s3-net: Check return value of string_to_sid().

[nivanova/samba-autobuild/.git] / source3 / utils / net_rpc.c
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c

index b403c143799c12f8d48162bb7e5265c2252b3496..2ccc92876bc2a43c1102d991d6cf71ad2b401ac0 100644 (file)
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -43,6 +43,7 @@
  #include "libsmb/clirap.h"
  #include "nsswitch/libwbclient/wbclient.h"
  #include "passdb.h"
+#include "../libcli/smb/smbXcli_base.h"
  
  static int net_mode_share;
  static NTSTATUS sync_files(struct copy_clistate *cp_clistate, const char *mask);
@@ -141,7 +142,7 @@ NTSTATUS net_get_remote_domain_sid(struct cli_state *cli, TALLOC_CTX *mem_ctx,
  
  int run_rpc_command(struct net_context *c,
                         struct cli_state *cli_arg,
-                       const struct ndr_syntax_id *interface,
+                       const struct ndr_interface_table *table,
                         int conn_flags,
                         rpc_command_fn fn,
                         int argc,
@@ -186,11 +187,11 @@ int run_rpc_command(struct net_context *c,
  
         if (!(conn_flags & NET_FLAGS_NO_PIPE)) {
                 if (lp_client_schannel()
-                   && (ndr_syntax_id_equal(interface,
+                   && (ndr_syntax_id_equal(&table->syntax_id,
                                             &ndr_table_netlogon.syntax_id))) {
                         /* Always try and create an schannel netlogon pipe. */
                         nt_status = cli_rpc_pipe_open_schannel(
-                               cli, interface, NCACN_NP,
+                               cli, &table->syntax_id, NCACN_NP,
                                 DCERPC_AUTH_LEVEL_PRIVACY, domain_name,
                                 &pipe_hnd);
                         if (!NT_STATUS_IS_OK(nt_status)) {
@@ -200,22 +201,23 @@ int run_rpc_command(struct net_context *c,
                         }
                 } else {
                         if (conn_flags & NET_FLAGS_SEAL) {
-                               nt_status = cli_rpc_pipe_open_ntlmssp(
-                                       cli, interface,
+                               nt_status = cli_rpc_pipe_open_generic_auth(
+                                       cli, table,
                                         (conn_flags & NET_FLAGS_TCP) ?
                                         NCACN_IP_TCP : NCACN_NP,
+                                       DCERPC_AUTH_TYPE_NTLMSSP,
                                         DCERPC_AUTH_LEVEL_PRIVACY,
+                                       smbXcli_conn_remote_name(cli->conn),
                                         lp_workgroup(), c->opt_user_name,
                                         c->opt_password, &pipe_hnd);
                         } else {
                                 nt_status = cli_rpc_pipe_open_noauth(
-                                       cli, interface,
+                                       cli, &table->syntax_id,
                                         &pipe_hnd);
                         }
                         if (!NT_STATUS_IS_OK(nt_status)) {
                                 DEBUG(0, ("Could not initialise pipe %s. Error was %s\n",
-                                         get_pipe_name_from_syntax(
-                                                 talloc_tos(), interface),
+                                         table->name,
                                         nt_errstr(nt_status) ));
                                 goto fail;
                         }
@@ -305,7 +307,7 @@ int net_rpc_changetrustpw(struct net_context *c, int argc, const char **argv)
                 return 0;
         }
  
-       return run_rpc_command(c, NULL, &ndr_table_netlogon.syntax_id,
+       return run_rpc_command(c, NULL, &ndr_table_netlogon,
                                NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC,
                                rpc_changetrustpw_internals,
                                argc, argv);
@@ -351,7 +353,7 @@ static NTSTATUS rpc_oldjoin_internals(struct net_context *c,
         if (!NT_STATUS_IS_OK(result)) {
                 DEBUG(0,("rpc_oldjoin_internals: netlogon pipe open to machine %s failed. "
                         "error was %s\n",
-                       cli_state_remote_name(cli),
+                       smbXcli_conn_remote_name(cli->conn),
                         nt_errstr(result) ));
                 return result;
         }
@@ -407,7 +409,7 @@ static NTSTATUS rpc_oldjoin_internals(struct net_context *c,
  
  static int net_rpc_perform_oldjoin(struct net_context *c, int argc, const char **argv)
  {
-       return run_rpc_command(c, NULL, &ndr_table_netlogon.syntax_id,
+       return run_rpc_command(c, NULL, &ndr_table_netlogon,
                                NET_FLAGS_NO_PIPE | NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC,
                                rpc_oldjoin_internals,
                                argc, argv);
@@ -607,7 +609,7 @@ int net_rpc_info(struct net_context *c, int argc, const char **argv)
                 return 0;
         }
  
-       return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id,
+       return run_rpc_command(c, NULL, &ndr_table_samr,
                                NET_FLAGS_PDC, rpc_info_internals,
                                argc, argv);
  }
@@ -675,7 +677,7 @@ int net_rpc_getsid(struct net_context *c, int argc, const char **argv)
                 return 0;
         }
  
-       return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id,
+       return run_rpc_command(c, NULL, &ndr_table_samr,
                                conn_flags,
                                rpc_getsid_internals,
                                argc, argv);
@@ -884,13 +886,20 @@ static int rpc_user_password(struct net_context *c, int argc, const char **argv)
         if (argv[1]) {
                 u1003.usri1003_password = argv[1];
         } else {
+               char pwd[256] = {0};
                 ret = asprintf(&prompt, _("Enter new password for %s:"),
                                argv[0]);
                 if (ret == -1) {
                         return -1;
                 }
-               u1003.usri1003_password = talloc_strdup(c, getpass(prompt));
+
+               ret = samba_getpass(prompt, pwd, sizeof(pwd), false, false);
                 SAFE_FREE(prompt);
+               if (ret < 0) {
+                       return -1;
+               }
+
+               u1003.usri1003_password = talloc_strdup(c, pwd);
                 if (u1003.usri1003_password == NULL) {
                         return -1;
                 }
@@ -1486,34 +1495,34 @@ struct rpc_sh_cmd *net_rpc_user_edit_cmds(struct net_context *c,
  {
         static struct rpc_sh_cmd cmds[] = {
  
-               { "fullname", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_str_edit,
+               { "fullname", NULL, &ndr_table_samr, rpc_sh_user_str_edit,
                   N_("Show/Set a user's full name") },
  
-               { "homedir", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_str_edit,
+               { "homedir", NULL, &ndr_table_samr, rpc_sh_user_str_edit,
                   N_("Show/Set a user's home directory") },
  
-               { "homedrive", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_str_edit,
+               { "homedrive", NULL, &ndr_table_samr, rpc_sh_user_str_edit,
                   N_("Show/Set a user's home drive") },
  
-               { "logonscript", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_str_edit,
+               { "logonscript", NULL, &ndr_table_samr, rpc_sh_user_str_edit,
                   N_("Show/Set a user's logon script") },
  
-               { "profilepath", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_str_edit,
+               { "profilepath", NULL, &ndr_table_samr, rpc_sh_user_str_edit,
                   N_("Show/Set a user's profile path") },
  
-               { "description", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_str_edit,
+               { "description", NULL, &ndr_table_samr, rpc_sh_user_str_edit,
                   N_("Show/Set a user's description") },
  
-               { "disabled", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_flag_edit,
+               { "disabled", NULL, &ndr_table_samr, rpc_sh_user_flag_edit,
                   N_("Show/Set whether a user is disabled") },
  
-               { "autolock", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_flag_edit,
+               { "autolock", NULL, &ndr_table_samr, rpc_sh_user_flag_edit,
                   N_("Show/Set whether a user locked out") },
  
-               { "pwnotreq", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_flag_edit,
+               { "pwnotreq", NULL, &ndr_table_samr, rpc_sh_user_flag_edit,
                   N_("Show/Set whether a user does not need a password") },
  
-               { "pwnoexp", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_flag_edit,
+               { "pwnoexp", NULL, &ndr_table_samr, rpc_sh_user_flag_edit,
                   N_("Show/Set whether a user's password does not expire") },
  
                 { NULL, NULL, 0, NULL, NULL }
@@ -1528,13 +1537,13 @@ struct rpc_sh_cmd *net_rpc_user_cmds(struct net_context *c,
  {
         static struct rpc_sh_cmd cmds[] = {
  
-               { "list", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_list,
+               { "list", NULL, &ndr_table_samr, rpc_sh_user_list,
                   N_("List available users") },
  
-               { "info", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_info,
+               { "info", NULL, &ndr_table_samr, rpc_sh_user_info,
                   N_("List the domain groups a user is member of") },
  
-               { "show", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_show,
+               { "show", NULL, &ndr_table_samr, rpc_sh_user_show,
                   N_("Show info about a user") },
  
                 { "edit", net_rpc_user_edit_cmds, 0, NULL,
@@ -1856,7 +1865,7 @@ static NTSTATUS rpc_group_delete_internals(struct net_context *c,
  
  static int rpc_group_delete(struct net_context *c, int argc, const char **argv)
  {
-       return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_samr, 0,
                                rpc_group_delete_internals, argc,argv);
  }
  
@@ -2242,7 +2251,7 @@ static NTSTATUS rpc_group_addmem_internals(struct net_context *c,
  
  static int rpc_group_addmem(struct net_context *c, int argc, const char **argv)
  {
-       return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_samr, 0,
                                rpc_group_addmem_internals,
                                argc, argv);
  }
@@ -2495,7 +2504,7 @@ static NTSTATUS rpc_group_delmem_internals(struct net_context *c,
  
  static int rpc_group_delmem(struct net_context *c, int argc, const char **argv)
  {
-       return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_samr, 0,
                                rpc_group_delmem_internals,
                                argc, argv);
  }
@@ -2794,7 +2803,7 @@ static NTSTATUS rpc_group_list_internals(struct net_context *c,
  
  static int rpc_group_list(struct net_context *c, int argc, const char **argv)
  {
-       return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_samr, 0,
                                rpc_group_list_internals,
                                argc, argv);
  }
@@ -3124,7 +3133,7 @@ static int rpc_group_members(struct net_context *c, int argc, const char **argv)
                 return rpc_group_usage(c, argc, argv);
         }
  
-       return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_samr, 0,
                                rpc_group_members_internals,
                                argc, argv);
  }
@@ -3259,7 +3268,7 @@ int net_rpc_group(struct net_context *c, int argc, const char **argv)
                         return 0;
                 }
  
-               return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+               return run_rpc_command(c, NULL, &ndr_table_samr, 0,
                                        rpc_group_list_internals,
                                        argc, argv);
         }
@@ -3527,7 +3536,7 @@ static bool check_share_availability(struct cli_state *cli, const char *netname)
  {
         NTSTATUS status;
  
-       status = cli_tcon_andx(cli, netname, "A:", "", 0);
+       status = cli_tree_connect(cli, netname, "A:", "", 0);
         if (!NT_STATUS_IS_OK(status)) {
                 d_printf(_("skipping   [%s]: not a file share.\n"), netname);
                 return false;
@@ -3697,7 +3706,7 @@ static int rpc_share_migrate_shares(struct net_context *c, int argc,
                 return -1;
         }
  
-       return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
                                rpc_share_migrate_shares_internals,
                                argc, argv);
  }
@@ -3764,8 +3773,12 @@ static NTSTATUS copy_fn(const char *mnt, struct file_info *f,
                 }
  
                 /* search below that directory */
-               strlcpy(new_mask, dir, sizeof(new_mask));
-               strlcat(new_mask, "\\*", sizeof(new_mask));
+               if (strlcpy(new_mask, dir, sizeof(new_mask)) >= sizeof(new_mask)) {
+                       return NT_STATUS_NO_MEMORY;
+               }
+               if (strlcat(new_mask, "\\*", sizeof(new_mask)) >= sizeof(new_mask)) {
+                       return NT_STATUS_NO_MEMORY;
+               }
  
                 old_dir = local_state->cwd;
                 local_state->cwd = dir;
@@ -3976,8 +3989,8 @@ static NTSTATUS rpc_share_migrate_files_internals(struct net_context *c,
  
                 /* open share source */
                 nt_status = connect_to_service(c, &cp_clistate.cli_share_src,
-                                              cli_state_remote_sockaddr(cli),
-                                              cli_state_remote_name(cli),
+                                              smbXcli_conn_remote_sockaddr(cli->conn),
+                                              smbXcli_conn_remote_name(cli->conn),
                                                info502.name, "A:");
                 if (!NT_STATUS_IS_OK(nt_status))
                         goto done;
@@ -4041,7 +4054,7 @@ static int rpc_share_migrate_files(struct net_context *c, int argc, const char *
                 return -1;
         }
  
-       return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
                                rpc_share_migrate_files_internals,
                                argc, argv);
  }
@@ -4176,7 +4189,7 @@ static int rpc_share_migrate_security(struct net_context *c, int argc,
                 return -1;
         }
  
-       return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
                                rpc_share_migrate_security_internals,
                                argc, argv);
  }
@@ -4214,17 +4227,17 @@ static int rpc_share_migrate_all(struct net_context *c, int argc,
         /* order is important. we don't want to be locked out by the share-acl
          * before copying files - gd */
  
-       ret = run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+       ret = run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
                               rpc_share_migrate_shares_internals, argc, argv);
         if (ret)
                 return ret;
  
-       ret = run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+       ret = run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
                               rpc_share_migrate_files_internals, argc, argv);
         if (ret)
                 return ret;
  
-       return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
                                rpc_share_migrate_security_internals, argc,
                                argv);
  }
@@ -4669,6 +4682,7 @@ static bool get_user_sids(const char *domain, const char *user, struct security_
         for (i = 0; i < num_groups; i++) {
                 gid_t gid = groups[i];
                 struct dom_sid sid;
+               bool ok;
  
                 wbc_status = wbcGidToSid(gid, &wsid);
                 if (!WBC_ERROR_IS_OK(wbc_status)) {
@@ -4682,7 +4696,12 @@ static bool get_user_sids(const char *domain, const char *user, struct security_
  
                 DEBUG(3, (" %s\n", sid_str));
  
-               string_to_sid(&sid, sid_str);
+               ok = string_to_sid(&sid, sid_str);
+               if (!ok) {
+                       DEBUG(1, ("Failed to convert string to SID\n"));
+                       wbcFreeMemory(groups);
+                       return false;
+               }
                 add_sid_to_token(token, &sid);
         }
         wbcFreeMemory(groups);
@@ -4744,7 +4763,11 @@ static bool get_user_tokens(struct net_context *c, int *num_tokens,
                 } else {
                         *p++ = '\0';
                         fstrcpy(domain, users[i]);
-                       strupper_m(domain);
+                       if (!strupper_m(domain)) {
+                               DEBUG(1, ("strupper_m %s failed\n", domain));
+                               wbcFreeMemory(users);
+                               return false;
+                       }
                         fstrcpy(user, p);
                 }
  
@@ -4806,7 +4829,9 @@ static bool get_user_tokens_from_file(FILE *f,
  
                 token = &((*tokens)[*num_tokens-1]);
  
-               strlcpy(token->name, line, sizeof(token->name));
+               if (strlcpy(token->name, line, sizeof(token->name)) >= sizeof(token->name)) {
+                       return false;
+               }
                 token->token.num_sids = 0;
                 token->token.sids = NULL;
                 continue;
@@ -4858,7 +4883,7 @@ static void show_userlist(struct rpc_pipe_client *pipe_hnd,
  
         cnum = cli_state_get_tid(cli);
  
-       if (!NT_STATUS_IS_OK(cli_tcon_andx(cli, netname, "A:", "", 0))) {
+       if (!NT_STATUS_IS_OK(cli_tree_connect(cli, netname, "A:", "", 0))) {
                 return;
         }
  
@@ -4905,28 +4930,6 @@ static void show_userlist(struct rpc_pipe_client *pipe_hnd,
         return;
  }
  
-struct share_list {
-       int num_shares;
-       char **shares;
-};
-
-static void collect_share(const char *name, uint32 m,
-                         const char *comment, void *state)
-{
-       struct share_list *share_list = (struct share_list *)state;
-
-       if (m != STYPE_DISKTREE)
-               return;
-
-       share_list->num_shares += 1;
-       share_list->shares = SMB_REALLOC_ARRAY(share_list->shares, char *, share_list->num_shares);
-       if (!share_list->shares) {
-               share_list->num_shares = 0;
-               return;
-       }
-       share_list->shares[share_list->num_shares-1] = SMB_STRDUP(name);
-}
-
  /**
   * List shares on a remote RPC server, including the security descriptors.
   *
@@ -4952,16 +4955,21 @@ static NTSTATUS rpc_share_allowedusers_internals(struct net_context *c,
                                                 int argc,
                                                 const char **argv)
  {
-       int ret;
         bool r;
-       uint32 i;
         FILE *f;
+       NTSTATUS nt_status = NT_STATUS_OK;
+       uint32_t total_entries = 0;
+       uint32_t resume_handle = 0;
+       uint32_t preferred_len = 0xffffffff;
+       uint32_t i;
+       struct dcerpc_binding_handle *b = NULL;
+       struct srvsvc_NetShareInfoCtr info_ctr;
+       struct srvsvc_NetShareCtr1 ctr1;
+       WERROR result;
  
         struct user_token *tokens = NULL;
         int num_tokens = 0;
  
-       struct share_list share_list;
-
         if (argc == 0) {
                 f = stdin;
         } else {
@@ -4986,22 +4994,47 @@ static NTSTATUS rpc_share_allowedusers_internals(struct net_context *c,
         for (i=0; i<num_tokens; i++)
                 collect_alias_memberships(&tokens[i].token);
  
-       share_list.num_shares = 0;
-       share_list.shares = NULL;
+       ZERO_STRUCT(info_ctr);
+       ZERO_STRUCT(ctr1);
+
+       info_ctr.level = 1;
+       info_ctr.ctr.ctr1 = &ctr1;
  
-       ret = cli_RNetShareEnum(cli, collect_share, &share_list);
+       b = pipe_hnd->binding_handle;
  
-       if (ret == -1) {
-               DEBUG(0, ("Error returning browse list: %s\n",
-                         cli_errstr(cli)));
+       /* Issue the NetShareEnum RPC call and retrieve the response */
+       nt_status = dcerpc_srvsvc_NetShareEnumAll(b,
+                                       talloc_tos(),
+                                       pipe_hnd->desthost,
+                                       &info_ctr,
+                                       preferred_len,
+                                       &total_entries,
+                                       &resume_handle,
+                                       &result);
+
+       /* Was it successful? */
+       if (!NT_STATUS_IS_OK(nt_status)) {
+               /*  Nope.  Go clean up. */
+               goto done;
+       }
+
+       if (!W_ERROR_IS_OK(result)) {
+               /*  Nope.  Go clean up. */
+               nt_status = werror_to_ntstatus(result);
+               goto done;
+       }
+
+       if (total_entries == 0) {
                 goto done;
         }
  
-       for (i = 0; i < share_list.num_shares; i++) {
-               char *netname = share_list.shares[i];
+        /* For each returned entry... */
+       for (i = 0; i < info_ctr.ctr.ctr1->count; i++) {
+               const char *netname = info_ctr.ctr.ctr1->array[i].name;
  
-               if (netname[strlen(netname)-1] == '$')
+               if (info_ctr.ctr.ctr1->array[i].type != STYPE_DISKTREE) {
                         continue;
+               }
  
                 d_printf("%s\n", netname);
  
@@ -5013,9 +5046,8 @@ static NTSTATUS rpc_share_allowedusers_internals(struct net_context *c,
                 free_user_token(&tokens[i].token);
         }
         SAFE_FREE(tokens);
-       SAFE_FREE(share_list.shares);
  
-       return NT_STATUS_OK;
+       return nt_status;
  }
  
  static int rpc_share_allowedusers(struct net_context *c, int argc,
@@ -5032,19 +5064,19 @@ static int rpc_share_allowedusers(struct net_context *c, int argc,
                 return 0;
         }
  
-       result = run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+       result = run_rpc_command(c, NULL, &ndr_table_samr, 0,
                                  rpc_aliaslist_internals,
                                  argc, argv);
         if (result != 0)
                 return result;
  
-       result = run_rpc_command(c, NULL, &ndr_table_lsarpc.syntax_id, 0,
+       result = run_rpc_command(c, NULL, &ndr_table_lsarpc, 0,
                                  rpc_aliaslist_dump,
                                  argc, argv);
         if (result != 0)
                 return result;
  
-       return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
                                rpc_share_allowedusers_internals,
                                argc, argv);
  }
@@ -5062,7 +5094,7 @@ int net_usersidlist(struct net_context *c, int argc, const char **argv)
  
         if (!get_user_tokens(c, &num_tokens, &tokens)) {
                 DEBUG(0, ("Could not get the user/sid list\n"));
-               return 0;
+               return -1;
         }
  
         for (i=0; i<num_tokens; i++) {
@@ -5071,7 +5103,7 @@ int net_usersidlist(struct net_context *c, int argc, const char **argv)
         }
  
         SAFE_FREE(tokens);
-       return 1;
+       return 0;
  }
  
  int net_usersidlist_usage(struct net_context *c, int argc, const char **argv)
@@ -5268,16 +5300,16 @@ struct rpc_sh_cmd *net_rpc_share_cmds(struct net_context *c, TALLOC_CTX *mem_ctx
  {
         static struct rpc_sh_cmd cmds[] = {
  
-       { "list", NULL, &ndr_table_srvsvc.syntax_id, rpc_sh_share_list,
+       { "list", NULL, &ndr_table_srvsvc, rpc_sh_share_list,
           N_("List available shares") },
  
-       { "add", NULL, &ndr_table_srvsvc.syntax_id, rpc_sh_share_add,
+       { "add", NULL, &ndr_table_srvsvc, rpc_sh_share_add,
           N_("Add a share") },
  
-       { "delete", NULL, &ndr_table_srvsvc.syntax_id, rpc_sh_share_delete,
+       { "delete", NULL, &ndr_table_srvsvc, rpc_sh_share_delete,
           N_("Delete a share") },
  
-       { "info", NULL, &ndr_table_srvsvc.syntax_id, rpc_sh_share_info,
+       { "info", NULL, &ndr_table_srvsvc, rpc_sh_share_info,
           N_("Get information about a share") },
  
         { NULL, NULL, 0, NULL, NULL }
@@ -5558,7 +5590,7 @@ static int rpc_shutdown_abort(struct net_context *c, int argc,
                 return 0;
         }
  
-       rc = run_rpc_command(c, NULL, &ndr_table_initshutdown.syntax_id, 0,
+       rc = run_rpc_command(c, NULL, &ndr_table_initshutdown, 0,
                              rpc_shutdown_abort_internals, argc, argv);
  
         if (rc == 0)
@@ -5566,7 +5598,7 @@ static int rpc_shutdown_abort(struct net_context *c, int argc,
  
         DEBUG(1, ("initshutdown pipe didn't work, trying winreg pipe\n"));
  
-       return run_rpc_command(c, NULL, &ndr_table_winreg.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_winreg, 0,
                                rpc_reg_shutdown_abort_internals,
                                argc, argv);
  }
@@ -5716,12 +5748,12 @@ static int rpc_shutdown(struct net_context *c, int argc, const char **argv)
                 return 0;
         }
  
-       rc = run_rpc_command(c, NULL, &ndr_table_initshutdown.syntax_id, 0,
+       rc = run_rpc_command(c, NULL, &ndr_table_initshutdown, 0,
                              rpc_init_shutdown_internals, argc, argv);
  
         if (rc) {
                 DEBUG(1, ("initshutdown pipe failed, trying winreg pipe\n"));
-               rc = run_rpc_command(c, NULL, &ndr_table_winreg.syntax_id, 0,
+               rc = run_rpc_command(c, NULL, &ndr_table_winreg, 0,
                                      rpc_reg_shutdown_internals, argc, argv);
         }
  
@@ -5768,6 +5800,7 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c,
         union samr_UserInfo info;
         unsigned int orig_timeout;
         struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
+       DATA_BLOB session_key = data_blob_null;
  
         if (argc != 2) {
                 d_printf("%s\n%s",
@@ -5785,10 +5818,20 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c,
                 return NT_STATUS_NO_MEMORY;
         }
  
-       strupper_m(acct_name);
+       if (!strupper_m(acct_name)) {
+               SAFE_FREE(acct_name);
+               return NT_STATUS_INVALID_PARAMETER;
+       }
  
         init_lsa_String(&lsa_acct_name, acct_name);
  
+       status = cli_get_session_key(mem_ctx, pipe_hnd, &session_key);
+       if (!NT_STATUS_IS_OK(status)) {
+               DEBUG(0,("Error getting session_key of SAM pipe. Error was %s\n",
+                       nt_errstr(status)));
+               goto done;
+       }
+
         /* Get samr policy handle */
         status = dcerpc_samr_Connect2(b, mem_ctx,
                                       pipe_hnd->desthost,
@@ -5859,7 +5902,7 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c,
                 ZERO_STRUCT(info.info23);
  
                 init_samr_CryptPassword(argv[1],
-                                       &cli->user_session_key,
+                                       &session_key,
                                         &crypt_pwd);
  
                 info.info23.info.fields_present = SAMR_FIELD_ACCT_FLAGS |
@@ -5886,6 +5929,7 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c,
  
   done:
         SAFE_FREE(acct_name);
+       data_blob_clear_free(&session_key);
         return status;
  }
  
@@ -5901,7 +5945,7 @@ static NTSTATUS rpc_trustdom_add_internals(struct net_context *c,
  static int rpc_trustdom_add(struct net_context *c, int argc, const char **argv)
  {
         if (argc > 0 && !c->display_usage) {
-               return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+               return run_rpc_command(c, NULL, &ndr_table_samr, 0,
                                        rpc_trustdom_add_internals, argc, argv);
         } else {
                 d_printf("%s\n%s",
@@ -5961,7 +6005,10 @@ static NTSTATUS rpc_trustdom_del_internals(struct net_context *c,
         if (acct_name == NULL)
                 return NT_STATUS_NO_MEMORY;
  
-       strupper_m(acct_name);
+       if (!strupper_m(acct_name)) {
+               TALLOC_FREE(acct_name);
+               return NT_STATUS_INVALID_PARAMETER;
+       }
  
         /* Get samr policy handle */
         status = dcerpc_samr_Connect2(b, mem_ctx,
@@ -6104,7 +6151,7 @@ static NTSTATUS rpc_trustdom_del_internals(struct net_context *c,
  static int rpc_trustdom_del(struct net_context *c, int argc, const char **argv)
  {
         if (argc > 0 && !c->display_usage) {
-               return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+               return run_rpc_command(c, NULL, &ndr_table_samr, 0,
                                        rpc_trustdom_del_internals, argc, argv);
         } else {
                 d_printf("%s\n%s",
@@ -6207,13 +6254,20 @@ static int rpc_trustdom_establish(struct net_context *c, int argc,
         }
  
         domain_name = smb_xstrdup(argv[0]);
-       strupper_m(domain_name);
+       if (!strupper_m(domain_name)) {
+               SAFE_FREE(domain_name);
+               return -1;
+       }
  
         /* account name used at first is our domain's name with '$' */
         if (asprintf(&acct_name, "%s$", lp_workgroup()) == -1) {
                 return -1;
         }
-       strupper_m(acct_name);
+       if (!strupper_m(acct_name)) {
+               SAFE_FREE(domain_name);
+               SAFE_FREE(acct_name);
+               return -1;
+       }
  
         /*
          * opt_workgroup will be used by connection functions further,
@@ -6385,7 +6439,10 @@ static int rpc_trustdom_revoke(struct net_context *c, int argc,
  
         /* generate upper cased domain name */
         domain_name = smb_xstrdup(argv[0]);
-       strupper_m(domain_name);
+       if (!strupper_m(domain_name)) {
+               SAFE_FREE(domain_name);
+               return -1;
+       }
  
         /* delete password of the trust */
         if (!pdb_del_trusteddom_pw(domain_name)) {
@@ -6954,7 +7011,11 @@ static int rpc_trustdom_list(struct net_context *c, int argc, const char **argv)
                                 str[ascii_dom_name_len - 1] = '\0';
  
                         /* set opt_* variables to remote domain */
-                       strupper_m(str);
+                       if (!strupper_m(str)) {
+                               cli_shutdown(cli);
+                               talloc_destroy(mem_ctx);
+                               return -1;
+                       }
                         c->opt_workgroup = talloc_strdup(mem_ctx, str);
                         c->opt_target_workgroup = c->opt_workgroup;
  
@@ -6968,7 +7029,7 @@ static int rpc_trustdom_list(struct net_context *c, int argc, const char **argv)
                                 /* query for domain's sid */
                                 if (run_rpc_command(
                                             c, remote_cli,
-                                           &ndr_table_lsarpc.syntax_id, 0,
+                                           &ndr_table_lsarpc, 0,
                                             rpc_query_domain_sid, argc,
                                             argv))
                                         d_printf(_("strange - couldn't get domain's sid\n"));
@@ -7097,10 +7158,11 @@ bool net_rpc_check(struct net_context *c, unsigned flags)
         if (!NT_STATUS_IS_OK(status)) {
                 return false;
         }
-       status = cli_negprot(cli, PROTOCOL_NT1);
+       status = smbXcli_negprot(cli->conn, cli->timeout, PROTOCOL_CORE,
+                                PROTOCOL_NT1);
         if (!NT_STATUS_IS_OK(status))
                 goto done;
-       if (cli_state_protocol(cli) < PROTOCOL_NT1)
+       if (smbXcli_conn_protocol(cli->conn) < PROTOCOL_NT1)
                 goto done;
  
         ret = true;
@@ -7120,7 +7182,7 @@ static int rpc_samdump(struct net_context *c, int argc, const char **argv) {
                 return 0;
         }
  
-       return run_rpc_command(c, NULL, &ndr_table_netlogon.syntax_id,
+       return run_rpc_command(c, NULL, &ndr_table_netlogon,
                                NET_FLAGS_ANONYMOUS,
                                rpc_samdump_internals, argc, argv);
  }
@@ -7209,30 +7271,30 @@ static int rpc_printer_migrate_all(struct net_context *c, int argc,
                 return -1;
         }
  
-       ret = run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+       ret = run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
                               rpc_printer_migrate_printers_internals, argc,
                               argv);
         if (ret)
                 return ret;
  
-       ret = run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+       ret = run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
                               rpc_printer_migrate_drivers_internals, argc,
                               argv);
         if (ret)
                 return ret;
  
-       ret = run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+       ret = run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
                               rpc_printer_migrate_forms_internals, argc, argv);
         if (ret)
                 return ret;
  
-       ret = run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+       ret = run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
                               rpc_printer_migrate_settings_internals, argc,
                               argv);
         if (ret)
                 return ret;
  
-       return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
                                rpc_printer_migrate_security_internals, argc,
                                argv);
  
@@ -7265,7 +7327,7 @@ static int rpc_printer_migrate_drivers(struct net_context *c, int argc,
                 return -1;
         }
  
-       return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
                                rpc_printer_migrate_drivers_internals,
                                argc, argv);
  }
@@ -7297,7 +7359,7 @@ static int rpc_printer_migrate_forms(struct net_context *c, int argc,
                 return -1;
         }
  
-       return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
                                rpc_printer_migrate_forms_internals,
                                argc, argv);
  }
@@ -7329,7 +7391,7 @@ static int rpc_printer_migrate_printers(struct net_context *c, int argc,
                 return -1;
         }
  
-       return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
                                rpc_printer_migrate_printers_internals,
                                argc, argv);
  }
@@ -7361,7 +7423,7 @@ static int rpc_printer_migrate_security(struct net_context *c, int argc,
                 return -1;
         }
  
-       return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
                                rpc_printer_migrate_security_internals,
                                argc, argv);
  }
@@ -7394,7 +7456,7 @@ static int rpc_printer_migrate_settings(struct net_context *c, int argc,
                 return -1;
         }
  
-       return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
                                rpc_printer_migrate_settings_internals,
                                argc, argv);
  }
@@ -7492,7 +7554,7 @@ static int rpc_printer_list(struct net_context *c, int argc, const char **argv)
                 return 0;
         }
  
-       return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
                                rpc_printer_list_internals,
                                argc, argv);
  }
@@ -7519,7 +7581,7 @@ static int rpc_printer_driver_list(struct net_context *c, int argc,
                 return 0;
         }
  
-       return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
                                rpc_printer_driver_list_internals,
                                argc, argv);
  }
@@ -7546,7 +7608,7 @@ static int rpc_printer_publish_publish(struct net_context *c, int argc,
                 return 0;
         }
  
-       return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
                                rpc_printer_publish_publish_internals,
                                argc, argv);
  }
@@ -7572,7 +7634,7 @@ static int rpc_printer_publish_update(struct net_context *c, int argc, const cha
                 return 0;
         }
  
-       return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
                                rpc_printer_publish_update_internals,
                                argc, argv);
  }
@@ -7599,7 +7661,7 @@ static int rpc_printer_publish_unpublish(struct net_context *c, int argc,
                 return 0;
         }
  
-       return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
                                rpc_printer_publish_unpublish_internals,
                                argc, argv);
  }
@@ -7626,7 +7688,7 @@ static int rpc_printer_publish_list(struct net_context *c, int argc,
                 return 0;
         }
  
-       return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+       return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
                                rpc_printer_publish_list_internals,
                                argc, argv);
  }
@@ -7692,7 +7754,7 @@ static int rpc_printer_publish(struct net_context *c, int argc,
                         net_display_usage_from_functable(func);
                         return 0;
                 }
-               return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+               return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
                                rpc_printer_publish_list_internals,
                                argc, argv);
         }
@@ -7795,7 +7857,7 @@ int net_rpc_printer(struct net_context *c, int argc, const char **argv)
                         net_display_usage_from_functable(func);
                         return 0;
                 }
-               return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+               return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
                                rpc_printer_list_internals,
                                argc, argv);
         }