source: branches/samba-3.2.x/source/libsmb/clidfs.c@ 226

Last change on this file since 226 was 133, checked in by Paul Smedley, 17 years ago

Update trunk to 3.2.0pre3
File size: 26.3 KB
Line 
1/*
2 Unix SMB/CIFS implementation.
3 client connect/disconnect routines
4 Copyright (C) Andrew Tridgell 1994-1998
5 Copyright (C) Gerald (Jerry) Carter 2004
6 Copyright (C) Jeremy Allison 2007
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20*/
21
22#include "includes.h"
23
24/********************************************************************
25 Important point.
26
27 DFS paths are *always* of the form \server\share\<pathname> (the \ characters
28 are not C escaped here).
29
30 - but if we're using POSIX paths then <pathname> may contain
31 '/' separators, not '\\' separators. So cope with '\\' or '/'
32 as a separator when looking at the pathname part.... JRA.
33********************************************************************/
34
35struct client_connection {
36 struct client_connection *prev, *next;
37 struct cli_state *cli;
38 char *mount;
39};
40
41/* global state....globals reek! */
42int max_protocol = PROTOCOL_NT1;
43
44static struct cm_cred_struct {
45 char *username;
46 char *password;
47 bool got_pass;
48 bool use_kerberos;
49 bool fallback_after_kerberos;
50 int signing_state;
51} cm_creds;
52
53static void cm_set_password(const char *newpass);
54
55static int port;
56static int name_type = 0x20;
57static bool have_ip;
58static struct sockaddr_storage dest_ss;
59
60static struct client_connection *connections;
61
62static bool cli_check_msdfs_proxy(TALLOC_CTX *ctx,
63 struct cli_state *cli,
64 const char *sharename,
65 char **pp_newserver,
66 char **pp_newshare,
67 bool force_encrypt,
68 const char *username,
69 const char *password,
70 const char *domain);
71
72/********************************************************************
73 Ensure a connection is encrypted.
74********************************************************************/
75
76NTSTATUS cli_cm_force_encryption(struct cli_state *c,
77 const char *username,
78 const char *password,
79 const char *domain,
80 const char *sharename)
81{
82 NTSTATUS status = cli_force_encryption(c,
83 username,
84 password,
85 domain);
86
87 if (NT_STATUS_EQUAL(status,NT_STATUS_NOT_SUPPORTED)) {
88 d_printf("Encryption required and "
89 "server that doesn't support "
90 "UNIX extensions - failing connect\n");
91 } else if (NT_STATUS_EQUAL(status,NT_STATUS_UNKNOWN_REVISION)) {
92 d_printf("Encryption required and "
93 "can't get UNIX CIFS extensions "
94 "version from server.\n");
95 } else if (NT_STATUS_EQUAL(status,NT_STATUS_UNSUPPORTED_COMPRESSION)) {
96 d_printf("Encryption required and "
97 "share %s doesn't support "
98 "encryption.\n", sharename);
99 } else if (!NT_STATUS_IS_OK(status)) {
100 d_printf("Encryption required and "
101 "setup failed with error %s.\n",
102 nt_errstr(status));
103 }
104
105 return status;
106}
107
108/********************************************************************
109 Return a connection to a server.
110********************************************************************/
111
112static struct cli_state *do_connect(TALLOC_CTX *ctx,
113 const char *server,
114 const char *share,
115 bool show_sessetup,
116 bool force_encrypt)
117{
118 struct cli_state *c = NULL;
119 struct nmb_name called, calling;
120 const char *server_n;
121 struct sockaddr_storage ss;
122 char *servicename;
123 char *sharename;
124 char *newserver, *newshare;
125 const char *username;
126 const char *password;
127 NTSTATUS status;
128
129 /* make a copy so we don't modify the global string 'service' */
130 servicename = talloc_strdup(ctx,share);
131 if (!servicename) {
132 return NULL;
133 }
134 sharename = servicename;
135 if (*sharename == '\\') {
136 server = sharename+2;
137 sharename = strchr_m(server,'\\');
138 if (!sharename) {
139 return NULL;
140 }
141 *sharename = 0;
142 sharename++;
143 }
144
145 server_n = server;
146
147 zero_addr(&ss);
148
149 make_nmb_name(&calling, global_myname(), 0x0);
150 make_nmb_name(&called , server, name_type);
151
152 again:
153 zero_addr(&ss);
154 if (have_ip)
155 ss = dest_ss;
156
157 /* have to open a new connection */
158 if (!(c=cli_initialise()) || (cli_set_port(c, port) != port)) {
159 d_printf("Connection to %s failed\n", server_n);
160 if (c) {
161 cli_shutdown(c);
162 }
163 return NULL;
164 }
165 status = cli_connect(c, server_n, &ss);
166 if (!NT_STATUS_IS_OK(status)) {
167 d_printf("Connection to %s failed (Error %s)\n",
168 server_n,
169 nt_errstr(status));
170 cli_shutdown(c);
171 return NULL;
172 }
173
174 c->protocol = max_protocol;
175 c->use_kerberos = cm_creds.use_kerberos;
176 c->fallback_after_kerberos = cm_creds.fallback_after_kerberos;
177 cli_setup_signing_state(c, cm_creds.signing_state);
178
179 if (!cli_session_request(c, &calling, &called)) {
180 char *p;
181 d_printf("session request to %s failed (%s)\n",
182 called.name, cli_errstr(c));
183 cli_shutdown(c);
184 c = NULL;
185 if ((p=strchr_m(called.name, '.'))) {
186 *p = 0;
187 goto again;
188 }
189 if (strcmp(called.name, "*SMBSERVER")) {
190 make_nmb_name(&called , "*SMBSERVER", 0x20);
191 goto again;
192 }
193 return NULL;
194 }
195
196 DEBUG(4,(" session request ok\n"));
197
198 if (!cli_negprot(c)) {
199 d_printf("protocol negotiation failed\n");
200 cli_shutdown(c);
201 return NULL;
202 }
203
204 if (!cm_creds.got_pass && !cm_creds.use_kerberos) {
205 char *label = NULL;
206 char *pass;
207 label = talloc_asprintf(ctx, "Enter %s's password: ",
208 cm_creds.username);
209 pass = getpass(label);
210 if (pass) {
211 cm_set_password(pass);
212 }
213 TALLOC_FREE(label);
214 }
215
216 username = cm_creds.username ? cm_creds.username : "";
217 password = cm_creds.password ? cm_creds.password : "";
218
219 if (!NT_STATUS_IS_OK(cli_session_setup(c, username,
220 password, strlen(password),
221 password, strlen(password),
222 lp_workgroup()))) {
223 /* If a password was not supplied then
224 * try again with a null username. */
225 if (password[0] || !username[0] || cm_creds.use_kerberos ||
226 !NT_STATUS_IS_OK(cli_session_setup(c, "",
227 "", 0,
228 "", 0,
229 lp_workgroup()))) {
230 d_printf("session setup failed: %s\n", cli_errstr(c));
231 if (NT_STATUS_V(cli_nt_error(c)) ==
232 NT_STATUS_V(NT_STATUS_MORE_PROCESSING_REQUIRED))
233 d_printf("did you forget to run kinit?\n");
234 cli_shutdown(c);
235 return NULL;
236 }
237 d_printf("Anonymous login successful\n");
238 }
239
240 if ( show_sessetup ) {
241 if (*c->server_domain) {
242 DEBUG(0,("Domain=[%s] OS=[%s] Server=[%s]\n",
243 c->server_domain,c->server_os,c->server_type));
244 } else if (*c->server_os || *c->server_type) {
245 DEBUG(0,("OS=[%s] Server=[%s]\n",
246 c->server_os,c->server_type));
247 }
248 }
249 DEBUG(4,(" session setup ok\n"));
250
251 /* here's the fun part....to support 'msdfs proxy' shares
252 (on Samba or windows) we have to issues a TRANS_GET_DFS_REFERRAL
253 here before trying to connect to the original share.
254 check_dfs_proxy() will fail if it is a normal share. */
255
256 if ((c->capabilities & CAP_DFS) &&
257 cli_check_msdfs_proxy(ctx, c, sharename,
258 &newserver, &newshare,
259 force_encrypt,
260 username,
261 password,
262 lp_workgroup())) {
263 cli_shutdown(c);
264 return do_connect(ctx, newserver,
265 newshare, false, force_encrypt);
266 }
267
268 /* must be a normal share */
269
270 if (!cli_send_tconX(c, sharename, "?????",
271 password, strlen(password)+1)) {
272 d_printf("tree connect failed: %s\n", cli_errstr(c));
273 cli_shutdown(c);
274 return NULL;
275 }
276
277 if (force_encrypt) {
278 status = cli_cm_force_encryption(c,
279 username,
280 password,
281 lp_workgroup(),
282 sharename);
283 if (!NT_STATUS_IS_OK(status)) {
284 cli_shutdown(c);
285 return NULL;
286 }
287 }
288
289 DEBUG(4,(" tconx ok\n"));
290 return c;
291}
292
293/****************************************************************************
294****************************************************************************/
295
296static void cli_cm_set_mntpoint(struct cli_state *c, const char *mnt)
297{
298 struct client_connection *p;
299 int i;
300
301 for (p=connections,i=0; p; p=p->next,i++) {
302 if (strequal(p->cli->desthost, c->desthost) &&
303 strequal(p->cli->share, c->share)) {
304 break;
305 }
306 }
307
308 if (p) {
309 char *name = clean_name(NULL, p->mount);
310 if (!name) {
311 return;
312 }
313 p->mount = talloc_strdup(p, name);
314 TALLOC_FREE(name);
315 }
316}
317
318/****************************************************************************
319****************************************************************************/
320
321const char *cli_cm_get_mntpoint(struct cli_state *c)
322{
323 struct client_connection *p;
324 int i;
325
326 for (p=connections,i=0; p; p=p->next,i++) {
327 if (strequal(p->cli->desthost, c->desthost) &&
328 strequal(p->cli->share, c->share)) {
329 break;
330 }
331 }
332
333 if (p) {
334 return p->mount;
335 }
336 return NULL;
337}
338
339/********************************************************************
340 Add a new connection to the list
341********************************************************************/
342
343static struct cli_state *cli_cm_connect(TALLOC_CTX *ctx,
344 struct cli_state *referring_cli,
345 const char *server,
346 const char *share,
347 bool show_hdr,
348 bool force_encrypt)
349{
350 struct client_connection *node;
351
352 /* NB This must be the null context here... JRA. */
353 node = TALLOC_ZERO_ARRAY(NULL, struct client_connection, 1);
354 if (!node) {
355 return NULL;
356 }
357
358 node->cli = do_connect(ctx, server, share, show_hdr, force_encrypt);
359
360 if ( !node->cli ) {
361 TALLOC_FREE( node );
362 return NULL;
363 }
364
365 DLIST_ADD( connections, node );
366
367 cli_cm_set_mntpoint(node->cli, "");
368
369 if (referring_cli && referring_cli->posix_capabilities) {
370 uint16 major, minor;
371 uint32 caplow, caphigh;
372 if (cli_unix_extensions_version(node->cli, &major,
373 &minor, &caplow, &caphigh)) {
374 cli_set_unix_extensions_capabilities(node->cli,
375 major, minor,
376 caplow, caphigh);
377 }
378 }
379
380 return node->cli;
381}
382
383/********************************************************************
384 Return a connection to a server.
385********************************************************************/
386
387static struct cli_state *cli_cm_find(const char *server, const char *share)
388{
389 struct client_connection *p;
390
391 for (p=connections; p; p=p->next) {
392 if ( strequal(server, p->cli->desthost) &&
393 strequal(share,p->cli->share)) {
394 return p->cli;
395 }
396 }
397
398 return NULL;
399}
400
401/****************************************************************************
402 Open a client connection to a \\server\share. Set's the current *cli
403 global variable as a side-effect (but only if the connection is successful).
404****************************************************************************/
405
406struct cli_state *cli_cm_open(TALLOC_CTX *ctx,
407 struct cli_state *referring_cli,
408 const char *server,
409 const char *share,
410 bool show_hdr,
411 bool force_encrypt)
412{
413 struct cli_state *c;
414
415 /* try to reuse an existing connection */
416
417 c = cli_cm_find(server, share);
418 if (!c) {
419 c = cli_cm_connect(ctx, referring_cli,
420 server, share, show_hdr, force_encrypt);
421 }
422
423 return c;
424}
425
426/****************************************************************************
427****************************************************************************/
428
429void cli_cm_shutdown(void)
430{
431 struct client_connection *p, *x;
432
433 for (p=connections; p;) {
434 cli_shutdown(p->cli);
435 x = p;
436 p = p->next;
437
438 TALLOC_FREE(x);
439 }
440
441 connections = NULL;
442 return;
443}
444
445/****************************************************************************
446****************************************************************************/
447
448void cli_cm_display(void)
449{
450 struct client_connection *p;
451 int i;
452
453 for ( p=connections,i=0; p; p=p->next,i++ ) {
454 d_printf("%d:\tserver=%s, share=%s\n",
455 i, p->cli->desthost, p->cli->share );
456 }
457}
458
459/****************************************************************************
460****************************************************************************/
461
462static void cm_set_password(const char *newpass)
463{
464 SAFE_FREE(cm_creds.password);
465 cm_creds.password = SMB_STRDUP(newpass);
466 if (cm_creds.password) {
467 cm_creds.got_pass = true;
468 }
469}
470
471/****************************************************************************
472****************************************************************************/
473
474void cli_cm_set_credentials(void)
475{
476 SAFE_FREE(cm_creds.username);
477 cm_creds.username = SMB_STRDUP(get_cmdline_auth_info_username());
478
479 if (get_cmdline_auth_info_got_pass()) {
480 cm_set_password(get_cmdline_auth_info_password());
481 }
482
483 cm_creds.use_kerberos = get_cmdline_auth_info_use_kerberos();
484 cm_creds.fallback_after_kerberos = false;
485 cm_creds.signing_state = get_cmdline_auth_info_signing_state();
486}
487
488/****************************************************************************
489****************************************************************************/
490
491void cli_cm_set_port(int port_number)
492{
493 port = port_number;
494}
495
496/****************************************************************************
497****************************************************************************/
498
499void cli_cm_set_dest_name_type(int type)
500{
501 name_type = type;
502}
503
504/****************************************************************************
505****************************************************************************/
506
507void cli_cm_set_signing_state(int state)
508{
509 cm_creds.signing_state = state;
510}
511
512/****************************************************************************
513****************************************************************************/
514
515void cli_cm_set_username(const char *username)
516{
517 SAFE_FREE(cm_creds.username);
518 cm_creds.username = SMB_STRDUP(username);
519}
520
521/****************************************************************************
522****************************************************************************/
523
524void cli_cm_set_password(const char *newpass)
525{
526 SAFE_FREE(cm_creds.password);
527 cm_creds.password = SMB_STRDUP(newpass);
528 if (cm_creds.password) {
529 cm_creds.got_pass = true;
530 }
531}
532
533/****************************************************************************
534****************************************************************************/
535
536void cli_cm_set_use_kerberos(void)
537{
538 cm_creds.use_kerberos = true;
539}
540
541/****************************************************************************
542****************************************************************************/
543
544void cli_cm_set_fallback_after_kerberos(void)
545{
546 cm_creds.fallback_after_kerberos = true;
547}
548
549/****************************************************************************
550****************************************************************************/
551
552void cli_cm_set_dest_ss(struct sockaddr_storage *pss)
553{
554 dest_ss = *pss;
555 have_ip = true;
556}
557
558/**********************************************************************
559 split a dfs path into the server, share name, and extrapath components
560**********************************************************************/
561
562static void split_dfs_path(TALLOC_CTX *ctx,
563 const char *nodepath,
564 char **pp_server,
565 char **pp_share,
566 char **pp_extrapath)
567{
568 char *p, *q;
569 char *path;
570
571 *pp_server = NULL;
572 *pp_share = NULL;
573 *pp_extrapath = NULL;
574
575 path = talloc_strdup(ctx, nodepath);
576 if (!path) {
577 return;
578 }
579
580 if ( path[0] != '\\' ) {
581 return;
582 }
583
584 p = strchr_m( path + 1, '\\' );
585 if ( !p ) {
586 return;
587 }
588
589 *p = '\0';
590 p++;
591
592 /* Look for any extra/deep path */
593 q = strchr_m(p, '\\');
594 if (q != NULL) {
595 *q = '\0';
596 q++;
597 *pp_extrapath = talloc_strdup(ctx, q);
598 } else {
599 *pp_extrapath = talloc_strdup(ctx, "");
600 }
601
602 *pp_share = talloc_strdup(ctx, p);
603 *pp_server = talloc_strdup(ctx, &path[1]);
604}
605
606/****************************************************************************
607 Return the original path truncated at the directory component before
608 the first wildcard character. Trust the caller to provide a NULL
609 terminated string
610****************************************************************************/
611
612static char *clean_path(TALLOC_CTX *ctx, const char *path)
613{
614 size_t len;
615 char *p1, *p2, *p;
616 char *path_out;
617
618 /* No absolute paths. */
619 while (IS_DIRECTORY_SEP(*path)) {
620 path++;
621 }
622
623 path_out = talloc_strdup(ctx, path);
624 if (!path_out) {
625 return NULL;
626 }
627
628 p1 = strchr_m(path_out, '*');
629 p2 = strchr_m(path_out, '?');
630
631 if (p1 || p2) {
632 if (p1 && p2) {
633 p = MIN(p1,p2);
634 } else if (!p1) {
635 p = p2;
636 } else {
637 p = p1;
638 }
639 *p = '\0';
640
641 /* Now go back to the start of this component. */
642 p1 = strrchr_m(path_out, '/');
643 p2 = strrchr_m(path_out, '\\');
644 p = MAX(p1,p2);
645 if (p) {
646 *p = '\0';
647 }
648 }
649
650 /* Strip any trailing separator */
651
652 len = strlen(path_out);
653 if ( (len > 0) && IS_DIRECTORY_SEP(path_out[len-1])) {
654 path_out[len-1] = '\0';
655 }
656
657 return path_out;
658}
659
660/****************************************************************************
661****************************************************************************/
662
663static char *cli_dfs_make_full_path(TALLOC_CTX *ctx,
664 struct cli_state *cli,
665 const char *dir)
666{
667 /* Ensure the extrapath doesn't start with a separator. */
668 while (IS_DIRECTORY_SEP(*dir)) {
669 dir++;
670 }
671
672 return talloc_asprintf(ctx, "\\%s\\%s\\%s",
673 cli->desthost, cli->share, dir);
674}
675
676/********************************************************************
677 check for dfs referral
678********************************************************************/
679
680static bool cli_dfs_check_error( struct cli_state *cli, NTSTATUS status )
681{
682 uint32 flgs2 = SVAL(cli->inbuf,smb_flg2);
683
684 /* only deal with DS when we negotiated NT_STATUS codes and UNICODE */
685
686 if (!((flgs2&FLAGS2_32_BIT_ERROR_CODES) &&
687 (flgs2&FLAGS2_UNICODE_STRINGS)))
688 return false;
689
690 if (NT_STATUS_EQUAL(status, NT_STATUS(IVAL(cli->inbuf,smb_rcls))))
691 return true;
692
693 return false;
694}
695
696/********************************************************************
697 Get the dfs referral link.
698********************************************************************/
699
700bool cli_dfs_get_referral(TALLOC_CTX *ctx,
701 struct cli_state *cli,
702 const char *path,
703 CLIENT_DFS_REFERRAL**refs,
704 size_t *num_refs,
705 uint16 *consumed)
706{
707 unsigned int data_len = 0;
708 unsigned int param_len = 0;
709 uint16 setup = TRANSACT2_GET_DFS_REFERRAL;
710 char *param;
711 char *rparam=NULL, *rdata=NULL;
712 char *p;
713 char *endp;
714 size_t pathlen = 2*(strlen(path)+1);
715 uint16 num_referrals;
716 CLIENT_DFS_REFERRAL *referrals = NULL;
717 bool ret = false;
718
719 *num_refs = 0;
720 *refs = NULL;
721
722 param = SMB_MALLOC_ARRAY(char, 2+pathlen+2);
723 if (!param) {
724 return false;
725 }
726 SSVAL(param, 0, 0x03); /* max referral level */
727 p = &param[2];
728
729 p += clistr_push(cli, p, path, pathlen, STR_TERMINATE);
730 param_len = PTR_DIFF(p, param);
731
732 if (!cli_send_trans(cli, SMBtrans2,
733 NULL, /* name */
734 -1, 0, /* fid, flags */
735 &setup, 1, 0, /* setup, length, max */
736 param, param_len, 2, /* param, length, max */
737 NULL, 0, cli->max_xmit /* data, length, max */
738 )) {
739 SAFE_FREE(param);
740 return false;
741 }
742
743 SAFE_FREE(param);
744
745 if (!cli_receive_trans(cli, SMBtrans2,
746 &rparam, &param_len,
747 &rdata, &data_len)) {
748 return false;
749 }
750
751 if (data_len < 4) {
752 goto out;
753 }
754
755 endp = rdata + data_len;
756
757 *consumed = SVAL(rdata, 0);
758 num_referrals = SVAL(rdata, 2);
759
760 if (num_referrals != 0) {
761 uint16 ref_version;
762 uint16 ref_size;
763 int i;
764 uint16 node_offset;
765
766 referrals = TALLOC_ARRAY(ctx, CLIENT_DFS_REFERRAL,
767 num_referrals);
768
769 if (!referrals) {
770 goto out;
771 }
772 /* start at the referrals array */
773
774 p = rdata+8;
775 for (i=0; i<num_referrals && p < endp; i++) {
776 if (p + 18 > endp) {
777 goto out;
778 }
779 ref_version = SVAL(p, 0);
780 ref_size = SVAL(p, 2);
781 node_offset = SVAL(p, 16);
782
783 if (ref_version != 3) {
784 p += ref_size;
785 continue;
786 }
787
788 referrals[i].proximity = SVAL(p, 8);
789 referrals[i].ttl = SVAL(p, 10);
790
791 if (p + node_offset > endp) {
792 goto out;
793 }
794 clistr_pull_talloc(ctx, cli, &referrals[i].dfspath,
795 p+node_offset, -1,
796 STR_TERMINATE|STR_UNICODE );
797
798 if (!referrals[i].dfspath) {
799 goto out;
800 }
801 p += ref_size;
802 }
803 if (i < num_referrals) {
804 goto out;
805 }
806 }
807
808 ret = true;
809
810 *num_refs = num_referrals;
811 *refs = referrals;
812
813 out:
814
815 SAFE_FREE(rdata);
816 SAFE_FREE(rparam);
817 return ret;
818}
819
820/********************************************************************
821********************************************************************/
822
823bool cli_resolve_path(TALLOC_CTX *ctx,
824 const char *mountpt,
825 struct cli_state *rootcli,
826 const char *path,
827 struct cli_state **targetcli,
828 char **pp_targetpath)
829{
830 CLIENT_DFS_REFERRAL *refs = NULL;
831 size_t num_refs = 0;
832 uint16 consumed;
833 struct cli_state *cli_ipc = NULL;
834 char *dfs_path = NULL;
835 char *cleanpath = NULL;
836 char *extrapath = NULL;
837 int pathlen;
838 char *server = NULL;
839 char *share = NULL;
840 struct cli_state *newcli = NULL;
841 char *newpath = NULL;
842 char *newmount = NULL;
843 char *ppath = NULL;
844 SMB_STRUCT_STAT sbuf;
845 uint32 attributes;
846
847 if ( !rootcli || !path || !targetcli ) {
848 return false;
849 }
850
851 /* Don't do anything if this is not a DFS root. */
852
853 if ( !rootcli->dfsroot) {
854 *targetcli = rootcli;
855 *pp_targetpath = talloc_strdup(ctx, path);
856 if (!*pp_targetpath) {
857 return false;
858 }
859 return true;
860 }
861
862 *targetcli = NULL;
863
864 /* Send a trans2_query_path_info to check for a referral. */
865
866 cleanpath = clean_path(ctx, path);
867 if (!cleanpath) {
868 return false;
869 }
870
871 dfs_path = cli_dfs_make_full_path(ctx, rootcli, cleanpath);
872 if (!dfs_path) {
873 return false;
874 }
875
876 if (cli_qpathinfo_basic( rootcli, dfs_path, &sbuf, &attributes)) {
877 /* This is an ordinary path, just return it. */
878 *targetcli = rootcli;
879 *pp_targetpath = talloc_strdup(ctx, path);
880 if (!*pp_targetpath) {
881 return false;
882 }
883 goto done;
884 }
885
886 /* Special case where client asked for a path that does not exist */
887
888 if (cli_dfs_check_error(rootcli, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
889 *targetcli = rootcli;
890 *pp_targetpath = talloc_strdup(ctx, path);
891 if (!*pp_targetpath) {
892 return false;
893 }
894 goto done;
895 }
896
897 /* We got an error, check for DFS referral. */
898
899 if (!cli_dfs_check_error(rootcli, NT_STATUS_PATH_NOT_COVERED)) {
900 return false;
901 }
902
903 /* Check for the referral. */
904
905 if (!(cli_ipc = cli_cm_open(ctx, rootcli,
906 rootcli->desthost,
907 "IPC$", false,
908 (rootcli->trans_enc_state != NULL)))) {
909 return false;
910 }
911
912 if (!cli_dfs_get_referral(ctx, cli_ipc, dfs_path, &refs,
913 &num_refs, &consumed) || !num_refs) {
914 return false;
915 }
916
917 /* Just store the first referral for now. */
918
919 if (!refs[0].dfspath) {
920 return false;
921 }
922 split_dfs_path(ctx, refs[0].dfspath, &server, &share, &extrapath );
923
924 if (!server || !share) {
925 return false;
926 }
927
928 /* Make sure to recreate the original string including any wildcards. */
929
930 dfs_path = cli_dfs_make_full_path(ctx, rootcli, path);
931 if (!dfs_path) {
932 return false;
933 }
934 pathlen = strlen(dfs_path)*2;
935 consumed = MIN(pathlen, consumed);
936 *pp_targetpath = talloc_strdup(ctx, &dfs_path[consumed/2]);
937 if (!*pp_targetpath) {
938 return false;
939 }
940 dfs_path[consumed/2] = '\0';
941
942 /*
943 * *pp_targetpath is now the unconsumed part of the path.
944 * dfs_path is now the consumed part of the path
945 * (in \server\share\path format).
946 */
947
948 /* Open the connection to the target server & share */
949 if ((*targetcli = cli_cm_open(ctx, rootcli,
950 server,
951 share,
952 false,
953 (rootcli->trans_enc_state != NULL))) == NULL) {
954 d_printf("Unable to follow dfs referral [\\%s\\%s]\n",
955 server, share );
956 return false;
957 }
958
959 if (extrapath && strlen(extrapath) > 0) {
960 *pp_targetpath = talloc_asprintf(ctx,
961 "%s%s",
962 extrapath,
963 *pp_targetpath);
964 if (!*pp_targetpath) {
965 return false;
966 }
967 }
968
969 /* parse out the consumed mount path */
970 /* trim off the \server\share\ */
971
972 ppath = dfs_path;
973
974 if (*ppath != '\\') {
975 d_printf("cli_resolve_path: "
976 "dfs_path (%s) not in correct format.\n",
977 dfs_path );
978 return false;
979 }
980
981 ppath++; /* Now pointing at start of server name. */
982
983 if ((ppath = strchr_m( dfs_path, '\\' )) == NULL) {
984 return false;
985 }
986
987 ppath++; /* Now pointing at start of share name. */
988
989 if ((ppath = strchr_m( ppath+1, '\\' )) == NULL) {
990 return false;
991 }
992
993 ppath++; /* Now pointing at path component. */
994
995 newmount = talloc_asprintf(ctx, "%s\\%s", mountpt, ppath );
996 if (!newmount) {
997 return false;
998 }
999
1000 cli_cm_set_mntpoint(*targetcli, newmount);
1001
1002 /* Check for another dfs referral, note that we are not
1003 checking for loops here. */
1004
1005 if (!strequal(*pp_targetpath, "\\") && !strequal(*pp_targetpath, "/")) {
1006 if (cli_resolve_path(ctx,
1007 newmount,
1008 *targetcli,
1009 *pp_targetpath,
1010 &newcli,
1011 &newpath)) {
1012 /*
1013 * When cli_resolve_path returns true here it's always
1014 * returning the complete path in newpath, so we're done
1015 * here.
1016 */
1017 *targetcli = newcli;
1018 *pp_targetpath = newpath;
1019 return true;
1020 }
1021 }
1022
1023 done:
1024
1025 /* If returning true ensure we return a dfs root full path. */
1026 if ((*targetcli)->dfsroot) {
1027 dfs_path = talloc_strdup(ctx, *pp_targetpath);
1028 if (!dfs_path) {
1029 return false;
1030 }
1031 *pp_targetpath = cli_dfs_make_full_path(ctx, *targetcli, dfs_path);
1032 }
1033
1034 return true;
1035}
1036
1037/********************************************************************
1038********************************************************************/
1039
1040static bool cli_check_msdfs_proxy(TALLOC_CTX *ctx,
1041 struct cli_state *cli,
1042 const char *sharename,
1043 char **pp_newserver,
1044 char **pp_newshare,
1045 bool force_encrypt,
1046 const char *username,
1047 const char *password,
1048 const char *domain)
1049{
1050 CLIENT_DFS_REFERRAL *refs = NULL;
1051 size_t num_refs = 0;
1052 uint16 consumed;
1053 char *fullpath = NULL;
1054 bool res;
1055 uint16 cnum;
1056 char *newextrapath = NULL;
1057
1058 if (!cli || !sharename) {
1059 return false;
1060 }
1061
1062 cnum = cli->cnum;
1063
1064 /* special case. never check for a referral on the IPC$ share */
1065
1066 if (strequal(sharename, "IPC$")) {
1067 return false;
1068 }
1069
1070 /* send a trans2_query_path_info to check for a referral */
1071
1072 fullpath = talloc_asprintf(ctx, "\\%s\\%s", cli->desthost, sharename );
1073 if (!fullpath) {
1074 return false;
1075 }
1076
1077 /* check for the referral */
1078
1079 if (!cli_send_tconX(cli, "IPC$", "IPC", NULL, 0)) {
1080 return false;
1081 }
1082
1083 if (force_encrypt) {
1084 NTSTATUS status = cli_cm_force_encryption(cli,
1085 username,
1086 password,
1087 lp_workgroup(),
1088 "IPC$");
1089 if (!NT_STATUS_IS_OK(status)) {
1090 return false;
1091 }
1092 }
1093
1094 res = cli_dfs_get_referral(ctx, cli, fullpath, &refs, &num_refs, &consumed);
1095
1096 if (!cli_tdis(cli)) {
1097 return false;
1098 }
1099
1100 cli->cnum = cnum;
1101
1102 if (!res || !num_refs) {
1103 return false;
1104 }
1105
1106 if (!refs[0].dfspath) {
1107 return false;
1108 }
1109
1110 split_dfs_path(ctx, refs[0].dfspath, pp_newserver,
1111 pp_newshare, &newextrapath );
1112
1113 if ((*pp_newserver == NULL) || (*pp_newshare == NULL)) {
1114 return false;
1115 }
1116
1117 /* check that this is not a self-referral */
1118
1119 if (strequal(cli->desthost, *pp_newserver) &&
1120 strequal(sharename, *pp_newshare)) {
1121 return false;
1122 }
1123
1124 return true;
1125}
Note: See TracBrowser for help on using the repository browser.