2 Unix SMB/CIFS implementation.
5 Copyright (C) Tim Potter 2000-2001
6 Copyright (C) Martin Pool 2003
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "../libcli/auth/netlogon_creds_cli.h"
24 #include "rpcclient.h"
25 #include "../libcli/auth/libcli_auth.h"
26 #include "../librpc/gen_ndr/ndr_lsa_c.h"
27 #include "rpc_client/cli_lsarpc.h"
28 #include "../librpc/gen_ndr/ndr_netlogon.h"
29 #include "rpc_client/cli_netlogon.h"
30 #include "../libcli/smbreadline/smbreadline.h"
31 #include "../libcli/security/security.h"
33 #include "libsmb/libsmb.h"
34 #include "auth/gensec/gensec.h"
35 #include "../libcli/smb/smbXcli_base.h"
37 #include "cmdline_contexts.h"
38 #include "../librpc/gen_ndr/ndr_samr.h"
39 #include "lib/cmdline/cmdline.h"
40 #include "lib/param/param.h"
42 enum pipe_auth_type_spnego {
43 PIPE_AUTH_TYPE_SPNEGO_NONE = 0,
44 PIPE_AUTH_TYPE_SPNEGO_NTLMSSP,
45 PIPE_AUTH_TYPE_SPNEGO_KRB5
48 static unsigned int timeout = 10000;
50 struct messaging_context *rpcclient_msg_ctx;
51 struct netlogon_creds_cli_context *rpcclient_netlogon_creds;
52 static const char *rpcclient_netlogon_domain;
54 /* List to hold groups of commands.
56 * Commands are defined in a list of arrays: arrays are easy to
57 * statically declare, and lists are easier to dynamically extend.
60 static struct cmd_list {
61 struct cmd_list *prev, *next;
62 struct cmd_set *cmd_set;
65 /****************************************************************************
66 handle completion of commands for readline
67 ****************************************************************************/
68 static char **completion_fn(const char *text, int start, int end)
70 #define MAX_COMPLETIONS 1000
73 struct cmd_list *commands = cmd_list;
76 /* FIXME!!! -- what to do when completing argument? */
77 /* for words not at the start of the line fallback
78 to filename completion */
83 /* make sure we have a list of valid commands */
88 matches = SMB_MALLOC_ARRAY(char *, MAX_COMPLETIONS);
93 matches[count++] = SMB_STRDUP(text);
99 while (commands && count < MAX_COMPLETIONS-1) {
100 if (!commands->cmd_set) {
104 for (i=0; commands->cmd_set[i].name; i++) {
105 if ((strncmp(text, commands->cmd_set[i].name, strlen(text)) == 0) &&
106 (( commands->cmd_set[i].returntype == RPC_RTYPE_NTSTATUS &&
107 commands->cmd_set[i].ntfn ) ||
108 ( commands->cmd_set[i].returntype == RPC_RTYPE_WERROR &&
109 commands->cmd_set[i].wfn))) {
110 matches[count] = SMB_STRDUP(commands->cmd_set[i].name);
111 if (!matches[count]) {
112 for (i = 0; i < count; i++) {
113 SAFE_FREE(matches[count]);
121 commands = commands->next;
125 SAFE_FREE(matches[0]);
126 matches[0] = SMB_STRDUP(matches[1]);
128 matches[count] = NULL;
132 static char *next_command (char **cmdstr)
137 if (!cmdstr || !(*cmdstr))
140 p = strchr_m(*cmdstr, ';');
143 command = SMB_STRDUP(*cmdstr);
152 static void binding_get_auth_info(
153 const struct dcerpc_binding *b,
154 enum dcerpc_AuthType *_auth_type,
155 enum dcerpc_AuthLevel *_auth_level,
156 enum credentials_use_kerberos *_krb5_state)
158 uint32_t bflags = dcerpc_binding_get_flags(b);
159 enum dcerpc_AuthLevel auth_level = DCERPC_AUTH_LEVEL_NONE;
160 enum dcerpc_AuthType auth_type = DCERPC_AUTH_TYPE_NONE;
161 enum credentials_use_kerberos krb5_state = CRED_USE_KERBEROS_DESIRED;
163 if (_krb5_state != NULL) {
164 krb5_state = *_krb5_state;
167 if (bflags & DCERPC_CONNECT) {
168 auth_level = DCERPC_AUTH_LEVEL_CONNECT;
170 if (bflags & DCERPC_PACKET) {
171 auth_level = DCERPC_AUTH_LEVEL_PACKET;
173 if (bflags & DCERPC_SIGN) {
174 auth_level = DCERPC_AUTH_LEVEL_INTEGRITY;
176 if (bflags & DCERPC_SEAL) {
177 auth_level = DCERPC_AUTH_LEVEL_PRIVACY;
180 if (bflags & DCERPC_SCHANNEL) {
181 auth_type = DCERPC_AUTH_TYPE_SCHANNEL;
184 if ((auth_level != DCERPC_AUTH_LEVEL_NONE) &&
185 (auth_type == DCERPC_AUTH_TYPE_NONE)) {
186 auth_type = (krb5_state == CRED_USE_KERBEROS_REQUIRED) ?
187 DCERPC_AUTH_TYPE_KRB5 : DCERPC_AUTH_TYPE_NTLMSSP;
190 if (bflags & DCERPC_AUTH_SPNEGO) {
191 auth_type = DCERPC_AUTH_TYPE_SPNEGO;
193 if (bflags & DCERPC_AUTH_NTLM) {
194 krb5_state = CRED_USE_KERBEROS_DISABLED;
196 if (bflags & DCERPC_AUTH_KRB5) {
197 krb5_state = CRED_USE_KERBEROS_REQUIRED;
201 if (auth_type != DCERPC_AUTH_TYPE_NONE) {
202 /* If nothing is requested then default to integrity */
203 if (auth_level == DCERPC_AUTH_LEVEL_NONE) {
204 auth_level = DCERPC_AUTH_LEVEL_INTEGRITY;
208 if (_auth_type != NULL) {
209 *_auth_type = auth_type;
211 if (_auth_level != NULL) {
212 *_auth_level = auth_level;
214 if (_krb5_state != NULL) {
215 *_krb5_state = krb5_state;
219 /* List the available commands on a given pipe */
221 static NTSTATUS cmd_listcommands(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
222 int argc, const char **argv)
224 struct cmd_list *tmp;
225 struct cmd_set *tmp_set;
231 printf("Usage: %s <pipe>\n", argv[0]);
235 /* Help on one command */
237 for (tmp = cmd_list; tmp; tmp = tmp->next)
239 tmp_set = tmp->cmd_set;
241 if (!strcasecmp_m(argv[1], tmp_set->name))
243 printf("Available commands on the %s pipe:\n\n", tmp_set->name);
247 while(tmp_set->name) {
248 printf("%30s", tmp_set->name);
255 /* drop out of the loop */
264 /* Display help on commands */
266 static NTSTATUS cmd_help(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
267 int argc, const char **argv)
269 struct cmd_list *tmp;
270 struct cmd_set *tmp_set;
275 printf("Usage: %s [command]\n", argv[0]);
279 /* Help on one command */
282 for (tmp = cmd_list; tmp; tmp = tmp->next) {
284 tmp_set = tmp->cmd_set;
286 while(tmp_set->name) {
287 if (strequal(argv[1], tmp_set->name)) {
288 if (tmp_set->usage &&
290 printf("%s\n", tmp_set->usage);
292 printf("No help for %s\n", tmp_set->name);
301 printf("No such command: %s\n", argv[1]);
305 /* List all commands */
307 for (tmp = cmd_list; tmp; tmp = tmp->next) {
309 tmp_set = tmp->cmd_set;
311 while(tmp_set->name) {
313 printf("%15s\t\t%s\n", tmp_set->name,
314 tmp_set->description ? tmp_set->description:
324 /* Change the debug level */
326 static NTSTATUS cmd_debuglevel(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
327 int argc, const char **argv)
330 printf("Usage: %s [debuglevel]\n", argv[0]);
335 struct loadparm_context *lp_ctx = samba_cmdline_get_lp_ctx();
336 lpcfg_set_cmdline(lp_ctx, "log level", argv[1]);
339 printf("debuglevel is %d\n", DEBUGLEVEL);
344 static NTSTATUS cmd_quit(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
345 int argc, const char **argv)
348 return NT_STATUS_OK; /* NOTREACHED */
351 static NTSTATUS cmd_set_ss_level(struct dcerpc_binding *binding)
353 struct cmd_list *tmp;
354 enum dcerpc_AuthType auth_type;
355 enum dcerpc_AuthLevel auth_level;
357 /* Close any existing connections not at this level. */
359 binding_get_auth_info(binding, &auth_type, &auth_level, NULL);
361 for (tmp = cmd_list; tmp; tmp = tmp->next) {
362 struct cmd_set *tmp_set;
364 for (tmp_set = tmp->cmd_set; tmp_set->name; tmp_set++) {
365 if (tmp_set->rpc_pipe == NULL) {
369 if ((tmp_set->rpc_pipe->auth->auth_type
371 || (tmp_set->rpc_pipe->auth->auth_level
373 TALLOC_FREE(tmp_set->rpc_pipe);
374 tmp_set->rpc_pipe = NULL;
381 static NTSTATUS cmd_set_transport(struct dcerpc_binding *b)
383 enum dcerpc_transport_t t = dcerpc_binding_get_transport(b);
384 struct cmd_list *tmp;
386 /* Close any existing connections not at this level. */
388 for (tmp = cmd_list; tmp; tmp = tmp->next) {
389 struct cmd_set *tmp_set;
391 for (tmp_set = tmp->cmd_set; tmp_set->name; tmp_set++) {
392 if (tmp_set->rpc_pipe == NULL) {
396 if (tmp_set->rpc_pipe->transport->transport != t) {
397 TALLOC_FREE(tmp_set->rpc_pipe);
398 tmp_set->rpc_pipe = NULL;
405 static NTSTATUS binding_reset_auth(struct dcerpc_binding *b)
407 NTSTATUS status = dcerpc_binding_set_flags(
421 static NTSTATUS binding_set_auth(
422 struct dcerpc_binding *b, const char *level, const char *type)
426 status = binding_reset_auth(b);
427 if (!NT_STATUS_IS_OK(status)) {
432 status = dcerpc_binding_set_string_option(b, level, level);
433 if (!NT_STATUS_IS_OK(status)) {
438 if (strequal(type, "SPNEGO")) {
439 status = dcerpc_binding_set_string_option(
440 b, "spnego", "spnego");
443 if (strequal(type, "NTLMSSP")) {
444 status = dcerpc_binding_set_string_option(b, "ntlm", "ntlm");
447 if (strequal(type, "NTLMSSP_SPNEGO")) {
448 status = dcerpc_binding_set_string_option(
449 b, "spnego", "spnego");
450 if (!NT_STATUS_IS_OK(status)) {
453 status = dcerpc_binding_set_string_option(b, "ntlm", "ntlm");
456 if (strequal(type, "KRB5")) {
457 status = dcerpc_binding_set_string_option(b, "krb5", "krb5");
460 if (strequal(type, "KRB5_SPNEGO")) {
461 status = dcerpc_binding_set_string_option(
462 b, "spnego", "spnego");
463 if (!NT_STATUS_IS_OK(status)) {
466 status = dcerpc_binding_set_string_option(b, "krb5", "krb5");
469 if (strequal(type, "SCHANNEL")) {
470 status = dcerpc_binding_set_string_option(
471 b, "schannel", "schannel");
475 return NT_STATUS_INVALID_PARAMETER;
478 static NTSTATUS cmd_set_auth(
479 struct dcerpc_binding *binding,
485 const char *p = "[KRB5|KRB5_SPNEGO|NTLMSSP|NTLMSSP_SPNEGO|SCHANNEL]";
486 const char *type = "NTLMSSP";
490 printf("Usage: %s %s\n", argv[0], p);
498 status = binding_set_auth(binding, level, type);
499 if (!NT_STATUS_IS_OK(status)) {
500 printf("Usage: %s %s\n", argv[0], p);
504 d_printf("Setting %s - %s: %s\n", type, display, nt_errstr(status));
506 status = cmd_set_ss_level(binding);
510 static NTSTATUS cmd_sign(
511 struct dcerpc_binding *binding,
516 NTSTATUS status = cmd_set_auth(binding, "sign", "sign", argc, argv);
520 static NTSTATUS cmd_seal(
521 struct dcerpc_binding *binding,
526 NTSTATUS status = cmd_set_auth(
527 binding, "seal", "sign and seal", argc, argv);
531 static NTSTATUS cmd_packet(
532 struct dcerpc_binding *binding,
537 NTSTATUS status = cmd_set_auth(
538 binding, "packet", "packet", argc, argv);
542 static NTSTATUS cmd_timeout(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
543 int argc, const char **argv)
546 printf("Usage: %s timeout\n", argv[0]);
551 timeout = atoi(argv[1]);
554 printf("timeout is %d\n", timeout);
560 static NTSTATUS cmd_none(
561 struct dcerpc_binding *binding,
566 NTSTATUS status = binding_reset_auth(binding);
567 if (!NT_STATUS_IS_OK(status)) {
570 status = cmd_set_ss_level(binding);
574 static NTSTATUS cmd_schannel(
575 struct dcerpc_binding *binding,
580 const char *argv[] = { "schannel", "SCHANNEL" };
581 NTSTATUS status = cmd_set_auth(
582 binding, "seal", "sign and seal", 2, argv);
586 static NTSTATUS cmd_schannel_sign(
587 struct dcerpc_binding *binding,
592 const char *argv[] = { "schannel_sign", "SCHANNEL" };
593 NTSTATUS status = cmd_set_auth(binding, "sign", "sign only", 2, argv);
597 static NTSTATUS cmd_choose_transport(
598 struct dcerpc_binding *binding,
604 enum dcerpc_transport_t transport;
607 printf("Usage: %s [NCACN_NP|NCACN_IP_TCP]\n", argv[0]);
611 transport = dcerpc_transport_by_name(argv[1]);
612 if (transport == NCA_UNKNOWN) {
613 printf("transport type %s unknown\n", argv[1]);
614 return NT_STATUS_NOT_SUPPORTED;
616 if (!((transport == NCACN_IP_TCP) ||
617 (transport == NCACN_NP) ||
618 (transport == NCALRPC))) {
619 printf("transport %s not supported\n", argv[1]);
620 return NT_STATUS_NOT_SUPPORTED;
623 status = dcerpc_binding_set_transport(binding, transport);
624 if (!NT_STATUS_IS_OK(status)) {
628 status = cmd_set_transport(binding);
629 if (!NT_STATUS_IS_OK(status)) {
633 printf("default transport is now: %s\n", argv[1]);
638 /* Built in rpcclient commands */
640 static struct cmd_set rpcclient_commands[] = {
643 .name = "GENERAL OPTIONS",
648 .returntype = RPC_RTYPE_NTSTATUS,
650 .description = "Get help on commands",
651 .usage = "[command]",
655 .returntype = RPC_RTYPE_NTSTATUS,
657 .description = "Get help on commands",
658 .usage = "[command]",
661 .name = "debuglevel",
662 .returntype = RPC_RTYPE_NTSTATUS,
663 .ntfn = cmd_debuglevel,
664 .description = "Set debug level",
669 .returntype = RPC_RTYPE_NTSTATUS,
670 .ntfn = cmd_debuglevel,
671 .description = "Set debug level",
676 .returntype = RPC_RTYPE_NTSTATUS,
677 .ntfn = cmd_listcommands,
678 .description = "List available commands on <pipe>",
683 .returntype = RPC_RTYPE_NTSTATUS,
685 .description = "Exit program",
690 .returntype = RPC_RTYPE_NTSTATUS,
692 .description = "Exit program",
697 .returntype = RPC_RTYPE_BINDING,
699 .description = "Force RPC pipe connections to be signed",
704 .returntype = RPC_RTYPE_BINDING,
706 .description = "Force RPC pipe connections to be sealed",
711 .returntype = RPC_RTYPE_BINDING,
713 .description = "Force RPC pipe connections with packet authentication level",
718 .returntype = RPC_RTYPE_BINDING,
720 .description = "Force RPC pipe connections to be sealed with 'schannel'. "
721 "Assumes valid machine account to this domain controller.",
725 .name = "schannelsign",
726 .returntype = RPC_RTYPE_BINDING,
727 .bfn = cmd_schannel_sign,
728 .description = "Force RPC pipe connections to be signed (not sealed) with "
729 "'schannel'. Assumes valid machine account to this domain "
735 .returntype = RPC_RTYPE_NTSTATUS,
737 .description = "Set timeout (in milliseconds) for RPC operations",
742 .returntype = RPC_RTYPE_BINDING,
743 .bfn = cmd_choose_transport,
744 .description = "Choose ncacn transport for RPC operations",
749 .returntype = RPC_RTYPE_BINDING,
751 .description = "Force RPC pipe connections to have no special properties",
758 static struct cmd_set separator_command[] = {
760 .name = "---------------",
761 .returntype = MAX_RPC_RETURN_TYPE,
762 .description = "----------------------"
768 /* Various pipe commands */
770 extern struct cmd_set lsarpc_commands[];
771 extern struct cmd_set samr_commands[];
772 extern struct cmd_set spoolss_commands[];
773 extern struct cmd_set iremotewinspool_commands[];
774 extern struct cmd_set netlogon_commands[];
775 extern struct cmd_set srvsvc_commands[];
776 extern struct cmd_set dfs_commands[];
777 extern struct cmd_set ds_commands[];
778 extern struct cmd_set echo_commands[];
779 extern struct cmd_set epmapper_commands[];
780 extern struct cmd_set shutdown_commands[];
781 extern struct cmd_set wkssvc_commands[];
782 extern struct cmd_set ntsvcs_commands[];
783 extern struct cmd_set drsuapi_commands[];
784 extern struct cmd_set eventlog_commands[];
785 extern struct cmd_set winreg_commands[];
786 extern struct cmd_set fss_commands[];
787 extern struct cmd_set witness_commands[];
788 extern struct cmd_set clusapi_commands[];
789 extern struct cmd_set spotlight_commands[];
790 extern struct cmd_set unixinfo_commands[];
792 static struct cmd_set *rpcclient_command_list[] = {
798 iremotewinspool_commands,
818 static void add_command_set(struct cmd_set *cmd_set)
820 struct cmd_list *entry;
822 if (!(entry = SMB_MALLOC_P(struct cmd_list))) {
823 DEBUG(0, ("out of memory\n"));
829 entry->cmd_set = cmd_set;
830 DLIST_ADD(cmd_list, entry);
833 static NTSTATUS rpccli_ncalrpc_connect(
834 const struct ndr_interface_table *iface,
836 struct rpc_pipe_client **prpccli)
838 struct rpc_pipe_client *rpccli = NULL;
839 struct pipe_auth_data *auth = NULL;
842 status = rpc_pipe_open_ncalrpc(mem_ctx, iface, &rpccli);
843 if (!NT_STATUS_IS_OK(status)) {
844 DBG_DEBUG("rpc_pipe_open_ncalrpc failed: %s\n",
849 status = rpccli_ncalrpc_bind_data(rpccli, &auth);
850 if (!NT_STATUS_IS_OK(status)) {
851 DBG_DEBUG("rpccli_ncalrpc_bind_data failed: %s\n",
856 status = rpc_pipe_bind(rpccli, auth);
857 if (!NT_STATUS_IS_OK(status)) {
858 DBG_DEBUG("rpc_pipe_bind failed: %s\n", nt_errstr(status));
869 * Call an rpcclient function, passing an argv array.
871 * @param cmd Command to run, as a single string.
873 static NTSTATUS do_cmd(struct cli_state *cli,
874 struct cli_credentials *creds,
875 struct cmd_set *cmd_entry,
876 struct dcerpc_binding *binding,
877 int argc, const char **argv)
881 enum dcerpc_transport_t transport;
883 TALLOC_CTX *mem_ctx = talloc_stackframe();
884 const char *remote_name = NULL;
885 const struct sockaddr_storage *remote_sockaddr = NULL;
886 struct sockaddr_storage remote_ss = {
887 .ss_family = AF_UNSPEC,
890 transport = dcerpc_binding_get_transport(binding);
893 remote_name = smbXcli_conn_remote_name(cli->conn);
894 remote_sockaddr = smbXcli_conn_remote_sockaddr(cli->conn);
896 const char *remote_host =
897 dcerpc_binding_get_string_option(binding, "host");
898 remote_name = dcerpc_binding_get_string_option(
899 binding, "target_hostname");
901 if (remote_host != NULL) {
902 bool ok = interpret_string_addr(
903 &remote_ss, remote_host, 0);
905 remote_sockaddr = &remote_ss;
912 if ((cmd_entry->table != NULL) && (cmd_entry->rpc_pipe == NULL)) {
913 if (transport == NCALRPC) {
914 ntresult = rpccli_ncalrpc_connect(
915 cmd_entry->table, cli, &cmd_entry->rpc_pipe);
916 if (!NT_STATUS_IS_OK(ntresult)) {
917 TALLOC_FREE(mem_ctx);
921 enum dcerpc_AuthType auth_type;
922 enum dcerpc_AuthLevel auth_level;
923 enum credentials_use_kerberos krb5_state =
924 cli_credentials_get_kerberos_state(creds);
926 binding_get_auth_info(
927 binding, &auth_type, &auth_level, &krb5_state);
930 case DCERPC_AUTH_TYPE_NONE:
931 ntresult = cli_rpc_pipe_open_noauth_transport(
936 &cmd_entry->rpc_pipe);
938 case DCERPC_AUTH_TYPE_SPNEGO:
939 case DCERPC_AUTH_TYPE_NTLMSSP:
940 case DCERPC_AUTH_TYPE_KRB5:
941 cli_credentials_set_kerberos_state(creds,
945 ntresult = cli_rpc_pipe_open_with_creds(
946 cli, cmd_entry->table,
953 &cmd_entry->rpc_pipe);
955 case DCERPC_AUTH_TYPE_SCHANNEL:
956 TALLOC_FREE(rpcclient_netlogon_creds);
957 ntresult = cli_rpc_pipe_open_schannel(
958 cli, rpcclient_msg_ctx,
961 rpcclient_netlogon_domain,
964 &cmd_entry->rpc_pipe,
966 &rpcclient_netlogon_creds);
969 DEBUG(0, ("Could not initialise %s. Invalid "
971 cmd_entry->table->name,
973 talloc_free(mem_ctx);
974 return NT_STATUS_UNSUCCESSFUL;
976 if (!NT_STATUS_IS_OK(ntresult)) {
977 DBG_ERR("Could not initialise %s. "
979 cmd_entry->table->name,
980 nt_errstr(ntresult));
981 talloc_free(mem_ctx);
985 if (rpcclient_netlogon_creds == NULL &&
986 cmd_entry->use_netlogon_creds) {
987 const char *dc_name =
988 cmd_entry->rpc_pipe->desthost;
989 const char *domain = rpcclient_netlogon_domain;
990 struct cli_credentials *trust_creds = NULL;
992 ntresult = pdb_get_trust_credentials(
997 if (!NT_STATUS_IS_OK(ntresult)) {
998 DBG_ERR("Failed to fetch trust "
1000 "%s to connect to %s: %s\n",
1002 cmd_entry->table->name,
1003 nt_errstr(ntresult));
1004 TALLOC_FREE(cmd_entry->rpc_pipe);
1005 talloc_free(mem_ctx);
1009 ntresult = rpccli_create_netlogon_creds_ctx(
1014 &rpcclient_netlogon_creds);
1015 if (!NT_STATUS_IS_OK(ntresult)) {
1016 DBG_ERR("Could not initialise "
1017 "credentials for %s.\n",
1018 cmd_entry->table->name);
1019 TALLOC_FREE(cmd_entry->rpc_pipe);
1020 TALLOC_FREE(mem_ctx);
1024 ntresult = rpccli_setup_netlogon_creds(
1027 rpcclient_netlogon_creds,
1028 false, /* force_reauth */
1030 TALLOC_FREE(trust_creds);
1031 if (!NT_STATUS_IS_OK(ntresult)) {
1032 DBG_ERR("Could not initialise "
1033 "credentials for %s.\n",
1034 cmd_entry->table->name);
1035 TALLOC_FREE(cmd_entry->rpc_pipe);
1036 TALLOC_FREE(rpcclient_netlogon_creds);
1037 TALLOC_FREE(mem_ctx);
1044 /* Set timeout for new connections */
1045 if (cmd_entry->rpc_pipe) {
1046 rpccli_set_timeout(cmd_entry->rpc_pipe, timeout);
1051 if ( cmd_entry->returntype == RPC_RTYPE_NTSTATUS ) {
1052 ntresult = cmd_entry->ntfn(cmd_entry->rpc_pipe, mem_ctx, argc, argv);
1053 if (!NT_STATUS_IS_OK(ntresult)) {
1054 printf("result was %s\n", nt_errstr(ntresult));
1056 } else if (cmd_entry->returntype == RPC_RTYPE_BINDING) {
1057 ntresult = cmd_entry->bfn(binding, mem_ctx, argc, argv);
1058 if (!NT_STATUS_IS_OK(ntresult)) {
1059 printf("result was %s\n", nt_errstr(ntresult));
1062 wresult = cmd_entry->wfn(cmd_entry->rpc_pipe, mem_ctx, argc, argv);
1063 /* print out the DOS error */
1064 if (!W_ERROR_IS_OK(wresult)) {
1065 printf( "result was %s\n", win_errstr(wresult));
1067 ntresult = W_ERROR_IS_OK(wresult)?NT_STATUS_OK:NT_STATUS_UNSUCCESSFUL;
1072 talloc_free(mem_ctx);
1079 * Process a command entered at the prompt or as part of -c
1081 * @returns The NTSTATUS from running the command.
1083 static NTSTATUS process_cmd(struct cli_credentials *creds,
1084 struct cli_state *cli,
1085 struct dcerpc_binding *binding,
1088 struct cmd_list *temp_list;
1089 NTSTATUS result = NT_STATUS_OK;
1092 const char **argv = NULL;
1094 if ((ret = poptParseArgvString(cmd, &argc, &argv)) != 0) {
1095 fprintf(stderr, "rpcclient: %s\n", poptStrerror(ret));
1096 return NT_STATUS_UNSUCCESSFUL;
1100 /* Walk through a dlist of arrays of commands. */
1101 for (temp_list = cmd_list; temp_list; temp_list = temp_list->next) {
1102 struct cmd_set *set = temp_list->cmd_set;
1104 while (set->name != NULL) {
1105 if (!strequal(argv[0], set->name)) {
1110 if (((set->returntype == RPC_RTYPE_NTSTATUS) &&
1111 (set->ntfn == NULL)) ||
1112 ((set->returntype == RPC_RTYPE_WERROR) &&
1113 (set->wfn == NULL)) ||
1114 ((set->returntype == RPC_RTYPE_BINDING) &&
1115 (set->bfn == NULL))) {
1116 fprintf (stderr, "Invalid command\n");
1121 cli, creds, set, binding, argc, argv);
1127 printf("command not found: %s\n", argv[0]);
1131 /* moved to do_cmd()
1132 if (!NT_STATUS_IS_OK(result)) {
1133 printf("result was %s\n", nt_errstr(result));
1137 /* NOTE: popt allocates the whole argv, including the
1138 * strings, as a single block. So a single free is
1139 * enough to release it -- we don't free the
1140 * individual strings. rtfm. */
1149 int main(int argc, char *argv[])
1151 const char **const_argv = discard_const_p(const char *, argv);
1153 static char *cmdstr = NULL;
1155 struct cli_state *cli = NULL;
1156 static char *opt_ipaddr=NULL;
1157 struct cmd_set **cmd_set;
1158 struct sockaddr_storage server_ss;
1160 static int opt_port = 0;
1162 TALLOC_CTX *frame = talloc_stackframe();
1163 uint32_t flags = CLI_FULL_CONNECTION_IPC;
1164 struct dcerpc_binding *binding = NULL;
1165 enum dcerpc_transport_t transport;
1166 const char *binding_string = NULL;
1168 struct cli_credentials *creds = NULL;
1169 struct loadparm_context *lp_ctx = NULL;
1172 /* make sure the vars that get altered (4th field) are in
1173 a fixed location or certain compilers complain */
1175 struct poptOption long_options[] = {
1177 {"command", 'c', POPT_ARG_STRING, &cmdstr, 'c', "Execute semicolon separated cmds", "COMMANDS"},
1178 {"dest-ip", 'I', POPT_ARG_STRING, &opt_ipaddr, 'I', "Specify destination IP address", "IP"},
1179 {"port", 'p', POPT_ARG_INT, &opt_port, 'p', "Specify port number", "PORT"},
1181 POPT_COMMON_CONNECTION
1182 POPT_COMMON_CREDENTIALS
1190 zero_sockaddr(&server_ss);
1194 ok = samba_cmdline_init(frame,
1195 SAMBA_CMDLINE_CONFIG_CLIENT,
1196 false /* require_smbconf */);
1198 DBG_ERR("Failed to init cmdline parser!\n");
1200 lp_ctx = samba_cmdline_get_lp_ctx();
1201 lpcfg_set_cmdline(lp_ctx, "log level", "0");
1204 pc = samba_popt_get_context(getprogname(),
1210 DBG_ERR("Failed to setup popt context!\n");
1214 poptSetOtherOptionHelp(pc, "[OPTION...] BINDING-STRING|HOST\nOptions:");
1217 poptPrintHelp(pc, stderr, 0);
1221 while((opt = poptGetNextOpt(pc)) != -1) {
1225 if (!interpret_string_addr(&server_ss,
1228 fprintf(stderr, "%s not a valid IP address\n",
1234 case POPT_ERROR_BADOPT:
1235 fprintf(stderr, "\nInvalid option %s: %s\n\n",
1236 poptBadOption(pc, 0), poptStrerror(opt));
1237 poptPrintUsage(pc, stderr, 0);
1242 /* Get server as remaining unparsed argument. Print usage if more
1243 than one unparsed argument is present. */
1245 server = talloc_strdup(frame, poptGetArg(pc));
1247 if (!server || poptGetArg(pc)) {
1248 poptPrintHelp(pc, stderr, 0);
1253 poptFreeContext(pc);
1254 samba_cmdline_burn(argc, argv);
1256 rpcclient_msg_ctx = cmdline_messaging_context(get_dyn_CONFIGFILE());
1257 creds = samba_cmdline_get_creds();
1261 * from stdin if necessary
1264 if ((server[0] == '/' && server[1] == '/') ||
1265 (server[0] == '\\' && server[1] == '\\')) {
1269 nt_status = dcerpc_parse_binding(frame, server, &binding);
1271 if (!NT_STATUS_IS_OK(nt_status)) {
1273 binding_string = talloc_asprintf(frame, "ncacn_np:%s",
1274 strip_hostname(server));
1275 if (!binding_string) {
1280 nt_status = dcerpc_parse_binding(frame, binding_string, &binding);
1281 if (!NT_STATUS_IS_OK(nt_status)) {
1287 transport = dcerpc_binding_get_transport(binding);
1289 if (transport == NCA_UNKNOWN) {
1290 transport = NCACN_NP;
1291 nt_status = dcerpc_binding_set_transport(binding, transport);
1292 if (!NT_STATUS_IS_OK(nt_status)) {
1298 host = dcerpc_binding_get_string_option(binding, "host");
1300 rpcclient_netlogon_domain = cli_credentials_get_domain(creds);
1301 if (rpcclient_netlogon_domain == NULL ||
1302 rpcclient_netlogon_domain[0] == '\0')
1304 rpcclient_netlogon_domain = lp_workgroup();
1307 if (transport == NCACN_NP) {
1308 nt_status = cli_full_connection_creds(frame,
1312 opt_ipaddr ? &server_ss
1320 if (!NT_STATUS_IS_OK(nt_status)) {
1321 DEBUG(0, ("Cannot connect to server. Error was %s\n",
1322 nt_errstr(nt_status)));
1327 /* Load command lists */
1328 cli_set_timeout(cli, timeout);
1331 #if 0 /* COMMENT OUT FOR TESTING */
1332 memset(cmdline_auth_info.password,'X',sizeof(cmdline_auth_info.password));
1335 cmd_set = rpcclient_command_list;
1338 add_command_set(*cmd_set);
1339 add_command_set(separator_command);
1343 /* Do anything specified with -c */
1344 if (cmdstr && cmdstr[0]) {
1350 while((cmd=next_command(&p)) != NULL) {
1351 NTSTATUS cmd_result = process_cmd(creds,
1356 result = NT_STATUS_IS_ERR(cmd_result);
1362 /* Loop around accepting commands */
1367 line = smb_readline("rpcclient $> ", NULL, completion_fn);
1374 if (line[0] != '\n')
1386 netlogon_creds_cli_close_global_db();
1387 TALLOC_FREE(rpcclient_msg_ctx);
git.samba.org / samba.git / blob