/** initialise a smb2_session structure */ struct smb2_session *smb2_session_init(struct smb2_transport *transport, struct gensec_settings *settings, TALLOC_CTX *parent_ctx) { struct smb2_session *session; NTSTATUS status; session = talloc_zero(parent_ctx, struct smb2_session); if (!session) { return NULL; } session->transport = talloc_steal(session, transport); session->smbXcli = smbXcli_session_create(session, transport->conn); if (session->smbXcli == NULL) { talloc_free(session); return NULL; } /* prepare a gensec context for later use */ status = gensec_client_start(session, &session->gensec, settings); if (!NT_STATUS_IS_OK(status)) { talloc_free(session); return NULL; } gensec_want_feature(session->gensec, GENSEC_FEATURE_SESSION_KEY); return session; }
/**************************************************************************** Initialize the session context ****************************************************************************/ struct smbcli_session *smbcli_session_init(struct smbcli_transport *transport, TALLOC_CTX *parent_ctx, bool primary, struct smbcli_session_options options) { struct smbcli_session *session; uint16_t flags2; uint32_t capabilities; session = talloc_zero(parent_ctx, struct smbcli_session); if (!session) { return NULL; } if (primary) { session->transport = talloc_steal(session, transport); } else { session->transport = talloc_reference(session, transport); } session->pid = (uint16_t)getpid(); session->vuid = UID_FIELD_INVALID; session->options = options; /* * for now session->vuid is still used by the callers, but we call: * smb1cli_session_set_id(session->smbXcli, session->vuid); * before using session->smbXcli, in future we should remove * session->vuid. */ session->smbXcli = smbXcli_session_create(session, transport->conn); if (session->smbXcli == NULL) { talloc_free(session); return NULL; } capabilities = transport->negotiate.capabilities; flags2 = FLAGS2_LONG_PATH_COMPONENTS | FLAGS2_EXTENDED_ATTRIBUTES; if (capabilities & CAP_UNICODE) { flags2 |= FLAGS2_UNICODE_STRINGS; } if (capabilities & CAP_STATUS32) { flags2 |= FLAGS2_32_BIT_ERROR_CODES; } if (capabilities & CAP_EXTENDED_SECURITY) { flags2 |= FLAGS2_EXTENDED_SECURITY; } if (smb1cli_conn_signing_is_active(session->transport->conn)) { flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES; } session->flags2 = flags2; return session; }
struct cli_state *cli_state_create(TALLOC_CTX *mem_ctx, int fd, const char *remote_name, const char *remote_realm, int signing_state, int flags) { struct cli_state *cli = NULL; bool use_spnego = lp_client_use_spnego(); bool force_dos_errors = false; bool force_ascii = false; bool use_level_II_oplocks = false; uint32_t smb1_capabilities = 0; uint32_t smb2_capabilities = 0; struct GUID client_guid = GUID_random(); /* Check the effective uid - make sure we are not setuid */ if (is_setuid_root()) { DEBUG(0,("libsmb based programs must *NOT* be setuid root.\n")); return NULL; } cli = talloc_zero(mem_ctx, struct cli_state); if (!cli) { return NULL; } cli->server_domain = talloc_strdup(cli, ""); if (!cli->server_domain) { goto error; } cli->server_os = talloc_strdup(cli, ""); if (!cli->server_os) { goto error; } cli->server_type = talloc_strdup(cli, ""); if (!cli->server_type) { goto error; } cli->dfs_mountpoint = talloc_strdup(cli, ""); if (!cli->dfs_mountpoint) { goto error; } cli->raw_status = NT_STATUS_INTERNAL_ERROR; cli->map_dos_errors = true; /* remove this */ cli->timeout = CLIENT_TIMEOUT; cli->case_sensitive = false; /* Set the CLI_FORCE_DOSERR environment variable to test client routines using DOS errors instead of STATUS32 ones. This intended only as a temporary hack. */ if (getenv("CLI_FORCE_DOSERR")) { force_dos_errors = true; } if (flags & CLI_FULL_CONNECTION_FORCE_DOS_ERRORS) { force_dos_errors = true; } if (getenv("CLI_FORCE_ASCII")) { force_ascii = true; } if (!lp_unicode()) { force_ascii = true; } if (flags & CLI_FULL_CONNECTION_FORCE_ASCII) { force_ascii = true; } if (flags & CLI_FULL_CONNECTION_DONT_SPNEGO) { use_spnego = false; } else if (flags & CLI_FULL_CONNECTION_USE_KERBEROS) { cli->use_kerberos = true; } if ((flags & CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS) && cli->use_kerberos) { cli->fallback_after_kerberos = true; } if (flags & CLI_FULL_CONNECTION_USE_CCACHE) { cli->use_ccache = true; } if (flags & CLI_FULL_CONNECTION_USE_NT_HASH) { cli->pw_nt_hash = true; } if (flags & CLI_FULL_CONNECTION_OPLOCKS) { cli->use_oplocks = true; } if (flags & CLI_FULL_CONNECTION_LEVEL_II_OPLOCKS) { use_level_II_oplocks = true; } if (signing_state == SMB_SIGNING_DEFAULT) { signing_state = lp_client_signing(); } smb1_capabilities = 0; smb1_capabilities |= CAP_LARGE_FILES; smb1_capabilities |= CAP_NT_SMBS | CAP_RPC_REMOTE_APIS; smb1_capabilities |= CAP_LOCK_AND_READ | CAP_NT_FIND; smb1_capabilities |= CAP_DFS | CAP_W2K_SMBS; smb1_capabilities |= CAP_LARGE_READX|CAP_LARGE_WRITEX; smb1_capabilities |= CAP_LWIO; if (!force_dos_errors) { smb1_capabilities |= CAP_STATUS32; } if (!force_ascii) { smb1_capabilities |= CAP_UNICODE; } if (use_spnego) { smb1_capabilities |= CAP_EXTENDED_SECURITY; } if (use_level_II_oplocks) { smb1_capabilities |= CAP_LEVEL_II_OPLOCKS; } smb2_capabilities = SMB2_CAP_ALL; if (remote_realm) { cli->remote_realm = talloc_strdup(cli, remote_realm); if (cli->remote_realm == NULL) { goto error; } } cli->conn = smbXcli_conn_create(cli, fd, remote_name, signing_state, smb1_capabilities, &client_guid, smb2_capabilities); if (cli->conn == NULL) { goto error; } cli->smb1.pid = (uint16_t)getpid(); cli->smb1.vc_num = cli->smb1.pid; cli->smb1.tcon = smbXcli_tcon_create(cli); if (cli->smb1.tcon == NULL) { goto error; } smb1cli_tcon_set_id(cli->smb1.tcon, UINT16_MAX); cli->smb1.session = smbXcli_session_create(cli, cli->conn); if (cli->smb1.session == NULL) { goto error; } cli->initialised = 1; return cli; /* Clean up after malloc() error */ error: TALLOC_FREE(cli); return NULL; }