summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/client/client.c18
-rw-r--r--source4/include/popt_common.h5
-rw-r--r--source4/lib/cmdline/popt_common.c94
3 files changed, 90 insertions, 27 deletions
diff --git a/source4/client/client.c b/source4/client/client.c
index 928a331b0c..9f54f08ce5 100644
--- a/source4/client/client.c
+++ b/source4/client/client.c
@@ -34,6 +34,7 @@ static pstring cd_path = "";
static pstring service;
static pstring desthost;
static pstring username;
+static pstring domain;
static pstring password;
static BOOL use_kerberos;
static BOOL got_pass;
@@ -2260,7 +2261,7 @@ static BOOL browse_host(const char *query_host)
status = dcerpc_pipe_connect(&p, binding,
DCERPC_SRVSVC_UUID,
DCERPC_SRVSVC_VERSION,
- lp_workgroup(),
+ domain,
username, password);
if (!NT_STATUS_IS_OK(status)) {
d_printf("Failed to connect to %s - %s\n",
@@ -2803,7 +2804,7 @@ static struct smbcli_state *do_connect(const char *server, const char *share)
}
}
- status = smbcli_session_setup(c, username, password, lp_workgroup());
+ status = smbcli_session_setup(c, username, password, domain);
if (NT_STATUS_IS_ERR(status)) {
d_printf("authenticated session setup failed: %s\n", nt_errstr(status));
/* if a password was not supplied then try again with a null username */
@@ -2962,13 +2963,11 @@ static void remember_query_host(const char *arg,
struct poptOption long_options[] = {
POPT_AUTOHELP
- { "name-resolve", 'R', POPT_ARG_STRING, NULL, 'R', "Use these name resolution services only", "NAME-RESOLVE-ORDER" },
{ "message", 'M', POPT_ARG_STRING, NULL, 'M', "Send message", "HOST" },
{ "ip-address", 'I', POPT_ARG_STRING, NULL, 'I', "Use this IP to connect to", "IP" },
{ "stderr", 'E', POPT_ARG_NONE, NULL, 'E', "Write messages to stderr instead of stdout" },
{ "list", 'L', POPT_ARG_STRING, NULL, 'L', "Get a list of shares available on a host", "HOST" },
{ "terminal", 't', POPT_ARG_STRING, NULL, 't', "Terminal I/O code {sjis|euc|jis7|jis8|junet|hex}", "CODE" },
- { "max-protocol", 'm', POPT_ARG_STRING, NULL, 'm', "Set the max protocol level", "LEVEL" },
{ "tar", 'T', POPT_ARG_STRING, NULL, 'T', "Command line tar", "<c|x>IXFqgbNan" },
{ "directory", 'D', POPT_ARG_STRING, NULL, 'D', "Start from directory", "DIR" },
{ "command", 'c', POPT_ARG_STRING, &cmdstr, 'c', "Execute semicolon separated commands" },
@@ -3032,12 +3031,6 @@ static void remember_query_host(const char *arg,
case 't':
pstrcpy(term_code, poptGetOptArg(pc));
break;
- case 'm':
- lp_set_cmdline("max protocol", poptGetOptArg(pc));
- break;
- case 'R':
- lp_set_cmdline("name resolve order", poptGetOptArg(pc));
- break;
case 'T':
if (!tar_parseargs(argc, argv, poptGetOptArg(pc), optind)) {
poptPrintUsage(pc, stderr, 0);
@@ -3082,6 +3075,11 @@ static void remember_query_host(const char *arg,
poptFreeContext(pc);
pstrcpy(username, cmdline_auth_info.username);
+ if (cmdline_auth_info.domain[0]) {
+ pstrcpy(domain, cmdline_auth_info.domain);
+ } else {
+ pstrcpy(domain, lp_workgroup());
+ }
pstrcpy(password, cmdline_auth_info.password);
use_kerberos = cmdline_auth_info.use_kerberos;
got_pass = cmdline_auth_info.got_pass;
diff --git a/source4/include/popt_common.h b/source4/include/popt_common.h
index 201245cc3a..e41b1a2cf4 100644
--- a/source4/include/popt_common.h
+++ b/source4/include/popt_common.h
@@ -38,13 +38,14 @@ extern struct poptOption popt_common_credentials[];
#define POPT_COMMON_VERSION { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_version, 0, "Common samba options:", NULL },
#define POPT_COMMON_CREDENTIALS { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_credentials, 0, "Authentication options:", NULL },
-struct user_auth_info {
+struct cmdline_auth_info {
pstring username;
pstring password;
+ pstring domain;
BOOL got_pass;
BOOL use_kerberos;
};
-extern struct user_auth_info cmdline_auth_info;
+extern struct cmdline_auth_info cmdline_auth_info;
#endif /* _POPT_COMMON_H */
diff --git a/source4/lib/cmdline/popt_common.c b/source4/lib/cmdline/popt_common.c
index f659468561..ef75d7be1f 100644
--- a/source4/lib/cmdline/popt_common.c
+++ b/source4/lib/cmdline/popt_common.c
@@ -33,10 +33,7 @@
* -i,--scope
*/
-extern pstring user_socket_options;
-extern BOOL AllowDebugChange;
-
-struct user_auth_info cmdline_auth_info;
+struct cmdline_auth_info cmdline_auth_info;
static void popt_common_callback(poptContext con,
enum poptCallbackReason reason,
@@ -70,6 +67,12 @@ static void popt_common_callback(poptContext con,
exit(0);
break;
+ case 'O':
+ if (arg) {
+ lp_set_cmdline("socket options", arg);
+ }
+ break;
+
case 's':
if (arg) {
pstrcpy(dyn_CONFIGFILE, arg);
@@ -98,13 +101,17 @@ static void popt_common_callback(poptContext con,
case 'm':
lp_set_cmdline("max protocol", arg);
break;
+
+ case 'R':
+ lp_set_cmdline("name resolve order", arg);
+ break;
}
}
struct poptOption popt_common_connection[] = {
{ NULL, 0, POPT_ARG_CALLBACK, popt_common_callback },
- { "socket-options", 'O', POPT_ARG_STRING, NULL, 'O', "socket options to use",
- "SOCKETOPTIONS" },
+ { "name-resolve", 'R', POPT_ARG_STRING, NULL, 'R', "Use these name resolution services only", "NAME-RESOLVE-ORDER" },
+ { "socket-options", 'O', POPT_ARG_STRING, NULL, 'O', "socket options to use", "SOCKETOPTIONS" },
{ "netbiosname", 'n', POPT_ARG_STRING, NULL, 'n', "Primary netbios name", "NETBIOSNAME" },
{ "workgroup", 'W', POPT_ARG_STRING, NULL, 'W', "Set the workgroup name", "WORKGROUP" },
{ "scope", 'i', POPT_ARG_STRING, NULL, 'i', "Use this Netbios scope", "SCOPE" },
@@ -117,7 +124,6 @@ struct poptOption popt_common_samba[] = {
{ "debuglevel", 'd', POPT_ARG_STRING, NULL, 'd', "Set debug level", "DEBUGLEVEL" },
{ "configfile", 's', POPT_ARG_STRING, NULL, 's', "Use alternative configuration file", "CONFIGFILE" },
{ "log-basename", 'l', POPT_ARG_STRING, NULL, 'l', "Basename for log/debug files", "LOGFILEBASE" },
- { "version", 'V', POPT_ARG_NONE, NULL, 'V', "Print version" },
POPT_TABLEEND
};
@@ -133,7 +139,7 @@ struct poptOption popt_common_version[] = {
* get a password from a a file or file descriptor
* exit on failure
* ****************************************************************************/
-static void get_password_file(struct user_auth_info *a)
+static void get_password_file(struct cmdline_auth_info *a)
{
int fd = -1;
char *p;
@@ -187,7 +193,7 @@ static void get_password_file(struct user_auth_info *a)
close(fd);
}
-static void get_credentials_file(const char *file, struct user_auth_info *info)
+static void get_credentials_file(const char *file, struct cmdline_auth_info *info)
{
XFILE *auth;
fstring buf;
@@ -236,10 +242,8 @@ static void get_credentials_file(const char *file, struct user_auth_info *info)
}
else if (strwicmp("username", param) == 0)
pstrcpy(info->username, val);
-#if 0
else if (strwicmp("domain", param) == 0)
- set_global_myworkgroup(val);
-#endif
+ pstrcpy(info->domain,val);
memset(buf, 0, sizeof(buf));
}
x_fclose(auth);
@@ -250,13 +254,15 @@ static void get_credentials_file(const char *file, struct user_auth_info *info)
* -A,--authentication-file
* -k,--use-kerberos
* -N,--no-pass
+ * -S,--signing
+ * -P --machine-pass
*/
static void popt_common_credentials_callback(poptContext con,
- enum poptCallbackReason reason,
- const struct poptOption *opt,
- const char *arg, const void *data)
+ enum poptCallbackReason reason,
+ const struct poptOption *opt,
+ const char *arg, const void *data)
{
char *p;
@@ -268,8 +274,17 @@ static void popt_common_credentials_callback(poptContext con,
if (getenv("LOGNAME"))pstrcpy(cmdline_auth_info.username,getenv("LOGNAME"));
if (getenv("USER")) {
+ pstring tmp;
+
pstrcpy(cmdline_auth_info.username,getenv("USER"));
+ pstrcpy(tmp,cmdline_auth_info.username);
+ if ((p = strchr_m(tmp,'\\'))) {
+ *p = 0;
+ pstrcpy(cmdline_auth_info.domain,tmp);
+ pstrcpy(cmdline_auth_info.username,p+1);
+ }
+
if ((p = strchr_m(cmdline_auth_info.username,'%'))) {
*p = 0;
pstrcpy(cmdline_auth_info.password,p+1);
@@ -278,6 +293,10 @@ static void popt_common_credentials_callback(poptContext con,
}
}
+ if (getenv("DOMAIN")) {
+ pstrcpy(cmdline_auth_info.domain,getenv("DOMAIN"));
+ }
+
if (getenv("PASSWD")) {
pstrcpy(cmdline_auth_info.password,getenv("PASSWD"));
cmdline_auth_info.got_pass = True;
@@ -295,8 +314,17 @@ static void popt_common_credentials_callback(poptContext con,
case 'U':
{
char *lp;
+ pstring tmp;
pstrcpy(cmdline_auth_info.username,arg);
+
+ pstrcpy(tmp,cmdline_auth_info.username);
+ if ((p = strchr_m(tmp,'\\'))) {
+ *p = 0;
+ pstrcpy(cmdline_auth_info.domain,tmp);
+ pstrcpy(cmdline_auth_info.username,p+1);
+ }
+
if ((lp=strchr_m(cmdline_auth_info.username,'%'))) {
*lp = 0;
pstrcpy(cmdline_auth_info.password,lp+1);
@@ -319,6 +347,40 @@ static void popt_common_credentials_callback(poptContext con,
cmdline_auth_info.got_pass = True;
#endif
break;
+
+ case 'S':
+ lp_set_cmdline("client signing", arg);
+ break;
+
+ case 'P':
+ {
+ char *opt_password = NULL;
+ /* it is very useful to be able to make ads queries as the
+ machine account for testing purposes and for domain leave */
+
+ if (!secrets_init()) {
+ d_printf("ERROR: Unable to open secrets database\n");
+ exit(1);
+ }
+
+ opt_password = secrets_fetch_machine_password(lp_workgroup());
+
+ if (!opt_password) {
+ d_printf("ERROR: Unable to fetch machine password\n");
+ exit(1);
+ }
+ pstr_sprintf(cmdline_auth_info.username, "%s$",
+ lp_netbios_name());
+ pstrcpy(cmdline_auth_info.password,opt_password);
+ SAFE_FREE(opt_password);
+
+ pstrcpy(cmdline_auth_info.password, lp_workgroup());
+
+ /* machine accounts only work with kerberos */
+ cmdline_auth_info.use_kerberos = True;
+ cmdline_auth_info.got_pass = True;
+ }
+ break;
}
}
@@ -330,5 +392,7 @@ struct poptOption popt_common_credentials[] = {
{ "no-pass", 'N', POPT_ARG_NONE, &cmdline_auth_info.got_pass, True, "Don't ask for a password" },
{ "kerberos", 'k', POPT_ARG_NONE, &cmdline_auth_info.use_kerberos, True, "Use kerberos (active directory) authentication" },
{ "authentication-file", 'A', POPT_ARG_STRING, NULL, 'A', "Get the credentials from a file", "FILE" },
+ { "signing", 'S', POPT_ARG_STRING, NULL, 'S', "Set the client signing state", "on|off|required" },
+ { "machine-pass", 'P', POPT_ARG_NONE, NULL, 'P', "Use stored machine account password" },
POPT_TABLEEND
};