[jcifs] Re: Remote Execution and SVCCTL
michaelm
michaelm at managesoft.com
Thu Sep 16 12:11:55 GMT 2004
Hi Mike,
Thanks for your help.
If you release the new version of idlc, let me know.
cheers,
Michael
On Thu, 2004-09-16 at 01:00, Michael B Allen wrote:
> Michael Melhem said:
> > HI Mike, et al.
> >
> > I have converted the the required methods from svcctl.idl into MIDL format
> > and have ran the idlc compiler to generate svcctl.java. The converted IDL
> > is attacthed to this email. I also wrote a test progam (extending from
> > svcctl.java) which does essentially the following:
> >
> > policy_handle handle = new policy_handle();
> > handle.uuid = new uuid_t();
>
> There are a few pitfalls that are going to need some explaining. I think
> it would be better if I put that effort into some real documentation but I
> can give you some clues now.
>
> DCE/RPC was designed with the C languange in mind. This creates some minor
> problems that need to be considered. Consider the following IDL:
>
> typedef struct {
> uint32_t time_low;
> uint16_t time_mid;
> uint16_t time_hi_and_version;
> uint8_t clock_seq_hi_and_reserved;
> uint8_t clock_seq_low;
> uint8_t node[6];
> } uuid_t;
>
> In C the node member is part of the uuid_t type. But in Java you have to
> explicitly allocate arrays. I think it might be necessary to do:
>
> rpc.uuid_t uuid = new rpc.uuid_t();
> uuid.node = new byte[6];
> ...
>
> Some wrapper classes will be in order for more common structures such as
> UUID.java, SID.java, etc that handles these little issues automatically.
>
>
> > OpenSCManagerW scmanager = new OpenSCManagerW("\\\\" + servername, null,
> > 0x02000000, handle);
> > call(0, scmanager);
> >
> > System.out.println( scmanager.retval + ": rtme_low" + handle.uuid.time_low
> > );
> >
> > The above seems to work fine because i get a value from
> > handle.uuid.time_low
>
> I just picked that field at random though. For all I know a 0 value is
> valid as well. It's a crude test.
>
> >, plus the return val is zero. Ethereal looks good
> > too. The Problem arises when I try and call openServiceW(). Note, for the
> > scmanager argument, I use handle from above (which i know presume is a
> > handle to the remote scmanager). Im guessing the SERVICE_ACCESS argument
> > (at the moment i have it set it to zero, need to find out the real values
> > for these constants from the windows header files?)
>
> Check to see if there's an equivalent Win32 function by searching MSDN:
>
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dllproc/base/openservice.asp
>
> > Here T try to get open the remote windows Telnet service..
> >
> >
> > OpenServiceW service = new OpenServiceW(handle, "Telent", 0);
> > call(0, service);
> >
> > The above causes an unknown Fault Exception returned from remote system.
> > So im not sure what is happening. When I try call(1, service) its seems to
> > get further but stills bombs out.
> >
> > Im not so privy to the internal workings of jaraparc, so im not sure what
> > the first argument of the call() method refers too.????? Usually is just
> > set to 0.
>
> That's the "semantics" flag. It looks like it controls DCE operation
> attributes like "idempotent", "maybe", etc. You would have to look at the
> DCE specification and Jarapac to see how it really alters the behavior of
> a call. I recommend just leaving it 0.
>
> > Another thing, the midl interface for OpenServiceW() is as follows:
> >
> > /*****************/
> > /* Function 0x10 */
> > [op(0x10)]
> > int OpenServiceW([in] policy_handle *scmanager_handle,
> > [in,string,unique] wchat_t *ServiceName,
> > [in] uint32_t access_mask);
> >
> >
> > Note that all the arguments are all [in] arguments, so how am I meant to
> > get a handle to the service from this method???
>
> Hmm, that's a good question. The Samba4 IDL should really only be used as
> a guide. The MSDN documentation for equivalent Win32 functions is just as
> important and if you understand MIDL well it is not uncommon to be able to
> derive the IDL entirely from the Win32 API documentation. The MSDN
> prototype is:
>
> SC_HANDLE OpenService(
> SC_HANDLE hSCManager,
> LPCTSTR lpServiceName,
> DWORD dwDesiredAccess
> );
>
> So perhaps it's:
>
> [op(0x10)]
> policy_handle *OpenServiceW([in] policy_handle *scmanager_handle,
> [in,string,unique] wchat_t *ServiceName,
> [in] uint32_t access_mask);
>
> Another problem might be that the version of IDLC isn't quite right. I
> think it should handle the above just fine but I have a new version that
> you should really be using instead. It's not quite through the entire test
> suite so I have a little more work to do. I could release it tonight.
>
> Mike
More information about the jcifs
mailing list