static int do_message_op(void) { struct in_addr ip; struct nmb_name called, calling; fstring server_name; char name_type_hex[10]; make_nmb_name(&calling, global_myname(), 0x0); make_nmb_name(&called , desthost, name_type); fstrcpy(server_name, desthost); snprintf(name_type_hex, sizeof(name_type_hex), "#%X", name_type); fstrcat(server_name, name_type_hex); zero_ip(&ip); if (!(cli=cli_initialise(NULL)) || (cli_set_port(cli, port) != port) || !cli_connect(cli, server_name, &ip)) { d_printf("Connection to %s failed\n", desthost); return 1; } if (!cli_session_request(cli, &calling, &called)) { d_printf("session request failed\n"); cli_shutdown(cli); return 1; } send_message(); cli_shutdown(cli); return 0; }
BOOL attempt_netbios_session_request(struct cli_state *cli, const char *srchost, const char *desthost, struct in_addr *pdest_ip) { struct nmb_name calling, called; make_nmb_name(&calling, srchost, 0x0); /* * If the called name is an IP address * then use *SMBSERVER immediately. */ if(is_ipaddress(desthost)) make_nmb_name(&called, "*SMBSERVER", 0x20); else make_nmb_name(&called, desthost, 0x20); if (!cli_session_request(cli, &calling, &called)) { struct nmb_name smbservername; make_nmb_name(&smbservername , "*SMBSERVER", 0x20); /* * If the name wasn't *SMBSERVER then * try with *SMBSERVER if the first name fails. */ if (nmb_name_equal(&called, &smbservername)) { /* * The name used was *SMBSERVER, don't bother with another name. */ DEBUG(0,("attempt_netbios_session_request: %s rejected the session for name *SMBSERVER with error %s.\n", desthost, cli_errstr(cli) )); return False; } /* * We need to close the connection here but can't call cli_shutdown as * will free an allocated cli struct. cli_close_connection was invented * for this purpose. JRA. Based on work by "Kim R. Pedersen" <*****@*****.**>. */ cli_close_connection(cli); if (!cli_initialise(cli) || !cli_connect(cli, desthost, pdest_ip) || !cli_session_request(cli, &calling, &smbservername)) { DEBUG(0,("attempt_netbios_session_request: %s rejected the session for name *SMBSERVER with error %s\n", desthost, cli_errstr(cli) )); return False; } } return True; }
void register_name(struct subnet_record *subrec, const char *name, int type, uint16 nb_flags, register_name_success_function success_fn, register_name_fail_function fail_fn, struct userdata_struct *userdata) { struct nmb_name nmbname; nstring nname; errno = 0; push_ascii_nstring(nname, name); if (errno == E2BIG) { unstring tname; pull_ascii_nstring(tname, sizeof(tname), nname); DEBUG(0,("register_name: NetBIOS name %s is too long. Truncating to %s\n", name, tname)); make_nmb_name(&nmbname, tname, type); } else { make_nmb_name(&nmbname, name, type); } /* Always set the NB_ACTIVE flag on the name we are registering. Doesn't make sense without it. */ nb_flags |= NB_ACTIVE; if (subrec == unicast_subnet) { /* we now always do multi-homed registration if we are registering to a WINS server. This copes much better with complex WINS setups */ multihomed_register_name(&nmbname, nb_flags, success_fn, fail_fn); return; } if (queue_register_name(subrec, register_name_response, register_name_timeout_response, success_fn, fail_fn, userdata, &nmbname, nb_flags) == NULL) { DEBUG(0,("register_name: Failed to send packet trying to register name %s\n", nmb_namestr(&nmbname))); } }
void announce_and_sync_with_domain_master_browser( struct subnet_record *subrec, struct work_record *work) { struct nmb_name nmbname; /* Only do this if we are using a WINS server. */ if(we_are_a_wins_client() == False) { if( DEBUGLVL( 10 ) ) { dbgtext( "announce_and_sync_with_domain_master_browser:\n" ); dbgtext( "Ignoring, as we are not a WINS client.\n" ); } return; } make_nmb_name(&nmbname,work->work_group,0x1b); /* First, query for the WORKGROUP<1b> name from the WINS server. */ query_name(unicast_subnet, nmbname.name, nmbname.name_type, find_domain_master_name_query_success, find_domain_master_name_query_fail, NULL); }
void sync_all_dmbs(time_t t) { static time_t lastrun = 0; struct work_record *work; int count=0; /* Only do this if we are using a WINS server. */ if(we_are_a_wins_client() == False) return; /* Check to see if we are a domain master browser on the unicast subnet. */ work = find_workgroup_on_subnet(unicast_subnet, lp_workgroup()); if (!work) return; if (!AM_DOMAIN_MASTER_BROWSER(work)) return; if ((lastrun != 0) && (t < lastrun + (5 * 60))) return; /* count how many syncs we might need to do */ for (work=unicast_subnet->workgrouplist; work; work = work->next) { if (strcmp(lp_workgroup(), work->work_group)) { count++; } } /* sync with a probability of 1/count */ for (work=unicast_subnet->workgrouplist; work; work = work->next) { if (strcmp(lp_workgroup(), work->work_group)) { unstring dmb_name; if (((unsigned)sys_random()) % count != 0) continue; lastrun = t; if (!work->dmb_name.name[0]) { /* we don't know the DMB - assume it is the same as the unicast local master */ make_nmb_name(&work->dmb_name, work->local_master_browser_name, 0x20); } pull_ascii_nstring(dmb_name, sizeof(dmb_name), work->dmb_name.name); DEBUG(3,("Initiating DMB<->DMB sync with %s(%s)\n", dmb_name, inet_ntoa(work->dmb_addr))); sync_browse_lists(work, dmb_name, work->dmb_name.name_type, work->dmb_addr, False, False); } } }
static void find_all_domain_master_names_query_success(struct subnet_record *subrec, struct userdata_struct *userdata_in, struct nmb_name *q_name, struct in_addr answer_ip, struct res_rec *rrec) { /* * We now have a list of all the domain master browsers for all workgroups * that have registered with the WINS server. Now do a node status request * to each one and look for the first 1b name in the reply. This will be * the workgroup name that we will add to the unicast subnet as a 'non-local' * workgroup. */ struct nmb_name nmbname; struct in_addr send_ip; int i; if( DEBUGLVL( 5 ) ) { dbgtext( "find_all_domain_master_names_query_succes:\n" ); dbgtext( "Got answer from WINS server of %d ", (rrec->rdlength / 6) ); dbgtext( "IP addresses for Domain Master Browsers.\n" ); } for(i = 0; i < rrec->rdlength / 6; i++) { /* Initiate the node status requests. */ make_nmb_name(&nmbname, "*", 0); putip((char *)&send_ip, (char *)&rrec->rdata[(i*6) + 2]); /* * Don't send node status requests to ourself. */ if(ismyip( send_ip )) { if( DEBUGLVL( 5 ) ) { dbgtext( "find_all_domain_master_names_query_succes:\n" ); dbgtext( "Not sending node status to our own IP " ); dbgtext( "%s.\n", inet_ntoa(send_ip) ); } continue; } if( DEBUGLVL( 5 ) ) { dbgtext( "find_all_domain_master_names_query_success:\n" ); dbgtext( "Sending node status request to IP %s.\n", inet_ntoa(send_ip) ); } node_status( subrec, &nmbname, send_ip, get_domain_master_name_node_status_success, get_domain_master_name_node_status_fail, NULL); } }
/**************************************************************************** make smb client connection ****************************************************************************/ static BOOL rpcclient_connect(struct client_info *info) { struct nmb_name calling; struct nmb_name called; make_nmb_name(&called , dns_to_netbios_name(info->dest_host ), info->name_type); make_nmb_name(&calling, dns_to_netbios_name(info->myhostname), 0x0); if (!cli_establish_connection(smb_cli, info->dest_host, &info->dest_ip, &calling, &called, info->share, info->svc_type, False, True)) { DEBUG(0,("rpcclient_connect: connection failed\n")); cli_shutdown(smb_cli); return False; } return True; }
void run_elections(time_t t) { static time_t lastime = 0; struct subnet_record *subrec; /* Send election packets once every 2 seconds - note */ if (lastime && (t - lastime < 2)) return; lastime = t; START_PROFILE(run_elections); for (subrec = FIRST_SUBNET; subrec; subrec = NEXT_SUBNET_EXCLUDING_UNICAST(subrec)) { struct work_record *work; for (work = subrec->workgrouplist; work; work = work->next) { if (work->RunningElection) { /* * We can only run an election for a workgroup if we have * registered the WORKGROUP<1e> name, as that's the name * we must listen to. */ struct nmb_name nmbname; make_nmb_name(&nmbname, work->work_group, 0x1e); if(find_name_on_subnet( subrec, &nmbname, FIND_SELF_NAME)==NULL) { DEBUG(8,("run_elections: Cannot send election packet yet as name %s not \ yet registered on subnet %s\n", nmb_namestr(&nmbname), subrec->subnet_name )); continue; } send_election_dgram(subrec, work->work_group, work->ElectionCriterion, t - StartupTime, global_myname); if (work->ElectionCount++ >= 4) { /* Won election (4 packets were sent out uncontested. */ DEBUG(2,("run_elections: >>> Won election for workgroup %s on subnet %s <<<\n", work->work_group, subrec->subnet_name )); work->RunningElection = False; become_local_master_browser(subrec, work); } } } }
static struct node_status *lookup_byaddr_backend(char *addr, int *count) { int fd; struct in_addr ip; struct nmb_name nname; struct node_status *status; fd = wins_lookup_open_socket_in(); if (fd == -1) return NULL; make_nmb_name(&nname, "*", 0); ip = *interpret_addr2(addr); status = node_status_query(fd,&nname,ip, count, NULL); close(fd); return status; }
static struct node_status *lookup_byaddr_backend(TALLOC_CTX *mem_ctx, const char *addr, int *count) { struct sockaddr_storage ss; struct nmb_name nname; struct node_status *result; NTSTATUS status; make_nmb_name(&nname, "*", 0); if (!interpret_string_addr(&ss, addr, AI_NUMERICHOST)) { return NULL; } status = node_status_query(mem_ctx, &nname, &ss, &result, count, NULL); if (!NT_STATUS_IS_OK(status)) { return NULL; } return result; }
static bool do_node_status(const char *name, int type, struct sockaddr_storage *pss) { struct nmb_name nname; int count, i, j; struct node_status *addrs; struct node_status_extra extra; fstring cleanname; char addr[INET6_ADDRSTRLEN]; NTSTATUS status; print_sockaddr(addr, sizeof(addr), pss); d_printf("Looking up status of %s\n",addr); make_nmb_name(&nname, name, type); status = node_status_query(talloc_tos(), &nname, pss, &addrs, &count, &extra); if (NT_STATUS_IS_OK(status)) { for (i=0;i<count;i++) { pull_ascii_fstring(cleanname, addrs[i].name); for (j=0;cleanname[j];j++) { if (!isprint((int)cleanname[j])) { cleanname[j] = '.'; } } d_printf("\t%-15s <%02x> - %s\n", cleanname,addrs[i].type, node_status_flags(addrs[i].flags)); } d_printf("\n\tMAC Address = %02X-%02X-%02X-%02X-%02X-%02X\n", extra.mac_addr[0], extra.mac_addr[1], extra.mac_addr[2], extra.mac_addr[3], extra.mac_addr[4], extra.mac_addr[5]); d_printf("\n"); TALLOC_FREE(addrs); return true; } else { d_printf("No reply from %s\n\n",addr); return false; } }
/**************************************************************************** If we are a domain master browser on the unicast subnet, do a query to the WINS server for the *<1b> name. This will only work to a Samba WINS server, so ignore it if we fail. If we succeed, contact each of the IP addresses in turn and do a node status request to them. If this succeeds then look for a <1b> name in the reply - this is the workgroup name. Add this to the unicast subnet. This is expensive, so we only do this every 15 minutes. **************************************************************************/ void collect_all_workgroup_names_from_wins_server(time_t t) { static time_t lastrun = 0; struct work_record *work; struct nmb_name nmbname; /* Only do this if we are using a WINS server. */ if(we_are_a_wins_client() == False) return; /* Check to see if we are a domain master browser on the unicast subnet. */ if((work = find_workgroup_on_subnet( unicast_subnet, global_myworkgroup)) == NULL) { if( DEBUGLVL( 0 ) ) { dbgtext( "collect_all_workgroup_names_from_wins_server:\n" ); dbgtext( "Cannot find my workgroup %s ", global_myworkgroup ); dbgtext( "on subnet %s.\n", unicast_subnet->subnet_name ); } return; } if(!AM_DOMAIN_MASTER_BROWSER(work)) return; if ((lastrun != 0) && (t < lastrun + (15 * 60))) return; lastrun = t; make_nmb_name(&nmbname,"*",0x1b); /* First, query for the *<1b> name from the WINS server. */ query_name(unicast_subnet, nmbname.name, nmbname.name_type, find_all_domain_master_names_query_success, find_all_domain_master_names_query_fail, NULL); }
static void do_node_status(int fd, const char *name, int type, struct sockaddr_storage *pss) { struct nmb_name nname; int count, i, j; NODE_STATUS_STRUCT *status; struct node_status_extra extra; fstring cleanname; char addr[INET6_ADDRSTRLEN]; print_sockaddr(addr, sizeof(addr), pss); d_printf("Looking up status of %s\n",addr); make_nmb_name(&nname, name, type); status = node_status_query(fd, &nname, pss, &count, &extra); if (status) { for (i=0;i<count;i++) { pull_ascii_fstring(cleanname, status[i].name); for (j=0;cleanname[j];j++) { if (!isprint((int)cleanname[j])) { cleanname[j] = '.'; } } d_printf("\t%-15s <%02x> - %s\n", cleanname,status[i].type, node_status_flags(status[i].flags)); } d_printf("\n\tMAC Address = %02X-%02X-%02X-%02X-%02X-%02X\n", extra.mac_addr[0], extra.mac_addr[1], extra.mac_addr[2], extra.mac_addr[3], extra.mac_addr[4], extra.mac_addr[5]); d_printf("\n"); SAFE_FREE(status); } else { d_printf("No reply from %s\n\n",addr); } }
/**************************************************************************** do a node status query ****************************************************************************/ static void do_node_status(int fd, char *name, int type, struct in_addr ip) { struct nmb_name nname; int count, i, j; struct node_status *status; fstring cleanname; printf("Looking up status of %s\n",inet_ntoa(ip)); make_nmb_name(&nname, name, type); status = node_status_query(fd,&nname,ip, &count); if (status) { for (i=0;i<count;i++) { fstrcpy(cleanname, status[i].name); for (j=0;cleanname[j];j++) { if (!isprint((int)cleanname[j])) cleanname[j] = '.'; } printf("\t%-15s <%02x> - %s\n", cleanname,status[i].type, node_status_flags(status[i].flags)); } SAFE_FREE(status); } printf("\n"); }
void register_name(struct subnet_record *subrec, const char *name, int type, uint16_t nb_flags, register_name_success_function success_fn, register_name_fail_function fail_fn, struct userdata_struct *userdata) { struct nmb_name nmbname; nstring nname; size_t converted_size; errno = 0; converted_size = push_ascii_nstring(nname, name); if (converted_size != (size_t)-1) { /* Success. */ make_nmb_name(&nmbname, name, type); } else if (errno == E2BIG) { /* * Name converted to CH_DOS is too large. * try to truncate. */ char *converted_str_dos = NULL; char *converted_str_unix = NULL; bool ok; converted_size = 0; ok = convert_string_talloc(talloc_tos(), CH_UNIX, CH_DOS, name, strlen(name)+1, &converted_str_dos, &converted_size); if (!ok) { DEBUG(0,("register_name: NetBIOS name %s cannot be " "converted. Failing to register name.\n", name)); return; } /* * As it's now CH_DOS codepage * we truncate by writing '\0' at * MAX_NETBIOSNAME_LEN-1 and then * convert back to CH_UNIX which we * need for the make_nmb_name() call. */ if (converted_size >= MAX_NETBIOSNAME_LEN) { converted_str_dos[MAX_NETBIOSNAME_LEN-1] = '\0'; } ok = convert_string_talloc(talloc_tos(), CH_DOS, CH_UNIX, converted_str_dos, strlen(converted_str_dos)+1, &converted_str_unix, &converted_size); if (!ok) { DEBUG(0,("register_name: NetBIOS name %s cannot be " "converted back to CH_UNIX. " "Failing to register name.\n", converted_str_dos)); TALLOC_FREE(converted_str_dos); return; } make_nmb_name(&nmbname, converted_str_unix, type); TALLOC_FREE(converted_str_dos); TALLOC_FREE(converted_str_unix); } else { /* * Generic conversion error. Fail to register. */ DEBUG(0,("register_name: NetBIOS name %s cannot be " "converted (%s). Failing to register name.\n", name, strerror(errno))); return; } /* Always set the NB_ACTIVE flag on the name we are registering. Doesn't make sense without it. */ nb_flags |= NB_ACTIVE; if (subrec == unicast_subnet) { /* we now always do multi-homed registration if we are registering to a WINS server. This copes much better with complex WINS setups */ multihomed_register_name(&nmbname, nb_flags, success_fn, fail_fn); return; } if (queue_register_name(subrec, register_name_response, register_name_timeout_response, success_fn, fail_fn, userdata, &nmbname, nb_flags) == NULL) { DEBUG(0,("register_name: Failed to send packet trying to register name %s\n", nmb_namestr(&nmbname))); } }
static void domain_master_node_status_success(struct subnet_record *subrec, struct userdata_struct *userdata, struct res_rec *answers, struct in_addr from_ip) { struct work_record *work = find_workgroup_on_subnet( subrec, userdata->data); if( work == NULL ) { if( DEBUGLVL( 0 ) ) { dbgtext( "domain_master_node_status_success:\n" ); dbgtext( "Unable to find workgroup " ); dbgtext( "%s on subnet %s.\n", userdata->data, subrec->subnet_name ); } return; } if( DEBUGLVL( 3 ) ) { dbgtext( "domain_master_node_status_success:\n" ); dbgtext( "Success in node status for workgroup " ); dbgtext( "%s from ip %s\n", work->work_group, inet_ntoa(from_ip) ); } /* Go through the list of names found at answers->rdata and look for the first SERVER<0x20> name. */ if(answers->rdata != NULL) { char *p = answers->rdata; int numnames = CVAL(p, 0); p += 1; while (numnames--) { char qname[17]; uint16 nb_flags; int name_type; StrnCpy(qname,p,15); name_type = CVAL(p,15); nb_flags = get_nb_flags(&p[16]); trim_string(qname,NULL," "); p += 18; if(!(nb_flags & NB_GROUP) && (name_type == 0x20)) { struct nmb_name nmbname; make_nmb_name(&nmbname, qname, name_type); /* Copy the dmb name and IP address into the workgroup struct. */ work->dmb_name = nmbname; putip((char *)&work->dmb_addr, &from_ip); /* Do the local master browser announcement to the domain master browser name and IP. */ announce_local_master_browser_to_domain_master_browser( work ); /* Now synchronise lists with the domain master browser. */ sync_with_dmb(work); break; } } } else if( DEBUGLVL( 0 ) ) { dbgtext( "domain_master_node_status_success:\n" ); dbgtext( "Failed to find a SERVER<0x20> name in reply from IP " ); dbgtext( "%s.\n", inet_ntoa(from_ip) ); } }
static void find_domain_master_name_query_success(struct subnet_record *subrec, struct userdata_struct *userdata_in, struct nmb_name *q_name, struct in_addr answer_ip, struct res_rec *rrec) { /* * Unfortunately, finding the IP address of the Domain Master Browser, * as we have here, is not enough. We need to now do a sync to the * SERVERNAME<0x20> NetBIOS name, as only recent NT servers will * respond to the SMBSERVER name. To get this name from IP * address we do a Node status request, and look for the first * NAME<0x20> in the response, and take that as the server name. * We also keep a cache of the Domain Master Browser name for this * workgroup in the Workgroup struct, so that if the same IP addess * is returned every time, we don't need to do the node status * request. */ struct work_record *work; struct nmb_name nmbname; struct userdata_struct *userdata; int size = sizeof(struct userdata_struct) + sizeof(fstring)+1; if( !(work = find_workgroup_on_subnet(subrec, q_name->name)) ) { if( DEBUGLVL( 0 ) ) { dbgtext( "find_domain_master_name_query_success:\n" ); dbgtext( "Failed to find workgroup %s\n", q_name->name ); } return; } /* First check if we already have a dmb for this workgroup. */ if(!is_zero_ip(work->dmb_addr) && ip_equal(work->dmb_addr, answer_ip)) { /* Do the local master browser announcement to the domain master browser name and IP. */ announce_local_master_browser_to_domain_master_browser( work ); /* Now synchronise lists with the domain master browser. */ sync_with_dmb(work); return; } else zero_ip(&work->dmb_addr); /* Now initiate the node status request. */ make_nmb_name(&nmbname,"*",0x0); /* Put the workgroup name into the userdata so we know what workgroup we're talking to when the reply comes back. */ /* Setup the userdata_struct - this is copied so we can use a stack variable for this. */ if((userdata = (struct userdata_struct *)malloc(size)) == NULL) { DEBUG(0, ("find_domain_master_name_query_success: malloc fail.\n")); return; } userdata->copy_fn = NULL; userdata->free_fn = NULL; userdata->userdata_len = strlen(work->work_group)+1; pstrcpy(userdata->data, work->work_group); node_status( subrec, &nmbname, answer_ip, domain_master_node_status_success, domain_master_node_status_fail, userdata); zero_free(userdata, size); }
/***************************************************** return a connection to a server (existing or new) *******************************************************/ struct smbw_server *smbw_server(char *server, char *share) { struct smbw_server *srv=NULL; struct cli_state c; char *username; char *password; char *workgroup; struct nmb_name called, calling; char *p, *server_n = server; fstring group; pstring ipenv; struct in_addr ip; zero_ip(&ip); ZERO_STRUCT(c); get_auth_data_fn(server, share, &workgroup, &username, &password); /* try to use an existing connection */ for (srv=smbw_srvs;srv;srv=srv->next) { if (strcmp(server,srv->server_name)==0 && strcmp(share,srv->share_name)==0 && strcmp(workgroup,srv->workgroup)==0 && strcmp(username, srv->username) == 0) return srv; } if (server[0] == 0) { errno = EPERM; return NULL; } make_nmb_name(&calling, global_myname, 0x0); make_nmb_name(&called , server, 0x20); DEBUG(4,("server_n=[%s] server=[%s]\n", server_n, server)); if ((p=strchr(server_n,'#')) && (strcmp(p+1,"1D")==0 || strcmp(p+1,"01")==0)) { struct in_addr sip; pstring s; fstrcpy(group, server_n); p = strchr(group,'#'); *p = 0; /* cache the workgroup master lookup */ slprintf(s,sizeof(s)-1,"MASTER_%s", group); if (!(server_n = smbw_getshared(s))) { if (!find_master_ip(group, &sip)) { errno = ENOENT; return NULL; } fstrcpy(group, inet_ntoa(sip)); server_n = group; smbw_setshared(s,server_n); } } DEBUG(4,(" -> server_n=[%s] server=[%s]\n", server_n, server)); again: slprintf(ipenv,sizeof(ipenv)-1,"HOST_%s", server_n); zero_ip(&ip); if ((p=smbw_getshared(ipenv))) { ip = *(interpret_addr2(p)); } /* have to open a new connection */ if (!cli_initialise(&c) || !cli_connect(&c, server_n, &ip)) { errno = ENOENT; return NULL; } if (!cli_session_request(&c, &calling, &called)) { cli_shutdown(&c); if (strcmp(called.name, "*SMBSERVER")) { make_nmb_name(&called , "*SMBSERVER", 0x20); goto again; } errno = ENOENT; return NULL; } DEBUG(4,(" session request ok\n")); if (!cli_negprot(&c)) { cli_shutdown(&c); errno = ENOENT; return NULL; } if (!cli_session_setup(&c, username, password, strlen(password), password, strlen(password), workgroup) && /* try an anonymous login if it failed */ !cli_session_setup(&c, "", "", 1,"", 0, workgroup)) { cli_shutdown(&c); errno = EPERM; return NULL; } DEBUG(4,(" session setup ok\n")); if (!cli_send_tconX(&c, share, "?????", password, strlen(password)+1)) { errno = smbw_errno(&c); cli_shutdown(&c); return NULL; } smbw_setshared(ipenv,inet_ntoa(ip)); DEBUG(4,(" tconx ok\n")); srv = (struct smbw_server *)malloc(sizeof(*srv)); if (!srv) { errno = ENOMEM; goto failed; } ZERO_STRUCTP(srv); srv->cli = c; srv->dev = (dev_t)(str_checksum(server) ^ str_checksum(share)); srv->server_name = strdup(server); if (!srv->server_name) { errno = ENOMEM; goto failed; } srv->share_name = strdup(share); if (!srv->share_name) { errno = ENOMEM; goto failed; } srv->workgroup = strdup(workgroup); if (!srv->workgroup) { errno = ENOMEM; goto failed; } srv->username = strdup(username); if (!srv->username) { errno = ENOMEM; goto failed; } /* some programs play with file descriptors fairly intimately. We try to get out of the way by duping to a high fd number */ if (fcntl(SMBW_CLI_FD + srv->cli.fd, F_GETFD) && errno == EBADF) { if (dup2(srv->cli.fd,SMBW_CLI_FD+srv->cli.fd) == srv->cli.fd+SMBW_CLI_FD) { close(srv->cli.fd); srv->cli.fd += SMBW_CLI_FD; } } DLIST_ADD(smbw_srvs, srv); return srv; failed: cli_shutdown(&c); if (!srv) return NULL; SAFE_FREE(srv->server_name); SAFE_FREE(srv->share_name); SAFE_FREE(srv); return NULL; }
static bool cli_prep_mailslot(bool unique, const char *mailslot, uint16_t priority, char *buf, int len, const char *srcname, int src_type, const char *dstname, int dest_type, const struct sockaddr_storage *dest_ss, int dgm_id, struct packet_struct *p) { struct dgram_packet *dgram = &p->packet.dgram; char *ptr, *p2; char tmp[4]; char addr[INET6_ADDRSTRLEN]; ZERO_STRUCTP(p); /* * Next, build the DGRAM ... */ /* DIRECT GROUP or UNIQUE datagram. */ dgram->header.msg_type = unique ? 0x10 : 0x11; dgram->header.flags.node_type = M_NODE; dgram->header.flags.first = True; dgram->header.flags.more = False; dgram->header.dgm_id = dgm_id; /* source ip is filled by nmbd */ dgram->header.dgm_length = 0; /* Let build_dgram() handle this. */ dgram->header.packet_offset = 0; make_nmb_name(&dgram->source_name,srcname,src_type); make_nmb_name(&dgram->dest_name,dstname,dest_type); ptr = &dgram->data[0]; /* Setup the smb part. */ ptr -= 4; /* XXX Ugliness because of handling of tcp SMB length. */ memcpy(tmp,ptr,4); if (smb_size + 17*2 + strlen(mailslot) + 1 + len > MAX_DGRAM_SIZE) { DEBUG(0, ("cli_send_mailslot: Cannot write beyond end of packet\n")); return False; } cli_set_message(ptr,17,strlen(mailslot) + 1 + len,True); memcpy(ptr,tmp,4); SCVAL(ptr,smb_com,SMBtrans); SSVAL(ptr,smb_vwv1,len); SSVAL(ptr,smb_vwv11,len); SSVAL(ptr,smb_vwv12,70 + strlen(mailslot)); SSVAL(ptr,smb_vwv13,3); SSVAL(ptr,smb_vwv14,1); SSVAL(ptr,smb_vwv15,priority); SSVAL(ptr,smb_vwv16,2); p2 = smb_buf(ptr); fstrcpy(p2,mailslot); p2 = skip_string(ptr,MAX_DGRAM_SIZE,p2); if (!p2) { return False; } memcpy(p2,buf,len); p2 += len; dgram->datasize = PTR_DIFF(p2,ptr+4); /* +4 for tcp length. */ p->packet_type = DGRAM_PACKET; p->ip = ((const struct sockaddr_in *)dest_ss)->sin_addr; p->timestamp = time(NULL); DEBUG(4,("send_mailslot: Sending to mailslot %s from %s ", mailslot, nmb_namestr(&dgram->source_name))); print_sockaddr(addr, sizeof(addr), dest_ss); DEBUGADD(4,("to %s IP %s\n", nmb_namestr(&dgram->dest_name), addr)); return true; }
static void sync_child(char *name, int nm_type, char *workgroup, struct in_addr ip, bool local, bool servers, char *fname) { fstring unix_workgroup; struct cli_state *cli; uint32 local_type = local ? SV_TYPE_LOCAL_LIST_ONLY : 0; struct nmb_name called, calling; struct sockaddr_storage ss; NTSTATUS status; /* W2K DMB's return empty browse lists on port 445. Use 139. * Patch from Andy Levine [email protected]. */ cli = cli_initialise(); if (!cli) { return; } cli_set_port(cli, 139); in_addr_to_sockaddr_storage(&ss, ip); status = cli_connect(cli, name, &ss); if (!NT_STATUS_IS_OK(status)) { cli_shutdown(cli); return; } make_nmb_name(&calling, get_local_machine_name(), 0x0); make_nmb_name(&called , name, nm_type); if (!cli_session_request(cli, &calling, &called)) { cli_shutdown(cli); return; } status = cli_negprot(cli); if (!NT_STATUS_IS_OK(status)) { cli_shutdown(cli); return; } if (!NT_STATUS_IS_OK(cli_session_setup(cli, "", "", 1, "", 0, workgroup))) { cli_shutdown(cli); return; } if (!NT_STATUS_IS_OK(cli_tcon_andx(cli, "IPC$", "IPC", "", 1))) { cli_shutdown(cli); return; } /* All the cli_XX functions take UNIX character set. */ fstrcpy(unix_workgroup, cli->server_domain ? cli->server_domain : workgroup); /* Fetch a workgroup list. */ cli_NetServerEnum(cli, unix_workgroup, local_type|SV_TYPE_DOMAIN_ENUM, callback, NULL); /* Now fetch a server list. */ if (servers) { fstrcpy(unix_workgroup, workgroup); cli_NetServerEnum(cli, unix_workgroup, local?SV_TYPE_LOCAL_LIST_ONLY:SV_TYPE_ALL, callback, NULL); } cli_shutdown(cli); }
static struct cli_state *do_connect( const char *server, const char *share, BOOL show_sessetup ) { struct cli_state *c = NULL; struct nmb_name called, calling; const char *server_n; struct in_addr ip; pstring servicename; char *sharename; fstring newserver, newshare; NTSTATUS status; /* make a copy so we don't modify the global string 'service' */ pstrcpy(servicename, share); sharename = servicename; if (*sharename == '\\') { server = sharename+2; sharename = strchr_m(server,'\\'); if (!sharename) return NULL; *sharename = 0; sharename++; } server_n = server; zero_ip(&ip); make_nmb_name(&calling, global_myname(), 0x0); make_nmb_name(&called , server, name_type); again: zero_ip(&ip); if (have_ip) ip = dest_ip; /* have to open a new connection */ if (!(c=cli_initialise()) || (cli_set_port(c, port) != port)) { d_printf("Connection to %s failed\n", server_n); return NULL; } status = cli_connect(c, server_n, &ip); if (!NT_STATUS_IS_OK(status)) { d_printf("Connection to %s failed (Error %s)\n", server_n, nt_errstr(status)); return NULL; } c->protocol = max_protocol; c->use_kerberos = use_kerberos; cli_setup_signing_state(c, signing_state); if (!cli_session_request(c, &calling, &called, NULL)) { char *p; d_printf("session request to %s failed (%s)\n", called.name, cli_errstr(c)); cli_shutdown(c); c = NULL; if ((p=strchr_m(called.name, '.'))) { *p = 0; goto again; } if (strcmp(called.name, "*SMBSERVER")) { make_nmb_name(&called , "*SMBSERVER", 0x20); goto again; } return NULL; } DEBUG(4,(" session request ok\n")); if (!cli_negprot(c)) { d_printf("protocol negotiation failed\n"); cli_shutdown(c); return NULL; } if (!got_pass) { char *pass = getpass("Password: "******"", "", 0, "", 0, lp_workgroup()))) { d_printf("session setup failed: %s\n", cli_errstr(c)); if (NT_STATUS_V(cli_nt_error(c)) == NT_STATUS_V(NT_STATUS_MORE_PROCESSING_REQUIRED)) d_printf("did you forget to run kinit?\n"); cli_shutdown(c); return NULL; } d_printf("Anonymous login successful\n"); } if ( show_sessetup ) { if (*c->server_domain) { DEBUG(0,("Domain=[%s] OS=[%s] Server=[%s]\n", c->server_domain,c->server_os,c->server_type)); } else if (*c->server_os || *c->server_type){ DEBUG(0,("OS=[%s] Server=[%s]\n", c->server_os,c->server_type)); } } DEBUG(4,(" session setup ok\n")); /* here's the fun part....to support 'msdfs proxy' shares (on Samba or windows) we have to issues a TRANS_GET_DFS_REFERRAL here before trying to connect to the original share. check_dfs_proxy() will fail if it is a normal share. */ if ( (c->capabilities & CAP_DFS) && cli_check_msdfs_proxy( c, sharename, newserver, newshare ) ) { cli_shutdown(c); return do_connect( newserver, newshare, False ); } /* must be a normal share */ if (!cli_send_tconX(c, sharename, "?????", password, strlen(password)+1)) { d_printf("tree connect failed: %s\n", cli_errstr(c)); cli_shutdown(c); return NULL; } DEBUG(4,(" tconx ok\n")); return c; }
NTSTATUS cli_full_connection(struct cli_state **output_cli, const char *my_name, const char *dest_host, struct in_addr *dest_ip, int port, const char *service, const char *service_type, const char *user, const char *domain, const char *password, int pass_len) { struct ntuser_creds creds; NTSTATUS nt_status; struct nmb_name calling; struct nmb_name called; struct cli_state *cli; struct in_addr ip; if (!output_cli) DEBUG(0, ("output_cli is NULL!?!")); *output_cli = NULL; make_nmb_name(&calling, my_name, 0x0); make_nmb_name(&called , dest_host, 0x20); again: if (!(cli = cli_initialise(NULL))) return NT_STATUS_NO_MEMORY; if (cli_set_port(cli, port) != port) { cli_shutdown(cli); return NT_STATUS_UNSUCCESSFUL; } ip = *dest_ip; DEBUG(3,("Connecting to host=%s share=%s\n", dest_host, service)); if (!cli_connect(cli, dest_host, &ip)) { DEBUG(1,("cli_establish_connection: failed to connect to %s (%s)\n", nmb_namestr(&called), inet_ntoa(*dest_ip))); cli_shutdown(cli); return NT_STATUS_UNSUCCESSFUL; } if (!cli_session_request(cli, &calling, &called)) { char *p; DEBUG(1,("session request to %s failed (%s)\n", called.name, cli_errstr(cli))); cli_shutdown(cli); if ((p=strchr(called.name, '.')) && !is_ipaddress(called.name)) { *p = 0; goto again; } if (strcmp(called.name, "*SMBSERVER")) { make_nmb_name(&called , "*SMBSERVER", 0x20); goto again; } return NT_STATUS_UNSUCCESSFUL; } if (!cli_negprot(cli)) { DEBUG(1,("failed negprot\n")); nt_status = NT_STATUS_UNSUCCESSFUL; cli_shutdown(cli); return nt_status; } if (!cli_session_setup(cli, user, password, pass_len, password, pass_len, domain)) { DEBUG(1,("failed session setup\n")); nt_status = cli_nt_error(cli); cli_shutdown(cli); if (NT_STATUS_IS_OK(nt_status)) nt_status = NT_STATUS_UNSUCCESSFUL; return nt_status; } if (service) { if (!cli_send_tconX(cli, service, service_type, password, pass_len)) { DEBUG(1,("failed tcon_X\n")); nt_status = cli_nt_error(cli); cli_shutdown(cli); if (NT_STATUS_IS_OK(nt_status)) nt_status = NT_STATUS_UNSUCCESSFUL; return nt_status; } } init_creds(&creds, user, domain, password, pass_len); cli_init_creds(cli, &creds); *output_cli = cli; return NT_STATUS_OK; }
static void get_domain_master_name_node_status_success(struct subnet_record *subrec, struct userdata_struct *userdata, struct res_rec *answers, struct in_addr from_ip) { struct work_record *work; fstring server_name; server_name[0] = 0; if( DEBUGLVL( 3 ) ) { dbgtext( "get_domain_master_name_node_status_success:\n" ); dbgtext( "Success in node status from ip %s\n", inet_ntoa(from_ip) ); } /* * Go through the list of names found at answers->rdata and look for * the first WORKGROUP<0x1b> name. */ if(answers->rdata != NULL) { char *p = answers->rdata; int numnames = CVAL(p, 0); p += 1; while (numnames--) { char qname[17]; uint16 nb_flags; int name_type; StrnCpy(qname,p,15); name_type = CVAL(p,15); nb_flags = get_nb_flags(&p[16]); trim_string(qname,NULL," "); p += 18; if(!(nb_flags & NB_GROUP) && (name_type == 0x00) && server_name[0] == 0) { /* this is almost certainly the server netbios name */ fstrcpy(server_name, qname); continue; } if(!(nb_flags & NB_GROUP) && (name_type == 0x1b)) { if( DEBUGLVL( 5 ) ) { dbgtext( "get_domain_master_name_node_status_success:\n" ); dbgtext( "%s(%s) ", server_name, inet_ntoa(from_ip) ); dbgtext( "is a domain master browser for workgroup " ); dbgtext( "%s. Adding this name.\n", qname ); } /* * If we don't already know about this workgroup, add it * to the workgroup list on the unicast_subnet. */ if((work = find_workgroup_on_subnet( subrec, qname)) == NULL) { struct nmb_name nmbname; /* * Add it - with an hour in the cache. */ if(!(work= create_workgroup_on_subnet(subrec, qname, 60*60))) return; /* remember who the master is */ fstrcpy(work->local_master_browser_name, server_name); make_nmb_name(&nmbname, server_name, 0x20); work->dmb_name = nmbname; work->dmb_addr = from_ip; } break; } } } else if( DEBUGLVL( 0 ) ) { dbgtext( "get_domain_master_name_node_status_success:\n" ); dbgtext( "Failed to find a WORKGROUP<0x1b> name in reply from IP " ); dbgtext( "%s.\n", inet_ntoa(from_ip) ); } }
bool cli_send_mailslot(struct messaging_context *msg_ctx, bool unique, const char *mailslot, uint16 priority, char *buf, int len, const char *srcname, int src_type, const char *dstname, int dest_type, const struct sockaddr_storage *dest_ss) { struct packet_struct p; struct dgram_packet *dgram = &p.packet.dgram; char *ptr, *p2; char tmp[4]; pid_t nmbd_pid; char addr[INET6_ADDRSTRLEN]; if ((nmbd_pid = pidfile_pid("nmbd")) == 0) { DEBUG(3, ("No nmbd found\n")); return False; } if (dest_ss->ss_family != AF_INET) { DEBUG(3, ("cli_send_mailslot: can't send to IPv6 address.\n")); return false; } memset((char *)&p, '\0', sizeof(p)); /* * Next, build the DGRAM ... */ /* DIRECT GROUP or UNIQUE datagram. */ dgram->header.msg_type = unique ? 0x10 : 0x11; dgram->header.flags.node_type = M_NODE; dgram->header.flags.first = True; dgram->header.flags.more = False; dgram->header.dgm_id = ((unsigned)time(NULL)%(unsigned)0x7FFF) + ((unsigned)sys_getpid()%(unsigned)100); /* source ip is filled by nmbd */ dgram->header.dgm_length = 0; /* Let build_dgram() handle this. */ dgram->header.packet_offset = 0; make_nmb_name(&dgram->source_name,srcname,src_type); make_nmb_name(&dgram->dest_name,dstname,dest_type); ptr = &dgram->data[0]; /* Setup the smb part. */ ptr -= 4; /* XXX Ugliness because of handling of tcp SMB length. */ memcpy(tmp,ptr,4); if (smb_size + 17*2 + strlen(mailslot) + 1 + len > MAX_DGRAM_SIZE) { DEBUG(0, ("cli_send_mailslot: Cannot write beyond end of packet\n")); return False; } cli_set_message(ptr,17,strlen(mailslot) + 1 + len,True); memcpy(ptr,tmp,4); SCVAL(ptr,smb_com,SMBtrans); SSVAL(ptr,smb_vwv1,len); SSVAL(ptr,smb_vwv11,len); SSVAL(ptr,smb_vwv12,70 + strlen(mailslot)); SSVAL(ptr,smb_vwv13,3); SSVAL(ptr,smb_vwv14,1); SSVAL(ptr,smb_vwv15,priority); SSVAL(ptr,smb_vwv16,2); p2 = smb_buf(ptr); fstrcpy(p2,mailslot); p2 = skip_string(ptr,MAX_DGRAM_SIZE,p2); if (!p2) { return False; } memcpy(p2,buf,len); p2 += len; dgram->datasize = PTR_DIFF(p2,ptr+4); /* +4 for tcp length. */ p.packet_type = DGRAM_PACKET; p.ip = ((const struct sockaddr_in *)dest_ss)->sin_addr; p.timestamp = time(NULL); DEBUG(4,("send_mailslot: Sending to mailslot %s from %s ", mailslot, nmb_namestr(&dgram->source_name))); print_sockaddr(addr, sizeof(addr), dest_ss); DEBUGADD(4,("to %s IP %s\n", nmb_namestr(&dgram->dest_name), addr)); return NT_STATUS_IS_OK(messaging_send_buf(msg_ctx, pid_to_procid(nmbd_pid), MSG_SEND_PACKET, (uint8 *)&p, sizeof(p))); }
static struct cli_state *do_connect( const char *server, const char *share, BOOL show_sessetup ) { struct cli_state *c; struct nmb_name called, calling; const char *server_n; struct in_addr ip; pstring servicename; char *sharename; /* make a copy so we don't modify the global string 'service' */ pstrcpy(servicename, share); sharename = servicename; if (*sharename == '\\') { server = sharename+2; sharename = strchr_m(server,'\\'); if (!sharename) return NULL; *sharename = 0; sharename++; } server_n = server; zero_ip(&ip); make_nmb_name(&calling, global_myname(), 0x0); make_nmb_name(&called , server, name_type); again: zero_ip(&ip); if (have_ip) ip = dest_ip; /* have to open a new connection */ if (!(c=cli_initialise(NULL)) || (cli_set_port(c, port) != port) || !cli_connect(c, server_n, &ip)) { d_printf("Connection to %s failed\n", server_n); return NULL; } c->protocol = max_protocol; c->use_kerberos = use_kerberos; cli_setup_signing_state(c, signing_state); if (!cli_session_request(c, &calling, &called)) { char *p; d_printf("session request to %s failed (%s)\n", called.name, cli_errstr(c)); cli_shutdown(c); if ((p=strchr_m(called.name, '.'))) { *p = 0; goto again; } if (strcmp(called.name, "*SMBSERVER")) { make_nmb_name(&called , "*SMBSERVER", 0x20); goto again; } return NULL; } DEBUG(4,(" session request ok\n")); if (!cli_negprot(c)) { d_printf("protocol negotiation failed\n"); cli_shutdown(c); return NULL; } if (!got_pass) { char *pass = getpass("Password: "******"", "", 0, "", 0, lp_workgroup())) { d_printf("session setup failed: %s\n", cli_errstr(c)); if (NT_STATUS_V(cli_nt_error(c)) == NT_STATUS_V(NT_STATUS_MORE_PROCESSING_REQUIRED)) d_printf("did you forget to run kinit?\n"); cli_shutdown(c); return NULL; } d_printf("Anonymous login successful\n"); } if ( show_sessetup ) { if (*c->server_domain) { DEBUG(0,("Domain=[%s] OS=[%s] Server=[%s]\n", c->server_domain,c->server_os,c->server_type)); } else if (*c->server_os || *c->server_type){ DEBUG(0,("OS=[%s] Server=[%s]\n", c->server_os,c->server_type)); } } DEBUG(4,(" session setup ok\n")); if (!cli_send_tconX(c, sharename, "?????", password, strlen(password)+1)) { d_printf("tree connect failed: %s\n", cli_errstr(c)); cli_shutdown(c); return NULL; } DEBUG(4,(" tconx ok\n")); return c; }
int vscan_send_warning_message(const char *filename, const char *virname, const char *ipaddr) { struct in_addr ip; struct sockaddr_storage ss; struct nmb_name called, calling; pstring myname; pstring message; pstring shortfilename; char* lastslash; static pstring lastfile; static pstring lastip; #if SAMBA_VERSION_MAJOR==3 fstrcpy(remote_machine, get_remote_machine_name()); DEBUG(5, ("remote machine is: %s\n", remote_machine)); #endif /* Only notify once for a given virus/ip combo - otherwise the * scanner will go crazy reaccessing the file and sending * messages once the user hits the "okay" button */ if (strncmp(lastfile,filename,sizeof(pstring)) == 0) { if (strncmp(lastip,ipaddr,sizeof(pstring)) == 0) { DEBUG(5,("Both IP and Filename are the same, not notifying\n")); return 0; } } ZERO_ARRAY(lastfile); ZERO_ARRAY(lastip); pstrcpy(lastfile,filename); pstrcpy(lastip,ipaddr); ZERO_ARRAY(myname); pstrcpy(myname,myhostname()); ZERO_ARRAY(username); /* could make this configurable */ snprintf(username,sizeof(pstring)-1,"%s VIRUS SCANNER",myname); /* We need to get the real ip structure from the ip string * is this info already available somewhere else in samba? */ zero_ip_v4(&ip); if (inet_aton(ipaddr,&ip) == 0) { DEBUG(5,("Cannot resolve ip address %s\n", ipaddr)); return 1; } in_addr_to_sockaddr_storage(&ss, ip); make_nmb_name(&calling, myname, 0x0); make_nmb_name(&called , remote_machine, name_type); if (!(cli=cli_initialise())) { DEBUG(5,("Connection to %s failed\n", remote_machine)); return 1; } cli_set_port(cli, port); if (!NT_STATUS_IS_OK(cli_connect(cli, remote_machine, &ss))) { DEBUG(5,("Connection to %s failed\n", remote_machine)); return 1; } if (!cli_session_request(cli, &calling, &called)) { DEBUG(5,("session request failed\n")); cli_shutdown(cli); return 1; } ZERO_ARRAY(shortfilename); /* we don't want the entire filename, otherwise the message service may choke * so we chop off the path up to the very last forward-slash * assumption: unix-style pathnames in filename (don't know if there's a * portable file-separator variable... */ lastslash = strrchr(filename,'/'); if (lastslash != NULL && lastslash != filename) { pstrcpy(shortfilename,lastslash+1); } else { pstrcpy(shortfilename,filename); } ZERO_ARRAY(message); /* could make the message configurable and language specific? */ snprintf(message,sizeof(pstring)-1, "%s IS INFECTED WITH VIRUS %s.\r\n\r\nAccess will be denied.\r\nPlease contact your system administrator", shortfilename, virname); /* actually send the message... */ send_message(message); cli_shutdown(cli); return 0; }
NTSTATUS remote_password_change(const char *remote_machine, const char *user_name, const char *old_passwd, const char *new_passwd, char **err_str) { struct nmb_name calling, called; struct cli_state *cli; struct rpc_pipe_client *pipe_hnd; struct sockaddr_storage ss; NTSTATUS result; bool pass_must_change = False; *err_str = NULL; if(!resolve_name( remote_machine, &ss, 0x20)) { asprintf(err_str, "Unable to find an IP address for machine " "%s.\n", remote_machine); return NT_STATUS_UNSUCCESSFUL; } cli = cli_initialise(); if (!cli) { return NT_STATUS_NO_MEMORY; } result = cli_connect(cli, remote_machine, &ss); if (!NT_STATUS_IS_OK(result)) { asprintf(err_str, "Unable to connect to SMB server on " "machine %s. Error was : %s.\n", remote_machine, nt_errstr(result)); cli_shutdown(cli); return result; } make_nmb_name(&calling, global_myname() , 0x0); make_nmb_name(&called , remote_machine, 0x20); if (!cli_session_request(cli, &calling, &called)) { asprintf(err_str, "machine %s rejected the session setup. " "Error was : %s.\n", remote_machine, cli_errstr(cli) ); result = cli_nt_error(cli); cli_shutdown(cli); return result; } cli->protocol = PROTOCOL_NT1; if (!cli_negprot(cli)) { asprintf(err_str, "machine %s rejected the negotiate " "protocol. Error was : %s.\n", remote_machine, cli_errstr(cli) ); result = cli_nt_error(cli); cli_shutdown(cli); return result; } /* Given things like SMB signing, restrict anonymous and the like, try an authenticated connection first */ result = cli_session_setup(cli, user_name, old_passwd, strlen(old_passwd)+1, old_passwd, strlen(old_passwd)+1, ""); if (!NT_STATUS_IS_OK(result)) { /* Password must change or Password expired are the only valid * error conditions here from where we can proceed, the rest like * account locked out or logon failure will lead to errors later * anyway */ if (!NT_STATUS_EQUAL(result, NT_STATUS_PASSWORD_MUST_CHANGE) && !NT_STATUS_EQUAL(result, NT_STATUS_PASSWORD_EXPIRED)) { asprintf(err_str, "Could not connect to machine %s: " "%s\n", remote_machine, cli_errstr(cli)); cli_shutdown(cli); return result; } pass_must_change = True; /* * We should connect as the anonymous user here, in case * the server has "must change password" checked... * Thanks to <*****@*****.**> for this fix. */ result = cli_session_setup(cli, "", "", 0, "", 0, ""); if (!NT_STATUS_IS_OK(result)) { asprintf(err_str, "machine %s rejected the session " "setup. Error was : %s.\n", remote_machine, cli_errstr(cli) ); cli_shutdown(cli); return result; } cli_init_creds(cli, "", "", NULL); } else { cli_init_creds(cli, user_name, "", old_passwd); } if (!cli_send_tconX(cli, "IPC$", "IPC", "", 1)) { asprintf(err_str, "machine %s rejected the tconX on the IPC$ " "share. Error was : %s.\n", remote_machine, cli_errstr(cli) ); result = cli_nt_error(cli); cli_shutdown(cli); return result; } /* Try not to give the password away too easily */ if (!pass_must_change) { pipe_hnd = cli_rpc_pipe_open_ntlmssp(cli, PI_SAMR, PIPE_AUTH_LEVEL_PRIVACY, "", /* what domain... ? */ user_name, old_passwd, &result); } else { /* * If the user password must be changed the ntlmssp bind will * fail the same way as the session setup above did. The * difference ist that with a pipe bind we don't get a good * error message, the result will be that the rpc call below * will just fail. So we do it anonymously, there's no other * way. */ pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_SAMR, &result); } if (!pipe_hnd) { if (lp_client_lanman_auth()) { /* Use the old RAP method. */ if (!cli_oem_change_password(cli, user_name, new_passwd, old_passwd)) { asprintf(err_str, "machine %s rejected the " "password change: Error was : %s.\n", remote_machine, cli_errstr(cli) ); result = cli_nt_error(cli); cli_shutdown(cli); return result; } } else { asprintf(err_str, "SAMR connection to machine %s " "failed. Error was %s, but LANMAN password " "changed are disabled\n", nt_errstr(result), remote_machine); result = cli_nt_error(cli); cli_shutdown(cli); return result; } } if (NT_STATUS_IS_OK(result = rpccli_samr_chgpasswd_user(pipe_hnd, pipe_hnd->mem_ctx, user_name, new_passwd, old_passwd))) { /* Great - it all worked! */ cli_shutdown(cli); return NT_STATUS_OK; } else if (!(NT_STATUS_EQUAL(result, NT_STATUS_ACCESS_DENIED) || NT_STATUS_EQUAL(result, NT_STATUS_UNSUCCESSFUL))) { /* it failed, but for reasons such as wrong password, too short etc ... */ asprintf(err_str, "machine %s rejected the password change: " "Error was : %s.\n", remote_machine, get_friendly_nt_error_msg(result)); cli_shutdown(cli); return result; } /* OK, that failed, so try again... */ cli_rpc_pipe_close(pipe_hnd); /* Try anonymous NTLMSSP... */ cli_init_creds(cli, "", "", NULL); result = NT_STATUS_UNSUCCESSFUL; /* OK, this is ugly, but... try an anonymous pipe. */ pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_SAMR, &result); if ( pipe_hnd && (NT_STATUS_IS_OK(result = rpccli_samr_chgpasswd_user(pipe_hnd, pipe_hnd->mem_ctx, user_name, new_passwd, old_passwd)))) { /* Great - it all worked! */ cli_shutdown(cli); return NT_STATUS_OK; } else { if (!(NT_STATUS_EQUAL(result, NT_STATUS_ACCESS_DENIED) || NT_STATUS_EQUAL(result, NT_STATUS_UNSUCCESSFUL))) { /* it failed, but again it was due to things like new password too short */ asprintf(err_str, "machine %s rejected the " "(anonymous) password change: Error was : " "%s.\n", remote_machine, get_friendly_nt_error_msg(result)); cli_shutdown(cli); return result; } /* We have failed to change the user's password, and we think the server just might not support SAMR password changes, so fall back */ if (lp_client_lanman_auth()) { /* Use the old RAP method. */ if (cli_oem_change_password(cli, user_name, new_passwd, old_passwd)) { /* SAMR failed, but the old LanMan protocol worked! */ cli_shutdown(cli); return NT_STATUS_OK; } asprintf(err_str, "machine %s rejected the password " "change: Error was : %s.\n", remote_machine, cli_errstr(cli) ); result = cli_nt_error(cli); cli_shutdown(cli); return result; } else { asprintf(err_str, "SAMR connection to machine %s " "failed. Error was %s, but LANMAN password " "changed are disabled\n", nt_errstr(result), remote_machine); cli_shutdown(cli); return NT_STATUS_UNSUCCESSFUL; } } }
/**************************************************************************** do a netbios name query to find someones IP returns an array of IP addresses or NULL if none *count will be set to the number of addresses returned ****************************************************************************/ struct in_addr * name_query (int fd, const char *name, int name_type, BOOL bcast, BOOL recurse, struct in_addr to_ip, int *count, void (*fn) (struct packet_struct *)) { BOOL found = False; int i, retries = 3; int retry_time = bcast ? 250 : 2000; struct timeval tval; struct packet_struct p; struct packet_struct *p2; struct nmb_packet *nmb = &p.packet.nmb; static int name_trn_id = 0; struct in_addr *ip_list = NULL; memset ((char *) &p, '\0', sizeof (p)); (*count) = 0; if (!name_trn_id) name_trn_id = ((unsigned) time (NULL) % (unsigned) 0x7FFF) + ((unsigned) getpid () % (unsigned) 100); name_trn_id = (name_trn_id + 1) % (unsigned) 0x7FFF; nmb->header.name_trn_id = name_trn_id; nmb->header.opcode = 0; nmb->header.response = False; nmb->header.nm_flags.bcast = bcast; nmb->header.nm_flags.recursion_available = False; nmb->header.nm_flags.recursion_desired = recurse; nmb->header.nm_flags.trunc = False; nmb->header.nm_flags.authoritative = False; nmb->header.rcode = 0; nmb->header.qdcount = 1; nmb->header.ancount = 0; nmb->header.nscount = 0; nmb->header.arcount = 0; make_nmb_name (&nmb->question.question_name, name, name_type); nmb->question.question_type = 0x20; nmb->question.question_class = 0x1; p.ip = to_ip; p.port = NMB_PORT; p.fd = fd; p.timestamp = time (NULL); p.packet_type = NMB_PACKET; GetTimeOfDay (&tval); if (!send_packet (&p)) return NULL; retries--; while (1) { struct timeval tval2; GetTimeOfDay (&tval2); if (TvalDiff (&tval, &tval2) > retry_time) { if (!retries) break; if (!found && !send_packet (&p)) return NULL; GetTimeOfDay (&tval); retries--; } if ((p2 = receive_packet (fd, NMB_PACKET, 90))) { struct nmb_packet *nmb2 = &p2->packet.nmb; debug_nmb_packet (p2); if (nmb->header.name_trn_id != nmb2->header.name_trn_id || !nmb2->header.response) { /* * Its not for us - maybe deal with it later * (put it on the queue?). */ if (fn) fn (p2); else free_packet (p2); continue; } if (nmb2->header.opcode != 0 || nmb2->header.nm_flags.bcast || nmb2->header.rcode || !nmb2->header.ancount) { /* * XXXX what do we do with this? Could be a redirect, but * we'll discard it for the moment. */ free_packet (p2); continue; } ip_list = (struct in_addr *) Realloc (ip_list, sizeof (ip_list[0]) * ((*count) + nmb2->answers->rdlength / 6)); if (ip_list) { DEBUG (fn ? 3 : 2, ("Got a positive name query response from %s ( ", inet_ntoa (p2->ip))); for (i = 0; i < nmb2->answers->rdlength / 6; i++) { putip ((char *) &ip_list[(*count)], &nmb2->answers->rdata[2 + i * 6]); DEBUG (fn ? 3 : 2, ("%s ", inet_ntoa (ip_list[(*count)]))); (*count)++; } DEBUG (fn ? 3 : 2, (")\n")); } found = True; retries = 0; free_packet (p2); if (fn) break; /* * If we're doing a unicast lookup we only * expect one reply. Don't wait the full 2 * seconds if we got one. JRA. */ if (!bcast && found) break; } } return ip_list; }
/************************************************************* change a password on a remote machine using IPC calls *************************************************************/ BOOL remote_password_change(const char *remote_machine, const char *user_name, const char *old_passwd, const char *new_passwd, char *err_str, size_t err_str_len) { struct nmb_name calling, called; struct cli_state cli; struct in_addr ip; *err_str = '\0'; if(!resolve_name( remote_machine, &ip, 0x20)) { slprintf(err_str, err_str_len-1, "unable to find an IP address for machine %s.\n", remote_machine ); return False; } ZERO_STRUCT(cli); if (!cli_initialise(&cli) || !cli_connect(&cli, remote_machine, &ip)) { slprintf(err_str, err_str_len-1, "unable to connect to SMB server on machine %s. Error was : %s.\n", remote_machine, cli_errstr(&cli) ); return False; } make_nmb_name(&calling, global_myname() , 0x0); make_nmb_name(&called , remote_machine, 0x20); if (!cli_session_request(&cli, &calling, &called)) { slprintf(err_str, err_str_len-1, "machine %s rejected the session setup. Error was : %s.\n", remote_machine, cli_errstr(&cli) ); cli_shutdown(&cli); return False; } cli.protocol = PROTOCOL_NT1; if (!cli_negprot(&cli)) { slprintf(err_str, err_str_len-1, "machine %s rejected the negotiate protocol. Error was : %s.\n", remote_machine, cli_errstr(&cli) ); cli_shutdown(&cli); return False; } /* * We should connect as the anonymous user here, in case * the server has "must change password" checked... * Thanks to <*****@*****.**> for this fix. */ if (!cli_session_setup(&cli, "", "", 0, "", 0, "")) { slprintf(err_str, err_str_len-1, "machine %s rejected the session setup. Error was : %s.\n", remote_machine, cli_errstr(&cli) ); cli_shutdown(&cli); return False; } if (!cli_send_tconX(&cli, "IPC$", "IPC", "", 1)) { slprintf(err_str, err_str_len-1, "machine %s rejected the tconX on the IPC$ share. Error was : %s.\n", remote_machine, cli_errstr(&cli) ); cli_shutdown(&cli); return False; } if(!cli_oem_change_password(&cli, user_name, new_passwd, old_passwd)) { slprintf(err_str, err_str_len-1, "machine %s rejected the password change: Error was : %s.\n", remote_machine, cli_errstr(&cli) ); cli_shutdown(&cli); return False; } cli_shutdown(&cli); return True; }
static SMBCSRV * SMBC_server_internal(TALLOC_CTX *ctx, SMBCCTX *context, bool connect_if_not_found, const char *server, const char *share, char **pp_workgroup, char **pp_username, char **pp_password, bool *in_cache) { SMBCSRV *srv=NULL; char *workgroup = NULL; struct cli_state *c; struct nmb_name called, calling; const char *server_n = server; struct sockaddr_storage ss; int tried_reverse = 0; int port_try_first; int port_try_next; int is_ipc = (share != NULL && strcmp(share, "IPC$") == 0); uint32 fs_attrs = 0; const char *username_used; NTSTATUS status; char *newserver, *newshare; zero_sockaddr(&ss); ZERO_STRUCT(c); *in_cache = false; if (server[0] == 0) { errno = EPERM; return NULL; } /* Look for a cached connection */ srv = SMBC_find_server(ctx, context, server, share, pp_workgroup, pp_username, pp_password); /* * If we found a connection and we're only allowed one share per * server... */ if (srv && *share != '\0' && smbc_getOptionOneSharePerServer(context)) { /* * ... then if there's no current connection to the share, * connect to it. SMBC_find_server(), or rather the function * pointed to by context->get_cached_srv_fn which * was called by SMBC_find_server(), will have issued a tree * disconnect if the requested share is not the same as the * one that was already connected. */ /* * Use srv->cli->desthost and srv->cli->share instead of * server and share below to connect to the actual share, * i.e., a normal share or a referred share from * 'msdfs proxy' share. */ if (srv->cli->cnum == (uint16) -1) { /* Ensure we have accurate auth info */ SMBC_call_auth_fn(ctx, context, srv->cli->desthost, srv->cli->share, pp_workgroup, pp_username, pp_password); if (!*pp_workgroup || !*pp_username || !*pp_password) { errno = ENOMEM; cli_shutdown(srv->cli); srv->cli = NULL; smbc_getFunctionRemoveCachedServer(context)(context, srv); return NULL; } /* * We don't need to renegotiate encryption * here as the encryption context is not per * tid. */ status = cli_tcon_andx(srv->cli, srv->cli->share, "?????", *pp_password, strlen(*pp_password)+1); if (!NT_STATUS_IS_OK(status)) { errno = map_errno_from_nt_status(status); cli_shutdown(srv->cli); srv->cli = NULL; smbc_getFunctionRemoveCachedServer(context)(context, srv); srv = NULL; } /* Determine if this share supports case sensitivity */ if (is_ipc) { DEBUG(4, ("IPC$ so ignore case sensitivity\n")); } else if (!cli_get_fs_attr_info(c, &fs_attrs)) { DEBUG(4, ("Could not retrieve " "case sensitivity flag: %s.\n", cli_errstr(c))); /* * We can't determine the case sensitivity of * the share. We have no choice but to use the * user-specified case sensitivity setting. */ if (smbc_getOptionCaseSensitive(context)) { cli_set_case_sensitive(c, True); } else { cli_set_case_sensitive(c, False); } } else { DEBUG(4, ("Case sensitive: %s\n", (fs_attrs & FILE_CASE_SENSITIVE_SEARCH ? "True" : "False"))); cli_set_case_sensitive( c, (fs_attrs & FILE_CASE_SENSITIVE_SEARCH ? True : False)); } /* * Regenerate the dev value since it's based on both * server and share */ if (srv) { srv->dev = (dev_t)(str_checksum(srv->cli->desthost) ^ str_checksum(srv->cli->share)); } } } /* If we have a connection... */ if (srv) { /* ... then we're done here. Give 'em what they came for. */ *in_cache = true; goto done; } /* If we're not asked to connect when a connection doesn't exist... */ if (! connect_if_not_found) { /* ... then we're done here. */ return NULL; } if (!*pp_workgroup || !*pp_username || !*pp_password) { errno = ENOMEM; return NULL; } make_nmb_name(&calling, smbc_getNetbiosName(context), 0x0); make_nmb_name(&called , server, 0x20); DEBUG(4,("SMBC_server: server_n=[%s] server=[%s]\n", server_n, server)); DEBUG(4,(" -> server_n=[%s] server=[%s]\n", server_n, server)); again: zero_sockaddr(&ss); /* have to open a new connection */ if ((c = cli_initialise()) == NULL) { errno = ENOMEM; return NULL; } if (smbc_getOptionUseKerberos(context)) { c->use_kerberos = True; } if (smbc_getOptionFallbackAfterKerberos(context)) { c->fallback_after_kerberos = True; } if (smbc_getOptionUseCCache(context)) { c->use_ccache = True; } c->timeout = smbc_getTimeout(context); /* * Force use of port 139 for first try if share is $IPC, empty, or * null, so browse lists can work */ if (share == NULL || *share == '\0' || is_ipc) { port_try_first = 139; port_try_next = 445; } else { port_try_first = 445; port_try_next = 139; } c->port = port_try_first; status = cli_connect(c, server_n, &ss); if (!NT_STATUS_IS_OK(status)) { /* First connection attempt failed. Try alternate port. */ c->port = port_try_next; status = cli_connect(c, server_n, &ss); if (!NT_STATUS_IS_OK(status)) { cli_shutdown(c); errno = ETIMEDOUT; return NULL; } } if (!cli_session_request(c, &calling, &called)) { cli_shutdown(c); if (strcmp(called.name, "*SMBSERVER")) { make_nmb_name(&called , "*SMBSERVER", 0x20); goto again; } else { /* Try one more time, but ensure we don't loop */ /* Only try this if server is an IP address ... */ if (is_ipaddress(server) && !tried_reverse) { fstring remote_name; struct sockaddr_storage rem_ss; if (!interpret_string_addr(&rem_ss, server, NI_NUMERICHOST)) { DEBUG(4, ("Could not convert IP address " "%s to struct sockaddr_storage\n", server)); errno = ETIMEDOUT; return NULL; } tried_reverse++; /* Yuck */ if (name_status_find("*", 0, 0, &rem_ss, remote_name)) { make_nmb_name(&called, remote_name, 0x20); goto again; } } } errno = ETIMEDOUT; return NULL; } DEBUG(4,(" session request ok\n")); status = cli_negprot(c); if (!NT_STATUS_IS_OK(status)) { cli_shutdown(c); errno = ETIMEDOUT; return NULL; } username_used = *pp_username; if (!NT_STATUS_IS_OK(cli_session_setup(c, username_used, *pp_password, strlen(*pp_password), *pp_password, strlen(*pp_password), *pp_workgroup))) { fprintf(stderr, "JerryLin: Libsmb_server.c->SMBC_server_internal: cli_session_setup fail with username=[%s], password=[%s]\n", username_used, *pp_password); /* Failed. Try an anonymous login, if allowed by flags. */ username_used = ""; if (smbc_getOptionNoAutoAnonymousLogin(context) || !NT_STATUS_IS_OK(cli_session_setup(c, username_used, *pp_password, 1, *pp_password, 0, *pp_workgroup))) { cli_shutdown(c); errno = EPERM; return NULL; } } status = cli_init_creds(c, username_used, *pp_workgroup, *pp_password); if (!NT_STATUS_IS_OK(status)) { errno = map_errno_from_nt_status(status); cli_shutdown(c); return NULL; } DEBUG(4,(" session setup ok\n")); /* here's the fun part....to support 'msdfs proxy' shares (on Samba or windows) we have to issues a TRANS_GET_DFS_REFERRAL here before trying to connect to the original share. cli_check_msdfs_proxy() will fail if it is a normal share. */ if ((c->capabilities & CAP_DFS) && cli_check_msdfs_proxy(ctx, c, share, &newserver, &newshare, /* FIXME: cli_check_msdfs_proxy() does not support smbc_smb_encrypt_level type */ context->internal->smb_encryption_level ? true : false, *pp_username, *pp_password, *pp_workgroup)) { cli_shutdown(c); srv = SMBC_server_internal(ctx, context, connect_if_not_found, newserver, newshare, pp_workgroup, pp_username, pp_password, in_cache); TALLOC_FREE(newserver); TALLOC_FREE(newshare); return srv; } /* must be a normal share */ status = cli_tcon_andx(c, share, "?????", *pp_password, strlen(*pp_password)+1); if (!NT_STATUS_IS_OK(status)) { errno = map_errno_from_nt_status(status); fprintf(stderr, "JerryLin: Libsmb_server.c->SMBC_server_internal: cli_tcon_andx return %08X, errno=[%d]\n", NT_STATUS_V(status), errno); cli_shutdown(c); return NULL; } DEBUG(4,(" tconx ok\n")); /* Determine if this share supports case sensitivity */ if (is_ipc) { DEBUG(4, ("IPC$ so ignore case sensitivity\n")); } else if (!cli_get_fs_attr_info(c, &fs_attrs)) { DEBUG(4, ("Could not retrieve case sensitivity flag: %s.\n", cli_errstr(c))); /* * We can't determine the case sensitivity of the share. We * have no choice but to use the user-specified case * sensitivity setting. */ if (smbc_getOptionCaseSensitive(context)) { cli_set_case_sensitive(c, True); } else { cli_set_case_sensitive(c, False); } } else { DEBUG(4, ("Case sensitive: %s\n", (fs_attrs & FILE_CASE_SENSITIVE_SEARCH ? "True" : "False"))); cli_set_case_sensitive(c, (fs_attrs & FILE_CASE_SENSITIVE_SEARCH ? True : False)); } if (context->internal->smb_encryption_level) { /* Attempt UNIX smb encryption. */ if (!NT_STATUS_IS_OK(cli_force_encryption(c, username_used, *pp_password, *pp_workgroup))) { /* * context->smb_encryption_level == 1 * means don't fail if encryption can't be negotiated, * == 2 means fail if encryption can't be negotiated. */ DEBUG(4,(" SMB encrypt failed\n")); if (context->internal->smb_encryption_level == 2) { cli_shutdown(c); errno = EPERM; return NULL; } } DEBUG(4,(" SMB encrypt ok\n")); } /* * Ok, we have got a nice connection * Let's allocate a server structure. */ srv = SMB_MALLOC_P(SMBCSRV); if (!srv) { cli_shutdown(c); errno = ENOMEM; return NULL; } ZERO_STRUCTP(srv); srv->cli = c; srv->dev = (dev_t)(str_checksum(server) ^ str_checksum(share)); srv->no_pathinfo = False; srv->no_pathinfo2 = False; srv->no_nt_session = False; done: if (!pp_workgroup || !*pp_workgroup || !**pp_workgroup) { workgroup = talloc_strdup(ctx, smbc_getWorkgroup(context)); } else { workgroup = *pp_workgroup; } if(!workgroup) { return NULL; } /* set the credentials to make DFS work */ smbc_set_credentials_with_fallback(context, workgroup, *pp_username, *pp_password); return srv; }