diff options
Diffstat (limited to 'source3/utils')
| -rw-r--r-- | source3/utils/net_ads.c | 26 | ||||
| -rw-r--r-- | source3/utils/net_dns.c | 26 | ||||
| -rw-r--r-- | source3/utils/net_proto.h | 2 | ||||
| -rw-r--r-- | source3/utils/net_rap.c | 11 | ||||
| -rw-r--r-- | source3/utils/net_registry_util.c | 2 | ||||
| -rw-r--r-- | source3/utils/net_rpc.c | 26 | ||||
| -rw-r--r-- | source3/utils/net_rpc_join.c | 10 | ||||
| -rw-r--r-- | source3/utils/net_rpc_printer.c | 2 | ||||
| -rw-r--r-- | source3/utils/net_rpc_registry.c | 4 | ||||
| -rw-r--r-- | source3/utils/net_rpc_service.c | 49 | ||||
| -rw-r--r-- | source3/utils/net_usershare.c | 4 | ||||
| -rw-r--r-- | source3/utils/net_util.c | 12 | ||||
| -rw-r--r-- | source3/utils/nmblookup.c | 2 | ||||
| -rw-r--r-- | source3/utils/ntlm_auth.c | 8 | ||||
| -rw-r--r-- | source3/utils/pdbedit.c | 23 | ||||
| -rw-r--r-- | source3/utils/sharesec.c | 4 | ||||
| -rw-r--r-- | source3/utils/smbcacls.c | 185 | ||||
| -rw-r--r-- | source3/utils/smbcquotas.c | 6 | ||||
| -rw-r--r-- | source3/utils/status_profile.c | 12 | ||||
| -rw-r--r-- | source3/utils/testparm.c | 25 |
20 files changed, 295 insertions, 144 deletions
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index 7dbe518c3d..4b1aa54731 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -22,6 +22,7 @@ #include "includes.h" #include "utils/net.h" +#include "librpc/gen_ndr/ndr_krb5pac.h" #ifdef HAVE_ADS @@ -43,7 +44,7 @@ static const char *assume_own_realm(struct net_context *c) static int net_ads_cldap_netlogon(struct net_context *c, ADS_STRUCT *ads) { char addr[INET6_ADDRSTRLEN]; - struct nbt_cldap_netlogon_5 reply; + struct NETLOGON_SAM_LOGON_RESPONSE_EX reply; print_sockaddr(addr, sizeof(addr), &ads->ldap.ss); if ( !ads_cldap_netlogon_5(talloc_tos(), addr, ads->server.realm, &reply ) ) { @@ -55,19 +56,19 @@ static int net_ads_cldap_netlogon(struct net_context *c, ADS_STRUCT *ads) addr); d_printf("Response Type: "); - switch (reply.type) { - case SAMLOGON_AD_UNK_R: - d_printf("SAMLOGON\n"); + switch (reply.command) { + case LOGON_SAM_LOGON_USER_UNKNOWN_EX: + d_printf("LOGON_SAM_LOGON_USER_UNKNOWN_EX\n"); break; - case SAMLOGON_AD_R: - d_printf("SAMLOGON_USER\n"); + case LOGON_SAM_LOGON_RESPONSE_EX: + d_printf("LOGON_SAM_LOGON_RESPONSE_EX\n"); break; default: - d_printf("0x%x\n", reply.type); + d_printf("0x%x\n", reply.command); break; } - d_printf("GUID: %s\n", smb_uuid_string(talloc_tos(), reply.domain_uuid)); + d_printf("GUID: %s\n", GUID_string(talloc_tos(), &reply.domain_uuid)); d_printf("Flags:\n" "\tIs a PDC: %s\n" @@ -182,7 +183,8 @@ static int net_ads_info(struct net_context *c, int argc, const char **argv) d_printf("Realm: %s\n", ads->config.realm); d_printf("Bind Path: %s\n", ads->config.bind_path); d_printf("LDAP port: %d\n", ads->ldap.port); - d_printf("Server time: %s\n", http_timestring(ads->config.current_time)); + d_printf("Server time: %s\n", + http_timestring(talloc_tos(), ads->config.current_time)); d_printf("KDC server: %s\n", ads->auth.kdc_server ); d_printf("Server time offset: %d\n", ads->auth.time_offset ); @@ -359,7 +361,7 @@ static int net_ads_workgroup(struct net_context *c, int argc, const char **argv) { ADS_STRUCT *ads; char addr[INET6_ADDRSTRLEN]; - struct nbt_cldap_netlogon_5 reply; + struct NETLOGON_SAM_LOGON_RESPONSE_EX reply; if (c->display_usage) { d_printf("Usage:\n" @@ -479,7 +481,7 @@ static int ads_user_add(struct net_context *c, int argc, const char **argv) asprintf(&upn, "%s@%s", argv[0], ads->config.realm); status = ads_krb5_set_password(ads->auth.kdc_server, upn, argv[1], ads->auth.time_offset); - safe_free(upn); + SAFE_FREE(upn); if (ADS_ERR_OK(status)) { d_printf("User %s added\n", argv[0]); rc = 0; @@ -533,7 +535,7 @@ static int ads_user_info(struct net_context *c, int argc, const char **argv) asprintf(&searchstring, "(sAMAccountName=%s)", escaped_user); rc = ads_search(ads, &res, searchstring, attrs); - safe_free(searchstring); + SAFE_FREE(searchstring); if (!ADS_ERR_OK(rc)) { d_fprintf(stderr, "ads_search: %s\n", ads_errstr(rc)); diff --git a/source3/utils/net_dns.c b/source3/utils/net_dns.c index 14d45e2b0f..4e617a1968 100644 --- a/source3/utils/net_dns.c +++ b/source3/utils/net_dns.c @@ -145,14 +145,14 @@ error: int get_my_ip_address( struct sockaddr_storage **pp_ss ) { - struct iface_struct nics[MAX_INTERFACES]; int i, n; struct sockaddr_storage *list = NULL; int count = 0; - /* find the first non-loopback address from our list of interfaces */ + /* Honor the configured list of interfaces to register */ - n = get_interfaces(nics, MAX_INTERFACES); + load_interfaces(); + n = iface_count(); if (n <= 0) { return -1; @@ -163,19 +163,17 @@ int get_my_ip_address( struct sockaddr_storage **pp_ss ) } for ( i=0; i<n; i++ ) { - if (is_loopback_addr(&nics[i].ip)) { + const struct sockaddr_storage *nic_sa_storage = NULL; + + if ((nic_sa_storage = iface_n_sockaddr_storage(i)) == NULL) + continue; + + /* Don't register loopback addresses */ + if (is_loopback_addr(nic_sa_storage)) { continue; } -#if defined(HAVE_IPV6) - if ((nics[i].ip.ss_family == AF_INET6)) { - memcpy(&list[count++], &nics[i].ip, - sizeof(struct sockaddr_storage)); - } else -#endif - if (nics[i].ip.ss_family == AF_INET) { - memcpy(&list[count++], &nics[i].ip, - sizeof(struct sockaddr_storage)); - } + + memcpy(&list[count++], nic_sa_storage, sizeof(struct sockaddr_storage)); } *pp_ss = list; diff --git a/source3/utils/net_proto.h b/source3/utils/net_proto.h index 1e355e54a3..ee4388f157 100644 --- a/source3/utils/net_proto.h +++ b/source3/utils/net_proto.h @@ -471,6 +471,8 @@ int net_run_function(struct net_context *c, int argc, const char **argv, const char *whoami, struct functable *table); void net_display_usage_from_functable(struct functable *table); +const char *net_share_type_str(int num_type); + /* The following definitions come from utils/netlookup.c */ NTSTATUS net_lookup_name_from_sid(struct net_context *c, diff --git a/source3/utils/net_rap.c b/source3/utils/net_rap.c index 883524dc2d..32f4dd31b4 100644 --- a/source3/utils/net_rap.c +++ b/source3/utils/net_rap.c @@ -34,13 +34,6 @@ #define ERRMSG_BOTH_SERVER_IPADDRESS "\nTarget server and IP address both "\ "specified. Do not set both at the same time. The target IP address was used\n" -const char *share_type[] = { - "Disk", - "Print", - "Dev", - "IPC" -}; - static int errmsg_not_implemented(void) { d_printf("\nNot implemented\n"); @@ -201,7 +194,7 @@ static void long_share_fn(const char *share_name, uint32 type, const char *comment, void *state) { d_printf("%-12s %-8.8s %-50s\n", - share_name, share_type[type], comment); + share_name, net_share_type_str(type), comment); } static void share_fn(const char *share_name, uint32 type, @@ -388,7 +381,7 @@ static void display_conns_func(uint16 conn_id, uint16 conn_type, uint16 opens, const char *username, const char *netname) { d_printf("%-14.14s %-8.8s %5d\n", - netname, share_type[conn_type], opens); + netname, net_share_type_str(conn_type), opens); } static int rap_session_info(struct net_context *c, int argc, const char **argv) diff --git a/source3/utils/net_registry_util.c b/source3/utils/net_registry_util.c index 278377867a..cd291b5c74 100644 --- a/source3/utils/net_registry_util.c +++ b/source3/utils/net_registry_util.c @@ -27,7 +27,7 @@ void print_registry_key(const char *keyname, NTTIME *modtime) d_printf("Keyname = %s\n", keyname); d_printf("Modtime = %s\n", modtime - ? http_timestring(nt_time_to_unix(*modtime)) + ? http_timestring(talloc_tos(), nt_time_to_unix(*modtime)) : "None"); d_printf("\n"); } diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index a849ec4c10..5f5a21dfbb 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -26,8 +26,6 @@ static int net_mode_share; static bool sync_files(struct copy_clistate *cp_clistate, const char *mask); -extern const char *share_type[]; - /** * @file net_rpc.c * @@ -506,13 +504,13 @@ NTSTATUS rpc_info_internals(struct net_context *c, 2, &info); if (NT_STATUS_IS_OK(result)) { - d_printf("Domain Name: %s\n", info->info2.domain_name.string); + d_printf("Domain Name: %s\n", info->general.domain_name.string); d_printf("Domain SID: %s\n", sid_str); d_printf("Sequence number: %llu\n", - (unsigned long long)info->info2.sequence_num); - d_printf("Num users: %u\n", info->info2.num_users); - d_printf("Num domain groups: %u\n", info->info2.num_groups); - d_printf("Num local groups: %u\n", info->info2.num_aliases); + (unsigned long long)info->general.sequence_num); + d_printf("Num users: %u\n", info->general.num_users); + d_printf("Num domain groups: %u\n", info->general.num_groups); + d_printf("Num local groups: %u\n", info->general.num_aliases); } done: @@ -2876,7 +2874,7 @@ static void display_share_info_1(struct net_context *c, if (c->opt_long_list_entries) { d_printf("%-12s %-8.8s %-50s\n", r->shi1_netname, - share_type[r->shi1_type & ~(STYPE_TEMPORARY|STYPE_HIDDEN)], + net_share_type_str(r->shi1_type & ~(STYPE_TEMPORARY|STYPE_HIDDEN)), r->shi1_remark); } else { d_printf("%s\n", r->shi1_netname); @@ -5014,8 +5012,7 @@ NTSTATUS rpc_init_shutdown_internals(struct net_context *c, NTSTATUS result = NT_STATUS_UNSUCCESSFUL; const char *msg = "This machine will be shutdown shortly"; uint32 timeout = 20; - struct initshutdown_String msg_string; - struct initshutdown_String_sub s; + struct lsa_StringLarge msg_string; if (c->opt_comment) { msg = c->opt_comment; @@ -5024,8 +5021,7 @@ NTSTATUS rpc_init_shutdown_internals(struct net_context *c, timeout = c->opt_timeout; } - s.name = msg; - msg_string.name = &s; + msg_string.string = msg; /* create an entry */ result = rpccli_initshutdown_Init(pipe_hnd, mem_ctx, NULL, @@ -5069,16 +5065,14 @@ NTSTATUS rpc_reg_shutdown_internals(struct net_context *c, { const char *msg = "This machine will be shutdown shortly"; uint32 timeout = 20; - struct initshutdown_String msg_string; - struct initshutdown_String_sub s; + struct lsa_StringLarge msg_string; NTSTATUS result; WERROR werr; if (c->opt_comment) { msg = c->opt_comment; } - s.name = msg; - msg_string.name = &s; + msg_string.string = msg; if (c->opt_timeout) { timeout = c->opt_timeout; diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c index 5bc38f979f..2fe464a000 100644 --- a/source3/utils/net_rpc_join.c +++ b/source3/utils/net_rpc_join.c @@ -330,12 +330,8 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv) /* Create a random machine account password */ - { - char *str; - str = generate_random_str(DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH); - clear_trust_password = SMB_STRDUP(str); - E_md4hash(clear_trust_password, md4_trust_password); - } + clear_trust_password = generate_random_str(talloc_tos(), DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH); + E_md4hash(clear_trust_password, md4_trust_password); /* Set password on machine account */ @@ -468,7 +464,7 @@ done: cli_shutdown(cli); - SAFE_FREE(clear_trust_password); + TALLOC_FREE(clear_trust_password); return retval; } diff --git a/source3/utils/net_rpc_printer.c b/source3/utils/net_rpc_printer.c index f4b305d4ab..ddd18a7b9f 100644 --- a/source3/utils/net_rpc_printer.c +++ b/source3/utils/net_rpc_printer.c @@ -2482,7 +2482,7 @@ NTSTATUS rpc_printer_migrate_settings_internals(struct net_context *c, TALLOC_FREE( reg_ctr ); } - safe_free(keylist); + SAFE_FREE(keylist); /* close printer handles here */ if (got_hnd_src) { diff --git a/source3/utils/net_rpc_registry.c b/source3/utils/net_rpc_registry.c index 124af00b57..4a39043768 100644 --- a/source3/utils/net_rpc_registry.c +++ b/source3/utils/net_rpc_registry.c @@ -272,7 +272,7 @@ static NTSTATUS registry_enumvalues(TALLOC_CTX *ctx, uint32 value_length; char n; - struct winreg_ValNameBuf name_buf; + struct winreg_StringBuf name_buf; WERROR err; n = '\0'; @@ -1186,7 +1186,7 @@ static NTSTATUS rpc_registry_getsd_internal(struct net_context *c, blob.data = sd->data; blob.length = sd->size; - ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, &sec_desc, + ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, NULL, &sec_desc, (ndr_pull_flags_fn_t)ndr_pull_security_descriptor); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { status = ndr_map_error2ntstatus(ndr_err); diff --git a/source3/utils/net_rpc_service.c b/source3/utils/net_rpc_service.c index d1349a903d..133173116c 100644 --- a/source3/utils/net_rpc_service.c +++ b/source3/utils/net_rpc_service.c @@ -264,8 +264,9 @@ static NTSTATUS rpc_service_status_internal(struct net_context *c, WERROR result = WERR_GENERAL_FAILURE; NTSTATUS status; SERVICE_STATUS service_status; - SERVICE_CONFIG config; - fstring ascii_string; + struct QUERY_SERVICE_CONFIG config; + uint32_t buf_size = sizeof(config); + uint32_t ret_size = 0; if (argc != 1 ) { d_printf("Usage: net rpc service status <service>\n"); @@ -314,8 +315,23 @@ static NTSTATUS rpc_service_status_internal(struct net_context *c, /* get the config */ - result = rpccli_svcctl_query_config(pipe_hnd, mem_ctx, &hService, &config ); - if ( !W_ERROR_IS_OK(result) ) { + status = rpccli_svcctl_QueryServiceConfigW(pipe_hnd, mem_ctx, + &hService, + &config, + buf_size, + &ret_size, + &result); + if (W_ERROR_EQUAL(result, WERR_INSUFFICIENT_BUFFER)) { + buf_size = ret_size; + status = rpccli_svcctl_QueryServiceConfigW(pipe_hnd, mem_ctx, + &hService, + &config, + buf_size, + &ret_size, + &result); + } + + if (!NT_STATUS_IS_OK(status) || !W_ERROR_IS_OK(result) ) { d_fprintf(stderr, "Query config request failed. [%s]\n", dos_errstr(result)); goto done; } @@ -329,29 +345,24 @@ static NTSTATUS rpc_service_status_internal(struct net_context *c, d_printf("\tError Control = 0x%x\n", config.error_control); d_printf("\tTag ID = 0x%x\n", config.tag_id); - if ( config.executablepath ) { - rpcstr_pull( ascii_string, config.executablepath->buffer, sizeof(ascii_string), -1, STR_TERMINATE ); - d_printf("\tExecutable Path = %s\n", ascii_string); + if (config.executablepath) { + d_printf("\tExecutable Path = %s\n", config.executablepath); } - if ( config.loadordergroup ) { - rpcstr_pull( ascii_string, config.loadordergroup->buffer, sizeof(ascii_string), -1, STR_TERMINATE ); - d_printf("\tLoad Order Group = %s\n", ascii_string); + if (config.loadordergroup) { + d_printf("\tLoad Order Group = %s\n", config.loadordergroup); } - if ( config.dependencies ) { - rpcstr_pull( ascii_string, config.dependencies->buffer, sizeof(ascii_string), -1, STR_TERMINATE ); - d_printf("\tDependencies = %s\n", ascii_string); + if (config.dependencies) { + d_printf("\tDependencies = %s\n", config.dependencies); } - if ( config.startname ) { - rpcstr_pull( ascii_string, config.startname->buffer, sizeof(ascii_string), -1, STR_TERMINATE ); - d_printf("\tStart Name = %s\n", ascii_string); + if (config.startname) { + d_printf("\tStart Name = %s\n", config.startname); } - if ( config.displayname ) { - rpcstr_pull( ascii_string, config.displayname->buffer, sizeof(ascii_string), -1, STR_TERMINATE ); - d_printf("\tDisplay Name = %s\n", ascii_string); + if (config.displayname) { + d_printf("\tDisplay Name = %s\n", config.displayname); } done: diff --git a/source3/utils/net_usershare.c b/source3/utils/net_usershare.c index 8f263c636c..ce8e82182e 100644 --- a/source3/utils/net_usershare.c +++ b/source3/utils/net_usershare.c @@ -371,7 +371,7 @@ static int info_fn(struct file_list *fl, void *priv) return -1; } - lines = fd_lines_load(fd, &numlines, 10240); + lines = fd_lines_load(fd, &numlines, 10240, NULL); close(fd); if (lines == NULL) { @@ -385,7 +385,7 @@ static int info_fn(struct file_list *fl, void *priv) &psd, &guest_ok); - file_lines_free(lines); + TALLOC_FREE(lines); if (us_err != USERSHARE_OK) { d_fprintf(stderr, "info_fn: file %s is not a well formed usershare file.\n", diff --git a/source3/utils/net_util.c b/source3/utils/net_util.c index 88850d29df..fbb3c24b03 100644 --- a/source3/utils/net_util.c +++ b/source3/utils/net_util.c @@ -2,6 +2,7 @@ * Unix SMB/CIFS implementation. * Helper routines for net * Copyright (C) Volker Lendecke 2006 + * Copyright (C) Kai Blin 2008 * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -595,3 +596,14 @@ void net_display_usage_from_functable(struct functable *table) d_printf("%s\n", table[i].usage); } } + +const char *net_share_type_str(int num_type) +{ + switch(num_type) { + case 0: return "Disk"; + case 1: return "Print"; + case 2: return "Dev"; + case 3: return "IPC"; + default: return "Unknown"; + } +} diff --git a/source3/utils/nmblookup.c b/source3/utils/nmblookup.c index c04b628b1b..45da3f1e88 100644 --- a/source3/utils/nmblookup.c +++ b/source3/utils/nmblookup.c @@ -219,7 +219,7 @@ static bool query_one(const char *lookup, unsigned int lookup_type) } } - safe_free(ip_list); + free(ip_list); return (ip_list != NULL); } diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c index 4586086d73..0a76761cb2 100644 --- a/source3/utils/ntlm_auth.c +++ b/source3/utils/ntlm_auth.c @@ -1813,7 +1813,7 @@ static void manage_ntlm_server_1_request(struct ntlm_auth_state *state, if (ntlm_server_1_lm_session_key && (memcmp(zeros, lm_key, sizeof(lm_key)) != 0)) { - hex_lm_key = hex_encode(NULL, + hex_lm_key = hex_encode_talloc(NULL, (const unsigned char *)lm_key, sizeof(lm_key)); x_fprintf(x_stdout, "LANMAN-Session-Key: %s\n", hex_lm_key); @@ -1823,7 +1823,7 @@ static void manage_ntlm_server_1_request(struct ntlm_auth_state *state, if (ntlm_server_1_user_session_key && (memcmp(zeros, user_session_key, sizeof(user_session_key)) != 0)) { - hex_user_session_key = hex_encode(NULL, + hex_user_session_key = hex_encode_talloc(NULL, (const unsigned char *)user_session_key, sizeof(user_session_key)); x_fprintf(x_stdout, "User-Session-Key: %s\n", hex_user_session_key); @@ -2262,7 +2262,7 @@ static bool check_auth_crap(void) if (request_lm_key && (memcmp(zeros, lm_key, sizeof(lm_key)) != 0)) { - hex_lm_key = hex_encode(NULL, (const unsigned char *)lm_key, + hex_lm_key = hex_encode_talloc(NULL, (const unsigned char *)lm_key, sizeof(lm_key)); x_fprintf(x_stdout, "LM_KEY: %s\n", hex_lm_key); TALLOC_FREE(hex_lm_key); @@ -2270,7 +2270,7 @@ static bool check_auth_crap(void) if (request_user_session_key && (memcmp(zeros, user_session_key, sizeof(user_session_key)) != 0)) { - hex_user_session_key = hex_encode(NULL, (const unsigned char *)user_session_key, + hex_user_session_key = hex_encode_talloc(NULL, (const unsigned char *)user_session_key, sizeof(user_session_key)); x_fprintf(x_stdout, "NT_KEY: %s\n", hex_user_session_key); TALLOC_FREE(hex_user_session_key); diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index e1d6709073..6a7189e636 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -235,7 +235,7 @@ static int print_sam_info (struct samu *sam_pwent, bool verbosity, bool smbpwdst uid_t uid; time_t tmp; - /* TODO: chaeck if entry is a user or a workstation */ + /* TODO: check if entry is a user or a workstation */ if (!sam_pwent) return -1; if (verbosity) { @@ -260,25 +260,32 @@ static int print_sam_info (struct samu *sam_pwent, bool verbosity, bool smbpwdst printf ("Munged dial: %s\n", pdb_get_munged_dial(sam_pwent)); tmp = pdb_get_logon_time(sam_pwent); - printf ("Logon time: %s\n", tmp ? http_timestring(tmp) : "0"); + printf ("Logon time: %s\n", + tmp ? http_timestring(talloc_tos(), tmp) : "0"); tmp = pdb_get_logoff_time(sam_pwent); - printf ("Logoff time: %s\n", tmp ? http_timestring(tmp) : "0"); + printf ("Logoff time: %s\n", + tmp ? http_timestring(talloc_tos(), tmp) : "0"); tmp = pdb_get_kickoff_time(sam_pwent); - printf ("Kickoff time: %s\n", tmp ? http_timestring(tmp) : "0"); + printf ("Kickoff time: %s\n", + tmp ? http_timestring(talloc_tos(), tmp) : "0"); tmp = pdb_get_pass_last_set_time(sam_pwent); - printf ("Password last set: %s\n", tmp ? http_timestring(tmp) : "0"); + printf ("Password last set: %s\n", + tmp ? http_timestring(talloc_tos(), tmp) : "0"); tmp = pdb_get_pass_can_change_time(sam_pwent); - printf ("Password can change: %s\n", tmp ? http_timestring(tmp) : "0"); + printf ("Password can change: %s\n", + tmp ? http_timestring(talloc_tos(), tmp) : "0"); tmp = pdb_get_pass_must_change_time(sam_pwent); - printf ("Password must change: %s\n", tmp ? http_timestring(tmp) : "0"); + printf ("Password must change: %s\n", + tmp ? http_timestring(talloc_tos(), tmp) : "0"); tmp = pdb_get_bad_password_time(sam_pwent); - printf ("Last bad password : %s\n", tmp ? http_timestring(tmp) : "0"); + printf ("Last bad password : %s\n", + tmp ? http_timestring(talloc_tos(), tmp) : "0"); printf ("Bad password count : %d\n", pdb_get_bad_password_count(sam_pwent)); diff --git a/source3/utils/sharesec.c b/source3/utils/sharesec.c index 9409690c8b..3ad949a6d3 100644 --- a/source3/utils/sharesec.c +++ b/source3/utils/sharesec.c @@ -153,7 +153,7 @@ static bool parse_ace(SEC_ACE *ace, const char *orig_str) unsigned int aflags = 0; unsigned int amask = 0; DOM_SID sid; - SEC_ACCESS mask; + uint32_t mask; const struct perm_value *v; char *str = SMB_STRDUP(orig_str); TALLOC_CTX *frame = talloc_stackframe(); @@ -401,7 +401,7 @@ static void sort_acl(SEC_ACL *the_acl) static int change_share_sec(TALLOC_CTX *mem_ctx, const char *sharename, char *the_acl, enum acl_mode mode) { - SEC_DESC *sd; + SEC_DESC *sd = NULL; SEC_DESC *old = NULL; size_t sd_size = 0; uint32 i, j; diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index d488ce2187..10b55014c2 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -23,13 +23,13 @@ #include "includes.h" -static int test_args = False; +static int test_args; #define CREATE_ACCESS_READ READ_CONTROL_ACCESS /* numeric is set when the user wants numeric SIDs and ACEs rather than going via LSA calls to resolve them */ -static int numeric = False; +static int numeric; enum acl_mode {SMB_ACL_SET, SMB_ACL_DELETE, SMB_ACL_MODIFY, SMB_ACL_ADD }; enum chown_mode {REQUEST_NONE, REQUEST_CHOWN, REQUEST_CHGRP}; @@ -179,9 +179,12 @@ static void SidToString(struct cli_state *cli, fstring str, const DOM_SID *sid) return; } - slprintf(str, sizeof(fstring) - 1, "%s%s%s", - domain, lp_winbind_separator(), name); - + if (*domain) { + slprintf(str, sizeof(fstring) - 1, "%s%s%s", + domain, lp_winbind_separator(), name); + } else { + fstrcpy(str, name); + } } /* convert a string to a SID, either numeric or username/group */ @@ -196,6 +199,65 @@ static bool StringToSid(struct cli_state *cli, DOM_SID *sid, const char *str) return NT_STATUS_IS_OK(cli_lsa_lookup_name(cli, str, &type, sid)); } +static void print_ace_flags(FILE *f, uint8_t flags) +{ + char *str = talloc_strdup(NULL, ""); + + if (!str) { + goto out; + } + + if (flags & SEC_ACE_FLAG_OBJECT_INHERIT) { + str = talloc_asprintf(str, "%s%s", + str, "OI|"); + if (!str) { + goto out; + } + } + if (flags & SEC_ACE_FLAG_CONTAINER_INHERIT) { + str = talloc_asprintf(str, "%s%s", + str, "CI|"); + if (!str) { + goto out; + } + } + if (flags & SEC_ACE_FLAG_NO_PROPAGATE_INHERIT) { + str = talloc_asprintf(str, "%s%s", + str, "NP|"); + if (!str) { + goto out; + } + } + if (flags & SEC_ACE_FLAG_INHERIT_ONLY) { + str = talloc_asprintf(str, "%s%s", + str, "IO|"); + if (!str) { + goto out; + } + } + if (flags & SEC_ACE_FLAG_INHERITED_ACE) { + str = talloc_asprintf(str, "%s%s", + str, "I|"); + if (!str) { + goto out; + } + } + /* Ignore define SEC_ACE_FLAG_SUCCESSFUL_ACCESS ( 0x40 ) + and SEC_ACE_FLAG_FAILED_ACCESS ( 0x80 ) as they're + audit ace flags. */ + + if (str[strlen(str)-1] == '|') { + str[strlen(str)-1] = '\0'; + fprintf(f, "/%s/", str); + } else { + fprintf(f, "/0x%x/", flags); + } + TALLOC_FREE(str); + return; + + out: + fprintf(f, "/0x%x/", flags); +} /* print an ACE on a FILE, using either numeric or ascii representation */ static void print_ace(struct cli_state *cli, FILE *f, SEC_ACE *ace) @@ -210,7 +272,7 @@ static void print_ace(struct cli_state *cli, FILE *f, SEC_ACE *ace) fprintf(f, "%s:", sidstr); if (numeric) { - fprintf(f, "%d/%d/0x%08x", + fprintf(f, "%d/0x%x/0x%08x", ace->type, ace->flags, ace->access_mask); return; } @@ -225,9 +287,7 @@ static void print_ace(struct cli_state *cli, FILE *f, SEC_ACE *ace) fprintf(f, "%d", ace->type); } - /* Not sure what flags can be set in a file ACL */ - - fprintf(f, "/%d/", ace->flags); + print_ace_flags(f, ace->flags); /* Standard permissions */ @@ -263,6 +323,37 @@ static void print_ace(struct cli_state *cli, FILE *f, SEC_ACE *ace) } } +static bool parse_ace_flags(const char *str, unsigned int *pflags) +{ + const char *p = str; + *pflags = 0; + + while (*p) { + if (strnequal(p, "OI", 2)) { + *pflags |= SEC_ACE_FLAG_OBJECT_INHERIT; + p += 2; + } else if (strnequal(p, "CI", 2)) { + *pflags |= SEC_ACE_FLAG_CONTAINER_INHERIT; + p += 2; + } else if (strnequal(p, "NP", 2)) { + *pflags |= SEC_ACE_FLAG_NO_PROPAGATE_INHERIT; + p += 2; + } else if (strnequal(p, "IO", 2)) { + *pflags |= SEC_ACE_FLAG_INHERIT_ONLY; + p += 2; + } else if (*p == 'I') { + *pflags |= SEC_ACE_FLAG_INHERITED_ACE; + p += 1; + } else if (*p) { + return false; + } + + if (*p != '|' && *p != '\0') { + return false; + } + } + return true; +} /* parse an ACE in the same format as print_ace() */ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace, @@ -275,7 +366,7 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace, unsigned int aflags = 0; unsigned int amask = 0; DOM_SID sid; - SEC_ACCESS mask; + uint32_t mask; const struct perm_value *v; char *str = SMB_STRDUP(orig_str); TALLOC_CTX *frame = talloc_stackframe(); @@ -335,15 +426,40 @@ static bool parse_ace(struct cli_state *cli, SEC_ACE *ace, /* Only numeric form accepted for flags at present */ - if (!(next_token_talloc(frame, &cp, &tok, "/") && - sscanf(tok, "%i", &aflags))) { - printf("ACE '%s': bad integer flags entry at '%s'\n", + if (!next_token_talloc(frame, &cp, &tok, "/")) { + printf("ACE '%s': bad flags entry at '%s'\n", orig_str, tok); SAFE_FREE(str); TALLOC_FREE(frame); return False; } + if (tok[0] < '0' || tok[0] > '9') { + if (!parse_ace_flags(tok, &aflags)) { + printf("ACE '%s': bad named flags entry at '%s'\n", + orig_str, tok); + SAFE_FREE(str); + TALLOC_FREE(frame); + return False; + } + } else if (strnequal(tok, "0x", 2)) { + if (!sscanf(tok, "%x", &aflags)) { + printf("ACE '%s': bad hex flags entry at '%s'\n", + orig_str, tok); + SAFE_FREE(str); + TALLOC_FREE(frame); + return False; + } + } else { + if (!sscanf(tok, "%i", &aflags)) { + printf("ACE '%s': bad integer flags entry at '%s'\n", + orig_str, tok); + SAFE_FREE(str); + TALLOC_FREE(frame); + return False; + } + } + if (!next_token_talloc(frame, &cp, &tok, "/")) { printf("ACE '%s': missing / at '%s'\n", orig_str, tok); @@ -506,6 +622,7 @@ static void sec_desc_print(struct cli_state *cli, FILE *f, SEC_DESC *sd) uint32 i; fprintf(f, "REVISION:%d\n", sd->revision); + fprintf(f, "CONTROL:0x%x\n", sd->type); /* Print owner and group sid */ @@ -626,29 +743,42 @@ static int owner_set(struct cli_state *cli, enum chown_mode change_mode, } -/* The MSDN is contradictory over the ordering of ACE entries in an ACL. - However NT4 gives a "The information may have been modified by a - computer running Windows NT 5.0" if denied ACEs do not appear before - allowed ACEs. */ +/* The MSDN is contradictory over the ordering of ACE entries in an + ACL. However NT4 gives a "The information may have been modified + by a computer running Windows NT 5.0" if denied ACEs do not appear + before allowed ACEs. At + http://technet.microsoft.com/en-us/library/cc781716.aspx the + canonical order is specified as "Explicit Deny, Explicit Allow, + Inherited ACEs unchanged" */ static int ace_compare(SEC_ACE *ace1, SEC_ACE *ace2) { - if (sec_ace_equal(ace1, ace2)) + if (sec_ace_equal(ace1, ace2)) return 0; - if (ace1->type != ace2->type) + if ((ace1->flags & SEC_ACE_FLAG_INHERITED_ACE) && + !(ace2->flags & SEC_ACE_FLAG_INHERITED_ACE)) + return 1; + if (!(ace1->flags & SEC_ACE_FLAG_INHERITED_ACE) && + (ace2->flags & SEC_ACE_FLAG_INHERITED_ACE)) + return -1; + if ((ace1->flags & SEC_ACE_FLAG_INHERITED_ACE) && + (ace2->flags & SEC_ACE_FLAG_INHERITED_ACE)) + return ace1 - ace2; + + if (ace1->type != ace2->type) return ace2->type - ace1->type; - if (sid_compare(&ace1->trustee, &ace2->trustee)) + if (sid_compare(&ace1->trustee, &ace2->trustee)) return sid_compare(&ace1->trustee, &ace2->trustee); - if (ace1->flags != ace2->flags) + if (ace1->flags != ace2->flags) return ace1->flags - ace2->flags; - if (ace1->access_mask != ace2->access_mask) + if (ace1->access_mask != ace2->access_mask) return ace1->access_mask - ace2->access_mask; - if (ace1->size != ace2->size) + if (ace1->size != ace2->size) return ace1->size - ace2->size; return memcmp(ace1, ace2, sizeof(SEC_ACE)); @@ -677,6 +807,7 @@ static void sort_acl(SEC_ACL *the_acl) /***************************************************** set the ACLs on a file given an ascii description *******************************************************/ + static int cacl_set(struct cli_state *cli, char *filename, char *the_acl, enum acl_mode mode) { @@ -730,7 +861,7 @@ static int cacl_set(struct cli_state *cli, char *filename, } if (!found) { - printf("ACL for ACE:"); + printf("ACL for ACE:"); print_ace(cli, stdout, &sd->dacl->aces[i]); printf(" not found\n"); } @@ -762,7 +893,7 @@ static int cacl_set(struct cli_state *cli, char *filename, old->owner_sid = sd->owner_sid; } - if (sd->group_sid) { + if (sd->group_sid) { old->group_sid = sd->group_sid; } @@ -895,8 +1026,8 @@ static struct cli_state *connect_one(const char *server, const char *share) { "set", 'S', POPT_ARG_STRING, NULL, 'S', "Set acls", "ACLS" }, { "chown", 'C', POPT_ARG_STRING, NULL, 'C', "Change ownership of a file", "USERNAME" }, { "chgrp", 'G', POPT_ARG_STRING, NULL, 'G', "Change group ownership of a file", "GROUPNAME" }, - { "numeric", 0, POPT_ARG_NONE, &numeric, True, "Don't resolve sids or masks to names" }, - { "test-args", 't', POPT_ARG_NONE, &test_args, True, "Test arguments"}, + { "numeric", 0, POPT_ARG_NONE, &numeric, 1, "Don't resolve sids or masks to names" }, + { "test-args", 't', POPT_ARG_NONE, &test_args, 1, "Test arguments"}, POPT_COMMON_SAMBA POPT_COMMON_CONNECTION POPT_COMMON_CREDENTIALS diff --git a/source3/utils/smbcquotas.c b/source3/utils/smbcquotas.c index 11f8776a0e..b769c2bce0 100644 --- a/source3/utils/smbcquotas.c +++ b/source3/utils/smbcquotas.c @@ -180,11 +180,7 @@ static int parse_quota_set(TALLOC_CTX *ctx, switch (todo) { case PARSE_LIM: -#if defined(HAVE_LONGLONG) - if (sscanf(p,"%llu/%llu",&pqt->softlim,&pqt->hardlim)!=2) { -#else - if (sscanf(p,"%lu/%lu",&pqt->softlim,&pqt->hardlim)!=2) { -#endif + if (sscanf(p,"%"PRIu64"/%"PRIu64,&pqt->softlim,&pqt->hardlim)!=2) { return -1; } diff --git a/source3/utils/status_profile.c b/source3/utils/status_profile.c index 48814fedea..a51537d3da 100644 --- a/source3/utils/status_profile.c +++ b/source3/utils/status_profile.c @@ -423,12 +423,12 @@ bool status_profile_dump(bool verbose) static int print_count_samples( const struct profile_stats * const current, const struct profile_stats * const last, - SMB_BIG_UINT delta_usec) + uint64_t delta_usec) { int i; int count = 0; unsigned step; - SMB_BIG_UINT spent; + uint64_t spent; int delta_sec; const char * name; char buf[40]; @@ -467,13 +467,13 @@ static int print_count_samples( } static struct profile_stats sample_data[2]; -static SMB_BIG_UINT sample_time[2]; +static uint64_t sample_time[2]; bool status_profile_rates(bool verbose) { - SMB_BIG_UINT remain_usec; - SMB_BIG_UINT next_usec; - SMB_BIG_UINT delta_usec; + uint64_t remain_usec; + uint64_t next_usec; + uint64_t delta_usec; int last = 0; int current = 1; diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c index 527db2d805..da129cf7c0 100644 --- a/source3/utils/testparm.c +++ b/source3/utils/testparm.c @@ -56,7 +56,7 @@ cannot be set in the smb.conf file. nmbd will abort with this setting.\n"); ret = 1; } - if (!directory_exist(lp_lockdir(), &st)) { + if (!directory_exist_stat(lp_lockdir(), &st)) { fprintf(stderr, "ERROR: lock directory %s does not exist\n", lp_lockdir()); ret = 1; @@ -66,7 +66,7 @@ cannot be set in the smb.conf file. nmbd will abort with this setting.\n"); ret = 1; } - if (!directory_exist(lp_piddir(), &st)) { + if (!directory_exist_stat(lp_piddir(), &st)) { fprintf(stderr, "ERROR: pid directory %s does not exist\n", lp_piddir()); ret = 1; @@ -329,9 +329,12 @@ rameter is ignored when using CUPS libraries.\n", cname = poptGetArg(pc); caddr = poptGetArg(pc); + poptFreeContext(pc); + if ( cname && ! caddr ) { printf ( "ERROR: You must specify both a machine name and an IP address.\n" ); - return(1); + ret = 1; + goto done; } if (new_local_machine) { @@ -346,7 +349,8 @@ rameter is ignored when using CUPS libraries.\n", if (!lp_load_with_registry_shares(config_file,False,True,False,True)) { fprintf(stderr,"Error loading services.\n"); - return(1); + ret = 1; + goto done; } fprintf(stderr,"Loaded services file OK.\n"); @@ -393,13 +397,15 @@ rameter is ignored when using CUPS libraries.\n", (s=lp_servicenumber(section_name)) == -1) { fprintf(stderr,"Unknown section %s\n", section_name); - return(1); + ret = 1; + goto done; } if (parameter_name) { if (!dump_a_parameter( s, parameter_name, stdout, isGlobal)) { fprintf(stderr,"Parameter %s unknown for section %s\n", parameter_name, section_name); - return(1); + ret = 1; + goto done; } } else { if (isGlobal == True) @@ -407,7 +413,7 @@ rameter is ignored when using CUPS libraries.\n", else lp_dump_one(stdout, show_defaults, s); } - return(ret); + goto done; } lp_dump(stdout, show_defaults, lp_numservices()); @@ -428,7 +434,10 @@ rameter is ignored when using CUPS libraries.\n", } } } + +done: + gfree_loadparm(); TALLOC_FREE(frame); - return(ret); + return ret; } |