diff options
-rw-r--r-- | source4/scripting/bin/samba3dump | 220 | ||||
-rw-r--r-- | source4/scripting/ejs/config.mk | 3 | ||||
-rw-r--r-- | source4/scripting/ejs/smbcalls.c | 1 | ||||
-rw-r--r-- | source4/scripting/ejs/smbcalls_samba3.c | 255 | ||||
-rw-r--r-- | source4/scripting/ejs/smbscript.c | 5 | ||||
-rw-r--r-- | source4/scripting/libjs/upgrade.js (renamed from source4/scripting/libjs/samba3.js) | 7 |
6 files changed, 489 insertions, 2 deletions
diff --git a/source4/scripting/bin/samba3dump b/source4/scripting/bin/samba3dump new file mode 100644 index 0000000000..71937c27c7 --- /dev/null +++ b/source4/scripting/bin/samba3dump @@ -0,0 +1,220 @@ +#!/bin/sh +exec smbscript "$0" ${1+"$@"} +/* + Dump Samba3 data + Copyright Jelmer Vernooij 2005 + Released under the GNU GPL v2 or later +*/ + +options = GetOptions(ARGV, + "POPT_AUTOHELP", + "POPT_COMMON_SAMBA", + "POPT_COMMON_VERSION", + 'format=s', + 'quiet', 'blank'); + +if (options == undefined) { + println("Failed to parse options"); + return -1; +} + +if (options.format == undefined) { + options.format = "summary"; +} + +if (options.format != "summary" && options.format != "full") { + printf("Unknown format %s\n", options.format); + return -1; +} + +libinclude("base.js"); + +if (ARGV.length != 3) { + println("Usage: samba3dump <libdir> <smb.conf>"); + return -1; +} + +function print_header(txt) +{ + printf("\n%s\n", txt); + for (i = 0; txt[i]; i++) putchar('='); + putchar('\n'); +} + +function print_samba3_policy(pol) +{ + print_header("Account Policies"); + printf("Min password length: %d\n", pol.min_password_length); + printf("Password history length: %d\n", pol.password_history); + printf("User must logon to change password: %d\n", pol.user_must_logon_to_change_password); + printf("Maximum password age: %d\n", pol.maximum_password_age); + printf("Minimum password age: %d\n", pol.minimum_password_age); + printf("Lockout duration: %d\n", pol.lockout_duration); + printf("Reset Count Minutes: %d\n", pol.reset_count_minutes); + printf("Bad Lockout Minutes: %d\n", pol.bad_lockout_minutes); + printf("Disconnect Time: %d\n", pol.disconnect_time); + printf("Refuse Machine Password Change: %d\n", pol.refuse_machine_password_change); +} + +function print_samba3_sam(samba3) +{ + print_header("SAM Database"); + + for (i = 0; i < samba3.samaccount_count; i++) { + printf("%d: %s\n", samba3.samaccounts[i].user_rid, samba3.samaccounts[i].username); + } +} + +function print_samba3_shares(samba3) +{ + print_header("Configured shares"); + for (i = 0; i < samba3.share_count; i++) { + printf("--- %s ---\n", samba3.shares[i].name); + + for (j = 0; j < samba3.shares[i].parameter_count; j++) { + printf("\t%s = %s\n", samba3.shares[i].parameters[j].name, samba3.shares[i].parameters[j].value); + } + + println(""); + } +} + +function print_samba3_secrets(secrets) +{ + print_header("Secrets"); + + println("IPC Credentials:"); + if (secrets.ipc_cred.username_obtained) + printf(" User: %s\n", secrets.ipc_cred.username); + if (secrets.ipc_cred.password_obtained) + printf(" Password: %s\n", secrets.ipc_cred.password); + + if (secrets.ipc_cred.domain_obtained) + printf(" Domain: %s\n\n", secrets.ipc_cred.domain); + + println("LDAP passwords:"); + for (i = 0; i < secrets.ldappw_count; i++) { + printf("\t%s -> %s\n", secrets.ldappws[i].dn, secrets.ldappws[i].password); + } + println(""); + + println("Domains:"); + for (i = 0; i < secrets.domain_count; i++) { + printf("\t--- %s ---\n", secrets.domains[i].name); + printf("\tSID: %s\n", secrets.domains[i].sid); + printf("\tGUID: %s\n", secrets.domains[i].guid); + printf("\tPlaintext pwd: %s\n", secrets.domains[i].plaintext_pw); + printf("\tLast Changed: %lu\n", secrets.domains[i].last_change_time); + printf("\tSecure Channel Type: %d\n\n", secrets.domains[i].sec_channel_type); + } + + println("Trusted domains:"); + for (i = 0; i < secrets.trusted_domain_count; i++) { + for (j = 0; j < secrets.trusted_domains[i].uni_name_len; j++) { + printf("\t--- %s ---\n", secrets.trusted_domains[i].uni_name[j]); + } + printf("\tPassword: %s\n", secrets.trusted_domains[i].pass); + printf("\tModified: %lu\n", secrets.trusted_domains[i].mod_time); + printf("\tSID: %s\n", secrets.trusted_domains[i].domain_sid); + } +} + +function print_samba3_regdb(regdb) +{ + print_header("Registry"); + + for (i = 0; i < regdb.key_count; i++) { + printf("%s\n", regdb.keys[i].name); + for (j = 0; j < regdb.keys[i].value_count; j++) { + printf("\t%s: type %d, length %d\n", + regdb.keys[i].values[j].name, + regdb.keys[i].values[j].type, + regdb.keys[i].values[j].data.length); + } + } +} + +function print_samba3_winsdb(samba3) +{ + print_header("WINS Database"); + + for (i = 0; i < samba3.winsdb_count; i++) { + printf("%s, nb_flags: %x, type: %d, ttl: %lu, %d ips\n", samba3.winsdb_entries[i].name, samba3.winsdb_entries[i].nb_flags, samba3.winsdb_entries[i].type, samba3.winsdb_entries[i].ttl, samba3.winsdb_entries[i].ip_count); + } +} + +function print_samba3_groupdb(groupdb) +{ + int i; + print_header("Group Mappings"); + + for (i = 0; i < groupdb.groupmap_count; i++) + { + printf("\t--- Group: %s ---\n", groupdb.groupmappings[i].nt_name); + printf("\tComment: %s\n", groupdb.groupmappings[i].comment); + printf("\tGID: %d\n", groupdb.groupmappings[i].gid); + printf("\tSID Name Use: %d\n", groupdb.groupmappings[i].sid_name_use); + printf("\tSID: %s\n\n", groupdb.groupmappings[i].sid); + } + + for (i = 0; i < groupdb.alias_count; i++) + { + int j; + printf("\t--- Alias: %s ---\n", groupdb.aliases[i].sid); + for (j = 0; j < groupdb.aliases[i].member_count; j++) { + printf("\t%s\n", groupdb.aliases[i].members[j]); + } + } +} + +function print_samba3_idmapdb(idmapdb) +{ + print_header("Winbindd SID<->GID/UID mappings"); + + printf("User High Water Mark: %d\n", idmapdb.user_hwm); + printf("Group High Water Mark: %d\n\n", idmapdb.group_hwm); + + for (i = 0; i < idmapdb.mapping_count; i++) { + printf("%s -> ", + idmapdb.mappings[i].sid); + + if (idmapdb.mappings[i].type == IDMAP_GROUP) { + printf("GID %d", idmapdb.mappings[i].unix_id); + } else { + printf("UID %d", idmapdb.mappings[i].unix_id); + } + } +} + +function print_samba3(samba3) +{ + print_samba3_sam(samba3); + print_samba3_policy(samba3.policy); + print_samba3_shares(samba3); + print_samba3_winsdb(samba3); + print_samba3_regdb(samba3.registry); + print_samba3_secrets(samba3.secrets); + print_samba3_groupdb(samba3.group); + print_samba3_idmapdb(samba3.idmap); +} + +function print_samba3_summary(samba3) +{ + printf("WINS db entries: %d\n", samba3.winsdb_count); + printf("SAM Accounts: %d\n", samba3.samaccount_count); + printf("Registry key count: %d\n", samba3.registry.key_count); + printf("Shares (including [global]): %d\n", samba3.share_count); + printf("Groupmap count: %d\n", samba3.group.groupmap_count); + printf("Alias count: %d\n", samba3.group.alias_count); + printf("Idmap count: %d\n", samba3.idmap.mapping_count); +} + +samba3 = samba3_read(ARGV[1], ARGV[2]); + +if (options.format == "summary") { + print_samba3_summary(samba3); +} else if (options.format == "full") { + print_samba3(samba3); +} + +return 0; diff --git a/source4/scripting/ejs/config.mk b/source4/scripting/ejs/config.mk index 096c2049ab..e5711f1424 100644 --- a/source4/scripting/ejs/config.mk +++ b/source4/scripting/ejs/config.mk @@ -26,8 +26,9 @@ OBJ_FILES = \ scripting/ejs/smbcalls_rand.o \ scripting/ejs/smbcalls_sys.o \ scripting/ejs/smbcalls_creds.o \ + scripting/ejs/smbcalls_samba3.o \ scripting/ejs/mprutil.o -REQUIRED_SUBSYSTEMS = AUTH EJS LIBBASIC EJSRPC MESSAGING +REQUIRED_SUBSYSTEMS = AUTH EJS LIBBASIC EJSRPC MESSAGING LIBSAMBA3 # End SUBSYSTEM SMBCALLS ####################### diff --git a/source4/scripting/ejs/smbcalls.c b/source4/scripting/ejs/smbcalls.c index 3981e1dd7a..a73fbe52c3 100644 --- a/source4/scripting/ejs/smbcalls.c +++ b/source4/scripting/ejs/smbcalls.c @@ -128,6 +128,7 @@ void smb_setup_ejs_functions(void) smb_setup_ejs_random(); smb_setup_ejs_system(); smb_setup_ejs_credentials(); + smb_setup_ejs_samba3(); smb_setup_ejs_datablob(); ejsDefineCFunction(-1, "typeof", ejs_typeof, NULL, MPR_VAR_SCRIPT_HANDLE); diff --git a/source4/scripting/ejs/smbcalls_samba3.c b/source4/scripting/ejs/smbcalls_samba3.c new file mode 100644 index 0000000000..0cb3a2160c --- /dev/null +++ b/source4/scripting/ejs/smbcalls_samba3.c @@ -0,0 +1,255 @@ +/* + Unix SMB/CIFS implementation. + + provide hooks into smbd C calls from ejs scripts + + Copyright (C) Jelmer Vernooij 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" +#include "scripting/ejs/smbcalls.h" +#include "lib/appweb/ejs/ejs.h" +#include "lib/samba3/samba3.h" + +#if 0 +struct samba3_samaccount { + uint32_t logon_time, + logoff_time, + kickoff_time, + bad_password_time, + pass_last_set_time, + pass_can_change_time, + pass_must_change_time; + char *username; + char *domain; + char *nt_username; + char *dir_drive; + char *unknown_str; + char *munged_dial; + char *fullname; + char *homedir; + char *logon_script; + char *profile_path; + char *acct_desc; + char *workstations; + uint32_t user_rid, group_rid, hours_len, unknown_6; + uint16_t acct_ctrl, logon_divs; + uint16_t bad_password_count, logon_count; + uint8_t *lm_pw_ptr, *nt_pw_ptr; + uint8_t *nt_pw_hist_ptr; + uint8_t *hours; +}; + +struct samba3_groupmapping { + gid_t gid; + struct dom_sid *sid; + int sid_name_use; + const char *nt_name; + const char *comment; +}; + +struct samba3_alias { + struct dom_sid *sid; + uint32_t member_count; + struct dom_sid **members; +}; + +struct samba3_groupdb { + uint32_t groupmap_count; + struct samba3_groupmapping *groupmappings; + + uint32_t alias_count; + struct samba3_alias *aliases; +}; + +struct samba3_idmap_mapping +{ + enum { IDMAP_GROUP, IDMAP_USER } type; + uint32_t unix_id; + struct dom_sid *sid; +}; + +struct samba3_idmapdb +{ + /* High water marks */ + uint32_t user_hwm; + uint32_t group_hwm; + + uint32_t mapping_count; + struct samba3_idmap_mapping *mappings; +}; + +struct samba3_winsdb_entry +{ + char *name; + int nb_flags; + int type; + time_t ttl; + uint32_t ip_count; + struct ipv4_addr *ips; +}; + +struct samba3_policy +{ + uint32_t min_password_length; + uint32_t password_history; + uint32_t user_must_logon_to_change_password; + uint32_t maximum_password_age; + uint32_t minimum_password_age; + uint32_t lockout_duration; + uint32_t reset_count_minutes; + uint32_t bad_lockout_minutes; + uint32_t disconnect_time; + uint32_t refuse_machine_password_change; +}; + +struct samba3_regval { + char *name; + uint16_t type; + DATA_BLOB data; +}; + +struct samba3_regkey { + char *name; + + uint32_t value_count; + struct samba3_regval *values; + + uint32_t subkey_count; + char **subkeys; +}; + +struct samba3_regdb +{ + uint32_t key_count; + struct samba3_regkey *keys; +}; + +struct samba3_secrets +{ + struct cli_credentials *ipc_cred; + + uint32_t ldappw_count; + struct samba3_ldappw + { + char *dn; + char *password; + } *ldappws; + + uint32_t domain_count; + struct samba3_domainsecrets + { + char *name; + struct dom_sid sid; + struct GUID guid; + char *plaintext_pw; + time_t last_change_time; + struct { + uint8_t hash[16]; + time_t mod_time; + } hash_pw;; + int sec_channel_type; + } *domains; + + uint32_t trusted_domain_count; + struct samba3_trusted_dom_pass { + uint32_t uni_name_len; + const char *uni_name[32]; /* unicode domain name */ + const char *pass; /* trust relationship's password */ + time_t mod_time; + struct dom_sid domain_sid; /* remote domain's sid */ + } *trusted_domains; + + uint32_t afs_keyfile_count; + + struct samba3_afs_keyfile { + uint32_t nkeys; + struct { + uint32_t kvno; + char key[8]; + } entry[8]; + char *cell; + } *afs_keyfiles; +}; + +struct samba3_parameter { + char *name; + char *value; +}; + +struct samba3_share_info { + char *name; + struct security_descriptor secdesc; + + uint32_t parameter_count; + struct samba3_parameter *parameters; +}; + +struct samba3 +{ + uint32_t winsdb_count; + struct samba3_winsdb_entry *winsdb_entries; + + uint32_t samaccount_count; + struct samba3_samaccount *samaccounts; + + uint32_t share_count; + struct samba3_share_info *shares; + + struct samba3_secrets secrets; + struct samba3_groupdb group; + struct samba3_idmapdb idmap; + struct samba3_policy policy; + struct samba3_regdb registry; +}; + +#endif + +/* + initialise samba3 ejs subsystem +*/ +static int ejs_samba3_read(MprVarHandle eid, int argc, struct MprVar **argv) +{ + struct MprVar *mpv = mprInitObject(eid, "samba3", argc, argv); + struct samba3 *samba3; + NTSTATUS status; + + if (argc < 2) { + ejsSetErrorMsg(eid, "samba3_read invalid arguments"); + return -1; + } + + status = samba3_read(mprToString(argv[0]), mprToString(argv[0]), mprMemCtx(), &samba3); + + if (NT_STATUS_IS_ERR(status)) { + ejsSetErrorMsg(eid, "samba3_read: error"); + return -1; + } + + mprSetThisPtr(eid, "db", samba3); + + return 0; +} + + +/* + setup C functions that be called from ejs +*/ +void smb_setup_ejs_samba3(void) +{ + ejsDefineCFunction(-1, "samba3_read", ejs_samba3_read, NULL, MPR_VAR_SCRIPT_HANDLE); +} diff --git a/source4/scripting/ejs/smbscript.c b/source4/scripting/ejs/smbscript.c index a35b988e56..f8d6d507d4 100644 --- a/source4/scripting/ejs/smbscript.c +++ b/source4/scripting/ejs/smbscript.c @@ -86,6 +86,11 @@ void ejs_exception(const char *reason) /* load the script and advance past interpreter line*/ script = file_load(fname, &script_size, mem_ctx); + if (!script) { + fprintf(stderr, "Unable to load script from '%s'\n", fname); + exit(1); + } + /* allow scriptable js */ if (strncmp(script, "#!", 2) == 0) { script += strcspn(script, "\r\n"); diff --git a/source4/scripting/libjs/samba3.js b/source4/scripting/libjs/upgrade.js index 7f50c8c4b2..604bbac2c0 100644 --- a/source4/scripting/libjs/samba3.js +++ b/source4/scripting/libjs/upgrade.js @@ -4,5 +4,10 @@ Released under the GNU GPL v2 or later */ +libinclude("base.js"); -return 0; +function foo() +{ + + return 0; +} |