sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-08-04 08:22:08 +03:00
Code Activity

Remove the global "struct cm_cred_struct" and associated calls, make

Browse Source 
callers pass in a struct user_auth_info * instead. This commit causes
smbc_set_credentials() to print out a message telling callers to use
smbc_set_credentials_with_fallback() instead, as smbc_set_credentials()
has a broken API (no SMBCCTX * pointer). No more global variables used
in the connection manager API for client dfs calls.
Jeremy.
This commit is contained in:
Jeremy Allison
2009-03-17 14:53:06 -07:00
parent 153a837bd6
commit 8dd1faaa29
17 changed files with 262 additions and 256 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
source3/client/client.c
View File

@ -103,6 +103,9 @@ struct cli_state *cli;
static char CLI_DIRSEP_CHAR = '\\';
static char CLI_DIRSEP_STR[] = { '\\', '\0' };
/* Authentication for client connections. */
struct user_auth_info *auth_info;
/* Accessor functions for directory paths. */
static char *fileselection;
static const char *client_get_fileselection(void)
@ -299,7 +302,7 @@ static int do_dskattr(void)
char *targetpath = NULL;
TALLOC_CTX *ctx = talloc_tos();
if ( !cli_resolve_path(ctx, "", cli, client_get_cur_dir(), &targetcli, &targetpath)) {
if ( !cli_resolve_path(ctx, "", auth_info, cli, client_get_cur_dir(), &targetcli, &targetpath)) {
d_printf("Error in dskattr: %s\n", cli_errstr(cli));
return 1;
}
@ -393,7 +396,7 @@ static int do_cd(const char *new_dir)
new_cd = clean_name(ctx, new_cd);
client_set_cur_dir(new_cd);
if ( !cli_resolve_path(ctx, "", cli, new_cd, &targetcli, &targetpath)) {
if ( !cli_resolve_path(ctx, "", auth_info, cli, new_cd, &targetcli, &targetpath)) {
d_printf("cd %s: %s\n", new_cd, cli_errstr(cli));
client_set_cur_dir(saved_dir);
goto out;
@ -819,7 +822,7 @@ void do_list(const char *mask,
/* check for dfs */
if ( !cli_resolve_path(ctx, "", cli, head, &targetcli, &targetpath ) ) {
if ( !cli_resolve_path(ctx, "", auth_info, cli, head, &targetcli, &targetpath ) ) {
d_printf("do_list: [%s] %s\n", head, cli_errstr(cli));
remove_do_list_queue_head();
continue;
@ -852,7 +855,7 @@ void do_list(const char *mask,
}
} else {
/* check for dfs */
if (cli_resolve_path(ctx, "", cli, mask, &targetcli, &targetpath)) {
if (cli_resolve_path(ctx, "", auth_info, cli, mask, &targetcli, &targetpath)) {
if (cli_list(targetcli, targetpath, attribute, do_list_helper, NULL) == -1) {
d_printf("%s listing %s\n",
cli_errstr(targetcli), targetpath);
@ -1018,7 +1021,7 @@ static int do_get(const char *rname, const char *lname_in, bool reget)
strlower_m(lname);
}
if (!cli_resolve_path(ctx, "", cli, rname, &targetcli, &targetname ) ) {
if (!cli_resolve_path(ctx, "", auth_info, cli, rname, &targetcli, &targetname ) ) {
d_printf("Failed to open %s: %s\n", rname, cli_errstr(cli));
return 1;
}
@ -1381,7 +1384,7 @@ static bool do_mkdir(const char *name)
struct cli_state *targetcli;
char *targetname = NULL;
if (!cli_resolve_path(ctx, "", cli, name, &targetcli, &targetname)) {
if (!cli_resolve_path(ctx, "", auth_info, cli, name, &targetcli, &targetname)) {
d_printf("mkdir %s: %s\n", name, cli_errstr(cli));
return false;
}
@ -1464,7 +1467,7 @@ static int cmd_mkdir(void)
return 1;
}
if (!cli_resolve_path(ctx, "", cli, mask, &targetcli, &targetname)) {
if (!cli_resolve_path(ctx, "", auth_info, cli, mask, &targetcli, &targetname)) {
return 1;
}
@ -1625,7 +1628,7 @@ static int do_put(const char *rname, const char *lname, bool reput)
struct push_state state;
NTSTATUS status;
if (!cli_resolve_path(ctx, "", cli, rname, &targetcli, &targetname)) {
if (!cli_resolve_path(ctx, "", auth_info, cli, rname, &targetcli, &targetname)) {
d_printf("Failed to open %s: %s\n", rname, cli_errstr(cli));
return 1;
}
@ -2183,7 +2186,7 @@ static int cmd_wdel(void)
return 1;
}
if (!cli_resolve_path(ctx, "", cli, mask, &targetcli, &targetname)) {
if (!cli_resolve_path(ctx, "", auth_info, cli, mask, &targetcli, &targetname)) {
d_printf("cmd_wdel %s: %s\n", mask, cli_errstr(cli));
return 1;
}
@ -2218,7 +2221,7 @@ static int cmd_open(void)
return 1;
}
if (!cli_resolve_path(ctx, "", cli, mask, &targetcli, &targetname)) {
if (!cli_resolve_path(ctx, "", auth_info, cli, mask, &targetcli, &targetname)) {
d_printf("open %s: %s\n", mask, cli_errstr(cli));
return 1;
}
@ -2311,7 +2314,7 @@ static int cmd_posix_open(void)
}
mode = (mode_t)strtol(buf, (char **)NULL, 8);
if (!cli_resolve_path(ctx, "", cli, mask, &targetcli, &targetname)) {
if (!cli_resolve_path(ctx, "", auth_info, cli, mask, &targetcli, &targetname)) {
d_printf("posix_open %s: %s\n", mask, cli_errstr(cli));
return 1;
}
@ -2359,7 +2362,7 @@ static int cmd_posix_mkdir(void)
}
mode = (mode_t)strtol(buf, (char **)NULL, 8);
if (!cli_resolve_path(ctx, "", cli, mask, &targetcli, &targetname)) {
if (!cli_resolve_path(ctx, "", auth_info, cli, mask, &targetcli, &targetname)) {
d_printf("posix_mkdir %s: %s\n", mask, cli_errstr(cli));
return 1;
}
@ -2393,7 +2396,7 @@ static int cmd_posix_unlink(void)
return 1;
}
if (!cli_resolve_path(ctx, "", cli, mask, &targetcli, &targetname)) {
if (!cli_resolve_path(ctx, "", auth_info, cli, mask, &targetcli, &targetname)) {
d_printf("posix_unlink %s: %s\n", mask, cli_errstr(cli));
return 1;
}
@ -2427,7 +2430,7 @@ static int cmd_posix_rmdir(void)
return 1;
}
if (!cli_resolve_path(ctx, "", cli, mask, &targetcli, &targetname)) {
if (!cli_resolve_path(ctx, "", auth_info, cli, mask, &targetcli, &targetname)) {
d_printf("posix_rmdir %s: %s\n", mask, cli_errstr(cli));
return 1;
}
@ -2667,7 +2670,7 @@ static int cmd_rmdir(void)
return 1;
}
if (!cli_resolve_path(ctx, "", cli, mask, &targetcli, &targetname)) {
if (!cli_resolve_path(ctx, "", auth_info, cli, mask, &targetcli, &targetname)) {
d_printf("rmdir %s: %s\n", mask, cli_errstr(cli));
return 1;
}
@ -2714,7 +2717,7 @@ static int cmd_link(void)
return 1;
}
if (!cli_resolve_path(ctx, "", cli, oldname, &targetcli, &targetname)) {
if (!cli_resolve_path(ctx, "", auth_info, cli, oldname, &targetcli, &targetname)) {
d_printf("link %s: %s\n", oldname, cli_errstr(cli));
return 1;
}
@ -2765,7 +2768,7 @@ static int cmd_symlink(void)
return 1;
}
if (!cli_resolve_path(ctx, "", cli, oldname, &targetcli, &targetname)) {
if (!cli_resolve_path(ctx, "", auth_info, cli, oldname, &targetcli, &targetname)) {
d_printf("link %s: %s\n", oldname, cli_errstr(cli));
return 1;
}
@ -2813,7 +2816,7 @@ static int cmd_chmod(void)
mode = (mode_t)strtol(buf, NULL, 8);
if (!cli_resolve_path(ctx, "", cli, src, &targetcli, &targetname)) {
if (!cli_resolve_path(ctx, "", auth_info, cli, src, &targetcli, &targetname)) {
d_printf("chmod %s: %s\n", src, cli_errstr(cli));
return 1;
}
@ -2966,7 +2969,7 @@ static int cmd_getfacl(void)
return 1;
}
if (!cli_resolve_path(ctx, "", cli, src, &targetcli, &targetname)) {
if (!cli_resolve_path(ctx, "", auth_info, cli, src, &targetcli, &targetname)) {
d_printf("stat %s: %s\n", src, cli_errstr(cli));
return 1;
}
@ -3132,7 +3135,7 @@ static int cmd_stat(void)
return 1;
}
if (!cli_resolve_path(ctx, "", cli, src, &targetcli, &targetname)) {
if (!cli_resolve_path(ctx, "", auth_info, cli, src, &targetcli, &targetname)) {
d_printf("stat %s: %s\n", src, cli_errstr(cli));
return 1;
}
@ -3233,7 +3236,7 @@ static int cmd_chown(void)
if (!src) {
return 1;
}
if (!cli_resolve_path(ctx, "", cli, src, &targetcli, &targetname) ) {
if (!cli_resolve_path(ctx, "", auth_info, cli, src, &targetcli, &targetname) ) {
d_printf("chown %s: %s\n", src, cli_errstr(cli));
return 1;
}
@ -3287,12 +3290,12 @@ static int cmd_rename(void)
return 1;
}
if (!cli_resolve_path(ctx, "", cli, src, &targetcli, &targetsrc)) {
if (!cli_resolve_path(ctx, "", auth_info, cli, src, &targetcli, &targetsrc)) {
d_printf("rename %s: %s\n", src, cli_errstr(cli));
return 1;
}
if (!cli_resolve_path(ctx, "", cli, dest, &targetcli, &targetdest)) {
if (!cli_resolve_path(ctx, "", auth_info, cli, dest, &targetcli, &targetdest)) {
d_printf("rename %s: %s\n", dest, cli_errstr(cli));
return 1;
}
@ -3362,7 +3365,7 @@ static int cmd_hardlink(void)
return 1;
}
if (!cli_resolve_path(ctx, "", cli, src, &targetcli, &targetname)) {
if (!cli_resolve_path(ctx, "", auth_info, cli, src, &targetcli, &targetname)) {
d_printf("hardlink %s: %s\n", src, cli_errstr(cli));
return 1;
}
@ -3829,7 +3832,7 @@ static int cmd_show_connect( void )
struct cli_state *targetcli;
char *targetpath;
if (!cli_resolve_path(ctx, "", cli, client_get_cur_dir(),
if (!cli_resolve_path(ctx, "", auth_info, cli, client_get_cur_dir(),
&targetcli, &targetpath ) ) {
d_printf("showconnect %s: %s\n", cur_dir, cli_errstr(cli));
return 1;
@ -4051,7 +4054,8 @@ static int process_command_string(const char *cmd_in)
if (!cli) {
cli = cli_cm_open(talloc_tos(), NULL,
have_ip ? dest_ss_str : desthost,
service, true, smb_encrypt,
service, auth_info,
true, smb_encrypt,
max_protocol, port, name_type);
if (!cli) {
return 1;
@ -4220,7 +4224,7 @@ static char **remote_completion(const char *text, int len)
goto cleanup;
}
if (!cli_resolve_path(ctx, "", cli, dirmask, &targetcli, &targetpath)) {
if (!cli_resolve_path(ctx, "", auth_info, cli, dirmask, &targetcli, &targetpath)) {
goto cleanup;
}
if (cli_list(targetcli, targetpath, aDIR | aSYSTEM | aHIDDEN,
@ -4517,7 +4521,7 @@ static int process(const char *base_directory)
cli = cli_cm_open(talloc_tos(), NULL,
have_ip ? dest_ss_str : desthost,
service, true, smb_encrypt,
service, auth_info, true, smb_encrypt,
max_protocol, port, name_type);
if (!cli) {
return 1;
@ -4550,7 +4554,7 @@ static int do_host_query(const char *query_host)
struct sockaddr_storage ss;
cli = cli_cm_open(talloc_tos(), NULL,
query_host, "IPC$", true, smb_encrypt,
query_host, "IPC$", auth_info, true, smb_encrypt,
max_protocol, port, name_type);
if (!cli)
return 1;
@ -4570,7 +4574,7 @@ static int do_host_query(const char *query_host)
cli_shutdown(cli);
cli = cli_cm_open(talloc_tos(), NULL,
query_host, "IPC$", true, smb_encrypt,
query_host, "IPC$", auth_info, true, smb_encrypt,
max_protocol, 139, name_type);
}
@ -4598,7 +4602,7 @@ static int do_tar_op(const char *base_directory)
if (!cli) {
cli = cli_cm_open(talloc_tos(), NULL,
have_ip ? dest_ss_str : desthost,
service, true, smb_encrypt,
service, auth_info, true, smb_encrypt,
max_protocol, port, name_type);
if (!cli)
return 1;
@ -4625,7 +4629,7 @@ static int do_tar_op(const char *base_directory)
Handle a message operation.
****************************************************************************/
static int do_message_op(struct user_auth_info *auth_info)
static int do_message_op(struct user_auth_info *a_info)
{
struct sockaddr_storage ss;
struct nmb_name called, calling;
@ -4667,7 +4671,7 @@ static int do_message_op(struct user_auth_info *auth_info)
return 1;
}
send_message(get_cmdline_auth_info_username(auth_info));
send_message(get_cmdline_auth_info_username(a_info));
cli_shutdown(cli);
return 0;
@ -4714,7 +4718,6 @@ static int do_message_op(struct user_auth_info *auth_info)
POPT_TABLEEND
};
TALLOC_CTX *frame = talloc_stackframe();
struct user_auth_info *auth_info;
if (!client_set_cur_dir("\\")) {
exit(ENOMEM);
@ -4970,12 +4973,11 @@ static int do_message_op(struct user_auth_info *auth_info)
poptFreeContext(pc);
/* Store the username and password for dfs support */
cli_cm_set_credentials(auth_info);
DEBUG(3,("Client started (version %s).\n", samba_version_string()));
/* Ensure we have a password (or equivalent). */
set_cmdline_auth_info_getpass(auth_info);
if (tar_type) {
if (cmdstr)
process_command_string(cmdstr);

6
source3/include/libsmb_internal.h
View File

@ -181,6 +181,12 @@ struct SMBC_internal_data {
*/
bool case_sensitive;
/*
* Auth info needed for DFS traversal.
*/
struct user_auth_info *auth_info;
struct smbc_server_cache * server_cache;
/* POSIX emulation functions */

1
source3/include/popt_common.h
View File

@ -53,6 +53,7 @@ struct user_auth_info {
int signing_state;
bool smb_encrypt;
bool use_machine_account;
bool fallback_after_kerberos;
};
#endif /* _POPT_COMMON_H */

15
source3/include/proto.h
View File

@ -1084,6 +1084,9 @@ int get_cmdline_auth_info_signing_state(const struct user_auth_info *auth_info);
void set_cmdline_auth_info_use_kerberos(struct user_auth_info *auth_info,
bool b);
bool get_cmdline_auth_info_use_kerberos(const struct user_auth_info *auth_info);
void set_cmdline_auth_info_fallback_after_kerberos(struct user_auth_info *auth_info,
bool b);
bool get_cmdline_auth_info_fallback_after_kerberos(const struct user_auth_info *auth_info);
void set_cmdline_auth_info_use_krb5_ticket(struct user_auth_info *auth_info);
void set_cmdline_auth_info_smb_encrypt(struct user_auth_info *auth_info);
void set_cmdline_auth_info_use_machine_account(struct user_auth_info *auth_info);
@ -1093,6 +1096,7 @@ bool get_cmdline_auth_info_use_machine_account(const struct user_auth_info *auth
struct user_auth_info *get_cmdline_auth_info_copy(TALLOC_CTX *mem_ctx,
const struct user_auth_info *info);
bool set_cmdline_auth_info_machine_account_creds(struct user_auth_info *auth_info);
void set_cmdline_auth_info_getpass(struct user_auth_info *auth_info);
bool add_gid_to_array_unique(TALLOC_CTX *mem_ctx, gid_t gid,
gid_t **gids, size_t *num_gids);
bool file_exist_stat(const char *fname,SMB_STRUCT_STAT *sbuf);
@ -2359,21 +2363,13 @@ struct cli_state *cli_cm_open(TALLOC_CTX *ctx,
struct cli_state *referring_cli,
const char *server,
const char *share,
const struct user_auth_info *auth_info,
bool show_hdr,
bool force_encrypt,
int max_protocol,
int port,
int name_type);
void cli_cm_display(const struct cli_state *c);
void cli_cm_set_credentials(struct user_auth_info *auth_info);
void cli_cm_set_port(int port_number);
void cli_cm_set_dest_name_type(int type);
void cli_cm_set_signing_state(int state);
void cli_cm_set_username(const char *username);
void cli_cm_set_password(const char *newpass);
void cli_cm_set_use_kerberos(void);
void cli_cm_set_fallback_after_kerberos(void);
void cli_cm_set_dest_ss(struct sockaddr_storage *pss);
bool cli_dfs_get_referral(TALLOC_CTX *ctx,
struct cli_state *cli,
const char *path,
@ -2382,6 +2378,7 @@ bool cli_dfs_get_referral(TALLOC_CTX *ctx,
uint16 *consumed);
bool cli_resolve_path(TALLOC_CTX *ctx,
const char *mountpt,
const struct user_auth_info *dfs_auth_info,
struct cli_state *rootcli,
const char *path,
struct cli_state **targetcli,

24
source3/lib/netapi/cm.c
View File

@ -29,36 +29,36 @@ static WERROR libnetapi_open_ipc_connection(struct libnetapi_ctx *ctx,
const char *server_name,
struct cli_state **cli)
{
struct user_auth_info *auth_info = NULL;
struct cli_state *cli_ipc = NULL;
if (!ctx || !cli || !server_name) {
return WERR_INVALID_PARAM;
}
cli_cm_set_signing_state(Undefined);
if (ctx->use_kerberos) {
cli_cm_set_use_kerberos();
}
if (ctx->password) {
cli_cm_set_password(ctx->password);
}
if (ctx->username) {
cli_cm_set_username(ctx->username);
auth_info = user_auth_info_init(NULL);
if (!auth_info) {
return WERR_NOMEM;
}
auth_info->signing_state = Undefined;
set_cmdline_auth_info_use_kerberos(auth_info, ctx->use_kerberos);
set_cmdline_auth_info_password(auth_info, ctx->password);
set_cmdline_auth_info_username(auth_info, ctx->username);
if (ctx->username && ctx->username[0] &&
ctx->password && ctx->password[0] &&
ctx->use_kerberos) {
cli_cm_set_fallback_after_kerberos();
set_cmdline_auth_info_fallback_after_kerberos(auth_info, true);
}
cli_ipc = cli_cm_open(ctx, NULL,
server_name, "IPC$",
auth_info,
false, false,
PROTOCOL_NT1,
0, 0x20);
TALLOC_FREE(auth_info);
if (!cli_ipc) {
libnetapi_set_error_string(ctx,
"Failed to connect to IPC$ share on %s", server_name);

40
source3/lib/util.c
View File

@ -320,6 +320,9 @@ void set_cmdline_auth_info_password(struct user_auth_info *auth_info,
const char *password)
{
TALLOC_FREE(auth_info->password);
if (password == NULL) {
password = "";
}
auth_info->password = talloc_strdup(auth_info, password);
if (!auth_info->password) {
exit(ENOMEM);
@ -362,6 +365,17 @@ bool get_cmdline_auth_info_use_kerberos(const struct user_auth_info *auth_info)
return auth_info->use_kerberos;
}
void set_cmdline_auth_info_fallback_after_kerberos(struct user_auth_info *auth_info,
bool b)
{
auth_info->fallback_after_kerberos = b;
}
bool get_cmdline_auth_info_fallback_after_kerberos(const struct user_auth_info *auth_info)
{
return auth_info->fallback_after_kerberos;
}
/* This should only be used by lib/popt_common.c JRA */
void set_cmdline_auth_info_use_krb5_ticket(struct user_auth_info *auth_info)
{
@ -455,6 +469,32 @@ bool set_cmdline_auth_info_machine_account_creds(struct user_auth_info *auth_inf
return true;
}
/****************************************************************************
Ensure we have a password if one not given.
****************************************************************************/
void set_cmdline_auth_info_getpass(struct user_auth_info *auth_info)
{
char *label = NULL;
char *pass;
TALLOC_CTX *frame;
if (get_cmdline_auth_info_got_pass(auth_info) ||
get_cmdline_auth_info_use_kerberos(auth_info)) {
/* Already got one... */
return;
}
frame = talloc_stackframe();
label = talloc_asprintf(frame, "Enter %s's password: ",
get_cmdline_auth_info_username(auth_info));
pass = getpass(label);
if (pass) {
set_cmdline_auth_info_password(auth_info, pass);
}
TALLOC_FREE(frame);
}
/****************************************************************************
Add a gid to an array of gids if it's not already there.
****************************************************************************/

131
source3/libsmb/clidfs.c
View File

@ -32,17 +32,6 @@
as a separator when looking at the pathname part.... JRA.
********************************************************************/
static struct cm_cred_struct {
char *username;
char *password;
bool got_pass;
bool use_kerberos;
bool fallback_after_kerberos;
int signing_state;
} cm_creds;
static void cm_set_password(const char *newpass);
static bool cli_check_msdfs_proxy(TALLOC_CTX *ctx,
struct cli_state *cli,
const char *sharename,
@ -96,6 +85,7 @@ NTSTATUS cli_cm_force_encryption(struct cli_state *c,
static struct cli_state *do_connect(TALLOC_CTX *ctx,
const char *server,
const char *share,
const struct user_auth_info *auth_info,
bool show_sessetup,
bool force_encrypt,
int max_protocol,
@ -143,7 +133,7 @@ static struct cli_state *do_connect(TALLOC_CTX *ctx,
zero_sockaddr(&ss);
/* have to open a new connection */
if (!(c=cli_initialise_ex(cm_creds.signing_state))) {
if (!(c=cli_initialise_ex(get_cmdline_auth_info_signing_state(auth_info)))) {
d_printf("Connection to %s failed\n", server_n);
if (c) {
cli_shutdown(c);
@ -167,8 +157,9 @@ static struct cli_state *do_connect(TALLOC_CTX *ctx,
max_protocol = PROTOCOL_NT1;
}
c->protocol = max_protocol;
c->use_kerberos = cm_creds.use_kerberos;
c->fallback_after_kerberos = cm_creds.fallback_after_kerberos;
c->use_kerberos = get_cmdline_auth_info_use_kerberos(auth_info);
c->fallback_after_kerberos =
get_cmdline_auth_info_fallback_after_kerberos(auth_info);
if (!cli_session_request(c, &calling, &called)) {
char *p;
@ -198,20 +189,8 @@ static struct cli_state *do_connect(TALLOC_CTX *ctx,
return NULL;
}
if (!cm_creds.got_pass && !cm_creds.use_kerberos) {
char *label = NULL;
char *pass;
label = talloc_asprintf(ctx, "Enter %s's password: ",
cm_creds.username);
pass = getpass(label);
if (pass) {
cm_set_password(pass);
}
TALLOC_FREE(label);
}
username = cm_creds.username ? cm_creds.username : "";
password = cm_creds.password ? cm_creds.password : "";
username = get_cmdline_auth_info_username(auth_info);
password = get_cmdline_auth_info_password(auth_info);
if (!NT_STATUS_IS_OK(cli_session_setup(c, username,
password, strlen(password),
@ -219,7 +198,8 @@ static struct cli_state *do_connect(TALLOC_CTX *ctx,
lp_workgroup()))) {
/* If a password was not supplied then
* try again with a null username. */
if (password[0] || !username[0] || cm_creds.use_kerberos ||
if (password[0] || !username[0] ||
get_cmdline_auth_info_use_kerberos(auth_info) ||
!NT_STATUS_IS_OK(cli_session_setup(c, "",
"", 0,
"", 0,
@ -259,7 +239,7 @@ static struct cli_state *do_connect(TALLOC_CTX *ctx,
lp_workgroup())) {
cli_shutdown(c);
return do_connect(ctx, newserver,
newshare, false,
newshare, auth_info, false,
force_encrypt, max_protocol,
port, name_type);
}
@ -313,6 +293,7 @@ static struct cli_state *cli_cm_connect(TALLOC_CTX *ctx,
struct cli_state *referring_cli,
const char *server,
const char *share,
const struct user_auth_info *auth_info,
bool show_hdr,
bool force_encrypt,
int max_protocol,
@ -322,6 +303,7 @@ static struct cli_state *cli_cm_connect(TALLOC_CTX *ctx,
struct cli_state *cli;
cli = do_connect(ctx, server, share,
auth_info,
show_hdr, force_encrypt, max_protocol,
port, name_type);
@ -389,6 +371,7 @@ struct cli_state *cli_cm_open(TALLOC_CTX *ctx,
struct cli_state *referring_cli,
const char *server,
const char *share,
const struct user_auth_info *auth_info,
bool show_hdr,
bool force_encrypt,
int max_protocol,
@ -402,9 +385,25 @@ struct cli_state *cli_cm_open(TALLOC_CTX *ctx,
return c;
}
return cli_cm_connect(ctx, referring_cli,
server, share, show_hdr, force_encrypt,
max_protocol, port, name_type);
if (auth_info == NULL) {
/* Can't do a new connection
* without auth info. */
d_printf("cli_cm_open() Unable to open connection [\\%s\\%s] "
"without auth info\n",
server, share );
return NULL;
}
return cli_cm_connect(ctx,
referring_cli,
server,
share,
auth_info,
show_hdr,
force_encrypt,
max_protocol,
port,
name_type);
}
/****************************************************************************
@ -423,18 +422,10 @@ void cli_cm_display(const struct cli_state *cli)
/****************************************************************************
****************************************************************************/
static void cm_set_password(const char *newpass)
{
SAFE_FREE(cm_creds.password);
cm_creds.password = SMB_STRDUP(newpass);
if (cm_creds.password) {
cm_creds.got_pass = true;
}
}
/****************************************************************************
****************************************************************************/
#if 0
void cli_cm_set_credentials(struct user_auth_info *auth_info)
{
SAFE_FREE(cm_creds.username);
@ -449,51 +440,7 @@ void cli_cm_set_credentials(struct user_auth_info *auth_info)
cm_creds.fallback_after_kerberos = false;
cm_creds.signing_state = get_cmdline_auth_info_signing_state(auth_info);
}
/****************************************************************************
****************************************************************************/
void cli_cm_set_signing_state(int state)
{
cm_creds.signing_state = state;
}
/****************************************************************************
****************************************************************************/
void cli_cm_set_username(const char *username)
{
SAFE_FREE(cm_creds.username);
cm_creds.username = SMB_STRDUP(username);
}
/****************************************************************************
****************************************************************************/
void cli_cm_set_password(const char *newpass)
{
SAFE_FREE(cm_creds.password);
cm_creds.password = SMB_STRDUP(newpass);
if (cm_creds.password) {
cm_creds.got_pass = true;
}
}
/****************************************************************************
****************************************************************************/
void cli_cm_set_use_kerberos(void)
{
cm_creds.use_kerberos = true;
}
/****************************************************************************
****************************************************************************/
void cli_cm_set_fallback_after_kerberos(void)
{
cm_creds.fallback_after_kerberos = true;
}
#endif
/**********************************************************************
split a dfs path into the server, share name, and extrapath components
@ -763,6 +710,7 @@ bool cli_dfs_get_referral(TALLOC_CTX *ctx,
bool cli_resolve_path(TALLOC_CTX *ctx,
const char *mountpt,
const struct user_auth_info *dfs_auth_info,
struct cli_state *rootcli,
const char *path,
struct cli_state **targetcli,
@ -843,9 +791,12 @@ bool cli_resolve_path(TALLOC_CTX *ctx,
/* Check for the referral. */
if (!(cli_ipc = cli_cm_open(ctx, rootcli,
if (!(cli_ipc = cli_cm_open(ctx,
rootcli,
rootcli->desthost,
"IPC$", false,
"IPC$",
dfs_auth_info,
false,
(rootcli->trans_enc_state != NULL),
rootcli->protocol,
0,
@ -893,6 +844,7 @@ bool cli_resolve_path(TALLOC_CTX *ctx,
if ((*targetcli = cli_cm_open(ctx, rootcli,
server,
share,
dfs_auth_info,
false,
(rootcli->trans_enc_state != NULL),
rootcli->protocol,
@ -952,6 +904,7 @@ bool cli_resolve_path(TALLOC_CTX *ctx,
if (!strequal(*pp_targetpath, "\\") && !strequal(*pp_targetpath, "/")) {
if (cli_resolve_path(ctx,
newmount,
dfs_auth_info,
*targetcli,
*pp_targetpath,
&newcli,

49
source3/libsmb/libsmb_context.c
View File

@ -203,6 +203,9 @@ smbc_free_context(SMBCCTX *context,
DEBUG(3, ("Context %p successfully freed\n", context));
/* Free any DFS auth context. */
TALLOC_FREE(context->internal->auth_info);
SAFE_FREE(context->internal);
SAFE_FREE(context);
@ -625,10 +628,12 @@ smbc_version(void)
return samba_version_string();
}
/*
* Set the credentials so DFS will work when following referrals.
* This function is broken and must be removed. No SMBCCTX arg...
* JRA.
*/
void
smbc_set_credentials(const char *workgroup,
const char *user,
@ -636,21 +641,7 @@ smbc_set_credentials(const char *workgroup,
smbc_bool use_kerberos,
const char *signing_state)
{
struct user_auth_info *auth_info;
auth_info = user_auth_info_init(talloc_tos());
if (auth_info == NULL) {
return;
}
set_cmdline_auth_info_username(auth_info, user);
set_cmdline_auth_info_password(auth_info, password);
set_cmdline_auth_info_use_kerberos(auth_info, use_kerberos);
if (! set_cmdline_auth_info_signing_state(auth_info, signing_state)) {
DEBUG(0, ("Invalid signing state: %s", signing_state));
}
set_global_myworkgroup(workgroup);
cli_cm_set_credentials(auth_info);
TALLOC_FREE(auth_info);
d_printf("smbc_set_credentials is obsolete. Replace with smbc_set_credentials_with_fallback().\n");
}
void smbc_set_credentials_with_fallback(SMBCCTX *context,
@ -660,6 +651,10 @@ void smbc_set_credentials_with_fallback(SMBCCTX *context,
{
smbc_bool use_kerberos = false;
const char *signing_state = "off";
struct user_auth_info *auth_info = user_auth_info_init(NULL);
if (auth_info) {
}
if (! context ||
! workgroup || ! *workgroup ||
@ -669,6 +664,13 @@ void smbc_set_credentials_with_fallback(SMBCCTX *context,
return;
}
auth_info = user_auth_info_init(NULL);
if (auth_info) {
DEBUG(0, ("smbc_set_credentials_with_fallback: allocation fail\n"));
return;
}
if (smbc_getOptionUseKerberos(context)) {
use_kerberos = True;
}
@ -681,10 +683,15 @@ void smbc_set_credentials_with_fallback(SMBCCTX *context,
signing_state = "force";
}
smbc_set_credentials(workgroup, user, password,
use_kerberos, signing_state);
set_cmdline_auth_info_username(auth_info, user);
set_cmdline_auth_info_password(auth_info, password);
set_cmdline_auth_info_use_kerberos(auth_info, use_kerberos);
set_cmdline_auth_info_signing_state(auth_info, signing_state);
set_cmdline_auth_info_fallback_after_kerberos(auth_info,
smbc_getOptionFallbackAfterKerberos(context));
set_global_myworkgroup(workgroup);
if (smbc_getOptionFallbackAfterKerberos(context)) {
cli_cm_set_fallback_after_kerberos();
}
TALLOC_FREE(context->internal->auth_info);
context->internal->auth_info = auth_info;
}

23
source3/libsmb/libsmb_dir.c
View File

@ -770,7 +770,8 @@ SMBC_opendir_ctx(SMBCCTX *context,
return NULL;
}
if (!cli_resolve_path(frame, "", srv->cli, path,
if (!cli_resolve_path(frame, "", context->internal->auth_info,
srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
if (dir) {
@ -1166,7 +1167,8 @@ SMBC_mkdir_ctx(SMBCCTX *context,
}
/*d_printf(">>>mkdir: resolving %s\n", path);*/
if (!cli_resolve_path(frame, "", srv->cli, path,
if (!cli_resolve_path(frame, "", context->internal->auth_info,
srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
TALLOC_FREE(frame);
@ -1272,7 +1274,8 @@ SMBC_rmdir_ctx(SMBCCTX *context,
}
/*d_printf(">>>rmdir: resolving %s\n", path);*/
if (!cli_resolve_path(frame, "", srv->cli, path,
if (!cli_resolve_path(frame, "", context->internal->auth_info,
srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
TALLOC_FREE(frame);
@ -1554,7 +1557,8 @@ SMBC_chmod_ctx(SMBCCTX *context,
}
/*d_printf(">>>unlink: resolving %s\n", path);*/
if (!cli_resolve_path(frame, "", srv->cli, path,
if (!cli_resolve_path(frame, "", context->internal->auth_info,
srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
TALLOC_FREE(frame);
@ -1745,7 +1749,8 @@ SMBC_unlink_ctx(SMBCCTX *context,
}
/*d_printf(">>>unlink: resolving %s\n", path);*/
if (!cli_resolve_path(frame, "", srv->cli, path,
if (!cli_resolve_path(frame, "", context->internal->auth_info,
srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
TALLOC_FREE(frame);
@ -1917,7 +1922,9 @@ SMBC_rename_ctx(SMBCCTX *ocontext,
password1);
/*d_printf(">>>rename: resolving %s\n", path1);*/
if (!cli_resolve_path(frame, "", srv->cli, path1,
if (!cli_resolve_path(frame, "", ocontext->internal->auth_info,
srv->cli,
path1,
&targetcli1, &targetpath1)) {
d_printf("Could not resolve %s\n", path1);
TALLOC_FREE(frame);
@ -1932,7 +1939,9 @@ SMBC_rename_ctx(SMBCCTX *ocontext,
/*d_printf(">>>rename: resolved path as %s\n", targetpath1);*/
/*d_printf(">>>rename: resolving %s\n", path2);*/
if (!cli_resolve_path(frame, "", srv->cli, path2,
if (!cli_resolve_path(frame, "", ncontext->internal->auth_info,
srv->cli,
path2,
&targetcli2, &targetpath2)) {
d_printf("Could not resolve %s\n", path2);
TALLOC_FREE(frame);

21
source3/libsmb/libsmb_file.c
View File

@ -115,7 +115,8 @@ SMBC_open_ctx(SMBCCTX *context,
ZERO_STRUCTP(file);
/*d_printf(">>>open: resolving %s\n", path);*/
if (!cli_resolve_path(frame, "", srv->cli, path,
if (!cli_resolve_path(frame, "", context->internal->auth_info,
srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
SAFE_FREE(file);
@ -295,7 +296,8 @@ SMBC_read_ctx(SMBCCTX *context,
}
/*d_printf(">>>read: resolving %s\n", path);*/
if (!cli_resolve_path(frame, "", file->srv->cli, path,
if (!cli_resolve_path(frame, "", context->internal->auth_info,
file->srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
TALLOC_FREE(frame);
@ -384,7 +386,8 @@ SMBC_write_ctx(SMBCCTX *context,
}
/*d_printf(">>>write: resolving %s\n", path);*/
if (!cli_resolve_path(frame, "", file->srv->cli, path,
if (!cli_resolve_path(frame, "", context->internal->auth_info,
file->srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
TALLOC_FREE(frame);
@ -459,7 +462,8 @@ SMBC_close_ctx(SMBCCTX *context,
}
/*d_printf(">>>close: resolving %s\n", path);*/
if (!cli_resolve_path(frame, "", file->srv->cli, path,
if (!cli_resolve_path(frame, "", context->internal->auth_info,
file->srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
TALLOC_FREE(frame);
@ -541,7 +545,8 @@ SMBC_getatr(SMBCCTX * context,
}
DEBUG(4,("SMBC_getatr: sending qpathinfo\n"));
if (!cli_resolve_path(frame, "", srv->cli, fixedpath,
if (!cli_resolve_path(frame, "", context->internal->auth_info,
srv->cli, fixedpath,
&targetcli, &targetpath)) {
d_printf("Couldn't resolve %s\n", path);
TALLOC_FREE(frame);
@ -753,7 +758,8 @@ SMBC_lseek_ctx(SMBCCTX *context,
}
/*d_printf(">>>lseek: resolving %s\n", path);*/
if (!cli_resolve_path(frame, "", file->srv->cli, path,
if (!cli_resolve_path(frame, "", context->internal->auth_info,
file->srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
TALLOC_FREE(frame);
@ -844,7 +850,8 @@ SMBC_ftruncate_ctx(SMBCCTX *context,
}
/*d_printf(">>>fstat: resolving %s\n", path);*/
if (!cli_resolve_path(frame, "", file->srv->cli, path,
if (!cli_resolve_path(frame, "", context->internal->auth_info,
file->srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
TALLOC_FREE(frame);

3
source3/libsmb/libsmb_stat.c
View File

@ -257,7 +257,8 @@ SMBC_fstat_ctx(SMBCCTX *context,
}
/*d_printf(">>>fstat: resolving %s\n", path);*/
if (!cli_resolve_path(frame, "", file->srv->cli, path,
if (!cli_resolve_path(frame, "", context->internal->auth_info,
file->srv->cli, path,
&targetcli, &targetpath)) {
d_printf("Could not resolve %s\n", path);
TALLOC_FREE(frame);

21
source3/libsmb/libsmb_xattr.c
View File

@ -891,7 +891,8 @@ cacl_get(SMBCCTX *context,
/* Point to the portion after "system.nt_sec_desc." */
name += 19; /* if (all) this will be invalid but unused */
if (!cli_resolve_path(ctx, "", cli, filename,
if (!cli_resolve_path(ctx, "", context->internal->auth_info,
cli, filename,
&targetcli, &targetpath)) {
DEBUG(5, ("cacl_get Could not resolve %s\n",
filename));
@ -1496,7 +1497,8 @@ cacl_get(SMBCCTX *context,
set the ACLs on a file given an ascii description
*******************************************************/
static int
cacl_set(TALLOC_CTX *ctx,
cacl_set(SMBCCTX *context,
TALLOC_CTX *ctx,
struct cli_state *cli,
struct cli_state *ipc_cli,
POLICY_HND *pol,
@ -1547,7 +1549,8 @@ cacl_set(TALLOC_CTX *ctx,
return -1;
}
if (!cli_resolve_path(ctx, "", cli, filename,
if (!cli_resolve_path(ctx, "", context->internal->auth_info,
cli, filename,
&targetcli, &targetpath)) {
DEBUG(5,("cacl_set: Could not resolve %s\n", filename));
errno = ENOENT;
@ -1793,7 +1796,7 @@ SMBC_setxattr_ctx(SMBCCTX *context,
}
if (ipc_srv) {
ret = cacl_set(talloc_tos(), srv->cli,
ret = cacl_set(context, talloc_tos(), srv->cli,
ipc_srv->cli, &ipc_srv->pol, path,
namevalue,
(*namevalue == '*'
@ -1857,7 +1860,7 @@ SMBC_setxattr_ctx(SMBCCTX *context,
errno = ENOMEM;
ret = -1;
} else {
ret = cacl_set(talloc_tos(), srv->cli,
ret = cacl_set(context, talloc_tos(), srv->cli,
ipc_srv->cli, &ipc_srv->pol, path,
namevalue,
(*namevalue == '*'
@ -1887,7 +1890,7 @@ SMBC_setxattr_ctx(SMBCCTX *context,
errno = ENOMEM;
ret = -1;
} else {
ret = cacl_set(talloc_tos(), srv->cli,
ret = cacl_set(context, talloc_tos(), srv->cli,
ipc_srv->cli, &ipc_srv->pol, path,
namevalue, SMBC_XATTR_MODE_CHOWN, 0);
}
@ -1914,7 +1917,7 @@ SMBC_setxattr_ctx(SMBCCTX *context,
errno = ENOMEM;
ret = -1;
} else {
ret = cacl_set(talloc_tos(), srv->cli,
ret = cacl_set(context, talloc_tos(), srv->cli,
ipc_srv->cli, &ipc_srv->pol, path,
namevalue, SMBC_XATTR_MODE_CHGRP, 0);
}
@ -2216,7 +2219,7 @@ SMBC_removexattr_ctx(SMBCCTX *context,
StrCaseCmp(name, "system.nt_sec_desc.*+") == 0) {
/* Yup. */
ret = cacl_set(talloc_tos(), srv->cli,
ret = cacl_set(context, talloc_tos(), srv->cli,
ipc_srv->cli, &ipc_srv->pol, path,
NULL, SMBC_XATTR_MODE_REMOVE_ALL, 0);
TALLOC_FREE(frame);
@ -2236,7 +2239,7 @@ SMBC_removexattr_ctx(SMBCCTX *context,
StrnCaseCmp(name, "system.nt_sec_desc.acl+", 23) == 0) {
/* Yup. */
ret = cacl_set(talloc_tos(), srv->cli,
ret = cacl_set(context, talloc_tos(), srv->cli,
ipc_srv->cli, &ipc_srv->pol, path,
CONST_DISCARD(char *, name) + 19,
SMBC_XATTR_MODE_REMOVE, 0);

7
source3/rpcclient/rpcclient.c
View File

@ -868,12 +868,7 @@ out_free:
goto done;
}
if (!get_cmdline_auth_info_got_pass(rpcclient_auth_info)) {
char *pass = getpass("Password:");
if (pass) {
set_cmdline_auth_info_password(rpcclient_auth_info, pass);
}
}
set_cmdline_auth_info_getpass(rpcclient_auth_info);
if ((server[0] == '/' && server[1] == '/') ||
(server[0] == '\\' && server[1] == '\\')) {

2
source3/utils/net_rpc.c
View File

@ -3299,7 +3299,7 @@ static bool sync_files(struct copy_clistate *cp_clistate, const char *mask)
DEBUG(3,("calling cli_list with mask: %s\n", mask));
if ( !cli_resolve_path(talloc_tos(), "", cp_clistate->cli_share_src,
if ( !cli_resolve_path(talloc_tos(), "", NULL, cp_clistate->cli_share_src,
mask, &targetcli, &targetpath ) ) {
d_fprintf(stderr, "cli_resolve_path %s failed with error: %s\n",
mask, cli_errstr(cp_clistate->cli_share_src));

7
source3/utils/smbcacls.c
View File

@ -973,12 +973,7 @@ static struct cli_state *connect_one(struct user_auth_info *auth_info,
return NULL;
}
if (!get_cmdline_auth_info_got_pass(auth_info)) {
char *pass = getpass("Password: ");
if (pass) {
set_cmdline_auth_info_password(auth_info, pass);
}
}
set_cmdline_auth_info_getpass(auth_info);
nt_status = cli_full_connection(&c, global_myname(), server,
&ss, 0,

7
source3/utils/smbcquotas.c
View File

@ -385,12 +385,7 @@ static struct cli_state *connect_one(const char *share)
}
if (!get_cmdline_auth_info_got_pass(smbcquotas_auth_info)) {
char *pass = getpass("Password: ");
if (pass) {
set_cmdline_auth_info_password(smbcquotas_auth_info, pass);
}
}
set_cmdline_auth_info_getpass(smbcquotas_auth_info);
nt_status = cli_full_connection(&c, global_myname(), server,
&ss, 0,

7
source3/utils/smbtree.c
View File

@ -315,12 +315,7 @@ static bool print_tree(struct user_auth_info *user_info)
return 1;
}
if (!get_cmdline_auth_info_got_pass(auth_info)) {
char *pass = getpass("Password: ");
if (pass) {
set_cmdline_auth_info_password(auth_info, pass);
}
}
set_cmdline_auth_info_getpass(auth_info);
/* Now do our stuff */