2 Unix SMB/CIFS implementation.
5 Copyright (C) Tim Potter 2000-2001
6 Copyright (C) Martin Pool 2003
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "rpcclient.h"
29 /* List to hold groups of commands.
31 * Commands are defined in a list of arrays: arrays are easy to
32 * statically declare, and lists are easier to dynamically extend.
35 static struct cmd_list
{
36 struct cmd_list
*prev
, *next
;
37 struct cmd_set
*cmd_set
;
40 /****************************************************************************
41 handle completion of commands for readline
42 ****************************************************************************/
43 static char **completion_fn(const char *text
, int start
, int end
)
45 #define MAX_COMPLETIONS 100
48 struct cmd_list
*commands
= cmd_list
;
51 /* FIXME!!! -- what to do when completing argument? */
52 /* for words not at the start of the line fallback
53 to filename completion */
58 /* make sure we have a list of valid commands */
62 matches
= (char **)malloc(sizeof(matches
[0])*MAX_COMPLETIONS
);
63 if (!matches
) return NULL
;
65 matches
[count
++] = strdup(text
);
66 if (!matches
[0]) return NULL
;
68 while (commands
&& count
< MAX_COMPLETIONS
-1)
70 if (!commands
->cmd_set
)
73 for (i
=0; commands
->cmd_set
[i
].name
; i
++)
75 if ((strncmp(text
, commands
->cmd_set
[i
].name
, strlen(text
)) == 0) &&
76 (( commands
->cmd_set
[i
].returntype
== RPC_RTYPE_NTSTATUS
&&
77 commands
->cmd_set
[i
].ntfn
) ||
78 ( commands
->cmd_set
[i
].returntype
== RPC_RTYPE_WERROR
&&
79 commands
->cmd_set
[i
].wfn
)))
81 matches
[count
] = strdup(commands
->cmd_set
[i
].name
);
88 commands
= commands
->next
;
93 SAFE_FREE(matches
[0]);
94 matches
[0] = strdup(matches
[1]);
96 matches
[count
] = NULL
;
100 static char* next_command (char** cmdstr
)
102 static pstring command
;
105 if (!cmdstr
|| !(*cmdstr
))
108 p
= strchr_m(*cmdstr
, ';');
111 pstrcpy(command
, *cmdstr
);
120 /* Fetch the SID for this computer */
122 static void fetch_machine_sid(struct cli_state
*cli
)
125 NTSTATUS result
= NT_STATUS_OK
;
126 uint32 info_class
= 5;
128 static BOOL got_domain_sid
;
131 if (got_domain_sid
) return;
133 if (!(mem_ctx
=talloc_init("fetch_machine_sid")))
135 DEBUG(0,("fetch_machine_sid: talloc_init returned NULL!\n"));
140 if (!cli_nt_session_open (cli
, PI_LSARPC
)) {
141 fprintf(stderr
, "could not initialise lsa pipe\n");
145 result
= cli_lsa_open_policy(cli
, mem_ctx
, True
,
146 SEC_RIGHTS_MAXIMUM_ALLOWED
,
148 if (!NT_STATUS_IS_OK(result
)) {
152 result
= cli_lsa_query_info_policy(cli
, mem_ctx
, &pol
, info_class
,
153 domain_name
, &domain_sid
);
154 if (!NT_STATUS_IS_OK(result
)) {
158 got_domain_sid
= True
;
160 cli_lsa_close(cli
, mem_ctx
, &pol
);
161 cli_nt_session_close(cli
);
162 talloc_destroy(mem_ctx
);
167 fprintf(stderr
, "could not obtain sid for domain %s\n", cli
->domain
);
169 if (!NT_STATUS_IS_OK(result
)) {
170 fprintf(stderr
, "error: %s\n", nt_errstr(result
));
176 /* List the available commands on a given pipe */
178 static NTSTATUS
cmd_listcommands(struct cli_state
*cli
, TALLOC_CTX
*mem_ctx
,
179 int argc
, const char **argv
)
181 struct cmd_list
*tmp
;
182 struct cmd_set
*tmp_set
;
188 printf("Usage: %s <pipe>\n", argv
[0]);
192 /* Help on one command */
194 for (tmp
= cmd_list
; tmp
; tmp
= tmp
->next
)
196 tmp_set
= tmp
->cmd_set
;
198 if (!StrCaseCmp(argv
[1], tmp_set
->name
))
200 printf("Available commands on the %s pipe:\n\n", tmp_set
->name
);
204 while(tmp_set
->name
) {
205 printf("%20s", tmp_set
->name
);
212 /* drop out of the loop */
221 /* Display help on commands */
223 static NTSTATUS
cmd_help(struct cli_state
*cli
, TALLOC_CTX
*mem_ctx
,
224 int argc
, const char **argv
)
226 struct cmd_list
*tmp
;
227 struct cmd_set
*tmp_set
;
232 printf("Usage: %s [command]\n", argv
[0]);
236 /* Help on one command */
239 for (tmp
= cmd_list
; tmp
; tmp
= tmp
->next
) {
241 tmp_set
= tmp
->cmd_set
;
243 while(tmp_set
->name
) {
244 if (strequal(argv
[1], tmp_set
->name
)) {
245 if (tmp_set
->usage
&&
247 printf("%s\n", tmp_set
->usage
);
249 printf("No help for %s\n", tmp_set
->name
);
258 printf("No such command: %s\n", argv
[1]);
262 /* List all commands */
264 for (tmp
= cmd_list
; tmp
; tmp
= tmp
->next
) {
266 tmp_set
= tmp
->cmd_set
;
268 while(tmp_set
->name
) {
270 printf("%15s\t\t%s\n", tmp_set
->name
,
271 tmp_set
->description
? tmp_set
->description
:
281 /* Change the debug level */
283 static NTSTATUS
cmd_debuglevel(struct cli_state
*cli
, TALLOC_CTX
*mem_ctx
,
284 int argc
, const char **argv
)
287 printf("Usage: %s [debuglevel]\n", argv
[0]);
292 DEBUGLEVEL
= atoi(argv
[1]);
295 printf("debuglevel is %d\n", DEBUGLEVEL
);
300 static NTSTATUS
cmd_quit(struct cli_state
*cli
, TALLOC_CTX
*mem_ctx
,
301 int argc
, const char **argv
)
304 return NT_STATUS_OK
; /* NOTREACHED */
307 static NTSTATUS
cmd_sign(struct cli_state
*cli
, TALLOC_CTX
*mem_ctx
,
308 int argc
, const char **argv
)
310 if (cli
->pipe_auth_flags
== (AUTH_PIPE_NTLMSSP
|AUTH_PIPE_SIGN
)) {
313 /* still have session, just need to use it again */
314 cli
->pipe_auth_flags
= AUTH_PIPE_NTLMSSP
;
315 cli
->pipe_auth_flags
|= AUTH_PIPE_SIGN
;
316 if (cli
->nt_pipe_fnum
!= 0)
317 cli_nt_session_close(cli
);
323 static NTSTATUS
cmd_seal(struct cli_state
*cli
, TALLOC_CTX
*mem_ctx
,
324 int argc
, const char **argv
)
326 if (cli
->pipe_auth_flags
== (AUTH_PIPE_NTLMSSP
|AUTH_PIPE_SIGN
|AUTH_PIPE_SEAL
)) {
329 /* still have session, just need to use it again */
330 cli
->pipe_auth_flags
= AUTH_PIPE_NTLMSSP
;
331 cli
->pipe_auth_flags
|= AUTH_PIPE_SIGN
;
332 cli
->pipe_auth_flags
|= AUTH_PIPE_SEAL
;
333 if (cli
->nt_pipe_fnum
!= 0)
334 cli_nt_session_close(cli
);
339 static NTSTATUS
cmd_none(struct cli_state
*cli
, TALLOC_CTX
*mem_ctx
,
340 int argc
, const char **argv
)
342 if (cli
->pipe_auth_flags
== 0) {
345 /* still have session, just need to use it again */
346 cli
->pipe_auth_flags
= 0;
347 if (cli
->nt_pipe_fnum
!= 0)
348 cli_nt_session_close(cli
);
350 cli
->pipe_auth_flags
= 0;
355 static NTSTATUS
cmd_schannel(struct cli_state
*cli
, TALLOC_CTX
*mem_ctx
,
356 int argc
, const char **argv
)
359 uchar trust_password
[16];
360 uint32 sec_channel_type
;
361 static uchar zeros
[16];
364 strhex_to_str((char *)cli
->auth_info
.sess_key
,
367 memcpy(cli
->sess_key
, cli
->auth_info
.sess_key
, sizeof(cli
->sess_key
));
369 cli
->pipe_auth_flags
= AUTH_PIPE_NETSEC
;
370 cli
->pipe_auth_flags
|= AUTH_PIPE_SIGN
;
371 cli
->pipe_auth_flags
|= AUTH_PIPE_SEAL
;
378 if ((memcmp(cli
->auth_info
.sess_key
, zeros
, sizeof(cli
->auth_info
.sess_key
)) != 0)) {
379 if (cli
->pipe_auth_flags
== (AUTH_PIPE_NETSEC
|AUTH_PIPE_SIGN
|AUTH_PIPE_SEAL
)) {
380 /* already in this mode nothing to do */
383 /* schannel is setup, just need to use it again */
384 cli
->pipe_auth_flags
= AUTH_PIPE_NETSEC
;
385 cli
->pipe_auth_flags
|= AUTH_PIPE_SIGN
;
386 cli
->pipe_auth_flags
|= AUTH_PIPE_SEAL
;
387 if (cli
->nt_pipe_fnum
!= 0)
388 cli_nt_session_close(cli
);
393 if (cli
->nt_pipe_fnum
!= 0)
394 cli_nt_session_close(cli
);
396 cli
->pipe_auth_flags
= AUTH_PIPE_NETSEC
;
397 cli
->pipe_auth_flags
|= AUTH_PIPE_SIGN
;
398 cli
->pipe_auth_flags
|= AUTH_PIPE_SEAL
;
400 if (!secrets_fetch_trust_account_password(lp_workgroup(),
402 NULL
, &sec_channel_type
)) {
403 return NT_STATUS_UNSUCCESSFUL
;
406 ret
= cli_nt_setup_netsec(cli
, sec_channel_type
, trust_password
);
407 if (NT_STATUS_IS_OK(ret
)) {
408 char *hex_session_key
;
409 hex_encode(cli
->auth_info
.sess_key
,
410 sizeof(cli
->auth_info
.sess_key
),
412 printf("Got Session key: %s\n", hex_session_key
);
413 SAFE_FREE(hex_session_key
);
418 /* Built in rpcclient commands */
420 static struct cmd_set rpcclient_commands
[] = {
422 { "GENERAL OPTIONS" },
424 { "help", RPC_RTYPE_NTSTATUS
, cmd_help
, NULL
, -1, "Get help on commands", "[command]" },
425 { "?", RPC_RTYPE_NTSTATUS
, cmd_help
, NULL
, -1, "Get help on commands", "[command]" },
426 { "debuglevel", RPC_RTYPE_NTSTATUS
, cmd_debuglevel
, NULL
, -1, "Set debug level", "level" },
427 { "list", RPC_RTYPE_NTSTATUS
, cmd_listcommands
, NULL
, -1, "List available commands on <pipe>", "pipe" },
428 { "exit", RPC_RTYPE_NTSTATUS
, cmd_quit
, NULL
, -1, "Exit program", "" },
429 { "quit", RPC_RTYPE_NTSTATUS
, cmd_quit
, NULL
, -1, "Exit program", "" },
430 { "sign", RPC_RTYPE_NTSTATUS
, cmd_sign
, NULL
, -1, "Force RPC pipe connections to be signed", "" },
431 { "seal", RPC_RTYPE_NTSTATUS
, cmd_seal
, NULL
, -1, "Force RPC pipe connections to be sealed", "" },
432 { "schannel", RPC_RTYPE_NTSTATUS
, cmd_schannel
, NULL
, -1, "Force RPC pipe connections to be sealed with 'schannel' (NETSEC). Assumes valid machine account to this domain controller.", "" },
433 { "none", RPC_RTYPE_NTSTATUS
, cmd_none
, NULL
, -1, "Force RPC pipe connections to have no special properties", "" },
438 static struct cmd_set separator_command
[] = {
439 { "---------------", MAX_RPC_RETURN_TYPE
, NULL
, NULL
, -1, "----------------------" },
444 /* Various pipe commands */
446 extern struct cmd_set lsarpc_commands
[];
447 extern struct cmd_set samr_commands
[];
448 extern struct cmd_set spoolss_commands
[];
449 extern struct cmd_set netlogon_commands
[];
450 extern struct cmd_set srvsvc_commands
[];
451 extern struct cmd_set dfs_commands
[];
452 extern struct cmd_set reg_commands
[];
453 extern struct cmd_set ds_commands
[];
454 extern struct cmd_set echo_commands
[];
456 static struct cmd_set
*rpcclient_command_list
[] = {
470 static void add_command_set(struct cmd_set
*cmd_set
)
472 struct cmd_list
*entry
;
474 if (!(entry
= (struct cmd_list
*)malloc(sizeof(struct cmd_list
)))) {
475 DEBUG(0, ("out of memory\n"));
481 entry
->cmd_set
= cmd_set
;
482 DLIST_ADD(cmd_list
, entry
);
487 * Call an rpcclient function, passing an argv array.
489 * @param cmd Command to run, as a single string.
491 static NTSTATUS
do_cmd(struct cli_state
*cli
,
492 struct cmd_set
*cmd_entry
,
493 int argc
, char **argv
)
497 uchar trust_password
[16];
503 if (!(mem_ctx
= talloc_init("do_cmd"))) {
504 DEBUG(0, ("talloc_init() failed\n"));
505 return NT_STATUS_NO_MEMORY
;
510 if (cmd_entry
->pipe_idx
!= -1
511 && cmd_entry
->pipe_idx
!= cli
->pipe_idx
) {
512 if (cli
->nt_pipe_fnum
!= 0)
513 cli_nt_session_close(cli
);
515 if (!cli_nt_session_open(cli
, cmd_entry
->pipe_idx
)) {
516 DEBUG(0, ("Could not initialise %s\n",
517 get_pipe_name_from_index(cmd_entry
->pipe_idx
)));
518 return NT_STATUS_UNSUCCESSFUL
;
522 /* some of the DsXXX commands use the netlogon pipe */
524 if (lp_client_schannel() && (cmd_entry
->pipe_idx
== PI_NETLOGON
) && !(cli
->pipe_auth_flags
& AUTH_PIPE_NETSEC
)) {
525 uint32 neg_flags
= 0x000001ff;
526 uint32 sec_channel_type
;
528 if (!secrets_fetch_trust_account_password(lp_workgroup(),
530 NULL
, &sec_channel_type
)) {
531 return NT_STATUS_UNSUCCESSFUL
;
534 ntresult
= cli_nt_setup_creds(cli
, sec_channel_type
,
537 if (!NT_STATUS_IS_OK(ntresult
)) {
538 ZERO_STRUCT(cli
->auth_info
.sess_key
);
539 printf("nt_setup_creds failed with %s\n", nt_errstr(ntresult
));
547 if ( cmd_entry
->returntype
== RPC_RTYPE_NTSTATUS
) {
548 ntresult
= cmd_entry
->ntfn(cli
, mem_ctx
, argc
, (const char **) argv
);
549 if (!NT_STATUS_IS_OK(ntresult
)) {
550 printf("result was %s\n", nt_errstr(ntresult
));
553 wresult
= cmd_entry
->wfn( cli
, mem_ctx
, argc
, (const char **) argv
);
554 /* print out the DOS error */
555 if (!W_ERROR_IS_OK(wresult
)) {
556 printf( "result was %s\n", dos_errstr(wresult
));
558 ntresult
= W_ERROR_IS_OK(wresult
)?NT_STATUS_OK
:NT_STATUS_UNSUCCESSFUL
;
564 talloc_destroy(mem_ctx
);
571 * Process a command entered at the prompt or as part of -c
573 * @returns The NTSTATUS from running the command.
575 static NTSTATUS
process_cmd(struct cli_state
*cli
, char *cmd
)
577 struct cmd_list
*temp_list
;
578 NTSTATUS result
= NT_STATUS_OK
;
583 if ((ret
= poptParseArgvString(cmd
, &argc
, (const char ***) &argv
)) != 0) {
584 fprintf(stderr
, "rpcclient: %s\n", poptStrerror(ret
));
585 return NT_STATUS_UNSUCCESSFUL
;
589 /* Walk through a dlist of arrays of commands. */
590 for (temp_list
= cmd_list
; temp_list
; temp_list
= temp_list
->next
) {
591 struct cmd_set
*temp_set
= temp_list
->cmd_set
;
593 while (temp_set
->name
) {
594 if (strequal(argv
[0], temp_set
->name
)) {
595 if (!(temp_set
->returntype
== RPC_RTYPE_NTSTATUS
&& temp_set
->ntfn
) &&
596 !(temp_set
->returntype
== RPC_RTYPE_WERROR
&& temp_set
->wfn
)) {
597 fprintf (stderr
, "Invalid command\n");
601 result
= do_cmd(cli
, temp_set
, argc
, argv
);
610 printf("command not found: %s\n", argv
[0]);
615 if (!NT_STATUS_IS_OK(result)) {
616 printf("result was %s\n", nt_errstr(result));
621 /* NOTE: popt allocates the whole argv, including the
622 * strings, as a single block. So a single free is
623 * enough to release it -- we don't free the
624 * individual strings. rtfm. */
634 int main(int argc
, char *argv
[])
636 BOOL interactive
= True
;
638 static char *cmdstr
= NULL
;
640 struct cli_state
*cli
;
641 static char *opt_ipaddr
=NULL
;
642 struct cmd_set
**cmd_set
;
643 struct in_addr server_ip
;
646 /* make sure the vars that get altered (4th field) are in
647 a fixed location or certain compilers complain */
649 struct poptOption long_options
[] = {
651 {"command", 'c', POPT_ARG_STRING
, &cmdstr
, 'c', "Execute semicolon separated cmds", "COMMANDS"},
652 {"dest-ip", 'I', POPT_ARG_STRING
, &opt_ipaddr
, 'I', "Specify destination IP address", "IP"},
654 POPT_COMMON_CONNECTION
655 POPT_COMMON_CREDENTIALS
659 ZERO_STRUCT(server_ip
);
663 /* the following functions are part of the Samba debugging
664 facilities. See lib/debug.c */
665 setup_logging("rpcclient", interactive
);
669 /* Load smb.conf file */
671 if (!lp_load(dyn_CONFIGFILE
,True
,False
,False
))
672 fprintf(stderr
, "Can't load %s\n", dyn_CONFIGFILE
);
676 pc
= poptGetContext("rpcclient", argc
, (const char **) argv
,
680 poptPrintHelp(pc
, stderr
, 0);
684 while((opt
= poptGetNextOpt(pc
)) != -1) {
688 if ( (server_ip
.s_addr
=inet_addr(opt_ipaddr
)) == INADDR_NONE
) {
689 fprintf(stderr
, "%s not a valid IP address\n",
696 /* Get server as remaining unparsed argument. Print usage if more
697 than one unparsed argument is present. */
699 server
= poptGetArg(pc
);
701 if (!server
|| poptGetArg(pc
)) {
702 poptPrintHelp(pc
, stderr
, 0);
715 * from stdin if necessary
718 if (!cmdline_auth_info
.got_pass
) {
719 char *pass
= getpass("Password:");
721 pstrcpy(cmdline_auth_info
.password
, pass
);
725 nt_status
= cli_full_connection(&cli
, global_myname(), server
,
726 opt_ipaddr
? &server_ip
: NULL
, 0,
728 cmdline_auth_info
.username
,
730 cmdline_auth_info
.password
,
731 cmdline_auth_info
.use_kerberos
? CLI_FULL_CONNECTION_USE_KERBEROS
: 0,
732 cmdline_auth_info
.signing_state
,NULL
);
734 if (!NT_STATUS_IS_OK(nt_status
)) {
735 DEBUG(0,("Cannot connect to server. Error was %s\n", nt_errstr(nt_status
)));
739 memset(cmdline_auth_info
.password
,'X',sizeof(cmdline_auth_info
.password
));
741 /* Load command lists */
743 cmd_set
= rpcclient_command_list
;
746 add_command_set(*cmd_set
);
747 add_command_set(separator_command
);
751 fetch_machine_sid(cli
);
753 /* Do anything specified with -c */
754 if (cmdstr
&& cmdstr
[0]) {
759 while((cmd
=next_command(&p
)) != NULL
) {
760 NTSTATUS cmd_result
= process_cmd(cli
, cmd
);
761 result
= NT_STATUS_IS_ERR(cmd_result
);
768 /* Loop around accepting commands */
774 slprintf(prompt
, sizeof(prompt
) - 1, "rpcclient $> ");
776 line
= smb_readline(prompt
, NULL
, completion_fn
);
782 process_cmd(cli
, line
);