s3: Remove unused "retry" from cli_full_connection
[nivanova/samba-autobuild/.git] / source3 / utils / smbcquotas.c
index c516fbb2187aa1ef7241ab86319d2b90fffc2e53..522af1730633f5ec75577eb0c3831ed4c1c0e662 100644 (file)
@@ -9,7 +9,7 @@
    
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 2 of the License, or
+   the Free Software Foundation; either version 3 of the License, or
    (at your option) any later version.
    
    This program is distributed in the hope that it will be useful,
    GNU General Public License for more details.
    
    You should have received a copy of the GNU General Public License
-   along with this program; if not, write to the Free Software
-   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
 #include "includes.h"
+#include "popt_common.h"
+#include "../librpc/gen_ndr/ndr_lsa.h"
+#include "rpc_client/cli_lsarpc.h"
+#include "fake_file.h"
+#include "../libcli/security/security.h"
 
-static pstring server;
+static char *server;
 
 /* numeric is set when the user wants numeric SIDs and ACEs rather
    than going via LSA calls to resolve them */
-static BOOL numeric;
-static BOOL verbose;
+static bool numeric;
+static bool verbose;
 
 enum todo_values {NOOP_QUOTA=0,FS_QUOTA,USER_QUOTA,LIST_QUOTA,SET_QUOTA};
 enum exit_values {EXIT_OK, EXIT_FAILED, EXIT_PARSE_ERROR};
 
 static struct cli_state *cli_ipc;
 static struct rpc_pipe_client *global_pipe_hnd;
-static POLICY_HND pol;
-static BOOL got_policy_hnd;
+static struct policy_handle pol;
+static bool got_policy_hnd;
+static struct user_auth_info *smbcquotas_auth_info;
 
 static struct cli_state *connect_one(const char *share);
 
 /* Open cli connection and policy handle */
 
-static BOOL cli_open_policy_hnd(void)
+static bool cli_open_policy_hnd(void)
 {
        /* Initialise cli LSA connection */
 
        if (!cli_ipc) {
                NTSTATUS ret;
                cli_ipc = connect_one("IPC$");
-               global_pipe_hnd = cli_rpc_pipe_open_noauth(cli_ipc, PI_LSARPC, &ret);
-               if (!global_pipe_hnd) {
+               ret = cli_rpc_pipe_open_noauth(cli_ipc,
+                                              &ndr_table_lsarpc.syntax_id,
+                                              &global_pipe_hnd);
+               if (!NT_STATUS_IS_OK(ret)) {
                                return False;
                }
        }
-       
+
        /* Open policy handle */
 
        if (!got_policy_hnd) {
 
-               /* Some systems don't support SEC_RIGHTS_MAXIMUM_ALLOWED,
+               /* Some systems don't support SEC_FLAG_MAXIMUM_ALLOWED,
                   but NT sends 0x2000000 so we might as well do it too. */
 
-               if (!NT_STATUS_IS_OK(rpccli_lsa_open_policy(global_pipe_hnd, cli_ipc->mem_ctx, True, 
+               if (!NT_STATUS_IS_OK(rpccli_lsa_open_policy(global_pipe_hnd, talloc_tos(), True, 
                                                         GENERIC_EXECUTE_ACCESS, &pol))) {
                        return False;
                }
@@ -75,20 +82,20 @@ static BOOL cli_open_policy_hnd(void)
 }
 
 /* convert a SID to a string, either numeric or username/group */
-static void SidToString(fstring str, DOM_SID *sid, BOOL _numeric)
+static void SidToString(fstring str, struct dom_sid *sid, bool _numeric)
 {
        char **domains = NULL;
        char **names = NULL;
-       uint32 *types = NULL;
+       enum lsa_SidType *types = NULL;
 
-       sid_to_string(str, sid);
+       sid_to_fstring(str, sid);
 
        if (_numeric) return;
 
        /* Ask LSA to convert the sid to a name */
 
        if (!cli_open_policy_hnd() ||
-           !NT_STATUS_IS_OK(rpccli_lsa_lookup_sids(global_pipe_hnd, cli_ipc->mem_ctx,  
+           !NT_STATUS_IS_OK(rpccli_lsa_lookup_sids(global_pipe_hnd, talloc_tos(),
                                                 &pol, 1, sid, &domains, 
                                                 &names, &types)) ||
            !domains || !domains[0] || !names || !names[0]) {
@@ -104,19 +111,19 @@ static void SidToString(fstring str, DOM_SID *sid, BOOL _numeric)
 }
 
 /* convert a string to a SID, either numeric or username/group */
-static BOOL StringToSid(DOM_SID *sid, const char *str)
+static bool StringToSid(struct dom_sid *sid, const char *str)
 {
-       uint32 *types = NULL;
-       DOM_SID *sids = NULL;
-       BOOL result = True;
+       enum lsa_SidType *types = NULL;
+       struct dom_sid *sids = NULL;
+       bool result = True;
 
-       if (strncmp(str, "S-", 2) == 0) {
-               return string_to_sid(sid, str);
+       if (string_to_sid(sid, str)) {
+               return true;
        }
 
        if (!cli_open_policy_hnd() ||
-           !NT_STATUS_IS_OK(rpccli_lsa_lookup_names(global_pipe_hnd, cli_ipc->mem_ctx, 
-                                                 &pol, 1, &str, &sids, 
+           !NT_STATUS_IS_OK(rpccli_lsa_lookup_names(global_pipe_hnd, talloc_tos(),
+                                                 &pol, 1, &str, NULL, 1, &sids, 
                                                  &types))) {
                result = False;
                goto done;
@@ -135,14 +142,20 @@ static BOOL StringToSid(DOM_SID *sid, const char *str)
 
 enum {PARSE_FLAGS,PARSE_LIM};
 
-static int parse_quota_set(pstring set_str, pstring username_str, enum SMB_QUOTA_TYPE *qtype, int *cmd, SMB_NTQUOTA_STRUCT *pqt)
+static int parse_quota_set(TALLOC_CTX *ctx,
+                       char *set_str,
+                       char **pp_username_str,
+                       enum SMB_QUOTA_TYPE *qtype,
+                       int *cmd,
+                       SMB_NTQUOTA_STRUCT *pqt)
 {
        char *p = set_str,*p2;
        int todo;
-       BOOL stop = False;
-       BOOL enable = False;
-       BOOL deny = False;
-       
+       bool stop = False;
+       bool enable = False;
+       bool deny = False;
+
+       *pp_username_str = NULL;
        if (strnequal(set_str,"UQLIM:",6)) {
                p += 6;
                *qtype = SMB_USER_QUOTA_TYPE;
@@ -151,11 +164,11 @@ static int parse_quota_set(pstring set_str, pstring username_str, enum SMB_QUOTA
                if ((p2=strstr(p,":"))==NULL) {
                        return -1;
                }
-               
+
                *p2 = '\0';
                p2++;
-               
-               fstrcpy(username_str,p);
+
+               *pp_username_str = talloc_strdup(ctx, p);
                p = p2;
        } else if (strnequal(set_str,"FSQLIM:",7)) {
                p +=7;
@@ -173,14 +186,10 @@ static int parse_quota_set(pstring set_str, pstring username_str, enum SMB_QUOTA
 
        switch (todo) {
                case PARSE_LIM:
-#if defined(HAVE_LONGLONG)
-                       if (sscanf(p,"%llu/%llu",&pqt->softlim,&pqt->hardlim)!=2) {
-#else
-                       if (sscanf(p,"%lu/%lu",&pqt->softlim,&pqt->hardlim)!=2) {
-#endif
+                       if (sscanf(p,"%"PRIu64"/%"PRIu64,&pqt->softlim,&pqt->hardlim)!=2) {
                                return -1;
                        }
-                       
+
                        break;
                case PARSE_FLAGS:
                        while (!stop) {
@@ -212,36 +221,45 @@ static int parse_quota_set(pstring set_str, pstring username_str, enum SMB_QUOTA
                        } else if (enable) {
                                pqt->qflags |= QUOTAS_ENABLED;
                        }
-                       
-                       break;  
+
+                       break;
        }
 
        return 0;
 }
 
-static int do_quota(struct cli_state *cli, enum SMB_QUOTA_TYPE qtype, uint16 cmd, pstring username_str, SMB_NTQUOTA_STRUCT *pqt)
+static int do_quota(struct cli_state *cli,
+               enum SMB_QUOTA_TYPE qtype,
+               uint16 cmd,
+               const char *username_str,
+               SMB_NTQUOTA_STRUCT *pqt)
 {
        uint32 fs_attrs = 0;
-       int quota_fnum = 0;
+       uint16_t quota_fnum = 0;
        SMB_NTQUOTA_LIST *qtl = NULL;
        SMB_NTQUOTA_STRUCT qt;
+       NTSTATUS status;
+
        ZERO_STRUCT(qt);
 
-       if (!cli_get_fs_attr_info(cli, &fs_attrs)) {
+       status = cli_get_fs_attr_info(cli, &fs_attrs);
+       if (!NT_STATUS_IS_OK(status)) {
                d_printf("Failed to get the filesystem attributes %s.\n",
-                       cli_errstr(cli));
+                        nt_errstr(status));
                return -1;
        }
 
        if (!(fs_attrs & FILE_VOLUME_QUOTAS)) {
                d_printf("Quotas are not supported by the server.\n");
-               return 0;       
+               return 0;
        }
 
-       if (!cli_get_quota_handle(cli, &quota_fnum)) {
+       status = cli_get_quota_handle(cli, &quota_fnum);
+       if (!NT_STATUS_IS_OK(status)) {
                d_printf("Quotas are not enabled on this share.\n");
                d_printf("Failed to open %s  %s.\n",
-                       FAKE_FILE_NAME_QUOTA_WIN32,cli_errstr(cli));
+                        FAKE_FILE_NAME_QUOTA_WIN32,
+                        nt_errstr(status));
                return -1;
        }
 
@@ -251,7 +269,7 @@ static int do_quota(struct cli_state *cli, enum SMB_QUOTA_TYPE qtype, uint16 cmd
                                d_printf("StringToSid() failed for [%s]\n",username_str);
                                return -1;
                        }
-                       
+
                        switch(cmd) {
                                case QUOTA_GET:
                                        if (!cli_get_user_quota(cli, quota_fnum, &qt)) {
@@ -282,12 +300,12 @@ static int do_quota(struct cli_state *cli, enum SMB_QUOTA_TYPE qtype, uint16 cmd
                                                return -1;
                                        }
                                        dump_ntquota_list(&qtl,verbose,numeric,SidToString);
-                                       free_ntquota_list(&qtl);                                        
+                                       free_ntquota_list(&qtl);
                                        break;
                                default:
                                        d_printf("Unknown Error\n");
                                        return -1;
-                       } 
+                       }
                        break;
                case SMB_USER_FS_QUOTA_TYPE:
                        switch(cmd) {
@@ -341,7 +359,7 @@ static int do_quota(struct cli_state *cli, enum SMB_QUOTA_TYPE qtype, uint16 cmd
                                default:
                                        d_printf("Unknown Error\n");
                                        return -1;
-                       }               
+                       }
                        break;
                default:
                        d_printf("Unknown Error\n");
@@ -353,35 +371,58 @@ static int do_quota(struct cli_state *cli, enum SMB_QUOTA_TYPE qtype, uint16 cmd
        return 0;
 }
 
-/***************************************************** 
-return a connection to a server
+/*****************************************************
+ Return a connection to a server.
 *******************************************************/
+
 static struct cli_state *connect_one(const char *share)
 {
        struct cli_state *c;
-       struct in_addr ip;
+       struct sockaddr_storage ss;
        NTSTATUS nt_status;
-       zero_ip(&ip);
-       
-       if (!cmdline_auth_info.got_pass) {
-               char *pass = getpass("Password: ");
-               if (pass) {
-                       pstrcpy(cmdline_auth_info.password, pass);
-                       cmdline_auth_info.got_pass = True;
-               }
+       uint32_t flags = 0;
+
+       zero_sockaddr(&ss);
+
+       if (get_cmdline_auth_info_use_machine_account(smbcquotas_auth_info) &&
+           !set_cmdline_auth_info_machine_account_creds(smbcquotas_auth_info)) {
+               return NULL;
        }
 
-       if (NT_STATUS_IS_OK(nt_status = cli_full_connection(&c, global_myname(), server, 
-                                                           &ip, 0,
-                                                           share, "?????",  
-                                                           cmdline_auth_info.username, lp_workgroup(),
-                                                           cmdline_auth_info.password, 0,
-                                                           cmdline_auth_info.signing_state, NULL))) {
-               return c;
-       } else {
+       if (get_cmdline_auth_info_use_kerberos(smbcquotas_auth_info)) {
+               flags |= CLI_FULL_CONNECTION_USE_KERBEROS |
+                        CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS;
+
+       }
+
+       set_cmdline_auth_info_getpass(smbcquotas_auth_info);
+
+       nt_status = cli_full_connection(&c, global_myname(), server, 
+                                           &ss, 0,
+                                           share, "?????",
+                                           get_cmdline_auth_info_username(smbcquotas_auth_info),
+                                           lp_workgroup(),
+                                           get_cmdline_auth_info_password(smbcquotas_auth_info),
+                                           flags,
+                                           get_cmdline_auth_info_signing_state(smbcquotas_auth_info));
+       if (!NT_STATUS_IS_OK(nt_status)) {
                DEBUG(0,("cli_full_connection failed! (%s)\n", nt_errstr(nt_status)));
                return NULL;
        }
+
+       if (get_cmdline_auth_info_smb_encrypt(smbcquotas_auth_info)) {
+               nt_status = cli_cm_force_encryption(c,
+                                       get_cmdline_auth_info_username(smbcquotas_auth_info),
+                                       get_cmdline_auth_info_password(smbcquotas_auth_info),
+                                       lp_workgroup(),
+                                       share);
+               if (!NT_STATUS_IS_OK(nt_status)) {
+                       cli_shutdown(c);
+                       return NULL;
+               }
+       }
+
+       return c;
 }
 
 /****************************************************************************
@@ -393,15 +434,16 @@ static struct cli_state *connect_one(const char *share)
        int opt;
        int result;
        int todo = 0;
-       pstring username_str = {0};
-       pstring path = {0};
-       pstring set_str = {0};
-       enum SMB_QUOTA_TYPE qtype;
+       char *username_str = NULL;
+       char *path = NULL;
+       char *set_str = NULL;
+       enum SMB_QUOTA_TYPE qtype = SMB_INVALID_QUOTA_TYPE;
        int cmd = 0;
-       static BOOL test_args = False;
+       static bool test_args = False;
        struct cli_state *cli;
-       BOOL fix_user = False;
+       bool fix_user = False;
        SMB_NTQUOTA_STRUCT qt;
+       TALLOC_CTX *frame = talloc_stackframe();
        poptContext pc;
        struct poptOption long_options[] = {
                POPT_AUTOHELP
@@ -413,35 +455,50 @@ SETSTRING:\n\
 UQLIM:<username>/<softlimit>/<hardlimit> for user quotas\n\
 FSQLIM:<softlimit>/<hardlimit> for filesystem defaults\n\
 FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT", "SETSTRING" },
-               { "numeric", 'n', POPT_ARG_NONE, &numeric, True, "Don't resolve sids or limits to names" },
-               { "verbose", 'v', POPT_ARG_NONE, &verbose, True, "be verbose" },
-               { "test-args", 't', POPT_ARG_NONE, &test_args, True, "Test arguments"},
+               { "numeric", 'n', POPT_ARG_NONE, NULL, 'n', "Don't resolve sids or limits to names" },
+               { "verbose", 'v', POPT_ARG_NONE, NULL, 'v', "be verbose" },
+               { "test-args", 't', POPT_ARG_NONE, NULL, 'r', "Test arguments"},
                POPT_COMMON_SAMBA
                POPT_COMMON_CREDENTIALS
                { NULL }
        };
 
+       load_case_tables();
+
        ZERO_STRUCT(qt);
 
        /* set default debug level to 1 regardless of what smb.conf sets */
-       setup_logging( "smbcquotas", True );
-       DEBUGLEVEL_CLASS[DBGC_ALL] = 1;
-       dbf = x_stderr;
-       x_setbuf( x_stderr, NULL );
+       setup_logging( "smbcquotas", DEBUG_STDERR);
+       lp_set_cmdline("log level", "1");
 
        setlinebuf(stdout);
 
        fault_setup(NULL);
 
-       lp_load(dyn_CONFIGFILE,True,False,False);
+       lp_load(get_dyn_CONFIGFILE(),True,False,False,True);
        load_interfaces();
 
+       smbcquotas_auth_info = user_auth_info_init(frame);
+       if (smbcquotas_auth_info == NULL) {
+               exit(1);
+       }
+       popt_common_set_auth_info(smbcquotas_auth_info);
+
        pc = poptGetContext("smbcquotas", argc, argv, long_options, 0);
-       
+
        poptSetOtherOptionHelp(pc, "//server1/share1");
 
        while ((opt = poptGetNextOpt(pc)) != -1) {
                switch (opt) {
+               case 'n':
+                       numeric = true;
+                       break;
+               case 'v':
+                       verbose = true;
+                       break;
+               case 't':
+                       test_args = true;
+                       break;
                case 'L':
                        if (todo != 0) {
                                d_printf("Please specify only one option of <-L|-F|-S|-u>\n");
@@ -457,23 +514,29 @@ FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT", "SETSTRING" },
                        }
                        todo = FS_QUOTA;
                        break;
-               
+
                case 'u':
                        if (todo != 0) {
                                d_printf("Please specify only one option of <-L|-F|-S|-u>\n");
                                exit(EXIT_PARSE_ERROR);
                        }
-                       pstrcpy(username_str,poptGetOptArg(pc));
+                       username_str = talloc_strdup(frame, poptGetOptArg(pc));
+                       if (!username_str) {
+                               exit(EXIT_PARSE_ERROR);
+                       }
                        todo = USER_QUOTA;
                        fix_user = True;
                        break;
-               
+
                case 'S':
                        if (todo != 0) {
                                d_printf("Please specify only one option of <-L|-F|-S|-u>\n");
                                exit(EXIT_PARSE_ERROR);
                        }
-                       pstrcpy(set_str,poptGetOptArg(pc));
+                       set_str = talloc_strdup(frame, poptGetOptArg(pc));
+                       if (!set_str) {
+                               exit(EXIT_PARSE_ERROR);
+                       }
                        todo = SET_QUOTA;
                        break;
                }
@@ -482,34 +545,44 @@ FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT", "SETSTRING" },
        if (todo == 0)
                todo = USER_QUOTA;
 
-       if (!fix_user)
-               pstrcpy(username_str,cmdline_auth_info.username);
+       if (!fix_user) {
+               username_str = talloc_strdup(
+                       frame, get_cmdline_auth_info_username(smbcquotas_auth_info));
+               if (!username_str) {
+                       exit(EXIT_PARSE_ERROR);
+               }
+       }
 
        /* Make connection to server */
-       if(!poptPeekArg(pc)) { 
+       if(!poptPeekArg(pc)) {
                poptPrintUsage(pc, stderr, 0);
                exit(EXIT_PARSE_ERROR);
        }
-       
-       pstrcpy(path, poptGetArg(pc));
 
-       all_string_sub(path,"/","\\",0);
+       path = talloc_strdup(frame, poptGetArg(pc));
+       if (!path) {
+               printf("Out of memory\n");
+               exit(EXIT_PARSE_ERROR);
+       }
+
+       string_replace(path, '/', '\\');
 
-       pstrcpy(server,path+2);
+       server = SMB_STRDUP(path+2);
+       if (!server) {
+               printf("Out of memory\n");
+               exit(EXIT_PARSE_ERROR);
+       }
        share = strchr_m(server,'\\');
        if (!share) {
-               share = strchr_m(server,'/');
-               if (!share) {
-                       printf("Invalid argument: %s\n", share);
-                       exit(EXIT_PARSE_ERROR);
-               }
+               printf("Invalid argument: %s\n", share);
+               exit(EXIT_PARSE_ERROR);
        }
 
        *share = 0;
        share++;
 
        if (todo == SET_QUOTA) {
-               if (parse_quota_set(set_str, username_str, &qtype, &cmd, &qt)) {
+               if (parse_quota_set(talloc_tos(), set_str, &username_str, &qtype, &cmd, &qt)) {
                        printf("Invalid argument: -S %s\n", set_str);
                        exit(EXIT_PARSE_ERROR);
                }
@@ -546,6 +619,7 @@ FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT", "SETSTRING" },
                        break;
        }
 
+       talloc_free(frame);
+
        return result;
 }
-