diff options
| author | Gerald Carter <jerry@samba.org> | 2005-09-30 17:13:37 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:04:48 -0500 |
| commit | 54abd2aa66069e6baf7769c496f46d9dba18db39 (patch) | |
| tree | 9cf8e88168011797319ba9e9866749201b1eac1e /source3/utils | |
| parent | 4a2cc231d22a82ed21771a72508f15d21ed63227 (diff) | |
| download | samba-54abd2aa66069e6baf7769c496f46d9dba18db39.tar.gz samba-54abd2aa66069e6baf7769c496f46d9dba18db39.tar.bz2 samba-54abd2aa66069e6baf7769c496f46d9dba18db39.zip | |
r10656: BIG merge from trunk. Features not copied over
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
(This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
Diffstat (limited to 'source3/utils')
| -rw-r--r-- | source3/utils/log2pcaphex.c | 6 | ||||
| -rw-r--r-- | source3/utils/net.c | 17 | ||||
| -rw-r--r-- | source3/utils/net.h | 13 | ||||
| -rw-r--r-- | source3/utils/net_ads.c | 9 | ||||
| -rw-r--r-- | source3/utils/net_rpc.c | 1089 | ||||
| -rw-r--r-- | source3/utils/net_rpc_join.c | 130 | ||||
| -rw-r--r-- | source3/utils/net_rpc_printer.c | 538 | ||||
| -rw-r--r-- | source3/utils/net_rpc_registry.c | 45 | ||||
| -rw-r--r-- | source3/utils/net_rpc_rights.c | 147 | ||||
| -rw-r--r-- | source3/utils/net_rpc_samsync.c | 183 | ||||
| -rw-r--r-- | source3/utils/net_rpc_service.c | 156 | ||||
| -rw-r--r-- | source3/utils/net_status.c | 15 | ||||
| -rw-r--r-- | source3/utils/ntlm_auth.c | 31 | ||||
| -rw-r--r-- | source3/utils/pdbedit.c | 46 | ||||
| -rw-r--r-- | source3/utils/smbcacls.c | 11 | ||||
| -rw-r--r-- | source3/utils/smbcontrol.c | 126 | ||||
| -rw-r--r-- | source3/utils/smbcquotas.c | 13 | ||||
| -rw-r--r-- | source3/utils/status.c | 18 | ||||
| -rw-r--r-- | source3/utils/testparm.c | 2 |
19 files changed, 1452 insertions, 1143 deletions
diff --git a/source3/utils/log2pcaphex.c b/source3/utils/log2pcaphex.c index d07dc2a211..24412cbe85 100644 --- a/source3/utils/log2pcaphex.c +++ b/source3/utils/log2pcaphex.c @@ -200,7 +200,7 @@ void read_log_msg(FILE *in, unsigned char **_buffer, long *buffersize, long *dat long read_log_data(FILE *in, unsigned char *buffer, long data_length) { long i, addr; char real[2][16]; int ret; - unsigned char tmp; + unsigned int tmp; for(i = 0; i < data_length; i++) { if(i % 16 == 0){ if(i != 0) { /* Read data after each line */ @@ -213,7 +213,7 @@ long read_log_data(FILE *in, unsigned char *buffer, long data_length) } assert(addr == i); } - if(!fscanf(in, "%02lX", &tmp)) { + if(!fscanf(in, "%02X", &tmp)) { if(!quiet)fprintf(stderr, "Only first %ld bytes are logged, packet trace will be incomplete\nTry a higher log level\n", i-1); return i-1; } @@ -230,7 +230,7 @@ int main (int argc, char **argv) poptContext pc; char buffer[4096]; long data_offset, data_length; - long data_bytes_read; + long data_bytes_read = 0; int in_packet = 0; struct poptOption long_options[] = { POPT_AUTOHELP diff --git a/source3/utils/net.c b/source3/utils/net.c index e9332f58f7..4d9dec4b85 100644 --- a/source3/utils/net.c +++ b/source3/utils/net.c @@ -219,36 +219,39 @@ NTSTATUS connect_to_ipc_anonymous(struct cli_state **c, * * @return Normal NTSTATUS return. **/ -NTSTATUS connect_dst_pipe(struct cli_state **cli_dst, int pipe_num, BOOL *got_pipe) +NTSTATUS connect_dst_pipe(struct cli_state **cli_dst, struct rpc_pipe_client **pp_pipe_hnd, int pipe_num) { NTSTATUS nt_status; char *server_name = SMB_STRDUP("127.0.0.1"); struct cli_state *cli_tmp = NULL; + struct rpc_pipe_client *pipe_hnd = NULL; if (opt_destination) server_name = SMB_STRDUP(opt_destination); /* make a connection to a named pipe */ nt_status = connect_to_ipc(&cli_tmp, NULL, server_name); - if (!NT_STATUS_IS_OK(nt_status)) + if (!NT_STATUS_IS_OK(nt_status)) { return nt_status; + } - if (!cli_nt_session_open(cli_tmp, pipe_num)) { + pipe_hnd = cli_rpc_pipe_open_noauth(cli_tmp, pipe_num, &nt_status); + if (!pipe_hnd) { DEBUG(0, ("couldn't not initialize pipe\n")); cli_shutdown(cli_tmp); - return NT_STATUS_UNSUCCESSFUL; + return nt_status; } *cli_dst = cli_tmp; - *got_pipe = True; + *pp_pipe_hnd = pipe_hnd; return nt_status; } - /**************************************************************************** - Use the local machine's password for this session + Use the local machine's password for this session. ****************************************************************************/ + int net_use_machine_password(void) { char *user_name = NULL; diff --git a/source3/utils/net.h b/source3/utils/net.h index a2df6596b4..2df13cfb8f 100644 --- a/source3/utils/net.h +++ b/source3/utils/net.h @@ -23,16 +23,21 @@ * include */ -typedef NTSTATUS (*rpc_command_fn)(const DOM_SID *, const char *, - struct cli_state *, TALLOC_CTX *, int, const char **); - +typedef NTSTATUS (*rpc_command_fn)(const DOM_SID *, + const char *, + struct cli_state *cli, + struct rpc_pipe_client *, + TALLOC_CTX *, + int, + const char **); + typedef struct copy_clistate { TALLOC_CTX *mem_ctx; struct cli_state *cli_share_src; struct cli_state *cli_share_dst; char *cwd; uint16 attribute; -}copy_clistate; +}copy_clistate; /* INCLUDE FILES */ diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index 6a58fa9fac..49a7f1cc2d 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -969,7 +969,8 @@ static int net_ads_printer_info(int argc, const char **argv) return 0; } -void do_drv_upgrade_printer(int msg_type, pid_t src, void *buf, size_t len) +void do_drv_upgrade_printer(int msg_type, struct process_id src, + void *buf, size_t len) { return; } @@ -980,6 +981,7 @@ static int net_ads_printer_publish(int argc, const char **argv) ADS_STATUS rc; const char *servername, *printername; struct cli_state *cli; + struct rpc_pipe_client *pipe_hnd; struct in_addr server_ip; NTSTATUS nt_status; TALLOC_CTX *mem_ctx = talloc_init("net_ads_printer_publish"); @@ -1038,8 +1040,9 @@ static int net_ads_printer_publish(int argc, const char **argv) asprintf(&prt_dn, "cn=%s-%s,%s", srv_cn[0], printername, srv_dn); - cli_nt_session_open(cli, PI_SPOOLSS); - get_remote_printer_publishing_data(cli, mem_ctx, &mods, printername); + pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_SPOOLSS, &nt_status); + get_remote_printer_publishing_data(pipe_hnd, mem_ctx, &mods, + printername); rc = ads_add_printer_entry(ads, prt_dn, mem_ctx, &mods); if (!ADS_ERR_OK(rc)) { diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index e80e8e6f5c..f1522ef158 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -4,6 +4,7 @@ Copyright (C) 2001 Andrew Bartlett (abartlet@samba.org) Copyright (C) 2002 Jim McDonough (jmcd@us.ibm.com) Copyright (C) 2004 Guenther Deschner (gd@samba.org) + Copyright (C) 2005 Jeremy Allison (jra@samba.org) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -50,24 +51,26 @@ static int net_mode_share; static DOM_SID *net_get_remote_domain_sid(struct cli_state *cli, TALLOC_CTX *mem_ctx, char **domain_name) { + struct rpc_pipe_client *lsa_pipe; DOM_SID *domain_sid; POLICY_HND pol; NTSTATUS result = NT_STATUS_OK; uint32 info_class = 5; - if (!cli_nt_session_open (cli, PI_LSARPC)) { + lsa_pipe = cli_rpc_pipe_open_noauth(cli, PI_LSARPC, &result); + if (!lsa_pipe) { fprintf(stderr, "could not initialise lsa pipe\n"); goto error; } - result = cli_lsa_open_policy(cli, mem_ctx, False, + result = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, False, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) { goto error; } - result = cli_lsa_query_info_policy(cli, mem_ctx, &pol, info_class, + result = rpccli_lsa_query_info_policy(lsa_pipe, mem_ctx, &pol, info_class, domain_name, &domain_sid); if (!NT_STATUS_IS_OK(result)) { error: @@ -80,8 +83,10 @@ static DOM_SID *net_get_remote_domain_sid(struct cli_state *cli, TALLOC_CTX *mem exit(1); } - cli_lsa_close(cli, mem_ctx, &pol); - cli_nt_session_close(cli); + if (lsa_pipe) { + rpccli_lsa_close(lsa_pipe, mem_ctx, &pol); + cli_rpc_pipe_close(lsa_pipe); + } return domain_sid; } @@ -98,21 +103,26 @@ static DOM_SID *net_get_remote_domain_sid(struct cli_state *cli, TALLOC_CTX *mem * @return A shell status integer (0 for success) */ -int run_rpc_command(struct cli_state *cli_arg, const int pipe_idx, int conn_flags, - rpc_command_fn fn, - int argc, const char **argv) +int run_rpc_command(struct cli_state *cli_arg, + const int pipe_idx, + int conn_flags, + rpc_command_fn fn, + int argc, + const char **argv) { struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_hnd = NULL; TALLOC_CTX *mem_ctx; NTSTATUS nt_status; DOM_SID *domain_sid; char *domain_name; /* make use of cli_state handed over as an argument, if possible */ - if (!cli_arg) + if (!cli_arg) { cli = net_make_ipc_connection(conn_flags); - else + } else { cli = cli_arg; + } if (!cli) { return -1; @@ -129,14 +139,31 @@ int run_rpc_command(struct cli_state *cli_arg, const int pipe_idx, int conn_flag domain_sid = net_get_remote_domain_sid(cli, mem_ctx, &domain_name); if (!(conn_flags & NET_FLAGS_NO_PIPE)) { - if (!cli_nt_session_open(cli, pipe_idx)) { - DEBUG(0, ("Could not initialise pipe\n")); - cli_shutdown(cli); - return -1; + if (lp_client_schannel() && (pipe_idx == PI_NETLOGON)) { + /* Always try and create an schannel netlogon pipe. */ + pipe_hnd = cli_rpc_pipe_open_schannel(cli, pipe_idx, + PIPE_AUTH_LEVEL_PRIVACY, + domain_name, + &nt_status); + if (!pipe_hnd) { + DEBUG(0, ("Could not initialise schannel netlogon pipe. Error was %s\n", + nt_errstr(nt_status) )); + cli_shutdown(cli); + return -1; + } + } else { + pipe_hnd = cli_rpc_pipe_open_noauth(cli, pipe_idx, &nt_status); + if (!pipe_hnd) { + DEBUG(0, ("Could not initialise pipe %s. Error was %s\n", + cli_get_pipe_name(pipe_idx), + nt_errstr(nt_status) )); + cli_shutdown(cli); + return -1; + } } } - nt_status = fn(domain_sid, domain_name, cli, mem_ctx, argc, argv); + nt_status = fn(domain_sid, domain_name, cli, pipe_hnd, mem_ctx, argc, argv); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(1, ("rpc command function failed! (%s)\n", nt_errstr(nt_status))); @@ -145,23 +172,20 @@ int run_rpc_command(struct cli_state *cli_arg, const int pipe_idx, int conn_flag } if (!(conn_flags & NET_FLAGS_NO_PIPE)) { - if (cli->pipes[cli->pipe_idx].fnum) - cli_nt_session_close(cli); + if (pipe_hnd) { + cli_rpc_pipe_close(pipe_hnd); + } } /* close the connection only if it was opened here */ - if (!cli_arg) + if (!cli_arg) { cli_shutdown(cli); + } talloc_destroy(mem_ctx); - return (!NT_STATUS_IS_OK(nt_status)); } - -/****************************************************************************/ - - /** * Force a change of the trust acccount password. * @@ -178,11 +202,16 @@ int run_rpc_command(struct cli_state *cli_arg, const int pipe_idx, int conn_flag * @return Normal NTSTATUS return. **/ -static NTSTATUS rpc_changetrustpw_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) { +static NTSTATUS rpc_changetrustpw_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) +{ - return trust_pw_find_change_and_store_it(cli, mem_ctx, opt_target_workgroup); + return trust_pw_find_change_and_store_it(pipe_hnd, mem_ctx, opt_target_workgroup); } /** @@ -202,10 +231,6 @@ int net_rpc_changetrustpw(int argc, const char **argv) argc, argv); } - -/****************************************************************************/ - - /** * Join a domain, the old way. * @@ -226,16 +251,29 @@ int net_rpc_changetrustpw(int argc, const char **argv) * @return Normal NTSTATUS return. **/ -static NTSTATUS rpc_oldjoin_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, - int argc, const char **argv) { +static NTSTATUS rpc_oldjoin_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) +{ fstring trust_passwd; unsigned char orig_trust_passwd_hash[16]; NTSTATUS result; uint32 sec_channel_type; + pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_NETLOGON, &result); + if (!pipe_hnd) { + DEBUG(0,("rpc_oldjoin_internals: netlogon pipe open to machine %s failed. " + "error was %s\n", + cli->desthost, + nt_errstr(result) )); + return result; + } + /* check what type of join - if the user want's to join as a BDC, the server must agree that we are a BDC. @@ -258,7 +296,7 @@ static NTSTATUS rpc_oldjoin_internals(const DOM_SID *domain_sid, const char *dom E_md4hash(trust_passwd, orig_trust_passwd_hash); - result = trust_pw_change_and_store_it(cli, mem_ctx, opt_target_workgroup, + result = trust_pw_change_and_store_it(pipe_hnd, mem_ctx, opt_target_workgroup, orig_trust_passwd_hash, sec_channel_type); @@ -287,7 +325,7 @@ static NTSTATUS rpc_oldjoin_internals(const DOM_SID *domain_sid, const char *dom static int net_rpc_perform_oldjoin(int argc, const char **argv) { return run_rpc_command(NULL, PI_NETLOGON, - NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, + NET_FLAGS_NO_PIPE | NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, rpc_oldjoin_internals, argc, argv); } @@ -356,8 +394,6 @@ int net_rpc_join(int argc, const char **argv) return net_rpc_join_newstyle(argc, argv); } - - /** * display info about a rpc domain * @@ -374,10 +410,13 @@ int net_rpc_join(int argc, const char **argv) * @return Normal NTSTATUS return. **/ -static NTSTATUS -rpc_info_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) +static NTSTATUS rpc_info_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { POLICY_HND connect_pol, domain_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; @@ -387,14 +426,14 @@ rpc_info_internals(const DOM_SID *domain_sid, const char *domain_name, sid_to_string(sid_str, domain_sid); /* Get sam policy handle */ - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } /* Get domain policy handle */ - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) { @@ -402,7 +441,7 @@ rpc_info_internals(const DOM_SID *domain_sid, const char *domain_name, } ZERO_STRUCT(ctr); - result = cli_samr_query_dom_info(cli, mem_ctx, &domain_pol, + result = rpccli_samr_query_dom_info(pipe_hnd, mem_ctx, &domain_pol, 2, &ctr); if (NT_STATUS_IS_OK(result)) { TALLOC_CTX *ctx = talloc_init("rpc_info_internals"); @@ -419,13 +458,13 @@ rpc_info_internals(const DOM_SID *domain_sid, const char *domain_name, return result; } - /** * 'net rpc info' entrypoint. * @param argc Standard main() style argc * @param argc Standard main() style argv. Initial components are already * stripped **/ + int net_rpc_info(int argc, const char **argv) { return run_rpc_command(NULL, PI_SAMR, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, @@ -433,7 +472,6 @@ int net_rpc_info(int argc, const char **argv) argc, argv); } - /** * Fetch domain SID into the local secrets.tdb * @@ -450,10 +488,13 @@ int net_rpc_info(int argc, const char **argv) * @return Normal NTSTATUS return. **/ -static NTSTATUS -rpc_getsid_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) +static NTSTATUS rpc_getsid_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { fstring sid_str; @@ -469,13 +510,13 @@ rpc_getsid_internals(const DOM_SID *domain_sid, const char *domain_name, return NT_STATUS_OK; } - /** * 'net rpc getsid' entrypoint. * @param argc Standard main() style argc * @param argc Standard main() style argv. Initial components are already * stripped **/ + int net_rpc_getsid(int argc, const char **argv) { return run_rpc_command(NULL, PI_SAMR, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, @@ -483,7 +524,6 @@ int net_rpc_getsid(int argc, const char **argv) argc, argv); } - /****************************************************************************/ /** @@ -514,9 +554,13 @@ static int rpc_user_usage(int argc, const char **argv) * @return Normal NTSTATUS return. **/ -static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) { +static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, const char **argv) +{ POLICY_HND connect_pol, domain_pol, user_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; @@ -534,7 +578,7 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid, const char *do /* Get sam policy handle */ - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -542,7 +586,7 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid, const char *do /* Get domain policy handle */ - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) { @@ -554,7 +598,7 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid, const char *do acb_info = ACB_NORMAL; unknown = 0xe005000b; /* No idea what this is - a permission mask? */ - result = cli_samr_create_dom_user(cli, mem_ctx, &domain_pol, + result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol, acct_name, acb_info, unknown, &user_pol, &user_rid); if (!NT_STATUS_IS_OK(result)) { @@ -604,10 +648,12 @@ static int rpc_user_add(int argc, const char **argv) **/ static NTSTATUS rpc_user_del_internals(const DOM_SID *domain_sid, - const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, - int argc, const char **argv) + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { NTSTATUS result = NT_STATUS_UNSUCCESSFUL; POLICY_HND connect_pol, domain_pol, user_pol; @@ -619,14 +665,14 @@ static NTSTATUS rpc_user_del_internals(const DOM_SID *domain_sid, } /* Get sam policy and domain handles */ - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, domain_sid, &domain_pol); @@ -640,7 +686,7 @@ static NTSTATUS rpc_user_del_internals(const DOM_SID *domain_sid, uint32 *user_rids, num_rids, *name_types; uint32 flags = 0x000003e8; /* Unknown */ - result = cli_samr_lookup_names(cli, mem_ctx, &domain_pol, + result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol, flags, 1, &argv[0], &num_rids, &user_rids, &name_types); @@ -649,7 +695,7 @@ static NTSTATUS rpc_user_del_internals(const DOM_SID *domain_sid, goto done; } - result = cli_samr_open_user(cli, mem_ctx, &domain_pol, + result = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, user_rids[0], &user_pol); @@ -660,23 +706,22 @@ static NTSTATUS rpc_user_del_internals(const DOM_SID *domain_sid, /* Delete user */ - result = cli_samr_delete_dom_user(cli, mem_ctx, &user_pol); + result = rpccli_samr_delete_dom_user(pipe_hnd, mem_ctx, &user_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } /* Display results */ - if (!NT_STATUS_IS_OK(result)) { + if (!NT_STATUS_IS_OK(result)) { d_printf("Failed to delete user account - %s\n", nt_errstr(result)); - } else { - d_printf("Deleted user account\n"); - } + } else { + d_printf("Deleted user account\n"); + } done: return result; - -} +} /** * Rename a user on a remote RPC server @@ -694,10 +739,14 @@ static NTSTATUS rpc_user_del_internals(const DOM_SID *domain_sid, * @return Normal NTSTATUS return. **/ -static NTSTATUS rpc_user_rename_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) { - +static NTSTATUS rpc_user_rename_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) +{ POLICY_HND connect_pol, domain_pol, user_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; uint32 info_level = 7; @@ -725,7 +774,7 @@ static NTSTATUS rpc_user_rename_internals(const DOM_SID *domain_sid, const char /* Get sam policy handle */ - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -733,7 +782,7 @@ static NTSTATUS rpc_user_rename_internals(const DOM_SID *domain_sid, const char /* Get domain policy handle */ - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) { @@ -742,7 +791,7 @@ static NTSTATUS rpc_user_rename_internals(const DOM_SID *domain_sid, const char names = TALLOC_ARRAY(mem_ctx, const char *, num_names); names[0] = old_name; - result = cli_samr_lookup_names(cli, mem_ctx, &domain_pol, + result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol, flags, num_names, names, &num_rids, &user_rid, &name_types); if (!NT_STATUS_IS_OK(result)) { @@ -750,7 +799,7 @@ static NTSTATUS rpc_user_rename_internals(const DOM_SID *domain_sid, const char } /* Open domain user */ - result = cli_samr_open_user(cli, mem_ctx, &domain_pol, + result = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, user_rid[0], &user_pol); if (!NT_STATUS_IS_OK(result)) { @@ -758,7 +807,7 @@ static NTSTATUS rpc_user_rename_internals(const DOM_SID *domain_sid, const char } /* Query user info */ - result = cli_samr_query_userinfo(cli, mem_ctx, &user_pol, + result = rpccli_samr_query_userinfo(pipe_hnd, mem_ctx, &user_pol, info_level, &user_ctr); if (!NT_STATUS_IS_OK(result)) { @@ -771,7 +820,7 @@ static NTSTATUS rpc_user_rename_internals(const DOM_SID *domain_sid, const char init_sam_user_info7(&info7, new_name); /* Set new name */ - result = cli_samr_set_userinfo(cli, mem_ctx, &user_pol, + result = rpccli_samr_set_userinfo(pipe_hnd, mem_ctx, &user_pol, info_level, &cli->user_session_key, &ctr); if (!NT_STATUS_IS_OK(result)) { @@ -788,7 +837,6 @@ static NTSTATUS rpc_user_rename_internals(const DOM_SID *domain_sid, const char return result; } - /** * Rename a user on a remote RPC server * @@ -838,10 +886,12 @@ static int rpc_user_delete(int argc, const char **argv) **/ static NTSTATUS rpc_user_password_internals(const DOM_SID *domain_sid, - const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, - int argc, const char **argv) + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { NTSTATUS result = NT_STATUS_UNSUCCESSFUL; POLICY_HND connect_pol, domain_pol, user_pol; @@ -870,14 +920,14 @@ static NTSTATUS rpc_user_password_internals(const DOM_SID *domain_sid, /* Get sam policy and domain handles */ - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, domain_sid, &domain_pol); @@ -891,7 +941,7 @@ static NTSTATUS rpc_user_password_internals(const DOM_SID *domain_sid, uint32 *user_rids, num_rids, *name_types; uint32 flags = 0x000003e8; /* Unknown */ - result = cli_samr_lookup_names(cli, mem_ctx, &domain_pol, + result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol, flags, 1, &user, &num_rids, &user_rids, &name_types); @@ -900,7 +950,7 @@ static NTSTATUS rpc_user_password_internals(const DOM_SID *domain_sid, goto done; } - result = cli_samr_open_user(cli, mem_ctx, &domain_pol, + result = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, user_rids[0], &user_pol); @@ -921,7 +971,7 @@ static NTSTATUS rpc_user_password_internals(const DOM_SID *domain_sid, ctr.switch_value = 24; ctr.info.id24 = &p24; - result = cli_samr_set_userinfo(cli, mem_ctx, &user_pol, 24, + result = rpccli_samr_set_userinfo(pipe_hnd, mem_ctx, &user_pol, 24, &cli->user_session_key, &ctr); if (!NT_STATUS_IS_OK(result)) { @@ -967,10 +1017,13 @@ static int rpc_user_password(int argc, const char **argv) * @return Normal NTSTATUS return. **/ -static NTSTATUS -rpc_user_info_internals(const DOM_SID *domain_sid, const char *domain_name, +static NTSTATUS rpc_user_info_internals(const DOM_SID *domain_sid, + const char *domain_name, struct cli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { POLICY_HND connect_pol, domain_pol, user_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; @@ -987,31 +1040,31 @@ rpc_user_info_internals(const DOM_SID *domain_sid, const char *domain_name, } /* Get sam policy handle */ - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Get domain policy handle */ - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Get handle on user */ - result = cli_samr_lookup_names(cli, mem_ctx, &domain_pol, + result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol, flags, 1, &argv[0], &num_rids, &rids, &name_types); if (!NT_STATUS_IS_OK(result)) goto done; - result = cli_samr_open_user(cli, mem_ctx, &domain_pol, + result = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, rids[0], &user_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = cli_samr_query_usergroups(cli, mem_ctx, &user_pol, + result = rpccli_samr_query_usergroups(pipe_hnd, mem_ctx, &user_pol, &num_rids, &user_gids); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1024,7 +1077,7 @@ rpc_user_info_internals(const DOM_SID *domain_sid, const char *domain_name, for (i = 0; i < num_rids; i++) rids[i] = user_gids[i].g_rid; - result = cli_samr_lookup_rids(cli, mem_ctx, &domain_pol, + result = rpccli_samr_lookup_rids(pipe_hnd, mem_ctx, &domain_pol, num_rids, rids, &num_names, &names, &name_types); @@ -1073,10 +1126,13 @@ static int rpc_user_info(int argc, const char **argv) * @return Normal NTSTATUS return. **/ -static NTSTATUS -rpc_user_list_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) +static NTSTATUS rpc_user_list_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { POLICY_HND connect_pol, domain_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; @@ -1086,7 +1142,7 @@ rpc_user_list_internals(const DOM_SID *domain_sid, const char *domain_name, /* Get sam policy handle */ - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -1094,7 +1150,7 @@ rpc_user_list_internals(const DOM_SID *domain_sid, const char *domain_name, /* Get domain policy handle */ - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) { @@ -1115,7 +1171,7 @@ rpc_user_list_internals(const DOM_SID *domain_sid, const char *domain_name, get_query_dispinfo_params( loop_count, &max_entries, &max_size); - result = cli_samr_query_dispinfo(cli, mem_ctx, &domain_pol, + result = rpccli_samr_query_dispinfo(pipe_hnd, mem_ctx, &domain_pol, &start_idx, 1, &num_entries, max_entries, max_size, &ctr); loop_count++; @@ -1163,7 +1219,6 @@ int net_rpc_user(int argc, const char **argv) return net_run_function(argc, argv, func, rpc_user_usage); } - /****************************************************************************/ /** @@ -1195,10 +1250,12 @@ static int rpc_group_usage(int argc, const char **argv) **/ static NTSTATUS rpc_group_delete_internals(const DOM_SID *domain_sid, - const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, - int argc, const char **argv) + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { POLICY_HND connect_pol, domain_pol, group_pol, user_pol; BOOL group_is_primary = False; @@ -1219,7 +1276,7 @@ static NTSTATUS rpc_group_delete_internals(const DOM_SID *domain_sid, return NT_STATUS_OK; /* ok? */ } - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) { @@ -1227,7 +1284,7 @@ static NTSTATUS rpc_group_delete_internals(const DOM_SID *domain_sid, goto done; } - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, domain_sid, &domain_pol); @@ -1236,7 +1293,7 @@ static NTSTATUS rpc_group_delete_internals(const DOM_SID *domain_sid, goto done; } - result = cli_samr_lookup_names(cli, mem_ctx, &domain_pol, + result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol, flags, 1, &argv[0], &num_rids, &group_rids, &name_types); @@ -1249,7 +1306,7 @@ static NTSTATUS rpc_group_delete_internals(const DOM_SID *domain_sid, switch (name_types[0]) { case SID_NAME_DOM_GRP: - result = cli_samr_open_group(cli, mem_ctx, &domain_pol, + result = rpccli_samr_open_group(pipe_hnd, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, group_rids[0], &group_pol); if (!NT_STATUS_IS_OK(result)) { @@ -1259,7 +1316,7 @@ static NTSTATUS rpc_group_delete_internals(const DOM_SID *domain_sid, group_rid = group_rids[0]; - result = cli_samr_query_groupmem(cli, mem_ctx, &group_pol, + result = rpccli_samr_query_groupmem(pipe_hnd, mem_ctx, &group_pol, &num_members, &group_rids, &group_attrs); @@ -1276,7 +1333,7 @@ static NTSTATUS rpc_group_delete_internals(const DOM_SID *domain_sid, /* Check if group is anyone's primary group */ for (i = 0; i < num_members; i++) { - result = cli_samr_open_user(cli, mem_ctx, &domain_pol, + result = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, group_rids[i], &user_pol); @@ -1287,7 +1344,7 @@ static NTSTATUS rpc_group_delete_internals(const DOM_SID *domain_sid, ZERO_STRUCT(user_ctr); - result = cli_samr_query_userinfo(cli, mem_ctx, &user_pol, + result = rpccli_samr_query_userinfo(pipe_hnd, mem_ctx, &user_pol, 21, &user_ctr); if (!NT_STATUS_IS_OK(result)) { @@ -1303,7 +1360,7 @@ static NTSTATUS rpc_group_delete_internals(const DOM_SID *domain_sid, group_is_primary = True; } - cli_samr_close(cli, mem_ctx, &user_pol); + rpccli_samr_close(pipe_hnd, mem_ctx, &user_pol); } if (group_is_primary) { @@ -1318,7 +1375,7 @@ static NTSTATUS rpc_group_delete_internals(const DOM_SID *domain_sid, { if (opt_verbose) d_printf("Remove group member %d...",group_rids[i]); - result = cli_samr_del_groupmem(cli, mem_ctx, &group_pol, group_rids[i]); + result = rpccli_samr_del_groupmem(pipe_hnd, mem_ctx, &group_pol, group_rids[i]); if (NT_STATUS_IS_OK(result)) { if (opt_verbose) @@ -1330,12 +1387,12 @@ static NTSTATUS rpc_group_delete_internals(const DOM_SID *domain_sid, } } - result = cli_samr_delete_dom_group(cli, mem_ctx, &group_pol); + result = rpccli_samr_delete_dom_group(pipe_hnd, mem_ctx, &group_pol); break; /* removing a local group is easier... */ case SID_NAME_ALIAS: - result = cli_samr_open_alias(cli, mem_ctx, &domain_pol, + result = rpccli_samr_open_alias(pipe_hnd, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, group_rids[0], &group_pol); @@ -1344,7 +1401,7 @@ static NTSTATUS rpc_group_delete_internals(const DOM_SID *domain_sid, goto done; } - result = cli_samr_delete_dom_alias(cli, mem_ctx, &group_pol); + result = rpccli_samr_delete_dom_alias(pipe_hnd, mem_ctx, &group_pol); break; default: d_printf("%s is of type %s. This command is only for deleting local or global groups\n", @@ -1373,10 +1430,13 @@ static int rpc_group_delete(int argc, const char **argv) argc,argv); } -static NTSTATUS -rpc_group_add_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) +static NTSTATUS rpc_group_add_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { POLICY_HND connect_pol, domain_pol, group_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; @@ -1390,20 +1450,20 @@ rpc_group_add_internals(const DOM_SID *domain_sid, const char *domain_name, /* Get sam policy handle */ - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Get domain policy handle */ - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Create the group */ - result = cli_samr_create_dom_group(cli, mem_ctx, &domain_pol, + result = rpccli_samr_create_dom_group(pipe_hnd, mem_ctx, &domain_pol, argv[0], MAXIMUM_ALLOWED_ACCESS, &group_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1415,7 +1475,7 @@ rpc_group_add_internals(const DOM_SID *domain_sid, const char *domain_name, group_info.switch_value1 = 4; init_samr_group_info4(&group_info.group.info4, opt_comment); - result = cli_samr_set_groupinfo(cli, mem_ctx, &group_pol, &group_info); + result = rpccli_samr_set_groupinfo(pipe_hnd, mem_ctx, &group_pol, &group_info); if (!NT_STATUS_IS_OK(result)) goto done; done: @@ -1427,10 +1487,13 @@ rpc_group_add_internals(const DOM_SID *domain_sid, const char *domain_name, return result; } -static NTSTATUS -rpc_alias_add_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) +static NTSTATUS rpc_alias_add_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { POLICY_HND connect_pol, domain_pol, alias_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; @@ -1444,20 +1507,20 @@ rpc_alias_add_internals(const DOM_SID *domain_sid, const char *domain_name, /* Get sam policy handle */ - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Get domain policy handle */ - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Create the group */ - result = cli_samr_create_dom_alias(cli, mem_ctx, &domain_pol, + result = rpccli_samr_create_dom_alias(pipe_hnd, mem_ctx, &domain_pol, argv[0], &alias_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1468,7 +1531,7 @@ rpc_alias_add_internals(const DOM_SID *domain_sid, const char *domain_name, alias_info.level = 3; init_samr_alias_info3(&alias_info.alias.info3, opt_comment); - result = cli_samr_set_aliasinfo(cli, mem_ctx, &alias_pol, &alias_info); + result = rpccli_samr_set_aliasinfo(pipe_hnd, mem_ctx, &alias_pol, &alias_info); if (!NT_STATUS_IS_OK(result)) goto done; done: @@ -1492,33 +1555,31 @@ static int rpc_group_add(int argc, const char **argv) argc, argv); } -static NTSTATUS -get_sid_from_name(struct cli_state *cli, TALLOC_CTX *mem_ctx, const char *name, - DOM_SID *sid, enum SID_NAME_USE *type) +static NTSTATUS get_sid_from_name(struct cli_state *cli, + TALLOC_CTX *mem_ctx, + const char *name, + DOM_SID *sid, + enum SID_NAME_USE *type) { - int current_pipe = cli->pipe_idx; - DOM_SID *sids = NULL; uint32 *types = NULL; + struct rpc_pipe_client *pipe_hnd; POLICY_HND lsa_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - if (current_pipe != PI_LSARPC) { - - if (current_pipe != -1) - cli_nt_session_close(cli); - - if (!cli_nt_session_open(cli, PI_LSARPC)) - goto done; + pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_LSARPC, &result); + if (!pipe_hnd) { + goto done; } - result = cli_lsa_open_policy(cli, mem_ctx, False, + result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, False, SEC_RIGHTS_MAXIMUM_ALLOWED, &lsa_pol); - if (!NT_STATUS_IS_OK(result)) + if (!NT_STATUS_IS_OK(result)) { goto done; + } - result = cli_lsa_lookup_names(cli, mem_ctx, &lsa_pol, 1, + result = rpccli_lsa_lookup_names(pipe_hnd, mem_ctx, &lsa_pol, 1, &name, &sids, &types); if (NT_STATUS_IS_OK(result)) { @@ -1526,13 +1587,11 @@ get_sid_from_name(struct cli_state *cli, TALLOC_CTX *mem_ctx, const char *name, *type = types[0]; } - cli_lsa_close(cli, mem_ctx, &lsa_pol); + rpccli_lsa_close(pipe_hnd, mem_ctx, &lsa_pol); done: - if (current_pipe != PI_LSARPC) { - cli_nt_session_close(cli); - if (current_pipe != -1) - cli_nt_session_open(cli, current_pipe); + if (pipe_hnd) { + cli_rpc_pipe_close(pipe_hnd); } if (!NT_STATUS_IS_OK(result) && (StrnCaseCmp(name, "S-", 2) == 0)) { @@ -1551,9 +1610,10 @@ get_sid_from_name(struct cli_state *cli, TALLOC_CTX *mem_ctx, const char *name, return result; } -static NTSTATUS -rpc_add_groupmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, - const DOM_SID *group_sid, const char *member) +static NTSTATUS rpc_add_groupmem(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + const DOM_SID *group_sid, + const char *member) { POLICY_HND connect_pol, domain_pol; NTSTATUS result; @@ -1568,23 +1628,26 @@ rpc_add_groupmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, sid_copy(&sid, group_sid); - if (!sid_split_rid(&sid, &group_rid)) + if (!sid_split_rid(&sid, &group_rid)) { return NT_STATUS_UNSUCCESSFUL; + } /* Get sam policy handle */ - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); - if (!NT_STATUS_IS_OK(result)) + if (!NT_STATUS_IS_OK(result)) { return result; + } /* Get domain policy handle */ - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, &sid, &domain_pol); - if (!NT_STATUS_IS_OK(result)) + if (!NT_STATUS_IS_OK(result)) { return result; + } - result = cli_samr_lookup_names(cli, mem_ctx, &domain_pol, 1000, + result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol, 1000, 1, &member, &num_rids, &rids, &rid_types); @@ -1593,23 +1656,25 @@ rpc_add_groupmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, goto done; } - result = cli_samr_open_group(cli, mem_ctx, &domain_pol, + result = rpccli_samr_open_group(pipe_hnd, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, group_rid, &group_pol); - if (!NT_STATUS_IS_OK(result)) + if (!NT_STATUS_IS_OK(result)) { goto done; + } - result = cli_samr_add_groupmem(cli, mem_ctx, &group_pol, rids[0]); + result = rpccli_samr_add_groupmem(pipe_hnd, mem_ctx, &group_pol, rids[0]); done: - cli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_close(pipe_hnd, mem_ctx, &connect_pol); return result; } -static NTSTATUS -rpc_add_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, - const DOM_SID *alias_sid, const char *member) +static NTSTATUS rpc_add_aliasmem(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + const DOM_SID *alias_sid, + const char *member) { POLICY_HND connect_pol, domain_pol; NTSTATUS result; @@ -1623,10 +1688,11 @@ rpc_add_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, sid_copy(&sid, alias_sid); - if (!sid_split_rid(&sid, &alias_rid)) + if (!sid_split_rid(&sid, &alias_rid)) { return NT_STATUS_UNSUCCESSFUL; + } - result = get_sid_from_name(cli, mem_ctx, member, + result = get_sid_from_name(pipe_hnd->cli, mem_ctx, member, &member_sid, &member_type); if (!NT_STATUS_IS_OK(result)) { @@ -1635,41 +1701,46 @@ rpc_add_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, } /* Get sam policy handle */ - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } /* Get domain policy handle */ - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, &sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } - result = cli_samr_open_alias(cli, mem_ctx, &domain_pol, + result = rpccli_samr_open_alias(pipe_hnd, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, alias_rid, &alias_pol); - if (!NT_STATUS_IS_OK(result)) + if (!NT_STATUS_IS_OK(result)) { return result; + } - result = cli_samr_add_aliasmem(cli, mem_ctx, &alias_pol, &member_sid); + result = rpccli_samr_add_aliasmem(pipe_hnd, mem_ctx, &alias_pol, &member_sid); - if (!NT_STATUS_IS_OK(result)) + if (!NT_STATUS_IS_OK(result)) { return result; + } done: - cli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_close(pipe_hnd, mem_ctx, &connect_pol); return result; } -static NTSTATUS -rpc_group_addmem_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) +static NTSTATUS rpc_group_addmem_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { DOM_SID group_sid; enum SID_NAME_USE group_type; @@ -1686,7 +1757,7 @@ rpc_group_addmem_internals(const DOM_SID *domain_sid, const char *domain_name, } if (group_type == SID_NAME_DOM_GRP) { - NTSTATUS result = rpc_add_groupmem(cli, mem_ctx, + NTSTATUS result = rpc_add_groupmem(pipe_hnd, mem_ctx, &group_sid, argv[1]); if (!NT_STATUS_IS_OK(result)) { @@ -1697,7 +1768,7 @@ rpc_group_addmem_internals(const DOM_SID *domain_sid, const char *domain_name, } if (group_type == SID_NAME_ALIAS) { - NTSTATUS result = rpc_add_aliasmem(cli, mem_ctx, + NTSTATUS result = rpc_add_aliasmem(pipe_hnd, mem_ctx, &group_sid, argv[1]); if (!NT_STATUS_IS_OK(result)) { @@ -1720,9 +1791,10 @@ static int rpc_group_addmem(int argc, const char **argv) argc, argv); } -static NTSTATUS -rpc_del_groupmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, - const DOM_SID *group_sid, const char *member) +static NTSTATUS rpc_del_groupmem(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + const DOM_SID *group_sid, + const char *member) { POLICY_HND connect_pol, domain_pol; NTSTATUS result; @@ -1741,19 +1813,19 @@ rpc_del_groupmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, return NT_STATUS_UNSUCCESSFUL; /* Get sam policy handle */ - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) return result; /* Get domain policy handle */ - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, &sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) return result; - result = cli_samr_lookup_names(cli, mem_ctx, &domain_pol, 1000, + result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol, 1000, 1, &member, &num_rids, &rids, &rid_types); @@ -1762,23 +1834,24 @@ rpc_del_groupmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, goto done; } - result = cli_samr_open_group(cli, mem_ctx, &domain_pol, + result = rpccli_samr_open_group(pipe_hnd, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, group_rid, &group_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = cli_samr_del_groupmem(cli, mem_ctx, &group_pol, rids[0]); + result = rpccli_samr_del_groupmem(pipe_hnd, mem_ctx, &group_pol, rids[0]); done: - cli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_close(pipe_hnd, mem_ctx, &connect_pol); return result; } -static NTSTATUS -rpc_del_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, - const DOM_SID *alias_sid, const char *member) +static NTSTATUS rpc_del_aliasmem(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + const DOM_SID *alias_sid, + const char *member) { POLICY_HND connect_pol, domain_pol; NTSTATUS result; @@ -1795,7 +1868,7 @@ rpc_del_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, if (!sid_split_rid(&sid, &alias_rid)) return NT_STATUS_UNSUCCESSFUL; - result = get_sid_from_name(cli, mem_ctx, member, + result = get_sid_from_name(pipe_hnd->cli, mem_ctx, member, &member_sid, &member_type); if (!NT_STATUS_IS_OK(result)) { @@ -1804,41 +1877,44 @@ rpc_del_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, } /* Get sam policy handle */ - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } /* Get domain policy handle */ - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, &sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } - result = cli_samr_open_alias(cli, mem_ctx, &domain_pol, + result = rpccli_samr_open_alias(pipe_hnd, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, alias_rid, &alias_pol); if (!NT_STATUS_IS_OK(result)) return result; - result = cli_samr_del_aliasmem(cli, mem_ctx, &alias_pol, &member_sid); + result = rpccli_samr_del_aliasmem(pipe_hnd, mem_ctx, &alias_pol, &member_sid); if (!NT_STATUS_IS_OK(result)) return result; done: - cli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_close(pipe_hnd, mem_ctx, &connect_pol); return result; } -static NTSTATUS -rpc_group_delmem_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) +static NTSTATUS rpc_group_delmem_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { DOM_SID group_sid; enum SID_NAME_USE group_type; @@ -1855,7 +1931,7 @@ rpc_group_delmem_internals(const DOM_SID *domain_sid, const char *domain_name, } if (group_type == SID_NAME_DOM_GRP) { - NTSTATUS result = rpc_del_groupmem(cli, mem_ctx, + NTSTATUS result = rpc_del_groupmem(pipe_hnd, mem_ctx, &group_sid, argv[1]); if (!NT_STATUS_IS_OK(result)) { @@ -1866,7 +1942,7 @@ rpc_group_delmem_internals(const DOM_SID *domain_sid, const char *domain_name, } if (group_type == SID_NAME_ALIAS) { - NTSTATUS result = rpc_del_aliasmem(cli, mem_ctx, + NTSTATUS result = rpc_del_aliasmem(pipe_hnd, mem_ctx, &group_sid, argv[1]); if (!NT_STATUS_IS_OK(result)) { @@ -1905,10 +1981,13 @@ static int rpc_group_delmem(int argc, const char **argv) * @return Normal NTSTATUS return. **/ -static NTSTATUS -rpc_group_list_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) +static NTSTATUS rpc_group_list_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { POLICY_HND connect_pol, domain_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; @@ -1937,7 +2016,7 @@ rpc_group_list_internals(const DOM_SID *domain_sid, const char *domain_name, /* Get sam policy handle */ - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -1945,7 +2024,7 @@ rpc_group_list_internals(const DOM_SID *domain_sid, const char *domain_name, /* Get domain policy handle */ - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) { @@ -1970,7 +2049,7 @@ rpc_group_list_internals(const DOM_SID *domain_sid, const char *domain_name, get_query_dispinfo_params( loop_count, &max_entries, &max_size); - result = cli_samr_query_dispinfo(cli, mem_ctx, &domain_pol, + result = rpccli_samr_query_dispinfo(pipe_hnd, mem_ctx, &domain_pol, &start_idx, 3, &num_entries, max_entries, max_size, &ctr); @@ -2003,7 +2082,7 @@ rpc_group_list_internals(const DOM_SID *domain_sid, const char *domain_name, * everything. I'm too lazy (sorry) to get this through to * rpc_parse/ etc. Volker */ - result = cli_samr_enum_als_groups(cli, mem_ctx, &domain_pol, + result = rpccli_samr_enum_als_groups(pipe_hnd, mem_ctx, &domain_pol, &start_idx, 0xffff, &groups, &num_entries); @@ -2020,15 +2099,15 @@ rpc_group_list_internals(const DOM_SID *domain_sid, const char *domain_name, POLICY_HND alias_pol; ALIAS_INFO_CTR ctr; - if ((NT_STATUS_IS_OK(cli_samr_open_alias(cli, mem_ctx, + if ((NT_STATUS_IS_OK(rpccli_samr_open_alias(pipe_hnd, mem_ctx, &domain_pol, 0x8, groups[i].rid, &alias_pol))) && - (NT_STATUS_IS_OK(cli_samr_query_alias_info(cli, mem_ctx, + (NT_STATUS_IS_OK(rpccli_samr_query_alias_info(pipe_hnd, mem_ctx, &alias_pol, 3, &ctr))) && - (NT_STATUS_IS_OK(cli_samr_close(cli, mem_ctx, + (NT_STATUS_IS_OK(rpccli_samr_close(pipe_hnd, mem_ctx, &alias_pol)))) { description = unistr2_tdup(mem_ctx, ctr.alias.info3.description.string); @@ -2044,10 +2123,10 @@ rpc_group_list_internals(const DOM_SID *domain_sid, const char *domain_name, } } } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); - cli_samr_close(cli, mem_ctx, &domain_pol); + rpccli_samr_close(pipe_hnd, mem_ctx, &domain_pol); /* Get builtin policy handle */ - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, &global_sid_Builtin, &domain_pol); if (!NT_STATUS_IS_OK(result)) { @@ -2058,7 +2137,7 @@ rpc_group_list_internals(const DOM_SID *domain_sid, const char *domain_name, do { if (!builtin) break; - result = cli_samr_enum_als_groups(cli, mem_ctx, &domain_pol, + result = rpccli_samr_enum_als_groups(pipe_hnd, mem_ctx, &domain_pol, &start_idx, max_entries, &groups, &num_entries); @@ -2075,15 +2154,15 @@ rpc_group_list_internals(const DOM_SID *domain_sid, const char *domain_name, POLICY_HND alias_pol; ALIAS_INFO_CTR ctr; - if ((NT_STATUS_IS_OK(cli_samr_open_alias(cli, mem_ctx, + if ((NT_STATUS_IS_OK(rpccli_samr_open_alias(pipe_hnd, mem_ctx, &domain_pol, 0x8, groups[i].rid, &alias_pol))) && - (NT_STATUS_IS_OK(cli_samr_query_alias_info(cli, mem_ctx, + (NT_STATUS_IS_OK(rpccli_samr_query_alias_info(pipe_hnd, mem_ctx, &alias_pol, 3, &ctr))) && - (NT_STATUS_IS_OK(cli_samr_close(cli, mem_ctx, + (NT_STATUS_IS_OK(rpccli_samr_close(pipe_hnd, mem_ctx, &alias_pol)))) { description = unistr2_tdup(mem_ctx, ctr.alias.info3.description.string); @@ -2111,10 +2190,12 @@ static int rpc_group_list(int argc, const char **argv) argc, argv); } -static NTSTATUS -rpc_list_group_members(struct cli_state *cli, TALLOC_CTX *mem_ctx, - const char *domain_name, const DOM_SID *domain_sid, - POLICY_HND *domain_pol, uint32 rid) +static NTSTATUS rpc_list_group_members(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + const char *domain_name, + const DOM_SID *domain_sid, + POLICY_HND *domain_pol, + uint32 rid) { NTSTATUS result; POLICY_HND group_pol; @@ -2127,14 +2208,14 @@ rpc_list_group_members(struct cli_state *cli, TALLOC_CTX *mem_ctx, fstring sid_str; sid_to_string(sid_str, domain_sid); - result = cli_samr_open_group(cli, mem_ctx, domain_pol, + result = rpccli_samr_open_group(pipe_hnd, mem_ctx, domain_pol, MAXIMUM_ALLOWED_ACCESS, rid, &group_pol); if (!NT_STATUS_IS_OK(result)) return result; - result = cli_samr_query_groupmem(cli, mem_ctx, &group_pol, + result = rpccli_samr_query_groupmem(pipe_hnd, mem_ctx, &group_pol, &num_members, &group_rids, &group_attrs); @@ -2147,7 +2228,7 @@ rpc_list_group_members(struct cli_state *cli, TALLOC_CTX *mem_ctx, if (num_members < this_time) this_time = num_members; - result = cli_samr_lookup_rids(cli, mem_ctx, domain_pol, + result = rpccli_samr_lookup_rids(pipe_hnd, mem_ctx, domain_pol, this_time, group_rids, &num_names, &names, &name_types); @@ -2175,11 +2256,13 @@ rpc_list_group_members(struct cli_state *cli, TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } -static NTSTATUS -rpc_list_alias_members(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *domain_pol, uint32 rid) +static NTSTATUS rpc_list_alias_members(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + POLICY_HND *domain_pol, + uint32 rid) { NTSTATUS result; + struct rpc_pipe_client *lsa_pipe; POLICY_HND alias_pol, lsa_pol; uint32 num_members; DOM_SID *alias_sids; @@ -2188,13 +2271,13 @@ rpc_list_alias_members(struct cli_state *cli, TALLOC_CTX *mem_ctx, uint32 *types; int i; - result = cli_samr_open_alias(cli, mem_ctx, domain_pol, + result = rpccli_samr_open_alias(pipe_hnd, mem_ctx, domain_pol, MAXIMUM_ALLOWED_ACCESS, rid, &alias_pol); if (!NT_STATUS_IS_OK(result)) return result; - result = cli_samr_query_aliasmem(cli, mem_ctx, &alias_pol, + result = rpccli_samr_query_aliasmem(pipe_hnd, mem_ctx, &alias_pol, &num_members, &alias_sids); if (!NT_STATUS_IS_OK(result)) { @@ -2206,28 +2289,30 @@ rpc_list_alias_members(struct cli_state *cli, TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } - cli_nt_session_close(cli); - - if (!cli_nt_session_open(cli, PI_LSARPC)) { - d_printf("Couldn't open LSA pipe\n"); + lsa_pipe = cli_rpc_pipe_open_noauth(pipe_hnd->cli, PI_LSARPC, &result); + if (!lsa_pipe) { + d_printf("Couldn't open LSA pipe. Error was %s\n", + nt_errstr(result) ); return result; } - result = cli_lsa_open_policy(cli, mem_ctx, True, + result = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, True, SEC_RIGHTS_MAXIMUM_ALLOWED, &lsa_pol); if (!NT_STATUS_IS_OK(result)) { d_printf("Couldn't open LSA policy handle\n"); + cli_rpc_pipe_close(lsa_pipe); return result; } - result = cli_lsa_lookup_sids(cli, mem_ctx, &lsa_pol, num_members, + result = rpccli_lsa_lookup_sids(lsa_pipe, mem_ctx, &lsa_pol, num_members, alias_sids, &domains, &names, &types); if (!NT_STATUS_IS_OK(result) && !NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED)) { d_printf("Couldn't lookup SIDs\n"); + cli_rpc_pipe_close(lsa_pipe); return result; } @@ -2247,14 +2332,17 @@ rpc_list_alias_members(struct cli_state *cli, TALLOC_CTX *mem_ctx, } } + cli_rpc_pipe_close(lsa_pipe); return NT_STATUS_OK; } -static NTSTATUS -rpc_group_members_internals(const DOM_SID *domain_sid, - const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) +static NTSTATUS rpc_group_members_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { NTSTATUS result; POLICY_HND connect_pol, domain_pol; @@ -2262,7 +2350,7 @@ rpc_group_members_internals(const DOM_SID *domain_sid, /* Get sam policy handle */ - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) @@ -2270,14 +2358,14 @@ rpc_group_members_internals(const DOM_SID *domain_sid, /* Get domain policy handle */ - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) return result; - result = cli_samr_lookup_names(cli, mem_ctx, &domain_pol, 1000, + result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol, 1000, 1, argv, &num_rids, &rids, &rid_types); if (!NT_STATUS_IS_OK(result)) { @@ -2286,11 +2374,11 @@ rpc_group_members_internals(const DOM_SID *domain_sid, DOM_SID sid_Builtin; - cli_samr_close(cli, mem_ctx, &domain_pol); + rpccli_samr_close(pipe_hnd, mem_ctx, &domain_pol); string_to_sid(&sid_Builtin, "S-1-5-32"); - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, &sid_Builtin, &domain_pol); @@ -2299,7 +2387,7 @@ rpc_group_members_internals(const DOM_SID *domain_sid, return result; } - result = cli_samr_lookup_names(cli, mem_ctx, &domain_pol, 1000, + result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol, 1000, 1, argv, &num_rids, &rids, &rid_types); @@ -2315,13 +2403,13 @@ rpc_group_members_internals(const DOM_SID *domain_sid, } if (rid_types[0] == SID_NAME_DOM_GRP) { - return rpc_list_group_members(cli, mem_ctx, domain_name, + return rpc_list_group_members(pipe_hnd, mem_ctx, domain_name, domain_sid, &domain_pol, rids[0]); } if (rid_types[0] == SID_NAME_ALIAS) { - return rpc_list_alias_members(cli, mem_ctx, &domain_pol, + return rpc_list_alias_members(pipe_hnd, mem_ctx, &domain_pol, rids[0]); } @@ -2339,11 +2427,13 @@ static int rpc_group_members(int argc, const char **argv) argc, argv); } -static NTSTATUS -rpc_group_rename_internals(const DOM_SID *domain_sid, - const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) +static NTSTATUS rpc_group_rename_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { NTSTATUS result; POLICY_HND connect_pol, domain_pol, group_pol; @@ -2357,7 +2447,7 @@ rpc_group_rename_internals(const DOM_SID *domain_sid, /* Get sam policy handle */ - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) @@ -2365,14 +2455,14 @@ rpc_group_rename_internals(const DOM_SID *domain_sid, /* Get domain policy handle */ - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) return result; - result = cli_samr_lookup_names(cli, mem_ctx, &domain_pol, 1000, + result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol, 1000, 1, argv, &num_rids, &rids, &rid_types); if (num_rids != 1) { @@ -2385,7 +2475,7 @@ rpc_group_rename_internals(const DOM_SID *domain_sid, return NT_STATUS_UNSUCCESSFUL; } - result = cli_samr_open_group(cli, mem_ctx, &domain_pol, + result = rpccli_samr_open_group(pipe_hnd, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, rids[0], &group_pol); @@ -2397,7 +2487,7 @@ rpc_group_rename_internals(const DOM_SID *domain_sid, ctr.switch_value1 = 2; init_samr_group_info2(&ctr.group.info2, argv[1]); - result = cli_samr_set_groupinfo(cli, mem_ctx, &group_pol, &ctr); + result = rpccli_samr_set_groupinfo(pipe_hnd, mem_ctx, &group_pol, &ctr); if (!NT_STATUS_IS_OK(result)) return result; @@ -2467,10 +2557,12 @@ static int rpc_share_usage(int argc, const char **argv) * * @return Normal NTSTATUS return. **/ -static NTSTATUS -rpc_share_add_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx,int argc, const char **argv) +static NTSTATUS rpc_share_add_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx,int argc, + const char **argv) { WERROR result; char *sharename=talloc_strdup(mem_ctx, argv[0]); @@ -2485,7 +2577,7 @@ rpc_share_add_internals(const DOM_SID *domain_sid, const char *domain_name, return NT_STATUS_UNSUCCESSFUL; *path++ = '\0'; - result = cli_srvsvc_net_share_add(cli, mem_ctx, sharename, type, + result = rpccli_srvsvc_net_share_add(pipe_hnd, mem_ctx, sharename, type, opt_comment, perms, opt_maxusers, num_users, path, password, level, NULL); @@ -2518,14 +2610,17 @@ static int rpc_share_add(int argc, const char **argv) * * @return Normal NTSTATUS return. **/ -static NTSTATUS -rpc_share_del_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx,int argc, const char **argv) +static NTSTATUS rpc_share_del_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { WERROR result; - result = cli_srvsvc_net_share_del(cli, mem_ctx, argv[0]); + result = rpccli_srvsvc_net_share_del(pipe_hnd, mem_ctx, argv[0]); return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; } @@ -2572,10 +2667,12 @@ static void display_share_info_1(SRV_SHARE_INFO_1 *info1) } - -static WERROR get_share_info(struct cli_state *cli, TALLOC_CTX *mem_ctx, - uint32 level, int argc, const char **argv, - SRV_SHARE_INFO_CTR *ctr) +static WERROR get_share_info(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + uint32 level, + int argc, + const char **argv, + SRV_SHARE_INFO_CTR *ctr) { WERROR result; SRV_SHARE_INFO info; @@ -2588,12 +2685,12 @@ static WERROR get_share_info(struct cli_state *cli, TALLOC_CTX *mem_ctx, init_enum_hnd(&hnd, 0); - return cli_srvsvc_net_share_enum(cli, mem_ctx, level, ctr, + return rpccli_srvsvc_net_share_enum(pipe_hnd, mem_ctx, level, ctr, preferred_len, &hnd); } /* request just one share */ - result = cli_srvsvc_net_share_get_info(cli, mem_ctx, argv[0], level, &info); + result = rpccli_srvsvc_net_share_get_info(pipe_hnd, mem_ctx, argv[0], level, &info); if (!W_ERROR_IS_OK(result)) goto done; @@ -2720,16 +2817,19 @@ done: * @return Normal NTSTATUS return. **/ -static NTSTATUS -rpc_share_list_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) +static NTSTATUS rpc_share_list_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { SRV_SHARE_INFO_CTR ctr; WERROR result; uint32 i, level = 1; - result = get_share_info(cli, mem_ctx, level, argc, argv, &ctr); + result = get_share_info(pipe_hnd, mem_ctx, level, argc, argv, &ctr); if (!W_ERROR_IS_OK(result)) goto done; @@ -2808,10 +2908,14 @@ static BOOL check_share_sanity(struct cli_state *cli, fstring netname, uint32 ty * * @return Normal NTSTATUS return. **/ -static NTSTATUS -rpc_share_migrate_shares_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) + +static NTSTATUS rpc_share_migrate_shares_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { WERROR result; NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; @@ -2819,16 +2923,16 @@ rpc_share_migrate_shares_internals(const DOM_SID *domain_sid, const char *domain uint32 type = STYPE_DISKTREE; /* only allow disk shares to be added */ char *password = NULL; /* don't allow a share password */ uint32 i; - BOOL got_dst_srvsvc_pipe = False; + struct rpc_pipe_client *srvsvc_pipe = NULL; struct cli_state *cli_dst = NULL; uint32 level = 502; /* includes secdesc */ - result = get_share_info(cli, mem_ctx, level, argc, argv, &ctr_src); + result = get_share_info(pipe_hnd, mem_ctx, level, argc, argv, &ctr_src); if (!W_ERROR_IS_OK(result)) goto done; /* connect destination PI_SRVSVC */ - nt_status = connect_dst_pipe(&cli_dst, PI_SRVSVC, &got_dst_srvsvc_pipe); + nt_status = connect_dst_pipe(&cli_dst, &srvsvc_pipe, PI_SRVSVC); if (!NT_STATUS_IS_OK(nt_status)) return nt_status; @@ -2854,7 +2958,7 @@ rpc_share_migrate_shares_internals(const DOM_SID *domain_sid, const char *domain printf("migrating: [%s], path: %s, comment: %s, without share-ACLs\n", netname, path, remark); - result = cli_srvsvc_net_share_add(cli_dst, mem_ctx, netname, type, remark, + result = rpccli_srvsvc_net_share_add(srvsvc_pipe, mem_ctx, netname, type, remark, ctr_src.share.info502[i].info_502.perms, ctr_src.share.info502[i].info_502.max_uses, ctr_src.share.info502[i].info_502.num_uses, @@ -2876,8 +2980,7 @@ rpc_share_migrate_shares_internals(const DOM_SID *domain_sid, const char *domain nt_status = NT_STATUS_OK; done: - if (got_dst_srvsvc_pipe) { - cli_nt_session_close(cli_dst); + if (cli_dst) { cli_shutdown(cli_dst); } @@ -3038,7 +3141,7 @@ BOOL sync_files(struct copy_clistate *cp_clistate, pstring mask) BOOL copy_top_level_perms(struct copy_clistate *cp_clistate, const char *sharename) { - NTSTATUS nt_status; + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; switch (net_mode_share) { case NET_MODE_SHARE_MIGRATE: @@ -3066,7 +3169,6 @@ BOOL copy_top_level_perms(struct copy_clistate *cp_clistate, return True; } - /** * Sync all files inside a remote share to another share (over smb) * @@ -3082,10 +3184,14 @@ BOOL copy_top_level_perms(struct copy_clistate *cp_clistate, * * @return Normal NTSTATUS return. **/ -static NTSTATUS -rpc_share_migrate_files_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) + +static NTSTATUS rpc_share_migrate_files_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { WERROR result; NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; @@ -3100,7 +3206,7 @@ rpc_share_migrate_files_internals(const DOM_SID *domain_sid, const char *domain_ dst = SMB_STRDUP(opt_destination?opt_destination:"127.0.0.1"); - result = get_share_info(cli, mem_ctx, level, argc, argv, &ctr_src); + result = get_share_info(pipe_hnd, mem_ctx, level, argc, argv, &ctr_src); if (!W_ERROR_IS_OK(result)) goto done; @@ -3216,27 +3322,31 @@ static int rpc_share_migrate_files(int argc, const char **argv) * * @return Normal NTSTATUS return. **/ -static NTSTATUS -rpc_share_migrate_security_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) + +static NTSTATUS rpc_share_migrate_security_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { WERROR result; NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; SRV_SHARE_INFO_CTR ctr_src; SRV_SHARE_INFO info; uint32 i; - BOOL got_dst_srvsvc_pipe = False; + struct rpc_pipe_client *srvsvc_pipe = NULL; struct cli_state *cli_dst = NULL; uint32 level = 502; /* includes secdesc */ - result = get_share_info(cli, mem_ctx, level, argc, argv, &ctr_src); + result = get_share_info(pipe_hnd, mem_ctx, level, argc, argv, &ctr_src); if (!W_ERROR_IS_OK(result)) goto done; /* connect destination PI_SRVSVC */ - nt_status = connect_dst_pipe(&cli_dst, PI_SRVSVC, &got_dst_srvsvc_pipe); + nt_status = connect_dst_pipe(&cli_dst, &srvsvc_pipe, PI_SRVSVC); if (!NT_STATUS_IS_OK(nt_status)) return nt_status; @@ -3273,7 +3383,7 @@ rpc_share_migrate_security_internals(const DOM_SID *domain_sid, const char *doma info.share.info502 = ctr_src.share.info502[i]; /* finally modify the share on the dst server */ - result = cli_srvsvc_net_share_set_info(cli_dst, mem_ctx, netname, level, &info); + result = rpccli_srvsvc_net_share_set_info(srvsvc_pipe, mem_ctx, netname, level, &info); if (!W_ERROR_IS_OK(result)) { printf("cannot set share-acl: %s\n", dos_errstr(result)); @@ -3285,8 +3395,7 @@ rpc_share_migrate_security_internals(const DOM_SID *domain_sid, const char *doma nt_status = NT_STATUS_OK; done: - if (got_dst_srvsvc_pipe) { - cli_nt_session_close(cli_dst); + if (cli_dst) { cli_shutdown(cli_dst); } @@ -3399,10 +3508,11 @@ static void push_alias(TALLOC_CTX *mem_ctx, struct full_alias *alias) * For a specific domain on the server, fetch all the aliases * and their members. Add all of them to the server_aliases. */ -static NTSTATUS -rpc_fetch_domain_aliases(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *connect_pol, - const DOM_SID *domain_sid) + +static NTSTATUS rpc_fetch_domain_aliases(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + POLICY_HND *connect_pol, + const DOM_SID *domain_sid) { uint32 start_idx, max_entries, num_entries, i; struct acct_info *groups; @@ -3411,7 +3521,7 @@ rpc_fetch_domain_aliases(struct cli_state *cli, TALLOC_CTX *mem_ctx, /* Get domain policy handle */ - result = cli_samr_open_domain(cli, mem_ctx, connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, connect_pol, MAXIMUM_ALLOWED_ACCESS, domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) @@ -3421,7 +3531,7 @@ rpc_fetch_domain_aliases(struct cli_state *cli, TALLOC_CTX *mem_ctx, max_entries = 250; do { - result = cli_samr_enum_als_groups(cli, mem_ctx, &domain_pol, + result = rpccli_samr_enum_als_groups(pipe_hnd, mem_ctx, &domain_pol, &start_idx, max_entries, &groups, &num_entries); @@ -3432,21 +3542,21 @@ rpc_fetch_domain_aliases(struct cli_state *cli, TALLOC_CTX *mem_ctx, DOM_SID *members; int j; - result = cli_samr_open_alias(cli, mem_ctx, &domain_pol, + result = rpccli_samr_open_alias(pipe_hnd, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, groups[i].rid, &alias_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = cli_samr_query_aliasmem(cli, mem_ctx, + result = rpccli_samr_query_aliasmem(pipe_hnd, mem_ctx, &alias_pol, &alias.num_members, &members); if (!NT_STATUS_IS_OK(result)) goto done; - result = cli_samr_close(cli, mem_ctx, &alias_pol); + result = rpccli_samr_close(pipe_hnd, mem_ctx, &alias_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -3470,7 +3580,7 @@ rpc_fetch_domain_aliases(struct cli_state *cli, TALLOC_CTX *mem_ctx, result = NT_STATUS_OK; done: - cli_samr_close(cli, mem_ctx, &domain_pol); + rpccli_samr_close(pipe_hnd, mem_ctx, &domain_pol); return result; } @@ -3478,16 +3588,20 @@ rpc_fetch_domain_aliases(struct cli_state *cli, TALLOC_CTX *mem_ctx, /* * Dump server_aliases as names for debugging purposes. */ -static NTSTATUS -rpc_aliaslist_dump(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) + +static NTSTATUS rpc_aliaslist_dump(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { int i; NTSTATUS result; POLICY_HND lsa_pol; - result = cli_lsa_open_policy(cli, mem_ctx, True, + result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, True, SEC_RIGHTS_MAXIMUM_ALLOWED, &lsa_pol); if (!NT_STATUS_IS_OK(result)) @@ -3501,7 +3615,7 @@ rpc_aliaslist_dump(const DOM_SID *domain_sid, const char *domain_name, struct full_alias *alias = &server_aliases[i]; - result = cli_lsa_lookup_sids(cli, mem_ctx, &lsa_pol, 1, + result = rpccli_lsa_lookup_sids(pipe_hnd, mem_ctx, &lsa_pol, 1, &alias->sid, &domains, &names, &types); if (!NT_STATUS_IS_OK(result)) @@ -3514,7 +3628,7 @@ rpc_aliaslist_dump(const DOM_SID *domain_sid, const char *domain_name, continue; } - result = cli_lsa_lookup_sids(cli, mem_ctx, &lsa_pol, + result = rpccli_lsa_lookup_sids(pipe_hnd, mem_ctx, &lsa_pol, alias->num_members, alias->members, &domains, &names, &types); @@ -3530,7 +3644,7 @@ rpc_aliaslist_dump(const DOM_SID *domain_sid, const char *domain_name, DEBUG(1, ("\n")); } - cli_lsa_close(cli, mem_ctx, &lsa_pol); + rpccli_lsa_close(pipe_hnd, mem_ctx, &lsa_pol); return NT_STATUS_OK; } @@ -3539,30 +3653,34 @@ rpc_aliaslist_dump(const DOM_SID *domain_sid, const char *domain_name, * Fetch a list of all server aliases and their members into * server_aliases. */ -static NTSTATUS -rpc_aliaslist_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) + +static NTSTATUS rpc_aliaslist_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { NTSTATUS result; POLICY_HND connect_pol; - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpc_fetch_domain_aliases(cli, mem_ctx, &connect_pol, + result = rpc_fetch_domain_aliases(pipe_hnd, mem_ctx, &connect_pol, &global_sid_Builtin); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpc_fetch_domain_aliases(cli, mem_ctx, &connect_pol, + result = rpc_fetch_domain_aliases(pipe_hnd, mem_ctx, &connect_pol, domain_sid); - cli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_close(pipe_hnd, mem_ctx, &connect_pol); done: return result; } @@ -3662,8 +3780,7 @@ static void collect_alias_memberships(NT_USER_TOKEN *token) } } -static BOOL get_user_sids(const char *domain, const char *user, - NT_USER_TOKEN *token) +static BOOL get_user_sids(const char *domain, const char *user, NT_USER_TOKEN *token) { struct winbindd_request request; struct winbindd_response response; @@ -3749,6 +3866,7 @@ static BOOL get_user_sids(const char *domain, const char *user, /** * Get a list of all user tokens we want to look at **/ + static BOOL get_user_tokens(int *num_tokens, struct user_token **user_tokens) { struct winbindd_request request; @@ -3884,19 +4002,22 @@ static BOOL get_user_tokens_from_file(FILE *f, * Show the list of all users that have access to a share */ -static void show_userlist(struct cli_state *cli, - TALLOC_CTX *mem_ctx, const char *netname, - int num_tokens, struct user_token *tokens) +static void show_userlist(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + const char *netname, + int num_tokens, + struct user_token *tokens) { int fnum; SEC_DESC *share_sd = NULL; SEC_DESC *root_sd = NULL; + struct cli_state *cli = pipe_hnd->cli; int i; SRV_SHARE_INFO info; WERROR result; uint16 cnum; - result = cli_srvsvc_net_share_get_info(cli, mem_ctx, netname, + result = rpccli_srvsvc_net_share_get_info(pipe_hnd, mem_ctx, netname, 502, &info); if (!W_ERROR_IS_OK(result)) { @@ -4005,12 +4126,13 @@ static void rpc_share_userlist_usage(void) * @return Normal NTSTATUS return. **/ -static NTSTATUS -rpc_share_allowedusers_internals(const DOM_SID *domain_sid, - const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, - int argc, const char **argv) +static NTSTATUS rpc_share_allowedusers_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { int ret; BOOL r; @@ -4073,7 +4195,7 @@ rpc_share_allowedusers_internals(const DOM_SID *domain_sid, d_printf("%s\n", netname); - show_userlist(cli, mem_ctx, netname, + show_userlist(pipe_hnd, mem_ctx, netname, num_tokens, tokens); } done: @@ -4086,8 +4208,7 @@ rpc_share_allowedusers_internals(const DOM_SID *domain_sid, return NT_STATUS_OK; } -static int -rpc_share_allowedusers(int argc, const char **argv) +static int rpc_share_allowedusers(int argc, const char **argv) { int result; @@ -4192,13 +4313,16 @@ static int rpc_file_usage(int argc, const char **argv) * * @return Normal NTSTATUS return. **/ -static NTSTATUS -rpc_file_close_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) +static NTSTATUS rpc_file_close_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { WERROR result; - result = cli_srvsvc_net_file_close(cli, mem_ctx, atoi(argv[0])); + result = rpccli_srvsvc_net_file_close(pipe_hnd, mem_ctx, atoi(argv[0])); return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; } @@ -4257,10 +4381,13 @@ static void display_file_info_3(FILE_INFO_3 *info3, FILE_INFO_3_STR *str3) * @return Normal NTSTATUS return. **/ -static NTSTATUS -rpc_file_list_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) +static NTSTATUS rpc_file_list_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { SRV_FILE_INFO_CTR ctr; WERROR result; @@ -4274,8 +4401,8 @@ rpc_file_list_internals(const DOM_SID *domain_sid, const char *domain_name, if (argc > 0) username = smb_xstrdup(argv[0]); - result = cli_srvsvc_net_file_enum( - cli, mem_ctx, 3, username, &ctr, preferred_len, &hnd); + result = rpccli_srvsvc_net_file_enum(pipe_hnd, + mem_ctx, 3, username, &ctr, preferred_len, &hnd); if (!W_ERROR_IS_OK(result)) goto done; @@ -4293,7 +4420,6 @@ rpc_file_list_internals(const DOM_SID *domain_sid, const char *domain_name, return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; } - /** * List files for a user on a remote RPC server * @@ -4303,6 +4429,7 @@ rpc_file_list_internals(const DOM_SID *domain_sid, const char *domain_name, * * @return A shell status integer (0 for success) **/ + static int rpc_file_user(int argc, const char **argv) { if (argc < 1) { @@ -4315,7 +4442,6 @@ static int rpc_file_user(int argc, const char **argv) argc, argv); } - /** * 'net rpc file' entrypoint. * @param argc Standard main() style argc @@ -4342,10 +4468,6 @@ int net_rpc_file(int argc, const char **argv) return net_run_function(argc, argv, func, rpc_file_usage); } -/****************************************************************************/ - - - /** * ABORT the shutdown of a remote RPC Server over, initshutdown pipe * @@ -4363,14 +4485,16 @@ int net_rpc_file(int argc, const char **argv) **/ static NTSTATUS rpc_shutdown_abort_internals(const DOM_SID *domain_sid, - const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, - int argc, const char **argv) + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - result = cli_shutdown_abort(cli, mem_ctx); + result = rpccli_shutdown_abort(pipe_hnd, mem_ctx); if (NT_STATUS_IS_OK(result)) { d_printf("\nShutdown successfully aborted\n"); @@ -4381,7 +4505,6 @@ static NTSTATUS rpc_shutdown_abort_internals(const DOM_SID *domain_sid, return result; } - /** * ABORT the shutdown of a remote RPC Server, over winreg pipe * @@ -4399,14 +4522,16 @@ static NTSTATUS rpc_shutdown_abort_internals(const DOM_SID *domain_sid, **/ static NTSTATUS rpc_reg_shutdown_abort_internals(const DOM_SID *domain_sid, - const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, - int argc, const char **argv) + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - result = werror_to_ntstatus(cli_reg_abort_shutdown(cli, mem_ctx)); + result = werror_to_ntstatus(rpccli_reg_abort_shutdown(pipe_hnd, mem_ctx)); if (NT_STATUS_IS_OK(result)) { d_printf("\nShutdown successfully aborted\n"); @@ -4460,10 +4585,12 @@ static int rpc_shutdown_abort(int argc, const char **argv) **/ static NTSTATUS rpc_init_shutdown_internals(const DOM_SID *domain_sid, - const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, - int argc, const char **argv) + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { NTSTATUS result = NT_STATUS_UNSUCCESSFUL; const char *msg = "This machine will be shutdown shortly"; @@ -4471,16 +4598,13 @@ static NTSTATUS rpc_init_shutdown_internals(const DOM_SID *domain_sid, if (opt_comment) { msg = opt_comment; - } else { - msg = ""; } - if (opt_timeout) { timeout = opt_timeout; } /* create an entry */ - result = cli_shutdown_init(cli, mem_ctx, msg, timeout, opt_reboot, + result = rpccli_shutdown_init(pipe_hnd, mem_ctx, msg, timeout, opt_reboot, opt_force); if (NT_STATUS_IS_OK(result)) { @@ -4509,10 +4633,12 @@ static NTSTATUS rpc_init_shutdown_internals(const DOM_SID *domain_sid, **/ static NTSTATUS rpc_reg_shutdown_internals(const DOM_SID *domain_sid, - const char *domain_name, - struct cli_state *cli, - TALLOC_CTX *mem_ctx, - int argc, const char **argv) + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { NTSTATUS result = NT_STATUS_UNSUCCESSFUL; const char *msg = "This machine will be shutdown shortly"; @@ -4550,7 +4676,7 @@ static NTSTATUS rpc_reg_shutdown_internals(const DOM_SID *domain_sid, } /* create an entry */ - result = werror_to_ntstatus(cli_reg_shutdown(cli, mem_ctx, msg, timeout, opt_reboot, opt_force)); + result = werror_to_ntstatus(rpccli_reg_shutdown(pipe_hnd, mem_ctx, msg, timeout, opt_reboot, opt_force)); if (NT_STATUS_IS_OK(result)) { d_printf("\nShutdown of remote machine succeeded\n"); @@ -4607,10 +4733,13 @@ static int rpc_shutdown(int argc, const char **argv) */ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid, - const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) { - + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) +{ POLICY_HND connect_pol, domain_pol, user_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; char *acct_name; @@ -4633,14 +4762,14 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid, strupper_m(acct_name); /* Get samr policy handle */ - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } /* Get domain policy handle */ - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) { @@ -4652,7 +4781,7 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid, unknown = 0xe00500b0; /* No idea what this is - a permission mask? mimir: yes, most probably it is */ - result = cli_samr_create_dom_user(cli, mem_ctx, &domain_pol, + result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol, acct_name, acb_info, unknown, &user_pol, &user_rid); if (!NT_STATUS_IS_OK(result)) { @@ -4688,7 +4817,7 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid, ctr.info.id23 = &p23; p23.passmustchange = 0; - result = cli_samr_set_userinfo(cli, mem_ctx, &user_pol, 23, + result = rpccli_samr_set_userinfo(pipe_hnd, mem_ctx, &user_pol, 23, &cli->user_session_key, &ctr); if (!NT_STATUS_IS_OK(result)) { @@ -4740,10 +4869,13 @@ static int rpc_trustdom_add(int argc, const char **argv) */ static NTSTATUS rpc_trustdom_del_internals(const DOM_SID *domain_sid, - const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) { - + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) +{ POLICY_HND connect_pol, domain_pol, user_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; char *acct_name; @@ -4772,21 +4904,21 @@ static NTSTATUS rpc_trustdom_del_internals(const DOM_SID *domain_sid, /* Get samr policy handle */ - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } /* Get domain policy handle */ - result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } - result = cli_samr_lookup_names(cli, mem_ctx, &domain_pol, flags, 1, + result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol, flags, 1, names, &num_rids, &user_rids, &name_types); @@ -4794,7 +4926,7 @@ static NTSTATUS rpc_trustdom_del_internals(const DOM_SID *domain_sid, goto done; } - result = cli_samr_open_user(cli, mem_ctx, &domain_pol, + result = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, user_rids[0], &user_pol); @@ -4810,7 +4942,7 @@ static NTSTATUS rpc_trustdom_del_internals(const DOM_SID *domain_sid, /* remove the sid */ - result = cli_samr_remove_sid_foreign_domain(cli, mem_ctx, &user_pol, + result = rpccli_samr_remove_sid_foreign_domain(pipe_hnd, mem_ctx, &user_pol, &trust_acct_sid); if (!NT_STATUS_IS_OK(result)) { @@ -4819,7 +4951,7 @@ static NTSTATUS rpc_trustdom_del_internals(const DOM_SID *domain_sid, /* Delete user */ - result = cli_samr_delete_dom_user(cli, mem_ctx, &user_pol); + result = rpccli_samr_delete_dom_user(pipe_hnd, mem_ctx, &user_pol); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -4868,8 +5000,9 @@ static int rpc_trustdom_del(int argc, const char **argv) static int rpc_trustdom_establish(int argc, const char **argv) { - struct cli_state *cli; + struct cli_state *cli = NULL; struct in_addr server_ip; + struct rpc_pipe_client *pipe_hnd = NULL; POLICY_HND connect_hnd; TALLOC_CTX *mem_ctx; NTSTATUS nt_status; @@ -4954,34 +5087,38 @@ static int rpc_trustdom_establish(int argc, const char **argv) * Call LsaOpenPolicy and LsaQueryInfo */ - if (!cli_nt_session_open(cli, PI_LSARPC)) { - DEBUG(0, ("Could not initialise lsa pipe\n")); + pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_LSARPC, &nt_status); + if (!pipe_hnd) { + DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n", nt_errstr(nt_status) )); cli_shutdown(cli); return -1; } - nt_status = cli_lsa_open_policy2(cli, mem_ctx, True, SEC_RIGHTS_QUERY_VALUE, + nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, True, SEC_RIGHTS_QUERY_VALUE, &connect_hnd); if (NT_STATUS_IS_ERR(nt_status)) { DEBUG(0, ("Couldn't open policy handle. Error was %s\n", nt_errstr(nt_status))); + cli_shutdown(cli); return -1; } /* Querying info level 5 */ - nt_status = cli_lsa_query_info_policy(cli, mem_ctx, &connect_hnd, + nt_status = rpccli_lsa_query_info_policy(pipe_hnd, mem_ctx, &connect_hnd, 5 /* info level */, &domain_name_pol, &domain_sid); if (NT_STATUS_IS_ERR(nt_status)) { DEBUG(0, ("LSA Query Info failed. Returned error was %s\n", nt_errstr(nt_status))); + cli_shutdown(cli); return -1; } if (push_ucs2_talloc(mem_ctx, &uni_domain_name, domain_name_pol) == (size_t)-1) { DEBUG(0, ("Could not convert domain name %s to unicode\n", domain_name_pol)); + cli_shutdown(cli); return -1; } @@ -4998,6 +5135,7 @@ static int rpc_trustdom_establish(int argc, const char **argv) opt_password, *domain_sid)) { DEBUG(0, ("Storing password for trusted domain failed.\n")); + cli_shutdown(cli); return -1; } @@ -5005,16 +5143,14 @@ static int rpc_trustdom_establish(int argc, const char **argv) * Close the pipes and clean up */ - nt_status = cli_lsa_close(cli, mem_ctx, &connect_hnd); + nt_status = rpccli_lsa_close(pipe_hnd, mem_ctx, &connect_hnd); if (NT_STATUS_IS_ERR(nt_status)) { DEBUG(0, ("Couldn't close LSA pipe. Error was %s\n", nt_errstr(nt_status))); + cli_shutdown(cli); return -1; } - if (cli->pipes[cli->pipe_idx].fnum) - cli_nt_session_close(cli); - cli_shutdown(cli); talloc_destroy(mem_ctx); @@ -5074,9 +5210,12 @@ static int rpc_trustdom_usage(int argc, const char **argv) static NTSTATUS rpc_query_domain_sid(const DOM_SID *domain_sid, - const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { fstring str_sid; sid_to_string(str_sid, domain_sid); @@ -5100,7 +5239,7 @@ static void print_trusted_domain(DOM_SID *dom_sid, const char *trusted_dom_name) d_printf("%s%s%s\n", trusted_dom_name, padding, ascii_sid); } -static NTSTATUS vampire_trusted_domain(struct cli_state *cli, +static NTSTATUS vampire_trusted_domain(struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, POLICY_HND *pol, DOM_SID dom_sid, @@ -5112,7 +5251,7 @@ static NTSTATUS vampire_trusted_domain(struct cli_state *cli, DATA_BLOB data; smb_ucs2_t *uni_dom_name; - nt_status = cli_lsa_query_trusted_domain_info_by_sid(cli, mem_ctx, pol, 4, &dom_sid, &info); + nt_status = rpccli_lsa_query_trusted_domain_info_by_sid(pipe_hnd, mem_ctx, pol, 4, &dom_sid, &info); if (NT_STATUS_IS_ERR(nt_status)) { DEBUG(0,("Could not query trusted domain info. Error was %s\n", @@ -5125,7 +5264,7 @@ static NTSTATUS vampire_trusted_domain(struct cli_state *cli, memcpy(data.data, info->password.password.data, info->password.password.length); data.length = info->password.password.length; - cleartextpwd = decrypt_trustdom_secret(cli->pwd.password, &data); + cleartextpwd = decrypt_trustdom_secret(pipe_hnd->cli->pwd.password, &data); if (cleartextpwd == NULL) { DEBUG(0,("retrieved NULL password\n")); @@ -5164,7 +5303,8 @@ static int rpc_trustdom_vampire(int argc, const char **argv) { /* common variables */ TALLOC_CTX* mem_ctx; - struct cli_state *cli; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_hnd = NULL; NTSTATUS nt_status; const char *domain_name = NULL; DOM_SID *queried_dom_sid; @@ -5204,27 +5344,32 @@ static int rpc_trustdom_vampire(int argc, const char **argv) return -1; }; - if (!cli_nt_session_open(cli, PI_LSARPC)) { - DEBUG(0, ("Could not initialise lsa pipe\n")); + pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_LSARPC, &nt_status); + if (!pipe_hnd) { + DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n", + nt_errstr(nt_status) )); + cli_shutdown(cli); return -1; }; - nt_status = cli_lsa_open_policy2(cli, mem_ctx, False, SEC_RIGHTS_QUERY_VALUE, + nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, False, SEC_RIGHTS_QUERY_VALUE, &connect_hnd); if (NT_STATUS_IS_ERR(nt_status)) { DEBUG(0, ("Couldn't open policy handle. Error was %s\n", nt_errstr(nt_status))); + cli_shutdown(cli); return -1; }; /* query info level 5 to obtain sid of a domain being queried */ - nt_status = cli_lsa_query_info_policy( - cli, mem_ctx, &connect_hnd, 5 /* info level */, + nt_status = rpccli_lsa_query_info_policy( + pipe_hnd, mem_ctx, &connect_hnd, 5 /* info level */, &dummy, &queried_dom_sid); if (NT_STATUS_IS_ERR(nt_status)) { DEBUG(0, ("LSA Query Info failed. Returned error was %s\n", nt_errstr(nt_status))); + cli_shutdown(cli); return -1; } @@ -5236,13 +5381,14 @@ static int rpc_trustdom_vampire(int argc, const char **argv) d_printf("Vampire trusted domains:\n\n"); do { - nt_status = cli_lsa_enum_trust_dom(cli, mem_ctx, &connect_hnd, &enum_ctx, + nt_status = rpccli_lsa_enum_trust_dom(pipe_hnd, mem_ctx, &connect_hnd, &enum_ctx, &num_domains, &trusted_dom_names, &domain_sids); if (NT_STATUS_IS_ERR(nt_status)) { DEBUG(0, ("Couldn't enumerate trusted domains. Error was %s\n", nt_errstr(nt_status))); + cli_shutdown(cli); return -1; }; @@ -5250,10 +5396,12 @@ static int rpc_trustdom_vampire(int argc, const char **argv) print_trusted_domain(&(domain_sids[i]), trusted_dom_names[i]); - nt_status = vampire_trusted_domain(cli, mem_ctx, &connect_hnd, + nt_status = vampire_trusted_domain(pipe_hnd, mem_ctx, &connect_hnd, domain_sids[i], trusted_dom_names[i]); - if (!NT_STATUS_IS_OK(nt_status)) + if (!NT_STATUS_IS_OK(nt_status)) { + cli_shutdown(cli); return -1; + } }; /* @@ -5265,15 +5413,15 @@ static int rpc_trustdom_vampire(int argc, const char **argv) } while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES)); /* close this connection before doing next one */ - nt_status = cli_lsa_close(cli, mem_ctx, &connect_hnd); + nt_status = rpccli_lsa_close(pipe_hnd, mem_ctx, &connect_hnd); if (NT_STATUS_IS_ERR(nt_status)) { DEBUG(0, ("Couldn't properly close lsa policy handle. Error was %s\n", nt_errstr(nt_status))); + cli_shutdown(cli); return -1; }; /* close lsarpc pipe and connection to IPC$ */ - cli_nt_session_close(cli); cli_shutdown(cli); talloc_destroy(mem_ctx); @@ -5284,7 +5432,8 @@ static int rpc_trustdom_list(int argc, const char **argv) { /* common variables */ TALLOC_CTX* mem_ctx; - struct cli_state *cli, *remote_cli; + struct cli_state *cli = NULL, *remote_cli = NULL; + struct rpc_pipe_client *pipe_hnd = NULL; NTSTATUS nt_status; const char *domain_name = NULL; DOM_SID *queried_dom_sid; @@ -5331,12 +5480,14 @@ static int rpc_trustdom_list(int argc, const char **argv) return -1; }; - if (!cli_nt_session_open(cli, PI_LSARPC)) { - DEBUG(0, ("Could not initialise lsa pipe\n")); + pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_LSARPC, &nt_status); + if (!pipe_hnd) { + DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n", + nt_errstr(nt_status) )); return -1; }; - nt_status = cli_lsa_open_policy2(cli, mem_ctx, False, SEC_RIGHTS_QUERY_VALUE, + nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, False, SEC_RIGHTS_QUERY_VALUE, &connect_hnd); if (NT_STATUS_IS_ERR(nt_status)) { DEBUG(0, ("Couldn't open policy handle. Error was %s\n", @@ -5345,8 +5496,8 @@ static int rpc_trustdom_list(int argc, const char **argv) }; /* query info level 5 to obtain sid of a domain being queried */ - nt_status = cli_lsa_query_info_policy( - cli, mem_ctx, &connect_hnd, 5 /* info level */, + nt_status = rpccli_lsa_query_info_policy( + pipe_hnd, mem_ctx, &connect_hnd, 5 /* info level */, &dummy, &queried_dom_sid); if (NT_STATUS_IS_ERR(nt_status)) { @@ -5363,7 +5514,7 @@ static int rpc_trustdom_list(int argc, const char **argv) d_printf("Trusted domains list:\n\n"); do { - nt_status = cli_lsa_enum_trust_dom(cli, mem_ctx, &connect_hnd, &enum_ctx, + nt_status = rpccli_lsa_enum_trust_dom(pipe_hnd, mem_ctx, &connect_hnd, &enum_ctx, &num_domains, &trusted_dom_names, &domain_sids); @@ -5386,14 +5537,14 @@ static int rpc_trustdom_list(int argc, const char **argv) } while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES)); /* close this connection before doing next one */ - nt_status = cli_lsa_close(cli, mem_ctx, &connect_hnd); + nt_status = rpccli_lsa_close(pipe_hnd, mem_ctx, &connect_hnd); if (NT_STATUS_IS_ERR(nt_status)) { DEBUG(0, ("Couldn't properly close lsa policy handle. Error was %s\n", nt_errstr(nt_status))); return -1; }; - cli_nt_session_close(cli); + cli_rpc_pipe_close(pipe_hnd); /* * Listing trusting domains (stored in passdb backend, if local) @@ -5404,13 +5555,14 @@ static int rpc_trustdom_list(int argc, const char **argv) /* * Open \PIPE\samr and get needed policy handles */ - if (!cli_nt_session_open(cli, PI_SAMR)) { - DEBUG(0, ("Could not initialise samr pipe\n")); + pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_SAMR, &nt_status); + if (!pipe_hnd) { + DEBUG(0, ("Could not initialise samr pipe. Error was %s\n", nt_errstr(nt_status))); return -1; }; /* SamrConnect */ - nt_status = cli_samr_connect(cli, mem_ctx, SA_RIGHT_SAM_OPEN_DOMAIN, + nt_status = rpccli_samr_connect(pipe_hnd, mem_ctx, SA_RIGHT_SAM_OPEN_DOMAIN, &connect_hnd); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0, ("Couldn't open SAMR policy handle. Error was %s\n", @@ -5420,7 +5572,7 @@ static int rpc_trustdom_list(int argc, const char **argv) /* SamrOpenDomain - we have to open domain policy handle in order to be able to enumerate accounts*/ - nt_status = cli_samr_open_domain(cli, mem_ctx, &connect_hnd, + nt_status = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_hnd, SA_RIGHT_DOMAIN_ENUM_ACCOUNTS, queried_dom_sid, &domain_hnd); if (!NT_STATUS_IS_OK(nt_status)) { @@ -5436,7 +5588,7 @@ static int rpc_trustdom_list(int argc, const char **argv) enum_ctx = 0; /* reset enumeration context from last enumeration */ do { - nt_status = cli_samr_enum_dom_users(cli, mem_ctx, &domain_hnd, + nt_status = rpccli_samr_enum_dom_users(pipe_hnd, mem_ctx, &domain_hnd, &enum_ctx, ACB_DOMTRUST, 0xffff, &trusting_dom_names, &trusting_dom_rids, &num_domains); @@ -5490,18 +5642,17 @@ static int rpc_trustdom_list(int argc, const char **argv) } while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES)); /* close opened samr and domain policy handles */ - nt_status = cli_samr_close(cli, mem_ctx, &domain_hnd); + nt_status = rpccli_samr_close(pipe_hnd, mem_ctx, &domain_hnd); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0, ("Couldn't properly close domain policy handle for domain %s\n", domain_name)); }; - nt_status = cli_samr_close(cli, mem_ctx, &connect_hnd); + nt_status = rpccli_samr_close(pipe_hnd, mem_ctx, &connect_hnd); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0, ("Couldn't properly close samr policy handle for domain %s\n", domain_name)); }; /* close samr pipe and connection to IPC$ */ - cli_nt_session_close(cli); cli_shutdown(cli); talloc_destroy(mem_ctx); @@ -5577,7 +5728,7 @@ BOOL net_rpc_check(unsigned flags) /* dump sam database via samsync rpc calls */ static int rpc_samdump(int argc, const char **argv) { - return run_rpc_command(NULL, PI_NETLOGON, NET_FLAGS_ANONYMOUS, rpc_samdump_internals, + return run_rpc_command(NULL, PI_NETLOGON, NET_FLAGS_ANONYMOUS, rpc_samdump_internals, argc, argv); } diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c index 8d19ad888f..6b762563b3 100644 --- a/source3/utils/net_rpc_join.c +++ b/source3/utils/net_rpc_join.c @@ -35,7 +35,6 @@ goto done; \ } - /** * confirm that a domain join is still valid * @@ -44,44 +43,30 @@ **/ static int net_rpc_join_ok(const char *domain) { - struct cli_state *cli; - uchar stored_md4_trust_password[16]; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_hnd = NULL; int retval = 1; - uint32 channel; + NTSTATUS ret; /* Connect to remote machine */ if (!(cli = net_make_ipc_connection(NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC))) { return 1; } - if (!cli_nt_session_open(cli, PI_NETLOGON)) { - DEBUG(0,("Error connecting to NETLOGON pipe\n")); - goto done; - } + pipe_hnd = cli_rpc_pipe_open_schannel(cli, PI_NETLOGON, + PIPE_AUTH_LEVEL_PRIVACY, + domain, &ret); - if (!secrets_fetch_trust_account_password(domain, - stored_md4_trust_password, - NULL, &channel)) { - DEBUG(0,("Could not retreive domain trust secret")); + if (!pipe_hnd) { + DEBUG(0,("Error connecting to NETLOGON pipe. Error was %s\n", nt_errstr(ret) )); goto done; } - - /* ensure that schannel uses the right domain */ - fstrcpy(cli->domain, domain); - if (! NT_STATUS_IS_OK(cli_nt_establish_netlogon(cli, channel, stored_md4_trust_password))) { - DEBUG(0,("Error in domain join verfication (fresh connection)\n")); - goto done; - } - + retval = 0; /* Success! */ done: - /* Close down pipe - this will clean up open policy handles */ - if (cli->pipes[cli->pipe_idx].fnum) - cli_nt_session_close(cli); cli_shutdown(cli); - return retval; } @@ -103,7 +88,10 @@ int net_rpc_join_newstyle(int argc, const char **argv) struct cli_state *cli; TALLOC_CTX *mem_ctx; uint32 acb_info = ACB_WSTRUST; + uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS|NETLOGON_NEG_SCHANNEL; uint32 sec_channel_type; + struct rpc_pipe_client *pipe_hnd = NULL; + struct rpc_pipe_client *netlogon_schannel_pipe = NULL; /* rpc variables */ @@ -151,7 +139,7 @@ int net_rpc_join_newstyle(int argc, const char **argv) #endif } - /* Connect to remote machine */ + /* Make authenticated connection to remote machine */ if (!(cli = net_make_ipc_connection(NET_FLAGS_PDC))) return 1; @@ -163,38 +151,41 @@ int net_rpc_join_newstyle(int argc, const char **argv) /* Fetch domain sid */ - if (!cli_nt_session_open(cli, PI_LSARPC)) { - DEBUG(0, ("Error connecting to LSA pipe\n")); + pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_LSARPC, &result); + if (!pipe_hnd) { + DEBUG(0, ("Error connecting to LSA pipe. Error was %s\n", + nt_errstr(result) )); goto done; } - CHECK_RPC_ERR(cli_lsa_open_policy(cli, mem_ctx, True, + CHECK_RPC_ERR(rpccli_lsa_open_policy(pipe_hnd, mem_ctx, True, SEC_RIGHTS_MAXIMUM_ALLOWED, &lsa_pol), "error opening lsa policy handle"); - CHECK_RPC_ERR(cli_lsa_query_info_policy(cli, mem_ctx, &lsa_pol, + CHECK_RPC_ERR(rpccli_lsa_query_info_policy(pipe_hnd, mem_ctx, &lsa_pol, 5, &domain, &domain_sid), "error querying info policy"); - cli_lsa_close(cli, mem_ctx, &lsa_pol); - - cli_nt_session_close(cli); /* Done with this pipe */ + rpccli_lsa_close(pipe_hnd, mem_ctx, &lsa_pol); + cli_rpc_pipe_close(pipe_hnd); /* Done with this pipe */ /* Create domain user */ - if (!cli_nt_session_open(cli, PI_SAMR)) { - DEBUG(0, ("Error connecting to SAM pipe\n")); + pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_SAMR, &result); + if (!pipe_hnd) { + DEBUG(0, ("Error connecting to SAM pipe. Error was %s\n", + nt_errstr(result) )); goto done; } - CHECK_RPC_ERR(cli_samr_connect(cli, mem_ctx, + CHECK_RPC_ERR(rpccli_samr_connect(pipe_hnd, mem_ctx, SEC_RIGHTS_MAXIMUM_ALLOWED, &sam_pol), "could not connect to SAM database"); - CHECK_RPC_ERR(cli_samr_open_domain(cli, mem_ctx, &sam_pol, + CHECK_RPC_ERR(rpccli_samr_open_domain(pipe_hnd, mem_ctx, &sam_pol, SEC_RIGHTS_MAXIMUM_ALLOWED, domain_sid, &domain_pol), "could not open domain"); @@ -204,7 +195,7 @@ int net_rpc_join_newstyle(int argc, const char **argv) strlower_m(acct_name); const_acct_name = acct_name; - result = cli_samr_create_dom_user(cli, mem_ctx, &domain_pol, + result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol, acct_name, acb_info, 0xe005000b, &user_pol, &user_rid); @@ -225,10 +216,11 @@ int net_rpc_join_newstyle(int argc, const char **argv) /* We *must* do this.... don't ask... */ - if (NT_STATUS_IS_OK(result)) - cli_samr_close(cli, mem_ctx, &user_pol); + if (NT_STATUS_IS_OK(result)) { + rpccli_samr_close(pipe_hnd, mem_ctx, &user_pol); + } - CHECK_RPC_ERR_DEBUG(cli_samr_lookup_names(cli, mem_ctx, + CHECK_RPC_ERR_DEBUG(rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol, flags, 1, &const_acct_name, &num_rids, @@ -246,7 +238,7 @@ int net_rpc_join_newstyle(int argc, const char **argv) /* Open handle on user */ CHECK_RPC_ERR_DEBUG( - cli_samr_open_user(cli, mem_ctx, &domain_pol, + rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol, SEC_RIGHTS_MAXIMUM_ALLOWED, user_rid, &user_pol), ("could not re-open existing user %s: %s\n", @@ -273,7 +265,7 @@ int net_rpc_join_newstyle(int argc, const char **argv) ctr.switch_value = 24; ctr.info.id24 = &p24; - CHECK_RPC_ERR(cli_samr_set_userinfo(cli, mem_ctx, &user_pol, 24, + CHECK_RPC_ERR(rpccli_samr_set_userinfo(pipe_hnd, mem_ctx, &user_pol, 24, &cli->user_session_key, &ctr), "error setting trust account password"); @@ -295,26 +287,52 @@ int net_rpc_join_newstyle(int argc, const char **argv) /* Ignoring the return value is necessary for joining a domain as a normal user with "Add workstation to domain" privilege. */ - result = cli_samr_set_userinfo2(cli, mem_ctx, &user_pol, 16, + result = rpccli_samr_set_userinfo2(pipe_hnd, mem_ctx, &user_pol, 16, &cli->user_session_key, &ctr); + rpccli_samr_close(pipe_hnd, mem_ctx, &user_pol); + cli_rpc_pipe_close(pipe_hnd); /* Done with this pipe */ + /* Now check the whole process from top-to-bottom */ - cli_samr_close(cli, mem_ctx, &user_pol); - cli_nt_session_close(cli); /* Done with this pipe */ - if (!cli_nt_session_open(cli, PI_NETLOGON)) { - DEBUG(0,("Error connecting to NETLOGON pipe\n")); + pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_NETLOGON, &result); + if (!pipe_hnd) { + DEBUG(0,("Error connecting to NETLOGON pipe. Error was %s\n", + nt_errstr(result) )); goto done; } - /* ensure that schannel uses the right domain */ - fstrcpy(cli->domain, domain); + result = rpccli_netlogon_setup_creds(pipe_hnd, + cli->desthost, + domain, + global_myname(), + md4_trust_password, + sec_channel_type, + &neg_flags); + + if (!NT_STATUS_IS_OK(result)) { + DEBUG(0, ("Error in domain join verification (credential setup failed): %s\n\n", + nt_errstr(result))); - result = cli_nt_establish_netlogon(cli, sec_channel_type, - md4_trust_password); + if ( NT_STATUS_EQUAL(result, NT_STATUS_ACCESS_DENIED) && + (sec_channel_type == SEC_CHAN_BDC) ) { + d_printf("Please make sure that no computer account\n" + "named like this machine (%s) exists in the domain\n", + global_myname()); + } + + goto done; + } + + netlogon_schannel_pipe = cli_rpc_pipe_open_schannel_with_key(cli, + PI_NETLOGON, + PIPE_AUTH_LEVEL_PRIVACY, + domain, + pipe_hnd->dc, + &result); if (!NT_STATUS_IS_OK(result)) { - DEBUG(0, ("Error domain join verification (reused connection): %s\n\n", + DEBUG(0, ("Error in domain join verification (schannel setup failed): %s\n\n", nt_errstr(result))); if ( NT_STATUS_EQUAL(result, NT_STATUS_ACCESS_DENIED) && @@ -327,6 +345,9 @@ int net_rpc_join_newstyle(int argc, const char **argv) goto done; } + cli_rpc_pipe_close(pipe_hnd); + cli_rpc_pipe_close(netlogon_schannel_pipe); + /* Now store the secret in the secrets database */ strupper_m(domain); @@ -344,10 +365,6 @@ int net_rpc_join_newstyle(int argc, const char **argv) retval = net_rpc_join_ok(domain); done: - /* Close down pipe - this will clean up open policy handles */ - - if (cli->pipes[cli->pipe_idx].fnum) - cli_nt_session_close(cli); /* Display success or failure */ @@ -364,7 +381,6 @@ done: return retval; } - /** * check that a join is OK * diff --git a/source3/utils/net_rpc_printer.c b/source3/utils/net_rpc_printer.c index e82db46b9f..d8f3099dec 100644 --- a/source3/utils/net_rpc_printer.c +++ b/source3/utils/net_rpc_printer.c @@ -49,9 +49,11 @@ static const struct table_node archi_table[]= { * possibly be removed later on * **/ + /**************************************************************************** -convert a security permissions into a string + Convert a security permissions into a string. ****************************************************************************/ + char *get_sec_mask_str(uint32 type) { static fstring typestr=""; @@ -86,10 +88,10 @@ char *get_sec_mask_str(uint32 type) return typestr; } - /**************************************************************************** - display sec_ace structure + Display sec_ace structure. ****************************************************************************/ + void display_sec_ace(SEC_ACE *ace) { fstring sid_str; @@ -119,10 +121,10 @@ void display_sec_ace(SEC_ACE *ace) printf("\t\tSID: %s\n\n", sid_str); } - /**************************************************************************** - display sec_acl structure + Display sec_acl structure. ****************************************************************************/ + void display_sec_acl(SEC_ACL *sec_acl) { int i; @@ -138,8 +140,9 @@ void display_sec_acl(SEC_ACL *sec_acl) } /**************************************************************************** - display sec_desc structure + Display sec_desc structure. ****************************************************************************/ + void display_sec_desc(SEC_DESC *sec) { fstring sid_str; @@ -175,8 +178,9 @@ void display_sec_desc(SEC_DESC *sec) **/ /**************************************************************************** -printer info level 3 display function + Printer info level 3 display function. ****************************************************************************/ + static void display_print_driver_3(DRIVER_INFO_3 *i1) { fstring name = ""; @@ -233,7 +237,6 @@ static void display_print_driver_3(DRIVER_INFO_3 *i1) return; } - static void display_reg_value(const char *subkey, REGISTRY_VALUE value) { pstring text; @@ -275,7 +278,6 @@ static void display_reg_value(const char *subkey, REGISTRY_VALUE value) } - /** * Copies ACLs, DOS-attributes and timestamps from one * file or directory from one connected share to another connected share @@ -292,6 +294,7 @@ static void display_reg_value(const char *subkey, REGISTRY_VALUE value) * * @return Normal NTSTATUS return. **/ + NTSTATUS net_copy_fileattr(TALLOC_CTX *mem_ctx, struct cli_state *cli_share_src, struct cli_state *cli_share_dst, @@ -310,7 +313,6 @@ NTSTATUS net_copy_fileattr(TALLOC_CTX *mem_ctx, if (!copy_timestamps && !copy_acls && !copy_attrs) return NT_STATUS_OK; - /* open file/dir on the originating server */ DEBUGADD(3,("opening %s %s on originating server\n", @@ -429,7 +431,6 @@ out: return nt_status; } - /** * Copy a file or directory from a connected share to another connected share * @@ -445,6 +446,7 @@ out: * * @return Normal NTSTATUS return. **/ + NTSTATUS net_copy_file(TALLOC_CTX *mem_ctx, struct cli_state *cli_share_src, struct cli_state *cli_share_dst, @@ -605,7 +607,6 @@ out: return nt_status; } - /** * Copy a driverfile from on connected share to another connected share * This silently assumes that a driver-file is picked up from @@ -625,6 +626,7 @@ out: * * @return Normal NTSTATUS return. **/ + static NTSTATUS net_copy_driverfile(TALLOC_CTX *mem_ctx, struct cli_state *cli_share_src, struct cli_state *cli_share_dst, @@ -673,7 +675,6 @@ out: return nt_status; } - /** * Check for existing Architecture directory on a given server * @@ -682,8 +683,8 @@ out: * * @return Normal NTSTATUS return. **/ -static NTSTATUS -check_arch_dir(struct cli_state *cli_share, const char *short_archi) + +static NTSTATUS check_arch_dir(struct cli_state *cli_share, const char *short_archi) { NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; @@ -715,7 +716,6 @@ out: return nt_status; } - /** * Copy a print-driver (level 3) from one connected print$-share to another * connected print$-share @@ -728,8 +728,8 @@ out: * * @return Normal NTSTATUS return. **/ -static NTSTATUS -copy_print_driver_3(TALLOC_CTX *mem_ctx, + +static NTSTATUS copy_print_driver_3(TALLOC_CTX *mem_ctx, struct cli_state *cli_share_src, struct cli_state *cli_share_dst, const char *short_archi, DRIVER_INFO_3 *i1) @@ -799,7 +799,6 @@ copy_print_driver_3(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } - /** * net_spoolss-functions * ===================== @@ -812,16 +811,18 @@ copy_print_driver_3(TALLOC_CTX *mem_ctx, * **/ -static BOOL -net_spoolss_enum_printers(struct cli_state *cli, TALLOC_CTX *mem_ctx, - char *name, uint32 flags, uint32 level, - uint32 *num_printers, PRINTER_INFO_CTR *ctr) +static BOOL net_spoolss_enum_printers(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + char *name, + uint32 flags, + uint32 level, + uint32 *num_printers, + PRINTER_INFO_CTR *ctr) { - WERROR result; /* enum printers */ - result = cli_spoolss_enum_printers(cli, mem_ctx, name, flags, + result = rpccli_spoolss_enum_printers(pipe_hnd, mem_ctx, name, flags, level, num_printers, ctr); if (!W_ERROR_IS_OK(result)) { @@ -832,16 +833,17 @@ net_spoolss_enum_printers(struct cli_state *cli, TALLOC_CTX *mem_ctx, return True; } - -static BOOL -net_spoolss_open_printer_ex(struct cli_state *cli, TALLOC_CTX *mem_ctx, - const char *printername, uint32 access_required, - const char *username, POLICY_HND *hnd) +static BOOL net_spoolss_open_printer_ex(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + const char *printername, + uint32 access_required, + const char *username, + POLICY_HND *hnd) { WERROR result; fstring servername, printername2; - slprintf(servername, sizeof(servername)-1, "\\\\%s", cli->desthost); + slprintf(servername, sizeof(servername)-1, "\\\\%s", pipe_hnd->cli->desthost); fstrcpy(printername2, servername); fstrcat(printername2, "\\"); @@ -851,7 +853,7 @@ net_spoolss_open_printer_ex(struct cli_state *cli, TALLOC_CTX *mem_ctx, servername, username, printername2, access_required)); /* open printer */ - result = cli_spoolss_open_printer_ex(cli, mem_ctx, printername2, + result = rpccli_spoolss_open_printer_ex(pipe_hnd, mem_ctx, printername2, "", access_required, servername, username, hnd); @@ -874,16 +876,16 @@ net_spoolss_open_printer_ex(struct cli_state *cli, TALLOC_CTX *mem_ctx, return True; } - -static BOOL -net_spoolss_getprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *hnd, uint32 level, - PRINTER_INFO_CTR *ctr) +static BOOL net_spoolss_getprinter(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + POLICY_HND *hnd, + uint32 level, + PRINTER_INFO_CTR *ctr) { WERROR result; /* getprinter call */ - result = cli_spoolss_getprinter(cli, mem_ctx, hnd, level, ctr); + result = rpccli_spoolss_getprinter(pipe_hnd, mem_ctx, hnd, level, ctr); if (!W_ERROR_IS_OK(result)) { printf("cannot get printer-info: %s\n", dos_errstr(result)); @@ -893,16 +895,16 @@ net_spoolss_getprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, return True; } - -static BOOL -net_spoolss_setprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *hnd, uint32 level, - PRINTER_INFO_CTR *ctr) +static BOOL net_spoolss_setprinter(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + POLICY_HND *hnd, + uint32 level, + PRINTER_INFO_CTR *ctr) { WERROR result; /* setprinter call */ - result = cli_spoolss_setprinter(cli, mem_ctx, hnd, level, ctr, 0); + result = rpccli_spoolss_setprinter(pipe_hnd, mem_ctx, hnd, level, ctr, 0); if (!W_ERROR_IS_OK(result)) { printf("cannot set printer-info: %s\n", dos_errstr(result)); @@ -913,14 +915,15 @@ net_spoolss_setprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, } -static BOOL -net_spoolss_setprinterdata(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *hnd, REGISTRY_VALUE *value) +static BOOL net_spoolss_setprinterdata(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + POLICY_HND *hnd, + REGISTRY_VALUE *value) { WERROR result; /* setprinterdata call */ - result = cli_spoolss_setprinterdata(cli, mem_ctx, hnd, value); + result = rpccli_spoolss_setprinterdata(pipe_hnd, mem_ctx, hnd, value); if (!W_ERROR_IS_OK(result)) { printf ("unable to set printerdata: %s\n", dos_errstr(result)); @@ -931,15 +934,16 @@ net_spoolss_setprinterdata(struct cli_state *cli, TALLOC_CTX *mem_ctx, } -static BOOL -net_spoolss_enumprinterkey(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *hnd, const char *keyname, - uint16 **keylist) +static BOOL net_spoolss_enumprinterkey(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + POLICY_HND *hnd, + const char *keyname, + uint16 **keylist) { WERROR result; /* enumprinterkey call */ - result = cli_spoolss_enumprinterkey(cli, mem_ctx, hnd, keyname, keylist, NULL); + result = rpccli_spoolss_enumprinterkey(pipe_hnd, mem_ctx, hnd, keyname, keylist, NULL); if (!W_ERROR_IS_OK(result)) { printf("enumprinterkey failed: %s\n", dos_errstr(result)); @@ -949,17 +953,17 @@ net_spoolss_enumprinterkey(struct cli_state *cli, TALLOC_CTX *mem_ctx, return True; } - -static BOOL -net_spoolss_enumprinterdataex(struct cli_state *cli, TALLOC_CTX *mem_ctx, - uint32 offered, - POLICY_HND *hnd, const char *keyname, - REGVAL_CTR *ctr) +static BOOL net_spoolss_enumprinterdataex(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + uint32 offered, + POLICY_HND *hnd, + const char *keyname, + REGVAL_CTR *ctr) { WERROR result; /* enumprinterdataex call */ - result = cli_spoolss_enumprinterdataex(cli, mem_ctx, hnd, keyname, ctr); + result = rpccli_spoolss_enumprinterdataex(pipe_hnd, mem_ctx, hnd, keyname, ctr); if (!W_ERROR_IS_OK(result)) { printf("enumprinterdataex failed: %s\n", dos_errstr(result)); @@ -970,15 +974,16 @@ net_spoolss_enumprinterdataex(struct cli_state *cli, TALLOC_CTX *mem_ctx, } -static BOOL -net_spoolss_setprinterdataex(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *hnd, char *keyname, - REGISTRY_VALUE *value) +static BOOL net_spoolss_setprinterdataex(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + POLICY_HND *hnd, + char *keyname, + REGISTRY_VALUE *value) { WERROR result; /* setprinterdataex call */ - result = cli_spoolss_setprinterdataex(cli, mem_ctx, hnd, + result = rpccli_spoolss_setprinterdataex(pipe_hnd, mem_ctx, hnd, keyname, value); if (!W_ERROR_IS_OK(result)) { @@ -989,17 +994,18 @@ net_spoolss_setprinterdataex(struct cli_state *cli, TALLOC_CTX *mem_ctx, return True; } - -static BOOL -net_spoolss_enumforms(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *hnd, int level, uint32 *num_forms, - FORM_1 **forms) +static BOOL net_spoolss_enumforms(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + POLICY_HND *hnd, + int level, + uint32 *num_forms, + FORM_1 **forms) { WERROR result; /* enumforms call */ - result = cli_spoolss_enumforms(cli, mem_ctx, hnd, level, num_forms, forms); + result = rpccli_spoolss_enumforms(pipe_hnd, mem_ctx, hnd, level, num_forms, forms); if (!W_ERROR_IS_OK(result)) { printf("could not enum forms: %s\n", dos_errstr(result)); @@ -1009,18 +1015,17 @@ net_spoolss_enumforms(struct cli_state *cli, TALLOC_CTX *mem_ctx, return True; } - -static BOOL -net_spoolss_enumprinterdrivers (struct cli_state *cli, TALLOC_CTX *mem_ctx, - uint32 level, const char *env, - uint32 *num_drivers, - PRINTER_DRIVER_CTR *ctr) +static BOOL net_spoolss_enumprinterdrivers (struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + uint32 level, const char *env, + uint32 *num_drivers, + PRINTER_DRIVER_CTR *ctr) { WERROR result; /* enumprinterdrivers call */ - result = cli_spoolss_enumprinterdrivers( - cli, mem_ctx, level, + result = rpccli_spoolss_enumprinterdrivers( + pipe_hnd, mem_ctx, level, env, num_drivers, ctr); if (!W_ERROR_IS_OK(result)) { @@ -1031,9 +1036,7 @@ net_spoolss_enumprinterdrivers (struct cli_state *cli, TALLOC_CTX *mem_ctx, return True; } - -static BOOL -net_spoolss_getprinterdriver(struct cli_state *cli, +static BOOL net_spoolss_getprinterdriver(struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, uint32 level, const char *env, int version, @@ -1042,8 +1045,8 @@ net_spoolss_getprinterdriver(struct cli_state *cli, WERROR result; /* getprinterdriver call */ - result = cli_spoolss_getprinterdriver( - cli, mem_ctx, hnd, level, + result = rpccli_spoolss_getprinterdriver( + pipe_hnd, mem_ctx, hnd, level, env, version, ctr); if (!W_ERROR_IS_OK(result)) { @@ -1060,15 +1063,14 @@ net_spoolss_getprinterdriver(struct cli_state *cli, } -static BOOL -net_spoolss_addprinterdriver(struct cli_state *cli, +static BOOL net_spoolss_addprinterdriver(struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, uint32 level, PRINTER_DRIVER_CTR *ctr) { WERROR result; /* addprinterdriver call */ - result = cli_spoolss_addprinterdriver(cli, mem_ctx, level, ctr); + result = rpccli_spoolss_addprinterdriver(pipe_hnd, mem_ctx, level, ctr); /* be more verbose */ if (W_ERROR_V(result) == W_ERROR_V(WERR_ACCESS_DENIED)) { @@ -1087,10 +1089,14 @@ net_spoolss_addprinterdriver(struct cli_state *cli, * abstraction function to get uint32 num_printers and PRINTER_INFO_CTR ctr * for a single printer or for all printers depending on argc/argv **/ -static BOOL -get_printer_info(struct cli_state *cli, TALLOC_CTX *mem_ctx, - int level, int argc, const char **argv, - uint32 *num_printers, PRINTER_INFO_CTR *ctr) + +static BOOL get_printer_info(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int level, + int argc, + const char **argv, + uint32 *num_printers, + PRINTER_INFO_CTR *ctr) { POLICY_HND hnd; @@ -1098,7 +1104,7 @@ get_printer_info(struct cli_state *cli, TALLOC_CTX *mem_ctx, /* no arguments given, enumerate all printers */ if (argc == 0) { - if (!net_spoolss_enum_printers(cli, mem_ctx, NULL, + if (!net_spoolss_enum_printers(pipe_hnd, mem_ctx, NULL, PRINTER_ENUM_LOCAL|PRINTER_ENUM_SHARED, level, num_printers, ctr)) return False; @@ -1108,16 +1114,16 @@ get_printer_info(struct cli_state *cli, TALLOC_CTX *mem_ctx, /* argument given, get a single printer by name */ - if (!net_spoolss_open_printer_ex(cli, mem_ctx, argv[0], - MAXIMUM_ALLOWED_ACCESS, cli->user_name, &hnd)) + if (!net_spoolss_open_printer_ex(pipe_hnd, mem_ctx, argv[0], + MAXIMUM_ALLOWED_ACCESS, pipe_hnd->cli->user_name, &hnd)) return False; - if (!net_spoolss_getprinter(cli, mem_ctx, &hnd, level, ctr)) { - cli_spoolss_close_printer(cli, mem_ctx, &hnd); + if (!net_spoolss_getprinter(pipe_hnd, mem_ctx, &hnd, level, ctr)) { + rpccli_spoolss_close_printer(pipe_hnd, mem_ctx, &hnd); return False; } - cli_spoolss_close_printer(cli, mem_ctx, &hnd); + rpccli_spoolss_close_printer(pipe_hnd, mem_ctx, &hnd); *num_printers = 1; @@ -1128,7 +1134,6 @@ out: } - /** * List print-queues (including local printers that are not shared) * @@ -1144,9 +1149,14 @@ out: * * @return Normal NTSTATUS return. **/ -NTSTATUS rpc_printer_list_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) + +NTSTATUS rpc_printer_list_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; uint32 i, num_printers; @@ -1156,7 +1166,7 @@ NTSTATUS rpc_printer_list_internals(const DOM_SID *domain_sid, const char *domai printf("listing printers\n"); - if (!get_printer_info(cli, mem_ctx, level, argc, argv, &num_printers, &ctr)) + if (!get_printer_info(pipe_hnd, mem_ctx, level, argc, argv, &num_printers, &ctr)) return nt_status; for (i = 0; i < num_printers; i++) { @@ -1174,7 +1184,6 @@ NTSTATUS rpc_printer_list_internals(const DOM_SID *domain_sid, const char *domai return NT_STATUS_OK; } - /** * List printer-drivers from a server * @@ -1190,9 +1199,14 @@ NTSTATUS rpc_printer_list_internals(const DOM_SID *domain_sid, const char *domai * * @return Normal NTSTATUS return. **/ -NTSTATUS rpc_printer_driver_list_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) + +NTSTATUS rpc_printer_driver_list_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; uint32 i; @@ -1202,7 +1216,6 @@ NTSTATUS rpc_printer_driver_list_internals(const DOM_SID *domain_sid, const char ZERO_STRUCT(drv_ctr_enum); - printf("listing printer-drivers\n"); for (i=0; archi_table[i].long_archi!=NULL; i++) { @@ -1210,7 +1223,7 @@ NTSTATUS rpc_printer_driver_list_internals(const DOM_SID *domain_sid, const char uint32 num_drivers; /* enum remote drivers */ - if (!net_spoolss_enumprinterdrivers(cli, mem_ctx, level, + if (!net_spoolss_enumprinterdrivers(pipe_hnd, mem_ctx, level, archi_table[i].long_archi, &num_drivers, &drv_ctr_enum)) { @@ -1254,8 +1267,11 @@ done: * @return Normal NTSTATUS return. **/ -static NTSTATUS rpc_printer_publish_internals_args(struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv, uint32 action) +static NTSTATUS rpc_printer_publish_internals_args(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv, + uint32 action) { NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; uint32 i, num_printers; @@ -1267,7 +1283,7 @@ static NTSTATUS rpc_printer_publish_internals_args(struct cli_state *cli, TALLOC WERROR result; const char *action_str; - if (!get_printer_info(cli, mem_ctx, 2, argc, argv, &num_printers, &ctr)) + if (!get_printer_info(pipe_hnd, mem_ctx, 2, argc, argv, &num_printers, &ctr)) return nt_status; for (i = 0; i < num_printers; i++) { @@ -1279,14 +1295,14 @@ static NTSTATUS rpc_printer_publish_internals_args(struct cli_state *cli, TALLOC sizeof(sharename), -1, STR_TERMINATE); /* open printer handle */ - if (!net_spoolss_open_printer_ex(cli, mem_ctx, sharename, - PRINTER_ALL_ACCESS, cli->user_name, &hnd)) + if (!net_spoolss_open_printer_ex(pipe_hnd, mem_ctx, sharename, + PRINTER_ALL_ACCESS, pipe_hnd->cli->user_name, &hnd)) goto done; got_hnd = True; /* check for existing dst printer */ - if (!net_spoolss_getprinter(cli, mem_ctx, &hnd, level, &ctr_pub)) + if (!net_spoolss_getprinter(pipe_hnd, mem_ctx, &hnd, level, &ctr_pub)) goto done; /* check action and set string */ @@ -1308,7 +1324,7 @@ static NTSTATUS rpc_printer_publish_internals_args(struct cli_state *cli, TALLOC ctr_pub.printers_7->action = action; - result = cli_spoolss_setprinter(cli, mem_ctx, &hnd, level, &ctr_pub, 0); + result = rpccli_spoolss_setprinter(pipe_hnd, mem_ctx, &hnd, level, &ctr_pub, 0); if (!W_ERROR_IS_OK(result) && (W_ERROR_V(result) != W_ERROR_V(WERR_IO_PENDING))) { printf("cannot set printer-info: %s\n", dos_errstr(result)); goto done; @@ -1321,30 +1337,42 @@ static NTSTATUS rpc_printer_publish_internals_args(struct cli_state *cli, TALLOC done: if (got_hnd) - cli_spoolss_close_printer(cli, mem_ctx, &hnd); + rpccli_spoolss_close_printer(pipe_hnd, mem_ctx, &hnd); return nt_status; } -NTSTATUS rpc_printer_publish_publish_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) +NTSTATUS rpc_printer_publish_publish_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { - return rpc_printer_publish_internals_args(cli, mem_ctx, argc, argv, SPOOL_DS_PUBLISH); + return rpc_printer_publish_internals_args(pipe_hnd, mem_ctx, argc, argv, SPOOL_DS_PUBLISH); } -NTSTATUS rpc_printer_publish_unpublish_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) +NTSTATUS rpc_printer_publish_unpublish_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { - return rpc_printer_publish_internals_args(cli, mem_ctx, argc, argv, SPOOL_DS_UNPUBLISH); + return rpc_printer_publish_internals_args(pipe_hnd, mem_ctx, argc, argv, SPOOL_DS_UNPUBLISH); } -NTSTATUS rpc_printer_publish_update_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) +NTSTATUS rpc_printer_publish_update_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { - return rpc_printer_publish_internals_args(cli, mem_ctx, argc, argv, SPOOL_DS_UPDATE); + return rpc_printer_publish_internals_args(pipe_hnd, mem_ctx, argc, argv, SPOOL_DS_UPDATE); } /** @@ -1362,9 +1390,14 @@ NTSTATUS rpc_printer_publish_update_internals(const DOM_SID *domain_sid, const c * * @return Normal NTSTATUS return. **/ -NTSTATUS rpc_printer_publish_list_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) + +NTSTATUS rpc_printer_publish_list_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; uint32 i, num_printers; @@ -1376,7 +1409,7 @@ NTSTATUS rpc_printer_publish_list_internals(const DOM_SID *domain_sid, const cha BOOL got_hnd = False; int state; - if (!get_printer_info(cli, mem_ctx, 2, argc, argv, &num_printers, &ctr)) + if (!get_printer_info(pipe_hnd, mem_ctx, 2, argc, argv, &num_printers, &ctr)) return nt_status; for (i = 0; i < num_printers; i++) { @@ -1390,14 +1423,14 @@ NTSTATUS rpc_printer_publish_list_internals(const DOM_SID *domain_sid, const cha sizeof(sharename), -1, STR_TERMINATE); /* open printer handle */ - if (!net_spoolss_open_printer_ex(cli, mem_ctx, sharename, + if (!net_spoolss_open_printer_ex(pipe_hnd, mem_ctx, sharename, PRINTER_ALL_ACCESS, cli->user_name, &hnd)) goto done; got_hnd = True; /* check for existing dst printer */ - if (!net_spoolss_getprinter(cli, mem_ctx, &hnd, level, &ctr_pub)) + if (!net_spoolss_getprinter(pipe_hnd, mem_ctx, &hnd, level, &ctr_pub)) goto done; rpcstr_pull(guid, ctr_pub.printers_7->guid.buffer, sizeof(guid), -1, STR_TERMINATE); @@ -1426,7 +1459,7 @@ NTSTATUS rpc_printer_publish_list_internals(const DOM_SID *domain_sid, const cha done: if (got_hnd) - cli_spoolss_close_printer(cli, mem_ctx, &hnd); + rpccli_spoolss_close_printer(pipe_hnd, mem_ctx, &hnd); return nt_status; } @@ -1446,9 +1479,14 @@ done: * * @return Normal NTSTATUS return. **/ -NTSTATUS rpc_printer_migrate_security_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) + +NTSTATUS rpc_printer_migrate_security_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { /* TODO: what now, info2 or info3 ? convince jerry that we should add clientside setacls level 3 at least @@ -1460,7 +1498,7 @@ NTSTATUS rpc_printer_migrate_security_internals(const DOM_SID *domain_sid, const pstring printername = "", sharename = ""; BOOL got_hnd_src = False; BOOL got_hnd_dst = False; - BOOL got_dst_spoolss_pipe = False; + struct rpc_pipe_client *pipe_hnd_dst = NULL; POLICY_HND hnd_src, hnd_dst; PRINTER_INFO_CTR ctr_src, ctr_dst, ctr_enum; struct cli_state *cli_dst = NULL; @@ -1470,13 +1508,13 @@ NTSTATUS rpc_printer_migrate_security_internals(const DOM_SID *domain_sid, const DEBUG(3,("copying printer ACLs\n")); /* connect destination PI_SPOOLSS */ - nt_status = connect_dst_pipe(&cli_dst, PI_SPOOLSS, &got_dst_spoolss_pipe); + nt_status = connect_dst_pipe(&cli_dst, &pipe_hnd_dst, PI_SPOOLSS); if (!NT_STATUS_IS_OK(nt_status)) return nt_status; /* enum source printers */ - if (!get_printer_info(cli, mem_ctx, level, argc, argv, &num_printers, &ctr_enum)) { + if (!get_printer_info(pipe_hnd, mem_ctx, level, argc, argv, &num_printers, &ctr_enum)) { nt_status = NT_STATUS_UNSUCCESSFUL; goto done; } @@ -1487,7 +1525,6 @@ NTSTATUS rpc_printer_migrate_security_internals(const DOM_SID *domain_sid, const goto done; } - /* do something for all printers */ for (i = 0; i < num_printers; i++) { @@ -1510,30 +1547,27 @@ NTSTATUS rpc_printer_migrate_security_internals(const DOM_SID *domain_sid, const */ /* open src printer handle */ - if (!net_spoolss_open_printer_ex(cli, mem_ctx, sharename, + if (!net_spoolss_open_printer_ex(pipe_hnd, mem_ctx, sharename, MAXIMUM_ALLOWED_ACCESS, cli->user_name, &hnd_src)) goto done; got_hnd_src = True; - /* open dst printer handle */ - if (!net_spoolss_open_printer_ex(cli_dst, mem_ctx, sharename, + if (!net_spoolss_open_printer_ex(pipe_hnd_dst, mem_ctx, sharename, PRINTER_ALL_ACCESS, cli_dst->user_name, &hnd_dst)) goto done; got_hnd_dst = True; - /* check for existing dst printer */ - if (!net_spoolss_getprinter(cli_dst, mem_ctx, &hnd_dst, level, &ctr_dst)) + if (!net_spoolss_getprinter(pipe_hnd_dst, mem_ctx, &hnd_dst, level, &ctr_dst)) goto done; /* check for existing src printer */ - if (!net_spoolss_getprinter(cli, mem_ctx, &hnd_src, 3, &ctr_src)) + if (!net_spoolss_getprinter(pipe_hnd, mem_ctx, &hnd_src, 3, &ctr_src)) goto done; - /* Copy Security Descriptor */ /* copy secdesc (info level 2) */ @@ -1543,7 +1577,7 @@ NTSTATUS rpc_printer_migrate_security_internals(const DOM_SID *domain_sid, const if (opt_verbose) display_sec_desc(ctr_dst.printers_2->secdesc); - if (!net_spoolss_setprinter(cli_dst, mem_ctx, &hnd_dst, 2, &ctr_dst)) + if (!net_spoolss_setprinter(pipe_hnd_dst, mem_ctx, &hnd_dst, 2, &ctr_dst)) goto done; DEBUGADD(1,("\tSetPrinter of SECDESC succeeded\n")); @@ -1551,12 +1585,12 @@ NTSTATUS rpc_printer_migrate_security_internals(const DOM_SID *domain_sid, const /* close printer handles here */ if (got_hnd_src) { - cli_spoolss_close_printer(cli, mem_ctx, &hnd_src); + rpccli_spoolss_close_printer(pipe_hnd, mem_ctx, &hnd_src); got_hnd_src = False; } if (got_hnd_dst) { - cli_spoolss_close_printer(cli_dst, mem_ctx, &hnd_dst); + rpccli_spoolss_close_printer(pipe_hnd_dst, mem_ctx, &hnd_dst); got_hnd_dst = False; } @@ -1566,20 +1600,20 @@ NTSTATUS rpc_printer_migrate_security_internals(const DOM_SID *domain_sid, const done: - if (got_hnd_src) - cli_spoolss_close_printer(cli, mem_ctx, &hnd_src); + if (got_hnd_src) { + rpccli_spoolss_close_printer(pipe_hnd, mem_ctx, &hnd_src); + } - if (got_hnd_dst) - cli_spoolss_close_printer(cli_dst, mem_ctx, &hnd_dst); + if (got_hnd_dst) { + rpccli_spoolss_close_printer(pipe_hnd_dst, mem_ctx, &hnd_dst); + } - if (got_dst_spoolss_pipe) { - cli_nt_session_close(cli_dst); + if (cli_dst) { cli_shutdown(cli_dst); } return nt_status; } - /** * Migrate printer-forms from a src server to the dst server * @@ -1595,9 +1629,14 @@ done: * * @return Normal NTSTATUS return. **/ -NTSTATUS rpc_printer_migrate_forms_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) + +NTSTATUS rpc_printer_migrate_forms_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; WERROR result; @@ -1607,7 +1646,7 @@ NTSTATUS rpc_printer_migrate_forms_internals(const DOM_SID *domain_sid, const ch pstring printername = "", sharename = ""; BOOL got_hnd_src = False; BOOL got_hnd_dst = False; - BOOL got_dst_spoolss_pipe = False; + struct rpc_pipe_client *pipe_hnd_dst = NULL; POLICY_HND hnd_src, hnd_dst; PRINTER_INFO_CTR ctr_enum, ctr_dst; uint32 num_forms; @@ -1619,13 +1658,13 @@ NTSTATUS rpc_printer_migrate_forms_internals(const DOM_SID *domain_sid, const ch DEBUG(3,("copying forms\n")); /* connect destination PI_SPOOLSS */ - nt_status = connect_dst_pipe(&cli_dst, PI_SPOOLSS, &got_dst_spoolss_pipe); + nt_status = connect_dst_pipe(&cli_dst, &pipe_hnd_dst, PI_SPOOLSS); if (!NT_STATUS_IS_OK(nt_status)) return nt_status; /* enum src printers */ - if (!get_printer_info(cli, mem_ctx, 2, argc, argv, &num_printers, &ctr_enum)) { + if (!get_printer_info(pipe_hnd, mem_ctx, 2, argc, argv, &num_printers, &ctr_enum)) { nt_status = NT_STATUS_UNSUCCESSFUL; goto done; } @@ -1654,7 +1693,7 @@ NTSTATUS rpc_printer_migrate_forms_internals(const DOM_SID *domain_sid, const ch /* open src printer handle */ - if (!net_spoolss_open_printer_ex(cli, mem_ctx, sharename, + if (!net_spoolss_open_printer_ex(pipe_hnd, mem_ctx, sharename, MAXIMUM_ALLOWED_ACCESS, cli->user_name, &hnd_src)) goto done; @@ -1662,7 +1701,7 @@ NTSTATUS rpc_printer_migrate_forms_internals(const DOM_SID *domain_sid, const ch /* open dst printer handle */ - if (!net_spoolss_open_printer_ex(cli_dst, mem_ctx, sharename, + if (!net_spoolss_open_printer_ex(pipe_hnd_dst, mem_ctx, sharename, PRINTER_ALL_ACCESS, cli->user_name, &hnd_dst)) goto done; @@ -1670,11 +1709,11 @@ NTSTATUS rpc_printer_migrate_forms_internals(const DOM_SID *domain_sid, const ch /* check for existing dst printer */ - if (!net_spoolss_getprinter(cli_dst, mem_ctx, &hnd_dst, level, &ctr_dst)) + if (!net_spoolss_getprinter(pipe_hnd_dst, mem_ctx, &hnd_dst, level, &ctr_dst)) goto done; /* finally migrate forms */ - if (!net_spoolss_enumforms(cli, mem_ctx, &hnd_src, level, &num_forms, &forms)) + if (!net_spoolss_enumforms(pipe_hnd, mem_ctx, &hnd_src, level, &num_forms, &forms)) goto done; DEBUG(1,("got %d forms for printer\n", num_forms)); @@ -1711,7 +1750,7 @@ NTSTATUS rpc_printer_migrate_forms_internals(const DOM_SID *domain_sid, const ch /* FIXME: there might be something wrong with samba's builtin-forms */ - result = cli_spoolss_addform(cli_dst, mem_ctx, + result = rpccli_spoolss_addform(pipe_hnd_dst, mem_ctx, &hnd_dst, 1, &form); if (!W_ERROR_IS_OK(result)) { d_printf("\tAddForm form %d: [%s] refused.\n", @@ -1725,12 +1764,12 @@ NTSTATUS rpc_printer_migrate_forms_internals(const DOM_SID *domain_sid, const ch /* close printer handles here */ if (got_hnd_src) { - cli_spoolss_close_printer(cli, mem_ctx, &hnd_src); + rpccli_spoolss_close_printer(pipe_hnd, mem_ctx, &hnd_src); got_hnd_src = False; } if (got_hnd_dst) { - cli_spoolss_close_printer(cli_dst, mem_ctx, &hnd_dst); + rpccli_spoolss_close_printer(pipe_hnd_dst, mem_ctx, &hnd_dst); got_hnd_dst = False; } } @@ -1740,20 +1779,17 @@ NTSTATUS rpc_printer_migrate_forms_internals(const DOM_SID *domain_sid, const ch done: if (got_hnd_src) - cli_spoolss_close_printer(cli, mem_ctx, &hnd_src); + rpccli_spoolss_close_printer(pipe_hnd, mem_ctx, &hnd_src); if (got_hnd_dst) - cli_spoolss_close_printer(cli_dst, mem_ctx, &hnd_dst); + rpccli_spoolss_close_printer(pipe_hnd_dst, mem_ctx, &hnd_dst); - if (got_dst_spoolss_pipe) { - cli_nt_session_close(cli_dst); + if (cli_dst) { cli_shutdown(cli_dst); } return nt_status; - } - /** * Migrate printer-drivers from a src server to the dst server * @@ -1769,9 +1805,14 @@ done: * * @return Normal NTSTATUS return. **/ -NTSTATUS rpc_printer_migrate_drivers_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) + +NTSTATUS rpc_printer_migrate_drivers_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; uint32 i, p; @@ -1780,9 +1821,9 @@ NTSTATUS rpc_printer_migrate_drivers_internals(const DOM_SID *domain_sid, const pstring printername = "", sharename = ""; BOOL got_hnd_src = False; BOOL got_hnd_dst = False; - BOOL got_dst_spoolss_pipe = False; BOOL got_src_driver_share = False; BOOL got_dst_driver_share = False; + struct rpc_pipe_client *pipe_hnd_dst = NULL; POLICY_HND hnd_src, hnd_dst; PRINTER_DRIVER_CTR drv_ctr_src, drv_ctr_dst; PRINTER_INFO_CTR info_ctr_enum, info_ctr_dst; @@ -1799,7 +1840,7 @@ NTSTATUS rpc_printer_migrate_drivers_internals(const DOM_SID *domain_sid, const DEBUG(3,("copying printer-drivers\n")); - nt_status = connect_dst_pipe(&cli_dst, PI_SPOOLSS, &got_dst_spoolss_pipe); + nt_status = connect_dst_pipe(&cli_dst, &pipe_hnd_dst, PI_SPOOLSS); if (!NT_STATUS_IS_OK(nt_status)) return nt_status; @@ -1823,7 +1864,7 @@ NTSTATUS rpc_printer_migrate_drivers_internals(const DOM_SID *domain_sid, const /* enum src printers */ - if (!get_printer_info(cli, mem_ctx, 2, argc, argv, &num_printers, &info_ctr_enum)) { + if (!get_printer_info(pipe_hnd, mem_ctx, 2, argc, argv, &num_printers, &info_ctr_enum)) { nt_status = NT_STATUS_UNSUCCESSFUL; goto done; } @@ -1851,20 +1892,20 @@ NTSTATUS rpc_printer_migrate_drivers_internals(const DOM_SID *domain_sid, const printername, sharename); /* open dst printer handle */ - if (!net_spoolss_open_printer_ex(cli_dst, mem_ctx, sharename, + if (!net_spoolss_open_printer_ex(pipe_hnd_dst, mem_ctx, sharename, PRINTER_ALL_ACCESS, cli->user_name, &hnd_dst)) goto done; got_hnd_dst = True; /* check for existing dst printer */ - if (!net_spoolss_getprinter(cli_dst, mem_ctx, &hnd_dst, 2, &info_ctr_dst)) + if (!net_spoolss_getprinter(pipe_hnd_dst, mem_ctx, &hnd_dst, 2, &info_ctr_dst)) goto done; /* open src printer handle */ - if (!net_spoolss_open_printer_ex(cli, mem_ctx, sharename, - MAXIMUM_ALLOWED_ACCESS, cli->user_name, &hnd_src)) + if (!net_spoolss_open_printer_ex(pipe_hnd, mem_ctx, sharename, + MAXIMUM_ALLOWED_ACCESS, pipe_hnd->cli->user_name, &hnd_src)) goto done; got_hnd_src = True; @@ -1876,7 +1917,7 @@ NTSTATUS rpc_printer_migrate_drivers_internals(const DOM_SID *domain_sid, const for (i=0; archi_table[i].long_archi!=NULL; i++) { /* getdriver src */ - if (!net_spoolss_getprinterdriver(cli, mem_ctx, &hnd_src, + if (!net_spoolss_getprinterdriver(pipe_hnd, mem_ctx, &hnd_src, level, archi_table[i].long_archi, archi_table[i].version, &drv_ctr_src)) continue; @@ -1903,7 +1944,7 @@ NTSTATUS rpc_printer_migrate_drivers_internals(const DOM_SID *domain_sid, const /* adddriver dst */ - if (!net_spoolss_addprinterdriver(cli_dst, mem_ctx, level, &drv_ctr_src)) { + if (!net_spoolss_addprinterdriver(pipe_hnd_dst, mem_ctx, level, &drv_ctr_src)) { nt_status = NT_STATUS_UNSUCCESSFUL; goto done; } @@ -1922,7 +1963,7 @@ NTSTATUS rpc_printer_migrate_drivers_internals(const DOM_SID *domain_sid, const /* setdriver dst */ init_unistr(&info_ctr_dst.printers_2->drivername, drivername); - if (!net_spoolss_setprinter(cli_dst, mem_ctx, &hnd_dst, 2, &info_ctr_dst)) { + if (!net_spoolss_setprinter(pipe_hnd_dst, mem_ctx, &hnd_dst, 2, &info_ctr_dst)) { nt_status = NT_STATUS_UNSUCCESSFUL; goto done; } @@ -1932,13 +1973,13 @@ NTSTATUS rpc_printer_migrate_drivers_internals(const DOM_SID *domain_sid, const /* close dst */ if (got_hnd_dst) { - cli_spoolss_close_printer(cli_dst, mem_ctx, &hnd_dst); + rpccli_spoolss_close_printer(pipe_hnd_dst, mem_ctx, &hnd_dst); got_hnd_dst = False; } /* close src */ if (got_hnd_src) { - cli_spoolss_close_printer(cli, mem_ctx, &hnd_src); + rpccli_spoolss_close_printer(pipe_hnd, mem_ctx, &hnd_src); got_hnd_src = False; } } @@ -1948,13 +1989,12 @@ NTSTATUS rpc_printer_migrate_drivers_internals(const DOM_SID *domain_sid, const done: if (got_hnd_src) - cli_spoolss_close_printer(cli, mem_ctx, &hnd_src); + rpccli_spoolss_close_printer(pipe_hnd, mem_ctx, &hnd_src); if (got_hnd_dst) - cli_spoolss_close_printer(cli_dst, mem_ctx, &hnd_dst); + rpccli_spoolss_close_printer(pipe_hnd_dst, mem_ctx, &hnd_dst); - if (got_dst_spoolss_pipe) { - cli_nt_session_close(cli_dst); + if (cli_dst) { cli_shutdown(cli_dst); } @@ -1968,7 +2008,6 @@ done: } - /** * Migrate printer-queues from a src to the dst server * (requires a working "addprinter command" to be installed for the local smbd) @@ -1985,9 +2024,14 @@ done: * * @return Normal NTSTATUS return. **/ -NTSTATUS rpc_printer_migrate_printers_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) + +NTSTATUS rpc_printer_migrate_printers_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { WERROR result; NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; @@ -1999,18 +2043,18 @@ NTSTATUS rpc_printer_migrate_printers_internals(const DOM_SID *domain_sid, const pstring printername, sharename; BOOL got_hnd_src = False; BOOL got_hnd_dst = False; - BOOL got_dst_spoolss_pipe = False; + struct rpc_pipe_client *pipe_hnd_dst = NULL; DEBUG(3,("copying printers\n")); /* connect destination PI_SPOOLSS */ - nt_status = connect_dst_pipe(&cli_dst, PI_SPOOLSS, &got_dst_spoolss_pipe); + nt_status = connect_dst_pipe(&cli_dst, &pipe_hnd_dst, PI_SPOOLSS); if (!NT_STATUS_IS_OK(nt_status)) return nt_status; /* enum printers */ - if (!get_printer_info(cli, mem_ctx, level, argc, argv, &num_printers, &ctr_enum)) { + if (!get_printer_info(pipe_hnd, mem_ctx, level, argc, argv, &num_printers, &ctr_enum)) { nt_status = NT_STATUS_UNSUCCESSFUL; goto done; } @@ -2039,7 +2083,7 @@ NTSTATUS rpc_printer_migrate_printers_internals(const DOM_SID *domain_sid, const /* open dst printer handle */ - if (!net_spoolss_open_printer_ex(cli_dst, mem_ctx, sharename, + if (!net_spoolss_open_printer_ex(pipe_hnd_dst, mem_ctx, sharename, PRINTER_ALL_ACCESS, cli->user_name, &hnd_dst)) { DEBUG(1,("could not open printer: %s\n", sharename)); @@ -2049,18 +2093,18 @@ NTSTATUS rpc_printer_migrate_printers_internals(const DOM_SID *domain_sid, const /* check for existing dst printer */ - if (!net_spoolss_getprinter(cli_dst, mem_ctx, &hnd_dst, level, &ctr_dst)) { + if (!net_spoolss_getprinter(pipe_hnd_dst, mem_ctx, &hnd_dst, level, &ctr_dst)) { printf ("could not get printer, creating printer.\n"); } else { DEBUG(1,("printer already exists: %s\n", sharename)); /* close printer handles here */ if (got_hnd_src) { - cli_spoolss_close_printer(cli, mem_ctx, &hnd_src); + rpccli_spoolss_close_printer(pipe_hnd, mem_ctx, &hnd_src); got_hnd_src = False; } if (got_hnd_dst) { - cli_spoolss_close_printer(cli_dst, mem_ctx, &hnd_dst); + rpccli_spoolss_close_printer(pipe_hnd_dst, mem_ctx, &hnd_dst); got_hnd_dst = False; } continue; @@ -2071,21 +2115,21 @@ NTSTATUS rpc_printer_migrate_printers_internals(const DOM_SID *domain_sid, const we first need a handle for that */ /* open src printer handle */ - if (!net_spoolss_open_printer_ex(cli, mem_ctx, sharename, + if (!net_spoolss_open_printer_ex(pipe_hnd, mem_ctx, sharename, MAXIMUM_ALLOWED_ACCESS, cli->user_name, &hnd_src)) goto done; got_hnd_src = True; /* getprinter on the src server */ - if (!net_spoolss_getprinter(cli, mem_ctx, &hnd_src, level, &ctr_src)) + if (!net_spoolss_getprinter(pipe_hnd, mem_ctx, &hnd_src, level, &ctr_src)) goto done; /* copy each src printer to a dst printer 1:1, maybe some values have to be changed though */ d_printf("creating printer: %s\n", printername); - result = cli_spoolss_addprinterex (cli_dst, mem_ctx, level, &ctr_src); + result = rpccli_spoolss_addprinterex (pipe_hnd_dst, mem_ctx, level, &ctr_src); if (W_ERROR_IS_OK(result)) d_printf ("printer [%s] successfully added.\n", printername); @@ -2098,12 +2142,12 @@ NTSTATUS rpc_printer_migrate_printers_internals(const DOM_SID *domain_sid, const /* close printer handles here */ if (got_hnd_src) { - cli_spoolss_close_printer(cli, mem_ctx, &hnd_src); + rpccli_spoolss_close_printer(pipe_hnd, mem_ctx, &hnd_src); got_hnd_src = False; } if (got_hnd_dst) { - cli_spoolss_close_printer(cli_dst, mem_ctx, &hnd_dst); + rpccli_spoolss_close_printer(pipe_hnd_dst, mem_ctx, &hnd_dst); got_hnd_dst = False; } } @@ -2112,19 +2156,17 @@ NTSTATUS rpc_printer_migrate_printers_internals(const DOM_SID *domain_sid, const done: if (got_hnd_src) - cli_spoolss_close_printer(cli, mem_ctx, &hnd_src); + rpccli_spoolss_close_printer(pipe_hnd, mem_ctx, &hnd_src); if (got_hnd_dst) - cli_spoolss_close_printer(cli_dst, mem_ctx, &hnd_dst); + rpccli_spoolss_close_printer(pipe_hnd_dst, mem_ctx, &hnd_dst); - if (got_dst_spoolss_pipe) { - cli_nt_session_close(cli_dst); + if (cli_dst) { cli_shutdown(cli_dst); } return nt_status; } - /** * Migrate Printer-Settings from a src server to the dst server * (for this to work, printers and drivers already have to be migrated earlier) @@ -2141,9 +2183,14 @@ done: * * @return Normal NTSTATUS return. **/ -NTSTATUS rpc_printer_migrate_settings_internals(const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) + +NTSTATUS rpc_printer_migrate_settings_internals(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { /* FIXME: Here the nightmare begins */ @@ -2156,7 +2203,7 @@ NTSTATUS rpc_printer_migrate_settings_internals(const DOM_SID *domain_sid, const pstring printername = "", sharename = ""; BOOL got_hnd_src = False; BOOL got_hnd_dst = False; - BOOL got_dst_spoolss_pipe = False; + struct rpc_pipe_client *pipe_hnd_dst = NULL; POLICY_HND hnd_src, hnd_dst; PRINTER_INFO_CTR ctr_enum, ctr_dst, ctr_dst_publish; REGVAL_CTR *reg_ctr; @@ -2171,13 +2218,13 @@ NTSTATUS rpc_printer_migrate_settings_internals(const DOM_SID *domain_sid, const DEBUG(3,("copying printer settings\n")); /* connect destination PI_SPOOLSS */ - nt_status = connect_dst_pipe(&cli_dst, PI_SPOOLSS, &got_dst_spoolss_pipe); + nt_status = connect_dst_pipe(&cli_dst, &pipe_hnd_dst, PI_SPOOLSS); if (!NT_STATUS_IS_OK(nt_status)) return nt_status; /* enum src printers */ - if (!get_printer_info(cli, mem_ctx, level, argc, argv, &num_printers, &ctr_enum)) { + if (!get_printer_info(pipe_hnd, mem_ctx, level, argc, argv, &num_printers, &ctr_enum)) { nt_status = NT_STATUS_UNSUCCESSFUL; goto done; } @@ -2210,7 +2257,7 @@ NTSTATUS rpc_printer_migrate_settings_internals(const DOM_SID *domain_sid, const /* open src printer handle */ - if (!net_spoolss_open_printer_ex(cli, mem_ctx, sharename, + if (!net_spoolss_open_printer_ex(pipe_hnd, mem_ctx, sharename, MAXIMUM_ALLOWED_ACCESS, cli->user_name, &hnd_src)) goto done; @@ -2218,7 +2265,7 @@ NTSTATUS rpc_printer_migrate_settings_internals(const DOM_SID *domain_sid, const /* open dst printer handle */ - if (!net_spoolss_open_printer_ex(cli_dst, mem_ctx, sharename, + if (!net_spoolss_open_printer_ex(pipe_hnd_dst, mem_ctx, sharename, PRINTER_ALL_ACCESS, cli_dst->user_name, &hnd_dst)) goto done; @@ -2226,7 +2273,7 @@ NTSTATUS rpc_printer_migrate_settings_internals(const DOM_SID *domain_sid, const /* check for existing dst printer */ - if (!net_spoolss_getprinter(cli_dst, mem_ctx, &hnd_dst, + if (!net_spoolss_getprinter(pipe_hnd_dst, mem_ctx, &hnd_dst, level, &ctr_dst)) goto done; @@ -2245,13 +2292,13 @@ NTSTATUS rpc_printer_migrate_settings_internals(const DOM_SID *domain_sid, const if (ctr_enum.printers_2[i].attributes & PRINTER_ATTRIBUTE_PUBLISHED) { /* check for existing dst printer */ - if (!net_spoolss_getprinter(cli_dst, mem_ctx, &hnd_dst, 7, &ctr_dst_publish)) + if (!net_spoolss_getprinter(pipe_hnd_dst, mem_ctx, &hnd_dst, 7, &ctr_dst_publish)) goto done; ctr_dst_publish.printers_7->action = SPOOL_DS_PUBLISH; /* ignore False from setprinter due to WERR_IO_PENDING */ - net_spoolss_setprinter(cli_dst, mem_ctx, &hnd_dst, 7, &ctr_dst_publish); + net_spoolss_setprinter(pipe_hnd_dst, mem_ctx, &hnd_dst, 7, &ctr_dst_publish); DEBUG(3,("republished printer\n")); } @@ -2278,7 +2325,7 @@ NTSTATUS rpc_printer_migrate_settings_internals(const DOM_SID *domain_sid, const init_unistr(&ctr_dst.printers_2->devmode->devicename, devicename); #endif - if (!net_spoolss_setprinter(cli_dst, mem_ctx, &hnd_dst, + if (!net_spoolss_setprinter(pipe_hnd_dst, mem_ctx, &hnd_dst, level, &ctr_dst)) goto done; @@ -2288,13 +2335,13 @@ NTSTATUS rpc_printer_migrate_settings_internals(const DOM_SID *domain_sid, const /* STEP 2: COPY REGISTRY VALUES */ /* please keep in mind that samba parse_spools gives horribly - crippled results when used to cli_spoolss_enumprinterdataex + crippled results when used to rpccli_spoolss_enumprinterdataex a win2k3-server. (Bugzilla #1851) FIXME: IIRC I've seen it too on a win2k-server */ /* enumerate data on src handle */ - result = cli_spoolss_enumprinterdata(cli, mem_ctx, &hnd_src, p, 0, 0, + result = rpccli_spoolss_enumprinterdata(pipe_hnd, mem_ctx, &hnd_src, p, 0, 0, &val_needed, &data_needed, NULL); /* loop for all printerdata of "PrinterDriverData" */ @@ -2302,8 +2349,8 @@ NTSTATUS rpc_printer_migrate_settings_internals(const DOM_SID *domain_sid, const REGISTRY_VALUE value; - result = cli_spoolss_enumprinterdata( - cli, mem_ctx, &hnd_src, p++, val_needed, + result = rpccli_spoolss_enumprinterdata( + pipe_hnd, mem_ctx, &hnd_src, p++, val_needed, data_needed, 0, 0, &value); /* loop for all reg_keys */ @@ -2314,7 +2361,7 @@ NTSTATUS rpc_printer_migrate_settings_internals(const DOM_SID *domain_sid, const display_reg_value(SPOOL_PRINTERDATA_KEY, value); /* set_value */ - if (!net_spoolss_setprinterdata(cli_dst, mem_ctx, + if (!net_spoolss_setprinterdata(pipe_hnd_dst, mem_ctx, &hnd_dst, &value)) goto done; @@ -2330,7 +2377,7 @@ NTSTATUS rpc_printer_migrate_settings_internals(const DOM_SID *domain_sid, const respond to enumprinterkey, win2k does, so continue in case of an error */ - if (!net_spoolss_enumprinterkey(cli, mem_ctx, &hnd_src, "", &keylist)) { + if (!net_spoolss_enumprinterkey(pipe_hnd, mem_ctx, &hnd_src, "", &keylist)) { printf("got no key-data\n"); continue; } @@ -2355,7 +2402,7 @@ NTSTATUS rpc_printer_migrate_settings_internals(const DOM_SID *domain_sid, const return NT_STATUS_NO_MEMORY; /* enumerate all src subkeys */ - if (!net_spoolss_enumprinterdataex(cli, mem_ctx, 0, + if (!net_spoolss_enumprinterdataex(pipe_hnd, mem_ctx, 0, &hnd_src, subkey, reg_ctr)) goto done; @@ -2426,7 +2473,7 @@ NTSTATUS rpc_printer_migrate_settings_internals(const DOM_SID *domain_sid, const display_reg_value(subkey, value); /* here we have to set all subkeys on the dst server */ - if (!net_spoolss_setprinterdataex(cli_dst, mem_ctx, &hnd_dst, + if (!net_spoolss_setprinterdataex(pipe_hnd_dst, mem_ctx, &hnd_dst, subkey, &value)) goto done; @@ -2436,7 +2483,7 @@ NTSTATUS rpc_printer_migrate_settings_internals(const DOM_SID *domain_sid, const display_reg_value(subkey, *(reg_ctr->values[j])); /* here we have to set all subkeys on the dst server */ - if (!net_spoolss_setprinterdataex(cli_dst, mem_ctx, &hnd_dst, + if (!net_spoolss_setprinterdataex(pipe_hnd_dst, mem_ctx, &hnd_dst, subkey, reg_ctr->values[j])) goto done; @@ -2446,7 +2493,7 @@ NTSTATUS rpc_printer_migrate_settings_internals(const DOM_SID *domain_sid, const subkey, reg_ctr->values[j]->valuename)); } - + TALLOC_FREE( reg_ctr ); } @@ -2454,12 +2501,12 @@ NTSTATUS rpc_printer_migrate_settings_internals(const DOM_SID *domain_sid, const /* close printer handles here */ if (got_hnd_src) { - cli_spoolss_close_printer(cli, mem_ctx, &hnd_src); + rpccli_spoolss_close_printer(pipe_hnd, mem_ctx, &hnd_src); got_hnd_src = False; } if (got_hnd_dst) { - cli_spoolss_close_printer(cli_dst, mem_ctx, &hnd_dst); + rpccli_spoolss_close_printer(pipe_hnd_dst, mem_ctx, &hnd_dst); got_hnd_dst = False; } @@ -2473,13 +2520,12 @@ done: SAFE_FREE(unc_name); if (got_hnd_src) - cli_spoolss_close_printer(cli, mem_ctx, &hnd_src); + rpccli_spoolss_close_printer(pipe_hnd, mem_ctx, &hnd_src); if (got_hnd_dst) - cli_spoolss_close_printer(cli_dst, mem_ctx, &hnd_dst); + rpccli_spoolss_close_printer(pipe_hnd_dst, mem_ctx, &hnd_dst); - if (got_dst_spoolss_pipe) { - cli_nt_session_close(cli_dst); + if (cli_dst) { cli_shutdown(cli_dst); } return nt_status; diff --git a/source3/utils/net_rpc_registry.c b/source3/utils/net_rpc_registry.c index 8bb01cd89a..33ccb6c1b7 100644 --- a/source3/utils/net_rpc_registry.c +++ b/source3/utils/net_rpc_registry.c @@ -22,7 +22,6 @@ #include "regfio.h" #include "reg_objects.h" - /******************************************************************** ********************************************************************/ @@ -85,9 +84,13 @@ void dump_regval_buffer( uint32 type, REGVAL_BUFFER *buffer ) /******************************************************************** ********************************************************************/ -static NTSTATUS rpc_registry_enumerate_internal( const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv ) +static NTSTATUS rpc_registry_enumerate_internal(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv ) { WERROR result = WERR_GENERAL_FAILURE; uint32 hive; @@ -108,13 +111,13 @@ static NTSTATUS rpc_registry_enumerate_internal( const DOM_SID *domain_sid, cons /* open the top level hive and then the registry key */ - result = cli_reg_connect( cli, mem_ctx, hive, MAXIMUM_ALLOWED_ACCESS, &pol_hive ); + result = rpccli_reg_connect(pipe_hnd, mem_ctx, hive, MAXIMUM_ALLOWED_ACCESS, &pol_hive ); if ( !W_ERROR_IS_OK(result) ) { d_printf("Unable to connect to remote registry\n"); return werror_to_ntstatus(result); } - result = cli_reg_open_entry( cli, mem_ctx, &pol_hive, subpath, MAXIMUM_ALLOWED_ACCESS, &pol_key ); + result = rpccli_reg_open_entry(pipe_hnd, mem_ctx, &pol_hive, subpath, MAXIMUM_ALLOWED_ACCESS, &pol_key ); if ( !W_ERROR_IS_OK(result) ) { d_printf("Unable to open [%s]\n", argv[0]); return werror_to_ntstatus(result); @@ -128,7 +131,7 @@ static NTSTATUS rpc_registry_enumerate_internal( const DOM_SID *domain_sid, cons time_t modtime; fstring keyname, classname; - result = cli_reg_enum_key( cli, mem_ctx, &pol_key, idx, + result = rpccli_reg_enum_key(pipe_hnd, mem_ctx, &pol_key, idx, keyname, classname, &modtime ); if ( W_ERROR_EQUAL(result, WERR_NO_MORE_ITEMS) ) { @@ -159,7 +162,7 @@ static NTSTATUS rpc_registry_enumerate_internal( const DOM_SID *domain_sid, cons fstrcpy( name, "" ); ZERO_STRUCT( value ); - result = cli_reg_enum_val( cli, mem_ctx, &pol_key, idx, + result = rpccli_reg_enum_val(pipe_hnd, mem_ctx, &pol_key, idx, name, &type, &value ); if ( W_ERROR_EQUAL(result, WERR_NO_MORE_ITEMS) ) { @@ -180,8 +183,8 @@ static NTSTATUS rpc_registry_enumerate_internal( const DOM_SID *domain_sid, cons out: /* cleanup */ - cli_reg_close( cli, mem_ctx, &pol_key ); - cli_reg_close( cli, mem_ctx, &pol_hive ); + rpccli_reg_close(pipe_hnd, mem_ctx, &pol_key ); + rpccli_reg_close(pipe_hnd, mem_ctx, &pol_hive ); return werror_to_ntstatus(result); } @@ -198,9 +201,13 @@ static int rpc_registry_enumerate( int argc, const char **argv ) /******************************************************************** ********************************************************************/ -static NTSTATUS rpc_registry_save_internal( const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv ) +static NTSTATUS rpc_registry_save_internal(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv ) { WERROR result = WERR_GENERAL_FAILURE; uint32 hive; @@ -219,19 +226,19 @@ static NTSTATUS rpc_registry_save_internal( const DOM_SID *domain_sid, const cha /* open the top level hive and then the registry key */ - result = cli_reg_connect( cli, mem_ctx, hive, MAXIMUM_ALLOWED_ACCESS, &pol_hive ); + result = rpccli_reg_connect(pipe_hnd, mem_ctx, hive, MAXIMUM_ALLOWED_ACCESS, &pol_hive ); if ( !W_ERROR_IS_OK(result) ) { d_printf("Unable to connect to remote registry\n"); return werror_to_ntstatus(result); } - result = cli_reg_open_entry( cli, mem_ctx, &pol_hive, subpath, MAXIMUM_ALLOWED_ACCESS, &pol_key ); + result = rpccli_reg_open_entry(pipe_hnd, mem_ctx, &pol_hive, subpath, MAXIMUM_ALLOWED_ACCESS, &pol_key ); if ( !W_ERROR_IS_OK(result) ) { d_printf("Unable to open [%s]\n", argv[0]); return werror_to_ntstatus(result); } - result = cli_reg_save_key( cli, mem_ctx, &pol_key, argv[1] ); + result = rpccli_reg_save_key(pipe_hnd, mem_ctx, &pol_key, argv[1] ); if ( !W_ERROR_IS_OK(result) ) { d_printf("Unable to save [%s] to %s:%s\n", argv[0], cli->desthost, argv[1]); } @@ -239,8 +246,8 @@ static NTSTATUS rpc_registry_save_internal( const DOM_SID *domain_sid, const cha /* cleanup */ - cli_reg_close( cli, mem_ctx, &pol_key ); - cli_reg_close( cli, mem_ctx, &pol_hive ); + rpccli_reg_close(pipe_hnd, mem_ctx, &pol_key ); + rpccli_reg_close(pipe_hnd, mem_ctx, &pol_hive ); return werror_to_ntstatus(result); } @@ -490,5 +497,3 @@ int net_rpc_registry(int argc, const char **argv) return net_help_registry( argc, argv ); } - - diff --git a/source3/utils/net_rpc_rights.c b/source3/utils/net_rpc_rights.c index 3a986ed251..a563475ee1 100644 --- a/source3/utils/net_rpc_rights.c +++ b/source3/utils/net_rpc_rights.c @@ -23,22 +23,23 @@ /******************************************************************** ********************************************************************/ -static NTSTATUS sid_to_name(struct cli_state *cli, - TALLOC_CTX *mem_ctx, - DOM_SID *sid, fstring name) +static NTSTATUS sid_to_name(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + DOM_SID *sid, + fstring name) { POLICY_HND pol; uint32 *sid_types; NTSTATUS result; char **domains, **names; - result = cli_lsa_open_policy(cli, mem_ctx, True, + result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, True, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); if ( !NT_STATUS_IS_OK(result) ) return result; - result = cli_lsa_lookup_sids(cli, mem_ctx, &pol, 1, sid, &domains, &names, &sid_types); + result = rpccli_lsa_lookup_sids(pipe_hnd, mem_ctx, &pol, 1, sid, &domains, &names, &sid_types); if ( NT_STATUS_IS_OK(result) ) { if ( *domains[0] ) @@ -47,14 +48,14 @@ static NTSTATUS sid_to_name(struct cli_state *cli, fstrcpy( name, names[0] ); } - cli_lsa_close(cli, mem_ctx, &pol); + rpccli_lsa_close(pipe_hnd, mem_ctx, &pol); return result; } /******************************************************************** ********************************************************************/ -static NTSTATUS name_to_sid(struct cli_state *cli, +static NTSTATUS name_to_sid(struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, DOM_SID *sid, const char *name) { @@ -64,31 +65,31 @@ static NTSTATUS name_to_sid(struct cli_state *cli, DOM_SID *sids; /* maybe its a raw SID */ - if ( strncmp(name, "S-", 2) == 0 && string_to_sid(sid, name) ) - { + if ( strncmp(name, "S-", 2) == 0 && string_to_sid(sid, name) ) { return NT_STATUS_OK; } - result = cli_lsa_open_policy(cli, mem_ctx, True, + result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, True, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); if ( !NT_STATUS_IS_OK(result) ) return result; - result = cli_lsa_lookup_names(cli, mem_ctx, &pol, 1, &name, &sids, &sid_types); + result = rpccli_lsa_lookup_names(pipe_hnd, mem_ctx, &pol, 1, &name, &sids, &sid_types); if ( NT_STATUS_IS_OK(result) ) sid_copy( sid, &sids[0] ); - cli_lsa_close(cli, mem_ctx, &pol); + rpccli_lsa_close(pipe_hnd, mem_ctx, &pol); return result; } /******************************************************************** ********************************************************************/ -static NTSTATUS enum_privileges( TALLOC_CTX *ctx, struct cli_state *cli, - POLICY_HND *pol ) +static NTSTATUS enum_privileges(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *ctx, + POLICY_HND *pol ) { NTSTATUS result; uint32 enum_context = 0; @@ -103,7 +104,7 @@ static NTSTATUS enum_privileges( TALLOC_CTX *ctx, struct cli_state *cli, uint16 lang_id_desc; fstring description; - result = cli_lsa_enum_privilege(cli, ctx, pol, &enum_context, + result = rpccli_lsa_enum_privilege(pipe_hnd, ctx, pol, &enum_context, pref_max_length, &count, &privs_name, &privs_high, &privs_low); if ( !NT_STATUS_IS_OK(result) ) @@ -116,7 +117,7 @@ static NTSTATUS enum_privileges( TALLOC_CTX *ctx, struct cli_state *cli, /* try to get the description */ - if ( !NT_STATUS_IS_OK(cli_lsa_get_dispname(cli, ctx, pol, + if ( !NT_STATUS_IS_OK(rpccli_lsa_get_dispname(pipe_hnd, ctx, pol, privs_name[i], lang_id, lang_id_sys, description, &lang_id_desc)) ) { d_printf("??????\n"); @@ -127,21 +128,23 @@ static NTSTATUS enum_privileges( TALLOC_CTX *ctx, struct cli_state *cli, } return NT_STATUS_OK; - } /******************************************************************** ********************************************************************/ -static NTSTATUS check_privilege_for_user( TALLOC_CTX *ctx, struct cli_state *cli, - POLICY_HND *pol, DOM_SID *sid, const char *right) +static NTSTATUS check_privilege_for_user(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *ctx, + POLICY_HND *pol, + DOM_SID *sid, + const char *right) { NTSTATUS result; uint32 count; char **rights; int i; - result = cli_lsa_enum_account_rights(cli, ctx, pol, sid, &count, &rights); + result = rpccli_lsa_enum_account_rights(pipe_hnd, ctx, pol, sid, &count, &rights); if (!NT_STATUS_IS_OK(result)) { return result; @@ -163,15 +166,17 @@ static NTSTATUS check_privilege_for_user( TALLOC_CTX *ctx, struct cli_state *cli /******************************************************************** ********************************************************************/ -static NTSTATUS enum_privileges_for_user( TALLOC_CTX *ctx, struct cli_state *cli, - POLICY_HND *pol, DOM_SID *sid ) +static NTSTATUS enum_privileges_for_user(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *ctx, + POLICY_HND *pol, + DOM_SID *sid ) { NTSTATUS result; uint32 count; char **rights; int i; - result = cli_lsa_enum_account_rights(cli, ctx, pol, sid, &count, &rights); + result = rpccli_lsa_enum_account_rights(pipe_hnd, ctx, pol, sid, &count, &rights); if (!NT_STATUS_IS_OK(result)) return result; @@ -189,8 +194,10 @@ static NTSTATUS enum_privileges_for_user( TALLOC_CTX *ctx, struct cli_state *cli /******************************************************************** ********************************************************************/ -static NTSTATUS enum_accounts_for_privilege(TALLOC_CTX *ctx, struct cli_state *cli, - POLICY_HND *pol, const char *privilege) +static NTSTATUS enum_accounts_for_privilege(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *ctx, + POLICY_HND *pol, + const char *privilege) { NTSTATUS result; uint32 enum_context=0; @@ -200,7 +207,7 @@ static NTSTATUS enum_accounts_for_privilege(TALLOC_CTX *ctx, struct cli_state *c int i; fstring name; - result = cli_lsa_enum_sids(cli, ctx, pol, &enum_context, + result = rpccli_lsa_enum_sids(pipe_hnd, ctx, pol, &enum_context, pref_max_length, &count, &sids); if (!NT_STATUS_IS_OK(result)) @@ -211,7 +218,7 @@ static NTSTATUS enum_accounts_for_privilege(TALLOC_CTX *ctx, struct cli_state *c for ( i=0; i<count; i++ ) { - result = check_privilege_for_user( ctx, cli, pol, &sids[i], privilege); + result = check_privilege_for_user( pipe_hnd, ctx, pol, &sids[i], privilege); if ( ! NT_STATUS_IS_OK(result)) { if ( ! NT_STATUS_EQUAL(result, NT_STATUS_OBJECT_NAME_NOT_FOUND)) { @@ -222,7 +229,7 @@ static NTSTATUS enum_accounts_for_privilege(TALLOC_CTX *ctx, struct cli_state *c /* try to convert the SID to a name. Fall back to printing the raw SID if necessary */ - result = sid_to_name( cli, ctx, &sids[i], name ); + result = sid_to_name( pipe_hnd, ctx, &sids[i], name ); if ( !NT_STATUS_IS_OK (result) ) fstrcpy( name, sid_string_static(&sids[i]) ); @@ -235,8 +242,9 @@ static NTSTATUS enum_accounts_for_privilege(TALLOC_CTX *ctx, struct cli_state *c /******************************************************************** ********************************************************************/ -static NTSTATUS enum_privileges_for_accounts( TALLOC_CTX *ctx, struct cli_state *cli, - POLICY_HND *pol ) +static NTSTATUS enum_privileges_for_accounts(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *ctx, + POLICY_HND *pol) { NTSTATUS result; uint32 enum_context=0; @@ -246,7 +254,7 @@ static NTSTATUS enum_privileges_for_accounts( TALLOC_CTX *ctx, struct cli_state int i; fstring name; - result = cli_lsa_enum_sids(cli, ctx, pol, &enum_context, + result = rpccli_lsa_enum_sids(pipe_hnd, ctx, pol, &enum_context, pref_max_length, &count, &sids); if (!NT_STATUS_IS_OK(result)) @@ -257,13 +265,13 @@ static NTSTATUS enum_privileges_for_accounts( TALLOC_CTX *ctx, struct cli_state /* try to convert the SID to a name. Fall back to printing the raw SID if necessary */ - result = sid_to_name( cli, ctx, &sids[i], name ); + result = sid_to_name(pipe_hnd, ctx, &sids[i], name ); if ( !NT_STATUS_IS_OK (result) ) fstrcpy( name, sid_string_static(&sids[i]) ); d_printf("%s\n", name); - result = enum_privileges_for_user( ctx, cli, pol, &sids[i] ); + result = enum_privileges_for_user(pipe_hnd, ctx, pol, &sids[i] ); if ( !NT_STATUS_IS_OK(result) ) return result; @@ -277,9 +285,13 @@ static NTSTATUS enum_privileges_for_accounts( TALLOC_CTX *ctx, struct cli_state /******************************************************************** ********************************************************************/ -static NTSTATUS rpc_rights_list_internal( const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv ) +static NTSTATUS rpc_rights_list_internal(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv ) { POLICY_HND pol; NTSTATUS result; @@ -291,7 +303,7 @@ static NTSTATUS rpc_rights_list_internal( const DOM_SID *domain_sid, const char uint16 lang_id_desc; - result = cli_lsa_open_policy(cli, mem_ctx, True, + result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, True, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); if ( !NT_STATUS_IS_OK(result) ) @@ -300,7 +312,7 @@ static NTSTATUS rpc_rights_list_internal( const DOM_SID *domain_sid, const char /* backwards compatibility; just list available privileges if no arguement */ if (argc == 0) { - result = enum_privileges( mem_ctx, cli, &pol ); + result = enum_privileges(pipe_hnd, mem_ctx, &pol ); goto done; } @@ -308,18 +320,17 @@ static NTSTATUS rpc_rights_list_internal( const DOM_SID *domain_sid, const char int i = 1; if (argv[1] == NULL) { - result = enum_privileges( mem_ctx, cli, &pol ); + result = enum_privileges(pipe_hnd, mem_ctx, &pol ); goto done; } - while ( argv[i] != NULL ) - { + while ( argv[i] != NULL ) { fstrcpy( privname, argv[i] ); i++; /* verify that this is a valid privilege for error reporting */ - result = cli_lsa_get_dispname(cli, mem_ctx, &pol, privname, lang_id, + result = rpccli_lsa_get_dispname(pipe_hnd, mem_ctx, &pol, privname, lang_id, lang_id_sys, description, &lang_id_desc); if ( !NT_STATUS_IS_OK(result) ) { @@ -330,7 +341,7 @@ static NTSTATUS rpc_rights_list_internal( const DOM_SID *domain_sid, const char continue; } - result = enum_accounts_for_privilege(mem_ctx, cli, &pol, privname); + result = enum_accounts_for_privilege(pipe_hnd, mem_ctx, &pol, privname); if (!NT_STATUS_IS_OK(result)) { d_printf("Error enumerating accounts for privilege %s [%s].\n", privname, nt_errstr(result)); @@ -346,16 +357,16 @@ static NTSTATUS rpc_rights_list_internal( const DOM_SID *domain_sid, const char int i = 1; if (argv[1] == NULL) { - result = enum_privileges_for_accounts(mem_ctx, cli, &pol); + result = enum_privileges_for_accounts(pipe_hnd, mem_ctx, &pol); goto done; } while (argv[i] != NULL) { - result = name_to_sid(cli, mem_ctx, &sid, argv[i]); + result = name_to_sid(pipe_hnd, mem_ctx, &sid, argv[i]); if (!NT_STATUS_IS_OK(result)) { goto done; } - result = enum_privileges_for_user(mem_ctx, cli, &pol, &sid); + result = enum_privileges_for_user(pipe_hnd, mem_ctx, &pol, &sid); if (!NT_STATUS_IS_OK(result)) { goto done; } @@ -372,14 +383,14 @@ static NTSTATUS rpc_rights_list_internal( const DOM_SID *domain_sid, const char goto done; } - result = name_to_sid(cli, mem_ctx, &sid, argv[0]); + result = name_to_sid(pipe_hnd, mem_ctx, &sid, argv[0]); if (!NT_STATUS_IS_OK(result)) { goto done; } - result = enum_privileges_for_user( mem_ctx, cli, &pol, &sid ); + result = enum_privileges_for_user(pipe_hnd, mem_ctx, &pol, &sid ); done: - cli_lsa_close(cli, mem_ctx, &pol); + rpccli_lsa_close(pipe_hnd, mem_ctx, &pol); return result; } @@ -387,9 +398,13 @@ done: /******************************************************************** ********************************************************************/ -static NTSTATUS rpc_rights_grant_internal( const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv ) +static NTSTATUS rpc_rights_grant_internal(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv ) { POLICY_HND dom_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; @@ -401,18 +416,18 @@ static NTSTATUS rpc_rights_grant_internal( const DOM_SID *domain_sid, const char return NT_STATUS_OK; } - result = name_to_sid(cli, mem_ctx, &sid, argv[0]); + result = name_to_sid(pipe_hnd, mem_ctx, &sid, argv[0]); if (!NT_STATUS_IS_OK(result)) return result; - result = cli_lsa_open_policy2(cli, mem_ctx, True, + result = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, True, SEC_RIGHTS_MAXIMUM_ALLOWED, &dom_pol); if (!NT_STATUS_IS_OK(result)) return result; - result = cli_lsa_add_account_rights(cli, mem_ctx, &dom_pol, sid, + result = rpccli_lsa_add_account_rights(pipe_hnd, mem_ctx, &dom_pol, sid, argc-1, argv+1); if (!NT_STATUS_IS_OK(result)) @@ -426,7 +441,7 @@ static NTSTATUS rpc_rights_grant_internal( const DOM_SID *domain_sid, const char argv[0], nt_errstr(result)); } - cli_lsa_close(cli, mem_ctx, &dom_pol); + rpccli_lsa_close(pipe_hnd, mem_ctx, &dom_pol); return result; } @@ -434,9 +449,13 @@ static NTSTATUS rpc_rights_grant_internal( const DOM_SID *domain_sid, const char /******************************************************************** ********************************************************************/ -static NTSTATUS rpc_rights_revoke_internal( const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv ) +static NTSTATUS rpc_rights_revoke_internal(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv ) { POLICY_HND dom_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; @@ -448,18 +467,18 @@ static NTSTATUS rpc_rights_revoke_internal( const DOM_SID *domain_sid, const cha return NT_STATUS_OK; } - result = name_to_sid(cli, mem_ctx, &sid, argv[0]); + result = name_to_sid(pipe_hnd, mem_ctx, &sid, argv[0]); if (!NT_STATUS_IS_OK(result)) return result; - result = cli_lsa_open_policy2(cli, mem_ctx, True, + result = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, True, SEC_RIGHTS_MAXIMUM_ALLOWED, &dom_pol); if (!NT_STATUS_IS_OK(result)) return result; - result = cli_lsa_remove_account_rights(cli, mem_ctx, &dom_pol, sid, + result = rpccli_lsa_remove_account_rights(pipe_hnd, mem_ctx, &dom_pol, sid, False, argc-1, argv+1); if (!NT_STATUS_IS_OK(result)) @@ -473,7 +492,7 @@ done: argv[0], nt_errstr(result)); } - cli_lsa_close(cli, mem_ctx, &dom_pol); + rpccli_lsa_close(pipe_hnd, mem_ctx, &dom_pol); return result; } @@ -541,5 +560,3 @@ int net_rpc_rights(int argc, const char **argv) return net_help_rights( argc, argv ); } - - diff --git a/source3/utils/net_rpc_samsync.c b/source3/utils/net_rpc_samsync.c index 403250675a..f4a0ab90e8 100644 --- a/source3/utils/net_rpc_samsync.c +++ b/source3/utils/net_rpc_samsync.c @@ -6,6 +6,7 @@ Copyright (C) Tim Potter 2001,2002 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2005 Modified by Volker Lendecke 2002 + Copyright (C) Jeremy Allison 2005. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -41,7 +42,6 @@ static void display_group_mem_info(uint32 rid, SAM_GROUP_MEM_INFO *g) d_printf("\n"); } - static const char *display_time(NTTIME *nttime) { static fstring string; @@ -210,10 +210,9 @@ static void display_sam_entry(SAM_DELTA_HDR *hdr_delta, SAM_DELTA_CTR *delta) } } - -static void dump_database(struct cli_state *cli, unsigned db_type, DOM_CRED *ret_creds) +static void dump_database(struct rpc_pipe_client *pipe_hnd, uint32 db_type) { - unsigned sync_context = 0; + uint32 sync_context = 0; NTSTATUS result; int i; TALLOC_CTX *mem_ctx; @@ -241,13 +240,12 @@ static void dump_database(struct cli_state *cli, unsigned db_type, DOM_CRED *ret } do { - result = cli_netlogon_sam_sync(cli, mem_ctx, ret_creds, db_type, + result = rpccli_netlogon_sam_sync(pipe_hnd, mem_ctx, db_type, sync_context, &num_deltas, &hdr_deltas, &deltas); if (NT_STATUS_IS_ERR(result)) break; - clnt_deal_with_creds(cli->sess_key, &(cli->clnt_cred), ret_creds); for (i = 0; i < num_deltas; i++) { display_sam_entry(&hdr_deltas[i], &deltas[i]); } @@ -259,41 +257,47 @@ static void dump_database(struct cli_state *cli, unsigned db_type, DOM_CRED *ret /* dump sam database via samsync rpc calls */ NTSTATUS rpc_samdump_internals(const DOM_SID *domain_sid, - const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { +#if 0 + /* net_rpc.c now always tries to create an schannel pipe.. */ + NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; uchar trust_password[16]; - DOM_CRED ret_creds; - uint32 sec_channel; - - ZERO_STRUCT(ret_creds); - - fstrcpy(cli->domain, domain_name); + uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS; + uint32 sec_channel_type = 0; if (!secrets_fetch_trust_account_password(domain_name, trust_password, - NULL, &sec_channel)) { + NULL, &sec_channel_type)) { DEBUG(0,("Could not fetch trust account password\n")); goto fail; } - if (!NT_STATUS_IS_OK(nt_status = cli_nt_establish_netlogon(cli, sec_channel, - trust_password))) { + nt_status = rpccli_netlogon_setup_creds(pipe_hnd, + cli->desthost, + domain_name, + global_myname(), + trust_password, + sec_channel_type, + &neg_flags); + + if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0,("Error connecting to NETLOGON pipe\n")); goto fail; } +#endif - dump_database(cli, SAM_DATABASE_DOMAIN, &ret_creds); - dump_database(cli, SAM_DATABASE_BUILTIN, &ret_creds); - dump_database(cli, SAM_DATABASE_PRIVS, &ret_creds); - - nt_status = NT_STATUS_OK; + dump_database(pipe_hnd, SAM_DATABASE_DOMAIN); + dump_database(pipe_hnd, SAM_DATABASE_BUILTIN); + dump_database(pipe_hnd, SAM_DATABASE_PRIVS); -fail: - cli_nt_session_close(cli); - return nt_status; + return NT_STATUS_OK; } /* Convert a SAM_ACCOUNT_DELTA to a SAM_ACCOUNT. */ @@ -301,8 +305,7 @@ fail: (!old_string && new_string) ||\ (old_string && new_string && (strcmp(old_string, new_string) != 0)) -static NTSTATUS -sam_account_from_delta(SAM_ACCOUNT *account, SAM_ACCOUNT_INFO *delta) +static NTSTATUS sam_account_from_delta(SAM_ACCOUNT *account, SAM_ACCOUNT_INFO *delta) { const char *old_string, *new_string; time_t unix_time, stored_time; @@ -529,7 +532,7 @@ static NTSTATUS fetch_account_info(uint32 rid, SAM_ACCOUNT_INFO *delta) add_ret = smbrun(add_script,NULL); DEBUG(add_ret ? 0 : 1,("fetch_account: Running the command `%s' " "gave %d\n", add_script, add_ret)); - } + } /* try and find the possible unix account again */ if ( !(passwd = Get_Pwnam(account)) ) { @@ -590,8 +593,7 @@ static NTSTATUS fetch_account_info(uint32 rid, SAM_ACCOUNT_INFO *delta) return nt_ret; } -static NTSTATUS -fetch_group_info(uint32 rid, SAM_GROUP_INFO *delta) +static NTSTATUS fetch_group_info(uint32 rid, SAM_GROUP_INFO *delta) { fstring name; fstring comment; @@ -651,8 +653,7 @@ fetch_group_info(uint32 rid, SAM_GROUP_INFO *delta) return NT_STATUS_OK; } -static NTSTATUS -fetch_group_mem_info(uint32 rid, SAM_GROUP_MEM_INFO *delta) +static NTSTATUS fetch_group_mem_info(uint32 rid, SAM_GROUP_MEM_INFO *delta) { int i; TALLOC_CTX *t = NULL; @@ -832,8 +833,7 @@ static NTSTATUS fetch_alias_info(uint32 rid, SAM_ALIAS_INFO *delta, return NT_STATUS_OK; } -static NTSTATUS -fetch_alias_mem(uint32 rid, SAM_ALIAS_MEM_INFO *delta, DOM_SID dom_sid) +static NTSTATUS fetch_alias_mem(uint32 rid, SAM_ALIAS_MEM_INFO *delta, DOM_SID dom_sid) { #if 0 /* * commented out right now after talking to Volker. Can't @@ -998,42 +998,41 @@ static NTSTATUS fetch_domain_info(uint32 rid, SAM_DOMAIN_INFO *delta) } - if (!account_policy_set(AP_PASSWORD_HISTORY, delta->pwd_history_len)) + if (!pdb_set_account_policy(AP_PASSWORD_HISTORY, delta->pwd_history_len)) return nt_status; - if (!account_policy_set(AP_MIN_PASSWORD_LEN, delta->min_pwd_len)) + if (!pdb_set_account_policy(AP_MIN_PASSWORD_LEN, delta->min_pwd_len)) return nt_status; - if (!account_policy_set(AP_MAX_PASSWORD_AGE, (uint32)u_max_age)) + if (!pdb_set_account_policy(AP_MAX_PASSWORD_AGE, (uint32)u_max_age)) return nt_status; - if (!account_policy_set(AP_MIN_PASSWORD_AGE, (uint32)u_min_age)) + if (!pdb_set_account_policy(AP_MIN_PASSWORD_AGE, (uint32)u_min_age)) return nt_status; - if (!account_policy_set(AP_TIME_TO_LOGOUT, (uint32)u_logout)) + if (!pdb_set_account_policy(AP_TIME_TO_LOGOUT, (uint32)u_logout)) return nt_status; - if (!account_policy_set(AP_BAD_ATTEMPT_LOCKOUT, delta->account_lockout.bad_attempt_lockout)) + if (!pdb_set_account_policy(AP_BAD_ATTEMPT_LOCKOUT, delta->account_lockout.bad_attempt_lockout)) return nt_status; - if (!account_policy_set(AP_RESET_COUNT_TIME, (uint32)u_lockoutreset/60)) + if (!pdb_set_account_policy(AP_RESET_COUNT_TIME, (uint32)u_lockoutreset/60)) return nt_status; if (u_lockouttime != -1) u_lockouttime /= 60; - if (!account_policy_set(AP_LOCK_ACCOUNT_DURATION, (uint32)u_lockouttime)) + if (!pdb_set_account_policy(AP_LOCK_ACCOUNT_DURATION, (uint32)u_lockouttime)) return nt_status; - if (!account_policy_set(AP_USER_MUST_LOGON_TO_CHG_PASS, delta->logon_chgpass)) + if (!pdb_set_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS, delta->logon_chgpass)) return nt_status; return NT_STATUS_OK; } -static void -fetch_sam_entry(SAM_DELTA_HDR *hdr_delta, SAM_DELTA_CTR *delta, +static void fetch_sam_entry(SAM_DELTA_HDR *hdr_delta, SAM_DELTA_CTR *delta, DOM_SID dom_sid) { switch(hdr_delta->type) { @@ -1098,11 +1097,9 @@ fetch_sam_entry(SAM_DELTA_HDR *hdr_delta, SAM_DELTA_CTR *delta, } } -static NTSTATUS -fetch_database(struct cli_state *cli, unsigned db_type, DOM_CRED *ret_creds, - DOM_SID dom_sid) +static NTSTATUS fetch_database(struct rpc_pipe_client *pipe_hnd, uint32 db_type, DOM_SID dom_sid) { - unsigned sync_context = 0; + uint32 sync_context = 0; NTSTATUS result; int i; TALLOC_CTX *mem_ctx; @@ -1129,17 +1126,13 @@ fetch_database(struct cli_state *cli, unsigned db_type, DOM_CRED *ret_creds, } do { - result = cli_netlogon_sam_sync(cli, mem_ctx, ret_creds, + result = rpccli_netlogon_sam_sync(pipe_hnd, mem_ctx, db_type, sync_context, &num_deltas, &hdr_deltas, &deltas); if (NT_STATUS_IS_OK(result) || NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) { - - clnt_deal_with_creds(cli->sess_key, &(cli->clnt_cred), - ret_creds); - for (i = 0; i < num_deltas; i++) { fetch_sam_entry(&hdr_deltas[i], &deltas[i], dom_sid); } @@ -1154,8 +1147,7 @@ fetch_database(struct cli_state *cli, unsigned db_type, DOM_CRED *ret_creds, return result; } -static NTSTATUS -populate_ldap_for_ldif(fstring sid, const char *suffix, const char +static NTSTATUS populate_ldap_for_ldif(fstring sid, const char *suffix, const char *builtin_sid, FILE *add_fd) { char *user_suffix, *group_suffix, *machine_suffix, *idmap_suffix; @@ -1448,8 +1440,7 @@ populate_ldap_for_ldif(fstring sid, const char *suffix, const char return NT_STATUS_OK; } -static NTSTATUS -map_populate_groups(GROUPMAP *groupmap, ACCOUNTMAP *accountmap, fstring sid, +static NTSTATUS map_populate_groups(GROUPMAP *groupmap, ACCOUNTMAP *accountmap, fstring sid, const char *suffix, const char *builtin_sid) { char *group_attr = sstring_sub(lp_ldap_group_suffix(), '=', ','); @@ -1521,8 +1512,7 @@ map_populate_groups(GROUPMAP *groupmap, ACCOUNTMAP *accountmap, fstring sid, return NT_STATUS_OK; } -static NTSTATUS -fetch_group_info_to_ldif(SAM_DELTA_CTR *delta, GROUPMAP *groupmap, +static NTSTATUS fetch_group_info_to_ldif(SAM_DELTA_CTR *delta, GROUPMAP *groupmap, FILE *add_fd, fstring sid, char *suffix) { fstring groupname; @@ -1579,8 +1569,7 @@ fetch_group_info_to_ldif(SAM_DELTA_CTR *delta, GROUPMAP *groupmap, return NT_STATUS_OK; } -static NTSTATUS -fetch_account_info_to_ldif(SAM_DELTA_CTR *delta, GROUPMAP *groupmap, +static NTSTATUS fetch_account_info_to_ldif(SAM_DELTA_CTR *delta, GROUPMAP *groupmap, ACCOUNTMAP *accountmap, FILE *add_fd, fstring sid, char *suffix, int alloced) { @@ -1724,8 +1713,7 @@ fetch_account_info_to_ldif(SAM_DELTA_CTR *delta, GROUPMAP *groupmap, return NT_STATUS_OK; } -static NTSTATUS -fetch_alias_info_to_ldif(SAM_DELTA_CTR *delta, GROUPMAP *groupmap, +static NTSTATUS fetch_alias_info_to_ldif(SAM_DELTA_CTR *delta, GROUPMAP *groupmap, FILE *add_fd, fstring sid, char *suffix, unsigned db_type) { @@ -1798,8 +1786,7 @@ fetch_alias_info_to_ldif(SAM_DELTA_CTR *delta, GROUPMAP *groupmap, return NT_STATUS_OK; } -static NTSTATUS -fetch_groupmem_info_to_ldif(SAM_DELTA_CTR *delta, SAM_DELTA_HDR *hdr_delta, +static NTSTATUS fetch_groupmem_info_to_ldif(SAM_DELTA_CTR *delta, SAM_DELTA_HDR *hdr_delta, GROUPMAP *groupmap, ACCOUNTMAP *accountmap, FILE *mod_fd, int alloced) { @@ -1841,16 +1828,16 @@ fetch_groupmem_info_to_ldif(SAM_DELTA_CTR *delta, SAM_DELTA_HDR *hdr_delta, return NT_STATUS_OK; } -static NTSTATUS -fetch_database_to_ldif(struct cli_state *cli, unsigned db_type, - DOM_CRED *ret_creds, DOM_SID dom_sid, - const char *user_file) +static NTSTATUS fetch_database_to_ldif(struct rpc_pipe_client *pipe_hnd, + uint32 db_type, + DOM_SID dom_sid, + const char *user_file) { char *suffix; const char *builtin_sid = "S-1-5-32"; char *ldif_file; fstring sid, domainname; - unsigned sync_context = 0; + uint32 sync_context = 0; NTSTATUS result; int k; TALLOC_CTX *mem_ctx; @@ -1956,7 +1943,7 @@ fetch_database_to_ldif(struct cli_state *cli, unsigned db_type, } do { - result = cli_netlogon_sam_sync(cli, mem_ctx, ret_creds, + result = rpccli_netlogon_sam_sync(pipe_hnd, mem_ctx, db_type, sync_context, &num_deltas, &hdr_deltas, &deltas); @@ -1965,9 +1952,6 @@ fetch_database_to_ldif(struct cli_state *cli, unsigned db_type, return NT_STATUS_OK; } - clnt_deal_with_creds(cli->sess_key, &(cli->clnt_cred), - ret_creds); - /* Re-allocate memory for groupmap and accountmap arrays */ groupmap = SMB_REALLOC_ARRAY(groupmap, GROUPMAP, num_deltas+num_alloced); @@ -2138,18 +2122,16 @@ int rpc_vampire_usage(int argc, const char **argv) /* dump sam database via samsync rpc calls */ NTSTATUS rpc_vampire_internals(const DOM_SID *domain_sid, - const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) { NTSTATUS result; - uchar trust_password[16]; - DOM_CRED ret_creds; fstring my_dom_sid_str; fstring rem_dom_sid_str; - uint32 sec_channel; - - ZERO_STRUCT(ret_creds); if (!sid_equal(domain_sid, get_global_sam_sid())) { d_printf("Cannot import users from %s at this time, " @@ -2164,29 +2146,11 @@ NTSTATUS rpc_vampire_internals(const DOM_SID *domain_sid, return NT_STATUS_UNSUCCESSFUL; } - fstrcpy(cli->domain, domain_name); - - if (!secrets_fetch_trust_account_password(domain_name, - trust_password, NULL, - &sec_channel)) { - result = NT_STATUS_CANT_ACCESS_DOMAIN_INFO; - d_printf("Could not retrieve domain trust secret\n"); - goto fail; - } - - result = cli_nt_establish_netlogon(cli, sec_channel, trust_password); - - if (!NT_STATUS_IS_OK(result)) { - d_printf("Failed to setup BDC creds\n"); - goto fail; - } - if (argc >= 1 && (strcmp(argv[0], "ldif") == 0)) { - result = fetch_database_to_ldif(cli, SAM_DATABASE_DOMAIN, - &ret_creds, *domain_sid, argv[1]); + result = fetch_database_to_ldif(pipe_hnd, SAM_DATABASE_DOMAIN, + *domain_sid, argv[1]); } else { - result = fetch_database(cli, SAM_DATABASE_DOMAIN, &ret_creds, - *domain_sid); + result = fetch_database(pipe_hnd, SAM_DATABASE_DOMAIN, *domain_sid); } if (!NT_STATUS_IS_OK(result)) { @@ -2199,12 +2163,10 @@ NTSTATUS rpc_vampire_internals(const DOM_SID *domain_sid, } if (argc >= 1 && (strcmp(argv[0], "ldif") == 0)) { - result = fetch_database_to_ldif(cli, SAM_DATABASE_BUILTIN, - &ret_creds, global_sid_Builtin, - argv[1]); + result = fetch_database_to_ldif(pipe_hnd, SAM_DATABASE_BUILTIN, + global_sid_Builtin, argv[1]); } else { - result = fetch_database(cli, SAM_DATABASE_BUILTIN, &ret_creds, - global_sid_Builtin); + result = fetch_database(pipe_hnd, SAM_DATABASE_BUILTIN, global_sid_Builtin); } if (!NT_STATUS_IS_OK(result)) { @@ -2219,4 +2181,3 @@ NTSTATUS rpc_vampire_internals(const DOM_SID *domain_sid, fail: return result; } - diff --git a/source3/utils/net_rpc_service.c b/source3/utils/net_rpc_service.c index 8f93ab3d06..3cc4790884 100644 --- a/source3/utils/net_rpc_service.c +++ b/source3/utils/net_rpc_service.c @@ -24,8 +24,11 @@ /******************************************************************** ********************************************************************/ -static WERROR query_service_state( struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *hSCM, const char *service, uint32 *state ) +static WERROR query_service_state(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + POLICY_HND *hSCM, + const char *service, + uint32 *state ) { POLICY_HND hService; SERVICE_STATUS service_status; @@ -33,7 +36,7 @@ static WERROR query_service_state( struct cli_state *cli, TALLOC_CTX *mem_ctx, /* now cycle until the status is actually 'watch_state' */ - result = cli_svcctl_open_service( cli, mem_ctx, hSCM, &hService, + result = rpccli_svcctl_open_service(pipe_hnd, mem_ctx, hSCM, &hService, service, SC_RIGHT_SVC_QUERY_STATUS ); if ( !W_ERROR_IS_OK(result) ) { @@ -41,12 +44,12 @@ static WERROR query_service_state( struct cli_state *cli, TALLOC_CTX *mem_ctx, return result; } - result = cli_svcctl_query_status( cli, mem_ctx, &hService, &service_status ); + result = rpccli_svcctl_query_status(pipe_hnd, mem_ctx, &hService, &service_status ); if ( W_ERROR_IS_OK(result) ) { *state = service_status.state; } - cli_svcctl_close_service( cli, mem_ctx, &hService ); + rpccli_svcctl_close_service(pipe_hnd, mem_ctx, &hService ); return result; } @@ -54,9 +57,12 @@ static WERROR query_service_state( struct cli_state *cli, TALLOC_CTX *mem_ctx, /******************************************************************** ********************************************************************/ -static WERROR watch_service_state( struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *hSCM, const char *service, - uint32 watch_state, uint32 *final_state ) +static WERROR watch_service_state(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + POLICY_HND *hSCM, + const char *service, + uint32 watch_state, + uint32 *final_state ) { uint32 i; uint32 state = 0; @@ -67,7 +73,7 @@ static WERROR watch_service_state( struct cli_state *cli, TALLOC_CTX *mem_ctx, while ( (state != watch_state ) && i<30 ) { /* get the status */ - result = query_service_state( cli, mem_ctx, hSCM, service, &state ); + result = query_service_state(pipe_hnd, mem_ctx, hSCM, service, &state ); if ( !W_ERROR_IS_OK(result) ) { break; } @@ -86,9 +92,12 @@ static WERROR watch_service_state( struct cli_state *cli, TALLOC_CTX *mem_ctx, /******************************************************************** ********************************************************************/ -static WERROR control_service( struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *hSCM, const char *service, - uint32 control, uint32 watch_state ) +static WERROR control_service(struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + POLICY_HND *hSCM, + const char *service, + uint32 control, + uint32 watch_state ) { POLICY_HND hService; WERROR result = WERR_GENERAL_FAILURE; @@ -97,7 +106,7 @@ static WERROR control_service( struct cli_state *cli, TALLOC_CTX *mem_ctx, /* Open the Service */ - result = cli_svcctl_open_service( cli, mem_ctx, hSCM, &hService, + result = rpccli_svcctl_open_service(pipe_hnd, mem_ctx, hSCM, &hService, service, (SC_RIGHT_SVC_STOP|SC_RIGHT_SVC_PAUSE_CONTINUE) ); if ( !W_ERROR_IS_OK(result) ) { @@ -107,7 +116,7 @@ static WERROR control_service( struct cli_state *cli, TALLOC_CTX *mem_ctx, /* get the status */ - result = cli_svcctl_control_service( cli, mem_ctx, &hService, + result = rpccli_svcctl_control_service(pipe_hnd, mem_ctx, &hService, control, &service_status ); if ( !W_ERROR_IS_OK(result) ) { @@ -117,12 +126,12 @@ static WERROR control_service( struct cli_state *cli, TALLOC_CTX *mem_ctx, /* loop -- checking the state until we are where we want to be */ - result = watch_service_state( cli, mem_ctx, hSCM, service, watch_state, &state ); + result = watch_service_state(pipe_hnd, mem_ctx, hSCM, service, watch_state, &state ); d_printf("%s service is %s.\n", service, svc_status_string(state)); done: - cli_svcctl_close_service( cli, mem_ctx, &hService ); + rpccli_svcctl_close_service(pipe_hnd, mem_ctx, &hService ); return result; } @@ -130,9 +139,13 @@ done: /******************************************************************** ********************************************************************/ -static NTSTATUS rpc_service_list_internal( const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv ) +static NTSTATUS rpc_service_list_internal(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv ) { POLICY_HND hSCM; ENUM_SERVICES_STATUS *services; @@ -147,13 +160,13 @@ static NTSTATUS rpc_service_list_internal( const DOM_SID *domain_sid, const char return NT_STATUS_OK; } - result = cli_svcctl_open_scm( cli, mem_ctx, &hSCM, SC_RIGHT_MGR_ENUMERATE_SERVICE ); + result = rpccli_svcctl_open_scm(pipe_hnd, mem_ctx, &hSCM, SC_RIGHT_MGR_ENUMERATE_SERVICE ); if ( !W_ERROR_IS_OK(result) ) { d_printf("Failed to open Service Control Manager. [%s]\n", dos_errstr(result)); return werror_to_ntstatus(result); } - result = cli_svcctl_enumerate_services( cli, mem_ctx, &hSCM, SVCCTL_TYPE_WIN32, + result = rpccli_svcctl_enumerate_services(pipe_hnd, mem_ctx, &hSCM, SVCCTL_TYPE_WIN32, SVCCTL_STATE_ALL, &num_services, &services ); if ( !W_ERROR_IS_OK(result) ) { @@ -172,7 +185,7 @@ static NTSTATUS rpc_service_list_internal( const DOM_SID *domain_sid, const char } done: - cli_svcctl_close_service( cli, mem_ctx, &hSCM ); + rpccli_svcctl_close_service(pipe_hnd, mem_ctx, &hSCM ); return werror_to_ntstatus(result); } @@ -180,9 +193,13 @@ done: /******************************************************************** ********************************************************************/ -static NTSTATUS rpc_service_status_internal( const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv ) +static NTSTATUS rpc_service_status_internal(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv ) { POLICY_HND hSCM, hService; WERROR result = WERR_GENERAL_FAILURE; @@ -200,7 +217,7 @@ static NTSTATUS rpc_service_status_internal( const DOM_SID *domain_sid, const ch /* Open the Service Control Manager */ - result = cli_svcctl_open_scm( cli, mem_ctx, &hSCM, SC_RIGHT_MGR_ENUMERATE_SERVICE ); + result = rpccli_svcctl_open_scm(pipe_hnd, mem_ctx, &hSCM, SC_RIGHT_MGR_ENUMERATE_SERVICE ); if ( !W_ERROR_IS_OK(result) ) { d_printf("Failed to open Service Control Manager. [%s]\n", dos_errstr(result)); return werror_to_ntstatus(result); @@ -208,7 +225,7 @@ static NTSTATUS rpc_service_status_internal( const DOM_SID *domain_sid, const ch /* Open the Service */ - result = cli_svcctl_open_service( cli, mem_ctx, &hSCM, &hService, servicename, + result = rpccli_svcctl_open_service(pipe_hnd, mem_ctx, &hSCM, &hService, servicename, (SC_RIGHT_SVC_QUERY_STATUS|SC_RIGHT_SVC_QUERY_CONFIG) ); if ( !W_ERROR_IS_OK(result) ) { @@ -218,7 +235,7 @@ static NTSTATUS rpc_service_status_internal( const DOM_SID *domain_sid, const ch /* get the status */ - result = cli_svcctl_query_status( cli, mem_ctx, &hService, &service_status ); + result = rpccli_svcctl_query_status(pipe_hnd, mem_ctx, &hService, &service_status ); if ( !W_ERROR_IS_OK(result) ) { d_printf("Query status request failed. [%s]\n", dos_errstr(result)); goto done; @@ -228,7 +245,7 @@ static NTSTATUS rpc_service_status_internal( const DOM_SID *domain_sid, const ch /* get the config */ - result = cli_svcctl_query_config( cli, mem_ctx, &hService, &config ); + result = rpccli_svcctl_query_config(pipe_hnd, mem_ctx, &hService, &config ); if ( !W_ERROR_IS_OK(result) ) { d_printf("Query config request failed. [%s]\n", dos_errstr(result)); goto done; @@ -268,19 +285,22 @@ static NTSTATUS rpc_service_status_internal( const DOM_SID *domain_sid, const ch } done: - cli_svcctl_close_service( cli, mem_ctx, &hService ); - cli_svcctl_close_service( cli, mem_ctx, &hSCM ); - + rpccli_svcctl_close_service(pipe_hnd, mem_ctx, &hService ); + rpccli_svcctl_close_service(pipe_hnd, mem_ctx, &hSCM ); + return werror_to_ntstatus(result); } - /******************************************************************** ********************************************************************/ -static NTSTATUS rpc_service_stop_internal( const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv ) +static NTSTATUS rpc_service_stop_internal(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv ) { POLICY_HND hSCM; WERROR result = WERR_GENERAL_FAILURE; @@ -295,16 +315,16 @@ static NTSTATUS rpc_service_stop_internal( const DOM_SID *domain_sid, const char /* Open the Service Control Manager */ - result = cli_svcctl_open_scm( cli, mem_ctx, &hSCM, SC_RIGHT_MGR_ENUMERATE_SERVICE ); + result = rpccli_svcctl_open_scm(pipe_hnd, mem_ctx, &hSCM, SC_RIGHT_MGR_ENUMERATE_SERVICE ); if ( !W_ERROR_IS_OK(result) ) { d_printf("Failed to open Service Control Manager. [%s]\n", dos_errstr(result)); return werror_to_ntstatus(result); } - result = control_service( cli, mem_ctx, &hSCM, servicename, + result = control_service(pipe_hnd, mem_ctx, &hSCM, servicename, SVCCTL_CONTROL_STOP, SVCCTL_STOPPED ); - cli_svcctl_close_service( cli, mem_ctx, &hSCM ); + rpccli_svcctl_close_service(pipe_hnd, mem_ctx, &hSCM ); return werror_to_ntstatus(result); } @@ -312,9 +332,13 @@ static NTSTATUS rpc_service_stop_internal( const DOM_SID *domain_sid, const char /******************************************************************** ********************************************************************/ -static NTSTATUS rpc_service_pause_internal( const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv ) +static NTSTATUS rpc_service_pause_internal(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv ) { POLICY_HND hSCM; WERROR result = WERR_GENERAL_FAILURE; @@ -329,16 +353,16 @@ static NTSTATUS rpc_service_pause_internal( const DOM_SID *domain_sid, const cha /* Open the Service Control Manager */ - result = cli_svcctl_open_scm( cli, mem_ctx, &hSCM, SC_RIGHT_MGR_ENUMERATE_SERVICE ); + result = rpccli_svcctl_open_scm(pipe_hnd, mem_ctx, &hSCM, SC_RIGHT_MGR_ENUMERATE_SERVICE ); if ( !W_ERROR_IS_OK(result) ) { d_printf("Failed to open Service Control Manager. [%s]\n", dos_errstr(result)); return werror_to_ntstatus(result); } - result = control_service( cli, mem_ctx, &hSCM, servicename, + result = control_service(pipe_hnd, mem_ctx, &hSCM, servicename, SVCCTL_CONTROL_PAUSE, SVCCTL_PAUSED ); - cli_svcctl_close_service( cli, mem_ctx, &hSCM ); + rpccli_svcctl_close_service(pipe_hnd, mem_ctx, &hSCM ); return werror_to_ntstatus(result); } @@ -346,9 +370,13 @@ static NTSTATUS rpc_service_pause_internal( const DOM_SID *domain_sid, const cha /******************************************************************** ********************************************************************/ -static NTSTATUS rpc_service_resume_internal( const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv ) +static NTSTATUS rpc_service_resume_internal(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv ) { POLICY_HND hSCM; WERROR result = WERR_GENERAL_FAILURE; @@ -363,16 +391,16 @@ static NTSTATUS rpc_service_resume_internal( const DOM_SID *domain_sid, const ch /* Open the Service Control Manager */ - result = cli_svcctl_open_scm( cli, mem_ctx, &hSCM, SC_RIGHT_MGR_ENUMERATE_SERVICE ); + result = rpccli_svcctl_open_scm(pipe_hnd, mem_ctx, &hSCM, SC_RIGHT_MGR_ENUMERATE_SERVICE ); if ( !W_ERROR_IS_OK(result) ) { d_printf("Failed to open Service Control Manager. [%s]\n", dos_errstr(result)); return werror_to_ntstatus(result); } - result = control_service( cli, mem_ctx, &hSCM, servicename, + result = control_service(pipe_hnd, mem_ctx, &hSCM, servicename, SVCCTL_CONTROL_CONTINUE, SVCCTL_RUNNING ); - cli_svcctl_close_service( cli, mem_ctx, &hSCM ); + rpccli_svcctl_close_service(pipe_hnd, mem_ctx, &hSCM ); return werror_to_ntstatus(result); } @@ -380,9 +408,13 @@ static NTSTATUS rpc_service_resume_internal( const DOM_SID *domain_sid, const ch /******************************************************************** ********************************************************************/ -static NTSTATUS rpc_service_start_internal( const DOM_SID *domain_sid, const char *domain_name, - struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv ) +static NTSTATUS rpc_service_start_internal(const DOM_SID *domain_sid, + const char *domain_name, + struct cli_state *cli, + struct rpc_pipe_client *pipe_hnd, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv ) { POLICY_HND hSCM, hService; WERROR result = WERR_GENERAL_FAILURE; @@ -398,7 +430,7 @@ static NTSTATUS rpc_service_start_internal( const DOM_SID *domain_sid, const cha /* Open the Service Control Manager */ - result = cli_svcctl_open_scm( cli, mem_ctx, &hSCM, SC_RIGHT_MGR_ENUMERATE_SERVICE ); + result = rpccli_svcctl_open_scm( pipe_hnd, mem_ctx, &hSCM, SC_RIGHT_MGR_ENUMERATE_SERVICE ); if ( !W_ERROR_IS_OK(result) ) { d_printf("Failed to open Service Control Manager. [%s]\n", dos_errstr(result)); return werror_to_ntstatus(result); @@ -406,7 +438,7 @@ static NTSTATUS rpc_service_start_internal( const DOM_SID *domain_sid, const cha /* Open the Service */ - result = cli_svcctl_open_service( cli, mem_ctx, &hSCM, &hService, + result = rpccli_svcctl_open_service(pipe_hnd, mem_ctx, &hSCM, &hService, servicename, SC_RIGHT_SVC_START ); if ( !W_ERROR_IS_OK(result) ) { @@ -416,13 +448,13 @@ static NTSTATUS rpc_service_start_internal( const DOM_SID *domain_sid, const cha /* get the status */ - result = cli_svcctl_start_service( cli, mem_ctx, &hService, NULL, 0 ); + result = rpccli_svcctl_start_service(pipe_hnd, mem_ctx, &hService, NULL, 0 ); if ( !W_ERROR_IS_OK(result) ) { d_printf("Query status request failed. [%s]\n", dos_errstr(result)); goto done; } - result = watch_service_state( cli, mem_ctx, &hSCM, servicename, SVCCTL_RUNNING, &state ); + result = watch_service_state(pipe_hnd, mem_ctx, &hSCM, servicename, SVCCTL_RUNNING, &state ); if ( W_ERROR_IS_OK(result) && (state == SVCCTL_RUNNING) ) d_printf("Successfully started service: %s\n", servicename ); @@ -430,9 +462,9 @@ static NTSTATUS rpc_service_start_internal( const DOM_SID *domain_sid, const cha d_printf("Failed to start service: %s [%s]\n", servicename, dos_errstr(result) ); done: - cli_svcctl_close_service( cli, mem_ctx, &hService ); - cli_svcctl_close_service( cli, mem_ctx, &hSCM ); - + rpccli_svcctl_close_service(pipe_hnd, mem_ctx, &hService ); + rpccli_svcctl_close_service(pipe_hnd, mem_ctx, &hSCM ); + return werror_to_ntstatus(result); } @@ -525,5 +557,3 @@ int net_rpc_service(int argc, const char **argv) return net_help_service( argc, argv ); } - - diff --git a/source3/utils/net_status.c b/source3/utils/net_status.c index d584597273..960379b383 100644 --- a/source3/utils/net_status.c +++ b/source3/utils/net_status.c @@ -31,7 +31,7 @@ static int show_session(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, memcpy(&sessionid, dbuf.dptr, sizeof(sessionid)); - if (!process_exists(sessionid.pid)) { + if (!process_exists_by_pid(sessionid.pid)) { return 0; } @@ -101,8 +101,8 @@ static int show_share(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, return 0; } - d_printf("%-10.10s %5d %-12s %s", - crec.name,(int)crec.pid, + d_printf("%-10.10s %s %-12s %s", + crec.name,procid_str_static(&crec.pid), crec.machine, asctime(LocalTime(&crec.start))); @@ -125,7 +125,7 @@ static int collect_pid(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, memcpy(&sessionid, dbuf.dptr, sizeof(sessionid)); - if (!process_exists(sessionid.pid)) + if (!process_exists_by_pid(sessionid.pid)) return 0; ids->num_entries += 1; @@ -156,14 +156,15 @@ static int show_share_parseable(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, } for (i=0; i<ids->num_entries; i++) { - if (ids->entries[i].pid == crec.pid) { + struct process_id id = pid_to_procid(ids->entries[i].pid); + if (procid_equal(&id, &crec.pid)) { guest = False; break; } } - d_printf("%s\\%d\\%s\\%s\\%s\\%s\\%s", - crec.name,(int)crec.pid, + d_printf("%s\\%s\\%s\\%s\\%s\\%s\\%s", + crec.name,procid_str_static(&crec.pid), guest ? "" : uidtoname(ids->entries[i].uid), guest ? "" : gidtoname(ids->entries[i].gid), crec.machine, diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c index 3fdd657a2d..4f3bb4d414 100644 --- a/source3/utils/ntlm_auth.c +++ b/source3/utils/ntlm_auth.c @@ -465,6 +465,7 @@ static NTSTATUS ntlm_auth_start_ntlmssp_client(NTLMSSP_STATE **client_ntlmssp_st { NTSTATUS status; if ( (opt_username == NULL) || (opt_domain == NULL) ) { + status = NT_STATUS_UNSUCCESSFUL; DEBUG(1, ("Need username and domain for NTLMSSP\n")); return NT_STATUS_INVALID_PARAMETER; } @@ -693,7 +694,8 @@ static void manage_client_ntlmssp_request(enum stdio_helper_mode stdio_helper_mo data_blob_free(&reply); DEBUG(10, ("NTLMSSP challenge\n")); } else if (NT_STATUS_IS_OK(nt_status)) { - x_fprintf(x_stdout, "AF\n"); + char *reply_base64 = base64_encode_data_blob(reply); + x_fprintf(x_stdout, "AF %s\n", reply_base64); DEBUG(10, ("NTLMSSP OK!\n")); if (ntlmssp_state) ntlmssp_end(&ntlmssp_state); @@ -753,7 +755,7 @@ static void offer_gss_spnego_mechs(void) { /* Server negTokenInit (mech offerings) */ spnego.type = SPNEGO_NEG_TOKEN_INIT; - spnego.negTokenInit.mechTypes = SMB_XMALLOC_ARRAY(const char *, 3); + spnego.negTokenInit.mechTypes = SMB_XMALLOC_ARRAY(char *, 2); #ifdef HAVE_KRB5 spnego.negTokenInit.mechTypes[0] = smb_xstrdup(OID_KERBEROS5_OLD); spnego.negTokenInit.mechTypes[1] = smb_xstrdup(OID_NTLMSSP); @@ -793,6 +795,7 @@ static void manage_gss_spnego_request(enum stdio_helper_mode stdio_helper_mode, DATA_BLOB token; NTSTATUS status; ssize_t len; + TALLOC_CTX *mem_ctx = talloc_init("manage_gss_spnego_request"); char *user = NULL; char *domain = NULL; @@ -857,6 +860,7 @@ static void manage_gss_spnego_request(enum stdio_helper_mode stdio_helper_mode, return; } + status = NT_STATUS_UNSUCCESSFUL; if (strcmp(request.negTokenInit.mechTypes[0], OID_NTLMSSP) == 0) { if ( request.negTokenInit.mechToken.data == NULL ) { @@ -895,7 +899,6 @@ static void manage_gss_spnego_request(enum stdio_helper_mode stdio_helper_mode, if (strcmp(request.negTokenInit.mechTypes[0], OID_KERBEROS5_OLD) == 0) { char *principal; - DATA_BLOB auth_data; DATA_BLOB ap_rep; DATA_BLOB session_key; @@ -910,11 +913,13 @@ static void manage_gss_spnego_request(enum stdio_helper_mode stdio_helper_mode, response.negTokenTarg.mechListMIC = data_blob(NULL, 0); response.negTokenTarg.responseToken = data_blob(NULL, 0); - status = ads_verify_ticket(lp_realm(), + status = ads_verify_ticket(mem_ctx, lp_realm(), &request.negTokenInit.mechToken, - &principal, &auth_data, &ap_rep, + &principal, NULL, &ap_rep, &session_key); + talloc_destroy(mem_ctx); + /* Now in "principal" we have the name we are authenticated as. */ @@ -934,7 +939,6 @@ static void manage_gss_spnego_request(enum stdio_helper_mode stdio_helper_mode, user = SMB_STRDUP(principal); data_blob_free(&ap_rep); - data_blob_free(&auth_data); SAFE_FREE(principal); } @@ -1052,15 +1056,16 @@ static BOOL manage_client_ntlmssp_init(SPNEGO_DATA spnego) } spnego.type = SPNEGO_NEG_TOKEN_INIT; - spnego.negTokenInit.mechTypes = my_mechs; + spnego.negTokenInit.mechTypes = CONST_DISCARD(char **,my_mechs); spnego.negTokenInit.reqFlags = 0; spnego.negTokenInit.mechListMIC = null_blob; status = ntlmssp_update(client_ntlmssp_state, null_blob, &spnego.negTokenInit.mechToken); - if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { - DEBUG(1, ("Expected MORE_PROCESSING_REQUIRED, got: %s\n", + if ( !(NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED) || + NT_STATUS_IS_OK(status)) ) { + DEBUG(1, ("Expected OK or MORE_PROCESSING_REQUIRED, got: %s\n", nt_errstr(status))); ntlmssp_end(&client_ntlmssp_state); return False; @@ -1121,7 +1126,7 @@ static void manage_client_ntlmssp_targ(SPNEGO_DATA spnego) spnego.type = SPNEGO_NEG_TOKEN_TARG; spnego.negTokenTarg.negResult = SPNEGO_ACCEPT_INCOMPLETE; - spnego.negTokenTarg.supportedMech = OID_NTLMSSP; + spnego.negTokenTarg.supportedMech = (char *)OID_NTLMSSP; spnego.negTokenTarg.responseToken = request; spnego.negTokenTarg.mechListMIC = null_blob; @@ -1166,7 +1171,7 @@ static BOOL manage_client_krb5_init(SPNEGO_DATA spnego) spnego.negTokenInit.mechListMIC.length); principal[spnego.negTokenInit.mechListMIC.length] = '\0'; - retval = cli_krb5_get_ticket(principal, 0, &tkt, &session_key_krb5); + retval = cli_krb5_get_ticket(principal, 0, &tkt, &session_key_krb5, 0); if (retval) { @@ -1189,7 +1194,7 @@ static BOOL manage_client_krb5_init(SPNEGO_DATA spnego) return False; } - retval = cli_krb5_get_ticket(principal, 0, &tkt, &session_key_krb5); + retval = cli_krb5_get_ticket(principal, 0, &tkt, &session_key_krb5, 0); if (retval) { DEBUG(10, ("Kinit suceeded, but getting a ticket failed: %s\n", error_message(retval))); @@ -1305,7 +1310,7 @@ static void manage_gss_spnego_client_request(enum stdio_helper_mode stdio_helper /* The server offers a list of mechanisms */ - const char **mechType = spnego.negTokenInit.mechTypes; + const char **mechType = (const char **)spnego.negTokenInit.mechTypes; while (*mechType != NULL) { diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index c88c0d7579..dacaa1e26f 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -119,6 +119,27 @@ static int export_groups (struct pdb_context *in, struct pdb_context *out) { } /********************************************************* + Add all currently available account policy from tdb to one backend + ********************************************************/ + +static int export_account_policies (struct pdb_context *in, struct pdb_context *out) +{ + int i; + + for (i=1; decode_account_policy_name(i) != NULL; i++) { + uint32 policy_value; + if (NT_STATUS_IS_ERR(in->pdb_get_account_policy(in, i, &policy_value))) { + fprintf(stderr, "Can't get account policy from tdb\n"); + return -1; + } + out->pdb_set_account_policy(out, i, policy_value); + } + + return 0; +} + + +/********************************************************* Print info from sam structure **********************************************************/ @@ -652,6 +673,7 @@ int main (int argc, char **argv) static char *backend_in = NULL; static char *backend_out = NULL; static BOOL transfer_groups = False; + static BOOL transfer_account_policies = False; static BOOL force_initialised_password = False; static char *logon_script = NULL; static char *profile_path = NULL; @@ -683,8 +705,8 @@ int main (int argc, char **argv) {"drive", 'D', POPT_ARG_STRING, &home_drive, 0, "set home drive", NULL}, {"script", 'S', POPT_ARG_STRING, &logon_script, 0, "set logon script", NULL}, {"profile", 'p', POPT_ARG_STRING, &profile_path, 0, "set profile path", NULL}, - {"user-SID", 'U', POPT_ARG_STRING, &user_sid, 0, "set user SID or RID", NULL}, - {"group-SID", 'G', POPT_ARG_STRING, &group_sid, 0, "set group SID or RID", NULL}, + {"user SID", 'U', POPT_ARG_STRING, &user_sid, 0, "set user SID or RID", NULL}, + {"group SID", 'G', POPT_ARG_STRING, &group_sid, 0, "set group SID or RID", NULL}, {"create", 'a', POPT_ARG_NONE, &add_user, 0, "create user", NULL}, {"modify", 'r', POPT_ARG_NONE, &modify_user, 0, "modify user", NULL}, {"machine", 'm', POPT_ARG_NONE, &machine, 0, "account is a machine account", NULL}, @@ -693,6 +715,7 @@ int main (int argc, char **argv) {"import", 'i', POPT_ARG_STRING, &backend_in, 0, "import user accounts from this backend", NULL}, {"export", 'e', POPT_ARG_STRING, &backend_out, 0, "export user accounts to this backend", NULL}, {"group", 'g', POPT_ARG_NONE, &transfer_groups, 0, "use -i and -e for groups", NULL}, + {"policies", 'y', POPT_ARG_NONE, &transfer_account_policies, 0, "use -i and -e to move account policies between backends", NULL}, {"account-policy", 'P', POPT_ARG_STRING, &account_policy, 0,"value of an account policy (like maximum password age)",NULL}, {"value", 'C', POPT_ARG_LONG, &account_policy_value, 'C',"set the account policy to this value", NULL}, {"account-control", 'c', POPT_ARG_STRING, &account_control, 0, "Values of account control", NULL}, @@ -792,20 +815,22 @@ int main (int argc, char **argv) SAFE_FREE(apn); exit(1); } - if (!account_policy_get(field, &value)) { + if (!pdb_get_account_policy(field, &value)) { fprintf(stderr, "valid account policy, but unable to fetch value!\n"); - exit(1); + if (!account_policy_value_set) + exit(1); } + printf("account policy \"%s\" description: %s\n", account_policy, account_policy_get_desc(field)); if (account_policy_value_set) { - printf("account policy value for %s was %u\n", account_policy, value); - if (!account_policy_set(field, account_policy_value)) { + printf("account policy \"%s\" value was: %u\n", account_policy, value); + if (!pdb_set_account_policy(field, account_policy_value)) { fprintf(stderr, "valid account policy, but unable to set value!\n"); exit(1); } - printf("account policy value for %s is now %lu\n", account_policy, account_policy_value); + printf("account policy \"%s\" value is now: %lu\n", account_policy, account_policy_value); exit(0); } else { - printf("account policy value for %s is %u\n", account_policy, value); + printf("account policy \"%s\" value is: %u\n", account_policy, value); exit(0); } } @@ -829,7 +854,10 @@ int main (int argc, char **argv) } else { bout = bdef; } - if (transfer_groups) { + if (transfer_account_policies) { + if (!(checkparms & BIT_USER)) + return export_account_policies(bin, bout); + } else if (transfer_groups) { if (!(checkparms & BIT_USER)) return export_groups(bin, bout); } else { diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index 00000b5cfb..36efcc247d 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -64,6 +64,7 @@ static const struct perm_value standard_values[] = { }; static struct cli_state *global_hack_cli; +static struct rpc_pipe_client *global_pipe_hnd; static POLICY_HND pol; static BOOL got_policy_hnd; @@ -76,8 +77,10 @@ static BOOL cacls_open_policy_hnd(void) /* Initialise cli LSA connection */ if (!global_hack_cli) { + NTSTATUS ret; global_hack_cli = connect_one("IPC$"); - if (!cli_nt_session_open (global_hack_cli, PI_LSARPC)) { + global_pipe_hnd = cli_rpc_pipe_open_noauth(global_hack_cli, PI_LSARPC, &ret); + if (!global_pipe_hnd) { return False; } } @@ -89,7 +92,7 @@ static BOOL cacls_open_policy_hnd(void) /* Some systems don't support SEC_RIGHTS_MAXIMUM_ALLOWED, but NT sends 0x2000000 so we might as well do it too. */ - if (!NT_STATUS_IS_OK(cli_lsa_open_policy(global_hack_cli, global_hack_cli->mem_ctx, True, + if (!NT_STATUS_IS_OK(rpccli_lsa_open_policy(global_pipe_hnd, global_hack_cli->mem_ctx, True, GENERIC_EXECUTE_ACCESS, &pol))) { return False; } @@ -114,7 +117,7 @@ static void SidToString(fstring str, DOM_SID *sid) /* Ask LSA to convert the sid to a name */ if (!cacls_open_policy_hnd() || - !NT_STATUS_IS_OK(cli_lsa_lookup_sids(global_hack_cli, global_hack_cli->mem_ctx, + !NT_STATUS_IS_OK(rpccli_lsa_lookup_sids(global_pipe_hnd, global_hack_cli->mem_ctx, &pol, 1, sid, &domains, &names, &types)) || !domains || !domains[0] || !names || !names[0]) { @@ -141,7 +144,7 @@ static BOOL StringToSid(DOM_SID *sid, const char *str) } if (!cacls_open_policy_hnd() || - !NT_STATUS_IS_OK(cli_lsa_lookup_names(global_hack_cli, global_hack_cli->mem_ctx, + !NT_STATUS_IS_OK(rpccli_lsa_lookup_names(global_pipe_hnd, global_hack_cli->mem_ctx, &pol, 1, &str, &sids, &types))) { result = False; diff --git a/source3/utils/smbcontrol.c b/source3/utils/smbcontrol.c index c0de85cea5..a0304eb89a 100644 --- a/source3/utils/smbcontrol.c +++ b/source3/utils/smbcontrol.c @@ -34,7 +34,8 @@ static int num_replies; /* Used by message callback fns */ /* Send a message to a destination pid. Zero means broadcast smbd. */ -static BOOL send_message(pid_t pid, int msg_type, const void *buf, int len, +static BOOL send_message(struct process_id pid, int msg_type, + const void *buf, int len, BOOL duplicates) { TDB_CONTEXT *tdb; @@ -44,7 +45,7 @@ static BOOL send_message(pid_t pid, int msg_type, const void *buf, int len, if (!message_init()) return False; - if (pid != 0) + if (procid_to_pid(&pid) != 0) return message_send_pid(pid, msg_type, buf, len, duplicates); tdb = tdb_open_log(lock_path("connections.tdb"), 0, @@ -84,15 +85,17 @@ static void wait_replies(BOOL multiple_replies) /* Message handler callback that displays the PID and a string on stdout */ -static void print_pid_string_cb(int msg_type, pid_t pid, void *buf, size_t len) +static void print_pid_string_cb(int msg_type, struct process_id pid, void *buf, size_t len) { - printf("PID %u: %.*s", (unsigned int)pid, (int)len, (const char *)buf); + printf("PID %u: %.*s", (unsigned int)procid_to_pid(&pid), + (int)len, (const char *)buf); num_replies++; } /* Message handler callback that displays a string on stdout */ -static void print_string_cb(int msg_type, pid_t pid, void *buf, size_t len) +static void print_string_cb(int msg_type, struct process_id pid, + void *buf, size_t len) { printf("%.*s", (int)len, (const char *)buf); num_replies++; @@ -100,7 +103,8 @@ static void print_string_cb(int msg_type, pid_t pid, void *buf, size_t len) /* Send no message. Useful for testing. */ -static BOOL do_noop(const pid_t pid, const int argc, const char **argv) +static BOOL do_noop(const struct process_id pid, + const int argc, const char **argv) { if (argc != 1) { fprintf(stderr, "Usage: smbcontrol <dest> noop\n"); @@ -114,7 +118,8 @@ static BOOL do_noop(const pid_t pid, const int argc, const char **argv) /* Send a debug string */ -static BOOL do_debug(const pid_t pid, const int argc, const char **argv) +static BOOL do_debug(const struct process_id pid, + const int argc, const char **argv) { if (argc != 2) { fprintf(stderr, "Usage: smbcontrol <dest> debug " @@ -128,7 +133,8 @@ static BOOL do_debug(const pid_t pid, const int argc, const char **argv) /* Force a browser election */ -static BOOL do_election(const pid_t pid, const int argc, const char **argv) +static BOOL do_election(const struct process_id pid, + const int argc, const char **argv) { if (argc != 1) { fprintf(stderr, "Usage: smbcontrol <dest> force-election\n"); @@ -141,13 +147,15 @@ static BOOL do_election(const pid_t pid, const int argc, const char **argv) /* Ping a samba daemon process */ -static void pong_cb(int msg_type, pid_t pid, void *buf, size_t len) +static void pong_cb(int msg_type, struct process_id pid, void *buf, size_t len) { - printf("PONG from pid %u\n", (unsigned int)pid); + char *src_string = procid_str(NULL, &pid); + printf("PONG from pid %s\n", src_string); + talloc_free(src_string); num_replies++; } -static BOOL do_ping(const pid_t pid, const int argc, const char **argv) +static BOOL do_ping(const struct process_id pid, const int argc, const char **argv) { if (argc != 1) { fprintf(stderr, "Usage: smbcontrol <dest> ping\n"); @@ -161,7 +169,7 @@ static BOOL do_ping(const pid_t pid, const int argc, const char **argv) message_register(MSG_PONG, pong_cb); - wait_replies(pid == 0); + wait_replies(procid_to_pid(&pid) == 0); /* No replies were received within the timeout period */ @@ -175,7 +183,8 @@ static BOOL do_ping(const pid_t pid, const int argc, const char **argv) /* Set profiling options */ -static BOOL do_profile(const pid_t pid, const int argc, const char **argv) +static BOOL do_profile(const struct process_id pid, + const int argc, const char **argv) { int v; @@ -203,7 +212,7 @@ static BOOL do_profile(const pid_t pid, const int argc, const char **argv) /* Return the profiling level */ -static void profilelevel_cb(int msg_type, pid_t pid, void *buf, size_t len) +static void profilelevel_cb(int msg_type, struct process_id pid, void *buf, size_t len) { int level; const char *s; @@ -236,10 +245,11 @@ static void profilelevel_cb(int msg_type, pid_t pid, void *buf, size_t len) break; } - printf("Profiling %s on pid %u\n",s,(unsigned int)pid); + printf("Profiling %s on pid %u\n",s,(unsigned int)procid_to_pid(&pid)); } -static void profilelevel_rqst(int msg_type, pid_t pid, void *buf, size_t len) +static void profilelevel_rqst(int msg_type, struct process_id pid, + void *buf, size_t len) { int v = 0; @@ -248,7 +258,8 @@ static void profilelevel_rqst(int msg_type, pid_t pid, void *buf, size_t len) send_message(pid, MSG_PROFILELEVEL, &v, sizeof(int), False); } -static BOOL do_profilelevel(const pid_t pid, const int argc, const char **argv) +static BOOL do_profilelevel(const struct process_id pid, + const int argc, const char **argv) { if (argc != 1) { fprintf(stderr, "Usage: smbcontrol <dest> profilelevel\n"); @@ -263,7 +274,7 @@ static BOOL do_profilelevel(const pid_t pid, const int argc, const char **argv) message_register(MSG_PROFILELEVEL, profilelevel_cb); message_register(MSG_REQ_PROFILELEVEL, profilelevel_rqst); - wait_replies(pid == 0); + wait_replies(procid_to_pid(&pid) == 0); /* No replies were received within the timeout period */ @@ -277,7 +288,8 @@ static BOOL do_profilelevel(const pid_t pid, const int argc, const char **argv) /* Display debug level settings */ -static BOOL do_debuglevel(const pid_t pid, const int argc, const char **argv) +static BOOL do_debuglevel(const struct process_id pid, + const int argc, const char **argv) { if (argc != 1) { fprintf(stderr, "Usage: smbcontrol <dest> debuglevel\n"); @@ -291,7 +303,7 @@ static BOOL do_debuglevel(const pid_t pid, const int argc, const char **argv) message_register(MSG_DEBUGLEVEL, print_pid_string_cb); - wait_replies(pid == 0); + wait_replies(procid_to_pid(&pid) == 0); /* No replies were received within the timeout period */ @@ -305,7 +317,8 @@ static BOOL do_debuglevel(const pid_t pid, const int argc, const char **argv) /* Send a print notify message */ -static BOOL do_printnotify(const pid_t pid, const int argc, const char **argv) +static BOOL do_printnotify(const struct process_id pid, + const int argc, const char **argv) { const char *cmd; @@ -428,7 +441,8 @@ static BOOL do_printnotify(const pid_t pid, const int argc, const char **argv) return False; } - notify_printer_byname(argv[2], attribute, argv[4]); + notify_printer_byname(argv[2], attribute, + CONST_DISCARD(char *, argv[4])); goto send; } @@ -443,7 +457,8 @@ send: /* Close a share */ -static BOOL do_closeshare(const pid_t pid, const int argc, const char **argv) +static BOOL do_closeshare(const struct process_id pid, + const int argc, const char **argv) { if (argc != 2) { fprintf(stderr, "Usage: smbcontrol <dest> close-share " @@ -457,7 +472,8 @@ static BOOL do_closeshare(const pid_t pid, const int argc, const char **argv) /* Force a SAM synchronisation */ -static BOOL do_samsync(const pid_t pid, const int argc, const char **argv) +static BOOL do_samsync(const struct process_id pid, + const int argc, const char **argv) { if (argc != 1) { fprintf(stderr, "Usage: smbcontrol <dest> samsync\n"); @@ -470,7 +486,8 @@ static BOOL do_samsync(const pid_t pid, const int argc, const char **argv) /* Force a SAM replication */ -static BOOL do_samrepl(const pid_t pid, const int argc, const char **argv) +static BOOL do_samrepl(const struct process_id pid, + const int argc, const char **argv) { if (argc != 1) { fprintf(stderr, "Usage: smbcontrol <dest> samrepl\n"); @@ -483,7 +500,8 @@ static BOOL do_samrepl(const pid_t pid, const int argc, const char **argv) /* Display talloc pool usage */ -static BOOL do_poolusage(const pid_t pid, const int argc, const char **argv) +static BOOL do_poolusage(const struct process_id pid, + const int argc, const char **argv) { if (argc != 1) { fprintf(stderr, "Usage: smbcontrol <dest> pool-usage\n"); @@ -497,7 +515,7 @@ static BOOL do_poolusage(const pid_t pid, const int argc, const char **argv) message_register(MSG_POOL_USAGE, print_string_cb); - wait_replies(pid == 0); + wait_replies(procid_to_pid(&pid) == 0); /* No replies were received within the timeout period */ @@ -511,7 +529,8 @@ static BOOL do_poolusage(const pid_t pid, const int argc, const char **argv) /* Perform a dmalloc mark */ -static BOOL do_dmalloc_mark(const pid_t pid, const int argc, const char **argv) +static BOOL do_dmalloc_mark(const struct process_id pid, + const int argc, const char **argv) { if (argc != 1) { fprintf(stderr, "Usage: smbcontrol <dest> dmalloc-mark\n"); @@ -524,7 +543,8 @@ static BOOL do_dmalloc_mark(const pid_t pid, const int argc, const char **argv) /* Perform a dmalloc changed */ -static BOOL do_dmalloc_changed(const pid_t pid, const int argc, const char **argv) +static BOOL do_dmalloc_changed(const struct process_id pid, + const int argc, const char **argv) { if (argc != 1) { fprintf(stderr, "Usage: smbcontrol <dest> " @@ -538,7 +558,8 @@ static BOOL do_dmalloc_changed(const pid_t pid, const int argc, const char **arg /* Shutdown a server process */ -static BOOL do_shutdown(const pid_t pid, const int argc, const char **argv) +static BOOL do_shutdown(const struct process_id pid, + const int argc, const char **argv) { if (argc != 1) { fprintf(stderr, "Usage: smbcontrol <dest> shutdown\n"); @@ -550,7 +571,8 @@ static BOOL do_shutdown(const pid_t pid, const int argc, const char **argv) /* Notify a driver upgrade */ -static BOOL do_drvupgrade(const pid_t pid, const int argc, const char **argv) +static BOOL do_drvupgrade(const struct process_id pid, + const int argc, const char **argv) { if (argc != 2) { fprintf(stderr, "Usage: smbcontrol <dest> drvupgrade " @@ -562,7 +584,8 @@ static BOOL do_drvupgrade(const pid_t pid, const int argc, const char **argv) pid, MSG_DEBUG, argv[1], strlen(argv[1]) + 1, False); } -static BOOL do_reload_config(const pid_t pid, const int argc, const char **argv) +static BOOL do_reload_config(const struct process_id pid, + const int argc, const char **argv) { if (argc != 1) { fprintf(stderr, "Usage: smbcontrol <dest> reload-config\n"); @@ -583,8 +606,8 @@ static void my_make_nmb_name( struct nmb_name *n, const char *name, int type) push_ascii(n->scope, global_scope(), 64, STR_TERMINATE); } -static BOOL do_nodestatus(const pid_t pid, const int argc, - const char **argv) +static BOOL do_nodestatus(const struct process_id pid, + const int argc, const char **argv) { struct packet_struct p; @@ -623,7 +646,8 @@ static BOOL do_nodestatus(const pid_t pid, const int argc, static const struct { const char *name; /* Option name */ - BOOL (*fn)(const pid_t pid, const int argc, const char **argv); + BOOL (*fn)(const struct process_id pid, + const int argc, const char **argv); const char *help; /* Short help text */ } msg_types[] = { { "debug", do_debug, "Set debuglevel" }, @@ -674,33 +698,39 @@ static void usage(poptContext *pc) /* Return the pid number for a string destination */ -static pid_t parse_dest(const char *dest) +static struct process_id parse_dest(const char *dest) { + struct process_id result; pid_t pid; /* Zero is a special return value for broadcast smbd */ - if (strequal(dest, "smbd")) - return 0; + if (strequal(dest, "smbd")) { + return interpret_pid("0"); + } /* Try self - useful for testing */ - if (strequal(dest, "self")) - return sys_getpid(); + if (strequal(dest, "self")) { + return pid_to_procid(sys_getpid()); + } /* Check for numeric pid number */ - if ((pid = atoi(dest)) != 0) - return pid; + result = interpret_pid(dest); + if (procid_valid(&result)) { + return result; + } /* Look up other destinations in pidfile directory */ - if ((pid = pidfile_pid(dest)) != 0) - return pid; + if ((pid = pidfile_pid(dest)) != 0) { + return pid_to_procid(pid); + } fprintf(stderr,"Can't find pid for destination '%s'\n", dest); - return -1; + return result; } /* Execute smbcontrol command */ @@ -708,13 +738,15 @@ static pid_t parse_dest(const char *dest) static BOOL do_command(int argc, const char **argv) { const char *dest = argv[0], *command = argv[1]; - pid_t pid; + struct process_id pid; int i; /* Check destination */ - if ((pid = parse_dest(dest)) == -1) + pid = parse_dest(dest); + if (!procid_valid(&pid)) { return False; + } /* Check command */ diff --git a/source3/utils/smbcquotas.c b/source3/utils/smbcquotas.c index 81f7dd42bb..c516fbb218 100644 --- a/source3/utils/smbcquotas.c +++ b/source3/utils/smbcquotas.c @@ -34,7 +34,8 @@ static BOOL verbose; enum todo_values {NOOP_QUOTA=0,FS_QUOTA,USER_QUOTA,LIST_QUOTA,SET_QUOTA}; enum exit_values {EXIT_OK, EXIT_FAILED, EXIT_PARSE_ERROR}; -static struct cli_state *cli_ipc = NULL; +static struct cli_state *cli_ipc; +static struct rpc_pipe_client *global_pipe_hnd; static POLICY_HND pol; static BOOL got_policy_hnd; @@ -47,8 +48,10 @@ static BOOL cli_open_policy_hnd(void) /* Initialise cli LSA connection */ if (!cli_ipc) { + NTSTATUS ret; cli_ipc = connect_one("IPC$"); - if (!cli_nt_session_open (cli_ipc, PI_LSARPC)) { + global_pipe_hnd = cli_rpc_pipe_open_noauth(cli_ipc, PI_LSARPC, &ret); + if (!global_pipe_hnd) { return False; } } @@ -60,7 +63,7 @@ static BOOL cli_open_policy_hnd(void) /* Some systems don't support SEC_RIGHTS_MAXIMUM_ALLOWED, but NT sends 0x2000000 so we might as well do it too. */ - if (!NT_STATUS_IS_OK(cli_lsa_open_policy(cli_ipc, cli_ipc->mem_ctx, True, + if (!NT_STATUS_IS_OK(rpccli_lsa_open_policy(global_pipe_hnd, cli_ipc->mem_ctx, True, GENERIC_EXECUTE_ACCESS, &pol))) { return False; } @@ -85,7 +88,7 @@ static void SidToString(fstring str, DOM_SID *sid, BOOL _numeric) /* Ask LSA to convert the sid to a name */ if (!cli_open_policy_hnd() || - !NT_STATUS_IS_OK(cli_lsa_lookup_sids(cli_ipc, cli_ipc->mem_ctx, + !NT_STATUS_IS_OK(rpccli_lsa_lookup_sids(global_pipe_hnd, cli_ipc->mem_ctx, &pol, 1, sid, &domains, &names, &types)) || !domains || !domains[0] || !names || !names[0]) { @@ -112,7 +115,7 @@ static BOOL StringToSid(DOM_SID *sid, const char *str) } if (!cli_open_policy_hnd() || - !NT_STATUS_IS_OK(cli_lsa_lookup_names(cli_ipc, cli_ipc->mem_ctx, + !NT_STATUS_IS_OK(rpccli_lsa_lookup_names(global_pipe_hnd, cli_ipc->mem_ctx, &pol, 1, &str, &sids, &types))) { result = False; diff --git a/source3/utils/status.c b/source3/utils/status.c index 96e4bd266b..4709cfbaee 100644 --- a/source3/utils/status.c +++ b/source3/utils/status.c @@ -98,7 +98,7 @@ static BOOL Ucrit_addPid( pid_t pid ) return True; } -static void print_share_mode(share_mode_entry *e, char *fname) +static void print_share_mode(const struct share_mode_entry *e, char *fname) { static int count; if (count==0) { @@ -108,8 +108,8 @@ static void print_share_mode(share_mode_entry *e, char *fname) } count++; - if (Ucrit_checkPid(e->pid)) { - d_printf("%-5d ",(int)e->pid); + if (Ucrit_checkPid(procid_to_pid(&e->pid))) { + d_printf("%s ",procid_str_static(&e->pid)); switch (map_share_mode_to_deny_mode(e->share_access, e->private_options)) { case DENY_NONE: d_printf("DENY_NONE "); break; @@ -154,7 +154,7 @@ static void print_share_mode(share_mode_entry *e, char *fname) } } -static void print_brl(SMB_DEV_T dev, SMB_INO_T ino, int pid, +static void print_brl(SMB_DEV_T dev, SMB_INO_T ino, struct process_id pid, enum brl_type lock_type, br_off start, br_off size) { @@ -166,8 +166,8 @@ static void print_brl(SMB_DEV_T dev, SMB_INO_T ino, int pid, } count++; - d_printf("%6d %05x:%05x %s %9.0f %9.0f\n", - (int)pid, (int)dev, (int)ino, + d_printf("%s %05x:%05x %s %9.0f %9.0f\n", + procid_str_static(&pid), (int)dev, (int)ino, lock_type==READ_LOCK?"R":"W", (double)start, (double)size); } @@ -550,8 +550,8 @@ static int traverse_fn1(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, void *st return 0; } - d_printf("%-10s %5d %-12s %s", - crec.name,(int)crec.pid, + d_printf("%-10s %s %-12s %s", + crec.name,procid_str_static(&crec.pid), crec.machine, asctime(LocalTime(&crec.start))); @@ -568,7 +568,7 @@ static int traverse_sessionid(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, vo memcpy(&sessionid, dbuf.dptr, sizeof(sessionid)); - if (!process_exists(sessionid.pid) || !Ucrit_checkUid(sessionid.uid)) { + if (!process_exists_by_pid(sessionid.pid) || !Ucrit_checkUid(sessionid.uid)) { return 0; } diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c index 2b72479ac0..b4561b58de 100644 --- a/source3/utils/testparm.c +++ b/source3/utils/testparm.c @@ -206,7 +206,7 @@ via the %%o substitution. With encrypted passwords this is not possible.\n", lp_ poptContext pc; static const char *term_code = ""; static char *parameter_name = NULL; - static char *section_name = NULL; + static const char *section_name = NULL; static char *new_local_machine = NULL; const char *cname; const char *caddr; |