Context Navigation

source: branches/samba-3.2.x/source/libsmb/clidfs.c@ 724

Visit:

Last change on this file since 724 was 233, checked in by Herwig Bauernfeind, 16 years ago
Update 3.2 branch to 3.2.9
File size: 27.6 KB

Line
1	/*
2	Unix SMB/CIFS implementation.
3	client connect/disconnect routines
4	Copyright (C) Andrew Tridgell 1994-1998
5	Copyright (C) Gerald (Jerry) Carter 2004
6	Copyright (C) Jeremy Allison 2007
7
8	This program is free software; you can redistribute it and/or modify
9	it under the terms of the GNU General Public License as published by
10	the Free Software Foundation; either version 3 of the License, or
11	(at your option) any later version.
12
13	This program is distributed in the hope that it will be useful,
14	but WITHOUT ANY WARRANTY; without even the implied warranty of
15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16	GNU General Public License for more details.
17
18	You should have received a copy of the GNU General Public License
19	along with this program. If not, see <http://www.gnu.org/licenses/>.
20	*/
21
22	#include "includes.h"
23
24	/********************************************************************
25	Important point.
26
27	DFS paths are always of the form \server\share\<pathname> (the \ characters
28	are not C escaped here).
29
30	- but if we're using POSIX paths then <pathname> may contain
31	'/' separators, not '\\' separators. So cope with '\\' or '/'
32	as a separator when looking at the pathname part.... JRA.
33	********************************************************************/
34
35	struct client_connection {
36	struct client_connection prev, next;
37	struct cli_state *cli;
38	char *mount;
39	};
40
41	/* global state....globals reek! */
42	int max_protocol = PROTOCOL_NT1;
43
44	static struct cm_cred_struct {
45	char *username;
46	char *password;
47	bool got_pass;
48	bool use_kerberos;
49	bool fallback_after_kerberos;
50	int signing_state;
51	} cm_creds;
52
53	static void cm_set_password(const char *newpass);
54
55	static int port;
56	static int name_type = 0x20;
57	static bool have_ip;
58	static struct sockaddr_storage dest_ss;
59
60	static struct client_connection *connections;
61
62	static bool cli_check_msdfs_proxy(TALLOC_CTX *ctx,
63	struct cli_state *cli,
64	const char *sharename,
65	char **pp_newserver,
66	char **pp_newshare,
67	bool force_encrypt,
68	const char *username,
69	const char *password,
70	const char *domain);
71
72	/********************************************************************
73	Ensure a connection is encrypted.
74	********************************************************************/
75
76	NTSTATUS cli_cm_force_encryption(struct cli_state *c,
77	const char *username,
78	const char *password,
79	const char *domain,
80	const char *sharename)
81	{
82	NTSTATUS status = cli_force_encryption(c,
83	username,
84	password,
85	domain);
86
87	if (NT_STATUS_EQUAL(status,NT_STATUS_NOT_SUPPORTED)) {
88	d_printf("Encryption required and "
89	"server that doesn't support "
90	"UNIX extensions - failing connect\n");
91	} else if (NT_STATUS_EQUAL(status,NT_STATUS_UNKNOWN_REVISION)) {
92	d_printf("Encryption required and "
93	"can't get UNIX CIFS extensions "
94	"version from server.\n");
95	} else if (NT_STATUS_EQUAL(status,NT_STATUS_UNSUPPORTED_COMPRESSION)) {
96	d_printf("Encryption required and "
97	"share %s doesn't support "
98	"encryption.\n", sharename);
99	} else if (!NT_STATUS_IS_OK(status)) {
100	d_printf("Encryption required and "
101	"setup failed with error %s.\n",
102	nt_errstr(status));
103	}
104
105	return status;
106	}
107
108	/********************************************************************
109	Return a connection to a server.
110	********************************************************************/
111
112	static struct cli_state do_connect(TALLOC_CTX ctx,
113	const char *server,
114	const char *share,
115	bool show_sessetup,
116	bool force_encrypt)
117	{
118	struct cli_state *c = NULL;
119	struct nmb_name called, calling;
120	const char *server_n;
121	struct sockaddr_storage ss;
122	char *servicename;
123	char *sharename;
124	char newserver, newshare;
125	const char *username;
126	const char *password;
127	NTSTATUS status;
128
129	/* make a copy so we don't modify the global string 'service' */
130	servicename = talloc_strdup(ctx,share);
131	if (!servicename) {
132	return NULL;
133	}
134	sharename = servicename;
135	if (*sharename == '\\') {
136	server = sharename+2;
137	sharename = strchr_m(server,'\\');
138	if (!sharename) {
139	return NULL;
140	}
141	*sharename = 0;
142	sharename++;
143	}
144
145	server_n = server;
146
147	zero_sockaddr(&ss);
148
149	make_nmb_name(&calling, global_myname(), 0x0);
150	make_nmb_name(&called , server, name_type);
151
152	again:
153	zero_sockaddr(&ss);
154	if (have_ip)
155	ss = dest_ss;
156
157	/* have to open a new connection */
158	if (!(c=cli_initialise()) \|\| (cli_set_port(c, port) != port)) {
159	d_printf("Connection to %s failed\n", server_n);
160	if (c) {
161	cli_shutdown(c);
162	}
163	return NULL;
164	}
165	status = cli_connect(c, server_n, &ss);
166	if (!NT_STATUS_IS_OK(status)) {
167	d_printf("Connection to %s failed (Error %s)\n",
168	server_n,
169	nt_errstr(status));
170	cli_shutdown(c);
171	return NULL;
172	}
173
174	c->protocol = max_protocol;
175	c->use_kerberos = cm_creds.use_kerberos;
176	c->fallback_after_kerberos = cm_creds.fallback_after_kerberos;
177	cli_setup_signing_state(c, cm_creds.signing_state);
178
179	if (!cli_session_request(c, &calling, &called)) {
180	char *p;
181	d_printf("session request to %s failed (%s)\n",
182	called.name, cli_errstr(c));
183	cli_shutdown(c);
184	c = NULL;
185	if ((p=strchr_m(called.name, '.'))) {
186	*p = 0;
187	goto again;
188	}
189	if (strcmp(called.name, "*SMBSERVER")) {
190	make_nmb_name(&called , "*SMBSERVER", 0x20);
191	goto again;
192	}
193	return NULL;
194	}
195
196	DEBUG(4,(" session request ok\n"));
197
198	if (!cli_negprot(c)) {
199	d_printf("protocol negotiation failed\n");
200	cli_shutdown(c);
201	return NULL;
202	}
203
204	if (!cm_creds.got_pass && !cm_creds.use_kerberos) {
205	char *label = NULL;
206	char *pass;
207	label = talloc_asprintf(ctx, "Enter %s's password: ",
208	cm_creds.username);
209	pass = getpass(label);
210	if (pass) {
211	cm_set_password(pass);
212	}
213	TALLOC_FREE(label);
214	}
215
216	username = cm_creds.username ? cm_creds.username : "";
217	password = cm_creds.password ? cm_creds.password : "";
218
219	if (!NT_STATUS_IS_OK(cli_session_setup(c, username,
220	password, strlen(password),
221	password, strlen(password),
222	lp_workgroup()))) {
223	/* If a password was not supplied then
224	* try again with a null username. */
225	if (password[0] \|\| !username[0] \|\| cm_creds.use_kerberos \|\|
226	!NT_STATUS_IS_OK(cli_session_setup(c, "",
227	"", 0,
228	"", 0,
229	lp_workgroup()))) {
230	d_printf("session setup failed: %s\n", cli_errstr(c));
231	if (NT_STATUS_V(cli_nt_error(c)) ==
232	NT_STATUS_V(NT_STATUS_MORE_PROCESSING_REQUIRED))
233	d_printf("did you forget to run kinit?\n");
234	cli_shutdown(c);
235	return NULL;
236	}
237	d_printf("Anonymous login successful\n");
238	}
239
240	if ( show_sessetup ) {
241	if (*c->server_domain) {
242	DEBUG(0,("Domain=[%s] OS=[%s] Server=[%s]\n",
243	c->server_domain,c->server_os,c->server_type));
244	} else if (c->server_os \|\| c->server_type) {
245	DEBUG(0,("OS=[%s] Server=[%s]\n",
246	c->server_os,c->server_type));
247	}
248	}
249	DEBUG(4,(" session setup ok\n"));
250
251	/* here's the fun part....to support 'msdfs proxy' shares
252	(on Samba or windows) we have to issues a TRANS_GET_DFS_REFERRAL
253	here before trying to connect to the original share.
254	check_dfs_proxy() will fail if it is a normal share. */
255
256	if ((c->capabilities & CAP_DFS) &&
257	cli_check_msdfs_proxy(ctx, c, sharename,
258	&newserver, &newshare,
259	force_encrypt,
260	username,
261	password,
262	lp_workgroup())) {
263	cli_shutdown(c);
264	return do_connect(ctx, newserver,
265	newshare, false, force_encrypt);
266	}
267
268	/* must be a normal share */
269
270	if (!cli_send_tconX(c, sharename, "?????",
271	password, strlen(password)+1)) {
272	d_printf("tree connect failed: %s\n", cli_errstr(c));
273	cli_shutdown(c);
274	return NULL;
275	}
276
277	if (force_encrypt) {
278	status = cli_cm_force_encryption(c,
279	username,
280	password,
281	lp_workgroup(),
282	sharename);
283	if (!NT_STATUS_IS_OK(status)) {
284	cli_shutdown(c);
285	return NULL;
286	}
287	}
288
289	DEBUG(4,(" tconx ok\n"));
290	return c;
291	}
292
293	/****************************************************************************
294	****************************************************************************/
295
296	static void cli_cm_set_mntpoint(struct cli_state c, const char mnt)
297	{
298	struct client_connection *p;
299	int i;
300
301	for (p=connections,i=0; p; p=p->next,i++) {
302	if (strequal(p->cli->desthost, c->desthost) &&
303	strequal(p->cli->share, c->share)) {
304	break;
305	}
306	}
307
308	if (p) {
309	char *name = clean_name(NULL, mnt);
310	if (!name) {
311	return;
312	}
313	TALLOC_FREE(p->mount);
314	p->mount = talloc_strdup(p, name);
315	TALLOC_FREE(name);
316	}
317	}
318
319	/****************************************************************************
320	****************************************************************************/
321
322	const char cli_cm_get_mntpoint(struct cli_state c)
323	{
324	struct client_connection *p;
325	int i;
326
327	for (p=connections,i=0; p; p=p->next,i++) {
328	if (strequal(p->cli->desthost, c->desthost) &&
329	strequal(p->cli->share, c->share)) {
330	break;
331	}
332	}
333
334	if (p) {
335	return p->mount;
336	}
337	return NULL;
338	}
339
340	/********************************************************************
341	Add a new connection to the list
342	********************************************************************/
343
344	static struct cli_state cli_cm_connect(TALLOC_CTX ctx,
345	struct cli_state *referring_cli,
346	const char *server,
347	const char *share,
348	bool show_hdr,
349	bool force_encrypt)
350	{
351	struct client_connection *node;
352
353	/* NB This must be the null context here... JRA. */
354	node = TALLOC_ZERO_ARRAY(NULL, struct client_connection, 1);
355	if (!node) {
356	return NULL;
357	}
358
359	node->cli = do_connect(ctx, server, share, show_hdr, force_encrypt);
360
361	if ( !node->cli ) {
362	TALLOC_FREE( node );
363	return NULL;
364	}
365
366	DLIST_ADD( connections, node );
367
368	cli_cm_set_mntpoint(node->cli, "");
369
370	if (referring_cli && referring_cli->posix_capabilities) {
371	uint16 major, minor;
372	uint32 caplow, caphigh;
373	if (cli_unix_extensions_version(node->cli, &major,
374	&minor, &caplow, &caphigh)) {
375	cli_set_unix_extensions_capabilities(node->cli,
376	major, minor,
377	caplow, caphigh);
378	}
379	}
380
381	return node->cli;
382	}
383
384	/********************************************************************
385	Return a connection to a server.
386	********************************************************************/
387
388	static struct cli_state cli_cm_find(const char server, const char *share)
389	{
390	struct client_connection *p;
391
392	for (p=connections; p; p=p->next) {
393	if ( strequal(server, p->cli->desthost) &&
394	strequal(share,p->cli->share)) {
395	return p->cli;
396	}
397	}
398
399	return NULL;
400	}
401
402	/****************************************************************************
403	Open a client connection to a \\server\share. Set's the current *cli
404	global variable as a side-effect (but only if the connection is successful).
405	****************************************************************************/
406
407	struct cli_state cli_cm_open(TALLOC_CTX ctx,
408	struct cli_state *referring_cli,
409	const char *server,
410	const char *share,
411	bool show_hdr,
412	bool force_encrypt)
413	{
414	struct cli_state *c;
415
416	/* try to reuse an existing connection */
417
418	c = cli_cm_find(server, share);
419	if (!c) {
420	c = cli_cm_connect(ctx, referring_cli,
421	server, share, show_hdr, force_encrypt);
422	}
423
424	return c;
425	}
426
427	/****************************************************************************
428	****************************************************************************/
429
430	void cli_cm_shutdown(void)
431	{
432	struct client_connection p, x;
433
434	for (p=connections; p;) {
435	cli_shutdown(p->cli);
436	x = p;
437	p = p->next;
438
439	TALLOC_FREE(x);
440	}
441
442	connections = NULL;
443	return;
444	}
445
446	/****************************************************************************
447	****************************************************************************/
448
449	void cli_cm_display(void)
450	{
451	struct client_connection *p;
452	int i;
453
454	for ( p=connections,i=0; p; p=p->next,i++ ) {
455	d_printf("%d:\tserver=%s, share=%s\n",
456	i, p->cli->desthost, p->cli->share );
457	}
458	}
459
460	/****************************************************************************
461	****************************************************************************/
462
463	static void cm_set_password(const char *newpass)
464	{
465	SAFE_FREE(cm_creds.password);
466	cm_creds.password = SMB_STRDUP(newpass);
467	if (cm_creds.password) {
468	cm_creds.got_pass = true;
469	}
470	}
471
472	/****************************************************************************
473	****************************************************************************/
474
475	void cli_cm_set_credentials(void)
476	{
477	SAFE_FREE(cm_creds.username);
478	cm_creds.username = SMB_STRDUP(get_cmdline_auth_info_username());
479
480	if (get_cmdline_auth_info_got_pass()) {
481	cm_set_password(get_cmdline_auth_info_password());
482	}
483
484	cm_creds.use_kerberos = get_cmdline_auth_info_use_kerberos();
485	cm_creds.fallback_after_kerberos = false;
486	cm_creds.signing_state = get_cmdline_auth_info_signing_state();
487	}
488
489	/****************************************************************************
490	****************************************************************************/
491
492	void cli_cm_set_port(int port_number)
493	{
494	port = port_number;
495	}
496
497	/****************************************************************************
498	****************************************************************************/
499
500	void cli_cm_set_dest_name_type(int type)
501	{
502	name_type = type;
503	}
504
505	/****************************************************************************
506	****************************************************************************/
507
508	void cli_cm_set_signing_state(int state)
509	{
510	cm_creds.signing_state = state;
511	}
512
513	/****************************************************************************
514	****************************************************************************/
515
516	void cli_cm_set_username(const char *username)
517	{
518	SAFE_FREE(cm_creds.username);
519	cm_creds.username = SMB_STRDUP(username);
520	}
521
522	/****************************************************************************
523	****************************************************************************/
524
525	void cli_cm_set_password(const char *newpass)
526	{
527	SAFE_FREE(cm_creds.password);
528	cm_creds.password = SMB_STRDUP(newpass);
529	if (cm_creds.password) {
530	cm_creds.got_pass = true;
531	}
532	}
533
534	/****************************************************************************
535	****************************************************************************/
536
537	void cli_cm_set_use_kerberos(void)
538	{
539	cm_creds.use_kerberos = true;
540	}
541
542	/****************************************************************************
543	****************************************************************************/
544
545	void cli_cm_set_fallback_after_kerberos(void)
546	{
547	cm_creds.fallback_after_kerberos = true;
548	}
549
550	/****************************************************************************
551	****************************************************************************/
552
553	void cli_cm_set_dest_ss(struct sockaddr_storage *pss)
554	{
555	dest_ss = *pss;
556	have_ip = true;
557	}
558
559	/**********************************************************************
560	split a dfs path into the server, share name, and extrapath components
561	**********************************************************************/
562
563	static void split_dfs_path(TALLOC_CTX *ctx,
564	const char *nodepath,
565	char **pp_server,
566	char **pp_share,
567	char **pp_extrapath)
568	{
569	char p, q;
570	char *path;
571
572	*pp_server = NULL;
573	*pp_share = NULL;
574	*pp_extrapath = NULL;
575
576	path = talloc_strdup(ctx, nodepath);
577	if (!path) {
578	return;
579	}
580
581	if ( path[0] != '\\' ) {
582	return;
583	}
584
585	p = strchr_m( path + 1, '\\' );
586	if ( !p ) {
587	return;
588	}
589
590	*p = '\0';
591	p++;
592
593	/* Look for any extra/deep path */
594	q = strchr_m(p, '\\');
595	if (q != NULL) {
596	*q = '\0';
597	q++;
598	*pp_extrapath = talloc_strdup(ctx, q);
599	} else {
600	*pp_extrapath = talloc_strdup(ctx, "");
601	}
602
603	*pp_share = talloc_strdup(ctx, p);
604	*pp_server = talloc_strdup(ctx, &path[1]);
605	}
606
607	/****************************************************************************
608	Return the original path truncated at the directory component before
609	the first wildcard character. Trust the caller to provide a NULL
610	terminated string
611	****************************************************************************/
612
613	static char clean_path(TALLOC_CTX ctx, const char *path)
614	{
615	size_t len;
616	char p1, p2, *p;
617	char *path_out;
618
619	/* No absolute paths. */
620	while (IS_DIRECTORY_SEP(*path)) {
621	path++;
622	}
623
624	path_out = talloc_strdup(ctx, path);
625	if (!path_out) {
626	return NULL;
627	}
628
629	p1 = strchr_m(path_out, '*');
630	p2 = strchr_m(path_out, '?');
631
632	if (p1 \|\| p2) {
633	if (p1 && p2) {
634	p = MIN(p1,p2);
635	} else if (!p1) {
636	p = p2;
637	} else {
638	p = p1;
639	}
640	*p = '\0';
641
642	/* Now go back to the start of this component. */
643	p1 = strrchr_m(path_out, '/');
644	p2 = strrchr_m(path_out, '\\');
645	p = MAX(p1,p2);
646	if (p) {
647	*p = '\0';
648	}
649	}
650
651	/* Strip any trailing separator */
652
653	len = strlen(path_out);
654	if ( (len > 0) && IS_DIRECTORY_SEP(path_out[len-1])) {
655	path_out[len-1] = '\0';
656	}
657
658	return path_out;
659	}
660
661	/****************************************************************************
662	****************************************************************************/
663
664	static char cli_dfs_make_full_path(TALLOC_CTX ctx,
665	struct cli_state *cli,
666	const char *dir)
667	{
668	char path_sep = '\\';
669
670	/* Ensure the extrapath doesn't start with a separator. */
671	while (IS_DIRECTORY_SEP(*dir)) {
672	dir++;
673	}
674
675	if (cli->posix_capabilities & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
676	path_sep = '/';
677	}
678	return talloc_asprintf(ctx, "%c%s%c%s%c%s",
679	path_sep,
680	cli->desthost,
681	path_sep,
682	cli->share,
683	path_sep,
684	dir);
685	}
686
687	/********************************************************************
688	check for dfs referral
689	********************************************************************/
690
691	static bool cli_dfs_check_error( struct cli_state *cli, NTSTATUS status )
692	{
693	uint32 flgs2 = SVAL(cli->inbuf,smb_flg2);
694
695	/* only deal with DS when we negotiated NT_STATUS codes and UNICODE */
696
697	if (!((flgs2&FLAGS2_32_BIT_ERROR_CODES) &&
698	(flgs2&FLAGS2_UNICODE_STRINGS)))
699	return false;
700
701	if (NT_STATUS_EQUAL(status, NT_STATUS(IVAL(cli->inbuf,smb_rcls))))
702	return true;
703
704	return false;
705	}
706
707	/********************************************************************
708	Get the dfs referral link.
709	********************************************************************/
710
711	bool cli_dfs_get_referral(TALLOC_CTX *ctx,
712	struct cli_state *cli,
713	const char *path,
714	CLIENT_DFS_REFERRAL**refs,
715	size_t *num_refs,
716	uint16 *consumed)
717	{
718	unsigned int data_len = 0;
719	unsigned int param_len = 0;
720	uint16 setup = TRANSACT2_GET_DFS_REFERRAL;
721	char *param;
722	char rparam=NULL, rdata=NULL;
723	char *p;
724	char *endp;
725	size_t pathlen = 2*(strlen(path)+1);
726	uint16 num_referrals;
727	CLIENT_DFS_REFERRAL *referrals = NULL;
728	bool ret = false;
729
730	*num_refs = 0;
731	*refs = NULL;
732
733	param = SMB_MALLOC_ARRAY(char, 2+pathlen+2);
734	if (!param) {
735	return false;
736	}
737	SSVAL(param, 0, 0x03); /* max referral level */
738	p = &param[2];
739
740	p += clistr_push(cli, p, path, pathlen, STR_TERMINATE);
741	param_len = PTR_DIFF(p, param);
742
743	if (!cli_send_trans(cli, SMBtrans2,
744	NULL, /* name */
745	-1, 0, /* fid, flags */
746	&setup, 1, 0, /* setup, length, max */
747	param, param_len, 2, /* param, length, max */
748	NULL, 0, cli->max_xmit /* data, length, max */
749	)) {
750	SAFE_FREE(param);
751	return false;
752	}
753
754	SAFE_FREE(param);
755
756	if (!cli_receive_trans(cli, SMBtrans2,
757	&rparam, &param_len,
758	&rdata, &data_len)) {
759	return false;
760	}
761
762	if (data_len < 4) {
763	goto out;
764	}
765
766	endp = rdata + data_len;
767
768	*consumed = SVAL(rdata, 0);
769	num_referrals = SVAL(rdata, 2);
770
771	if (num_referrals != 0) {
772	uint16 ref_version;
773	uint16 ref_size;
774	int i;
775	uint16 node_offset;
776
777	referrals = TALLOC_ARRAY(ctx, CLIENT_DFS_REFERRAL,
778	num_referrals);
779
780	if (!referrals) {
781	goto out;
782	}
783	/* start at the referrals array */
784
785	p = rdata+8;
786	for (i=0; i<num_referrals && p < endp; i++) {
787	if (p + 18 > endp) {
788	goto out;
789	}
790	ref_version = SVAL(p, 0);
791	ref_size = SVAL(p, 2);
792	node_offset = SVAL(p, 16);
793
794	if (ref_version != 3) {
795	p += ref_size;
796	continue;
797	}
798
799	referrals[i].proximity = SVAL(p, 8);
800	referrals[i].ttl = SVAL(p, 10);
801
802	if (p + node_offset > endp) {
803	goto out;
804	}
805	clistr_pull_talloc(ctx, cli, &referrals[i].dfspath,
806	p+node_offset, -1,
807	STR_TERMINATE\|STR_UNICODE );
808
809	if (!referrals[i].dfspath) {
810	goto out;
811	}
812	p += ref_size;
813	}
814	if (i < num_referrals) {
815	goto out;
816	}
817	}
818
819	ret = true;
820
821	*num_refs = num_referrals;
822	*refs = referrals;
823
824	out:
825
826	SAFE_FREE(rdata);
827	SAFE_FREE(rparam);
828	return ret;
829	}
830
831	/********************************************************************
832	********************************************************************/
833
834	bool cli_resolve_path(TALLOC_CTX *ctx,
835	const char *mountpt,
836	struct cli_state *rootcli,
837	const char *path,
838	struct cli_state **targetcli,
839	char **pp_targetpath)
840	{
841	CLIENT_DFS_REFERRAL *refs = NULL;
842	size_t num_refs = 0;
843	uint16 consumed;
844	struct cli_state *cli_ipc = NULL;
845	char *dfs_path = NULL;
846	char *cleanpath = NULL;
847	char *extrapath = NULL;
848	int pathlen;
849	char *server = NULL;
850	char *share = NULL;
851	struct cli_state *newcli = NULL;
852	char *newpath = NULL;
853	char *newmount = NULL;
854	char *ppath = NULL;
855	SMB_STRUCT_STAT sbuf;
856	uint32 attributes;
857
858	if ( !rootcli \|\| !path \|\| !targetcli ) {
859	return false;
860	}
861
862	/* Don't do anything if this is not a DFS root. */
863
864	if ( !rootcli->dfsroot) {
865	*targetcli = rootcli;
866	*pp_targetpath = talloc_strdup(ctx, path);
867	if (!*pp_targetpath) {
868	return false;
869	}
870	return true;
871	}
872
873	*targetcli = NULL;
874
875	/* Send a trans2_query_path_info to check for a referral. */
876
877	cleanpath = clean_path(ctx, path);
878	if (!cleanpath) {
879	return false;
880	}
881
882	dfs_path = cli_dfs_make_full_path(ctx, rootcli, cleanpath);
883	if (!dfs_path) {
884	return false;
885	}
886
887	if (cli_qpathinfo_basic( rootcli, dfs_path, &sbuf, &attributes)) {
888	/* This is an ordinary path, just return it. */
889	*targetcli = rootcli;
890	*pp_targetpath = talloc_strdup(ctx, path);
891	if (!*pp_targetpath) {
892	return false;
893	}
894	goto done;
895	}
896
897	/* Special case where client asked for a path that does not exist */
898
899	if (cli_dfs_check_error(rootcli, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
900	*targetcli = rootcli;
901	*pp_targetpath = talloc_strdup(ctx, path);
902	if (!*pp_targetpath) {
903	return false;
904	}
905	goto done;
906	}
907
908	/* We got an error, check for DFS referral. */
909
910	if (!cli_dfs_check_error(rootcli, NT_STATUS_PATH_NOT_COVERED)) {
911	return false;
912	}
913
914	/* Check for the referral. */
915
916	if (!(cli_ipc = cli_cm_open(ctx, rootcli,
917	rootcli->desthost,
918	"IPC$", false,
919	(rootcli->trans_enc_state != NULL)))) {
920	return false;
921	}
922
923	if (!cli_dfs_get_referral(ctx, cli_ipc, dfs_path, &refs,
924	&num_refs, &consumed) \|\| !num_refs) {
925	return false;
926	}
927
928	/* Just store the first referral for now. */
929
930	if (!refs[0].dfspath) {
931	return false;
932	}
933	split_dfs_path(ctx, refs[0].dfspath, &server, &share, &extrapath );
934
935	if (!server \|\| !share) {
936	return false;
937	}
938
939	/* Make sure to recreate the original string including any wildcards. */
940
941	dfs_path = cli_dfs_make_full_path(ctx, rootcli, path);
942	if (!dfs_path) {
943	return false;
944	}
945	pathlen = strlen(dfs_path)*2;
946	consumed = MIN(pathlen, consumed);
947	*pp_targetpath = talloc_strdup(ctx, &dfs_path[consumed/2]);
948	if (!*pp_targetpath) {
949	return false;
950	}
951	dfs_path[consumed/2] = '\0';
952
953	/*
954	* *pp_targetpath is now the unconsumed part of the path.
955	* dfs_path is now the consumed part of the path
956	* (in \server\share\path format).
957	*/
958
959	/* Open the connection to the target server & share */
960	if ((*targetcli = cli_cm_open(ctx, rootcli,
961	server,
962	share,
963	false,
964	(rootcli->trans_enc_state != NULL))) == NULL) {
965	d_printf("Unable to follow dfs referral [\\%s\\%s]\n",
966	server, share );
967	return false;
968	}
969
970	if (extrapath && strlen(extrapath) > 0) {
971	*pp_targetpath = talloc_asprintf(ctx,
972	"%s%s",
973	extrapath,
974	*pp_targetpath);
975	if (!*pp_targetpath) {
976	return false;
977	}
978	}
979
980	/* parse out the consumed mount path */
981	/* trim off the \server\share\ */
982
983	ppath = dfs_path;
984
985	if (*ppath != '\\') {
986	d_printf("cli_resolve_path: "
987	"dfs_path (%s) not in correct format.\n",
988	dfs_path );
989	return false;
990	}
991
992	ppath++; /* Now pointing at start of server name. */
993
994	if ((ppath = strchr_m( dfs_path, '\\' )) == NULL) {
995	return false;
996	}
997
998	ppath++; /* Now pointing at start of share name. */
999
1000	if ((ppath = strchr_m( ppath+1, '\\' )) == NULL) {
1001	return false;
1002	}
1003
1004	ppath++; /* Now pointing at path component. */
1005
1006	newmount = talloc_asprintf(ctx, "%s\\%s", mountpt, ppath );
1007	if (!newmount) {
1008	return false;
1009	}
1010
1011	cli_cm_set_mntpoint(*targetcli, newmount);
1012
1013	/* Check for another dfs referral, note that we are not
1014	checking for loops here. */
1015
1016	if (!strequal(pp_targetpath, "\\") && !strequal(pp_targetpath, "/")) {
1017	if (cli_resolve_path(ctx,
1018	newmount,
1019	*targetcli,
1020	*pp_targetpath,
1021	&newcli,
1022	&newpath)) {
1023	/*
1024	* When cli_resolve_path returns true here it's always
1025	* returning the complete path in newpath, so we're done
1026	* here.
1027	*/
1028	*targetcli = newcli;
1029	*pp_targetpath = newpath;
1030	return true;
1031	}
1032	}
1033
1034	done:
1035
1036	/* If returning true ensure we return a dfs root full path. */
1037	if ((*targetcli)->dfsroot) {
1038	dfs_path = talloc_strdup(ctx, *pp_targetpath);
1039	if (!dfs_path) {
1040	return false;
1041	}
1042	pp_targetpath = cli_dfs_make_full_path(ctx, targetcli, dfs_path);
1043	}
1044
1045	return true;
1046	}
1047
1048	/********************************************************************
1049	********************************************************************/
1050
1051	static bool cli_check_msdfs_proxy(TALLOC_CTX *ctx,
1052	struct cli_state *cli,
1053	const char *sharename,
1054	char **pp_newserver,
1055	char **pp_newshare,
1056	bool force_encrypt,
1057	const char *username,
1058	const char *password,
1059	const char *domain)
1060	{
1061	CLIENT_DFS_REFERRAL *refs = NULL;
1062	size_t num_refs = 0;
1063	uint16 consumed;
1064	char *fullpath = NULL;
1065	bool res;
1066	uint16 cnum;
1067	char *newextrapath = NULL;
1068
1069	if (!cli \|\| !sharename) {
1070	return false;
1071	}
1072
1073	cnum = cli->cnum;
1074
1075	/* special case. never check for a referral on the IPC$ share */
1076
1077	if (strequal(sharename, "IPC$")) {
1078	return false;
1079	}
1080
1081	/* send a trans2_query_path_info to check for a referral */
1082
1083	fullpath = talloc_asprintf(ctx, "\\%s\\%s", cli->desthost, sharename );
1084	if (!fullpath) {
1085	return false;
1086	}
1087
1088	/* check for the referral */
1089
1090	if (!cli_send_tconX(cli, "IPC$", "IPC", NULL, 0)) {
1091	return false;
1092	}
1093
1094	if (force_encrypt) {
1095	NTSTATUS status = cli_cm_force_encryption(cli,
1096	username,
1097	password,
1098	lp_workgroup(),
1099	"IPC$");
1100	if (!NT_STATUS_IS_OK(status)) {
1101	return false;
1102	}
1103	}
1104
1105	res = cli_dfs_get_referral(ctx, cli, fullpath, &refs, &num_refs, &consumed);
1106
1107	if (!cli_tdis(cli)) {
1108	return false;
1109	}
1110
1111	cli->cnum = cnum;
1112
1113	if (!res \|\| !num_refs) {
1114	return false;
1115	}
1116
1117	if (!refs[0].dfspath) {
1118	return false;
1119	}
1120
1121	split_dfs_path(ctx, refs[0].dfspath, pp_newserver,
1122	pp_newshare, &newextrapath );
1123
1124	if ((pp_newserver == NULL) \|\| (pp_newshare == NULL)) {
1125	return false;
1126	}
1127
1128	/* check that this is not a self-referral */
1129
1130	if (strequal(cli->desthost, *pp_newserver) &&
1131	strequal(sharename, *pp_newshare)) {
1132	return false;
1133	}
1134
1135	return true;
1136	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: