Context Navigation

source: branches/samba-3.3.x/source/libsmb/clidfs.c@ 435

Visit:

Last change on this file since 435 was 370, checked in by Herwig Bauernfeind, 16 years ago
Update Samba 3.3 to 3.3.10 (source)
File size: 27.7 KB

Line
1	/*
2	Unix SMB/CIFS implementation.
3	client connect/disconnect routines
4	Copyright (C) Andrew Tridgell 1994-1998
5	Copyright (C) Gerald (Jerry) Carter 2004
6	Copyright (C) Jeremy Allison 2007
7
8	This program is free software; you can redistribute it and/or modify
9	it under the terms of the GNU General Public License as published by
10	the Free Software Foundation; either version 3 of the License, or
11	(at your option) any later version.
12
13	This program is distributed in the hope that it will be useful,
14	but WITHOUT ANY WARRANTY; without even the implied warranty of
15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16	GNU General Public License for more details.
17
18	You should have received a copy of the GNU General Public License
19	along with this program. If not, see <http://www.gnu.org/licenses/>.
20	*/
21
22	#include "includes.h"
23
24	/********************************************************************
25	Important point.
26
27	DFS paths are always of the form \server\share\<pathname> (the \ characters
28	are not C escaped here).
29
30	- but if we're using POSIX paths then <pathname> may contain
31	'/' separators, not '\\' separators. So cope with '\\' or '/'
32	as a separator when looking at the pathname part.... JRA.
33	********************************************************************/
34
35	struct client_connection {
36	struct client_connection prev, next;
37	struct cli_state *cli;
38	char *mount;
39	};
40
41	/* global state....globals reek! */
42	int max_protocol = PROTOCOL_NT1;
43
44	static struct cm_cred_struct {
45	char *username;
46	char *password;
47	bool got_pass;
48	bool use_kerberos;
49	bool fallback_after_kerberos;
50	int signing_state;
51	} cm_creds;
52
53	static void cm_set_password(const char *newpass);
54
55	static int port;
56	static int name_type = 0x20;
57	static bool have_ip;
58	static struct sockaddr_storage dest_ss;
59
60	static struct client_connection *connections;
61
62	static bool cli_check_msdfs_proxy(TALLOC_CTX *ctx,
63	struct cli_state *cli,
64	const char *sharename,
65	char **pp_newserver,
66	char **pp_newshare,
67	bool force_encrypt,
68	const char *username,
69	const char *password,
70	const char *domain);
71
72	/********************************************************************
73	Ensure a connection is encrypted.
74	********************************************************************/
75
76	NTSTATUS cli_cm_force_encryption(struct cli_state *c,
77	const char *username,
78	const char *password,
79	const char *domain,
80	const char *sharename)
81	{
82	NTSTATUS status = cli_force_encryption(c,
83	username,
84	password,
85	domain);
86
87	if (NT_STATUS_EQUAL(status,NT_STATUS_NOT_SUPPORTED)) {
88	d_printf("Encryption required and "
89	"server that doesn't support "
90	"UNIX extensions - failing connect\n");
91	} else if (NT_STATUS_EQUAL(status,NT_STATUS_UNKNOWN_REVISION)) {
92	d_printf("Encryption required and "
93	"can't get UNIX CIFS extensions "
94	"version from server.\n");
95	} else if (NT_STATUS_EQUAL(status,NT_STATUS_UNSUPPORTED_COMPRESSION)) {
96	d_printf("Encryption required and "
97	"share %s doesn't support "
98	"encryption.\n", sharename);
99	} else if (!NT_STATUS_IS_OK(status)) {
100	d_printf("Encryption required and "
101	"setup failed with error %s.\n",
102	nt_errstr(status));
103	}
104
105	return status;
106	}
107
108	/********************************************************************
109	Return a connection to a server.
110	********************************************************************/
111
112	static struct cli_state do_connect(TALLOC_CTX ctx,
113	const char *server,
114	const char *share,
115	bool show_sessetup,
116	bool force_encrypt)
117	{
118	struct cli_state *c = NULL;
119	struct nmb_name called, calling;
120	const char *server_n;
121	struct sockaddr_storage ss;
122	char *servicename;
123	char *sharename;
124	char newserver, newshare;
125	const char *username;
126	const char *password;
127	NTSTATUS status;
128
129	/* make a copy so we don't modify the global string 'service' */
130	servicename = talloc_strdup(ctx,share);
131	if (!servicename) {
132	return NULL;
133	}
134	sharename = servicename;
135	if (*sharename == '\\') {
136	server = sharename+2;
137	sharename = strchr_m(server,'\\');
138	if (!sharename) {
139	return NULL;
140	}
141	*sharename = 0;
142	sharename++;
143	}
144
145	server_n = server;
146
147	zero_sockaddr(&ss);
148
149	make_nmb_name(&calling, global_myname(), 0x0);
150	make_nmb_name(&called , server, name_type);
151
152	again:
153	zero_sockaddr(&ss);
154	if (have_ip)
155	ss = dest_ss;
156
157	/* have to open a new connection */
158	if (!(c=cli_initialise()) \|\| (cli_set_port(c, port) != port)) {
159	d_printf("Connection to %s failed\n", server_n);
160	if (c) {
161	cli_shutdown(c);
162	}
163	return NULL;
164	}
165	status = cli_connect(c, server_n, &ss);
166	if (!NT_STATUS_IS_OK(status)) {
167	d_printf("Connection to %s failed (Error %s)\n",
168	server_n,
169	nt_errstr(status));
170	cli_shutdown(c);
171	return NULL;
172	}
173
174	c->protocol = max_protocol;
175	c->use_kerberos = cm_creds.use_kerberos;
176	c->fallback_after_kerberos = cm_creds.fallback_after_kerberos;
177	cli_setup_signing_state(c, cm_creds.signing_state);
178
179	if (!cli_session_request(c, &calling, &called)) {
180	char *p;
181	d_printf("session request to %s failed (%s)\n",
182	called.name, cli_errstr(c));
183	cli_shutdown(c);
184	c = NULL;
185	if ((p=strchr_m(called.name, '.'))) {
186	*p = 0;
187	goto again;
188	}
189	if (strcmp(called.name, "*SMBSERVER")) {
190	make_nmb_name(&called , "*SMBSERVER", 0x20);
191	goto again;
192	}
193	return NULL;
194	}
195
196	DEBUG(4,(" session request ok\n"));
197
198	if (!cli_negprot(c)) {
199	d_printf("protocol negotiation failed\n");
200	cli_shutdown(c);
201	return NULL;
202	}
203
204	if (!cm_creds.got_pass && !cm_creds.use_kerberos) {
205	char *label = NULL;
206	char *pass;
207	label = talloc_asprintf(ctx, "Enter %s's password: ",
208	cm_creds.username);
209	pass = getpass(label);
210	if (pass) {
211	cm_set_password(pass);
212	}
213	TALLOC_FREE(label);
214	}
215
216	username = cm_creds.username ? cm_creds.username : "";
217	password = cm_creds.password ? cm_creds.password : "";
218
219	if (!NT_STATUS_IS_OK(cli_session_setup(c, username,
220	password, strlen(password),
221	password, strlen(password),
222	lp_workgroup()))) {
223	/* If a password was not supplied then
224	* try again with a null username. */
225	if (password[0] \|\| !username[0] \|\| cm_creds.use_kerberos \|\|
226	!NT_STATUS_IS_OK(cli_session_setup(c, "",
227	"", 0,
228	"", 0,
229	lp_workgroup()))) {
230	d_printf("session setup failed: %s\n", cli_errstr(c));
231	if (NT_STATUS_V(cli_nt_error(c)) ==
232	NT_STATUS_V(NT_STATUS_MORE_PROCESSING_REQUIRED))
233	d_printf("did you forget to run kinit?\n");
234	cli_shutdown(c);
235	return NULL;
236	}
237	d_printf("Anonymous login successful\n");
238	cli_init_creds(c, "", lp_workgroup(), "");
239	} else {
240	cli_init_creds(c, username, lp_workgroup(), password);
241	}
242
243	if ( show_sessetup ) {
244	if (*c->server_domain) {
245	DEBUG(0,("Domain=[%s] OS=[%s] Server=[%s]\n",
246	c->server_domain,c->server_os,c->server_type));
247	} else if (c->server_os \|\| c->server_type) {
248	DEBUG(0,("OS=[%s] Server=[%s]\n",
249	c->server_os,c->server_type));
250	}
251	}
252	DEBUG(4,(" session setup ok\n"));
253
254	/* here's the fun part....to support 'msdfs proxy' shares
255	(on Samba or windows) we have to issues a TRANS_GET_DFS_REFERRAL
256	here before trying to connect to the original share.
257	check_dfs_proxy() will fail if it is a normal share. */
258
259	if ((c->capabilities & CAP_DFS) &&
260	cli_check_msdfs_proxy(ctx, c, sharename,
261	&newserver, &newshare,
262	force_encrypt,
263	username,
264	password,
265	lp_workgroup())) {
266	cli_shutdown(c);
267	return do_connect(ctx, newserver,
268	newshare, false, force_encrypt);
269	}
270
271	/* must be a normal share */
272
273	if (!cli_send_tconX(c, sharename, "?????",
274	password, strlen(password)+1)) {
275	d_printf("tree connect failed: %s\n", cli_errstr(c));
276	cli_shutdown(c);
277	return NULL;
278	}
279
280	if (force_encrypt) {
281	status = cli_cm_force_encryption(c,
282	username,
283	password,
284	lp_workgroup(),
285	sharename);
286	if (!NT_STATUS_IS_OK(status)) {
287	cli_shutdown(c);
288	return NULL;
289	}
290	}
291
292	DEBUG(4,(" tconx ok\n"));
293	return c;
294	}
295
296	/****************************************************************************
297	****************************************************************************/
298
299	static void cli_cm_set_mntpoint(struct cli_state c, const char mnt)
300	{
301	struct client_connection *p;
302	int i;
303
304	for (p=connections,i=0; p; p=p->next,i++) {
305	if (strequal(p->cli->desthost, c->desthost) &&
306	strequal(p->cli->share, c->share)) {
307	break;
308	}
309	}
310
311	if (p) {
312	char *name = clean_name(NULL, mnt);
313	if (!name) {
314	return;
315	}
316	TALLOC_FREE(p->mount);
317	p->mount = talloc_strdup(p, name);
318	TALLOC_FREE(name);
319	}
320	}
321
322	/****************************************************************************
323	****************************************************************************/
324
325	const char cli_cm_get_mntpoint(struct cli_state c)
326	{
327	struct client_connection *p;
328	int i;
329
330	for (p=connections,i=0; p; p=p->next,i++) {
331	if (strequal(p->cli->desthost, c->desthost) &&
332	strequal(p->cli->share, c->share)) {
333	break;
334	}
335	}
336
337	if (p) {
338	return p->mount;
339	}
340	return NULL;
341	}
342
343	/********************************************************************
344	Add a new connection to the list
345	********************************************************************/
346
347	static struct cli_state cli_cm_connect(TALLOC_CTX ctx,
348	struct cli_state *referring_cli,
349	const char *server,
350	const char *share,
351	bool show_hdr,
352	bool force_encrypt)
353	{
354	struct client_connection *node;
355
356	/* NB This must be the null context here... JRA. */
357	node = TALLOC_ZERO_ARRAY(NULL, struct client_connection, 1);
358	if (!node) {
359	return NULL;
360	}
361
362	node->cli = do_connect(ctx, server, share, show_hdr, force_encrypt);
363
364	if ( !node->cli ) {
365	TALLOC_FREE( node );
366	return NULL;
367	}
368
369	DLIST_ADD( connections, node );
370
371	cli_cm_set_mntpoint(node->cli, "");
372
373	if (referring_cli && referring_cli->posix_capabilities) {
374	uint16 major, minor;
375	uint32 caplow, caphigh;
376	if (cli_unix_extensions_version(node->cli, &major,
377	&minor, &caplow, &caphigh)) {
378	cli_set_unix_extensions_capabilities(node->cli,
379	major, minor,
380	caplow, caphigh);
381	}
382	}
383
384	return node->cli;
385	}
386
387	/********************************************************************
388	Return a connection to a server.
389	********************************************************************/
390
391	static struct cli_state cli_cm_find(const char server, const char *share)
392	{
393	struct client_connection *p;
394
395	for (p=connections; p; p=p->next) {
396	if ( strequal(server, p->cli->desthost) &&
397	strequal(share,p->cli->share)) {
398	return p->cli;
399	}
400	}
401
402	return NULL;
403	}
404
405	/****************************************************************************
406	Open a client connection to a \\server\share. Set's the current *cli
407	global variable as a side-effect (but only if the connection is successful).
408	****************************************************************************/
409
410	struct cli_state cli_cm_open(TALLOC_CTX ctx,
411	struct cli_state *referring_cli,
412	const char *server,
413	const char *share,
414	bool show_hdr,
415	bool force_encrypt)
416	{
417	struct cli_state *c;
418
419	/* try to reuse an existing connection */
420
421	c = cli_cm_find(server, share);
422	if (!c) {
423	c = cli_cm_connect(ctx, referring_cli,
424	server, share, show_hdr, force_encrypt);
425	}
426
427	return c;
428	}
429
430	/****************************************************************************
431	****************************************************************************/
432
433	void cli_cm_shutdown(void)
434	{
435	struct client_connection p, x;
436
437	for (p=connections; p;) {
438	cli_shutdown(p->cli);
439	x = p;
440	p = p->next;
441
442	TALLOC_FREE(x);
443	}
444
445	connections = NULL;
446	return;
447	}
448
449	/****************************************************************************
450	****************************************************************************/
451
452	void cli_cm_display(void)
453	{
454	struct client_connection *p;
455	int i;
456
457	for ( p=connections,i=0; p; p=p->next,i++ ) {
458	d_printf("%d:\tserver=%s, share=%s\n",
459	i, p->cli->desthost, p->cli->share );
460	}
461	}
462
463	/****************************************************************************
464	****************************************************************************/
465
466	static void cm_set_password(const char *newpass)
467	{
468	SAFE_FREE(cm_creds.password);
469	cm_creds.password = SMB_STRDUP(newpass);
470	if (cm_creds.password) {
471	cm_creds.got_pass = true;
472	}
473	}
474
475	/****************************************************************************
476	****************************************************************************/
477
478	void cli_cm_set_credentials(void)
479	{
480	SAFE_FREE(cm_creds.username);
481	cm_creds.username = SMB_STRDUP(get_cmdline_auth_info_username());
482
483	if (get_cmdline_auth_info_got_pass()) {
484	cm_set_password(get_cmdline_auth_info_password());
485	}
486
487	cm_creds.use_kerberos = get_cmdline_auth_info_use_kerberos();
488	cm_creds.fallback_after_kerberos = false;
489	cm_creds.signing_state = get_cmdline_auth_info_signing_state();
490	}
491
492	/****************************************************************************
493	****************************************************************************/
494
495	void cli_cm_set_port(int port_number)
496	{
497	port = port_number;
498	}
499
500	/****************************************************************************
501	****************************************************************************/
502
503	void cli_cm_set_dest_name_type(int type)
504	{
505	name_type = type;
506	}
507
508	/****************************************************************************
509	****************************************************************************/
510
511	void cli_cm_set_signing_state(int state)
512	{
513	cm_creds.signing_state = state;
514	}
515
516	/****************************************************************************
517	****************************************************************************/
518
519	void cli_cm_set_username(const char *username)
520	{
521	SAFE_FREE(cm_creds.username);
522	cm_creds.username = SMB_STRDUP(username);
523	}
524
525	/****************************************************************************
526	****************************************************************************/
527
528	void cli_cm_set_password(const char *newpass)
529	{
530	SAFE_FREE(cm_creds.password);
531	cm_creds.password = SMB_STRDUP(newpass);
532	if (cm_creds.password) {
533	cm_creds.got_pass = true;
534	}
535	}
536
537	/****************************************************************************
538	****************************************************************************/
539
540	void cli_cm_set_use_kerberos(void)
541	{
542	cm_creds.use_kerberos = true;
543	}
544
545	/****************************************************************************
546	****************************************************************************/
547
548	void cli_cm_set_fallback_after_kerberos(void)
549	{
550	cm_creds.fallback_after_kerberos = true;
551	}
552
553	/****************************************************************************
554	****************************************************************************/
555
556	void cli_cm_set_dest_ss(struct sockaddr_storage *pss)
557	{
558	dest_ss = *pss;
559	have_ip = true;
560	}
561
562	/**********************************************************************
563	split a dfs path into the server, share name, and extrapath components
564	**********************************************************************/
565
566	static void split_dfs_path(TALLOC_CTX *ctx,
567	const char *nodepath,
568	char **pp_server,
569	char **pp_share,
570	char **pp_extrapath)
571	{
572	char p, q;
573	char *path;
574
575	*pp_server = NULL;
576	*pp_share = NULL;
577	*pp_extrapath = NULL;
578
579	path = talloc_strdup(ctx, nodepath);
580	if (!path) {
581	return;
582	}
583
584	if ( path[0] != '\\' ) {
585	return;
586	}
587
588	p = strchr_m( path + 1, '\\' );
589	if ( !p ) {
590	return;
591	}
592
593	*p = '\0';
594	p++;
595
596	/* Look for any extra/deep path */
597	q = strchr_m(p, '\\');
598	if (q != NULL) {
599	*q = '\0';
600	q++;
601	*pp_extrapath = talloc_strdup(ctx, q);
602	} else {
603	*pp_extrapath = talloc_strdup(ctx, "");
604	}
605
606	*pp_share = talloc_strdup(ctx, p);
607	*pp_server = talloc_strdup(ctx, &path[1]);
608	}
609
610	/****************************************************************************
611	Return the original path truncated at the directory component before
612	the first wildcard character. Trust the caller to provide a NULL
613	terminated string
614	****************************************************************************/
615
616	static char clean_path(TALLOC_CTX ctx, const char *path)
617	{
618	size_t len;
619	char p1, p2, *p;
620	char *path_out;
621
622	/* No absolute paths. */
623	while (IS_DIRECTORY_SEP(*path)) {
624	path++;
625	}
626
627	path_out = talloc_strdup(ctx, path);
628	if (!path_out) {
629	return NULL;
630	}
631
632	p1 = strchr_m(path_out, '*');
633	p2 = strchr_m(path_out, '?');
634
635	if (p1 \|\| p2) {
636	if (p1 && p2) {
637	p = MIN(p1,p2);
638	} else if (!p1) {
639	p = p2;
640	} else {
641	p = p1;
642	}
643	*p = '\0';
644
645	/* Now go back to the start of this component. */
646	p1 = strrchr_m(path_out, '/');
647	p2 = strrchr_m(path_out, '\\');
648	p = MAX(p1,p2);
649	if (p) {
650	*p = '\0';
651	}
652	}
653
654	/* Strip any trailing separator */
655
656	len = strlen(path_out);
657	if ( (len > 0) && IS_DIRECTORY_SEP(path_out[len-1])) {
658	path_out[len-1] = '\0';
659	}
660
661	return path_out;
662	}
663
664	/****************************************************************************
665	****************************************************************************/
666
667	static char cli_dfs_make_full_path(TALLOC_CTX ctx,
668	struct cli_state *cli,
669	const char *dir)
670	{
671	char path_sep = '\\';
672
673	/* Ensure the extrapath doesn't start with a separator. */
674	while (IS_DIRECTORY_SEP(*dir)) {
675	dir++;
676	}
677
678	if (cli->posix_capabilities & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
679	path_sep = '/';
680	}
681	return talloc_asprintf(ctx, "%c%s%c%s%c%s",
682	path_sep,
683	cli->desthost,
684	path_sep,
685	cli->share,
686	path_sep,
687	dir);
688	}
689
690	/********************************************************************
691	check for dfs referral
692	********************************************************************/
693
694	static bool cli_dfs_check_error( struct cli_state *cli, NTSTATUS status )
695	{
696	uint32 flgs2 = SVAL(cli->inbuf,smb_flg2);
697
698	/* only deal with DS when we negotiated NT_STATUS codes and UNICODE */
699
700	if (!((flgs2&FLAGS2_32_BIT_ERROR_CODES) &&
701	(flgs2&FLAGS2_UNICODE_STRINGS)))
702	return false;
703
704	if (NT_STATUS_EQUAL(status, NT_STATUS(IVAL(cli->inbuf,smb_rcls))))
705	return true;
706
707	return false;
708	}
709
710	/********************************************************************
711	Get the dfs referral link.
712	********************************************************************/
713
714	bool cli_dfs_get_referral(TALLOC_CTX *ctx,
715	struct cli_state *cli,
716	const char *path,
717	CLIENT_DFS_REFERRAL**refs,
718	size_t *num_refs,
719	uint16 *consumed)
720	{
721	unsigned int data_len = 0;
722	unsigned int param_len = 0;
723	uint16 setup = TRANSACT2_GET_DFS_REFERRAL;
724	char *param;
725	char rparam=NULL, rdata=NULL;
726	char *p;
727	char *endp;
728	size_t pathlen = 2*(strlen(path)+1);
729	uint16 num_referrals;
730	CLIENT_DFS_REFERRAL *referrals = NULL;
731	bool ret = false;
732
733	*num_refs = 0;
734	*refs = NULL;
735
736	param = SMB_MALLOC_ARRAY(char, 2+pathlen+2);
737	if (!param) {
738	return false;
739	}
740	SSVAL(param, 0, 0x03); /* max referral level */
741	p = &param[2];
742
743	p += clistr_push(cli, p, path, pathlen, STR_TERMINATE);
744	param_len = PTR_DIFF(p, param);
745
746	if (!cli_send_trans(cli, SMBtrans2,
747	NULL, /* name */
748	-1, 0, /* fid, flags */
749	&setup, 1, 0, /* setup, length, max */
750	param, param_len, 2, /* param, length, max */
751	NULL, 0, cli->max_xmit /* data, length, max */
752	)) {
753	SAFE_FREE(param);
754	return false;
755	}
756
757	SAFE_FREE(param);
758
759	if (!cli_receive_trans(cli, SMBtrans2,
760	&rparam, &param_len,
761	&rdata, &data_len)) {
762	return false;
763	}
764
765	if (data_len < 4) {
766	goto out;
767	}
768
769	endp = rdata + data_len;
770
771	*consumed = SVAL(rdata, 0);
772	num_referrals = SVAL(rdata, 2);
773
774	if (num_referrals != 0) {
775	uint16 ref_version;
776	uint16 ref_size;
777	int i;
778	uint16 node_offset;
779
780	referrals = TALLOC_ARRAY(ctx, CLIENT_DFS_REFERRAL,
781	num_referrals);
782
783	if (!referrals) {
784	goto out;
785	}
786	/* start at the referrals array */
787
788	p = rdata+8;
789	for (i=0; i<num_referrals && p < endp; i++) {
790	if (p + 18 > endp) {
791	goto out;
792	}
793	ref_version = SVAL(p, 0);
794	ref_size = SVAL(p, 2);
795	node_offset = SVAL(p, 16);
796
797	if (ref_version != 3) {
798	p += ref_size;
799	continue;
800	}
801
802	referrals[i].proximity = SVAL(p, 8);
803	referrals[i].ttl = SVAL(p, 10);
804
805	if (p + node_offset > endp) {
806	goto out;
807	}
808	clistr_pull_talloc(ctx, cli, &referrals[i].dfspath,
809	p+node_offset, -1,
810	STR_TERMINATE\|STR_UNICODE );
811
812	if (!referrals[i].dfspath) {
813	goto out;
814	}
815	p += ref_size;
816	}
817	if (i < num_referrals) {
818	goto out;
819	}
820	}
821
822	ret = true;
823
824	*num_refs = num_referrals;
825	*refs = referrals;
826
827	out:
828
829	SAFE_FREE(rdata);
830	SAFE_FREE(rparam);
831	return ret;
832	}
833
834	/********************************************************************
835	********************************************************************/
836
837	bool cli_resolve_path(TALLOC_CTX *ctx,
838	const char *mountpt,
839	struct cli_state *rootcli,
840	const char *path,
841	struct cli_state **targetcli,
842	char **pp_targetpath)
843	{
844	CLIENT_DFS_REFERRAL *refs = NULL;
845	size_t num_refs = 0;
846	uint16 consumed;
847	struct cli_state *cli_ipc = NULL;
848	char *dfs_path = NULL;
849	char *cleanpath = NULL;
850	char *extrapath = NULL;
851	int pathlen;
852	char *server = NULL;
853	char *share = NULL;
854	struct cli_state *newcli = NULL;
855	char *newpath = NULL;
856	char *newmount = NULL;
857	char *ppath = NULL;
858	SMB_STRUCT_STAT sbuf;
859	uint32 attributes;
860
861	if ( !rootcli \|\| !path \|\| !targetcli ) {
862	return false;
863	}
864
865	/* Don't do anything if this is not a DFS root. */
866
867	if ( !rootcli->dfsroot) {
868	*targetcli = rootcli;
869	*pp_targetpath = talloc_strdup(ctx, path);
870	if (!*pp_targetpath) {
871	return false;
872	}
873	return true;
874	}
875
876	*targetcli = NULL;
877
878	/* Send a trans2_query_path_info to check for a referral. */
879
880	cleanpath = clean_path(ctx, path);
881	if (!cleanpath) {
882	return false;
883	}
884
885	dfs_path = cli_dfs_make_full_path(ctx, rootcli, cleanpath);
886	if (!dfs_path) {
887	return false;
888	}
889
890	if (cli_qpathinfo_basic( rootcli, dfs_path, &sbuf, &attributes)) {
891	/* This is an ordinary path, just return it. */
892	*targetcli = rootcli;
893	*pp_targetpath = talloc_strdup(ctx, path);
894	if (!*pp_targetpath) {
895	return false;
896	}
897	goto done;
898	}
899
900	/* Special case where client asked for a path that does not exist */
901
902	if (cli_dfs_check_error(rootcli, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
903	*targetcli = rootcli;
904	*pp_targetpath = talloc_strdup(ctx, path);
905	if (!*pp_targetpath) {
906	return false;
907	}
908	goto done;
909	}
910
911	/* We got an error, check for DFS referral. */
912
913	if (!cli_dfs_check_error(rootcli, NT_STATUS_PATH_NOT_COVERED)) {
914	return false;
915	}
916
917	/* Check for the referral. */
918
919	if (!(cli_ipc = cli_cm_open(ctx, rootcli,
920	rootcli->desthost,
921	"IPC$", false,
922	(rootcli->trans_enc_state != NULL)))) {
923	return false;
924	}
925
926	if (!cli_dfs_get_referral(ctx, cli_ipc, dfs_path, &refs,
927	&num_refs, &consumed) \|\| !num_refs) {
928	return false;
929	}
930
931	/* Just store the first referral for now. */
932
933	if (!refs[0].dfspath) {
934	return false;
935	}
936	split_dfs_path(ctx, refs[0].dfspath, &server, &share, &extrapath );
937
938	if (!server \|\| !share) {
939	return false;
940	}
941
942	/* Make sure to recreate the original string including any wildcards. */
943
944	dfs_path = cli_dfs_make_full_path(ctx, rootcli, path);
945	if (!dfs_path) {
946	return false;
947	}
948	pathlen = strlen(dfs_path)*2;
949	consumed = MIN(pathlen, consumed);
950	*pp_targetpath = talloc_strdup(ctx, &dfs_path[consumed/2]);
951	if (!*pp_targetpath) {
952	return false;
953	}
954	dfs_path[consumed/2] = '\0';
955
956	/*
957	* *pp_targetpath is now the unconsumed part of the path.
958	* dfs_path is now the consumed part of the path
959	* (in \server\share\path format).
960	*/
961
962	/* Open the connection to the target server & share */
963	if ((*targetcli = cli_cm_open(ctx, rootcli,
964	server,
965	share,
966	false,
967	(rootcli->trans_enc_state != NULL))) == NULL) {
968	d_printf("Unable to follow dfs referral [\\%s\\%s]\n",
969	server, share );
970	return false;
971	}
972
973	if (extrapath && strlen(extrapath) > 0) {
974	*pp_targetpath = talloc_asprintf(ctx,
975	"%s%s",
976	extrapath,
977	*pp_targetpath);
978	if (!*pp_targetpath) {
979	return false;
980	}
981	}
982
983	/* parse out the consumed mount path */
984	/* trim off the \server\share\ */
985
986	ppath = dfs_path;
987
988	if (*ppath != '\\') {
989	d_printf("cli_resolve_path: "
990	"dfs_path (%s) not in correct format.\n",
991	dfs_path );
992	return false;
993	}
994
995	ppath++; /* Now pointing at start of server name. */
996
997	if ((ppath = strchr_m( dfs_path, '\\' )) == NULL) {
998	return false;
999	}
1000
1001	ppath++; /* Now pointing at start of share name. */
1002
1003	if ((ppath = strchr_m( ppath+1, '\\' )) == NULL) {
1004	return false;
1005	}
1006
1007	ppath++; /* Now pointing at path component. */
1008
1009	newmount = talloc_asprintf(ctx, "%s\\%s", mountpt, ppath );
1010	if (!newmount) {
1011	return false;
1012	}
1013
1014	cli_cm_set_mntpoint(*targetcli, newmount);
1015
1016	/* Check for another dfs referral, note that we are not
1017	checking for loops here. */
1018
1019	if (!strequal(pp_targetpath, "\\") && !strequal(pp_targetpath, "/")) {
1020	if (cli_resolve_path(ctx,
1021	newmount,
1022	*targetcli,
1023	*pp_targetpath,
1024	&newcli,
1025	&newpath)) {
1026	/*
1027	* When cli_resolve_path returns true here it's always
1028	* returning the complete path in newpath, so we're done
1029	* here.
1030	*/
1031	*targetcli = newcli;
1032	*pp_targetpath = newpath;
1033	return true;
1034	}
1035	}
1036
1037	done:
1038
1039	/* If returning true ensure we return a dfs root full path. */
1040	if ((*targetcli)->dfsroot) {
1041	dfs_path = talloc_strdup(ctx, *pp_targetpath);
1042	if (!dfs_path) {
1043	return false;
1044	}
1045	pp_targetpath = cli_dfs_make_full_path(ctx, targetcli, dfs_path);
1046	}
1047
1048	return true;
1049	}
1050
1051	/********************************************************************
1052	********************************************************************/
1053
1054	static bool cli_check_msdfs_proxy(TALLOC_CTX *ctx,
1055	struct cli_state *cli,
1056	const char *sharename,
1057	char **pp_newserver,
1058	char **pp_newshare,
1059	bool force_encrypt,
1060	const char *username,
1061	const char *password,
1062	const char *domain)
1063	{
1064	CLIENT_DFS_REFERRAL *refs = NULL;
1065	size_t num_refs = 0;
1066	uint16 consumed;
1067	char *fullpath = NULL;
1068	bool res;
1069	uint16 cnum;
1070	char *newextrapath = NULL;
1071
1072	if (!cli \|\| !sharename) {
1073	return false;
1074	}
1075
1076	cnum = cli->cnum;
1077
1078	/* special case. never check for a referral on the IPC$ share */
1079
1080	if (strequal(sharename, "IPC$")) {
1081	return false;
1082	}
1083
1084	/* send a trans2_query_path_info to check for a referral */
1085
1086	fullpath = talloc_asprintf(ctx, "\\%s\\%s", cli->desthost, sharename );
1087	if (!fullpath) {
1088	return false;
1089	}
1090
1091	/* check for the referral */
1092
1093	if (!cli_send_tconX(cli, "IPC$", "IPC", NULL, 0)) {
1094	return false;
1095	}
1096
1097	if (force_encrypt) {
1098	NTSTATUS status = cli_cm_force_encryption(cli,
1099	username,
1100	password,
1101	lp_workgroup(),
1102	"IPC$");
1103	if (!NT_STATUS_IS_OK(status)) {
1104	return false;
1105	}
1106	}
1107
1108	res = cli_dfs_get_referral(ctx, cli, fullpath, &refs, &num_refs, &consumed);
1109
1110	if (!cli_tdis(cli)) {
1111	return false;
1112	}
1113
1114	cli->cnum = cnum;
1115
1116	if (!res \|\| !num_refs) {
1117	return false;
1118	}
1119
1120	if (!refs[0].dfspath) {
1121	return false;
1122	}
1123
1124	split_dfs_path(ctx, refs[0].dfspath, pp_newserver,
1125	pp_newshare, &newextrapath );
1126
1127	if ((pp_newserver == NULL) \|\| (pp_newshare == NULL)) {
1128	return false;
1129	}
1130
1131	/* check that this is not a self-referral */
1132
1133	if (strequal(cli->desthost, *pp_newserver) &&
1134	strequal(sharename, *pp_newshare)) {
1135	return false;
1136	}
1137
1138	return true;
1139	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: