3 * Unix SMB/Netbios implementation.
5 * RPC Pipe client / server routines
6 * Copyright (C) Andrew Tridgell 1992-1997,
7 * Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
8 * Copyright (C) Paul Ashton 1997.
9 * Copyright (C) Jeremy Allison 1998.
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
30 extern int DEBUGLEVEL;
31 extern DOM_SID global_sam_sid;
32 extern fstring global_sam_name;
33 extern DOM_SID global_member_sid;
34 extern fstring global_myworkgroup;
35 extern DOM_SID global_sid_S_1_5_20;
37 /***************************************************************************
38 lsa_reply_open_policy2
39 ***************************************************************************/
40 static void lsa_reply_open_policy2(prs_struct *rdata)
47 /* set up the LSA QUERY INFO response */
49 for (i = 4; i < POL_HND_SIZE; i++)
55 /* store the response in the SMB stream */
56 lsa_io_r_open_pol2("", &r_o, rdata, 0);
59 /***************************************************************************
61 ***************************************************************************/
62 static void lsa_reply_open_policy(prs_struct *rdata)
69 /* set up the LSA QUERY INFO response */
71 for (i = 4; i < POL_HND_SIZE; i++)
77 /* store the response in the SMB stream */
78 lsa_io_r_open_pol("", &r_o, rdata, 0);
81 /***************************************************************************
83 ***************************************************************************/
84 static void make_dom_query(DOM_QUERY *d_q, char *dom_name, DOM_SID *dom_sid)
87 int domlen = strlen(dom_name);
89 d_q->uni_dom_max_len = domlen * 2;
90 d_q->uni_dom_str_len = domlen * 2;
92 d_q->buffer_dom_name = domlen != 0 ? 1 : 0; /* domain buffer pointer */
93 d_q->buffer_dom_sid = dom_sid != NULL ? 1 : 0; /* domain sid pointer */
95 /* this string is supposed to be character short */
96 make_unistr2(&(d_q->uni_domain_name), dom_name, domlen);
98 sid_to_string(sid_str, dom_sid);
99 make_dom_sid2(&(d_q->dom_sid), dom_sid);
102 /***************************************************************************
104 ***************************************************************************/
105 static void lsa_reply_enum_trust_dom(LSA_Q_ENUM_TRUST_DOM *q_e,
107 uint32 enum_context, char *dom_name, DOM_SID *dom_sid)
109 LSA_R_ENUM_TRUST_DOM r_e;
113 /* set up the LSA QUERY INFO response */
114 make_r_enum_trust_dom(&r_e, enum_context, dom_name, dom_sid,
115 dom_name != NULL ? 0x0 : 0x80000000 | NT_STATUS_UNABLE_TO_FREE_VM);
117 /* store the response in the SMB stream */
118 lsa_io_r_enum_trust_dom("", &r_e, rdata, 0);
121 /***************************************************************************
123 ***************************************************************************/
124 static void lsa_reply_query_info(LSA_Q_QUERY_INFO *q_q, prs_struct *rdata,
125 char *dom_name, DOM_SID *dom_sid)
127 LSA_R_QUERY_INFO r_q;
131 /* set up the LSA QUERY INFO response */
133 r_q.undoc_buffer = 0x22000000; /* bizarre */
134 r_q.info_class = q_q->info_class;
136 make_dom_query(&r_q.dom.id5, dom_name, dom_sid);
140 /* store the response in the SMB stream */
141 lsa_io_r_query("", &r_q, rdata, 0);
145 /***************************************************************************
146 make_dom_ref - adds a domain if it's not already in, returns the index
147 ***************************************************************************/
148 static int make_dom_ref(DOM_R_REF *ref, char *dom_name, DOM_SID *dom_sid)
154 if (dom_name != NULL)
156 for (num = 0; num < ref->num_ref_doms_1; num++)
159 unistr2_to_ascii(domname, &ref->ref_dom[num].uni_dom_name, sizeof(domname)-1);
160 if (strequal(domname, dom_name))
169 num = ref->num_ref_doms_1;
172 if (num >= MAX_REF_DOMAINS)
174 /* index not found, already at maximum domain limit */
178 ref->num_ref_doms_1 = num+1;
179 ref->ptr_ref_dom = 1;
180 ref->max_entries = MAX_REF_DOMAINS;
181 ref->num_ref_doms_2 = num+1;
183 len = dom_name != NULL ? strlen(dom_name) : 0;
185 make_uni_hdr(&(ref->hdr_ref_dom[num].hdr_dom_name), len);
186 ref->hdr_ref_dom[num].ptr_dom_sid = dom_sid != NULL ? 1 : 0;
188 make_unistr2 (&(ref->ref_dom[num].uni_dom_name), dom_name, len);
189 make_dom_sid2(&(ref->ref_dom[num].ref_dom ), dom_sid );
194 /***************************************************************************
196 ***************************************************************************/
197 static void make_lsa_rid2s(DOM_R_REF *ref,
199 int num_entries, UNISTR2 name[MAX_LOOKUP_SIDS],
200 uint32 *mapped_count)
206 SMB_ASSERT(num_entries <= MAX_LOOKUP_SIDS);
208 for (i = 0; i < num_entries; i++)
213 uint32 rid = 0xffffffff;
216 char *dom_name = NULL;
217 uint8 sid_name_use = SID_NAME_UNKNOWN;
219 unistr2_to_ascii(find_name, &name[i], sizeof(find_name)-1);
220 dom_name = strdup(find_name);
222 if (map_domain_name_to_sid(&sid, &dom_name))
224 sid_name_use = SID_NAME_DOMAIN;
225 dom_idx = make_dom_ref(ref, dom_name, &find_sid);
228 if (lookup_name(find_name, &sid, &sid_name_use) == 0x0 &&
229 sid_split_rid(&sid, &rid))
231 if (map_domain_sid_to_name(&sid, find_name))
233 dom_idx = make_dom_ref(ref, find_name, &sid);
237 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
242 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
253 sid_name_use = SID_NAME_UNKNOWN;
256 make_dom_rid2(&rid2[total], rid, sid_name_use, dom_idx);
259 if (dom_name != NULL)
266 /***************************************************************************
267 make_reply_lookup_names
268 ***************************************************************************/
269 static void make_reply_lookup_names(LSA_R_LOOKUP_NAMES *r_l,
270 DOM_R_REF *ref, uint32 num_entries,
271 DOM_RID2 *rid2, uint32 mapped_count)
273 r_l->ptr_dom_ref = 1;
276 r_l->num_entries = num_entries;
277 r_l->ptr_entries = 1;
278 r_l->num_entries2 = num_entries;
281 r_l->mapped_count = mapped_count;
283 if (mapped_count == 0)
285 r_l->status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
293 /***************************************************************************
295 ***************************************************************************/
296 static void make_lsa_trans_names(DOM_R_REF *ref,
297 LSA_TRANS_NAME_ENUM *trn,
298 int num_entries, DOM_SID2 sid[MAX_LOOKUP_SIDS],
299 uint32 *mapped_count)
305 SMB_ASSERT(num_entries <= MAX_LOOKUP_SIDS);
307 for (i = 0; i < num_entries; i++)
310 DOM_SID find_sid = sid[i].sid;
311 DOM_SID tmp_sid = sid[i].sid;
312 uint32 rid = 0xffffffff;
316 uint8 sid_name_use = 0;
318 memset(dom_name, 0, sizeof(dom_name));
319 memset(name , 0, sizeof(name ));
321 if (map_domain_sid_to_name(&find_sid, dom_name))
323 sid_name_use = SID_NAME_DOMAIN;
324 dom_idx = make_dom_ref(ref, dom_name, &find_sid);
326 else if (sid_split_rid (&find_sid, &rid) &&
327 map_domain_sid_to_name(&find_sid, dom_name))
329 if (sid_equal(&find_sid, &global_sam_sid) ||
330 sid_equal(&find_sid, &global_sid_S_1_5_20))
332 status = lookup_sid(&tmp_sid, name, &sid_name_use);
336 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
341 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
344 dom_idx = make_dom_ref(ref, dom_name, &find_sid);
352 snprintf(name, sizeof(name), "%08x", rid);
353 sid_name_use = SID_NAME_UNKNOWN;
356 make_lsa_trans_name(&(trn->name [total]),
357 &(trn->uni_name[total]),
358 sid_name_use, name, dom_idx);
362 trn->num_entries = total;
363 trn->ptr_trans_names = 1;
364 trn->num_entries2 = total;
367 /***************************************************************************
368 make_reply_lookup_sids
369 ***************************************************************************/
370 static void make_reply_lookup_sids(LSA_R_LOOKUP_SIDS *r_l,
371 DOM_R_REF *ref, LSA_TRANS_NAME_ENUM *names,
374 r_l->ptr_dom_ref = 1;
377 r_l->mapped_count = mapped_count;
379 if (mapped_count == 0)
381 r_l->status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
389 /***************************************************************************
390 lsa_reply_lookup_sids
391 ***************************************************************************/
392 static void lsa_reply_lookup_sids(prs_struct *rdata,
393 DOM_SID2 *sid, int num_entries)
395 LSA_R_LOOKUP_SIDS r_l;
397 LSA_TRANS_NAME_ENUM names;
398 uint32 mapped_count = 0;
404 /* set up the LSA Lookup SIDs response */
405 make_lsa_trans_names(&ref, &names, num_entries, sid, &mapped_count);
406 make_reply_lookup_sids(&r_l, &ref, &names, mapped_count);
408 /* store the response in the SMB stream */
409 lsa_io_r_lookup_sids("", &r_l, rdata, 0);
412 /***************************************************************************
413 lsa_reply_lookup_names
414 ***************************************************************************/
415 static void lsa_reply_lookup_names(prs_struct *rdata,
416 UNISTR2 names[MAX_LOOKUP_SIDS], int num_entries)
418 LSA_R_LOOKUP_NAMES r_l;
420 DOM_RID2 rids[MAX_LOOKUP_SIDS];
421 uint32 mapped_count = 0;
427 /* set up the LSA Lookup RIDs response */
428 make_lsa_rid2s(&ref, rids, num_entries, names, &mapped_count);
429 make_reply_lookup_names(&r_l, &ref, num_entries, rids, mapped_count);
431 /* store the response in the SMB stream */
432 lsa_io_r_lookup_names("", &r_l, rdata, 0);
435 /***************************************************************************
437 ***************************************************************************/
438 static void api_lsa_open_policy2( uint16 vuid, prs_struct *data,
445 /* grab the server, object attributes and desired access flag...*/
446 lsa_io_q_open_pol2("", &q_o, data, 0);
448 /* lkclXXXX having decoded it, ignore all fields in the open policy! */
450 /* return a 20 byte policy handle */
451 lsa_reply_open_policy2(rdata);
454 /***************************************************************************
456 ***************************************************************************/
457 static void api_lsa_open_policy( uint16 vuid, prs_struct *data,
464 /* grab the server, object attributes and desired access flag...*/
465 lsa_io_q_open_pol("", &q_o, data, 0);
467 /* lkclXXXX having decoded it, ignore all fields in the open policy! */
469 /* return a 20 byte policy handle */
470 lsa_reply_open_policy(rdata);
473 /***************************************************************************
474 api_lsa_enum_trust_dom
475 ***************************************************************************/
476 static void api_lsa_enum_trust_dom( uint16 vuid, prs_struct *data,
479 LSA_Q_ENUM_TRUST_DOM q_e;
483 /* grab the enum trust domain context etc. */
484 lsa_io_q_enum_trust_dom("", &q_e, data, 0);
486 /* construct reply. return status is always 0x0 */
487 lsa_reply_enum_trust_dom(&q_e, rdata, 0, NULL, NULL);
490 /***************************************************************************
492 ***************************************************************************/
493 static void api_lsa_query_info( uint16 vuid, prs_struct *data,
496 LSA_Q_QUERY_INFO q_i;
499 memset(name, 0, sizeof(name));
503 /* grab the info class and policy handle */
504 lsa_io_q_query("", &q_i, data, 0);
506 switch (q_i.info_class)
510 fstrcpy(name, global_myworkgroup);
511 sid = &global_member_sid;
516 fstrcpy(name, global_sam_name);
517 sid = &global_sam_sid;
522 DEBUG(5,("unknown info level in Lsa Query: %d\n",
528 /* construct reply. return status is always 0x0 */
529 lsa_reply_query_info(&q_i, rdata, name, sid);
532 /***************************************************************************
534 ***************************************************************************/
535 static void api_lsa_lookup_sids( uint16 vuid, prs_struct *data,
538 LSA_Q_LOOKUP_SIDS q_l;
541 /* grab the info class and policy handle */
542 lsa_io_q_lookup_sids("", &q_l, data, 0);
544 /* construct reply. return status is always 0x0 */
545 lsa_reply_lookup_sids(rdata, q_l.sids.sid, q_l.sids.num_entries);
548 /***************************************************************************
550 ***************************************************************************/
551 static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
554 LSA_Q_LOOKUP_NAMES q_l;
557 /* grab the info class and policy handle */
558 lsa_io_q_lookup_names("", &q_l, data, 0);
560 SMB_ASSERT_ARRAY(q_l.uni_name, q_l.num_entries);
562 lsa_reply_lookup_names(rdata, q_l.uni_name, q_l.num_entries);
565 /***************************************************************************
567 ***************************************************************************/
568 static void api_lsa_close( uint16 vuid, prs_struct *data,
571 /* XXXX this is NOT good */
572 char *q = mem_data(&(rdata->data), rdata->offset);
590 /***************************************************************************
592 ***************************************************************************/
593 static void api_lsa_open_secret( uint16 vuid, prs_struct *data,
596 /* XXXX this is NOT good */
597 char *q = mem_data(&(rdata->data), rdata->offset);
609 SIVAL(q, 0, 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND);
615 /***************************************************************************
617 ***************************************************************************/
618 static struct api_struct api_lsa_cmds[] =
620 { "LSA_OPENPOLICY2" , LSA_OPENPOLICY2 , api_lsa_open_policy2 },
621 { "LSA_OPENPOLICY" , LSA_OPENPOLICY , api_lsa_open_policy },
622 { "LSA_QUERYINFOPOLICY" , LSA_QUERYINFOPOLICY , api_lsa_query_info },
623 { "LSA_ENUMTRUSTDOM" , LSA_ENUMTRUSTDOM , api_lsa_enum_trust_dom },
624 { "LSA_CLOSE" , LSA_CLOSE , api_lsa_close },
625 { "LSA_OPENSECRET" , LSA_OPENSECRET , api_lsa_open_secret },
626 { "LSA_LOOKUPSIDS" , LSA_LOOKUPSIDS , api_lsa_lookup_sids },
627 { "LSA_LOOKUPNAMES" , LSA_LOOKUPNAMES , api_lsa_lookup_names },
631 /***************************************************************************
633 ***************************************************************************/
634 BOOL api_ntlsa_rpc(pipes_struct *p, prs_struct *data)
636 return api_rpcTNP(p, "api_ntlsa_rpc", api_lsa_cmds, data);