static NTSTATUS libnet_dssync_lookup_nc(TALLOC_CTX *mem_ctx, struct dssync_context *ctx) { NTSTATUS status; WERROR werr; int32_t level = 1; union drsuapi_DsNameRequest req; int32_t level_out; struct drsuapi_DsNameString names[1]; union drsuapi_DsNameCtr ctr; names[0].str = talloc_asprintf(mem_ctx, "%s\\", ctx->domain_name); NT_STATUS_HAVE_NO_MEMORY(names[0].str); req.req1.codepage = 1252; /* german */ req.req1.language = 0x00000407; /* german */ req.req1.count = 1; req.req1.names = names; req.req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS; req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_UNKNOWN; req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779; status = rpccli_drsuapi_DsCrackNames(ctx->cli, mem_ctx, &ctx->bind_handle, level, &req, &level_out, &ctr, &werr); if (!NT_STATUS_IS_OK(status)) { ctx->error_message = talloc_asprintf(ctx, "Failed to lookup DN for domain name: %s", get_friendly_werror_msg(werr)); return status; } if (!W_ERROR_IS_OK(werr)) { return werror_to_ntstatus(werr); } if (ctr.ctr1->count != 1) { return NT_STATUS_UNSUCCESSFUL; } if (ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) { return NT_STATUS_UNSUCCESSFUL; } ctx->nc_dn = talloc_strdup(mem_ctx, ctr.ctr1->array[0].result_name); NT_STATUS_HAVE_NO_MEMORY(ctx->nc_dn); if (!ctx->dns_domain_name) { ctx->dns_domain_name = talloc_strdup_upper(mem_ctx, ctr.ctr1->array[0].dns_domain_name); NT_STATUS_HAVE_NO_MEMORY(ctx->dns_domain_name); } return NT_STATUS_OK; }
const char *libnetapi_errstr(NET_API_STATUS status) { if (status & 0xc0000000) { return get_friendly_nt_error_msg(NT_STATUS(status)); } return get_friendly_werror_msg(W_ERROR(status)); }
char *libnetapi_errstr(NET_API_STATUS status) { TALLOC_CTX *frame = talloc_stackframe(); char *ret; if (status & 0xc0000000) { ret = talloc_strdup(NULL, get_friendly_nt_error_msg(NT_STATUS(status))); } else { ret = talloc_strdup(NULL, get_friendly_werror_msg(W_ERROR(status))); } TALLOC_FREE(frame); return ret; }
static WERROR cmd_drsuapi_getncchanges(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv) { NTSTATUS status; WERROR werr; struct policy_handle bind_handle; struct dcerpc_binding_handle *b = cli->binding_handle; struct GUID bind_guid; struct drsuapi_DsBindInfoCtr bind_info; struct drsuapi_DsBindInfo28 info28; const char *nc_dn = NULL; DATA_BLOB session_key; uint32_t level = 8; bool single = false; uint32_t level_out = 0; union drsuapi_DsGetNCChangesRequest req; union drsuapi_DsGetNCChangesCtr ctr; struct drsuapi_DsReplicaObjectIdentifier nc; struct drsuapi_DsGetNCChangesCtr1 *ctr1 = NULL; struct drsuapi_DsGetNCChangesCtr6 *ctr6 = NULL; uint32_t out_level = 0; int y; uint32_t supported_extensions = 0; uint32_t replica_flags = DRSUAPI_DRS_WRIT_REP | DRSUAPI_DRS_INIT_SYNC | DRSUAPI_DRS_PER_SYNC | DRSUAPI_DRS_GET_ANC | DRSUAPI_DRS_NEVER_SYNCED; if (argc > 3) { printf("usage: %s [naming_context_or_object_dn [single]]\n", argv[0]); return WERR_OK; } if (argc >= 2) { nc_dn = argv[1]; } if (argc == 3) { if (strequal(argv[2], "single")) { single = true; } else { printf("warning: ignoring unknown argument '%s'\n", argv[2]); } } ZERO_STRUCT(info28); ZERO_STRUCT(req); GUID_from_string(DRSUAPI_DS_BIND_GUID, &bind_guid); info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_BASE; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7; info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT; info28.site_guid = GUID_zero(); info28.pid = 0; info28.repl_epoch = 0; bind_info.length = 28; bind_info.info.info28 = info28; status = dcerpc_drsuapi_DsBind(b, mem_ctx, &bind_guid, &bind_info, &bind_handle, &werr); if (!NT_STATUS_IS_OK(status)) { return ntstatus_to_werror(status); } if (!W_ERROR_IS_OK(werr)) { return werr; } if (bind_info.length == 24) { supported_extensions = bind_info.info.info24.supported_extensions; } else if (bind_info.length == 28) { supported_extensions = bind_info.info.info28.supported_extensions; } else if (bind_info.length == 32) { supported_extensions = bind_info.info.info32.supported_extensions; } else if (bind_info.length == 48) { supported_extensions = bind_info.info.info48.supported_extensions; } else if (bind_info.length == 52) { supported_extensions = bind_info.info.info52.supported_extensions; } if (!nc_dn) { union drsuapi_DsNameCtr crack_ctr; const char *name; name = talloc_asprintf(mem_ctx, "%s\\", lp_workgroup()); W_ERROR_HAVE_NO_MEMORY(name); werr = cracknames(cli, mem_ctx, &bind_handle, DRSUAPI_DS_NAME_FORMAT_UNKNOWN, DRSUAPI_DS_NAME_FORMAT_FQDN_1779, 1, &name, &crack_ctr); if (!W_ERROR_IS_OK(werr)) { return werr; } if (crack_ctr.ctr1->count != 1) { return WERR_NO_SUCH_DOMAIN; } if (crack_ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) { return WERR_NO_SUCH_DOMAIN; } nc_dn = talloc_strdup(mem_ctx, crack_ctr.ctr1->array[0].result_name); W_ERROR_HAVE_NO_MEMORY(nc_dn); printf("using: %s\n", nc_dn); } nc.dn = nc_dn; nc.guid = GUID_zero(); nc.sid = (struct dom_sid) {0}; if (supported_extensions & DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8) { level = 8; req.req8.naming_context = &nc; req.req8.replica_flags = replica_flags; req.req8.max_object_count = 402; req.req8.max_ndr_size = 402116; if (single) { req.req8.extended_op = DRSUAPI_EXOP_REPL_OBJ; } } else { level = 5; req.req5.naming_context = &nc; req.req5.replica_flags = replica_flags; req.req5.max_object_count = 402; req.req5.max_ndr_size = 402116; if (single) { req.req5.extended_op = DRSUAPI_EXOP_REPL_OBJ; } } for (y=0; ;y++) { if (level == 8) { DEBUG(1,("start[%d] tmp_higest_usn: %llu , highest_usn: %llu\n",y, (long long)req.req8.highwatermark.tmp_highest_usn, (long long)req.req8.highwatermark.highest_usn)); } status = dcerpc_drsuapi_DsGetNCChanges(b, mem_ctx, &bind_handle, level, &req, &level_out, &ctr, &werr); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); printf("Failed to get NC Changes: %s", get_friendly_nt_error_msg(status)); goto out; } if (!W_ERROR_IS_OK(werr)) { printf("Failed to get NC Changes: %s", get_friendly_werror_msg(werr)); goto out; } if (level_out == 1) { out_level = 1; ctr1 = &ctr.ctr1; } else if (level_out == 2 && ctr.ctr2.mszip1.ts) { out_level = 1; ctr1 = &ctr.ctr2.mszip1.ts->ctr1; } status = cli_get_session_key(mem_ctx, cli, &session_key); if (!NT_STATUS_IS_OK(status)) { printf("Failed to get Session Key: %s", nt_errstr(status)); return ntstatus_to_werror(status); } if (out_level == 1) { DEBUG(1,("end[%d] tmp_highest_usn: %llu , highest_usn: %llu\n",y, (long long)ctr1->new_highwatermark.tmp_highest_usn, (long long)ctr1->new_highwatermark.highest_usn)); #if 0 libnet_dssync_decrypt_attributes(mem_ctx, &session_key, ctr1->first_object); #endif if (ctr1->more_data) { req.req5.highwatermark = ctr1->new_highwatermark; continue; } } if (level_out == 6) { out_level = 6; ctr6 = &ctr.ctr6; } else if (level_out == 7 && ctr.ctr7.level == 6 && ctr.ctr7.type == DRSUAPI_COMPRESSION_TYPE_MSZIP && ctr.ctr7.ctr.mszip6.ts) { out_level = 6; ctr6 = &ctr.ctr7.ctr.mszip6.ts->ctr6; } else if (level_out == 7 && ctr.ctr7.level == 6 && ctr.ctr7.type == DRSUAPI_COMPRESSION_TYPE_XPRESS && ctr.ctr7.ctr.xpress6.ts) { out_level = 6; ctr6 = &ctr.ctr7.ctr.xpress6.ts->ctr6; } if (out_level == 6) { DEBUG(1,("end[%d] tmp_highest_usn: %llu , highest_usn: %llu\n",y, (long long)ctr6->new_highwatermark.tmp_highest_usn, (long long)ctr6->new_highwatermark.highest_usn)); #if 0 libnet_dssync_decrypt_attributes(mem_ctx, &session_key, ctr6->first_object); #endif if (ctr6->more_data) { req.req8.highwatermark = ctr6->new_highwatermark; continue; } } break; } out: return werr; } /* List of commands exported by this module */ struct cmd_set drsuapi_commands[] = { { "DRSUAPI" }, { "dscracknames", RPC_RTYPE_WERROR, NULL, cmd_drsuapi_cracknames, &ndr_table_drsuapi, NULL, "Crack Name", "" }, { "dsgetdcinfo", RPC_RTYPE_WERROR, NULL, cmd_drsuapi_getdcinfo, &ndr_table_drsuapi, NULL, "Get Domain Controller Info", "" }, { "dsgetncchanges", RPC_RTYPE_WERROR, NULL, cmd_drsuapi_getncchanges, &ndr_table_drsuapi, NULL, "Get NC Changes", "" }, { "dswriteaccountspn", RPC_RTYPE_WERROR, NULL, cmd_drsuapi_writeaccountspn, &ndr_table_drsuapi, NULL, "Write Account SPN", "" }, { NULL } };
static void handle_value_input(struct regedit *regedit, int c) { struct value_item *vitem; bool binmode = false; WERROR err; int sel; switch (c) { case KEY_DOWN: value_list_driver(regedit->vl, ML_CURSOR_DOWN); break; case KEY_UP: value_list_driver(regedit->vl, ML_CURSOR_UP); break; case KEY_NPAGE: value_list_driver(regedit->vl, ML_CURSOR_PGDN); break; case KEY_PPAGE: value_list_driver(regedit->vl, ML_CURSOR_PGUP); break; case KEY_HOME: value_list_driver(regedit->vl, ML_CURSOR_HOME); break; case KEY_END: value_list_driver(regedit->vl, ML_CURSOR_END); break; case 'b': case 'B': binmode = true; /* Falthrough... */ case '\n': case KEY_ENTER: vitem = value_list_get_current_item(regedit->vl); if (vitem) { struct tree_node *node; const char *name = NULL; node = tree_view_get_current_node(regedit->keys); sel = dialog_edit_value(regedit, node->key, vitem->type, vitem, binmode, &err, &name); if (!W_ERROR_IS_OK(err)) { const char *msg = get_friendly_werror_msg(err); dialog_notice(regedit, DIA_ALERT, "Error", "Error editing value:\n%s", msg); } else if (sel == DIALOG_OK) { tree_node_reopen_key(regedit->registry_context, node); value_list_load(regedit->vl, node->key); value_list_set_current_item_by_name(regedit->vl, name); talloc_free(discard_const(name)); } } break; case 'n': case 'N': { int new_type; sel = dialog_select_type(regedit, &new_type); if (sel == DIALOG_OK) { struct tree_node *node; const char *name = NULL; node = tree_view_get_current_node(regedit->keys); sel = dialog_edit_value(regedit, node->key, new_type, NULL, false, &err, &name); if (!W_ERROR_IS_OK(err)) { const char *msg = get_friendly_werror_msg(err); dialog_notice(regedit, DIA_ALERT, "Error", "Error creating value:\n%s", msg); } else if (sel == DIALOG_OK) { tree_node_reopen_key(regedit->registry_context, node); value_list_load(regedit->vl, node->key); value_list_set_current_item_by_name(regedit->vl, name); talloc_free(discard_const(name)); } } break; } case 'd': case 'D': vitem = value_list_get_current_item(regedit->vl); if (vitem) { sel = dialog_notice(regedit, DIA_CONFIRM, "Delete Value", "Really delete value \"%s\"?", vitem->value_name); if (sel == DIALOG_OK) { struct tree_node *node; node = tree_view_get_current_node(regedit->keys); reg_del_value(regedit, node->key, vitem->value_name); tree_node_reopen_key(regedit->registry_context, node); value_list_load(regedit->vl, node->key); } } break; } value_list_show(regedit->vl); }
static void handle_tree_input(struct regedit *regedit, int c) { struct tree_node *node; switch (c) { case KEY_DOWN: tree_view_driver(regedit->keys, ML_CURSOR_DOWN); load_values(regedit); break; case KEY_UP: tree_view_driver(regedit->keys, ML_CURSOR_UP); load_values(regedit); break; case KEY_NPAGE: tree_view_driver(regedit->keys, ML_CURSOR_PGDN); load_values(regedit); break; case KEY_PPAGE: tree_view_driver(regedit->keys, ML_CURSOR_PGUP); load_values(regedit); break; case KEY_HOME: tree_view_driver(regedit->keys, ML_CURSOR_HOME); load_values(regedit); break; case KEY_END: tree_view_driver(regedit->keys, ML_CURSOR_END); load_values(regedit); break; case '\n': case KEY_ENTER: case KEY_RIGHT: node = tree_view_get_current_node(regedit->keys); if (node && tree_node_has_children(node)) { WERROR rv; rv = tree_node_load_children(node); if (W_ERROR_IS_OK(rv)) { print_path(regedit, node->child_head); tree_view_update(regedit->keys, node->child_head); value_list_load(regedit->vl, node->child_head->key); } else { const char *msg = get_friendly_werror_msg(rv); dialog_notice(regedit, DIA_ALERT, "Loading Subkeys", "Failed to load subkeys: %s", msg); } } break; case KEY_LEFT: node = tree_view_get_current_node(regedit->keys); if (node && !tree_node_is_top_level(node)) { print_path(regedit, node->parent); node = node->parent; tree_view_update(regedit->keys, tree_node_first(node)); tree_view_set_current_node(regedit->keys, node); value_list_load(regedit->vl, node->key); } break; case 'n': case 'N': node = tree_view_get_current_node(regedit->keys); add_reg_key(regedit, node, false); break; case 's': case 'S': node = tree_view_get_current_node(regedit->keys); add_reg_key(regedit, node, true); break; case 'd': case 'D': { int sel; node = tree_view_get_current_node(regedit->keys); if (tree_node_is_top_level(node)) { break; } sel = dialog_notice(regedit, DIA_CONFIRM, "Delete Key", "Really delete key \"%s\"?", node->name); if (sel == DIALOG_OK) { WERROR rv; struct tree_node *pop; struct tree_node *parent = node->parent; rv = reg_key_del(node, parent->key, node->name); if (W_ERROR_IS_OK(rv)) { tree_node_reopen_key(regedit->registry_context, parent); tree_view_clear(regedit->keys); pop = tree_node_pop(&node); talloc_free(pop); node = parent->child_head; if (node == NULL) { node = tree_node_first(parent); print_path(regedit, node); } tree_view_update(regedit->keys, node); value_list_load(regedit->vl, node->key); } else { const char *msg = get_friendly_werror_msg(rv); dialog_notice(regedit, DIA_ALERT, "Delete Key", "Failed to delete key: %s", msg); } } break; } } tree_view_show(regedit->keys); value_list_show(regedit->vl); }
static void add_reg_key(struct regedit *regedit, struct tree_node *node, bool subkey) { const char *name; const char *msg; if (!subkey && tree_node_is_top_level(node)) { return; } msg = "Enter name of new key"; if (subkey) { msg = "Enter name of new subkey"; } dialog_input(regedit, &name, "New Key", msg); if (name) { WERROR rv; struct registry_key *new_key; struct tree_node *new_node; struct tree_node *list; struct tree_node *parent; if (subkey) { parent = node; list = node->child_head; } else { parent = node->parent; list = tree_node_first(node); SMB_ASSERT(list != NULL); } rv = reg_key_add_name(regedit, parent->key, name, NULL, NULL, &new_key); if (W_ERROR_IS_OK(rv)) { /* The list of subkeys may not be present in cache yet, so if not, don't bother allocating a new node for the key. */ if (list) { new_node = tree_node_new(parent, parent, name, new_key); SMB_ASSERT(new_node); tree_node_insert_sorted(list, new_node); } else { /* Reopen the parent key to make sure the new subkey will be noticed. */ tree_node_reopen_key(regedit->registry_context, parent); } list = tree_node_first(node); tree_view_clear(regedit->keys); tree_view_update(regedit->keys, list); if (!subkey) { node = new_node; } tree_view_set_current_node(regedit->keys, node); load_values(regedit); } else { msg = get_friendly_werror_msg(rv); dialog_notice(regedit, DIA_ALERT, "New Key", "Failed to create key: %s", msg); } talloc_free(discard_const(name)); } }