From d152839e299e7e406bb938c5b413ad975a895d6f Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Sun, 28 Aug 2005 23:03:49 +0000
Subject: [PATCH 1/1] r9722: Initial attempt at converting samba3dump to EJS..
 (This used to be commit 7e3b94dfb9c421793dab7813b96ca63da4b33960)

---
 source4/scripting/bin/samba3dump              | 220 +++++++++++++++
 source4/scripting/ejs/config.mk               |   3 +-
 source4/scripting/ejs/smbcalls.c              |   1 +
 source4/scripting/ejs/smbcalls_samba3.c       | 255 ++++++++++++++++++
 source4/scripting/ejs/smbscript.c             |   5 +
 .../scripting/libjs/{samba3.js => upgrade.js} |   7 +-
 6 files changed, 489 insertions(+), 2 deletions(-)
 create mode 100644 source4/scripting/bin/samba3dump
 create mode 100644 source4/scripting/ejs/smbcalls_samba3.c
 rename source4/scripting/libjs/{samba3.js => upgrade.js} (68%)

diff --git a/source4/scripting/bin/samba3dump b/source4/scripting/bin/samba3dump
new file mode 100644
index 00000000000..71937c27c7d
--- /dev/null
+++ b/source4/scripting/bin/samba3dump
@@ -0,0 +1,220 @@
+#!/bin/sh
+exec smbscript "$0" ${1+"$@"}
+/*
+	Dump Samba3 data
+	Copyright Jelmer Vernooij 2005
+	Released under the GNU GPL v2 or later
+*/
+
+options = GetOptions(ARGV,
+		"POPT_AUTOHELP",
+		"POPT_COMMON_SAMBA",
+		"POPT_COMMON_VERSION",
+		'format=s',
+		'quiet', 'blank');
+
+if (options == undefined) {
+   println("Failed to parse options");
+   return -1;
+}
+
+if (options.format == undefined) {
+	options.format = "summary";
+}
+
+if (options.format != "summary" && options.format != "full") {
+	printf("Unknown format %s\n", options.format);
+	return -1;
+}
+
+libinclude("base.js");
+
+if (ARGV.length != 3) {
+	println("Usage: samba3dump <libdir> <smb.conf>");
+	return -1;
+}
+
+function print_header(txt)
+{
+	printf("\n%s\n", txt);
+	for (i = 0; txt[i]; i++) putchar('=');
+	putchar('\n');
+}
+
+function print_samba3_policy(pol)
+{
+	print_header("Account Policies");
+	printf("Min password length: %d\n", pol.min_password_length);
+	printf("Password history length: %d\n", pol.password_history);
+	printf("User must logon to change password: %d\n", pol.user_must_logon_to_change_password);
+	printf("Maximum password age: %d\n", pol.maximum_password_age);
+	printf("Minimum password age: %d\n", pol.minimum_password_age);
+	printf("Lockout duration: %d\n", pol.lockout_duration);
+	printf("Reset Count Minutes: %d\n", pol.reset_count_minutes);
+	printf("Bad Lockout Minutes: %d\n", pol.bad_lockout_minutes);
+	printf("Disconnect Time: %d\n", pol.disconnect_time);
+	printf("Refuse Machine Password Change: %d\n", pol.refuse_machine_password_change);
+}
+
+function print_samba3_sam(samba3)
+{
+	print_header("SAM Database");
+	
+	for (i = 0; i < samba3.samaccount_count; i++) {
+		printf("%d: %s\n", samba3.samaccounts[i].user_rid, samba3.samaccounts[i].username);
+	}
+}
+
+function print_samba3_shares(samba3)
+{
+	print_header("Configured shares");
+	for (i = 0; i < samba3.share_count; i++) {
+		printf("--- %s ---\n", samba3.shares[i].name);
+
+		for (j = 0; j < samba3.shares[i].parameter_count; j++) {
+			printf("\t%s = %s\n", samba3.shares[i].parameters[j].name, samba3.shares[i].parameters[j].value);
+		}
+
+		println("");
+	}
+}
+
+function print_samba3_secrets(secrets)
+{
+	print_header("Secrets");
+
+	println("IPC Credentials:");
+	if (secrets.ipc_cred.username_obtained) 
+		printf("	User: %s\n", secrets.ipc_cred.username);
+	if (secrets.ipc_cred.password_obtained)
+		printf("	Password: %s\n", secrets.ipc_cred.password);
+
+	if (secrets.ipc_cred.domain_obtained)
+		printf("	Domain: %s\n\n", secrets.ipc_cred.domain);
+
+	println("LDAP passwords:");
+	for (i = 0; i < secrets.ldappw_count; i++) {
+		printf("\t%s -> %s\n", secrets.ldappws[i].dn, secrets.ldappws[i].password);
+	}
+	println("");
+
+	println("Domains:");
+	for (i = 0; i < secrets.domain_count; i++) {
+		printf("\t--- %s ---\n", secrets.domains[i].name);
+		printf("\tSID: %s\n", secrets.domains[i].sid);
+		printf("\tGUID: %s\n", secrets.domains[i].guid);
+		printf("\tPlaintext pwd: %s\n", secrets.domains[i].plaintext_pw);
+		printf("\tLast Changed: %lu\n", secrets.domains[i].last_change_time);
+		printf("\tSecure Channel Type: %d\n\n", secrets.domains[i].sec_channel_type);
+	}
+
+	println("Trusted domains:");
+	for (i = 0; i < secrets.trusted_domain_count; i++) {
+		for (j = 0; j < secrets.trusted_domains[i].uni_name_len; j++) {
+			printf("\t--- %s ---\n", secrets.trusted_domains[i].uni_name[j]);
+		}
+		printf("\tPassword: %s\n", secrets.trusted_domains[i].pass);
+		printf("\tModified: %lu\n", secrets.trusted_domains[i].mod_time);
+		printf("\tSID: %s\n", secrets.trusted_domains[i].domain_sid);
+	}
+}
+
+function print_samba3_regdb(regdb)
+{
+	print_header("Registry");
+
+	for (i = 0; i < regdb.key_count; i++) {
+		printf("%s\n", regdb.keys[i].name);
+		for (j = 0; j < regdb.keys[i].value_count; j++) {
+			printf("\t%s: type %d, length %d\n", 
+				   regdb.keys[i].values[j].name,
+				   regdb.keys[i].values[j].type,
+				   regdb.keys[i].values[j].data.length);
+		}
+	}
+}
+
+function print_samba3_winsdb(samba3)
+{
+	print_header("WINS Database");
+
+	for (i = 0; i < samba3.winsdb_count; i++) {
+		printf("%s, nb_flags: %x, type: %d, ttl: %lu, %d ips\n", samba3.winsdb_entries[i].name, samba3.winsdb_entries[i].nb_flags, samba3.winsdb_entries[i].type, samba3.winsdb_entries[i].ttl, samba3.winsdb_entries[i].ip_count);
+	}
+}
+
+function print_samba3_groupdb(groupdb)
+{
+	int i;
+	print_header("Group Mappings");
+	
+	for (i = 0; i < groupdb.groupmap_count; i++) 
+	{
+		printf("\t--- Group: %s ---\n", groupdb.groupmappings[i].nt_name);
+		printf("\tComment: %s\n", groupdb.groupmappings[i].comment);
+		printf("\tGID: %d\n", groupdb.groupmappings[i].gid);
+		printf("\tSID Name Use: %d\n", groupdb.groupmappings[i].sid_name_use);
+		printf("\tSID: %s\n\n", groupdb.groupmappings[i].sid);
+	}
+
+	for (i = 0; i < groupdb.alias_count; i++)
+	{
+		int j;
+		printf("\t--- Alias: %s ---\n", groupdb.aliases[i].sid);
+		for (j = 0; j < groupdb.aliases[i].member_count; j++) {
+			printf("\t%s\n", groupdb.aliases[i].members[j]);
+		}
+	}
+}
+
+function print_samba3_idmapdb(idmapdb)
+{
+	print_header("Winbindd SID<->GID/UID mappings");
+
+	printf("User High Water Mark: %d\n", idmapdb.user_hwm);
+	printf("Group High Water Mark: %d\n\n", idmapdb.group_hwm);
+
+	for (i = 0; i < idmapdb.mapping_count; i++) {
+		printf("%s -> ", 
+			  idmapdb.mappings[i].sid);
+
+		if (idmapdb.mappings[i].type == IDMAP_GROUP) { 
+			printf("GID %d", idmapdb.mappings[i].unix_id);
+		} else {
+			printf("UID %d", idmapdb.mappings[i].unix_id);
+		}
+	}
+}
+
+function print_samba3(samba3)
+{
+	print_samba3_sam(samba3);
+	print_samba3_policy(samba3.policy);
+	print_samba3_shares(samba3);
+	print_samba3_winsdb(samba3);
+	print_samba3_regdb(samba3.registry);
+	print_samba3_secrets(samba3.secrets);
+	print_samba3_groupdb(samba3.group);
+	print_samba3_idmapdb(samba3.idmap);
+}
+
+function print_samba3_summary(samba3)
+{
+	printf("WINS db entries: %d\n", samba3.winsdb_count);
+	printf("SAM Accounts: %d\n", samba3.samaccount_count);
+	printf("Registry key count: %d\n", samba3.registry.key_count);
+	printf("Shares (including [global]): %d\n", samba3.share_count);
+	printf("Groupmap count: %d\n", samba3.group.groupmap_count);
+	printf("Alias count: %d\n", samba3.group.alias_count);
+	printf("Idmap count: %d\n", samba3.idmap.mapping_count);
+}
+
+samba3 = samba3_read(ARGV[1], ARGV[2]);
+
+if (options.format == "summary") {
+	print_samba3_summary(samba3);
+} else if (options.format == "full") {
+	print_samba3(samba3);
+}
+
+return 0;
diff --git a/source4/scripting/ejs/config.mk b/source4/scripting/ejs/config.mk
index 096c2049ab4..e5711f1424b 100644
--- a/source4/scripting/ejs/config.mk
+++ b/source4/scripting/ejs/config.mk
@@ -26,8 +26,9 @@ OBJ_FILES = \
 		scripting/ejs/smbcalls_rand.o \
 		scripting/ejs/smbcalls_sys.o \
 		scripting/ejs/smbcalls_creds.o \
+		scripting/ejs/smbcalls_samba3.o \
 		scripting/ejs/mprutil.o
-REQUIRED_SUBSYSTEMS = AUTH EJS LIBBASIC EJSRPC MESSAGING
+REQUIRED_SUBSYSTEMS = AUTH EJS LIBBASIC EJSRPC MESSAGING LIBSAMBA3
 # End SUBSYSTEM SMBCALLS
 #######################
 
diff --git a/source4/scripting/ejs/smbcalls.c b/source4/scripting/ejs/smbcalls.c
index 3981e1dd7ac..a73fbe52c38 100644
--- a/source4/scripting/ejs/smbcalls.c
+++ b/source4/scripting/ejs/smbcalls.c
@@ -128,6 +128,7 @@ void smb_setup_ejs_functions(void)
 	smb_setup_ejs_random();
 	smb_setup_ejs_system();
 	smb_setup_ejs_credentials();
+	smb_setup_ejs_samba3();
 	smb_setup_ejs_datablob();
 
 	ejsDefineCFunction(-1, "typeof", ejs_typeof, NULL, MPR_VAR_SCRIPT_HANDLE);
diff --git a/source4/scripting/ejs/smbcalls_samba3.c b/source4/scripting/ejs/smbcalls_samba3.c
new file mode 100644
index 00000000000..0cb3a2160cf
--- /dev/null
+++ b/source4/scripting/ejs/smbcalls_samba3.c
@@ -0,0 +1,255 @@
+/* 
+   Unix SMB/CIFS implementation.
+
+   provide hooks into smbd C calls from ejs scripts
+
+   Copyright (C) Jelmer Vernooij 2005
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+#include "scripting/ejs/smbcalls.h"
+#include "lib/appweb/ejs/ejs.h"
+#include "lib/samba3/samba3.h"
+
+#if 0
+struct samba3_samaccount {
+	uint32_t logon_time,
+		logoff_time,
+		kickoff_time,
+		bad_password_time,
+		pass_last_set_time,
+		pass_can_change_time,
+		pass_must_change_time;
+	char *username;
+	char *domain;
+	char *nt_username;
+	char *dir_drive;
+	char *unknown_str;
+	char *munged_dial;
+	char *fullname;
+	char *homedir;
+	char *logon_script;
+	char *profile_path;
+	char *acct_desc;
+	char *workstations;
+	uint32_t user_rid, group_rid, hours_len, unknown_6;
+	uint16_t acct_ctrl, logon_divs;
+	uint16_t bad_password_count, logon_count;
+	uint8_t	*lm_pw_ptr, *nt_pw_ptr;
+	uint8_t *nt_pw_hist_ptr;
+	uint8_t	*hours;
+};
+
+struct samba3_groupmapping {
+	gid_t gid;
+	struct dom_sid *sid;
+	int sid_name_use;
+	const char *nt_name;
+	const char *comment;
+};
+
+struct samba3_alias {
+	struct dom_sid *sid;
+	uint32_t member_count;
+	struct dom_sid **members;
+};
+
+struct samba3_groupdb {
+	uint32_t groupmap_count;
+	struct samba3_groupmapping *groupmappings;
+
+	uint32_t alias_count;
+	struct samba3_alias *aliases;
+};
+
+struct samba3_idmap_mapping
+{
+	enum { IDMAP_GROUP, IDMAP_USER } type;
+	uint32_t unix_id;
+	struct dom_sid *sid;
+};
+
+struct samba3_idmapdb
+{
+	/* High water marks */
+	uint32_t user_hwm;
+	uint32_t group_hwm;
+
+	uint32_t mapping_count;
+	struct samba3_idmap_mapping *mappings;
+};
+
+struct samba3_winsdb_entry 
+{
+	char *name;
+	int nb_flags;
+	int type;
+	time_t ttl;
+	uint32_t ip_count;
+	struct ipv4_addr *ips;
+};
+
+struct samba3_policy
+{
+	uint32_t min_password_length;
+	uint32_t password_history;
+	uint32_t user_must_logon_to_change_password;
+	uint32_t maximum_password_age;
+	uint32_t minimum_password_age;
+	uint32_t lockout_duration;
+	uint32_t reset_count_minutes;
+	uint32_t bad_lockout_minutes;
+	uint32_t disconnect_time;
+	uint32_t refuse_machine_password_change;
+};
+
+struct samba3_regval {
+	char *name;
+	uint16_t		type;
+	DATA_BLOB 		data;
+};
+
+struct samba3_regkey {
+	char *name;
+	
+	uint32_t value_count;
+	struct samba3_regval *values;
+
+	uint32_t subkey_count;
+	char **subkeys;
+};
+
+struct samba3_regdb
+{
+	uint32_t key_count;
+	struct samba3_regkey *keys;
+};
+
+struct samba3_secrets
+{
+	struct cli_credentials *ipc_cred;
+	
+	uint32_t ldappw_count;
+	struct samba3_ldappw 
+	{
+		char *dn;
+		char *password;
+	} *ldappws;
+
+	uint32_t domain_count;
+	struct samba3_domainsecrets 
+	{
+		char *name;
+		struct dom_sid sid;
+		struct GUID guid;
+		char *plaintext_pw;
+		time_t last_change_time;
+		struct {
+			uint8_t hash[16];
+			time_t mod_time;
+		} hash_pw;;
+		int sec_channel_type;
+	} *domains;
+
+	uint32_t trusted_domain_count;
+	struct samba3_trusted_dom_pass {
+		uint32_t uni_name_len;
+		const char *uni_name[32]; /* unicode domain name */
+		const char *pass;		/* trust relationship's password */
+		time_t mod_time;
+		struct dom_sid domain_sid;	/* remote domain's sid */
+	} *trusted_domains;
+
+	uint32_t afs_keyfile_count;
+
+	struct samba3_afs_keyfile {
+		uint32_t nkeys;
+		struct {
+			uint32_t kvno;
+			char key[8];
+		} entry[8];
+		char *cell;
+	} *afs_keyfiles;
+};
+
+struct samba3_parameter {
+	char *name;
+	char *value;
+};
+
+struct samba3_share_info {
+	char *name;
+	struct security_descriptor secdesc;
+
+	uint32_t parameter_count;
+	struct samba3_parameter *parameters;
+};
+
+struct samba3 
+{
+	uint32_t winsdb_count;
+	struct samba3_winsdb_entry *winsdb_entries;
+	
+	uint32_t samaccount_count;
+	struct samba3_samaccount *samaccounts;
+
+	uint32_t share_count;
+	struct samba3_share_info *shares;
+
+	struct samba3_secrets secrets;
+	struct samba3_groupdb group;
+	struct samba3_idmapdb idmap;
+	struct samba3_policy policy;
+	struct samba3_regdb registry;
+};
+
+#endif 
+
+/*
+  initialise samba3 ejs subsystem
+*/
+static int ejs_samba3_read(MprVarHandle eid, int argc, struct MprVar **argv)
+{
+	struct MprVar *mpv = mprInitObject(eid, "samba3", argc, argv);
+	struct samba3 *samba3;
+	NTSTATUS status;
+
+	if (argc < 2) {
+		ejsSetErrorMsg(eid, "samba3_read invalid arguments");
+		return -1;
+	}
+
+	status = samba3_read(mprToString(argv[0]), mprToString(argv[0]), mprMemCtx(), &samba3);
+
+	if (NT_STATUS_IS_ERR(status)) {
+		ejsSetErrorMsg(eid, "samba3_read: error");
+		return -1;
+	}
+
+	mprSetThisPtr(eid, "db", samba3);
+	
+	return 0;
+}
+
+
+/*
+  setup C functions that be called from ejs
+*/
+void smb_setup_ejs_samba3(void)
+{
+	ejsDefineCFunction(-1, "samba3_read", ejs_samba3_read, NULL, MPR_VAR_SCRIPT_HANDLE);
+}
diff --git a/source4/scripting/ejs/smbscript.c b/source4/scripting/ejs/smbscript.c
index a35b988e56f..f8d6d507d43 100644
--- a/source4/scripting/ejs/smbscript.c
+++ b/source4/scripting/ejs/smbscript.c
@@ -86,6 +86,11 @@ void ejs_exception(const char *reason)
 	/* load the script and advance past interpreter line*/
 	script = file_load(fname, &script_size, mem_ctx);
 
+	if (!script) {
+		fprintf(stderr, "Unable to load script from '%s'\n", fname);
+		exit(1);
+	}
+
 	/* allow scriptable js */
 	if (strncmp(script, "#!", 2) == 0) {
 		script += strcspn(script, "\r\n");
diff --git a/source4/scripting/libjs/samba3.js b/source4/scripting/libjs/upgrade.js
similarity index 68%
rename from source4/scripting/libjs/samba3.js
rename to source4/scripting/libjs/upgrade.js
index 7f50c8c4b28..604bbac2c02 100644
--- a/source4/scripting/libjs/samba3.js
+++ b/source4/scripting/libjs/upgrade.js
@@ -4,5 +4,10 @@
 	Released under the GNU GPL v2 or later
 */
 
+libinclude("base.js");
 
-return 0;
+function foo() 
+{
+
+	return 0;
+}
-- 
2.34.1