#include "includes.h"
#include "utils/net.h"
+#include "../libcli/auth/libcli_auth.h"
static int net_mode_share;
static bool sync_files(struct copy_clistate *cp_clistate, const char *mask);
}
result = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, false,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&pol);
if (!NT_STATUS_IS_OK(result)) {
d_fprintf(stderr, "open_policy failed: %s\n",
NTSTATUS nt_status;
DOM_SID *domain_sid;
const char *domain_name;
+ int ret = -1;
/* make use of cli_state handed over as an argument, if possible */
if (!cli_arg) {
if (!(mem_ctx = talloc_init("run_rpc_command"))) {
DEBUG(0, ("talloc_init() failed\n"));
- cli_shutdown(cli);
- return -1;
+ goto fail;
}
nt_status = net_get_remote_domain_sid(cli, mem_ctx, &domain_sid,
&domain_name);
if (!NT_STATUS_IS_OK(nt_status)) {
- cli_shutdown(cli);
- return -1;
+ goto fail;
}
if (!(conn_flags & NET_FLAGS_NO_PIPE)) {
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Could not initialise schannel netlogon pipe. Error was %s\n",
nt_errstr(nt_status) ));
- cli_shutdown(cli);
- return -1;
+ goto fail;
}
} else {
if (conn_flags & NET_FLAGS_SEAL) {
DEBUG(0, ("Could not initialise pipe %s. Error was %s\n",
get_pipe_name_from_iface(interface),
nt_errstr(nt_status) ));
- cli_shutdown(cli);
- return -1;
+ goto fail;
}
}
}
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(1, ("rpc command function failed! (%s)\n", nt_errstr(nt_status)));
} else {
+ ret = 0;
DEBUG(5, ("rpc command function succedded\n"));
}
}
}
+fail:
/* close the connection only if it was opened here */
if (!cli_arg) {
cli_shutdown(cli);
}
talloc_destroy(mem_ctx);
- return (!NT_STATUS_IS_OK(nt_status));
+ return ret;
}
/**
}
result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, false,
- SEC_RIGHTS_MAXIMUM_ALLOWED, &lsa_pol);
+ SEC_FLAG_MAXIMUM_ALLOWED, &lsa_pol);
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
result = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, true,
- SEC_RIGHTS_MAXIMUM_ALLOWED, &lsa_pol);
+ SEC_FLAG_MAXIMUM_ALLOWED, &lsa_pol);
if (!NT_STATUS_IS_OK(result)) {
d_fprintf(stderr, "Couldn't open LSA policy handle\n");
struct policy_handle lsa_pol;
result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&lsa_pol);
if (!NT_STATUS_IS_OK(result))
return result;
wbc_status = wbcGidToSid(gid, &wsid);
if (!WBC_ERROR_IS_OK(wbc_status)) {
- DEBUG(1, ("winbind could not find SID of gid %d: %s\n",
- gid, wbcErrorString(wbc_status)));
+ DEBUG(1, ("winbind could not find SID of gid %u: %s\n",
+ (unsigned int)gid, wbcErrorString(wbc_status)));
wbcFreeMemory(groups);
return false;
}
int num_tokens,
struct user_token *tokens)
{
- int fnum;
+ uint16_t fnum;
SEC_DESC *share_sd = NULL;
SEC_DESC *root_sd = NULL;
struct cli_state *cli = rpc_pipe_np_smb_conn(pipe_hnd);
return;
}
- fnum = cli_nt_create(cli, "\\", READ_CONTROL_ACCESS);
-
- if (fnum != -1) {
+ if (!NT_STATUS_IS_OK(cli_ntcreate(cli, "\\", 0, READ_CONTROL_ACCESS, 0,
+ FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0x0, 0x0, &fnum))) {
root_sd = cli_query_secdesc(cli, fnum, mem_ctx);
}
d_printf(" %s\n", tokens[i].name);
}
- if (fnum != -1)
+ if (fnum != (uint16_t)-1)
cli_close(cli, fnum);
cli_tdis(cli);
cli->cnum = cnum;
return -1;
}
- nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, true, SEC_RIGHTS_QUERY_VALUE,
+ nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, true, KEY_QUERY_VALUE,
&connect_hnd);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't open policy handle. Error was %s\n",
NTSTATUS nt_status;
union lsa_TrustedDomainInfo *info = NULL;
char *cleartextpwd = NULL;
- uint8_t nt_hash[16];
- DATA_BLOB data;
+ uint8_t session_key[16];
+ DATA_BLOB session_key_blob;
+ DATA_BLOB data = data_blob_null;
nt_status = rpccli_lsa_QueryTrustedDomainInfoBySid(pipe_hnd, mem_ctx,
pol,
data = data_blob(info->password.password->data,
info->password.password->length);
- if (!rpccli_get_pwd_hash(pipe_hnd, nt_hash)) {
+ if (!rpccli_get_pwd_hash(pipe_hnd, session_key)) {
DEBUG(0, ("Could not retrieve password hash\n"));
goto done;
}
- cleartextpwd = decrypt_trustdom_secret(nt_hash, &data);
+ session_key_blob = data_blob_const(session_key, sizeof(session_key));
+ cleartextpwd = sess_decrypt_string(mem_ctx, &data, &session_key_blob);
if (cleartextpwd == NULL) {
DEBUG(0,("retrieved NULL password\n"));
return -1;
};
- nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, false, SEC_RIGHTS_QUERY_VALUE,
+ nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, false, KEY_QUERY_VALUE,
&connect_hnd);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't open policy handle. Error was %s\n",
return -1;
};
- nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, false, SEC_RIGHTS_QUERY_VALUE,
+ nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, false, KEY_QUERY_VALUE,
&connect_hnd);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't open policy handle. Error was %s\n",
/* SamrConnect2 */
nt_status = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->desthost,
- SAMR_ACCESS_OPEN_DOMAIN,
+ SAMR_ACCESS_LOOKUP_DOMAIN,
&connect_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Couldn't open SAMR policy handle. Error was %s\n",
int net_rpc(struct net_context *c, int argc, const char **argv)
{
+ NET_API_STATUS status;
+
struct functable func[] = {
{
"audit",
},
{NULL, NULL, 0, NULL, NULL}
};
+
+ status = libnetapi_init(&c->netapi_ctx);
+ if (status != 0) {
+ return -1;
+ }
+ libnetapi_set_username(c->netapi_ctx, c->opt_user_name);
+ libnetapi_set_password(c->netapi_ctx, c->opt_password);
+ if (c->opt_kerberos) {
+ libnetapi_set_use_kerberos(c->netapi_ctx);
+ }
+
return net_run_function(c, argc, argv, "net rpc", func);
}
git.samba.org / metze / samba / wip.git / blobdiff