mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
r5928: Use cli_credentials in:
- gtk+ (returned by GtkHostBindingDialog as well now) - torture/ - librpc/ - lib/com/dcom/
This commit is contained in:
parent
e5bc6f4f17
commit
ccefd78233
@ -2555,10 +2555,7 @@ static BOOL browse_host(const char *query_host)
|
||||
status = dcerpc_pipe_connect(&p, binding,
|
||||
DCERPC_SRVSVC_UUID,
|
||||
DCERPC_SRVSVC_VERSION,
|
||||
lp_netbios_name(),
|
||||
cli_credentials_get_domain(cmdline_credentials),
|
||||
cli_credentials_get_username(cmdline_credentials),
|
||||
cli_credentials_get_password(cmdline_credentials));
|
||||
cmdline_credentials);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
d_printf("Failed to connect to %s - %s\n",
|
||||
binding, nt_errstr(status));
|
||||
|
@ -297,19 +297,14 @@ GtkWidget *gtk_rpc_binding_dialog_new (BOOL nocredentials, struct sam_pipe *sam_
|
||||
return GTK_WIDGET(d);
|
||||
}
|
||||
|
||||
const char *gtk_rpc_binding_dialog_get_username(GtkRpcBindingDialog *d)
|
||||
struct cli_credentials *gtk_rpc_binding_dialog_get_credentials(GtkRpcBindingDialog *d)
|
||||
{
|
||||
return gtk_entry_get_text(GTK_ENTRY(d->entry_username));
|
||||
}
|
||||
|
||||
const char *gtk_rpc_binding_dialog_get_userdomain(GtkRpcBindingDialog *d)
|
||||
{
|
||||
return gtk_entry_get_text(GTK_ENTRY(d->entry_userdomain));
|
||||
}
|
||||
|
||||
const char *gtk_rpc_binding_dialog_get_password(GtkRpcBindingDialog *d)
|
||||
{
|
||||
return gtk_entry_get_text(GTK_ENTRY(d->entry_password));
|
||||
struct cli_credentials *ret = talloc(d->mem_ctx, struct cli_credentials);
|
||||
cli_credentials_set_username(ret, gtk_entry_get_text(GTK_ENTRY(d->entry_username)), CRED_SPECIFIED);
|
||||
cli_credentials_set_password(ret, gtk_entry_get_text(GTK_ENTRY(d->entry_password)), CRED_SPECIFIED);
|
||||
cli_credentials_set_domain(ret, gtk_entry_get_text(GTK_ENTRY(d->entry_userdomain)), CRED_SPECIFIED);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
const char *gtk_rpc_binding_dialog_get_host(GtkRpcBindingDialog *d)
|
||||
|
@ -71,9 +71,7 @@ const char *gtk_select_host_dialog_get_host (GtkSelectHostDialog *d);
|
||||
GType gtk_select_host_dialog_get_type (void);
|
||||
void gtk_show_werror(GtkWidget *win, WERROR err);
|
||||
const char *gtk_rpc_binding_dialog_get_binding_string(GtkRpcBindingDialog *d, TALLOC_CTX *mem_ctx);
|
||||
const char *gtk_rpc_binding_dialog_get_username(GtkRpcBindingDialog *d);
|
||||
const char *gtk_rpc_binding_dialog_get_userdomain(GtkRpcBindingDialog *d);
|
||||
const char *gtk_rpc_binding_dialog_get_password(GtkRpcBindingDialog *d);
|
||||
struct cli_credentials *gtk_rpc_binding_dialog_get_credentials(GtkRpcBindingDialog *d);
|
||||
const char *gtk_rpc_binding_dialog_get_host(GtkRpcBindingDialog *d);
|
||||
GtkWidget *gtk_select_domain_dialog_new (struct dcerpc_pipe *sam_pipe);
|
||||
GType gtk_select_domain_dialog_get_type (void);
|
||||
|
@ -25,6 +25,7 @@
|
||||
#include "librpc/gen_ndr/ndr_mgmt.h"
|
||||
#include "gtk/common/select.h"
|
||||
#include "gtk/common/gtk-smb.h"
|
||||
#include "lib/cmdline/popt_common.h"
|
||||
|
||||
/*
|
||||
* Show:
|
||||
@ -189,7 +190,7 @@ static void on_connect_clicked(GtkButton *btn, gpointer user_data)
|
||||
|
||||
status = dcerpc_pipe_connect(&epmapper_pipe, bs,
|
||||
DCERPC_EPMAPPER_UUID, DCERPC_EPMAPPER_VERSION,
|
||||
lp_netbios_name(), lp_workgroup(), "", "");
|
||||
cmdline_credentials);
|
||||
|
||||
if (NT_STATUS_IS_ERR(status)) {
|
||||
gtk_show_ntstatus(mainwin, status);
|
||||
|
@ -405,8 +405,7 @@ static void on_open_remote_activate(GtkMenuItem *menuitem, gpointer user_data)
|
||||
}
|
||||
|
||||
error = reg_open_remote(®istry,
|
||||
gtk_rpc_binding_dialog_get_username(GTK_RPC_BINDING_DIALOG(rpcwin)),
|
||||
gtk_rpc_binding_dialog_get_password(GTK_RPC_BINDING_DIALOG(rpcwin)),
|
||||
gtk_rpc_binding_dialog_get_credentials(GTK_RPC_BINDING_DIALOG(rpcwin)),
|
||||
gtk_rpc_binding_dialog_get_binding_string(GTK_RPC_BINDING_DIALOG(rpcwin), mem_ctx));
|
||||
|
||||
if(!W_ERROR_IS_OK(error)) {
|
||||
|
@ -107,10 +107,7 @@ on_connect_activate (GtkMenuItem *menuitem,
|
||||
gtk_rpc_binding_dialog_get_binding(d, mem_ctx),
|
||||
DCERPC_ATSVC_UUID,
|
||||
DCERPC_ATSVC_VERSION,
|
||||
lp_netbios_name(),
|
||||
gtk_rpc_binding_dialog_get_userdomain(d),
|
||||
gtk_rpc_binding_dialog_get_username(d),
|
||||
gtk_rpc_binding_dialog_get_password(d));
|
||||
gtk_rpc_binding_dialog_get_credentials(d));
|
||||
|
||||
if(!NT_STATUS_IS_OK(status)) {
|
||||
gtk_show_ntstatus(mainwin, status);
|
||||
|
@ -131,10 +131,8 @@ static void connect_sam(void)
|
||||
status = dcerpc_pipe_connect_b(&sam_pipe,
|
||||
gtk_rpc_binding_dialog_get_binding(d, mem_ctx),
|
||||
DCERPC_SAMR_UUID, DCERPC_SAMR_VERSION,
|
||||
lp_netbios_name(),
|
||||
gtk_rpc_binding_dialog_get_userdomain(d),
|
||||
gtk_rpc_binding_dialog_get_username(d),
|
||||
gtk_rpc_binding_dialog_get_password(d));
|
||||
gtk_rpc_binding_dialog_get_credentials(d)
|
||||
);
|
||||
|
||||
if(!NT_STATUS_IS_OK(status)) {
|
||||
gtk_show_ntstatus(mainwin, status);
|
||||
|
@ -51,3 +51,5 @@ struct cli_credentials {
|
||||
|
||||
void *priv_data;
|
||||
};
|
||||
|
||||
#define cli_credentials_is_anonymous(c) (!(c) || !(c)->username || !(c)->username[0])
|
||||
|
@ -22,9 +22,7 @@
|
||||
#define _DCOM_H
|
||||
|
||||
struct dcom_client_context {
|
||||
const char *domain;
|
||||
const char *user;
|
||||
const char *password;
|
||||
struct cli_credentials *credentials;
|
||||
struct dcom_object_exporter {
|
||||
uint64_t oxid;
|
||||
struct DUALSTRINGARRAY bindings;
|
||||
|
@ -30,12 +30,10 @@
|
||||
|
||||
#define DCOM_NEGOTIATED_PROTOCOLS { EPM_PROTOCOL_TCP, EPM_PROTOCOL_SMB, EPM_PROTOCOL_NCALRPC }
|
||||
|
||||
struct dcom_client_context *dcom_client_init(struct com_context *ctx, const char *domain, const char *user, const char *password)
|
||||
struct dcom_client_context *dcom_client_init(struct com_context *ctx, struct cli_credentials *credentials)
|
||||
{
|
||||
ctx->dcom = talloc(ctx, struct dcom_client_context);
|
||||
ctx->dcom->domain = domain;
|
||||
ctx->dcom->user = user;
|
||||
ctx->dcom->password = password;
|
||||
ctx->dcom->credentials = credentials;
|
||||
|
||||
return ctx->dcom;
|
||||
}
|
||||
@ -86,8 +84,7 @@ static NTSTATUS dcom_connect_host(struct com_context *ctx, struct dcerpc_pipe **
|
||||
return dcerpc_pipe_connect(p, "ncalrpc",
|
||||
DCERPC_IREMOTEACTIVATION_UUID,
|
||||
DCERPC_IREMOTEACTIVATION_VERSION,
|
||||
lp_netbios_name(),
|
||||
ctx->dcom->domain, ctx->dcom->user, ctx->dcom->password);
|
||||
ctx->dcom->credentials);
|
||||
}
|
||||
|
||||
/* Allow server name to contain a binding string */
|
||||
@ -95,8 +92,7 @@ static NTSTATUS dcom_connect_host(struct com_context *ctx, struct dcerpc_pipe **
|
||||
status = dcerpc_pipe_connect_b(p, bd,
|
||||
DCERPC_IREMOTEACTIVATION_UUID,
|
||||
DCERPC_IREMOTEACTIVATION_VERSION,
|
||||
lp_netbios_name(),
|
||||
ctx->dcom->domain, ctx->dcom->user, ctx->dcom->password);
|
||||
ctx->dcom->credentials);
|
||||
|
||||
talloc_free(mem_ctx);
|
||||
return status;
|
||||
@ -113,8 +109,7 @@ static NTSTATUS dcom_connect_host(struct com_context *ctx, struct dcerpc_pipe **
|
||||
status = dcerpc_pipe_connect(p, binding,
|
||||
DCERPC_IREMOTEACTIVATION_UUID,
|
||||
DCERPC_IREMOTEACTIVATION_VERSION,
|
||||
lp_netbios_name(),
|
||||
ctx->dcom->domain, ctx->dcom->user, ctx->dcom->password);
|
||||
ctx->dcom->credentials);
|
||||
|
||||
if (NT_STATUS_IS_OK(status)) {
|
||||
talloc_free(mem_ctx);
|
||||
@ -308,10 +303,7 @@ NTSTATUS dcom_get_pipe (struct IUnknown *iface, struct dcerpc_pipe **pp)
|
||||
} else {
|
||||
status = dcerpc_pipe_connect_b(&p, binding,
|
||||
uuid, 0.0,
|
||||
lp_netbios_name(),
|
||||
iface->ctx->dcom->domain,
|
||||
iface->ctx->dcom->user,
|
||||
iface->ctx->dcom->password);
|
||||
iface->ctx->dcom->credentials);
|
||||
}
|
||||
talloc_free(binding);
|
||||
i++;
|
||||
|
@ -24,6 +24,10 @@
|
||||
|
||||
const char *cli_credentials_get_username(struct cli_credentials *cred)
|
||||
{
|
||||
if (cred == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (cred->username_obtained == CRED_CALLBACK) {
|
||||
cred->username = cred->username_cb(cred);
|
||||
cred->username_obtained = CRED_SPECIFIED;
|
||||
@ -45,6 +49,10 @@ BOOL cli_credentials_set_username(struct cli_credentials *cred, const char *val,
|
||||
|
||||
const char *cli_credentials_get_password(struct cli_credentials *cred)
|
||||
{
|
||||
if (cred == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (cred->password_obtained == CRED_CALLBACK) {
|
||||
cred->password = cred->password_cb(cred);
|
||||
cred->password_obtained = CRED_SPECIFIED;
|
||||
@ -66,6 +74,10 @@ BOOL cli_credentials_set_password(struct cli_credentials *cred, const char *val,
|
||||
|
||||
const char *cli_credentials_get_domain(struct cli_credentials *cred)
|
||||
{
|
||||
if (cred == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (cred->domain_obtained == CRED_CALLBACK) {
|
||||
cred->domain = cred->domain_cb(cred);
|
||||
cred->domain_obtained = CRED_SPECIFIED;
|
||||
@ -87,7 +99,11 @@ BOOL cli_credentials_set_domain(struct cli_credentials *cred, const char *val, e
|
||||
}
|
||||
|
||||
const char *cli_credentials_get_realm(struct cli_credentials *cred)
|
||||
{
|
||||
{
|
||||
if (cred == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (cred->realm_obtained == CRED_CALLBACK) {
|
||||
cred->realm = cred->realm_cb(cred);
|
||||
cred->realm_obtained = CRED_SPECIFIED;
|
||||
@ -109,6 +125,10 @@ BOOL cli_credentials_set_realm(struct cli_credentials *cred, const char *val, en
|
||||
|
||||
const char *cli_credentials_get_workstation(struct cli_credentials *cred)
|
||||
{
|
||||
if (cred == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (cred->workstation_obtained == CRED_CALLBACK) {
|
||||
cred->workstation = cred->workstation_cb(cred);
|
||||
cred->workstation_obtained = CRED_SPECIFIED;
|
||||
@ -246,7 +266,7 @@ void cli_credentials_parse_string(struct cli_credentials *credentials, const cha
|
||||
uname = talloc_strdup(credentials, data);
|
||||
cli_credentials_set_username(credentials, uname, obtained);
|
||||
|
||||
if ((p = strchr_m(uname,'\\'))) {
|
||||
if ((p = strchr_m(uname,'\\')) || (p = strchr_m(uname, '/'))) {
|
||||
*p = 0;
|
||||
cli_credentials_set_domain(credentials, uname, obtained);
|
||||
credentials->username = uname = p+1;
|
||||
|
@ -369,7 +369,7 @@ static struct hive_operations reg_backend_rpc = {
|
||||
.num_values = rpc_num_values,
|
||||
};
|
||||
|
||||
WERROR reg_open_remote (struct registry_context **ctx, const char *user, const char *pass, const char *location)
|
||||
WERROR reg_open_remote (struct registry_context **ctx, struct cli_credentials *credentials, const char *location)
|
||||
{
|
||||
NTSTATUS status;
|
||||
struct dcerpc_pipe *p;
|
||||
@ -384,9 +384,7 @@ WERROR reg_open_remote (struct registry_context **ctx, const char *user, const c
|
||||
status = dcerpc_pipe_connect(&p, location,
|
||||
DCERPC_WINREG_UUID,
|
||||
DCERPC_WINREG_VERSION,
|
||||
lp_netbios_name(),
|
||||
lp_workgroup(),
|
||||
user, pass);
|
||||
credentials);
|
||||
(*ctx)->backend_data = p;
|
||||
|
||||
if(NT_STATUS_IS_ERR(status)) {
|
||||
|
@ -146,8 +146,9 @@ static void writediff(struct registry_key *oldkey, struct registry_key *newkey,
|
||||
else if (!h2) error = reg_open_local(&h2);
|
||||
break;
|
||||
case 'R':
|
||||
if (!h1 && !from_null) error = reg_open_remote(&h1, cli_credentials_get_username(cmdline_credentials), cli_credentials_get_password(cmdline_credentials), poptGetOptArg(pc));
|
||||
else if (!h2) error = reg_open_remote(&h2, cli_credentials_get_username(cmdline_credentials), cli_credentials_get_password(cmdline_credentials), poptGetOptArg(pc));
|
||||
if (!h1 && !from_null)
|
||||
error = reg_open_remote(&h1, cmdline_credentials, poptGetOptArg(pc));
|
||||
else if (!h2) error = reg_open_remote(&h2, cmdline_credentials, poptGetOptArg(pc));
|
||||
break;
|
||||
}
|
||||
|
||||
|
@ -769,7 +769,7 @@ static int nt_apply_reg_command_file(struct registry_context *r, const char *cmd
|
||||
setup_logging(argv[0], True);
|
||||
|
||||
if (remote) {
|
||||
error = reg_open_remote (&h, cli_credentials_get_username(cmdline_credentials), cli_credentials_get_password(cmdline_credentials), remote);
|
||||
error = reg_open_remote (&h, cmdline_credentials, remote);
|
||||
} else {
|
||||
error = reg_open_local (&h);
|
||||
}
|
||||
|
@ -395,7 +395,7 @@ static char **reg_completion(const char *text, int start, int end)
|
||||
setup_logging("regtree", True);
|
||||
|
||||
if (remote) {
|
||||
error = reg_open_remote (&h, cli_credentials_get_username(cmdline_credentials), cli_credentials_get_password(cmdline_credentials), remote);
|
||||
error = reg_open_remote (&h, cmdline_credentials, remote);
|
||||
} else if (backend) {
|
||||
error = reg_open_hive(NULL, backend, poptGetArg(pc), NULL, &curkey);
|
||||
} else {
|
||||
|
@ -105,7 +105,7 @@ static void print_tree(int l, struct registry_key *p, int fullpath, int novals)
|
||||
setup_logging("regtree", True);
|
||||
|
||||
if (remote) {
|
||||
error = reg_open_remote(&h, cli_credentials_get_username(cmdline_credentials), cli_credentials_get_password(cmdline_credentials), remote);
|
||||
error = reg_open_remote(&h, cmdline_credentials, remote);
|
||||
} else if (backend) {
|
||||
error = reg_open_hive(NULL, backend, poptGetArg(pc), NULL, &root);
|
||||
} else {
|
||||
|
@ -506,61 +506,6 @@ BOOL gensec_have_feature(struct gensec_security *gensec_security,
|
||||
return gensec_security->ops->have_feature(gensec_security, feature);
|
||||
}
|
||||
|
||||
/**
|
||||
* Set a username on a GENSEC context - ensures it is talloc()ed
|
||||
*
|
||||
*/
|
||||
|
||||
NTSTATUS gensec_set_unparsed_username(struct gensec_security *gensec_security, const char *user)
|
||||
{
|
||||
char *p;
|
||||
char *u = talloc_strdup(gensec_security, user);
|
||||
if (!u) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
p = strchr_m(user, '@');
|
||||
|
||||
if (p) {
|
||||
*p = '\0';
|
||||
gensec_security->user.name = talloc_strdup(gensec_security, u);
|
||||
if (!gensec_security->user.name) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
gensec_security->user.realm = talloc_strdup(gensec_security, p+1);
|
||||
if (!gensec_security->user.realm) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
p = strchr_m(user, '\\');
|
||||
if (!p) {
|
||||
p = strchr_m(user, '/');
|
||||
}
|
||||
|
||||
if (p) {
|
||||
*p = '\0';
|
||||
gensec_security->user.domain = talloc_strdup(gensec_security, u);
|
||||
if (!gensec_security->user.domain) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
gensec_security->user.name = talloc_strdup(gensec_security, p+1);
|
||||
if (!gensec_security->user.name) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
gensec_security->user.name = u;
|
||||
if (!gensec_security->user.name) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set a username on a GENSEC context - ensures it is talloc()ed
|
||||
*
|
||||
@ -569,7 +514,7 @@ NTSTATUS gensec_set_unparsed_username(struct gensec_security *gensec_security, c
|
||||
NTSTATUS gensec_set_username(struct gensec_security *gensec_security, const char *user)
|
||||
{
|
||||
gensec_security->user.name = talloc_strdup(gensec_security, user);
|
||||
if (!gensec_security->user.name) {
|
||||
if (user && !gensec_security->user.name) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
return NT_STATUS_OK;
|
||||
@ -596,7 +541,7 @@ const char *gensec_get_username(struct gensec_security *gensec_security)
|
||||
NTSTATUS gensec_set_domain(struct gensec_security *gensec_security, const char *domain)
|
||||
{
|
||||
gensec_security->user.domain = talloc_strdup(gensec_security, domain);
|
||||
if (!gensec_security->user.domain) {
|
||||
if (domain && !gensec_security->user.domain) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
return NT_STATUS_OK;
|
||||
@ -625,7 +570,7 @@ const char *gensec_get_domain(struct gensec_security *gensec_security)
|
||||
NTSTATUS gensec_set_workstation(struct gensec_security *gensec_security, const char *workstation)
|
||||
{
|
||||
gensec_security->user.workstation = talloc_strdup(gensec_security, workstation);
|
||||
if (!gensec_security->user.workstation) {
|
||||
if (workstation && !gensec_security->user.workstation) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
return NT_STATUS_OK;
|
||||
@ -653,7 +598,7 @@ const char *gensec_get_workstation(struct gensec_security *gensec_security)
|
||||
NTSTATUS gensec_set_realm(struct gensec_security *gensec_security, const char *realm)
|
||||
{
|
||||
gensec_security->user.realm = talloc_strdup(gensec_security, realm);
|
||||
if (!gensec_security->user.realm) {
|
||||
if (realm && !gensec_security->user.realm) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
return NT_STATUS_OK;
|
||||
|
@ -101,10 +101,7 @@ static NTSTATUS libnet_rpc_connect_standard(struct libnet_context *ctx, TALLOC_C
|
||||
binding,
|
||||
r->standard.in.dcerpc_iface_uuid,
|
||||
r->standard.in.dcerpc_iface_version,
|
||||
lp_netbios_name(),
|
||||
cli_credentials_get_domain(ctx->credentials),
|
||||
cli_credentials_get_username(ctx->credentials),
|
||||
cli_credentials_get_password(ctx->credentials));
|
||||
ctx->credentials);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
r->standard.out.error_string = talloc_asprintf(mem_ctx,
|
||||
"dcerpc_pipe_connect to pipe %s failed with %s\n",
|
||||
|
@ -143,10 +143,7 @@ done:
|
||||
*/
|
||||
NTSTATUS dcerpc_bind_auth_password(struct dcerpc_pipe *p,
|
||||
const char *uuid, uint_t version,
|
||||
const char *workstation,
|
||||
const char *domain,
|
||||
const char *username,
|
||||
const char *password,
|
||||
struct cli_credentials *credentials,
|
||||
uint8_t auth_type,
|
||||
const char *service)
|
||||
{
|
||||
@ -162,28 +159,32 @@ NTSTATUS dcerpc_bind_auth_password(struct dcerpc_pipe *p,
|
||||
return status;
|
||||
}
|
||||
|
||||
status = gensec_set_workstation(p->conn->security_state.generic_state, workstation);
|
||||
status = gensec_set_workstation(p->conn->security_state.generic_state,
|
||||
cli_credentials_get_workstation(credentials));
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
DEBUG(1, ("Failed to start set GENSEC client workstation name to %s: %s\n",
|
||||
workstation, nt_errstr(status)));
|
||||
cli_credentials_get_workstation(credentials), nt_errstr(status)));
|
||||
return status;
|
||||
}
|
||||
|
||||
status = gensec_set_domain(p->conn->security_state.generic_state, domain);
|
||||
status = gensec_set_domain(p->conn->security_state.generic_state,
|
||||
cli_credentials_get_domain(credentials));
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
DEBUG(1, ("Failed to start set GENSEC client domain to %s: %s\n",
|
||||
domain, nt_errstr(status)));
|
||||
cli_credentials_get_domain(credentials), nt_errstr(status)));
|
||||
return status;
|
||||
}
|
||||
|
||||
status = gensec_set_username(p->conn->security_state.generic_state, username);
|
||||
status = gensec_set_username(p->conn->security_state.generic_state,
|
||||
cli_credentials_get_username(credentials));
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
DEBUG(1, ("Failed to start set GENSEC client username to %s: %s\n",
|
||||
username, nt_errstr(status)));
|
||||
cli_credentials_get_username(credentials), nt_errstr(status)));
|
||||
return status;
|
||||
}
|
||||
|
||||
status = gensec_set_password(p->conn->security_state.generic_state, password);
|
||||
status = gensec_set_password(p->conn->security_state.generic_state,
|
||||
cli_credentials_get_password(credentials));
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
DEBUG(1, ("Failed to start set GENSEC client password: %s\n",
|
||||
nt_errstr(status)));
|
||||
|
@ -295,10 +295,7 @@ static NTSTATUS dcerpc_schannel_client_start(struct gensec_security *gensec_secu
|
||||
get a schannel key using a netlogon challenge on a secondary pipe
|
||||
*/
|
||||
static NTSTATUS dcerpc_schannel_key(struct dcerpc_pipe *p,
|
||||
const char *workstation,
|
||||
const char *domain,
|
||||
const char *username,
|
||||
const char *password,
|
||||
struct cli_credentials *credentials,
|
||||
int chan_type,
|
||||
struct creds_CredentialState *creds)
|
||||
{
|
||||
@ -319,7 +316,7 @@ static NTSTATUS dcerpc_schannel_key(struct dcerpc_pipe *p,
|
||||
negotiate_flags = NETLOGON_NEG_AUTH2_FLAGS;
|
||||
}
|
||||
|
||||
workgroup = domain;
|
||||
workgroup = cli_credentials_get_domain(credentials);
|
||||
|
||||
tmp_ctx = talloc_new(NULL);
|
||||
|
||||
@ -363,7 +360,7 @@ static NTSTATUS dcerpc_schannel_key(struct dcerpc_pipe *p,
|
||||
step 2 - request a netlogon challenge
|
||||
*/
|
||||
r.in.server_name = talloc_asprintf(p, "\\\\%s", dcerpc_server_name(p));
|
||||
r.in.computer_name = workstation;
|
||||
r.in.computer_name = cli_credentials_get_workstation(credentials);
|
||||
r.in.credentials = &credentials1;
|
||||
r.out.credentials = &credentials2;
|
||||
|
||||
@ -377,16 +374,18 @@ static NTSTATUS dcerpc_schannel_key(struct dcerpc_pipe *p,
|
||||
/*
|
||||
step 3 - authenticate on the netlogon pipe
|
||||
*/
|
||||
E_md4hash(password, mach_pwd.hash);
|
||||
E_md4hash(cli_credentials_get_password(credentials), mach_pwd.hash);
|
||||
creds_client_init(creds, &credentials1, &credentials2,
|
||||
workstation, domain, username,
|
||||
cli_credentials_get_workstation(credentials),
|
||||
cli_credentials_get_domain(credentials),
|
||||
cli_credentials_get_username(credentials),
|
||||
&mach_pwd, &credentials3,
|
||||
negotiate_flags);
|
||||
|
||||
a.in.server_name = r.in.server_name;
|
||||
a.in.account_name = username;
|
||||
a.in.account_name = cli_credentials_get_username(credentials);
|
||||
a.in.secure_channel_type = chan_type;
|
||||
a.in.computer_name = workstation;
|
||||
a.in.computer_name = cli_credentials_get_workstation(credentials);
|
||||
a.in.negotiate_flags = &negotiate_flags;
|
||||
a.out.negotiate_flags = &negotiate_flags;
|
||||
a.in.credentials = &credentials3;
|
||||
@ -483,10 +482,7 @@ NTSTATUS dcerpc_bind_auth_schannel_withkey(struct dcerpc_pipe *p,
|
||||
|
||||
NTSTATUS dcerpc_bind_auth_schannel(struct dcerpc_pipe *p,
|
||||
const char *uuid, uint_t version,
|
||||
const char *workstation,
|
||||
const char *domain,
|
||||
const char *username,
|
||||
const char *password)
|
||||
struct cli_credentials *credentials)
|
||||
{
|
||||
NTSTATUS status;
|
||||
int chan_type = 0;
|
||||
@ -504,10 +500,7 @@ NTSTATUS dcerpc_bind_auth_schannel(struct dcerpc_pipe *p,
|
||||
chan_type = SEC_CHAN_DOMAIN;
|
||||
}
|
||||
|
||||
status = dcerpc_schannel_key(p, domain,
|
||||
workstation,
|
||||
username,
|
||||
password,
|
||||
status = dcerpc_schannel_key(p, credentials,
|
||||
chan_type,
|
||||
creds);
|
||||
|
||||
|
@ -796,6 +796,7 @@ NTSTATUS dcerpc_epm_map_binding(TALLOC_CTX *mem_ctx, struct dcerpc_binding *bind
|
||||
struct epm_twr_t twr, *twr_r;
|
||||
struct dcerpc_binding *epmapper_binding;
|
||||
const struct dcerpc_interface_table *table = idl_iface_by_uuid(uuid);
|
||||
struct cli_credentials *credentials;
|
||||
int i;
|
||||
|
||||
/* First, check if there is a default endpoint specified in the IDL */
|
||||
@ -834,11 +835,13 @@ NTSTATUS dcerpc_epm_map_binding(TALLOC_CTX *mem_ctx, struct dcerpc_binding *bind
|
||||
epmapper_binding->endpoint = NULL;
|
||||
epmapper_binding->authservice = NULL;
|
||||
|
||||
credentials = talloc_zero(mem_ctx, struct cli_credentials);
|
||||
cli_credentials_guess(credentials);
|
||||
status = dcerpc_pipe_connect_b(&p,
|
||||
epmapper_binding,
|
||||
DCERPC_EPMAPPER_UUID,
|
||||
DCERPC_EPMAPPER_VERSION,
|
||||
NULL, NULL, NULL, NULL);
|
||||
credentials);
|
||||
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return status;
|
||||
@ -903,10 +906,7 @@ NTSTATUS dcerpc_pipe_auth(struct dcerpc_pipe *p,
|
||||
struct dcerpc_binding *binding,
|
||||
const char *pipe_uuid,
|
||||
uint32_t pipe_version,
|
||||
const char *workstation,
|
||||
const char *domain,
|
||||
const char *username,
|
||||
const char *password)
|
||||
struct cli_credentials *credentials)
|
||||
{
|
||||
NTSTATUS status;
|
||||
p->conn->flags = binding->flags;
|
||||
@ -914,11 +914,11 @@ NTSTATUS dcerpc_pipe_auth(struct dcerpc_pipe *p,
|
||||
/* remember the binding string for possible secondary connections */
|
||||
p->conn->binding_string = dcerpc_binding_string(p, binding);
|
||||
|
||||
if (username && username[0] && (binding->flags & DCERPC_SCHANNEL_ANY)) {
|
||||
if (cli_credentials_is_anonymous(credentials) &&
|
||||
(binding->flags & DCERPC_SCHANNEL_ANY)) {
|
||||
status = dcerpc_bind_auth_schannel(p, pipe_uuid, pipe_version,
|
||||
domain, workstation,
|
||||
username, password);
|
||||
} else if (username && username[0]) {
|
||||
credentials);
|
||||
} else if (cli_credentials_is_anonymous(credentials)) {
|
||||
uint8_t auth_type;
|
||||
if (binding->flags & DCERPC_AUTH_SPNEGO) {
|
||||
auth_type = DCERPC_AUTH_TYPE_SPNEGO;
|
||||
@ -929,10 +929,8 @@ NTSTATUS dcerpc_pipe_auth(struct dcerpc_pipe *p,
|
||||
}
|
||||
|
||||
status = dcerpc_bind_auth_password(p, pipe_uuid, pipe_version,
|
||||
workstation,
|
||||
domain, username, password,
|
||||
auth_type,
|
||||
binding->authservice);
|
||||
credentials, auth_type,
|
||||
binding->authservice);
|
||||
} else {
|
||||
status = dcerpc_bind_auth_none(p, pipe_uuid, pipe_version);
|
||||
}
|
||||
@ -950,10 +948,7 @@ static NTSTATUS dcerpc_pipe_connect_ncacn_np(struct dcerpc_pipe **pp,
|
||||
struct dcerpc_binding *binding,
|
||||
const char *pipe_uuid,
|
||||
uint32_t pipe_version,
|
||||
const char *workstation,
|
||||
const char *domain,
|
||||
const char *username,
|
||||
const char *password)
|
||||
struct cli_credentials *credentials)
|
||||
{
|
||||
struct dcerpc_pipe *p;
|
||||
NTSTATUS status;
|
||||
@ -983,18 +978,21 @@ static NTSTATUS dcerpc_pipe_connect_ncacn_np(struct dcerpc_pipe **pp,
|
||||
|
||||
pipe_name = binding->endpoint;
|
||||
|
||||
if (!username || !username[0] ||
|
||||
if (cli_credentials_is_anonymous(credentials) ||
|
||||
(binding->flags & DCERPC_SCHANNEL_ANY)) {
|
||||
status = smbcli_full_connection(p->conn, &cli, workstation,
|
||||
status = smbcli_full_connection(p->conn, &cli,
|
||||
cli_credentials_get_workstation(credentials),
|
||||
binding->host,
|
||||
"ipc$", NULL,
|
||||
"", "", NULL);
|
||||
} else {
|
||||
status = smbcli_full_connection(p->conn, &cli, workstation,
|
||||
status = smbcli_full_connection(p->conn, &cli,
|
||||
cli_credentials_get_workstation(credentials),
|
||||
binding->host,
|
||||
"ipc$", NULL,
|
||||
username, domain,
|
||||
password);
|
||||
cli_credentials_get_username(credentials),
|
||||
cli_credentials_get_domain(credentials),
|
||||
cli_credentials_get_password(credentials));
|
||||
}
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
DEBUG(0,("Failed to connect to %s - %s\n", binding->host, nt_errstr(status)));
|
||||
@ -1009,10 +1007,6 @@ static NTSTATUS dcerpc_pipe_connect_ncacn_np(struct dcerpc_pipe **pp,
|
||||
return status;
|
||||
}
|
||||
|
||||
if (!(binding->flags & DCERPC_AUTH_OPTIONS)) {
|
||||
username = NULL;
|
||||
}
|
||||
|
||||
(*pp) = p;
|
||||
talloc_free(tmp_ctx);
|
||||
|
||||
@ -1156,17 +1150,13 @@ NTSTATUS dcerpc_pipe_connect_b(struct dcerpc_pipe **pp,
|
||||
struct dcerpc_binding *binding,
|
||||
const char *pipe_uuid,
|
||||
uint32_t pipe_version,
|
||||
const char *workstation,
|
||||
const char *domain,
|
||||
const char *username,
|
||||
const char *password)
|
||||
struct cli_credentials *credentials)
|
||||
{
|
||||
NTSTATUS status = NT_STATUS_INVALID_PARAMETER;
|
||||
|
||||
switch (binding->transport) {
|
||||
case NCACN_NP:
|
||||
status = dcerpc_pipe_connect_ncacn_np(pp, binding, pipe_uuid, pipe_version,
|
||||
workstation, domain, username, password);
|
||||
status = dcerpc_pipe_connect_ncacn_np(pp, binding, pipe_uuid, pipe_version, credentials);
|
||||
break;
|
||||
case NCACN_IP_TCP:
|
||||
status = dcerpc_pipe_connect_ncacn_ip_tcp(pp, binding, pipe_uuid, pipe_version);
|
||||
@ -1185,7 +1175,7 @@ NTSTATUS dcerpc_pipe_connect_b(struct dcerpc_pipe **pp,
|
||||
return status;
|
||||
}
|
||||
|
||||
status = dcerpc_pipe_auth(*pp, binding, pipe_uuid, pipe_version, workstation, domain, username, password);
|
||||
status = dcerpc_pipe_auth(*pp, binding, pipe_uuid, pipe_version, credentials);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
talloc_free(*pp);
|
||||
*pp = NULL;
|
||||
@ -1202,10 +1192,7 @@ NTSTATUS dcerpc_pipe_connect(struct dcerpc_pipe **pp,
|
||||
const char *binding,
|
||||
const char *pipe_uuid,
|
||||
uint32_t pipe_version,
|
||||
const char *workstation,
|
||||
const char *domain,
|
||||
const char *username,
|
||||
const char *password)
|
||||
struct cli_credentials *credentials)
|
||||
{
|
||||
struct dcerpc_binding *b;
|
||||
NTSTATUS status;
|
||||
@ -1225,8 +1212,7 @@ NTSTATUS dcerpc_pipe_connect(struct dcerpc_pipe **pp,
|
||||
|
||||
DEBUG(3,("Using binding %s\n", dcerpc_binding_string(tmp_ctx, b)));
|
||||
|
||||
status = dcerpc_pipe_connect_b(pp, b, pipe_uuid, pipe_version, workstation,
|
||||
domain, username, password);
|
||||
status = dcerpc_pipe_connect_b(pp, b, pipe_uuid, pipe_version, credentials);
|
||||
|
||||
talloc_free(tmp_ctx);
|
||||
|
||||
|
@ -31,6 +31,7 @@ static NTSTATUS remote_op_bind(struct dcesrv_call_state *dce_call, const struct
|
||||
NTSTATUS status;
|
||||
struct dcesrv_remote_private *private;
|
||||
const char *binding = lp_parm_string(-1, "dcerpc_remote", "binding");
|
||||
struct cli_credentials credentials;
|
||||
|
||||
if (!binding) {
|
||||
DEBUG(0,("You must specify a ncacn binding string\n"));
|
||||
@ -42,11 +43,12 @@ static NTSTATUS remote_op_bind(struct dcesrv_call_state *dce_call, const struct
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
status = dcerpc_pipe_connect(&(private->c_pipe), binding, iface->uuid, iface->if_version,
|
||||
lp_netbios_name(),
|
||||
lp_workgroup(),
|
||||
lp_parm_string(-1, "dcerpc_remote", "username"),
|
||||
lp_parm_string(-1, "dcerpc_remote", "password"));
|
||||
cli_credentials_set_username(&credentials, lp_parm_string(-1, "dcerpc_remote", "username"), CRED_SPECIFIED);
|
||||
cli_credentials_set_workstation(&credentials, lp_netbios_name(), CRED_SPECIFIED);
|
||||
cli_credentials_set_domain(&credentials, lp_workgroup(), CRED_SPECIFIED);
|
||||
cli_credentials_set_password(&credentials, lp_parm_string(-1, "dcerpc_remote", "password"), CRED_SPECIFIED);
|
||||
|
||||
status = dcerpc_pipe_connect(&(private->c_pipe), binding, iface->uuid, iface->if_version, &credentials);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return status;
|
||||
}
|
||||
|
@ -22,6 +22,7 @@
|
||||
#include "includes.h"
|
||||
#include "lib/com/com.h"
|
||||
#include "librpc/gen_ndr/com_dcom.h"
|
||||
#include "lib/cmdline/popt_common.h"
|
||||
|
||||
#define DEFAULT_TRANS 4096
|
||||
|
||||
@ -39,7 +40,7 @@ static BOOL test_readwrite(TALLOC_CTX *mem_ctx, const char *host)
|
||||
int i;
|
||||
|
||||
com_init(&ctx);
|
||||
dcom_client_init(ctx, lp_parm_string(-1, "torture", "userdomain"), lp_parm_string(-1, "torture", "username"), lp_parm_string(-1, "torture", "password"));
|
||||
dcom_client_init(ctx, cmdline_credentials);
|
||||
|
||||
GUID_from_string(COM_ISTREAM_UUID, &IID[0]);
|
||||
GUID_from_string(COM_IUNKNOWN_UUID, &IID[1]);
|
||||
|
@ -23,6 +23,7 @@
|
||||
|
||||
#include "includes.h"
|
||||
#include "libcli/ldap/ldap.h"
|
||||
#include "lib/cmdline/popt_common.h"
|
||||
|
||||
BOOL test_bind_simple(struct ldap_connection *conn, const char *userdn, const char *password)
|
||||
{
|
||||
@ -188,9 +189,9 @@ BOOL torture_ldap_basic(void)
|
||||
TALLOC_CTX *mem_ctx;
|
||||
BOOL ret = True;
|
||||
const char *host = lp_parm_string(-1, "torture", "host");
|
||||
const char *username = lp_parm_string(-1, "torture", "username");
|
||||
const char *domain = lp_parm_string(-1, "torture", "userdomain");
|
||||
const char *password = lp_parm_string(-1, "torture", "password");
|
||||
const char *username = cli_credentials_get_username(cmdline_credentials);
|
||||
const char *domain = cli_credentials_get_domain(cmdline_credentials);
|
||||
const char *password = cli_credentials_get_password(cmdline_credentials);
|
||||
const char *userdn = lp_parm_string(-1, "torture", "ldap_userdn");
|
||||
/*const char *basedn = lp_parm_string(-1, "torture", "ldap_basedn");*/
|
||||
const char *secret = lp_parm_string(-1, "torture", "ldap_secret");
|
||||
|
@ -24,6 +24,7 @@
|
||||
#include "lib/events/events.h"
|
||||
#include "libcli/raw/libcliraw.h"
|
||||
#include "libcli/composite/composite.h"
|
||||
#include "lib/cmdline/popt_common.h"
|
||||
|
||||
#define BASEDIR "\\composite"
|
||||
|
||||
@ -149,9 +150,10 @@ static BOOL test_fetchfile(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
|
||||
io2.in.calling_name = lp_netbios_name();
|
||||
io2.in.service = lp_parm_string(-1, "torture", "share");
|
||||
io2.in.service_type = "A:";
|
||||
io2.in.user = lp_parm_string(-1, "torture", "username");
|
||||
io2.in.domain = lp_parm_string(-1, "torture", "userdomain");
|
||||
io2.in.password = lp_parm_string(-1, "torture", "password");
|
||||
|
||||
io2.in.user = cli_credentials_get_username(cmdline_credentials);
|
||||
io2.in.domain = cli_credentials_get_domain(cmdline_credentials);
|
||||
io2.in.password = cli_credentials_get_password(cmdline_credentials);
|
||||
io2.in.filename = fname;
|
||||
|
||||
printf("testing parallel fetchfile with %d ops\n", torture_numops);
|
||||
|
@ -22,6 +22,7 @@
|
||||
#include "libcli/raw/libcliraw.h"
|
||||
#include "librpc/gen_ndr/ndr_security.h"
|
||||
#include "libcli/composite/composite.h"
|
||||
#include "lib/cmdline/popt_common.h"
|
||||
|
||||
#define BASEDIR "\\rawcontext"
|
||||
|
||||
@ -57,7 +58,6 @@ static BOOL test_session(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
|
||||
{
|
||||
NTSTATUS status;
|
||||
BOOL ret = True;
|
||||
const char *username, *domain, *password;
|
||||
struct smbcli_session *session;
|
||||
struct smbcli_session *session2;
|
||||
struct smbcli_session *session3;
|
||||
@ -76,18 +76,14 @@ static BOOL test_session(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
|
||||
return False;
|
||||
}
|
||||
|
||||
username = lp_parm_string(-1, "torture", "username");
|
||||
password = lp_parm_string(-1, "torture", "password");
|
||||
domain = lp_parm_string(-1, "torture", "userdomain");
|
||||
|
||||
printf("create a second security context on the same transport\n");
|
||||
session = smbcli_session_init(cli->transport, mem_ctx, False);
|
||||
|
||||
setup.in.sesskey = cli->transport->negotiate.sesskey;
|
||||
setup.in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
|
||||
setup.in.password = password;
|
||||
setup.in.user = username;
|
||||
setup.in.domain = domain;
|
||||
setup.in.password = cli_credentials_get_password(cmdline_credentials);
|
||||
setup.in.user = cli_credentials_get_username(cmdline_credentials);
|
||||
setup.in.domain = cli_credentials_get_domain(cmdline_credentials);
|
||||
|
||||
status = smb_composite_sesssetup(session, &setup);
|
||||
CHECK_STATUS(status, NT_STATUS_OK);
|
||||
@ -100,9 +96,10 @@ static BOOL test_session(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
|
||||
session2->vuid = session->vuid;
|
||||
setup.in.sesskey = cli->transport->negotiate.sesskey;
|
||||
setup.in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
|
||||
setup.in.password = password;
|
||||
setup.in.user = username;
|
||||
setup.in.domain = domain;
|
||||
|
||||
setup.in.password = cli_credentials_get_password(cmdline_credentials);
|
||||
setup.in.user = cli_credentials_get_username(cmdline_credentials);
|
||||
setup.in.domain = cli_credentials_get_domain(cmdline_credentials);
|
||||
|
||||
status = smb_composite_sesssetup(session2, &setup);
|
||||
CHECK_STATUS(status, NT_STATUS_OK);
|
||||
@ -120,9 +117,11 @@ static BOOL test_session(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
|
||||
session3->vuid = session->vuid;
|
||||
setup.in.sesskey = cli->transport->negotiate.sesskey;
|
||||
setup.in.capabilities = 0; /* force a non extended security login (should fail) */
|
||||
setup.in.password = password;
|
||||
setup.in.user = username;
|
||||
setup.in.domain = domain;
|
||||
|
||||
|
||||
setup.in.password = cli_credentials_get_password(cmdline_credentials);
|
||||
setup.in.user = cli_credentials_get_username(cmdline_credentials);
|
||||
setup.in.domain = cli_credentials_get_domain(cmdline_credentials);
|
||||
|
||||
status = smb_composite_sesssetup(session3, &setup);
|
||||
CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
|
||||
|
@ -23,6 +23,7 @@
|
||||
|
||||
#include "includes.h"
|
||||
#include "librpc/gen_ndr/ndr_lsa.h"
|
||||
#include "lib/cmdline/popt_common.h"
|
||||
|
||||
/*
|
||||
This test is 'bogus' in that it doesn't actually perform to the
|
||||
@ -37,10 +38,6 @@
|
||||
BOOL torture_multi_bind(void)
|
||||
{
|
||||
struct dcerpc_pipe *p;
|
||||
const char *workstation = lp_netbios_name();
|
||||
const char *domain = lp_parm_string(-1, "torture", "userdomain");
|
||||
const char *username = lp_parm_string(-1, "torture", "username");
|
||||
const char *password = lp_parm_string(-1, "torture", "password");
|
||||
const char *pipe_uuid = DCERPC_LSARPC_UUID;
|
||||
uint32_t pipe_version = DCERPC_LSARPC_VERSION;
|
||||
struct dcerpc_binding *binding;
|
||||
@ -68,7 +65,7 @@ BOOL torture_multi_bind(void)
|
||||
}
|
||||
|
||||
status = dcerpc_pipe_auth(p, binding, pipe_uuid, pipe_version,
|
||||
workstation, domain, username, password);
|
||||
cmdline_credentials);
|
||||
|
||||
if (NT_STATUS_IS_OK(status)) {
|
||||
printf("(incorrectly) allowed re-bind to uuid %s - %s\n",
|
||||
|
@ -26,6 +26,7 @@
|
||||
#include "librpc/gen_ndr/ndr_netlogon.h"
|
||||
#include "auth/auth.h"
|
||||
#include "lib/crypto/crypto.h"
|
||||
#include "lib/cmdline/popt_common.h"
|
||||
|
||||
#define TEST_MACHINE_NAME "samlogontest"
|
||||
#define TEST_USER_NAME "samlogontestuser"
|
||||
@ -1215,6 +1216,7 @@ BOOL torture_rpc_samlogon(void)
|
||||
NTSTATUS status;
|
||||
struct dcerpc_pipe *p;
|
||||
struct dcerpc_binding *b;
|
||||
struct cli_credentials credentials;
|
||||
TALLOC_CTX *mem_ctx = talloc_init("torture_rpc_netlogon");
|
||||
BOOL ret = True;
|
||||
struct test_join *join_ctx;
|
||||
@ -1245,27 +1247,29 @@ BOOL torture_rpc_samlogon(void)
|
||||
BOOL network_login;
|
||||
} usercreds[] = {
|
||||
{
|
||||
lp_parm_string(-1, "torture", "userdomain"),
|
||||
lp_parm_string(-1, "torture", "username"),
|
||||
lp_parm_string(-1, "torture", "password"),
|
||||
cli_credentials_get_domain(cmdline_credentials),
|
||||
cli_credentials_get_username(cmdline_credentials),
|
||||
cli_credentials_get_password(cmdline_credentials),
|
||||
True
|
||||
},
|
||||
{
|
||||
NULL,
|
||||
talloc_asprintf(mem_ctx,
|
||||
"%s@%s",
|
||||
lp_parm_string(-1, "torture", "username"),
|
||||
lp_parm_string(-1, "torture", "userdomain")),
|
||||
lp_parm_string(-1, "torture", "password"),
|
||||
cli_credentials_get_domain(cmdline_credentials),
|
||||
cli_credentials_get_username(cmdline_credentials)
|
||||
),
|
||||
cli_credentials_get_password(cmdline_credentials),
|
||||
False
|
||||
},
|
||||
{
|
||||
NULL,
|
||||
talloc_asprintf(mem_ctx,
|
||||
"%s@%s",
|
||||
lp_parm_string(-1, "torture", "username"),
|
||||
lp_realm()),
|
||||
lp_parm_string(-1, "torture", "password"),
|
||||
cli_credentials_get_username(cmdline_credentials),
|
||||
cli_credentials_get_realm(cmdline_credentials)
|
||||
),
|
||||
cli_credentials_get_password(cmdline_credentials),
|
||||
True
|
||||
},
|
||||
#if 0
|
||||
@ -1334,13 +1338,15 @@ BOOL torture_rpc_samlogon(void)
|
||||
b->flags &= ~DCERPC_AUTH_OPTIONS;
|
||||
b->flags |= DCERPC_SCHANNEL_WORKSTATION | DCERPC_SIGN | DCERPC_SCHANNEL_128;
|
||||
|
||||
cli_credentials_set_workstation(&credentials, TEST_MACHINE_NAME, CRED_SPECIFIED);
|
||||
cli_credentials_set_domain(&credentials, lp_workgroup(), CRED_SPECIFIED);
|
||||
cli_credentials_set_username(&credentials, test_machine_account, CRED_SPECIFIED);
|
||||
cli_credentials_set_password(&credentials, machine_password, CRED_SPECIFIED);
|
||||
|
||||
status = dcerpc_pipe_connect_b(&p, b,
|
||||
DCERPC_NETLOGON_UUID,
|
||||
DCERPC_NETLOGON_VERSION,
|
||||
TEST_MACHINE_NAME,
|
||||
lp_workgroup(),
|
||||
test_machine_account,
|
||||
machine_password);
|
||||
&credentials);
|
||||
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
ret = False;
|
||||
|
@ -1295,6 +1295,7 @@ BOOL torture_rpc_samsync(void)
|
||||
struct lsa_ObjectAttribute attr;
|
||||
struct lsa_QosInfo qos;
|
||||
struct lsa_OpenPolicy2 r;
|
||||
struct cli_credentials credentials;
|
||||
|
||||
struct samsync_state *samsync_state;
|
||||
|
||||
@ -1418,13 +1419,15 @@ BOOL torture_rpc_samsync(void)
|
||||
b->flags &= ~DCERPC_AUTH_OPTIONS;
|
||||
b->flags |= DCERPC_SCHANNEL_BDC | DCERPC_SIGN;
|
||||
|
||||
cli_credentials_set_workstation(&credentials, TEST_MACHINE_NAME, CRED_SPECIFIED);
|
||||
cli_credentials_set_domain(&credentials, lp_workgroup(), CRED_SPECIFIED);
|
||||
cli_credentials_set_username(&credentials, test_machine_account, CRED_SPECIFIED);
|
||||
cli_credentials_set_password(&credentials, machine_password, CRED_SPECIFIED);
|
||||
|
||||
status = dcerpc_pipe_connect_b(&samsync_state->p, b,
|
||||
DCERPC_NETLOGON_UUID,
|
||||
DCERPC_NETLOGON_VERSION,
|
||||
TEST_MACHINE_NAME,
|
||||
lp_workgroup(),
|
||||
test_machine_account,
|
||||
machine_password);
|
||||
&credentials);
|
||||
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
printf("Failed to connect to server as a BDC: %s\n", nt_errstr(status));
|
||||
@ -1449,14 +1452,15 @@ BOOL torture_rpc_samsync(void)
|
||||
b_netlogon_wksta->flags &= ~DCERPC_AUTH_OPTIONS;
|
||||
b_netlogon_wksta->flags |= DCERPC_SCHANNEL_WORKSTATION | DCERPC_SIGN;
|
||||
|
||||
cli_credentials_set_workstation(&credentials, TEST_WKSTA_MACHINE_NAME, CRED_SPECIFIED);
|
||||
cli_credentials_set_username(&credentials, test_wksta_machine_account, CRED_SPECIFIED);
|
||||
cli_credentials_set_password(&credentials, wksta_machine_password, CRED_SPECIFIED);
|
||||
|
||||
status = dcerpc_pipe_connect_b(&samsync_state->p_netlogon_wksta,
|
||||
b_netlogon_wksta,
|
||||
DCERPC_NETLOGON_UUID,
|
||||
DCERPC_NETLOGON_VERSION,
|
||||
TEST_WKSTA_MACHINE_NAME,
|
||||
lp_workgroup(),
|
||||
test_wksta_machine_account,
|
||||
wksta_machine_password);
|
||||
&credentials);
|
||||
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
printf("Failed to connect to server as a Workstation: %s\n", nt_errstr(status));
|
||||
|
@ -127,6 +127,7 @@ static BOOL test_schannel(TALLOC_CTX *mem_ctx,
|
||||
struct dcerpc_pipe *p = NULL;
|
||||
struct dcerpc_pipe *p_netlogon = NULL;
|
||||
struct creds_CredentialState *creds;
|
||||
struct cli_credentials credentials;
|
||||
char *test_machine_account = talloc_asprintf(NULL, "%s$", TEST_MACHINE_NAME);
|
||||
|
||||
join_ctx = torture_create_testuser(test_machine_account, lp_workgroup(),
|
||||
@ -145,13 +146,14 @@ static BOOL test_schannel(TALLOC_CTX *mem_ctx,
|
||||
b->flags &= ~DCERPC_AUTH_OPTIONS;
|
||||
b->flags |= dcerpc_flags;
|
||||
|
||||
cli_credentials_set_domain(&credentials, lp_workgroup(), CRED_SPECIFIED);
|
||||
cli_credentials_set_workstation(&credentials, TEST_MACHINE_NAME, CRED_SPECIFIED);
|
||||
cli_credentials_set_username(&credentials, test_machine_account, CRED_SPECIFIED);
|
||||
cli_credentials_set_password(&credentials, machine_password, CRED_SPECIFIED);
|
||||
status = dcerpc_pipe_connect_b(&p, b,
|
||||
DCERPC_SAMR_UUID,
|
||||
DCERPC_SAMR_VERSION,
|
||||
TEST_MACHINE_NAME,
|
||||
lp_workgroup(),
|
||||
test_machine_account,
|
||||
machine_password);
|
||||
&credentials);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
printf("Failed to connect with schannel: %s\n", nt_errstr(status));
|
||||
goto failed;
|
||||
|
@ -80,9 +80,9 @@ BOOL torture_open_connection_share(struct smbcli_state **c,
|
||||
const char *sharename)
|
||||
{
|
||||
NTSTATUS status;
|
||||
const char *username = lp_parm_string(-1, "torture", "username");
|
||||
const char *userdomain = lp_parm_string(-1, "torture", "userdomain");
|
||||
const char *password = lp_parm_string(-1, "torture", "password");
|
||||
const char *username = cli_credentials_get_username(cmdline_credentials);
|
||||
const char *userdomain = cli_credentials_get_domain(cmdline_credentials);
|
||||
const char *password = cli_credentials_get_password(cmdline_credentials);
|
||||
|
||||
status = smbcli_full_connection(NULL,
|
||||
c, lp_netbios_name(),
|
||||
@ -138,10 +138,7 @@ NTSTATUS torture_rpc_connection(struct dcerpc_pipe **p,
|
||||
}
|
||||
|
||||
status = dcerpc_pipe_connect(p, binding, pipe_uuid, pipe_version,
|
||||
lp_netbios_name(),
|
||||
lp_parm_string(-1, "torture", "userdomain"),
|
||||
lp_parm_string(-1, "torture", "username"),
|
||||
lp_parm_string(-1, "torture", "password"));
|
||||
cmdline_credentials);
|
||||
|
||||
return status;
|
||||
}
|
||||
@ -173,10 +170,8 @@ NTSTATUS torture_rpc_connection_transport(struct dcerpc_pipe **p,
|
||||
b->transport = transport;
|
||||
|
||||
status = dcerpc_pipe_connect_b(p, b, pipe_uuid, pipe_version,
|
||||
lp_netbios_name(),
|
||||
lp_parm_string(-1, "torture", "userdomain"),
|
||||
lp_parm_string(-1, "torture", "username"),
|
||||
lp_parm_string(-1, "torture", "password"));
|
||||
cmdline_credentials);
|
||||
|
||||
|
||||
return status;
|
||||
}
|
||||
@ -731,9 +726,9 @@ static BOOL run_tcon_devtype_test(void)
|
||||
BOOL ret = True;
|
||||
const char *host = lp_parm_string(-1, "torture", "host");
|
||||
const char *share = lp_parm_string(-1, "torture", "share");
|
||||
const char *username = lp_parm_string(-1, "torture", "username");
|
||||
const char *userdomain = lp_parm_string(-1, "torture", "userdomain");
|
||||
const char *password = lp_parm_string(-1, "torture", "password");
|
||||
const char *username = cli_credentials_get_username(cmdline_credentials);
|
||||
const char *userdomain = cli_credentials_get_domain(cmdline_credentials);
|
||||
const char *password = cli_credentials_get_password(cmdline_credentials);
|
||||
|
||||
status = smbcli_full_connection(NULL,
|
||||
&cli1, lp_netbios_name(),
|
||||
@ -2728,25 +2723,6 @@ static BOOL is_binding_string(const char *binding_string)
|
||||
lp_set_cmdline("torture:binding", binding);
|
||||
}
|
||||
|
||||
if (!lp_parm_string(-1,"torture","username")) {
|
||||
lp_set_cmdline("torture:username", cli_credentials_get_username(cmdline_credentials));
|
||||
}
|
||||
if (!lp_parm_string(-1,"torture","userdomain")) {
|
||||
/*
|
||||
* backward compatibility
|
||||
* maybe we should remove this to make this consistent
|
||||
* for all cmdline tools
|
||||
* --metze
|
||||
*/
|
||||
if (strequal(lp_netbios_name(),cli_credentials_get_domain(cmdline_credentials))) {
|
||||
cli_credentials_set_domain(cmdline_credentials, lp_workgroup(), CRED_SPECIFIED);
|
||||
}
|
||||
lp_set_cmdline("torture:userdomain", cli_credentials_get_domain(cmdline_credentials));
|
||||
}
|
||||
if (!lp_parm_string(-1,"torture","password")) {
|
||||
lp_set_cmdline("torture:password", cli_credentials_get_password(cmdline_credentials));
|
||||
}
|
||||
|
||||
if (argc_new == 0) {
|
||||
printf("You must specify a test to run, or 'ALL'\n");
|
||||
} else {
|
||||
|
Loading…
Reference in New Issue
Block a user