#include "includes.h"
-static pstring server;
+static char *server;
/* numeric is set when the user wants numeric SIDs and ACEs rather
than going via LSA calls to resolve them */
-static BOOL numeric;
-static BOOL verbose;
+static bool numeric;
+static bool verbose;
enum todo_values {NOOP_QUOTA=0,FS_QUOTA,USER_QUOTA,LIST_QUOTA,SET_QUOTA};
enum exit_values {EXIT_OK, EXIT_FAILED, EXIT_PARSE_ERROR};
static struct cli_state *cli_ipc;
static struct rpc_pipe_client *global_pipe_hnd;
-static POLICY_HND pol;
-static BOOL got_policy_hnd;
+static struct policy_handle pol;
+static bool got_policy_hnd;
+static struct user_auth_info *smbcquotas_auth_info;
static struct cli_state *connect_one(const char *share);
/* Open cli connection and policy handle */
-static BOOL cli_open_policy_hnd(void)
+static bool cli_open_policy_hnd(void)
{
/* Initialise cli LSA connection */
if (!cli_ipc) {
NTSTATUS ret;
cli_ipc = connect_one("IPC$");
- global_pipe_hnd = cli_rpc_pipe_open_noauth(cli_ipc, PI_LSARPC, &ret);
- if (!global_pipe_hnd) {
+ ret = cli_rpc_pipe_open_noauth(cli_ipc,
+ &ndr_table_lsarpc.syntax_id,
+ &global_pipe_hnd);
+ if (!NT_STATUS_IS_OK(ret)) {
return False;
}
}
-
+
/* Open policy handle */
if (!got_policy_hnd) {
- /* Some systems don't support SEC_RIGHTS_MAXIMUM_ALLOWED,
+ /* Some systems don't support SEC_FLAG_MAXIMUM_ALLOWED,
but NT sends 0x2000000 so we might as well do it too. */
- if (!NT_STATUS_IS_OK(rpccli_lsa_open_policy(global_pipe_hnd, cli_ipc->mem_ctx, True,
+ if (!NT_STATUS_IS_OK(rpccli_lsa_open_policy(global_pipe_hnd, talloc_tos(), True,
GENERIC_EXECUTE_ACCESS, &pol))) {
return False;
}
}
/* convert a SID to a string, either numeric or username/group */
-static void SidToString(fstring str, DOM_SID *sid, BOOL _numeric)
+static void SidToString(fstring str, DOM_SID *sid, bool _numeric)
{
char **domains = NULL;
char **names = NULL;
enum lsa_SidType *types = NULL;
- sid_to_string(str, sid);
+ sid_to_fstring(str, sid);
if (_numeric) return;
/* Ask LSA to convert the sid to a name */
if (!cli_open_policy_hnd() ||
- !NT_STATUS_IS_OK(rpccli_lsa_lookup_sids(global_pipe_hnd, cli_ipc->mem_ctx,
+ !NT_STATUS_IS_OK(rpccli_lsa_lookup_sids(global_pipe_hnd, talloc_tos(),
&pol, 1, sid, &domains,
&names, &types)) ||
!domains || !domains[0] || !names || !names[0]) {
}
/* convert a string to a SID, either numeric or username/group */
-static BOOL StringToSid(DOM_SID *sid, const char *str)
+static bool StringToSid(DOM_SID *sid, const char *str)
{
enum lsa_SidType *types = NULL;
DOM_SID *sids = NULL;
- BOOL result = True;
+ bool result = True;
if (strncmp(str, "S-", 2) == 0) {
return string_to_sid(sid, str);
}
if (!cli_open_policy_hnd() ||
- !NT_STATUS_IS_OK(rpccli_lsa_lookup_names(global_pipe_hnd, cli_ipc->mem_ctx,
+ !NT_STATUS_IS_OK(rpccli_lsa_lookup_names(global_pipe_hnd, talloc_tos(),
&pol, 1, &str, NULL, 1, &sids,
&types))) {
result = False;
enum {PARSE_FLAGS,PARSE_LIM};
-static int parse_quota_set(pstring set_str, pstring username_str, enum SMB_QUOTA_TYPE *qtype, int *cmd, SMB_NTQUOTA_STRUCT *pqt)
+static int parse_quota_set(TALLOC_CTX *ctx,
+ char *set_str,
+ char **pp_username_str,
+ enum SMB_QUOTA_TYPE *qtype,
+ int *cmd,
+ SMB_NTQUOTA_STRUCT *pqt)
{
char *p = set_str,*p2;
int todo;
- BOOL stop = False;
- BOOL enable = False;
- BOOL deny = False;
-
+ bool stop = False;
+ bool enable = False;
+ bool deny = False;
+
+ *pp_username_str = NULL;
if (strnequal(set_str,"UQLIM:",6)) {
p += 6;
*qtype = SMB_USER_QUOTA_TYPE;
if ((p2=strstr(p,":"))==NULL) {
return -1;
}
-
+
*p2 = '\0';
p2++;
-
- fstrcpy(username_str,p);
+
+ *pp_username_str = talloc_strdup(ctx, p);
p = p2;
} else if (strnequal(set_str,"FSQLIM:",7)) {
p +=7;
switch (todo) {
case PARSE_LIM:
-#if defined(HAVE_LONGLONG)
- if (sscanf(p,"%llu/%llu",&pqt->softlim,&pqt->hardlim)!=2) {
-#else
- if (sscanf(p,"%lu/%lu",&pqt->softlim,&pqt->hardlim)!=2) {
-#endif
+ if (sscanf(p,"%"PRIu64"/%"PRIu64,&pqt->softlim,&pqt->hardlim)!=2) {
return -1;
}
-
+
break;
case PARSE_FLAGS:
while (!stop) {
} else if (enable) {
pqt->qflags |= QUOTAS_ENABLED;
}
-
- break;
+
+ break;
}
return 0;
}
-static int do_quota(struct cli_state *cli, enum SMB_QUOTA_TYPE qtype, uint16 cmd, pstring username_str, SMB_NTQUOTA_STRUCT *pqt)
+static int do_quota(struct cli_state *cli,
+ enum SMB_QUOTA_TYPE qtype,
+ uint16 cmd,
+ const char *username_str,
+ SMB_NTQUOTA_STRUCT *pqt)
{
uint32 fs_attrs = 0;
- int quota_fnum = 0;
+ uint16_t quota_fnum = 0;
SMB_NTQUOTA_LIST *qtl = NULL;
SMB_NTQUOTA_STRUCT qt;
ZERO_STRUCT(qt);
if (!(fs_attrs & FILE_VOLUME_QUOTAS)) {
d_printf("Quotas are not supported by the server.\n");
- return 0;
+ return 0;
}
- if (!cli_get_quota_handle(cli, "a_fnum)) {
+ if (!NT_STATUS_IS_OK(cli_get_quota_handle(cli, "a_fnum))) {
d_printf("Quotas are not enabled on this share.\n");
d_printf("Failed to open %s %s.\n",
FAKE_FILE_NAME_QUOTA_WIN32,cli_errstr(cli));
d_printf("StringToSid() failed for [%s]\n",username_str);
return -1;
}
-
+
switch(cmd) {
case QUOTA_GET:
if (!cli_get_user_quota(cli, quota_fnum, &qt)) {
return -1;
}
dump_ntquota_list(&qtl,verbose,numeric,SidToString);
- free_ntquota_list(&qtl);
+ free_ntquota_list(&qtl);
break;
default:
d_printf("Unknown Error\n");
return -1;
- }
+ }
break;
case SMB_USER_FS_QUOTA_TYPE:
switch(cmd) {
default:
d_printf("Unknown Error\n");
return -1;
- }
+ }
break;
default:
d_printf("Unknown Error\n");
return 0;
}
-/*****************************************************
-return a connection to a server
+/*****************************************************
+ Return a connection to a server.
*******************************************************/
+
static struct cli_state *connect_one(const char *share)
{
struct cli_state *c;
- struct in_addr ip;
+ struct sockaddr_storage ss;
NTSTATUS nt_status;
- zero_ip_v4(&ip);
-
- if (!cmdline_auth_info.got_pass) {
- char *pass = getpass("Password: ");
- if (pass) {
- pstrcpy(cmdline_auth_info.password, pass);
- cmdline_auth_info.got_pass = True;
- }
+ uint32_t flags = 0;
+
+ zero_sockaddr(&ss);
+
+ if (get_cmdline_auth_info_use_machine_account(smbcquotas_auth_info) &&
+ !set_cmdline_auth_info_machine_account_creds(smbcquotas_auth_info)) {
+ return NULL;
}
- if (NT_STATUS_IS_OK(nt_status = cli_full_connection(&c, global_myname(), server,
- &ip, 0,
- share, "?????",
- cmdline_auth_info.username, lp_workgroup(),
- cmdline_auth_info.password, 0,
- cmdline_auth_info.signing_state, NULL))) {
- return c;
- } else {
+ if (get_cmdline_auth_info_use_kerberos(smbcquotas_auth_info)) {
+ flags |= CLI_FULL_CONNECTION_USE_KERBEROS |
+ CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS;
+
+ }
+
+ set_cmdline_auth_info_getpass(smbcquotas_auth_info);
+
+ nt_status = cli_full_connection(&c, global_myname(), server,
+ &ss, 0,
+ share, "?????",
+ get_cmdline_auth_info_username(smbcquotas_auth_info),
+ lp_workgroup(),
+ get_cmdline_auth_info_password(smbcquotas_auth_info),
+ flags,
+ get_cmdline_auth_info_signing_state(smbcquotas_auth_info),
+ NULL);
+ if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0,("cli_full_connection failed! (%s)\n", nt_errstr(nt_status)));
return NULL;
}
+
+ if (get_cmdline_auth_info_smb_encrypt(smbcquotas_auth_info)) {
+ nt_status = cli_cm_force_encryption(c,
+ get_cmdline_auth_info_username(smbcquotas_auth_info),
+ get_cmdline_auth_info_password(smbcquotas_auth_info),
+ lp_workgroup(),
+ share);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ cli_shutdown(c);
+ return NULL;
+ }
+ }
+
+ return c;
}
/****************************************************************************
int opt;
int result;
int todo = 0;
- pstring username_str = {0};
- pstring path = {0};
- pstring set_str = {0};
+ char *username_str = NULL;
+ char *path = NULL;
+ char *set_str = NULL;
enum SMB_QUOTA_TYPE qtype = SMB_INVALID_QUOTA_TYPE;
int cmd = 0;
- static BOOL test_args = False;
+ static bool test_args = False;
struct cli_state *cli;
- BOOL fix_user = False;
+ bool fix_user = False;
SMB_NTQUOTA_STRUCT qt;
TALLOC_CTX *frame = talloc_stackframe();
poptContext pc;
UQLIM:<username>/<softlimit>/<hardlimit> for user quotas\n\
FSQLIM:<softlimit>/<hardlimit> for filesystem defaults\n\
FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT", "SETSTRING" },
- { "numeric", 'n', POPT_ARG_NONE, &numeric, True, "Don't resolve sids or limits to names" },
- { "verbose", 'v', POPT_ARG_NONE, &verbose, True, "be verbose" },
- { "test-args", 't', POPT_ARG_NONE, &test_args, True, "Test arguments"},
+ { "numeric", 'n', POPT_ARG_NONE, NULL, 'n', "Don't resolve sids or limits to names" },
+ { "verbose", 'v', POPT_ARG_NONE, NULL, 'v', "be verbose" },
+ { "test-args", 't', POPT_ARG_NONE, NULL, 'r', "Test arguments"},
POPT_COMMON_SAMBA
POPT_COMMON_CREDENTIALS
{ NULL }
fault_setup(NULL);
- lp_load(dyn_CONFIGFILE,True,False,False,True);
+ lp_load(get_dyn_CONFIGFILE(),True,False,False,True);
load_interfaces();
+ smbcquotas_auth_info = user_auth_info_init(frame);
+ if (smbcquotas_auth_info == NULL) {
+ exit(1);
+ }
+ popt_common_set_auth_info(smbcquotas_auth_info);
+
pc = poptGetContext("smbcquotas", argc, argv, long_options, 0);
-
+
poptSetOtherOptionHelp(pc, "//server1/share1");
while ((opt = poptGetNextOpt(pc)) != -1) {
switch (opt) {
+ case 'n':
+ numeric = true;
+ break;
+ case 'v':
+ verbose = true;
+ break;
+ case 't':
+ test_args = true;
+ break;
case 'L':
if (todo != 0) {
d_printf("Please specify only one option of <-L|-F|-S|-u>\n");
}
todo = FS_QUOTA;
break;
-
+
case 'u':
if (todo != 0) {
d_printf("Please specify only one option of <-L|-F|-S|-u>\n");
exit(EXIT_PARSE_ERROR);
}
- pstrcpy(username_str,poptGetOptArg(pc));
+ username_str = talloc_strdup(frame, poptGetOptArg(pc));
+ if (!username_str) {
+ exit(EXIT_PARSE_ERROR);
+ }
todo = USER_QUOTA;
fix_user = True;
break;
-
+
case 'S':
if (todo != 0) {
d_printf("Please specify only one option of <-L|-F|-S|-u>\n");
exit(EXIT_PARSE_ERROR);
}
- pstrcpy(set_str,poptGetOptArg(pc));
+ set_str = talloc_strdup(frame, poptGetOptArg(pc));
+ if (!set_str) {
+ exit(EXIT_PARSE_ERROR);
+ }
todo = SET_QUOTA;
break;
}
if (todo == 0)
todo = USER_QUOTA;
- if (!fix_user)
- pstrcpy(username_str,cmdline_auth_info.username);
+ if (!fix_user) {
+ username_str = talloc_strdup(
+ frame, get_cmdline_auth_info_username(smbcquotas_auth_info));
+ if (!username_str) {
+ exit(EXIT_PARSE_ERROR);
+ }
+ }
/* Make connection to server */
- if(!poptPeekArg(pc)) {
+ if(!poptPeekArg(pc)) {
poptPrintUsage(pc, stderr, 0);
exit(EXIT_PARSE_ERROR);
}
-
- pstrcpy(path, poptGetArg(pc));
- all_string_sub(path,"/","\\",0);
+ path = talloc_strdup(frame, poptGetArg(pc));
+ if (!path) {
+ printf("Out of memory\n");
+ exit(EXIT_PARSE_ERROR);
+ }
+
+ string_replace(path, '/', '\\');
- pstrcpy(server,path+2);
+ server = SMB_STRDUP(path+2);
+ if (!server) {
+ printf("Out of memory\n");
+ exit(EXIT_PARSE_ERROR);
+ }
share = strchr_m(server,'\\');
if (!share) {
printf("Invalid argument: %s\n", share);
share++;
if (todo == SET_QUOTA) {
- if (parse_quota_set(set_str, username_str, &qtype, &cmd, &qt)) {
+ if (parse_quota_set(talloc_tos(), set_str, &username_str, &qtype, &cmd, &qt)) {
printf("Invalid argument: -S %s\n", set_str);
exit(EXIT_PARSE_ERROR);
}
return result;
}
-
git.samba.org / ira / wip.git / blobdiff