bool set_cmdline_auth_info_machine_account_creds(struct user_auth_info *auth_info) { char *pass = NULL; char *account = NULL; if (!get_cmdline_auth_info_use_machine_account(auth_info)) { return false; } if (!secrets_init()) { d_printf("ERROR: Unable to open secrets database\n"); return false; } if (asprintf(&account, "%s$@%s", lp_netbios_name(), lp_realm()) < 0) { return false; } pass = secrets_fetch_machine_password(lp_workgroup(), NULL, NULL); if (!pass) { d_printf("ERROR: Unable to fetch machine password for " "%s in domain %s\n", account, lp_workgroup()); SAFE_FREE(account); return false; } set_cmdline_auth_info_username(auth_info, account); set_cmdline_auth_info_password(auth_info, pass); SAFE_FREE(account); SAFE_FREE(pass); return true; }
static void get_credentials_file(struct user_auth_info *auth_info, const char *file) { XFILE *auth; fstring buf; uint16 len = 0; char *ptr, *val, *param; if ((auth=x_fopen(file, O_RDONLY, 0)) == NULL) { /* fail if we can't open the credentials file */ d_printf("ERROR: Unable to open credentials file!\n"); exit(-1); } while (!x_feof(auth)) { /* get a line from the file */ if (!x_fgets(buf, sizeof(buf), auth)) continue; len = strlen(buf); if ((len) && (buf[len-1]=='\n')) { buf[len-1] = '\0'; len--; } if (len == 0) continue; /* break up the line into parameter & value. * will need to eat a little whitespace possibly */ param = buf; if (!(ptr = strchr_m (buf, '='))) continue; val = ptr+1; *ptr = '\0'; /* eat leading white space */ while ((*val!='\0') && ((*val==' ') || (*val=='\t'))) val++; if (strwicmp("password", param) == 0) { set_cmdline_auth_info_password(auth_info, val); } else if (strwicmp("username", param) == 0) { set_cmdline_auth_info_username(auth_info, val); } else if (strwicmp("domain", param) == 0) { set_cmdline_auth_info_domain(auth_info, val); } memset(buf, 0, sizeof(buf)); } x_fclose(auth); }
static WERROR libnetapi_open_ipc_connection(struct libnetapi_ctx *ctx, const char *server_name, struct cli_state **cli) { struct user_auth_info *auth_info = NULL; struct cli_state *cli_ipc = NULL; if (!ctx || !cli || !server_name) { return WERR_INVALID_PARAM; } auth_info = user_auth_info_init(NULL); if (!auth_info) { return WERR_NOMEM; } auth_info->signing_state = Undefined; set_cmdline_auth_info_use_kerberos(auth_info, ctx->use_kerberos); set_cmdline_auth_info_username(auth_info, ctx->username); if (ctx->password) { set_cmdline_auth_info_password(auth_info, ctx->password); } else { set_cmdline_auth_info_getpass(auth_info); } if (ctx->username && ctx->username[0] && ctx->password && ctx->password[0] && ctx->use_kerberos) { set_cmdline_auth_info_fallback_after_kerberos(auth_info, true); } cli_ipc = cli_cm_open(ctx, NULL, server_name, "IPC$", auth_info, false, false, PROTOCOL_NT1, 0, 0x20); if (cli_ipc) { cli_set_username(cli_ipc, ctx->username); cli_set_password(cli_ipc, ctx->password); cli_set_domain(cli_ipc, ctx->workgroup); } TALLOC_FREE(auth_info); if (!cli_ipc) { libnetapi_set_error_string(ctx, "Failed to connect to IPC$ share on %s", server_name); return WERR_CAN_NOT_COMPLETE; } *cli = cli_ipc; return WERR_OK; }
static WERROR libnetapi_open_ipc_connection(struct libnetapi_ctx *ctx, const char *server_name, struct client_ipc_connection **pp) { struct libnetapi_private_ctx *priv_ctx; struct user_auth_info *auth_info = NULL; struct cli_state *cli_ipc = NULL; struct client_ipc_connection *p; NTSTATUS status; if (!ctx || !pp || !server_name) { return WERR_INVALID_PARAM; } priv_ctx = (struct libnetapi_private_ctx *)ctx->private_data; p = ipc_cm_find(priv_ctx, server_name); if (p) { *pp = p; return WERR_OK; } auth_info = user_auth_info_init(ctx); if (!auth_info) { return WERR_NOMEM; } auth_info->signing_state = SMB_SIGNING_DEFAULT; set_cmdline_auth_info_use_kerberos(auth_info, ctx->use_kerberos); set_cmdline_auth_info_username(auth_info, ctx->username); if (ctx->password) { set_cmdline_auth_info_password(auth_info, ctx->password); } else { set_cmdline_auth_info_getpass(auth_info); } if (ctx->username && ctx->username[0] && ctx->password && ctx->password[0] && ctx->use_kerberos) { set_cmdline_auth_info_fallback_after_kerberos(auth_info, true); } if (ctx->use_ccache) { set_cmdline_auth_info_use_ccache(auth_info, true); } status = cli_cm_open(ctx, NULL, server_name, "IPC$", auth_info, false, false, PROTOCOL_NT1, 0, 0x20, &cli_ipc); if (NT_STATUS_IS_OK(status)) { cli_set_username(cli_ipc, ctx->username); cli_set_password(cli_ipc, ctx->password); cli_set_domain(cli_ipc, ctx->workgroup); } else { cli_ipc = NULL; } TALLOC_FREE(auth_info); if (!cli_ipc) { libnetapi_set_error_string(ctx, "Failed to connect to IPC$ share on %s", server_name); return WERR_CAN_NOT_COMPLETE; } p = talloc_zero(ctx, struct client_ipc_connection); if (p == NULL) { return WERR_NOMEM; } p->cli = cli_ipc; DLIST_ADD(priv_ctx->ipc_connections, p); *pp = p; return WERR_OK; }
static void popt_common_credentials_callback(poptContext con, enum poptCallbackReason reason, const struct poptOption *opt, const char *arg, const void *data) { struct user_auth_info *auth_info = talloc_get_type_abort( *((const char **)data), struct user_auth_info); char *p; if (reason == POPT_CALLBACK_REASON_PRE) { set_cmdline_auth_info_username(auth_info, "GUEST"); if (getenv("LOGNAME")) { set_cmdline_auth_info_username(auth_info, getenv("LOGNAME")); } if (getenv("USER")) { char *puser = SMB_STRDUP(getenv("USER")); if (!puser) { exit(ENOMEM); } set_cmdline_auth_info_username(auth_info, puser); } if (getenv("PASSWD")) { set_cmdline_auth_info_password(auth_info, getenv("PASSWD")); } if (getenv("PASSWD_FD") || getenv("PASSWD_FILE")) { get_password_file(auth_info); } return; } switch(opt->val) { case 'U': { char *lp; char *puser = SMB_STRDUP(arg); if ((lp=strchr_m(puser,'%'))) { size_t len; *lp = '\0'; set_cmdline_auth_info_username(auth_info, puser); set_cmdline_auth_info_password(auth_info, lp+1); len = strlen(lp+1); memset(lp + 1, '\0', len); } else { set_cmdline_auth_info_username(auth_info, puser); } SAFE_FREE(puser); } break; case 'A': get_credentials_file(auth_info, arg); break; case 'k': #ifndef HAVE_KRB5 d_printf("No kerberos support compiled in\n"); exit(1); #else set_cmdline_auth_info_use_krb5_ticket(auth_info); #endif break; case 'S': if (!set_cmdline_auth_info_signing_state(auth_info, arg)) { fprintf(stderr, "Unknown signing option %s\n", arg ); exit(1); } break; case 'P': set_cmdline_auth_info_use_machine_account(auth_info); break; case 'N': set_cmdline_auth_info_password(auth_info, ""); break; case 'e': set_cmdline_auth_info_smb_encrypt(auth_info); break; case 'C': set_cmdline_auth_info_use_ccache(auth_info, true); break; case 'H': set_cmdline_auth_info_use_pw_nt_hash(auth_info, true); break; } }