diff options
-rw-r--r-- | source3/Makefile.in | 3 | ||||
-rw-r--r-- | source3/libsmb/cli_lsarpc.c | 52 | ||||
-rw-r--r-- | source3/rpcclient/cmd_lsarpc.c | 37 | ||||
-rw-r--r-- | source3/rpcclient/cmd_samr.c | 124 | ||||
-rw-r--r-- | source3/rpcclient/cmd_spoolss.c | 52 | ||||
-rw-r--r-- | source3/rpcclient/display_sec.c | 254 |
6 files changed, 171 insertions, 351 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index cce0aecad7..ff9c9085f5 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -294,7 +294,8 @@ RPCCLIENT_OBJ1 = rpcclient/rpcclient.o rpcclient/cmd_lsarpc.o \ rpcclient/cmd_samr.o rpcclient/cmd_spoolss.o \ rpcclient/cmd_netlogon.o rpcclient/cmd_srvsvc.o \ rpcclient/cmd_dfs.o rpcclient/cmd_reg.o \ - rpc_client/cli_login.o rpc_client/cli_netlogon.o + rpc_client/cli_login.o rpc_client/cli_netlogon.o \ + rpcclient/display_sec.o RPCCLIENT_OBJ = $(RPCCLIENT_OBJ1) \ $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) \ diff --git a/source3/libsmb/cli_lsarpc.c b/source3/libsmb/cli_lsarpc.c index c528ff48a9..ff4c4dfe30 100644 --- a/source3/libsmb/cli_lsarpc.c +++ b/source3/libsmb/cli_lsarpc.c @@ -988,6 +988,58 @@ NTSTATUS cli_lsa_lookupprivvalue(struct cli_state *cli, TALLOC_CTX *mem_ctx, return result; } +/** Query LSA security object */ + +NTSTATUS cli_lsa_query_secobj(struct cli_state *cli, TALLOC_CTX *mem_ctx, + POLICY_HND *pol, uint32 sec_info, + SEC_DESC_BUF **psdb) +{ + prs_struct qbuf, rbuf; + LSA_Q_QUERY_SEC_OBJ q; + LSA_R_QUERY_SEC_OBJ r; + NTSTATUS result; + + ZERO_STRUCT(q); + ZERO_STRUCT(r); + + /* Initialise parse structures */ + + prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); + prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); + + /* Marshall data and send request */ + + init_q_query_sec_obj(&q, pol, sec_info); + + if (!lsa_io_q_query_sec_obj("", &q, &qbuf, 0) || + !rpc_api_pipe_req(cli, LSA_QUERYSECOBJ, &qbuf, &rbuf)) { + result = NT_STATUS_UNSUCCESSFUL; + goto done; + } + + /* Unmarshall response */ + + if (!lsa_io_r_query_sec_obj("", &r, &rbuf, 0)) { + result = NT_STATUS_UNSUCCESSFUL; + goto done; + } + + if (!NT_STATUS_IS_OK(result = r.status)) { + goto done; + } + + /* Return output parameters */ + + if (psdb) + *psdb = r.buf; + + done: + prs_mem_free(&qbuf); + prs_mem_free(&rbuf); + + return result; +} + /** Fetch a DOMAIN sid. Does complete cli setup / teardown anonymously. */ BOOL fetch_domain_sid( char *domain, char *remote_machine, DOM_SID *psid) diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c index ef9518a7fc..52ab9c3800 100644 --- a/source3/rpcclient/cmd_lsarpc.c +++ b/source3/rpcclient/cmd_lsarpc.c @@ -452,6 +452,42 @@ static NTSTATUS cmd_lsa_lookupprivvalue(struct cli_state *cli, return result; } +/* Query LSA security object */ + +static NTSTATUS cmd_lsa_query_secobj(struct cli_state *cli, + TALLOC_CTX *mem_ctx, int argc, + char **argv) +{ + POLICY_HND pol; + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + SEC_DESC_BUF *sdb; + uint32 sec_info = 0x00000004; /* ??? */ + + if (argc != 1 ) { + printf("Usage: %s\n", argv[0]); + return NT_STATUS_OK; + } + + result = cli_lsa_open_policy2(cli, mem_ctx, True, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &pol); + + if (!NT_STATUS_IS_OK(result)) + goto done; + + result = cli_lsa_query_secobj(cli, mem_ctx, &pol, sec_info, &sdb); + + if (!NT_STATUS_IS_OK(result)) + goto done; + + /* Print results */ + + display_sec_desc(sdb->sec); + + done: + return result; +} + /* List of commands exported by this module */ struct cmd_set lsarpc_commands[] = { @@ -467,6 +503,7 @@ struct cmd_set lsarpc_commands[] = { { "lsaenumsid", cmd_lsa_enum_sids, PIPE_LSARPC, "Enumerate the LSA SIDS", "" }, { "lsaenumprivsaccount", cmd_lsa_enum_privsaccounts, PIPE_LSARPC, "Enumerate the privileges of an SID", "" }, { "lsalookupprivvalue", cmd_lsa_lookupprivvalue, PIPE_LSARPC, "Get a privilege value given its name", "" }, + { "lsaquerysecobj", cmd_lsa_query_secobj, PIPE_LSARPC, "Query LSA security object", "" }, { NULL } }; diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index a6cdc4bfeb..dccd756add 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -29,128 +29,6 @@ extern DOM_SID domain_sid; /**************************************************************************** -convert a security permissions into a string -****************************************************************************/ -char *get_sec_mask_str(uint32 type) -{ - static fstring typestr=""; - int i; - - typestr[0] = 0; - - if (type & GENERIC_ALL_ACCESS) - fstrcat(typestr, "Generic all access "); - if (type & GENERIC_EXECUTE_ACCESS) - fstrcat(typestr, "Generic execute access "); - if (type & GENERIC_WRITE_ACCESS) - fstrcat(typestr, "Generic write access "); - if (type & GENERIC_READ_ACCESS) - fstrcat(typestr, "Generic read access "); - if (type & MAXIMUM_ALLOWED_ACCESS) - fstrcat(typestr, "MAXIMUM_ALLOWED_ACCESS "); - if (type & SYSTEM_SECURITY_ACCESS) - fstrcat(typestr, "SYSTEM_SECURITY_ACCESS "); - if (type & SYNCHRONIZE_ACCESS) - fstrcat(typestr, "SYNCHRONIZE_ACCESS "); - if (type & WRITE_OWNER_ACCESS) - fstrcat(typestr, "WRITE_OWNER_ACCESS "); - if (type & WRITE_DAC_ACCESS) - fstrcat(typestr, "WRITE_DAC_ACCESS "); - if (type & READ_CONTROL_ACCESS) - fstrcat(typestr, "READ_CONTROL_ACCESS "); - if (type & DELETE_ACCESS) - fstrcat(typestr, "DELETE_ACCESS "); - - printf("Specific bits: 0x%x\n", type&SPECIFIC_RIGHTS_MASK); - - return typestr; -} - -/**************************************************************************** - display sec_access structure - ****************************************************************************/ -void display_sec_access(SEC_ACCESS *info) -{ - printf("\t\tPermissions: 0x%x: %s\n", info->mask, get_sec_mask_str(info->mask)); -} - -/**************************************************************************** - display sec_ace structure - ****************************************************************************/ -void display_sec_ace(SEC_ACE *ace) -{ - fstring sid_str; - - printf("\tACE\n\t\ttype: "); - switch (ace->type) { - case SEC_ACE_TYPE_ACCESS_ALLOWED: - printf("ACCESS ALLOWED"); - break; - case SEC_ACE_TYPE_ACCESS_DENIED: - printf("ACCESS DENIED"); - break; - case SEC_ACE_TYPE_SYSTEM_AUDIT: - printf("SYSTEM AUDIT"); - break; - case SEC_ACE_TYPE_SYSTEM_ALARM: - printf("SYSTEM ALARM"); - break; - default: - printf("????"); - break; - } - printf(" (%d) flags: %d\n", ace->type, ace->flags); - display_sec_access(&ace->info); - sid_to_string(sid_str, &ace->trustee); - printf("\t\tSID: %s\n\n", sid_str); -} - -/**************************************************************************** - display sec_acl structure - ****************************************************************************/ -void display_sec_acl(SEC_ACL *sec_acl) -{ - int i; - - printf("\tACL\tNum ACEs:\t%d\trevision:\t%x\n", - sec_acl->num_aces, sec_acl->revision); - printf("\t---\n"); - - if (sec_acl->size != 0 && sec_acl->num_aces != 0) - for (i = 0; i < sec_acl->num_aces; i++) - display_sec_ace(&sec_acl->ace[i]); - -} - -/**************************************************************************** - display sec_desc structure - ****************************************************************************/ -void display_sec_desc(SEC_DESC *sec) -{ - fstring sid_str; - - if (sec->off_sacl != 0) { - printf("S-ACL\n"); - display_sec_acl(sec->sacl); - } - - if (sec->off_dacl != 0) { - printf("D-ACL\n"); - display_sec_acl(sec->dacl); - } - - if (sec->off_owner_sid != 0) { - sid_to_string(sid_str, sec->owner_sid); - printf("\tOwner SID:\t%s\n", sid_str); - } - - if (sec->off_grp_sid != 0) { - sid_to_string(sid_str, sec->grp_sid); - printf("\tParent SID:\t%s\n", sid_str); - } -} - -/**************************************************************************** display sam_user_info_21 structure ****************************************************************************/ static void display_sam_user_info_21(SAM_USER_INFO_21 *usr) @@ -1301,7 +1179,7 @@ struct cmd_set samr_commands[] = { { "samlookupnames", cmd_samr_lookup_names, PIPE_SAMR, "Look up names", "" }, { "samlookuprids", cmd_samr_lookup_rids, PIPE_SAMR, "Look up names", "" }, { "deletedomuser", cmd_samr_delete_dom_user, PIPE_SAMR, "Delete domain user", "" }, - { "querysecobj", cmd_samr_query_sec_obj, PIPE_SAMR, "Query security object", "" }, + { "samquerysecobj", cmd_samr_query_sec_obj, PIPE_SAMR, "Query SAMR security object", "" }, { NULL } }; diff --git a/source3/rpcclient/cmd_spoolss.c b/source3/rpcclient/cmd_spoolss.c index 2f80295a53..1e521473d4 100644 --- a/source3/rpcclient/cmd_spoolss.c +++ b/source3/rpcclient/cmd_spoolss.c @@ -82,58 +82,6 @@ static NTSTATUS cmd_spoolss_not_implemented(struct cli_state *cli, return NT_STATUS_OK; } -/**************************************************************************** - display sec_ace structure - ****************************************************************************/ -static void display_sec_ace(SEC_ACE *ace) -{ - fstring sid_str; - - sid_to_string(sid_str, &ace->trustee); - printf("\t\tSID: %s\n", sid_str); - - printf("\t\ttype:[%d], flags:[0x%02x], mask:[0x%08x]\n", - ace->type, ace->flags, ace->info.mask); -} - -/**************************************************************************** - display sec_acl structure - ****************************************************************************/ -static void display_sec_acl(SEC_ACL *acl) -{ - if (acl->size != 0 && acl->num_aces != 0) { - int i; - - printf("\t\tRevision:[%d]\n", acl->revision); - for (i = 0; i < acl->num_aces; i++) { - display_sec_ace(&acl->ace[i]); - } - } -} - -/**************************************************************************** - display sec_desc structure - ****************************************************************************/ -static void display_sec_desc(SEC_DESC *sec) -{ - fstring sid_str; - - printf("\tRevision:[%d]\n", sec->revision); - - if (sec->off_owner_sid) { - sid_to_string(sid_str, sec->owner_sid); - printf("\tOwner SID: %s\n", sid_str); - } - - if (sec->off_grp_sid) { - sid_to_string(sid_str, sec->grp_sid); - printf("\tGroup SID: %s\n", sid_str); - } - - if (sec->off_sacl) display_sec_acl(sec->sacl); - if (sec->off_dacl) display_sec_acl(sec->dacl); -} - /*********************************************************************** * Get printer information */ diff --git a/source3/rpcclient/display_sec.c b/source3/rpcclient/display_sec.c index a428a95686..009f88e49b 100644 --- a/source3/rpcclient/display_sec.c +++ b/source3/rpcclient/display_sec.c @@ -23,67 +23,40 @@ #include "includes.h" #include "rpcclient.h" - /**************************************************************************** convert a security permissions into a string ****************************************************************************/ -static const char *get_sec_mask_str(uint32 type) +char *get_sec_mask_str(uint32 type) { - static fstring typestr; + static fstring typestr=""; int i; - switch (type) - { - case SEC_RIGHTS_FULL_CONTROL: - { - fstrcpy(typestr, "Full Control"); - return typestr; - } - - case SEC_RIGHTS_READ: - { - fstrcpy(typestr, "Read"); - return typestr; - } - default: - { - break; - } - } - typestr[0] = 0; - for (i = 0; i < 32; i++) - { - if (type & (1 << i)) - { - switch (1 << i) - { - case SEC_RIGHTS_QUERY_VALUE : fstrcat(typestr, "Query " ); break; - case SEC_RIGHTS_SET_VALUE : fstrcat(typestr, "Set " ); break; - case SEC_RIGHTS_CREATE_SUBKEY : fstrcat(typestr, "Create "); break; - case SEC_RIGHTS_ENUM_SUBKEYS : fstrcat(typestr, "Enum "); break; - case SEC_RIGHTS_NOTIFY : fstrcat(typestr, "Notify "); break; - case SEC_RIGHTS_CREATE_LINK : fstrcat(typestr, "CreateLink "); break; - case DELETE_ACCESS : fstrcat(typestr, "Delete "); break; - case READ_CONTROL_ACCESS : fstrcat(typestr, "ReadControl "); break; - case WRITE_DAC_ACCESS : fstrcat(typestr, "WriteDAC "); break; - case WRITE_OWNER_ACCESS : fstrcat(typestr, "WriteOwner "); break; - } - type &= ~(1 << i); - } - } - - /* remaining bits get added on as-is */ - if (type != 0) - { - fstring tmp; - slprintf(tmp, sizeof(tmp)-1, "[%08x]", type); - fstrcat(typestr, tmp); - } - /* remove last space */ - i = strlen(typestr)-1; - if (typestr[i] == ' ') typestr[i] = 0; + if (type & GENERIC_ALL_ACCESS) + fstrcat(typestr, "Generic all access "); + if (type & GENERIC_EXECUTE_ACCESS) + fstrcat(typestr, "Generic execute access "); + if (type & GENERIC_WRITE_ACCESS) + fstrcat(typestr, "Generic write access "); + if (type & GENERIC_READ_ACCESS) + fstrcat(typestr, "Generic read access "); + if (type & MAXIMUM_ALLOWED_ACCESS) + fstrcat(typestr, "MAXIMUM_ALLOWED_ACCESS "); + if (type & SYSTEM_SECURITY_ACCESS) + fstrcat(typestr, "SYSTEM_SECURITY_ACCESS "); + if (type & SYNCHRONIZE_ACCESS) + fstrcat(typestr, "SYNCHRONIZE_ACCESS "); + if (type & WRITE_OWNER_ACCESS) + fstrcat(typestr, "WRITE_OWNER_ACCESS "); + if (type & WRITE_DAC_ACCESS) + fstrcat(typestr, "WRITE_DAC_ACCESS "); + if (type & READ_CONTROL_ACCESS) + fstrcat(typestr, "READ_CONTROL_ACCESS "); + if (type & DELETE_ACCESS) + fstrcat(typestr, "DELETE_ACCESS "); + + printf("Specific bits: 0x%x\n", type&SPECIFIC_RIGHTS_MASK); return typestr; } @@ -91,152 +64,83 @@ static const char *get_sec_mask_str(uint32 type) /**************************************************************************** display sec_access structure ****************************************************************************/ -static void display_sec_access(FILE *out_hnd, enum action_type action, SEC_ACCESS *const info) +void display_sec_access(SEC_ACCESS *info) { - switch (action) - { - case ACTION_HEADER: - { - break; - } - case ACTION_ENUMERATE: - { - report(out_hnd, "\t\tPermissions:\t%s\n", - get_sec_mask_str(info->mask)); - } - case ACTION_FOOTER: - { - break; - } - } + printf("\t\tPermissions: 0x%x: %s\n", info->mask, get_sec_mask_str(info->mask)); } /**************************************************************************** display sec_ace structure ****************************************************************************/ -static void display_sec_ace(FILE *out_hnd, enum action_type action, SEC_ACE *const ace) +void display_sec_ace(SEC_ACE *ace) { - switch (action) - { - case ACTION_HEADER: - { - report(out_hnd, "\tACE\n"); + fstring sid_str; + + printf("\tACE\n\t\ttype: "); + switch (ace->type) { + case SEC_ACE_TYPE_ACCESS_ALLOWED: + printf("ACCESS ALLOWED"); + break; + case SEC_ACE_TYPE_ACCESS_DENIED: + printf("ACCESS DENIED"); break; - } - case ACTION_ENUMERATE: - { - fstring sid_str; - - report(out_hnd, - "\t\tType:%2x Flags:%2x Perms:%04x\n", - ace->type, ace->flags, - (uint32) ace->info.mask); - - display_sec_access(out_hnd, ACTION_HEADER , &ace->info); - display_sec_access(out_hnd, ACTION_ENUMERATE, &ace->info); - display_sec_access(out_hnd, ACTION_FOOTER , &ace->info); - - sid_to_string(sid_str, &ace->sid); - report(out_hnd, "\t\tSID:\t%s\n", sid_str); - } - case ACTION_FOOTER: - { + case SEC_ACE_TYPE_SYSTEM_AUDIT: + printf("SYSTEM AUDIT"); + break; + case SEC_ACE_TYPE_SYSTEM_ALARM: + printf("SYSTEM ALARM"); + break; + default: + printf("????"); break; - } } + printf(" (%d) flags: %d\n", ace->type, ace->flags); + display_sec_access(&ace->info); + sid_to_string(sid_str, &ace->trustee); + printf("\t\tSID: %s\n\n", sid_str); } /**************************************************************************** display sec_acl structure ****************************************************************************/ -static void display_sec_acl(FILE *out_hnd, enum action_type action, SEC_ACL *const sec_acl) +void display_sec_acl(SEC_ACL *sec_acl) { - if (sec_acl == NULL) - { - return; - } - switch (action) - { - case ACTION_HEADER: - { - report(out_hnd, "\tACL\tNum ACEs:\t%d\trevision:\t%x\n", - sec_acl->num_aces, sec_acl->revision); - report(out_hnd, "\t---\n"); + int i; - break; - } - case ACTION_ENUMERATE: - { - if (sec_acl->size != 0 && sec_acl->num_aces != 0) - { - int i; - for (i = 0; i < sec_acl->num_aces; i++) - { - display_sec_ace(out_hnd, ACTION_HEADER , &sec_acl->ace[i]); - display_sec_ace(out_hnd, ACTION_ENUMERATE, &sec_acl->ace[i]); - display_sec_ace(out_hnd, ACTION_FOOTER , &sec_acl->ace[i]); - } - } + printf("\tACL\tNum ACEs:\t%d\trevision:\t%x\n", + sec_acl->num_aces, sec_acl->revision); + printf("\t---\n"); + + if (sec_acl->size != 0 && sec_acl->num_aces != 0) + for (i = 0; i < sec_acl->num_aces; i++) + display_sec_ace(&sec_acl->ace[i]); - break; - } - case ACTION_FOOTER: - { - report(out_hnd, "\n"); - break; - } - } } /**************************************************************************** display sec_desc structure ****************************************************************************/ -void display_sec_desc(FILE *out_hnd, enum action_type action, SEC_DESC *const sec) +void display_sec_desc(SEC_DESC *sec) { - switch (action) - { - case ACTION_HEADER: - { - report(out_hnd, "\tSecurity Descriptor\trevision:\t%x\ttype:\t%x\n", - sec->revision, sec->type); - report(out_hnd, "\t-------------------\n"); + fstring sid_str; - break; - } - case ACTION_ENUMERATE: - { - fstring sid_str; - - if (sec->off_sacl != 0) - { - display_sec_acl(out_hnd, ACTION_HEADER , sec->sacl); - display_sec_acl(out_hnd, ACTION_ENUMERATE, sec->sacl); - display_sec_acl(out_hnd, ACTION_FOOTER , sec->sacl); - } - if (sec->off_dacl != 0) - { - display_sec_acl(out_hnd, ACTION_HEADER , sec->dacl); - display_sec_acl(out_hnd, ACTION_ENUMERATE, sec->dacl); - display_sec_acl(out_hnd, ACTION_FOOTER , sec->dacl); - } - if (sec->off_owner_sid != 0) - { - sid_to_string(sid_str, sec->owner_sid); - report(out_hnd, "\tOwner SID:\t%s\n", sid_str); - } - if (sec->off_grp_sid != 0) - { - sid_to_string(sid_str, sec->grp_sid); - report(out_hnd, "\tParent SID:\t%s\n", sid_str); - } - - break; - } - case ACTION_FOOTER: - { - report(out_hnd, "\n"); - break; - } + if (sec->off_sacl != 0) { + printf("S-ACL\n"); + display_sec_acl(sec->sacl); + } + + if (sec->off_dacl != 0) { + printf("D-ACL\n"); + display_sec_acl(sec->dacl); } -} + if (sec->off_owner_sid != 0) { + sid_to_string(sid_str, sec->owner_sid); + printf("\tOwner SID:\t%s\n", sid_str); + } + + if (sec->off_grp_sid != 0) { + sid_to_string(sid_str, sec->grp_sid); + printf("\tParent SID:\t%s\n", sid_str); + } +} |