diff options
| author | Jelmer Vernooij <jelmer@samba.org> | 2008-01-05 23:09:38 +0100 |
|---|---|---|
| committer | Jelmer Vernooij <jelmer@samba.org> | 2008-01-05 23:09:38 +0100 |
| commit | aaa27706664da2855c09da0691c3717b571edaba (patch) | |
| tree | 17cc8a7475f7062eb664d0201d660c77bf415a7e /source3/utils | |
| parent | 3ba8fbef29aabfcd78e1170fcbfcf7bc943af6f9 (diff) | |
| parent | 4a413e4bd177402a1697cffac43d35e94cc55102 (diff) | |
| download | samba-aaa27706664da2855c09da0691c3717b571edaba.tar.gz samba-aaa27706664da2855c09da0691c3717b571edaba.tar.bz2 samba-aaa27706664da2855c09da0691c3717b571edaba.zip | |
Merge branch 'v3-2-test' of ssh://git.samba.org/data/git/samba into v3-2-test
(This used to be commit 5a30f6377d37d8a5cadce4fb9a2fc19b78fc1709)
Diffstat (limited to 'source3/utils')
| -rw-r--r-- | source3/utils/net.c | 62 | ||||
| -rw-r--r-- | source3/utils/net_conf.c | 451 | ||||
| -rw-r--r-- | source3/utils/net_help.c | 1 | ||||
| -rw-r--r-- | source3/utils/net_rpc.c | 24 | ||||
| -rw-r--r-- | source3/utils/net_sam.c | 2 | ||||
| -rw-r--r-- | source3/utils/pdbedit.c | 201 | ||||
| -rw-r--r-- | source3/utils/smbcacls.c | 37 | ||||
| -rw-r--r-- | source3/utils/smbcquotas.c | 35 | ||||
| -rw-r--r-- | source3/utils/smbfilter.c | 28 | ||||
| -rw-r--r-- | source3/utils/smbget.c | 12 |
10 files changed, 441 insertions, 412 deletions
diff --git a/source3/utils/net.c b/source3/utils/net.c index bf70d08d8b..586ea2fdb6 100644 --- a/source3/utils/net.c +++ b/source3/utils/net.c @@ -88,6 +88,7 @@ int opt_testmode = False; int opt_have_ip = False; struct sockaddr_storage opt_dest_ip; +bool smb_encrypt; extern bool AllowDebugChange; @@ -178,9 +179,7 @@ NTSTATUS connect_to_service(struct cli_state **c, service_name, service_type, opt_user_name, opt_workgroup, opt_password, 0, Undefined, NULL); - if (NT_STATUS_IS_OK(nt_status)) { - return nt_status; - } else { + if (!NT_STATUS_IS_OK(nt_status)) { d_fprintf(stderr, "Could not connect to server %s\n", server_name); /* Display a nicer message depending on the result */ @@ -196,9 +195,40 @@ NTSTATUS connect_to_service(struct cli_state **c, if (NT_STATUS_V(nt_status) == NT_STATUS_V(NT_STATUS_ACCOUNT_DISABLED)) d_fprintf(stderr, "The account was disabled.\n"); - return nt_status; } + + if (smb_encrypt) { + nt_status = cli_force_encryption(*c, + opt_user_name, + opt_password, + opt_workgroup); + + if (NT_STATUS_EQUAL(nt_status,NT_STATUS_NOT_SUPPORTED)) { + d_printf("Encryption required and " + "server that doesn't support " + "UNIX extensions - failing connect\n"); + } else if (NT_STATUS_EQUAL(nt_status,NT_STATUS_UNKNOWN_REVISION)) { + d_printf("Encryption required and " + "can't get UNIX CIFS extensions " + "version from server.\n"); + } else if (NT_STATUS_EQUAL(nt_status,NT_STATUS_UNSUPPORTED_COMPRESSION)) { + d_printf("Encryption required and " + "share %s doesn't support " + "encryption.\n", service_name); + } else if (!NT_STATUS_IS_OK(nt_status)) { + d_printf("Encryption required and " + "setup failed with error %s.\n", + nt_errstr(nt_status)); + } + + if (!NT_STATUS_IS_OK(nt_status)) { + cli_shutdown(*c); + *c = NULL; + } + } + + return nt_status; } /**************************************************************************** @@ -287,12 +317,24 @@ NTSTATUS connect_to_ipc_krb5(struct cli_state **c, SAFE_FREE(user_and_realm); - if (NT_STATUS_IS_OK(nt_status)) { - return nt_status; - } else { + if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(1,("Cannot connect to server using kerberos. Error was %s\n", nt_errstr(nt_status))); return nt_status; } + + if (smb_encrypt) { + nt_status = cli_cm_force_encryption(*c, + user_and_realm, + opt_password, + opt_workgroup, + "IPC$"); + if (!NT_STATUS_IS_OK(nt_status)) { + cli_shutdown(*c); + *c = NULL; + } + } + + return nt_status; } /** @@ -988,6 +1030,7 @@ static struct functable net_func[] = { {"port", 'p', POPT_ARG_INT, &opt_port}, {"myname", 'n', POPT_ARG_STRING, &opt_requester_name}, {"server", 'S', POPT_ARG_STRING, &opt_host}, + {"encrypt", 'e', POPT_ARG_NONE, NULL, 'e', "Encrypt SMB transport (UNIX extended servers only)" }, {"container", 'c', POPT_ARG_STRING, &opt_container}, {"comment", 'C', POPT_ARG_STRING, &opt_comment}, {"maxusers", 'M', POPT_ARG_INT, &opt_maxusers}, @@ -1010,7 +1053,7 @@ static struct functable net_func[] = { {"acls", 0, POPT_ARG_NONE, &opt_acls}, {"attrs", 0, POPT_ARG_NONE, &opt_attrs}, {"timestamps", 0, POPT_ARG_NONE, &opt_timestamps}, - {"exclude", 'e', POPT_ARG_STRING, &opt_exclude}, + {"exclude", 'X', POPT_ARG_STRING, &opt_exclude}, {"destination", 0, POPT_ARG_STRING, &opt_destination}, {"tallocreport", 0, POPT_ARG_NONE, &do_talloc_report}, @@ -1037,6 +1080,9 @@ static struct functable net_func[] = { net_help(argc, argv); exit(0); break; + case 'e': + smb_encrypt=true; + break; case 'I': if (!interpret_string_addr(&opt_dest_ip, poptGetOptArg(pc), 0)) { diff --git a/source3/utils/net_conf.c b/source3/utils/net_conf.c index 673d373177..38cdeacc11 100644 --- a/source3/utils/net_conf.c +++ b/source3/utils/net_conf.c @@ -2,7 +2,7 @@ * Samba Unix/Linux SMB client library * Distributed SMB/CIFS Server Management Utility * Local configuration interface - * Copyright (C) Michael Adam 2007 + * Copyright (C) Michael Adam 2007-2008 * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -19,9 +19,12 @@ */ /* - * This is an interface to the configuration stored inside the - * samba registry. In the future there might be support for other - * configuration backends as well. + * This is an interface to Samba's configuration as made available + * by the libnet_conf interface (source/libnet/libnet_conf.c). + * + * This currently supports local interaction with the configuration + * stored in the registry. But other backends and remote access via + * rpc might get implemented in the future. */ #include "includes.h" @@ -43,9 +46,9 @@ static int net_conf_import_usage(int argc, const char**argv) d_printf("USAGE: net conf import [--test|-T] <filename> " "[<servicename>]\n" "\t[--test|-T] testmode - do not act, just print " - "what would be done\n" + "what would be done\n" "\t<servicename> only import service <servicename>, " - "ignore the rest\n"); + "ignore the rest\n"); return -1; } @@ -110,138 +113,6 @@ static int net_conf_delparm_usage(int argc, const char **argv) * Helper functions */ -static char *format_value(TALLOC_CTX *mem_ctx, struct registry_value *value) -{ - char *result = NULL; - - /* what if mem_ctx = NULL? */ - - switch (value->type) { - case REG_DWORD: - result = talloc_asprintf(mem_ctx, "%d", value->v.dword); - break; - case REG_SZ: - case REG_EXPAND_SZ: - result = talloc_asprintf(mem_ctx, "%s", value->v.sz.str); - break; - case REG_MULTI_SZ: { - uint32 j; - for (j = 0; j < value->v.multi_sz.num_strings; j++) { - result = talloc_asprintf(mem_ctx, "\"%s\" ", - value->v.multi_sz.strings[j]); - } - break; - } - case REG_BINARY: - result = talloc_asprintf(mem_ctx, "binary (%d bytes)", - (int)value->v.binary.length); - break; - default: - result = talloc_asprintf(mem_ctx, "<unprintable>"); - break; - } - return result; -} - -/* - * delete a subkey of KEY_SMBCONF - */ -static WERROR reg_delkey_internal(TALLOC_CTX *ctx, const char *keyname) -{ - WERROR werr = WERR_OK; - struct registry_key *key = NULL; - - werr = libnet_smbconf_open_basepath(ctx, REG_KEY_WRITE, &key); - if (!W_ERROR_IS_OK(werr)) { - goto done; - } - - werr = reg_deletekey_recursive(key, key, keyname); - if (!W_ERROR_IS_OK(werr)) { - d_fprintf(stderr, "Error deleting registry key %s\\%s: %s\n", - KEY_SMBCONF, keyname, dos_errstr(werr)); - } - -done: - TALLOC_FREE(key); - return werr; -} - -static WERROR list_values(TALLOC_CTX *ctx, struct registry_key *key) -{ - WERROR werr = WERR_OK; - uint32 idx = 0; - struct registry_value *valvalue = NULL; - char *valname = NULL; - - for (idx = 0; - W_ERROR_IS_OK(werr = reg_enumvalue(ctx, key, idx, &valname, - &valvalue)); - idx++) - { - d_printf("\t%s = %s\n", valname, format_value(ctx, valvalue)); - } - if (!W_ERROR_EQUAL(WERR_NO_MORE_ITEMS, werr)) { - d_fprintf(stderr, "Error enumerating values: %s\n", - dos_errstr(werr)); - goto done; - } - werr = WERR_OK; - -done: - return werr; -} - -static WERROR drop_smbconf_internal(TALLOC_CTX *ctx) -{ - char *path, *p; - WERROR werr = WERR_OK; - NT_USER_TOKEN *token; - struct registry_key *parent_key = NULL; - struct registry_key *new_key = NULL; - TALLOC_CTX* tmp_ctx = NULL; - enum winreg_CreateAction action; - - tmp_ctx = talloc_new(ctx); - if (tmp_ctx == NULL) { - werr = WERR_NOMEM; - goto done; - } - - if (!(token = registry_create_admin_token(tmp_ctx))) { - /* what is the appropriate error code here? */ - werr = WERR_CAN_NOT_COMPLETE; - goto done; - } - - path = talloc_strdup(tmp_ctx, KEY_SMBCONF); - if (path == NULL) { - d_fprintf(stderr, "ERROR: out of memory!\n"); - werr = WERR_NOMEM; - goto done; - } - p = strrchr(path, '\\'); - *p = '\0'; - werr = reg_open_path(tmp_ctx, path, REG_KEY_WRITE, token, &parent_key); - - if (!W_ERROR_IS_OK(werr)) { - goto done; - } - - werr = reg_deletekey_recursive(tmp_ctx, parent_key, p+1); - - if (!W_ERROR_IS_OK(werr)) { - goto done; - } - - werr = reg_createkey(tmp_ctx, parent_key, p+1, REG_KEY_WRITE, - &new_key, &action); - -done: - TALLOC_FREE(tmp_ctx); - return werr; -} - static char *parm_valstr(TALLOC_CTX *ctx, struct parm_struct *parm, struct share_params *share) { @@ -268,14 +139,14 @@ static char *parm_valstr(TALLOC_CTX *ctx, struct parm_struct *parm, valstr = talloc_asprintf(ctx, "%s", BOOLSTR(!*(bool *)ptr)); break; case P_ENUM: - for (i = 0; parm->enum_list[i].name; i++) { - if (*(int *)ptr == parm->enum_list[i].value) + for (i = 0; parm->enum_list[i].name; i++) { + if (*(int *)ptr == parm->enum_list[i].value) { valstr = talloc_asprintf(ctx, "%s", - parm->enum_list[i].name); - break; - } - } + parm->enum_list[i].name); + break; + } + } break; case P_OCTAL: { char *o = octal_string(*(int *)ptr); @@ -323,7 +194,6 @@ static int import_process_service(TALLOC_CTX *ctx, struct parm_struct *parm; int pnum = 0; const char *servicename; - struct registry_key *key; WERROR werr; char *valstr = NULL; TALLOC_CTX *tmp_ctx = NULL; @@ -340,23 +210,21 @@ static int import_process_service(TALLOC_CTX *ctx, if (opt_testmode) { d_printf("[%s]\n", servicename); } else { - if (libnet_smbconf_key_exists(tmp_ctx, servicename)) { - werr = reg_delkey_internal(tmp_ctx, servicename); + if (libnet_conf_share_exists(servicename)) { + werr = libnet_conf_delete_share(servicename); if (!W_ERROR_IS_OK(werr)) { goto done; } } - werr = libnet_smbconf_reg_createkey_internal(tmp_ctx, servicename, &key); - if (!W_ERROR_IS_OK(werr)) { - goto done; - } } while ((parm = lp_next_parameter(share->service, &pnum, 0))) { - if ((share->service < 0 && parm->p_class == P_LOCAL) + if ((share->service < 0) && (parm->p_class == P_LOCAL) && !(parm->flags & FLAG_GLOBAL)) + { continue; + } valstr = parm_valstr(tmp_ctx, parm, share); @@ -364,9 +232,14 @@ static int import_process_service(TALLOC_CTX *ctx, if (opt_testmode) { d_printf("\t%s = %s\n", parm->label, valstr); } else { - werr = libnet_smbconf_reg_setvalue_internal(key, - parm->label, valstr); + werr = libnet_conf_set_parameter(servicename, + parm->label, + valstr); if (!W_ERROR_IS_OK(werr)) { + d_fprintf(stderr, + "Error setting parameter '%s'" + ": %s\n", parm->label, + dos_errstr(werr)); goto done; } } @@ -384,7 +257,7 @@ done: return ret; } -/* return True iff there are nondefault globals */ +/* return true iff there are nondefault globals */ static bool globals_exist(void) { int i = 0; @@ -392,25 +265,27 @@ static bool globals_exist(void) while ((parm = lp_next_parameter(GLOBAL_SECTION_SNUM, &i, 0)) != NULL) { if (parm->type != P_SEP) { - return True; + return true; } } - return False; + return false; } /* * the conf functions */ -int net_conf_list(int argc, const char **argv) +static int net_conf_list(int argc, const char **argv) { WERROR werr = WERR_OK; int ret = -1; TALLOC_CTX *ctx; - struct registry_key *base_key = NULL; - struct registry_key *sub_key = NULL; - uint32 idx_key = 0; - char *subkey_name = NULL; + uint32_t num_shares; + char **share_names; + uint32_t *num_params; + char ***param_names; + char ***param_values; + uint32_t share_count, param_count; ctx = talloc_init("list"); @@ -419,54 +294,26 @@ int net_conf_list(int argc, const char **argv) goto done; } - werr = libnet_smbconf_open_basepath(ctx, REG_KEY_READ, &base_key); + werr = libnet_conf_get_config(ctx, &num_shares, &share_names, + &num_params, ¶m_names, + ¶m_values); if (!W_ERROR_IS_OK(werr)) { + d_fprintf(stderr, "Error getting config: %s\n", + dos_errstr(werr)); goto done; } - if (libnet_smbconf_key_exists(ctx, GLOBAL_NAME)) { - werr = reg_openkey(ctx, base_key, GLOBAL_NAME, - REG_KEY_READ, &sub_key); - if (!W_ERROR_IS_OK(werr)) { - d_fprintf(stderr, "Error opening subkey '%s' : %s\n", - subkey_name, dos_errstr(werr)); - goto done; - } - d_printf("[%s]\n", GLOBAL_NAME); - if (!W_ERROR_IS_OK(list_values(ctx, sub_key))) { - goto done; - } - d_printf("\n"); - } - - for (idx_key = 0; - W_ERROR_IS_OK(werr = reg_enumkey(ctx, base_key, idx_key, - &subkey_name, NULL)); - idx_key++) - { - if (strequal(subkey_name, GLOBAL_NAME)) { - continue; - } - d_printf("[%s]\n", subkey_name); - - werr = reg_openkey(ctx, base_key, subkey_name, - REG_KEY_READ, &sub_key); - if (!W_ERROR_IS_OK(werr)) { - d_fprintf(stderr, - "Error opening subkey '%s': %s\n", - subkey_name, dos_errstr(werr)); - goto done; - } - if (!W_ERROR_IS_OK(list_values(ctx, sub_key))) { - goto done; + for (share_count = 0; share_count < num_shares; share_count++) { + d_printf("[%s]\n", share_names[share_count]); + for (param_count = 0; param_count < num_params[share_count]; + param_count++) + { + d_printf("\t%s = %s\n", + param_names[share_count][param_count], + param_values[share_count][param_count]); } d_printf("\n"); } - if (!W_ERROR_EQUAL(WERR_NO_MORE_ITEMS, werr)) { - d_fprintf(stderr, "Error enumerating subkeys: %s\n", - dos_errstr(werr)); - goto done; - } ret = 0; @@ -475,12 +322,12 @@ done: return ret; } -int net_conf_import(int argc, const char **argv) +static int net_conf_import(int argc, const char **argv) { int ret = -1; const char *filename = NULL; const char *servicename = NULL; - bool service_found = False; + bool service_found = false; TALLOC_CTX *ctx; struct share_iterator *shares; struct share_params *share; @@ -504,10 +351,10 @@ int net_conf_import(int argc, const char **argv) filename)); if (!lp_load(filename, - False, /* global_only */ - True, /* save_defaults */ - False, /* add_ipc */ - True)) /* initialize_globals */ + false, /* global_only */ + true, /* save_defaults */ + false, /* add_ipc */ + true)) /* initialize_globals */ { d_fprintf(stderr, "Error parsing configuration file.\n"); goto done; @@ -521,7 +368,7 @@ int net_conf_import(int argc, const char **argv) if (((servicename == NULL) && globals_exist()) || strequal(servicename, GLOBAL_NAME)) { - service_found = True; + service_found = true; if (import_process_service(ctx, &global_share) != 0) { goto done; } @@ -540,7 +387,7 @@ int net_conf_import(int argc, const char **argv) if ((servicename == NULL) || strequal(servicename, lp_servicename(share->service))) { - service_found = True; + service_found = true; if (import_process_service(ctx, share)!= 0) { goto done; } @@ -561,13 +408,12 @@ done: return ret; } -int net_conf_listshares(int argc, const char **argv) +static int net_conf_listshares(int argc, const char **argv) { WERROR werr = WERR_OK; int ret = -1; - struct registry_key *key; - uint32 idx = 0; - char *subkey_name = NULL; + uint32_t count, num_shares = 0; + char **share_names = NULL; TALLOC_CTX *ctx; ctx = talloc_init("listshares"); @@ -577,22 +423,14 @@ int net_conf_listshares(int argc, const char **argv) goto done; } - werr = libnet_smbconf_open_basepath(ctx, SEC_RIGHTS_ENUM_SUBKEYS, &key); + werr = libnet_conf_get_share_names(ctx, &num_shares, &share_names); if (!W_ERROR_IS_OK(werr)) { goto done; } - for (idx = 0; - W_ERROR_IS_OK(werr = reg_enumkey(ctx, key, idx, - &subkey_name, NULL)); - idx++) + for (count = 0; count < num_shares; count++) { - d_printf("%s\n", subkey_name); - } - if (! W_ERROR_EQUAL(WERR_NO_MORE_ITEMS, werr)) { - d_fprintf(stderr, "Error enumerating subkeys: %s\n", - dos_errstr(werr)); - goto done; + d_printf("%s\n", share_names[count]); } ret = 0; @@ -602,7 +440,7 @@ done: return ret; } -int net_conf_drop(int argc, const char **argv) +static int net_conf_drop(int argc, const char **argv) { int ret = -1; WERROR werr; @@ -612,7 +450,7 @@ int net_conf_drop(int argc, const char **argv) goto done; } - werr = drop_smbconf_internal(NULL); + werr = libnet_conf_drop(); if (!W_ERROR_IS_OK(werr)) { d_fprintf(stderr, "Error deleting configuration: %s\n", dos_errstr(werr)); @@ -625,12 +463,16 @@ done: return ret; } -int net_conf_showshare(int argc, const char **argv) +static int net_conf_showshare(int argc, const char **argv) { int ret = -1; WERROR werr = WERR_OK; - struct registry_key *key = NULL; + const char *sharename = NULL; TALLOC_CTX *ctx; + uint32_t num_params; + uint32_t count; + char **param_names; + char **param_values; ctx = talloc_init("showshare"); @@ -639,15 +481,21 @@ int net_conf_showshare(int argc, const char **argv) goto done; } - werr = libnet_smbconf_open_path(ctx, argv[0], REG_KEY_READ, &key); + sharename = argv[0]; + + werr = libnet_conf_get_share(ctx, sharename, &num_params, + ¶m_names, ¶m_values); if (!W_ERROR_IS_OK(werr)) { + d_printf("error getting share parameters: %s\n", + dos_errstr(werr)); goto done; } - d_printf("[%s]\n", argv[0]); + d_printf("[%s]\n", sharename); - if (!W_ERROR_IS_OK(list_values(ctx, key))) { - goto done; + for (count = 0; count < num_params; count++) { + d_printf("\t%s = %s\n", param_names[count], + param_values[count]); } ret = 0; @@ -657,11 +505,16 @@ done: return ret; } -int net_conf_addshare(int argc, const char **argv) +/** + * Add a share, with a couple of standard parameters, partly optional. + * + * This is a high level utility function of the net conf utility, + * not a direct frontend to the libnet_conf API. + */ +static int net_conf_addshare(int argc, const char **argv) { int ret = -1; WERROR werr = WERR_OK; - struct registry_key *newkey = NULL; char *sharename = NULL; const char *path = NULL; const char *comment = NULL; @@ -713,7 +566,6 @@ int net_conf_addshare(int argc, const char **argv) net_conf_addshare_usage(argc, argv); goto done; } - case 2: path = argv[1]; sharename = strdup_lower(argv[0]); @@ -747,6 +599,12 @@ int net_conf_addshare(int argc, const char **argv) goto done; } + if (libnet_conf_share_exists(sharename)) { + d_fprintf(stderr, "ERROR: share %s already exists.\n", + sharename); + goto done; + } + /* validate path */ if (path[0] != '/') { @@ -776,46 +634,59 @@ int net_conf_addshare(int argc, const char **argv) * create the share */ - werr = libnet_smbconf_reg_createkey_internal(NULL, argv[0], &newkey); + werr = libnet_conf_create_share(sharename); if (!W_ERROR_IS_OK(werr)) { + d_fprintf(stderr, "Error creating share %s: %s\n", + sharename, dos_errstr(werr)); goto done; } - /* add config params as values */ + /* + * fill the share with parameters + */ - werr = libnet_smbconf_reg_setvalue_internal(newkey, "path", path); - if (!W_ERROR_IS_OK(werr)) + werr = libnet_conf_set_parameter(sharename, "path", path); + if (!W_ERROR_IS_OK(werr)) { + d_fprintf(stderr, "Error setting parameter %s: %s\n", + "path", dos_errstr(werr)); goto done; + } if (comment != NULL) { - werr = libnet_smbconf_reg_setvalue_internal(newkey, "comment", - comment); - if (!W_ERROR_IS_OK(werr)) + werr = libnet_conf_set_parameter(sharename, "comment", comment); + if (!W_ERROR_IS_OK(werr)) { + d_fprintf(stderr, "Error setting parameter %s: %s\n", + "comment", dos_errstr(werr)); goto done; + } } - werr = libnet_smbconf_reg_setvalue_internal(newkey, "guest ok", - guest_ok); - if (!W_ERROR_IS_OK(werr)) + werr = libnet_conf_set_parameter(sharename, "guest ok", guest_ok); + if (!W_ERROR_IS_OK(werr)) { + d_fprintf(stderr, "Error setting parameter %s: %s\n", + "'guest ok'", dos_errstr(werr)); goto done; + } - werr = libnet_smbconf_reg_setvalue_internal(newkey, "writeable", - writeable); - if (!W_ERROR_IS_OK(werr)) + werr = libnet_conf_set_parameter(sharename, "writeable", writeable); + if (!W_ERROR_IS_OK(werr)) { + d_fprintf(stderr, "Error setting parameter %s: %s\n", + "writeable", dos_errstr(werr)); goto done; + } ret = 0; done: - TALLOC_FREE(newkey); SAFE_FREE(sharename); return ret; } -int net_conf_delshare(int argc, const char **argv) +static int net_conf_delshare(int argc, const char **argv) { int ret = -1; const char *sharename = NULL; + WERROR werr = WERR_OK; if (argc != 1) { net_conf_delshare_usage(argc, argv); @@ -823,9 +694,14 @@ int net_conf_delshare(int argc, const char **argv) } sharename = argv[0]; - if (W_ERROR_IS_OK(reg_delkey_internal(NULL, sharename))) { - ret = 0; + werr = libnet_conf_delete_share(sharename); + if (!W_ERROR_IS_OK(werr)) { + d_fprintf(stderr, "Error deleting share %s: %s\n", + sharename, dos_errstr(werr)); + goto done; } + + ret = 0; done: return ret; } @@ -837,9 +713,6 @@ static int net_conf_setparm(int argc, const char **argv) char *service = NULL; char *param = NULL; const char *value_str = NULL; - TALLOC_CTX *ctx; - - ctx = talloc_init("setparm"); if (argc != 3) { net_conf_setparm_usage(argc, argv); @@ -849,7 +722,16 @@ static int net_conf_setparm(int argc, const char **argv) param = strdup_lower(argv[1]); value_str = argv[2]; - werr = libnet_smbconf_setparm(ctx, service, param, value_str); + if (!libnet_conf_share_exists(service)) { + werr = libnet_conf_create_share(service); + if (!W_ERROR_IS_OK(werr)) { + d_fprintf(stderr, "Error creating share '%s': %s\n", + service, dos_errstr(werr)); + goto done; + } + } + + werr = libnet_conf_set_parameter(service, param, value_str); if (!W_ERROR_IS_OK(werr)) { d_fprintf(stderr, "Error setting value '%s': %s\n", @@ -861,7 +743,7 @@ static int net_conf_setparm(int argc, const char **argv) done: SAFE_FREE(service); - TALLOC_FREE(ctx); + SAFE_FREE(param); return ret; } @@ -869,10 +751,9 @@ static int net_conf_getparm(int argc, const char **argv) { int ret = -1; WERROR werr = WERR_OK; - struct registry_key *key = NULL; char *service = NULL; char *param = NULL; - struct registry_value *value = NULL; + char *valstr = NULL; TALLOC_CTX *ctx; ctx = talloc_init("getparm"); @@ -884,26 +765,25 @@ static int net_conf_getparm(int argc, const char **argv) service = strdup_lower(argv[0]); param = strdup_lower(argv[1]); - if (!libnet_smbconf_key_exists(ctx, service)) { + werr = libnet_conf_get_parameter(ctx, service, param, &valstr); + + if (W_ERROR_EQUAL(werr, WERR_NO_SUCH_SERVICE)) { d_fprintf(stderr, - "ERROR: given service '%s' does not exist.\n", + "Error: given service '%s' does not exist.\n", service); goto done; - } - - werr = libnet_smbconf_open_path(ctx, service, REG_KEY_READ, &key); - if (!W_ERROR_IS_OK(werr)) { + } else if (W_ERROR_EQUAL(werr, WERR_INVALID_PARAM)) { + d_fprintf(stderr, + "Error: given parameter '%s' is not set.\n", + param); goto done; - } - - werr = reg_queryvalue(ctx, key, param, &value); - if (!W_ERROR_IS_OK(werr)) { - d_fprintf(stderr, "Error querying value '%s': %s.\n", + } else if (!W_ERROR_IS_OK(werr)) { + d_fprintf(stderr, "Error getting value '%s': %s.\n", param, dos_errstr(werr)); goto done; } - d_printf("%s\n", format_value(ctx, value)); + d_printf("%s\n", valstr); ret = 0; done: @@ -919,9 +799,6 @@ static int net_conf_delparm(int argc, const char **argv) WERROR werr = WERR_OK; char *service = NULL; char *param = NULL; - TALLOC_CTX *ctx; - - ctx = talloc_init("delparm"); if (argc != 2) { net_conf_delparm_usage(argc, argv); @@ -930,7 +807,7 @@ static int net_conf_delparm(int argc, const char **argv) service = strdup_lower(argv[0]); param = strdup_lower(argv[1]); - werr = libnet_smbconf_delparm(ctx, service, param); + werr = libnet_conf_delete_parameter(service, param); if (W_ERROR_EQUAL(werr, WERR_NO_SUCH_SERVICE)) { d_fprintf(stderr, @@ -951,6 +828,8 @@ static int net_conf_delparm(int argc, const char **argv) ret = 0; done: + SAFE_FREE(service); + SAFE_FREE(param); return ret; } @@ -967,15 +846,15 @@ int net_conf(int argc, const char **argv) {"import", net_conf_import, "Import configuration from file in smb.conf format."}, {"listshares", net_conf_listshares, - "List the registry shares."}, + "List the share names."}, {"drop", net_conf_drop, - "Delete the complete configuration from registry."}, + "Delete the complete configuration."}, {"showshare", net_conf_showshare, - "Show the definition of a registry share."}, + "Show the definition of a share."}, {"addshare", net_conf_addshare, - "Create a new registry share."}, + "Create a new share."}, {"delshare", net_conf_delshare, - "Delete a registry share."}, + "Delete a share."}, {"setparm", net_conf_setparm, "Store a parameter."}, {"getparm", net_conf_getparm, @@ -985,16 +864,8 @@ int net_conf(int argc, const char **argv) {NULL, NULL, NULL} }; - if (!registry_init_regdb()) { - d_fprintf(stderr, "Error initializing the registry!\n"); - goto done; - } - ret = net_run_function2(argc, argv, "net conf", func); - regdb_close(); - -done: return ret; } diff --git a/source3/utils/net_help.c b/source3/utils/net_help.c index 2cb601f917..908be0512a 100644 --- a/source3/utils/net_help.c +++ b/source3/utils/net_help.c @@ -48,6 +48,7 @@ int net_common_flags_usage(int argc, const char **argv) d_printf("\t-l or --long\t\t\tDisplay full information\n"); d_printf("\t-V or --version\t\t\tPrint samba version information\n"); d_printf("\t-P or --machine-pass\t\tAuthenticate as machine account\n"); + d_printf("\t-e or --encrypt\t\tEncrypt SMB transport (UNIX extended servers only)\n"); return -1; } diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index ab0cc73e49..155cda64df 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -682,10 +682,10 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid, } done: if (!NT_STATUS_IS_OK(result)) { - d_fprintf(stderr, "Failed to add user %s - %s\n", acct_name, - nt_errstr(result)); + d_fprintf(stderr, "Failed to add user '%s' with %s.\n", + acct_name, nt_errstr(result)); } else { - d_printf("Added user %s\n", acct_name); + d_printf("Added user '%s'.\n", acct_name); } return result; } @@ -732,12 +732,16 @@ static NTSTATUS rpc_user_del_internals(const DOM_SID *domain_sid, { NTSTATUS result = NT_STATUS_UNSUCCESSFUL; POLICY_HND connect_pol, domain_pol, user_pol; + const char *acct_name; if (argc < 1) { d_printf("User must be specified\n"); rpc_user_usage(argc, argv); return NT_STATUS_OK; } + + acct_name = argv[0]; + /* Get sam policy and domain handles */ result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, @@ -762,7 +766,7 @@ static NTSTATUS rpc_user_del_internals(const DOM_SID *domain_sid, uint32 flags = 0x000003e8; /* Unknown */ result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol, - flags, 1, &argv[0], + flags, 1, &acct_name, &num_rids, &user_rids, &name_types); @@ -787,14 +791,14 @@ static NTSTATUS rpc_user_del_internals(const DOM_SID *domain_sid, goto done; } - /* Display results */ + done: if (!NT_STATUS_IS_OK(result)) { - d_fprintf(stderr, "Failed to delete user account - %s\n", nt_errstr(result)); - } else { - d_printf("Deleted user account\n"); - } + d_fprintf(stderr, "Failed to delete user '%s' with %s.\n", + acct_name, nt_errstr(result)); + } else { + d_printf("Deleted user '%s'.\n", acct_name); + } - done: return result; } diff --git a/source3/utils/net_sam.c b/source3/utils/net_sam.c index bd1f6cd686..52f8f911e1 100644 --- a/source3/utils/net_sam.c +++ b/source3/utils/net_sam.c @@ -1135,7 +1135,7 @@ static int net_sam_do_list(int argc, const char **argv, } } - search->search_end(search); + pdb_search_destroy(search); return 0; } diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 6884783396..e1d6709073 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -61,69 +61,85 @@ static int export_database (struct pdb_methods *in, struct pdb_methods *out, const char *username) { - struct samu *user = NULL; NTSTATUS status; + struct pdb_search *u_search; + struct samr_displayentry userentry; DEBUG(3, ("export_database: username=\"%s\"\n", username ? username : "(NULL)")); - status = in->setsampwent(in, 0, 0); - if ( NT_STATUS_IS_ERR(status) ) { - fprintf(stderr, "Unable to set account database iterator for %s!\n", - in->name); + u_search = pdb_search_init(PDB_USER_SEARCH); + if (u_search == NULL) { + DEBUG(0, ("pdb_search_init failed\n")); return 1; } - if ( ( user = samu_new( NULL ) ) == NULL ) { - fprintf(stderr, "export_database: Memory allocation failure!\n"); + if (!in->search_users(in, u_search, 0)) { + DEBUG(0, ("Could not start searching users\n")); + pdb_search_destroy(u_search); return 1; } - while ( NT_STATUS_IS_OK(in->getsampwent(in, user)) ) - { - DEBUG(4, ("Processing account %s\n", user->username)); + while (u_search->next_entry(u_search, &userentry)) { + struct samu *user; + struct samu *account; + DOM_SID user_sid; - /* If we don't have a specific user or if we do and - the login name matches */ + DEBUG(4, ("Processing account %s\n", userentry.account_name)); - if ( !username || (strcmp(username, user->username) == 0)) { - struct samu *account; + if ((username != NULL) + && (strcmp(username, userentry.account_name) != 0)) { + /* + * ignore unwanted users + */ + continue; + } - if ( (account = samu_new( NULL )) == NULL ) { - fprintf(stderr, "export_database: Memory allocation failure!\n"); - TALLOC_FREE( user ); - in->endsampwent( in ); - return 1; - } + user = samu_new(talloc_tos()); + if (user == NULL) { + DEBUG(0, ("talloc failed\n")); + break; + } - printf("Importing account for %s...", user->username); - if ( !NT_STATUS_IS_OK(out->getsampwnam( out, account, user->username )) ) { - status = out->add_sam_account(out, user); - } else { - status = out->update_sam_account( out, user ); - } + sid_compose(&user_sid, get_global_sam_sid(), userentry.rid); - if ( NT_STATUS_IS_OK(status) ) { - printf( "ok\n"); - } else { - printf( "failed\n"); - } + status = in->getsampwsid(in, user, &user_sid); - TALLOC_FREE( account ); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(2, ("getsampwsid failed: %s\n", + nt_errstr(status))); + TALLOC_FREE(user); + continue; } - /* clean up and get ready for another run */ + account = samu_new(NULL); + if (account == NULL) { + fprintf(stderr, "export_database: Memory allocation " + "failure!\n"); + TALLOC_FREE( user ); + pdb_search_destroy(u_search); + return 1; + } - TALLOC_FREE( user ); + printf("Importing account for %s...", user->username); + status = out->getsampwnam(out, account, user->username); - if ( ( user = samu_new( NULL ) ) == NULL ) { - fprintf(stderr, "export_database: Memory allocation failure!\n"); - return 1; + if (NT_STATUS_IS_OK(status)) { + status = out->update_sam_account( out, user ); + } else { + status = out->add_sam_account(out, user); + } + + if ( NT_STATUS_IS_OK(status) ) { + printf( "ok\n"); + } else { + printf( "failed\n"); } - } - TALLOC_FREE( user ); + TALLOC_FREE( account ); + TALLOC_FREE( user ); + } - in->endsampwent(in); + pdb_search_destroy(u_search); return 0; } @@ -326,33 +342,50 @@ static int print_user_info (struct pdb_methods *in, const char *username, bool v **********************************************************/ static int print_users_list (struct pdb_methods *in, bool verbosity, bool smbpwdstyle) { - struct samu *sam_pwent=NULL; - bool check; - - check = NT_STATUS_IS_OK(in->setsampwent(in, False, 0)); - if (!check) { + struct pdb_search *u_search; + struct samr_displayentry userentry; + + u_search = pdb_search_init(PDB_USER_SEARCH); + if (u_search == NULL) { + DEBUG(0, ("pdb_search_init failed\n")); return 1; } - check = True; - if ( (sam_pwent = samu_new( NULL )) == NULL ) { + if (!in->search_users(in, u_search, 0)) { + DEBUG(0, ("Could not start searching users\n")); + pdb_search_destroy(u_search); return 1; } - while (check && NT_STATUS_IS_OK(in->getsampwent (in, sam_pwent))) { + while (u_search->next_entry(u_search, &userentry)) { + struct samu *sam_pwent; + DOM_SID user_sid; + NTSTATUS status; + + sam_pwent = samu_new(talloc_tos()); + if (sam_pwent == NULL) { + DEBUG(0, ("talloc failed\n")); + break; + } + + sid_compose(&user_sid, get_global_sam_sid(), userentry.rid); + + status = in->getsampwsid(in, sam_pwent, &user_sid); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(2, ("getsampwsid failed: %s\n", + nt_errstr(status))); + TALLOC_FREE(sam_pwent); + continue; + } + if (verbosity) printf ("---------------\n"); print_sam_info (sam_pwent, verbosity, smbpwdstyle); TALLOC_FREE(sam_pwent); - - if ( (sam_pwent = samu_new( NULL )) == NULL ) { - check = False; - } } - if (check) - TALLOC_FREE(sam_pwent); - - in->endsampwent(in); + pdb_search_destroy(u_search); + return 0; } @@ -361,38 +394,50 @@ static int print_users_list (struct pdb_methods *in, bool verbosity, bool smbpwd **********************************************************/ static int fix_users_list (struct pdb_methods *in) { - struct samu *sam_pwent=NULL; - bool check; - - check = NT_STATUS_IS_OK(in->setsampwent(in, False, 0)); - if (!check) { + struct pdb_search *u_search; + struct samr_displayentry userentry; + + u_search = pdb_search_init(PDB_USER_SEARCH); + if (u_search == NULL) { + DEBUG(0, ("pdb_search_init failed\n")); return 1; } - check = True; - if ( (sam_pwent = samu_new( NULL )) == NULL ) { + if (!in->search_users(in, u_search, 0)) { + DEBUG(0, ("Could not start searching users\n")); + pdb_search_destroy(u_search); return 1; } - while (check && NT_STATUS_IS_OK(in->getsampwent (in, sam_pwent))) { - printf("Updating record for user %s\n", pdb_get_username(sam_pwent)); - - if (!NT_STATUS_IS_OK(pdb_update_sam_account(sam_pwent))) { - printf("Update of user %s failed!\n", pdb_get_username(sam_pwent)); + while (u_search->next_entry(u_search, &userentry)) { + struct samu *sam_pwent; + DOM_SID user_sid; + NTSTATUS status; + + sam_pwent = samu_new(talloc_tos()); + if (sam_pwent == NULL) { + DEBUG(0, ("talloc failed\n")); + break; } - TALLOC_FREE(sam_pwent); - if ( (sam_pwent = samu_new( NULL )) == NULL ) { - check = False; + + sid_compose(&user_sid, get_global_sam_sid(), userentry.rid); + + status = in->getsampwsid(in, sam_pwent, &user_sid); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(2, ("getsampwsid failed: %s\n", + nt_errstr(status))); + TALLOC_FREE(sam_pwent); + continue; } - if (!check) { - fprintf(stderr, "Failed to initialise new struct samu structure (out of memory?)\n"); + + if (!NT_STATUS_IS_OK(pdb_update_sam_account(sam_pwent))) { + printf("Update of user %s failed!\n", + pdb_get_username(sam_pwent)); } - - } - if (check) TALLOC_FREE(sam_pwent); - - in->endsampwent(in); + } + pdb_search_destroy(u_search); return 0; } diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index 958f8e255e..134f561760 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -822,7 +822,7 @@ static int cacl_set(struct cli_state *cli, char *filename, *******************************************************/ static struct cli_state *connect_one(const char *server, const char *share) { - struct cli_state *c; + struct cli_state *c = NULL; struct sockaddr_storage ss; NTSTATUS nt_status; zero_addr(&ss); @@ -834,20 +834,33 @@ static struct cli_state *connect_one(const char *server, const char *share) } } - if (NT_STATUS_IS_OK(nt_status = cli_full_connection(&c, global_myname(), server, - &ss, 0, - share, "?????", - get_cmdline_auth_info_username(), - lp_workgroup(), - get_cmdline_auth_info_password(), - 0, - get_cmdline_auth_info_signing_state(), - NULL))) { - return c; - } else { + nt_status = cli_full_connection(&c, global_myname(), server, + &ss, 0, + share, "?????", + get_cmdline_auth_info_username(), + lp_workgroup(), + get_cmdline_auth_info_password(), + get_cmdline_auth_info_use_kerberos() ? CLI_FULL_CONNECTION_USE_KERBEROS : 0, + get_cmdline_auth_info_signing_state(), + NULL); + if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0,("cli_full_connection failed! (%s)\n", nt_errstr(nt_status))); return NULL; } + + if (get_cmdline_auth_info_smb_encrypt()) { + nt_status = cli_cm_force_encryption(c, + get_cmdline_auth_info_username(), + get_cmdline_auth_info_password(), + lp_workgroup(), + share); + if (!NT_STATUS_IS_OK(nt_status)) { + cli_shutdown(c); + c = NULL; + } + } + + return c; } /**************************************************************************** diff --git a/source3/utils/smbcquotas.c b/source3/utils/smbcquotas.c index e6aa5e86cf..508a2dc8ca 100644 --- a/source3/utils/smbcquotas.c +++ b/source3/utils/smbcquotas.c @@ -380,20 +380,33 @@ static struct cli_state *connect_one(const char *share) } } - if (NT_STATUS_IS_OK(nt_status = cli_full_connection(&c, global_myname(), server, - &ss, 0, - share, "?????", - get_cmdline_auth_info_username(), - lp_workgroup(), - get_cmdline_auth_info_password(), - 0, - get_cmdline_auth_info_signing_state(), - NULL))) { - return c; - } else { + nt_status = cli_full_connection(&c, global_myname(), server, + &ss, 0, + share, "?????", + get_cmdline_auth_info_username(), + lp_workgroup(), + get_cmdline_auth_info_password(), + 0, + get_cmdline_auth_info_signing_state(), + NULL); + if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0,("cli_full_connection failed! (%s)\n", nt_errstr(nt_status))); return NULL; } + + if (get_cmdline_auth_info_smb_encrypt()) { + nt_status = cli_cm_force_encryption(c, + get_cmdline_auth_info_username(), + get_cmdline_auth_info_password(), + lp_workgroup(), + share); + if (!NT_STATUS_IS_OK(nt_status)) { + cli_shutdown(c); + return NULL; + } + } + + return c; } /**************************************************************************** diff --git a/source3/utils/smbfilter.c b/source3/utils/smbfilter.c index 912d575c60..8db969722a 100644 --- a/source3/utils/smbfilter.c +++ b/source3/utils/smbfilter.c @@ -114,6 +114,30 @@ static void filter_request(char *buf) } +/**************************************************************************** + Send an smb to a fd. +****************************************************************************/ + +static bool send_smb(int fd, char *buffer) +{ + size_t len; + size_t nwritten=0; + ssize_t ret; + + len = smb_len(buffer) + 4; + + while (nwritten < len) { + ret = write_data(fd,buffer+nwritten,len - nwritten); + if (ret <= 0) { + DEBUG(0,("Error writing %d bytes to client. %d. (%s)\n", + (int)len,(int)ret, strerror(errno) )); + return false; + } + nwritten += ret; + } + + return true; +} static void filter_child(int c, struct sockaddr_storage *dest_ss) { @@ -145,7 +169,7 @@ static void filter_child(int c, struct sockaddr_storage *dest_ss) if (num <= 0) continue; if (c != -1 && FD_ISSET(c, &fds)) { - if (!receive_smb(c, packet, 0, NULL)) { + if (!receive_smb_raw(c, packet, 0, 0, NULL)) { d_printf("client closed connection\n"); exit(0); } @@ -156,7 +180,7 @@ static void filter_child(int c, struct sockaddr_storage *dest_ss) } } if (s != -1 && FD_ISSET(s, &fds)) { - if (!receive_smb(s, packet, 0, NULL)) { + if (!receive_smb_raw(s, packet, 0, 0, NULL)) { d_printf("server closed connection\n"); exit(0); } diff --git a/source3/utils/smbget.c b/source3/utils/smbget.c index ac662e6ace..63b7f48626 100644 --- a/source3/utils/smbget.c +++ b/source3/utils/smbget.c @@ -521,9 +521,11 @@ int main(int argc, const char **argv) int c = 0; const char *file = NULL; char *rcfile = NULL; + bool smb_encrypt = false; TALLOC_CTX *frame = talloc_stackframe(); struct poptOption long_options[] = { {"guest", 'a', POPT_ARG_NONE, NULL, 'a', "Work as user guest" }, + {"encrypt", 'e', POPT_ARG_NONE, NULL, 'e', "Encrypt SMB transport (UNIX extended servers only)" }, {"resume", 'r', POPT_ARG_NONE, &_resume, 0, "Automatically resume aborted files" }, {"recursive", 'R', POPT_ARG_NONE, &_recursive, 0, "Recursively download files" }, {"username", 'u', POPT_ARG_STRING, &username, 'u', "Username to use" }, @@ -568,6 +570,9 @@ int main(int argc, const char **argv) case 'a': username = ""; password = ""; break; + case 'e': + smb_encrypt = true; + break; } } @@ -586,6 +591,13 @@ int main(int argc, const char **argv) return 1; } + if (smb_encrypt) { + SMBCCTX *smb_ctx = smbc_set_context(NULL); + smbc_option_set(smb_ctx, + CONST_DISCARD(char *, "smb_encrypt_level"), + "require"); + } + columns = get_num_cols(); total_start_time = time(NULL); |