source: branches/samba-3.2.x/source/libsmb/clidfs.c

Last change on this file was 233, checked in by Herwig Bauernfeind, 16 years ago

Update 3.2 branch to 3.2.9
File size: 27.6 KB
RevLine 
[228]1/*
2 Unix SMB/CIFS implementation.
3 client connect/disconnect routines
4 Copyright (C) Andrew Tridgell 1994-1998
5 Copyright (C) Gerald (Jerry) Carter 2004
6 Copyright (C) Jeremy Allison 2007
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20*/
21
22#include "includes.h"
23
24/********************************************************************
25 Important point.
26
27 DFS paths are *always* of the form \server\share\<pathname> (the \ characters
28 are not C escaped here).
29
30 - but if we're using POSIX paths then <pathname> may contain
31 '/' separators, not '\\' separators. So cope with '\\' or '/'
32 as a separator when looking at the pathname part.... JRA.
33********************************************************************/
34
35struct client_connection {
36 struct client_connection *prev, *next;
37 struct cli_state *cli;
38 char *mount;
39};
40
41/* global state....globals reek! */
42int max_protocol = PROTOCOL_NT1;
43
44static struct cm_cred_struct {
45 char *username;
46 char *password;
47 bool got_pass;
48 bool use_kerberos;
49 bool fallback_after_kerberos;
50 int signing_state;
51} cm_creds;
52
53static void cm_set_password(const char *newpass);
54
55static int port;
56static int name_type = 0x20;
57static bool have_ip;
58static struct sockaddr_storage dest_ss;
59
60static struct client_connection *connections;
61
62static bool cli_check_msdfs_proxy(TALLOC_CTX *ctx,
63 struct cli_state *cli,
64 const char *sharename,
65 char **pp_newserver,
66 char **pp_newshare,
67 bool force_encrypt,
68 const char *username,
69 const char *password,
70 const char *domain);
71
72/********************************************************************
73 Ensure a connection is encrypted.
74********************************************************************/
75
76NTSTATUS cli_cm_force_encryption(struct cli_state *c,
77 const char *username,
78 const char *password,
79 const char *domain,
80 const char *sharename)
81{
82 NTSTATUS status = cli_force_encryption(c,
83 username,
84 password,
85 domain);
86
87 if (NT_STATUS_EQUAL(status,NT_STATUS_NOT_SUPPORTED)) {
88 d_printf("Encryption required and "
89 "server that doesn't support "
90 "UNIX extensions - failing connect\n");
91 } else if (NT_STATUS_EQUAL(status,NT_STATUS_UNKNOWN_REVISION)) {
92 d_printf("Encryption required and "
93 "can't get UNIX CIFS extensions "
94 "version from server.\n");
95 } else if (NT_STATUS_EQUAL(status,NT_STATUS_UNSUPPORTED_COMPRESSION)) {
96 d_printf("Encryption required and "
97 "share %s doesn't support "
98 "encryption.\n", sharename);
99 } else if (!NT_STATUS_IS_OK(status)) {
100 d_printf("Encryption required and "
101 "setup failed with error %s.\n",
102 nt_errstr(status));
103 }
104
105 return status;
106}
107
108/********************************************************************
109 Return a connection to a server.
110********************************************************************/
111
112static struct cli_state *do_connect(TALLOC_CTX *ctx,
113 const char *server,
114 const char *share,
115 bool show_sessetup,
116 bool force_encrypt)
117{
118 struct cli_state *c = NULL;
119 struct nmb_name called, calling;
120 const char *server_n;
121 struct sockaddr_storage ss;
122 char *servicename;
123 char *sharename;
124 char *newserver, *newshare;
125 const char *username;
126 const char *password;
127 NTSTATUS status;
128
129 /* make a copy so we don't modify the global string 'service' */
130 servicename = talloc_strdup(ctx,share);
131 if (!servicename) {
132 return NULL;
133 }
134 sharename = servicename;
135 if (*sharename == '\\') {
136 server = sharename+2;
137 sharename = strchr_m(server,'\\');
138 if (!sharename) {
139 return NULL;
140 }
141 *sharename = 0;
142 sharename++;
143 }
144
145 server_n = server;
146
147 zero_sockaddr(&ss);
148
149 make_nmb_name(&calling, global_myname(), 0x0);
150 make_nmb_name(&called , server, name_type);
151
152 again:
153 zero_sockaddr(&ss);
154 if (have_ip)
155 ss = dest_ss;
156
157 /* have to open a new connection */
158 if (!(c=cli_initialise()) || (cli_set_port(c, port) != port)) {
159 d_printf("Connection to %s failed\n", server_n);
160 if (c) {
161 cli_shutdown(c);
162 }
163 return NULL;
164 }
165 status = cli_connect(c, server_n, &ss);
166 if (!NT_STATUS_IS_OK(status)) {
167 d_printf("Connection to %s failed (Error %s)\n",
168 server_n,
169 nt_errstr(status));
170 cli_shutdown(c);
171 return NULL;
172 }
173
174 c->protocol = max_protocol;
175 c->use_kerberos = cm_creds.use_kerberos;
176 c->fallback_after_kerberos = cm_creds.fallback_after_kerberos;
177 cli_setup_signing_state(c, cm_creds.signing_state);
178
179 if (!cli_session_request(c, &calling, &called)) {
180 char *p;
181 d_printf("session request to %s failed (%s)\n",
182 called.name, cli_errstr(c));
183 cli_shutdown(c);
184 c = NULL;
185 if ((p=strchr_m(called.name, '.'))) {
186 *p = 0;
187 goto again;
188 }
189 if (strcmp(called.name, "*SMBSERVER")) {
190 make_nmb_name(&called , "*SMBSERVER", 0x20);
191 goto again;
192 }
193 return NULL;
194 }
195
196 DEBUG(4,(" session request ok\n"));
197
198 if (!cli_negprot(c)) {
199 d_printf("protocol negotiation failed\n");
200 cli_shutdown(c);
201 return NULL;
202 }
203
204 if (!cm_creds.got_pass && !cm_creds.use_kerberos) {
205 char *label = NULL;
206 char *pass;
207 label = talloc_asprintf(ctx, "Enter %s's password: ",
208 cm_creds.username);
209 pass = getpass(label);
210 if (pass) {
211 cm_set_password(pass);
212 }
213 TALLOC_FREE(label);
214 }
215
216 username = cm_creds.username ? cm_creds.username : "";
217 password = cm_creds.password ? cm_creds.password : "";
218
219 if (!NT_STATUS_IS_OK(cli_session_setup(c, username,
220 password, strlen(password),
221 password, strlen(password),
222 lp_workgroup()))) {
223 /* If a password was not supplied then
224 * try again with a null username. */
225 if (password[0] || !username[0] || cm_creds.use_kerberos ||
226 !NT_STATUS_IS_OK(cli_session_setup(c, "",
227 "", 0,
228 "", 0,
229 lp_workgroup()))) {
230 d_printf("session setup failed: %s\n", cli_errstr(c));
231 if (NT_STATUS_V(cli_nt_error(c)) ==
232 NT_STATUS_V(NT_STATUS_MORE_PROCESSING_REQUIRED))
233 d_printf("did you forget to run kinit?\n");
234 cli_shutdown(c);
235 return NULL;
236 }
237 d_printf("Anonymous login successful\n");
238 }
239
240 if ( show_sessetup ) {
241 if (*c->server_domain) {
242 DEBUG(0,("Domain=[%s] OS=[%s] Server=[%s]\n",
243 c->server_domain,c->server_os,c->server_type));
244 } else if (*c->server_os || *c->server_type) {
245 DEBUG(0,("OS=[%s] Server=[%s]\n",
246 c->server_os,c->server_type));
247 }
248 }
249 DEBUG(4,(" session setup ok\n"));
250
251 /* here's the fun part....to support 'msdfs proxy' shares
252 (on Samba or windows) we have to issues a TRANS_GET_DFS_REFERRAL
253 here before trying to connect to the original share.
254 check_dfs_proxy() will fail if it is a normal share. */
255
256 if ((c->capabilities & CAP_DFS) &&
257 cli_check_msdfs_proxy(ctx, c, sharename,
258 &newserver, &newshare,
259 force_encrypt,
260 username,
261 password,
262 lp_workgroup())) {
263 cli_shutdown(c);
264 return do_connect(ctx, newserver,
265 newshare, false, force_encrypt);
266 }
267
268 /* must be a normal share */
269
270 if (!cli_send_tconX(c, sharename, "?????",
271 password, strlen(password)+1)) {
272 d_printf("tree connect failed: %s\n", cli_errstr(c));
273 cli_shutdown(c);
274 return NULL;
275 }
276
277 if (force_encrypt) {
278 status = cli_cm_force_encryption(c,
279 username,
280 password,
281 lp_workgroup(),
282 sharename);
283 if (!NT_STATUS_IS_OK(status)) {
284 cli_shutdown(c);
285 return NULL;
286 }
287 }
288
289 DEBUG(4,(" tconx ok\n"));
290 return c;
291}
292
293/****************************************************************************
294****************************************************************************/
295
296static void cli_cm_set_mntpoint(struct cli_state *c, const char *mnt)
297{
298 struct client_connection *p;
299 int i;
300
301 for (p=connections,i=0; p; p=p->next,i++) {
302 if (strequal(p->cli->desthost, c->desthost) &&
303 strequal(p->cli->share, c->share)) {
304 break;
305 }
306 }
307
308 if (p) {
[232]309 char *name = clean_name(NULL, mnt);
[228]310 if (!name) {
311 return;
312 }
[232]313 TALLOC_FREE(p->mount);
[228]314 p->mount = talloc_strdup(p, name);
315 TALLOC_FREE(name);
316 }
317}
318
319/****************************************************************************
320****************************************************************************/
321
322const char *cli_cm_get_mntpoint(struct cli_state *c)
323{
324 struct client_connection *p;
325 int i;
326
327 for (p=connections,i=0; p; p=p->next,i++) {
328 if (strequal(p->cli->desthost, c->desthost) &&
329 strequal(p->cli->share, c->share)) {
330 break;
331 }
332 }
333
334 if (p) {
335 return p->mount;
336 }
337 return NULL;
338}
339
340/********************************************************************
341 Add a new connection to the list
342********************************************************************/
343
344static struct cli_state *cli_cm_connect(TALLOC_CTX *ctx,
345 struct cli_state *referring_cli,
346 const char *server,
347 const char *share,
348 bool show_hdr,
349 bool force_encrypt)
350{
351 struct client_connection *node;
352
353 /* NB This must be the null context here... JRA. */
354 node = TALLOC_ZERO_ARRAY(NULL, struct client_connection, 1);
355 if (!node) {
356 return NULL;
357 }
358
359 node->cli = do_connect(ctx, server, share, show_hdr, force_encrypt);
360
361 if ( !node->cli ) {
362 TALLOC_FREE( node );
363 return NULL;
364 }
365
366 DLIST_ADD( connections, node );
367
368 cli_cm_set_mntpoint(node->cli, "");
369
370 if (referring_cli && referring_cli->posix_capabilities) {
371 uint16 major, minor;
372 uint32 caplow, caphigh;
373 if (cli_unix_extensions_version(node->cli, &major,
374 &minor, &caplow, &caphigh)) {
375 cli_set_unix_extensions_capabilities(node->cli,
376 major, minor,
377 caplow, caphigh);
378 }
379 }
380
381 return node->cli;
382}
383
384/********************************************************************
385 Return a connection to a server.
386********************************************************************/
387
388static struct cli_state *cli_cm_find(const char *server, const char *share)
389{
390 struct client_connection *p;
391
392 for (p=connections; p; p=p->next) {
393 if ( strequal(server, p->cli->desthost) &&
394 strequal(share,p->cli->share)) {
395 return p->cli;
396 }
397 }
398
399 return NULL;
400}
401
402/****************************************************************************
403 Open a client connection to a \\server\share. Set's the current *cli
404 global variable as a side-effect (but only if the connection is successful).
405****************************************************************************/
406
407struct cli_state *cli_cm_open(TALLOC_CTX *ctx,
408 struct cli_state *referring_cli,
409 const char *server,
410 const char *share,
411 bool show_hdr,
412 bool force_encrypt)
413{
414 struct cli_state *c;
415
416 /* try to reuse an existing connection */
417
418 c = cli_cm_find(server, share);
419 if (!c) {
420 c = cli_cm_connect(ctx, referring_cli,
421 server, share, show_hdr, force_encrypt);
422 }
423
424 return c;
425}
426
427/****************************************************************************
428****************************************************************************/
429
430void cli_cm_shutdown(void)
431{
432 struct client_connection *p, *x;
433
434 for (p=connections; p;) {
435 cli_shutdown(p->cli);
436 x = p;
437 p = p->next;
438
439 TALLOC_FREE(x);
440 }
441
442 connections = NULL;
443 return;
444}
445
446/****************************************************************************
447****************************************************************************/
448
449void cli_cm_display(void)
450{
451 struct client_connection *p;
452 int i;
453
454 for ( p=connections,i=0; p; p=p->next,i++ ) {
455 d_printf("%d:\tserver=%s, share=%s\n",
456 i, p->cli->desthost, p->cli->share );
457 }
458}
459
460/****************************************************************************
461****************************************************************************/
462
463static void cm_set_password(const char *newpass)
464{
465 SAFE_FREE(cm_creds.password);
466 cm_creds.password = SMB_STRDUP(newpass);
467 if (cm_creds.password) {
468 cm_creds.got_pass = true;
469 }
470}
471
472/****************************************************************************
473****************************************************************************/
474
475void cli_cm_set_credentials(void)
476{
477 SAFE_FREE(cm_creds.username);
478 cm_creds.username = SMB_STRDUP(get_cmdline_auth_info_username());
479
480 if (get_cmdline_auth_info_got_pass()) {
481 cm_set_password(get_cmdline_auth_info_password());
482 }
483
484 cm_creds.use_kerberos = get_cmdline_auth_info_use_kerberos();
485 cm_creds.fallback_after_kerberos = false;
486 cm_creds.signing_state = get_cmdline_auth_info_signing_state();
487}
488
489/****************************************************************************
490****************************************************************************/
491
492void cli_cm_set_port(int port_number)
493{
494 port = port_number;
495}
496
497/****************************************************************************
498****************************************************************************/
499
500void cli_cm_set_dest_name_type(int type)
501{
502 name_type = type;
503}
504
505/****************************************************************************
506****************************************************************************/
507
508void cli_cm_set_signing_state(int state)
509{
510 cm_creds.signing_state = state;
511}
512
513/****************************************************************************
514****************************************************************************/
515
516void cli_cm_set_username(const char *username)
517{
518 SAFE_FREE(cm_creds.username);
519 cm_creds.username = SMB_STRDUP(username);
520}
521
522/****************************************************************************
523****************************************************************************/
524
525void cli_cm_set_password(const char *newpass)
526{
527 SAFE_FREE(cm_creds.password);
528 cm_creds.password = SMB_STRDUP(newpass);
529 if (cm_creds.password) {
530 cm_creds.got_pass = true;
531 }
532}
533
534/****************************************************************************
535****************************************************************************/
536
537void cli_cm_set_use_kerberos(void)
538{
539 cm_creds.use_kerberos = true;
540}
541
542/****************************************************************************
543****************************************************************************/
544
545void cli_cm_set_fallback_after_kerberos(void)
546{
547 cm_creds.fallback_after_kerberos = true;
548}
549
550/****************************************************************************
551****************************************************************************/
552
553void cli_cm_set_dest_ss(struct sockaddr_storage *pss)
554{
555 dest_ss = *pss;
556 have_ip = true;
557}
558
559/**********************************************************************
560 split a dfs path into the server, share name, and extrapath components
561**********************************************************************/
562
563static void split_dfs_path(TALLOC_CTX *ctx,
564 const char *nodepath,
565 char **pp_server,
566 char **pp_share,
567 char **pp_extrapath)
568{
569 char *p, *q;
570 char *path;
571
572 *pp_server = NULL;
573 *pp_share = NULL;
574 *pp_extrapath = NULL;
575
576 path = talloc_strdup(ctx, nodepath);
577 if (!path) {
578 return;
579 }
580
581 if ( path[0] != '\\' ) {
582 return;
583 }
584
585 p = strchr_m( path + 1, '\\' );
586 if ( !p ) {
587 return;
588 }
589
590 *p = '\0';
591 p++;
592
593 /* Look for any extra/deep path */
594 q = strchr_m(p, '\\');
595 if (q != NULL) {
596 *q = '\0';
597 q++;
598 *pp_extrapath = talloc_strdup(ctx, q);
599 } else {
600 *pp_extrapath = talloc_strdup(ctx, "");
601 }
602
603 *pp_share = talloc_strdup(ctx, p);
604 *pp_server = talloc_strdup(ctx, &path[1]);
605}
606
607/****************************************************************************
608 Return the original path truncated at the directory component before
609 the first wildcard character. Trust the caller to provide a NULL
610 terminated string
611****************************************************************************/
612
613static char *clean_path(TALLOC_CTX *ctx, const char *path)
614{
615 size_t len;
616 char *p1, *p2, *p;
617 char *path_out;
618
619 /* No absolute paths. */
620 while (IS_DIRECTORY_SEP(*path)) {
621 path++;
622 }
623
624 path_out = talloc_strdup(ctx, path);
625 if (!path_out) {
626 return NULL;
627 }
628
629 p1 = strchr_m(path_out, '*');
630 p2 = strchr_m(path_out, '?');
631
632 if (p1 || p2) {
633 if (p1 && p2) {
634 p = MIN(p1,p2);
635 } else if (!p1) {
636 p = p2;
637 } else {
638 p = p1;
639 }
640 *p = '\0';
641
642 /* Now go back to the start of this component. */
643 p1 = strrchr_m(path_out, '/');
644 p2 = strrchr_m(path_out, '\\');
645 p = MAX(p1,p2);
646 if (p) {
647 *p = '\0';
648 }
649 }
650
651 /* Strip any trailing separator */
652
653 len = strlen(path_out);
654 if ( (len > 0) && IS_DIRECTORY_SEP(path_out[len-1])) {
655 path_out[len-1] = '\0';
656 }
657
658 return path_out;
659}
660
661/****************************************************************************
662****************************************************************************/
663
664static char *cli_dfs_make_full_path(TALLOC_CTX *ctx,
665 struct cli_state *cli,
666 const char *dir)
667{
[233]668 char path_sep = '\\';
669
[228]670 /* Ensure the extrapath doesn't start with a separator. */
671 while (IS_DIRECTORY_SEP(*dir)) {
672 dir++;
673 }
674
[233]675 if (cli->posix_capabilities & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
676 path_sep = '/';
677 }
678 return talloc_asprintf(ctx, "%c%s%c%s%c%s",
679 path_sep,
680 cli->desthost,
681 path_sep,
682 cli->share,
683 path_sep,
684 dir);
[228]685}
686
687/********************************************************************
688 check for dfs referral
689********************************************************************/
690
691static bool cli_dfs_check_error( struct cli_state *cli, NTSTATUS status )
692{
693 uint32 flgs2 = SVAL(cli->inbuf,smb_flg2);
694
695 /* only deal with DS when we negotiated NT_STATUS codes and UNICODE */
696
697 if (!((flgs2&FLAGS2_32_BIT_ERROR_CODES) &&
698 (flgs2&FLAGS2_UNICODE_STRINGS)))
699 return false;
700
701 if (NT_STATUS_EQUAL(status, NT_STATUS(IVAL(cli->inbuf,smb_rcls))))
702 return true;
703
704 return false;
705}
706
707/********************************************************************
708 Get the dfs referral link.
709********************************************************************/
710
711bool cli_dfs_get_referral(TALLOC_CTX *ctx,
712 struct cli_state *cli,
713 const char *path,
714 CLIENT_DFS_REFERRAL**refs,
715 size_t *num_refs,
716 uint16 *consumed)
717{
718 unsigned int data_len = 0;
719 unsigned int param_len = 0;
720 uint16 setup = TRANSACT2_GET_DFS_REFERRAL;
721 char *param;
722 char *rparam=NULL, *rdata=NULL;
723 char *p;
724 char *endp;
725 size_t pathlen = 2*(strlen(path)+1);
726 uint16 num_referrals;
727 CLIENT_DFS_REFERRAL *referrals = NULL;
728 bool ret = false;
729
730 *num_refs = 0;
731 *refs = NULL;
732
733 param = SMB_MALLOC_ARRAY(char, 2+pathlen+2);
734 if (!param) {
735 return false;
736 }
737 SSVAL(param, 0, 0x03); /* max referral level */
738 p = &param[2];
739
740 p += clistr_push(cli, p, path, pathlen, STR_TERMINATE);
741 param_len = PTR_DIFF(p, param);
742
743 if (!cli_send_trans(cli, SMBtrans2,
744 NULL, /* name */
745 -1, 0, /* fid, flags */
746 &setup, 1, 0, /* setup, length, max */
747 param, param_len, 2, /* param, length, max */
748 NULL, 0, cli->max_xmit /* data, length, max */
749 )) {
750 SAFE_FREE(param);
751 return false;
752 }
753
754 SAFE_FREE(param);
755
756 if (!cli_receive_trans(cli, SMBtrans2,
757 &rparam, &param_len,
758 &rdata, &data_len)) {
759 return false;
760 }
761
762 if (data_len < 4) {
763 goto out;
764 }
765
766 endp = rdata + data_len;
767
768 *consumed = SVAL(rdata, 0);
769 num_referrals = SVAL(rdata, 2);
770
771 if (num_referrals != 0) {
772 uint16 ref_version;
773 uint16 ref_size;
774 int i;
775 uint16 node_offset;
776
777 referrals = TALLOC_ARRAY(ctx, CLIENT_DFS_REFERRAL,
778 num_referrals);
779
780 if (!referrals) {
781 goto out;
782 }
783 /* start at the referrals array */
784
785 p = rdata+8;
786 for (i=0; i<num_referrals && p < endp; i++) {
787 if (p + 18 > endp) {
788 goto out;
789 }
790 ref_version = SVAL(p, 0);
791 ref_size = SVAL(p, 2);
792 node_offset = SVAL(p, 16);
793
794 if (ref_version != 3) {
795 p += ref_size;
796 continue;
797 }
798
799 referrals[i].proximity = SVAL(p, 8);
800 referrals[i].ttl = SVAL(p, 10);
801
802 if (p + node_offset > endp) {
803 goto out;
804 }
805 clistr_pull_talloc(ctx, cli, &referrals[i].dfspath,
806 p+node_offset, -1,
807 STR_TERMINATE|STR_UNICODE );
808
809 if (!referrals[i].dfspath) {
810 goto out;
811 }
812 p += ref_size;
813 }
814 if (i < num_referrals) {
815 goto out;
816 }
817 }
818
819 ret = true;
820
821 *num_refs = num_referrals;
822 *refs = referrals;
823
824 out:
825
826 SAFE_FREE(rdata);
827 SAFE_FREE(rparam);
828 return ret;
829}
830
831/********************************************************************
832********************************************************************/
833
834bool cli_resolve_path(TALLOC_CTX *ctx,
835 const char *mountpt,
836 struct cli_state *rootcli,
837 const char *path,
838 struct cli_state **targetcli,
839 char **pp_targetpath)
840{
841 CLIENT_DFS_REFERRAL *refs = NULL;
842 size_t num_refs = 0;
843 uint16 consumed;
844 struct cli_state *cli_ipc = NULL;
845 char *dfs_path = NULL;
846 char *cleanpath = NULL;
847 char *extrapath = NULL;
848 int pathlen;
849 char *server = NULL;
850 char *share = NULL;
851 struct cli_state *newcli = NULL;
852 char *newpath = NULL;
853 char *newmount = NULL;
854 char *ppath = NULL;
855 SMB_STRUCT_STAT sbuf;
856 uint32 attributes;
857
858 if ( !rootcli || !path || !targetcli ) {
859 return false;
860 }
861
862 /* Don't do anything if this is not a DFS root. */
863
864 if ( !rootcli->dfsroot) {
865 *targetcli = rootcli;
866 *pp_targetpath = talloc_strdup(ctx, path);
867 if (!*pp_targetpath) {
868 return false;
869 }
870 return true;
871 }
872
873 *targetcli = NULL;
874
875 /* Send a trans2_query_path_info to check for a referral. */
876
877 cleanpath = clean_path(ctx, path);
878 if (!cleanpath) {
879 return false;
880 }
881
882 dfs_path = cli_dfs_make_full_path(ctx, rootcli, cleanpath);
883 if (!dfs_path) {
884 return false;
885 }
886
887 if (cli_qpathinfo_basic( rootcli, dfs_path, &sbuf, &attributes)) {
888 /* This is an ordinary path, just return it. */
889 *targetcli = rootcli;
890 *pp_targetpath = talloc_strdup(ctx, path);
891 if (!*pp_targetpath) {
892 return false;
893 }
894 goto done;
895 }
896
897 /* Special case where client asked for a path that does not exist */
898
899 if (cli_dfs_check_error(rootcli, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
900 *targetcli = rootcli;
901 *pp_targetpath = talloc_strdup(ctx, path);
902 if (!*pp_targetpath) {
903 return false;
904 }
905 goto done;
906 }
907
908 /* We got an error, check for DFS referral. */
909
910 if (!cli_dfs_check_error(rootcli, NT_STATUS_PATH_NOT_COVERED)) {
911 return false;
912 }
913
914 /* Check for the referral. */
915
916 if (!(cli_ipc = cli_cm_open(ctx, rootcli,
917 rootcli->desthost,
918 "IPC$", false,
919 (rootcli->trans_enc_state != NULL)))) {
920 return false;
921 }
922
923 if (!cli_dfs_get_referral(ctx, cli_ipc, dfs_path, &refs,
924 &num_refs, &consumed) || !num_refs) {
925 return false;
926 }
927
928 /* Just store the first referral for now. */
929
930 if (!refs[0].dfspath) {
931 return false;
932 }
933 split_dfs_path(ctx, refs[0].dfspath, &server, &share, &extrapath );
934
935 if (!server || !share) {
936 return false;
937 }
938
939 /* Make sure to recreate the original string including any wildcards. */
940
941 dfs_path = cli_dfs_make_full_path(ctx, rootcli, path);
942 if (!dfs_path) {
943 return false;
944 }
945 pathlen = strlen(dfs_path)*2;
946 consumed = MIN(pathlen, consumed);
947 *pp_targetpath = talloc_strdup(ctx, &dfs_path[consumed/2]);
948 if (!*pp_targetpath) {
949 return false;
950 }
951 dfs_path[consumed/2] = '\0';
952
953 /*
954 * *pp_targetpath is now the unconsumed part of the path.
955 * dfs_path is now the consumed part of the path
956 * (in \server\share\path format).
957 */
958
959 /* Open the connection to the target server & share */
960 if ((*targetcli = cli_cm_open(ctx, rootcli,
961 server,
962 share,
963 false,
964 (rootcli->trans_enc_state != NULL))) == NULL) {
965 d_printf("Unable to follow dfs referral [\\%s\\%s]\n",
966 server, share );
967 return false;
968 }
969
970 if (extrapath && strlen(extrapath) > 0) {
971 *pp_targetpath = talloc_asprintf(ctx,
972 "%s%s",
973 extrapath,
974 *pp_targetpath);
975 if (!*pp_targetpath) {
976 return false;
977 }
978 }
979
980 /* parse out the consumed mount path */
981 /* trim off the \server\share\ */
982
983 ppath = dfs_path;
984
985 if (*ppath != '\\') {
986 d_printf("cli_resolve_path: "
987 "dfs_path (%s) not in correct format.\n",
988 dfs_path );
989 return false;
990 }
991
992 ppath++; /* Now pointing at start of server name. */
993
994 if ((ppath = strchr_m( dfs_path, '\\' )) == NULL) {
995 return false;
996 }
997
998 ppath++; /* Now pointing at start of share name. */
999
1000 if ((ppath = strchr_m( ppath+1, '\\' )) == NULL) {
1001 return false;
1002 }
1003
1004 ppath++; /* Now pointing at path component. */
1005
1006 newmount = talloc_asprintf(ctx, "%s\\%s", mountpt, ppath );
1007 if (!newmount) {
1008 return false;
1009 }
1010
1011 cli_cm_set_mntpoint(*targetcli, newmount);
1012
1013 /* Check for another dfs referral, note that we are not
1014 checking for loops here. */
1015
1016 if (!strequal(*pp_targetpath, "\\") && !strequal(*pp_targetpath, "/")) {
1017 if (cli_resolve_path(ctx,
1018 newmount,
1019 *targetcli,
1020 *pp_targetpath,
1021 &newcli,
1022 &newpath)) {
1023 /*
1024 * When cli_resolve_path returns true here it's always
1025 * returning the complete path in newpath, so we're done
1026 * here.
1027 */
1028 *targetcli = newcli;
1029 *pp_targetpath = newpath;
1030 return true;
1031 }
1032 }
1033
1034 done:
1035
1036 /* If returning true ensure we return a dfs root full path. */
1037 if ((*targetcli)->dfsroot) {
1038 dfs_path = talloc_strdup(ctx, *pp_targetpath);
1039 if (!dfs_path) {
1040 return false;
1041 }
1042 *pp_targetpath = cli_dfs_make_full_path(ctx, *targetcli, dfs_path);
1043 }
1044
1045 return true;
1046}
1047
1048/********************************************************************
1049********************************************************************/
1050
1051static bool cli_check_msdfs_proxy(TALLOC_CTX *ctx,
1052 struct cli_state *cli,
1053 const char *sharename,
1054 char **pp_newserver,
1055 char **pp_newshare,
1056 bool force_encrypt,
1057 const char *username,
1058 const char *password,
1059 const char *domain)
1060{
1061 CLIENT_DFS_REFERRAL *refs = NULL;
1062 size_t num_refs = 0;
1063 uint16 consumed;
1064 char *fullpath = NULL;
1065 bool res;
1066 uint16 cnum;
1067 char *newextrapath = NULL;
1068
1069 if (!cli || !sharename) {
1070 return false;
1071 }
1072
1073 cnum = cli->cnum;
1074
1075 /* special case. never check for a referral on the IPC$ share */
1076
1077 if (strequal(sharename, "IPC$")) {
1078 return false;
1079 }
1080
1081 /* send a trans2_query_path_info to check for a referral */
1082
1083 fullpath = talloc_asprintf(ctx, "\\%s\\%s", cli->desthost, sharename );
1084 if (!fullpath) {
1085 return false;
1086 }
1087
1088 /* check for the referral */
1089
1090 if (!cli_send_tconX(cli, "IPC$", "IPC", NULL, 0)) {
1091 return false;
1092 }
1093
1094 if (force_encrypt) {
1095 NTSTATUS status = cli_cm_force_encryption(cli,
1096 username,
1097 password,
1098 lp_workgroup(),
1099 "IPC$");
1100 if (!NT_STATUS_IS_OK(status)) {
1101 return false;
1102 }
1103 }
1104
1105 res = cli_dfs_get_referral(ctx, cli, fullpath, &refs, &num_refs, &consumed);
1106
1107 if (!cli_tdis(cli)) {
1108 return false;
1109 }
1110
1111 cli->cnum = cnum;
1112
1113 if (!res || !num_refs) {
1114 return false;
1115 }
1116
1117 if (!refs[0].dfspath) {
1118 return false;
1119 }
1120
1121 split_dfs_path(ctx, refs[0].dfspath, pp_newserver,
1122 pp_newshare, &newextrapath );
1123
1124 if ((*pp_newserver == NULL) || (*pp_newshare == NULL)) {
1125 return false;
1126 }
1127
1128 /* check that this is not a self-referral */
1129
1130 if (strequal(cli->desthost, *pp_newserver) &&
1131 strequal(sharename, *pp_newshare)) {
1132 return false;
1133 }
1134
1135 return true;
1136}
Note: See TracBrowser for help on using the repository browser.