/**
pull a ascii string from a request packet, returning a talloced string
the string length is limited by the 3 things:
- the data size in the request (end of packet)
- the passed 'byte_len' if it is not -1
- the end of string (null termination)
Note that 'byte_len' is the number of bytes in the packet
on failure zero is returned and *dest is set to NULL, otherwise the number
of bytes consumed in the packet is returned
*/
static size_t req_pull_ascii(struct request_bufinfo *bufinfo, const char **dest, const uint8_t *src, int byte_len, unsigned int flags)
{
int src_len, src_len2;
bool ret;
char *dest2;
size_t converted_size = 0;
if (flags & STR_NO_RANGE_CHECK) {
src_len = byte_len;
} else {
src_len = bufinfo->data_size - PTR_DIFF(src, bufinfo->data);
if (src_len < 0) {
*dest = NULL;
return 0;
}
if (byte_len != -1 && src_len > byte_len) {
src_len = byte_len;
}
}
src_len2 = strnlen((const char *)src, src_len);
if (src_len2 <= src_len - 1) {
/* include the termination if we didn't reach the end of the packet */
src_len2++;
}
ret = convert_string_talloc(bufinfo->mem_ctx, CH_DOS, CH_UNIX, src, src_len2, (void **)&dest2, &converted_size);
if (!ret) {
*dest = NULL;
return 0;
}
*dest = dest2;
return src_len2;
}
static void send_lm_announcement(struct subnet_record *subrec, int announce_type,
char *from_name, char *to_name, int to_type, struct in_addr to_ip,
time_t announce_interval,
char *server_name, int server_type, char *server_comment)
{
char outbuf[1024];
char *p=outbuf;
memset(outbuf,'\0',sizeof(outbuf));
SSVAL(p,0,announce_type);
SIVAL(p,2,server_type & ~SV_TYPE_LOCAL_LIST_ONLY);
SCVAL(p,6,SAMBA_MAJOR_NBT_ANNOUNCE_VERSION); /* Major version. */
SCVAL(p,7,SAMBA_MINOR_NBT_ANNOUNCE_VERSION); /* Minor version. */
SSVAL(p,8,announce_interval); /* In seconds - according to spec. */
p += 10;
p += push_string_check(p, server_name, 15, STR_ASCII|STR_UPPER|STR_TERMINATE);
p += push_string_check(p, server_comment, sizeof(outbuf)- (p - outbuf), STR_ASCII|STR_UPPER|STR_TERMINATE);
send_mailslot(False,LANMAN_MAILSLOT, outbuf, PTR_DIFF(p,outbuf),
from_name, 0x0, to_name, to_type, to_ip, subrec->myip,
DGRAM_PORT);
}
/* Parse the SKB header and initialise state. */
static void tso_start(struct tso_state *st, const struct sk_buff *skb)
{
/* All ethernet/IP/TCP headers combined size is TCP header size
* plus offset of TCP header relative to start of packet.
*/
st->header_len = ((tcp_hdr(skb)->doff << 2u)
+ PTR_DIFF(tcp_hdr(skb), skb->data));
st->full_packet_size = st->header_len + skb_shinfo(skb)->gso_size;
if (st->protocol == htons(ETH_P_IP))
st->ipv4_id = ntohs(ip_hdr(skb)->id);
else
st->ipv4_id = 0;
st->seqnum = ntohl(tcp_hdr(skb)->seq);
EFX_BUG_ON_PARANOID(tcp_hdr(skb)->urg);
EFX_BUG_ON_PARANOID(tcp_hdr(skb)->syn);
EFX_BUG_ON_PARANOID(tcp_hdr(skb)->rst);
st->packet_space = st->full_packet_size;
st->out_len = skb->len - st->header_len;
st->unmap_len = 0;
st->unmap_single = false;
}
/*
* Verify that our various assumptions about sk_buffs and the conditions
* under which TSO will be attempted hold true. Also determine and fill
* in the protocol number through the provided pointer.
*/
static int efx_tso_check_protocol(struct sk_buff *skb, __be16 *protocol)
{
*protocol = skb->protocol;
if (((struct ethhdr *)skb->data)->h_proto != *protocol)
return -EINVAL;
#if !defined(EFX_USE_KCOMPAT) || defined(EFX_USE_NETDEV_VLAN_FEATURES) || defined(NETIF_F_VLAN_TSO)
if (*protocol == htons(ETH_P_8021Q)) {
struct vlan_ethhdr *veh = (struct vlan_ethhdr *)skb->data;
*protocol = veh->h_vlan_encapsulated_proto;
}
#endif
/* For SW TSO or TSOv1 we can only deal with TCP in IPv4 or IPv6 */
if (*protocol == htons(ETH_P_IP)) {
if (ip_hdr(skb)->protocol != IPPROTO_TCP)
return -EINVAL;
} else if (*protocol == htons(ETH_P_IPV6)) {
if (ipv6_hdr(skb)->nexthdr != NEXTHDR_TCP)
return -EINVAL;
} else {
return -EINVAL;
}
/* All headers (incl. TCP header) must be in linear data area. This
* should always be the case, so warn if not.
*/
if (WARN_ON((PTR_DIFF(tcp_hdr(skb), skb->data) +
(tcp_hdr(skb)->doff << 2u)) >
skb_headlen(skb)))
return -EINVAL;
return 0;
}
static void send_announcement(struct subnet_record *subrec, int announce_type,
const char *from_name, const char *to_name, int to_type, struct in_addr to_ip,
time_t announce_interval,
const char *server_name, int server_type, const char *server_comment)
{
char outbuf[PSTRING_LEN];
unstring upper_server_name;
char *p;
memset(outbuf,'\0',sizeof(outbuf));
p = outbuf+1;
SCVAL(outbuf,0,announce_type);
/* Announcement parameters. */
SCVAL(p,0,updatecount);
SIVAL(p,1,announce_interval*1000); /* Milliseconds - despite the spec. */
safe_strcpy(upper_server_name, server_name, sizeof(upper_server_name)-1);
strupper_m(upper_server_name);
push_string(NULL, p+5, upper_server_name, 16, STR_ASCII|STR_TERMINATE);
SCVAL(p,21,lp_major_announce_version()); /* Major version. */
SCVAL(p,22,lp_minor_announce_version()); /* Minor version. */
SIVAL(p,23,server_type & ~SV_TYPE_LOCAL_LIST_ONLY);
/* Browse version: got from NT/AS 4.00 - Value defined in smb.h (JHT). */
SSVAL(p,27,BROWSER_ELECTION_VERSION);
SSVAL(p,29,BROWSER_CONSTANT); /* Browse signature. */
p += 31 + push_string(NULL, p+31, server_comment, sizeof(outbuf) - (p + 31 - outbuf), STR_ASCII|STR_TERMINATE);
send_mailslot(False,BROWSE_MAILSLOT, outbuf, PTR_DIFF(p,outbuf),
from_name, 0x0, to_name, to_type, to_ip, subrec->myip,
DGRAM_PORT);
}
/****************************************************************************
similar to string_sub() but allows for any character to be substituted.
Use with caution!
****************************************************************************/
void
all_string_sub (char *s, const char *pattern, const char *insert)
{
char *p;
size_t ls, lp, li;
if (!insert || !pattern || !s)
return;
ls = strlen (s);
lp = strlen (pattern);
li = strlen (insert);
if (!*pattern)
return;
while (lp <= ls && (p = strstr (s, pattern)))
{
memmove (p + li, p + lp, ls + 1 - (PTR_DIFF (p, s) + lp));
memcpy (p, insert, li);
s = p + li;
ls += (li - lp);
}
}
bool is_ipaddress_v6(const char *str)
{
#if defined(HAVE_IPV6)
int ret = -1;
char *p = NULL;
p = strchr_m(str, ':');
if (p == NULL) {
return is_ipv6_literal(str);
} else {
char buf[INET6_ADDRSTRLEN] = { 0, };
size_t len;
const char *addr = str;
const char *idxs = NULL;
unsigned int idx = 0;
struct in6_addr ip6;
p = strchr_m(str, '%');
if (p && (p > str)) {
len = PTR_DIFF(p, str);
idxs = p + 1;
} else {
len = strlen(str);
}
if (len >= sizeof(buf)) {
return false;
}
if (idxs != NULL) {
strncpy(buf, str, len);
addr = buf;
}
/*
* Cope with link-local.
* This is IP:v6:addr%ifidx.
*/
if (idxs != NULL) {
char c;
ret = sscanf(idxs, "%5u%c", &idx, &c);
if (ret != 1) {
idx = 0;
}
if (idx > 0 && idx < UINT16_MAX) {
/* a valid index */
idxs = NULL;
}
}
/*
* Cope with link-local.
* This is IP:v6:addr%ifname.
*/
if (idxs != NULL) {
idx = if_nametoindex(idxs);
if (idx > 0) {
/* a valid index */
idxs = NULL;
}
}
if (idxs != NULL) {
return false;
}
ret = inet_pton(AF_INET6, addr, &ip6);
if (ret <= 0) {
return false;
}
return true;
}
#endif
return false;
}
static size_t ucs2_align(const void *base_ptr, const void *p, int flags)
{
if (flags & (STR_NOALIGN|STR_ASCII))
return 0;
return PTR_DIFF(p, base_ptr) & 1;
}
static bool test_pool_steal(void)
{
void *root;
void *pool;
void *p1, *p2;
void *p1_2, *p2_2;
size_t hdr;
size_t ofs1, ofs2;
root = talloc_new(NULL);
pool = talloc_pool(root, 1024);
p1 = talloc_size(pool, 4 * 16);
torture_assert("pool allocate 4 * 16", p1 != NULL, "failed ");
memset(p1, 0x11, talloc_get_size(p1));
p2 = talloc_size(pool, 4 * 16);
torture_assert("pool allocate 4 * 16", p2 > p1, "failed: !(p2 > p1) ");
memset(p2, 0x11, talloc_get_size(p2));
ofs1 = PTR_DIFF(p2, p1);
hdr = ofs1 - talloc_get_size(p1);
talloc_steal(root, p1);
talloc_steal(root, p2);
talloc_free(pool);
p1_2 = p1;
#if 1 /* this relies on ALWAYS_REALLOC == 0 in talloc.c */
p1_2 = talloc_realloc_size(root, p1, 5 * 16);
torture_assert("pool realloc 5 * 16", p1_2 > p2, "failed: pointer not changed");
memset(p1_2, 0x11, talloc_get_size(p1_2));
ofs1 = PTR_DIFF(p1_2, p2);
ofs2 = talloc_get_size(p2) + hdr;
torture_assert("pool realloc ", ofs1 == ofs2, "failed: pointer offset unexpected");
p2_2 = talloc_realloc_size(root, p2, 3 * 16);
torture_assert("pool realloc 5 * 16", p2_2 == p2, "failed: pointer changed");
memset(p2_2, 0x11, talloc_get_size(p2_2));
#endif /* this relies on ALWAYS_REALLOC == 0 in talloc.c */
talloc_free(p1_2);
p2_2 = p2;
#if 1 /* this relies on ALWAYS_REALLOC == 0 in talloc.c */
/* now we should reclaim the full pool */
p2_2 = talloc_realloc_size(root, p2, 8 * 16);
torture_assert("pool realloc 8 * 16", p2_2 == p1, "failed: pointer not expected");
p2 = p2_2;
memset(p2_2, 0x11, talloc_get_size(p2_2));
/* now we malloc and free the full pool space */
p2_2 = talloc_realloc_size(root, p2, 2 * 1024);
torture_assert("pool realloc 2 * 1024", p2_2 != p1, "failed: pointer not expected");
memset(p2_2, 0x11, talloc_get_size(p2_2));
#endif /* this relies on ALWAYS_REALLOC == 0 in talloc.c */
talloc_free(p2_2);
talloc_free(root);
return true;
}
bool cli_oem_change_password(struct cli_state *cli, const char *user, const char *new_password,
const char *old_password)
{
char param[1024];
unsigned char data[532];
char *p = param;
unsigned char old_pw_hash[16];
unsigned char new_pw_hash[16];
unsigned int data_len;
unsigned int param_len = 0;
char *rparam = NULL;
char *rdata = NULL;
unsigned int rprcnt, rdrcnt;
if (strlen(user) >= sizeof(fstring)-1) {
DEBUG(0,("cli_oem_change_password: user name %s is too long.\n", user));
return False;
}
SSVAL(p,0,214); /* SamOEMChangePassword command. */
p += 2;
strlcpy(p, "zsT", sizeof(param)-PTR_DIFF(p,param));
p = skip_string(param,sizeof(param),p);
strlcpy(p, "B516B16", sizeof(param)-PTR_DIFF(p,param));
p = skip_string(param,sizeof(param),p);
strlcpy(p,user, sizeof(param)-PTR_DIFF(p,param));
p = skip_string(param,sizeof(param),p);
SSVAL(p,0,532);
p += 2;
param_len = PTR_DIFF(p,param);
/*
* Get the Lanman hash of the old password, we
* use this as the key to make_oem_passwd_hash().
*/
E_deshash(old_password, old_pw_hash);
encode_pw_buffer(data, new_password, STR_ASCII);
#ifdef DEBUG_PASSWORD
DEBUG(100,("make_oem_passwd_hash\n"));
dump_data(100, data, 516);
#endif
arcfour_crypt( (unsigned char *)data, (unsigned char *)old_pw_hash, 516);
/*
* Now place the old password hash in the data.
*/
E_deshash(new_password, new_pw_hash);
E_old_pw_hash( new_pw_hash, old_pw_hash, (uchar *)&data[516]);
data_len = 532;
if (!cli_api(cli,
param, param_len, 4, /* param, length, max */
(char *)data, data_len, 0, /* data, length, max */
&rparam, &rprcnt,
&rdata, &rdrcnt)) {
DEBUG(0,("cli_oem_change_password: Failed to send password change for user %s\n",
user ));
return False;
}
if (rparam) {
cli->rap_error = SVAL(rparam,0);
}
SAFE_FREE(rparam);
SAFE_FREE(rdata);
return (cli->rap_error == 0);
}
int cli_RNetShareEnum(struct cli_state *cli, void (*fn)(const char *, uint32_t, const char *, void *), void *state)
{
char *rparam = NULL;
char *rdata = NULL;
char *p;
unsigned int rdrcnt,rprcnt;
char param[1024];
int count = -1;
/* now send a SMBtrans command with api RNetShareEnum */
p = param;
SSVAL(p,0,0); /* api number */
p += 2;
strlcpy(p,"WrLeh",sizeof(param)-PTR_DIFF(p,param));
p = skip_string(param,sizeof(param),p);
strlcpy(p,"B13BWz",sizeof(param)-PTR_DIFF(p,param));
p = skip_string(param,sizeof(param),p);
SSVAL(p,0,1);
/*
* Win2k needs a *smaller* buffer than 0xFFFF here -
* it returns "out of server memory" with 0xFFFF !!! JRA.
*/
SSVAL(p,2,0xFFE0);
p += 4;
if (cli_api(cli,
param, PTR_DIFF(p,param), 1024, /* Param, length, maxlen */
NULL, 0, 0xFFE0, /* data, length, maxlen - Win2k needs a small buffer here too ! */
&rparam, &rprcnt, /* return params, length */
&rdata, &rdrcnt)) /* return data, length */
{
int res = rparam? SVAL(rparam,0) : -1;
if (res == 0 || res == ERRmoredata) {
int converter=SVAL(rparam,2);
int i;
char *rdata_end = rdata + rdrcnt;
count=SVAL(rparam,4);
p = rdata;
for (i=0;i<count;i++,p+=20) {
char *sname;
int type;
int comment_offset;
const char *cmnt;
const char *p1;
char *s1, *s2;
size_t len;
TALLOC_CTX *frame = talloc_stackframe();
if (p + 20 > rdata_end) {
TALLOC_FREE(frame);
break;
}
sname = p;
type = SVAL(p,14);
comment_offset = (IVAL(p,16) & 0xFFFF) - converter;
if (comment_offset < 0 ||
comment_offset > (int)rdrcnt) {
TALLOC_FREE(frame);
break;
}
cmnt = comment_offset?(rdata+comment_offset):"";
/* Work out the comment length. */
for (p1 = cmnt, len = 0; *p1 &&
p1 < rdata_end; len++)
p1++;
if (!*p1) {
len++;
}
pull_string_talloc(frame,rdata,0,
&s1,sname,14,STR_ASCII);
pull_string_talloc(frame,rdata,0,
&s2,cmnt,len,STR_ASCII);
if (!s1 || !s2) {
TALLOC_FREE(frame);
continue;
}
fn(s1, type, s2, state);
TALLOC_FREE(frame);
}
} else {
DEBUG(4,("NetShareEnum res=%d\n", res));
}
} else {
DEBUG(4,("NetShareEnum failed\n"));
}
SAFE_FREE(rparam);
SAFE_FREE(rdata);
return count;
}
static size_t interpret_long_filename(struct cli_state *cli, int level,char *p,file_info *finfo,
uint32 *p_resume_key, DATA_BLOB *p_last_name_raw, uint32 *p_last_name_raw_len)
{
file_info finfo2;
int len;
char *base = p;
if (!finfo) {
finfo = &finfo2;
}
if (p_resume_key) {
*p_resume_key = 0;
}
memcpy(finfo,&def_finfo,sizeof(*finfo));
finfo->cli = cli;
switch (level) {
case 1: /* OS/2 understands this */
/* these dates are converted to GMT by
make_unix_date */
finfo->ctime_ts = convert_time_t_to_timespec(cli_make_unix_date2(cli, p+4));
finfo->atime_ts = convert_time_t_to_timespec(cli_make_unix_date2(cli, p+8));
finfo->mtime_ts = convert_time_t_to_timespec(cli_make_unix_date2(cli, p+12));
finfo->size = IVAL(p,16);
finfo->mode = CVAL(p,24);
len = CVAL(p, 26);
p += 27;
p += clistr_align_in(cli, p, 0);
/* the len+2 below looks strange but it is
important to cope with the differences
between win2000 and win9x for this call
(tridge) */
p += clistr_pull(cli, finfo->name, p,
sizeof(finfo->name),
len+2,
STR_TERMINATE);
return PTR_DIFF(p, base);
case 2: /* this is what OS/2 uses mostly */
/* these dates are converted to GMT by
make_unix_date */
finfo->ctime_ts = convert_time_t_to_timespec(cli_make_unix_date2(cli, p+4));
finfo->atime_ts = convert_time_t_to_timespec(cli_make_unix_date2(cli, p+8));
finfo->mtime_ts = convert_time_t_to_timespec(cli_make_unix_date2(cli, p+12));
finfo->size = IVAL(p,16);
finfo->mode = CVAL(p,24);
len = CVAL(p, 30);
p += 31;
/* check for unisys! */
p += clistr_pull(cli, finfo->name, p,
sizeof(finfo->name),
len,
STR_NOALIGN);
return PTR_DIFF(p, base) + 1;
case 260: /* NT uses this, but also accepts 2 */
{
size_t namelen, slen;
p += 4; /* next entry offset */
if (p_resume_key) {
*p_resume_key = IVAL(p,0);
}
p += 4; /* fileindex */
/* Offset zero is "create time", not "change time". */
p += 8;
finfo->atime_ts = interpret_long_date(p);
p += 8;
finfo->mtime_ts = interpret_long_date(p);
p += 8;
finfo->ctime_ts = interpret_long_date(p);
p += 8;
finfo->size = IVAL2_TO_SMB_BIG_UINT(p,0);
p += 8;
p += 8; /* alloc size */
finfo->mode = CVAL(p,0);
p += 4;
namelen = IVAL(p,0);
p += 4;
p += 4; /* EA size */
slen = SVAL(p, 0);
p += 2;
{
/* stupid NT bugs. grr */
int flags = 0;
if (p[1] == 0 && namelen > 1) flags |= STR_UNICODE;
clistr_pull(cli, finfo->short_name, p,
sizeof(finfo->short_name),
slen, flags);
}
p += 24; /* short name? */
clistr_pull(cli, finfo->name, p,
sizeof(finfo->name),
namelen, 0);
/* To be robust in the face of unicode conversion failures
we need to copy the raw bytes of the last name seen here.
Namelen doesn't include the terminating unicode null, so
copy it here. */
if (p_last_name_raw && p_last_name_raw_len) {
if (namelen + 2 > p_last_name_raw->length) {
memset(p_last_name_raw->data, '\0', sizeof(p_last_name_raw->length));
*p_last_name_raw_len = 0;
} else {
memcpy(p_last_name_raw->data, p, namelen);
SSVAL(p_last_name_raw->data, namelen, 0);
*p_last_name_raw_len = namelen + 2;
}
}
return (size_t)IVAL(base, 0);
}
}
DEBUG(1,("Unknown long filename format %d\n",level));
return (size_t)IVAL(base,0);
}
BOOL cli_oem_change_password(struct cli_state *cli, const char *user, const char *new_password,
const char *old_password)
{
pstring param;
unsigned char data[532];
char *p = param;
unsigned char old_pw_hash[16];
unsigned char new_pw_hash[16];
unsigned int data_len;
unsigned int param_len = 0;
char *rparam = NULL;
char *rdata = NULL;
unsigned int rprcnt, rdrcnt;
if (strlen(user) >= sizeof(fstring)-1) {
DEBUG(0,("cli_oem_change_password: user name %s is too long.\n", user));
return False;
}
SSVAL(p,0,214); /* SamOEMChangePassword command. */
p += 2;
pstrcpy_base(p, "zsT", param);
p = skip_string(param,sizeof(param),p);
pstrcpy_base(p, "B516B16", param);
p = skip_string(param,sizeof(param),p);
pstrcpy_base(p,user, param);
p = skip_string(param,sizeof(param),p);
SSVAL(p,0,532);
p += 2;
param_len = PTR_DIFF(p,param);
/*
* Get the Lanman hash of the old password, we
* use this as the key to make_oem_passwd_hash().
*/
E_deshash(old_password, old_pw_hash);
encode_pw_buffer(data, new_password, STR_ASCII);
#ifdef DEBUG_PASSWORD
DEBUG(100,("make_oem_passwd_hash\n"));
dump_data(100, (char *)data, 516);
#endif
SamOEMhash( (unsigned char *)data, (unsigned char *)old_pw_hash, 516);
/*
* Now place the old password hash in the data.
*/
E_deshash(new_password, new_pw_hash);
E_old_pw_hash( new_pw_hash, old_pw_hash, (uchar *)&data[516]);
data_len = 532;
if (cli_send_trans(cli,SMBtrans,
PIPE_LANMAN, /* name */
0,0, /* fid, flags */
NULL,0,0, /* setup, length, max */
param,param_len,2, /* param, length, max */
(char *)data,data_len,0 /* data, length, max */
) == False) {
DEBUG(0,("cli_oem_change_password: Failed to send password change for user %s\n",
user ));
return False;
}
if (!cli_receive_trans(cli,SMBtrans,
&rparam, &rprcnt,
&rdata, &rdrcnt)) {
DEBUG(0,("cli_oem_change_password: Failed to recieve reply to password change for user %s\n",
user ));
return False;
}
if (rparam) {
cli->rap_error = SVAL(rparam,0);
}
SAFE_FREE(rparam);
SAFE_FREE(rdata);
return (cli->rap_error == 0);
}
int cli_RNetShareEnum(struct cli_state *cli, void (*fn)(const char *, uint32, const char *, void *), void *state)
{
char *rparam = NULL;
char *rdata = NULL;
char *p;
unsigned int rdrcnt,rprcnt;
pstring param;
int count = -1;
/* now send a SMBtrans command with api RNetShareEnum */
p = param;
SSVAL(p,0,0); /* api number */
p += 2;
pstrcpy_base(p,"WrLeh",param);
p = skip_string(param,sizeof(param),p);
pstrcpy_base(p,"B13BWz",param);
p = skip_string(param,sizeof(param),p);
SSVAL(p,0,1);
/*
* Win2k needs a *smaller* buffer than 0xFFFF here -
* it returns "out of server memory" with 0xFFFF !!! JRA.
*/
SSVAL(p,2,0xFFE0);
p += 4;
if (cli_api(cli,
param, PTR_DIFF(p,param), 1024, /* Param, length, maxlen */
NULL, 0, 0xFFE0, /* data, length, maxlen - Win2k needs a small buffer here too ! */
&rparam, &rprcnt, /* return params, length */
&rdata, &rdrcnt)) /* return data, length */
{
int res = rparam? SVAL(rparam,0) : -1;
if (res == 0 || res == ERRmoredata) {
int converter=SVAL(rparam,2);
int i;
count=SVAL(rparam,4);
p = rdata;
for (i=0;i<count;i++,p+=20) {
char *sname = p;
int type = SVAL(p,14);
int comment_offset = IVAL(p,16) & 0xFFFF;
const char *cmnt = comment_offset?(rdata+comment_offset-converter):"";
pstring s1, s2;
pull_ascii_pstring(s1, sname);
pull_ascii_pstring(s2, cmnt);
fn(s1, type, s2, state);
}
} else {
DEBUG(4,("NetShareEnum res=%d\n", res));
}
} else {
DEBUG(4,("NetShareEnum failed\n"));
}
SAFE_FREE(rparam);
SAFE_FREE(rdata);
return count;
}
NTSTATUS cli_dfs_get_referral(TALLOC_CTX *ctx,
struct cli_state *cli,
const char *path,
struct client_dfs_referral **refs,
size_t *num_refs,
size_t *consumed)
{
unsigned int data_len = 0;
unsigned int param_len = 0;
uint16_t setup[1];
uint16_t recv_flags2;
uint8_t *param = NULL;
uint8_t *rdata = NULL;
char *p;
char *endp;
smb_ucs2_t *path_ucs;
char *consumed_path = NULL;
uint16_t consumed_ucs;
uint16 num_referrals;
struct client_dfs_referral *referrals = NULL;
NTSTATUS status;
TALLOC_CTX *frame = talloc_stackframe();
*num_refs = 0;
*refs = NULL;
SSVAL(setup, 0, TRANSACT2_GET_DFS_REFERRAL);
param = talloc_array(talloc_tos(), uint8_t, 2);
if (!param) {
status = NT_STATUS_NO_MEMORY;
goto out;
}
SSVAL(param, 0, 0x03); /* max referral level */
param = trans2_bytes_push_str(param, cli_ucs2(cli),
path, strlen(path)+1,
NULL);
if (!param) {
status = NT_STATUS_NO_MEMORY;
goto out;
}
param_len = talloc_get_size(param);
path_ucs = (smb_ucs2_t *)¶m[2];
status = cli_trans(talloc_tos(), cli, SMBtrans2,
NULL, 0xffff, 0, 0,
setup, 1, 0,
param, param_len, 2,
NULL, 0, CLI_BUFFER_SIZE,
&recv_flags2,
NULL, 0, NULL, /* rsetup */
NULL, 0, NULL,
&rdata, 4, &data_len);
if (!NT_STATUS_IS_OK(status)) {
goto out;
}
endp = (char *)rdata + data_len;
consumed_ucs = SVAL(rdata, 0);
num_referrals = SVAL(rdata, 2);
/* consumed_ucs is the number of bytes
* of the UCS2 path consumed not counting any
* terminating null. We need to convert
* back to unix charset and count again
* to get the number of bytes consumed from
* the incoming path. */
errno = 0;
if (pull_string_talloc(talloc_tos(),
NULL,
0,
&consumed_path,
path_ucs,
consumed_ucs,
STR_UNICODE) == 0) {
if (errno != 0) {
status = map_nt_error_from_unix(errno);
} else {
status = NT_STATUS_INVALID_NETWORK_RESPONSE;
}
goto out;
}
if (consumed_path == NULL) {
status = map_nt_error_from_unix(errno);
goto out;
}
*consumed = strlen(consumed_path);
if (num_referrals != 0) {
uint16 ref_version;
uint16 ref_size;
int i;
uint16 node_offset;
referrals = talloc_array(ctx, struct client_dfs_referral,
num_referrals);
if (!referrals) {
status = NT_STATUS_NO_MEMORY;
goto out;
}
/* start at the referrals array */
p = (char *)rdata+8;
for (i=0; i<num_referrals && p < endp; i++) {
if (p + 18 > endp) {
goto out;
}
ref_version = SVAL(p, 0);
ref_size = SVAL(p, 2);
node_offset = SVAL(p, 16);
if (ref_version != 3) {
p += ref_size;
continue;
}
referrals[i].proximity = SVAL(p, 8);
referrals[i].ttl = SVAL(p, 10);
if (p + node_offset > endp) {
status = NT_STATUS_INVALID_NETWORK_RESPONSE;
goto out;
}
clistr_pull_talloc(referrals,
(const char *)rdata,
recv_flags2,
&referrals[i].dfspath,
p+node_offset,
PTR_DIFF(endp, p+node_offset),
STR_TERMINATE|STR_UNICODE);
if (!referrals[i].dfspath) {
status = map_nt_error_from_unix(errno);
goto out;
}
p += ref_size;
}
if (i < num_referrals) {
status = NT_STATUS_INVALID_NETWORK_RESPONSE;
goto out;
}
}
static bool process_one(struct loadparm_context *lp_ctx, struct tevent_context *ev,
struct interface *ifaces, const char *name, int nbt_port)
{
TALLOC_CTX *tmp_ctx = talloc_new(NULL);
enum nbt_name_type node_type = NBT_NAME_CLIENT;
char *node_name, *p;
struct socket_address *all_zero_addr;
struct nbt_name_socket *nbtsock;
NTSTATUS status = NT_STATUS_OK;
bool ret = true;
if (!options.case_sensitive) {
name = strupper_talloc(tmp_ctx, name);
}
if (options.find_master) {
node_type = NBT_NAME_MASTER;
if (*name == '-' || *name == '_') {
name = "\01\02__MSBROWSE__\02";
node_type = NBT_NAME_MS;
}
}
p = strchr(name, '#');
if (p) {
node_name = talloc_strndup(tmp_ctx, name, PTR_DIFF(p,name));
node_type = (enum nbt_name_type)strtol(p+1, NULL, 16);
} else {
node_name = talloc_strdup(tmp_ctx, name);
}
nbtsock = nbt_name_socket_init(tmp_ctx, ev, lp_iconv_convenience(lp_ctx));
if (options.root_port) {
all_zero_addr = socket_address_from_strings(tmp_ctx, nbtsock->sock->backend_name,
"0.0.0.0", NBT_NAME_SERVICE_PORT);
if (!all_zero_addr) {
talloc_free(tmp_ctx);
return false;
}
status = socket_listen(nbtsock->sock, all_zero_addr, 0, 0);
if (!NT_STATUS_IS_OK(status)) {
printf("Failed to bind to local port 137 - %s\n", nt_errstr(status));
talloc_free(tmp_ctx);
return false;
}
}
if (options.lookup_by_ip) {
ret = do_node_status(nbtsock, name, nbt_port);
talloc_free(tmp_ctx);
return ret;
}
if (options.broadcast_address) {
status = do_node_query(nbtsock, options.broadcast_address, nbt_port,
node_name, node_type, true);
} else if (options.unicast_address) {
status = do_node_query(nbtsock, options.unicast_address,
nbt_port, node_name, node_type, false);
} else {
int i, num_interfaces;
num_interfaces = iface_count(ifaces);
for (i=0;i<num_interfaces;i++) {
const char *bcast = iface_n_bcast(ifaces, i);
if (bcast == NULL) continue;
status = do_node_query(nbtsock, bcast, nbt_port,
node_name, node_type, true);
if (NT_STATUS_IS_OK(status)) break;
}
}
if (!NT_STATUS_IS_OK(status)) {
printf("Lookup failed - %s\n", nt_errstr(status));
ret = false;
}
talloc_free(tmp_ctx);
return ret;
}
int cli_list_new(struct cli_state *cli,const char *Mask,uint16 attribute,
void (*fn)(const char *, file_info *, const char *, void *), void *state)
{
#if 1
int max_matches = 1366; /* Match W2k - was 512. */
#else
int max_matches = 512;
#endif
int info_level;
char *p, *p2;
pstring mask;
file_info finfo;
int i;
char *dirlist = NULL;
int dirlist_len = 0;
int total_received = -1;
BOOL First = True;
int ff_searchcount=0;
int ff_eos=0;
int ff_dir_handle=0;
int loop_count = 0;
char *rparam=NULL, *rdata=NULL;
unsigned int param_len, data_len;
uint16 setup;
pstring param;
const char *mnt;
uint32 resume_key = 0;
uint32 last_name_raw_len = 0;
DATA_BLOB last_name_raw = data_blob(NULL, 2*sizeof(pstring));
/* NT uses 260, OS/2 uses 2. Both accept 1. */
info_level = (cli->capabilities&CAP_NT_SMBS)?260:1;
pstrcpy(mask,Mask);
while (ff_eos == 0) {
loop_count++;
if (loop_count > 200) {
DEBUG(0,("Error: Looping in FIND_NEXT??\n"));
break;
}
if (First) {
setup = TRANSACT2_FINDFIRST;
SSVAL(param,0,attribute); /* attribute */
SSVAL(param,2,max_matches); /* max count */
SSVAL(param,4,(FLAG_TRANS2_FIND_REQUIRE_RESUME|FLAG_TRANS2_FIND_CLOSE_IF_END)); /* resume required + close on end */
SSVAL(param,6,info_level);
SIVAL(param,8,0);
p = param+12;
p += clistr_push(cli, param+12, mask, sizeof(param)-12,
STR_TERMINATE);
} else {
setup = TRANSACT2_FINDNEXT;
SSVAL(param,0,ff_dir_handle);
SSVAL(param,2,max_matches); /* max count */
SSVAL(param,4,info_level);
/* For W2K servers serving out FAT filesystems we *must* set the
resume key. If it's not FAT then it's returned as zero. */
SIVAL(param,6,resume_key); /* ff_resume_key */
/* NB. *DON'T* use continue here. If you do it seems that W2K and bretheren
can miss filenames. Use last filename continue instead. JRA */
SSVAL(param,10,(FLAG_TRANS2_FIND_REQUIRE_RESUME|FLAG_TRANS2_FIND_CLOSE_IF_END)); /* resume required + close on end */
p = param+12;
if (last_name_raw_len && (last_name_raw_len < (sizeof(param)-12))) {
memcpy(p, last_name_raw.data, last_name_raw_len);
p += last_name_raw_len;
} else {
p += clistr_push(cli, param+12, mask, sizeof(param)-12, STR_TERMINATE);
}
}
param_len = PTR_DIFF(p, param);
if (!cli_send_trans(cli, SMBtrans2,
NULL, /* Name */
-1, 0, /* fid, flags */
&setup, 1, 0, /* setup, length, max */
param, param_len, 10, /* param, length, max */
NULL, 0,
#if 0
/* w2k value. */
MIN(16384,cli->max_xmit) /* data, length, max. */
#else
cli->max_xmit /* data, length, max. */
#endif
)) {
break;
}
if (!cli_receive_trans(cli, SMBtrans2,
&rparam, ¶m_len,
&rdata, &data_len) &&
cli_is_dos_error(cli)) {
/* We need to work around a Win95 bug - sometimes
it gives ERRSRV/ERRerror temprarily */
uint8 eclass;
uint32 ecode;
SAFE_FREE(rdata);
SAFE_FREE(rparam);
cli_dos_error(cli, &eclass, &ecode);
/*
* OS/2 might return "no more files",
* which just tells us, that searchcount is zero
* in this search.
* Guenter Kukkukk <*****@*****.**>
*/
if (eclass == ERRDOS && ecode == ERRnofiles) {
ff_searchcount = 0;
cli_reset_error(cli);
break;
}
if (eclass != ERRSRV || ecode != ERRerror)
break;
smb_msleep(100);
continue;
}
if (cli_is_error(cli) || !rdata || !rparam) {
SAFE_FREE(rdata);
SAFE_FREE(rparam);
break;
}
if (total_received == -1)
total_received = 0;
/* parse out some important return info */
p = rparam;
if (First) {
ff_dir_handle = SVAL(p,0);
ff_searchcount = SVAL(p,2);
ff_eos = SVAL(p,4);
} else {
ff_searchcount = SVAL(p,0);
ff_eos = SVAL(p,2);
}
if (ff_searchcount == 0) {
SAFE_FREE(rdata);
SAFE_FREE(rparam);
break;
}
/* point to the data bytes */
p = rdata;
/* we might need the lastname for continuations */
for (p2=p,i=0;i<ff_searchcount;i++) {
if ((info_level == 260) && (i == ff_searchcount-1)) {
/* Last entry - fixup the last offset length. */
SIVAL(p2,0,PTR_DIFF((rdata + data_len),p2));
}
p2 += interpret_long_filename(cli,info_level,p2,&finfo,
&resume_key,&last_name_raw,&last_name_raw_len);
if (!First && *mask && strcsequal(finfo.name, mask)) {
DEBUG(0,("Error: Looping in FIND_NEXT as name %s has already been seen?\n",
finfo.name));
ff_eos = 1;
break;
}
}
if (ff_searchcount > 0) {
pstrcpy(mask, finfo.name);
} else {
pstrcpy(mask,"");
}
/* grab the data for later use */
/* and add them to the dirlist pool */
dirlist = (char *)SMB_REALLOC(dirlist,dirlist_len + data_len);
if (!dirlist) {
DEBUG(0,("cli_list_new: Failed to expand dirlist\n"));
SAFE_FREE(rdata);
SAFE_FREE(rparam);
break;
}
memcpy(dirlist+dirlist_len,p,data_len);
dirlist_len += data_len;
total_received += ff_searchcount;
SAFE_FREE(rdata);
SAFE_FREE(rparam);
DEBUG(3,("received %d entries (eos=%d)\n",
ff_searchcount,ff_eos));
if (ff_searchcount > 0)
loop_count = 0;
First = False;
}
mnt = cli_cm_get_mntpoint( cli );
/* see if the server disconnected or the connection otherwise failed */
if (cli_is_error(cli)) {
total_received = -1;
} else {
/* no connection problem. let user function add each entry */
for (p=dirlist,i=0;i<total_received;i++) {
p += interpret_long_filename(cli, info_level, p,
&finfo,NULL,NULL,NULL);
fn( mnt,&finfo, Mask, state );
}
}
/* free up the dirlist buffer and last name raw blob */
SAFE_FREE(dirlist);
data_blob_free(&last_name_raw);
return(total_received);
}
BOOL cli_qpathinfo(struct cli_state *cli, const char *fname,
time_t *change_time,
time_t *access_time,
time_t *write_time,
SMB_OFF_T *size, uint16 *mode)
{
unsigned int data_len = 0;
unsigned int param_len = 0;
unsigned int rparam_len, rdata_len;
uint16 setup = TRANSACT2_QPATHINFO;
pstring param;
char *rparam=NULL, *rdata=NULL;
int count=8;
BOOL ret;
time_t (*date_fn)(struct cli_state *, void *);
char *p;
p = param;
memset(p, 0, 6);
SSVAL(p, 0, SMB_INFO_STANDARD);
p += 6;
p += clistr_push(cli, p, fname, sizeof(pstring)-6, STR_TERMINATE);
param_len = PTR_DIFF(p, param);
do {
ret = (cli_send_trans(cli, SMBtrans2,
NULL, /* Name */
-1, 0, /* fid, flags */
&setup, 1, 0, /* setup, length, max */
param, param_len, 10, /* param, length, max */
NULL, data_len, cli->max_xmit /* data, length, max */
) &&
cli_receive_trans(cli, SMBtrans2,
&rparam, &rparam_len,
&rdata, &rdata_len));
if (!cli_is_dos_error(cli)) break;
if (!ret) {
/* we need to work around a Win95 bug - sometimes
it gives ERRSRV/ERRerror temprarily */
uint8 eclass;
uint32 ecode;
cli_dos_error(cli, &eclass, &ecode);
if (eclass != ERRSRV || ecode != ERRerror) break;
smb_msleep(100);
}
} while (count-- && ret==False);
if (!ret || !rdata || rdata_len < 22) {
return False;
}
if (cli->win95) {
date_fn = cli_make_unix_date;
} else {
date_fn = cli_make_unix_date2;
}
if (change_time) {
*change_time = date_fn(cli, rdata+0);
}
if (access_time) {
*access_time = date_fn(cli, rdata+4);
}
if (write_time) {
*write_time = date_fn(cli, rdata+8);
}
if (size) {
*size = IVAL(rdata, 12);
}
if (mode) {
*mode = SVAL(rdata,l1_attrFile);
}
SAFE_FREE(rdata);
SAFE_FREE(rparam);
return True;
}
BOOL cli_dfs_get_referral( struct cli_state *cli,
const char *path,
CLIENT_DFS_REFERRAL**refs,
size_t *num_refs,
uint16 *consumed)
{
unsigned int data_len = 0;
unsigned int param_len = 0;
uint16 setup = TRANSACT2_GET_DFS_REFERRAL;
char param[sizeof(pstring)+2];
pstring data;
char *rparam=NULL, *rdata=NULL;
char *p;
size_t pathlen = 2*(strlen(path)+1);
uint16 num_referrals;
CLIENT_DFS_REFERRAL *referrals = NULL;
memset(param, 0, sizeof(param));
SSVAL(param, 0, 0x03); /* max referral level */
p = ¶m[2];
p += clistr_push(cli, p, path, MIN(pathlen, sizeof(param)-2), STR_TERMINATE);
param_len = PTR_DIFF(p, param);
if (!cli_send_trans(cli, SMBtrans2,
NULL, /* name */
-1, 0, /* fid, flags */
&setup, 1, 0, /* setup, length, max */
param, param_len, 2, /* param, length, max */
(char *)&data, data_len, cli->max_xmit /* data, length, max */
)) {
return False;
}
if (!cli_receive_trans(cli, SMBtrans2,
&rparam, ¶m_len,
&rdata, &data_len)) {
return False;
}
*consumed = SVAL( rdata, 0 );
num_referrals = SVAL( rdata, 2 );
if ( num_referrals != 0 ) {
uint16 ref_version;
uint16 ref_size;
int i;
uint16 node_offset;
referrals = SMB_XMALLOC_ARRAY( CLIENT_DFS_REFERRAL, num_referrals );
/* start at the referrals array */
p = rdata+8;
for ( i=0; i<num_referrals; i++ ) {
ref_version = SVAL( p, 0 );
ref_size = SVAL( p, 2 );
node_offset = SVAL( p, 16 );
if ( ref_version != 3 ) {
p += ref_size;
continue;
}
referrals[i].proximity = SVAL( p, 8 );
referrals[i].ttl = SVAL( p, 10 );
clistr_pull( cli, referrals[i].dfspath, p+node_offset,
sizeof(referrals[i].dfspath), -1, STR_TERMINATE|STR_UNICODE );
p += ref_size;
}
}
*num_refs = num_referrals;
*refs = referrals;
SAFE_FREE(rdata);
SAFE_FREE(rparam);
return True;
}
BOOL cli_setpathinfo(struct cli_state *cli, const char *fname,
time_t create_time,
time_t access_time,
time_t write_time,
time_t change_time,
uint16 mode)
{
unsigned int data_len = 0;
unsigned int param_len = 0;
unsigned int rparam_len, rdata_len;
uint16 setup = TRANSACT2_SETPATHINFO;
pstring param;
pstring data;
char *rparam=NULL, *rdata=NULL;
int count=8;
BOOL ret;
char *p;
memset(param, 0, sizeof(param));
memset(data, 0, sizeof(data));
p = param;
/* Add the information level */
SSVAL(p, 0, SMB_FILE_BASIC_INFORMATION);
/* Skip reserved */
p += 6;
/* Add the file name */
p += clistr_push(cli, p, fname, sizeof(pstring)-6, STR_TERMINATE);
param_len = PTR_DIFF(p, param);
p = data;
/*
* Add the create, last access, modification, and status change times
*/
put_long_date(p, create_time);
p += 8;
put_long_date(p, access_time);
p += 8;
put_long_date(p, write_time);
p += 8;
put_long_date(p, change_time);
p += 8;
/* Add attributes */
SIVAL(p, 0, mode);
p += 4;
/* Add padding */
SIVAL(p, 0, 0);
p += 4;
data_len = PTR_DIFF(p, data);
do {
ret = (cli_send_trans(cli, SMBtrans2,
NULL, /* Name */
-1, 0, /* fid, flags */
&setup, 1, 0, /* setup, length, max */
param, param_len, 10, /* param, length, max */
data, data_len, cli->max_xmit /* data, length, max */
) &&
cli_receive_trans(cli, SMBtrans2,
&rparam, &rparam_len,
&rdata, &rdata_len));
if (!cli_is_dos_error(cli)) break;
if (!ret) {
/* we need to work around a Win95 bug - sometimes
it gives ERRSRV/ERRerror temprarily */
uint8 eclass;
uint32 ecode;
cli_dos_error(cli, &eclass, &ecode);
if (eclass != ERRSRV || ecode != ERRerror) break;
smb_msleep(100);
}
} while (count-- && ret==False);
if (!ret) {
return False;
}
SAFE_FREE(rdata);
SAFE_FREE(rparam);
return True;
}
bool cli_NetServerEnum(struct cli_state *cli, char *workgroup, uint32_t stype,
void (*fn)(const char *, uint32_t, const char *, void *),
void *state)
{
char *rparam = NULL;
char *rdata = NULL;
char *rdata_end = NULL;
unsigned int rdrcnt,rprcnt;
char *p;
char param[1024];
int uLevel = 1;
size_t len;
uint32_t func = RAP_NetServerEnum2;
char *last_entry = NULL;
int total_cnt = 0;
int return_cnt = 0;
int res;
errno = 0; /* reset */
/*
* This may take more than one transaction, so we should loop until
* we no longer get a more data to process or we have all of the
* items.
*/
do {
/* send a SMBtrans command with api NetServerEnum */
p = param;
SIVAL(p,0,func); /* api number */
p += 2;
if (func == RAP_NetServerEnum3) {
strlcpy(p,"WrLehDzz", sizeof(param)-PTR_DIFF(p,param));
} else {
strlcpy(p,"WrLehDz", sizeof(param)-PTR_DIFF(p,param));
}
p = skip_string(param, sizeof(param), p);
strlcpy(p,"B16BBDz", sizeof(param)-PTR_DIFF(p,param));
p = skip_string(param, sizeof(param), p);
SSVAL(p,0,uLevel);
SSVAL(p,2,CLI_BUFFER_SIZE);
p += 4;
SIVAL(p,0,stype);
p += 4;
/* If we have more data, tell the server where
* to continue from.
*/
len = push_ascii(p,
workgroup,
sizeof(param) - PTR_DIFF(p,param) - 1,
STR_TERMINATE|STR_UPPER);
if (len == 0) {
SAFE_FREE(last_entry);
return false;
}
p += len;
if (func == RAP_NetServerEnum3) {
len = push_ascii(p,
last_entry ? last_entry : "",
sizeof(param) - PTR_DIFF(p,param) - 1,
STR_TERMINATE);
if (len == 0) {
SAFE_FREE(last_entry);
return false;
}
p += len;
}
/* Next time through we need to use the continue api */
func = RAP_NetServerEnum3;
if (!cli_api(cli,
param, PTR_DIFF(p,param), 8, /* params, length, max */
NULL, 0, CLI_BUFFER_SIZE, /* data, length, max */
&rparam, &rprcnt, /* return params, return size */
&rdata, &rdrcnt)) { /* return data, return size */
/* break out of the loop on error */
res = -1;
break;
}
rdata_end = rdata + rdrcnt;
res = rparam ? SVAL(rparam,0) : -1;
if (res == 0 || res == ERRmoredata ||
(res != -1 && cli_errno(cli) == 0)) {
char *sname = NULL;
int i, count;
int converter=SVAL(rparam,2);
/* Get the number of items returned in this buffer */
count = SVAL(rparam, 4);
/* The next field contains the number of items left,
* including those returned in this buffer. So the
* first time through this should contain all of the
* entries.
*/
if (total_cnt == 0) {
total_cnt = SVAL(rparam, 6);
}
/* Keep track of how many we have read */
return_cnt += count;
p = rdata;
/* The last name in the previous NetServerEnum reply is
* sent back to server in the NetServerEnum3 request
* (last_entry). The next reply should repeat this entry
* as the first element. We have no proof that this is
* always true, but from traces that seems to be the
* behavior from Window Servers. So first lets do a lot
* of checking, just being paranoid. If the string
* matches then we already saw this entry so skip it.
*
* NOTE: sv1_name field must be null terminated and has
* a max size of 16 (NetBIOS Name).
*/
if (last_entry && count && p &&
(strncmp(last_entry, p, 16) == 0)) {
count -= 1; /* Skip this entry */
return_cnt = -1; /* Not part of total, so don't count. */
p = rdata + 26; /* Skip the whole record */
}
for (i = 0; i < count; i++, p += 26) {
int comment_offset;
const char *cmnt;
const char *p1;
char *s1, *s2;
TALLOC_CTX *frame = talloc_stackframe();
uint32_t entry_stype;
if (p + 26 > rdata_end) {
TALLOC_FREE(frame);
break;
}
sname = p;
comment_offset = (IVAL(p,22) & 0xFFFF)-converter;
cmnt = comment_offset?(rdata+comment_offset):"";
if (comment_offset < 0 || comment_offset >= (int)rdrcnt) {
TALLOC_FREE(frame);
continue;
}
/* Work out the comment length. */
for (p1 = cmnt, len = 0; *p1 &&
p1 < rdata_end; len++)
p1++;
if (!*p1) {
len++;
}
entry_stype = IVAL(p,18) & ~SV_TYPE_LOCAL_LIST_ONLY;
pull_string_talloc(frame,rdata,0,
&s1,sname,16,STR_ASCII);
pull_string_talloc(frame,rdata,0,
&s2,cmnt,len,STR_ASCII);
if (!s1 || !s2) {
TALLOC_FREE(frame);
continue;
}
fn(s1, entry_stype, s2, state);
TALLOC_FREE(frame);
}
/* We are done with the old last entry, so now we can free it */
if (last_entry) {
SAFE_FREE(last_entry); /* This will set it to null */
}
/* We always make a copy of the last entry if we have one */
if (sname) {
last_entry = smb_xstrdup(sname);
}
/* If we have more data, but no last entry then error out */
if (!last_entry && (res == ERRmoredata)) {
errno = EINVAL;
res = 0;
}
}
SAFE_FREE(rparam);
SAFE_FREE(rdata);
} while ((res == ERRmoredata) && (total_cnt > return_cnt));
SAFE_FREE(rparam);
SAFE_FREE(rdata);
SAFE_FREE(last_entry);
if (res == -1) {
errno = cli_errno(cli);
} else {
if (!return_cnt) {
/* this is a very special case, when the domain master for the
work group isn't part of the work group itself, there is something
wild going on */
errno = ENOENT;
}
}
return(return_cnt > 0);
}
BOOL cli_qpathinfo2(struct cli_state *cli, const char *fname,
struct timespec *create_time,
struct timespec *access_time,
struct timespec *write_time,
struct timespec *change_time,
SMB_OFF_T *size, uint16 *mode,
SMB_INO_T *ino)
{
unsigned int data_len = 0;
unsigned int param_len = 0;
uint16 setup = TRANSACT2_QPATHINFO;
pstring param;
char *rparam=NULL, *rdata=NULL;
char *p;
p = param;
memset(p, 0, 6);
SSVAL(p, 0, SMB_QUERY_FILE_ALL_INFO);
p += 6;
p += clistr_push(cli, p, fname, sizeof(pstring)-6, STR_TERMINATE);
param_len = PTR_DIFF(p, param);
if (!cli_send_trans(cli, SMBtrans2,
NULL, /* name */
-1, 0, /* fid, flags */
&setup, 1, 0, /* setup, length, max */
param, param_len, 10, /* param, length, max */
NULL, data_len, cli->max_xmit /* data, length, max */
)) {
return False;
}
if (!cli_receive_trans(cli, SMBtrans2,
&rparam, ¶m_len,
&rdata, &data_len)) {
return False;
}
if (!rdata || data_len < 22) {
return False;
}
if (create_time) {
*create_time = interpret_long_date(rdata+0);
}
if (access_time) {
*access_time = interpret_long_date(rdata+8);
}
if (write_time) {
*write_time = interpret_long_date(rdata+16);
}
if (change_time) {
*change_time = interpret_long_date(rdata+24);
}
if (mode) {
*mode = SVAL(rdata, 32);
}
if (size) {
*size = IVAL2_TO_SMB_BIG_UINT(rdata,48);
}
if (ino) {
*ino = IVAL(rdata, 64);
}
SAFE_FREE(rdata);
SAFE_FREE(rparam);
return True;
}
bool cli_NetWkstaUserLogon(struct cli_state *cli,char *user, char *workstation)
{
char *rparam = NULL;
char *rdata = NULL;
char *p;
unsigned int rdrcnt,rprcnt;
char param[1024];
memset(param, 0, sizeof(param));
/* send a SMBtrans command with api NetWkstaUserLogon */
p = param;
SSVAL(p,0,132); /* api number */
p += 2;
strlcpy(p,"OOWb54WrLh",sizeof(param)-PTR_DIFF(p,param));
p = skip_string(param,sizeof(param),p);
strlcpy(p,"WB21BWDWWDDDDDDDzzzD",sizeof(param)-PTR_DIFF(p,param));
p = skip_string(param,sizeof(param),p);
SSVAL(p,0,1);
p += 2;
strlcpy(p,user,sizeof(param)-PTR_DIFF(p,param));
if (!strupper_m(p)) {
return false;
}
p += 21;
p++;
p += 15;
p++;
strlcpy(p, workstation,sizeof(param)-PTR_DIFF(p,param));
if (!strupper_m(p)) {
return false;
}
p += 16;
SSVAL(p, 0, CLI_BUFFER_SIZE);
p += 2;
SSVAL(p, 0, CLI_BUFFER_SIZE);
p += 2;
if (cli_api(cli,
param, PTR_DIFF(p,param),1024, /* param, length, max */
NULL, 0, CLI_BUFFER_SIZE, /* data, length, max */
&rparam, &rprcnt, /* return params, return size */
&rdata, &rdrcnt /* return data, return size */
)) {
cli->rap_error = rparam? SVAL(rparam,0) : -1;
p = rdata;
if (cli->rap_error == 0) {
DEBUG(4,("NetWkstaUserLogon success\n"));
/*
* The cli->privileges = SVAL(p, 24); field was set here
* but it was not use anywhere else.
*/
/* The cli->eff_name field used to be set here
but it wasn't used anywhere else. */
} else {
DEBUG(1,("NetwkstaUserLogon gave error %d\n", cli->rap_error));
}
}
SAFE_FREE(rparam);
SAFE_FREE(rdata);
return (cli->rap_error == 0);
}
bool cli_send_mailslot(struct messaging_context *msg_ctx,
bool unique, const char *mailslot,
uint16 priority,
char *buf, int len,
const char *srcname, int src_type,
const char *dstname, int dest_type,
const struct sockaddr_storage *dest_ss)
{
struct packet_struct p;
struct dgram_packet *dgram = &p.packet.dgram;
char *ptr, *p2;
char tmp[4];
pid_t nmbd_pid;
char addr[INET6_ADDRSTRLEN];
if ((nmbd_pid = pidfile_pid("nmbd")) == 0) {
DEBUG(3, ("No nmbd found\n"));
return False;
}
if (dest_ss->ss_family != AF_INET) {
DEBUG(3, ("cli_send_mailslot: can't send to IPv6 address.\n"));
return false;
}
memset((char *)&p, '\0', sizeof(p));
/*
* Next, build the DGRAM ...
*/
/* DIRECT GROUP or UNIQUE datagram. */
dgram->header.msg_type = unique ? 0x10 : 0x11;
dgram->header.flags.node_type = M_NODE;
dgram->header.flags.first = True;
dgram->header.flags.more = False;
dgram->header.dgm_id = ((unsigned)time(NULL)%(unsigned)0x7FFF) +
((unsigned)sys_getpid()%(unsigned)100);
/* source ip is filled by nmbd */
dgram->header.dgm_length = 0; /* Let build_dgram() handle this. */
dgram->header.packet_offset = 0;
make_nmb_name(&dgram->source_name,srcname,src_type);
make_nmb_name(&dgram->dest_name,dstname,dest_type);
ptr = &dgram->data[0];
/* Setup the smb part. */
ptr -= 4; /* XXX Ugliness because of handling of tcp SMB length. */
memcpy(tmp,ptr,4);
if (smb_size + 17*2 + strlen(mailslot) + 1 + len > MAX_DGRAM_SIZE) {
DEBUG(0, ("cli_send_mailslot: Cannot write beyond end of packet\n"));
return False;
}
cli_set_message(ptr,17,strlen(mailslot) + 1 + len,True);
memcpy(ptr,tmp,4);
SCVAL(ptr,smb_com,SMBtrans);
SSVAL(ptr,smb_vwv1,len);
SSVAL(ptr,smb_vwv11,len);
SSVAL(ptr,smb_vwv12,70 + strlen(mailslot));
SSVAL(ptr,smb_vwv13,3);
SSVAL(ptr,smb_vwv14,1);
SSVAL(ptr,smb_vwv15,priority);
SSVAL(ptr,smb_vwv16,2);
p2 = smb_buf(ptr);
fstrcpy(p2,mailslot);
p2 = skip_string(ptr,MAX_DGRAM_SIZE,p2);
if (!p2) {
return False;
}
memcpy(p2,buf,len);
p2 += len;
dgram->datasize = PTR_DIFF(p2,ptr+4); /* +4 for tcp length. */
p.packet_type = DGRAM_PACKET;
p.ip = ((const struct sockaddr_in *)dest_ss)->sin_addr;
p.timestamp = time(NULL);
DEBUG(4,("send_mailslot: Sending to mailslot %s from %s ",
mailslot, nmb_namestr(&dgram->source_name)));
print_sockaddr(addr, sizeof(addr), dest_ss);
DEBUGADD(4,("to %s IP %s\n", nmb_namestr(&dgram->dest_name), addr));
return NT_STATUS_IS_OK(messaging_send_buf(msg_ctx,
pid_to_procid(nmbd_pid),
MSG_SEND_PACKET,
(uint8 *)&p, sizeof(p)));
}
bool lookup_name(TALLOC_CTX *mem_ctx,
const char *full_name, int flags,
const char **ret_domain, const char **ret_name,
DOM_SID *ret_sid, enum lsa_SidType *ret_type)
{
char *p;
const char *tmp;
const char *domain = NULL;
const char *name = NULL;
uint32 rid;
DOM_SID sid;
enum lsa_SidType type;
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
if (tmp_ctx == NULL) {
DEBUG(0, ("talloc_new failed\n"));
return false;
}
p = strchr_m(full_name, '\\');
if (p != NULL) {
domain = talloc_strndup(tmp_ctx, full_name,
PTR_DIFF(p, full_name));
name = talloc_strdup(tmp_ctx, p+1);
} else {
domain = talloc_strdup(tmp_ctx, "");
name = talloc_strdup(tmp_ctx, full_name);
}
if ((domain == NULL) || (name == NULL)) {
DEBUG(0, ("talloc failed\n"));
TALLOC_FREE(tmp_ctx);
return false;
}
DEBUG(10,("lookup_name: %s => %s (domain), %s (name)\n",
full_name, domain, name));
DEBUG(10, ("lookup_name: flags = 0x0%x\n", flags));
if ((flags & LOOKUP_NAME_DOMAIN) &&
strequal(domain, get_global_sam_name()))
{
/* It's our own domain, lookup the name in passdb */
if (lookup_global_sam_name(name, flags, &rid, &type)) {
sid_copy(&sid, get_global_sam_sid());
sid_append_rid(&sid, rid);
goto ok;
}
TALLOC_FREE(tmp_ctx);
return false;
}
if ((flags & LOOKUP_NAME_BUILTIN) &&
strequal(domain, builtin_domain_name()))
{
/* Explicit request for a name in BUILTIN */
if (lookup_builtin_name(name, &rid)) {
sid_copy(&sid, &global_sid_Builtin);
sid_append_rid(&sid, rid);
type = SID_NAME_ALIAS;
goto ok;
}
TALLOC_FREE(tmp_ctx);
return false;
}
/* Try the explicit winbind lookup first, don't let it guess the
* domain yet at this point yet. This comes later. */
if ((domain[0] != '\0') &&
(flags & ~(LOOKUP_NAME_DOMAIN|LOOKUP_NAME_ISOLATED)) &&
(winbind_lookup_name(domain, name, &sid, &type))) {
goto ok;
}
if (!(flags & LOOKUP_NAME_EXPLICIT) && strequal(domain, unix_users_domain_name())) {
if (lookup_unix_user_name(name, &sid)) {
type = SID_NAME_USER;
goto ok;
}
TALLOC_FREE(tmp_ctx);
return false;
}
if (!(flags & LOOKUP_NAME_EXPLICIT) && strequal(domain, unix_groups_domain_name())) {
if (lookup_unix_group_name(name, &sid)) {
type = SID_NAME_DOM_GRP;
goto ok;
}
TALLOC_FREE(tmp_ctx);
return false;
}
if ((domain[0] == '\0') && (!(flags & LOOKUP_NAME_ISOLATED))) {
TALLOC_FREE(tmp_ctx);
return false;
}
/* Now the guesswork begins, we haven't been given an explicit
* domain. Try the sequence as documented on
* http://msdn.microsoft.com/library/en-us/secmgmt/security/lsalookupnames.asp
* November 27, 2005 */
/* 1. well-known names */
if ((flags & LOOKUP_NAME_WKN) &&
lookup_wellknown_name(tmp_ctx, name, &sid, &domain))
{
type = SID_NAME_WKN_GRP;
goto ok;
}
/* 2. Builtin domain as such */
if ((flags & (LOOKUP_NAME_BUILTIN|LOOKUP_NAME_REMOTE)) &&
strequal(name, builtin_domain_name()))
{
/* Swap domain and name */
tmp = name; name = domain; domain = tmp;
sid_copy(&sid, &global_sid_Builtin);
type = SID_NAME_DOMAIN;
goto ok;
}
/* 3. Account domain */
if ((flags & LOOKUP_NAME_DOMAIN) &&
strequal(name, get_global_sam_name()))
{
if (!secrets_fetch_domain_sid(name, &sid)) {
DEBUG(3, ("Could not fetch my SID\n"));
TALLOC_FREE(tmp_ctx);
return false;
}
/* Swap domain and name */
tmp = name; name = domain; domain = tmp;
type = SID_NAME_DOMAIN;
goto ok;
}
/* 4. Primary domain */
if ((flags & LOOKUP_NAME_DOMAIN) && !IS_DC &&
strequal(name, lp_workgroup()))
{
if (!secrets_fetch_domain_sid(name, &sid)) {
DEBUG(3, ("Could not fetch the domain SID\n"));
TALLOC_FREE(tmp_ctx);
return false;
}
/* Swap domain and name */
tmp = name; name = domain; domain = tmp;
type = SID_NAME_DOMAIN;
goto ok;
}
/* 5. Trusted domains as such, to me it looks as if members don't do
this, tested an XP workstation in a NT domain -- vl */
if ((flags & LOOKUP_NAME_REMOTE) && IS_DC &&
(pdb_get_trusteddom_pw(name, NULL, &sid, NULL)))
{
/* Swap domain and name */
tmp = name; name = domain; domain = tmp;
type = SID_NAME_DOMAIN;
goto ok;
}
/* 6. Builtin aliases */
if ((flags & LOOKUP_NAME_BUILTIN) &&
lookup_builtin_name(name, &rid))
{
domain = talloc_strdup(tmp_ctx, builtin_domain_name());
sid_copy(&sid, &global_sid_Builtin);
sid_append_rid(&sid, rid);
type = SID_NAME_ALIAS;
goto ok;
}
/* 7. Local systems' SAM (DCs don't have a local SAM) */
/* 8. Primary SAM (On members, this is the domain) */
/* Both cases are done by looking at our passdb */
if ((flags & LOOKUP_NAME_DOMAIN) &&
lookup_global_sam_name(name, flags, &rid, &type))
{
domain = talloc_strdup(tmp_ctx, get_global_sam_name());
sid_copy(&sid, get_global_sam_sid());
sid_append_rid(&sid, rid);
goto ok;
}
/* Now our local possibilities are exhausted. */
if (!(flags & LOOKUP_NAME_REMOTE)) {
TALLOC_FREE(tmp_ctx);
return false;
}
/* If we are not a DC, we have to ask in our primary domain. Let
* winbind do that. */
if (!IS_DC &&
(winbind_lookup_name(lp_workgroup(), name, &sid, &type))) {
domain = talloc_strdup(tmp_ctx, lp_workgroup());
goto ok;
}
/* 9. Trusted domains */
/* If we're a DC we have to ask all trusted DC's. Winbind does not do
* that (yet), but give it a chance. */
if (IS_DC && winbind_lookup_name("", name, &sid, &type)) {
DOM_SID dom_sid;
uint32 tmp_rid;
enum lsa_SidType domain_type;
if (type == SID_NAME_DOMAIN) {
/* Swap name and type */
tmp = name; name = domain; domain = tmp;
goto ok;
}
/* Here we have to cope with a little deficiency in the
* winbind API: We have to ask it again for the name of the
* domain it figured out itself. Maybe fix that later... */
sid_copy(&dom_sid, &sid);
sid_split_rid(&dom_sid, &tmp_rid);
if (!winbind_lookup_sid(tmp_ctx, &dom_sid, &domain, NULL,
&domain_type) ||
(domain_type != SID_NAME_DOMAIN)) {
DEBUG(2, ("winbind could not find the domain's name "
"it just looked up for us\n"));
TALLOC_FREE(tmp_ctx);
return false;
}
goto ok;
}
/* 10. Don't translate */
/* 11. Ok, windows would end here. Samba has two more options:
Unmapped users and unmapped groups */
if (!(flags & LOOKUP_NAME_EXPLICIT) && lookup_unix_user_name(name, &sid)) {
domain = talloc_strdup(tmp_ctx, unix_users_domain_name());
type = SID_NAME_USER;
goto ok;
}
if (!(flags & LOOKUP_NAME_EXPLICIT) && lookup_unix_group_name(name, &sid)) {
domain = talloc_strdup(tmp_ctx, unix_groups_domain_name());
type = SID_NAME_DOM_GRP;
goto ok;
}
/*
* Ok, all possibilities tried. Fail.
*/
TALLOC_FREE(tmp_ctx);
return false;
ok:
if ((domain == NULL) || (name == NULL)) {
DEBUG(0, ("talloc failed\n"));
TALLOC_FREE(tmp_ctx);
return false;
}
/*
* Hand over the results to the talloc context we've been given.
*/
if ((ret_name != NULL) &&
!(*ret_name = talloc_strdup(mem_ctx, name))) {
DEBUG(0, ("talloc failed\n"));
TALLOC_FREE(tmp_ctx);
return false;
}
if (ret_domain != NULL) {
char *tmp_dom;
if (!(tmp_dom = talloc_strdup(mem_ctx, domain))) {
DEBUG(0, ("talloc failed\n"));
TALLOC_FREE(tmp_ctx);
return false;
}
strupper_m(tmp_dom);
*ret_domain = tmp_dom;
}
if (ret_sid != NULL) {
sid_copy(ret_sid, &sid);
}
if (ret_type != NULL) {
*ret_type = type;
}
TALLOC_FREE(tmp_ctx);
return true;
}
static krb5_error_code build_kpasswd_request(uint16 pversion,
krb5_context context,
krb5_auth_context auth_context,
krb5_data *ap_req,
const char *princ,
const char *passwd,
bool use_tcp,
krb5_data *packet)
{
krb5_error_code ret;
krb5_data cipherpw;
krb5_data encoded_setpw;
krb5_replay_data replay;
char *p, *msg_start;
DATA_BLOB setpw;
unsigned int msg_length;
ret = krb5_auth_con_setflags(context,
auth_context,KRB5_AUTH_CONTEXT_DO_SEQUENCE);
if (ret) {
DEBUG(1,("krb5_auth_con_setflags failed (%s)\n",
error_message(ret)));
return ret;
}
/* handle protocol differences in chpw and setpw */
if (pversion == KRB5_KPASSWD_VERS_CHANGEPW)
setpw = data_blob(passwd, strlen(passwd));
else if (pversion == KRB5_KPASSWD_VERS_SETPW ||
pversion == KRB5_KPASSWD_VERS_SETPW_ALT)
setpw = encode_krb5_setpw(princ, passwd);
else
return EINVAL;
if (setpw.data == NULL || setpw.length == 0) {
return EINVAL;
}
encoded_setpw.data = (char *)setpw.data;
encoded_setpw.length = setpw.length;
ret = krb5_mk_priv(context, auth_context,
&encoded_setpw, &cipherpw, &replay);
data_blob_free(&setpw); /*from 'encode_krb5_setpw(...)' */
if (ret) {
DEBUG(1,("krb5_mk_priv failed (%s)\n", error_message(ret)));
return ret;
}
packet->data = (char *)SMB_MALLOC(ap_req->length + cipherpw.length + (use_tcp ? 10 : 6 ));
if (!packet->data)
return -1;
/* see the RFC for details */
msg_start = p = ((char *)packet->data) + (use_tcp ? 4 : 0);
p += 2;
RSSVAL(p, 0, pversion);
p += 2;
RSSVAL(p, 0, ap_req->length);
p += 2;
memcpy(p, ap_req->data, ap_req->length);
p += ap_req->length;
memcpy(p, cipherpw.data, cipherpw.length);
p += cipherpw.length;
packet->length = PTR_DIFF(p,packet->data);
msg_length = PTR_DIFF(p,msg_start);
if (use_tcp) {
RSIVAL(packet->data, 0, msg_length);
}
RSSVAL(msg_start, 0, msg_length);
free(cipherpw.data); /* from 'krb5_mk_priv(...)' */
return 0;
}
/**
* Wrap getaddrinfo...
*/
bool interpret_string_addr_internal(struct addrinfo **ppres,
const char *str, int flags)
{
int ret;
struct addrinfo hints;
#if defined(HAVE_IPV6)
char addr[INET6_ADDRSTRLEN*2] = { 0, };
unsigned int scope_id = 0;
size_t len = strlen(str);
#endif
ZERO_STRUCT(hints);
/* By default make sure it supports TCP. */
hints.ai_socktype = SOCK_STREAM;
/* always try as a numeric host first. This prevents unnecessary name
* lookups, and also ensures we accept IPv6 addresses */
hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST;
#if defined(HAVE_IPV6)
if (len < sizeof(addr)) {
char *p = NULL;
p = normalize_ipv6_literal(str, addr, &len);
if (p != NULL) {
hints.ai_family = AF_INET6;
str = p;
}
}
if (strchr_m(str, ':')) {
char *p = strchr_m(str, '%');
/*
* Cope with link-local.
* This is IP:v6:addr%ifname.
*/
if (p && (p > str) && ((scope_id = if_nametoindex(p+1)) != 0)) {
/* Length of string we want to copy.
This is IP:v6:addr (removing the %ifname).
*/
len = PTR_DIFF(p,str);
if (len+1 > sizeof(addr)) {
/* string+nul too long for array. */
return false;
}
if (str != addr) {
memcpy(addr, str, len);
}
addr[len] = '\0';
str = addr;
}
}
#endif
ret = getaddrinfo(str, NULL, &hints, ppres);
if (ret == 0) {
#if defined(HAVE_IPV6)
struct sockaddr_in6 *ps6 = NULL;
if (scope_id == 0) {
return true;
}
if (ppres == NULL) {
return true;
}
if ((*ppres) == NULL) {
return true;
}
if ((*ppres)->ai_addr->sa_family != AF_INET6) {
return true;
}
ps6 = (struct sockaddr_in6 *)(*ppres)->ai_addr;
if (IN6_IS_ADDR_LINKLOCAL(&ps6->sin6_addr) &&
ps6->sin6_scope_id == 0) {
ps6->sin6_scope_id = scope_id;
}
#endif
return true;
}
hints.ai_flags = flags;
/* Linux man page on getaddrinfo() says port will be
uninitialized when service string is NULL */
ret = getaddrinfo(str, NULL,
&hints,
ppres);
if (ret) {
DEBUG(3, ("interpret_string_addr_internal: "
"getaddrinfo failed for name %s (flags %d) [%s]\n",
str, flags, gai_strerror(ret)));
return false;
}
return true;
}
static BOOL afs_createtoken(const char *username, const char *cell,
DATA_BLOB *ticket, struct ClearToken *ct)
{
fstring clear_ticket;
char *p = clear_ticket;
uint32 len;
uint32 now;
struct afs_key key;
des_key_schedule key_schedule;
if (!secrets_init())
return False;
if (!secrets_fetch_afs_key(cell, &key)) {
DEBUG(1, ("Could not fetch AFS service key\n"));
return False;
}
ct->AuthHandle = key.kvno;
/* Build the ticket. This is going to be encrypted, so in our
way we fill in ct while we still have the unencrypted
form. */
p = clear_ticket;
/* The byte-order */
*p = 1;
p += 1;
/* "Alice", the client username */
strncpy(p, username, sizeof(clear_ticket)-PTR_DIFF(p,clear_ticket)-1);
p += strlen(p)+1;
strncpy(p, "", sizeof(clear_ticket)-PTR_DIFF(p,clear_ticket)-1);
p += strlen(p)+1;
strncpy(p, cell, sizeof(clear_ticket)-PTR_DIFF(p,clear_ticket)-1);
p += strlen(p)+1;
/* Alice's network layer address. At least Openafs-1.2.10
ignores this, so we fill in a dummy value here. */
SIVAL(p, 0, 0);
p += 4;
/* We need to create a session key */
generate_random_buffer(p, 8);
/* Our client code needs the the key in the clear, it does not
know the server-key ... */
memcpy(ct->HandShakeKey, p, 8);
p += 8;
/* This is a kerberos 4 life time. The life time is expressed
* in units of 5 minute intervals up to 38400 seconds, after
* that a table is used up to lifetime 0xBF. Values between
* 0xC0 and 0xFF is undefined. 0xFF is defined to be the
* infinite time that never expire.
*
* So here we cheat and use the infinite time */
*p = 255;
p += 1;
/* Ticket creation time */
now = time(NULL);
SIVAL(p, 0, now);
ct->BeginTimestamp = now;
if(lp_afs_token_lifetime() == 0)
ct->EndTimestamp = NEVERDATE;
else
ct->EndTimestamp = now + lp_afs_token_lifetime();
if (((ct->EndTimestamp - ct->BeginTimestamp) & 1) == 1) {
ct->BeginTimestamp += 1; /* Lifetime must be even */
}
p += 4;
/* And here comes Bob's name and instance, in this case the
AFS server. */
strncpy(p, "afs", sizeof(clear_ticket)-PTR_DIFF(p,clear_ticket)-1);
p += strlen(p)+1;
strncpy(p, "", sizeof(clear_ticket)-PTR_DIFF(p,clear_ticket)-1);
p += strlen(p)+1;
/* And zero-pad to a multiple of 8 bytes */
len = PTR_DIFF(p, clear_ticket);
if (len & 7) {
uint32 extra_space = 8-(len & 7);
memset(p, 0, extra_space);
p+=extra_space;
}
len = PTR_DIFF(p, clear_ticket);
des_key_sched((const_des_cblock *)key.key, key_schedule);
des_pcbc_encrypt(clear_ticket, clear_ticket,
len, key_schedule, (C_Block *)key.key, 1);
ZERO_STRUCT(key);
*ticket = data_blob(clear_ticket, len);
return True;
}
/*
read a directory and find all matching file names and stat info
returned names are separate unix and DOS names. The returned names
are relative to the directory
*/
struct cifspsx_dir *cifspsx_list_unix(TALLOC_CTX *mem_ctx, struct ntvfs_request *req, const char *unix_path)
{
char *p, *mask;
struct cifspsx_dir *dir;
DIR *odir;
struct dirent *dent;
unsigned int allocated = 0;
char *low_mask;
dir = talloc(mem_ctx, struct cifspsx_dir);
if (!dir) { return NULL; }
dir->count = 0;
dir->files = 0;
/* find the base directory */
p = strrchr(unix_path, '/');
if (!p) { return NULL; }
dir->unix_dir = talloc_strndup(mem_ctx, unix_path, PTR_DIFF(p, unix_path));
if (!dir->unix_dir) { return NULL; }
/* the wildcard pattern is the last part */
mask = p+1;
low_mask = strlower_talloc(mem_ctx, mask);
if (!low_mask) { return NULL; }
odir = opendir(dir->unix_dir);
if (!odir) { return NULL; }
while ((dent = readdir(odir))) {
unsigned int i = dir->count;
char *full_name;
char *low_name;
int ret;
if (strchr(dent->d_name, ':') && !strchr(unix_path, ':')) {
/* don't show streams in dir listing */
continue;
}
low_name = strlower_talloc(mem_ctx, dent->d_name);
if (!low_name) { continue; }
/* check it matches the wildcard pattern */
if (ms_fnmatch_protocol(low_mask, low_name, PROTOCOL_NT1) != 0) {
continue;
}
if (dir->count >= allocated) {
allocated = (allocated + 100) * 1.2;
dir->files = talloc_realloc(dir, dir->files, struct cifspsx_dirfile, allocated);
if (!dir->files) {
closedir(odir);
return NULL;
}
}
dir->files[i].name = low_name;
if (!dir->files[i].name) { continue; }
ret = asprintf(&full_name, "%s/%s", dir->unix_dir, dir->files[i].name);
if (ret == -1) {
continue;
}
if (!full_name) { continue; }
if (stat(full_name, &dir->files[i].st) == 0) {
dir->count++;
}
free(full_name);
}
/*
parse a binding string into a dcerpc_binding structure
*/
NTSTATUS dcerpc_parse_binding(TALLOC_CTX *mem_ctx, const char *s, struct dcerpc_binding **b_out)
{
struct dcerpc_binding *b;
char *options, *type;
char *p;
int i, j, comma_count;
b = talloc(mem_ctx, struct dcerpc_binding);
if (!b) {
return NT_STATUS_NO_MEMORY;
}
p = strchr(s, '@');
if (p && PTR_DIFF(p, s) == 36) { /* 36 is the length of a UUID */
NTSTATUS status;
status = GUID_from_string(s, &b->object.uuid);
if (NT_STATUS_IS_ERR(status)) {
DEBUG(0, ("Failed parsing UUID\n"));
return status;
}
s = p + 1;
} else {
ZERO_STRUCT(b->object);
}
b->object.if_version = 0;
p = strchr(s, ':');
if (!p) {
return NT_STATUS_INVALID_PARAMETER;
}
type = talloc_strndup(mem_ctx, s, PTR_DIFF(p, s));
if (!type) {
return NT_STATUS_NO_MEMORY;
}
for (i=0;i<ARRAY_SIZE(transports);i++) {
if (strcasecmp(type, transports[i].name) == 0) {
b->transport = transports[i].transport;
break;
}
}
if (i==ARRAY_SIZE(transports)) {
DEBUG(0,("Unknown dcerpc transport '%s'\n", type));
return NT_STATUS_INVALID_PARAMETER;
}
s = p+1;
p = strchr(s, '[');
if (p) {
b->host = talloc_strndup(b, s, PTR_DIFF(p, s));
options = talloc_strdup(mem_ctx, p+1);
if (options[strlen(options)-1] != ']') {
return NT_STATUS_INVALID_PARAMETER;
}
options[strlen(options)-1] = 0;
} else {
b->host = talloc_strdup(b, s);
options = NULL;
}
if (!b->host) {
return NT_STATUS_NO_MEMORY;
}
b->target_hostname = b->host;
b->options = NULL;
b->flags = 0;
b->endpoint = NULL;
if (!options) {
*b_out = b;
return NT_STATUS_OK;
}
comma_count = count_chars(options, ',');
b->options = talloc_array(b, const char *, comma_count+2);
if (!b->options) {
return NT_STATUS_NO_MEMORY;
}
for (i=0; (p = strchr(options, ',')); i++) {
b->options[i] = talloc_strndup(b, options, PTR_DIFF(p, options));
if (!b->options[i]) {
return NT_STATUS_NO_MEMORY;
}
options = p+1;
}
b->options[i] = options;
b->options[i+1] = NULL;
/* some options are pre-parsed for convenience */
for (i=0;b->options[i];i++) {
for (j=0;j<ARRAY_SIZE(ncacn_options);j++) {
if (strcasecmp(ncacn_options[j].name, b->options[i]) == 0) {
int k;
b->flags |= ncacn_options[j].flag;
for (k=i;b->options[k];k++) {
b->options[k] = b->options[k+1];
}
i--;
break;
}
}
}
if (b->options[0]) {
/* Endpoint is first option */
b->endpoint = b->options[0];
if (strlen(b->endpoint) == 0) b->endpoint = NULL;
for (i=0;b->options[i];i++) {
b->options[i] = b->options[i+1];
}
}
if (b->options[0] == NULL)
b->options = NULL;
*b_out = b;
return NT_STATUS_OK;
}
