static PyObject *py_creds_guess(PyObject *self, PyObject *args)
{
PyObject *py_lp_ctx = Py_None;
struct loadparm_context *lp_ctx;
TALLOC_CTX *mem_ctx;
struct cli_credentials *creds;
creds = PyCredentials_AsCliCredentials(self);
if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
return NULL;
mem_ctx = talloc_new(NULL);
if (mem_ctx == NULL) {
PyErr_NoMemory();
return NULL;
}
lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
if (lp_ctx == NULL) {
talloc_free(mem_ctx);
return NULL;
}
cli_credentials_guess(creds, lp_ctx);
talloc_free(mem_ctx);
Py_RETURN_NONE;
}
NTSTATUS auth_ntlmssp_client_prepare(TALLOC_CTX *mem_ctx, struct auth_generic_state **auth_ntlmssp_state)
{
struct auth_generic_state *ans;
NTSTATUS nt_status;
struct gensec_settings *gensec_settings;
struct loadparm_context *lp_ctx;
ans = talloc_zero(mem_ctx, struct auth_generic_state);
if (!ans) {
DEBUG(0,("auth_ntlmssp_start: talloc failed!\n"));
return NT_STATUS_NO_MEMORY;
}
lp_ctx = loadparm_init_s3(ans, loadparm_s3_context());
if (lp_ctx == NULL) {
DEBUG(10, ("loadparm_init_s3 failed\n"));
TALLOC_FREE(ans);
return NT_STATUS_INVALID_SERVER_STATE;
}
gensec_settings = lpcfg_gensec_settings(ans, lp_ctx);
if (lp_ctx == NULL) {
DEBUG(10, ("lpcfg_gensec_settings failed\n"));
TALLOC_FREE(ans);
return NT_STATUS_NO_MEMORY;
}
nt_status = gensec_client_start(ans, &ans->gensec_security, gensec_settings);
if (!NT_STATUS_IS_OK(nt_status)) {
TALLOC_FREE(ans);
return nt_status;
}
ans->credentials = cli_credentials_init(ans);
if (!ans->credentials) {
TALLOC_FREE(ans);
return NT_STATUS_NO_MEMORY;
}
cli_credentials_guess(ans->credentials, lp_ctx);
talloc_unlink(ans, lp_ctx);
talloc_unlink(ans, gensec_settings);
*auth_ntlmssp_state = ans;
return NT_STATUS_OK;
}
/**
* Connect to a specific interface, but ask the user
* for information not specified
*/
struct dcerpc_binding_handle *gtk_connect_rpc_interface(TALLOC_CTX *mem_ctx,
struct tevent_context *ev_ctx,
struct loadparm_context *lp_ctx,
const struct ndr_interface_table *table)
{
GtkRpcBindingDialog *d;
NTSTATUS status;
struct dcerpc_binding_handle *pipe;
struct cli_credentials *cred;
gint result;
d = SAMBAGTK_RPC_BINDING_DIALOG(gtk_rpc_binding_dialog_new(NULL));
result = gtk_dialog_run(GTK_DIALOG(d));
if (result != GTK_RESPONSE_ACCEPT) {
gtk_widget_destroy(GTK_WIDGET(d));
return NULL;
}
cred = cli_credentials_init(mem_ctx);
cli_credentials_guess(cred, lp_ctx);
cli_credentials_set_gtk_callbacks(cred);
status = dcerpc_pipe_connect_b(mem_ctx, &pipe,
gtk_rpc_binding_dialog_get_binding(d, mem_ctx),
table, cred, ev_ctx, lp_ctx);
if(!NT_STATUS_IS_OK(status)) {
gtk_show_ntstatus(NULL, "While connecting to interface", status);
gtk_widget_destroy(GTK_WIDGET(d));
talloc_free(cred);
return NULL;
}
gtk_widget_destroy(GTK_WIDGET(d));
talloc_free(cred);
return pipe;
}
NTSTATUS auth_generic_client_prepare(TALLOC_CTX *mem_ctx, struct auth_generic_state **auth_generic_state)
{
struct auth_generic_state *ans;
NTSTATUS nt_status;
size_t idx = 0;
struct gensec_settings *gensec_settings;
struct loadparm_context *lp_ctx;
ans = talloc_zero(mem_ctx, struct auth_generic_state);
if (!ans) {
DEBUG(0,("auth_generic_start: talloc failed!\n"));
return NT_STATUS_NO_MEMORY;
}
lp_ctx = loadparm_init_s3(ans, loadparm_s3_context());
if (lp_ctx == NULL) {
DEBUG(10, ("loadparm_init_s3 failed\n"));
TALLOC_FREE(ans);
return NT_STATUS_INVALID_SERVER_STATE;
}
gensec_settings = lpcfg_gensec_settings(ans, lp_ctx);
if (lp_ctx == NULL) {
DEBUG(10, ("lpcfg_gensec_settings failed\n"));
TALLOC_FREE(ans);
return NT_STATUS_NO_MEMORY;
}
gensec_settings->backends = talloc_zero_array(gensec_settings,
struct gensec_security_ops *, 4);
if (gensec_settings->backends == NULL) {
TALLOC_FREE(ans);
return NT_STATUS_NO_MEMORY;
}
gensec_settings->backends[idx++] = &gensec_ntlmssp3_client_ops;
#if defined(HAVE_KRB5) && defined(HAVE_GSS_WRAP_IOV)
gensec_settings->backends[idx++] = &gensec_gse_krb5_security_ops;
#endif
gensec_init();
gensec_settings->backends[idx++] = gensec_security_by_oid(NULL,
GENSEC_OID_SPNEGO);
nt_status = gensec_client_start(ans, &ans->gensec_security, gensec_settings);
if (!NT_STATUS_IS_OK(nt_status)) {
TALLOC_FREE(ans);
return nt_status;
}
ans->credentials = cli_credentials_init(ans);
if (!ans->credentials) {
TALLOC_FREE(ans);
return NT_STATUS_NO_MEMORY;
}
cli_credentials_guess(ans->credentials, lp_ctx);
talloc_unlink(ans, lp_ctx);
talloc_unlink(ans, gensec_settings);
*auth_generic_state = ans;
return NT_STATUS_OK;
}
/****************************************************************************
main program
****************************************************************************/
int main(int argc,char *argv[])
{
char *share[NSERVERS];
int opt;
int seed, server;
int username_count=0;
struct tevent_context *ev;
struct loadparm_context *lp_ctx;
poptContext pc;
int argc_new, i;
char **argv_new;
enum {OPT_UNCLIST=1000};
struct poptOption long_options[] = {
POPT_AUTOHELP
{"seed", 0, POPT_ARG_INT, &seed, 0, "Seed to use for randomizer", NULL},
{"num-ops", 0, POPT_ARG_INT, &numops, 0, "num ops", NULL},
{"lockrange", 0, POPT_ARG_INT, &lock_range,0, "locking range", NULL},
{"lockbase", 0, POPT_ARG_INT, &lock_base, 0, "locking base", NULL},
{"minlength", 0, POPT_ARG_INT, &min_length,0, "min lock length", NULL},
{"hidefails", 0, POPT_ARG_NONE, &hide_unlock_fails,0,"hide unlock fails", NULL},
{"oplocks", 0, POPT_ARG_NONE, &use_oplocks,0, "use oplocks", NULL},
{"showall", 0, POPT_ARG_NONE, &showall, 0, "display all operations", NULL},
{"analyse", 0, POPT_ARG_NONE, &analyze, 0, "do backtrack analysis", NULL},
{"zerozero", 0, POPT_ARG_NONE, &zero_zero, 0, "do zero/zero lock", NULL},
{"exacterrors", 0, POPT_ARG_NONE, &exact_error_codes,0,"use exact error codes", NULL},
{"unclist", 0, POPT_ARG_STRING, NULL, OPT_UNCLIST, "unclist", NULL},
{ "user", 'U', POPT_ARG_STRING, NULL, 'U', "Set the network username", "[DOMAIN/]USERNAME[%PASSWORD]" },
POPT_COMMON_SAMBA
POPT_COMMON_CONNECTION
POPT_COMMON_CREDENTIALS
POPT_COMMON_VERSION
{ NULL }
};
setlinebuf(stdout);
seed = time(NULL);
pc = poptGetContext("locktest", argc, (const char **) argv, long_options,
POPT_CONTEXT_KEEP_FIRST);
poptSetOtherOptionHelp(pc, "<unc1> <unc2>");
lp_ctx = cmdline_lp_ctx;
servers[0] = cli_credentials_init(talloc_autofree_context());
servers[1] = cli_credentials_init(talloc_autofree_context());
cli_credentials_guess(servers[0], lp_ctx);
cli_credentials_guess(servers[1], lp_ctx);
while((opt = poptGetNextOpt(pc)) != -1) {
switch (opt) {
case OPT_UNCLIST:
lp_set_cmdline(cmdline_lp_ctx, "torture:unclist", poptGetOptArg(pc));
break;
case 'U':
if (username_count == 2) {
usage(pc);
exit(1);
}
cli_credentials_parse_string(servers[username_count], poptGetOptArg(pc), CRED_SPECIFIED);
username_count++;
break;
}
}
argv_new = discard_const_p(char *, poptGetArgs(pc));
argc_new = argc;
for (i=0; i<argc; i++) {
if (argv_new[i] == NULL) {
argc_new = i;
break;
}
}
if (!(argc_new >= 3)) {
usage(pc);
exit(1);
}
setup_logging("locktest", DEBUG_STDOUT);
for (server=0;server<NSERVERS;server++) {
share[server] = argv_new[1+server];
all_string_sub(share[server],"/","\\",0);
}
lp_ctx = cmdline_lp_ctx;
if (username_count == 0) {
usage(pc);
return -1;
}
if (username_count == 1) {
servers[1] = servers[0];
}
ev = s4_event_context_init(talloc_autofree_context());
gensec_init(lp_ctx);
DEBUG(0,("seed=%u base=%d range=%d min_length=%d\n",
seed, lock_base, lock_range, min_length));
srandom(seed);
return test_locks(ev, lp_ctx, NULL, share);
}
static void popt_common_credentials_callback(poptContext con,
enum poptCallbackReason reason,
const struct poptOption *opt,
const char *arg, const void *data)
{
if (reason == POPT_CALLBACK_REASON_PRE) {
cmdline_credentials = cli_credentials_init(talloc_autofree_context());
return;
}
if (reason == POPT_CALLBACK_REASON_POST) {
cli_credentials_guess(cmdline_credentials, cmdline_lp_ctx);
if (!dont_ask) {
cli_credentials_set_cmdline_callbacks(cmdline_credentials);
}
return;
}
switch(opt->val) {
case 'U':
{
char *lp;
cli_credentials_parse_string(cmdline_credentials, arg, CRED_SPECIFIED);
/* This breaks the abstraction, including the const above */
if ((lp=strchr_m(arg,'%'))) {
lp[0]='\0';
lp++;
/* Try to prevent this showing up in ps */
memset(lp,0,strlen(lp));
}
}
break;
case OPT_PASSWORD:
cli_credentials_set_password(cmdline_credentials, arg, CRED_SPECIFIED);
/* Try to prevent this showing up in ps */
memset(discard_const(arg),0,strlen(arg));
break;
case 'A':
cli_credentials_parse_file(cmdline_credentials, arg, CRED_SPECIFIED);
break;
case 'P':
/* Later, after this is all over, get the machine account details from the secrets.ldb */
cli_credentials_set_machine_account_pending(cmdline_credentials, cmdline_lp_ctx);
break;
case OPT_KERBEROS:
{
bool use_kerberos = true;
/* Force us to only use kerberos */
if (arg) {
if (!set_boolean(arg, &use_kerberos)) {
fprintf(stderr, "Error parsing -k %s\n", arg);
exit(1);
break;
}
}
cli_credentials_set_kerberos_state(cmdline_credentials,
use_kerberos
? CRED_MUST_USE_KERBEROS
: CRED_DONT_USE_KERBEROS);
break;
}
case OPT_SIMPLE_BIND_DN:
cli_credentials_set_bind_dn(cmdline_credentials, arg);
break;
}
}
NTSTATUS auth_generic_client_prepare(TALLOC_CTX *mem_ctx, struct auth_generic_state **auth_generic_state)
{
struct auth_generic_state *ans;
NTSTATUS nt_status;
size_t idx = 0;
struct gensec_settings *gensec_settings;
const struct gensec_security_ops **backends = NULL;
struct loadparm_context *lp_ctx;
ans = talloc_zero(mem_ctx, struct auth_generic_state);
if (!ans) {
DEBUG(0,("auth_generic_start: talloc failed!\n"));
return NT_STATUS_NO_MEMORY;
}
lp_ctx = loadparm_init_s3(ans, loadparm_s3_helpers());
if (lp_ctx == NULL) {
DEBUG(10, ("loadparm_init_s3 failed\n"));
TALLOC_FREE(ans);
return NT_STATUS_INVALID_SERVER_STATE;
}
gensec_settings = lpcfg_gensec_settings(ans, lp_ctx);
if (lp_ctx == NULL) {
DEBUG(10, ("lpcfg_gensec_settings failed\n"));
TALLOC_FREE(ans);
return NT_STATUS_NO_MEMORY;
}
backends = talloc_zero_array(gensec_settings,
const struct gensec_security_ops *, 6);
if (backends == NULL) {
TALLOC_FREE(ans);
return NT_STATUS_NO_MEMORY;
}
gensec_settings->backends = backends;
gensec_init();
/* These need to be in priority order, krb5 before NTLMSSP */
#if defined(HAVE_KRB5)
backends[idx++] = &gensec_gse_krb5_security_ops;
#endif
backends[idx++] = &gensec_ntlmssp3_client_ops;
backends[idx++] = gensec_security_by_oid(NULL, GENSEC_OID_SPNEGO);
backends[idx++] = gensec_security_by_auth_type(NULL, DCERPC_AUTH_TYPE_SCHANNEL);
backends[idx++] = gensec_security_by_auth_type(NULL, DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM);
nt_status = gensec_client_start(ans, &ans->gensec_security, gensec_settings);
if (!NT_STATUS_IS_OK(nt_status)) {
TALLOC_FREE(ans);
return nt_status;
}
ans->credentials = cli_credentials_init(ans);
if (!ans->credentials) {
TALLOC_FREE(ans);
return NT_STATUS_NO_MEMORY;
}
cli_credentials_guess(ans->credentials, lp_ctx);
talloc_unlink(ans, lp_ctx);
talloc_unlink(ans, gensec_settings);
*auth_generic_state = ans;
return NT_STATUS_OK;
}
