/**
initialise a smb2_session structure
*/
struct smb2_session *smb2_session_init(struct smb2_transport *transport,
struct gensec_settings *settings,
TALLOC_CTX *parent_ctx)
{
struct smb2_session *session;
NTSTATUS status;
session = talloc_zero(parent_ctx, struct smb2_session);
if (!session) {
return NULL;
}
session->transport = talloc_steal(session, transport);
session->smbXcli = smbXcli_session_create(session, transport->conn);
if (session->smbXcli == NULL) {
talloc_free(session);
return NULL;
}
/* prepare a gensec context for later use */
status = gensec_client_start(session, &session->gensec,
settings);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(session);
return NULL;
}
gensec_want_feature(session->gensec, GENSEC_FEATURE_SESSION_KEY);
return session;
}
/****************************************************************************
Initialize the session context
****************************************************************************/
struct smbcli_session *smbcli_session_init(struct smbcli_transport *transport,
TALLOC_CTX *parent_ctx, bool primary,
struct smbcli_session_options options)
{
struct smbcli_session *session;
uint16_t flags2;
uint32_t capabilities;
session = talloc_zero(parent_ctx, struct smbcli_session);
if (!session) {
return NULL;
}
if (primary) {
session->transport = talloc_steal(session, transport);
} else {
session->transport = talloc_reference(session, transport);
}
session->pid = (uint16_t)getpid();
session->vuid = UID_FIELD_INVALID;
session->options = options;
/*
* for now session->vuid is still used by the callers, but we call:
* smb1cli_session_set_id(session->smbXcli, session->vuid);
* before using session->smbXcli, in future we should remove
* session->vuid.
*/
session->smbXcli = smbXcli_session_create(session, transport->conn);
if (session->smbXcli == NULL) {
talloc_free(session);
return NULL;
}
capabilities = transport->negotiate.capabilities;
flags2 = FLAGS2_LONG_PATH_COMPONENTS | FLAGS2_EXTENDED_ATTRIBUTES;
if (capabilities & CAP_UNICODE) {
flags2 |= FLAGS2_UNICODE_STRINGS;
}
if (capabilities & CAP_STATUS32) {
flags2 |= FLAGS2_32_BIT_ERROR_CODES;
}
if (capabilities & CAP_EXTENDED_SECURITY) {
flags2 |= FLAGS2_EXTENDED_SECURITY;
}
if (smb1cli_conn_signing_is_active(session->transport->conn)) {
flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES;
}
session->flags2 = flags2;
return session;
}
struct cli_state *cli_state_create(TALLOC_CTX *mem_ctx,
int fd,
const char *remote_name,
const char *remote_realm,
int signing_state, int flags)
{
struct cli_state *cli = NULL;
bool use_spnego = lp_client_use_spnego();
bool force_dos_errors = false;
bool force_ascii = false;
bool use_level_II_oplocks = false;
uint32_t smb1_capabilities = 0;
uint32_t smb2_capabilities = 0;
struct GUID client_guid = GUID_random();
/* Check the effective uid - make sure we are not setuid */
if (is_setuid_root()) {
DEBUG(0,("libsmb based programs must *NOT* be setuid root.\n"));
return NULL;
}
cli = talloc_zero(mem_ctx, struct cli_state);
if (!cli) {
return NULL;
}
cli->server_domain = talloc_strdup(cli, "");
if (!cli->server_domain) {
goto error;
}
cli->server_os = talloc_strdup(cli, "");
if (!cli->server_os) {
goto error;
}
cli->server_type = talloc_strdup(cli, "");
if (!cli->server_type) {
goto error;
}
cli->dfs_mountpoint = talloc_strdup(cli, "");
if (!cli->dfs_mountpoint) {
goto error;
}
cli->raw_status = NT_STATUS_INTERNAL_ERROR;
cli->map_dos_errors = true; /* remove this */
cli->timeout = CLIENT_TIMEOUT;
cli->case_sensitive = false;
/* Set the CLI_FORCE_DOSERR environment variable to test
client routines using DOS errors instead of STATUS32
ones. This intended only as a temporary hack. */
if (getenv("CLI_FORCE_DOSERR")) {
force_dos_errors = true;
}
if (flags & CLI_FULL_CONNECTION_FORCE_DOS_ERRORS) {
force_dos_errors = true;
}
if (getenv("CLI_FORCE_ASCII")) {
force_ascii = true;
}
if (!lp_unicode()) {
force_ascii = true;
}
if (flags & CLI_FULL_CONNECTION_FORCE_ASCII) {
force_ascii = true;
}
if (flags & CLI_FULL_CONNECTION_DONT_SPNEGO) {
use_spnego = false;
} else if (flags & CLI_FULL_CONNECTION_USE_KERBEROS) {
cli->use_kerberos = true;
}
if ((flags & CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS) &&
cli->use_kerberos) {
cli->fallback_after_kerberos = true;
}
if (flags & CLI_FULL_CONNECTION_USE_CCACHE) {
cli->use_ccache = true;
}
if (flags & CLI_FULL_CONNECTION_USE_NT_HASH) {
cli->pw_nt_hash = true;
}
if (flags & CLI_FULL_CONNECTION_OPLOCKS) {
cli->use_oplocks = true;
}
if (flags & CLI_FULL_CONNECTION_LEVEL_II_OPLOCKS) {
use_level_II_oplocks = true;
}
if (signing_state == SMB_SIGNING_DEFAULT) {
signing_state = lp_client_signing();
}
smb1_capabilities = 0;
smb1_capabilities |= CAP_LARGE_FILES;
smb1_capabilities |= CAP_NT_SMBS | CAP_RPC_REMOTE_APIS;
smb1_capabilities |= CAP_LOCK_AND_READ | CAP_NT_FIND;
smb1_capabilities |= CAP_DFS | CAP_W2K_SMBS;
smb1_capabilities |= CAP_LARGE_READX|CAP_LARGE_WRITEX;
smb1_capabilities |= CAP_LWIO;
if (!force_dos_errors) {
smb1_capabilities |= CAP_STATUS32;
}
if (!force_ascii) {
smb1_capabilities |= CAP_UNICODE;
}
if (use_spnego) {
smb1_capabilities |= CAP_EXTENDED_SECURITY;
}
if (use_level_II_oplocks) {
smb1_capabilities |= CAP_LEVEL_II_OPLOCKS;
}
smb2_capabilities = SMB2_CAP_ALL;
if (remote_realm) {
cli->remote_realm = talloc_strdup(cli, remote_realm);
if (cli->remote_realm == NULL) {
goto error;
}
}
cli->conn = smbXcli_conn_create(cli, fd, remote_name,
signing_state,
smb1_capabilities,
&client_guid,
smb2_capabilities);
if (cli->conn == NULL) {
goto error;
}
cli->smb1.pid = (uint16_t)getpid();
cli->smb1.vc_num = cli->smb1.pid;
cli->smb1.tcon = smbXcli_tcon_create(cli);
if (cli->smb1.tcon == NULL) {
goto error;
}
smb1cli_tcon_set_id(cli->smb1.tcon, UINT16_MAX);
cli->smb1.session = smbXcli_session_create(cli, cli->conn);
if (cli->smb1.session == NULL) {
goto error;
}
cli->initialised = 1;
return cli;
/* Clean up after malloc() error */
error:
TALLOC_FREE(cli);
return NULL;
}
