The branch, master has been updated via a5156649d58 tests: Test basic handling of SMB2_CREATE_TAG_POSIX via eaaa7425b56 smbd: Handle SMB2_CREATE_TAG_POSIX at the smb2 layer via 95657d40f08 smbd: Introduce helper var in smbd_smb2_create_fetch_create_ctx() via cb0381ddc69 pylibsmb: Add create_ex() via 68ba30215da pylibsmb: Add smb2 create tag strings via 51f99b7f191 tests: Test invalid smb3 unix negotiate contexts via b833431b5ca pylibsmb: Allow passing negotiate contexts via 5d95de0637c libsmb: Allow smb2 neg ctx in cli_full_connection_creds_send() via 887facd3738 tests: Add smb3 posix negotiate tests via 0f75963cf4c param: Add "smb3 unix extensions" via 0bd31c71ab1 pylibsmb: Add "have_posix" function via b9eff7b90c5 pylibsmb: Allow requesting Posix extensions via 2711521b5f6 libsmb: Allow to request SMB311 posix in source3/libsmb via ae5dc52d236 smbXcli: Detect the SMB311 posix negotiate context via d7e928794e4 smbd: Convert store_smb2_posix_info() to use an existing blob via efc81874ef3 smbd: Convert smb2_posix_cc_info() to use an existing blob via 43811868d1d smbd: Introduce "conn" helper var in smbd_smb2_create_after_exec() from 1788b59bc0a s3/winbindd: Fix bad access to sid array (with debug level >= info)
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit a5156649d58df07f58e479076ea8a0b41b450ea4 Author: Volker Lendecke <v...@samba.org> Date: Wed Aug 31 12:38:23 2022 +0200 tests: Test basic handling of SMB2_CREATE_TAG_POSIX Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> Autobuild-User(master): Ralph Böhme <s...@samba.org> Autobuild-Date(master): Fri Sep 2 14:31:25 UTC 2022 on sn-devel-184 commit eaaa7425b563c6fa88210ff23d5c5d7f0d46b9f5 Author: Volker Lendecke <v...@samba.org> Date: Thu Sep 1 12:17:44 2022 +0200 smbd: Handle SMB2_CREATE_TAG_POSIX at the smb2 layer We're not doing anything with this yet, this is just to provide a test counterpart. Protected by -DDEVELOPER and "smb3 unix extensions = yes" Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 95657d40f08a7fc7468690b86e8b49333e9eabc3 Author: Volker Lendecke <v...@samba.org> Date: Wed Aug 31 15:37:03 2022 +0200 smbd: Introduce helper var in smbd_smb2_create_fetch_create_ctx() xconn will be used in another place soon Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit cb0381ddc692efdff7dd1d7007e161628b8132af Author: Volker Lendecke <v...@samba.org> Date: Mon Aug 29 17:02:25 2022 +0200 pylibsmb: Add create_ex() This is an extension of the create() function allowing smb2 create contexts to be passed back and forth and also returning the smb_create_returns. A new function seemed necessary for me because we need to return not just the fnum. So I chose a 3-tuple, see the test for an example how to use this. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 68ba30215da2623edd0bdb6b92e576d616cee0f3 Author: Volker Lendecke <v...@samba.org> Date: Wed Aug 31 11:37:54 2022 +0200 pylibsmb: Add smb2 create tag strings Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 51f99b7f191b18c4aabc632e4e32bfa8fc8a3ee7 Author: Volker Lendecke <v...@samba.org> Date: Fri Aug 26 16:29:32 2022 +0200 tests: Test invalid smb3 unix negotiate contexts Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit b833431b5ca40d6c6b9a46f93a625aff02415113 Author: Volker Lendecke <v...@samba.org> Date: Fri Aug 26 15:38:04 2022 +0200 pylibsmb: Allow passing negotiate contexts Pass in a list of tuples with (type, bytes) Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 5d95de0637cbf978ba9603e4074ccd3ce37fba9b Author: Volker Lendecke <v...@samba.org> Date: Fri Aug 26 14:17:26 2022 +0200 libsmb: Allow smb2 neg ctx in cli_full_connection_creds_send() Will be used to test smb3 posix contexts Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 887facd37384ba932a93393e135cf82af66cb058 Author: Volker Lendecke <v...@samba.org> Date: Fri Aug 26 14:00:28 2022 +0200 tests: Add smb3 posix negotiate tests Make sure we do and don't announce posix depending on "smb3 unix extensions" parameter Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 0f75963cf4c3b0d1b67ce7fc9513c0b578ec86f6 Author: Volker Lendecke <v...@samba.org> Date: Thu Aug 25 16:42:37 2022 +0200 param: Add "smb3 unix extensions" Only available in DEVELOPER builds. Adding now to get some testing step by step done. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 0bd31c71ab114930dcfa220faa1f03dbd4e7c059 Author: Volker Lendecke <v...@samba.org> Date: Thu Aug 25 16:28:04 2022 +0200 pylibsmb: Add "have_posix" function Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit b9eff7b90c508dfe61a5739d144bb8532bf3fb4c Author: Volker Lendecke <v...@samba.org> Date: Thu Aug 25 16:27:42 2022 +0200 pylibsmb: Allow requesting Posix extensions Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 2711521b5f60e1899f60443f0b97fef5398726c5 Author: Volker Lendecke <v...@samba.org> Date: Thu Aug 25 12:20:26 2022 +0200 libsmb: Allow to request SMB311 posix in source3/libsmb Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit ae5dc52d23627e285214c92798f8412f265e9852 Author: Volker Lendecke <v...@samba.org> Date: Thu Aug 25 15:16:10 2022 +0200 smbXcli: Detect the SMB311 posix negotiate context The server will only return this if the client requested in via smbXcli_negprot_send()'s in_ctx parameter. This adds knowledge about SMB2_CREATE_TAG_POSIX to smbXcli_base.c with a function to query it. The alternative would have been to detect this in the caller, but this would have meant that we also would need a smbXcli_conn_set_have_posix() function or something similar. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit d7e928794e4aebe1ca6c28773cfea97bbb6eb99e Author: Volker Lendecke <v...@samba.org> Date: Thu Sep 1 14:49:33 2022 +0200 smbd: Convert store_smb2_posix_info() to use an existing blob Less malloc Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit efc81874ef3bdf2ddc71185a3db84338cade011e Author: Volker Lendecke <v...@samba.org> Date: Thu Sep 1 14:49:33 2022 +0200 smbd: Convert smb2_posix_cc_info() to use an existing blob Less malloc Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> commit 43811868d1d55ee6d23de3956d73c25b163b671c Author: Volker Lendecke <v...@samba.org> Date: Thu Sep 1 14:46:39 2022 +0200 smbd: Introduce "conn" helper var in smbd_smb2_create_after_exec() Will be used more in the future Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> ----------------------------------------------------------------------- Summary of changes: .../smbdotconf/protocol/smb3unixextensions.xml | 11 + libcli/smb/smbXcli_base.c | 24 + libcli/smb/smbXcli_base.h | 1 + python/samba/tests/libsmb.py | 12 + python/samba/tests/smb3unix.py | 162 +++++++ source3/include/client.h | 1 + source3/libsmb/cliconnect.c | 57 ++- source3/libsmb/proto.h | 5 +- source3/libsmb/pylibsmb.c | 491 ++++++++++++++++++++- source3/param/loadparm.c | 13 +- source3/param/loadparm.h | 2 +- source3/selftest/tests.py | 3 + source3/smbd/proto.h | 24 +- source3/smbd/smb2_create.c | 87 +++- source3/smbd/smb2_negprot.c | 2 +- source3/smbd/smb2_posix.c | 142 +++--- 16 files changed, 929 insertions(+), 108 deletions(-) create mode 100644 docs-xml/smbdotconf/protocol/smb3unixextensions.xml create mode 100644 python/samba/tests/smb3unix.py Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/protocol/smb3unixextensions.xml b/docs-xml/smbdotconf/protocol/smb3unixextensions.xml new file mode 100644 index 00000000000..2dc3d614c4f --- /dev/null +++ b/docs-xml/smbdotconf/protocol/smb3unixextensions.xml @@ -0,0 +1,11 @@ +<samba:parameter name="smb3 unix extensions" + context="G" + type="boolean" + function="_smb3_unix_extensions" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> + <description> + <para>Incomplete SMB 3.11 Unix Extensions. This is only available + if Samba is compiled in DEVELOPER mode.</para> + </description> + <value type="default">no</value> +</samba:parameter> diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c index 353b4816e3d..47f385349c4 100644 --- a/libcli/smb/smbXcli_base.c +++ b/libcli/smb/smbXcli_base.c @@ -130,6 +130,7 @@ struct smbXcli_conn { DATA_BLOB gss_blob; uint16_t sign_algo; uint16_t cipher; + bool smb311_posix; } server; uint64_t mid; @@ -500,6 +501,17 @@ bool smbXcli_conn_signing_mandatory(struct smbXcli_conn *conn) return conn->mandatory_signing; } +bool smbXcli_conn_have_posix(struct smbXcli_conn *conn) +{ + if (conn->protocol >= PROTOCOL_SMB3_11) { + return conn->smb2.server.smb311_posix; + } + if (conn->protocol <= PROTOCOL_NT1) { + return (conn->smb1.capabilities & CAP_UNIX); + } + return false; +} + /* * [MS-SMB] 2.2.2.3.5 - SMB1 support for passing through * query/set commands to the file system @@ -5024,6 +5036,7 @@ static void smbXcli_negprot_smb2_done(struct tevent_req *subreq) gnutls_hash_hd_t hash_hnd = NULL; struct smb2_negotiate_context *sign_algo = NULL; struct smb2_negotiate_context *cipher = NULL; + struct smb2_negotiate_context *posix = NULL; struct iovec sent_iov[3] = {{0}, {0}, {0}}; static const struct smb2cli_req_expected_response expected[] = { { @@ -5380,6 +5393,17 @@ static void smbXcli_negprot_smb2_done(struct tevent_req *subreq) conn->smb2.server.cipher = cipher_selected; } + posix = smb2_negotiate_context_find( + state->out_ctx, SMB2_POSIX_EXTENSIONS_AVAILABLE); + if (posix != NULL) { + DATA_BLOB posix_blob = data_blob_const( + SMB2_CREATE_TAG_POSIX, strlen(SMB2_CREATE_TAG_POSIX)); + int cmp = data_blob_cmp(&posix->data, &posix_blob); + + conn->smb2.server.smb311_posix = (cmp == 0); + } + + /* First we hash the request */ smb2cli_req_get_sent_iov(subreq, sent_iov); diff --git a/libcli/smb/smbXcli_base.h b/libcli/smb/smbXcli_base.h index 8e4fb81818f..8d2e6b3e204 100644 --- a/libcli/smb/smbXcli_base.h +++ b/libcli/smb/smbXcli_base.h @@ -53,6 +53,7 @@ bool smbXcli_conn_dfs_supported(struct smbXcli_conn *conn); enum protocol_types smbXcli_conn_protocol(struct smbXcli_conn *conn); bool smbXcli_conn_use_unicode(struct smbXcli_conn *conn); bool smbXcli_conn_signing_mandatory(struct smbXcli_conn *conn); +bool smbXcli_conn_have_posix(struct smbXcli_conn *conn); bool smbXcli_conn_support_passthrough(struct smbXcli_conn *conn); void smbXcli_conn_set_sockopt(struct smbXcli_conn *conn, const char *options); diff --git a/python/samba/tests/libsmb.py b/python/samba/tests/libsmb.py index 1acb5b12a16..2fe4386340f 100644 --- a/python/samba/tests/libsmb.py +++ b/python/samba/tests/libsmb.py @@ -140,6 +140,18 @@ class LibsmbTestCase(samba.tests.TestCase): except: pass + def test_libsmb_CreateContexts(self): + (lp,creds) = self.prep_creds() + c = libsmb.Conn(os.getenv("SERVER_IP"), "tmp", lp, creds) + cc_in = [(libsmb.SMB2_CREATE_TAG_MXAC, b'')] + fnum,cr,cc = c.create_ex("",CreateContexts=cc_in) + self.assertEqual( + cr['file_attributes'] & libsmb.FILE_ATTRIBUTE_DIRECTORY, + libsmb.FILE_ATTRIBUTE_DIRECTORY) + self.assertEqual(cc[0][0],libsmb.SMB2_CREATE_TAG_MXAC) + self.assertEqual(len(cc[0][1]),8) + c.close(fnum) + if __name__ == "__main__": import unittest unittest.main() diff --git a/python/samba/tests/smb3unix.py b/python/samba/tests/smb3unix.py new file mode 100644 index 00000000000..a825100d5b2 --- /dev/null +++ b/python/samba/tests/smb3unix.py @@ -0,0 +1,162 @@ +# Unix SMB/CIFS implementation. +# Copyright Volker Lendecke <v...@samba.org> 2022 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +from samba.samba3 import libsmb_samba_internal as libsmb +from samba.samba3 import param as s3param +from samba import (credentials,NTSTATUSError,ntstatus) +import samba.tests +import os + +class Smb3UnixTests(samba.tests.TestCase): + + def setUp(self): + self.lp = s3param.get_context() + self.lp.load(os.getenv("SMB_CONF_PATH")) + + self.creds = credentials.Credentials() + self.creds.guess(self.lp) + self.creds.set_username(os.getenv("USERNAME")) + self.creds.set_password(os.getenv("PASSWORD")) + + # Build the global inject file path + server_conf = os.getenv("SERVERCONFFILE") + server_conf_dir = os.path.dirname(server_conf) + self.global_inject = os.path.join(server_conf_dir, "global_inject.conf") + + def enable_smb3unix(self): + with open(self.global_inject, 'w') as f: + f.write("smb3 unix extensions = yes\n") + + def disable_smb3unix(self): + with open(self.global_inject, 'w') as f: + f.truncate() + + def test_negotiate_context_posix(self): + try: + self.enable_smb3unix() + + c = libsmb.Conn( + os.getenv("SERVER_IP"), + "tmp", + self.lp, + self.creds, + posix=True) + self.assertTrue(c.have_posix()) + + finally: + self.disable_smb3unix() + + def test_negotiate_context_noposix(self): + c = libsmb.Conn( + os.getenv("SERVER_IP"), + "tmp", + self.lp, + self.creds, + posix=True) + self.assertFalse(c.have_posix()) + + def test_negotiate_context_posix_invalid_length(self): + try: + self.enable_smb3unix() + + with self.assertRaises(NTSTATUSError) as cm: + c = libsmb.Conn( + os.getenv("SERVER_IP"), + "tmp", + self.lp, + self.creds, + negotiate_contexts=[(0x100, b'01234')]) + + e = cm.exception + self.assertEqual(e.args[0], ntstatus.NT_STATUS_INVALID_PARAMETER) + + finally: + self.disable_smb3unix() + + def test_negotiate_context_posix_invalid_blob(self): + try: + self.enable_smb3unix() + + c = libsmb.Conn( + os.getenv("SERVER_IP"), + "tmp", + self.lp, + self.creds, + negotiate_contexts=[(0x100, b'0123456789012345')]) + self.assertFalse(c.have_posix()) + + finally: + self.disable_smb3unix() + + def test_posix_create_context(self): + try: + self.enable_smb3unix() + + c = libsmb.Conn( + os.getenv("SERVER_IP"), + "tmp", + self.lp, + self.creds, + posix=True) + self.assertTrue(c.have_posix()) + + cc_in=[(libsmb.SMB2_CREATE_TAG_POSIX,b'0000')] + fnum,_,cc_out = c.create_ex("",CreateContexts=cc_in) + self.assertEqual(cc_in[0][0],cc_out[0][0]) + + c.close(fnum) + + finally: + self.disable_smb3unix() + + def test_posix_create_context_noposix(self): + c = libsmb.Conn( + os.getenv("SERVER_IP"), + "tmp", + self.lp, + self.creds, + posix=True) + self.assertFalse(c.have_posix()) + + cc_in=[(libsmb.SMB2_CREATE_TAG_POSIX,b'0000')] + fnum,_,cc_out = c.create_ex("",CreateContexts=cc_in) + self.assertEqual(len(cc_out), 0) + + c.close(fnum) + + def test_posix_create_invalid_context_length(self): + try: + self.enable_smb3unix() + + c = libsmb.Conn( + os.getenv("SERVER_IP"), + "tmp", + self.lp, + self.creds, + posix=True) + self.assertTrue(c.have_posix()) + + cc_in=[(libsmb.SMB2_CREATE_TAG_POSIX,b'00000')] + + with self.assertRaises(NTSTATUSError) as cm: + fnum,_,cc_out = c.create_ex("",CreateContexts=cc_in) + + e = cm.exception + self.assertEqual(e.args[0], ntstatus.NT_STATUS_INVALID_PARAMETER) + + finally: + self.disable_smb3unix() diff --git a/source3/include/client.h b/source3/include/client.h index 14be20ef1e0..4939e1879cf 100644 --- a/source3/include/client.h +++ b/source3/include/client.h @@ -119,5 +119,6 @@ struct file_info { #define CLI_FULL_CONNECTION_FORCE_SMB1 0x0400 #define CLI_FULL_CONNECTION_DISABLE_SMB1 0x0800 #define CLI_FULL_CONNECTION_IPC 0x1000 +#define CLI_FULL_CONNECTION_REQUEST_POSIX 0x2000 #endif /* _CLIENT_H */ diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index 34cbbd723a8..edbd2477f60 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -2776,6 +2776,7 @@ struct cli_start_connection_state { struct cli_state *cli; int min_protocol; int max_protocol; + struct smb2_negotiate_contexts *negotiate_contexts; }; static void cli_start_connection_connected(struct tevent_req *subreq); @@ -2793,7 +2794,8 @@ static struct tevent_req *cli_start_connection_send( TALLOC_CTX *mem_ctx, struct tevent_context *ev, const char *my_name, const char *dest_host, const struct sockaddr_storage *dest_ss, int port, - enum smb_signing_setting signing_state, int flags) + enum smb_signing_setting signing_state, int flags, + struct smb2_negotiate_contexts *negotiate_contexts) { struct tevent_req *req, *subreq; struct cli_start_connection_state *state; @@ -2827,6 +2829,46 @@ static struct tevent_req *cli_start_connection_send( state->min_protocol); } + state->negotiate_contexts = talloc_zero( + state, struct smb2_negotiate_contexts); + if (tevent_req_nomem(state->negotiate_contexts, req)) { + return tevent_req_post(req, ev); + } + + if (flags & CLI_FULL_CONNECTION_REQUEST_POSIX) { + NTSTATUS status; + + status = smb2_negotiate_context_add( + state->negotiate_contexts, + state->negotiate_contexts, + SMB2_POSIX_EXTENSIONS_AVAILABLE, + (const uint8_t *)SMB2_CREATE_TAG_POSIX, + strlen(SMB2_CREATE_TAG_POSIX)); + if (tevent_req_nterror(req, status)) { + return tevent_req_post(req, ev); + } + } + + if (negotiate_contexts != NULL) { + uint16_t i; + + for (i=0; i<negotiate_contexts->num_contexts; i++) { + struct smb2_negotiate_context *ctx = + &negotiate_contexts->contexts[i]; + NTSTATUS status; + + status = smb2_negotiate_context_add( + state->negotiate_contexts, + state->negotiate_contexts, + ctx->type, + ctx->data.data, + ctx->data.length); + if (tevent_req_nterror(req, status)) { + return tevent_req_post(req, ev); + } + } + } + subreq = cli_connect_nb_send(state, ev, dest_host, dest_ss, port, 0x20, my_name, signing_state, flags); if (tevent_req_nomem(subreq, req)) { @@ -2858,7 +2900,7 @@ static void cli_start_connection_connected(struct tevent_req *subreq) state->min_protocol, state->max_protocol, WINDOWS_CLIENT_PURE_SMB2_NEGPROT_INITIAL_CREDIT_ASK, - NULL); + state->negotiate_contexts); if (tevent_req_nomem(subreq, req)) { return; } @@ -2918,7 +2960,7 @@ NTSTATUS cli_start_connection(struct cli_state **output_cli, goto fail; } req = cli_start_connection_send(ev, ev, my_name, dest_host, dest_ss, - port, signing_state, flags); + port, signing_state, flags, NULL); if (req == NULL) { goto fail; } @@ -3392,7 +3434,8 @@ struct tevent_req *cli_full_connection_creds_send( const struct sockaddr_storage *dest_ss, int port, const char *service, const char *service_type, struct cli_credentials *creds, - int flags) + int flags, + struct smb2_negotiate_contexts *negotiate_contexts) { struct tevent_req *req, *subreq; struct cli_full_connection_creds_state *state; @@ -3431,7 +3474,8 @@ struct tevent_req *cli_full_connection_creds_send( subreq = cli_start_connection_send( state, ev, my_name, dest_host, dest_ss, port, - signing_state, flags); + signing_state, flags, + negotiate_contexts); if (tevent_req_nomem(subreq, req)) { return tevent_req_post(req, ev); } @@ -3762,7 +3806,8 @@ NTSTATUS cli_full_connection_creds(struct cli_state **output_cli, } req = cli_full_connection_creds_send( ev, ev, my_name, dest_host, dest_ss, port, service, - service_type, creds, flags); + service_type, creds, flags, + NULL); if (req == NULL) { goto fail; } diff --git a/source3/libsmb/proto.h b/source3/libsmb/proto.h index ec66582e28a..46db49015fb 100644 --- a/source3/libsmb/proto.h +++ b/source3/libsmb/proto.h @@ -92,13 +92,16 @@ NTSTATUS cli_start_connection(struct cli_state **output_cli, enum smb_signing_setting signing_state, int flags); NTSTATUS cli_smb1_setup_encryption(struct cli_state *cli, struct cli_credentials *creds); + +struct smb2_negotiate_contexts; struct tevent_req *cli_full_connection_creds_send( TALLOC_CTX *mem_ctx, struct tevent_context *ev, const char *my_name, const char *dest_host, const struct sockaddr_storage *dest_ss, int port, const char *service, const char *service_type, struct cli_credentials *creds, - int flags); + int flags, + struct smb2_negotiate_contexts *negotiate_contexts); NTSTATUS cli_full_connection_creds_recv(struct tevent_req *req, struct cli_state **output_cli); NTSTATUS cli_full_connection_creds(struct cli_state **output_cli, diff --git a/source3/libsmb/pylibsmb.c b/source3/libsmb/pylibsmb.c index b498d3a0f62..9495d9eed54 100644 --- a/source3/libsmb/pylibsmb.c +++ b/source3/libsmb/pylibsmb.c @@ -26,6 +26,7 @@ #include "python/py3compat.h" #include "python/modules.h" #include "libcli/smb/smbXcli_base.h" +#include "libcli/smb/smb2_negotiate_context.h" #include "libsmb/libsmb.h" #include "libcli/security/security.h" #include "system/select.h" @@ -423,6 +424,86 @@ static PyObject *py_cli_state_new(PyTypeObject *type, PyObject *args, return (PyObject *)self; } +static struct smb2_negotiate_contexts *py_cli_get_negotiate_contexts( + TALLOC_CTX *mem_ctx, PyObject *list) +{ + struct smb2_negotiate_contexts *ctxs = NULL; + Py_ssize_t i, len; + int ret; + + ret = PyList_Check(list); + if (!ret) { + goto fail; + } + + len = PyList_Size(list); + if (len == 0) { + goto fail; + } + + ctxs = talloc_zero(mem_ctx, struct smb2_negotiate_contexts); + if (ctxs == NULL) { + goto fail; + } + + for (i=0; i<len; i++) { + NTSTATUS status; + + PyObject *t = PyList_GetItem(list, i); + Py_ssize_t tlen; + + PyObject *ptype = NULL; + long type; + + PyObject *pdata = NULL; + DATA_BLOB data = { .data = NULL, }; + + if (t == NULL) { + goto fail; + } + + ret = PyTuple_Check(t); + if (!ret) { + goto fail; + } + + tlen = PyTuple_Size(t); + if (tlen != 2) { + goto fail; + } + + ptype = PyTuple_GetItem(t, 0); + if (ptype == NULL) { + goto fail; + } + type = PyLong_AsLong(ptype); + if ((type < 0) || (type > UINT16_MAX)) { + goto fail; + } + + pdata = PyTuple_GetItem(t, 1); -- Samba Shared Repository