The branch, master has been updated
via c7c0e4c s3: Remove unused cli_session_request
via 4ee443d s3: Remove unused cli_connect
via f92b90c s3: Use cli_connect_nb in SMBC_server_internal
via 040d917 s3: Run BAD-NBT-SESSION in make test
via 87e9915 s3: Reply correctly to a bad nbt session request
via ef0260d s3: Fix cli_bad_session_request
via 97dcdcd s3: Simplify run_bad_nbt_session
via 18a54fe s3: Simplify cli_bad_session_request
from debaf40 s3: Add set_socket_options to cli_connect_sock()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit c7c0e4ca71277a02bb9371aaf47ac1157f7ca542
Author: Volker Lendecke <[email protected]>
Date: Sun May 29 21:00:12 2011 +0200
s3: Remove unused cli_session_request
Autobuild-User: Volker Lendecke <[email protected]>
Autobuild-Date: Sun May 29 22:25:55 CEST 2011 on sn-devel-104
commit 4ee443d7b35a67ea792adcd5e0f83c3e92978785
Author: Volker Lendecke <[email protected]>
Date: Sun May 29 20:51:43 2011 +0200
s3: Remove unused cli_connect
commit f92b90c67606b3a44a0a12101281f1d54a36a0f7
Author: Volker Lendecke <[email protected]>
Date: Sun May 29 20:22:38 2011 +0200
s3: Use cli_connect_nb in SMBC_server_internal
commit 040d917c105b36f932ba4c9c9585234db30af7aa
Author: Volker Lendecke <[email protected]>
Date: Sun May 29 19:14:48 2011 +0200
s3: Run BAD-NBT-SESSION in make test
commit 87e99150d0ba2af6b798befc3059a90d57fb9050
Author: Volker Lendecke <[email protected]>
Date: Sun May 29 19:13:11 2011 +0200
s3: Reply correctly to a bad nbt session request
commit ef0260ddbcb88361f805a1e08d42fdc589ebdcdd
Author: Volker Lendecke <[email protected]>
Date: Sun May 29 18:49:14 2011 +0200
s3: Fix cli_bad_session_request
We expect a negative session response with a 0x82 error (called name not
present), not a 0x82 message
commit 97dcdcd5c2b7d30a246a7faff89c6618cc083a94
Author: Volker Lendecke <[email protected]>
Date: Sun May 29 18:43:31 2011 +0200
s3: Simplify run_bad_nbt_session
commit 18a54fe4eb8f78a3661dbc5c357a6f021f09e79e
Author: Volker Lendecke <[email protected]>
Date: Sun May 29 18:17:18 2011 +0200
s3: Simplify cli_bad_session_request
For this purpose we don't need the full cli_state
-----------------------------------------------------------------------
Summary of changes:
source3/libsmb/cliconnect.c | 306 ----------------------------------------
source3/libsmb/libsmb_server.c | 101 +++-----------
source3/libsmb/proto.h | 5 -
source3/selftest/tests.py | 1 +
source3/smbd/reply.c | 16 ++-
source3/torture/torture.c | 101 +++++++-------
6 files changed, 84 insertions(+), 446 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 5f6488d..2b26937 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -2786,312 +2786,6 @@ NTSTATUS cli_negprot(struct cli_state *cli)
return status;
}
-/****************************************************************************
- Send a session request. See rfc1002.txt 4.3 and 4.3.2.
-****************************************************************************/
-
-bool cli_session_request(struct cli_state *cli,
- struct nmb_name *calling, struct nmb_name *called)
-{
- TALLOC_CTX *frame;
- uint8_t len_buf[4];
- struct iovec iov[3];
- ssize_t len;
- uint8_t *inbuf;
- int err;
- bool ret = false;
-
- /* 445 doesn't have session request */
- if (cli->port == 445)
- return True;
-
- memcpy(&(cli->calling), calling, sizeof(*calling));
- memcpy(&(cli->called ), called , sizeof(*called ));
-
- /* put in the destination name */
-
- frame = talloc_stackframe();
-
- iov[0].iov_base = len_buf;
- iov[0].iov_len = sizeof(len_buf);
-
- /* put in the destination name */
-
- iov[1].iov_base = name_mangle(talloc_tos(), called->name,
- called->name_type);
- if (iov[1].iov_base == NULL) {
- goto fail;
- }
- iov[1].iov_len = name_len((unsigned char *)iov[1].iov_base,
- talloc_get_size(iov[1].iov_base));
-
- /* and my name */
-
- iov[2].iov_base = name_mangle(talloc_tos(), calling->name,
- calling->name_type);
- if (iov[2].iov_base == NULL) {
- goto fail;
- }
- iov[2].iov_len = name_len((unsigned char *)iov[2].iov_base,
- talloc_get_size(iov[2].iov_base));
-
- /* send a session request (RFC 1002) */
- /* setup the packet length
- * Remove four bytes from the length count, since the length
- * field in the NBT Session Service header counts the number
- * of bytes which follow. The cli_send_smb() function knows
- * about this and accounts for those four bytes.
- * CRH.
- */
-
- _smb_setlen(len_buf, iov[1].iov_len + iov[2].iov_len);
- SCVAL(len_buf,0,0x81);
-
- len = write_data_iov(cli->fd, iov, 3);
- if (len == -1) {
- goto fail;
- }
- len = read_smb(cli->fd, talloc_tos(), &inbuf, &err);
- if (len == -1) {
- errno = err;
- goto fail;
- }
-
- if (CVAL(inbuf,0) == 0x84) {
- /* C. Hoch 9/14/95 Start */
- /* For information, here is the response structure.
- * We do the byte-twiddling to for portability.
- struct RetargetResponse{
- unsigned char type;
- unsigned char flags;
- int16 length;
- int32 ip_addr;
- int16 port;
- };
- */
- uint16_t port = (CVAL(inbuf,8)<<8)+CVAL(inbuf,9);
- struct in_addr dest_ip;
- NTSTATUS status;
-
- /* SESSION RETARGET */
- putip((char *)&dest_ip,inbuf+4);
- in_addr_to_sockaddr_storage(&cli->dest_ss, dest_ip);
-
- status = open_socket_out(&cli->dest_ss, port,
- LONG_CONNECT_TIMEOUT, &cli->fd);
- if (!NT_STATUS_IS_OK(status)) {
- goto fail;
- }
-
- DEBUG(3,("Retargeted\n"));
-
- set_socket_options(cli->fd, lp_socket_options());
-
- /* Try again */
- {
- static int depth;
- if (depth > 4) {
- DEBUG(0,("Retarget recursion - failing\n"));
- goto fail;
- }
- depth++;
- ret = cli_session_request(cli, calling, called);
- depth--;
- goto done;
- }
- } /* C. Hoch 9/14/95 End */
-
- if (CVAL(inbuf,0) != 0x82) {
- /* This is the wrong place to put the error... JRA. */
- cli->rap_error = CVAL(inbuf,4);
- goto fail;
- }
-done:
- ret = true;
-fail:
- err = errno;
- TALLOC_FREE(frame);
- errno = err;
- return ret;
-}
-
-struct fd_struct {
- int fd;
-};
-
-static void smb_sock_connected(struct tevent_req *req)
-{
- struct fd_struct *pfd = tevent_req_callback_data(
- req, struct fd_struct);
- int fd;
- NTSTATUS status;
-
- status = open_socket_out_defer_recv(req, &fd);
- if (NT_STATUS_IS_OK(status)) {
- pfd->fd = fd;
- }
-}
-
-static NTSTATUS open_smb_socket(const struct sockaddr_storage *pss,
- uint16_t *port, int timeout, int *pfd)
-{
- struct event_context *ev;
- struct tevent_req *r139, *r445;
- struct fd_struct *fd139, *fd445;
- NTSTATUS status = NT_STATUS_NO_MEMORY;
-
- if (*port != 0) {
- return open_socket_out(pss, *port, timeout, pfd);
- }
-
- ev = event_context_init(talloc_tos());
- if (ev == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
-
- fd139 = talloc(ev, struct fd_struct);
- if (fd139 == NULL) {
- goto done;
- }
- fd139->fd = -1;
-
- fd445 = talloc(ev, struct fd_struct);
- if (fd445 == NULL) {
- goto done;
- }
- fd445->fd = -1;
-
- r445 = open_socket_out_defer_send(ev, ev, timeval_set(0, 0),
- pss, 445, timeout);
- r139 = open_socket_out_defer_send(ev, ev, timeval_set(0, 3000),
- pss, 139, timeout);
- if ((r445 == NULL) || (r139 == NULL)) {
- goto done;
- }
- tevent_req_set_callback(r445, smb_sock_connected, fd445);
- tevent_req_set_callback(r139, smb_sock_connected, fd139);
-
- while ((fd445->fd == -1) && (fd139->fd == -1)
- && (tevent_req_is_in_progress(r139)
- || tevent_req_is_in_progress(r445))) {
- event_loop_once(ev);
- }
-
- if ((fd139->fd != -1) && (fd445->fd != -1)) {
- close(fd139->fd);
- fd139->fd = -1;
- }
-
- if (fd445->fd != -1) {
- *port = 445;
- *pfd = fd445->fd;
- status = NT_STATUS_OK;
- goto done;
- }
- if (fd139->fd != -1) {
- *port = 139;
- *pfd = fd139->fd;
- status = NT_STATUS_OK;
- goto done;
- }
-
- status = open_socket_out_defer_recv(r445, &fd445->fd);
- done:
- TALLOC_FREE(ev);
- return status;
-}
-
-/****************************************************************************
- Open the client sockets.
-****************************************************************************/
-
-NTSTATUS cli_connect(struct cli_state *cli,
- const char *host,
- struct sockaddr_storage *dest_ss)
-
-{
- int name_type = 0x20;
- TALLOC_CTX *frame = talloc_stackframe();
- unsigned int num_addrs = 0;
- unsigned int i = 0;
- struct sockaddr_storage *ss_arr = NULL;
- char *p = NULL;
-
- /* reasonable default hostname */
- if (!host) {
- host = STAR_SMBSERVER;
- }
-
- cli->desthost = talloc_strdup(cli, host);
- if (cli->desthost == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
-
- /* allow hostnames of the form NAME#xx and do a netbios lookup */
- if ((p = strchr(cli->desthost, '#'))) {
- name_type = strtol(p+1, NULL, 16);
- *p = 0;
- }
-
- if (!dest_ss || is_zero_addr(dest_ss)) {
- NTSTATUS status =resolve_name_list(frame,
- cli->desthost,
- name_type,
- &ss_arr,
- &num_addrs);
- if (!NT_STATUS_IS_OK(status)) {
- TALLOC_FREE(frame);
- return NT_STATUS_BAD_NETWORK_NAME;
- }
- } else {
- num_addrs = 1;
- ss_arr = TALLOC_P(frame, struct sockaddr_storage);
- if (!ss_arr) {
- TALLOC_FREE(frame);
- return NT_STATUS_NO_MEMORY;
- }
- *ss_arr = *dest_ss;
- }
-
- for (i = 0; i < num_addrs; i++) {
- cli->dest_ss = ss_arr[i];
- if (getenv("LIBSMB_PROG")) {
- cli->fd = sock_exec(getenv("LIBSMB_PROG"));
- } else {
- uint16_t port = cli->port;
- NTSTATUS status;
- status = open_smb_socket(&cli->dest_ss, &port,
- cli->timeout, &cli->fd);
- if (NT_STATUS_IS_OK(status)) {
- cli->port = port;
- }
- }
- if (cli->fd == -1) {
- char addr[INET6_ADDRSTRLEN];
- print_sockaddr(addr, sizeof(addr), &ss_arr[i]);
- DEBUG(2,("Error connecting to %s (%s)\n",
- dest_ss?addr:host,strerror(errno)));
- } else {
- /* Exit from loop on first connection. */
- break;
- }
- }
-
- if (cli->fd == -1) {
- TALLOC_FREE(frame);
- return map_nt_error_from_unix(errno);
- }
-
- if (dest_ss) {
- *dest_ss = cli->dest_ss;
- }
-
- set_socket_options(cli->fd, lp_socket_options());
-
- TALLOC_FREE(frame);
- return NT_STATUS_OK;
-}
-
static NTSTATUS cli_connect_sock(const char *host, int name_type,
const struct sockaddr_storage *pss,
const char *myname, uint16_t port,
diff --git a/source3/libsmb/libsmb_server.c b/source3/libsmb/libsmb_server.c
index 45be660..80faaed 100644
--- a/source3/libsmb/libsmb_server.c
+++ b/source3/libsmb/libsmb_server.c
@@ -247,19 +247,13 @@ SMBC_server_internal(TALLOC_CTX *ctx,
SMBCSRV *srv=NULL;
char *workgroup = NULL;
struct cli_state *c;
- struct nmb_name called, calling;
const char *server_n = server;
- struct sockaddr_storage ss;
- int tried_reverse = 0;
- int port_try_first;
- int port_try_next;
int is_ipc = (share != NULL && strcmp(share, "IPC$") == 0);
uint32 fs_attrs = 0;
const char *username_used;
NTSTATUS status;
char *newserver, *newshare;
- zero_sockaddr(&ss);
ZERO_STRUCT(c);
*in_cache = false;
@@ -393,20 +387,32 @@ SMBC_server_internal(TALLOC_CTX *ctx,
return NULL;
}
- make_nmb_name(&calling, smbc_getNetbiosName(context), 0x0);
- make_nmb_name(&called , server, 0x20);
-
DEBUG(4,("SMBC_server: server_n=[%s] server=[%s]\n", server_n, server));
DEBUG(4,(" -> server_n=[%s] server=[%s]\n", server_n, server));
-again:
+ status = NT_STATUS_UNSUCCESSFUL;
- zero_sockaddr(&ss);
+ if (share == NULL || *share == '\0' || is_ipc) {
+ /*
+ * Try 139 first for IPC$
+ */
+ status = cli_connect_nb(server_n, NULL, 139, 0x20,
+ smbc_getNetbiosName(context),
+ Undefined, &c);
+ }
- /* have to open a new connection */
- if ((c = cli_initialise()) == NULL) {
- errno = ENOMEM;
+ if (!NT_STATUS_IS_OK(status)) {
+ /*
+ * No IPC$ or 139 did not work
+ */
+ status = cli_connect_nb(server_n, NULL, 0, 0x20,
+ smbc_getNetbiosName(context),
+ Undefined, &c);
+ }
+
+ if (!NT_STATUS_IS_OK(status)) {
+ errno = map_errno_from_nt_status(status);
return NULL;
}
@@ -424,73 +430,6 @@ again:
c->timeout = smbc_getTimeout(context);
- /*
- * Force use of port 139 for first try if share is $IPC, empty, or
- * null, so browse lists can work
- */
- if (share == NULL || *share == '\0' || is_ipc) {
- port_try_first = 139;
- port_try_next = 445;
- } else {
- port_try_first = 445;
- port_try_next = 139;
- }
-
- c->port = port_try_first;
-
- status = cli_connect(c, server_n, &ss);
- if (!NT_STATUS_IS_OK(status)) {
-
- /* First connection attempt failed. Try alternate port. */
- c->port = port_try_next;
-
- status = cli_connect(c, server_n, &ss);
- if (!NT_STATUS_IS_OK(status)) {
- cli_shutdown(c);
- errno = ETIMEDOUT;
- return NULL;
- }
- }
-
- if (!cli_session_request(c, &calling, &called)) {
- cli_shutdown(c);
- if (strcmp(called.name, "*SMBSERVER")) {
- make_nmb_name(&called , "*SMBSERVER", 0x20);
- goto again;
- } else { /* Try one more time, but ensure we don't loop */
-
- /* Only try this if server is an IP address ... */
-
- if (is_ipaddress(server) && !tried_reverse) {
- fstring remote_name;
- struct sockaddr_storage rem_ss;
-
- if (!interpret_string_addr(&rem_ss, server,
- NI_NUMERICHOST)) {
- DEBUG(4, ("Could not convert IP address
"
- "%s to struct
sockaddr_storage\n",
- server));
- errno = ETIMEDOUT;
- return NULL;
- }
-
- tried_reverse++; /* Yuck */
-
- if (name_status_find("*", 0, 0,
- &rem_ss, remote_name)) {
- make_nmb_name(&called,
- remote_name,
- 0x20);
- goto again;
- }
- }
- }
- errno = ETIMEDOUT;
- return NULL;
- }
-
- DEBUG(4,(" session request ok\n"));
-
status = cli_negprot(c);
if (!NT_STATUS_IS_OK(status)) {
diff --git a/source3/libsmb/proto.h b/source3/libsmb/proto.h
index 2eb6374..37a928e 100644
--- a/source3/libsmb/proto.h
+++ b/source3/libsmb/proto.h
@@ -68,11 +68,6 @@ struct tevent_req *cli_negprot_send(TALLOC_CTX *mem_ctx,
struct event_context *ev,
struct cli_state *cli);
NTSTATUS cli_negprot_recv(struct tevent_req *req);
-bool cli_session_request(struct cli_state *cli,
- struct nmb_name *calling, struct nmb_name *called);
-NTSTATUS cli_connect(struct cli_state *cli,
- const char *host,
- struct sockaddr_storage *dest_ss);
NTSTATUS cli_connect_nb(const char *host, struct sockaddr_storage *pss,
uint16_t port, int name_type, const char *myname,
int signing_state, struct cli_state **pcli);
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index 962ea7f..fda3be1 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -60,6 +60,7 @@ tests=[ "FDPASS", "LOCK1", "LOCK2", "LOCK3", "LOCK4",
"LOCK5", "LOCK6", "LOCK7",
"GETADDRINFO", "POSIX", "UID-REGRESSION-TEST", "SHORTNAME-TEST",
"LOCAL-BASE64", "LOCAL-GENCACHE", "POSIX-APPEND",
"CASE-INSENSITIVE-CREATE",
+ "BAD-NBT-SESSION",
"LOCAL-string_to_sid", "LOCAL-CONVERT-STRING" ]
for t in tests:
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 31f596c..61e3a7e 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -491,6 +491,13 @@ static bool netbios_session_retarget(struct
smbd_server_connection *sconn,
return ret;
}
+static void reply_called_name_not_present(char *outbuf)
+{
+ smb_setlen(outbuf, 1);
+ SCVAL(outbuf, 0, 0x83);
+ SCVAL(outbuf, 4, 0x82);
+}
+
/****************************************************************************
--
Samba Shared Repository
