search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s4:torture/smb2: make it possible to pass existing_conn to smb2_connect_ext()
[Samba.git] / source4 / libcli / smb2 / connect.c
blob64b678654468372895fb86567bafad4d35180bea
1 /*
2 Unix SMB/CIFS implementation.
3
4 SMB2 composite connection setup
5
6 Copyright (C) Andrew Tridgell 2005
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23 #include <tevent.h>
24 #include "lib/util/tevent_ntstatus.h"
25 #include "libcli/raw/libcliraw.h"
26 #include "libcli/raw/raw_proto.h"
27 #include "libcli/smb2/smb2.h"
28 #include "libcli/smb2/smb2_calls.h"
29 #include "libcli/composite/composite.h"
30 #include "libcli/resolve/resolve.h"
31 #include "param/param.h"
32 #include "auth/credentials/credentials.h"
33 #include "../libcli/smb/smbXcli_base.h"
34 #include "smb2_constants.h"
35
36 struct smb2_connect_state {
37 struct tevent_context *ev;
38 struct cli_credentials *credentials;
39 bool fallback_to_anonymous;
40 uint64_t previous_session_id;
41 struct resolve_context *resolve_ctx;
42 const char *host;
43 const char *share;
44 const char *unc;
45 const char **ports;
46 const char *socket_options;
47 struct nbt_name calling, called;
48 struct gensec_settings *gensec_settings;
49 struct smbcli_options options;
50 struct smb2_transport *transport;
51 struct smb2_session *session;
52 struct smb2_tree *tree;
53 };
54
55 static void smb2_connect_session_start(struct tevent_req *req);
56 static void smb2_connect_socket_done(struct composite_context *creq);
57
58 /*
59 a composite function that does a full negprot/sesssetup/tcon, returning
60 a connected smb2_tree
61 */
62 struct tevent_req *smb2_connect_send(TALLOC_CTX *mem_ctx,
63 struct tevent_context *ev,
64 const char *host,
65 const char **ports,
66 const char *share,
67 struct resolve_context *resolve_ctx,
68 struct cli_credentials *credentials,
69 bool fallback_to_anonymous,
70 struct smbXcli_conn **existing_conn,
71 uint64_t previous_session_id,
72 const struct smbcli_options *options,
73 const char *socket_options,
74 struct gensec_settings *gensec_settings)
75 {
76 struct tevent_req *req;
77 struct smb2_connect_state *state;
78 struct composite_context *creq;
79 static const char *default_ports[] = { "445", "139", NULL };
80 enum smb_encryption_setting encryption_state =
81 cli_credentials_get_smb_encryption(credentials);
82
83 req = tevent_req_create(mem_ctx, &state,
84 struct smb2_connect_state);
85 if (req == NULL) {
86 return NULL;
87 }
88
89 state->ev = ev;
90 state->credentials = credentials;
91 state->fallback_to_anonymous = fallback_to_anonymous;
92 state->previous_session_id = previous_session_id;
93 state->options = *options;
94 state->host = host;
95 state->ports = ports;
96 state->share = share;
97 state->resolve_ctx = resolve_ctx;
98 state->socket_options = socket_options;
99 state->gensec_settings = gensec_settings;
100
101 if (state->ports == NULL) {
102 state->ports = default_ports;
103 }
104
105 if (encryption_state >= SMB_ENCRYPTION_DESIRED) {
106 state->options.signing = SMB_SIGNING_REQUIRED;
107 }
108
109 make_nbt_name_client(&state->calling,
110 cli_credentials_get_workstation(credentials));
111
112 nbt_choose_called_name(state, &state->called,
113 host, NBT_NAME_SERVER);
114
115 state->unc = talloc_asprintf(state, "\\\\%s\\%s",
116 state->host, state->share);
117 if (tevent_req_nomem(state->unc, req)) {
118 return tevent_req_post(req, ev);
119 }
120
121 if (existing_conn != NULL) {
122 NTSTATUS status;
123
124 status = smb2_transport_raw_init(state, ev,
125 existing_conn,
126 &state->options,
127 &state->transport);
128 if (tevent_req_nterror(req, status)) {
129 return tevent_req_post(req, ev);
130 }
131
132 smb2_connect_session_start(req);
133 if (!tevent_req_is_in_progress(req)) {
134 return tevent_req_post(req, ev);
135 }
136
137 return req;
138 }
139
140 creq = smbcli_sock_connect_send(state, NULL, state->ports,
141 state->host, state->resolve_ctx,
142 state->ev, state->socket_options,
143 &state->calling,
144 &state->called);
145 if (tevent_req_nomem(creq, req)) {
146 return tevent_req_post(req, ev);
147 }
148 creq->async.fn = smb2_connect_socket_done;
149 creq->async.private_data = req;
150
151 return req;
152 }
153
154 static void smb2_connect_negprot_done(struct tevent_req *subreq);
155
156 static void smb2_connect_socket_done(struct composite_context *creq)
157 {
158 struct tevent_req *req =
159 talloc_get_type_abort(creq->async.private_data,
160 struct tevent_req);
161 struct smb2_connect_state *state =
162 tevent_req_data(req,
163 struct smb2_connect_state);
164 struct smbcli_socket *sock;
165 struct tevent_req *subreq;
166 NTSTATUS status;
167 uint32_t timeout_msec;
168 enum protocol_types min_protocol;
169
170 status = smbcli_sock_connect_recv(creq, state, &sock);
171 if (tevent_req_nterror(req, status)) {
172 return;
173 }
174
175 state->transport = smb2_transport_init(sock, state, &state->options);
176 if (tevent_req_nomem(state->transport, req)) {
177 return;
178 }
179
180 timeout_msec = state->transport->options.request_timeout * 1000;
181 min_protocol = state->transport->options.min_protocol;
182 if (min_protocol < PROTOCOL_SMB2_02) {
183 min_protocol = PROTOCOL_SMB2_02;
184 }
185
186 subreq = smbXcli_negprot_send(state, state->ev,
187 state->transport->conn, timeout_msec,
188 min_protocol,
189 state->transport->options.max_protocol,
190 state->transport->options.max_credits,
191 NULL);
192 if (tevent_req_nomem(subreq, req)) {
193 return;
194 }
195 tevent_req_set_callback(subreq, smb2_connect_negprot_done, req);
196 }
197
198 static void smb2_connect_session_done(struct tevent_req *subreq);
199
200 static void smb2_connect_negprot_done(struct tevent_req *subreq)
201 {
202 struct tevent_req *req =
203 tevent_req_callback_data(subreq,
204 struct tevent_req);
205 NTSTATUS status;
206
207 status = smbXcli_negprot_recv(subreq, NULL, NULL);
208 TALLOC_FREE(subreq);
209 if (tevent_req_nterror(req, status)) {
210 return;
211 }
212
213 smb2_connect_session_start(req);
214 }
215
216 static void smb2_connect_session_start(struct tevent_req *req)
217 {
218 struct smb2_connect_state *state =
219 tevent_req_data(req,
220 struct smb2_connect_state);
221 struct smb2_transport *transport = state->transport;
222 struct tevent_req *subreq = NULL;
223
224 state->session = smb2_session_init(transport, state->gensec_settings, state);
225 if (tevent_req_nomem(state->session, req)) {
226 return;
227 }
228
229 if (state->options.only_negprot) {
230 state->tree = smb2_tree_init(state->session, state, true);
231 if (tevent_req_nomem(state->tree, req)) {
232 return;
233 }
234 tevent_req_done(req);
235 return;
236 }
237
238 subreq = smb2_session_setup_spnego_send(state, state->ev,
239 state->session,
240 state->credentials,
241 state->previous_session_id);
242 if (tevent_req_nomem(subreq, req)) {
243 return;
244 }
245 tevent_req_set_callback(subreq, smb2_connect_session_done, req);
246 }
247
248 static void smb2_connect_enc_start(struct tevent_req *req);
249 static void smb2_connect_tcon_start(struct tevent_req *req);
250 static void smb2_connect_tcon_done(struct tevent_req *subreq);
251
252 static void smb2_connect_session_done(struct tevent_req *subreq)
253 {
254 struct tevent_req *req =
255 tevent_req_callback_data(subreq,
256 struct tevent_req);
257 struct smb2_connect_state *state =
258 tevent_req_data(req,
259 struct smb2_connect_state);
260 NTSTATUS status;
261
262 status = smb2_session_setup_spnego_recv(subreq);
263 TALLOC_FREE(subreq);
264 if (!NT_STATUS_IS_OK(status) &&
265 !cli_credentials_is_anonymous(state->credentials) &&
266 state->fallback_to_anonymous) {
267 struct cli_credentials *anon_creds = NULL;
268
269 /*
270 * The transport was moved to session,
271 * we need to revert that before removing
272 * the old broken session.
273 */
274 state->transport = talloc_move(state, &state->session->transport);
275 TALLOC_FREE(state->session);
276
277 anon_creds = cli_credentials_init_anon(state);
278 if (tevent_req_nomem(anon_creds, req)) {
279 return;
280 }
281 cli_credentials_set_workstation(anon_creds,
282 cli_credentials_get_workstation(state->credentials),
283 CRED_SPECIFIED);
284
285 /*
286 * retry with anonymous credentials
287 */
288 state->credentials = anon_creds;
289 smb2_connect_session_start(req);
290 return;
291 }
292 if (tevent_req_nterror(req, status)) {
293 return;
294 }
295
296 state->tree = smb2_tree_init(state->session, state, true);
297 if (tevent_req_nomem(state->tree, req)) {
298 return;
299 }
300
301 smb2_connect_enc_start(req);
302 }
303
304 static void smb2_connect_enc_start(struct tevent_req *req)
305 {
306 struct smb2_connect_state *state =
307 tevent_req_data(req,
308 struct smb2_connect_state);
309 enum smb_encryption_setting encryption_state =
310 cli_credentials_get_smb_encryption(state->credentials);
311 NTSTATUS status;
312
313 if (encryption_state < SMB_ENCRYPTION_DESIRED) {
314 smb2_connect_tcon_start(req);
315 return;
316 }
317
318 status = smb2cli_session_encryption_on(state->session->smbXcli);
319 if (!NT_STATUS_IS_OK(status)) {
320 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
321 if (encryption_state < SMB_ENCRYPTION_REQUIRED) {
322 smb2_connect_tcon_start(req);
323 return;
324 }
325
326 DBG_ERR("Encryption required and server doesn't support "
327 "SMB3 encryption - failing connect\n");
328 tevent_req_nterror(req, status);
329 return;
330 }
331
332 DBG_ERR("Encryption required and setup failed with error %s.\n",
333 nt_errstr(status));
334 tevent_req_nterror(req, NT_STATUS_PROTOCOL_NOT_SUPPORTED);
335 return;
336 }
337
338 smb2_connect_tcon_start(req);
339 }
340
341 static void smb2_connect_tcon_start(struct tevent_req *req)
342 {
343 struct smb2_connect_state *state =
344 tevent_req_data(req,
345 struct smb2_connect_state);
346 struct tevent_req *subreq = NULL;
347 uint32_t timeout_msec;
348
349 timeout_msec = state->transport->options.request_timeout * 1000;
350
351 subreq = smb2cli_tcon_send(state, state->ev,
352 state->transport->conn,
353 timeout_msec,
354 state->session->smbXcli,
355 state->tree->smbXcli,
356 0, /* flags */
357 state->unc);
358 if (tevent_req_nomem(subreq, req)) {
359 return;
360 }
361 tevent_req_set_callback(subreq, smb2_connect_tcon_done, req);
362 }
363
364 static void smb2_connect_tcon_done(struct tevent_req *subreq)
365 {
366 struct tevent_req *req =
367 tevent_req_callback_data(subreq,
368 struct tevent_req);
369 NTSTATUS status;
370
371 status = smb2cli_tcon_recv(subreq);
372 if (tevent_req_nterror(req, status)) {
373 return;
374 }
375
376 tevent_req_done(req);
377 }
378
379 NTSTATUS smb2_connect_recv(struct tevent_req *req,
380 TALLOC_CTX *mem_ctx,
381 struct smb2_tree **tree)
382 {
383 struct smb2_connect_state *state =
384 tevent_req_data(req,
385 struct smb2_connect_state);
386 NTSTATUS status;
387
388 if (tevent_req_is_nterror(req, &status)) {
389 tevent_req_received(req);
390 return status;
391 }
392
393 *tree = talloc_move(mem_ctx, &state->tree);
394
395 tevent_req_received(req);
396 return NT_STATUS_OK;
397 }
398
399 /*
400 sync version of smb2_connect
401 */
402 NTSTATUS smb2_connect_ext(TALLOC_CTX *mem_ctx,
403 const char *host,
404 const char **ports,
405 const char *share,
406 struct resolve_context *resolve_ctx,
407 struct cli_credentials *credentials,
408 struct smbXcli_conn **existing_conn,
409 uint64_t previous_session_id,
410 struct smb2_tree **tree,
411 struct tevent_context *ev,
412 const struct smbcli_options *options,
413 const char *socket_options,
414 struct gensec_settings *gensec_settings)
415 {
416 struct tevent_req *subreq;
417 NTSTATUS status;
418 bool ok;
419 TALLOC_CTX *frame = talloc_stackframe();
420
421 if (frame == NULL) {
422 return NT_STATUS_NO_MEMORY;
423 }
424
425 subreq = smb2_connect_send(frame,
426 ev,
427 host,
428 ports,
429 share,
430 resolve_ctx,
431 credentials,
432 false, /* fallback_to_anonymous */
433 existing_conn,
434 previous_session_id,
435 options,
436 socket_options,
437 gensec_settings);
438 if (subreq == NULL) {
439 TALLOC_FREE(frame);
440 return NT_STATUS_NO_MEMORY;
441 }
442
443 ok = tevent_req_poll(subreq, ev);
444 if (!ok) {
445 status = map_nt_error_from_unix_common(errno);
446 TALLOC_FREE(frame);
447 return status;
448 }
449
450 status = smb2_connect_recv(subreq, mem_ctx, tree);
451 TALLOC_FREE(subreq);
452 if (!NT_STATUS_IS_OK(status)) {
453 TALLOC_FREE(frame);
454 return status;
455 }
456
457 TALLOC_FREE(frame);
458 return NT_STATUS_OK;
459 }
460
461 NTSTATUS smb2_connect(TALLOC_CTX *mem_ctx,
462 const char *host,
463 const char **ports,
464 const char *share,
465 struct resolve_context *resolve_ctx,
466 struct cli_credentials *credentials,
467 struct smb2_tree **tree,
468 struct tevent_context *ev,
469 const struct smbcli_options *options,
470 const char *socket_options,
471 struct gensec_settings *gensec_settings)
472 {
473 NTSTATUS status;
474
475 status = smb2_connect_ext(mem_ctx, host, ports, share, resolve_ctx,
476 credentials,
477 NULL, /* existing_conn */
478 0, /* previous_session_id */
479 tree, ev, options, socket_options,
480 gensec_settings);
481
482 return status;
483 }
Samba GIT mirror