From 1c6c4e7e39bde99f8d312516ba530b905bc01da7 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Fri, 19 Nov 1999 00:12:16 +0000 Subject: added \PIPE\browser plus experimental brsinfo command. you wouldn't believe the XXXX that MIGHT be involved in getting nt5rc2 to join a samba domain... (This used to be commit 569babb3935950c1b64396955541abf276cc1d92) --- source3/Makefile.in | 5 +- source3/include/ntdomain.h | 1 + source3/include/proto.h | 21 +++++ source3/include/rpc_brs.h | 81 +++++++++++++++++++ source3/include/smb.h | 3 +- source3/rpc_client/cli_brs.c | 89 +++++++++++++++++++++ source3/rpc_parse/parse_brs.c | 180 ++++++++++++++++++++++++++++++++++++++++++ source3/rpc_parse/parse_rpc.c | 11 +++ source3/rpcclient/cmd_brs.c | 96 ++++++++++++++++++++++ source3/rpcclient/rpcclient.c | 6 ++ 10 files changed, 491 insertions(+), 2 deletions(-) create mode 100644 source3/include/rpc_brs.h create mode 100644 source3/rpc_client/cli_brs.c create mode 100644 source3/rpc_parse/parse_brs.c create mode 100644 source3/rpcclient/cmd_brs.c (limited to 'source3') diff --git a/source3/Makefile.in b/source3/Makefile.in index a501da09b6..37cf1317d7 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -144,7 +144,8 @@ RPC_PARSE_OBJ1 = rpc_parse/parse_lsa.o \ rpc_parse/parse_samr.o rpc_parse/parse_srv.o \ rpc_parse/parse_wks.o rpc_parse/parse_sec.o \ rpc_parse/parse_svc.o rpc_parse/parse_at.o \ - rpc_parse/parse_spoolss.o rpc_parse/parse_eventlog.o + rpc_parse/parse_spoolss.o rpc_parse/parse_eventlog.o \ + rpc_parse/parse_brs.o RPC_PARSE_OBJ2 = rpc_parse/parse_rpc.o rpc_parse/parse_prs.o \ rpc_parse/parse_misc.o @@ -160,6 +161,7 @@ RPC_CLIENT_OBJ = \ rpc_client/cli_spoolss.o \ rpc_client/cli_lsarpc.o \ rpc_client/cli_wkssvc.o \ + rpc_client/cli_brs.o \ rpc_client/cli_srvsvc.o \ rpc_client/cli_svcctl.o \ rpc_client/cli_samr.o \ @@ -252,6 +254,7 @@ RPCCLIENT_OBJ = rpcclient/rpcclient.o \ rpcclient/display.o \ rpcclient/cmd_lsarpc.o \ rpcclient/cmd_wkssvc.o \ + rpcclient/cmd_brs.o \ rpcclient/cmd_samr.o \ rpcclient/cmd_reg.o \ rpcclient/cmd_srvsvc.o \ diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h index 4f6cc85905..67befd81dc 100644 --- a/source3/include/ntdomain.h +++ b/source3/include/ntdomain.h @@ -42,6 +42,7 @@ #include "rpc_srvsvc.h" #include "rpc_svcctl.h" #include "rpc_wkssvc.h" +#include "rpc_brs.h" #include "rpc_atsvc.h" #include "rpc_spoolss.h" #include "rpc_eventlog.h" diff --git a/source3/include/proto.h b/source3/include/proto.h index 38f868ef00..bd38d58136 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1741,6 +1741,12 @@ BOOL at_enum_jobs(struct cli_state *cli, uint16 fnum, BOOL at_query_job(struct cli_state *cli, uint16 fnum, char *server_name, uint32 jobid, AT_JOB_INFO *job, fstring command); +/*The following definitions come from rpc_client/cli_brs.c */ + +BOOL do_brs_query_info(struct cli_state *cli, uint16 fnum, + const char *server_name, uint32 switch_value, + void *id); + /*The following definitions come from rpc_client/cli_eventlog.c */ BOOL do_event_open(struct cli_state *cli, uint16 fnum, char *log, POLICY_HND *hnd); @@ -2182,6 +2188,17 @@ BOOL make_at_q_query_job(AT_Q_QUERY_JOB *q_q, char *server, uint32 jobid); BOOL at_io_q_query_job(char *desc, AT_Q_QUERY_JOB *q_q, prs_struct *ps, int depth); BOOL at_io_r_query_job(char *desc, AT_R_QUERY_JOB *r_q, prs_struct *ps, int depth); +/*The following definitions come from rpc_parse/parse_brs.c */ + +BOOL make_brs_q_query_info(BRS_Q_QUERY_INFO *q_u, + const char *server, uint16 switch_value) ; +BOOL brs_io_q_query_info(char *desc, BRS_Q_QUERY_INFO *q_u, prs_struct *ps, int depth); +BOOL make_brs_info_100(BRS_INFO_100 *inf); +BOOL make_brs_r_query_info(BRS_R_QUERY_INFO *r_u, + uint32 switch_value, void *inf, + int status) ; +BOOL brs_io_r_query_info(char *desc, BRS_R_QUERY_INFO *r_u, prs_struct *ps, int depth); + /*The following definitions come from rpc_parse/parse_eventlog.c */ BOOL make_eventlog_q_open(EVENTLOG_Q_OPEN *q_u, char *journal, char *unk); @@ -3395,6 +3412,10 @@ BOOL api_wkssvc_rpc(pipes_struct *p, prs_struct *data); void cmd_at(struct client_info *info); +/*The following definitions come from rpcclient/cmd_brs.c */ + +void cmd_brs_query_info(struct client_info *info); + /*The following definitions come from rpcclient/cmd_eventlog.c */ void cmd_eventlog(struct client_info *info); diff --git a/source3/include/rpc_brs.h b/source3/include/rpc_brs.h new file mode 100644 index 0000000000..36d89ec151 --- /dev/null +++ b/source3/include/rpc_brs.h @@ -0,0 +1,81 @@ +/* + Unix SMB/Netbios implementation. + Version 1.9. + SMB parameters and setup + Copyright (C) Andrew Tridgell 1992-1999 + Copyright (C) Luke Kenneth Casson Leighton 1996-1999 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#ifndef _RPC_BRS_H /* _RPC_BRS_H */ +#define _RPC_BRS_H + + +/* brssvc pipe */ +#define BRS_QUERY_INFO 0x02 + + +/* BRS_Q_QUERY_INFO - probably a capabilities request */ +typedef struct q_brs_query_info_info +{ + uint32 ptr_srv_name; /* pointer (to server name?) */ + UNISTR2 uni_srv_name; /* unicode server name starting with '\\' */ + + uint16 switch_value1; /* info level 100 (0x64) */ + /* align */ + uint16 switch_value2; /* info level 100 (0x64) */ + + uint32 ptr; + uint32 pad1; + uint32 pad2; + +} BRS_Q_QUERY_INFO; + + +/* BRS_INFO_100 - level 100 info */ +typedef struct brs_info_100_info +{ + uint32 pad1; + uint32 ptr2; + uint32 pad2; + uint32 pad3; + +} BRS_INFO_100; + + +/* BRS_R_QUERY_INFO - probably a capabilities request */ +typedef struct r_brs_query_info_info +{ + uint16 switch_value1; /* 100 (0x64) - switch value */ + /* align */ + uint16 switch_value2; /* info level 100 (0x64) */ + + /* for now, only level 100 is supported. this should be an enum container */ + uint32 ptr_1; /* pointer 1 */ + + union + { + BRS_INFO_100 *brs100; /* browser info level 100 */ + void *id; + + } info; + + uint32 status; /* return status */ + +} BRS_R_QUERY_INFO; + +#endif /* _RPC_BRS_H */ + diff --git a/source3/include/smb.h b/source3/include/smb.h index dccc05ea6a..60bf7d715c 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -249,6 +249,7 @@ typedef char fstring[FSTRING_LEN]; /* pipe string names */ #define PIPE_LANMAN "\\PIPE\\LANMAN" +#define PIPE_BROWSER "\\PIPE\\browser" #define PIPE_SRVSVC "\\PIPE\\srvsvc" #define PIPE_SAMR "\\PIPE\\samr" #define PIPE_WINREG "\\PIPE\\winreg" @@ -261,7 +262,7 @@ typedef char fstring[FSTRING_LEN]; #define PIPE_LSARPC "\\PIPE\\lsarpc" #define PIPE_EPMAPPER "\\PIPE\\epmapper" #define PIPE_ATSVC "\\PIPE\\atsvc" -#define PIPE_SPOOLSS "\\pipe\\spoolss" +#define PIPE_SPOOLSS "\\PIPE\\spoolss" #define PIPE_EVENTLOG "\\PIPE\\EVENTLOG" /* 64 bit time (100usec) since ????? - cifs6.txt, section 3.5, page 30 */ diff --git a/source3/rpc_client/cli_brs.c b/source3/rpc_client/cli_brs.c new file mode 100644 index 0000000000..01fc043953 --- /dev/null +++ b/source3/rpc_client/cli_brs.c @@ -0,0 +1,89 @@ + +/* + * Unix SMB/Netbios implementation. + * Version 1.9. + * RPC Pipe client / server routines + * Copyright (C) Andrew Tridgell 1992-1999, + * Copyright (C) Luke Kenneth Casson Leighton 1996-1999, + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + + +#ifdef SYSLOG +#undef SYSLOG +#endif + +#include "includes.h" + +extern int DEBUGLEVEL; + +/**************************************************************************** +do a BRS Query +****************************************************************************/ +BOOL do_brs_query_info(struct cli_state *cli, uint16 fnum, + const char *server_name, uint32 switch_value, + void *id) +{ + prs_struct rbuf; + prs_struct buf; + BRS_Q_QUERY_INFO q_o; + BOOL valid_info = False; + + if (server_name == NULL || id == NULL) return False; + + prs_init(&buf , 1024, 4, SAFETY_MARGIN, False); + prs_init(&rbuf, 0 , 4, SAFETY_MARGIN, True ); + + /* create and send a MSRPC command with api BRS_QUERY_INFO */ + + DEBUG(4,("BRS Query Info\n")); + + /* store the parameters */ + make_brs_q_query_info(&q_o, server_name, switch_value); + + /* turn parameters into data stream */ + brs_io_q_query_info("", &q_o, &buf, 0); + + /* send the data on \PIPE\ */ + if (rpc_api_pipe_req(cli, fnum, BRS_QUERY_INFO, &buf, &rbuf)) + { + BRS_R_QUERY_INFO r_o; + BOOL p; + + r_o.info.id = id; + + brs_io_r_query_info("", &r_o, &rbuf, 0); + p = rbuf.offset != 0; + + if (p && r_o.status != 0) + { + /* report error code */ + DEBUG(0,("BRS_R_QUERY_INFO: %s\n", get_nt_error_msg(r_o.status))); + p = False; + } + + if (p) + { + valid_info = True; + } + } + + prs_mem_free(&rbuf); + prs_mem_free(&buf ); + + return valid_info; +} + diff --git a/source3/rpc_parse/parse_brs.c b/source3/rpc_parse/parse_brs.c new file mode 100644 index 0000000000..723866e9f9 --- /dev/null +++ b/source3/rpc_parse/parse_brs.c @@ -0,0 +1,180 @@ + +/* + * Unix SMB/Netbios implementation. + * Version 1.9. + * RPC Pipe client / server routines + * Copyright (C) Andrew Tridgell 1992-1999, + * Copyright (C) Luke Kenneth Casson Leighton 1996-1999, + * Copyright (C) Paul Ashton 1997-1999. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + + +#include "includes.h" + +extern int DEBUGLEVEL; + + +/******************************************************************* + make_brs_q_query_info + ********************************************************************/ +BOOL make_brs_q_query_info(BRS_Q_QUERY_INFO *q_u, + const char *server, uint16 switch_value) +{ + DEBUG(5,("make_brs_q_query_info\n")); + + make_buf_unistr2(&(q_u->uni_srv_name), &(q_u->ptr_srv_name), server); + q_u->switch_value1 = switch_value; + q_u->switch_value2 = switch_value; + + q_u->ptr = 1; + q_u->pad1 = 0x0; + q_u->pad2 = 0x0; + + return True; +} + +/******************************************************************* +reads or writes a BRS_Q_QUERY_INFO structure. +********************************************************************/ +BOOL brs_io_q_query_info(char *desc, BRS_Q_QUERY_INFO *q_u, prs_struct *ps, int depth) +{ + if (q_u == NULL) return False; + + prs_debug(ps, depth, desc, "brs_io_q_query_info"); + depth++; + + prs_align(ps); + + prs_uint32("ptr_srv_name", ps, depth, &(q_u->ptr_srv_name)); + smb_io_unistr2("", &(q_u->uni_srv_name), q_u->ptr_srv_name, ps, depth); + prs_align(ps); + + prs_uint16("switch_value1", ps, depth, &(q_u->switch_value1)); + prs_align(ps); + + prs_uint16("switch_value2", ps, depth, &(q_u->switch_value2)); + prs_align(ps); + + prs_uint32("ptr", ps, depth, &(q_u->ptr)); + if (q_u->ptr) + { + prs_uint32("pad1", ps, depth, &(q_u->pad1)); + } + + prs_uint32("pad2", ps, depth, &(q_u->pad2)); + + return True; +} + +/******************************************************************* + brs_info_100 + ********************************************************************/ +BOOL make_brs_info_100(BRS_INFO_100 *inf) +{ + DEBUG(5,("BRS_INFO_100: %d\n", __LINE__)); + + inf->pad1 = 0x0; + inf->ptr2 = 0x1; + inf->pad2 = 0x0; + inf->pad3 = 0x0; + + return True; +} + +/******************************************************************* +reads or writes a BRS_INFO_100 structure. +********************************************************************/ +static BOOL brs_io_brs_info_100(char *desc, BRS_INFO_100 *inf, prs_struct *ps, int depth) +{ + if (inf == NULL) return False; + + prs_debug(ps, depth, desc, "brs_io_brs_info_100"); + depth++; + + prs_align(ps); + + prs_uint32("pad1", ps, depth, &(inf->pad1)); + prs_uint32("ptr2", ps, depth, &(inf->ptr2)); + prs_uint32("pad2", ps, depth, &(inf->pad2)); + prs_uint32("pad3", ps, depth, &(inf->pad3)); + + return True; +} + +/******************************************************************* + make_brs_r_query_info + + only supports info level 100 at the moment. + + ********************************************************************/ +BOOL make_brs_r_query_info(BRS_R_QUERY_INFO *r_u, + uint32 switch_value, void *inf, + int status) +{ + DEBUG(5,("make_brs_r_unknown_0: %d\n", __LINE__)); + + r_u->switch_value1 = switch_value; /* same as in request */ + r_u->switch_value2 = switch_value; /* same as in request */ + + r_u->ptr_1 = inf != NULL ? 1 : 0; /* pointer 1 */ + r_u->info.id = inf; + + r_u->status = status; + + return True; +} + +/******************************************************************* +reads or writes a structure. +********************************************************************/ +BOOL brs_io_r_query_info(char *desc, BRS_R_QUERY_INFO *r_u, prs_struct *ps, int depth) +{ + if (r_u == NULL) return False; + + prs_debug(ps, depth, desc, "brs_io_r_query_info"); + depth++; + + prs_align(ps); + + prs_uint16("switch_value1", ps, depth, &(r_u->switch_value1)); + prs_align(ps); + + prs_uint16("switch_value2", ps, depth, &(r_u->switch_value2)); + prs_align(ps); + + prs_uint32("ptr_1 ", ps, depth, &(r_u->ptr_1)); + if (r_u->ptr_1 != 0x0) + { + switch (r_u->switch_value1) + { + case 100: + { + brs_io_brs_info_100("inf", r_u->info.brs100, ps, depth); + break; + } + default: + { + break; + } + } + } + + prs_uint32("status ", ps, depth, &(r_u->status)); + + return True; +} + diff --git a/source3/rpc_parse/parse_rpc.c b/source3/rpc_parse/parse_rpc.c index 82b0be2802..819e441742 100644 --- a/source3/rpc_parse/parse_rpc.c +++ b/source3/rpc_parse/parse_rpc.c @@ -52,6 +52,16 @@ interface/version dce/rpc pipe identification }, 0x02 \ } \ +#define SYNT_BROWSER_V0 \ +{ \ + { \ + 0x98, 0xd0, 0xff, 0x6b, \ + 0x12, 0xa1, 0x10, 0x36, \ + 0x98, 0x33, 0x01, 0x28, \ + 0x92, 0x02, 0x01, 0x62 \ + }, 0x00 \ +} \ + #define SYNT_NETLOGON_V2 \ { \ { \ @@ -166,6 +176,7 @@ struct pipe_id_info pipe_names [] = { /* client pipe , abstract syntax , server pipe , transfer syntax */ { PIPE_LSARPC , SYNT_LSARPC_V0 , PIPE_LSASS , TRANS_SYNT_V2 }, + { PIPE_BROWSER , SYNT_BROWSER_V0 , PIPE_NTSVCS , TRANS_SYNT_V2 }, { PIPE_SAMR , SYNT_SAMR_V1 , PIPE_LSASS , TRANS_SYNT_V2 }, { PIPE_NETLOGON, SYNT_NETLOGON_V1, PIPE_LSASS , TRANS_SYNT_V2 }, { PIPE_SRVSVC , SYNT_SRVSVC_V3 , PIPE_NTSVCS , TRANS_SYNT_V2 }, diff --git a/source3/rpcclient/cmd_brs.c b/source3/rpcclient/cmd_brs.c new file mode 100644 index 0000000000..f01ebc8f95 --- /dev/null +++ b/source3/rpcclient/cmd_brs.c @@ -0,0 +1,96 @@ +/* + Unix SMB/Netbios implementation. + Version 1.9. + NT Domain Authentication SMB / MSRPC client + Copyright (C) Andrew Tridgell 1994-1999 + Copyright (C) Luke Kenneth Casson Leighton 1996-1999 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + + + +#ifdef SYSLOG +#undef SYSLOG +#endif + +#include "includes.h" +#include "nterr.h" + +extern int DEBUGLEVEL; + +#define DEBUG_TESTING + +extern struct cli_state *smb_cli; + +extern FILE* out_hnd; + + +/**************************************************************************** +Browser get info query +****************************************************************************/ +void cmd_brs_query_info(struct client_info *info) +{ + uint16 nt_pipe_fnum; + fstring dest_brs; + fstring tmp; + BRS_INFO_100 ctr; + uint32 info_level = 100; + + BOOL res = True; + + bzero(&ctr, sizeof(ctr)); + + fstrcpy(dest_brs, "\\\\"); + fstrcat(dest_brs, info->dest_host); + strupper(dest_brs); + + if (next_token(NULL, tmp, NULL, sizeof(tmp))) + { + info_level = (uint32)strtol(tmp, (char**)NULL, 10); + } + + DEBUG(4,("cmd_brs_query_info: server:%s info level: %d\n", + dest_brs, info_level)); + + DEBUG(5, ("cmd_brs_query_info: smb_cli->fd:%d\n", smb_cli->fd)); + + /* open LSARPC session. */ + res = res ? cli_nt_session_open(smb_cli, PIPE_BROWSER, &nt_pipe_fnum) : False; + + /* send info level: receive requested info. hopefully. */ + res = res ? do_brs_query_info(smb_cli, nt_pipe_fnum, + dest_brs, info_level, &ctr) : False; + + /* close the session */ + cli_nt_session_close(smb_cli, nt_pipe_fnum); + + if (res) + { + DEBUG(5,("cmd_brs_query_info: query succeeded\n")); + +#if 0 + display_brs_info_100(out_hnd, ACTION_HEADER , &ctr); + display_brs_info_100(out_hnd, ACTION_ENUMERATE, &ctr); + display_brs_info_100(out_hnd, ACTION_FOOTER , &ctr); +#endif + + } + else + { + DEBUG(5,("cmd_brs_query_info: query failed\n")); + } +} + diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index 1103a76d91..7e246b1bfc 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -269,6 +269,12 @@ commands[] = "Display remote time", {COMPL_NONE, COMPL_NONE} }, + { + "brsinfo", + cmd_brs_query_info, + "Browser Query Info", + {COMPL_NONE, COMPL_NONE} + }, { "wksinfo", cmd_wks_query_info, -- cgit