static int do_message_op(void)
{
struct in_addr ip;
struct nmb_name called, calling;
fstring server_name;
char name_type_hex[10];
make_nmb_name(&calling, global_myname(), 0x0);
make_nmb_name(&called , desthost, name_type);
fstrcpy(server_name, desthost);
snprintf(name_type_hex, sizeof(name_type_hex), "#%X", name_type);
fstrcat(server_name, name_type_hex);
zero_ip(&ip);
if (!(cli=cli_initialise(NULL)) || (cli_set_port(cli, port) != port) ||
!cli_connect(cli, server_name, &ip)) {
d_printf("Connection to %s failed\n", desthost);
return 1;
}
if (!cli_session_request(cli, &calling, &called)) {
d_printf("session request failed\n");
cli_shutdown(cli);
return 1;
}
send_message();
cli_shutdown(cli);
return 0;
}
BOOL attempt_netbios_session_request(struct cli_state *cli, const char *srchost, const char *desthost,
struct in_addr *pdest_ip)
{
struct nmb_name calling, called;
make_nmb_name(&calling, srchost, 0x0);
/*
* If the called name is an IP address
* then use *SMBSERVER immediately.
*/
if(is_ipaddress(desthost))
make_nmb_name(&called, "*SMBSERVER", 0x20);
else
make_nmb_name(&called, desthost, 0x20);
if (!cli_session_request(cli, &calling, &called)) {
struct nmb_name smbservername;
make_nmb_name(&smbservername , "*SMBSERVER", 0x20);
/*
* If the name wasn't *SMBSERVER then
* try with *SMBSERVER if the first name fails.
*/
if (nmb_name_equal(&called, &smbservername)) {
/*
* The name used was *SMBSERVER, don't bother with another name.
*/
DEBUG(0,("attempt_netbios_session_request: %s rejected the session for name *SMBSERVER with error %s.\n",
desthost, cli_errstr(cli) ));
return False;
}
/*
* We need to close the connection here but can't call cli_shutdown as
* will free an allocated cli struct. cli_close_connection was invented
* for this purpose. JRA. Based on work by "Kim R. Pedersen" <*****@*****.**>.
*/
cli_close_connection(cli);
if (!cli_initialise(cli) || !cli_connect(cli, desthost, pdest_ip) ||
!cli_session_request(cli, &calling, &smbservername)) {
DEBUG(0,("attempt_netbios_session_request: %s rejected the session for name *SMBSERVER with error %s\n",
desthost, cli_errstr(cli) ));
return False;
}
}
return True;
}
void register_name(struct subnet_record *subrec,
const char *name, int type, uint16 nb_flags,
register_name_success_function success_fn,
register_name_fail_function fail_fn,
struct userdata_struct *userdata)
{
struct nmb_name nmbname;
nstring nname;
errno = 0;
push_ascii_nstring(nname, name);
if (errno == E2BIG) {
unstring tname;
pull_ascii_nstring(tname, sizeof(tname), nname);
DEBUG(0,("register_name: NetBIOS name %s is too long. Truncating to %s\n",
name, tname));
make_nmb_name(&nmbname, tname, type);
} else {
make_nmb_name(&nmbname, name, type);
}
/* Always set the NB_ACTIVE flag on the name we are
registering. Doesn't make sense without it.
*/
nb_flags |= NB_ACTIVE;
if (subrec == unicast_subnet) {
/* we now always do multi-homed registration if we are
registering to a WINS server. This copes much
better with complex WINS setups */
multihomed_register_name(&nmbname, nb_flags,
success_fn, fail_fn);
return;
}
if (queue_register_name(subrec,
register_name_response,
register_name_timeout_response,
success_fn,
fail_fn,
userdata,
&nmbname,
nb_flags) == NULL) {
DEBUG(0,("register_name: Failed to send packet trying to register name %s\n",
nmb_namestr(&nmbname)));
}
}
void announce_and_sync_with_domain_master_browser( struct subnet_record *subrec,
struct work_record *work)
{
struct nmb_name nmbname;
/* Only do this if we are using a WINS server. */
if(we_are_a_wins_client() == False)
{
if( DEBUGLVL( 10 ) )
{
dbgtext( "announce_and_sync_with_domain_master_browser:\n" );
dbgtext( "Ignoring, as we are not a WINS client.\n" );
}
return;
}
make_nmb_name(&nmbname,work->work_group,0x1b);
/* First, query for the WORKGROUP<1b> name from the WINS server. */
query_name(unicast_subnet, nmbname.name, nmbname.name_type,
find_domain_master_name_query_success,
find_domain_master_name_query_fail,
NULL);
}
void sync_all_dmbs(time_t t)
{
static time_t lastrun = 0;
struct work_record *work;
int count=0;
/* Only do this if we are using a WINS server. */
if(we_are_a_wins_client() == False)
return;
/* Check to see if we are a domain master browser on the
unicast subnet. */
work = find_workgroup_on_subnet(unicast_subnet, lp_workgroup());
if (!work)
return;
if (!AM_DOMAIN_MASTER_BROWSER(work))
return;
if ((lastrun != 0) && (t < lastrun + (5 * 60)))
return;
/* count how many syncs we might need to do */
for (work=unicast_subnet->workgrouplist; work; work = work->next) {
if (strcmp(lp_workgroup(), work->work_group)) {
count++;
}
}
/* sync with a probability of 1/count */
for (work=unicast_subnet->workgrouplist; work; work = work->next) {
if (strcmp(lp_workgroup(), work->work_group)) {
unstring dmb_name;
if (((unsigned)sys_random()) % count != 0)
continue;
lastrun = t;
if (!work->dmb_name.name[0]) {
/* we don't know the DMB - assume it is
the same as the unicast local master */
make_nmb_name(&work->dmb_name,
work->local_master_browser_name,
0x20);
}
pull_ascii_nstring(dmb_name, sizeof(dmb_name), work->dmb_name.name);
DEBUG(3,("Initiating DMB<->DMB sync with %s(%s)\n",
dmb_name, inet_ntoa(work->dmb_addr)));
sync_browse_lists(work,
dmb_name,
work->dmb_name.name_type,
work->dmb_addr, False, False);
}
}
}
static void find_all_domain_master_names_query_success(struct subnet_record *subrec,
struct userdata_struct *userdata_in,
struct nmb_name *q_name, struct in_addr answer_ip, struct res_rec *rrec)
{
/*
* We now have a list of all the domain master browsers for all workgroups
* that have registered with the WINS server. Now do a node status request
* to each one and look for the first 1b name in the reply. This will be
* the workgroup name that we will add to the unicast subnet as a 'non-local'
* workgroup.
*/
struct nmb_name nmbname;
struct in_addr send_ip;
int i;
if( DEBUGLVL( 5 ) )
{
dbgtext( "find_all_domain_master_names_query_succes:\n" );
dbgtext( "Got answer from WINS server of %d ", (rrec->rdlength / 6) );
dbgtext( "IP addresses for Domain Master Browsers.\n" );
}
for(i = 0; i < rrec->rdlength / 6; i++)
{
/* Initiate the node status requests. */
make_nmb_name(&nmbname, "*", 0);
putip((char *)&send_ip, (char *)&rrec->rdata[(i*6) + 2]);
/*
* Don't send node status requests to ourself.
*/
if(ismyip( send_ip ))
{
if( DEBUGLVL( 5 ) )
{
dbgtext( "find_all_domain_master_names_query_succes:\n" );
dbgtext( "Not sending node status to our own IP " );
dbgtext( "%s.\n", inet_ntoa(send_ip) );
}
continue;
}
if( DEBUGLVL( 5 ) )
{
dbgtext( "find_all_domain_master_names_query_success:\n" );
dbgtext( "Sending node status request to IP %s.\n", inet_ntoa(send_ip) );
}
node_status( subrec, &nmbname, send_ip,
get_domain_master_name_node_status_success,
get_domain_master_name_node_status_fail,
NULL);
}
}
/****************************************************************************
make smb client connection
****************************************************************************/
static BOOL rpcclient_connect(struct client_info *info)
{
struct nmb_name calling;
struct nmb_name called;
make_nmb_name(&called , dns_to_netbios_name(info->dest_host ), info->name_type);
make_nmb_name(&calling, dns_to_netbios_name(info->myhostname), 0x0);
if (!cli_establish_connection(smb_cli,
info->dest_host, &info->dest_ip,
&calling, &called,
info->share, info->svc_type,
False, True))
{
DEBUG(0,("rpcclient_connect: connection failed\n"));
cli_shutdown(smb_cli);
return False;
}
return True;
}
void run_elections(time_t t)
{
static time_t lastime = 0;
struct subnet_record *subrec;
/* Send election packets once every 2 seconds - note */
if (lastime && (t - lastime < 2))
return;
lastime = t;
START_PROFILE(run_elections);
for (subrec = FIRST_SUBNET; subrec; subrec = NEXT_SUBNET_EXCLUDING_UNICAST(subrec))
{
struct work_record *work;
for (work = subrec->workgrouplist; work; work = work->next)
{
if (work->RunningElection)
{
/*
* We can only run an election for a workgroup if we have
* registered the WORKGROUP<1e> name, as that's the name
* we must listen to.
*/
struct nmb_name nmbname;
make_nmb_name(&nmbname, work->work_group, 0x1e);
if(find_name_on_subnet( subrec, &nmbname, FIND_SELF_NAME)==NULL) {
DEBUG(8,("run_elections: Cannot send election packet yet as name %s not \
yet registered on subnet %s\n", nmb_namestr(&nmbname), subrec->subnet_name ));
continue;
}
send_election_dgram(subrec, work->work_group, work->ElectionCriterion,
t - StartupTime, global_myname);
if (work->ElectionCount++ >= 4)
{
/* Won election (4 packets were sent out uncontested. */
DEBUG(2,("run_elections: >>> Won election for workgroup %s on subnet %s <<<\n",
work->work_group, subrec->subnet_name ));
work->RunningElection = False;
become_local_master_browser(subrec, work);
}
}
}
}
static struct node_status *lookup_byaddr_backend(char *addr, int *count)
{
int fd;
struct in_addr ip;
struct nmb_name nname;
struct node_status *status;
fd = wins_lookup_open_socket_in();
if (fd == -1)
return NULL;
make_nmb_name(&nname, "*", 0);
ip = *interpret_addr2(addr);
status = node_status_query(fd,&nname,ip, count, NULL);
close(fd);
return status;
}
static struct node_status *lookup_byaddr_backend(TALLOC_CTX *mem_ctx,
const char *addr, int *count)
{
struct sockaddr_storage ss;
struct nmb_name nname;
struct node_status *result;
NTSTATUS status;
make_nmb_name(&nname, "*", 0);
if (!interpret_string_addr(&ss, addr, AI_NUMERICHOST)) {
return NULL;
}
status = node_status_query(mem_ctx, &nname, &ss,
&result, count, NULL);
if (!NT_STATUS_IS_OK(status)) {
return NULL;
}
return result;
}
static bool do_node_status(const char *name,
int type,
struct sockaddr_storage *pss)
{
struct nmb_name nname;
int count, i, j;
struct node_status *addrs;
struct node_status_extra extra;
fstring cleanname;
char addr[INET6_ADDRSTRLEN];
NTSTATUS status;
print_sockaddr(addr, sizeof(addr), pss);
d_printf("Looking up status of %s\n",addr);
make_nmb_name(&nname, name, type);
status = node_status_query(talloc_tos(), &nname, pss,
&addrs, &count, &extra);
if (NT_STATUS_IS_OK(status)) {
for (i=0;i<count;i++) {
pull_ascii_fstring(cleanname, addrs[i].name);
for (j=0;cleanname[j];j++) {
if (!isprint((int)cleanname[j])) {
cleanname[j] = '.';
}
}
d_printf("\t%-15s <%02x> - %s\n",
cleanname,addrs[i].type,
node_status_flags(addrs[i].flags));
}
d_printf("\n\tMAC Address = %02X-%02X-%02X-%02X-%02X-%02X\n",
extra.mac_addr[0], extra.mac_addr[1],
extra.mac_addr[2], extra.mac_addr[3],
extra.mac_addr[4], extra.mac_addr[5]);
d_printf("\n");
TALLOC_FREE(addrs);
return true;
} else {
d_printf("No reply from %s\n\n",addr);
return false;
}
}
/****************************************************************************
If we are a domain master browser on the unicast subnet, do a query to the
WINS server for the *<1b> name. This will only work to a Samba WINS server,
so ignore it if we fail. If we succeed, contact each of the IP addresses in
turn and do a node status request to them. If this succeeds then look for a
<1b> name in the reply - this is the workgroup name. Add this to the unicast
subnet. This is expensive, so we only do this every 15 minutes.
**************************************************************************/
void collect_all_workgroup_names_from_wins_server(time_t t)
{
static time_t lastrun = 0;
struct work_record *work;
struct nmb_name nmbname;
/* Only do this if we are using a WINS server. */
if(we_are_a_wins_client() == False)
return;
/* Check to see if we are a domain master browser on the unicast subnet. */
if((work = find_workgroup_on_subnet( unicast_subnet, global_myworkgroup)) == NULL)
{
if( DEBUGLVL( 0 ) )
{
dbgtext( "collect_all_workgroup_names_from_wins_server:\n" );
dbgtext( "Cannot find my workgroup %s ", global_myworkgroup );
dbgtext( "on subnet %s.\n", unicast_subnet->subnet_name );
}
return;
}
if(!AM_DOMAIN_MASTER_BROWSER(work))
return;
if ((lastrun != 0) && (t < lastrun + (15 * 60)))
return;
lastrun = t;
make_nmb_name(&nmbname,"*",0x1b);
/* First, query for the *<1b> name from the WINS server. */
query_name(unicast_subnet, nmbname.name, nmbname.name_type,
find_all_domain_master_names_query_success,
find_all_domain_master_names_query_fail,
NULL);
}
static void do_node_status(int fd,
const char *name,
int type,
struct sockaddr_storage *pss)
{
struct nmb_name nname;
int count, i, j;
NODE_STATUS_STRUCT *status;
struct node_status_extra extra;
fstring cleanname;
char addr[INET6_ADDRSTRLEN];
print_sockaddr(addr, sizeof(addr), pss);
d_printf("Looking up status of %s\n",addr);
make_nmb_name(&nname, name, type);
status = node_status_query(fd, &nname, pss, &count, &extra);
if (status) {
for (i=0;i<count;i++) {
pull_ascii_fstring(cleanname, status[i].name);
for (j=0;cleanname[j];j++) {
if (!isprint((int)cleanname[j])) {
cleanname[j] = '.';
}
}
d_printf("\t%-15s <%02x> - %s\n",
cleanname,status[i].type,
node_status_flags(status[i].flags));
}
d_printf("\n\tMAC Address = %02X-%02X-%02X-%02X-%02X-%02X\n",
extra.mac_addr[0], extra.mac_addr[1],
extra.mac_addr[2], extra.mac_addr[3],
extra.mac_addr[4], extra.mac_addr[5]);
d_printf("\n");
SAFE_FREE(status);
} else {
d_printf("No reply from %s\n\n",addr);
}
}
/****************************************************************************
do a node status query
****************************************************************************/
static void do_node_status(int fd, char *name, int type, struct in_addr ip)
{
struct nmb_name nname;
int count, i, j;
struct node_status *status;
fstring cleanname;
printf("Looking up status of %s\n",inet_ntoa(ip));
make_nmb_name(&nname, name, type);
status = node_status_query(fd,&nname,ip, &count);
if (status) {
for (i=0;i<count;i++) {
fstrcpy(cleanname, status[i].name);
for (j=0;cleanname[j];j++) {
if (!isprint((int)cleanname[j])) cleanname[j] = '.';
}
printf("\t%-15s <%02x> - %s\n",
cleanname,status[i].type,
node_status_flags(status[i].flags));
}
SAFE_FREE(status);
}
printf("\n");
}
void register_name(struct subnet_record *subrec,
const char *name, int type, uint16_t nb_flags,
register_name_success_function success_fn,
register_name_fail_function fail_fn,
struct userdata_struct *userdata)
{
struct nmb_name nmbname;
nstring nname;
size_t converted_size;
errno = 0;
converted_size = push_ascii_nstring(nname, name);
if (converted_size != (size_t)-1) {
/* Success. */
make_nmb_name(&nmbname, name, type);
} else if (errno == E2BIG) {
/*
* Name converted to CH_DOS is too large.
* try to truncate.
*/
char *converted_str_dos = NULL;
char *converted_str_unix = NULL;
bool ok;
converted_size = 0;
ok = convert_string_talloc(talloc_tos(),
CH_UNIX,
CH_DOS,
name,
strlen(name)+1,
&converted_str_dos,
&converted_size);
if (!ok) {
DEBUG(0,("register_name: NetBIOS name %s cannot be "
"converted. Failing to register name.\n",
name));
return;
}
/*
* As it's now CH_DOS codepage
* we truncate by writing '\0' at
* MAX_NETBIOSNAME_LEN-1 and then
* convert back to CH_UNIX which we
* need for the make_nmb_name() call.
*/
if (converted_size >= MAX_NETBIOSNAME_LEN) {
converted_str_dos[MAX_NETBIOSNAME_LEN-1] = '\0';
}
ok = convert_string_talloc(talloc_tos(),
CH_DOS,
CH_UNIX,
converted_str_dos,
strlen(converted_str_dos)+1,
&converted_str_unix,
&converted_size);
if (!ok) {
DEBUG(0,("register_name: NetBIOS name %s cannot be "
"converted back to CH_UNIX. "
"Failing to register name.\n",
converted_str_dos));
TALLOC_FREE(converted_str_dos);
return;
}
make_nmb_name(&nmbname, converted_str_unix, type);
TALLOC_FREE(converted_str_dos);
TALLOC_FREE(converted_str_unix);
} else {
/*
* Generic conversion error. Fail to register.
*/
DEBUG(0,("register_name: NetBIOS name %s cannot be "
"converted (%s). Failing to register name.\n",
name, strerror(errno)));
return;
}
/* Always set the NB_ACTIVE flag on the name we are
registering. Doesn't make sense without it.
*/
nb_flags |= NB_ACTIVE;
if (subrec == unicast_subnet) {
/* we now always do multi-homed registration if we are
registering to a WINS server. This copes much
better with complex WINS setups */
multihomed_register_name(&nmbname, nb_flags,
success_fn, fail_fn);
return;
}
if (queue_register_name(subrec,
register_name_response,
register_name_timeout_response,
success_fn,
fail_fn,
userdata,
&nmbname,
nb_flags) == NULL) {
DEBUG(0,("register_name: Failed to send packet trying to register name %s\n",
nmb_namestr(&nmbname)));
}
}
static void domain_master_node_status_success(struct subnet_record *subrec,
struct userdata_struct *userdata,
struct res_rec *answers,
struct in_addr from_ip)
{
struct work_record *work = find_workgroup_on_subnet( subrec, userdata->data);
if( work == NULL )
{
if( DEBUGLVL( 0 ) )
{
dbgtext( "domain_master_node_status_success:\n" );
dbgtext( "Unable to find workgroup " );
dbgtext( "%s on subnet %s.\n", userdata->data, subrec->subnet_name );
}
return;
}
if( DEBUGLVL( 3 ) )
{
dbgtext( "domain_master_node_status_success:\n" );
dbgtext( "Success in node status for workgroup " );
dbgtext( "%s from ip %s\n", work->work_group, inet_ntoa(from_ip) );
}
/* Go through the list of names found at answers->rdata and look for
the first SERVER<0x20> name. */
if(answers->rdata != NULL)
{
char *p = answers->rdata;
int numnames = CVAL(p, 0);
p += 1;
while (numnames--)
{
char qname[17];
uint16 nb_flags;
int name_type;
StrnCpy(qname,p,15);
name_type = CVAL(p,15);
nb_flags = get_nb_flags(&p[16]);
trim_string(qname,NULL," ");
p += 18;
if(!(nb_flags & NB_GROUP) && (name_type == 0x20))
{
struct nmb_name nmbname;
make_nmb_name(&nmbname, qname, name_type);
/* Copy the dmb name and IP address
into the workgroup struct. */
work->dmb_name = nmbname;
putip((char *)&work->dmb_addr, &from_ip);
/* Do the local master browser announcement to the domain
master browser name and IP. */
announce_local_master_browser_to_domain_master_browser( work );
/* Now synchronise lists with the domain master browser. */
sync_with_dmb(work);
break;
}
}
}
else
if( DEBUGLVL( 0 ) )
{
dbgtext( "domain_master_node_status_success:\n" );
dbgtext( "Failed to find a SERVER<0x20> name in reply from IP " );
dbgtext( "%s.\n", inet_ntoa(from_ip) );
}
}
static void find_domain_master_name_query_success(struct subnet_record *subrec,
struct userdata_struct *userdata_in,
struct nmb_name *q_name, struct in_addr answer_ip, struct res_rec *rrec)
{
/*
* Unfortunately, finding the IP address of the Domain Master Browser,
* as we have here, is not enough. We need to now do a sync to the
* SERVERNAME<0x20> NetBIOS name, as only recent NT servers will
* respond to the SMBSERVER name. To get this name from IP
* address we do a Node status request, and look for the first
* NAME<0x20> in the response, and take that as the server name.
* We also keep a cache of the Domain Master Browser name for this
* workgroup in the Workgroup struct, so that if the same IP addess
* is returned every time, we don't need to do the node status
* request.
*/
struct work_record *work;
struct nmb_name nmbname;
struct userdata_struct *userdata;
int size = sizeof(struct userdata_struct) + sizeof(fstring)+1;
if( !(work = find_workgroup_on_subnet(subrec, q_name->name)) )
{
if( DEBUGLVL( 0 ) )
{
dbgtext( "find_domain_master_name_query_success:\n" );
dbgtext( "Failed to find workgroup %s\n", q_name->name );
}
return;
}
/* First check if we already have a dmb for this workgroup. */
if(!is_zero_ip(work->dmb_addr) && ip_equal(work->dmb_addr, answer_ip))
{
/* Do the local master browser announcement to the domain
master browser name and IP. */
announce_local_master_browser_to_domain_master_browser( work );
/* Now synchronise lists with the domain master browser. */
sync_with_dmb(work);
return;
}
else
zero_ip(&work->dmb_addr);
/* Now initiate the node status request. */
make_nmb_name(&nmbname,"*",0x0);
/* Put the workgroup name into the userdata so we know
what workgroup we're talking to when the reply comes
back. */
/* Setup the userdata_struct - this is copied so we can use
a stack variable for this. */
if((userdata = (struct userdata_struct *)malloc(size)) == NULL)
{
DEBUG(0, ("find_domain_master_name_query_success: malloc fail.\n"));
return;
}
userdata->copy_fn = NULL;
userdata->free_fn = NULL;
userdata->userdata_len = strlen(work->work_group)+1;
pstrcpy(userdata->data, work->work_group);
node_status( subrec, &nmbname, answer_ip,
domain_master_node_status_success,
domain_master_node_status_fail,
userdata);
zero_free(userdata, size);
}
/*****************************************************
return a connection to a server (existing or new)
*******************************************************/
struct smbw_server *smbw_server(char *server, char *share)
{
struct smbw_server *srv=NULL;
struct cli_state c;
char *username;
char *password;
char *workgroup;
struct nmb_name called, calling;
char *p, *server_n = server;
fstring group;
pstring ipenv;
struct in_addr ip;
zero_ip(&ip);
ZERO_STRUCT(c);
get_auth_data_fn(server, share, &workgroup, &username, &password);
/* try to use an existing connection */
for (srv=smbw_srvs;srv;srv=srv->next) {
if (strcmp(server,srv->server_name)==0 &&
strcmp(share,srv->share_name)==0 &&
strcmp(workgroup,srv->workgroup)==0 &&
strcmp(username, srv->username) == 0)
return srv;
}
if (server[0] == 0) {
errno = EPERM;
return NULL;
}
make_nmb_name(&calling, global_myname, 0x0);
make_nmb_name(&called , server, 0x20);
DEBUG(4,("server_n=[%s] server=[%s]\n", server_n, server));
if ((p=strchr(server_n,'#')) &&
(strcmp(p+1,"1D")==0 || strcmp(p+1,"01")==0)) {
struct in_addr sip;
pstring s;
fstrcpy(group, server_n);
p = strchr(group,'#');
*p = 0;
/* cache the workgroup master lookup */
slprintf(s,sizeof(s)-1,"MASTER_%s", group);
if (!(server_n = smbw_getshared(s))) {
if (!find_master_ip(group, &sip)) {
errno = ENOENT;
return NULL;
}
fstrcpy(group, inet_ntoa(sip));
server_n = group;
smbw_setshared(s,server_n);
}
}
DEBUG(4,(" -> server_n=[%s] server=[%s]\n", server_n, server));
again:
slprintf(ipenv,sizeof(ipenv)-1,"HOST_%s", server_n);
zero_ip(&ip);
if ((p=smbw_getshared(ipenv))) {
ip = *(interpret_addr2(p));
}
/* have to open a new connection */
if (!cli_initialise(&c) || !cli_connect(&c, server_n, &ip)) {
errno = ENOENT;
return NULL;
}
if (!cli_session_request(&c, &calling, &called)) {
cli_shutdown(&c);
if (strcmp(called.name, "*SMBSERVER")) {
make_nmb_name(&called , "*SMBSERVER", 0x20);
goto again;
}
errno = ENOENT;
return NULL;
}
DEBUG(4,(" session request ok\n"));
if (!cli_negprot(&c)) {
cli_shutdown(&c);
errno = ENOENT;
return NULL;
}
if (!cli_session_setup(&c, username,
password, strlen(password),
password, strlen(password),
workgroup) &&
/* try an anonymous login if it failed */
!cli_session_setup(&c, "", "", 1,"", 0, workgroup)) {
cli_shutdown(&c);
errno = EPERM;
return NULL;
}
DEBUG(4,(" session setup ok\n"));
if (!cli_send_tconX(&c, share, "?????",
password, strlen(password)+1)) {
errno = smbw_errno(&c);
cli_shutdown(&c);
return NULL;
}
smbw_setshared(ipenv,inet_ntoa(ip));
DEBUG(4,(" tconx ok\n"));
srv = (struct smbw_server *)malloc(sizeof(*srv));
if (!srv) {
errno = ENOMEM;
goto failed;
}
ZERO_STRUCTP(srv);
srv->cli = c;
srv->dev = (dev_t)(str_checksum(server) ^ str_checksum(share));
srv->server_name = strdup(server);
if (!srv->server_name) {
errno = ENOMEM;
goto failed;
}
srv->share_name = strdup(share);
if (!srv->share_name) {
errno = ENOMEM;
goto failed;
}
srv->workgroup = strdup(workgroup);
if (!srv->workgroup) {
errno = ENOMEM;
goto failed;
}
srv->username = strdup(username);
if (!srv->username) {
errno = ENOMEM;
goto failed;
}
/* some programs play with file descriptors fairly intimately. We
try to get out of the way by duping to a high fd number */
if (fcntl(SMBW_CLI_FD + srv->cli.fd, F_GETFD) && errno == EBADF) {
if (dup2(srv->cli.fd,SMBW_CLI_FD+srv->cli.fd) ==
srv->cli.fd+SMBW_CLI_FD) {
close(srv->cli.fd);
srv->cli.fd += SMBW_CLI_FD;
}
}
DLIST_ADD(smbw_srvs, srv);
return srv;
failed:
cli_shutdown(&c);
if (!srv) return NULL;
SAFE_FREE(srv->server_name);
SAFE_FREE(srv->share_name);
SAFE_FREE(srv);
return NULL;
}
static bool cli_prep_mailslot(bool unique, const char *mailslot,
uint16_t priority,
char *buf, int len,
const char *srcname, int src_type,
const char *dstname, int dest_type,
const struct sockaddr_storage *dest_ss,
int dgm_id,
struct packet_struct *p)
{
struct dgram_packet *dgram = &p->packet.dgram;
char *ptr, *p2;
char tmp[4];
char addr[INET6_ADDRSTRLEN];
ZERO_STRUCTP(p);
/*
* Next, build the DGRAM ...
*/
/* DIRECT GROUP or UNIQUE datagram. */
dgram->header.msg_type = unique ? 0x10 : 0x11;
dgram->header.flags.node_type = M_NODE;
dgram->header.flags.first = True;
dgram->header.flags.more = False;
dgram->header.dgm_id = dgm_id;
/* source ip is filled by nmbd */
dgram->header.dgm_length = 0; /* Let build_dgram() handle this. */
dgram->header.packet_offset = 0;
make_nmb_name(&dgram->source_name,srcname,src_type);
make_nmb_name(&dgram->dest_name,dstname,dest_type);
ptr = &dgram->data[0];
/* Setup the smb part. */
ptr -= 4; /* XXX Ugliness because of handling of tcp SMB length. */
memcpy(tmp,ptr,4);
if (smb_size + 17*2 + strlen(mailslot) + 1 + len > MAX_DGRAM_SIZE) {
DEBUG(0, ("cli_send_mailslot: Cannot write beyond end of packet\n"));
return False;
}
cli_set_message(ptr,17,strlen(mailslot) + 1 + len,True);
memcpy(ptr,tmp,4);
SCVAL(ptr,smb_com,SMBtrans);
SSVAL(ptr,smb_vwv1,len);
SSVAL(ptr,smb_vwv11,len);
SSVAL(ptr,smb_vwv12,70 + strlen(mailslot));
SSVAL(ptr,smb_vwv13,3);
SSVAL(ptr,smb_vwv14,1);
SSVAL(ptr,smb_vwv15,priority);
SSVAL(ptr,smb_vwv16,2);
p2 = smb_buf(ptr);
fstrcpy(p2,mailslot);
p2 = skip_string(ptr,MAX_DGRAM_SIZE,p2);
if (!p2) {
return False;
}
memcpy(p2,buf,len);
p2 += len;
dgram->datasize = PTR_DIFF(p2,ptr+4); /* +4 for tcp length. */
p->packet_type = DGRAM_PACKET;
p->ip = ((const struct sockaddr_in *)dest_ss)->sin_addr;
p->timestamp = time(NULL);
DEBUG(4,("send_mailslot: Sending to mailslot %s from %s ",
mailslot, nmb_namestr(&dgram->source_name)));
print_sockaddr(addr, sizeof(addr), dest_ss);
DEBUGADD(4,("to %s IP %s\n", nmb_namestr(&dgram->dest_name), addr));
return true;
}
static void sync_child(char *name, int nm_type,
char *workgroup,
struct in_addr ip, bool local, bool servers,
char *fname)
{
fstring unix_workgroup;
struct cli_state *cli;
uint32 local_type = local ? SV_TYPE_LOCAL_LIST_ONLY : 0;
struct nmb_name called, calling;
struct sockaddr_storage ss;
NTSTATUS status;
/* W2K DMB's return empty browse lists on port 445. Use 139.
* Patch from Andy Levine [email protected].
*/
cli = cli_initialise();
if (!cli) {
return;
}
cli_set_port(cli, 139);
in_addr_to_sockaddr_storage(&ss, ip);
status = cli_connect(cli, name, &ss);
if (!NT_STATUS_IS_OK(status)) {
cli_shutdown(cli);
return;
}
make_nmb_name(&calling, get_local_machine_name(), 0x0);
make_nmb_name(&called , name, nm_type);
if (!cli_session_request(cli, &calling, &called)) {
cli_shutdown(cli);
return;
}
status = cli_negprot(cli);
if (!NT_STATUS_IS_OK(status)) {
cli_shutdown(cli);
return;
}
if (!NT_STATUS_IS_OK(cli_session_setup(cli, "", "", 1, "", 0,
workgroup))) {
cli_shutdown(cli);
return;
}
if (!NT_STATUS_IS_OK(cli_tcon_andx(cli, "IPC$", "IPC", "", 1))) {
cli_shutdown(cli);
return;
}
/* All the cli_XX functions take UNIX character set. */
fstrcpy(unix_workgroup, cli->server_domain ? cli->server_domain : workgroup);
/* Fetch a workgroup list. */
cli_NetServerEnum(cli, unix_workgroup,
local_type|SV_TYPE_DOMAIN_ENUM,
callback, NULL);
/* Now fetch a server list. */
if (servers) {
fstrcpy(unix_workgroup, workgroup);
cli_NetServerEnum(cli, unix_workgroup,
local?SV_TYPE_LOCAL_LIST_ONLY:SV_TYPE_ALL,
callback, NULL);
}
cli_shutdown(cli);
}
static struct cli_state *do_connect( const char *server, const char *share,
BOOL show_sessetup )
{
struct cli_state *c = NULL;
struct nmb_name called, calling;
const char *server_n;
struct in_addr ip;
pstring servicename;
char *sharename;
fstring newserver, newshare;
NTSTATUS status;
/* make a copy so we don't modify the global string 'service' */
pstrcpy(servicename, share);
sharename = servicename;
if (*sharename == '\\') {
server = sharename+2;
sharename = strchr_m(server,'\\');
if (!sharename) return NULL;
*sharename = 0;
sharename++;
}
server_n = server;
zero_ip(&ip);
make_nmb_name(&calling, global_myname(), 0x0);
make_nmb_name(&called , server, name_type);
again:
zero_ip(&ip);
if (have_ip)
ip = dest_ip;
/* have to open a new connection */
if (!(c=cli_initialise()) || (cli_set_port(c, port) != port)) {
d_printf("Connection to %s failed\n", server_n);
return NULL;
}
status = cli_connect(c, server_n, &ip);
if (!NT_STATUS_IS_OK(status)) {
d_printf("Connection to %s failed (Error %s)\n", server_n, nt_errstr(status));
return NULL;
}
c->protocol = max_protocol;
c->use_kerberos = use_kerberos;
cli_setup_signing_state(c, signing_state);
if (!cli_session_request(c, &calling, &called, NULL)) {
char *p;
d_printf("session request to %s failed (%s)\n",
called.name, cli_errstr(c));
cli_shutdown(c);
c = NULL;
if ((p=strchr_m(called.name, '.'))) {
*p = 0;
goto again;
}
if (strcmp(called.name, "*SMBSERVER")) {
make_nmb_name(&called , "*SMBSERVER", 0x20);
goto again;
}
return NULL;
}
DEBUG(4,(" session request ok\n"));
if (!cli_negprot(c)) {
d_printf("protocol negotiation failed\n");
cli_shutdown(c);
return NULL;
}
if (!got_pass) {
char *pass = getpass("Password: "******"", "", 0, "", 0,
lp_workgroup()))) {
d_printf("session setup failed: %s\n", cli_errstr(c));
if (NT_STATUS_V(cli_nt_error(c)) ==
NT_STATUS_V(NT_STATUS_MORE_PROCESSING_REQUIRED))
d_printf("did you forget to run kinit?\n");
cli_shutdown(c);
return NULL;
}
d_printf("Anonymous login successful\n");
}
if ( show_sessetup ) {
if (*c->server_domain) {
DEBUG(0,("Domain=[%s] OS=[%s] Server=[%s]\n",
c->server_domain,c->server_os,c->server_type));
} else if (*c->server_os || *c->server_type){
DEBUG(0,("OS=[%s] Server=[%s]\n",
c->server_os,c->server_type));
}
}
DEBUG(4,(" session setup ok\n"));
/* here's the fun part....to support 'msdfs proxy' shares
(on Samba or windows) we have to issues a TRANS_GET_DFS_REFERRAL
here before trying to connect to the original share.
check_dfs_proxy() will fail if it is a normal share. */
if ( (c->capabilities & CAP_DFS) && cli_check_msdfs_proxy( c, sharename, newserver, newshare ) ) {
cli_shutdown(c);
return do_connect( newserver, newshare, False );
}
/* must be a normal share */
if (!cli_send_tconX(c, sharename, "?????", password, strlen(password)+1)) {
d_printf("tree connect failed: %s\n", cli_errstr(c));
cli_shutdown(c);
return NULL;
}
DEBUG(4,(" tconx ok\n"));
return c;
}
NTSTATUS cli_full_connection(struct cli_state **output_cli,
const char *my_name, const char *dest_host,
struct in_addr *dest_ip, int port,
const char *service, const char *service_type,
const char *user, const char *domain,
const char *password, int pass_len)
{
struct ntuser_creds creds;
NTSTATUS nt_status;
struct nmb_name calling;
struct nmb_name called;
struct cli_state *cli;
struct in_addr ip;
if (!output_cli)
DEBUG(0, ("output_cli is NULL!?!"));
*output_cli = NULL;
make_nmb_name(&calling, my_name, 0x0);
make_nmb_name(&called , dest_host, 0x20);
again:
if (!(cli = cli_initialise(NULL)))
return NT_STATUS_NO_MEMORY;
if (cli_set_port(cli, port) != port) {
cli_shutdown(cli);
return NT_STATUS_UNSUCCESSFUL;
}
ip = *dest_ip;
DEBUG(3,("Connecting to host=%s share=%s\n", dest_host, service));
if (!cli_connect(cli, dest_host, &ip)) {
DEBUG(1,("cli_establish_connection: failed to connect to %s (%s)\n",
nmb_namestr(&called), inet_ntoa(*dest_ip)));
cli_shutdown(cli);
return NT_STATUS_UNSUCCESSFUL;
}
if (!cli_session_request(cli, &calling, &called)) {
char *p;
DEBUG(1,("session request to %s failed (%s)\n",
called.name, cli_errstr(cli)));
cli_shutdown(cli);
if ((p=strchr(called.name, '.')) && !is_ipaddress(called.name)) {
*p = 0;
goto again;
}
if (strcmp(called.name, "*SMBSERVER")) {
make_nmb_name(&called , "*SMBSERVER", 0x20);
goto again;
}
return NT_STATUS_UNSUCCESSFUL;
}
if (!cli_negprot(cli)) {
DEBUG(1,("failed negprot\n"));
nt_status = NT_STATUS_UNSUCCESSFUL;
cli_shutdown(cli);
return nt_status;
}
if (!cli_session_setup(cli, user, password, pass_len, password, pass_len,
domain)) {
DEBUG(1,("failed session setup\n"));
nt_status = cli_nt_error(cli);
cli_shutdown(cli);
if (NT_STATUS_IS_OK(nt_status))
nt_status = NT_STATUS_UNSUCCESSFUL;
return nt_status;
}
if (service) {
if (!cli_send_tconX(cli, service, service_type,
password, pass_len)) {
DEBUG(1,("failed tcon_X\n"));
nt_status = cli_nt_error(cli);
cli_shutdown(cli);
if (NT_STATUS_IS_OK(nt_status))
nt_status = NT_STATUS_UNSUCCESSFUL;
return nt_status;
}
}
init_creds(&creds, user, domain, password, pass_len);
cli_init_creds(cli, &creds);
*output_cli = cli;
return NT_STATUS_OK;
}
static void get_domain_master_name_node_status_success(struct subnet_record *subrec,
struct userdata_struct *userdata,
struct res_rec *answers,
struct in_addr from_ip)
{
struct work_record *work;
fstring server_name;
server_name[0] = 0;
if( DEBUGLVL( 3 ) )
{
dbgtext( "get_domain_master_name_node_status_success:\n" );
dbgtext( "Success in node status from ip %s\n", inet_ntoa(from_ip) );
}
/*
* Go through the list of names found at answers->rdata and look for
* the first WORKGROUP<0x1b> name.
*/
if(answers->rdata != NULL)
{
char *p = answers->rdata;
int numnames = CVAL(p, 0);
p += 1;
while (numnames--)
{
char qname[17];
uint16 nb_flags;
int name_type;
StrnCpy(qname,p,15);
name_type = CVAL(p,15);
nb_flags = get_nb_flags(&p[16]);
trim_string(qname,NULL," ");
p += 18;
if(!(nb_flags & NB_GROUP) && (name_type == 0x00) &&
server_name[0] == 0) {
/* this is almost certainly the server netbios name */
fstrcpy(server_name, qname);
continue;
}
if(!(nb_flags & NB_GROUP) && (name_type == 0x1b))
{
if( DEBUGLVL( 5 ) )
{
dbgtext( "get_domain_master_name_node_status_success:\n" );
dbgtext( "%s(%s) ", server_name, inet_ntoa(from_ip) );
dbgtext( "is a domain master browser for workgroup " );
dbgtext( "%s. Adding this name.\n", qname );
}
/*
* If we don't already know about this workgroup, add it
* to the workgroup list on the unicast_subnet.
*/
if((work = find_workgroup_on_subnet( subrec, qname)) == NULL)
{
struct nmb_name nmbname;
/*
* Add it - with an hour in the cache.
*/
if(!(work= create_workgroup_on_subnet(subrec, qname, 60*60)))
return;
/* remember who the master is */
fstrcpy(work->local_master_browser_name, server_name);
make_nmb_name(&nmbname, server_name, 0x20);
work->dmb_name = nmbname;
work->dmb_addr = from_ip;
}
break;
}
}
}
else
if( DEBUGLVL( 0 ) )
{
dbgtext( "get_domain_master_name_node_status_success:\n" );
dbgtext( "Failed to find a WORKGROUP<0x1b> name in reply from IP " );
dbgtext( "%s.\n", inet_ntoa(from_ip) );
}
}
bool cli_send_mailslot(struct messaging_context *msg_ctx,
bool unique, const char *mailslot,
uint16 priority,
char *buf, int len,
const char *srcname, int src_type,
const char *dstname, int dest_type,
const struct sockaddr_storage *dest_ss)
{
struct packet_struct p;
struct dgram_packet *dgram = &p.packet.dgram;
char *ptr, *p2;
char tmp[4];
pid_t nmbd_pid;
char addr[INET6_ADDRSTRLEN];
if ((nmbd_pid = pidfile_pid("nmbd")) == 0) {
DEBUG(3, ("No nmbd found\n"));
return False;
}
if (dest_ss->ss_family != AF_INET) {
DEBUG(3, ("cli_send_mailslot: can't send to IPv6 address.\n"));
return false;
}
memset((char *)&p, '\0', sizeof(p));
/*
* Next, build the DGRAM ...
*/
/* DIRECT GROUP or UNIQUE datagram. */
dgram->header.msg_type = unique ? 0x10 : 0x11;
dgram->header.flags.node_type = M_NODE;
dgram->header.flags.first = True;
dgram->header.flags.more = False;
dgram->header.dgm_id = ((unsigned)time(NULL)%(unsigned)0x7FFF) +
((unsigned)sys_getpid()%(unsigned)100);
/* source ip is filled by nmbd */
dgram->header.dgm_length = 0; /* Let build_dgram() handle this. */
dgram->header.packet_offset = 0;
make_nmb_name(&dgram->source_name,srcname,src_type);
make_nmb_name(&dgram->dest_name,dstname,dest_type);
ptr = &dgram->data[0];
/* Setup the smb part. */
ptr -= 4; /* XXX Ugliness because of handling of tcp SMB length. */
memcpy(tmp,ptr,4);
if (smb_size + 17*2 + strlen(mailslot) + 1 + len > MAX_DGRAM_SIZE) {
DEBUG(0, ("cli_send_mailslot: Cannot write beyond end of packet\n"));
return False;
}
cli_set_message(ptr,17,strlen(mailslot) + 1 + len,True);
memcpy(ptr,tmp,4);
SCVAL(ptr,smb_com,SMBtrans);
SSVAL(ptr,smb_vwv1,len);
SSVAL(ptr,smb_vwv11,len);
SSVAL(ptr,smb_vwv12,70 + strlen(mailslot));
SSVAL(ptr,smb_vwv13,3);
SSVAL(ptr,smb_vwv14,1);
SSVAL(ptr,smb_vwv15,priority);
SSVAL(ptr,smb_vwv16,2);
p2 = smb_buf(ptr);
fstrcpy(p2,mailslot);
p2 = skip_string(ptr,MAX_DGRAM_SIZE,p2);
if (!p2) {
return False;
}
memcpy(p2,buf,len);
p2 += len;
dgram->datasize = PTR_DIFF(p2,ptr+4); /* +4 for tcp length. */
p.packet_type = DGRAM_PACKET;
p.ip = ((const struct sockaddr_in *)dest_ss)->sin_addr;
p.timestamp = time(NULL);
DEBUG(4,("send_mailslot: Sending to mailslot %s from %s ",
mailslot, nmb_namestr(&dgram->source_name)));
print_sockaddr(addr, sizeof(addr), dest_ss);
DEBUGADD(4,("to %s IP %s\n", nmb_namestr(&dgram->dest_name), addr));
return NT_STATUS_IS_OK(messaging_send_buf(msg_ctx,
pid_to_procid(nmbd_pid),
MSG_SEND_PACKET,
(uint8 *)&p, sizeof(p)));
}
static struct cli_state *do_connect( const char *server, const char *share,
BOOL show_sessetup )
{
struct cli_state *c;
struct nmb_name called, calling;
const char *server_n;
struct in_addr ip;
pstring servicename;
char *sharename;
/* make a copy so we don't modify the global string 'service' */
pstrcpy(servicename, share);
sharename = servicename;
if (*sharename == '\\') {
server = sharename+2;
sharename = strchr_m(server,'\\');
if (!sharename) return NULL;
*sharename = 0;
sharename++;
}
server_n = server;
zero_ip(&ip);
make_nmb_name(&calling, global_myname(), 0x0);
make_nmb_name(&called , server, name_type);
again:
zero_ip(&ip);
if (have_ip)
ip = dest_ip;
/* have to open a new connection */
if (!(c=cli_initialise(NULL)) || (cli_set_port(c, port) != port) ||
!cli_connect(c, server_n, &ip)) {
d_printf("Connection to %s failed\n", server_n);
return NULL;
}
c->protocol = max_protocol;
c->use_kerberos = use_kerberos;
cli_setup_signing_state(c, signing_state);
if (!cli_session_request(c, &calling, &called)) {
char *p;
d_printf("session request to %s failed (%s)\n",
called.name, cli_errstr(c));
cli_shutdown(c);
if ((p=strchr_m(called.name, '.'))) {
*p = 0;
goto again;
}
if (strcmp(called.name, "*SMBSERVER")) {
make_nmb_name(&called , "*SMBSERVER", 0x20);
goto again;
}
return NULL;
}
DEBUG(4,(" session request ok\n"));
if (!cli_negprot(c)) {
d_printf("protocol negotiation failed\n");
cli_shutdown(c);
return NULL;
}
if (!got_pass) {
char *pass = getpass("Password: "******"", "", 0, "", 0, lp_workgroup())) {
d_printf("session setup failed: %s\n", cli_errstr(c));
if (NT_STATUS_V(cli_nt_error(c)) ==
NT_STATUS_V(NT_STATUS_MORE_PROCESSING_REQUIRED))
d_printf("did you forget to run kinit?\n");
cli_shutdown(c);
return NULL;
}
d_printf("Anonymous login successful\n");
}
if ( show_sessetup ) {
if (*c->server_domain) {
DEBUG(0,("Domain=[%s] OS=[%s] Server=[%s]\n",
c->server_domain,c->server_os,c->server_type));
} else if (*c->server_os || *c->server_type){
DEBUG(0,("OS=[%s] Server=[%s]\n",
c->server_os,c->server_type));
}
}
DEBUG(4,(" session setup ok\n"));
if (!cli_send_tconX(c, sharename, "?????",
password, strlen(password)+1)) {
d_printf("tree connect failed: %s\n", cli_errstr(c));
cli_shutdown(c);
return NULL;
}
DEBUG(4,(" tconx ok\n"));
return c;
}
int vscan_send_warning_message(const char *filename, const char *virname, const char *ipaddr) {
struct in_addr ip;
struct sockaddr_storage ss;
struct nmb_name called, calling;
pstring myname;
pstring message;
pstring shortfilename;
char* lastslash;
static pstring lastfile;
static pstring lastip;
#if SAMBA_VERSION_MAJOR==3
fstrcpy(remote_machine, get_remote_machine_name());
DEBUG(5, ("remote machine is: %s\n", remote_machine));
#endif
/* Only notify once for a given virus/ip combo - otherwise the
* scanner will go crazy reaccessing the file and sending
* messages once the user hits the "okay" button */
if (strncmp(lastfile,filename,sizeof(pstring)) == 0) {
if (strncmp(lastip,ipaddr,sizeof(pstring)) == 0) {
DEBUG(5,("Both IP and Filename are the same, not notifying\n"));
return 0;
}
}
ZERO_ARRAY(lastfile);
ZERO_ARRAY(lastip);
pstrcpy(lastfile,filename);
pstrcpy(lastip,ipaddr);
ZERO_ARRAY(myname);
pstrcpy(myname,myhostname());
ZERO_ARRAY(username);
/* could make this configurable */
snprintf(username,sizeof(pstring)-1,"%s VIRUS SCANNER",myname);
/* We need to get the real ip structure from the ip string
* is this info already available somewhere else in samba? */
zero_ip_v4(&ip);
if (inet_aton(ipaddr,&ip) == 0) {
DEBUG(5,("Cannot resolve ip address %s\n", ipaddr));
return 1;
}
in_addr_to_sockaddr_storage(&ss, ip);
make_nmb_name(&calling, myname, 0x0);
make_nmb_name(&called , remote_machine, name_type);
if (!(cli=cli_initialise())) {
DEBUG(5,("Connection to %s failed\n", remote_machine));
return 1;
}
cli_set_port(cli, port);
if (!NT_STATUS_IS_OK(cli_connect(cli, remote_machine, &ss))) {
DEBUG(5,("Connection to %s failed\n", remote_machine));
return 1;
}
if (!cli_session_request(cli, &calling, &called)) {
DEBUG(5,("session request failed\n"));
cli_shutdown(cli);
return 1;
}
ZERO_ARRAY(shortfilename);
/* we don't want the entire filename, otherwise the message service may choke
* so we chop off the path up to the very last forward-slash
* assumption: unix-style pathnames in filename (don't know if there's a
* portable file-separator variable... */
lastslash = strrchr(filename,'/');
if (lastslash != NULL && lastslash != filename) {
pstrcpy(shortfilename,lastslash+1);
} else {
pstrcpy(shortfilename,filename);
}
ZERO_ARRAY(message);
/* could make the message configurable and language specific? */
snprintf(message,sizeof(pstring)-1,
"%s IS INFECTED WITH VIRUS %s.\r\n\r\nAccess will be denied.\r\nPlease contact your system administrator",
shortfilename, virname);
/* actually send the message... */
send_message(message);
cli_shutdown(cli);
return 0;
}
NTSTATUS remote_password_change(const char *remote_machine, const char *user_name,
const char *old_passwd, const char *new_passwd,
char **err_str)
{
struct nmb_name calling, called;
struct cli_state *cli;
struct rpc_pipe_client *pipe_hnd;
struct sockaddr_storage ss;
NTSTATUS result;
bool pass_must_change = False;
*err_str = NULL;
if(!resolve_name( remote_machine, &ss, 0x20)) {
asprintf(err_str, "Unable to find an IP address for machine "
"%s.\n", remote_machine);
return NT_STATUS_UNSUCCESSFUL;
}
cli = cli_initialise();
if (!cli) {
return NT_STATUS_NO_MEMORY;
}
result = cli_connect(cli, remote_machine, &ss);
if (!NT_STATUS_IS_OK(result)) {
asprintf(err_str, "Unable to connect to SMB server on "
"machine %s. Error was : %s.\n",
remote_machine, nt_errstr(result));
cli_shutdown(cli);
return result;
}
make_nmb_name(&calling, global_myname() , 0x0);
make_nmb_name(&called , remote_machine, 0x20);
if (!cli_session_request(cli, &calling, &called)) {
asprintf(err_str, "machine %s rejected the session setup. "
"Error was : %s.\n",
remote_machine, cli_errstr(cli) );
result = cli_nt_error(cli);
cli_shutdown(cli);
return result;
}
cli->protocol = PROTOCOL_NT1;
if (!cli_negprot(cli)) {
asprintf(err_str, "machine %s rejected the negotiate "
"protocol. Error was : %s.\n",
remote_machine, cli_errstr(cli) );
result = cli_nt_error(cli);
cli_shutdown(cli);
return result;
}
/* Given things like SMB signing, restrict anonymous and the like,
try an authenticated connection first */
result = cli_session_setup(cli, user_name,
old_passwd, strlen(old_passwd)+1,
old_passwd, strlen(old_passwd)+1, "");
if (!NT_STATUS_IS_OK(result)) {
/* Password must change or Password expired are the only valid
* error conditions here from where we can proceed, the rest like
* account locked out or logon failure will lead to errors later
* anyway */
if (!NT_STATUS_EQUAL(result, NT_STATUS_PASSWORD_MUST_CHANGE) &&
!NT_STATUS_EQUAL(result, NT_STATUS_PASSWORD_EXPIRED)) {
asprintf(err_str, "Could not connect to machine %s: "
"%s\n", remote_machine, cli_errstr(cli));
cli_shutdown(cli);
return result;
}
pass_must_change = True;
/*
* We should connect as the anonymous user here, in case
* the server has "must change password" checked...
* Thanks to <*****@*****.**> for this fix.
*/
result = cli_session_setup(cli, "", "", 0, "", 0, "");
if (!NT_STATUS_IS_OK(result)) {
asprintf(err_str, "machine %s rejected the session "
"setup. Error was : %s.\n",
remote_machine, cli_errstr(cli) );
cli_shutdown(cli);
return result;
}
cli_init_creds(cli, "", "", NULL);
} else {
cli_init_creds(cli, user_name, "", old_passwd);
}
if (!cli_send_tconX(cli, "IPC$", "IPC", "", 1)) {
asprintf(err_str, "machine %s rejected the tconX on the IPC$ "
"share. Error was : %s.\n",
remote_machine, cli_errstr(cli) );
result = cli_nt_error(cli);
cli_shutdown(cli);
return result;
}
/* Try not to give the password away too easily */
if (!pass_must_change) {
pipe_hnd = cli_rpc_pipe_open_ntlmssp(cli,
PI_SAMR,
PIPE_AUTH_LEVEL_PRIVACY,
"", /* what domain... ? */
user_name,
old_passwd,
&result);
} else {
/*
* If the user password must be changed the ntlmssp bind will
* fail the same way as the session setup above did. The
* difference ist that with a pipe bind we don't get a good
* error message, the result will be that the rpc call below
* will just fail. So we do it anonymously, there's no other
* way.
*/
pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_SAMR, &result);
}
if (!pipe_hnd) {
if (lp_client_lanman_auth()) {
/* Use the old RAP method. */
if (!cli_oem_change_password(cli, user_name, new_passwd, old_passwd)) {
asprintf(err_str, "machine %s rejected the "
"password change: Error was : %s.\n",
remote_machine, cli_errstr(cli) );
result = cli_nt_error(cli);
cli_shutdown(cli);
return result;
}
} else {
asprintf(err_str, "SAMR connection to machine %s "
"failed. Error was %s, but LANMAN password "
"changed are disabled\n",
nt_errstr(result), remote_machine);
result = cli_nt_error(cli);
cli_shutdown(cli);
return result;
}
}
if (NT_STATUS_IS_OK(result = rpccli_samr_chgpasswd_user(pipe_hnd, pipe_hnd->mem_ctx, user_name,
new_passwd, old_passwd))) {
/* Great - it all worked! */
cli_shutdown(cli);
return NT_STATUS_OK;
} else if (!(NT_STATUS_EQUAL(result, NT_STATUS_ACCESS_DENIED)
|| NT_STATUS_EQUAL(result, NT_STATUS_UNSUCCESSFUL))) {
/* it failed, but for reasons such as wrong password, too short etc ... */
asprintf(err_str, "machine %s rejected the password change: "
"Error was : %s.\n",
remote_machine, get_friendly_nt_error_msg(result));
cli_shutdown(cli);
return result;
}
/* OK, that failed, so try again... */
cli_rpc_pipe_close(pipe_hnd);
/* Try anonymous NTLMSSP... */
cli_init_creds(cli, "", "", NULL);
result = NT_STATUS_UNSUCCESSFUL;
/* OK, this is ugly, but... try an anonymous pipe. */
pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_SAMR, &result);
if ( pipe_hnd &&
(NT_STATUS_IS_OK(result = rpccli_samr_chgpasswd_user(pipe_hnd,
pipe_hnd->mem_ctx,
user_name,
new_passwd,
old_passwd)))) {
/* Great - it all worked! */
cli_shutdown(cli);
return NT_STATUS_OK;
} else {
if (!(NT_STATUS_EQUAL(result, NT_STATUS_ACCESS_DENIED)
|| NT_STATUS_EQUAL(result, NT_STATUS_UNSUCCESSFUL))) {
/* it failed, but again it was due to things like new password too short */
asprintf(err_str, "machine %s rejected the "
"(anonymous) password change: Error was : "
"%s.\n", remote_machine,
get_friendly_nt_error_msg(result));
cli_shutdown(cli);
return result;
}
/* We have failed to change the user's password, and we think the server
just might not support SAMR password changes, so fall back */
if (lp_client_lanman_auth()) {
/* Use the old RAP method. */
if (cli_oem_change_password(cli, user_name, new_passwd, old_passwd)) {
/* SAMR failed, but the old LanMan protocol worked! */
cli_shutdown(cli);
return NT_STATUS_OK;
}
asprintf(err_str, "machine %s rejected the password "
"change: Error was : %s.\n",
remote_machine, cli_errstr(cli) );
result = cli_nt_error(cli);
cli_shutdown(cli);
return result;
} else {
asprintf(err_str, "SAMR connection to machine %s "
"failed. Error was %s, but LANMAN password "
"changed are disabled\n",
nt_errstr(result), remote_machine);
cli_shutdown(cli);
return NT_STATUS_UNSUCCESSFUL;
}
}
}
/****************************************************************************
do a netbios name query to find someones IP
returns an array of IP addresses or NULL if none
*count will be set to the number of addresses returned
****************************************************************************/
struct in_addr *
name_query (int fd, const char *name, int name_type, BOOL bcast, BOOL recurse,
struct in_addr to_ip, int *count, void (*fn) (struct packet_struct *))
{
BOOL found = False;
int i, retries = 3;
int retry_time = bcast ? 250 : 2000;
struct timeval tval;
struct packet_struct p;
struct packet_struct *p2;
struct nmb_packet *nmb = &p.packet.nmb;
static int name_trn_id = 0;
struct in_addr *ip_list = NULL;
memset ((char *) &p, '\0', sizeof (p));
(*count) = 0;
if (!name_trn_id)
name_trn_id = ((unsigned) time (NULL) % (unsigned) 0x7FFF) +
((unsigned) getpid () % (unsigned) 100);
name_trn_id = (name_trn_id + 1) % (unsigned) 0x7FFF;
nmb->header.name_trn_id = name_trn_id;
nmb->header.opcode = 0;
nmb->header.response = False;
nmb->header.nm_flags.bcast = bcast;
nmb->header.nm_flags.recursion_available = False;
nmb->header.nm_flags.recursion_desired = recurse;
nmb->header.nm_flags.trunc = False;
nmb->header.nm_flags.authoritative = False;
nmb->header.rcode = 0;
nmb->header.qdcount = 1;
nmb->header.ancount = 0;
nmb->header.nscount = 0;
nmb->header.arcount = 0;
make_nmb_name (&nmb->question.question_name, name, name_type);
nmb->question.question_type = 0x20;
nmb->question.question_class = 0x1;
p.ip = to_ip;
p.port = NMB_PORT;
p.fd = fd;
p.timestamp = time (NULL);
p.packet_type = NMB_PACKET;
GetTimeOfDay (&tval);
if (!send_packet (&p))
return NULL;
retries--;
while (1)
{
struct timeval tval2;
GetTimeOfDay (&tval2);
if (TvalDiff (&tval, &tval2) > retry_time)
{
if (!retries)
break;
if (!found && !send_packet (&p))
return NULL;
GetTimeOfDay (&tval);
retries--;
}
if ((p2 = receive_packet (fd, NMB_PACKET, 90)))
{
struct nmb_packet *nmb2 = &p2->packet.nmb;
debug_nmb_packet (p2);
if (nmb->header.name_trn_id != nmb2->header.name_trn_id || !nmb2->header.response)
{
/*
* Its not for us - maybe deal with it later
* (put it on the queue?).
*/
if (fn)
fn (p2);
else
free_packet (p2);
continue;
}
if (nmb2->header.opcode != 0 ||
nmb2->header.nm_flags.bcast || nmb2->header.rcode || !nmb2->header.ancount)
{
/*
* XXXX what do we do with this? Could be a redirect, but
* we'll discard it for the moment.
*/
free_packet (p2);
continue;
}
ip_list = (struct in_addr *) Realloc (ip_list, sizeof (ip_list[0]) *
((*count) + nmb2->answers->rdlength / 6));
if (ip_list)
{
DEBUG (fn ? 3 : 2, ("Got a positive name query response from %s ( ",
inet_ntoa (p2->ip)));
for (i = 0; i < nmb2->answers->rdlength / 6; i++)
{
putip ((char *) &ip_list[(*count)], &nmb2->answers->rdata[2 + i * 6]);
DEBUG (fn ? 3 : 2, ("%s ", inet_ntoa (ip_list[(*count)])));
(*count)++;
}
DEBUG (fn ? 3 : 2, (")\n"));
}
found = True;
retries = 0;
free_packet (p2);
if (fn)
break;
/*
* If we're doing a unicast lookup we only
* expect one reply. Don't wait the full 2
* seconds if we got one. JRA.
*/
if (!bcast && found)
break;
}
}
return ip_list;
}
/*************************************************************
change a password on a remote machine using IPC calls
*************************************************************/
BOOL remote_password_change(const char *remote_machine, const char *user_name,
const char *old_passwd, const char *new_passwd,
char *err_str, size_t err_str_len)
{
struct nmb_name calling, called;
struct cli_state cli;
struct in_addr ip;
*err_str = '\0';
if(!resolve_name( remote_machine, &ip, 0x20)) {
slprintf(err_str, err_str_len-1, "unable to find an IP address for machine %s.\n",
remote_machine );
return False;
}
ZERO_STRUCT(cli);
if (!cli_initialise(&cli) || !cli_connect(&cli, remote_machine, &ip)) {
slprintf(err_str, err_str_len-1, "unable to connect to SMB server on machine %s. Error was : %s.\n",
remote_machine, cli_errstr(&cli) );
return False;
}
make_nmb_name(&calling, global_myname() , 0x0);
make_nmb_name(&called , remote_machine, 0x20);
if (!cli_session_request(&cli, &calling, &called)) {
slprintf(err_str, err_str_len-1, "machine %s rejected the session setup. Error was : %s.\n",
remote_machine, cli_errstr(&cli) );
cli_shutdown(&cli);
return False;
}
cli.protocol = PROTOCOL_NT1;
if (!cli_negprot(&cli)) {
slprintf(err_str, err_str_len-1, "machine %s rejected the negotiate protocol. Error was : %s.\n",
remote_machine, cli_errstr(&cli) );
cli_shutdown(&cli);
return False;
}
/*
* We should connect as the anonymous user here, in case
* the server has "must change password" checked...
* Thanks to <*****@*****.**> for this fix.
*/
if (!cli_session_setup(&cli, "", "", 0, "", 0, "")) {
slprintf(err_str, err_str_len-1, "machine %s rejected the session setup. Error was : %s.\n",
remote_machine, cli_errstr(&cli) );
cli_shutdown(&cli);
return False;
}
if (!cli_send_tconX(&cli, "IPC$", "IPC", "", 1)) {
slprintf(err_str, err_str_len-1, "machine %s rejected the tconX on the IPC$ share. Error was : %s.\n",
remote_machine, cli_errstr(&cli) );
cli_shutdown(&cli);
return False;
}
if(!cli_oem_change_password(&cli, user_name, new_passwd, old_passwd)) {
slprintf(err_str, err_str_len-1, "machine %s rejected the password change: Error was : %s.\n",
remote_machine, cli_errstr(&cli) );
cli_shutdown(&cli);
return False;
}
cli_shutdown(&cli);
return True;
}
static SMBCSRV *
SMBC_server_internal(TALLOC_CTX *ctx,
SMBCCTX *context,
bool connect_if_not_found,
const char *server,
const char *share,
char **pp_workgroup,
char **pp_username,
char **pp_password,
bool *in_cache)
{
SMBCSRV *srv=NULL;
char *workgroup = NULL;
struct cli_state *c;
struct nmb_name called, calling;
const char *server_n = server;
struct sockaddr_storage ss;
int tried_reverse = 0;
int port_try_first;
int port_try_next;
int is_ipc = (share != NULL && strcmp(share, "IPC$") == 0);
uint32 fs_attrs = 0;
const char *username_used;
NTSTATUS status;
char *newserver, *newshare;
zero_sockaddr(&ss);
ZERO_STRUCT(c);
*in_cache = false;
if (server[0] == 0) {
errno = EPERM;
return NULL;
}
/* Look for a cached connection */
srv = SMBC_find_server(ctx, context, server, share,
pp_workgroup, pp_username, pp_password);
/*
* If we found a connection and we're only allowed one share per
* server...
*/
if (srv &&
*share != '\0' &&
smbc_getOptionOneSharePerServer(context)) {
/*
* ... then if there's no current connection to the share,
* connect to it. SMBC_find_server(), or rather the function
* pointed to by context->get_cached_srv_fn which
* was called by SMBC_find_server(), will have issued a tree
* disconnect if the requested share is not the same as the
* one that was already connected.
*/
/*
* Use srv->cli->desthost and srv->cli->share instead of
* server and share below to connect to the actual share,
* i.e., a normal share or a referred share from
* 'msdfs proxy' share.
*/
if (srv->cli->cnum == (uint16) -1) {
/* Ensure we have accurate auth info */
SMBC_call_auth_fn(ctx, context,
srv->cli->desthost,
srv->cli->share,
pp_workgroup,
pp_username,
pp_password);
if (!*pp_workgroup || !*pp_username || !*pp_password) {
errno = ENOMEM;
cli_shutdown(srv->cli);
srv->cli = NULL;
smbc_getFunctionRemoveCachedServer(context)(context,
srv);
return NULL;
}
/*
* We don't need to renegotiate encryption
* here as the encryption context is not per
* tid.
*/
status = cli_tcon_andx(srv->cli, srv->cli->share, "?????",
*pp_password,
strlen(*pp_password)+1);
if (!NT_STATUS_IS_OK(status)) {
errno = map_errno_from_nt_status(status);
cli_shutdown(srv->cli);
srv->cli = NULL;
smbc_getFunctionRemoveCachedServer(context)(context,
srv);
srv = NULL;
}
/* Determine if this share supports case sensitivity */
if (is_ipc) {
DEBUG(4,
("IPC$ so ignore case sensitivity\n"));
} else if (!cli_get_fs_attr_info(c, &fs_attrs)) {
DEBUG(4, ("Could not retrieve "
"case sensitivity flag: %s.\n",
cli_errstr(c)));
/*
* We can't determine the case sensitivity of
* the share. We have no choice but to use the
* user-specified case sensitivity setting.
*/
if (smbc_getOptionCaseSensitive(context)) {
cli_set_case_sensitive(c, True);
} else {
cli_set_case_sensitive(c, False);
}
} else {
DEBUG(4,
("Case sensitive: %s\n",
(fs_attrs & FILE_CASE_SENSITIVE_SEARCH
? "True"
: "False")));
cli_set_case_sensitive(
c,
(fs_attrs & FILE_CASE_SENSITIVE_SEARCH
? True
: False));
}
/*
* Regenerate the dev value since it's based on both
* server and share
*/
if (srv) {
srv->dev = (dev_t)(str_checksum(srv->cli->desthost) ^
str_checksum(srv->cli->share));
}
}
}
/* If we have a connection... */
if (srv) {
/* ... then we're done here. Give 'em what they came for. */
*in_cache = true;
goto done;
}
/* If we're not asked to connect when a connection doesn't exist... */
if (! connect_if_not_found) {
/* ... then we're done here. */
return NULL;
}
if (!*pp_workgroup || !*pp_username || !*pp_password) {
errno = ENOMEM;
return NULL;
}
make_nmb_name(&calling, smbc_getNetbiosName(context), 0x0);
make_nmb_name(&called , server, 0x20);
DEBUG(4,("SMBC_server: server_n=[%s] server=[%s]\n", server_n, server));
DEBUG(4,(" -> server_n=[%s] server=[%s]\n", server_n, server));
again:
zero_sockaddr(&ss);
/* have to open a new connection */
if ((c = cli_initialise()) == NULL) {
errno = ENOMEM;
return NULL;
}
if (smbc_getOptionUseKerberos(context)) {
c->use_kerberos = True;
}
if (smbc_getOptionFallbackAfterKerberos(context)) {
c->fallback_after_kerberos = True;
}
if (smbc_getOptionUseCCache(context)) {
c->use_ccache = True;
}
c->timeout = smbc_getTimeout(context);
/*
* Force use of port 139 for first try if share is $IPC, empty, or
* null, so browse lists can work
*/
if (share == NULL || *share == '\0' || is_ipc) {
port_try_first = 139;
port_try_next = 445;
} else {
port_try_first = 445;
port_try_next = 139;
}
c->port = port_try_first;
status = cli_connect(c, server_n, &ss);
if (!NT_STATUS_IS_OK(status)) {
/* First connection attempt failed. Try alternate port. */
c->port = port_try_next;
status = cli_connect(c, server_n, &ss);
if (!NT_STATUS_IS_OK(status)) {
cli_shutdown(c);
errno = ETIMEDOUT;
return NULL;
}
}
if (!cli_session_request(c, &calling, &called)) {
cli_shutdown(c);
if (strcmp(called.name, "*SMBSERVER")) {
make_nmb_name(&called , "*SMBSERVER", 0x20);
goto again;
} else { /* Try one more time, but ensure we don't loop */
/* Only try this if server is an IP address ... */
if (is_ipaddress(server) && !tried_reverse) {
fstring remote_name;
struct sockaddr_storage rem_ss;
if (!interpret_string_addr(&rem_ss, server,
NI_NUMERICHOST)) {
DEBUG(4, ("Could not convert IP address "
"%s to struct sockaddr_storage\n",
server));
errno = ETIMEDOUT;
return NULL;
}
tried_reverse++; /* Yuck */
if (name_status_find("*", 0, 0,
&rem_ss, remote_name)) {
make_nmb_name(&called,
remote_name,
0x20);
goto again;
}
}
}
errno = ETIMEDOUT;
return NULL;
}
DEBUG(4,(" session request ok\n"));
status = cli_negprot(c);
if (!NT_STATUS_IS_OK(status)) {
cli_shutdown(c);
errno = ETIMEDOUT;
return NULL;
}
username_used = *pp_username;
if (!NT_STATUS_IS_OK(cli_session_setup(c, username_used,
*pp_password,
strlen(*pp_password),
*pp_password,
strlen(*pp_password),
*pp_workgroup))) {
fprintf(stderr, "JerryLin: Libsmb_server.c->SMBC_server_internal: cli_session_setup fail with username=[%s], password=[%s]\n", username_used, *pp_password);
/* Failed. Try an anonymous login, if allowed by flags. */
username_used = "";
if (smbc_getOptionNoAutoAnonymousLogin(context) ||
!NT_STATUS_IS_OK(cli_session_setup(c, username_used,
*pp_password, 1,
*pp_password, 0,
*pp_workgroup))) {
cli_shutdown(c);
errno = EPERM;
return NULL;
}
}
status = cli_init_creds(c, username_used,
*pp_workgroup, *pp_password);
if (!NT_STATUS_IS_OK(status)) {
errno = map_errno_from_nt_status(status);
cli_shutdown(c);
return NULL;
}
DEBUG(4,(" session setup ok\n"));
/* here's the fun part....to support 'msdfs proxy' shares
(on Samba or windows) we have to issues a TRANS_GET_DFS_REFERRAL
here before trying to connect to the original share.
cli_check_msdfs_proxy() will fail if it is a normal share. */
if ((c->capabilities & CAP_DFS) &&
cli_check_msdfs_proxy(ctx, c, share,
&newserver, &newshare,
/* FIXME: cli_check_msdfs_proxy() does
not support smbc_smb_encrypt_level type */
context->internal->smb_encryption_level ?
true : false,
*pp_username,
*pp_password,
*pp_workgroup)) {
cli_shutdown(c);
srv = SMBC_server_internal(ctx, context, connect_if_not_found,
newserver, newshare, pp_workgroup,
pp_username, pp_password, in_cache);
TALLOC_FREE(newserver);
TALLOC_FREE(newshare);
return srv;
}
/* must be a normal share */
status = cli_tcon_andx(c, share, "?????", *pp_password,
strlen(*pp_password)+1);
if (!NT_STATUS_IS_OK(status)) {
errno = map_errno_from_nt_status(status);
fprintf(stderr, "JerryLin: Libsmb_server.c->SMBC_server_internal: cli_tcon_andx return %08X, errno=[%d]\n", NT_STATUS_V(status), errno);
cli_shutdown(c);
return NULL;
}
DEBUG(4,(" tconx ok\n"));
/* Determine if this share supports case sensitivity */
if (is_ipc) {
DEBUG(4, ("IPC$ so ignore case sensitivity\n"));
} else if (!cli_get_fs_attr_info(c, &fs_attrs)) {
DEBUG(4, ("Could not retrieve case sensitivity flag: %s.\n",
cli_errstr(c)));
/*
* We can't determine the case sensitivity of the share. We
* have no choice but to use the user-specified case
* sensitivity setting.
*/
if (smbc_getOptionCaseSensitive(context)) {
cli_set_case_sensitive(c, True);
} else {
cli_set_case_sensitive(c, False);
}
} else {
DEBUG(4, ("Case sensitive: %s\n",
(fs_attrs & FILE_CASE_SENSITIVE_SEARCH
? "True"
: "False")));
cli_set_case_sensitive(c,
(fs_attrs & FILE_CASE_SENSITIVE_SEARCH
? True
: False));
}
if (context->internal->smb_encryption_level) {
/* Attempt UNIX smb encryption. */
if (!NT_STATUS_IS_OK(cli_force_encryption(c,
username_used,
*pp_password,
*pp_workgroup))) {
/*
* context->smb_encryption_level == 1
* means don't fail if encryption can't be negotiated,
* == 2 means fail if encryption can't be negotiated.
*/
DEBUG(4,(" SMB encrypt failed\n"));
if (context->internal->smb_encryption_level == 2) {
cli_shutdown(c);
errno = EPERM;
return NULL;
}
}
DEBUG(4,(" SMB encrypt ok\n"));
}
/*
* Ok, we have got a nice connection
* Let's allocate a server structure.
*/
srv = SMB_MALLOC_P(SMBCSRV);
if (!srv) {
cli_shutdown(c);
errno = ENOMEM;
return NULL;
}
ZERO_STRUCTP(srv);
srv->cli = c;
srv->dev = (dev_t)(str_checksum(server) ^ str_checksum(share));
srv->no_pathinfo = False;
srv->no_pathinfo2 = False;
srv->no_nt_session = False;
done:
if (!pp_workgroup || !*pp_workgroup || !**pp_workgroup) {
workgroup = talloc_strdup(ctx, smbc_getWorkgroup(context));
} else {
workgroup = *pp_workgroup;
}
if(!workgroup) {
return NULL;
}
/* set the credentials to make DFS work */
smbc_set_credentials_with_fallback(context,
workgroup,
*pp_username,
*pp_password);
return srv;
}
