2 Unix SMB/CIFS implementation.
4 Copyright (C) Rafal Szczesniak 2007
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "libnet/libnet.h"
23 #include "libcli/composite/composite.h"
24 #include "librpc/gen_ndr/lsa.h"
25 #include "librpc/gen_ndr/ndr_lsa_c.h"
26 #include "librpc/gen_ndr/samr.h"
27 #include "librpc/gen_ndr/ndr_samr_c.h"
28 #include "libcli/security/security.h"
31 struct create_group_state {
32 struct libnet_context *ctx;
33 struct libnet_CreateGroup r;
34 struct libnet_DomainOpen domain_open;
35 struct libnet_rpc_groupadd group_add;
37 /* information about the progress */
38 void (*monitor_fn)(struct monitor_msg *);
42 static void continue_domain_opened(struct composite_context *ctx);
43 static void continue_rpc_group_added(struct composite_context *ctx);
46 struct composite_context* libnet_CreateGroup_send(struct libnet_context *ctx,
48 struct libnet_CreateGroup *r,
49 void (*monitor)(struct monitor_msg*))
51 struct composite_context *c;
52 struct create_group_state *s;
53 struct composite_context *create_req;
54 bool prereq_met = false;
56 /* composite context allocation and setup */
57 c = composite_create(mem_ctx, ctx->event_ctx);
58 if (c == NULL) return NULL;
60 s = talloc_zero(c, struct create_group_state);
61 if (composite_nomem(s, c)) return c;
67 ZERO_STRUCT(s->r.out);
69 /* prerequisite: make sure we have a valid samr domain handle */
70 prereq_met = samr_domain_opened(ctx, c, s->r.in.domain_name, &c, &s->domain_open,
71 continue_domain_opened, monitor);
72 if (!prereq_met) return c;
74 /* prepare arguments of rpc group add call */
75 s->group_add.in.groupname = r->in.group_name;
76 s->group_add.in.domain_handle = ctx->samr.handle;
78 /* send the request */
79 create_req = libnet_rpc_groupadd_send(ctx->samr.pipe, &s->group_add, monitor);
80 if (composite_nomem(create_req, c)) return c;
82 composite_continue(c, create_req, continue_rpc_group_added, c);
87 static void continue_domain_opened(struct composite_context *ctx)
89 struct composite_context *c;
90 struct create_group_state *s;
91 struct composite_context *create_req;
93 c = talloc_get_type_abort(ctx->async.private_data, struct composite_context);
94 s = talloc_get_type_abort(c->private_data, struct create_group_state);
96 c->status = libnet_DomainOpen_recv(ctx, s->ctx, c, &s->domain_open);
97 if (!composite_is_ok(c)) return;
99 /* prepare arguments of groupadd call */
100 s->group_add.in.groupname = s->r.in.group_name;
101 s->group_add.in.domain_handle = s->ctx->samr.handle;
103 /* send the request */
104 create_req = libnet_rpc_groupadd_send(s->ctx->samr.pipe, &s->group_add,
106 if (composite_nomem(create_req, c)) return;
108 composite_continue(c, create_req, continue_rpc_group_added, c);
112 static void continue_rpc_group_added(struct composite_context *ctx)
114 struct composite_context *c;
115 struct create_group_state *s;
117 c = talloc_get_type_abort(ctx->async.private_data, struct composite_context);
118 s = talloc_get_type_abort(c->private_data, struct create_group_state);
120 /* receive result of group add call */
121 c->status = libnet_rpc_groupadd_recv(ctx, c, &s->group_add);
122 if (!composite_is_ok(c)) return;
130 * Receive result of CreateGroup call
132 * @param c composite context returned by send request routine
133 * @param mem_ctx memory context of this call
134 * @param r pointer to a structure containing arguments and result of this call
137 NTSTATUS libnet_CreateGroup_recv(struct composite_context *c,
139 struct libnet_CreateGroup *r)
143 status = composite_wait(c);
144 if (!NT_STATUS_IS_OK(status)) {
145 r->out.error_string = talloc_strdup(mem_ctx, nt_errstr(status));
154 * Create domain group
156 * @param ctx initialised libnet context
157 * @param mem_ctx memory context of this call
158 * @param io pointer to structure containing arguments and result of this call
161 NTSTATUS libnet_CreateGroup(struct libnet_context *ctx, TALLOC_CTX *mem_ctx,
162 struct libnet_CreateGroup *io)
164 struct composite_context *c;
166 c = libnet_CreateGroup_send(ctx, mem_ctx, io, NULL);
167 return libnet_CreateGroup_recv(c, mem_ctx, io);
171 struct group_info_state {
172 struct libnet_context *ctx;
173 const char *domain_name;
174 enum libnet_GroupInfo_level level;
175 const char *group_name;
176 const char *sid_string;
177 struct libnet_LookupName lookup;
178 struct libnet_DomainOpen domopen;
179 struct libnet_rpc_groupinfo info;
181 /* information about the progress */
182 void (*monitor_fn)(struct monitor_msg *);
186 static void continue_domain_open_info(struct composite_context *ctx);
187 static void continue_name_found(struct composite_context *ctx);
188 static void continue_group_info(struct composite_context *ctx);
191 * Sends request to get group information
193 * @param ctx initialised libnet context
194 * @param mem_ctx memory context of this call
195 * @param io pointer to structure containing arguments the call
196 * @param monitor function pointer for receiving monitor messages
197 * @return composite context of this request
199 struct composite_context* libnet_GroupInfo_send(struct libnet_context *ctx,
201 struct libnet_GroupInfo *io,
202 void (*monitor)(struct monitor_msg*))
204 struct composite_context *c;
205 struct group_info_state *s;
206 bool prereq_met = false;
207 struct composite_context *lookup_req, *info_req;
209 /* composite context allocation and setup */
210 c = composite_create(mem_ctx, ctx->event_ctx);
211 if (c == NULL) return NULL;
213 s = talloc_zero(c, struct group_info_state);
214 if (composite_nomem(s, c)) return c;
218 /* store arguments in the state structure */
219 s->monitor_fn = monitor;
221 s->domain_name = talloc_strdup(c, io->in.domain_name);
222 s->level = io->in.level;
224 case GROUP_INFO_BY_NAME:
225 s->group_name = talloc_strdup(c, io->in.data.group_name);
226 s->sid_string = NULL;
228 case GROUP_INFO_BY_SID:
229 s->group_name = NULL;
230 s->sid_string = dom_sid_string(c, io->in.data.group_sid);
234 /* prerequisite: make sure the domain is opened */
235 prereq_met = samr_domain_opened(ctx, c, s->domain_name, &c, &s->domopen,
236 continue_domain_open_info, monitor);
237 if (!prereq_met) return c;
240 case GROUP_INFO_BY_NAME:
241 /* prepare arguments for LookupName call */
242 s->lookup.in.name = s->group_name;
243 s->lookup.in.domain_name = s->domain_name;
245 /* send the request */
246 lookup_req = libnet_LookupName_send(s->ctx, c, &s->lookup, s->monitor_fn);
247 if (composite_nomem(lookup_req, c)) return c;
249 /* set the next stage */
250 composite_continue(c, lookup_req, continue_name_found, c);
252 case GROUP_INFO_BY_SID:
253 /* prepare arguments for groupinfo call */
254 s->info.in.domain_handle = s->ctx->samr.handle;
255 s->info.in.sid = s->sid_string;
256 /* we're looking for all information available */
257 s->info.in.level = GROUPINFOALL;
259 /* send the request */
260 info_req = libnet_rpc_groupinfo_send(s->ctx->samr.pipe, s, &s->info, s->monitor_fn);
261 if (composite_nomem(info_req, c)) return c;
263 /* set the next stage */
264 composite_continue(c, info_req, continue_group_info, c);
273 * Stage 0.5 (optional): receive opened domain and send lookup name request
275 static void continue_domain_open_info(struct composite_context *ctx)
277 struct composite_context *c;
278 struct group_info_state *s;
279 struct composite_context *lookup_req, *info_req;
281 c = talloc_get_type_abort(ctx->async.private_data, struct composite_context);
282 s = talloc_get_type_abort(c->private_data, struct group_info_state);
284 /* receive domain handle */
285 c->status = libnet_DomainOpen_recv(ctx, s->ctx, c, &s->domopen);
286 if (!composite_is_ok(c)) return;
289 case GROUP_INFO_BY_NAME:
290 /* prepare arguments for LookupName call */
291 s->lookup.in.name = s->group_name;
292 s->lookup.in.domain_name = s->domain_name;
294 /* send the request */
295 lookup_req = libnet_LookupName_send(s->ctx, c, &s->lookup, s->monitor_fn);
296 if (composite_nomem(lookup_req, c)) return;
298 /* set the next stage */
299 composite_continue(c, lookup_req, continue_name_found, c);
301 case GROUP_INFO_BY_SID:
302 /* prepare arguments for groupinfo call */
303 s->info.in.domain_handle = s->ctx->samr.handle;
304 s->info.in.sid = s->sid_string;
305 /* we're looking for all information available */
306 s->info.in.level = GROUPINFOALL;
308 /* send the request */
309 info_req = libnet_rpc_groupinfo_send(s->ctx->samr.pipe, s, &s->info, s->monitor_fn);
310 if (composite_nomem(info_req, c)) return;
312 /* set the next stage */
313 composite_continue(c, info_req, continue_group_info, c);
321 * Stage 1: Receive SID found and send request for group info
323 static void continue_name_found(struct composite_context *ctx)
325 struct composite_context *c;
326 struct group_info_state *s;
327 struct composite_context *info_req;
329 c = talloc_get_type_abort(ctx->async.private_data, struct composite_context);
330 s = talloc_get_type_abort(c->private_data, struct group_info_state);
332 /* receive SID assiociated with name found */
333 c->status = libnet_LookupName_recv(ctx, c, &s->lookup);
334 if (!composite_is_ok(c)) return;
336 /* Is is a group SID actually ? */
337 if (s->lookup.out.sid_type != SID_NAME_DOM_GRP &&
338 s->lookup.out.sid_type != SID_NAME_ALIAS) {
339 composite_error(c, NT_STATUS_NO_SUCH_GROUP);
343 /* prepare arguments for groupinfo call */
344 s->info.in.domain_handle = s->ctx->samr.handle;
345 s->info.in.groupname = s->group_name;
346 s->info.in.sid = s->lookup.out.sidstr;
347 /* we're looking for all information available */
348 s->info.in.level = GROUPINFOALL;
350 /* send the request */
351 info_req = libnet_rpc_groupinfo_send(s->ctx->samr.pipe, s, &s->info, s->monitor_fn);
352 if (composite_nomem(info_req, c)) return;
354 /* set the next stage */
355 composite_continue(c, info_req, continue_group_info, c);
360 * Stage 2: Receive group information
362 static void continue_group_info(struct composite_context *ctx)
364 struct composite_context *c;
365 struct group_info_state *s;
367 c = talloc_get_type_abort(ctx->async.private_data, struct composite_context);
368 s = talloc_get_type_abort(c->private_data, struct group_info_state);
370 /* receive group information */
371 c->status = libnet_rpc_groupinfo_recv(ctx, c, &s->info);
372 if (!composite_is_ok(c)) return;
380 * Receive group information
382 * @param c composite context returned by libnet_GroupInfo_send
383 * @param mem_ctx memory context of this call
384 * @param io pointer to structure receiving results of the call
387 NTSTATUS libnet_GroupInfo_recv(struct composite_context* c, TALLOC_CTX *mem_ctx,
388 struct libnet_GroupInfo *io)
391 struct group_info_state *s;
393 status = composite_wait(c);
394 if (NT_STATUS_IS_OK(status)) {
395 /* put the results into io structure if everything went fine */
396 s = talloc_get_type_abort(c->private_data, struct group_info_state);
398 io->out.group_name = talloc_steal(mem_ctx,
399 s->info.out.info.all.name.string);
400 io->out.group_sid = talloc_steal(mem_ctx, s->lookup.out.sid);
401 io->out.num_members = s->info.out.info.all.num_members;
402 io->out.description = talloc_steal(mem_ctx, s->info.out.info.all.description.string);
404 io->out.error_string = talloc_strdup(mem_ctx, "Success");
407 io->out.error_string = talloc_asprintf(mem_ctx, "Error: %s", nt_errstr(status));
416 * Obtains specified group information
418 * @param ctx initialised libnet context
419 * @param mem_ctx memory context of the call
420 * @param io pointer to a structure containing arguments and results of the call
422 NTSTATUS libnet_GroupInfo(struct libnet_context *ctx, TALLOC_CTX *mem_ctx,
423 struct libnet_GroupInfo *io)
425 struct composite_context *c = libnet_GroupInfo_send(ctx, mem_ctx,
427 return libnet_GroupInfo_recv(c, mem_ctx, io);
431 struct grouplist_state {
432 struct libnet_context *ctx;
433 const char *domain_name;
434 struct lsa_DomainInfo dominfo;
436 uint32_t resume_index;
437 struct grouplist *groups;
440 struct libnet_DomainOpen domain_open;
441 struct lsa_QueryInfoPolicy query_domain;
442 struct samr_EnumDomainGroups group_list;
444 void (*monitor_fn)(struct monitor_msg*);
448 static void continue_lsa_domain_opened(struct composite_context *ctx);
449 static void continue_domain_queried(struct tevent_req *subreq);
450 static void continue_samr_domain_opened(struct composite_context *ctx);
451 static void continue_groups_enumerated(struct tevent_req *subreq);
455 * Sends request to list (enumerate) group accounts
457 * @param ctx initialised libnet context
458 * @param mem_ctx memory context of this call
459 * @param io pointer to structure containing arguments and results of this call
460 * @param monitor function pointer for receiving monitor messages
461 * @return compostite context of this request
463 struct composite_context *libnet_GroupList_send(struct libnet_context *ctx,
465 struct libnet_GroupList *io,
466 void (*monitor)(struct monitor_msg*))
468 struct composite_context *c;
469 struct grouplist_state *s;
470 struct tevent_req *subreq;
471 bool prereq_met = false;
473 /* composite context allocation and setup */
474 c = composite_create(mem_ctx, ctx->event_ctx);
475 if (c == NULL) return NULL;
477 s = talloc_zero(c, struct grouplist_state);
478 if (composite_nomem(s, c)) return c;
482 /* store the arguments in the state structure */
484 s->page_size = io->in.page_size;
485 s->resume_index = io->in.resume_index;
486 s->domain_name = talloc_strdup(c, io->in.domain_name);
487 s->monitor_fn = monitor;
489 /* make sure we have lsa domain handle before doing anything */
490 prereq_met = lsa_domain_opened(ctx, c, s->domain_name, &c, &s->domain_open,
491 continue_lsa_domain_opened, monitor);
492 if (!prereq_met) return c;
494 /* prepare arguments of QueryDomainInfo call */
495 s->query_domain.in.handle = &ctx->lsa.handle;
496 s->query_domain.in.level = LSA_POLICY_INFO_DOMAIN;
497 s->query_domain.out.info = talloc_zero(c, union lsa_PolicyInformation *);
498 if (composite_nomem(s->query_domain.out.info, c)) return c;
500 /* send the request */
501 subreq = dcerpc_lsa_QueryInfoPolicy_r_send(s, c->event_ctx,
502 ctx->lsa.pipe->binding_handle,
504 if (composite_nomem(subreq, c)) return c;
506 tevent_req_set_callback(subreq, continue_domain_queried, c);
512 * Stage 0.5 (optional): receive lsa domain handle and send
513 * request to query domain info
515 static void continue_lsa_domain_opened(struct composite_context *ctx)
517 struct composite_context *c;
518 struct grouplist_state *s;
519 struct tevent_req *subreq;
521 c = talloc_get_type_abort(ctx->async.private_data, struct composite_context);
522 s = talloc_get_type_abort(c->private_data, struct grouplist_state);
524 /* receive lsa domain handle */
525 c->status = libnet_DomainOpen_recv(ctx, s->ctx, c, &s->domain_open);
526 if (!composite_is_ok(c)) return;
528 /* prepare arguments of QueryDomainInfo call */
529 s->query_domain.in.handle = &s->ctx->lsa.handle;
530 s->query_domain.in.level = LSA_POLICY_INFO_DOMAIN;
531 s->query_domain.out.info = talloc_zero(c, union lsa_PolicyInformation *);
532 if (composite_nomem(s->query_domain.out.info, c)) return;
534 /* send the request */
535 subreq = dcerpc_lsa_QueryInfoPolicy_r_send(s, c->event_ctx,
536 s->ctx->lsa.pipe->binding_handle,
538 if (composite_nomem(subreq, c)) return;
540 tevent_req_set_callback(subreq, continue_domain_queried, c);
545 * Stage 1: receive domain info and request to enum groups
546 * provided a valid samr handle is opened
548 static void continue_domain_queried(struct tevent_req *subreq)
550 struct composite_context *c;
551 struct grouplist_state *s;
552 bool prereq_met = false;
554 c = tevent_req_callback_data(subreq, struct composite_context);
555 s = talloc_get_type_abort(c->private_data, struct grouplist_state);
557 /* receive result of rpc request */
558 c->status = dcerpc_lsa_QueryInfoPolicy_r_recv(subreq, s);
560 if (!composite_is_ok(c)) return;
562 /* get the returned domain info */
563 s->dominfo = (*s->query_domain.out.info)->domain;
565 /* make sure we have samr domain handle before continuing */
566 prereq_met = samr_domain_opened(s->ctx, c, s->domain_name, &c, &s->domain_open,
567 continue_samr_domain_opened, s->monitor_fn);
568 if (!prereq_met) return;
570 /* prepare arguments od EnumDomainGroups call */
571 s->group_list.in.domain_handle = &s->ctx->samr.handle;
572 s->group_list.in.max_size = s->page_size;
573 s->group_list.in.resume_handle = &s->resume_index;
574 s->group_list.out.resume_handle = &s->resume_index;
575 s->group_list.out.num_entries = talloc(s, uint32_t);
576 if (composite_nomem(s->group_list.out.num_entries, c)) return;
577 s->group_list.out.sam = talloc(s, struct samr_SamArray *);
578 if (composite_nomem(s->group_list.out.sam, c)) return;
580 /* send the request */
581 subreq = dcerpc_samr_EnumDomainGroups_r_send(s, c->event_ctx,
582 s->ctx->samr.pipe->binding_handle,
584 if (composite_nomem(subreq, c)) return;
586 tevent_req_set_callback(subreq, continue_groups_enumerated, c);
591 * Stage 1.5 (optional): receive samr domain handle
592 * and request to enumerate accounts
594 static void continue_samr_domain_opened(struct composite_context *ctx)
596 struct composite_context *c;
597 struct grouplist_state *s;
598 struct tevent_req *subreq;
600 c = talloc_get_type_abort(ctx->async.private_data, struct composite_context);
601 s = talloc_get_type_abort(c->private_data, struct grouplist_state);
603 /* receive samr domain handle */
604 c->status = libnet_DomainOpen_recv(ctx, s->ctx, c, &s->domain_open);
605 if (!composite_is_ok(c)) return;
607 /* prepare arguments of EnumDomainGroups call */
608 s->group_list.in.domain_handle = &s->ctx->samr.handle;
609 s->group_list.in.max_size = s->page_size;
610 s->group_list.in.resume_handle = &s->resume_index;
611 s->group_list.out.resume_handle = &s->resume_index;
612 s->group_list.out.num_entries = talloc(s, uint32_t);
613 if (composite_nomem(s->group_list.out.num_entries, c)) return;
614 s->group_list.out.sam = talloc(s, struct samr_SamArray *);
615 if (composite_nomem(s->group_list.out.sam, c)) return;
617 /* send the request */
618 subreq = dcerpc_samr_EnumDomainGroups_r_send(s, c->event_ctx,
619 s->ctx->samr.pipe->binding_handle,
621 if (composite_nomem(subreq, c)) return;
623 tevent_req_set_callback(subreq, continue_groups_enumerated, c);
628 * Stage 2: receive enumerated groups and their rids
630 static void continue_groups_enumerated(struct tevent_req *subreq)
632 struct composite_context *c;
633 struct grouplist_state *s;
636 c = tevent_req_callback_data(subreq, struct composite_context);
637 s = talloc_get_type_abort(c->private_data, struct grouplist_state);
639 /* receive result of rpc request */
640 c->status = dcerpc_samr_EnumDomainGroups_r_recv(subreq, s);
642 if (!composite_is_ok(c)) return;
644 /* get the actual status of the rpc call result
645 (instead of rpc layer) */
646 c->status = s->group_list.out.result;
648 /* we're interested in status "ok" as well as two
649 enum-specific status codes */
650 if (NT_STATUS_IS_OK(c->status) ||
651 NT_STATUS_EQUAL(c->status, STATUS_MORE_ENTRIES) ||
652 NT_STATUS_EQUAL(c->status, NT_STATUS_NO_MORE_ENTRIES)) {
654 /* get enumerated accounts counter and resume handle (the latter allows
655 making subsequent call to continue enumeration) */
656 s->resume_index = *s->group_list.out.resume_handle;
657 s->count = *s->group_list.out.num_entries;
659 /* prepare returned group accounts array */
660 s->groups = talloc_array(c, struct grouplist, (*s->group_list.out.sam)->count);
661 if (composite_nomem(s->groups, c)) return;
663 for (i = 0; i < (*s->group_list.out.sam)->count; i++) {
664 struct dom_sid *group_sid;
665 struct samr_SamEntry *entry = &(*s->group_list.out.sam)->entries[i];
666 struct dom_sid *domain_sid = (*s->query_domain.out.info)->domain.sid;
668 /* construct group sid from returned rid and queried domain sid */
669 group_sid = dom_sid_add_rid(c, domain_sid, entry->idx);
670 if (composite_nomem(group_sid, c)) return;
673 s->groups[i].groupname = talloc_strdup(s->groups, entry->name.string);
674 if (composite_nomem(s->groups[i].groupname, c)) return;
677 s->groups[i].sid = dom_sid_string(s->groups, group_sid);
678 if (composite_nomem(s->groups[i].sid, c)) return;
685 /* something went wrong */
686 composite_error(c, c->status);
693 * Receive result of GroupList call
695 * @param c composite context returned by send request routine
696 * @param mem_ctx memory context of this call
697 * @param io pointer to structure containing arguments and result of this call
700 NTSTATUS libnet_GroupList_recv(struct composite_context *c, TALLOC_CTX *mem_ctx,
701 struct libnet_GroupList *io)
704 struct grouplist_state *s;
706 if (c == NULL || mem_ctx == NULL || io == NULL) {
708 return NT_STATUS_INVALID_PARAMETER;
711 status = composite_wait(c);
712 if (NT_STATUS_IS_OK(status) ||
713 NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES) ||
714 NT_STATUS_EQUAL(status, NT_STATUS_NO_MORE_ENTRIES)) {
716 s = talloc_get_type_abort(c->private_data, struct grouplist_state);
718 /* get results from composite context */
719 io->out.count = s->count;
720 io->out.resume_index = s->resume_index;
721 io->out.groups = talloc_steal(mem_ctx, s->groups);
723 if (NT_STATUS_IS_OK(status)) {
724 io->out.error_string = talloc_asprintf(mem_ctx, "Success");
726 /* success, but we're not done yet */
727 io->out.error_string = talloc_asprintf(mem_ctx, "Success (status: %s)",
732 io->out.error_string = talloc_asprintf(mem_ctx, "Error: %s", nt_errstr(status));
741 * Enumerate domain groups
743 * @param ctx initialised libnet context
744 * @param mem_ctx memory context of this call
745 * @param io pointer to structure containing arguments and result of this call
748 NTSTATUS libnet_GroupList(struct libnet_context *ctx, TALLOC_CTX *mem_ctx,
749 struct libnet_GroupList *io)
751 struct composite_context *c;
753 c = libnet_GroupList_send(ctx, mem_ctx, io, NULL);
754 return libnet_GroupList_recv(c, mem_ctx, io);
git.samba.org / nivanova / samba-autobuild / .git / blob