-/*
+/*
Unix SMB/CIFS implementation.
ACL get/set utility
-
+
Copyright (C) Andrew Tridgell 2000
Copyright (C) Tim Potter 2000
Copyright (C) Jeremy Allison 2000
Copyright (C) Jelmer Vernooij 2003
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
#include "popt_common.h"
+#include "rpc_client/cli_pipe.h"
#include "../librpc/gen_ndr/ndr_lsa.h"
#include "rpc_client/cli_lsarpc.h"
#include "../libcli/security/security.h"
+#include "libsmb/libsmb.h"
+#include "libsmb/clirap.h"
+#include "passdb/machine_sid.h"
static int test_args;
enum lsa_SidType *type,
char **domain, char **name)
{
- uint16 orig_cnum = cli->cnum;
+ uint16 orig_cnum = cli_state_get_tid(cli);
struct rpc_pipe_client *p = NULL;
struct policy_handle handle;
NTSTATUS status;
fail:
TALLOC_FREE(p);
cli_tdis(cli);
- cli->cnum = orig_cnum;
+ cli_state_set_tid(cli, orig_cnum);
TALLOC_FREE(frame);
return status;
}
enum lsa_SidType *type,
struct dom_sid *sid)
{
- uint16 orig_cnum = cli->cnum;
+ uint16 orig_cnum = cli_state_get_tid(cli);
struct rpc_pipe_client *p;
struct policy_handle handle;
NTSTATUS status;
fail:
TALLOC_FREE(p);
cli_tdis(cli);
- cli->cnum = orig_cnum;
+ cli_state_set_tid(cli, orig_cnum);
TALLOC_FREE(frame);
return status;
}
return false;
}
- if (*p != '|' && *p != '\0') {
+ switch (*p) {
+ case '|':
+ p++;
+ case '\0':
+ continue;
+ default:
return false;
}
}
static uint16 get_fileinfo(struct cli_state *cli, const char *filename)
{
uint16_t fnum = (uint16_t)-1;
- uint16 mode;
+ uint16 mode = 0;
+ NTSTATUS status;
/* The desired access below is the only one I could find that works
with NT4, W2KP and Samba */
- if (!NT_STATUS_IS_OK(cli_ntcreate(cli, filename, 0, CREATE_ACCESS_READ,
- 0, FILE_SHARE_READ|FILE_SHARE_WRITE,
- FILE_OPEN, 0x0, 0x0, &fnum))) {
- printf("Failed to open %s: %s\n", filename, cli_errstr(cli));
+ status = cli_ntcreate(cli, filename, 0, CREATE_ACCESS_READ,
+ 0, FILE_SHARE_READ|FILE_SHARE_WRITE,
+ FILE_OPEN, 0x0, 0x0, &fnum);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("Failed to open %s: %s\n", filename, nt_errstr(status));
+ return 0;
}
- if (!NT_STATUS_IS_OK(cli_qfileinfo_basic(
- cli, fnum, &mode, NULL, NULL, NULL,
- NULL, NULL, NULL))) {
+ status = cli_qfileinfo_basic(cli, fnum, &mode, NULL, NULL, NULL,
+ NULL, NULL, NULL);
+ if (!NT_STATUS_IS_OK(status)) {
printf("Failed to file info %s: %s\n", filename,
- cli_errstr(cli));
+ nt_errstr(status));
}
cli_close(cli, fnum);
{
uint16_t fnum = (uint16_t)-1;
struct security_descriptor *sd;
+ NTSTATUS status;
/* The desired access below is the only one I could find that works
with NT4, W2KP and Samba */
- if (!NT_STATUS_IS_OK(cli_ntcreate(cli, filename, 0, CREATE_ACCESS_READ,
- 0, FILE_SHARE_READ|FILE_SHARE_WRITE,
- FILE_OPEN, 0x0, 0x0, &fnum))) {
- printf("Failed to open %s: %s\n", filename, cli_errstr(cli));
+ status = cli_ntcreate(cli, filename, 0, CREATE_ACCESS_READ,
+ 0, FILE_SHARE_READ|FILE_SHARE_WRITE,
+ FILE_OPEN, 0x0, 0x0, &fnum);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("Failed to open %s: %s\n", filename, nt_errstr(status));
return NULL;
}
- sd = cli_query_secdesc(cli, fnum, talloc_tos());
+ status = cli_query_secdesc(cli, fnum, talloc_tos(), &sd);
cli_close(cli, fnum);
- if (!sd) {
- printf("Failed to get security descriptor\n");
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("Failed to get security descriptor: %s\n",
+ nt_errstr(status));
return NULL;
}
return sd;
{
uint16_t fnum = (uint16_t)-1;
bool result=true;
+ NTSTATUS status;
/* The desired access below is the only one I could find that works
with NT4, W2KP and Samba */
- if (!NT_STATUS_IS_OK(cli_ntcreate(cli, filename, 0,
- WRITE_DAC_ACCESS|WRITE_OWNER_ACCESS,
- 0, FILE_SHARE_READ|FILE_SHARE_WRITE,
- FILE_OPEN, 0x0, 0x0, &fnum))) {
- printf("Failed to open %s: %s\n", filename, cli_errstr(cli));
+ status = cli_ntcreate(cli, filename, 0,
+ WRITE_DAC_ACCESS|WRITE_OWNER_ACCESS,
+ 0, FILE_SHARE_READ|FILE_SHARE_WRITE,
+ FILE_OPEN, 0x0, 0x0, &fnum);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("Failed to open %s: %s\n", filename, nt_errstr(status));
return false;
}
- if (!cli_set_secdesc(cli, fnum, sd)) {
+ status = cli_set_secdesc(cli, fnum, sd);
+ if (!NT_STATUS_IS_OK(status)) {
printf("ERROR: security description set failed: %s\n",
- cli_errstr(cli));
+ nt_errstr(status));
result=false;
}
}
string_replace(parentname, '/', '\\');
parent = get_secdesc(cli,parentname);
+ if (parent == NULL) {
+ return EXIT_FAILED;
+ }
for (i=0;i<parent->dacl->num_aces;i++) {
struct security_ace *ace=&parent->dacl->aces[i];
/* Add inherited flag to all aces */
ace->flags=ace->flags|
SEC_ACE_FLAG_INHERITED_ACE;
- if ((oldattr & aDIR) == aDIR) {
+ if ((oldattr & FILE_ATTRIBUTE_DIRECTORY) == FILE_ATTRIBUTE_DIRECTORY) {
if ((ace->flags & SEC_ACE_FLAG_CONTAINER_INHERIT) ==
SEC_ACE_FLAG_CONTAINER_INHERIT) {
add_ace(&old->dacl, ace);
const char *server, const char *share)
{
struct cli_state *c = NULL;
- struct sockaddr_storage ss;
NTSTATUS nt_status;
uint32_t flags = 0;
- zero_sockaddr(&ss);
-
if (get_cmdline_auth_info_use_kerberos(auth_info)) {
flags |= CLI_FULL_CONNECTION_USE_KERBEROS |
CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS;
set_cmdline_auth_info_getpass(auth_info);
- nt_status = cli_full_connection(&c, global_myname(), server,
- &ss, 0,
+ nt_status = cli_full_connection(&c, lp_netbios_name(), server,
+ NULL, 0,
share, "?????",
get_cmdline_auth_info_username(auth_info),
lp_workgroup(),