2 * Unix SMB/Netbios implementation.
4 * RPC Pipe client / server routines
5 * Copyright (C) Andrew Tridgell 1992-1997,
6 * Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
7 * Copyright (C) Paul Ashton 1997.
8 * Copyright (C) Jeremy Allison 1999.
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
27 extern int DEBUGLEVEL;
29 /****************************************************************************
31 ****************************************************************************/
33 BOOL do_lsa_open_policy(struct cli_state *cli,
34 char *system_name, POLICY_HND *hnd,
46 prs_init(&buf, MAX_PDU_FRAG_LEN, cli->mem_ctx, MARSHALL);
47 prs_init(&rbuf, 0, cli->mem_ctx, UNMARSHALL );
49 /* create and send a MSRPC command with api LSA_OPENPOLICY */
51 DEBUG(4,("LSA Open Policy\n"));
53 /* store the parameters */
55 init_lsa_sec_qos(&qos, 2, 1, 0, 0x20000000);
56 init_q_open_pol(&q_o, 0x5c, 0, 0, &qos);
58 init_q_open_pol(&q_o, 0x5c, 0, 0x1, NULL);
61 /* turn parameters into data stream */
62 if(!lsa_io_q_open_pol("", &q_o, &buf, 0)) {
68 /* send the data on \PIPE\ */
69 if (!rpc_api_pipe_req(cli, LSA_OPENPOLICY, &buf, &rbuf)) {
77 if(!lsa_io_r_open_pol("", &r_o, &rbuf, 0)) {
78 DEBUG(0,("do_lsa_open_policy: Failed to unmarshall LSA_R_OPEN_POL\n"));
83 if (r_o.status != 0) {
84 /* report error code */
85 DEBUG(0,("LSA_OPENPOLICY: %s\n", get_nt_error_msg(r_o.status)));
89 /* ok, at last: we're happy. return the policy handle */
98 /****************************************************************************
99 do a LSA Query Info Policy
100 ****************************************************************************/
101 BOOL do_lsa_query_info_pol(struct cli_state *cli,
102 POLICY_HND *hnd, uint16 info_class,
103 fstring domain_name, DOM_SID *domain_sid)
107 LSA_Q_QUERY_INFO q_q;
108 LSA_R_QUERY_INFO r_q;
111 ZERO_STRUCTP(domain_sid);
114 if (hnd == NULL || domain_name == NULL || domain_sid == NULL)
117 prs_init(&buf, MAX_PDU_FRAG_LEN, cli->mem_ctx, MARSHALL);
118 prs_init(&rbuf, 0, cli->mem_ctx, UNMARSHALL );
120 /* create and send a MSRPC command with api LSA_QUERYINFOPOLICY */
122 DEBUG(4,("LSA Query Info Policy\n"));
124 /* store the parameters */
125 init_q_query(&q_q, hnd, info_class);
127 /* turn parameters into data stream */
128 if(!lsa_io_q_query("", &q_q, &buf, 0)) {
134 /* send the data on \PIPE\ */
135 if (!rpc_api_pipe_req(cli, LSA_QUERYINFOPOLICY, &buf, &rbuf)) {
143 if(!lsa_io_r_query("", &r_q, &rbuf, 0)) {
148 if (r_q.status != 0) {
149 /* report error code */
150 DEBUG(0,("LSA_QUERYINFOPOLICY: %s\n", get_nt_error_msg(r_q.status)));
155 if (r_q.info_class != q_q.info_class) {
156 /* report different info classes */
157 DEBUG(0,("LSA_QUERYINFOPOLICY: error info_class (q,r) differ - (%x,%x)\n",
158 q_q.info_class, r_q.info_class));
163 /* ok, at last: we're happy. */
164 switch (r_q.info_class) {
166 if (r_q.dom.id3.buffer_dom_name != 0) {
167 rpcstr_pull(domain_name, r_q.dom.id3.uni_domain_name.buffer, sizeof(domain_name), r_q.dom.id3.uni_domain_name.uni_str_len*2, 0);
169 if (r_q.dom.id3.buffer_dom_sid != 0)
170 *domain_sid = r_q.dom.id3.dom_sid.sid;
173 if (r_q.dom.id5.buffer_dom_name != 0) {
174 rpcstr_pull(domain_name, r_q.dom.id5.uni_domain_name.buffer, sizeof(domain_name), r_q.dom.id5.uni_domain_name.uni_str_len*2, 0);
176 if (r_q.dom.id5.buffer_dom_sid != 0)
177 *domain_sid = r_q.dom.id5.dom_sid.sid;
180 DEBUG(3,("LSA_QUERYINFOPOLICY: unknown info class\n"));
187 sid_to_string(sid_str, domain_sid);
188 DEBUG(3,("LSA_QUERYINFOPOLICY (level %x): domain:%s domain sid:%s\n",
189 r_q.info_class, domain_name, sid_str));
196 /****************************************************************************
198 ****************************************************************************/
200 BOOL do_lsa_close(struct cli_state *cli, POLICY_HND *hnd)
210 /* create and send a MSRPC command with api LSA_OPENPOLICY */
212 prs_init(&buf, MAX_PDU_FRAG_LEN, cli->mem_ctx, MARSHALL);
213 prs_init(&rbuf, 0, cli->mem_ctx, UNMARSHALL );
215 DEBUG(4,("LSA Close\n"));
217 /* store the parameters */
218 init_lsa_q_close(&q_c, hnd);
220 /* turn parameters into data stream */
221 if(!lsa_io_q_close("", &q_c, &buf, 0)) {
227 /* send the data on \PIPE\ */
228 if (!rpc_api_pipe_req(cli, LSA_CLOSE, &buf, &rbuf)) {
236 if(!lsa_io_r_close("", &r_c, &rbuf, 0)) {
241 if (r_c.status != 0) {
242 /* report error code */
243 DEBUG(0,("LSA_CLOSE: %s\n", get_nt_error_msg(r_c.status)));
248 /* check that the returned policy handle is all zeros */
250 if (IVAL(&r_c.pol.data1,0) || IVAL(&r_c.pol.data2,0) || SVAL(&r_c.pol.data3,0) ||
251 SVAL(&r_c.pol.data4,0) || IVAL(r_c.pol.data5,0) || IVAL(r_c.pol.data5,4) ) {
252 DEBUG(0,("LSA_CLOSE: non-zero handle returned\n"));
262 /****************************************************************************
263 obtain a server's SAM SID and save it in the secrets database
264 ****************************************************************************/
266 BOOL cli_lsa_get_domain_sid(struct cli_state *cli, char *server)
271 BOOL res, res2, res3;
273 res = cli_nt_session_open(cli, PIPE_LSARPC);
274 res2 = res ? do_lsa_open_policy(cli, server, &pol, 0) : False;
275 res3 = res2 ? do_lsa_query_info_pol(cli, &pol, 5, domain, &sid) : False;
277 res3 = res3 ? secrets_store_domain_sid(domain, &sid) : False;
279 res2 = res2 ? do_lsa_close(cli, &pol) : False;
280 cli_nt_session_close(cli);
285 /****************************************************************************
287 ****************************************************************************/
288 uint32 lsa_open_policy(const char *system_name, POLICY_HND *hnd,
289 BOOL sec_qos, uint32 des_access)
295 struct cli_connection *con = NULL;
296 uint32 result = NT_STATUS_UNSUCCESSFUL;
298 if (!cli_connection_init(system_name, PIPE_LSARPC, &con)) {
299 return NT_STATUS_UNSUCCESSFUL;
302 if (hnd == NULL) return NT_STATUS_UNSUCCESSFUL;
304 prs_init(&buf, MAX_PDU_FRAG_LEN, NULL, MARSHALL);
305 prs_init(&rbuf, 0, NULL, UNMARSHALL);
307 /* create and send a MSRPC command with api LSA_OPENPOLICY */
309 DEBUG(4, ("LSA Open Policy\n"));
311 /* store the parameters */
313 init_lsa_sec_qos(&qos, 2, 1, 0, des_access);
314 init_q_open_pol(&q_o, '\\', 0, des_access, &qos);
316 init_q_open_pol(&q_o, '\\', 0, des_access, NULL);
319 /* turn parameters into data stream */
320 if (lsa_io_q_open_pol("", &q_o, &buf, 0) &&
321 rpc_con_pipe_req(con, LSA_OPENPOLICY, &buf, &rbuf)) {
325 lsa_io_r_open_pol("", &r_o, &rbuf, 0);
326 p = rbuf.data_offset != 0;
330 if (p && r_o.status != 0) {
331 /* report error code */
333 ("LSA_OPENPOLICY: %s\n",
334 get_nt_error_msg(r_o.status)));
340 /* Return the policy handle */
344 if (!RpcHndList_set_connection(hnd, con)) {
345 result = NT_STATUS_NO_MEMORY;
356 /****************************************************************************
358 ****************************************************************************/
359 uint32 lsa_close(POLICY_HND *hnd)
364 uint32 result = NT_STATUS_UNSUCCESSFUL;
366 if (hnd == NULL) return False;
368 /* Create and send a MSRPC command with api LSA_OPENPOLICY */
370 prs_init(&buf, MAX_PDU_FRAG_LEN, NULL, MARSHALL);
371 prs_init(&rbuf, 0, NULL, UNMARSHALL);
373 DEBUG(4, ("LSA Close\n"));
375 /* Store the parameters */
377 init_lsa_q_close(&q_c, hnd);
379 /* Turn parameters into data stream */
381 if (lsa_io_q_close("", &q_c, &buf, 0) &&
382 rpc_hnd_pipe_req(hnd, LSA_CLOSE, &buf, &rbuf)) {
386 lsa_io_r_close("", &r_c, &rbuf, 0);
387 p = rbuf.data_offset != 0;
390 if (p && r_c.status != 0) {
392 /* Report error code */
394 DEBUG(0, ("LSA_CLOSE: %s\n",
395 get_nt_error_msg(r_c.status)));
408 /****************************************************************************
410 ****************************************************************************/
411 uint32 lsa_lookup_sids(POLICY_HND *hnd, int num_sids, DOM_SID *sids,
412 char ***names, uint32 **types, int *num_names)
416 LSA_Q_LOOKUP_SIDS q_l;
417 TALLOC_CTX *ctx = talloc_init();
418 uint32 result = NT_STATUS_UNSUCCESSFUL;
422 if (hnd == NULL || num_sids == 0 || sids == NULL) return False;
424 if (num_names != NULL) {
436 prs_init(&buf, MAX_PDU_FRAG_LEN, ctx, MARSHALL);
437 prs_init(&rbuf, 0, ctx, UNMARSHALL);
439 /* Create and send a MSRPC command with api LSA_LOOKUP_SIDS */
441 DEBUG(4, ("LSA Lookup SIDs\n"));
443 /* Store the parameters */
445 init_q_lookup_sids(ctx, &q_l, hnd, num_sids, sids, 1);
447 /* turn parameters into data stream */
448 if (lsa_io_q_lookup_sids("", &q_l, &buf, 0) &&
449 rpc_hnd_pipe_req(hnd, LSA_LOOKUPSIDS, &buf, &rbuf)) {
450 LSA_R_LOOKUP_SIDS r_l;
452 LSA_TRANS_NAME_ENUM t_names;
453 BOOL p, valid_response = False;
456 r_l.names = &t_names;
458 lsa_io_r_lookup_sids("", &r_l, &rbuf, 0);
459 p = rbuf.data_offset != 0;
462 if (p && r_l.status != 0 &&
463 r_l.status != 0x107 &&
464 r_l.status != (0xC0000000 | NT_STATUS_NONE_MAPPED)) {
466 /* Report error code */
468 DEBUG(1, ("LSA_LOOKUP_SIDS: %s\n",
469 get_nt_error_msg(r_l.status)));
474 result = NT_STATUS_OK;
477 if (t_names.ptr_trans_names != 0
478 && r_l.ptr_dom_ref != 0) {
479 valid_response = True;
483 if (num_names != NULL && valid_response) {
484 (*num_names) = t_names.num_entries;
487 if (valid_response) {
490 for (i = 0; i < t_names.num_entries; i++) {
491 if ((t_names.name[i].domain_idx >=
493 && (t_names.name[i].domain_idx !=
496 ("LSA_LOOKUP_SIDS: domain index out of bounds\n"));
497 valid_response = False;
503 if (types != NULL && valid_response && (*num_names) != 0) {
504 (*types) = (uint32 *) malloc((*num_names) *
508 if (names != NULL && valid_response && (*num_names) != 0) {
509 (*names) = (char **)malloc((*num_names) *
513 if (names != NULL && (*names) != NULL) {
516 /* Take each name, construct a \DOMAIN\name string */
518 for (i = 0; i < (*num_names); i++) {
522 uint32 dom_idx = t_names.name[i].domain_idx;
524 if (dom_idx != 0xffffffff) {
525 unistr2_to_ascii(dom_name,
531 unistr2_to_ascii(name,
532 &t_names.uni_name[i],
539 sizeof(full_name) - 1,
540 "%s\\%s", dom_name, name);
542 (*names)[i] = strdup(full_name);
545 (*types)[i] = t_names.name[i].sid_name_use;
551 (*types)[i] = SID_NAME_UNKNOWN;
564 /****************************************************************************
565 do a LSA Lookup Names
566 ****************************************************************************/
567 uint32 lsa_lookup_names(POLICY_HND *hnd, int num_names, char **names,
568 DOM_SID **sids, uint32 **types, int *num_sids)
572 LSA_Q_LOOKUP_NAMES q_l;
573 BOOL valid_response = False;
574 TALLOC_CTX *ctx = talloc_init();
575 uint32 result = NT_STATUS_UNSUCCESSFUL;
577 if (hnd == NULL || num_sids == 0 || sids == NULL) return False;
579 prs_init(&buf, MAX_PDU_FRAG_LEN, ctx, MARSHALL);
580 prs_init(&rbuf, 0, ctx, UNMARSHALL);
582 /* create and send a MSRPC command with api LSA_LOOKUP_NAMES */
584 DEBUG(4, ("LSA Lookup NAMEs\n"));
586 /* store the parameters */
587 init_q_lookup_names(ctx, &q_l, hnd, num_names, names);
589 /* turn parameters into data stream */
590 if (lsa_io_q_lookup_names("", &q_l, &buf, 0) &&
591 rpc_hnd_pipe_req(hnd, LSA_LOOKUPNAMES, &buf, &rbuf)) {
592 LSA_R_LOOKUP_NAMES r_l;
594 DOM_RID2 t_rids[MAX_LOOKUP_SIDS];
601 r_l.dom_rid = t_rids;
603 lsa_io_r_lookup_names("", &r_l, &rbuf, 0);
604 p = rbuf.data_offset != 0;
606 if (p && r_l.status != 0) {
607 /* report error code */
609 ("LSA_LOOKUP_NAMES: %s\n",
610 get_nt_error_msg(r_l.status)));
619 if (r_l.ptr_dom_ref != 0 && r_l.ptr_entries != 0) {
620 valid_response = True;
624 if (num_sids != NULL && valid_response) {
625 (*num_sids) = r_l.num_entries;
628 if (valid_response) {
631 for (i = 0; i < r_l.num_entries; i++) {
632 if (t_rids[i].rid_idx >= ref.num_ref_doms_1 &&
633 t_rids[i].rid_idx != 0xffffffff) {
635 ("LSA_LOOKUP_NAMES: domain index %d out of bounds\n",
637 valid_response = False;
643 if (types != NULL && valid_response && r_l.num_entries != 0) {
644 (*types) = (uint32 *) malloc((*num_sids) *
648 if (sids != NULL && valid_response && r_l.num_entries != 0) {
649 (*sids) = (DOM_SID *) malloc((*num_sids) *
653 if (sids != NULL && (*sids) != NULL) {
656 /* Take each name, construct a SID */
658 for (i = 0; i < (*num_sids); i++) {
659 uint32 dom_idx = t_rids[i].rid_idx;
660 uint32 dom_rid = t_rids[i].rid;
661 DOM_SID *sid = &(*sids)[i];
663 if (dom_idx != 0xffffffff) {
666 &ref.ref_dom[dom_idx].
669 if (dom_rid != 0xffffffff) {
670 sid_append_rid(sid, dom_rid);
675 (*types)[i] = t_rids[i].type;
683 (*types)[i] = SID_NAME_UNKNOWN;