summaryrefslogtreecommitdiff
path: root/source3/rpcclient
diff options
context:
space:
mode:
Diffstat (limited to 'source3/rpcclient')
-rw-r--r--source3/rpcclient/cmd_lsarpc.c45
-rw-r--r--source3/rpcclient/cmd_netlogon.c9
-rw-r--r--source3/rpcclient/cmd_samr.c24
-rw-r--r--source3/rpcclient/cmd_spoolss.c127
-rw-r--r--source3/rpcclient/cmd_wkssvc.c2
-rw-r--r--source3/rpcclient/rpcclient.c182
6 files changed, 244 insertions, 145 deletions
diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c
index 808ef50a45..db74370bc0 100644
--- a/source3/rpcclient/cmd_lsarpc.c
+++ b/source3/rpcclient/cmd_lsarpc.c
@@ -543,50 +543,6 @@ static NTSTATUS cmd_lsa_enum_acct_rights(struct cli_state *cli,
}
-/* Enumerate the accounts with a specific right */
-
-static NTSTATUS cmd_lsa_enum_acct_with_right(struct cli_state *cli,
- TALLOC_CTX *mem_ctx, int argc,
- const char **argv)
-{
- POLICY_HND dom_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- DOM_SID *sids;
- uint32 count;
- const char *right;
-
- int i;
-
- if (argc != 2 ) {
- printf("Usage: %s <RIGHT>\n", argv[0]);
- return NT_STATUS_OK;
- }
-
- right = argv[1];
-
- result = cli_lsa_open_policy2(cli, mem_ctx, True,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
- &dom_pol);
-
- if (!NT_STATUS_IS_OK(result))
- goto done;
-
- result = cli_lsa_enum_account_with_right(cli, mem_ctx, &dom_pol, right, &count, &sids);
-
- if (!NT_STATUS_IS_OK(result))
- goto done;
-
- printf("found %d SIDs for '%s'\n", count, right);
-
- for (i = 0; i < count; i++) {
- printf("\t%s\n", sid_string_static(&sids[i]));
- }
-
- done:
- return result;
-}
-
-
/* add some privileges to a SID via LsaAddAccountRights */
static NTSTATUS cmd_lsa_add_acct_rights(struct cli_state *cli,
@@ -750,7 +706,6 @@ struct cmd_set lsarpc_commands[] = {
{ "lsaenumsid", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_sids, NULL, PI_LSARPC, "Enumerate the LSA SIDS", "" },
{ "lsaenumprivsaccount", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privsaccounts, NULL, PI_LSARPC, "Enumerate the privileges of an SID", "" },
{ "lsaenumacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_acct_rights, NULL, PI_LSARPC, "Enumerate the rights of an SID", "" },
- { "lsaenumacctwithright",RPC_RTYPE_NTSTATUS, cmd_lsa_enum_acct_with_right,NULL, PI_LSARPC,"Enumerate accounts with a right", "" },
{ "lsaaddacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_add_acct_rights, NULL, PI_LSARPC, "Add rights to an account", "" },
{ "lsaremoveacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_remove_acct_rights, NULL, PI_LSARPC, "Remove rights from an account", "" },
{ "lsalookupprivvalue", RPC_RTYPE_NTSTATUS, cmd_lsa_lookupprivvalue, NULL, PI_LSARPC, "Get a privilege value given its name", "" },
diff --git a/source3/rpcclient/cmd_netlogon.c b/source3/rpcclient/cmd_netlogon.c
index 32fa9c3699..0ec78a0673 100644
--- a/source3/rpcclient/cmd_netlogon.c
+++ b/source3/rpcclient/cmd_netlogon.c
@@ -275,6 +275,7 @@ static NTSTATUS cmd_netlogon_sam_logon(struct cli_state *cli,
const char *username, *password;
uint32 neg_flags = 0x000001ff;
int auth_level = 2;
+ DOM_CRED ret_creds;
/* Check arguments */
@@ -299,7 +300,13 @@ static NTSTATUS cmd_netlogon_sam_logon(struct cli_state *cli,
/* Perform the sam logon */
- result = cli_netlogon_sam_logon(cli, mem_ctx, username, password, logon_type);
+ ZERO_STRUCT(ret_creds);
+
+ result = cli_netlogon_sam_logon(cli, mem_ctx, &ret_creds, username, password, logon_type);
+
+ clnt_deal_with_creds(cli->sess_key, &(cli->clnt_cred), &ret_creds);
+
+ result = cli_netlogon_sam_logon(cli, mem_ctx, &ret_creds, username, password, logon_type);
if (!NT_STATUS_IS_OK(result))
goto done;
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index e2232f0da7..40d01d0f5a 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -288,8 +288,8 @@ static NTSTATUS cmd_samr_query_user(struct cli_state *cli,
sscanf(argv[3], "%x", &access_mask);
- slprintf (server, sizeof(fstring)-1, "\\\\%s", cli->desthost);
- strupper (server);
+ slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->desthost);
+ strupper_m(server);
result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
@@ -396,8 +396,8 @@ static NTSTATUS cmd_samr_query_group(struct cli_state *cli,
if (argc > 3)
sscanf(argv[3], "%x", &access_mask);
- slprintf (server, sizeof(fstring)-1, "\\\\%s", cli->desthost);
- strupper (server);
+ slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->desthost);
+ strupper_m(server);
result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
@@ -458,8 +458,8 @@ static NTSTATUS cmd_samr_query_usergroups(struct cli_state *cli,
if (argc > 2)
sscanf(argv[2], "%x", &access_mask);
- slprintf (server, sizeof(fstring)-1, "\\\\%s", cli->desthost);
- strupper (server);
+ slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->desthost);
+ strupper_m(server);
result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
@@ -524,8 +524,8 @@ static NTSTATUS cmd_samr_query_useraliases(struct cli_state *cli,
if (argc > 3)
sscanf(argv[3], "%x", &access_mask);
- slprintf (server, sizeof(fstring)-1, "\\\\%s", cli->desthost);
- strupper (server);
+ slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->desthost);
+ strupper_m(server);
result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
@@ -587,8 +587,8 @@ static NTSTATUS cmd_samr_query_groupmem(struct cli_state *cli,
if (argc > 2)
sscanf(argv[2], "%x", &access_mask);
- slprintf (server, sizeof(fstring)-1, "\\\\%s", cli->desthost);
- strupper (server);
+ slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->desthost);
+ strupper_m(server);
result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
@@ -1415,8 +1415,8 @@ static NTSTATUS cmd_samr_query_sec_obj(struct cli_state *cli,
sscanf(argv[1], "%i", &user_rid);
}
- slprintf (server, sizeof(fstring)-1, "\\\\%s", cli->desthost);
- strupper (server);
+ slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->desthost);
+ strupper_m(server);
result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
diff --git a/source3/rpcclient/cmd_spoolss.c b/source3/rpcclient/cmd_spoolss.c
index 3ce7f9e6ac..b2fa802e9a 100644
--- a/source3/rpcclient/cmd_spoolss.c
+++ b/source3/rpcclient/cmd_spoolss.c
@@ -54,7 +54,7 @@ static const struct table_node archi_table[]= {
function to do the mapping between the long architecture name and
the short one.
****************************************************************************/
-BOOL get_short_archi(char *short_archi, const char *long_archi)
+static const char *cmd_spoolss_get_short_archi(const char *long_archi)
{
int i=-1;
@@ -66,18 +66,17 @@ BOOL get_short_archi(char *short_archi, const char *long_archi)
if (archi_table[i].long_archi==NULL) {
DEBUGADD(10,("Unknown architecture [%s] !\n", long_archi));
- return False;
+ return NULL;
}
/* this might be client code - but shouldn't this be an fstrcpy etc? */
- StrnCpy (short_archi, archi_table[i].short_archi, strlen(archi_table[i].short_archi));
DEBUGADD(108,("index: [%d]\n", i));
- DEBUGADD(108,("long architecture: [%s]\n", long_archi));
- DEBUGADD(108,("short architecture: [%s]\n", short_archi));
+ DEBUGADD(108,("long architecture: [%s]\n", archi_table[i].long_archi));
+ DEBUGADD(108,("short architecture: [%s]\n", archi_table[i].short_archi));
- return True;
+ return archi_table[i].short_archi;
}
#if 0
@@ -113,10 +112,10 @@ static WERROR cmd_spoolss_open_printer_ex(struct cli_state *cli,
if (!cli)
return WERR_GENERAL_FAILURE;
- slprintf (servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
- strupper (servername);
- fstrcpy (user, cli->user_name);
- fstrcpy (printername, argv[1]);
+ slprintf(servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
+ strupper_m(servername);
+ fstrcpy(user, cli->user_name);
+ fstrcpy(printername, argv[1]);
/* Open the printer handle */
@@ -321,7 +320,7 @@ static WERROR cmd_spoolss_enum_printers(struct cli_state *cli,
fstrcpy(name, argv[2]);
else {
slprintf(name, sizeof(name)-1, "\\\\%s", cli->desthost);
- strupper(name);
+ strupper_m(name);
}
/* Enumerate printers -- Should we enumerate types other
@@ -481,14 +480,14 @@ static WERROR cmd_spoolss_setprinter(struct cli_state *cli,
fstrcpy(comment, argv[2]);
}
- slprintf (servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
- strupper (servername);
- fstrcpy (printername, argv[1]);
- fstrcpy (user, cli->user_name);
+ slprintf(servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
+ strupper_m(servername);
+ fstrcpy(printername, argv[1]);
+ fstrcpy(user, cli->user_name);
/* get a printer handle */
result = cli_spoolss_open_printer_ex(cli, mem_ctx, printername, "",
- MAXIMUM_ALLOWED_ACCESS, servername,
+ PRINTER_ALL_ACCESS, servername,
user, &pol);
if (!W_ERROR_IS_OK(result))
@@ -549,10 +548,10 @@ static WERROR cmd_spoolss_getprinter(struct cli_state *cli,
info_level = atoi(argv[2]);
}
- slprintf (servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
- strupper (servername);
- slprintf (printername, sizeof(printername)-1, "%s\\%s", servername, argv[1]);
- fstrcpy (user, cli->user_name);
+ slprintf(servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
+ strupper_m(servername);
+ slprintf(printername, sizeof(printername)-1, "%s\\%s", servername, argv[1]);
+ fstrcpy(user, cli->user_name);
/* get a printer handle */
@@ -667,14 +666,14 @@ static WERROR cmd_spoolss_getprinterdata(struct cli_state *cli,
/* Open a printer handle */
- slprintf (servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
- strupper (servername);
+ slprintf(servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
+ strupper_m(servername);
if (strncmp(argv[1], ".", sizeof(".")) == 0)
fstrcpy(printername, servername);
else
- slprintf (printername, sizeof(servername)-1, "%s\\%s",
+ slprintf(printername, sizeof(servername)-1, "%s\\%s",
servername, argv[1]);
- fstrcpy (user, cli->user_name);
+ fstrcpy(user, cli->user_name);
/* get a printer handle */
@@ -740,14 +739,14 @@ static WERROR cmd_spoolss_getprinterdataex(struct cli_state *cli,
/* Open a printer handle */
- slprintf (servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
- strupper (servername);
+ slprintf(servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
+ strupper_m(servername);
if (strncmp(argv[1], ".", sizeof(".")) == 0)
fstrcpy(printername, servername);
else
- slprintf (printername, sizeof(printername)-1, "%s\\%s",
+ slprintf(printername, sizeof(printername)-1, "%s\\%s",
servername, argv[1]);
- fstrcpy (user, cli->user_name);
+ fstrcpy(user, cli->user_name);
/* get a printer handle */
@@ -921,10 +920,10 @@ static WERROR cmd_spoolss_getdriver(struct cli_state *cli,
}
/* get the arguments need to open the printer handle */
- slprintf (servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
- strupper (servername);
- fstrcpy (user, cli->user_name);
- fstrcpy (printername, argv[1]);
+ slprintf(servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
+ strupper_m(servername);
+ fstrcpy(user, cli->user_name);
+ fstrcpy(printername, argv[1]);
if (argc == 3)
info_level = atoi(argv[2]);
@@ -1153,7 +1152,7 @@ static char* get_driver_3_param (const char* str, const char* delim, UNISTR* des
parameter because two consecutive delimiters
will not return an empty string. See man strtok(3)
for details */
- if (StrCaseCmp(ptr, "NULL") == 0)
+ if (ptr && (StrCaseCmp(ptr, "NULL") == 0))
ptr = NULL;
if (dest != NULL)
@@ -1227,7 +1226,7 @@ static WERROR cmd_spoolss_addprinterdriver(struct cli_state *cli,
uint32 level = 3;
PRINTER_DRIVER_CTR ctr;
DRIVER_INFO_3 info3;
- fstring arch;
+ const char *arch;
fstring driver_name;
/* parse the command arguements */
@@ -1243,7 +1242,7 @@ static WERROR cmd_spoolss_addprinterdriver(struct cli_state *cli,
/* Fill in the DRIVER_INFO_3 struct */
ZERO_STRUCT(info3);
- if (!get_short_archi(arch, argv[1]))
+ if (!(arch = cmd_spoolss_get_short_archi(argv[1])))
{
printf ("Error Unknown architechture [%s]\n", argv[1]);
return WERR_INVALID_PARAM;
@@ -1289,8 +1288,8 @@ static WERROR cmd_spoolss_addprinterex(struct cli_state *cli,
return WERR_OK;
}
- slprintf (servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
- strupper (servername);
+ slprintf(servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
+ strupper_m(servername);
/* Fill in the DRIVER_INFO_3 struct */
ZERO_STRUCT(info2);
@@ -1351,10 +1350,10 @@ static WERROR cmd_spoolss_setdriver(struct cli_state *cli,
return WERR_OK;
}
- slprintf (servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
- strupper (servername);
- slprintf (printername, sizeof(printername)-1, "%s\\%s", servername, argv[1]);
- fstrcpy (user, cli->user_name);
+ slprintf(servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
+ strupper_m(servername);
+ slprintf(printername, sizeof(printername)-1, "%s\\%s", servername, argv[1]);
+ fstrcpy(user, cli->user_name);
/* Get a printer handle */
@@ -1422,8 +1421,8 @@ static WERROR cmd_spoolss_deletedriver(struct cli_state *cli,
return WERR_OK;
}
- slprintf (servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
- strupper (servername);
+ slprintf(servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
+ strupper_m(servername);
/* delete the driver for all architectures */
for (i=0; archi_table[i].long_archi; i++)
@@ -1466,7 +1465,7 @@ static WERROR cmd_spoolss_getprintprocdir(struct cli_state *cli,
if (asprintf(&servername, "\\\\%s", cli->desthost) < 0)
return WERR_NOMEM;
- strupper(servername);
+ strupper_m(servername);
if (asprintf(&environment, "%s", (argc == 2) ? argv[1] :
PRINTER_DRIVER_ARCHITECTURE) < 0) {
@@ -1512,7 +1511,7 @@ static WERROR cmd_spoolss_addform(struct cli_state *cli, TALLOC_CTX *mem_ctx,
/* Get a printer handle */
asprintf(&servername, "\\\\%s", cli->desthost);
- strupper(servername);
+ strupper_m(servername);
asprintf(&printername, "%s\\%s", servername, argv[1]);
werror = cli_spoolss_open_printer_ex(cli, mem_ctx, printername, "",
@@ -1571,7 +1570,7 @@ static WERROR cmd_spoolss_setform(struct cli_state *cli, TALLOC_CTX *mem_ctx,
/* Get a printer handle */
asprintf(&servername, "\\\\%s", cli->desthost);
- strupper(servername);
+ strupper_m(servername);
asprintf(&printername, "%s\\%s", servername, argv[1]);
werror = cli_spoolss_open_printer_ex(
@@ -1630,7 +1629,7 @@ static WERROR cmd_spoolss_getform(struct cli_state *cli, TALLOC_CTX *mem_ctx,
/* Get a printer handle */
asprintf(&servername, "\\\\%s", cli->desthost);
- strupper(servername);
+ strupper_m(servername);
asprintf(&printername, "%s\\%s", servername, argv[1]);
werror = cli_spoolss_open_printer_ex(
@@ -1692,7 +1691,7 @@ static WERROR cmd_spoolss_deleteform(struct cli_state *cli,
/* Get a printer handle */
asprintf(&servername, "\\\\%s", cli->desthost);
- strupper(servername);
+ strupper_m(servername);
asprintf(&printername, "%s\\%s", servername, argv[1]);
werror = cli_spoolss_open_printer_ex(
@@ -1741,7 +1740,7 @@ static WERROR cmd_spoolss_enum_forms(struct cli_state *cli,
/* Get a printer handle */
asprintf(&servername, "\\\\%s", cli->desthost);
- strupper(servername);
+ strupper_m(servername);
asprintf(&printername, "%s\\%s", servername, argv[1]);
werror = cli_spoolss_open_printer_ex(
@@ -1807,10 +1806,10 @@ static WERROR cmd_spoolss_setprinterdata(struct cli_state *cli,
return WERR_OK;
}
- slprintf (servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
- strupper (servername);
- slprintf (printername, sizeof(servername)-1, "%s\\%s", servername, argv[1]);
- fstrcpy (user, cli->user_name);
+ slprintf(servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
+ strupper_m(servername);
+ slprintf(printername, sizeof(servername)-1, "%s\\%s", servername, argv[1]);
+ fstrcpy(user, cli->user_name);
/* get a printer handle */
result = cli_spoolss_open_printer_ex(cli, mem_ctx, printername, "",
@@ -1930,10 +1929,10 @@ static WERROR cmd_spoolss_enum_jobs(struct cli_state *cli,
/* Open printer handle */
slprintf(servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
- strupper(servername);
+ strupper_m(servername);
fstrcpy(user, cli->user_name);
slprintf(printername, sizeof(servername)-1, "\\\\%s\\", cli->desthost);
- strupper(printername);
+ strupper_m(printername);
pstrcat(printername, argv[1]);
result = cli_spoolss_open_printer_ex(cli, mem_ctx, printername,
@@ -2001,10 +2000,10 @@ static WERROR cmd_spoolss_enum_data( struct cli_state *cli,
/* Open printer handle */
slprintf(servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
- strupper(servername);
+ strupper_m(servername);
fstrcpy(user, cli->user_name);
slprintf(printername, sizeof(printername)-1, "\\\\%s\\", cli->desthost);
- strupper(printername);
+ strupper_m(printername);
pstrcat(printername, argv[1]);
result = cli_spoolss_open_printer_ex(cli, mem_ctx, printername,
@@ -2064,10 +2063,10 @@ static WERROR cmd_spoolss_enum_data_ex( struct cli_state *cli,
/* Open printer handle */
slprintf(servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
- strupper(servername);
+ strupper_m(servername);
fstrcpy(user, cli->user_name);
slprintf(printername, sizeof(printername)-1, "\\\\%s\\", cli->desthost);
- strupper(printername);
+ strupper_m(printername);
pstrcat(printername, argv[1]);
result = cli_spoolss_open_printer_ex(cli, mem_ctx, printername,
@@ -2132,10 +2131,10 @@ static WERROR cmd_spoolss_enum_printerkey( struct cli_state *cli,
/* Open printer handle */
slprintf(servername, sizeof(servername)-1, "\\\\%s", cli->desthost);
- strupper(servername);
+ strupper_m(servername);
fstrcpy(user, cli->user_name);
slprintf(printername, sizeof(printername)-1, "\\\\%s\\", cli->desthost);
- strupper(printername);
+ strupper_m(printername);
pstrcat(printername, argv[1]);
result = cli_spoolss_open_printer_ex(cli, mem_ctx, printername,
@@ -2197,11 +2196,11 @@ static WERROR cmd_spoolss_rffpcnex(struct cli_state *cli,
/* Open printer */
slprintf(servername, sizeof(servername) - 1, "\\\\%s", cli->desthost);
- strupper(servername);
+ strupper_m(servername);
slprintf(printername, sizeof(printername) - 1, "\\\\%s\\%s", cli->desthost,
argv[1]);
- strupper(printername);
+ strupper_m(printername);
result = cli_spoolss_open_printer_ex(
cli, mem_ctx, printername, "", MAXIMUM_ALLOWED_ACCESS,
@@ -2240,7 +2239,7 @@ static WERROR cmd_spoolss_rffpcnex(struct cli_state *cli,
/* Send rffpcnex */
slprintf(servername, sizeof(servername) - 1, "\\\\%s", myhostname());
- strupper(servername);
+ strupper_m(servername);
result = cli_spoolss_rffpcnex(
cli, mem_ctx, &hnd, 0, 0, servername, 123, &option);
diff --git a/source3/rpcclient/cmd_wkssvc.c b/source3/rpcclient/cmd_wkssvc.c
index bb118234c0..137ff3bdae 100644
--- a/source3/rpcclient/cmd_wkssvc.c
+++ b/source3/rpcclient/cmd_wkssvc.c
@@ -44,7 +44,7 @@ void cmd_wks_query_info(struct client_info *info)
fstrcpy(dest_wks, "\\\\");
fstrcat(dest_wks, info->dest_host);
- strupper(dest_wks);
+ strupper_m(dest_wks);
if (next_token_nr(NULL, tmp, NULL, sizeof(tmp)))
{
diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index b01e2d694c..af021962f5 100644
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -37,6 +37,21 @@ static struct cmd_list {
struct cmd_set *cmd_set;
} *cmd_list;
+/*****************************************************************************
+ stubb functions
+****************************************************************************/
+
+void become_root( void )
+{
+ return;
+}
+
+void unbecome_root( void )
+{
+ return;
+}
+
+
/****************************************************************************
handle completion of commands for readline
****************************************************************************/
@@ -304,6 +319,119 @@ static NTSTATUS cmd_quit(struct cli_state *cli, TALLOC_CTX *mem_ctx,
return NT_STATUS_OK; /* NOTREACHED */
}
+static NTSTATUS cmd_sign(struct cli_state *cli, TALLOC_CTX *mem_ctx,
+ int argc, const char **argv)
+{
+ if (cli->pipe_auth_flags == (AUTH_PIPE_NTLMSSP|AUTH_PIPE_SIGN)) {
+ return NT_STATUS_OK;
+ } else {
+ /* still have session, just need to use it again */
+ cli->pipe_auth_flags = AUTH_PIPE_NTLMSSP;
+ cli->pipe_auth_flags |= AUTH_PIPE_SIGN;
+ if (cli->nt_pipe_fnum != 0)
+ cli_nt_session_close(cli);
+ }
+
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS cmd_seal(struct cli_state *cli, TALLOC_CTX *mem_ctx,
+ int argc, const char **argv)
+{
+ if (cli->pipe_auth_flags == (AUTH_PIPE_NTLMSSP|AUTH_PIPE_SIGN|AUTH_PIPE_SEAL)) {
+ return NT_STATUS_OK;
+ } else {
+ /* still have session, just need to use it again */
+ cli->pipe_auth_flags = AUTH_PIPE_NTLMSSP;
+ cli->pipe_auth_flags |= AUTH_PIPE_SIGN;
+ cli->pipe_auth_flags |= AUTH_PIPE_SEAL;
+ if (cli->nt_pipe_fnum != 0)
+ cli_nt_session_close(cli);
+ }
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS cmd_none(struct cli_state *cli, TALLOC_CTX *mem_ctx,
+ int argc, const char **argv)
+{
+ if (cli->pipe_auth_flags == 0) {
+ return NT_STATUS_OK;
+ } else {
+ /* still have session, just need to use it again */
+ cli->pipe_auth_flags = 0;
+ if (cli->nt_pipe_fnum != 0)
+ cli_nt_session_close(cli);
+ }
+ cli->pipe_auth_flags = 0;
+
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS cmd_schannel(struct cli_state *cli, TALLOC_CTX *mem_ctx,
+ int argc, const char **argv)
+{
+ uchar trust_password[16];
+ uint32 sec_channel_type;
+ uint32 neg_flags = 0x000001ff;
+ NTSTATUS result;
+ static uchar zeros[16];
+
+ /* Cleanup */
+
+ if ((memcmp(cli->auth_info.sess_key, zeros, sizeof(cli->auth_info.sess_key)) != 0)
+ && (cli->saved_netlogon_pipe_fnum != 0)) {
+ if (cli->pipe_auth_flags == (AUTH_PIPE_NETSEC|AUTH_PIPE_SIGN|AUTH_PIPE_SEAL)) {
+ return NT_STATUS_OK;
+ } else {
+ /* still have session, just need to use it again */
+ cli->pipe_auth_flags = AUTH_PIPE_NETSEC;
+ cli->pipe_auth_flags |= AUTH_PIPE_SIGN;
+ cli->pipe_auth_flags |= AUTH_PIPE_SEAL;
+ if (cli->nt_pipe_fnum != 0)
+ cli_nt_session_close(cli);
+ }
+ }
+
+ if (cli->nt_pipe_fnum != 0)
+ cli_nt_session_close(cli);
+
+ cli->pipe_auth_flags = 0;
+
+ if (!secrets_fetch_trust_account_password(lp_workgroup(),
+ trust_password,
+ NULL, &sec_channel_type)) {
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ if (!cli_nt_session_open(cli, PI_NETLOGON)) {
+ DEBUG(0, ("Could not initialise %s\n",
+ get_pipe_name_from_index(PI_NETLOGON)));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ neg_flags |= NETLOGON_NEG_SCHANNEL;
+
+ result = cli_nt_setup_creds(cli, sec_channel_type, trust_password,
+ &neg_flags, 2);
+
+ if (!NT_STATUS_IS_OK(result)) {
+ ZERO_STRUCT(cli->auth_info.sess_key);
+ cli->pipe_auth_flags = 0;
+ return result;
+ }
+
+ memcpy(cli->auth_info.sess_key, cli->sess_key,
+ sizeof(cli->auth_info.sess_key));
+
+ cli->saved_netlogon_pipe_fnum = cli->nt_pipe_fnum;
+
+ cli->pipe_auth_flags = AUTH_PIPE_NETSEC;
+ cli->pipe_auth_flags |= AUTH_PIPE_SIGN;
+ cli->pipe_auth_flags |= AUTH_PIPE_SEAL;
+
+ return NT_STATUS_OK;
+}
+
/* Built in rpcclient commands */
static struct cmd_set rpcclient_commands[] = {
@@ -316,6 +444,10 @@ static struct cmd_set rpcclient_commands[] = {
{ "list", RPC_RTYPE_NTSTATUS, cmd_listcommands, NULL, -1, "List available commands on <pipe>", "pipe" },
{ "exit", RPC_RTYPE_NTSTATUS, cmd_quit, NULL, -1, "Exit program", "" },
{ "quit", RPC_RTYPE_NTSTATUS, cmd_quit, NULL, -1, "Exit program", "" },
+ { "sign", RPC_RTYPE_NTSTATUS, cmd_sign, NULL, -1, "Force RPC pipe connections to be signed", "" },
+ { "seal", RPC_RTYPE_NTSTATUS, cmd_seal, NULL, -1, "Force RPC pipe connections to be sealed", "" },
+ { "schannel", RPC_RTYPE_NTSTATUS, cmd_schannel, NULL, -1, "Force RPC pipe connections to be sealed with 'schannel' (NETSEC). Assumes valid machine account to this domain controller.", "" },
+ { "none", RPC_RTYPE_NTSTATUS, cmd_none, NULL, -1, "Force RPC pipe connections to have no special properties", "" },
{ NULL }
};
@@ -377,8 +509,9 @@ static NTSTATUS do_cmd(struct cli_state *cli,
struct cmd_set *cmd_entry,
int argc, char **argv)
{
- NTSTATUS ntresult;
- WERROR wresult;
+ NTSTATUS ntresult;
+ WERROR wresult;
+ uchar trust_password[16];
TALLOC_CTX *mem_ctx;
@@ -386,34 +519,42 @@ static NTSTATUS do_cmd(struct cli_state *cli,
if (!(mem_ctx = talloc_init("do_cmd"))) {
DEBUG(0, ("talloc_init() failed\n"));
- return NT_STATUS_UNSUCCESSFUL;
+ return NT_STATUS_NO_MEMORY;
}
/* Open pipe */
- if (cmd_entry->pipe_idx == PI_NETLOGON) {
- uchar trust_password[16];
- uint32 sec_channel_type;
+ if (cmd_entry->pipe_idx != -1
+ && cmd_entry->pipe_idx != cli->pipe_idx) {
+ if (cli->nt_pipe_fnum != 0)
+ cli_nt_session_close(cli);
+
+ if (!cli_nt_session_open(cli, cmd_entry->pipe_idx)) {
+ DEBUG(0, ("Could not initialise %s\n",
+ get_pipe_name_from_index(cmd_entry->pipe_idx)));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+ }
+ if ((cmd_entry->pipe_idx == PI_NETLOGON) && !(cli->pipe_auth_flags & AUTH_PIPE_NETSEC)) {
+ uint32 neg_flags = 0x000001ff;
+ uint32 sec_channel_type;
+
if (!secrets_fetch_trust_account_password(lp_workgroup(),
trust_password,
NULL, &sec_channel_type)) {
return NT_STATUS_UNSUCCESSFUL;
}
-
- if (!cli_nt_open_netlogon(cli, trust_password,
- sec_channel_type)) {
- DEBUG(0, ("Could not initialise NETLOGON pipe\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
- } else {
- if (cmd_entry->pipe_idx != -1) {
- if (!cli_nt_session_open(cli, cmd_entry->pipe_idx)) {
- DEBUG(0, ("Could not initialise %s\n",
- get_pipe_name_from_index(cmd_entry->pipe_idx)));
- return NT_STATUS_UNSUCCESSFUL;
- }
+
+ ntresult = cli_nt_setup_creds(cli, sec_channel_type,
+ trust_password,
+ &neg_flags, 2);
+ if (!NT_STATUS_IS_OK(ntresult)) {
+ ZERO_STRUCT(cli->auth_info.sess_key);
+ printf("nt_setup_creds failed with %s\n", nt_errstr(ntresult));
+ return ntresult;
}
+
}
/* Run command */
@@ -435,9 +576,6 @@ static NTSTATUS do_cmd(struct cli_state *cli,
/* Cleanup */
- if (cmd_entry->pipe_idx != -1)
- cli_nt_session_close(cli);
-
talloc_destroy(mem_ctx);
return ntresult;