The branch, master has been updated via 8bd730f5ad19d5f4f6cfe65c95db66768b33845f (commit) via c17789fa1c3abafd70e07a5f350f6f16ebe1ed7e (commit) via 393a1f594d5f03a51448cdc465f92c599a93904c (commit) from bda70613347c96d328c1d8899ae38057709e4151 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 8bd730f5ad19d5f4f6cfe65c95db66768b33845f Author: Günther Deschner <g...@samba.org> Date: Thu Sep 10 23:33:37 2009 +0200 s3-rpcclient: add lookupnames4 command. Guenther commit c17789fa1c3abafd70e07a5f350f6f16ebe1ed7e Author: Günther Deschner <g...@samba.org> Date: Thu Sep 10 21:14:29 2009 +0200 s3-rpcclient: add ncacn transport handling for rpcclient. Guenther commit 393a1f594d5f03a51448cdc465f92c599a93904c Author: Günther Deschner <g...@samba.org> Date: Thu Sep 10 19:59:37 2009 +0200 s3-rpc_client: add enum dcerpc_transport_t to rpc_cli_transport struct. Guenther ----------------------------------------------------------------------- Summary of changes: source3/include/client.h | 2 + source3/rpc_client/cli_pipe.c | 8 +++ source3/rpcclient/cmd_lsarpc.c | 52 ++++++++++++++++++++++ source3/rpcclient/rpcclient.c | 93 +++++++++++++++++++++++++++++++++++++-- 4 files changed, 150 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/client.h b/source3/include/client.h index 203198f..5b64b9b 100644 --- a/source3/include/client.h +++ b/source3/include/client.h @@ -68,6 +68,8 @@ struct cli_pipe_auth_data { struct rpc_cli_transport { + enum dcerpc_transport_t transport; + /** * Trigger an async read from the server. May return a short read. */ diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index 82f6b10..16fe9da 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -3207,6 +3207,8 @@ static NTSTATUS rpc_pipe_open_tcp_port(TALLOC_CTX *mem_ctx, const char *host, goto fail; } + result->transport->transport = NCACN_IP_TCP; + *presult = result; return NT_STATUS_OK; @@ -3427,6 +3429,8 @@ NTSTATUS rpc_pipe_open_ncalrpc(TALLOC_CTX *mem_ctx, const char *socket_path, goto fail; } + result->transport->transport = NCALRPC; + *presult = result; return NT_STATUS_OK; @@ -3501,6 +3505,8 @@ static NTSTATUS rpc_pipe_open_np(struct cli_state *cli, return status; } + result->transport->transport = NCACN_NP; + DLIST_ADD(cli->pipe_list, result); talloc_set_destructor(result, rpc_pipe_client_np_destructor); @@ -3561,6 +3567,8 @@ NTSTATUS rpc_pipe_open_local(TALLOC_CTX *mem_ctx, return status; } + result->transport->transport = NCACN_INTERNAL; + *presult = result; return NT_STATUS_OK; } diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c index d7f8041..623cd5e 100644 --- a/source3/rpcclient/cmd_lsarpc.c +++ b/source3/rpcclient/cmd_lsarpc.c @@ -300,6 +300,57 @@ static NTSTATUS cmd_lsa_lookup_names_level(struct rpc_pipe_client *cli, return result; } +static NTSTATUS cmd_lsa_lookup_names4(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, int argc, + const char **argv) +{ + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + + uint32_t num_names; + struct lsa_String *names; + struct lsa_RefDomainList *domains; + struct lsa_TransSidArray3 sids; + uint32_t count = 0; + int i; + + if (argc == 1) { + printf("Usage: %s [name1 [name2 [...]]]\n", argv[0]); + return NT_STATUS_OK; + } + + ZERO_STRUCT(sids); + + num_names = argc-1; + names = talloc_array(mem_ctx, struct lsa_String, num_names); + NT_STATUS_HAVE_NO_MEMORY(names); + + for (i=0; i < num_names; i++) { + init_lsa_String(&names[i], argv[i+1]); + } + + result = rpccli_lsa_LookupNames4(cli, mem_ctx, + num_names, + names, + &domains, + &sids, + 1, + &count, + 0, + 0); + if (!NT_STATUS_IS_OK(result)) { + return result; + } + + for (i = 0; i < sids.count; i++) { + fstring sid_str; + sid_to_fstring(sid_str, sids.sids[i].sid); + printf("%s %s (%s: %d)\n", argv[i+1], sid_str, + sid_type_lookup(sids.sids[i].sid_type), + sids.sids[i].sid_type); + } + + return result; +} /* Resolve a list of SIDs to a list of names */ @@ -1726,6 +1777,7 @@ struct cmd_set lsarpc_commands[] = { { "lsaquery", RPC_RTYPE_NTSTATUS, cmd_lsa_query_info_policy, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query info policy", "" }, { "lookupsids", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_sids, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Convert SIDs to names", "" }, { "lookupnames", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Convert names to SIDs", "" }, + { "lookupnames4", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names4, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Convert names to SIDs", "" }, { "lookupnames_level", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names_level, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Convert names to SIDs", "" }, { "enumtrust", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_trust_dom, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Enumerate trusted domains", "Usage: [preferred max number] [enum context (0)]" }, { "enumprivs", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privilege, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Enumerate privileges", "" }, diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index ceeeae7..475dce5 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -28,6 +28,7 @@ DOM_SID domain_sid; static enum pipe_auth_type pipe_default_auth_type = PIPE_AUTH_TYPE_NONE; static enum pipe_auth_level pipe_default_auth_level = PIPE_AUTH_LEVEL_NONE; static unsigned int timeout = 0; +static enum dcerpc_transport_t default_transport = NCACN_NP; struct user_auth_info *rpcclient_auth_info; @@ -351,6 +352,29 @@ static NTSTATUS cmd_set_ss_level(void) return NT_STATUS_OK; } +static NTSTATUS cmd_set_transport(void) +{ + struct cmd_list *tmp; + + /* Close any existing connections not at this level. */ + + for (tmp = cmd_list; tmp; tmp = tmp->next) { + struct cmd_set *tmp_set; + + for (tmp_set = tmp->cmd_set; tmp_set->name; tmp_set++) { + if (tmp_set->rpc_pipe == NULL) { + continue; + } + + if (tmp_set->rpc_pipe->transport->transport != default_transport) { + TALLOC_FREE(tmp_set->rpc_pipe); + tmp_set->rpc_pipe = NULL; + } + } + } + return NT_STATUS_OK; +} + static NTSTATUS cmd_sign(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv) { @@ -477,6 +501,34 @@ static NTSTATUS cmd_schannel_sign(struct rpc_pipe_client *cli, TALLOC_CTX *mem_c return cmd_set_ss_level(); } +static NTSTATUS cmd_choose_transport(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, + int argc, const char **argv) +{ + NTSTATUS status; + + if (argc != 2) { + printf("Usage: %s [NCACN_NP|NCACN_IP_TCP]\n", argv[0]); + return NT_STATUS_OK; + } + + if (strequal(argv[1], "NCACN_NP")) { + default_transport = NCACN_NP; + } else if (strequal(argv[1], "NCACN_IP_TCP")) { + default_transport = NCACN_IP_TCP; + } else { + printf("transport type: %s unknown or not supported\n", argv[1]); + return NT_STATUS_NOT_SUPPORTED; + } + + status = cmd_set_transport(); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + printf("default transport is now: %s\n", argv[1]); + + return NT_STATUS_OK; +} /* Built in rpcclient commands */ @@ -496,6 +548,7 @@ static struct cmd_set rpcclient_commands[] = { { "schannel", RPC_RTYPE_NTSTATUS, cmd_schannel, NULL, NULL, NULL, "Force RPC pipe connections to be sealed with 'schannel'. Assumes valid machine account to this domain controller.", "" }, { "schannelsign", RPC_RTYPE_NTSTATUS, cmd_schannel_sign, NULL, NULL, NULL, "Force RPC pipe connections to be signed (not sealed) with 'schannel'. Assumes valid machine account to this domain controller.", "" }, { "timeout", RPC_RTYPE_NTSTATUS, cmd_timeout, NULL, NULL, NULL, "Set timeout (in milliseonds) for RPC operations", "" }, + { "transport", RPC_RTYPE_NTSTATUS, cmd_choose_transport, NULL, NULL, NULL, "Choose ncacn transport for RPC operations", "" }, { "none", RPC_RTYPE_NTSTATUS, cmd_none, NULL, NULL, NULL, "Force RPC pipe connections to have no special properties", "" }, { NULL } @@ -569,6 +622,7 @@ static void add_command_set(struct cmd_set *cmd_set) static NTSTATUS do_cmd(struct cli_state *cli, struct user_auth_info *auth_info, struct cmd_set *cmd_entry, + struct dcerpc_binding *binding, int argc, char **argv) { NTSTATUS ntresult; @@ -693,7 +747,9 @@ static NTSTATUS do_cmd(struct cli_state *cli, * @returns The NTSTATUS from running the command. **/ static NTSTATUS process_cmd(struct user_auth_info *auth_info, - struct cli_state *cli, char *cmd) + struct cli_state *cli, + struct dcerpc_binding *binding, + char *cmd) { struct cmd_list *temp_list; NTSTATUS result = NT_STATUS_OK; @@ -720,7 +776,7 @@ static NTSTATUS process_cmd(struct user_auth_info *auth_info, } result = do_cmd(cli, auth_info, temp_set, - argc, argv); + binding, argc, argv); goto out_free; } @@ -766,6 +822,8 @@ out_free: int result = 0; TALLOC_CTX *frame = talloc_stackframe(); uint32_t flags = 0; + struct dcerpc_binding *binding = NULL; + const char *binding_string = NULL; /* make sure the vars that get altered (4th field) are in a fixed location or certain compilers complain */ @@ -876,13 +934,35 @@ out_free: server += 2; } + nt_status = dcerpc_parse_binding(frame, server, &binding); + + if (!NT_STATUS_IS_OK(nt_status)) { + + binding_string = talloc_asprintf(frame, "ncacn_np:%s", + strip_hostname(server)); + if (!binding_string) { + result = 1; + goto done; + } + + nt_status = dcerpc_parse_binding(frame, binding_string, &binding); + if (!NT_STATUS_IS_OK(nt_status)) { + result = -1; + goto done; + } + } + + if (binding->transport == NCA_UNKNOWN) { + binding->transport = NCACN_NP; + } + if (get_cmdline_auth_info_use_kerberos(rpcclient_auth_info)) { flags |= CLI_FULL_CONNECTION_USE_KERBEROS | CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS; } - nt_status = cli_full_connection(&cli, global_myname(), server, + nt_status = cli_full_connection(&cli, global_myname(), binding->host, opt_ipaddr ? &server_ss : NULL, opt_port, "IPC$", "IPC", get_cmdline_auth_info_username(rpcclient_auth_info), @@ -926,6 +1006,8 @@ out_free: cmd_set++; } + default_transport = binding->transport; + fetch_machine_sid(cli); /* Do anything specified with -c */ @@ -936,7 +1018,8 @@ out_free: result = 0; while((cmd=next_command(&p)) != NULL) { - NTSTATUS cmd_result = process_cmd(rpcclient_auth_info, cli, cmd); + NTSTATUS cmd_result = process_cmd(rpcclient_auth_info, cli, + binding, cmd); SAFE_FREE(cmd); result = NT_STATUS_IS_ERR(cmd_result); } @@ -955,7 +1038,7 @@ out_free: break; if (line[0] != '\n') - process_cmd(rpcclient_auth_info, cli, line); + process_cmd(rpcclient_auth_info, cli, binding, line); SAFE_FREE(line); } -- Samba Shared Repository