diff options
Diffstat (limited to 'examples/libmsrpc/test/lsa')
-rw-r--r-- | examples/libmsrpc/test/lsa/ear.c | 261 | ||||
-rw-r--r-- | examples/libmsrpc/test/lsa/lsaenum.c | 96 | ||||
-rw-r--r-- | examples/libmsrpc/test/lsa/lsaenumprivs.c | 79 | ||||
-rw-r--r-- | examples/libmsrpc/test/lsa/lsapol.c | 87 | ||||
-rw-r--r-- | examples/libmsrpc/test/lsa/lsapriv.c | 113 | ||||
-rw-r--r-- | examples/libmsrpc/test/lsa/lsaq.c | 245 | ||||
-rw-r--r-- | examples/libmsrpc/test/lsa/lsatrust.c | 151 |
7 files changed, 0 insertions, 1032 deletions
diff --git a/examples/libmsrpc/test/lsa/ear.c b/examples/libmsrpc/test/lsa/ear.c deleted file mode 100644 index 8a8202543d..0000000000 --- a/examples/libmsrpc/test/lsa/ear.c +++ /dev/null @@ -1,261 +0,0 @@ -/* connects to an LSA, asks for a list of server names, prints out their sids, then looks up their names from the sids and prints them out again - * if you run as lsaq -p, then it will simulate a partial success for cac_GetNamesFromSids. It will try to lookup the server's local and domain sids - */ - - -#include "libmsrpc.h" -#include "includes.h" - -void fill_conn_info(CacServerHandle *hnd) { - pstring domain; - pstring username; - pstring password; - pstring server; - - fprintf(stdout, "Enter domain name: "); - fscanf(stdin, "%s", domain); - - fprintf(stdout, "Enter username: "); - fscanf(stdin, "%s", username); - - fprintf(stdout, "Enter password (no input masking): "); - fscanf(stdin, "%s", password); - - fprintf(stdout, "Enter server (ip or name): "); - fscanf(stdin, "%s", server); - - hnd->domain = SMB_STRDUP(domain); - hnd->username = SMB_STRDUP(username); - hnd->password = SMB_STRDUP(password); - hnd->server = SMB_STRDUP(server); -} - -void get_server_names(TALLOC_CTX *mem_ctx, int *num_names, char ***names) { - int i = 0; - pstring tmp; - - fprintf(stdout, "How many names do you want to lookup?: "); - fscanf(stdin, "%d", num_names); - - *names = TALLOC_ARRAY(mem_ctx, char *, *num_names); - if(*names == NULL) { - fprintf(stderr, "No memory for allocation\n"); - exit(-1); - } - - for(i = 0; i < *num_names; i++) { - fprintf(stdout, "Enter name: "); - fscanf(stdin, "%s", tmp); - (*names)[i] = talloc_strdup(mem_ctx, tmp); - } -} - -int main(int argc, char **argv) { - int i; - int result; - char **names; - int num_names; - int num_sids; - CacServerHandle *hnd = NULL; - POLICY_HND *lsa_pol = NULL; - TALLOC_CTX *mem_ctx = NULL; - - DOM_SID *sid_buf = NULL; - - BOOL sim_partial = False; - - if(argc > 1 && strcmp(argv[1], "-p") == 0) - sim_partial = True; - - mem_ctx = talloc_init("lsaq"); - - hnd = cac_NewServerHandle(False); - - fill_conn_info(hnd); - - get_server_names(mem_ctx, &num_names, &names); - - /*connect to the PDC and open a LSA handle*/ - if(!cac_Connect(hnd, NULL)) { - fprintf(stderr, "Could not connect to server.\n Error %s.\n", nt_errstr(hnd->status)); - cac_FreeHandle(hnd); - exit(-1); - } - - fprintf(stdout, "Connected to server: %s\n", hnd->server); - - struct LsaOpenPolicy lop; - ZERO_STRUCT(lop); - - lop.in.access = SEC_RIGHT_MAXIMUM_ALLOWED; - lop.in.security_qos = True; - - if(!cac_LsaOpenPolicy(hnd, mem_ctx, &lop)) { - fprintf(stderr, "Could not get lsa policy handle.\n Error: %s\n", nt_errstr(hnd->status)); - cac_FreeHandle(hnd); - exit(-1); - } - - fprintf(stdout, "Opened Policy Handle\n"); - - /*just to make things neater*/ - lsa_pol = lop.out.pol; - - /*fetch the local sid and domain sid for the pdc*/ - - struct LsaFetchSid fsop; - ZERO_STRUCT(fsop); - - fsop.in.pol = lsa_pol; - fsop.in.info_class = (CAC_LOCAL_INFO|CAC_DOMAIN_INFO); - - fprintf(stdout, "fetching SID info for %s\n", hnd->server); - - result = cac_LsaFetchSid(hnd, mem_ctx, &fsop); - if(!result) { - fprintf(stderr, "Could not get sid for server: %s\n. Error: %s\n", hnd->server, nt_errstr(hnd->status)); - cac_FreeHandle(hnd); - talloc_destroy(mem_ctx); - exit(-1); - } - - if(result == CAC_PARTIAL_SUCCESS) { - fprintf(stdout, "could not retrieve both domain and local information\n"); - } - - - fprintf(stdout, "Fetched SID info for %s\n", hnd->server); - if(fsop.out.local_sid != NULL) - fprintf(stdout, " domain: %s. Local SID: %s\n", fsop.out.local_sid->domain, sid_string_static(&fsop.out.local_sid->sid)); - - if(fsop.out.domain_sid != NULL) - fprintf(stdout, " domain: %s, Domain SID: %s\n", fsop.out.domain_sid->domain, sid_string_static(&fsop.out.domain_sid->sid)); - - fprintf(stdout, "Looking up sids\n"); - - - struct LsaGetSidsFromNames gsop; - ZERO_STRUCT(gsop); - - gsop.in.pol = lsa_pol; - gsop.in.num_names = num_names; - gsop.in.names = names; - - result = cac_LsaGetSidsFromNames(hnd, mem_ctx, &gsop); - - if(!result) { - fprintf(stderr, "Could not lookup any sids!\n Error: %s\n", nt_errstr(hnd->status)); - goto done; - } - - if(result == CAC_PARTIAL_SUCCESS) { - fprintf(stdout, "Not all names could be looked up.\nThe following names were not found:\n"); - - for(i = 0; i < (num_names - gsop.out.num_found); i++) { - fprintf(stdout, " %s\n", gsop.out.unknown[i]); - } - - fprintf(stdout, "\n"); - } - - /*buffer the sids so we can look them up back to names*/ - num_sids = (sim_partial) ? gsop.out.num_found + 2: gsop.out.num_found; - sid_buf = TALLOC_ARRAY(mem_ctx, DOM_SID, num_sids); - - fprintf(stdout, "%d names were resolved: \n", gsop.out.num_found); - - - i = 0; - while(i < gsop.out.num_found) { - fprintf(stdout, " Name: %s\n SID: %s\n\n", gsop.out.sids[i].name, sid_string_static(&gsop.out.sids[i].sid)); - - sid_buf[i] = gsop.out.sids[i].sid; - - printf("Attempting to open account\n"); - - struct LsaOpenAccount loa; - ZERO_STRUCT(loa); - - loa.in.pol = lsa_pol; - loa.in.access = SEC_RIGHT_MAXIMUM_ALLOWED; - loa.in.sid = &gsop.out.sids[i].sid; - - if(!cac_LsaOpenAccount(hnd, mem_ctx, &loa)) { - fprintf(stderr, "Could not open account.\n Error: %s\n", nt_errstr(hnd->status)); - } - - printf("\nEnumerating privs:"); - struct LsaEnumAccountRights earop; - ZERO_STRUCT(earop); - - earop.in.pol = lsa_pol; - - earop.in.sid = &gsop.out.sids[i].sid; - - if(!cac_LsaEnumAccountRights(hnd, mem_ctx, &earop)) { - fprintf(stderr, "Could not enumerate account rights.\n Error: %s\n", nt_errstr(hnd->status)); - } - - int j; - printf( "Rights: "); - for(j = 0; j < earop.out.num_privs; j++) { - printf(" %s\n", earop.out.priv_names[j]); - } - - printf("\n"); - - - i++; - } - - /*if we want a partial success to occur below, then add the server's SIDs to the end of the array*/ - if(sim_partial) { - sid_buf[i] = fsop.out.local_sid->sid; - sid_buf[i+1] = fsop.out.domain_sid->sid; - } - - fprintf(stdout, "Looking up Names from SIDs\n"); - - struct LsaGetNamesFromSids gnop; - ZERO_STRUCT(gnop); - - gnop.in.pol = lsa_pol; - gnop.in.num_sids = num_sids; - gnop.in.sids = sid_buf; - - result = cac_LsaGetNamesFromSids(hnd, mem_ctx, &gnop); - - if(!result) { - fprintf(stderr, "Could not lookup any names!.\n Error: %s\n", nt_errstr(hnd->status)); - goto done; - } - - if(result == CAC_PARTIAL_SUCCESS) { - fprintf(stdout, "\nNot all SIDs could be looked up.\n. The following SIDs were not found:\n"); - - for(i = 0; i < (num_sids - gnop.out.num_found); i++) { - fprintf(stdout, "SID: %s\n", sid_string_static(&gnop.out.unknown[i])); - } - - fprintf(stdout, "\n"); - } - - fprintf(stdout, "%d SIDs were resolved: \n", gnop.out.num_found); - for(i = 0; i < gnop.out.num_found; i++) { - fprintf(stdout, " SID: %s\n Name: %s\n", sid_string_static(&gnop.out.sids[i].sid), gsop.out.sids[i].name); - } - -done: - - if(!cac_LsaClosePolicy(hnd, mem_ctx, lsa_pol)) { - fprintf(stderr, "Could not close LSA policy handle.\n Error: %s\n", nt_errstr(hnd->status)); - } - else { - fprintf(stdout, "Closed Policy handle.\n"); - } - - cac_FreeHandle(hnd); - talloc_destroy(mem_ctx); - - return 0; -} diff --git a/examples/libmsrpc/test/lsa/lsaenum.c b/examples/libmsrpc/test/lsa/lsaenum.c deleted file mode 100644 index d4ad4f73aa..0000000000 --- a/examples/libmsrpc/test/lsa/lsaenum.c +++ /dev/null @@ -1,96 +0,0 @@ -/*enumerates SIDs*/ - -#include "libmsrpc.h" -#include "includes.h" - -int main(int argc, char **argv) { - - CacServerHandle *hnd = NULL; - TALLOC_CTX *mem_ctx = NULL; - - POLICY_HND *pol = NULL; - - int i; - int max_sids; - - mem_ctx = talloc_init("lsaenum"); - - hnd = cac_NewServerHandle(True); - - printf("Enter server to connect to: "); - fscanf(stdin, "%s", hnd->server); - - if(!cac_Connect(hnd, NULL)) { - fprintf(stderr, "Could not connect to server.\n Error: %s.\n errno: %s\n", nt_errstr(hnd->status), strerror(errno)); - cac_FreeHandle(hnd); - exit(-1); - } - - printf("How many sids do you want to grab at a time? "); - fscanf(stdin, "%d", &max_sids); - - struct LsaOpenPolicy lop; - ZERO_STRUCT(lop); - - lop.in.access = SEC_RIGHT_MAXIMUM_ALLOWED; - lop.in.security_qos = True; - - - if(!cac_LsaOpenPolicy(hnd, mem_ctx, &lop)) { - fprintf(stderr, "Could not open policy handle.\n Error: %s\n", nt_errstr(hnd->status)); - cac_FreeHandle(hnd); - exit(-1); - } - - pol = lop.out.pol; - - - struct LsaEnumSids esop; - ZERO_STRUCT(esop); - esop.in.pol = pol; - /*grab a couple at a time to demonstrate multiple calls*/ - esop.in.pref_max_sids = max_sids; - - printf("Attempting to fetch SIDs %d at a time\n", esop.in.pref_max_sids); - - while(cac_LsaEnumSids(hnd, mem_ctx, &esop)) { - - printf("\nEnumerated %d sids: \n", esop.out.num_sids); - for(i = 0; i < esop.out.num_sids; i++) { - printf(" SID: %s\n", sid_string_static(&esop.out.sids[i])); - } - - printf("Resolving names\n"); - - struct LsaGetNamesFromSids gnop; - ZERO_STRUCT(gnop); - - gnop.in.pol = pol; - gnop.in.sids = esop.out.sids; - gnop.in.num_sids = esop.out.num_sids; - - if(!cac_LsaGetNamesFromSids(hnd, mem_ctx, &gnop)) { - fprintf(stderr, "Could not resolve names.\n Error: %s\n", nt_errstr(hnd->status)); - goto done; - } - - printf("\nResolved %d names: \n", gnop.out.num_found); - for(i = 0; i < gnop.out.num_found; i++) { - printf(" SID: %s\n", sid_string_static(&gnop.out.sids[i].sid)); - printf(" Name: %s\n", gnop.out.sids[i].name); - } - - /*clean up a little*/ - talloc_free(gnop.out.sids); - } - -done: - if(!cac_LsaClosePolicy(hnd, mem_ctx, pol)) { - fprintf(stderr, "Could not close policy handle.\n Error: %s\n", nt_errstr(hnd->status)); - } - - cac_FreeHandle(hnd); - talloc_destroy(mem_ctx); - - return 0; -} diff --git a/examples/libmsrpc/test/lsa/lsaenumprivs.c b/examples/libmsrpc/test/lsa/lsaenumprivs.c deleted file mode 100644 index 8b5c9deca6..0000000000 --- a/examples/libmsrpc/test/lsa/lsaenumprivs.c +++ /dev/null @@ -1,79 +0,0 @@ -/*enumerates privileges*/ - -#include "libmsrpc.h" -#include "includes.h" - -#define MAX_STRING_LEN 50; - -int main() { - CacServerHandle *hnd = NULL; - TALLOC_CTX *mem_ctx = NULL; - POLICY_HND *lsa_pol = NULL; - - int i; - - mem_ctx = talloc_init("lsatrust"); - - hnd = cac_NewServerHandle(True); - - printf("Server: "); - fscanf(stdin, "%s", hnd->server); - - printf("Connecting to server....\n"); - - if(!cac_Connect(hnd, NULL)) { - fprintf(stderr, "Could not connect to server.\n Error: %s\n errno %s\n", nt_errstr(hnd->status), strerror(errno)); - cac_FreeHandle(hnd); - exit(-1); - } - - printf("Connected to server\n"); - - struct LsaOpenPolicy lop; - ZERO_STRUCT(lop); - - lop.in.access = SEC_RIGHT_MAXIMUM_ALLOWED; - lop.in.security_qos = True; - - - if(!cac_LsaOpenPolicy(hnd, mem_ctx, &lop)) { - fprintf(stderr, "Could not open policy handle.\n Error: %s\n", nt_errstr(hnd->status)); - cac_FreeHandle(hnd); - exit(-1); - } - - lsa_pol = lop.out.pol; - - printf("Enumerating Privileges\n"); - - struct LsaEnumPrivileges ep; - ZERO_STRUCT(ep); - - ep.in.pol = lsa_pol; - ep.in.pref_max_privs = 50; - - while(cac_LsaEnumPrivileges(hnd, mem_ctx, &ep)) { - printf(" Enumerated %d privileges\n", ep.out.num_privs); - - for(i = 0; i < ep.out.num_privs; i++) { - printf("\"%s\"\n", ep.out.priv_names[i]); - } - - printf("\n"); - } - - if(CAC_OP_FAILED(hnd->status)) { - fprintf(stderr, "Error while enumerating privileges.\n Error: %s\n", nt_errstr(hnd->status)); - goto done; - } - -done: - if(!cac_LsaClosePolicy(hnd, mem_ctx, lsa_pol)) { - fprintf(stderr, "Could not close policy handle.\n Error: %s\n", nt_errstr(hnd->status)); - } - - cac_FreeHandle(hnd); - talloc_destroy(mem_ctx); - - return 0; -} diff --git a/examples/libmsrpc/test/lsa/lsapol.c b/examples/libmsrpc/test/lsa/lsapol.c deleted file mode 100644 index 58407e4343..0000000000 --- a/examples/libmsrpc/test/lsa/lsapol.c +++ /dev/null @@ -1,87 +0,0 @@ -/* simple test code, opens and closes an LSA policy handle using libmsrpc, careful.. there's no password input masking*/ - -#include "includes.h" -#include "libmsrpc.h" - -void fill_conn_info(CacServerHandle *hnd) { - pstring domain; - pstring username; - pstring password; - pstring server; - - fprintf(stdout, "Enter domain name: "); - fscanf(stdin, "%s", domain); - - fprintf(stdout, "Enter username: "); - fscanf(stdin, "%s", username); - - fprintf(stdout, "Enter password (no input masking): "); - fscanf(stdin, "%s", password); - - fprintf(stdout, "Enter server (ip or name): "); - fscanf(stdin, "%s", server); - - hnd->domain = SMB_STRDUP(domain); - hnd->username = SMB_STRDUP(username); - hnd->password = SMB_STRDUP(password); - hnd->server = SMB_STRDUP(server); -} - -int main() { - CacServerHandle *hnd = NULL; - TALLOC_CTX *mem_ctx; - struct LsaOpenPolicy op; - - mem_ctx = talloc_init("lsapol"); - - - hnd = cac_NewServerHandle(False); - - /*this line is unnecesary*/ - cac_SetAuthDataFn(hnd, cac_GetAuthDataFn); - - hnd->debug = 0; - - fill_conn_info(hnd); - - /*connect to the server, its name/ip is already in the handle so just pass NULL*/ - if(!cac_Connect(hnd, NULL)) { - fprintf(stderr, "Could not connect to server. \n Error %s\n errno(%d): %s\n", nt_errstr(hnd->status), errno, strerror(errno)); - cac_FreeHandle(hnd); - exit(-1); - } - else { - fprintf(stdout, "Connected to server\n"); - } - - op.in.access = GENERIC_EXECUTE_ACCESS; - op.in.security_qos = True; - - /*open the handle*/ - if(!cac_LsaOpenPolicy(hnd, mem_ctx, &op)) { - fprintf(stderr, "Could not open policy.\n Error: %s.errno: %d.\n", nt_errstr(hnd->status), errno); - cac_FreeHandle(hnd); - exit(-1); - } - else { - fprintf(stdout, "Opened Policy handle\n"); - } - - /*close the handle*/ - if(!cac_LsaClosePolicy(hnd, mem_ctx, op.out.pol)) { - fprintf(stderr, "Could not close policy. Error: %s\n", nt_errstr(hnd->status)); - } - else { - fprintf(stdout, "Closed Policy handle\n"); - } - - /*cleanup*/ - cac_FreeHandle(hnd); - - talloc_destroy(mem_ctx); - - fprintf(stdout, "Free'd server handle\n"); - - return 0; -} - diff --git a/examples/libmsrpc/test/lsa/lsapriv.c b/examples/libmsrpc/test/lsa/lsapriv.c deleted file mode 100644 index 80b3ea102f..0000000000 --- a/examples/libmsrpc/test/lsa/lsapriv.c +++ /dev/null @@ -1,113 +0,0 @@ -/*tries to set privileges for an account*/ - -#include "libmsrpc.h" -#include "test_util.h" - -#define BIGGEST_UINT32 0xffffffff - -int main(int argc, char **argv) { - CacServerHandle *hnd = NULL; - TALLOC_CTX *mem_ctx = NULL; - - struct LsaOpenPolicy lop; - struct LsaEnumPrivileges ep; - struct LsaEnumAccountRights ar; - struct LsaAddPrivileges ap; - - fstring tmp; - - uint32 i = 0; - - mem_ctx = talloc_init("lsapriv"); - - hnd = cac_NewServerHandle(True); - - cac_SetAuthDataFn(hnd, cactest_GetAuthDataFn); - - cac_parse_cmd_line(argc, argv, hnd); - - if(!cac_Connect(hnd, NULL)) { - fprintf(stderr, "Could not connect to server %s. Error: %s\n", hnd->server, nt_errstr(hnd->status)); - exit(-1); - } - - ZERO_STRUCT(lop); - - lop.in.access = SEC_RIGHT_MAXIMUM_ALLOWED; - - if(!cac_LsaOpenPolicy(hnd, mem_ctx, &lop)) { - fprintf(stderr, "Could not open LSA policy. Error: %s\n", nt_errstr(hnd->status)); - goto done; - } - - /*first enumerate possible privileges*/ - ZERO_STRUCT(ep); - - ep.in.pol = lop.out.pol; - ep.in.pref_max_privs = BIGGEST_UINT32; - - printf("Enumerating supported privileges:\n"); - while(cac_LsaEnumPrivileges(hnd, mem_ctx, &ep)) { - for(i = 0; i < ep.out.num_privs; i++) { - printf("\t%s\n", ep.out.priv_names[i]); - } - } - - if(CAC_OP_FAILED(hnd->status)) { - fprintf(stderr, "Could not enumerate privileges. Error: %s\n", nt_errstr(hnd->status)); - goto done; - } - - printf("Enter account name: "); - cactest_readline(stdin, tmp); - - ZERO_STRUCT(ar); - - ar.in.pol = lop.out.pol; - ar.in.name = talloc_strdup(mem_ctx, tmp); - - printf("Enumerating privileges for %s:\n", ar.in.name); - if(!cac_LsaEnumAccountRights(hnd, mem_ctx, &ar)) { - fprintf(stderr, "Could not enumerate privileges. Error: %s\n", nt_errstr(hnd->status)); - goto done; - } - - printf("Enumerated %d privileges:\n", ar.out.num_privs); - - for(i = 0; i < ar.out.num_privs; i++) - printf("\t%s\n", ar.out.priv_names[i]); - - ZERO_STRUCT(ap); - - ap.in.pol = lop.out.pol; - ap.in.name = ar.in.name; - - printf("How many privileges will you set: "); - scanf("%d", &ap.in.num_privs); - - ap.in.priv_names = talloc_array(mem_ctx, char *, ap.in.num_privs); - if(!ap.in.priv_names) { - fprintf(stderr, "No memory\n"); - goto done; - } - - for(i = 0; i < ap.in.num_privs; i++) { - printf("Enter priv %d: ", i); - cactest_readline(stdin, tmp); - - ap.in.priv_names[i] = talloc_strdup(mem_ctx, tmp); - } - - if(!cac_LsaSetPrivileges(hnd, mem_ctx, &ap)) { - fprintf(stderr, "Could not set privileges. Error: %s\n", nt_errstr(hnd->status)); - goto done; - } - -done: - talloc_destroy(mem_ctx); - cac_FreeHandle(hnd); - - return 0; - -} - diff --git a/examples/libmsrpc/test/lsa/lsaq.c b/examples/libmsrpc/test/lsa/lsaq.c deleted file mode 100644 index 54c1849bfd..0000000000 --- a/examples/libmsrpc/test/lsa/lsaq.c +++ /dev/null @@ -1,245 +0,0 @@ -/* connects to an LSA, asks for a list of server names, prints out their sids, then looks up their names from the sids and prints them out again - * if you run as lsaq -p, then it will simulate a partial success for cac_GetNamesFromSids. It will try to lookup the server's local and domain sids - */ - - -#include "libmsrpc.h" -#include "includes.h" - -void fill_conn_info(CacServerHandle *hnd) { - pstring domain; - pstring username; - pstring password; - pstring server; - - fprintf(stdout, "Enter domain name: "); - fscanf(stdin, "%s", domain); - - fprintf(stdout, "Enter username: "); - fscanf(stdin, "%s", username); - - fprintf(stdout, "Enter password (no input masking): "); - fscanf(stdin, "%s", password); - - fprintf(stdout, "Enter server (ip or name): "); - fscanf(stdin, "%s", server); - - hnd->domain = SMB_STRDUP(domain); - hnd->username = SMB_STRDUP(username); - hnd->password = SMB_STRDUP(password); - hnd->server = SMB_STRDUP(server); -} - -void get_server_names(TALLOC_CTX *mem_ctx, int *num_names, char ***names) { - int i = 0; - pstring tmp; - - fprintf(stdout, "How many names do you want to lookup?: "); - fscanf(stdin, "%d", num_names); - - *names = TALLOC_ARRAY(mem_ctx, char *, *num_names); - if(*names == NULL) { - fprintf(stderr, "No memory for allocation\n"); - exit(-1); - } - - for(i = 0; i < *num_names; i++) { - fprintf(stdout, "Enter name: "); - fscanf(stdin, "%s", tmp); - (*names)[i] = talloc_strdup(mem_ctx, tmp); - } -} - -int main(int argc, char **argv) { - int i; - int result; - char **names; - int num_names; - int num_sids; - CacServerHandle *hnd = NULL; - POLICY_HND *lsa_pol = NULL; - TALLOC_CTX *mem_ctx = NULL; - - DOM_SID *sid_buf = NULL; - - BOOL sim_partial = False; - - if(argc > 1 && strcmp(argv[1], "-p") == 0) - sim_partial = True; - - mem_ctx = talloc_init("lsaq"); - - hnd = cac_NewServerHandle(False); - - fill_conn_info(hnd); - - get_server_names(mem_ctx, &num_names, &names); - - /*connect to the PDC and open a LSA handle*/ - if(!cac_Connect(hnd, NULL)) { - fprintf(stderr, "Could not connect to server.\n Error %s.\n", nt_errstr(hnd->status)); - cac_FreeHandle(hnd); - exit(-1); - } - - fprintf(stdout, "Connected to server: %s\n", hnd->server); - - struct LsaOpenPolicy lop; - ZERO_STRUCT(lop); - - lop.in.access = SEC_RIGHT_MAXIMUM_ALLOWED; - lop.in.security_qos = True; - - if(!cac_LsaOpenPolicy(hnd, mem_ctx, &lop)) { - fprintf(stderr, "Could not get lsa policy handle.\n Error: %s\n", nt_errstr(hnd->status)); - cac_FreeHandle(hnd); - exit(-1); - } - - fprintf(stdout, "Opened Policy Handle\n"); - - /*just to make things neater*/ - lsa_pol = lop.out.pol; - - /*fetch the local sid and domain sid for the pdc*/ - - struct LsaFetchSid fsop; - ZERO_STRUCT(fsop); - - fsop.in.pol = lsa_pol; - fsop.in.info_class = (CAC_LOCAL_INFO|CAC_DOMAIN_INFO); - - fprintf(stdout, "fetching SID info for %s\n", hnd->server); - - result = cac_LsaFetchSid(hnd, mem_ctx, &fsop); - if(!result) { - fprintf(stderr, "Could not get sid for server: %s\n. Error: %s\n", hnd->server, nt_errstr(hnd->status)); - cac_FreeHandle(hnd); - talloc_destroy(mem_ctx); - exit(-1); - } - - if(result == CAC_PARTIAL_SUCCESS) { - fprintf(stdout, "could not retrieve both domain and local information\n"); - } - - - fprintf(stdout, "Fetched SID info for %s\n", hnd->server); - if(fsop.out.local_sid != NULL) - fprintf(stdout, " domain: %s. Local SID: %s\n", fsop.out.local_sid->domain, sid_string_static(&fsop.out.local_sid->sid)); - - if(fsop.out.domain_sid != NULL) - fprintf(stdout, " domain: %s, Domain SID: %s\n", fsop.out.domain_sid->domain, sid_string_static(&fsop.out.domain_sid->sid)); - - fprintf(stdout, "\nAttempting to query info policy\n"); - - struct LsaQueryInfoPolicy qop; - ZERO_STRUCT(qop); - - qop.in.pol = lsa_pol; - - if(!cac_LsaQueryInfoPolicy(hnd, mem_ctx, &qop)) { - fprintf(stderr, "Could not query information policy!.\n Error: %s\n", nt_errstr(hnd->status)); - goto done; - } - - fprintf(stdout, "Query result: \n"); - fprintf(stdout, " domain name: %s\n", qop.out.domain_name); - fprintf(stdout, " dns name: %s\n", qop.out.dns_name); - fprintf(stdout, " forest name: %s\n", qop.out.forest_name); - fprintf(stdout, " domain guid: %s\n", smb_uuid_string_static(*qop.out.domain_guid)); - fprintf(stdout, " domain sid: %s\n", sid_string_static(qop.out.domain_sid)); - - fprintf(stdout, "\nLooking up sids\n"); - - struct LsaGetSidsFromNames gsop; - ZERO_STRUCT(gsop); - - gsop.in.pol = lsa_pol; - gsop.in.num_names = num_names; - gsop.in.names = names; - - result = cac_LsaGetSidsFromNames(hnd, mem_ctx, &gsop); - - if(!result) { - fprintf(stderr, "Could not lookup any sids!\n Error: %s\n", nt_errstr(hnd->status)); - goto done; - } - - if(result == CAC_PARTIAL_SUCCESS) { - fprintf(stdout, "Not all names could be looked up.\nThe following names were not found:\n"); - - for(i = 0; i < (num_names - gsop.out.num_found); i++) { - fprintf(stdout, " %s\n", gsop.out.unknown[i]); - } - - fprintf(stdout, "\n"); - } - - /*buffer the sids so we can look them up back to names*/ - num_sids = (sim_partial) ? gsop.out.num_found + 2: gsop.out.num_found; - sid_buf = TALLOC_ARRAY(mem_ctx, DOM_SID, num_sids); - - fprintf(stdout, "%d names were resolved: \n", gsop.out.num_found); - - - i = 0; - while(i < gsop.out.num_found) { - fprintf(stdout, " Name: %s\n SID: %s\n\n", gsop.out.sids[i].name, sid_string_static(&gsop.out.sids[i].sid)); - - sid_buf[i] = gsop.out.sids[i].sid; - - i++; - } - - /*if we want a partial success to occur below, then add the server's SIDs to the end of the array*/ - if(sim_partial) { - sid_buf[i] = fsop.out.local_sid->sid; - sid_buf[i+1] = fsop.out.domain_sid->sid; - } - - fprintf(stdout, "Looking up Names from SIDs\n"); - - struct LsaGetNamesFromSids gnop; - ZERO_STRUCT(gnop); - - gnop.in.pol = lsa_pol; - gnop.in.num_sids = num_sids; - gnop.in.sids = sid_buf; - - result = cac_LsaGetNamesFromSids(hnd, mem_ctx, &gnop); - - if(!result) { - fprintf(stderr, "Could not lookup any names!.\n Error: %s\n", nt_errstr(hnd->status)); - goto done; - } - - if(result == CAC_PARTIAL_SUCCESS) { - fprintf(stdout, "\nNot all SIDs could be looked up.\n. The following SIDs were not found:\n"); - - for(i = 0; i < (num_sids - gnop.out.num_found); i++) { - fprintf(stdout, "SID: %s\n", sid_string_static(&gnop.out.unknown[i])); - } - - fprintf(stdout, "\n"); - } - - fprintf(stdout, "%d SIDs were resolved: \n", gnop.out.num_found); - for(i = 0; i < gnop.out.num_found; i++) { - fprintf(stdout, " SID: %s\n Name: %s\n", sid_string_static(&gnop.out.sids[i].sid), gsop.out.sids[i].name); - } - -done: - - if(!cac_LsaClosePolicy(hnd, mem_ctx, lsa_pol)) { - fprintf(stderr, "Could not close LSA policy handle.\n Error: %s\n", nt_errstr(hnd->status)); - } - else { - fprintf(stdout, "Closed Policy handle.\n"); - } - - cac_FreeHandle(hnd); - talloc_destroy(mem_ctx); - - return 0; -} diff --git a/examples/libmsrpc/test/lsa/lsatrust.c b/examples/libmsrpc/test/lsa/lsatrust.c deleted file mode 100644 index 6ad293f832..0000000000 --- a/examples/libmsrpc/test/lsa/lsatrust.c +++ /dev/null @@ -1,151 +0,0 @@ -/*queries trusted domain information*/ - -#include "libmsrpc.h" -#include "includes.h" - -#define MAX_STRING_LEN 50; - -void print_info(LSA_TRUSTED_DOMAIN_INFO *info) { - switch(info->info_class) { - case CAC_INFO_TRUSTED_DOMAIN_FULL_INFO: - case CAC_INFO_TRUSTED_DOMAIN_INFO_ALL: - printf(" Domain Name: %s\n", unistr2_static(&info->info_ex.domain_name.unistring)); - printf(" Netbios Name: %s\n", unistr2_static(&info->info_ex.netbios_name.unistring)); - printf(" Domain Sid: %s\n", sid_string_static(&info->info_ex.sid.sid)); - printf(" Trust direction: %d\n", info->info_ex.trust_direction); - printf(" Trust Type: %d\n", info->info_ex.trust_type); - printf(" Trust attr: %d\n", info->info_ex.trust_attributes); - printf(" Posix Offset: %d\n", info->posix_offset.posix_offset); - break; - } -} - -int main() { - CacServerHandle *hnd = NULL; - TALLOC_CTX *mem_ctx = NULL; - POLICY_HND *lsa_pol = NULL; - - int i; - - mem_ctx = talloc_init("lsatrust"); - - hnd = cac_NewServerHandle(False); - - /*malloc some memory so get_auth_data_fn can work*/ - hnd->username = SMB_MALLOC_ARRAY(char, sizeof(fstring)); - hnd->domain = SMB_MALLOC_ARRAY(char, sizeof(fstring)); - hnd->netbios_name = SMB_MALLOC_ARRAY(char, sizeof(fstring)); - hnd->password = SMB_MALLOC_ARRAY(char, sizeof(fstring)); - - hnd->server = SMB_MALLOC_ARRAY(char, sizeof(fstring)); - - - printf("Server: "); - fscanf(stdin, "%s", hnd->server); - - printf("Connecting to server....\n"); - - if(!cac_Connect(hnd, NULL)) { - fprintf(stderr, "Could not connect to server.\n Error: %s\n errno %s\n", nt_errstr(hnd->status), strerror(errno)); - cac_FreeHandle(hnd); - exit(-1); - } - - printf("Connected to server\n"); - - struct LsaOpenPolicy lop; - ZERO_STRUCT(lop); - - lop.in.access = SEC_RIGHT_MAXIMUM_ALLOWED; - lop.in.security_qos = True; - - - if(!cac_LsaOpenPolicy(hnd, mem_ctx, &lop)) { - fprintf(stderr, "Could not open policy handle.\n Error: %s\n", nt_errstr(hnd->status)); - cac_FreeHandle(hnd); - exit(-1); - } - - lsa_pol = lop.out.pol; - - printf("Enumerating Trusted Domains\n"); - - struct LsaEnumTrustedDomains etd; - ZERO_STRUCT(etd); - - etd.in.pol = lsa_pol; - - while(cac_LsaEnumTrustedDomains(hnd, mem_ctx, &etd)) { - printf(" Enumerated %d domains\n", etd.out.num_domains); - - for(i = 0; i < etd.out.num_domains; i++) { - printf(" Name: %s\n", etd.out.domain_names[i]); - printf(" SID: %s\n", sid_string_static(&etd.out.domain_sids[i])); - - printf("\n Attempting to open domain...\n"); - - struct LsaOpenTrustedDomain otd; - ZERO_STRUCT(otd); - - otd.in.pol = lsa_pol; - otd.in.domain_sid = &etd.out.domain_sids[i]; - otd.in.access = SEC_RIGHT_MAXIMUM_ALLOWED; - - /*try to query trusted domain info by name*/ - struct LsaQueryTrustedDomainInfo qtd; - ZERO_STRUCT(qtd); - - qtd.in.pol = lsa_pol; - qtd.in.domain_name = etd.out.domain_names[i]; - - - int j; - for(j = 0; j < 100; j++ ) { - qtd.in.info_class = j; - - printf(" Querying trustdom by name\n"); - if(!cac_LsaQueryTrustedDomainInfo(hnd, mem_ctx, &qtd)) { - fprintf(stderr, " could not query trusted domain info.\n Error %s\n", nt_errstr(hnd->status)); - continue; - } - - printf(" info_class %d succeeded\n", j); - printf(" Query result:\n"); - printf(" size %d\n", sizeof(*qtd.out.info)); - } - - /*try to query trusted domain info by SID*/ - printf(" Querying trustdom by sid\n"); - qtd.in.domain_sid = &etd.out.domain_sids[i]; - if(!cac_LsaQueryTrustedDomainInfo(hnd, mem_ctx, &qtd)) { - fprintf(stderr, " could not query trusted domain info.\n Error %s\n", nt_errstr(hnd->status)); - continue; - } - - printf(" Query result:\n"); -/* print_info(qtd.out.info);*/ - - if(CAC_OP_FAILED(hnd->status)) { - fprintf(stderr, " Could not enum sids.\n Error: %s\n", nt_errstr(hnd->status)); - continue; - } - } - - printf("\n"); - } - - if(CAC_OP_FAILED(hnd->status)) { - fprintf(stderr, "Error while enumerating trusted domains.\n Error: %s\n", nt_errstr(hnd->status)); - goto done; - } - -done: - if(!cac_LsaClosePolicy(hnd, mem_ctx, lsa_pol)) { - fprintf(stderr, "Could not close policy handle.\n Error: %s\n", nt_errstr(hnd->status)); - } - - cac_FreeHandle(hnd); - talloc_destroy(mem_ctx); - - return 0; -} |