From d1f140a9bac72205823b791aeb26bc28b9916ef6 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 26 Aug 2008 16:14:25 -0700 Subject: Don't ask winbindd if we got a -ve cache entry. Jeremy. (This used to be commit 91f85d0dcaa917b7a90a77852f3a778a0ad99c4d) --- source3/passdb/lookup_sid.c | 42 ++++++++++++++++++++++++++++++++++++++---- 1 file changed, 38 insertions(+), 4 deletions(-) diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c index 4b2edd5d59..a5e3362882 100644 --- a/source3/passdb/lookup_sid.c +++ b/source3/passdb/lookup_sid.c @@ -1296,7 +1296,16 @@ void uid_to_sid(DOM_SID *psid, uid_t uid) /* Check the winbindd cache directly. */ ret = idmap_cache_find_uid2sid(uid, psid, &expired); - if (!ret || expired || (ret && is_null_sid(psid))) { + if (ret && is_null_sid(psid)) { + /* + * Negative cache entry, we already asked. + * do legacy. + */ + legacy_uid_to_sid(psid, uid); + return; + } + + if (!ret || expired) { /* Not in cache. Ask winbindd. */ if (!winbind_uid_to_sid(psid, uid)) { if (!winbind_ping()) { @@ -1333,7 +1342,16 @@ void gid_to_sid(DOM_SID *psid, gid_t gid) /* Check the winbindd cache directly. */ ret = idmap_cache_find_gid2sid(gid, psid, &expired); - if (!ret || expired || (ret && is_null_sid(psid))) { + if (ret && is_null_sid(psid)) { + /* + * Negative cache entry, we already asked. + * do legacy. + */ + legacy_gid_to_sid(psid, gid); + return; + } + + if (!ret || expired) { /* Not in cache. Ask winbindd. */ if (!winbind_gid_to_sid(psid, gid)) { if (!winbind_ping()) { @@ -1387,7 +1405,15 @@ bool sid_to_uid(const DOM_SID *psid, uid_t *puid) /* Check the winbindd cache directly. */ ret = idmap_cache_find_sid2uid(psid, puid, &expired); - if (!ret || expired || (ret && (*puid == (uid_t)-1))) { + if (ret && (*puid == (uid_t)-1)) { + /* + * Negative cache entry, we already asked. + * do legacy. + */ + return legacy_sid_to_uid(psid, puid); + } + + if (!ret || expired) { /* Not in cache. Ask winbindd. */ if (!winbind_sid_to_uid(puid, psid)) { if (!winbind_ping()) { @@ -1443,7 +1469,15 @@ bool sid_to_gid(const DOM_SID *psid, gid_t *pgid) /* Check the winbindd cache directly. */ ret = idmap_cache_find_sid2gid(psid, pgid, &expired); - if (!ret || expired || (ret && (*pgid == (gid_t)-1))) { + if (ret && (*pgid == (gid_t)-1)) { + /* + * Negative cache entry, we already asked. + * do legacy. + */ + return legacy_sid_to_gid(psid, pgid); + } + + if (!ret || expired) { /* Not in cache or negative. Ask winbindd. */ /* Ask winbindd if it can map this sid to a gid. * (Idmap will check it is a valid SID and of the right type) */ -- cgit From dc3f6b0861f83070b32a718d337fc755f5b18fee Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 26 Aug 2008 18:05:34 -0700 Subject: Fix bug spotted by Simo - don't use legacy if expired entry. Jeremy. (This used to be commit a7bbd33139c5835cf32efdbe0ef187117699e3e4) --- source3/passdb/lookup_sid.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c index a5e3362882..3861c8e229 100644 --- a/source3/passdb/lookup_sid.c +++ b/source3/passdb/lookup_sid.c @@ -1296,7 +1296,7 @@ void uid_to_sid(DOM_SID *psid, uid_t uid) /* Check the winbindd cache directly. */ ret = idmap_cache_find_uid2sid(uid, psid, &expired); - if (ret && is_null_sid(psid)) { + if (ret && !expired && is_null_sid(psid)) { /* * Negative cache entry, we already asked. * do legacy. @@ -1342,7 +1342,7 @@ void gid_to_sid(DOM_SID *psid, gid_t gid) /* Check the winbindd cache directly. */ ret = idmap_cache_find_gid2sid(gid, psid, &expired); - if (ret && is_null_sid(psid)) { + if (ret && !expired && is_null_sid(psid)) { /* * Negative cache entry, we already asked. * do legacy. @@ -1405,7 +1405,7 @@ bool sid_to_uid(const DOM_SID *psid, uid_t *puid) /* Check the winbindd cache directly. */ ret = idmap_cache_find_sid2uid(psid, puid, &expired); - if (ret && (*puid == (uid_t)-1)) { + if (ret && !expired && (*puid == (uid_t)-1)) { /* * Negative cache entry, we already asked. * do legacy. @@ -1469,7 +1469,7 @@ bool sid_to_gid(const DOM_SID *psid, gid_t *pgid) /* Check the winbindd cache directly. */ ret = idmap_cache_find_sid2gid(psid, pgid, &expired); - if (ret && (*pgid == (gid_t)-1)) { + if (ret && !expired && (*pgid == (gid_t)-1)) { /* * Negative cache entry, we already asked. * do legacy. -- cgit From 9a89e30229442ae6336328c9e37b3121c188df01 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 27 Aug 2008 10:45:43 +0200 Subject: ldb: Fix permissions of group_mapping.ldb. This one fixes bug #5715 and CVE-2008-3789. (cherry picked from commit a94f44c49f668fcf12f4566777a668043326bf97) (This used to be commit 2eaf4ed62220246bcc1a9702166b0b4f381fdae3) --- source3/groupdb/mapping_ldb.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/source3/groupdb/mapping_ldb.c b/source3/groupdb/mapping_ldb.c index 6775f612e7..ce65d7c46d 100644 --- a/source3/groupdb/mapping_ldb.c +++ b/source3/groupdb/mapping_ldb.c @@ -74,7 +74,13 @@ static bool init_group_mapping(void) if (ret != LDB_SUCCESS) { goto failed; } - + + /* force the permissions on the ldb to 0600 - this will fix + existing databases as well as new ones */ + if (chmod(db_path, 0600) != 0) { + goto failed; + } + if (!existed) { /* initialise the ldb with an index */ struct ldb_ldif *ldif; -- cgit From dee5f093570a6586f4cf6d9dec4b002c33160862 Mon Sep 17 00:00:00 2001 From: Karolin Seeger Date: Wed, 27 Aug 2008 13:23:20 +0200 Subject: ldb: Fix permissions of new ldg files. This one fixes together with 2eaf4ed62 bug #5715 and CVE-2008-3789. Thanks to Steve Langasek for reporting! Karolin (cherry picked from commit b666d0a4b597218f5f5020bf36d80d84dcbf7259) (This used to be commit 73f54df7fedc8f0db022f902100fd5eb1b629fb2) --- source3/lib/ldb/common/ldb.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/lib/ldb/common/ldb.c b/source3/lib/ldb/common/ldb.c index e469c49399..743711b967 100644 --- a/source3/lib/ldb/common/ldb.c +++ b/source3/lib/ldb/common/ldb.c @@ -51,7 +51,7 @@ struct ldb_context *ldb_init(void *mem_ctx) } ldb_set_utf8_default(ldb); - ldb_set_create_perms(ldb, 0666); + ldb_set_create_perms(ldb, 0600); return ldb; } -- cgit From e588f0bc36b1f199afc41389b052d991453af3f8 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 27 Aug 2008 11:28:18 -0700 Subject: Be explicit about setting perms for the ldb. Helps others who may use this api. Jeremy. (This used to be commit f0ea0f3502037db878238942ee0729f6940e0b01) --- source3/groupdb/mapping_ldb.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/source3/groupdb/mapping_ldb.c b/source3/groupdb/mapping_ldb.c index ce65d7c46d..7ce879fb6e 100644 --- a/source3/groupdb/mapping_ldb.c +++ b/source3/groupdb/mapping_ldb.c @@ -60,6 +60,9 @@ static bool init_group_mapping(void) ldb = ldb_init(NULL); if (ldb == NULL) goto failed; + /* Ensure this db is created read/write for root only. */ + ldb_set_create_perms(ldb, 0600); + existed = file_exist(db_path, NULL); if (lp_parm_bool(-1, "groupmap", "nosync", False)) { -- cgit From 34c073c35192850710582b3f558c9fb761e2c24f Mon Sep 17 00:00:00 2001 From: Steve French Date: Wed, 27 Aug 2008 17:00:00 -0500 Subject: mount.cifs: unclear error message with "credentials" Thanks to Christophe Curis for the suggestion (This used to be commit 3b5ad9190d2ad6d2ca0a569194bdff9003bda13b) --- source3/client/mount.cifs.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/source3/client/mount.cifs.c b/source3/client/mount.cifs.c index dd878aa07b..9d2b449195 100644 --- a/source3/client/mount.cifs.c +++ b/source3/client/mount.cifs.c @@ -196,7 +196,7 @@ static int open_cred_file(char * file_name) line_buf = (char *)malloc(4096); if(line_buf == NULL) { fclose(fs); - return -ENOMEM; + return ENOMEM; } while(fgets(line_buf,4096,fs)) { @@ -537,7 +537,8 @@ static int parse_options(char ** optionsp, int * filesys_flags) if (value && *value) { rc = open_cred_file(value); if(rc) { - printf("error %d opening credential file %s\n",rc, value); + printf("error %d (%s) opening credential file %s\n", + rc, strerror(rc), value); return 1; } } else { -- cgit From 1cae2ac905cc3e4b6e4c92ec4d64c582cfad8fea Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 27 Aug 2008 15:06:14 -0700 Subject: Add st_birthtime and friends for accurate create times on systems that support it (*BSD and MacOSX). Should have done this ages ago, sorry. Jeremy. (This used to be commit 4c3a9558906f213948c3bdc081be73f8fed148cb) --- source3/configure.in | 90 +++++++++++++++++++++++++++++++++++++++++++++++++ source3/include/proto.h | 1 - source3/lib/time.c | 40 ++++++++++++++++------ source3/smbd/reply.c | 7 ++-- 4 files changed, 124 insertions(+), 14 deletions(-) diff --git a/source3/configure.in b/source3/configure.in index 9436fed1ff..bc5a827b8c 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -1354,6 +1354,96 @@ if test x"$samba_cv_stat_hires_notimespec" = x"yes" ; then [whether struct stat has sub-second timestamps without struct timespec]) fi +AC_CACHE_CHECK([whether struct stat has st_birthtimespec], samba_cv_stat_st_birthtimespec, + [ + AC_TRY_COMPILE( + [ +#if TIME_WITH_SYS_TIME +# include +# include +#else +# if HAVE_SYS_TIME_H +# include +# else +# include +# endif +#endif +#ifdef HAVE_SYS_STAT_H +#include +#endif + ], + [ + struct timespec t; + struct stat s = {0}; + t = s.st_birthtimespec; + ], + samba_cv_stat_st_birthtimespec=yes, samba_cv_stat_birthtimespec=no) + ]) + +if test x"$samba_cv_stat_st_birthtimespec" = x"yes" ; then + AC_DEFINE(HAVE_STAT_ST_BIRTHTIMESPEC, 1, [whether struct stat contains st_birthtimespec]) +fi + +AC_CACHE_CHECK([whether struct stat has st_birthtimensec], samba_cv_stat_st_birthtimensec, + [ + AC_TRY_COMPILE( + [ +#if TIME_WITH_SYS_TIME +# include +# include +#else +# if HAVE_SYS_TIME_H +# include +# else +# include +# endif +#endif +#ifdef HAVE_SYS_STAT_H +#include +#endif + ], + [ + struct timespec t; + struct stat s = {0}; + t.tv_nsec = s.st_birthtimensec; + ], + samba_cv_stat_st_birthtimensec=yes, samba_cv_stat_birthtimensec=no) + ]) + +if test x"$samba_cv_stat_st_birthtimensec" = x"yes" ; then + AC_DEFINE(HAVE_STAT_ST_BIRTHTIMENSEC, 1, [whether struct stat contains st_birthtimensec]) +fi + +AC_CACHE_CHECK([whether struct stat has st_birthtime], samba_cv_stat_st_birthtime, + [ + AC_TRY_COMPILE( + [ +#if TIME_WITH_SYS_TIME +# include +# include +#else +# if HAVE_SYS_TIME_H +# include +# else +# include +# endif +#endif +#ifdef HAVE_SYS_STAT_H +#include +#endif + ], + [ + struct time_t t; + struct stat s = {0}; + t = s.st_birthtime; + ], + samba_cv_stat_st_birthtime=yes, samba_cv_stat_birthtime=no) + ]) + +if test x"$samba_cv_stat_st_birthtime" = x"yes" ; then + AC_DEFINE(HAVE_STAT_ST_BIRTHTIME, 1, [whether struct stat contains st_birthtime]) +fi + ##################################### # needed for SRV lookups AC_CHECK_LIB(resolv, dn_expand) diff --git a/source3/include/proto.h b/source3/include/proto.h index d3a8dbbc7f..2145a892c6 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1185,7 +1185,6 @@ void srv_put_dos_date2(char *buf,int offset, time_t unixdate); void srv_put_dos_date3(char *buf,int offset,time_t unixdate); void put_long_date_timespec(char *p, struct timespec ts); void put_long_date(char *p, time_t t); -time_t get_create_time(const SMB_STRUCT_STAT *st,bool fake_dirs); struct timespec get_create_timespec(const SMB_STRUCT_STAT *st,bool fake_dirs); struct timespec get_atimespec(const SMB_STRUCT_STAT *pst); void set_atimespec(SMB_STRUCT_STAT *pst, struct timespec ts); diff --git a/source3/lib/time.c b/source3/lib/time.c index 9db88b3fc8..3cf0cb4f64 100644 --- a/source3/lib/time.c +++ b/source3/lib/time.c @@ -826,14 +826,10 @@ void put_long_date(char *p, time_t t) structure. ****************************************************************************/ -time_t get_create_time(const SMB_STRUCT_STAT *st,bool fake_dirs) +static time_t calc_create_time(const SMB_STRUCT_STAT *st) { time_t ret, ret1; - if(S_ISDIR(st->st_mode) && fake_dirs) { - return (time_t)315493200L; /* 1/1/1980 */ - } - ret = MIN(st->st_ctime, st->st_mtime); ret1 = MIN(ret, st->st_atime); @@ -848,12 +844,36 @@ time_t get_create_time(const SMB_STRUCT_STAT *st,bool fake_dirs) return ret; } -struct timespec get_create_timespec(const SMB_STRUCT_STAT *st,bool fake_dirs) +/**************************************************************************** + Return the 'create time' from a stat struct if it exists (birthtime) or else + use the best approximation. +****************************************************************************/ + +struct timespec get_create_timespec(const SMB_STRUCT_STAT *pst,bool fake_dirs) { - struct timespec ts; - ts.tv_sec = get_create_time(st, fake_dirs); - ts.tv_nsec = 0; - return ts; + struct timespec ret; + + if(S_ISDIR(pst->st_mode) && fake_dirs) { + ret.tv_sec = 315493200L; /* 1/1/1980 */ + ret.tv_nsec = 0; + return ret; + } + +#if defined(HAVE_STAT_ST_BIRTHTIMESPEC) + return pst->st_birthtimespec; +#elif defined(HAVE_STAT_ST_BIRTHTIMENSEC) + ret.tv_sec = pst->st_birthtime; + ret.tv_nsec = pst->st_birthtimenspec; + return ret; +#elif defined(HAVE_STAT_ST_BIRTHTIME) + ret.tv_sec = pst->st_birthtime; + ret.tv_nsec = 0; + return ret; +#else + ret.tv_sec = calc_create_time(pst); + ret.tv_nsec = 0; + return ret; +#endif } /**************************************************************************** diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 06aa835cb0..ff38ac88cf 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -7126,6 +7126,7 @@ void reply_getattrE(struct smb_request *req) SMB_STRUCT_STAT sbuf; int mode; files_struct *fsp; + struct timespec create_ts; START_PROFILE(SMBgetattrE); @@ -7160,9 +7161,9 @@ void reply_getattrE(struct smb_request *req) reply_outbuf(req, 11, 0); - srv_put_dos_date2((char *)req->outbuf, smb_vwv0, - get_create_time(&sbuf, - lp_fake_dir_create_times(SNUM(conn)))); + create_ts = get_create_timespec(&sbuf, + lp_fake_dir_create_times(SNUM(conn))); + srv_put_dos_date2((char *)req->outbuf, smb_vwv0, create_ts.tv_sec); srv_put_dos_date2((char *)req->outbuf, smb_vwv2, sbuf.st_atime); /* Should we check pending modtime here ? JRA */ srv_put_dos_date2((char *)req->outbuf, smb_vwv4, sbuf.st_mtime); -- cgit From 1d26beb7084efdfcadb4a1cebe5a0d7cdcd2b454 Mon Sep 17 00:00:00 2001 From: Ephi Dror Date: Wed, 27 Aug 2008 17:28:34 -0700 Subject: Correct the netsamlogon_clear_cached_user function. (This used to be commit bb13312d9d53b1e048b3a0bfeeca088f9db84cd3) --- source3/libsmb/samlogon_cache.c | 54 ++++++++++++++--------------------------- 1 file changed, 18 insertions(+), 36 deletions(-) diff --git a/source3/libsmb/samlogon_cache.c b/source3/libsmb/samlogon_cache.c index 2d2588f70c..4abe5bb6de 100644 --- a/source3/libsmb/samlogon_cache.c +++ b/source3/libsmb/samlogon_cache.c @@ -59,48 +59,30 @@ bool netsamlogon_cache_shutdown(void) Clear cache getpwnam and getgroups entries from the winbindd cache ***********************************************************************/ -void netsamlogon_clear_cached_user(TDB_CONTEXT *tdb, struct netr_SamInfo3 *info3) +void netsamlogon_clear_cached_user(struct netr_SamInfo3 *info3) { - bool got_tdb = false; - DOM_SID sid; - fstring key_str, sid_string; - - /* We may need to call this function from smbd which will not have - winbindd_cache.tdb open. Open the tdb if a NULL is passed. */ - - if (!tdb) { - tdb = tdb_open_log(lock_path("winbindd_cache.tdb"), - WINBINDD_CACHE_TDB_DEFAULT_HASH_SIZE, - TDB_DEFAULT, O_RDWR, 0600); - if (!tdb) { - DEBUG(5, ("netsamlogon_clear_cached_user: failed to open cache\n")); - return; - } - got_tdb = true; - } - - sid_copy(&sid, info3->base.domain_sid); - sid_append_rid(&sid, info3->base.rid); - - /* Clear U/SID cache entry */ - - fstr_sprintf(key_str, "U/%s", sid_to_fstring(sid_string, &sid)); - - DEBUG(10, ("netsamlogon_clear_cached_user: clearing %s\n", key_str)); - - tdb_delete(tdb, string_tdb_data(key_str)); + DOM_SID user_sid; + fstring keystr, tmp; - /* Clear UG/SID cache entry */ + if (!info3) { + return; + } - fstr_sprintf(key_str, "UG/%s", sid_to_fstring(sid_string, &sid)); + if (!netsamlogon_cache_init()) { + DEBUG(0,("netsamlogon_clear_cached_user: cannot open " + "%s for write!\n", + NETSAMLOGON_TDB)); + return; + } + sid_copy(&user_sid, info3->base.domain_sid); + sid_append_rid(&user_sid, info3->base.rid); - DEBUG(10, ("netsamlogon_clear_cached_user: clearing %s\n", key_str)); + /* Prepare key as DOMAIN-SID/USER-RID string */ + slprintf(keystr, sizeof(keystr), "%s", sid_to_fstring(tmp, &user_sid)); - tdb_delete(tdb, string_tdb_data(key_str)); + DEBUG(10,("netsamlogon_clear_cached_user: SID [%s]\n", keystr)); - if (got_tdb) { - tdb_close(tdb); - } + tdb_delete_bystring(netsamlogon_tdb, keystr); } /*********************************************************************** -- cgit From 29af730964e567a8391ee381aae3b9aaa7e5e7e1 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 27 Aug 2008 17:29:10 -0700 Subject: Fix the wcache_invalidate_samlogon calls. Jeremy. (This used to be commit 7c820899ed1364fdaeb7b49e8ddd839e67397ec0) --- source3/include/proto.h | 2 +- source3/winbindd/winbindd_cache.c | 23 ++++++++++++++++++++++- source3/winbindd/winbindd_pam.c | 4 ++-- 3 files changed, 25 insertions(+), 4 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 2145a892c6..d5e942a6d7 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -5002,7 +5002,7 @@ void pwd_get_cleartext(struct pwd_info *pwd, fstring clr); bool netsamlogon_cache_init(void); bool netsamlogon_cache_shutdown(void); -void netsamlogon_clear_cached_user(TDB_CONTEXT *tdb, struct netr_SamInfo3 *info3); +void netsamlogon_clear_cached_user(struct netr_SamInfo3 *info3); bool netsamlogon_cache_store(const char *username, struct netr_SamInfo3 *info3); struct netr_SamInfo3 *netsamlogon_cache_get(TALLOC_CTX *mem_ctx, const DOM_SID *user_sid); bool netsamlogon_cache_have(const DOM_SID *user_sid); diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c index c9d857c2ec..2fbb01b623 100644 --- a/source3/winbindd/winbindd_cache.c +++ b/source3/winbindd/winbindd_cache.c @@ -2259,6 +2259,8 @@ static int traverse_fn(TDB_CONTEXT *the_tdb, TDB_DATA kbuf, TDB_DATA dbuf, void wcache_invalidate_samlogon(struct winbindd_domain *domain, struct netr_SamInfo3 *info3) { + DOM_SID sid; + fstring key_str, sid_string; struct winbind_cache *cache; /* dont clear cached U/SID and UG/SID entries when we want to logon @@ -2272,7 +2274,26 @@ void wcache_invalidate_samlogon(struct winbindd_domain *domain, return; cache = get_cache(domain); - netsamlogon_clear_cached_user(cache->tdb, info3); + + if (!cache->tdb) { + return; + } + + sid_copy(&sid, info3->base.domain_sid); + sid_append_rid(&sid, info3->base.rid); + + /* Clear U/SID cache entry */ + fstr_sprintf(key_str, "U/%s", sid_to_fstring(sid_string, &sid)); + DEBUG(10, ("wcache_invalidate_samlogon: clearing %s\n", key_str)); + tdb_delete(cache->tdb, string_tdb_data(key_str)); + + /* Clear UG/SID cache entry */ + fstr_sprintf(key_str, "UG/%s", sid_to_fstring(sid_string, &sid)); + DEBUG(10, ("wcache_invalidate_samlogon: clearing %s\n", key_str)); + tdb_delete(cache->tdb, string_tdb_data(key_str)); + + /* Samba/winbindd never needs this. */ + netsamlogon_clear_cached_user(info3); } bool wcache_invalidate_cache(void) diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index a7911f60aa..d4a2e3ed79 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -1595,8 +1595,8 @@ process_result: goto done; } - netsamlogon_cache_store(name_user, info3); wcache_invalidate_samlogon(find_domain_from_name(name_domain), info3); + netsamlogon_cache_store(name_user, info3); /* save name_to_sid info as early as possible (only if this is our primary domain so we don't invalidate @@ -1921,8 +1921,8 @@ enum winbindd_result winbindd_dual_pam_auth_crap(struct winbindd_domain *domain, if (NT_STATUS_IS_OK(result)) { - netsamlogon_cache_store(name_user, info3); wcache_invalidate_samlogon(find_domain_from_name(name_domain), info3); + netsamlogon_cache_store(name_user, info3); /* Check if the user is in the right group */ -- cgit From 52e23fe460ed662e10137503abd08f4bd6596651 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 12:29:24 +0200 Subject: winbindd: fix invalid sid copy (hit when enumerating sibling domains). Guenther (This used to be commit 5eee7423351ffd05486e33ff8eb905babcbc9422) --- source3/winbindd/winbindd_ads.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c index 097fa3907d..53ea3e148c 100644 --- a/source3/winbindd/winbindd_ads.c +++ b/source3/winbindd/winbindd_ads.c @@ -1254,7 +1254,7 @@ static NTSTATUS trusted_domains(struct winbindd_domain *domain, if (trusts.array[i].sid) { sid_copy( &d.sid, trusts.array[i].sid); } else { - sid_copy(&(*dom_sids)[ret_count], &global_sid_NULL); + sid_copy(&d.sid, &global_sid_NULL); } if ( domain->primary ) { -- cgit From 58aa97c0d9db06588d1aba4f06a3c98ed2098d8f Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 1 Aug 2008 23:14:51 +0200 Subject: Refactoring: Add the routine cli_request_send() cli_request_send() is supposed to bundle all generic SMB-header handling. This makes cli_request_new static to async_smb.c. (This used to be commit 7e73dd4e7622db64d30d48ba106892e0895fc188) --- source3/include/async_smb.h | 12 ++++---- source3/include/proto.h | 15 --------- source3/libsmb/async_smb.c | 62 ++++++++++++++++++++++++++++++++++--- source3/libsmb/clireadwrite.c | 71 +++++++++++++++---------------------------- 4 files changed, 88 insertions(+), 72 deletions(-) diff --git a/source3/include/async_smb.h b/source3/include/async_smb.h index 19408be74b..5ec6b12050 100644 --- a/source3/include/async_smb.h +++ b/source3/include/async_smb.h @@ -20,14 +20,14 @@ #include "includes.h" /* - * Create a fresh async smb request + * Ship a new smb request to the server */ -struct async_req *cli_request_new(TALLOC_CTX *mem_ctx, - struct event_context *ev, - struct cli_state *cli, - uint8_t num_words, size_t num_bytes, - struct cli_request **preq); +struct async_req *cli_request_send(TALLOC_CTX *mem_ctx, struct cli_state *cli, + uint8_t smb_command, + uint8_t additional_flags, + uint8_t wct, const uint16_t *vwv, + uint16_t num_bytes, const uint8_t *bytes); /* * Convenience function to get the SMB part out of an async_req diff --git a/source3/include/proto.h b/source3/include/proto.h index d5e942a6d7..0e691d9062 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -4201,21 +4201,6 @@ bool asn1_write_enumerated(ASN1_DATA *data, uint8 v); bool ber_write_OID_String(DATA_BLOB *blob, const char *OID); bool ber_read_OID_String(TALLOC_CTX *mem_ctx, DATA_BLOB blob, const char **OID); -/* The following definitions come from libsmb/async_smb.c */ - -NTSTATUS cli_pull_error(char *buf); -void cli_set_error(struct cli_state *cli, NTSTATUS status); -struct async_req *cli_request_new(TALLOC_CTX *mem_ctx, - struct event_context *ev, - struct cli_state *cli, - uint8_t num_words, size_t num_bytes, - struct cli_request **preq); -struct cli_request *cli_request_get(struct async_req *req); -struct cli_tmp_event *cli_tmp_event_ctx(TALLOC_CTX *mem_ctx, - struct cli_state *cli); -NTSTATUS cli_add_event_ctx(struct cli_state *cli, - struct event_context *event_ctx); - /* The following definitions come from libsmb/cliconnect.c */ ADS_STATUS cli_session_setup_spnego(struct cli_state *cli, const char *user, diff --git a/source3/libsmb/async_smb.c b/source3/libsmb/async_smb.c index 58bba2bfc7..454bd8169b 100644 --- a/source3/libsmb/async_smb.c +++ b/source3/libsmb/async_smb.c @@ -114,11 +114,11 @@ static int cli_request_destructor(struct cli_request *req) * Create a fresh async smb request */ -struct async_req *cli_request_new(TALLOC_CTX *mem_ctx, - struct event_context *ev, - struct cli_state *cli, - uint8_t num_words, size_t num_bytes, - struct cli_request **preq) +static struct async_req *cli_request_new(TALLOC_CTX *mem_ctx, + struct event_context *ev, + struct cli_state *cli, + uint8_t num_words, size_t num_bytes, + struct cli_request **preq) { struct async_req *result; struct cli_request *cli_req; @@ -160,6 +160,58 @@ struct async_req *cli_request_new(TALLOC_CTX *mem_ctx, return result; } +/* + * Ship a new smb request to the server + */ +struct async_req *cli_request_send(TALLOC_CTX *mem_ctx, struct cli_state *cli, + uint8_t smb_command, + uint8_t additional_flags, + uint8_t wct, const uint16_t *vwv, + uint16_t num_bytes, const uint8_t *bytes) +{ + struct async_req *result; + struct cli_request *req; + + result = cli_request_new(mem_ctx, cli->event_ctx, cli, wct, num_bytes, + &req); + if (result == NULL) { + DEBUG(0, ("cli_request_new failed\n")); + return NULL; + } + + cli_set_message(req->outbuf, wct, num_bytes, false); + SCVAL(req->outbuf, smb_com, smb_command); + SSVAL(req->outbuf, smb_tid, cli->cnum); + cli_setup_packet_buf(cli, req->outbuf); + + memcpy(req->outbuf + smb_vwv0, vwv, sizeof(uint16_t) * wct); + memcpy(smb_buf(req->outbuf), bytes, num_bytes); + SSVAL(req->outbuf, smb_mid, req->mid); + SCVAL(cli->outbuf, smb_flg, + CVAL(cli->outbuf,smb_flg) | additional_flags); + + cli_calculate_sign_mac(cli, req->outbuf); + + if (cli_encryption_on(cli)) { + NTSTATUS status; + char *enc_buf; + + status = cli_encrypt_message(cli, req->outbuf, &enc_buf); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("Error in encrypting client message. " + "Error %s\n", nt_errstr(status))); + TALLOC_FREE(req); + return NULL; + } + req->outbuf = enc_buf; + req->enc_state = cli->trans_enc_state; + } + + event_fd_set_writeable(cli->fd_event); + + return result; +} + /* * Convenience function to get the SMB part out of an async_req */ diff --git a/source3/libsmb/clireadwrite.c b/source3/libsmb/clireadwrite.c index a57f1e0785..2b34fce5bd 100644 --- a/source3/libsmb/clireadwrite.c +++ b/source3/libsmb/clireadwrite.c @@ -47,7 +47,9 @@ struct async_req *cli_read_andx_send(TALLOC_CTX *mem_ctx, struct async_req *result; struct cli_request *req; bool bigoffset = False; - char *enc_buf; + + uint16_t vwv[12]; + uint8_t wct = 10; if (size > cli_read_max_bufsize(cli)) { DEBUG(0, ("cli_read_andx_send got size=%d, can only handle " @@ -56,60 +58,37 @@ struct async_req *cli_read_andx_send(TALLOC_CTX *mem_ctx, return NULL; } - result = cli_request_new(mem_ctx, cli->event_ctx, cli, 12, 0, &req); + SCVAL(vwv + 0, 0, 0xFF); + SCVAL(vwv + 0, 1, 0); + SSVAL(vwv + 1, 0, 0); + SSVAL(vwv + 2, 0, fnum); + SIVAL(vwv + 3, 0, offset); + SSVAL(vwv + 5, 0, size); + SSVAL(vwv + 6, 0, size); + SSVAL(vwv + 7, 0, (size >> 16)); + SSVAL(vwv + 8, 0, 0); + SSVAL(vwv + 9, 0, 0); + + if ((SMB_BIG_UINT)offset >> 32) { + bigoffset = True; + SIVAL(vwv + 10, 0, + (((SMB_BIG_UINT)offset)>>32) & 0xffffffff); + wct += 2; + } + + result = cli_request_send(mem_ctx, cli, SMBreadX, 0, wct, vwv, + 0, NULL); if (result == NULL) { - DEBUG(0, ("cli_request_new failed\n")); return NULL; } + req = cli_request_get(result); + req->data.read.ofs = offset; req->data.read.size = size; req->data.read.received = 0; req->data.read.rcvbuf = NULL; - if ((SMB_BIG_UINT)offset >> 32) - bigoffset = True; - - cli_set_message(req->outbuf, bigoffset ? 12 : 10, 0, False); - - SCVAL(req->outbuf,smb_com,SMBreadX); - SSVAL(req->outbuf,smb_tid,cli->cnum); - cli_setup_packet_buf(cli, req->outbuf); - - SCVAL(req->outbuf,smb_vwv0,0xFF); - SCVAL(req->outbuf,smb_vwv0+1,0); - SSVAL(req->outbuf,smb_vwv1,0); - SSVAL(req->outbuf,smb_vwv2,fnum); - SIVAL(req->outbuf,smb_vwv3,offset); - SSVAL(req->outbuf,smb_vwv5,size); - SSVAL(req->outbuf,smb_vwv6,size); - SSVAL(req->outbuf,smb_vwv7,(size >> 16)); - SSVAL(req->outbuf,smb_vwv8,0); - SSVAL(req->outbuf,smb_vwv9,0); - SSVAL(req->outbuf,smb_mid,req->mid); - - if (bigoffset) { - SIVAL(req->outbuf, smb_vwv10, - (((SMB_BIG_UINT)offset)>>32) & 0xffffffff); - } - - cli_calculate_sign_mac(cli, req->outbuf); - - event_fd_set_writeable(cli->fd_event); - - if (cli_encryption_on(cli)) { - NTSTATUS status; - status = cli_encrypt_message(cli, req->outbuf, &enc_buf); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(0, ("Error in encrypting client message. " - "Error %s\n", nt_errstr(status))); - TALLOC_FREE(req); - return NULL; - } - req->outbuf = enc_buf; - req->enc_state = cli->trans_enc_state; - } - return result; } -- cgit From 8f408a676eb1d2bac665d8212d727dafeecd386e Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 1 Aug 2008 23:18:15 +0200 Subject: Add async cli_close (This used to be commit f84a2b5dbf8a072a9e356fa39523f65d042a2643) --- source3/include/proto.h | 3 +++ source3/libsmb/clifile.c | 51 ++++++++++++++++++++++++++++++++++++------------ 2 files changed, 41 insertions(+), 13 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 0e691d9062..41185a63b9 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -4379,6 +4379,9 @@ int cli_nt_create_full(struct cli_state *cli, const char *fname, uint8 SecuityFlags); int cli_nt_create(struct cli_state *cli, const char *fname, uint32 DesiredAccess); int cli_open(struct cli_state *cli, const char *fname, int flags, int share_mode); +struct async_req *cli_close_send(TALLOC_CTX *mem_ctx, struct event_context *ev, + struct cli_state *cli, int fnum); +NTSTATUS cli_close_recv(struct async_req *req); bool cli_close(struct cli_state *cli, int fnum); bool cli_ftruncate(struct cli_state *cli, int fnum, uint64_t size); NTSTATUS cli_locktype(struct cli_state *cli, int fnum, diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c index 12b10ba0a0..20357bbec0 100644 --- a/source3/libsmb/clifile.c +++ b/source3/libsmb/clifile.c @@ -865,28 +865,53 @@ int cli_open(struct cli_state *cli, const char *fname, int flags, int share_mode Close a file. ****************************************************************************/ -bool cli_close(struct cli_state *cli, int fnum) +struct async_req *cli_close_send(TALLOC_CTX *mem_ctx, struct cli_state *cli, + int fnum) { - memset(cli->outbuf,'\0',smb_size); - memset(cli->inbuf,'\0',smb_size); + uint16_t vwv[3]; - cli_set_message(cli->outbuf,3,0,True); + SSVAL(vwv+0, 0, fnum); + SIVALS(vwv+1, 0, -1); - SCVAL(cli->outbuf,smb_com,SMBclose); - SSVAL(cli->outbuf,smb_tid,cli->cnum); - cli_setup_packet(cli); + return cli_request_send(mem_ctx, cli, SMBclose, 0, 3, vwv, 0, NULL); +} - SSVAL(cli->outbuf,smb_vwv0,fnum); - SIVALS(cli->outbuf,smb_vwv1,-1); +NTSTATUS cli_close_recv(struct async_req *req) +{ + struct cli_request *cli_req = cli_request_get(req); - cli_send_smb(cli); - if (!cli_receive_smb(cli)) { - return False; + SMB_ASSERT(req->state >= ASYNC_REQ_DONE); + if (req->state == ASYNC_REQ_ERROR) { + return req->status; } - return !cli_is_error(cli); + return cli_pull_error(cli_req->inbuf); } +bool cli_close(struct cli_state *cli, int fnum) +{ + TALLOC_CTX *frame = talloc_stackframe(); + struct async_req *req; + bool result = false; + + if (cli_tmp_event_ctx(frame, cli) == NULL) { + goto fail; + } + + req = cli_close_send(frame, cli, fnum); + if (req == NULL) { + goto fail; + } + + while (req->state < ASYNC_REQ_DONE) { + event_loop_once(cli->event_ctx); + } + + result = NT_STATUS_IS_OK(cli_close_recv(req)); + fail: + TALLOC_FREE(frame); + return result; +} /**************************************************************************** Truncate a file to a specified size -- cgit From de9fcfc79504fbca0350a99269b4a3423e5f2561 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 2 Aug 2008 18:44:39 +0200 Subject: Add async open&x (This used to be commit faf353edd60967efac4d5c222db14fa730866273) --- source3/include/proto.h | 3 + source3/libsmb/clifile.c | 150 ++++++++++++++++++++++++++++++++++++----------- 2 files changed, 120 insertions(+), 33 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 41185a63b9..ac91b144de 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -4378,6 +4378,9 @@ int cli_nt_create_full(struct cli_state *cli, const char *fname, uint32 CreateDisposition, uint32 CreateOptions, uint8 SecuityFlags); int cli_nt_create(struct cli_state *cli, const char *fname, uint32 DesiredAccess); +struct async_req *cli_open_send(TALLOC_CTX *mem_ctx, struct cli_state *cli, + const char *fname, int flags, int share_mode); +NTSTATUS cli_open_recv(struct async_req *req, int *fnum); int cli_open(struct cli_state *cli, const char *fname, int flags, int share_mode); struct async_req *cli_close_send(TALLOC_CTX *mem_ctx, struct event_context *ev, struct cli_state *cli, int fnum); diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c index 20357bbec0..d5157877bf 100644 --- a/source3/libsmb/clifile.c +++ b/source3/libsmb/clifile.c @@ -781,19 +781,61 @@ int cli_nt_create(struct cli_state *cli, const char *fname, uint32 DesiredAccess FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0x0, 0x0); } +static uint8_t *smb_bytes_push_str(uint8_t *buf, bool ucs2, const char *str) +{ + size_t buflen = talloc_get_size(buf); + char *converted; + size_t converted_size; + + /* + * We're pushing into an SMB buffer, align odd + */ + if (ucs2 && (buflen % 2 == 0)) { + buf = TALLOC_REALLOC_ARRAY(NULL, buf, uint8_t, buflen + 1); + if (buf == NULL) { + return NULL; + } + buf[buflen] = '\0'; + buflen += 1; + } + + if (!convert_string_allocate(talloc_tos(), CH_UNIX, + ucs2 ? CH_UTF16LE : CH_DOS, + str, strlen(str)+1, &converted, + &converted_size, true)) { + return NULL; + } + + buf = TALLOC_REALLOC_ARRAY(NULL, buf, uint8_t, + buflen + converted_size); + if (buf == NULL) { + return NULL; + } + + memcpy(buf + buflen, converted, converted_size); + + TALLOC_FREE(converted); + return buf; +} + /**************************************************************************** Open a file WARNING: if you open with O_WRONLY then getattrE won't work! ****************************************************************************/ -int cli_open(struct cli_state *cli, const char *fname, int flags, int share_mode) +struct async_req *cli_open_send(TALLOC_CTX *mem_ctx, struct cli_state *cli, + const char *fname, int flags, int share_mode) { - char *p; - unsigned openfn=0; - unsigned accessmode=0; + unsigned openfn = 0; + unsigned accessmode = 0; + uint8_t additional_flags = 0; + uint8_t *bytes; + uint16_t vwv[15]; + struct async_req *result; - if (flags & O_CREAT) + if (flags & O_CREAT) { openfn |= (1<<4); + } if (!(flags & O_EXCL)) { if (flags & O_TRUNC) openfn |= (1<<1); @@ -819,46 +861,88 @@ int cli_open(struct cli_state *cli, const char *fname, int flags, int share_mode accessmode = 0xFF; } - memset(cli->outbuf,'\0',smb_size); - memset(cli->inbuf,'\0',smb_size); - - cli_set_message(cli->outbuf,15,0, true); - - SCVAL(cli->outbuf,smb_com,SMBopenX); - SSVAL(cli->outbuf,smb_tid,cli->cnum); - cli_setup_packet(cli); - - SSVAL(cli->outbuf,smb_vwv0,0xFF); - SSVAL(cli->outbuf,smb_vwv2,0); /* no additional info */ - SSVAL(cli->outbuf,smb_vwv3,accessmode); - SSVAL(cli->outbuf,smb_vwv4,aSYSTEM | aHIDDEN); - SSVAL(cli->outbuf,smb_vwv5,0); - SSVAL(cli->outbuf,smb_vwv8,openfn); + SCVAL(vwv + 0, 0, 0xFF); + SCVAL(vwv + 0, 1, 0); + SSVAL(vwv + 1, 0, 0); + SSVAL(vwv + 2, 0, 0); /* no additional info */ + SSVAL(vwv + 3, 0, accessmode); + SSVAL(vwv + 4, 0, aSYSTEM | aHIDDEN); + SSVAL(vwv + 5, 0, 0); + SIVAL(vwv + 6, 0, 0); + SSVAL(vwv + 8, 0, openfn); + SIVAL(vwv + 9, 0, 0); + SIVAL(vwv + 11, 0, 0); + SIVAL(vwv + 13, 0, 0); if (cli->use_oplocks) { /* if using oplocks then ask for a batch oplock via core and extended methods */ - SCVAL(cli->outbuf,smb_flg, CVAL(cli->outbuf,smb_flg)| - FLAG_REQUEST_OPLOCK|FLAG_REQUEST_BATCH_OPLOCK); - SSVAL(cli->outbuf,smb_vwv2,SVAL(cli->outbuf,smb_vwv2) | 6); + additional_flags = + FLAG_REQUEST_OPLOCK|FLAG_REQUEST_BATCH_OPLOCK; + SSVAL(vwv+2, 0, SVAL(vwv+2, 0) | 6); } - p = smb_buf(cli->outbuf); - p += clistr_push(cli, p, fname, - cli->bufsize - PTR_DIFF(p,cli->outbuf), STR_TERMINATE); + bytes = talloc_array(talloc_tos(), uint8_t, 0); + if (bytes == NULL) { + return NULL; + } - cli_setup_bcc(cli, p); + bytes = smb_bytes_push_str( + bytes, (cli->capabilities & CAP_UNICODE) != 0, fname); + if (bytes == NULL) { + return NULL; + } - cli_send_smb(cli); - if (!cli_receive_smb(cli)) { - return -1; + result = cli_request_send(mem_ctx, cli, SMBopenX, additional_flags, + 15, vwv, talloc_get_size(bytes), bytes); + TALLOC_FREE(bytes); + return result; +} + +NTSTATUS cli_open_recv(struct async_req *req, int *fnum) +{ + struct cli_request *cli_req = cli_request_get(req); + NTSTATUS status; + + SMB_ASSERT(req->state >= ASYNC_REQ_DONE); + if (req->state == ASYNC_REQ_ERROR) { + return req->status; } - if (cli_is_error(cli)) { - return -1; + status = cli_pull_error(cli_req->inbuf); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + *fnum = SVAL(cli_req->inbuf, smb_vwv2); + + return NT_STATUS_OK; +} + +int cli_open(struct cli_state *cli, const char *fname, int flags, + int share_mode) +{ + TALLOC_CTX *frame = talloc_stackframe(); + struct async_req *req; + int result = -1; + + if (cli_tmp_event_ctx(frame, cli) == NULL) { + goto fail; + } + + req = cli_open_send(frame, cli, fname, flags, share_mode); + if (req == NULL) { + goto fail; + } + + while (req->state < ASYNC_REQ_DONE) { + event_loop_once(cli->event_ctx); } - return SVAL(cli->inbuf,smb_vwv2); + cli_open_recv(req, &result); + fail: + TALLOC_FREE(frame); + return result; } /**************************************************************************** -- cgit From 2650207d4adbfd68974fc2b342dd2af079a2552c Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 24 Aug 2008 14:17:43 +0200 Subject: Remove cli->event_ctx, pass it explicitly Storing the event_context as permanent state in struct cli_state creates more complex code than necessary IMO. (This used to be commit debb37f703075008e5ea7d34d214cfa4d0f8f916) --- source3/include/async_smb.h | 18 ++------- source3/include/client.h | 10 ++++- source3/include/proto.h | 8 +++- source3/libsmb/async_smb.c | 94 +++++++++++-------------------------------- source3/libsmb/clifile.c | 44 +++++++++++++++----- source3/libsmb/clireadwrite.c | 33 ++++++++++----- 6 files changed, 99 insertions(+), 108 deletions(-) diff --git a/source3/include/async_smb.h b/source3/include/async_smb.h index 5ec6b12050..40a8d3476e 100644 --- a/source3/include/async_smb.h +++ b/source3/include/async_smb.h @@ -23,7 +23,9 @@ * Ship a new smb request to the server */ -struct async_req *cli_request_send(TALLOC_CTX *mem_ctx, struct cli_state *cli, +struct async_req *cli_request_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, + struct cli_state *cli, uint8_t smb_command, uint8_t additional_flags, uint8_t wct, const uint16_t *vwv, @@ -46,17 +48,3 @@ NTSTATUS cli_pull_error(char *buf); */ void cli_set_error(struct cli_state *cli, NTSTATUS status); - -/* - * Create a temporary event context for use in the sync helper functions - */ - -struct cli_tmp_event *cli_tmp_event_ctx(TALLOC_CTX *mem_ctx, - struct cli_state *cli); - -/* - * Attach an event context permanently to a cli_struct - */ - -NTSTATUS cli_add_event_ctx(struct cli_state *cli, - struct event_context *event_ctx); diff --git a/source3/include/client.h b/source3/include/client.h index 51ced9907f..be12288f28 100644 --- a/source3/include/client.h +++ b/source3/include/client.h @@ -204,7 +204,15 @@ struct cli_state { bool force_dos_errors; bool case_sensitive; /* False by default. */ - struct event_context *event_ctx; + /** + * fd_event is around while we have async requests outstanding or are + * building a chained request. + * + * (fd_event!=NULL) && (outstanding_request!=NULL) + * + * should always be true, as well as the reverse: If both cli_request + * pointers are NULL, no fd_event is around. + */ struct fd_event *fd_event; char *evt_inbuf; diff --git a/source3/include/proto.h b/source3/include/proto.h index ac91b144de..f21cc2b17f 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -4378,7 +4378,8 @@ int cli_nt_create_full(struct cli_state *cli, const char *fname, uint32 CreateDisposition, uint32 CreateOptions, uint8 SecuityFlags); int cli_nt_create(struct cli_state *cli, const char *fname, uint32 DesiredAccess); -struct async_req *cli_open_send(TALLOC_CTX *mem_ctx, struct cli_state *cli, +struct async_req *cli_open_send(TALLOC_CTX *mem_ctx, struct event_context *ev, + struct cli_state *cli, const char *fname, int flags, int share_mode); NTSTATUS cli_open_recv(struct async_req *req, int *fnum); int cli_open(struct cli_state *cli, const char *fname, int flags, int share_mode); @@ -4618,11 +4619,14 @@ int cli_NetConnectionEnum(struct cli_state *cli, const char *qualifier, /* The following definitions come from libsmb/clireadwrite.c */ struct async_req *cli_read_andx_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, struct cli_state *cli, int fnum, off_t offset, size_t size); NTSTATUS cli_read_andx_recv(struct async_req *req, ssize_t *received, uint8_t **rcvbuf); -struct async_req *cli_pull_send(TALLOC_CTX *mem_ctx, struct cli_state *cli, +struct async_req *cli_pull_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, + struct cli_state *cli, uint16_t fnum, off_t start_offset, SMB_OFF_T size, size_t window_size, NTSTATUS (*sink)(char *buf, size_t n, diff --git a/source3/libsmb/async_smb.c b/source3/libsmb/async_smb.c index 454bd8169b..e58b753da2 100644 --- a/source3/libsmb/async_smb.c +++ b/source3/libsmb/async_smb.c @@ -19,6 +19,9 @@ #include "includes.h" +static void cli_state_handler(struct event_context *event_ctx, + struct fd_event *event, uint16 flags, void *p); + /* * Fetch an error out of a NBT packet */ @@ -107,6 +110,9 @@ static int cli_request_destructor(struct cli_request *req) common_free_enc_buffer(req->enc_state, req->outbuf); } DLIST_REMOVE(req->cli->outstanding_requests, req); + if (req->cli->outstanding_requests == NULL) { + TALLOC_FREE(req->cli->fd_event); + } return 0; } @@ -163,7 +169,9 @@ static struct async_req *cli_request_new(TALLOC_CTX *mem_ctx, /* * Ship a new smb request to the server */ -struct async_req *cli_request_send(TALLOC_CTX *mem_ctx, struct cli_state *cli, +struct async_req *cli_request_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, + struct cli_state *cli, uint8_t smb_command, uint8_t additional_flags, uint8_t wct, const uint16_t *vwv, @@ -172,10 +180,20 @@ struct async_req *cli_request_send(TALLOC_CTX *mem_ctx, struct cli_state *cli, struct async_req *result; struct cli_request *req; - result = cli_request_new(mem_ctx, cli->event_ctx, cli, wct, num_bytes, - &req); + if (cli->fd_event == NULL) { + SMB_ASSERT(cli->outstanding_requests == NULL); + cli->fd_event = event_add_fd(ev, cli, cli->fd, + EVENT_FD_READ, + cli_state_handler, cli); + if (cli->fd_event == NULL) { + return NULL; + } + } + + result = cli_request_new(mem_ctx, ev, cli, wct, num_bytes, &req); if (result == NULL) { DEBUG(0, ("cli_request_new failed\n")); + TALLOC_FREE(cli->fd_event); return NULL; } @@ -446,7 +464,9 @@ static void cli_state_handler(struct event_context *event_ctx, } if (req == NULL) { - event_fd_set_not_writeable(event); + if (cli->fd_event != NULL) { + event_fd_set_not_writeable(cli->fd_event); + } return; } @@ -474,69 +494,3 @@ static void cli_state_handler(struct event_context *event_ctx, close(cli->fd); cli->fd = -1; } - -/* - * Holder for a talloc_destructor, we need to zero out the pointers in cli - * when deleting - */ -struct cli_tmp_event { - struct cli_state *cli; -}; - -static int cli_tmp_event_destructor(struct cli_tmp_event *e) -{ - TALLOC_FREE(e->cli->fd_event); - TALLOC_FREE(e->cli->event_ctx); - return 0; -} - -/* - * Create a temporary event context for use in the sync helper functions - */ - -struct cli_tmp_event *cli_tmp_event_ctx(TALLOC_CTX *mem_ctx, - struct cli_state *cli) -{ - struct cli_tmp_event *state; - - if (cli->event_ctx != NULL) { - return NULL; - } - - state = talloc(mem_ctx, struct cli_tmp_event); - if (state == NULL) { - return NULL; - } - state->cli = cli; - talloc_set_destructor(state, cli_tmp_event_destructor); - - cli->event_ctx = event_context_init(state); - if (cli->event_ctx == NULL) { - TALLOC_FREE(state); - return NULL; - } - - cli->fd_event = event_add_fd(cli->event_ctx, state, cli->fd, - EVENT_FD_READ, cli_state_handler, cli); - if (cli->fd_event == NULL) { - TALLOC_FREE(state); - return NULL; - } - return state; -} - -/* - * Attach an event context permanently to a cli_struct - */ - -NTSTATUS cli_add_event_ctx(struct cli_state *cli, - struct event_context *event_ctx) -{ - cli->event_ctx = event_ctx; - cli->fd_event = event_add_fd(event_ctx, cli, cli->fd, EVENT_FD_READ, - cli_state_handler, cli); - if (cli->fd_event == NULL) { - return NT_STATUS_NO_MEMORY; - } - return NT_STATUS_OK; -} diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c index d5157877bf..dfb0ce8c11 100644 --- a/source3/libsmb/clifile.c +++ b/source3/libsmb/clifile.c @@ -823,7 +823,8 @@ static uint8_t *smb_bytes_push_str(uint8_t *buf, bool ucs2, const char *str) WARNING: if you open with O_WRONLY then getattrE won't work! ****************************************************************************/ -struct async_req *cli_open_send(TALLOC_CTX *mem_ctx, struct cli_state *cli, +struct async_req *cli_open_send(TALLOC_CTX *mem_ctx, struct event_context *ev, + struct cli_state *cli, const char *fname, int flags, int share_mode) { unsigned openfn = 0; @@ -893,7 +894,7 @@ struct async_req *cli_open_send(TALLOC_CTX *mem_ctx, struct cli_state *cli, return NULL; } - result = cli_request_send(mem_ctx, cli, SMBopenX, additional_flags, + result = cli_request_send(mem_ctx, ev, cli, SMBopenX, additional_flags, 15, vwv, talloc_get_size(bytes), bytes); TALLOC_FREE(bytes); return result; @@ -923,20 +924,30 @@ int cli_open(struct cli_state *cli, const char *fname, int flags, int share_mode) { TALLOC_CTX *frame = talloc_stackframe(); + struct event_context *ev; struct async_req *req; int result = -1; - if (cli_tmp_event_ctx(frame, cli) == NULL) { + if (cli->fd_event != NULL) { + /* + * Can't use sync call while an async call is in flight + */ + cli_set_error(cli, NT_STATUS_INVALID_PARAMETER); goto fail; } - req = cli_open_send(frame, cli, fname, flags, share_mode); + ev = event_context_init(frame); + if (ev == NULL) { + goto fail; + } + + req = cli_open_send(frame, ev, cli, fname, flags, share_mode); if (req == NULL) { goto fail; } while (req->state < ASYNC_REQ_DONE) { - event_loop_once(cli->event_ctx); + event_loop_once(ev); } cli_open_recv(req, &result); @@ -949,15 +960,16 @@ int cli_open(struct cli_state *cli, const char *fname, int flags, Close a file. ****************************************************************************/ -struct async_req *cli_close_send(TALLOC_CTX *mem_ctx, struct cli_state *cli, - int fnum) +struct async_req *cli_close_send(TALLOC_CTX *mem_ctx, struct event_context *ev, + struct cli_state *cli, int fnum) { uint16_t vwv[3]; SSVAL(vwv+0, 0, fnum); SIVALS(vwv+1, 0, -1); - return cli_request_send(mem_ctx, cli, SMBclose, 0, 3, vwv, 0, NULL); + return cli_request_send(mem_ctx, ev, cli, SMBclose, 0, 3, vwv, + 0, NULL); } NTSTATUS cli_close_recv(struct async_req *req) @@ -975,20 +987,30 @@ NTSTATUS cli_close_recv(struct async_req *req) bool cli_close(struct cli_state *cli, int fnum) { TALLOC_CTX *frame = talloc_stackframe(); + struct event_context *ev; struct async_req *req; bool result = false; - if (cli_tmp_event_ctx(frame, cli) == NULL) { + if (cli->fd_event != NULL) { + /* + * Can't use sync call while an async call is in flight + */ + cli_set_error(cli, NT_STATUS_INVALID_PARAMETER); + goto fail; + } + + ev = event_context_init(frame); + if (ev == NULL) { goto fail; } - req = cli_close_send(frame, cli, fnum); + req = cli_close_send(frame, ev, cli, fnum); if (req == NULL) { goto fail; } while (req->state < ASYNC_REQ_DONE) { - event_loop_once(cli->event_ctx); + event_loop_once(ev); } result = NT_STATUS_IS_OK(cli_close_recv(req)); diff --git a/source3/libsmb/clireadwrite.c b/source3/libsmb/clireadwrite.c index 2b34fce5bd..d2c8f3c1ba 100644 --- a/source3/libsmb/clireadwrite.c +++ b/source3/libsmb/clireadwrite.c @@ -41,6 +41,7 @@ static size_t cli_read_max_bufsize(struct cli_state *cli) */ struct async_req *cli_read_andx_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, struct cli_state *cli, int fnum, off_t offset, size_t size) { @@ -76,7 +77,7 @@ struct async_req *cli_read_andx_send(TALLOC_CTX *mem_ctx, wct += 2; } - result = cli_request_send(mem_ctx, cli, SMBreadX, 0, wct, vwv, + result = cli_request_send(mem_ctx, ev, cli, SMBreadX, 0, wct, vwv, 0, NULL); if (result == NULL) { return NULL; @@ -144,6 +145,7 @@ NTSTATUS cli_read_andx_recv(struct async_req *req, ssize_t *received, struct cli_pull_state { struct async_req *req; + struct event_context *ev; struct cli_state *cli; uint16_t fnum; off_t start_offset; @@ -202,7 +204,9 @@ static void cli_pull_read_done(struct async_req *read_req); * Prepare an async pull request */ -struct async_req *cli_pull_send(TALLOC_CTX *mem_ctx, struct cli_state *cli, +struct async_req *cli_pull_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, + struct cli_state *cli, uint16_t fnum, off_t start_offset, SMB_OFF_T size, size_t window_size, NTSTATUS (*sink)(char *buf, size_t n, @@ -213,7 +217,7 @@ struct async_req *cli_pull_send(TALLOC_CTX *mem_ctx, struct cli_state *cli, struct cli_pull_state *state; int i; - result = async_req_new(mem_ctx, cli->event_ctx); + result = async_req_new(mem_ctx, ev); if (result == NULL) { goto failed; } @@ -226,6 +230,7 @@ struct async_req *cli_pull_send(TALLOC_CTX *mem_ctx, struct cli_state *cli, state->req = result; state->cli = cli; + state->ev = ev; state->fnum = fnum; state->start_offset = start_offset; state->size = size; @@ -268,7 +273,7 @@ struct async_req *cli_pull_send(TALLOC_CTX *mem_ctx, struct cli_state *cli, request_thistime = MIN(size_left, state->chunk_size); state->reqs[i] = cli_read_andx_send( - state->reqs, cli, fnum, + state->reqs, ev, cli, fnum, state->start_offset + state->requested, request_thistime); @@ -363,7 +368,8 @@ static void cli_pull_read_done(struct async_req *read_req) state->top_req)); new_req = cli_read_andx_send( - state->reqs, state->cli, state->fnum, + state->reqs, state->ev, state->cli, + state->fnum, state->start_offset + state->requested, request_thistime); @@ -403,21 +409,30 @@ NTSTATUS cli_pull(struct cli_state *cli, uint16_t fnum, void *priv, SMB_OFF_T *received) { TALLOC_CTX *frame = talloc_stackframe(); + struct event_context *ev; struct async_req *req; NTSTATUS result = NT_STATUS_NO_MEMORY; - if (cli_tmp_event_ctx(frame, cli) == NULL) { + if (cli->fd_event != NULL) { + /* + * Can't use sync call while an async call is in flight + */ + return NT_STATUS_INVALID_PARAMETER; + } + + ev = event_context_init(frame); + if (ev == NULL) { goto nomem; } - req = cli_pull_send(frame, cli, fnum, start_offset, size, window_size, - sink, priv); + req = cli_pull_send(frame, ev, cli, fnum, start_offset, size, + window_size, sink, priv); if (req == NULL) { goto nomem; } while (req->state < ASYNC_REQ_DONE) { - event_loop_once(cli->event_ctx); + event_loop_once(ev); } result = cli_pull_recv(req, received); -- cgit From 128524930d490fb5ea637d99bffb36157c80869b Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 25 Aug 2008 13:33:41 +0200 Subject: Add cli_pull_reply Along the lines of cli_request_send this abstracts away the smb-level buffer handling when parsing replies we got from the server. (This used to be commit 253134d3aaa359fdfb665709dd5686f69af7f8fd) --- source3/include/async_smb.h | 4 ++++ source3/libsmb/async_smb.c | 54 +++++++++++++++++++++++++++++++++++++++++++ source3/libsmb/clifile.c | 20 ++++++++++++---- source3/libsmb/clireadwrite.c | 17 ++++++++++---- 4 files changed, 85 insertions(+), 10 deletions(-) diff --git a/source3/include/async_smb.h b/source3/include/async_smb.h index 40a8d3476e..93d2273239 100644 --- a/source3/include/async_smb.h +++ b/source3/include/async_smb.h @@ -37,6 +37,10 @@ struct async_req *cli_request_send(TALLOC_CTX *mem_ctx, struct cli_request *cli_request_get(struct async_req *req); +NTSTATUS cli_pull_reply(struct async_req *req, + uint8_t *pwct, uint16_t **pvwv, + uint16_t *pnum_bytes, uint8_t **pbytes); + /* * Fetch an error out of a NBT packet */ diff --git a/source3/libsmb/async_smb.c b/source3/libsmb/async_smb.c index e58b753da2..32f0e8abd6 100644 --- a/source3/libsmb/async_smb.c +++ b/source3/libsmb/async_smb.c @@ -230,6 +230,60 @@ struct async_req *cli_request_send(TALLOC_CTX *mem_ctx, return result; } +/** + * @brief Pull reply data out of a request + * @param[in] req The request that we just received a reply for + * @param[out] pwct How many words did the server send? + * @param[out] pvwv The words themselves + * @param[out] pnum_bytes How many bytes did the server send? + * @param[out] pbytes The bytes themselves + * @retval Was the reply formally correct? + */ + +NTSTATUS cli_pull_reply(struct async_req *req, + uint8_t *pwct, uint16_t **pvwv, + uint16_t *pnum_bytes, uint8_t **pbytes) +{ + struct cli_request *cli_req = cli_request_get(req); + uint8_t wct, cmd; + uint16_t num_bytes; + size_t wct_ofs, bytes_offset; + NTSTATUS status; + + status = cli_pull_error(cli_req->inbuf); + + if (NT_STATUS_IS_ERR(status)) { + cli_set_error(cli_req->cli, status); + return status; + } + + cmd = CVAL(cli_req->inbuf, smb_com); + wct_ofs = smb_wct; + + wct = CVAL(cli_req->inbuf, wct_ofs); + + bytes_offset = wct_ofs + 1 + wct * sizeof(uint16_t); + num_bytes = SVAL(cli_req->inbuf, bytes_offset); + + /* + * wct_ofs is a 16-bit value plus 4, wct is a 8-bit value, num_bytes + * is a 16-bit value. So bytes_offset being size_t should be far from + * wrapping. + */ + + if ((bytes_offset + 2 > talloc_get_size(cli_req->inbuf)) + || (bytes_offset > 0xffff)) { + return NT_STATUS_INVALID_NETWORK_RESPONSE; + } + + *pwct = wct; + *pvwv = (uint16_t *)(cli_req->inbuf + wct_ofs + 1); + *pnum_bytes = num_bytes; + *pbytes = (uint8_t *)cli_req->inbuf + bytes_offset + 2; + + return NT_STATUS_OK; +} + /* * Convenience function to get the SMB part out of an async_req */ diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c index dfb0ce8c11..b3032a08eb 100644 --- a/source3/libsmb/clifile.c +++ b/source3/libsmb/clifile.c @@ -902,7 +902,10 @@ struct async_req *cli_open_send(TALLOC_CTX *mem_ctx, struct event_context *ev, NTSTATUS cli_open_recv(struct async_req *req, int *fnum) { - struct cli_request *cli_req = cli_request_get(req); + uint8_t wct; + uint16_t *vwv; + uint16_t num_bytes; + uint8_t *bytes; NTSTATUS status; SMB_ASSERT(req->state >= ASYNC_REQ_DONE); @@ -910,12 +913,16 @@ NTSTATUS cli_open_recv(struct async_req *req, int *fnum) return req->status; } - status = cli_pull_error(cli_req->inbuf); + status = cli_pull_reply(req, &wct, &vwv, &num_bytes, &bytes); if (!NT_STATUS_IS_OK(status)) { return status; } - *fnum = SVAL(cli_req->inbuf, smb_vwv2); + if (wct < 3) { + return NT_STATUS_INVALID_NETWORK_RESPONSE; + } + + *fnum = SVAL(vwv+2, 0); return NT_STATUS_OK; } @@ -974,14 +981,17 @@ struct async_req *cli_close_send(TALLOC_CTX *mem_ctx, struct event_context *ev, NTSTATUS cli_close_recv(struct async_req *req) { - struct cli_request *cli_req = cli_request_get(req); + uint8_t wct; + uint16_t *vwv; + uint16_t num_bytes; + uint8_t *bytes; SMB_ASSERT(req->state >= ASYNC_REQ_DONE); if (req->state == ASYNC_REQ_ERROR) { return req->status; } - return cli_pull_error(cli_req->inbuf); + return cli_pull_reply(req, &wct, &vwv, &num_bytes, &bytes); } bool cli_close(struct cli_state *cli, int fnum) diff --git a/source3/libsmb/clireadwrite.c b/source3/libsmb/clireadwrite.c index d2c8f3c1ba..b64a4c68f3 100644 --- a/source3/libsmb/clireadwrite.c +++ b/source3/libsmb/clireadwrite.c @@ -104,6 +104,10 @@ NTSTATUS cli_read_andx_recv(struct async_req *req, ssize_t *received, uint8_t **rcvbuf) { struct cli_request *cli_req = cli_request_get(req); + uint8_t wct; + uint16_t *vwv; + uint16_t num_bytes; + uint8_t *bytes; NTSTATUS status; size_t size; @@ -112,24 +116,27 @@ NTSTATUS cli_read_andx_recv(struct async_req *req, ssize_t *received, return req->status; } - status = cli_pull_error(cli_req->inbuf); + status = cli_pull_reply(req, &wct, &vwv, &num_bytes, &bytes); if (NT_STATUS_IS_ERR(status)) { return status; } + if (wct < 12) { + return NT_STATUS_INVALID_NETWORK_RESPONSE; + } + /* size is the number of bytes the server returned. * Might be zero. */ - size = SVAL(cli_req->inbuf, smb_vwv5); - size |= (((unsigned int)(SVAL(cli_req->inbuf, smb_vwv7))) << 16); + size = SVAL(vwv + 5, 0); + size |= (((unsigned int)SVAL(vwv + 7, 0)) << 16); if (size > cli_req->data.read.size) { DEBUG(5,("server returned more than we wanted!\n")); return NT_STATUS_UNEXPECTED_IO_ERROR; } - *rcvbuf = (uint8_t *) - (smb_base(cli_req->inbuf) + SVAL(cli_req->inbuf, smb_vwv6)); + *rcvbuf = (uint8_t *)(smb_base(cli_req->inbuf) + SVAL(vwv + 6, 0)); *received = size; return NT_STATUS_OK; } -- cgit From 77d1b29e25512982a1f912adac46bb954ee3d19f Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 25 Aug 2008 14:40:15 +0200 Subject: Move "struct cli_request" from client.h to async_smb.h Also add some comments (This used to be commit 2ecc311f785317caf5b60051147dcd085c80d64f) --- source3/include/async_smb.h | 63 +++++++++++++++++++++++++++++++++++++++++++++ source3/include/client.h | 27 +++---------------- source3/libsmb/async_smb.c | 38 ++++++++++++++++++++++----- 3 files changed, 98 insertions(+), 30 deletions(-) diff --git a/source3/include/async_smb.h b/source3/include/async_smb.h index 93d2273239..031ab233dd 100644 --- a/source3/include/async_smb.h +++ b/source3/include/async_smb.h @@ -17,8 +17,69 @@ along with this program. If not, see . */ +#ifndef __ASYNC_SMB_H__ +#define __ASYNC_SMB_H__ + #include "includes.h" +struct cli_request { + /** + * "prev" and "next" form the doubly linked list in + * cli_state->outstanding_requests + */ + struct cli_request *prev, *next; + + /** + * "our" struct async_req; + */ + struct async_req *async; + + /** + * The client connection for this request + */ + struct cli_state *cli; + + /** + * The enc_state to decrypt the reply + */ + struct smb_trans_enc_state *enc_state; + + /** + * The mid we used for this request. Mainly used to demultiplex on + * receiving replies. + */ + uint16_t mid; + + /** + * The bytes we have to ship to the server + */ + char *outbuf; + + /** + * How much from "outbuf" did we already send + */ + size_t sent; + + /** + * The reply comes in here. Its intended size is implicit by + * smb_len(), its current size can be read via talloc_get_size() + */ + char *inbuf; + + /** + * Specific requests might add stuff here. Maybe convert this to a + * private_pointer at some point. + */ + union { + struct { + off_t ofs; + size_t size; + ssize_t received; + uint8_t *rcvbuf; + } read; + } data; +}; + /* * Ship a new smb request to the server */ @@ -52,3 +113,5 @@ NTSTATUS cli_pull_error(char *buf); */ void cli_set_error(struct cli_state *cli, NTSTATUS status); + +#endif diff --git a/source3/include/client.h b/source3/include/client.h index be12288f28..6a6e1a2faa 100644 --- a/source3/include/client.h +++ b/source3/include/client.h @@ -216,33 +216,12 @@ struct cli_state { struct fd_event *fd_event; char *evt_inbuf; + /** + * A linked list of requests that are waiting for a reply + */ struct cli_request *outstanding_requests; }; -struct cli_request { - struct cli_request *prev, *next; - struct async_req *async; - - struct cli_state *cli; - - struct smb_trans_enc_state *enc_state; - - uint16_t mid; - - char *outbuf; - size_t sent; - char *inbuf; - - union { - struct { - off_t ofs; - size_t size; - ssize_t received; - uint8_t *rcvbuf; - } read; - } data; -}; - typedef struct file_info { struct cli_state *cli; SMB_BIG_UINT size; diff --git a/source3/libsmb/async_smb.c b/source3/libsmb/async_smb.c index 32f0e8abd6..e36e514a16 100644 --- a/source3/libsmb/async_smb.c +++ b/source3/libsmb/async_smb.c @@ -22,8 +22,10 @@ static void cli_state_handler(struct event_context *event_ctx, struct fd_event *event, uint16 flags, void *p); -/* +/** * Fetch an error out of a NBT packet + * @param[in] buf The SMB packet + * @retval The error, converted to NTSTATUS */ NTSTATUS cli_pull_error(char *buf) @@ -43,8 +45,10 @@ NTSTATUS cli_pull_error(char *buf) return NT_STATUS_DOS(CVAL(buf, smb_rcls), SVAL(buf,smb_err)); } -/* +/** * Compatibility helper for the sync APIs: Fake NTSTATUS in cli->inbuf + * @param[in] cli The client connection that just received an error + * @param[in] status The error to set on "cli" */ void cli_set_error(struct cli_state *cli, NTSTATUS status) @@ -64,8 +68,10 @@ void cli_set_error(struct cli_state *cli, NTSTATUS status) return; } -/* +/** * Allocate a new mid + * @param[in] cli The client connection + * @retval The new, unused mid */ static uint16_t cli_new_mid(struct cli_state *cli) @@ -91,6 +97,13 @@ static uint16_t cli_new_mid(struct cli_state *cli) } } +/** + * Print an async req that happens to be a cli_request + * @param[in] mem_ctx The TALLOC_CTX to put the result on + * @param[in] req The request to print + * @retval The string representation of "req" + */ + static char *cli_request_print(TALLOC_CTX *mem_ctx, struct async_req *req) { char *result = async_req_print(mem_ctx, req); @@ -104,6 +117,12 @@ static char *cli_request_print(TALLOC_CTX *mem_ctx, struct async_req *req) result, "mid=%d\n", cli_req->mid); } +/** + * Destroy a cli_request + * @param[in] req The cli_request to kill + * @retval Can't fail + */ + static int cli_request_destructor(struct cli_request *req) { if (req->enc_state != NULL) { @@ -284,8 +303,10 @@ NTSTATUS cli_pull_reply(struct async_req *req, return NT_STATUS_OK; } -/* +/** * Convenience function to get the SMB part out of an async_req + * @param[in] req The request to look at + * @retval The private_data as struct cli_request */ struct cli_request *cli_request_get(struct async_req *req) @@ -296,8 +317,9 @@ struct cli_request *cli_request_get(struct async_req *req) return talloc_get_type_abort(req->private_data, struct cli_request); } -/* +/** * A PDU has arrived on cli->evt_inbuf + * @param[in] cli The cli_state that received something */ static void handle_incoming_pdu(struct cli_state *cli) @@ -434,8 +456,12 @@ static void handle_incoming_pdu(struct cli_state *cli) return; } -/* +/** * fd event callback. This is the basic connection to the socket + * @param[in] event_ctx The event context that called us + * @param[in] event The event that fired + * @param[in] flags EVENT_FD_READ | EVENT_FD_WRITE + * @param[in] p private_data, in this case the cli_state */ static void cli_state_handler(struct event_context *event_ctx, -- cgit From 65dcdf9c32e8ac43344b23db528206c02fcb967c Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 25 Aug 2008 15:56:26 +0200 Subject: This adds the code to allow chained requests in libsmb/ This is not compiled yet, but it makes the patches much easier to read if it is add in bulk. (This used to be commit b4c539ba041bab8856c83816f08a35b5f5b21740) --- source3/libsmb/async_smb.c | 534 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 534 insertions(+) diff --git a/source3/libsmb/async_smb.c b/source3/libsmb/async_smb.c index e36e514a16..e764147432 100644 --- a/source3/libsmb/async_smb.c +++ b/source3/libsmb/async_smb.c @@ -135,6 +135,540 @@ static int cli_request_destructor(struct cli_request *req) return 0; } +#if 0 + +/** + * Is the SMB command able to hold an AND_X successor + * @param[in] cmd The SMB command in question + * @retval Can we add a chained request after "cmd"? + */ + +static bool is_andx_req(uint8_t cmd) +{ + switch (cmd) { + case SMBtconX: + case SMBlockingX: + case SMBopenX: + case SMBreadX: + case SMBwriteX: + case SMBsesssetupX: + case SMBulogoffX: + case SMBntcreateX: + return true; + break; + default: + break; + } + + return false; +} + +/** + * @brief Find the smb_cmd offset of the last command pushed + * @param[in] buf The buffer we're building up + * @retval Where can we put our next andx cmd? + * + * While chaining requests, the "next" request we're looking at needs to put + * its SMB_Command before the data the previous request already built up added + * to the chain. Find the offset to the place where we have to put our cmd. + */ + +static bool find_andx_cmd_ofs(char *buf, size_t *pofs) +{ + uint8_t cmd; + size_t ofs; + + cmd = CVAL(buf, smb_com); + + SMB_ASSERT(is_andx_req(cmd)); + + ofs = smb_vwv0; + + while (CVAL(buf, ofs) != 0xff) { + + if (!is_andx_req(CVAL(buf, ofs))) { + return false; + } + + /* + * ofs is from start of smb header, so add the 4 length + * bytes. The next cmd is right after the wct field. + */ + ofs = SVAL(buf, ofs+2) + 4 + 1; + + SMB_ASSERT(ofs+4 < talloc_get_size(buf)); + } + + *pofs = ofs; + return true; +} + +/** + * @brief Destroy an async_req that is the visible part of a cli_request + * @param[in] req The request to kill + * @retval Return 0 to make talloc happy + * + * This destructor is a bit tricky: Because a cli_request can host more than + * one async_req for chained requests, we need to make sure that the + * "cli_request" that we were part of is correctly destroyed at the right + * time. This is done by NULLing out ourself from the "async" member of our + * "cli_request". If there is none left, then also TALLOC_FREE() the + * cli_request, which was a talloc child of the client connection cli_state. + */ + +static int cli_async_req_destructor(struct async_req *req) +{ + struct cli_request *cli_req = cli_request_get(req); + int i, pending; + bool found = false; + + pending = 0; + + for (i=0; inum_async; i++) { + if (cli_req->async[i] == req) { + cli_req->async[i] = NULL; + found = true; + } + if (cli_req->async[i] != NULL) { + pending += 1; + } + } + + SMB_ASSERT(found); + + if (pending == 0) { + TALLOC_FREE(cli_req); + } + + return 0; +} + +/** + * @brief Chain up a request + * @param[in] mem_ctx The TALLOC_CTX for the result + * @param[in] ev The event context that will call us back + * @param[in] cli The cli_state we queue the request up for + * @param[in] smb_command The command that we want to issue + * @param[in] additional_flags open_and_x wants to add oplock header flags + * @param[in] wct How many words? + * @param[in] vwv The words, already in network order + * @param[in] num_bytes How many bytes? + * @param[in] bytes The data the request ships + * + * cli_request_chain() is the core of the SMB request marshalling routine. It + * will create a new async_req structure in the cli->chain_accumulator->async + * array and marshall the smb_cmd, the vwv array and the bytes into + * cli->chain_accumulator->outbuf. + */ + +static struct async_req *cli_request_chain(TALLOC_CTX *mem_ctx, + struct event_context *ev, + struct cli_state *cli, + uint8_t smb_command, + uint8_t additional_flags, + uint8_t wct, const uint16_t *vwv, + uint16_t num_bytes, + const uint8_t *bytes) +{ + struct async_req **tmp_reqs; + char *tmp_buf; + struct cli_request *req; + size_t old_size, new_size; + size_t ofs; + + req = cli->chain_accumulator; + + tmp_reqs = TALLOC_REALLOC_ARRAY(req, req->async, struct async_req *, + req->num_async + 1); + if (tmp_reqs == NULL) { + DEBUG(0, ("talloc failed\n")); + return NULL; + } + req->async = tmp_reqs; + req->num_async += 1; + + req->async[req->num_async-1] = async_req_new(mem_ctx, ev); + if (req->async[req->num_async-1] == NULL) { + DEBUG(0, ("async_req_new failed\n")); + req->num_async -= 1; + return NULL; + } + req->async[req->num_async-1]->private_data = req; + req->async[req->num_async-1]->print = cli_request_print; + talloc_set_destructor(req->async[req->num_async-1], + cli_async_req_destructor); + + old_size = talloc_get_size(req->outbuf); + + /* + * We need space for the wct field, the words, the byte count field + * and the bytes themselves. + */ + new_size = old_size + 1 + wct * sizeof(uint16_t) + 2 + num_bytes; + + if (new_size > 0xffff) { + DEBUG(1, ("cli_request_chain: %u bytes won't fit\n", + (unsigned)new_size)); + goto fail; + } + + tmp_buf = TALLOC_REALLOC_ARRAY(NULL, req->outbuf, char, new_size); + if (tmp_buf == NULL) { + DEBUG(0, ("talloc failed\n")); + goto fail; + } + req->outbuf = tmp_buf; + + if (old_size == smb_wct) { + SCVAL(req->outbuf, smb_com, smb_command); + } else { + size_t andx_cmd_ofs; + if (!find_andx_cmd_ofs(req->outbuf, &andx_cmd_ofs)) { + DEBUG(1, ("invalid command chain\n")); + goto fail; + } + SCVAL(req->outbuf, andx_cmd_ofs, smb_command); + SSVAL(req->outbuf, andx_cmd_ofs + 2, old_size - 4); + } + + ofs = old_size; + + SCVAL(req->outbuf, ofs, wct); + ofs += 1; + + memcpy(req->outbuf + ofs, vwv, sizeof(uint16_t) * wct); + ofs += sizeof(uint16_t) * wct; + + SSVAL(req->outbuf, ofs, num_bytes); + ofs += sizeof(uint16_t); + + memcpy(req->outbuf + ofs, bytes, num_bytes); + + return req->async[req->num_async-1]; + + fail: + TALLOC_FREE(req->async[req->num_async-1]); + req->num_async -= 1; + return NULL; +} + +/** + * @brief prepare a cli_state to accept a chain of requests + * @param[in] cli The cli_state we want to queue up in + * @param[in] ev The event_context that will call us back for the socket + * @param[in] size_hint How many bytes are expected, just an optimization + * @retval Did we have enough memory? + * + * cli_chain_cork() sets up a new cli_request in cli->chain_accumulator. If + * cli is used in an async fashion, i.e. if we have outstanding requests, then + * we do not have to create a fd event. If cli is used only with the sync + * helpers, we need to create the fd_event here. + * + * If you want to issue a chained request to the server, do a + * cli_chain_cork(), then do you cli_open_send(), cli_read_and_x_send(), + * cli_close_send() and so on. The async requests that come out of + * cli_xxx_send() are normal async requests with the difference that they + * won't be shipped individually. But the event_context will still trigger the + * req->async.fn to be called on every single request. + * + * You have to take care yourself that you only issue chainable requests in + * the middle of the chain. + */ + +bool cli_chain_cork(struct cli_state *cli, struct event_context *ev, + size_t size_hint) +{ + struct cli_request *req = NULL; + + SMB_ASSERT(cli->chain_accumulator == NULL); + + if (cli->fd_event == NULL) { + SMB_ASSERT(cli->outstanding_requests == NULL); + cli->fd_event = event_add_fd(ev, cli, cli->fd, + EVENT_FD_READ, + cli_state_handler, cli); + if (cli->fd_event == NULL) { + return false; + } + } + + req = talloc(cli, struct cli_request); + if (req == NULL) { + goto fail; + } + req->cli = cli; + + if (size_hint == 0) { + size_hint = 100; + } + req->outbuf = talloc_array(req, char, smb_wct + size_hint); + if (req->outbuf == NULL) { + goto fail; + } + req->outbuf = TALLOC_REALLOC_ARRAY(NULL, req->outbuf, char, smb_wct); + + req->num_async = 0; + req->async = NULL; + + req->enc_state = NULL; + + SSVAL(req->outbuf, smb_tid, cli->cnum); + cli_setup_packet_buf(cli, req->outbuf); + + req->mid = cli_new_mid(cli); + SSVAL(req->outbuf, smb_mid, req->mid); + + cli->chain_accumulator = req; + + DEBUG(10, ("cli_chain_cork: mid=%d\n", req->mid)); + + return true; + fail: + TALLOC_FREE(req); + if (cli->outstanding_requests == NULL) { + TALLOC_FREE(cli->fd_event); + } + return false; +} + +/** + * Ship a request queued up via cli_request_chain() + * @param[in] cl The connection + */ + +void cli_chain_uncork(struct cli_state *cli) +{ + struct cli_request *req = cli->chain_accumulator; + + SMB_ASSERT(req != NULL); + + DLIST_ADD_END(cli->outstanding_requests, req, struct cli_request *); + talloc_set_destructor(req, cli_request_destructor); + + cli->chain_accumulator = NULL; + + smb_setlen(req->outbuf, talloc_get_size(req->outbuf) - 4); + + cli_calculate_sign_mac(cli, req->outbuf); + + if (cli_encryption_on(cli)) { + NTSTATUS status; + char *enc_buf; + + status = cli_encrypt_message(cli, req->outbuf, &enc_buf); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("Error in encrypting client message. " + "Error %s\n", nt_errstr(status))); + TALLOC_FREE(req); + return; + } + req->outbuf = enc_buf; + req->enc_state = cli->trans_enc_state; + } + + req->sent = 0; + + event_fd_set_writeable(cli->fd_event); +} + +/** + * @brief Send a request to the server + * @param[in] mem_ctx The TALLOC_CTX for the result + * @param[in] ev The event context that will call us back + * @param[in] cli The cli_state we queue the request up for + * @param[in] smb_command The command that we want to issue + * @param[in] additional_flags open_and_x wants to add oplock header flags + * @param[in] wct How many words? + * @param[in] vwv The words, already in network order + * @param[in] num_bytes How many bytes? + * @param[in] bytes The data the request ships + * + * This is the generic routine to be used by the cli_xxx_send routines. + */ + +struct async_req *cli_request_send(TALLOC_CTX *mem_ctx, + struct event_context *ev, + struct cli_state *cli, + uint8_t smb_command, + uint8_t additional_flags, + uint8_t wct, const uint16_t *vwv, + uint16_t num_bytes, const uint8_t *bytes) +{ + struct async_req *result; + bool uncork = false; + + if (cli->chain_accumulator == NULL) { + if (!cli_chain_cork(cli, ev, + wct * sizeof(uint16_t) + num_bytes + 3)) { + DEBUG(1, ("cli_chain_cork failed\n")); + return NULL; + } + uncork = true; + } + + result = cli_request_chain(mem_ctx, ev, cli, smb_command, + additional_flags, wct, vwv, + num_bytes, bytes); + + if (result == NULL) { + DEBUG(1, ("cli_request_chain failed\n")); + } + + if (uncork) { + cli_chain_uncork(cli); + } + + return result; +} + +/** + * Figure out if there is an andx command behind the current one + * @param[in] buf The smb buffer to look at + * @param[in] ofs The offset to the wct field that is followed by the cmd + * @retval Is there a command following? + */ + +static bool have_andx_command(const char *buf, uint16_t ofs) +{ + uint8_t wct; + size_t buflen = talloc_get_size(buf); + + if ((ofs == buflen-1) || (ofs == buflen)) { + return false; + } + + wct = CVAL(buf, ofs); + if (wct < 2) { + /* + * Not enough space for the command and a following pointer + */ + return false; + } + return (CVAL(buf, ofs+1) != 0xff); +} + +/** + * @brief Pull reply data out of a request + * @param[in] req The request that we just received a reply for + * @param[out] pwct How many words did the server send? + * @param[out] pvwv The words themselves + * @param[out] pnum_bytes How many bytes did the server send? + * @param[out] pbytes The bytes themselves + * @retval Was the reply formally correct? + */ + +NTSTATUS cli_pull_reply(struct async_req *req, + uint8_t *pwct, uint16_t **pvwv, + uint16_t *pnum_bytes, uint8_t **pbytes) +{ + struct cli_request *cli_req = cli_request_get(req); + uint8_t wct, cmd; + uint16_t num_bytes; + size_t wct_ofs, bytes_offset; + int i, j; + NTSTATUS status; + + for (i = 0; i < cli_req->num_async; i++) { + if (req == cli_req->async[i]) { + break; + } + } + + if (i == cli_req->num_async) { + cli_set_error(cli_req->cli, NT_STATUS_INVALID_PARAMETER); + return NT_STATUS_INVALID_PARAMETER; + } + + /** + * The status we pull here is only relevant for the last reply in the + * chain. + */ + + status = cli_pull_error(cli_req->inbuf); + + if (i == 0) { + if (NT_STATUS_IS_ERR(status) + && !have_andx_command(cli_req->inbuf, smb_wct)) { + cli_set_error(cli_req->cli, status); + return status; + } + wct_ofs = smb_wct; + goto done; + } + + cmd = CVAL(cli_req->inbuf, smb_com); + wct_ofs = smb_wct; + + for (j = 0; j < i; j++) { + if (j < i-1) { + if (cmd == 0xff) { + return NT_STATUS_REQUEST_ABORTED; + } + if (!is_andx_req(cmd)) { + return NT_STATUS_INVALID_NETWORK_RESPONSE; + } + } + + if (!have_andx_command(cli_req->inbuf, wct_ofs)) { + /* + * This request was not completed because a previous + * request in the chain had received an error. + */ + return NT_STATUS_REQUEST_ABORTED; + } + + wct_ofs = SVAL(cli_req->inbuf, wct_ofs + 3); + + /* + * Skip the all-present length field. No overflow, we've just + * put a 16-bit value into a size_t. + */ + wct_ofs += 4; + + if (wct_ofs+2 > talloc_get_size(cli_req->inbuf)) { + return NT_STATUS_INVALID_NETWORK_RESPONSE; + } + + cmd = CVAL(cli_req->inbuf, wct_ofs + 1); + } + + if (!have_andx_command(cli_req->inbuf, wct_ofs) + && NT_STATUS_IS_ERR(status)) { + /* + * The last command takes the error code. All further commands + * down the requested chain will get a + * NT_STATUS_REQUEST_ABORTED. + */ + return status; + } + + done: + wct = CVAL(cli_req->inbuf, wct_ofs); + + bytes_offset = wct_ofs + 1 + wct * sizeof(uint16_t); + num_bytes = SVAL(cli_req->inbuf, bytes_offset); + + /* + * wct_ofs is a 16-bit value plus 4, wct is a 8-bit value, num_bytes + * is a 16-bit value. So bytes_offset being size_t should be far from + * wrapping. + */ + + if ((bytes_offset + 2 > talloc_get_size(cli_req->inbuf)) + || (bytes_offset > 0xffff)) { + return NT_STATUS_INVALID_NETWORK_RESPONSE; + } + + *pwct = wct; + *pvwv = (uint16_t *)(cli_req->inbuf + wct_ofs + 1); + *pnum_bytes = num_bytes; + *pbytes = (uint8_t *)cli_req->inbuf + bytes_offset + 2; + + return NT_STATUS_OK; +} + +#endif + /* * Create a fresh async smb request */ -- cgit From b054f14111337c826548d7728dc2b0a66ab5beae Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 25 Aug 2008 15:59:36 +0200 Subject: Activate code to enable chained requests Add the CHAIN1 torture test (This used to be commit 82992d74a99b056bbfe90e1b79190e0b7c0bf2bd) --- source3/include/async_smb.h | 21 ++++- source3/include/client.h | 8 +- source3/libsmb/async_smb.c | 203 ++++++-------------------------------------- source3/torture/torture.c | 80 +++++++++++++++++ 4 files changed, 133 insertions(+), 179 deletions(-) diff --git a/source3/include/async_smb.h b/source3/include/async_smb.h index 031ab233dd..1053de2942 100644 --- a/source3/include/async_smb.h +++ b/source3/include/async_smb.h @@ -22,6 +22,13 @@ #include "includes.h" +/** + * struct cli_request is the state holder for an async client request we sent + * to the server. It can consist of more than one struct async_req that we + * have to server if the application did a cli_chain_cork() and + * cli_chain_uncork() + */ + struct cli_request { /** * "prev" and "next" form the doubly linked list in @@ -30,9 +37,15 @@ struct cli_request { struct cli_request *prev, *next; /** - * "our" struct async_req; + * num_async: How many chained requests do we serve? + */ + int num_async; + + /** + * async: This is the list of chained requests that were queued up by + * cli_request_chain before we sent out this request */ - struct async_req *async; + struct async_req **async; /** * The client connection for this request @@ -92,6 +105,10 @@ struct async_req *cli_request_send(TALLOC_CTX *mem_ctx, uint8_t wct, const uint16_t *vwv, uint16_t num_bytes, const uint8_t *bytes); +bool cli_chain_cork(struct cli_state *cli, struct event_context *ev, + size_t size_hint); +void cli_chain_uncork(struct cli_state *cli); + /* * Convenience function to get the SMB part out of an async_req */ diff --git a/source3/include/client.h b/source3/include/client.h index 6a6e1a2faa..9b564fc48e 100644 --- a/source3/include/client.h +++ b/source3/include/client.h @@ -208,7 +208,8 @@ struct cli_state { * fd_event is around while we have async requests outstanding or are * building a chained request. * - * (fd_event!=NULL) && (outstanding_request!=NULL) + * (fd_event!=NULL) && + * ((outstanding_request!=NULL)||(chain_accumulator!=NULL)) * * should always be true, as well as the reverse: If both cli_request * pointers are NULL, no fd_event is around. @@ -220,6 +221,11 @@ struct cli_state { * A linked list of requests that are waiting for a reply */ struct cli_request *outstanding_requests; + + /** + * The place to build up the list of chained requests. + */ + struct cli_request *chain_accumulator; }; typedef struct file_info { diff --git a/source3/libsmb/async_smb.c b/source3/libsmb/async_smb.c index e764147432..4d6c32edfa 100644 --- a/source3/libsmb/async_smb.c +++ b/source3/libsmb/async_smb.c @@ -135,8 +135,6 @@ static int cli_request_destructor(struct cli_request *req) return 0; } -#if 0 - /** * Is the SMB command able to hold an AND_X successor * @param[in] cmd The SMB command in question @@ -667,176 +665,6 @@ NTSTATUS cli_pull_reply(struct async_req *req, return NT_STATUS_OK; } -#endif - -/* - * Create a fresh async smb request - */ - -static struct async_req *cli_request_new(TALLOC_CTX *mem_ctx, - struct event_context *ev, - struct cli_state *cli, - uint8_t num_words, size_t num_bytes, - struct cli_request **preq) -{ - struct async_req *result; - struct cli_request *cli_req; - size_t bufsize = smb_size + num_words * 2 + num_bytes; - - result = async_req_new(mem_ctx, ev); - if (result == NULL) { - return NULL; - } - - cli_req = (struct cli_request *)talloc_size( - result, sizeof(*cli_req) + bufsize); - if (cli_req == NULL) { - TALLOC_FREE(result); - return NULL; - } - talloc_set_name_const(cli_req, "struct cli_request"); - result->private_data = cli_req; - result->print = cli_request_print; - - cli_req->async = result; - cli_req->cli = cli; - cli_req->outbuf = ((char *)cli_req + sizeof(*cli_req)); - cli_req->sent = 0; - cli_req->mid = cli_new_mid(cli); - cli_req->inbuf = NULL; - cli_req->enc_state = NULL; - - SCVAL(cli_req->outbuf, smb_wct, num_words); - SSVAL(cli_req->outbuf, smb_vwv + num_words * 2, num_bytes); - - DLIST_ADD_END(cli->outstanding_requests, cli_req, - struct cli_request *); - talloc_set_destructor(cli_req, cli_request_destructor); - - DEBUG(10, ("cli_request_new: mid=%d\n", cli_req->mid)); - - *preq = cli_req; - return result; -} - -/* - * Ship a new smb request to the server - */ -struct async_req *cli_request_send(TALLOC_CTX *mem_ctx, - struct event_context *ev, - struct cli_state *cli, - uint8_t smb_command, - uint8_t additional_flags, - uint8_t wct, const uint16_t *vwv, - uint16_t num_bytes, const uint8_t *bytes) -{ - struct async_req *result; - struct cli_request *req; - - if (cli->fd_event == NULL) { - SMB_ASSERT(cli->outstanding_requests == NULL); - cli->fd_event = event_add_fd(ev, cli, cli->fd, - EVENT_FD_READ, - cli_state_handler, cli); - if (cli->fd_event == NULL) { - return NULL; - } - } - - result = cli_request_new(mem_ctx, ev, cli, wct, num_bytes, &req); - if (result == NULL) { - DEBUG(0, ("cli_request_new failed\n")); - TALLOC_FREE(cli->fd_event); - return NULL; - } - - cli_set_message(req->outbuf, wct, num_bytes, false); - SCVAL(req->outbuf, smb_com, smb_command); - SSVAL(req->outbuf, smb_tid, cli->cnum); - cli_setup_packet_buf(cli, req->outbuf); - - memcpy(req->outbuf + smb_vwv0, vwv, sizeof(uint16_t) * wct); - memcpy(smb_buf(req->outbuf), bytes, num_bytes); - SSVAL(req->outbuf, smb_mid, req->mid); - SCVAL(cli->outbuf, smb_flg, - CVAL(cli->outbuf,smb_flg) | additional_flags); - - cli_calculate_sign_mac(cli, req->outbuf); - - if (cli_encryption_on(cli)) { - NTSTATUS status; - char *enc_buf; - - status = cli_encrypt_message(cli, req->outbuf, &enc_buf); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(0, ("Error in encrypting client message. " - "Error %s\n", nt_errstr(status))); - TALLOC_FREE(req); - return NULL; - } - req->outbuf = enc_buf; - req->enc_state = cli->trans_enc_state; - } - - event_fd_set_writeable(cli->fd_event); - - return result; -} - -/** - * @brief Pull reply data out of a request - * @param[in] req The request that we just received a reply for - * @param[out] pwct How many words did the server send? - * @param[out] pvwv The words themselves - * @param[out] pnum_bytes How many bytes did the server send? - * @param[out] pbytes The bytes themselves - * @retval Was the reply formally correct? - */ - -NTSTATUS cli_pull_reply(struct async_req *req, - uint8_t *pwct, uint16_t **pvwv, - uint16_t *pnum_bytes, uint8_t **pbytes) -{ - struct cli_request *cli_req = cli_request_get(req); - uint8_t wct, cmd; - uint16_t num_bytes; - size_t wct_ofs, bytes_offset; - NTSTATUS status; - - status = cli_pull_error(cli_req->inbuf); - - if (NT_STATUS_IS_ERR(status)) { - cli_set_error(cli_req->cli, status); - return status; - } - - cmd = CVAL(cli_req->inbuf, smb_com); - wct_ofs = smb_wct; - - wct = CVAL(cli_req->inbuf, wct_ofs); - - bytes_offset = wct_ofs + 1 + wct * sizeof(uint16_t); - num_bytes = SVAL(cli_req->inbuf, bytes_offset); - - /* - * wct_ofs is a 16-bit value plus 4, wct is a 8-bit value, num_bytes - * is a 16-bit value. So bytes_offset being size_t should be far from - * wrapping. - */ - - if ((bytes_offset + 2 > talloc_get_size(cli_req->inbuf)) - || (bytes_offset > 0xffff)) { - return NT_STATUS_INVALID_NETWORK_RESPONSE; - } - - *pwct = wct; - *pvwv = (uint16_t *)(cli_req->inbuf + wct_ofs + 1); - *pnum_bytes = num_bytes; - *pbytes = (uint8_t *)cli_req->inbuf + bytes_offset + 2; - - return NT_STATUS_OK; -} - /** * Convenience function to get the SMB part out of an async_req * @param[in] req The request to look at @@ -862,8 +690,11 @@ static void handle_incoming_pdu(struct cli_state *cli) uint16_t mid; size_t raw_pdu_len, buf_len, pdu_len, rest_len; char *pdu; + int i; NTSTATUS status; + int num_async; + /* * The encrypted PDU len might differ from the unencrypted one */ @@ -976,7 +807,24 @@ static void handle_incoming_pdu(struct cli_state *cli) req->inbuf = talloc_move(req, &pdu); - async_req_done(req->async); + /* + * Freeing the last async_req will free the req (see + * cli_async_req_destructor). So make a copy of req->num_async, we + * can't reference it in the last round. + */ + + num_async = req->num_async; + + for (i=0; iasync via its + * destructor cli_async_req_destructor(). + */ + if (req->async[i] != NULL) { + async_req_done(req->async[i]); + } + } return; invalidate_requests: @@ -985,7 +833,7 @@ static void handle_incoming_pdu(struct cli_state *cli) nt_errstr(status))); for (req = cli->outstanding_requests; req; req = req->next) { - async_req_error(req->async, status); + async_req_error(req->async[0], status); } return; } @@ -1101,8 +949,11 @@ static void cli_state_handler(struct event_context *event_ctx, sock_error: for (req = cli->outstanding_requests; req; req = req->next) { - req->async->state = ASYNC_REQ_ERROR; - req->async->status = map_nt_error_from_unix(errno); + int i; + for (i=0; inum_async; i++) { + req->async[i]->state = ASYNC_REQ_ERROR; + req->async[i]->status = map_nt_error_from_unix(errno); + } } TALLOC_FREE(cli->fd_event); close(cli->fd); diff --git a/source3/torture/torture.c b/source3/torture/torture.c index 75a5b30e30..d159ffbac3 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -4897,6 +4897,85 @@ static bool subst_test(const char *str, const char *user, const char *domain, return result; } +static void chain1_open_completion(struct async_req *req) +{ + int fnum; + NTSTATUS status; + + status = cli_open_recv(req, &fnum); + TALLOC_FREE(req); + + d_printf("cli_open_recv returned %s: %d\n", + nt_errstr(status), + NT_STATUS_IS_OK(status) ? fnum : -1); +} + +static void chain1_read_completion(struct async_req *req) +{ + NTSTATUS status; + ssize_t received; + uint8_t *rcvbuf; + + status = cli_read_andx_recv(req, &received, &rcvbuf); + if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(req); + d_printf("cli_read_andx_recv returned %s\n", + nt_errstr(status)); + return; + } + + d_printf("got %d bytes: %.*s\n", (int)received, (int)received, + (char *)rcvbuf); + TALLOC_FREE(req); +} + +static void chain1_close_completion(struct async_req *req) +{ + NTSTATUS status; + + status = cli_close_recv(req); + *((bool *)(req->async.priv)) = true; + + TALLOC_FREE(req); + + d_printf("cli_close returned %s\n", nt_errstr(status)); +} + +static bool run_chain1(int dummy) +{ + struct cli_state *cli1; + struct event_context *evt = event_context_init(NULL); + struct async_req *reqs[4]; + bool done = false; + + printf("starting chain1 test\n"); + if (!torture_open_connection(&cli1, 0)) { + return False; + } + + cli_sockopt(cli1, sockops); + + cli_chain_cork(cli1, evt, 0); + reqs[0] = cli_open_send(talloc_tos(), evt, cli1, "\\test", + O_CREAT|O_RDWR, 0); + reqs[0]->async.fn = chain1_open_completion; + reqs[1] = cli_read_andx_send(talloc_tos(), evt, cli1, 0, 0, 10); + reqs[1]->async.fn = chain1_read_completion; + reqs[2] = cli_read_andx_send(talloc_tos(), evt, cli1, 0, 1, 10); + reqs[2]->async.fn = chain1_read_completion; + reqs[3] = cli_close_send(talloc_tos(), evt, cli1, 0); + reqs[3]->async.fn = chain1_close_completion; + reqs[3]->async.priv = (void *)&done; + cli_chain_uncork(cli1); + + while (!done) { + event_loop_once(evt); + } + + torture_close_connection(cli1); + return True; +} + static bool run_local_substitute(int dummy) { bool ok = true; @@ -5394,6 +5473,7 @@ static struct { {"FDSESS", run_fdsesstest, 0}, { "EATEST", run_eatest, 0}, { "SESSSETUP_BENCH", run_sesssetup_bench, 0}, + { "CHAIN1", run_chain1, 0}, { "LOCAL-SUBSTITUTE", run_local_substitute, 0}, { "LOCAL-GENCACHE", run_local_gencache, 0}, { "LOCAL-RBTREE", run_local_rbtree, 0}, -- cgit From bb0fc9cfceab7e961eaa9049d111121609ff8174 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 27 Aug 2008 19:26:40 +0200 Subject: Add cli_request->recv_helper Necessary for requests with multiple replies (This used to be commit cb2e338eb33dfb4627f9b43456af0c86d7d268c6) --- source3/include/async_smb.h | 12 ++++++++++++ source3/libsmb/async_smb.c | 7 ++++++- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/source3/include/async_smb.h b/source3/include/async_smb.h index 1053de2942..6a09bb6001 100644 --- a/source3/include/async_smb.h +++ b/source3/include/async_smb.h @@ -91,6 +91,18 @@ struct cli_request { uint8_t *rcvbuf; } read; } data; + + /** + * For requests that don't follow the strict request/reply pattern + * such as the transaction request family and echo requests it is + * necessary to break the standard procedure in + * handle_incoming_pdu(). For a simple example look at + * cli_echo_recv_helper(). + */ + struct { + void (*fn)(struct async_req *req); + void *priv; + } recv_helper; }; /* diff --git a/source3/libsmb/async_smb.c b/source3/libsmb/async_smb.c index 4d6c32edfa..b5fa9c44b1 100644 --- a/source3/libsmb/async_smb.c +++ b/source3/libsmb/async_smb.c @@ -409,6 +409,7 @@ bool cli_chain_cork(struct cli_state *cli, struct event_context *ev, req->async = NULL; req->enc_state = NULL; + req->recv_helper.fn = NULL; SSVAL(req->outbuf, smb_tid, cli->cnum); cli_setup_packet_buf(cli, req->outbuf); @@ -822,7 +823,11 @@ static void handle_incoming_pdu(struct cli_state *cli) * destructor cli_async_req_destructor(). */ if (req->async[i] != NULL) { - async_req_done(req->async[i]); + if (req->recv_helper.fn != NULL) { + req->recv_helper.fn(req->async[i]); + } else { + async_req_done(req->async[i]); + } } } return; -- cgit From 228a12681bc7e6eb5bddb75b3b97a74c5eef1c3a Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 27 Aug 2008 19:30:57 +0200 Subject: Add async smbecho client support (This used to be commit c1d645fbe39433541d8bfe6b818c855cee318dc5) --- source3/client/client.c | 10 +-- source3/include/async_smb.h | 4 ++ source3/include/proto.h | 7 +- source3/libsmb/clientgen.c | 166 +++++++++++++++++++++++++++++++++++++------- source3/torture/torture.c | 33 +++++++++ 5 files changed, 187 insertions(+), 33 deletions(-) diff --git a/source3/client/client.c b/source3/client/client.c index 18b286324b..1c0dff92c1 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -943,6 +943,7 @@ static int cmd_echo(void) TALLOC_CTX *ctx = talloc_tos(); char *num; char *data; + NTSTATUS status; if (!next_token_talloc(ctx, &cmd_ptr, &num, NULL) || !next_token_talloc(ctx, &cmd_ptr, &data, NULL)) { @@ -950,9 +951,10 @@ static int cmd_echo(void) return 1; } - if (!cli_echo(cli, atoi(num), (uint8 *)data, strlen(data))) { - d_printf("echo failed: %s\n", - nt_errstr(cli_get_nt_error(cli))); + status = cli_echo(cli, atoi(num), data_blob_const(data, strlen(data))); + + if (!NT_STATUS_IS_OK(status)) { + d_printf("echo failed: %s\n", nt_errstr(status)); return 1; } @@ -4417,7 +4419,7 @@ static void readline_callback(void) { unsigned char garbage[16]; memset(garbage, 0xf0, sizeof(garbage)); - cli_echo(cli, 1, garbage, sizeof(garbage)); + cli_echo(cli, 1, data_blob_const(garbage, sizeof(garbage))); } } diff --git a/source3/include/async_smb.h b/source3/include/async_smb.h index 6a09bb6001..ed42baef0d 100644 --- a/source3/include/async_smb.h +++ b/source3/include/async_smb.h @@ -90,6 +90,10 @@ struct cli_request { ssize_t received; uint8_t *rcvbuf; } read; + struct { + DATA_BLOB data; + uint16_t num_echos; + } echo; } data; /** diff --git a/source3/include/proto.h b/source3/include/proto.h index f21cc2b17f..abfc79024a 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -4338,8 +4338,11 @@ void cli_sockopt(struct cli_state *cli, const char *options); uint16 cli_setpid(struct cli_state *cli, uint16 pid); bool cli_set_case_sensitive(struct cli_state *cli, bool case_sensitive); bool cli_send_keepalive(struct cli_state *cli); -bool cli_echo(struct cli_state *cli, uint16 num_echos, - unsigned char *data, size_t length); +struct async_req *cli_echo_send(TALLOC_CTX *mem_ctx, struct event_context *ev, + struct cli_state *cli, uint16_t num_echos, + DATA_BLOB data); +NTSTATUS cli_echo_recv(struct async_req *req); +NTSTATUS cli_echo(struct cli_state *cli, uint16_t num_echos, DATA_BLOB data); /* The following definitions come from libsmb/clierror.c */ diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index 2c0950de03..239ba470a9 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -637,41 +637,153 @@ bool cli_send_keepalive(struct cli_state *cli) return true; } -/**************************************************************************** - Send/receive a SMBecho command: ping the server -****************************************************************************/ +/** + * @brief: Collect a echo reply + * @param[in] req The corresponding async request + * + * There might be more than one echo reply. This helper pulls the reply out of + * the data stream. If all expected replies have arrived, declare the + * async_req done. + */ + +static void cli_echo_recv_helper(struct async_req *req) +{ + struct cli_request *cli_req; + uint8_t wct; + uint16_t *vwv; + uint16_t num_bytes; + uint8_t *bytes; + NTSTATUS status; + + status = cli_pull_reply(req, &wct, &vwv, &num_bytes, &bytes); + if (!NT_STATUS_IS_OK(status)) { + async_req_error(req, status); + return; + } + + cli_req = cli_request_get(req); + + if ((num_bytes != cli_req->data.echo.data.length) + || (memcmp(cli_req->data.echo.data.data, bytes, + num_bytes) != 0)) { + async_req_error(req, NT_STATUS_INVALID_NETWORK_RESPONSE); + return; + } + + cli_req->data.echo.num_echos -= 1; -bool cli_echo(struct cli_state *cli, uint16 num_echos, - unsigned char *data, size_t length) + if (cli_req->data.echo.num_echos == 0) { + client_set_trans_sign_state_off(cli_req->cli, cli_req->mid); + async_req_done(req); + return; + } + + return; +} + +/** + * @brief Send SMBEcho requests + * @param[in] mem_ctx The memory context to put the async_req on + * @param[in] ev The event context that will call us back + * @param[in] cli The connection to send the echo to + * @param[in] num_echos How many times do we want to get the reply? + * @param[in] data The data we want to get back + * @retval The async request + */ + +struct async_req *cli_echo_send(TALLOC_CTX *mem_ctx, struct event_context *ev, + struct cli_state *cli, uint16_t num_echos, + DATA_BLOB data) { - char *p; - int i; + uint16_t vwv[1]; + uint8_t *data_copy; + struct async_req *result; + struct cli_request *req; - SMB_ASSERT(length < 1024); + SSVAL(vwv, 0, num_echos); - memset(cli->outbuf,'\0',smb_size); - cli_set_message(cli->outbuf,1,length,true); - SCVAL(cli->outbuf,smb_com,SMBecho); - SSVAL(cli->outbuf,smb_tid,65535); - SSVAL(cli->outbuf,smb_vwv0,num_echos); - cli_setup_packet(cli); - p = smb_buf(cli->outbuf); - memcpy(p, data, length); - p += length; + data_copy = (uint8_t *)talloc_memdup(mem_ctx, data.data, data.length); + if (data_copy == NULL) { + return NULL; + } - cli_setup_bcc(cli, p); + result = cli_request_send(mem_ctx, ev, cli, SMBecho, 0, 1, vwv, + data.length, data.data); + if (result == NULL) { + TALLOC_FREE(data_copy); + return NULL; + } + req = cli_request_get(result); - cli_send_smb(cli); + client_set_trans_sign_state_on(cli, req->mid); - for (i=0; idata.echo.num_echos = num_echos; + req->data.echo.data.data = talloc_move(req, &data_copy); + req->data.echo.data.length = data.length; - if (cli_is_error(cli)) { - return false; - } + req->recv_helper.fn = cli_echo_recv_helper; + + return result; +} + +/** + * Get the result out from an echo request + * @param[in] req The async_req from cli_echo_send + * @retval Did the server reply correctly? + */ + +NTSTATUS cli_echo_recv(struct async_req *req) +{ + SMB_ASSERT(req->state >= ASYNC_REQ_DONE); + if (req->state == ASYNC_REQ_ERROR) { + return req->status; } - return true; + return NT_STATUS_OK; +} + +/** + * @brief Send/Receive SMBEcho requests + * @param[in] mem_ctx The memory context to put the async_req on + * @param[in] ev The event context that will call us back + * @param[in] cli The connection to send the echo to + * @param[in] num_echos How many times do we want to get the reply? + * @param[in] data The data we want to get back + * @retval Did the server reply correctly? + */ + +NTSTATUS cli_echo(struct cli_state *cli, uint16_t num_echos, DATA_BLOB data) +{ + TALLOC_CTX *frame = talloc_stackframe(); + struct event_context *ev; + struct async_req *req; + NTSTATUS status = NT_STATUS_NO_MEMORY; + + if (cli->fd_event != NULL) { + /* + * Can't use sync call while an async call is in flight + */ + cli_set_error(cli, NT_STATUS_INVALID_PARAMETER); + goto fail; + } + + ev = event_context_init(frame); + if (ev == NULL) { + goto fail; + } + + req = cli_echo_send(frame, ev, cli, num_echos, data); + if (req == NULL) { + goto fail; + } + + while (req->state < ASYNC_REQ_DONE) { + event_loop_once(ev); + } + + status = cli_echo_recv(req); + + fail: + TALLOC_FREE(frame); + return status; } diff --git a/source3/torture/torture.c b/source3/torture/torture.c index d159ffbac3..d8942e42b9 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -4976,6 +4976,38 @@ static bool run_chain1(int dummy) return True; } +static bool run_cli_echo(int dummy) +{ + struct cli_state *cli; + struct event_context *ev = event_context_init(NULL); + struct async_req *req; + NTSTATUS status; + + printf("starting chain1 test\n"); + if (!torture_open_connection(&cli, 0)) { + return false; + } + cli_sockopt(cli, sockops); + + req = cli_echo_send(ev, ev, cli, 5, data_blob_const("hello", 5)); + if (req == NULL) { + d_printf("cli_echo_send failed\n"); + return false; + } + + while (req->state < ASYNC_REQ_DONE) { + event_loop_once(ev); + } + + status = cli_echo_recv(req); + d_printf("cli_echo returned %s\n", nt_errstr(status)); + + TALLOC_FREE(req); + + torture_close_connection(cli); + return NT_STATUS_IS_OK(status); +} + static bool run_local_substitute(int dummy) { bool ok = true; @@ -5474,6 +5506,7 @@ static struct { { "EATEST", run_eatest, 0}, { "SESSSETUP_BENCH", run_sesssetup_bench, 0}, { "CHAIN1", run_chain1, 0}, + { "CLI_ECHO", run_cli_echo, 0}, { "LOCAL-SUBSTITUTE", run_local_substitute, 0}, { "LOCAL-GENCACHE", run_local_gencache, 0}, { "LOCAL-RBTREE", run_local_rbtree, 0}, -- cgit From f294f51bf0d136208fee1be343684ea890a499d0 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 28 Aug 2008 15:44:14 +0200 Subject: Remove cli_request_get() req->private_data==NULL at this point is definitely a bug. (This used to be commit ce3dc9f616cafc1289a94ac7cae0beca967d836e) --- source3/include/async_smb.h | 6 ------ source3/libsmb/async_smb.c | 23 ++++++----------------- source3/libsmb/clientgen.c | 4 ++-- source3/libsmb/clireadwrite.c | 12 ++++++++---- 4 files changed, 16 insertions(+), 29 deletions(-) diff --git a/source3/include/async_smb.h b/source3/include/async_smb.h index ed42baef0d..e9e10023e3 100644 --- a/source3/include/async_smb.h +++ b/source3/include/async_smb.h @@ -125,12 +125,6 @@ bool cli_chain_cork(struct cli_state *cli, struct event_context *ev, size_t size_hint); void cli_chain_uncork(struct cli_state *cli); -/* - * Convenience function to get the SMB part out of an async_req - */ - -struct cli_request *cli_request_get(struct async_req *req); - NTSTATUS cli_pull_reply(struct async_req *req, uint8_t *pwct, uint16_t **pvwv, uint16_t *pnum_bytes, uint8_t **pbytes); diff --git a/source3/libsmb/async_smb.c b/source3/libsmb/async_smb.c index b5fa9c44b1..79a924b9db 100644 --- a/source3/libsmb/async_smb.c +++ b/source3/libsmb/async_smb.c @@ -107,7 +107,8 @@ static uint16_t cli_new_mid(struct cli_state *cli) static char *cli_request_print(TALLOC_CTX *mem_ctx, struct async_req *req) { char *result = async_req_print(mem_ctx, req); - struct cli_request *cli_req = cli_request_get(req); + struct cli_request *cli_req = talloc_get_type_abort( + req->private_data, struct cli_request); if (result == NULL) { return NULL; @@ -216,7 +217,8 @@ static bool find_andx_cmd_ofs(char *buf, size_t *pofs) static int cli_async_req_destructor(struct async_req *req) { - struct cli_request *cli_req = cli_request_get(req); + struct cli_request *cli_req = talloc_get_type_abort( + req->private_data, struct cli_request); int i, pending; bool found = false; @@ -560,7 +562,8 @@ NTSTATUS cli_pull_reply(struct async_req *req, uint8_t *pwct, uint16_t **pvwv, uint16_t *pnum_bytes, uint8_t **pbytes) { - struct cli_request *cli_req = cli_request_get(req); + struct cli_request *cli_req = talloc_get_type_abort( + req->private_data, struct cli_request); uint8_t wct, cmd; uint16_t num_bytes; size_t wct_ofs, bytes_offset; @@ -666,20 +669,6 @@ NTSTATUS cli_pull_reply(struct async_req *req, return NT_STATUS_OK; } -/** - * Convenience function to get the SMB part out of an async_req - * @param[in] req The request to look at - * @retval The private_data as struct cli_request - */ - -struct cli_request *cli_request_get(struct async_req *req) -{ - if (req == NULL) { - return NULL; - } - return talloc_get_type_abort(req->private_data, struct cli_request); -} - /** * A PDU has arrived on cli->evt_inbuf * @param[in] cli The cli_state that received something diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index 239ba470a9..9d65fb4e94 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -661,7 +661,7 @@ static void cli_echo_recv_helper(struct async_req *req) return; } - cli_req = cli_request_get(req); + cli_req = talloc_get_type_abort(req->private_data, struct cli_request); if ((num_bytes != cli_req->data.echo.data.length) || (memcmp(cli_req->data.echo.data.data, bytes, @@ -713,7 +713,7 @@ struct async_req *cli_echo_send(TALLOC_CTX *mem_ctx, struct event_context *ev, TALLOC_FREE(data_copy); return NULL; } - req = cli_request_get(result); + req = talloc_get_type_abort(result->private_data, struct cli_request); client_set_trans_sign_state_on(cli, req->mid); diff --git a/source3/libsmb/clireadwrite.c b/source3/libsmb/clireadwrite.c index b64a4c68f3..ec63281630 100644 --- a/source3/libsmb/clireadwrite.c +++ b/source3/libsmb/clireadwrite.c @@ -83,7 +83,7 @@ struct async_req *cli_read_andx_send(TALLOC_CTX *mem_ctx, return NULL; } - req = cli_request_get(result); + req = talloc_get_type_abort(result->private_data, struct cli_request); req->data.read.ofs = offset; req->data.read.size = size; @@ -103,7 +103,8 @@ struct async_req *cli_read_andx_send(TALLOC_CTX *mem_ctx, NTSTATUS cli_read_andx_recv(struct async_req *req, ssize_t *received, uint8_t **rcvbuf) { - struct cli_request *cli_req = cli_request_get(req); + struct cli_request *cli_req = talloc_get_type_abort( + req->private_data, struct cli_request); uint8_t wct; uint16_t *vwv; uint16_t num_bytes; @@ -311,7 +312,8 @@ static void cli_pull_read_done(struct async_req *read_req) read_req->async.priv, struct async_req); struct cli_pull_state *state = talloc_get_type_abort( pull_req->private_data, struct cli_pull_state); - struct cli_request *read_state = cli_request_get(read_req); + struct cli_request *read_state = talloc_get_type_abort( + read_req->private_data, struct cli_request); NTSTATUS status; status = cli_read_andx_recv(read_req, &read_state->data.read.received, @@ -342,7 +344,9 @@ static void cli_pull_read_done(struct async_req *read_req) return; } - top_read = cli_request_get(state->reqs[state->top_req]); + top_read = talloc_get_type_abort( + state->reqs[state->top_req]->private_data, + struct cli_request); DEBUG(10, ("cli_pull_read_done: Pushing %d bytes, %d already " "pushed\n", (int)top_read->data.read.received, -- cgit From d4818c70eb1275e532df0e6882bb761335d2dba2 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 28 Aug 2008 16:06:23 -0700 Subject: Clarify usage of "force create mode". Jeremy. (This used to be commit 1d252ffd313e0cd6fcb3d7cb2c99f2daf56728c1) --- docs-xml/smbdotconf/security/forcecreatemode.xml | 17 ++++++++--------- source3/client/client.c | 2 +- 2 files changed, 9 insertions(+), 10 deletions(-) diff --git a/docs-xml/smbdotconf/security/forcecreatemode.xml b/docs-xml/smbdotconf/security/forcecreatemode.xml index 8a6449fe21..a3f1c2c105 100644 --- a/docs-xml/smbdotconf/security/forcecreatemode.xml +++ b/docs-xml/smbdotconf/security/forcecreatemode.xml @@ -2,17 +2,16 @@ context="S" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This parameter specifies a set of UNIX mode bit - permissions that will always be set on a - file created by Samba. This is done by bitwise 'OR'ing these bits onto - the mode bits of a file that is being created or having its - permissions changed. The default for this parameter is (in octal) - 000. The modes in this parameter are bitwise 'OR'ed onto the file - mode after the mask set in the create mask + This parameter specifies a set of UNIX mode bit + permissions that will always be set on a + file created by Samba. This is done by bitwise 'OR'ing these bits onto + the mode bits of a file that is being created. The default for this parameter is (in octal) + 000. The modes in this parameter are bitwise 'OR'ed onto the file + mode after the mask set in the create mask parameter is applied. - The example below would force all created files to have read and execute - permissions set for 'group' and 'other' as well as the + The example below would force all newly created files to have read and execute + permissions set for 'group' and 'other' as well as the read/write/execute bits set for the 'user'. diff --git a/source3/client/client.c b/source3/client/client.c index 1c0dff92c1..85f653e903 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -1080,7 +1080,7 @@ static int do_get(const char *rname, const char *lname_in, bool reget) get_total_time_ms += this_time; get_total_size += nread; - DEBUG(1,("(%3.1f kb/s) (average %3.1f kb/s)\n", + DEBUG(1,("(%3.1f KiloBytes/sec) (average %3.1f KiloBytes/sec)\n", nread / (1.024*this_time + 1.0e-4), get_total_size / (1.024*get_total_time_ms))); } -- cgit From 0380fe9d823d6219441050a9b7298bf039b20742 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 22 Aug 2008 16:08:00 +0200 Subject: kerberos: move the KRB5_KEY* macros to header file. Guenther (This used to be commit c28fa17ffffee3e6fd4897c9c6b4937388a19600) --- source3/include/ads.h | 12 ++++++++++++ source3/libnet/libnet_keytab.c | 10 ---------- source3/libsmb/clikrb5.c | 12 ------------ 3 files changed, 12 insertions(+), 22 deletions(-) diff --git a/source3/include/ads.h b/source3/include/ads.h index 0d464b2d81..a31141cb25 100644 --- a/source3/include/ads.h +++ b/source3/include/ads.h @@ -376,6 +376,18 @@ typedef struct { } smb_krb5_addresses; #endif +#ifdef HAVE_KRB5_KEYBLOCK_KEYVALUE /* Heimdal */ +#define KRB5_KEY_TYPE(k) ((k)->keytype) +#define KRB5_KEY_LENGTH(k) ((k)->keyvalue.length) +#define KRB5_KEY_DATA(k) ((k)->keyvalue.data) +#define KRB5_KEY_DATA_CAST void +#else /* MIT */ +#define KRB5_KEY_TYPE(k) ((k)->enctype) +#define KRB5_KEY_LENGTH(k) ((k)->length) +#define KRB5_KEY_DATA(k) ((k)->contents) +#define KRB5_KEY_DATA_CAST krb5_octet +#endif /* HAVE_KRB5_KEYBLOCK_KEYVALUE */ + enum ads_extended_dn_flags { ADS_EXTENDED_DN_HEX_STRING = 0, ADS_EXTENDED_DN_STRING = 1 /* not supported on win2k */ diff --git a/source3/libnet/libnet_keytab.c b/source3/libnet/libnet_keytab.c index 6447183958..a4555239da 100644 --- a/source3/libnet/libnet_keytab.c +++ b/source3/libnet/libnet_keytab.c @@ -24,16 +24,6 @@ #ifdef HAVE_KRB5 -#ifdef HAVE_KRB5_KEYBLOCK_KEYVALUE /* Heimdal */ -#define KRB5_KEY_TYPE(k) ((k)->keytype) -#define KRB5_KEY_LENGTH(k) ((k)->keyvalue.length) -#define KRB5_KEY_DATA(k) ((k)->keyvalue.data) -#else /* MIT */ -#define KRB5_KEY_TYPE(k) ((k)->enctype) -#define KRB5_KEY_LENGTH(k) ((k)->length) -#define KRB5_KEY_DATA(k) ((k)->contents) -#endif /* HAVE_KRB5_KEYBLOCK_KEYVALUE */ - /**************************************************************** ****************************************************************/ diff --git a/source3/libsmb/clikrb5.c b/source3/libsmb/clikrb5.c index fa21ad3467..b6fb7cf050 100644 --- a/source3/libsmb/clikrb5.c +++ b/source3/libsmb/clikrb5.c @@ -27,18 +27,6 @@ #ifdef HAVE_KRB5 -#ifdef HAVE_KRB5_KEYBLOCK_KEYVALUE /* Heimdal */ -#define KRB5_KEY_TYPE(k) ((k)->keytype) -#define KRB5_KEY_LENGTH(k) ((k)->keyvalue.length) -#define KRB5_KEY_DATA(k) ((k)->keyvalue.data) -#define KRB5_KEY_DATA_CAST void -#else /* MIT */ -#define KRB5_KEY_TYPE(k) ((k)->enctype) -#define KRB5_KEY_LENGTH(k) ((k)->length) -#define KRB5_KEY_DATA(k) ((k)->contents) -#define KRB5_KEY_DATA_CAST krb5_octet -#endif /* HAVE_KRB5_KEYBLOCK_KEYVALUE */ - #define GSSAPI_CHECKSUM 0x8003 /* Checksum type value for Kerberos */ #define GSSAPI_BNDLENGTH 16 /* Bind Length (rfc-1964 pg.3) */ #define GSSAPI_CHECKSUM_SIZE (12+GSSAPI_BNDLENGTH) -- cgit From 87ea8f3fae44b5442f1e5303bf1d5326f1bfd5ae Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 22 Aug 2008 14:52:10 +0200 Subject: kerberos: add KRB5_KT_KEY abstraction macro. Guenther (This used to be commit be846d5383ef31136cca6b11eb6181736fb2e29d) --- source3/include/ads.h | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/source3/include/ads.h b/source3/include/ads.h index a31141cb25..ebe8be08b6 100644 --- a/source3/include/ads.h +++ b/source3/include/ads.h @@ -382,12 +382,20 @@ typedef struct { #define KRB5_KEY_DATA(k) ((k)->keyvalue.data) #define KRB5_KEY_DATA_CAST void #else /* MIT */ -#define KRB5_KEY_TYPE(k) ((k)->enctype) +#define KRB5_KEY_TYPE(k) ((k)->enctype) #define KRB5_KEY_LENGTH(k) ((k)->length) #define KRB5_KEY_DATA(k) ((k)->contents) #define KRB5_KEY_DATA_CAST krb5_octet #endif /* HAVE_KRB5_KEYBLOCK_KEYVALUE */ +#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEY /* MIT */ +#define KRB5_KT_KEY(k) (&(k)->key) +#elif HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK /* Heimdal */ +#define KRB5_KT_KEY(k) (&(k)->keyblock) +#else +#error krb5_keytab_entry has no key or keyblock member +#endif + enum ads_extended_dn_flags { ADS_EXTENDED_DN_HEX_STRING = 0, ADS_EXTENDED_DN_STRING = 1 /* not supported on win2k */ -- cgit From bff20e14c38d7139033127182b76aa24e471b581 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 22 Aug 2008 14:58:01 +0200 Subject: kerberos: use KRB5_KT_KEY macro where appropriate. Guenther (This used to be commit a042dffd7121bda3dbc9509f69fcfae06ed4cc22) --- source3/include/includes.h | 2 +- source3/libads/kerberos_keytab.c | 11 ++--------- source3/libnet/libnet_keytab.c | 30 +++--------------------------- source3/libsmb/clikrb5.c | 20 +++++--------------- 4 files changed, 11 insertions(+), 52 deletions(-) diff --git a/source3/include/includes.h b/source3/include/includes.h index fa385cba2a..958e7cba1f 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -1234,7 +1234,7 @@ krb5_error_code smb_krb5_mk_error(krb5_context context, krb5_error_code error_code, const krb5_principal server, krb5_data *reply); -krb5_enctype smb_get_enctype_from_kt_entry(const krb5_keytab_entry *kt_entry); +krb5_enctype smb_get_enctype_from_kt_entry(krb5_keytab_entry *kt_entry); krb5_error_code smb_krb5_enctype_to_string(krb5_context context, krb5_enctype enctype, char **etype_s); diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c index 77a50e4221..883f582445 100644 --- a/source3/libads/kerberos_keytab.c +++ b/source3/libads/kerberos_keytab.c @@ -161,15 +161,8 @@ int smb_krb5_kt_add_entry_ext(krb5_context context, for (i = 0; enctypes[i]; i++) { krb5_keyblock *keyp; -#if !defined(HAVE_KRB5_KEYTAB_ENTRY_KEY) && !defined(HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK) -#error krb5_keytab_entry has no key or keyblock member -#endif -#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEY /* MIT */ - keyp = &kt_entry.key; -#endif -#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK /* Heimdal */ - keyp = &kt_entry.keyblock; -#endif + keyp = KRB5_KT_KEY(&kt_entry); + if (create_kerberos_key_from_string(context, princ, &password, keyp, enctypes[i], no_salt)) { continue; } diff --git a/source3/libnet/libnet_keytab.c b/source3/libnet/libnet_keytab.c index a4555239da..46c17b219c 100644 --- a/source3/libnet/libnet_keytab.c +++ b/source3/libnet/libnet_keytab.c @@ -138,15 +138,7 @@ static krb5_error_code libnet_keytab_remove_entries(krb5_context context, goto cont; } -#if !defined(HAVE_KRB5_KEYTAB_ENTRY_KEY) && !defined(HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK) -#error krb5_keytab_entry has no key or keyblock member -#endif -#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEY /* MIT */ - keyp = &kt_entry.key; -#endif -#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK /* Heimdal */ - keyp = &kt_entry.keyblock; -#endif + keyp = KRB5_KT_KEY(&kt_entry); if (KRB5_KEY_TYPE(keyp) != enctype) { goto cont; @@ -240,15 +232,7 @@ static krb5_error_code libnet_keytab_add_entry(krb5_context context, return ret; } -#if !defined(HAVE_KRB5_KEYTAB_ENTRY_KEY) && !defined(HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK) -#error krb5_keytab_entry has no key or keyblock member -#endif -#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEY /* MIT */ - keyp = &kt_entry.key; -#endif -#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK /* Heimdal */ - keyp = &kt_entry.keyblock; -#endif + keyp = KRB5_KT_KEY(&kt_entry); if (create_kerberos_key_from_string(context, kt_entry.principal, &password, keyp, enctype, true)) @@ -354,15 +338,7 @@ struct libnet_keytab_entry *libnet_keytab_search(struct libnet_keytab_context *c goto cont; } -#if !defined(HAVE_KRB5_KEYTAB_ENTRY_KEY) && !defined(HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK) -#error krb5_keytab_entry has no key or keyblock member -#endif -#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEY /* MIT */ - keyp = &kt_entry.key; -#endif -#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK /* Heimdal */ - keyp = &kt_entry.keyblock; -#endif + keyp = KRB5_KT_KEY(&kt_entry); if (KRB5_KEY_TYPE(keyp) != enctype) { goto cont; diff --git a/source3/libsmb/clikrb5.c b/source3/libsmb/clikrb5.c index b6fb7cf050..bedd7d7aee 100644 --- a/source3/libsmb/clikrb5.c +++ b/source3/libsmb/clikrb5.c @@ -1045,6 +1045,7 @@ get_key_from_keytab(krb5_context context, krb5_error_code ret; krb5_keytab keytab; char *name = NULL; + krb5_keyblock *keyp; /* We have to open a new keytab handle here, as MIT does an implicit open/getnext/close on krb5_kt_get_entry. We @@ -1077,14 +1078,9 @@ get_key_from_keytab(krb5_context context, goto out; } -#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK /* Heimdal */ - ret = krb5_copy_keyblock(context, &entry.keyblock, out_key); -#elif defined(HAVE_KRB5_KEYTAB_ENTRY_KEY) /* MIT */ - ret = krb5_copy_keyblock(context, &entry.key, out_key); -#else -#error UNKNOWN_KRB5_KEYTAB_ENTRY_FORMAT -#endif + keyp = KRB5_KT_KEY(&entry); + ret = krb5_copy_keyblock(context, keyp, out_key); if (ret) { DEBUG(0,("get_key_from_keytab: failed to copy key: %s\n", error_message(ret))); goto out; @@ -1572,15 +1568,9 @@ done: #endif /* HAVE_KRB5_GET_INIT_CREDS_OPT_FREE */ } - krb5_enctype smb_get_enctype_from_kt_entry(const krb5_keytab_entry *kt_entry) + krb5_enctype smb_get_enctype_from_kt_entry(krb5_keytab_entry *kt_entry) { -#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEY /* MIT */ - return kt_entry->key.enctype; -#elif defined(HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK) /* Heimdal */ - return kt_entry->keyblock.keytype; -#else -#error UNKNOWN_KRB5_KEYTAB_ENTRY_KEYBLOCK_FORMAT -#endif + return KRB5_KEY_TYPE(KRB5_KT_KEY(kt_entry)); } -- cgit From ea0686e64a1d8079386ee9fac406ba06d1e6825f Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 29 Aug 2008 11:38:02 +0200 Subject: kerberos: fix HAVE_KRB5 related build issue. Guenther (This used to be commit 7d7ba8397743af52a74d00fd717bdeb5e3e12a28) --- source3/include/ads.h | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/source3/include/ads.h b/source3/include/ads.h index ebe8be08b6..97faf0b6eb 100644 --- a/source3/include/ads.h +++ b/source3/include/ads.h @@ -372,9 +372,8 @@ typedef struct { krb5_addresses *addrs; #else #error UNKNOWN_KRB5_ADDRESS_TYPE -#endif +#endif /* defined(HAVE_MAGIC_IN_KRB5_ADDRESS) && defined(HAVE_ADDRTYPE_IN_KRB5_ADDRESS) */ } smb_krb5_addresses; -#endif #ifdef HAVE_KRB5_KEYBLOCK_KEYVALUE /* Heimdal */ #define KRB5_KEY_TYPE(k) ((k)->keytype) @@ -394,7 +393,9 @@ typedef struct { #define KRB5_KT_KEY(k) (&(k)->keyblock) #else #error krb5_keytab_entry has no key or keyblock member -#endif +#endif /* HAVE_KRB5_KEYTAB_ENTRY_KEY */ + +#endif /* HAVE_KRB5 */ enum ads_extended_dn_flags { ADS_EXTENDED_DN_HEX_STRING = 0, -- cgit From eefd04212c52e6a7af47a30daa23dfdc993af2d9 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 26 Aug 2008 21:10:19 +0200 Subject: net: use netapi for rpc_user_rename. Guenther (This used to be commit fe28ea1afd4024673f847fc8880910b1f7f0385a) --- source3/utils/net_rpc.c | 128 ++++++------------------------------------------ 1 file changed, 15 insertions(+), 113 deletions(-) diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 347ddd039f..148d243ef8 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -658,135 +658,37 @@ static int rpc_user_add(struct net_context *c, int argc, const char **argv) /** * Rename a user on a remote RPC server. * - * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passed through. - * - * @param domain_sid The domain sid acquired from the remote server. - * @param cli A cli_state connected to the server. - * @param mem_ctx Talloc context, destroyed on completion of the function. * @param argc Standard main() style argc. * @param argv Standard main() style argv. Initial components are already * stripped. * - * @return Normal NTSTATUS return. + * @return A shell status integer (0 for success). **/ -static NTSTATUS rpc_user_rename_internals(struct net_context *c, - const DOM_SID *domain_sid, - const char *domain_name, - struct cli_state *cli, - struct rpc_pipe_client *pipe_hnd, - TALLOC_CTX *mem_ctx, - int argc, - const char **argv) +static int rpc_user_rename(struct net_context *c, int argc, const char **argv) { - POLICY_HND connect_pol, domain_pol, user_pol; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - uint32 info_level = 7; - const char *old_name, *new_name; - struct samr_Ids user_rids, name_types; - struct lsa_String lsa_acct_name; - union samr_UserInfo *info = NULL; + NET_API_STATUS status; + struct USER_INFO_0 u0; + uint32_t parm_err = 0; if (argc != 2 || c->display_usage) { rpc_user_usage(c, argc, argv); - return NT_STATUS_OK; - } - - old_name = argv[0]; - new_name = argv[1]; - - /* Get sam policy handle */ - - result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, - pipe_hnd->desthost, - MAXIMUM_ALLOWED_ACCESS, - &connect_pol); - - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - /* Get domain policy handle */ - - result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, - &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - CONST_DISCARD(struct dom_sid2 *, domain_sid), - &domain_pol); - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - init_lsa_String(&lsa_acct_name, old_name); - - result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx, - &domain_pol, - 1, - &lsa_acct_name, - &user_rids, - &name_types); - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - /* Open domain user */ - result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx, - &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - user_rids.ids[0], - &user_pol); - - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - /* Query user info */ - result = rpccli_samr_QueryUserInfo(pipe_hnd, mem_ctx, - &user_pol, - info_level, - &info); - - if (!NT_STATUS_IS_OK(result)) { - goto done; + return 0; } - init_samr_user_info7(&info->info7, new_name); + u0.usri0_name = argv[1]; - /* Set new name */ - result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx, - &user_pol, - info_level, - info); - - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - done: - if (!NT_STATUS_IS_OK(result)) { - d_fprintf(stderr, "Failed to rename user from %s to %s - %s\n", old_name, new_name, - nt_errstr(result)); + status = NetUserSetInfo(c->opt_host, argv[0], + 0, (uint8_t *)&u0, &parm_err); + if (status) { + d_fprintf(stderr, "Failed to rename user from %s to %s - %s\n", + argv[0], argv[1], + libnetapi_get_error_string(c->netapi_ctx, status)); } else { - d_printf("Renamed user from %s to %s\n", old_name, new_name); + d_printf("Renamed user from %s to %s\n", argv[0], argv[1]); } - return result; -} -/** - * Rename a user on a remote RPC server. - * - * @param argc Standard main() style argc. - * @param argv Standard main() style argv. Initial components are already - * stripped. - * - * @return A shell status integer (0 for success). - **/ - -static int rpc_user_rename(struct net_context *c, int argc, const char **argv) -{ - return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0, - rpc_user_rename_internals, argc, argv); + return status; } /** -- cgit From 2e8b0006b181944eda8694d03d8cb36eb561341e Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 26 Aug 2008 21:12:23 +0200 Subject: netapi: add all USER_INFO structs to public header. Guenther (This used to be commit d19c06d7d055e4b1e8e47cc2df1a192a0a19eb14) --- source3/lib/netapi/netapi.h | 108 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 108 insertions(+) diff --git a/source3/lib/netapi/netapi.h b/source3/lib/netapi/netapi.h index f7bf1880cc..71873b7656 100644 --- a/source3/lib/netapi/netapi.h +++ b/source3/lib/netapi/netapi.h @@ -228,6 +228,37 @@ struct USER_INFO_20 { uint32_t usri20_user_id; }; +struct USER_INFO_21 { + uint8_t *usri21_password; +}; + +struct USER_INFO_22 { + const char * usri22_name; + uint8_t *usri22_password; + uint32_t usri22_password_age; + uint32_t usri22_priv; + const char * usri22_home_dir; + const char * usri22_comment; + uint32_t usri22_flags; + uint32_t usri22_script_path; + uint32_t usri22_auth_flags; + const char * usri22_full_name; + const char * usri22_usr_comment; + const char * usri22_parms; + const char * usri22_workstations; + uint32_t usri22_last_logon; + uint32_t usri22_last_logoff; + uint32_t usri22_acct_expires; + uint32_t usri22_max_storage; + uint32_t usri22_units_per_week; + uint8_t *usri22_logon_hours;/* [unique] */ + uint32_t usri22_bad_pw_count; + uint32_t usri22_num_logons; + const char * usri22_logon_server; + uint32_t usri22_country_code; + uint32_t usri22_code_page; +}; + struct USER_INFO_23 { const char * usri23_name; const char * usri23_full_name; @@ -236,10 +267,87 @@ struct USER_INFO_23 { struct domsid *usri23_user_sid;/* [unique] */ }; +struct USER_INFO_1003 { + const char * usri1003_password; +}; + +struct USER_INFO_1005 { + uint32_t usri1005_priv; +}; + +struct USER_INFO_1006 { + const char * usri1006_home_dir; +}; + struct USER_INFO_1007 { const char * usri1007_comment; }; +struct USER_INFO_1008 { + uint32_t usri1008_flags; +}; + +struct USER_INFO_1009 { + const char * usri1009_script_path; +}; + +struct USER_INFO_1010 { + uint32_t usri1010_auth_flags; +}; + +struct USER_INFO_1011 { + const char * usri1011_full_name; +}; + +struct USER_INFO_1012 { + const char * usri1012_usr_comment; +}; + +struct USER_INFO_1013 { + const char * usri1013_parms; +}; + +struct USER_INFO_1014 { + const char * usri1014_workstations; +}; + +struct USER_INFO_1017 { + uint32_t usri1017_acct_expires; +}; + +struct USER_INFO_1018 { + uint32_t usri1018_max_storage; +}; + +struct USER_INFO_1020 { + uint32_t usri1020_units_per_week; + uint8_t *usri1020_logon_hours;/* [unique] */ +}; + +struct USER_INFO_1023 { + const char * usri1023_logon_server; +}; + +struct USER_INFO_1024 { + uint32_t usri1024_country_code; +}; + +struct USER_INFO_1025 { + uint32_t usri1025_code_page; +}; + +struct USER_INFO_1051 { + uint32_t usri1051_primary_group_id; +}; + +struct USER_INFO_1052 { + const char * usri1052_profile; +}; + +struct USER_INFO_1053 { + const char * usri1053_home_dir_drive; +}; + struct USER_MODALS_INFO_0 { uint32_t usrmod0_min_passwd_len; uint32_t usrmod0_max_passwd_age; -- cgit From 93c10333c51da2361a283ea1017be1788452dd75 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 00:30:04 +0200 Subject: netapi: fix ENCRYPTED_PWLEN in IDL. Guenther (This used to be commit 2c6b3208d3bf3d44b58248e9068924657897c917) --- source3/librpc/idl/libnetapi.idl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/librpc/idl/libnetapi.idl b/source3/librpc/idl/libnetapi.idl index 1bb0aafe94..6050caba0e 100644 --- a/source3/librpc/idl/libnetapi.idl +++ b/source3/librpc/idl/libnetapi.idl @@ -289,7 +289,7 @@ interface libnetapi uint32 usri20_user_id; } USER_INFO_20; - const int ENCRYPTED_PWLEN = 256; + const int ENCRYPTED_PWLEN = 16; [public] typedef struct { uint8 usri21_password[ENCRYPTED_PWLEN]; -- cgit From e5cf44ab311b8b554b573fc17ff415051f603b17 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 00:30:22 +0200 Subject: re-run make idl. Guenther (This used to be commit 77058447f2a61e8830763866c46db71dadf1a82a) --- source3/librpc/gen_ndr/libnetapi.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/librpc/gen_ndr/libnetapi.h b/source3/librpc/gen_ndr/libnetapi.h index 825557d573..89297aead2 100644 --- a/source3/librpc/gen_ndr/libnetapi.h +++ b/source3/librpc/gen_ndr/libnetapi.h @@ -10,7 +10,7 @@ #define _HEADER_libnetapi #define ERROR_MORE_DATA ( 234L ) -#define ENCRYPTED_PWLEN ( 256 ) +#define ENCRYPTED_PWLEN ( 16 ) #define FILTER_TEMP_DUPLICATE_ACCOUNT ( 0x0001 ) #define FILTER_NORMAL_ACCOUNT ( 0x0002 ) #define FILTER_INTERDOMAIN_TRUST_ACCOUNT ( 0x0008 ) -- cgit From ab6fc34ebc20ff2d3eb60393b066feeb35230b9b Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 00:30:51 +0200 Subject: netapi: add ENCRYPTED_PWLEN to public header. Guenther (This used to be commit 7010230c4af667b4197c9bd58685dc5a0b2b7c4f) --- source3/lib/netapi/netapi.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/source3/lib/netapi/netapi.h b/source3/lib/netapi/netapi.h index 71873b7656..4882ada893 100644 --- a/source3/lib/netapi/netapi.h +++ b/source3/lib/netapi/netapi.h @@ -33,6 +33,8 @@ typedef enum { #define ERROR_MORE_DATA ( 234L ) +#define ENCRYPTED_PWLEN ( 16 ) + /**************************************************************** ****************************************************************/ -- cgit From 220e01e5e04a11c3d11f3f9133ee9c3f4e9a79dd Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 00:31:20 +0200 Subject: netapi: add more infolevels to NetUserSetInfo example. Guenther (This used to be commit 5ad217be7a12211a8340052f7f4481cf2f239f8d) --- source3/lib/netapi/examples/user/user_setinfo.c | 122 ++++++++++++++++++++++-- 1 file changed, 116 insertions(+), 6 deletions(-) diff --git a/source3/lib/netapi/examples/user/user_setinfo.c b/source3/lib/netapi/examples/user/user_setinfo.c index ec464232e9..4f02ae7781 100644 --- a/source3/lib/netapi/examples/user/user_setinfo.c +++ b/source3/lib/netapi/examples/user/user_setinfo.c @@ -33,10 +33,34 @@ int main(int argc, const char **argv) struct libnetapi_ctx *ctx = NULL; const char *hostname = NULL; const char *username = NULL; - uint32_t level = 1007; + uint32_t level = 0; uint32_t parm_err = 0; - + uint8_t *buffer = NULL; + const char *val = NULL; + + struct USER_INFO_0 u0; + struct USER_INFO_1 u1; + struct USER_INFO_2 u2; + struct USER_INFO_3 u3; + struct USER_INFO_4 u4; + struct USER_INFO_21 u21; + struct USER_INFO_22 u22; + struct USER_INFO_1003 u1003; + struct USER_INFO_1005 u1005; + struct USER_INFO_1006 u1006; struct USER_INFO_1007 u1007; + struct USER_INFO_1008 u1008; + struct USER_INFO_1009 u1009; + struct USER_INFO_1010 u1010; + struct USER_INFO_1011 u1011; + struct USER_INFO_1012 u1012; + struct USER_INFO_1014 u1014; + struct USER_INFO_1017 u1017; + struct USER_INFO_1020 u1020; + struct USER_INFO_1024 u1024; + struct USER_INFO_1051 u1051; + struct USER_INFO_1052 u1052; + struct USER_INFO_1053 u1053; poptContext pc; int opt; @@ -70,18 +94,104 @@ int main(int argc, const char **argv) } username = poptGetArg(pc); - if (poptPeekArg(pc)) { - level = atoi(poptGetArg(pc)); + if (!poptPeekArg(pc)) { + poptPrintHelp(pc, stderr, 0); + goto out; + } + level = atoi(poptGetArg(pc)); + + if (!poptPeekArg(pc)) { + poptPrintHelp(pc, stderr, 0); + goto out; } + val = poptGetArg(pc); /* NetUserSetInfo */ - u1007.usri1007_comment = "NetApi test comment"; + switch (level) { + case 0: + u0.usri0_name = val; + buffer = (uint8_t *)&u0; + break; + case 1: + case 2: + case 3: + case 4: + break; + case 21: + break; + case 22: + break; + case 1003: + u1003.usri1003_password = val; + buffer = (uint8_t *)&u1003; + break; + case 1005: + u1005.usri1005_priv = atoi(val); + buffer = (uint8_t *)&u1005; + break; + case 1006: + u1006.usri1006_home_dir = val; + buffer = (uint8_t *)&u1006; + break; + case 1007: + u1007.usri1007_comment = val; + buffer = (uint8_t *)&u1007; + break; + case 1008: + u1008.usri1008_flags = atoi(val); + buffer = (uint8_t *)&u1008; + break; + case 1009: + u1009.usri1009_script_path = val; + buffer = (uint8_t *)&u1009; + break; + case 1010: + u1010.usri1010_auth_flags = atoi(val); + buffer = (uint8_t *)&u1010; + break; + case 1011: + u1011.usri1011_full_name = val; + buffer = (uint8_t *)&u1011; + break; + case 1012: + u1012.usri1012_usr_comment = val; + buffer = (uint8_t *)&u1012; + break; + case 1014: + u1014.usri1014_workstations = val; + buffer = (uint8_t *)&u1014; + break; + case 1017: + u1017.usri1017_acct_expires = atoi(val); + buffer = (uint8_t *)&u1017; + break; + case 1020: + break; + case 1024: + u1024.usri1024_country_code = atoi(val); + buffer = (uint8_t *)&u1024; + break; + case 1051: + u1051.usri1051_primary_group_id = atoi(val); + buffer = (uint8_t *)&u1051; + break; + case 1052: + u1052.usri1052_profile = val; + buffer = (uint8_t *)&u1052; + break; + case 1053: + u1053.usri1053_home_dir_drive = val; + buffer = (uint8_t *)&u1053; + break; + default: + break; + } status = NetUserSetInfo(hostname, username, level, - (uint8_t *)&u1007, + buffer, &parm_err); if (status != 0) { printf("NetUserSetInfo failed with: %s\n", -- cgit From 64d06eadb762948b2361f66f41c2995804060190 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 00:32:08 +0200 Subject: netapi: make set_user_info_USER_INFO_X a separate function. Guenther (This used to be commit 529dd675bde3ac944ca69e4dbe2fc4beeeb9aab8) --- source3/lib/netapi/user.c | 106 ++++++++++++++++++++++++++++------------------ 1 file changed, 64 insertions(+), 42 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 7b530f4308..608c1a1d8d 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -178,6 +178,66 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, /**************************************************************** ****************************************************************/ +static NTSTATUS set_user_info_USER_INFO_X(TALLOC_CTX *ctx, + struct rpc_pipe_client *pipe_cli, + DATA_BLOB *session_key, + struct policy_handle *user_handle, + struct USER_INFO_X *uX) +{ + union samr_UserInfo user_info; + struct samr_UserInfo21 info21; + NTSTATUS status; + + if (!uX) { + return NT_STATUS_INVALID_PARAMETER; + } + + convert_USER_INFO_X_to_samr_user_info21(uX, &info21); + + ZERO_STRUCT(user_info); + + if (uX->usriX_password) { + + user_info.info25.info = info21; + + init_samr_CryptPasswordEx(uX->usriX_password, + session_key, + &user_info.info25.password); + + status = rpccli_samr_SetUserInfo2(pipe_cli, ctx, + user_handle, + 25, + &user_info); + + if (NT_STATUS_EQUAL(status, NT_STATUS(DCERPC_FAULT_INVALID_TAG))) { + + user_info.info23.info = info21; + + init_samr_CryptPassword(uX->usriX_password, + session_key, + &user_info.info23.password); + + status = rpccli_samr_SetUserInfo2(pipe_cli, ctx, + user_handle, + 23, + &user_info); + } + } else { + + user_info.info21 = info21; + + status = rpccli_samr_SetUserInfo(pipe_cli, ctx, + user_handle, + 21, + &user_info); + } + + return status; +} + +/**************************************************************** +****************************************************************/ + WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, struct NetUserAdd *r) { @@ -188,7 +248,6 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, POLICY_HND connect_handle, domain_handle, user_handle; struct lsa_String lsa_account_name; struct dom_sid2 *domain_sid = NULL; - struct samr_UserInfo21 info21; union samr_UserInfo *user_info = NULL; struct samr_PwInfo pw_info; uint32_t access_granted = 0; @@ -282,47 +341,10 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, goto done; } - convert_USER_INFO_X_to_samr_user_info21(&uX, - &info21); - - ZERO_STRUCTP(user_info); - - if (uX.usriX_password) { - - user_info->info25.info = info21; - - init_samr_CryptPasswordEx(uX.usriX_password, - &cli->user_session_key, - &user_info->info25.password); - - status = rpccli_samr_SetUserInfo2(pipe_cli, ctx, - &user_handle, - 25, - user_info); - - if (NT_STATUS_EQUAL(status, NT_STATUS(DCERPC_FAULT_INVALID_TAG))) { - - user_info->info23.info = info21; - - init_samr_CryptPassword(uX.usriX_password, - &cli->user_session_key, - &user_info->info23.password); - - status = rpccli_samr_SetUserInfo2(pipe_cli, ctx, - &user_handle, - 23, - user_info); - } - } else { - - user_info->info21 = info21; - - status = rpccli_samr_SetUserInfo(pipe_cli, ctx, - &user_handle, - 21, - user_info); - - } + status = set_user_info_USER_INFO_X(ctx, pipe_cli, + &cli->user_session_key, + &user_handle, + &uX); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto failed; -- cgit From 870944ca970f2b9484f0a36575b76f3eaeed66ee Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 00:33:16 +0200 Subject: netapi: process level 1003 in construct_USER_INFO_X as well. Guenther (This used to be commit cf381b9f08cae32b62d7bd6f7dfe5210e732eeb2) --- source3/lib/netapi/user.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 608c1a1d8d..97eb9d8002 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -111,6 +111,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_0 *u0 = NULL; struct USER_INFO_1 *u1 = NULL; struct USER_INFO_2 *u2 = NULL; + struct USER_INFO_1003 *u1003 = NULL; struct USER_INFO_1007 *u1007 = NULL; if (!buffer || !uX) { @@ -162,6 +163,10 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, uX->usriX_country_code = u2->usri2_country_code; uX->usriX_code_page = u2->usri2_code_page; break; + case 1003: + u1003 = (struct USER_INFO_1003 *)buffer; + uX->usriX_password = u1003->usri1003_password; + break; case 1007: u1007 = (struct USER_INFO_1007 *)buffer; uX->usriX_comment = u1007->usri1007_comment; -- cgit From a5fc8ee45736b39def94a2192a9b7899e60af205 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 00:33:49 +0200 Subject: netapi: support level 1003 in NetUserSetInfo. Guenther (This used to be commit 863827eb2d5210350011055dda4319070bd1c520) --- source3/lib/netapi/user.c | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 97eb9d8002..045491c541 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -1286,7 +1286,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, struct lsa_String lsa_account_name; struct dom_sid2 *domain_sid = NULL; struct samr_Ids user_rids, name_types; - union samr_UserInfo user_info; + uint32_t user_mask = 0; struct USER_INFO_X uX; @@ -1301,7 +1301,11 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, switch (r->in.level) { case 0: + case 1003: + user_mask = SAMR_USER_ACCESS_SET_PASSWORD; + break; case 1007: + user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES; break; default: werr = WERR_NOT_SUPPORTED; @@ -1354,7 +1358,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, status = rpccli_samr_OpenUser(pipe_cli, ctx, &domain_handle, - SAMR_USER_ACCESS_SET_ATTRIBUTES, + user_mask, user_rids.ids[0], &user_handle); if (!NT_STATUS_IS_OK(status)) { @@ -1368,12 +1372,10 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, goto done; } - convert_USER_INFO_X_to_samr_user_info21(&uX, &user_info.info21); - - status = rpccli_samr_SetUserInfo(pipe_cli, ctx, - &user_handle, - 21, - &user_info); + status = set_user_info_USER_INFO_X(ctx, pipe_cli, + &cli->user_session_key, + &user_handle, + &uX); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; -- cgit From 41fa94363fe1e22b4b7fc3360e9b130607b1dc12 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 00:57:07 +0200 Subject: netapi: fix convert_USER_INFO_X_to_samr_user_info21. Guenther (This used to be commit 3f726952eb9a1fed0f4a990c82a2c47a5c0775be) --- source3/lib/netapi/user.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 045491c541..d70a790b81 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -41,7 +41,7 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, ZERO_STRUCT(zero_parameters); if (infoX->usriX_name) { - fields_present |= SAMR_FIELD_FULL_NAME; + fields_present |= SAMR_FIELD_ACCOUNT_NAME; } if (infoX->usriX_password) { fields_present |= SAMR_FIELD_PASSWORD; @@ -77,8 +77,8 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, 0, 0, password_age, - NULL, infoX->usriX_name, + NULL, infoX->usriX_home_dir, NULL, infoX->usriX_script_path, -- cgit From fac81ffb42245d274e5f44cacf9e1d5b245f7516 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 01:04:21 +0200 Subject: netapi: support level 1011 in NetUserSetInfo. Guenther (This used to be commit b3680c0482ae05b32e9cf9fbddea57f0dd6e2bd3) --- source3/lib/netapi/user.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index d70a790b81..6737012ed0 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -64,6 +64,9 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, if (infoX->usriX_password_age) { fields_present |= SAMR_FIELD_FORCE_PWD_CHANGE; } + if (infoX->usriX_full_name) { + fields_present |= SAMR_FIELD_FULL_NAME; + } acct_flags |= infoX->usriX_flags | ACB_NORMAL; @@ -78,7 +81,7 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, 0, password_age, infoX->usriX_name, - NULL, + infoX->usriX_full_name, infoX->usriX_home_dir, NULL, infoX->usriX_script_path, @@ -113,6 +116,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_2 *u2 = NULL; struct USER_INFO_1003 *u1003 = NULL; struct USER_INFO_1007 *u1007 = NULL; + struct USER_INFO_1011 *u1011 = NULL; if (!buffer || !uX) { return NT_STATUS_INVALID_PARAMETER; @@ -171,6 +175,10 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, u1007 = (struct USER_INFO_1007 *)buffer; uX->usriX_comment = u1007->usri1007_comment; break; + case 1011: + u1011 = (struct USER_INFO_1011 *)buffer; + uX->usriX_full_name = u1011->usri1011_full_name; + break; case 3: case 4: default: @@ -1305,6 +1313,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, user_mask = SAMR_USER_ACCESS_SET_PASSWORD; break; case 1007: + case 1011: user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES; break; default: -- cgit From bd450a7c3a0cd20a940ce631fdb2a7724c0cdd68 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 01:15:21 +0200 Subject: netapi: support level 1009 in NetUserSetInfo. Guenther (This used to be commit 3a6c784284c8eb7e2b05afa6db16b27ee26ff352) --- source3/lib/netapi/user.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 6737012ed0..70bb353317 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -116,6 +116,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_2 *u2 = NULL; struct USER_INFO_1003 *u1003 = NULL; struct USER_INFO_1007 *u1007 = NULL; + struct USER_INFO_1009 *u1009 = NULL; struct USER_INFO_1011 *u1011 = NULL; if (!buffer || !uX) { @@ -175,6 +176,10 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, u1007 = (struct USER_INFO_1007 *)buffer; uX->usriX_comment = u1007->usri1007_comment; break; + case 1009: + u1009 = (struct USER_INFO_1009 *)buffer; + uX->usriX_script_path = u1009->usri1009_script_path; + break; case 1011: u1011 = (struct USER_INFO_1011 *)buffer; uX->usriX_full_name = u1011->usri1011_full_name; @@ -1313,6 +1318,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, user_mask = SAMR_USER_ACCESS_SET_PASSWORD; break; case 1007: + case 1009: case 1011: user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES; break; -- cgit From f1ce72a80bb48210c2fbdc62a93578a6b5c4b5b6 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 01:36:06 +0200 Subject: netapi: fix acct_flags handling in convert_USER_INFO_X_to_samr_user_info21. Guenther (This used to be commit d3625b321f666bd506603b7c58ee89cd6b902d86) --- source3/lib/netapi/user.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 70bb353317..8fa0710dc1 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -30,16 +30,18 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, struct samr_UserInfo21 *info21) { - uint32_t fields_present = SAMR_FIELD_ACCT_FLAGS; + uint32_t fields_present = 0; struct samr_LogonHours zero_logon_hours; struct lsa_BinaryString zero_parameters; - uint32_t acct_flags = 0; NTTIME password_age; ZERO_STRUCTP(info21); ZERO_STRUCT(zero_logon_hours); ZERO_STRUCT(zero_parameters); + if (infoX->usriX_flags) { + fields_present |= SAMR_FIELD_ACCT_FLAGS; + } if (infoX->usriX_name) { fields_present |= SAMR_FIELD_ACCOUNT_NAME; } @@ -68,8 +70,6 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, fields_present |= SAMR_FIELD_FULL_NAME; } - acct_flags |= infoX->usriX_flags | ACB_NORMAL; - unix_to_nt_time_abs(&password_age, infoX->usriX_password_age); /* TODO: infoX->usriX_priv */ @@ -92,7 +92,7 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, &zero_parameters, 0, 0, - acct_flags, + infoX->usriX_flags, fields_present, zero_logon_hours, 0, @@ -359,6 +359,8 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, goto done; } + uX.usriX_flags |= ACB_NORMAL; + status = set_user_info_USER_INFO_X(ctx, pipe_cli, &cli->user_session_key, &user_handle, -- cgit From 3029122f5e20671de5c440962c2a3aee3f661674 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 01:36:49 +0200 Subject: netapi: support level 1012 in NetUserSetInfo. Guenther (This used to be commit db650e9b6ead70152b2640415477bb26d0b16097) --- source3/lib/netapi/user.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 8fa0710dc1..b7581957c4 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -69,6 +69,9 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, if (infoX->usriX_full_name) { fields_present |= SAMR_FIELD_FULL_NAME; } + if (infoX->usriX_usr_comment) { + fields_present |= SAMR_FIELD_COMMENT; + } unix_to_nt_time_abs(&password_age, infoX->usriX_password_age); @@ -88,7 +91,7 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, NULL, infoX->usriX_comment, NULL, - NULL, + infoX->usriX_usr_comment, &zero_parameters, 0, 0, @@ -118,6 +121,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_1007 *u1007 = NULL; struct USER_INFO_1009 *u1009 = NULL; struct USER_INFO_1011 *u1011 = NULL; + struct USER_INFO_1012 *u1012 = NULL; if (!buffer || !uX) { return NT_STATUS_INVALID_PARAMETER; @@ -184,6 +188,10 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, u1011 = (struct USER_INFO_1011 *)buffer; uX->usriX_full_name = u1011->usri1011_full_name; break; + case 1012: + u1012 = (struct USER_INFO_1012 *)buffer; + uX->usriX_usr_comment = u1012->usri1012_usr_comment; + break; case 3: case 4: default: @@ -1324,6 +1332,9 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, case 1011: user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES; break; + case 1012: + user_mask = SAMR_USER_ACCESS_SET_LOC_COM; + break; default: werr = WERR_NOT_SUPPORTED; goto done; -- cgit From daf162ce0cb6ee1d6bb859918ad2a90bf2a51f13 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 01:40:46 +0200 Subject: netapi: support level 1006 in NetUserSetInfo. Guenther (This used to be commit 9c5ea4e8e8deb0a2be5f894fb5de96f0dea48120) --- source3/lib/netapi/user.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index b7581957c4..35e4d7a9a9 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -118,6 +118,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_1 *u1 = NULL; struct USER_INFO_2 *u2 = NULL; struct USER_INFO_1003 *u1003 = NULL; + struct USER_INFO_1006 *u1006 = NULL; struct USER_INFO_1007 *u1007 = NULL; struct USER_INFO_1009 *u1009 = NULL; struct USER_INFO_1011 *u1011 = NULL; @@ -176,6 +177,10 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, u1003 = (struct USER_INFO_1003 *)buffer; uX->usriX_password = u1003->usri1003_password; break; + case 1006: + u1006 = (struct USER_INFO_1006 *)buffer; + uX->usriX_home_dir = u1006->usri1006_home_dir; + break; case 1007: u1007 = (struct USER_INFO_1007 *)buffer; uX->usriX_comment = u1007->usri1007_comment; @@ -1327,6 +1332,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, case 1003: user_mask = SAMR_USER_ACCESS_SET_PASSWORD; break; + case 1006: case 1007: case 1009: case 1011: -- cgit From 965f947e27a9af53e4cd5167f16a17d9ae6116c0 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 01:43:52 +0200 Subject: netapi: add usriX_profile/usriX_home_dir_drive/usriX_primary_group_id to USER_INFO_X in IDL. Guenther (This used to be commit 59e27519adebd45cbd5207cfa5df212d11ca648b) --- source3/librpc/idl/libnetapi.idl | 3 +++ 1 file changed, 3 insertions(+) diff --git a/source3/librpc/idl/libnetapi.idl b/source3/librpc/idl/libnetapi.idl index 6050caba0e..71bbccb8fd 100644 --- a/source3/librpc/idl/libnetapi.idl +++ b/source3/librpc/idl/libnetapi.idl @@ -436,6 +436,9 @@ interface libnetapi string usriX_logon_server; uint32 usriX_country_code; uint32 usriX_code_page; + string usriX_profile; + string usriX_home_dir_drive; + uint32 usriX_primary_group_id; } USER_INFO_X; [nopush,nopull] NET_API_STATUS NetUserAdd( -- cgit From 58d56de1b10464778649d16b33e765878c88bb79 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 01:44:40 +0200 Subject: re-run make idl. Guenther (This used to be commit 3235ac063bca3805b749ee7ce27028a6828af3e9) --- source3/librpc/gen_ndr/libnetapi.h | 3 +++ source3/librpc/gen_ndr/ndr_libnetapi.c | 9 +++++++++ 2 files changed, 12 insertions(+) diff --git a/source3/librpc/gen_ndr/libnetapi.h b/source3/librpc/gen_ndr/libnetapi.h index 89297aead2..4426f43f7b 100644 --- a/source3/librpc/gen_ndr/libnetapi.h +++ b/source3/librpc/gen_ndr/libnetapi.h @@ -339,6 +339,9 @@ struct USER_INFO_X { const char * usriX_logon_server; uint32_t usriX_country_code; uint32_t usriX_code_page; + const char * usriX_profile; + const char * usriX_home_dir_drive; + uint32_t usriX_primary_group_id; }; struct USER_MODALS_INFO_0 { diff --git a/source3/librpc/gen_ndr/ndr_libnetapi.c b/source3/librpc/gen_ndr/ndr_libnetapi.c index 4d4a291a28..a4520b2dd4 100644 --- a/source3/librpc/gen_ndr/ndr_libnetapi.c +++ b/source3/librpc/gen_ndr/ndr_libnetapi.c @@ -1716,6 +1716,9 @@ _PUBLIC_ enum ndr_err_code ndr_push_USER_INFO_X(struct ndr_push *ndr, int ndr_fl NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->usriX_logon_server)); NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->usriX_country_code)); NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->usriX_code_page)); + NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->usriX_profile)); + NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->usriX_home_dir_drive)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->usriX_primary_group_id)); } if (ndr_flags & NDR_BUFFERS) { if (r->usriX_logon_hours) { @@ -1760,6 +1763,9 @@ _PUBLIC_ enum ndr_err_code ndr_pull_USER_INFO_X(struct ndr_pull *ndr, int ndr_fl NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->usriX_logon_server)); NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->usriX_country_code)); NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->usriX_code_page)); + NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->usriX_profile)); + NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->usriX_home_dir_drive)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->usriX_primary_group_id)); } if (ndr_flags & NDR_BUFFERS) { if (r->usriX_logon_hours) { @@ -1805,6 +1811,9 @@ _PUBLIC_ void ndr_print_USER_INFO_X(struct ndr_print *ndr, const char *name, con ndr_print_string(ndr, "usriX_logon_server", r->usriX_logon_server); ndr_print_uint32(ndr, "usriX_country_code", r->usriX_country_code); ndr_print_uint32(ndr, "usriX_code_page", r->usriX_code_page); + ndr_print_string(ndr, "usriX_profile", r->usriX_profile); + ndr_print_string(ndr, "usriX_home_dir_drive", r->usriX_home_dir_drive); + ndr_print_uint32(ndr, "usriX_primary_group_id", r->usriX_primary_group_id); ndr->depth--; } -- cgit From 49db2e0ae18b9aac34faa00ef9f2a84461d13678 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 01:47:33 +0200 Subject: netapi: support level 1052 in NetUserSetInfo. Guenther (This used to be commit ff8dede3b369d39ec5638eec8a73bd6397e3d94b) --- source3/lib/netapi/user.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 35e4d7a9a9..c68fe37344 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -72,6 +72,9 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, if (infoX->usriX_usr_comment) { fields_present |= SAMR_FIELD_COMMENT; } + if (infoX->usriX_profile) { + fields_present |= SAMR_FIELD_PROFILE_PATH; + } unix_to_nt_time_abs(&password_age, infoX->usriX_password_age); @@ -88,7 +91,7 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, infoX->usriX_home_dir, NULL, infoX->usriX_script_path, - NULL, + infoX->usriX_profile, infoX->usriX_comment, NULL, infoX->usriX_usr_comment, @@ -123,6 +126,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_1009 *u1009 = NULL; struct USER_INFO_1011 *u1011 = NULL; struct USER_INFO_1012 *u1012 = NULL; + struct USER_INFO_1052 *u1052 = NULL; if (!buffer || !uX) { return NT_STATUS_INVALID_PARAMETER; @@ -197,6 +201,11 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, u1012 = (struct USER_INFO_1012 *)buffer; uX->usriX_usr_comment = u1012->usri1012_usr_comment; break; + case 1052: + u1052 = (struct USER_INFO_1052 *)buffer; + uX->usriX_profile = u1052->usri1052_profile; + break; + case 3: case 4: default: @@ -1336,6 +1345,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, case 1007: case 1009: case 1011: + case 1052: user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES; break; case 1012: -- cgit From 3077047a17f2d852f3d6908cd1e48783df954448 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 01:53:10 +0200 Subject: netapi: support level 1053 in NetUserSetInfo. Guenther (This used to be commit 039904f601755678fcbdef7d6bdc1c6da0082b83) --- source3/lib/netapi/user.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index c68fe37344..5aff7f0d1e 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -75,6 +75,9 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, if (infoX->usriX_profile) { fields_present |= SAMR_FIELD_PROFILE_PATH; } + if (infoX->usriX_home_dir_drive) { + fields_present |= SAMR_FIELD_HOME_DRIVE; + } unix_to_nt_time_abs(&password_age, infoX->usriX_password_age); @@ -89,7 +92,7 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, infoX->usriX_name, infoX->usriX_full_name, infoX->usriX_home_dir, - NULL, + infoX->usriX_home_dir_drive, infoX->usriX_script_path, infoX->usriX_profile, infoX->usriX_comment, @@ -127,6 +130,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_1011 *u1011 = NULL; struct USER_INFO_1012 *u1012 = NULL; struct USER_INFO_1052 *u1052 = NULL; + struct USER_INFO_1053 *u1053 = NULL; if (!buffer || !uX) { return NT_STATUS_INVALID_PARAMETER; @@ -205,7 +209,10 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, u1052 = (struct USER_INFO_1052 *)buffer; uX->usriX_profile = u1052->usri1052_profile; break; - + case 1053: + u1053 = (struct USER_INFO_1053 *)buffer; + uX->usriX_home_dir_drive = u1053->usri1053_home_dir_drive; + break; case 3: case 4: default: @@ -1346,6 +1353,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, case 1009: case 1011: case 1052: + case 1053: user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES; break; case 1012: -- cgit From 4874a8b3b8ce755eca62eb28a4416703db866606 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 02:02:30 +0200 Subject: netapi: support level 1051 in NetUserSetInfo. Guenther (This used to be commit 8da3b1cacb4ffa7ce8932dc0e9ceb78395d49b98) --- source3/lib/netapi/user.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 5aff7f0d1e..51c946bf6d 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -78,6 +78,9 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, if (infoX->usriX_home_dir_drive) { fields_present |= SAMR_FIELD_HOME_DRIVE; } + if (infoX->usriX_primary_group_id) { + fields_present |= SAMR_FIELD_PRIMARY_GID; + } unix_to_nt_time_abs(&password_age, infoX->usriX_password_age); @@ -100,7 +103,7 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, infoX->usriX_usr_comment, &zero_parameters, 0, - 0, + infoX->usriX_primary_group_id, infoX->usriX_flags, fields_present, zero_logon_hours, @@ -129,6 +132,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_1009 *u1009 = NULL; struct USER_INFO_1011 *u1011 = NULL; struct USER_INFO_1012 *u1012 = NULL; + struct USER_INFO_1051 *u1051 = NULL; struct USER_INFO_1052 *u1052 = NULL; struct USER_INFO_1053 *u1053 = NULL; @@ -205,6 +209,10 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, u1012 = (struct USER_INFO_1012 *)buffer; uX->usriX_usr_comment = u1012->usri1012_usr_comment; break; + case 1051: + u1051 = (struct USER_INFO_1051 *)buffer; + uX->usriX_primary_group_id = u1051->usri1051_primary_group_id; + break; case 1052: u1052 = (struct USER_INFO_1052 *)buffer; uX->usriX_profile = u1052->usri1052_profile; @@ -1358,6 +1366,9 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, break; case 1012: user_mask = SAMR_USER_ACCESS_SET_LOC_COM; + case 1051: + user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES | + SAMR_USER_ACCESS_GET_GROUPS; break; default: werr = WERR_NOT_SUPPORTED; -- cgit From 502036e730902d26e384dc12faa517d1758f2925 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 02:11:54 +0200 Subject: netapi: support level 1024 in NetUserSetInfo. Guenther (This used to be commit 84bc7bf1adcde270ad20bba67345c0beed0b1d66) --- source3/lib/netapi/user.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 51c946bf6d..b67c5525d2 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -81,6 +81,9 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, if (infoX->usriX_primary_group_id) { fields_present |= SAMR_FIELD_PRIMARY_GID; } + if (infoX->usriX_country_code) { + fields_present |= SAMR_FIELD_COUNTRY_CODE; + } unix_to_nt_time_abs(&password_age, infoX->usriX_password_age); @@ -109,7 +112,7 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, zero_logon_hours, 0, 0, - 0, + infoX->usriX_country_code, 0, 0, 0, @@ -132,6 +135,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_1009 *u1009 = NULL; struct USER_INFO_1011 *u1011 = NULL; struct USER_INFO_1012 *u1012 = NULL; + struct USER_INFO_1024 *u1024 = NULL; struct USER_INFO_1051 *u1051 = NULL; struct USER_INFO_1052 *u1052 = NULL; struct USER_INFO_1053 *u1053 = NULL; @@ -209,6 +213,10 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, u1012 = (struct USER_INFO_1012 *)buffer; uX->usriX_usr_comment = u1012->usri1012_usr_comment; break; + case 1024: + u1024 = (struct USER_INFO_1024 *)buffer; + uX->usriX_country_code = u1024->usri1024_country_code; + break; case 1051: u1051 = (struct USER_INFO_1051 *)buffer; uX->usriX_primary_group_id = u1051->usri1051_primary_group_id; @@ -1365,6 +1373,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES; break; case 1012: + case 1024: user_mask = SAMR_USER_ACCESS_SET_LOC_COM; case 1051: user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES | -- cgit From da843841be1aa796ca4d7b27e867cd0f49edc7c7 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 02:18:30 +0200 Subject: netapi: support level 1014 in NetUserSetInfo. Guenther (This used to be commit 38178965a2f641978b666452f86fdcd258e8709b) --- source3/lib/netapi/user.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index b67c5525d2..dba7542235 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -84,6 +84,9 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, if (infoX->usriX_country_code) { fields_present |= SAMR_FIELD_COUNTRY_CODE; } + if (infoX->usriX_workstations) { + fields_present |= SAMR_FIELD_WORKSTATIONS; + } unix_to_nt_time_abs(&password_age, infoX->usriX_password_age); @@ -102,7 +105,7 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, infoX->usriX_script_path, infoX->usriX_profile, infoX->usriX_comment, - NULL, + infoX->usriX_workstations, infoX->usriX_usr_comment, &zero_parameters, 0, @@ -135,6 +138,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_1009 *u1009 = NULL; struct USER_INFO_1011 *u1011 = NULL; struct USER_INFO_1012 *u1012 = NULL; + struct USER_INFO_1014 *u1014 = NULL; struct USER_INFO_1024 *u1024 = NULL; struct USER_INFO_1051 *u1051 = NULL; struct USER_INFO_1052 *u1052 = NULL; @@ -213,6 +217,10 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, u1012 = (struct USER_INFO_1012 *)buffer; uX->usriX_usr_comment = u1012->usri1012_usr_comment; break; + case 1014: + u1014 = (struct USER_INFO_1014 *)buffer; + uX->usriX_workstations = u1014->usri1014_workstations; + break; case 1024: u1024 = (struct USER_INFO_1024 *)buffer; uX->usriX_country_code = u1024->usri1024_country_code; @@ -1368,6 +1376,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, case 1007: case 1009: case 1011: + case 1014: case 1052: case 1053: user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES; -- cgit From badc46d16e496875acd1e81c7a13e82d520997f9 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 11:14:15 +0200 Subject: net: use netapi function to list users. Guenther (This used to be commit 6bc8e229192f0bdd1154c6dd0901e4c739647c90) --- source3/utils/net_rpc.c | 96 +++++++++++++++++-------------------------------- 1 file changed, 33 insertions(+), 63 deletions(-) diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 148d243ef8..6b254907e1 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -1008,80 +1008,54 @@ static int rpc_user_info(struct net_context *c, int argc, const char **argv) * @return Normal NTSTATUS return. **/ -static NTSTATUS rpc_user_list_internals(struct net_context *c, - const DOM_SID *domain_sid, - const char *domain_name, - struct cli_state *cli, - struct rpc_pipe_client *pipe_hnd, - TALLOC_CTX *mem_ctx, - int argc, - const char **argv) +static int rpc_user_list(struct net_context *c, int argc, const char **argv) { - POLICY_HND connect_pol, domain_pol; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - uint32 start_idx=0, num_entries, i, loop_count = 0; - - /* Get sam policy handle */ - - result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, - pipe_hnd->desthost, - MAXIMUM_ALLOWED_ACCESS, - &connect_pol); - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - /* Get domain policy handle */ - - result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, - &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - CONST_DISCARD(struct dom_sid2 *, domain_sid), - &domain_pol); - if (!NT_STATUS_IS_OK(result)) { - goto done; - } + NET_API_STATUS status; + uint32_t start_idx=0, num_entries, i, loop_count = 0; + struct NET_DISPLAY_USER *info = NULL; + void *buffer = NULL; /* Query domain users */ if (c->opt_long_list_entries) d_printf("\nUser name Comment" "\n-----------------------------\n"); do { - const char *user = NULL; - const char *desc = NULL; - uint32 max_entries, max_size; - uint32_t total_size, returned_size; - union samr_DispInfo info; + uint32_t max_entries, max_size; get_query_dispinfo_params( loop_count, &max_entries, &max_size); - result = rpccli_samr_QueryDisplayInfo(pipe_hnd, mem_ctx, - &domain_pol, - 1, - start_idx, - max_entries, - max_size, - &total_size, - &returned_size, - &info); - loop_count++; - start_idx += info.info1.count; - num_entries = info.info1.count; + status = NetQueryDisplayInformation(c->opt_host, + 1, + start_idx, + max_entries, + max_size, + &num_entries, + &buffer); + if (status != 0 && status != ERROR_MORE_DATA) { + return status; + } + + info = (struct NET_DISPLAY_USER *)buffer; for (i = 0; i < num_entries; i++) { - user = info.info1.entries[i].account_name.string; - if (c->opt_long_list_entries) - desc = info.info1.entries[i].description.string; + if (c->opt_long_list_entries) - printf("%-21.21s %s\n", user, desc); + printf("%-21.21s %s\n", info->usri1_name, + info->usri1_comment); else - printf("%s\n", user); + printf("%s\n", info->usri1_name); + info++; } - } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); - done: - return result; + NetApiBufferFree(buffer); + + loop_count++; + start_idx += num_entries; + + } while (status == ERROR_MORE_DATA); + + return status; } /** @@ -1158,9 +1132,7 @@ int net_rpc_user(struct net_context *c, int argc, const char **argv) return 0; } - return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0, - rpc_user_list_internals, - argc, argv); + return rpc_user_list(c, argc, argv); } return net_run_function(c, argc, argv, "net rpc user", func); @@ -1172,9 +1144,7 @@ static NTSTATUS rpc_sh_user_list(struct net_context *c, struct rpc_pipe_client *pipe_hnd, int argc, const char **argv) { - return rpc_user_list_internals(c, ctx->domain_sid, ctx->domain_name, - ctx->cli, pipe_hnd, mem_ctx, - argc, argv); + return werror_to_ntstatus(W_ERROR(rpc_user_list(c, argc, argv))); } static NTSTATUS rpc_sh_user_info(struct net_context *c, -- cgit From e2945c38f1977c00b194b50b562d4bb9edaf4e62 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 11:19:49 +0200 Subject: net: use netapi function to set user password. Guenther (This used to be commit f31fd1e112ec6477ae0e0eeeede0317c0cdfcbfd) --- source3/utils/net_rpc.c | 131 +++++++----------------------------------------- 1 file changed, 18 insertions(+), 113 deletions(-) diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 6b254907e1..9e62dcd652 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -725,141 +725,46 @@ static int rpc_user_delete(struct net_context *c, int argc, const char **argv) } /** - * Set a password for a user on a remote RPC server. - * - * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passed through. + * Set a user's password on a remote RPC server. * - * @param domain_sid The domain sid acquired from the remote server. - * @param cli A cli_state connected to the server. - * @param mem_ctx Talloc context, destroyed on completion of the function. * @param argc Standard main() style argc. * @param argv Standard main() style argv. Initial components are already * stripped. * - * @return Normal NTSTATUS return. + * @return A shell status integer (0 for success). **/ -static NTSTATUS rpc_user_password_internals(struct net_context *c, - const DOM_SID *domain_sid, - const char *domain_name, - struct cli_state *cli, - struct rpc_pipe_client *pipe_hnd, - TALLOC_CTX *mem_ctx, - int argc, - const char **argv) +static int rpc_user_password(struct net_context *c, int argc, const char **argv) { - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - POLICY_HND connect_pol, domain_pol, user_pol; - const char *user; - const char *new_password; + NET_API_STATUS status; char *prompt = NULL; - union samr_UserInfo info; - struct samr_CryptPassword crypt_pwd; + struct USER_INFO_1003 u1003; + uint32_t parm_err = 0; if (argc < 1 || c->display_usage) { rpc_user_usage(c, argc, argv); - return NT_STATUS_OK; + return 0; } - user = argv[0]; - if (argv[1]) { - new_password = argv[1]; + u1003.usri1003_password = argv[1]; } else { - asprintf(&prompt, "Enter new password for %s:", user); - new_password = getpass(prompt); + asprintf(&prompt, "Enter new password for %s:", argv[0]); + u1003.usri1003_password = getpass(prompt); SAFE_FREE(prompt); } - /* Get sam policy and domain handles */ - - result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, - pipe_hnd->desthost, - MAXIMUM_ALLOWED_ACCESS, - &connect_pol); - - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, - &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - CONST_DISCARD(struct dom_sid2 *, domain_sid), - &domain_pol); - - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - /* Get handle on user */ - - { - struct samr_Ids user_rids, name_types; - struct lsa_String lsa_acct_name; - - init_lsa_String(&lsa_acct_name, user); - - result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx, - &domain_pol, - 1, - &lsa_acct_name, - &user_rids, - &name_types); - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx, - &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - user_rids.ids[0], - &user_pol); - - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - } - - /* Set password on account */ - - init_samr_CryptPassword(new_password, - &cli->user_session_key, - &crypt_pwd); - - init_samr_user_info24(&info.info24, crypt_pwd.data, 24); - - result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx, - &user_pol, - 24, - &info); - - if (!NT_STATUS_IS_OK(result)) { - goto done; - } + status = NetUserSetInfo(c->opt_host, argv[0], 1003, (uint8_t *)&u1003, &parm_err); /* Display results */ + if (status != 0) { + d_fprintf(stderr, "Failed to set password for '%s' with: %s.\n", + argv[0], libnetapi_get_error_string(c->netapi_ctx, + status)); + return -1; + } - done: - return result; - -} - -/** - * Set a user's password on a remote RPC server. - * - * @param argc Standard main() style argc. - * @param argv Standard main() style argv. Initial components are already - * stripped. - * - * @return A shell status integer (0 for success). - **/ - -static int rpc_user_password(struct net_context *c, int argc, const char **argv) -{ - return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0, - rpc_user_password_internals, argc, argv); + return 0; } /** -- cgit From c5b924b4e77ad749ae0c7ad5090f8c37a52a1100 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 11:47:39 +0200 Subject: netapi: add NetUserGetGroups to IDL. Guenther (This used to be commit 4d15d1ff20dee216b2fc064bc19712bd3a9cec70) --- source3/librpc/idl/libnetapi.idl | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) diff --git a/source3/librpc/idl/libnetapi.idl b/source3/librpc/idl/libnetapi.idl index 71bbccb8fd..b9d94edf9a 100644 --- a/source3/librpc/idl/libnetapi.idl +++ b/source3/librpc/idl/libnetapi.idl @@ -512,6 +512,29 @@ interface libnetapi [out] uint32 *parm_err ); + /*******************************************/ + /* NetUserGetGroups */ + /*******************************************/ + + [public] typedef struct { + string grui0_name; + } GROUP_USERS_INFO_0; + + [public] typedef struct { + string grui1_name; + uint32 grui1_attributes; + } GROUP_USERS_INFO_1; + + [nopush,nopull] NET_API_STATUS NetUserGetGroups( + [in] string server_name, + [in] string user_name, + [in] uint32 level, + [out] uint8 **buffer, + [in] uint32 prefmaxlen, + [out,ref] uint32 *entries_read, + [out,ref] uint32 *total_entries + ); + /*******************************************/ /* NetUserModalsGet */ /*******************************************/ @@ -738,15 +761,6 @@ interface libnetapi /* NetGroupGetUsers */ /*******************************************/ - [public] typedef struct { - string grui0_name; - } GROUP_USERS_INFO_0; - - [public] typedef struct { - string grui1_name; - uint32 grui1_attributes; - } GROUP_USERS_INFO_1; - [nopush,nopull] NET_API_STATUS NetGroupGetUsers( [in] string server_name, [in] string group_name, -- cgit From f7f6c2529b0f37edf64fe33290b9f71ebec399ff Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 11:48:06 +0200 Subject: re-run make idl. Guenther (This used to be commit 334a90072318407313057b1c2df5e367e957309b) --- source3/librpc/gen_ndr/libnetapi.h | 36 +++++-- source3/librpc/gen_ndr/ndr_libnetapi.c | 168 ++++++++++++++++++++------------- source3/librpc/gen_ndr/ndr_libnetapi.h | 61 ++++++------ 3 files changed, 165 insertions(+), 100 deletions(-) diff --git a/source3/librpc/gen_ndr/libnetapi.h b/source3/librpc/gen_ndr/libnetapi.h index 4426f43f7b..ed99c5d189 100644 --- a/source3/librpc/gen_ndr/libnetapi.h +++ b/source3/librpc/gen_ndr/libnetapi.h @@ -344,6 +344,15 @@ struct USER_INFO_X { uint32_t usriX_primary_group_id; }; +struct GROUP_USERS_INFO_0 { + const char * grui0_name; +}; + +struct GROUP_USERS_INFO_1 { + const char * grui1_name; + uint32_t grui1_attributes; +}; + struct USER_MODALS_INFO_0 { uint32_t usrmod0_min_passwd_len; uint32_t usrmod0_max_passwd_age; @@ -452,15 +461,6 @@ struct GROUP_INFO_1005 { uint32_t grpi1005_attributes; }; -struct GROUP_USERS_INFO_0 { - const char * grui0_name; -}; - -struct GROUP_USERS_INFO_1 { - const char * grui1_name; - uint32_t grui1_attributes; -}; - struct LOCALGROUP_INFO_0 { const char * lgrpi0_name; }; @@ -770,6 +770,24 @@ struct NetUserSetInfo { }; +struct NetUserGetGroups { + struct { + const char * server_name; + const char * user_name; + uint32_t level; + uint32_t prefmaxlen; + } in; + + struct { + uint8_t **buffer;/* [ref] */ + uint32_t *entries_read;/* [ref] */ + uint32_t *total_entries;/* [ref] */ + enum NET_API_STATUS result; + } out; + +}; + + struct NetUserModalsGet { struct { const char * server_name; diff --git a/source3/librpc/gen_ndr/ndr_libnetapi.c b/source3/librpc/gen_ndr/ndr_libnetapi.c index a4520b2dd4..941d4aa9ed 100644 --- a/source3/librpc/gen_ndr/ndr_libnetapi.c +++ b/source3/librpc/gen_ndr/ndr_libnetapi.c @@ -1817,6 +1817,69 @@ _PUBLIC_ void ndr_print_USER_INFO_X(struct ndr_print *ndr, const char *name, con ndr->depth--; } +_PUBLIC_ enum ndr_err_code ndr_push_GROUP_USERS_INFO_0(struct ndr_push *ndr, int ndr_flags, const struct GROUP_USERS_INFO_0 *r) +{ + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->grui0_name)); + } + if (ndr_flags & NDR_BUFFERS) { + } + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ enum ndr_err_code ndr_pull_GROUP_USERS_INFO_0(struct ndr_pull *ndr, int ndr_flags, struct GROUP_USERS_INFO_0 *r) +{ + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->grui0_name)); + } + if (ndr_flags & NDR_BUFFERS) { + } + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ void ndr_print_GROUP_USERS_INFO_0(struct ndr_print *ndr, const char *name, const struct GROUP_USERS_INFO_0 *r) +{ + ndr_print_struct(ndr, name, "GROUP_USERS_INFO_0"); + ndr->depth++; + ndr_print_string(ndr, "grui0_name", r->grui0_name); + ndr->depth--; +} + +_PUBLIC_ enum ndr_err_code ndr_push_GROUP_USERS_INFO_1(struct ndr_push *ndr, int ndr_flags, const struct GROUP_USERS_INFO_1 *r) +{ + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->grui1_name)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->grui1_attributes)); + } + if (ndr_flags & NDR_BUFFERS) { + } + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ enum ndr_err_code ndr_pull_GROUP_USERS_INFO_1(struct ndr_pull *ndr, int ndr_flags, struct GROUP_USERS_INFO_1 *r) +{ + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->grui1_name)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->grui1_attributes)); + } + if (ndr_flags & NDR_BUFFERS) { + } + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ void ndr_print_GROUP_USERS_INFO_1(struct ndr_print *ndr, const char *name, const struct GROUP_USERS_INFO_1 *r) +{ + ndr_print_struct(ndr, name, "GROUP_USERS_INFO_1"); + ndr->depth++; + ndr_print_string(ndr, "grui1_name", r->grui1_name); + ndr_print_uint32(ndr, "grui1_attributes", r->grui1_attributes); + ndr->depth--; +} + _PUBLIC_ enum ndr_err_code ndr_push_NET_DISPLAY_USER(struct ndr_push *ndr, int ndr_flags, const struct NET_DISPLAY_USER *r) { if (ndr_flags & NDR_SCALARS) { @@ -1946,69 +2009,6 @@ _PUBLIC_ void ndr_print_NET_DISPLAY_GROUP(struct ndr_print *ndr, const char *nam ndr->depth--; } -_PUBLIC_ enum ndr_err_code ndr_push_GROUP_USERS_INFO_0(struct ndr_push *ndr, int ndr_flags, const struct GROUP_USERS_INFO_0 *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->grui0_name)); - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ enum ndr_err_code ndr_pull_GROUP_USERS_INFO_0(struct ndr_pull *ndr, int ndr_flags, struct GROUP_USERS_INFO_0 *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->grui0_name)); - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ void ndr_print_GROUP_USERS_INFO_0(struct ndr_print *ndr, const char *name, const struct GROUP_USERS_INFO_0 *r) -{ - ndr_print_struct(ndr, name, "GROUP_USERS_INFO_0"); - ndr->depth++; - ndr_print_string(ndr, "grui0_name", r->grui0_name); - ndr->depth--; -} - -_PUBLIC_ enum ndr_err_code ndr_push_GROUP_USERS_INFO_1(struct ndr_push *ndr, int ndr_flags, const struct GROUP_USERS_INFO_1 *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->grui1_name)); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->grui1_attributes)); - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ enum ndr_err_code ndr_pull_GROUP_USERS_INFO_1(struct ndr_pull *ndr, int ndr_flags, struct GROUP_USERS_INFO_1 *r) -{ - if (ndr_flags & NDR_SCALARS) { - NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->grui1_name)); - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->grui1_attributes)); - } - if (ndr_flags & NDR_BUFFERS) { - } - return NDR_ERR_SUCCESS; -} - -_PUBLIC_ void ndr_print_GROUP_USERS_INFO_1(struct ndr_print *ndr, const char *name, const struct GROUP_USERS_INFO_1 *r) -{ - ndr_print_struct(ndr, name, "GROUP_USERS_INFO_1"); - ndr->depth++; - ndr_print_string(ndr, "grui1_name", r->grui1_name); - ndr_print_uint32(ndr, "grui1_attributes", r->grui1_attributes); - ndr->depth--; -} - _PUBLIC_ void ndr_print_NetJoinDomain(struct ndr_print *ndr, const char *name, int flags, const struct NetJoinDomain *r) { ndr_print_struct(ndr, name, "NetJoinDomain"); @@ -2622,6 +2622,48 @@ _PUBLIC_ void ndr_print_NetUserSetInfo(struct ndr_print *ndr, const char *name, ndr->depth--; } +_PUBLIC_ void ndr_print_NetUserGetGroups(struct ndr_print *ndr, const char *name, int flags, const struct NetUserGetGroups *r) +{ + ndr_print_struct(ndr, name, "NetUserGetGroups"); + ndr->depth++; + if (flags & NDR_SET_VALUES) { + ndr->flags |= LIBNDR_PRINT_SET_VALUES; + } + if (flags & NDR_IN) { + ndr_print_struct(ndr, "in", "NetUserGetGroups"); + ndr->depth++; + ndr_print_string(ndr, "server_name", r->in.server_name); + ndr_print_string(ndr, "user_name", r->in.user_name); + ndr_print_uint32(ndr, "level", r->in.level); + ndr_print_uint32(ndr, "prefmaxlen", r->in.prefmaxlen); + ndr->depth--; + } + if (flags & NDR_OUT) { + ndr_print_struct(ndr, "out", "NetUserGetGroups"); + ndr->depth++; + ndr_print_ptr(ndr, "buffer", r->out.buffer); + ndr->depth++; + ndr_print_ptr(ndr, "buffer", *r->out.buffer); + ndr->depth++; + if (*r->out.buffer) { + ndr_print_uint8(ndr, "buffer", **r->out.buffer); + } + ndr->depth--; + ndr->depth--; + ndr_print_ptr(ndr, "entries_read", r->out.entries_read); + ndr->depth++; + ndr_print_uint32(ndr, "entries_read", *r->out.entries_read); + ndr->depth--; + ndr_print_ptr(ndr, "total_entries", r->out.total_entries); + ndr->depth++; + ndr_print_uint32(ndr, "total_entries", *r->out.total_entries); + ndr->depth--; + ndr_print_NET_API_STATUS(ndr, "result", r->out.result); + ndr->depth--; + } + ndr->depth--; +} + _PUBLIC_ void ndr_print_NetUserModalsGet(struct ndr_print *ndr, const char *name, int flags, const struct NetUserModalsGet *r) { ndr_print_struct(ndr, name, "NetUserModalsGet"); diff --git a/source3/librpc/gen_ndr/ndr_libnetapi.h b/source3/librpc/gen_ndr/ndr_libnetapi.h index 9b5d8e7c35..456a3e6e31 100644 --- a/source3/librpc/gen_ndr/ndr_libnetapi.h +++ b/source3/librpc/gen_ndr/ndr_libnetapi.h @@ -36,49 +36,51 @@ #define NDR_NETUSERSETINFO (0x0e) -#define NDR_NETUSERMODALSGET (0x0f) +#define NDR_NETUSERGETGROUPS (0x0f) -#define NDR_NETUSERMODALSSET (0x10) +#define NDR_NETUSERMODALSGET (0x10) -#define NDR_NETQUERYDISPLAYINFORMATION (0x11) +#define NDR_NETUSERMODALSSET (0x11) -#define NDR_NETGROUPADD (0x12) +#define NDR_NETQUERYDISPLAYINFORMATION (0x12) -#define NDR_NETGROUPDEL (0x13) +#define NDR_NETGROUPADD (0x13) -#define NDR_NETGROUPENUM (0x14) +#define NDR_NETGROUPDEL (0x14) -#define NDR_NETGROUPSETINFO (0x15) +#define NDR_NETGROUPENUM (0x15) -#define NDR_NETGROUPGETINFO (0x16) +#define NDR_NETGROUPSETINFO (0x16) -#define NDR_NETGROUPADDUSER (0x17) +#define NDR_NETGROUPGETINFO (0x17) -#define NDR_NETGROUPDELUSER (0x18) +#define NDR_NETGROUPADDUSER (0x18) -#define NDR_NETGROUPGETUSERS (0x19) +#define NDR_NETGROUPDELUSER (0x19) -#define NDR_NETLOCALGROUPADD (0x1a) +#define NDR_NETGROUPGETUSERS (0x1a) -#define NDR_NETLOCALGROUPDEL (0x1b) +#define NDR_NETLOCALGROUPADD (0x1b) -#define NDR_NETLOCALGROUPGETINFO (0x1c) +#define NDR_NETLOCALGROUPDEL (0x1c) -#define NDR_NETLOCALGROUPSETINFO (0x1d) +#define NDR_NETLOCALGROUPGETINFO (0x1d) -#define NDR_NETLOCALGROUPENUM (0x1e) +#define NDR_NETLOCALGROUPSETINFO (0x1e) -#define NDR_NETLOCALGROUPADDMEMBERS (0x1f) +#define NDR_NETLOCALGROUPENUM (0x1f) -#define NDR_NETLOCALGROUPDELMEMBERS (0x20) +#define NDR_NETLOCALGROUPADDMEMBERS (0x20) -#define NDR_NETLOCALGROUPGETMEMBERS (0x21) +#define NDR_NETLOCALGROUPDELMEMBERS (0x21) -#define NDR_NETLOCALGROUPSETMEMBERS (0x22) +#define NDR_NETLOCALGROUPGETMEMBERS (0x22) -#define NDR_NETREMOTETOD (0x23) +#define NDR_NETLOCALGROUPSETMEMBERS (0x23) -#define NDR_LIBNETAPI_CALL_COUNT (36) +#define NDR_NETREMOTETOD (0x24) + +#define NDR_LIBNETAPI_CALL_COUNT (37) enum ndr_err_code ndr_push_NET_API_STATUS(struct ndr_push *ndr, int ndr_flags, enum NET_API_STATUS r); enum ndr_err_code ndr_pull_NET_API_STATUS(struct ndr_pull *ndr, int ndr_flags, enum NET_API_STATUS *r); void ndr_print_NET_API_STATUS(struct ndr_print *ndr, const char *name, enum NET_API_STATUS r); @@ -187,6 +189,12 @@ void ndr_print_USER_INFO_1053(struct ndr_print *ndr, const char *name, const str enum ndr_err_code ndr_push_USER_INFO_X(struct ndr_push *ndr, int ndr_flags, const struct USER_INFO_X *r); enum ndr_err_code ndr_pull_USER_INFO_X(struct ndr_pull *ndr, int ndr_flags, struct USER_INFO_X *r); void ndr_print_USER_INFO_X(struct ndr_print *ndr, const char *name, const struct USER_INFO_X *r); +enum ndr_err_code ndr_push_GROUP_USERS_INFO_0(struct ndr_push *ndr, int ndr_flags, const struct GROUP_USERS_INFO_0 *r); +enum ndr_err_code ndr_pull_GROUP_USERS_INFO_0(struct ndr_pull *ndr, int ndr_flags, struct GROUP_USERS_INFO_0 *r); +void ndr_print_GROUP_USERS_INFO_0(struct ndr_print *ndr, const char *name, const struct GROUP_USERS_INFO_0 *r); +enum ndr_err_code ndr_push_GROUP_USERS_INFO_1(struct ndr_push *ndr, int ndr_flags, const struct GROUP_USERS_INFO_1 *r); +enum ndr_err_code ndr_pull_GROUP_USERS_INFO_1(struct ndr_pull *ndr, int ndr_flags, struct GROUP_USERS_INFO_1 *r); +void ndr_print_GROUP_USERS_INFO_1(struct ndr_print *ndr, const char *name, const struct GROUP_USERS_INFO_1 *r); enum ndr_err_code ndr_push_NET_DISPLAY_USER(struct ndr_push *ndr, int ndr_flags, const struct NET_DISPLAY_USER *r); enum ndr_err_code ndr_pull_NET_DISPLAY_USER(struct ndr_pull *ndr, int ndr_flags, struct NET_DISPLAY_USER *r); void ndr_print_NET_DISPLAY_USER(struct ndr_print *ndr, const char *name, const struct NET_DISPLAY_USER *r); @@ -196,12 +204,6 @@ void ndr_print_NET_DISPLAY_MACHINE(struct ndr_print *ndr, const char *name, cons enum ndr_err_code ndr_push_NET_DISPLAY_GROUP(struct ndr_push *ndr, int ndr_flags, const struct NET_DISPLAY_GROUP *r); enum ndr_err_code ndr_pull_NET_DISPLAY_GROUP(struct ndr_pull *ndr, int ndr_flags, struct NET_DISPLAY_GROUP *r); void ndr_print_NET_DISPLAY_GROUP(struct ndr_print *ndr, const char *name, const struct NET_DISPLAY_GROUP *r); -enum ndr_err_code ndr_push_GROUP_USERS_INFO_0(struct ndr_push *ndr, int ndr_flags, const struct GROUP_USERS_INFO_0 *r); -enum ndr_err_code ndr_pull_GROUP_USERS_INFO_0(struct ndr_pull *ndr, int ndr_flags, struct GROUP_USERS_INFO_0 *r); -void ndr_print_GROUP_USERS_INFO_0(struct ndr_print *ndr, const char *name, const struct GROUP_USERS_INFO_0 *r); -enum ndr_err_code ndr_push_GROUP_USERS_INFO_1(struct ndr_push *ndr, int ndr_flags, const struct GROUP_USERS_INFO_1 *r); -enum ndr_err_code ndr_pull_GROUP_USERS_INFO_1(struct ndr_pull *ndr, int ndr_flags, struct GROUP_USERS_INFO_1 *r); -void ndr_print_GROUP_USERS_INFO_1(struct ndr_print *ndr, const char *name, const struct GROUP_USERS_INFO_1 *r); enum ndr_err_code ndr_push_NetJoinDomain(struct ndr_push *ndr, int flags, const struct NetJoinDomain *r); enum ndr_err_code ndr_pull_NetJoinDomain(struct ndr_pull *ndr, int flags, struct NetJoinDomain *r); void ndr_print_NetJoinDomain(struct ndr_print *ndr, const char *name, int flags, const struct NetJoinDomain *r); @@ -247,6 +249,9 @@ void ndr_print_NetUserGetInfo(struct ndr_print *ndr, const char *name, int flags enum ndr_err_code ndr_push_NetUserSetInfo(struct ndr_push *ndr, int flags, const struct NetUserSetInfo *r); enum ndr_err_code ndr_pull_NetUserSetInfo(struct ndr_pull *ndr, int flags, struct NetUserSetInfo *r); void ndr_print_NetUserSetInfo(struct ndr_print *ndr, const char *name, int flags, const struct NetUserSetInfo *r); +enum ndr_err_code ndr_push_NetUserGetGroups(struct ndr_push *ndr, int flags, const struct NetUserGetGroups *r); +enum ndr_err_code ndr_pull_NetUserGetGroups(struct ndr_pull *ndr, int flags, struct NetUserGetGroups *r); +void ndr_print_NetUserGetGroups(struct ndr_print *ndr, const char *name, int flags, const struct NetUserGetGroups *r); enum ndr_err_code ndr_push_NetUserModalsGet(struct ndr_push *ndr, int flags, const struct NetUserModalsGet *r); enum ndr_err_code ndr_pull_NetUserModalsGet(struct ndr_pull *ndr, int flags, struct NetUserModalsGet *r); void ndr_print_NetUserModalsGet(struct ndr_print *ndr, const char *name, int flags, const struct NetUserModalsGet *r); -- cgit From 3967936a4b38252ee9821608da637bb309479201 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 11:49:55 +0200 Subject: netapi: add skeleton for NetUserGetGroups. Guenther (This used to be commit a21ec57b2887012777f9580959a37cd23a412029) --- source3/lib/netapi/libnetapi.c | 52 ++++++++++++++++++++++++++++++++++++++++++ source3/lib/netapi/libnetapi.h | 11 +++++++++ source3/lib/netapi/user.c | 18 +++++++++++++++ 3 files changed, 81 insertions(+) diff --git a/source3/lib/netapi/libnetapi.c b/source3/lib/netapi/libnetapi.c index 5fe48077a8..4b87bbcdf4 100644 --- a/source3/lib/netapi/libnetapi.c +++ b/source3/lib/netapi/libnetapi.c @@ -725,6 +725,58 @@ NET_API_STATUS NetUserSetInfo(const char * server_name /* [in] */, return r.out.result; } +/**************************************************************** + NetUserGetGroups +****************************************************************/ + +NET_API_STATUS NetUserGetGroups(const char * server_name /* [in] */, + const char * user_name /* [in] */, + uint32_t level /* [in] */, + uint8_t **buffer /* [out] [ref] */, + uint32_t prefmaxlen /* [in] */, + uint32_t *entries_read /* [out] [ref] */, + uint32_t *total_entries /* [out] [ref] */) +{ + struct NetUserGetGroups r; + struct libnetapi_ctx *ctx = NULL; + NET_API_STATUS status; + WERROR werr; + + status = libnetapi_getctx(&ctx); + if (status != 0) { + return status; + } + + /* In parameters */ + r.in.server_name = server_name; + r.in.user_name = user_name; + r.in.level = level; + r.in.prefmaxlen = prefmaxlen; + + /* Out parameters */ + r.out.buffer = buffer; + r.out.entries_read = entries_read; + r.out.total_entries = total_entries; + + if (DEBUGLEVEL >= 10) { + NDR_PRINT_IN_DEBUG(NetUserGetGroups, &r); + } + + if (LIBNETAPI_LOCAL_SERVER(server_name)) { + werr = NetUserGetGroups_l(ctx, &r); + } else { + werr = NetUserGetGroups_r(ctx, &r); + } + + r.out.result = W_ERROR_V(werr); + + if (DEBUGLEVEL >= 10) { + NDR_PRINT_OUT_DEBUG(NetUserGetGroups, &r); + } + + return r.out.result; +} + /**************************************************************** NetUserModalsGet ****************************************************************/ diff --git a/source3/lib/netapi/libnetapi.h b/source3/lib/netapi/libnetapi.h index b0ff8e5baf..189083cc1f 100644 --- a/source3/lib/netapi/libnetapi.h +++ b/source3/lib/netapi/libnetapi.h @@ -125,6 +125,17 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, struct NetUserSetInfo *r); WERROR NetUserSetInfo_l(struct libnetapi_ctx *ctx, struct NetUserSetInfo *r); +NET_API_STATUS NetUserGetGroups(const char * server_name /* [in] */, + const char * user_name /* [in] */, + uint32_t level /* [in] */, + uint8_t **buffer /* [out] [ref] */, + uint32_t prefmaxlen /* [in] */, + uint32_t *entries_read /* [out] [ref] */, + uint32_t *total_entries /* [out] [ref] */); +WERROR NetUserGetGroups_r(struct libnetapi_ctx *ctx, + struct NetUserGetGroups *r); +WERROR NetUserGetGroups_l(struct libnetapi_ctx *ctx, + struct NetUserGetGroups *r); NET_API_STATUS NetUserModalsGet(const char * server_name /* [in] */, uint32_t level /* [in] */, uint8_t **buffer /* [out] [ref] */); diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index dba7542235..78a95fd10b 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -2354,3 +2354,21 @@ WERROR NetUserModalsSet_l(struct libnetapi_ctx *ctx, { LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserModalsSet); } + +/**************************************************************** +****************************************************************/ + +WERROR NetUserGetGroups_r(struct libnetapi_ctx *ctx, + struct NetUserGetGroups *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetUserGetGroups_l(struct libnetapi_ctx *ctx, + struct NetUserGetGroups *r) +{ + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserGetGroups); +} -- cgit From d304d17f2e21abdeb4adac15870026a6c3f86249 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 11:55:57 +0200 Subject: netapi: fix NetUserSetInfo return code for currently unsupported levels. Guenther (This used to be commit 10bd55d68a91b76e82c3ba1d113729f97830a46a) --- source3/lib/netapi/user.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 78a95fd10b..25871563ce 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -1388,9 +1388,22 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES | SAMR_USER_ACCESS_GET_GROUPS; break; - default: + case 1: + case 2: + case 3: + case 4: + case 21: + case 22: + case 1005: + case 1008: + case 1010: + case 1017: + case 1020: werr = WERR_NOT_SUPPORTED; goto done; + default: + werr = WERR_UNKNOWN_LEVEL; + goto done; } werr = libnetapi_open_pipe(ctx, r->in.server_name, -- cgit From 29e8a0fa2a8ac8da624ebcf79f9d350ed1407c80 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 13:13:57 +0200 Subject: netapi: add NetUserGetGroups to public headers. Guenther (This used to be commit 2f95b7d9b5ad513e43d7d41ce9fb87300ec357a8) --- source3/lib/netapi/netapi.h | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/source3/lib/netapi/netapi.h b/source3/lib/netapi/netapi.h index 4882ada893..9ba1d30f5c 100644 --- a/source3/lib/netapi/netapi.h +++ b/source3/lib/netapi/netapi.h @@ -998,6 +998,33 @@ NET_API_STATUS NetUserModalsSet(const char * server_name /* [in] */, uint8_t *buffer /* [in] [ref] */, uint32_t *parm_err /* [out] [ref] */); +/************************************************************//** + * + * NetUserGetGroups + * + * @brief Enumerate grouplist of a user on a server + * + * @param[in] server_name The server name to connect to + * @param[in] user_name The user name to query + * @param[in] level The enumeration level used for the query (Currently only + * level 0 is supported) + * @param[out] buffer The returned enumeration buffer + * @param[in] prefmaxlen The requested maximal buffer size + * @param[out] entries_read The number of returned entries + * @param[out] total_entries The number of total entries + * @return NET_API_STATUS + * + * example user/user_getgroups.c + ***************************************************************/ + +NET_API_STATUS NetUserGetGroups(const char * server_name /* [in] */, + const char * user_name /* [in] */, + uint32_t level /* [in] */, + uint8_t **buffer /* [out] [ref] */, + uint32_t prefmaxlen /* [in] */, + uint32_t *entries_read /* [out] [ref] */, + uint32_t *total_entries /* [out] [ref] */); + /************************************************************//** * * NetQueryDisplayInformation -- cgit From aeaa881c993e4875a8851b22412fee683f09de23 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 13:14:24 +0200 Subject: netapi: add NetUserGetGroups example code. Guenther (This used to be commit 33e9baeb26a469445b6750c4bd2f00b4140f0554) --- source3/lib/netapi/examples/Makefile.in | 6 + source3/lib/netapi/examples/user/user_getgroups.c | 133 ++++++++++++++++++++++ 2 files changed, 139 insertions(+) create mode 100644 source3/lib/netapi/examples/user/user_getgroups.c diff --git a/source3/lib/netapi/examples/Makefile.in b/source3/lib/netapi/examples/Makefile.in index 0b7553c389..4595db552d 100644 --- a/source3/lib/netapi/examples/Makefile.in +++ b/source3/lib/netapi/examples/Makefile.in @@ -31,6 +31,7 @@ PROGS = bin/getdc@EXEEXT@ \ bin/user_setinfo@EXEEXT@ \ bin/user_modalsget@EXEEXT@ \ bin/user_modalsset@EXEEXT@ \ + bin/user_getgroups@EXEEXT@ \ bin/group_add@EXEEXT@ \ bin/group_del@EXEEXT@ \ bin/group_enum@EXEEXT@ \ @@ -91,6 +92,7 @@ USERGETINFO_OBJ = user/user_getinfo.o $(CMDLINE_OBJ) USERSETINFO_OBJ = user/user_setinfo.o $(CMDLINE_OBJ) USERMODALSGET_OBJ = user/user_modalsget.o $(CMDLINE_OBJ) USERMODALSSET_OBJ = user/user_modalsset.o $(CMDLINE_OBJ) +USERGETGROUPS_OBJ = user/user_getgroups.o $(CMDLINE_OBJ) GROUPADD_OBJ = group/group_add.o $(CMDLINE_OBJ) GROUPDEL_OBJ = group/group_del.o $(CMDLINE_OBJ) GROUPENUM_OBJ = group/group_enum.o $(CMDLINE_OBJ) @@ -166,6 +168,10 @@ bin/user_modalsset@EXEEXT@: $(BINARY_PREREQS) $(USERMODALSSET_OBJ) @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(USERMODALSSET_OBJ) $(LDFLAGS) $(DYNEXP) $(CMDLINE_LIBS) +bin/user_getgroups@EXEEXT@: $(BINARY_PREREQS) $(USERGETGROUPS_OBJ) + @echo Linking $@ + @$(CC) $(FLAGS) -o $@ $(USERGETGROUPS_OBJ) $(LDFLAGS) $(DYNEXP) $(CMDLINE_LIBS) + bin/group_add@EXEEXT@: $(BINARY_PREREQS) $(GROUPADD_OBJ) @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(GROUPADD_OBJ) $(LDFLAGS) $(DYNEXP) $(CMDLINE_LIBS) diff --git a/source3/lib/netapi/examples/user/user_getgroups.c b/source3/lib/netapi/examples/user/user_getgroups.c new file mode 100644 index 0000000000..939415e0eb --- /dev/null +++ b/source3/lib/netapi/examples/user/user_getgroups.c @@ -0,0 +1,133 @@ +/* + * Unix SMB/CIFS implementation. + * NetUserGetGroups query + * Copyright (C) Guenther Deschner 2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#include +#include +#include +#include +#include + +#include + +#include "common.h" + +int main(int argc, const char **argv) +{ + NET_API_STATUS status; + struct libnetapi_ctx *ctx = NULL; + const char *hostname = NULL; + const char *username = NULL; + uint32_t level = 0; + uint8_t *buffer = NULL; + uint32_t entries_read = 0; + uint32_t total_entries = 0; + int i; + + struct GROUP_USERS_INFO_0 *info0 = NULL; + struct GROUP_USERS_INFO_1 *info1 = NULL; + + poptContext pc; + int opt; + + struct poptOption long_options[] = { + POPT_AUTOHELP + POPT_COMMON_LIBNETAPI_EXAMPLES + POPT_TABLEEND + }; + + status = libnetapi_init(&ctx); + if (status != 0) { + return status; + } + + pc = poptGetContext("user_getgroups", argc, argv, long_options, 0); + + poptSetOtherOptionHelp(pc, "hostname username level"); + while((opt = poptGetNextOpt(pc)) != -1) { + } + + if (!poptPeekArg(pc)) { + poptPrintHelp(pc, stderr, 0); + goto out; + } + hostname = poptGetArg(pc); + + if (!poptPeekArg(pc)) { + poptPrintHelp(pc, stderr, 0); + goto out; + } + username = poptGetArg(pc); + + if (poptPeekArg(pc)) { + level = atoi(poptGetArg(pc)); + } + + /* NetUserGetGroups */ + + do { + status = NetUserGetGroups(hostname, + username, + level, + &buffer, + (uint32_t)-1, + &entries_read, + &total_entries); + if (status == 0 || status == ERROR_MORE_DATA) { + + switch (level) { + case 0: + info0 = (struct GROUP_USERS_INFO_0 *)buffer; + break; + case 1: + info1 = (struct GROUP_USERS_INFO_1 *)buffer; + break; + default: + break; + } + + for (i=0; igrui0_name); + info0++; + break; + case 1: + printf("#%d group: %s\n", i, info1->grui1_name); + printf("#%d attributes: %d\n", i, info1->grui1_attributes); + info1++; + break; + default: + break; + } + } + NetApiBufferFree(buffer); + } + } while (status == ERROR_MORE_DATA); + + if (status != 0) { + printf("NetUserGetGroups failed with: %s\n", + libnetapi_get_error_string(ctx, status)); + } + + out: + libnetapi_free(ctx); + poptFreeContext(pc); + + return status; +} -- cgit From 77285ee6024c7379766589f816a0f67c0e4ea4ec Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 13:37:56 +0200 Subject: netapi: implement NetUserGetGroups_r. Guenther (This used to be commit 1ed8fefdae85e9b9f2794e502c8c1c41d9ba0615) --- source3/lib/netapi/user.c | 175 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 174 insertions(+), 1 deletion(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 25871563ce..6e13a54528 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -2371,10 +2371,183 @@ WERROR NetUserModalsSet_l(struct libnetapi_ctx *ctx, /**************************************************************** ****************************************************************/ +static NTSTATUS add_GROUP_USERS_INFO_X_buffer(TALLOC_CTX *mem_ctx, + uint32_t level, + const char *group_name, + uint32_t attributes, + uint8_t **buffer, + uint32_t *num_entries) +{ + struct GROUP_USERS_INFO_0 u0; + struct GROUP_USERS_INFO_1 u1; + + switch (level) { + case 0: + u0.grui0_name = talloc_strdup(mem_ctx, group_name); + NT_STATUS_HAVE_NO_MEMORY(u0.grui0_name); + + ADD_TO_ARRAY(mem_ctx, struct GROUP_USERS_INFO_0, u0, + (struct GROUP_USERS_INFO_0 **)buffer, num_entries); + break; + case 1: + u1.grui1_name = talloc_strdup(mem_ctx, group_name); + NT_STATUS_HAVE_NO_MEMORY(u1.grui1_name); + + u1.grui1_attributes = attributes; + + ADD_TO_ARRAY(mem_ctx, struct GROUP_USERS_INFO_1, u1, + (struct GROUP_USERS_INFO_1 **)buffer, num_entries); + break; + default: + return NT_STATUS_INVALID_INFO_CLASS; + } + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + WERROR NetUserGetGroups_r(struct libnetapi_ctx *ctx, struct NetUserGetGroups *r) { - return WERR_NOT_SUPPORTED; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + struct policy_handle connect_handle, domain_handle, user_handle; + struct lsa_String lsa_account_name; + struct dom_sid2 *domain_sid = NULL; + struct samr_Ids user_rids, name_types; + struct samr_RidWithAttributeArray *rid_array = NULL; + struct lsa_Strings names; + struct samr_Ids types; + uint32_t *rids = NULL; + + int i; + uint32_t entries_read = 0; + + NTSTATUS status = NT_STATUS_OK; + WERROR werr; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + + if (!r->out.buffer) { + return WERR_INVALID_PARAM; + } + + *r->out.buffer = NULL; + *r->out.entries_read = 0; + + switch (r->in.level) { + case 0: + case 1: + break; + default: + return WERR_UNKNOWN_LEVEL; + } + + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, + &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + init_lsa_String(&lsa_account_name, r->in.user_name); + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + 1, + &lsa_account_name, + &user_rids, + &name_types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenUser(pipe_cli, ctx, + &domain_handle, + SAMR_USER_ACCESS_GET_GROUPS, + user_rids.ids[0], + &user_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_GetGroupsForUser(pipe_cli, ctx, + &user_handle, + &rid_array); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + rids = talloc_array(ctx, uint32_t, rid_array->count); + if (!rids) { + werr = WERR_NOMEM; + goto done; + } + + for (i=0; i < rid_array->count; i++) { + rids[i] = rid_array->rids[i].rid; + } + + status = rpccli_samr_LookupRids(pipe_cli, ctx, + &domain_handle, + rid_array->count, + rids, + &names, + &types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + for (i=0; i < rid_array->count; i++) { + status = add_GROUP_USERS_INFO_X_buffer(ctx, + r->in.level, + names.names[i].string, + rid_array->rids[i].attributes, + r->out.buffer, + &entries_read); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + } + + if (r->out.entries_read) { + *r->out.entries_read = entries_read; + } + if (r->out.total_entries) { + *r->out.total_entries = entries_read; + } + + done: + if (!cli) { + return werr; + } + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); + } + + return werr; } /**************************************************************** -- cgit From a9a9772b5dbea06c21125738058c0a629c9d077d Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 13:47:04 +0200 Subject: net: use netapi for "net rpc user info" to enumerate user group membership. Guenther (This used to be commit 77ecfff216b24b0d4b1ce79bee13c18bffa7b533) --- source3/utils/net_rpc.c | 139 ++++++++++-------------------------------------- 1 file changed, 27 insertions(+), 112 deletions(-) diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 9e62dcd652..6db5bc753b 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -768,133 +768,50 @@ static int rpc_user_password(struct net_context *c, int argc, const char **argv) } /** - * List user's groups on a remote RPC server. - * - * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passed through. + * List a user's groups from a remote RPC server. * - * @param domain_sid The domain sid acquired from the remote server. - * @param cli A cli_state connected to the server. - * @param mem_ctx Talloc context, destroyed on completion of the function. * @param argc Standard main() style argc. * @param argv Standard main() style argv. Initial components are already * stripped. * - * @return Normal NTSTATUS return. + * @return A shell status integer (0 for success) **/ -static NTSTATUS rpc_user_info_internals(struct net_context *c, - const DOM_SID *domain_sid, - const char *domain_name, - struct cli_state *cli, - struct rpc_pipe_client *pipe_hnd, - TALLOC_CTX *mem_ctx, - int argc, - const char **argv) +static int rpc_user_info(struct net_context *c, int argc, const char **argv) + { - POLICY_HND connect_pol, domain_pol, user_pol; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + NET_API_STATUS status; + struct GROUP_USERS_INFO_0 *u0 = NULL; + uint32_t entries_read = 0; + uint32_t total_entries = 0; int i; - struct samr_RidWithAttributeArray *rid_array = NULL; - struct lsa_Strings names; - struct samr_Ids types; - uint32_t *lrids = NULL; - struct samr_Ids rids, name_types; - struct lsa_String lsa_acct_name; if (argc < 1 || c->display_usage) { rpc_user_usage(c, argc, argv); - return NT_STATUS_OK; + return 0; } - /* Get sam policy handle */ - - result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, - pipe_hnd->desthost, - MAXIMUM_ALLOWED_ACCESS, - &connect_pol); - if (!NT_STATUS_IS_OK(result)) goto done; - - /* Get domain policy handle */ - - result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, - &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - CONST_DISCARD(struct dom_sid2 *, domain_sid), - &domain_pol); - if (!NT_STATUS_IS_OK(result)) goto done; - - /* Get handle on user */ - - init_lsa_String(&lsa_acct_name, argv[0]); - - result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx, - &domain_pol, - 1, - &lsa_acct_name, - &rids, - &name_types); - - if (!NT_STATUS_IS_OK(result)) goto done; - - result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx, - &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - rids.ids[0], - &user_pol); - if (!NT_STATUS_IS_OK(result)) goto done; - - result = rpccli_samr_GetGroupsForUser(pipe_hnd, mem_ctx, - &user_pol, - &rid_array); - - if (!NT_STATUS_IS_OK(result)) goto done; - - /* Look up rids */ - - if (rid_array->count) { - if ((lrids = TALLOC_ARRAY(mem_ctx, uint32, rid_array->count)) == NULL) { - result = NT_STATUS_NO_MEMORY; - goto done; - } - - for (i = 0; i < rid_array->count; i++) - lrids[i] = rid_array->rids[i].rid; - - result = rpccli_samr_LookupRids(pipe_hnd, mem_ctx, - &domain_pol, - rid_array->count, - lrids, - &names, - &types); - - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - /* Display results */ - for (i = 0; i < names.count; i++) - printf("%s\n", names.names[i].string); + status = NetUserGetGroups(c->opt_host, + argv[0], + 0, + (uint8_t **)&u0, + (uint32_t)-1, + &entries_read, + &total_entries); + if (status != 0) { + d_fprintf(stderr, "Failed to get groups for '%s' with: %s.\n", + argv[0], libnetapi_get_error_string(c->netapi_ctx, + status)); + return -1; } - done: - return result; -} -/** - * List a user's groups from a remote RPC server. - * - * @param argc Standard main() style argc. - * @param argv Standard main() style argv. Initial components are already - * stripped. - * - * @return A shell status integer (0 for success) - **/ + for (i=0; i < entries_read; i++) { + printf("%s\n", u0->grui0_name); + u0++; + } -static int rpc_user_info(struct net_context *c, int argc, const char **argv) -{ - return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0, - rpc_user_info_internals, argc, argv); + return 0; } /** @@ -1058,9 +975,7 @@ static NTSTATUS rpc_sh_user_info(struct net_context *c, struct rpc_pipe_client *pipe_hnd, int argc, const char **argv) { - return rpc_user_info_internals(c, ctx->domain_sid, ctx->domain_name, - ctx->cli, pipe_hnd, mem_ctx, - argc, argv); + return werror_to_ntstatus(W_ERROR(rpc_user_info(c, argc, argv))); } static NTSTATUS rpc_sh_handle_user(struct net_context *c, -- cgit From 7eb0b5e03708027cfa9d40a955e5b0480441c686 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 13:54:49 +0200 Subject: net: now that "net rpc user" uses netapi calls exclusivly, net rpc shell needs to use netapi as well. Guenther (This used to be commit 2f730649b73dcd11734d12921bfdad982fe75717) --- source3/utils/net_rpc_shell.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/source3/utils/net_rpc_shell.c b/source3/utils/net_rpc_shell.c index c6051dc976..3aaed1ed18 100644 --- a/source3/utils/net_rpc_shell.c +++ b/source3/utils/net_rpc_shell.c @@ -217,6 +217,15 @@ int net_rpc_shell(struct net_context *c, int argc, const char **argv) return -1; } + if (libnetapi_init(&c->netapi_ctx) != 0) { + return -1; + } + libnetapi_set_username(c->netapi_ctx, c->opt_user_name); + libnetapi_set_password(c->netapi_ctx, c->opt_password); + if (c->opt_kerberos) { + libnetapi_set_use_kerberos(c->netapi_ctx); + } + ctx = TALLOC_P(NULL, struct rpc_sh_ctx); if (ctx == NULL) { d_fprintf(stderr, "talloc failed\n"); -- cgit From d97c694e4b0917f67eaa7470462c99c5fdad67f7 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 19:14:32 +0200 Subject: netapi: fix IDL for USER_INFO_4. Guenther (This used to be commit ca69c442f2007d46729a6fce920800d25195e946) --- source3/librpc/idl/libnetapi.idl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/librpc/idl/libnetapi.idl b/source3/librpc/idl/libnetapi.idl index b9d94edf9a..f5af5445e3 100644 --- a/source3/librpc/idl/libnetapi.idl +++ b/source3/librpc/idl/libnetapi.idl @@ -244,7 +244,7 @@ interface libnetapi string usri4_logon_server; uint32 usri4_country_code; uint32 usri4_code_page; - dom_sid *usri4_user_sid; + domsid *usri4_user_sid; uint32 usri4_primary_group_id; string usri4_profile; string usri4_home_dir_drive; -- cgit From 45e34d0b17835e5edd9dad793145f4c75014f504 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 19:15:02 +0200 Subject: re-run make idl. Guenther (This used to be commit 9d33627d723c582f723982d090858e01bf5bd8c8) --- source3/librpc/gen_ndr/libnetapi.h | 2 +- source3/librpc/gen_ndr/ndr_libnetapi.c | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/source3/librpc/gen_ndr/libnetapi.h b/source3/librpc/gen_ndr/libnetapi.h index ed99c5d189..a225022fd3 100644 --- a/source3/librpc/gen_ndr/libnetapi.h +++ b/source3/librpc/gen_ndr/libnetapi.h @@ -149,7 +149,7 @@ struct USER_INFO_4 { const char * usri4_logon_server; uint32_t usri4_country_code; uint32_t usri4_code_page; - struct dom_sid *usri4_user_sid;/* [unique] */ + struct domsid *usri4_user_sid;/* [unique] */ uint32_t usri4_primary_group_id; const char * usri4_profile; const char * usri4_home_dir_drive; diff --git a/source3/librpc/gen_ndr/ndr_libnetapi.c b/source3/librpc/gen_ndr/ndr_libnetapi.c index 941d4aa9ed..9bbcfc9a30 100644 --- a/source3/librpc/gen_ndr/ndr_libnetapi.c +++ b/source3/librpc/gen_ndr/ndr_libnetapi.c @@ -543,7 +543,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_USER_INFO_4(struct ndr_push *ndr, int ndr_fl NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, *r->usri4_logon_hours)); } if (r->usri4_user_sid) { - NDR_CHECK(ndr_push_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->usri4_user_sid)); + NDR_CHECK(ndr_push_domsid(ndr, NDR_SCALARS, r->usri4_user_sid)); } } return NDR_ERR_SUCCESS; @@ -607,7 +607,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_USER_INFO_4(struct ndr_pull *ndr, int ndr_fl if (r->usri4_user_sid) { _mem_save_usri4_user_sid_0 = NDR_PULL_GET_MEM_CTX(ndr); NDR_PULL_SET_MEM_CTX(ndr, r->usri4_user_sid, 0); - NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->usri4_user_sid)); + NDR_CHECK(ndr_pull_domsid(ndr, NDR_SCALARS, r->usri4_user_sid)); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_usri4_user_sid_0, 0); } } @@ -650,7 +650,7 @@ _PUBLIC_ void ndr_print_USER_INFO_4(struct ndr_print *ndr, const char *name, con ndr_print_ptr(ndr, "usri4_user_sid", r->usri4_user_sid); ndr->depth++; if (r->usri4_user_sid) { - ndr_print_dom_sid(ndr, "usri4_user_sid", r->usri4_user_sid); + ndr_print_domsid(ndr, "usri4_user_sid", r->usri4_user_sid); } ndr->depth--; ndr_print_uint32(ndr, "usri4_primary_group_id", r->usri4_primary_group_id); -- cgit From 36de16b472a5377269cacb7f7e5227e8834d1788 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 19:15:32 +0200 Subject: netapi: fix public header for USER_INFO_4. Guenther (This used to be commit f54b24c70afb28b6897ce258929ab2c97f255d86) --- source3/lib/netapi/netapi.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/lib/netapi/netapi.h b/source3/lib/netapi/netapi.h index 9ba1d30f5c..1dc933a9d9 100644 --- a/source3/lib/netapi/netapi.h +++ b/source3/lib/netapi/netapi.h @@ -185,7 +185,7 @@ struct USER_INFO_4 { const char * usri4_logon_server; uint32_t usri4_country_code; uint32_t usri4_code_page; - struct dom_sid *usri4_user_sid;/* [unique] */ + struct domsid *usri4_user_sid;/* [unique] */ uint32_t usri4_primary_group_id; const char * usri4_profile; const char * usri4_home_dir_drive; -- cgit From 1aee2cedc1c60435406fca8f51f237f4eebd80df Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 19:16:30 +0200 Subject: netapi: display all available levels in NetUserGetInfo example. Guenther (This used to be commit 814c9a4f663ea354291456407accbc3fe7edccf6) --- source3/lib/netapi/examples/user/user_getinfo.c | 149 ++++++++++++++++++++++++ 1 file changed, 149 insertions(+) diff --git a/source3/lib/netapi/examples/user/user_getinfo.c b/source3/lib/netapi/examples/user/user_getinfo.c index 19234d0532..9e95260b5a 100644 --- a/source3/lib/netapi/examples/user/user_getinfo.c +++ b/source3/lib/netapi/examples/user/user_getinfo.c @@ -36,10 +36,15 @@ int main(int argc, const char **argv) uint8_t *buffer = NULL; uint32_t level = 0; char *sid_str = NULL; + int i; struct USER_INFO_0 *u0; struct USER_INFO_1 *u1; + struct USER_INFO_2 *u2; + struct USER_INFO_3 *u3; + struct USER_INFO_4 *u4; struct USER_INFO_10 *u10; + struct USER_INFO_11 *u11; struct USER_INFO_20 *u20; struct USER_INFO_23 *u23; @@ -107,6 +112,121 @@ int main(int argc, const char **argv) printf("flags: 0x%08x\n", u1->usri1_flags); printf("script: %s\n", u1->usri1_script_path); break; + case 2: + u2 = (struct USER_INFO_2 *)buffer; + printf("name: %s\n", u2->usri2_name); + printf("password: %s\n", u2->usri2_password); + printf("password_age: %d\n", u2->usri2_password_age); + printf("priv: %d\n", u2->usri2_priv); + printf("homedir: %s\n", u2->usri2_home_dir); + printf("comment: %s\n", u2->usri2_comment); + printf("flags: 0x%08x\n", u2->usri2_flags); + printf("script: %s\n", u2->usri2_script_path); + printf("auth flags: 0x%08x\n", u2->usri2_auth_flags); + printf("full name: %s\n", u2->usri2_full_name); + printf("user comment: %s\n", u2->usri2_usr_comment); + printf("user parameters: %s\n", u2->usri2_parms); + printf("workstations: %s\n", u2->usri2_workstations); + printf("last logon (seconds since jan. 1, 1970 GMT): %d\n", + u2->usri2_last_logon); + printf("last logoff (seconds since jan. 1, 1970 GMT): %d\n", + u2->usri2_last_logoff); + printf("account expires (seconds since jan. 1, 1970 GMT): %d\n", + u2->usri2_acct_expires); + printf("max storage: %d\n", u2->usri2_max_storage); + printf("units per week: %d\n", u2->usri2_units_per_week); + printf("logon hours:"); + for (i=0; i<21; i++) { + printf(" %x", (uint8_t)u2->usri2_logon_hours[i]); + } + printf("\n"); + printf("bad password count: %d\n", u2->usri2_bad_pw_count); + printf("logon count: %d\n", u2->usri2_num_logons); + printf("logon server: %s\n", u2->usri2_logon_server); + printf("country code: %d\n", u2->usri2_country_code); + printf("code page: %d\n", u2->usri2_code_page); + break; + case 3: + u3 = (struct USER_INFO_3 *)buffer; + printf("name: %s\n", u3->usri3_name); + printf("password_age: %d\n", u3->usri3_password_age); + printf("priv: %d\n", u3->usri3_priv); + printf("homedir: %s\n", u3->usri3_home_dir); + printf("comment: %s\n", u3->usri3_comment); + printf("flags: 0x%08x\n", u3->usri3_flags); + printf("script: %s\n", u3->usri3_script_path); + printf("auth flags: 0x%08x\n", u3->usri3_auth_flags); + printf("full name: %s\n", u3->usri3_full_name); + printf("user comment: %s\n", u3->usri3_usr_comment); + printf("user parameters: %s\n", u3->usri3_parms); + printf("workstations: %s\n", u3->usri3_workstations); + printf("last logon (seconds since jan. 1, 1970 GMT): %d\n", + u3->usri3_last_logon); + printf("last logoff (seconds since jan. 1, 1970 GMT): %d\n", + u3->usri3_last_logoff); + printf("account expires (seconds since jan. 1, 1970 GMT): %d\n", + u3->usri3_acct_expires); + printf("max storage: %d\n", u3->usri3_max_storage); + printf("units per week: %d\n", u3->usri3_units_per_week); + printf("logon hours:"); + for (i=0; i<21; i++) { + printf(" %x", (uint8_t)u3->usri3_logon_hours[i]); + } + printf("\n"); + printf("bad password count: %d\n", u3->usri3_bad_pw_count); + printf("logon count: %d\n", u3->usri3_num_logons); + printf("logon server: %s\n", u3->usri3_logon_server); + printf("country code: %d\n", u3->usri3_country_code); + printf("code page: %d\n", u3->usri3_code_page); + printf("user id: %d\n", u3->usri3_user_id); + printf("primary group id: %d\n", u3->usri3_primary_group_id); + printf("profile: %s\n", u3->usri3_profile); + printf("home dir drive: %s\n", u3->usri3_home_dir_drive); + printf("password expired: %d\n", u3->usri3_password_expired); + break; + case 4: + u4 = (struct USER_INFO_4 *)buffer; + printf("name: %s\n", u4->usri4_name); + printf("password: %s\n", u4->usri4_password); + printf("password_age: %d\n", u4->usri4_password_age); + printf("priv: %d\n", u4->usri4_priv); + printf("homedir: %s\n", u4->usri4_home_dir); + printf("comment: %s\n", u4->usri4_comment); + printf("flags: 0x%08x\n", u4->usri4_flags); + printf("script: %s\n", u4->usri4_script_path); + printf("auth flags: 0x%08x\n", u4->usri4_auth_flags); + printf("full name: %s\n", u4->usri4_full_name); + printf("user comment: %s\n", u4->usri4_usr_comment); + printf("user parameters: %s\n", u4->usri4_parms); + printf("workstations: %s\n", u4->usri4_workstations); + printf("last logon (seconds since jan. 1, 1970 GMT): %d\n", + u4->usri4_last_logon); + printf("last logoff (seconds since jan. 1, 1970 GMT): %d\n", + u4->usri4_last_logoff); + printf("account expires (seconds since jan. 1, 1970 GMT): %d\n", + u4->usri4_acct_expires); + printf("max storage: %d\n", u4->usri4_max_storage); + printf("units per week: %d\n", u4->usri4_units_per_week); + printf("logon hours:"); + for (i=0; i<21; i++) { + printf(" %x", (uint8_t)u4->usri4_logon_hours[i]); + } + printf("\n"); + printf("bad password count: %d\n", u4->usri4_bad_pw_count); + printf("logon count: %d\n", u4->usri4_num_logons); + printf("logon server: %s\n", u4->usri4_logon_server); + printf("country code: %d\n", u4->usri4_country_code); + printf("code page: %d\n", u4->usri4_code_page); + if (ConvertSidToStringSid(u4->usri4_user_sid, + &sid_str)) { + printf("user_sid: %s\n", sid_str); + free(sid_str); + } + printf("primary group id: %d\n", u4->usri4_primary_group_id); + printf("profile: %s\n", u4->usri4_profile); + printf("home dir drive: %s\n", u4->usri4_home_dir_drive); + printf("password expired: %d\n", u4->usri4_password_expired); + break; case 10: u10 = (struct USER_INFO_10 *)buffer; printf("name: %s\n", u10->usri10_name); @@ -114,6 +234,35 @@ int main(int argc, const char **argv) printf("usr_comment: %s\n", u10->usri10_usr_comment); printf("full_name: %s\n", u10->usri10_full_name); break; + case 11: + u11 = (struct USER_INFO_11 *)buffer; + printf("name: %s\n", u11->usri11_name); + printf("comment: %s\n", u11->usri11_comment); + printf("user comment: %s\n", u11->usri11_usr_comment); + printf("full name: %s\n", u11->usri11_full_name); + printf("priv: %d\n", u11->usri11_priv); + printf("auth flags: 0x%08x\n", u11->usri11_auth_flags); + printf("password_age: %d\n", u11->usri11_password_age); + printf("homedir: %s\n", u11->usri11_home_dir); + printf("user parameters: %s\n", u11->usri11_parms); + printf("last logon (seconds since jan. 1, 1970 GMT): %d\n", + u11->usri11_last_logon); + printf("last logoff (seconds since jan. 1, 1970 GMT): %d\n", + u11->usri11_last_logoff); + printf("bad password count: %d\n", u11->usri11_bad_pw_count); + printf("logon count: %d\n", u11->usri11_num_logons); + printf("logon server: %s\n", u11->usri11_logon_server); + printf("country code: %d\n", u11->usri11_country_code); + printf("workstations: %s\n", u11->usri11_workstations); + printf("max storage: %d\n", u11->usri11_max_storage); + printf("units per week: %d\n", u11->usri11_units_per_week); + printf("logon hours:"); + for (i=0; i<21; i++) { + printf(" %x", (uint8_t)u11->usri11_logon_hours[i]); + } + printf("\n"); + printf("code page: %d\n", u11->usri11_code_page); + break; case 20: u20 = (struct USER_INFO_20 *)buffer; printf("name: %s\n", u20->usri20_name); -- cgit From e96a99f3e2b33525cf87eff3d2a13118f21c5186 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 19:25:07 +0200 Subject: netapi: add samr_acb_flags_to_netapi_flags for NetUserEnum and NetUserGetInfo. Guenther (This used to be commit 2f2c60bf91e1e2b3b24c4bb39ac598cb3c704158) --- source3/lib/netapi/user.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 6e13a54528..3c42f8b931 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -675,6 +675,18 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ +static uint32_t samr_acb_flags_to_netapi_flags(uint32_t acb) +{ + uint32_t fl = UF_SCRIPT; /* god knows why */ + + fl |= ads_acb2uf(acb); + + return fl; +} + +/**************************************************************** +****************************************************************/ + static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct rpc_pipe_client *pipe_cli, struct dom_sid *domain_sid, @@ -763,7 +775,8 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, info20.usri20_full_name = talloc_strdup(mem_ctx, info21->full_name.string); - info20.usri20_flags = info21->acct_flags; + info20.usri20_flags = + samr_acb_flags_to_netapi_flags(info21->acct_flags); info20.usri20_user_id = rid; ADD_TO_ARRAY(mem_ctx, struct USER_INFO_20, info20, @@ -780,7 +793,8 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, info23.usri23_full_name = talloc_strdup(mem_ctx, info21->full_name.string); - info23.usri23_flags = info21->acct_flags; + info23.usri23_flags = + samr_acb_flags_to_netapi_flags(info21->acct_flags); if (!sid_compose(&sid, domain_sid, rid)) { return NT_STATUS_NO_MEMORY; -- cgit From fea81f9056558a73608acbf5170ace0b7d4c1a8f Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 19:26:37 +0200 Subject: netapi: always return correct account name in NetUserGetInfo/NetUserEnum. Guenther (This used to be commit 47768bfb01815f7b6bf687fe04ca7d19385aea59) --- source3/lib/netapi/user.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 3c42f8b931..887ab94002 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -748,7 +748,8 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, switch (level) { case 10: - info10.usri10_name = talloc_strdup(mem_ctx, user_name); + info10.usri10_name = talloc_strdup(mem_ctx, + info21->account_name.string); NT_STATUS_HAVE_NO_MEMORY(info10.usri10_name); info10.usri10_comment = talloc_strdup(mem_ctx, @@ -766,7 +767,8 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, break; case 20: - info20.usri20_name = talloc_strdup(mem_ctx, user_name); + info20.usri20_name = talloc_strdup(mem_ctx, + info21->account_name.string); NT_STATUS_HAVE_NO_MEMORY(info20.usri20_name); info20.usri20_comment = talloc_strdup(mem_ctx, @@ -784,7 +786,8 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, break; case 23: - info23.usri23_name = talloc_strdup(mem_ctx, user_name); + info23.usri23_name = talloc_strdup(mem_ctx, + info21->account_name.string); NT_STATUS_HAVE_NO_MEMORY(info23.usri23_name); info23.usri23_comment = talloc_strdup(mem_ctx, -- cgit From 0f928eb2cc0b7fe383cea28eb833d80f69545659 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 19:28:34 +0200 Subject: netapi: give more correct error code in NetUserGetInfo. Guenther (This used to be commit c66651b6fb023e5b0952fd135589eb955f51fa12) --- source3/lib/netapi/user.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 887ab94002..47053f29af 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -1263,14 +1263,20 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, switch (r->in.level) { case 0: - /* case 1: */ case 10: case 20: case 23: break; - default: + case 1: + case 2: + case 3: + case 4: + case 11: werr = WERR_NOT_SUPPORTED; goto done; + default: + werr = WERR_UNKNOWN_LEVEL; + goto done; } werr = libnetapi_open_pipe(ctx, r->in.server_name, -- cgit From 6f7afee75188071eb69a2c81e646b3bed4c408e9 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 22:35:14 +0200 Subject: netapi: add USER_PRIV_* constants to IDL. Guenther (This used to be commit 3bb042d0e14e8a4f1feaace7f310143ff44a933a) --- source3/librpc/idl/libnetapi.idl | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/source3/librpc/idl/libnetapi.idl b/source3/librpc/idl/libnetapi.idl index f5af5445e3..6853cee439 100644 --- a/source3/librpc/idl/libnetapi.idl +++ b/source3/librpc/idl/libnetapi.idl @@ -150,6 +150,11 @@ interface libnetapi string usri0_name; } USER_INFO_0; + /* priv */ + const int USER_PRIV_GUEST = 0; + const int USER_PRIV_USER = 1; + const int USER_PRIV_ADMIN = 2; + [public] typedef struct { string usri1_name; string usri1_password; -- cgit From d2e9b33cd813295fac70e2f77646e61d81b91949 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 22:36:19 +0200 Subject: re-run make idl. Guenther (This used to be commit cb1236dd50d0511d8ad2be30c1d9b7b8191ec83c) --- source3/librpc/gen_ndr/libnetapi.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/source3/librpc/gen_ndr/libnetapi.h b/source3/librpc/gen_ndr/libnetapi.h index a225022fd3..54deea9650 100644 --- a/source3/librpc/gen_ndr/libnetapi.h +++ b/source3/librpc/gen_ndr/libnetapi.h @@ -10,6 +10,9 @@ #define _HEADER_libnetapi #define ERROR_MORE_DATA ( 234L ) +#define USER_PRIV_GUEST ( 0 ) +#define USER_PRIV_USER ( 1 ) +#define USER_PRIV_ADMIN ( 2 ) #define ENCRYPTED_PWLEN ( 16 ) #define FILTER_TEMP_DUPLICATE_ACCOUNT ( 0x0001 ) #define FILTER_NORMAL_ACCOUNT ( 0x0002 ) -- cgit From 0faaff160813f8659ec16c708fb71c9e4a39fdf7 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 22:38:32 +0200 Subject: netapi: add USER_PRIV_* constants to public header. Guenther (This used to be commit 2274e5d8a8236b15558507289a8a455c15ca2633) --- source3/lib/netapi/netapi.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/source3/lib/netapi/netapi.h b/source3/lib/netapi/netapi.h index 1dc933a9d9..51ea17ad7b 100644 --- a/source3/lib/netapi/netapi.h +++ b/source3/lib/netapi/netapi.h @@ -91,6 +91,10 @@ struct USER_INFO_0 { const char * usri0_name; }; +#define USER_PRIV_GUEST ( 0 ) +#define USER_PRIV_USER ( 1 ) +#define USER_PRIV_ADMIN ( 2 ) + struct USER_INFO_1 { const char * usri1_name; const char * usri1_password; -- cgit From 592f3a120153c24cf53bc8535a3b4611dbfe5f1d Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 23:40:44 +0200 Subject: netapi: add AF_OP constants to IDL. Guenther (This used to be commit 2bd24258782811a014a191650883d50d4bf7d0b0) --- source3/librpc/idl/libnetapi.idl | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/source3/librpc/idl/libnetapi.idl b/source3/librpc/idl/libnetapi.idl index 6853cee439..b80c6fe2b9 100644 --- a/source3/librpc/idl/libnetapi.idl +++ b/source3/librpc/idl/libnetapi.idl @@ -166,6 +166,14 @@ interface libnetapi string usri1_script_path; } USER_INFO_1; + /* auth_flags in USER_INFO_2 */ + + const int AF_OP_PRINT = 0x1; + const int AF_OP_COMM = 0x2; + const int AF_OP_SERVER = 0x4; + const int AF_OP_ACCOUNTS = 0x8; + const int AF_SETTABLE_BITS = (AF_OP_PRINT | AF_OP_COMM | AF_OP_SERVER | AF_OP_ACCOUNTS); + [public] typedef struct { string usri2_name; string usri2_password; -- cgit From f16719e6791b41a0168699d53a6c238120be07a8 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 23:41:55 +0200 Subject: re-run make idl. Guenther (This used to be commit 1c8bec98456dbd5bcc319a9d7378e4a9399db40d) --- source3/librpc/gen_ndr/libnetapi.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/source3/librpc/gen_ndr/libnetapi.h b/source3/librpc/gen_ndr/libnetapi.h index 54deea9650..25ed3e04e5 100644 --- a/source3/librpc/gen_ndr/libnetapi.h +++ b/source3/librpc/gen_ndr/libnetapi.h @@ -13,6 +13,11 @@ #define USER_PRIV_GUEST ( 0 ) #define USER_PRIV_USER ( 1 ) #define USER_PRIV_ADMIN ( 2 ) +#define AF_OP_PRINT ( 0x1 ) +#define AF_OP_COMM ( 0x2 ) +#define AF_OP_SERVER ( 0x4 ) +#define AF_OP_ACCOUNTS ( 0x8 ) +#define AF_SETTABLE_BITS ( (AF_OP_PRINT|AF_OP_COMM|AF_OP_SERVER|AF_OP_ACCOUNTS) ) #define ENCRYPTED_PWLEN ( 16 ) #define FILTER_TEMP_DUPLICATE_ACCOUNT ( 0x0001 ) #define FILTER_NORMAL_ACCOUNT ( 0x0002 ) -- cgit From 1283d081b2f9e15a1cefffa00f974039d96926de Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 23:43:01 +0200 Subject: netapi: add AF_OP constants to public header. Guenther (This used to be commit a06e21782a4970840f5a8c65b633c9654443161d) --- source3/lib/netapi/netapi.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/source3/lib/netapi/netapi.h b/source3/lib/netapi/netapi.h index 51ea17ad7b..0c7c23b36f 100644 --- a/source3/lib/netapi/netapi.h +++ b/source3/lib/netapi/netapi.h @@ -106,6 +106,11 @@ struct USER_INFO_1 { const char * usri1_script_path; }; +#define AF_OP_PRINT ( 0x1 ) +#define AF_OP_COMM ( 0x2 ) +#define AF_OP_SERVER ( 0x4 ) +#define AF_OP_ACCOUNTS ( 0x8 ) + struct USER_INFO_2 { const char * usri2_name; const char * usri2_password; -- cgit From ff21cceecc66c0aa86557e99fbcbd825e3d9454c Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 00:23:51 +0200 Subject: netapi: better point out what levels are unknown in NetUserEnum. Guenther (This used to be commit d85182aa54b936f8c85c6dcd10d5df613de4bb21) --- source3/lib/netapi/user.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 47053f29af..593434f999 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -854,8 +854,9 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, case 2: case 3: case 11: - default: return WERR_NOT_SUPPORTED; + default: + return WERR_UNKNOWN_LEVEL; } werr = libnetapi_open_pipe(ctx, r->in.server_name, -- cgit From c750f8c40036f04ff0ae533aeb97d5948b31ed54 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 00:56:25 +0200 Subject: netapi: add samr_rid_to_priv_level(). Guenther (This used to be commit 51afae499974f3ad73a1c9bdfbc41e3130966ebc) --- source3/lib/netapi/user.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 593434f999..7f259195a5 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -675,6 +675,21 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ +static uint32_t samr_rid_to_priv_level(uint32_t rid) +{ + switch (rid) { + case DOMAIN_RID_ADMINISTRATOR: + return USER_PRIV_ADMIN; + case DOMAIN_RID_GUEST: + return USER_PRIV_GUEST; + default: + return USER_PRIV_USER; + } +} + +/**************************************************************** +****************************************************************/ + static uint32_t samr_acb_flags_to_netapi_flags(uint32_t acb) { uint32_t fl = UF_SCRIPT; /* god knows why */ -- cgit From 8e578838828357bac0769f1bfe5273c8244daec3 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 00:58:24 +0200 Subject: netapi: add NetShareAdd to IDL. Guenther (This used to be commit 58d3a682631aa1fc3d90078db7c301de77cb7e73) --- source3/librpc/idl/libnetapi.idl | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/source3/librpc/idl/libnetapi.idl b/source3/librpc/idl/libnetapi.idl index b80c6fe2b9..fb70841921 100644 --- a/source3/librpc/idl/libnetapi.idl +++ b/source3/librpc/idl/libnetapi.idl @@ -962,4 +962,26 @@ interface libnetapi [in] string server_name, [out,ref] uint8 **buffer ); + + /*******************************************/ + /* NetShareAdd */ + /*******************************************/ + + typedef struct { + string shi2_netname; + uint32 shi2_type; + string shi2_remark; + uint32 shi2_permissions; + uint32 shi2_max_uses; + uint32 shi2_current_uses; + string shi2_path; + string shi2_passwd; + } SHARE_INFO_2; + + [nopush,nopull] NET_API_STATUS NetShareAdd( + [in] string server_name, + [in] uint32 level, + [in] uint8 *buffer, + [out] uint32 *parm_err + ); } -- cgit From 0f1025a1bc9658c27220a94c39158ae357c4bf76 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 00:58:50 +0200 Subject: re-run make idl. Guenther (This used to be commit 72c660757fd3a5b20ec6de0e4ada361e0aa9e2c4) --- source3/librpc/gen_ndr/libnetapi.h | 26 ++++++++++++++++++++++++++ source3/librpc/gen_ndr/ndr_libnetapi.c | 31 +++++++++++++++++++++++++++++++ source3/librpc/gen_ndr/ndr_libnetapi.h | 7 ++++++- 3 files changed, 63 insertions(+), 1 deletion(-) diff --git a/source3/librpc/gen_ndr/libnetapi.h b/source3/librpc/gen_ndr/libnetapi.h index 25ed3e04e5..6a2606507c 100644 --- a/source3/librpc/gen_ndr/libnetapi.h +++ b/source3/librpc/gen_ndr/libnetapi.h @@ -546,6 +546,17 @@ struct TIME_OF_DAY_INFO { uint32_t tod_weekday; }; +struct SHARE_INFO_2 { + const char * shi2_netname; + uint32_t shi2_type; + const char * shi2_remark; + uint32_t shi2_permissions; + uint32_t shi2_max_uses; + uint32_t shi2_current_uses; + const char * shi2_path; + const char * shi2_passwd; +}; + struct NetJoinDomain { struct { @@ -1127,4 +1138,19 @@ struct NetRemoteTOD { }; + +struct NetShareAdd { + struct { + const char * server_name; + uint32_t level; + uint8_t *buffer;/* [ref] */ + } in; + + struct { + uint32_t *parm_err;/* [ref] */ + enum NET_API_STATUS result; + } out; + +}; + #endif /* _HEADER_libnetapi */ diff --git a/source3/librpc/gen_ndr/ndr_libnetapi.c b/source3/librpc/gen_ndr/ndr_libnetapi.c index 9bbcfc9a30..44b1c85c17 100644 --- a/source3/librpc/gen_ndr/ndr_libnetapi.c +++ b/source3/librpc/gen_ndr/ndr_libnetapi.c @@ -3364,3 +3364,34 @@ _PUBLIC_ void ndr_print_NetRemoteTOD(struct ndr_print *ndr, const char *name, in ndr->depth--; } +_PUBLIC_ void ndr_print_NetShareAdd(struct ndr_print *ndr, const char *name, int flags, const struct NetShareAdd *r) +{ + ndr_print_struct(ndr, name, "NetShareAdd"); + ndr->depth++; + if (flags & NDR_SET_VALUES) { + ndr->flags |= LIBNDR_PRINT_SET_VALUES; + } + if (flags & NDR_IN) { + ndr_print_struct(ndr, "in", "NetShareAdd"); + ndr->depth++; + ndr_print_string(ndr, "server_name", r->in.server_name); + ndr_print_uint32(ndr, "level", r->in.level); + ndr_print_ptr(ndr, "buffer", r->in.buffer); + ndr->depth++; + ndr_print_uint8(ndr, "buffer", *r->in.buffer); + ndr->depth--; + ndr->depth--; + } + if (flags & NDR_OUT) { + ndr_print_struct(ndr, "out", "NetShareAdd"); + ndr->depth++; + ndr_print_ptr(ndr, "parm_err", r->out.parm_err); + ndr->depth++; + ndr_print_uint32(ndr, "parm_err", *r->out.parm_err); + ndr->depth--; + ndr_print_NET_API_STATUS(ndr, "result", r->out.result); + ndr->depth--; + } + ndr->depth--; +} + diff --git a/source3/librpc/gen_ndr/ndr_libnetapi.h b/source3/librpc/gen_ndr/ndr_libnetapi.h index 456a3e6e31..4d547b1c85 100644 --- a/source3/librpc/gen_ndr/ndr_libnetapi.h +++ b/source3/librpc/gen_ndr/ndr_libnetapi.h @@ -80,7 +80,9 @@ #define NDR_NETREMOTETOD (0x24) -#define NDR_LIBNETAPI_CALL_COUNT (37) +#define NDR_NETSHAREADD (0x25) + +#define NDR_LIBNETAPI_CALL_COUNT (38) enum ndr_err_code ndr_push_NET_API_STATUS(struct ndr_push *ndr, int ndr_flags, enum NET_API_STATUS r); enum ndr_err_code ndr_pull_NET_API_STATUS(struct ndr_pull *ndr, int ndr_flags, enum NET_API_STATUS *r); void ndr_print_NET_API_STATUS(struct ndr_print *ndr, const char *name, enum NET_API_STATUS r); @@ -315,4 +317,7 @@ void ndr_print_NetLocalGroupSetMembers(struct ndr_print *ndr, const char *name, enum ndr_err_code ndr_push_NetRemoteTOD(struct ndr_push *ndr, int flags, const struct NetRemoteTOD *r); enum ndr_err_code ndr_pull_NetRemoteTOD(struct ndr_pull *ndr, int flags, struct NetRemoteTOD *r); void ndr_print_NetRemoteTOD(struct ndr_print *ndr, const char *name, int flags, const struct NetRemoteTOD *r); +enum ndr_err_code ndr_push_NetShareAdd(struct ndr_push *ndr, int flags, const struct NetShareAdd *r); +enum ndr_err_code ndr_pull_NetShareAdd(struct ndr_pull *ndr, int flags, struct NetShareAdd *r); +void ndr_print_NetShareAdd(struct ndr_print *ndr, const char *name, int flags, const struct NetShareAdd *r); #endif /* _HEADER_NDR_libnetapi */ -- cgit From 0b484e684ab3181eedbb1bdc18dd750c712bb16e Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 01:01:11 +0200 Subject: netapi: add NetShareAdd skeleton. Guenther (This used to be commit 6e22bcc1f5cba9bc37ecf193bbc7e031b69134f5) --- source3/Makefile.in | 3 ++- source3/lib/netapi/libnetapi.c | 46 ++++++++++++++++++++++++++++++++++++++++++ source3/lib/netapi/libnetapi.h | 8 ++++++++ source3/lib/netapi/share.c | 43 +++++++++++++++++++++++++++++++++++++++ 4 files changed, 99 insertions(+), 1 deletion(-) create mode 100644 source3/lib/netapi/share.c diff --git a/source3/Makefile.in b/source3/Makefile.in index 486d47f5f8..5793b5ef4d 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -1835,7 +1835,8 @@ LIBNETAPI_OBJ0 = lib/netapi/netapi.o \ lib/netapi/group.o \ lib/netapi/localgroup.o \ lib/netapi/samr.o \ - lib/netapi/sid.o + lib/netapi/sid.o \ + lib/netapi/share.o LIBNETAPI_OBJ = $(LIBNETAPI_OBJ0) $(LIBNET_OBJ) \ $(LIBSMBCONF_OBJ) \ diff --git a/source3/lib/netapi/libnetapi.c b/source3/lib/netapi/libnetapi.c index 4b87bbcdf4..b4f2bb6ac2 100644 --- a/source3/lib/netapi/libnetapi.c +++ b/source3/lib/netapi/libnetapi.c @@ -1773,3 +1773,49 @@ NET_API_STATUS NetRemoteTOD(const char * server_name /* [in] */, return r.out.result; } +/**************************************************************** + NetShareAdd +****************************************************************/ + +NET_API_STATUS NetShareAdd(const char * server_name /* [in] */, + uint32_t level /* [in] */, + uint8_t *buffer /* [in] [ref] */, + uint32_t *parm_err /* [out] [ref] */) +{ + struct NetShareAdd r; + struct libnetapi_ctx *ctx = NULL; + NET_API_STATUS status; + WERROR werr; + + status = libnetapi_getctx(&ctx); + if (status != 0) { + return status; + } + + /* In parameters */ + r.in.server_name = server_name; + r.in.level = level; + r.in.buffer = buffer; + + /* Out parameters */ + r.out.parm_err = parm_err; + + if (DEBUGLEVEL >= 10) { + NDR_PRINT_IN_DEBUG(NetShareAdd, &r); + } + + if (LIBNETAPI_LOCAL_SERVER(server_name)) { + werr = NetShareAdd_l(ctx, &r); + } else { + werr = NetShareAdd_r(ctx, &r); + } + + r.out.result = W_ERROR_V(werr); + + if (DEBUGLEVEL >= 10) { + NDR_PRINT_OUT_DEBUG(NetShareAdd, &r); + } + + return r.out.result; +} + diff --git a/source3/lib/netapi/libnetapi.h b/source3/lib/netapi/libnetapi.h index 189083cc1f..9a75b396fe 100644 --- a/source3/lib/netapi/libnetapi.h +++ b/source3/lib/netapi/libnetapi.h @@ -317,4 +317,12 @@ WERROR NetRemoteTOD_r(struct libnetapi_ctx *ctx, struct NetRemoteTOD *r); WERROR NetRemoteTOD_l(struct libnetapi_ctx *ctx, struct NetRemoteTOD *r); +NET_API_STATUS NetShareAdd(const char * server_name /* [in] */, + uint32_t level /* [in] */, + uint8_t *buffer /* [in] [ref] */, + uint32_t *parm_err /* [out] [ref] */); +WERROR NetShareAdd_r(struct libnetapi_ctx *ctx, + struct NetShareAdd *r); +WERROR NetShareAdd_l(struct libnetapi_ctx *ctx, + struct NetShareAdd *r); #endif /* __LIBNETAPI_LIBNETAPI__ */ diff --git a/source3/lib/netapi/share.c b/source3/lib/netapi/share.c new file mode 100644 index 0000000000..182330b0d6 --- /dev/null +++ b/source3/lib/netapi/share.c @@ -0,0 +1,43 @@ +/* + * Unix SMB/CIFS implementation. + * NetApi Share Support + * Copyright (C) Guenther Deschner 2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#include "includes.h" + +#include "librpc/gen_ndr/libnetapi.h" +#include "lib/netapi/netapi.h" +#include "lib/netapi/netapi_private.h" +#include "lib/netapi/libnetapi.h" + +/**************************************************************** +****************************************************************/ + +WERROR NetShareAdd_r(struct libnetapi_ctx *ctx, + struct NetShareAdd *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetShareAdd_l(struct libnetapi_ctx *ctx, + struct NetShareAdd *r) +{ + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetShareAdd); +} -- cgit From f7b293353a06b1b44e67364ad5de5cc6d4d738dd Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 01:06:12 +0200 Subject: netapi: add NetShareAdd to public header. Guenther (This used to be commit 5a036a431f4a8c686ddcd72df476acc6befddba0) --- source3/lib/netapi/netapi.h | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/source3/lib/netapi/netapi.h b/source3/lib/netapi/netapi.h index 0c7c23b36f..95d2316c9e 100644 --- a/source3/lib/netapi/netapi.h +++ b/source3/lib/netapi/netapi.h @@ -537,6 +537,17 @@ struct TIME_OF_DAY_INFO { uint32_t tod_weekday; }; +struct SHARE_INFO_2 { + const char * shi2_netname; + uint32_t shi2_type; + const char * shi2_remark; + uint32_t shi2_permissions; + uint32_t shi2_max_uses; + uint32_t shi2_current_uses; + const char * shi2_path; + const char * shi2_passwd; +}; + #endif /* _HEADER_libnetapi */ /**************************************************************** @@ -1455,6 +1466,27 @@ NET_API_STATUS NetLocalGroupSetMembers(const char * server_name /* [in] */, NET_API_STATUS NetRemoteTOD(const char * server_name /* [in] */, uint8_t **buf /* [out] [ref] */); + +/************************************************************//** + * + * NetShareAdd + * + * @brief Add Share + * + * @param[in] server_name The server name to connect to + * @param[in] level The level defining the requested SHARE_INFO_X structure + * @param[in] buf The buffer containing a SHARE_INFO_X structure + * @param[out] parm_err The returned parameter error number if any + * @return NET_API_STATUS + * + * example share/share_add.c + ***************************************************************/ + +NET_API_STATUS NetShareAdd(const char * server_name /* [in] */, + uint32_t level /* [in] */, + uint8_t *buffer /* [in] [ref] */, + uint32_t *parm_err /* [out] [ref] */); + #ifdef __cplusplus } #endif /* __cplusplus */ -- cgit From 0e37e225fd276b6126268f83842cc271f76653b5 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 01:02:01 +0200 Subject: netapi: implement NetShareAdd_r. Guenther (This used to be commit d430d2fbd8746c8bcdb16e027d45a939c4976524) --- source3/lib/netapi/share.c | 92 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 91 insertions(+), 1 deletion(-) diff --git a/source3/lib/netapi/share.c b/source3/lib/netapi/share.c index 182330b0d6..3b99a8d291 100644 --- a/source3/lib/netapi/share.c +++ b/source3/lib/netapi/share.c @@ -27,10 +27,100 @@ /**************************************************************** ****************************************************************/ +static NTSTATUS map_SHARE_INFO_buffer_to_srvsvc_share_info(TALLOC_CTX *mem_ctx, + uint8_t *buffer, + uint32_t level, + union srvsvc_NetShareInfo *info) +{ + struct SHARE_INFO_2 *i2 = NULL; + struct srvsvc_NetShareInfo2 *s2 = NULL; + + if (!buffer) { + return NT_STATUS_INVALID_PARAMETER; + } + + switch (level) { + case 2: + i2 = (struct SHARE_INFO_2 *)buffer; + + s2 = TALLOC_P(mem_ctx, struct srvsvc_NetShareInfo2); + NT_STATUS_HAVE_NO_MEMORY(s2); + + s2->name = i2->shi2_netname; + s2->type = i2->shi2_type; + s2->comment = i2->shi2_remark; + s2->permissions = i2->shi2_permissions; + s2->max_users = i2->shi2_max_uses; + s2->current_users = i2->shi2_current_uses; + s2->path = i2->shi2_path; + s2->password = i2->shi2_passwd; + + info->info2 = s2; + + break; + default: + return NT_STATUS_INVALID_PARAMETER; + } + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + WERROR NetShareAdd_r(struct libnetapi_ctx *ctx, struct NetShareAdd *r) { - return WERR_NOT_SUPPORTED; + WERROR werr; + NTSTATUS status; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + union srvsvc_NetShareInfo info; + + if (!r->in.buffer) { + return WERR_INVALID_PARAM; + } + + switch (r->in.level) { + case 2: + break; + default: + return WERR_UNKNOWN_LEVEL; + } + + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_srvsvc.syntax_id, + &cli, + &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + status = map_SHARE_INFO_buffer_to_srvsvc_share_info(ctx, + r->in.buffer, + r->in.level, + &info); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_srvsvc_NetShareAdd(pipe_cli, ctx, + r->in.server_name, + r->in.level, + &info, + r->out.parm_err, + &werr); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + done: + if (!cli) { + return werr; + } + + return werr; } /**************************************************************** -- cgit From 3b88ef3e94c14f0d4f47e756a8b996f80876d1ce Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 01:02:42 +0200 Subject: netapi: add NetShareAdd example code. Guenther (This used to be commit 4ec041e38a7dd2d89b182ab9e03ab85a060778d3) --- source3/lib/netapi/examples/Makefile.in | 8 +- source3/lib/netapi/examples/share/share_add.c | 110 ++++++++++++++++++++++++++ 2 files changed, 117 insertions(+), 1 deletion(-) create mode 100644 source3/lib/netapi/examples/share/share_add.c diff --git a/source3/lib/netapi/examples/Makefile.in b/source3/lib/netapi/examples/Makefile.in index 4595db552d..d48457a694 100644 --- a/source3/lib/netapi/examples/Makefile.in +++ b/source3/lib/netapi/examples/Makefile.in @@ -49,7 +49,8 @@ PROGS = bin/getdc@EXEEXT@ \ bin/localgroup_delmembers@EXEEXT@ \ bin/localgroup_setmembers@EXEEXT@ \ bin/localgroup_getmembers@EXEEXT@ \ - bin/remote_tod@EXEEXT@ + bin/remote_tod@EXEEXT@ \ + bin/share_add@EXEEXT@ all: $(PROGS) @@ -111,6 +112,7 @@ LOCALGROUPDELMEMBERS_OBJ = localgroup/localgroup_delmembers.o $(CMDLINE_OBJ) LOCALGROUPSETMEMBERS_OBJ = localgroup/localgroup_setmembers.o $(CMDLINE_OBJ) LOCALGROUPGETMEMBERS_OBJ = localgroup/localgroup_getmembers.o $(CMDLINE_OBJ) REMOTETOD_OBJ = server/remote_tod.o $(CMDLINE_OBJ) +SHAREADD_OBJ = share/share_add.o $(CMDLINE_OBJ) bin/getdc@EXEEXT@: $(BINARY_PREREQS) $(GETDC_OBJ) @echo Linking $@ @@ -244,6 +246,10 @@ bin/remote_tod@EXEEXT@: $(BINARY_PREREQS) $(REMOTETOD_OBJ) @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(REMOTETOD_OBJ) $(LDFLAGS) $(DYNEXP) $(CMDLINE_LIBS) +bin/share_add@EXEEXT@: $(BINARY_PREREQS) $(SHAREADD_OBJ) + @echo Linking $@ + @$(CC) $(FLAGS) -o $@ $(SHAREADD_OBJ) $(LDFLAGS) $(DYNEXP) $(CMDLINE_LIBS) + clean: -rm -f $(PROGS) -rm -f core */*~ *~ \ diff --git a/source3/lib/netapi/examples/share/share_add.c b/source3/lib/netapi/examples/share/share_add.c new file mode 100644 index 0000000000..3d7948840d --- /dev/null +++ b/source3/lib/netapi/examples/share/share_add.c @@ -0,0 +1,110 @@ +/* + * Unix SMB/CIFS implementation. + * NetShareAdd query + * Copyright (C) Guenther Deschner 2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#include +#include +#include +#include +#include + +#include + +#include "common.h" + +int main(int argc, const char **argv) +{ + NET_API_STATUS status; + struct libnetapi_ctx *ctx = NULL; + const char *hostname = NULL; + const char *sharename = NULL; + const char *path = NULL; + uint32_t level = 0; + uint32_t parm_err = 0; + + struct SHARE_INFO_2 i2; + + poptContext pc; + int opt; + + struct poptOption long_options[] = { + POPT_AUTOHELP + POPT_COMMON_LIBNETAPI_EXAMPLES + POPT_TABLEEND + }; + + status = libnetapi_init(&ctx); + if (status != 0) { + return status; + } + + pc = poptGetContext("share_add", argc, argv, long_options, 0); + + poptSetOtherOptionHelp(pc, "hostname sharename path"); + while((opt = poptGetNextOpt(pc)) != -1) { + } + + if (!poptPeekArg(pc)) { + poptPrintHelp(pc, stderr, 0); + goto out; + } + hostname = poptGetArg(pc); + + if (!poptPeekArg(pc)) { + poptPrintHelp(pc, stderr, 0); + goto out; + } + sharename = poptGetArg(pc); + + if (!poptPeekArg(pc)) { + poptPrintHelp(pc, stderr, 0); + goto out; + } + path = poptGetArg(pc); + + if (poptPeekArg(pc)) { + level = atoi(poptGetArg(pc)); + } + + /* NetShareAdd */ + + i2.shi2_netname = sharename; + i2.shi2_type = 0; + i2.shi2_remark = "Test share created via NetApi"; + i2.shi2_permissions = 0; + i2.shi2_max_uses = (uint32_t)-1; + i2.shi2_current_uses = 0; + i2.shi2_path = path; + i2.shi2_passwd = NULL; + + status = NetShareAdd(hostname, + 2, + (uint8_t *)&i2, + &parm_err); + if (status != 0) { + printf("NetShareAdd failed with: %s\n", + libnetapi_get_error_string(ctx, status)); + goto out; + } + + out: + libnetapi_free(ctx); + poptFreeContext(pc); + + return status; +} -- cgit From 02bd97b0b008d83d612de214e4302f38f92045bc Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 11:54:16 +0200 Subject: netapi: add USER_MAXSTORAGE_UNLIMITED to IDL. Guenther (This used to be commit 71623f853d475eac8b4293d454706c3288bcbc10) --- source3/librpc/idl/libnetapi.idl | 2 ++ 1 file changed, 2 insertions(+) diff --git a/source3/librpc/idl/libnetapi.idl b/source3/librpc/idl/libnetapi.idl index fb70841921..62363c4bee 100644 --- a/source3/librpc/idl/libnetapi.idl +++ b/source3/librpc/idl/libnetapi.idl @@ -174,6 +174,8 @@ interface libnetapi const int AF_OP_ACCOUNTS = 0x8; const int AF_SETTABLE_BITS = (AF_OP_PRINT | AF_OP_COMM | AF_OP_SERVER | AF_OP_ACCOUNTS); + const int USER_MAXSTORAGE_UNLIMITED = (uint32_t)-1L; + [public] typedef struct { string usri2_name; string usri2_password; -- cgit From a7e2f5633d31a8b76e21266ce16bc7bf7601c063 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 11:54:32 +0200 Subject: re-run make idl. Guenther (This used to be commit 227fd242d1a3c911b704208694be6d1ffd1aee67) --- source3/librpc/gen_ndr/libnetapi.h | 1 + 1 file changed, 1 insertion(+) diff --git a/source3/librpc/gen_ndr/libnetapi.h b/source3/librpc/gen_ndr/libnetapi.h index 6a2606507c..e03ca4d19d 100644 --- a/source3/librpc/gen_ndr/libnetapi.h +++ b/source3/librpc/gen_ndr/libnetapi.h @@ -18,6 +18,7 @@ #define AF_OP_SERVER ( 0x4 ) #define AF_OP_ACCOUNTS ( 0x8 ) #define AF_SETTABLE_BITS ( (AF_OP_PRINT|AF_OP_COMM|AF_OP_SERVER|AF_OP_ACCOUNTS) ) +#define USER_MAXSTORAGE_UNLIMITED ( (uint32_t)-1L ) #define ENCRYPTED_PWLEN ( 16 ) #define FILTER_TEMP_DUPLICATE_ACCOUNT ( 0x0001 ) #define FILTER_NORMAL_ACCOUNT ( 0x0002 ) -- cgit From 8bab11088b337f6f02e221472e1d0381d531ccf1 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 11:57:43 +0200 Subject: netapi: prepare libnetapi_samr_lookup_user to lookup priv levels. Guenther (This used to be commit f61bf5db5ff4a1d051999712dd76788d6a113545) --- source3/lib/netapi/user.c | 64 +++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 54 insertions(+), 10 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 7f259195a5..25fb085f44 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -584,10 +584,12 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, struct policy_handle *domain_handle, struct policy_handle *builtin_handle, const char *user_name, + const struct dom_sid *domain_sid, uint32_t rid, uint32_t level, struct samr_UserInfo21 **info21, - struct sec_desc_buf **sec_desc) + struct sec_desc_buf **sec_desc, + uint32_t *auth_flag_p) { NTSTATUS status; @@ -643,7 +645,14 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, goto done; } - if (level == 1) { + if (access_mask & SAMR_USER_ACCESS_GET_GROUPS) { + + struct lsa_SidArray sid_array; + struct samr_Ids alias_rids; + int i; + uint32_t auth_flag = 0; + struct dom_sid sid; + status = rpccli_samr_GetGroupsForUser(pipe_cli, mem_ctx, &user_handle, &rid_array); @@ -651,15 +660,48 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, goto done; } -#if 0 - status = rpccli_samr_GetAliasMembership(pipe_cli, ctx, - &builtin_handle, - &sids, - &rids); + sid_array.num_sids = rid_array->count + 1; + sid_array.sids = talloc_array(mem_ctx, struct lsa_SidPtr, + sid_array.num_sids); + NT_STATUS_HAVE_NO_MEMORY(sid_array.sids); + + for (i=0; icount; i++) { + sid_compose(&sid, domain_sid, rid_array->rids[i].rid); + sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sid); + NT_STATUS_HAVE_NO_MEMORY(sid_array.sids[i].sid); + } + + sid_compose(&sid, domain_sid, rid); + sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sid); + NT_STATUS_HAVE_NO_MEMORY(sid_array.sids[i].sid); + + status = rpccli_samr_GetAliasMembership(pipe_cli, mem_ctx, + builtin_handle, + &sid_array, + &alias_rids); if (!NT_STATUS_IS_OK(status)) { goto done; } -#endif + + for (i=0; iinfo21; @@ -717,7 +759,7 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct samr_UserInfo21 *info21 = NULL; struct sec_desc_buf *sec_desc = NULL; - struct dom_sid sid; + uint32_t auth_flag = 0; struct USER_INFO_0 info0; struct USER_INFO_10 info10; @@ -752,10 +794,12 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, domain_handle, builtin_handle, user_name, + domain_sid, rid, level, &info21, - &sec_desc); + &sec_desc, + &auth_flag); if (!NT_STATUS_IS_OK(status)) { goto done; -- cgit From 29b96a63f13dba707c430638a8f0ca34b5993321 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 12:00:07 +0200 Subject: netapi: add builtin handle to NetUserEnum. Guenther (This used to be commit f71b0808bec002f616fc451eddb7e19dd242a138) --- source3/lib/netapi/user.c | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 25fb085f44..4e31175ebc 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -884,7 +884,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, struct rpc_pipe_client *pipe_cli = NULL; struct policy_handle connect_handle; struct dom_sid2 *domain_sid = NULL; - struct policy_handle domain_handle; + struct policy_handle domain_handle, builtin_handle; struct samr_SamArray *sam = NULL; uint32_t filter = ACB_NORMAL; int i; @@ -895,6 +895,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, ZERO_STRUCT(connect_handle); ZERO_STRUCT(domain_handle); + ZERO_STRUCT(builtin_handle); if (!r->out.buffer) { return WERR_INVALID_PARAM; @@ -926,6 +927,17 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, goto done; } + werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT | + SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS, + &connect_handle, + &builtin_handle); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | SAMR_ACCESS_OPEN_DOMAIN, @@ -977,7 +989,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, status = libnetapi_samr_lookup_user_map_USER_INFO(ctx, pipe_cli, domain_sid, &domain_handle, - NULL, /*&builtin_handle, */ + &builtin_handle, sam->entries[i].name.string, sam->entries[i].idx, r->in.level, @@ -1000,6 +1012,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, if (ctx->disable_policy_handle_cache) { libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_builtin_handle(ctx, &builtin_handle); libnetapi_samr_close_connect_handle(ctx, &connect_handle); } } -- cgit From ab627f40c092fa8b1254b590203f919c05ab13d7 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 12:05:43 +0200 Subject: netapi: add info21_to_USER_INFO_10. Guenther (This used to be commit 3e0c5d4154a730fd9e4430d3e64f9c7bb654dc54) --- source3/lib/netapi/user.c | 32 ++++++++++++++++++++------------ 1 file changed, 20 insertions(+), 12 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 4e31175ebc..8ce97bedcc 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -744,6 +744,24 @@ static uint32_t samr_acb_flags_to_netapi_flags(uint32_t acb) /**************************************************************** ****************************************************************/ +static NTSTATUS info21_to_USER_INFO_10(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + struct USER_INFO_10 *i) +{ + ZERO_STRUCTP(i); + + i->usri10_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri10_name); + i->usri10_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri10_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri10_usr_comment = talloc_strdup(mem_ctx, i21->comment.string); + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct rpc_pipe_client *pipe_cli, struct dom_sid *domain_sid, @@ -807,18 +825,8 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, switch (level) { case 10: - info10.usri10_name = talloc_strdup(mem_ctx, - info21->account_name.string); - NT_STATUS_HAVE_NO_MEMORY(info10.usri10_name); - - info10.usri10_comment = talloc_strdup(mem_ctx, - info21->description.string); - - info10.usri10_full_name = talloc_strdup(mem_ctx, - info21->full_name.string); - - info10.usri10_usr_comment = talloc_strdup(mem_ctx, - info21->comment.string); + status = info21_to_USER_INFO_10(mem_ctx, info21, &info10); + NT_STATUS_NOT_OK_RETURN(status); ADD_TO_ARRAY(mem_ctx, struct USER_INFO_10, info10, (struct USER_INFO_10 **)buffer, num_entries); -- cgit From f14748ee45ad54751e732a9c384951dd755d7a2b Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 12:07:25 +0200 Subject: netapi: add info21_to_USER_INFO_20. Guenther (This used to be commit 93a5844814714cf07341bc2962dfac5c3e51d788) --- source3/lib/netapi/user.c | 34 +++++++++++++++++++++------------- 1 file changed, 21 insertions(+), 13 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 8ce97bedcc..406d8fe6b5 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -762,6 +762,25 @@ static NTSTATUS info21_to_USER_INFO_10(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ +static NTSTATUS info21_to_USER_INFO_20(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + struct USER_INFO_20 *i) +{ + ZERO_STRUCTP(i); + + i->usri20_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri20_name); + i->usri20_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri20_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri20_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags); + i->usri20_user_id = i21->rid; + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct rpc_pipe_client *pipe_cli, struct dom_sid *domain_sid, @@ -834,19 +853,8 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, break; case 20: - info20.usri20_name = talloc_strdup(mem_ctx, - info21->account_name.string); - NT_STATUS_HAVE_NO_MEMORY(info20.usri20_name); - - info20.usri20_comment = talloc_strdup(mem_ctx, - info21->description.string); - - info20.usri20_full_name = talloc_strdup(mem_ctx, - info21->full_name.string); - - info20.usri20_flags = - samr_acb_flags_to_netapi_flags(info21->acct_flags); - info20.usri20_user_id = rid; + status = info21_to_USER_INFO_20(mem_ctx, info21, &info20); + NT_STATUS_NOT_OK_RETURN(status); ADD_TO_ARRAY(mem_ctx, struct USER_INFO_20, info20, (struct USER_INFO_20 **)buffer, num_entries); -- cgit From 2bf066b549d7b45c62b5a93776b6f5a3cd31aefe Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 12:08:31 +0200 Subject: netapi: add info21_to_USER_INFO_23. Guenther (This used to be commit 62871cb3829f5b9cd15211030fa409dbaf3b906f) --- source3/lib/netapi/user.c | 48 ++++++++++++++++++++++++++++------------------- 1 file changed, 29 insertions(+), 19 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 406d8fe6b5..03fea433ea 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -781,6 +781,31 @@ static NTSTATUS info21_to_USER_INFO_20(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ +static NTSTATUS info21_to_USER_INFO_23(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + struct dom_sid *domain_sid, + struct USER_INFO_23 *i) +{ + struct dom_sid sid; + + ZERO_STRUCTP(i); + + i->usri23_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri23_name); + i->usri23_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri23_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri23_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags); + if (!sid_compose(&sid, domain_sid, i21->rid)) { + return NT_STATUS_NO_MEMORY; + } + i->usri23_user_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid); + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct rpc_pipe_client *pipe_cli, struct dom_sid *domain_sid, @@ -861,29 +886,14 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, break; case 23: - info23.usri23_name = talloc_strdup(mem_ctx, - info21->account_name.string); - NT_STATUS_HAVE_NO_MEMORY(info23.usri23_name); - - info23.usri23_comment = talloc_strdup(mem_ctx, - info21->description.string); - - info23.usri23_full_name = talloc_strdup(mem_ctx, - info21->full_name.string); - - info23.usri23_flags = - samr_acb_flags_to_netapi_flags(info21->acct_flags); - - if (!sid_compose(&sid, domain_sid, rid)) { - return NT_STATUS_NO_MEMORY; - } - - info23.usri23_user_sid = - (struct domsid *)sid_dup_talloc(mem_ctx, &sid); + status = info21_to_USER_INFO_23(mem_ctx, info21, domain_sid, &info23); + NT_STATUS_NOT_OK_RETURN(status); ADD_TO_ARRAY(mem_ctx, struct USER_INFO_23, info23, (struct USER_INFO_23 **)buffer, num_entries); break; + default: + return NT_STATUS_INVALID_LEVEL; } done: -- cgit From d405b5061e7a4d7815b03c505434614f7dfec172 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 12:15:23 +0200 Subject: netapi: add info21_to_USER_INFO_1 and support level 1 NetUserEnum/GetInfo. Guenther (This used to be commit 391aaf16272aad09f8e2f1b1afb78a2535c0faaf) --- source3/lib/netapi/user.c | 41 +++++++++++++++++++++++++++++++++++++++-- 1 file changed, 39 insertions(+), 2 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 03fea433ea..77c74130b7 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -604,7 +604,11 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, switch (level) { case 0: + break; case 1: + access_mask |= SAMR_USER_ACCESS_GET_LOGONINFO | + SAMR_USER_ACCESS_GET_GROUPS; + break; case 2: case 3: case 10: @@ -744,6 +748,27 @@ static uint32_t samr_acb_flags_to_netapi_flags(uint32_t acb) /**************************************************************** ****************************************************************/ +static NTSTATUS info21_to_USER_INFO_1(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + struct USER_INFO_1 *i) +{ + ZERO_STRUCTP(i); + i->usri1_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri1_name); + i->usri1_password = NULL; + i->usri1_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change); + i->usri1_priv = samr_rid_to_priv_level(i21->rid); + i->usri1_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string); + i->usri1_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri1_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags); + i->usri1_script_path = talloc_strdup(mem_ctx, i21->logon_script.string); + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + static NTSTATUS info21_to_USER_INFO_10(TALLOC_CTX *mem_ctx, const struct samr_UserInfo21 *i21, struct USER_INFO_10 *i) @@ -824,6 +849,7 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, uint32_t auth_flag = 0; struct USER_INFO_0 info0; + struct USER_INFO_1 info1; struct USER_INFO_10 info10; struct USER_INFO_20 info20; struct USER_INFO_23 info23; @@ -868,6 +894,17 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, } switch (level) { + case 0: + /* already returned above */ + break; + case 1: + status = info21_to_USER_INFO_1(mem_ctx, info21, &info1); + NT_STATUS_NOT_OK_RETURN(status); + + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_1, info1, + (struct USER_INFO_1 **)buffer, num_entries); + + break; case 10: status = info21_to_USER_INFO_10(mem_ctx, info21, &info10); NT_STATUS_NOT_OK_RETURN(status); @@ -932,11 +969,11 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, switch (r->in.level) { case 0: + case 1: case 10: case 20: case 23: break; - case 1: case 2: case 3: case 11: @@ -1362,11 +1399,11 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, switch (r->in.level) { case 0: + case 1: case 10: case 20: case 23: break; - case 1: case 2: case 3: case 4: -- cgit From 0018d14eedba213626200ef41cb29380bdbc7ef0 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 12:18:01 +0200 Subject: netapi: add info21_to_USER_INFO_2 and support level 2 in NetUserEnum/GetInfo. Guenther (This used to be commit 1f1587423b7e01be552ae7cfc89f1334b32b124a) --- source3/lib/netapi/user.c | 52 +++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 50 insertions(+), 2 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 77c74130b7..d7ebba1215 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -769,6 +769,45 @@ static NTSTATUS info21_to_USER_INFO_1(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ +static NTSTATUS info21_to_USER_INFO_2(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + uint32_t auth_flag, + struct USER_INFO_2 *i) +{ + ZERO_STRUCTP(i); + + i->usri2_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri2_name); + i->usri2_password = NULL; + i->usri2_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change); + i->usri2_priv = samr_rid_to_priv_level(i21->rid); + i->usri2_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string); + i->usri2_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri2_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags); + i->usri2_script_path = talloc_strdup(mem_ctx, i21->logon_script.string); + i->usri2_auth_flags = auth_flag; + i->usri2_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri2_usr_comment = talloc_strdup(mem_ctx, i21->comment.string); + i->usri2_parms = talloc_strndup(mem_ctx, (const char *)i21->parameters.array, i21->parameters.size/2); + i->usri2_workstations = talloc_strdup(mem_ctx, i21->workstations.string); + i->usri2_last_logon = nt_time_to_unix(i21->last_logon); + i->usri2_last_logoff = nt_time_to_unix(i21->last_logoff); + i->usri2_acct_expires = nt_time_to_unix(i21->acct_expiry); + i->usri2_max_storage = USER_MAXSTORAGE_UNLIMITED; /* FIXME */ + i->usri2_units_per_week = i21->logon_hours.units_per_week; + i->usri2_logon_hours = (uint8_t *)talloc_memdup(mem_ctx, i21->logon_hours.bits, 21); + i->usri2_bad_pw_count = i21->bad_password_count; + i->usri2_num_logons = i21->logon_count; + i->usri2_logon_server = talloc_strdup(mem_ctx, "\\\\*"); + i->usri2_country_code = i21->country_code; + i->usri2_code_page = i21->code_page; + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + static NTSTATUS info21_to_USER_INFO_10(TALLOC_CTX *mem_ctx, const struct samr_UserInfo21 *i21, struct USER_INFO_10 *i) @@ -850,6 +889,7 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct USER_INFO_0 info0; struct USER_INFO_1 info1; + struct USER_INFO_2 info2; struct USER_INFO_10 info10; struct USER_INFO_20 info20; struct USER_INFO_23 info23; @@ -904,6 +944,14 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, ADD_TO_ARRAY(mem_ctx, struct USER_INFO_1, info1, (struct USER_INFO_1 **)buffer, num_entries); + break; + case 2: + status = info21_to_USER_INFO_2(mem_ctx, info21, auth_flag, &info2); + NT_STATUS_NOT_OK_RETURN(status); + + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_2, info2, + (struct USER_INFO_2 **)buffer, num_entries); + break; case 10: status = info21_to_USER_INFO_10(mem_ctx, info21, &info10); @@ -970,11 +1018,11 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, switch (r->in.level) { case 0: case 1: + case 2: case 10: case 20: case 23: break; - case 2: case 3: case 11: return WERR_NOT_SUPPORTED; @@ -1400,11 +1448,11 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, switch (r->in.level) { case 0: case 1: + case 2: case 10: case 20: case 23: break; - case 2: case 3: case 4: case 11: -- cgit From 4c659b9340efd466c1398fb0637fc51766b09100 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 12:20:04 +0200 Subject: netapi: add info21_to_USER_INFO_3 and support level 3 in NetUserEnum/GetInfo. Guenther (This used to be commit 6b56b70a47823ab482f0c2a5fb55a759857b99f0) --- source3/lib/netapi/user.c | 56 +++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 54 insertions(+), 2 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index d7ebba1215..acbd36c599 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -808,6 +808,49 @@ static NTSTATUS info21_to_USER_INFO_2(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ +static NTSTATUS info21_to_USER_INFO_3(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + uint32_t auth_flag, + struct USER_INFO_3 *i) +{ + ZERO_STRUCTP(i); + + i->usri3_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri3_name); + i->usri3_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change); + i->usri3_priv = samr_rid_to_priv_level(i21->rid); + i->usri3_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string); + i->usri3_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri3_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags); + i->usri3_script_path = talloc_strdup(mem_ctx, i21->logon_script.string); + i->usri3_auth_flags = auth_flag; + i->usri3_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri3_usr_comment = talloc_strdup(mem_ctx, i21->comment.string); + i->usri3_parms = talloc_strndup(mem_ctx, (const char *)i21->parameters.array, i21->parameters.size/2); + i->usri3_workstations = talloc_strdup(mem_ctx, i21->workstations.string); + i->usri3_last_logon = nt_time_to_unix(i21->last_logon); + i->usri3_last_logoff = nt_time_to_unix(i21->last_logoff); + i->usri3_acct_expires = nt_time_to_unix(i21->acct_expiry); + i->usri3_max_storage = USER_MAXSTORAGE_UNLIMITED; /* FIXME */ + i->usri3_units_per_week = i21->logon_hours.units_per_week; + i->usri3_logon_hours = (uint8_t *)talloc_memdup(mem_ctx, i21->logon_hours.bits, 21); + i->usri3_bad_pw_count = i21->bad_password_count; + i->usri3_num_logons = i21->logon_count; + i->usri3_logon_server = talloc_strdup(mem_ctx, "\\\\*"); + i->usri3_country_code = i21->country_code; + i->usri3_code_page = i21->code_page; + i->usri3_user_id = i21->rid; + i->usri3_primary_group_id = i21->primary_gid; + i->usri3_profile = talloc_strdup(mem_ctx, i21->profile_path.string); + i->usri3_home_dir_drive = talloc_strdup(mem_ctx, i21->home_drive.string); + i->usri3_password_expired = i21->password_expired; + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + static NTSTATUS info21_to_USER_INFO_10(TALLOC_CTX *mem_ctx, const struct samr_UserInfo21 *i21, struct USER_INFO_10 *i) @@ -890,6 +933,7 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct USER_INFO_0 info0; struct USER_INFO_1 info1; struct USER_INFO_2 info2; + struct USER_INFO_3 info3; struct USER_INFO_10 info10; struct USER_INFO_20 info20; struct USER_INFO_23 info23; @@ -952,6 +996,14 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, ADD_TO_ARRAY(mem_ctx, struct USER_INFO_2, info2, (struct USER_INFO_2 **)buffer, num_entries); + break; + case 3: + status = info21_to_USER_INFO_3(mem_ctx, info21, auth_flag, &info3); + NT_STATUS_NOT_OK_RETURN(status); + + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_3, info3, + (struct USER_INFO_3 **)buffer, num_entries); + break; case 10: status = info21_to_USER_INFO_10(mem_ctx, info21, &info10); @@ -1019,11 +1071,11 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, case 0: case 1: case 2: + case 3: case 10: case 20: case 23: break; - case 3: case 11: return WERR_NOT_SUPPORTED; default: @@ -1449,11 +1501,11 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, case 0: case 1: case 2: + case 3: case 10: case 20: case 23: break; - case 3: case 4: case 11: werr = WERR_NOT_SUPPORTED; -- cgit From 038404a2b5268586f11927d9be7b3b411a008165 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 12:21:13 +0200 Subject: netapi: add info21_to_USER_INFO_4 and support level 4 in NetUserEnum/GetInfo. Guenther (This used to be commit b3ccc9a447c380e2898606b8f392f8bec9f40dc9) --- source3/lib/netapi/user.c | 70 +++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 68 insertions(+), 2 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index acbd36c599..1584a28be0 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -611,8 +611,13 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, break; case 2: case 3: - case 10: + case 4: case 11: + access_mask |= SAMR_USER_ACCESS_GET_LOGONINFO | + SAMR_USER_ACCESS_GET_GROUPS | + SAMR_USER_ACCESS_GET_LOCALE; + break; + case 10: case 20: case 23: break; @@ -851,6 +856,56 @@ static NTSTATUS info21_to_USER_INFO_3(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ +static NTSTATUS info21_to_USER_INFO_4(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + uint32_t auth_flag, + struct dom_sid *domain_sid, + struct USER_INFO_4 *i) +{ + struct dom_sid sid; + + ZERO_STRUCTP(i); + + i->usri4_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri4_name); + i->usri4_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change); + i->usri4_password = NULL; + i->usri4_priv = samr_rid_to_priv_level(i21->rid); + i->usri4_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string); + i->usri4_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri4_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags); + i->usri4_script_path = talloc_strdup(mem_ctx, i21->logon_script.string); + i->usri4_auth_flags = auth_flag; + i->usri4_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri4_usr_comment = talloc_strdup(mem_ctx, i21->comment.string); + i->usri4_parms = talloc_strndup(mem_ctx, (const char *)i21->parameters.array, i21->parameters.size/2); + i->usri4_workstations = talloc_strdup(mem_ctx, i21->workstations.string); + i->usri4_last_logon = nt_time_to_unix(i21->last_logon); + i->usri4_last_logoff = nt_time_to_unix(i21->last_logoff); + i->usri4_acct_expires = nt_time_to_unix(i21->acct_expiry); + i->usri4_max_storage = USER_MAXSTORAGE_UNLIMITED; /* FIXME */ + i->usri4_units_per_week = i21->logon_hours.units_per_week; + i->usri4_logon_hours = (uint8_t *)talloc_memdup(mem_ctx, i21->logon_hours.bits, 21); + i->usri4_bad_pw_count = i21->bad_password_count; + i->usri4_num_logons = i21->logon_count; + i->usri4_logon_server = talloc_strdup(mem_ctx, "\\\\*"); + i->usri4_country_code = i21->country_code; + i->usri4_code_page = i21->code_page; + if (!sid_compose(&sid, domain_sid, i21->rid)) { + return NT_STATUS_NO_MEMORY; + } + i->usri4_user_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid); + i->usri4_primary_group_id = i21->primary_gid; + i->usri4_profile = talloc_strdup(mem_ctx, i21->profile_path.string); + i->usri4_home_dir_drive = talloc_strdup(mem_ctx, i21->home_drive.string); + i->usri4_password_expired = i21->password_expired; + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + static NTSTATUS info21_to_USER_INFO_10(TALLOC_CTX *mem_ctx, const struct samr_UserInfo21 *i21, struct USER_INFO_10 *i) @@ -934,6 +989,7 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct USER_INFO_1 info1; struct USER_INFO_2 info2; struct USER_INFO_3 info3; + struct USER_INFO_4 info4; struct USER_INFO_10 info10; struct USER_INFO_20 info20; struct USER_INFO_23 info23; @@ -943,6 +999,7 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, case 1: case 2: case 3: + case 4: case 10: case 11: case 20: @@ -1004,6 +1061,14 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, ADD_TO_ARRAY(mem_ctx, struct USER_INFO_3, info3, (struct USER_INFO_3 **)buffer, num_entries); + break; + case 4: + status = info21_to_USER_INFO_4(mem_ctx, info21, auth_flag, domain_sid, &info4); + NT_STATUS_NOT_OK_RETURN(status); + + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_4, info4, + (struct USER_INFO_4 **)buffer, num_entries); + break; case 10: status = info21_to_USER_INFO_10(mem_ctx, info21, &info10); @@ -1072,6 +1137,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, case 1: case 2: case 3: + case 4: case 10: case 20: case 23: @@ -1502,11 +1568,11 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, case 1: case 2: case 3: + case 4: case 10: case 20: case 23: break; - case 4: case 11: werr = WERR_NOT_SUPPORTED; goto done; -- cgit From 5dd07500635f399b117389238d226a521a224ef9 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 12:22:19 +0200 Subject: netapi: add info21_to_USER_INFO_11 and support level 11 in NetUserEnum/GetInfo. Guenther (This used to be commit c022ec38521e7ff655fc12807fcfd0e4f056e18b) --- source3/lib/netapi/user.c | 50 ++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 45 insertions(+), 5 deletions(-) diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 1584a28be0..ae8d2ecd89 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -924,6 +924,41 @@ static NTSTATUS info21_to_USER_INFO_10(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ +static NTSTATUS info21_to_USER_INFO_11(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + uint32_t auth_flag, + struct USER_INFO_11 *i) +{ + ZERO_STRUCTP(i); + + i->usri11_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri11_name); + i->usri11_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri11_usr_comment = talloc_strdup(mem_ctx, i21->comment.string); + i->usri11_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri11_priv = samr_rid_to_priv_level(i21->rid); + i->usri11_auth_flags = auth_flag; + i->usri11_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change); + i->usri11_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string); + i->usri11_parms = talloc_strndup(mem_ctx, (const char *)i21->parameters.array, i21->parameters.size/2); + i->usri11_last_logon = nt_time_to_unix(i21->last_logon); + i->usri11_last_logoff = nt_time_to_unix(i21->last_logoff); + i->usri11_bad_pw_count = i21->bad_password_count; + i->usri11_num_logons = i21->logon_count; + i->usri11_logon_server = talloc_strdup(mem_ctx, "\\\\*"); + i->usri11_country_code = i21->country_code; + i->usri11_workstations = talloc_strdup(mem_ctx, i21->workstations.string); + i->usri11_max_storage = USER_MAXSTORAGE_UNLIMITED; /* FIXME */ + i->usri11_units_per_week = i21->logon_hours.units_per_week; + i->usri11_logon_hours = (uint8_t *)talloc_memdup(mem_ctx, i21->logon_hours.bits, 21); + i->usri11_code_page = i21->code_page; + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + static NTSTATUS info21_to_USER_INFO_20(TALLOC_CTX *mem_ctx, const struct samr_UserInfo21 *i21, struct USER_INFO_20 *i) @@ -991,6 +1026,7 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct USER_INFO_3 info3; struct USER_INFO_4 info4; struct USER_INFO_10 info10; + struct USER_INFO_11 info11; struct USER_INFO_20 info20; struct USER_INFO_23 info23; @@ -1078,7 +1114,14 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, (struct USER_INFO_10 **)buffer, num_entries); break; + case 11: + status = info21_to_USER_INFO_11(mem_ctx, info21, auth_flag, &info11); + NT_STATUS_NOT_OK_RETURN(status); + + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_11, info11, + (struct USER_INFO_11 **)buffer, num_entries); + break; case 20: status = info21_to_USER_INFO_20(mem_ctx, info21, &info20); NT_STATUS_NOT_OK_RETURN(status); @@ -1139,11 +1182,10 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, case 3: case 4: case 10: + case 11: case 20: case 23: break; - case 11: - return WERR_NOT_SUPPORTED; default: return WERR_UNKNOWN_LEVEL; } @@ -1570,12 +1612,10 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, case 3: case 4: case 10: + case 11: case 20: case 23: break; - case 11: - werr = WERR_NOT_SUPPORTED; - goto done; default: werr = WERR_UNKNOWN_LEVEL; goto done; -- cgit From 639bb00a67ff15916ce5029d3f3ebe2434456afc Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 29 Aug 2008 12:46:01 +0200 Subject: netapi: add NetJoinFlags to IDL. Guenther (This used to be commit 10345cb987f8652f5e94e612910bfcd0478b26bc) --- source3/librpc/idl/libnetapi.idl | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/source3/librpc/idl/libnetapi.idl b/source3/librpc/idl/libnetapi.idl index 62363c4bee..0b91876832 100644 --- a/source3/librpc/idl/libnetapi.idl +++ b/source3/librpc/idl/libnetapi.idl @@ -29,13 +29,28 @@ interface libnetapi /* NetJoinDomain */ /*******************************************/ + typedef [public,bitmap32bit] bitmap { + NETSETUP_JOIN_DOMAIN = 0x00000001, + NETSETUP_ACCT_CREATE = 0x00000002, + NETSETUP_ACCT_DELETE = 0x00000004, + NETSETUP_WIN9X_UPGRADE = 0x00000010, + NETSETUP_DOMAIN_JOIN_IF_JOINED = 0x00000020, + NETSETUP_JOIN_UNSECURE = 0x00000040, + NETSETUP_MACHINE_PWD_PASSED = 0x00000080, + NETSETUP_DEFER_SPN_SET = 0x00000100, + NETSETUP_JOIN_DC_ACCOUNT = 0x00000200, + NETSETUP_JOIN_WITH_NEW_NAME = 0x00000400, + NETSETUP_INSTALL_INVOCATION = 0x00040000, + NETSETUP_IGNORE_UNSUPPORTED_FLAGS = 0x10000000 + } NetJoinFlags; + [nopush,nopull] NET_API_STATUS NetJoinDomain( [in,unique] string *server, [in,ref] string *domain, [in,unique] string *account_ou, [in,unique] string *account, [in,unique] string *password, - [in] uint32 join_flags + [in] NetJoinFlags join_flags ); /*******************************************/ @@ -46,7 +61,7 @@ interface libnetapi [in,unique] string *server_name, [in,unique] string *account, [in,unique] string *password, - [in] uint32 unjoin_flags + [in] NetJoinFlags unjoin_flags ); /*******************************************/ -- cgit From 93528fadc6b95aa6e86e232d0adc02832cdacaa5 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 29 Aug 2008 12:46:18 +0200 Subject: re-run make idl. Guenther (This used to be commit 11a2eecf2a92dceef2b89bbfa08abcfb71bcaf7a) --- source3/librpc/gen_ndr/libnetapi.h | 14 +++++++++++++ source3/librpc/gen_ndr/ndr_libnetapi.c | 37 ++++++++++++++++++++++++++++++++-- source3/librpc/gen_ndr/ndr_libnetapi.h | 3 +++ 3 files changed, 52 insertions(+), 2 deletions(-) diff --git a/source3/librpc/gen_ndr/libnetapi.h b/source3/librpc/gen_ndr/libnetapi.h index e03ca4d19d..33ca253b60 100644 --- a/source3/librpc/gen_ndr/libnetapi.h +++ b/source3/librpc/gen_ndr/libnetapi.h @@ -44,6 +44,20 @@ struct domsid { uint32_t *sub_auths; }; +/* bitmap NetJoinFlags */ +#define NETSETUP_JOIN_DOMAIN ( 0x00000001 ) +#define NETSETUP_ACCT_CREATE ( 0x00000002 ) +#define NETSETUP_ACCT_DELETE ( 0x00000004 ) +#define NETSETUP_WIN9X_UPGRADE ( 0x00000010 ) +#define NETSETUP_DOMAIN_JOIN_IF_JOINED ( 0x00000020 ) +#define NETSETUP_JOIN_UNSECURE ( 0x00000040 ) +#define NETSETUP_MACHINE_PWD_PASSED ( 0x00000080 ) +#define NETSETUP_DEFER_SPN_SET ( 0x00000100 ) +#define NETSETUP_JOIN_DC_ACCOUNT ( 0x00000200 ) +#define NETSETUP_JOIN_WITH_NEW_NAME ( 0x00000400 ) +#define NETSETUP_INSTALL_INVOCATION ( 0x00040000 ) +#define NETSETUP_IGNORE_UNSUPPORTED_FLAGS ( 0x10000000 ) + struct SERVER_INFO_1005 { const char * sv1005_comment; }; diff --git a/source3/librpc/gen_ndr/ndr_libnetapi.c b/source3/librpc/gen_ndr/ndr_libnetapi.c index 44b1c85c17..4f2579f256 100644 --- a/source3/librpc/gen_ndr/ndr_libnetapi.c +++ b/source3/librpc/gen_ndr/ndr_libnetapi.c @@ -87,6 +87,39 @@ _PUBLIC_ void ndr_print_domsid(struct ndr_print *ndr, const char *name, const st ndr->depth--; } +_PUBLIC_ enum ndr_err_code ndr_push_NetJoinFlags(struct ndr_push *ndr, int ndr_flags, uint32_t r) +{ + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r)); + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ enum ndr_err_code ndr_pull_NetJoinFlags(struct ndr_pull *ndr, int ndr_flags, uint32_t *r) +{ + uint32_t v; + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &v)); + *r = v; + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ void ndr_print_NetJoinFlags(struct ndr_print *ndr, const char *name, uint32_t r) +{ + ndr_print_uint32(ndr, name, r); + ndr->depth++; + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETSETUP_JOIN_DOMAIN", NETSETUP_JOIN_DOMAIN, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETSETUP_ACCT_CREATE", NETSETUP_ACCT_CREATE, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETSETUP_ACCT_DELETE", NETSETUP_ACCT_DELETE, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETSETUP_WIN9X_UPGRADE", NETSETUP_WIN9X_UPGRADE, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETSETUP_DOMAIN_JOIN_IF_JOINED", NETSETUP_DOMAIN_JOIN_IF_JOINED, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETSETUP_JOIN_UNSECURE", NETSETUP_JOIN_UNSECURE, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETSETUP_MACHINE_PWD_PASSED", NETSETUP_MACHINE_PWD_PASSED, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETSETUP_DEFER_SPN_SET", NETSETUP_DEFER_SPN_SET, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETSETUP_JOIN_DC_ACCOUNT", NETSETUP_JOIN_DC_ACCOUNT, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETSETUP_JOIN_WITH_NEW_NAME", NETSETUP_JOIN_WITH_NEW_NAME, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETSETUP_INSTALL_INVOCATION", NETSETUP_INSTALL_INVOCATION, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NETSETUP_IGNORE_UNSUPPORTED_FLAGS", NETSETUP_IGNORE_UNSUPPORTED_FLAGS, r); + ndr->depth--; +} + _PUBLIC_ enum ndr_err_code ndr_push_SERVER_INFO_1005(struct ndr_push *ndr, int ndr_flags, const struct SERVER_INFO_1005 *r) { if (ndr_flags & NDR_SCALARS) { @@ -2047,7 +2080,7 @@ _PUBLIC_ void ndr_print_NetJoinDomain(struct ndr_print *ndr, const char *name, i ndr_print_string(ndr, "password", r->in.password); } ndr->depth--; - ndr_print_uint32(ndr, "join_flags", r->in.join_flags); + ndr_print_NetJoinFlags(ndr, "join_flags", r->in.join_flags); ndr->depth--; } if (flags & NDR_OUT) { @@ -2087,7 +2120,7 @@ _PUBLIC_ void ndr_print_NetUnjoinDomain(struct ndr_print *ndr, const char *name, ndr_print_string(ndr, "password", r->in.password); } ndr->depth--; - ndr_print_uint32(ndr, "unjoin_flags", r->in.unjoin_flags); + ndr_print_NetJoinFlags(ndr, "unjoin_flags", r->in.unjoin_flags); ndr->depth--; } if (flags & NDR_OUT) { diff --git a/source3/librpc/gen_ndr/ndr_libnetapi.h b/source3/librpc/gen_ndr/ndr_libnetapi.h index 4d547b1c85..8324ac3188 100644 --- a/source3/librpc/gen_ndr/ndr_libnetapi.h +++ b/source3/librpc/gen_ndr/ndr_libnetapi.h @@ -89,6 +89,9 @@ void ndr_print_NET_API_STATUS(struct ndr_print *ndr, const char *name, enum NET_ enum ndr_err_code ndr_push_domsid(struct ndr_push *ndr, int ndr_flags, const struct domsid *r); enum ndr_err_code ndr_pull_domsid(struct ndr_pull *ndr, int ndr_flags, struct domsid *r); void ndr_print_domsid(struct ndr_print *ndr, const char *name, const struct domsid *r); +enum ndr_err_code ndr_push_NetJoinFlags(struct ndr_push *ndr, int ndr_flags, uint32_t r); +enum ndr_err_code ndr_pull_NetJoinFlags(struct ndr_pull *ndr, int ndr_flags, uint32_t *r); +void ndr_print_NetJoinFlags(struct ndr_print *ndr, const char *name, uint32_t r); enum ndr_err_code ndr_push_SERVER_INFO_1005(struct ndr_push *ndr, int ndr_flags, const struct SERVER_INFO_1005 *r); enum ndr_err_code ndr_pull_SERVER_INFO_1005(struct ndr_pull *ndr, int ndr_flags, struct SERVER_INFO_1005 *r); void ndr_print_SERVER_INFO_1005(struct ndr_print *ndr, const char *name, const struct SERVER_INFO_1005 *r); -- cgit From 57fe0182d3a17c1b61e969e8842b891c362c12f2 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 29 Aug 2008 12:46:38 +0200 Subject: netapi: add NetJoinFlags to public header. Guenther (This used to be commit 3babf758f49d6b08af8bd41c1dc8bd8de11a3893) --- source3/lib/netapi/netapi.h | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/source3/lib/netapi/netapi.h b/source3/lib/netapi/netapi.h index 95d2316c9e..05c702cb3f 100644 --- a/source3/lib/netapi/netapi.h +++ b/source3/lib/netapi/netapi.h @@ -75,6 +75,20 @@ struct DOMAIN_CONTROLLER_INFO { const char * client_site_name; }; +/* bitmap NetJoinFlags */ +#define NETSETUP_JOIN_DOMAIN ( 0x00000001 ) +#define NETSETUP_ACCT_CREATE ( 0x00000002 ) +#define NETSETUP_ACCT_DELETE ( 0x00000004 ) +#define NETSETUP_WIN9X_UPGRADE ( 0x00000010 ) +#define NETSETUP_DOMAIN_JOIN_IF_JOINED ( 0x00000020 ) +#define NETSETUP_JOIN_UNSECURE ( 0x00000040 ) +#define NETSETUP_MACHINE_PWD_PASSED ( 0x00000080 ) +#define NETSETUP_DEFER_SPN_SET ( 0x00000100 ) +#define NETSETUP_JOIN_DC_ACCOUNT ( 0x00000200 ) +#define NETSETUP_JOIN_WITH_NEW_NAME ( 0x00000400 ) +#define NETSETUP_INSTALL_INVOCATION ( 0x00040000 ) +#define NETSETUP_IGNORE_UNSUPPORTED_FLAGS ( 0x10000000 ) + #define FILTER_TEMP_DUPLICATE_ACCOUNT ( 0x0001 ) #define FILTER_NORMAL_ACCOUNT ( 0x0002 ) #define FILTER_INTERDOMAIN_TRUST_ACCOUNT ( 0x0008 ) -- cgit From e710a871776eee47642ef828fd04cb0a46e43d2a Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 29 Aug 2008 12:52:23 +0200 Subject: netapi: use NETSETUP join flags in examples. Guenther (This used to be commit 2f6f888d9cf89abf55767dc43a9e3d5de68bbcfb) --- .../lib/netapi/examples/netdomjoin-gui/netdomjoin-gui.c | 15 +++++---------- source3/lib/netapi/examples/netdomjoin/netdomjoin.c | 4 +++- source3/utils/net_dom.c | 8 ++++---- 3 files changed, 12 insertions(+), 15 deletions(-) diff --git a/source3/lib/netapi/examples/netdomjoin-gui/netdomjoin-gui.c b/source3/lib/netapi/examples/netdomjoin-gui/netdomjoin-gui.c index 418b9c8b8e..970f8cf9f2 100644 --- a/source3/lib/netapi/examples/netdomjoin-gui/netdomjoin-gui.c +++ b/source3/lib/netapi/examples/netdomjoin-gui/netdomjoin-gui.c @@ -38,11 +38,6 @@ #define SAMBA_IMAGE_PATH "/usr/share/pixmaps/samba/logo.png" #define SAMBA_IMAGE_PATH_SMALL "/usr/share/pixmaps/samba/logo-small.png" -#define WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED ( 0x00000020 ) -#define WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE ( 0x00000004 ) -#define WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE ( 0x00000002 ) -#define WKSSVC_JOIN_FLAGS_JOIN_TYPE ( 0x00000001 ) - #define NetSetupWorkgroupName ( 2 ) #define NetSetupDomainName ( 3 ) @@ -631,9 +626,9 @@ static void callback_do_join(GtkWidget *widget, if (state->name_type_new == NetSetupDomainName) { domain_join = TRUE; join_creds_required = TRUE; - join_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE | - WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE | - WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED; /* for testing */ + join_flags = NETSETUP_JOIN_DOMAIN | + NETSETUP_ACCT_CREATE | + NETSETUP_DOMAIN_JOIN_IF_JOINED; /* for testing */ } if ((state->name_type_initial == NetSetupDomainName) && @@ -641,8 +636,8 @@ static void callback_do_join(GtkWidget *widget, try_unjoin = TRUE; unjoin_creds_required = TRUE; join_creds_required = FALSE; - unjoin_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE | - WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE; + unjoin_flags = NETSETUP_JOIN_DOMAIN | + NETSETUP_ACCT_DELETE; } if (try_unjoin) { diff --git a/source3/lib/netapi/examples/netdomjoin/netdomjoin.c b/source3/lib/netapi/examples/netdomjoin/netdomjoin.c index bd7c36382a..08ce71b938 100644 --- a/source3/lib/netapi/examples/netdomjoin/netdomjoin.c +++ b/source3/lib/netapi/examples/netdomjoin/netdomjoin.c @@ -39,7 +39,9 @@ int main(int argc, const char **argv) const char *account_ou = NULL; const char *account = NULL; const char *password = NULL; - uint32_t join_flags = 0x00000023; + uint32_t join_flags = NETSETUP_JOIN_DOMAIN | + NETSETUP_ACCT_CREATE | + NETSETUP_DOMAIN_JOIN_IF_JOINED; struct libnetapi_ctx *ctx = NULL; poptContext pc; diff --git a/source3/utils/net_dom.c b/source3/utils/net_dom.c index f13b9c23d0..5544cf8a2d 100644 --- a/source3/utils/net_dom.c +++ b/source3/utils/net_dom.c @@ -37,8 +37,8 @@ static int net_dom_unjoin(struct net_context *c, int argc, const char **argv) const char *server_name = NULL; const char *account = NULL; const char *password = NULL; - uint32_t unjoin_flags = WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE | - WKSSVC_JOIN_FLAGS_JOIN_TYPE; + uint32_t unjoin_flags = NETSETUP_ACCT_DELETE | + NETSETUP_JOIN_DOMAIN; struct cli_state *cli = NULL; bool do_reboot = false; NTSTATUS ntstatus; @@ -125,8 +125,8 @@ static int net_dom_join(struct net_context *c, int argc, const char **argv) const char *account_ou = NULL; const char *Account = NULL; const char *password = NULL; - uint32_t join_flags = WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE | - WKSSVC_JOIN_FLAGS_JOIN_TYPE; + uint32_t join_flags = NETSETUP_ACCT_CREATE | + NETSETUP_JOIN_DOMAIN; struct cli_state *cli = NULL; bool do_reboot = false; NTSTATUS ntstatus; -- cgit From af1db71c1446c854385de691781e5bb48ec65936 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 29 Aug 2008 12:59:56 +0200 Subject: netapi: fix some warnings in netdomjoin-gui. Guenther (This used to be commit e69eb09c1819eb4ea4bba7c3b3b0f8b6da789632) --- .../examples/netdomjoin-gui/netdomjoin-gui.c | 28 +++++++++++++++------- 1 file changed, 20 insertions(+), 8 deletions(-) diff --git a/source3/lib/netapi/examples/netdomjoin-gui/netdomjoin-gui.c b/source3/lib/netapi/examples/netdomjoin-gui/netdomjoin-gui.c index 970f8cf9f2..4e0488ed59 100644 --- a/source3/lib/netapi/examples/netdomjoin-gui/netdomjoin-gui.c +++ b/source3/lib/netapi/examples/netdomjoin-gui/netdomjoin-gui.c @@ -818,9 +818,13 @@ static void callback_enter_hostname_and_unlock(GtkWidget *widget, } state->hostname_changed = TRUE; if (state->name_type_initial == NetSetupDomainName) { - asprintf(&str, "%s.%s", entry_text, state->my_dnsdomain); + if (asprintf(&str, "%s.%s", entry_text, state->my_dnsdomain) == -1) { + return; + } } else { - asprintf(&str, "%s.", entry_text); + if (asprintf(&str, "%s.", entry_text) == -1) { + return; + } } gtk_label_set_text(GTK_LABEL(state->label_full_computer_name), str); free(str); @@ -1127,10 +1131,14 @@ static void callback_do_change(GtkWidget *widget, char *str = NULL; entry_text = gtk_entry_get_text(GTK_ENTRY(entry)); if (state->name_type_initial == NetSetupDomainName) { - asprintf(&str, "%s.%s", entry_text, - state->my_dnsdomain); + if (asprintf(&str, "%s.%s", entry_text, + state->my_dnsdomain) == -1) { + return; + } } else { - asprintf(&str, "%s.", entry_text); + if (asprintf(&str, "%s.", entry_text) == -1) { + return; + } } gtk_label_set_text(GTK_LABEL(state->label_full_computer_name), str); @@ -1431,10 +1439,14 @@ static int draw_main_window(struct join_state *state) /* Label */ char *str = NULL; if (state->name_type_initial == NetSetupDomainName) { - asprintf(&str, "%s.%s", state->my_hostname, - state->my_dnsdomain); + if (asprintf(&str, "%s.%s", state->my_hostname, + state->my_dnsdomain) == -1) { + return -1; + } } else { - asprintf(&str, "%s.", state->my_hostname); + if (asprintf(&str, "%s.", state->my_hostname) == -1) { + return -1; + } } label = gtk_label_new(str); -- cgit From c5a9348f1953f5801c219231a46c90c23a427b81 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 29 Aug 2008 13:31:55 +0200 Subject: netapi: fix NetGetJoinableOUs_l. It needs to try the dns domain name for the ads connection. Guenther (This used to be commit 918eae8221bb8c24084cad96556e4d8c3685e314) --- source3/lib/netapi/joindomain.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/lib/netapi/joindomain.c b/source3/lib/netapi/joindomain.c index 2a6fc80ca3..17ea3923fe 100644 --- a/source3/lib/netapi/joindomain.c +++ b/source3/lib/netapi/joindomain.c @@ -364,7 +364,7 @@ WERROR NetGetJoinableOUs_l(struct libnetapi_ctx *ctx, dc = strip_hostname(info->dc_unc); - ads = ads_init(r->in.domain, r->in.domain, dc); + ads = ads_init(info->domain_name, info->domain_name, dc); if (!ads) { return WERR_GENERAL_FAILURE; } -- cgit From bb1d3a73c4171fdf8feb90fa190d4dd38490e5be Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 15 Aug 2008 02:00:46 +0200 Subject: libwbclient: add wbcChangeUserPassword and wbcChangeUserPasswordEx. Guenther (This used to be commit 62e7b4aa32051bce34c890cb41270e5fe31111ca) --- source3/nsswitch/libwbclient/wbc_pam.c | 271 ++++++++++++++++++++++++++++++++ source3/nsswitch/libwbclient/wbclient.c | 2 + source3/nsswitch/libwbclient/wbclient.h | 78 ++++++++- 3 files changed, 350 insertions(+), 1 deletion(-) diff --git a/source3/nsswitch/libwbclient/wbc_pam.c b/source3/nsswitch/libwbclient/wbc_pam.c index 293f71c347..20b42b6efb 100644 --- a/source3/nsswitch/libwbclient/wbc_pam.c +++ b/source3/nsswitch/libwbclient/wbc_pam.c @@ -236,6 +236,30 @@ done: return wbc_status; } +static wbcErr wbc_create_password_policy_info(TALLOC_CTX *mem_ctx, + const struct winbindd_response *resp, + struct wbcUserPasswordPolicyInfo **_i) +{ + wbcErr wbc_status = WBC_ERR_SUCCESS; + struct wbcUserPasswordPolicyInfo *i; + + i = talloc(mem_ctx, struct wbcUserPasswordPolicyInfo); + BAIL_ON_PTR_ERROR(i, wbc_status); + + i->min_passwordage = resp->data.auth.policy.min_passwordage; + i->min_length_password = resp->data.auth.policy.min_length_password; + i->password_history = resp->data.auth.policy.password_history; + i->password_properties = resp->data.auth.policy.password_properties; + i->expire = resp->data.auth.policy.expire; + + *_i = i; + i = NULL; + +done: + talloc_free(i); + return wbc_status; +} + /** @brief Authenticate with more detailed information * * @param params Input parameters, WBC_AUTH_USER_LEVEL_HASH @@ -523,3 +547,250 @@ wbcErr wbcLogoffUser(const char *username, done: return wbc_status; } + +/** @brief Change a password for a user with more detailed information upon + * failure + * @param params Input parameters + * @param error User output details on WBC_ERR_PWD_CHANGE_FAILED + * @param reject_reason New password reject reason on WBC_ERR_PWD_CHANGE_FAILED + * @param policy Password policy output details on WBC_ERR_PWD_CHANGE_FAILED + * + * @return #wbcErr + **/ + +wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params, + struct wbcAuthErrorInfo **error, + enum wbcPasswordChangeRejectReason *reject_reason, + struct wbcUserPasswordPolicyInfo **policy) +{ + struct winbindd_request request; + struct winbindd_response response; + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + int cmd = 0; + + /* validate input */ + + if (!params->account_name) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + if (error) { + *error = NULL; + } + + if (policy) { + *policy = NULL; + } + + if (reject_reason) { + *reject_reason = -1; + } + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + switch (params->level) { + case WBC_CHANGE_PASSWORD_LEVEL_PLAIN: + cmd = WINBINDD_PAM_CHAUTHTOK; + + if (!params->account_name) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + strncpy(request.data.chauthtok.user, params->account_name, + sizeof(request.data.chauthtok.user) - 1); + + if (params->old_password.plaintext) { + strncpy(request.data.chauthtok.oldpass, + params->old_password.plaintext, + sizeof(request.data.chauthtok.oldpass) - 1); + } + + if (params->new_password.plaintext) { + strncpy(request.data.chauthtok.newpass, + params->new_password.plaintext, + sizeof(request.data.chauthtok.newpass) - 1); + } + break; + + case WBC_CHANGE_PASSWORD_LEVEL_RESPONSE: + cmd = WINBINDD_PAM_CHNG_PSWD_AUTH_CRAP; + + if (!params->account_name || !params->domain_name) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + if (params->old_password.response.old_lm_hash_enc_length && + !params->old_password.response.old_lm_hash_enc_data) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + if (params->old_password.response.old_lm_hash_enc_length == 0 && + params->old_password.response.old_lm_hash_enc_data) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + if (params->old_password.response.old_nt_hash_enc_length && + !params->old_password.response.old_nt_hash_enc_data) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + if (params->old_password.response.old_nt_hash_enc_length == 0 && + params->old_password.response.old_nt_hash_enc_data) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + if (params->new_password.response.lm_length && + !params->new_password.response.lm_data) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + if (params->new_password.response.lm_length == 0 && + params->new_password.response.lm_data) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + if (params->new_password.response.nt_length && + !params->new_password.response.nt_data) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + if (params->new_password.response.nt_length == 0 && + params->new_password.response.nt_data) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + strncpy(request.data.chng_pswd_auth_crap.user, + params->account_name, + sizeof(request.data.chng_pswd_auth_crap.user) - 1); + + strncpy(request.data.chng_pswd_auth_crap.domain, + params->domain_name, + sizeof(request.data.chng_pswd_auth_crap.domain) - 1); + + if (params->new_password.response.nt_data) { + memcpy(request.data.chng_pswd_auth_crap.new_nt_pswd, + params->new_password.response.nt_data, + request.data.chng_pswd_auth_crap.new_nt_pswd_len); + request.data.chng_pswd_auth_crap.new_nt_pswd_len = + params->new_password.response.nt_length; + } + + if (params->new_password.response.lm_data) { + memcpy(request.data.chng_pswd_auth_crap.new_lm_pswd, + params->new_password.response.lm_data, + request.data.chng_pswd_auth_crap.new_lm_pswd_len); + request.data.chng_pswd_auth_crap.new_lm_pswd_len = + params->new_password.response.lm_length; + } + + if (params->old_password.response.old_nt_hash_enc_data) { + memcpy(request.data.chng_pswd_auth_crap.old_nt_hash_enc, + params->old_password.response.old_nt_hash_enc_data, + request.data.chng_pswd_auth_crap.old_nt_hash_enc_len); + request.data.chng_pswd_auth_crap.old_nt_hash_enc_len = + params->old_password.response.old_nt_hash_enc_length; + } + + if (params->old_password.response.old_lm_hash_enc_data) { + memcpy(request.data.chng_pswd_auth_crap.old_lm_hash_enc, + params->old_password.response.old_lm_hash_enc_data, + request.data.chng_pswd_auth_crap.old_lm_hash_enc_len); + request.data.chng_pswd_auth_crap.old_lm_hash_enc_len = + params->old_password.response.old_lm_hash_enc_length; + } + + break; + default: + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + break; + } + + if (cmd == 0) { + wbc_status = WBC_ERR_INVALID_PARAM; + BAIL_ON_WBC_ERROR(wbc_status); + } + + /* Send request */ + + wbc_status = wbcRequestResponse(cmd, + &request, + &response); + if (WBC_ERROR_IS_OK(wbc_status)) { + goto done; + } + + /* Take the response above and return it to the caller */ + + if (response.data.auth.nt_status != 0) { + if (error) { + wbc_status = wbc_create_error_info(NULL, + &response, + error); + BAIL_ON_WBC_ERROR(wbc_status); + } + + } + + if (policy) { + wbc_status = wbc_create_password_policy_info(NULL, + &response, + policy); + BAIL_ON_WBC_ERROR(wbc_status); + } + + if (reject_reason) { + *reject_reason = response.data.auth.reject_reason; + } + + wbc_status = WBC_ERR_PWD_CHANGE_FAILED; + BAIL_ON_WBC_ERROR(wbc_status); + + done: + return wbc_status; +} + +/** @brief Change a password for a user + * + * @param username Name of user to authenticate + * @param old_password Old clear text password of user + * @param new_password New clear text password of user + * + * @return #wbcErr + **/ + +wbcErr wbcChangeUserPassword(const char *username, + const char *old_password, + const char *new_password) +{ + wbcErr wbc_status = WBC_ERR_SUCCESS; + struct wbcChangePasswordParams params; + + ZERO_STRUCT(params); + + params.account_name = username; + params.level = WBC_CHANGE_PASSWORD_LEVEL_PLAIN; + params.old_password.plaintext = old_password; + params.new_password.plaintext = new_password; + + wbc_status = wbcChangeUserPasswordEx(¶ms, + NULL, + NULL, + NULL); + BAIL_ON_WBC_ERROR(wbc_status); + +done: + return wbc_status; +} diff --git a/source3/nsswitch/libwbclient/wbclient.c b/source3/nsswitch/libwbclient/wbclient.c index 82decc2f78..bdde562a93 100644 --- a/source3/nsswitch/libwbclient/wbclient.c +++ b/source3/nsswitch/libwbclient/wbclient.c @@ -116,6 +116,8 @@ const char *wbcErrorString(wbcErr error) return "WBC_ERR_UNKNOWN_GROUP"; case WBC_ERR_AUTH_ERROR: return "WBC_ERR_AUTH_ERROR"; + case WBC_ERR_PWD_CHANGE_FAILED: + return "WBC_ERR_PWD_CHANGE_FAILED"; } return "unknown wbcErr value"; diff --git a/source3/nsswitch/libwbclient/wbclient.h b/source3/nsswitch/libwbclient/wbclient.h index 2fefe0c072..cae3feec5b 100644 --- a/source3/nsswitch/libwbclient/wbclient.h +++ b/source3/nsswitch/libwbclient/wbclient.h @@ -44,7 +44,8 @@ enum _wbcErrType { WBC_ERR_NSS_ERROR, /**< NSS_STATUS error **/ WBC_ERR_AUTH_ERROR, /**< Authentication failed **/ WBC_ERR_UNKNOWN_USER, /**< User account cannot be found */ - WBC_ERR_UNKNOWN_GROUP /**< Group account cannot be found */ + WBC_ERR_UNKNOWN_GROUP, /**< Group account cannot be found */ + WBC_ERR_PWD_CHANGE_FAILED /**< Password Change has failed */ }; typedef enum _wbcErrType wbcErr; @@ -204,6 +205,41 @@ struct wbcAuthUserParams { } password; }; +/** + * @brief ChangePassword Parameters + **/ + +struct wbcChangePasswordParams { + const char *account_name; + const char *domain_name; + + uint32_t flags; + + enum wbcChangePasswordLevel { + WBC_CHANGE_PASSWORD_LEVEL_PLAIN = 1, + WBC_CHANGE_PASSWORD_LEVEL_RESPONSE = 2 + } level; + + union { + const char *plaintext; + struct { + uint32_t old_nt_hash_enc_length; + uint8_t *old_nt_hash_enc_data; + uint32_t old_lm_hash_enc_length; + uint8_t *old_lm_hash_enc_data; + } response; + } old_password; + union { + const char *plaintext; + struct { + uint32_t nt_length; + uint8_t *nt_data; + uint32_t lm_length; + uint8_t *lm_data; + } response; + } new_password; +}; + /* wbcAuthUserParams->parameter_control */ #define WBC_MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x00000002 @@ -304,6 +340,38 @@ struct wbcAuthErrorInfo { char *display_string; }; +/** + * @brief User Password Policy Information + **/ + +/* wbcUserPasswordPolicyInfo->password_properties */ + +#define WBC_DOMAIN_PASSWORD_COMPLEX 0x00000001 +#define WBC_DOMAIN_PASSWORD_NO_ANON_CHANGE 0x00000002 +#define WBC_DOMAIN_PASSWORD_NO_CLEAR_CHANGE 0x00000004 +#define WBC_DOMAIN_PASSWORD_LOCKOUT_ADMINS 0x00000008 +#define WBC_DOMAIN_PASSWORD_STORE_CLEARTEXT 0x00000010 +#define WBC_DOMAIN_REFUSE_PASSWORD_CHANGE 0x00000020 + +struct wbcUserPasswordPolicyInfo { + uint32_t min_length_password; + uint32_t password_history; + uint32_t password_properties; + uint64_t expire; + uint64_t min_passwordage; +}; + +/** + * @brief Change Password Reject Reason + **/ + +enum wbcPasswordChangeRejectReason { + WBC_PWD_CHANGE_REJECT_OTHER=0, + WBC_PWD_CHANGE_REJECT_TOO_SHORT=1, + WBC_PWD_CHANGE_REJECT_IN_HISTORY=2, + WBC_PWD_CHANGE_REJECT_COMPLEXITY=5 +}; + /* * DomainControllerInfo struct */ @@ -478,6 +546,14 @@ wbcErr wbcLogoffUser(const char *username, uid_t uid, const char *ccfilename); +wbcErr wbcChangeUserPassword(const char *username, + const char *old_password, + const char *new_password); + +wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params, + struct wbcAuthErrorInfo **error, + enum wbcPasswordChangeRejectReason *reject_reason, + struct wbcUserPasswordPolicyInfo **policy); /* * Resolve functions -- cgit From 1f0cd6a7443b08044d9fbc328fc729e3e2658e46 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 15 Aug 2008 02:01:14 +0200 Subject: wbinfo: add change-user-password command. Guenther (This used to be commit e572ede9995a66ae452ab25018b8df16101a2c2a) --- source3/nsswitch/wbinfo.c | 34 +++++++++++++++++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c index 463d9233d0..60524d1d1b 100644 --- a/source3/nsswitch/wbinfo.c +++ b/source3/nsswitch/wbinfo.c @@ -1341,6 +1341,28 @@ static bool wbinfo_ping(void) return WBC_ERROR_IS_OK(wbc_status); } +static bool wbinfo_change_user_password(const char *username) +{ + wbcErr wbc_status; + char *old_password = NULL; + char *new_password = NULL; + + old_password = wbinfo_prompt_pass("old", username); + new_password = wbinfo_prompt_pass("new", username); + + wbc_status = wbcChangeUserPassword(username, old_password, new_password); + + /* Display response */ + + d_printf("Password change for user %s %s\n", username, + WBC_ERROR_IS_OK(wbc_status) ? "succeeded" : "failed"); + + SAFE_FREE(old_password); + SAFE_FREE(new_password); + + return WBC_ERROR_IS_OK(wbc_status); +} + /* Main program */ enum { @@ -1360,7 +1382,8 @@ enum { OPT_UID_INFO, OPT_GROUP_INFO, OPT_VERBOSE, - OPT_ONLINESTATUS + OPT_ONLINESTATUS, + OPT_CHANGE_USER_PASSWORD }; int main(int argc, char **argv, char **envp) @@ -1427,6 +1450,7 @@ int main(int argc, char **argv, char **envp) #endif { "separator", 0, POPT_ARG_NONE, 0, OPT_SEPARATOR, "Get the active winbind separator", NULL }, { "verbose", 0, POPT_ARG_NONE, 0, OPT_VERBOSE, "Print additional information per command", NULL }, + { "change-user-password", 0, POPT_ARG_STRING, &string_arg, OPT_CHANGE_USER_PASSWORD, "Change the password for a user", NULL }, POPT_COMMON_CONFIGFILE POPT_COMMON_VERSION POPT_TABLEEND @@ -1707,6 +1731,14 @@ int main(int argc, char **argv, char **envp) goto done; } break; + case OPT_CHANGE_USER_PASSWORD: + if (!wbinfo_change_user_password(string_arg)) { + d_fprintf(stderr, "Could not change user password " + "for user %s\n", string_arg); + goto done; + } + break; + /* generic configuration options */ case OPT_DOMAIN_NAME: break; -- cgit From 2d25608a5d5c2e38aba7f45ed96ffb271d25de66 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Fri, 29 Aug 2008 17:43:12 +0200 Subject: libnet: fix join by creating keytab after changing the config. Michael (This used to be commit 96d1c780bf9524b929e6026776602a5288aea73d) --- source3/libnet/libnet_join.c | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index b7a15c558b..b34b4872f4 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -1505,6 +1505,17 @@ static WERROR libnet_join_post_processing(TALLOC_CTX *mem_ctx, if (r->in.join_flags & WKSSVC_JOIN_FLAGS_JOIN_TYPE) { saf_store(r->in.domain_name, r->in.dc_name); + +#ifdef WITH_ADS + if (r->out.domain_is_ad) { + ADS_STATUS ads_status; + + ads_status = libnet_join_post_processing_ads(mem_ctx, r); + if (!ADS_ERR_OK(ads_status)) { + return WERR_GENERAL_FAILURE; + } + } +#endif /* WITH_ADS */ } libnet_join_add_dom_rids_to_builtins(r->out.domain_sid); @@ -1754,16 +1765,6 @@ static WERROR libnet_DomainJoin(TALLOC_CTX *mem_ctx, goto done; } -#ifdef WITH_ADS - if (r->out.domain_is_ad) { - ads_status = libnet_join_post_processing_ads(mem_ctx, r); - if (!ADS_ERR_OK(ads_status)) { - werr = WERR_GENERAL_FAILURE; - goto done; - } - } -#endif /* WITH_ADS */ - werr = WERR_OK; done: -- cgit From f9a0b1675e409a63797693f9d189e9728258ce73 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Fri, 29 Aug 2008 17:55:28 +0200 Subject: libnet_join: streamline logic of libnet_join_post_processing() Michael (This used to be commit 81cc1af1e699e454fbb1d12636d002f845231006) --- source3/libnet/libnet_join.c | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index b34b4872f4..a39dee676f 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -1503,20 +1503,22 @@ static WERROR libnet_join_post_processing(TALLOC_CTX *mem_ctx, return werr; } - if (r->in.join_flags & WKSSVC_JOIN_FLAGS_JOIN_TYPE) { - saf_store(r->in.domain_name, r->in.dc_name); + if (!(r->in.join_flags & WKSSVC_JOIN_FLAGS_JOIN_TYPE)) { + return WERR_OK; + } + + saf_store(r->in.domain_name, r->in.dc_name); #ifdef WITH_ADS - if (r->out.domain_is_ad) { - ADS_STATUS ads_status; + if (r->out.domain_is_ad) { + ADS_STATUS ads_status; - ads_status = libnet_join_post_processing_ads(mem_ctx, r); - if (!ADS_ERR_OK(ads_status)) { - return WERR_GENERAL_FAILURE; - } + ads_status = libnet_join_post_processing_ads(mem_ctx, r); + if (!ADS_ERR_OK(ads_status)) { + return WERR_GENERAL_FAILURE; } -#endif /* WITH_ADS */ } +#endif /* WITH_ADS */ libnet_join_add_dom_rids_to_builtins(r->out.domain_sid); -- cgit From 8193b5694de1865a5038e10b7daabb2d6df7354b Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Wed, 27 Aug 2008 12:09:40 +0200 Subject: packaging(RHEL-CTDB): auto-detect samba version from spec in makerpms.sh Michael (This used to be commit d18075524fa6b83fbb86aa0010c6190136e99865) --- packaging/RHEL-CTDB/makerpms.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/packaging/RHEL-CTDB/makerpms.sh b/packaging/RHEL-CTDB/makerpms.sh index 8a0345bbeb..421903258f 100755 --- a/packaging/RHEL-CTDB/makerpms.sh +++ b/packaging/RHEL-CTDB/makerpms.sh @@ -21,9 +21,11 @@ SRCDIR=`rpm --eval %_sourcedir` # At this point the SPECDIR and SRCDIR variables must have a value! -VERSION='3.3.0' +DIRNAME=$(dirname $0) + REVISION='ctdb' SPECFILE="samba.spec" +VERSION=$(grep ^Version ${DIRNAME}/${SPECFILE} | sed -e 's/^Version:\ \+//') DOCS="docs.tar.bz2" RPMVER=`rpm --version | awk '{print $3}'` RPM="rpmbuild" @@ -41,8 +43,6 @@ case $RPMVER in ;; esac -DIRNAME=$(dirname $0) - pushd ${DIRNAME}/../.. echo -n "Creating samba-${VERSION}.tar.bz2 ... " git archive --prefix=samba-${VERSION}/ HEAD | bzip2 > ${SRCDIR}/samba-${VERSION}.tar.bz2 -- cgit From 9cfe9b3f8672aa09215a56f318715f052602fac6 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Wed, 27 Aug 2008 12:10:07 +0200 Subject: packaging(RHEL-CTDB): remove unused variable from makerpms.sh Michael (This used to be commit 8686ceb9ada5ed3239edccd830ab6aeb007e6750) --- packaging/RHEL-CTDB/makerpms.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/packaging/RHEL-CTDB/makerpms.sh b/packaging/RHEL-CTDB/makerpms.sh index 421903258f..485c810bdb 100755 --- a/packaging/RHEL-CTDB/makerpms.sh +++ b/packaging/RHEL-CTDB/makerpms.sh @@ -23,7 +23,6 @@ SRCDIR=`rpm --eval %_sourcedir` DIRNAME=$(dirname $0) -REVISION='ctdb' SPECFILE="samba.spec" VERSION=$(grep ^Version ${DIRNAME}/${SPECFILE} | sed -e 's/^Version:\ \+//') DOCS="docs.tar.bz2" -- cgit From 595fff85850561124b2ed64e085882e9f760b657 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Fri, 29 Aug 2008 15:16:42 +0200 Subject: packaging(RHEL-CTDB): remove library packaging hacks due to fixed Makfile. Use --libdir instead of --with-libdir . Use new --with-modulesdir to separate LIBDIR and MODULESDIR. This makes post "make install" hacks unnecessary. Michael (This used to be commit a87c0cc084a583d6eafac9fc83093ef29ba9809a) --- packaging/RHEL-CTDB/samba.spec | 50 ++---------------------------------------- 1 file changed, 2 insertions(+), 48 deletions(-) diff --git a/packaging/RHEL-CTDB/samba.spec b/packaging/RHEL-CTDB/samba.spec index 16340c6d4b..6b1f6cfeeb 100644 --- a/packaging/RHEL-CTDB/samba.spec +++ b/packaging/RHEL-CTDB/samba.spec @@ -147,7 +147,8 @@ CFLAGS="$RPM_OPT_FLAGS $EXTRA -D_GNU_SOURCE" ./configure \ --prefix=%{_prefix} \ --localstatedir=/var \ --with-configdir=%{_sysconfdir}/samba \ - --with-libdir=%{_libarchdir}/samba \ + --libdir=%{_libarchdir} \ + --with-modulesdir=%{_libarchdir}/samba \ --with-lockdir=/var/lib/samba \ --with-logfilebase=/var/log/samba \ --with-mandir=%{_mandir} \ @@ -240,56 +241,9 @@ install -m 755 source/nsswitch/libnss_winbind.so $RPM_BUILD_ROOT/%{_libarch}/lib ln -sf libnss_winbind.so libnss_winbind.so.2 ) # ( cd $RPM_BUILD_ROOT/%{_libarch}; ln -sf libnss_wins.so libnss_wins.so.2 ) -# make install puts libsmbclient.so in the wrong place on x86_64 -rm -f $RPM_BUILD_ROOT/usr/lib*/samba/libsmbclient.so* $RPM_BUILD_ROOT/usr/lib*/samba/libsmbclient.a || true -install -m 755 source/bin/libsmbclient.so.0 $RPM_BUILD_ROOT%{_libarchdir}/libsmbclient.so.0 -install -m 755 source/bin/libsmbclient.a $RPM_BUILD_ROOT%{_libarchdir}/libsmbclient.a -install -m 644 source/include/libsmbclient.h $RPM_BUILD_ROOT%{_includedir} -ln -s libsmbclient.so.0 $RPM_BUILD_ROOT%{_libarchdir}/libsmbclient.so - -# make install puts libmsrpc.so in the wrong place on x86_64 -#rm -f $RPM_BUILD_ROOT/usr/lib*/samba/libmsrpc.so $RPM_BUILD_ROOT/usr/lib*/samba/libmsrpc.a || true -#install -m 755 source/bin/libmsrpc.so $RPM_BUILD_ROOT%{_libarchdir}/libmsrpc.so -#install -m 755 source/bin/libmsrpc.a $RPM_BUILD_ROOT%{_libarchdir}/libmsrpc.a -#install -m 644 source/include/libmsrpc.h $RPM_BUILD_ROOT%{_includedir} -#rm -f $RPM_BUILD_ROOT%{_libarchdir}/samba/libmsrpc.* -#ln -s /%{_libarchdir}/libmsrpc.so $RPM_BUILD_ROOT%{_libarchdir}/libmsrpc.so.0 - -# make install puts libsmbsharemodes.so in the wrong place on x86_64 -rm -f $RPM_BUILD_ROOT/usr/lib*/samba/libsmbsharemodes.so* $RPM_BUILD_ROOT/usr/lib*/samba/libsmbsharemodes.a || true -install -m 755 source/bin/libsmbsharemodes.so.0 $RPM_BUILD_ROOT%{_libarchdir}/libsmbsharemodes.so.0 -install -m 755 source/bin/libsmbsharemodes.a $RPM_BUILD_ROOT%{_libarchdir}/libsmbsharemodes.a -install -m 644 source/include/smb_share_modes.h $RPM_BUILD_ROOT%{_includedir} -rm -f $RPM_BUILD_ROOT%{_libarchdir}/samba/libsmbsharemodes.* -ln -s libsmbsharemodes.so.0 $RPM_BUILD_ROOT%{_libarchdir}/libsmbsharemodes.so - # Install pam_smbpass.so install -m755 source/bin/pam_smbpass.so $RPM_BUILD_ROOT/%{_libarch}/security/pam_smbpass.so -# Put the shared libraries to their SONAME under /usr/lib{,64} -# and create the proper .so symlinks -# -# libwbclient -rm -f $RPM_BUILD_ROOT%{_libarchdir}/samba/libwbclient.so* -install -m 755 source/bin/libwbclient.so.0 \ - $RPM_BUILD_ROOT%{_libarchdir}/libwbclient.so.0 -ln -s libwbclient.so.0 $RPM_BUILD_ROOT%{_libarchdir}/libwbclient.so -# libtalloc -rm -f $RPM_BUILD_ROOT%{_libarchdir}/samba/libtalloc.so* -install -m 755 source/bin/libtalloc.so.1 \ - $RPM_BUILD_ROOT%{_libarchdir}/libtalloc.so.1 -ln -s libtalloc.so.1 $RPM_BUILD_ROOT%{_libarchdir}/libtalloc.so -# libtdb -rm -f $RPM_BUILD_ROOT%{_libarchdir}/samba/libtdb.so* -install -m 755 source/bin/libtdb.so.1 \ - $RPM_BUILD_ROOT%{_libarchdir}/libtdb.so.1 -ln -s libtdb.so.1 $RPM_BUILD_ROOT%{_libarchdir}/libtdb.so -# libnetapi -rm -f $RPM_BUILD_ROOT%{_libarchdir}/samba/libnetapi.so* -install -m 755 source/bin/libnetapi.so.0 \ - $RPM_BUILD_ROOT%{_libarchdir}/libnetapi.so.0 -ln -s libnetapi.so.0 $RPM_BUILD_ROOT%{_libarchdir}/libnetapi.so - ## cleanup /bin/rm -rf $RPM_BUILD_ROOT/usr/lib*/samba/security -- cgit From 0d082276233dc15f874f72369e77e7fb480343c0 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Wed, 27 Aug 2008 12:58:06 +0200 Subject: packaging(RHEL-CTDB): remove duplicate installation of pam_smbpass.so Michael (This used to be commit 54e3a6dcb2aaa8dc07d3cfbfb9abb950428b1010) --- packaging/RHEL-CTDB/samba.spec | 3 --- 1 file changed, 3 deletions(-) diff --git a/packaging/RHEL-CTDB/samba.spec b/packaging/RHEL-CTDB/samba.spec index 6b1f6cfeeb..e5ac40f1af 100644 --- a/packaging/RHEL-CTDB/samba.spec +++ b/packaging/RHEL-CTDB/samba.spec @@ -230,9 +230,6 @@ make DESTDIR=$RPM_BUILD_ROOT \ install cd .. -# pam_smbpass -cp source/bin/pam_smbpass.so $RPM_BUILD_ROOT/%{_libarch}/security/pam_smbpass.so - # NSS & PAM winbind support install -m 755 source/bin/pam_winbind.so $RPM_BUILD_ROOT/%{_libarch}/security/pam_winbind.so install -m 755 source/nsswitch/libnss_winbind.so $RPM_BUILD_ROOT/%{_libarch}/libnss_winbind.so -- cgit From 3b18ac2282a25818b8b50853db053c11a9d2ed90 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Wed, 27 Aug 2008 15:52:03 +0200 Subject: packaging(RHEL-CTDB): move libnss_winbind.so bits closer together and comment on commented out libnss_wins.so installation Michael (This used to be commit 590744d6ca78624334a1b351bb7ade2de3047afc) --- packaging/RHEL-CTDB/samba.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/packaging/RHEL-CTDB/samba.spec b/packaging/RHEL-CTDB/samba.spec index e5ac40f1af..882d6be0d5 100644 --- a/packaging/RHEL-CTDB/samba.spec +++ b/packaging/RHEL-CTDB/samba.spec @@ -233,9 +233,13 @@ cd .. # NSS & PAM winbind support install -m 755 source/bin/pam_winbind.so $RPM_BUILD_ROOT/%{_libarch}/security/pam_winbind.so install -m 755 source/nsswitch/libnss_winbind.so $RPM_BUILD_ROOT/%{_libarch}/libnss_winbind.so -#install -m 755 source/nsswitch/libnss_wins.so $RPM_BUILD_ROOT/%{_libarch}/libnss_wins.so ( cd $RPM_BUILD_ROOT/%{_libarch}; ln -sf libnss_winbind.so libnss_winbind.so.2 ) +# +# do not install libnss_wins.so in order to reduce dependencies +# (we do not need it for the samba-ctdb scenario) +# +#install -m 755 source/nsswitch/libnss_wins.so $RPM_BUILD_ROOT/%{_libarch}/libnss_wins.so # ( cd $RPM_BUILD_ROOT/%{_libarch}; ln -sf libnss_wins.so libnss_wins.so.2 ) # Install pam_smbpass.so -- cgit From 81e9895a0e588d83558adc723683ebbeeaf4e860 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Wed, 27 Aug 2008 15:53:00 +0200 Subject: packaging(RHEL-CTDB): fix direction of symlink for libnss_winbind.so.2 This is a workaround, until we have proper creation of libnss_winbind.so.2 and .so as a symlink from the Makefile. Michael (This used to be commit f48070b8798db7be1197dba18b759cf50eb121d8) --- packaging/RHEL-CTDB/samba.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packaging/RHEL-CTDB/samba.spec b/packaging/RHEL-CTDB/samba.spec index 882d6be0d5..9e00ab3e2a 100644 --- a/packaging/RHEL-CTDB/samba.spec +++ b/packaging/RHEL-CTDB/samba.spec @@ -232,9 +232,9 @@ cd .. # NSS & PAM winbind support install -m 755 source/bin/pam_winbind.so $RPM_BUILD_ROOT/%{_libarch}/security/pam_winbind.so -install -m 755 source/nsswitch/libnss_winbind.so $RPM_BUILD_ROOT/%{_libarch}/libnss_winbind.so +install -m 755 source/nsswitch/libnss_winbind.so $RPM_BUILD_ROOT/%{_libarch}/libnss_winbind.so.2 ( cd $RPM_BUILD_ROOT/%{_libarch}; - ln -sf libnss_winbind.so libnss_winbind.so.2 ) + ln -sf libnss_winbind.so.2 libnss_winbind.so ) # # do not install libnss_wins.so in order to reduce dependencies # (we do not need it for the samba-ctdb scenario) -- cgit From dfa91accbd36b022ab13e37edea7987c970936aa Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Thu, 28 Aug 2008 17:14:45 +0200 Subject: packaging(RHEL-CTDB): Add the ldbtools' manpages to the package. Michael (This used to be commit f570071e558f09a3155e9065ec7c73c83e27fd1a) --- packaging/RHEL-CTDB/samba.spec | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/packaging/RHEL-CTDB/samba.spec b/packaging/RHEL-CTDB/samba.spec index 9e00ab3e2a..5297f83608 100644 --- a/packaging/RHEL-CTDB/samba.spec +++ b/packaging/RHEL-CTDB/samba.spec @@ -507,6 +507,11 @@ exit 0 %{_mandir}/man8/net.8* %{_mandir}/man7/pam_winbind.7* %{_mandir}/man7/libsmbclient.7* +%{_mandir}/man1/ldbadd.1* +%{_mandir}/man1/ldbdel.1* +%{_mandir}/man1/ldbedit.1* +%{_mandir}/man1/ldbmodify.1* +%{_mandir}/man1/ldbsearch.1* %ifarch i386 i486 i586 i686 ppc s390 %files winbind-32bit -- cgit From d2dc2e34be6f13956a91678bcb8dd098fb0e5c8b Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Thu, 28 Aug 2008 17:36:48 +0200 Subject: packaging(RHEL-CTDB): add the cifs.upcall manpage to package. Michael (This used to be commit 8343dd5c3a124b9c705f2b71e3747542e193da7e) --- packaging/RHEL-CTDB/samba.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/packaging/RHEL-CTDB/samba.spec b/packaging/RHEL-CTDB/samba.spec index 5297f83608..5f5edad05e 100644 --- a/packaging/RHEL-CTDB/samba.spec +++ b/packaging/RHEL-CTDB/samba.spec @@ -512,6 +512,7 @@ exit 0 %{_mandir}/man1/ldbedit.1* %{_mandir}/man1/ldbmodify.1* %{_mandir}/man1/ldbsearch.1* +%{_mandir}/man8/cifs.upcall.8* %ifarch i386 i486 i586 i686 ppc s390 %files winbind-32bit -- cgit From b12c7dbb53023d1ea9e7df20137c0ad6ba21b9f0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 29 Aug 2008 09:29:07 -0700 Subject: Deal with systems that don't initialize birthtime correctly. Pointed out by SATOH Fumiyasu . Jeremy. (This used to be commit 4f60348c0a934123a8e15bc741076366f6713390) --- source3/lib/time.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/source3/lib/time.c b/source3/lib/time.c index 3cf0cb4f64..8cefef6e23 100644 --- a/source3/lib/time.c +++ b/source3/lib/time.c @@ -860,20 +860,26 @@ struct timespec get_create_timespec(const SMB_STRUCT_STAT *pst,bool fake_dirs) } #if defined(HAVE_STAT_ST_BIRTHTIMESPEC) - return pst->st_birthtimespec; + ret = pst->st_birthtimespec; #elif defined(HAVE_STAT_ST_BIRTHTIMENSEC) ret.tv_sec = pst->st_birthtime; ret.tv_nsec = pst->st_birthtimenspec; - return ret; #elif defined(HAVE_STAT_ST_BIRTHTIME) ret.tv_sec = pst->st_birthtime; ret.tv_nsec = 0; - return ret; #else ret.tv_sec = calc_create_time(pst); ret.tv_nsec = 0; - return ret; #endif + + /* Deal with systems that don't initialize birthtime correctly. + * Pointed out by SATOH Fumiyasu . + */ + if (null_timespec(ret)) { + ret.tv_sec = calc_create_time(pst); + ret.tv_nsec = 0; + } + return ret; } /**************************************************************************** -- cgit From ec4015d34fed1f0a53ae495d9d9b2744f0c29df0 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 31 Aug 2008 11:34:01 +0200 Subject: Fix Coverity ID 592 The scanner did not figure out that we always have a primary domain, so it complained about us potentially passing a NULL pointer down to set_domain_online_request() where it is dereferenced. Make the code a bit clearer. (This used to be commit e6e8d108f95ed974f98f3f57adcfbbde4e00fad9) --- source3/winbindd/winbindd_dual.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/source3/winbindd/winbindd_dual.c b/source3/winbindd/winbindd_dual.c index 916e8c07c7..63ce0e8d7f 100644 --- a/source3/winbindd/winbindd_dual.c +++ b/source3/winbindd/winbindd_dual.c @@ -1212,6 +1212,10 @@ static bool fork_domain_child(struct winbindd_child *child) } } + if (primary_domain == NULL) { + smb_panic("no primary domain found"); + } + /* Ensure we're not handling an event inherited from our parent. */ -- cgit From 06dd647fe04535474eab85d110d409781544e7a7 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 31 Aug 2008 11:45:12 +0200 Subject: Remove a duplicate retval check Jeremy, please check! (This used to be commit 6579005e6490f1a99b3860627ba51decaeb864bd) --- source3/libsmb/clikrb5.c | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/source3/libsmb/clikrb5.c b/source3/libsmb/clikrb5.c index bedd7d7aee..f940081072 100644 --- a/source3/libsmb/clikrb5.c +++ b/source3/libsmb/clikrb5.c @@ -749,16 +749,10 @@ static krb5_error_code ads_krb5_mk_req(krb5_context context, ccache, &in_data ); if (retval) { - DEBUG( 1, ("ads_krb5_get_fwd_ticket failed (%s)\n", error_message( retval ) ) ); + DEBUG( 1, ("ads_krb5_get_fwd_ticket failed (%s)\n", + error_message( retval ) ) ); goto cleanup_creds; } - - if (retval) { - DEBUG( 1, ("krb5_auth_con_set_req_cksumtype failed (%s)\n", - error_message( retval ) ) ); - goto cleanup_creds; - } - } #endif -- cgit From 9554f39b1245408e19bba4bda83f280020a49657 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 31 Aug 2008 12:15:35 +0200 Subject: Fix Coverity ID 589, dead code (This used to be commit 67c0835226e189deba5856710a1dea19ac5f30fd) --- source3/nsswitch/libwbclient/wbc_sid.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/source3/nsswitch/libwbclient/wbc_sid.c b/source3/nsswitch/libwbclient/wbc_sid.c index 324a19bd56..f4ffa4e5ca 100644 --- a/source3/nsswitch/libwbclient/wbc_sid.c +++ b/source3/nsswitch/libwbclient/wbc_sid.c @@ -294,9 +294,18 @@ wbcErr wbcLookupSid(const struct wbcDomainSid *sid, } } else { +#if 0 + /* + * Found by Coverity: In this particular routine we can't end + * up here with a non-NULL name. Further up there are just two + * exit paths that lead here, neither of which leave an + * allocated name. If you add more paths up there, re-activate + * this. + */ if (name != NULL) { talloc_free(name); } +#endif if (domain != NULL) { talloc_free(domain); } -- cgit From 227718cd1a2143cd3c9585fc76f335ec7b5a24a5 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 1 Sep 2008 13:46:27 +0200 Subject: Fix Coverity ID 587 The following test program prints "8" on 64-bit :-) static void print_size(const char lenbuf[4]) { printf("sizeof(lenbuf) = %d\n", (int)sizeof(lenbuf)); } int main(void) { const char lenbuf[4]; print_size(lenbuf); return 0; } Jeremy, please check :-) Volker (This used to be commit 9daea0ccfdda58450be3c9a9a94c016f5900c319) --- source3/smbd/process.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/smbd/process.c b/source3/smbd/process.c index 332a2e4da3..b2d19e11e3 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -164,7 +164,7 @@ static NTSTATUS receive_smb_raw_talloc_partial_read(TALLOC_CTX *mem_ctx, ssize_t toread; NTSTATUS status; - memcpy(writeX_header, lenbuf, sizeof(lenbuf)); + memcpy(writeX_header, lenbuf, 4); status = read_socket_with_timeout( fd, writeX_header + 4, -- cgit From cad04676ca07d5ae812c7dce26684870788c7535 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 1 Sep 2008 16:22:04 +0200 Subject: Fix typo (This used to be commit 544d1fd19a7e85af5f522c5b6b4b68c6beb093a6) --- source3/libsmb/clifile.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c index b3032a08eb..a8b3440513 100644 --- a/source3/libsmb/clifile.c +++ b/source3/libsmb/clifile.c @@ -1892,7 +1892,7 @@ bool cli_set_ea_fnum(struct cli_state *cli, int fnum, const char *ea_name, const } /********************************************************* - Get an extended attribute list tility fn. + Get an extended attribute list utility fn. *********************************************************/ static bool cli_get_ea_list(struct cli_state *cli, -- cgit From edd16eaa90df96f58ba1c224ca9316ccc0e2210d Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 1 Sep 2008 18:42:44 +0200 Subject: Slightly simplify logic: remove an else branch (This used to be commit 56ecec50130aa948a431427285aed4b28a5647e8) --- source3/smbd/reply.c | 25 +++++++++++-------------- 1 file changed, 11 insertions(+), 14 deletions(-) diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ff38ac88cf..16f8a5b177 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3264,25 +3264,22 @@ normal_read: } TALLOC_FREE(req->outbuf); return; - } else { - reply_outbuf(req, 12, smb_maxcnt); + } - nread = read_file(fsp, smb_buf(req->outbuf), startpos, - smb_maxcnt); - if (nread < 0) { - reply_unixerror(req, ERRDOS, ERRnoaccess); - return; - } + reply_outbuf(req, 12, smb_maxcnt); - setup_readX_header((char *)req->outbuf, nread); + nread = read_file(fsp, smb_buf(req->outbuf), startpos, smb_maxcnt); + if (nread < 0) { + reply_unixerror(req, ERRDOS, ERRnoaccess); + return; + } - DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n", - fsp->fnum, (int)smb_maxcnt, (int)nread ) ); + setup_readX_header((char *)req->outbuf, nread); - chain_reply(req); + DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n", + fsp->fnum, (int)smb_maxcnt, (int)nread ) ); - return; - } + chain_reply(req); } /**************************************************************************** -- cgit From 767130ebec474f16e951d1c450cca27e434e9b47 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 1 Sep 2008 21:28:57 +0200 Subject: Fix some nonempty blank lines (This used to be commit 9336cd1c5e5b5d113cd4912d4479dfe609fe261e) --- source3/libsmb/passchange.c | 22 +++++++++++----------- source3/rpc_client/ndr.c | 2 +- source3/utils/smbpasswd.c | 42 +++++++++++++++++++++--------------------- 3 files changed, 33 insertions(+), 33 deletions(-) diff --git a/source3/libsmb/passchange.c b/source3/libsmb/passchange.c index c8a4406949..4c76234e0c 100644 --- a/source3/libsmb/passchange.c +++ b/source3/libsmb/passchange.c @@ -42,7 +42,7 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam "%s.\n", remote_machine); return NT_STATUS_UNSUCCESSFUL; } - + cli = cli_initialise(); if (!cli) { return NT_STATUS_NO_MEMORY; @@ -56,10 +56,10 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam cli_shutdown(cli); return result; } - + make_nmb_name(&calling, global_myname() , 0x0); make_nmb_name(&called , remote_machine, 0x20); - + if (!cli_session_request(cli, &calling, &called)) { asprintf(err_str, "machine %s rejected the session setup. " "Error was : %s.\n", @@ -68,7 +68,7 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam cli_shutdown(cli); return result; } - + cli->protocol = PROTOCOL_NT1; if (!cli_negprot(cli)) { @@ -79,7 +79,7 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam cli_shutdown(cli); return result; } - + /* Given things like SMB signing, restrict anonymous and the like, try an authenticated connection first */ result = cli_session_setup(cli, user_name, @@ -188,7 +188,7 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam } else if (!(NT_STATUS_EQUAL(result, NT_STATUS_ACCESS_DENIED) || NT_STATUS_EQUAL(result, NT_STATUS_UNSUCCESSFUL))) { /* it failed, but for reasons such as wrong password, too short etc ... */ - + asprintf(err_str, "machine %s rejected the password change: " "Error was : %s.\n", remote_machine, get_friendly_nt_error_msg(result)); @@ -198,12 +198,12 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam /* OK, that failed, so try again... */ TALLOC_FREE(pipe_hnd); - + /* Try anonymous NTLMSSP... */ cli_init_creds(cli, "", "", NULL); - + result = NT_STATUS_UNSUCCESSFUL; - + /* OK, this is ugly, but... try an anonymous pipe. */ result = cli_rpc_pipe_open_noauth(cli, &ndr_table_samr.syntax_id, &pipe_hnd); @@ -227,10 +227,10 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam cli_shutdown(cli); return result; } - + /* We have failed to change the user's password, and we think the server just might not support SAMR password changes, so fall back */ - + if (lp_client_lanman_auth()) { /* Use the old RAP method. */ if (cli_oem_change_password(cli, user_name, new_passwd, old_passwd)) { diff --git a/source3/rpc_client/ndr.c b/source3/rpc_client/ndr.c index c494cce848..72a33137a6 100644 --- a/source3/rpc_client/ndr.c +++ b/source3/rpc_client/ndr.c @@ -60,7 +60,7 @@ NTSTATUS cli_do_rpc_ndr(struct rpc_pipe_client *cli, talloc_free(push); prs_init_empty( &r_ps, mem_ctx, UNMARSHALL ); - + status = rpc_api_pipe_req(cli, opnum, &q_ps, &r_ps); prs_mem_free( &q_ps ); diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c index 493a249bea..600fe52f0d 100644 --- a/source3/utils/smbpasswd.c +++ b/source3/utils/smbpasswd.c @@ -210,7 +210,7 @@ static char *prompt_for_new_password(bool stdin_get) fstring new_pw; ZERO_ARRAY(new_pw); - + p = get_pass("New SMB password:", stdin_get); fstrcpy(new_pw, p); @@ -254,7 +254,7 @@ static NTSTATUS password_change(const char *remote_mach, char *username, SAFE_FREE(err_str); return ret; } - + ret = local_password_change(username, local_flags, new_pw, &err_str, &msg_str); @@ -278,7 +278,7 @@ static bool store_ldap_admin_pw (char* pw) if (!secrets_init()) return False; - + return secrets_store_ldap_pw(lp_ldap_admin_dn(), pw); } @@ -316,7 +316,7 @@ static int process_root(int local_flags) DEBUG(0, ("Failed to open passdb!\n")); exit(1); } - + /* Ensure we have a SAM sid. */ get_global_sam_sid(); @@ -330,7 +330,7 @@ static int process_root(int local_flags) (remote_machine != NULL))) { usage(); } - + /* Only load interfaces if we are doing network operations. */ if (remote_machine) { @@ -386,19 +386,19 @@ static int process_root(int local_flags) exit(1); } } - + /* prepare uppercased and '$' terminated username */ slprintf(buf, sizeof(buf) - 1, "%s$", user_name); fstrcpy(user_name, buf); - + } else { - + if (remote_machine != NULL) { old_passwd = get_pass("Old SMB password:",stdin_passwd_get); } - + if (!(local_flags & LOCAL_SET_PASSWORD)) { - + /* * If we are trying to enable a user, first we need to find out * if they are using a modern version of the smbpasswd file that @@ -407,10 +407,10 @@ static int process_root(int local_flags) * password. If not (ie. they have a no stored password in the * smbpasswd file) then we need to prompt for a new password. */ - + if(local_flags & LOCAL_ENABLE_USER) { struct samu *sampass = NULL; - + sampass = samu_new( NULL ); if (!sampass) { fprintf(stderr, "talloc fail for struct samu.\n"); @@ -428,10 +428,10 @@ static int process_root(int local_flags) TALLOC_FREE(sampass); } } - + if((local_flags & LOCAL_SET_PASSWORD) && (new_passwd == NULL)) { new_passwd = prompt_for_new_password(stdin_passwd_get); - + if(!new_passwd) { fprintf(stderr, "Unable to get new password.\n"); exit(1); @@ -451,7 +451,7 @@ static int process_root(int local_flags) printf("Password changed for user %s on %s.\n", user_name, remote_machine ); } else if(!(local_flags & (LOCAL_ADD_USER|LOCAL_DISABLE_USER|LOCAL_ENABLE_USER|LOCAL_DELETE_USER|LOCAL_SET_NO_PASSWORD|LOCAL_SET_PASSWORD))) { struct samu *sampass = NULL; - + sampass = samu_new( NULL ); if (!sampass) { fprintf(stderr, "talloc fail for struct samu.\n"); @@ -507,7 +507,7 @@ static int process_nonroot(int local_flags) exit(1); } } - + /* * A non-root user is always setting a password * via a remote machine (even if that machine is @@ -523,13 +523,13 @@ static int process_nonroot(int local_flags) if (remote_machine != NULL) { old_pw = get_pass("Old SMB password:",stdin_passwd_get); } - + if (!new_passwd) { new_pw = prompt_for_new_password(stdin_passwd_get); } else new_pw = smb_xstrdup(new_passwd); - + if (!new_pw) { fprintf(stderr, "Unable to get new password.\n"); exit(1); @@ -561,7 +561,7 @@ int main(int argc, char **argv) TALLOC_CTX *frame = talloc_stackframe(); int local_flags = 0; int ret; - + AllowDebugChange = False; #if defined(HAVE_SET_AUTH_PARAMETERS) @@ -577,12 +577,12 @@ int main(int argc, char **argv) local_flags = process_options(argc, argv, local_flags); setup_logging("smbpasswd", True); - + /* * Set the machine NETBIOS name if not already * set from the config file. */ - + if (!init_names()) return 1; -- cgit From 087a992b973466079f033c55bc5a1f522dc235fd Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 1 Sep 2008 17:07:33 +0200 Subject: doserr: add WERR_WRONG_PASSWORD. Guenther (This used to be commit 977fec76b77639403ba9ab7bb00c57601e23493d) --- source3/include/doserr.h | 1 + source3/libsmb/doserr.c | 2 ++ 2 files changed, 3 insertions(+) diff --git a/source3/include/doserr.h b/source3/include/doserr.h index 9dd20e87e7..c901df28e4 100644 --- a/source3/include/doserr.h +++ b/source3/include/doserr.h @@ -214,6 +214,7 @@ #define WERR_GROUP_EXISTS W_ERROR(1318) #define WERR_MEMBER_IN_GROUP W_ERROR(1320) #define WERR_USER_NOT_IN_GROUP W_ERROR(1321) +#define WERR_WRONG_PASSWORD W_ERROR(1323) #define WERR_PASSWORD_RESTRICTION W_ERROR(1325) #define WERR_LOGON_FAILURE W_ERROR(1326) #define WERR_NO_SUCH_DOMAIN W_ERROR(1355) diff --git a/source3/libsmb/doserr.c b/source3/libsmb/doserr.c index 50b5b2238c..c62918e214 100644 --- a/source3/libsmb/doserr.c +++ b/source3/libsmb/doserr.c @@ -91,6 +91,7 @@ werror_code_struct dos_errs[] = { "WERR_DEFAULT_JOIN_REQUIRED", WERR_DEFAULT_JOIN_REQUIRED }, { "WERR_DEVICE_NOT_AVAILABLE", WERR_DEVICE_NOT_AVAILABLE }, { "WERR_LOGON_FAILURE", WERR_LOGON_FAILURE }, + { "WERR_WRONG_PASSWORD", WERR_WRONG_PASSWORD }, { "WERR_PASSWORD_RESTRICTION", WERR_PASSWORD_RESTRICTION }, { "WERR_NO_SUCH_DOMAIN", WERR_NO_SUCH_DOMAIN }, { "WERR_NONE_MAPPED", WERR_NONE_MAPPED }, @@ -150,6 +151,7 @@ werror_str_struct dos_err_strs[] = { { WERR_GROUP_EXISTS, "Group already exists" }, { WERR_DS_DRA_BAD_DN, "An invalid distinguished name was specified for this replication" }, { WERR_DS_DRA_BAD_NC, "An invalid naming context was specified for this replication operation" }, + { WERR_WRONG_PASSWORD, "The current password is incorrect" } }; /***************************************************************************** -- cgit From c97880e979d49e0afca8ad0d2e2362e24ca0cfde Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 2 Sep 2008 09:44:39 +0200 Subject: Remove unused CLI_DO_RPC macros (This used to be commit f5212c64d23a28fa40a14b45a8d1c0181f01a6da) --- source3/include/rpc_client.h | 48 -------------------------------------------- 1 file changed, 48 deletions(-) diff --git a/source3/include/rpc_client.h b/source3/include/rpc_client.h index d1af6f958d..684044b871 100644 --- a/source3/include/rpc_client.h +++ b/source3/include/rpc_client.h @@ -42,54 +42,6 @@ /* macro to expand cookie-cutter code in cli_xxx() using rpc_api_pipe_req() */ -#define CLI_DO_RPC_INTERNAL( pcli, ctx, interface, opnum, q_in, r_out, \ - q_ps, r_ps, q_io_fn, r_io_fn, default_error, copy_sess_key ) \ -{\ - SMB_ASSERT(ndr_syntax_id_equal(&pcli->abstract_syntax, interface)); \ - if (!prs_init( &q_ps, RPC_MAX_PDU_FRAG_LEN, ctx, MARSHALL )) { \ - return NT_STATUS_NO_MEMORY;\ - }\ - prs_init_empty( &r_ps, ctx, UNMARSHALL );\ - if ( copy_sess_key) prs_set_session_key(&q_ps, (const char *)pcli->dc->sess_key);\ - if ( q_io_fn("", &q_in, &q_ps, 0) ) {\ - NTSTATUS _smb_pipe_stat_ = rpc_api_pipe_req(pcli, opnum, &q_ps, &r_ps); \ - if (!NT_STATUS_IS_OK(_smb_pipe_stat_)) {\ - prs_mem_free( &q_ps );\ - prs_mem_free( &r_ps );\ - return _smb_pipe_stat_;\ - }\ - if ( copy_sess_key ) prs_set_session_key(&r_ps, (const char *)pcli->dc->sess_key);\ - if (!r_io_fn("", &r_out, &r_ps, 0)) {\ - prs_mem_free( &q_ps );\ - prs_mem_free( &r_ps );\ - return default_error;\ - }\ - } else {\ - prs_mem_free( &q_ps );\ - prs_mem_free( &r_ps );\ - return default_error;\ - }\ - prs_mem_free( &q_ps );\ - prs_mem_free( &r_ps );\ -} - -#define CLI_DO_RPC_COPY_SESS_KEY( pcli, ctx, p_idx, opnum, q_in, r_out, \ - q_ps, r_ps, q_io_fn, r_io_fn, default_error ) \ -{\ - CLI_DO_RPC_INTERNAL( pcli, ctx, p_idx, opnum, q_in, r_out, \ - q_ps, r_ps, q_io_fn, r_io_fn, default_error, True ); \ -} - -#define CLI_DO_RPC( pcli, ctx, p_idx, opnum, q_in, r_out, \ - q_ps, r_ps, q_io_fn, r_io_fn, default_error ) \ -{\ - CLI_DO_RPC_INTERNAL( pcli, ctx, p_idx, opnum, q_in, r_out, \ - q_ps, r_ps, q_io_fn, r_io_fn, default_error, False ); \ -} - - -/* Arrrgg. Same but with WERRORS. Needed for registry code. */ - #define CLI_DO_RPC_WERR( pcli, ctx, interface, opnum, q_in, r_out, \ q_ps, r_ps, q_io_fn, r_io_fn, default_error ) \ {\ -- cgit From aac60fead2d3a07756c320ee09a0960252510c19 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 2 Sep 2008 21:51:30 +0200 Subject: winbindd: the ad trusted_domains call should return talloced strings. Guenther (This used to be commit b57cbf62e8180c8fdb8f541c43358d36d8dbbdfa) --- source3/winbindd/winbindd_ads.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c index 53ea3e148c..94e3bad7b2 100644 --- a/source3/winbindd/winbindd_ads.c +++ b/source3/winbindd/winbindd_ads.c @@ -1239,8 +1239,11 @@ static NTSTATUS trusted_domains(struct winbindd_domain *domain, continue; } - (*names)[ret_count] = CONST_DISCARD(char *, trusts.array[i].netbios_name); - (*alt_names)[ret_count] = CONST_DISCARD(char *, trusts.array[i].dns_name); + (*names)[ret_count] = talloc_strdup(mem_ctx, trusts.array[i].netbios_name); + (*alt_names)[ret_count] = talloc_strdup(mem_ctx, trusts.array[i].dns_name); + if ((*names)[ret_count] == NULL) { + return NT_STATUS_NO_MEMORY; + } if (trusts.array[i].sid) { sid_copy(&(*dom_sids)[ret_count], trusts.array[i].sid); } else { -- cgit From 29dd253e696f9a2f94fc13f408996eca9ede8a7d Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 3 Sep 2008 12:52:29 +0200 Subject: Tiny logic simplification: remove an else branch (This used to be commit 9c4905ed6703a38ff72be5990a036d0a79aebb9f) --- source3/rpc_client/cli_pipe.c | 69 +++++++++++++++++++++---------------------- 1 file changed, 33 insertions(+), 36 deletions(-) diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index 41dde87c42..f32a33fdb6 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -1637,6 +1637,7 @@ NTSTATUS rpc_api_pipe_req(struct rpc_pipe_client *cli, uint16 frag_len = 0; uint8 flags = 0; uint32 ss_padding = 0; + ssize_t num_written; data_sent_thistime = calculate_data_len_tosend(cli, data_left, &frag_len, &auth_len, &ss_padding); @@ -1724,43 +1725,39 @@ NTSTATUS rpc_api_pipe_req(struct rpc_pipe_client *cli, } return ret; - } else { - /* More packets to come - write and continue. */ - ssize_t num_written; - - switch (cli->transport_type) { - case NCACN_NP: - num_written = cli_write(cli->trans.np.cli, - cli->trans.np.fnum, - 8, /* 8 means message mode. */ - prs_data_p(&outgoing_pdu), - (off_t)0, - (size_t)hdr.frag_len); - - if (num_written != hdr.frag_len) { - prs_mem_free(&outgoing_pdu); - return cli_get_nt_error( - cli->trans.np.cli); - } - break; - case NCACN_IP_TCP: - case NCACN_UNIX_STREAM: - num_written = write_data( - cli->trans.sock.fd, - prs_data_p(&outgoing_pdu), - (size_t)hdr.frag_len); - if (num_written != hdr.frag_len) { - NTSTATUS status; - status = map_nt_error_from_unix(errno); - prs_mem_free(&outgoing_pdu); - return status; - } - break; - default: - DEBUG(0, ("unknown transport type %d\n", - cli->transport_type)); - return NT_STATUS_INTERNAL_ERROR; + } + + switch (cli->transport_type) { + case NCACN_NP: + num_written = cli_write(cli->trans.np.cli, + cli->trans.np.fnum, + 8, /* 8 means message mode. */ + prs_data_p(&outgoing_pdu), + (off_t)0, + (size_t)hdr.frag_len); + + if (num_written != hdr.frag_len) { + prs_mem_free(&outgoing_pdu); + return cli_get_nt_error(cli->trans.np.cli); } + break; + case NCACN_IP_TCP: + case NCACN_UNIX_STREAM: + num_written = write_data( + cli->trans.sock.fd, + prs_data_p(&outgoing_pdu), + (size_t)hdr.frag_len); + if (num_written != hdr.frag_len) { + NTSTATUS status; + status = map_nt_error_from_unix(errno); + prs_mem_free(&outgoing_pdu); + return status; + } + break; + default: + DEBUG(0, ("unknown transport type %d\n", + cli->transport_type)); + return NT_STATUS_INTERNAL_ERROR; } current_data_offset += data_sent_thistime; -- cgit From 84fca380f2040c53d20fff41972d2f4102183766 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 3 Sep 2008 14:22:48 +0200 Subject: factor prs_append_some_data out of prs_append_some_prs_data (This used to be commit 32cb45c962c822bd79a7d0f666f2f6037060b324) --- source3/include/proto.h | 2 ++ source3/rpc_parse/parse_prs.c | 26 +++++++++++++++++--------- 2 files changed, 19 insertions(+), 9 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index abfc79024a..291afac44d 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -7822,6 +7822,8 @@ uint32 prs_data_size(prs_struct *ps); uint32 prs_offset(prs_struct *ps); bool prs_set_offset(prs_struct *ps, uint32 offset); bool prs_append_prs_data(prs_struct *dst, prs_struct *src); +bool prs_append_some_data(prs_struct *dst, void *src_base, uint32_t start, + uint32_t len); bool prs_append_some_prs_data(prs_struct *dst, prs_struct *src, int32 start, uint32 len); bool prs_copy_data_in(prs_struct *dst, const char *src, uint32 len); bool prs_copy_data_out(char *dst, prs_struct *src, uint32 len); diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c index 072132f5ac..b3deb80c5d 100644 --- a/source3/rpc_parse/parse_prs.c +++ b/source3/rpc_parse/parse_prs.c @@ -395,18 +395,26 @@ bool prs_append_prs_data(prs_struct *dst, prs_struct *src) Append some data from one parse_struct into another. ********************************************************************/ -bool prs_append_some_prs_data(prs_struct *dst, prs_struct *src, int32 start, uint32 len) -{ - if (len == 0) - return True; +bool prs_append_some_data(prs_struct *dst, void *src_base, uint32_t start, + uint32_t len) +{ + if (len == 0) { + return true; + } - if(!prs_grow(dst, len)) - return False; - - memcpy(&dst->data_p[dst->data_offset], src->data_p + start, (size_t)len); + if(!prs_grow(dst, len)) { + return false; + } + + memcpy(&dst->data_p[dst->data_offset], src_base + start, (size_t)len); dst->data_offset += len; + return true; +} - return True; +bool prs_append_some_prs_data(prs_struct *dst, prs_struct *src, int32 start, + uint32 len) +{ + return prs_append_some_data(dst, src->data_p, start, len); } /******************************************************************* -- cgit