1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
This commit is contained in:
Luke Leighton 0001-01-01 00:00:00 +00:00
parent 8d9c5f3522
commit 62fdeef1b7
14 changed files with 522 additions and 188 deletions

View File

@ -72,54 +72,59 @@ struct pwd_info
};
struct cli_state {
int fd;
uint16 cnum;
uint16 pid;
uint16 mid;
uint16 vuid;
int protocol;
int sec_mode;
int rap_error;
int privilages;
int fd;
uint16 cnum;
uint16 pid;
uint16 mid;
uint16 vuid;
int protocol;
int sec_mode;
int rap_error;
int privilages;
fstring eff_name;
fstring desthost;
fstring user_name;
fstring domain;
fstring eff_name;
fstring desthost;
fstring user_name;
fstring domain;
fstring share;
fstring dev;
struct nmb_name called;
struct nmb_name calling;
fstring full_dest_host_name;
struct in_addr dest_ip;
fstring share;
fstring dev;
struct nmb_name called;
struct nmb_name calling;
fstring full_dest_host_name;
struct in_addr dest_ip;
struct pwd_info pwd;
unsigned char cryptkey[8];
uint32 sesskey;
int serverzone;
uint32 servertime;
int readbraw_supported;
int writebraw_supported;
int timeout;
int max_xmit;
int max_mux;
char *outbuf;
char *inbuf;
int bufsize;
int initialised;
int win95;
uint32 capabilities;
/*
* Only used in NT domain calls.
*/
uint32 nt_error; /* NT RPC error code. */
uint16 nt_pipe_fnum; /* Pipe handle. */
unsigned char sess_key[16]; /* Current session key. */
DOM_CRED clnt_cred; /* Client credential. */
fstring mach_acct; /* MYNAME$. */
fstring srv_name_slash; /* \\remote server. */
fstring clnt_name_slash; /* \\local client. */
struct pwd_info pwd;
unsigned char cryptkey[8];
uint32 sesskey;
int serverzone;
uint32 servertime;
int readbraw_supported;
int writebraw_supported;
int timeout;
int max_xmit;
int max_mux;
char *outbuf;
char *inbuf;
int bufsize;
int initialised;
int win95;
uint32 capabilities;
/*
* Only used in NT domain calls.
*/
uint32 nt_error; /* NT RPC error code. */
uint16 nt_pipe_fnum; /* Pipe handle. */
unsigned char sess_key[16]; /* Current session key. */
unsigned char ntlmssp_hash[256]; /* ntlmssp data. */
uint32 ntlmssp_cli_flgs; /* ntlmssp client flags */
uint32 ntlmssp_srv_flgs; /* ntlmssp server flags */
DOM_CRED clnt_cred; /* Client credential. */
fstring mach_acct; /* MYNAME$. */
fstring srv_name_slash; /* \\remote server. */
fstring clnt_name_slash; /* \\local client. */
};
#endif /* _CLIENT_H */

View File

@ -390,7 +390,9 @@ BOOL cli_close(struct cli_state *cli, int fnum);
BOOL cli_lock(struct cli_state *cli, int fnum, uint32 offset, uint32 len, int timeout);
BOOL cli_unlock(struct cli_state *cli, int fnum, uint32 offset, uint32 len, int timeout);
size_t cli_read(struct cli_state *cli, int fnum, char *buf, off_t offset, size_t size);
size_t cli_write(struct cli_state *cli, int fnum, char *buf, off_t offset, size_t size);
size_t cli_write(struct cli_state *cli,
int fnum, uint16 write_mode,
char *buf, off_t offset, size_t size);
BOOL cli_getattrE(struct cli_state *cli, int fd,
uint32 *attr, size_t *size,
time_t *c_time, time_t *a_time, time_t *m_time);
@ -1551,13 +1553,13 @@ void make_rpc_hdr_auth(RPC_HDR_AUTH *rai,
uint8 auth_type, uint8 auth_level,
uint8 stub_type_len);
void smb_io_rpc_hdr_auth(char *desc, RPC_HDR_AUTH *rai, prs_struct *ps, int depth);
void make_rpc_auth_verifier(RPC_AUTH_VERIFIER *rav,
char *signature, uint32 msg_type);
void smb_io_rpc_auth_verifier(char *desc, RPC_AUTH_VERIFIER *rav, prs_struct *ps, int depth);
void make_rpc_auth_ntlmssp_neg(RPC_AUTH_NTLMSSP_NEG *neg,
uint32 neg_flgs,
fstring myname, fstring domain);
void smb_io_rpc_auth_ntlmssp_neg(char *desc, RPC_AUTH_NTLMSSP_NEG *neg, prs_struct *ps, int depth);
void make_rpc_auth_verifier(RPC_AUTH_VERIFIER *rav,
char *signature, uint32 msg_type);
void smb_io_rpc_auth_verifier(char *desc, RPC_AUTH_VERIFIER *rav, prs_struct *ps, int depth);
void make_rpc_auth_ntlmssp_chal(RPC_AUTH_NTLMSSP_CHAL *chl,
uint32 neg_flags,
uint8 challenge[8]);
@ -1567,6 +1569,9 @@ void make_rpc_auth_ntlmssp_resp(RPC_AUTH_NTLMSSP_RESP *rsp,
char *domain, char *user, char *wks,
uint32 neg_flags);
void smb_io_rpc_auth_ntlmssp_resp(char *desc, RPC_AUTH_NTLMSSP_RESP *rsp, prs_struct *ps, int depth);
void make_rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk,
uint32 ver, uint32 crc32, uint32 seq_num);
void smb_io_rpc_auth_ntlmssp_chk(char *desc, RPC_AUTH_NTLMSSP_CHK *chk, prs_struct *ps, int depth);
/*The following definitions come from rpc_parse/parse_samr.c */

View File

@ -59,12 +59,18 @@ enum NTLM_MESSAGE_TYPE
#define NTLMSSP_NEGOTIATE_SEAL 0x00000020
#define NTLMSSP_NEGOTIATE_LM_KEY 0x00000080
#define NTLMSSP_NEGOTIATE_NTLM 0x00000200
#define NTLMSSP_NEGOTIATE_00001000 0x00001000
#define NTLMSSP_NEGOTIATE_00002000 0x00002000
#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x00008000
#define NTLMSSP_NEGOTIATE_NTLM2 0x00080000
#define NTLMSSP_NEGOTIATE_TARGET_INFO 0x00800000
#define NTLMSSP_NEGOTIATE_128 0x20000000
#define NTLMSSP_NEGOTIATE_KEY_EXCH 0x40000000
/* NTLMSSP signature version */
#define NTLMSSP_SIGN_VERSION 0x01
/* RPC_IFACE */
typedef struct rpc_iface_info
{
@ -271,7 +277,8 @@ typedef struct rpc_auth_ntlmssp_resp_info
typedef struct rpc_auth_ntlmssp_chk_info
{
uint32 ver; /* 0x0000 0001 */
uint8 crc32[8]; /* checksum using 0xEDB8 8320 as a polynomial */
uint32 reserved;
uint32 crc32; /* checksum using 0xEDB8 8320 as a polynomial */
uint32 seq_num;
} RPC_AUTH_NTLMSSP_CHK;

View File

@ -313,16 +313,19 @@ static BOOL mem_find(struct mem_buf **buf, uint32 offset)
while (f != NULL && offset >= f->offset.end)
{
f = f->next;
DEBUG(200,("mem_find: next[%d..%d]\n",
f->offset.start, f->offset.end));
f->offset.start, f->offset.end));
f = f->next;
}
(*buf) = f;
DEBUG(200,("mem_find: found data[%d..%d]\n",
(*buf)->offset.start,(*buf)->offset.end));
if (f != NULL)
{
DEBUG(200,("mem_find: found data[%d..%d]\n",
(*buf)->offset.start,(*buf)->offset.end));
}
return f != NULL;
}

View File

@ -1255,7 +1255,7 @@ size_t cli_read(struct cli_state *cli, int fnum, char *buf, off_t offset, size_t
/****************************************************************************
issue a single SMBwrite and don't wait for a reply
****************************************************************************/
static void cli_issue_write(struct cli_state *cli, int fnum, off_t offset, char *buf,
static void cli_issue_write(struct cli_state *cli, int fnum, off_t offset, uint16 mode, char *buf,
size_t size, int i)
{
char *p;
@ -1272,6 +1272,8 @@ static void cli_issue_write(struct cli_state *cli, int fnum, off_t offset, char
CVAL(cli->outbuf,smb_vwv0) = 0xFF;
SSVAL(cli->outbuf,smb_vwv2,fnum);
SIVAL(cli->outbuf,smb_vwv3,offset);
SIVAL(cli->outbuf,smb_vwv5,IS_BITS_SET_ALL(mode, 0x0008) ? 0xFFFFFFFF : 0);
SSVAL(cli->outbuf,smb_vwv7,mode);
SSVAL(cli->outbuf,smb_vwv10,size);
SSVAL(cli->outbuf,smb_vwv11,
@ -1282,13 +1284,20 @@ static void cli_issue_write(struct cli_state *cli, int fnum, off_t offset, char
SSVAL(cli->outbuf,smb_mid,cli->mid + i);
show_msg(cli->outbuf);
send_smb(cli->fd,cli->outbuf);
}
/****************************************************************************
write to a file
write_mode: 0x0001 disallow write cacheing
0x0002 return bytes remaining
0x0004 use raw named pipe protocol
0x0008 start of message mode named pipe protocol
****************************************************************************/
size_t cli_write(struct cli_state *cli, int fnum, char *buf, off_t offset, size_t size)
size_t cli_write(struct cli_state *cli,
int fnum, uint16 write_mode,
char *buf, off_t offset, size_t size)
{
int total = -1;
int issued=0;
@ -1305,7 +1314,9 @@ size_t cli_write(struct cli_state *cli, int fnum, char *buf, off_t offset, size_
while (issued - received < mpx && issued < blocks) {
int size1 = MIN(block, size-issued*block);
cli_issue_write(cli, fnum, offset+issued*block, buf + issued*block,
cli_issue_write(cli, fnum, offset+issued*block,
write_mode,
buf + issued*block,
size1, issued);
issued++;
}
@ -2226,9 +2237,12 @@ initialise a client structure
BOOL cli_initialise(struct cli_state *cli)
{
if (cli->initialised)
cli_shutdown(cli);
{
cli_shutdown(cli);
}
memset(cli, 0, sizeof(*cli));
cli->fd = -1;
cli->cnum = -1;
cli->pid = (uint16)getpid();
@ -2241,8 +2255,12 @@ BOOL cli_initialise(struct cli_state *cli)
cli->outbuf = (char *)malloc(cli->bufsize);
cli->inbuf = (char *)malloc(cli->bufsize);
if (!cli->outbuf || !cli->inbuf)
return False;
{
return False;
}
cli->initialised = 1;
return True;
}
@ -2252,9 +2270,13 @@ shutdown a client structure
void cli_shutdown(struct cli_state *cli)
{
if (cli->outbuf)
free(cli->outbuf);
{
free(cli->outbuf);
}
if (cli->inbuf)
free(cli->inbuf);
{
free(cli->inbuf);
}
#ifdef WITH_SSL
if (cli->fd != -1)
sslutil_disconnect(cli->fd);
@ -2454,7 +2476,9 @@ BOOL cli_establish_connection(struct cli_state *cli,
{
DEBUG(1,("failed session setup\n"));
if (do_shutdown)
cli_shutdown(cli);
{
cli_shutdown(cli);
}
return False;
}
if (do_tcon)
@ -2464,7 +2488,9 @@ BOOL cli_establish_connection(struct cli_state *cli,
{
DEBUG(1,("failed tcon_X\n"));
if (do_shutdown)
cli_shutdown(cli);
{
cli_shutdown(cli);
}
return False;
}
}

View File

@ -168,8 +168,14 @@ void pwd_set_lm_nt_16(struct pwd_info *pwd, uchar lm_pwd[16], uchar nt_pwd[16])
void pwd_get_lm_nt_16(struct pwd_info *pwd, uchar lm_pwd[16], uchar nt_pwd[16])
{
pwd_deobfuscate(pwd);
memcpy(lm_pwd, pwd->smb_lm_pwd, 16);
memcpy(nt_pwd, pwd->smb_nt_pwd, 16);
if (lm_pwd != NULL)
{
memcpy(lm_pwd, pwd->smb_lm_pwd, 16);
}
if (nt_pwd != NULL)
{
memcpy(nt_pwd, pwd->smb_nt_pwd, 16);
}
pwd_obfuscate(pwd);
}
@ -229,7 +235,13 @@ void pwd_make_lm_nt_owf(struct pwd_info *pwd, uchar cryptkey[8])
void pwd_get_lm_nt_owf(struct pwd_info *pwd, uchar lm_owf[24], uchar nt_owf[24])
{
pwd_deobfuscate(pwd);
memcpy(lm_owf, pwd->smb_lm_owf, 24);
memcpy(nt_owf, pwd->smb_nt_owf, 24);
if (lm_owf != NULL)
{
memcpy(lm_owf, pwd->smb_lm_owf, 24);
}
if (nt_owf != NULL)
{
memcpy(nt_owf, pwd->smb_nt_owf, 24);
}
pwd_obfuscate(pwd);
}

View File

@ -286,12 +286,12 @@ static BOOL rpc_api_pipe(struct cli_state *cli, uint16 cmd,
- caller is expected to free the header data structure once used.
********************************************************************/
static BOOL create_rpc_bind_req(prs_struct *rhdr,
prs_struct *rhdr_rb,
prs_struct *rhdr_auth,
prs_struct *auth_req,
prs_struct *auth_ntlm,
uint32 call_id,
RPC_IFACE *abstract, RPC_IFACE *transfer,
char *my_name, char *domain)
{
@ -303,7 +303,7 @@ static BOOL create_rpc_bind_req(prs_struct *rhdr,
/* create the bind request RPC_HDR_RB */
make_rpc_hdr_rb(&hdr_rb, 0x1630, 0x1630, 0x0,
0x1, 0x0, 0x1, abstract, transfer);
0x1, 0x0, 0x1, abstract, transfer);
/* stream the bind request data */
smb_io_rpc_hdr_rb("", &hdr_rb, rhdr_rb, 0);
@ -329,7 +329,7 @@ static BOOL create_rpc_bind_req(prs_struct *rhdr,
}
/* create the request RPC_HDR */
make_rpc_hdr(&hdr, RPC_BIND, 0x0, get_rpc_call_id(),
make_rpc_hdr(&hdr, RPC_BIND, 0x0, call_id,
rhdr_rb->offset + 0x10,
auth_req != NULL ? auth_req ->offset : 0 +
auth_ntlm != NULL ? auth_ntlm->offset : 0);
@ -361,6 +361,71 @@ static BOOL create_rpc_bind_req(prs_struct *rhdr,
}
/*******************************************************************
creates a DCE/RPC bind authentication response
- initialises the parse structure.
- dynamically allocates the header data structure
- caller is expected to free the header data structure once used.
********************************************************************/
static BOOL create_rpc_bind_resp(struct pwd_info *pwd,
char *domain, char *user_name, char *my_name,
uint32 ntlmssp_cli_flgs,
uint32 call_id,
prs_struct *rhdr,
prs_struct *rhdr_autha,
prs_struct *auth_resp)
{
unsigned char lm_owf[24];
unsigned char nt_owf[24];
RPC_HDR hdr;
RPC_HDR_AUTHA hdr_autha;
RPC_AUTH_VERIFIER auth_verifier;
RPC_AUTH_NTLMSSP_RESP ntlmssp_resp;
make_rpc_hdr_autha(&hdr_autha, 0x1630, 0x1630, 0x0a, 0x06, 0x00);
smb_io_rpc_hdr_autha("hdr_autha", &hdr_autha, rhdr_autha, 0);
mem_realloc_data(rhdr_autha->data, rhdr_autha->offset);
make_rpc_auth_verifier(&auth_verifier,
"NTLMSSP", NTLMSSP_AUTH);
smb_io_rpc_auth_verifier("auth_verifier", &auth_verifier, auth_resp, 0);
mem_realloc_data(auth_resp->data, auth_resp->offset);
pwd_get_lm_nt_owf(pwd, lm_owf, nt_owf);
make_rpc_auth_ntlmssp_resp(&ntlmssp_resp,
lm_owf, nt_owf,
domain, user_name, my_name,
ntlmssp_cli_flgs);
smb_io_rpc_auth_ntlmssp_resp("ntlmssp_resp", &ntlmssp_resp, auth_resp, 0);
mem_realloc_data(auth_resp->data, auth_resp->offset);
/* create the request RPC_HDR */
make_rpc_hdr(&hdr, RPC_BINDRESP, 0x0, call_id,
auth_resp->offset + rhdr_autha->offset + 0x10,
auth_resp->offset);
smb_io_rpc_hdr("hdr" , &hdr , rhdr, 0);
mem_realloc_data(rhdr->data, rhdr->offset);
if (rhdr->data == NULL || rhdr_autha->data == NULL) return False;
/***/
/*** link rpc header and authentication responses ***/
/***/
prs_link(NULL , rhdr , rhdr_autha);
prs_link(rhdr , rhdr_autha , auth_resp );
prs_link(rhdr_autha, auth_resp , NULL );
return True;
}
/*******************************************************************
creates a DCE/RPC bind request
@ -370,8 +435,10 @@ static BOOL create_rpc_bind_req(prs_struct *rhdr,
********************************************************************/
static BOOL create_rpc_request(prs_struct *rhdr, uint8 op_num, int data_len)
static BOOL create_rpc_request(prs_struct *rhdr, uint8 op_num, int data_len,
int auth_len)
{
uint32 alloc_hint;
RPC_HDR_REQ hdr_req;
RPC_HDR hdr;
@ -380,10 +447,22 @@ static BOOL create_rpc_request(prs_struct *rhdr, uint8 op_num, int data_len)
/* create the rpc header RPC_HDR */
make_rpc_hdr(&hdr , RPC_REQUEST, RPC_FLG_FIRST | RPC_FLG_LAST,
get_rpc_call_id(), data_len, 0);
get_rpc_call_id(), data_len, auth_len);
if (auth_len != 0)
{
alloc_hint = data_len - 0x18 - auth_len - 12;
}
else
{
alloc_hint = data_len - 0x18;
}
DEBUG(10,("create_rpc_request: data_len: %x auth_len: %x alloc_hint: %x\n",
data_len, auth_len, alloc_hint));
/* create the rpc request RPC_HDR_REQ */
make_rpc_hdr_req(&hdr_req, data_len, op_num);
make_rpc_hdr_req(&hdr_req, alloc_hint, op_num);
/* stream-time... */
smb_io_rpc_hdr ("hdr ", &hdr , rhdr, 0);
@ -405,32 +484,85 @@ BOOL rpc_api_pipe_req(struct cli_state *cli, uint8 op_num,
prs_struct *data, prs_struct *rdata)
{
/* fudge this, at the moment: create the header; memcpy the data. oops. */
prs_struct dataa;
prs_struct rparam;
prs_struct hdr;
prs_struct hdr_auth;
prs_struct auth_verf;
int data_len;
int auth_len;
BOOL ret;
BOOL auth_verify;
BOOL auth_seal;
uint32 crc32;
data_len = data->offset + 0x18;
auth_verify = IS_BITS_SET_ALL(cli->ntlmssp_srv_flgs, NTLMSSP_NEGOTIATE_SIGN);
auth_seal = IS_BITS_SET_ALL(cli->ntlmssp_srv_flgs, NTLMSSP_NEGOTIATE_SEAL);
/* happen to know that NTLMSSP authentication verifier is 16 bytes */
auth_len = auth_verify ? 16 : 0;
data_len = data->offset + auth_len + (auth_verify ? 8 : 0) + 0x18;
data->data->offset.end = data->offset;
prs_init(&hdr , data_len, 4, SAFETY_MARGIN, False);
prs_init(&rparam, 0 , 4, 0 , True );
prs_init(&hdr , data_len, 4, SAFETY_MARGIN, False);
prs_init(&hdr_auth , 8 , 4, SAFETY_MARGIN, False);
prs_init(&auth_verf, auth_len, 4, SAFETY_MARGIN, False);
prs_init(&rparam , 0 , 4, 0 , True );
create_rpc_request(&hdr, op_num, data_len);
create_rpc_request(&hdr, op_num, data_len, auth_len);
if (auth_seal)
{
crc32 = crc32_calc_buffer(data->offset, mem_data(&data->data, 0));
NTLMSSPcalc(cli->ntlmssp_hash, mem_data(&data->data, 0), data->offset);
}
if (auth_verify)
{
RPC_AUTH_NTLMSSP_CHK chk;
RPC_HDR_AUTH rhdr_auth;
make_rpc_hdr_auth(&rhdr_auth, 0x0a, 0x06, 0x02);
smb_io_rpc_hdr_auth("hdr_auth", &rhdr_auth, &hdr_auth, 0);
make_rpc_auth_ntlmssp_chk(&chk, NTLMSSP_SIGN_VERSION, crc32, 0);
smb_io_rpc_auth_ntlmssp_chk("auth_sign", &chk, &auth_verf, 0);
NTLMSSPcalc(cli->ntlmssp_hash, mem_data(&auth_verf.data, 4), 12);
}
if (auth_seal || auth_verify)
{
prs_link(NULL , &hdr , data );
prs_link(&hdr , data , &hdr_auth );
prs_link(data , &hdr_auth , &auth_verf);
prs_link(&hdr_auth, &auth_verf, NULL );
}
else
{
prs_link(NULL, &hdr, data);
prs_link(&hdr, data, NULL);
}
mem_realloc_data(hdr.data, data_len);
hdr.data->offset.end = data_len;
mem_buf_copy(mem_data(&(hdr.data), 0x18), data->data, 0, data->offset);
ret = rpc_api_pipe(cli, 0x0026, NULL, &hdr, &rparam, rdata);
DEBUG(100,("data_len: %x data_calc_len: %x\n",
data_len, mem_buf_len(data->data)));
prs_mem_free(&rparam);
prs_mem_free(&hdr);
/* this is a hack due to limitations in rpc_api_pipe */
prs_init(&dataa, mem_buf_len(hdr.data), 4, 0x0, False);
mem_buf_copy(dataa.data->data, hdr.data, 0, mem_buf_len(hdr.data));
ret = rpc_api_pipe(cli, 0x0026, NULL, &dataa, &rparam, rdata);
prs_mem_free(&hdr_auth );
prs_mem_free(&auth_verf);
prs_mem_free(&rparam );
prs_mem_free(&hdr );
prs_mem_free(&dataa );
return ret;
}
/****************************************************************************
do an rpc bind
****************************************************************************/
@ -574,11 +706,13 @@ do an rpc bind
****************************************************************************/
static BOOL rpc_pipe_bind(struct cli_state *cli, char *pipe_name,
RPC_IFACE *abstract, RPC_IFACE *transfer, BOOL ntlmssp_auth)
RPC_IFACE *abstract, RPC_IFACE *transfer,
char *my_name)
{
prs_struct hdr;
prs_struct hdr_rb;
prs_struct hdr_auth;
prs_struct hdr_autha;
prs_struct auth_req;
prs_struct auth_ntlm;
prs_struct data;
@ -586,9 +720,13 @@ static BOOL rpc_pipe_bind(struct cli_state *cli, char *pipe_name,
prs_struct rparam;
BOOL valid_ack = False;
BOOL ntlmssp_auth = cli->ntlmssp_cli_flgs != 0;
uint32 call_id;
if (pipe_name == NULL || abstract == NULL || transfer == NULL)
return False;
{
return False;
}
DEBUG(5,("Bind RPC Pipe[%x]: %s\n", cli->nt_pipe_fnum, pipe_name));
@ -600,14 +738,16 @@ static BOOL rpc_pipe_bind(struct cli_state *cli, char *pipe_name,
prs_init(&auth_req , ntlmssp_auth ? 1024 : 0, 4, SAFETY_MARGIN, False);
prs_init(&auth_ntlm, ntlmssp_auth ? 1024 : 0, 4, SAFETY_MARGIN, False);
prs_init(&rdata , 0 , 4, SAFETY_MARGIN, True );
prs_init(&rparam, 0 , 4, SAFETY_MARGIN, True );
prs_init(&rdata , 0 , 4, SAFETY_MARGIN, True);
prs_init(&rparam , 0 , 4, SAFETY_MARGIN, True);
call_id = get_rpc_call_id();
create_rpc_bind_req(&hdr, &hdr_rb,
ntlmssp_auth ? &hdr_auth : NULL,
ntlmssp_auth ? &auth_req : NULL,
ntlmssp_auth ? &auth_ntlm : NULL,
abstract, transfer, global_myname, global_myworkgroup);
call_id,
abstract, transfer, global_myname, cli->domain);
/* this is a hack due to limitations in rpc_api_pipe */
prs_init(&data, mem_buf_len(hdr.data), 4, 0x0, False);
@ -646,6 +786,57 @@ static BOOL rpc_pipe_bind(struct cli_state *cli, char *pipe_name,
smb_io_rpc_auth_ntlmssp_chal("", &rhdr_chal, &rdata, 0);
if (rdata.offset == 0) valid_ack = False;
}
if (valid_ack && ntlmssp_auth)
{
unsigned char p24[24];
unsigned char lm_owf[24];
unsigned char lm_hash[16];
prs_struct hdra;
prs_struct hdr_autha;
prs_struct auth_resp;
prs_struct dataa;
cli->ntlmssp_cli_flgs = rhdr_chal.neg_flags;
prs_init(&hdra , 0x10, 4, 0x0 , False);
prs_init(&hdr_autha, 1024, 4, SAFETY_MARGIN, False);
prs_init(&auth_resp, 1024, 4, SAFETY_MARGIN, False);
pwd_make_lm_nt_owf(&cli->pwd, rhdr_chal.challenge);
pwd_get_lm_nt_owf(&cli->pwd, lm_owf, NULL);
pwd_get_lm_nt_16(&cli->pwd, lm_hash, NULL);
NTLMSSPOWFencrypt(lm_hash, lm_owf, p24);
bzero(lm_hash, sizeof(lm_hash));
NTLMSSPhash(cli->ntlmssp_hash, p24);
create_rpc_bind_resp(&cli->pwd, cli->domain,
cli->user_name, global_myname,
cli->ntlmssp_cli_flgs,
call_id,
&hdra, &hdr_autha, &auth_resp);
/* this is a hack due to limitations in rpc_api_pipe */
prs_init(&dataa, mem_buf_len(hdra.data), 4, 0x0, False);
mem_buf_copy(dataa.data->data, hdra.data, 0, mem_buf_len(hdra.data));
if (cli_write(cli, cli->nt_pipe_fnum, 0x0008,
dataa.data->data, 0,
dataa.data->data_used) < 0)
{
valid_ack = False;
}
if (valid_ack)
{
cli->ntlmssp_srv_flgs = rhdr_chal.neg_flags;
}
prs_mem_free(&hdra);
prs_mem_free(&dataa);
prs_mem_free(&hdr_autha);
prs_mem_free(&auth_resp);
}
}
prs_mem_free(&data );
@ -690,7 +881,26 @@ BOOL cli_nt_session_open(struct cli_state *cli, char *pipe_name, BOOL encrypted)
}
/******************* bind request on pipe *****************/
if (!rpc_pipe_bind(cli, pipe_name, &abstract, &transfer, encrypted))
if (encrypted)
{
cli->ntlmssp_cli_flgs =
NTLMSSP_NEGOTIATE_UNICODE |
NTLMSSP_NEGOTIATE_OEM |
NTLMSSP_NEGOTIATE_SIGN |
NTLMSSP_NEGOTIATE_SEAL |
NTLMSSP_NEGOTIATE_LM_KEY |
NTLMSSP_NEGOTIATE_NTLM |
NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
NTLMSSP_NEGOTIATE_00001000 |
NTLMSSP_NEGOTIATE_00002000;
DEBUG(5,("cli_nt_session_open: neg_flags: %lx\n",
cli->ntlmssp_cli_flgs));
}
if (!rpc_pipe_bind(cli, pipe_name,
&abstract, &transfer,
global_myname))
{
DEBUG(0,("cli_nt_session_open: rpc bind failed. Error was %s\n",
cli_errstr(cli)));
@ -699,8 +909,8 @@ BOOL cli_nt_session_open(struct cli_state *cli, char *pipe_name, BOOL encrypted)
}
/*
* Setup the remote server name prefixed by \ and the machine account name.
*/
* Setup the remote server name prefixed by \ and the machine account name.
*/
fstrcpy(cli->srv_name_slash, "\\\\");
fstrcat(cli->srv_name_slash, cli->desthost);

View File

@ -107,7 +107,7 @@ BOOL do_samr_unknown_8(struct cli_state *cli,
prs_struct rdata;
SAMR_Q_UNKNOWN_8 q_e;
BOOL valid_un8 = False;
BOOL valid_un8 = False;
/* create and send a MSRPC command with api SAMR_ENUM_DOM_USERS */
@ -128,7 +128,6 @@ BOOL do_samr_unknown_8(struct cli_state *cli,
if (rpc_api_pipe_req(cli, SAMR_UNKNOWN_8, &data, &rdata))
{
#if 0
SAMR_R_UNKNOWN_8 r_e;
BOOL p;

View File

@ -375,13 +375,13 @@ void smb_io_rpc_hdr_ba(char *desc, RPC_HDR_BA *rpc, prs_struct *ps, int depth)
/*******************************************************************
creates an RPC_HDR_REQ structure.
********************************************************************/
void make_rpc_hdr_req(RPC_HDR_REQ *hdr, uint32 data_len, uint16 opnum)
void make_rpc_hdr_req(RPC_HDR_REQ *hdr, uint32 alloc_hint, uint16 opnum)
{
if (hdr == NULL) return;
hdr->alloc_hint = data_len - 0x18; /* allocation hint */
hdr->context_id = 0; /* presentation context identifier */
hdr->opnum = opnum; /* opnum */
hdr->alloc_hint = alloc_hint; /* allocation hint */
hdr->context_id = 0; /* presentation context identifier */
hdr->opnum = opnum; /* opnum */
}
/*******************************************************************
@ -492,46 +492,6 @@ void smb_io_rpc_hdr_auth(char *desc, RPC_HDR_AUTH *rai, prs_struct *ps, int dept
prs_uint32("unknown ", ps, depth, &(rai->unknown )); /* 0x0014a0c0 */
}
/*******************************************************************
creates an RPC_AUTH_NTLMSSP_NEG structure.
********************************************************************/
void make_rpc_auth_ntlmssp_neg(RPC_AUTH_NTLMSSP_NEG *neg,
uint32 neg_flgs,
fstring myname, fstring domain)
{
int len_myname = strlen(myname);
int len_domain = strlen(domain);
if (neg == NULL) return;
neg->neg_flgs = neg_flgs ; /* 0x00b2b3 */
make_str_hdr(&neg->hdr_myname, len_myname, len_myname, 1);
make_str_hdr(&neg->hdr_domain, len_domain, len_domain, 1);
fstrcpy(neg->myname, myname);
fstrcpy(neg->domain, domain);
}
/*******************************************************************
reads or writes an RPC_AUTH_NTLMSSP_NEG structure.
********************************************************************/
void smb_io_rpc_auth_ntlmssp_neg(char *desc, RPC_AUTH_NTLMSSP_NEG *neg, prs_struct *ps, int depth)
{
if (neg == NULL) return;
prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_neg");
depth++;
prs_uint32("neg_flgs ", ps, depth, &(neg->neg_flgs));
smb_io_strhdr("hdr_myname", &(neg->hdr_myname), ps, depth);
smb_io_strhdr("hdr_domain", &(neg->hdr_domain), ps, depth);
prs_string("myname", ps, depth, neg->myname, neg->hdr_myname.str_str_len, sizeof(neg->myname));
prs_string("domain", ps, depth, neg->domain, neg->hdr_domain.str_str_len, sizeof(neg->domain));
}
/*******************************************************************
creates an RPC_AUTH_VERIFIER structure.
********************************************************************/
@ -558,6 +518,46 @@ void smb_io_rpc_auth_verifier(char *desc, RPC_AUTH_VERIFIER *rav, prs_struct *ps
prs_uint32("msg_type ", ps, depth, &(rav->msg_type )); /* NTLMSSP_MESSAGE_TYPE */
}
/*******************************************************************
creates an RPC_AUTH_NTLMSSP_NEG structure.
********************************************************************/
void make_rpc_auth_ntlmssp_neg(RPC_AUTH_NTLMSSP_NEG *neg,
uint32 neg_flgs,
fstring myname, fstring domain)
{
int len_myname = strlen(myname);
int len_domain = strlen(domain);
if (neg == NULL) return;
neg->neg_flgs = neg_flgs ; /* 0x00b2b3 */
make_str_hdr(&neg->hdr_myname, len_myname, len_myname, 0x20);
make_str_hdr(&neg->hdr_domain, len_domain, len_domain, 0x20 + len_myname+1);
fstrcpy(neg->myname, myname);
fstrcpy(neg->domain, domain);
}
/*******************************************************************
reads or writes an RPC_AUTH_NTLMSSP_NEG structure.
********************************************************************/
void smb_io_rpc_auth_ntlmssp_neg(char *desc, RPC_AUTH_NTLMSSP_NEG *neg, prs_struct *ps, int depth)
{
if (neg == NULL) return;
prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_neg");
depth++;
prs_uint32("neg_flgs ", ps, depth, &(neg->neg_flgs));
smb_io_strhdr("hdr_myname", &(neg->hdr_myname), ps, depth);
smb_io_strhdr("hdr_domain", &(neg->hdr_domain), ps, depth);
prs_string("myname", ps, depth, neg->myname, neg->hdr_myname.str_str_len, sizeof(neg->myname));
prs_string("domain", ps, depth, neg->domain, neg->hdr_domain.str_str_len, sizeof(neg->domain));
}
/*******************************************************************
creates an RPC_AUTH_NTLMSSP_CHAL structure.
********************************************************************/
@ -606,30 +606,49 @@ void make_rpc_auth_ntlmssp_resp(RPC_AUTH_NTLMSSP_RESP *rsp,
uint32 neg_flags)
{
uint32 offset;
int dom_len = strlen(domain) * 2;
int wks_len = strlen(wks ) * 2;
int usr_len = strlen(user ) * 2;
int dom_len = strlen(domain);
int wks_len = strlen(wks );
int usr_len = strlen(user );
int lm_len = lm_resp != NULL ? 24 : 0;
int nt_len = nt_resp != NULL ? 24 : 0;
DEBUG(5,("make_rpc_auth_ntlmssp_resp\n"));
if (rsp == NULL) return;
#ifdef DEBUG_PASSWORD
DEBUG(100,("lm_resp\n"));
dump_data(100, lm_resp, 24);
DEBUG(100,("nt_resp\n"));
dump_data(100, nt_resp, 24);
#endif
DEBUG(6,("dom: %s user: %s wks: %s neg_flgs: 0x%x\n",
domain, user, wks, neg_flags));
offset = 0x40;
if (IS_BITS_SET_ALL(neg_flags, NTLMSSP_NEGOTIATE_UNICODE))
{
dom_len *= 2;
wks_len *= 2;
usr_len *= 2;
}
make_str_hdr(&rsp->hdr_lm_resp, lm_len, lm_len, offset);
offset += lm_len * 2;
offset += lm_len;
make_str_hdr(&rsp->hdr_nt_resp, nt_len, nt_len, offset);
offset += nt_len * 2;
offset += nt_len;
make_str_hdr(&rsp->hdr_domain , dom_len, dom_len, offset);
offset += dom_len * 2;
offset += dom_len;
make_str_hdr(&rsp->hdr_usr , usr_len, usr_len, offset);
offset += usr_len * 2;
offset += usr_len;
make_str_hdr(&rsp->hdr_wks , wks_len, wks_len, offset);
offset += wks_len * 2;
offset += wks_len;
make_str_hdr(&rsp->hdr_sess_key, 0, 0, offset);
@ -637,12 +656,20 @@ void make_rpc_auth_ntlmssp_resp(RPC_AUTH_NTLMSSP_RESP *rsp,
memcpy(&rsp->lm_resp, lm_resp, 24);
memcpy(&rsp->nt_resp, nt_resp, 24);
fstrcpy(rsp->domain, domain);
fstrcpy(rsp->user , user );
fstrcpy(rsp->wks , wks );
rsp->sess_key[0] = 0;
if (IS_BITS_SET_ALL(neg_flags, NTLMSSP_NEGOTIATE_UNICODE))
{
struni2((uint16*)rsp->domain, domain);
struni2((uint16*)rsp->user , user );
struni2((uint16*)rsp->wks , wks );
}
else
{
fstrcpy(rsp->domain, domain);
fstrcpy(rsp->user , user );
fstrcpy(rsp->wks , wks );
}
rsp->sess_key[0] = 0;
}
/*******************************************************************
@ -659,12 +686,14 @@ void smb_io_rpc_auth_ntlmssp_resp(char *desc, RPC_AUTH_NTLMSSP_RESP *rsp, prs_st
prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_resp");
depth++;
ZERO_STRUCTP(rsp);
if (ps->io)
{
uint32 old_offset;
/* reading */
ZERO_STRUCTP(rsp);
smb_io_strhdr("hdr_lm_resp ", &rsp->hdr_lm_resp , ps, depth);
smb_io_strhdr("hdr_nt_resp ", &rsp->hdr_nt_resp , ps, depth);
smb_io_strhdr("hdr_domain ", &rsp->hdr_domain , ps, depth);
@ -677,30 +706,30 @@ void smb_io_rpc_auth_ntlmssp_resp(char *desc, RPC_AUTH_NTLMSSP_RESP *rsp, prs_st
old_offset = ps->offset;
ps->offset = rsp->hdr_lm_resp .buffer + 0x1c;
prs_uint8s(False, "lm_resp ", ps, depth, rsp->lm_resp , MIN(rsp->hdr_lm_resp .str_str_len, sizeof(rsp->lm_resp )));
prs_uint8s(False, "lm_resp ", ps, depth, (uint8*)rsp->lm_resp , MIN(rsp->hdr_lm_resp .str_str_len, sizeof(rsp->lm_resp )));
old_offset += rsp->hdr_lm_resp .str_str_len;
ps->offset = rsp->hdr_nt_resp .buffer + 0x1c;
prs_uint8s(False, "nt_resp ", ps, depth, rsp->nt_resp , MIN(rsp->hdr_nt_resp .str_str_len, sizeof(rsp->nt_resp )));
prs_uint8s(False, "nt_resp ", ps, depth, (uint8*)rsp->nt_resp , MIN(rsp->hdr_nt_resp .str_str_len, sizeof(rsp->nt_resp )));
old_offset += rsp->hdr_nt_resp .str_str_len;
ps->offset = rsp->hdr_domain .buffer + 0x1c;
prs_uint8s(True , "domain ", ps, depth, rsp->domain , MIN(rsp->hdr_domain .str_str_len, sizeof(rsp->domain )));
prs_uint8s(True , "domain ", ps, depth, (uint8*)rsp->domain , MIN(rsp->hdr_domain .str_str_len, sizeof(rsp->domain )));
old_offset += rsp->hdr_domain .str_str_len;
ps->offset = rsp->hdr_usr .buffer + 0x1c;
prs_uint8s(True , "user ", ps, depth, rsp->user , MIN(rsp->hdr_usr .str_str_len, sizeof(rsp->user )));
prs_uint8s(True , "user ", ps, depth, (uint8*)rsp->user , MIN(rsp->hdr_usr .str_str_len, sizeof(rsp->user )));
old_offset += rsp->hdr_usr .str_str_len;
ps->offset = rsp->hdr_wks .buffer + 0x1c;
prs_uint8s(True , "wks ", ps, depth, rsp->wks , MIN(rsp->hdr_wks .str_str_len, sizeof(rsp->wks )));
prs_uint8s(True , "wks ", ps, depth, (uint8*)rsp->wks , MIN(rsp->hdr_wks .str_str_len, sizeof(rsp->wks )));
old_offset += rsp->hdr_wks .str_str_len;
if (rsp->hdr_sess_key.str_str_len != 0)
{
ps->offset = rsp->hdr_sess_key.buffer + 0x1c;
old_offset += rsp->hdr_sess_key.str_str_len;
prs_uint8s(False, "sess_key", ps, depth, rsp->sess_key, MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key)));
prs_uint8s(False, "sess_key", ps, depth, (uint8*)rsp->sess_key, MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key)));
}
ps->offset = old_offset;
@ -717,25 +746,42 @@ void smb_io_rpc_auth_ntlmssp_resp(char *desc, RPC_AUTH_NTLMSSP_RESP *rsp, prs_st
prs_uint32("neg_flags", ps, depth, &(rsp->neg_flags)); /* 0x0000 82b1 */
prs_uint8s(False, "sess_key", ps, depth, rsp->sess_key, MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key)));
prs_uint8s(True , "wks ", ps, depth, rsp->wks , MIN(rsp->hdr_wks .str_str_len, sizeof(rsp->wks )));
prs_uint8s(True , "user ", ps, depth, rsp->user , MIN(rsp->hdr_usr .str_str_len, sizeof(rsp->user )));
prs_uint8s(True , "domain ", ps, depth, rsp->domain , MIN(rsp->hdr_domain .str_str_len, sizeof(rsp->domain )));
prs_uint8s(False, "nt_resp ", ps, depth, rsp->nt_resp , MIN(rsp->hdr_nt_resp .str_str_len, sizeof(rsp->nt_resp )));
prs_uint8s(False, "lm_resp ", ps, depth, rsp->lm_resp , MIN(rsp->hdr_lm_resp .str_str_len, sizeof(rsp->lm_resp )));
prs_uint8s(False, "nt_resp ", ps, depth, rsp->nt_resp , MIN(rsp->hdr_nt_resp .str_str_len, sizeof(rsp->nt_resp )));
prs_uint8s(True , "domain ", ps, depth, rsp->domain , MIN(rsp->hdr_domain .str_str_len, sizeof(rsp->domain )));
prs_uint8s(True , "user ", ps, depth, rsp->user , MIN(rsp->hdr_usr .str_str_len, sizeof(rsp->user )));
prs_uint8s(True , "wks ", ps, depth, rsp->wks , MIN(rsp->hdr_wks .str_str_len, sizeof(rsp->wks )));
prs_uint8s(False, "sess_key", ps, depth, rsp->sess_key, MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key)));
}
}
#if 0
/* attached to the end of encrypted rpc requests and responses */
/* RPC_AUTH_NTLMSSP_CHK */
typedef struct rpc_auth_ntlmssp_chk_info
/*******************************************************************
creates an RPC_AUTH_NTLMSSP_CHK structure.
********************************************************************/
void make_rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk,
uint32 ver, uint32 crc32, uint32 seq_num)
{
uint32 ver; /* 0x1 */
uint8 data[12];
if (chk == NULL) return;
} RPC_AUTH_NTLMSSP_CHK;
chk->ver = ver ;
chk->reserved = 0x0;
chk->crc32 = crc32 ;
chk->seq_num = seq_num ;
}
#endif /* 0 */
/*******************************************************************
reads or writes an RPC_AUTH_NTLMSSP_CHK structure.
********************************************************************/
void smb_io_rpc_auth_ntlmssp_chk(char *desc, RPC_AUTH_NTLMSSP_CHK *chk, prs_struct *ps, int depth)
{
if (chk == NULL) return;
prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_chk");
depth++;
prs_uint32("ver ", ps, depth, &(chk->ver ));
prs_uint32("reserved", ps, depth, &(chk->reserved));
prs_uint32("crc32 ", ps, depth, &(chk->crc32 ));
prs_uint32("seq_num ", ps, depth, &(chk->seq_num ));
}

View File

@ -211,14 +211,16 @@ int read_pipe(pipes_struct *p, char *data, uint32 pos, int n)
BOOLSTR(p->open),
pos, n));
if (!p || !p->open) {
if (!p || !p->open)
{
DEBUG(6,("pipe not open\n"));
return -1;
}
if (p->rhdr.data == NULL || p->rhdr.data->data == NULL ||
p->rhdr.data->data_used == 0) {
p->rhdr.data->data_used == 0)
{
return 0;
}
@ -237,18 +239,21 @@ int read_pipe(pipes_struct *p, char *data, uint32 pos, int n)
DEBUG(6,("read_pipe: len: %d num: %d n: %d\n", len, num, n));
if (num > n) num = n;
if (num <= 0) {
if (num <= 0)
{
DEBUG(5,("read_pipe: 0 or -ve data length\n"));
return 0;
}
if (!IS_BITS_SET_ALL(p->hdr.flags, RPC_FLG_LAST)) {
if (!IS_BITS_SET_ALL(p->hdr.flags, RPC_FLG_LAST))
{
/* intermediate fragment - possibility of another header */
DEBUG(5,("read_pipe: frag_len: %d data_pos: %d data_hdr_pos: %d\n",
p->hdr.frag_len, data_pos, data_hdr_pos));
if (data_hdr_pos == p->next_frag_start) {
if (data_hdr_pos == p->next_frag_start)
{
DEBUG(6,("read_pipe: next fragment header\n"));
/* this is subtracted from the total data bytes, later */
@ -263,10 +268,10 @@ int read_pipe(pipes_struct *p, char *data, uint32 pos, int n)
p->next_frag_start += p->hdr.frag_len;
p->hdr_offsets += 0x18;
}
}
if (num < hdr_num) {
if (num < hdr_num)
{
DEBUG(5,("read_pipe: warning - data read only part of a header\n"));
}
@ -277,12 +282,15 @@ int read_pipe(pipes_struct *p, char *data, uint32 pos, int n)
data_pos += num;
data_hdr_pos += num;
if (hdr_num == 0x18 && num == 0x18) {
if (hdr_num == 0x18 && num == 0x18)
{
DEBUG(6,("read_pipe: just header read\n"));
/* advance to the next fragment */
p->frag_len_left -= 0x18;
} else if (data_hdr_pos == p->next_frag_start) {
}
else if (data_hdr_pos == p->next_frag_start)
{
DEBUG(6,("read_pipe: next fragment expected\n"));
}

View File

@ -67,6 +67,14 @@ void cmd_sam_test(struct client_info *info)
/* open SAMR session. */
res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, True) : False;
/* establish a connection. */
res = res ? do_samr_connect(smb_cli,
srv_name, 0x00000020,
&info->dom.samr_pol_connect) : False;
res = res ? do_samr_close(smb_cli,
&info->dom.samr_pol_connect) : False;
/* close the session */
cli_nt_session_close(smb_cli);
@ -232,10 +240,10 @@ void cmd_sam_enum_users(struct client_info *info)
}
res = res ? do_samr_close(smb_cli,
&info->dom.samr_pol_connect) : False;
&info->dom.samr_pol_open_domain) : False;
res = res ? do_samr_close(smb_cli,
&info->dom.samr_pol_open_domain) : False;
&info->dom.samr_pol_connect) : False;
/* close the session */
cli_nt_session_close(smb_cli);

View File

@ -30,6 +30,7 @@
#endif
extern pstring scope;
extern pstring global_myname;
extern pstring user_socket_options;
@ -456,6 +457,7 @@ enum client_action
TimeInit();
charset_initialise();
crc32_build_table();
myumask = umask(0);
umask(myumask);
@ -683,6 +685,9 @@ enum client_action
fprintf(stderr, "Failed to get my hostname.\n");
}
fstrcpy(global_myname, cli_info.myhostname);
strupper(global_myname);
if (!lp_load(servicesf,True, False, False))
{
fprintf(stderr, "Can't load %s - run testparm to debug it\n", servicesf);

View File

@ -705,7 +705,7 @@ ssize_t smbw_write(int fd, void *buf, size_t count)
return -1;
}
ret = cli_write(&file->srv->cli, file->f->cli_fd, buf, file->f->offset, count);
ret = cli_write(&file->srv->cli, file->f->cli_fd, 0, buf, file->f->offset, count);
if (ret == -1) {
errno = smbw_errno(&file->srv->cli);

View File

@ -165,12 +165,12 @@ static BOOL rw_torture(struct cli_state *c, int numops)
break;
}
if (cli_write(c, fnum, (char *)&pid, 0, sizeof(pid)) != sizeof(pid)) {
if (cli_write(c, fnum, 0, (char *)&pid, 0, sizeof(pid)) != sizeof(pid)) {
printf("write failed (%s)\n", cli_errstr(c));
}
for (j=0;j<50;j++) {
if (cli_write(c, fnum, (char *)buf,
if (cli_write(c, fnum, 0, (char *)buf,
sizeof(pid)+(j*sizeof(buf)),
sizeof(buf)) != sizeof(buf)) {
printf("write failed (%s)\n", cli_errstr(c));
@ -818,7 +818,7 @@ static void run_trans2test(void)
fnum = cli_open(&cli, fname2,
O_RDWR | O_CREAT | O_TRUNC, DENY_NONE);
cli_write(&cli, fnum, (char *)&fnum, 0, sizeof(fnum));
cli_write(&cli, fnum, 0, (char *)&fnum, 0, sizeof(fnum));
cli_close(&cli, fnum);
if (!cli_qpathinfo2(&cli, "\\trans2\\", &c_time, &a_time, &m_time2,
&w_time, &size, NULL)) {