cli)) ));
590 cli->vuid = 0;
591 return False;
592 }
593 }
594
595 return True;
596 }
597
598 /****************************************************************************
599 Use in-memory credentials cache
600 ****************************************************************************/
601
602 static void use_in_memory_ccache(void) {
603 setenv(KRB5_ENV_CCNAME, "MEMORY:cliconnect", 1);
604 }
605
606 /****************************************************************************
607 Do a spnego/kerberos encrypted session setup.
608 ****************************************************************************/
609
610 static ADS_STATUS cli_session_setup_kerberos(struct cli_state *cli, const char *principal, const char *workgroup)
611 {
612 DATA_BLOB negTokenTarg;
613 DATA_BLOB session_key_krb5;
614 DATA_BLOB null_blob = data_blob(NULL, 0);
615 NTSTATUS nt_status;
616 BOOL res;
617 int rc;
618
619 cli_temp_set_signing(cli);
620
621 DEBUG(2,("Doing kerberos session setup\n"));
622
623 /* generate the encapsulated kerberos5 ticket */
624 rc = spnego_gen_negTokenTarg(principal, 0, &negTokenTarg, &session_key_krb5, 0, NULL);
625
626 if (rc) {
627 DEBUG(1, ("cli_session_setup_kerberos: spnego_gen_negTokenTarg failed: %s\n",
628 error_message(rc)));
629 return ADS_ERROR_KRB5(rc);
630 }
631
632 #if 0
633 file_save("negTokenTarg.dat", negTokenTarg.data, negTokenTarg.length);
634 #endif
635
636 if (!cli_session_setup_blob(cli, negTokenTarg)) {
637 nt_status = cli_nt_error(cli);
638 goto nt_error;
639 }
640
641 if (cli_is_error(cli)) {
642 nt_status = cli_nt_error(cli);
643 if (NT_STATUS_IS_OK(nt_status)) {
644 nt_status = NT_STATUS_UNSUCCESSFUL;
645 }
646 goto nt_error;
647 }
648
649 cli_set_session_key(cli, session_key_krb5);
650
651 res = cli_simple_set_signing(cli, session_key_krb5, null_blob);
652 if (res) {
653 /* 'resign' the last message, so we get the right sequence numbers
654 for checking the first reply from the server */
655 cli_calculate_sign_mac(cli);
656
657 if (!cli_check_sign_mac(cli)) {
658 nt_status = NT_STATUS_ACCESS_DENIED;
659 goto nt_error;
660 }
661 }
662
663 data_blob_free(&negTokenTarg);
664 data_blob_free(&session_key_krb5);
665
666 return ADS_ERROR_NT(NT_STATUS_OK);
667
668 nt_error:
669 data_blob_free(&negTokenTarg);
670 data_blob_free(&session_key_krb5);
671 cli->vuid = 0;
672 return ADS_ERROR_NT(nt_status);
673 }
674 #endif /* HAVE_KRB5 */
675
676
677 /****************************************************************************
678 Do a spnego/NTLMSSP encrypted session setup.
679 ****************************************************************************/
680
681 static NTSTATUS cli_session_setup_ntlmssp(struct cli_state *cli, const char *user,
682 const char *pass, const char *domain)
683 {
684 struct ntlmssp_state *ntlmssp_state;
685 NTSTATUS nt_status;
686 int turn = 1;
687 DATA_BLOB msg1;
688 DATA_BLOB blob = data_blob(NULL, 0);
689 DATA_BLOB blob_in = data_blob(NULL, 0);
690 DATA_BLOB blob_out = data_blob(NULL, 0);
691
692 cli_temp_set_signing(cli);
693
694 if (!NT_STATUS_IS_OK(nt_status = ntlmssp_client_start(&ntlmssp_state))) {
695 return nt_status;
696 }
697 ntlmssp_want_feature(ntlmssp_state, NTLMSSP_FEATURE_SESSION_KEY);
698
699 if (!NT_STATUS_IS_OK(nt_status = ntlmssp_set_username(ntlmssp_state, user))) {
700 return nt_status;
701 }
702 if (!NT_STATUS_IS_OK(nt_status = ntlmssp_set_domain(ntlmssp_state, domain))) {
703 return nt_status;
704 }
705 if (!NT_STATUS_IS_OK(nt_status = ntlmssp_set_password(ntlmssp_state, pass))) {
706 return nt_status;
707 }
708
709 do {
710 nt_status = ntlmssp_update(ntlmssp_state,
711 blob_in, &blob_out);
712 data_blob_free(&blob_in);
713 if (NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED) || NT_STATUS_IS_OK(nt_status)) {
714 if (turn == 1) {
715 /* and wrap it in a SPNEGO wrapper */
716 msg1 = gen_negTokenInit(OID_NTLMSSP, blob_out);
717 } else {
718 /* wrap it in SPNEGO */
719 msg1 = spnego_gen_auth(blob_out);
720 }
721
722 /* now send that blob on its way */
723 if (!cli_session_setup_blob_send(cli, msg1)) {
724 DEBUG(3, ("Failed to send NTLMSSP/SPNEGO blob to server!\n"));
725 nt_status = NT_STATUS_UNSUCCESSFUL;
726 } else {
727 blob = cli_session_setup_blob_receive(cli);
728
729 nt_status = cli_nt_error(cli);
730 if (cli_is_error(cli) && NT_STATUS_IS_OK(nt_status)) {
731 if (cli->smb_rw_error == READ_BAD_SIG) {
732 nt_status = NT_STATUS_ACCESS_DENIED;
733 } else {
734 nt_status = NT_STATUS_UNSUCCESSFUL;
735 }
736 }
737 }
738 data_blob_free(&msg1);
739 }
740
741 if (!blob.length) {
742 if (NT_STATUS_IS_OK(nt_status)) {
743 nt_status = NT_STATUS_UNSUCCESSFUL;
744 }
745 } else if ((turn == 1) &&
746 NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
747 DATA_BLOB tmp_blob = data_blob(NULL, 0);
748 /* the server might give us back two challenges */
749 if (!spnego_parse_challenge(blob, &blob_in,
750 &tmp_blob)) {
751 DEBUG(3,("Failed to parse challenges\n"));
752 nt_status = NT_STATUS_INVALID_PARAMETER;
753 }
754 data_blob_free(&tmp_blob);
755 } else {
756 if (!spnego_parse_auth_response(blob, nt_status,
757 &blob_in)) {
758 DEBUG(3,("Failed to parse auth response\n"));
759 if (NT_STATUS_IS_OK(nt_status)
760 || NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED))
761 nt_status = NT_STATUS_INVALID_PARAMETER;
762 }
763 }
764 data_blob_free(&blob);
765 data_blob_free(&blob_out);
766 turn++;
767 } while (NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED));
768
769 data_blob_free(&blob_in);
770
771 if (NT_STATUS_IS_OK(nt_status)) {
772
773 DATA_BLOB key = data_blob(ntlmssp_state->session_key.data,
774 ntlmssp_state->session_key.length);
775 DATA_BLOB null_blob = data_blob(NULL, 0);
776 BOOL res;
777
778 fstrcpy(cli->server_domain, ntlmssp_state->server_domain);
779 cli_set_session_key(cli, ntlmssp_state->session_key);
780
781 res = cli_simple_set_signing(cli, key, null_blob);
782
783 data_blob_free(&key);
784
785 if (res) {
786
787 /* 'resign' the last message, so we get the right sequence numbers
788 for checking the first reply from the server */
789 cli_calculate_sign_mac(cli);
790
791 if (!cli_check_sign_mac(cli)) {
792 nt_status = NT_STATUS_ACCESS_DENIED;
793 }
794 }
795 }
796
797 /* we have a reference conter on ntlmssp_state, if we are signing
798 then the state will be kept by the signing engine */
799
800 ntlmssp_end(&ntlmssp_state);
801
802 if (!NT_STATUS_IS_OK(nt_status)) {
803 cli->vuid = 0;
804 }
805 return nt_status;
806 }
807
808 /****************************************************************************
809 Do a spnego encrypted session setup.
810
811 user_domain: The shortname of the domain the user/machine is a member of.
812 dest_realm: The realm we're connecting to, if NULL we use our default realm.
813 ****************************************************************************/
814
815 ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user,
816 const char *pass, const char *user_domain,
817 const char * dest_realm)
818 {
819 char *principal = NULL;
820 char *OIDs[ASN1_MAX_OIDS];
821 int i;
822 BOOL got_kerberos_mechanism = False;
823 DATA_BLOB blob;
824
825 DEBUG(3,("Doing spnego session setup (blob length=%lu)\n", (unsigned long)cli->secblob.length));
826
827 /* the server might not even do spnego */
828 if (cli->secblob.length <= 16) {
829 DEBUG(3,("server didn't supply a full spnego negprot\n"));
830 goto ntlmssp;
831 }
832
833 #if 0
834 file_save("negprot.dat", cli->secblob.data, cli->secblob.length);
835 #endif
836
837 /* there is 16 bytes of GUID before the real spnego packet starts */
838 blob = data_blob(cli->secblob.data+16, cli->secblob.length-16);
839
840 /* The server sent us the first part of the SPNEGO exchange in the
841 * negprot reply. It is WRONG to depend on the principal sent in the
842 * negprot reply, but right now we do it. If we don't receive one,
843 * we try to best guess, then fall back to NTLM. */
844 if (!spnego_parse_negTokenInit(blob, OIDs, &principal)) {
845 data_blob_free(&blob);
846 return ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
847 }
848 data_blob_free(&blob);
849
850 /* make sure the server understands kerberos */
851 for (i=0;OIDs[i];i++) {
852 DEBUG(3,("got OID=%s\n", OIDs[i]));
853 if (strcmp(OIDs[i], OID_KERBEROS5_OLD) == 0 ||
854 strcmp(OIDs[i], OID_KERBEROS5) == 0) {
855 got_kerberos_mechanism = True;
856 }
857 free(OIDs[i]);
858 }
859
860 DEBUG(3,("got principal=%s\n", principal ? principal : "<null>"));
861
862 fstrcpy(cli->user_name, user);
863
864 #ifdef HAVE_KRB5
865 /* If password is set we reauthenticate to kerberos server
866 * and do not store results */
867
868 if (got_kerberos_mechanism && cli->use_kerberos) {
869 ADS_STATUS rc;
870
871 if (pass && *pass) {
872 int ret;
873
874 use_in_memory_ccache();
875 ret = kerberos_kinit_password(user, pass, 0 /* no time correction for now */, NULL);
876
877 if (ret){
878 SAFE_FREE(principal);
879 DEBUG(0, ("Kinit failed: %s\n", error_message(ret)));
880 if (cli->fallback_after_kerberos)
881 goto ntlmssp;
882 return ADS_ERROR_KRB5(ret);
883 }
884 }
885
886 /* If we get a bad principal, try to guess it if
887 we have a valid host NetBIOS name.
888 */
889 if (strequal(principal, ADS_IGNORE_PRINCIPAL)) {
890 SAFE_FREE(principal);
891 }
892 if (principal == NULL &&
893 !is_ipaddress(cli->desthost) &&
894 !strequal(star_smbserver_name,
895 cli->desthost)) {
896 char *realm = NULL;
897 char *machine = NULL;
898 char *host = NULL;
899 DEBUG(3,("cli_session_setup_spnego: got a "
900 "bad server principal, trying to guess ...\n"));
901
902 host = strchr_m(cli->desthost, '.');
903 if (host) {
904 machine = SMB_STRNDUP(cli->desthost,
905 host - cli->desthost);
906 } else {
907 machine = SMB_STRDUP(cli->desthost);
908 }
909 if (machine == NULL) {
910 return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
911 }
912
913 if (dest_realm) {
914 realm = SMB_STRDUP(dest_realm);
915 strupper_m(realm);
916 } else {
917 realm = kerberos_get_default_realm_from_ccache();
918 }
919 if (realm && *realm) {
920 if (asprintf(&principal, "%s$@%s",
921 machine, realm) < 0) {
922 SAFE_FREE(machine);
923 SAFE_FREE(realm);
924 return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
925 }
926 DEBUG(3,("cli_session_setup_spnego: guessed "
927 "server principal=%s\n",
928 principal ? principal : "<null>"));
929 }
930 SAFE_FREE(machine);
931 SAFE_FREE(realm);
932 }
933
934 if (principal) {
935 rc = cli_session_setup_kerberos(cli, principal,
936 dest_realm);
937 if (ADS_ERR_OK(rc) || !cli->fallback_after_kerberos) {
938 SAFE_FREE(principal);
939 return rc;
940 }
941 }
942 }
943 #endif
944
945 SAFE_FREE(principal);
946
947 ntlmssp:
948
949 return ADS_ERROR_NT(cli_session_setup_ntlmssp(cli, user, pass,
950 user_domain));
951 }
952
953 /****************************************************************************
954 Send a session setup. The username and workgroup is in UNIX character
955 format and must be converted to DOS codepage format before sending. If the
956 password is in plaintext, the same should be done.
957 ****************************************************************************/
958
959 NTSTATUS cli_session_setup(struct cli_state *cli,
960 const char *user,
961 const char *pass, int passlen,
962 const char *ntpass, int ntpasslen,
963 const char *workgroup)
964 {
965 char *p;
966 fstring user2;
967
968 /* allow for workgroups as part of the username */
969 fstrcpy(user2, user);
970 if ((p=strchr_m(user2,'\\')) || (p=strchr_m(user2,'/')) ||
971 (p=strchr_m(user2,*lp_winbind_separator()))) {
972 *p = 0;
973 user = p+1;
974 workgroup = user2;
975 }
976
977 if (cli->protocol < PROTOCOL_LANMAN1) {
978 return NT_STATUS_OK;
979 }
980
981 /* now work out what sort of session setup we are going to
982 do. I have split this into separate functions to make the
983 flow a bit easier to understand (tridge) */
984
985 /* if its an older server then we have to use the older request format */
986
987 if (cli->protocol < PROTOCOL_NT1) {
988 if (!lp_client_lanman_auth() && passlen != 24 && (*pass)) {
989 DEBUG(1, ("Server requested LM password but 'client lanman auth'"
990 " is disabled\n"));
991 return NT_STATUS_ACCESS_DENIED;
992 }
993
994 if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) == 0 &&
995 !lp_client_plaintext_auth() && (*pass)) {
996 DEBUG(1, ("Server requested plaintext password but 'client use plaintext auth'"
997 " is disabled\n"));
998 return NT_STATUS_ACCESS_DENIED;
999 }
1000
1001 return cli_session_setup_lanman2(cli, user, pass, passlen,
1002 workgroup);
1003 }
1004
1005 /* if no user is supplied then we have to do an anonymous connection.
1006 passwords are ignored */
1007
1008 if (!user || !*user)
1009 return cli_session_setup_guest(cli);
1010
1011 /* if the server is share level then send a plaintext null
1012 password at this point. The password is sent in the tree
1013 connect */
1014
1015 if ((cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL) == 0)
1016 return cli_session_setup_plaintext(cli, user, "", workgroup);
1017
1018 /* if the server doesn't support encryption then we have to use
1019 plaintext. The second password is ignored */
1020
1021 if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) == 0) {
1022 if (!lp_client_plaintext_auth() && (*pass)) {
1023 DEBUG(1, ("Server requested plaintext password but 'client use plaintext auth'"
1024 " is disabled\n"));
1025 return NT_STATUS_ACCESS_DENIED;
1026 }
1027 return cli_session_setup_plaintext(cli, user, pass, workgroup);
1028 }
1029
1030 /* if the server supports extended security then use SPNEGO */
1031
1032 if (cli->capabilities & CAP_EXTENDED_SECURITY) {
1033 ADS_STATUS status = cli_session_setup_spnego(cli, user, pass,
1034 workgroup, NULL);
1035 if (!ADS_ERR_OK(status)) {
1036 DEBUG(3, ("SPNEGO login failed: %s\n", ads_errstr(status)));
1037 return ads_ntstatus(status);
1038 }
1039 } else {
1040 NTSTATUS status;
1041
1042 /* otherwise do a NT1 style session setup */
1043 status = cli_session_setup_nt1(cli, user, pass, passlen,
1044 ntpass, ntpasslen, workgroup);
1045 if (!NT_STATUS_IS_OK(status)) {
1046 DEBUG(3,("cli_session_setup: NT1 session setup "
1047 "failed: %s\n", nt_errstr(status)));
1048 return status;
1049 }
1050 }
1051
1052 if (strstr(cli->server_type, "Samba")) {
1053 cli->is_samba = True;
1054 }
1055
1056 return NT_STATUS_OK;
1057 }
1058
1059 /****************************************************************************
1060 Send a uloggoff.
1061 *****************************************************************************/
1062
1063 BOOL cli_ulogoff(struct cli_state *cli)
1064 {
1065 memset(cli->outbuf,'\0',smb_size);
1066 set_message(cli->outbuf,2,0,True);
1067 SCVAL(cli->outbuf,smb_com,SMBulogoffX);
1068 cli_setup_packet(cli);
1069 SSVAL(cli->outbuf,smb_vwv0,0xFF);
1070 SSVAL(cli->outbuf,smb_vwv2,0); /* no additional info */
1071
1072 cli_send_smb(cli);
1073 if (!cli_receive_smb(cli))
1074 return False;
1075
1076 if (cli_is_error(cli)) {
1077 return False;
1078 }
1079
1080 cli->cnum = -1;
1081 return True;
1082 }
1083
1084 /****************************************************************************
1085 Send a tconX.
1086 ****************************************************************************/
1087
1088 BOOL cli_send_tconX(struct cli_state *cli,
1089 const char *share, const char *dev, const char *pass, int passlen)
1090 {
1091 fstring fullshare, pword;
1092 char *p;
1093 memset(cli->outbuf,'\0',smb_size);
1094 memset(cli->inbuf,'\0',smb_size);
1095
1096 fstrcpy(cli->share, share);
1097
1098 /* in user level security don't send a password now */
1099 if (cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL) {
1100 passlen = 1;
1101 pass = "";
1102 } else if (!pass) {
1103 DEBUG(1, ("Server not using user level security and no password supplied.\n"));
1104 return False;
1105 }
1106
1107 if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) &&
1108 *pass && passlen != 24) {
1109 if (!lp_client_lanman_auth()) {
1110 DEBUG(1, ("Server requested LANMAN password (share-level security) but 'client use lanman auth'"
1111 " is disabled\n"));
1112 return False;
1113 }
1114
1115 /*
1116 * Non-encrypted passwords - convert to DOS codepage before encryption.
1117 */
1118 passlen = 24;
1119 SMBencrypt(pass,cli->secblob.data,(uchar *)pword);
1120 } else {
1121 if((cli->sec_mode & (NEGOTIATE_SECURITY_USER_LEVEL|NEGOTIATE_SECURITY_CHALLENGE_RESPONSE)) == 0) {
1122 if (!lp_client_plaintext_auth() && (*pass)) {
1123 DEBUG(1, ("Server requested plaintext password but 'client use plaintext auth'"
1124 " is disabled\n"));
1125 return False;
1126 }
1127
1128 /*
1129 * Non-encrypted passwords - convert to DOS codepage before using.
1130 */
1131 passlen = clistr_push(cli, pword, pass, sizeof(pword), STR_TERMINATE);
1132
1133 } else {
1134 if (passlen) {
1135 memcpy(pword, pass, passlen);
1136 }
1137 }
1138 }
1139
1140 slprintf(fullshare, sizeof(fullshare)-1,
1141 "\\\\%s\\%s", cli->desthost, share);
1142
1143 set_message(cli->outbuf,4, 0, True);
1144 SCVAL(cli->outbuf,smb_com,SMBtconX);
1145 cli_setup_packet(cli);
1146
1147 SSVAL(cli->outbuf,smb_vwv0,0xFF);
1148 SSVAL(cli->outbuf,smb_vwv2,TCONX_FLAG_EXTENDED_RESPONSE);
1149 SSVAL(cli->outbuf,smb_vwv3,passlen);
1150
1151 p = smb_buf(cli->outbuf);
1152 if (passlen) {
1153 memcpy(p,pword,passlen);
1154 }
1155 p += passlen;
1156 p += clistr_push(cli, p, fullshare, -1, STR_TERMINATE |STR_UPPER);
1157 p += clistr_push(cli, p, dev, -1, STR_TERMINATE |STR_UPPER | STR_ASCII);
1158
1159 cli_setup_bcc(cli, p);
1160
1161 cli_send_smb(cli);
1162 if (!cli_receive_smb(cli))
1163 return False;
1164
1165 if (cli_is_error(cli))
1166 return False;
1167
1168 clistr_pull(cli, cli->dev, smb_buf(cli->inbuf), sizeof(fstring), -1, STR_TERMINATE|STR_ASCII);
1169
1170 if (cli->protocol >= PROTOCOL_NT1 &&
1171 smb_buflen(cli->inbuf) == 3) {
1172 /* almost certainly win95 - enable bug fixes */
1173 cli->win95 = True;
1174 }
1175
1176 /* Make sure that we have the optional support 16-bit field. WCT > 2 */
1177 /* Avoids issues when connecting to Win9x boxes sharing files */
1178
1179 cli->dfsroot = False;
1180 if ( (CVAL(cli->inbuf, smb_wct))>2 && cli->protocol >= PROTOCOL_LANMAN2 )
1181 cli->dfsroot = (SVAL( cli->inbuf, smb_vwv2 ) & SMB_SHARE_IN_DFS) ? True : False;
1182
1183 cli->cnum = SVAL(cli->inbuf,smb_tid);
1184 return True;
1185 }
1186
1187 /****************************************************************************
1188 Send a tree disconnect.
1189 ****************************************************************************/
1190
1191 BOOL cli_tdis(struct cli_state *cli)
1192 {
1193 memset(cli->outbuf,'\0',smb_size);
1194 set_message(cli->outbuf,0,0,True);
1195 SCVAL(cli->outbuf,smb_com,SMBtdis);
1196 SSVAL(cli->outbuf,smb_tid,cli->cnum);
1197 cli_setup_packet(cli);
1198
1199 cli_send_smb(cli);
1200 if (!cli_receive_smb(cli))
1201 return False;
1202
1203 if (cli_is_error(cli)) {
1204 return False;
1205 }
1206
1207 cli->cnum = -1;
1208 return True;
1209 }
1210
1211 /****************************************************************************
1212 Send a negprot command.
1213 ****************************************************************************/
1214
1215 void cli_negprot_send(struct cli_state *cli)
1216 {
1217 char *p;
1218 int numprots;
1219
1220 if (cli->protocol < PROTOCOL_NT1)
1221 cli->use_spnego = False;
1222
1223 memset(cli->outbuf,'\0',smb_size);
1224
1225 /* setup the protocol strings */
1226 set_message(cli->outbuf,0,0,True);
1227
1228 p = smb_buf(cli->outbuf);
1229 for (numprots=0;
1230 prots[numprots].name && prots[numprots].prot<=cli->protocol;
1231 numprots++) {
1232 *p++ = 2;
1233 p += clistr_push(cli, p, prots[numprots].name, -1, STR_TERMINATE);
1234 }
1235
1236 SCVAL(cli->outbuf,smb_com,SMBnegprot);
1237 cli_setup_bcc(cli, p);
1238 cli_setup_packet(cli);
1239
1240 SCVAL(smb_buf(cli->outbuf),0,2);
1241
1242 cli_send_smb(cli);
1243 }
1244
1245 /****************************************************************************
1246 Send a negprot command.
1247 ****************************************************************************/
1248
1249 BOOL cli_negprot(struct cli_state *cli)
1250 {
1251 char *p;
1252 int numprots;
1253 int plength;
1254
1255 if (cli->protocol < PROTOCOL_NT1)
1256 cli->use_spnego = False;
1257
1258 memset(cli->outbuf,'\0',smb_size);
1259
1260 /* setup the protocol strings */
1261 for (plength=0,numprots=0;
1262 prots[numprots].name && prots[numprots].prot<=cli->protocol;
1263 numprots++)
1264 plength += strlen(prots[numprots].name)+2;
1265
1266 set_message(cli->outbuf,0,plength,True);
1267
1268 p = smb_buf(cli->outbuf);
1269 for (numprots=0;
1270 prots[numprots].name && prots[numprots].prot<=cli->protocol;
1271 numprots++) {
1272 *p++ = 2;
1273 p += clistr_push(cli, p, prots[numprots].name, -1, STR_TERMINATE);
1274 }
1275
1276 SCVAL(cli->outbuf,smb_com,SMBnegprot);
1277 cli_setup_packet(cli);
1278
1279 SCVAL(smb_buf(cli->outbuf),0,2);
1280
1281 cli_send_smb(cli);
1282 if (!cli_receive_smb(cli))
1283 return False;
1284
1285 show_msg(cli->inbuf);
1286
1287 if (cli_is_error(cli) ||
1288 ((int)SVAL(cli->inbuf,smb_vwv0) >= numprots)) {
1289 return(False);
1290 }
1291
1292 cli->protocol = prots[SVAL(cli->inbuf,smb_vwv0)].prot;
1293
1294 if ((cli->protocol < PROTOCOL_NT1) && cli->sign_info.mandatory_signing) {
1295 DEBUG(0,("cli_negprot: SMB signing is mandatory and the selected protocol level doesn't support it.\n"));
1296 return False;
1297 }
1298
1299 if (cli->protocol >= PROTOCOL_NT1) {
1300 struct timespec ts;
1301 /* NT protocol */
1302 cli->sec_mode = CVAL(cli->inbuf,smb_vwv1);
1303 cli->max_mux = SVAL(cli->inbuf, smb_vwv1+1);
1304 cli->max_xmit = IVAL(cli->inbuf,smb_vwv3+1);
1305 cli->sesskey = IVAL(cli->inbuf,smb_vwv7+1);
1306 cli->serverzone = SVALS(cli->inbuf,smb_vwv15+1);
1307 cli->serverzone *= 60;
1308 /* this time arrives in real GMT */
1309 ts = interpret_long_date(cli->inbuf+smb_vwv11+1);
1310 cli->servertime = ts.tv_sec;
1311 cli->secblob = data_blob(smb_buf(cli->inbuf),smb_buflen(cli->inbuf));
1312 cli->capabilities = IVAL(cli->inbuf,smb_vwv9+1);
1313 if (cli->capabilities & CAP_RAW_MODE) {
1314 cli->readbraw_supported = True;
1315 cli->writebraw_supported = True;
1316 }
1317 /* work out if they sent us a workgroup */
1318 if (!(cli->capabilities & CAP_EXTENDED_SECURITY) &&
1319 smb_buflen(cli->inbuf) > 8) {
1320 clistr_pull(cli, cli->server_domain,
1321 smb_buf(cli->inbuf)+8, sizeof(cli->server_domain),
1322 smb_buflen(cli->inbuf)-8, STR_UNICODE|STR_NOALIGN);
1323 }
1324
1325 /*
1326 * As signing is slow we only turn it on if either the client or
1327 * the server require it. JRA.
1328 */
1329
1330 if (cli->sec_mode & NEGOTIATE_SECURITY_SIGNATURES_REQUIRED) {
1331 /* Fail if server says signing is mandatory and we don't want to support it. */
1332 if (!cli->sign_info.allow_smb_signing) {
1333 DEBUG(0,("cli_negprot: SMB signing is mandatory and we have disabled it.\n"));
1334 return False;
1335 }
1336 cli->sign_info.negotiated_smb_signing = True;
1337 cli->sign_info.mandatory_signing = True;
1338 } else if (cli->sign_info.mandatory_signing && cli->sign_info.allow_smb_signing) {
1339 /* Fail if client says signing is mandatory and the server doesn't support it. */
1340 if (!(cli->sec_mode & NEGOTIATE_SECURITY_SIGNATURES_ENABLED)) {
1341 DEBUG(1,("cli_negprot: SMB signing is mandatory and the server doesn't support it.\n"));
1342 return False;
1343 }
1344 cli->sign_info.negotiated_smb_signing = True;
1345 cli->sign_info.mandatory_signing = True;
1346 } else if (cli->sec_mode & NEGOTIATE_SECURITY_SIGNATURES_ENABLED) {
1347 cli->sign_info.negotiated_smb_signing = True;
1348 }
1349
1350 if (cli->capabilities & (CAP_LARGE_READX|CAP_LARGE_WRITEX)) {
1351 SAFE_FREE(cli->outbuf);
1352 SAFE_FREE(cli->inbuf);
1353 cli->outbuf = (char *)SMB_MALLOC(CLI_SAMBA_MAX_LARGE_READX_SIZE+LARGE_WRITEX_HDR_SIZE+SAFETY_MARGIN);
1354 cli->inbuf = (char *)SMB_MALLOC(CLI_SAMBA_MAX_LARGE_READX_SIZE+LARGE_WRITEX_HDR_SIZE+SAFETY_MARGIN);
1355 cli->bufsize = CLI_SAMBA_MAX_LARGE_READX_SIZE + LARGE_WRITEX_HDR_SIZE;
1356 }
1357
1358 } else if (cli->protocol >= PROTOCOL_LANMAN1) {
1359 cli->use_spnego = False;
1360 cli->sec_mode = SVAL(cli->inbuf,smb_vwv1);
1361 cli->max_xmit = SVAL(cli->inbuf,smb_vwv2);
1362 cli->max_mux = SVAL(cli->inbuf, smb_vwv3);
1363 cli->sesskey = IVAL(cli->inbuf,smb_vwv6);
1364 cli->serverzone = SVALS(cli->inbuf,smb_vwv10);
1365 cli->serverzone *= 60;
1366 /* this time is converted to GMT by make_unix_date */
1367 cli->servertime = cli_make_unix_date(cli,cli->inbuf+smb_vwv8);
1368 cli->readbraw_supported = ((SVAL(cli->inbuf,smb_vwv5) & 0x1) != 0);
1369 cli->writebraw_supported = ((SVAL(cli->inbuf,smb_vwv5) & 0x2) != 0);
1370 cli->secblob = data_blob(smb_buf(cli->inbuf),smb_buflen(cli->inbuf));
1371 } else {
1372 /* the old core protocol */
1373 cli->use_spnego = False;
1374 cli->sec_mode = 0;
1375 cli->serverzone = get_time_zone(time(NULL));
1376 }
1377
1378 cli->max_xmit = MIN(cli->max_xmit, CLI_BUFFER_SIZE);
1379
1380 /* a way to force ascii SMB */
1381 if (getenv("CLI_FORCE_ASCII"))
1382 cli->capabilities &= ~CAP_UNICODE;
1383
1384 return True;
1385 }
1386
1387 /****************************************************************************
1388 Send a session request. See rfc1002.txt 4.3 and 4.3.2.
1389 ****************************************************************************/
1390
1391 BOOL cli_session_request(struct cli_state *cli,
1392 struct nmb_name *calling, struct nmb_name *called)
1393 {
1394 char *p;
1395 int len = 4;
1396
1397 memcpy(&(cli->calling), calling, sizeof(*calling));
1398 memcpy(&(cli->called ), called , sizeof(*called ));
1399
1400 /* put in the destination name */
1401 p = cli->outbuf+len;
1402 name_mangle(cli->called .name, p, cli->called .name_type);
1403 len += name_len(p);
1404
1405 /* and my name */
1406 p = cli->outbuf+len;
1407 name_mangle(cli->calling.name, p, cli->calling.name_type);
1408 len += name_len(p);
1409
1410 /* 445 doesn't have session request */
1411 if (cli->port == 445)
1412 return True;
1413
1414 /* send a session request (RFC 1002) */
1415 /* setup the packet length
1416 * Remove four bytes from the length count, since the length
1417 * field in the NBT Session Service header counts the number
1418 * of bytes which follow. The cli_send_smb() function knows
1419 * about this and accounts for those four bytes.
1420 * CRH.
1421 */
1422 len -= 4;
1423 _smb_setlen(cli->outbuf,len);
1424 SCVAL(cli->outbuf,0,0x81);
1425
1426 cli_send_smb(cli);
1427 DEBUG(5,("Sent session request\n"));
1428
1429 if (!cli_receive_smb(cli))
1430 return False;
1431
1432 if (CVAL(cli->inbuf,0) == 0x84) {
1433 /* C. Hoch 9/14/95 Start */
1434 /* For information, here is the response structure.
1435 * We do the byte-twiddling to for portability.
1436 struct RetargetResponse{
1437 unsigned char type;
1438 unsigned char flags;
1439 int16 length;
1440 int32 ip_addr;
1441 int16 port;
1442 };
1443 */
1444 int port = (CVAL(cli->inbuf,8)<<8)+CVAL(cli->inbuf,9);
1445 /* SESSION RETARGET */
1446 putip((char *)&cli->dest_ip,cli->inbuf+4);
1447
1448 cli->fd = open_socket_out(SOCK_STREAM, &cli->dest_ip, port, LONG_CONNECT_TIMEOUT);
1449 if (cli->fd == -1)
1450 return False;
1451
1452 DEBUG(3,("Retargeted\n"));
1453
1454 set_socket_options(cli->fd,user_socket_options);
1455
1456 /* Try again */
1457 {
1458 static int depth;
1459 BOOL ret;
1460 if (depth > 4) {
1461 DEBUG(0,("Retarget recursion - failing\n"));
1462 return False;
1463 }
1464 depth++;
1465 ret = cli_session_request(cli, calling, called);
1466 depth--;
1467 return ret;
1468 }
1469 } /* C. Hoch 9/14/95 End */
1470
1471 if (CVAL(cli->inbuf,0) != 0x82) {
1472 /* This is the wrong place to put the error... JRA. */
1473 cli->rap_error = CVAL(cli->inbuf,4);
1474 return False;
1475 }
1476 return(True);
1477 }
1478
1479 /****************************************************************************
1480 Open the client sockets.
1481 ****************************************************************************/
1482
1483 NTSTATUS cli_connect(struct cli_state *cli, const char *host, struct in_addr *ip)
1484 {
1485 int name_type = 0x20;
1486 char *p;
1487
1488 /* reasonable default hostname */
1489 if (!host) host = star_smbserver_name;
1490
1491 fstrcpy(cli->desthost, host);
1492
1493 /* allow hostnames of the form NAME#xx and do a netbios lookup */
1494 if ((p = strchr(cli->desthost, '#'))) {
1495 name_type = strtol(p+1, NULL, 16);
1496 *p = 0;
1497 }
1498
1499 if (!ip || is_zero_ip(*ip)) {
1500 if (!resolve_name(cli->desthost, &cli->dest_ip, name_type)) {
1501 return NT_STATUS_BAD_NETWORK_NAME;
1502 }
1503 if (ip) *ip = cli->dest_ip;
1504 } else {
1505 cli->dest_ip = *ip;
1506 }
1507
1508 if (getenv("LIBSMB_PROG")) {
1509 cli->fd = sock_exec(getenv("LIBSMB_PROG"));
1510 } else {
1511 /* try 445 first, then 139 */
1512 int port = cli->port?cli->port:445;
1513 cli->fd = open_socket_out(SOCK_STREAM, &cli->dest_ip,
1514 port, cli->timeout);
1515 if (cli->fd == -1 && cli->port == 0) {
1516 port = 139;
1517 cli->fd = open_socket_out(SOCK_STREAM, &cli->dest_ip,
1518 port, cli->timeout);
1519 }
1520 if (cli->fd != -1)
1521 cli->port = port;
1522 }
1523 if (cli->fd == -1) {
1524 DEBUG(1,("Error connecting to %s (%s)\n",
1525 ip?inet_ntoa(*ip):host,strerror(errno)));
1526 return map_nt_error_from_unix(errno);
1527 }
1528
1529 set_socket_options(cli->fd,user_socket_options);
1530
1531 return NT_STATUS_OK;
1532 }
1533
1534 /**
1535 establishes a connection to after the negprot.
1536 @param output_cli A fully initialised cli structure, non-null only on success
1537 @param dest_host The netbios name of the remote host
1538 @param dest_ip (optional) The the destination IP, NULL for name based lookup
1539 @param port (optional) The destination port (0 for default)
1540 @param retry BOOL. Did this connection fail with a retryable error ?
1541
1542 */
1543 NTSTATUS cli_start_connection(struct cli_state **output_cli,
1544 const char *my_name,
1545 const char *dest_host,
1546 struct in_addr *dest_ip, int port,
1547 int signing_state, int flags,
1548 BOOL *retry)
1549 {
1550 NTSTATUS nt_status;
1551 struct nmb_name calling;
1552 struct nmb_name called;
1553 struct cli_state *cli;
1554 struct in_addr ip;
1555
1556 if (retry)
1557 *retry = False;
1558
1559 if (!my_name)
1560 my_name = global_myname();
1561
1562 if (!(cli = cli_initialise())) {
1563 return NT_STATUS_NO_MEMORY;
1564 }
1565
1566 make_nmb_name(&calling, my_name, 0x0);
1567 make_nmb_name(&called , dest_host, 0x20);
1568
1569 if (cli_set_port(cli, port) != port) {
1570 cli_shutdown(cli);
1571 return NT_STATUS_UNSUCCESSFUL;
1572 }
1573
1574 cli_set_timeout(cli, 10000); /* 10 seconds. */
1575
1576 if (dest_ip)
1577 ip = *dest_ip;
1578 else
1579 ZERO_STRUCT(ip);
1580
1581 again:
1582
1583 DEBUG(3,("Connecting to host=%s\n", dest_host));
1584
1585 nt_status = cli_connect(cli, dest_host, &ip);
1586 if (!NT_STATUS_IS_OK(nt_status)) {
1587 DEBUG(1,("cli_start_connection: failed to connect to %s (%s). Error %s\n",
1588 nmb_namestr(&called), inet_ntoa(ip), nt_errstr(nt_status) ));
1589 cli_shutdown(cli);
1590 return nt_status;
1591 }
1592
1593 if (retry)
1594 *retry = True;
1595
1596 if (!cli_session_request(cli, &calling, &called)) {
1597 char *p;
1598 DEBUG(1,("session request to %s failed (%s)\n",
1599 called.name, cli_errstr(cli)));
1600 if ((p=strchr(called.name, '.')) && !is_ipaddress(called.name)) {
1601 *p = 0;
1602 goto again;
1603 }
1604 if (strcmp(called.name, star_smbserver_name)) {
1605 make_nmb_name(&called , star_smbserver_name, 0x20);
1606 goto again;
1607 }
1608 return NT_STATUS_BAD_NETWORK_NAME;
1609 }
1610
1611 cli_setup_signing_state(cli, signing_state);
1612
1613 if (flags & CLI_FULL_CONNECTION_DONT_SPNEGO)
1614 cli->use_spnego = False;
1615 else if (flags & CLI_FULL_CONNECTION_USE_KERBEROS)
1616 cli->use_kerberos = True;
1617
1618 if (!cli_negprot(cli)) {
1619 DEBUG(1,("failed negprot\n"));
1620 nt_status = cli_nt_error(cli);
1621 if (NT_STATUS_IS_OK(nt_status)) {
1622 nt_status = NT_STATUS_UNSUCCESSFUL;
1623 }
1624 cli_shutdown(cli);
1625 return nt_status;
1626 }
1627
1628 *output_cli = cli;
1629 return NT_STATUS_OK;
1630 }
1631
1632
1633 /**
1634 establishes a connection right up to doing tconX, password specified.
1635 @param output_cli A fully initialised cli structure, non-null only on success
1636 @param dest_host The netbios name of the remote host
1637 @param dest_ip (optional) The the destination IP, NULL for name based lookup
1638 @param port (optional) The destination port (0 for default)
1639 @param service (optional) The share to make the connection to. Should be 'unqualified' in any way.
1640 @param service_type The 'type' of serivice.
1641 @param user Username, unix string
1642 @param domain User's domain
1643 @param password User's password, unencrypted unix string.
1644 @param retry BOOL. Did this connection fail with a retryable error ?
1645 */
1646
1647 NTSTATUS cli_full_connection(struct cli_state **output_cli,
1648 const char *my_name,
1649 const char *dest_host,
1650 struct in_addr *dest_ip, int port,
1651 const char *service, const char *service_type,
1652 const char *user, const char *domain,
1653 const char *password, int flags,
1654 int signing_state,
1655 BOOL *retry)
1656 {
1657 NTSTATUS nt_status;
1658 struct cli_state *cli = NULL;
1659 int pw_len = password ? strlen(password)+1 : 0;
1660
1661 *output_cli = NULL;
1662
1663 if (password == NULL) {
1664 password = "";
1665 }
1666
1667 nt_status = cli_start_connection(&cli, my_name, dest_host,
1668 dest_ip, port, signing_state, flags, retry);
1669
1670 if (!NT_STATUS_IS_OK(nt_status)) {
1671 return nt_status;
1672 }
1673
1674 nt_status = cli_session_setup(cli, user, password, pw_len, password,
1675 pw_len, domain);
1676 if (!NT_STATUS_IS_OK(nt_status)) {
1677
1678 if (!(flags & CLI_FULL_CONNECTION_ANONYMOUS_FALLBACK)) {
1679 DEBUG(1,("failed session setup with %s\n",
1680 nt_errstr(nt_status)));
1681 cli_shutdown(cli);
1682 return nt_status;
1683 }
1684
1685 nt_status = cli_session_setup(cli, "", "", 0, "", 0, domain);
1686 if (!NT_STATUS_IS_OK(nt_status)) {
1687 DEBUG(1,("anonymous failed session setup with %s\n",
1688 nt_errstr(nt_status)));
1689 cli_shutdown(cli);
1690 return nt_status;
1691 }
1692 }
1693
1694 if (service) {
1695 if (!cli_send_tconX(cli, service, service_type, password, pw_len)) {
1696 nt_status = cli_nt_error(cli);
1697 DEBUG(1,("failed tcon_X with %s\n", nt_errstr(nt_status)));
1698 cli_shutdown(cli);
1699 if (NT_STATUS_IS_OK(nt_status)) {
1700 nt_status = NT_STATUS_UNSUCCESSFUL;
1701 }
1702 return nt_status;
1703 }
1704 }
1705
1706 cli_init_creds(cli, user, domain, password);
1707
1708 *output_cli = cli;
1709 return NT_STATUS_OK;
1710 }
1711
1712 /****************************************************************************
1713 Attempt a NetBIOS session request, falling back to *SMBSERVER if needed.
1714 ****************************************************************************/
1715
1716 BOOL attempt_netbios_session_request(struct cli_state **ppcli, const char *srchost, const char *desthost,
1717 struct in_addr *pdest_ip)
1718 {
1719 struct nmb_name calling, called;
1720
1721 make_nmb_name(&calling, srchost, 0x0);
1722
1723 /*
1724 * If the called name is an IP address
1725 * then use *SMBSERVER immediately.
1726 */
1727
1728 if(is_ipaddress(desthost)) {
1729 make_nmb_name(&called, star_smbserver_name, 0x20);
1730 } else {
1731 make_nmb_name(&called, desthost, 0x20);
1732 }
1733
1734 if (!cli_session_request(*ppcli, &calling, &called)) {
1735 NTSTATUS status;
1736 struct nmb_name smbservername;
1737
1738 make_nmb_name(&smbservername, star_smbserver_name, 0x20);
1739
1740 /*
1741 * If the name wasn't *SMBSERVER then
1742 * try with *SMBSERVER if the first name fails.
1743 */
1744
1745 if (nmb_name_equal(&called, &smbservername)) {
1746
1747 /*
1748 * The name used was *SMBSERVER, don't bother with another name.
1749 */
1750
1751 DEBUG(0,("attempt_netbios_session_request: %s rejected the session for name *SMBSERVER \
1752 with error %s.\n", desthost, cli_errstr(*ppcli) ));
1753 return False;
1754 }
1755
1756 /* Try again... */
1757 cli_shutdown(*ppcli);
1758
1759 *ppcli = cli_initialise();
1760 if (!*ppcli) {
1761 /* Out of memory... */
1762 return False;
1763 }
1764
1765 status = cli_connect(*ppcli, desthost, pdest_ip);
1766 if (!NT_STATUS_IS_OK(status) ||
1767 !cli_session_request(*ppcli, &calling, &smbservername)) {
1768 DEBUG(0,("attempt_netbios_session_request: %s rejected the session for \
1769 name *SMBSERVER with error %s\n", desthost, cli_errstr(*ppcli) ));
1770 return False;
1771 }
1772 }
1773
1774 return True;
1775 }
1776
1777
1778
1779
1780
1781 /****************************************************************************
1782 Send an old style tcon.
1783 ****************************************************************************/
1784 NTSTATUS cli_raw_tcon(struct cli_state *cli,
1785 const char *service, const char *pass, const char *dev,
1786 uint16 *max_xmit, uint16 *tid)
1787 {
1788 char *p;
1789
1790 if (!lp_client_plaintext_auth() && (*pass)) {
1791 DEBUG(1, ("Server requested plaintext password but 'client use plaintext auth'"
1792 " is disabled\n"));
1793 return NT_STATUS_ACCESS_DENIED;
1794 }
1795
1796 memset(cli->outbuf,'\0',smb_size);
1797 memset(cli->inbuf,'\0',smb_size);
1798
1799 set_message(cli->outbuf, 0, 0, True);
1800 SCVAL(cli->outbuf,smb_com,SMBtcon);
1801 cli_setup_packet(cli);
1802
1803 p = smb_buf(cli->outbuf);
1804 *p++ = 4; p += clistr_push(cli, p, service, -1, STR_TERMINATE | STR_NOALIGN);
1805 *p++ = 4; p += clistr_push(cli, p, pass, -1, STR_TERMINATE | STR_NOALIGN);
1806 *p++ = 4; p += clistr_push(cli, p, dev, -1, STR_TERMINATE | STR_NOALIGN);
1807
1808 cli_setup_bcc(cli, p);
1809
1810 cli_send_smb(cli);
1811 if (!cli_receive_smb(cli)) {
1812 return NT_STATUS_UNEXPECTED_NETWORK_ERROR;
1813 }
1814
1815 if (cli_is_error(cli)) {
1816 return cli_nt_error(cli);
1817 }
1818
1819 *max_xmit = SVAL(cli->inbuf, smb_vwv0);
1820 *tid = SVAL(cli->inbuf, smb_vwv1);
1821
1822 return NT_STATUS_OK;
1823 }
1824
1825 /* Return a cli_state pointing at the IPC$ share for the given server */
1826
1827 struct cli_state *get_ipc_connect(char *server, struct in_addr *server_ip,
1828 struct user_auth_info *user_info)
1829 {
1830 struct cli_state *cli;
1831 pstring myname;
1832 NTSTATUS nt_status;
1833
1834 get_myname(myname);
1835
1836 nt_status = cli_full_connection(&cli, myname, server, server_ip, 0, "IPC$", "IPC",
1837 user_info->username, lp_workgroup(), user_info->password,
1838 CLI_FULL_CONNECTION_ANONYMOUS_FALLBACK, Undefined, NULL);
1839
1840 if (NT_STATUS_IS_OK(nt_status)) {
1841 return cli;
1842 } else if (is_ipaddress(server)) {
1843 /* windows 9* needs a correct NMB name for connections */
1844 fstring remote_name;
1845
1846 if (name_status_find("*", 0, 0, *server_ip, remote_name)) {
1847 cli = get_ipc_connect(remote_name, server_ip, user_info);
1848 if (cli)
1849 return cli;
1850 }
1851 }
1852 return NULL;
1853 }
1854
1855 /*
1856 * Given the IP address of a master browser on the network, return its
1857 * workgroup and connect to it.
1858 *
1859 * This function is provided to allow additional processing beyond what
1860 * get_ipc_connect_master_ip_bcast() does, e.g. to retrieve the list of master
1861 * browsers and obtain each master browsers' list of domains (in case the
1862 * first master browser is recently on the network and has not yet
1863 * synchronized with other master browsers and therefore does not yet have the
1864 * entire network browse list)
1865 */
1866
1867 struct cli_state *get_ipc_connect_master_ip(struct ip_service * mb_ip, pstring workgroup, struct user_auth_info *user_info)
1868 {
1869 static fstring name;
1870 struct cli_state *cli;
1871 struct in_addr server_ip;
1872
1873 DEBUG(99, ("Looking up name of master browser %s\n",
1874 inet_ntoa(mb_ip->ip)));
1875
1876 /*
1877 * Do a name status query to find out the name of the master browser.
1878 * We use <01><02>__MSBROWSE__<02>#01 if *#00 fails because a domain
1879 * master browser will not respond to a wildcard query (or, at least,
1880 * an NT4 server acting as the domain master browser will not).
1881 *
1882 * We might be able to use ONLY the query on MSBROWSE, but that's not
1883 * yet been tested with all Windows versions, so until it is, leave
1884 * the original wildcard query as the first choice and fall back to
1885 * MSBROWSE if the wildcard query fails.
1886 */
1887 if (!name_status_find("*", 0, 0x1d, mb_ip->ip, name) &&
1888 !name_status_find(MSBROWSE, 1, 0x1d, mb_ip->ip, name)) {
1889
1890 DEBUG(99, ("Could not retrieve name status for %s\n",
1891 inet_ntoa(mb_ip->ip)));
1892 return NULL;
1893 }
1894
1895 if (!find_master_ip(name, &server_ip)) {
1896 DEBUG(99, ("Could not find master ip for %s\n", name));
1897 return NULL;
1898 }
1899
1900 pstrcpy(workgroup, name);
1901
1902 DEBUG(4, ("found master browser %s, %s\n",
1903 name, inet_ntoa(mb_ip->ip)));
1904
1905 cli = get_ipc_connect(inet_ntoa(server_ip), &server_ip, user_info);
1906
1907 return cli;
1908
1909 }
1910
1911 /*
1912 * Return the IP address and workgroup of a master browser on the network, and
1913 * connect to it.
1914 */
1915
1916 struct cli_state *get_ipc_connect_master_ip_bcast(pstring workgroup, struct user_auth_info *user_info)
1917 {
1918 struct ip_service *ip_list;
1919 struct cli_state *cli;
1920 int i, count;
1921
1922 DEBUG(99, ("Do broadcast lookup for workgroups on local network\n"));
1923
1924 /* Go looking for workgroups by broadcasting on the local network */
1925
1926 if (!name_resolve_bcast(MSBROWSE, 1, &ip_list, &count)) {
1927 DEBUG(99, ("No master browsers responded\n"));
1928 return False;
1929 }
1930
1931 for (i = 0; i < count; i++) {
1932 DEBUG(99, ("Found master browser %s\n", inet_ntoa(ip_list[i].ip)));
1933
1934 cli = get_ipc_connect_master_ip(&ip_list[i], workgroup, user_info);
1935 if (cli)
1936 return(cli);
1937 }
1938
1939 return NULL;
1940 }
Samba GIT mirror