1 /* 2 * Copyright (c) 2000, Boris Popov 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by Boris Popov. 16 * 4. Neither the name of the author nor the names of any co-contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * $Id: ctx.c,v 1.32.70.2 2005/06/02 00:55:40 lindak Exp $ 33 */ 34 35 /* 36 * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved. 37 */ 38 39 #include <sys/param.h> 40 #include <sys/ioctl.h> 41 #include <sys/time.h> 42 #include <sys/mount.h> 43 #include <sys/types.h> 44 #include <sys/byteorder.h> 45 46 #include <fcntl.h> 47 #include <ctype.h> 48 #include <errno.h> 49 #include <stdio.h> 50 #include <string.h> 51 #include <strings.h> 52 #include <stdlib.h> 53 #include <pwd.h> 54 #include <grp.h> 55 #include <unistd.h> 56 #include <libintl.h> 57 #include <assert.h> 58 #include <nss_dbdefs.h> 59 60 #include <cflib.h> 61 #include <netsmb/smb_lib.h> 62 #include <netsmb/netbios.h> 63 #include <netsmb/nb_lib.h> 64 #include <netsmb/smb_dev.h> 65 66 #include "charsets.h" 67 #include "spnego.h" 68 #include "derparse.h" 69 #include "private.h" 70 #include "ntlm.h" 71 72 #ifndef FALSE 73 #define FALSE 0 74 #endif 75 #ifndef TRUE 76 #define TRUE 1 77 #endif 78 79 struct nv { 80 char *name; 81 int value; 82 }; 83 84 /* These two may be set by commands. */ 85 int smb_debug, smb_verbose; 86 87 /* 88 * Was: STDPARAM_OPT - see smb_ctx_scan_argv, smb_ctx_opt 89 */ 90 const char smbutil_std_opts[] = "ABCD:E:I:L:M:NO:P:U:R:S:T:W:"; 91 92 /* 93 * Give the RPC library a callback hook that will be 94 * called whenever we destroy or reinit an smb_ctx_t. 95 * The name rpc_cleanup_smbctx() is legacy, and was 96 * originally a direct call into the RPC code. 97 */ 98 static smb_ctx_close_hook_t close_hook; 99 static void 100 rpc_cleanup_smbctx(struct smb_ctx *ctx) 101 { 102 if (close_hook) 103 (*close_hook)(ctx); 104 } 105 void 106 smb_ctx_set_close_hook(smb_ctx_close_hook_t hook) 107 { 108 close_hook = hook; 109 } 110 111 void 112 dump_ctx_flags(int flags) 113 { 114 printf(" Flags: "); 115 if (flags == 0) 116 printf("0"); 117 if (flags & SMBCF_NOPWD) 118 printf("NOPWD "); 119 if (flags & SMBCF_SRIGHTS) 120 printf("SRIGHTS "); 121 if (flags & SMBCF_LOCALE) 122 printf("LOCALE "); 123 if (flags & SMBCF_CMD_DOM) 124 printf("CMD_DOM "); 125 if (flags & SMBCF_CMD_USR) 126 printf("CMD_USR "); 127 if (flags & SMBCF_CMD_PW) 128 printf("CMD_PW "); 129 if (flags & SMBCF_RESOLVED) 130 printf("RESOLVED "); 131 if (flags & SMBCF_KCBAD) 132 printf("KCBAD "); 133 if (flags & SMBCF_KCFOUND) 134 printf("KCFOUND "); 135 if (flags & SMBCF_BROWSEOK) 136 printf("BROWSEOK "); 137 if (flags & SMBCF_AUTHREQ) 138 printf("AUTHREQ "); 139 if (flags & SMBCF_KCSAVE) 140 printf("KCSAVE "); 141 if (flags & SMBCF_XXX) 142 printf("XXX "); 143 if (flags & SMBCF_SSNACTIVE) 144 printf("SSNACTIVE "); 145 if (flags & SMBCF_KCDOMAIN) 146 printf("KCDOMAIN "); 147 printf("\n"); 148 } 149 150 void 151 dump_iod_ssn(smb_iod_ssn_t *is) 152 { 153 static const char zeros[NTLM_HASH_SZ] = {0}; 154 struct smbioc_ossn *ssn = &is->iod_ossn; 155 156 printf(" ct_srvname=\"%s\", ", ssn->ssn_srvname); 157 dump_sockaddr(&ssn->ssn_srvaddr.sa); 158 printf(" dom=\"%s\", user=\"%s\"\n", 159 ssn->ssn_domain, ssn->ssn_user); 160 printf(" ct_vopt=0x%x, ct_owner=%d\n", 161 ssn->ssn_vopt, ssn->ssn_owner); 162 printf(" ct_authflags=0x%x\n", is->iod_authflags); 163 164 printf(" ct_nthash:"); 165 if (bcmp(zeros, &is->iod_nthash, NTLM_HASH_SZ)) 166 smb_hexdump(&is->iod_nthash, NTLM_HASH_SZ); 167 else 168 printf(" {0}\n"); 169 170 printf(" ct_lmhash:"); 171 if (bcmp(zeros, &is->iod_lmhash, NTLM_HASH_SZ)) 172 smb_hexdump(&is->iod_lmhash, NTLM_HASH_SZ); 173 else 174 printf(" {0}\n"); 175 } 176 177 void 178 dump_ctx(char *where, struct smb_ctx *ctx) 179 { 180 printf("context %s:\n", where); 181 dump_ctx_flags(ctx->ct_flags); 182 183 if (ctx->ct_locname) 184 printf(" localname=\"%s\"", ctx->ct_locname); 185 else 186 printf(" localname=NULL"); 187 188 if (ctx->ct_fullserver) 189 printf(" fullserver=\"%s\"", ctx->ct_fullserver); 190 else 191 printf(" fullserver=NULL"); 192 193 if (ctx->ct_srvaddr_s) 194 printf(" srvaddr_s=\"%s\"\n", ctx->ct_srvaddr_s); 195 else 196 printf(" srvaddr_s=NULL\n"); 197 198 if (ctx->ct_addrinfo) 199 dump_addrinfo(ctx->ct_addrinfo); 200 else 201 printf(" ct_addrinfo = NULL\n"); 202 203 dump_iod_ssn(&ctx->ct_iod_ssn); 204 205 printf(" share_name=\"%s\", share_type=%d\n", 206 ctx->ct_origshare ? ctx->ct_origshare : "", 207 ctx->ct_shtype_req); 208 209 /* dump_iod_work()? */ 210 } 211 212 int 213 smb_ctx_alloc(struct smb_ctx **ctx_pp) 214 { 215 smb_ctx_t *ctx; 216 int err; 217 218 ctx = malloc(sizeof (*ctx)); 219 if (ctx == NULL) 220 return (ENOMEM); 221 err = smb_ctx_init(ctx); 222 if (err != 0) { 223 free(ctx); 224 return (err); 225 } 226 *ctx_pp = ctx; 227 return (0); 228 } 229 230 /* 231 * Initialize an smb_ctx struct (defaults) 232 */ 233 int 234 smb_ctx_init(struct smb_ctx *ctx) 235 { 236 char pwbuf[NSS_BUFLEN_PASSWD]; 237 struct passwd pw; 238 int error = 0; 239 240 bzero(ctx, sizeof (*ctx)); 241 242 error = nb_ctx_create(&ctx->ct_nb); 243 if (error) 244 return (error); 245 246 ctx->ct_dev_fd = -1; 247 ctx->ct_door_fd = -1; 248 ctx->ct_tran_fd = -1; 249 ctx->ct_parsedlevel = SMBL_NONE; 250 ctx->ct_minlevel = SMBL_NONE; 251 ctx->ct_maxlevel = SMBL_PATH; 252 253 /* Fill in defaults */ 254 ctx->ct_vopt = SMBVOPT_EXT_SEC; 255 ctx->ct_owner = SMBM_ANY_OWNER; 256 ctx->ct_authflags = SMB_AT_DEFAULT; 257 ctx->ct_minauth = SMB_AT_DEFAULT; 258 259 error = nb_ctx_setscope(ctx->ct_nb, ""); 260 if (error) 261 return (error); 262 263 /* 264 * if the user name is not specified some other way, 265 * use the current user name (built-in default) 266 */ 267 if (getpwuid_r(getuid(), &pw, pwbuf, sizeof (pwbuf)) != NULL) { 268 error = smb_ctx_setuser(ctx, pw.pw_name, 0); 269 if (error) 270 return (error); 271 ctx->ct_home = strdup(pw.pw_name); 272 if (ctx->ct_home == NULL) 273 return (ENOMEM); 274 } 275 276 /* 277 * Set a built-in default domain (workgroup). 278 * Using the Windows/NT default for now. 279 */ 280 error = smb_ctx_setdomain(ctx, "WORKGROUP", 0); 281 if (error) 282 return (error); 283 284 return (error); 285 } 286 287 /* 288 * "Scan" the command line args to find the server name, 289 * user name, and share name, as needed. We need these 290 * before reading the RC files and/or sharectl values. 291 * 292 * The sequence for getting all the members filled in 293 * has some tricky aspects. Here's how it works: 294 * 295 * The search order for options is as follows: 296 * command line options 297 * values parsed from UNC path (cmd) 298 * values from RC file (per-user) 299 * values from SMF (system-wide) 300 * built-in defaults 301 * 302 * Normally, one would simply get all the values starting with 303 * the bottom of the above list and working to the top, and 304 * overwriting values as you go. But we need an exception. 305 * 306 * In this function, we parse the UNC path and command line options, 307 * because we need (at least) the server name when we're getting the 308 * SMF and RC file values. However, values we get from the command 309 * should not be overwritten by SMF or RC file parsing, so we mark 310 * values from the command as "from CMD" and the RC file parser 311 * leaves in place any values so marked. See: SMBCF_CMD_* 312 * 313 * The semantics of these flags are: "This value came from the 314 * current command instance, not from sources that may apply to 315 * multiple commands." (Different from the old "FROMUSR" flag.) 316 * 317 * Note that smb_ctx_opt() is called later to handle the 318 * remaining options, which should be ignored here. 319 * The (magic) leading ":" in cf_getopt() makes it 320 * ignore options not in the options string. 321 */ 322 int 323 smb_ctx_scan_argv(struct smb_ctx *ctx, int argc, char **argv, 324 int minlevel, int maxlevel, int sharetype) 325 { 326 int ind, opt, error = 0; 327 int aflg = 0, uflg = 0; 328 const char *arg; 329 330 /* 331 * Parse options, if any. Values from here too 332 * are marked as "from CMD". 333 */ 334 if (argv == NULL) 335 return (0); 336 337 ctx->ct_minlevel = minlevel; 338 ctx->ct_maxlevel = maxlevel; 339 ctx->ct_shtype_req = sharetype; 340 341 cf_opt_lock(); 342 /* Careful: no return/goto before cf_opt_unlock! */ 343 while (error == 0) { 344 opt = cf_getopt(argc, argv, STDPARAM_OPT); 345 if (opt == -1) 346 break; 347 arg = cf_optarg; 348 /* NB: handle most in smb_ctx_opt */ 349 switch (opt) { 350 case 'A': 351 aflg = 1; 352 error = smb_ctx_setuser(ctx, "", TRUE); 353 ctx->ct_flags |= SMBCF_NOPWD; 354 break; 355 case 'U': 356 uflg = 1; 357 error = smb_ctx_setuser(ctx, arg, TRUE); 358 break; 359 default: 360 DPRINT("skip opt=%c", opt); 361 break; 362 } 363 } 364 ind = cf_optind; 365 arg = argv[ind]; 366 cf_optind = cf_optreset = 1; 367 cf_opt_unlock(); 368 369 if (error) 370 return (error); 371 372 if (aflg && uflg) { 373 printf(gettext("-A and -U flags are exclusive.\n")); 374 return (EINVAL); 375 } 376 377 /* 378 * Parse the UNC path. Values from here are 379 * marked as "from CMD". 380 */ 381 for (; ind < argc; ind++) { 382 arg = argv[ind]; 383 if (strncmp(arg, "//", 2) != 0) 384 continue; 385 error = smb_ctx_parseunc(ctx, arg, 386 minlevel, maxlevel, sharetype, &arg); 387 if (error) 388 return (error); 389 break; 390 } 391 392 return (error); 393 } 394 395 void 396 smb_ctx_free(smb_ctx_t *ctx) 397 { 398 smb_ctx_done(ctx); 399 free(ctx); 400 } 401 402 void 403 smb_ctx_done(struct smb_ctx *ctx) 404 { 405 406 rpc_cleanup_smbctx(ctx); 407 408 if (ctx->ct_dev_fd != -1) { 409 close(ctx->ct_dev_fd); 410 ctx->ct_dev_fd = -1; 411 } 412 if (ctx->ct_door_fd != -1) { 413 close(ctx->ct_door_fd); 414 ctx->ct_door_fd = -1; 415 } 416 if (ctx->ct_tran_fd != -1) { 417 close(ctx->ct_tran_fd); 418 ctx->ct_tran_fd = -1; 419 } 420 if (ctx->ct_srvaddr_s) { 421 free(ctx->ct_srvaddr_s); 422 ctx->ct_srvaddr_s = NULL; 423 } 424 if (ctx->ct_nb) { 425 nb_ctx_done(ctx->ct_nb); 426 ctx->ct_nb = NULL; 427 } 428 if (ctx->ct_locname) { 429 free(ctx->ct_locname); 430 ctx->ct_locname = NULL; 431 } 432 if (ctx->ct_origshare) { 433 free(ctx->ct_origshare); 434 ctx->ct_origshare = NULL; 435 } 436 if (ctx->ct_fullserver) { 437 free(ctx->ct_fullserver); 438 ctx->ct_fullserver = NULL; 439 } 440 if (ctx->ct_addrinfo) { 441 freeaddrinfo(ctx->ct_addrinfo); 442 ctx->ct_addrinfo = NULL; 443 } 444 if (ctx->ct_home) 445 free(ctx->ct_home); 446 if (ctx->ct_srv_OS) { 447 free(ctx->ct_srv_OS); 448 ctx->ct_srv_OS = NULL; 449 } 450 if (ctx->ct_srv_LM) { 451 free(ctx->ct_srv_LM); 452 ctx->ct_srv_LM = NULL; 453 } 454 if (ctx->ct_mackey) { 455 free(ctx->ct_mackey); 456 ctx->ct_mackey = NULL; 457 } 458 } 459 460 static int 461 getsubstring(const char *p, uchar_t sep, char *dest, int maxlen, 462 const char **next) 463 { 464 int len; 465 466 maxlen--; 467 for (len = 0; len < maxlen && *p != sep; p++, len++, dest++) { 468 if (*p == 0) 469 return (EINVAL); 470 *dest = *p; 471 } 472 *dest = 0; 473 *next = *p ? p + 1 : p; 474 return (0); 475 } 476 477 /* 478 * Parse the UNC path. Here we expect something like 479 * "//[workgroup;][user[:password]@]host[/share[/path]]" 480 * See http://ietf.org/internet-drafts/draft-crhertel-smb-url-07.txt 481 * Values found here are marked as "from CMD". 482 */ 483 int 484 smb_ctx_parseunc(struct smb_ctx *ctx, const char *unc, 485 int minlevel, int maxlevel, int sharetype, 486 const char **next) 487 { 488 const char *p = unc; 489 char *p1, *colon; 490 char tmp[1024]; 491 int error; 492 493 /* 494 * This may be called outside of _scan_argv, 495 * so make sure these get initialized. 496 */ 497 ctx->ct_minlevel = minlevel; 498 ctx->ct_maxlevel = maxlevel; 499 ctx->ct_shtype_req = sharetype; 500 501 ctx->ct_parsedlevel = SMBL_NONE; 502 if (*p++ != '/' || *p++ != '/') { 503 smb_error(dgettext(TEXT_DOMAIN, 504 "UNC should start with '//'"), 0); 505 error = EINVAL; 506 goto out; 507 } 508 p1 = tmp; 509 error = getsubstring(p, ';', p1, sizeof (tmp), &p); 510 if (!error) { 511 if (*p1 == 0) { 512 smb_error(dgettext(TEXT_DOMAIN, 513 "empty workgroup name"), 0); 514 error = EINVAL; 515 goto out; 516 } 517 error = smb_ctx_setdomain(ctx, unpercent(tmp), TRUE); 518 if (error) 519 goto out; 520 } 521 colon = (char *)p; 522 error = getsubstring(p, '@', p1, sizeof (tmp), &p); 523 if (!error) { 524 if (ctx->ct_maxlevel < SMBL_VC) { 525 smb_error(dgettext(TEXT_DOMAIN, 526 "no user name required"), 0); 527 error = EINVAL; 528 goto out; 529 } 530 p1 = strchr(tmp, ':'); 531 if (p1) { 532 colon += p1 - tmp; 533 *p1++ = (char)0; 534 error = smb_ctx_setpassword(ctx, unpercent(p1), TRUE); 535 if (error) 536 goto out; 537 if (p - colon > 2) 538 memset(colon+1, '*', p - colon - 2); 539 } 540 p1 = tmp; 541 if (*p1 == 0) { 542 smb_error(dgettext(TEXT_DOMAIN, 543 "empty user name"), 0); 544 error = EINVAL; 545 goto out; 546 } 547 error = smb_ctx_setuser(ctx, unpercent(tmp), TRUE); 548 if (error) 549 goto out; 550 ctx->ct_parsedlevel = SMBL_VC; 551 } 552 error = getsubstring(p, '/', p1, sizeof (tmp), &p); 553 if (error) { 554 error = getsubstring(p, '\0', p1, sizeof (tmp), &p); 555 if (error) { 556 smb_error(dgettext(TEXT_DOMAIN, 557 "no server name found"), 0); 558 goto out; 559 } 560 } 561 if (*p1 == 0) { 562 smb_error(dgettext(TEXT_DOMAIN, "empty server name"), 0); 563 error = EINVAL; 564 goto out; 565 } 566 567 /* 568 * Save ct_fullserver without case conversion. 569 */ 570 if (strchr(tmp, '%')) 571 (void) unpercent(tmp); 572 error = smb_ctx_setfullserver(ctx, tmp); 573 if (error) 574 goto out; 575 576 #ifdef SMB_ST_NONE 577 if (sharetype == SMB_ST_NONE) { 578 if (next) 579 *next = p; 580 error = 0; 581 goto out; 582 } 583 #endif 584 585 if (*p != 0 && ctx->ct_maxlevel < SMBL_SHARE) { 586 smb_error(dgettext(TEXT_DOMAIN, "no share name required"), 0); 587 error = EINVAL; 588 goto out; 589 } 590 error = getsubstring(p, '/', p1, sizeof (tmp), &p); 591 if (error) { 592 error = getsubstring(p, '\0', p1, sizeof (tmp), &p); 593 if (error) { 594 smb_error(dgettext(TEXT_DOMAIN, 595 "unexpected end of line"), 0); 596 goto out; 597 } 598 } 599 if (*p1 == 0 && ctx->ct_minlevel >= SMBL_SHARE && 600 !(ctx->ct_flags & SMBCF_BROWSEOK)) { 601 smb_error(dgettext(TEXT_DOMAIN, "empty share name"), 0); 602 error = EINVAL; 603 goto out; 604 } 605 if (next) 606 *next = p; 607 if (*p1 == 0) { 608 error = 0; 609 goto out; 610 } 611 error = smb_ctx_setshare(ctx, unpercent(p1), sharetype); 612 613 out: 614 if (error == 0 && smb_debug > 0) 615 dump_ctx("after smb_ctx_parseunc", ctx); 616 617 return (error); 618 } 619 620 #ifdef KICONV_SUPPORT 621 int 622 smb_ctx_setcharset(struct smb_ctx *ctx, const char *arg) 623 { 624 char *cp, *servercs, *localcs; 625 int cslen = sizeof (ctx->ct_ssn.ioc_localcs); 626 int scslen, lcslen, error; 627 628 cp = strchr(arg, ':'); 629 lcslen = cp ? (cp - arg) : 0; 630 if (lcslen == 0 || lcslen >= cslen) { 631 smb_error(dgettext(TEXT_DOMAIN, 632 "invalid local charset specification (%s)"), 0, arg); 633 return (EINVAL); 634 } 635 scslen = (size_t)strlen(++cp); 636 if (scslen == 0 || scslen >= cslen) { 637 smb_error(dgettext(TEXT_DOMAIN, 638 "invalid server charset specification (%s)"), 0, arg); 639 return (EINVAL); 640 } 641 localcs = memcpy(ctx->ct_ssn.ioc_localcs, arg, lcslen); 642 localcs[lcslen] = 0; 643 servercs = strcpy(ctx->ct_ssn.ioc_servercs, cp); 644 error = nls_setrecode(localcs, servercs); 645 if (error == 0) 646 return (0); 647 smb_error(dgettext(TEXT_DOMAIN, 648 "can't initialize iconv support (%s:%s)"), 649 error, localcs, servercs); 650 localcs[0] = 0; 651 servercs[0] = 0; 652 return (error); 653 } 654 #endif /* KICONV_SUPPORT */ 655 656 int 657 smb_ctx_setauthflags(struct smb_ctx *ctx, int flags) 658 { 659 ctx->ct_authflags = flags; 660 return (0); 661 } 662 663 int 664 smb_ctx_setfullserver(struct smb_ctx *ctx, const char *name) 665 { 666 char *p = strdup(name); 667 668 if (p == NULL) 669 return (ENOMEM); 670 if (ctx->ct_fullserver) 671 free(ctx->ct_fullserver); 672 ctx->ct_fullserver = p; 673 return (0); 674 } 675 676 int 677 smb_ctx_setserver(struct smb_ctx *ctx, const char *name) 678 { 679 strlcpy(ctx->ct_srvname, name, 680 sizeof (ctx->ct_srvname)); 681 return (0); 682 } 683 684 int 685 smb_ctx_setuser(struct smb_ctx *ctx, const char *name, int from_cmd) 686 { 687 688 if (strlen(name) >= sizeof (ctx->ct_user)) { 689 smb_error(dgettext(TEXT_DOMAIN, 690 "user name '%s' too long"), 0, name); 691 return (ENAMETOOLONG); 692 } 693 694 /* 695 * Don't overwrite a value from the command line 696 * with one from anywhere else. 697 */ 698 if (!from_cmd && (ctx->ct_flags & SMBCF_CMD_USR)) 699 return (0); 700 701 strlcpy(ctx->ct_user, name, 702 sizeof (ctx->ct_user)); 703 704 /* Mark this as "from the command line". */ 705 if (from_cmd) 706 ctx->ct_flags |= SMBCF_CMD_USR; 707 708 return (0); 709 } 710 711 /* 712 * Don't overwrite a domain name from the 713 * command line with one from anywhere else. 714 * See smb_ctx_init() for notes about this. 715 */ 716 int 717 smb_ctx_setdomain(struct smb_ctx *ctx, const char *name, int from_cmd) 718 { 719 720 if (strlen(name) >= sizeof (ctx->ct_domain)) { 721 smb_error(dgettext(TEXT_DOMAIN, 722 "workgroup name '%s' too long"), 0, name); 723 return (ENAMETOOLONG); 724 } 725 726 /* 727 * Don't overwrite a value from the command line 728 * with one from anywhere else. 729 */ 730 if (!from_cmd && (ctx->ct_flags & SMBCF_CMD_DOM)) 731 return (0); 732 733 strlcpy(ctx->ct_domain, name, 734 sizeof (ctx->ct_domain)); 735 736 /* Mark this as "from the command line". */ 737 if (from_cmd) 738 ctx->ct_flags |= SMBCF_CMD_DOM; 739 740 return (0); 741 } 742 743 int 744 smb_ctx_setpassword(struct smb_ctx *ctx, const char *passwd, int from_cmd) 745 { 746 int err; 747 748 if (passwd == NULL) 749 return (EINVAL); 750 if (strlen(passwd) >= sizeof (ctx->ct_password)) { 751 smb_error(dgettext(TEXT_DOMAIN, "password too long"), 0); 752 return (ENAMETOOLONG); 753 } 754 755 /* 756 * If called again after comand line parsing, 757 * don't overwrite a value from the command line 758 * with one from any stored config. 759 */ 760 if (!from_cmd && (ctx->ct_flags & SMBCF_CMD_PW)) 761 return (0); 762 763 memset(ctx->ct_password, 0, sizeof (ctx->ct_password)); 764 if (strncmp(passwd, "$$1", 3) == 0) 765 (void) smb_simpledecrypt(ctx->ct_password, passwd); 766 else 767 strlcpy(ctx->ct_password, passwd, 768 sizeof (ctx->ct_password)); 769 770 /* 771 * Compute LM hash, NT hash. 772 */ 773 if (ctx->ct_password[0]) { 774 err = ntlm_compute_nt_hash(ctx->ct_nthash, ctx->ct_password); 775 if (err != 0) 776 return (err); 777 err = ntlm_compute_lm_hash(ctx->ct_lmhash, ctx->ct_password); 778 if (err != 0) 779 return (err); 780 } 781 782 /* Mark this as "from the command line". */ 783 if (from_cmd) 784 ctx->ct_flags |= SMBCF_CMD_PW; 785 786 return (0); 787 } 788 789 /* 790 * Use this to set NTLM auth. info (hashes) 791 * when we don't have the password. 792 */ 793 int 794 smb_ctx_setpwhash(smb_ctx_t *ctx, 795 const uchar_t *nthash, const uchar_t *lmhash) 796 { 797 798 /* Need ct_password to be non-null. */ 799 if (ctx->ct_password[0] == '\0') 800 strlcpy(ctx->ct_password, "$HASH", 801 sizeof (ctx->ct_password)); 802 803 /* 804 * Compute LM hash, NT hash. 805 */ 806 memcpy(ctx->ct_nthash, nthash, NTLM_HASH_SZ); 807 808 /* The LM hash is optional */ 809 if (lmhash) { 810 memcpy(ctx->ct_nthash, nthash, NTLM_HASH_SZ); 811 } 812 813 return (0); 814 } 815 816 int 817 smb_ctx_setshare(struct smb_ctx *ctx, const char *share, int stype) 818 { 819 if (strlen(share) >= SMBIOC_MAX_NAME) { 820 smb_error(dgettext(TEXT_DOMAIN, 821 "share name '%s' too long"), 0, share); 822 return (ENAMETOOLONG); 823 } 824 if (ctx->ct_origshare) 825 free(ctx->ct_origshare); 826 if ((ctx->ct_origshare = strdup(share)) == NULL) 827 return (ENOMEM); 828 829 ctx->ct_shtype_req = stype; 830 831 return (0); 832 } 833 834 int 835 smb_ctx_setsrvaddr(struct smb_ctx *ctx, const char *addr) 836 { 837 if (addr == NULL || addr[0] == 0) 838 return (EINVAL); 839 if (ctx->ct_srvaddr_s) 840 free(ctx->ct_srvaddr_s); 841 if ((ctx->ct_srvaddr_s = strdup(addr)) == NULL) 842 return (ENOMEM); 843 return (0); 844 } 845 846 /* 847 * API for library caller to set signing enabled, required 848 * Note: if not enable, ignore require 849 */ 850 int 851 smb_ctx_setsigning(struct smb_ctx *ctx, int enable, int require) 852 { 853 ctx->ct_vopt &= ~SMBVOPT_SIGNING_MASK; 854 if (enable) { 855 ctx->ct_vopt |= SMBVOPT_SIGNING_ENABLED; 856 if (require) 857 ctx->ct_vopt |= SMBVOPT_SIGNING_REQUIRED; 858 } 859 return (0); 860 } 861 862 static int 863 smb_parse_owner(char *pair, uid_t *uid, gid_t *gid) 864 { 865 struct group gr; 866 struct passwd pw; 867 char buf[NSS_BUFLEN_PASSWD]; 868 char *cp; 869 870 cp = strchr(pair, ':'); 871 if (cp) { 872 *cp++ = '\0'; 873 if (*cp && gid) { 874 if (getgrnam_r(cp, &gr, buf, sizeof (buf)) != NULL) { 875 *gid = gr.gr_gid; 876 } else 877 smb_error(dgettext(TEXT_DOMAIN, 878 "Invalid group name %s, ignored"), 0, cp); 879 } 880 } 881 if (*pair) { 882 if (getpwnam_r(pair, &pw, buf, sizeof (buf)) != NULL) { 883 *uid = pw.pw_uid; 884 } else 885 smb_error(dgettext(TEXT_DOMAIN, 886 "Invalid user name %s, ignored"), 0, pair); 887 } 888 889 return (0); 890 } 891 892 /* 893 * Suport a securty options arg, i.e. -S noext,lm,ntlm 894 * for testing various type of authenticators. 895 */ 896 static struct nv 897 sectype_table[] = { 898 /* noext - handled below */ 899 { "anon", SMB_AT_ANON }, 900 { "lm", SMB_AT_LM1 }, 901 { "ntlm", SMB_AT_NTLM1 }, 902 { "ntlm2", SMB_AT_NTLM2 }, 903 { "krb5", SMB_AT_KRB5 }, 904 { NULL, 0 }, 905 }; 906 int 907 smb_parse_secopts(struct smb_ctx *ctx, const char *arg) 908 { 909 const char *sep = ":;,"; 910 const char *p = arg; 911 struct nv *nv; 912 int nlen, tlen; 913 int authflags = 0; 914 915 for (;;) { 916 /* skip separators */ 917 tlen = strspn(p, sep); 918 p += tlen; 919 920 nlen = strcspn(p, sep); 921 if (nlen == 0) 922 break; 923 924 if (nlen == 5 && 0 == strncmp(p, "noext", nlen)) { 925 /* Don't offer extended security. */ 926 ctx->ct_vopt &= ~SMBVOPT_EXT_SEC; 927 p += nlen; 928 continue; 929 } 930 931 /* This is rarely called, so not optimized. */ 932 for (nv = sectype_table; nv->name; nv++) { 933 tlen = strlen(nv->name); 934 if (tlen == nlen && 0 == strncmp(p, nv->name, tlen)) 935 break; 936 } 937 if (nv->name == NULL) { 938 smb_error(dgettext(TEXT_DOMAIN, 939 "%s: invalid security options"), 0, p); 940 return (EINVAL); 941 } 942 authflags |= nv->value; 943 p += nlen; 944 } 945 946 if (authflags) 947 ctx->ct_authflags = authflags; 948 949 return (0); 950 } 951 952 /* 953 * Commands use this with getopt. See: 954 * STDPARAM_OPT, STDPARAM_ARGS 955 * Called after smb_ctx_readrc(). 956 */ 957 int 958 smb_ctx_opt(struct smb_ctx *ctx, int opt, const char *arg) 959 { 960 int error = 0; 961 char *p, *cp; 962 char tmp[1024]; 963 964 switch (opt) { 965 case 'A': 966 case 'U': 967 /* Handled in smb_ctx_init() */ 968 break; 969 case 'I': 970 error = smb_ctx_setsrvaddr(ctx, arg); 971 break; 972 case 'M': 973 /* share connect rights - ignored */ 974 ctx->ct_flags |= SMBCF_SRIGHTS; 975 break; 976 case 'N': 977 ctx->ct_flags |= SMBCF_NOPWD; 978 break; 979 case 'O': 980 p = strdup(arg); 981 cp = strchr(p, '/'); 982 if (cp) 983 *cp = '\0'; 984 error = smb_parse_owner(cp, &ctx->ct_owner, NULL); 985 free(p); 986 break; 987 case 'P': 988 /* ctx->ct_vopt |= SMBCOPT_PERMANENT; */ 989 break; 990 case 'R': 991 /* retry count - ignored */ 992 break; 993 case 'S': 994 /* Security options (undocumented, just for tests) */ 995 error = smb_parse_secopts(ctx, arg); 996 break; 997 case 'T': 998 /* timeout - ignored */ 999 break; 1000 case 'D': /* domain */ 1001 case 'W': /* workgroup (legacy alias) */ 1002 error = smb_ctx_setdomain(ctx, tmp, TRUE); 1003 break; 1004 } 1005 return (error); 1006 } 1007 1008 1009 /* 1010 * Original code injected iconv tables into the kernel. 1011 * Not sure if we'll need this or not... REVISIT 1012 */ 1013 #ifdef KICONV_SUPPORT 1014 static int 1015 smb_addiconvtbl(const char *to, const char *from, const uchar_t *tbl) 1016 { 1017 int error = 0; 1018 1019 error = kiconv_add_xlat_table(to, from, tbl); 1020 if (error && error != EEXIST) { 1021 smb_error(dgettext(TEXT_DOMAIN, 1022 "can not setup kernel iconv table (%s:%s)"), 1023 error, from, to); 1024 return (error); 1025 } 1026 return (error); 1027 } 1028 #endif /* KICONV_SUPPORT */ 1029 1030 /* 1031 * Verify context info. before connect operation(s), 1032 * lookup specified server and try to fill all forgotten fields. 1033 * Legacy name used by commands. 1034 */ 1035 int 1036 smb_ctx_resolve(struct smb_ctx *ctx) 1037 { 1038 struct smbioc_ossn *ssn = &ctx->ct_ssn; 1039 int error = 0; 1040 #ifdef KICONV_SUPPORT 1041 uchar_t cstbl[256]; 1042 uint_t i; 1043 #endif 1044 1045 if (smb_debug) 1046 dump_ctx("before smb_ctx_resolve", ctx); 1047 1048 ctx->ct_flags &= ~SMBCF_RESOLVED; 1049 1050 if (ctx->ct_fullserver == NULL) { 1051 smb_error(dgettext(TEXT_DOMAIN, 1052 "no server name specified"), 0); 1053 return (EINVAL); 1054 } 1055 1056 if (ctx->ct_minlevel >= SMBL_SHARE && 1057 ctx->ct_origshare == NULL) { 1058 smb_error(dgettext(TEXT_DOMAIN, 1059 "no share name specified for %s@%s"), 1060 0, ssn->ssn_user, ctx->ct_fullserver); 1061 return (EINVAL); 1062 } 1063 error = nb_ctx_resolve(ctx->ct_nb); 1064 if (error) 1065 return (error); 1066 #ifdef KICONV_SUPPORT 1067 if (ssn->ioc_localcs[0] == 0) 1068 strcpy(ssn->ioc_localcs, "default"); /* XXX: locale name ? */ 1069 error = smb_addiconvtbl("tolower", ssn->ioc_localcs, nls_lower); 1070 if (error) 1071 return (error); 1072 error = smb_addiconvtbl("toupper", ssn->ioc_localcs, nls_upper); 1073 if (error) 1074 return (error); 1075 if (ssn->ioc_servercs[0] != 0) { 1076 for (i = 0; i < sizeof (cstbl); i++) 1077 cstbl[i] = i; 1078 nls_mem_toext(cstbl, cstbl, sizeof (cstbl)); 1079 error = smb_addiconvtbl(ssn->ioc_servercs, ssn->ioc_localcs, 1080 cstbl); 1081 if (error) 1082 return (error); 1083 for (i = 0; i < sizeof (cstbl); i++) 1084 cstbl[i] = i; 1085 nls_mem_toloc(cstbl, cstbl, sizeof (cstbl)); 1086 error = smb_addiconvtbl(ssn->ioc_localcs, ssn->ioc_servercs, 1087 cstbl); 1088 if (error) 1089 return (error); 1090 } 1091 #endif /* KICONV_SUPPORT */ 1092 1093 /* 1094 * Lookup the IP address and fill in ct_addrinfo. 1095 * 1096 * Note: smb_ctx_getaddr() returns a EAI_xxx 1097 * error value like getaddrinfo(3), but this 1098 * function needs to return an errno value. 1099 */ 1100 error = smb_ctx_getaddr(ctx); 1101 if (error) { 1102 const char *ais = gai_strerror(error); 1103 smb_error(dgettext(TEXT_DOMAIN, 1104 "can't get server address, %s"), 0, ais); 1105 return (ENODATA); 1106 } 1107 assert(ctx->ct_addrinfo != NULL); 1108 1109 /* 1110 * If we have a user name but no password, 1111 * check for a keychain entry. 1112 * XXX: Only for auth NTLM? 1113 */ 1114 if (ctx->ct_user[0] == '\0') { 1115 /* 1116 * No user name (anonymous session). 1117 * The minauth checks do not apply. 1118 */ 1119 ctx->ct_authflags = SMB_AT_ANON; 1120 } else { 1121 /* 1122 * Have a user name. 1123 * If we don't have a p/w yet, 1124 * try the keychain. 1125 */ 1126 if (ctx->ct_password[0] == '\0') 1127 (void) smb_get_keychain(ctx); 1128 /* 1129 * Mask out disallowed auth types. 1130 */ 1131 ctx->ct_authflags &= ctx->ct_minauth; 1132 } 1133 if (ctx->ct_authflags == 0) { 1134 smb_error(dgettext(TEXT_DOMAIN, 1135 "no valid auth. types"), 0); 1136 return (ENOTSUP); 1137 } 1138 1139 ctx->ct_flags |= SMBCF_RESOLVED; 1140 if (smb_debug) 1141 dump_ctx("after smb_ctx_resolve", ctx); 1142 1143 return (0); 1144 } 1145 1146 int 1147 smb_open_driver() 1148 { 1149 int err, fd; 1150 uint32_t version; 1151 1152 fd = open("/dev/"NSMB_NAME, O_RDWR); 1153 if (fd < 0) { 1154 err = errno; 1155 smb_error(dgettext(TEXT_DOMAIN, 1156 "failed to open driver"), err); 1157 return (-1); 1158 } 1159 1160 /* 1161 * Check the driver version (paranoia) 1162 * Do this BEFORE any other ioctl calls. 1163 */ 1164 if (ioctl(fd, SMBIOC_GETVERS, &version) < 0) 1165 version = 0; 1166 if (version != NSMB_VERSION) { 1167 smb_error(dgettext(TEXT_DOMAIN, 1168 "incorrect driver version"), 0); 1169 close(fd); 1170 return (-1); 1171 } 1172 1173 /* This handle controls per-process resources. */ 1174 (void) fcntl(fd, F_SETFD, FD_CLOEXEC); 1175 1176 return (fd); 1177 } 1178 1179 int 1180 smb_ctx_gethandle(struct smb_ctx *ctx) 1181 { 1182 int fd; 1183 1184 if (ctx->ct_dev_fd != -1) { 1185 rpc_cleanup_smbctx(ctx); 1186 close(ctx->ct_dev_fd); 1187 ctx->ct_dev_fd = -1; 1188 ctx->ct_flags &= ~SMBCF_SSNACTIVE; 1189 } 1190 1191 fd = smb_open_driver(); 1192 if (fd < 0) 1193 return (ENODEV); 1194 1195 ctx->ct_dev_fd = fd; 1196 return (0); 1197 } 1198 1199 1200 /* 1201 * Find or create a connection + logon session 1202 */ 1203 int 1204 smb_ctx_get_ssn(struct smb_ctx *ctx) 1205 { 1206 int err = 0; 1207 1208 if ((ctx->ct_flags & SMBCF_RESOLVED) == 0) 1209 return (EINVAL); 1210 1211 if (ctx->ct_dev_fd < 0) { 1212 if ((err = smb_ctx_gethandle(ctx))) 1213 return (err); 1214 } 1215 1216 /* 1217 * Check whether the driver already has a VC 1218 * we can use. If so, we're done! 1219 */ 1220 err = smb_ctx_findvc(ctx); 1221 if (err == 0) { 1222 DPRINT("found an existing VC"); 1223 } else { 1224 /* 1225 * This calls the IOD to create a new session. 1226 */ 1227 DPRINT("setup a new VC"); 1228 err = smb_ctx_newvc(ctx); 1229 if (err != 0) 1230 return (err); 1231 1232 /* 1233 * Call findvc again. The new VC sould be 1234 * found in the driver this time. 1235 */ 1236 err = smb_ctx_findvc(ctx); 1237 } 1238 1239 return (err); 1240 } 1241 1242 /* 1243 * Get the string representation of a share "use" type, 1244 * as needed for the "service" in tree connect. 1245 */ 1246 static const char * 1247 smb_use_type_str(smb_use_shtype_t stype) 1248 { 1249 const char *pp; 1250 1251 switch (stype) { 1252 default: 1253 case USE_WILDCARD: 1254 pp = "?????"; 1255 break; 1256 case USE_DISKDEV: 1257 pp = "A:"; 1258 break; 1259 case USE_SPOOLDEV: 1260 pp = "LPT1:"; 1261 break; 1262 case USE_CHARDEV: 1263 pp = "COMM"; 1264 break; 1265 case USE_IPC: 1266 pp = "IPC"; 1267 break; 1268 } 1269 return (pp); 1270 } 1271 1272 /* 1273 * Find or create a tree connection 1274 */ 1275 int 1276 smb_ctx_get_tree(struct smb_ctx *ctx) 1277 { 1278 smbioc_tcon_t *tcon = NULL; 1279 const char *stype; 1280 int cmd, err = 0; 1281 1282 if (ctx->ct_dev_fd < 0 || 1283 ctx->ct_origshare == NULL) { 1284 return (EINVAL); 1285 } 1286 1287 cmd = SMBIOC_TREE_CONNECT; 1288 tcon = malloc(sizeof (*tcon)); 1289 if (tcon == NULL) 1290 return (ENOMEM); 1291 bzero(tcon, sizeof (*tcon)); 1292 tcon->tc_flags = SMBLK_CREATE; 1293 tcon->tc_opt = 0; 1294 1295 /* The share name */ 1296 strlcpy(tcon->tc_sh.sh_name, ctx->ct_origshare, 1297 sizeof (tcon->tc_sh.sh_name)); 1298 1299 /* 1300 * Share password (unused - no share-level security) 1301 * MS-SMB 2.2.6 says this should be null terminated, 1302 * and the length includes the null. Did bzero above, 1303 * so just set length for the null. 1304 */ 1305 tcon->tc_sh.sh_pwlen = 1; 1306 1307 /* The share "use" type. */ 1308 stype = smb_use_type_str(ctx->ct_shtype_req); 1309 strlcpy(tcon->tc_sh.sh_type_req, stype, 1310 sizeof (tcon->tc_sh.sh_type_req)); 1311 1312 /* 1313 * Todo: share passwords for share-level security. 1314 * 1315 * The driver does the actual TCON call. 1316 */ 1317 if (ioctl(ctx->ct_dev_fd, cmd, tcon) == -1) { 1318 err = errno; 1319 goto out; 1320 } 1321 1322 /* 1323 * Check the returned share type 1324 */ 1325 DPRINT("ret. sh_type: \"%s\"", tcon->tc_sh.sh_type_ret); 1326 if (ctx->ct_shtype_req != USE_WILDCARD && 1327 0 != strcmp(stype, tcon->tc_sh.sh_type_ret)) { 1328 smb_error(dgettext(TEXT_DOMAIN, 1329 "%s: incompatible share type"), 1330 0, ctx->ct_origshare); 1331 err = EINVAL; 1332 } 1333 1334 out: 1335 if (tcon != NULL) 1336 free(tcon); 1337 1338 return (err); 1339 } 1340 1341 /* 1342 * Return the hflags2 word for an smb_ctx. 1343 */ 1344 int 1345 smb_ctx_flags2(struct smb_ctx *ctx) 1346 { 1347 uint16_t flags2; 1348 1349 if (ioctl(ctx->ct_dev_fd, SMBIOC_FLAGS2, &flags2) == -1) { 1350 smb_error(dgettext(TEXT_DOMAIN, 1351 "can't get flags2 for a session"), errno); 1352 return (-1); 1353 } 1354 return (flags2); 1355 } 1356 1357 /* 1358 * Get the transport level session key. 1359 * Must already have an active SMB session. 1360 */ 1361 int 1362 smb_ctx_get_ssnkey(struct smb_ctx *ctx, uchar_t *key, size_t len) 1363 { 1364 if (len < SMBIOC_HASH_SZ) 1365 return (EINVAL); 1366 1367 if (ioctl(ctx->ct_dev_fd, SMBIOC_GETSSNKEY, key) == -1) 1368 return (errno); 1369 1370 return (0); 1371 } 1372 1373 /* 1374 * RC file parsing stuff 1375 */ 1376 1377 static struct nv 1378 minauth_table[] = { 1379 /* Allowed auth. types */ 1380 { "kerberos", SMB_AT_KRB5 }, 1381 { "ntlmv2", SMB_AT_KRB5|SMB_AT_NTLM2 }, 1382 { "ntlm", SMB_AT_KRB5|SMB_AT_NTLM2|SMB_AT_NTLM1 }, 1383 { "lm", SMB_AT_KRB5|SMB_AT_NTLM2|SMB_AT_NTLM1|SMB_AT_LM1 }, 1384 { "none", SMB_AT_KRB5|SMB_AT_NTLM2|SMB_AT_NTLM1|SMB_AT_LM1| 1385 SMB_AT_ANON }, 1386 { NULL } 1387 }; 1388 1389 1390 /* 1391 * level values: 1392 * 0 - default 1393 * 1 - server 1394 * 2 - server:user 1395 * 3 - server:user:share 1396 */ 1397 static int 1398 smb_ctx_readrcsection(struct smb_ctx *ctx, const char *sname, int level) 1399 { 1400 char *p; 1401 int error; 1402 1403 #ifdef KICONV_SUPPORT 1404 if (level > 0) { 1405 rc_getstringptr(smb_rc, sname, "charsets", &p); 1406 if (p) { 1407 error = smb_ctx_setcharset(ctx, p); 1408 if (error) 1409 smb_error(dgettext(TEXT_DOMAIN, 1410 "charset specification in the section '%s' ignored"), 1411 error, sname); 1412 } 1413 } 1414 #endif 1415 1416 if (level <= 1) { 1417 /* Section is: [default] or [server] */ 1418 1419 rc_getstringptr(smb_rc, sname, "minauth", &p); 1420 if (p) { 1421 /* 1422 * "minauth" was set in this section; override 1423 * the current minimum authentication setting. 1424 */ 1425 struct nv *nvp; 1426 for (nvp = minauth_table; nvp->name; nvp++) 1427 if (strcmp(p, nvp->name) == 0) 1428 break; 1429 if (nvp->name) 1430 ctx->ct_minauth = nvp->value; 1431 else { 1432 /* 1433 * Unknown minimum authentication level. 1434 */ 1435 smb_error(dgettext(TEXT_DOMAIN, 1436 "invalid minimum authentication level \"%s\" specified in the section %s"), 1437 0, p, sname); 1438 return (EINVAL); 1439 } 1440 } 1441 1442 rc_getstringptr(smb_rc, sname, "signing", &p); 1443 if (p) { 1444 /* 1445 * "signing" was set in this section; override 1446 * the current signing settings. Note: 1447 * setsigning flags are: enable, require 1448 */ 1449 if (strcmp(p, "disabled") == 0) { 1450 (void) smb_ctx_setsigning(ctx, FALSE, FALSE); 1451 } else if (strcmp(p, "enabled") == 0) { 1452 (void) smb_ctx_setsigning(ctx, TRUE, FALSE); 1453 } else if (strcmp(p, "required") == 0) { 1454 (void) smb_ctx_setsigning(ctx, TRUE, TRUE); 1455 } else { 1456 /* 1457 * Unknown "signing" value. 1458 */ 1459 smb_error(dgettext(TEXT_DOMAIN, 1460 "invalid signing policy \"%s\" specified in the section %s"), 1461 0, p, sname); 1462 return (EINVAL); 1463 } 1464 } 1465 1466 /* 1467 * Domain name. Allow both keywords: 1468 * "workgroup", "domain" 1469 * 1470 * Note: these are NOT marked "from CMD". 1471 * See long comment at smb_ctx_init() 1472 */ 1473 rc_getstringptr(smb_rc, sname, "workgroup", &p); 1474 if (p) { 1475 error = smb_ctx_setdomain(ctx, p, 0); 1476 if (error) 1477 smb_error(dgettext(TEXT_DOMAIN, 1478 "workgroup specification in the " 1479 "section '%s' ignored"), error, sname); 1480 } 1481 rc_getstringptr(smb_rc, sname, "domain", &p); 1482 if (p) { 1483 error = smb_ctx_setdomain(ctx, p, 0); 1484 if (error) 1485 smb_error(dgettext(TEXT_DOMAIN, 1486 "domain specification in the " 1487 "section '%s' ignored"), error, sname); 1488 } 1489 1490 rc_getstringptr(smb_rc, sname, "user", &p); 1491 if (p) { 1492 error = smb_ctx_setuser(ctx, p, 0); 1493 if (error) 1494 smb_error(dgettext(TEXT_DOMAIN, 1495 "user specification in the " 1496 "section '%s' ignored"), error, sname); 1497 } 1498 } 1499 1500 if (level == 1) { 1501 /* Section is: [server] */ 1502 rc_getstringptr(smb_rc, sname, "addr", &p); 1503 if (p) { 1504 error = smb_ctx_setsrvaddr(ctx, p); 1505 if (error) { 1506 smb_error(dgettext(TEXT_DOMAIN, 1507 "invalid address specified in section %s"), 1508 0, sname); 1509 return (error); 1510 } 1511 } 1512 } 1513 1514 rc_getstringptr(smb_rc, sname, "password", &p); 1515 if (p) { 1516 error = smb_ctx_setpassword(ctx, p, 0); 1517 if (error) 1518 smb_error(dgettext(TEXT_DOMAIN, 1519 "password specification in the section '%s' ignored"), 1520 error, sname); 1521 } 1522 1523 return (0); 1524 } 1525 1526 /* 1527 * read rc file as follows: 1528 * 0: read [default] section 1529 * 1: override with [server] section 1530 * 2: override with [server:user] section 1531 * 3: override with [server:user:share] section 1532 * Since absence of rcfile is not fatal, silently ignore this fact. 1533 * smb_rc file should be closed by caller. 1534 */ 1535 int 1536 smb_ctx_readrc(struct smb_ctx *ctx) 1537 { 1538 char *home; 1539 char *sname = NULL; 1540 int sname_max; 1541 int err = 0; 1542 1543 if ((home = getenv("HOME")) == NULL) 1544 home = ctx->ct_home; 1545 if ((err = smb_open_rcfile(home)) != 0) { 1546 DPRINT("smb_open_rcfile, err=%d", err); 1547 /* ignore any error here */ 1548 return (0); 1549 } 1550 1551 sname_max = 3 * SMBIOC_MAX_NAME + 4; 1552 sname = malloc(sname_max); 1553 if (sname == NULL) { 1554 err = ENOMEM; 1555 goto done; 1556 } 1557 1558 /* 1559 * default parameters (level=0) 1560 */ 1561 smb_ctx_readrcsection(ctx, "default", 0); 1562 nb_ctx_readrcsection(smb_rc, ctx->ct_nb, "default", 0); 1563 1564 /* 1565 * If we don't have a server name, we can't read any of the 1566 * [server...] sections. 1567 */ 1568 if (ctx->ct_fullserver == NULL) 1569 goto done; 1570 /* 1571 * SERVER parameters. 1572 */ 1573 smb_ctx_readrcsection(ctx, ctx->ct_fullserver, 1); 1574 1575 /* 1576 * If we don't have a user name, we can't read any of the 1577 * [server:user...] sections. 1578 */ 1579 if (ctx->ct_user[0] == 0) 1580 goto done; 1581 /* 1582 * SERVER:USER parameters 1583 */ 1584 snprintf(sname, sname_max, "%s:%s", 1585 ctx->ct_fullserver, 1586 ctx->ct_user); 1587 smb_ctx_readrcsection(ctx, sname, 2); 1588 1589 1590 /* 1591 * If we don't have a share name, we can't read any of the 1592 * [server:user:share] sections. 1593 */ 1594 if (ctx->ct_origshare == NULL) 1595 goto done; 1596 /* 1597 * SERVER:USER:SHARE parameters 1598 */ 1599 snprintf(sname, sname_max, "%s:%s:%s", 1600 ctx->ct_fullserver, 1601 ctx->ct_user, 1602 ctx->ct_origshare); 1603 smb_ctx_readrcsection(ctx, sname, 3); 1604 1605 done: 1606 if (sname) 1607 free(sname); 1608 smb_close_rcfile(); 1609 if (smb_debug) 1610 dump_ctx("after smb_ctx_readrc", ctx); 1611 if (err) 1612 DPRINT("err=%d\n", err); 1613 1614 return (err); 1615 } 1616