3 * Unix SMB/Netbios implementation.
5 * RPC Pipe client / server routines
6 * Copyright (C) Andrew Tridgell 1992-1997,
7 * Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
8 * Copyright (C) Paul Ashton 1997.
9 * Copyright (C) Jeremy Allison 1998.
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
28 extern int DEBUGLEVEL;
29 extern DOM_SID global_sam_sid;
30 extern fstring global_myworkgroup;
31 extern pstring global_myname;
33 /***************************************************************************
34 lsa_reply_open_policy2
35 ***************************************************************************/
37 static BOOL lsa_reply_open_policy2(prs_struct *rdata)
44 /* set up the LSA QUERY INFO response */
46 for (i = 4; i < POL_HND_SIZE; i++)
50 /* store the response in the SMB stream */
51 if(!lsa_io_r_open_pol2("", &r_o, rdata, 0)) {
52 DEBUG(0,("lsa_reply_open_policy2: unable to marshall LSA_R_OPEN_POL2.\n"));
59 /***************************************************************************
61 ***************************************************************************/
63 static BOOL lsa_reply_open_policy(prs_struct *rdata)
70 /* set up the LSA QUERY INFO response */
72 for (i = 4; i < POL_HND_SIZE; i++)
76 /* store the response in the SMB stream */
77 if(!lsa_io_r_open_pol("", &r_o, rdata, 0)) {
78 DEBUG(0,("lsa_reply_open_policy: unable to marshall LSA_R_OPEN_POL.\n"));
85 /***************************************************************************
87 ***************************************************************************/
89 static void init_dom_query(DOM_QUERY *d_q, char *dom_name, DOM_SID *dom_sid)
91 int domlen = (dom_name != NULL) ? strlen(dom_name) : 0;
93 d_q->uni_dom_max_len = domlen * 2;
94 d_q->uni_dom_str_len = domlen * 2;
96 d_q->buffer_dom_name = dom_name ? 1 : 0;
97 d_q->buffer_dom_sid = dom_sid ? 1 : 0;
99 /* this string is supposed to be character short */
100 init_unistr2(&d_q->uni_domain_name, dom_name, domlen);
102 init_dom_sid2(&d_q->dom_sid, dom_sid);
105 /***************************************************************************
106 lsa_reply_enum_trust_dom
107 ***************************************************************************/
109 static void lsa_reply_enum_trust_dom(LSA_Q_ENUM_TRUST_DOM *q_e,
111 uint32 enum_context, char *dom_name, DOM_SID *dom_sid)
113 LSA_R_ENUM_TRUST_DOM r_e;
117 /* set up the LSA QUERY INFO response */
118 init_r_enum_trust_dom(&r_e, enum_context, dom_name, dom_sid,
119 dom_name != NULL ? 0x0 : 0x80000000 | NT_STATUS_UNABLE_TO_FREE_VM);
121 /* store the response in the SMB stream */
122 lsa_io_r_enum_trust_dom("", &r_e, rdata, 0);
125 /***************************************************************************
127 ***************************************************************************/
129 static BOOL lsa_reply_query_info(LSA_Q_QUERY_INFO *q_q, prs_struct *rdata, LSA_R_QUERY_INFO *r_q)
131 /* set up the LSA QUERY INFO response */
133 if(r_q->status == 0) {
134 r_q->undoc_buffer = 0x22000000; /* bizarre */
135 r_q->info_class = q_q->info_class;
138 /* store the response in the SMB stream */
139 if(!lsa_io_r_query("", r_q, rdata, 0)) {
140 DEBUG(0,("lsa_reply_query_info: failed to marshall LSA_R_QUERY_INFO.\n"));
147 /***************************************************************************
148 init_dom_ref - adds a domain if it's not already in, returns the index.
149 ***************************************************************************/
151 static int init_dom_ref(DOM_R_REF *ref, char *dom_name, DOM_SID *dom_sid)
156 if (dom_name != NULL) {
157 for (num = 0; num < ref->num_ref_doms_1; num++) {
159 fstrcpy(domname, dos_unistr2_to_str(&ref->ref_dom[num].uni_dom_name));
160 if (strequal(domname, dom_name))
164 num = ref->num_ref_doms_1;
167 if (num >= MAX_REF_DOMAINS) {
168 /* index not found, already at maximum domain limit */
172 ref->num_ref_doms_1 = num+1;
173 ref->ptr_ref_dom = 1;
174 ref->max_entries = MAX_REF_DOMAINS;
175 ref->num_ref_doms_2 = num+1;
177 len = (dom_name != NULL) ? strlen(dom_name) : 0;
178 if(dom_name != NULL && len == 0)
181 init_uni_hdr(&ref->hdr_ref_dom[num].hdr_dom_name, len);
182 ref->hdr_ref_dom[num].ptr_dom_sid = dom_sid != NULL ? 1 : 0;
184 init_unistr2(&ref->ref_dom[num].uni_dom_name, dom_name, len);
185 init_dom_sid2(&ref->ref_dom[num].ref_dom, dom_sid );
190 /***************************************************************************
192 ***************************************************************************/
194 static void init_lsa_rid2s(DOM_R_REF *ref, DOM_RID2 *rid2,
195 int num_entries, UNISTR2 name[MAX_LOOKUP_SIDS],
196 uint32 *mapped_count)
202 SMB_ASSERT(num_entries <= MAX_LOOKUP_SIDS);
204 for (i = 0; i < num_entries; i++) {
207 uint32 rid = 0xffffffff;
210 fstring dom_name, user;
211 enum SID_NAME_USE name_type = SID_NAME_UNKNOWN;
213 /* Split name into domain and user component */
215 pstrcpy(full_name, dos_unistr2_to_str(&name[i]));
216 split_domain_name(full_name, dom_name, user);
220 DEBUG(5, ("init_lsa_rid2s: looking up name %s\n", full_name));
222 status = lookup_name(full_name, &sid, &name_type);
224 DEBUG(5, ("init_lsa_rid2s: %s\n", status ? "found" :
228 sid_split_rid(&sid, &rid);
229 dom_idx = init_dom_ref(ref, dom_name, &sid);
234 name_type = SID_NAME_UNKNOWN;
237 init_dom_rid2(&rid2[total], rid, name_type, dom_idx);
242 /***************************************************************************
243 init_reply_lookup_names
244 ***************************************************************************/
246 static void init_reply_lookup_names(LSA_R_LOOKUP_NAMES *r_l,
247 DOM_R_REF *ref, uint32 num_entries,
248 DOM_RID2 *rid2, uint32 mapped_count)
250 r_l->ptr_dom_ref = 1;
253 r_l->num_entries = num_entries;
254 r_l->ptr_entries = 1;
255 r_l->num_entries2 = num_entries;
258 r_l->mapped_count = mapped_count;
260 if (mapped_count == 0)
261 r_l->status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
266 /***************************************************************************
267 Init lsa_trans_names.
268 ***************************************************************************/
270 static void init_lsa_trans_names(TALLOC_CTX *ctx, DOM_R_REF *ref, LSA_TRANS_NAME_ENUM *trn,
271 int num_entries, DOM_SID2 *sid,
272 uint32 *mapped_count)
278 /* Allocate memory for list of names */
280 if (num_entries > 0) {
281 if (!(trn->name = (LSA_TRANS_NAME *)talloc(ctx, sizeof(LSA_TRANS_NAME) *
283 DEBUG(0, ("init_lsa_trans_names(): out of memory\n"));
287 if (!(trn->uni_name = (UNISTR2 *)talloc(ctx, sizeof(UNISTR2) *
289 DEBUG(0, ("init_lsa_trans_names(): out of memory\n"));
294 for (i = 0; i < num_entries; i++) {
296 DOM_SID find_sid = sid[i].sid;
297 uint32 rid = 0xffffffff;
299 fstring name, dom_name;
300 enum SID_NAME_USE sid_name_use = (enum SID_NAME_USE)0;
302 sid_to_string(name, &find_sid);
303 DEBUG(5, ("init_lsa_trans_names: looking up sid %s\n", name));
305 /* Lookup sid from winbindd */
307 memset(dom_name, '\0', sizeof(dom_name));
308 memset(name, '\0', sizeof(name));
310 status = lookup_sid(&find_sid, dom_name, name, &sid_name_use);
312 DEBUG(5, ("init_lsa_trans_names: %s\n", status ? "found" :
316 sid_name_use = SID_NAME_UNKNOWN;
319 /* Store domain sid in ref array */
321 if (find_sid.num_auths == 5) {
322 sid_split_rid(&find_sid, &rid);
325 dom_idx = init_dom_ref(ref, dom_name, &find_sid);
327 DEBUG(10,("init_lsa_trans_names: added user '%s\\%s' to "
328 "referenced list.\n", dom_name, name ));
332 init_lsa_trans_name(&trn->name[total], &trn->uni_name[total],
333 sid_name_use, name, dom_idx);
337 trn->num_entries = total;
338 trn->ptr_trans_names = 1;
339 trn->num_entries2 = total;
342 /***************************************************************************
343 Init_reply_lookup_sids.
344 ***************************************************************************/
346 static void init_reply_lookup_sids(LSA_R_LOOKUP_SIDS *r_l,
347 DOM_R_REF *ref, LSA_TRANS_NAME_ENUM *names,
350 r_l->ptr_dom_ref = 1;
353 r_l->mapped_count = mapped_count;
355 if (mapped_count == 0)
356 r_l->status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
361 /***************************************************************************
362 lsa_reply_lookup_sids
363 ***************************************************************************/
365 static BOOL lsa_reply_lookup_sids(prs_struct *rdata, DOM_SID2 *sid, int num_entries)
367 LSA_R_LOOKUP_SIDS r_l;
369 LSA_TRANS_NAME_ENUM names;
370 uint32 mapped_count = 0;
371 TALLOC_CTX *ctx = talloc_init();
377 /* set up the LSA Lookup SIDs response */
378 init_lsa_trans_names(ctx, &ref, &names, num_entries, sid, &mapped_count);
379 init_reply_lookup_sids(&r_l, &ref, &names, mapped_count);
381 /* store the response in the SMB stream */
382 if(!lsa_io_r_lookup_sids("", &r_l, rdata, 0)) {
383 DEBUG(0,("lsa_reply_lookup_sids: Failed to marshall LSA_R_LOOKUP_SIDS.\n"));
392 /***************************************************************************
393 lsa_reply_lookup_names
394 ***************************************************************************/
396 static BOOL lsa_reply_lookup_names(prs_struct *rdata, UNISTR2 *names,
399 LSA_R_LOOKUP_NAMES r_l;
401 DOM_RID2 rids[MAX_LOOKUP_SIDS];
402 uint32 mapped_count = 0;
409 /* set up the LSA Lookup RIDs response */
410 init_lsa_rid2s(&ref, rids, num_entries, names, &mapped_count);
411 init_reply_lookup_names(&r_l, &ref, num_entries, rids, mapped_count);
413 /* store the response in the SMB stream */
414 if(!lsa_io_r_lookup_names("", &r_l, rdata, 0)) {
415 DEBUG(0,("lsa_reply_lookup_names: Failed to marshall LSA_R_LOOKUP_NAMES.\n"));
422 /***************************************************************************
424 ***************************************************************************/
426 static BOOL api_lsa_open_policy2(pipes_struct *p)
428 prs_struct *data = &p->in_data.data;
429 prs_struct *rdata = &p->out_data.rdata;
435 /* grab the server, object attributes and desired access flag...*/
436 if(!lsa_io_q_open_pol2("", &q_o, data, 0)) {
437 DEBUG(0,("api_lsa_open_policy2: unable to unmarshall LSA_Q_OPEN_POL2.\n"));
441 /* lkclXXXX having decoded it, ignore all fields in the open policy! */
443 /* return a 20 byte policy handle */
444 if(!lsa_reply_open_policy2(rdata))
450 /***************************************************************************
452 ***************************************************************************/
453 static BOOL api_lsa_open_policy(pipes_struct *p)
455 prs_struct *data = &p->in_data.data;
456 prs_struct *rdata = &p->out_data.rdata;
462 /* grab the server, object attributes and desired access flag...*/
463 if(!lsa_io_q_open_pol("", &q_o, data, 0)) {
464 DEBUG(0,("api_lsa_open_policy: unable to unmarshall LSA_Q_OPEN_POL.\n"));
468 /* lkclXXXX having decoded it, ignore all fields in the open policy! */
470 /* return a 20 byte policy handle */
471 if(!lsa_reply_open_policy(rdata))
477 /***************************************************************************
478 api_lsa_enum_trust_dom
479 ***************************************************************************/
480 static BOOL api_lsa_enum_trust_dom(pipes_struct *p)
482 LSA_Q_ENUM_TRUST_DOM q_e;
483 prs_struct *data = &p->in_data.data;
484 prs_struct *rdata = &p->out_data.rdata;
488 /* grab the enum trust domain context etc. */
489 if(!lsa_io_q_enum_trust_dom("", &q_e, data, 0))
492 /* construct reply. return status is always 0x0 */
493 lsa_reply_enum_trust_dom(&q_e, rdata, 0, NULL, NULL);
498 /***************************************************************************
500 ***************************************************************************/
501 static BOOL api_lsa_query_info(pipes_struct *p)
503 LSA_Q_QUERY_INFO q_i;
504 LSA_R_QUERY_INFO r_q;
505 LSA_INFO_UNION *info = &r_q.dom;
509 prs_struct *data = &p->in_data.data;
510 prs_struct *rdata = &p->out_data.rdata;
515 /* grab the info class and policy handle */
516 if(!lsa_io_q_query("", &q_i, data, 0)) {
517 DEBUG(0,("api_lsa_query_info: failed to unmarshall LSA_Q_QUERY_INFO.\n"));
521 switch (q_i.info_class) {
525 /* fake info: We audit everything. ;) */
526 info->id2.auditing_enabled = 1;
527 info->id2.count1 = 7;
528 info->id2.count2 = 7;
529 if ((info->id2.auditsettings = (uint32 *)talloc(prs_get_mem_context(rdata),7*sizeof(uint32))) == NULL)
531 for (i = 0; i < 7; i++)
532 info->id2.auditsettings[i] = 3;
536 switch (lp_server_role())
538 case ROLE_DOMAIN_PDC:
539 case ROLE_DOMAIN_BDC:
540 name = global_myworkgroup;
541 sid = &global_sam_sid;
543 case ROLE_DOMAIN_MEMBER:
544 if (secrets_fetch_domain_sid(global_myworkgroup,
547 name = global_myworkgroup;
553 init_dom_query(&r_q.dom.id3, name, sid);
556 name = global_myname;
557 sid = &global_sam_sid;
558 init_dom_query(&r_q.dom.id5, name, sid);
561 switch (lp_server_role())
563 case ROLE_DOMAIN_BDC:
565 * only a BDC is a backup controller
566 * of the domain, it controls.
568 info->id6.server_role = 2;
572 * any other role is a primary
573 * of the domain, it controls.
575 info->id6.server_role = 3;
580 DEBUG(0,("api_lsa_query_info: unknown info level in Lsa Query: %d\n", q_i.info_class));
581 r_q.status = (NT_STATUS_INVALID_INFO_CLASS | 0xC0000000);
585 /* construct reply. return status is always 0x0 */
586 if(!lsa_reply_query_info(&q_i, rdata, &r_q))
592 /***************************************************************************
594 ***************************************************************************/
596 static BOOL api_lsa_lookup_sids(pipes_struct *p)
598 LSA_Q_LOOKUP_SIDS q_l;
599 prs_struct *data = &p->in_data.data;
600 prs_struct *rdata = &p->out_data.rdata;
605 /* grab the info class and policy handle */
606 if(!lsa_io_q_lookup_sids("", &q_l, data, 0)) {
607 DEBUG(0,("api_lsa_lookup_sids: failed to unmarshall LSA_Q_LOOKUP_SIDS.\n"));
611 /* construct reply. return status is always 0x0 */
612 if(!lsa_reply_lookup_sids(rdata, q_l.sids.sid, q_l.sids.num_entries)) {
619 /***************************************************************************
621 ***************************************************************************/
623 static BOOL api_lsa_lookup_names(pipes_struct *p)
625 LSA_Q_LOOKUP_NAMES q_l;
626 prs_struct *data = &p->in_data.data;
627 prs_struct *rdata = &p->out_data.rdata;
631 /* grab the info class and policy handle */
632 if(!lsa_io_q_lookup_names("", &q_l, data, 0)) {
633 DEBUG(0,("api_lsa_lookup_names: failed to unmarshall LSA_Q_LOOKUP_NAMES.\n"));
637 return lsa_reply_lookup_names(rdata, q_l.uni_name, q_l.num_entries);
640 /***************************************************************************
642 ***************************************************************************/
643 static BOOL api_lsa_close(pipes_struct *p)
646 prs_struct *rdata = &p->out_data.rdata;
650 /* store the response in the SMB stream */
651 if (!lsa_io_r_close("", &r_c, rdata, 0)) {
652 DEBUG(0,("api_lsa_close: lsa_io_r_close failed.\n"));
659 /***************************************************************************
661 ***************************************************************************/
662 static BOOL api_lsa_open_secret(pipes_struct *p)
664 /* XXXX this is NOT good */
667 prs_struct *rdata = &p->out_data.rdata;
669 for(i =0; i < 4; i++) {
670 if(!prs_uint32("api_lsa_close", rdata, 1, &dummy)) {
671 DEBUG(0,("api_lsa_open_secret: prs_uint32 %d failed.\n",
677 dummy = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
678 if(!prs_uint32("api_lsa_close", rdata, 1, &dummy)) {
679 DEBUG(0,("api_lsa_open_secret: prs_uint32 status failed.\n"));
686 /***************************************************************************
688 ***************************************************************************/
689 static struct api_struct api_lsa_cmds[] =
691 { "LSA_OPENPOLICY2" , LSA_OPENPOLICY2 , api_lsa_open_policy2 },
692 { "LSA_OPENPOLICY" , LSA_OPENPOLICY , api_lsa_open_policy },
693 { "LSA_QUERYINFOPOLICY" , LSA_QUERYINFOPOLICY , api_lsa_query_info },
694 { "LSA_ENUMTRUSTDOM" , LSA_ENUMTRUSTDOM , api_lsa_enum_trust_dom },
695 { "LSA_CLOSE" , LSA_CLOSE , api_lsa_close },
696 { "LSA_OPENSECRET" , LSA_OPENSECRET , api_lsa_open_secret },
697 { "LSA_LOOKUPSIDS" , LSA_LOOKUPSIDS , api_lsa_lookup_sids },
698 { "LSA_LOOKUPNAMES" , LSA_LOOKUPNAMES , api_lsa_lookup_names },
702 /***************************************************************************
704 ***************************************************************************/
705 BOOL api_ntlsa_rpc(pipes_struct *p)
707 return api_rpcTNP(p, "api_ntlsa_rpc", api_lsa_cmds);