[PATCH] changes to rpcclient

Christian Ambach ambi at samba.org
Thu May 12 07:52:52 UTC 2016 

Hi list,

the attached patchset contains a bugfix for rpcclient (including a new
test) and a small improvement to rpcclient.

Please review and push if okay.

Cheers,
Christian
-------------- next part --------------
From 5d0747ba92d47dfff27a6dfd91429fb1fe22ced9 Mon Sep 17 00:00:00 2001
From: Christian Ambach <ambi at samba.org>
Date: Wed, 11 May 2016 17:41:24 +0200
Subject: [PATCH 1/3] s3:rpcclient make --pw-nt-hash option work

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10796
Signed-off-by: Christian Ambach <ambi at samba.org>
---
 source3/rpcclient/rpcclient.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index c32fbc7..efca953 100644
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -1084,6 +1084,9 @@ out_free:
 	if (get_cmdline_auth_info_use_ccache(rpcclient_auth_info)) {
 		flags |= CLI_FULL_CONNECTION_USE_CCACHE;
 	}
+	if (get_cmdline_auth_info_use_pw_nt_hash(rpcclient_auth_info)) {
+		flags |= CLI_FULL_CONNECTION_USE_NT_HASH;
+	}
 
 	user = talloc_strdup(frame, get_cmdline_auth_info_username(rpcclient_auth_info));
 	SMB_ASSERT(user != NULL);
-- 
1.9.1


From 84a4001e95f5a3b188ec7929cf9448f3ed17bbc3 Mon Sep 17 00:00:00 2001
From: Christian Ambach <ambi at samba.org>
Date: Wed, 11 May 2016 19:21:20 +0200
Subject: [PATCH 2/3] s3:selftest add a test for rpcclient --pw-nt-hash option

Signed-off-by: Christian Ambach <ambi at samba.org>
---
 source3/script/tests/test_rpcclient_pw_nt_hash.sh | 27 +++++++++++++++++++++++
 source3/selftest/tests.py                         |  5 +++++
 2 files changed, 32 insertions(+)
 create mode 100755 source3/script/tests/test_rpcclient_pw_nt_hash.sh

diff --git a/source3/script/tests/test_rpcclient_pw_nt_hash.sh b/source3/script/tests/test_rpcclient_pw_nt_hash.sh
new file mode 100755
index 0000000..c03d22f
--- /dev/null
+++ b/source3/script/tests/test_rpcclient_pw_nt_hash.sh
@@ -0,0 +1,27 @@
+#!/bin/sh
+#
+# Blackbox tests for the rpcclient --pw-nt-hash option
+#
+
+if [ $# -lt 4 ]; then
+cat <<EOF
+Usage: test_rpcclient_pw_nt_hash.sh USERNAME PASSWORD SERVER RPCCLIENT
+EOF
+exit 1;
+fi
+
+USERNAME="$1"
+PASSWORD="$2"
+SERVER="$3"
+RPCCLIENT="$4"
+
+HASH=`echo -n $PASSWORD | iconv -t utf16le | openssl md4 |cut -d ' ' -f2`
+
+RPCCLIENTCMD="$RPCCLIENT $SERVER --pw-nt-hash -U$USERNAME%$HASH -c queryuser"
+
+incdir=$(dirname $0)/../../../testprogs/blackbox
+. $incdir/subunit.sh
+
+testit "rpcclient --pw-nt-hash" $RPCCLIENTCMD || failed=`expr $failed + 1`
+
+testok $0 $failed
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index 077510c..4ecb3f1 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -464,6 +464,11 @@ plantestsuite("samba3.blackbox.rpcclient_srvsvc", "simpleserver",
                "$USERNAME", "$PASSWORD", "$SERVER",
                os.path.join(bindir(), "rpcclient"), "tmp"])
 
+plantestsuite("samba3.blackbox.rpcclient.pw-nt-hash", "simpleserver",
+              [os.path.join(samba3srcdir, "script/tests/test_rpcclient_pw_nt_hash.sh"),
+               "$USERNAME", "$PASSWORD", "$SERVER",
+               os.path.join(bindir(), "rpcclient")])
+
 options_list = ["", "-e"]
 for options in options_list:
     plantestsuite("samba3.blackbox.smbclient_krb5 old ccache %s" % options, "ktest:local",
-- 
1.9.1


From 0f93f38a0ebdfce9ecd67bb3accaae497fcd6bb9 Mon Sep 17 00:00:00 2001
From: Christian Ambach <ambi at samba.org>
Date: Wed, 11 May 2016 18:54:58 +0200
Subject: [PATCH 3/3] s3:rpcclient add -m option

Signed-off-by: Christian Ambach <ambi at samba.org>
---
 docs-xml/manpages/rpcclient.1.xml | 14 ++++++++++++++
 source3/rpcclient/rpcclient.c     |  5 +++++
 2 files changed, 19 insertions(+)

diff --git a/docs-xml/manpages/rpcclient.1.xml b/docs-xml/manpages/rpcclient.1.xml
index fcdd0c6..2ce1443 100644
--- a/docs-xml/manpages/rpcclient.1.xml
+++ b/docs-xml/manpages/rpcclient.1.xml
@@ -24,6 +24,7 @@
 		<arg choice="opt">-c <command string></arg>
 		<arg choice="opt">-d debuglevel</arg>
 		<arg choice="opt">-l logdir</arg>
+		<arg choice="opt">-m maxprotocol</arg>
 		<arg choice="opt">-N</arg>
 		<arg choice="opt">-s <smb config file></arg>
 		<arg choice="opt">-U username[%password]</arg>
@@ -86,6 +87,19 @@
 		</varlistentry>
 
 		<varlistentry>
+		<term>-m|--max-protocol protocol</term>
+		<listitem><para>This allows the user to select the
+		highest SMB protocol level that rpcclient will use to
+		connect to the server. By default this is set to
+		NT1, which is the highest available SMB1 protocol.
+		To connect using SMB2 or SMB3 protocol, use the
+		strings SMB2 or SMB3 respectively. Note that to connect
+		to a Windows 2012 server with encrypted transport selecting
+		a max-protocol of SMB3 is required.
+		</para></listitem>
+		</varlistentry>
+
+		<varlistentry>
 		<term>-p|--port port</term>
 		<listitem><para>This number is the TCP port number that will be used
 		when making connections to the server. The standard (well-known)
diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index efca953..44d691b 100644
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -913,6 +913,7 @@ out_free:
 		{"command",	'c', POPT_ARG_STRING,	&cmdstr, 'c', "Execute semicolon separated cmds", "COMMANDS"},
 		{"dest-ip", 'I', POPT_ARG_STRING,   &opt_ipaddr, 'I', "Specify destination IP address", "IP"},
 		{"port", 'p', POPT_ARG_INT,   &opt_port, 'p', "Specify port number", "PORT"},
+		{"max-protocol", 'm', POPT_ARG_STRING, NULL, 'm', "Set the max protocol level", "LEVEL" },
 		POPT_COMMON_SAMBA
 		POPT_COMMON_CONNECTION
 		POPT_COMMON_CREDENTIALS
@@ -949,6 +950,10 @@ out_free:
 	while((opt = poptGetNextOpt(pc)) != -1) {
 		switch (opt) {
 
+		case 'm':
+			lp_set_cmdline("client max protocol", poptGetOptArg(pc));
+			break;
+
 		case 'I':
 			if (!interpret_string_addr(&server_ss,
 						opt_ipaddr,
-- 
1.9.1

More information about the samba-technical mailing list