2 Unix SMB/Netbios implementation.
3 SMB client library implementation
4 Copyright (C) Andrew Tridgell 1998
5 Copyright (C) Richard Sharpe 2000, 2002
6 Copyright (C) John Terpstra 2000
7 Copyright (C) Tom Jansen (Ninja ISD) 2002
8 Copyright (C) Derrell Lipman 2003-2008
9 Copyright (C) Jeremy Allison 2007, 2008
11 This program is free software; you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 3 of the License, or
14 (at your option) any later version.
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
21 You should have received a copy of the GNU General Public License
22 along with this program. If not, see <http://www.gnu.org/licenses/>.
26 #include "libsmbclient.h"
27 #include "libsmb_internal.h"
31 * Check a server for being alive and well.
32 * returns 0 if the server is in shape. Returns 1 on error
34 * Also useable outside libsmbclient to enable external cache
35 * to do some checks too.
38 SMBC_check_server(SMBCCTX
* context
,
45 return (getpeername(server
->cli
->fd
, &addr
, &size
) == -1);
49 * Remove a server from the cached server list it's unused.
50 * On success, 0 is returned. 1 is returned if the server could not be removed.
52 * Also useable outside libsmbclient
55 SMBC_remove_unused_server(SMBCCTX
* context
,
60 /* are we being fooled ? */
61 if (!context
|| !context
->initialized
|| !srv
) {
65 /* Check all open files/directories for a relation with this server */
66 for (file
= context
->files
; file
; file
= file
->next
) {
67 if (file
->srv
== srv
) {
69 DEBUG(3, ("smbc_remove_usused_server: "
70 "%p still used by %p.\n",
76 DLIST_REMOVE(context
->servers
, srv
);
78 cli_shutdown(srv
->cli
);
81 DEBUG(3, ("smbc_remove_usused_server: %p removed.\n", srv
));
83 (context
->cache
.remove_cached_server_fn
)(context
, srv
);
89 /****************************************************************
90 * Call the auth_fn with fixed size (fstring) buffers.
91 ***************************************************************/
93 SMBC_call_auth_fn(TALLOC_CTX
*ctx
,
105 strlcpy(workgroup
, *pp_workgroup
, sizeof(workgroup
));
106 strlcpy(username
, *pp_username
, sizeof(username
));
107 strlcpy(password
, *pp_password
, sizeof(password
));
109 (context
->server
.get_auth_data_fn
)(
111 workgroup
, sizeof(workgroup
),
112 username
, sizeof(username
),
113 password
, sizeof(password
));
115 TALLOC_FREE(*pp_workgroup
);
116 TALLOC_FREE(*pp_username
);
117 TALLOC_FREE(*pp_password
);
119 *pp_workgroup
= talloc_strdup(ctx
, workgroup
);
120 *pp_username
= talloc_strdup(ctx
, username
);
121 *pp_password
= talloc_strdup(ctx
, password
);
126 SMBC_get_auth_data(const char *server
, const char *share
,
127 char *workgroup_buf
, int workgroup_buf_len
,
128 char *username_buf
, int username_buf_len
,
129 char *password_buf
, int password_buf_len
)
131 /* Default function just uses provided data. Nothing to do. */
137 SMBC_find_server(TALLOC_CTX
*ctx
,
150 srv
= (context
->cache
.get_cached_server_fn
)(context
,
155 if (!auth_called
&& !srv
&& (!*pp_username
|| !(*pp_username
)[0] ||
156 !*pp_password
|| !(*pp_password
)[0])) {
157 SMBC_call_auth_fn(ctx
, context
, server
, share
,
158 pp_workgroup
, pp_username
, pp_password
);
160 if (!pp_workgroup
|| !pp_username
|| !pp_password
) {
165 * However, smbc_auth_fn may have picked up info relating to
166 * an existing connection, so try for an existing connection
170 goto check_server_cache
;
175 if ((context
->server
.check_server_fn
)(context
, srv
)) {
177 * This server is no good anymore
178 * Try to remove it and check for more possible
179 * servers in the cache
181 if ((context
->server
.remove_unused_server_fn
)(context
,
184 * We could not remove the server completely,
185 * remove it from the cache so we will not get
186 * it again. It will be removed when the last
187 * file/dir is closed.
189 (context
->cache
.remove_cached_server_fn
)(context
,
194 * Maybe there are more cached connections to this
197 goto check_server_cache
;
207 * Connect to a server, possibly on an existing connection
209 * Here, what we want to do is: If the server and username
210 * match an existing connection, reuse that, otherwise, establish a
213 * If we have to create a new connection, call the auth_fn to get the
214 * info we need, unless the username and password were passed in.
218 SMBC_server(TALLOC_CTX
*ctx
,
220 bool connect_if_not_found
,
229 struct nmb_name called
, calling
;
230 const char *server_n
= server
;
231 struct sockaddr_storage ss
;
232 int tried_reverse
= 0;
235 const char *username_used
;
241 if (server
[0] == 0) {
246 /* Look for a cached connection */
247 srv
= SMBC_find_server(ctx
, context
, server
, share
,
248 pp_workgroup
, pp_username
, pp_password
);
251 * If we found a connection and we're only allowed one share per
254 if (srv
&& *share
!= '\0' && context
->one_share_per_server
) {
257 * ... then if there's no current connection to the share,
258 * connect to it. SMBC_find_server(), or rather the function
259 * pointed to by context->cache.get_cached_srv_fn which
260 * was called by SMBC_find_server(), will have issued a tree
261 * disconnect if the requested share is not the same as the
262 * one that was already connected.
264 if (srv
->cli
->cnum
== (uint16
) -1) {
265 /* Ensure we have accurate auth info */
266 SMBC_call_auth_fn(ctx
, context
, server
, share
,
267 pp_workgroup
, pp_username
, pp_password
);
269 if (!*pp_workgroup
|| !*pp_username
|| !*pp_password
) {
271 cli_shutdown(srv
->cli
);
273 (context
->cache
.remove_cached_server_fn
)(context
,
279 * We don't need to renegotiate encryption
280 * here as the encryption context is not per
284 if (!cli_send_tconX(srv
->cli
, share
, "?????",
286 strlen(*pp_password
)+1)) {
288 errno
= SMBC_errno(context
, srv
->cli
);
289 cli_shutdown(srv
->cli
);
291 (context
->cache
.remove_cached_server_fn
)(context
,
297 * Regenerate the dev value since it's based on both
301 srv
->dev
= (dev_t
)(str_checksum(server
) ^
302 str_checksum(share
));
307 /* If we have a connection... */
310 /* ... then we're done here. Give 'em what they came for. */
314 /* If we're not asked to connect when a connection doesn't exist... */
315 if (! connect_if_not_found
) {
316 /* ... then we're done here. */
320 if (!*pp_workgroup
|| !*pp_username
|| !*pp_password
) {
325 make_nmb_name(&calling
, context
->netbios_name
, 0x0);
326 make_nmb_name(&called
, server
, 0x20);
328 DEBUG(4,("SMBC_server: server_n=[%s] server=[%s]\n", server_n
, server
));
330 DEBUG(4,(" -> server_n=[%s] server=[%s]\n", server_n
, server
));
336 /* have to open a new connection */
337 if ((c
= cli_initialise()) == NULL
) {
342 if (context
->use_kerberos
) {
343 c
->use_kerberos
= True
;
345 if (context
->fallback_after_kerberos
) {
346 c
->fallback_after_kerberos
= True
;
349 c
->timeout
= context
->timeout
;
352 * Force use of port 139 for first try if share is $IPC, empty, or
353 * null, so browse lists can work
355 if (share
== NULL
|| *share
== '\0' || strcmp(share
, "IPC$") == 0) {
356 port_try_first
= 139;
359 port_try_first
= 445;
363 c
->port
= port_try_first
;
365 status
= cli_connect(c
, server_n
, &ss
);
366 if (!NT_STATUS_IS_OK(status
)) {
368 /* First connection attempt failed. Try alternate port. */
369 c
->port
= port_try_next
;
371 status
= cli_connect(c
, server_n
, &ss
);
372 if (!NT_STATUS_IS_OK(status
)) {
379 if (!cli_session_request(c
, &calling
, &called
)) {
381 if (strcmp(called
.name
, "*SMBSERVER")) {
382 make_nmb_name(&called
, "*SMBSERVER", 0x20);
384 } else { /* Try one more time, but ensure we don't loop */
386 /* Only try this if server is an IP address ... */
388 if (is_ipaddress(server
) && !tried_reverse
) {
390 struct sockaddr_storage rem_ss
;
392 if (!interpret_string_addr(&rem_ss
, server
,
394 DEBUG(4, ("Could not convert IP address "
395 "%s to struct sockaddr_storage\n",
401 tried_reverse
++; /* Yuck */
403 if (name_status_find("*", 0, 0, &rem_ss
, remote_name
)) {
404 make_nmb_name(&called
, remote_name
, 0x20);
413 DEBUG(4,(" session request ok\n"));
415 if (!cli_negprot(c
)) {
421 username_used
= *pp_username
;
423 if (!NT_STATUS_IS_OK(cli_session_setup(c
, username_used
,
424 *pp_password
, strlen(*pp_password
),
425 *pp_password
, strlen(*pp_password
),
428 /* Failed. Try an anonymous login, if allowed by flags. */
431 if (context
->no_auto_anonymous_login
||
432 !NT_STATUS_IS_OK(cli_session_setup(c
, username_used
,
443 DEBUG(4,(" session setup ok\n"));
445 if (!cli_send_tconX(c
, share
, "?????",
446 *pp_password
, strlen(*pp_password
)+1)) {
447 errno
= SMBC_errno(context
, c
);
452 DEBUG(4,(" tconx ok\n"));
454 if (context
->smb_encryption_level
) {
455 /* Attempt UNIX smb encryption. */
456 if (!NT_STATUS_IS_OK(cli_force_encryption(c
,
462 * context->smb_encryption_level == 1
463 * means don't fail if encryption can't be negotiated,
464 * == 2 means fail if encryption can't be negotiated.
467 DEBUG(4,(" SMB encrypt failed\n"));
469 if (context
->smb_encryption_level
== 2) {
475 DEBUG(4,(" SMB encrypt ok\n"));
479 * Ok, we have got a nice connection
480 * Let's allocate a server structure.
483 srv
= SMB_MALLOC_P(SMBCSRV
);
491 srv
->dev
= (dev_t
)(str_checksum(server
) ^ str_checksum(share
));
492 srv
->no_pathinfo
= False
;
493 srv
->no_pathinfo2
= False
;
494 srv
->no_nt_session
= False
;
496 /* now add it to the cache (internal or external) */
497 /* Let the cache function set errno if it wants to */
499 if ((context
->cache
.add_cached_server_fn
)(context
, srv
,
503 int saved_errno
= errno
;
504 DEBUG(3, (" Failed to add server to cache\n"));
512 DEBUG(2, ("Server connect ok: //%s/%s: %p\n",
513 server
, share
, srv
));
515 DLIST_ADD(context
->servers
, srv
);
529 * Connect to a server for getting/setting attributes, possibly on an existing
530 * connection. This works similarly to SMBC_server().
533 SMBC_attr_server(TALLOC_CTX
*ctx
,
542 struct sockaddr_storage ss
;
543 struct cli_state
*ipc_cli
;
544 struct rpc_pipe_client
*pipe_hnd
;
546 SMBCSRV
*ipc_srv
=NULL
;
549 * See if we've already created this special connection. Reference
550 * our "special" share name '*IPC$', which is an impossible real share
551 * name due to the leading asterisk.
553 ipc_srv
= SMBC_find_server(ctx
, context
, server
, "*IPC$",
554 pp_workgroup
, pp_username
, pp_password
);
557 /* We didn't find a cached connection. Get the password */
558 if (!*pp_password
|| (*pp_password
)[0] == '\0') {
559 /* ... then retrieve it now. */
560 SMBC_call_auth_fn(ctx
, context
, server
, share
,
561 pp_workgroup
, pp_username
, pp_password
);
562 if (!*pp_workgroup
|| !*pp_username
|| !*pp_password
) {
569 if (context
->use_kerberos
) {
570 flags
|= CLI_FULL_CONNECTION_USE_KERBEROS
;
574 nt_status
= cli_full_connection(&ipc_cli
,
575 global_myname(), server
,
576 &ss
, 0, "IPC$", "?????",
582 if (! NT_STATUS_IS_OK(nt_status
)) {
583 DEBUG(1,("cli_full_connection failed! (%s)\n",
584 nt_errstr(nt_status
)));
589 if (context
->smb_encryption_level
) {
590 /* Attempt UNIX smb encryption. */
591 if (!NT_STATUS_IS_OK(cli_force_encryption(ipc_cli
,
597 * context->smb_encryption_level ==
598 * 1 means don't fail if encryption can't be
599 * negotiated, == 2 means fail if encryption
600 * can't be negotiated.
603 DEBUG(4,(" SMB encrypt failed on IPC$\n"));
605 if (context
->smb_encryption_level
== 2) {
606 cli_shutdown(ipc_cli
);
611 DEBUG(4,(" SMB encrypt ok on IPC$\n"));
614 ipc_srv
= SMB_MALLOC_P(SMBCSRV
);
617 cli_shutdown(ipc_cli
);
621 ZERO_STRUCTP(ipc_srv
);
622 ipc_srv
->cli
= ipc_cli
;
624 pipe_hnd
= cli_rpc_pipe_open_noauth(ipc_srv
->cli
,
628 DEBUG(1, ("cli_nt_session_open fail!\n"));
630 cli_shutdown(ipc_srv
->cli
);
636 * Some systems don't support
637 * SEC_RIGHTS_MAXIMUM_ALLOWED, but NT sends 0x2000000
638 * so we might as well do it too.
641 nt_status
= rpccli_lsa_open_policy(
645 GENERIC_EXECUTE_ACCESS
,
648 if (!NT_STATUS_IS_OK(nt_status
)) {
649 errno
= SMBC_errno(context
, ipc_srv
->cli
);
650 cli_shutdown(ipc_srv
->cli
);
654 /* now add it to the cache (internal or external) */
656 errno
= 0; /* let cache function set errno if it likes */
657 if ((context
->cache
.add_cached_server_fn
)(context
, ipc_srv
,
662 DEBUG(3, (" Failed to add server to cache\n"));
666 cli_shutdown(ipc_srv
->cli
);
671 DLIST_ADD(context
->servers
, ipc_srv
);