[PATCH] changes to rpcclient
Jeremy Allison
jra at samba.org
Thu May 12 08:54:30 UTC 2016
On Thu, May 12, 2016 at 09:52:52AM +0200, Christian Ambach wrote:
> Hi list,
>
> the attached patchset contains a bugfix for rpcclient (including a new
> test) and a small improvement to rpcclient.
>
> Please review and push if okay.
LGTM. Pushed ! Thanks Christian.
> From 5d0747ba92d47dfff27a6dfd91429fb1fe22ced9 Mon Sep 17 00:00:00 2001
> From: Christian Ambach <ambi at samba.org>
> Date: Wed, 11 May 2016 17:41:24 +0200
> Subject: [PATCH 1/3] s3:rpcclient make --pw-nt-hash option work
>
> Bug: https://bugzilla.samba.org/show_bug.cgi?id=10796
> Signed-off-by: Christian Ambach <ambi at samba.org>
> ---
> source3/rpcclient/rpcclient.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
> index c32fbc7..efca953 100644
> --- a/source3/rpcclient/rpcclient.c
> +++ b/source3/rpcclient/rpcclient.c
> @@ -1084,6 +1084,9 @@ out_free:
> if (get_cmdline_auth_info_use_ccache(rpcclient_auth_info)) {
> flags |= CLI_FULL_CONNECTION_USE_CCACHE;
> }
> + if (get_cmdline_auth_info_use_pw_nt_hash(rpcclient_auth_info)) {
> + flags |= CLI_FULL_CONNECTION_USE_NT_HASH;
> + }
>
> user = talloc_strdup(frame, get_cmdline_auth_info_username(rpcclient_auth_info));
> SMB_ASSERT(user != NULL);
> --
> 1.9.1
>
>
> From 84a4001e95f5a3b188ec7929cf9448f3ed17bbc3 Mon Sep 17 00:00:00 2001
> From: Christian Ambach <ambi at samba.org>
> Date: Wed, 11 May 2016 19:21:20 +0200
> Subject: [PATCH 2/3] s3:selftest add a test for rpcclient --pw-nt-hash option
>
> Signed-off-by: Christian Ambach <ambi at samba.org>
> ---
> source3/script/tests/test_rpcclient_pw_nt_hash.sh | 27 +++++++++++++++++++++++
> source3/selftest/tests.py | 5 +++++
> 2 files changed, 32 insertions(+)
> create mode 100755 source3/script/tests/test_rpcclient_pw_nt_hash.sh
>
> diff --git a/source3/script/tests/test_rpcclient_pw_nt_hash.sh b/source3/script/tests/test_rpcclient_pw_nt_hash.sh
> new file mode 100755
> index 0000000..c03d22f
> --- /dev/null
> +++ b/source3/script/tests/test_rpcclient_pw_nt_hash.sh
> @@ -0,0 +1,27 @@
> +#!/bin/sh
> +#
> +# Blackbox tests for the rpcclient --pw-nt-hash option
> +#
> +
> +if [ $# -lt 4 ]; then
> +cat <<EOF
> +Usage: test_rpcclient_pw_nt_hash.sh USERNAME PASSWORD SERVER RPCCLIENT
> +EOF
> +exit 1;
> +fi
> +
> +USERNAME="$1"
> +PASSWORD="$2"
> +SERVER="$3"
> +RPCCLIENT="$4"
> +
> +HASH=`echo -n $PASSWORD | iconv -t utf16le | openssl md4 |cut -d ' ' -f2`
> +
> +RPCCLIENTCMD="$RPCCLIENT $SERVER --pw-nt-hash -U$USERNAME%$HASH -c queryuser"
> +
> +incdir=$(dirname $0)/../../../testprogs/blackbox
> +. $incdir/subunit.sh
> +
> +testit "rpcclient --pw-nt-hash" $RPCCLIENTCMD || failed=`expr $failed + 1`
> +
> +testok $0 $failed
> diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
> index 077510c..4ecb3f1 100755
> --- a/source3/selftest/tests.py
> +++ b/source3/selftest/tests.py
> @@ -464,6 +464,11 @@ plantestsuite("samba3.blackbox.rpcclient_srvsvc", "simpleserver",
> "$USERNAME", "$PASSWORD", "$SERVER",
> os.path.join(bindir(), "rpcclient"), "tmp"])
>
> +plantestsuite("samba3.blackbox.rpcclient.pw-nt-hash", "simpleserver",
> + [os.path.join(samba3srcdir, "script/tests/test_rpcclient_pw_nt_hash.sh"),
> + "$USERNAME", "$PASSWORD", "$SERVER",
> + os.path.join(bindir(), "rpcclient")])
> +
> options_list = ["", "-e"]
> for options in options_list:
> plantestsuite("samba3.blackbox.smbclient_krb5 old ccache %s" % options, "ktest:local",
> --
> 1.9.1
>
>
> From 0f93f38a0ebdfce9ecd67bb3accaae497fcd6bb9 Mon Sep 17 00:00:00 2001
> From: Christian Ambach <ambi at samba.org>
> Date: Wed, 11 May 2016 18:54:58 +0200
> Subject: [PATCH 3/3] s3:rpcclient add -m option
>
> Signed-off-by: Christian Ambach <ambi at samba.org>
> ---
> docs-xml/manpages/rpcclient.1.xml | 14 ++++++++++++++
> source3/rpcclient/rpcclient.c | 5 +++++
> 2 files changed, 19 insertions(+)
>
> diff --git a/docs-xml/manpages/rpcclient.1.xml b/docs-xml/manpages/rpcclient.1.xml
> index fcdd0c6..2ce1443 100644
> --- a/docs-xml/manpages/rpcclient.1.xml
> +++ b/docs-xml/manpages/rpcclient.1.xml
> @@ -24,6 +24,7 @@
> <arg choice="opt">-c <command string></arg>
> <arg choice="opt">-d debuglevel</arg>
> <arg choice="opt">-l logdir</arg>
> + <arg choice="opt">-m maxprotocol</arg>
> <arg choice="opt">-N</arg>
> <arg choice="opt">-s <smb config file></arg>
> <arg choice="opt">-U username[%password]</arg>
> @@ -86,6 +87,19 @@
> </varlistentry>
>
> <varlistentry>
> + <term>-m|--max-protocol protocol</term>
> + <listitem><para>This allows the user to select the
> + highest SMB protocol level that rpcclient will use to
> + connect to the server. By default this is set to
> + NT1, which is the highest available SMB1 protocol.
> + To connect using SMB2 or SMB3 protocol, use the
> + strings SMB2 or SMB3 respectively. Note that to connect
> + to a Windows 2012 server with encrypted transport selecting
> + a max-protocol of SMB3 is required.
> + </para></listitem>
> + </varlistentry>
> +
> + <varlistentry>
> <term>-p|--port port</term>
> <listitem><para>This number is the TCP port number that will be used
> when making connections to the server. The standard (well-known)
> diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
> index efca953..44d691b 100644
> --- a/source3/rpcclient/rpcclient.c
> +++ b/source3/rpcclient/rpcclient.c
> @@ -913,6 +913,7 @@ out_free:
> {"command", 'c', POPT_ARG_STRING, &cmdstr, 'c', "Execute semicolon separated cmds", "COMMANDS"},
> {"dest-ip", 'I', POPT_ARG_STRING, &opt_ipaddr, 'I', "Specify destination IP address", "IP"},
> {"port", 'p', POPT_ARG_INT, &opt_port, 'p', "Specify port number", "PORT"},
> + {"max-protocol", 'm', POPT_ARG_STRING, NULL, 'm', "Set the max protocol level", "LEVEL" },
> POPT_COMMON_SAMBA
> POPT_COMMON_CONNECTION
> POPT_COMMON_CREDENTIALS
> @@ -949,6 +950,10 @@ out_free:
> while((opt = poptGetNextOpt(pc)) != -1) {
> switch (opt) {
>
> + case 'm':
> + lp_set_cmdline("client max protocol", poptGetOptArg(pc));
> + break;
> +
> case 'I':
> if (!interpret_string_addr(&server_ss,
> opt_ipaddr,
> --
> 1.9.1
>
More information about the samba-technical
mailing list