sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-27 22:50:26 +03:00
Code

s3:libsmb: Use cli_credentials to store traversal creds

Browse Source 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Andreas Schneider 2021-01-13 16:11:17 +01:00 committed by Andrew Bartlett
parent 1796737eae
commit 84b5440eb4
8 changed files with 53 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
source3/include/libsmb_internal.h
View File

@ -192,10 +192,9 @@ struct SMBC_internal_data {
bool case_sensitive;
/*
* Auth info needed for DFS traversal.
* Credentials needed for DFS traversal.
*/
struct user_auth_info *auth_info;
struct cli_credentials *creds;
struct smbc_server_cache * server_cache;

71
source3/libsmb/libsmb_context.c
View File

@ -28,6 +28,9 @@
#include "libsmb_internal.h"
#include "secrets.h"
#include "../libcli/smb/smbXcli_base.h"
#include "auth/credentials/credentials.h"
#include "auth/gensec/gensec.h"
#include "lib/param/param.h"
/*
* Is the logging working / configfile read ?
@ -318,7 +321,7 @@ smbc_free_context(SMBCCTX *context,
DEBUG(3, ("Context %p successfully freed\n", context));
/* Free any DFS auth context. */
TALLOC_FREE(context->internal->auth_info);
TALLOC_FREE(context->internal->creds);
SAFE_FREE(context->internal);
SAFE_FREE(context);
@ -733,18 +736,16 @@ void smbc_set_credentials_with_fallback(SMBCCTX *context,
const char *user,
const char *password)
{
smbc_bool use_kerberos = false;
const char *signing_state = "off";
struct user_auth_info *auth_info = NULL;
TALLOC_CTX *frame;
struct loadparm_context *lp_ctx = NULL;
struct cli_credentials *creds = NULL;
enum credentials_use_kerberos kerberos_state =
CRED_USE_KERBEROS_DISABLED;
if (! context) {
return;
}
frame = talloc_stackframe();
if (! workgroup || ! *workgroup) {
workgroup = smbc_getWorkgroup(context);
}
@ -757,38 +758,44 @@ void smbc_set_credentials_with_fallback(SMBCCTX *context,
password = "";
}
auth_info = user_auth_info_init(NULL);
if (! auth_info) {
creds = cli_credentials_init(NULL);
if (creds == NULL) {
DEBUG(0, ("smbc_set_credentials_with_fallback: allocation fail\n"));
TALLOC_FREE(frame);
return;
}
lp_ctx = loadparm_init_s3(creds, loadparm_s3_helpers());
if (lp_ctx == NULL) {
TALLOC_FREE(creds);
return;
}
cli_credentials_set_conf(creds, lp_ctx);
if (smbc_getOptionUseKerberos(context)) {
use_kerberos = True;
kerberos_state = CRED_USE_KERBEROS_REQUIRED;
if (smbc_getOptionFallbackAfterKerberos(context)) {
kerberos_state = CRED_USE_KERBEROS_DESIRED;
}
}
if (lp_client_signing() != SMB_SIGNING_OFF) {
signing_state = "if_required";
cli_credentials_set_username(creds, user, CRED_SPECIFIED);
cli_credentials_set_password(creds, password, CRED_SPECIFIED);
cli_credentials_set_domain(creds, workgroup, CRED_SPECIFIED);
cli_credentials_set_kerberos_state(creds,
kerberos_state,
CRED_SPECIFIED);
if (smbc_getOptionUseCCache(context)) {
uint32_t gensec_features;
gensec_features = cli_credentials_get_gensec_features(creds);
gensec_features |= GENSEC_FEATURE_NTLM_CCACHE;
cli_credentials_set_gensec_features(creds,
gensec_features,
CRED_SPECIFIED);
}
if (lp_client_signing() == SMB_SIGNING_REQUIRED) {
signing_state = "required";
}
set_cmdline_auth_info_username(auth_info, user);
set_cmdline_auth_info_domain(auth_info, workgroup);
set_cmdline_auth_info_password(auth_info, password);
set_cmdline_auth_info_use_kerberos(auth_info, use_kerberos);
set_cmdline_auth_info_signing_state(auth_info, signing_state);
set_cmdline_auth_info_fallback_after_kerberos(auth_info,
smbc_getOptionFallbackAfterKerberos(context));
set_cmdline_auth_info_use_ccache(
auth_info, smbc_getOptionUseCCache(context));
TALLOC_FREE(context->internal->auth_info);
context->internal->auth_info = auth_info;
TALLOC_FREE(frame);
TALLOC_FREE(context->internal->creds);
context->internal->creds = creds;
}

16
source3/libsmb/libsmb_dir.c
View File

@ -25,7 +25,6 @@
#include "includes.h"
#include "libsmb/namequery.h"
#include "libsmb/libsmb.h"
#include "auth_info.h"
#include "libsmbclient.h"
#include "libsmb_internal.h"
#include "rpc_client/cli_pipe.h"
@ -948,8 +947,7 @@ SMBC_opendir_ctx(SMBCCTX *context,
return NULL;
}
creds = get_cmdline_auth_info_creds(
context->internal->auth_info);
creds = context->internal->creds;
status = cli_resolve_path(
frame, "",
@ -1607,7 +1605,7 @@ SMBC_mkdir_ctx(SMBCCTX *context,
}
creds = get_cmdline_auth_info_creds(context->internal->auth_info);
creds = context->internal->creds;
/*d_printf(">>>mkdir: resolving %s\n", path);*/
status = cli_resolve_path(frame, "",
@ -1721,7 +1719,7 @@ SMBC_rmdir_ctx(SMBCCTX *context,
}
creds = get_cmdline_auth_info_creds(context->internal->auth_info),
creds = context->internal->creds;
/*d_printf(">>>rmdir: resolving %s\n", path);*/
status = cli_resolve_path(frame, "",
@ -2029,7 +2027,7 @@ SMBC_chmod_ctx(SMBCCTX *context,
return -1; /* errno set by SMBC_server */
}
creds = get_cmdline_auth_info_creds(context->internal->auth_info);
creds = context->internal->creds;
/*d_printf(">>>unlink: resolving %s\n", path);*/
status = cli_resolve_path(frame, "",
@ -2227,7 +2225,7 @@ SMBC_unlink_ctx(SMBCCTX *context,
}
creds = get_cmdline_auth_info_creds(context->internal->auth_info);
creds = context->internal->creds;
/*d_printf(">>>unlink: resolving %s\n", path);*/
status = cli_resolve_path(frame, "",
@ -2403,7 +2401,7 @@ SMBC_rename_ctx(SMBCCTX *ocontext,
password1);
/*d_printf(">>>rename: resolving %s\n", path1);*/
ocreds = get_cmdline_auth_info_creds(ocontext->internal->auth_info);
ocreds = ocontext->internal->creds;
status = cli_resolve_path(frame, "",
ocreds,
@ -2423,7 +2421,7 @@ SMBC_rename_ctx(SMBCCTX *ocontext,
/*d_printf(">>>rename: resolved path as %s\n", targetpath1);*/
/*d_printf(">>>rename: resolving %s\n", path2);*/
ncreds = get_cmdline_auth_info_creds(ncontext->internal->auth_info);
ncreds = ncontext->internal->creds;
status = cli_resolve_path(frame, "",
ncreds,

5
source3/libsmb/libsmb_file.c
View File

@ -114,8 +114,7 @@ SMBC_open_ctx(SMBCCTX *context,
ZERO_STRUCTP(file);
creds = get_cmdline_auth_info_creds(
context->internal->auth_info);
creds = context->internal->creds;
/*d_printf(">>>open: resolving %s\n", path);*/
status = cli_resolve_path(
frame, "",
@ -496,7 +495,7 @@ SMBC_getatr(SMBCCTX * context,
}
DEBUG(4,("SMBC_getatr: sending qpathinfo\n"));
creds = get_cmdline_auth_info_creds(context->internal->auth_info);
creds = context->internal->creds;
status = cli_resolve_path(frame, "",
creds,

2
source3/libsmb/libsmb_stat.c
View File

@ -292,7 +292,7 @@ SMBC_fstat_ctx(SMBCCTX *context,
return -1;
}
creds = get_cmdline_auth_info_creds(context->internal->auth_info);
creds = context->internal->creds;
/*d_printf(">>>fstat: resolving %s\n", path);*/
status = cli_resolve_path(frame, "",

5
source3/libsmb/libsmb_xattr.c
View File

@ -866,8 +866,7 @@ cacl_get(SMBCCTX *context,
/* Point to the portion after "system.nt_sec_desc." */
name += 19; /* if (all) this will be invalid but unused */
creds = get_cmdline_auth_info_creds(
context->internal->auth_info);
creds = context->internal->creds;
status = cli_resolve_path(
ctx, "",
@ -1546,7 +1545,7 @@ cacl_set(SMBCCTX *context,
return -1;
}
creds = get_cmdline_auth_info_creds(context->internal->auth_info);
creds = context->internal->creds;
status = cli_resolve_path(ctx, "",
creds,

2
source3/libsmb/proto.h
View File

@ -26,8 +26,6 @@
#ifndef _LIBSMB_PROTO_H_
#define _LIBSMB_PROTO_H_
#include "auth_info.h"
struct smb_trans_enc_state;
struct cli_credentials;
struct cli_state;

1
source3/wscript_build
View File

@ -464,7 +464,6 @@ bld.SAMBA3_LIBRARY('libsmb',
NDR_IOCTL
NDR_QUOTA
cli_smb_common
util_cmdline
tevent
''',
private_library=True)