summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/rpc_lsa.h17
-rw-r--r--source3/include/rpc_misc.h16
-rw-r--r--source3/libsmb/asn1.c2
-rw-r--r--source3/libsmb/clilist.c6
-rw-r--r--source3/rpc_client/cli_lsarpc.c57
-rw-r--r--source3/rpc_client/cli_pipe.c8
-rw-r--r--source3/rpc_parse/parse_lsa.c60
-rw-r--r--source3/rpc_parse/parse_misc.c49
-rw-r--r--source3/rpc_parse/parse_prs.c19
-rw-r--r--source3/rpc_server/srv_samr_nt.c12
-rw-r--r--source3/rpcclient/cmd_lsarpc.c48
-rw-r--r--source3/rpcclient/rpcclient.c2
-rw-r--r--source3/utils/net.c79
13 files changed, 349 insertions, 26 deletions
diff --git a/source3/include/rpc_lsa.h b/source3/include/rpc_lsa.h
index 39f3e47dc8..a220b3f70d 100644
--- a/source3/include/rpc_lsa.h
+++ b/source3/include/rpc_lsa.h
@@ -515,6 +515,23 @@ typedef struct lsa_r_enum_privs
NTSTATUS status;
} LSA_R_ENUM_PRIVS;
+/* LSA_Q_ENUM_ACCOUNTS - LSA enum account rights */
+typedef struct lsa_q_enum_acct_rights
+{
+ POLICY_HND pol; /* policy handle */
+ uint32 count; /* what is this for in the query? */
+ DOM_SID sid;
+} LSA_Q_ENUM_ACCT_RIGHTS;
+
+/* LSA_R_ENUM_ACCOUNTS - LSA enum account rights */
+typedef struct lsa_r_enum_acct_rights
+{
+ uint32 count;
+ UNISTR_ARRAY rights;
+ NTSTATUS status;
+} LSA_R_ENUM_ACCT_RIGHTS;
+
+
/* LSA_Q_PRIV_GET_DISPNAME - LSA get privilege display name */
typedef struct lsa_q_priv_get_dispname
{
diff --git a/source3/include/rpc_misc.h b/source3/include/rpc_misc.h
index e47853c2a2..1b956826eb 100644
--- a/source3/include/rpc_misc.h
+++ b/source3/include/rpc_misc.h
@@ -210,6 +210,22 @@ typedef struct unistr3_info
} UNISTR3;
+/* an element in a unicode string array */
+typedef struct
+{
+ uint16 length;
+ uint16 size;
+ uint32 ref_id;
+ UNISTR2 string;
+} UNISTR_ARRAY_EL;
+
+/* an array of unicode strings */
+typedef struct
+{
+ uint32 ref_id;
+ uint32 count;
+ UNISTR_ARRAY_EL *strings;
+} UNISTR_ARRAY;
/* DOM_RID2 - domain RID structure for ntlsa pipe */
typedef struct domrid2_info
diff --git a/source3/libsmb/asn1.c b/source3/libsmb/asn1.c
index b967927871..333d157905 100644
--- a/source3/libsmb/asn1.c
+++ b/source3/libsmb/asn1.c
@@ -407,7 +407,7 @@ BOOL asn1_check_enumerated(ASN1_DATA *data, int v)
return !data->has_error && (v == b);
}
-/* check a enumarted value is correct */
+/* write an enumarted value to the stream */
BOOL asn1_write_enumerated(ASN1_DATA *data, uint8 v)
{
if (!asn1_push_tag(data, ASN1_ENUMERATED)) return False;
diff --git a/source3/libsmb/clilist.c b/source3/libsmb/clilist.c
index 4a1737af49..bf10be887a 100644
--- a/source3/libsmb/clilist.c
+++ b/source3/libsmb/clilist.c
@@ -324,8 +324,10 @@ static int interpret_short_filename(struct cli_state *cli, char *p,file_info *fi
finfo->mtime = finfo->atime = finfo->ctime;
finfo->size = IVAL(p,26);
clistr_pull(cli, finfo->name, p+30, sizeof(finfo->name), 12, STR_ASCII);
- if (strcmp(finfo->name, "..") && strcmp(finfo->name, "."))
- fstrcpy(finfo->short_name,finfo->name);
+ if (strcmp(finfo->name, "..") && strcmp(finfo->name, ".")) {
+ strncpy(finfo->short_name,finfo->name, sizeof(finfo->short_name)-1);
+ finfo->short_name[sizeof(finfo->short_name)-1] = '\0';
+ }
return(DIR_STRUCT_SIZE);
}
diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c
index 6d1d56ee84..2b65c67f15 100644
--- a/source3/rpc_client/cli_lsarpc.c
+++ b/source3/rpc_client/cli_lsarpc.c
@@ -1150,6 +1150,63 @@ NTSTATUS cli_lsa_query_secobj(struct cli_state *cli, TALLOC_CTX *mem_ctx,
return result;
}
+
+/* Enumerate account rights This is similar to enum_privileges but
+ takes a SID directly, avoiding the open_account call.
+*/
+
+NTSTATUS cli_lsa_enum_account_rights(struct cli_state *cli, TALLOC_CTX *mem_ctx,
+ POLICY_HND *pol, DOM_SID sid,
+ uint32 *count, char ***privs_name)
+{
+ prs_struct qbuf, rbuf;
+ LSA_Q_ENUM_ACCT_RIGHTS q;
+ LSA_R_ENUM_ACCT_RIGHTS r;
+ NTSTATUS result;
+ int i;
+
+ ZERO_STRUCT(q);
+ ZERO_STRUCT(r);
+
+ /* Initialise parse structures */
+
+ prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
+ prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
+
+ /* Marshall data and send request */
+ init_q_enum_acct_rights(&q, pol, 2, &sid);
+
+ if (!lsa_io_q_enum_acct_rights("", &q, &qbuf, 0) ||
+ !rpc_api_pipe_req(cli, LSA_ENUMACCTRIGHTS, &qbuf, &rbuf)) {
+ result = NT_STATUS_UNSUCCESSFUL;
+ goto done;
+ }
+
+ if (!lsa_io_r_enum_acct_rights("", &r, &rbuf, 0)) {
+ result = NT_STATUS_UNSUCCESSFUL;
+ goto done;
+ }
+
+ if (!NT_STATUS_IS_OK(result = r.status)) {
+ goto done;
+ }
+
+ *count = r.count;
+ if (! *count) {
+ goto done;
+ }
+
+ *privs_name = (char **)talloc(mem_ctx, (*count) * sizeof(char **));
+ for (i=0;i<*count;i++) {
+ pull_ucs2_talloc(mem_ctx, &(*privs_name)[i], r.rights.strings[i].string.buffer);
+ }
+
+done:
+
+ return result;
+}
+
+
#if 0
/** An example of how to use the routines in this file. Fetch a DOMAIN
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index ac43d8994c..a241744466 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -862,10 +862,9 @@ BOOL rpc_api_pipe_req(struct cli_state *cli, uint8 op_num,
return False;
}
- if (data_left == prs_offset(data)) {
+ if (data_left == prs_offset(data))
flags |= RPC_FLG_FIRST;
- callid = 0;
- }
+
if (data_left < max_data)
flags |= RPC_FLG_LAST;
/*
@@ -1284,6 +1283,9 @@ BOOL cli_nt_session_open(struct cli_state *cli, const int pipe_idx)
{
int fnum;
+ /* At the moment we can't have more than one pipe open over
+ a cli connection. )-: */
+
SMB_ASSERT(cli->nt_pipe_fnum == 0);
/* The pipe index must fall within our array */
diff --git a/source3/rpc_parse/parse_lsa.c b/source3/rpc_parse/parse_lsa.c
index 56398e7cf0..7c9f74da37 100644
--- a/source3/rpc_parse/parse_lsa.c
+++ b/source3/rpc_parse/parse_lsa.c
@@ -2236,3 +2236,63 @@ BOOL lsa_io_r_query_info2(const char *desc, LSA_R_QUERY_INFO2 *r_c,
return True;
}
+
+
+/*******************************************************************
+ Inits an LSA_Q_ENUM_ACCT_RIGHTS structure.
+********************************************************************/
+void init_q_enum_acct_rights(LSA_Q_ENUM_ACCT_RIGHTS *q_q,
+ POLICY_HND *hnd,
+ uint32 count,
+ DOM_SID *sid)
+{
+ DEBUG(5, ("init_q_enum_acct_rights\n"));
+
+ q_q->pol = *hnd;
+ q_q->count = count;
+ q_q->sid = *sid;
+}
+
+/*******************************************************************
+reads or writes a LSA_Q_ENUM_ACCT_RIGHTS structure.
+********************************************************************/
+BOOL lsa_io_q_enum_acct_rights(const char *desc, LSA_Q_ENUM_ACCT_RIGHTS *q_q, prs_struct *ps, int depth)
+{
+ if (q_q == NULL)
+ return False;
+
+ prs_debug(ps, depth, desc, "lsa_io_q_enum_acct_rights");
+ depth++;
+
+ if (!smb_io_pol_hnd("", &q_q->pol, ps, depth))
+ return False;
+
+ if(!prs_uint32("count ", ps, depth, &q_q->count))
+ return False;
+
+ if(!smb_io_dom_sid("sid", &q_q->sid, ps, depth))
+ return False;
+
+ return True;
+}
+
+
+/*******************************************************************
+reads or writes a LSA_R_ENUM_ACCT_RIGHTS structure.
+********************************************************************/
+BOOL lsa_io_r_enum_acct_rights(const char *desc, LSA_R_ENUM_ACCT_RIGHTS *r_c, prs_struct *ps, int depth)
+{
+ prs_debug(ps, depth, desc, "lsa_io_r_enum_acct_rights");
+ depth++;
+
+ if(!prs_uint32("count ", ps, depth, &r_c->count))
+ return False;
+
+ if(!smb_io_unistr_array("rights", &r_c->rights, ps, depth))
+ return False;
+
+ if(!prs_ntstatus("status", ps, depth, &r_c->status))
+ return False;
+
+ return True;
+}
diff --git a/source3/rpc_parse/parse_misc.c b/source3/rpc_parse/parse_misc.c
index a9157e29b6..9d3bd6f28a 100644
--- a/source3/rpc_parse/parse_misc.c
+++ b/source3/rpc_parse/parse_misc.c
@@ -1042,6 +1042,55 @@ BOOL smb_io_unistr2(const char *desc, UNISTR2 *uni2, uint32 buffer, prs_struct *
return True;
}
+
+/*******************************************************************
+ Reads or writes a UNISTR_ARRAY structure.
+********************************************************************/
+BOOL smb_io_unistr_array(const char *desc, UNISTR_ARRAY *array, prs_struct *ps, int depth)
+{
+ int i;
+
+ depth++;
+
+ array->count = 0;
+
+ if(!prs_uint32("ref_id", ps, depth, &array->ref_id))
+ return False;
+
+ if (! array->ref_id) {
+ return True;
+ }
+
+ if(!prs_uint32("count", ps, depth, &array->count))
+ return False;
+
+ if (array->count == 0) {
+ return True;
+ }
+
+ array->strings = talloc_zero(get_talloc_ctx(), array->count * sizeof(array->strings[0]));
+ if (! array->strings) {
+ return False;
+ }
+
+ for (i=0;i<array->count;i++) {
+ if(!prs_uint16("length", ps, depth, &array->strings[i].length))
+ return False;
+ if(!prs_uint16("size", ps, depth, &array->strings[i].size))
+ return False;
+ if(!prs_uint32("ref_id", ps, depth, &array->strings[i].ref_id))
+ return False;
+ }
+
+ for (i=0;i<array->count;i++) {
+ if (! smb_io_unistr2("string", &array->strings[i].string, array->strings[i].ref_id, ps, depth))
+ return False;
+ }
+
+ return True;
+}
+
+
/*******************************************************************
Inits a DOM_RID2 structure.
********************************************************************/
diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c
index 63f9527dec..6f6117a9e2 100644
--- a/source3/rpc_parse/parse_prs.c
+++ b/source3/rpc_parse/parse_prs.c
@@ -116,25 +116,6 @@ BOOL prs_init(prs_struct *ps, uint32 size, TALLOC_CTX *ctx, BOOL io)
}
/*******************************************************************
- read from a socket into memory.
- ********************************************************************/
-BOOL prs_read(prs_struct *ps, int fd, size_t len, int timeout)
-{
- BOOL ok;
- size_t prev_size = ps->buffer_size;
- if (!prs_grow(ps, len))
- return False;
-
- if (timeout > 0) {
- ok = (read_with_timeout(fd, &ps->data_p[prev_size],
- len, len,timeout) == len);
- } else {
- ok = (read_data(fd, &ps->data_p[prev_size], len) == len);
- }
- return ok;
-}
-
-/*******************************************************************
Delete the memory in a parse structure - if we own it.
********************************************************************/
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index c72153eda7..2896fd79e4 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -1180,6 +1180,18 @@ NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u,
/* Get what we need from the password database */
switch (q_u->switch_level) {
case 0x1:
+ /* When playing with usrmgr, this is necessary
+ if you want immediate refresh after editing
+ a user. I would like to do this after the
+ setuserinfo2, but we do not have access to
+ the domain handle in that call, only to the
+ user handle. Where else does this hurt?
+ -- Volker
+ */
+#if 0
+ /* We cannot do this here - it kills performace. JRA. */
+ free_samr_users(info);
+#endif
case 0x2:
case 0x4:
become_root();
diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c
index b452eab625..cbc291eca9 100644
--- a/source3/rpcclient/cmd_lsarpc.c
+++ b/source3/rpcclient/cmd_lsarpc.c
@@ -410,6 +410,7 @@ static NTSTATUS cmd_lsa_enum_privsaccounts(struct cli_state *cli,
POLICY_HND dom_pol;
POLICY_HND user_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ uint32 access_desired = 0x000f000f;
DOM_SID sid;
uint32 count=0;
@@ -452,6 +453,52 @@ static NTSTATUS cmd_lsa_enum_privsaccounts(struct cli_state *cli,
return result;
}
+
+/* Enumerate the privileges of an SID via LsaEnumerateAccountRights */
+
+static NTSTATUS cmd_lsa_enum_acct_rights(struct cli_state *cli,
+ TALLOC_CTX *mem_ctx, int argc,
+ char **argv)
+{
+ POLICY_HND dom_pol;
+ NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+
+ DOM_SID sid;
+ uint32 count;
+ char **rights;
+
+ int i;
+
+ if (argc != 2 ) {
+ printf("Usage: %s SID\n", argv[0]);
+ return NT_STATUS_OK;
+ }
+
+ string_to_sid(&sid, argv[1]);
+
+ result = cli_lsa_open_policy2(cli, mem_ctx, True,
+ SEC_RIGHTS_MAXIMUM_ALLOWED,
+ &dom_pol);
+
+ if (!NT_STATUS_IS_OK(result))
+ goto done;
+
+ result = cli_lsa_enum_account_rights(cli, mem_ctx, &dom_pol, sid, &count, &rights);
+
+ if (!NT_STATUS_IS_OK(result))
+ goto done;
+
+ printf("found %d privileges for SID %s\n", count, argv[1]);
+
+ for (i = 0; i < count; i++) {
+ printf("\t%s\n", rights[i]);
+ }
+
+ done:
+ return result;
+}
+
+
/* Get a privilege value given its name */
static NTSTATUS cmd_lsa_lookupprivvalue(struct cli_state *cli,
@@ -538,6 +585,7 @@ struct cmd_set lsarpc_commands[] = {
{ "getdispname", cmd_lsa_get_dispname, PI_LSARPC, "Get the privilege name", "" },
{ "lsaenumsid", cmd_lsa_enum_sids, PI_LSARPC, "Enumerate the LSA SIDS", "" },
{ "lsaenumprivsaccount", cmd_lsa_enum_privsaccounts, PI_LSARPC, "Enumerate the privileges of an SID", "" },
+ { "lsaenumacctrights", cmd_lsa_enum_acct_rights, PI_LSARPC, "Enumerate the rights of an SID", "" },
{ "lsalookupprivvalue", cmd_lsa_lookupprivvalue, PI_LSARPC, "Get a privilege value given its name", "" },
{ "lsaquerysecobj", cmd_lsa_query_secobj, PI_LSARPC, "Query LSA security object", "" },
diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index dc33a8ec2a..2609519dc4 100644
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -700,7 +700,7 @@ static NTSTATUS process_cmd(struct cli_state *cli, char *cmd)
/* Resolve the IP address */
if (!opt_ipaddr && !resolve_name(server, &server_ip, 0x20)) {
- DEBUG(1,("Unable to resolve %s\n", server));
+ fprintf(stderr, "Unable to resolve %s\n", server);
return 1;
}
diff --git a/source3/utils/net.c b/source3/utils/net.c
index bbd2fb7c2c..5c1156abf9 100644
--- a/source3/utils/net.c
+++ b/source3/utils/net.c
@@ -390,6 +390,84 @@ static int net_getdomainsid(int argc, const char **argv)
return 0;
}
+static uint32 get_maxrid(void)
+{
+ SAM_ACCOUNT *pwd = NULL;
+ uint32 max_rid = 0;
+ GROUP_MAP *map = NULL;
+ int num_entries = 0;
+ int i;
+
+ if (!pdb_setsampwent(False)) {
+ DEBUG(0, ("load_sampwd_entries: Unable to open passdb.\n"));
+ return 0;
+ }
+
+ for (; (NT_STATUS_IS_OK(pdb_init_sam(&pwd)))
+ && pdb_getsampwent(pwd) == True; pwd=NULL) {
+ uint32 rid;
+
+ if (!sid_peek_rid(pdb_get_user_sid(pwd), &rid)) {
+ DEBUG(0, ("can't get RID for user '%s'\n",
+ pdb_get_username(pwd)));
+ pdb_free_sam(&pwd);
+ continue;
+ }
+
+ if (rid > max_rid)
+ max_rid = rid;
+
+ DEBUG(1,("%d is user '%s'\n", rid, pdb_get_username(pwd)));
+ pdb_free_sam(&pwd);
+ }
+
+ pdb_endsampwent();
+ pdb_free_sam(&pwd);
+
+ if (!pdb_enum_group_mapping(SID_NAME_UNKNOWN, &map, &num_entries,
+ ENUM_ONLY_MAPPED, MAPPING_WITHOUT_PRIV))
+ return max_rid;
+
+ for (i = 0; i < num_entries; i++) {
+ uint32 rid;
+
+ if (!sid_peek_check_rid(get_global_sam_sid(), &map[i].sid,
+ &rid)) {
+ DEBUG(3, ("skipping map for group '%s', SID %s\n",
+ map[i].nt_name,
+ sid_string_static(&map[i].sid)));
+ continue;
+ }
+ DEBUG(1,("%d is group '%s'\n", rid, map[i].nt_name));
+
+ if (rid > max_rid)
+ max_rid = rid;
+ }
+
+ SAFE_FREE(map);
+
+ return max_rid;
+}
+
+static int net_maxrid(int argc, const char **argv)
+{
+ uint32 rid;
+
+ if (argc != 0) {
+ DEBUG(0, ("usage: net initrid\n"));
+ return 1;
+ }
+
+ if ((rid = get_maxrid()) == 0) {
+ DEBUG(0, ("can't get current maximum rid\n"));
+ return 1;
+ }
+
+ d_printf("Currently used maximum rid: %d\n", rid);
+
+ return 0;
+}
+
/* main function table */
static struct functable net_func[] = {
{"RPC", net_rpc},
@@ -417,6 +495,7 @@ static struct functable net_func[] = {
{"GETLOCALSID", net_getlocalsid},
{"SETLOCALSID", net_setlocalsid},
{"GETDOMAINSID", net_getdomainsid},
+ {"MAXRID", net_maxrid},
{"HELP", net_help},
{NULL, NULL}