r16945: Sync trunk -> 3.0 for 3.0.24 code. Still need

[vlendec/samba-autobuild/.git] / source3 / utils / net_rpc.c

diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index 0cedbd78abc9f0bfb253db9d2672227cdc1d6866..f2cd4adb176fcc86f591dd1901e4f97ff17212c2 100644 (file)
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -389,6 +389,18 @@ static int rpc_join_usage(int argc, const char **argv)
 
 int net_rpc_join(int argc, const char **argv) 
 {
+       if (lp_server_role() == ROLE_STANDALONE) {
+               d_printf("cannot join as standalone machine\n");
+               return -1;
+       }
+
+       if (strlen(global_myname()) > 15) {
+               d_printf("Our netbios name can be at most 15 chars long, "
+                        "\"%s\" is %u chars long\n",
+                        global_myname(), (unsigned int)strlen(global_myname()));
+               return -1;
+       }
+
        if ((net_rpc_perform_oldjoin(argc, argv) == 0))
                return 0;
        
@@ -430,6 +442,7 @@ NTSTATUS rpc_info_internals(const DOM_SID *domain_sid,
        result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
                                  &connect_pol);
        if (!NT_STATUS_IS_OK(result)) {
+               d_fprintf(stderr, "Could not connect to SAM: %s\n", nt_errstr(result));
                goto done;
        }
        
@@ -438,6 +451,7 @@ NTSTATUS rpc_info_internals(const DOM_SID *domain_sid,
                                      MAXIMUM_ALLOWED_ACCESS,
                                      domain_sid, &domain_pol);
        if (!NT_STATUS_IS_OK(result)) {
+               d_fprintf(stderr, "Could not open domain: %s\n", nt_errstr(result));
                goto done;
        }
 
@@ -468,7 +482,7 @@ NTSTATUS rpc_info_internals(const DOM_SID *domain_sid,
 
 int net_rpc_info(int argc, const char **argv) 
 {
-       return run_rpc_command(NULL, PI_SAMR, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, 
+       return run_rpc_command(NULL, PI_SAMR, NET_FLAGS_PDC, 
                               rpc_info_internals,
                               argc, argv);
 }
@@ -569,7 +583,7 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid,
        uint32 acb_info;
        uint32 unknown, user_rid;
 
-       if (argc != 1) {
+       if (argc < 1) {
                d_printf("User must be specified\n");
                rpc_user_usage(argc, argv);
                return NT_STATUS_OK;
@@ -606,6 +620,60 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid,
                goto done;
        }
 
+       if (argc == 2) {
+
+               uint32 *user_rids, num_rids, *name_types;
+               uint32 flags = 0x000003e8; /* Unknown */
+               SAM_USERINFO_CTR ctr;
+               SAM_USER_INFO_24 p24;
+               uchar pwbuf[516];
+
+               result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol,
+                                                 flags, 1, &acct_name,
+                                                 &num_rids, &user_rids,
+                                                 &name_types);
+
+               if (!NT_STATUS_IS_OK(result)) {
+                       goto done;
+               }
+
+               result = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol,
+                                              MAXIMUM_ALLOWED_ACCESS,
+                                              user_rids[0], &user_pol);
+
+               if (!NT_STATUS_IS_OK(result)) {
+                       goto done;
+               }
+
+               /* Set password on account */
+
+               ZERO_STRUCT(ctr);
+               ZERO_STRUCT(p24);
+
+               encode_pw_buffer(pwbuf, argv[1], STR_UNICODE);
+
+               init_sam_user_info24(&p24, (char *)pwbuf,24);
+
+               ctr.switch_value = 24;
+               ctr.info.id24 = &p24;
+
+               result = rpccli_samr_set_userinfo(pipe_hnd, mem_ctx, &user_pol, 24, 
+                                              &cli->user_session_key, &ctr);
+
+               if (!NT_STATUS_IS_OK(result)) {
+                       d_fprintf(stderr, "Failed to set password for user %s - %s\n", 
+                                acct_name, nt_errstr(result));
+
+                       result = rpccli_samr_delete_dom_user(pipe_hnd, mem_ctx, &user_pol);
+
+                       if (!NT_STATUS_IS_OK(result)) {
+                               d_fprintf(stderr, "Failed to delete user %s - %s\n", 
+                                        acct_name, nt_errstr(result));
+                                return result;
+                       }
+               }
+
+       }
  done:
        if (!NT_STATUS_IS_OK(result)) {
                d_fprintf(stderr, "Failed to add user %s - %s\n", acct_name, 
@@ -790,7 +858,10 @@ static NTSTATUS rpc_user_rename_internals(const DOM_SID *domain_sid,
                goto done;
        }
 
-       names = TALLOC_ARRAY(mem_ctx, const char *, num_names);
+       if ((names = TALLOC_ARRAY(mem_ctx, const char *, num_names)) == NULL) {
+               result = NT_STATUS_NO_MEMORY;
+               goto done;
+       }
        names[0] = old_name;
        result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol,
                                       flags, num_names, names,
@@ -1073,7 +1144,10 @@ static NTSTATUS rpc_user_info_internals(const DOM_SID *domain_sid,
        /* Look up rids */
 
        if (num_rids) {
-               rids = TALLOC_ARRAY(mem_ctx, uint32, num_rids);
+               if ((rids = TALLOC_ARRAY(mem_ctx, uint32, num_rids)) == NULL) {
+                       result = NT_STATUS_NO_MEMORY;
+                       goto done;
+               }
 
                for (i = 0; i < num_rids; i++)
                        rids[i] = user_gids[i].g_rid;
@@ -1368,7 +1442,7 @@ do { if (strequal(ctx->thiscmd, name)) { \
 
 #define SETSTR(name, rec, flag) \
 do { if (strequal(ctx->thiscmd, name)) { \
-       init_unistr2(&usr->uni_##rec, argv[0], STR_TERMINATE); \
+       init_unistr2(&usr->uni_##rec, argv[0], UNI_STR_TERMINATE); \
        init_uni_hdr(&usr->hdr_##rec, &usr->uni_##rec); \
        usr->fields_present |= ACCT_##flag; } \
 } while (0);
@@ -1592,7 +1666,7 @@ struct rpc_sh_cmd *net_rpc_user_cmds(TALLOC_CTX *mem_ctx,
        };
 
        return cmds;
-};
+}
 
 /****************************************************************************/
 
@@ -1937,7 +2011,7 @@ static NTSTATUS get_sid_from_name(struct cli_state *cli,
                                enum SID_NAME_USE *type)
 {
        DOM_SID *sids = NULL;
-       uint32 *types = NULL;
+       enum SID_NAME_USE *types = NULL;
        struct rpc_pipe_client *pipe_hnd;
        POLICY_HND lsa_pol;
        NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
@@ -2643,7 +2717,7 @@ static NTSTATUS rpc_list_alias_members(struct rpc_pipe_client *pipe_hnd,
        DOM_SID *alias_sids;
        char **domains;
        char **names;
-       uint32 *types;
+       enum SID_NAME_USE *types;
        int i;
 
        result = rpccli_samr_open_alias(pipe_hnd, mem_ctx, domain_pol,
@@ -2940,13 +3014,17 @@ static NTSTATUS rpc_share_add_internals(const DOM_SID *domain_sid,
                                        const char **argv)
 {
        WERROR result;
-       char *sharename=talloc_strdup(mem_ctx, argv[0]);
+       char *sharename;
        char *path;
        uint32 type = STYPE_DISKTREE; /* only allow disk shares to be added */
        uint32 num_users=0, perms=0;
        char *password=NULL; /* don't allow a share password */
        uint32 level = 2;
 
+       if ((sharename = talloc_strdup(mem_ctx, argv[0])) == NULL) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
        path = strchr(sharename, '=');
        if (!path)
                return NT_STATUS_UNSUCCESSFUL;
@@ -3084,6 +3162,10 @@ static WERROR get_share_info(struct rpc_pipe_client *pipe_hnd,
                SRV_SHARE_INFO_1 *info1;
                
                ctr->share.info1 = TALLOC_ARRAY(mem_ctx, SRV_SHARE_INFO_1, 1);
+               if (ctr->share.info1 == NULL) {
+                       result = WERR_NOMEM;
+                       goto done;
+               }
                info1 = ctr->share.info1;
                                
                memset(ctr->share.info1, 0, sizeof(SRV_SHARE_INFO_1));
@@ -3108,6 +3190,10 @@ static WERROR get_share_info(struct rpc_pipe_client *pipe_hnd,
                SRV_SHARE_INFO_2 *info2;
                
                ctr->share.info2 = TALLOC_ARRAY(mem_ctx, SRV_SHARE_INFO_2, 1);
+               if (ctr->share.info2 == NULL) {
+                       result = WERR_NOMEM;
+                       goto done;
+               }
                info2 = ctr->share.info2;
                                
                memset(ctr->share.info2, 0, sizeof(SRV_SHARE_INFO_2));
@@ -3140,6 +3226,10 @@ static WERROR get_share_info(struct rpc_pipe_client *pipe_hnd,
                SRV_SHARE_INFO_502 *info502;
 
                ctr->share.info502 = TALLOC_ARRAY(mem_ctx, SRV_SHARE_INFO_502, 1);
+               if (ctr->share.info502 == NULL) {
+                       result = WERR_NOMEM;
+                       goto done;
+               }
                info502 = ctr->share.info502;
 
                memset(ctr->share.info502, 0, sizeof(SRV_SHARE_INFO_502));
@@ -3985,7 +4075,7 @@ static NTSTATUS rpc_aliaslist_dump(const DOM_SID *domain_sid,
        for (i=0; i<num_server_aliases; i++) {
                char **names;
                char **domains;
-               uint32 *types;
+               enum SID_NAME_USE *types;
                int j;
 
                struct full_alias *alias = &server_aliases[i];
@@ -4094,6 +4184,9 @@ static void add_sid_to_token(NT_USER_TOKEN *token, DOM_SID *sid)
                return;
 
        token->user_sids = SMB_REALLOC_ARRAY(token->user_sids, DOM_SID, token->num_sids+1);
+       if (!token->user_sids) {
+               return;
+       }
 
        sid_copy(&token->user_sids[token->num_sids], sid);
 
@@ -4207,7 +4300,7 @@ static BOOL get_user_sids(const char *domain, const char *user, NT_USER_TOKEN *t
        }
 
        for (i = 0; i < response.data.num_entries; i++) {
-               gid_t gid = ((gid_t *)response.extra_data)[i];
+               gid_t gid = ((gid_t *)response.extra_data.data)[i];
                DOM_SID sid;
 
                struct winbindd_request sidrequest;
@@ -4233,7 +4326,7 @@ static BOOL get_user_sids(const char *domain, const char *user, NT_USER_TOKEN *t
                add_sid_to_token(token, &sid);
        }
 
-       SAFE_FREE(response.extra_data);
+       SAFE_FREE(response.extra_data.data);
 
        return True;
 }
@@ -4269,10 +4362,10 @@ static BOOL get_user_tokens(int *num_tokens, struct user_token **user_tokens)
 
        /* Look through extra data */
 
-       if (!response.extra_data)
+       if (!response.extra_data.data)
                return False;
 
-       extra_data = (const char *)response.extra_data;
+       extra_data = (const char *)response.extra_data.data;
        *num_tokens = 0;
 
        while(next_token(&extra_data, name, ",", sizeof(fstring))) {
@@ -4286,7 +4379,7 @@ static BOOL get_user_tokens(int *num_tokens, struct user_token **user_tokens)
                return False;
        }
 
-       extra_data = (const char *)response.extra_data;
+       extra_data = (const char *)response.extra_data.data;
        i=0;
 
        while(next_token(&extra_data, name, ",", sizeof(fstring))) {
@@ -4314,7 +4407,7 @@ static BOOL get_user_tokens(int *num_tokens, struct user_token **user_tokens)
                i+=1;
        }
        
-       SAFE_FREE(response.extra_data);
+       SAFE_FREE(response.extra_data.data);
 
        *user_tokens = result;
 
@@ -4477,6 +4570,10 @@ static void collect_share(const char *name, uint32 m,
 
        share_list->num_shares += 1;
        share_list->shares = SMB_REALLOC_ARRAY(share_list->shares, char *, share_list->num_shares);
+       if (!share_list->shares) {
+               share_list->num_shares = 0;
+               return;
+       }
        share_list->shares[share_list->num_shares-1] = SMB_STRDUP(name);
 }
 
@@ -4772,7 +4869,7 @@ struct rpc_sh_cmd *net_rpc_share_cmds(TALLOC_CTX *mem_ctx,
        };
 
        return cmds;
-};
+}
 
 /****************************************************************************/
 
@@ -4837,12 +4934,12 @@ static int rpc_file_close(int argc, const char **argv)
  * @param str3   strings for FILE_INFO_3
  **/
 
-static void display_file_info_3(FILE_INFO_3 *info3, FILE_INFO_3_STR *str3)
+static void display_file_info_3( FILE_INFO_3 *info3 )
 {
        fstring user = "", path = "";
 
-       rpcstr_pull_unistr2_fstring(user, &str3->uni_user_name);
-       rpcstr_pull_unistr2_fstring(path, &str3->uni_path_name);
+       rpcstr_pull_unistr2_fstring(user, info3->user);
+       rpcstr_pull_unistr2_fstring(path, info3->path);
 
        d_printf("%-7.1d %-20.20s 0x%-4.2x %-6.1d %s\n",
                 info3->id, user, info3->perms, info3->num_locks, path);
@@ -4897,8 +4994,7 @@ static NTSTATUS rpc_file_list_internals(const DOM_SID *domain_sid,
                 "\nFileId  Opened by            Perms  Locks  Path"\
                 "\n------  ---------            -----  -----  ---- \n");
        for (i = 0; i < ctr.num_entries; i++)
-               display_file_info_3(&ctr.file.info3[i].info_3, 
-                                   &ctr.file.info3[i].info_3_str);
+               display_file_info_3(&ctr.file.info3[i]);
  done:
        return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
 }
@@ -5386,7 +5482,9 @@ static NTSTATUS rpc_trustdom_del_internals(const DOM_SID *domain_sid,
 
        strupper_m(acct_name);
 
-       names = TALLOC_ARRAY(mem_ctx, const char *, 1);
+       if ((names = TALLOC_ARRAY(mem_ctx, const char *, 1)) == NULL) {
+               return NT_STATUS_NO_MEMORY;
+       }
        names[0] = acct_name;
 
 
@@ -5544,7 +5642,7 @@ static int rpc_trustdom_establish(int argc, const char **argv)
 
        /* store who we connected to */
 
-       saf_store( domain_name, cli->desthost );
+       saf_store( domain_name, pdc_name );
        
        /*
         * Connect to \\server\ipc$ again (this time anonymously)
@@ -6170,32 +6268,32 @@ static int rpc_trustdom(int argc, const char **argv)
  */
 BOOL net_rpc_check(unsigned flags)
 {
-       struct cli_state cli;
+       struct cli_state *cli;
        BOOL ret = False;
        struct in_addr server_ip;
        char *server_name = NULL;
 
        /* flags (i.e. server type) may depend on command */
-       if (!net_find_server(flags, &server_ip, &server_name))
+       if (!net_find_server(NULL, flags, &server_ip, &server_name))
                return False;
 
-       ZERO_STRUCT(cli);
-       if (cli_initialise(&cli) == False)
+       if ((cli = cli_initialise()) == NULL) {
                return False;
+       }
 
-       if (!cli_connect(&cli, server_name, &server_ip))
+       if (!cli_connect(cli, server_name, &server_ip))
                goto done;
        if (!attempt_netbios_session_request(&cli, global_myname(), 
                                             server_name, &server_ip))
                goto done;
-       if (!cli_negprot(&cli))
+       if (!cli_negprot(cli))
                goto done;
-       if (cli.protocol < PROTOCOL_NT1)
+       if (cli->protocol < PROTOCOL_NT1)
                goto done;
 
        ret = True;
  done:
-       cli_shutdown(&cli);
+       cli_shutdown(cli);
        return ret;
 }
 
@@ -6589,6 +6687,8 @@ int net_rpc_usage(int argc, const char **argv)
        d_printf("  net rpc rights\t\tto manage privileges assigned to SIDs\n");
        d_printf("  net rpc registry\t\tto manage registry hives\n");
        d_printf("  net rpc service\t\tto start, stop and query services\n");
+       d_printf("  net rpc audit\t\t\tto modify global auditing settings\n");
+       d_printf("  net rpc shell\t\t\tto open an interactive shell for remote server/account management\n");
        d_printf("\n");
        d_printf("'net rpc shutdown' also accepts the following miscellaneous options:\n"); /* misc options */
        d_printf("\t-r or --reboot\trequest remote server reboot on shutdown\n");
@@ -6640,6 +6740,7 @@ int net_rpc_help(int argc, const char **argv)
 int net_rpc(int argc, const char **argv)
 {
        struct functable func[] = {
+               {"audit", net_rpc_audit},
                {"info", net_rpc_info},
                {"join", net_rpc_join},
                {"oldjoin", net_rpc_oldjoin},