2 Unix SMB/CIFS implementation.
4 Copyright (C) Volker Lendecke 2005
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
21 a composite API for finding a DC and its name
25 #include "libcli/composite/composite.h"
26 #include "libcli/smb_composite/smb_composite.h"
27 #include "winbind/wb_async_helpers.h"
28 #include "winbind/wb_server.h"
29 #include "smbd/service_stream.h"
31 #include "librpc/gen_ndr/nbt.h"
32 #include "librpc/gen_ndr/samr.h"
33 #include "lib/messaging/irpc.h"
34 #include "librpc/gen_ndr/irpc.h"
35 #include "librpc/gen_ndr/ndr_irpc.h"
36 #include "libcli/raw/libcliraw.h"
37 #include "librpc/gen_ndr/ndr_netlogon.h"
38 #include "librpc/gen_ndr/ndr_lsa.h"
39 #include "libcli/auth/credentials.h"
41 static BOOL comp_is_ok(struct composite_context *ctx)
43 if (NT_STATUS_IS_OK(ctx->status)) {
46 ctx->state = COMPOSITE_STATE_ERROR;
47 if (ctx->async.fn != NULL) {
53 static void comp_error(struct composite_context *ctx, NTSTATUS status)
56 SMB_ASSERT(!comp_is_ok(ctx));
59 static BOOL comp_nomem(const void *p, struct composite_context *ctx)
64 comp_error(ctx, NT_STATUS_NO_MEMORY);
68 static void comp_done(struct composite_context *ctx)
70 ctx->state = COMPOSITE_STATE_DONE;
71 if (ctx->async.fn != NULL) {
76 static void comp_cont(struct composite_context *ctx,
77 struct composite_context *new_ctx,
78 void (*continuation)(struct composite_context *),
81 if (comp_nomem(new_ctx, ctx)) return;
82 new_ctx->async.fn = continuation;
83 new_ctx->async.private_data = private_data;
86 static void rpc_cont(struct composite_context *ctx,
87 struct rpc_request *new_req,
88 void (*continuation)(struct rpc_request *),
91 if (comp_nomem(new_req, ctx)) return;
92 new_req->async.callback = continuation;
93 new_req->async.private = private_data;
96 static void irpc_cont(struct composite_context *ctx,
97 struct irpc_request *new_req,
98 void (*continuation)(struct irpc_request *),
101 if (comp_nomem(new_req, ctx)) return;
102 new_req->async.fn = continuation;
103 new_req->async.private = private_data;
106 struct finddcs_state {
107 struct composite_context *ctx;
108 struct messaging_context *msg_ctx;
110 const char *domain_name;
111 const struct dom_sid *domain_sid;
113 struct nbtd_getdcname r;
116 struct nbt_dc_name *dcs;
119 static void finddcs_resolve(struct composite_context *ctx);
120 static void finddcs_getdc(struct irpc_request *ireq);
122 struct composite_context *wb_finddcs_send(const char *domain_name,
123 const struct dom_sid *domain_sid,
124 struct event_context *event_ctx,
125 struct messaging_context *msg_ctx)
127 struct composite_context *result, *ctx;
128 struct finddcs_state *state;
129 struct nbt_name name;
131 result = talloc_zero(NULL, struct composite_context);
132 if (result == NULL) goto failed;
133 result->state = COMPOSITE_STATE_IN_PROGRESS;
134 result->event_ctx = event_ctx;
136 state = talloc(result, struct finddcs_state);
137 if (state == NULL) goto failed;
139 result->private_data = state;
141 state->domain_name = talloc_strdup(state, domain_name);
142 if (state->domain_name == NULL) goto failed;
143 state->domain_sid = dom_sid_dup(state, domain_sid);
144 if (state->domain_sid == NULL) goto failed;
145 state->msg_ctx = msg_ctx;
147 make_nbt_name(&name, state->domain_name, 0x1c);
148 ctx = resolve_name_send(&name, result->event_ctx,
149 lp_name_resolve_order());
151 if (ctx == NULL) goto failed;
152 ctx->async.fn = finddcs_resolve;
153 ctx->async.private_data = state;
162 static void finddcs_resolve(struct composite_context *ctx)
164 struct finddcs_state *state =
165 talloc_get_type(ctx->async.private_data, struct finddcs_state);
166 struct irpc_request *ireq;
167 uint32_t *nbt_servers;
170 state->ctx->status = resolve_name_recv(ctx, state, &address);
171 if (!comp_is_ok(state->ctx)) return;
174 state->dcs = talloc_array(state, struct nbt_dc_name, state->num_dcs);
175 if (comp_nomem(state->dcs, state->ctx)) return;
177 state->dcs[0].address = talloc_steal(state->dcs, address);
179 nbt_servers = irpc_servers_byname(state->msg_ctx, "nbt_server");
180 if ((nbt_servers == NULL) || (nbt_servers[0] == 0)) {
181 comp_error(state->ctx, NT_STATUS_NO_LOGON_SERVERS);
185 state->r.in.domainname = state->domain_name;
186 state->r.in.ip_address = state->dcs[0].address;
187 state->r.in.my_computername = lp_netbios_name();
188 state->r.in.my_accountname = talloc_asprintf(state, "%s$",
190 if (comp_nomem(state->r.in.my_accountname, state->ctx)) return;
191 state->r.in.account_control = ACB_WSTRUST;
192 state->r.in.domain_sid = dom_sid_dup(state, state->domain_sid);
193 if (comp_nomem(state->r.in.domain_sid, state->ctx)) return;
195 ireq = irpc_call_send(state->msg_ctx, nbt_servers[0],
196 &dcerpc_table_irpc, DCERPC_NBTD_GETDCNAME,
198 irpc_cont(state->ctx, ireq, finddcs_getdc, state);
201 static void finddcs_getdc(struct irpc_request *ireq)
203 struct finddcs_state *state =
204 talloc_get_type(ireq->async.private, struct finddcs_state);
206 state->ctx->status = irpc_call_recv(ireq);
207 if (!comp_is_ok(state->ctx)) return;
209 state->dcs[0].name = talloc_steal(state->dcs, state->r.out.dcname);
210 comp_done(state->ctx);
213 NTSTATUS wb_finddcs_recv(struct composite_context *c, TALLOC_CTX *mem_ctx,
214 int *num_dcs, struct nbt_dc_name **dcs)
216 NTSTATUS status =composite_wait(c);
217 if (NT_STATUS_IS_OK(status)) {
218 struct finddcs_state *state =
219 talloc_get_type(c->private_data, struct finddcs_state);
220 *num_dcs = state->num_dcs;
221 *dcs = talloc_steal(mem_ctx, state->dcs);
227 NTSTATUS wb_finddcs(const char *domain_name, const struct dom_sid *domain_sid,
228 struct event_context *event_ctx,
229 struct messaging_context *msg_ctx,
231 int *num_dcs, struct nbt_dc_name **dcs)
233 struct composite_context *c = wb_finddcs_send(domain_name, domain_sid,
235 return wb_finddcs_recv(c, mem_ctx, num_dcs, dcs);
238 struct get_schannel_creds_state {
239 struct composite_context *ctx;
240 struct cli_credentials *wks_creds;
241 struct dcerpc_pipe *p;
242 struct netr_ServerReqChallenge r;
244 struct creds_CredentialState *creds_state;
245 struct netr_Credential netr_cred;
246 uint32_t negotiate_flags;
247 struct netr_ServerAuthenticate2 a;
250 static void get_schannel_creds_recv_auth(struct rpc_request *req);
251 static void get_schannel_creds_recv_chal(struct rpc_request *req);
252 static void get_schannel_creds_recv_pipe(struct composite_context *ctx);
254 struct composite_context *wb_get_schannel_creds_send(struct cli_credentials *wks_creds,
255 struct smbcli_tree *tree,
256 struct event_context *ev)
258 struct composite_context *result, *ctx;
259 struct get_schannel_creds_state *state;
261 result = talloc_zero(NULL, struct composite_context);
262 if (result == NULL) goto failed;
263 result->state = COMPOSITE_STATE_IN_PROGRESS;
264 result->event_ctx = ev;
266 state = talloc(result, struct get_schannel_creds_state);
267 if (state == NULL) goto failed;
268 result->private_data = state;
271 state->wks_creds = wks_creds;
273 state->p = dcerpc_pipe_init(state, ev);
274 if (state->p == NULL) goto failed;
276 ctx = dcerpc_pipe_open_smb_send(state->p->conn, tree, "\\netlogon");
277 if (ctx == NULL) goto failed;
279 ctx->async.fn = get_schannel_creds_recv_pipe;
280 ctx->async.private_data = state;
288 static void get_schannel_creds_recv_pipe(struct composite_context *ctx)
290 struct get_schannel_creds_state *state =
291 talloc_get_type(ctx->async.private_data,
292 struct get_schannel_creds_state);
293 struct rpc_request *req;
295 state->ctx->status = dcerpc_pipe_open_smb_recv(ctx);
296 if (!comp_is_ok(state->ctx)) return;
298 state->ctx->status = dcerpc_bind_auth_none(state->p,
299 DCERPC_NETLOGON_UUID,
300 DCERPC_NETLOGON_VERSION);
301 if (!comp_is_ok(state->ctx)) return;
303 state->r.in.computer_name =
304 cli_credentials_get_workstation(state->wks_creds);
305 state->r.in.server_name =
306 talloc_asprintf(state, "\\\\%s",
307 dcerpc_server_name(state->p));
308 if (comp_nomem(state->r.in.server_name, state->ctx)) return;
310 state->r.in.credentials = talloc(state, struct netr_Credential);
311 if (comp_nomem(state->r.in.credentials, state->ctx)) return;
313 state->r.out.credentials = talloc(state, struct netr_Credential);
314 if (comp_nomem(state->r.out.credentials, state->ctx)) return;
316 generate_random_buffer(state->r.in.credentials->data,
317 sizeof(state->r.in.credentials->data));
319 req = dcerpc_netr_ServerReqChallenge_send(state->p, state, &state->r);
320 rpc_cont(state->ctx, req, get_schannel_creds_recv_chal, state);
323 static void get_schannel_creds_recv_chal(struct rpc_request *req)
325 struct get_schannel_creds_state *state =
326 talloc_get_type(req->async.private,
327 struct get_schannel_creds_state);
328 const struct samr_Password *mach_pwd;
330 state->ctx->status = dcerpc_ndr_request_recv(req);
331 if (!comp_is_ok(state->ctx)) return;
332 state->ctx->status = state->r.out.result;
333 if (!comp_is_ok(state->ctx)) return;
335 state->creds_state = talloc(state, struct creds_CredentialState);
336 if (comp_nomem(state->creds_state, state->ctx)) return;
338 mach_pwd = cli_credentials_get_nt_hash(state->wks_creds, state);
339 if (comp_nomem(mach_pwd, state->ctx)) return;
341 state->negotiate_flags = NETLOGON_NEG_AUTH2_FLAGS;
343 creds_client_init(state->creds_state, state->r.in.credentials,
344 state->r.out.credentials, mach_pwd,
345 &state->netr_cred, state->negotiate_flags);
347 state->a.in.server_name =
348 talloc_reference(state, state->r.in.server_name);
349 state->a.in.account_name =
350 cli_credentials_get_username(state->wks_creds);
351 state->a.in.secure_channel_type =
352 cli_credentials_get_secure_channel_type(state->wks_creds);
353 state->a.in.computer_name =
354 cli_credentials_get_workstation(state->wks_creds);
355 state->a.in.negotiate_flags = &state->negotiate_flags;
356 state->a.out.negotiate_flags = &state->negotiate_flags;
357 state->a.in.credentials = &state->netr_cred;
358 state->a.out.credentials = &state->netr_cred;
360 req = dcerpc_netr_ServerAuthenticate2_send(state->p, state, &state->a);
361 rpc_cont(state->ctx, req, get_schannel_creds_recv_auth, state);
364 static void get_schannel_creds_recv_auth(struct rpc_request *req)
366 struct get_schannel_creds_state *state =
367 talloc_get_type(req->async.private,
368 struct get_schannel_creds_state);
370 state->ctx->status = dcerpc_ndr_request_recv(req);
371 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
372 state->ctx->status = state->a.out.result;
373 if (!NT_STATUS_IS_OK(state->ctx->status)) goto done;
375 if (!creds_client_check(state->creds_state,
376 state->a.out.credentials)) {
377 DEBUG(5, ("Server got us invalid creds\n"));
378 state->ctx->status = NT_STATUS_UNSUCCESSFUL;
382 cli_credentials_set_netlogon_creds(state->wks_creds, state->creds_state);
384 state->ctx->state = COMPOSITE_STATE_DONE;
387 if (!NT_STATUS_IS_OK(state->ctx->status)) {
388 state->ctx->state = COMPOSITE_STATE_ERROR;
390 if ((state->ctx->state >= COMPOSITE_STATE_DONE) &&
391 (state->ctx->async.fn != NULL)) {
392 state->ctx->async.fn(state->ctx);
396 NTSTATUS wb_get_schannel_creds_recv(struct composite_context *c,
398 struct dcerpc_pipe **netlogon_pipe)
400 NTSTATUS status = composite_wait(c);
401 if (NT_STATUS_IS_OK(status)) {
402 struct get_schannel_creds_state *state =
403 talloc_get_type(c->private_data,
404 struct get_schannel_creds_state);
405 *netlogon_pipe = talloc_steal(mem_ctx, state->p);
411 NTSTATUS wb_get_schannel_creds(struct cli_credentials *wks_creds,
412 struct smbcli_tree *tree,
413 struct event_context *event_ctx,
415 struct dcerpc_pipe **netlogon_pipe)
417 struct composite_context *c =
418 wb_get_schannel_creds_send(wks_creds, tree, event_ctx);
419 return wb_get_schannel_creds_recv(c, mem_ctx, netlogon_pipe);
422 struct get_lsa_pipe_state {
423 struct composite_context *ctx;
424 const char *domain_name;
425 const struct dom_sid *domain_sid;
427 struct smb_composite_connect conn;
428 struct dcerpc_pipe *lsa_pipe;
430 struct lsa_ObjectAttribute objectattr;
431 struct lsa_OpenPolicy2 openpolicy;
432 struct policy_handle policy_handle;
434 struct lsa_QueryInfoPolicy queryinfo;
436 struct lsa_Close close;
439 static void get_lsa_pipe_recv_dcs(struct composite_context *ctx);
440 static void get_lsa_pipe_recv_tree(struct composite_context *ctx);
441 static void get_lsa_pipe_recv_pipe(struct composite_context *ctx);
442 static void get_lsa_pipe_recv_openpol(struct rpc_request *req);
443 static void get_lsa_pipe_recv_queryinfo(struct rpc_request *req);
444 static void get_lsa_pipe_recv_close(struct rpc_request *req);
446 struct composite_context *wb_get_lsa_pipe_send(struct event_context *event_ctx,
447 struct messaging_context *msg_ctx,
448 const char *domain_name,
449 const struct dom_sid *domain_sid)
451 struct composite_context *result, *ctx;
452 struct get_lsa_pipe_state *state;
454 result = talloc_zero(NULL, struct composite_context);
455 if (result == NULL) goto failed;
456 result->state = COMPOSITE_STATE_IN_PROGRESS;
457 result->event_ctx = event_ctx;
459 state = talloc(result, struct get_lsa_pipe_state);
460 if (state == NULL) goto failed;
461 result->private_data = state;
464 state->domain_name = domain_name;
465 state->domain_sid = domain_sid;
467 ctx = wb_finddcs_send(domain_name, domain_sid, event_ctx, msg_ctx);
468 if (ctx == NULL) goto failed;
470 ctx->async.fn = get_lsa_pipe_recv_dcs;
471 ctx->async.private_data = state;
479 static void get_lsa_pipe_recv_dcs(struct composite_context *ctx)
481 struct get_lsa_pipe_state *state =
482 talloc_get_type(ctx->async.private_data,
483 struct get_lsa_pipe_state);
486 struct nbt_dc_name *dcs;
488 state->ctx->status = wb_finddcs_recv(ctx, state, &num_dcs, &dcs);
489 if (!comp_is_ok(state->ctx)) return;
492 comp_error(state->ctx, NT_STATUS_NO_LOGON_SERVERS);
496 state->conn.in.dest_host = dcs[0].address;
497 state->conn.in.port = 0;
498 state->conn.in.called_name = dcs[0].name;
499 state->conn.in.service = "IPC$";
500 state->conn.in.service_type = "IPC";
501 state->conn.in.workgroup = state->domain_name;
503 state->conn.in.credentials = cli_credentials_init(state);
504 if (comp_nomem(state->conn.in.credentials, state->ctx)) return;
505 cli_credentials_set_conf(state->conn.in.credentials);
506 cli_credentials_set_anonymous(state->conn.in.credentials);
508 ctx = smb_composite_connect_send(&state->conn, state,
509 state->ctx->event_ctx);
510 comp_cont(state->ctx, ctx, get_lsa_pipe_recv_tree, state);
513 static void get_lsa_pipe_recv_tree(struct composite_context *ctx)
515 struct get_lsa_pipe_state *state =
516 talloc_get_type(ctx->async.private_data,
517 struct get_lsa_pipe_state);
519 state->ctx->status = smb_composite_connect_recv(ctx, state);
520 if (!comp_is_ok(state->ctx)) return;
522 state->lsa_pipe = dcerpc_pipe_init(state, state->ctx->event_ctx);
523 if (comp_nomem(state->lsa_pipe, state->ctx)) return;
525 ctx = dcerpc_pipe_open_smb_send(state->lsa_pipe->conn,
526 state->conn.out.tree, "\\lsarpc");
527 comp_cont(state->ctx, ctx, get_lsa_pipe_recv_pipe, state);
530 static void get_lsa_pipe_recv_pipe(struct composite_context *ctx)
532 struct get_lsa_pipe_state *state =
533 talloc_get_type(ctx->async.private_data,
534 struct get_lsa_pipe_state);
535 struct rpc_request *req;
537 state->ctx->status = dcerpc_pipe_open_smb_recv(ctx);
538 if (!comp_is_ok(state->ctx)) return;
540 talloc_unlink(state, state->conn.out.tree); /* The pipe owns it now */
541 state->conn.out.tree = NULL;
543 state->ctx->status = dcerpc_bind_auth_none(state->lsa_pipe,
545 DCERPC_LSARPC_VERSION);
546 if (!comp_is_ok(state->ctx)) return;
548 state->openpolicy.in.system_name =
549 talloc_asprintf(state, "\\\\%s",
550 dcerpc_server_name(state->lsa_pipe));
551 if (comp_nomem(state->openpolicy.in.system_name, state->ctx)) return;
553 ZERO_STRUCT(state->objectattr);
554 state->openpolicy.in.attr = &state->objectattr;
555 state->openpolicy.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
556 state->openpolicy.out.handle = &state->policy_handle;
558 req = dcerpc_lsa_OpenPolicy2_send(state->lsa_pipe, state,
560 rpc_cont(state->ctx, req, get_lsa_pipe_recv_openpol, state);
563 static void get_lsa_pipe_recv_openpol(struct rpc_request *req)
565 struct get_lsa_pipe_state *state =
566 talloc_get_type(req->async.private, struct get_lsa_pipe_state);
568 state->ctx->status = dcerpc_ndr_request_recv(req);
569 if (!comp_is_ok(state->ctx)) return;
570 state->ctx->status = state->openpolicy.out.result;
571 if (!comp_is_ok(state->ctx)) return;
573 state->queryinfo.in.handle = &state->policy_handle;
574 state->queryinfo.in.level = LSA_POLICY_INFO_ACCOUNT_DOMAIN;
576 req = dcerpc_lsa_QueryInfoPolicy_send(state->lsa_pipe, state,
578 rpc_cont(state->ctx, req, get_lsa_pipe_recv_queryinfo, state);
581 static void get_lsa_pipe_recv_queryinfo(struct rpc_request *req)
583 struct get_lsa_pipe_state *state =
584 talloc_get_type(req->async.private, struct get_lsa_pipe_state);
585 struct lsa_DomainInfo *dominfo;
587 state->ctx->status = dcerpc_ndr_request_recv(req);
588 if (!comp_is_ok(state->ctx)) return;
589 state->ctx->status = state->queryinfo.out.result;
590 if (!comp_is_ok(state->ctx)) return;
592 dominfo = &state->queryinfo.out.info->account_domain;
594 if (strcasecmp(state->domain_name, dominfo->name.string) != 0) {
595 DEBUG(2, ("Expected domain name %s, DC %s said %s\n",
597 dcerpc_server_name(state->lsa_pipe),
598 dominfo->name.string));
599 comp_error(state->ctx, NT_STATUS_INVALID_DOMAIN_STATE);
603 if (!dom_sid_equal(state->domain_sid, dominfo->sid)) {
604 DEBUG(2, ("Expected domain sid %s, DC %s said %s\n",
605 dom_sid_string(state, state->domain_sid),
606 dcerpc_server_name(state->lsa_pipe),
607 dom_sid_string(state, dominfo->sid)));
608 comp_error(state->ctx, NT_STATUS_INVALID_DOMAIN_STATE);
612 state->close.in.handle = &state->policy_handle;
613 state->close.out.handle = &state->policy_handle;
615 req = dcerpc_lsa_Close_send(state->lsa_pipe, state,
617 rpc_cont(state->ctx, req, get_lsa_pipe_recv_close, state);
620 static void get_lsa_pipe_recv_close(struct rpc_request *req)
622 struct get_lsa_pipe_state *state =
623 talloc_get_type(req->async.private, struct get_lsa_pipe_state);
625 state->ctx->status = dcerpc_ndr_request_recv(req);
626 if (!comp_is_ok(state->ctx)) return;
627 state->ctx->status = state->close.out.result;
628 if (!comp_is_ok(state->ctx)) return;
630 comp_done(state->ctx);
633 NTSTATUS wb_get_lsa_pipe_recv(struct composite_context *c, TALLOC_CTX *mem_ctx,
634 struct dcerpc_pipe **pipe)
636 NTSTATUS status = composite_wait(c);
637 if (NT_STATUS_IS_OK(status)) {
638 struct get_lsa_pipe_state *state =
639 talloc_get_type(c->private_data,
640 struct get_lsa_pipe_state);
641 *pipe = talloc_steal(mem_ctx, state->lsa_pipe);
647 NTSTATUS wb_get_lsa_pipe(struct event_context *event_ctx,
648 struct messaging_context *msg_ctx,
649 const char *domain_name,
650 const struct dom_sid *domain_sid,
652 struct dcerpc_pipe **pipe)
654 struct composite_context *c =
655 wb_get_lsa_pipe_send(event_ctx, msg_ctx, domain_name,
657 return wb_get_lsa_pipe_recv(c, mem_ctx, pipe);
660 struct lsa_lookupnames_state {
661 struct composite_context *ctx;
663 struct lsa_LookupNames r;
664 struct lsa_TransSidArray sids;
666 struct wb_sid_object **result;
669 static void lsa_lookupnames_recv_sids(struct rpc_request *req);
671 struct composite_context *wb_lsa_lookupnames_send(struct dcerpc_pipe *lsa_pipe,
672 struct policy_handle *handle,
676 struct composite_context *result;
677 struct rpc_request *req;
678 struct lsa_lookupnames_state *state;
680 struct lsa_String *lsa_names;
683 result = talloc_zero(NULL, struct composite_context);
684 if (result == NULL) goto failed;
685 result->state = COMPOSITE_STATE_IN_PROGRESS;
686 result->event_ctx = lsa_pipe->conn->event_ctx;
688 state = talloc(result, struct lsa_lookupnames_state);
689 if (state == NULL) goto failed;
690 result->private_data = state;
693 state->sids.count = 0;
694 state->sids.sids = NULL;
695 state->num_names = num_names;
698 lsa_names = talloc_array(state, struct lsa_String, num_names);
699 if (lsa_names == NULL) goto failed;
701 for (i=0; i<num_names; i++) {
702 lsa_names[i].string = names[i];
705 state->r.in.handle = handle;
706 state->r.in.num_names = num_names;
707 state->r.in.names = lsa_names;
708 state->r.in.sids = &state->sids;
709 state->r.in.level = 1;
710 state->r.in.count = &state->count;
711 state->r.out.count = &state->count;
712 state->r.out.sids = &state->sids;
714 req = dcerpc_lsa_LookupNames_send(lsa_pipe, state, &state->r);
715 if (req == NULL) goto failed;
717 req->async.callback = lsa_lookupnames_recv_sids;
718 req->async.private = state;
726 static void lsa_lookupnames_recv_sids(struct rpc_request *req)
728 struct lsa_lookupnames_state *state =
729 talloc_get_type(req->async.private,
730 struct lsa_lookupnames_state);
733 state->ctx->status = dcerpc_ndr_request_recv(req);
734 if (!comp_is_ok(state->ctx)) return;
735 state->ctx->status = state->r.out.result;
736 if (!NT_STATUS_IS_OK(state->ctx->status) &&
737 !NT_STATUS_EQUAL(state->ctx->status, STATUS_SOME_UNMAPPED)) {
738 comp_error(state->ctx, state->ctx->status);
742 state->result = talloc_array(state, struct wb_sid_object *,
744 if (comp_nomem(state->result, state->ctx)) return;
746 for (i=0; i<state->num_names; i++) {
747 struct lsa_TranslatedSid *sid = &state->r.out.sids->sids[i];
748 struct lsa_TrustInformation *dom;
750 state->result[i] = talloc_zero(state->result,
751 struct wb_sid_object);
752 if (comp_nomem(state->result[i], state->ctx)) return;
754 state->result[i]->type = sid->sid_type;
755 if (state->result[i]->type == SID_NAME_UNKNOWN) {
759 if (sid->sid_index >= state->r.out.domains->count) {
760 comp_error(state->ctx, NT_STATUS_INVALID_PARAMETER);
764 dom = &state->r.out.domains->domains[sid->sid_index];
766 state->result[i]->sid = dom_sid_add_rid(state->result[i],
770 comp_done(state->ctx);
773 NTSTATUS wb_lsa_lookupnames_recv(struct composite_context *c,
775 struct wb_sid_object ***sids)
777 NTSTATUS status = composite_wait(c);
778 if (NT_STATUS_IS_OK(status)) {
779 struct lsa_lookupnames_state *state =
780 talloc_get_type(c->private_data,
781 struct lsa_lookupnames_state);
782 *sids = talloc_steal(mem_ctx, state->result);
788 NTSTATUS wb_lsa_lookupnames(struct dcerpc_pipe *lsa_pipe,
789 struct policy_handle *handle,
790 int num_names, const char **names,
792 struct wb_sid_object ***sids)
794 struct composite_context *c =
795 wb_lsa_lookupnames_send(lsa_pipe, handle, num_names, names);
796 return wb_lsa_lookupnames_recv(c, mem_ctx, sids);
799 struct lsa_lookupname_state {
800 struct composite_context *ctx;
801 struct dcerpc_pipe *lsa_pipe;
803 struct wb_sid_object *sid;
805 struct lsa_ObjectAttribute objectattr;
806 struct lsa_OpenPolicy2 openpolicy;
807 struct policy_handle policy_handle;
808 struct lsa_Close close;
811 static void lsa_lookupname_recv_open(struct rpc_request *req);
812 static void lsa_lookupname_recv_sids(struct composite_context *ctx);
814 struct composite_context *wb_lsa_lookupname_send(struct dcerpc_pipe *lsa_pipe,
817 struct composite_context *result;
818 struct rpc_request *req;
819 struct lsa_lookupname_state *state;
821 result = talloc_zero(NULL, struct composite_context);
822 if (result == NULL) goto failed;
823 result->state = COMPOSITE_STATE_IN_PROGRESS;
824 result->event_ctx = lsa_pipe->conn->event_ctx;
826 state = talloc(result, struct lsa_lookupname_state);
827 if (state == NULL) goto failed;
828 result->private_data = state;
830 state->lsa_pipe = lsa_pipe;
831 state->name = talloc_strdup(state, name);
832 if (state->name == NULL) goto failed;
835 state->openpolicy.in.system_name =
836 talloc_asprintf(state, "\\\\%s",
837 dcerpc_server_name(state->lsa_pipe));
838 ZERO_STRUCT(state->objectattr);
839 state->openpolicy.in.attr = &state->objectattr;
840 state->openpolicy.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
841 state->openpolicy.out.handle = &state->policy_handle;
843 req = dcerpc_lsa_OpenPolicy2_send(state->lsa_pipe, state,
845 if (req == NULL) goto failed;
847 req->async.callback = lsa_lookupname_recv_open;
848 req->async.private = state;
856 static void lsa_lookupname_recv_open(struct rpc_request *req)
858 struct lsa_lookupname_state *state =
859 talloc_get_type(req->async.private,
860 struct lsa_lookupname_state);
861 struct composite_context *ctx;
863 state->ctx->status = dcerpc_ndr_request_recv(req);
864 if (!comp_is_ok(state->ctx)) return;
865 state->ctx->status = state->openpolicy.out.result;
866 if (!comp_is_ok(state->ctx)) return;
868 ctx = wb_lsa_lookupnames_send(state->lsa_pipe, &state->policy_handle,
870 comp_cont(state->ctx, ctx, lsa_lookupname_recv_sids, state);
873 static void lsa_lookupname_recv_sids(struct composite_context *ctx)
875 struct lsa_lookupname_state *state =
876 talloc_get_type(ctx->async.private_data,
877 struct lsa_lookupname_state);
878 struct rpc_request *req;
879 struct wb_sid_object **sids;
881 state->ctx->status = wb_lsa_lookupnames_recv(ctx, state, &sids);
883 if (NT_STATUS_IS_OK(state->ctx->status)) {
886 state->sid = sids[0];
890 state->close.in.handle = &state->policy_handle;
891 state->close.out.handle = &state->policy_handle;
893 req = dcerpc_lsa_Close_send(state->lsa_pipe, state,
896 req->async.callback =
897 (void(*)(struct rpc_request *))talloc_free;
900 comp_done(state->ctx);
903 NTSTATUS wb_lsa_lookupname_recv(struct composite_context *c,
905 struct wb_sid_object **sid)
907 NTSTATUS status = composite_wait(c);
908 if (NT_STATUS_IS_OK(status)) {
909 struct lsa_lookupname_state *state =
910 talloc_get_type(c->private_data,
911 struct lsa_lookupname_state);
912 *sid = talloc_steal(mem_ctx, state->sid);
918 NTSTATUS wb_lsa_lookupname(struct dcerpc_pipe *lsa_pipe, const char *name,
919 TALLOC_CTX *mem_ctx, struct wb_sid_object **sid)
921 struct composite_context *c =
922 wb_lsa_lookupname_send(lsa_pipe, name);
923 return wb_lsa_lookupname_recv(c, mem_ctx, sid);
926 struct cmd_lookupname_state {
927 struct composite_context *ctx;
928 struct wbsrv_call *call;
929 struct wbsrv_domain *domain;
931 struct wb_sid_object *result;
934 static void cmd_lookupname_recv_lsa(struct composite_context *ctx);
935 static void cmd_lookupname_recv_sid(struct composite_context *ctx);
937 struct composite_context *wb_cmd_lookupname_send(struct wbsrv_call *call,
940 struct composite_context *result, *ctx;
941 struct cmd_lookupname_state *state;
942 struct wbsrv_service *service = call->wbconn->listen_socket->service;
944 result = talloc_zero(call, struct composite_context);
945 if (result == NULL) goto failed;
946 result->state = COMPOSITE_STATE_IN_PROGRESS;
947 result->event_ctx = call->event_ctx;
949 state = talloc(result, struct cmd_lookupname_state);
950 if (state == NULL) goto failed;
952 result->private_data = state;
955 state->name = talloc_strdup(state, name);
957 state->domain = service->domains;
959 if (state->domain->lsa_pipe != NULL) {
960 ctx = wb_lsa_lookupname_send(state->domain->lsa_pipe, name);
961 if (ctx == NULL) goto failed;
962 ctx->async.fn = cmd_lookupname_recv_sid;
963 ctx->async.private_data = state;
967 ctx = wb_get_lsa_pipe_send(result->event_ctx,
968 call->wbconn->conn->msg_ctx,
971 if (ctx == NULL) goto failed;
972 ctx->async.fn = cmd_lookupname_recv_lsa;
973 ctx->async.private_data = state;
981 static void cmd_lookupname_recv_lsa(struct composite_context *ctx)
983 struct cmd_lookupname_state *state =
984 talloc_get_type(ctx->async.private_data,
985 struct cmd_lookupname_state);
986 struct wbsrv_service *service =
987 state->call->wbconn->listen_socket->service;
989 struct dcerpc_pipe *pipe;
991 state->ctx->status = wb_get_lsa_pipe_recv(ctx, state, &pipe);
992 if (!comp_is_ok(state->ctx)) return;
994 if (state->domain->lsa_pipe == NULL) {
995 /* Only put the new pipe in if nobody else was faster. */
996 state->domain->lsa_pipe = talloc_steal(service, pipe);
999 ctx = wb_lsa_lookupname_send(state->domain->lsa_pipe, state->name);
1000 comp_cont(state->ctx, ctx, cmd_lookupname_recv_sid, state);
1003 static void cmd_lookupname_recv_sid(struct composite_context *ctx)
1005 struct cmd_lookupname_state *state =
1006 talloc_get_type(ctx->async.private_data,
1007 struct cmd_lookupname_state);
1009 state->ctx->status = wb_lsa_lookupname_recv(ctx, state,
1011 if (!comp_is_ok(state->ctx)) return;
1013 comp_done(state->ctx);
1016 NTSTATUS wb_cmd_lookupname_recv(struct composite_context *c,
1017 TALLOC_CTX *mem_ctx,
1018 struct wb_sid_object **sid)
1020 NTSTATUS status = composite_wait(c);
1021 if (NT_STATUS_IS_OK(status)) {
1022 struct cmd_lookupname_state *state =
1023 talloc_get_type(c->private_data,
1024 struct cmd_lookupname_state);
1025 *sid = talloc_steal(mem_ctx, state->result);
1031 NTSTATUS wb_cmd_lookupname(struct wbsrv_call *call, const char *name,
1032 TALLOC_CTX *mem_ctx, struct wb_sid_object **sid)
1034 struct composite_context *c =
1035 wb_cmd_lookupname_send(call, name);
1036 return wb_cmd_lookupname_recv(c, mem_ctx, sid);
1039 struct cmd_checkmachacc_state {
1040 struct composite_context *ctx;
1041 struct wbsrv_call *call;
1042 struct wbsrv_domain *domain;
1045 static void cmd_checkmachacc_recv_lsa(struct composite_context *ctx);
1046 static void cmd_checkmachacc_recv_creds(struct composite_context *ctx);
1048 struct composite_context *wb_cmd_checkmachacc_send(struct wbsrv_call *call)
1050 struct composite_context *result, *ctx;
1051 struct cmd_checkmachacc_state *state;
1052 struct wbsrv_service *service = call->wbconn->listen_socket->service;
1054 result = talloc(call, struct composite_context);
1055 if (result == NULL) goto failed;
1056 result->state = COMPOSITE_STATE_IN_PROGRESS;
1057 result->event_ctx = call->event_ctx;
1059 state = talloc(result, struct cmd_checkmachacc_state);
1060 if (state == NULL) goto failed;
1061 state->ctx = result;
1062 result->private_data = state;
1065 state->domain = service->domains;
1067 if (state->domain->schannel_creds != NULL) {
1068 talloc_free(state->domain->schannel_creds);
1071 state->domain->schannel_creds = cli_credentials_init(service);
1072 if (state->domain->schannel_creds == NULL) goto failed;
1074 cli_credentials_set_conf(state->domain->schannel_creds);
1076 state->ctx->status =
1077 cli_credentials_set_machine_account(state->domain->
1079 if (!NT_STATUS_IS_OK(state->ctx->status)) goto failed;
1081 if (state->domain->netlogon_auth2_pipe != NULL) {
1082 talloc_free(state->domain->netlogon_auth2_pipe);
1083 state->domain->netlogon_auth2_pipe = NULL;
1086 if (state->domain->lsa_pipe != NULL) {
1087 struct smbcli_tree *tree =
1088 dcerpc_smb_tree(state->domain->lsa_pipe->conn);
1090 if (tree == NULL) goto failed;
1092 ctx = wb_get_schannel_creds_send(state->domain->schannel_creds,
1093 tree, result->event_ctx);
1094 if (ctx == NULL) goto failed;
1096 ctx->async.fn = cmd_checkmachacc_recv_creds;
1097 ctx->async.private_data = state;
1101 ctx = wb_get_lsa_pipe_send(result->event_ctx,
1102 call->wbconn->conn->msg_ctx,
1103 state->domain->name,
1104 state->domain->sid);
1105 if (ctx == NULL) goto failed;
1106 ctx->async.fn = cmd_checkmachacc_recv_lsa;
1107 ctx->async.private_data = state;
1112 talloc_free(result);
1116 static void cmd_checkmachacc_recv_lsa(struct composite_context *ctx)
1118 struct cmd_checkmachacc_state *state =
1119 talloc_get_type(ctx->async.private_data,
1120 struct cmd_checkmachacc_state);
1121 struct wbsrv_service *service =
1122 state->call->wbconn->listen_socket->service;
1124 struct dcerpc_pipe *pipe;
1125 struct smbcli_tree *tree;
1127 state->ctx->status = wb_get_lsa_pipe_recv(ctx, state, &pipe);
1128 if (!comp_is_ok(state->ctx)) return;
1130 if (state->domain->lsa_pipe == NULL) {
1131 /* We gonna drop "our" pipe if someone else was faster */
1132 state->domain->lsa_pipe = talloc_steal(service, pipe);
1135 tree = dcerpc_smb_tree(state->domain->lsa_pipe->conn);
1138 comp_error(state->ctx, NT_STATUS_INVALID_PARAMETER);
1142 ctx = wb_get_schannel_creds_send(state->domain->schannel_creds, tree,
1143 state->ctx->event_ctx);
1144 comp_cont(state->ctx, ctx, cmd_checkmachacc_recv_creds, state);
1147 static void cmd_checkmachacc_recv_creds(struct composite_context *ctx)
1149 struct cmd_checkmachacc_state *state =
1150 talloc_get_type(ctx->async.private_data,
1151 struct cmd_checkmachacc_state);
1152 struct wbsrv_service *service =
1153 state->call->wbconn->listen_socket->service;
1154 struct dcerpc_pipe *pipe;
1156 state->ctx->status = wb_get_schannel_creds_recv(ctx, state, &pipe);
1157 if (!comp_is_ok(state->ctx)) return;
1159 if (state->domain->netlogon_auth2_pipe != NULL) {
1160 /* Someone else was faster, we need to replace it with our
1162 talloc_free(state->domain->netlogon_auth2_pipe);
1165 state->domain->netlogon_auth2_pipe = talloc_steal(service, pipe);
1167 comp_done(state->ctx);
1170 NTSTATUS wb_cmd_checkmachacc_recv(struct composite_context *c)
1172 return composite_wait(c);
1175 NTSTATUS wb_cmd_checkmachacc(struct wbsrv_call *call)
1177 struct composite_context *c = wb_cmd_checkmachacc_send(call);
1178 return wb_cmd_checkmachacc_recv(c);
1181 struct get_netlogon_pipe_state {
1182 struct composite_context *ctx;
1183 struct wbsrv_call *call;
1184 struct wbsrv_domain *domain;
1185 struct dcerpc_pipe *p;
1188 static void get_netlogon_pipe_recv_machacc(struct composite_context *ctx);
1189 static void get_netlogon_pipe_recv_pipe(struct composite_context *ctx);
1191 struct composite_context *wb_get_netlogon_pipe_send(struct wbsrv_call *call)
1193 struct composite_context *result, *ctx;
1194 struct get_netlogon_pipe_state *state;
1195 struct wbsrv_service *service = call->wbconn->listen_socket->service;
1197 result = talloc(call, struct composite_context);
1198 if (result == NULL) goto failed;
1199 result->state = COMPOSITE_STATE_IN_PROGRESS;
1200 result->event_ctx = call->event_ctx;
1202 state = talloc(result, struct get_netlogon_pipe_state);
1203 if (state == NULL) goto failed;
1204 state->ctx = result;
1205 result->private_data = state;
1208 state->domain = service->domains;
1210 if (state->domain->netlogon_pipe != NULL) {
1211 talloc_free(state->domain->netlogon_pipe);
1212 state->domain->netlogon_pipe = NULL;
1215 ctx = wb_cmd_checkmachacc_send(call);
1216 if (ctx == NULL) goto failed;
1217 ctx->async.fn = get_netlogon_pipe_recv_machacc;
1218 ctx->async.private_data = state;
1222 talloc_free(result);
1226 static void get_netlogon_pipe_recv_machacc(struct composite_context *ctx)
1228 struct get_netlogon_pipe_state *state =
1229 talloc_get_type(ctx->async.private_data,
1230 struct get_netlogon_pipe_state);
1232 struct smbcli_tree *tree = NULL;
1234 state->ctx->status = wb_cmd_checkmachacc_recv(ctx);
1235 if (!comp_is_ok(state->ctx)) return;
1237 state->p = dcerpc_pipe_init(state, state->ctx->event_ctx);
1238 if (comp_nomem(state->p, state->ctx)) return;
1240 if (state->domain->lsa_pipe != NULL) {
1241 tree = dcerpc_smb_tree(state->domain->lsa_pipe->conn);
1245 comp_error(state->ctx, NT_STATUS_INTERNAL_ERROR);
1249 ctx = dcerpc_pipe_open_smb_send(state->p->conn, tree, "\\netlogon");
1250 comp_cont(state->ctx, ctx, get_netlogon_pipe_recv_pipe, state);
1253 static void get_netlogon_pipe_recv_pipe(struct composite_context *ctx)
1255 struct get_netlogon_pipe_state *state =
1256 talloc_get_type(ctx->async.private_data,
1257 struct get_netlogon_pipe_state);
1258 struct wbsrv_service *service =
1259 state->call->wbconn->listen_socket->service;
1261 state->ctx->status = dcerpc_pipe_open_smb_recv(ctx);
1262 if (!comp_is_ok(state->ctx)) return;
1264 state->p->conn->flags |= (DCERPC_SIGN | DCERPC_SEAL);
1265 state->ctx->status =
1266 dcerpc_bind_auth_password(state->p,
1267 DCERPC_NETLOGON_UUID,
1268 DCERPC_NETLOGON_VERSION,
1269 state->domain->schannel_creds,
1270 DCERPC_AUTH_TYPE_SCHANNEL,
1272 if (!comp_is_ok(state->ctx)) return;
1274 state->domain->netlogon_pipe = talloc_steal(service, state->p);
1275 comp_done(state->ctx);
1278 NTSTATUS wb_get_netlogon_pipe_recv(struct composite_context *c)
1280 return composite_wait(c);
1283 NTSTATUS wb_get_netlogon_pipe(struct wbsrv_call *call)
1285 struct composite_context *c = wb_get_netlogon_pipe_send(call);
1286 return wb_get_netlogon_pipe_recv(c);