Replace cli_rpc_pipe_close by a talloc destructor on rpc_pipe_struct

[kai/samba.git] / source / utils / smbcacls.c

diff --git a/source/utils/smbcacls.c b/source/utils/smbcacls.c
index 861aea0713750f8b5f4702c9b4d3f5f31c32ab75..af14c622dc9616e685945eded431f88b97c84a58 100644 (file)
--- a/source/utils/smbcacls.c
+++ b/source/utils/smbcacls.c
@@ -103,9 +103,7 @@ static NTSTATUS cli_lsa_lookup_sid(struct cli_state *cli,
 
        status = NT_STATUS_OK;
  fail:
-       if (p != NULL) {
-               cli_rpc_pipe_close(p);
-       }
+       TALLOC_FREE(p);
        cli_tdis(cli);
        cli->cnum = orig_cnum;
        TALLOC_FREE(frame);
@@ -151,9 +149,7 @@ static NTSTATUS cli_lsa_lookup_name(struct cli_state *cli,
 
        status = NT_STATUS_OK;
  fail:
-       if (p != NULL) {
-               cli_rpc_pipe_close(p);
-       }
+       TALLOC_FREE(p);
        cli_tdis(cli);
        cli->cnum = orig_cnum;
        TALLOC_FREE(frame);
@@ -168,7 +164,7 @@ static void SidToString(struct cli_state *cli, fstring str, const DOM_SID *sid)
        enum lsa_SidType type;
        NTSTATUS status;
 
-       sid_to_string(str, sid);
+       sid_to_fstring(str, sid);
 
        if (numeric) {
                return;
@@ -272,7 +268,7 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace,
 {
        char *p;
        const char *cp;
-       fstring tok;
+       char *tok;
        unsigned int atype = 0;
        unsigned int aflags = 0;
        unsigned int amask = 0;
@@ -280,8 +276,10 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace,
        SEC_ACCESS mask;
        const struct perm_value *v;
        char *str = SMB_STRDUP(orig_str);
+       TALLOC_CTX *frame = talloc_stackframe();
 
        if (!str) {
+               TALLOC_FREE(frame);
                return False;
        }
 
@@ -290,6 +288,7 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace,
        if (!p) {
                printf("ACE '%s': missing ':'.\n", orig_str);
                SAFE_FREE(str);
+               TALLOC_FREE(frame);
                return False;
        }
        *p = '\0';
@@ -307,14 +306,16 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace,
                printf("ACE '%s': failed to convert '%s' to SID\n",
                        orig_str, str);
                SAFE_FREE(str);
+               TALLOC_FREE(frame);
                return False;
        }
 
        cp = p;
-       if (!next_token(&cp, tok, "/", sizeof(fstring))) {
+       if (!next_token_talloc(frame, &cp, &tok, "/")) {
                printf("ACE '%s': failed to find '/' character.\n",
                        orig_str);
                SAFE_FREE(str);
+               TALLOC_FREE(frame);
                return False;
        }
 
@@ -326,23 +327,26 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace,
                printf("ACE '%s': missing 'ALLOWED' or 'DENIED' entry at '%s'\n",
                        orig_str, tok);
                SAFE_FREE(str);
+               TALLOC_FREE(frame);
                return False;
        }
 
        /* Only numeric form accepted for flags at present */
 
-       if (!(next_token(&cp, tok, "/", sizeof(fstring)) &&
+       if (!(next_token_talloc(frame, &cp, &tok, "/") &&
              sscanf(tok, "%i", &aflags))) {
                printf("ACE '%s': bad integer flags entry at '%s'\n",
                        orig_str, tok);
                SAFE_FREE(str);
+               TALLOC_FREE(frame);
                return False;
        }
 
-       if (!next_token(&cp, tok, "/", sizeof(fstring))) {
+       if (!next_token_talloc(frame, &cp, &tok, "/")) {
                printf("ACE '%s': missing / at '%s'\n",
                        orig_str, tok);
                SAFE_FREE(str);
+               TALLOC_FREE(frame);
                return False;
        }
 
@@ -351,6 +355,7 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace,
                        printf("ACE '%s': bad hex number at '%s'\n",
                                orig_str, tok);
                        SAFE_FREE(str);
+                       TALLOC_FREE(frame);
                        return False;
                }
                goto done;
@@ -379,12 +384,14 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace,
                        printf("ACE '%s': bad permission value at '%s'\n",
                                orig_str, p);
                        SAFE_FREE(str);
+                       TALLOC_FREE(frame);
                        return False;
                }
                p++;
        }
 
        if (*p) {
+               TALLOC_FREE(frame);
                SAFE_FREE(str);
                return False;
        }
@@ -392,6 +399,7 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace,
  done:
        mask = amask;
        init_sec_ace(ace, &sid, atype, mask, aflags);
+       TALLOC_FREE(frame);
        SAFE_FREE(str);
        return True;
 }
@@ -418,18 +426,17 @@ static bool add_ace(SEC_ACL **the_acl, SEC_ACE *ace)
 }
 
 /* parse a ascii version of a security descriptor */
-static SEC_DESC *sec_desc_parse(struct cli_state *cli, char *str)
+static SEC_DESC *sec_desc_parse(TALLOC_CTX *ctx, struct cli_state *cli, char *str)
 {
        const char *p = str;
-       fstring tok;
+       char *tok;
        SEC_DESC *ret = NULL;
        size_t sd_size;
        DOM_SID *grp_sid=NULL, *owner_sid=NULL;
        SEC_ACL *dacl=NULL;
        int revision=1;
 
-       while (next_token(&p, tok, "\t,\r\n", sizeof(tok))) {
-
+       while (next_token_talloc(ctx, &p, &tok, "\t,\r\n")) {
                if (strncmp(tok,"REVISION:", 9) == 0) {
                        revision = strtol(tok+9, NULL, 16);
                        continue;
@@ -479,7 +486,7 @@ static SEC_DESC *sec_desc_parse(struct cli_state *cli, char *str)
                goto done;
        }
 
-       ret = make_sec_desc(talloc_tos(),revision, SEC_DESC_SELF_RELATIVE, owner_sid, grp_sid,
+       ret = make_sec_desc(ctx,revision, SEC_DESC_SELF_RELATIVE, owner_sid, grp_sid,
                            NULL, dacl, &sd_size);
 
   done:
@@ -677,7 +684,7 @@ static int cacl_set(struct cli_state *cli, char *filename,
        size_t sd_size;
        int result = EXIT_OK;
 
-       sd = sec_desc_parse(cli, the_acl);
+       sd = sec_desc_parse(talloc_tos(), cli, the_acl);
 
        if (!sd) return EXIT_PARSE_ERROR;
        if (test_args) return EXIT_OK;
@@ -811,30 +818,45 @@ static int cacl_set(struct cli_state *cli, char *filename,
 *******************************************************/
 static struct cli_state *connect_one(const char *server, const char *share)
 {
-       struct cli_state *c;
+       struct cli_state *c = NULL;
        struct sockaddr_storage ss;
        NTSTATUS nt_status;
        zero_addr(&ss);
 
-       if (!cmdline_auth_info.got_pass) {
+       if (!get_cmdline_auth_info_got_pass()) {
                char *pass = getpass("Password: ");
                if (pass) {
-                       pstrcpy(cmdline_auth_info.password, pass);
-                       cmdline_auth_info.got_pass = True;
+                       set_cmdline_auth_info_password(pass);
                }
        }
 
-       if (NT_STATUS_IS_OK(nt_status = cli_full_connection(&c, global_myname(), server, 
-                                                           &ss, 0,
-                                                           share, "?????",
-                                                           cmdline_auth_info.username, lp_workgroup(),
-                                                           cmdline_auth_info.password, 0,
-                                                           cmdline_auth_info.signing_state, NULL))) {
-               return c;
-       } else {
+       nt_status = cli_full_connection(&c, global_myname(), server, 
+                               &ss, 0,
+                               share, "?????",
+                               get_cmdline_auth_info_username(),
+                               lp_workgroup(),
+                               get_cmdline_auth_info_password(),
+                               get_cmdline_auth_info_use_kerberos() ? CLI_FULL_CONNECTION_USE_KERBEROS : 0,
+                               get_cmdline_auth_info_signing_state(),
+                               NULL);
+       if (!NT_STATUS_IS_OK(nt_status)) {
                DEBUG(0,("cli_full_connection failed! (%s)\n", nt_errstr(nt_status)));
                return NULL;
        }
+
+       if (get_cmdline_auth_info_smb_encrypt()) {
+               nt_status = cli_cm_force_encryption(c,
+                                       get_cmdline_auth_info_username(),
+                                       get_cmdline_auth_info_password(),
+                                       lp_workgroup(),
+                                       share);
+                if (!NT_STATUS_IS_OK(nt_status)) {
+                       cli_shutdown(c);
+                       c = NULL;
+                }
+       }
+
+       return c;
 }
 
 /****************************************************************************
@@ -882,7 +904,7 @@ static struct cli_state *connect_one(const char *server, const char *share)
 
        setlinebuf(stdout);
 
-       lp_load(dyn_CONFIGFILE,True,False,False,True);
+       lp_load(get_dyn_CONFIGFILE(),True,False,False,True);
        load_interfaces();
 
        pc = poptGetContext("smbcacls", argc, argv, long_options, 0);