2 Unix SMB/CIFS implementation.
4 SMB2 composite connection setup
6 Copyright (C) Andrew Tridgell 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "lib/util/tevent_ntstatus.h"
25 #include "libcli/raw/libcliraw.h"
26 #include "libcli/raw/raw_proto.h"
27 #include "libcli/smb2/smb2.h"
28 #include "libcli/smb2/smb2_calls.h"
29 #include "libcli/composite/composite.h"
30 #include "libcli/resolve/resolve.h"
31 #include "param/param.h"
32 #include "auth/credentials/credentials.h"
33 #include "../libcli/smb/smbXcli_base.h"
34 #include "smb2_constants.h"
36 struct smb2_connect_state
{
37 struct tevent_context
*ev
;
38 struct cli_credentials
*credentials
;
39 bool fallback_to_anonymous
;
40 uint64_t previous_session_id
;
41 struct resolve_context
*resolve_ctx
;
46 const char *socket_options
;
47 struct nbt_name calling
, called
;
48 struct gensec_settings
*gensec_settings
;
49 struct smbcli_options options
;
50 struct smb2_transport
*transport
;
51 struct smb2_session
*session
;
52 struct smb2_tree
*tree
;
55 static void smb2_connect_session_start(struct tevent_req
*req
);
56 static void smb2_connect_socket_done(struct composite_context
*creq
);
59 a composite function that does a full negprot/sesssetup/tcon, returning
62 struct tevent_req
*smb2_connect_send(TALLOC_CTX
*mem_ctx
,
63 struct tevent_context
*ev
,
67 struct resolve_context
*resolve_ctx
,
68 struct cli_credentials
*credentials
,
69 bool fallback_to_anonymous
,
70 struct smbXcli_conn
**existing_conn
,
71 uint64_t previous_session_id
,
72 const struct smbcli_options
*options
,
73 const char *socket_options
,
74 struct gensec_settings
*gensec_settings
)
76 struct tevent_req
*req
;
77 struct smb2_connect_state
*state
;
78 struct composite_context
*creq
;
79 static const char *default_ports
[] = { "445", "139", NULL
};
80 enum smb_encryption_setting encryption_state
=
81 cli_credentials_get_smb_encryption(credentials
);
83 req
= tevent_req_create(mem_ctx
, &state
,
84 struct smb2_connect_state
);
90 state
->credentials
= credentials
;
91 state
->fallback_to_anonymous
= fallback_to_anonymous
;
92 state
->previous_session_id
= previous_session_id
;
93 state
->options
= *options
;
97 state
->resolve_ctx
= resolve_ctx
;
98 state
->socket_options
= socket_options
;
99 state
->gensec_settings
= gensec_settings
;
101 if (state
->ports
== NULL
) {
102 state
->ports
= default_ports
;
105 if (encryption_state
>= SMB_ENCRYPTION_DESIRED
) {
106 state
->options
.signing
= SMB_SIGNING_REQUIRED
;
109 make_nbt_name_client(&state
->calling
,
110 cli_credentials_get_workstation(credentials
));
112 nbt_choose_called_name(state
, &state
->called
,
113 host
, NBT_NAME_SERVER
);
115 state
->unc
= talloc_asprintf(state
, "\\\\%s\\%s",
116 state
->host
, state
->share
);
117 if (tevent_req_nomem(state
->unc
, req
)) {
118 return tevent_req_post(req
, ev
);
121 if (existing_conn
!= NULL
) {
124 status
= smb2_transport_raw_init(state
, ev
,
128 if (tevent_req_nterror(req
, status
)) {
129 return tevent_req_post(req
, ev
);
132 smb2_connect_session_start(req
);
133 if (!tevent_req_is_in_progress(req
)) {
134 return tevent_req_post(req
, ev
);
140 creq
= smbcli_sock_connect_send(state
, NULL
, state
->ports
,
141 state
->host
, state
->resolve_ctx
,
142 state
->ev
, state
->socket_options
,
145 if (tevent_req_nomem(creq
, req
)) {
146 return tevent_req_post(req
, ev
);
148 creq
->async
.fn
= smb2_connect_socket_done
;
149 creq
->async
.private_data
= req
;
154 static void smb2_connect_negprot_done(struct tevent_req
*subreq
);
156 static void smb2_connect_socket_done(struct composite_context
*creq
)
158 struct tevent_req
*req
=
159 talloc_get_type_abort(creq
->async
.private_data
,
161 struct smb2_connect_state
*state
=
163 struct smb2_connect_state
);
164 struct smbcli_socket
*sock
;
165 struct tevent_req
*subreq
;
167 uint32_t timeout_msec
;
168 enum protocol_types min_protocol
;
170 status
= smbcli_sock_connect_recv(creq
, state
, &sock
);
171 if (tevent_req_nterror(req
, status
)) {
175 state
->transport
= smb2_transport_init(sock
, state
, &state
->options
);
176 if (tevent_req_nomem(state
->transport
, req
)) {
180 timeout_msec
= state
->transport
->options
.request_timeout
* 1000;
181 min_protocol
= state
->transport
->options
.min_protocol
;
182 if (min_protocol
< PROTOCOL_SMB2_02
) {
183 min_protocol
= PROTOCOL_SMB2_02
;
186 subreq
= smbXcli_negprot_send(state
, state
->ev
,
187 state
->transport
->conn
, timeout_msec
,
189 state
->transport
->options
.max_protocol
,
190 state
->transport
->options
.max_credits
,
192 if (tevent_req_nomem(subreq
, req
)) {
195 tevent_req_set_callback(subreq
, smb2_connect_negprot_done
, req
);
198 static void smb2_connect_session_done(struct tevent_req
*subreq
);
200 static void smb2_connect_negprot_done(struct tevent_req
*subreq
)
202 struct tevent_req
*req
=
203 tevent_req_callback_data(subreq
,
207 status
= smbXcli_negprot_recv(subreq
, NULL
, NULL
);
209 if (tevent_req_nterror(req
, status
)) {
213 smb2_connect_session_start(req
);
216 static void smb2_connect_session_start(struct tevent_req
*req
)
218 struct smb2_connect_state
*state
=
220 struct smb2_connect_state
);
221 struct smb2_transport
*transport
= state
->transport
;
222 struct tevent_req
*subreq
= NULL
;
224 state
->session
= smb2_session_init(transport
, state
->gensec_settings
, state
);
225 if (tevent_req_nomem(state
->session
, req
)) {
229 if (state
->options
.only_negprot
) {
230 state
->tree
= smb2_tree_init(state
->session
, state
, true);
231 if (tevent_req_nomem(state
->tree
, req
)) {
234 tevent_req_done(req
);
238 subreq
= smb2_session_setup_spnego_send(state
, state
->ev
,
241 state
->previous_session_id
);
242 if (tevent_req_nomem(subreq
, req
)) {
245 tevent_req_set_callback(subreq
, smb2_connect_session_done
, req
);
248 static void smb2_connect_enc_start(struct tevent_req
*req
);
249 static void smb2_connect_tcon_start(struct tevent_req
*req
);
250 static void smb2_connect_tcon_done(struct tevent_req
*subreq
);
252 static void smb2_connect_session_done(struct tevent_req
*subreq
)
254 struct tevent_req
*req
=
255 tevent_req_callback_data(subreq
,
257 struct smb2_connect_state
*state
=
259 struct smb2_connect_state
);
262 status
= smb2_session_setup_spnego_recv(subreq
);
264 if (!NT_STATUS_IS_OK(status
) &&
265 !cli_credentials_is_anonymous(state
->credentials
) &&
266 state
->fallback_to_anonymous
) {
267 struct cli_credentials
*anon_creds
= NULL
;
270 * The transport was moved to session,
271 * we need to revert that before removing
272 * the old broken session.
274 state
->transport
= talloc_move(state
, &state
->session
->transport
);
275 TALLOC_FREE(state
->session
);
277 anon_creds
= cli_credentials_init_anon(state
);
278 if (tevent_req_nomem(anon_creds
, req
)) {
281 cli_credentials_set_workstation(anon_creds
,
282 cli_credentials_get_workstation(state
->credentials
),
286 * retry with anonymous credentials
288 state
->credentials
= anon_creds
;
289 smb2_connect_session_start(req
);
292 if (tevent_req_nterror(req
, status
)) {
296 state
->tree
= smb2_tree_init(state
->session
, state
, true);
297 if (tevent_req_nomem(state
->tree
, req
)) {
301 smb2_connect_enc_start(req
);
304 static void smb2_connect_enc_start(struct tevent_req
*req
)
306 struct smb2_connect_state
*state
=
308 struct smb2_connect_state
);
309 enum smb_encryption_setting encryption_state
=
310 cli_credentials_get_smb_encryption(state
->credentials
);
313 if (encryption_state
< SMB_ENCRYPTION_DESIRED
) {
314 smb2_connect_tcon_start(req
);
318 status
= smb2cli_session_encryption_on(state
->session
->smbXcli
);
319 if (!NT_STATUS_IS_OK(status
)) {
320 if (NT_STATUS_EQUAL(status
, NT_STATUS_NOT_SUPPORTED
)) {
321 if (encryption_state
< SMB_ENCRYPTION_REQUIRED
) {
322 smb2_connect_tcon_start(req
);
326 DBG_ERR("Encryption required and server doesn't support "
327 "SMB3 encryption - failing connect\n");
328 tevent_req_nterror(req
, status
);
332 DBG_ERR("Encryption required and setup failed with error %s.\n",
334 tevent_req_nterror(req
, NT_STATUS_PROTOCOL_NOT_SUPPORTED
);
338 smb2_connect_tcon_start(req
);
341 static void smb2_connect_tcon_start(struct tevent_req
*req
)
343 struct smb2_connect_state
*state
=
345 struct smb2_connect_state
);
346 struct tevent_req
*subreq
= NULL
;
347 uint32_t timeout_msec
;
349 timeout_msec
= state
->transport
->options
.request_timeout
* 1000;
351 subreq
= smb2cli_tcon_send(state
, state
->ev
,
352 state
->transport
->conn
,
354 state
->session
->smbXcli
,
355 state
->tree
->smbXcli
,
358 if (tevent_req_nomem(subreq
, req
)) {
361 tevent_req_set_callback(subreq
, smb2_connect_tcon_done
, req
);
364 static void smb2_connect_tcon_done(struct tevent_req
*subreq
)
366 struct tevent_req
*req
=
367 tevent_req_callback_data(subreq
,
371 status
= smb2cli_tcon_recv(subreq
);
372 if (tevent_req_nterror(req
, status
)) {
376 tevent_req_done(req
);
379 NTSTATUS
smb2_connect_recv(struct tevent_req
*req
,
381 struct smb2_tree
**tree
)
383 struct smb2_connect_state
*state
=
385 struct smb2_connect_state
);
388 if (tevent_req_is_nterror(req
, &status
)) {
389 tevent_req_received(req
);
393 *tree
= talloc_move(mem_ctx
, &state
->tree
);
395 tevent_req_received(req
);
400 sync version of smb2_connect
402 NTSTATUS
smb2_connect_ext(TALLOC_CTX
*mem_ctx
,
406 struct resolve_context
*resolve_ctx
,
407 struct cli_credentials
*credentials
,
408 struct smbXcli_conn
**existing_conn
,
409 uint64_t previous_session_id
,
410 struct smb2_tree
**tree
,
411 struct tevent_context
*ev
,
412 const struct smbcli_options
*options
,
413 const char *socket_options
,
414 struct gensec_settings
*gensec_settings
)
416 struct tevent_req
*subreq
;
419 TALLOC_CTX
*frame
= talloc_stackframe();
422 return NT_STATUS_NO_MEMORY
;
425 subreq
= smb2_connect_send(frame
,
432 false, /* fallback_to_anonymous */
438 if (subreq
== NULL
) {
440 return NT_STATUS_NO_MEMORY
;
443 ok
= tevent_req_poll(subreq
, ev
);
445 status
= map_nt_error_from_unix_common(errno
);
450 status
= smb2_connect_recv(subreq
, mem_ctx
, tree
);
452 if (!NT_STATUS_IS_OK(status
)) {
461 NTSTATUS
smb2_connect(TALLOC_CTX
*mem_ctx
,
465 struct resolve_context
*resolve_ctx
,
466 struct cli_credentials
*credentials
,
467 struct smb2_tree
**tree
,
468 struct tevent_context
*ev
,
469 const struct smbcli_options
*options
,
470 const char *socket_options
,
471 struct gensec_settings
*gensec_settings
)
475 status
= smb2_connect_ext(mem_ctx
, host
, ports
, share
, resolve_ctx
,
477 NULL
, /* existing_conn */
478 0, /* previous_session_id */
479 tree
, ev
, options
, socket_options
,