/**
* The challenge from the target server, when operating in security=server
**/
static NTSTATUS server_get_challenge(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, uint8_t chal[8])
{
struct smb_composite_connect io;
struct smbcli_options smb_options;
const char **host_list;
NTSTATUS status;
/* Make a connection to the target server, found by 'password server' in smb.conf */
lp_smbcli_options(ctx->auth_ctx->lp_ctx, &smb_options);
/* Make a negprot, WITHOUT SPNEGO, so we get a challenge nice an easy */
io.in.options.use_spnego = false;
/* Hope we don't get * (the default), as this won't work... */
host_list = lp_passwordserver(ctx->auth_ctx->lp_ctx);
if (!host_list) {
return NT_STATUS_INTERNAL_ERROR;
}
io.in.dest_host = host_list[0];
if (strequal(io.in.dest_host, "*")) {
return NT_STATUS_INTERNAL_ERROR;
}
io.in.dest_ports = lp_smb_ports(ctx->auth_ctx->lp_ctx);
io.in.socket_options = lp_socket_options(ctx->auth_ctx->lp_ctx);
io.in.gensec_settings = lp_gensec_settings(mem_ctx, ctx->auth_ctx->lp_ctx);
io.in.called_name = strupper_talloc(mem_ctx, io.in.dest_host);
/* We don't want to get as far as the session setup */
io.in.credentials = cli_credentials_init_anon(mem_ctx);
cli_credentials_set_workstation(io.in.credentials,
lp_netbios_name(ctx->auth_ctx->lp_ctx),
CRED_SPECIFIED);
io.in.service = NULL;
io.in.workgroup = ""; /* only used with SPNEGO, disabled above */
io.in.options = smb_options;
io.in.iconv_convenience = lp_iconv_convenience(ctx->auth_ctx->lp_ctx);
lp_smbcli_session_options(ctx->auth_ctx->lp_ctx, &io.in.session_options);
status = smb_composite_connect(&io, mem_ctx, lp_resolve_context(ctx->auth_ctx->lp_ctx),
ctx->auth_ctx->event_ctx);
NT_STATUS_NOT_OK_RETURN(status);
if (io.out.tree->session->transport->negotiate.secblob.length != 8) {
return NT_STATUS_INTERNAL_ERROR;
}
memcpy(chal, io.out.tree->session->transport->negotiate.secblob.data, 8);
ctx->private_data = talloc_steal(ctx, io.out.tree->session);
return NT_STATUS_OK;
}
static int ejs_tree_connect(MprVarHandle eid, int argc, char **argv)
{
struct cli_credentials *creds;
struct smb_composite_connect io;
struct smbcli_tree *tree;
char *hostname, *sharename;
NTSTATUS result;
TALLOC_CTX *mem_ctx;
if (argc != 2) {
ejsSetErrorMsg(eid, "tree_connect(): invalid number of args");
return -1;
}
/* Set up host, share destination */
mem_ctx = talloc_new(mprMemCtx());
smbcli_parse_unc(argv[0], mem_ctx, &hostname, &sharename);
/* Set up credentials */
creds = cli_credentials_init(NULL);
cli_credentials_set_conf(creds);
cli_credentials_parse_string(creds, argv[1], CRED_SPECIFIED);
/* Do connect */
io.in.dest_host = hostname;
io.in.port = 0;
io.in.called_name = strupper_talloc(mem_ctx, hostname);
io.in.service = sharename;
io.in.service_type = "?????";
io.in.credentials = creds;
io.in.fallback_to_anonymous = False;
io.in.workgroup = lp_workgroup();
result = smb_composite_connect(&io, mem_ctx, NULL);
tree = io.out.tree;
talloc_free(mem_ctx);
if (!NT_STATUS_IS_OK(result)) {
mpr_Return(eid, mprNTSTATUS(result));
return 0;
}
mpr_Return(eid, mprCreatePtrVar(tree));
return 0;
}
