#include "includes.h"
#include "utils/net.h"
+#include "../libcli/auth/libcli_auth.h"
static int net_mode_share;
static bool sync_files(struct copy_clistate *cp_clistate, const char *mask);
DOM_SID **domain_sid,
const char **domain_name)
{
- struct rpc_pipe_client *lsa_pipe;
- POLICY_HND pol;
+ struct rpc_pipe_client *lsa_pipe = NULL;
+ struct policy_handle pol;
NTSTATUS result = NT_STATUS_OK;
union lsa_PolicyInformation *info = NULL;
}
result = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, false,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&pol);
if (!NT_STATUS_IS_OK(result)) {
d_fprintf(stderr, "open_policy failed: %s\n",
NTSTATUS nt_status;
DOM_SID *domain_sid;
const char *domain_name;
+ int ret = -1;
/* make use of cli_state handed over as an argument, if possible */
if (!cli_arg) {
if (!(mem_ctx = talloc_init("run_rpc_command"))) {
DEBUG(0, ("talloc_init() failed\n"));
- cli_shutdown(cli);
- return -1;
+ goto fail;
}
nt_status = net_get_remote_domain_sid(cli, mem_ctx, &domain_sid,
&domain_name);
if (!NT_STATUS_IS_OK(nt_status)) {
- cli_shutdown(cli);
- return -1;
+ goto fail;
}
if (!(conn_flags & NET_FLAGS_NO_PIPE)) {
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Could not initialise schannel netlogon pipe. Error was %s\n",
nt_errstr(nt_status) ));
- cli_shutdown(cli);
- return -1;
+ goto fail;
}
} else {
if (conn_flags & NET_FLAGS_SEAL) {
}
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Could not initialise pipe %s. Error was %s\n",
- cli_get_pipe_name_from_iface(
- debug_ctx(), cli, interface),
+ get_pipe_name_from_iface(interface),
nt_errstr(nt_status) ));
- cli_shutdown(cli);
- return -1;
+ goto fail;
}
}
}
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(1, ("rpc command function failed! (%s)\n", nt_errstr(nt_status)));
} else {
+ ret = 0;
DEBUG(5, ("rpc command function succedded\n"));
}
}
}
+fail:
/* close the connection only if it was opened here */
if (!cli_arg) {
cli_shutdown(cli);
}
talloc_destroy(mem_ctx);
- return (!NT_STATUS_IS_OK(nt_status));
+ return ret;
}
/**
int argc,
const char **argv)
{
- POLICY_HND connect_pol, domain_pol;
+ struct policy_handle connect_pol, domain_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
union samr_DomainInfo *info = NULL;
fstring sid_str;
2,
&info);
if (NT_STATUS_IS_OK(result)) {
- d_printf("Domain Name: %s\n", info->info2.domain_name.string);
+ d_printf("Domain Name: %s\n", info->general.domain_name.string);
d_printf("Domain SID: %s\n", sid_str);
d_printf("Sequence number: %llu\n",
- (unsigned long long)info->info2.sequence_num);
- d_printf("Num users: %u\n", info->info2.num_users);
- d_printf("Num domain groups: %u\n", info->info2.num_groups);
- d_printf("Num local groups: %u\n", info->info2.num_aliases);
+ (unsigned long long)info->general.sequence_num);
+ d_printf("Num users: %u\n", info->general.num_users);
+ d_printf("Num domain groups: %u\n", info->general.num_groups);
+ d_printf("Num local groups: %u\n", info->general.num_aliases);
}
done:
if (argv[1]) {
u1003.usri1003_password = argv[1];
} else {
- asprintf(&prompt, "Enter new password for %s:", argv[0]);
+ if (asprintf(&prompt, "Enter new password for %s:", argv[0]) == -1) {
+ return -1;
+ }
u1003.usri1003_password = getpass(prompt);
SAFE_FREE(prompt);
}
status = NetUserGetGroups(c->opt_host,
argv[0],
0,
- (uint8_t **)&u0,
+ (uint8_t **)(void *)&u0,
(uint32_t)-1,
&entries_read,
&total_entries);
TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
- POLICY_HND *user_hnd,
+ struct policy_handle *user_hnd,
int argc, const char **argv))
{
- POLICY_HND connect_pol, domain_pol, user_pol;
+ struct policy_handle connect_pol, domain_pol, user_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
DOM_SID sid;
uint32 rid;
TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
- POLICY_HND *user_hnd,
+ struct policy_handle *user_hnd,
int argc, const char **argv)
{
NTSTATUS result;
TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
- POLICY_HND *user_hnd,
+ struct policy_handle *user_hnd,
int argc, const char **argv)
{
NTSTATUS result;
TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
- POLICY_HND *user_hnd,
+ struct policy_handle *user_hnd,
int argc, const char **argv)
{
NTSTATUS result;
int argc,
const char **argv)
{
- POLICY_HND connect_pol, domain_pol, group_pol, user_pol;
+ struct policy_handle connect_pol, domain_pol, group_pol, user_pol;
bool group_is_primary = false;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
uint32_t group_rid;
struct samr_RidTypeArray *rids = NULL;
/* char **names; */
int i;
- /* DOM_GID *user_gids; */
+ /* struct samr_RidWithAttribute *user_gids; */
struct samr_Ids group_rids, name_types;
struct lsa_String lsa_acct_name;
{
DOM_SID *sids = NULL;
enum lsa_SidType *types = NULL;
- struct rpc_pipe_client *pipe_hnd;
- POLICY_HND lsa_pol;
+ struct rpc_pipe_client *pipe_hnd = NULL;
+ struct policy_handle lsa_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
result = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id,
}
result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, false,
- SEC_RIGHTS_MAXIMUM_ALLOWED, &lsa_pol);
+ SEC_FLAG_MAXIMUM_ALLOWED, &lsa_pol);
if (!NT_STATUS_IS_OK(result)) {
goto done;
const DOM_SID *group_sid,
const char *member)
{
- POLICY_HND connect_pol, domain_pol;
+ struct policy_handle connect_pol, domain_pol;
NTSTATUS result;
uint32 group_rid;
- POLICY_HND group_pol;
+ struct policy_handle group_pol;
struct samr_Ids rids, rid_types;
struct lsa_String lsa_acct_name;
const DOM_SID *alias_sid,
const char *member)
{
- POLICY_HND connect_pol, domain_pol;
+ struct policy_handle connect_pol, domain_pol;
NTSTATUS result;
uint32 alias_rid;
- POLICY_HND alias_pol;
+ struct policy_handle alias_pol;
DOM_SID member_sid;
enum lsa_SidType member_type;
const DOM_SID *group_sid,
const char *member)
{
- POLICY_HND connect_pol, domain_pol;
+ struct policy_handle connect_pol, domain_pol;
NTSTATUS result;
uint32 group_rid;
- POLICY_HND group_pol;
+ struct policy_handle group_pol;
struct samr_Ids rids, rid_types;
struct lsa_String lsa_acct_name;
const DOM_SID *alias_sid,
const char *member)
{
- POLICY_HND connect_pol, domain_pol;
+ struct policy_handle connect_pol, domain_pol;
NTSTATUS result;
uint32 alias_rid;
- POLICY_HND alias_pol;
+ struct policy_handle alias_pol;
DOM_SID member_sid;
enum lsa_SidType member_type;
int argc,
const char **argv)
{
- POLICY_HND connect_pol, domain_pol;
+ struct policy_handle connect_pol, domain_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
uint32 start_idx=0, max_entries=250, num_entries, i, loop_count = 0;
struct samr_SamArray *groups = NULL;
if (c->opt_long_list_entries) {
- POLICY_HND alias_pol;
+ struct policy_handle alias_pol;
union samr_AliasInfo *info = NULL;
if ((NT_STATUS_IS_OK(rpccli_samr_OpenAlias(pipe_hnd, mem_ctx,
if (c->opt_long_list_entries) {
- POLICY_HND alias_pol;
+ struct policy_handle alias_pol;
union samr_AliasInfo *info = NULL;
if ((NT_STATUS_IS_OK(rpccli_samr_OpenAlias(pipe_hnd, mem_ctx,
TALLOC_CTX *mem_ctx,
const char *domain_name,
const DOM_SID *domain_sid,
- POLICY_HND *domain_pol,
+ struct policy_handle *domain_pol,
uint32 rid)
{
NTSTATUS result;
- POLICY_HND group_pol;
+ struct policy_handle group_pol;
uint32 num_members, *group_rids;
int i;
struct samr_RidTypeArray *rids = NULL;
static NTSTATUS rpc_list_alias_members(struct net_context *c,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
- POLICY_HND *domain_pol,
+ struct policy_handle *domain_pol,
uint32 rid)
{
NTSTATUS result;
struct rpc_pipe_client *lsa_pipe;
- POLICY_HND alias_pol, lsa_pol;
+ struct policy_handle alias_pol, lsa_pol;
uint32 num_members;
DOM_SID *alias_sids;
char **domains;
}
result = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, true,
- SEC_RIGHTS_MAXIMUM_ALLOWED, &lsa_pol);
+ SEC_FLAG_MAXIMUM_ALLOWED, &lsa_pol);
if (!NT_STATUS_IS_OK(result)) {
d_fprintf(stderr, "Couldn't open LSA policy handle\n");
const char **argv)
{
NTSTATUS result;
- POLICY_HND connect_pol, domain_pol;
+ struct policy_handle connect_pol, domain_pol;
struct samr_Ids rids, rid_types;
struct lsa_String lsa_acct_name;
return status;
}
-/**
- * Delete a share on a remote RPC server.
- *
- * All parameters are provided by the run_rpc_command function, except for
- * argc, argv which are passed through.
- *
- * @param domain_sid The domain sid acquired from the remote server.
- * @param cli A cli_state connected to the server.
- * @param mem_ctx Talloc context, destroyed on completion of the function.
- * @param argc Standard main() style argc.
- * @param argv Standard main() style argv. Initial components are already
- * stripped.
- *
- * @return Normal NTSTATUS return.
- **/
-static NTSTATUS rpc_share_del_internals(struct net_context *c,
- const DOM_SID *domain_sid,
- const char *domain_name,
- struct cli_state *cli,
- struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- int argc,
- const char **argv)
-{
- WERROR result;
-
- return rpccli_srvsvc_NetShareDel(pipe_hnd, mem_ctx,
- pipe_hnd->desthost,
- argv[0],
- 0,
- &result);
-}
-
/**
* Delete a share on a remote RPC server.
*
if (argc < 1 || c->display_usage) {
return rpc_share_usage(c, argc, argv);
}
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
- rpc_share_del_internals,
- argc, argv);
+
+ return NetShareDel(c->opt_host, argv[0], 0);
}
/**
* Formatted print of share info
*
- * @param info1 pointer to SRV_SHARE_INFO_1 to format
+ * @param r pointer to SHARE_INFO_1 to format
**/
static void display_share_info_1(struct net_context *c,
- struct srvsvc_NetShareInfo1 *r)
+ struct SHARE_INFO_1 *r)
{
if (c->opt_long_list_entries) {
d_printf("%-12s %-8.8s %-50s\n",
- r->name,
- c->share_type[r->type & ~(STYPE_TEMPORARY|STYPE_HIDDEN)],
- r->comment);
+ r->shi1_netname,
+ net_share_type_str(r->shi1_type & ~(STYPE_TEMPORARY|STYPE_HIDDEN)),
+ r->shi1_remark);
} else {
- d_printf("%s\n", r->name);
+ d_printf("%s\n", r->shi1_netname);
}
}
return result;
}
-/**
- * List shares on a remote RPC server.
- *
- * All parameters are provided by the run_rpc_command function, except for
- * argc, argv which are passed through.
- *
- * @param domain_sid The domain sid acquired from the remote server.
- * @param cli A cli_state connected to the server.
- * @param mem_ctx Talloc context, destroyed on completion of the function.
+/***
+ * 'net rpc share list' entrypoint.
* @param argc Standard main() style argc.
* @param argv Standard main() style argv. Initial components are already
* stripped.
- *
- * @return Normal NTSTATUS return.
**/
-
-static NTSTATUS rpc_share_list_internals(struct net_context *c,
- const DOM_SID *domain_sid,
- const char *domain_name,
- struct cli_state *cli,
- struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- int argc,
- const char **argv)
+static int rpc_share_list(struct net_context *c, int argc, const char **argv)
{
- struct srvsvc_NetShareInfoCtr info_ctr;
- struct srvsvc_NetShareCtr1 ctr1;
- WERROR result;
- uint32 i, level = 1;
-
- ZERO_STRUCT(info_ctr);
- ZERO_STRUCT(ctr1);
+ NET_API_STATUS status;
+ struct SHARE_INFO_1 *i1 = NULL;
+ uint32_t entries_read = 0;
+ uint32_t total_entries = 0;
+ uint32_t resume_handle = 0;
+ uint32_t i, level = 1;
- info_ctr.level = 1;
- info_ctr.ctr.ctr1 = &ctr1;
+ if (c->display_usage) {
+ d_printf("Usage\n"
+ "net rpc share list\n"
+ " List shares on remote server\n");
+ return 0;
+ }
- result = get_share_info(c, pipe_hnd, mem_ctx, level, argc, argv,
- &info_ctr);
- if (!W_ERROR_IS_OK(result))
+ status = NetShareEnum(c->opt_host,
+ level,
+ (uint8_t **)(void *)&i1,
+ (uint32_t)-1,
+ &entries_read,
+ &total_entries,
+ &resume_handle);
+ if (status != 0) {
goto done;
+ }
/* Display results */
"\nShare name Type Description\n"
"---------- ---- -----------\n");
}
- for (i = 0; i < info_ctr.ctr.ctr1->count; i++)
- display_share_info_1(c, &info_ctr.ctr.ctr1->array[i]);
+ for (i = 0; i < entries_read; i++)
+ display_share_info_1(c, &i1[i]);
done:
- return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
-}
-
-/***
- * 'net rpc share list' entrypoint.
- * @param argc Standard main() style argc.
- * @param argv Standard main() style argv. Initial components are already
- * stripped.
- **/
-static int rpc_share_list(struct net_context *c, int argc, const char **argv)
-{
- if (c->display_usage) {
- d_printf("Usage\n"
- "net rpc share list\n"
- " List shares on remote server\n");
- return 0;
- }
-
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
- rpc_share_list_internals, argc, argv);
+ return status;
}
static bool check_share_availability(struct cli_state *cli, const char *netname)
{
- if (!cli_send_tconX(cli, netname, "A:", "", 0)) {
+ if (!NT_STATUS_IS_OK(cli_tcon_andx(cli, netname, "A:", "", 0))) {
d_printf("skipping [%s]: not a file share.\n", netname);
return false;
}
&parm_error,
&result);
- if (W_ERROR_V(result) == W_ERROR_V(WERR_ALREADY_EXISTS)) {
+ if (W_ERROR_V(result) == W_ERROR_V(WERR_FILE_EXISTS)) {
printf(" [%s] does already exist\n",
info502.name);
continue;
}
if (!NT_STATUS_IS_OK(nt_status) || !W_ERROR_IS_OK(result)) {
- printf("cannot add share: %s\n", dos_errstr(result));
+ printf("cannot add share: %s\n", win_errstr(result));
goto done;
}
DEBUG(3,("calling cli_list with mask: %s\n", mask));
- if ( !cli_resolve_path(talloc_tos(), "", cp_clistate->cli_share_src,
+ if ( !cli_resolve_path(talloc_tos(), "", NULL, cp_clistate->cli_share_src,
mask, &targetcli, &targetpath ) ) {
d_fprintf(stderr, "cli_resolve_path %s failed with error: %s\n",
mask, cli_errstr(cp_clistate->cli_share_src));
&parm_error,
&result);
if (!NT_STATUS_IS_OK(nt_status) || !W_ERROR_IS_OK(result)) {
- printf("cannot set share-acl: %s\n", dos_errstr(result));
+ printf("cannot set share-acl: %s\n", win_errstr(result));
goto done;
}
static NTSTATUS rpc_fetch_domain_aliases(struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
- POLICY_HND *connect_pol,
+ struct policy_handle *connect_pol,
const DOM_SID *domain_sid)
{
uint32 start_idx, max_entries, num_entries, i;
struct samr_SamArray *groups = NULL;
NTSTATUS result;
- POLICY_HND domain_pol;
+ struct policy_handle domain_pol;
/* Get domain policy handle */
&num_entries);
for (i = 0; i < num_entries; i++) {
- POLICY_HND alias_pol;
+ struct policy_handle alias_pol;
struct full_alias alias;
struct lsa_SidArray sid_array;
int j;
{
int i;
NTSTATUS result;
- POLICY_HND lsa_pol;
+ struct policy_handle lsa_pol;
result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&lsa_pol);
if (!NT_STATUS_IS_OK(result))
return result;
const char **argv)
{
NTSTATUS result;
- POLICY_HND connect_pol;
+ struct policy_handle connect_pol;
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->desthost,
SAFE_FREE(token->user_sids);
}
-static bool is_sid_in_token(NT_USER_TOKEN *token, DOM_SID *sid)
-{
- int i;
-
- for (i=0; i<token->num_sids; i++) {
- if (sid_compare(sid, &token->user_sids[i]) == 0)
- return true;
- }
- return false;
-}
-
static void add_sid_to_token(NT_USER_TOKEN *token, DOM_SID *sid)
{
if (is_sid_in_token(token, sid))
return false;
}
- string_to_sid(&user_sid, sid_str);
+ if (!string_to_sid(&user_sid, sid_str)) {
+ DEBUG(1,("Could not convert sid %s from string\n", sid_str));
+ return false;
+ }
+
wbcFreeMemory(sid_str);
sid_str = NULL;
wbc_status = wbcGidToSid(gid, &wsid);
if (!WBC_ERROR_IS_OK(wbc_status)) {
- DEBUG(1, ("winbind could not find SID of gid %d: %s\n",
- gid, wbcErrorString(wbc_status)));
+ DEBUG(1, ("winbind could not find SID of gid %u: %s\n",
+ (unsigned int)gid, wbcErrorString(wbc_status)));
wbcFreeMemory(groups);
return false;
}
/* We have a SID */
DOM_SID sid;
- string_to_sid(&sid, &line[1]);
+ if(!string_to_sid(&sid, &line[1])) {
+ DEBUG(1,("get_user_tokens_from_file: Could "
+ "not convert sid %s \n",&line[1]));
+ return false;
+ }
if (token == NULL) {
DEBUG(0, ("File does not begin with username"));
int num_tokens,
struct user_token *tokens)
{
- int fnum;
+ uint16_t fnum;
SEC_DESC *share_sd = NULL;
SEC_DESC *root_sd = NULL;
struct cli_state *cli = rpc_pipe_np_smb_conn(pipe_hnd);
cnum = cli->cnum;
- if (!cli_send_tconX(cli, netname, "A:", "", 0)) {
+ if (!NT_STATUS_IS_OK(cli_tcon_andx(cli, netname, "A:", "", 0))) {
return;
}
- fnum = cli_nt_create(cli, "\\", READ_CONTROL_ACCESS);
-
- if (fnum != -1) {
+ if (!NT_STATUS_IS_OK(cli_ntcreate(cli, "\\", 0, READ_CONTROL_ACCESS, 0,
+ FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0x0, 0x0, &fnum))) {
root_sd = cli_query_secdesc(cli, fnum, mem_ctx);
}
uint32 acc_granted;
if (share_sd != NULL) {
- if (!se_access_check(share_sd, &tokens[i].token,
- 1, &acc_granted, &status)) {
+ status = se_access_check(share_sd, &tokens[i].token,
+ 1, &acc_granted);
+
+ if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Could not check share_sd for "
"user %s\n",
tokens[i].name));
continue;
}
-
- if (!NT_STATUS_IS_OK(status))
- continue;
}
if (root_sd == NULL) {
continue;
}
- if (!se_access_check(root_sd, &tokens[i].token,
- 1, &acc_granted, &status)) {
+ status = se_access_check(root_sd, &tokens[i].token,
+ 1, &acc_granted);
+ if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Could not check root_sd for user %s\n",
tokens[i].name));
continue;
}
-
- if (!NT_STATUS_IS_OK(status))
- continue;
-
d_printf(" %s\n", tokens[i].name);
}
- if (fnum != -1)
+ if (fnum != (uint16_t)-1)
cli_close(cli, fnum);
cli_tdis(cli);
cli->cnum = cnum;
{
int ret;
bool r;
- ENUM_HND hnd;
uint32 i;
FILE *f;
for (i=0; i<num_tokens; i++)
collect_alias_memberships(&tokens[i].token);
- init_enum_hnd(&hnd, 0);
-
share_list.num_shares = 0;
share_list.shares = NULL;
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
- rpc_share_list_internals,
- argc, argv);
+ return rpc_share_list(c, argc, argv);
}
return net_run_function(c, argc, argv, "net rpc share", func);
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
- return rpc_share_list_internals(c, ctx->domain_sid, ctx->domain_name,
- ctx->cli, pipe_hnd, mem_ctx,
- argc, argv);
+
+ return werror_to_ntstatus(W_ERROR(rpc_share_list(c, argc, argv)));
}
static NTSTATUS rpc_sh_share_add(struct net_context *c,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
- WERROR result;
- NTSTATUS status;
-
if (argc != 1) {
d_fprintf(stderr, "usage: %s <share>\n", ctx->whoami);
return NT_STATUS_INVALID_PARAMETER;
}
- status = rpccli_srvsvc_NetShareDel(pipe_hnd, mem_ctx,
- pipe_hnd->desthost,
- argv[0],
- 0,
- &result);
-
- return status;
+ return werror_to_ntstatus(W_ERROR(NetShareDel(pipe_hnd->desthost, argv[0], 0)));
}
static NTSTATUS rpc_sh_share_info(struct net_context *c,
return net_file_usage(c, argc, argv);
}
-/**
- * Close a file on a remote RPC server.
- *
- * All parameters are provided by the run_rpc_command function, except for
- * argc, argv which are passed through.
- *
- * @param c A net_context structure.
- * @param domain_sid The domain sid acquired from the remote server.
- * @param cli A cli_state connected to the server.
- * @param mem_ctx Talloc context, destroyed on completion of the function.
- * @param argc Standard main() style argc.
- * @param argv Standard main() style argv. Initial components are already
- * stripped.
- *
- * @return Normal NTSTATUS return.
- **/
-static NTSTATUS rpc_file_close_internals(struct net_context *c,
- const DOM_SID *domain_sid,
- const char *domain_name,
- struct cli_state *cli,
- struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- int argc,
- const char **argv)
-{
- return rpccli_srvsvc_NetFileClose(pipe_hnd, mem_ctx,
- pipe_hnd->desthost,
- atoi(argv[0]), NULL);
-}
-
/**
* Close a file on a remote RPC server.
*
return rpc_file_usage(c, argc, argv);
}
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
- rpc_file_close_internals,
- argc, argv);
+ return NetFileClose(c->opt_host, atoi(argv[0]));
}
/**
* Formatted print of open file info
*
- * @param r struct srvsvc_NetFileInfo3 contents
+ * @param r struct FILE_INFO_3 contents
**/
-static void display_file_info_3(struct srvsvc_NetFileInfo3 *r)
+static void display_file_info_3(struct FILE_INFO_3 *r)
{
d_printf("%-7.1d %-20.20s 0x%-4.2x %-6.1d %s\n",
- r->fid, r->user, r->permissions, r->num_locks, r->path);
+ r->fi3_id, r->fi3_username, r->fi3_permissions,
+ r->fi3_num_locks, r->fi3_pathname);
}
/**
- * List open files on a remote RPC server.
- *
- * All parameters are provided by the run_rpc_command function, except for
- * argc, argv which are passed through.
+ * List files for a user on a remote RPC server.
*
- * @param c A net_context structure.
- * @param domain_sid The domain sid acquired from the remote server.
- * @param cli A cli_state connected to the server.
- * @param mem_ctx Talloc context, destroyed on completion of the function.
* @param argc Standard main() style argc.
* @param argv Standard main() style argv. Initial components are already
* stripped.
*
- * @return Normal NTSTATUS return.
+ * @return A shell status integer (0 for success)..
**/
-static NTSTATUS rpc_file_list_internals(struct net_context *c,
- const DOM_SID *domain_sid,
- const char *domain_name,
- struct cli_state *cli,
- struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- int argc,
- const char **argv)
+static int rpc_file_user(struct net_context *c, int argc, const char **argv)
{
- struct srvsvc_NetFileInfoCtr info_ctr;
- struct srvsvc_NetFileCtr3 ctr3;
- WERROR result;
- NTSTATUS status;
+ NET_API_STATUS status;
uint32 preferred_len = 0xffffffff, i;
const char *username=NULL;
uint32_t total_entries = 0;
+ uint32_t entries_read = 0;
uint32_t resume_handle = 0;
+ struct FILE_INFO_3 *i3 = NULL;
+
+ if (c->display_usage) {
+ return rpc_file_usage(c, argc, argv);
+ }
/* if argc > 0, must be user command */
- if (argc > 0)
+ if (argc > 0) {
username = smb_xstrdup(argv[0]);
+ }
- ZERO_STRUCT(info_ctr);
- ZERO_STRUCT(ctr3);
-
- info_ctr.level = 3;
- info_ctr.ctr.ctr3 = &ctr3;
-
- status = rpccli_srvsvc_NetFileEnum(pipe_hnd, mem_ctx,
- pipe_hnd->desthost,
- NULL,
- username,
- &info_ctr,
- preferred_len,
- &total_entries,
- &resume_handle,
- &result);
+ status = NetFileEnum(c->opt_host,
+ NULL,
+ username,
+ 3,
+ (uint8_t **)(void *)&i3,
+ preferred_len,
+ &entries_read,
+ &total_entries,
+ &resume_handle);
- if (!NT_STATUS_IS_OK(status) || !W_ERROR_IS_OK(result))
+ if (status != 0) {
goto done;
+ }
/* Display results */
"\nEnumerating open files on remote server:\n\n"
"\nFileId Opened by Perms Locks Path"
"\n------ --------- ----- ----- ---- \n");
- for (i = 0; i < total_entries; i++)
- display_file_info_3(&info_ctr.ctr.ctr3->array[i]);
- done:
- return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
-}
-
-/**
- * List files for a user on a remote RPC server.
- *
- * @param argc Standard main() style argc.
- * @param argv Standard main() style argv. Initial components are already
- * stripped.
- *
- * @return A shell status integer (0 for success)..
- **/
-
-static int rpc_file_user(struct net_context *c, int argc, const char **argv)
-{
- if (argc < 1 || c->display_usage) {
- return rpc_file_usage(c, argc, argv);
+ for (i = 0; i < entries_read; i++) {
+ display_file_info_3(&i3[i]);
}
-
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
- rpc_file_list_internals,
- argc, argv);
+ done:
+ return status;
}
/**
int net_rpc_file(struct net_context *c, int argc, const char **argv)
{
+ NET_API_STATUS status;
+
struct functable func[] = {
{
"close",
{NULL, NULL, 0, NULL, NULL}
};
+ status = libnetapi_init(&c->netapi_ctx);
+ if (status != 0) {
+ return -1;
+ }
+ libnetapi_set_username(c->netapi_ctx, c->opt_user_name);
+ libnetapi_set_password(c->netapi_ctx, c->opt_password);
+ if (c->opt_kerberos) {
+ libnetapi_set_use_kerberos(c->netapi_ctx);
+ }
+
if (argc == 0) {
if (c->display_usage) {
d_printf("Usage:\n");
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
- rpc_file_list_internals,
- argc, argv);
+ return rpc_file_user(c, argc, argv);
}
return net_run_function(c, argc, argv, "net rpc file", func);
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
const char *msg = "This machine will be shutdown shortly";
uint32 timeout = 20;
- struct initshutdown_String msg_string;
- struct initshutdown_String_sub s;
+ struct lsa_StringLarge msg_string;
if (c->opt_comment) {
msg = c->opt_comment;
timeout = c->opt_timeout;
}
- s.name = msg;
- msg_string.name = &s;
+ msg_string.string = msg;
/* create an entry */
result = rpccli_initshutdown_Init(pipe_hnd, mem_ctx, NULL,
{
const char *msg = "This machine will be shutdown shortly";
uint32 timeout = 20;
- struct initshutdown_String msg_string;
- struct initshutdown_String_sub s;
+ struct lsa_StringLarge msg_string;
NTSTATUS result;
WERROR werr;
if (c->opt_comment) {
msg = c->opt_comment;
}
- s.name = msg;
- msg_string.name = &s;
+ msg_string.string = msg;
if (c->opt_timeout) {
timeout = c->opt_timeout;
if ( W_ERROR_EQUAL(werr, WERR_MACHINE_LOCKED) )
d_fprintf(stderr, "\nMachine locked, use -f switch to force\n");
else
- d_fprintf(stderr, "\nresult was: %s\n", dos_errstr(werr));
+ d_fprintf(stderr, "\nresult was: %s\n", win_errstr(werr));
}
return result;
int argc,
const char **argv)
{
- POLICY_HND connect_pol, domain_pol, user_pol;
+ struct policy_handle connect_pol, domain_pol, user_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
char *acct_name;
struct lsa_String lsa_acct_name;
}
{
- NTTIME notime;
- struct samr_LogonHours hours;
- struct lsa_BinaryString parameters;
- const int units_per_week = 168;
struct samr_CryptPassword crypt_pwd;
- ZERO_STRUCT(notime);
- ZERO_STRUCT(hours);
- ZERO_STRUCT(parameters);
-
- hours.bits = talloc_array(mem_ctx, uint8_t, units_per_week);
- if (!hours.bits) {
- result = NT_STATUS_NO_MEMORY;
- goto done;
- }
- hours.units_per_week = units_per_week;
- memset(hours.bits, 0xFF, units_per_week);
+ ZERO_STRUCT(info.info23);
init_samr_CryptPassword(argv[1],
&cli->user_session_key,
&crypt_pwd);
- init_samr_user_info23(&info.info23,
- notime, notime, notime,
- notime, notime, notime,
- NULL, NULL, NULL, NULL, NULL,
- NULL, NULL, NULL, NULL, ¶meters,
- 0, 0, ACB_DOMTRUST, SAMR_FIELD_ACCT_FLAGS,
- hours,
- 0, 0, 0, 0, 0, 0, 0,
- crypt_pwd.data, 24);
+ info.info23.info.fields_present = SAMR_FIELD_ACCT_FLAGS |
+ SAMR_FIELD_NT_PASSWORD_PRESENT;
+ info.info23.info.acct_flags = ACB_DOMTRUST;
+ info.info23.password = crypt_pwd;
result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
&user_pol,
int argc,
const char **argv)
{
- POLICY_HND connect_pol, domain_pol, user_pol;
+ struct policy_handle connect_pol, domain_pol, user_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
char *acct_name;
DOM_SID trust_acct_sid;
struct cli_state *cli = NULL;
struct sockaddr_storage server_ss;
struct rpc_pipe_client *pipe_hnd = NULL;
- POLICY_HND connect_hnd;
+ struct policy_handle connect_hnd;
TALLOC_CTX *mem_ctx;
NTSTATUS nt_status;
DOM_SID *domain_sid;
strupper_m(domain_name);
/* account name used at first is our domain's name with '$' */
- asprintf(&acct_name, "%s$", lp_workgroup());
+ if (asprintf(&acct_name, "%s$", lp_workgroup()) == -1) {
+ return -1;
+ }
strupper_m(acct_name);
/*
return -1;
}
- nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, true, SEC_RIGHTS_QUERY_VALUE,
+ nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, true, KEY_QUERY_VALUE,
&connect_hnd);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't open policy handle. Error was %s\n",
static NTSTATUS vampire_trusted_domain(struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
- POLICY_HND *pol,
+ struct policy_handle *pol,
DOM_SID dom_sid,
const char *trusted_dom_name)
{
NTSTATUS nt_status;
union lsa_TrustedDomainInfo *info = NULL;
char *cleartextpwd = NULL;
- uint8_t nt_hash[16];
+ uint8_t session_key[16];
+ DATA_BLOB session_key_blob;
DATA_BLOB data;
nt_status = rpccli_lsa_QueryTrustedDomainInfoBySid(pipe_hnd, mem_ctx,
data = data_blob(info->password.password->data,
info->password.password->length);
- if (!rpccli_get_pwd_hash(pipe_hnd, nt_hash)) {
+ if (!rpccli_get_pwd_hash(pipe_hnd, session_key)) {
DEBUG(0, ("Could not retrieve password hash\n"));
goto done;
}
- cleartextpwd = decrypt_trustdom_secret(nt_hash, &data);
+ session_key_blob = data_blob_const(session_key, sizeof(session_key));
+ cleartextpwd = sess_decrypt_string(mem_ctx, &data, &session_key_blob);
if (cleartextpwd == NULL) {
DEBUG(0,("retrieved NULL password\n"));
NTSTATUS nt_status;
const char *domain_name = NULL;
DOM_SID *queried_dom_sid;
- POLICY_HND connect_hnd;
+ struct policy_handle connect_hnd;
union lsa_PolicyInformation *info = NULL;
/* trusted domains listing variables */
return -1;
};
- nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, false, SEC_RIGHTS_QUERY_VALUE,
+ nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, false, KEY_QUERY_VALUE,
&connect_hnd);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't open policy handle. Error was %s\n",
DOM_SID *queried_dom_sid;
fstring padding;
int ascii_dom_name_len;
- POLICY_HND connect_hnd;
+ struct policy_handle connect_hnd;
union lsa_PolicyInformation *info = NULL;
/* trusted domains listing variables */
fstring pdc_name;
/* trusting domains listing variables */
- POLICY_HND domain_hnd;
+ struct policy_handle domain_hnd;
struct samr_SamArray *trusts = NULL;
if (c->display_usage) {
return -1;
};
- nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, false, SEC_RIGHTS_QUERY_VALUE,
+ nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, false, KEY_QUERY_VALUE,
&connect_hnd);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't open policy handle. Error was %s\n",
/* SamrConnect2 */
nt_status = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->desthost,
- SA_RIGHT_SAM_OPEN_DOMAIN,
+ SAMR_ACCESS_LOOKUP_DOMAIN,
&connect_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Couldn't open SAMR policy handle. Error was %s\n",
able to enumerate accounts*/
nt_status = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_hnd,
- SA_RIGHT_DOMAIN_ENUM_ACCOUNTS,
+ SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
queried_dom_sid,
&domain_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
if (!attempt_netbios_session_request(&cli, global_myname(),
server_name, &server_ss))
goto done;
- if (!cli_negprot(cli))
+ status = cli_negprot(cli);
+ if (!NT_STATUS_IS_OK(status))
goto done;
if (cli->protocol < PROTOCOL_NT1)
goto done;
"net rpc vampire keytab\n"
" Dump remote SAM database to Kerberos keytab file"
},
+ {
+ "passdb",
+ rpc_vampire_passdb,
+ NET_TRANSPORT_RPC,
+ "Dump remote SAM database to passdb",
+ "net rpc vampire passdb\n"
+ " Dump remote SAM database to passdb"
+ },
{NULL, NULL, 0, NULL, NULL}
};
return -1;
}
- ret = run_rpc_command(c, NULL, &syntax_spoolss, 0,
+ ret = run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
rpc_printer_migrate_printers_internals, argc,
argv);
if (ret)
return ret;
- ret = run_rpc_command(c, NULL, &syntax_spoolss, 0,
+ ret = run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
rpc_printer_migrate_drivers_internals, argc,
argv);
if (ret)
return ret;
- ret = run_rpc_command(c, NULL, &syntax_spoolss, 0,
+ ret = run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
rpc_printer_migrate_forms_internals, argc, argv);
if (ret)
return ret;
- ret = run_rpc_command(c, NULL, &syntax_spoolss, 0,
+ ret = run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
rpc_printer_migrate_settings_internals, argc,
argv);
if (ret)
return ret;
- return run_rpc_command(c, NULL, &syntax_spoolss, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
rpc_printer_migrate_security_internals, argc,
argv);
return -1;
}
- return run_rpc_command(c, NULL, &syntax_spoolss, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
rpc_printer_migrate_drivers_internals,
argc, argv);
}
return -1;
}
- return run_rpc_command(c, NULL, &syntax_spoolss, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
rpc_printer_migrate_forms_internals,
argc, argv);
}
return -1;
}
- return run_rpc_command(c, NULL, &syntax_spoolss, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
rpc_printer_migrate_printers_internals,
argc, argv);
}
return -1;
}
- return run_rpc_command(c, NULL, &syntax_spoolss, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
rpc_printer_migrate_security_internals,
argc, argv);
}
return -1;
}
- return run_rpc_command(c, NULL, &syntax_spoolss, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
rpc_printer_migrate_settings_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &syntax_spoolss, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
rpc_printer_list_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &syntax_spoolss, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
rpc_printer_driver_list_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &syntax_spoolss, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
rpc_printer_publish_publish_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &syntax_spoolss, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
rpc_printer_publish_update_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &syntax_spoolss, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
rpc_printer_publish_unpublish_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &syntax_spoolss, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
rpc_printer_publish_list_internals,
argc, argv);
}
net_display_usage_from_functable(func);
return 0;
}
- return run_rpc_command(c, NULL, &syntax_spoolss, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
rpc_printer_publish_list_internals,
argc, argv);
}
net_display_usage_from_functable(func);
return 0;
}
- return run_rpc_command(c, NULL, &syntax_spoolss, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
rpc_printer_list_internals,
argc, argv);
}
int net_rpc(struct net_context *c, int argc, const char **argv)
{
+ NET_API_STATUS status;
+
struct functable func[] = {
{
"audit",
},
{NULL, NULL, 0, NULL, NULL}
};
+
+ status = libnetapi_init(&c->netapi_ctx);
+ if (status != 0) {
+ return -1;
+ }
+ libnetapi_set_username(c->netapi_ctx, c->opt_user_name);
+ libnetapi_set_password(c->netapi_ctx, c->opt_password);
+ if (c->opt_kerberos) {
+ libnetapi_set_use_kerberos(c->netapi_ctx);
+ }
+
return net_run_function(c, argc, argv, "net rpc", func);
}