diff options
author | Stefan Metzmacher <metze@samba.org> | 2019-11-11 13:57:55 +0100 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2020-05-28 06:43:37 +0000 |
commit | e7119198e0939dac0657fa247917feee315cece5 (patch) | |
tree | 08f2f28c673c72ab79563739236794c87e9ba902 /source3/utils | |
parent | 715d8751447e3ec140cb70084d27ba958c07c21a (diff) | |
download | samba-e7119198e0939dac0657fa247917feee315cece5.tar.gz |
s3:net: add net_context_creds() helper function
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Diffstat (limited to 'source3/utils')
-rw-r--r-- | source3/utils/net_proto.h | 3 | ||||
-rw-r--r-- | source3/utils/net_util.c | 103 |
2 files changed, 106 insertions, 0 deletions
diff --git a/source3/utils/net_proto.h b/source3/utils/net_proto.h index d04df553e01..f49b707338d 100644 --- a/source3/utils/net_proto.h +++ b/source3/utils/net_proto.h @@ -418,6 +418,9 @@ NTSTATUS net_make_ipc_connection_ex(struct net_context *c ,const char *domain, const struct sockaddr_storage *pss, unsigned flags, struct cli_state **pcli); const char *net_prompt_pass(struct net_context *c, const char *user); +struct cli_credentials; +struct cli_credentials *net_context_creds(struct net_context *c, + TALLOC_CTX *mem_ctx); int net_run_function(struct net_context *c, int argc, const char **argv, const char *whoami, struct functable *table); void net_display_usage_from_functable(struct functable *table); diff --git a/source3/utils/net_util.c b/source3/utils/net_util.c index 18ae07f480e..156e9ef99a5 100644 --- a/source3/utils/net_util.c +++ b/source3/utils/net_util.c @@ -29,6 +29,8 @@ #include "secrets.h" #include "../libcli/security/security.h" #include "libsmb/libsmb.h" +#include "lib/param/param.h" +#include "auth/gensec/gensec.h" NTSTATUS net_rpc_lookup_name(struct net_context *c, TALLOC_CTX *mem_ctx, struct cli_state *cli, @@ -477,6 +479,107 @@ const char *net_prompt_pass(struct net_context *c, const char *user) return SMB_STRDUP(pwd); } +struct cli_credentials *net_context_creds(struct net_context *c, + TALLOC_CTX *mem_ctx) +{ + struct cli_credentials *creds = NULL; + struct loadparm_context *lp_ctx = NULL; + + c->opt_password = net_prompt_pass(c, c->opt_user_name); + + creds = cli_credentials_init(mem_ctx); + if (creds == NULL) { + d_printf("ERROR: Unable to allocate memory!\n"); + exit(-1); + } + + lp_ctx = loadparm_init_s3(creds, loadparm_s3_helpers()); + if (lp_ctx == NULL) { + d_printf("loadparm_init_s3 failed\n"); + exit(-1); + } + + cli_credentials_guess(creds, lp_ctx); + + if (c->opt_kerberos && c->opt_user_specified) { + cli_credentials_set_kerberos_state(creds, + CRED_AUTO_USE_KERBEROS); + } else if (c->opt_kerberos) { + cli_credentials_set_kerberos_state(creds, + CRED_MUST_USE_KERBEROS); + } else { + cli_credentials_set_kerberos_state(creds, + CRED_DONT_USE_KERBEROS); + } + + if (c->opt_ccache) { + uint32_t features; + + features = cli_credentials_get_gensec_features(creds); + features |= GENSEC_FEATURE_NTLM_CCACHE; + cli_credentials_set_gensec_features(creds, features); + + if (c->opt_password != NULL && strlen(c->opt_password) == 0) { + /* + * some callers pass "" as no password + * + * GENSEC_FEATURE_NTLM_CCACHE only handles + * NULL as no password. + */ + c->opt_password = NULL; + } + } + + if (c->opt_user_specified) { + const char *default_domain = + cli_credentials_get_domain(creds); + char *username = NULL; + const char *domain = NULL; + char *tmp = NULL; + char *p = NULL; + bool is_default; + + tmp = talloc_strdup(creds, c->opt_user_name); + if (tmp == NULL) { + exit(-1); + } + username = tmp; + + /* allow for workgroups as part of the username */ + if ((p = strchr_m(tmp, '\\')) || + (p = strchr_m(tmp, '/')) || + (p = strchr_m(tmp, *lp_winbind_separator()))) { + *p = 0; + username = p + 1; + domain = tmp; + } + + if (domain == NULL) { + domain = c->opt_workgroup; + } + + /* + * Don't overwrite the value from cli_credentials_guess() + * with CRED_SPECIFIED, unless we have to. + */ + is_default = strequal_m(domain, default_domain); + if (!is_default) { + cli_credentials_set_domain(creds, + domain, + CRED_SPECIFIED); + } + + cli_credentials_set_username(creds, + username, + CRED_SPECIFIED); + cli_credentials_set_password(creds, + c->opt_password, + CRED_SPECIFIED); + } + + return creds; +} + int net_run_function(struct net_context *c, int argc, const char **argv, const char *whoami, struct functable *table) { |