/*++ Copyright (c) 2001 Microsoft Corporation All rights reserved. Module Name: sspicli.cxx Abstract: sspicli Author: Larry Zhu (LZhu) Januray 1, 2002 Revision History: --*/ #include #include #include #include // RPC API functions, types #include #include #include "sspitest.h" // header file generated by MIDL compiler #ifndef COUNTOF #define COUNTOF(s) ( sizeof( (s) ) / sizeof( *(s) ) ) #endif // COUNTOF INT Usage(PSTR pszProgramName) { DebugPrintf(SSPI_ERROR, "Usage: %s\n", pszProgramName); DebugPrintf(SSPI_ERROR, " -protocolsequence protocol_sequence\n"); DebugPrintf(SSPI_ERROR, " -networkaddress network_address\n"); DebugPrintf(SSPI_ERROR, " -delegationaddress delegation address\n"); DebugPrintf(SSPI_ERROR, " -endpoint endpoint\n"); DebugPrintf(SSPI_ERROR, " -networkoptions network options\n"); DebugPrintf(SSPI_ERROR, " -authnlevel authn level\n"); DebugPrintf(SSPI_ERROR, " -imperlevel impersonation level\n"); DebugPrintf(SSPI_ERROR, " -authnservice authn service\n"); DebugPrintf(SSPI_ERROR, " -user username\n"); DebugPrintf(SSPI_ERROR, " -password password\n"); DebugPrintf(SSPI_ERROR, " -domain domain\n"); DebugPrintf(SSPI_ERROR, " -shutdown shutdownserver\n"); DebugPrintf(SSPI_ERROR, " -serviceprincipalname target principal\n"); exit(1); } #ifndef UNLEN #define UNLEN 256 #endif INT __cdecl main( INT argc, PSTR argv[] ) { RPC_STATUS status; // returned by RPC API function INT mark = 1; PSTR pszProtocolSequence = "ncacn_ip_tcp"; PSTR pszNetworkAddress = NULL; PSTR pszEndpoint = "10"; PSTR pszOptions = NULL; PSTR pszStringBinding = NULL; PSTR pszDelegationAddress = NULL; PSTR pszPrincipal = NULL; CHAR PrincipalBuffer[UNLEN] = {0}; ULONG PrincipalLength; ULONG AuthnLevel = RPC_C_AUTHN_LEVEL_DEFAULT; ULONG AuthnService = RPC_C_AUTHN_WINNT; BOOLEAN ShutdownService = FALSE; handle_t BindingHandle = NULL; SEC_WINNT_AUTH_IDENTITY_A sID = {0}; ULONG RootKey = (ULONG) (ULONG_PTR) HKEY_LOCAL_MACHINE; UCHAR RegValue[MAX_PATH] = {0}; ULONG RegValueType = 0; ULONG cbRegValue = 0; RPC_SECURITY_QOS SecurityQos = {0}; PSTR pszKeys[] = { "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0", "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0", "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0" }; PSTR pszValues[] = { "ntlmminclientsec", "ntlmminserversec", "Auth1" }; sID.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI; SecurityQos.Version = RPC_C_SECURITY_QOS_VERSION; SecurityQos.IdentityTracking = RPC_C_QOS_IDENTITY_STATIC; SecurityQos.Capabilities = RPC_C_QOS_CAPABILITIES_DEFAULT; SecurityQos.ImpersonationType = RPC_C_IMP_LEVEL_IMPERSONATE; // RPC_C_IMP_LEVEL_IDENTIFY; assert(COUNTOF(pszKeys) == COUNTOF(pszValues)); argc--; // allow the user to override settings with command line switches while (argc) { if (!strcmp(argv[mark], "-protocolsequence") && (argc > 1)) { argc--; mark++; pszProtocolSequence = argv[mark]; argc--; mark++; } else if (!strcmp(argv[mark], "-networkaddress") && (argc > 1)) { argc--; mark++; pszNetworkAddress = argv[mark]; argc--; mark++; } else if (!strcmp(argv[mark], "-delegationaddress") && (argc > 1)) { argc--; mark++; pszDelegationAddress = argv[mark]; argc--; mark++; } else if (!strcmp(argv[mark], "-endpoint") && (argc > 1)) { argc--; mark++; pszEndpoint = argv[mark]; argc--; mark++; } else if (!strcmp(argv[mark], "-networkoptions") && (argc > 1)) { argc--; mark++; pszOptions = argv[mark]; argc--; mark++; } else if (!strcmp(argv[mark], "-serviceprincipalname") && (argc > 1)) { argc--; mark++; pszPrincipal = argv[mark]; argc--; mark++; } else if (!strcmp(argv[mark], "-user") && (argc > 1)) { argc--; mark++; sID.User = (UCHAR*) argv[mark]; sID.UserLength = strlen((PSTR) sID.User); argc--; mark++; } else if (!strcmp(argv[mark], "-domain") && (argc > 1)) { argc--; mark++; sID.Domain = (UCHAR*) argv[mark]; sID.DomainLength = strlen((PSTR) sID.Domain); argc--; mark++; } else if (!strcmp(argv[mark], "-password") && (argc > 1)) { argc--; mark++; sID.Password = (UCHAR*) argv[mark]; sID.PasswordLength = strlen((PSTR) sID.Password); argc--; mark++; } else if (!strcmp(argv[mark], "-key1") && (argc > 1)) { argc--; mark++; pszKeys[0] = argv[mark]; argc--; mark++; } else if (!strcmp(argv[mark], "-value1") && (argc > 1)) { argc--; mark++; pszValues[0] = argv[mark]; argc--; mark++; } else if (!strcmp(argv[mark], "-key2") && (argc > 1)) { argc--; mark++; pszKeys[1] = argv[mark]; argc--; mark++; } else if (!strcmp(argv[mark], "-value2") && (argc > 1)) { argc--; mark++; pszValues[1] = argv[mark]; argc--; mark++; } else if (!strcmp(argv[mark], "-key3") && (argc > 1)) { argc--; mark++; pszKeys[2] = argv[mark]; argc--; mark++; } else if (!strcmp(argv[mark], "-value3") && (argc > 1)) { argc--; mark++; pszValues[2] = argv[mark]; argc--; mark++; } else if (!strcmp(argv[mark], "-rootkey") && (argc > 1)) { argc--; mark++; RootKey = strtol(argv[mark], NULL, 0); argc--; mark++; } else if (!strcmp(argv[mark], "-authnlevel") && (argc > 1)) { argc--; mark++; AuthnLevel = strtol(argv[mark], NULL, 0); argc--; mark++; } else if (!strcmp(argv[mark], "-imperlevel") && (argc > 1)) { argc--; mark++; SecurityQos.ImpersonationType = strtol(argv[mark], NULL, 0); argc--; mark++; } else if (!strcmp(argv[mark], "-authnservice") && (argc > 1)) { argc--; mark++; AuthnService = strtol(argv[mark], NULL, 0); argc--; mark++; } else if (!strcmp(argv[mark], "-shutdown")) { argc--; mark++; ShutdownService = TRUE; } else if (!strcmp(argv[mark], "-h") || !strcmp(argv[mark], "-?")) { argc--; mark++; Usage(argv[0]); } else { Usage(argv[0]); } } // // If the principal is NULL, get it from the environment // if (pszPrincipal == NULL) { DebugPrintf(SSPI_WARN, "!!!!!!!!!!!!!!!Targeted service principal name is not provided!!!!!\n"); } // Use a convenience function to concatenate the elements of // the string binding into the proper sequence. status = RpcStringBindingComposeA(NULL, (UCHAR*) pszProtocolSequence, (UCHAR*) pszNetworkAddress, (UCHAR*) pszEndpoint, (UCHAR*) pszOptions, (UCHAR**) &pszStringBinding); if (status) { DebugPrintf(SSPI_LOG, "RpcStringBindingCompose returned %d\n", status); exit(2); } DebugPrintf(SSPI_LOG, "pszStringBinding = %s\n", pszStringBinding); // // Set the binding handle that will be used to bind to the server. // status = RpcBindingFromStringBindingA((UCHAR*) pszStringBinding, &BindingHandle); if (status) { DebugPrintf(SSPI_LOG, "RpcBindingFromStringBinding returned %d\n", status); exit(2); } status = RpcStringFreeA((UCHAR**) &pszStringBinding); // remote calls done; unbind if (status) { DebugPrintf(SSPI_LOG, "RpcStringFree returned %d\n", status); exit(2); } // // Tell RPC to do the security thing. // DebugPrintf(SSPI_LOG, "Binding auth info user %s, userlen %#x, domain %s, domanlen %#x, password %s, passwordlen %#x, sid flag %#x, " "set to level %d, service %d, principal %s, SecurityQos.ImpersonationType %#x\n", sID.User, sID.UserLength, sID.Domain, sID.DomainLength, sID.Password, sID.PasswordLength, sID.Flags, AuthnLevel, AuthnService, pszPrincipal, SecurityQos.ImpersonationType); status = RpcBindingSetAuthInfoExA(BindingHandle, (UCHAR*) pszPrincipal, AuthnLevel, AuthnService, (sID.UserLength || sID.DomainLength || sID.PasswordLength) ? &sID : NULL, RPC_C_AUTHZ_NAME, &SecurityQos); if ( status ) { DebugPrintf(SSPI_LOG, "RpcBindingSetAuthInfo returned %ld\n", status); exit(2); } // // Do the actual RPC calls to the server. // RpcTryExcept { for (ULONG i = 0; i < COUNTOF(pszKeys); i++) { status = ReadRegistryValueData( BindingHandle, RootKey, (UCHAR*) pszKeys[i], (UCHAR*) pszValues[i], sizeof(RegValue), RegValue, &RegValueType, &cbRegValue ); if (status == ERROR_SUCCESS) { DebugPrintf(SSPI_LOG, "RootKey %#x, Key %s, Value %s, RegValueType %#x, cbRegValue %#x\n", RootKey, pszKeys[i], pszValues[i], RegValueType, cbRegValue); DebugPrintHex(SSPI_LOG, "RegValue", cbRegValue, RegValue); } else { DebugPrintf(SSPI_ERROR, "RootKey %#x, Key %s, Value %s, status %#x\n", RootKey, pszKeys[i], pszValues[i], status); } } if (ShutdownService) { Shutdown( BindingHandle ); } } RpcExcept(EXCEPTION_EXECUTE_HANDLER) { DebugPrintf(SSPI_LOG, "Runtime library reported an exception %d\n", RpcExceptionCode()); } RpcEndExcept // The calls to the remote procedures are complete. // Free the binding handle status = RpcBindingFree(&BindingHandle); // remote calls done; unbind if (status) { DebugPrintf(SSPI_LOG, "RpcBindingFree returned %d\n", status); exit(2); } return 0; } // ==================================================================== // MIDL allocate and free // ==================================================================== void __RPC_FAR * __RPC_API MIDL_user_allocate(size_t len) { return malloc(len); } void __RPC_API MIDL_user_free(void __RPC_FAR * ptr) { free(ptr); } /* end file helloc.c */