1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-27 14:04:05 +03:00

s3-net: modify the current "net ads kerberos pac" command.

Rename it to "net ads kerberos pac dump" and add a "type=num" option to allow
dumping of individial pac buffer types. Ommitting type= or using type=0 will
dump the whole PAC structure on stdout.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
Günther Deschner 2014-03-11 18:14:39 +01:00
parent a8c2807a26
commit 9e01f3cbc4

View File

@ -2597,27 +2597,15 @@ static int net_ads_kerberos_renew(struct net_context *c, int argc, const char **
return ret;
}
static int net_ads_kerberos_pac(struct net_context *c, int argc, const char **argv)
static int net_ads_kerberos_pac_common(struct net_context *c, int argc, const char **argv,
struct PAC_DATA_CTR **pac_data_ctr)
{
struct PAC_LOGON_INFO *info = NULL;
struct PAC_DATA *pac_data = NULL;
struct PAC_DATA_CTR *pac_data_ctr = NULL;
TALLOC_CTX *mem_ctx = NULL;
NTSTATUS status;
int ret = -1;
const char *impersonate_princ_s = NULL;
const char *local_service = NULL;
int i;
if (c->display_usage) {
d_printf( "%s\n"
"net ads kerberos pac [impersonation_principal]\n"
" %s\n",
_("Usage:"),
_("Dump the Kerberos PAC"));
return 0;
}
for (i=0; i<argc; i++) {
if (strnequal(argv[i], "impersonate", strlen("impersonate"))) {
impersonate_princ_s = get_string_param(argv[i]);
@ -2633,13 +2621,8 @@ static int net_ads_kerberos_pac(struct net_context *c, int argc, const char **ar
}
}
mem_ctx = talloc_init("net_ads_kerberos_pac");
if (!mem_ctx) {
goto out;
}
if (local_service == NULL) {
local_service = talloc_asprintf(mem_ctx, "%s$@%s",
local_service = talloc_asprintf(c, "%s$@%s",
lp_netbios_name(), lp_realm());
if (local_service == NULL) {
goto out;
@ -2648,7 +2631,7 @@ static int net_ads_kerberos_pac(struct net_context *c, int argc, const char **ar
c->opt_password = net_prompt_pass(c, c->opt_user_name);
status = kerberos_return_pac(mem_ctx,
status = kerberos_return_pac(c,
c->opt_user_name,
c->opt_password,
0,
@ -2660,39 +2643,95 @@ static int net_ads_kerberos_pac(struct net_context *c, int argc, const char **ar
2592000, /* one month */
impersonate_princ_s,
local_service,
&pac_data_ctr);
pac_data_ctr);
if (!NT_STATUS_IS_OK(status)) {
d_printf(_("failed to query kerberos PAC: %s\n"),
nt_errstr(status));
goto out;
}
pac_data = pac_data_ctr->pac_data;
ret = 0;
out:
return ret;
}
for (i=0; i < pac_data->num_buffers; i++) {
static int net_ads_kerberos_pac_dump(struct net_context *c, int argc, const char **argv)
{
struct PAC_DATA_CTR *pac_data_ctr = NULL;
int i;
int ret = -1;
enum PAC_TYPE type = 0;
if (pac_data->buffers[i].type != PAC_TYPE_LOGON_INFO) {
if (c->display_usage) {
d_printf( "%s\n"
"net ads kerberos pac dump [impersonate=string] [local_service=string] [pac_buffer_type=int]\n"
" %s\n",
_("Usage:"),
_("Dump the Kerberos PAC"));
return -1;
}
for (i=0; i<argc; i++) {
if (strnequal(argv[i], "pac_buffer_type", strlen("pac_buffer_type"))) {
type = get_int_param(argv[i]);
}
}
ret = net_ads_kerberos_pac_common(c, argc, argv, &pac_data_ctr);
if (ret) {
return ret;
}
if (type == 0) {
char *s = NULL;
s = NDR_PRINT_STRUCT_STRING(c, PAC_DATA,
pac_data_ctr->pac_data);
if (s != NULL) {
d_printf(_("The Pac: %s\n"), s);
talloc_free(s);
}
return 0;
}
for (i=0; i < pac_data_ctr->pac_data->num_buffers; i++) {
char *s = NULL;
if (pac_data_ctr->pac_data->buffers[i].type != type) {
continue;
}
info = pac_data->buffers[i].info->logon_info.info;
if (!info) {
goto out;
s = NDR_PRINT_UNION_STRING(c, PAC_INFO, type,
pac_data_ctr->pac_data->buffers[i].info);
if (s != NULL) {
d_printf(_("The Pac: %s\n"), s);
talloc_free(s);
}
break;
}
if (info) {
const char *s;
s = NDR_PRINT_STRUCT_STRING(mem_ctx, PAC_LOGON_INFO, info);
d_printf(_("The Pac: %s\n"), s);
}
return 0;
}
ret = 0;
out:
TALLOC_FREE(mem_ctx);
return ret;
static int net_ads_kerberos_pac(struct net_context *c, int argc, const char **argv)
{
struct functable func[] = {
{
"dump",
net_ads_kerberos_pac_dump,
NET_TRANSPORT_ADS,
N_("Dump Kerberos PAC"),
N_("net ads kerberos pac dump\n"
" Dump a Kerberos PAC to stdout")
},
{NULL, NULL, 0, NULL, NULL}
};
return net_run_function(c, argc, argv, "net ads kerberos pac", func);
}
static int net_ads_kerberos_kinit(struct net_context *c, int argc, const char **argv)