3 * Unix SMB/Netbios implementation.
5 * RPC Pipe client / server routines
6 * Copyright (C) Andrew Tridgell 1992-1998
7 * Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
8 * Copyright (C) Paul Ashton 1997-1998.
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 /* this module apparently provides an implementation of DCE/RPC over a
26 * named pipe (IPC$ connection using SMBtrans). details of DCE/RPC
27 * documentation are available (in on-line form) from the X-Open group.
29 * this module should provide a level of abstraction between SMB
30 * and DCE/RPC, while minimising the amount of mallocs, unnecessary
31 * data copies, and network traffic.
33 * in this version, which takes a "let's learn what's going on and
34 * get something running" approach, there is additional network
35 * traffic generated, but the code should be easier to understand...
37 * ... if you read the docs. or stare at packets for weeks on end.
44 extern int DEBUGLEVEL;
47 * A list of the rids of well known BUILTIN and Domain users
51 rid_name builtin_alias_rids[] =
53 { BUILTIN_ALIAS_RID_ADMINS , "Administrators" },
54 { BUILTIN_ALIAS_RID_USERS , "Users" },
55 { BUILTIN_ALIAS_RID_GUESTS , "Guests" },
56 { BUILTIN_ALIAS_RID_POWER_USERS , "Power Users" },
58 { BUILTIN_ALIAS_RID_ACCOUNT_OPS , "Account Operators" },
59 { BUILTIN_ALIAS_RID_SYSTEM_OPS , "System Operators" },
60 { BUILTIN_ALIAS_RID_PRINT_OPS , "Print Operators" },
61 { BUILTIN_ALIAS_RID_BACKUP_OPS , "Backup Operators" },
62 { BUILTIN_ALIAS_RID_REPLICATOR , "Replicator" },
66 /* array lookup of well-known Domain RID users. */
67 rid_name domain_user_rids[] =
69 { DOMAIN_USER_RID_ADMIN , "Administrator" },
70 { DOMAIN_USER_RID_GUEST , "Guest" },
74 /* array lookup of well-known Domain RID groups. */
75 rid_name domain_group_rids[] =
77 { DOMAIN_GROUP_RID_ADMINS , "Domain Admins" },
78 { DOMAIN_GROUP_RID_USERS , "Domain Users" },
79 { DOMAIN_GROUP_RID_GUESTS , "Domain Guests" },
83 int make_dom_gids(char *gids_str, DOM_GID **ppgids)
92 DEBUG(4,("make_dom_gids: %s\n", gids_str));
94 if (gids_str == NULL || *gids_str == 0)
97 for (count = 0, ptr = gids_str;
98 next_token(&ptr, s2, NULL, sizeof(s2));
102 gids = (DOM_GID *)malloc( sizeof(DOM_GID) * count );
105 DEBUG(0,("make_dom_gids: malloc fail !\n"));
109 for (count = 0, ptr = gids_str;
110 next_token(&ptr, s2, NULL, sizeof(s2)) &&
111 count < LSA_MAX_GROUPS;
114 /* the entries are of the form GID/ATTR, ATTR being optional.*/
119 attr = strchr(s2,'/');
124 attr = "7"; /* default value for attribute is 7 */
126 /* look up the RID string and see if we can turn it into a rid number */
127 for (i = 0; builtin_alias_rids[i].name != NULL; i++)
129 if (strequal(builtin_alias_rids[i].name, s2))
131 rid = builtin_alias_rids[i].rid;
141 DEBUG(1,("make_dom_gids: unknown well-known alias RID %s/%s\n", s2, attr));
146 gids[count].g_rid = rid;
147 gids[count].attr = atoi(attr);
149 DEBUG(5,("group id: %d attr: %d\n", gids[count].g_rid, gids[count].attr));
157 static void NTLMSSPcalc_p( pipes_struct *p, unsigned char *data, int len)
159 unsigned char *hash = p->ntlmssp_hash;
160 unsigned char index_i = hash[256];
161 unsigned char index_j = hash[257];
164 for( ind = 0; ind < len; ind++)
170 index_j += hash[index_i];
173 hash[index_i] = hash[index_j];
176 t = hash[index_i] + hash[index_j];
177 data[ind] = data[ind] ^ hash[t];
184 /*******************************************************************
185 turns a DCE/RPC request into a DCE/RPC reply
187 this is where the data really should be split up into an array of
188 headers and data sections.
190 ********************************************************************/
191 BOOL create_rpc_reply(pipes_struct *p,
192 uint32 data_start, uint32 data_end)
195 BOOL auth_verify = IS_BITS_SET_ALL(p->ntlmssp_chal.neg_flags, NTLMSSP_NEGOTIATE_SIGN);
196 BOOL auth_seal = IS_BITS_SET_ALL(p->ntlmssp_chal.neg_flags, NTLMSSP_NEGOTIATE_SEAL);
200 DEBUG(5,("create_rpc_reply: data_start: %d data_end: %d max_tsize: %d\n",
201 data_start, data_end, p->hdr_ba.bba.max_tsize));
203 auth_len = p->hdr.auth_len;
207 DEBUG(10,("create_rpc_reply: auth\n"));
214 prs_init(&p->rhdr , 0x18, 4, 0, False);
215 prs_init(&p->rauth, 1024, 4, 0, False);
216 prs_init(&p->rverf, 0x08, 4, 0, False);
218 p->hdr.pkt_type = RPC_RESPONSE; /* mark header as an rpc response */
220 /* set up rpc header (fragmentation issues) */
223 p->hdr.flags = RPC_FLG_FIRST;
230 p->hdr_resp.alloc_hint = data_end - data_start; /* calculate remaining data to be sent */
232 if (p->hdr_resp.alloc_hint + 0x18 <= p->hdr_ba.bba.max_tsize)
234 p->hdr.flags |= RPC_FLG_LAST;
235 p->hdr.frag_len = p->hdr_resp.alloc_hint + 0x18;
239 p->hdr.frag_len = p->hdr_ba.bba.max_tsize;
244 p->hdr_resp.alloc_hint -= auth_len + 8;
249 data_len = p->hdr.frag_len - auth_len - (auth_verify ? 8 : 0) - 0x18;
253 data_len = p->hdr.frag_len - 0x18;
256 p->rhdr.data->offset.start = 0;
257 p->rhdr.data->offset.end = 0x18;
259 /* store the header in the data stream */
260 smb_io_rpc_hdr ("hdr" , &(p->hdr ), &(p->rhdr), 0);
261 smb_io_rpc_hdr_resp("resp", &(p->hdr_resp), &(p->rhdr), 0);
263 /* don't use rdata: use rdata_i instead, which moves... */
264 /* make a pointer to the rdata data, NOT A COPY */
266 p->rdata_i.data = NULL;
267 prs_init(&p->rdata_i, 0, p->rdata.align, p->rdata.data->margin, p->rdata.io);
268 data = mem_data(&(p->rdata.data), data_start);
269 mem_create(p->rdata_i.data, data, 0, data_len, 0, False);
270 p->rdata_i.offset = data_len;
276 DEBUG(5,("create_rpc_reply: sign: %s seal: %s data %d auth %d\n",
277 BOOLSTR(auth_verify), BOOLSTR(auth_seal), data_len, auth_len));
281 crc32 = crc32_calc_buffer(data_len, data);
282 NTLMSSPcalc_p(p, (uchar*)data, data_len);
285 if (auth_seal || auth_verify)
287 make_rpc_hdr_auth(&p->auth_info, 0x0a, 0x06, 0x08, (auth_verify ? 1 : 0));
288 smb_io_rpc_hdr_auth("hdr_auth", &p->auth_info, &p->rauth, 0);
294 p->ntlmssp_seq_num++;
295 make_rpc_auth_ntlmssp_chk(&p->ntlmssp_chk, NTLMSSP_SIGN_VERSION, crc32, p->ntlmssp_seq_num++);
296 smb_io_rpc_auth_ntlmssp_chk("auth_sign", &(p->ntlmssp_chk), &p->rverf, 0);
297 auth_data = mem_data(&p->rverf.data, 4);
298 NTLMSSPcalc_p(p, (uchar*)auth_data, 12);
302 /* set up the data chain */
305 prs_link(NULL , &p->rhdr , &p->rdata_i);
306 prs_link(&p->rhdr , &p->rdata_i, &p->rauth );
307 prs_link(&p->rdata_i, &p->rauth , &p->rverf );
308 prs_link(&p->rauth , &p->rverf , NULL );
312 prs_link(NULL , &p->rhdr , &p->rdata_i);
313 prs_link(&p->rhdr, &p->rdata_i, NULL );
316 /* indicate to subsequent data reads where we are up to */
317 p->frag_len_left = p->hdr.frag_len - p->file_offset;
318 p->next_frag_start = p->hdr.frag_len;
320 return p->rhdr.data != NULL && p->rhdr.offset == 0x18;
323 static BOOL api_pipe_ntlmssp_verify(pipes_struct *p)
327 struct smb_passwd *smb_pass = NULL;
329 DEBUG(5,("api_pipe_ntlmssp_verify: checking user details\n"));
331 if (p->ntlmssp_resp.hdr_lm_resp.str_str_len == 0) return False;
332 if (p->ntlmssp_resp.hdr_nt_resp.str_str_len == 0) return False;
333 if (p->ntlmssp_resp.hdr_usr .str_str_len == 0) return False;
334 if (p->ntlmssp_resp.hdr_domain .str_str_len == 0) return False;
335 if (p->ntlmssp_resp.hdr_wks .str_str_len == 0) return False;
337 memset(p->user_name, 0, sizeof(p->user_name));
338 memset(p->domain , 0, sizeof(p->domain ));
339 memset(p->wks , 0, sizeof(p->wks ));
341 if (IS_BITS_SET_ALL(p->ntlmssp_chal.neg_flags, NTLMSSP_NEGOTIATE_UNICODE))
343 fstrcpy(p->user_name, unistrn2((uint16*)p->ntlmssp_resp.user , p->ntlmssp_resp.hdr_usr .str_str_len/2));
344 fstrcpy(p->domain , unistrn2((uint16*)p->ntlmssp_resp.domain, p->ntlmssp_resp.hdr_domain.str_str_len/2));
345 fstrcpy(p->wks , unistrn2((uint16*)p->ntlmssp_resp.wks , p->ntlmssp_resp.hdr_wks .str_str_len/2));
349 fstrcpy(p->user_name, p->ntlmssp_resp.user );
350 fstrcpy(p->domain , p->ntlmssp_resp.domain);
351 fstrcpy(p->wks , p->ntlmssp_resp.wks );
354 DEBUG(5,("user: %s domain: %s wks: %s\n", p->user_name, p->domain, p->wks));
356 memcpy(lm_owf, p->ntlmssp_resp.lm_resp, sizeof(lm_owf));
357 memcpy(nt_owf, p->ntlmssp_resp.nt_resp, sizeof(nt_owf));
359 #ifdef DEBUG_PASSWORD
360 DEBUG(100,("lm, nt owfs, chal\n"));
361 dump_data(100, lm_owf, sizeof(lm_owf));
362 dump_data(100, nt_owf, sizeof(nt_owf));
363 dump_data(100, p->ntlmssp_chal.challenge, 8);
366 p->ntlmssp_validated = pass_check_smb(p->user_name, p->domain,
367 (uchar*)p->ntlmssp_chal.challenge,
368 lm_owf, nt_owf, NULL);
369 smb_pass = getsmbpwnam(p->user_name);
372 if (p->ntlmssp_validated && smb_pass != NULL && smb_pass->smb_passwd)
375 NTLMSSPOWFencrypt(smb_pass->smb_passwd, lm_owf, p24);
387 for (ind = 0; ind < 256; ind++)
389 p->ntlmssp_hash[ind] = (unsigned char)ind;
392 for( ind = 0; ind < 256; ind++)
396 j += (p->ntlmssp_hash[ind] + k2[ind%8]);
398 tc = p->ntlmssp_hash[ind];
399 p->ntlmssp_hash[ind] = p->ntlmssp_hash[j];
400 p->ntlmssp_hash[j] = tc;
403 p->ntlmssp_hash[256] = 0;
404 p->ntlmssp_hash[257] = 0;
406 /* NTLMSSPhash(p->ntlmssp_hash, p24); */
407 p->ntlmssp_seq_num = 0;
411 p->ntlmssp_validated = False;
414 return p->ntlmssp_validated;
417 static BOOL api_pipe_ntlmssp(pipes_struct *p, prs_struct *pd)
419 /* receive a negotiate; send a challenge; receive a response */
420 switch (p->auth_verifier.msg_type)
422 case NTLMSSP_NEGOTIATE:
424 smb_io_rpc_auth_ntlmssp_neg("", &p->ntlmssp_neg, pd, 0);
429 smb_io_rpc_auth_ntlmssp_resp("", &p->ntlmssp_resp, pd, 0);
430 if (!api_pipe_ntlmssp_verify(p))
438 /* NTLMSSP expected: unexpected message type */
439 DEBUG(3,("unexpected message type in NTLMSSP %d\n",
440 p->auth_verifier.msg_type));
445 return (pd->offset != 0);
450 char * pipe_clnt_name;
451 char * pipe_srv_name;
452 BOOL (*fn) (pipes_struct *, prs_struct *);
455 static struct api_cmd api_fd_commands[] =
457 { "lsarpc", "lsass", api_ntlsa_rpc },
458 { "samr", "lsass", api_samr_rpc },
459 { "srvsvc", "ntsvcs", api_srvsvc_rpc },
460 { "wkssvc", "ntsvcs", api_wkssvc_rpc },
461 { "NETLOGON", "lsass", api_netlog_rpc },
462 { "winreg", "winreg", api_reg_rpc },
466 static BOOL api_pipe_bind_auth_resp(pipes_struct *p, prs_struct *pd)
468 DEBUG(5,("api_pipe_bind_auth_resp: decode request. %d\n", __LINE__));
470 if (p->hdr.auth_len == 0) return False;
472 /* decode the authentication verifier response */
473 smb_io_rpc_hdr_autha("", &p->autha_info, pd, 0);
474 if (pd->offset == 0) return False;
476 if (!rpc_hdr_auth_chk(&(p->auth_info))) return False;
478 smb_io_rpc_auth_verifier("", &p->auth_verifier, pd, 0);
479 if (pd->offset == 0) return False;
481 if (!rpc_auth_verifier_chk(&(p->auth_verifier), "NTLMSSP", NTLMSSP_AUTH)) return False;
483 return api_pipe_ntlmssp(p, pd);
486 static BOOL api_pipe_bind_req(pipes_struct *p, prs_struct *pd)
489 fstring ack_pipe_name;
492 p->ntlmssp_auth = False;
494 DEBUG(5,("api_pipe_bind_req: decode request. %d\n", __LINE__));
496 for (i = 0; api_fd_commands[i].pipe_clnt_name; i++)
498 if (strequal(api_fd_commands[i].pipe_clnt_name, p->name) &&
499 api_fd_commands[i].fn != NULL)
501 DEBUG(3,("api_pipe_bind_req: \\PIPE\\%s -> \\PIPE\\%s\n",
502 api_fd_commands[i].pipe_clnt_name,
503 api_fd_commands[i].pipe_srv_name));
504 fstrcpy(p->pipe_srv_name, api_fd_commands[i].pipe_srv_name);
509 if (api_fd_commands[i].fn == NULL) return False;
511 /* decode the bind request */
512 smb_io_rpc_hdr_rb("", &p->hdr_rb, pd, 0);
514 if (pd->offset == 0) return False;
516 if (p->hdr.auth_len != 0)
518 /* decode the authentication verifier */
519 smb_io_rpc_hdr_auth ("", &p->auth_info , pd, 0);
520 if (pd->offset == 0) return False;
522 p->ntlmssp_auth = p->auth_info.auth_type = 0x0a;
526 smb_io_rpc_auth_verifier("", &p->auth_verifier, pd, 0);
527 if (pd->offset == 0) return False;
529 p->ntlmssp_auth = strequal(p->auth_verifier.signature, "NTLMSSP");
534 if (!api_pipe_ntlmssp(p, pd)) return False;
538 /* name has to be \PIPE\xxxxx */
539 fstrcpy(ack_pipe_name, "\\PIPE\\");
540 fstrcat(ack_pipe_name, p->pipe_srv_name);
542 DEBUG(5,("api_pipe_bind_req: make response. %d\n", __LINE__));
544 prs_init(&(p->rdata), 1024, 4, 0, False);
545 prs_init(&(p->rhdr ), 0x18, 4, 0, False);
546 prs_init(&(p->rauth), 1024, 4, 0, False);
547 prs_init(&(p->rverf), 0x08, 4, 0, False);
548 prs_init(&(p->rntlm), 1024, 4, 0, False);
551 /*** do the bind ack first ***/
560 assoc_gid = p->hdr_rb.bba.assoc_gid;
563 make_rpc_hdr_ba(&p->hdr_ba,
564 p->hdr_rb.bba.max_tsize,
565 p->hdr_rb.bba.max_rsize,
569 &(p->hdr_rb.transfer));
571 smb_io_rpc_hdr_ba("", &p->hdr_ba, &p->rdata, 0);
572 mem_realloc_data(p->rdata.data, p->rdata.offset);
575 /*** now the authentication ***/
581 generate_random_buffer(challenge, 8, False);
583 /*** authentication info ***/
585 make_rpc_hdr_auth(&p->auth_info, 0x0a, 0x06, 0, 1);
586 smb_io_rpc_hdr_auth("", &p->auth_info, &p->rverf, 0);
587 mem_realloc_data(p->rverf.data, p->rverf.offset);
589 /*** NTLMSSP verifier ***/
591 make_rpc_auth_verifier(&p->auth_verifier,
592 "NTLMSSP", NTLMSSP_CHALLENGE);
593 smb_io_rpc_auth_verifier("", &p->auth_verifier, &p->rauth, 0);
594 mem_realloc_data(p->rauth.data, p->rauth.offset);
596 /* NTLMSSP challenge ***/
598 make_rpc_auth_ntlmssp_chal(&p->ntlmssp_chal,
599 0x000082b1, challenge);
600 smb_io_rpc_auth_ntlmssp_chal("", &p->ntlmssp_chal, &p->rntlm, 0);
601 mem_realloc_data(p->rntlm.data, p->rntlm.offset);
605 /*** then do the header, now we know the length ***/
608 make_rpc_hdr(&p->hdr, RPC_BINDACK, RPC_FLG_FIRST | RPC_FLG_LAST,
610 p->rdata.offset + p->rverf.offset + p->rauth.offset + p->rntlm.offset + 0x10,
611 p->rauth.offset + p->rntlm.offset);
613 smb_io_rpc_hdr("", &p->hdr, &p->rhdr, 0);
614 mem_realloc_data(p->rhdr.data, p->rdata.offset);
617 /*** link rpc header, bind acknowledgment and authentication responses ***/
622 prs_link(NULL , &p->rhdr , &p->rdata);
623 prs_link(&p->rhdr , &p->rdata, &p->rverf);
624 prs_link(&p->rdata, &p->rverf, &p->rauth);
625 prs_link(&p->rverf, &p->rauth, &p->rntlm);
626 prs_link(&p->rauth, &p->rntlm, NULL );
630 prs_link(NULL , &p->rhdr , &p->rdata);
631 prs_link(&p->rhdr, &p->rdata, NULL );
638 static BOOL api_pipe_auth_process(pipes_struct *p, prs_struct *pd)
640 BOOL auth_verify = IS_BITS_SET_ALL(p->ntlmssp_chal.neg_flags, NTLMSSP_NEGOTIATE_SIGN);
641 BOOL auth_seal = IS_BITS_SET_ALL(p->ntlmssp_chal.neg_flags, NTLMSSP_NEGOTIATE_SEAL);
647 auth_len = p->hdr.auth_len;
649 if (auth_len != 16 && auth_verify)
654 data_len = p->hdr.frag_len - auth_len - (auth_verify ? 8 : 0) - 0x18;
656 DEBUG(5,("api_pipe_auth_process: sign: %s seal: %s data %d auth %d\n",
657 BOOLSTR(auth_verify), BOOLSTR(auth_seal), data_len, auth_len));
661 char *data = mem_data(&pd->data, pd->offset);
662 DEBUG(5,("api_pipe_auth_process: data %d\n", pd->offset));
663 NTLMSSPcalc_p(p, (uchar*)data, data_len);
664 crc32 = crc32_calc_buffer(data_len, data);
667 /*** skip the data, record the offset so we can restore it again */
668 old_offset = pd->offset;
670 if (auth_seal || auth_verify)
672 pd->offset += data_len;
673 smb_io_rpc_hdr_auth("hdr_auth", &p->auth_info, pd, 0);
678 char *req_data = mem_data(&pd->data, pd->offset + 4);
679 DEBUG(5,("api_pipe_auth_process: auth %d\n", pd->offset + 4));
680 NTLMSSPcalc_p(p, (uchar*)req_data, 12);
681 smb_io_rpc_auth_ntlmssp_chk("auth_sign", &(p->ntlmssp_chk), pd, 0);
683 if (!rpc_auth_ntlmssp_chk(&(p->ntlmssp_chk), crc32,
690 pd->offset = old_offset;
695 static BOOL api_pipe_request(pipes_struct *p, prs_struct *pd)
699 if (p->ntlmssp_auth && p->ntlmssp_validated)
701 if (!api_pipe_auth_process(p, pd)) return False;
703 DEBUG(0,("api_pipe_request: **** MUST CALL become_user() HERE **** \n"));
709 for (i = 0; api_fd_commands[i].pipe_clnt_name; i++)
711 if (strequal(api_fd_commands[i].pipe_clnt_name, p->name) &&
712 api_fd_commands[i].fn != NULL)
714 DEBUG(3,("Doing \\PIPE\\%s\n", api_fd_commands[i].pipe_clnt_name));
715 return api_fd_commands[i].fn(p, pd);
721 BOOL rpc_command(pipes_struct *p, prs_struct *pd)
724 if (pd->data == NULL) return False;
726 /* process the rpc header */
727 smb_io_rpc_hdr("", &p->hdr, pd, 0);
729 if (pd->offset == 0) return False;
731 switch (p->hdr.pkt_type)
735 reply = api_pipe_bind_req(p, pd);
740 if (p->ntlmssp_auth && !p->ntlmssp_validated)
742 /* authentication _was_ requested
743 and it failed. sorry, no deal!
749 /* read the rpc header */
750 smb_io_rpc_hdr_req("req", &(p->hdr_req), pd, 0);
751 reply = api_pipe_request(p, pd);
755 case RPC_BINDRESP: /* not the real name! */
757 reply = api_pipe_bind_auth_resp(p, pd);
758 p->ntlmssp_auth = reply;
765 DEBUG(3,("rpc_command: DCE/RPC fault should be sent here\n"));
772 /*******************************************************************
773 receives a netlogon pipe and responds.
774 ********************************************************************/
775 static BOOL api_rpc_command(pipes_struct *p,
776 char *rpc_name, struct api_struct *api_rpc_cmds,
780 DEBUG(4,("api_rpc_command: %s op 0x%x - ", rpc_name, p->hdr_req.opnum));
782 for (fn_num = 0; api_rpc_cmds[fn_num].name; fn_num++)
784 if (api_rpc_cmds[fn_num].opnum == p->hdr_req.opnum && api_rpc_cmds[fn_num].fn != NULL)
786 DEBUG(3,("api_rpc_command: %s\n", api_rpc_cmds[fn_num].name));
791 if (api_rpc_cmds[fn_num].name == NULL)
793 DEBUG(4, ("unknown\n"));
797 /* start off with 1024 bytes, and a large safety margin too */
798 prs_init(&p->rdata, 1024, 4, SAFETY_MARGIN, False);
800 /* do the actual command */
801 api_rpc_cmds[fn_num].fn(p->vuid, data, &(p->rdata));
803 if (p->rdata.data == NULL || p->rdata.offset == 0)
805 mem_free_data(p->rdata.data);
809 mem_realloc_data(p->rdata.data, p->rdata.offset);
811 DEBUG(10,("called %s\n", rpc_name));
817 /*******************************************************************
818 receives a netlogon pipe and responds.
819 ********************************************************************/
820 BOOL api_rpcTNP(pipes_struct *p, char *rpc_name, struct api_struct *api_rpc_cmds,
823 if (data == NULL || data->data == NULL)
825 DEBUG(2,("%s: NULL data received\n", rpc_name));
829 /* interpret the command */
830 if (!api_rpc_command(p, rpc_name, api_rpc_cmds, data))
835 /* create the rpc header */
836 if (!create_rpc_reply(p, 0, p->rdata.offset + (p->ntlmssp_auth ? (16 + 8) : 0)))
845 /*******************************************************************
846 gets a domain user's groups
847 ********************************************************************/
848 void get_domain_user_groups(char *domain_groups, char *user)
852 if (domain_groups == NULL || user == NULL) return;
854 /* any additional groups this user is in. e.g power users */
855 pstrcpy(domain_groups, lp_domain_groups());
857 /* can only be a user or a guest. cannot be guest _and_ admin */
858 if (user_in_list(user, lp_domain_guest_group()))
860 slprintf(tmp, sizeof(tmp) - 1, " %ld/7 ", DOMAIN_GROUP_RID_GUESTS);
861 pstrcat(domain_groups, tmp);
863 DEBUG(3,("domain guest group access %s granted\n", tmp));
867 slprintf(tmp, sizeof(tmp) -1, " %ld/7 ", DOMAIN_GROUP_RID_USERS);
868 pstrcat(domain_groups, tmp);
870 DEBUG(3,("domain group access %s granted\n", tmp));
872 if (user_in_list(user, lp_domain_admin_group()))
874 slprintf(tmp, sizeof(tmp) - 1, " %ld/7 ", DOMAIN_GROUP_RID_ADMINS);
875 pstrcat(domain_groups, tmp);
877 DEBUG(3,("domain admin group access %s granted\n", tmp));
883 /*******************************************************************
885 ********************************************************************/
886 uint32 lookup_group_name(uint32 rid, char *group_name, uint32 *type)
889 (*type) = SID_NAME_DOM_GRP;
891 DEBUG(5,("lookup_group_name: rid: %d", rid));
893 while (domain_group_rids[i].rid != rid && domain_group_rids[i].rid != 0)
898 if (domain_group_rids[i].rid != 0)
900 fstrcpy(group_name, domain_group_rids[i].name);
901 DEBUG(5,(" = %s\n", group_name));
905 DEBUG(5,(" none mapped\n"));
906 return 0xC0000000 | NT_STATUS_NONE_MAPPED;
909 /*******************************************************************
911 ********************************************************************/
912 uint32 lookup_alias_name(uint32 rid, char *alias_name, uint32 *type)
915 (*type) = SID_NAME_WKN_GRP;
917 DEBUG(5,("lookup_alias_name: rid: %d", rid));
919 while (builtin_alias_rids[i].rid != rid && builtin_alias_rids[i].rid != 0)
924 if (builtin_alias_rids[i].rid != 0)
926 fstrcpy(alias_name, builtin_alias_rids[i].name);
927 DEBUG(5,(" = %s\n", alias_name));
931 DEBUG(5,(" none mapped\n"));
932 return 0xC0000000 | NT_STATUS_NONE_MAPPED;
935 /*******************************************************************
937 ********************************************************************/
938 uint32 lookup_user_name(uint32 rid, char *user_name, uint32 *type)
940 struct sam_disp_info *disp_info;
942 (*type) = SID_NAME_USER;
944 DEBUG(5,("lookup_user_name: rid: %d", rid));
946 /* look up the well-known domain user rids first */
947 while (domain_user_rids[i].rid != rid && domain_user_rids[i].rid != 0)
952 if (domain_user_rids[i].rid != 0)
954 fstrcpy(user_name, domain_user_rids[i].name);
955 DEBUG(5,(" = %s\n", user_name));
959 /* ok, it's a user. find the user account */
961 disp_info = getsamdisprid(rid);
964 if (disp_info != NULL)
966 fstrcpy(user_name, disp_info->smb_name);
967 DEBUG(5,(" = %s\n", user_name));
971 DEBUG(5,(" none mapped\n"));
972 return 0xC0000000 | NT_STATUS_NONE_MAPPED;
975 /*******************************************************************
977 ********************************************************************/
978 uint32 lookup_group_rid(char *group_name, uint32 *rid)
981 int i = -1; /* start do loop at -1 */
983 do /* find, if it exists, a group rid for the group name*/
986 (*rid) = domain_group_rids[i].rid;
987 grp_name = domain_group_rids[i].name;
989 } while (grp_name != NULL && !strequal(grp_name, group_name));
991 return (grp_name != NULL) ? 0 : 0xC0000000 | NT_STATUS_NONE_MAPPED;
994 /*******************************************************************
996 ********************************************************************/
997 uint32 lookup_alias_rid(char *alias_name, uint32 *rid)
1000 int i = -1; /* start do loop at -1 */
1002 do /* find, if it exists, a alias rid for the alias name*/
1005 (*rid) = builtin_alias_rids[i].rid;
1006 als_name = builtin_alias_rids[i].name;
1008 } while (als_name != NULL && !strequal(als_name, alias_name));
1010 return (als_name != NULL) ? 0 : 0xC0000000 | NT_STATUS_NONE_MAPPED;
1013 /*******************************************************************
1015 ********************************************************************/
1016 uint32 lookup_user_rid(char *user_name, uint32 *rid)
1018 struct sam_passwd *sam_pass;
1021 /* find the user account */
1023 sam_pass = getsam21pwnam(user_name);
1024 unbecome_root(True);
1026 if (sam_pass != NULL)
1028 (*rid) = sam_pass->user_rid;
1032 return 0xC0000000 | NT_STATUS_NONE_MAPPED;
git.samba.org / samba.git / blob