Version 1.9.
Pipe SMB reply routines
Copyright (C) Andrew Tridgell 1992-1997,
- Paul Ashton 1997,
- Luke Kenneth Casson Leighton 1996-1997.
+ Copyright (C) Luke Kenneth Casson Leighton 1996-1997.
+ Copyright (C) Paul Ashton 1997.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
#include "includes.h"
#include "trans2.h"
+#include "nterr.h"
#define PIPE "\\PIPE\\"
#define PIPELEN strlen(PIPE)
char * known_pipes [] =
{
"lsarpc",
-#if 0
+#if NTDOMAIN
"NETLOGON",
#endif
NULL
return(True);
}
+
+#ifdef NTDOMAIN
/*
PAXX: Someone fix above.
The above API is indexing RPC calls based on RPC flags and
fragment length. I've decided to do it based on operation number :-)
*/
+/* this function is due to be replaced */
+static void initrpcreply(char *inbuf, char *q)
+{
+ uint32 callid;
+
+ SCVAL(q, 0, 5); q++; /* RPC version 5 */
+ SCVAL(q, 0, 0); q++; /* minor version 0 */
+ SCVAL(q, 0, 2); q++; /* RPC response packet */
+ SCVAL(q, 0, 3); q++; /* first frag + last frag */
+ RSIVAL(q, 0, 0x10000000); q += 4; /* packed data representation */
+ RSSVAL(q, 0, 0); q += 2; /* fragment length, fill in later */
+ SSVAL(q, 0, 0); q += 2; /* authentication length */
+ callid = RIVAL(inbuf, 12);
+ RSIVAL(q, 0, callid); q += 4; /* call identifier - match incoming RPC */
+ SIVAL(q, 0, 0x18); q += 4; /* allocation hint (no idea) */
+ SSVAL(q, 0, 0); q += 2; /* presentation context identifier */
+ SCVAL(q, 0, 0); q++; /* cancel count */
+ SCVAL(q, 0, 0); q++; /* reserved */
+}
+
+/* this function is due to be replaced */
+static void endrpcreply(char *inbuf, char *q, int datalen, int rtnval, int *rlen)
+{
+ SSVAL(q, 8, datalen + 4);
+ SIVAL(q,0x10,datalen+4-0x18); /* allocation hint */
+ SIVAL(q, datalen, rtnval);
+ *rlen = datalen + 4;
+ { int fd; fd = open("/tmp/rpc", O_RDWR); write(fd, q, datalen + 4); }
+}
+
+/* RID username mapping function. just for fun, it maps to the unix uid */
+static uint32 name_to_rid(char *user_name)
+{
+ struct passwd *pw = Get_Pwnam(user_name, False);
+ if (!pw)
+ {
+ DEBUG(1,("Username %s is invalid on this system\n", user_name));
+ return (uint32)(-1);
+ }
+
+ return (uint32)(pw->pw_uid);
+}
+
+
+/* BIG NOTE: this function only does SIDS where the identauth is not >= 2^32 */
+char *dom_sid_to_string(DOM_SID *sid)
+{
+ static pstring sidstr;
+ char subauth[16];
+ int i;
+ uint32 ia = (sid->id_auth[0]) +
+ (sid->id_auth[1] << 8 ) +
+ (sid->id_auth[2] << 16) +
+ (sid->id_auth[3] << 24);
+
+ sprintf(sidstr, "S-%d-%d", sid->sid_no, ia);
+
+ for (i = 0; i < sid->num_auths; i++)
+ {
+ sprintf(subauth, "-%d", sid->sub_auths[i]);
+ strcat(sidstr, subauth);
+ }
+
+ DEBUG(5,("dom_sid_to_string returning %s\n", sidstr));
+ return sidstr;
+}
+
/* BIG NOTE: this function only does SIDS where the identauth is not >= 2^32 */
/* identauth >= 2^32 can be detected because it will be specified in hex */
-static void init_dom_sid(DOM_SID *sid, char *domsid)
+static void make_dom_sid(DOM_SID *sid, char *domsid)
{
int identauth;
char *p;
hdr->reserved = 0; /* reserved */
}
-static void init_rpc_reply(char *inbuf, char *q, char *base, int data_len)
+static void make_rpc_reply(char *inbuf, char *q, int data_len)
{
uint32 callid = RIVAL(inbuf, 12);
RPC_HDR hdr;
create_rpc_reply(&hdr, callid, data_len);
- smb_io_rpc_hdr(False, &hdr, q, base, 4);
+ smb_io_rpc_hdr(False, &hdr, q, q, 4);
}
static int lsa_reply_open_policy(char *q, char *base)
return q - start;
}
-static void init_unistr2(UNISTR2 *str, char *buf, int len, char terminate)
+static void make_uni_hdr(UNIHDR *hdr, int max_len, int len, uint16 terminate)
+{
+ hdr->uni_max_len = max_len;
+ hdr->uni_str_len = len;
+ hdr->undoc = terminate;
+}
+
+static void make_uni_hdr2(UNIHDR2 *hdr, int max_len, int len, uint16 terminate)
+{
+ make_uni_hdr(&(hdr->unihdr), max_len, len, terminate);
+ hdr->undoc_buffer = len > 0 ? 1 : 0;
+}
+
+static void make_unistr(UNISTR *str, char *buf)
+{
+ /* store the string (null-terminated copy) */
+ PutUniCode((char *)(str->buffer), buf);
+}
+
+static void make_unistr2(UNISTR2 *str, char *buf, int len, char terminate)
{
/* set up string lengths. add one if string is not null-terminated */
str->uni_max_len = len + (terminate != 0 ? 1 : 0);
str->buffer[len] = (uint16)terminate;
}
-static void init_dom_query(DOM_QUERY *d_q, char *dom_name, char *dom_sid)
+static void make_dom_rid2(DOM_RID2 *rid2, uint32 rid)
+{
+ rid2->type = 0x5;
+ rid2->undoc = 0x5;
+ rid2->rid = rid;
+ rid2->rid_idx = 0;
+}
+
+static void make_dom_sid2(DOM_SID2 *sid2, char *sid_str)
+{
+ int len_sid_str = strlen(sid_str);
+
+ sid2->type = 0x5;
+ sid2->undoc = 0;
+ make_uni_hdr2(&(sid2->hdr), len_sid_str, len_sid_str, 0);
+ make_unistr (&(sid2->str), sid_str);
+}
+
+static void make_dom_query(DOM_QUERY *d_q, char *dom_name, char *dom_sid)
{
int domlen = strlen(dom_name);
d_q->buffer_dom_sid = 0; /* domain sid pointer */
/* NOT null-terminated: 4-terminated instead! */
- init_unistr2(&(d_q->uni_domain_name), dom_name, domlen, 4);
+ make_unistr2(&(d_q->uni_domain_name), dom_name, domlen, 4);
- init_dom_sid(&(d_q->dom_sid), dom_sid);
+ make_dom_sid(&(d_q->dom_sid), dom_sid);
}
static int lsa_reply_query_info(LSA_Q_QUERY_INFO *q_q, char *q, char *base,
r_q.undoc_buffer = 1; /* not null */
r_q.info_class = q_q->info_class;
- init_dom_query(&r_q.dom.id5, dom_name, dom_sid);
+ make_dom_query(&r_q.dom.id5, dom_name, dom_sid);
r_q.status = 0x0;
return q - start;
}
-static void init_lsa_r_req_chal(LSA_R_REQ_CHAL *r_c, char chal[8], int status)
+/* pretty much hard-coded choice of "other" sids, unfortunately... */
+static void make_dom_ref(DOM_R_REF *ref,
+ char *dom_name, char *dom_sid,
+ char *other_sid1, char *other_sid2, char *other_sid3)
+{
+ int len_dom_name = strlen(dom_name);
+ int len_other_sid1 = strlen(other_sid1);
+ int len_other_sid2 = strlen(other_sid2);
+ int len_other_sid3 = strlen(other_sid3);
+
+ ref->undoc_buffer = 1;
+ ref->num_ref_doms_1 = 4;
+ ref->buffer_dom_name = 1;
+ ref->max_entries = 32;
+ ref->num_ref_doms_2 = 4;
+
+ make_uni_hdr2(&(ref->hdr_dom_name ), len_dom_name , len_dom_name , 0);
+ make_uni_hdr2(&(ref->hdr_ref_dom[0]), len_other_sid1, len_other_sid1, 0);
+ make_uni_hdr2(&(ref->hdr_ref_dom[1]), len_other_sid2, len_other_sid2, 0);
+ make_uni_hdr2(&(ref->hdr_ref_dom[2]), len_other_sid3, len_other_sid3, 0);
+
+ if (dom_name != NULL)
+ {
+ make_unistr(&(ref->uni_dom_name), dom_name);
+ }
+
+ make_dom_sid(&(ref->ref_dom[0]), dom_sid );
+ make_dom_sid(&(ref->ref_dom[1]), other_sid1);
+ make_dom_sid(&(ref->ref_dom[2]), other_sid2);
+ make_dom_sid(&(ref->ref_dom[3]), other_sid3);
+}
+
+static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS *r_l,
+ int num_entries, uint32 dom_rids[MAX_LOOKUP_SIDS],
+ char *dom_name, char *dom_sid,
+ char *other_sid1, char *other_sid2, char *other_sid3)
+{
+ int i;
+
+ make_dom_ref(&(r_l->dom_ref), dom_name, dom_sid,
+ other_sid1, other_sid2, other_sid3);
+
+ r_l->num_entries = num_entries;
+ r_l->undoc_buffer = 1;
+ r_l->num_entries2 = num_entries;
+
+ for (i = 0; i < num_entries; i++)
+ {
+ make_dom_rid2(&(r_l->dom_rid[i]), dom_rids[i]);
+ }
+
+ r_l->num_entries3 = num_entries;
+}
+
+static void make_reply_lookup_sids(LSA_R_LOOKUP_SIDS *r_l,
+ int num_entries, fstring dom_sids[MAX_LOOKUP_SIDS],
+ char *dom_name, char *dom_sid,
+ char *other_sid1, char *other_sid2, char *other_sid3)
+{
+ int i;
+
+ make_dom_ref(&(r_l->dom_ref), dom_name, dom_sid,
+ other_sid1, other_sid2, other_sid3);
+
+ r_l->num_entries = num_entries;
+ r_l->undoc_buffer = 1;
+ r_l->num_entries2 = num_entries;
+
+ for (i = 0; i < num_entries; i++)
+ {
+ make_dom_sid2(&(r_l->dom_sid[i]), dom_sids[i]);
+ }
+
+ r_l->num_entries3 = num_entries;
+}
+
+static int lsa_reply_lookup_sids(char *q, char *base,
+ int num_entries, fstring dom_sids[MAX_LOOKUP_SIDS],
+ char *dom_name, char *dom_sid,
+ char *other_sid1, char *other_sid2, char *other_sid3)
+{
+ char *start = q;
+ LSA_R_LOOKUP_SIDS r_l;
+
+ /* set up the LSA Lookup SIDs response */
+ make_reply_lookup_sids(&r_l, num_entries, dom_sids,
+ dom_name, dom_sid, other_sid1, other_sid2, other_sid3);
+ r_l.status = 0x0;
+
+ /* store the response in the SMB stream */
+ q = lsa_io_r_lookup_sids(False, &r_l, q, base, 4);
+
+ /* return length of SMB data stored */
+ return q - start;
+}
+
+static int lsa_reply_lookup_rids(char *q, char *base,
+ int num_entries, uint32 dom_rids[MAX_LOOKUP_SIDS],
+ char *dom_name, char *dom_sid,
+ char *other_sid1, char *other_sid2, char *other_sid3)
+{
+ char *start = q;
+ LSA_R_LOOKUP_RIDS r_l;
+
+ /* set up the LSA Lookup RIDs response */
+ make_reply_lookup_rids(&r_l, num_entries, dom_rids,
+ dom_name, dom_sid, other_sid1, other_sid2, other_sid3);
+ r_l.status = 0x0;
+
+ /* store the response in the SMB stream */
+ q = lsa_io_r_lookup_rids(False, &r_l, q, base, 4);
+
+ /* return length of SMB data stored */
+ return q - start;
+}
+
+static void make_lsa_r_req_chal(LSA_R_REQ_CHAL *r_c, char chal[8], int status)
{
memcpy(r_c->srv_chal.data, chal, sizeof(r_c->srv_chal.data));
r_c->status = status;
/* set up the LSA REQUEST CHALLENGE response */
- init_lsa_r_req_chal(&r_c, chal, 0);
+ make_lsa_r_req_chal(&r_c, chal, 0);
/* store the response in the SMB stream */
q = lsa_io_r_req_chal(False, &r_c, q, base, 4);
return q - start;
}
-static void init_lsa_chal(DOM_CHAL *cred, char resp_cred[8])
+static void make_lsa_chal(DOM_CHAL *cred, char resp_cred[8])
{
memcpy(cred->data, resp_cred, sizeof(cred->data));
}
-static void init_lsa_r_auth_2(LSA_R_AUTH_2 *r_a,
+static void make_lsa_r_auth_2(LSA_R_AUTH_2 *r_a,
char resp_cred[8], NEG_FLAGS *flgs, int status)
{
- init_lsa_chal(&(r_a->srv_chal), resp_cred);
+ make_lsa_chal(&(r_a->srv_chal), resp_cred);
memcpy(&(r_a->srv_flgs), flgs, sizeof(r_a->srv_flgs));
r_a->status = status;
}
/* set up the LSA AUTH 2 response */
- init_lsa_r_auth_2(&r_a, resp_cred, &(q_a->clnt_flgs), status);
+ make_lsa_r_auth_2(&r_a, resp_cred, &(q_a->clnt_flgs), status);
/* store the response in the SMB stream */
q = lsa_io_r_auth_2(False, &r_a, q, base, 4);
return q - start;
}
-static void init_lsa_dom_chal(DOM_CRED *cred, char srv_chal[8], UTIME srv_time)
+static void make_lsa_dom_chal(DOM_CRED *cred, char srv_chal[8], UTIME srv_time)
{
- init_lsa_chal(&(cred->challenge), srv_chal);
+ make_lsa_chal(&(cred->challenge), srv_chal);
cred->timestamp = srv_time;
}
-static void init_lsa_r_srv_pwset(LSA_R_SRV_PWSET *r_a,
+static void make_lsa_r_srv_pwset(LSA_R_SRV_PWSET *r_a,
char srv_chal[8], UTIME srv_time, int status)
{
- init_lsa_dom_chal(&(r_a->srv_cred), srv_chal, srv_time);
+ make_lsa_dom_chal(&(r_a->srv_cred), srv_chal, srv_time);
r_a->status = status;
}
LSA_R_SRV_PWSET r_s;
/* set up the LSA Server Password Set response */
- init_lsa_r_srv_pwset(&r_s, srv_cred, srv_time, status);
+ make_lsa_r_srv_pwset(&r_s, srv_cred, srv_time, status);
/* store the response in the SMB stream */
q = lsa_io_r_srv_pwset(False, &r_s, q, base, 4);
return q - start;
}
+static void make_lsa_user_info(LSA_USER_INFO *usr,
+
+ NTTIME *logon_time,
+ NTTIME *logoff_time,
+ NTTIME *kickoff_time,
+ NTTIME *pass_last_set_time,
+ NTTIME *pass_can_change_time,
+ NTTIME *pass_must_change_time,
+
+ char *user_name,
+ char *full_name,
+ char *logon_script,
+ char *profile_path,
+ char *home_dir,
+ char *dir_drive,
+
+ uint16 logon_count,
+ uint16 bad_pw_count,
+
+ uint32 user_id,
+ uint32 group_id,
+ uint32 num_groups,
+ DOM_GID *gids,
+ uint32 user_flgs,
+
+ char sess_key[16],
+
+ char *logon_srv,
+ char *logon_dom,
+
+ char *dom_sid,
+ char *other_sids) /* space-delimited set of SIDs */
+{
+ /* only cope with one "other" sid, right now. */
+ /* need to count the number of space-delimited sids */
+ int i;
+ int num_other_sids = other_sids != NULL ? 1 : 0;
+
+ int len_user_name = strlen(user_name );
+ int len_full_name = strlen(full_name );
+ int len_logon_script = strlen(logon_script);
+ int len_profile_path = strlen(profile_path);
+ int len_home_dir = strlen(home_dir );
+ int len_dir_drive = strlen(dir_drive );
+
+ int len_logon_srv = strlen(logon_srv);
+ int len_logon_dom = strlen(logon_dom);
+
+ usr->undoc_buffer = 1; /* yes, we're bothering to put USER_INFO data here */
+
+ usr->logon_time = *logon_time;
+ usr->logoff_time = *logoff_time;
+ usr->kickoff_time = *kickoff_time;
+ usr->pass_last_set_time = *pass_last_set_time;
+ usr->pass_can_change_time = *pass_can_change_time;
+ usr->pass_must_change_time = *pass_must_change_time;
+
+ make_uni_hdr(&(usr->hdr_user_name ), len_user_name , len_user_name , 4);
+ make_uni_hdr(&(usr->hdr_full_name ), len_full_name , len_full_name , 4);
+ make_uni_hdr(&(usr->hdr_logon_script), len_logon_script, len_logon_script, 4);
+ make_uni_hdr(&(usr->hdr_profile_path), len_profile_path, len_profile_path, 4);
+ make_uni_hdr(&(usr->hdr_home_dir ), len_home_dir , len_home_dir , 4);
+ make_uni_hdr(&(usr->hdr_dir_drive ), len_dir_drive , len_dir_drive , 4);
+
+ usr->logon_count = logon_count;
+ usr->bad_pw_count = bad_pw_count;
+
+ usr->user_id = user_id;
+ usr->group_id = group_id;
+ usr->num_groups = num_groups;
+ usr->buffer_groups = num_groups ? 1 : 0; /* yes, we're bothering to put group info in */
+ usr->user_flgs = user_flgs;
+
+ if (sess_key != NULL)
+ {
+ memcpy(usr->sess_key, sess_key, sizeof(usr->sess_key));
+ }
+ else
+ {
+ bzero(usr->sess_key, sizeof(usr->sess_key));
+ }
+
+ make_uni_hdr(&(usr->hdr_logon_srv), len_logon_srv, len_logon_srv, 4);
+ make_uni_hdr(&(usr->hdr_logon_dom), len_logon_dom, len_logon_dom, 4);
+
+ usr->buffer_dom_id = dom_sid ? 1 : 0; /* yes, we're bothering to put a domain SID in */
+
+ bzero(usr->padding, sizeof(usr->padding));
+
+ usr->num_other_sids = num_other_sids;
+ usr->buffer_other_sids = num_other_sids != 0 ? 1 : 0;
+
+ make_unistr2(&(usr->uni_user_name ), user_name , len_user_name , 0);
+ make_unistr2(&(usr->uni_full_name ), full_name , len_full_name , 0);
+ make_unistr2(&(usr->uni_logon_script), logon_script, len_logon_script, 0);
+ make_unistr2(&(usr->uni_profile_path), profile_path, len_profile_path, 0);
+ make_unistr2(&(usr->uni_home_dir ), home_dir , len_home_dir , 0);
+ make_unistr2(&(usr->uni_dir_drive ), dir_drive , len_dir_drive , 0);
+
+ usr->num_groups2 = num_groups;
+ for (i = 0; i < num_groups; i++)
+ {
+ usr->gids[i] = gids[i];
+ }
+
+ make_unistr2(&(usr->uni_logon_srv), logon_srv, len_logon_srv, 0);
+ make_unistr2(&(usr->uni_logon_dom), logon_dom, len_logon_dom, 0);
+
+ make_dom_sid(&(usr->dom_sid), dom_sid);
+ make_dom_sid(&(usr->other_sids[0]), other_sids);
+}
+
+
+static int lsa_reply_sam_logon(LSA_Q_SAM_LOGON *q_s, char *q, char *base,
+ char srv_cred[8], UTIME srv_time,
+ LSA_USER_INFO *user_info)
+{
+ char *start = q;
+ LSA_R_SAM_LOGON r_s;
+
+ /* XXXX maybe we want to say 'no', reject the client's credentials */
+ r_s.buffer_creds = 1; /* yes, we have valid server credentials */
+ make_lsa_dom_chal(&(r_s.srv_creds), srv_cred, srv_time);
+
+ /* store the user information, if there is any. */
+ r_s.user = user_info;
+ r_s.buffer_user = user_info != NULL ? 1 : 0;
+ r_s.status = user_info != NULL ? 0 : (0xC000000|NT_STATUS_NO_SUCH_USER);
+
+ /* store the response in the SMB stream */
+ q = lsa_io_r_sam_logon(False, &r_s, q, base, 4);
+
+ /* return length of SMB data stored */
+ return q - start;
+}
+
+
+static int lsa_reply_sam_logoff(LSA_Q_SAM_LOGOFF *q_s, char *q, char *base,
+ char srv_cred[8], UTIME srv_time,
+ uint32 status)
+{
+ char *start = q;
+ LSA_R_SAM_LOGOFF r_s;
+
+ /* XXXX maybe we want to say 'no', reject the client's credentials */
+ r_s.buffer_creds = 1; /* yes, we have valid server credentials */
+ make_lsa_dom_chal(&(r_s.srv_creds), srv_cred, srv_time);
+
+ r_s.status = status;
+
+ /* store the response in the SMB stream */
+ q = lsa_io_r_sam_logoff(False, &r_s, q, base, 4);
+
+ /* return length of SMB data stored */
+ return q - start;
+}
+
+
+static void api_lsa_open_policy( char *param, char *data,
+ char **rdata, int *rdata_len )
+{
+ int reply_len;
+
+ /* we might actually want to decode the query, but it's not necessary */
+ /* lsa_io_q_open_policy(...); */
+
+ /* return a 20 byte policy handle */
+ reply_len = lsa_reply_open_policy(*rdata + 0x18, *rdata + 0x18);
+
+ /* construct header, now that we know the reply length */
+ make_rpc_reply(data, *rdata, reply_len);
+ *rdata_len = reply_len + 0x18;
+}
+
+static void api_lsa_query_info( char *param, char *data,
+ char **rdata, int *rdata_len )
+{
+ int reply_len;
+
+ LSA_Q_QUERY_INFO q_i;
+ pstring dom_name;
+ pstring dom_sid;
+
+ /* grab the info class and policy handle */
+ lsa_io_q_query(True, &q_i, data + 0x18, data + 0x18, 4);
+
+ pstrcpy(dom_name, lp_workgroup());
+ pstrcpy(dom_sid , lp_domainsid());
+
+ /* construct reply. return status is always 0x0 */
+ reply_len = lsa_reply_query_info(&q_i, *rdata + 0x18, *rdata + 0x18,
+ dom_name, dom_sid);
+
+ /* construct header, now that we know the reply length */
+ make_rpc_reply(data, *rdata, reply_len);
+ *rdata_len = reply_len + 0x18;
+}
+
+static void api_lsa_lookup_sids( char *param, char *data,
+ char **rdata, int *rdata_len )
+{
+ int reply_len;
+
+ int i;
+ LSA_Q_LOOKUP_SIDS q_l;
+ pstring dom_name;
+ pstring dom_sid;
+ fstring dom_sids[MAX_LOOKUP_SIDS];
+
+ /* grab the info class and policy handle */
+ lsa_io_q_lookup_sids(True, &q_l, data + 0x18, data + 0x18, 4);
+
+ pstrcpy(dom_name, lp_workgroup());
+ pstrcpy(dom_sid , lp_domainsid());
+
+ /* convert received SIDs to strings, so we can do them. */
+ for (i = 0; i < q_l.num_entries; i++)
+ {
+ fstrcpy(dom_sids[i], dom_sid_to_string(&(q_l.dom_sids[i])));
+ }
+
+ /* construct reply. return status is always 0x0 */
+ reply_len = lsa_reply_lookup_sids(*rdata + 0x18, *rdata + 0x18,
+ q_l.num_entries, dom_sids, /* text-converted SIDs */
+ dom_name, dom_sid, /* domain name, domain SID */
+ "S-1-1", "S-1-3", "S-1-5"); /* the three other SIDs */
+
+ /* construct header, now that we know the reply length */
+ make_rpc_reply(data, *rdata, reply_len);
+ *rdata_len = reply_len + 0x18;
+}
+
+static void api_lsa_lookup_names( char *param, char *data,
+ char **rdata, int *rdata_len )
+{
+ int reply_len;
+
+ int i;
+ LSA_Q_LOOKUP_RIDS q_l;
+ pstring dom_name;
+ pstring dom_sid;
+ uint32 dom_rids[MAX_LOOKUP_SIDS];
+
+ /* grab the info class and policy handle */
+ lsa_io_q_lookup_rids(True, &q_l, data + 0x18, data + 0x18, 4);
+
+ pstrcpy(dom_name, lp_workgroup());
+ pstrcpy(dom_sid , lp_domainsid());
+
+ /* convert received RIDs to strings, so we can do them. */
+ for (i = 0; i < q_l.num_entries; i++)
+ {
+ char *user_name = unistr2(q_l.lookup_name[i].str.buffer);
+ dom_rids[i] = name_to_rid(user_name);
+ }
+
+ /* construct reply. return status is always 0x0 */
+ reply_len = lsa_reply_lookup_rids(*rdata + 0x18, *rdata + 0x18,
+ q_l.num_entries, dom_rids, /* text-converted SIDs */
+ dom_name, dom_sid, /* domain name, domain SID */
+ "S-1-1", "S-1-3", "S-1-5"); /* the three other SIDs */
+
+ /* construct header, now that we know the reply length */
+ make_rpc_reply(data, *rdata, reply_len);
+ *rdata_len = reply_len + 0x18;
+}
+
+BOOL api_ntlsarpcTNP(int cnum,int uid, char *param,char *data,
+ int mdrcnt,int mprcnt,
+ char **rdata,char **rparam,
+ int *rdata_len,int *rparam_len)
+{
+ uint16 opnum = SVAL(data,22);
+
+ int pkttype = CVAL(data, 2);
+ if (pkttype == 0x0b) /* RPC BIND */
+ {
+ DEBUG(4,("netlogon rpc bind %x\n",pkttype));
+ LsarpcTNP1(data,rdata,rdata_len);
+ return True;
+ }
+
+ DEBUG(4,("ntlsa TransactNamedPipe op %x\n",opnum));
+ switch (opnum)
+ {
+ case LSA_OPENPOLICY:
+ {
+ DEBUG(3,("LSA_OPENPOLICY\n"));
+ api_lsa_open_policy(param, data, rdata, rdata_len);
+ break;
+ }
+
+ case LSA_QUERYINFOPOLICY:
+ {
+ DEBUG(3,("LSA_QUERYINFOPOLICY\n"));
+
+ api_lsa_query_info(param, data, rdata, rdata_len);
+ break;
+ }
+
+ case LSA_ENUMTRUSTDOM:
+ {
+ char *q = *rdata + 0x18;
+
+ DEBUG(3,("LSA_ENUMTRUSTDOM\n"));
+
+ initrpcreply(data, *rdata);
+
+ SIVAL(q, 0, 0); /* enumeration context */
+ SIVAL(q, 0, 4); /* entries read */
+ SIVAL(q, 0, 8); /* trust information */
+
+ endrpcreply(data, *rdata, q-*rdata, 0x8000001a, rdata_len);
+
+ break;
+ }
+
+ case LSA_CLOSE:
+ {
+ char *q = *rdata + 0x18;
+
+ DEBUG(3,("LSA_CLOSE\n"));
+
+ initrpcreply(data, *rdata);
+
+ SIVAL(q, 0, 0);
+ SIVAL(q, 0, 4);
+ SIVAL(q, 0, 8);
+ SIVAL(q, 0, 12);
+ SIVAL(q, 0, 16);
+
+ endrpcreply(data, *rdata, q-*rdata, 0, rdata_len);
+
+ break;
+ }
+
+ case LSA_OPENSECRET:
+ {
+ char *q = *rdata + 0x18;
+ DEBUG(3,("LSA_OPENSECRET\n"));
+
+ initrpcreply(data, *rdata);
+
+ SIVAL(q, 0, 0);
+ SIVAL(q, 0, 4);
+ SIVAL(q, 0, 8);
+ SIVAL(q, 0, 12);
+ SIVAL(q, 0, 16);
+
+ endrpcreply(data, *rdata, q-*rdata, 0xc000034, rdata_len);
+
+ break;
+ }
+
+ case LSA_LOOKUPSIDS:
+ {
+ DEBUG(3,("LSA_OPENSECRET\n"));
+ api_lsa_lookup_sids(param, data, rdata, rdata_len);
+ break;
+ }
+
+ case LSA_LOOKUPNAMES:
+ {
+ DEBUG(3,("LSA_LOOKUPNAMES\n"));
+ api_lsa_lookup_names(param, data, rdata, rdata_len);
+ break;
+ }
+
+ default:
+ {
+ DEBUG(4, ("NTLSARPC, unknown code: %lx\n", opnum));
+ break;
+ }
+ }
+ return True;
+}
+
+#endif /* NTDOMAIN */
git.samba.org / kai / samba.git / blobdiff