/*
* Hook to allow handling of NTLM authentication for AD operation
* without directly linking the s4 auth stack
*
* This ensures we use the source4 authentication stack, as well as
* the authorization stack to create the user's token. This ensures
* consistency between NTLM logins and NTLMSSP logins, as NTLMSSP is
* handled by the hook above.
*/
static NTSTATUS make_auth4_context_s4(TALLOC_CTX *mem_ctx,
struct auth4_context **auth4_context)
{
NTSTATUS status;
struct loadparm_context *lp_ctx;
struct tevent_context *event_ctx;
TALLOC_CTX *frame = talloc_stackframe();
struct imessaging_context *msg_ctx;
struct server_id *server_id;
lp_ctx = loadparm_init_s3(frame, loadparm_s3_helpers());
if (lp_ctx == NULL) {
DEBUG(1, ("loadparm_init_s3 failed\n"));
TALLOC_FREE(frame);
return NT_STATUS_INVALID_SERVER_STATE;
}
event_ctx = s4_event_context_init(frame);
if (event_ctx == NULL) {
DEBUG(1, ("s4_event_context_init failed\n"));
TALLOC_FREE(frame);
return NT_STATUS_INVALID_SERVER_STATE;
}
server_id = new_server_id_task(frame);
if (server_id == NULL) {
DEBUG(1, ("new_server_id_task failed\n"));
TALLOC_FREE(frame);
return NT_STATUS_INVALID_SERVER_STATE;
}
msg_ctx = imessaging_init(frame,
lp_ctx,
*server_id,
event_ctx, true);
if (msg_ctx == NULL) {
DEBUG(1, ("imessaging_init failed\n"));
TALLOC_FREE(frame);
return NT_STATUS_INVALID_SERVER_STATE;
}
talloc_reparent(frame, msg_ctx, server_id);
status = auth_context_create(mem_ctx,
event_ctx,
msg_ctx,
lp_ctx,
auth4_context);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to start auth server code: %s\n", nt_errstr(status)));
TALLOC_FREE(frame);
return status;
}
talloc_reparent(frame, *auth4_context, msg_ctx);
talloc_reparent(frame, *auth4_context, event_ctx);
talloc_reparent(frame, *auth4_context, lp_ctx);
TALLOC_FREE(frame);
return status;
}
/*
called to create a new server task
*/
static void standard_new_task(struct tevent_context *ev,
struct loadparm_context *lp_ctx,
const char *service_name,
void (*new_task)(struct tevent_context *, struct loadparm_context *lp_ctx, struct server_id , void *),
void *private_data)
{
pid_t pid;
struct tevent_context *ev2;
pid = fork();
if (pid != 0) {
/* parent or error code ... go back to the event loop */
return;
}
pid = getpid();
/* This is now the child code. We need a completely new event_context to work with */
ev2 = s4_event_context_init(NULL);
/* setup this as the default context */
s4_event_context_set_default(ev2);
/* the service has given us a private pointer that
encapsulates the context it needs for this new connection -
everything else will be freed */
talloc_steal(ev2, private_data);
/* this will free all the listening sockets and all state that
is not associated with this new connection */
talloc_free(ev);
/* ldb/tdb need special fork handling */
ldb_wrap_fork_hook();
tevent_add_fd(ev2, ev2, child_pipe[0], TEVENT_FD_READ,
standard_pipe_handler, NULL);
close(child_pipe[1]);
/* Ensure that the forked children do not expose identical random streams */
set_need_random_reseed();
setproctitle("task %s server_id[%d]", service_name, pid);
/* setup this new task. Cluster ID is PID based for this process modal */
new_task(ev2, lp_ctx, cluster_id(pid, 0), private_data);
/* we can't return to the top level here, as that event context is gone,
so we now process events in the new event context until there are no
more to process */
event_loop_wait(ev2);
talloc_free(ev2);
exit(0);
}
int main(int argc, const char **argv)
{
int opt;
poptContext pc;
const char *patch;
struct registry_context *h;
const char *file = NULL;
const char *remote = NULL;
struct tevent_context *ev_ctx;
struct poptOption long_options[] = {
POPT_AUTOHELP
{"remote", 'R', POPT_ARG_STRING, &remote, 0, "connect to specified remote server", NULL},
{"file", 'F', POPT_ARG_STRING, &file, 0, "file path", NULL },
POPT_COMMON_SAMBA
POPT_COMMON_CREDENTIALS
{ NULL }
};
pc = poptGetContext(argv[0], argc, argv, long_options,0);
while((opt = poptGetNextOpt(pc)) != -1) {
}
ev_ctx = s4_event_context_init(NULL);
if (remote) {
h = reg_common_open_remote (remote, ev_ctx, cmdline_lp_ctx, cmdline_credentials);
} else {
h = reg_common_open_local (cmdline_credentials, ev_ctx, cmdline_lp_ctx);
}
if (h == NULL)
return 1;
patch = poptGetArg(pc);
if (patch == NULL) {
poptPrintUsage(pc, stderr, 0);
return 1;
}
poptFreeContext(pc);
reg_diff_apply(h, patch);
return 0;
}
/*
main program
*/
int main(int argc, const char *argv[])
{
bool ret = true;
struct interface *ifaces;
struct tevent_context *ev;
poptContext pc;
int opt;
enum {
OPT_BROADCAST_ADDRESS = 1000,
OPT_UNICAST_ADDRESS,
OPT_FIND_MASTER,
OPT_WINS_LOOKUP,
OPT_NODE_STATUS,
OPT_ROOT_PORT,
OPT_LOOKUP_BY_IP,
OPT_CASE_SENSITIVE
};
struct poptOption long_options[] = {
POPT_AUTOHELP
{ "broadcast", 'B', POPT_ARG_STRING, NULL, OPT_BROADCAST_ADDRESS,
"Specify address to use for broadcasts", "BROADCAST-ADDRESS" },
{ "unicast", 'U', POPT_ARG_STRING, NULL, OPT_UNICAST_ADDRESS,
"Specify address to use for unicast", NULL },
{ "master-browser", 'M', POPT_ARG_NONE, NULL, OPT_FIND_MASTER,
"Search for a master browser", NULL },
{ "wins", 'W', POPT_ARG_NONE, NULL, OPT_WINS_LOOKUP,
"Do a WINS lookup", NULL },
{ "status", 'S', POPT_ARG_NONE, NULL, OPT_NODE_STATUS,
"Lookup node status as well", NULL },
{ "root-port", 'r', POPT_ARG_NONE, NULL, OPT_ROOT_PORT,
"Use root port 137 (Win95 only replies to this)", NULL },
{ "lookup-by-ip", 'A', POPT_ARG_NONE, NULL, OPT_LOOKUP_BY_IP,
"Do a node status on <name> as an IP Address", NULL },
{ "case-sensitive", 0, POPT_ARG_NONE, NULL, OPT_CASE_SENSITIVE,
"Don't uppercase the name before sending", NULL },
POPT_COMMON_SAMBA
{ 0, 0, 0, 0 }
};
pc = poptGetContext("nmblookup", argc, argv, long_options,
POPT_CONTEXT_KEEP_FIRST);
poptSetOtherOptionHelp(pc, "<NODE> ...");
while ((opt = poptGetNextOpt(pc)) != -1) {
switch(opt) {
case OPT_BROADCAST_ADDRESS:
options.broadcast_address = poptGetOptArg(pc);
break;
case OPT_UNICAST_ADDRESS:
options.unicast_address = poptGetOptArg(pc);
break;
case OPT_FIND_MASTER:
options.find_master = true;
break;
case OPT_WINS_LOOKUP:
options.wins_lookup = true;
break;
case OPT_NODE_STATUS:
options.node_status = true;
break;
case OPT_ROOT_PORT:
options.root_port = true;
break;
case OPT_LOOKUP_BY_IP:
options.lookup_by_ip = true;
break;
case OPT_CASE_SENSITIVE:
options.case_sensitive = true;
break;
}
}
/* swallow argv[0] */
poptGetArg(pc);
if(!poptPeekArg(pc)) {
poptPrintUsage(pc, stderr, 0);
exit(1);
}
load_interfaces(NULL, lp_interfaces(cmdline_lp_ctx), &ifaces);
ev = s4_event_context_init(talloc_autofree_context());
while (poptPeekArg(pc)) {
const char *name = poptGetArg(pc);
ret &= process_one(cmdline_lp_ctx, ev, ifaces, name, lp_nbt_port(cmdline_lp_ctx));
}
talloc_free(ev);
talloc_free(ifaces);
poptFreeContext(pc);
if (!ret) {
return 1;
}
return 0;
}
/****************************************************************************
main program
****************************************************************************/
int main(int argc,char *argv[])
{
char *share[NSERVERS];
int opt;
int seed, server;
int username_count=0;
struct tevent_context *ev;
struct loadparm_context *lp_ctx;
poptContext pc;
int argc_new, i;
char **argv_new;
enum {OPT_UNCLIST=1000};
struct poptOption long_options[] = {
POPT_AUTOHELP
{"seed", 0, POPT_ARG_INT, &seed, 0, "Seed to use for randomizer", NULL},
{"num-ops", 0, POPT_ARG_INT, &numops, 0, "num ops", NULL},
{"lockrange", 0, POPT_ARG_INT, &lock_range,0, "locking range", NULL},
{"lockbase", 0, POPT_ARG_INT, &lock_base, 0, "locking base", NULL},
{"minlength", 0, POPT_ARG_INT, &min_length,0, "min lock length", NULL},
{"hidefails", 0, POPT_ARG_NONE, &hide_unlock_fails,0,"hide unlock fails", NULL},
{"oplocks", 0, POPT_ARG_NONE, &use_oplocks,0, "use oplocks", NULL},
{"showall", 0, POPT_ARG_NONE, &showall, 0, "display all operations", NULL},
{"analyse", 0, POPT_ARG_NONE, &analyze, 0, "do backtrack analysis", NULL},
{"zerozero", 0, POPT_ARG_NONE, &zero_zero, 0, "do zero/zero lock", NULL},
{"exacterrors", 0, POPT_ARG_NONE, &exact_error_codes,0,"use exact error codes", NULL},
{"unclist", 0, POPT_ARG_STRING, NULL, OPT_UNCLIST, "unclist", NULL},
{ "user", 'U', POPT_ARG_STRING, NULL, 'U', "Set the network username", "[DOMAIN/]USERNAME[%PASSWORD]" },
POPT_COMMON_SAMBA
POPT_COMMON_CONNECTION
POPT_COMMON_CREDENTIALS
POPT_COMMON_VERSION
{ NULL }
};
setlinebuf(stdout);
seed = time(NULL);
pc = poptGetContext("locktest", argc, (const char **) argv, long_options,
POPT_CONTEXT_KEEP_FIRST);
poptSetOtherOptionHelp(pc, "<unc1> <unc2>");
lp_ctx = cmdline_lp_ctx;
servers[0] = cli_credentials_init(talloc_autofree_context());
servers[1] = cli_credentials_init(talloc_autofree_context());
cli_credentials_guess(servers[0], lp_ctx);
cli_credentials_guess(servers[1], lp_ctx);
while((opt = poptGetNextOpt(pc)) != -1) {
switch (opt) {
case OPT_UNCLIST:
lp_set_cmdline(cmdline_lp_ctx, "torture:unclist", poptGetOptArg(pc));
break;
case 'U':
if (username_count == 2) {
usage(pc);
exit(1);
}
cli_credentials_parse_string(servers[username_count], poptGetOptArg(pc), CRED_SPECIFIED);
username_count++;
break;
}
}
argv_new = discard_const_p(char *, poptGetArgs(pc));
argc_new = argc;
for (i=0; i<argc; i++) {
if (argv_new[i] == NULL) {
argc_new = i;
break;
}
}
if (!(argc_new >= 3)) {
usage(pc);
exit(1);
}
setup_logging("locktest", DEBUG_STDOUT);
for (server=0;server<NSERVERS;server++) {
share[server] = argv_new[1+server];
all_string_sub(share[server],"/","\\",0);
}
lp_ctx = cmdline_lp_ctx;
if (username_count == 0) {
usage(pc);
return -1;
}
if (username_count == 1) {
servers[1] = servers[0];
}
ev = s4_event_context_init(talloc_autofree_context());
gensec_init(lp_ctx);
DEBUG(0,("seed=%u base=%d range=%d min_length=%d\n",
seed, lock_base, lock_range, min_length));
srandom(seed);
return test_locks(ev, lp_ctx, NULL, share);
}
static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode,
struct loadparm_context *lp_ctx,
char *buf, int length, void **private1,
unsigned int mux_id, void **private2)
{
DATA_BLOB in;
DATA_BLOB out = data_blob(NULL, 0);
char *out_base64 = NULL;
const char *reply_arg = NULL;
struct gensec_ntlm_state {
struct gensec_security *gensec_state;
const char *set_password;
};
struct gensec_ntlm_state *state;
struct tevent_context *ev;
struct imessaging_context *msg;
NTSTATUS nt_status;
bool first = false;
const char *reply_code;
struct cli_credentials *creds;
static char *want_feature_list = NULL;
static DATA_BLOB session_key;
TALLOC_CTX *mem_ctx;
if (*private1) {
state = (struct gensec_ntlm_state *)*private1;
} else {
state = talloc_zero(NULL, struct gensec_ntlm_state);
if (!state) {
mux_printf(mux_id, "BH No Memory\n");
exit(1);
}
*private1 = state;
if (opt_password) {
state->set_password = opt_password;
}
}
if (strlen(buf) < 2) {
DEBUG(1, ("query [%s] invalid", buf));
mux_printf(mux_id, "BH Query invalid\n");
return;
}
if (strlen(buf) > 3) {
if(strncmp(buf, "SF ", 3) == 0) {
DEBUG(10, ("Setting flags to negotiate\n"));
talloc_free(want_feature_list);
want_feature_list = talloc_strndup(state, buf+3, strlen(buf)-3);
mux_printf(mux_id, "OK\n");
return;
}
in = base64_decode_data_blob(buf + 3);
} else {
in = data_blob(NULL, 0);
}
if (strncmp(buf, "YR", 2) == 0) {
if (state->gensec_state) {
talloc_free(state->gensec_state);
state->gensec_state = NULL;
}
} else if ( (strncmp(buf, "OK", 2) == 0)) {
/* Just return BH, like ntlm_auth from Samba 3 does. */
mux_printf(mux_id, "BH Command expected\n");
data_blob_free(&in);
return;
} else if ( (strncmp(buf, "TT ", 3) != 0) &&
(strncmp(buf, "KK ", 3) != 0) &&
(strncmp(buf, "AF ", 3) != 0) &&
(strncmp(buf, "NA ", 3) != 0) &&
(strncmp(buf, "UG", 2) != 0) &&
(strncmp(buf, "PW ", 3) != 0) &&
(strncmp(buf, "GK", 2) != 0) &&
(strncmp(buf, "GF", 2) != 0)) {
DEBUG(1, ("SPNEGO request [%s] invalid\n", buf));
mux_printf(mux_id, "BH SPNEGO request invalid\n");
data_blob_free(&in);
return;
}
ev = s4_event_context_init(state);
if (!ev) {
exit(1);
}
mem_ctx = talloc_named(NULL, 0, "manage_gensec_request internal mem_ctx");
/* setup gensec */
if (!(state->gensec_state)) {
switch (stdio_helper_mode) {
case GSS_SPNEGO_CLIENT:
case NTLMSSP_CLIENT_1:
/* setup the client side */
nt_status = gensec_client_start(NULL, &state->gensec_state, ev,
lpcfg_gensec_settings(NULL, lp_ctx));
if (!NT_STATUS_IS_OK(nt_status)) {
talloc_free(mem_ctx);
exit(1);
}
break;
case GSS_SPNEGO_SERVER:
case SQUID_2_5_NTLMSSP:
{
const char *winbind_method[] = { "winbind", NULL };
struct auth4_context *auth_context;
msg = imessaging_client_init(state, lpcfg_imessaging_path(state, lp_ctx), ev);
if (!msg) {
talloc_free(mem_ctx);
exit(1);
}
nt_status = auth_context_create_methods(mem_ctx,
winbind_method,
ev,
msg,
lp_ctx,
NULL,
&auth_context);
if (!NT_STATUS_IS_OK(nt_status)) {
talloc_free(mem_ctx);
exit(1);
}
if (!NT_STATUS_IS_OK(gensec_server_start(state, ev,
lpcfg_gensec_settings(state, lp_ctx),
auth_context, &state->gensec_state))) {
talloc_free(mem_ctx);
exit(1);
}
break;
}
default:
talloc_free(mem_ctx);
abort();
}
creds = cli_credentials_init(state->gensec_state);
cli_credentials_set_conf(creds, lp_ctx);
if (opt_username) {
cli_credentials_set_username(creds, opt_username, CRED_SPECIFIED);
}
if (opt_domain) {
cli_credentials_set_domain(creds, opt_domain, CRED_SPECIFIED);
}
if (state->set_password) {
cli_credentials_set_password(creds, state->set_password, CRED_SPECIFIED);
} else {
cli_credentials_set_password_callback(creds, get_password);
creds->priv_data = (void*)(uintptr_t)mux_id;
}
if (opt_workstation) {
cli_credentials_set_workstation(creds, opt_workstation, CRED_SPECIFIED);
}
switch (stdio_helper_mode) {
case GSS_SPNEGO_SERVER:
case SQUID_2_5_NTLMSSP:
cli_credentials_set_machine_account(creds, lp_ctx);
break;
default:
break;
}
gensec_set_credentials(state->gensec_state, creds);
gensec_want_feature_list(state->gensec_state, want_feature_list);
switch (stdio_helper_mode) {
case GSS_SPNEGO_CLIENT:
case GSS_SPNEGO_SERVER:
nt_status = gensec_start_mech_by_oid(state->gensec_state, GENSEC_OID_SPNEGO);
if (!in.length) {
first = true;
}
break;
case NTLMSSP_CLIENT_1:
if (!in.length) {
first = true;
}
/* fall through */
case SQUID_2_5_NTLMSSP:
nt_status = gensec_start_mech_by_oid(state->gensec_state, GENSEC_OID_NTLMSSP);
break;
default:
talloc_free(mem_ctx);
abort();
}
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(1, ("GENSEC mech failed to start: %s\n", nt_errstr(nt_status)));
mux_printf(mux_id, "BH GENSEC mech failed to start\n");
talloc_free(mem_ctx);
return;
}
}
/* update */
if (strncmp(buf, "PW ", 3) == 0) {
state->set_password = talloc_strndup(state,
(const char *)in.data,
in.length);
cli_credentials_set_password(gensec_get_credentials(state->gensec_state),
state->set_password,
CRED_SPECIFIED);
mux_printf(mux_id, "OK\n");
data_blob_free(&in);
talloc_free(mem_ctx);
return;
}
if (strncmp(buf, "UG", 2) == 0) {
int i;
char *grouplist = NULL;
struct auth_session_info *session_info;
nt_status = gensec_session_info(state->gensec_state, mem_ctx, &session_info);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(1, ("gensec_session_info failed: %s\n", nt_errstr(nt_status)));
mux_printf(mux_id, "BH %s\n", nt_errstr(nt_status));
data_blob_free(&in);
talloc_free(mem_ctx);
return;
}
/* get the string onto the context */
grouplist = talloc_strdup(mem_ctx, "");
for (i=0; i<session_info->security_token->num_sids; i++) {
struct security_token *token = session_info->security_token;
const char *sidstr = dom_sid_string(session_info,
&token->sids[i]);
grouplist = talloc_asprintf_append_buffer(grouplist, "%s,", sidstr);
}
mux_printf(mux_id, "GL %s\n", grouplist);
talloc_free(session_info);
data_blob_free(&in);
talloc_free(mem_ctx);
return;
}
if (strncmp(buf, "GK", 2) == 0) {
char *base64_key;
DEBUG(10, ("Requested session key\n"));
nt_status = gensec_session_key(state->gensec_state, mem_ctx, &session_key);
if(!NT_STATUS_IS_OK(nt_status)) {
DEBUG(1, ("gensec_session_key failed: %s\n", nt_errstr(nt_status)));
mux_printf(mux_id, "BH No session key\n");
talloc_free(mem_ctx);
return;
} else {
base64_key = base64_encode_data_blob(state, session_key);
mux_printf(mux_id, "GK %s\n", base64_key);
talloc_free(base64_key);
}
talloc_free(mem_ctx);
return;
}
if (strncmp(buf, "GF", 2) == 0) {
struct ntlmssp_state *ntlmssp_state;
uint32_t neg_flags;
ntlmssp_state = talloc_get_type(state->gensec_state->private_data,
struct ntlmssp_state);
neg_flags = ntlmssp_state->neg_flags;
DEBUG(10, ("Requested negotiated feature flags\n"));
mux_printf(mux_id, "GF 0x%08x\n", neg_flags);
return;
}
nt_status = gensec_update(state->gensec_state, mem_ctx, in, &out);
/* don't leak 'bad password'/'no such user' info to the network client */
nt_status = nt_status_squash(nt_status);
if (out.length) {
out_base64 = base64_encode_data_blob(mem_ctx, out);
} else {
out_base64 = NULL;
}
if (NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
reply_arg = "*";
if (first) {
reply_code = "YR";
} else if (state->gensec_state->gensec_role == GENSEC_CLIENT) {
reply_code = "KK";
} else if (state->gensec_state->gensec_role == GENSEC_SERVER) {
reply_code = "TT";
} else {
abort();
}
} else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_ACCESS_DENIED)) {
reply_code = "BH NT_STATUS_ACCESS_DENIED";
reply_arg = nt_errstr(nt_status);
DEBUG(1, ("GENSEC login failed: %s\n", nt_errstr(nt_status)));
} else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_UNSUCCESSFUL)) {
reply_code = "BH NT_STATUS_UNSUCCESSFUL";
reply_arg = nt_errstr(nt_status);
DEBUG(1, ("GENSEC login failed: %s\n", nt_errstr(nt_status)));
} else if (!NT_STATUS_IS_OK(nt_status)) {
reply_code = "NA";
reply_arg = nt_errstr(nt_status);
DEBUG(1, ("GENSEC login failed: %s\n", nt_errstr(nt_status)));
} else if /* OK */ (state->gensec_state->gensec_role == GENSEC_SERVER) {
struct auth_session_info *session_info;
nt_status = gensec_session_info(state->gensec_state, mem_ctx, &session_info);
if (!NT_STATUS_IS_OK(nt_status)) {
reply_code = "BH Failed to retrive session info";
reply_arg = nt_errstr(nt_status);
DEBUG(1, ("GENSEC failed to retrieve the session info: %s\n", nt_errstr(nt_status)));
} else {
reply_code = "AF";
reply_arg = talloc_asprintf(state->gensec_state,
"%s%s%s", session_info->info->domain_name,
lpcfg_winbind_separator(lp_ctx), session_info->info->account_name);
talloc_free(session_info);
}
} else if (state->gensec_state->gensec_role == GENSEC_CLIENT) {
reply_code = "AF";
reply_arg = out_base64;
} else {
abort();
}
switch (stdio_helper_mode) {
case GSS_SPNEGO_SERVER:
mux_printf(mux_id, "%s %s %s\n", reply_code,
out_base64 ? out_base64 : "*",
reply_arg ? reply_arg : "*");
break;
default:
if (out_base64) {
mux_printf(mux_id, "%s %s\n", reply_code, out_base64);
} else if (reply_arg) {
mux_printf(mux_id, "%s %s\n", reply_code, reply_arg);
} else {
mux_printf(mux_id, "%s\n", reply_code);
}
}
talloc_free(mem_ctx);
return;
}
int main(int argc, const char **argv)
{
int opt;
unsigned int i;
const char *file = NULL;
const char *remote = NULL;
poptContext pc;
struct registry_context *h = NULL;
struct registry_key *start_key = NULL;
struct tevent_context *ev_ctx;
WERROR error;
bool fullpath = false, no_values = false;
struct poptOption long_options[] = {
POPT_AUTOHELP
{"file", 'F', POPT_ARG_STRING, &file, 0, "file path", NULL },
{"remote", 'R', POPT_ARG_STRING, &remote, 0, "connect to specified remote server", NULL },
{"fullpath", 'f', POPT_ARG_NONE, &fullpath, 0, "show full paths", NULL},
{"no-values", 'V', POPT_ARG_NONE, &no_values, 0, "don't show values", NULL},
POPT_COMMON_SAMBA
POPT_COMMON_CREDENTIALS
POPT_COMMON_VERSION
{ NULL }
};
pc = poptGetContext(argv[0], argc, argv, long_options,0);
while((opt = poptGetNextOpt(pc)) != -1) {
}
ev_ctx = s4_event_context_init(NULL);
if (remote != NULL) {
h = reg_common_open_remote(remote, ev_ctx, cmdline_lp_ctx, cmdline_credentials);
} else if (file != NULL) {
start_key = reg_common_open_file(file, ev_ctx, cmdline_lp_ctx, cmdline_credentials);
} else {
h = reg_common_open_local(cmdline_credentials, ev_ctx, cmdline_lp_ctx);
}
if (h == NULL && start_key == NULL)
return 1;
poptFreeContext(pc);
error = WERR_OK;
if (start_key != NULL) {
print_tree(0, start_key, "", fullpath, no_values);
} else {
for(i = 0; reg_predefined_keys[i].handle; i++) {
error = reg_get_predefined_key(h,
reg_predefined_keys[i].handle,
&start_key);
if (!W_ERROR_IS_OK(error)) {
fprintf(stderr, "Skipping %s: %s\n",
reg_predefined_keys[i].name,
win_errstr(error));
continue;
}
SMB_ASSERT(start_key != NULL);
print_tree(0, start_key, reg_predefined_keys[i].name,
fullpath, no_values);
}
}
return 0;
}
/*
called when a listening socket becomes readable.
*/
static void standard_accept_connection(struct tevent_context *ev,
struct loadparm_context *lp_ctx,
struct socket_context *sock,
void (*new_conn)(struct tevent_context *,
struct loadparm_context *, struct socket_context *,
struct server_id , void *),
void *private_data)
{
NTSTATUS status;
struct socket_context *sock2;
pid_t pid;
struct tevent_context *ev2;
struct socket_address *c, *s;
/* accept an incoming connection. */
status = socket_accept(sock, &sock2);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("standard_accept_connection: accept: %s\n",
nt_errstr(status)));
/* this looks strange, but is correct. We need to throttle things until
the system clears enough resources to handle this new socket */
sleep(1);
return;
}
pid = fork();
if (pid != 0) {
/* parent or error code ... */
talloc_free(sock2);
/* go back to the event loop */
return;
}
pid = getpid();
/* This is now the child code. We need a completely new event_context to work with */
ev2 = s4_event_context_init(NULL);
/* the service has given us a private pointer that
encapsulates the context it needs for this new connection -
everything else will be freed */
talloc_steal(ev2, private_data);
talloc_steal(private_data, sock2);
/* this will free all the listening sockets and all state that
is not associated with this new connection */
talloc_free(sock);
talloc_free(ev);
/* we don't care if the dup fails, as its only a select()
speed optimisation */
socket_dup(sock2);
/* tdb needs special fork handling */
if (tdb_reopen_all(1) == -1) {
DEBUG(0,("standard_accept_connection: tdb_reopen_all failed.\n"));
}
/* Ensure that the forked children do not expose identical random streams */
set_need_random_reseed();
/* setup the process title */
c = socket_get_peer_addr(sock2, ev2);
s = socket_get_my_addr(sock2, ev2);
if (s && c) {
setproctitle("conn c[%s:%u] s[%s:%u] server_id[%d]",
c->addr, c->port, s->addr, s->port, pid);
}
talloc_free(c);
talloc_free(s);
/* setup this new connection. Cluster ID is PID based for this process modal */
new_conn(ev2, lp_ctx, sock2, cluster_id(pid, 0), private_data);
/* we can't return to the top level here, as that event context is gone,
so we now process events in the new event context until there are no
more to process */
event_loop_wait(ev2);
talloc_free(ev2);
exit(0);
}
/*
* called to create a new server task
*/
static void prefork_new_task(
struct tevent_context *ev,
struct loadparm_context *lp_ctx,
const char *service_name,
void (*new_task_fn)(struct tevent_context *,
struct loadparm_context *lp_ctx,
struct server_id , void *, void *),
void *private_data,
const struct service_details *service_details,
int from_parent_fd)
{
pid_t pid;
struct tfork* t = NULL;
int i, num_children;
struct tevent_context *ev2;
t = tfork_create();
if (t == NULL) {
smb_panic("failure in tfork\n");
}
pid = tfork_child_pid(t);
if (pid != 0) {
struct tevent_fd *fde = NULL;
int fd = tfork_event_fd(t);
/* Register a pipe handler that gets called when the prefork
* master process terminates.
*/
fde = tevent_add_fd(ev, ev, fd, TEVENT_FD_READ,
prefork_child_pipe_handler, t);
if (fde == NULL) {
smb_panic("Failed to add child pipe handler, "
"after fork");
}
tevent_fd_set_auto_close(fde);
return;
}
pid = getpid();
setproctitle("task[%s] pre-fork master", service_name);
/*
* this will free all the listening sockets and all state that
* is not associated with this new connection
*/
if (tevent_re_initialise(ev) != 0) {
smb_panic("Failed to re-initialise tevent after fork");
}
prefork_reload_after_fork();
setup_handlers(ev, from_parent_fd);
if (service_details->inhibit_pre_fork) {
new_task_fn(ev, lp_ctx, cluster_id(pid, 0), private_data, NULL);
/* The task does not support pre-fork */
tevent_loop_wait(ev);
TALLOC_FREE(ev);
exit(0);
}
/*
* This is now the child code. We need a completely new event_context
* to work with
*/
ev2 = s4_event_context_init(NULL);
/* setup this new connection: process will bind to it's sockets etc
*
* While we can use ev for the child, which has been re-initialised
* above we must run the new task under ev2 otherwise the children would
* be listening on the sockets. Also we don't want the top level
* process accepting and handling requests, it's responsible for
* monitoring and controlling the child work processes.
*/
new_task_fn(ev2, lp_ctx, cluster_id(pid, 0), private_data, NULL);
{
int default_children;
default_children = lpcfg_prefork_children(lp_ctx);
num_children = lpcfg_parm_int(lp_ctx, NULL, "prefork children",
service_name, default_children);
}
if (num_children == 0) {
DBG_WARNING("Number of pre-fork children for %s is zero, "
"NO worker processes will be started for %s\n",
service_name, service_name);
}
DBG_NOTICE("Forking %d %s worker processes\n",
num_children, service_name);
/* We are now free to spawn some worker processes */
for (i=0; i < num_children; i++) {
struct tfork* w = NULL;
w = tfork_create();
if (w == NULL) {
smb_panic("failure in tfork\n");
}
pid = tfork_child_pid(w);
if (pid != 0) {
struct tevent_fd *fde = NULL;
int fd = tfork_event_fd(w);
fde = tevent_add_fd(ev, ev, fd, TEVENT_FD_READ,
prefork_child_pipe_handler, w);
if (fde == NULL) {
smb_panic("Failed to add child pipe handler, "
"after fork");
}
tevent_fd_set_auto_close(fde);
} else {
/* tfork uses malloc */
free(w);
TALLOC_FREE(ev);
setproctitle("task[%s] pre-forked worker",
service_name);
prefork_reload_after_fork();
setup_handlers(ev2, from_parent_fd);
tevent_loop_wait(ev2);
talloc_free(ev2);
exit(0);
}
}
/* Don't listen on the sockets we just gave to the children */
tevent_loop_wait(ev);
TALLOC_FREE(ev);
/* We need to keep ev2 until we're finished for the messaging to work */
TALLOC_FREE(ev2);
exit(0);
}
/* Hook to allow GENSEC to handle blob-based authentication
* mechanisms, without directly linking the mechansim code */
static NTSTATUS prepare_gensec(TALLOC_CTX *mem_ctx,
struct gensec_security **gensec_context)
{
NTSTATUS status;
struct loadparm_context *lp_ctx;
struct tevent_context *event_ctx;
TALLOC_CTX *frame = talloc_stackframe();
struct gensec_security *gensec_ctx;
struct imessaging_context *msg_ctx;
struct cli_credentials *server_credentials;
lp_ctx = loadparm_init_s3(frame, loadparm_s3_context());
if (lp_ctx == NULL) {
DEBUG(1, ("loadparm_init_s3 failed\n"));
TALLOC_FREE(frame);
return NT_STATUS_INVALID_SERVER_STATE;
}
event_ctx = s4_event_context_init(frame);
if (event_ctx == NULL) {
DEBUG(1, ("s4_event_context_init failed\n"));
TALLOC_FREE(frame);
return NT_STATUS_INVALID_SERVER_STATE;
}
msg_ctx = imessaging_client_init(frame,
lp_ctx,
event_ctx);
if (msg_ctx == NULL) {
DEBUG(1, ("imessaging_init failed\n"));
TALLOC_FREE(frame);
return NT_STATUS_INVALID_SERVER_STATE;
}
server_credentials
= cli_credentials_init(frame);
if (!server_credentials) {
DEBUG(1, ("Failed to init server credentials"));
TALLOC_FREE(frame);
return NT_STATUS_INVALID_SERVER_STATE;
}
cli_credentials_set_conf(server_credentials, lp_ctx);
status = cli_credentials_set_machine_account(server_credentials, lp_ctx);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("Failed to obtain server credentials, perhaps a standalone server?: %s\n", nt_errstr(status)));
talloc_free(server_credentials);
server_credentials = NULL;
}
status = samba_server_gensec_start(mem_ctx,
event_ctx, msg_ctx,
lp_ctx, server_credentials, "cifs",
&gensec_ctx);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to start GENSEC server code: %s\n", nt_errstr(status)));
TALLOC_FREE(frame);
return status;
}
talloc_reparent(frame, gensec_ctx, msg_ctx);
talloc_reparent(frame, gensec_ctx, event_ctx);
talloc_reparent(frame, gensec_ctx, lp_ctx);
talloc_reparent(frame, gensec_ctx, server_credentials);
gensec_want_feature(gensec_ctx, GENSEC_FEATURE_SESSION_KEY);
gensec_want_feature(gensec_ctx, GENSEC_FEATURE_UNIX_TOKEN);
*gensec_context = gensec_ctx;
TALLOC_FREE(frame);
return status;
}
int main(int argc, const char **argv)
{
int opt;
poptContext pc;
char *outputfile = NULL;
enum reg_backend backend1 = REG_UNKNOWN, backend2 = REG_UNKNOWN;
const char *remote1 = NULL, *remote2 = NULL;
struct registry_context *h1 = NULL, *h2 = NULL;
WERROR error;
struct poptOption long_options[] = {
POPT_AUTOHELP
{"output", 'o', POPT_ARG_STRING, &outputfile, 0, "output file to use", NULL },
{"null", 'n', POPT_ARG_NONE, NULL, 'n', "Diff from NULL", NULL },
{"remote", 'R', POPT_ARG_STRING, NULL, 'R', "Connect to remote server" , NULL },
{"local", 'L', POPT_ARG_NONE, NULL, 'L', "Open local registry", NULL },
POPT_COMMON_SAMBA
POPT_COMMON_CREDENTIALS
POPT_COMMON_VERSION
{ NULL }
};
TALLOC_CTX *ctx;
void *callback_data;
struct tevent_context *ev_ctx;
struct reg_diff_callbacks *callbacks;
ctx = talloc_init("regdiff");
pc = poptGetContext(argv[0], argc, argv, long_options,0);
while((opt = poptGetNextOpt(pc)) != -1) {
error = WERR_OK;
switch(opt) {
case 'L':
if (backend1 == REG_UNKNOWN)
backend1 = REG_LOCAL;
else if (backend2 == REG_UNKNOWN)
backend2 = REG_LOCAL;
break;
case 'n':
if (backend1 == REG_UNKNOWN)
backend1 = REG_NULL;
else if (backend2 == REG_UNKNOWN)
backend2 = REG_NULL;
break;
case 'R':
if (backend1 == REG_UNKNOWN) {
backend1 = REG_REMOTE;
remote1 = poptGetOptArg(pc);
} else if (backend2 == REG_UNKNOWN) {
backend2 = REG_REMOTE;
remote2 = poptGetOptArg(pc);
}
break;
}
}
ev_ctx = s4_event_context_init(NULL);
h1 = open_backend(pc, ev_ctx, cmdline_lp_ctx, backend1, remote1);
if (h1 == NULL)
return 1;
h2 = open_backend(pc, ev_ctx, cmdline_lp_ctx, backend2, remote2);
if (h2 == NULL)
return 1;
poptFreeContext(pc);
error = reg_dotreg_diff_save(ctx, outputfile, lp_iconv_convenience(cmdline_lp_ctx), &callbacks,
&callback_data);
if (!W_ERROR_IS_OK(error)) {
fprintf(stderr, "Problem saving registry diff to '%s': %s\n",
outputfile, win_errstr(error));
return -1;
}
error = reg_generate_diff(h1, h2, callbacks, callback_data);
if (!W_ERROR_IS_OK(error)) {
fprintf(stderr, "Unable to generate diff between keys: %s\n",
win_errstr(error));
return -1;
}
return 0;
}
/****************************************************************************
main program
****************************************************************************/
int main(int argc,char *argv[])
{
int opt, i;
bool correct = true;
int max_runtime=0;
int argc_new;
struct torture_context *torture;
struct torture_results *results;
const struct torture_ui_ops *ui_ops;
char **argv_new;
poptContext pc;
static const char *target = "other";
NTSTATUS status;
int shell = false;
static const char *ui_ops_name = "subunit";
const char *basedir = NULL;
const char *extra_module = NULL;
static int list_tests = 0;
int num_extra_users = 0;
enum {OPT_LOADFILE=1000,OPT_UNCLIST,OPT_TIMELIMIT,OPT_DNS, OPT_LIST,
OPT_DANGEROUS,OPT_SMB_PORTS,OPT_ASYNC,OPT_NUMPROGS,
OPT_EXTRA_USER,};
struct poptOption long_options[] = {
POPT_AUTOHELP
{"format", 0, POPT_ARG_STRING, &ui_ops_name, 0, "Output format (one of: simple, subunit)", NULL },
{"smb-ports", 'p', POPT_ARG_STRING, NULL, OPT_SMB_PORTS, "SMB ports", NULL},
{"basedir", 0, POPT_ARG_STRING, &basedir, 0, "base directory", "BASEDIR" },
{"seed", 0, POPT_ARG_INT, &torture_seed, 0, "Seed to use for randomizer", NULL},
{"num-progs", 0, POPT_ARG_INT, NULL, OPT_NUMPROGS, "num progs", NULL},
{"num-ops", 0, POPT_ARG_INT, &torture_numops, 0, "num ops", NULL},
{"entries", 0, POPT_ARG_INT, &torture_entries, 0, "entries", NULL},
{"loadfile", 0, POPT_ARG_STRING, NULL, OPT_LOADFILE, "NBench load file to use", NULL},
{"list", 0, POPT_ARG_NONE, &list_tests, 0, "List available tests and exit", NULL },
{"unclist", 0, POPT_ARG_STRING, NULL, OPT_UNCLIST, "unclist", NULL},
{"timelimit", 't', POPT_ARG_INT, NULL, OPT_TIMELIMIT, "Set time limit (in seconds)", NULL},
{"failures", 'f', POPT_ARG_INT, &torture_failures, 0, "failures", NULL},
{"parse-dns", 'D', POPT_ARG_STRING, NULL, OPT_DNS, "parse-dns", NULL},
{"dangerous", 'X', POPT_ARG_NONE, NULL, OPT_DANGEROUS,
"run dangerous tests (eg. wiping out password database)", NULL},
{"load-module", 0, POPT_ARG_STRING, &extra_module, 0, "load tests from DSO file", "SOFILE"},
{"shell", 0, POPT_ARG_NONE, &shell, true, "Run shell", NULL},
{"target", 'T', POPT_ARG_STRING, &target, 0, "samba3|samba4|other", NULL},
{"async", 'a', POPT_ARG_NONE, NULL, OPT_ASYNC,
"run async tests", NULL},
{"num-async", 0, POPT_ARG_INT, &torture_numasync, 0,
"number of simultaneous async requests", NULL},
{"maximum-runtime", 0, POPT_ARG_INT, &max_runtime, 0,
"set maximum time for smbtorture to live", "seconds"},
{"extra-user", 0, POPT_ARG_STRING, NULL, OPT_EXTRA_USER,
"extra user credentials", NULL},
POPT_COMMON_SAMBA
POPT_COMMON_CONNECTION
POPT_COMMON_CREDENTIALS
POPT_COMMON_VERSION
{ NULL }
};
setlinebuf(stdout);
/* we are never interested in SIGPIPE */
BlockSignals(true, SIGPIPE);
pc = poptGetContext("smbtorture", argc, (const char **) argv, long_options,
POPT_CONTEXT_KEEP_FIRST);
poptSetOtherOptionHelp(pc, "<binding>|<unc> TEST1 TEST2 ...");
while((opt = poptGetNextOpt(pc)) != -1) {
switch (opt) {
case OPT_LOADFILE:
lp_set_cmdline(cmdline_lp_ctx, "torture:loadfile", poptGetOptArg(pc));
break;
case OPT_UNCLIST:
lp_set_cmdline(cmdline_lp_ctx, "torture:unclist", poptGetOptArg(pc));
break;
case OPT_TIMELIMIT:
lp_set_cmdline(cmdline_lp_ctx, "torture:timelimit", poptGetOptArg(pc));
break;
case OPT_NUMPROGS:
lp_set_cmdline(cmdline_lp_ctx, "torture:nprocs", poptGetOptArg(pc));
break;
case OPT_DNS:
parse_dns(cmdline_lp_ctx, poptGetOptArg(pc));
break;
case OPT_DANGEROUS:
lp_set_cmdline(cmdline_lp_ctx, "torture:dangerous", "Yes");
break;
case OPT_ASYNC:
lp_set_cmdline(cmdline_lp_ctx, "torture:async", "Yes");
break;
case OPT_SMB_PORTS:
lp_set_cmdline(cmdline_lp_ctx, "smb ports", poptGetOptArg(pc));
break;
case OPT_EXTRA_USER:
{
char *option = talloc_asprintf(NULL, "torture:extra_user%u",
++num_extra_users);
const char *value = poptGetOptArg(pc);
lp_set_cmdline(cmdline_lp_ctx, option, value);
talloc_free(option);
}
break;
default:
printf("bad command line option\n");
exit(1);
}
}
if (strcmp(target, "samba3") == 0) {
lp_set_cmdline(cmdline_lp_ctx, "torture:samba3", "true");
lp_set_cmdline(cmdline_lp_ctx, "torture:resume_key_support", "false");
} else if (strcmp(target, "samba4") == 0) {
lp_set_cmdline(cmdline_lp_ctx, "torture:samba4", "true");
} else if (strcmp(target, "winxp") == 0) {
lp_set_cmdline(cmdline_lp_ctx, "torture:winxp", "true");
} else if (strcmp(target, "w2k3") == 0) {
lp_set_cmdline(cmdline_lp_ctx, "torture:w2k3", "true");
} else if (strcmp(target, "w2k8") == 0) {
lp_set_cmdline(cmdline_lp_ctx, "torture:w2k8", "true");
lp_set_cmdline(cmdline_lp_ctx,
"torture:invalid_lock_range_support", "false");
} else if (strcmp(target, "win7") == 0) {
lp_set_cmdline(cmdline_lp_ctx, "torture:win7", "true");
lp_set_cmdline(cmdline_lp_ctx, "torture:cn_max_buffer_size",
"0x00010000");
lp_set_cmdline(cmdline_lp_ctx, "torture:resume_key_support", "false");
lp_set_cmdline(cmdline_lp_ctx, "torture:rewind_support", "false");
/* RAW-SEARCH for fails for inexplicable reasons against win7 */
lp_set_cmdline(cmdline_lp_ctx, "torture:search_ea_support", "false");
lp_set_cmdline(cmdline_lp_ctx, "torture:hide_on_access_denied",
"true");
} else if (strcmp(target, "onefs") == 0) {
lp_set_cmdline(cmdline_lp_ctx, "torture:onefs", "true");
lp_set_cmdline(cmdline_lp_ctx, "torture:openx_deny_dos_support",
"false");
lp_set_cmdline(cmdline_lp_ctx, "torture:sacl_support", "false");
lp_set_cmdline(cmdline_lp_ctx, "torture:ea_support", "false");
lp_set_cmdline(cmdline_lp_ctx, "torture:smblock_pdu_support",
"false");
lp_set_cmdline(cmdline_lp_ctx, "torture:2_step_break_to_none",
"true");
lp_set_cmdline(cmdline_lp_ctx, "torture:deny_dos_support", "false");
lp_set_cmdline(cmdline_lp_ctx, "torture:deny_fcb_support", "false");
lp_set_cmdline(cmdline_lp_ctx, "torture:read_support", "false");
lp_set_cmdline(cmdline_lp_ctx, "torture:writeclose_support", "false");
lp_set_cmdline(cmdline_lp_ctx, "torture:resume_key_support", "false");
lp_set_cmdline(cmdline_lp_ctx, "torture:rewind_support", "false");
}
if (max_runtime) {
/* this will only work if nobody else uses alarm(),
which means it won't work for some tests, but we
can't use the event context method we use for smbd
as so many tests create their own event
context. This will at least catch most cases. */
signal(SIGALRM, max_runtime_handler);
alarm(max_runtime);
}
if (extra_module != NULL) {
init_module_fn fn = load_module(talloc_autofree_context(), poptGetOptArg(pc));
if (fn == NULL)
d_printf("Unable to load module from %s\n", poptGetOptArg(pc));
else {
status = fn();
if (NT_STATUS_IS_ERR(status)) {
d_printf("Error initializing module %s: %s\n",
poptGetOptArg(pc), nt_errstr(status));
}
}
} else {
torture_init();
}
if (list_tests) {
print_test_list();
return 0;
}
if (torture_seed == 0) {
torture_seed = time(NULL);
}
printf("Using seed %d\n", torture_seed);
srandom(torture_seed);
argv_new = discard_const_p(char *, poptGetArgs(pc));
argc_new = argc;
for (i=0; i<argc; i++) {
if (argv_new[i] == NULL) {
argc_new = i;
break;
}
}
if (!(argc_new >= 3 || (shell && argc_new >= 2))) {
usage(pc);
exit(1);
}
if (!parse_target(cmdline_lp_ctx, argv_new[1])) {
usage(pc);
exit(1);
}
if (!strcmp(ui_ops_name, "simple")) {
ui_ops = &std_ui_ops;
} else if (!strcmp(ui_ops_name, "subunit")) {
ui_ops = &torture_subunit_ui_ops;
} else {
printf("Unknown output format '%s'\n", ui_ops_name);
exit(1);
}
results = torture_results_init(talloc_autofree_context(), ui_ops);
torture = torture_context_init(s4_event_context_init(NULL), results);
if (basedir != NULL) {
if (basedir[0] != '/') {
fprintf(stderr, "Please specify an absolute path to --basedir\n");
return 1;
}
torture->outputdir = basedir;
} else {
char *pwd = talloc_size(torture, PATH_MAX);
if (!getcwd(pwd, PATH_MAX)) {
fprintf(stderr, "Unable to determine current working directory\n");
return 1;
}
torture->outputdir = pwd;
}
torture->lp_ctx = cmdline_lp_ctx;
gensec_init(cmdline_lp_ctx);
if (argc_new == 0) {
printf("You must specify a test to run, or 'ALL'\n");
} else if (shell) {
run_shell(torture);
} else {
for (i=2;i<argc_new;i++) {
if (!run_test(torture, argv_new[i])) {
correct = false;
}
}
}
if (torture->results->returncode && correct) {
return(0);
} else {
return(1);
}
}
/*
* Hook to allow handling of NTLM authentication for AD operation
* without directly linking the s4 auth stack
*
* This ensures we use the source4 authentication stack, as well as
* the authorization stack to create the user's token. This ensures
* consistency between NTLM logins and NTLMSSP logins, as NTLMSSP is
* handled by the hook above.
*/
static NTSTATUS make_auth4_context_s4(const struct auth_context *auth_context,
TALLOC_CTX *mem_ctx,
struct auth4_context **auth4_context)
{
NTSTATUS status;
struct loadparm_context *lp_ctx;
struct tevent_context *event_ctx;
TALLOC_CTX *frame = talloc_stackframe();
struct imessaging_context *msg_ctx;
struct server_id *server_id;
lp_ctx = loadparm_init_s3(frame, loadparm_s3_helpers());
if (lp_ctx == NULL) {
DEBUG(1, ("loadparm_init_s3 failed\n"));
TALLOC_FREE(frame);
return NT_STATUS_INVALID_SERVER_STATE;
}
event_ctx = s4_event_context_init(frame);
if (event_ctx == NULL) {
DEBUG(1, ("s4_event_context_init failed\n"));
TALLOC_FREE(frame);
return NT_STATUS_INVALID_SERVER_STATE;
}
server_id = new_server_id_task(frame);
if (server_id == NULL) {
DEBUG(1, ("new_server_id_task failed\n"));
TALLOC_FREE(frame);
return NT_STATUS_INVALID_SERVER_STATE;
}
msg_ctx = imessaging_init(frame,
lp_ctx,
*server_id,
event_ctx, true);
if (msg_ctx == NULL) {
DEBUG(1, ("imessaging_init failed\n"));
TALLOC_FREE(frame);
return NT_STATUS_INVALID_SERVER_STATE;
}
talloc_reparent(frame, msg_ctx, server_id);
/* Allow forcing a specific auth4 module */
if (!auth_context->forced_samba4_methods) {
status = auth_context_create(mem_ctx,
event_ctx,
msg_ctx,
lp_ctx,
auth4_context);
} else {
const char * const *forced_auth_methods = (const char * const *)str_list_make(mem_ctx, auth_context->forced_samba4_methods, NULL);
status = auth_context_create_methods(mem_ctx, forced_auth_methods, event_ctx, msg_ctx, lp_ctx, NULL, auth4_context);
}
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to start auth server code: %s\n", nt_errstr(status)));
TALLOC_FREE(frame);
return status;
}
talloc_reparent(frame, *auth4_context, msg_ctx);
talloc_reparent(frame, *auth4_context, event_ctx);
talloc_reparent(frame, *auth4_context, lp_ctx);
TALLOC_FREE(frame);
return status;
}
/*
called to initialise the driver
*/
_PUBLIC_ isc_result_t dlz_create(const char *dlzname,
unsigned int argc, char *argv[],
void **dbdata, ...)
{
struct dlz_bind9_data *state;
const char *helper_name;
va_list ap;
isc_result_t result;
struct ldb_dn *dn;
NTSTATUS nt_status;
state = talloc_zero(NULL, struct dlz_bind9_data);
if (state == NULL) {
return ISC_R_NOMEMORY;
}
talloc_set_destructor(state, dlz_state_debug_unregister);
/* fill in the helper functions */
va_start(ap, dbdata);
while ((helper_name = va_arg(ap, const char *)) != NULL) {
b9_add_helper(state, helper_name, va_arg(ap, void*));
}
va_end(ap);
/* Do not install samba signal handlers */
fault_setup_disable();
/* Start logging (to the bind9 logs) */
debug_set_callback(state, b9_debug);
state->ev_ctx = s4_event_context_init(state);
if (state->ev_ctx == NULL) {
result = ISC_R_NOMEMORY;
goto failed;
}
result = parse_options(state, argc, argv, &state->options);
if (result != ISC_R_SUCCESS) {
goto failed;
}
state->lp = loadparm_init_global(true);
if (state->lp == NULL) {
result = ISC_R_NOMEMORY;
goto failed;
}
if (state->options.debug) {
lpcfg_do_global_parameter(state->lp, "log level", state->options.debug);
} else {
lpcfg_do_global_parameter(state->lp, "log level", "0");
}
if (smb_krb5_init_context(state, state->ev_ctx, state->lp, &state->smb_krb5_ctx) != 0) {
result = ISC_R_NOMEMORY;
goto failed;
}
nt_status = gensec_init();
if (!NT_STATUS_IS_OK(nt_status)) {
result = ISC_R_NOMEMORY;
goto failed;
}
state->auth_context = talloc_zero(state, struct auth4_context);
if (state->auth_context == NULL) {
result = ISC_R_NOMEMORY;
goto failed;
}
if (state->options.url == NULL) {
state->options.url = lpcfg_private_path(state, state->lp, "dns/sam.ldb");
if (state->options.url == NULL) {
result = ISC_R_NOMEMORY;
goto failed;
}
}
state->samdb = samdb_connect_url(state, state->ev_ctx, state->lp,
system_session(state->lp), 0, state->options.url);
if (state->samdb == NULL) {
state->log(ISC_LOG_ERROR, "samba_dlz: Failed to connect to %s",
state->options.url);
result = ISC_R_FAILURE;
goto failed;
}
dn = ldb_get_default_basedn(state->samdb);
if (dn == NULL) {
state->log(ISC_LOG_ERROR, "samba_dlz: Unable to get basedn for %s - %s",
state->options.url, ldb_errstring(state->samdb));
result = ISC_R_FAILURE;
goto failed;
}
state->log(ISC_LOG_INFO, "samba_dlz: started for DN %s",
ldb_dn_get_linearized(dn));
state->auth_context->event_ctx = state->ev_ctx;
state->auth_context->lp_ctx = state->lp;
state->auth_context->sam_ctx = state->samdb;
state->auth_context->generate_session_info_pac = b9_generate_session_info_pac;
*dbdata = state;
return ISC_R_SUCCESS;
failed:
talloc_free(state);
return result;
}
/*
main server.
*/
static int binary_smbd_main(const char *binary_name, int argc, const char *argv[])
{
bool opt_daemon = false;
bool opt_interactive = false;
int opt;
poptContext pc;
#define _MODULE_PROTO(init) extern NTSTATUS init(void);
STATIC_service_MODULES_PROTO;
init_module_fn static_init[] = { STATIC_service_MODULES };
init_module_fn *shared_init;
struct tevent_context *event_ctx;
uint16_t stdin_event_flags;
NTSTATUS status;
const char *model = "standard";
int max_runtime = 0;
struct stat st;
enum {
OPT_DAEMON = 1000,
OPT_INTERACTIVE,
OPT_PROCESS_MODEL,
OPT_SHOW_BUILD
};
struct poptOption long_options[] = {
POPT_AUTOHELP
{"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON,
"Become a daemon (default)", NULL },
{"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE,
"Run interactive (not a daemon)", NULL},
{"model", 'M', POPT_ARG_STRING, NULL, OPT_PROCESS_MODEL,
"Select process model", "MODEL"},
{"maximum-runtime",0, POPT_ARG_INT, &max_runtime, 0,
"set maximum runtime of the server process, till autotermination", "seconds"},
{"show-build", 'b', POPT_ARG_NONE, NULL, OPT_SHOW_BUILD, "show build info", NULL },
POPT_COMMON_SAMBA
POPT_COMMON_VERSION
{ NULL }
};
pc = poptGetContext(binary_name, argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) {
switch(opt) {
case OPT_DAEMON:
opt_daemon = true;
break;
case OPT_INTERACTIVE:
opt_interactive = true;
break;
case OPT_PROCESS_MODEL:
model = poptGetOptArg(pc);
break;
case OPT_SHOW_BUILD:
show_build();
break;
default:
fprintf(stderr, "\nInvalid option %s: %s\n\n",
poptBadOption(pc, 0), poptStrerror(opt));
poptPrintUsage(pc, stderr, 0);
return 1;
}
}
if (opt_daemon && opt_interactive) {
fprintf(stderr,"\nERROR: "
"Option -i|--interactive is not allowed together with -D|--daemon\n\n");
poptPrintUsage(pc, stderr, 0);
return 1;
} else if (!opt_interactive) {
/* default is --daemon */
opt_daemon = true;
}
poptFreeContext(pc);
talloc_enable_null_tracking();
setup_logging(binary_name, opt_interactive?DEBUG_STDOUT:DEBUG_FILE);
setup_signals();
/* we want total control over the permissions on created files,
so set our umask to 0 */
umask(0);
DEBUG(0,("%s version %s started.\n", binary_name, SAMBA_VERSION_STRING));
DEBUGADD(0,("Copyright Andrew Tridgell and the Samba Team 1992-2016\n"));
if (sizeof(uint16_t) < 2 || sizeof(uint32_t) < 4 || sizeof(uint64_t) < 8) {
DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
DEBUGADD(0,("sizeof(uint16_t) = %u, sizeof(uint32_t) %u, sizeof(uint64_t) = %u\n",
(unsigned int)sizeof(uint16_t), (unsigned int)sizeof(uint32_t), (unsigned int)sizeof(uint64_t)));
return 1;
}
if (opt_daemon) {
DEBUG(3,("Becoming a daemon.\n"));
become_daemon(true, false, false);
}
cleanup_tmp_files(cmdline_lp_ctx);
if (!directory_exist(lpcfg_lock_directory(cmdline_lp_ctx))) {
mkdir(lpcfg_lock_directory(cmdline_lp_ctx), 0755);
}
pidfile_create(lpcfg_pid_directory(cmdline_lp_ctx), binary_name);
if (lpcfg_server_role(cmdline_lp_ctx) == ROLE_ACTIVE_DIRECTORY_DC) {
if (!open_schannel_session_store(talloc_autofree_context(), cmdline_lp_ctx)) {
exit_daemon("Samba cannot open schannel store for secured NETLOGON operations.", EACCES);
}
}
/* make sure we won't go through nss_winbind */
if (!winbind_off()) {
exit_daemon("Samba failed to disable recusive winbindd calls.", EACCES);
}
gensec_init(); /* FIXME: */
ntptr_init(); /* FIXME: maybe run this in the initialization function
of the spoolss RPC server instead? */
ntvfs_init(cmdline_lp_ctx); /* FIXME: maybe run this in the initialization functions
of the SMB[,2] server instead? */
process_model_init(cmdline_lp_ctx);
shared_init = load_samba_modules(NULL, "service");
run_init_functions(static_init);
run_init_functions(shared_init);
talloc_free(shared_init);
/* the event context is the top level structure in smbd. Everything else
should hang off that */
event_ctx = s4_event_context_init(talloc_autofree_context());
if (event_ctx == NULL) {
exit_daemon("Initializing event context failed", EACCES);
}
if (opt_interactive) {
/* terminate when stdin goes away */
stdin_event_flags = TEVENT_FD_READ;
} else {
/* stay alive forever */
stdin_event_flags = 0;
}
/* catch EOF on stdin */
#ifdef SIGTTIN
signal(SIGTTIN, SIG_IGN);
#endif
if (fstat(0, &st) != 0) {
exit_daemon("Samba failed to set standard input handler", ENOTTY);
}
if (S_ISFIFO(st.st_mode) || S_ISSOCK(st.st_mode)) {
tevent_add_fd(event_ctx,
event_ctx,
0,
stdin_event_flags,
server_stdin_handler,
discard_const(binary_name));
}
if (max_runtime) {
DEBUG(0,("Called with maxruntime %d - current ts %llu\n",
max_runtime, (unsigned long long) time(NULL)));
tevent_add_timer(event_ctx, event_ctx,
timeval_current_ofs(max_runtime, 0),
max_runtime_handler,
discard_const(binary_name));
}
if (lpcfg_server_role(cmdline_lp_ctx) != ROLE_ACTIVE_DIRECTORY_DC
&& !lpcfg_parm_bool(cmdline_lp_ctx, NULL, "server role check", "inhibit", false)
&& !str_list_check_ci(lpcfg_server_services(cmdline_lp_ctx), "smb")
&& !str_list_check_ci(lpcfg_dcerpc_endpoint_servers(cmdline_lp_ctx), "remote")
&& !str_list_check_ci(lpcfg_dcerpc_endpoint_servers(cmdline_lp_ctx), "mapiproxy")) {
DEBUG(0, ("At this time the 'samba' binary should only be used for either:\n"));
DEBUGADD(0, ("'server role = active directory domain controller' or to access the ntvfs file server with 'server services = +smb' or the rpc proxy with 'dcerpc endpoint servers = remote'\n"));
DEBUGADD(0, ("You should start smbd/nmbd/winbindd instead for domain member and standalone file server tasks\n"));
exit_daemon("Samba detected misconfigured 'server role' and exited. Check logs for details", EINVAL);
};
prime_ldb_databases(event_ctx);
status = setup_parent_messaging(event_ctx, cmdline_lp_ctx);
if (!NT_STATUS_IS_OK(status)) {
exit_daemon("Samba failed to setup parent messaging", NT_STATUS_V(status));
}
DEBUG(0,("%s: using '%s' process model\n", binary_name, model));
status = server_service_startup(event_ctx, cmdline_lp_ctx, model,
lpcfg_server_services(cmdline_lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
exit_daemon("Samba failed to start services", NT_STATUS_V(status));
}
if (opt_daemon) {
daemon_ready("samba");
}
/* wait for events - this is where smbd sits for most of its
life */
tevent_loop_wait(event_ctx);
/* as everything hangs off this event context, freeing it
should initiate a clean shutdown of all services */
talloc_free(event_ctx);
return 0;
}
/*
called to initialise the driver
*/
_PUBLIC_ isc_result_t dlz_create(const char *dlzname,
unsigned int argc, char *argv[],
void **dbdata, ...)
{
struct dlz_bind9_data *state;
const char *helper_name;
va_list ap;
isc_result_t result;
TALLOC_CTX *tmp_ctx;
int ret;
struct ldb_dn *dn;
struct b9_options options;
ZERO_STRUCT(options);
state = talloc_zero(NULL, struct dlz_bind9_data);
if (state == NULL) {
return ISC_R_NOMEMORY;
}
tmp_ctx = talloc_new(state);
/* fill in the helper functions */
va_start(ap, dbdata);
while ((helper_name = va_arg(ap, const char *)) != NULL) {
b9_add_helper(state, helper_name, va_arg(ap, void*));
}
va_end(ap);
state->ev_ctx = s4_event_context_init(state);
if (state->ev_ctx == NULL) {
result = ISC_R_NOMEMORY;
goto failed;
}
state->samdb = ldb_init(state, state->ev_ctx);
if (state->samdb == NULL) {
state->log(ISC_LOG_ERROR, "samba_dlz: Failed to create ldb");
result = ISC_R_FAILURE;
goto failed;
}
result = parse_options(state, argc, argv, &options);
if (result != ISC_R_SUCCESS) {
goto failed;
}
state->lp = loadparm_init_global(true);
if (state->lp == NULL) {
result = ISC_R_NOMEMORY;
goto failed;
}
if (options.url == NULL) {
options.url = talloc_asprintf(tmp_ctx, "ldapi://%s",
lpcfg_private_path(tmp_ctx, state->lp, "ldap_priv/ldapi"));
if (options.url == NULL) {
result = ISC_R_NOMEMORY;
goto failed;
}
}
ret = ldb_connect(state->samdb, options.url, 0, NULL);
if (ret != LDB_SUCCESS) {
state->log(ISC_LOG_ERROR, "samba_dlz: Failed to connect to %s - %s",
options.url, ldb_errstring(state->samdb));
result = ISC_R_FAILURE;
goto failed;
}
ret = ldb_modules_hook(state->samdb, LDB_MODULE_HOOK_CMDLINE_POSTCONNECT);
if (ret != LDB_SUCCESS) {
state->log(ISC_LOG_ERROR, "samba_dlz: Failed postconnect for %s - %s",
options.url, ldb_errstring(state->samdb));
result = ISC_R_FAILURE;
goto failed;
}
dn = ldb_get_default_basedn(state->samdb);
if (dn == NULL) {
state->log(ISC_LOG_ERROR, "samba_dlz: Unable to get basedn for %s - %s",
options.url, ldb_errstring(state->samdb));
result = ISC_R_FAILURE;
goto failed;
}
state->log(ISC_LOG_INFO, "samba_dlz: started for DN %s",
ldb_dn_get_linearized(dn));
*dbdata = state;
talloc_free(tmp_ctx);
return ISC_R_SUCCESS;
failed:
talloc_free(state);
return result;
}
static NTSTATUS check_samba4_security(const struct auth_context *auth_context,
void *my_private_data,
TALLOC_CTX *mem_ctx,
const struct auth_usersupplied_info *user_info,
struct auth_serversupplied_info **server_info)
{
TALLOC_CTX *frame = talloc_stackframe();
struct netr_SamInfo3 *info3 = NULL;
NTSTATUS nt_status;
struct auth_user_info_dc *user_info_dc;
struct auth4_context *auth4_context;
struct loadparm_context *lp_ctx;
lp_ctx = loadparm_init_s3(frame, loadparm_s3_context());
if (lp_ctx == NULL) {
DEBUG(10, ("loadparm_init_s3 failed\n"));
talloc_free(frame);
return NT_STATUS_INVALID_SERVER_STATE;
}
/* We create a private tevent context here to avoid nested loops in
* the s3 one, as that may not be expected */
nt_status = auth_context_create(mem_ctx,
s4_event_context_init(frame), NULL,
lp_ctx,
&auth4_context);
NT_STATUS_NOT_OK_RETURN(nt_status);
nt_status = auth_context_set_challenge(auth4_context, auth_context->challenge.data, "auth_samba4");
NT_STATUS_NOT_OK_RETURN_AND_FREE(nt_status, auth4_context);
nt_status = auth_check_password(auth4_context, auth4_context, user_info, &user_info_dc);
NT_STATUS_NOT_OK_RETURN_AND_FREE(nt_status, auth4_context);
nt_status = auth_convert_user_info_dc_saminfo3(mem_ctx,
user_info_dc,
&info3);
if (NT_STATUS_IS_OK(nt_status)) {
/* We need the strings from the server_info to be valid as long as the info3 is around */
talloc_steal(info3, user_info_dc);
}
talloc_free(auth4_context);
if (!NT_STATUS_IS_OK(nt_status)) {
goto done;
}
nt_status = make_server_info_info3(mem_ctx, user_info->client.account_name,
user_info->mapped.domain_name, server_info,
info3);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(10, ("make_server_info_info3 failed: %s\n",
nt_errstr(nt_status)));
TALLOC_FREE(frame);
return nt_status;
}
nt_status = NT_STATUS_OK;
done:
TALLOC_FREE(frame);
return nt_status;
}
/*
main server.
*/
static int binary_smbd_main(const char *binary_name, int argc, const char *argv[])
{
bool opt_daemon = false;
bool opt_interactive = false;
int opt;
poptContext pc;
#define _MODULE_PROTO(init) extern NTSTATUS init(void);
STATIC_service_MODULES_PROTO;
init_module_fn static_init[] = { STATIC_service_MODULES };
init_module_fn *shared_init;
struct tevent_context *event_ctx;
uint16_t stdin_event_flags;
NTSTATUS status;
const char *model = "standard";
int max_runtime = 0;
enum {
OPT_DAEMON = 1000,
OPT_INTERACTIVE,
OPT_PROCESS_MODEL,
OPT_SHOW_BUILD
};
struct poptOption long_options[] = {
POPT_AUTOHELP
{"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON,
"Become a daemon (default)", NULL },
{"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE,
"Run interactive (not a daemon)", NULL},
{"model", 'M', POPT_ARG_STRING, NULL, OPT_PROCESS_MODEL,
"Select process model", "MODEL"},
{"maximum-runtime",0, POPT_ARG_INT, &max_runtime, 0,
"set maximum runtime of the server process, till autotermination", "seconds"},
{"show-build", 'b', POPT_ARG_NONE, NULL, OPT_SHOW_BUILD, "show build info", NULL },
POPT_COMMON_SAMBA
POPT_COMMON_VERSION
{ NULL }
};
pc = poptGetContext(binary_name, argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) {
switch(opt) {
case OPT_DAEMON:
opt_daemon = true;
break;
case OPT_INTERACTIVE:
opt_interactive = true;
break;
case OPT_PROCESS_MODEL:
model = poptGetOptArg(pc);
break;
case OPT_SHOW_BUILD:
show_build();
break;
default:
fprintf(stderr, "\nInvalid option %s: %s\n\n",
poptBadOption(pc, 0), poptStrerror(opt));
poptPrintUsage(pc, stderr, 0);
return 1;
}
}
if (opt_daemon && opt_interactive) {
fprintf(stderr,"\nERROR: "
"Option -i|--interactive is not allowed together with -D|--daemon\n\n");
poptPrintUsage(pc, stderr, 0);
return 1;
} else if (!opt_interactive) {
/* default is --daemon */
opt_daemon = true;
}
poptFreeContext(pc);
setup_logging(binary_name, opt_interactive?DEBUG_STDOUT:DEBUG_FILE);
setup_signals();
/* we want total control over the permissions on created files,
so set our umask to 0 */
umask(0);
DEBUG(0,("%s version %s started.\n", binary_name, SAMBA_VERSION_STRING));
DEBUGADD(0,("Copyright Andrew Tridgell and the Samba Team 1992-2011\n"));
if (sizeof(uint16_t) < 2 || sizeof(uint32_t) < 4 || sizeof(uint64_t) < 8) {
DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
DEBUGADD(0,("sizeof(uint16_t) = %u, sizeof(uint32_t) %u, sizeof(uint64_t) = %u\n",
(unsigned int)sizeof(uint16_t), (unsigned int)sizeof(uint32_t), (unsigned int)sizeof(uint64_t)));
return 1;
}
if (opt_daemon) {
DEBUG(3,("Becoming a daemon.\n"));
become_daemon(true, false, false);
}
cleanup_tmp_files(cmdline_lp_ctx);
if (!directory_exist(lpcfg_lockdir(cmdline_lp_ctx))) {
mkdir(lpcfg_lockdir(cmdline_lp_ctx), 0755);
}
pidfile_create(lpcfg_piddir(cmdline_lp_ctx), binary_name);
/* Set up a database to hold a random seed, in case we don't
* have /dev/urandom */
if (!randseed_init(talloc_autofree_context(), cmdline_lp_ctx)) {
return 1;
}
if (lpcfg_server_role(cmdline_lp_ctx) == ROLE_DOMAIN_CONTROLLER) {
if (!open_schannel_session_store(talloc_autofree_context(), lpcfg_private_dir(cmdline_lp_ctx))) {
DEBUG(0,("ERROR: Samba cannot open schannel store for secured NETLOGON operations.\n"));
exit(1);
}
}
gensec_init(); /* FIXME: */
ntptr_init(); /* FIXME: maybe run this in the initialization function
of the spoolss RPC server instead? */
ntvfs_init(cmdline_lp_ctx); /* FIXME: maybe run this in the initialization functions
of the SMB[,2] server instead? */
process_model_init(cmdline_lp_ctx);
shared_init = load_samba_modules(NULL, "service");
run_init_functions(static_init);
run_init_functions(shared_init);
talloc_free(shared_init);
/* the event context is the top level structure in smbd. Everything else
should hang off that */
event_ctx = s4_event_context_init(talloc_autofree_context());
if (event_ctx == NULL) {
DEBUG(0,("Initializing event context failed\n"));
return 1;
}
if (opt_interactive) {
/* terminate when stdin goes away */
stdin_event_flags = TEVENT_FD_READ;
} else {
/* stay alive forever */
stdin_event_flags = 0;
}
/* catch EOF on stdin */
#ifdef SIGTTIN
signal(SIGTTIN, SIG_IGN);
#endif
tevent_add_fd(event_ctx, event_ctx, 0, stdin_event_flags,
server_stdin_handler,
discard_const(binary_name));
if (max_runtime) {
DEBUG(0,("Called with maxruntime %d - current ts %llu\n",
max_runtime, (unsigned long long) time(NULL)));
tevent_add_timer(event_ctx, event_ctx,
timeval_current_ofs(max_runtime, 0),
max_runtime_handler,
discard_const(binary_name));
}
prime_ldb_databases(event_ctx);
status = setup_parent_messaging(event_ctx, cmdline_lp_ctx);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("Failed to setup parent messaging - %s\n", nt_errstr(status)));
return 1;
}
DEBUG(0,("%s: using '%s' process model\n", binary_name, model));
status = server_service_startup(event_ctx, cmdline_lp_ctx, model,
lpcfg_server_services(cmdline_lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("Starting Services failed - %s\n", nt_errstr(status)));
return 1;
}
/* wait for events - this is where smbd sits for most of its
life */
tevent_loop_wait(event_ctx);
/* as everything hangs off this event context, freeing it
should initiate a clean shutdown of all services */
talloc_free(event_ctx);
return 0;
}
int main(int argc, const char ** argv)
{
int i;
const char ** dd_args;
struct tevent_context *ev;
poptContext pctx;
struct poptOption poptions[] = {
/* POPT_AUTOHELP */
{ NULL, '\0', POPT_ARG_INCLUDE_TABLE, cifsddHelpOptions,
0, "Help options:", NULL },
POPT_COMMON_SAMBA
POPT_COMMON_CONNECTION
POPT_COMMON_CREDENTIALS
POPT_COMMON_VERSION
{ NULL }
};
/* Block sizes. */
set_arg_val("bs", (uint64_t)4096);
set_arg_val("ibs", (uint64_t)4096);
set_arg_val("obs", (uint64_t)4096);
/* Block counts. */
set_arg_val("count", (uint64_t)-1);
set_arg_val("seek", (uint64_t)0);
set_arg_val("seek", (uint64_t)0);
/* Files. */
set_arg_val("if", NULL);
set_arg_val("of", NULL);
/* Options. */
set_arg_val("direct", false);
set_arg_val("sync", false);
set_arg_val("oplock", false);
pctx = poptGetContext(PROGNAME, argc, argv, poptions, 0);
while ((i = poptGetNextOpt(pctx)) != -1) {
;
}
for (dd_args = poptGetArgs(pctx); dd_args && *dd_args; ++dd_args) {
if (!set_arg_argv(*dd_args)) {
fprintf(stderr, "%s: invalid option: %s\n",
PROGNAME, *dd_args);
exit(SYNTAX_EXIT_CODE);
}
/* "bs" has the side-effect of setting "ibs" and "obs". */
if (strncmp(*dd_args, "bs=", 3) == 0) {
uint64_t bs = check_arg_numeric("bs");
set_arg_val("ibs", bs);
set_arg_val("obs", bs);
}
}
ev = s4_event_context_init(talloc_autofree_context());
gensec_init(cmdline_lp_ctx);
dump_args();
if (check_arg_numeric("ibs") == 0 || check_arg_numeric("ibs") == 0) {
fprintf(stderr, "%s: block sizes must be greater that zero\n",
PROGNAME);
exit(SYNTAX_EXIT_CODE);
}
if (check_arg_pathname("if") == NULL) {
fprintf(stderr, "%s: missing input filename\n", PROGNAME);
exit(SYNTAX_EXIT_CODE);
}
if (check_arg_pathname("of") == NULL) {
fprintf(stderr, "%s: missing output filename\n", PROGNAME);
exit(SYNTAX_EXIT_CODE);
}
CatchSignal(SIGINT, dd_handle_signal);
CatchSignal(SIGUSR1, dd_handle_signal);
return(copy_files(ev, cmdline_lp_ctx));
}
int main(int argc, char **argv)
{
int opt;
const char *file = NULL;
poptContext pc;
const char *remote = NULL;
struct regshell_context *ctx;
struct tevent_context *ev_ctx;
bool ret = true;
struct poptOption long_options[] = {
POPT_AUTOHELP
{"file", 'F', POPT_ARG_STRING, &file, 0, "open hive file", NULL },
{"remote", 'R', POPT_ARG_STRING, &remote, 0, "connect to specified remote server", NULL},
POPT_COMMON_SAMBA
POPT_COMMON_CREDENTIALS
POPT_COMMON_VERSION
{ NULL }
};
pc = poptGetContext(argv[0], argc, (const char **) argv, long_options,0);
while((opt = poptGetNextOpt(pc)) != -1) {
}
ctx = talloc_zero(NULL, struct regshell_context);
ev_ctx = s4_event_context_init(ctx);
if (remote != NULL) {
ctx->registry = reg_common_open_remote(remote, ev_ctx,
cmdline_lp_ctx, cmdline_credentials);
} else if (file != NULL) {
ctx->current = reg_common_open_file(file, ev_ctx, cmdline_lp_ctx, cmdline_credentials);
if (ctx->current == NULL)
return 1;
ctx->registry = ctx->current->context;
ctx->path = talloc_strdup(ctx, "");
ctx->predef = NULL;
ctx->root = ctx->current;
} else {
ctx->registry = reg_common_open_local(cmdline_credentials, ev_ctx, cmdline_lp_ctx);
}
if (ctx->registry == NULL)
return 1;
if (ctx->current == NULL) {
unsigned int i;
for (i = 0; (reg_predefined_keys[i].handle != 0) &&
(ctx->current == NULL); i++) {
WERROR err;
err = reg_get_predefined_key(ctx->registry,
reg_predefined_keys[i].handle,
&ctx->current);
if (W_ERROR_IS_OK(err)) {
ctx->predef = talloc_strdup(ctx,
reg_predefined_keys[i].name);
ctx->path = talloc_strdup(ctx, "");
ctx->root = ctx->current;
break;
} else {
ctx->current = NULL;
ctx->root = NULL;
}
}
}
if (ctx->current == NULL) {
fprintf(stderr, "Unable to access any of the predefined keys\n");
return 1;
}
poptFreeContext(pc);
while (true) {
char *line, *prompt;
if (asprintf(&prompt, "%s\\%s> ", ctx->predef?ctx->predef:"",
ctx->path) < 0) {
ret = false;
break;
}
current_key = ctx->current; /* No way to pass a void * pointer
via readline :-( */
line = smb_readline(prompt, NULL, reg_completion);
if (line == NULL) {
free(prompt);
break;
}
if (line[0] != '\n') {
ret = W_ERROR_IS_OK(process_cmd(ctx, line));
}
free(line);
free(prompt);
}
talloc_free(ctx);
return (ret?0:1);
}
