diff options
-rw-r--r-- | source3/include/rpc_lsa.h | 17 | ||||
-rw-r--r-- | source3/include/rpc_misc.h | 16 | ||||
-rw-r--r-- | source3/libsmb/asn1.c | 2 | ||||
-rw-r--r-- | source3/libsmb/clilist.c | 6 | ||||
-rw-r--r-- | source3/rpc_client/cli_lsarpc.c | 57 | ||||
-rw-r--r-- | source3/rpc_client/cli_pipe.c | 8 | ||||
-rw-r--r-- | source3/rpc_parse/parse_lsa.c | 60 | ||||
-rw-r--r-- | source3/rpc_parse/parse_misc.c | 49 | ||||
-rw-r--r-- | source3/rpc_parse/parse_prs.c | 19 | ||||
-rw-r--r-- | source3/rpc_server/srv_samr_nt.c | 12 | ||||
-rw-r--r-- | source3/rpcclient/cmd_lsarpc.c | 48 | ||||
-rw-r--r-- | source3/rpcclient/rpcclient.c | 2 | ||||
-rw-r--r-- | source3/utils/net.c | 79 |
13 files changed, 349 insertions, 26 deletions
diff --git a/source3/include/rpc_lsa.h b/source3/include/rpc_lsa.h index 39f3e47dc8..a220b3f70d 100644 --- a/source3/include/rpc_lsa.h +++ b/source3/include/rpc_lsa.h @@ -515,6 +515,23 @@ typedef struct lsa_r_enum_privs NTSTATUS status; } LSA_R_ENUM_PRIVS; +/* LSA_Q_ENUM_ACCOUNTS - LSA enum account rights */ +typedef struct lsa_q_enum_acct_rights +{ + POLICY_HND pol; /* policy handle */ + uint32 count; /* what is this for in the query? */ + DOM_SID sid; +} LSA_Q_ENUM_ACCT_RIGHTS; + +/* LSA_R_ENUM_ACCOUNTS - LSA enum account rights */ +typedef struct lsa_r_enum_acct_rights +{ + uint32 count; + UNISTR_ARRAY rights; + NTSTATUS status; +} LSA_R_ENUM_ACCT_RIGHTS; + + /* LSA_Q_PRIV_GET_DISPNAME - LSA get privilege display name */ typedef struct lsa_q_priv_get_dispname { diff --git a/source3/include/rpc_misc.h b/source3/include/rpc_misc.h index e47853c2a2..1b956826eb 100644 --- a/source3/include/rpc_misc.h +++ b/source3/include/rpc_misc.h @@ -210,6 +210,22 @@ typedef struct unistr3_info } UNISTR3; +/* an element in a unicode string array */ +typedef struct +{ + uint16 length; + uint16 size; + uint32 ref_id; + UNISTR2 string; +} UNISTR_ARRAY_EL; + +/* an array of unicode strings */ +typedef struct +{ + uint32 ref_id; + uint32 count; + UNISTR_ARRAY_EL *strings; +} UNISTR_ARRAY; /* DOM_RID2 - domain RID structure for ntlsa pipe */ typedef struct domrid2_info diff --git a/source3/libsmb/asn1.c b/source3/libsmb/asn1.c index b967927871..333d157905 100644 --- a/source3/libsmb/asn1.c +++ b/source3/libsmb/asn1.c @@ -407,7 +407,7 @@ BOOL asn1_check_enumerated(ASN1_DATA *data, int v) return !data->has_error && (v == b); } -/* check a enumarted value is correct */ +/* write an enumarted value to the stream */ BOOL asn1_write_enumerated(ASN1_DATA *data, uint8 v) { if (!asn1_push_tag(data, ASN1_ENUMERATED)) return False; diff --git a/source3/libsmb/clilist.c b/source3/libsmb/clilist.c index 4a1737af49..bf10be887a 100644 --- a/source3/libsmb/clilist.c +++ b/source3/libsmb/clilist.c @@ -324,8 +324,10 @@ static int interpret_short_filename(struct cli_state *cli, char *p,file_info *fi finfo->mtime = finfo->atime = finfo->ctime; finfo->size = IVAL(p,26); clistr_pull(cli, finfo->name, p+30, sizeof(finfo->name), 12, STR_ASCII); - if (strcmp(finfo->name, "..") && strcmp(finfo->name, ".")) - fstrcpy(finfo->short_name,finfo->name); + if (strcmp(finfo->name, "..") && strcmp(finfo->name, ".")) { + strncpy(finfo->short_name,finfo->name, sizeof(finfo->short_name)-1); + finfo->short_name[sizeof(finfo->short_name)-1] = '\0'; + } return(DIR_STRUCT_SIZE); } diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c index 6d1d56ee84..2b65c67f15 100644 --- a/source3/rpc_client/cli_lsarpc.c +++ b/source3/rpc_client/cli_lsarpc.c @@ -1150,6 +1150,63 @@ NTSTATUS cli_lsa_query_secobj(struct cli_state *cli, TALLOC_CTX *mem_ctx, return result; } + +/* Enumerate account rights This is similar to enum_privileges but + takes a SID directly, avoiding the open_account call. +*/ + +NTSTATUS cli_lsa_enum_account_rights(struct cli_state *cli, TALLOC_CTX *mem_ctx, + POLICY_HND *pol, DOM_SID sid, + uint32 *count, char ***privs_name) +{ + prs_struct qbuf, rbuf; + LSA_Q_ENUM_ACCT_RIGHTS q; + LSA_R_ENUM_ACCT_RIGHTS r; + NTSTATUS result; + int i; + + ZERO_STRUCT(q); + ZERO_STRUCT(r); + + /* Initialise parse structures */ + + prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); + prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); + + /* Marshall data and send request */ + init_q_enum_acct_rights(&q, pol, 2, &sid); + + if (!lsa_io_q_enum_acct_rights("", &q, &qbuf, 0) || + !rpc_api_pipe_req(cli, LSA_ENUMACCTRIGHTS, &qbuf, &rbuf)) { + result = NT_STATUS_UNSUCCESSFUL; + goto done; + } + + if (!lsa_io_r_enum_acct_rights("", &r, &rbuf, 0)) { + result = NT_STATUS_UNSUCCESSFUL; + goto done; + } + + if (!NT_STATUS_IS_OK(result = r.status)) { + goto done; + } + + *count = r.count; + if (! *count) { + goto done; + } + + *privs_name = (char **)talloc(mem_ctx, (*count) * sizeof(char **)); + for (i=0;i<*count;i++) { + pull_ucs2_talloc(mem_ctx, &(*privs_name)[i], r.rights.strings[i].string.buffer); + } + +done: + + return result; +} + + #if 0 /** An example of how to use the routines in this file. Fetch a DOMAIN diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index ac43d8994c..a241744466 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -862,10 +862,9 @@ BOOL rpc_api_pipe_req(struct cli_state *cli, uint8 op_num, return False; } - if (data_left == prs_offset(data)) { + if (data_left == prs_offset(data)) flags |= RPC_FLG_FIRST; - callid = 0; - } + if (data_left < max_data) flags |= RPC_FLG_LAST; /* @@ -1284,6 +1283,9 @@ BOOL cli_nt_session_open(struct cli_state *cli, const int pipe_idx) { int fnum; + /* At the moment we can't have more than one pipe open over + a cli connection. )-: */ + SMB_ASSERT(cli->nt_pipe_fnum == 0); /* The pipe index must fall within our array */ diff --git a/source3/rpc_parse/parse_lsa.c b/source3/rpc_parse/parse_lsa.c index 56398e7cf0..7c9f74da37 100644 --- a/source3/rpc_parse/parse_lsa.c +++ b/source3/rpc_parse/parse_lsa.c @@ -2236,3 +2236,63 @@ BOOL lsa_io_r_query_info2(const char *desc, LSA_R_QUERY_INFO2 *r_c, return True; } + + +/******************************************************************* + Inits an LSA_Q_ENUM_ACCT_RIGHTS structure. +********************************************************************/ +void init_q_enum_acct_rights(LSA_Q_ENUM_ACCT_RIGHTS *q_q, + POLICY_HND *hnd, + uint32 count, + DOM_SID *sid) +{ + DEBUG(5, ("init_q_enum_acct_rights\n")); + + q_q->pol = *hnd; + q_q->count = count; + q_q->sid = *sid; +} + +/******************************************************************* +reads or writes a LSA_Q_ENUM_ACCT_RIGHTS structure. +********************************************************************/ +BOOL lsa_io_q_enum_acct_rights(const char *desc, LSA_Q_ENUM_ACCT_RIGHTS *q_q, prs_struct *ps, int depth) +{ + if (q_q == NULL) + return False; + + prs_debug(ps, depth, desc, "lsa_io_q_enum_acct_rights"); + depth++; + + if (!smb_io_pol_hnd("", &q_q->pol, ps, depth)) + return False; + + if(!prs_uint32("count ", ps, depth, &q_q->count)) + return False; + + if(!smb_io_dom_sid("sid", &q_q->sid, ps, depth)) + return False; + + return True; +} + + +/******************************************************************* +reads or writes a LSA_R_ENUM_ACCT_RIGHTS structure. +********************************************************************/ +BOOL lsa_io_r_enum_acct_rights(const char *desc, LSA_R_ENUM_ACCT_RIGHTS *r_c, prs_struct *ps, int depth) +{ + prs_debug(ps, depth, desc, "lsa_io_r_enum_acct_rights"); + depth++; + + if(!prs_uint32("count ", ps, depth, &r_c->count)) + return False; + + if(!smb_io_unistr_array("rights", &r_c->rights, ps, depth)) + return False; + + if(!prs_ntstatus("status", ps, depth, &r_c->status)) + return False; + + return True; +} diff --git a/source3/rpc_parse/parse_misc.c b/source3/rpc_parse/parse_misc.c index a9157e29b6..9d3bd6f28a 100644 --- a/source3/rpc_parse/parse_misc.c +++ b/source3/rpc_parse/parse_misc.c @@ -1042,6 +1042,55 @@ BOOL smb_io_unistr2(const char *desc, UNISTR2 *uni2, uint32 buffer, prs_struct * return True; } + +/******************************************************************* + Reads or writes a UNISTR_ARRAY structure. +********************************************************************/ +BOOL smb_io_unistr_array(const char *desc, UNISTR_ARRAY *array, prs_struct *ps, int depth) +{ + int i; + + depth++; + + array->count = 0; + + if(!prs_uint32("ref_id", ps, depth, &array->ref_id)) + return False; + + if (! array->ref_id) { + return True; + } + + if(!prs_uint32("count", ps, depth, &array->count)) + return False; + + if (array->count == 0) { + return True; + } + + array->strings = talloc_zero(get_talloc_ctx(), array->count * sizeof(array->strings[0])); + if (! array->strings) { + return False; + } + + for (i=0;i<array->count;i++) { + if(!prs_uint16("length", ps, depth, &array->strings[i].length)) + return False; + if(!prs_uint16("size", ps, depth, &array->strings[i].size)) + return False; + if(!prs_uint32("ref_id", ps, depth, &array->strings[i].ref_id)) + return False; + } + + for (i=0;i<array->count;i++) { + if (! smb_io_unistr2("string", &array->strings[i].string, array->strings[i].ref_id, ps, depth)) + return False; + } + + return True; +} + + /******************************************************************* Inits a DOM_RID2 structure. ********************************************************************/ diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c index 63f9527dec..6f6117a9e2 100644 --- a/source3/rpc_parse/parse_prs.c +++ b/source3/rpc_parse/parse_prs.c @@ -116,25 +116,6 @@ BOOL prs_init(prs_struct *ps, uint32 size, TALLOC_CTX *ctx, BOOL io) } /******************************************************************* - read from a socket into memory. - ********************************************************************/ -BOOL prs_read(prs_struct *ps, int fd, size_t len, int timeout) -{ - BOOL ok; - size_t prev_size = ps->buffer_size; - if (!prs_grow(ps, len)) - return False; - - if (timeout > 0) { - ok = (read_with_timeout(fd, &ps->data_p[prev_size], - len, len,timeout) == len); - } else { - ok = (read_data(fd, &ps->data_p[prev_size], len) == len); - } - return ok; -} - -/******************************************************************* Delete the memory in a parse structure - if we own it. ********************************************************************/ diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index c72153eda7..2896fd79e4 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -1180,6 +1180,18 @@ NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, /* Get what we need from the password database */ switch (q_u->switch_level) { case 0x1: + /* When playing with usrmgr, this is necessary + if you want immediate refresh after editing + a user. I would like to do this after the + setuserinfo2, but we do not have access to + the domain handle in that call, only to the + user handle. Where else does this hurt? + -- Volker + */ +#if 0 + /* We cannot do this here - it kills performace. JRA. */ + free_samr_users(info); +#endif case 0x2: case 0x4: become_root(); diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c index b452eab625..cbc291eca9 100644 --- a/source3/rpcclient/cmd_lsarpc.c +++ b/source3/rpcclient/cmd_lsarpc.c @@ -410,6 +410,7 @@ static NTSTATUS cmd_lsa_enum_privsaccounts(struct cli_state *cli, POLICY_HND dom_pol; POLICY_HND user_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + uint32 access_desired = 0x000f000f; DOM_SID sid; uint32 count=0; @@ -452,6 +453,52 @@ static NTSTATUS cmd_lsa_enum_privsaccounts(struct cli_state *cli, return result; } + +/* Enumerate the privileges of an SID via LsaEnumerateAccountRights */ + +static NTSTATUS cmd_lsa_enum_acct_rights(struct cli_state *cli, + TALLOC_CTX *mem_ctx, int argc, + char **argv) +{ + POLICY_HND dom_pol; + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + + DOM_SID sid; + uint32 count; + char **rights; + + int i; + + if (argc != 2 ) { + printf("Usage: %s SID\n", argv[0]); + return NT_STATUS_OK; + } + + string_to_sid(&sid, argv[1]); + + result = cli_lsa_open_policy2(cli, mem_ctx, True, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &dom_pol); + + if (!NT_STATUS_IS_OK(result)) + goto done; + + result = cli_lsa_enum_account_rights(cli, mem_ctx, &dom_pol, sid, &count, &rights); + + if (!NT_STATUS_IS_OK(result)) + goto done; + + printf("found %d privileges for SID %s\n", count, argv[1]); + + for (i = 0; i < count; i++) { + printf("\t%s\n", rights[i]); + } + + done: + return result; +} + + /* Get a privilege value given its name */ static NTSTATUS cmd_lsa_lookupprivvalue(struct cli_state *cli, @@ -538,6 +585,7 @@ struct cmd_set lsarpc_commands[] = { { "getdispname", cmd_lsa_get_dispname, PI_LSARPC, "Get the privilege name", "" }, { "lsaenumsid", cmd_lsa_enum_sids, PI_LSARPC, "Enumerate the LSA SIDS", "" }, { "lsaenumprivsaccount", cmd_lsa_enum_privsaccounts, PI_LSARPC, "Enumerate the privileges of an SID", "" }, + { "lsaenumacctrights", cmd_lsa_enum_acct_rights, PI_LSARPC, "Enumerate the rights of an SID", "" }, { "lsalookupprivvalue", cmd_lsa_lookupprivvalue, PI_LSARPC, "Get a privilege value given its name", "" }, { "lsaquerysecobj", cmd_lsa_query_secobj, PI_LSARPC, "Query LSA security object", "" }, diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index dc33a8ec2a..2609519dc4 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -700,7 +700,7 @@ static NTSTATUS process_cmd(struct cli_state *cli, char *cmd) /* Resolve the IP address */ if (!opt_ipaddr && !resolve_name(server, &server_ip, 0x20)) { - DEBUG(1,("Unable to resolve %s\n", server)); + fprintf(stderr, "Unable to resolve %s\n", server); return 1; } diff --git a/source3/utils/net.c b/source3/utils/net.c index bbd2fb7c2c..5c1156abf9 100644 --- a/source3/utils/net.c +++ b/source3/utils/net.c @@ -390,6 +390,84 @@ static int net_getdomainsid(int argc, const char **argv) return 0; } +static uint32 get_maxrid(void) +{ + SAM_ACCOUNT *pwd = NULL; + uint32 max_rid = 0; + GROUP_MAP *map = NULL; + int num_entries = 0; + int i; + + if (!pdb_setsampwent(False)) { + DEBUG(0, ("load_sampwd_entries: Unable to open passdb.\n")); + return 0; + } + + for (; (NT_STATUS_IS_OK(pdb_init_sam(&pwd))) + && pdb_getsampwent(pwd) == True; pwd=NULL) { + uint32 rid; + + if (!sid_peek_rid(pdb_get_user_sid(pwd), &rid)) { + DEBUG(0, ("can't get RID for user '%s'\n", + pdb_get_username(pwd))); + pdb_free_sam(&pwd); + continue; + } + + if (rid > max_rid) + max_rid = rid; + + DEBUG(1,("%d is user '%s'\n", rid, pdb_get_username(pwd))); + pdb_free_sam(&pwd); + } + + pdb_endsampwent(); + pdb_free_sam(&pwd); + + if (!pdb_enum_group_mapping(SID_NAME_UNKNOWN, &map, &num_entries, + ENUM_ONLY_MAPPED, MAPPING_WITHOUT_PRIV)) + return max_rid; + + for (i = 0; i < num_entries; i++) { + uint32 rid; + + if (!sid_peek_check_rid(get_global_sam_sid(), &map[i].sid, + &rid)) { + DEBUG(3, ("skipping map for group '%s', SID %s\n", + map[i].nt_name, + sid_string_static(&map[i].sid))); + continue; + } + DEBUG(1,("%d is group '%s'\n", rid, map[i].nt_name)); + + if (rid > max_rid) + max_rid = rid; + } + + SAFE_FREE(map); + + return max_rid; +} + +static int net_maxrid(int argc, const char **argv) +{ + uint32 rid; + + if (argc != 0) { + DEBUG(0, ("usage: net initrid\n")); + return 1; + } + + if ((rid = get_maxrid()) == 0) { + DEBUG(0, ("can't get current maximum rid\n")); + return 1; + } + + d_printf("Currently used maximum rid: %d\n", rid); + + return 0; +} + /* main function table */ static struct functable net_func[] = { {"RPC", net_rpc}, @@ -417,6 +495,7 @@ static struct functable net_func[] = { {"GETLOCALSID", net_getlocalsid}, {"SETLOCALSID", net_setlocalsid}, {"GETDOMAINSID", net_getdomainsid}, + {"MAXRID", net_maxrid}, {"HELP", net_help}, {NULL, NULL} |