Exemplo n.º 1
0
bool set_cmdline_auth_info_machine_account_creds(struct user_auth_info *auth_info)
{
	char *pass = NULL;
	char *account = NULL;

	if (!get_cmdline_auth_info_use_machine_account(auth_info)) {
		return false;
	}

	if (!secrets_init()) {
		d_printf("ERROR: Unable to open secrets database\n");
		return false;
	}

	if (asprintf(&account, "%s$@%s", lp_netbios_name(), lp_realm()) < 0) {
		return false;
	}

	pass = secrets_fetch_machine_password(lp_workgroup(), NULL, NULL);
	if (!pass) {
		d_printf("ERROR: Unable to fetch machine password for "
			"%s in domain %s\n",
			account, lp_workgroup());
		SAFE_FREE(account);
		return false;
	}

	set_cmdline_auth_info_username(auth_info, account);
	set_cmdline_auth_info_password(auth_info, pass);

	SAFE_FREE(account);
	SAFE_FREE(pass);

	return true;
}
Exemplo n.º 2
0
static void get_credentials_file(struct user_auth_info *auth_info,
				 const char *file)
{
	XFILE *auth;
	fstring buf;
	uint16 len = 0;
	char *ptr, *val, *param;

	if ((auth=x_fopen(file, O_RDONLY, 0)) == NULL)
	{
		/* fail if we can't open the credentials file */
		d_printf("ERROR: Unable to open credentials file!\n");
		exit(-1);
	}

	while (!x_feof(auth))
	{
		/* get a line from the file */
		if (!x_fgets(buf, sizeof(buf), auth))
			continue;
		len = strlen(buf);

		if ((len) && (buf[len-1]=='\n'))
		{
			buf[len-1] = '\0';
			len--;
		}
		if (len == 0)
			continue;

		/* break up the line into parameter & value.
		 * will need to eat a little whitespace possibly */
		param = buf;
		if (!(ptr = strchr_m (buf, '=')))
			continue;

		val = ptr+1;
		*ptr = '\0';

		/* eat leading white space */
		while ((*val!='\0') && ((*val==' ') || (*val=='\t')))
			val++;

		if (strwicmp("password", param) == 0) {
			set_cmdline_auth_info_password(auth_info, val);
		} else if (strwicmp("username", param) == 0) {
			set_cmdline_auth_info_username(auth_info, val);
		} else if (strwicmp("domain", param) == 0) {
			set_cmdline_auth_info_domain(auth_info, val);
		}
		memset(buf, 0, sizeof(buf));
	}
	x_fclose(auth);
}
Exemplo n.º 3
0
static WERROR libnetapi_open_ipc_connection(struct libnetapi_ctx *ctx,
					    const char *server_name,
					    struct cli_state **cli)
{
	struct user_auth_info *auth_info = NULL;
	struct cli_state *cli_ipc = NULL;

	if (!ctx || !cli || !server_name) {
		return WERR_INVALID_PARAM;
	}

	auth_info = user_auth_info_init(NULL);
	if (!auth_info) {
		return WERR_NOMEM;
	}
	auth_info->signing_state = Undefined;
	set_cmdline_auth_info_use_kerberos(auth_info, ctx->use_kerberos);
	set_cmdline_auth_info_username(auth_info, ctx->username);
	if (ctx->password) {
		set_cmdline_auth_info_password(auth_info, ctx->password);
	} else {
		set_cmdline_auth_info_getpass(auth_info);
	}

	if (ctx->username && ctx->username[0] &&
	    ctx->password && ctx->password[0] &&
	    ctx->use_kerberos) {
		set_cmdline_auth_info_fallback_after_kerberos(auth_info, true);
	}

	cli_ipc = cli_cm_open(ctx, NULL,
				server_name, "IPC$",
				auth_info,
				false, false,
				PROTOCOL_NT1,
				0, 0x20);
	if (cli_ipc) {
		cli_set_username(cli_ipc, ctx->username);
		cli_set_password(cli_ipc, ctx->password);
		cli_set_domain(cli_ipc, ctx->workgroup);
	}
	TALLOC_FREE(auth_info);

	if (!cli_ipc) {
		libnetapi_set_error_string(ctx,
			"Failed to connect to IPC$ share on %s", server_name);
		return WERR_CAN_NOT_COMPLETE;
	}

	*cli = cli_ipc;

	return WERR_OK;
}
Exemplo n.º 4
0
Arquivo: cm.c Projeto: ekohl/samba
static WERROR libnetapi_open_ipc_connection(struct libnetapi_ctx *ctx,
					    const char *server_name,
					    struct client_ipc_connection **pp)
{
	struct libnetapi_private_ctx *priv_ctx;
	struct user_auth_info *auth_info = NULL;
	struct cli_state *cli_ipc = NULL;
	struct client_ipc_connection *p;
	NTSTATUS status;

	if (!ctx || !pp || !server_name) {
		return WERR_INVALID_PARAM;
	}

	priv_ctx = (struct libnetapi_private_ctx *)ctx->private_data;

	p = ipc_cm_find(priv_ctx, server_name);
	if (p) {
		*pp = p;
		return WERR_OK;
	}

	auth_info = user_auth_info_init(ctx);
	if (!auth_info) {
		return WERR_NOMEM;
	}
	auth_info->signing_state = SMB_SIGNING_DEFAULT;
	set_cmdline_auth_info_use_kerberos(auth_info, ctx->use_kerberos);
	set_cmdline_auth_info_username(auth_info, ctx->username);
	if (ctx->password) {
		set_cmdline_auth_info_password(auth_info, ctx->password);
	} else {
		set_cmdline_auth_info_getpass(auth_info);
	}

	if (ctx->username && ctx->username[0] &&
	    ctx->password && ctx->password[0] &&
	    ctx->use_kerberos) {
		set_cmdline_auth_info_fallback_after_kerberos(auth_info, true);
	}

	if (ctx->use_ccache) {
		set_cmdline_auth_info_use_ccache(auth_info, true);
	}

	status = cli_cm_open(ctx, NULL,
			     server_name, "IPC$",
			     auth_info,
			     false, false,
			     PROTOCOL_NT1,
			     0, 0x20, &cli_ipc);
	if (NT_STATUS_IS_OK(status)) {
		cli_set_username(cli_ipc, ctx->username);
		cli_set_password(cli_ipc, ctx->password);
		cli_set_domain(cli_ipc, ctx->workgroup);
	} else {
		cli_ipc = NULL;
	}
	TALLOC_FREE(auth_info);

	if (!cli_ipc) {
		libnetapi_set_error_string(ctx,
			"Failed to connect to IPC$ share on %s", server_name);
		return WERR_CAN_NOT_COMPLETE;
	}

	p = talloc_zero(ctx, struct client_ipc_connection);
	if (p == NULL) {
		return WERR_NOMEM;
	}

	p->cli = cli_ipc;
	DLIST_ADD(priv_ctx->ipc_connections, p);

	*pp = p;

	return WERR_OK;
}
Exemplo n.º 5
0
static void popt_common_credentials_callback(poptContext con,
					enum poptCallbackReason reason,
					const struct poptOption *opt,
					const char *arg, const void *data)
{
	struct user_auth_info *auth_info = talloc_get_type_abort(
		*((const char **)data), struct user_auth_info);
	char *p;

	if (reason == POPT_CALLBACK_REASON_PRE) {
		set_cmdline_auth_info_username(auth_info, "GUEST");

		if (getenv("LOGNAME")) {
			set_cmdline_auth_info_username(auth_info,
						       getenv("LOGNAME"));
		}

		if (getenv("USER")) {
			char *puser = SMB_STRDUP(getenv("USER"));
			if (!puser) {
				exit(ENOMEM);
			}
			set_cmdline_auth_info_username(auth_info, puser);
		}

		if (getenv("PASSWD")) {
			set_cmdline_auth_info_password(auth_info,
						       getenv("PASSWD"));
		}

		if (getenv("PASSWD_FD") || getenv("PASSWD_FILE")) {
			get_password_file(auth_info);
		}

		return;
	}

	switch(opt->val) {
	case 'U':
		{
			char *lp;
			char *puser = SMB_STRDUP(arg);

			if ((lp=strchr_m(puser,'%'))) {
				size_t len;
				*lp = '\0';
				set_cmdline_auth_info_username(auth_info,
							       puser);
				set_cmdline_auth_info_password(auth_info,
							       lp+1);
				len = strlen(lp+1);
				memset(lp + 1, '\0', len);
			} else {
				set_cmdline_auth_info_username(auth_info,
							       puser);
			}
			SAFE_FREE(puser);
		}
		break;

	case 'A':
		get_credentials_file(auth_info, arg);
		break;

	case 'k':
#ifndef HAVE_KRB5
		d_printf("No kerberos support compiled in\n");
		exit(1);
#else
		set_cmdline_auth_info_use_krb5_ticket(auth_info);
#endif
		break;

	case 'S':
		if (!set_cmdline_auth_info_signing_state(auth_info, arg)) {
			fprintf(stderr, "Unknown signing option %s\n", arg );
			exit(1);
		}
		break;
	case 'P':
		set_cmdline_auth_info_use_machine_account(auth_info);
		break;
	case 'N':
		set_cmdline_auth_info_password(auth_info, "");
		break;
	case 'e':
		set_cmdline_auth_info_smb_encrypt(auth_info);
		break;
	case 'C':
		set_cmdline_auth_info_use_ccache(auth_info, true);
		break;
	case 'H':
		set_cmdline_auth_info_use_pw_nt_hash(auth_info, true);
		break;
	}
}