char **domains;
char **names;
- status = cli_tcon_andx(cli, "IPC$", "?????", "", 0);
+ status = cli_tree_connect(cli, "IPC$", "?????", "", 0);
if (!NT_STATUS_IS_OK(status)) {
- return status;
+ goto tcon_fail;
}
status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id,
fail:
TALLOC_FREE(p);
cli_tdis(cli);
+ tcon_fail:
cli_state_set_tid(cli, orig_cnum);
TALLOC_FREE(frame);
return status;
struct dom_sid *sids;
enum lsa_SidType *types;
- status = cli_tcon_andx(cli, "IPC$", "?????", "", 0);
+ status = cli_tree_connect(cli, "IPC$", "?????", "", 0);
if (!NT_STATUS_IS_OK(status)) {
- return status;
+ goto tcon_fail;
}
status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id,
fail:
TALLOC_FREE(p);
cli_tdis(cli);
+ tcon_fail:
cli_state_set_tid(cli, orig_cnum);
TALLOC_FREE(frame);
return status;
TALLOC_CTX *frame = talloc_stackframe();
const struct ndr_syntax_id *lsarpc_syntax = &ndr_table_lsarpc.syntax_id;
- status = cli_tcon_andx(cli, "IPC$", "?????", "", 0);
+ status = cli_tree_connect(cli, "IPC$", "?????", "", 0);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
return status;
}
-struct dom_sid* get_domain_sid(struct cli_state *cli) {
+static struct dom_sid *get_domain_sid(struct cli_state *cli)
+{
NTSTATUS status;
struct dom_sid *sid = talloc(talloc_tos(), struct dom_sid);
uint16_t fnum = (uint16_t)-1;
bool result=true;
NTSTATUS status;
+ uint32_t desired_access = 0;
- /* The desired access below is the only one I could find that works
- with NT4, W2KP and Samba */
+ /* Make the desired_access more specific. */
+ if (sd->dacl) {
+ desired_access |= WRITE_DAC_ACCESS;
+ }
+ if (sd->sacl) {
+ desired_access |= SEC_FLAG_SYSTEM_SECURITY;
+ }
+ if (sd->owner_sid || sd->group_sid) {
+ desired_access |= WRITE_OWNER_ACCESS;
+ }
status = cli_ntcreate(cli, filename, 0,
- WRITE_DAC_ACCESS|WRITE_OWNER_ACCESS,
+ desired_access,
0, FILE_SHARE_READ|FILE_SHARE_WRITE,
FILE_OPEN, 0x0, 0x0, &fnum);
if (!NT_STATUS_IS_OK(status)) {
*******************************************************/
static int cacl_dump(struct cli_state *cli, const char *filename)
{
- int result = EXIT_FAILED;
struct security_descriptor *sd;
- if (test_args)
+ if (test_args) {
return EXIT_OK;
+ }
sd = get_secdesc(cli, filename);
+ if (sd == NULL) {
+ return EXIT_FAILED;
+ }
- if (sd) {
- if (sddl) {
- printf("%s\n", sddl_encode(talloc_tos(), sd,
- get_domain_sid(cli)));
- } else {
- sec_desc_print(cli, stdout, sd);
+ if (sddl) {
+ char *str = sddl_encode(talloc_tos(), sd, get_domain_sid(cli));
+ if (str == NULL) {
+ return EXIT_FAILED;
}
- result = EXIT_OK;
+ printf("%s\n", str);
+ TALLOC_FREE(str);
+ } else {
+ sec_desc_print(cli, stdout, sd);
}
- return result;
+ return EXIT_OK;
}
/*****************************************************
return -1;
}
+ poptFreeContext(pc);
+
string_replace(path,'/','\\');
server = talloc_strdup(frame, path+2);