Release 3.4.1.31 candidate changes. (#293)

Release information: https://community.netwrix.com/t/minor-version-3-4-released/14949

Signed-off-by: HerbieSmith-Netwrix <[email protected]>

Author: HerbieSmith-Netwrix

ADWS/ADItem.cs

@@ -208,6 +208,10 @@ protected ADItem()
         public string[] msDSEnabledFeature { get; set; }
         [ADAttributeAttribute("msDS-ExpirePasswordsOnSmartCardOnlyAccounts", ADAttributeValueKind.BoolValue)]
         public bool msDSExpirePasswordsOnSmartCardOnlyAccounts { get; set; }
+        [ADAttributeAttribute("msDS-isGC", ADAttributeValueKind.BoolValue)]
+        public bool? msDSIsGC { get; set; }
+        [ADAttributeAttribute("msDS-IsRODC", ADAttributeValueKind.BoolValue)]
+        public bool? msDSisRodc { get; set; }
         [ADAttributeAttribute("msDS-IntId", ADAttributeValueKind.IntValue)]
         public int msDSIntId { get; set; }
         [ADAttributeAttribute("msDS-SupportedEncryptionTypes", ADAttributeValueKind.IntValue)]
@@ -340,6 +344,9 @@ protected ADItem()
         [ADAttributeAttribute("whenChanged", ADAttributeValueKind.DateValue2)]
         public DateTime WhenChanged { get; set; }
 
+        [ADAttributeAttribute("mspki-ra-signature", ADAttributeValueKind.IntValue)]
+        public int AuthorizedSignatures { get; set; }
+
         public List<string> GetApplicableGPO()
         {
             var output = new List<string>();
@@ -498,27 +505,6 @@ internal static List<HealthCheckTrustDomainInfoData> ConvertByteToTrustInfo(byte
                 }
                 else if (recordType == 4)
                 {
-                    /*Trace.WriteLine("RecordType 4");
-                    int tempPointer = pointer + recordSize;
-                    int binaryDataLen = BitConverter.ToInt32(data, tempPointer);
-                    tempPointer += 4;
-                    int subRecordType = BitConverter.ToInt32(data, tempPointer);
-                    tempPointer += 4;
-                    int sidLen = data[ tempPointer];
-                    tempPointer += 1;
-                    if (sidLen > 0)
-                    {
-                        SecurityIdentifier sid = new SecurityIdentifier(data, tempPointer);
-                        tempPointer += sidLen;
-                    }
-                    int DnsNameLen = BitConverter.ToInt32(data, tempPointer);
-                    tempPointer += 4;
-                    string DnsName = UnicodeEncoding.UTF8.GetString(data, tempPointer, DnsNameLen);
-                    tempPointer += DnsNameLen;
-                    int NetbiosNameLen = BitConverter.ToInt32(data, tempPointer);
-                    tempPointer += 4;
-                    string NetbiosName = UnicodeEncoding.UTF8.GetString(data, tempPointer, NetbiosNameLen);
-                    tempPointer += NetbiosNameLen;*/
                 }
                 else
                 {
@@ -981,13 +967,14 @@ public static ADItem Create(SearchResult sr, bool nTSecurityDescriptor)
             return aditem;
         }
 
-        static void NotImplemented(string name, ADAttributeValueKind kind, berval[] val)
+        private static void NotImplemented(string name, ADAttributeValueKind kind, berval[] val)
         {
-            Console.WriteLine("name:" + name);
-            Console.WriteLine("kind: " + kind.ToString());
+            var ui = UserInterfaceFactory.GetUserInterface();
+            ui.DisplayMessage("name:" + name);
+            ui.DisplayMessage("kind: " + kind.ToString());
             if (val == null)
                 return;
-            Console.WriteLine("val: " + val[0].ToString());
+            ui.DisplayMessage("val: " + val[0].ToString());
             throw new NotImplementedException();
         }
         [SecurityPermission(SecurityAction.LinkDemand, Flags = SecurityPermissionFlag.UnmanagedCode)]
@@ -1131,7 +1118,7 @@ public static ADItem Create(Dictionary<string, berval[]> data)
                                 }
                                 break;
                             case ADAttributeValueKind.ReplMetadataValue:
-                                translation.prop.SetValue(aditem, ConvertByteToMetaDataInfo(((berval)data[name2][0]).GetByteArray()), null);
+                                translation.prop.SetValue(aditem, ConvertByteToMetaDataInfo(data[name2][0].GetByteArray()), null);
                                 break;
                             case ADAttributeValueKind.ReplMetadataValue2:
                                 {

ADWS/ADWSConnection.cs

@@ -4,23 +4,19 @@
 //
 // Licensed under the Non-Profit OSL. See LICENSE file in the project root for full license information.
 //
-using PingCastle.misc;
+using PingCastle.UserInterface;
 using System;
 using System.Collections.Generic;
 using System.Diagnostics;
-using System.DirectoryServices.ActiveDirectory;
 using System.IO;
 using System.Net;
-using System.Runtime.Serialization;
 using System.Security.Permissions;
 using System.ServiceModel;
-using System.Text;
-using System.Threading;
 using System.Xml;
 
 namespace PingCastle.ADWS
 {
-	public class ADWSConnection : ADConnection
+    public class ADWSConnection : ADConnection
 	{
 
 		public ADWSConnection(string server, int port, NetworkCredential credential)
@@ -34,9 +30,11 @@ public ADWSConnection(string server, int port, NetworkCredential credential)
 
 		private delegate void ReceiveItems(ItemListType items);
 
-		// when doing a simple enumeration, ws-transfert (for root dse) and ws-enumeration needs to be called.
-		// share the connection between the 2 webservices to save time
-		private NetTcpBinding _binding = null;
+        private readonly IUserInterface _ui = UserInterfaceFactory.GetUserInterface();
+
+        // when doing a simple enumeration, ws-transfert (for root dse) and ws-enumeration needs to be called.
+        // share the connection between the 2 webservices to save time
+        private NetTcpBinding _binding = null;
 		private NetTcpBinding Binding
 		{
 			get
@@ -237,7 +235,7 @@ public override void Enumerate(string distinguishedName, string filter, string[]
 							}
 							catch (Exception ex)
 							{
-								Console.WriteLine("Warning: unable to process element (" + ex.Message + ")\r\n" + item.OuterXml);
+                                _ui.DisplayWarning("Warning: unable to process element (" + ex.Message + ")\r\n" + item.OuterXml);
 								Trace.WriteLine("Warning: unable to process element\r\n" + item.OuterXml);
 								Trace.WriteLine("Exception: " + ex.ToString());
 							}

ADWS/ADWebService.cs

@@ -4,6 +4,7 @@
 //
 // Licensed under the Non-Profit OSL. See LICENSE file in the project root for full license information.
 //
+using PingCastle.UserInterface;
 using System;
 using System.Collections.Generic;
 using System.Diagnostics;
@@ -65,6 +66,8 @@ public ADWebService(string server, int port, NetworkCredential credential)
         private IADConnection connection { get; set; }
         private IADConnection fallBackConnection { get; set; }
 
+        private readonly IUserInterface _ui = UserInterfaceFactory.GetUserInterface();
+
         #region connection establishment
         private void EstablishConnection()
         {
@@ -297,9 +300,9 @@ public void Enumerate(Action preambleWithReentry, string distinguishedName, stri
                 Trace.WriteLine("StackTrace: " + ex.StackTrace);
                 if (fallBackConnection == null)
                     throw;
-                Console.ForegroundColor = ConsoleColor.Yellow;
-                Console.WriteLine("The AD query failed. Using the alternative protocol (" + fallBackConnection.GetType().Name + ")");
-                Console.ResetColor();
+
+                _ui.DisplayWarning("The AD query failed. Using the alternative protocol (" + fallBackConnection.GetType().Name + ")");
+
                 if (preambleWithReentry != null)
                     preambleWithReentry();
                 fallBackConnection.Enumerate(distinguishedName, filter, properties, callback, scope);

ADWS/LDAPConnection.cs

@@ -4,6 +4,7 @@
 //
 // Licensed under the Non-Profit OSL. See LICENSE file in the project root for full license information.
 //
+using PingCastle.UserInterface;
 using System;
 using System.Diagnostics;
 using System.DirectoryServices;
@@ -25,6 +26,7 @@ public LDAPConnection(string server, int port, NetworkCredential credential)
             Credential = credential;
         }
         public static int PageSize = 500;
+        private readonly IUserInterface _userIo = UserInterfaceFactory.GetUserInterface();
 
         public override void Enumerate(string distinguishedName, string filter, string[] properties, WorkOnReturnedObjectByADWS callback, string scope)
         {
@@ -93,17 +95,15 @@ private void EnumerateInternalWithLDAP(string distinguishedName, string filter,
                     {
                         if (ex.ErrorCode == -2147024662 && ex.ExtendedError == 234)
                         {
-                            Console.ForegroundColor = ConsoleColor.Yellow;
-                            Console.WriteLine("[" + DateTime.Now.ToLongTimeString() + "] Warning: received \"Calling GetNextRow can potentially return more results\"");
+                            _userIo.DisplayWarning("[" + DateTime.Now.ToLongTimeString() + "] Warning: received \"Calling GetNextRow can potentially return more results\"");
                             Trace.WriteLine("[" + DateTime.Now.ToLongTimeString() + "] Warning: received \"Calling GetNextRow can potentially return more results\"");
-                            Console.ResetColor();
                             if (!iterator.MoveNext())
                             {
-                                Console.WriteLine("[" + DateTime.Now.ToLongTimeString() + "] No more results");
+                                _userIo.DisplayMessage("[" + DateTime.Now.ToLongTimeString() + "] No more results");
                                 Trace.WriteLine("[" + DateTime.Now.ToLongTimeString() + "] No more results");
                                 break;
                             }
-                            Console.WriteLine("[" + DateTime.Now.ToLongTimeString() + "] More results found");
+                            _userIo.DisplayMessage("[" + DateTime.Now.ToLongTimeString() + "] More results found");
                             Trace.WriteLine("[" + DateTime.Now.ToLongTimeString() + "] More results found");
                         }
                         else
@@ -120,7 +120,7 @@ private void EnumerateInternalWithLDAP(string distinguishedName, string filter,
                     }
                     catch (Exception ex)
                     {
-                        Console.WriteLine("Warning: unable to process element (" + ex.Message + ")\r\n" + sr.Path);
+                        _userIo.DisplayWarning("Warning: unable to process element (" + ex.Message + ")\r\n" + sr.Path);
                         Trace.WriteLine("Warning: unable to process element\r\n" + sr.Path);
                         Trace.WriteLine("Exception: " + ex.ToString());
                     }
@@ -227,10 +227,10 @@ private void EnsureLDAPSIsWorking()
                             Trace.WriteLine("SSLPolicyErrors: " + sslPolicyErrors);
                             if (sslPolicyErrors != SslPolicyErrors.None)
                             {
-                                Console.WriteLine("While testing the LDAPS certificate, PingCastle found the following error: " + sslPolicyErrors);
-                                Console.WriteLine("The certificate is untrusted and Windows prohibits PingCastle to connect to it");
-                                Console.WriteLine("Certificate:  " + CACert.Subject);
-                                Console.WriteLine("Expires: " + CACert.GetExpirationDateString());
+                                _userIo.DisplayMessage("While testing the LDAPS certificate, PingCastle found the following error: " + sslPolicyErrors);
+                                _userIo.DisplayMessage("The certificate is untrusted and Windows prohibits PingCastle to connect to it");
+                                _userIo.DisplayMessage("Certificate:  " + CACert.Subject);
+                                _userIo.DisplayMessage("Expires: " + CACert.GetExpirationDateString());
                             }
                             return true; 
                         }

ADWS/LinuxConnection.cs

@@ -30,8 +30,6 @@ public string GetString()
             if (bv_val == IntPtr.Zero)
                 return null;
             return Marshal.PtrToStringAuto(bv_val, bv_len);
-            /*var bytes = GetByteArray();
-            return Encoding.UTF8.GetString(bytes, 0, bytes.Length);*/
 
         }
 

ADWS/LinuxSidResolver.cs

@@ -8,6 +8,11 @@
 
 namespace PingCastle.ADWS
 {
+    public static class LinuxSidResolverSettings
+    {
+        public static string LogLevel { get; set; }
+    }
+
     internal class LinuxSidResolver : IDisposable
     {
         const int SECURITY_MAX_SID_SIZE = 68;
@@ -91,8 +96,6 @@ internal static extern int rpccli_lsa_lookup_names(IntPtr cli,
         [DllImport(SmbLibrary, CharSet = CharSet.Ansi)]
         internal static extern void lp_set_cmdline(string i, string j);
 
-        public static string LogLevel { get; set; }
-
         IntPtr memoryContext;
         static object lockobject = new object();
         //in
@@ -139,9 +142,9 @@ private int ConnectWithFull()
         private void ConnectToLsa()
         {
             Trace.WriteLine(@"ConnectToLsa Init");
-            if (!string.IsNullOrEmpty(LogLevel))
+            if (!string.IsNullOrEmpty(LinuxSidResolverSettings.LogLevel))
             {
-                lp_set_cmdline("log level", LogLevel);
+                lp_set_cmdline("log level", LinuxSidResolverSettings.LogLevel);
             }
             lp_set_cmdline("client ipc signing", "required");
             var r = ConnectWithFull();

ADWS/WindowsFileConnection.cs

@@ -7,7 +7,6 @@
 using System.Runtime.InteropServices;
 using System.Security.AccessControl;
 using System.Security.Principal;
-using System.Text;
 
 namespace PingCastle.ADWS
 {
@@ -47,8 +46,6 @@ public DirectorySecurity GetDirectorySecurity(string path)
 
         public FileSecurity GetFileSecurity(string path)
         {
-            /*var info = new FileInfo(path);
-            return ((FileInfo)info).GetAccessControl();*/
             return File.GetAccessControl(path);
         }
 

Bot/Bot.cs

@@ -3,9 +3,9 @@
 using PingCastle.PingCastleLicense;
 using PingCastle.Report;
 using PingCastle.Rules;
+using PingCastle.UserInterface;
 using System;
 using System.Collections.Generic;
-using System.ComponentModel;
 using System.IO;
 using System.Text;
 using System.Xml;
@@ -17,13 +17,15 @@ namespace PingCastle.Bot
 
     public class Bot
     {
+        private readonly IUserInterface _userIo = UserInterfaceFactory.GetUserInterface();
+
         public void Run(string pipeName)
         {
             BotInputOutput input;
             bool stop = false;
 
             XmlSerializer xs = new XmlSerializer(typeof(BotInputOutput));
-            Console.WriteLine("Bot: hello");
+            _userIo.DisplayMessage("Bot: hello");
             using (var pipe = BotStream.OpenPipeStream(pipeName))
             {
                 while (!stop)
@@ -42,25 +44,24 @@ public void Run(string pipeName)
                             int r = pipe.Read(data, read, count - read);
                             if (r == 0)
                             {
-                                Console.WriteLine("Pipe shutdown");
+                                _userIo.DisplayMessage("Pipe shutdown");
                                 return;
                             }
                             read += r;
                         }
-                        Console.WriteLine("Bot: message received");
+                        _userIo.DisplayMessage("Bot: message received");
                         using (var ms = new MemoryStream(data))
                         {
                             input = (BotInputOutput)xs.Deserialize(ms);
                         }
                     }
                     catch (Exception ex)
                     {
-                        Console.WriteLine("Exception when reading the input " + ex.Message);
-                        Console.WriteLine("StackTrace:" + ex.StackTrace);
+                        _userIo.DisplayError("Exception when reading the input " + ex.Message);
+                        _userIo.DisplayStackTrace("StackTrace:" + ex.StackTrace);
                         return;
                     }
 
-
                     BotInputOutput output;
                     string order = GetItem(input, "Command");
                     try
@@ -90,11 +91,11 @@ public void Run(string pipeName)
                     catch (Exception ex)
                     {
                         output = ExceptionOutput("Exception during the job " + ex.Message, ex.StackTrace);
-                        Console.WriteLine("Exception:" + ex.Message);
-                        Console.WriteLine("StackTrace:" + ex.StackTrace);
+                        _userIo.DisplayMessage("Exception:" + ex.Message);
+                        _userIo.DisplayStackTrace("StackTrace:" + ex.StackTrace);
                     }
 
-                    Console.WriteLine("Writing data");
+                    _userIo.DisplayMessage("Writing data");
 
                     using (var ms = new MemoryStream())
                     using (XmlWriter writer = XmlWriter.Create(ms))
@@ -105,11 +106,11 @@ public void Run(string pipeName)
                         var t = BitConverter.GetBytes((int)ms.Length);
                         pipe.Write(t, 0, 4);
                         pipe.Write(buffer, 0, (int)ms.Length);
-                        Console.WriteLine("Bot: message sent");
+                        _userIo.DisplayMessage("Bot: message sent");
                     }
                 }
             }
-            Console.WriteLine("Exiting");
+            _userIo.DisplayMessage("Exiting");
         }
 
         private string GetItem(BotInputOutput input, string key)
@@ -181,8 +182,8 @@ private BotInputOutput RunHealthCheck(BotInputOutput input)
             }
             catch (Exception ex)
             {
-                Console.WriteLine("Exception:" + ex.Message);
-                Console.WriteLine("StackTrace:" + ex.StackTrace);
+                _userIo.DisplayError("Exception:" + ex.Message);
+                _userIo.DisplayStackTrace("StackTrace:" + ex.StackTrace);
                 return ExceptionOutput("Exception during the healthcheck " + ex.Message, ex.StackTrace);
             }
         }
@@ -195,9 +196,9 @@ private BotInputOutput ToHtml(BotInputOutput input)
                 using (var ms = new MemoryStream(UnicodeEncoding.UTF8.GetBytes(xml)))
                 {
                     HealthcheckData healthcheckData = DataHelper<HealthcheckData>.LoadXml(ms, "bot", null);
-                    var endUserReportGenerator = new ReportHealthCheckSingle();
                     var license = LicenseCache.Instance.GetLicense();
-                    var report = endUserReportGenerator.GenerateReportFile(healthcheckData, license, healthcheckData.GetHumanReadableFileName());
+                    var endUserReportGenerator = new ReportHealthCheckSingle(license);
+                    var report = endUserReportGenerator.GenerateReportFile(healthcheckData, healthcheckData.GetHumanReadableFileName());
 
                     var o = new BotInputOutput();
                     o.Data = new List<BotData>();
@@ -208,8 +209,8 @@ private BotInputOutput ToHtml(BotInputOutput input)
             }
             catch (Exception ex)
             {
-                Console.WriteLine("Exception:" + ex.Message);
-                Console.WriteLine("StackTrace:" + ex.StackTrace);
+                _userIo.DisplayError("Exception:" + ex.Message);
+                _userIo.DisplayStackTrace("StackTrace:" + ex.StackTrace);
                 return ExceptionOutput("Exception during the job " + ex.Message, ex.StackTrace);
             }
         }