static struct cli_state *connect_one(const char *share)
{
struct cli_state *c;
struct sockaddr_storage ss;
NTSTATUS nt_status;
uint32_t flags = 0;
zero_sockaddr(&ss);
if (get_cmdline_auth_info_use_machine_account() &&
!set_cmdline_auth_info_machine_account_creds()) {
return NULL;
}
if (get_cmdline_auth_info_use_kerberos()) {
flags |= CLI_FULL_CONNECTION_USE_KERBEROS |
CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS;
}
if (!get_cmdline_auth_info_got_pass()) {
char *pass = getpass("Password: "******"?????",
get_cmdline_auth_info_username(),
lp_workgroup(),
get_cmdline_auth_info_password(),
flags,
get_cmdline_auth_info_signing_state(),
NULL);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0,("cli_full_connection failed! (%s)\n", nt_errstr(nt_status)));
return NULL;
}
if (get_cmdline_auth_info_smb_encrypt()) {
nt_status = cli_cm_force_encryption(c,
get_cmdline_auth_info_username(),
get_cmdline_auth_info_password(),
lp_workgroup(),
share);
if (!NT_STATUS_IS_OK(nt_status)) {
cli_shutdown(c);
return NULL;
}
}
return c;
}
static struct cli_state *connect_one(const char *share)
{
struct cli_state *c;
NTSTATUS nt_status;
uint32_t flags = 0;
if (get_cmdline_auth_info_use_machine_account(smbcquotas_auth_info) &&
!set_cmdline_auth_info_machine_account_creds(smbcquotas_auth_info)) {
return NULL;
}
if (get_cmdline_auth_info_use_kerberos(smbcquotas_auth_info)) {
flags |= CLI_FULL_CONNECTION_USE_KERBEROS |
CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS;
}
set_cmdline_auth_info_getpass(smbcquotas_auth_info);
nt_status = cli_full_connection(&c, lp_netbios_name(), server,
NULL, 0,
share, "?????",
get_cmdline_auth_info_username(smbcquotas_auth_info),
lp_workgroup(),
get_cmdline_auth_info_password(smbcquotas_auth_info),
flags,
get_cmdline_auth_info_signing_state(smbcquotas_auth_info));
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0,("cli_full_connection failed! (%s)\n", nt_errstr(nt_status)));
return NULL;
}
if (get_cmdline_auth_info_smb_encrypt(smbcquotas_auth_info)) {
nt_status = cli_cm_force_encryption(c,
get_cmdline_auth_info_username(smbcquotas_auth_info),
get_cmdline_auth_info_password(smbcquotas_auth_info),
lp_workgroup(),
share);
if (!NT_STATUS_IS_OK(nt_status)) {
cli_shutdown(c);
return NULL;
}
}
return c;
}
void cli_cm_set_credentials(struct user_auth_info *auth_info)
{
SAFE_FREE(cm_creds.username);
cm_creds.username = SMB_STRDUP(get_cmdline_auth_info_username(
auth_info));
if (get_cmdline_auth_info_got_pass(auth_info)) {
cm_set_password(get_cmdline_auth_info_password(auth_info));
}
cm_creds.use_kerberos = get_cmdline_auth_info_use_kerberos(auth_info);
cm_creds.fallback_after_kerberos = false;
cm_creds.signing_state = get_cmdline_auth_info_signing_state(auth_info);
}
void set_cmdline_auth_info_getpass(struct user_auth_info *auth_info)
{
char *label = NULL;
char *pass;
TALLOC_CTX *frame;
if (get_cmdline_auth_info_got_pass(auth_info) ||
get_cmdline_auth_info_use_kerberos(auth_info)) {
/* Already got one... */
return;
}
frame = talloc_stackframe();
label = talloc_asprintf(frame, "Enter %s's password: ",
get_cmdline_auth_info_username(auth_info));
pass = getpass(label);
if (pass) {
set_cmdline_auth_info_password(auth_info, pass);
}
TALLOC_FREE(frame);
}
static NTSTATUS do_connect(TALLOC_CTX *ctx,
const char *server,
const char *share,
const struct user_auth_info *auth_info,
bool show_sessetup,
bool force_encrypt,
int max_protocol,
int port,
int name_type,
struct cli_state **pcli)
{
struct cli_state *c = NULL;
char *servicename;
char *sharename;
char *newserver, *newshare;
const char *username;
const char *password;
NTSTATUS status;
int flags = 0;
/* make a copy so we don't modify the global string 'service' */
servicename = talloc_strdup(ctx,share);
if (!servicename) {
return NT_STATUS_NO_MEMORY;
}
sharename = servicename;
if (*sharename == '\\') {
sharename += 2;
if (server == NULL) {
server = sharename;
}
sharename = strchr_m(sharename,'\\');
if (!sharename) {
return NT_STATUS_NO_MEMORY;
}
*sharename = 0;
sharename++;
}
if (server == NULL) {
return NT_STATUS_INVALID_PARAMETER;
}
if (get_cmdline_auth_info_use_kerberos(auth_info)) {
flags |= CLI_FULL_CONNECTION_USE_KERBEROS;
}
if (get_cmdline_auth_info_fallback_after_kerberos(auth_info)) {
flags |= CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS;
}
if (get_cmdline_auth_info_use_ccache(auth_info)) {
flags |= CLI_FULL_CONNECTION_USE_CCACHE;
}
status = cli_connect_nb(
server, NULL, port, name_type, NULL,
get_cmdline_auth_info_signing_state(auth_info),
flags, &c);
if (!NT_STATUS_IS_OK(status)) {
d_printf("Connection to %s failed (Error %s)\n",
server,
nt_errstr(status));
return status;
}
if (max_protocol == 0) {
max_protocol = PROTOCOL_NT1;
}
DEBUG(4,(" session request ok\n"));
status = cli_negprot(c, max_protocol);
if (!NT_STATUS_IS_OK(status)) {
d_printf("protocol negotiation failed: %s\n",
nt_errstr(status));
cli_shutdown(c);
return status;
}
username = get_cmdline_auth_info_username(auth_info);
password = get_cmdline_auth_info_password(auth_info);
status = cli_session_setup(c, username,
password, strlen(password),
password, strlen(password),
lp_workgroup());
if (!NT_STATUS_IS_OK(status)) {
/* If a password was not supplied then
* try again with a null username. */
if (password[0] || !username[0] ||
get_cmdline_auth_info_use_kerberos(auth_info) ||
!NT_STATUS_IS_OK(status = cli_session_setup(c, "",
"", 0,
"", 0,
lp_workgroup()))) {
d_printf("session setup failed: %s\n",
nt_errstr(status));
if (NT_STATUS_EQUAL(status,
NT_STATUS_MORE_PROCESSING_REQUIRED))
d_printf("did you forget to run kinit?\n");
cli_shutdown(c);
return status;
}
d_printf("Anonymous login successful\n");
status = cli_init_creds(c, "", lp_workgroup(), "");
} else {
status = cli_init_creds(c, username, lp_workgroup(), password);
}
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10,("cli_init_creds() failed: %s\n", nt_errstr(status)));
cli_shutdown(c);
return status;
}
if ( show_sessetup ) {
if (*c->server_domain) {
DEBUG(0,("Domain=[%s] OS=[%s] Server=[%s]\n",
c->server_domain,c->server_os,c->server_type));
} else if (*c->server_os || *c->server_type) {
DEBUG(0,("OS=[%s] Server=[%s]\n",
c->server_os,c->server_type));
}
}
DEBUG(4,(" session setup ok\n"));
/* here's the fun part....to support 'msdfs proxy' shares
(on Samba or windows) we have to issues a TRANS_GET_DFS_REFERRAL
here before trying to connect to the original share.
cli_check_msdfs_proxy() will fail if it is a normal share. */
if ((cli_state_capabilities(c) & CAP_DFS) &&
cli_check_msdfs_proxy(ctx, c, sharename,
&newserver, &newshare,
force_encrypt,
username,
password,
lp_workgroup())) {
cli_shutdown(c);
return do_connect(ctx, newserver,
newshare, auth_info, false,
force_encrypt, max_protocol,
port, name_type, pcli);
}
/* must be a normal share */
status = cli_tree_connect(c, sharename, "?????",
password, strlen(password)+1);
if (!NT_STATUS_IS_OK(status)) {
d_printf("tree connect failed: %s\n", nt_errstr(status));
cli_shutdown(c);
return status;
}
if (force_encrypt) {
status = cli_cm_force_encryption(c,
username,
password,
lp_workgroup(),
sharename);
if (!NT_STATUS_IS_OK(status)) {
cli_shutdown(c);
return status;
}
}
DEBUG(4,(" tconx ok\n"));
*pcli = c;
return NT_STATUS_OK;
}
