/// <summary>Manually resolve this SID.</summary> /// <remarks> /// Manually resolve this SID. Normally SIDs are automatically /// resolved. However, if a SID is constructed explicitly using a SID /// constructor, JCIFS will have no knowledge of the server that created the /// SID and therefore cannot possibly resolve it automatically. In this case, /// this method will be necessary. /// </remarks> /// <param name="authorityServerName">The FQDN of the server that is an authority for the SID. /// </param> /// <param name="auth">Credentials suitable for accessing the SID's information.</param> /// <exception cref="System.IO.IOException"></exception> public virtual void Resolve(string authorityServerName, NtlmPasswordAuthentication auth) { Sid[] sids = new Sid[1]; sids[0] = this; ResolveSids(authorityServerName, auth, sids); }
/// <exception cref="System.IO.IOException"></exception> internal static void ResolveSids0(string authorityServerName, NtlmPasswordAuthentication auth, Sid[] sids) { DcerpcHandle handle = null; LsaPolicyHandle policyHandle = null; lock (SidCache) { try { handle = DcerpcHandle.GetHandle("ncacn_np:" + authorityServerName + "[\\PIPE\\lsarpc]" , auth); string server = authorityServerName; int dot = server.IndexOf('.'); if (dot > 0 && char.IsDigit(server[0]) == false) { server = Runtime.Substring(server, 0, dot); } policyHandle = new LsaPolicyHandle(handle, "\\\\" + server, unchecked (0x00000800)); ResolveSids(handle, policyHandle, sids); } finally { if (handle != null) { if (policyHandle != null) { policyHandle.Close(); } handle.Close(); } } } }
internal virtual SmbSession GetSmbSession(NtlmPasswordAuthentication auth) { lock (this) { SmbSession ssn; long now; ssn = Sessions.FirstOrDefault(s => s.Matches(auth)); if (ssn != null) { ssn.Auth = auth; return(ssn); } if (SmbConstants.SoTimeout > 0 && SessionExpiration < (now = Runtime.CurrentTimeMillis())) { SessionExpiration = now + SmbConstants.SoTimeout; foreach (var session in Sessions.Where(s => s.Expiration < now)) { session.Logoff(false); } } ssn = new SmbSession(Address, Port, LocalAddr, LocalPort, auth); ssn.transport = this; Sessions.Add(ssn); return(ssn); } }
/// <summary>Resolve an array of SIDs using a cache and at most one MSRPC request.</summary> /// <remarks> /// Resolve an array of SIDs using a cache and at most one MSRPC request. /// <p> /// This method will attempt /// to resolve SIDs using a cache and cache the results of any SIDs that /// required resolving with the authority. SID cache entries are currently not /// expired because under normal circumstances SID information never changes. /// </remarks> /// <param name="authorityServerName">The hostname of the server that should be queried. For maximum efficiency this should be the hostname of a domain controller however a member server will work as well and a domain controller may not return names for SIDs corresponding to local accounts for which the domain controller is not an authority. /// </param> /// <param name="auth">The credentials that should be used to communicate with the named server. As usual, <tt>null</tt> indicates that default credentials should be used. /// </param> /// <param name="sids">The SIDs that should be resolved. After this function is called, the names associated with the SIDs may be queried with the <tt>toDisplayString</tt>, <tt>getDomainName</tt>, and <tt>getAccountName</tt> methods. /// </param> /// <exception cref="System.IO.IOException"></exception> public static void ResolveSids(string authorityServerName, NtlmPasswordAuthentication auth, Sid[] sids) { List <object> list = new List <object>();//new List<object>(sids.Length); int si; lock (SidCache) { for (si = 0; si < sids.Length; si++) { Sid sid = (Sid)SidCache.Get(sids[si]); if (sid != null) { sids[si].Type = sid.Type; sids[si].DomainName = sid.DomainName; sids[si].AcctName = sid.AcctName; } else { list.Add(sids[si]); } } if (list.Count > 0) { //sids = (Jcifs.Smb.SID[])Sharpen.Collections.ToArray(list, new Jcifs.Smb.SID[0]); sids = (Sid[])list.ToArray(); ResolveSids0(authorityServerName, auth, sids); for (si = 0; si < sids.Length; si++) { SidCache.Put(sids[si], sids[si]); } } } }
/// <exception cref="WinrtCifs.Smb.SmbAuthException"></exception> public virtual DfsReferral GetReferral(SmbTransport trans, string domain, string root, string path, NtlmPasswordAuthentication auth) { if (Disabled) { return(null); } try { string p = "\\" + domain + "\\" + root; if (path != null) { p += path; } DfsReferral dr = trans.GetDfsReferrals(auth, p, 0); if (dr != null) { return(dr); } } catch (IOException ioe) { if (Log.Level >= 4) { Runtime.PrintStackTrace(ioe, Log); } if (StrictView && ioe is SmbAuthException) { throw (SmbAuthException)ioe; } } return(null); }
/// <exception cref="WinrtCifs.Smb.SmbException"></exception> public SigningDigest(SmbTransport transport, NtlmPasswordAuthentication auth) { try { _digest = MessageDigest.GetInstance("MD5"); } catch (NoSuchAlgorithmException ex) { if (Log.Level > 0) { Runtime.PrintStackTrace(ex, Log); } throw new SmbException("MD5", ex); } try { switch (SmbConstants.LmCompatibility) { case 0: case 1: case 2: { _macSigningKey = new byte[40]; auth.GetUserSessionKey(transport.Server.EncryptionKey, _macSigningKey, 0); Array.Copy(auth.GetUnicodeHash(transport.Server.EncryptionKey), 0, _macSigningKey , 16, 24); break; } case 3: case 4: case 5: { _macSigningKey = new byte[16]; auth.GetUserSessionKey(transport.Server.EncryptionKey, _macSigningKey, 0); break; } default: { _macSigningKey = new byte[40]; auth.GetUserSessionKey(transport.Server.EncryptionKey, _macSigningKey, 0); Array.Copy(auth.GetUnicodeHash(transport.Server.EncryptionKey), 0, _macSigningKey , 16, 24); break; } } } catch (Exception ex) { throw new SmbException(string.Empty, ex); } if (Log.Level >= 5) { Log.WriteLine("LM_COMPATIBILITY=" + SmbConstants.LmCompatibility); Hexdump.ToHexdump(Log, _macSigningKey, 0, _macSigningKey.Length); } }
/// <exception cref="WinrtCifs.Smb.SmbAuthException"></exception> public virtual bool IsTrustedDomain(string domain, NtlmPasswordAuthentication auth ) { Hashtable domains = GetTrustedDomains(auth); if (domains == null) { return(false); } domain = domain.ToLower(); return(domains.Get(domain) != null); }
internal SmbSession(UniAddress address, int port, IPAddress localAddr, int localPort , NtlmPasswordAuthentication auth) { // Transport parameters allows trans to be removed from CONNECTIONS this._address = address; this._port = port; this._localAddr = localAddr; this._localPort = localPort; this.Auth = auth; Trees = new List <object>(); ConnectionState = 0; }
public NtlmContext(NtlmPasswordAuthentication auth, bool doSigning) { this.Auth = auth; NtlmsspFlags = NtlmsspFlags | NtlmFlags.NtlmsspRequestTarget | NtlmFlags.NtlmsspNegotiateNtlm2 | NtlmFlags.NtlmsspNegotiate128; if (doSigning) { NtlmsspFlags |= NtlmFlags.NtlmsspNegotiateSign | NtlmFlags.NtlmsspNegotiateAlwaysSign | NtlmFlags.NtlmsspNegotiateKeyExch; } Workstation = Type1Message.GetDefaultWorkstation(); Log = LogStream.GetInstance(); }
/// <exception cref="WinrtCifs.Smb.SmbException"></exception> internal virtual DfsReferral GetDfsReferrals(NtlmPasswordAuthentication auth, string path, int rn) { SmbTree ipc = GetSmbSession(auth).GetSmbTree("IPC$", null); Trans2GetDfsReferralResponse resp = new Trans2GetDfsReferralResponse(); ipc.Send(new Trans2GetDfsReferral(path), resp); if (resp.NumReferrals == 0) { return(null); } if (rn == 0 || resp.NumReferrals < rn) { rn = resp.NumReferrals; } DfsReferral dr = new DfsReferral(); string[] arr = new string[4]; long expiration = Runtime.CurrentTimeMillis() + Dfs.Ttl * 1000; int di = 0; for (; ;) { dr.ResolveHashes = auth.HashesExternal; dr.Ttl = resp.Referrals[di].Ttl; dr.Expiration = expiration; if (path.Equals(string.Empty)) { dr.Server = Runtime.Substring(resp.Referrals[di].Path, 1).ToLower(); } else { DfsPathSplit(resp.Referrals[di].Node, arr); dr.Server = arr[1]; dr.Share = arr[2]; dr.Path = arr[3]; } dr.PathConsumed = resp.PathConsumed; di++; if (di == rn) { break; } dr.Append(new DfsReferral()); dr = dr.Next; } return(dr.Next); }
/// <exception cref="WinrtCifs.Smb.SmbAuthException"></exception> public virtual Hashtable GetTrustedDomains(NtlmPasswordAuthentication auth) { if (Disabled || auth.Domain == "?") { return(null); } if (Domains != null && Runtime.CurrentTimeMillis() > Domains.Expiration) { Domains = null; } if (Domains != null) { return(Domains.Map); } try { UniAddress addr = UniAddress.GetByName(auth.Domain, true); SmbTransport trans = SmbTransport.GetSmbTransport(addr, 0); CacheEntry entry = new CacheEntry(Ttl * 10L); DfsReferral dr = trans.GetDfsReferrals(auth, string.Empty, 0); if (dr != null) { DfsReferral start = dr; do { string domain = dr.Server.ToLower(); entry.Map.Put(domain, new Hashtable()); dr = dr.Next; }while (dr != start); Domains = entry; return(Domains.Map); } } catch (IOException ioe) { if (Log.Level >= 3) { Runtime.PrintStackTrace(ioe, Log); } if (StrictView && ioe is SmbAuthException) { throw (SmbAuthException)ioe; } } return(null); }
/// <exception cref="WinrtCifs.Smb.SmbException"></exception> public static void Logon(UniAddress dc, int port, NtlmPasswordAuthentication auth ) { SmbTree tree = SmbTransport.GetSmbTransport(dc, port).GetSmbSession(auth).GetSmbTree (LogonShare, null); if (LogonShare == null) { tree.TreeConnect(null, null); } else { Trans2FindFirst2 req = new Trans2FindFirst2("\\", "*", SmbFile.AttrDirectory); Trans2FindFirst2Response resp = new Trans2FindFirst2Response(); tree.Send(req, resp); } }
internal virtual void ResolveWeak() { if (OriginServer != null) { try { Resolve(OriginServer, OriginAuth); } catch (IOException) { } finally { OriginServer = null; OriginAuth = null; } } }
/// <exception cref="WinrtCifs.Smb.SmbAuthException"></exception> public virtual SmbTransport GetDc(string domain, NtlmPasswordAuthentication auth) { if (Disabled) { return(null); } try { UniAddress addr = UniAddress.GetByName(domain, true); SmbTransport trans = SmbTransport.GetSmbTransport(addr, 0); DfsReferral dr = trans.GetDfsReferrals(auth, "\\" + domain, 1); if (dr != null) { DfsReferral start = dr; IOException e = null; do { try { addr = UniAddress.GetByName(dr.Server); return(SmbTransport.GetSmbTransport(addr, 0)); } catch (IOException ioe) { e = ioe; } dr = dr.Next; }while (dr != start); throw e; } } catch (IOException ioe) { if (Log.Level >= 3) { Runtime.PrintStackTrace(ioe, Log); } if (StrictView && ioe is SmbAuthException) { throw (SmbAuthException)ioe; } } return(null); }
/// <exception cref="System.IO.IOException"></exception> internal static Sid[] GetGroupMemberSids0(DcerpcHandle handle, SamrDomainHandle domainHandle, Sid domsid, int rid, int flags) { SamrAliasHandle aliasHandle = null; Lsarpc.LsarSidArray sidarray = new Lsarpc.LsarSidArray(); MsrpcGetMembersInAlias rpc = null; try { aliasHandle = new SamrAliasHandle(handle, domainHandle, unchecked (0x0002000c), rid); rpc = new MsrpcGetMembersInAlias(aliasHandle, sidarray); handle.Sendrecv(rpc); if (rpc.Retval != 0) { throw new SmbException(rpc.Retval, false); } Sid[] sids = new Sid[rpc.Sids.NumSids]; string originServer = handle.GetServer(); NtlmPasswordAuthentication originAuth = (NtlmPasswordAuthentication)handle.GetPrincipal (); for (int i = 0; i < sids.Length; i++) { sids[i] = new Sid(rpc.Sids.Sids[i].Sid, 0, null, null, false); sids[i].OriginServer = originServer; sids[i].OriginAuth = originAuth; } if (sids.Length > 0 && (flags & SidFlagResolveSids) != 0) { ResolveSids(originServer, originAuth, sids); } return(sids); } finally { if (aliasHandle != null) { aliasHandle.Close(); } } }
/// <exception cref="System.IO.IOException"></exception> public virtual Sid[] GetGroupMemberSids(string authorityServerName, NtlmPasswordAuthentication auth, int flags) { if (Type != SidTypeDomGrp && Type != SidTypeAlias) { return(new Sid[0]); } DcerpcHandle handle = null; SamrPolicyHandle policyHandle = null; SamrDomainHandle domainHandle = null; Sid domsid = GetDomainSid(); lock (SidCache) { try { handle = DcerpcHandle.GetHandle("ncacn_np:" + authorityServerName + "[\\PIPE\\samr]" , auth); policyHandle = new SamrPolicyHandle(handle, authorityServerName, unchecked (0x00000030)); domainHandle = new SamrDomainHandle(handle, policyHandle, unchecked (0x00000200), domsid); return(GetGroupMemberSids0(handle, domainHandle, domsid, GetRid(), flags)); } finally { if (handle != null) { if (policyHandle != null) { if (domainHandle != null) { domainHandle.Close(); } policyHandle.Close(); } handle.Close(); } } } }
/// <exception cref="System.IO.IOException"></exception> public static Sid GetServerSid(string server, NtlmPasswordAuthentication auth) { DcerpcHandle handle = null; LsaPolicyHandle policyHandle = null; Lsarpc.LsarDomainInfo info = new Lsarpc.LsarDomainInfo(); MsrpcQueryInformationPolicy rpc; lock (SidCache) { try { handle = DcerpcHandle.GetHandle("ncacn_np:" + server + "[\\PIPE\\lsarpc]", auth); // NetApp doesn't like the 'generic' access mask values policyHandle = new LsaPolicyHandle(handle, null, unchecked (0x00000001)); rpc = new MsrpcQueryInformationPolicy(policyHandle, Lsarpc.PolicyInfoAccountDomain , info); handle.Sendrecv(rpc); if (rpc.Retval != 0) { throw new SmbException(rpc.Retval, false); } return(new Sid(info.Sid, SidTypeDomain, (new UnicodeString (info.Name, false)).ToString(), null, false)); } finally { if (handle != null) { if (policyHandle != null) { policyHandle.Close(); } handle.Close(); } } } }
/// <summary> /// Compares two <tt>NtlmPasswordAuthentication</tt> objects for /// equality. /// </summary> /// <remarks> /// Compares two <tt>NtlmPasswordAuthentication</tt> objects for /// equality. Two <tt>NtlmPasswordAuthentication</tt> objects are equal if /// their caseless domain and username fields are equal and either both hashes are external and they are equal or both internally supplied passwords are equal. If one <tt>NtlmPasswordAuthentication</tt> object has external hashes (meaning negotiated via NTLM HTTP Authentication) and the other does not they will not be equal. This is technically not correct however the server 8 byte challage would be required to compute and compare the password hashes but that it not available with this method. /// </remarks> public override bool Equals(object obj) { if (obj is NtlmPasswordAuthentication) { NtlmPasswordAuthentication ntlm = (NtlmPasswordAuthentication )obj; if (ntlm.Domain.ToUpper().Equals(Domain.ToUpper()) && ntlm.Username.ToUpper().Equals (Username.ToUpper())) { if (HashesExternal && ntlm.HashesExternal) { return(Arrays.Equals(AnsiHash, ntlm.AnsiHash) && Arrays.Equals(UnicodeHash, ntlm. UnicodeHash)); } if (!HashesExternal && Password.Equals(ntlm.Password)) { return(true); } } } return(false); }
/// <exception cref="System.UriFormatException"></exception> /// <exception cref="UnknownHostException"></exception> public SmbNamedPipe(Uri url, int pipeType, NtlmPasswordAuthentication auth) : base (url, auth) { this.PipeType = pipeType; Type = TypeNamedPipe; }
internal virtual bool IsSignatureSetupRequired(NtlmPasswordAuthentication auth) { return((Flags2 & SmbConstants.Flags2SecuritySignatures) != 0 && Digest == null && auth != NtlmPasswordAuthentication.Null && NtlmPasswordAuthentication.Null .Equals(auth) == false); }
internal bool Matches(NtlmPasswordAuthentication auth) { return(this.Auth == auth || this.Auth.Equals(auth)); }
/// <summary> /// This specialized method returns a Map of users and local groups for the /// target server where keys are SIDs representing an account and each value /// is an List<object> of SIDs represents the local groups that the account is /// a member of. /// </summary> /// <remarks> /// This specialized method returns a Map of users and local groups for the /// target server where keys are SIDs representing an account and each value /// is an List<object> of SIDs represents the local groups that the account is /// a member of. /// <p/> /// This method is designed to assist with computing access control for a /// given user when the target object's ACL has local groups. Local groups /// are not listed in a user's group membership (e.g. as represented by the /// tokenGroups constructed attribute retrived via LDAP). /// <p/> /// Domain groups nested inside a local group are currently not expanded. In /// this case the key (SID) type will be SID_TYPE_DOM_GRP rather than /// SID_TYPE_USER. /// </remarks> /// <param name="authorityServerName">The server from which the local groups will be queried. /// </param> /// <param name="auth">The credentials required to query groups and group members.</param> /// <param name="flags"> /// Flags that control the behavior of the operation. When all /// name associated with SIDs will be required, the SID_FLAG_RESOLVE_SIDS /// flag should be used which causes all group member SIDs to be resolved /// together in a single more efficient operation. /// </param> /// <exception cref="System.IO.IOException"></exception> internal static Util.Sharpen.Hashtable GetLocalGroupsMap(string authorityServerName, NtlmPasswordAuthentication auth, int flags) { Sid domsid = GetServerSid(authorityServerName, auth); DcerpcHandle handle = null; SamrPolicyHandle policyHandle = null; SamrDomainHandle domainHandle = null; Samr.SamrSamArray sam = new Samr.SamrSamArray(); MsrpcEnumerateAliasesInDomain rpc; lock (SidCache) { try { handle = DcerpcHandle.GetHandle("ncacn_np:" + authorityServerName + "[\\PIPE\\samr]" , auth); policyHandle = new SamrPolicyHandle(handle, authorityServerName, unchecked (0x02000000)); domainHandle = new SamrDomainHandle(handle, policyHandle, unchecked (0x02000000), domsid); rpc = new MsrpcEnumerateAliasesInDomain(domainHandle, unchecked (0xFFFF), sam ); handle.Sendrecv(rpc); if (rpc.Retval != 0) { throw new SmbException(rpc.Retval, false); } var map = new Util.Sharpen.Hashtable(); for (int ei = 0; ei < rpc.Sam.Count; ei++) { Samr.SamrSamEntry entry = rpc.Sam.Entries[ei]; Sid[] mems = GetGroupMemberSids0(handle, domainHandle, domsid , entry.Idx, flags); Sid groupSid = new Sid(domsid, entry.Idx); groupSid.Type = SidTypeAlias; groupSid.DomainName = domsid.GetDomainName(); groupSid.AcctName = (new UnicodeString(entry.Name, false)).ToString(); for (int mi = 0; mi < mems.Length; mi++) { List <object> groups = (List <object>)map.Get(mems[mi]); if (groups == null) { groups = new List <object>(); map.Put(mems[mi], groups); } if (!groups.Contains(groupSid)) { groups.Add(groupSid); } } } return(map); } finally { if (handle != null) { if (policyHandle != null) { if (domainHandle != null) { domainHandle.Close(); } policyHandle.Close(); } handle.Close(); } } } }
/// <summary> /// Authenticate arbitrary credentials represented by the /// <tt>NtlmPasswordAuthentication</tt> object against the domain controller /// specified by the <tt>UniAddress</tt> parameter. /// </summary> /// <remarks> /// Authenticate arbitrary credentials represented by the /// <tt>NtlmPasswordAuthentication</tt> object against the domain controller /// specified by the <tt>UniAddress</tt> parameter. If the credentials are /// not accepted, an <tt>SmbAuthException</tt> will be thrown. If an error /// occurs an <tt>SmbException</tt> will be thrown. If the credentials are /// valid, the method will return without throwing an exception. See the /// last <a href="../../../faq.html">FAQ</a> question. /// <p> /// See also the <tt>jcifs.smb.client.logonShare</tt> property. /// </remarks> /// <exception cref="SmbException"></exception> public static void Logon(UniAddress dc, NtlmPasswordAuthentication auth) { Logon(dc, -1, auth); }
/// <exception cref="WinrtCifs.Smb.SmbException"></exception> internal SmbComSessionSetupAndX(SmbSession session, ServerMessageBlock andx, object cred) : base(andx) { Command = SmbComSessionSetupAndx; this.Session = session; this.Cred = cred; _sessionKey = session.transport.SessionKey; _capabilities = session.transport.Capabilities; if (session.transport.Server.Security == SmbConstants.SecurityUser) { if (cred is NtlmPasswordAuthentication) { NtlmPasswordAuthentication auth = (NtlmPasswordAuthentication)cred; if (auth == NtlmPasswordAuthentication.Anonymous) { _lmHash = new byte[0]; _ntHash = new byte[0]; _capabilities &= ~SmbConstants.CapExtendedSecurity; } else { if (session.transport.Server.EncryptedPasswords) { _lmHash = auth.GetAnsiHash(session.transport.Server.EncryptionKey); _ntHash = auth.GetUnicodeHash(session.transport.Server.EncryptionKey); // prohibit HTTP auth attempts for the null session if (_lmHash.Length == 0 && _ntHash.Length == 0) { throw new RuntimeException("Null setup prohibited."); } } else { if (DisablePlainTextPasswords) { throw new RuntimeException("Plain text passwords are disabled"); } if (UseUnicode) { // plain text string password = auth.GetPassword(); _lmHash = new byte[0]; _ntHash = new byte[(password.Length + 1) * 2]; WriteString(password, _ntHash, 0); } else { // plain text string password = auth.GetPassword(); _lmHash = new byte[(password.Length + 1) * 2]; _ntHash = new byte[0]; WriteString(password, _lmHash, 0); } } } _accountName = auth.Username; if (UseUnicode) { _accountName = _accountName.ToUpper(); } _primaryDomain = auth.Domain.ToUpper(); } else { if (cred is byte[]) { _blob = (byte[])cred; } else { throw new SmbException("Unsupported credential type"); } } } else { if (session.transport.Server.Security == SmbConstants.SecurityShare) { if (cred is NtlmPasswordAuthentication) { NtlmPasswordAuthentication auth = (NtlmPasswordAuthentication)cred; _lmHash = new byte[0]; _ntHash = new byte[0]; _accountName = auth.Username; if (UseUnicode) { _accountName = _accountName.ToUpper(); } _primaryDomain = auth.Domain.ToUpper(); } else { throw new SmbException("Unsupported credential type"); } } else { throw new SmbException("Unsupported"); } } }
/// <exception cref="WinrtCifs.Smb.SmbAuthException"></exception> public virtual DfsReferral Resolve(string domain, string root, string path, NtlmPasswordAuthentication auth) { lock (this) { DfsReferral dr = null; long now = Runtime.CurrentTimeMillis(); if (Disabled || root.Equals("IPC$")) { return(null); } Hashtable domains = GetTrustedDomains(auth); if (domains != null) { domain = domain.ToLower(); Hashtable roots = (Hashtable)domains.Get(domain); if (roots != null) { SmbTransport trans = null; root = root.ToLower(); CacheEntry links = (CacheEntry)roots.Get(root); if (links != null && now > links.Expiration) { //Sharpen.Collections.Remove(roots, root); roots.Remove(root); links = null; } if (links == null) { if ((trans = GetDc(domain, auth)) == null) { return(null); } dr = GetReferral(trans, domain, root, path, auth); if (dr != null) { int len = 1 + domain.Length + 1 + root.Length; links = new CacheEntry(0L); DfsReferral tmp = dr; do { if (path == null) { // TODO: fix this //tmp.map = links.map; tmp.Key = "\\"; } tmp.PathConsumed -= len; tmp = tmp.Next; }while (tmp != dr); if (dr.Key != null) { links.Map.Put(dr.Key, dr); } roots.Put(root, links); } else { if (path == null) { roots.Put(root, FalseEntry); } } } else { if (links == FalseEntry) { links = null; } } if (links != null) { string link = "\\"; dr = (DfsReferral)links.Map.Get(link); if (dr != null && now > dr.Expiration) { //Sharpen.Collections.Remove(links.map, link); links.Map.Remove(link); dr = null; } if (dr == null) { if (trans == null) { if ((trans = GetDc(domain, auth)) == null) { return(null); } } dr = GetReferral(trans, domain, root, path, auth); if (dr != null) { dr.PathConsumed -= 1 + domain.Length + 1 + root.Length; dr.Link = link; links.Map.Put(link, dr); } } } } } if (dr == null && path != null) { if (Referrals != null && now > Referrals.Expiration) { Referrals = null; } if (Referrals == null) { Referrals = new CacheEntry(0); } string key = "\\" + domain + "\\" + root; if (path.Equals("\\") == false) { key += path; } key = key.ToLower(); //ListIterator<object> iter = new ListIterator<object>(referrals.map.Keys.GetEnumerator(), 0); foreach (var current in Referrals.Map.Keys) { string _key = (string)current; int klen = _key.Length; bool match = false; if (klen == key.Length) { match = _key.Equals(key); } else { if (klen < key.Length) { match = _key.RegionMatches(false, 0, key, 0, klen) && key[klen] == '\\'; } } if (match) { dr = (DfsReferral)Referrals.Map.Get(_key); } } } return(dr); } }