2 Unix SMB/CIFS implementation.
4 Copyright (C) Volker Lendecke 2005
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
21 a composite API for finding a DC and its name
25 #include "libcli/composite/composite.h"
26 #include "libcli/smb_composite/smb_composite.h"
27 #include "winbind/wb_async_helpers.h"
29 #include "librpc/gen_ndr/nbt.h"
30 #include "librpc/gen_ndr/samr.h"
31 #include "lib/messaging/irpc.h"
32 #include "librpc/gen_ndr/irpc.h"
33 #include "librpc/gen_ndr/ndr_irpc.h"
34 #include "libcli/raw/libcliraw.h"
35 #include "librpc/gen_ndr/ndr_netlogon.h"
36 #include "librpc/gen_ndr/ndr_lsa.h"
37 #include "libcli/auth/credentials.h"
39 struct finddcs_state {
40 struct wb_finddcs *io;
41 struct composite_context *creq;
43 struct nbtd_getdcname *r;
44 struct irpc_request *ireq;
47 static void finddcs_getdc(struct irpc_request *ireq)
49 struct composite_context *c = talloc_get_type(ireq->async.private,
50 struct composite_context);
51 struct finddcs_state *state = talloc_get_type(c->private_data,
52 struct finddcs_state);
54 c->status = irpc_call_recv(ireq);
55 if (!NT_STATUS_IS_OK(c->status)) {
59 state->io->out.dcs[0].name = talloc_steal(state->io->out.dcs,
60 state->r->out.dcname);
62 c->status = NT_STATUS_OK;
63 c->state = COMPOSITE_STATE_DONE;
66 if (!NT_STATUS_IS_OK(c->status)) {
67 c->state = COMPOSITE_STATE_ERROR;
70 if (c->state >= COMPOSITE_STATE_DONE &&
78 called when name resolution is finished
80 static void finddcs_resolve(struct composite_context *res_ctx)
82 struct composite_context *c = talloc_get_type(res_ctx->async.private_data,
83 struct composite_context);
84 struct finddcs_state *state = talloc_get_type(c->private_data,
85 struct finddcs_state);
86 uint32_t *nbt_servers;
88 state->io->out.num_dcs = 1;
89 state->io->out.dcs = talloc_array(state, struct nbt_dc_name,
90 state->io->out.num_dcs);
91 if (state->io->out.dcs == NULL) {
92 c->status = NT_STATUS_NO_MEMORY;
96 c->status = resolve_name_recv(res_ctx, state->io->out.dcs,
97 &state->io->out.dcs[0].address);
98 if (!NT_STATUS_IS_OK(c->status)) {
102 nbt_servers = irpc_servers_byname(state->io->in.msg_ctx, "nbt_server");
103 if ((nbt_servers == NULL) || (nbt_servers[0] == 0)) {
104 c->status = NT_STATUS_NO_LOGON_SERVERS;
108 state->r = talloc(state, struct nbtd_getdcname);
109 if (state->r == NULL) {
110 c->status = NT_STATUS_NO_MEMORY;
114 state->r->in.domainname = talloc_strdup(state->r, lp_workgroup());
115 state->r->in.ip_address = state->io->out.dcs[0].address;
116 state->r->in.my_computername = lp_netbios_name();
117 state->r->in.my_accountname = talloc_asprintf(state->r, "%s$",
119 state->r->in.account_control = ACB_WSTRUST;
120 state->r->in.domain_sid = secrets_get_domain_sid(state->r,
123 if ((state->r->in.domainname == NULL) ||
124 (state->r->in.my_accountname == NULL)) {
125 DEBUG(0, ("talloc failed\n"));
126 c->status = NT_STATUS_NO_MEMORY;
129 if (state->r->in.domain_sid == NULL) {
130 c->status = NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
134 state->ireq = irpc_call_send(state->io->in.msg_ctx, nbt_servers[0],
135 &dcerpc_table_irpc, DCERPC_NBTD_GETDCNAME,
138 if (state->ireq == NULL) {
139 c->status = NT_STATUS_NO_MEMORY;
143 c->status = NT_STATUS_OK;
144 state->ireq->async.fn = finddcs_getdc;
145 state->ireq->async.private = c;
148 if (!NT_STATUS_IS_OK(c->status)) {
149 c->state = COMPOSITE_STATE_ERROR;
152 if (c->state >= COMPOSITE_STATE_DONE &&
158 struct composite_context *wb_finddcs_send(struct wb_finddcs *io,
159 struct event_context *event_ctx)
161 struct composite_context *c;
162 struct finddcs_state *state;
163 struct nbt_name name;
165 c = talloc_zero(NULL, struct composite_context);
166 if (c == NULL) goto failed;
167 c->state = COMPOSITE_STATE_IN_PROGRESS;
168 c->event_ctx = event_ctx;
170 state = talloc(c, struct finddcs_state);
171 if (state == NULL) goto failed;
174 make_nbt_name(&name, io->in.domain, 0x1c);
175 state->creq = resolve_name_send(&name, c->event_ctx,
176 lp_name_resolve_order());
178 if (state->creq == NULL) goto failed;
179 state->creq->async.private_data = c;
180 state->creq->async.fn = finddcs_resolve;
181 c->private_data = state;
189 NTSTATUS wb_finddcs_recv(struct composite_context *c, TALLOC_CTX *mem_ctx)
193 status = composite_wait(c);
195 if (NT_STATUS_IS_OK(status)) {
196 struct finddcs_state *state = talloc_get_type(c->private_data,
197 struct finddcs_state);
198 talloc_steal(mem_ctx, state->io->out.dcs);
205 NTSTATUS wb_finddcs(struct wb_finddcs *io, TALLOC_CTX *mem_ctx,
206 struct event_context *ev)
208 struct composite_context *c = wb_finddcs_send(io, ev);
209 return wb_finddcs_recv(c, mem_ctx);
212 struct get_schannel_creds_state {
213 struct composite_context *ctx;
214 struct dcerpc_pipe *p;
215 struct wb_get_schannel_creds *io;
216 struct netr_ServerReqChallenge *r;
218 struct creds_CredentialState *creds_state;
219 struct netr_Credential netr_cred;
220 uint32_t negotiate_flags;
221 struct netr_ServerAuthenticate2 *a;
224 static void get_schannel_creds_recv_auth(struct rpc_request *req);
225 static void get_schannel_creds_recv_chal(struct rpc_request *req);
226 static void get_schannel_creds_recv_pipe(struct composite_context *ctx);
228 struct composite_context *wb_get_schannel_creds_send(struct wb_get_schannel_creds *io,
229 struct event_context *ev)
231 struct composite_context *result, *ctx;
232 struct get_schannel_creds_state *state;
234 result = talloc_zero(NULL, struct composite_context);
235 if (result == NULL) goto failed;
236 result->state = COMPOSITE_STATE_IN_PROGRESS;
237 result->event_ctx = ev;
239 state = talloc(result, struct get_schannel_creds_state);
240 if (state == NULL) goto failed;
241 result->private_data = state;
246 state->p = dcerpc_pipe_init(state, ev);
247 if (state->p == NULL) goto failed;
249 ctx = dcerpc_pipe_open_smb_send(state->p->conn, state->io->in.tree,
251 if (ctx == NULL) goto failed;
253 ctx->async.fn = get_schannel_creds_recv_pipe;
254 ctx->async.private_data = state;
262 static void get_schannel_creds_recv_pipe(struct composite_context *ctx)
264 struct get_schannel_creds_state *state =
265 talloc_get_type(ctx->async.private_data,
266 struct get_schannel_creds_state);
267 struct rpc_request *req;
269 state->ctx->status = dcerpc_pipe_open_smb_recv(ctx);
270 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
272 state->ctx->status = dcerpc_bind_auth_none(state->p,
273 DCERPC_NETLOGON_UUID,
274 DCERPC_NETLOGON_VERSION);
275 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
277 state->r = talloc(state, struct netr_ServerReqChallenge);
278 if (state->r == NULL) {
279 state->ctx->status = NT_STATUS_NO_MEMORY;
283 state->r->in.computer_name =
284 cli_credentials_get_workstation(state->io->in.creds);
285 state->r->in.server_name =
286 talloc_asprintf(state->r, "\\\\%s",
287 dcerpc_server_name(state->p));
288 state->r->in.credentials = talloc(state->r, struct netr_Credential);
289 state->r->out.credentials = talloc(state->r, struct netr_Credential);
291 if ((state->r->in.server_name == NULL) ||
292 (state->r->in.credentials == NULL) ||
293 (state->r->out.credentials == NULL)) {
294 state->ctx->status = NT_STATUS_NO_MEMORY;
297 generate_random_buffer(state->r->in.credentials->data,
298 sizeof(state->r->in.credentials->data));
300 req = dcerpc_netr_ServerReqChallenge_send(state->p, state, state->r);
302 state->ctx->status = NT_STATUS_NO_MEMORY;
306 req->async.callback = get_schannel_creds_recv_chal;
307 req->async.private = state;
311 if (!NT_STATUS_IS_OK(state->ctx->status)) {
312 state->ctx->state = COMPOSITE_STATE_ERROR;
314 if ((state->ctx->state >= COMPOSITE_STATE_DONE) &&
315 (state->ctx->async.fn != NULL)) {
316 state->ctx->async.fn(state->ctx);
320 static void get_schannel_creds_recv_chal(struct rpc_request *req)
322 struct get_schannel_creds_state *state =
323 talloc_get_type(req->async.private,
324 struct get_schannel_creds_state);
325 const struct samr_Password *mach_pwd;
327 state->ctx->status = dcerpc_ndr_request_recv(req);
328 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
329 state->ctx->status = state->r->out.result;
330 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
332 state->creds_state = talloc(state, struct creds_CredentialState);
333 mach_pwd = cli_credentials_get_nt_hash(state->io->in.creds, state);
334 if ((state->creds_state == NULL) || (mach_pwd == NULL)) {
335 state->ctx->status = NT_STATUS_NO_MEMORY;
339 state->negotiate_flags = NETLOGON_NEG_AUTH2_FLAGS;
341 creds_client_init(state->creds_state, state->r->in.credentials,
342 state->r->out.credentials, mach_pwd,
343 &state->netr_cred, state->negotiate_flags);
345 state->a = talloc(state, struct netr_ServerAuthenticate2);
346 if (state->a == NULL) {
347 state->ctx->status = NT_STATUS_NO_MEMORY;
351 state->a->in.server_name =
352 talloc_reference(state->a, state->r->in.server_name);
353 state->a->in.account_name =
354 cli_credentials_get_username(state->io->in.creds);
355 state->a->in.secure_channel_type =
356 cli_credentials_get_secure_channel_type(state->io->in.creds);
357 state->a->in.computer_name =
358 cli_credentials_get_workstation(state->io->in.creds);
359 state->a->in.negotiate_flags = &state->negotiate_flags;
360 state->a->out.negotiate_flags = &state->negotiate_flags;
361 state->a->in.credentials = &state->netr_cred;
362 state->a->out.credentials = &state->netr_cred;
364 req = dcerpc_netr_ServerAuthenticate2_send(state->p, state, state->a);
366 state->ctx->status = NT_STATUS_NO_MEMORY;
370 req->async.callback = get_schannel_creds_recv_auth;
371 req->async.private = state;
374 state->io->out.netlogon = state->p;
375 state->ctx->state = COMPOSITE_STATE_DONE;
378 if (!NT_STATUS_IS_OK(state->ctx->status)) {
379 state->ctx->state = COMPOSITE_STATE_ERROR;
381 if ((state->ctx->state >= COMPOSITE_STATE_DONE) &&
382 (state->ctx->async.fn != NULL)) {
383 state->ctx->async.fn(state->ctx);
387 static void get_schannel_creds_recv_auth(struct rpc_request *req)
389 struct get_schannel_creds_state *state =
390 talloc_get_type(req->async.private,
391 struct get_schannel_creds_state);
393 state->ctx->status = dcerpc_ndr_request_recv(req);
394 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
395 state->ctx->status = state->a->out.result;
396 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
398 if (!creds_client_check(state->creds_state,
399 state->a->out.credentials)) {
400 DEBUG(5, ("Server got us invalid creds\n"));
401 state->ctx->status = NT_STATUS_UNSUCCESSFUL;
405 cli_credentials_set_netlogon_creds(state->io->in.creds,
408 state->ctx->state = COMPOSITE_STATE_DONE;
411 if (!NT_STATUS_IS_OK(state->ctx->status)) {
412 state->ctx->state = COMPOSITE_STATE_ERROR;
414 if ((state->ctx->state >= COMPOSITE_STATE_DONE) &&
415 (state->ctx->async.fn != NULL)) {
416 state->ctx->async.fn(state->ctx);
420 NTSTATUS wb_get_schannel_creds_recv(struct composite_context *c,
423 NTSTATUS status = composite_wait(c);
424 struct get_schannel_creds_state *state =
425 talloc_get_type(c->private_data,
426 struct get_schannel_creds_state);
427 state->io->out.netlogon = talloc_steal(mem_ctx, state->p);
432 NTSTATUS wb_get_schannel_creds(struct wb_get_schannel_creds *io,
434 struct event_context *ev)
436 struct composite_context *c = wb_get_schannel_creds_send(io, ev);
437 return wb_get_schannel_creds_recv(c, mem_ctx);
440 struct get_lsa_pipe_state {
441 struct composite_context *ctx;
442 struct wb_get_lsa_pipe *io;
443 struct wb_finddcs *finddcs;
444 struct smb_composite_connect *conn;
445 struct dcerpc_pipe *lsa_pipe;
447 struct lsa_ObjectAttribute objectattr;
448 struct lsa_OpenPolicy2 openpolicy;
449 struct policy_handle policy_handle;
451 struct lsa_QueryInfoPolicy queryinfo;
453 struct lsa_Close close;
456 static void get_lsa_pipe_recv_dcs(struct composite_context *ctx);
457 static void get_lsa_pipe_recv_tree(struct composite_context *ctx);
458 static void get_lsa_pipe_recv_pipe(struct composite_context *ctx);
459 static void get_lsa_pipe_recv_openpol(struct rpc_request *req);
460 static void get_lsa_pipe_recv_queryinfo(struct rpc_request *req);
461 static void get_lsa_pipe_recv_close(struct rpc_request *req);
463 struct composite_context *wb_get_lsa_pipe_send(struct wb_get_lsa_pipe *io)
465 struct composite_context *result, *ctx;
466 struct get_lsa_pipe_state *state;
468 result = talloc_zero(NULL, struct composite_context);
469 if (result == NULL) goto failed;
470 result->state = COMPOSITE_STATE_IN_PROGRESS;
471 result->event_ctx = io->in.event_ctx;
473 state = talloc(result, struct get_lsa_pipe_state);
474 if (state == NULL) goto failed;
475 result->private_data = state;
480 state->finddcs = talloc(state, struct wb_finddcs);
481 if (state->finddcs == NULL) goto failed;
483 state->finddcs->in.msg_ctx = io->in.msg_ctx;
484 state->finddcs->in.domain = lp_workgroup();
486 ctx = wb_finddcs_send(state->finddcs, io->in.event_ctx);
487 if (ctx == NULL) goto failed;
489 ctx->async.fn = get_lsa_pipe_recv_dcs;
490 ctx->async.private_data = state;
498 static void get_lsa_pipe_recv_dcs(struct composite_context *ctx)
500 struct get_lsa_pipe_state *state =
501 talloc_get_type(ctx->async.private_data,
502 struct get_lsa_pipe_state);
504 state->ctx->status = wb_finddcs_recv(ctx, state);
505 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
507 state->conn = talloc(state, struct smb_composite_connect);
508 if (state->conn == NULL) {
509 state->ctx->status = NT_STATUS_NO_MEMORY;
513 state->conn->in.dest_host = state->finddcs->out.dcs[0].address;
514 state->conn->in.port = 0;
515 state->conn->in.called_name = state->finddcs->out.dcs[0].name;
516 state->conn->in.service = "IPC$";
517 state->conn->in.service_type = "IPC";
518 state->conn->in.workgroup = lp_workgroup();
520 state->conn->in.credentials = cli_credentials_init(state->conn);
521 if (state->conn->in.credentials == NULL) {
522 state->ctx->status = NT_STATUS_NO_MEMORY;
525 cli_credentials_set_conf(state->conn->in.credentials);
526 cli_credentials_set_anonymous(state->conn->in.credentials);
528 ctx = smb_composite_connect_send(state->conn, state,
529 state->ctx->event_ctx);
531 state->ctx->status = NT_STATUS_NO_MEMORY;
535 ctx->async.fn = get_lsa_pipe_recv_tree;
536 ctx->async.private_data = state;
540 if (!NT_STATUS_IS_OK(state->ctx->status)) {
541 state->ctx->state = COMPOSITE_STATE_ERROR;
543 if ((state->ctx->state >= COMPOSITE_STATE_DONE) &&
544 (state->ctx->async.fn != NULL)) {
545 state->ctx->async.fn(state->ctx);
549 static void get_lsa_pipe_recv_tree(struct composite_context *ctx)
551 struct get_lsa_pipe_state *state =
552 talloc_get_type(ctx->async.private_data,
553 struct get_lsa_pipe_state);
555 state->ctx->status = smb_composite_connect_recv(ctx, state);
556 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
558 state->lsa_pipe = dcerpc_pipe_init(state, state->ctx->event_ctx);
559 if (state->lsa_pipe == NULL) {
560 state->ctx->status = NT_STATUS_NO_MEMORY;
564 ctx = dcerpc_pipe_open_smb_send(state->lsa_pipe->conn,
565 state->conn->out.tree, "\\lsarpc");
567 state->ctx->status = NT_STATUS_NO_MEMORY;
571 ctx->async.fn = get_lsa_pipe_recv_pipe;
572 ctx->async.private_data = state;
576 if (!NT_STATUS_IS_OK(state->ctx->status)) {
577 state->ctx->state = COMPOSITE_STATE_ERROR;
579 if ((state->ctx->state >= COMPOSITE_STATE_DONE) &&
580 (state->ctx->async.fn != NULL)) {
581 state->ctx->async.fn(state->ctx);
585 static void get_lsa_pipe_recv_pipe(struct composite_context *ctx)
587 struct get_lsa_pipe_state *state =
588 talloc_get_type(ctx->async.private_data,
589 struct get_lsa_pipe_state);
590 struct rpc_request *req;
592 state->ctx->status = dcerpc_pipe_open_smb_recv(ctx);
593 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
595 talloc_unlink(state, state->conn->out.tree); /* The pipe owns it now */
596 state->conn->out.tree = NULL;
598 state->ctx->status = dcerpc_bind_auth_none(state->lsa_pipe,
600 DCERPC_LSARPC_VERSION);
601 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
603 ZERO_STRUCT(state->openpolicy);
604 state->openpolicy.in.system_name =
605 talloc_asprintf(state, "\\\\%s",
606 dcerpc_server_name(state->lsa_pipe));
607 ZERO_STRUCT(state->objectattr);
608 state->openpolicy.in.attr = &state->objectattr;
609 state->openpolicy.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
610 state->openpolicy.out.handle = &state->policy_handle;
612 req = dcerpc_lsa_OpenPolicy2_send(state->lsa_pipe, state,
615 state->ctx->status = NT_STATUS_NO_MEMORY;
619 req->async.callback = get_lsa_pipe_recv_openpol;
620 req->async.private = state;
624 if (!NT_STATUS_IS_OK(state->ctx->status)) {
625 state->ctx->state = COMPOSITE_STATE_ERROR;
627 if ((state->ctx->state >= COMPOSITE_STATE_DONE) &&
628 (state->ctx->async.fn != NULL)) {
629 state->ctx->async.fn(state->ctx);
633 static void get_lsa_pipe_recv_openpol(struct rpc_request *req)
635 struct get_lsa_pipe_state *state =
636 talloc_get_type(req->async.private, struct get_lsa_pipe_state);
638 state->ctx->status = dcerpc_ndr_request_recv(req);
639 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
640 state->ctx->status = state->openpolicy.out.result;
641 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
643 ZERO_STRUCT(state->queryinfo);
644 state->queryinfo.in.handle = &state->policy_handle;
645 state->queryinfo.in.level = LSA_POLICY_INFO_ACCOUNT_DOMAIN;
647 req = dcerpc_lsa_QueryInfoPolicy_send(state->lsa_pipe, state,
650 state->ctx->status = NT_STATUS_NO_MEMORY;
654 req->async.callback = get_lsa_pipe_recv_queryinfo;
655 req->async.private = state;
659 if (!NT_STATUS_IS_OK(state->ctx->status)) {
660 state->ctx->state = COMPOSITE_STATE_ERROR;
662 if ((state->ctx->state >= COMPOSITE_STATE_DONE) &&
663 (state->ctx->async.fn != NULL)) {
664 state->ctx->async.fn(state->ctx);
668 static void get_lsa_pipe_recv_queryinfo(struct rpc_request *req)
670 struct get_lsa_pipe_state *state =
671 talloc_get_type(req->async.private, struct get_lsa_pipe_state);
673 state->ctx->status = dcerpc_ndr_request_recv(req);
674 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
675 state->ctx->status = state->queryinfo.out.result;
676 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
678 ZERO_STRUCT(state->close);
679 state->close.in.handle = &state->policy_handle;
680 state->close.out.handle = &state->policy_handle;
682 req = dcerpc_lsa_Close_send(state->lsa_pipe, state,
685 state->ctx->status = NT_STATUS_NO_MEMORY;
689 req->async.callback = get_lsa_pipe_recv_close;
690 req->async.private = state;
694 if (!NT_STATUS_IS_OK(state->ctx->status)) {
695 state->ctx->state = COMPOSITE_STATE_ERROR;
697 if ((state->ctx->state >= COMPOSITE_STATE_DONE) &&
698 (state->ctx->async.fn != NULL)) {
699 state->ctx->async.fn(state->ctx);
703 static void get_lsa_pipe_recv_close(struct rpc_request *req)
705 struct get_lsa_pipe_state *state =
706 talloc_get_type(req->async.private, struct get_lsa_pipe_state);
708 state->ctx->status = dcerpc_ndr_request_recv(req);
709 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
710 state->ctx->status = state->close.out.result;
711 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
713 state->ctx->state = COMPOSITE_STATE_DONE;
716 if (!NT_STATUS_IS_OK(state->ctx->status)) {
717 state->ctx->state = COMPOSITE_STATE_ERROR;
719 if ((state->ctx->state >= COMPOSITE_STATE_DONE) &&
720 (state->ctx->async.fn != NULL)) {
721 state->ctx->async.fn(state->ctx);
725 NTSTATUS wb_get_lsa_pipe_recv(struct composite_context *c,
728 NTSTATUS status = composite_wait(c);
729 struct get_lsa_pipe_state *state =
730 talloc_get_type(c->private_data,
731 struct get_lsa_pipe_state);
732 if (NT_STATUS_IS_OK(status)) {
733 state->io->out.domain_sid =
734 talloc_steal(mem_ctx,
735 state->queryinfo.out.info->domain.sid);
736 state->io->out.pipe =
737 talloc_steal(mem_ctx,
744 NTSTATUS wb_get_lsa_pipe(struct wb_get_lsa_pipe *io,
747 struct composite_context *c = wb_get_lsa_pipe_send(io);
748 return wb_get_lsa_pipe_recv(c, mem_ctx);
751 struct lsa_lookupnames_state {
752 struct composite_context *ctx;
754 struct lsa_LookupNames r;
755 struct lsa_TransSidArray sids;
757 struct wb_sid_object **result;
760 static void lsa_lookupnames_recv_sids(struct rpc_request *req);
762 struct composite_context *wb_lsa_lookupnames_send(struct dcerpc_pipe *lsa_pipe,
763 struct policy_handle *handle,
767 struct composite_context *result;
768 struct rpc_request *req;
769 struct lsa_lookupnames_state *state;
771 struct lsa_String *lsa_names;
774 result = talloc_zero(NULL, struct composite_context);
775 if (result == NULL) goto failed;
776 result->state = COMPOSITE_STATE_IN_PROGRESS;
777 result->event_ctx = lsa_pipe->conn->event_ctx;
779 state = talloc(result, struct lsa_lookupnames_state);
780 if (state == NULL) goto failed;
781 result->private_data = state;
783 state->sids.count = 0;
784 state->sids.sids = NULL;
785 state->num_names = num_names;
788 lsa_names = talloc_array(state, struct lsa_String, num_names);
789 if (lsa_names == NULL) goto failed;
791 for (i=0; i<num_names; i++) {
792 lsa_names[i].string = names[i];
795 state->r.in.handle = handle;
796 state->r.in.num_names = num_names;
797 state->r.in.names = lsa_names;
798 state->r.in.sids = &state->sids;
799 state->r.in.level = 1;
800 state->r.in.count = &state->count;
801 state->r.out.count = &state->count;
802 state->r.out.sids = &state->sids;
804 req = dcerpc_lsa_LookupNames_send(lsa_pipe, state, &state->r);
805 if (req == NULL) goto failed;
807 req->async.callback = lsa_lookupnames_recv_sids;
808 req->async.private = state;
817 static void lsa_lookupnames_recv_sids(struct rpc_request *req)
819 struct lsa_lookupnames_state *state =
820 talloc_get_type(req->async.private,
821 struct lsa_lookupnames_state);
824 state->ctx->status = dcerpc_ndr_request_recv(req);
825 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
826 state->ctx->status = state->r.out.result;
827 if (!NT_STATUS_IS_OK(state->ctx->status) &&
828 !NT_STATUS_EQUAL(state->ctx->status, STATUS_SOME_UNMAPPED)) {
832 state->result = talloc_array(state, struct wb_sid_object *,
834 if (state->result == NULL) {
835 state->ctx->status = NT_STATUS_NO_MEMORY;
839 for (i=0; i<state->num_names; i++) {
840 struct lsa_TranslatedSid *sid = &state->r.out.sids->sids[i];
841 struct lsa_TrustInformation *dom;
843 state->result[i] = talloc_zero(state->result,
844 struct wb_sid_object);
845 if (state->result[i] == NULL) {
846 state->ctx->status = NT_STATUS_NO_MEMORY;
850 state->result[i]->type = sid->sid_type;
851 if (state->result[i]->type == SID_NAME_UNKNOWN) {
855 if (sid->sid_index >= state->r.out.domains->count) {
856 state->ctx->status = NT_STATUS_INVALID_PARAMETER;
860 dom = &state->r.out.domains->domains[sid->sid_index];
862 state->result[i]->sid = dom_sid_add_rid(state->result[i],
866 state->ctx->state = COMPOSITE_STATE_DONE;
869 if (!NT_STATUS_IS_OK(state->ctx->status)) {
870 state->ctx->state = COMPOSITE_STATE_ERROR;
872 if ((state->ctx->state >= COMPOSITE_STATE_DONE) &&
873 (state->ctx->async.fn != NULL)) {
874 state->ctx->async.fn(state->ctx);
878 NTSTATUS wb_lsa_lookupnames_recv(struct composite_context *c,
880 struct wb_sid_object ***sids)
882 NTSTATUS status = composite_wait(c);
883 if (NT_STATUS_IS_OK(status)) {
884 struct lsa_lookupnames_state *state =
885 talloc_get_type(c->private_data,
886 struct lsa_lookupnames_state);
887 *sids = talloc_steal(mem_ctx, state->result);
893 NTSTATUS wb_lsa_lookupnames(struct dcerpc_pipe *lsa_pipe,
894 struct policy_handle *handle,
895 int num_names, const char **names,
897 struct wb_sid_object ***sids)
899 struct composite_context *c =
900 wb_lsa_lookupnames_send(lsa_pipe, handle, num_names, names);
901 return wb_lsa_lookupnames_recv(c, mem_ctx, sids);
904 struct lsa_lookupname_state {
905 struct composite_context *ctx;
906 struct dcerpc_pipe *lsa_pipe;
908 struct wb_sid_object *sid;
910 struct lsa_ObjectAttribute objectattr;
911 struct lsa_OpenPolicy2 openpolicy;
912 struct policy_handle policy_handle;
913 struct lsa_Close close;
916 static void lsa_lookupname_recv_open(struct rpc_request *req);
917 static void lsa_lookupname_recv_sids(struct composite_context *ctx);
919 struct composite_context *wb_lsa_lookupname_send(struct dcerpc_pipe *lsa_pipe,
922 struct composite_context *result;
923 struct rpc_request *req;
924 struct lsa_lookupname_state *state;
926 result = talloc_zero(NULL, struct composite_context);
927 if (result == NULL) goto failed;
928 result->state = COMPOSITE_STATE_IN_PROGRESS;
929 result->event_ctx = lsa_pipe->conn->event_ctx;
931 state = talloc(result, struct lsa_lookupname_state);
932 if (state == NULL) goto failed;
933 result->private_data = state;
935 state->lsa_pipe = lsa_pipe;
936 state->name = talloc_strdup(state, name);
937 if (state->name == NULL) goto failed;
940 ZERO_STRUCT(state->openpolicy);
941 state->openpolicy.in.system_name =
942 talloc_asprintf(state, "\\\\%s",
943 dcerpc_server_name(state->lsa_pipe));
944 ZERO_STRUCT(state->objectattr);
945 state->openpolicy.in.attr = &state->objectattr;
946 state->openpolicy.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
947 state->openpolicy.out.handle = &state->policy_handle;
949 req = dcerpc_lsa_OpenPolicy2_send(state->lsa_pipe, state,
951 if (req == NULL) goto failed;
953 req->async.callback = lsa_lookupname_recv_open;
954 req->async.private = state;
962 static void lsa_lookupname_recv_open(struct rpc_request *req)
964 struct lsa_lookupname_state *state =
965 talloc_get_type(req->async.private,
966 struct lsa_lookupname_state);
967 struct composite_context *ctx;
969 state->ctx->status = dcerpc_ndr_request_recv(req);
970 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
971 state->ctx->status = state->openpolicy.out.result;
972 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
974 ctx = wb_lsa_lookupnames_send(state->lsa_pipe, &state->policy_handle,
977 state->ctx->status = NT_STATUS_NO_MEMORY;
981 ctx->async.fn = lsa_lookupname_recv_sids;
982 ctx->async.private_data = state;
986 if (!NT_STATUS_IS_OK(state->ctx->status)) {
987 state->ctx->state = COMPOSITE_STATE_ERROR;
989 if ((state->ctx->state >= COMPOSITE_STATE_DONE) &&
990 (state->ctx->async.fn != NULL)) {
991 state->ctx->async.fn(state->ctx);
995 static void lsa_lookupname_recv_sids(struct composite_context *ctx)
997 struct lsa_lookupname_state *state =
998 talloc_get_type(ctx->async.private_data,
999 struct lsa_lookupname_state);
1000 struct rpc_request *req;
1001 struct wb_sid_object **sids;
1003 state->ctx->status = wb_lsa_lookupnames_recv(ctx, state, &sids);
1005 if (NT_STATUS_IS_OK(state->ctx->status)) {
1008 state->sid = sids[0];
1012 ZERO_STRUCT(state->close);
1013 state->close.in.handle = &state->policy_handle;
1014 state->close.out.handle = &state->policy_handle;
1016 req = dcerpc_lsa_Close_send(state->lsa_pipe, state,
1019 req->async.callback =
1020 (void(*)(struct rpc_request *))talloc_free;
1023 state->ctx->state = COMPOSITE_STATE_DONE;
1025 if (!NT_STATUS_IS_OK(state->ctx->status)) {
1026 state->ctx->state = COMPOSITE_STATE_ERROR;
1028 if ((state->ctx->state >= COMPOSITE_STATE_DONE) &&
1029 (state->ctx->async.fn != NULL)) {
1030 state->ctx->async.fn(state->ctx);
1034 NTSTATUS wb_lsa_lookupname_recv(struct composite_context *c,
1035 TALLOC_CTX *mem_ctx,
1036 struct wb_sid_object **sid)
1038 NTSTATUS status = composite_wait(c);
1039 if (NT_STATUS_IS_OK(status)) {
1040 struct lsa_lookupname_state *state =
1041 talloc_get_type(c->private_data,
1042 struct lsa_lookupname_state);
1043 *sid = talloc_steal(mem_ctx, state->sid);
1049 NTSTATUS wb_lsa_lookupname(struct dcerpc_pipe *lsa_pipe, const char *name,
1050 TALLOC_CTX *mem_ctx, struct wb_sid_object **sid)
1052 struct composite_context *c =
1053 wb_lsa_lookupname_send(lsa_pipe, name);
1054 return wb_lsa_lookupname_recv(c, mem_ctx, sid);