s3-rpcclient: add packet auth level command

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index 398fe4a0f3165100a9873f968df590adfc4d1433..554620b0380b9afcdd68a990b86694f4ec17dbef 100644 (file)
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -484,6 +484,47 @@ static NTSTATUS cmd_seal(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
        return cmd_set_ss_level();
 }
 
+static NTSTATUS cmd_packet(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
+                          int argc, const char **argv)
+{
+       const char *p = "[KRB5|KRB5_SPNEGO|NTLMSSP|NTLMSSP_SPNEGO|SCHANNEL]";
+       const char *type = "NTLMSSP";
+
+       pipe_default_auth_level = DCERPC_AUTH_LEVEL_PACKET;
+       pipe_default_auth_type = DCERPC_AUTH_TYPE_NTLMSSP;
+
+       if (argc > 2) {
+               printf("Usage: %s %s\n", argv[0], p);
+               return NT_STATUS_OK;
+       }
+
+       if (argc == 2) {
+               type = argv[1];
+               if (strequal(type, "KRB5")) {
+                       pipe_default_auth_type = DCERPC_AUTH_TYPE_KRB5;
+               } else if (strequal(type, "KRB5_SPNEGO")) {
+                       pipe_default_auth_type = DCERPC_AUTH_TYPE_SPNEGO;
+                       pipe_default_auth_spnego_type = PIPE_AUTH_TYPE_SPNEGO_KRB5;
+               } else if (strequal(type, "NTLMSSP")) {
+                       pipe_default_auth_type = DCERPC_AUTH_TYPE_NTLMSSP;
+               } else if (strequal(type, "NTLMSSP_SPNEGO")) {
+                       pipe_default_auth_type = DCERPC_AUTH_TYPE_SPNEGO;
+                       pipe_default_auth_spnego_type = PIPE_AUTH_TYPE_SPNEGO_NTLMSSP;
+               } else if (strequal(type, "SCHANNEL")) {
+                       pipe_default_auth_type = DCERPC_AUTH_TYPE_SCHANNEL;
+               } else {
+                       printf("unknown type %s\n", type);
+                       printf("Usage: %s %s\n", argv[0], p);
+                       return NT_STATUS_INVALID_LEVEL;
+               }
+       }
+
+       d_printf("Setting %s - packet\n", type);
+
+       return cmd_set_ss_level();
+}
+
+
 static NTSTATUS cmd_timeout(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
                            int argc, const char **argv)
 {
@@ -576,6 +617,7 @@ static struct cmd_set rpcclient_commands[] = {
        { "quit", RPC_RTYPE_NTSTATUS, cmd_quit, NULL,     NULL, NULL, "Exit program", "" },
        { "sign", RPC_RTYPE_NTSTATUS, cmd_sign, NULL,     NULL, NULL, "Force RPC pipe connections to be signed", "" },
        { "seal", RPC_RTYPE_NTSTATUS, cmd_seal, NULL,     NULL, NULL, "Force RPC pipe connections to be sealed", "" },
+       { "packet", RPC_RTYPE_NTSTATUS, cmd_packet, NULL,         NULL, NULL, "Force RPC pipe connections with packet authentication level", "" },
        { "schannel", RPC_RTYPE_NTSTATUS, cmd_schannel, NULL,     NULL, NULL,   "Force RPC pipe connections to be sealed with 'schannel'.  Assumes valid machine account to this domain controller.", "" },
        { "schannelsign", RPC_RTYPE_NTSTATUS, cmd_schannel_sign, NULL,    NULL, NULL, "Force RPC pipe connections to be signed (not sealed) with 'schannel'.  Assumes valid machine account to this domain controller.", "" },
        { "timeout", RPC_RTYPE_NTSTATUS, cmd_timeout, NULL,       NULL, NULL, "Set timeout (in milliseconds) for RPC operations", "" },