2 Unix SMB/CIFS implementation.
3 async implementation of commands submitted over IRPC
4 Copyright (C) Volker Lendecke 2009
5 Copyright (C) Guenther Deschner 2009
6 Copyright (C) Andrew Bartlett 2014
7 Copyright (C) Andrew Tridgell 2009
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #include "librpc/gen_ndr/ndr_winbind_c.h"
26 #include "source4/lib/messaging/irpc.h"
27 #include "librpc/gen_ndr/ndr_winbind.h"
29 struct wb_irpc_forward_state {
30 struct irpc_message *msg;
31 struct winbind_DsrUpdateReadOnlyServerDnsRecords *req;
34 struct dcesrv_call_state *dce_call;
38 called when the forwarded rpc request is finished
40 static void wb_irpc_forward_callback(struct tevent_req *subreq)
42 struct wb_irpc_forward_state *st =
43 tevent_req_callback_data(subreq,
44 struct wb_irpc_forward_state);
45 const char *opname = st->opname;
48 status = dcerpc_binding_handle_call_recv(subreq);
50 if (!NT_STATUS_IS_OK(status)) {
51 DEBUG(0,("RPC callback failed for %s - %s\n",
52 opname, nt_errstr(status)));
53 irpc_send_reply(st->msg, status);
57 irpc_send_reply(st->msg, status);
63 * Forward a RPC call using IRPC to another task
66 static NTSTATUS wb_irpc_forward_rpc_call(struct irpc_message *msg, TALLOC_CTX *mem_ctx,
67 struct tevent_context *ev,
68 void *r, uint32_t callid,
70 struct winbindd_domain *domain,
73 struct wb_irpc_forward_state *st;
74 struct dcerpc_binding_handle *binding_handle;
75 struct tevent_req *subreq;
77 st = talloc(mem_ctx, struct wb_irpc_forward_state);
79 return NT_STATUS_NO_MEMORY;
85 binding_handle = dom_child_handle(domain);
86 if (binding_handle == NULL) {
87 DEBUG(0,("%s: Failed to forward request to winbind handler for %s\n",
88 opname, domain->name));
89 return NT_STATUS_UNSUCCESSFUL;
92 /* reset timeout for the handle */
93 dcerpc_binding_handle_set_timeout(binding_handle, timeout);
95 /* forward the call */
96 subreq = dcerpc_binding_handle_call_send(st, ev,
98 NULL, &ndr_table_winbind,
101 if (subreq == NULL) {
102 DEBUG(0,("%s: Failed to forward request to winbind handler for %s\n",
103 opname, domain->name));
104 return NT_STATUS_UNSUCCESSFUL;
107 /* mark the request as replied async */
108 msg->defer_reply = true;
110 /* setup the callback */
111 tevent_req_set_callback(subreq, wb_irpc_forward_callback, st);
115 static NTSTATUS wb_irpc_DsrUpdateReadOnlyServerDnsRecords(struct irpc_message *msg,
116 struct winbind_DsrUpdateReadOnlyServerDnsRecords *req)
118 struct winbindd_domain *domain = find_our_domain();
119 if (domain == NULL) {
120 return NT_STATUS_NO_SUCH_DOMAIN;
123 DEBUG(5, ("wb_irpc_DsrUpdateReadOnlyServerDnsRecords called\n"));
125 return wb_irpc_forward_rpc_call(msg, msg,
126 winbind_event_context(),
127 req, NDR_WINBIND_DSRUPDATEREADONLYSERVERDNSRECORDS,
128 "winbind_DsrUpdateReadOnlyServerDnsRecords",
129 domain, IRPC_CALL_TIMEOUT);
132 static NTSTATUS wb_irpc_SamLogon(struct irpc_message *msg,
133 struct winbind_SamLogon *req)
135 struct winbindd_domain *domain;
136 struct netr_IdentityInfo *identity_info;
137 const char *target_domain_name = NULL;
138 const char *account_name = NULL;
140 switch (req->in.logon_level) {
141 case NetlogonInteractiveInformation:
142 case NetlogonServiceInformation:
143 case NetlogonInteractiveTransitiveInformation:
144 case NetlogonServiceTransitiveInformation:
145 if (req->in.logon.password == NULL) {
146 return NT_STATUS_REQUEST_NOT_ACCEPTED;
148 identity_info = &req->in.logon.password->identity_info;
151 case NetlogonNetworkInformation:
152 case NetlogonNetworkTransitiveInformation:
153 if (req->in.logon.network == NULL) {
154 return NT_STATUS_REQUEST_NOT_ACCEPTED;
157 identity_info = &req->in.logon.network->identity_info;
160 case NetlogonGenericInformation:
161 if (req->in.logon.generic == NULL) {
162 return NT_STATUS_REQUEST_NOT_ACCEPTED;
165 identity_info = &req->in.logon.generic->identity_info;
169 return NT_STATUS_REQUEST_NOT_ACCEPTED;
172 target_domain_name = identity_info->domain_name.string;
173 if (target_domain_name == NULL) {
174 target_domain_name = "";
177 account_name = identity_info->account_name.string;
178 if (account_name == NULL) {
182 domain = find_auth_domain(0, target_domain_name);
183 if (domain == NULL) {
184 DBG_INFO("target_domain[%s] for account[%s] not known\n",
185 target_domain_name, account_name);
186 req->out.result = NT_STATUS_NO_SUCH_USER;
187 req->out.authoritative = 0;
191 DEBUG(5, ("wb_irpc_SamLogon called\n"));
193 return wb_irpc_forward_rpc_call(msg, msg,
194 winbind_event_context(),
195 req, NDR_WINBIND_SAMLOGON,
197 domain, IRPC_CALL_TIMEOUT);
200 static NTSTATUS wb_irpc_LogonControl(struct irpc_message *msg,
201 struct winbind_LogonControl *req)
203 TALLOC_CTX *frame = talloc_stackframe();
204 char *domain_name = NULL;
205 struct winbindd_domain *domain = NULL;
207 DEBUG(5, ("wb_irpc_LogonControl called\n"));
209 switch (req->in.function_code) {
210 case NETLOGON_CONTROL_REDISCOVER:
211 case NETLOGON_CONTROL_TC_QUERY:
212 case NETLOGON_CONTROL_CHANGE_PASSWORD:
213 case NETLOGON_CONTROL_TC_VERIFY:
214 if (req->in.data->domain == NULL) {
216 return NT_STATUS_INVALID_PARAMETER;
219 domain_name = talloc_strdup(frame, req->in.data->domain);
220 if (domain_name == NULL) {
221 req->out.result = WERR_NOT_ENOUGH_MEMORY;
229 return NT_STATUS_NOT_IMPLEMENTED;
232 if (req->in.function_code == NETLOGON_CONTROL_REDISCOVER) {
236 * NETLOGON_CONTROL_REDISCOVER
237 * get's an optional \dcname appended to the domain name
239 p = strchr_m(domain_name, '\\');
245 domain = find_domain_from_name_noinit(domain_name);
246 if (domain == NULL) {
247 req->out.result = WERR_NO_SUCH_DOMAIN;
253 return wb_irpc_forward_rpc_call(msg, msg,
254 winbind_event_context(),
255 req, NDR_WINBIND_LOGONCONTROL,
256 "winbind_LogonControl",
257 domain, 45 /* timeout */);
260 static NTSTATUS wb_irpc_GetForestTrustInformation(struct irpc_message *msg,
261 struct winbind_GetForestTrustInformation *req)
263 struct winbindd_domain *domain = NULL;
265 if (req->in.trusted_domain_name == NULL) {
266 req->out.result = WERR_NO_SUCH_DOMAIN;
270 domain = find_domain_from_name_noinit(req->in.trusted_domain_name);
271 if (domain == NULL) {
272 req->out.result = WERR_NO_SUCH_DOMAIN;
277 * checking for domain->internal and domain->primary
278 * makes sure we only do some work when running as DC.
281 if (domain->internal) {
282 req->out.result = WERR_NO_SUCH_DOMAIN;
286 if (domain->primary) {
287 req->out.result = WERR_NO_SUCH_DOMAIN;
291 DEBUG(5, ("wb_irpc_GetForestTrustInformation called\n"));
293 return wb_irpc_forward_rpc_call(msg, msg,
294 winbind_event_context(),
295 req, NDR_WINBIND_GETFORESTTRUSTINFORMATION,
296 "winbind_GetForestTrustInformation",
297 domain, 45 /* timeout */);
300 static NTSTATUS wb_irpc_SendToSam(struct irpc_message *msg,
301 struct winbind_SendToSam *req)
303 /* TODO make sure that it is RWDC */
304 struct winbindd_domain *domain = find_our_domain();
305 if (domain == NULL) {
306 return NT_STATUS_NO_SUCH_DOMAIN;
309 DEBUG(5, ("wb_irpc_SendToSam called\n"));
311 return wb_irpc_forward_rpc_call(msg, msg,
312 winbind_event_context(),
313 req, NDR_WINBIND_SENDTOSAM,
315 domain, IRPC_CALL_TIMEOUT);
318 NTSTATUS wb_irpc_register(void)
322 status = IRPC_REGISTER(winbind_imessaging_context(), winbind, WINBIND_DSRUPDATEREADONLYSERVERDNSRECORDS,
323 wb_irpc_DsrUpdateReadOnlyServerDnsRecords, NULL);
324 if (!NT_STATUS_IS_OK(status)) {
327 status = IRPC_REGISTER(winbind_imessaging_context(), winbind, WINBIND_SAMLOGON,
328 wb_irpc_SamLogon, NULL);
329 if (!NT_STATUS_IS_OK(status)) {
332 status = IRPC_REGISTER(winbind_imessaging_context(), winbind,
333 WINBIND_LOGONCONTROL,
334 wb_irpc_LogonControl, NULL);
335 if (!NT_STATUS_IS_OK(status)) {
338 status = IRPC_REGISTER(winbind_imessaging_context(), winbind,
339 WINBIND_GETFORESTTRUSTINFORMATION,
340 wb_irpc_GetForestTrustInformation, NULL);
341 if (!NT_STATUS_IS_OK(status)) {
344 status = IRPC_REGISTER(winbind_imessaging_context(), winbind, WINBIND_SENDTOSAM,
345 wb_irpc_SendToSam, NULL);
346 if (!NT_STATUS_IS_OK(status)) {