From 3db52feb1f3b2c07ce0b06ad4a7099fa6efe3fc7 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 13 Dec 1999 13:27:58 +0000 Subject: first pass at updating head branch to be to be the same as the SAMBA_2_0 branch (This used to be commit 453a822a76780063dff23526c35408866d0c0154) --- source3/rpcclient/cmd_lsarpc.c | 273 +---- source3/rpcclient/cmd_netlogon.c | 167 +-- source3/rpcclient/cmd_reg.c | 777 ++++-------- source3/rpcclient/cmd_samr.c | 2459 ++++++-------------------------------- source3/rpcclient/cmd_srvsvc.c | 244 ++-- source3/rpcclient/cmd_wkssvc.c | 22 +- source3/rpcclient/rpcclient.c | 1974 +++++++----------------------- 7 files changed, 1200 insertions(+), 4716 deletions(-) (limited to 'source3/rpcclient') diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c index effcecd0ed..731eda4437 100644 --- a/source3/rpcclient/cmd_lsarpc.c +++ b/source3/rpcclient/cmd_lsarpc.c @@ -2,8 +2,8 @@ Unix SMB/Netbios implementation. Version 1.9. NT Domain Authentication SMB / MSRPC client - Copyright (C) Andrew Tridgell 1994-1999 - Copyright (C) Luke Kenneth Casson Leighton 1996-1999 + Copyright (C) Andrew Tridgell 1994-1997 + Copyright (C) Luke Kenneth Casson Leighton 1996-1997 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -21,6 +21,7 @@ */ + #ifdef SYSLOG #undef SYSLOG #endif @@ -32,73 +33,18 @@ extern int DEBUGLEVEL; #define DEBUG_TESTING -extern FILE* out_hnd; - -/**************************************************************************** -nt enumerate trusted domains -****************************************************************************/ -void cmd_lsa_enum_trust_dom(struct client_info *info, int argc, char *argv[]) -{ - fstring srv_name; - uint32 num_doms = 0; - char **domains = NULL; - DOM_SID **sids = NULL; - uint32 enum_ctx = 0; - POLICY_HND lsa_pol; - - BOOL res = True; +extern struct cli_state *smb_cli; +extern int smb_tidx; - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - DEBUG(4,("cmd_lsa_enum_trust_dom: server:%s\n", srv_name)); - - /* lookup domain controller; receive a policy handle */ - res = res ? lsa_open_policy( srv_name, - &lsa_pol, False) : False; - - do - { - /* send enum trusted domains query */ - res = res ? lsa_enum_trust_dom( &lsa_pol, - &enum_ctx, - &num_doms, &domains, &sids) : False; - - } while (res && enum_ctx != 0); - - res = res ? lsa_close(&lsa_pol) : False; - - if (res) - { - uint32 i; - DEBUG(5,("cmd_lsa_enum_trust_dom: query succeeded\n")); - - report(out_hnd, "LSA Enumerate Trusted Domains\n"); - for (i = 0; i < num_doms; i++) - { - fstring sid; - sid_to_string(sid, sids[i]); - report(out_hnd, "Domain:\t%s\tSID:\t%s\n", - domains[i], sid); - } - } - else - { - DEBUG(5,("cmd_lsa_enum_trust_dom: query failed\n")); - } +extern FILE* out_hnd; - free_char_array(num_doms, domains); - free_sid_array(num_doms, sids); -} /**************************************************************************** nt lsa query ****************************************************************************/ -void cmd_lsa_query_info(struct client_info *info, int argc, char *argv[]) +void cmd_lsa_query_info(struct client_info *info) { fstring srv_name; - POLICY_HND lsa_pol; BOOL res = True; @@ -108,26 +54,37 @@ void cmd_lsa_query_info(struct client_info *info, int argc, char *argv[]) ZERO_STRUCT(info->dom.level5_sid); fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); + fstrcat(srv_name, info->myhostname); strupper(srv_name); DEBUG(4,("cmd_lsa_query_info: server:%s\n", srv_name)); + DEBUG(5, ("cmd_lsa_query_info: smb_cli->fd:%d\n", smb_cli->fd)); + + /* open LSARPC session. */ + res = res ? cli_nt_session_open(smb_cli, PIPE_LSARPC) : False; + /* lookup domain controller; receive a policy handle */ - res = res ? lsa_open_policy( srv_name, - &lsa_pol, False) : False; + res = res ? do_lsa_open_policy(smb_cli, + srv_name, + &info->dom.lsa_info_pol, False) : False; /* send client info query, level 3. receive domain name and sid */ - res = res ? lsa_query_info_pol( &lsa_pol, 0x03, + res = res ? do_lsa_query_info_pol(smb_cli, + &info->dom.lsa_info_pol, 0x03, info->dom.level3_dom, &info->dom.level3_sid) : False; /* send client info query, level 5. receive domain name and sid */ - res = res ? lsa_query_info_pol( &lsa_pol, 0x05, + res = res ? do_lsa_query_info_pol(smb_cli, + &info->dom.lsa_info_pol, 0x05, info->dom.level5_dom, &info->dom.level5_sid) : False; - res = res ? lsa_close(&lsa_pol) : False; + res = res ? do_lsa_close(smb_cli, &info->dom.lsa_info_pol) : False; + + /* close the session */ + cli_nt_session_close(smb_cli); if (res) { @@ -135,25 +92,25 @@ void cmd_lsa_query_info(struct client_info *info, int argc, char *argv[]) fstring sid; DEBUG(5,("cmd_lsa_query_info: query succeeded\n")); - report(out_hnd, "LSA Query Info Policy\n"); + fprintf(out_hnd, "LSA Query Info Policy\n"); if (info->dom.level3_dom[0] != 0) { sid_to_string(sid, &info->dom.level3_sid); - report(out_hnd, "Domain Member - Domain: %s SID: %s\n", + fprintf(out_hnd, "Domain Member - Domain: %s SID: %s\n", info->dom.level3_dom, sid); domain_something = True; } if (info->dom.level5_dom[0] != 0) { sid_to_string(sid, &info->dom.level5_sid); - report(out_hnd, "Domain Controller - Domain: %s SID: %s\n", + fprintf(out_hnd, "Domain Controller - Domain: %s SID: %s\n", info->dom.level5_dom, sid); domain_something = True; } if (!domain_something) { - report(out_hnd, "%s is not a Domain Member or Controller\n", + fprintf(out_hnd, "%s is not a Domain Member or Controller\n", info->dest_host); } } @@ -164,111 +121,33 @@ void cmd_lsa_query_info(struct client_info *info, int argc, char *argv[]) } /**************************************************************************** -lookup names +nt lsa query ****************************************************************************/ -void cmd_lsa_lookup_names(struct client_info *info, int argc, char *argv[]) +void cmd_lsa_lookup_sids(struct client_info *info) { - POLICY_HND lsa_pol; fstring temp; int i; + fstring sid_name; fstring srv_name; - int num_names = 0; - char **names; - DOM_SID *sids = NULL; - int num_sids = 0; -#if 0 DOM_SID sid[10]; DOM_SID *sids[10]; -#endif - BOOL res = True; - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - DEBUG(4,("cmd_lsa_lookup_names: server: %s\n", srv_name)); - - argc--; - argv++; - - num_names = argc; - names = argv; - - if (num_names <= 0) - { - report(out_hnd, "lookupnames [ ...]\n"); - return; - } - - /* lookup domain controller; receive a policy handle */ - res = res ? lsa_open_policy( srv_name, - &lsa_pol, True) : False; - - /* send lsa lookup sids call */ - res = res ? lsa_lookup_names( &lsa_pol, - num_names, names, - &sids, NULL, &num_sids) : False; - - res = res ? lsa_close(&lsa_pol) : False; - - if (res) - { - DEBUG(5,("cmd_lsa_lookup_names: query succeeded\n")); - } - else - { - DEBUG(5,("cmd_lsa_lookup_names: query failed\n")); - } - - if (sids != NULL) - { - report(out_hnd, "Lookup Names:\n"); - for (i = 0; i < num_sids; i++) - { - sid_to_string(temp, &sids[i]); - report(out_hnd, "SID: %s -> %s\n", names[i], temp); -#if 0 - if (sids[i] != NULL) - { - free(sids[i]); - } -#endif - } - free(sids); - } -} - -/**************************************************************************** -lookup sids -****************************************************************************/ -void cmd_lsa_lookup_sids(struct client_info *info, int argc, char *argv[]) -{ - POLICY_HND lsa_pol; - int i; - pstring sid_name; - fstring srv_name; - DOM_SID **sids = NULL; - uint32 num_sids = 0; + int num_sids = 0; char **names = NULL; int num_names = 0; BOOL res = True; fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); + fstrcat(srv_name, info->myhostname); strupper(srv_name); DEBUG(4,("cmd_lsa_lookup_sids: server: %s\n", srv_name)); - argv++; - argc--; - - while (argc > 0) + while (num_sids < 10 && next_token(NULL, temp, NULL, sizeof(temp))) { - DOM_SID sid; - if (strnequal("S-", argv[0], 2)) + if (strnequal("S-", temp, 2)) { - fstrcpy(sid_name, argv[0]); + fstrcpy(sid_name, temp); } else { @@ -276,37 +155,42 @@ void cmd_lsa_lookup_sids(struct client_info *info, int argc, char *argv[]) if (sid_name[0] == 0) { - report(out_hnd, "please use lsaquery first or specify a complete SID\n"); + fprintf(out_hnd, "please use lsaquery first or specify a complete SID\n"); return; } fstrcat(sid_name, "-"); - fstrcat(sid_name, argv[0]); + fstrcat(sid_name, temp); } - string_to_sid(&sid, sid_name); - - add_sid_to_array(&num_sids, &sids, &sid); - - argc--; - argv++; + init_dom_sid(&sid[num_sids], sid_name); + sids[num_sids] = &sid[num_sids]; + num_sids++; } if (num_sids == 0) { - report(out_hnd, "lookupsid RID or SID\n"); + fprintf(out_hnd, "lookupsid RID or SID\n"); return; } + /* open LSARPC session. */ + res = res ? cli_nt_session_open(smb_cli, PIPE_LSARPC) : False; + /* lookup domain controller; receive a policy handle */ - res = res ? lsa_open_policy( srv_name, - &lsa_pol, True) : False; + res = res ? do_lsa_open_policy(smb_cli, + srv_name, + &info->dom.lsa_info_pol, True) : False; /* send lsa lookup sids call */ - res = res ? lsa_lookup_sids( &lsa_pol, + res = res ? do_lsa_lookup_sids(smb_cli, + &info->dom.lsa_info_pol, num_sids, sids, - &names, NULL, &num_names) : False; + &names, &num_names) : False; - res = res ? lsa_close(&lsa_pol) : False; + res = res ? do_lsa_close(smb_cli, &info->dom.lsa_info_pol) : False; + + /* close the session */ + cli_nt_session_close(smb_cli); if (res) { @@ -318,12 +202,11 @@ void cmd_lsa_lookup_sids(struct client_info *info, int argc, char *argv[]) } if (names != NULL) { - report(out_hnd, "Lookup SIDS:\n"); + fprintf(out_hnd,"Lookup SIDS:\n"); for (i = 0; i < num_names; i++) { - fstring temp; sid_to_string(temp, sids[i]); - report(out_hnd, "SID: %s -> %s\n", temp, names[i]); + fprintf(out_hnd, "SID: %s -> %s\n", temp, names[i]); if (names[i] != NULL) { free(names[i]); @@ -331,47 +214,5 @@ void cmd_lsa_lookup_sids(struct client_info *info, int argc, char *argv[]) } free(names); } - - free_sid_array(num_sids, sids); -} - -/**************************************************************************** -nt lsa query -****************************************************************************/ -void cmd_lsa_query_secret(struct client_info *info, int argc, char *argv[]) -{ - char *secret_name; - STRING2 secret; - NTTIME last_update; - fstring srv_name; - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - if (argc > 2) - { - report(out_hnd, "querysecret \n"); - return; - } - - secret_name = argv[1]; - - if (msrpc_lsa_query_secret(srv_name, secret_name, &secret, &last_update)) - { - int i; - report(out_hnd, "\tValue : "); - for (i = 0; i < secret.str_str_len; i++) - { - report(out_hnd, "%02X", secret.buffer[i]); - } - - report(out_hnd, "\n\tLast Updated: %s\n\n", - http_timestring(nt_time_to_unix(&last_update))); - } - else - { - report(out_hnd, "LSA Query Secret: failed\n"); - } } diff --git a/source3/rpcclient/cmd_netlogon.c b/source3/rpcclient/cmd_netlogon.c index c518fbb9f5..2c8514b43e 100644 --- a/source3/rpcclient/cmd_netlogon.c +++ b/source3/rpcclient/cmd_netlogon.c @@ -33,7 +33,7 @@ extern int DEBUGLEVEL; #define DEBUG_TESTING -extern struct ntuser_creds *usr_creds; +extern struct cli_state *smb_cli; extern FILE* out_hnd; @@ -41,32 +41,16 @@ extern FILE* out_hnd; /**************************************************************************** experimental nt login. ****************************************************************************/ -void cmd_netlogon_login_test(struct client_info *info, int argc, char *argv[]) +void cmd_netlogon_login_test(struct client_info *info) { -#if 0 extern BOOL global_machine_password_needs_changing; -#endif fstring nt_user_name; fstring password; BOOL res = True; char *nt_password; unsigned char trust_passwd[16]; - fstring trust_acct; - fstring domain; - char *p; - - fstring srv_name; - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - fstrcpy(domain, usr_creds->domain); - if (domain[0] == 0) - { - fstrcpy(domain, info->dom.level3_dom); - } #if 0 /* machine account passwords */ pstring new_mach_pwd; @@ -75,80 +59,46 @@ void cmd_netlogon_login_test(struct client_info *info, int argc, char *argv[]) new_mach_pwd[0] = 0; #endif - argc--; - argv++; - - if (argc < 1) + if (!next_token(NULL, nt_user_name, NULL, sizeof(nt_user_name))) { - fstrcpy(nt_user_name, usr_creds->user_name); + fstrcpy(nt_user_name, smb_cli->user_name); if (nt_user_name[0] == 0) { - report(out_hnd,"ntlogin: must specify username with anonymous connection\n"); - report(out_hnd,"ntlogin [[DOMAIN\\]user] [password]\n"); + fprintf(out_hnd,"ntlogin: must specify username with anonymous connection\n"); return; } } - else - { - fstrcpy(nt_user_name, argv[0]); - } - - p = strchr(nt_user_name, '\\'); - if (p != NULL) - { - fstrcpy(domain, nt_user_name); - p = strchr(domain, '\\'); - if (p != NULL) - { - *p = 0; - fstrcpy(nt_user_name, p+1); - } - - } - if (domain[0] == 0) + if (next_token(NULL, password, NULL, sizeof(password))) { - report(out_hnd,"no domain specified.\n"); - } - - argc--; - argv++; - - if (argc > 0) - { - nt_password = argv[0]; + nt_password = password; } else { nt_password = getpass("Enter NT Login password:"); } - DEBUG(5,("do_nt_login_test: username %s from: %s\n", - nt_user_name, info->myhostname)); + DEBUG(5,("do_nt_login_test: username %s\n", nt_user_name)); - fstrcpy(trust_acct, info->myhostname); - fstrcat(trust_acct, "$"); - - res = res ? trust_get_passwd(trust_passwd, domain, info->myhostname) : False; + res = res ? trust_get_passwd(trust_passwd, smb_cli->domain, info->myhostname) : False; #if 0 /* check whether the user wants to change their machine password */ res = res ? trust_account_check(info->dest_ip, info->dest_host, - info->myhostname, usr_creds->domain, + info->myhostname, smb_cli->domain, info->mach_acct, new_mach_pwd) : False; #endif + /* open NETLOGON session. negotiate credentials */ + res = res ? cli_nt_session_open(smb_cli, PIPE_NETLOGON) : False; - res = res ? cli_nt_setup_creds(srv_name, info->myhostname, - trust_acct, - trust_passwd, SEC_CHAN_WKSTA) == 0x0 : False; + res = res ? cli_nt_setup_creds(smb_cli, trust_passwd) : False; -#if 0 /* change the machine password? */ if (global_machine_password_needs_changing) { unsigned char new_trust_passwd[16]; generate_random_buffer(new_trust_passwd, 16, True); - res = res ? cli_nt_srv_pwset(srv_name, info->myhostname, new_trust_passwd, SEC_CHAN_WKSTA) : False; + res = res ? cli_nt_srv_pwset(smb_cli, new_trust_passwd) : False; if (res) { @@ -157,102 +107,27 @@ void cmd_netlogon_login_test(struct client_info *info, int argc, char *argv[]) memset(new_trust_passwd, 0, 16); } -#endif memset(trust_passwd, 0, 16); /* do an NT login */ - res = res ? cli_nt_login_interactive(srv_name, info->myhostname, - usr_creds->domain, nt_user_name, + res = res ? cli_nt_login_interactive(smb_cli, + smb_cli->domain, nt_user_name, getuid(), nt_password, &info->dom.ctr, &info->dom.user_info3) : False; /*** clear out the password ***/ memset(password, 0, sizeof(password)); -#if 0 /* ok! you're logged in! do anything you like, then... */ /* do an NT logout */ - res = res ? cli_nt_logoff(srv_name, info->myhostname, &info->dom.ctr) : False; -#endif + res = res ? cli_nt_logoff(smb_cli, &info->dom.ctr) : False; - report(out_hnd,"cmd_nt_login: login (%s) test succeeded: %s\n", - nt_user_name, BOOLSTR(res)); -} + /* close the session */ + cli_nt_session_close(smb_cli); -/**************************************************************************** -experimental nt login. -****************************************************************************/ -void cmd_netlogon_domain_test(struct client_info *info, int argc, char *argv[]) -{ - char *nt_trust_dom; - BOOL res = True; - unsigned char trust_passwd[16]; - fstring inter_dom_acct; - - fstring srv_name; - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - if (argc < 2) - { - report(out_hnd,"domtest: must specify domain name\n"); - return; - } - - nt_trust_dom = argv[1]; - - DEBUG(5,("do_nt_login_test: domain %s\n", nt_trust_dom)); - - fstrcpy(inter_dom_acct, nt_trust_dom); - fstrcat(inter_dom_acct, "$"); - - res = res ? trust_get_passwd(trust_passwd, usr_creds->domain, nt_trust_dom) : False; - - res = res ? cli_nt_setup_creds(srv_name, - info->myhostname, inter_dom_acct, - trust_passwd, - SEC_CHAN_DOMAIN) == 0x0 : False; - - memset(trust_passwd, 0, 16); - - report(out_hnd,"cmd_nt_login: credentials (%s) test succeeded: %s\n", - nt_trust_dom, BOOLSTR(res)); + fprintf(out_hnd,"cmd_nt_login: login (%s) test succeeded: %s\n", + nt_user_name, BOOLSTR(res)); } -/**************************************************************************** -experimental SAM synchronisation. -****************************************************************************/ -void cmd_sam_sync(struct client_info *info, int argc, char *argv[]) -{ - SAM_DELTA_HDR hdr_deltas[MAX_SAM_DELTAS]; - SAM_DELTA_CTR deltas[MAX_SAM_DELTAS]; - uint32 num; - uchar trust_passwd[16]; - fstring srv_name; - fstring trust_acct; - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - fstrcpy(trust_acct, info->myhostname); - fstrcat(trust_acct, "$"); - - if (!trust_get_passwd(trust_passwd, usr_creds->domain, info->myhostname)) - { - report(out_hnd, "cmd_sam_sync: no trust account password\n"); - return; - } - - if (net_sam_sync(srv_name, info->myhostname, - trust_acct, trust_passwd, - hdr_deltas, deltas, &num)) - { - display_sam_sync(out_hnd, ACTION_HEADER , hdr_deltas, deltas, num); - display_sam_sync(out_hnd, ACTION_ENUMERATE, hdr_deltas, deltas, num); - display_sam_sync(out_hnd, ACTION_FOOTER , hdr_deltas, deltas, num); - } -} diff --git a/source3/rpcclient/cmd_reg.c b/source3/rpcclient/cmd_reg.c index 275db6e12b..fcc12c530c 100644 --- a/source3/rpcclient/cmd_reg.c +++ b/source3/rpcclient/cmd_reg.c @@ -2,8 +2,8 @@ Unix SMB/Netbios implementation. Version 1.9. NT Domain Authentication SMB / MSRPC client - Copyright (C) Andrew Tridgell 1994-1999 - Copyright (C) Luke Kenneth Casson Leighton 1996-1999 + Copyright (C) Andrew Tridgell 1994-1997 + Copyright (C) Luke Kenneth Casson Leighton 1996-1997 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -31,97 +31,34 @@ extern int DEBUGLEVEL; +extern struct cli_state *smb_cli; +extern int smb_tidx; + extern FILE* out_hnd; /* * keys. of the form: * ---- * - * [HKLM]|[HKU]|[HKCR]\[parent_keyname]\[subkey]|[value] + * [HKLM]|[HKU]\[parent_keyname_components]\[subkey]|[value] * * reg_getsubkey() splits this down into: - * [HKLM]|[HKU]|[HKCR]\[parent_keyname_components] and [subkey]|[value] + * [HKLM]|[HKU]\[parent_keyname_components] and [subkey]|[value] * - * reg_connect() splits the left side down further into: - * [HKLM]|[HKU]|[HKCR] and [parent_keyname_components]. + * do_reg_connect() splits the left side down further into: + * [HKLM]|[HKU] and [parent_keyname_components]. * * HKLM is short for HKEY_LOCAL_MACHINE - * HKCR is short for HKEY_CLASSES_ROOT * HKU is short for HKEY_USERS * * oh, and HKEY stands for "Hive Key". * */ -static void reg_display_key(int val, const char *full_keyname, int num) -{ - switch (val) - { - case 0: - { - /* initialsation */ - report(out_hnd, "Key Name:\t%s\n", full_keyname); - break; - } - case 1: - { - /* subkeys initialisation */ - if (num > 0) - { - report(out_hnd,"Subkeys\n"); - report(out_hnd,"-------\n"); - } - break; - } - case 2: - { - /* values initialisation */ - if (num > 0) - { - report(out_hnd,"Key Values\n"); - report(out_hnd,"----------\n"); - } - break; - } - case 3: - { - /* clean-up */ - break; - } - default: - { - break; - } - } -} - -void split_server_keyname(char *srv_name, char *key, const char* arg) -{ - pstrcpy(key, arg); - - if (strnequal("\\\\", key, 2)) - { - char *p = strchr(&key[2], '\\'); - if (p == NULL) - { - key[0] = 0; - return; - } - - *p = 0; - - fstrcpy(srv_name, key); - pstrcpy(key, &arg[strlen(srv_name)+1]); - } -} - /**************************************************************************** nt registry enum ****************************************************************************/ -BOOL msrpc_reg_enum_key(const char* srv_name, const char* full_keyname, - REG_FN(reg_fn), - REG_KEY_FN(reg_key_fn), - REG_VAL_FN(reg_val_fn)) +void cmd_reg_enum(struct client_info *info) { BOOL res = True; BOOL res1 = True; @@ -129,7 +66,7 @@ BOOL msrpc_reg_enum_key(const char* srv_name, const char* full_keyname, int i; POLICY_HND key_pol; - POLICY_HND pol_con; + fstring full_keyname; fstring key_name; /* @@ -153,36 +90,46 @@ BOOL msrpc_reg_enum_key(const char* srv_name, const char* full_keyname, uint32 unk_1a_response; - DEBUG(5, ("reg_enum_key: %s\n", full_keyname)); + DEBUG(5, ("cmd_reg_enum: smb_cli->fd:%d\n", smb_cli->fd)); + + if (!next_token(NULL, full_keyname, NULL, sizeof(full_keyname))) + { + fprintf(out_hnd, "regenum \n"); + return; + } + + /* open WINREG session. */ + res = res ? cli_nt_session_open(smb_cli, PIPE_WINREG) : False; /* open registry receive a policy handle */ - res = res ? reg_connect(srv_name, full_keyname, key_name, - &pol_con) : False; + res = res ? do_reg_connect(smb_cli, full_keyname, key_name, + &info->dom.reg_pol_connect) : False; if ((*key_name) != 0) { /* open an entry */ - res1 = res ? reg_open_entry(&pol_con, + res1 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, key_name, 0x02000000, &key_pol) : False; } else { - memcpy(&key_pol, &pol_con, sizeof(key_pol)); + memcpy(&key_pol, &info->dom.reg_pol_connect, sizeof(key_pol)); } - res1 = res1 ? reg_query_key(&key_pol, + res1 = res1 ? do_reg_query_key(smb_cli, + &key_pol, key_class, &max_class_len, &num_subkeys, &max_subkeylen, &max_subkeysize, &num_values, &max_valnamelen, &max_valbufsize, &sec_desc, &mod_time) : False; - if (res1 && reg_fn != NULL) + if (res1 && num_subkeys > 0) { - reg_fn(0, full_keyname, 0); - reg_fn(1, full_keyname, num_subkeys); + fprintf(out_hnd,"Subkeys\n"); + fprintf(out_hnd,"-------\n"); } - for (i = 0; i < num_subkeys && reg_key_fn != NULL; i++) + for (i = 0; i < num_subkeys; i++) { /* * enumerate key @@ -194,33 +141,36 @@ BOOL msrpc_reg_enum_key(const char* srv_name, const char* full_keyname, time_t key_mod_time; /* unknown 1a it */ - res2 = res1 ? reg_unknown_1a(&key_pol, + res2 = res1 ? do_reg_unknown_1a(smb_cli, &key_pol, &unk_1a_response) : False; if (res2 && unk_1a_response != 5) { - report(out_hnd,"Unknown 1a response: %x\n", unk_1a_response); + fprintf(out_hnd,"Unknown 1a response: %x\n", unk_1a_response); } /* enum key */ - res2 = res2 ? reg_enum_key(&key_pol, + res2 = res2 ? do_reg_enum_key(smb_cli, &key_pol, i, enum_name, &enum_unk1, &enum_unk2, &key_mod_time) : False; if (res2) { - reg_key_fn(full_keyname, enum_name, key_mod_time); + display_reg_key_info(out_hnd, ACTION_HEADER , enum_name, key_mod_time); + display_reg_key_info(out_hnd, ACTION_ENUMERATE, enum_name, key_mod_time); + display_reg_key_info(out_hnd, ACTION_FOOTER , enum_name, key_mod_time); } } - if (reg_fn != NULL) + if (num_values > 0) { - reg_fn(2, full_keyname, num_values); + fprintf(out_hnd,"Key Values\n"); + fprintf(out_hnd,"----------\n"); } - for (i = 0; i < num_values && reg_val_fn != NULL; i++) + for (i = 0; i < num_values; i++) { /* * enumerate key @@ -231,191 +181,57 @@ BOOL msrpc_reg_enum_key(const char* srv_name, const char* full_keyname, fstring val_name; /* unknown 1a it */ - res2 = res1 ? reg_unknown_1a(&key_pol, + res2 = res1 ? do_reg_unknown_1a(smb_cli, &key_pol, &unk_1a_response) : False; if (res2 && unk_1a_response != 5) { - report(out_hnd,"Unknown 1a response: %x\n", unk_1a_response); + fprintf(out_hnd,"Unknown 1a response: %x\n", unk_1a_response); } /* enum key */ - res2 = res2 ? reg_enum_val(&key_pol, + res2 = res2 ? do_reg_enum_val(smb_cli, &key_pol, i, max_valnamelen, max_valbufsize, val_name, &val_type, &value) : False; if (res2) { - reg_val_fn(full_keyname, val_name, val_type, &value); + display_reg_value_info(out_hnd, ACTION_HEADER , val_name, val_type, &value); + display_reg_value_info(out_hnd, ACTION_ENUMERATE, val_name, val_type, &value); + display_reg_value_info(out_hnd, ACTION_FOOTER , val_name, val_type, &value); } } - if (res1 && reg_fn != NULL) - { - reg_fn(3, full_keyname, 0); - } - /* close the handles */ if ((*key_name) != 0) { - res1 = res1 ? reg_close(&key_pol) : False; + res1 = res1 ? do_reg_close(smb_cli, &key_pol) : False; } - res = res ? reg_close(&pol_con) : False; + res = res ? do_reg_close(smb_cli, &info->dom.reg_pol_connect) : False; - if (res && res1 && res2) - { - DEBUG(5,("msrpc_reg_enum_key: query succeeded\n")); - } - else - { - DEBUG(5,("msrpc_reg_enum_key: query failed\n")); - } + /* close the session */ + cli_nt_session_close(smb_cli); - return res1; -} - -static void reg_display_key_info(const char *full_name, - const char *name, time_t key_mod_time) -{ - display_reg_key_info(out_hnd, ACTION_HEADER , name, key_mod_time); - display_reg_key_info(out_hnd, ACTION_ENUMERATE, name, key_mod_time); - display_reg_key_info(out_hnd, ACTION_FOOTER , name, key_mod_time); -} - -static void reg_display_val_info(const char *full_name, - const char* name, - uint32 type, - const BUFFER2 *const value) -{ - display_reg_value_info(out_hnd, ACTION_HEADER , name, type, value); - display_reg_value_info(out_hnd, ACTION_ENUMERATE, name, type, value); - display_reg_value_info(out_hnd, ACTION_FOOTER , name, type, value); -} - -/**************************************************************************** -nt registry enum -****************************************************************************/ -void cmd_reg_enum(struct client_info *info, int argc, char *argv[]) -{ - pstring full_keyname; - - fstring srv_name; - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - if (argc < 2) - { - report(out_hnd, "regenum \n"); - return; - } - - split_server_keyname(srv_name, full_keyname, argv[1]); - - (void)(msrpc_reg_enum_key(srv_name, full_keyname, - reg_display_key, - reg_display_key_info, - reg_display_val_info)); -} - -/**************************************************************************** -nt registry query value info -****************************************************************************/ -void cmd_reg_query_info(struct client_info *info, int argc, char *argv[]) -{ - BOOL res = True; - BOOL res1 = True; - BOOL res2 = True; - - POLICY_HND key_pol; - POLICY_HND pol_con; - pstring full_keyname; - fstring key_name; - fstring keyname; - fstring val_name; - - /* - * query value info - */ - - BUFFER2 buf; - uint32 type; - - fstring srv_name; - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - if (argc < 2) - { - report(out_hnd, "regvalinfo value_name\n"); - return; - } - - split_server_keyname(srv_name, full_keyname, argv[1]); - - reg_get_subkey(full_keyname, keyname, val_name); - - if (keyname[0] == 0 || val_name[0] == 0) - { - report(out_hnd, "invalid value name\n"); - return; - } - - /* open registry receive a policy handle */ - res = res ? reg_connect(srv_name, keyname, key_name, - &pol_con) : False; - - if ((*key_name) != 0) - { - /* open an entry */ - res1 = res ? reg_open_entry(&pol_con, - key_name, 0x02000000, &key_pol) : False; - } - else - { - memcpy(&key_pol, &pol_con, sizeof(key_pol)); - } - - /* query it */ - res2 = res1 ? reg_query_info(&key_pol, - val_name, &type, &buf) : False; - - if (res2) - { - reg_display_val_info(full_keyname, val_name, type, &buf); - } - - /* close the handles */ - if ((*key_name) != 0) - { - res1 = res1 ? reg_close(&key_pol) : False; - } - res = res ? reg_close(&pol_con) : False; - - if (res2) + if (res && res1 && res2) { - DEBUG(5,("cmd_reg_query: query succeeded\n")); + DEBUG(5,("cmd_reg_enum: query succeeded\n")); } else { - DEBUG(5,("cmd_reg_query: query failed\n")); + DEBUG(5,("cmd_reg_enum: query failed\n")); } } /**************************************************************************** nt registry query key ****************************************************************************/ -void cmd_reg_query_key(struct client_info *info, int argc, char *argv[]) +void cmd_reg_query_key(struct client_info *info) { BOOL res = True; BOOL res1 = True; POLICY_HND key_pol; - POLICY_HND pol_con; - pstring full_keyname; + fstring full_keyname; fstring key_name; /* @@ -433,36 +249,34 @@ void cmd_reg_query_key(struct client_info *info, int argc, char *argv[]) uint32 sec_desc; NTTIME mod_time; - fstring srv_name; - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); + DEBUG(5, ("cmd_reg_enum: smb_cli->fd:%d\n", smb_cli->fd)); - if (argc < 2) + if (!next_token(NULL, full_keyname, NULL, sizeof(full_keyname))) { - report(out_hnd, "regquery key_name\n"); + fprintf(out_hnd, "regquery key_name\n"); return; } - split_server_keyname(srv_name, full_keyname, argv[1]); + /* open WINREG session. */ + res = res ? cli_nt_session_open(smb_cli, PIPE_WINREG) : False; /* open registry receive a policy handle */ - res = res ? reg_connect(srv_name, full_keyname, key_name, - &pol_con) : False; + res = res ? do_reg_connect(smb_cli, full_keyname, key_name, + &info->dom.reg_pol_connect) : False; if ((*key_name) != 0) { /* open an entry */ - res1 = res ? reg_open_entry(&pol_con, + res1 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, key_name, 0x02000000, &key_pol) : False; } else { - memcpy(&key_pol, &pol_con, sizeof(key_pol)); + memcpy(&key_pol, &info->dom.reg_pol_connect, sizeof(key_pol)); } - res1 = res1 ? reg_query_key(&key_pol, + res1 = res1 ? do_reg_query_key(smb_cli, + &key_pol, key_class, &key_class_len, &num_subkeys, &max_subkeylen, &max_subkeysize, &num_values, &max_valnamelen, &max_valbufsize, @@ -470,7 +284,8 @@ void cmd_reg_query_key(struct client_info *info, int argc, char *argv[]) if (res1 && key_class_len != 0) { - res1 = res1 ? reg_query_key(&key_pol, + res1 = res1 ? do_reg_query_key(smb_cli, + &key_pol, key_class, &key_class_len, &num_subkeys, &max_subkeylen, &max_subkeysize, &num_values, &max_valnamelen, &max_valbufsize, @@ -479,20 +294,23 @@ void cmd_reg_query_key(struct client_info *info, int argc, char *argv[]) if (res1) { - report(out_hnd,"Registry Query Info Key\n"); - report(out_hnd,"key class: %s\n", key_class); - report(out_hnd,"subkeys, max_len, max_size: %d %d %d\n", num_subkeys, max_subkeylen, max_subkeysize); - report(out_hnd,"vals, max_len, max_size: 0x%x 0x%x 0x%x\n", num_values, max_valnamelen, max_valbufsize); - report(out_hnd,"sec desc: 0x%x\n", sec_desc); - report(out_hnd,"mod time: %s\n", http_timestring(nt_time_to_unix(&mod_time))); + fprintf(out_hnd,"Registry Query Info Key\n"); + fprintf(out_hnd,"key class: %s\n", key_class); + fprintf(out_hnd,"subkeys, max_len, max_size: %d %d %d\n", num_subkeys, max_subkeylen, max_subkeysize); + fprintf(out_hnd,"vals, max_len, max_size: 0x%x 0x%x 0x%x\n", num_values, max_valnamelen, max_valbufsize); + fprintf(out_hnd,"sec desc: 0x%x\n", sec_desc); + fprintf(out_hnd,"mod time: %s\n", http_timestring(nt_time_to_unix(&mod_time))); } /* close the handles */ if ((*key_name) != 0) { - res1 = res1 ? reg_close(&key_pol) : False; + res1 = res1 ? do_reg_close(smb_cli, &key_pol) : False; } - res = res ? reg_close(&pol_con) : False; + res = res ? do_reg_close(smb_cli, &info->dom.reg_pol_connect) : False; + + /* close the session */ + cli_nt_session_close(smb_cli); if (res && res1) { @@ -507,18 +325,18 @@ void cmd_reg_query_key(struct client_info *info, int argc, char *argv[]) /**************************************************************************** nt registry create value ****************************************************************************/ -void cmd_reg_create_val(struct client_info *info, int argc, char *argv[]) +void cmd_reg_create_val(struct client_info *info) { BOOL res = True; BOOL res3 = True; BOOL res4 = True; POLICY_HND parent_pol; - POLICY_HND pol_con; - pstring full_keyname; + fstring full_keyname; fstring keyname; fstring parent_name; fstring val_name; + fstring tmp; uint32 val_type; BUFFER3 value; @@ -526,75 +344,75 @@ void cmd_reg_create_val(struct client_info *info, int argc, char *argv[]) uint32 unk_0; uint32 unk_1; /* query it */ - res1 = res1 ? reg_query_info(&val_pol, + res1 = res1 ? do_reg_query_info(smb_cli, &val_pol, type, &unk_0, &unk_1) : False; #endif - fstring srv_name; + DEBUG(5, ("cmd_reg_create_val: smb_cli->fd:%d\n", smb_cli->fd)); - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - if (argc < 4) + if (!next_token(NULL, full_keyname, NULL, sizeof(full_keyname))) { - report(out_hnd, "regcreate \n"); - report(out_hnd, "(val_type 1=UNISTR, 3=BYTES, 4=DWORD supported\n"); + fprintf(out_hnd, "regcreate \n"); return; } - split_server_keyname(srv_name, full_keyname, argv[1]); - reg_get_subkey(full_keyname, keyname, val_name); - argc--; - argv++; - if (keyname[0] == 0 || val_name[0] == 0) { - report(out_hnd, "invalid key name\n"); + fprintf(out_hnd, "invalid key name\n"); return; } - if (argc < 2) + if (!next_token(NULL, tmp, NULL, sizeof(tmp))) { + fprintf(out_hnd, "regcreate \n"); return; } - argc--; - argv++; - - val_type = atoi(argv[0]); + val_type = atoi(tmp); if (val_type != 1 && val_type != 3 && val_type != 4) { - report(out_hnd, "val_type 1=UNISTR, 3=BYTES, 4=DWORD supported\n"); + fprintf(out_hnd, "val_type 1=UNISTR, 3=BYTES, 4=DWORD supported\n"); return; } - argc--; - argv++; + if (!next_token(NULL, tmp, NULL, sizeof(tmp))) + { + fprintf(out_hnd, "regcreate \n"); + return; + } switch (val_type) { case 0x01: /* UNISTR */ { - make_buffer3_str(&value, argv[0], strlen(argv[0])+1); + init_buffer3_str(&value, tmp, strlen(tmp)+1); break; } case 0x03: /* BYTES */ { - make_buffer3_hex(&value, argv[0]); + init_buffer3_hex(&value, tmp); break; } case 0x04: /* DWORD */ { - make_buffer3_uint32(&value, get_number(argv[0])); + uint32 tmp_val; + if (strnequal(tmp, "0x", 2)) + { + tmp_val = strtol(tmp, (char**)NULL, 16); + } + else + { + tmp_val = strtol(tmp, (char**)NULL, 10); + } + init_buffer3_uint32(&value, tmp_val); break; } default: { - report(out_hnd, "i told you i only deal with UNISTR, DWORD and BYTES!\n"); + fprintf(out_hnd, "i told you i only deal with UNISTR, DWORD and BYTES!\n"); return; } } @@ -602,41 +420,47 @@ void cmd_reg_create_val(struct client_info *info, int argc, char *argv[]) DEBUG(10,("key data:\n")); dump_data(10, (char *)value.buffer, value.buf_len); + /* open WINREG session. */ + res = res ? cli_nt_session_open(smb_cli, PIPE_WINREG) : False; + /* open registry receive a policy handle */ - res = res ? reg_connect(srv_name, keyname, parent_name, - &pol_con) : False; + res = res ? do_reg_connect(smb_cli, keyname, parent_name, + &info->dom.reg_pol_connect) : False; if ((*val_name) != 0) { /* open an entry */ - res3 = res ? reg_open_entry(&pol_con, + res3 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, parent_name, 0x02000000, &parent_pol) : False; } else { - memcpy(&parent_pol, &pol_con, sizeof(parent_pol)); + memcpy(&parent_pol, &info->dom.reg_pol_connect, sizeof(parent_pol)); } /* create an entry */ - res4 = res3 ? reg_create_val(&parent_pol, + res4 = res3 ? do_reg_create_val(smb_cli, &parent_pol, val_name, val_type, &value) : False; /* flush the modified key */ - res4 = res4 ? reg_flush_key(&parent_pol) : False; + res4 = res4 ? do_reg_flush_key(smb_cli, &parent_pol) : False; /* close the val handle */ if ((*val_name) != 0) { - res3 = res3 ? reg_close(&parent_pol) : False; + res3 = res3 ? do_reg_close(smb_cli, &parent_pol) : False; } /* close the registry handles */ - res = res ? reg_close(&pol_con) : False; + res = res ? do_reg_close(smb_cli, &info->dom.reg_pol_connect) : False; + + /* close the session */ + cli_nt_session_close(smb_cli); if (res && res3 && res4) { DEBUG(5,("cmd_reg_create_val: query succeeded\n")); - report(out_hnd,"OK\n"); + fprintf(out_hnd,"OK\n"); } else { @@ -647,72 +471,71 @@ void cmd_reg_create_val(struct client_info *info, int argc, char *argv[]) /**************************************************************************** nt registry delete value ****************************************************************************/ -void cmd_reg_delete_val(struct client_info *info, int argc, char *argv[]) +void cmd_reg_delete_val(struct client_info *info) { BOOL res = True; BOOL res3 = True; BOOL res4 = True; POLICY_HND parent_pol; - POLICY_HND pol_con; - pstring full_keyname; + fstring full_keyname; fstring keyname; fstring parent_name; fstring val_name; - fstring srv_name; + DEBUG(5, ("cmd_reg_delete_val: smb_cli->fd:%d\n", smb_cli->fd)); - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - if (argc < 2) + if (!next_token(NULL, full_keyname, NULL, sizeof(full_keyname))) { - report(out_hnd, "regdelete \n"); + fprintf(out_hnd, "regdelete \n"); return; } - split_server_keyname(srv_name, full_keyname, argv[1]); - reg_get_subkey(full_keyname, keyname, val_name); if (keyname[0] == 0 || val_name[0] == 0) { - report(out_hnd, "invalid key name\n"); + fprintf(out_hnd, "invalid key name\n"); return; } + /* open WINREG session. */ + res = res ? cli_nt_session_open(smb_cli, PIPE_WINREG) : False; + /* open registry receive a policy handle */ - res = res ? reg_connect(srv_name, keyname, parent_name, - &pol_con) : False; + res = res ? do_reg_connect(smb_cli, keyname, parent_name, + &info->dom.reg_pol_connect) : False; if ((*val_name) != 0) { /* open an entry */ - res3 = res ? reg_open_entry(&pol_con, + res3 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, parent_name, 0x02000000, &parent_pol) : False; } else { - memcpy(&parent_pol, &pol_con, sizeof(parent_pol)); + memcpy(&parent_pol, &info->dom.reg_pol_connect, sizeof(parent_pol)); } /* delete an entry */ - res4 = res3 ? reg_delete_val(&parent_pol, val_name) : False; + res4 = res3 ? do_reg_delete_val(smb_cli, &parent_pol, val_name) : False; /* flush the modified key */ - res4 = res4 ? reg_flush_key(&parent_pol) : False; + res4 = res4 ? do_reg_flush_key(smb_cli, &parent_pol) : False; /* close the key handle */ - res3 = res3 ? reg_close(&parent_pol) : False; + res3 = res3 ? do_reg_close(smb_cli, &parent_pol) : False; /* close the registry handles */ - res = res ? reg_close(&pol_con) : False; + res = res ? do_reg_close(smb_cli, &info->dom.reg_pol_connect) : False; + + /* close the session */ + cli_nt_session_close(smb_cli); if (res && res3 && res4) { DEBUG(5,("cmd_reg_delete_val: query succeeded\n")); - report(out_hnd,"OK\n"); + fprintf(out_hnd,"OK\n"); } else { @@ -723,75 +546,74 @@ void cmd_reg_delete_val(struct client_info *info, int argc, char *argv[]) /**************************************************************************** nt registry delete key ****************************************************************************/ -void cmd_reg_delete_key(struct client_info *info, int argc, char *argv[]) +void cmd_reg_delete_key(struct client_info *info) { BOOL res = True; BOOL res3 = True; BOOL res4 = True; POLICY_HND parent_pol; - POLICY_HND pol_con; - pstring full_keyname; + fstring full_keyname; fstring parent_name; fstring key_name; fstring subkey_name; - fstring srv_name; - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); + DEBUG(5, ("cmd_reg_delete_key: smb_cli->fd:%d\n", smb_cli->fd)); - if (argc < 2) + if (!next_token(NULL, full_keyname, NULL, sizeof(full_keyname))) { - report(out_hnd, "regdeletekey \n"); + fprintf(out_hnd, "regdeletekey \n"); return; } - split_server_keyname(srv_name, full_keyname, argv[1]); - reg_get_subkey(full_keyname, parent_name, subkey_name); if (parent_name[0] == 0 || subkey_name[0] == 0) { - report(out_hnd, "invalid key name\n"); + fprintf(out_hnd, "invalid key name\n"); return; } + /* open WINREG session. */ + res = res ? cli_nt_session_open(smb_cli, PIPE_WINREG) : False; + /* open registry receive a policy handle */ - res = res ? reg_connect(srv_name, parent_name, key_name, - &pol_con) : False; + res = res ? do_reg_connect(smb_cli, parent_name, key_name, + &info->dom.reg_pol_connect) : False; if ((*key_name) != 0) { /* open an entry */ - res3 = res ? reg_open_entry(&pol_con, + res3 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, key_name, 0x02000000, &parent_pol) : False; } else { - memcpy(&parent_pol, &pol_con, sizeof(parent_pol)); + memcpy(&parent_pol, &info->dom.reg_pol_connect, sizeof(parent_pol)); } /* create an entry */ - res4 = res3 ? reg_delete_key(&parent_pol, subkey_name) : False; + res4 = res3 ? do_reg_delete_key(smb_cli, &parent_pol, subkey_name) : False; /* flush the modified key */ - res4 = res4 ? reg_flush_key(&parent_pol) : False; + res4 = res4 ? do_reg_flush_key(smb_cli, &parent_pol) : False; /* close the key handle */ if ((*key_name) != 0) { - res3 = res3 ? reg_close(&parent_pol) : False; + res3 = res3 ? do_reg_close(smb_cli, &parent_pol) : False; } /* close the registry handles */ - res = res ? reg_close(&pol_con) : False; + res = res ? do_reg_close(smb_cli, &info->dom.reg_pol_connect) : False; + + /* close the session */ + cli_nt_session_close(smb_cli); if (res && res3 && res4) { DEBUG(5,("cmd_reg_delete_key: query succeeded\n")); - report(out_hnd,"OK\n"); + fprintf(out_hnd,"OK\n"); } else { @@ -802,7 +624,7 @@ void cmd_reg_delete_key(struct client_info *info, int argc, char *argv[]) /**************************************************************************** nt registry create key ****************************************************************************/ -void cmd_reg_create_key(struct client_info *info, int argc, char *argv[]) +void cmd_reg_create_key(struct client_info *info) { BOOL res = True; BOOL res3 = True; @@ -810,41 +632,30 @@ void cmd_reg_create_key(struct client_info *info, int argc, char *argv[]) POLICY_HND parent_pol; POLICY_HND key_pol; - POLICY_HND pol_con; - pstring full_keyname; + fstring full_keyname; fstring parent_key; fstring parent_name; fstring key_name; fstring key_class; SEC_ACCESS sam_access; - fstring srv_name; - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); + DEBUG(5, ("cmd_reg_create_key: smb_cli->fd:%d\n", smb_cli->fd)); - if (argc < 2) + if (!next_token(NULL, full_keyname, NULL, sizeof(full_keyname))) { - report(out_hnd, "regcreate [key_class]\n"); + fprintf(out_hnd, "regcreate [key_class]\n"); return; } - split_server_keyname(srv_name, full_keyname, argv[1]); - reg_get_subkey(full_keyname, parent_key, key_name); if (parent_key[0] == 0 || key_name[0] == 0) { - report(out_hnd, "invalid key name\n"); + fprintf(out_hnd, "invalid key name\n"); return; } - if (argc > 2) - { - fstrcpy(key_class, argv[2]); - } - else + if (!next_token(NULL, key_class, NULL, sizeof(key_class))) { memset(key_class, 0, sizeof(key_class)); } @@ -852,44 +663,50 @@ void cmd_reg_create_key(struct client_info *info, int argc, char *argv[]) /* set access permissions */ sam_access.mask = SEC_RIGHTS_READ; + /* open WINREG session. */ + res = res ? cli_nt_session_open(smb_cli, PIPE_WINREG) : False; + /* open registry receive a policy handle */ - res = res ? reg_connect(srv_name, parent_key, parent_name, - &pol_con) : False; + res = res ? do_reg_connect(smb_cli, parent_key, parent_name, + &info->dom.reg_pol_connect) : False; if ((*parent_name) != 0) { /* open an entry */ - res3 = res ? reg_open_entry(&pol_con, + res3 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, parent_name, 0x02000000, &parent_pol) : False; } else { - memcpy(&parent_pol, &pol_con, sizeof(parent_pol)); + memcpy(&parent_pol, &info->dom.reg_pol_connect, sizeof(parent_pol)); } /* create an entry */ - res4 = res3 ? reg_create_key(&parent_pol, + res4 = res3 ? do_reg_create_key(smb_cli, &parent_pol, key_name, key_class, &sam_access, &key_pol) : False; /* flush the modified key */ - res4 = res4 ? reg_flush_key(&parent_pol) : False; + res4 = res4 ? do_reg_flush_key(smb_cli, &parent_pol) : False; /* close the key handle */ - res4 = res4 ? reg_close(&key_pol) : False; + res4 = res4 ? do_reg_close(smb_cli, &key_pol) : False; /* close the key handle */ if ((*parent_name) != 0) { - res3 = res3 ? reg_close(&parent_pol) : False; + res3 = res3 ? do_reg_close(smb_cli, &parent_pol) : False; } /* close the registry handles */ - res = res ? reg_close(&pol_con) : False; + res = res ? do_reg_close(smb_cli, &info->dom.reg_pol_connect) : False; + + /* close the session */ + cli_nt_session_close(smb_cli); if (res && res3 && res4) { DEBUG(5,("cmd_reg_create_key: query succeeded\n")); - report(out_hnd,"OK\n"); + fprintf(out_hnd,"OK\n"); } else { @@ -900,15 +717,14 @@ void cmd_reg_create_key(struct client_info *info, int argc, char *argv[]) /**************************************************************************** nt registry security info ****************************************************************************/ -void cmd_reg_test_key_sec(struct client_info *info, int argc, char *argv[]) +void cmd_reg_test_key_sec(struct client_info *info) { BOOL res = True; BOOL res3 = True; BOOL res4 = True; POLICY_HND key_pol; - POLICY_HND pol_con; - pstring full_keyname; + fstring full_keyname; fstring key_name; /* @@ -916,84 +732,76 @@ void cmd_reg_test_key_sec(struct client_info *info, int argc, char *argv[]) */ uint32 sec_buf_size; - SEC_DESC_BUF sec_buf; - uint32 sec_info = 0x7; - - fstring srv_name; + SEC_DESC_BUF *psdb; - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); + DEBUG(5, ("cmd_reg_get_key_sec: smb_cli->fd:%d\n", smb_cli->fd)); - if (argc < 2) + if (!next_token(NULL, full_keyname, NULL, sizeof(full_keyname))) { - report(out_hnd, "regtestkeysec \n"); + fprintf(out_hnd, "reggetsec \n"); return; } - split_server_keyname(srv_name, full_keyname, argv[1]); + /* open WINREG session. */ + res = res ? cli_nt_session_open(smb_cli, PIPE_WINREG) : False; /* open registry receive a policy handle */ - res = res ? reg_connect(srv_name, full_keyname, key_name, - &pol_con) : False; + res = res ? do_reg_connect(smb_cli, full_keyname, key_name, + &info->dom.reg_pol_connect) : False; if ((*key_name) != 0) { /* open an entry */ - res3 = res ? reg_open_entry(&pol_con, + res3 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, key_name, 0x02000000, &key_pol) : False; } else { - memcpy(&key_pol, &pol_con, sizeof(key_pol)); + memcpy(&key_pol, &info->dom.reg_pol_connect, sizeof(key_pol)); } /* open an entry */ - res3 = res ? reg_open_entry(&pol_con, + res3 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, key_name, 0x02000000, &key_pol) : False; /* query key sec info. first call sets sec_buf_size. */ - sec_buf_size = 0; - ZERO_STRUCT(sec_buf); - res4 = res3 ? reg_get_key_sec(&key_pol, - sec_info, - &sec_buf_size, &sec_buf) : False; + sec_buf_size = 0; + res4 = res3 ? do_reg_get_key_sec(smb_cli, &key_pol, + &sec_buf_size, &psdb) : False; - if (res4) - { - free_sec_desc_buf(&sec_buf); - } + free_sec_desc_buf(&psdb); - res4 = res4 ? reg_get_key_sec(&key_pol, - sec_info, - &sec_buf_size, &sec_buf) : False; + res4 = res4 ? do_reg_get_key_sec(smb_cli, &key_pol, + &sec_buf_size, &psdb) : False; - if (res4 && sec_buf.len > 0 && sec_buf.sec != NULL) + if (res4 && psdb->len > 0 && psdb->sec != NULL) { - display_sec_desc(out_hnd, ACTION_HEADER , sec_buf.sec); - display_sec_desc(out_hnd, ACTION_ENUMERATE, sec_buf.sec); - display_sec_desc(out_hnd, ACTION_FOOTER , sec_buf.sec); - - res4 = res4 ? reg_set_key_sec(&key_pol, - sec_info, sec_buf_size, sec_buf.sec) : False; + display_sec_desc(out_hnd, ACTION_HEADER , psdb->sec); + display_sec_desc(out_hnd, ACTION_ENUMERATE, psdb->sec); + display_sec_desc(out_hnd, ACTION_FOOTER , psdb->sec); - free_sec_desc_buf(&sec_buf); + res4 = res4 ? do_reg_set_key_sec(smb_cli, &key_pol, psdb) : False; } + free_sec_desc_buf(&psdb); + /* close the key handle */ if ((*key_name) != 0) { - res3 = res3 ? reg_close(&key_pol) : False; + res3 = res3 ? do_reg_close(smb_cli, &key_pol) : False; } /* close the registry handles */ - res = res ? reg_close(&pol_con) : False; + res = res ? do_reg_close(smb_cli, &info->dom.reg_pol_connect) : False; + + /* close the session */ + cli_nt_session_close(smb_cli); if (res && res3 && res4) { DEBUG(5,("cmd_reg_test2: query succeeded\n")); - report(out_hnd,"Registry Test2\n"); + fprintf(out_hnd,"Registry Test2\n"); } else { @@ -1004,15 +812,14 @@ void cmd_reg_test_key_sec(struct client_info *info, int argc, char *argv[]) /**************************************************************************** nt registry security info ****************************************************************************/ -void cmd_reg_get_key_sec(struct client_info *info, int argc, char *argv[]) +void cmd_reg_get_key_sec(struct client_info *info) { BOOL res = True; BOOL res3 = True; BOOL res4 = True; POLICY_HND key_pol; - POLICY_HND pol_con; - pstring full_keyname; + fstring full_keyname; fstring key_name; /* @@ -1020,76 +827,68 @@ void cmd_reg_get_key_sec(struct client_info *info, int argc, char *argv[]) */ uint32 sec_buf_size; - SEC_DESC_BUF sec_buf; - uint32 sec_info = 0x7; - - fstring srv_name; + SEC_DESC_BUF *psdb; - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); + DEBUG(5, ("cmd_reg_get_key_sec: smb_cli->fd:%d\n", smb_cli->fd)); - if (argc < 2) + if (!next_token(NULL, full_keyname, NULL, sizeof(full_keyname))) { - report(out_hnd, "reggetsec \n"); + fprintf(out_hnd, "reggetsec \n"); return; } - split_server_keyname(srv_name, full_keyname, argv[1]); + /* open WINREG session. */ + res = res ? cli_nt_session_open(smb_cli, PIPE_WINREG) : False; /* open registry receive a policy handle */ - res = res ? reg_connect(srv_name, full_keyname, key_name, - &pol_con) : False; + res = res ? do_reg_connect(smb_cli, full_keyname, key_name, + &info->dom.reg_pol_connect) : False; if ((*key_name) != 0) { /* open an entry */ - res3 = res ? reg_open_entry(&pol_con, + res3 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, key_name, 0x02000000, &key_pol) : False; } else { - memcpy(&key_pol, &pol_con, sizeof(key_pol)); + memcpy(&key_pol, &info->dom.reg_pol_connect, sizeof(key_pol)); } /* open an entry */ - res3 = res ? reg_open_entry(&pol_con, + res3 = res ? do_reg_open_entry(smb_cli, &info->dom.reg_pol_connect, key_name, 0x02000000, &key_pol) : False; - /* query key sec info. first call sets sec_buf_size. */ + /* Get the size. */ sec_buf_size = 0; - ZERO_STRUCT(sec_buf); - - res4 = res3 ? reg_get_key_sec(&key_pol, - sec_info, - &sec_buf_size, &sec_buf) : False; + res4 = res3 ? do_reg_get_key_sec(smb_cli, &key_pol, + &sec_buf_size, &psdb) : False; - if (res4) - { - free_sec_desc_buf(&sec_buf); - } + free_sec_desc_buf(&psdb); - res4 = res4 ? reg_get_key_sec(&key_pol, - sec_info, - &sec_buf_size, &sec_buf) : False; + res4 = res4 ? do_reg_get_key_sec(smb_cli, &key_pol, + &sec_buf_size, &psdb) : False; - if (res4 && sec_buf.len > 0 && sec_buf.sec != NULL) + if (res4 && psdb->len > 0 && psdb->sec != NULL) { - display_sec_desc(out_hnd, ACTION_HEADER , sec_buf.sec); - display_sec_desc(out_hnd, ACTION_ENUMERATE, sec_buf.sec); - display_sec_desc(out_hnd, ACTION_FOOTER , sec_buf.sec); - - free(sec_buf.sec); + display_sec_desc(out_hnd, ACTION_HEADER , psdb->sec); + display_sec_desc(out_hnd, ACTION_ENUMERATE, psdb->sec); + display_sec_desc(out_hnd, ACTION_FOOTER , psdb->sec); } + free_sec_desc_buf(&psdb); + /* close the key handle */ if ((*key_name) != 0) { - res3 = res3 ? reg_close(&key_pol) : False; + res3 = res3 ? do_reg_close(smb_cli, &key_pol) : False; } /* close the registry handles */ - res = res ? reg_close(&pol_con) : False; + res = res ? do_reg_close(smb_cli, &info->dom.reg_pol_connect) : False; + + /* close the session */ + cli_nt_session_close(smb_cli); if (res && res3 && res4) { @@ -1100,75 +899,3 @@ void cmd_reg_get_key_sec(struct client_info *info, int argc, char *argv[]) DEBUG(5,("cmd_reg_get_key_sec: query failed\n")); } } - -/**************************************************************************** -nt registry shutdown -****************************************************************************/ -void cmd_reg_shutdown(struct client_info *info, int argc, char *argv[]) -{ - BOOL res = True; - - fstring msg; - uint32 timeout = 20; - uint16 flgs = 0; - int opt; - - fstring srv_name; - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - while ((opt = getopt(argc, argv,"fim:t:r-")) != EOF) - { - switch (opt) - { - case 'm': - { - safe_strcpy(msg, optarg, sizeof(msg)-1); - break; - } - case 't': - { - timeout = atoi(optarg); - break; - } - case 'r': - { - flgs |= 0x100; - break; - } - case 'f': - { - flgs |= 0x100; - break; - } - case '-': - { - if (strequal(optarg, "-reboot")) - { - flgs |= 0x100; - } - if (strequal(optarg, "-force-close")) - { - flgs |= 0x001; - } - break; - } - } - } - - /* create an entry */ - res = res ? reg_shutdown(srv_name, msg, timeout, flgs) : False; - - if (res) - { - DEBUG(5,("cmd_reg_shutdown: query succeeded\n")); - report(out_hnd,"OK\n"); - } - else - { - DEBUG(5,("cmd_reg_shutdown: query failed\n")); - report(out_hnd,"Failed\n"); - } -} diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index a03393fbbd..023bf512e8 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -2,8 +2,8 @@ Unix SMB/Netbios implementation. Version 1.9. NT Domain Authentication SMB / MSRPC client - Copyright (C) Andrew Tridgell 1994-1999 - Copyright (C) Luke Kenneth Casson Leighton 1996-1999 + Copyright (C) Andrew Tridgell 1994-1997 + Copyright (C) Luke Kenneth Casson Leighton 1996-1997 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -33,104 +33,15 @@ extern int DEBUGLEVEL; #define DEBUG_TESTING -extern struct ntuser_creds *usr_creds; +extern struct cli_state *smb_cli; extern FILE* out_hnd; -static void sam_display_domain(const char *domain) -{ - report(out_hnd, "Domain Name: %s\n", domain); -} - -static void sam_display_dom_info(const char* domain, const DOM_SID *sid, - uint32 switch_value, - SAM_UNK_CTR *ctr) -{ - fstring sidstr; - sid_to_string(sidstr, sid); - report(out_hnd, "Domain Name:\t%s\tSID:\t%s\n", domain, sidstr); - display_sam_unk_ctr(out_hnd, ACTION_HEADER , switch_value, ctr); - display_sam_unk_ctr(out_hnd, ACTION_ENUMERATE, switch_value, ctr); - display_sam_unk_ctr(out_hnd, ACTION_FOOTER , switch_value, ctr); -} - -static void sam_display_alias_info(const char *domain, const DOM_SID *sid, - uint32 alias_rid, - ALIAS_INFO_CTR *const ctr) -{ - display_alias_info_ctr(out_hnd, ACTION_HEADER , ctr); - display_alias_info_ctr(out_hnd, ACTION_ENUMERATE, ctr); - display_alias_info_ctr(out_hnd, ACTION_FOOTER , ctr); -} - -static void sam_display_alias(const char *domain, const DOM_SID *sid, - uint32 alias_rid, const char *alias_name) -{ - report(out_hnd, "Alias RID: %8x Alias Name: %s\n", - alias_rid, alias_name); -} - -static void sam_display_alias_members(const char *domain, const DOM_SID *sid, - uint32 alias_rid, const char *alias_name, - uint32 num_names, - DOM_SID *const *const sids, - char *const *const name, - uint8 *const type) -{ - display_alias_members(out_hnd, ACTION_HEADER , num_names, name, type); - display_alias_members(out_hnd, ACTION_ENUMERATE, num_names, name, type); - display_alias_members(out_hnd, ACTION_FOOTER , num_names, name, type); -} - -static void sam_display_group_info(const char *domain, const DOM_SID *sid, - uint32 group_rid, - GROUP_INFO_CTR *const ctr) -{ - display_group_info_ctr(out_hnd, ACTION_HEADER , ctr); - display_group_info_ctr(out_hnd, ACTION_ENUMERATE, ctr); - display_group_info_ctr(out_hnd, ACTION_FOOTER , ctr); -} - -static void sam_display_group(const char *domain, const DOM_SID *sid, - uint32 group_rid, const char *group_name) -{ - report(out_hnd, "Group RID: %8x Group Name: %s\n", - group_rid, group_name); -} - -static void sam_display_group_members(const char *domain, const DOM_SID *sid, - uint32 group_rid, const char *group_name, - uint32 num_names, - const uint32 *rid_mem, - char *const *const name, - uint32 *const type) -{ - display_group_members(out_hnd, ACTION_HEADER , num_names, name, type); - display_group_members(out_hnd, ACTION_ENUMERATE, num_names, name, type); - display_group_members(out_hnd, ACTION_FOOTER , num_names, name, type); -} - -static void sam_display_user_info(const char *domain, const DOM_SID *sid, - uint32 user_rid, - SAM_USER_INFO_21 *const usr) -{ - display_sam_user_info_21(out_hnd, ACTION_HEADER , usr); - display_sam_user_info_21(out_hnd, ACTION_ENUMERATE, usr); - display_sam_user_info_21(out_hnd, ACTION_FOOTER , usr); -} - -static void sam_display_user(const char *domain, const DOM_SID *sid, - uint32 user_rid, const char *user_name) -{ - report(out_hnd, "User RID: %8x User Name: %s\n", - user_rid, user_name); -} - /**************************************************************************** SAM password change ****************************************************************************/ -void cmd_sam_ntchange_pwd(struct client_info *info, int argc, char *argv[]) +void cmd_sam_ntchange_pwd(struct client_info *info) { fstring srv_name; fstring domain; @@ -146,8 +57,6 @@ void cmd_sam_ntchange_pwd(struct client_info *info, int argc, char *argv[]) uchar lm_hshhash[16]; uchar lm_oldhash[16]; - struct cli_connection *con = NULL; - sid_to_string(sid, &info->dom.level5_sid); fstrcpy(domain, info->dom.level5_dom); @@ -155,7 +64,7 @@ void cmd_sam_ntchange_pwd(struct client_info *info, int argc, char *argv[]) fstrcat(srv_name, info->dest_host); strupper(srv_name); - report(out_hnd, "SAM NT Password Change\n"); + fprintf(out_hnd, "SAM NT Password Change\n"); #if 0 struct pwd_info new_pwd; @@ -164,13 +73,14 @@ void cmd_sam_ntchange_pwd(struct client_info *info, int argc, char *argv[]) new_passwd = (char*)getpass("New Password (ONCE ONLY - get it right :-)"); nt_lm_owf_gen(new_passwd, lm_newhash, nt_newhash); - pwd_get_lm_nt_16(&(usr_creds->pwd), lm_oldhash, nt_oldhash ); + pwd_get_lm_nt_16(&(smb_cli->pwd), lm_oldhash, nt_oldhash ); make_oem_passwd_hash(nt_newpass, new_passwd, nt_oldhash, True); make_oem_passwd_hash(lm_newpass, new_passwd, lm_oldhash, True); E_old_pw_hash(lm_newhash, lm_oldhash, lm_hshhash); E_old_pw_hash(lm_newhash, nt_oldhash, nt_hshhash); - usr_creds->ntlmssp_flags = NTLMSSP_NEGOTIATE_UNICODE | + cli_nt_set_ntlmssp_flgs(smb_cli, + NTLMSSP_NEGOTIATE_UNICODE | NTLMSSP_NEGOTIATE_OEM | NTLMSSP_NEGOTIATE_SIGN | NTLMSSP_NEGOTIATE_SEAL | @@ -178,29 +88,29 @@ void cmd_sam_ntchange_pwd(struct client_info *info, int argc, char *argv[]) NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_ALWAYS_SIGN | NTLMSSP_NEGOTIATE_00001000 | - NTLMSSP_NEGOTIATE_00002000; + NTLMSSP_NEGOTIATE_00002000); /* open SAMR session. */ - res = res ? cli_connection_init(srv_name, PIPE_SAMR, &con) : False; + res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False; /* establish a connection. */ - res = res ? samr_unknown_38(con, srv_name) : False; + res = res ? do_samr_unknown_38(smb_cli, srv_name) : False; /* establish a connection. */ - res = res ? samr_chgpasswd_user(con, - srv_name, usr_creds->user_name, + res = res ? do_samr_chgpasswd_user(smb_cli, + srv_name, smb_cli->user_name, nt_newpass, nt_hshhash, lm_newpass, lm_hshhash) : False; /* close the session */ - cli_connection_unlink(con); + cli_nt_session_close(smb_cli); if (res) { - report(out_hnd, "NT Password changed OK\n"); + fprintf(out_hnd, "NT Password changed OK\n"); } else { - report(out_hnd, "NT Password change FAILED\n"); + fprintf(out_hnd, "NT Password change FAILED\n"); } } @@ -208,9 +118,8 @@ void cmd_sam_ntchange_pwd(struct client_info *info, int argc, char *argv[]) /**************************************************************************** experimental SAM encryted rpc test connection ****************************************************************************/ -void cmd_sam_test(struct client_info *info, int argc, char *argv[]) +void cmd_sam_test(struct client_info *info) { - struct cli_connection *con = NULL; fstring srv_name; fstring domain; fstring sid; @@ -220,9 +129,9 @@ void cmd_sam_test(struct client_info *info, int argc, char *argv[]) fstrcpy(domain, info->dom.level5_dom); /* - if (sid1.num_auths == 0) + if (strlen(sid) == 0) { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); + fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); return; } */ @@ -230,9 +139,10 @@ void cmd_sam_test(struct client_info *info, int argc, char *argv[]) fstrcat(srv_name, info->dest_host); strupper(srv_name); - report(out_hnd, "SAM Encryption Test\n"); + fprintf(out_hnd, "SAM Encryption Test\n"); - usr_creds->ntlmssp_flags = NTLMSSP_NEGOTIATE_UNICODE | + cli_nt_set_ntlmssp_flgs(smb_cli, + NTLMSSP_NEGOTIATE_UNICODE | NTLMSSP_NEGOTIATE_OEM | NTLMSSP_NEGOTIATE_SIGN | NTLMSSP_NEGOTIATE_SEAL | @@ -240,13 +150,16 @@ void cmd_sam_test(struct client_info *info, int argc, char *argv[]) NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_ALWAYS_SIGN | NTLMSSP_NEGOTIATE_00001000 | - NTLMSSP_NEGOTIATE_00002000; + NTLMSSP_NEGOTIATE_00002000); /* open SAMR session. */ - res = res ? cli_connection_init(srv_name, PIPE_SAMR, &con) : False; + res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False; + + /* establish a connection. */ + res = res ? do_samr_unknown_38(smb_cli, srv_name) : False; /* close the session */ - cli_connection_unlink(con); + cli_nt_session_close(smb_cli); if (res) { @@ -258,2172 +171,510 @@ void cmd_sam_test(struct client_info *info, int argc, char *argv[]) } } + /**************************************************************************** -Lookup domain in SAM server. +experimental SAM users enum. ****************************************************************************/ -void cmd_sam_lookup_domain(struct client_info *info, int argc, char *argv[]) +void cmd_sam_enum_users(struct client_info *info) { fstring srv_name; - char *domain; - fstring str_sid; - DOM_SID dom_sid; + fstring domain; + fstring sid; + DOM_SID sid1; + int user_idx; BOOL res = True; - POLICY_HND sam_pol; + BOOL request_user_info = False; + BOOL request_group_info = False; + uint16 num_entries = 0; + uint16 unk_0 = 0x0; + uint16 acb_mask = 0; + uint16 unk_1 = 0x0; + uint32 admin_rid = 0x304; /* absolutely no idea. */ + fstring tmp; - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); + sid_to_string(sid, &info->dom.level5_sid); + fstrcpy(domain, info->dom.level5_dom); - if (argc < 2) + if (strlen(sid) == 0) { - report(out_hnd, "lookupdomain: \n"); + fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); return; } - domain = argv[1]; + init_dom_sid(&sid1, sid); - report(out_hnd, "Lookup Domain in SAM Server\n"); - - /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, - &sam_pol) : False; - - /* connect to the domain */ - res = res ? samr_query_lookup_domain( &sam_pol, domain, &dom_sid) : False; - - res = res ? samr_close(&sam_pol) : False; + fstrcpy(srv_name, "\\\\"); + fstrcat(srv_name, info->dest_host); + strupper(srv_name); - if (res) + /* a bad way to do token parsing... */ + if (next_token(NULL, tmp, NULL, sizeof(tmp))) { - DEBUG(5,("cmd_sam_lookup_domain: succeeded\n")); - - sid_to_string(str_sid, &dom_sid); - report(out_hnd, "%s SID: %s\n", domain, str_sid); - report(out_hnd, "Lookup Domain: OK\n"); + request_user_info |= strequal(tmp, "-u"); + request_group_info |= strequal(tmp, "-g"); } - else + + if (next_token(NULL, tmp, NULL, sizeof(tmp))) { - DEBUG(5,("cmd_sam_lookup_domain: failed\n")); - report(out_hnd, "Lookup Domain: FAILED\n"); + request_user_info |= strequal(tmp, "-u"); + request_group_info |= strequal(tmp, "-g"); } -} -/**************************************************************************** -SAM delete alias member. -****************************************************************************/ -void cmd_sam_del_aliasmem(struct client_info *info, int argc, char *argv[]) -{ - fstring srv_name; - fstring domain; - fstring sid; - DOM_SID sid1; - POLICY_HND alias_pol; - BOOL res = True; - BOOL res1 = True; - BOOL res2 = True; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ - DOM_SID member_sid; - uint32 alias_rid; - POLICY_HND sam_pol; - POLICY_HND pol_dom; - - sid_copy(&sid1, &info->dom.level5_sid); - sid_to_string(sid, &sid1); - fstrcpy(domain, info->dom.level5_dom); +#ifdef DEBUG_TESTING + if (next_token(NULL, tmp, NULL, sizeof(tmp))) + { + num_entries = (uint16)strtol(tmp, (char**)NULL, 16); + } - if (sid1.num_auths == 0) + if (next_token(NULL, tmp, NULL, sizeof(tmp))) { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; + unk_0 = (uint16)strtol(tmp, (char**)NULL, 16); } - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); + if (next_token(NULL, tmp, NULL, sizeof(tmp))) + { + acb_mask = (uint16)strtol(tmp, (char**)NULL, 16); + } - if (argc < 2) + if (next_token(NULL, tmp, NULL, sizeof(tmp))) { - report(out_hnd, "delaliasmem: [member sid1] [member sid2] ...\n"); - return; + unk_1 = (uint16)strtol(tmp, (char**)NULL, 16); } +#endif - argc--; - argv++; + fprintf(out_hnd, "SAM Enumerate Users\n"); + fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n", + info->myhostname, srv_name, domain, sid); - alias_rid = get_number(argv[0]); +#ifdef DEBUG_TESTING + DEBUG(5,("Number of entries:%d unk_0:%04x acb_mask:%04x unk_1:%04x\n", + num_entries, unk_0, acb_mask, unk_1)); +#endif - report(out_hnd, "SAM Domain Alias Member\n"); + /* open SAMR session. negotiate credentials */ + res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False; /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, - &sam_pol) : False; + res = res ? do_samr_connect(smb_cli, + srv_name, 0x00000020, + &info->dom.samr_pol_connect) : False; /* connect to the domain */ - res = res ? samr_open_domain( &sam_pol, ace_perms, &sid1, - &pol_dom) : False; + res = res ? do_samr_open_domain(smb_cli, + &info->dom.samr_pol_connect, admin_rid, &sid1, + &info->dom.samr_pol_open_domain) : False; - /* connect to the domain */ - res1 = res ? samr_open_alias( &pol_dom, - 0x000f001f, alias_rid, &alias_pol) : False; + /* read some users */ + res = res ? do_samr_enum_dom_users(smb_cli, + &info->dom.samr_pol_open_domain, + num_entries, unk_0, acb_mask, unk_1, 0xffff, + &info->dom.sam, &info->dom.num_sam_entries) : False; + + if (res && info->dom.num_sam_entries == 0) + { + fprintf(out_hnd, "No users\n"); + } - while (argc > 0 && res2 && res1) + if (request_user_info || request_group_info) { - argc--; - argv++; - /* get a sid, delete a member from the alias */ - res2 = res2 ? string_to_sid(&member_sid, argv[0]) : False; - res2 = res2 ? samr_del_aliasmem(&alias_pol, &member_sid) : False; + /* query all the users */ + user_idx = 0; - if (res2) + while (res && user_idx < info->dom.num_sam_entries) { - report(out_hnd, "SID deleted from Alias 0x%x: %s\n", alias_rid, argv[0]); + uint32 user_rid = info->dom.sam[user_idx].smb_userid; + SAM_USER_INFO_21 usr; + + fprintf(out_hnd, "User RID: %8x User Name: %s\n", + user_rid, + info->dom.sam[user_idx].acct_name); + + if (request_user_info) + { + /* send user info query, level 0x15 */ + if (get_samr_query_userinfo(smb_cli, + &info->dom.samr_pol_open_domain, + 0x15, user_rid, &usr)) + { + display_sam_user_info_21(out_hnd, ACTION_HEADER , &usr); + display_sam_user_info_21(out_hnd, ACTION_ENUMERATE, &usr); + display_sam_user_info_21(out_hnd, ACTION_FOOTER , &usr); + } + } + + if (request_group_info) + { + uint32 num_groups; + DOM_GID gid[LSA_MAX_GROUPS]; + + /* send user group query */ + if (get_samr_query_usergroups(smb_cli, + &info->dom.samr_pol_open_domain, + user_rid, &num_groups, gid)) + { + display_group_rid_info(out_hnd, ACTION_HEADER , num_groups, gid); + display_group_rid_info(out_hnd, ACTION_ENUMERATE, num_groups, gid); + display_group_rid_info(out_hnd, ACTION_FOOTER , num_groups, gid); + } + } + + user_idx++; } } - res1 = res1 ? samr_close(&alias_pol) : False; - res = res ? samr_close(&pol_dom) : False; - res = res ? samr_close(&sam_pol) : False; + res = res ? do_samr_close(smb_cli, + &info->dom.samr_pol_open_domain) : False; + + res = res ? do_samr_close(smb_cli, + &info->dom.samr_pol_connect) : False; + + /* close the session */ + cli_nt_session_close(smb_cli); + + if (info->dom.sam != NULL) + { + free(info->dom.sam); + } - if (res && res1 && res2) + if (res) { - DEBUG(5,("cmd_sam_del_aliasmem: succeeded\n")); - report(out_hnd, "Delete Domain Alias Member: OK\n"); + DEBUG(5,("cmd_sam_enum_users: succeeded\n")); } else { - DEBUG(5,("cmd_sam_del_aliasmem: failed\n")); - report(out_hnd, "Delete Domain Alias Member: FAILED\n"); + DEBUG(5,("cmd_sam_enum_users: failed\n")); } } + /**************************************************************************** -SAM delete alias. +experimental SAM user query. ****************************************************************************/ -void cmd_sam_delete_dom_alias(struct client_info *info, int argc, char *argv[]) +void cmd_sam_query_user(struct client_info *info) { fstring srv_name; fstring domain; - char *name; fstring sid; DOM_SID sid1; - POLICY_HND alias_pol; + int user_idx = 0; /* FIXME maybe ... */ BOOL res = True; - BOOL res1 = True; - BOOL res2 = True; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ - uint32 alias_rid = 0; - char *names[1]; - uint32 rid [MAX_LOOKUP_SIDS]; - uint32 type[MAX_LOOKUP_SIDS]; - uint32 num_rids; - POLICY_HND sam_pol; - POLICY_HND pol_dom; - - sid_copy(&sid1, &info->dom.level5_sid); - sid_to_string(sid, &sid1); + uint32 admin_rid = 0x304; /* absolutely no idea. */ + fstring rid_str ; + fstring info_str; + uint32 user_rid = 0; + uint32 info_level = 0x15; + + SAM_USER_INFO_21 usr; + + sid_to_string(sid, &info->dom.level5_sid); fstrcpy(domain, info->dom.level5_dom); - if (sid1.num_auths == 0) + if (strlen(sid) == 0) { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); + fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); return; } + init_dom_sid(&sid1, sid); + fstrcpy(srv_name, "\\\\"); fstrcat(srv_name, info->dest_host); strupper(srv_name); - if (argc < 2) + if (next_token(NULL, rid_str , NULL, sizeof(rid_str )) && + next_token(NULL, info_str, NULL, sizeof(info_str))) { - report(out_hnd, "delalias \n"); - return; + user_rid = (uint32)strtol(rid_str , (char**)NULL, 16); + info_level = (uint32)strtol(info_str, (char**)NULL, 10); } - name = argv[1]; + fprintf(out_hnd, "SAM Query User: rid %x info level %d\n", + user_rid, info_level); + fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n", + info->myhostname, srv_name, domain, sid); - report(out_hnd, "SAM Delete Domain Alias\n"); + /* open SAMR session. negotiate credentials */ + res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False; /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, - &sam_pol) : False; + res = res ? do_samr_connect(smb_cli, + srv_name, 0x00000020, + &info->dom.samr_pol_connect) : False; /* connect to the domain */ - res = res ? samr_open_domain( &sam_pol, ace_perms, &sid1, - &pol_dom) : False; + res = res ? do_samr_open_domain(smb_cli, + &info->dom.samr_pol_connect, admin_rid, &sid1, + &info->dom.samr_pol_open_domain) : False; - names[0] = name; + fprintf(out_hnd, "User RID: %8x User Name: %s\n", + user_rid, + info->dom.sam[user_idx].acct_name); - res1 = res ? samr_query_lookup_names( &pol_dom, 0x000003e8, - 1, names, - &num_rids, rid, type) : False; - - if (res1 && num_rids == 1) + /* send user info query, level */ + if (get_samr_query_userinfo(smb_cli, + &info->dom.samr_pol_open_domain, + info_level, user_rid, &usr)) { - alias_rid = rid[0]; + if (info_level == 0x15) + { + display_sam_user_info_21(out_hnd, ACTION_HEADER , &usr); + display_sam_user_info_21(out_hnd, ACTION_ENUMERATE, &usr); + display_sam_user_info_21(out_hnd, ACTION_FOOTER , &usr); + } } - /* connect to the domain */ - res1 = res1 ? samr_open_alias( &pol_dom, - 0x000f001f, alias_rid, &alias_pol) : False; + res = res ? do_samr_close(smb_cli, + &info->dom.samr_pol_connect) : False; - res2 = res1 ? samr_delete_dom_alias(&alias_pol) : False; + res = res ? do_samr_close(smb_cli, + &info->dom.samr_pol_open_domain) : False; - res1 = res1 ? samr_close(&alias_pol) : False; - res = res ? samr_close(&pol_dom) : False; - res = res ? samr_close(&sam_pol) : False; + /* close the session */ + cli_nt_session_close(smb_cli); - if (res && res1 && res2) + if (res) { - DEBUG(5,("cmd_sam_delete_dom_alias: succeeded\n")); - report(out_hnd, "Delete Domain Alias: OK\n"); + DEBUG(5,("cmd_sam_query_user: succeeded\n")); } else { - DEBUG(5,("cmd_sam_delete_dom_alias: failed\n")); - report(out_hnd, "Delete Domain Alias: FAILED\n"); + DEBUG(5,("cmd_sam_query_user: failed\n")); } } + /**************************************************************************** -SAM add alias member. +experimental SAM groups query. ****************************************************************************/ -void cmd_sam_add_aliasmem(struct client_info *info, int argc, char *argv[]) +void cmd_sam_query_groups(struct client_info *info) { fstring srv_name; fstring domain; - fstring tmp; fstring sid; DOM_SID sid1; - POLICY_HND alias_pol; BOOL res = True; - BOOL res1 = True; - BOOL res2 = True; - BOOL res3 = True; - BOOL res4 = True; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ - uint32 alias_rid; - char **names = NULL; - int num_names = 0; - DOM_SID *sids = NULL; - int num_sids = 0; - int i; - POLICY_HND sam_pol; - POLICY_HND pol_dom; - POLICY_HND lsa_pol; - - sid_copy(&sid1, &info->dom.level5_sid); - sid_to_string(sid, &sid1); + fstring info_str; + uint32 switch_value = 2; + uint32 admin_rid = 0x304; /* absolutely no idea. */ + + sid_to_string(sid, &info->dom.level5_sid); fstrcpy(domain, info->dom.level5_dom); - if (sid1.num_auths == 0) + if (strlen(sid) == 0) { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); + fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); return; } + init_dom_sid(&sid1, sid); + fstrcpy(srv_name, "\\\\"); fstrcat(srv_name, info->dest_host); strupper(srv_name); - if (argc < 2) + if (next_token(NULL, info_str, NULL, sizeof(info_str))) { - report(out_hnd, "addaliasmem [member name1] [member name2] ...\n"); - return; + switch_value = (uint32)strtol(info_str, (char**)NULL, 10); } - - num_names = argc+1; - names = argv+1; - - report(out_hnd, "SAM Domain Alias Member\n"); - - /* lookup domain controller; receive a policy handle */ - res3 = res3 ? lsa_open_policy(srv_name, - &lsa_pol, True) : False; - - /* send lsa lookup sids call */ - res4 = res3 ? lsa_lookup_names(&lsa_pol, - num_names, names, - &sids, NULL, &num_sids) : False; - - res3 = res3 ? lsa_close(&lsa_pol) : False; - - res4 = num_sids < 2 ? False : res4; - - if (res4) - { - /* - * accept domain sid or builtin sid - */ - DOM_SID sid_1_5_20; - string_to_sid(&sid_1_5_20, "S-1-5-32"); - sid_split_rid(&sids[0], &alias_rid); + fprintf(out_hnd, "SAM Query Groups: info level %d\n", switch_value); + fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n", + info->myhostname, srv_name, domain, sid); - if (sid_equal(&sids[0], &sid_1_5_20)) - { - sid_copy(&sid1, &sid_1_5_20); - } - else if (!sid_equal(&sids[0], &sid1)) - { - res4 = False; - } - } + /* open SAMR session. negotiate credentials */ + res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False; /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, - &sam_pol) : False; - - /* connect to the domain */ - res = res ? samr_open_domain( &sam_pol, ace_perms, &sid1, - &pol_dom) : False; + res = res ? do_samr_connect(smb_cli, + srv_name, 0x00000020, + &info->dom.samr_pol_connect) : False; /* connect to the domain */ - res1 = res ? samr_open_alias( &pol_dom, - 0x000f001f, alias_rid, &alias_pol) : False; + res = res ? do_samr_open_domain(smb_cli, + &info->dom.samr_pol_connect, admin_rid, &sid1, + &info->dom.samr_pol_open_domain) : False; - for (i = 1; i < num_sids && res2 && res1; i++) - { - /* add a member to the alias */ - res2 = res2 ? samr_add_aliasmem(&alias_pol, &sids[i]) : False; + /* send a samr 0x8 command */ + res = res ? do_samr_query_dom_info(smb_cli, + &info->dom.samr_pol_open_domain, switch_value) : False; - if (res2) - { - sid_to_string(tmp, &sids[i]); - report(out_hnd, "SID added to Alias 0x%x: %s\n", alias_rid, tmp); - } - } + res = res ? do_samr_close(smb_cli, + &info->dom.samr_pol_connect) : False; - res1 = res1 ? samr_close(&alias_pol) : False; - res = res ? samr_close(&pol_dom) : False; - res = res ? samr_close(&sam_pol) : False; + res = res ? do_samr_close(smb_cli, + &info->dom.samr_pol_open_domain) : False; - if (sids != NULL) - { - free(sids); - } - - free_char_array(num_names, names); + /* close the session */ + cli_nt_session_close(smb_cli); - if (res && res1 && res2) + if (res) { - DEBUG(5,("cmd_sam_add_aliasmem: succeeded\n")); - report(out_hnd, "Add Domain Alias Member: OK\n"); + DEBUG(5,("cmd_sam_query_groups: succeeded\n")); } else { - DEBUG(5,("cmd_sam_add_aliasmem: failed\n")); - report(out_hnd, "Add Domain Alias Member: FAILED\n"); + DEBUG(5,("cmd_sam_query_groups: failed\n")); } } -#if 0 /**************************************************************************** -SAM create domain user. +experimental SAM aliases query. ****************************************************************************/ -void cmd_sam_create_dom_trusting(struct client_info *info, int argc, char *argv[]) +void cmd_sam_enum_aliases(struct client_info *info) { - fstring local_domain; - fstring local_pdc; - - char *trusting_domain; - char *trusting_pdc; - fstring password; - + fstring srv_name; + fstring domain; fstring sid; DOM_SID sid1; - uint32 user_rid; - - sid_copy(&sid1, &info->dom.level5_sid); - sid_to_string(sid, &sid1); - fstrcpy(domain, info->dom.level5_dom); + BOOL res = True; + BOOL request_user_info = False; + BOOL request_alias_info = False; + uint32 admin_rid = 0x304; /* absolutely no idea. */ + fstring tmp; - if (sid1.num_auths == 0) - { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; - } + uint32 num_aliases = 3; + uint32 alias_rid[3] = { DOMAIN_GROUP_RID_ADMINS, DOMAIN_GROUP_RID_USERS, DOMAIN_GROUP_RID_GUESTS }; + fstring alias_names [3]; + uint32 num_als_usrs[3]; - if (argc < 3) + sid_to_string(sid, &info->dom.level3_sid); + fstrcpy(domain, info->dom.level3_dom); +#if 0 + fstrcpy(sid , "S-1-5-20"); +#endif + if (strlen(sid) == 0) { - report(out_hnd, "createtrusting: [password]\n"); + fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); return; } - argc--; - argv++; - - trusting_domain = argv[0]; - - argc--; - argv++; - - trusting_pdc = argv[0]; - - argc--; - argv++; - - if (argc > 0) - { - safe_strcpy(password, argv[0], sizeof(password)-1); - } - else - { - fstring pass_str; - char *pass; - slprintf(pass_str, sizeof(pass_str)-1, "Enter %s's Password:", - user_name); - pass = (char*)getpass(pass_str); - - if (pass != NULL) - { - safe_strcpy(password, pass, sizeof(password)-1); - set_passwd = True; - } - } - report(out_hnd, "SAM Create Domain Trusting Account\n"); - - if (msrpc_sam_create_dom_user(srv_name, - acct_name, ACB_WSTRUST, &user_rid)) - { - report(out_hnd, "Create Domain User: OK\n"); - } - else - { - report(out_hnd, "Create Domain User: FAILED\n"); - } -} -#endif - -/**************************************************************************** -SAM create domain user. -****************************************************************************/ -void cmd_sam_create_dom_user(struct client_info *info, int argc, char *argv[]) -{ - fstring domain; - fstring acct_name; - fstring name; - fstring sid; - DOM_SID sid1; - uint32 user_rid; - uint16 acb_info = ACB_NORMAL; - BOOL join_domain = False; - int opt; - char *password = NULL; - int plen = 0; - int len = 0; - UNISTR2 upw; + init_dom_sid(&sid1, sid); - fstring srv_name; fstrcpy(srv_name, "\\\\"); fstrcat(srv_name, info->dest_host); strupper(srv_name); - - sid_copy(&sid1, &info->dom.level5_sid); - sid_to_string(sid, &sid1); - fstrcpy(domain, info->dom.level5_dom); - - if (sid1.num_auths == 0) + /* a bad way to do token parsing... */ + if (next_token(NULL, tmp, NULL, sizeof(tmp))) { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; + request_user_info |= strequal(tmp, "-u"); + request_alias_info |= strequal(tmp, "-g"); } - if (argc < 2) + if (next_token(NULL, tmp, NULL, sizeof(tmp))) { - report(out_hnd, "createuser: [-i] [-s] [-j]\n"); - return; + request_user_info |= strequal(tmp, "-u"); + request_alias_info |= strequal(tmp, "-g"); } - argc--; - argv++; + fprintf(out_hnd, "SAM Enumerate Aliases\n"); + fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n", + info->myhostname, srv_name, domain, sid); - safe_strcpy(acct_name, argv[0], sizeof(acct_name)); - len = strlen(acct_name)-1; - if (acct_name[len] == '$') - { - safe_strcpy(name, argv[0], sizeof(name)); - name[len] = 0; - acb_info = ACB_WSTRUST; - } + /* open SAMR session. negotiate credentials */ + res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False; - while ((opt = getopt(argc, argv,"isj")) != EOF) - { - switch (opt) - { - case 'i': - { - acb_info = ACB_DOMTRUST; - break; - } - case 's': - { - acb_info = ACB_SVRTRUST; - break; - } - case 'j': - { - join_domain = True; - } - } - } + /* establish a connection. */ + res = res ? do_samr_connect(smb_cli, + srv_name, 0x00000020, + &info->dom.samr_pol_connect) : False; + + /* connect to the domain */ + res = res ? do_samr_open_domain(smb_cli, + &info->dom.samr_pol_connect, admin_rid, &sid1, + &info->dom.samr_pol_open_domain) : False; + + /* send a query on the aliase */ + res = res ? do_samr_query_unknown_12(smb_cli, + &info->dom.samr_pol_open_domain, admin_rid, num_aliases, alias_rid, + &num_aliases, alias_names, num_als_usrs) : False; - if (join_domain && acb_info == ACB_NORMAL) + if (res) { - report(out_hnd, "can only join trust accounts to a domain\n"); - return; + display_alias_name_info(out_hnd, ACTION_HEADER , num_aliases, alias_names, num_als_usrs); + display_alias_name_info(out_hnd, ACTION_ENUMERATE, num_aliases, alias_names, num_als_usrs); + display_alias_name_info(out_hnd, ACTION_FOOTER , num_aliases, alias_names, num_als_usrs); } - report(out_hnd, "SAM Create Domain User\n"); - report(out_hnd, "Domain: %s Name: %s ACB: %s\n", - domain, acct_name, - pwdb_encode_acct_ctrl(acb_info, NEW_PW_FORMAT_SPACE_PADDED_LEN)); +#if 0 + + /* read some users */ + res = res ? do_samr_enum_dom_users(smb_cli, + &info->dom.samr_pol_open_domain, + num_entries, unk_0, acb_mask, unk_1, 0xffff, + info->dom.sam, &info->dom.num_sam_entries) : False; - if (acb_info == ACB_WSTRUST || acb_info == ACB_SVRTRUST) + if (res && info->dom.num_sam_entries == 0) { - upw.uni_str_len = 12; - upw.uni_max_len = 12; - generate_random_buffer((uchar*)upw.buffer, - upw.uni_str_len*2, True); - password = (char*)upw.buffer; - plen = upw.uni_str_len * 2; + fprintf(out_hnd, "No users\n"); } - if (msrpc_sam_create_dom_user(srv_name, &sid1, - acct_name, acb_info, password, plen, - &user_rid)) + if (request_user_info || request_alias_info) { - report(out_hnd, "Create Domain User: OK\n"); + /* query all the users */ + user_idx = 0; - if (join_domain) + while (res && user_idx < info->dom.num_sam_entries) { - uchar ntpw[16]; - - nt_owf_genW(&upw, ntpw); + uint32 user_rid = info->dom.sam[user_idx].smb_userid; + SAM_USER_INFO_21 usr; - strupper(domain); - strupper(name); + fprintf(out_hnd, "User RID: %8x User Name: %s\n", + user_rid, + info->dom.sam[user_idx].acct_name); - report(out_hnd, "Join %s to Domain %s", name, domain); - if (create_trust_account_file(domain, name, ntpw)) + if (request_user_info) { - report(out_hnd, ": OK\n"); + /* send user info query, level 0x15 */ + if (get_samr_query_userinfo(smb_cli, + &info->dom.samr_pol_open_domain, + 0x15, user_rid, &usr)) + { + display_sam_user_info_21(out_hnd, ACTION_HEADER , &usr); + display_sam_user_info_21(out_hnd, ACTION_ENUMERATE, &usr); + display_sam_user_info_21(out_hnd, ACTION_FOOTER , &usr); + } } - else + + if (request_alias_info) { - report(out_hnd, ": FAILED\n"); + uint32 num_aliases; + DOM_GID gid[LSA_MAX_GROUPS]; + + /* send user aliase query */ + if (get_samr_query_useraliases(smb_cli, + &info->dom.samr_pol_open_domain, + user_rid, &num_aliases, gid)) + { + display_alias_info(out_hnd, ACTION_HEADER , num_aliases, gid); + display_alias_info(out_hnd, ACTION_ENUMERATE, num_aliases, gid); + display_alias_info(out_hnd, ACTION_FOOTER , num_aliases, gid); + } } + + user_idx++; } } - else - { - report(out_hnd, "Create Domain User: FAILED\n"); - } -} +#endif + res = res ? do_samr_close(smb_cli, + &info->dom.samr_pol_connect) : False; -/**************************************************************************** -SAM create domain alias. -****************************************************************************/ -void cmd_sam_create_dom_alias(struct client_info *info, int argc, char *argv[]) -{ - fstring srv_name; - fstring domain; - char *acct_name; - fstring acct_desc; - fstring sid; - DOM_SID sid1; - BOOL res = True; - BOOL res1 = True; - uint32 ace_perms = 0x02000000; /* permissions */ - uint32 alias_rid; - POLICY_HND sam_pol; - POLICY_HND pol_dom; - - sid_copy(&sid1, &info->dom.level5_sid); - sid_to_string(sid, &sid1); - fstrcpy(domain, info->dom.level5_dom); + res = res ? do_samr_close(smb_cli, + &info->dom.samr_pol_open_domain) : False; - if (sid1.num_auths == 0) + /* close the session */ + cli_nt_session_close(smb_cli); + + if (res) { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; + DEBUG(5,("cmd_sam_enum_users: succeeded\n")); } - - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - if (argc < 2) + else { - report(out_hnd, "createalias: [acct description]\n"); + DEBUG(5,("cmd_sam_enum_users: failed\n")); } +} - acct_name = argv[1]; - - if (argc < 3) - { - acct_desc[0] = 0; - } - else - { - safe_strcpy(acct_desc, argv[2], sizeof(acct_desc)-1); - } - - report(out_hnd, "SAM Create Domain Alias\n"); - report(out_hnd, "Domain: %s Name: %s Description: %s\n", - domain, acct_name, acct_desc); - - /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, - &sam_pol) : False; - - /* connect to the domain */ - res = res ? samr_open_domain( &sam_pol, ace_perms, &sid1, - &pol_dom) : False; - - /* create a domain alias */ - res1 = res ? create_samr_domain_alias( &pol_dom, - acct_name, acct_desc, &alias_rid) : False; - - res = res ? samr_close( &pol_dom) : False; - - res = res ? samr_close( &sam_pol) : False; - - if (res && res1) - { - DEBUG(5,("cmd_sam_create_dom_alias: succeeded\n")); - report(out_hnd, "Create Domain Alias: OK\n"); - } - else - { - DEBUG(5,("cmd_sam_create_dom_alias: failed\n")); - report(out_hnd, "Create Domain Alias: FAILED\n"); - } -} - - -/**************************************************************************** -SAM delete group member. -****************************************************************************/ -void cmd_sam_del_groupmem(struct client_info *info, int argc, char *argv[]) -{ - fstring srv_name; - fstring domain; - fstring sid; - DOM_SID sid1; - POLICY_HND pol_grp; - BOOL res = True; - BOOL res1 = True; - BOOL res2 = True; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ - uint32 member_rid; - uint32 group_rid; - POLICY_HND sam_pol; - POLICY_HND pol_dom; - - sid_copy(&sid1, &info->dom.level5_sid); - sid_to_string(sid, &sid1); - fstrcpy(domain, info->dom.level5_dom); - - if (sid1.num_auths == 0) - { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; - } - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - if (argc < 2) - { - report(out_hnd, "delgroupmem: [member rid1] [member rid2] ...\n"); - return; - } - - argc--; - argv++; - - group_rid = get_number(argv[0]); - - report(out_hnd, "SAM Add Domain Group member\n"); - - /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, - &sam_pol) : False; - - /* connect to the domain */ - res = res ? samr_open_domain( &sam_pol, ace_perms, &sid1, - &pol_dom) : False; - - /* connect to the domain */ - res1 = res ? samr_open_group( &pol_dom, - 0x0000001f, group_rid, &pol_grp) : False; - - while (argc > 0 && res2 && res1) - { - argc--; - argv++; - - /* get a rid, delete a member from the group */ - member_rid = get_number(argv[0]); - res2 = res2 ? samr_del_groupmem(&pol_grp, member_rid) : False; - - if (res2) - { - report(out_hnd, "RID deleted from Group 0x%x: 0x%x\n", group_rid, member_rid); - } - } - - res1 = res1 ? samr_close(&pol_grp) : False; - res = res ? samr_close(&pol_dom) : False; - res = res ? samr_close(&sam_pol) : False; - - if (res && res1 && res2) - { - DEBUG(5,("cmd_sam_del_groupmem: succeeded\n")); - report(out_hnd, "Add Domain Group Member: OK\n"); - } - else - { - DEBUG(5,("cmd_sam_del_groupmem: failed\n")); - report(out_hnd, "Add Domain Group Member: FAILED\n"); - } -} - - -/**************************************************************************** -SAM delete group. -****************************************************************************/ -void cmd_sam_delete_dom_group(struct client_info *info, int argc, char *argv[]) -{ - fstring srv_name; - fstring domain; - char *name; - fstring sid; - DOM_SID sid1; - POLICY_HND pol_grp; - BOOL res = True; - BOOL res1 = True; - BOOL res2 = True; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ - uint32 group_rid = 0; - char *names[1]; - uint32 rid [MAX_LOOKUP_SIDS]; - uint32 type[MAX_LOOKUP_SIDS]; - uint32 num_rids; - POLICY_HND sam_pol; - POLICY_HND pol_dom; - - sid_copy(&sid1, &info->dom.level5_sid); - sid_to_string(sid, &sid1); - fstrcpy(domain, info->dom.level5_dom); - - if (sid1.num_auths == 0) - { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; - } - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - if (argc < 2) - { - report(out_hnd, "delgroup \n"); - return; - } - - name = argv[1]; - - report(out_hnd, "SAM Delete Domain Group\n"); - - /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, - &sam_pol) : False; - - /* connect to the domain */ - res = res ? samr_open_domain( &sam_pol, ace_perms, &sid1, - &pol_dom) : False; - - names[0] = name; - - res1 = res ? samr_query_lookup_names( &pol_dom, 0x000003e8, - 1, names, - &num_rids, rid, type) : False; - - if (res1 && num_rids == 1) - { - group_rid = rid[0]; - } - - /* connect to the domain */ - res1 = res1 ? samr_open_group( &pol_dom, - 0x0000001f, group_rid, &pol_grp) : False; - - res2 = res1 ? samr_delete_dom_group(&pol_grp) : False; - - res1 = res1 ? samr_close(&pol_grp) : False; - res = res ? samr_close(&pol_dom) : False; - res = res ? samr_close(&sam_pol) : False; - - if (res && res1 && res2) - { - DEBUG(5,("cmd_sam_delete_dom_group: succeeded\n")); - report(out_hnd, "Delete Domain Group: OK\n"); - } - else - { - DEBUG(5,("cmd_sam_delete_dom_group: failed\n")); - report(out_hnd, "Delete Domain Group: FAILED\n"); - } -} - - -/**************************************************************************** -SAM add group member. -****************************************************************************/ -void cmd_sam_add_groupmem(struct client_info *info, int argc, char *argv[]) -{ - fstring srv_name; - fstring domain; - fstring sid; - DOM_SID sid1; - POLICY_HND pol_grp; - BOOL res = True; - BOOL res1 = True; - BOOL res2 = True; - BOOL res3 = True; - BOOL res4 = True; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ - uint32 group_rid[1]; - uint32 group_type[1]; - char **names = NULL; - uint32 num_names = 0; - fstring group_name; - char *group_names[1]; - uint32 rid [MAX_LOOKUP_SIDS]; - uint32 type[MAX_LOOKUP_SIDS]; - uint32 num_rids; - uint32 num_group_rids; - uint32 i; - DOM_SID sid_1_5_20; - POLICY_HND sam_pol; - POLICY_HND pol_dom; - POLICY_HND pol_blt; - - string_to_sid(&sid_1_5_20, "S-1-5-32"); - - sid_copy(&sid1, &info->dom.level5_sid); - sid_to_string(sid, &sid1); - fstrcpy(domain, info->dom.level5_dom); - - if (sid1.num_auths == 0) - { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; - } - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - if (argc < 3) - { - report(out_hnd, "addgroupmem [member name1] [member name2] ...\n"); - return; - } - - argc--; - argv++; - - group_names[0] = argv[0]; - - argc--; - argv++; - - num_names = argc; - names = argv; - - report(out_hnd, "SAM Add Domain Group member\n"); - - /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, - &sam_pol) : False; - - /* connect to the domain */ - res4 = res ? samr_open_domain( &sam_pol, ace_perms, &sid1, - &pol_dom) : False; - - /* connect to the domain */ - res3 = res ? samr_open_domain( &sam_pol, ace_perms, &sid_1_5_20, - &pol_blt) : False; - - res2 = res4 ? samr_query_lookup_names( &pol_dom, 0x000003e8, - 1, group_names, - &num_group_rids, group_rid, group_type) : False; - - /* open the group */ - res2 = res2 ? samr_open_group( &pol_dom, - 0x0000001f, group_rid[0], &pol_grp) : False; - - if (!res2 || (group_type != NULL && group_type[0] == SID_NAME_UNKNOWN)) - { - res2 = res3 ? samr_query_lookup_names( &pol_blt, 0x000003e8, - 1, group_names, - &num_group_rids, group_rid, group_type) : False; - - /* open the group */ - res2 = res2 ? samr_open_group( &pol_blt, - 0x0000001f, group_rid[0], &pol_grp) : False; - } - - if (res2 && group_type[0] == SID_NAME_ALIAS) - { - report(out_hnd, "%s is a local alias, not a group. Use addaliasmem command instead\n", - group_name); - return; - } - res1 = res2 ? samr_query_lookup_names( &pol_dom, 0x000003e8, - num_names, names, - &num_rids, rid, type) : False; - - if (num_rids == 0) - { - report(out_hnd, "Member names not known\n"); - } - for (i = 0; i < num_rids && res2 && res1; i++) - { - if (type[i] == SID_NAME_UNKNOWN) - { - report(out_hnd, "Name %s unknown\n", names[i]); - } - else - { - if (samr_add_groupmem(&pol_grp, rid[i])) - { - report(out_hnd, "RID added to Group 0x%x: 0x%x\n", - group_rid[0], rid[i]); - } - } - } - - res1 = res ? samr_close(&pol_grp) : False; - res1 = res3 ? samr_close(&pol_blt) : False; - res1 = res4 ? samr_close(&pol_dom) : False; - res = res ? samr_close(&sam_pol) : False; - - free_char_array(num_names, names); - - if (res && res1 && res2) - { - DEBUG(5,("cmd_sam_add_groupmem: succeeded\n")); - report(out_hnd, "Add Domain Group Member: OK\n"); - } - else - { - DEBUG(5,("cmd_sam_add_groupmem: failed\n")); - report(out_hnd, "Add Domain Group Member: FAILED\n"); - } -#if 0 - if (group_rid != NULL) - { - free(group_rid); - } - if (group_type != NULL) - { - free(group_type); - } -#endif -} - - -/**************************************************************************** -SAM create domain group. -****************************************************************************/ -void cmd_sam_create_dom_group(struct client_info *info, int argc, char *argv[]) -{ - fstring srv_name; - fstring domain; - char *acct_name; - fstring acct_desc; - fstring sid; - DOM_SID sid1; - BOOL res = True; - BOOL res1 = True; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ - uint32 group_rid; - POLICY_HND sam_pol; - POLICY_HND pol_dom; - - sid_copy(&sid1, &info->dom.level5_sid); - sid_to_string(sid, &sid1); - fstrcpy(domain, info->dom.level5_dom); - - if (sid1.num_auths == 0) - { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; - } - - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - if (argc < 2) - { - report(out_hnd, "creategroup: [acct description]\n"); - } - - acct_name = argv[1]; - - if (argc < 3) - { - acct_desc[0] = 0; - } - else - { - safe_strcpy(acct_desc, argv[2], sizeof(acct_desc)-1); - } - - - report(out_hnd, "SAM Create Domain Group\n"); - report(out_hnd, "Domain: %s Name: %s Description: %s\n", - domain, acct_name, acct_desc); - - /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, - &sam_pol) : False; - - /* connect to the domain */ - res = res ? samr_open_domain( &sam_pol, ace_perms, &sid1, - &pol_dom) : False; - - /* read some users */ - res1 = res ? create_samr_domain_group( &pol_dom, - acct_name, acct_desc, &group_rid) : False; - - res = res ? samr_close( &pol_dom) : False; - - res = res ? samr_close( &sam_pol) : False; - - if (res && res1) - { - DEBUG(5,("cmd_sam_create_dom_group: succeeded\n")); - report(out_hnd, "Create Domain Group: OK\n"); - } - else - { - DEBUG(5,("cmd_sam_create_dom_group: failed\n")); - report(out_hnd, "Create Domain Group: FAILED\n"); - } -} - -/**************************************************************************** -experimental SAM users enum. -****************************************************************************/ -void cmd_sam_enum_users(struct client_info *info, int argc, char *argv[]) -{ - BOOL request_user_info = False; - BOOL request_group_info = False; - BOOL request_alias_info = False; - struct acct_info *sam = NULL; - uint32 num_sam_entries = 0; - int opt; - - fstring srv_name; - fstring domain; - fstring sid; - DOM_SID sid1; - sid_copy(&sid1, &info->dom.level5_sid); - sid_to_string(sid, &sid1); - fstrcpy(domain, info->dom.level5_dom); - - if (sid1.num_auths == 0) - { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; - } - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - while ((opt = getopt(argc, argv, "uga")) != EOF) - { - switch (opt) - { - case 'u': - { - request_user_info = True; - break; - } - case 'g': - { - request_group_info = True; - break; - } - case 'a': - { - request_alias_info = True; - break; - } - } - } - - report(out_hnd, "SAM Enumerate Users\n"); - - msrpc_sam_enum_users(srv_name, domain, &sid1, - &sam, &num_sam_entries, - sam_display_user, - request_user_info ? sam_display_user_info : NULL, - request_group_info ? sam_display_group_members : NULL, - request_alias_info ? sam_display_group_members : NULL); - - if (sam != NULL) - { - free(sam); - } -} - - -/**************************************************************************** -experimental SAM group query members. -****************************************************************************/ -void cmd_sam_query_groupmem(struct client_info *info, int argc, char *argv[]) -{ - fstring srv_name; - fstring domain; - fstring sid_str; - DOM_SID sid; - BOOL res = True; - BOOL res1 = True; - - char *group_name; - char *names[1]; - uint32 num_rids; - uint32 rid[MAX_LOOKUP_SIDS]; - uint32 type[MAX_LOOKUP_SIDS]; - POLICY_HND sam_pol; - POLICY_HND pol_dom; - - fstrcpy(domain, info->dom.level5_dom); - sid_copy(&sid, &info->dom.level5_sid); - - if (sid.num_auths == 0) - { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; - } - - if (argc < 2) - { - report(out_hnd, "samgroupmem \n"); - return; - } - - group_name = argv[1]; - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - sid_to_string(sid_str, &sid); - - report(out_hnd, "SAM Query Group: %s\n", group_name); - report(out_hnd, "From: %s To: %s Domain: %s SID: %s\n", - info->myhostname, srv_name, domain, sid_str); - - /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, - &sam_pol) : False; - - /* connect to the domain */ - res = res ? samr_open_domain( &sam_pol, 0x304, &sid, - &pol_dom) : False; - - /* look up group rid */ - names[0] = group_name; - res1 = res ? samr_query_lookup_names( &pol_dom, 0x3e8, - 1, names, - &num_rids, rid, type) : False; - - if (res1 && num_rids == 1) - { - res1 = req_groupmem_info( &pol_dom, - domain, - &sid, - rid[0], - names[0], - sam_display_group_members); - } - - res = res ? samr_close( &sam_pol) : False; - - res = res ? samr_close( &pol_dom) : False; - - if (res1) - { - DEBUG(5,("cmd_sam_query_group: succeeded\n")); - } - else - { - DEBUG(5,("cmd_sam_query_group: failed\n")); - } -} - - -/**************************************************************************** -experimental SAM group query. -****************************************************************************/ -void cmd_sam_query_group(struct client_info *info, int argc, char *argv[]) -{ - fstring srv_name; - fstring domain; - fstring sid_str; - DOM_SID sid; - BOOL res = True; - BOOL res1 = True; - - char *group_name; - char *names[1]; - uint32 num_rids; - uint32 rid[MAX_LOOKUP_SIDS]; - uint32 type[MAX_LOOKUP_SIDS]; - POLICY_HND sam_pol; - POLICY_HND pol_dom; - - fstrcpy(domain, info->dom.level5_dom); - sid_copy(&sid, &info->dom.level5_sid); - - if (sid.num_auths == 0) - { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; - } - - if (argc < 2) - { - report(out_hnd, "samgroup \n"); - return; - } - - group_name = argv[1]; - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - sid_to_string(sid_str, &sid); - - report(out_hnd, "SAM Query Group: %s\n", group_name); - report(out_hnd, "From: %s To: %s Domain: %s SID: %s\n", - info->myhostname, srv_name, domain, sid_str); - - /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, - &sam_pol) : False; - - /* connect to the domain */ - res = res ? samr_open_domain( &sam_pol, 0x304, &sid, - &pol_dom) : False; - - /* look up group rid */ - names[0] = group_name; - res1 = res ? samr_query_lookup_names( &pol_dom, 0x3e8, - 1, names, - &num_rids, rid, type) : False; - - if (res1 && num_rids == 1) - { - res1 = query_groupinfo( &pol_dom, - domain, - &sid, - rid[0], - sam_display_group_info); - } - - res = res ? samr_close( &sam_pol) : False; - - res = res ? samr_close( &pol_dom) : False; - - if (res1) - { - DEBUG(5,("cmd_sam_query_group: succeeded\n")); - } - else - { - DEBUG(5,("cmd_sam_query_group: failed\n")); - } -} - - -/**************************************************************************** -experimental SAM user query. -****************************************************************************/ -void cmd_sam_query_user(struct client_info *info, int argc, char *argv[]) -{ - fstring srv_name; - fstring domain; - fstring sid_str; - DOM_SID sid; - BOOL res = True; - BOOL res1 = True; - int opt; - - char *user_name; - char *names[1]; - uint32 num_rids; - uint32 rid[MAX_LOOKUP_SIDS]; - uint32 type[MAX_LOOKUP_SIDS]; - POLICY_HND sam_pol; - POLICY_HND pol_dom; - - BOOL request_user_info = False; - BOOL request_group_info = False; - BOOL request_alias_info = False; - - fstrcpy(domain, info->dom.level5_dom); - sid_copy(&sid, &info->dom.level5_sid); - - if (sid.num_auths == 0) - { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; - } - - if (argc < 2) - { - report(out_hnd, "samuser [-u] [-g] [-a]\n"); - return; - } - - user_name = argv[1]; - - argc--; - argv++; - - while ((opt = getopt(argc, argv, "uga")) != EOF) - { - switch (opt) - { - case 'u': - { - request_user_info = True; - break; - } - case 'g': - { - request_group_info = True; - break; - } - case 'a': - { - request_alias_info = True; - break; - } - } - } - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - sid_to_string(sid_str, &sid); - - report(out_hnd, "SAM Query User: %s\n", user_name); - report(out_hnd, "From: %s To: %s Domain: %s SID: %s\n", - info->myhostname, srv_name, domain, sid_str); - - /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, - &sam_pol) : False; - - /* connect to the domain */ - res = res ? samr_open_domain( &sam_pol, 0x304, &sid, - &pol_dom) : False; - - /* look up user rid */ - names[0] = user_name; - res1 = res ? samr_query_lookup_names( &pol_dom, 0x3e8, - 1, names, - &num_rids, rid, type) : False; - - /* send user info query */ - if (res1 && num_rids == 1) - { - msrpc_sam_user( &pol_dom, NULL, - domain, - &sid, NULL, - rid[0], names[0], - sam_display_user, - request_user_info ? sam_display_user_info : NULL, - request_group_info ? sam_display_group_members : NULL, - request_alias_info ? sam_display_group_members : NULL); - } - else - { - res1 = False; - } - - res = res ? samr_close( &sam_pol) : False; - res = res ? samr_close( &pol_dom) : False; - - if (res1) - { - DEBUG(5,("cmd_sam_query_user: succeeded\n")); - } - else - { - DEBUG(5,("cmd_sam_query_user: failed\n")); - } -} - - -/**************************************************************************** -experimental SAM user set. -****************************************************************************/ -void cmd_sam_set_userinfo2(struct client_info *info, int argc, char *argv[]) -{ - fstring srv_name; - fstring domain; - fstring sid_str; - DOM_SID sid; - BOOL res = True; - BOOL res1 = True; - int opt; - BOOL set_acb_bits = False; - - fstring user_name; - - char *names[1]; - uint32 num_rids; - uint32 rid[MAX_LOOKUP_SIDS]; - uint32 type[MAX_LOOKUP_SIDS]; - POLICY_HND sam_pol; - POLICY_HND pol_dom; - SAM_USER_INFO_16 usr16; - uint16 acb_set = 0x0; - - fstrcpy(domain, info->dom.level5_dom); - sid_copy(&sid, &info->dom.level5_sid); - - if (sid.num_auths == 0) - { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; - } - - if (argc < 2) - { - report(out_hnd, "samuserset2 [-s ]\n"); - return; - } - - argc--; - argv++; - - safe_strcpy(user_name, argv[0], sizeof(user_name)); - - while ((opt = getopt(argc, argv,"s:")) != EOF) - { - switch (opt) - { - case 's': - { - set_acb_bits = True; - acb_set = get_number(optarg); - break; - } - } - } - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - sid_to_string(sid_str, &sid); - - report(out_hnd, "SAM Set User Info: %s\n", user_name); - - /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, - &sam_pol) : False; - - /* connect to the domain */ - res = res ? samr_open_domain( &sam_pol, 0x02000000, &sid, - &pol_dom) : False; - - /* look up user rid */ - names[0] = user_name; - res1 = res ? samr_query_lookup_names( &pol_dom, 0x3e8, - 1, names, - &num_rids, rid, type) : False; - - /* send set user info */ - if (res1 && num_rids == 1 && get_samr_query_userinfo( &pol_dom, - 0x10, rid[0], - (void*)&usr16)) - { - void *usr = NULL; - uint32 switch_value = 0; - - if (set_acb_bits) - { - usr16.acb_info |= acb_set; - } - - if (True) - { - SAM_USER_INFO_16 *p = (SAM_USER_INFO_16 *)malloc(sizeof(SAM_USER_INFO_16)); - p->acb_info = usr16.acb_info; - - usr = (void*)p; - switch_value = 16; - } - - if (usr != NULL) - { - res1 = set_samr_set_userinfo2( &pol_dom, - switch_value, rid[0], usr); - } - } - res = res ? samr_close( &sam_pol) : False; - - res = res ? samr_close( &pol_dom) : False; - - if (res1) - { - report(out_hnd, "Set User Info: OK\n"); - DEBUG(5,("cmd_sam_query_user: succeeded\n")); - } - else - { - report(out_hnd, "Set User Info: Failed\n"); - DEBUG(5,("cmd_sam_query_user: failed\n")); - } -} - -/**************************************************************************** -experimental SAM user set. -****************************************************************************/ -void cmd_sam_set_userinfo(struct client_info *info, int argc, char *argv[]) -{ - fstring srv_name; - fstring domain; - fstring sid_str; - DOM_SID sid; - BOOL res = True; - BOOL res1 = True; - int opt; - BOOL set_passwd = False; - - fstring user_name; - fstring password; - - char *names[1]; - uint32 num_rids; - uint32 rid[MAX_LOOKUP_SIDS]; - uint32 type[MAX_LOOKUP_SIDS]; - POLICY_HND sam_pol; - POLICY_HND pol_dom; - SAM_USER_INFO_21 usr21; - - fstrcpy(domain, info->dom.level5_dom); - sid_copy(&sid, &info->dom.level5_sid); - - if (sid.num_auths == 0) - { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; - } - - argc--; - argv++; - - if (argc == 0) - { - report(out_hnd, "samuserset [-p password]\n"); - return; - } - - safe_strcpy(user_name, argv[0], sizeof(user_name)); - - if (argc == 1) - { - fstring pass_str; - char *pass; - slprintf(pass_str, sizeof(pass_str)-1, "Enter %s's Password:", - user_name); - pass = (char*)getpass(pass_str); - - if (pass != NULL) - { - safe_strcpy(password, pass, - sizeof(password)-1); - set_passwd = True; - } - } - else - { - while ((opt = getopt(argc, argv,"p:")) != EOF) - { - switch (opt) - { - case 'p': - { - set_passwd = True; - safe_strcpy(password, optarg, - sizeof(password)-1); - break; - } - } - } - } - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - sid_to_string(sid_str, &sid); - - report(out_hnd, "SAM Set User Info: %s\n", user_name); - report(out_hnd, "Password: %s\n", password); - - /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, - &sam_pol) : False; - - /* connect to the domain */ - res = res ? samr_open_domain( &sam_pol, 0x02000000, &sid, - &pol_dom) : False; - - /* look up user rid */ - names[0] = user_name; - res1 = res ? samr_query_lookup_names( &pol_dom, 0x3e8, - 1, names, - &num_rids, rid, type) : False; - - /* send set user info */ - if (res1 && num_rids == 1 && get_samr_query_userinfo( &pol_dom, - 0x15, rid[0], &usr21)) - { - void *usr = NULL; - uint32 switch_value = 0; - char pwbuf[516]; - - if (set_passwd) - { - encode_pw_buffer(pwbuf, password, - strlen(password), True); - } - - if (True) - { - SAM_USER_INFO_24 *p = (SAM_USER_INFO_24*)malloc(sizeof(SAM_USER_INFO_24)); - make_sam_user_info24(p, pwbuf, strlen(password)); - - usr = p; - switch_value = 24; - } - - if (False) - { - SAM_USER_INFO_23 *p = (SAM_USER_INFO_23*)malloc(sizeof(SAM_USER_INFO_23)); - /* send user info query, level 0x15 */ - make_sam_user_info23W(p, - &usr21.logon_time, - &usr21.logoff_time, - &usr21.kickoff_time, - &usr21.pass_last_set_time, - &usr21.pass_can_change_time, - &usr21.pass_must_change_time, - - &usr21.uni_user_name, - &usr21.uni_full_name, - &usr21.uni_home_dir, - &usr21.uni_dir_drive, - &usr21.uni_logon_script, - &usr21.uni_profile_path, - &usr21.uni_acct_desc, - &usr21.uni_workstations, - &usr21.uni_unknown_str, - &usr21.uni_munged_dial, - - 0x0, - usr21.group_rid, - usr21.acb_info, - - 0x09f827fa, - usr21.logon_divs, - &usr21.logon_hrs, - usr21.unknown_5, - pwbuf, - usr21.unknown_6); - - usr = p; - switch_value = 23; - } - if (usr != NULL) - { - res1 = set_samr_set_userinfo( &pol_dom, - switch_value, rid[0], usr); - } - } - res = res ? samr_close( &sam_pol) : False; - - res = res ? samr_close( &pol_dom) : False; - - if (res1) - { - report(out_hnd, "Set User Info: OK\n"); - DEBUG(5,("cmd_sam_query_user: succeeded\n")); - } - else - { - report(out_hnd, "Set User Info: Failed\n"); - DEBUG(5,("cmd_sam_query_user: failed\n")); - } -} - -static void sam_display_disp_info(const char* domain, const DOM_SID *sid, - uint16 info, uint32 num, - SAM_DISPINFO_CTR *ctr) - -{ - report(out_hnd, "SAM Display Info for Domain %s\n", domain); - - display_sam_disp_info_ctr(out_hnd, ACTION_HEADER , info, num, ctr); - display_sam_disp_info_ctr(out_hnd, ACTION_ENUMERATE, info, num, ctr); - display_sam_disp_info_ctr(out_hnd, ACTION_FOOTER , info, num, ctr); -} - -/**************************************************************************** -experimental SAM query display info. -****************************************************************************/ -void cmd_sam_query_dispinfo(struct client_info *info, int argc, char *argv[]) -{ - fstring srv_name; - fstring domain; - fstring sid; - DOM_SID sid1; - uint16 switch_value = 1; - SAM_DISPINFO_CTR ctr; - SAM_DISPINFO_1 inf1; - uint32 num_entries; - - sid_to_string(sid, &info->dom.level5_sid); - fstrcpy(domain, info->dom.level5_dom); - - string_to_sid(&sid1, sid); - - if (sid1.num_auths == 0) - { - fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; - } - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - if (argc > 1) - { - switch_value = strtoul(argv[1], (char**)NULL, 10); - } - - ctr.sam.info1 = &inf1; - - if (msrpc_sam_query_dispinfo( srv_name, domain, &sid1, - switch_value, - &num_entries, &ctr, sam_display_disp_info)) - { - - DEBUG(5,("cmd_sam_query_dispinfo: succeeded\n")); - } - else - { - DEBUG(5,("cmd_sam_query_dispinfo: failed\n")); - } -} - -/**************************************************************************** -experimental SAM domain info query. -****************************************************************************/ -void cmd_sam_query_dominfo(struct client_info *info, int argc, char *argv[]) -{ - fstring domain; - fstring sid; - DOM_SID sid1; - uint32 switch_value = 2; - SAM_UNK_CTR ctr; - fstring srv_name; - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - sid_to_string(sid, &info->dom.level5_sid); - fstrcpy(domain, info->dom.level5_dom); - - string_to_sid(&sid1, sid); - - if (sid1.num_auths == 0) - { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; - } - - if (argc > 1) - { - switch_value = strtoul(argv[1], (char**)NULL, 10); - } - - if (sam_query_dominfo(srv_name, &sid1, switch_value, &ctr)) - { - DEBUG(5,("cmd_sam_query_dominfo: succeeded\n")); - sam_display_dom_info(domain, &sid1, switch_value, &ctr); - } - else - { - DEBUG(5,("cmd_sam_query_dominfo: failed\n")); - } -} - -/**************************************************************************** -experimental SAM alias query members. -****************************************************************************/ -void cmd_sam_query_aliasmem(struct client_info *info, int argc, char *argv[]) -{ - fstring srv_name; - fstring domain; - fstring sid_str; - DOM_SID sid; - BOOL res = True; - BOOL res1 = True; - - char *alias_name; - char *names[1]; - uint32 num_rids; - uint32 rid[MAX_LOOKUP_SIDS]; - uint32 type[MAX_LOOKUP_SIDS]; - POLICY_HND sam_pol; - POLICY_HND pol_dom; - - fstrcpy(domain, info->dom.level5_dom); - sid_copy(&sid, &info->dom.level5_sid); - - if (sid.num_auths == 0) - { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; - } - - if (argc < 2) - { - report(out_hnd, "samaliasmem \n"); - return; - } - - alias_name = argv[1]; - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - sid_to_string(sid_str, &sid); - - report(out_hnd, "SAM Query Alias: %s\n", alias_name); - report(out_hnd, "From: %s To: %s Domain: %s SID: %s\n", - info->myhostname, srv_name, domain, sid_str); - - /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, - &sam_pol) : False; - - /* connect to the domain */ - res = res ? samr_open_domain( &sam_pol, 0x304, &sid, - &pol_dom) : False; - - /* look up alias rid */ - names[0] = alias_name; - res1 = res ? samr_query_lookup_names( &pol_dom, 0x3e8, - 1, names, - &num_rids, rid, type) : False; - - if (res1 && num_rids == 1) - { - res1 = req_aliasmem_info(srv_name, - &pol_dom, - domain, - &sid, - rid[0], - names[0], - sam_display_alias_members); - } - - res = res ? samr_close( &sam_pol) : False; - - res = res ? samr_close( &pol_dom) : False; - - if (res1) - { - DEBUG(5,("cmd_sam_query_alias: succeeded\n")); - } - else - { - DEBUG(5,("cmd_sam_query_alias: failed\n")); - } -} - - -/**************************************************************************** -experimental SAM alias query. -****************************************************************************/ -void cmd_sam_query_alias(struct client_info *info, int argc, char *argv[]) -{ - fstring srv_name; - fstring domain; - fstring sid_str; - DOM_SID sid; - BOOL res = True; - BOOL res1 = True; - - char *alias_name; - char *names[1]; - uint32 num_rids; - uint32 rid[MAX_LOOKUP_SIDS]; - uint32 type[MAX_LOOKUP_SIDS]; - POLICY_HND sam_pol; - POLICY_HND pol_dom; - - fstrcpy(domain, info->dom.level5_dom); - sid_copy(&sid, &info->dom.level5_sid); - - if (sid.num_auths == 0) - { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; - } - - if (argc < 2) - { - report(out_hnd, "samalias \n"); - return; - } - - alias_name = argv[1]; - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - sid_to_string(sid_str, &sid); - - report(out_hnd, "SAM Query Alias: %s\n", alias_name); - report(out_hnd, "From: %s To: %s Domain: %s SID: %s\n", - info->myhostname, srv_name, domain, sid_str); - - /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, - &sam_pol) : False; - - /* connect to the domain */ - res = res ? samr_open_domain( &sam_pol, 0x304, &sid, - &pol_dom) : False; - - /* look up alias rid */ - names[0] = alias_name; - res1 = res ? samr_query_lookup_names( &pol_dom, 0x3e8, - 1, names, - &num_rids, rid, type) : False; - - if (res1 && num_rids == 1) - { - res1 = query_aliasinfo( &pol_dom, - domain, - &sid, - rid[0], - sam_display_alias_info); - } - - res = res ? samr_close( &sam_pol) : False; - - res = res ? samr_close( &pol_dom) : False; - - if (res1) - { - DEBUG(5,("cmd_sam_query_alias: succeeded\n")); - } - else - { - DEBUG(5,("cmd_sam_query_alias: failed\n")); - } -} - - -/**************************************************************************** -SAM aliases query. -****************************************************************************/ -void cmd_sam_enum_aliases(struct client_info *info, int argc, char *argv[]) -{ - BOOL request_member_info = False; - BOOL request_alias_info = False; - struct acct_info *sam = NULL; - uint32 num_sam_entries = 0; - int opt; - - fstring domain; - fstring srv_name; - fstring sid; - DOM_SID sid1; - sid_copy(&sid1, &info->dom.level5_sid); - sid_to_string(sid, &sid1); - fstrcpy(domain, info->dom.level5_dom); - - if (sid1.num_auths == 0) - { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; - } - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - while ((opt = getopt(argc, argv, "ma")) != EOF) - { - switch (opt) - { - case 'm': - { - request_member_info = True; - break; - } - case 'a': - { - request_alias_info = True; - break; - } - } - } - - report(out_hnd, "SAM Enumerate Aliases\n"); - - msrpc_sam_enum_aliases(srv_name, domain, &sid1, - &sam, &num_sam_entries, - sam_display_alias, - request_alias_info ? sam_display_alias_info : NULL, - request_member_info ? sam_display_alias_members : NULL); - - if (sam != NULL) - { - free(sam); - } -} - -/**************************************************************************** -experimental SAM groups enum. -****************************************************************************/ -void cmd_sam_enum_groups(struct client_info *info, int argc, char *argv[]) -{ - BOOL request_member_info = False; - BOOL request_group_info = False; - struct acct_info *sam = NULL; - uint32 num_sam_entries = 0; - int opt; - - fstring srv_name; - fstring domain; - fstring sid; - DOM_SID sid1; - sid_copy(&sid1, &info->dom.level5_sid); - sid_to_string(sid, &sid1); - fstrcpy(domain, info->dom.level5_dom); - - if (sid1.num_auths == 0) - { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; - } - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - while ((opt = getopt(argc, argv, "mg")) != EOF) - { - switch (opt) - { - case 'm': - { - request_member_info = True; - break; - } - case 'g': - { - request_group_info = True; - break; - } - } - } - - report(out_hnd, "SAM Enumerate Groups\n"); - - msrpc_sam_enum_groups(srv_name, domain, &sid1, - &sam, &num_sam_entries, - sam_display_group, - request_group_info ? sam_display_group_info : NULL, - request_member_info ? sam_display_group_members : NULL); - - if (sam != NULL) - { - free(sam); - } -} - -/**************************************************************************** -experimental SAM domains enum. -****************************************************************************/ -void cmd_sam_enum_domains(struct client_info *info, int argc, char *argv[]) -{ - BOOL request_domain_info = False; - struct acct_info *sam = NULL; - uint32 num_sam_entries = 0; - int opt; - - fstring srv_name; - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - while ((opt = getopt(argc, argv, "i")) != EOF) - { - switch (opt) - { - case 'i': - { - request_domain_info= True; - break; - } - } - } - - report(out_hnd, "SAM Enumerate Domains\n"); - - msrpc_sam_enum_domains(srv_name, - &sam, &num_sam_entries, - request_domain_info ? NULL : sam_display_domain, - request_domain_info ? sam_display_dom_info : NULL); - - if (sam != NULL) - { - free(sam); - } -} diff --git a/source3/rpcclient/cmd_srvsvc.c b/source3/rpcclient/cmd_srvsvc.c index f0b10fe0d6..9deb9e801c 100644 --- a/source3/rpcclient/cmd_srvsvc.c +++ b/source3/rpcclient/cmd_srvsvc.c @@ -2,8 +2,8 @@ Unix SMB/Netbios implementation. Version 1.9. NT Domain Authentication SMB / MSRPC client - Copyright (C) Andrew Tridgell 1994-1999 - Copyright (C) Luke Kenneth Casson Leighton 1996-1999 + Copyright (C) Andrew Tridgell 1994-1997 + Copyright (C) Luke Kenneth Casson Leighton 1996-1997 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -33,49 +33,50 @@ extern int DEBUGLEVEL; #define DEBUG_TESTING +extern struct cli_state *smb_cli; + extern FILE* out_hnd; /**************************************************************************** server get info query ****************************************************************************/ -BOOL net_srv_get_info(struct client_info *info, - uint32 info_level, - SRV_INFO_CTR *ctr) +void cmd_srv_query_info(struct client_info *info) { fstring dest_srv; + fstring tmp; + SRV_INFO_CTR ctr; + uint32 info_level = 101; BOOL res = True; + memset((char *)&ctr, '\0', sizeof(ctr)); + fstrcpy(dest_srv, "\\\\"); fstrcat(dest_srv, info->dest_host); strupper(dest_srv); - DEBUG(4,("net_srv_get_info: server:%s info level: %d\n", + if (next_token(NULL, tmp, NULL, sizeof(tmp)-1)) + { + info_level = (uint32)strtol(tmp, (char**)NULL, 10); + } + + DEBUG(4,("cmd_srv_query_info: server:%s info level: %d\n", dest_srv, (int)info_level)); - /* send info level: receive requested info. hopefully. */ - res = res ? srv_net_srv_get_info(dest_srv, info_level, ctr) : False; + DEBUG(5, ("cmd_srv_query_info: smb_cli->fd:%d\n", smb_cli->fd)); - return res; -} + /* open LSARPC session. */ + res = res ? cli_nt_session_open(smb_cli, PIPE_SRVSVC) : False; -/**************************************************************************** -server get info query -****************************************************************************/ -void cmd_srv_query_info(struct client_info *info, int argc, char *argv[]) -{ - uint32 info_level = 101; - SRV_INFO_CTR ctr; - - bzero(&ctr, sizeof(ctr)); + /* send info level: receive requested info. hopefully. */ + res = res ? do_srv_net_srv_get_info(smb_cli, + dest_srv, info_level, &ctr) : False; - if (argc > 1) - { - info_level = (uint32)strtol(argv[1], (char**)NULL, 10); - } + /* close the session */ + cli_nt_session_close(smb_cli); - if (net_srv_get_info(info, info_level, &ctr)) + if (res) { DEBUG(5,("cmd_srv_query_info: query succeeded\n")); @@ -89,83 +90,21 @@ void cmd_srv_query_info(struct client_info *info, int argc, char *argv[]) } } -/**************************************************************************** -server enum transports -****************************************************************************/ -BOOL msrpc_srv_enum_tprt( const char* dest_srv, - uint32 info_level, - SRV_TPRT_INFO_CTR *ctr, - TPRT_INFO_FN(tprt_fn)) -{ - BOOL res = True; - BOOL res1 = True; - - ENUM_HND hnd; - - hnd.ptr_hnd = 1; - hnd.handle = 0; - - /* enumerate transports on server */ - res1 = res ? srv_net_srv_tprt_enum(dest_srv, - info_level, ctr, 0xffffffff, &hnd) : False; - - tprt_fn(ctr); - - free_srv_tprt_ctr(ctr); - - return res1; -} - -static void srv_display_tprt_ctr(const SRV_TPRT_INFO_CTR *ctr) -{ - display_srv_tprt_info_ctr(out_hnd, ACTION_HEADER , ctr); - display_srv_tprt_info_ctr(out_hnd, ACTION_ENUMERATE, ctr); - display_srv_tprt_info_ctr(out_hnd, ACTION_FOOTER , ctr); -} - -/**************************************************************************** -server enum transports -****************************************************************************/ -void cmd_srv_enum_tprt(struct client_info *info, int argc, char *argv[]) -{ - fstring dest_srv; - SRV_TPRT_INFO_CTR ctr; - uint32 info_level = 0; - - bzero(&ctr, sizeof(ctr)); - - fstrcpy(dest_srv, "\\\\"); - fstrcat(dest_srv, info->dest_host); - strupper(dest_srv); - - if (argc > 1) - { - info_level = (uint32)strtol(argv[1], (char**)NULL, 10); - } - - DEBUG(4,("cmd_srv_enum_tprt: server:%s info level: %d\n", - dest_srv, (int)info_level)); - - /* enumerate transports on server */ - msrpc_srv_enum_tprt(dest_srv, - info_level, &ctr, - srv_display_tprt_ctr); -} - /**************************************************************************** server enum connections ****************************************************************************/ -void cmd_srv_enum_conn(struct client_info *info, int argc, char *argv[]) +void cmd_srv_enum_conn(struct client_info *info) { fstring dest_srv; fstring qual_srv; + fstring tmp; SRV_CONN_INFO_CTR ctr; ENUM_HND hnd; uint32 info_level = 0; BOOL res = True; - bzero(&ctr, sizeof(ctr)); + memset((char *)&ctr, '\0', sizeof(ctr)); fstrcpy(qual_srv, "\\\\"); fstrcat(qual_srv, info->myhostname); @@ -175,19 +114,25 @@ void cmd_srv_enum_conn(struct client_info *info, int argc, char *argv[]) fstrcat(dest_srv, info->dest_host); strupper(dest_srv); - if (argc > 1) + if (next_token(NULL, tmp, NULL, sizeof(tmp)-1)) { - info_level = (uint32)strtol(argv[1], (char**)NULL, 10); + info_level = (uint32)strtol(tmp, (char**)NULL, 10); } DEBUG(4,("cmd_srv_enum_conn: server:%s info level: %d\n", dest_srv, (int)info_level)); + DEBUG(5, ("cmd_srv_enum_conn: smb_cli->fd:%d\n", smb_cli->fd)); + + /* open srvsvc session. */ + res = res ? cli_nt_session_open(smb_cli, PIPE_SRVSVC) : False; + hnd.ptr_hnd = 1; hnd.handle = 0; /* enumerate connections on server */ - res = res ? srv_net_srv_conn_enum(dest_srv, qual_srv, + res = res ? do_srv_net_srv_conn_enum(smb_cli, + dest_srv, qual_srv, info_level, &ctr, 0xffffffff, &hnd) : False; if (res) @@ -197,6 +142,9 @@ void cmd_srv_enum_conn(struct client_info *info, int argc, char *argv[]) display_srv_conn_info_ctr(out_hnd, ACTION_FOOTER , &ctr); } + /* close the session */ + cli_nt_session_close(smb_cli); + if (res) { DEBUG(5,("cmd_srv_enum_conn: query succeeded\n")); @@ -210,43 +158,52 @@ void cmd_srv_enum_conn(struct client_info *info, int argc, char *argv[]) /**************************************************************************** server enum shares ****************************************************************************/ -void cmd_srv_enum_shares(struct client_info *info, int argc, char *argv[]) +void cmd_srv_enum_shares(struct client_info *info) { fstring dest_srv; - SRV_SHARE_INFO_CTR ctr; + fstring tmp; + SRV_R_NET_SHARE_ENUM r_o; ENUM_HND hnd; uint32 info_level = 1; BOOL res = True; - bzero(&ctr, sizeof(ctr)); - fstrcpy(dest_srv, "\\\\"); fstrcat(dest_srv, info->dest_host); strupper(dest_srv); - if (argc > 1) + if (next_token(NULL, tmp, NULL, sizeof(tmp)-1)) { - info_level = (uint32)strtol(argv[1], (char**)NULL, 10); + info_level = (uint32)strtol(tmp, (char**)NULL, 10); } DEBUG(4,("cmd_srv_enum_shares: server:%s info level: %d\n", dest_srv, (int)info_level)); + DEBUG(5, ("cmd_srv_enum_shares: smb_cli->fd:%d\n", smb_cli->fd)); + + /* open srvsvc session. */ + res = res ? cli_nt_session_open(smb_cli, PIPE_SRVSVC) : False; + hnd.ptr_hnd = 0; hnd.handle = 0; /* enumerate shares_files on server */ - res = res ? srv_net_srv_share_enum(dest_srv, - info_level, &ctr, 0xffffffff, &hnd) : False; + res = res ? do_srv_net_srv_share_enum(smb_cli, + dest_srv, + info_level, &r_o, 0xffffffff, &hnd) : False; if (res) { - display_srv_share_info_ctr(out_hnd, ACTION_HEADER , &ctr); - display_srv_share_info_ctr(out_hnd, ACTION_ENUMERATE, &ctr); - display_srv_share_info_ctr(out_hnd, ACTION_FOOTER , &ctr); + display_srv_share_info_ctr(out_hnd, ACTION_HEADER , &r_o.ctr); + display_srv_share_info_ctr(out_hnd, ACTION_ENUMERATE, &r_o.ctr); + display_srv_share_info_ctr(out_hnd, ACTION_FOOTER , &r_o.ctr); + free_srv_r_net_share_enum(&r_o); } + /* close the session */ + cli_nt_session_close(smb_cli); + if (res) { DEBUG(5,("cmd_srv_enum_shares: query succeeded\n")); @@ -260,42 +217,44 @@ void cmd_srv_enum_shares(struct client_info *info, int argc, char *argv[]) /**************************************************************************** server enum sessions ****************************************************************************/ -void cmd_srv_enum_sess(struct client_info *info, int argc, char *argv[]) +void cmd_srv_enum_sess(struct client_info *info) { fstring dest_srv; + fstring tmp; SRV_SESS_INFO_CTR ctr; ENUM_HND hnd; uint32 info_level = 0; BOOL res = True; - bzero(&ctr, sizeof(ctr)); + memset((char *)&ctr, '\0', sizeof(ctr)); fstrcpy(dest_srv, "\\\\"); fstrcat(dest_srv, info->dest_host); strupper(dest_srv); - if (argc > 1) + if (next_token(NULL, tmp, NULL, sizeof(tmp)-1)) { - info_level = (uint32)strtol(argv[1], (char**)NULL, 10); + info_level = (uint32)strtol(tmp, (char**)NULL, 10); } DEBUG(4,("cmd_srv_enum_sess: server:%s info level: %d\n", dest_srv, (int)info_level)); + DEBUG(5, ("cmd_srv_enum_sess: smb_cli->fd:%d\n", smb_cli->fd)); + + /* open srvsvc session. */ + res = res ? cli_nt_session_open(smb_cli, PIPE_SRVSVC) : False; + hnd.ptr_hnd = 1; hnd.handle = 0; /* enumerate sessions on server */ - res = res ? srv_net_srv_sess_enum(dest_srv, NULL, NULL, - info_level, &ctr, 0x1000, &hnd) : False; + res = res ? do_srv_net_srv_sess_enum(smb_cli, + dest_srv, NULL, info_level, &ctr, 0x1000, &hnd) : False; - if (res) - { - display_srv_sess_info_ctr(out_hnd, ACTION_HEADER , &ctr); - display_srv_sess_info_ctr(out_hnd, ACTION_ENUMERATE, &ctr); - display_srv_sess_info_ctr(out_hnd, ACTION_FOOTER , &ctr); - } + /* close the session */ + cli_nt_session_close(smb_cli); if (res) { @@ -310,35 +269,42 @@ void cmd_srv_enum_sess(struct client_info *info, int argc, char *argv[]) /**************************************************************************** server enum files ****************************************************************************/ -void cmd_srv_enum_files(struct client_info *info, int argc, char *argv[]) +void cmd_srv_enum_files(struct client_info *info) { fstring dest_srv; + fstring tmp; SRV_FILE_INFO_CTR ctr; ENUM_HND hnd; uint32 info_level = 3; BOOL res = True; - bzero(&ctr, sizeof(ctr)); + memset((char *)&ctr, '\0', sizeof(ctr)); fstrcpy(dest_srv, "\\\\"); fstrcat(dest_srv, info->dest_host); strupper(dest_srv); - if (argc > 1) + if (next_token(NULL, tmp, NULL, sizeof(tmp)-1)) { - info_level = (uint32)strtol(argv[1], (char**)NULL, 10); + info_level = (uint32)strtol(tmp, (char**)NULL, 10); } DEBUG(4,("cmd_srv_enum_files: server:%s info level: %d\n", dest_srv, (int)info_level)); + DEBUG(5, ("cmd_srv_enum_files: smb_cli->fd:%d\n", smb_cli->fd)); + + /* open srvsvc session. */ + res = res ? cli_nt_session_open(smb_cli, PIPE_SRVSVC) : False; + hnd.ptr_hnd = 1; hnd.handle = 0; /* enumerate files on server */ - res = res ? srv_net_srv_file_enum(dest_srv, NULL, 0, - info_level, &ctr, 0x1000, &hnd) : False; + res = res ? do_srv_net_srv_file_enum(smb_cli, + dest_srv, NULL, info_level, &ctr, 0x1000, &hnd) : False; + if (res) { @@ -347,39 +313,8 @@ void cmd_srv_enum_files(struct client_info *info, int argc, char *argv[]) display_srv_file_info_ctr(out_hnd, ACTION_FOOTER , &ctr); } - if (res) - { - DEBUG(5,("cmd_srv_enum_files: query succeeded\n")); - } - else - { - DEBUG(5,("cmd_srv_enum_files: query failed\n")); - } -} - -/**************************************************************************** -display remote time -****************************************************************************/ -void cmd_time(struct client_info *info, int argc, char *argv[]) -{ - fstring dest_srv; - TIME_OF_DAY_INFO tod; - BOOL res = True; - - fstrcpy(dest_srv, "\\\\"); - fstrcat(dest_srv, info->dest_host); - strupper(dest_srv); - - DEBUG(4,("cmd_time: server:%s\n", dest_srv)); - - /* enumerate files on server */ - res = res ? srv_net_remote_tod(dest_srv, &tod) : False; - - if (res) - { - fprintf(out_hnd, "\tRemote Time:\t%s\n\n", - http_timestring(tod.elapsedt)); - } + /* close the session */ + cli_nt_session_close(smb_cli); if (res) { @@ -390,3 +325,4 @@ void cmd_time(struct client_info *info, int argc, char *argv[]) DEBUG(5,("cmd_srv_enum_files: query failed\n")); } } + diff --git a/source3/rpcclient/cmd_wkssvc.c b/source3/rpcclient/cmd_wkssvc.c index 474c53f347..0b8f469af3 100644 --- a/source3/rpcclient/cmd_wkssvc.c +++ b/source3/rpcclient/cmd_wkssvc.c @@ -33,36 +33,48 @@ extern int DEBUGLEVEL; #define DEBUG_TESTING +extern struct cli_state *smb_cli; + extern FILE* out_hnd; /**************************************************************************** workstation get info query ****************************************************************************/ -void cmd_wks_query_info(struct client_info *info, int argc, char *argv[]) +void cmd_wks_query_info(struct client_info *info) { fstring dest_wks; + fstring tmp; WKS_INFO_100 ctr; uint32 info_level = 100; BOOL res = True; - bzero(&ctr, sizeof(ctr)); + memset((char *)&ctr, '\0', sizeof(ctr)); fstrcpy(dest_wks, "\\\\"); fstrcat(dest_wks, info->dest_host); strupper(dest_wks); - if (argc > 1) + if (next_token(NULL, tmp, NULL, sizeof(tmp))) { - info_level = (uint32)strtol(argv[1], (char**)NULL, 10); + info_level = (uint32)strtol(tmp, (char**)NULL, 10); } DEBUG(4,("cmd_wks_query_info: server:%s info level: %d\n", dest_wks, info_level)); + DEBUG(5, ("cmd_wks_query_info: smb_cli->fd:%d\n", smb_cli->fd)); + + /* open LSARPC session. */ + res = res ? cli_nt_session_open(smb_cli, PIPE_WKSSVC) : False; + /* send info level: receive requested info. hopefully. */ - res = res ? wks_query_info( dest_wks, info_level, &ctr) : False; + res = res ? do_wks_query_info(smb_cli, + dest_wks, info_level, &ctr) : False; + + /* close the session */ + cli_nt_session_close(smb_cli); if (res) { diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index 517697a8c5..0750d8dbb8 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -39,570 +39,137 @@ extern pstring user_socket_options; extern int DEBUGLEVEL; +extern file_info def_finfo; + #define CNV_LANG(s) dos2unix_format(s,False) #define CNV_INPUT(s) unix2dos_format(s,True) static int process_tok(fstring tok); -static void cmd_help(struct client_info *info, int argc, char *argv[]); -static void cmd_quit(struct client_info *info, int argc, char *argv[]); -static void cmd_set (struct client_info *info, int argc, char *argv[]); -static void cmd_net (struct client_info *info, int argc, char *argv[]); - -static struct ntuser_creds usr; +static void cmd_help(struct client_info *info); +static void cmd_quit(struct client_info *info); -static struct client_info cli_info; - -static char **cmd_argv = NULL; -static uint32 cmd_argc = 0; +static struct cli_state smbcli; +struct cli_state *smb_cli = &smbcli; FILE *out_hnd; -#define COMPL_NONE 0 -#define COMPL_REGKEY 1 -#define COMPL_SAMUSR 3 -#define COMPL_SAMGRP 4 -#define COMPL_SAMALS 5 -#define COMPL_SVCLST 6 -#define COMPL_PRTLST 7 - /**************************************************************************** - This defines the commands supported by this client - ****************************************************************************/ -struct command_set commands[] = +initialise smb client structure +****************************************************************************/ +void rpcclient_init(void) { - /* - * eventlog - */ - - { - "eventlog", - cmd_eventlog, - "list the events", - {COMPL_NONE, COMPL_NONE} - }, - - /* - * service control - */ - - { - "svcenum", - cmd_svc_enum, - "[-i] Lists Services Manager", - {COMPL_NONE, COMPL_NONE} - }, - - { - "svcinfo", - cmd_svc_info, - " Service Information", - {COMPL_SVCLST, COMPL_NONE} - }, - - { - "svcstart", - cmd_svc_start, - " [arg 0] [arg 1] ... Start Service", - {COMPL_SVCLST, COMPL_NONE} - }, - - { - "svcset", - cmd_svc_set, - " Test Set Service", - {COMPL_SVCLST, COMPL_NONE} - }, - - { - "svcstop", - cmd_svc_stop, - " Stop Service", - {COMPL_SVCLST, COMPL_NONE} - }, - - /* - * scheduler - */ - - { - "at", - cmd_at, - "Scheduler control (at /? for syntax)", - {COMPL_NONE, COMPL_NONE} - }, - - /* - * registry - */ - - { - "regenum", - cmd_reg_enum, - " Registry Enumeration (keys, values)", - {COMPL_REGKEY, COMPL_NONE} - }, - { - "regdeletekey", - cmd_reg_delete_key, - " Registry Key Delete", - {COMPL_REGKEY, COMPL_NONE} - }, - { - "regcreatekey", - cmd_reg_create_key, - " [keyclass] Registry Key Create", - {COMPL_REGKEY, COMPL_NONE} - }, - { - "shutdown", - cmd_reg_shutdown, - "[-m message] [-t timeout] [-r or --reboot] [-f or --force-close] Remote Shutdown", - {COMPL_NONE, COMPL_NONE} - }, - { - "regqueryval", - cmd_reg_query_info, - " Registry Value Query", - {COMPL_REGKEY, COMPL_NONE} - }, - { - "regquerykey", - cmd_reg_query_key, - " Registry Key Query", - {COMPL_REGKEY, COMPL_NONE} - }, - { - "regdeleteval", - cmd_reg_delete_val, - " Registry Value Delete", - {COMPL_REGKEY, COMPL_REGKEY} - }, - { - "regcreateval", - cmd_reg_create_val, - " Registry Key Create", - {COMPL_REGKEY, COMPL_NONE} - }, - { - "reggetsec", - cmd_reg_get_key_sec, - " Registry Key Security", - {COMPL_REGKEY, COMPL_NONE} - }, - { - "regtestsec", - cmd_reg_test_key_sec, - " Test Registry Key Security", - {COMPL_REGKEY, COMPL_NONE} - }, - - /* - * printer testing - */ - - { - "spoolenum", - cmd_spoolss_enum_printers, - "Enumerate Printers", - {COMPL_NONE, COMPL_NONE} - }, - { - "spooljobs", - cmd_spoolss_enum_jobs, - " Enumerate Printer Jobs", - {COMPL_PRTLST, COMPL_NONE} - }, - { - "spoolopen", - cmd_spoolss_open_printer_ex, - " Spool Printer Open Test", - {COMPL_PRTLST, COMPL_NONE} - }, - /* - * server - */ - { - "time", - cmd_time, - "Display remote time", - {COMPL_NONE, COMPL_NONE} - }, - { - "brsinfo", - cmd_brs_query_info, - "Browser Query Info", - {COMPL_NONE, COMPL_NONE} - }, - { - "wksinfo", - cmd_wks_query_info, - "Workstation Query Info", - {COMPL_NONE, COMPL_NONE} - }, - { - "srvinfo", - cmd_srv_query_info, - "Server Query Info", - {COMPL_NONE, COMPL_NONE} - }, - { - "srvsessions", - cmd_srv_enum_sess, - "List sessions on a server", - {COMPL_NONE, COMPL_NONE} - }, - { - "srvshares", - cmd_srv_enum_shares, - "List shares on a server", - {COMPL_NONE, COMPL_NONE} - }, - { - "srvtransports", - cmd_srv_enum_tprt, - "List transports on a server", - {COMPL_NONE, COMPL_NONE} - }, - { - "srvconnections", - cmd_srv_enum_conn, - "List connections on a server", - {COMPL_NONE, COMPL_NONE} - }, - { - "srvfiles", - cmd_srv_enum_files, - "List files on a server", - {COMPL_NONE, COMPL_NONE} - }, - - /* - * lsa - */ - - { - "lsaquery", - cmd_lsa_query_info, - "Query Info Policy (domain member or server)", - {COMPL_NONE, COMPL_NONE} - }, - { - "lsaenumdomains", - cmd_lsa_enum_trust_dom, - "Enumerate Trusted Domains", - {COMPL_NONE, COMPL_NONE} - }, - { - "lookupsids", - cmd_lsa_lookup_sids, - "Resolve names from SIDs", - {COMPL_NONE, COMPL_NONE} - }, - { - "lookupnames", - cmd_lsa_lookup_names, - "Resolve SIDs from names", - {COMPL_NONE, COMPL_NONE} - }, - { - "querysecret", - cmd_lsa_query_secret, - "LSA Query Secret (developer use)", - {COMPL_NONE, COMPL_NONE} - }, - - /* - * netlogon - */ - - { - "ntlogin", - cmd_netlogon_login_test, - "[[DOMAIN\\]username] [password] NT Domain login test", - {COMPL_NONE, COMPL_NONE} - }, - { - "domtrust", - cmd_netlogon_domain_test, - " NT Inter-Domain test", - {COMPL_NONE, COMPL_NONE} - }, - - /* - * sam - */ - - { - "lookupdomain", - cmd_sam_lookup_domain, - "Obtain SID for a local domain", - {COMPL_NONE, COMPL_NONE} - }, - { - "enumusers", - cmd_sam_enum_users, - "SAM User Database Query (experimental!)", - {COMPL_NONE, COMPL_NONE} - }, - { - "addgroupmem", - cmd_sam_add_groupmem, - " [user] [user] ... SAM Add Domain Group Member", - {COMPL_SAMGRP, COMPL_SAMUSR} - }, - - { - "addaliasmem", - cmd_sam_add_aliasmem, - " [member sid1] [member sid2] ... SAM Add Domain Alias Member", - {COMPL_SAMALS, COMPL_NONE} - }, - { - "delgroupmem", - cmd_sam_del_groupmem, - " [user] [user] ... SAM Delete Domain Group Member", - {COMPL_SAMGRP, COMPL_SAMUSR} - }, - { - "delaliasmem", - cmd_sam_del_aliasmem, - " [member sid1] [member sid2] ... SAM Delete Domain Alias Member", - {COMPL_SAMALS, COMPL_NONE} - }, - { - "creategroup", - cmd_sam_create_dom_group, - "SAM Create Domain Group", - {COMPL_NONE, COMPL_NONE} - }, - { - "createalias", - cmd_sam_create_dom_alias, - "SAM Create Domain Alias", - {COMPL_NONE, COMPL_NONE} - }, - { - "createuser", - cmd_sam_create_dom_user, - " SAM Create Domain User", - {COMPL_NONE, COMPL_NONE} - }, - { - "delgroup", - cmd_sam_delete_dom_group, - "SAM Delete Domain Group", - {COMPL_SAMGRP, COMPL_NONE} - }, - { - "delalias", - cmd_sam_delete_dom_alias, - "SAM Delete Domain Alias", - {COMPL_SAMALS, COMPL_NONE} - }, - { - "ntpass", - cmd_sam_ntchange_pwd, - "NT SAM Password Change", - {COMPL_NONE, COMPL_NONE} - }, - { - "samuserset2", - cmd_sam_set_userinfo2, - " [-s acb_bits] SAM User Set Info 2 (experimental!)", - {COMPL_SAMUSR, COMPL_NONE} - }, - { - "samuserset", - cmd_sam_set_userinfo, - " [-p password] SAM User Set Info (experimental!)", - {COMPL_SAMUSR, COMPL_NONE} - }, - { - "samuser", - cmd_sam_query_user, - " [-g] [-u] [-a] SAM User Query (experimental!)", - {COMPL_SAMUSR, COMPL_NONE} - }, - { - "samgroup", - cmd_sam_query_group, - " SAM Group Query (experimental!)", - {COMPL_SAMGRP, COMPL_NONE} - }, - { - "samalias", - cmd_sam_query_alias, - " SAM Alias Query", - {COMPL_SAMALS, COMPL_NONE} - }, - { - "samaliasmem", - cmd_sam_query_aliasmem, - " SAM Alias Members", - {COMPL_SAMALS, COMPL_NONE} - }, - { - "samgroupmem", - cmd_sam_query_groupmem, - "SAM Group Members", - {COMPL_SAMGRP, COMPL_NONE} - }, - { - "samtest", - cmd_sam_test , - "SAM User Encrypted RPC test (experimental!)", - {COMPL_NONE, COMPL_NONE} - }, - { - "enumaliases", - cmd_sam_enum_aliases, - "SAM Aliases Database Query (experimental!)", - {COMPL_NONE, COMPL_NONE} - }, - { - "enumdomains", - cmd_sam_enum_domains, - "SAM Domains Database Query (experimental!)", - {COMPL_NONE, COMPL_NONE} - }, - { - "enumgroups", - cmd_sam_enum_groups, - "SAM Group Database Query (experimental!)", - {COMPL_NONE, COMPL_NONE} - }, - { - "dominfo", - cmd_sam_query_dominfo, - "SAM Query Domain Info", - {COMPL_NONE, COMPL_NONE} - }, - { - "dispinfo", - cmd_sam_query_dispinfo, - "SAM Query Display Info", - {COMPL_NONE, COMPL_NONE} - }, - { - "samsync", - cmd_sam_sync, - "SAM Synchronization Test (experimental)", - {COMPL_NONE, COMPL_NONE} - }, - - /* maintenance */ - - { - "set", - cmd_set, - "run rpcclient inside rpcclient (change options etc.)", - {COMPL_NONE, COMPL_NONE} - }, - - { - "net", - cmd_net, - "net use and net view", - {COMPL_NONE, COMPL_NONE} - }, - /* - * bye bye - */ - - { - "quit", - cmd_quit, - "logoff the server", - {COMPL_NONE, COMPL_NONE} - }, - { - "q", - cmd_quit, - "logoff the server", - {COMPL_NONE, COMPL_NONE} - }, - { - "exit", - cmd_quit, - "logoff the server", - {COMPL_NONE, COMPL_NONE} - }, - { - "bye", - cmd_quit, - "logoff the server", - {COMPL_NONE, COMPL_NONE} - }, - - /* - * eek! - */ + memset((char *)smb_cli, '\0', sizeof(smb_cli)); + cli_initialise(smb_cli); + smb_cli->capabilities |= CAP_NT_SMBS | CAP_STATUS32; +} - { - "help", - cmd_help, - "[command] give help on a command", - {COMPL_NONE, COMPL_NONE} - }, - { - "?", - cmd_help, - "[command] give help on a command", - {COMPL_NONE, COMPL_NONE} - }, +/**************************************************************************** +make smb client connection +****************************************************************************/ +static BOOL rpcclient_connect(struct client_info *info) +{ + struct nmb_name calling; + struct nmb_name called; - /* - * shell - */ + make_nmb_name(&called , dns_to_netbios_name(info->dest_host ), info->name_type, scope); + make_nmb_name(&calling, dns_to_netbios_name(info->myhostname), 0x0 , scope); + if (!cli_establish_connection(smb_cli, + info->dest_host, &info->dest_ip, + &calling, &called, + info->share, info->svc_type, + False, True)) { - "!", - NULL, - "run a shell command on the local system", - {COMPL_NONE, COMPL_NONE} - }, + DEBUG(0,("rpcclient_connect: connection failed\n")); + cli_shutdown(smb_cli); + return False; + } - /* - * oop! - */ + return True; +} - { - "", - NULL, - NULL, - {COMPL_NONE, COMPL_NONE} - } +/**************************************************************************** +stop the smb connection(s?) +****************************************************************************/ +static void rpcclient_stop(void) +{ + cli_shutdown(smb_cli); +} +/**************************************************************************** + This defines the commands supported by this client + ****************************************************************************/ +struct +{ + char *name; + void (*fn)(struct client_info*); + char *description; +} commands[] = +{ + {"regenum", cmd_reg_enum, " Registry Enumeration (keys, values)"}, + {"regdeletekey",cmd_reg_delete_key, " Registry Key Delete"}, + {"regcreatekey",cmd_reg_create_key, " [keyclass] Registry Key Create"}, + {"regquerykey",cmd_reg_query_key, " Registry Key Query"}, + {"regdeleteval",cmd_reg_delete_val, " Registry Value Delete"}, + {"regcreateval",cmd_reg_create_val, " Registry Key Create"}, + {"reggetsec", cmd_reg_get_key_sec, " Registry Key Security"}, + {"regtestsec", cmd_reg_test_key_sec, " Test Registry Key Security"}, + {"ntlogin", cmd_netlogon_login_test, "[username] [password] NT Domain login test"}, + {"wksinfo", cmd_wks_query_info, "Workstation Query Info"}, + {"srvinfo", cmd_srv_query_info, "Server Query Info"}, + {"srvsessions",cmd_srv_enum_sess, "List sessions on a server"}, + {"srvshares", cmd_srv_enum_shares, "List shares on a server"}, + {"srvconnections",cmd_srv_enum_conn, "List connections on a server"}, + {"srvfiles", cmd_srv_enum_files, "List files on a server"}, + {"lsaquery", cmd_lsa_query_info, "Query Info Policy (domain member or server)"}, + {"lookupsids", cmd_lsa_lookup_sids, "Resolve names from SIDs"}, + {"enumusers", cmd_sam_enum_users, "SAM User Database Query (experimental!)"}, + {"ntpass", cmd_sam_ntchange_pwd, "NT SAM Password Change"}, + {"samuser", cmd_sam_query_user, " SAM User Query (experimental!)"}, + {"samtest", cmd_sam_test , "SAM User Encrypted RPC test (experimental!)"}, + {"enumaliases",cmd_sam_enum_aliases, "SAM Aliases Database Query (experimental!)"}, +#if 0 + {"enumgroups", cmd_sam_enum_groups, "SAM Group Database Query (experimental!)"}, +#endif + {"samgroups", cmd_sam_query_groups, "SAM Group Database Query (experimental!)"}, + {"quit", cmd_quit, "logoff the server"}, + {"q", cmd_quit, "logoff the server"}, + {"exit", cmd_quit, "logoff the server"}, + {"bye", cmd_quit, "logoff the server"}, + {"help", cmd_help, "[command] give help on a command"}, + {"?", cmd_help, "[command] give help on a command"}, + {"!", NULL, "run a shell command on the local system"}, + {"", NULL, NULL} }; /**************************************************************************** do a (presumably graceful) quit... ****************************************************************************/ -static void cmd_quit(struct client_info *info, int argc, char *argv[]) +static void cmd_quit(struct client_info *info) { + rpcclient_stop(); #ifdef MEM_MAN { extern FILE* dbf; smb_mem_write_status(dbf); smb_mem_write_errors(dbf); smb_mem_write_verbose(dbf); - dbgflush(); } #endif - free_connections(); exit(0); } /**************************************************************************** help ****************************************************************************/ -static void cmd_help(struct client_info *info, int argc, char *argv[]) +static void cmd_help(struct client_info *info) { int i=0,j; + fstring buf; - if (argc > 1) + if (next_token(NULL,buf,NULL, sizeof(buf))) { - if ((i = process_tok(argv[1])) >= 0) + if ((i = process_tok(buf)) >= 0) fprintf(out_hnd, "HELP %s:\n\t%s\n\n",commands[i].name,commands[i].description); } else @@ -620,7 +187,7 @@ static void cmd_help(struct client_info *info, int argc, char *argv[]) lookup a command string in the list of commands, including abbreviations ******************************************************************/ -static int process_tok(char *tok) +static int process_tok(fstring tok) { int i = 0, matches = 0; int cmd=0; @@ -651,917 +218,204 @@ static int process_tok(char *tok) } /**************************************************************************** - turn command line into command argument array +wait for keyboard activity, swallowing network packets ****************************************************************************/ -static BOOL get_cmd_args(char *line) +static void wait_keyboard(struct cli_state *cli) { - char *ptr = line; - pstring tok; - cmd_argc = 0; - cmd_argv = NULL; - - /* get the first part of the command */ - if (!next_token(&ptr,tok,NULL, sizeof(tok))) - { - return False; - } - - do - { - add_chars_to_array(&cmd_argc, &cmd_argv, tok); - - } while (next_token(NULL, tok, NULL, sizeof(tok))); - - return True; + fd_set fds; + struct timeval timeout; + + while (1) + { + FD_ZERO(&fds); + FD_SET(cli->fd,&fds); + FD_SET(fileno(stdin),&fds); + + timeout.tv_sec = 20; + timeout.tv_usec = 0; + sys_select(MAX(cli->fd,fileno(stdin))+1,&fds,&timeout); + + if (FD_ISSET(fileno(stdin),&fds)) + return; + + /* We deliberately use receive_smb instead of + client_receive_smb as we want to receive + session keepalives and then drop them here. + */ + if (FD_ISSET(cli->fd,&fds)) + receive_smb(cli->fd,cli->inbuf,0); + } } -/* command options mask */ -static uint32 cmd_set_options = 0xffffffff; - /**************************************************************************** process commands from the client ****************************************************************************/ -static BOOL do_command(struct client_info *info, char *line) +static void do_command(struct client_info *info, char *tok, char *line) { int i; - if (!get_cmd_args(line)) return False; - - if (cmd_argc == 0) + if ((i = process_tok(tok)) >= 0) { - return False; - } - - cmd_set_options = 0x0; - - if ((i = process_tok(cmd_argv[0])) >= 0) - { - int argc = (int)cmd_argc; - char **argv = cmd_argv; - optind = 0; - - commands[i].fn(info, argc, argv); + commands[i].fn(info); } else if (i == -2) { - fprintf(out_hnd, "%s: command abbreviation ambiguous\n", - CNV_LANG(cmd_argv[0])); + fprintf(out_hnd, "%s: command abbreviation ambiguous\n", CNV_LANG(tok)); } else { - fprintf(out_hnd, "%s: command not found\n", - CNV_LANG(cmd_argv[0])); + fprintf(out_hnd, "%s: command not found\n", CNV_LANG(tok)); } - - free_char_array(cmd_argc, cmd_argv); - - return True; } - /**************************************************************************** process commands from the client ****************************************************************************/ static BOOL process( struct client_info *info, char *cmd_str) -{ - pstring line; - char *cmd = cmd_str; - - if (cmd != NULL) - { - while (cmd[0] != '\0') - { - char *p; - - if ((p = strchr(cmd, ';')) == 0) - { - strncpy(line, cmd, 999); - line[1000] = '\0'; - cmd += strlen(cmd); - } - else - { - if (p - cmd > 999) p = cmd + 999; - strncpy(line, cmd, p - cmd); - line[p - cmd] = '\0'; - cmd = p + 1; - } - - /* input language code to internal one */ - CNV_INPUT (line); - - if (!do_command(info, line)) continue; - } - } - else while (!feof(stdin)) - { - pstring pline; - BOOL at_sym = False; - pline[0] = 0; - safe_strcat(pline, "[", sizeof(pline)-1); - if (usr.domain[0] != 0) - { - safe_strcat(pline, usr.domain, sizeof(pline)-1); - safe_strcat(pline, "\\", sizeof(pline)-1); - at_sym = True; - } - if (usr.user_name[0] != 0) - { - safe_strcat(pline, usr.user_name, sizeof(pline)-1); - at_sym = True; - } - if (at_sym) - { - safe_strcat(pline, "@", sizeof(pline)-1); - } - - safe_strcat(pline, cli_info.dest_host, sizeof(pline)-1); - safe_strcat(pline, "]$ ", sizeof(pline)-1); - -#ifndef HAVE_LIBREADLINE - - /* display a prompt */ - fprintf(out_hnd, "%s", CNV_LANG(pline)); - fflush(out_hnd); - - cli_use_wait_keyboard(); - - /* and get a response */ - if (!fgets(line,1000,stdin)) - { - break; - } - -#else /* HAVE_LIBREADLINE */ - - if (!readline(pline)) - break; - - /* Copy read line to samba buffer */ - - pstrcpy(line, rl_line_buffer); - - /* Add to history */ - - if (strlen(line) > 0) - add_history(line); -#endif - /* input language code to internal one */ - CNV_INPUT (line); - - /* special case - first char is ! */ - if (*line == '!') - { - system(line + 1); - continue; - } - - fprintf(out_hnd, "%s\n", line); - - if (!do_command(info, line)) continue; - } - - return(True); -} - -/**************************************************************************** -usage on the program -****************************************************************************/ -static void usage(char *pname) -{ - fprintf(out_hnd, "Usage: %s [password] [-S server] [-U user] -[W domain] [-l log] ", - pname); - - fprintf(out_hnd, "\nVersion %s\n",VERSION); - fprintf(out_hnd, "\t-d debuglevel set the debuglevel\n"); - fprintf(out_hnd, "\t-S server connect to \\\\server\\IPC$ \n"); - fprintf(out_hnd, "\t-l log basename. Basename for log/debug files\n"); - fprintf(out_hnd, "\t-n netbios name. Use this name as my netbios name\n"); - fprintf(out_hnd, "\t-N don't ask for a password\n"); - fprintf(out_hnd, "\t-m max protocol set the max protocol level\n"); - fprintf(out_hnd, "\t-I dest IP use this IP to connect to\n"); - fprintf(out_hnd, "\t-E write messages to stderr instead of stdout\n"); - fprintf(out_hnd, "\t-U username set the network username\n"); - fprintf(out_hnd, "\t-U username%%pass set the network username and password\n"); - fprintf(out_hnd, "\t-W domain set the domain name\n"); - fprintf(out_hnd, "\t-c 'command string' execute semicolon separated commands\n"); - fprintf(out_hnd, "\t-t terminal code terminal i/o code {sjis|euc|jis7|jis8|junet|hex}\n"); - fprintf(out_hnd, "\n"); -} - -#ifdef HAVE_LIBREADLINE - -/**************************************************************************** -GNU readline completion functions -****************************************************************************/ - -/* Complete a remote registry enum */ - -static uint32 reg_list_len = 0; -static char **reg_name = NULL; - -static void reg_init(int val, const char *full_keyname, int num) -{ - switch (val) - { - case 0: - { - free_char_array(reg_list_len, reg_name); - reg_list_len = 0; - reg_name = NULL; - break; - } - default: - { - break; - } - } -} - -static void reg_key_list(const char *full_name, - const char *name, time_t key_mod_time) -{ - fstring key_name; - slprintf(key_name, sizeof(key_name)-1, "%s\\", name); - add_chars_to_array(®_list_len, ®_name, key_name); -} - -static void reg_val_list(const char *full_name, - const char* name, - uint32 type, - const BUFFER2 *value) -{ - add_chars_to_array(®_list_len, ®_name, name); -} - -static char *complete_regenum(char *text, int state) -{ - pstring full_keyname; - static uint32 i = 0; - - if (state == 0) - { - fstring srv_name; - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, cli_info.dest_host); - strupper(srv_name); - - if (cmd_argc >= 2 && cmd_argv != NULL && cmd_argv[1] != NULL) - { - char *sep; - split_server_keyname(srv_name, full_keyname, - cmd_argv[1]); - - sep = strrchr(full_keyname, '\\'); - if (sep != NULL) - { - *sep = 0; - } - } - - /* Iterate all keys / values */ - if (!msrpc_reg_enum_key(srv_name, full_keyname, - reg_init, reg_key_list, reg_val_list)) - { - return NULL; - } - - i = 0; - } - - for (; i < reg_list_len; i++) - { - if (text == NULL || text[0] == 0 || - strnequal(text, reg_name[i], strlen(text))) - { - char *name = strdup(reg_name[i]); - i++; - return name; - } - } - - return NULL; -} - - -static char *complete_samenum_usr(char *text, int state) -{ - static uint32 i = 0; - static uint32 num_usrs = 0; - static struct acct_info *sam = NULL; - - if (state == 0) - { - fstring srv_name; - fstring domain; - fstring sid; - DOM_SID sid1; - sid_copy(&sid1, &cli_info.dom.level5_sid); - sid_to_string(sid, &sid1); - fstrcpy(domain, cli_info.dom.level5_dom); - - if (sid1.num_auths == 0) - { - return NULL; - } - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, cli_info.dest_host); - strupper(srv_name); - - free(sam); - sam = NULL; - num_usrs = 0; - - /* Iterate all users */ - if (msrpc_sam_enum_users(srv_name, domain, &sid1, - &sam, &num_usrs, - NULL, NULL, NULL, NULL) == 0) - { - return NULL; - } - - i = 0; - } - - for (; i < num_usrs; i++) - { - char *usr_name = sam[i].acct_name; - if (text == NULL || text[0] == 0 || - strnequal(text, usr_name, strlen(text))) - { - char *name = strdup(usr_name); - i++; - return name; - } - } - - return NULL; -} - -static char *complete_samenum_als(char *text, int state) -{ - static uint32 i = 0; - static uint32 num_als = 0; - static struct acct_info *sam = NULL; - - if (state == 0) - { - fstring srv_name; - fstring domain; - fstring sid; - DOM_SID sid1; - sid_copy(&sid1, &cli_info.dom.level5_sid); - sid_to_string(sid, &sid1); - fstrcpy(domain, cli_info.dom.level5_dom); - - if (sid1.num_auths == 0) - { - return NULL; - } - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, cli_info.dest_host); - strupper(srv_name); - - free(sam); - sam = NULL; - num_als = 0; - - /* Iterate all aliases */ - if (msrpc_sam_enum_aliases(srv_name, domain, &sid1, - &sam, &num_als, - NULL, NULL, NULL) == 0) - { - return NULL; - } - - i = 0; - } - - for (; i < num_als; i++) - { - char *als_name = sam[i].acct_name; - if (text == NULL || text[0] == 0 || - strnequal(text, als_name, strlen(text))) - { - char *name = strdup(als_name); - i++; - return name; - } - } - - return NULL; -} - -static char *complete_samenum_grp(char *text, int state) -{ - static uint32 i = 0; - static uint32 num_grps = 0; - static struct acct_info *sam = NULL; - - if (state == 0) - { - fstring srv_name; - fstring domain; - fstring sid; - DOM_SID sid1; - sid_copy(&sid1, &cli_info.dom.level5_sid); - sid_to_string(sid, &sid1); - fstrcpy(domain, cli_info.dom.level5_dom); - - if (sid1.num_auths == 0) - { - return NULL; - } - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, cli_info.dest_host); - strupper(srv_name); - - free(sam); - sam = NULL; - num_grps = 0; - - /* Iterate all groups */ - if (msrpc_sam_enum_groups(srv_name, - domain, &sid1, - &sam, &num_grps, - NULL, NULL, NULL) == 0) - { - return NULL; - } - - i = 0; - } - - for (; i < num_grps; i++) - { - char *grp_name = sam[i].acct_name; - if (text == NULL || text[0] == 0 || - strnequal(text, grp_name, strlen(text))) - { - char *name = strdup(grp_name); - i++; - return name; - } - } - - return NULL; -} - -static char *complete_svcenum(char *text, int state) -{ - static uint32 i = 0; - static uint32 num_svcs = 0; - static ENUM_SRVC_STATUS *svc = NULL; - fstring srv_name; - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, cli_info.dest_host); - strupper(srv_name); - - - if (state == 0) - { - free(svc); - svc = NULL; - num_svcs = 0; - - /* Iterate all users */ - if (msrpc_svc_enum(srv_name, &svc, &num_svcs, - NULL, NULL) == 0) - { - return NULL; - } - - i = 0; - } - - for (; i < num_svcs; i++) - { - fstring svc_name; - unistr_to_ascii(svc_name, svc[i].uni_srvc_name.buffer, - sizeof(svc_name)-1); - - if (text == NULL || text[0] == 0 || - strnequal(text, svc_name, strlen(text))) - { - char *name = strdup(svc_name); - i++; - return name; - } - } - - return NULL; -} - -static char *complete_printersenum(char *text, int state) -{ - static uint32 i = 0; - static uint32 num = 0; - static PRINTER_INFO_1 **ctr = NULL; - - if (state == 0) - { - fstring srv_name; - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, cli_info.dest_host); - strupper(srv_name); - - free_print1_array(num, ctr); - ctr = NULL; - num = 0; - - /* Iterate all users */ - if (!msrpc_spoolss_enum_printers(srv_name, - 1, &num, (void***)&ctr, - NULL)) - { - return NULL; - } - - i = 0; - } - - for (; i < num; i++) - { - fstring name; - unistr_to_ascii(name, ctr[i]->name.buffer, - sizeof(name)-1); - - if (text == NULL || text[0] == 0 || - strnequal(text, name, strlen(text))) - { - char *copy = strdup(name); - i++; - return copy; - } - } - - return NULL; -} - -/* Complete an rpcclient command */ - -static char *complete_cmd(char *text, int state) -{ - static int cmd_index; - char *name; - - /* Initialise */ - - if (state == 0) { - cmd_index = 0; - } - - /* Return the next name which partially matches the list of commands */ - - while (strlen(name = commands[cmd_index++].name) > 0) { - if (strncmp(name, text, strlen(text)) == 0) { - return strdup(name); - } - } - - return NULL; -} - -/* Main completion function */ - -static char **completion_fn(char *text, int start, int end) -{ - pstring cmd_partial; - int cmd_index; - int num_words; - - int i; - char lastch = ' '; - - (void)get_cmd_args(rl_line_buffer); - - safe_strcpy(cmd_partial, rl_line_buffer, - MAX(sizeof(cmd_partial),end)-1); - - /* Complete rpcclient command */ - - if (start == 0) - { - return completion_matches(text, complete_cmd); - } - - /* Count # of words in command */ - - num_words = 0; - for (i = 0; i <= end; i++) { - if ((rl_line_buffer[i] != ' ') && (lastch == ' ')) - { - num_words++; - } - lastch = rl_line_buffer[i]; - } - - if (rl_line_buffer[end] == ' ') - num_words++; - - /* Work out which command we are completing for */ - - for (cmd_index = 0; strcmp(commands[cmd_index].name, "") != 0; - cmd_index++) { - - /* Check each command in array */ - - if (strncmp(rl_line_buffer, commands[cmd_index].name, - strlen(commands[cmd_index].name)) == 0) { - - /* Call appropriate completion function */ - - if (num_words == 2 || num_words == 3) - { - switch (commands[cmd_index].compl_args[num_words - 2]) - { - - case COMPL_SAMGRP: - return completion_matches(text, complete_samenum_grp); - - case COMPL_SAMALS: - return completion_matches(text, complete_samenum_als); - - case COMPL_SAMUSR: - return completion_matches(text, complete_samenum_usr); - - case COMPL_SVCLST: - return completion_matches(text, complete_svcenum); - - case COMPL_PRTLST: - return completion_matches(text, complete_printersenum); - - case COMPL_REGKEY: - return completion_matches(text, complete_regenum); - - default: - /* An invalid completion type */ - break; - } - } - } - } - - /* Eeek! */ - - return NULL; -} - -/* To avoid filename completion being activated when no valid - completions are found, we assign this stub completion function - to the rl_completion_entry_function variable. */ - -static char *complete_cmd_null(char *text, int state) -{ - return NULL; -} - -#endif /* HAVE_LIBREADLINE */ - -static void set_user_password(struct ntuser_creds *u, - BOOL got_pass, char *password) -{ - /* set the password cache info */ - if (got_pass) - { - if (password == NULL) - { - pwd_set_nullpwd(&(u->pwd)); - } - else - { - /* generate 16 byte hashes */ - pwd_make_lm_nt_16(&(u->pwd), password); - } - } - else - { - pwd_read(&(u->pwd), "Enter Password:", True); - } -} - -static void cmd_net(struct client_info *info, int argc, char *argv[]) -{ - int opt; - BOOL net_use = False; - BOOL net_use_add = True; - BOOL force_close = False; - struct ntuser_creds u; - fstring dest_host; - fstring srv_name; - BOOL null_pwd = False; - BOOL got_pwd = False; - pstring password; - extern struct ntuser_creds *usr_creds; - - copy_nt_creds(&u, usr_creds); - - pstrcpy(dest_host, cli_info.dest_host); - pstrcpy(u.user_name,optarg); - info->reuse = False; - - if (argc <= 1) - { - report(out_hnd, "net -S \\server [-U user%%pass] [-W domain] [-d] [-f]\n"); - report(out_hnd, "net -u\n"); - } - - while ((opt = getopt(argc, argv, "udS:U:W:")) != EOF) - { - switch (opt) - { - case 'u': - { - net_use = True; - break; - } - - case 'S': - { - pstrcpy(dest_host, optarg); - break; - } - - case 'U': - { - char *lp; - pstrcpy(u.user_name,optarg); - if ((lp=strchr(u.user_name,'%'))) - { - *lp = 0; - pstrcpy(password,lp+1); - memset(strchr(optarg,'%')+1,'X', - strlen(password)); - got_pwd = True; - } - if (u.user_name[0] == 0 && password[0] == 0) - { - null_pwd = True; - } - break; - } - - case 'N': - { - null_pwd = True; - } - case 'W': - { - pstrcpy(u.domain,optarg); - break; - } - - case 'd': - { - net_use_add = False; - break; - } - - case 'f': - { - force_close = True; - break; - } - - default: - { - report(out_hnd, "net -S \\server [-U user%%pass] [-W domain] [-d] [-f]\n"); - report(out_hnd, "net -u\n"); - break; - } - } - } - - if (strnequal("\\\\", dest_host, 2)) - { - fstrcpy(srv_name, dest_host); - } - else - { - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, dest_host); - } - strupper(srv_name); - - if (net_use) - { - int i; - uint32 num_uses; - struct use_info **use; - cli_net_use_enum(&num_uses, &use); - - if (num_uses == 0) - { - report(out_hnd, "No connections\n"); - } - else - { - report(out_hnd, "Connections:\n"); - - for (i = 0; i < num_uses; i++) - { - if (use[i] != NULL && use[i]->connected) - { - report(out_hnd, "Server:\t%s\t", - use[i]->srv_name); - report(out_hnd, "User:\t%s\t", - use[i]->user_name); - report(out_hnd, "Domain:\t%s\n", - use[i]->domain); - } - } - } - } - else if (net_use_add) +{ + pstring line; + char *cmd = cmd_str; + + if (cmd[0] != '\0') while (cmd[0] != '\0') { - if (null_pwd) + char *p; + fstring tok; + + if ((p = strchr(cmd, ';')) == 0) { - set_user_password(&u, True, NULL); + strncpy(line, cmd, 999); + line[1000] = '\0'; + cmd += strlen(cmd); } else { - set_user_password(&u, got_pwd, password); + if (p - cmd > 999) p = cmd + 999; + strncpy(line, cmd, p - cmd); + line[p - cmd] = '\0'; + cmd = p + 1; } - /* paranoia: destroy the local copy of the password */ - bzero(password, sizeof(password)); - - report(out_hnd, "Server:\t%s:\tUser:\t%s\tDomain:\t%s\n", - srv_name, u.user_name, u.domain); - report(out_hnd, "Connection:\t"); + /* input language code to internal one */ + CNV_INPUT (line); - if (cli_net_use_add(srv_name, &u, True, info->reuse) != NULL) - { - report(out_hnd, "OK\n"); - } - else + /* get the first part of the command */ { - report(out_hnd, "FAILED\n"); + char *ptr = line; + if (!next_token(&ptr,tok,NULL, sizeof(tok))) continue; } + + do_command(info, tok, line); } - else + else while (!feof(stdin)) { - BOOL closed; - report(out_hnd, "Server:\t%s:\tUser:\t%s\tDomain:\t%s\n", - srv_name, u.user_name, u.domain); - report(out_hnd, "Connection:\t"); + fstring tok; + + /* display a prompt */ + fprintf(out_hnd, "smb: %s> ", CNV_LANG(info->cur_dir)); + fflush(out_hnd); - if (!cli_net_use_del(srv_name, &u, force_close, &closed)) +#ifdef CLIX + line[0] = wait_keyboard(smb_cli); + /* this might not be such a good idea... */ + if ( line[0] == EOF) { - report(out_hnd, ": Does not exist\n"); + break; } - else if (force_close && closed) +#else + wait_keyboard(smb_cli); +#endif + + /* and get a response */ +#ifdef CLIX + fgets( &line[1],999, stdin); +#else + if (!fgets(line,1000,stdin)) { - report(out_hnd, ": Forcibly terminated\n"); + break; } - else if (closed) +#endif + + /* input language code to internal one */ + CNV_INPUT (line); + + /* special case - first char is ! */ + if (*line == '!') { - report(out_hnd, ": Terminated\n"); + system(line + 1); + continue; } - else + + fprintf(out_hnd, "%s\n", line); + + /* get the first part of the command */ { - report(out_hnd, ": Unlinked\n"); + char *ptr = line; + if (!next_token(&ptr,tok,NULL, sizeof(tok))) continue; } + + do_command(info, tok, line); } - /* paranoia: destroy the local copy of the password */ - bzero(password, sizeof(password)); + return(True); +} + +/**************************************************************************** +usage on the program +****************************************************************************/ +static void usage(char *pname) +{ + fprintf(out_hnd, "Usage: %s service [-d debuglevel] [-l log] ", + pname); + + fprintf(out_hnd, "\nVersion %s\n",VERSION); + fprintf(out_hnd, "\t-d debuglevel set the debuglevel\n"); + fprintf(out_hnd, "\t-l log basename. Basename for log/debug files\n"); + fprintf(out_hnd, "\t-n netbios name. Use this name as my netbios name\n"); + fprintf(out_hnd, "\t-N don't ask for a password\n"); + fprintf(out_hnd, "\t-m max protocol set the max protocol level\n"); + fprintf(out_hnd, "\t-I dest IP use this IP to connect to\n"); + fprintf(out_hnd, "\t-E write messages to stderr instead of stdout\n"); + fprintf(out_hnd, "\t-U username set the network username\n"); + fprintf(out_hnd, "\t-W workgroup set the workgroup name\n"); + fprintf(out_hnd, "\t-c command string execute semicolon separated commands\n"); + fprintf(out_hnd, "\t-t terminal code terminal i/o code {sjis|euc|jis7|jis8|junet|hex}\n"); + fprintf(out_hnd, "\n"); } -#define CMD_STR 0x1 -#define CMD_DBF 0x2 -#define CMD_SVC 0x4 -#define CMD_TERM 0x8 -#define CMD_PASS 0x10 -#define CMD_USER 0x20 -#define CMD_NOPW 0x40 -#define CMD_DBLV 0x80 -#define CMD_HELP 0x100 -#define CMD_SOCK 0x200 -#define CMD_IFACE 0x400 -#define CMD_DOM 0x800 -#define CMD_IP 0x1000 -#define CMD_HOST 0x2000 -#define CMD_NAME 0x4000 -#define CMD_DBG 0x8000 -#define CMD_SCOPE 0x10000 -#define CMD_INTER 0x20000 - -static void cmd_set(struct client_info *info, int argc, char *argv[]) +enum client_action +{ + CLIENT_NONE, + CLIENT_IPC, + CLIENT_SVC +}; + +/**************************************************************************** + main program +****************************************************************************/ + int main(int argc,char *argv[]) { BOOL interactive = True; - char *cmd_str = NULL; + int opt; extern FILE *dbf; extern char *optarg; + extern int optind; static pstring servicesf = CONFIGFILE; pstring term_code; + char *p; + BOOL got_pass = False; + char *cmd_str=""; + mode_t myumask = 0755; + enum client_action cli_action = CLIENT_NONE; + + struct client_info cli_info; + pstring password; /* local copy only, if one is entered */ - info->reuse = False; + + out_hnd = stdout; + fstrcpy(debugf, argv[0]); + + rpcclient_init(); #ifdef KANJI pstrcpy(term_code, KANJI); @@ -1569,29 +423,138 @@ static void cmd_set(struct client_info *info, int argc, char *argv[]) *term_code = 0; #endif /* KANJI */ + DEBUGLEVEL = 2; + + cli_info.put_total_size = 0; + cli_info.put_total_time_ms = 0; + cli_info.get_total_size = 0; + cli_info.get_total_time_ms = 0; + + cli_info.dir_total = 0; + cli_info.newer_than = 0; + cli_info.archive_level = 0; + cli_info.print_mode = 1; + + cli_info.translation = False; + cli_info.recurse_dir = False; + cli_info.lowercase = False; + cli_info.prompt = True; + cli_info.abort_mget = True; + + cli_info.dest_ip.s_addr = 0; + cli_info.name_type = 0x20; + + pstrcpy(cli_info.cur_dir , "\\"); + pstrcpy(cli_info.file_sel, ""); + pstrcpy(cli_info.base_dir, ""); + pstrcpy(smb_cli->domain, ""); + pstrcpy(smb_cli->user_name, ""); + pstrcpy(cli_info.myhostname, ""); + pstrcpy(cli_info.dest_host, ""); + + pstrcpy(cli_info.svc_type, "A:"); + pstrcpy(cli_info.share, ""); + pstrcpy(cli_info.service, ""); + + ZERO_STRUCT(cli_info.dom.level3_sid); + ZERO_STRUCT(cli_info.dom.level5_sid); + fstrcpy(cli_info.dom.level3_dom, ""); + fstrcpy(cli_info.dom.level5_dom, ""); + + smb_cli->nt_pipe_fnum = 0xffff; + + TimeInit(); + charset_initialise(); + + myumask = umask(0); + umask(myumask); + + if (!get_myname(global_myname)) + { + fprintf(stderr, "Failed to get my hostname.\n"); + } + + if (getenv("USER")) + { + pstrcpy(smb_cli->user_name,getenv("USER")); + + /* modification to support userid%passwd syntax in the USER var + 25.Aug.97, jdblair@uab.edu */ + + if ((p=strchr(smb_cli->user_name,'%'))) + { + *p = 0; + pstrcpy(password,p+1); + got_pass = True; + memset(strchr(getenv("USER"),'%')+1,'X',strlen(password)); + } + strupper(smb_cli->user_name); + } + + password[0] = 0; + + /* modification to support PASSWD environmental var + 25.Aug.97, jdblair@uab.edu */ + if (getenv("PASSWD")) + { + pstrcpy(password,getenv("PASSWD")); + } + + if (*smb_cli->user_name == 0 && getenv("LOGNAME")) + { + pstrcpy(smb_cli->user_name,getenv("LOGNAME")); + strupper(smb_cli->user_name); + } + + if (argc < 2) + { + usage(argv[0]); + exit(1); + } - if (argc > 1 && *argv[1] != '-') + if (*argv[1] != '-') { + + pstrcpy(cli_info.service, argv[1]); + /* Convert any '/' characters in the service name to '\' characters */ + string_replace( cli_info.service, '/','\\'); + argc--; + argv++; + + fprintf(out_hnd, "service: %s\n", cli_info.service); + + if (count_chars(cli_info.service,'\\') < 3) + { + usage(argv[0]); + printf("\n%s: Not enough '\\' characters in service\n", cli_info.service); + exit(1); + } + + /* + if (count_chars(cli_info.service,'\\') > 3) + { + usage(pname); + printf("\n%s: Too many '\\' characters in service\n", cli_info.service); + exit(1); + } + */ + if (argc > 1 && (*argv[1] != '-')) { - cmd_set_options |= CMD_PASS; + got_pass = True; pstrcpy(password,argv[1]); memset(argv[1],'X',strlen(argv[1])); argc--; argv++; } + + cli_action = CLIENT_SVC; } - while ((opt = getopt(argc, argv, "Rs:B:O:M:S:i:N:n:d:l:hI:EB:U:L:t:m:W:T:D:c:")) != EOF) + while ((opt = getopt(argc, argv,"s:O:M:S:i:N:n:d:l:hI:EB:U:L:t:m:W:T:D:c:")) != EOF) { switch (opt) { - case 'R': - { - info->reuse = True; - break; - } - case 'm': { /* FIXME ... max_protocol seems to be funny here */ @@ -1604,29 +567,20 @@ static void cmd_set(struct client_info *info, int argc, char *argv[]) case 'O': { - cmd_set_options |= CMD_SOCK; pstrcpy(user_socket_options,optarg); break; } case 'S': { - cmd_set_options |= CMD_HOST; pstrcpy(cli_info.dest_host,optarg); strupper(cli_info.dest_host); - break; - } - - case 'B': - { - cmd_set_options |= CMD_IFACE; - iface_set_default(NULL,optarg,NULL); + cli_action = CLIENT_IPC; break; } case 'i': { - cmd_set_options |= CMD_SCOPE; pstrcpy(scope, optarg); break; } @@ -1634,43 +588,34 @@ static void cmd_set(struct client_info *info, int argc, char *argv[]) case 'U': { char *lp; - cmd_set_options |= CMD_USER; - pstrcpy(usr.user_name,optarg); - if ((lp=strchr(usr.user_name,'%'))) + pstrcpy(smb_cli->user_name,optarg); + if ((lp=strchr(smb_cli->user_name,'%'))) { *lp = 0; pstrcpy(password,lp+1); - cmd_set_options |= CMD_PASS; + got_pass = True; memset(strchr(optarg,'%')+1,'X',strlen(password)); } - if (usr.user_name[0] == 0 && password[0] == 0) - { - cmd_set_options |= CMD_NOPW; - } break; } case 'W': { - cmd_set_options |= CMD_DOM; - pstrcpy(usr.domain,optarg); + pstrcpy(smb_cli->domain,optarg); break; } case 'E': { - cmd_set_options |= CMD_DBG; dbf = stderr; break; } case 'I': { - cmd_set_options |= CMD_IP; cli_info.dest_ip = *interpret_addr2(optarg); if (zero_ip(cli_info.dest_ip)) { - free_connections(); exit(1); } break; @@ -1678,20 +623,18 @@ static void cmd_set(struct client_info *info, int argc, char *argv[]) case 'n': { - cmd_set_options |= CMD_NAME; fstrcpy(global_myname, optarg); break; } case 'N': { - cmd_set_options |= CMD_NOPW | CMD_PASS; + got_pass = True; break; } case 'd': { - cmd_set_options |= CMD_DBLV; if (*optarg == 'A') DEBUGLEVEL = 10000; else @@ -1701,7 +644,6 @@ static void cmd_set(struct client_info *info, int argc, char *argv[]) case 'l': { - cmd_set_options |= CMD_INTER; slprintf(debugf, sizeof(debugf)-1, "%s.client", optarg); interactive = False; @@ -1710,221 +652,121 @@ static void cmd_set(struct client_info *info, int argc, char *argv[]) case 'c': { - cmd_set_options |= CMD_STR | CMD_PASS; cmd_str = optarg; + got_pass = True; break; } case 'h': { - cmd_set_options |= CMD_HELP; usage(argv[0]); + exit(0); break; } case 's': { - cmd_set_options |= CMD_SVC; pstrcpy(servicesf, optarg); break; } case 't': { - cmd_set_options |= CMD_TERM; pstrcpy(term_code, optarg); break; } default: { - cmd_set_options |= CMD_HELP; usage(argv[0]); + exit(1); break; } } } - DEBUG(10,("cmd_set: options: %x\n", cmd_set_options)); - - if (IS_BITS_SET_ALL(cmd_set_options, CMD_HELP)) - { - return; - } - - if (IS_BITS_SET_ALL(cmd_set_options, CMD_INTER)) - { - setup_logging(debugf, interactive); - reopen_logs(); - } + setup_logging(debugf, interactive); - if (IS_BITS_SET_ALL(cmd_set_options, CMD_NOPW)) + if (cli_action == CLIENT_NONE) { - set_user_password(&usr, True, NULL); - } - else if (IS_BITS_SET_ALL(cmd_set_options, CMD_PASS)) - { - set_user_password(&usr, True, password); + usage(argv[0]); + exit(1); } - /* paranoia: destroy the local copy of the password */ - bzero(password, sizeof(password)); - strupper(global_myname); fstrcpy(cli_info.myhostname, global_myname); - if (IS_BITS_SET_ALL(cmd_set_options, CMD_SVC)) - { - if (!lp_load(servicesf,True, False, False)) - { - fprintf(stderr, "Can't load %s - run testparm to debug it\n", servicesf); - } - - } + DEBUG(3,("%s client started (version %s)\n",timestring(False),VERSION)); - if (IS_BITS_SET_ALL(cmd_set_options, CMD_INTER)) + if (!lp_load(servicesf,True, False, False)) { - load_interfaces(); + fprintf(stderr, "Can't load %s - run testparm to debug it\n", servicesf); } - if (cmd_str != NULL) - { - process(&cli_info, cmd_str); - } -} + codepage_initialise(lp_client_code_page()); -static void read_user_env(struct ntuser_creds *u) -{ - pstring password; + if (*smb_cli->domain == 0) pstrcpy(smb_cli->domain,lp_workgroup()); - password[0] = 0; + load_interfaces(); - if (getenv("USER")) + if (cli_action == CLIENT_IPC) { - char *p; - pstrcpy(u->user_name,getenv("USER")); + pstrcpy(cli_info.share, "IPC$"); + pstrcpy(cli_info.svc_type, "IPC"); + } - /* modification to support userid%passwd syntax in the USER var - 25.Aug.97, jdblair@uab.edu */ + fstrcpy(cli_info.mach_acct, cli_info.myhostname); + strupper(cli_info.mach_acct); + fstrcat(cli_info.mach_acct, "$"); - if ((p=strchr(u->user_name,'%'))) + /* set the password cache info */ + if (got_pass) + { + if (password[0] == 0) { - *p = 0; - pstrcpy(password,p+1); - memset(strchr(getenv("USER"),'%')+1,'X',strlen(password)); + pwd_set_nullpwd(&(smb_cli->pwd)); + } + else + { + pwd_make_lm_nt_16(&(smb_cli->pwd), password); /* generate 16 byte hashes */ } - strupper(u->user_name); - } - - /* modification to support PASSWD environmental var - 25.Aug.97, jdblair@uab.edu */ - if (getenv("PASSWD")) - { - pstrcpy(password,getenv("PASSWD")); } - - if (*u->user_name == 0 && getenv("LOGNAME")) + else { - pstrcpy(u->user_name,getenv("LOGNAME")); - strupper(u->user_name); + pwd_read(&(smb_cli->pwd), "Enter Password:", True); } - set_user_password(u, True, password); - /* paranoia: destroy the local copy of the password */ - bzero(password, sizeof(password)); -} - -void readline_init(void) -{ -#ifdef HAVE_LIBREADLINE - - /* Initialise GNU Readline */ - - rl_readline_name = "rpcclient"; - rl_attempted_completion_function = completion_fn; - rl_completion_entry_function = (Function *)complete_cmd_null; - - /* Initialise history list */ - - using_history(); - -#else - int x; - x = 0; /* stop compiler warnings */ -#endif /* HAVE_LIBREADLINE */ -} - -/**************************************************************************** - main program -****************************************************************************/ - int main(int argc,char *argv[]) -{ - extern struct ntuser_creds *usr_creds; - mode_t myumask = 0755; - - DEBUGLEVEL = 2; - - usr.ntlmssp_flags = 0x0; - - usr_creds = &usr; - out_hnd = stdout; - fstrcpy(debugf, argv[0]); - - init_policy_hnd(64); - - pstrcpy(usr.domain, ""); - pstrcpy(usr.user_name, ""); - - pstrcpy(cli_info.myhostname, ""); - pstrcpy(cli_info.dest_host, ""); - cli_info.dest_ip.s_addr = 0; - - ZERO_STRUCT(cli_info.dom.level3_sid); - ZERO_STRUCT(cli_info.dom.level5_sid); - fstrcpy(cli_info.dom.level3_dom, ""); - fstrcpy(cli_info.dom.level5_dom, ""); - - readline_init(); - TimeInit(); - charset_initialise(); - init_connections(); + memset((char *)password, '\0', sizeof(password)); - myumask = umask(0); - umask(myumask); + /* establish connections. nothing to stop these being re-established. */ + rpcclient_connect(&cli_info); - if (!get_myname(global_myname, NULL)) + DEBUG(5,("rpcclient_connect: smb_cli->fd:%d\n", smb_cli->fd)); + if (smb_cli->fd <= 0) { - fprintf(stderr, "Failed to get my hostname.\n"); + fprintf(stderr, "warning: connection could not be established to %s<%02x>\n", + cli_info.dest_host, cli_info.name_type); + fprintf(stderr, "this version of smbclient may crash if you proceed\n"); + exit(-1); } - if (argc < 2) + switch (cli_action) { - usage(argv[0]); - free_connections(); - exit(1); - } - - read_user_env(&usr); - - cmd_set_options &= ~CMD_HELP; - cmd_set_options &= ~CMD_NOPW; - - cmd_set(&cli_info, argc, argv); + case CLIENT_IPC: + { + process(&cli_info, cmd_str); + break; + } - if (IS_BITS_SET_ALL(cmd_set_options, CMD_HELP)) - { - free_connections(); - exit(0); + default: + { + fprintf(stderr, "unknown client action requested\n"); + break; + } } - codepage_initialise(lp_client_code_page()); - - DEBUG(3,("%s client started (version %s)\n",timestring(),VERSION)); - - process(&cli_info, NULL); - - free_connections(); + rpcclient_stop(); return(0); } -- cgit