2 Unix SMB/CIFS implementation.
5 Copyright (C) Tim Potter 2000-2001
6 Copyright (C) Martin Pool 2003
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "rpcclient.h"
29 /* List to hold groups of commands.
31 * Commands are defined in a list of arrays: arrays are easy to
32 * statically declare, and lists are easier to dynamically extend.
35 static struct cmd_list {
36 struct cmd_list *prev, *next;
37 struct cmd_set *cmd_set;
40 /****************************************************************************
41 handle completion of commands for readline
42 ****************************************************************************/
43 static char **completion_fn(char *text, int start, int end)
45 #define MAX_COMPLETIONS 100
48 struct cmd_list *commands = cmd_list;
51 /* FIXME!!! -- what to do when completing argument? */
52 /* for words not at the start of the line fallback
53 to filename completion */
58 /* make sure we have a list of valid commands */
62 matches = (char **)malloc(sizeof(matches[0])*MAX_COMPLETIONS);
63 if (!matches) return NULL;
65 matches[count++] = strdup(text);
66 if (!matches[0]) return NULL;
68 while (commands && count < MAX_COMPLETIONS-1)
70 if (!commands->cmd_set)
73 for (i=0; commands->cmd_set[i].name; i++)
75 if ((strncmp(text, commands->cmd_set[i].name, strlen(text)) == 0) &&
76 (( commands->cmd_set[i].returntype == RPC_RTYPE_NTSTATUS &&
77 commands->cmd_set[i].ntfn ) ||
78 ( commands->cmd_set[i].returntype == RPC_RTYPE_WERROR &&
79 commands->cmd_set[i].wfn)))
81 matches[count] = strdup(commands->cmd_set[i].name);
88 commands = commands->next;
93 SAFE_FREE(matches[0]);
94 matches[0] = strdup(matches[1]);
96 matches[count] = NULL;
100 static char* next_command (char** cmdstr)
102 static pstring command;
105 if (!cmdstr || !(*cmdstr))
108 p = strchr_m(*cmdstr, ';');
111 pstrcpy(command, *cmdstr);
120 /* Fetch the SID for this computer */
122 static void fetch_machine_sid(struct cli_state *cli)
125 NTSTATUS result = NT_STATUS_OK;
126 uint32 info_class = 5;
128 static BOOL got_domain_sid;
131 if (got_domain_sid) return;
133 if (!(mem_ctx=talloc_init("fetch_machine_sid")))
135 DEBUG(0,("fetch_machine_sid: talloc_init returned NULL!\n"));
140 if (!cli_nt_session_open (cli, PI_LSARPC)) {
141 fprintf(stderr, "could not initialise lsa pipe\n");
145 result = cli_lsa_open_policy(cli, mem_ctx, True,
146 SEC_RIGHTS_MAXIMUM_ALLOWED,
148 if (!NT_STATUS_IS_OK(result)) {
152 result = cli_lsa_query_info_policy(cli, mem_ctx, &pol, info_class,
153 domain_name, &domain_sid);
154 if (!NT_STATUS_IS_OK(result)) {
158 got_domain_sid = True;
160 cli_lsa_close(cli, mem_ctx, &pol);
161 cli_nt_session_close(cli);
162 talloc_destroy(mem_ctx);
167 fprintf(stderr, "could not obtain sid for domain %s\n", cli->domain);
169 if (!NT_STATUS_IS_OK(result)) {
170 fprintf(stderr, "error: %s\n", nt_errstr(result));
176 /* List the available commands on a given pipe */
178 static NTSTATUS cmd_listcommands(struct cli_state *cli, TALLOC_CTX *mem_ctx,
179 int argc, const char **argv)
181 struct cmd_list *tmp;
182 struct cmd_set *tmp_set;
188 printf("Usage: %s <pipe>\n", argv[0]);
192 /* Help on one command */
194 for (tmp = cmd_list; tmp; tmp = tmp->next)
196 tmp_set = tmp->cmd_set;
198 if (!StrCaseCmp(argv[1], tmp_set->name))
200 printf("Available commands on the %s pipe:\n\n", tmp_set->name);
204 while(tmp_set->name) {
205 printf("%20s", tmp_set->name);
212 /* drop out of the loop */
221 /* Display help on commands */
223 static NTSTATUS cmd_help(struct cli_state *cli, TALLOC_CTX *mem_ctx,
224 int argc, const char **argv)
226 struct cmd_list *tmp;
227 struct cmd_set *tmp_set;
232 printf("Usage: %s [command]\n", argv[0]);
236 /* Help on one command */
239 for (tmp = cmd_list; tmp; tmp = tmp->next) {
241 tmp_set = tmp->cmd_set;
243 while(tmp_set->name) {
244 if (strequal(argv[1], tmp_set->name)) {
245 if (tmp_set->usage &&
247 printf("%s\n", tmp_set->usage);
249 printf("No help for %s\n", tmp_set->name);
258 printf("No such command: %s\n", argv[1]);
262 /* List all commands */
264 for (tmp = cmd_list; tmp; tmp = tmp->next) {
266 tmp_set = tmp->cmd_set;
268 while(tmp_set->name) {
270 printf("%15s\t\t%s\n", tmp_set->name,
271 tmp_set->description ? tmp_set->description:
281 /* Change the debug level */
283 static NTSTATUS cmd_debuglevel(struct cli_state *cli, TALLOC_CTX *mem_ctx,
284 int argc, const char **argv)
287 printf("Usage: %s [debuglevel]\n", argv[0]);
292 DEBUGLEVEL = atoi(argv[1]);
295 printf("debuglevel is %d\n", DEBUGLEVEL);
300 static NTSTATUS cmd_quit(struct cli_state *cli, TALLOC_CTX *mem_ctx,
301 int argc, const char **argv)
304 return NT_STATUS_OK; /* NOTREACHED */
307 static NTSTATUS cmd_sign(struct cli_state *cli, TALLOC_CTX *mem_ctx,
308 int argc, const char **argv)
310 if (cli->pipe_auth_flags == (AUTH_PIPE_NTLMSSP|AUTH_PIPE_SIGN)) {
313 /* still have session, just need to use it again */
314 cli->pipe_auth_flags = AUTH_PIPE_NTLMSSP;
315 cli->pipe_auth_flags |= AUTH_PIPE_SIGN;
316 if (cli->nt_pipe_fnum != 0)
317 cli_nt_session_close(cli);
323 static NTSTATUS cmd_seal(struct cli_state *cli, TALLOC_CTX *mem_ctx,
324 int argc, const char **argv)
326 if (cli->pipe_auth_flags == (AUTH_PIPE_NTLMSSP|AUTH_PIPE_SIGN|AUTH_PIPE_SEAL)) {
329 /* still have session, just need to use it again */
330 cli->pipe_auth_flags = AUTH_PIPE_NTLMSSP;
331 cli->pipe_auth_flags |= AUTH_PIPE_SIGN;
332 cli->pipe_auth_flags |= AUTH_PIPE_SEAL;
333 if (cli->nt_pipe_fnum != 0)
334 cli_nt_session_close(cli);
339 static NTSTATUS cmd_none(struct cli_state *cli, TALLOC_CTX *mem_ctx,
340 int argc, const char **argv)
342 if (cli->pipe_auth_flags == 0) {
345 /* still have session, just need to use it again */
346 cli->pipe_auth_flags = 0;
347 if (cli->nt_pipe_fnum != 0)
348 cli_nt_session_close(cli);
350 cli->pipe_auth_flags = 0;
355 static NTSTATUS cmd_schannel(struct cli_state *cli, TALLOC_CTX *mem_ctx,
356 int argc, const char **argv)
359 uchar trust_password[16];
360 uint32 sec_channel_type;
361 static uchar zeros[16];
364 strhex_to_str(cli->auth_info.sess_key,
367 memcpy(cli->sess_key, cli->auth_info.sess_key, sizeof(cli->sess_key));
369 cli->pipe_auth_flags = AUTH_PIPE_NETSEC;
370 cli->pipe_auth_flags |= AUTH_PIPE_SIGN;
371 cli->pipe_auth_flags |= AUTH_PIPE_SEAL;
378 if ((memcmp(cli->auth_info.sess_key, zeros, sizeof(cli->auth_info.sess_key)) != 0)) {
379 if (cli->pipe_auth_flags == (AUTH_PIPE_NETSEC|AUTH_PIPE_SIGN|AUTH_PIPE_SEAL)) {
380 /* already in this mode nothing to do */
383 /* schannel is setup, just need to use it again */
384 cli->pipe_auth_flags = AUTH_PIPE_NETSEC;
385 cli->pipe_auth_flags |= AUTH_PIPE_SIGN;
386 cli->pipe_auth_flags |= AUTH_PIPE_SEAL;
387 if (cli->nt_pipe_fnum != 0)
388 cli_nt_session_close(cli);
393 if (cli->nt_pipe_fnum != 0)
394 cli_nt_session_close(cli);
396 cli->pipe_auth_flags = AUTH_PIPE_NETSEC;
397 cli->pipe_auth_flags |= AUTH_PIPE_SIGN;
398 cli->pipe_auth_flags |= AUTH_PIPE_SEAL;
400 if (!secrets_fetch_trust_account_password(lp_workgroup(),
402 NULL, &sec_channel_type)) {
403 return NT_STATUS_UNSUCCESSFUL;
406 ret = cli_nt_setup_netsec(cli, sec_channel_type, trust_password);
407 if (NT_STATUS_IS_OK(ret)) {
408 char *hex_session_key;
409 hex_encode(cli->auth_info.sess_key,
410 sizeof(cli->auth_info.sess_key),
412 printf("Got Session key: %s\n", hex_session_key);
413 SAFE_FREE(hex_session_key);
418 /* Built in rpcclient commands */
420 static struct cmd_set rpcclient_commands[] = {
422 { "GENERAL OPTIONS" },
424 { "help", RPC_RTYPE_NTSTATUS, cmd_help, NULL, -1, "Get help on commands", "[command]" },
425 { "?", RPC_RTYPE_NTSTATUS, cmd_help, NULL, -1, "Get help on commands", "[command]" },
426 { "debuglevel", RPC_RTYPE_NTSTATUS, cmd_debuglevel, NULL, -1, "Set debug level", "level" },
427 { "list", RPC_RTYPE_NTSTATUS, cmd_listcommands, NULL, -1, "List available commands on <pipe>", "pipe" },
428 { "exit", RPC_RTYPE_NTSTATUS, cmd_quit, NULL, -1, "Exit program", "" },
429 { "quit", RPC_RTYPE_NTSTATUS, cmd_quit, NULL, -1, "Exit program", "" },
430 { "sign", RPC_RTYPE_NTSTATUS, cmd_sign, NULL, -1, "Force RPC pipe connections to be signed", "" },
431 { "seal", RPC_RTYPE_NTSTATUS, cmd_seal, NULL, -1, "Force RPC pipe connections to be sealed", "" },
432 { "schannel", RPC_RTYPE_NTSTATUS, cmd_schannel, NULL, -1, "Force RPC pipe connections to be sealed with 'schannel' (NETSEC). Assumes valid machine account to this domain controller.", "" },
433 { "none", RPC_RTYPE_NTSTATUS, cmd_none, NULL, -1, "Force RPC pipe connections to have no special properties", "" },
438 static struct cmd_set separator_command[] = {
439 { "---------------", MAX_RPC_RETURN_TYPE, NULL, NULL, -1, "----------------------" },
444 /* Various pipe commands */
446 extern struct cmd_set lsarpc_commands[];
447 extern struct cmd_set samr_commands[];
448 extern struct cmd_set spoolss_commands[];
449 extern struct cmd_set netlogon_commands[];
450 extern struct cmd_set srvsvc_commands[];
451 extern struct cmd_set dfs_commands[];
452 extern struct cmd_set reg_commands[];
453 extern struct cmd_set ds_commands[];
454 extern struct cmd_set echo_commands[];
456 static struct cmd_set *rpcclient_command_list[] = {
470 static void add_command_set(struct cmd_set *cmd_set)
472 struct cmd_list *entry;
474 if (!(entry = (struct cmd_list *)malloc(sizeof(struct cmd_list)))) {
475 DEBUG(0, ("out of memory\n"));
481 entry->cmd_set = cmd_set;
482 DLIST_ADD(cmd_list, entry);
487 * Call an rpcclient function, passing an argv array.
489 * @param cmd Command to run, as a single string.
491 static NTSTATUS do_cmd(struct cli_state *cli,
492 struct cmd_set *cmd_entry,
493 int argc, char **argv)
497 uchar trust_password[16];
503 if (!(mem_ctx = talloc_init("do_cmd"))) {
504 DEBUG(0, ("talloc_init() failed\n"));
505 return NT_STATUS_NO_MEMORY;
510 if (cmd_entry->pipe_idx != -1
511 && cmd_entry->pipe_idx != cli->pipe_idx) {
512 if (cli->nt_pipe_fnum != 0)
513 cli_nt_session_close(cli);
515 if (!cli_nt_session_open(cli, cmd_entry->pipe_idx)) {
516 DEBUG(0, ("Could not initialise %s\n",
517 get_pipe_name_from_index(cmd_entry->pipe_idx)));
518 return NT_STATUS_UNSUCCESSFUL;
522 /* some of the DsXXX commands use the netlogon pipe */
524 if (lp_client_schannel() && (cmd_entry->pipe_idx == PI_NETLOGON) && !(cli->pipe_auth_flags & AUTH_PIPE_NETSEC)) {
525 uint32 neg_flags = 0x000001ff;
526 uint32 sec_channel_type;
528 if (!secrets_fetch_trust_account_password(lp_workgroup(),
530 NULL, &sec_channel_type)) {
531 return NT_STATUS_UNSUCCESSFUL;
534 ntresult = cli_nt_setup_creds(cli, sec_channel_type,
537 if (!NT_STATUS_IS_OK(ntresult)) {
538 ZERO_STRUCT(cli->auth_info.sess_key);
539 printf("nt_setup_creds failed with %s\n", nt_errstr(ntresult));
547 if ( cmd_entry->returntype == RPC_RTYPE_NTSTATUS ) {
548 ntresult = cmd_entry->ntfn(cli, mem_ctx, argc, (const char **) argv);
549 if (!NT_STATUS_IS_OK(ntresult)) {
550 printf("result was %s\n", nt_errstr(ntresult));
553 wresult = cmd_entry->wfn( cli, mem_ctx, argc, (const char **) argv);
554 /* print out the DOS error */
555 if (!W_ERROR_IS_OK(wresult)) {
556 printf( "result was %s\n", dos_errstr(wresult));
558 ntresult = W_ERROR_IS_OK(wresult)?NT_STATUS_OK:NT_STATUS_UNSUCCESSFUL;
564 talloc_destroy(mem_ctx);
571 * Process a command entered at the prompt or as part of -c
573 * @returns The NTSTATUS from running the command.
575 static NTSTATUS process_cmd(struct cli_state *cli, char *cmd)
577 struct cmd_list *temp_list;
578 NTSTATUS result = NT_STATUS_OK;
583 if ((ret = poptParseArgvString(cmd, &argc, (const char ***) &argv)) != 0) {
584 fprintf(stderr, "rpcclient: %s\n", poptStrerror(ret));
585 return NT_STATUS_UNSUCCESSFUL;
589 /* Walk through a dlist of arrays of commands. */
590 for (temp_list = cmd_list; temp_list; temp_list = temp_list->next) {
591 struct cmd_set *temp_set = temp_list->cmd_set;
593 while (temp_set->name) {
594 if (strequal(argv[0], temp_set->name)) {
595 if (!(temp_set->returntype == RPC_RTYPE_NTSTATUS && temp_set->ntfn ) &&
596 !(temp_set->returntype == RPC_RTYPE_WERROR && temp_set->wfn )) {
597 fprintf (stderr, "Invalid command\n");
601 result = do_cmd(cli, temp_set, argc, argv);
610 printf("command not found: %s\n", argv[0]);
615 if (!NT_STATUS_IS_OK(result)) {
616 printf("result was %s\n", nt_errstr(result));
621 /* NOTE: popt allocates the whole argv, including the
622 * strings, as a single block. So a single free is
623 * enough to release it -- we don't free the
624 * individual strings. rtfm. */
634 int main(int argc, char *argv[])
636 BOOL interactive = True;
638 static char *cmdstr = NULL;
640 struct cli_state *cli;
641 static char *opt_ipaddr=NULL;
642 struct cmd_set **cmd_set;
643 struct in_addr server_ip;
646 /* make sure the vars that get altered (4th field) are in
647 a fixed location or certain compilers complain */
649 struct poptOption long_options[] = {
651 {"command", 'c', POPT_ARG_STRING, &cmdstr, 'c', "Execute semicolon separated cmds", "COMMANDS"},
652 {"dest-ip", 'I', POPT_ARG_STRING, &opt_ipaddr, 'I', "Specify destination IP address", "IP"},
654 POPT_COMMON_CONNECTION
655 POPT_COMMON_CREDENTIALS
659 ZERO_STRUCT(server_ip);
663 /* the following functions are part of the Samba debugging
664 facilities. See lib/debug.c */
665 setup_logging("rpcclient", interactive);
669 /* Load smb.conf file */
671 if (!lp_load(dyn_CONFIGFILE,True,False,False))
672 fprintf(stderr, "Can't load %s\n", dyn_CONFIGFILE);
676 pc = poptGetContext("rpcclient", argc, (const char **) argv,
680 poptPrintHelp(pc, stderr, 0);
684 while((opt = poptGetNextOpt(pc)) != -1) {
688 if ( (server_ip.s_addr=inet_addr(opt_ipaddr)) == INADDR_NONE ) {
689 fprintf(stderr, "%s not a valid IP address\n",
696 /* Get server as remaining unparsed argument. Print usage if more
697 than one unparsed argument is present. */
699 server = poptGetArg(pc);
701 if (!server || poptGetArg(pc)) {
702 poptPrintHelp(pc, stderr, 0);
715 * from stdin if necessary
718 if (!cmdline_auth_info.got_pass) {
719 char *pass = getpass("Password:");
721 pstrcpy(cmdline_auth_info.password, pass);
725 nt_status = cli_full_connection(&cli, global_myname(), server,
726 opt_ipaddr ? &server_ip : NULL, 0,
728 cmdline_auth_info.username, lp_workgroup(),
729 cmdline_auth_info.password, 0, NULL);
731 if (!NT_STATUS_IS_OK(nt_status)) {
732 DEBUG(0,("Cannot connect to server. Error was %s\n", nt_errstr(nt_status)));
736 memset(cmdline_auth_info.password,'X',sizeof(cmdline_auth_info.password));
738 /* Load command lists */
740 cmd_set = rpcclient_command_list;
743 add_command_set(*cmd_set);
744 add_command_set(separator_command);
748 fetch_machine_sid(cli);
750 /* Do anything specified with -c */
751 if (cmdstr && cmdstr[0]) {
756 while((cmd=next_command(&p)) != NULL) {
757 NTSTATUS cmd_result = process_cmd(cli, cmd);
758 result = NT_STATUS_IS_ERR(cmd_result);
765 /* Loop around accepting commands */
771 slprintf(prompt, sizeof(prompt) - 1, "rpcclient $> ");
773 line = smb_readline(prompt, NULL, completion_fn);
779 process_cmd(cli, line);