2005-11-12 02:12:51 +00:00
/*
Unix SMB / CIFS implementation .
SMB2 composite connection setup
Copyright ( C ) Andrew Tridgell 2005
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-10 02:07:03 +00:00
the Free Software Foundation ; either version 3 of the License , or
2005-11-12 02:12:51 +00:00
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
2007-07-10 02:07:03 +00:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2005-11-12 02:12:51 +00:00
*/
# include "includes.h"
2011-04-27 08:57:41 +02:00
# include <tevent.h>
# include "lib/util/tevent_ntstatus.h"
2005-11-12 02:12:51 +00:00
# include "libcli/raw/libcliraw.h"
2008-04-02 04:53:27 +02:00
# include "libcli/raw/raw_proto.h"
2005-11-12 02:12:51 +00:00
# include "libcli/smb2/smb2.h"
# include "libcli/smb2/smb2_calls.h"
# include "libcli/composite/composite.h"
2006-03-07 11:07:23 +00:00
# include "libcli/resolve/resolve.h"
2007-09-08 12:42:09 +00:00
# include "param/param.h"
2011-11-30 08:50:11 +01:00
# include "auth/credentials/credentials.h"
2011-09-20 20:59:45 +02:00
# include "../libcli/smb/smbXcli_base.h"
2020-07-24 10:18:52 +02:00
# include "smb2_constants.h"
2005-11-12 02:12:51 +00:00
struct smb2_connect_state {
2011-04-27 08:57:41 +02:00
struct tevent_context * ev ;
2005-11-12 02:12:51 +00:00
struct cli_credentials * credentials ;
2018-07-18 23:52:30 +02:00
bool fallback_to_anonymous ;
2012-02-26 01:43:50 +01:00
uint64_t previous_session_id ;
2008-01-02 18:39:01 -06:00
struct resolve_context * resolve_ctx ;
2005-11-12 02:12:51 +00:00
const char * host ;
const char * share ;
2014-09-29 10:50:18 +02:00
const char * unc ;
2008-11-01 22:42:09 +01:00
const char * * ports ;
const char * socket_options ;
2011-11-30 08:50:11 +01:00
struct nbt_name calling , called ;
2008-11-02 16:20:00 +01:00
struct gensec_settings * gensec_settings ;
2008-05-30 17:03:54 +10:00
struct smbcli_options options ;
2011-09-20 20:59:45 +02:00
struct smb2_transport * transport ;
2005-11-12 02:12:51 +00:00
struct smb2_session * session ;
struct smb2_tree * tree ;
} ;
2018-07-18 16:43:32 +02:00
static void smb2_connect_session_start ( struct tevent_req * req ) ;
2011-11-30 08:50:11 +01:00
static void smb2_connect_socket_done ( struct composite_context * creq ) ;
2005-11-12 02:12:51 +00:00
/*
a composite function that does a full negprot / sesssetup / tcon , returning
a connected smb2_tree
*/
2011-04-27 08:57:41 +02:00
struct tevent_req * smb2_connect_send ( TALLOC_CTX * mem_ctx ,
struct tevent_context * ev ,
const char * host ,
const char * * ports ,
const char * share ,
struct resolve_context * resolve_ctx ,
struct cli_credentials * credentials ,
2018-07-18 23:52:30 +02:00
bool fallback_to_anonymous ,
2018-07-18 16:44:16 +02:00
struct smbXcli_conn * * existing_conn ,
2012-02-26 01:43:50 +01:00
uint64_t previous_session_id ,
2013-09-25 07:16:39 +02:00
const struct smbcli_options * options ,
2011-04-27 08:57:41 +02:00
const char * socket_options ,
struct gensec_settings * gensec_settings )
2005-11-12 02:12:51 +00:00
{
2011-04-27 08:57:41 +02:00
struct tevent_req * req ;
2005-11-12 02:12:51 +00:00
struct smb2_connect_state * state ;
2005-11-18 23:15:32 +00:00
struct composite_context * creq ;
2011-11-30 08:50:11 +01:00
static const char * default_ports [ ] = { " 445 " , " 139 " , NULL } ;
2020-07-24 10:18:52 +02:00
enum smb_encryption_setting encryption_state =
cli_credentials_get_smb_encryption ( credentials ) ;
2005-11-12 02:12:51 +00:00
2011-04-27 08:57:41 +02:00
req = tevent_req_create ( mem_ctx , & state ,
struct smb2_connect_state ) ;
if ( req = = NULL ) {
return NULL ;
}
2005-11-12 02:12:51 +00:00
2011-04-27 08:57:41 +02:00
state - > ev = ev ;
2005-11-12 02:12:51 +00:00
state - > credentials = credentials ;
2018-07-18 23:52:30 +02:00
state - > fallback_to_anonymous = fallback_to_anonymous ;
2012-02-26 01:43:50 +01:00
state - > previous_session_id = previous_session_id ;
2008-05-30 17:03:54 +10:00
state - > options = * options ;
2011-04-27 08:57:41 +02:00
state - > host = host ;
state - > ports = ports ;
state - > share = share ;
state - > resolve_ctx = resolve_ctx ;
state - > socket_options = socket_options ;
state - > gensec_settings = gensec_settings ;
2005-11-12 02:12:51 +00:00
2011-11-30 08:50:11 +01:00
if ( state - > ports = = NULL ) {
state - > ports = default_ports ;
2011-04-27 08:57:41 +02:00
}
2005-11-12 02:12:51 +00:00
2020-07-24 10:18:52 +02:00
if ( encryption_state > = SMB_ENCRYPTION_DESIRED ) {
state - > options . signing = SMB_SIGNING_REQUIRED ;
}
2011-11-30 08:50:11 +01:00
make_nbt_name_client ( & state - > calling ,
cli_credentials_get_workstation ( credentials ) ) ;
2011-04-28 16:06:05 +02:00
2011-11-30 08:50:11 +01:00
nbt_choose_called_name ( state , & state - > called ,
host , NBT_NAME_SERVER ) ;
2011-04-28 16:04:19 +02:00
2014-09-29 10:50:18 +02:00
state - > unc = talloc_asprintf ( state , " \\ \\ %s \\ %s " ,
state - > host , state - > share ) ;
if ( tevent_req_nomem ( state - > unc , req ) ) {
return tevent_req_post ( req , ev ) ;
}
2018-07-18 16:44:16 +02:00
if ( existing_conn ! = NULL ) {
NTSTATUS status ;
status = smb2_transport_raw_init ( state , ev ,
existing_conn ,
2020-07-24 10:18:52 +02:00
& state - > options ,
2018-07-18 16:44:16 +02:00
& state - > transport ) ;
if ( tevent_req_nterror ( req , status ) ) {
return tevent_req_post ( req , ev ) ;
}
smb2_connect_session_start ( req ) ;
if ( ! tevent_req_is_in_progress ( req ) ) {
return tevent_req_post ( req , ev ) ;
}
return req ;
}
2011-11-30 08:50:11 +01:00
creq = smbcli_sock_connect_send ( state , NULL , state - > ports ,
2011-04-28 16:04:19 +02:00
state - > host , state - > resolve_ctx ,
2011-11-30 08:50:11 +01:00
state - > ev , state - > socket_options ,
& state - > calling ,
& state - > called ) ;
2011-04-28 16:04:19 +02:00
if ( tevent_req_nomem ( creq , req ) ) {
2011-11-30 08:50:11 +01:00
return tevent_req_post ( req , ev ) ;
2011-04-28 16:04:19 +02:00
}
creq - > async . fn = smb2_connect_socket_done ;
creq - > async . private_data = req ;
2011-11-30 08:50:11 +01:00
return req ;
2011-04-28 16:04:19 +02:00
}
2011-09-20 20:59:45 +02:00
static void smb2_connect_negprot_done ( struct tevent_req * subreq ) ;
2011-04-28 16:07:49 +02:00
2011-04-28 16:06:05 +02:00
static void smb2_connect_socket_done ( struct composite_context * creq )
{
struct tevent_req * req =
talloc_get_type_abort ( creq - > async . private_data ,
struct tevent_req ) ;
struct smb2_connect_state * state =
tevent_req_data ( req ,
struct smb2_connect_state ) ;
struct smbcli_socket * sock ;
2011-09-20 20:59:45 +02:00
struct tevent_req * subreq ;
2011-04-28 16:06:05 +02:00
NTSTATUS status ;
2011-09-20 20:59:45 +02:00
uint32_t timeout_msec ;
2016-02-27 04:14:39 +01:00
enum protocol_types min_protocol ;
2011-04-28 16:06:05 +02:00
status = smbcli_sock_connect_recv ( creq , state , & sock ) ;
if ( tevent_req_nterror ( req , status ) ) {
return ;
}
2011-09-20 20:59:45 +02:00
state - > transport = smb2_transport_init ( sock , state , & state - > options ) ;
if ( tevent_req_nomem ( state - > transport , req ) ) {
2011-04-28 16:06:05 +02:00
return ;
}
2011-09-20 20:59:45 +02:00
timeout_msec = state - > transport - > options . request_timeout * 1000 ;
2016-02-27 04:14:39 +01:00
min_protocol = state - > transport - > options . min_protocol ;
if ( min_protocol < PROTOCOL_SMB2_02 ) {
min_protocol = PROTOCOL_SMB2_02 ;
}
2011-04-28 16:06:05 +02:00
2011-09-20 20:59:45 +02:00
subreq = smbXcli_negprot_send ( state , state - > ev ,
state - > transport - > conn , timeout_msec ,
2016-02-27 04:14:39 +01:00
min_protocol ,
2017-02-27 16:14:39 +01:00
state - > transport - > options . max_protocol ,
2022-08-25 09:54:52 +02:00
state - > transport - > options . max_credits ,
NULL ) ;
2011-09-20 20:59:45 +02:00
if ( tevent_req_nomem ( subreq , req ) ) {
2011-04-28 16:06:05 +02:00
return ;
}
2011-09-20 20:59:45 +02:00
tevent_req_set_callback ( subreq , smb2_connect_negprot_done , req ) ;
2011-04-28 16:06:05 +02:00
}
2011-04-27 18:24:01 +02:00
static void smb2_connect_session_done ( struct tevent_req * subreq ) ;
2011-04-28 16:09:35 +02:00
2011-09-20 20:59:45 +02:00
static void smb2_connect_negprot_done ( struct tevent_req * subreq )
2011-04-28 16:07:49 +02:00
{
struct tevent_req * req =
2011-09-20 20:59:45 +02:00
tevent_req_callback_data ( subreq ,
2011-04-28 16:07:49 +02:00
struct tevent_req ) ;
NTSTATUS status ;
2022-08-25 09:54:52 +02:00
status = smbXcli_negprot_recv ( subreq , NULL , NULL ) ;
2011-09-20 20:59:45 +02:00
TALLOC_FREE ( subreq ) ;
2011-04-28 16:07:49 +02:00
if ( tevent_req_nterror ( req , status ) ) {
return ;
}
2018-07-18 16:43:32 +02:00
smb2_connect_session_start ( req ) ;
}
static void smb2_connect_session_start ( struct tevent_req * req )
{
struct smb2_connect_state * state =
tevent_req_data ( req ,
struct smb2_connect_state ) ;
struct smb2_transport * transport = state - > transport ;
struct tevent_req * subreq = NULL ;
2014-07-10 08:21:22 +02:00
state - > session = smb2_session_init ( transport , state - > gensec_settings , state ) ;
2011-04-28 16:07:49 +02:00
if ( tevent_req_nomem ( state - > session , req ) ) {
return ;
}
2020-07-01 18:27:40 +02:00
if ( state - > options . only_negprot ) {
state - > tree = smb2_tree_init ( state - > session , state , true ) ;
if ( tevent_req_nomem ( state - > tree , req ) ) {
return ;
}
tevent_req_done ( req ) ;
return ;
}
2011-04-27 18:24:01 +02:00
subreq = smb2_session_setup_spnego_send ( state , state - > ev ,
state - > session ,
2012-02-25 22:32:03 +01:00
state - > credentials ,
2012-02-26 01:43:50 +01:00
state - > previous_session_id ) ;
2011-04-27 18:24:01 +02:00
if ( tevent_req_nomem ( subreq , req ) ) {
2011-04-28 16:07:49 +02:00
return ;
}
2011-04-27 18:24:01 +02:00
tevent_req_set_callback ( subreq , smb2_connect_session_done , req ) ;
2011-04-28 16:07:49 +02:00
}
2020-07-07 12:44:26 +02:00
static void smb2_connect_enc_start ( struct tevent_req * req ) ;
2020-07-07 12:29:39 +02:00
static void smb2_connect_tcon_start ( struct tevent_req * req ) ;
2014-09-29 10:50:18 +02:00
static void smb2_connect_tcon_done ( struct tevent_req * subreq ) ;
2011-04-28 16:11:50 +02:00
2011-04-27 18:24:01 +02:00
static void smb2_connect_session_done ( struct tevent_req * subreq )
2011-04-28 16:09:35 +02:00
{
struct tevent_req * req =
2011-04-27 18:24:01 +02:00
tevent_req_callback_data ( subreq ,
2011-04-28 16:09:35 +02:00
struct tevent_req ) ;
struct smb2_connect_state * state =
tevent_req_data ( req ,
struct smb2_connect_state ) ;
NTSTATUS status ;
2011-04-27 18:24:01 +02:00
status = smb2_session_setup_spnego_recv ( subreq ) ;
TALLOC_FREE ( subreq ) ;
2018-07-18 23:52:30 +02:00
if ( ! NT_STATUS_IS_OK ( status ) & &
! cli_credentials_is_anonymous ( state - > credentials ) & &
state - > fallback_to_anonymous ) {
struct cli_credentials * anon_creds = NULL ;
/*
* The transport was moved to session ,
* we need to revert that before removing
* the old broken session .
*/
state - > transport = talloc_move ( state , & state - > session - > transport ) ;
TALLOC_FREE ( state - > session ) ;
anon_creds = cli_credentials_init_anon ( state ) ;
if ( tevent_req_nomem ( anon_creds , req ) ) {
return ;
}
cli_credentials_set_workstation ( anon_creds ,
cli_credentials_get_workstation ( state - > credentials ) ,
CRED_SPECIFIED ) ;
/*
* retry with anonymous credentials
*/
state - > credentials = anon_creds ;
smb2_connect_session_start ( req ) ;
return ;
}
2011-04-28 16:09:35 +02:00
if ( tevent_req_nterror ( req , status ) ) {
return ;
}
2014-09-29 10:50:18 +02:00
state - > tree = smb2_tree_init ( state - > session , state , true ) ;
if ( tevent_req_nomem ( state - > tree , req ) ) {
2011-04-28 16:09:35 +02:00
return ;
}
2020-07-07 12:44:26 +02:00
smb2_connect_enc_start ( req ) ;
}
static void smb2_connect_enc_start ( struct tevent_req * req )
{
struct smb2_connect_state * state =
tevent_req_data ( req ,
struct smb2_connect_state ) ;
enum smb_encryption_setting encryption_state =
cli_credentials_get_smb_encryption ( state - > credentials ) ;
NTSTATUS status ;
if ( encryption_state < SMB_ENCRYPTION_DESIRED ) {
smb2_connect_tcon_start ( req ) ;
return ;
}
status = smb2cli_session_encryption_on ( state - > session - > smbXcli ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
if ( NT_STATUS_EQUAL ( status , NT_STATUS_NOT_SUPPORTED ) ) {
if ( encryption_state < SMB_ENCRYPTION_REQUIRED ) {
smb2_connect_tcon_start ( req ) ;
return ;
}
DBG_ERR ( " Encryption required and server doesn't support "
" SMB3 encryption - failing connect \n " ) ;
tevent_req_nterror ( req , status ) ;
return ;
}
DBG_ERR ( " Encryption required and setup failed with error %s. \n " ,
nt_errstr ( status ) ) ;
tevent_req_nterror ( req , NT_STATUS_PROTOCOL_NOT_SUPPORTED ) ;
return ;
}
2020-07-07 12:29:39 +02:00
smb2_connect_tcon_start ( req ) ;
}
static void smb2_connect_tcon_start ( struct tevent_req * req )
{
struct smb2_connect_state * state =
tevent_req_data ( req ,
struct smb2_connect_state ) ;
struct tevent_req * subreq = NULL ;
uint32_t timeout_msec ;
2014-09-29 10:50:18 +02:00
timeout_msec = state - > transport - > options . request_timeout * 1000 ;
subreq = smb2cli_tcon_send ( state , state - > ev ,
state - > transport - > conn ,
timeout_msec ,
state - > session - > smbXcli ,
state - > tree - > smbXcli ,
0 , /* flags */
state - > unc ) ;
if ( tevent_req_nomem ( subreq , req ) ) {
2011-04-28 16:09:35 +02:00
return ;
}
2014-09-29 10:50:18 +02:00
tevent_req_set_callback ( subreq , smb2_connect_tcon_done , req ) ;
2011-04-28 16:09:35 +02:00
}
2014-09-29 10:50:18 +02:00
static void smb2_connect_tcon_done ( struct tevent_req * subreq )
2011-04-28 16:11:50 +02:00
{
struct tevent_req * req =
2014-09-29 10:50:18 +02:00
tevent_req_callback_data ( subreq ,
2011-04-28 16:11:50 +02:00
struct tevent_req ) ;
NTSTATUS status ;
2014-09-29 10:50:18 +02:00
status = smb2cli_tcon_recv ( subreq ) ;
2011-04-28 16:11:50 +02:00
if ( tevent_req_nterror ( req , status ) ) {
return ;
}
tevent_req_done ( req ) ;
}
2011-04-27 08:57:41 +02:00
NTSTATUS smb2_connect_recv ( struct tevent_req * req ,
TALLOC_CTX * mem_ctx ,
2005-11-12 02:12:51 +00:00
struct smb2_tree * * tree )
{
2011-04-27 08:57:41 +02:00
struct smb2_connect_state * state =
tevent_req_data ( req ,
struct smb2_connect_state ) ;
2005-11-12 02:12:51 +00:00
NTSTATUS status ;
2011-04-27 08:57:41 +02:00
if ( tevent_req_is_nterror ( req , & status ) ) {
tevent_req_received ( req ) ;
return status ;
2005-11-12 02:12:51 +00:00
}
2011-04-27 08:57:41 +02:00
* tree = talloc_move ( mem_ctx , & state - > tree ) ;
tevent_req_received ( req ) ;
return NT_STATUS_OK ;
2005-11-12 02:12:51 +00:00
}
/*
sync version of smb2_connect
*/
2012-02-26 01:45:00 +01:00
NTSTATUS smb2_connect_ext ( TALLOC_CTX * mem_ctx ,
const char * host ,
const char * * ports ,
const char * share ,
struct resolve_context * resolve_ctx ,
struct cli_credentials * credentials ,
2023-08-07 12:22:43 +02:00
struct smbXcli_conn * * existing_conn ,
2012-02-26 01:45:00 +01:00
uint64_t previous_session_id ,
struct smb2_tree * * tree ,
struct tevent_context * ev ,
2013-09-25 07:16:39 +02:00
const struct smbcli_options * options ,
2012-02-26 01:45:00 +01:00
const char * socket_options ,
struct gensec_settings * gensec_settings )
2005-11-12 02:12:51 +00:00
{
2011-04-27 08:57:41 +02:00
struct tevent_req * subreq ;
NTSTATUS status ;
bool ok ;
TALLOC_CTX * frame = talloc_stackframe ( ) ;
if ( frame = = NULL ) {
return NT_STATUS_NO_MEMORY ;
}
subreq = smb2_connect_send ( frame ,
ev ,
host ,
ports ,
share ,
resolve_ctx ,
credentials ,
2018-07-18 23:52:30 +02:00
false , /* fallback_to_anonymous */
2023-08-07 12:22:43 +02:00
existing_conn ,
2012-02-26 01:45:00 +01:00
previous_session_id ,
2011-04-27 08:57:41 +02:00
options ,
socket_options ,
gensec_settings ) ;
if ( subreq = = NULL ) {
TALLOC_FREE ( frame ) ;
return NT_STATUS_NO_MEMORY ;
}
ok = tevent_req_poll ( subreq , ev ) ;
if ( ! ok ) {
2011-06-20 14:55:32 +10:00
status = map_nt_error_from_unix_common ( errno ) ;
2011-04-27 08:57:41 +02:00
TALLOC_FREE ( frame ) ;
return status ;
}
status = smb2_connect_recv ( subreq , mem_ctx , tree ) ;
TALLOC_FREE ( subreq ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
TALLOC_FREE ( frame ) ;
return status ;
}
TALLOC_FREE ( frame ) ;
return NT_STATUS_OK ;
2005-11-12 02:12:51 +00:00
}
2012-02-26 01:45:00 +01:00
NTSTATUS smb2_connect ( TALLOC_CTX * mem_ctx ,
const char * host ,
const char * * ports ,
const char * share ,
struct resolve_context * resolve_ctx ,
struct cli_credentials * credentials ,
struct smb2_tree * * tree ,
struct tevent_context * ev ,
2020-07-03 11:54:42 +02:00
const struct smbcli_options * options ,
2012-02-26 01:45:00 +01:00
const char * socket_options ,
struct gensec_settings * gensec_settings )
{
NTSTATUS status ;
status = smb2_connect_ext ( mem_ctx , host , ports , share , resolve_ctx ,
credentials ,
2023-08-07 12:22:43 +02:00
NULL , /* existing_conn */
2012-02-26 01:45:00 +01:00
0 , /* previous_session_id */
tree , ev , options , socket_options ,
gensec_settings ) ;
return status ;
}