2 Unix SMB/CIFS implementation.
3 Inter-process communication and named pipe handling
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2007.
8 Copyright (C) John H Terpstra 1995-1998
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 This file handles the named pipe and mailslot calls
25 in the SMBtrans protocol
29 #include "smbd/globals.h"
36 #define NERR_Success 0
37 #define NERR_badpass 86
38 #define NERR_notsupported 50
40 #define NERR_BASE (2100)
41 #define NERR_BufTooSmall (NERR_BASE+23)
42 #define NERR_JobNotFound (NERR_BASE+51)
43 #define NERR_DestNotFound (NERR_BASE+52)
45 #define ACCESS_READ 0x01
46 #define ACCESS_WRITE 0x02
47 #define ACCESS_CREATE 0x04
49 #define SHPWLEN 8 /* share password length */
51 /* Limit size of ipc replies */
53 static char *smb_realloc_limit(void *ptr, size_t size)
57 size = MAX((size),4*1024);
58 val = (char *)SMB_REALLOC(ptr,size);
60 memset(val,'\0',size);
65 static bool api_Unsupported(connection_struct *conn, uint16 vuid,
66 char *param, int tpscnt,
67 char *data, int tdscnt,
68 int mdrcnt, int mprcnt,
69 char **rdata, char **rparam,
70 int *rdata_len, int *rparam_len);
72 static bool api_TooSmall(connection_struct *conn, uint16 vuid, char *param, char *data,
73 int mdrcnt, int mprcnt,
74 char **rdata, char **rparam,
75 int *rdata_len, int *rparam_len);
78 static int CopyExpanded(connection_struct *conn,
79 int snum, char **dst, char *src, int *p_space_remaining)
81 TALLOC_CTX *ctx = talloc_tos();
85 if (!src || !dst || !p_space_remaining || !(*dst) ||
86 *p_space_remaining <= 0) {
90 buf = talloc_strdup(ctx, src);
92 *p_space_remaining = 0;
95 buf = talloc_string_sub(ctx, buf,"%S",lp_servicename(snum));
97 *p_space_remaining = 0;
100 buf = talloc_sub_advanced(ctx,
101 lp_servicename(SNUM(conn)),
102 conn->server_info->unix_name,
104 conn->server_info->utok.gid,
105 conn->server_info->sanitized_username,
106 pdb_get_domain(conn->server_info->sam_account),
109 *p_space_remaining = 0;
112 l = push_ascii(*dst,buf,*p_space_remaining, STR_TERMINATE);
117 (*p_space_remaining) -= l;
121 static int CopyAndAdvance(char **dst, char *src, int *n)
124 if (!src || !dst || !n || !(*dst)) {
127 l = push_ascii(*dst,src,*n, STR_TERMINATE);
136 static int StrlenExpanded(connection_struct *conn, int snum, char *s)
138 TALLOC_CTX *ctx = talloc_tos();
143 buf = talloc_strdup(ctx,s);
147 buf = talloc_string_sub(ctx,buf,"%S",lp_servicename(snum));
151 buf = talloc_sub_advanced(ctx,
152 lp_servicename(SNUM(conn)),
153 conn->server_info->unix_name,
155 conn->server_info->utok.gid,
156 conn->server_info->sanitized_username,
157 pdb_get_domain(conn->server_info->sam_account),
162 return strlen(buf) + 1;
165 static char *Expand(connection_struct *conn, int snum, char *s)
167 TALLOC_CTX *ctx = talloc_tos();
173 buf = talloc_strdup(ctx,s);
177 buf = talloc_string_sub(ctx,buf,"%S",lp_servicename(snum));
181 return talloc_sub_advanced(ctx,
182 lp_servicename(SNUM(conn)),
183 conn->server_info->unix_name,
185 conn->server_info->utok.gid,
186 conn->server_info->sanitized_username,
187 pdb_get_domain(conn->server_info->sam_account),
191 /*******************************************************************
192 Check a API string for validity when we only need to check the prefix.
193 ******************************************************************/
195 static bool prefix_ok(const char *str, const char *prefix)
197 return(strncmp(str,prefix,strlen(prefix)) == 0);
201 const char *format; /* formatstring for structure */
202 const char *subformat; /* subformat for structure */
203 char *base; /* baseaddress of buffer */
204 int buflen; /* remaining size for fixed part; on init: length of base */
205 int subcount; /* count of substructures */
206 char *structbuf; /* pointer into buffer for remaining fixed part */
207 int stringlen; /* remaining size for variable part */
208 char *stringbuf; /* pointer into buffer for remaining variable part */
209 int neededlen; /* total needed size */
210 int usedlen; /* total used size (usedlen <= neededlen and usedlen <= buflen) */
211 const char *curpos; /* current position; pointer into format or subformat */
215 static int get_counter(const char **p)
221 if (!isdigit((int)**p)) {
227 n = 10 * n + (i - '0');
235 static int getlen(const char *p)
244 case 'W': /* word (2 byte) */
247 case 'K': /* status word? (2 byte) */
250 case 'N': /* count of substructures (word) at end */
253 case 'D': /* double word (4 byte) */
254 case 'z': /* offset to zero terminated string (4 byte) */
255 case 'l': /* offset to user data (4 byte) */
258 case 'b': /* offset to data (with counter) (4 byte) */
262 case 'B': /* byte (with optional counter) */
263 n += get_counter(&p);
270 static bool init_package(struct pack_desc *p, int count, int subcount)
275 if (!p->format || !p->base) {
279 i = count * getlen(p->format);
281 i += subcount * getlen(p->subformat);
283 p->structbuf = p->base;
287 p->curpos = p->format;
293 * This is the old error code we used. Aparently
294 * WinNT/2k systems return ERRbuftoosmall (2123) and
295 * OS/2 needs this. I'm leaving this here so we can revert
298 p->errcode = ERRmoredata;
300 p->errcode = ERRbuftoosmall;
303 p->errcode = NERR_Success;
307 p->stringbuf = p->base + i;
309 return (p->errcode == NERR_Success);
312 static int package(struct pack_desc *p, ...)
315 int needed=0, stringneeded;
316 const char *str=NULL;
317 int is_string=0, stringused;
324 p->curpos = p->format;
326 p->curpos = p->subformat;
331 str = va_arg(args,char*);
332 SMB_ASSERT(strncmp(str,p->curpos,strlen(str)) == 0);
341 switch( *p->curpos++ ) {
342 case 'W': /* word (2 byte) */
344 temp = va_arg(args,int);
345 if (p->buflen >= needed) {
346 SSVAL(p->structbuf,0,temp);
349 case 'K': /* status word? (2 byte) */
351 temp = va_arg(args,int);
352 if (p->buflen >= needed) {
353 SSVAL(p->structbuf,0,temp);
356 case 'N': /* count of substructures (word) at end */
358 p->subcount = va_arg(args,int);
359 if (p->buflen >= needed) {
360 SSVAL(p->structbuf,0,p->subcount);
363 case 'D': /* double word (4 byte) */
365 temp = va_arg(args,int);
366 if (p->buflen >= needed) {
367 SIVAL(p->structbuf,0,temp);
370 case 'B': /* byte (with optional counter) */
371 needed = get_counter(&p->curpos);
373 char *s = va_arg(args,char*);
374 if (p->buflen >= needed) {
375 StrnCpy(p->structbuf,s?s:"",needed-1);
379 case 'z': /* offset to zero terminated string (4 byte) */
380 str = va_arg(args,char*);
381 stringneeded = (str ? strlen(str)+1 : 0);
384 case 'l': /* offset to user data (4 byte) */
385 str = va_arg(args,char*);
386 stringneeded = va_arg(args,int);
389 case 'b': /* offset to data (with counter) (4 byte) */
390 str = va_arg(args,char*);
391 stringneeded = get_counter(&p->curpos);
397 if (stringneeded >= 0) {
399 if (p->buflen >= needed) {
400 stringused = stringneeded;
401 if (stringused > p->stringlen) {
402 stringused = (is_string ? p->stringlen : 0);
403 if (p->errcode == NERR_Success) {
404 p->errcode = ERRmoredata;
408 SIVAL(p->structbuf,0,0);
410 SIVAL(p->structbuf,0,PTR_DIFF(p->stringbuf,p->base));
411 memcpy(p->stringbuf,str?str:"",stringused);
413 p->stringbuf[stringused-1] = '\0';
415 p->stringbuf += stringused;
416 p->stringlen -= stringused;
417 p->usedlen += stringused;
420 p->neededlen += stringneeded;
423 p->neededlen += needed;
424 if (p->buflen >= needed) {
425 p->structbuf += needed;
427 p->usedlen += needed;
429 if (p->errcode == NERR_Success) {
430 p->errcode = ERRmoredata;
437 #define PACK(desc,t,v) package(desc,t,v,0,0,0,0)
438 #define PACKl(desc,t,v,l) package(desc,t,v,l,0,0,0,0)
440 #define PACK(desc,t,v) package(desc,v)
441 #define PACKl(desc,t,v,l) package(desc,v,l)
444 static void PACKI(struct pack_desc* desc, const char *t,int v)
449 static void PACKS(struct pack_desc* desc,const char *t,const char *v)
454 /****************************************************************************
456 ****************************************************************************/
458 static void PackDriverData(struct pack_desc* desc)
460 char drivdata[4+4+32];
461 SIVAL(drivdata,0,sizeof drivdata); /* cb */
462 SIVAL(drivdata,4,1000); /* lVersion */
463 memset(drivdata+8,0,32); /* szDeviceName */
464 push_ascii(drivdata+8,"NULL",32, STR_TERMINATE);
465 PACKl(desc,"l",drivdata,sizeof drivdata); /* pDriverData */
468 static int check_printq_info(struct pack_desc* desc,
469 unsigned int uLevel, char *id1, char *id2)
471 desc->subformat = NULL;
474 desc->format = "B13";
477 desc->format = "B13BWWWzzzzzWW";
480 desc->format = "B13BWWWzzzzzWN";
481 desc->subformat = "WB21BB16B10zWWzDDz";
484 desc->format = "zWWWWzzzzWWzzl";
487 desc->format = "zWWWWzzzzWNzzl";
488 desc->subformat = "WWzWWDDzz";
497 desc->format = "WzzzzzzzzN";
498 desc->subformat = "z";
501 DEBUG(0,("check_printq_info: invalid level %d\n",
505 if (id1 == NULL || strcmp(desc->format,id1) != 0) {
506 DEBUG(0,("check_printq_info: invalid format %s\n",
507 id1 ? id1 : "<NULL>" ));
510 if (desc->subformat && (id2 == NULL || strcmp(desc->subformat,id2) != 0)) {
511 DEBUG(0,("check_printq_info: invalid subformat %s\n",
512 id2 ? id2 : "<NULL>" ));
519 #define RAP_JOB_STATUS_QUEUED 0
520 #define RAP_JOB_STATUS_PAUSED 1
521 #define RAP_JOB_STATUS_SPOOLING 2
522 #define RAP_JOB_STATUS_PRINTING 3
523 #define RAP_JOB_STATUS_PRINTED 4
525 #define RAP_QUEUE_STATUS_PAUSED 1
526 #define RAP_QUEUE_STATUS_ERROR 2
528 /* turn a print job status into a on the wire status
530 static int printj_status(int v)
534 return RAP_JOB_STATUS_QUEUED;
536 return RAP_JOB_STATUS_PAUSED;
538 return RAP_JOB_STATUS_SPOOLING;
540 return RAP_JOB_STATUS_PRINTING;
545 /* turn a print queue status into a on the wire status
547 static int printq_status(int v)
553 return RAP_QUEUE_STATUS_PAUSED;
555 return RAP_QUEUE_STATUS_ERROR;
558 static void fill_printjob_info(connection_struct *conn, int snum, int uLevel,
559 struct pack_desc *desc,
560 print_queue_struct *queue, int n)
562 time_t t = queue->time;
564 /* the client expects localtime */
565 t -= get_time_zone(t);
567 PACKI(desc,"W",pjobid_to_rap(lp_const_servicename(snum),queue->job)); /* uJobId */
569 PACKS(desc,"B21",queue->fs_user); /* szUserName */
570 PACKS(desc,"B",""); /* pad */
571 PACKS(desc,"B16",""); /* szNotifyName */
572 PACKS(desc,"B10","PM_Q_RAW"); /* szDataType */
573 PACKS(desc,"z",""); /* pszParms */
574 PACKI(desc,"W",n+1); /* uPosition */
575 PACKI(desc,"W",printj_status(queue->status)); /* fsStatus */
576 PACKS(desc,"z",""); /* pszStatus */
577 PACKI(desc,"D",t); /* ulSubmitted */
578 PACKI(desc,"D",queue->size); /* ulSize */
579 PACKS(desc,"z",queue->fs_file); /* pszComment */
581 if (uLevel == 2 || uLevel == 3 || uLevel == 4) {
582 PACKI(desc,"W",queue->priority); /* uPriority */
583 PACKS(desc,"z",queue->fs_user); /* pszUserName */
584 PACKI(desc,"W",n+1); /* uPosition */
585 PACKI(desc,"W",printj_status(queue->status)); /* fsStatus */
586 PACKI(desc,"D",t); /* ulSubmitted */
587 PACKI(desc,"D",queue->size); /* ulSize */
588 PACKS(desc,"z","Samba"); /* pszComment */
589 PACKS(desc,"z",queue->fs_file); /* pszDocument */
591 PACKS(desc,"z",""); /* pszNotifyName */
592 PACKS(desc,"z","PM_Q_RAW"); /* pszDataType */
593 PACKS(desc,"z",""); /* pszParms */
594 PACKS(desc,"z",""); /* pszStatus */
595 PACKS(desc,"z",SERVICE(snum)); /* pszQueue */
596 PACKS(desc,"z","lpd"); /* pszQProcName */
597 PACKS(desc,"z",""); /* pszQProcParms */
598 PACKS(desc,"z","NULL"); /* pszDriverName */
599 PackDriverData(desc); /* pDriverData */
600 PACKS(desc,"z",""); /* pszPrinterName */
601 } else if (uLevel == 4) { /* OS2 */
602 PACKS(desc,"z",""); /* pszSpoolFileName */
603 PACKS(desc,"z",""); /* pszPortName */
604 PACKS(desc,"z",""); /* pszStatus */
605 PACKI(desc,"D",0); /* ulPagesSpooled */
606 PACKI(desc,"D",0); /* ulPagesSent */
607 PACKI(desc,"D",0); /* ulPagesPrinted */
608 PACKI(desc,"D",0); /* ulTimePrinted */
609 PACKI(desc,"D",0); /* ulExtendJobStatus */
610 PACKI(desc,"D",0); /* ulStartPage */
611 PACKI(desc,"D",0); /* ulEndPage */
616 /********************************************************************
617 Return a driver name given an snum.
618 Returns True if from tdb, False otherwise.
619 ********************************************************************/
621 static bool get_driver_name(int snum, char **pp_drivername)
623 NT_PRINTER_INFO_LEVEL *info = NULL;
626 get_a_printer (NULL, &info, 2, lp_servicename(snum));
628 *pp_drivername = talloc_strdup(talloc_tos(),
629 info->info_2->drivername);
631 free_a_printer(&info, 2);
632 if (!*pp_drivername) {
640 /********************************************************************
641 Respond to the DosPrintQInfo command with a level of 52
642 This is used to get printer driver information for Win9x clients
643 ********************************************************************/
644 static void fill_printq_info_52(connection_struct *conn, int snum,
645 struct pack_desc* desc, int count )
649 NT_PRINTER_DRIVER_INFO_LEVEL driver;
650 NT_PRINTER_INFO_LEVEL *printer = NULL;
654 if ( !W_ERROR_IS_OK(get_a_printer( NULL, &printer, 2, lp_servicename(snum))) ) {
655 DEBUG(3,("fill_printq_info_52: Failed to lookup printer [%s]\n",
656 lp_servicename(snum)));
660 if ( !W_ERROR_IS_OK(get_a_printer_driver(&driver, 3, printer->info_2->drivername,
663 DEBUG(3,("fill_printq_info_52: Failed to lookup driver [%s]\n",
664 printer->info_2->drivername));
668 trim_string(driver.info_3->driverpath, "\\print$\\WIN40\\0\\", 0);
669 trim_string(driver.info_3->datafile, "\\print$\\WIN40\\0\\", 0);
670 trim_string(driver.info_3->helpfile, "\\print$\\WIN40\\0\\", 0);
672 PACKI(desc, "W", 0x0400); /* don't know */
673 PACKS(desc, "z", driver.info_3->name); /* long printer name */
674 PACKS(desc, "z", driver.info_3->driverpath); /* Driverfile Name */
675 PACKS(desc, "z", driver.info_3->datafile); /* Datafile name */
676 PACKS(desc, "z", driver.info_3->monitorname); /* language monitor */
678 fstrcpy(location, "\\\\%L\\print$\\WIN40\\0");
679 standard_sub_basic( "", "", location, sizeof(location)-1 );
680 PACKS(desc,"z", location); /* share to retrieve files */
682 PACKS(desc,"z", driver.info_3->defaultdatatype); /* default data type */
683 PACKS(desc,"z", driver.info_3->helpfile); /* helpfile name */
684 PACKS(desc,"z", driver.info_3->driverpath); /* driver name */
686 DEBUG(3,("Printer Driver Name: %s:\n",driver.info_3->name));
687 DEBUG(3,("Driver: %s:\n",driver.info_3->driverpath));
688 DEBUG(3,("Data File: %s:\n",driver.info_3->datafile));
689 DEBUG(3,("Language Monitor: %s:\n",driver.info_3->monitorname));
690 DEBUG(3,("Driver Location: %s:\n",location));
691 DEBUG(3,("Data Type: %s:\n",driver.info_3->defaultdatatype));
692 DEBUG(3,("Help File: %s:\n",driver.info_3->helpfile));
693 PACKI(desc,"N",count); /* number of files to copy */
695 for ( i=0; i<count && driver.info_3->dependentfiles && *driver.info_3->dependentfiles[i]; i++)
697 trim_string(driver.info_3->dependentfiles[i], "\\print$\\WIN40\\0\\", 0);
698 PACKS(desc,"z",driver.info_3->dependentfiles[i]); /* driver files to copy */
699 DEBUG(3,("Dependent File: %s:\n",driver.info_3->dependentfiles[i]));
704 DEBUG(3,("fill_printq_info_52: file count specified by client [%d] != number of dependent files [%i]\n",
707 DEBUG(3,("fill_printq_info on <%s> gave %d entries\n", SERVICE(snum),i));
709 desc->errcode=NERR_Success;
713 DEBUG(3,("fill_printq_info: Can't supply driver files\n"));
714 desc->errcode=NERR_notsupported;
718 free_a_printer( &printer, 2 );
721 free_a_printer_driver( driver, 3 );
725 static void fill_printq_info(connection_struct *conn, int snum, int uLevel,
726 struct pack_desc* desc,
727 int count, print_queue_struct* queue,
728 print_status_struct* status)
733 PACKS(desc,"B13",SERVICE(snum));
738 PACKS(desc,"z",Expand(conn,snum,SERVICE(snum)));
741 PACKI(desc,"K",printq_status(status->status));
745 if (uLevel == 1 || uLevel == 2) {
746 PACKS(desc,"B",""); /* alignment */
747 PACKI(desc,"W",5); /* priority */
748 PACKI(desc,"W",0); /* start time */
749 PACKI(desc,"W",0); /* until time */
750 PACKS(desc,"z",""); /* pSepFile */
751 PACKS(desc,"z","lpd"); /* pPrProc */
752 PACKS(desc,"z",SERVICE(snum)); /* pDestinations */
753 PACKS(desc,"z",""); /* pParms */
755 PACKS(desc,"z","UNKNOWN PRINTER");
756 PACKI(desc,"W",LPSTAT_ERROR);
758 else if (!status || !status->message[0]) {
759 PACKS(desc,"z",Expand(conn,snum,lp_comment(snum)));
760 PACKI(desc,"W",LPSTAT_OK); /* status */
762 PACKS(desc,"z",status->message);
763 PACKI(desc,"W",printq_status(status->status)); /* status */
765 PACKI(desc,(uLevel == 1 ? "W" : "N"),count);
768 if (uLevel == 3 || uLevel == 4) {
769 char *drivername = NULL;
771 PACKI(desc,"W",5); /* uPriority */
772 PACKI(desc,"W",0); /* uStarttime */
773 PACKI(desc,"W",0); /* uUntiltime */
774 PACKI(desc,"W",5); /* pad1 */
775 PACKS(desc,"z",""); /* pszSepFile */
776 PACKS(desc,"z","WinPrint"); /* pszPrProc */
777 PACKS(desc,"z",NULL); /* pszParms */
778 PACKS(desc,"z",NULL); /* pszComment - don't ask.... JRA */
779 /* "don't ask" that it's done this way to fix corrupted
780 Win9X/ME printer comments. */
782 PACKI(desc,"W",LPSTAT_OK); /* fsStatus */
784 PACKI(desc,"W",printq_status(status->status)); /* fsStatus */
786 PACKI(desc,(uLevel == 3 ? "W" : "N"),count); /* cJobs */
787 PACKS(desc,"z",SERVICE(snum)); /* pszPrinters */
788 get_driver_name(snum,&drivername);
792 PACKS(desc,"z",drivername); /* pszDriverName */
793 PackDriverData(desc); /* pDriverData */
796 if (uLevel == 2 || uLevel == 4) {
798 for (i=0;i<count;i++)
799 fill_printjob_info(conn,snum,uLevel == 2 ? 1 : 2,desc,&queue[i],i);
803 fill_printq_info_52( conn, snum, desc, count );
806 /* This function returns the number of files for a given driver */
807 static int get_printerdrivernumber(int snum)
810 NT_PRINTER_DRIVER_INFO_LEVEL driver;
811 NT_PRINTER_INFO_LEVEL *printer = NULL;
815 if ( !W_ERROR_IS_OK(get_a_printer( NULL, &printer, 2, lp_servicename(snum))) ) {
816 DEBUG(3,("get_printerdrivernumber: Failed to lookup printer [%s]\n",
817 lp_servicename(snum)));
821 if ( !W_ERROR_IS_OK(get_a_printer_driver(&driver, 3, printer->info_2->drivername,
824 DEBUG(3,("get_printerdrivernumber: Failed to lookup driver [%s]\n",
825 printer->info_2->drivername));
829 /* count the number of files */
830 while ( driver.info_3->dependentfiles && *driver.info_3->dependentfiles[result] )
835 free_a_printer( &printer, 2 );
838 free_a_printer_driver( driver, 3 );
843 static bool api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid,
844 char *param, int tpscnt,
845 char *data, int tdscnt,
846 int mdrcnt,int mprcnt,
847 char **rdata,char **rparam,
848 int *rdata_len,int *rparam_len)
850 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
851 char *str2 = skip_string(param,tpscnt,str1);
852 char *p = skip_string(param,tpscnt,str2);
858 struct pack_desc desc;
859 print_queue_struct *queue=NULL;
860 print_status_struct status;
863 if (!str1 || !str2 || !p) {
866 memset((char *)&status,'\0',sizeof(status));
867 memset((char *)&desc,'\0',sizeof(desc));
869 p = skip_string(param,tpscnt,p);
873 uLevel = get_safe_SVAL(param,tpscnt,p,0,-1);
874 str3 = get_safe_str_ptr(param,tpscnt,p,4);
875 /* str3 may be null here and is checked in check_printq_info(). */
877 /* remove any trailing username */
878 if ((p = strchr_m(QueueName,'%')))
881 DEBUG(3,("api_DosPrintQGetInfo uLevel=%d name=%s\n",uLevel,QueueName));
883 /* check it's a supported varient */
884 if (!prefix_ok(str1,"zWrLh"))
886 if (!check_printq_info(&desc,uLevel,str2,str3)) {
888 * Patch from Scott Moomaw <scott@bridgewater.edu>
889 * to return the 'invalid info level' error if an
890 * unknown level was requested.
894 *rparam = smb_realloc_limit(*rparam,*rparam_len);
898 SSVALS(*rparam,0,ERRunknownlevel);
904 snum = find_service(QueueName);
905 if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) )
909 count = get_printerdrivernumber(snum);
910 DEBUG(3,("api_DosPrintQGetInfo: Driver files count: %d\n",count));
912 count = print_queue_status(snum, &queue,&status);
916 *rdata = smb_realloc_limit(*rdata,mdrcnt);
922 desc.buflen = mdrcnt;
925 * Don't return data but need to get correct length
926 * init_package will return wrong size if buflen=0
928 desc.buflen = getlen(desc.format);
929 desc.base = tmpdata = (char *) SMB_MALLOC (desc.buflen);
932 if (init_package(&desc,1,count)) {
933 desc.subcount = count;
934 fill_printq_info(conn,snum,uLevel,&desc,count,queue,&status);
937 *rdata_len = desc.usedlen;
940 * We must set the return code to ERRbuftoosmall
941 * in order to support lanman style printing with Win NT/2k
944 if (!mdrcnt && lp_disable_spoolss())
945 desc.errcode = ERRbuftoosmall;
947 *rdata_len = desc.usedlen;
949 *rparam = smb_realloc_limit(*rparam,*rparam_len);
955 SSVALS(*rparam,0,desc.errcode);
957 SSVAL(*rparam,4,desc.neededlen);
959 DEBUG(4,("printqgetinfo: errorcode %d\n",desc.errcode));
967 /****************************************************************************
968 View list of all print jobs on all queues.
969 ****************************************************************************/
971 static bool api_DosPrintQEnum(connection_struct *conn, uint16 vuid,
972 char *param, int tpscnt,
973 char *data, int tdscnt,
974 int mdrcnt, int mprcnt,
975 char **rdata, char** rparam,
976 int *rdata_len, int *rparam_len)
978 char *param_format = get_safe_str_ptr(param,tpscnt,param,2);
979 char *output_format1 = skip_string(param,tpscnt,param_format);
980 char *p = skip_string(param,tpscnt,output_format1);
981 unsigned int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1);
982 char *output_format2 = get_safe_str_ptr(param,tpscnt,p,4);
983 int services = lp_numservices();
985 struct pack_desc desc;
986 print_queue_struct **queue = NULL;
987 print_status_struct *status = NULL;
988 int *subcntarr = NULL;
989 int queuecnt = 0, subcnt = 0, succnt = 0;
991 if (!param_format || !output_format1 || !p) {
995 memset((char *)&desc,'\0',sizeof(desc));
997 DEBUG(3,("DosPrintQEnum uLevel=%d\n",uLevel));
999 if (!prefix_ok(param_format,"WrLeh")) {
1002 if (!check_printq_info(&desc,uLevel,output_format1,output_format2)) {
1004 * Patch from Scott Moomaw <scott@bridgewater.edu>
1005 * to return the 'invalid info level' error if an
1006 * unknown level was requested.
1010 *rparam = smb_realloc_limit(*rparam,*rparam_len);
1014 SSVALS(*rparam,0,ERRunknownlevel);
1020 for (i = 0; i < services; i++) {
1021 if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) {
1026 if((queue = SMB_MALLOC_ARRAY(print_queue_struct*, queuecnt)) == NULL) {
1027 DEBUG(0,("api_DosPrintQEnum: malloc fail !\n"));
1030 memset(queue,0,queuecnt*sizeof(print_queue_struct*));
1031 if((status = SMB_MALLOC_ARRAY(print_status_struct,queuecnt)) == NULL) {
1032 DEBUG(0,("api_DosPrintQEnum: malloc fail !\n"));
1035 memset(status,0,queuecnt*sizeof(print_status_struct));
1036 if((subcntarr = SMB_MALLOC_ARRAY(int,queuecnt)) == NULL) {
1037 DEBUG(0,("api_DosPrintQEnum: malloc fail !\n"));
1043 for (i = 0; i < services; i++) {
1044 if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) {
1045 subcntarr[n] = print_queue_status(i, &queue[n],&status[n]);
1046 subcnt += subcntarr[n];
1052 *rdata = smb_realloc_limit(*rdata,mdrcnt);
1058 desc.buflen = mdrcnt;
1060 if (init_package(&desc,queuecnt,subcnt)) {
1063 for (i = 0; i < services; i++) {
1064 if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) {
1065 fill_printq_info(conn,i,uLevel,&desc,subcntarr[n],queue[n],&status[n]);
1067 if (desc.errcode == NERR_Success) {
1074 SAFE_FREE(subcntarr);
1076 *rdata_len = desc.usedlen;
1078 *rparam = smb_realloc_limit(*rparam,*rparam_len);
1082 SSVALS(*rparam,0,desc.errcode);
1084 SSVAL(*rparam,4,succnt);
1085 SSVAL(*rparam,6,queuecnt);
1087 for (i = 0; i < queuecnt; i++) {
1089 SAFE_FREE(queue[i]);
1100 SAFE_FREE(subcntarr);
1101 for (i = 0; i < queuecnt; i++) {
1103 SAFE_FREE(queue[i]);
1112 /****************************************************************************
1113 Get info level for a server list query.
1114 ****************************************************************************/
1116 static bool check_server_info(int uLevel, char* id)
1120 if (strcmp(id,"B16") != 0) {
1125 if (strcmp(id,"B16BBDz") != 0) {
1135 struct srv_info_struct {
1143 /*******************************************************************
1144 Get server info lists from the files saved by nmbd. Return the
1146 ******************************************************************/
1148 static int get_server_info(uint32 servertype,
1149 struct srv_info_struct **servers,
1155 bool local_list_only;
1158 lines = file_lines_load(cache_path(SERVER_LIST), NULL, 0, NULL);
1160 DEBUG(4,("Can't open %s - %s\n",cache_path(SERVER_LIST),strerror(errno)));
1164 /* request for everything is code for request all servers */
1165 if (servertype == SV_TYPE_ALL) {
1166 servertype &= ~(SV_TYPE_DOMAIN_ENUM|SV_TYPE_LOCAL_LIST_ONLY);
1169 local_list_only = (servertype & SV_TYPE_LOCAL_LIST_ONLY);
1171 DEBUG(4,("Servertype search: %8x\n",servertype));
1173 for (i=0;lines[i];i++) {
1175 struct srv_info_struct *s;
1176 const char *ptr = lines[i];
1178 TALLOC_CTX *frame = NULL;
1185 if (count == alloced) {
1187 *servers = SMB_REALLOC_ARRAY(*servers,struct srv_info_struct, alloced);
1189 DEBUG(0,("get_server_info: failed to enlarge servers info struct!\n"));
1193 memset((char *)((*servers)+count),'\0',sizeof(**servers)*(alloced-count));
1195 s = &(*servers)[count];
1197 frame = talloc_stackframe();
1199 if (!next_token_talloc(frame,&ptr,&p, NULL)) {
1203 fstrcpy(s->name, p);
1206 if (!next_token_talloc(frame,&ptr, &p, NULL)) {
1212 s->comment[0] = '\0';
1213 if (!next_token_talloc(frame,&ptr, &p, NULL)) {
1217 fstrcpy(s->comment, p);
1219 s->domain[0] = '\0';
1220 if (!next_token_talloc(frame,&ptr,&p, NULL)) {
1221 /* this allows us to cope with an old nmbd */
1222 fstrcpy(s->domain,lp_workgroup());
1224 fstrcpy(s->domain, p);
1228 if (sscanf(stype,"%X",&s->type) != 1) {
1229 DEBUG(4,("r:host file "));
1233 /* Filter the servers/domains we return based on what was asked for. */
1235 /* Check to see if we are being asked for a local list only. */
1236 if(local_list_only && ((s->type & SV_TYPE_LOCAL_LIST_ONLY) == 0)) {
1237 DEBUG(4,("r: local list only"));
1241 /* doesn't match up: don't want it */
1242 if (!(servertype & s->type)) {
1243 DEBUG(4,("r:serv type "));
1247 if ((servertype & SV_TYPE_DOMAIN_ENUM) !=
1248 (s->type & SV_TYPE_DOMAIN_ENUM)) {
1249 DEBUG(4,("s: dom mismatch "));
1253 if (!strequal(domain, s->domain) && !(servertype & SV_TYPE_DOMAIN_ENUM)) {
1257 /* We should never return a server type with a SV_TYPE_LOCAL_LIST_ONLY set. */
1258 s->type &= ~SV_TYPE_LOCAL_LIST_ONLY;
1261 DEBUG(4,("**SV** %20s %8x %25s %15s\n",
1262 s->name, s->type, s->comment, s->domain));
1263 s->server_added = True;
1266 DEBUG(4,("%20s %8x %25s %15s\n",
1267 s->name, s->type, s->comment, s->domain));
1275 /*******************************************************************
1276 Fill in a server info structure.
1277 ******************************************************************/
1279 static int fill_srv_info(struct srv_info_struct *service,
1280 int uLevel, char **buf, int *buflen,
1281 char **stringbuf, int *stringspace, char *baseaddr)
1304 len = strlen(service->comment)+1;
1308 *buflen = struct_len;
1310 return struct_len + len;
1315 if (*buflen < struct_len) {
1322 p2 = p + struct_len;
1323 l2 = *buflen - struct_len;
1331 push_ascii(p,service->name, MAX_NETBIOSNAME_LEN, STR_TERMINATE);
1335 push_ascii(p,service->name,MAX_NETBIOSNAME_LEN, STR_TERMINATE);
1336 SIVAL(p,18,service->type);
1337 SIVAL(p,22,PTR_DIFF(p2,baseaddr));
1338 len += CopyAndAdvance(&p2,service->comment,&l2);
1343 *buf = p + struct_len;
1344 *buflen -= struct_len;
1355 static bool srv_comp(struct srv_info_struct *s1,struct srv_info_struct *s2)
1357 return(strcmp(s1->name,s2->name));
1360 /****************************************************************************
1361 View list of servers available (or possibly domains). The info is
1362 extracted from lists saved by nmbd on the local host.
1363 ****************************************************************************/
1365 static bool api_RNetServerEnum(connection_struct *conn, uint16 vuid,
1366 char *param, int tpscnt,
1367 char *data, int tdscnt,
1368 int mdrcnt, int mprcnt, char **rdata,
1369 char **rparam, int *rdata_len, int *rparam_len)
1371 char *str1 = get_safe_str_ptr(param, tpscnt, param, 2);
1372 char *str2 = skip_string(param,tpscnt,str1);
1373 char *p = skip_string(param,tpscnt,str2);
1374 int uLevel = get_safe_SVAL(param, tpscnt, p, 0, -1);
1375 int buf_len = get_safe_SVAL(param,tpscnt, p, 2, 0);
1376 uint32 servertype = get_safe_IVAL(param,tpscnt,p,4, 0);
1378 int data_len, fixed_len, string_len;
1379 int f_len = 0, s_len = 0;
1380 struct srv_info_struct *servers=NULL;
1381 int counted=0,total=0;
1384 bool domain_request;
1387 if (!str1 || !str2 || !p) {
1391 /* If someone sets all the bits they don't really mean to set
1392 DOMAIN_ENUM and LOCAL_LIST_ONLY, they just want all the
1395 if (servertype == SV_TYPE_ALL) {
1396 servertype &= ~(SV_TYPE_DOMAIN_ENUM|SV_TYPE_LOCAL_LIST_ONLY);
1399 /* If someone sets SV_TYPE_LOCAL_LIST_ONLY but hasn't set
1400 any other bit (they may just set this bit on its own) they
1401 want all the locally seen servers. However this bit can be
1402 set on its own so set the requested servers to be
1403 ALL - DOMAIN_ENUM. */
1405 if ((servertype & SV_TYPE_LOCAL_LIST_ONLY) && !(servertype & SV_TYPE_DOMAIN_ENUM)) {
1406 servertype = SV_TYPE_ALL & ~(SV_TYPE_DOMAIN_ENUM);
1409 domain_request = ((servertype & SV_TYPE_DOMAIN_ENUM) != 0);
1410 local_request = ((servertype & SV_TYPE_LOCAL_LIST_ONLY) != 0);
1414 if (!prefix_ok(str1,"WrLehD")) {
1417 if (!check_server_info(uLevel,str2)) {
1421 DEBUG(4, ("server request level: %s %8x ", str2, servertype));
1422 DEBUG(4, ("domains_req:%s ", BOOLSTR(domain_request)));
1423 DEBUG(4, ("local_only:%s\n", BOOLSTR(local_request)));
1425 if (strcmp(str1, "WrLehDz") == 0) {
1426 if (skip_string(param,tpscnt,p) == NULL) {
1429 pull_ascii_fstring(domain, p);
1431 fstrcpy(domain, lp_workgroup());
1434 if (lp_browse_list()) {
1435 total = get_server_info(servertype,&servers,domain);
1438 data_len = fixed_len = string_len = 0;
1442 qsort(servers,total,sizeof(servers[0]),QSORT_CAST srv_comp);
1446 char *lastname=NULL;
1448 for (i=0;i<total;i++) {
1449 struct srv_info_struct *s = &servers[i];
1451 if (lastname && strequal(lastname,s->name)) {
1455 data_len += fill_srv_info(s,uLevel,0,&f_len,0,&s_len,0);
1456 DEBUG(4,("fill_srv_info %20s %8x %25s %15s\n",
1457 s->name, s->type, s->comment, s->domain));
1459 if (data_len <= buf_len) {
1462 string_len += s_len;
1469 *rdata_len = fixed_len + string_len;
1470 *rdata = smb_realloc_limit(*rdata,*rdata_len);
1475 p2 = (*rdata) + fixed_len; /* auxilliary data (strings) will go here */
1481 char *lastname=NULL;
1482 int count2 = counted;
1484 for (i = 0; i < total && count2;i++) {
1485 struct srv_info_struct *s = &servers[i];
1487 if (lastname && strequal(lastname,s->name)) {
1491 fill_srv_info(s,uLevel,&p,&f_len,&p2,&s_len,*rdata);
1492 DEBUG(4,("fill_srv_info %20s %8x %25s %15s\n",
1493 s->name, s->type, s->comment, s->domain));
1499 *rparam = smb_realloc_limit(*rparam,*rparam_len);
1503 SSVAL(*rparam,0,(missed == 0 ? NERR_Success : ERRmoredata));
1505 SSVAL(*rparam,4,counted);
1506 SSVAL(*rparam,6,counted+missed);
1510 DEBUG(3,("NetServerEnum domain = %s uLevel=%d counted=%d total=%d\n",
1511 domain,uLevel,counted,counted+missed));
1516 /****************************************************************************
1517 command 0x34 - suspected of being a "Lookup Names" stub api
1518 ****************************************************************************/
1520 static bool api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid,
1521 char *param, int tpscnt,
1522 char *data, int tdscnt,
1523 int mdrcnt, int mprcnt, char **rdata,
1524 char **rparam, int *rdata_len, int *rparam_len)
1526 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
1527 char *str2 = skip_string(param,tpscnt,str1);
1528 char *p = skip_string(param,tpscnt,str2);
1529 int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1);
1530 int buf_len = get_safe_SVAL(param,tpscnt,p,2,0);
1534 if (!str1 || !str2 || !p) {
1538 DEBUG(5,("RNetGroupGetUsers: %s %s %s %d %d\n",
1539 str1, str2, p, uLevel, buf_len));
1541 if (!prefix_ok(str1,"zWrLeh")) {
1548 *rparam = smb_realloc_limit(*rparam,*rparam_len);
1553 SSVAL(*rparam,0,0x08AC); /* informational warning message */
1555 SSVAL(*rparam,4,counted);
1556 SSVAL(*rparam,6,counted+missed);
1561 /****************************************************************************
1562 get info about a share
1563 ****************************************************************************/
1565 static bool check_share_info(int uLevel, char* id)
1569 if (strcmp(id,"B13") != 0) {
1574 if (strcmp(id,"B13BWz") != 0) {
1579 if (strcmp(id,"B13BWzWWWzB9B") != 0) {
1584 if (strcmp(id,"B13BWzWWWzB9BB9BWzWWzWW") != 0) {
1594 static int fill_share_info(connection_struct *conn, int snum, int uLevel,
1595 char** buf, int* buflen,
1596 char** stringbuf, int* stringspace, char* baseaddr)
1625 len += StrlenExpanded(conn,snum,lp_comment(snum));
1628 len += strlen(lp_pathname(snum)) + 1;
1631 *buflen = struct_len;
1636 return struct_len + len;
1641 if ((*buflen) < struct_len) {
1649 p2 = p + struct_len;
1650 l2 = (*buflen) - struct_len;
1657 push_ascii(p,lp_servicename(snum),13, STR_TERMINATE);
1663 type = STYPE_DISKTREE;
1664 if (lp_print_ok(snum)) {
1665 type = STYPE_PRINTQ;
1667 if (strequal("IPC",lp_fstype(snum))) {
1670 SSVAL(p,14,type); /* device type */
1671 SIVAL(p,16,PTR_DIFF(p2,baseaddr));
1672 len += CopyExpanded(conn,snum,&p2,lp_comment(snum),&l2);
1676 SSVAL(p,20,ACCESS_READ|ACCESS_WRITE|ACCESS_CREATE); /* permissions */
1677 SSVALS(p,22,-1); /* max uses */
1678 SSVAL(p,24,1); /* current uses */
1679 SIVAL(p,26,PTR_DIFF(p2,baseaddr)); /* local pathname */
1680 len += CopyAndAdvance(&p2,lp_pathname(snum),&l2);
1681 memset(p+30,0,SHPWLEN+2); /* passwd (reserved), pad field */
1685 memset(p+40,0,SHPWLEN+2);
1696 (*buf) = p + struct_len;
1697 (*buflen) -= struct_len;
1699 (*stringspace) = l2;
1708 static bool api_RNetShareGetInfo(connection_struct *conn,uint16 vuid,
1709 char *param, int tpscnt,
1710 char *data, int tdscnt,
1711 int mdrcnt,int mprcnt,
1712 char **rdata,char **rparam,
1713 int *rdata_len,int *rparam_len)
1715 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
1716 char *str2 = skip_string(param,tpscnt,str1);
1717 char *netname = skip_string(param,tpscnt,str2);
1718 char *p = skip_string(param,tpscnt,netname);
1719 int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1);
1722 if (!str1 || !str2 || !netname || !p) {
1726 snum = find_service(netname);
1731 /* check it's a supported varient */
1732 if (!prefix_ok(str1,"zWrLh")) {
1735 if (!check_share_info(uLevel,str2)) {
1739 *rdata = smb_realloc_limit(*rdata,mdrcnt);
1744 *rdata_len = fill_share_info(conn,snum,uLevel,&p,&mdrcnt,0,0,0);
1745 if (*rdata_len < 0) {
1750 *rparam = smb_realloc_limit(*rparam,*rparam_len);
1754 SSVAL(*rparam,0,NERR_Success);
1755 SSVAL(*rparam,2,0); /* converter word */
1756 SSVAL(*rparam,4,*rdata_len);
1761 /****************************************************************************
1762 View the list of available shares.
1764 This function is the server side of the NetShareEnum() RAP call.
1765 It fills the return buffer with share names and share comments.
1766 Note that the return buffer normally (in all known cases) allows only
1767 twelve byte strings for share names (plus one for a nul terminator).
1768 Share names longer than 12 bytes must be skipped.
1769 ****************************************************************************/
1771 static bool api_RNetShareEnum( connection_struct *conn, uint16 vuid,
1772 char *param, int tpscnt,
1773 char *data, int tdscnt,
1781 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
1782 char *str2 = skip_string(param,tpscnt,str1);
1783 char *p = skip_string(param,tpscnt,str2);
1784 int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1);
1785 int buf_len = get_safe_SVAL(param,tpscnt,p,2,0);
1788 int total=0,counted=0;
1789 bool missed = False;
1791 int data_len, fixed_len, string_len;
1792 int f_len = 0, s_len = 0;
1794 if (!str1 || !str2 || !p) {
1798 if (!prefix_ok(str1,"WrLeh")) {
1801 if (!check_share_info(uLevel,str2)) {
1805 /* Ensure all the usershares are loaded. */
1807 load_registry_shares();
1808 count = load_usershare_shares();
1811 data_len = fixed_len = string_len = 0;
1812 for (i=0;i<count;i++) {
1813 fstring servicename_dos;
1814 if (!(lp_browseable(i) && lp_snum_ok(i))) {
1817 push_ascii_fstring(servicename_dos, lp_servicename(i));
1818 /* Maximum name length = 13. */
1819 if( lp_browseable( i ) && lp_snum_ok( i ) && (strlen(servicename_dos) < 13)) {
1821 data_len += fill_share_info(conn,i,uLevel,0,&f_len,0,&s_len,0);
1822 if (data_len <= buf_len) {
1825 string_len += s_len;
1832 *rdata_len = fixed_len + string_len;
1833 *rdata = smb_realloc_limit(*rdata,*rdata_len);
1838 p2 = (*rdata) + fixed_len; /* auxiliary data (strings) will go here */
1843 for( i = 0; i < count; i++ ) {
1844 fstring servicename_dos;
1845 if (!(lp_browseable(i) && lp_snum_ok(i))) {
1849 push_ascii_fstring(servicename_dos, lp_servicename(i));
1850 if (lp_browseable(i) && lp_snum_ok(i) && (strlen(servicename_dos) < 13)) {
1851 if (fill_share_info( conn,i,uLevel,&p,&f_len,&p2,&s_len,*rdata ) < 0) {
1858 *rparam = smb_realloc_limit(*rparam,*rparam_len);
1862 SSVAL(*rparam,0,missed ? ERRmoredata : NERR_Success);
1864 SSVAL(*rparam,4,counted);
1865 SSVAL(*rparam,6,total);
1867 DEBUG(3,("RNetShareEnum gave %d entries of %d (%d %d %d %d)\n",
1868 counted,total,uLevel,
1869 buf_len,*rdata_len,mdrcnt));
1874 /****************************************************************************
1876 ****************************************************************************/
1878 static bool api_RNetShareAdd(connection_struct *conn,uint16 vuid,
1879 char *param, int tpscnt,
1880 char *data, int tdscnt,
1881 int mdrcnt,int mprcnt,
1882 char **rdata,char **rparam,
1883 int *rdata_len,int *rparam_len)
1885 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
1886 char *str2 = skip_string(param,tpscnt,str1);
1887 char *p = skip_string(param,tpscnt,str2);
1888 int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1);
1891 char *pathname = NULL;
1892 char *command, *cmdname;
1893 unsigned int offset;
1896 size_t converted_size;
1898 if (!str1 || !str2 || !p) {
1902 /* check it's a supported varient */
1903 if (!prefix_ok(str1,RAP_WShareAdd_REQ)) {
1906 if (!check_share_info(uLevel,str2)) {
1913 /* Do we have a string ? */
1914 if (skip_string(data,mdrcnt,data) == NULL) {
1917 pull_ascii_fstring(sharename,data);
1918 snum = find_service(sharename);
1919 if (snum >= 0) { /* already exists */
1928 /* only support disk share adds */
1929 if (SVAL(data,14)!=STYPE_DISKTREE) {
1933 offset = IVAL(data, 16);
1934 if (offset >= mdrcnt) {
1935 res = ERRinvalidparam;
1939 /* Do we have a string ? */
1940 if (skip_string(data,mdrcnt,data+offset) == NULL) {
1943 pull_ascii_fstring(comment, offset? (data+offset) : "");
1945 offset = IVAL(data, 26);
1947 if (offset >= mdrcnt) {
1948 res = ERRinvalidparam;
1952 /* Do we have a string ? */
1953 if (skip_string(data,mdrcnt,data+offset) == NULL) {
1957 if (!pull_ascii_talloc(talloc_tos(), &pathname,
1958 offset ? (data+offset) : "", &converted_size))
1960 DEBUG(0,("api_RNetShareAdd: pull_ascii_talloc failed: %s",
1968 string_replace(sharename, '"', ' ');
1969 string_replace(pathname, '"', ' ');
1970 string_replace(comment, '"', ' ');
1972 cmdname = lp_add_share_cmd();
1974 if (!cmdname || *cmdname == '\0') {
1978 if (asprintf(&command, "%s \"%s\" \"%s\" \"%s\" \"%s\"",
1979 lp_add_share_cmd(), get_dyn_CONFIGFILE(), sharename,
1980 pathname, comment) == -1) {
1984 DEBUG(10,("api_RNetShareAdd: Running [%s]\n", command ));
1986 if ((res = smbrun(command, NULL)) != 0) {
1987 DEBUG(1,("api_RNetShareAdd: Running [%s] returned (%d)\n",
1994 message_send_all(smbd_messaging_context(),
1995 MSG_SMB_CONF_UPDATED, NULL, 0, NULL);
1999 *rparam = smb_realloc_limit(*rparam,*rparam_len);
2003 SSVAL(*rparam,0,NERR_Success);
2004 SSVAL(*rparam,2,0); /* converter word */
2005 SSVAL(*rparam,4,*rdata_len);
2013 *rparam = smb_realloc_limit(*rparam,*rparam_len);
2018 SSVAL(*rparam,0,res);
2023 /****************************************************************************
2024 view list of groups available
2025 ****************************************************************************/
2027 static bool api_RNetGroupEnum(connection_struct *conn,uint16 vuid,
2028 char *param, int tpscnt,
2029 char *data, int tdscnt,
2030 int mdrcnt,int mprcnt,
2031 char **rdata,char **rparam,
2032 int *rdata_len,int *rparam_len)
2036 int resume_context, cli_buf_size;
2037 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
2038 char *str2 = skip_string(param,tpscnt,str1);
2039 char *p = skip_string(param,tpscnt,str2);
2041 uint32_t num_groups;
2042 uint32_t resume_handle;
2043 struct rpc_pipe_client *samr_pipe;
2044 struct policy_handle samr_handle, domain_handle;
2047 if (!str1 || !str2 || !p) {
2051 if (strcmp(str1,"WrLeh") != 0) {
2056 * W-> resume context (number of users to skip)
2057 * r -> return parameter pointer to receive buffer
2058 * L -> length of receive buffer
2059 * e -> return parameter number of entries
2060 * h -> return parameter total number of users
2063 if (strcmp("B21",str2) != 0) {
2067 status = rpc_pipe_open_internal(
2068 talloc_tos(), &ndr_table_samr.syntax_id, rpc_samr_dispatch,
2069 conn->server_info, &samr_pipe);
2070 if (!NT_STATUS_IS_OK(status)) {
2071 DEBUG(0, ("api_RNetUserEnum: Could not connect to samr: %s\n",
2072 nt_errstr(status)));
2076 status = rpccli_samr_Connect2(samr_pipe, talloc_tos(), global_myname(),
2077 SAMR_ACCESS_LOOKUP_DOMAIN, &samr_handle);
2078 if (!NT_STATUS_IS_OK(status)) {
2079 DEBUG(0, ("api_RNetUserEnum: samr_Connect2 failed: %s\n",
2080 nt_errstr(status)));
2084 status = rpccli_samr_OpenDomain(samr_pipe, talloc_tos(), &samr_handle,
2085 SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
2086 get_global_sam_sid(), &domain_handle);
2087 if (!NT_STATUS_IS_OK(status)) {
2088 DEBUG(0, ("api_RNetUserEnum: samr_OpenDomain failed: %s\n",
2089 nt_errstr(status)));
2090 rpccli_samr_Close(samr_pipe, talloc_tos(), &samr_handle);
2094 resume_context = get_safe_SVAL(param,tpscnt,p,0,-1);
2095 cli_buf_size= get_safe_SVAL(param,tpscnt,p,2,0);
2096 DEBUG(10,("api_RNetGroupEnum:resume context: %d, client buffer size: "
2097 "%d\n", resume_context, cli_buf_size));
2099 *rdata_len = cli_buf_size;
2100 *rdata = smb_realloc_limit(*rdata,*rdata_len);
2107 errflags = NERR_Success;
2112 struct samr_SamArray *sam_entries;
2113 uint32_t num_entries;
2115 status = rpccli_samr_EnumDomainGroups(samr_pipe, talloc_tos(),
2120 if (!NT_STATUS_IS_OK(status)) {
2121 DEBUG(10, ("rpccli_samr_EnumDomainGroups returned "
2122 "%s\n", nt_errstr(status)));
2126 if (num_entries == 0) {
2127 DEBUG(10, ("rpccli_samr_EnumDomainGroups returned "
2128 "no entries -- done\n"));
2132 for(i=0; i<num_entries; i++) {
2135 name = sam_entries->entries[i].name.string;
2137 if( ((PTR_DIFF(p,*rdata)+21) > *rdata_len) ) {
2138 /* set overflow error */
2139 DEBUG(3,("overflow on entry %d group %s\n", i,
2145 /* truncate the name at 21 chars. */
2147 strlcpy(p, name, 21);
2148 DEBUG(10,("adding entry %d group %s\n", i, p));
2150 p += 5; /* Both NT4 and W2k3SP1 do padding here. No
2155 if (errflags != NERR_Success) {
2159 TALLOC_FREE(sam_entries);
2162 rpccli_samr_Close(samr_pipe, talloc_tos(), &domain_handle);
2163 rpccli_samr_Close(samr_pipe, talloc_tos(), &samr_handle);
2165 *rdata_len = PTR_DIFF(p,*rdata);
2168 *rparam = smb_realloc_limit(*rparam,*rparam_len);
2172 SSVAL(*rparam, 0, errflags);
2173 SSVAL(*rparam, 2, 0); /* converter word */
2174 SSVAL(*rparam, 4, num_groups); /* is this right?? */
2175 SSVAL(*rparam, 6, resume_context+num_groups); /* is this right?? */
2180 /*******************************************************************
2181 Get groups that a user is a member of.
2182 ******************************************************************/
2184 static bool api_NetUserGetGroups(connection_struct *conn,uint16 vuid,
2185 char *param, int tpscnt,
2186 char *data, int tdscnt,
2187 int mdrcnt,int mprcnt,
2188 char **rdata,char **rparam,
2189 int *rdata_len,int *rparam_len)
2191 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
2192 char *str2 = skip_string(param,tpscnt,str1);
2193 char *UserName = skip_string(param,tpscnt,str2);
2194 char *p = skip_string(param,tpscnt,UserName);
2195 int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1);
2196 const char *level_string;
2202 struct rpc_pipe_client *samr_pipe;
2203 struct policy_handle samr_handle, domain_handle, user_handle;
2204 struct lsa_String name;
2205 struct lsa_Strings names;
2206 struct samr_Ids type, rid;
2207 struct samr_RidWithAttributeArray *rids;
2210 if (!str1 || !str2 || !UserName || !p) {
2215 *rparam = smb_realloc_limit(*rparam,*rparam_len);
2220 /* check it's a supported varient */
2222 if ( strcmp(str1,"zWrLeh") != 0 )
2227 level_string = "B21";
2233 if (strcmp(level_string,str2) != 0)
2236 *rdata_len = mdrcnt + 1024;
2237 *rdata = smb_realloc_limit(*rdata,*rdata_len);
2242 SSVAL(*rparam,0,NERR_Success);
2243 SSVAL(*rparam,2,0); /* converter word */
2246 endp = *rdata + *rdata_len;
2248 status = rpc_pipe_open_internal(
2249 talloc_tos(), &ndr_table_samr.syntax_id, rpc_samr_dispatch,
2250 conn->server_info, &samr_pipe);
2251 if (!NT_STATUS_IS_OK(status)) {
2252 DEBUG(0, ("api_RNetUserEnum: Could not connect to samr: %s\n",
2253 nt_errstr(status)));
2257 status = rpccli_samr_Connect2(samr_pipe, talloc_tos(), global_myname(),
2258 SAMR_ACCESS_LOOKUP_DOMAIN, &samr_handle);
2259 if (!NT_STATUS_IS_OK(status)) {
2260 DEBUG(0, ("api_RNetUserEnum: samr_Connect2 failed: %s\n",
2261 nt_errstr(status)));
2265 status = rpccli_samr_OpenDomain(samr_pipe, talloc_tos(), &samr_handle,
2266 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
2267 get_global_sam_sid(), &domain_handle);
2268 if (!NT_STATUS_IS_OK(status)) {
2269 DEBUG(0, ("api_RNetUserEnum: samr_OpenDomain failed: %s\n",
2270 nt_errstr(status)));
2274 name.string = UserName;
2276 status = rpccli_samr_LookupNames(samr_pipe, talloc_tos(),
2277 &domain_handle, 1, &name,
2279 if (!NT_STATUS_IS_OK(status)) {
2280 DEBUG(0, ("api_RNetUserEnum: samr_LookupNames failed: %s\n",
2281 nt_errstr(status)));
2285 if (type.ids[0] != SID_NAME_USER) {
2286 DEBUG(10, ("%s is a %s, not a user\n", UserName,
2287 sid_type_lookup(type.ids[0])));
2291 status = rpccli_samr_OpenUser(samr_pipe, talloc_tos(),
2293 SAMR_USER_ACCESS_GET_GROUPS,
2294 rid.ids[0], &user_handle);
2295 if (!NT_STATUS_IS_OK(status)) {
2296 DEBUG(0, ("api_RNetUserEnum: samr_LookupNames failed: %s\n",
2297 nt_errstr(status)));
2301 status = rpccli_samr_GetGroupsForUser(samr_pipe, talloc_tos(),
2302 &user_handle, &rids);
2303 if (!NT_STATUS_IS_OK(status)) {
2304 DEBUG(0, ("api_RNetUserEnum: samr_LookupNames failed: %s\n",
2305 nt_errstr(status)));
2309 for (i=0; i<rids->count; i++) {
2311 status = rpccli_samr_LookupRids(samr_pipe, talloc_tos(),
2313 1, &rids->rids[i].rid,
2315 if (NT_STATUS_IS_OK(status) && (names.count == 1)) {
2316 strlcpy(p, names.names[0].string, PTR_DIFF(endp,p));
2322 *rdata_len = PTR_DIFF(p,*rdata);
2324 SSVAL(*rparam,4,count); /* is this right?? */
2325 SSVAL(*rparam,6,count); /* is this right?? */
2330 rpccli_samr_Close(samr_pipe, talloc_tos(), &user_handle);
2332 rpccli_samr_Close(samr_pipe, talloc_tos(), &domain_handle);
2334 rpccli_samr_Close(samr_pipe, talloc_tos(), &samr_handle);
2339 /*******************************************************************
2341 ******************************************************************/
2343 static bool api_RNetUserEnum(connection_struct *conn, uint16 vuid,
2344 char *param, int tpscnt,
2345 char *data, int tdscnt,
2346 int mdrcnt,int mprcnt,
2347 char **rdata,char **rparam,
2348 int *rdata_len,int *rparam_len)
2353 int i, resume_context, cli_buf_size;
2354 uint32_t resume_handle;
2356 struct rpc_pipe_client *samr_pipe;
2357 struct policy_handle samr_handle, domain_handle;
2360 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
2361 char *str2 = skip_string(param,tpscnt,str1);
2362 char *p = skip_string(param,tpscnt,str2);
2365 if (!str1 || !str2 || !p) {
2369 if (strcmp(str1,"WrLeh") != 0)
2372 * W-> resume context (number of users to skip)
2373 * r -> return parameter pointer to receive buffer
2374 * L -> length of receive buffer
2375 * e -> return parameter number of entries
2376 * h -> return parameter total number of users
2379 resume_context = get_safe_SVAL(param,tpscnt,p,0,-1);
2380 cli_buf_size= get_safe_SVAL(param,tpscnt,p,2,0);
2381 DEBUG(10,("api_RNetUserEnum:resume context: %d, client buffer size: %d\n",
2382 resume_context, cli_buf_size));
2385 *rparam = smb_realloc_limit(*rparam,*rparam_len);
2390 /* check it's a supported varient */
2391 if (strcmp("B21",str2) != 0)
2394 *rdata_len = cli_buf_size;
2395 *rdata = smb_realloc_limit(*rdata,*rdata_len);
2401 endp = *rdata + *rdata_len;
2403 status = rpc_pipe_open_internal(
2404 talloc_tos(), &ndr_table_samr.syntax_id, rpc_samr_dispatch,
2405 conn->server_info, &samr_pipe);
2406 if (!NT_STATUS_IS_OK(status)) {
2407 DEBUG(0, ("api_RNetUserEnum: Could not connect to samr: %s\n",
2408 nt_errstr(status)));
2412 status = rpccli_samr_Connect2(samr_pipe, talloc_tos(), global_myname(),
2413 SAMR_ACCESS_LOOKUP_DOMAIN, &samr_handle);
2414 if (!NT_STATUS_IS_OK(status)) {
2415 DEBUG(0, ("api_RNetUserEnum: samr_Connect2 failed: %s\n",
2416 nt_errstr(status)));
2420 status = rpccli_samr_OpenDomain(samr_pipe, talloc_tos(), &samr_handle,
2421 SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
2422 get_global_sam_sid(), &domain_handle);
2423 if (!NT_STATUS_IS_OK(status)) {
2424 DEBUG(0, ("api_RNetUserEnum: samr_OpenDomain failed: %s\n",
2425 nt_errstr(status)));
2426 rpccli_samr_Close(samr_pipe, talloc_tos(), &samr_handle);
2430 errflags=NERR_Success;
2435 struct samr_SamArray *sam_entries;
2436 uint32_t num_entries;
2438 status = rpccli_samr_EnumDomainUsers(samr_pipe, talloc_tos(),
2444 if (!NT_STATUS_IS_OK(status)) {
2445 DEBUG(10, ("rpccli_samr_EnumDomainUsers returned "
2446 "%s\n", nt_errstr(status)));
2450 if (num_entries == 0) {
2451 DEBUG(10, ("rpccli_samr_EnumDomainUsers returned "
2452 "no entries -- done\n"));
2456 for (i=0; i<num_entries; i++) {
2459 name = sam_entries->entries[i].name.string;
2461 if(((PTR_DIFF(p,*rdata)+21)<=*rdata_len)
2462 &&(strlen(name)<=21)) {
2463 strlcpy(p,name,PTR_DIFF(endp,p));
2464 DEBUG(10,("api_RNetUserEnum:adding entry %d "
2465 "username %s\n",count_sent,p));
2469 /* set overflow error */
2470 DEBUG(10,("api_RNetUserEnum:overflow on entry %d "
2471 "username %s\n",count_sent,name));
2477 if (errflags != NERR_Success) {
2481 TALLOC_FREE(sam_entries);
2484 rpccli_samr_Close(samr_pipe, talloc_tos(), &domain_handle);
2485 rpccli_samr_Close(samr_pipe, talloc_tos(), &samr_handle);
2487 *rdata_len = PTR_DIFF(p,*rdata);
2489 SSVAL(*rparam,0,errflags);
2490 SSVAL(*rparam,2,0); /* converter word */
2491 SSVAL(*rparam,4,count_sent); /* is this right?? */
2492 SSVAL(*rparam,6,num_users); /* is this right?? */
2497 /****************************************************************************
2498 Get the time of day info.
2499 ****************************************************************************/
2501 static bool api_NetRemoteTOD(connection_struct *conn,uint16 vuid,
2502 char *param, int tpscnt,
2503 char *data, int tdscnt,
2504 int mdrcnt,int mprcnt,
2505 char **rdata,char **rparam,
2506 int *rdata_len,int *rparam_len)
2509 time_t unixdate = time(NULL);
2513 *rparam = smb_realloc_limit(*rparam,*rparam_len);
2519 *rdata = smb_realloc_limit(*rdata,*rdata_len);
2524 SSVAL(*rparam,0,NERR_Success);
2525 SSVAL(*rparam,2,0); /* converter word */
2529 srv_put_dos_date3(p,0,unixdate); /* this is the time that is looked at
2530 by NT in a "net time" operation,
2531 it seems to ignore the one below */
2533 /* the client expects to get localtime, not GMT, in this bit
2534 (I think, this needs testing) */
2535 t = localtime(&unixdate);
2540 SIVAL(p,4,0); /* msecs ? */
2541 SCVAL(p,8,t->tm_hour);
2542 SCVAL(p,9,t->tm_min);
2543 SCVAL(p,10,t->tm_sec);
2544 SCVAL(p,11,0); /* hundredths of seconds */
2545 SSVALS(p,12,get_time_zone(unixdate)/60); /* timezone in minutes from GMT */
2546 SSVAL(p,14,10000); /* timer interval in 0.0001 of sec */
2547 SCVAL(p,16,t->tm_mday);
2548 SCVAL(p,17,t->tm_mon + 1);
2549 SSVAL(p,18,1900+t->tm_year);
2550 SCVAL(p,20,t->tm_wday);
2555 /****************************************************************************
2556 Set the user password.
2557 *****************************************************************************/
2559 static bool api_SetUserPassword(connection_struct *conn,uint16 vuid,
2560 char *param, int tpscnt,
2561 char *data, int tdscnt,
2562 int mdrcnt,int mprcnt,
2563 char **rdata,char **rparam,
2564 int *rdata_len,int *rparam_len)
2566 char *np = get_safe_str_ptr(param,tpscnt,param,2);
2569 fstring pass1,pass2;
2571 /* Skip 2 strings. */
2572 p = skip_string(param,tpscnt,np);
2573 p = skip_string(param,tpscnt,p);
2579 /* Do we have a string ? */
2580 if (skip_string(param,tpscnt,p) == NULL) {
2583 pull_ascii_fstring(user,p);
2585 p = skip_string(param,tpscnt,p);
2590 memset(pass1,'\0',sizeof(pass1));
2591 memset(pass2,'\0',sizeof(pass2));
2593 * We use 31 here not 32 as we're checking
2594 * the last byte we want to access is safe.
2596 if (!is_offset_safe(param,tpscnt,p,31)) {
2600 memcpy(pass2,p+16,16);
2603 *rparam = smb_realloc_limit(*rparam,*rparam_len);
2610 SSVAL(*rparam,0,NERR_badpass);
2611 SSVAL(*rparam,2,0); /* converter word */
2613 DEBUG(3,("Set password for <%s>\n",user));
2616 * Attempt to verify the old password against smbpasswd entries
2617 * Win98 clients send old and new password in plaintext for this call.
2621 auth_serversupplied_info *server_info = NULL;
2622 DATA_BLOB password = data_blob(pass1, strlen(pass1)+1);
2624 if (NT_STATUS_IS_OK(check_plaintext_password(user,password,&server_info))) {
2627 if (NT_STATUS_IS_OK(change_oem_password(server_info->sam_account, pass1, pass2, False, NULL))) {
2628 SSVAL(*rparam,0,NERR_Success);
2632 TALLOC_FREE(server_info);
2634 data_blob_clear_free(&password);
2638 * If the plaintext change failed, attempt
2639 * the old encrypted method. NT will generate this
2640 * after trying the samr method. Note that this
2641 * method is done as a last resort as this
2642 * password change method loses the NT password hash
2643 * and cannot change the UNIX password as no plaintext
2647 if(SVAL(*rparam,0) != NERR_Success) {
2648 struct samu *hnd = NULL;
2650 if (check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &hnd)) {
2652 if (change_lanman_password(hnd,(uchar *)pass2)) {
2653 SSVAL(*rparam,0,NERR_Success);
2660 memset((char *)pass1,'\0',sizeof(fstring));
2661 memset((char *)pass2,'\0',sizeof(fstring));
2666 /****************************************************************************
2667 Set the user password (SamOEM version - gets plaintext).
2668 ****************************************************************************/
2670 static bool api_SamOEMChangePassword(connection_struct *conn,uint16 vuid,
2671 char *param, int tpscnt,
2672 char *data, int tdscnt,
2673 int mdrcnt,int mprcnt,
2674 char **rdata,char **rparam,
2675 int *rdata_len,int *rparam_len)
2677 struct smbd_server_connection *sconn = smbd_server_conn;
2679 char *p = get_safe_str_ptr(param,tpscnt,param,2);
2681 *rparam = smb_realloc_limit(*rparam,*rparam_len);
2691 SSVAL(*rparam,0,NERR_badpass);
2694 * Check the parameter definition is correct.
2697 /* Do we have a string ? */
2698 if (skip_string(param,tpscnt,p) == 0) {
2701 if(!strequal(p, "zsT")) {
2702 DEBUG(0,("api_SamOEMChangePassword: Invalid parameter string %s\n", p));
2705 p = skip_string(param, tpscnt, p);
2710 /* Do we have a string ? */
2711 if (skip_string(param,tpscnt,p) == 0) {
2714 if(!strequal(p, "B516B16")) {
2715 DEBUG(0,("api_SamOEMChangePassword: Invalid data parameter string %s\n", p));
2718 p = skip_string(param,tpscnt,p);
2722 /* Do we have a string ? */
2723 if (skip_string(param,tpscnt,p) == 0) {
2726 p += pull_ascii_fstring(user,p);
2728 DEBUG(3,("api_SamOEMChangePassword: Change password for <%s>\n",user));
2731 * Pass the user through the NT -> unix user mapping
2735 (void)map_username(sconn, user);
2737 if (NT_STATUS_IS_OK(pass_oem_change(user, (uchar*) data, (uchar *)&data[516], NULL, NULL, NULL))) {
2738 SSVAL(*rparam,0,NERR_Success);
2744 /****************************************************************************
2747 ****************************************************************************/
2749 static bool api_RDosPrintJobDel(connection_struct *conn,uint16 vuid,
2750 char *param, int tpscnt,
2751 char *data, int tdscnt,
2752 int mdrcnt,int mprcnt,
2753 char **rdata,char **rparam,
2754 int *rdata_len,int *rparam_len)
2756 int function = get_safe_SVAL(param,tpscnt,param,0,0);
2757 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
2758 char *str2 = skip_string(param,tpscnt,str1);
2759 char *p = skip_string(param,tpscnt,str2);
2764 WERROR werr = WERR_OK;
2766 if (!str1 || !str2 || !p) {
2770 * We use 1 here not 2 as we're checking
2771 * the last byte we want to access is safe.
2773 if (!is_offset_safe(param,tpscnt,p,1)) {
2776 if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid))
2779 /* check it's a supported varient */
2780 if (!(strcsequal(str1,"W") && strcsequal(str2,"")))
2784 *rparam = smb_realloc_limit(*rparam,*rparam_len);
2790 if (!print_job_exists(sharename, jobid)) {
2791 errcode = NERR_JobNotFound;
2795 snum = lp_servicenumber( sharename);
2797 errcode = NERR_DestNotFound;
2801 errcode = NERR_notsupported;
2804 case 81: /* delete */
2805 if (print_job_delete(conn->server_info, snum, jobid, &werr))
2806 errcode = NERR_Success;
2808 case 82: /* pause */
2809 if (print_job_pause(conn->server_info, snum, jobid, &werr))
2810 errcode = NERR_Success;
2812 case 83: /* resume */
2813 if (print_job_resume(conn->server_info, snum, jobid, &werr))
2814 errcode = NERR_Success;
2818 if (!W_ERROR_IS_OK(werr))
2819 errcode = W_ERROR_V(werr);
2822 SSVAL(*rparam,0,errcode);
2823 SSVAL(*rparam,2,0); /* converter word */
2828 /****************************************************************************
2829 Purge a print queue - or pause or resume it.
2830 ****************************************************************************/
2832 static bool api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid,
2833 char *param, int tpscnt,
2834 char *data, int tdscnt,
2835 int mdrcnt,int mprcnt,
2836 char **rdata,char **rparam,
2837 int *rdata_len,int *rparam_len)
2839 int function = get_safe_SVAL(param,tpscnt,param,0,0);
2840 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
2841 char *str2 = skip_string(param,tpscnt,str1);
2842 char *QueueName = skip_string(param,tpscnt,str2);
2843 int errcode = NERR_notsupported;
2845 WERROR werr = WERR_OK;
2847 if (!str1 || !str2 || !QueueName) {
2851 /* check it's a supported varient */
2852 if (!(strcsequal(str1,"z") && strcsequal(str2,"")))
2856 *rparam = smb_realloc_limit(*rparam,*rparam_len);
2862 if (skip_string(param,tpscnt,QueueName) == NULL) {
2865 snum = print_queue_snum(QueueName);
2868 errcode = NERR_JobNotFound;
2873 case 74: /* Pause queue */
2874 werr = print_queue_pause(conn->server_info, snum);
2876 case 75: /* Resume queue */
2877 werr = print_queue_resume(conn->server_info, snum);
2879 case 103: /* Purge */
2880 werr = print_queue_purge(conn->server_info, snum);
2883 werr = WERR_NOT_SUPPORTED;
2887 errcode = W_ERROR_V(werr);
2890 SSVAL(*rparam,0,errcode);
2891 SSVAL(*rparam,2,0); /* converter word */
2896 /****************************************************************************
2897 set the property of a print job (undocumented?)
2898 ? function = 0xb -> set name of print job
2899 ? function = 0x6 -> move print job up/down
2900 Form: <WWsTP> <WWzWWDDzzzzzzzzzzlz>
2901 or <WWsTP> <WB21BB16B10zWWzDDz>
2902 ****************************************************************************/
2904 static int check_printjob_info(struct pack_desc* desc,
2905 int uLevel, char* id)
2907 desc->subformat = NULL;
2909 case 0: desc->format = "W"; break;
2910 case 1: desc->format = "WB21BB16B10zWWzDDz"; break;
2911 case 2: desc->format = "WWzWWDDzz"; break;
2912 case 3: desc->format = "WWzWWDDzzzzzzzzzzlz"; break;
2913 case 4: desc->format = "WWzWWDDzzzzzDDDDDDD"; break;
2915 DEBUG(0,("check_printjob_info: invalid level %d\n",
2919 if (id == NULL || strcmp(desc->format,id) != 0) {
2920 DEBUG(0,("check_printjob_info: invalid format %s\n",
2921 id ? id : "<NULL>" ));
2927 static bool api_PrintJobInfo(connection_struct *conn, uint16 vuid,
2928 char *param, int tpscnt,
2929 char *data, int tdscnt,
2930 int mdrcnt,int mprcnt,
2931 char **rdata,char **rparam,
2932 int *rdata_len,int *rparam_len)
2934 struct pack_desc desc;
2935 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
2936 char *str2 = skip_string(param,tpscnt,str1);
2937 char *p = skip_string(param,tpscnt,str2);
2940 int uLevel = get_safe_SVAL(param,tpscnt,p,2,-1);
2941 int function = get_safe_SVAL(param,tpscnt,p,4,-1);
2944 if (!str1 || !str2 || !p) {
2948 * We use 1 here not 2 as we're checking
2949 * the last byte we want to access is safe.
2951 if (!is_offset_safe(param,tpscnt,p,1)) {
2954 if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid))
2957 *rparam = smb_realloc_limit(*rparam,*rparam_len);
2962 if (!share_defined(sharename)) {
2963 DEBUG(0,("api_PrintJobInfo: sharen [%s] not defined\n",
2970 /* check it's a supported varient */
2971 if ((strcmp(str1,"WWsTP")) ||
2972 (!check_printjob_info(&desc,uLevel,str2)))
2975 if (!print_job_exists(sharename, jobid)) {
2976 errcode=NERR_JobNotFound;
2980 errcode = NERR_notsupported;
2984 /* change job place in the queue,
2985 data gives the new place */
2986 place = SVAL(data,0);
2987 if (print_job_set_place(sharename, jobid, place)) {
2988 errcode=NERR_Success;
2993 /* change print job name, data gives the name */
2994 if (print_job_set_name(sharename, jobid, data)) {
2995 errcode=NERR_Success;
3004 SSVALS(*rparam,0,errcode);
3005 SSVAL(*rparam,2,0); /* converter word */
3011 /****************************************************************************
3012 Get info about the server.
3013 ****************************************************************************/
3015 static bool api_RNetServerGetInfo(connection_struct *conn,uint16 vuid,
3016 char *param, int tpscnt,
3017 char *data, int tdscnt,
3018 int mdrcnt,int mprcnt,
3019 char **rdata,char **rparam,
3020 int *rdata_len,int *rparam_len)
3022 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
3023 char *str2 = skip_string(param,tpscnt,str1);
3024 char *p = skip_string(param,tpscnt,str2);
3025 int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1);
3029 if (!str1 || !str2 || !p) {
3033 DEBUG(4,("NetServerGetInfo level %d\n",uLevel));
3035 /* check it's a supported varient */
3036 if (!prefix_ok(str1,"WrLh")) {
3042 if (strcmp(str2,"B16") != 0) {
3048 if (strcmp(str2,"B16BBDz") != 0) {
3054 if (strcmp(str2,"B16BBDzDDDWWzWWWWWWWBB21zWWWWWWWWWWWWWWWWWWWWWWz")!= 0) {
3060 if (strcmp(str2,"B16BBDzDDDWWzWWWWWWWBB21zWWWWWWWWWWWWWWWWWWWWWWzDWz") != 0) {
3066 if (strcmp(str2,"DN") != 0) {
3072 if (strcmp(str2,"B16BBDzWWzzz") != 0) {
3081 *rdata_len = mdrcnt;
3082 *rdata = smb_realloc_limit(*rdata,*rdata_len);
3088 p2 = p + struct_len;
3090 srvstr_push(NULL, 0, p,global_myname(),16,
3091 STR_ASCII|STR_UPPER|STR_TERMINATE);
3095 struct srv_info_struct *servers=NULL;
3097 char *comment = NULL;
3098 TALLOC_CTX *ctx = talloc_tos();
3099 uint32 servertype= lp_default_server_announce();
3101 comment = talloc_strdup(ctx,lp_serverstring());
3106 if ((count=get_server_info(SV_TYPE_ALL,&servers,lp_workgroup()))>0) {
3107 for (i=0;i<count;i++) {
3108 if (strequal(servers[i].name,global_myname())) {
3109 servertype = servers[i].type;
3110 TALLOC_FREE(comment);
3111 comment = talloc_strdup(ctx,
3112 servers[i].comment);
3122 SCVAL(p,0,lp_major_announce_version());
3123 SCVAL(p,1,lp_minor_announce_version());
3124 SIVAL(p,2,servertype);
3126 if (mdrcnt == struct_len) {
3129 SIVAL(p,6,PTR_DIFF(p2,*rdata));
3130 comment = talloc_sub_advanced(
3132 lp_servicename(SNUM(conn)),
3133 conn->server_info->unix_name,
3135 conn->server_info->utok.gid,
3136 conn->server_info->sanitized_username,
3137 pdb_get_domain(conn->server_info->sam_account),
3142 if (mdrcnt - struct_len <= 0) {
3147 MIN(mdrcnt - struct_len,
3148 MAX_SERVER_STRING_LENGTH),
3150 p2 = skip_string(*rdata,*rdata_len,p2);
3158 return False; /* not yet implemented */
3161 *rdata_len = PTR_DIFF(p2,*rdata);
3164 *rparam = smb_realloc_limit(*rparam,*rparam_len);
3168 SSVAL(*rparam,0,NERR_Success);
3169 SSVAL(*rparam,2,0); /* converter word */
3170 SSVAL(*rparam,4,*rdata_len);
3175 /****************************************************************************
3176 Get info about the server.
3177 ****************************************************************************/
3179 static bool api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid,
3180 char *param, int tpscnt,
3181 char *data, int tdscnt,
3182 int mdrcnt,int mprcnt,
3183 char **rdata,char **rparam,
3184 int *rdata_len,int *rparam_len)
3186 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
3187 char *str2 = skip_string(param,tpscnt,str1);
3188 char *p = skip_string(param,tpscnt,str2);
3191 int level = get_safe_SVAL(param,tpscnt,p,0,-1);
3193 if (!str1 || !str2 || !p) {
3197 DEBUG(4,("NetWkstaGetInfo level %d\n",level));
3200 *rparam = smb_realloc_limit(*rparam,*rparam_len);
3205 /* check it's a supported varient */
3206 if (!(level==10 && strcsequal(str1,"WrLh") && strcsequal(str2,"zzzBBzz"))) {
3210 *rdata_len = mdrcnt + 1024;
3211 *rdata = smb_realloc_limit(*rdata,*rdata_len);
3216 SSVAL(*rparam,0,NERR_Success);
3217 SSVAL(*rparam,2,0); /* converter word */
3220 endp = *rdata + *rdata_len;
3222 p2 = get_safe_ptr(*rdata,*rdata_len,p,22);
3227 SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* host name */
3228 strlcpy(p2,get_local_machine_name(),PTR_DIFF(endp,p2));
3230 p2 = skip_string(*rdata,*rdata_len,p2);
3236 SIVAL(p,0,PTR_DIFF(p2,*rdata));
3237 strlcpy(p2,conn->server_info->sanitized_username,PTR_DIFF(endp,p2));
3238 p2 = skip_string(*rdata,*rdata_len,p2);
3244 SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* login domain */
3245 strlcpy(p2,lp_workgroup(),PTR_DIFF(endp,p2));
3247 p2 = skip_string(*rdata,*rdata_len,p2);
3253 SCVAL(p,0,lp_major_announce_version()); /* system version - e.g 4 in 4.1 */
3254 SCVAL(p,1,lp_minor_announce_version()); /* system version - e.g .1 in 4.1 */
3257 SIVAL(p,0,PTR_DIFF(p2,*rdata));
3258 strlcpy(p2,lp_workgroup(),PTR_DIFF(endp,p2)); /* don't know. login domain?? */
3259 p2 = skip_string(*rdata,*rdata_len,p2);
3265 SIVAL(p,0,PTR_DIFF(p2,*rdata)); /* don't know */
3266 strlcpy(p2,"",PTR_DIFF(endp,p2));
3267 p2 = skip_string(*rdata,*rdata_len,p2);
3273 *rdata_len = PTR_DIFF(p2,*rdata);
3275 SSVAL(*rparam,4,*rdata_len);
3280 /****************************************************************************
3281 get info about a user
3283 struct user_info_11 {
3284 char usri11_name[21]; 0-20
3286 char *usri11_comment; 22-25
3287 char *usri11_usr_comment; 26-29
3288 unsigned short usri11_priv; 30-31
3289 unsigned long usri11_auth_flags; 32-35
3290 long usri11_password_age; 36-39
3291 char *usri11_homedir; 40-43
3292 char *usri11_parms; 44-47
3293 long usri11_last_logon; 48-51
3294 long usri11_last_logoff; 52-55
3295 unsigned short usri11_bad_pw_count; 56-57
3296 unsigned short usri11_num_logons; 58-59
3297 char *usri11_logon_server; 60-63
3298 unsigned short usri11_country_code; 64-65
3299 char *usri11_workstations; 66-69
3300 unsigned long usri11_max_storage; 70-73
3301 unsigned short usri11_units_per_week; 74-75
3302 unsigned char *usri11_logon_hours; 76-79
3303 unsigned short usri11_code_page; 80-81
3308 usri11_name specifies the user name for which information is retrieved
3310 usri11_pad aligns the next data structure element to a word boundary
3312 usri11_comment is a null terminated ASCII comment
3314 usri11_user_comment is a null terminated ASCII comment about the user
3316 usri11_priv specifies the level of the privilege assigned to the user.
3317 The possible values are:
3319 Name Value Description
3320 USER_PRIV_GUEST 0 Guest privilege
3321 USER_PRIV_USER 1 User privilege
3322 USER_PRV_ADMIN 2 Administrator privilege
3324 usri11_auth_flags specifies the account operator privileges. The
3325 possible values are:
3327 Name Value Description
3328 AF_OP_PRINT 0 Print operator
3331 Leach, Naik [Page 28]
3335 INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997
3338 AF_OP_COMM 1 Communications operator
3339 AF_OP_SERVER 2 Server operator
3340 AF_OP_ACCOUNTS 3 Accounts operator
3343 usri11_password_age specifies how many seconds have elapsed since the
3344 password was last changed.
3346 usri11_home_dir points to a null terminated ASCII string that contains
3347 the path name of the user's home directory.
3349 usri11_parms points to a null terminated ASCII string that is set
3350 aside for use by applications.
3352 usri11_last_logon specifies the time when the user last logged on.
3353 This value is stored as the number of seconds elapsed since
3354 00:00:00, January 1, 1970.
3356 usri11_last_logoff specifies the time when the user last logged off.
3357 This value is stored as the number of seconds elapsed since
3358 00:00:00, January 1, 1970. A value of 0 means the last logoff
3361 usri11_bad_pw_count specifies the number of incorrect passwords
3362 entered since the last successful logon.
3364 usri11_log1_num_logons specifies the number of times this user has
3365 logged on. A value of -1 means the number of logons is unknown.
3367 usri11_logon_server points to a null terminated ASCII string that
3368 contains the name of the server to which logon requests are sent.
3369 A null string indicates logon requests should be sent to the
3372 usri11_country_code specifies the country code for the user's language
3375 usri11_workstations points to a null terminated ASCII string that
3376 contains the names of workstations the user may log on from.
3377 There may be up to 8 workstations, with the names separated by
3378 commas. A null strings indicates there are no restrictions.
3380 usri11_max_storage specifies the maximum amount of disk space the user
3381 can occupy. A value of 0xffffffff indicates there are no
3384 usri11_units_per_week specifies the equal number of time units into
3385 which a week is divided. This value must be equal to 168.
3387 usri11_logon_hours points to a 21 byte (168 bits) string that
3388 specifies the time during which the user can log on. Each bit
3389 represents one unique hour in a week. The first bit (bit 0, word
3390 0) is Sunday, 0:00 to 0:59, the second bit (bit 1, word 0) is
3394 Leach, Naik [Page 29]
3398 INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997
3401 Sunday, 1:00 to 1:59 and so on. A null pointer indicates there
3402 are no restrictions.
3404 usri11_code_page specifies the code page for the user's language of
3407 All of the pointers in this data structure need to be treated
3408 specially. The pointer is a 32 bit pointer. The higher 16 bits need
3409 to be ignored. The converter word returned in the parameters section
3410 needs to be subtracted from the lower 16 bits to calculate an offset
3411 into the return buffer where this ASCII string resides.
3413 There is no auxiliary data in the response.
3415 ****************************************************************************/
3417 #define usri11_name 0
3418 #define usri11_pad 21
3419 #define usri11_comment 22
3420 #define usri11_usr_comment 26
3421 #define usri11_full_name 30
3422 #define usri11_priv 34
3423 #define usri11_auth_flags 36
3424 #define usri11_password_age 40
3425 #define usri11_homedir 44
3426 #define usri11_parms 48
3427 #define usri11_last_logon 52
3428 #define usri11_last_logoff 56
3429 #define usri11_bad_pw_count 60
3430 #define usri11_num_logons 62
3431 #define usri11_logon_server 64
3432 #define usri11_country_code 68
3433 #define usri11_workstations 70
3434 #define usri11_max_storage 74
3435 #define usri11_units_per_week 78
3436 #define usri11_logon_hours 80
3437 #define usri11_code_page 84
3438 #define usri11_end 86
3440 #define USER_PRIV_GUEST 0
3441 #define USER_PRIV_USER 1
3442 #define USER_PRIV_ADMIN 2
3444 #define AF_OP_PRINT 0
3445 #define AF_OP_COMM 1
3446 #define AF_OP_SERVER 2
3447 #define AF_OP_ACCOUNTS 3
3450 static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid,
3451 char *param, int tpscnt,
3452 char *data, int tdscnt,
3453 int mdrcnt,int mprcnt,
3454 char **rdata,char **rparam,
3455 int *rdata_len,int *rparam_len)
3457 struct smbd_server_connection *sconn = smbd_server_conn;
3458 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
3459 char *str2 = skip_string(param,tpscnt,str1);
3460 char *UserName = skip_string(param,tpscnt,str2);
3461 char *p = skip_string(param,tpscnt,UserName);
3462 int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1);
3465 const char *level_string;
3467 /* get NIS home of a previously validated user - simeon */
3468 /* With share level security vuid will always be zero.
3469 Don't depend on vuser being non-null !!. JRA */
3470 user_struct *vuser = get_valid_user_struct(sconn, vuid);
3472 DEBUG(3,(" Username of UID %d is %s\n",
3473 (int)vuser->server_info->utok.uid,
3474 vuser->server_info->unix_name));
3477 if (!str1 || !str2 || !UserName || !p) {
3482 *rparam = smb_realloc_limit(*rparam,*rparam_len);
3487 DEBUG(4,("RNetUserGetInfo level=%d\n", uLevel));
3489 /* check it's a supported variant */
3490 if (strcmp(str1,"zWrLh") != 0) {
3494 case 0: level_string = "B21"; break;
3495 case 1: level_string = "B21BB16DWzzWz"; break;
3496 case 2: level_string = "B21BB16DWzzWzDzzzzDDDDWb21WWzWW"; break;
3497 case 10: level_string = "B21Bzzz"; break;
3498 case 11: level_string = "B21BzzzWDDzzDDWWzWzDWb21W"; break;
3499 default: return False;
3502 if (strcmp(level_string,str2) != 0) {
3506 *rdata_len = mdrcnt + 1024;
3507 *rdata = smb_realloc_limit(*rdata,*rdata_len);
3512 SSVAL(*rparam,0,NERR_Success);
3513 SSVAL(*rparam,2,0); /* converter word */
3516 endp = *rdata + *rdata_len;
3517 p2 = get_safe_ptr(*rdata,*rdata_len,p,usri11_end);
3523 fstrcpy(p+usri11_name,UserName); /* 21 bytes - user name */
3526 SCVAL(p,usri11_pad,0); /* padding - 1 byte */
3531 SIVAL(p,usri11_comment,PTR_DIFF(p2,p)); /* comment */
3532 strlcpy(p2,"Comment",PTR_DIFF(endp,p2));
3533 p2 = skip_string(*rdata,*rdata_len,p2);
3538 SIVAL(p,usri11_usr_comment,PTR_DIFF(p2,p)); /* user_comment */
3539 strlcpy(p2,"UserComment",PTR_DIFF(endp,p2));
3540 p2 = skip_string(*rdata,*rdata_len,p2);
3545 /* EEK! the cifsrap.txt doesn't have this in!!!! */
3546 SIVAL(p,usri11_full_name,PTR_DIFF(p2,p)); /* full name */
3547 strlcpy(p2,((vuser != NULL)
3548 ? pdb_get_fullname(vuser->server_info->sam_account)
3549 : UserName),PTR_DIFF(endp,p2));
3550 p2 = skip_string(*rdata,*rdata_len,p2);
3557 const char *homedir = "";
3558 if (vuser != NULL) {
3559 homedir = pdb_get_homedir(
3560 vuser->server_info->sam_account);
3562 /* modelled after NTAS 3.51 reply */
3563 SSVAL(p,usri11_priv,conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER);
3564 SIVAL(p,usri11_auth_flags,AF_OP_PRINT); /* auth flags */
3565 SIVALS(p,usri11_password_age,-1); /* password age */
3566 SIVAL(p,usri11_homedir,PTR_DIFF(p2,p)); /* home dir */
3567 strlcpy(p2, homedir, PTR_DIFF(endp,p2));
3568 p2 = skip_string(*rdata,*rdata_len,p2);
3572 SIVAL(p,usri11_parms,PTR_DIFF(p2,p)); /* parms */
3573 strlcpy(p2,"",PTR_DIFF(endp,p2));
3574 p2 = skip_string(*rdata,*rdata_len,p2);
3578 SIVAL(p,usri11_last_logon,0); /* last logon */
3579 SIVAL(p,usri11_last_logoff,0); /* last logoff */
3580 SSVALS(p,usri11_bad_pw_count,-1); /* bad pw counts */
3581 SSVALS(p,usri11_num_logons,-1); /* num logons */
3582 SIVAL(p,usri11_logon_server,PTR_DIFF(p2,p)); /* logon server */
3583 strlcpy(p2,"\\\\*",PTR_DIFF(endp,p2));
3584 p2 = skip_string(*rdata,*rdata_len,p2);
3588 SSVAL(p,usri11_country_code,0); /* country code */
3590 SIVAL(p,usri11_workstations,PTR_DIFF(p2,p)); /* workstations */
3591 strlcpy(p2,"",PTR_DIFF(endp,p2));
3592 p2 = skip_string(*rdata,*rdata_len,p2);
3597 SIVALS(p,usri11_max_storage,-1); /* max storage */
3598 SSVAL(p,usri11_units_per_week,168); /* units per week */
3599 SIVAL(p,usri11_logon_hours,PTR_DIFF(p2,p)); /* logon hours */
3601 /* a simple way to get logon hours at all times. */
3603 SCVAL(p2,21,0); /* fix zero termination */
3604 p2 = skip_string(*rdata,*rdata_len,p2);
3609 SSVAL(p,usri11_code_page,0); /* code page */
3612 if (uLevel == 1 || uLevel == 2) {
3613 memset(p+22,' ',16); /* password */
3614 SIVALS(p,38,-1); /* password age */
3616 conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER);
3617 SIVAL(p,44,PTR_DIFF(p2,*rdata)); /* home dir */
3618 strlcpy(p2, vuser ? pdb_get_homedir(
3619 vuser->server_info->sam_account) : "",
3621 p2 = skip_string(*rdata,*rdata_len,p2);
3625 SIVAL(p,48,PTR_DIFF(p2,*rdata)); /* comment */
3627 SSVAL(p,52,0); /* flags */
3628 SIVAL(p,54,PTR_DIFF(p2,*rdata)); /* script_path */
3629 strlcpy(p2, vuser ? pdb_get_logon_script(
3630 vuser->server_info->sam_account) : "",
3632 p2 = skip_string(*rdata,*rdata_len,p2);
3637 SIVAL(p,60,0); /* auth_flags */
3638 SIVAL(p,64,PTR_DIFF(p2,*rdata)); /* full_name */
3639 strlcpy(p2,((vuser != NULL)
3640 ? pdb_get_fullname(vuser->server_info->sam_account)
3641 : UserName),PTR_DIFF(endp,p2));
3642 p2 = skip_string(*rdata,*rdata_len,p2);
3646 SIVAL(p,68,0); /* urs_comment */
3647 SIVAL(p,72,PTR_DIFF(p2,*rdata)); /* parms */
3648 strlcpy(p2,"",PTR_DIFF(endp,p2));
3649 p2 = skip_string(*rdata,*rdata_len,p2);
3653 SIVAL(p,76,0); /* workstations */
3654 SIVAL(p,80,0); /* last_logon */
3655 SIVAL(p,84,0); /* last_logoff */
3656 SIVALS(p,88,-1); /* acct_expires */
3657 SIVALS(p,92,-1); /* max_storage */
3658 SSVAL(p,96,168); /* units_per_week */
3659 SIVAL(p,98,PTR_DIFF(p2,*rdata)); /* logon_hours */
3662 SSVALS(p,102,-1); /* bad_pw_count */
3663 SSVALS(p,104,-1); /* num_logons */
3664 SIVAL(p,106,PTR_DIFF(p2,*rdata)); /* logon_server */
3666 TALLOC_CTX *ctx = talloc_tos();
3667 int space_rem = *rdata_len - (p2 - *rdata);
3670 if (space_rem <= 0) {
3673 tmp = talloc_strdup(ctx, "\\\\%L");
3677 tmp = talloc_sub_basic(ctx,
3690 p2 = skip_string(*rdata,*rdata_len,p2);
3694 SSVAL(p,110,49); /* country_code */
3695 SSVAL(p,112,860); /* code page */
3699 *rdata_len = PTR_DIFF(p2,*rdata);
3701 SSVAL(*rparam,4,*rdata_len); /* is this right?? */
3706 static bool api_WWkstaUserLogon(connection_struct *conn,uint16 vuid,
3707 char *param, int tpscnt,
3708 char *data, int tdscnt,
3709 int mdrcnt,int mprcnt,
3710 char **rdata,char **rparam,
3711 int *rdata_len,int *rparam_len)
3713 struct smbd_server_connection *sconn = smbd_server_conn;
3714 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
3715 char *str2 = skip_string(param,tpscnt,str1);
3716 char *p = skip_string(param,tpscnt,str2);
3718 struct pack_desc desc;
3720 /* With share level security vuid will always be zero.
3721 Don't depend on vuser being non-null !!. JRA */
3722 user_struct *vuser = get_valid_user_struct(sconn, vuid);
3724 if (!str1 || !str2 || !p) {
3729 DEBUG(3,(" Username of UID %d is %s\n",
3730 (int)vuser->server_info->utok.uid,
3731 vuser->server_info->unix_name));
3734 uLevel = get_safe_SVAL(param,tpscnt,p,0,-1);
3735 name = get_safe_str_ptr(param,tpscnt,p,2);
3740 memset((char *)&desc,'\0',sizeof(desc));
3742 DEBUG(3,("WWkstaUserLogon uLevel=%d name=%s\n",uLevel,name));
3744 /* check it's a supported varient */
3745 if (strcmp(str1,"OOWb54WrLh") != 0) {
3748 if (uLevel != 1 || strcmp(str2,"WB21BWDWWDDDDDDDzzzD") != 0) {
3752 *rdata = smb_realloc_limit(*rdata,mdrcnt);
3759 desc.buflen = mdrcnt;
3760 desc.subformat = NULL;
3763 if (init_package(&desc,1,0)) {
3764 PACKI(&desc,"W",0); /* code */
3765 PACKS(&desc,"B21",name); /* eff. name */
3766 PACKS(&desc,"B",""); /* pad */
3767 PACKI(&desc,"W", conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER);
3768 PACKI(&desc,"D",0); /* auth flags XXX */
3769 PACKI(&desc,"W",0); /* num logons */
3770 PACKI(&desc,"W",0); /* bad pw count */
3771 PACKI(&desc,"D",0); /* last logon */
3772 PACKI(&desc,"D",-1); /* last logoff */
3773 PACKI(&desc,"D",-1); /* logoff time */
3774 PACKI(&desc,"D",-1); /* kickoff time */
3775 PACKI(&desc,"D",0); /* password age */
3776 PACKI(&desc,"D",0); /* password can change */
3777 PACKI(&desc,"D",-1); /* password must change */
3781 fstrcpy(mypath,"\\\\");
3782 fstrcat(mypath,get_local_machine_name());
3784 PACKS(&desc,"z",mypath); /* computer */
3787 PACKS(&desc,"z",lp_workgroup());/* domain */
3788 PACKS(&desc,"z", vuser ? pdb_get_logon_script(
3789 vuser->server_info->sam_account) : ""); /* script path */
3790 PACKI(&desc,"D",0x00000000); /* reserved */
3793 *rdata_len = desc.usedlen;
3795 *rparam = smb_realloc_limit(*rparam,*rparam_len);
3799 SSVALS(*rparam,0,desc.errcode);
3801 SSVAL(*rparam,4,desc.neededlen);
3803 DEBUG(4,("WWkstaUserLogon: errorcode %d\n",desc.errcode));
3808 /****************************************************************************
3809 api_WAccessGetUserPerms
3810 ****************************************************************************/
3812 static bool api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid,
3813 char *param, int tpscnt,
3814 char *data, int tdscnt,
3815 int mdrcnt,int mprcnt,
3816 char **rdata,char **rparam,
3817 int *rdata_len,int *rparam_len)
3819 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
3820 char *str2 = skip_string(param,tpscnt,str1);
3821 char *user = skip_string(param,tpscnt,str2);
3822 char *resource = skip_string(param,tpscnt,user);
3824 if (!str1 || !str2 || !user || !resource) {
3828 if (skip_string(param,tpscnt,resource) == NULL) {
3831 DEBUG(3,("WAccessGetUserPerms user=%s resource=%s\n",user,resource));
3833 /* check it's a supported varient */
3834 if (strcmp(str1,"zzh") != 0) {
3837 if (strcmp(str2,"") != 0) {
3842 *rparam = smb_realloc_limit(*rparam,*rparam_len);
3846 SSVALS(*rparam,0,0); /* errorcode */
3847 SSVAL(*rparam,2,0); /* converter word */
3848 SSVAL(*rparam,4,0x7f); /* permission flags */
3853 /****************************************************************************
3854 api_WPrintJobEnumerate
3855 ****************************************************************************/
3857 static bool api_WPrintJobGetInfo(connection_struct *conn, uint16 vuid,
3858 char *param, int tpscnt,
3859 char *data, int tdscnt,
3860 int mdrcnt,int mprcnt,
3861 char **rdata,char **rparam,
3862 int *rdata_len,int *rparam_len)
3864 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
3865 char *str2 = skip_string(param,tpscnt,str1);
3866 char *p = skip_string(param,tpscnt,str2);
3873 struct pack_desc desc;
3874 print_queue_struct *queue=NULL;
3875 print_status_struct status;
3878 if (!str1 || !str2 || !p) {
3882 uLevel = get_safe_SVAL(param,tpscnt,p,2,-1);
3884 memset((char *)&desc,'\0',sizeof(desc));
3885 memset((char *)&status,'\0',sizeof(status));
3887 DEBUG(3,("WPrintJobGetInfo uLevel=%d uJobId=0x%X\n",uLevel,SVAL(p,0)));
3889 /* check it's a supported varient */
3890 if (strcmp(str1,"WWrLh") != 0) {
3893 if (!check_printjob_info(&desc,uLevel,str2)) {
3897 if(!rap_to_pjobid(SVAL(p,0), sharename, &jobid)) {
3901 snum = lp_servicenumber( sharename);
3902 if (snum < 0 || !VALID_SNUM(snum)) {
3906 count = print_queue_status(snum,&queue,&status);
3907 for (i = 0; i < count; i++) {
3908 if (queue[i].job == jobid) {
3914 *rdata = smb_realloc_limit(*rdata,mdrcnt);
3919 desc.buflen = mdrcnt;
3922 * Don't return data but need to get correct length
3923 * init_package will return wrong size if buflen=0
3925 desc.buflen = getlen(desc.format);
3926 desc.base = tmpdata = (char *)SMB_MALLOC( desc.buflen );
3929 if (init_package(&desc,1,0)) {
3931 fill_printjob_info(conn,snum,uLevel,&desc,&queue[i],i);
3932 *rdata_len = desc.usedlen;
3934 desc.errcode = NERR_JobNotFound;
3940 *rparam = smb_realloc_limit(*rparam,*rparam_len);
3944 SSVALS(*rparam,0,desc.errcode);
3946 SSVAL(*rparam,4,desc.neededlen);
3951 DEBUG(4,("WPrintJobGetInfo: errorcode %d\n",desc.errcode));
3956 static bool api_WPrintJobEnumerate(connection_struct *conn, uint16 vuid,
3957 char *param, int tpscnt,
3958 char *data, int tdscnt,
3959 int mdrcnt,int mprcnt,
3960 char **rdata,char **rparam,
3961 int *rdata_len,int *rparam_len)
3963 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
3964 char *str2 = skip_string(param,tpscnt,str1);
3965 char *p = skip_string(param,tpscnt,str2);
3971 struct pack_desc desc;
3972 print_queue_struct *queue=NULL;
3973 print_status_struct status;
3975 if (!str1 || !str2 || !p) {
3979 memset((char *)&desc,'\0',sizeof(desc));
3980 memset((char *)&status,'\0',sizeof(status));
3982 p = skip_string(param,tpscnt,p);
3986 uLevel = get_safe_SVAL(param,tpscnt,p,0,-1);
3988 DEBUG(3,("WPrintJobEnumerate uLevel=%d name=%s\n",uLevel,name));
3990 /* check it's a supported variant */
3991 if (strcmp(str1,"zWrLeh") != 0) {
3996 return False; /* defined only for uLevel 0,1,2 */
3999 if (!check_printjob_info(&desc,uLevel,str2)) {
4003 snum = find_service(name);
4004 if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) ) {
4008 count = print_queue_status(snum,&queue,&status);
4010 *rdata = smb_realloc_limit(*rdata,mdrcnt);
4016 desc.buflen = mdrcnt;
4018 if (init_package(&desc,count,0)) {
4020 for (i = 0; i < count; i++) {
4021 fill_printjob_info(conn,snum,uLevel,&desc,&queue[i],i);
4022 if (desc.errcode == NERR_Success) {
4028 *rdata_len = desc.usedlen;
4031 *rparam = smb_realloc_limit(*rparam,*rparam_len);
4035 SSVALS(*rparam,0,desc.errcode);
4037 SSVAL(*rparam,4,succnt);
4038 SSVAL(*rparam,6,count);
4042 DEBUG(4,("WPrintJobEnumerate: errorcode %d\n",desc.errcode));
4047 static int check_printdest_info(struct pack_desc* desc,
4048 int uLevel, char* id)
4050 desc->subformat = NULL;
4053 desc->format = "B9";
4056 desc->format = "B9B21WWzW";
4062 desc->format = "zzzWWzzzWW";
4065 DEBUG(0,("check_printdest_info: invalid level %d\n",
4069 if (id == NULL || strcmp(desc->format,id) != 0) {
4070 DEBUG(0,("check_printdest_info: invalid string %s\n",
4071 id ? id : "<NULL>" ));
4077 static void fill_printdest_info(connection_struct *conn, int snum, int uLevel,
4078 struct pack_desc* desc)
4082 strncpy(buf,SERVICE(snum),sizeof(buf)-1);
4083 buf[sizeof(buf)-1] = 0;
4087 PACKS(desc,"B9",buf); /* szName */
4089 PACKS(desc,"B21",""); /* szUserName */
4090 PACKI(desc,"W",0); /* uJobId */
4091 PACKI(desc,"W",0); /* fsStatus */
4092 PACKS(desc,"z",""); /* pszStatus */
4093 PACKI(desc,"W",0); /* time */
4097 if (uLevel == 2 || uLevel == 3) {
4098 PACKS(desc,"z",buf); /* pszPrinterName */
4100 PACKS(desc,"z",""); /* pszUserName */
4101 PACKS(desc,"z",""); /* pszLogAddr */
4102 PACKI(desc,"W",0); /* uJobId */
4103 PACKI(desc,"W",0); /* fsStatus */
4104 PACKS(desc,"z",""); /* pszStatus */
4105 PACKS(desc,"z",""); /* pszComment */
4106 PACKS(desc,"z","NULL"); /* pszDrivers */
4107 PACKI(desc,"W",0); /* time */
4108 PACKI(desc,"W",0); /* pad1 */
4113 static bool api_WPrintDestGetInfo(connection_struct *conn, uint16 vuid,
4114 char *param, int tpscnt,
4115 char *data, int tdscnt,
4116 int mdrcnt,int mprcnt,
4117 char **rdata,char **rparam,
4118 int *rdata_len,int *rparam_len)
4120 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
4121 char *str2 = skip_string(param,tpscnt,str1);
4122 char *p = skip_string(param,tpscnt,str2);
4123 char* PrinterName = p;
4125 struct pack_desc desc;
4129 if (!str1 || !str2 || !p) {
4133 memset((char *)&desc,'\0',sizeof(desc));
4135 p = skip_string(param,tpscnt,p);
4139 uLevel = get_safe_SVAL(param,tpscnt,p,0,-1);
4141 DEBUG(3,("WPrintDestGetInfo uLevel=%d PrinterName=%s\n",uLevel,PrinterName));
4143 /* check it's a supported varient */
4144 if (strcmp(str1,"zWrLh") != 0) {
4147 if (!check_printdest_info(&desc,uLevel,str2)) {
4151 snum = find_service(PrinterName);
4152 if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) ) {
4154 desc.errcode = NERR_DestNotFound;
4158 *rdata = smb_realloc_limit(*rdata,mdrcnt);
4163 desc.buflen = mdrcnt;
4166 * Don't return data but need to get correct length
4167 * init_package will return wrong size if buflen=0
4169 desc.buflen = getlen(desc.format);
4170 desc.base = tmpdata = (char *)SMB_MALLOC( desc.buflen );
4172 if (init_package(&desc,1,0)) {
4173 fill_printdest_info(conn,snum,uLevel,&desc);
4175 *rdata_len = desc.usedlen;
4179 *rparam = smb_realloc_limit(*rparam,*rparam_len);
4183 SSVALS(*rparam,0,desc.errcode);
4185 SSVAL(*rparam,4,desc.neededlen);
4187 DEBUG(4,("WPrintDestGetInfo: errorcode %d\n",desc.errcode));
4193 static bool api_WPrintDestEnum(connection_struct *conn, uint16 vuid,
4194 char *param, int tpscnt,
4195 char *data, int tdscnt,
4196 int mdrcnt,int mprcnt,
4197 char **rdata,char **rparam,
4198 int *rdata_len,int *rparam_len)
4200 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
4201 char *str2 = skip_string(param,tpscnt,str1);
4202 char *p = skip_string(param,tpscnt,str2);
4206 struct pack_desc desc;
4207 int services = lp_numservices();
4209 if (!str1 || !str2 || !p) {
4213 memset((char *)&desc,'\0',sizeof(desc));
4215 uLevel = get_safe_SVAL(param,tpscnt,p,0,-1);
4217 DEBUG(3,("WPrintDestEnum uLevel=%d\n",uLevel));
4219 /* check it's a supported varient */
4220 if (strcmp(str1,"WrLeh") != 0) {
4223 if (!check_printdest_info(&desc,uLevel,str2)) {
4228 for (i = 0; i < services; i++) {
4229 if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) {
4235 *rdata = smb_realloc_limit(*rdata,mdrcnt);
4242 desc.buflen = mdrcnt;
4243 if (init_package(&desc,queuecnt,0)) {
4246 for (i = 0; i < services; i++) {
4247 if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) {
4248 fill_printdest_info(conn,i,uLevel,&desc);
4250 if (desc.errcode == NERR_Success) {
4257 *rdata_len = desc.usedlen;
4260 *rparam = smb_realloc_limit(*rparam,*rparam_len);
4264 SSVALS(*rparam,0,desc.errcode);
4266 SSVAL(*rparam,4,succnt);
4267 SSVAL(*rparam,6,queuecnt);
4269 DEBUG(4,("WPrintDestEnumerate: errorcode %d\n",desc.errcode));
4274 static bool api_WPrintDriverEnum(connection_struct *conn, uint16 vuid,
4275 char *param, int tpscnt,
4276 char *data, int tdscnt,
4277 int mdrcnt,int mprcnt,
4278 char **rdata,char **rparam,
4279 int *rdata_len,int *rparam_len)
4281 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
4282 char *str2 = skip_string(param,tpscnt,str1);
4283 char *p = skip_string(param,tpscnt,str2);
4286 struct pack_desc desc;
4288 if (!str1 || !str2 || !p) {
4292 memset((char *)&desc,'\0',sizeof(desc));
4294 uLevel = get_safe_SVAL(param,tpscnt,p,0,-1);
4296 DEBUG(3,("WPrintDriverEnum uLevel=%d\n",uLevel));
4298 /* check it's a supported varient */
4299 if (strcmp(str1,"WrLeh") != 0) {
4302 if (uLevel != 0 || strcmp(str2,"B41") != 0) {
4307 *rdata = smb_realloc_limit(*rdata,mdrcnt);
4313 desc.buflen = mdrcnt;
4314 if (init_package(&desc,1,0)) {
4315 PACKS(&desc,"B41","NULL");
4318 succnt = (desc.errcode == NERR_Success ? 1 : 0);
4320 *rdata_len = desc.usedlen;
4323 *rparam = smb_realloc_limit(*rparam,*rparam_len);
4327 SSVALS(*rparam,0,desc.errcode);
4329 SSVAL(*rparam,4,succnt);
4332 DEBUG(4,("WPrintDriverEnum: errorcode %d\n",desc.errcode));
4337 static bool api_WPrintQProcEnum(connection_struct *conn, uint16 vuid,
4338 char *param, int tpscnt,
4339 char *data, int tdscnt,
4340 int mdrcnt,int mprcnt,
4341 char **rdata,char **rparam,
4342 int *rdata_len,int *rparam_len)
4344 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
4345 char *str2 = skip_string(param,tpscnt,str1);
4346 char *p = skip_string(param,tpscnt,str2);
4349 struct pack_desc desc;
4351 if (!str1 || !str2 || !p) {
4354 memset((char *)&desc,'\0',sizeof(desc));
4356 uLevel = get_safe_SVAL(param,tpscnt,p,0,-1);
4358 DEBUG(3,("WPrintQProcEnum uLevel=%d\n",uLevel));
4360 /* check it's a supported varient */
4361 if (strcmp(str1,"WrLeh") != 0) {
4364 if (uLevel != 0 || strcmp(str2,"B13") != 0) {
4369 *rdata = smb_realloc_limit(*rdata,mdrcnt);
4375 desc.buflen = mdrcnt;
4377 if (init_package(&desc,1,0)) {
4378 PACKS(&desc,"B13","lpd");
4381 succnt = (desc.errcode == NERR_Success ? 1 : 0);
4383 *rdata_len = desc.usedlen;
4386 *rparam = smb_realloc_limit(*rparam,*rparam_len);
4390 SSVALS(*rparam,0,desc.errcode);
4392 SSVAL(*rparam,4,succnt);
4395 DEBUG(4,("WPrintQProcEnum: errorcode %d\n",desc.errcode));
4400 static bool api_WPrintPortEnum(connection_struct *conn, uint16 vuid,
4401 char *param, int tpscnt,
4402 char *data, int tdscnt,
4403 int mdrcnt,int mprcnt,
4404 char **rdata,char **rparam,
4405 int *rdata_len,int *rparam_len)
4407 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
4408 char *str2 = skip_string(param,tpscnt,str1);
4409 char *p = skip_string(param,tpscnt,str2);
4412 struct pack_desc desc;
4414 if (!str1 || !str2 || !p) {
4418 memset((char *)&desc,'\0',sizeof(desc));
4420 uLevel = get_safe_SVAL(param,tpscnt,p,0,-1);
4422 DEBUG(3,("WPrintPortEnum uLevel=%d\n",uLevel));
4424 /* check it's a supported varient */
4425 if (strcmp(str1,"WrLeh") != 0) {
4428 if (uLevel != 0 || strcmp(str2,"B9") != 0) {
4433 *rdata = smb_realloc_limit(*rdata,mdrcnt);
4438 memset((char *)&desc,'\0',sizeof(desc));
4440 desc.buflen = mdrcnt;
4442 if (init_package(&desc,1,0)) {
4443 PACKS(&desc,"B13","lp0");
4446 succnt = (desc.errcode == NERR_Success ? 1 : 0);
4448 *rdata_len = desc.usedlen;
4451 *rparam = smb_realloc_limit(*rparam,*rparam_len);
4455 SSVALS(*rparam,0,desc.errcode);
4457 SSVAL(*rparam,4,succnt);
4460 DEBUG(4,("WPrintPortEnum: errorcode %d\n",desc.errcode));
4465 /****************************************************************************
4467 ****************************************************************************/
4469 static bool api_RNetSessionEnum(connection_struct *conn, uint16 vuid,
4470 char *param, int tpscnt,
4471 char *data, int tdscnt,
4472 int mdrcnt,int mprcnt,
4473 char **rdata,char **rparam,
4474 int *rdata_len,int *rparam_len)
4477 char *str1 = get_safe_str_ptr(param,tpscnt,param,2);
4478 char *str2 = skip_string(param,tpscnt,str1);
4479 char *p = skip_string(param,tpscnt,str2);
4481 struct pack_desc desc;
4482 struct sessionid *session_list;
4483 int i, num_sessions;
4485 if (!str1 || !str2 || !p) {
4489 memset((char *)&desc,'\0',sizeof(desc));
4491 uLevel = get_safe_SVAL(param,tpscnt,p,0,-1);
4493 DEBUG(3,("RNetSessionEnum uLevel=%d\n",uLevel));
4494 DEBUG(7,("RNetSessionEnum req string=%s\n",str1));
4495 DEBUG(7,("RNetSessionEnum ret string=%s\n",str2));
4497 /* check it's a supported varient */
4498 if (strcmp(str1,RAP_NetSessionEnum_REQ) != 0) {
4501 if (uLevel != 2 || strcmp(str2,RAP_SESSION_INFO_L2) != 0) {
4505 num_sessions = list_sessions(talloc_tos(), &session_list);
4508 *rdata = smb_realloc_limit(*rdata,mdrcnt);
4513 memset((char *)&desc,'\0',sizeof(desc));
4515 desc.buflen = mdrcnt;
4517 if (!init_package(&desc,num_sessions,0)) {
4521 for(i=0; i<num_sessions; i++) {
4522 PACKS(&desc, "z", session_list[i].remote_machine);
4523 PACKS(&desc, "z", session_list[i].username);
4524 PACKI(&desc, "W", 1); /* num conns */
4525 PACKI(&desc, "W", 0); /* num opens */
4526 PACKI(&desc, "W", 1); /* num users */
4527 PACKI(&desc, "D", 0); /* session time */
4528 PACKI(&desc, "D", 0); /* idle time */
4529 PACKI(&desc, "D", 0); /* flags */
4530 PACKS(&desc, "z", "Unknown Client"); /* client type string */
4533 *rdata_len = desc.usedlen;
4536 *rparam = smb_realloc_limit(*rparam,*rparam_len);
4540 SSVALS(*rparam,0,desc.errcode);
4541 SSVAL(*rparam,2,0); /* converter */
4542 SSVAL(*rparam,4,num_sessions); /* count */
4544 DEBUG(4,("RNetSessionEnum: errorcode %d\n",desc.errcode));
4550 /****************************************************************************
4551 The buffer was too small.
4552 ****************************************************************************/
4554 static bool api_TooSmall(connection_struct *conn,uint16 vuid, char *param, char *data,
4555 int mdrcnt, int mprcnt,
4556 char **rdata, char **rparam,
4557 int *rdata_len, int *rparam_len)
4559 *rparam_len = MIN(*rparam_len,mprcnt);
4560 *rparam = smb_realloc_limit(*rparam,*rparam_len);
4567 SSVAL(*rparam,0,NERR_BufTooSmall);
4569 DEBUG(3,("Supplied buffer too small in API command\n"));
4574 /****************************************************************************
4575 The request is not supported.
4576 ****************************************************************************/
4578 static bool api_Unsupported(connection_struct *conn, uint16 vuid,
4579 char *param, int tpscnt,
4580 char *data, int tdscnt,
4581 int mdrcnt, int mprcnt,
4582 char **rdata, char **rparam,
4583 int *rdata_len, int *rparam_len)
4586 *rparam = smb_realloc_limit(*rparam,*rparam_len);
4593 SSVAL(*rparam,0,NERR_notsupported);
4594 SSVAL(*rparam,2,0); /* converter word */
4596 DEBUG(3,("Unsupported API command\n"));
4601 static const struct {
4604 bool (*fn)(connection_struct *, uint16,
4607 int,int,char **,char **,int *,int *);
4608 bool auth_user; /* Deny anonymous access? */
4609 } api_commands[] = {
4610 {"RNetShareEnum", RAP_WshareEnum, api_RNetShareEnum, True},
4611 {"RNetShareGetInfo", RAP_WshareGetInfo, api_RNetShareGetInfo},
4612 {"RNetShareAdd", RAP_WshareAdd, api_RNetShareAdd},
4613 {"RNetSessionEnum", RAP_WsessionEnum, api_RNetSessionEnum, True},
4614 {"RNetServerGetInfo", RAP_WserverGetInfo, api_RNetServerGetInfo},
4615 {"RNetGroupEnum", RAP_WGroupEnum, api_RNetGroupEnum, True},
4616 {"RNetGroupGetUsers", RAP_WGroupGetUsers, api_RNetGroupGetUsers, True},
4617 {"RNetUserEnum", RAP_WUserEnum, api_RNetUserEnum, True},
4618 {"RNetUserGetInfo", RAP_WUserGetInfo, api_RNetUserGetInfo},
4619 {"NetUserGetGroups", RAP_WUserGetGroups, api_NetUserGetGroups},
4620 {"NetWkstaGetInfo", RAP_WWkstaGetInfo, api_NetWkstaGetInfo},
4621 {"DosPrintQEnum", RAP_WPrintQEnum, api_DosPrintQEnum, True},
4622 {"DosPrintQGetInfo", RAP_WPrintQGetInfo, api_DosPrintQGetInfo},
4623 {"WPrintQueuePause", RAP_WPrintQPause, api_WPrintQueueCtrl},
4624 {"WPrintQueueResume", RAP_WPrintQContinue, api_WPrintQueueCtrl},
4625 {"WPrintJobEnumerate",RAP_WPrintJobEnum, api_WPrintJobEnumerate},
4626 {"WPrintJobGetInfo", RAP_WPrintJobGetInfo, api_WPrintJobGetInfo},
4627 {"RDosPrintJobDel", RAP_WPrintJobDel, api_RDosPrintJobDel},
4628 {"RDosPrintJobPause", RAP_WPrintJobPause, api_RDosPrintJobDel},
4629 {"RDosPrintJobResume",RAP_WPrintJobContinue, api_RDosPrintJobDel},
4630 {"WPrintDestEnum", RAP_WPrintDestEnum, api_WPrintDestEnum},
4631 {"WPrintDestGetInfo", RAP_WPrintDestGetInfo, api_WPrintDestGetInfo},
4632 {"NetRemoteTOD", RAP_NetRemoteTOD, api_NetRemoteTOD},
4633 {"WPrintQueuePurge", RAP_WPrintQPurge, api_WPrintQueueCtrl},
4634 {"NetServerEnum", RAP_NetServerEnum2, api_RNetServerEnum}, /* anon OK */
4635 {"WAccessGetUserPerms",RAP_WAccessGetUserPerms,api_WAccessGetUserPerms},
4636 {"SetUserPassword", RAP_WUserPasswordSet2, api_SetUserPassword},
4637 {"WWkstaUserLogon", RAP_WWkstaUserLogon, api_WWkstaUserLogon},
4638 {"PrintJobInfo", RAP_WPrintJobSetInfo, api_PrintJobInfo},
4639 {"WPrintDriverEnum", RAP_WPrintDriverEnum, api_WPrintDriverEnum},
4640 {"WPrintQProcEnum", RAP_WPrintQProcessorEnum,api_WPrintQProcEnum},
4641 {"WPrintPortEnum", RAP_WPrintPortEnum, api_WPrintPortEnum},
4642 {"SamOEMChangePassword",RAP_SamOEMChgPasswordUser2_P,api_SamOEMChangePassword}, /* anon OK */
4643 {NULL, -1, api_Unsupported}
4644 /* The following RAP calls are not implemented by Samba:
4646 RAP_WFileEnum2 - anon not OK
4651 /****************************************************************************
4652 Handle remote api calls.
4653 ****************************************************************************/
4655 void api_reply(connection_struct *conn, uint16 vuid,
4656 struct smb_request *req,
4657 char *data, char *params,
4658 int tdscnt, int tpscnt,
4659 int mdrcnt, int mprcnt)
4661 struct smbd_server_connection *sconn = smbd_server_conn;
4664 char *rparam = NULL;
4665 const char *name1 = NULL;
4666 const char *name2 = NULL;
4673 DEBUG(0,("ERROR: NULL params in api_reply()\n"));
4674 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4679 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4682 api_command = SVAL(params,0);
4683 /* Is there a string at position params+2 ? */
4684 if (skip_string(params,tpscnt,params+2)) {
4689 name2 = skip_string(params,tpscnt,params+2);
4694 DEBUG(3,("Got API command %d of form <%s> <%s> (tdscnt=%d,tpscnt=%d,mdrcnt=%d,mprcnt=%d)\n",
4698 tdscnt,tpscnt,mdrcnt,mprcnt));
4700 for (i=0;api_commands[i].name;i++) {
4701 if (api_commands[i].id == api_command && api_commands[i].fn) {
4702 DEBUG(3,("Doing %s\n",api_commands[i].name));
4707 /* Check whether this api call can be done anonymously */
4709 if (api_commands[i].auth_user && lp_restrict_anonymous()) {
4710 user_struct *user = get_valid_user_struct(sconn, vuid);
4712 if (!user || user->server_info->guest) {
4713 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4718 rdata = (char *)SMB_MALLOC(1024);
4720 memset(rdata,'\0',1024);
4723 rparam = (char *)SMB_MALLOC(1024);
4725 memset(rparam,'\0',1024);
4728 if(!rdata || !rparam) {
4729 DEBUG(0,("api_reply: malloc fail !\n"));
4732 reply_nterror(req, NT_STATUS_NO_MEMORY);
4736 reply = api_commands[i].fn(conn,
4738 params,tpscnt, /* params + length */
4739 data,tdscnt, /* data + length */
4741 &rdata,&rparam,&rdata_len,&rparam_len);
4744 if (rdata_len > mdrcnt || rparam_len > mprcnt) {
4745 reply = api_TooSmall(conn,vuid,params,data,mdrcnt,mprcnt,
4746 &rdata,&rparam,&rdata_len,&rparam_len);
4749 /* if we get False back then it's actually unsupported */
4751 reply = api_Unsupported(conn,vuid,params,tpscnt,data,tdscnt,mdrcnt,mprcnt,
4752 &rdata,&rparam,&rdata_len,&rparam_len);
4755 /* If api_Unsupported returns false we can't return anything. */
4757 send_trans_reply(conn, req, rparam, rparam_len,
4758 rdata, rdata_len, False);