2 Unix SMB/CIFS implementation.
3 Inter-process communication and named pipe handling
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2007.
8 Copyright (C) John H Terpstra 1995-1998
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 This file handles the named pipe and mailslot calls
25 in the SMBtrans protocol
29 #include "smbd/globals.h"
30 #include "../librpc/gen_ndr/cli_samr.h"
31 #include "../librpc/gen_ndr/srv_samr.h"
38 #define NERR_Success 0
39 #define NERR_badpass 86
40 #define NERR_notsupported 50
42 #define NERR_BASE (2100)
43 #define NERR_BufTooSmall (NERR_BASE+23)
44 #define NERR_JobNotFound (NERR_BASE+51)
45 #define NERR_DestNotFound (NERR_BASE+52)
47 #define ACCESS_READ 0x01
48 #define ACCESS_WRITE 0x02
49 #define ACCESS_CREATE 0x04
51 #define SHPWLEN 8 /* share password length */
53 /* Limit size of ipc replies */
55 static char *smb_realloc_limit(void *ptr
, size_t size
)
59 size
= MAX((size
),4*1024);
60 val
= (char *)SMB_REALLOC(ptr
,size
);
62 memset(val
,'\0',size
);
67 static bool api_Unsupported(connection_struct
*conn
, uint16 vuid
,
68 char *param
, int tpscnt
,
69 char *data
, int tdscnt
,
70 int mdrcnt
, int mprcnt
,
71 char **rdata
, char **rparam
,
72 int *rdata_len
, int *rparam_len
);
74 static bool api_TooSmall(connection_struct
*conn
, uint16 vuid
, char *param
, char *data
,
75 int mdrcnt
, int mprcnt
,
76 char **rdata
, char **rparam
,
77 int *rdata_len
, int *rparam_len
);
80 static int CopyExpanded(connection_struct
*conn
,
81 int snum
, char **dst
, char *src
, int *p_space_remaining
)
83 TALLOC_CTX
*ctx
= talloc_tos();
87 if (!src
|| !dst
|| !p_space_remaining
|| !(*dst
) ||
88 *p_space_remaining
<= 0) {
92 buf
= talloc_strdup(ctx
, src
);
94 *p_space_remaining
= 0;
97 buf
= talloc_string_sub(ctx
, buf
,"%S",lp_servicename(snum
));
99 *p_space_remaining
= 0;
102 buf
= talloc_sub_advanced(ctx
,
103 lp_servicename(SNUM(conn
)),
104 conn
->server_info
->unix_name
,
106 conn
->server_info
->utok
.gid
,
107 conn
->server_info
->sanitized_username
,
108 pdb_get_domain(conn
->server_info
->sam_account
),
111 *p_space_remaining
= 0;
114 l
= push_ascii(*dst
,buf
,*p_space_remaining
, STR_TERMINATE
);
119 (*p_space_remaining
) -= l
;
123 static int CopyAndAdvance(char **dst
, char *src
, int *n
)
126 if (!src
|| !dst
|| !n
|| !(*dst
)) {
129 l
= push_ascii(*dst
,src
,*n
, STR_TERMINATE
);
138 static int StrlenExpanded(connection_struct
*conn
, int snum
, char *s
)
140 TALLOC_CTX
*ctx
= talloc_tos();
145 buf
= talloc_strdup(ctx
,s
);
149 buf
= talloc_string_sub(ctx
,buf
,"%S",lp_servicename(snum
));
153 buf
= talloc_sub_advanced(ctx
,
154 lp_servicename(SNUM(conn
)),
155 conn
->server_info
->unix_name
,
157 conn
->server_info
->utok
.gid
,
158 conn
->server_info
->sanitized_username
,
159 pdb_get_domain(conn
->server_info
->sam_account
),
164 return strlen(buf
) + 1;
167 static char *Expand(connection_struct
*conn
, int snum
, char *s
)
169 TALLOC_CTX
*ctx
= talloc_tos();
175 buf
= talloc_strdup(ctx
,s
);
179 buf
= talloc_string_sub(ctx
,buf
,"%S",lp_servicename(snum
));
183 return talloc_sub_advanced(ctx
,
184 lp_servicename(SNUM(conn
)),
185 conn
->server_info
->unix_name
,
187 conn
->server_info
->utok
.gid
,
188 conn
->server_info
->sanitized_username
,
189 pdb_get_domain(conn
->server_info
->sam_account
),
193 /*******************************************************************
194 Check a API string for validity when we only need to check the prefix.
195 ******************************************************************/
197 static bool prefix_ok(const char *str
, const char *prefix
)
199 return(strncmp(str
,prefix
,strlen(prefix
)) == 0);
203 const char *format
; /* formatstring for structure */
204 const char *subformat
; /* subformat for structure */
205 char *base
; /* baseaddress of buffer */
206 int buflen
; /* remaining size for fixed part; on init: length of base */
207 int subcount
; /* count of substructures */
208 char *structbuf
; /* pointer into buffer for remaining fixed part */
209 int stringlen
; /* remaining size for variable part */
210 char *stringbuf
; /* pointer into buffer for remaining variable part */
211 int neededlen
; /* total needed size */
212 int usedlen
; /* total used size (usedlen <= neededlen and usedlen <= buflen) */
213 const char *curpos
; /* current position; pointer into format or subformat */
217 static int get_counter(const char **p
)
223 if (!isdigit((int)**p
)) {
229 n
= 10 * n
+ (i
- '0');
237 static int getlen(const char *p
)
246 case 'W': /* word (2 byte) */
249 case 'K': /* status word? (2 byte) */
252 case 'N': /* count of substructures (word) at end */
255 case 'D': /* double word (4 byte) */
256 case 'z': /* offset to zero terminated string (4 byte) */
257 case 'l': /* offset to user data (4 byte) */
260 case 'b': /* offset to data (with counter) (4 byte) */
264 case 'B': /* byte (with optional counter) */
265 n
+= get_counter(&p
);
272 static bool init_package(struct pack_desc
*p
, int count
, int subcount
)
277 if (!p
->format
|| !p
->base
) {
281 i
= count
* getlen(p
->format
);
283 i
+= subcount
* getlen(p
->subformat
);
285 p
->structbuf
= p
->base
;
289 p
->curpos
= p
->format
;
295 * This is the old error code we used. Aparently
296 * WinNT/2k systems return ERRbuftoosmall (2123) and
297 * OS/2 needs this. I'm leaving this here so we can revert
300 p
->errcode
= ERRmoredata
;
302 p
->errcode
= ERRbuftoosmall
;
305 p
->errcode
= NERR_Success
;
309 p
->stringbuf
= p
->base
+ i
;
311 return (p
->errcode
== NERR_Success
);
314 static int package(struct pack_desc
*p
, ...)
317 int needed
=0, stringneeded
;
318 const char *str
=NULL
;
319 int is_string
=0, stringused
;
326 p
->curpos
= p
->format
;
328 p
->curpos
= p
->subformat
;
333 str
= va_arg(args
,char*);
334 SMB_ASSERT(strncmp(str
,p
->curpos
,strlen(str
)) == 0);
343 switch( *p
->curpos
++ ) {
344 case 'W': /* word (2 byte) */
346 temp
= va_arg(args
,int);
347 if (p
->buflen
>= needed
) {
348 SSVAL(p
->structbuf
,0,temp
);
351 case 'K': /* status word? (2 byte) */
353 temp
= va_arg(args
,int);
354 if (p
->buflen
>= needed
) {
355 SSVAL(p
->structbuf
,0,temp
);
358 case 'N': /* count of substructures (word) at end */
360 p
->subcount
= va_arg(args
,int);
361 if (p
->buflen
>= needed
) {
362 SSVAL(p
->structbuf
,0,p
->subcount
);
365 case 'D': /* double word (4 byte) */
367 temp
= va_arg(args
,int);
368 if (p
->buflen
>= needed
) {
369 SIVAL(p
->structbuf
,0,temp
);
372 case 'B': /* byte (with optional counter) */
373 needed
= get_counter(&p
->curpos
);
375 char *s
= va_arg(args
,char*);
376 if (p
->buflen
>= needed
) {
377 StrnCpy(p
->structbuf
,s
?s
:"",needed
-1);
381 case 'z': /* offset to zero terminated string (4 byte) */
382 str
= va_arg(args
,char*);
383 stringneeded
= (str
? strlen(str
)+1 : 0);
386 case 'l': /* offset to user data (4 byte) */
387 str
= va_arg(args
,char*);
388 stringneeded
= va_arg(args
,int);
391 case 'b': /* offset to data (with counter) (4 byte) */
392 str
= va_arg(args
,char*);
393 stringneeded
= get_counter(&p
->curpos
);
399 if (stringneeded
>= 0) {
401 if (p
->buflen
>= needed
) {
402 stringused
= stringneeded
;
403 if (stringused
> p
->stringlen
) {
404 stringused
= (is_string
? p
->stringlen
: 0);
405 if (p
->errcode
== NERR_Success
) {
406 p
->errcode
= ERRmoredata
;
410 SIVAL(p
->structbuf
,0,0);
412 SIVAL(p
->structbuf
,0,PTR_DIFF(p
->stringbuf
,p
->base
));
413 memcpy(p
->stringbuf
,str
?str
:"",stringused
);
415 p
->stringbuf
[stringused
-1] = '\0';
417 p
->stringbuf
+= stringused
;
418 p
->stringlen
-= stringused
;
419 p
->usedlen
+= stringused
;
422 p
->neededlen
+= stringneeded
;
425 p
->neededlen
+= needed
;
426 if (p
->buflen
>= needed
) {
427 p
->structbuf
+= needed
;
429 p
->usedlen
+= needed
;
431 if (p
->errcode
== NERR_Success
) {
432 p
->errcode
= ERRmoredata
;
439 #define PACK(desc,t,v) package(desc,t,v,0,0,0,0)
440 #define PACKl(desc,t,v,l) package(desc,t,v,l,0,0,0,0)
442 #define PACK(desc,t,v) package(desc,v)
443 #define PACKl(desc,t,v,l) package(desc,v,l)
446 static void PACKI(struct pack_desc
* desc
, const char *t
,int v
)
451 static void PACKS(struct pack_desc
* desc
,const char *t
,const char *v
)
456 /****************************************************************************
458 ****************************************************************************/
460 static void PackDriverData(struct pack_desc
* desc
)
462 char drivdata
[4+4+32];
463 SIVAL(drivdata
,0,sizeof drivdata
); /* cb */
464 SIVAL(drivdata
,4,1000); /* lVersion */
465 memset(drivdata
+8,0,32); /* szDeviceName */
466 push_ascii(drivdata
+8,"NULL",32, STR_TERMINATE
);
467 PACKl(desc
,"l",drivdata
,sizeof drivdata
); /* pDriverData */
470 static int check_printq_info(struct pack_desc
* desc
,
471 unsigned int uLevel
, char *id1
, char *id2
)
473 desc
->subformat
= NULL
;
476 desc
->format
= "B13";
479 desc
->format
= "B13BWWWzzzzzWW";
482 desc
->format
= "B13BWWWzzzzzWN";
483 desc
->subformat
= "WB21BB16B10zWWzDDz";
486 desc
->format
= "zWWWWzzzzWWzzl";
489 desc
->format
= "zWWWWzzzzWNzzl";
490 desc
->subformat
= "WWzWWDDzz";
499 desc
->format
= "WzzzzzzzzN";
500 desc
->subformat
= "z";
503 DEBUG(0,("check_printq_info: invalid level %d\n",
507 if (id1
== NULL
|| strcmp(desc
->format
,id1
) != 0) {
508 DEBUG(0,("check_printq_info: invalid format %s\n",
509 id1
? id1
: "<NULL>" ));
512 if (desc
->subformat
&& (id2
== NULL
|| strcmp(desc
->subformat
,id2
) != 0)) {
513 DEBUG(0,("check_printq_info: invalid subformat %s\n",
514 id2
? id2
: "<NULL>" ));
521 #define RAP_JOB_STATUS_QUEUED 0
522 #define RAP_JOB_STATUS_PAUSED 1
523 #define RAP_JOB_STATUS_SPOOLING 2
524 #define RAP_JOB_STATUS_PRINTING 3
525 #define RAP_JOB_STATUS_PRINTED 4
527 #define RAP_QUEUE_STATUS_PAUSED 1
528 #define RAP_QUEUE_STATUS_ERROR 2
530 /* turn a print job status into a on the wire status
532 static int printj_status(int v
)
536 return RAP_JOB_STATUS_QUEUED
;
538 return RAP_JOB_STATUS_PAUSED
;
540 return RAP_JOB_STATUS_SPOOLING
;
542 return RAP_JOB_STATUS_PRINTING
;
547 /* turn a print queue status into a on the wire status
549 static int printq_status(int v
)
555 return RAP_QUEUE_STATUS_PAUSED
;
557 return RAP_QUEUE_STATUS_ERROR
;
560 static void fill_printjob_info(connection_struct
*conn
, int snum
, int uLevel
,
561 struct pack_desc
*desc
,
562 print_queue_struct
*queue
, int n
)
564 time_t t
= queue
->time
;
566 /* the client expects localtime */
567 t
-= get_time_zone(t
);
569 PACKI(desc
,"W",pjobid_to_rap(lp_const_servicename(snum
),queue
->job
)); /* uJobId */
571 PACKS(desc
,"B21",queue
->fs_user
); /* szUserName */
572 PACKS(desc
,"B",""); /* pad */
573 PACKS(desc
,"B16",""); /* szNotifyName */
574 PACKS(desc
,"B10","PM_Q_RAW"); /* szDataType */
575 PACKS(desc
,"z",""); /* pszParms */
576 PACKI(desc
,"W",n
+1); /* uPosition */
577 PACKI(desc
,"W",printj_status(queue
->status
)); /* fsStatus */
578 PACKS(desc
,"z",""); /* pszStatus */
579 PACKI(desc
,"D",t
); /* ulSubmitted */
580 PACKI(desc
,"D",queue
->size
); /* ulSize */
581 PACKS(desc
,"z",queue
->fs_file
); /* pszComment */
583 if (uLevel
== 2 || uLevel
== 3 || uLevel
== 4) {
584 PACKI(desc
,"W",queue
->priority
); /* uPriority */
585 PACKS(desc
,"z",queue
->fs_user
); /* pszUserName */
586 PACKI(desc
,"W",n
+1); /* uPosition */
587 PACKI(desc
,"W",printj_status(queue
->status
)); /* fsStatus */
588 PACKI(desc
,"D",t
); /* ulSubmitted */
589 PACKI(desc
,"D",queue
->size
); /* ulSize */
590 PACKS(desc
,"z","Samba"); /* pszComment */
591 PACKS(desc
,"z",queue
->fs_file
); /* pszDocument */
593 PACKS(desc
,"z",""); /* pszNotifyName */
594 PACKS(desc
,"z","PM_Q_RAW"); /* pszDataType */
595 PACKS(desc
,"z",""); /* pszParms */
596 PACKS(desc
,"z",""); /* pszStatus */
597 PACKS(desc
,"z",SERVICE(snum
)); /* pszQueue */
598 PACKS(desc
,"z","lpd"); /* pszQProcName */
599 PACKS(desc
,"z",""); /* pszQProcParms */
600 PACKS(desc
,"z","NULL"); /* pszDriverName */
601 PackDriverData(desc
); /* pDriverData */
602 PACKS(desc
,"z",""); /* pszPrinterName */
603 } else if (uLevel
== 4) { /* OS2 */
604 PACKS(desc
,"z",""); /* pszSpoolFileName */
605 PACKS(desc
,"z",""); /* pszPortName */
606 PACKS(desc
,"z",""); /* pszStatus */
607 PACKI(desc
,"D",0); /* ulPagesSpooled */
608 PACKI(desc
,"D",0); /* ulPagesSent */
609 PACKI(desc
,"D",0); /* ulPagesPrinted */
610 PACKI(desc
,"D",0); /* ulTimePrinted */
611 PACKI(desc
,"D",0); /* ulExtendJobStatus */
612 PACKI(desc
,"D",0); /* ulStartPage */
613 PACKI(desc
,"D",0); /* ulEndPage */
618 /********************************************************************
619 Return a driver name given an snum.
620 Returns True if from tdb, False otherwise.
621 ********************************************************************/
623 static bool get_driver_name(int snum
, char **pp_drivername
)
625 NT_PRINTER_INFO_LEVEL
*info
= NULL
;
628 get_a_printer (NULL
, &info
, 2, lp_servicename(snum
));
630 *pp_drivername
= talloc_strdup(talloc_tos(),
631 info
->info_2
->drivername
);
633 free_a_printer(&info
, 2);
634 if (!*pp_drivername
) {
642 /********************************************************************
643 Respond to the DosPrintQInfo command with a level of 52
644 This is used to get printer driver information for Win9x clients
645 ********************************************************************/
646 static void fill_printq_info_52(connection_struct
*conn
, int snum
,
647 struct pack_desc
* desc
, int count
)
651 struct spoolss_DriverInfo8
*driver
= NULL
;
652 NT_PRINTER_INFO_LEVEL
*printer
= NULL
;
654 if ( !W_ERROR_IS_OK(get_a_printer( NULL
, &printer
, 2, lp_servicename(snum
))) ) {
655 DEBUG(3,("fill_printq_info_52: Failed to lookup printer [%s]\n",
656 lp_servicename(snum
)));
660 if (!W_ERROR_IS_OK(get_a_printer_driver(talloc_tos(), &driver
, printer
->info_2
->drivername
,
663 DEBUG(3,("fill_printq_info_52: Failed to lookup driver [%s]\n",
664 printer
->info_2
->drivername
));
668 trim_string((char *)driver
->driver_path
, "\\print$\\WIN40\\0\\", 0);
669 trim_string((char *)driver
->data_file
, "\\print$\\WIN40\\0\\", 0);
670 trim_string((char *)driver
->help_file
, "\\print$\\WIN40\\0\\", 0);
672 PACKI(desc
, "W", 0x0400); /* don't know */
673 PACKS(desc
, "z", driver
->driver_name
); /* long printer name */
674 PACKS(desc
, "z", driver
->driver_path
); /* Driverfile Name */
675 PACKS(desc
, "z", driver
->data_file
); /* Datafile name */
676 PACKS(desc
, "z", driver
->monitor_name
); /* language monitor */
678 fstrcpy(location
, "\\\\%L\\print$\\WIN40\\0");
679 standard_sub_basic( "", "", location
, sizeof(location
)-1 );
680 PACKS(desc
,"z", location
); /* share to retrieve files */
682 PACKS(desc
,"z", driver
->default_datatype
); /* default data type */
683 PACKS(desc
,"z", driver
->help_file
); /* helpfile name */
684 PACKS(desc
,"z", driver
->driver_path
); /* driver name */
686 DEBUG(3,("Printer Driver Name: %s:\n",driver
->driver_name
));
687 DEBUG(3,("Driver: %s:\n",driver
->driver_path
));
688 DEBUG(3,("Data File: %s:\n",driver
->data_file
));
689 DEBUG(3,("Language Monitor: %s:\n",driver
->monitor_name
));
690 DEBUG(3,("Driver Location: %s:\n",location
));
691 DEBUG(3,("Data Type: %s:\n",driver
->default_datatype
));
692 DEBUG(3,("Help File: %s:\n",driver
->help_file
));
693 PACKI(desc
,"N",count
); /* number of files to copy */
695 for ( i
=0; i
<count
&& driver
->dependent_files
&& *driver
->dependent_files
[i
]; i
++)
697 trim_string((char *)driver
->dependent_files
[i
], "\\print$\\WIN40\\0\\", 0);
698 PACKS(desc
,"z",driver
->dependent_files
[i
]); /* driver files to copy */
699 DEBUG(3,("Dependent File: %s:\n", driver
->dependent_files
[i
]));
704 DEBUG(3,("fill_printq_info_52: file count specified by client [%d] != number of dependent files [%i]\n",
707 DEBUG(3,("fill_printq_info on <%s> gave %d entries\n", SERVICE(snum
),i
));
709 desc
->errcode
=NERR_Success
;
713 DEBUG(3,("fill_printq_info: Can't supply driver files\n"));
714 desc
->errcode
=NERR_notsupported
;
718 free_a_printer( &printer
, 2 );
720 free_a_printer_driver(driver
);
724 static void fill_printq_info(connection_struct
*conn
, int snum
, int uLevel
,
725 struct pack_desc
* desc
,
726 int count
, print_queue_struct
* queue
,
727 print_status_struct
* status
)
732 PACKS(desc
,"B13",SERVICE(snum
));
737 PACKS(desc
,"z",Expand(conn
,snum
,SERVICE(snum
)));
740 PACKI(desc
,"K",printq_status(status
->status
));
744 if (uLevel
== 1 || uLevel
== 2) {
745 PACKS(desc
,"B",""); /* alignment */
746 PACKI(desc
,"W",5); /* priority */
747 PACKI(desc
,"W",0); /* start time */
748 PACKI(desc
,"W",0); /* until time */
749 PACKS(desc
,"z",""); /* pSepFile */
750 PACKS(desc
,"z","lpd"); /* pPrProc */
751 PACKS(desc
,"z",SERVICE(snum
)); /* pDestinations */
752 PACKS(desc
,"z",""); /* pParms */
754 PACKS(desc
,"z","UNKNOWN PRINTER");
755 PACKI(desc
,"W",LPSTAT_ERROR
);
757 else if (!status
|| !status
->message
[0]) {
758 PACKS(desc
,"z",Expand(conn
,snum
,lp_comment(snum
)));
759 PACKI(desc
,"W",LPSTAT_OK
); /* status */
761 PACKS(desc
,"z",status
->message
);
762 PACKI(desc
,"W",printq_status(status
->status
)); /* status */
764 PACKI(desc
,(uLevel
== 1 ? "W" : "N"),count
);
767 if (uLevel
== 3 || uLevel
== 4) {
768 char *drivername
= NULL
;
770 PACKI(desc
,"W",5); /* uPriority */
771 PACKI(desc
,"W",0); /* uStarttime */
772 PACKI(desc
,"W",0); /* uUntiltime */
773 PACKI(desc
,"W",5); /* pad1 */
774 PACKS(desc
,"z",""); /* pszSepFile */
775 PACKS(desc
,"z","WinPrint"); /* pszPrProc */
776 PACKS(desc
,"z",NULL
); /* pszParms */
777 PACKS(desc
,"z",NULL
); /* pszComment - don't ask.... JRA */
778 /* "don't ask" that it's done this way to fix corrupted
779 Win9X/ME printer comments. */
781 PACKI(desc
,"W",LPSTAT_OK
); /* fsStatus */
783 PACKI(desc
,"W",printq_status(status
->status
)); /* fsStatus */
785 PACKI(desc
,(uLevel
== 3 ? "W" : "N"),count
); /* cJobs */
786 PACKS(desc
,"z",SERVICE(snum
)); /* pszPrinters */
787 get_driver_name(snum
,&drivername
);
791 PACKS(desc
,"z",drivername
); /* pszDriverName */
792 PackDriverData(desc
); /* pDriverData */
795 if (uLevel
== 2 || uLevel
== 4) {
797 for (i
=0;i
<count
;i
++)
798 fill_printjob_info(conn
,snum
,uLevel
== 2 ? 1 : 2,desc
,&queue
[i
],i
);
802 fill_printq_info_52( conn
, snum
, desc
, count
);
805 /* This function returns the number of files for a given driver */
806 static int get_printerdrivernumber(int snum
)
809 struct spoolss_DriverInfo8
*driver
;
810 NT_PRINTER_INFO_LEVEL
*printer
= NULL
;
814 if ( !W_ERROR_IS_OK(get_a_printer( NULL
, &printer
, 2, lp_servicename(snum
))) ) {
815 DEBUG(3,("get_printerdrivernumber: Failed to lookup printer [%s]\n",
816 lp_servicename(snum
)));
820 if (!W_ERROR_IS_OK(get_a_printer_driver(talloc_tos(), &driver
, printer
->info_2
->drivername
,
823 DEBUG(3,("get_printerdrivernumber: Failed to lookup driver [%s]\n",
824 printer
->info_2
->drivername
));
828 /* count the number of files */
829 while (driver
->dependent_files
&& *driver
->dependent_files
[result
])
833 free_a_printer( &printer
, 2 );
835 free_a_printer_driver(driver
);
840 static bool api_DosPrintQGetInfo(connection_struct
*conn
, uint16 vuid
,
841 char *param
, int tpscnt
,
842 char *data
, int tdscnt
,
843 int mdrcnt
,int mprcnt
,
844 char **rdata
,char **rparam
,
845 int *rdata_len
,int *rparam_len
)
847 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
848 char *str2
= skip_string(param
,tpscnt
,str1
);
849 char *p
= skip_string(param
,tpscnt
,str2
);
855 struct pack_desc desc
;
856 print_queue_struct
*queue
=NULL
;
857 print_status_struct status
;
860 if (!str1
|| !str2
|| !p
) {
863 memset((char *)&status
,'\0',sizeof(status
));
864 memset((char *)&desc
,'\0',sizeof(desc
));
866 p
= skip_string(param
,tpscnt
,p
);
870 uLevel
= get_safe_SVAL(param
,tpscnt
,p
,0,-1);
871 str3
= get_safe_str_ptr(param
,tpscnt
,p
,4);
872 /* str3 may be null here and is checked in check_printq_info(). */
874 /* remove any trailing username */
875 if ((p
= strchr_m(QueueName
,'%')))
878 DEBUG(3,("api_DosPrintQGetInfo uLevel=%d name=%s\n",uLevel
,QueueName
));
880 /* check it's a supported varient */
881 if (!prefix_ok(str1
,"zWrLh"))
883 if (!check_printq_info(&desc
,uLevel
,str2
,str3
)) {
885 * Patch from Scott Moomaw <scott@bridgewater.edu>
886 * to return the 'invalid info level' error if an
887 * unknown level was requested.
891 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
895 SSVALS(*rparam
,0,ERRunknownlevel
);
901 snum
= find_service(QueueName
);
902 if ( !(lp_snum_ok(snum
) && lp_print_ok(snum
)) )
906 count
= get_printerdrivernumber(snum
);
907 DEBUG(3,("api_DosPrintQGetInfo: Driver files count: %d\n",count
));
909 count
= print_queue_status(snum
, &queue
,&status
);
913 *rdata
= smb_realloc_limit(*rdata
,mdrcnt
);
919 desc
.buflen
= mdrcnt
;
922 * Don't return data but need to get correct length
923 * init_package will return wrong size if buflen=0
925 desc
.buflen
= getlen(desc
.format
);
926 desc
.base
= tmpdata
= (char *) SMB_MALLOC (desc
.buflen
);
929 if (init_package(&desc
,1,count
)) {
930 desc
.subcount
= count
;
931 fill_printq_info(conn
,snum
,uLevel
,&desc
,count
,queue
,&status
);
934 *rdata_len
= desc
.usedlen
;
937 * We must set the return code to ERRbuftoosmall
938 * in order to support lanman style printing with Win NT/2k
941 if (!mdrcnt
&& lp_disable_spoolss())
942 desc
.errcode
= ERRbuftoosmall
;
944 *rdata_len
= desc
.usedlen
;
946 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
952 SSVALS(*rparam
,0,desc
.errcode
);
954 SSVAL(*rparam
,4,desc
.neededlen
);
956 DEBUG(4,("printqgetinfo: errorcode %d\n",desc
.errcode
));
964 /****************************************************************************
965 View list of all print jobs on all queues.
966 ****************************************************************************/
968 static bool api_DosPrintQEnum(connection_struct
*conn
, uint16 vuid
,
969 char *param
, int tpscnt
,
970 char *data
, int tdscnt
,
971 int mdrcnt
, int mprcnt
,
972 char **rdata
, char** rparam
,
973 int *rdata_len
, int *rparam_len
)
975 char *param_format
= get_safe_str_ptr(param
,tpscnt
,param
,2);
976 char *output_format1
= skip_string(param
,tpscnt
,param_format
);
977 char *p
= skip_string(param
,tpscnt
,output_format1
);
978 unsigned int uLevel
= get_safe_SVAL(param
,tpscnt
,p
,0,-1);
979 char *output_format2
= get_safe_str_ptr(param
,tpscnt
,p
,4);
980 int services
= lp_numservices();
982 struct pack_desc desc
;
983 print_queue_struct
**queue
= NULL
;
984 print_status_struct
*status
= NULL
;
985 int *subcntarr
= NULL
;
986 int queuecnt
= 0, subcnt
= 0, succnt
= 0;
988 if (!param_format
|| !output_format1
|| !p
) {
992 memset((char *)&desc
,'\0',sizeof(desc
));
994 DEBUG(3,("DosPrintQEnum uLevel=%d\n",uLevel
));
996 if (!prefix_ok(param_format
,"WrLeh")) {
999 if (!check_printq_info(&desc
,uLevel
,output_format1
,output_format2
)) {
1001 * Patch from Scott Moomaw <scott@bridgewater.edu>
1002 * to return the 'invalid info level' error if an
1003 * unknown level was requested.
1007 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
1011 SSVALS(*rparam
,0,ERRunknownlevel
);
1017 for (i
= 0; i
< services
; i
++) {
1018 if (lp_snum_ok(i
) && lp_print_ok(i
) && lp_browseable(i
)) {
1023 if((queue
= SMB_MALLOC_ARRAY(print_queue_struct
*, queuecnt
)) == NULL
) {
1024 DEBUG(0,("api_DosPrintQEnum: malloc fail !\n"));
1027 memset(queue
,0,queuecnt
*sizeof(print_queue_struct
*));
1028 if((status
= SMB_MALLOC_ARRAY(print_status_struct
,queuecnt
)) == NULL
) {
1029 DEBUG(0,("api_DosPrintQEnum: malloc fail !\n"));
1032 memset(status
,0,queuecnt
*sizeof(print_status_struct
));
1033 if((subcntarr
= SMB_MALLOC_ARRAY(int,queuecnt
)) == NULL
) {
1034 DEBUG(0,("api_DosPrintQEnum: malloc fail !\n"));
1040 for (i
= 0; i
< services
; i
++) {
1041 if (lp_snum_ok(i
) && lp_print_ok(i
) && lp_browseable(i
)) {
1042 subcntarr
[n
] = print_queue_status(i
, &queue
[n
],&status
[n
]);
1043 subcnt
+= subcntarr
[n
];
1049 *rdata
= smb_realloc_limit(*rdata
,mdrcnt
);
1055 desc
.buflen
= mdrcnt
;
1057 if (init_package(&desc
,queuecnt
,subcnt
)) {
1060 for (i
= 0; i
< services
; i
++) {
1061 if (lp_snum_ok(i
) && lp_print_ok(i
) && lp_browseable(i
)) {
1062 fill_printq_info(conn
,i
,uLevel
,&desc
,subcntarr
[n
],queue
[n
],&status
[n
]);
1064 if (desc
.errcode
== NERR_Success
) {
1071 SAFE_FREE(subcntarr
);
1073 *rdata_len
= desc
.usedlen
;
1075 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
1079 SSVALS(*rparam
,0,desc
.errcode
);
1081 SSVAL(*rparam
,4,succnt
);
1082 SSVAL(*rparam
,6,queuecnt
);
1084 for (i
= 0; i
< queuecnt
; i
++) {
1086 SAFE_FREE(queue
[i
]);
1097 SAFE_FREE(subcntarr
);
1098 for (i
= 0; i
< queuecnt
; i
++) {
1100 SAFE_FREE(queue
[i
]);
1109 /****************************************************************************
1110 Get info level for a server list query.
1111 ****************************************************************************/
1113 static bool check_server_info(int uLevel
, char* id
)
1117 if (strcmp(id
,"B16") != 0) {
1122 if (strcmp(id
,"B16BBDz") != 0) {
1132 struct srv_info_struct
{
1140 /*******************************************************************
1141 Get server info lists from the files saved by nmbd. Return the
1143 ******************************************************************/
1145 static int get_server_info(uint32 servertype
,
1146 struct srv_info_struct
**servers
,
1152 bool local_list_only
;
1155 lines
= file_lines_load(cache_path(SERVER_LIST
), NULL
, 0, NULL
);
1157 DEBUG(4,("Can't open %s - %s\n",cache_path(SERVER_LIST
),strerror(errno
)));
1161 /* request for everything is code for request all servers */
1162 if (servertype
== SV_TYPE_ALL
) {
1163 servertype
&= ~(SV_TYPE_DOMAIN_ENUM
|SV_TYPE_LOCAL_LIST_ONLY
);
1166 local_list_only
= (servertype
& SV_TYPE_LOCAL_LIST_ONLY
);
1168 DEBUG(4,("Servertype search: %8x\n",servertype
));
1170 for (i
=0;lines
[i
];i
++) {
1172 struct srv_info_struct
*s
;
1173 const char *ptr
= lines
[i
];
1175 TALLOC_CTX
*frame
= NULL
;
1182 if (count
== alloced
) {
1184 *servers
= SMB_REALLOC_ARRAY(*servers
,struct srv_info_struct
, alloced
);
1186 DEBUG(0,("get_server_info: failed to enlarge servers info struct!\n"));
1190 memset((char *)((*servers
)+count
),'\0',sizeof(**servers
)*(alloced
-count
));
1192 s
= &(*servers
)[count
];
1194 frame
= talloc_stackframe();
1196 if (!next_token_talloc(frame
,&ptr
,&p
, NULL
)) {
1200 fstrcpy(s
->name
, p
);
1203 if (!next_token_talloc(frame
,&ptr
, &p
, NULL
)) {
1209 s
->comment
[0] = '\0';
1210 if (!next_token_talloc(frame
,&ptr
, &p
, NULL
)) {
1214 fstrcpy(s
->comment
, p
);
1215 string_truncate(s
->comment
, MAX_SERVER_STRING_LENGTH
);
1217 s
->domain
[0] = '\0';
1218 if (!next_token_talloc(frame
,&ptr
,&p
, NULL
)) {
1219 /* this allows us to cope with an old nmbd */
1220 fstrcpy(s
->domain
,lp_workgroup());
1222 fstrcpy(s
->domain
, p
);
1226 if (sscanf(stype
,"%X",&s
->type
) != 1) {
1227 DEBUG(4,("r:host file "));
1231 /* Filter the servers/domains we return based on what was asked for. */
1233 /* Check to see if we are being asked for a local list only. */
1234 if(local_list_only
&& ((s
->type
& SV_TYPE_LOCAL_LIST_ONLY
) == 0)) {
1235 DEBUG(4,("r: local list only"));
1239 /* doesn't match up: don't want it */
1240 if (!(servertype
& s
->type
)) {
1241 DEBUG(4,("r:serv type "));
1245 if ((servertype
& SV_TYPE_DOMAIN_ENUM
) !=
1246 (s
->type
& SV_TYPE_DOMAIN_ENUM
)) {
1247 DEBUG(4,("s: dom mismatch "));
1251 if (!strequal(domain
, s
->domain
) && !(servertype
& SV_TYPE_DOMAIN_ENUM
)) {
1255 /* We should never return a server type with a SV_TYPE_LOCAL_LIST_ONLY set. */
1256 s
->type
&= ~SV_TYPE_LOCAL_LIST_ONLY
;
1259 DEBUG(4,("**SV** %20s %8x %25s %15s\n",
1260 s
->name
, s
->type
, s
->comment
, s
->domain
));
1261 s
->server_added
= True
;
1264 DEBUG(4,("%20s %8x %25s %15s\n",
1265 s
->name
, s
->type
, s
->comment
, s
->domain
));
1273 /*******************************************************************
1274 Fill in a server info structure.
1275 ******************************************************************/
1277 static int fill_srv_info(struct srv_info_struct
*service
,
1278 int uLevel
, char **buf
, int *buflen
,
1279 char **stringbuf
, int *stringspace
, char *baseaddr
)
1302 len
= strlen(service
->comment
)+1;
1306 *buflen
= struct_len
;
1308 return struct_len
+ len
;
1313 if (*buflen
< struct_len
) {
1320 p2
= p
+ struct_len
;
1321 l2
= *buflen
- struct_len
;
1329 push_ascii(p
,service
->name
, MAX_NETBIOSNAME_LEN
, STR_TERMINATE
);
1333 push_ascii(p
,service
->name
,MAX_NETBIOSNAME_LEN
, STR_TERMINATE
);
1334 SIVAL(p
,18,service
->type
);
1335 SIVAL(p
,22,PTR_DIFF(p2
,baseaddr
));
1336 len
+= CopyAndAdvance(&p2
,service
->comment
,&l2
);
1341 *buf
= p
+ struct_len
;
1342 *buflen
-= struct_len
;
1353 static bool srv_comp(struct srv_info_struct
*s1
,struct srv_info_struct
*s2
)
1355 return(strcmp(s1
->name
,s2
->name
));
1358 /****************************************************************************
1359 View list of servers available (or possibly domains). The info is
1360 extracted from lists saved by nmbd on the local host.
1361 ****************************************************************************/
1363 static bool api_RNetServerEnum(connection_struct
*conn
, uint16 vuid
,
1364 char *param
, int tpscnt
,
1365 char *data
, int tdscnt
,
1366 int mdrcnt
, int mprcnt
, char **rdata
,
1367 char **rparam
, int *rdata_len
, int *rparam_len
)
1369 char *str1
= get_safe_str_ptr(param
, tpscnt
, param
, 2);
1370 char *str2
= skip_string(param
,tpscnt
,str1
);
1371 char *p
= skip_string(param
,tpscnt
,str2
);
1372 int uLevel
= get_safe_SVAL(param
, tpscnt
, p
, 0, -1);
1373 int buf_len
= get_safe_SVAL(param
,tpscnt
, p
, 2, 0);
1374 uint32 servertype
= get_safe_IVAL(param
,tpscnt
,p
,4, 0);
1376 int data_len
, fixed_len
, string_len
;
1377 int f_len
= 0, s_len
= 0;
1378 struct srv_info_struct
*servers
=NULL
;
1379 int counted
=0,total
=0;
1382 bool domain_request
;
1385 if (!str1
|| !str2
|| !p
) {
1389 /* If someone sets all the bits they don't really mean to set
1390 DOMAIN_ENUM and LOCAL_LIST_ONLY, they just want all the
1393 if (servertype
== SV_TYPE_ALL
) {
1394 servertype
&= ~(SV_TYPE_DOMAIN_ENUM
|SV_TYPE_LOCAL_LIST_ONLY
);
1397 /* If someone sets SV_TYPE_LOCAL_LIST_ONLY but hasn't set
1398 any other bit (they may just set this bit on its own) they
1399 want all the locally seen servers. However this bit can be
1400 set on its own so set the requested servers to be
1401 ALL - DOMAIN_ENUM. */
1403 if ((servertype
& SV_TYPE_LOCAL_LIST_ONLY
) && !(servertype
& SV_TYPE_DOMAIN_ENUM
)) {
1404 servertype
= SV_TYPE_ALL
& ~(SV_TYPE_DOMAIN_ENUM
);
1407 domain_request
= ((servertype
& SV_TYPE_DOMAIN_ENUM
) != 0);
1408 local_request
= ((servertype
& SV_TYPE_LOCAL_LIST_ONLY
) != 0);
1412 if (!prefix_ok(str1
,"WrLehD")) {
1415 if (!check_server_info(uLevel
,str2
)) {
1419 DEBUG(4, ("server request level: %s %8x ", str2
, servertype
));
1420 DEBUG(4, ("domains_req:%s ", BOOLSTR(domain_request
)));
1421 DEBUG(4, ("local_only:%s\n", BOOLSTR(local_request
)));
1423 if (strcmp(str1
, "WrLehDz") == 0) {
1424 if (skip_string(param
,tpscnt
,p
) == NULL
) {
1427 pull_ascii_fstring(domain
, p
);
1429 fstrcpy(domain
, lp_workgroup());
1432 if (lp_browse_list()) {
1433 total
= get_server_info(servertype
,&servers
,domain
);
1436 data_len
= fixed_len
= string_len
= 0;
1440 qsort(servers
,total
,sizeof(servers
[0]),QSORT_CAST srv_comp
);
1444 char *lastname
=NULL
;
1446 for (i
=0;i
<total
;i
++) {
1447 struct srv_info_struct
*s
= &servers
[i
];
1449 if (lastname
&& strequal(lastname
,s
->name
)) {
1453 data_len
+= fill_srv_info(s
,uLevel
,0,&f_len
,0,&s_len
,0);
1454 DEBUG(4,("fill_srv_info %20s %8x %25s %15s\n",
1455 s
->name
, s
->type
, s
->comment
, s
->domain
));
1457 if (data_len
<= buf_len
) {
1460 string_len
+= s_len
;
1467 *rdata_len
= fixed_len
+ string_len
;
1468 *rdata
= smb_realloc_limit(*rdata
,*rdata_len
);
1473 p2
= (*rdata
) + fixed_len
; /* auxilliary data (strings) will go here */
1479 char *lastname
=NULL
;
1480 int count2
= counted
;
1482 for (i
= 0; i
< total
&& count2
;i
++) {
1483 struct srv_info_struct
*s
= &servers
[i
];
1485 if (lastname
&& strequal(lastname
,s
->name
)) {
1489 fill_srv_info(s
,uLevel
,&p
,&f_len
,&p2
,&s_len
,*rdata
);
1490 DEBUG(4,("fill_srv_info %20s %8x %25s %15s\n",
1491 s
->name
, s
->type
, s
->comment
, s
->domain
));
1497 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
1501 SSVAL(*rparam
,0,(missed
== 0 ? NERR_Success
: ERRmoredata
));
1503 SSVAL(*rparam
,4,counted
);
1504 SSVAL(*rparam
,6,counted
+missed
);
1508 DEBUG(3,("NetServerEnum domain = %s uLevel=%d counted=%d total=%d\n",
1509 domain
,uLevel
,counted
,counted
+missed
));
1514 /****************************************************************************
1515 command 0x34 - suspected of being a "Lookup Names" stub api
1516 ****************************************************************************/
1518 static bool api_RNetGroupGetUsers(connection_struct
*conn
, uint16 vuid
,
1519 char *param
, int tpscnt
,
1520 char *data
, int tdscnt
,
1521 int mdrcnt
, int mprcnt
, char **rdata
,
1522 char **rparam
, int *rdata_len
, int *rparam_len
)
1524 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
1525 char *str2
= skip_string(param
,tpscnt
,str1
);
1526 char *p
= skip_string(param
,tpscnt
,str2
);
1527 int uLevel
= get_safe_SVAL(param
,tpscnt
,p
,0,-1);
1528 int buf_len
= get_safe_SVAL(param
,tpscnt
,p
,2,0);
1532 if (!str1
|| !str2
|| !p
) {
1536 DEBUG(5,("RNetGroupGetUsers: %s %s %s %d %d\n",
1537 str1
, str2
, p
, uLevel
, buf_len
));
1539 if (!prefix_ok(str1
,"zWrLeh")) {
1546 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
1551 SSVAL(*rparam
,0,0x08AC); /* informational warning message */
1553 SSVAL(*rparam
,4,counted
);
1554 SSVAL(*rparam
,6,counted
+missed
);
1559 /****************************************************************************
1560 get info about a share
1561 ****************************************************************************/
1563 static bool check_share_info(int uLevel
, char* id
)
1567 if (strcmp(id
,"B13") != 0) {
1572 if (strcmp(id
,"B13BWz") != 0) {
1577 if (strcmp(id
,"B13BWzWWWzB9B") != 0) {
1582 if (strcmp(id
,"B13BWzWWWzB9BB9BWzWWzWW") != 0) {
1592 static int fill_share_info(connection_struct
*conn
, int snum
, int uLevel
,
1593 char** buf
, int* buflen
,
1594 char** stringbuf
, int* stringspace
, char* baseaddr
)
1623 len
+= StrlenExpanded(conn
,snum
,lp_comment(snum
));
1626 len
+= strlen(lp_pathname(snum
)) + 1;
1629 *buflen
= struct_len
;
1634 return struct_len
+ len
;
1639 if ((*buflen
) < struct_len
) {
1647 p2
= p
+ struct_len
;
1648 l2
= (*buflen
) - struct_len
;
1655 push_ascii(p
,lp_servicename(snum
),13, STR_TERMINATE
);
1661 type
= STYPE_DISKTREE
;
1662 if (lp_print_ok(snum
)) {
1663 type
= STYPE_PRINTQ
;
1665 if (strequal("IPC",lp_fstype(snum
))) {
1668 SSVAL(p
,14,type
); /* device type */
1669 SIVAL(p
,16,PTR_DIFF(p2
,baseaddr
));
1670 len
+= CopyExpanded(conn
,snum
,&p2
,lp_comment(snum
),&l2
);
1674 SSVAL(p
,20,ACCESS_READ
|ACCESS_WRITE
|ACCESS_CREATE
); /* permissions */
1675 SSVALS(p
,22,-1); /* max uses */
1676 SSVAL(p
,24,1); /* current uses */
1677 SIVAL(p
,26,PTR_DIFF(p2
,baseaddr
)); /* local pathname */
1678 len
+= CopyAndAdvance(&p2
,lp_pathname(snum
),&l2
);
1679 memset(p
+30,0,SHPWLEN
+2); /* passwd (reserved), pad field */
1683 memset(p
+40,0,SHPWLEN
+2);
1694 (*buf
) = p
+ struct_len
;
1695 (*buflen
) -= struct_len
;
1697 (*stringspace
) = l2
;
1706 static bool api_RNetShareGetInfo(connection_struct
*conn
,uint16 vuid
,
1707 char *param
, int tpscnt
,
1708 char *data
, int tdscnt
,
1709 int mdrcnt
,int mprcnt
,
1710 char **rdata
,char **rparam
,
1711 int *rdata_len
,int *rparam_len
)
1713 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
1714 char *str2
= skip_string(param
,tpscnt
,str1
);
1715 char *netname
= skip_string(param
,tpscnt
,str2
);
1716 char *p
= skip_string(param
,tpscnt
,netname
);
1717 int uLevel
= get_safe_SVAL(param
,tpscnt
,p
,0,-1);
1720 if (!str1
|| !str2
|| !netname
|| !p
) {
1724 snum
= find_service(netname
);
1729 /* check it's a supported varient */
1730 if (!prefix_ok(str1
,"zWrLh")) {
1733 if (!check_share_info(uLevel
,str2
)) {
1737 *rdata
= smb_realloc_limit(*rdata
,mdrcnt
);
1742 *rdata_len
= fill_share_info(conn
,snum
,uLevel
,&p
,&mdrcnt
,0,0,0);
1743 if (*rdata_len
< 0) {
1748 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
1752 SSVAL(*rparam
,0,NERR_Success
);
1753 SSVAL(*rparam
,2,0); /* converter word */
1754 SSVAL(*rparam
,4,*rdata_len
);
1759 /****************************************************************************
1760 View the list of available shares.
1762 This function is the server side of the NetShareEnum() RAP call.
1763 It fills the return buffer with share names and share comments.
1764 Note that the return buffer normally (in all known cases) allows only
1765 twelve byte strings for share names (plus one for a nul terminator).
1766 Share names longer than 12 bytes must be skipped.
1767 ****************************************************************************/
1769 static bool api_RNetShareEnum( connection_struct
*conn
, uint16 vuid
,
1770 char *param
, int tpscnt
,
1771 char *data
, int tdscnt
,
1779 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
1780 char *str2
= skip_string(param
,tpscnt
,str1
);
1781 char *p
= skip_string(param
,tpscnt
,str2
);
1782 int uLevel
= get_safe_SVAL(param
,tpscnt
,p
,0,-1);
1783 int buf_len
= get_safe_SVAL(param
,tpscnt
,p
,2,0);
1786 int total
=0,counted
=0;
1787 bool missed
= False
;
1789 int data_len
, fixed_len
, string_len
;
1790 int f_len
= 0, s_len
= 0;
1792 if (!str1
|| !str2
|| !p
) {
1796 if (!prefix_ok(str1
,"WrLeh")) {
1799 if (!check_share_info(uLevel
,str2
)) {
1803 /* Ensure all the usershares are loaded. */
1805 load_registry_shares();
1806 count
= load_usershare_shares();
1809 data_len
= fixed_len
= string_len
= 0;
1810 for (i
=0;i
<count
;i
++) {
1811 fstring servicename_dos
;
1812 if (!(lp_browseable(i
) && lp_snum_ok(i
))) {
1815 push_ascii_fstring(servicename_dos
, lp_servicename(i
));
1816 /* Maximum name length = 13. */
1817 if( lp_browseable( i
) && lp_snum_ok( i
) && (strlen(servicename_dos
) < 13)) {
1819 data_len
+= fill_share_info(conn
,i
,uLevel
,0,&f_len
,0,&s_len
,0);
1820 if (data_len
<= buf_len
) {
1823 string_len
+= s_len
;
1830 *rdata_len
= fixed_len
+ string_len
;
1831 *rdata
= smb_realloc_limit(*rdata
,*rdata_len
);
1836 p2
= (*rdata
) + fixed_len
; /* auxiliary data (strings) will go here */
1841 for( i
= 0; i
< count
; i
++ ) {
1842 fstring servicename_dos
;
1843 if (!(lp_browseable(i
) && lp_snum_ok(i
))) {
1847 push_ascii_fstring(servicename_dos
, lp_servicename(i
));
1848 if (lp_browseable(i
) && lp_snum_ok(i
) && (strlen(servicename_dos
) < 13)) {
1849 if (fill_share_info( conn
,i
,uLevel
,&p
,&f_len
,&p2
,&s_len
,*rdata
) < 0) {
1856 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
1860 SSVAL(*rparam
,0,missed
? ERRmoredata
: NERR_Success
);
1862 SSVAL(*rparam
,4,counted
);
1863 SSVAL(*rparam
,6,total
);
1865 DEBUG(3,("RNetShareEnum gave %d entries of %d (%d %d %d %d)\n",
1866 counted
,total
,uLevel
,
1867 buf_len
,*rdata_len
,mdrcnt
));
1872 /****************************************************************************
1874 ****************************************************************************/
1876 static bool api_RNetShareAdd(connection_struct
*conn
,uint16 vuid
,
1877 char *param
, int tpscnt
,
1878 char *data
, int tdscnt
,
1879 int mdrcnt
,int mprcnt
,
1880 char **rdata
,char **rparam
,
1881 int *rdata_len
,int *rparam_len
)
1883 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
1884 char *str2
= skip_string(param
,tpscnt
,str1
);
1885 char *p
= skip_string(param
,tpscnt
,str2
);
1886 int uLevel
= get_safe_SVAL(param
,tpscnt
,p
,0,-1);
1889 char *pathname
= NULL
;
1890 char *command
, *cmdname
;
1891 unsigned int offset
;
1894 size_t converted_size
;
1896 if (!str1
|| !str2
|| !p
) {
1900 /* check it's a supported varient */
1901 if (!prefix_ok(str1
,RAP_WShareAdd_REQ
)) {
1904 if (!check_share_info(uLevel
,str2
)) {
1911 /* Do we have a string ? */
1912 if (skip_string(data
,mdrcnt
,data
) == NULL
) {
1915 pull_ascii_fstring(sharename
,data
);
1916 snum
= find_service(sharename
);
1917 if (snum
>= 0) { /* already exists */
1926 /* only support disk share adds */
1927 if (SVAL(data
,14)!=STYPE_DISKTREE
) {
1931 offset
= IVAL(data
, 16);
1932 if (offset
>= mdrcnt
) {
1933 res
= ERRinvalidparam
;
1937 /* Do we have a string ? */
1938 if (skip_string(data
,mdrcnt
,data
+offset
) == NULL
) {
1941 pull_ascii_fstring(comment
, offset
? (data
+offset
) : "");
1943 offset
= IVAL(data
, 26);
1945 if (offset
>= mdrcnt
) {
1946 res
= ERRinvalidparam
;
1950 /* Do we have a string ? */
1951 if (skip_string(data
,mdrcnt
,data
+offset
) == NULL
) {
1955 if (!pull_ascii_talloc(talloc_tos(), &pathname
,
1956 offset
? (data
+offset
) : "", &converted_size
))
1958 DEBUG(0,("api_RNetShareAdd: pull_ascii_talloc failed: %s",
1966 string_replace(sharename
, '"', ' ');
1967 string_replace(pathname
, '"', ' ');
1968 string_replace(comment
, '"', ' ');
1970 cmdname
= lp_add_share_cmd();
1972 if (!cmdname
|| *cmdname
== '\0') {
1976 if (asprintf(&command
, "%s \"%s\" \"%s\" \"%s\" \"%s\"",
1977 lp_add_share_cmd(), get_dyn_CONFIGFILE(), sharename
,
1978 pathname
, comment
) == -1) {
1982 DEBUG(10,("api_RNetShareAdd: Running [%s]\n", command
));
1984 if ((res
= smbrun(command
, NULL
)) != 0) {
1985 DEBUG(1,("api_RNetShareAdd: Running [%s] returned (%d)\n",
1992 message_send_all(smbd_messaging_context(),
1993 MSG_SMB_CONF_UPDATED
, NULL
, 0, NULL
);
1997 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
2001 SSVAL(*rparam
,0,NERR_Success
);
2002 SSVAL(*rparam
,2,0); /* converter word */
2003 SSVAL(*rparam
,4,*rdata_len
);
2011 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
2016 SSVAL(*rparam
,0,res
);
2021 /****************************************************************************
2022 view list of groups available
2023 ****************************************************************************/
2025 static bool api_RNetGroupEnum(connection_struct
*conn
,uint16 vuid
,
2026 char *param
, int tpscnt
,
2027 char *data
, int tdscnt
,
2028 int mdrcnt
,int mprcnt
,
2029 char **rdata
,char **rparam
,
2030 int *rdata_len
,int *rparam_len
)
2034 int resume_context
, cli_buf_size
;
2035 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
2036 char *str2
= skip_string(param
,tpscnt
,str1
);
2037 char *p
= skip_string(param
,tpscnt
,str2
);
2039 uint32_t num_groups
;
2040 uint32_t resume_handle
;
2041 struct rpc_pipe_client
*samr_pipe
;
2042 struct policy_handle samr_handle
, domain_handle
;
2045 if (!str1
|| !str2
|| !p
) {
2049 if (strcmp(str1
,"WrLeh") != 0) {
2054 * W-> resume context (number of users to skip)
2055 * r -> return parameter pointer to receive buffer
2056 * L -> length of receive buffer
2057 * e -> return parameter number of entries
2058 * h -> return parameter total number of users
2061 if (strcmp("B21",str2
) != 0) {
2065 status
= rpc_pipe_open_internal(
2066 talloc_tos(), &ndr_table_samr
.syntax_id
, rpc_samr_dispatch
,
2067 conn
->server_info
, &samr_pipe
);
2068 if (!NT_STATUS_IS_OK(status
)) {
2069 DEBUG(0, ("api_RNetUserEnum: Could not connect to samr: %s\n",
2070 nt_errstr(status
)));
2074 status
= rpccli_samr_Connect2(samr_pipe
, talloc_tos(), global_myname(),
2075 SAMR_ACCESS_LOOKUP_DOMAIN
, &samr_handle
);
2076 if (!NT_STATUS_IS_OK(status
)) {
2077 DEBUG(0, ("api_RNetUserEnum: samr_Connect2 failed: %s\n",
2078 nt_errstr(status
)));
2082 status
= rpccli_samr_OpenDomain(samr_pipe
, talloc_tos(), &samr_handle
,
2083 SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS
,
2084 get_global_sam_sid(), &domain_handle
);
2085 if (!NT_STATUS_IS_OK(status
)) {
2086 DEBUG(0, ("api_RNetUserEnum: samr_OpenDomain failed: %s\n",
2087 nt_errstr(status
)));
2088 rpccli_samr_Close(samr_pipe
, talloc_tos(), &samr_handle
);
2092 resume_context
= get_safe_SVAL(param
,tpscnt
,p
,0,-1);
2093 cli_buf_size
= get_safe_SVAL(param
,tpscnt
,p
,2,0);
2094 DEBUG(10,("api_RNetGroupEnum:resume context: %d, client buffer size: "
2095 "%d\n", resume_context
, cli_buf_size
));
2097 *rdata_len
= cli_buf_size
;
2098 *rdata
= smb_realloc_limit(*rdata
,*rdata_len
);
2105 errflags
= NERR_Success
;
2110 struct samr_SamArray
*sam_entries
;
2111 uint32_t num_entries
;
2113 status
= rpccli_samr_EnumDomainGroups(samr_pipe
, talloc_tos(),
2118 if (!NT_STATUS_IS_OK(status
)) {
2119 DEBUG(10, ("rpccli_samr_EnumDomainGroups returned "
2120 "%s\n", nt_errstr(status
)));
2124 if (num_entries
== 0) {
2125 DEBUG(10, ("rpccli_samr_EnumDomainGroups returned "
2126 "no entries -- done\n"));
2130 for(i
=0; i
<num_entries
; i
++) {
2133 name
= sam_entries
->entries
[i
].name
.string
;
2135 if( ((PTR_DIFF(p
,*rdata
)+21) > *rdata_len
) ) {
2136 /* set overflow error */
2137 DEBUG(3,("overflow on entry %d group %s\n", i
,
2143 /* truncate the name at 21 chars. */
2145 strlcpy(p
, name
, 21);
2146 DEBUG(10,("adding entry %d group %s\n", i
, p
));
2148 p
+= 5; /* Both NT4 and W2k3SP1 do padding here. No
2153 if (errflags
!= NERR_Success
) {
2157 TALLOC_FREE(sam_entries
);
2160 rpccli_samr_Close(samr_pipe
, talloc_tos(), &domain_handle
);
2161 rpccli_samr_Close(samr_pipe
, talloc_tos(), &samr_handle
);
2163 *rdata_len
= PTR_DIFF(p
,*rdata
);
2166 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
2170 SSVAL(*rparam
, 0, errflags
);
2171 SSVAL(*rparam
, 2, 0); /* converter word */
2172 SSVAL(*rparam
, 4, num_groups
); /* is this right?? */
2173 SSVAL(*rparam
, 6, resume_context
+num_groups
); /* is this right?? */
2178 /*******************************************************************
2179 Get groups that a user is a member of.
2180 ******************************************************************/
2182 static bool api_NetUserGetGroups(connection_struct
*conn
,uint16 vuid
,
2183 char *param
, int tpscnt
,
2184 char *data
, int tdscnt
,
2185 int mdrcnt
,int mprcnt
,
2186 char **rdata
,char **rparam
,
2187 int *rdata_len
,int *rparam_len
)
2189 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
2190 char *str2
= skip_string(param
,tpscnt
,str1
);
2191 char *UserName
= skip_string(param
,tpscnt
,str2
);
2192 char *p
= skip_string(param
,tpscnt
,UserName
);
2193 int uLevel
= get_safe_SVAL(param
,tpscnt
,p
,0,-1);
2194 const char *level_string
;
2200 struct rpc_pipe_client
*samr_pipe
;
2201 struct policy_handle samr_handle
, domain_handle
, user_handle
;
2202 struct lsa_String name
;
2203 struct lsa_Strings names
;
2204 struct samr_Ids type
, rid
;
2205 struct samr_RidWithAttributeArray
*rids
;
2208 if (!str1
|| !str2
|| !UserName
|| !p
) {
2213 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
2218 /* check it's a supported varient */
2220 if ( strcmp(str1
,"zWrLeh") != 0 )
2225 level_string
= "B21";
2231 if (strcmp(level_string
,str2
) != 0)
2234 *rdata_len
= mdrcnt
+ 1024;
2235 *rdata
= smb_realloc_limit(*rdata
,*rdata_len
);
2240 SSVAL(*rparam
,0,NERR_Success
);
2241 SSVAL(*rparam
,2,0); /* converter word */
2244 endp
= *rdata
+ *rdata_len
;
2246 status
= rpc_pipe_open_internal(
2247 talloc_tos(), &ndr_table_samr
.syntax_id
, rpc_samr_dispatch
,
2248 conn
->server_info
, &samr_pipe
);
2249 if (!NT_STATUS_IS_OK(status
)) {
2250 DEBUG(0, ("api_RNetUserEnum: Could not connect to samr: %s\n",
2251 nt_errstr(status
)));
2255 status
= rpccli_samr_Connect2(samr_pipe
, talloc_tos(), global_myname(),
2256 SAMR_ACCESS_LOOKUP_DOMAIN
, &samr_handle
);
2257 if (!NT_STATUS_IS_OK(status
)) {
2258 DEBUG(0, ("api_RNetUserEnum: samr_Connect2 failed: %s\n",
2259 nt_errstr(status
)));
2263 status
= rpccli_samr_OpenDomain(samr_pipe
, talloc_tos(), &samr_handle
,
2264 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
,
2265 get_global_sam_sid(), &domain_handle
);
2266 if (!NT_STATUS_IS_OK(status
)) {
2267 DEBUG(0, ("api_RNetUserEnum: samr_OpenDomain failed: %s\n",
2268 nt_errstr(status
)));
2272 name
.string
= UserName
;
2274 status
= rpccli_samr_LookupNames(samr_pipe
, talloc_tos(),
2275 &domain_handle
, 1, &name
,
2277 if (!NT_STATUS_IS_OK(status
)) {
2278 DEBUG(0, ("api_RNetUserEnum: samr_LookupNames failed: %s\n",
2279 nt_errstr(status
)));
2283 if (type
.ids
[0] != SID_NAME_USER
) {
2284 DEBUG(10, ("%s is a %s, not a user\n", UserName
,
2285 sid_type_lookup(type
.ids
[0])));
2289 status
= rpccli_samr_OpenUser(samr_pipe
, talloc_tos(),
2291 SAMR_USER_ACCESS_GET_GROUPS
,
2292 rid
.ids
[0], &user_handle
);
2293 if (!NT_STATUS_IS_OK(status
)) {
2294 DEBUG(0, ("api_RNetUserEnum: samr_LookupNames failed: %s\n",
2295 nt_errstr(status
)));
2299 status
= rpccli_samr_GetGroupsForUser(samr_pipe
, talloc_tos(),
2300 &user_handle
, &rids
);
2301 if (!NT_STATUS_IS_OK(status
)) {
2302 DEBUG(0, ("api_RNetUserEnum: samr_LookupNames failed: %s\n",
2303 nt_errstr(status
)));
2307 for (i
=0; i
<rids
->count
; i
++) {
2309 status
= rpccli_samr_LookupRids(samr_pipe
, talloc_tos(),
2311 1, &rids
->rids
[i
].rid
,
2313 if (NT_STATUS_IS_OK(status
) && (names
.count
== 1)) {
2314 strlcpy(p
, names
.names
[0].string
, PTR_DIFF(endp
,p
));
2320 *rdata_len
= PTR_DIFF(p
,*rdata
);
2322 SSVAL(*rparam
,4,count
); /* is this right?? */
2323 SSVAL(*rparam
,6,count
); /* is this right?? */
2328 rpccli_samr_Close(samr_pipe
, talloc_tos(), &user_handle
);
2330 rpccli_samr_Close(samr_pipe
, talloc_tos(), &domain_handle
);
2332 rpccli_samr_Close(samr_pipe
, talloc_tos(), &samr_handle
);
2337 /*******************************************************************
2339 ******************************************************************/
2341 static bool api_RNetUserEnum(connection_struct
*conn
, uint16 vuid
,
2342 char *param
, int tpscnt
,
2343 char *data
, int tdscnt
,
2344 int mdrcnt
,int mprcnt
,
2345 char **rdata
,char **rparam
,
2346 int *rdata_len
,int *rparam_len
)
2351 int i
, resume_context
, cli_buf_size
;
2352 uint32_t resume_handle
;
2354 struct rpc_pipe_client
*samr_pipe
;
2355 struct policy_handle samr_handle
, domain_handle
;
2358 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
2359 char *str2
= skip_string(param
,tpscnt
,str1
);
2360 char *p
= skip_string(param
,tpscnt
,str2
);
2363 if (!str1
|| !str2
|| !p
) {
2367 if (strcmp(str1
,"WrLeh") != 0)
2370 * W-> resume context (number of users to skip)
2371 * r -> return parameter pointer to receive buffer
2372 * L -> length of receive buffer
2373 * e -> return parameter number of entries
2374 * h -> return parameter total number of users
2377 resume_context
= get_safe_SVAL(param
,tpscnt
,p
,0,-1);
2378 cli_buf_size
= get_safe_SVAL(param
,tpscnt
,p
,2,0);
2379 DEBUG(10,("api_RNetUserEnum:resume context: %d, client buffer size: %d\n",
2380 resume_context
, cli_buf_size
));
2383 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
2388 /* check it's a supported varient */
2389 if (strcmp("B21",str2
) != 0)
2392 *rdata_len
= cli_buf_size
;
2393 *rdata
= smb_realloc_limit(*rdata
,*rdata_len
);
2399 endp
= *rdata
+ *rdata_len
;
2401 status
= rpc_pipe_open_internal(
2402 talloc_tos(), &ndr_table_samr
.syntax_id
, rpc_samr_dispatch
,
2403 conn
->server_info
, &samr_pipe
);
2404 if (!NT_STATUS_IS_OK(status
)) {
2405 DEBUG(0, ("api_RNetUserEnum: Could not connect to samr: %s\n",
2406 nt_errstr(status
)));
2410 status
= rpccli_samr_Connect2(samr_pipe
, talloc_tos(), global_myname(),
2411 SAMR_ACCESS_LOOKUP_DOMAIN
, &samr_handle
);
2412 if (!NT_STATUS_IS_OK(status
)) {
2413 DEBUG(0, ("api_RNetUserEnum: samr_Connect2 failed: %s\n",
2414 nt_errstr(status
)));
2418 status
= rpccli_samr_OpenDomain(samr_pipe
, talloc_tos(), &samr_handle
,
2419 SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS
,
2420 get_global_sam_sid(), &domain_handle
);
2421 if (!NT_STATUS_IS_OK(status
)) {
2422 DEBUG(0, ("api_RNetUserEnum: samr_OpenDomain failed: %s\n",
2423 nt_errstr(status
)));
2424 rpccli_samr_Close(samr_pipe
, talloc_tos(), &samr_handle
);
2428 errflags
=NERR_Success
;
2433 struct samr_SamArray
*sam_entries
;
2434 uint32_t num_entries
;
2436 status
= rpccli_samr_EnumDomainUsers(samr_pipe
, talloc_tos(),
2442 if (!NT_STATUS_IS_OK(status
)) {
2443 DEBUG(10, ("rpccli_samr_EnumDomainUsers returned "
2444 "%s\n", nt_errstr(status
)));
2448 if (num_entries
== 0) {
2449 DEBUG(10, ("rpccli_samr_EnumDomainUsers returned "
2450 "no entries -- done\n"));
2454 for (i
=0; i
<num_entries
; i
++) {
2457 name
= sam_entries
->entries
[i
].name
.string
;
2459 if(((PTR_DIFF(p
,*rdata
)+21)<=*rdata_len
)
2460 &&(strlen(name
)<=21)) {
2461 strlcpy(p
,name
,PTR_DIFF(endp
,p
));
2462 DEBUG(10,("api_RNetUserEnum:adding entry %d "
2463 "username %s\n",count_sent
,p
));
2467 /* set overflow error */
2468 DEBUG(10,("api_RNetUserEnum:overflow on entry %d "
2469 "username %s\n",count_sent
,name
));
2475 if (errflags
!= NERR_Success
) {
2479 TALLOC_FREE(sam_entries
);
2482 rpccli_samr_Close(samr_pipe
, talloc_tos(), &domain_handle
);
2483 rpccli_samr_Close(samr_pipe
, talloc_tos(), &samr_handle
);
2485 *rdata_len
= PTR_DIFF(p
,*rdata
);
2487 SSVAL(*rparam
,0,errflags
);
2488 SSVAL(*rparam
,2,0); /* converter word */
2489 SSVAL(*rparam
,4,count_sent
); /* is this right?? */
2490 SSVAL(*rparam
,6,num_users
); /* is this right?? */
2495 /****************************************************************************
2496 Get the time of day info.
2497 ****************************************************************************/
2499 static bool api_NetRemoteTOD(connection_struct
*conn
,uint16 vuid
,
2500 char *param
, int tpscnt
,
2501 char *data
, int tdscnt
,
2502 int mdrcnt
,int mprcnt
,
2503 char **rdata
,char **rparam
,
2504 int *rdata_len
,int *rparam_len
)
2507 time_t unixdate
= time(NULL
);
2511 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
2517 *rdata
= smb_realloc_limit(*rdata
,*rdata_len
);
2522 SSVAL(*rparam
,0,NERR_Success
);
2523 SSVAL(*rparam
,2,0); /* converter word */
2527 srv_put_dos_date3(p
,0,unixdate
); /* this is the time that is looked at
2528 by NT in a "net time" operation,
2529 it seems to ignore the one below */
2531 /* the client expects to get localtime, not GMT, in this bit
2532 (I think, this needs testing) */
2533 t
= localtime(&unixdate
);
2538 SIVAL(p
,4,0); /* msecs ? */
2539 SCVAL(p
,8,t
->tm_hour
);
2540 SCVAL(p
,9,t
->tm_min
);
2541 SCVAL(p
,10,t
->tm_sec
);
2542 SCVAL(p
,11,0); /* hundredths of seconds */
2543 SSVALS(p
,12,get_time_zone(unixdate
)/60); /* timezone in minutes from GMT */
2544 SSVAL(p
,14,10000); /* timer interval in 0.0001 of sec */
2545 SCVAL(p
,16,t
->tm_mday
);
2546 SCVAL(p
,17,t
->tm_mon
+ 1);
2547 SSVAL(p
,18,1900+t
->tm_year
);
2548 SCVAL(p
,20,t
->tm_wday
);
2553 /****************************************************************************
2554 Set the user password.
2555 *****************************************************************************/
2557 static bool api_SetUserPassword(connection_struct
*conn
,uint16 vuid
,
2558 char *param
, int tpscnt
,
2559 char *data
, int tdscnt
,
2560 int mdrcnt
,int mprcnt
,
2561 char **rdata
,char **rparam
,
2562 int *rdata_len
,int *rparam_len
)
2564 char *np
= get_safe_str_ptr(param
,tpscnt
,param
,2);
2567 fstring pass1
,pass2
;
2569 /* Skip 2 strings. */
2570 p
= skip_string(param
,tpscnt
,np
);
2571 p
= skip_string(param
,tpscnt
,p
);
2577 /* Do we have a string ? */
2578 if (skip_string(param
,tpscnt
,p
) == NULL
) {
2581 pull_ascii_fstring(user
,p
);
2583 p
= skip_string(param
,tpscnt
,p
);
2588 memset(pass1
,'\0',sizeof(pass1
));
2589 memset(pass2
,'\0',sizeof(pass2
));
2591 * We use 31 here not 32 as we're checking
2592 * the last byte we want to access is safe.
2594 if (!is_offset_safe(param
,tpscnt
,p
,31)) {
2598 memcpy(pass2
,p
+16,16);
2601 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
2608 SSVAL(*rparam
,0,NERR_badpass
);
2609 SSVAL(*rparam
,2,0); /* converter word */
2611 DEBUG(3,("Set password for <%s>\n",user
));
2614 * Attempt to verify the old password against smbpasswd entries
2615 * Win98 clients send old and new password in plaintext for this call.
2619 auth_serversupplied_info
*server_info
= NULL
;
2620 DATA_BLOB password
= data_blob(pass1
, strlen(pass1
)+1);
2622 if (NT_STATUS_IS_OK(check_plaintext_password(user
,password
,&server_info
))) {
2625 if (NT_STATUS_IS_OK(change_oem_password(server_info
->sam_account
, pass1
, pass2
, False
, NULL
))) {
2626 SSVAL(*rparam
,0,NERR_Success
);
2630 TALLOC_FREE(server_info
);
2632 data_blob_clear_free(&password
);
2636 * If the plaintext change failed, attempt
2637 * the old encrypted method. NT will generate this
2638 * after trying the samr method. Note that this
2639 * method is done as a last resort as this
2640 * password change method loses the NT password hash
2641 * and cannot change the UNIX password as no plaintext
2645 if(SVAL(*rparam
,0) != NERR_Success
) {
2646 struct samu
*hnd
= NULL
;
2648 if (check_lanman_password(user
,(unsigned char *)pass1
,(unsigned char *)pass2
, &hnd
)) {
2650 if (change_lanman_password(hnd
,(uchar
*)pass2
)) {
2651 SSVAL(*rparam
,0,NERR_Success
);
2658 memset((char *)pass1
,'\0',sizeof(fstring
));
2659 memset((char *)pass2
,'\0',sizeof(fstring
));
2664 /****************************************************************************
2665 Set the user password (SamOEM version - gets plaintext).
2666 ****************************************************************************/
2668 static bool api_SamOEMChangePassword(connection_struct
*conn
,uint16 vuid
,
2669 char *param
, int tpscnt
,
2670 char *data
, int tdscnt
,
2671 int mdrcnt
,int mprcnt
,
2672 char **rdata
,char **rparam
,
2673 int *rdata_len
,int *rparam_len
)
2675 struct smbd_server_connection
*sconn
= smbd_server_conn
;
2677 char *p
= get_safe_str_ptr(param
,tpscnt
,param
,2);
2679 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
2689 SSVAL(*rparam
,0,NERR_badpass
);
2692 * Check the parameter definition is correct.
2695 /* Do we have a string ? */
2696 if (skip_string(param
,tpscnt
,p
) == 0) {
2699 if(!strequal(p
, "zsT")) {
2700 DEBUG(0,("api_SamOEMChangePassword: Invalid parameter string %s\n", p
));
2703 p
= skip_string(param
, tpscnt
, p
);
2708 /* Do we have a string ? */
2709 if (skip_string(param
,tpscnt
,p
) == 0) {
2712 if(!strequal(p
, "B516B16")) {
2713 DEBUG(0,("api_SamOEMChangePassword: Invalid data parameter string %s\n", p
));
2716 p
= skip_string(param
,tpscnt
,p
);
2720 /* Do we have a string ? */
2721 if (skip_string(param
,tpscnt
,p
) == 0) {
2724 p
+= pull_ascii_fstring(user
,p
);
2726 DEBUG(3,("api_SamOEMChangePassword: Change password for <%s>\n",user
));
2729 * Pass the user through the NT -> unix user mapping
2733 (void)map_username(sconn
, user
);
2735 if (NT_STATUS_IS_OK(pass_oem_change(user
, (uchar
*) data
, (uchar
*)&data
[516], NULL
, NULL
, NULL
))) {
2736 SSVAL(*rparam
,0,NERR_Success
);
2742 /****************************************************************************
2745 ****************************************************************************/
2747 static bool api_RDosPrintJobDel(connection_struct
*conn
,uint16 vuid
,
2748 char *param
, int tpscnt
,
2749 char *data
, int tdscnt
,
2750 int mdrcnt
,int mprcnt
,
2751 char **rdata
,char **rparam
,
2752 int *rdata_len
,int *rparam_len
)
2754 int function
= get_safe_SVAL(param
,tpscnt
,param
,0,0);
2755 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
2756 char *str2
= skip_string(param
,tpscnt
,str1
);
2757 char *p
= skip_string(param
,tpscnt
,str2
);
2762 WERROR werr
= WERR_OK
;
2764 if (!str1
|| !str2
|| !p
) {
2768 * We use 1 here not 2 as we're checking
2769 * the last byte we want to access is safe.
2771 if (!is_offset_safe(param
,tpscnt
,p
,1)) {
2774 if(!rap_to_pjobid(SVAL(p
,0), sharename
, &jobid
))
2777 /* check it's a supported varient */
2778 if (!(strcsequal(str1
,"W") && strcsequal(str2
,"")))
2782 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
2788 if (!print_job_exists(sharename
, jobid
)) {
2789 errcode
= NERR_JobNotFound
;
2793 snum
= lp_servicenumber( sharename
);
2795 errcode
= NERR_DestNotFound
;
2799 errcode
= NERR_notsupported
;
2802 case 81: /* delete */
2803 if (print_job_delete(conn
->server_info
, snum
, jobid
, &werr
))
2804 errcode
= NERR_Success
;
2806 case 82: /* pause */
2807 if (print_job_pause(conn
->server_info
, snum
, jobid
, &werr
))
2808 errcode
= NERR_Success
;
2810 case 83: /* resume */
2811 if (print_job_resume(conn
->server_info
, snum
, jobid
, &werr
))
2812 errcode
= NERR_Success
;
2816 if (!W_ERROR_IS_OK(werr
))
2817 errcode
= W_ERROR_V(werr
);
2820 SSVAL(*rparam
,0,errcode
);
2821 SSVAL(*rparam
,2,0); /* converter word */
2826 /****************************************************************************
2827 Purge a print queue - or pause or resume it.
2828 ****************************************************************************/
2830 static bool api_WPrintQueueCtrl(connection_struct
*conn
,uint16 vuid
,
2831 char *param
, int tpscnt
,
2832 char *data
, int tdscnt
,
2833 int mdrcnt
,int mprcnt
,
2834 char **rdata
,char **rparam
,
2835 int *rdata_len
,int *rparam_len
)
2837 int function
= get_safe_SVAL(param
,tpscnt
,param
,0,0);
2838 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
2839 char *str2
= skip_string(param
,tpscnt
,str1
);
2840 char *QueueName
= skip_string(param
,tpscnt
,str2
);
2841 int errcode
= NERR_notsupported
;
2843 WERROR werr
= WERR_OK
;
2845 if (!str1
|| !str2
|| !QueueName
) {
2849 /* check it's a supported varient */
2850 if (!(strcsequal(str1
,"z") && strcsequal(str2
,"")))
2854 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
2860 if (skip_string(param
,tpscnt
,QueueName
) == NULL
) {
2863 snum
= print_queue_snum(QueueName
);
2866 errcode
= NERR_JobNotFound
;
2871 case 74: /* Pause queue */
2872 werr
= print_queue_pause(conn
->server_info
, snum
);
2874 case 75: /* Resume queue */
2875 werr
= print_queue_resume(conn
->server_info
, snum
);
2877 case 103: /* Purge */
2878 werr
= print_queue_purge(conn
->server_info
, snum
);
2881 werr
= WERR_NOT_SUPPORTED
;
2885 errcode
= W_ERROR_V(werr
);
2888 SSVAL(*rparam
,0,errcode
);
2889 SSVAL(*rparam
,2,0); /* converter word */
2894 /****************************************************************************
2895 set the property of a print job (undocumented?)
2896 ? function = 0xb -> set name of print job
2897 ? function = 0x6 -> move print job up/down
2898 Form: <WWsTP> <WWzWWDDzzzzzzzzzzlz>
2899 or <WWsTP> <WB21BB16B10zWWzDDz>
2900 ****************************************************************************/
2902 static int check_printjob_info(struct pack_desc
* desc
,
2903 int uLevel
, char* id
)
2905 desc
->subformat
= NULL
;
2907 case 0: desc
->format
= "W"; break;
2908 case 1: desc
->format
= "WB21BB16B10zWWzDDz"; break;
2909 case 2: desc
->format
= "WWzWWDDzz"; break;
2910 case 3: desc
->format
= "WWzWWDDzzzzzzzzzzlz"; break;
2911 case 4: desc
->format
= "WWzWWDDzzzzzDDDDDDD"; break;
2913 DEBUG(0,("check_printjob_info: invalid level %d\n",
2917 if (id
== NULL
|| strcmp(desc
->format
,id
) != 0) {
2918 DEBUG(0,("check_printjob_info: invalid format %s\n",
2919 id
? id
: "<NULL>" ));
2925 static bool api_PrintJobInfo(connection_struct
*conn
, uint16 vuid
,
2926 char *param
, int tpscnt
,
2927 char *data
, int tdscnt
,
2928 int mdrcnt
,int mprcnt
,
2929 char **rdata
,char **rparam
,
2930 int *rdata_len
,int *rparam_len
)
2932 struct pack_desc desc
;
2933 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
2934 char *str2
= skip_string(param
,tpscnt
,str1
);
2935 char *p
= skip_string(param
,tpscnt
,str2
);
2938 int uLevel
= get_safe_SVAL(param
,tpscnt
,p
,2,-1);
2939 int function
= get_safe_SVAL(param
,tpscnt
,p
,4,-1);
2942 if (!str1
|| !str2
|| !p
) {
2946 * We use 1 here not 2 as we're checking
2947 * the last byte we want to access is safe.
2949 if (!is_offset_safe(param
,tpscnt
,p
,1)) {
2952 if(!rap_to_pjobid(SVAL(p
,0), sharename
, &jobid
))
2955 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
2960 if (!share_defined(sharename
)) {
2961 DEBUG(0,("api_PrintJobInfo: sharen [%s] not defined\n",
2968 /* check it's a supported varient */
2969 if ((strcmp(str1
,"WWsTP")) ||
2970 (!check_printjob_info(&desc
,uLevel
,str2
)))
2973 if (!print_job_exists(sharename
, jobid
)) {
2974 errcode
=NERR_JobNotFound
;
2978 errcode
= NERR_notsupported
;
2982 /* change job place in the queue,
2983 data gives the new place */
2984 place
= SVAL(data
,0);
2985 if (print_job_set_place(sharename
, jobid
, place
)) {
2986 errcode
=NERR_Success
;
2991 /* change print job name, data gives the name */
2992 if (print_job_set_name(sharename
, jobid
, data
)) {
2993 errcode
=NERR_Success
;
3002 SSVALS(*rparam
,0,errcode
);
3003 SSVAL(*rparam
,2,0); /* converter word */
3009 /****************************************************************************
3010 Get info about the server.
3011 ****************************************************************************/
3013 static bool api_RNetServerGetInfo(connection_struct
*conn
,uint16 vuid
,
3014 char *param
, int tpscnt
,
3015 char *data
, int tdscnt
,
3016 int mdrcnt
,int mprcnt
,
3017 char **rdata
,char **rparam
,
3018 int *rdata_len
,int *rparam_len
)
3020 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
3021 char *str2
= skip_string(param
,tpscnt
,str1
);
3022 char *p
= skip_string(param
,tpscnt
,str2
);
3023 int uLevel
= get_safe_SVAL(param
,tpscnt
,p
,0,-1);
3027 if (!str1
|| !str2
|| !p
) {
3031 DEBUG(4,("NetServerGetInfo level %d\n",uLevel
));
3033 /* check it's a supported varient */
3034 if (!prefix_ok(str1
,"WrLh")) {
3040 if (strcmp(str2
,"B16") != 0) {
3046 if (strcmp(str2
,"B16BBDz") != 0) {
3052 if (strcmp(str2
,"B16BBDzDDDWWzWWWWWWWBB21zWWWWWWWWWWWWWWWWWWWWWWz")!= 0) {
3058 if (strcmp(str2
,"B16BBDzDDDWWzWWWWWWWBB21zWWWWWWWWWWWWWWWWWWWWWWzDWz") != 0) {
3064 if (strcmp(str2
,"DN") != 0) {
3070 if (strcmp(str2
,"B16BBDzWWzzz") != 0) {
3079 *rdata_len
= mdrcnt
;
3080 *rdata
= smb_realloc_limit(*rdata
,*rdata_len
);
3086 p2
= p
+ struct_len
;
3088 srvstr_push(NULL
, 0, p
,global_myname(),16,
3089 STR_ASCII
|STR_UPPER
|STR_TERMINATE
);
3093 struct srv_info_struct
*servers
=NULL
;
3095 char *comment
= NULL
;
3096 TALLOC_CTX
*ctx
= talloc_tos();
3097 uint32 servertype
= lp_default_server_announce();
3099 comment
= talloc_strdup(ctx
,lp_serverstring());
3104 if ((count
=get_server_info(SV_TYPE_ALL
,&servers
,lp_workgroup()))>0) {
3105 for (i
=0;i
<count
;i
++) {
3106 if (strequal(servers
[i
].name
,global_myname())) {
3107 servertype
= servers
[i
].type
;
3108 TALLOC_FREE(comment
);
3109 comment
= talloc_strdup(ctx
,
3110 servers
[i
].comment
);
3120 SCVAL(p
,0,lp_major_announce_version());
3121 SCVAL(p
,1,lp_minor_announce_version());
3122 SIVAL(p
,2,servertype
);
3124 if (mdrcnt
== struct_len
) {
3127 SIVAL(p
,6,PTR_DIFF(p2
,*rdata
));
3128 comment
= talloc_sub_advanced(
3130 lp_servicename(SNUM(conn
)),
3131 conn
->server_info
->unix_name
,
3133 conn
->server_info
->utok
.gid
,
3134 conn
->server_info
->sanitized_username
,
3135 pdb_get_domain(conn
->server_info
->sam_account
),
3140 if (mdrcnt
- struct_len
<= 0) {
3145 MIN(mdrcnt
- struct_len
,
3146 MAX_SERVER_STRING_LENGTH
),
3148 p2
= skip_string(*rdata
,*rdata_len
,p2
);
3156 return False
; /* not yet implemented */
3159 *rdata_len
= PTR_DIFF(p2
,*rdata
);
3162 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
3166 SSVAL(*rparam
,0,NERR_Success
);
3167 SSVAL(*rparam
,2,0); /* converter word */
3168 SSVAL(*rparam
,4,*rdata_len
);
3173 /****************************************************************************
3174 Get info about the server.
3175 ****************************************************************************/
3177 static bool api_NetWkstaGetInfo(connection_struct
*conn
,uint16 vuid
,
3178 char *param
, int tpscnt
,
3179 char *data
, int tdscnt
,
3180 int mdrcnt
,int mprcnt
,
3181 char **rdata
,char **rparam
,
3182 int *rdata_len
,int *rparam_len
)
3184 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
3185 char *str2
= skip_string(param
,tpscnt
,str1
);
3186 char *p
= skip_string(param
,tpscnt
,str2
);
3189 int level
= get_safe_SVAL(param
,tpscnt
,p
,0,-1);
3191 if (!str1
|| !str2
|| !p
) {
3195 DEBUG(4,("NetWkstaGetInfo level %d\n",level
));
3198 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
3203 /* check it's a supported varient */
3204 if (!(level
==10 && strcsequal(str1
,"WrLh") && strcsequal(str2
,"zzzBBzz"))) {
3208 *rdata_len
= mdrcnt
+ 1024;
3209 *rdata
= smb_realloc_limit(*rdata
,*rdata_len
);
3214 SSVAL(*rparam
,0,NERR_Success
);
3215 SSVAL(*rparam
,2,0); /* converter word */
3218 endp
= *rdata
+ *rdata_len
;
3220 p2
= get_safe_ptr(*rdata
,*rdata_len
,p
,22);
3225 SIVAL(p
,0,PTR_DIFF(p2
,*rdata
)); /* host name */
3226 strlcpy(p2
,get_local_machine_name(),PTR_DIFF(endp
,p2
));
3228 p2
= skip_string(*rdata
,*rdata_len
,p2
);
3234 SIVAL(p
,0,PTR_DIFF(p2
,*rdata
));
3235 strlcpy(p2
,conn
->server_info
->sanitized_username
,PTR_DIFF(endp
,p2
));
3236 p2
= skip_string(*rdata
,*rdata_len
,p2
);
3242 SIVAL(p
,0,PTR_DIFF(p2
,*rdata
)); /* login domain */
3243 strlcpy(p2
,lp_workgroup(),PTR_DIFF(endp
,p2
));
3245 p2
= skip_string(*rdata
,*rdata_len
,p2
);
3251 SCVAL(p
,0,lp_major_announce_version()); /* system version - e.g 4 in 4.1 */
3252 SCVAL(p
,1,lp_minor_announce_version()); /* system version - e.g .1 in 4.1 */
3255 SIVAL(p
,0,PTR_DIFF(p2
,*rdata
));
3256 strlcpy(p2
,lp_workgroup(),PTR_DIFF(endp
,p2
)); /* don't know. login domain?? */
3257 p2
= skip_string(*rdata
,*rdata_len
,p2
);
3263 SIVAL(p
,0,PTR_DIFF(p2
,*rdata
)); /* don't know */
3264 strlcpy(p2
,"",PTR_DIFF(endp
,p2
));
3265 p2
= skip_string(*rdata
,*rdata_len
,p2
);
3271 *rdata_len
= PTR_DIFF(p2
,*rdata
);
3273 SSVAL(*rparam
,4,*rdata_len
);
3278 /****************************************************************************
3279 get info about a user
3281 struct user_info_11 {
3282 char usri11_name[21]; 0-20
3284 char *usri11_comment; 22-25
3285 char *usri11_usr_comment; 26-29
3286 unsigned short usri11_priv; 30-31
3287 unsigned long usri11_auth_flags; 32-35
3288 long usri11_password_age; 36-39
3289 char *usri11_homedir; 40-43
3290 char *usri11_parms; 44-47
3291 long usri11_last_logon; 48-51
3292 long usri11_last_logoff; 52-55
3293 unsigned short usri11_bad_pw_count; 56-57
3294 unsigned short usri11_num_logons; 58-59
3295 char *usri11_logon_server; 60-63
3296 unsigned short usri11_country_code; 64-65
3297 char *usri11_workstations; 66-69
3298 unsigned long usri11_max_storage; 70-73
3299 unsigned short usri11_units_per_week; 74-75
3300 unsigned char *usri11_logon_hours; 76-79
3301 unsigned short usri11_code_page; 80-81
3306 usri11_name specifies the user name for which information is retrieved
3308 usri11_pad aligns the next data structure element to a word boundary
3310 usri11_comment is a null terminated ASCII comment
3312 usri11_user_comment is a null terminated ASCII comment about the user
3314 usri11_priv specifies the level of the privilege assigned to the user.
3315 The possible values are:
3317 Name Value Description
3318 USER_PRIV_GUEST 0 Guest privilege
3319 USER_PRIV_USER 1 User privilege
3320 USER_PRV_ADMIN 2 Administrator privilege
3322 usri11_auth_flags specifies the account operator privileges. The
3323 possible values are:
3325 Name Value Description
3326 AF_OP_PRINT 0 Print operator
3329 Leach, Naik [Page 28]
3333 INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997
3336 AF_OP_COMM 1 Communications operator
3337 AF_OP_SERVER 2 Server operator
3338 AF_OP_ACCOUNTS 3 Accounts operator
3341 usri11_password_age specifies how many seconds have elapsed since the
3342 password was last changed.
3344 usri11_home_dir points to a null terminated ASCII string that contains
3345 the path name of the user's home directory.
3347 usri11_parms points to a null terminated ASCII string that is set
3348 aside for use by applications.
3350 usri11_last_logon specifies the time when the user last logged on.
3351 This value is stored as the number of seconds elapsed since
3352 00:00:00, January 1, 1970.
3354 usri11_last_logoff specifies the time when the user last logged off.
3355 This value is stored as the number of seconds elapsed since
3356 00:00:00, January 1, 1970. A value of 0 means the last logoff
3359 usri11_bad_pw_count specifies the number of incorrect passwords
3360 entered since the last successful logon.
3362 usri11_log1_num_logons specifies the number of times this user has
3363 logged on. A value of -1 means the number of logons is unknown.
3365 usri11_logon_server points to a null terminated ASCII string that
3366 contains the name of the server to which logon requests are sent.
3367 A null string indicates logon requests should be sent to the
3370 usri11_country_code specifies the country code for the user's language
3373 usri11_workstations points to a null terminated ASCII string that
3374 contains the names of workstations the user may log on from.
3375 There may be up to 8 workstations, with the names separated by
3376 commas. A null strings indicates there are no restrictions.
3378 usri11_max_storage specifies the maximum amount of disk space the user
3379 can occupy. A value of 0xffffffff indicates there are no
3382 usri11_units_per_week specifies the equal number of time units into
3383 which a week is divided. This value must be equal to 168.
3385 usri11_logon_hours points to a 21 byte (168 bits) string that
3386 specifies the time during which the user can log on. Each bit
3387 represents one unique hour in a week. The first bit (bit 0, word
3388 0) is Sunday, 0:00 to 0:59, the second bit (bit 1, word 0) is
3392 Leach, Naik [Page 29]
3396 INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997
3399 Sunday, 1:00 to 1:59 and so on. A null pointer indicates there
3400 are no restrictions.
3402 usri11_code_page specifies the code page for the user's language of
3405 All of the pointers in this data structure need to be treated
3406 specially. The pointer is a 32 bit pointer. The higher 16 bits need
3407 to be ignored. The converter word returned in the parameters section
3408 needs to be subtracted from the lower 16 bits to calculate an offset
3409 into the return buffer where this ASCII string resides.
3411 There is no auxiliary data in the response.
3413 ****************************************************************************/
3415 #define usri11_name 0
3416 #define usri11_pad 21
3417 #define usri11_comment 22
3418 #define usri11_usr_comment 26
3419 #define usri11_full_name 30
3420 #define usri11_priv 34
3421 #define usri11_auth_flags 36
3422 #define usri11_password_age 40
3423 #define usri11_homedir 44
3424 #define usri11_parms 48
3425 #define usri11_last_logon 52
3426 #define usri11_last_logoff 56
3427 #define usri11_bad_pw_count 60
3428 #define usri11_num_logons 62
3429 #define usri11_logon_server 64
3430 #define usri11_country_code 68
3431 #define usri11_workstations 70
3432 #define usri11_max_storage 74
3433 #define usri11_units_per_week 78
3434 #define usri11_logon_hours 80
3435 #define usri11_code_page 84
3436 #define usri11_end 86
3438 #define USER_PRIV_GUEST 0
3439 #define USER_PRIV_USER 1
3440 #define USER_PRIV_ADMIN 2
3442 #define AF_OP_PRINT 0
3443 #define AF_OP_COMM 1
3444 #define AF_OP_SERVER 2
3445 #define AF_OP_ACCOUNTS 3
3448 static bool api_RNetUserGetInfo(connection_struct
*conn
, uint16 vuid
,
3449 char *param
, int tpscnt
,
3450 char *data
, int tdscnt
,
3451 int mdrcnt
,int mprcnt
,
3452 char **rdata
,char **rparam
,
3453 int *rdata_len
,int *rparam_len
)
3455 struct smbd_server_connection
*sconn
= smbd_server_conn
;
3456 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
3457 char *str2
= skip_string(param
,tpscnt
,str1
);
3458 char *UserName
= skip_string(param
,tpscnt
,str2
);
3459 char *p
= skip_string(param
,tpscnt
,UserName
);
3460 int uLevel
= get_safe_SVAL(param
,tpscnt
,p
,0,-1);
3463 const char *level_string
;
3465 /* get NIS home of a previously validated user - simeon */
3466 /* With share level security vuid will always be zero.
3467 Don't depend on vuser being non-null !!. JRA */
3468 user_struct
*vuser
= get_valid_user_struct(sconn
, vuid
);
3470 DEBUG(3,(" Username of UID %d is %s\n",
3471 (int)vuser
->server_info
->utok
.uid
,
3472 vuser
->server_info
->unix_name
));
3475 if (!str1
|| !str2
|| !UserName
|| !p
) {
3480 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
3485 DEBUG(4,("RNetUserGetInfo level=%d\n", uLevel
));
3487 /* check it's a supported variant */
3488 if (strcmp(str1
,"zWrLh") != 0) {
3492 case 0: level_string
= "B21"; break;
3493 case 1: level_string
= "B21BB16DWzzWz"; break;
3494 case 2: level_string
= "B21BB16DWzzWzDzzzzDDDDWb21WWzWW"; break;
3495 case 10: level_string
= "B21Bzzz"; break;
3496 case 11: level_string
= "B21BzzzWDDzzDDWWzWzDWb21W"; break;
3497 default: return False
;
3500 if (strcmp(level_string
,str2
) != 0) {
3504 *rdata_len
= mdrcnt
+ 1024;
3505 *rdata
= smb_realloc_limit(*rdata
,*rdata_len
);
3510 SSVAL(*rparam
,0,NERR_Success
);
3511 SSVAL(*rparam
,2,0); /* converter word */
3514 endp
= *rdata
+ *rdata_len
;
3515 p2
= get_safe_ptr(*rdata
,*rdata_len
,p
,usri11_end
);
3521 fstrcpy(p
+usri11_name
,UserName
); /* 21 bytes - user name */
3524 SCVAL(p
,usri11_pad
,0); /* padding - 1 byte */
3529 SIVAL(p
,usri11_comment
,PTR_DIFF(p2
,p
)); /* comment */
3530 strlcpy(p2
,"Comment",PTR_DIFF(endp
,p2
));
3531 p2
= skip_string(*rdata
,*rdata_len
,p2
);
3536 SIVAL(p
,usri11_usr_comment
,PTR_DIFF(p2
,p
)); /* user_comment */
3537 strlcpy(p2
,"UserComment",PTR_DIFF(endp
,p2
));
3538 p2
= skip_string(*rdata
,*rdata_len
,p2
);
3543 /* EEK! the cifsrap.txt doesn't have this in!!!! */
3544 SIVAL(p
,usri11_full_name
,PTR_DIFF(p2
,p
)); /* full name */
3545 strlcpy(p2
,((vuser
!= NULL
)
3546 ? pdb_get_fullname(vuser
->server_info
->sam_account
)
3547 : UserName
),PTR_DIFF(endp
,p2
));
3548 p2
= skip_string(*rdata
,*rdata_len
,p2
);
3555 const char *homedir
= "";
3556 if (vuser
!= NULL
) {
3557 homedir
= pdb_get_homedir(
3558 vuser
->server_info
->sam_account
);
3560 /* modelled after NTAS 3.51 reply */
3561 SSVAL(p
,usri11_priv
,conn
->admin_user
?USER_PRIV_ADMIN
:USER_PRIV_USER
);
3562 SIVAL(p
,usri11_auth_flags
,AF_OP_PRINT
); /* auth flags */
3563 SIVALS(p
,usri11_password_age
,-1); /* password age */
3564 SIVAL(p
,usri11_homedir
,PTR_DIFF(p2
,p
)); /* home dir */
3565 strlcpy(p2
, homedir
, PTR_DIFF(endp
,p2
));
3566 p2
= skip_string(*rdata
,*rdata_len
,p2
);
3570 SIVAL(p
,usri11_parms
,PTR_DIFF(p2
,p
)); /* parms */
3571 strlcpy(p2
,"",PTR_DIFF(endp
,p2
));
3572 p2
= skip_string(*rdata
,*rdata_len
,p2
);
3576 SIVAL(p
,usri11_last_logon
,0); /* last logon */
3577 SIVAL(p
,usri11_last_logoff
,0); /* last logoff */
3578 SSVALS(p
,usri11_bad_pw_count
,-1); /* bad pw counts */
3579 SSVALS(p
,usri11_num_logons
,-1); /* num logons */
3580 SIVAL(p
,usri11_logon_server
,PTR_DIFF(p2
,p
)); /* logon server */
3581 strlcpy(p2
,"\\\\*",PTR_DIFF(endp
,p2
));
3582 p2
= skip_string(*rdata
,*rdata_len
,p2
);
3586 SSVAL(p
,usri11_country_code
,0); /* country code */
3588 SIVAL(p
,usri11_workstations
,PTR_DIFF(p2
,p
)); /* workstations */
3589 strlcpy(p2
,"",PTR_DIFF(endp
,p2
));
3590 p2
= skip_string(*rdata
,*rdata_len
,p2
);
3595 SIVALS(p
,usri11_max_storage
,-1); /* max storage */
3596 SSVAL(p
,usri11_units_per_week
,168); /* units per week */
3597 SIVAL(p
,usri11_logon_hours
,PTR_DIFF(p2
,p
)); /* logon hours */
3599 /* a simple way to get logon hours at all times. */
3601 SCVAL(p2
,21,0); /* fix zero termination */
3602 p2
= skip_string(*rdata
,*rdata_len
,p2
);
3607 SSVAL(p
,usri11_code_page
,0); /* code page */
3610 if (uLevel
== 1 || uLevel
== 2) {
3611 memset(p
+22,' ',16); /* password */
3612 SIVALS(p
,38,-1); /* password age */
3614 conn
->admin_user
?USER_PRIV_ADMIN
:USER_PRIV_USER
);
3615 SIVAL(p
,44,PTR_DIFF(p2
,*rdata
)); /* home dir */
3616 strlcpy(p2
, vuser
? pdb_get_homedir(
3617 vuser
->server_info
->sam_account
) : "",
3619 p2
= skip_string(*rdata
,*rdata_len
,p2
);
3623 SIVAL(p
,48,PTR_DIFF(p2
,*rdata
)); /* comment */
3625 SSVAL(p
,52,0); /* flags */
3626 SIVAL(p
,54,PTR_DIFF(p2
,*rdata
)); /* script_path */
3627 strlcpy(p2
, vuser
? pdb_get_logon_script(
3628 vuser
->server_info
->sam_account
) : "",
3630 p2
= skip_string(*rdata
,*rdata_len
,p2
);
3635 SIVAL(p
,60,0); /* auth_flags */
3636 SIVAL(p
,64,PTR_DIFF(p2
,*rdata
)); /* full_name */
3637 strlcpy(p2
,((vuser
!= NULL
)
3638 ? pdb_get_fullname(vuser
->server_info
->sam_account
)
3639 : UserName
),PTR_DIFF(endp
,p2
));
3640 p2
= skip_string(*rdata
,*rdata_len
,p2
);
3644 SIVAL(p
,68,0); /* urs_comment */
3645 SIVAL(p
,72,PTR_DIFF(p2
,*rdata
)); /* parms */
3646 strlcpy(p2
,"",PTR_DIFF(endp
,p2
));
3647 p2
= skip_string(*rdata
,*rdata_len
,p2
);
3651 SIVAL(p
,76,0); /* workstations */
3652 SIVAL(p
,80,0); /* last_logon */
3653 SIVAL(p
,84,0); /* last_logoff */
3654 SIVALS(p
,88,-1); /* acct_expires */
3655 SIVALS(p
,92,-1); /* max_storage */
3656 SSVAL(p
,96,168); /* units_per_week */
3657 SIVAL(p
,98,PTR_DIFF(p2
,*rdata
)); /* logon_hours */
3660 SSVALS(p
,102,-1); /* bad_pw_count */
3661 SSVALS(p
,104,-1); /* num_logons */
3662 SIVAL(p
,106,PTR_DIFF(p2
,*rdata
)); /* logon_server */
3664 TALLOC_CTX
*ctx
= talloc_tos();
3665 int space_rem
= *rdata_len
- (p2
- *rdata
);
3668 if (space_rem
<= 0) {
3671 tmp
= talloc_strdup(ctx
, "\\\\%L");
3675 tmp
= talloc_sub_basic(ctx
,
3688 p2
= skip_string(*rdata
,*rdata_len
,p2
);
3692 SSVAL(p
,110,49); /* country_code */
3693 SSVAL(p
,112,860); /* code page */
3697 *rdata_len
= PTR_DIFF(p2
,*rdata
);
3699 SSVAL(*rparam
,4,*rdata_len
); /* is this right?? */
3704 static bool api_WWkstaUserLogon(connection_struct
*conn
,uint16 vuid
,
3705 char *param
, int tpscnt
,
3706 char *data
, int tdscnt
,
3707 int mdrcnt
,int mprcnt
,
3708 char **rdata
,char **rparam
,
3709 int *rdata_len
,int *rparam_len
)
3711 struct smbd_server_connection
*sconn
= smbd_server_conn
;
3712 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
3713 char *str2
= skip_string(param
,tpscnt
,str1
);
3714 char *p
= skip_string(param
,tpscnt
,str2
);
3716 struct pack_desc desc
;
3718 /* With share level security vuid will always be zero.
3719 Don't depend on vuser being non-null !!. JRA */
3720 user_struct
*vuser
= get_valid_user_struct(sconn
, vuid
);
3722 if (!str1
|| !str2
|| !p
) {
3727 DEBUG(3,(" Username of UID %d is %s\n",
3728 (int)vuser
->server_info
->utok
.uid
,
3729 vuser
->server_info
->unix_name
));
3732 uLevel
= get_safe_SVAL(param
,tpscnt
,p
,0,-1);
3733 name
= get_safe_str_ptr(param
,tpscnt
,p
,2);
3738 memset((char *)&desc
,'\0',sizeof(desc
));
3740 DEBUG(3,("WWkstaUserLogon uLevel=%d name=%s\n",uLevel
,name
));
3742 /* check it's a supported varient */
3743 if (strcmp(str1
,"OOWb54WrLh") != 0) {
3746 if (uLevel
!= 1 || strcmp(str2
,"WB21BWDWWDDDDDDDzzzD") != 0) {
3750 *rdata
= smb_realloc_limit(*rdata
,mdrcnt
);
3757 desc
.buflen
= mdrcnt
;
3758 desc
.subformat
= NULL
;
3761 if (init_package(&desc
,1,0)) {
3762 PACKI(&desc
,"W",0); /* code */
3763 PACKS(&desc
,"B21",name
); /* eff. name */
3764 PACKS(&desc
,"B",""); /* pad */
3765 PACKI(&desc
,"W", conn
->admin_user
?USER_PRIV_ADMIN
:USER_PRIV_USER
);
3766 PACKI(&desc
,"D",0); /* auth flags XXX */
3767 PACKI(&desc
,"W",0); /* num logons */
3768 PACKI(&desc
,"W",0); /* bad pw count */
3769 PACKI(&desc
,"D",0); /* last logon */
3770 PACKI(&desc
,"D",-1); /* last logoff */
3771 PACKI(&desc
,"D",-1); /* logoff time */
3772 PACKI(&desc
,"D",-1); /* kickoff time */
3773 PACKI(&desc
,"D",0); /* password age */
3774 PACKI(&desc
,"D",0); /* password can change */
3775 PACKI(&desc
,"D",-1); /* password must change */
3779 fstrcpy(mypath
,"\\\\");
3780 fstrcat(mypath
,get_local_machine_name());
3782 PACKS(&desc
,"z",mypath
); /* computer */
3785 PACKS(&desc
,"z",lp_workgroup());/* domain */
3786 PACKS(&desc
,"z", vuser
? pdb_get_logon_script(
3787 vuser
->server_info
->sam_account
) : ""); /* script path */
3788 PACKI(&desc
,"D",0x00000000); /* reserved */
3791 *rdata_len
= desc
.usedlen
;
3793 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
3797 SSVALS(*rparam
,0,desc
.errcode
);
3799 SSVAL(*rparam
,4,desc
.neededlen
);
3801 DEBUG(4,("WWkstaUserLogon: errorcode %d\n",desc
.errcode
));
3806 /****************************************************************************
3807 api_WAccessGetUserPerms
3808 ****************************************************************************/
3810 static bool api_WAccessGetUserPerms(connection_struct
*conn
,uint16 vuid
,
3811 char *param
, int tpscnt
,
3812 char *data
, int tdscnt
,
3813 int mdrcnt
,int mprcnt
,
3814 char **rdata
,char **rparam
,
3815 int *rdata_len
,int *rparam_len
)
3817 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
3818 char *str2
= skip_string(param
,tpscnt
,str1
);
3819 char *user
= skip_string(param
,tpscnt
,str2
);
3820 char *resource
= skip_string(param
,tpscnt
,user
);
3822 if (!str1
|| !str2
|| !user
|| !resource
) {
3826 if (skip_string(param
,tpscnt
,resource
) == NULL
) {
3829 DEBUG(3,("WAccessGetUserPerms user=%s resource=%s\n",user
,resource
));
3831 /* check it's a supported varient */
3832 if (strcmp(str1
,"zzh") != 0) {
3835 if (strcmp(str2
,"") != 0) {
3840 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
3844 SSVALS(*rparam
,0,0); /* errorcode */
3845 SSVAL(*rparam
,2,0); /* converter word */
3846 SSVAL(*rparam
,4,0x7f); /* permission flags */
3851 /****************************************************************************
3852 api_WPrintJobEnumerate
3853 ****************************************************************************/
3855 static bool api_WPrintJobGetInfo(connection_struct
*conn
, uint16 vuid
,
3856 char *param
, int tpscnt
,
3857 char *data
, int tdscnt
,
3858 int mdrcnt
,int mprcnt
,
3859 char **rdata
,char **rparam
,
3860 int *rdata_len
,int *rparam_len
)
3862 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
3863 char *str2
= skip_string(param
,tpscnt
,str1
);
3864 char *p
= skip_string(param
,tpscnt
,str2
);
3871 struct pack_desc desc
;
3872 print_queue_struct
*queue
=NULL
;
3873 print_status_struct status
;
3876 if (!str1
|| !str2
|| !p
) {
3880 uLevel
= get_safe_SVAL(param
,tpscnt
,p
,2,-1);
3882 memset((char *)&desc
,'\0',sizeof(desc
));
3883 memset((char *)&status
,'\0',sizeof(status
));
3885 DEBUG(3,("WPrintJobGetInfo uLevel=%d uJobId=0x%X\n",uLevel
,SVAL(p
,0)));
3887 /* check it's a supported varient */
3888 if (strcmp(str1
,"WWrLh") != 0) {
3891 if (!check_printjob_info(&desc
,uLevel
,str2
)) {
3895 if(!rap_to_pjobid(SVAL(p
,0), sharename
, &jobid
)) {
3899 snum
= lp_servicenumber( sharename
);
3900 if (snum
< 0 || !VALID_SNUM(snum
)) {
3904 count
= print_queue_status(snum
,&queue
,&status
);
3905 for (i
= 0; i
< count
; i
++) {
3906 if (queue
[i
].job
== jobid
) {
3912 *rdata
= smb_realloc_limit(*rdata
,mdrcnt
);
3917 desc
.buflen
= mdrcnt
;
3920 * Don't return data but need to get correct length
3921 * init_package will return wrong size if buflen=0
3923 desc
.buflen
= getlen(desc
.format
);
3924 desc
.base
= tmpdata
= (char *)SMB_MALLOC( desc
.buflen
);
3927 if (init_package(&desc
,1,0)) {
3929 fill_printjob_info(conn
,snum
,uLevel
,&desc
,&queue
[i
],i
);
3930 *rdata_len
= desc
.usedlen
;
3932 desc
.errcode
= NERR_JobNotFound
;
3938 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
3942 SSVALS(*rparam
,0,desc
.errcode
);
3944 SSVAL(*rparam
,4,desc
.neededlen
);
3949 DEBUG(4,("WPrintJobGetInfo: errorcode %d\n",desc
.errcode
));
3954 static bool api_WPrintJobEnumerate(connection_struct
*conn
, uint16 vuid
,
3955 char *param
, int tpscnt
,
3956 char *data
, int tdscnt
,
3957 int mdrcnt
,int mprcnt
,
3958 char **rdata
,char **rparam
,
3959 int *rdata_len
,int *rparam_len
)
3961 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
3962 char *str2
= skip_string(param
,tpscnt
,str1
);
3963 char *p
= skip_string(param
,tpscnt
,str2
);
3969 struct pack_desc desc
;
3970 print_queue_struct
*queue
=NULL
;
3971 print_status_struct status
;
3973 if (!str1
|| !str2
|| !p
) {
3977 memset((char *)&desc
,'\0',sizeof(desc
));
3978 memset((char *)&status
,'\0',sizeof(status
));
3980 p
= skip_string(param
,tpscnt
,p
);
3984 uLevel
= get_safe_SVAL(param
,tpscnt
,p
,0,-1);
3986 DEBUG(3,("WPrintJobEnumerate uLevel=%d name=%s\n",uLevel
,name
));
3988 /* check it's a supported variant */
3989 if (strcmp(str1
,"zWrLeh") != 0) {
3994 return False
; /* defined only for uLevel 0,1,2 */
3997 if (!check_printjob_info(&desc
,uLevel
,str2
)) {
4001 snum
= find_service(name
);
4002 if ( !(lp_snum_ok(snum
) && lp_print_ok(snum
)) ) {
4006 count
= print_queue_status(snum
,&queue
,&status
);
4008 *rdata
= smb_realloc_limit(*rdata
,mdrcnt
);
4014 desc
.buflen
= mdrcnt
;
4016 if (init_package(&desc
,count
,0)) {
4018 for (i
= 0; i
< count
; i
++) {
4019 fill_printjob_info(conn
,snum
,uLevel
,&desc
,&queue
[i
],i
);
4020 if (desc
.errcode
== NERR_Success
) {
4026 *rdata_len
= desc
.usedlen
;
4029 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
4033 SSVALS(*rparam
,0,desc
.errcode
);
4035 SSVAL(*rparam
,4,succnt
);
4036 SSVAL(*rparam
,6,count
);
4040 DEBUG(4,("WPrintJobEnumerate: errorcode %d\n",desc
.errcode
));
4045 static int check_printdest_info(struct pack_desc
* desc
,
4046 int uLevel
, char* id
)
4048 desc
->subformat
= NULL
;
4051 desc
->format
= "B9";
4054 desc
->format
= "B9B21WWzW";
4060 desc
->format
= "zzzWWzzzWW";
4063 DEBUG(0,("check_printdest_info: invalid level %d\n",
4067 if (id
== NULL
|| strcmp(desc
->format
,id
) != 0) {
4068 DEBUG(0,("check_printdest_info: invalid string %s\n",
4069 id
? id
: "<NULL>" ));
4075 static void fill_printdest_info(connection_struct
*conn
, int snum
, int uLevel
,
4076 struct pack_desc
* desc
)
4080 strncpy(buf
,SERVICE(snum
),sizeof(buf
)-1);
4081 buf
[sizeof(buf
)-1] = 0;
4085 PACKS(desc
,"B9",buf
); /* szName */
4087 PACKS(desc
,"B21",""); /* szUserName */
4088 PACKI(desc
,"W",0); /* uJobId */
4089 PACKI(desc
,"W",0); /* fsStatus */
4090 PACKS(desc
,"z",""); /* pszStatus */
4091 PACKI(desc
,"W",0); /* time */
4095 if (uLevel
== 2 || uLevel
== 3) {
4096 PACKS(desc
,"z",buf
); /* pszPrinterName */
4098 PACKS(desc
,"z",""); /* pszUserName */
4099 PACKS(desc
,"z",""); /* pszLogAddr */
4100 PACKI(desc
,"W",0); /* uJobId */
4101 PACKI(desc
,"W",0); /* fsStatus */
4102 PACKS(desc
,"z",""); /* pszStatus */
4103 PACKS(desc
,"z",""); /* pszComment */
4104 PACKS(desc
,"z","NULL"); /* pszDrivers */
4105 PACKI(desc
,"W",0); /* time */
4106 PACKI(desc
,"W",0); /* pad1 */
4111 static bool api_WPrintDestGetInfo(connection_struct
*conn
, uint16 vuid
,
4112 char *param
, int tpscnt
,
4113 char *data
, int tdscnt
,
4114 int mdrcnt
,int mprcnt
,
4115 char **rdata
,char **rparam
,
4116 int *rdata_len
,int *rparam_len
)
4118 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
4119 char *str2
= skip_string(param
,tpscnt
,str1
);
4120 char *p
= skip_string(param
,tpscnt
,str2
);
4121 char* PrinterName
= p
;
4123 struct pack_desc desc
;
4127 if (!str1
|| !str2
|| !p
) {
4131 memset((char *)&desc
,'\0',sizeof(desc
));
4133 p
= skip_string(param
,tpscnt
,p
);
4137 uLevel
= get_safe_SVAL(param
,tpscnt
,p
,0,-1);
4139 DEBUG(3,("WPrintDestGetInfo uLevel=%d PrinterName=%s\n",uLevel
,PrinterName
));
4141 /* check it's a supported varient */
4142 if (strcmp(str1
,"zWrLh") != 0) {
4145 if (!check_printdest_info(&desc
,uLevel
,str2
)) {
4149 snum
= find_service(PrinterName
);
4150 if ( !(lp_snum_ok(snum
) && lp_print_ok(snum
)) ) {
4152 desc
.errcode
= NERR_DestNotFound
;
4156 *rdata
= smb_realloc_limit(*rdata
,mdrcnt
);
4161 desc
.buflen
= mdrcnt
;
4164 * Don't return data but need to get correct length
4165 * init_package will return wrong size if buflen=0
4167 desc
.buflen
= getlen(desc
.format
);
4168 desc
.base
= tmpdata
= (char *)SMB_MALLOC( desc
.buflen
);
4170 if (init_package(&desc
,1,0)) {
4171 fill_printdest_info(conn
,snum
,uLevel
,&desc
);
4173 *rdata_len
= desc
.usedlen
;
4177 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
4181 SSVALS(*rparam
,0,desc
.errcode
);
4183 SSVAL(*rparam
,4,desc
.neededlen
);
4185 DEBUG(4,("WPrintDestGetInfo: errorcode %d\n",desc
.errcode
));
4191 static bool api_WPrintDestEnum(connection_struct
*conn
, uint16 vuid
,
4192 char *param
, int tpscnt
,
4193 char *data
, int tdscnt
,
4194 int mdrcnt
,int mprcnt
,
4195 char **rdata
,char **rparam
,
4196 int *rdata_len
,int *rparam_len
)
4198 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
4199 char *str2
= skip_string(param
,tpscnt
,str1
);
4200 char *p
= skip_string(param
,tpscnt
,str2
);
4204 struct pack_desc desc
;
4205 int services
= lp_numservices();
4207 if (!str1
|| !str2
|| !p
) {
4211 memset((char *)&desc
,'\0',sizeof(desc
));
4213 uLevel
= get_safe_SVAL(param
,tpscnt
,p
,0,-1);
4215 DEBUG(3,("WPrintDestEnum uLevel=%d\n",uLevel
));
4217 /* check it's a supported varient */
4218 if (strcmp(str1
,"WrLeh") != 0) {
4221 if (!check_printdest_info(&desc
,uLevel
,str2
)) {
4226 for (i
= 0; i
< services
; i
++) {
4227 if (lp_snum_ok(i
) && lp_print_ok(i
) && lp_browseable(i
)) {
4233 *rdata
= smb_realloc_limit(*rdata
,mdrcnt
);
4240 desc
.buflen
= mdrcnt
;
4241 if (init_package(&desc
,queuecnt
,0)) {
4244 for (i
= 0; i
< services
; i
++) {
4245 if (lp_snum_ok(i
) && lp_print_ok(i
) && lp_browseable(i
)) {
4246 fill_printdest_info(conn
,i
,uLevel
,&desc
);
4248 if (desc
.errcode
== NERR_Success
) {
4255 *rdata_len
= desc
.usedlen
;
4258 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
4262 SSVALS(*rparam
,0,desc
.errcode
);
4264 SSVAL(*rparam
,4,succnt
);
4265 SSVAL(*rparam
,6,queuecnt
);
4267 DEBUG(4,("WPrintDestEnumerate: errorcode %d\n",desc
.errcode
));
4272 static bool api_WPrintDriverEnum(connection_struct
*conn
, uint16 vuid
,
4273 char *param
, int tpscnt
,
4274 char *data
, int tdscnt
,
4275 int mdrcnt
,int mprcnt
,
4276 char **rdata
,char **rparam
,
4277 int *rdata_len
,int *rparam_len
)
4279 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
4280 char *str2
= skip_string(param
,tpscnt
,str1
);
4281 char *p
= skip_string(param
,tpscnt
,str2
);
4284 struct pack_desc desc
;
4286 if (!str1
|| !str2
|| !p
) {
4290 memset((char *)&desc
,'\0',sizeof(desc
));
4292 uLevel
= get_safe_SVAL(param
,tpscnt
,p
,0,-1);
4294 DEBUG(3,("WPrintDriverEnum uLevel=%d\n",uLevel
));
4296 /* check it's a supported varient */
4297 if (strcmp(str1
,"WrLeh") != 0) {
4300 if (uLevel
!= 0 || strcmp(str2
,"B41") != 0) {
4305 *rdata
= smb_realloc_limit(*rdata
,mdrcnt
);
4311 desc
.buflen
= mdrcnt
;
4312 if (init_package(&desc
,1,0)) {
4313 PACKS(&desc
,"B41","NULL");
4316 succnt
= (desc
.errcode
== NERR_Success
? 1 : 0);
4318 *rdata_len
= desc
.usedlen
;
4321 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
4325 SSVALS(*rparam
,0,desc
.errcode
);
4327 SSVAL(*rparam
,4,succnt
);
4330 DEBUG(4,("WPrintDriverEnum: errorcode %d\n",desc
.errcode
));
4335 static bool api_WPrintQProcEnum(connection_struct
*conn
, uint16 vuid
,
4336 char *param
, int tpscnt
,
4337 char *data
, int tdscnt
,
4338 int mdrcnt
,int mprcnt
,
4339 char **rdata
,char **rparam
,
4340 int *rdata_len
,int *rparam_len
)
4342 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
4343 char *str2
= skip_string(param
,tpscnt
,str1
);
4344 char *p
= skip_string(param
,tpscnt
,str2
);
4347 struct pack_desc desc
;
4349 if (!str1
|| !str2
|| !p
) {
4352 memset((char *)&desc
,'\0',sizeof(desc
));
4354 uLevel
= get_safe_SVAL(param
,tpscnt
,p
,0,-1);
4356 DEBUG(3,("WPrintQProcEnum uLevel=%d\n",uLevel
));
4358 /* check it's a supported varient */
4359 if (strcmp(str1
,"WrLeh") != 0) {
4362 if (uLevel
!= 0 || strcmp(str2
,"B13") != 0) {
4367 *rdata
= smb_realloc_limit(*rdata
,mdrcnt
);
4373 desc
.buflen
= mdrcnt
;
4375 if (init_package(&desc
,1,0)) {
4376 PACKS(&desc
,"B13","lpd");
4379 succnt
= (desc
.errcode
== NERR_Success
? 1 : 0);
4381 *rdata_len
= desc
.usedlen
;
4384 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
4388 SSVALS(*rparam
,0,desc
.errcode
);
4390 SSVAL(*rparam
,4,succnt
);
4393 DEBUG(4,("WPrintQProcEnum: errorcode %d\n",desc
.errcode
));
4398 static bool api_WPrintPortEnum(connection_struct
*conn
, uint16 vuid
,
4399 char *param
, int tpscnt
,
4400 char *data
, int tdscnt
,
4401 int mdrcnt
,int mprcnt
,
4402 char **rdata
,char **rparam
,
4403 int *rdata_len
,int *rparam_len
)
4405 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
4406 char *str2
= skip_string(param
,tpscnt
,str1
);
4407 char *p
= skip_string(param
,tpscnt
,str2
);
4410 struct pack_desc desc
;
4412 if (!str1
|| !str2
|| !p
) {
4416 memset((char *)&desc
,'\0',sizeof(desc
));
4418 uLevel
= get_safe_SVAL(param
,tpscnt
,p
,0,-1);
4420 DEBUG(3,("WPrintPortEnum uLevel=%d\n",uLevel
));
4422 /* check it's a supported varient */
4423 if (strcmp(str1
,"WrLeh") != 0) {
4426 if (uLevel
!= 0 || strcmp(str2
,"B9") != 0) {
4431 *rdata
= smb_realloc_limit(*rdata
,mdrcnt
);
4436 memset((char *)&desc
,'\0',sizeof(desc
));
4438 desc
.buflen
= mdrcnt
;
4440 if (init_package(&desc
,1,0)) {
4441 PACKS(&desc
,"B13","lp0");
4444 succnt
= (desc
.errcode
== NERR_Success
? 1 : 0);
4446 *rdata_len
= desc
.usedlen
;
4449 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
4453 SSVALS(*rparam
,0,desc
.errcode
);
4455 SSVAL(*rparam
,4,succnt
);
4458 DEBUG(4,("WPrintPortEnum: errorcode %d\n",desc
.errcode
));
4463 /****************************************************************************
4465 ****************************************************************************/
4467 static bool api_RNetSessionEnum(connection_struct
*conn
, uint16 vuid
,
4468 char *param
, int tpscnt
,
4469 char *data
, int tdscnt
,
4470 int mdrcnt
,int mprcnt
,
4471 char **rdata
,char **rparam
,
4472 int *rdata_len
,int *rparam_len
)
4475 char *str1
= get_safe_str_ptr(param
,tpscnt
,param
,2);
4476 char *str2
= skip_string(param
,tpscnt
,str1
);
4477 char *p
= skip_string(param
,tpscnt
,str2
);
4479 struct pack_desc desc
;
4480 struct sessionid
*session_list
;
4481 int i
, num_sessions
;
4483 if (!str1
|| !str2
|| !p
) {
4487 memset((char *)&desc
,'\0',sizeof(desc
));
4489 uLevel
= get_safe_SVAL(param
,tpscnt
,p
,0,-1);
4491 DEBUG(3,("RNetSessionEnum uLevel=%d\n",uLevel
));
4492 DEBUG(7,("RNetSessionEnum req string=%s\n",str1
));
4493 DEBUG(7,("RNetSessionEnum ret string=%s\n",str2
));
4495 /* check it's a supported varient */
4496 if (strcmp(str1
,RAP_NetSessionEnum_REQ
) != 0) {
4499 if (uLevel
!= 2 || strcmp(str2
,RAP_SESSION_INFO_L2
) != 0) {
4503 num_sessions
= list_sessions(talloc_tos(), &session_list
);
4506 *rdata
= smb_realloc_limit(*rdata
,mdrcnt
);
4511 memset((char *)&desc
,'\0',sizeof(desc
));
4513 desc
.buflen
= mdrcnt
;
4515 if (!init_package(&desc
,num_sessions
,0)) {
4519 for(i
=0; i
<num_sessions
; i
++) {
4520 PACKS(&desc
, "z", session_list
[i
].remote_machine
);
4521 PACKS(&desc
, "z", session_list
[i
].username
);
4522 PACKI(&desc
, "W", 1); /* num conns */
4523 PACKI(&desc
, "W", 0); /* num opens */
4524 PACKI(&desc
, "W", 1); /* num users */
4525 PACKI(&desc
, "D", 0); /* session time */
4526 PACKI(&desc
, "D", 0); /* idle time */
4527 PACKI(&desc
, "D", 0); /* flags */
4528 PACKS(&desc
, "z", "Unknown Client"); /* client type string */
4531 *rdata_len
= desc
.usedlen
;
4534 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
4538 SSVALS(*rparam
,0,desc
.errcode
);
4539 SSVAL(*rparam
,2,0); /* converter */
4540 SSVAL(*rparam
,4,num_sessions
); /* count */
4542 DEBUG(4,("RNetSessionEnum: errorcode %d\n",desc
.errcode
));
4548 /****************************************************************************
4549 The buffer was too small.
4550 ****************************************************************************/
4552 static bool api_TooSmall(connection_struct
*conn
,uint16 vuid
, char *param
, char *data
,
4553 int mdrcnt
, int mprcnt
,
4554 char **rdata
, char **rparam
,
4555 int *rdata_len
, int *rparam_len
)
4557 *rparam_len
= MIN(*rparam_len
,mprcnt
);
4558 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
4565 SSVAL(*rparam
,0,NERR_BufTooSmall
);
4567 DEBUG(3,("Supplied buffer too small in API command\n"));
4572 /****************************************************************************
4573 The request is not supported.
4574 ****************************************************************************/
4576 static bool api_Unsupported(connection_struct
*conn
, uint16 vuid
,
4577 char *param
, int tpscnt
,
4578 char *data
, int tdscnt
,
4579 int mdrcnt
, int mprcnt
,
4580 char **rdata
, char **rparam
,
4581 int *rdata_len
, int *rparam_len
)
4584 *rparam
= smb_realloc_limit(*rparam
,*rparam_len
);
4591 SSVAL(*rparam
,0,NERR_notsupported
);
4592 SSVAL(*rparam
,2,0); /* converter word */
4594 DEBUG(3,("Unsupported API command\n"));
4599 static const struct {
4602 bool (*fn
)(connection_struct
*, uint16
,
4605 int,int,char **,char **,int *,int *);
4606 bool auth_user
; /* Deny anonymous access? */
4607 } api_commands
[] = {
4608 {"RNetShareEnum", RAP_WshareEnum
, api_RNetShareEnum
, True
},
4609 {"RNetShareGetInfo", RAP_WshareGetInfo
, api_RNetShareGetInfo
},
4610 {"RNetShareAdd", RAP_WshareAdd
, api_RNetShareAdd
},
4611 {"RNetSessionEnum", RAP_WsessionEnum
, api_RNetSessionEnum
, True
},
4612 {"RNetServerGetInfo", RAP_WserverGetInfo
, api_RNetServerGetInfo
},
4613 {"RNetGroupEnum", RAP_WGroupEnum
, api_RNetGroupEnum
, True
},
4614 {"RNetGroupGetUsers", RAP_WGroupGetUsers
, api_RNetGroupGetUsers
, True
},
4615 {"RNetUserEnum", RAP_WUserEnum
, api_RNetUserEnum
, True
},
4616 {"RNetUserGetInfo", RAP_WUserGetInfo
, api_RNetUserGetInfo
},
4617 {"NetUserGetGroups", RAP_WUserGetGroups
, api_NetUserGetGroups
},
4618 {"NetWkstaGetInfo", RAP_WWkstaGetInfo
, api_NetWkstaGetInfo
},
4619 {"DosPrintQEnum", RAP_WPrintQEnum
, api_DosPrintQEnum
, True
},
4620 {"DosPrintQGetInfo", RAP_WPrintQGetInfo
, api_DosPrintQGetInfo
},
4621 {"WPrintQueuePause", RAP_WPrintQPause
, api_WPrintQueueCtrl
},
4622 {"WPrintQueueResume", RAP_WPrintQContinue
, api_WPrintQueueCtrl
},
4623 {"WPrintJobEnumerate",RAP_WPrintJobEnum
, api_WPrintJobEnumerate
},
4624 {"WPrintJobGetInfo", RAP_WPrintJobGetInfo
, api_WPrintJobGetInfo
},
4625 {"RDosPrintJobDel", RAP_WPrintJobDel
, api_RDosPrintJobDel
},
4626 {"RDosPrintJobPause", RAP_WPrintJobPause
, api_RDosPrintJobDel
},
4627 {"RDosPrintJobResume",RAP_WPrintJobContinue
, api_RDosPrintJobDel
},
4628 {"WPrintDestEnum", RAP_WPrintDestEnum
, api_WPrintDestEnum
},
4629 {"WPrintDestGetInfo", RAP_WPrintDestGetInfo
, api_WPrintDestGetInfo
},
4630 {"NetRemoteTOD", RAP_NetRemoteTOD
, api_NetRemoteTOD
},
4631 {"WPrintQueuePurge", RAP_WPrintQPurge
, api_WPrintQueueCtrl
},
4632 {"NetServerEnum", RAP_NetServerEnum2
, api_RNetServerEnum
}, /* anon OK */
4633 {"WAccessGetUserPerms",RAP_WAccessGetUserPerms
,api_WAccessGetUserPerms
},
4634 {"SetUserPassword", RAP_WUserPasswordSet2
, api_SetUserPassword
},
4635 {"WWkstaUserLogon", RAP_WWkstaUserLogon
, api_WWkstaUserLogon
},
4636 {"PrintJobInfo", RAP_WPrintJobSetInfo
, api_PrintJobInfo
},
4637 {"WPrintDriverEnum", RAP_WPrintDriverEnum
, api_WPrintDriverEnum
},
4638 {"WPrintQProcEnum", RAP_WPrintQProcessorEnum
,api_WPrintQProcEnum
},
4639 {"WPrintPortEnum", RAP_WPrintPortEnum
, api_WPrintPortEnum
},
4640 {"SamOEMChangePassword",RAP_SamOEMChgPasswordUser2_P
,api_SamOEMChangePassword
}, /* anon OK */
4641 {NULL
, -1, api_Unsupported
}
4642 /* The following RAP calls are not implemented by Samba:
4644 RAP_WFileEnum2 - anon not OK
4649 /****************************************************************************
4650 Handle remote api calls.
4651 ****************************************************************************/
4653 void api_reply(connection_struct
*conn
, uint16 vuid
,
4654 struct smb_request
*req
,
4655 char *data
, char *params
,
4656 int tdscnt
, int tpscnt
,
4657 int mdrcnt
, int mprcnt
)
4659 struct smbd_server_connection
*sconn
= smbd_server_conn
;
4662 char *rparam
= NULL
;
4663 const char *name1
= NULL
;
4664 const char *name2
= NULL
;
4671 DEBUG(0,("ERROR: NULL params in api_reply()\n"));
4672 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4677 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4680 api_command
= SVAL(params
,0);
4681 /* Is there a string at position params+2 ? */
4682 if (skip_string(params
,tpscnt
,params
+2)) {
4687 name2
= skip_string(params
,tpscnt
,params
+2);
4692 DEBUG(3,("Got API command %d of form <%s> <%s> (tdscnt=%d,tpscnt=%d,mdrcnt=%d,mprcnt=%d)\n",
4696 tdscnt
,tpscnt
,mdrcnt
,mprcnt
));
4698 for (i
=0;api_commands
[i
].name
;i
++) {
4699 if (api_commands
[i
].id
== api_command
&& api_commands
[i
].fn
) {
4700 DEBUG(3,("Doing %s\n",api_commands
[i
].name
));
4705 /* Check whether this api call can be done anonymously */
4707 if (api_commands
[i
].auth_user
&& lp_restrict_anonymous()) {
4708 user_struct
*user
= get_valid_user_struct(sconn
, vuid
);
4710 if (!user
|| user
->server_info
->guest
) {
4711 reply_nterror(req
, NT_STATUS_ACCESS_DENIED
);
4716 rdata
= (char *)SMB_MALLOC(1024);
4718 memset(rdata
,'\0',1024);
4721 rparam
= (char *)SMB_MALLOC(1024);
4723 memset(rparam
,'\0',1024);
4726 if(!rdata
|| !rparam
) {
4727 DEBUG(0,("api_reply: malloc fail !\n"));
4730 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
4734 reply
= api_commands
[i
].fn(conn
,
4736 params
,tpscnt
, /* params + length */
4737 data
,tdscnt
, /* data + length */
4739 &rdata
,&rparam
,&rdata_len
,&rparam_len
);
4742 if (rdata_len
> mdrcnt
|| rparam_len
> mprcnt
) {
4743 reply
= api_TooSmall(conn
,vuid
,params
,data
,mdrcnt
,mprcnt
,
4744 &rdata
,&rparam
,&rdata_len
,&rparam_len
);
4747 /* if we get False back then it's actually unsupported */
4749 reply
= api_Unsupported(conn
,vuid
,params
,tpscnt
,data
,tdscnt
,mdrcnt
,mprcnt
,
4750 &rdata
,&rparam
,&rdata_len
,&rparam_len
);
4753 /* If api_Unsupported returns false we can't return anything. */
4755 send_trans_reply(conn
, req
, rparam
, rparam_len
,
4756 rdata
, rdata_len
, False
);