summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/Makefile.in2
-rw-r--r--source3/libsmb/cli_dfs.c8
-rw-r--r--source3/libsmb/cli_lsarpc.c13
-rw-r--r--source3/libsmb/cli_netlogon.c9
-rw-r--r--source3/libsmb/cli_pipe_util.c82
-rw-r--r--source3/libsmb/cli_reg.c9
-rw-r--r--source3/libsmb/cli_samr.c8
-rw-r--r--source3/libsmb/cli_spoolss.c14
-rw-r--r--source3/libsmb/cli_srvsvc.c9
-rw-r--r--source3/libsmb/cli_wkssvc.c18
-rw-r--r--source3/libsmb/cliconnect.c148
-rw-r--r--source3/libsmb/pwd_cache.c135
-rw-r--r--source3/rpcclient/samsync.c59
-rw-r--r--source3/utils/smbcacls.c115
14 files changed, 70 insertions, 559 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in
index fb16344f43..fc2c0506b2 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -163,7 +163,7 @@ LIBSMB_OBJ = libsmb/clientgen.o libsmb/cliconnect.o libsmb/clifile.o \
LIBMSRPC_OBJ = libsmb/cli_lsarpc.o libsmb/cli_samr.o libsmb/cli_spoolss.o \
libsmb/cli_netlogon.o libsmb/cli_srvsvc.o libsmb/cli_wkssvc.o \
libsmb/cli_dfs.o libsmb/cli_reg.o libsmb/trust_passwd.o\
- rpc_client/cli_pipe.o libsmb/cli_pipe_util.o
+ rpc_client/cli_pipe.o
LIBMSRPC_PICOBJ = $(LIBMSRPC_OBJ:.o=.po)
diff --git a/source3/libsmb/cli_dfs.c b/source3/libsmb/cli_dfs.c
index 312275926c..7fc27b9c3b 100644
--- a/source3/libsmb/cli_dfs.c
+++ b/source3/libsmb/cli_dfs.c
@@ -20,14 +20,6 @@
#include "includes.h"
-/* Opens a SMB connection to the netdfs pipe */
-
-struct cli_state *cli_dfs_initialise(struct cli_state *cli, char *system_name,
- struct ntuser_creds *creds)
-{
- return cli_pipe_initialise(cli, system_name, PIPE_NETDFS, creds);
-}
-
/* Query DFS support */
NTSTATUS cli_dfs_exist(struct cli_state *cli, TALLOC_CTX *mem_ctx,
diff --git a/source3/libsmb/cli_lsarpc.c b/source3/libsmb/cli_lsarpc.c
index 8eaf6da2ec..9d07eb1d1e 100644
--- a/source3/libsmb/cli_lsarpc.c
+++ b/source3/libsmb/cli_lsarpc.c
@@ -38,19 +38,6 @@
* security authority", which is half of a password database.
**/
-/** Opens a SMB connection and connects to the LSARPC pipe.
- *
- * @param cli Uninitialised client handle.
- * @param system_name NETBIOS name of the machine to connect to.
- * @param creds User credentials to connect as.
- * @returns Initialised client handle.
- */
-struct cli_state *cli_lsa_initialise(struct cli_state *cli, char *system_name,
- struct ntuser_creds *creds)
-{
- return cli_pipe_initialise(cli, system_name, PIPE_LSARPC, creds);
-}
-
/** Open a LSA policy handle
*
* @param cli Handle on an initialised SMB connection */
diff --git a/source3/libsmb/cli_netlogon.c b/source3/libsmb/cli_netlogon.c
index 12651966d7..765f19a5fe 100644
--- a/source3/libsmb/cli_netlogon.c
+++ b/source3/libsmb/cli_netlogon.c
@@ -25,15 +25,6 @@
#include "includes.h"
-/* Opens a SMB connection to the netlogon pipe */
-
-struct cli_state *cli_netlogon_initialise(struct cli_state *cli,
- char *system_name,
- struct ntuser_creds *creds)
-{
- return cli_pipe_initialise(cli, system_name, PIPE_NETLOGON, creds);
-}
-
/* LSA Request Challenge. Sends our challenge to server, then gets
server response. These are used to generate the credentials. */
diff --git a/source3/libsmb/cli_pipe_util.c b/source3/libsmb/cli_pipe_util.c
deleted file mode 100644
index de1c832e44..0000000000
--- a/source3/libsmb/cli_pipe_util.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- RPC pipe client utility functions
- Copyright (C) Tim Potter 2001,
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-/** \defgroup rpc_client RPC Client routines
- */
-
-/* Opens a SMB connection to a named pipe */
-
-struct cli_state *cli_pipe_initialise(struct cli_state *cli, char *system_name,
- char *pipe_name,
- struct ntuser_creds *creds)
-{
- struct in_addr dest_ip;
- struct nmb_name calling, called;
- fstring dest_host;
- extern pstring global_myname;
- struct ntuser_creds anon;
-
- /* Initialise cli_state information */
-
- if (!cli_initialise(cli)) {
- return NULL;
- }
-
- if (!creds) {
- ZERO_STRUCT(anon);
- anon.pwd.null_pwd = 1;
- creds = &anon;
- }
-
- cli_init_creds(cli, creds);
-
- /* Establish a SMB connection */
-
- if (!resolve_srv_name(system_name, dest_host, &dest_ip)) {
- return NULL;
- }
-
- make_nmb_name(&called, dns_to_netbios_name(dest_host), 0x20);
- make_nmb_name(&calling, dns_to_netbios_name(global_myname), 0);
-
- if (!cli_establish_connection(cli, dest_host, &dest_ip, &calling,
- &called, "IPC$", "IPC", False, True)) {
- return NULL;
- }
-
- /* Open a NT session thingy */
-
- if (!cli_nt_session_open(cli, pipe_name)) {
- cli_shutdown(cli);
- return NULL;
- }
-
- return cli;
-}
-
-/* Shut down a SMB connection to the SAMR pipe */
-
-void cli_pipe_shutdown(struct cli_state *cli)
-{
- if (cli->fd != -1) cli_ulogoff(cli);
- cli_shutdown(cli);
-}
diff --git a/source3/libsmb/cli_reg.c b/source3/libsmb/cli_reg.c
index c09ccabb29..aaf18882f7 100644
--- a/source3/libsmb/cli_reg.c
+++ b/source3/libsmb/cli_reg.c
@@ -25,15 +25,6 @@
#include "includes.h"
-/* Opens a SMB connection to the WINREG pipe */
-
-struct cli_state *cli_winreg_initialise(struct cli_state *cli,
- char *system_name,
- struct ntuser_creds *creds)
-{
- return cli_pipe_initialise(cli, system_name, PIPE_WINREG, creds);
-}
-
/* Shutdown a server */
NTSTATUS cli_reg_shutdown(struct cli_state * cli, TALLOC_CTX *mem_ctx,
diff --git a/source3/libsmb/cli_samr.c b/source3/libsmb/cli_samr.c
index f3560ede5d..9a332aa99e 100644
--- a/source3/libsmb/cli_samr.c
+++ b/source3/libsmb/cli_samr.c
@@ -24,14 +24,6 @@
#include "includes.h"
-/* Opens a SMB connection to the SAMR pipe */
-
-struct cli_state *cli_samr_initialise(struct cli_state *cli, char *system_name,
- struct ntuser_creds *creds)
-{
- return cli_pipe_initialise(cli, system_name, PIPE_SAMR, creds);
-}
-
/* Connect to SAMR database */
NTSTATUS cli_samr_connect(struct cli_state *cli, TALLOC_CTX *mem_ctx,
diff --git a/source3/libsmb/cli_spoolss.c b/source3/libsmb/cli_spoolss.c
index 28f4f481fa..5e33e00c68 100644
--- a/source3/libsmb/cli_spoolss.c
+++ b/source3/libsmb/cli_spoolss.c
@@ -31,20 +31,6 @@
* @{
**/
-/** Opens a SMB connection and connects to the SPOOLSS pipe.
- *
- * @param cli Uninitialised client handle.
- * @param system_name NETBIOS name of the machine to connect to.
- * @param creds User credentials to connect as.
- * @returns Initialised client handle.
- */
-struct cli_state *cli_spoolss_initialise(struct cli_state *cli,
- char *system_name,
- struct ntuser_creds *creds)
-{
- return cli_pipe_initialise(cli, system_name, PIPE_SPOOLSS, creds);
-}
-
/**********************************************************************
Initialize a new spoolss buff for use by a client rpc
**********************************************************************/
diff --git a/source3/libsmb/cli_srvsvc.c b/source3/libsmb/cli_srvsvc.c
index 9d33149540..b5b4478684 100644
--- a/source3/libsmb/cli_srvsvc.c
+++ b/source3/libsmb/cli_srvsvc.c
@@ -22,15 +22,6 @@
#include "includes.h"
-/* Opens a SMB connection to the svrsvc pipe */
-
-struct cli_state *cli_svrsvc_initialise(struct cli_state *cli,
- char *system_name,
- struct ntuser_creds *creds)
-{
- return cli_pipe_initialise(cli, system_name, PIPE_SRVSVC, creds);
-}
-
NTSTATUS cli_srvsvc_net_srv_get_info(struct cli_state *cli,
TALLOC_CTX *mem_ctx,
uint32 switch_value, SRV_INFO_CTR *ctr)
diff --git a/source3/libsmb/cli_wkssvc.c b/source3/libsmb/cli_wkssvc.c
index 2a84e6b698..756ff61e5b 100644
--- a/source3/libsmb/cli_wkssvc.c
+++ b/source3/libsmb/cli_wkssvc.c
@@ -24,24 +24,6 @@
#include "includes.h"
/**
- * Opens a SMB connection to the wkssvc pipe
- *
- * @param cli client structure (not yet initialised)
- * @param system_name called rpc server name
- * @param creds user credentials
- *
- * @return client structure with opened pipe
- **/
-
-struct cli_state *cli_wkssvc_initialise(struct cli_state *cli,
- char *system_name,
- struct ntuser_creds *creds)
-{
- return cli_pipe_initialise(cli, system_name, PIPE_WKSSVC, creds);
-}
-
-
-/**
* WksQueryInfo rpc call (like query for server's capabilities)
*
* @param initialised client structure with \PIPE\wkssvc opened
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index ec2c33f419..f41c3b7701 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -1027,152 +1027,6 @@ BOOL cli_connect(struct cli_state *cli, const char *host, struct in_addr *ip)
return True;
}
-/****************************************************************************
-establishes a connection right up to doing tconX, password in cache.
-****************************************************************************/
-BOOL cli_establish_connection(struct cli_state *cli,
- char *dest_host, struct in_addr *dest_ip,
- struct nmb_name *calling, struct nmb_name *called,
- char *service, char *service_type,
- BOOL do_shutdown, BOOL do_tcon)
-{
- DEBUG(5,("cli_establish_connection: %s connecting to %s (%s) - %s [%s]\n",
- nmb_namestr(calling), nmb_namestr(called), inet_ntoa(*dest_ip),
- cli->user_name, cli->domain));
-
- /* establish connection */
-
- if ((!cli->initialised))
- {
- return False;
- }
-
- /* cli_establish_connection() can't handle spnego yet. Once we get rid of
- pwd_cache and other horrors we can get rid of this */
- cli->use_spnego = False;
-
- if (cli->fd == -1)
- {
- if (!cli_connect(cli, dest_host, dest_ip))
- {
- DEBUG(1,("cli_establish_connection: failed to connect to %s (%s)\n",
- nmb_namestr(called), inet_ntoa(*dest_ip)));
- return False;
- }
- }
-
- if (!cli_session_request(cli, calling, called))
- {
- DEBUG(1,("failed session request\n"));
- if (do_shutdown)
- cli_shutdown(cli);
- return False;
- }
-
- if (!cli_negprot(cli))
- {
- DEBUG(1,("failed negprot\n"));
- if (do_shutdown)
- cli_shutdown(cli);
- return False;
- }
-
- if (cli->pwd.cleartext || cli->pwd.null_pwd)
- {
- fstring passwd;
- int pass_len;
-
- if (cli->pwd.null_pwd)
- {
- /* attempt null session */
- passwd[0] = 0;
- pass_len = 1;
- }
- else
- {
- /* attempt clear-text session */
- pwd_get_cleartext(&(cli->pwd), passwd);
- pass_len = strlen(passwd);
- }
-
- /* attempt clear-text session */
- if (!cli_session_setup(cli, cli->user_name,
- passwd, pass_len,
- NULL, 0,
- cli->domain))
- {
- DEBUG(1,("failed session setup\n"));
- if (do_shutdown)
- {
- cli_shutdown(cli);
- }
- return False;
- }
- if (do_tcon)
- {
- if (!cli_send_tconX(cli, service, service_type,
- (char*)passwd, strlen(passwd)))
- {
- DEBUG(1,("failed tcon_X\n"));
- if (do_shutdown)
- {
- cli_shutdown(cli);
- }
- return False;
- }
- }
- }
- else
- {
- /* attempt encrypted session */
- unsigned char nt_sess_pwd[24];
- unsigned char lm_sess_pwd[24];
-
- /* creates (storing a copy of) and then obtains a 24 byte password OWF */
- pwd_make_lm_nt_owf(&(cli->pwd), cli->secblob.data);
- pwd_get_lm_nt_owf(&(cli->pwd), lm_sess_pwd, nt_sess_pwd);
-
- /* attempt encrypted session */
- if (!cli_session_setup(cli, cli->user_name,
- (char*)lm_sess_pwd, sizeof(lm_sess_pwd),
- (char*)nt_sess_pwd, sizeof(nt_sess_pwd),
- cli->domain))
- {
- DEBUG(1,("failed session setup\n"));
- if (do_shutdown)
- cli_shutdown(cli);
- return False;
- }
-
- DEBUG(1,("session setup ok\n"));
-
- if (*cli->server_domain || *cli->server_os || *cli->server_type)
- {
- DEBUG(1,("Domain=[%s] OS=[%s] Server=[%s]\n",
- cli->server_domain,
- cli->server_os,
- cli->server_type));
- }
-
- if (do_tcon)
- {
- if (!cli_send_tconX(cli, service, service_type,
- (char*)nt_sess_pwd, sizeof(nt_sess_pwd)))
- {
- DEBUG(1,("failed tcon_X\n"));
- if (do_shutdown)
- cli_shutdown(cli);
- return False;
- }
- }
- }
-
- if (do_shutdown)
- cli_shutdown(cli);
-
- return True;
-}
-
/* Initialise client credentials for authenticated pipe access */
static void init_creds(struct ntuser_creds *creds, char* username,
@@ -1230,7 +1084,7 @@ again:
DEBUG(3,("Connecting to host=%s share=%s\n", dest_host, service));
if (!cli_connect(cli, dest_host, &ip)) {
- DEBUG(1,("cli_establish_connection: failed to connect to %s (%s)\n",
+ DEBUG(1,("cli_full_connection: failed to connect to %s (%s)\n",
nmb_namestr(&called), inet_ntoa(*dest_ip)));
cli_shutdown(cli);
return NT_STATUS_UNSUCCESSFUL;
diff --git a/source3/libsmb/pwd_cache.c b/source3/libsmb/pwd_cache.c
index 7d1185d9a7..8b79788fed 100644
--- a/source3/libsmb/pwd_cache.c
+++ b/source3/libsmb/pwd_cache.c
@@ -24,7 +24,7 @@
Initialises a password structure.
****************************************************************************/
-void pwd_init(struct pwd_info *pwd)
+static void pwd_init(struct pwd_info *pwd)
{
memset((char *)pwd->password , '\0', sizeof(pwd->password ));
memset((char *)pwd->smb_lm_pwd, '\0', sizeof(pwd->smb_lm_pwd));
@@ -38,89 +38,21 @@ void pwd_init(struct pwd_info *pwd)
}
/****************************************************************************
- Returns NULL password flag.
-****************************************************************************/
-
-BOOL pwd_is_nullpwd(const struct pwd_info *pwd)
-{
- return pwd->null_pwd;
-}
-
-/****************************************************************************
- Compares two passwords. hmm, not as trivial as expected. hmm.
-****************************************************************************/
-
-BOOL pwd_compare(const struct pwd_info *pwd1, const struct pwd_info *pwd2)
-{
- if (pwd1->cleartext && pwd2->cleartext) {
- if (strequal(pwd1->password, pwd2->password))
- return True;
- }
- if (pwd1->null_pwd && pwd2->null_pwd)
- return True;
-
- if (!pwd1->null_pwd && !pwd2->null_pwd &&
- !pwd1->cleartext && !pwd2->cleartext) {
-#ifdef DEBUG_PASSWORD
- DEBUG(100,("pwd compare: nt#\n"));
- dump_data(100, pwd1->smb_nt_pwd, 16);
- dump_data(100, pwd2->smb_nt_pwd, 16);
-#endif
- if (memcmp(pwd1->smb_nt_pwd, pwd2->smb_nt_pwd, 16) == 0)
- return True;
-#ifdef DEBUG_PASSWORD
- DEBUG(100,("pwd compare: lm#\n"));
- dump_data(100, pwd1->smb_lm_pwd, 16);
- dump_data(100, pwd2->smb_lm_pwd, 16);
-#endif
- if (memcmp(pwd1->smb_lm_pwd, pwd2->smb_lm_pwd, 16) == 0)
- return True;
- }
- return False;
-}
-
-/****************************************************************************
- Reads a password.
+ Makes lm and nt hashed passwords.
****************************************************************************/
-void pwd_read(struct pwd_info *pwd, char *passwd_report, BOOL do_encrypt)
+static void pwd_make_lm_nt_16(struct pwd_info *pwd, char *clr)
{
- /* grab a password */
- char *user_pass;
+ pstring dos_passwd;
pwd_init(pwd);
- user_pass = (char*)getpass(passwd_report);
-
- /*
- * Do not assume that an empty string is a NULL password.
- * If you do this will break the session key generation for
- * and account with an emtpy password. If you wish to use
- * a NULL password, use the -N option to smbclient and rpcclient
- * --jerry
- */
-#if 0
- if (user_pass == NULL || user_pass[0] == 0)
- pwd_set_nullpwd(pwd);
- else if (do_encrypt)
-#endif
- if (do_encrypt)
- pwd_make_lm_nt_16(pwd, user_pass);
- else
- pwd_set_cleartext(pwd, user_pass);
-}
-
-/****************************************************************************
- Stores a cleartext password.
-****************************************************************************/
-
-void pwd_set_nullpwd(struct pwd_info *pwd)
-{
- pwd_init(pwd);
+ push_ascii_pstring(dos_passwd, clr);
+ nt_lm_owf_gen(dos_passwd, pwd->smb_nt_pwd, pwd->smb_lm_pwd);
+ pwd->null_pwd = False;
pwd->cleartext = False;
- pwd->null_pwd = True;
- pwd->crypted = False;
+ pwd->crypted = False;
}
/****************************************************************************
@@ -151,29 +83,6 @@ void pwd_get_cleartext(struct pwd_info *pwd, char *clr)
}
/****************************************************************************
- Stores lm and nt hashed passwords.
-****************************************************************************/
-
-void pwd_set_lm_nt_16(struct pwd_info *pwd, uchar lm_pwd[16], uchar nt_pwd[16])
-{
- pwd_init(pwd);
-
- if (lm_pwd)
- memcpy(pwd->smb_lm_pwd, lm_pwd, 16);
- else
- memset((char *)pwd->smb_lm_pwd, '\0', 16);
-
- if (nt_pwd)
- memcpy(pwd->smb_nt_pwd, nt_pwd, 16);
- else
- memset((char *)pwd->smb_nt_pwd, '\0', 16);
-
- pwd->null_pwd = False;
- pwd->cleartext = False;
- pwd->crypted = False;
-}
-
-/****************************************************************************
Gets lm and nt hashed passwords.
****************************************************************************/
@@ -186,24 +95,6 @@ void pwd_get_lm_nt_16(struct pwd_info *pwd, uchar lm_pwd[16], uchar nt_pwd[16])
}
/****************************************************************************
- Makes lm and nt hashed passwords.
-****************************************************************************/
-
-void pwd_make_lm_nt_16(struct pwd_info *pwd, char *clr)
-{
- pstring dos_passwd;
-
- pwd_init(pwd);
-
- push_ascii_pstring(dos_passwd, clr);
-
- nt_lm_owf_gen(dos_passwd, pwd->smb_nt_pwd, pwd->smb_lm_pwd);
- pwd->null_pwd = False;
- pwd->cleartext = False;
- pwd->crypted = False;
-}
-
-/****************************************************************************
Makes lm and nt OWF crypts.
****************************************************************************/
@@ -247,3 +138,13 @@ void pwd_get_lm_nt_owf(struct pwd_info *pwd, uchar lm_owf[24], uchar nt_owf[24])
if (nt_owf != NULL)
memcpy(nt_owf, pwd->smb_nt_owf, 24);
}
+
+
+
+
+
+
+
+
+
+
diff --git a/source3/rpcclient/samsync.c b/source3/rpcclient/samsync.c
index 14f7ed8953..0b30798070 100644
--- a/source3/rpcclient/samsync.c
+++ b/source3/rpcclient/samsync.c
@@ -396,51 +396,19 @@ static void usage(void)
printf("\n");
}
-/* Initialise client credentials for authenticated pipe access */
-
-void init_rpcclient_creds(struct ntuser_creds *creds, char* username,
- char* domain, char* password)
-{
- ZERO_STRUCTP(creds);
-
- if (lp_encrypted_passwords()) {
- pwd_make_lm_nt_16(&creds->pwd, password);
- } else {
- pwd_set_cleartext(&creds->pwd, password);
- }
-
- fstrcpy(creds->user_name, username);
- fstrcpy(creds->domain, domain);
-
- if (! *username) {
- creds->pwd.null_pwd = True;
- }
-}
-
/* Connect to primary domain controller */
-static struct cli_state *init_connection(struct cli_state *cli,
+static struct cli_state *init_connection(struct cli_state **cli,
char *username, char *domain,
char *password)
{
- struct ntuser_creds creds;
extern pstring global_myname;
struct in_addr *dest_ip;
- struct nmb_name calling, called;
int count;
fstring dest_host;
/* Initialise cli_state information */
- ZERO_STRUCTP(cli);
-
- if (!cli_initialise(cli)) {
- return NULL;
- }
-
- init_rpcclient_creds(&creds, username, domain, password);
- cli_init_creds(cli, &creds);
-
/* Look up name of PDC controller */
if (!get_dc_list(True, lp_workgroup(), &dest_ip, &count)) {
@@ -456,20 +424,15 @@ static struct cli_state *init_connection(struct cli_state *cli,
return NULL;
}
- get_myname((*global_myname)?NULL:global_myname);
- strupper(global_myname);
-
- make_nmb_name(&called, dns_to_netbios_name(dest_host), 0x20);
- make_nmb_name(&calling, dns_to_netbios_name(global_myname), 0);
-
- /* Establish a SMB connection */
-
- if (!cli_establish_connection(cli, dest_host, dest_ip, &calling,
- &called, "IPC$", "IPC", False, True)) {
+ if (NT_STATUS_IS_OK(cli_full_connection(cli, global_myname, dest_host,
+ dest_ip, 0,
+ "IPC$", "IPC",
+ username, domain,
+ password, strlen(password)))) {
+ return *cli;
+ } else {
return NULL;
}
-
- return cli;
}
/* Main function */
@@ -477,7 +440,7 @@ static struct cli_state *init_connection(struct cli_state *cli,
int main(int argc, char **argv)
{
BOOL do_sam_sync = False, do_sam_repl = False;
- struct cli_state cli;
+ struct cli_state *cli;
NTSTATUS result;
int opt;
pstring logfile;
@@ -605,10 +568,10 @@ static struct cli_state *init_connection(struct cli_state *cli,
return 1;
if (do_sam_sync)
- result = sam_sync(&cli, trust_passwd, do_smbpasswd_output, verbose);
+ result = sam_sync(cli, trust_passwd, do_smbpasswd_output, verbose);
if (do_sam_repl)
- result = sam_repl(&cli, trust_passwd, low_serial);
+ result = sam_repl(cli, trust_passwd, low_serial);
if (!NT_STATUS_IS_OK(result)) {
DEBUG(0, ("%s\n", nt_errstr(result)));
diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c
index 017f4035b0..62ab6357b4 100644
--- a/source3/utils/smbcacls.c
+++ b/source3/utils/smbcacls.c
@@ -42,6 +42,9 @@ enum acl_mode {SMB_ACL_SET, SMB_ACL_DELETE, SMB_ACL_MODIFY, SMB_ACL_ADD };
enum chown_mode {REQUEST_NONE, REQUEST_CHOWN, REQUEST_CHGRP};
enum exit_values {EXIT_OK, EXIT_FAILED, EXIT_PARSE_ERROR};
+extern pstring global_myname;
+extern fstring global_myworkgroup;
+
struct perm_value {
char *perm;
uint32 mask;
@@ -66,24 +69,25 @@ static struct perm_value standard_values[] = {
{ NULL, 0 },
};
-struct cli_state lsa_cli;
-POLICY_HND pol;
-struct ntuser_creds creds;
-BOOL got_policy_hnd;
+static struct cli_state *global_hack_cli;
+static POLICY_HND pol;
+static BOOL got_policy_hnd;
+
+static struct cli_state *connect_one(char *share);
/* Open cli connection and policy handle */
static BOOL cacls_open_policy_hnd(void)
{
- creds.pwd.null_pwd = 1;
-
/* Initialise cli LSA connection */
- if (!lsa_cli.initialised &&
- !cli_lsa_initialise(&lsa_cli, server, &creds)) {
- return False;
+ if (!global_hack_cli) {
+ global_hack_cli = connect_one("IPC$");
+ if (!cli_nt_session_open (global_hack_cli, PIPE_LSARPC)) {
+ return False;
+ }
}
-
+
/* Open policy handle */
if (!got_policy_hnd) {
@@ -91,7 +95,7 @@ static BOOL cacls_open_policy_hnd(void)
/* Some systems don't support SEC_RIGHTS_MAXIMUM_ALLOWED,
but NT sends 0x2000000 so we might as well do it too. */
- if (!NT_STATUS_IS_OK(cli_lsa_open_policy(&lsa_cli, lsa_cli.mem_ctx, True,
+ if (!NT_STATUS_IS_OK(cli_lsa_open_policy(global_hack_cli, global_hack_cli->mem_ctx, True,
GENERIC_EXECUTE_ACCESS, &pol))) {
return False;
}
@@ -116,7 +120,7 @@ static void SidToString(fstring str, DOM_SID *sid)
/* Ask LSA to convert the sid to a name */
if (!cacls_open_policy_hnd() ||
- !NT_STATUS_IS_OK(cli_lsa_lookup_sids(&lsa_cli, lsa_cli.mem_ctx,
+ !NT_STATUS_IS_OK(cli_lsa_lookup_sids(global_hack_cli, global_hack_cli->mem_ctx,
&pol, 1, sid, &domains,
&names, &types)) ||
!domains || !domains[0] || !names || !names[0]) {
@@ -143,7 +147,7 @@ static BOOL StringToSid(DOM_SID *sid, const char *str)
}
if (!cacls_open_policy_hnd() ||
- !NT_STATUS_IS_OK(cli_lsa_lookup_names(&lsa_cli, lsa_cli.mem_ctx,
+ !NT_STATUS_IS_OK(cli_lsa_lookup_names(global_hack_cli, global_hack_cli->mem_ctx,
&pol, 1, &str, &sids,
&types))) {
result = False;
@@ -700,80 +704,29 @@ static int cacl_set(struct cli_state *cli, char *filename,
/*****************************************************
return a connection to a server
*******************************************************/
-struct cli_state *connect_one(char *share)
+static struct cli_state *connect_one(char *share)
{
struct cli_state *c;
- struct nmb_name called, calling;
struct in_addr ip;
- extern pstring global_myname;
-
- fstrcpy(server,share+2);
- share = strchr_m(server,'\\');
- if (!share) return NULL;
- *share = 0;
- share++;
-
- zero_ip(&ip);
-
- make_nmb_name(&calling, global_myname, 0x0);
- make_nmb_name(&called , server, 0x20);
-
- again:
- zero_ip(&ip);
-
- /* have to open a new connection */
- if (!(c=cli_initialise(NULL)) || !cli_connect(c, server, &ip)) {
- DEBUG(0,("Connection to %s failed\n", server));
- cli_shutdown(c);
- return NULL;
- }
-
- if (!cli_session_request(c, &calling, &called)) {
- DEBUG(0,("session request to %s failed\n", called.name));
- cli_shutdown(c);
- if (strcmp(called.name, "*SMBSERVER")) {
- make_nmb_name(&called , "*SMBSERVER", 0x20);
- goto again;
- }
- return NULL;
- }
-
- DEBUG(4,(" session request ok\n"));
-
- if (!cli_negprot(c)) {
- DEBUG(0,("protocol negotiation failed\n"));
- cli_shutdown(c);
- return NULL;
- }
-
+ zero_ip(&ip);
+
if (!got_pass) {
char *pass = getpass("Password: ");
if (pass) {
pstrcpy(password, pass);
+ got_pass = True;
}
}
- if (!cli_session_setup(c, username,
- password, strlen(password),
- password, strlen(password),
- lp_workgroup())) {
- DEBUG(0,("session setup failed: %s\n", cli_errstr(c)));
- cli_shutdown(c);
- return NULL;
- }
-
- DEBUG(4,(" session setup ok\n"));
-
- if (!cli_send_tconX(c, share, "?????",
- password, strlen(password)+1)) {
- DEBUG(0,("tree connect failed: %s\n", cli_errstr(c)));
- cli_shutdown(c);
+ if (NT_STATUS_IS_OK(cli_full_connection(&c, global_myname, server,
+ &ip, 0,
+ share, "?????",
+ username, global_myworkgroup,
+ password, strlen(password)))) {
+ return c;
+ } else {
return NULL;
}
-
- DEBUG(4,(" tconx ok\n"));
-
- return c;
}
@@ -811,12 +764,13 @@ You can string acls together with spaces, commas or newlines\n\
extern int optind;
int opt;
char *p;
- struct cli_state *cli=NULL;
enum acl_mode mode = SMB_ACL_SET;
char *the_acl = NULL;
enum chown_mode change_mode = REQUEST_NONE;
int result;
+ struct cli_state *cli;
+
ctx=talloc_init();
setlinebuf(stdout);
@@ -930,12 +884,20 @@ You can string acls together with spaces, commas or newlines\n\
/* Make connection to server */
+ fstrcpy(server,share+2);
+ share = strchr_m(server,'\\');
+ if (!share) return -1;
+ *share = 0;
+ share++;
+
if (!test_args) {
cli = connect_one(share);
if (!cli) {
talloc_destroy(ctx);
exit(EXIT_FAILED);
}
+ } else {
+ exit(0);
}
all_string_sub(filename, "/", "\\", 0);
@@ -960,3 +922,4 @@ You can string acls together with spaces, commas or newlines\n\
return result;
}
+