3 * Unix SMB/Netbios implementation.
5 * RPC Pipe client / server routines
6 * Copyright (C) Andrew Tridgell 1992-1997,
7 * Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
8 * Copyright (C) Paul Ashton 1997.
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
32 extern int DEBUGLEVEL;
35 /****************************************************************************
37 ****************************************************************************/
38 BOOL lsa_open_policy(struct cli_state *cli, uint16 fnum,
39 char *server_name, POLICY_HND *hnd,
46 BOOL valid_pol = False;
48 if (hnd == NULL) return False;
50 prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
51 prs_init(&rbuf, 0 , 4, SAFETY_MARGIN, True );
53 /* create and send a MSRPC command with api LSA_OPENPOLICY */
55 DEBUG(4,("LSA Open Policy\n"));
57 /* store the parameters */
60 make_lsa_sec_qos(&qos, 2, 1, 0, 0x20000000);
61 make_q_open_pol(&q_o, 0x5c, 0, 0, &qos);
65 make_q_open_pol(&q_o, 0x5c, 0, 0x1, NULL);
68 /* turn parameters into data stream */
69 lsa_io_q_open_pol("", &q_o, &buf, 0);
71 /* send the data on \PIPE\ */
72 if (rpc_api_pipe_req(cli, fnum, LSA_OPENPOLICY, &buf, &rbuf))
77 lsa_io_r_open_pol("", &r_o, &rbuf, 0);
80 if (p && r_o.status != 0)
82 /* report error code */
83 DEBUG(0,("LSA_OPENPOLICY: %s\n", get_nt_error_msg(r_o.status)));
89 /* ok, at last: we're happy. return the policy handle */
90 memcpy(hnd, r_o.pol.data, sizeof(hnd->data));
101 /****************************************************************************
102 do a LSA Lookup Names
103 ****************************************************************************/
104 BOOL lsa_lookup_names(struct cli_state *cli, uint16 fnum,
114 LSA_Q_LOOKUP_NAMES q_l;
115 BOOL valid_response = False;
117 if (hnd == NULL || num_sids == 0 || sids == NULL) return False;
119 prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
120 prs_init(&rbuf, 0 , 4, SAFETY_MARGIN, True );
122 /* create and send a MSRPC command with api LSA_LOOKUP_NAMES */
124 DEBUG(4,("LSA Lookup NAMEs\n"));
126 /* store the parameters */
127 make_q_lookup_names(&q_l, hnd, num_names, names);
129 /* turn parameters into data stream */
130 lsa_io_q_lookup_names("", &q_l, &buf, 0);
132 /* send the data on \PIPE\ */
133 if (rpc_api_pipe_req(cli, fnum, LSA_LOOKUPNAMES, &buf, &rbuf))
135 LSA_R_LOOKUP_NAMES r_l;
137 DOM_RID2 t_rids[MAX_LOOKUP_SIDS];
144 r_l.dom_rid = t_rids;
146 lsa_io_r_lookup_names("", &r_l, &rbuf, 0);
147 p = rbuf.offset != 0;
149 if (p && r_l.status != 0)
151 /* report error code */
152 DEBUG(0,("LSA_LOOKUP_NAMES: %s\n", get_nt_error_msg(r_l.status)));
158 if (r_l.undoc_buffer != 0 && ref.undoc_buffer != 0)
160 valid_response = True;
164 if (num_sids != NULL && valid_response)
166 (*num_sids) = r_l.num_entries;
171 for (i = 0; i < r_l.num_entries; i++)
173 if (t_rids[i].rid_idx >= ref.num_ref_doms_1 &&
174 t_rids[i].rid_idx != 0xffffffff)
176 DEBUG(0,("LSA_LOOKUP_NAMES: domain index %d out of bounds\n",
178 valid_response = False;
184 if (types != NULL && valid_response && r_l.num_entries != 0)
186 (*types) = (uint8*)malloc((*num_sids) * sizeof(uint8));
189 if (sids != NULL && valid_response && r_l.num_entries != 0)
191 (*sids) = (DOM_SID*)malloc((*num_sids) * sizeof(DOM_SID));
194 if (sids != NULL && (*sids) != NULL)
197 /* take each name, construct a SID */
198 for (i = 0; i < (*num_sids); i++)
200 uint32 dom_idx = t_rids[i].rid_idx;
201 uint32 dom_rid = t_rids[i].rid;
202 DOM_SID *sid = &(*sids)[i];
203 if (dom_idx != 0xffffffff)
205 sid_copy(sid, &ref.ref_dom[dom_idx].ref_dom.sid);
206 if (dom_rid != 0xffffffff)
208 sid_append_rid(sid, dom_rid);
210 if (types != NULL && (*types) != NULL)
212 (*types)[i] = t_rids[i].type;
218 if (types != NULL && (*types) != NULL)
220 (*types)[i] = SID_NAME_UNKNOWN;
230 return valid_response;
233 /****************************************************************************
235 ****************************************************************************/
236 BOOL lsa_lookup_sids(struct cli_state *cli, uint16 fnum,
246 LSA_Q_LOOKUP_SIDS q_l;
247 BOOL valid_response = False;
249 if (hnd == NULL || num_sids == 0 || sids == NULL) return False;
251 prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
252 prs_init(&rbuf, 0 , 4, SAFETY_MARGIN, True );
254 /* create and send a MSRPC command with api LSA_LOOKUP_SIDS */
256 DEBUG(4,("LSA Lookup SIDs\n"));
258 /* store the parameters */
259 make_q_lookup_sids(&q_l, hnd, num_sids, sids, 1);
261 /* turn parameters into data stream */
262 lsa_io_q_lookup_sids("", &q_l, &buf, 0);
264 /* send the data on \PIPE\ */
265 if (rpc_api_pipe_req(cli, fnum, LSA_LOOKUPSIDS, &buf, &rbuf))
267 LSA_R_LOOKUP_SIDS r_l;
269 LSA_TRANS_NAME_ENUM t_names;
273 r_l.names = &t_names;
275 lsa_io_r_lookup_sids("", &r_l, &rbuf, 0);
276 p = rbuf.offset != 0;
278 if (p && r_l.status != 0)
280 /* report error code */
281 DEBUG(0,("LSA_LOOKUP_SIDS: %s\n", get_nt_error_msg(r_l.status)));
287 if (t_names.ptr_trans_names != 0 && ref.undoc_buffer != 0)
289 valid_response = True;
293 if (num_names != NULL && valid_response)
295 (*num_names) = t_names.num_entries;
300 for (i = 0; i < t_names.num_entries; i++)
302 if (t_names.name[i].domain_idx >= ref.num_ref_doms_1)
304 DEBUG(0,("LSA_LOOKUP_SIDS: domain index out of bounds\n"));
305 valid_response = False;
311 if (types != NULL && valid_response && t_names.num_entries != 0)
313 (*types) = (uint8*)malloc((*num_names) * sizeof(uint8));
316 if (names != NULL && valid_response && t_names.num_entries != 0)
318 (*names) = (char**)malloc((*num_names) * sizeof(char*));
321 if (names != NULL && (*names) != NULL)
324 /* take each name, construct a \DOMAIN\name string */
325 for (i = 0; i < (*num_names); i++)
330 uint32 dom_idx = t_names.name[i].domain_idx;
332 if (dom_idx != 0xffffffff)
334 unistr2_to_ascii(dom_name, &ref.ref_dom[dom_idx].uni_dom_name, sizeof(dom_name)-1);
335 unistr2_to_ascii(name, &t_names.uni_name[i], sizeof(name)-1);
337 memset(full_name, 0, sizeof(full_name));
339 slprintf(full_name, sizeof(full_name)-1, "%s\\%s",
342 (*names)[i] = strdup(full_name);
343 if (types != NULL && (*types) != NULL)
345 (*types)[i] = t_names.name[i].sid_name_use;
351 if (types != NULL && (*types) != NULL)
353 (*types)[i] = SID_NAME_UNKNOWN;
363 return valid_response;
366 /****************************************************************************
367 do a LSA Query Info Policy
368 ****************************************************************************/
369 BOOL lsa_query_info_pol(struct cli_state *cli, uint16 fnum,
370 POLICY_HND *hnd, uint16 info_class,
371 fstring domain_name, DOM_SID *domain_sid)
375 LSA_Q_QUERY_INFO q_q;
376 BOOL valid_response = False;
378 ZERO_STRUCTP(domain_sid);
381 if (hnd == NULL || domain_name == NULL || domain_sid == NULL) return False;
383 prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
384 prs_init(&rbuf, 0 , 4, SAFETY_MARGIN, True );
386 /* create and send a MSRPC command with api LSA_QUERYINFOPOLICY */
388 DEBUG(4,("LSA Query Info Policy\n"));
390 /* store the parameters */
391 make_q_query(&q_q, hnd, info_class);
393 /* turn parameters into data stream */
394 lsa_io_q_query("", &q_q, &buf, 0);
396 /* send the data on \PIPE\ */
397 if (rpc_api_pipe_req(cli, fnum, LSA_QUERYINFOPOLICY, &buf, &rbuf))
399 LSA_R_QUERY_INFO r_q;
402 lsa_io_r_query("", &r_q, &rbuf, 0);
403 p = rbuf.offset != 0;
405 if (p && r_q.status != 0)
407 /* report error code */
408 DEBUG(0,("LSA_QUERYINFOPOLICY: %s\n", get_nt_error_msg(r_q.status)));
412 if (p && r_q.info_class != q_q.info_class)
414 /* report different info classes */
415 DEBUG(0,("LSA_QUERYINFOPOLICY: error info_class (q,r) differ - (%x,%x)\n",
416 q_q.info_class, r_q.info_class));
423 /* ok, at last: we're happy. */
424 switch (r_q.info_class)
428 if (r_q.dom.id3.buffer_dom_name != 0)
430 unistr2_to_ascii(domain_name, &r_q.dom.id3.uni_domain_name, sizeof(fstring)-1);
432 if (r_q.dom.id3.buffer_dom_sid != 0)
434 *domain_sid = r_q.dom.id3.dom_sid.sid;
437 valid_response = True;
442 if (r_q.dom.id5.buffer_dom_name != 0)
444 unistr2_to_ascii(domain_name, &r_q.dom.id5.uni_domain_name, sizeof(fstring)-1);
446 if (r_q.dom.id5.buffer_dom_sid != 0)
448 *domain_sid = r_q.dom.id5.dom_sid.sid;
451 valid_response = True;
456 DEBUG(3,("LSA_QUERYINFOPOLICY: unknown info class\n"));
463 sid_to_string(sid_str, domain_sid);
464 DEBUG(3,("LSA_QUERYINFOPOLICY (level %x): domain:%s domain sid:%s\n",
465 r_q.info_class, domain_name, sid_str));
472 return valid_response;
475 /****************************************************************************
477 ****************************************************************************/
478 BOOL lsa_close(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd)
483 BOOL valid_close = False;
485 if (hnd == NULL) return False;
487 /* create and send a MSRPC command with api LSA_OPENPOLICY */
489 prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
490 prs_init(&rbuf, 0 , 4, SAFETY_MARGIN, True );
492 DEBUG(4,("LSA Close\n"));
494 /* store the parameters */
495 make_lsa_q_close(&q_c, hnd);
497 /* turn parameters into data stream */
498 lsa_io_q_close("", &q_c, &buf, 0);
500 /* send the data on \PIPE\ */
501 if (rpc_api_pipe_req(cli, fnum, LSA_CLOSE, &buf, &rbuf))
506 lsa_io_r_close("", &r_c, &rbuf, 0);
507 p = rbuf.offset != 0;
509 if (p && r_c.status != 0)
511 /* report error code */
512 DEBUG(0,("LSA_CLOSE: %s\n", get_nt_error_msg(r_c.status)));
518 /* check that the returned policy handle is all zeros */
522 for (i = 0; i < sizeof(r_c.pol.data); i++)
524 if (r_c.pol.data[i] != 0)
532 DEBUG(0,("LSA_CLOSE: non-zero handle returned\n"));