Copyright (C) Andrew Tridgell 1998
Copyright (C) Richard Sharpe 2000
Copyright (C) John Terpsra 2000
- Copyright (C) Tom Jansen (Ninja ISD) 2002
+ Copyright (C) Tom Jansen (Ninja ISD) 2002
Copyright (C) Derrell Lipman 2003-2008
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program; if not, see <http://www.gnu.org/licenses/>.
=====================================================================*/
#endif
/*-------------------------------------------------------------------*/
-/* The following are special comments to instruct DOXYGEN (automated
+/* The following are special comments to instruct DOXYGEN (automated
* documentation tool:
*/
/** \defgroup libsmbclient
* \ingroup libsmbclient
* Functions that don't fit in to other categories
*/
-/*-------------------------------------------------------------------*/
+/*-------------------------------------------------------------------*/
/* Make sure we have the following includes for now ... */
#include <sys/types.h>
* Structure that represents a directory entry.
*
*/
-struct smbc_dirent
+struct smbc_dirent
{
/** Type of entity.
SMBC_WORKGROUP=1,
- SMBC_SERVER=2,
+ SMBC_SERVER=2,
SMBC_FILE_SHARE=3,
SMBC_PRINTER_SHARE=4,
SMBC_COMMS_SHARE=5,
SMBC_IPC_SHARE=6,
SMBC_DIR=7,
SMBC_FILE=8,
- SMBC_LINK=9,*/
- unsigned int smbc_type;
+ SMBC_LINK=9,*/
+ unsigned int smbc_type;
/** Length of this smbc_dirent in bytes
*/
* null terminator)
*/
unsigned int commentlen;
- /** Points to the null terminated comment string
+ /** Points to the null terminated comment string
*/
char *comment;
/** The length of the name string in bytes (does not include
* null terminator)
*/
unsigned int namelen;
- /** Points to the null terminated name string
+ /** Points to the null terminated name string
*/
char name[1];
};
*
*/
#ifndef _CLIENT_H
-struct print_job_info
+struct print_job_info
{
/** numeric ID of the print job
*/
unsigned short id;
-
+
/** represents print job priority (lower numbers mean higher priority)
*/
unsigned short priority;
-
+
/** Size of the print job
*/
size_t size;
-
+
/** Name of the user that owns the print job
*/
char user[128];
-
+
/** Name of the print job. This will have no name if an anonymous print
* file was opened. Ie smb://server/printer
*/
/**@ingroup structure
- * Server handle
+ * Server handle
*/
typedef struct _SMBCSRV SMBCSRV;
/**@ingroup structure
- * File or directory handle
+ * File or directory handle
*/
typedef struct _SMBCFILE SMBCFILE;
/**@ingroup structure
- * File or directory handle
+ * File or directory handle
*/
typedef struct _SMBCCTX SMBCCTX;
* @param wg Pointer to buffer containing a "hint" for the
* workgroup to be authenticated. Should be filled in
* with the correct workgroup if the hint is wrong.
- *
+ *
* @param wglen The size of the workgroup buffer in bytes
*
* @param un Pointer to buffer containing a "hint" for the
* user name to be use for authentication. Should be
* filled in with the correct workgroup if the hint is
* wrong.
- *
+ *
* @param unlen The size of the username buffer in bytes
*
- * @param pw Pointer to buffer containing to which password
+ * @param pw Pointer to buffer containing to which password
* copied
- *
+ *
* @param pwlen The size of the password buffer in bytes
- *
+ *
*/
-typedef void (*smbc_get_auth_data_fn)(const char *srv,
+typedef void (*smbc_get_auth_data_fn)(const char *srv,
const char *shr,
- char *wg, int wglen,
+ char *wg, int wglen,
char *un, int unlen,
char *pw, int pwlen);
/**@ingroup callback
* @param wg Pointer to buffer containing a "hint" for the
* workgroup to be authenticated. Should be filled in
* with the correct workgroup if the hint is wrong.
- *
+ *
* @param wglen The size of the workgroup buffer in bytes
*
* @param un Pointer to buffer containing a "hint" for the
* user name to be use for authentication. Should be
* filled in with the correct workgroup if the hint is
* wrong.
- *
+ *
* @param unlen The size of the username buffer in bytes
*
- * @param pw Pointer to buffer containing to which password
+ * @param pw Pointer to buffer containing to which password
* copied
- *
+ *
* @param pwlen The size of the password buffer in bytes
- *
+ *
*/
typedef void (*smbc_get_auth_data_with_context_fn)(SMBCCTX *c,
- const char *srv,
+ const char *srv,
const char *shr,
- char *wg, int wglen,
+ char *wg, int wglen,
char *un, int unlen,
char *pw, int pwlen);
*
* @param i pointer to print job information structure
*
- */
+ */
typedef void (*smbc_list_print_job_fn)(struct print_job_info *i);
-
+
/**@ingroup callback
* Check if a server is still good
*
* @return 0 when connection is good. 1 on error.
*
- */
+ */
typedef int (*smbc_check_server_fn)(SMBCCTX * c, SMBCSRV *srv);
/**@ingroup callback
*
* @return 0 on success. 1 on failure.
*
- */
+ */
typedef int (*smbc_remove_unused_server_fn)(SMBCCTX * c, SMBCSRV *srv);
*
* @param srv pointer to server to add
*
- * @param server server name
+ * @param server server name
*
* @param share share name
*
*
* @return 0 on success. 1 on failure.
*
- */
-typedef int (*smbc_add_cached_srv_fn) (SMBCCTX * c, SMBCSRV *srv,
+ */
+typedef int (*smbc_add_cached_srv_fn) (SMBCCTX * c, SMBCSRV *srv,
const char * server, const char * share,
const char * workgroup, const char * username);
*
* @return pointer to SMBCSRV on success. NULL on failure.
*
- */
+ */
typedef SMBCSRV * (*smbc_get_cached_srv_fn) (SMBCCTX * c, const char * server,
const char * share, const char * workgroup,
const char * username);
*
* @return 0 when found and removed. 1 on failure.
*
- */
+ */
typedef int (*smbc_remove_cached_srv_fn)(SMBCCTX * c, SMBCSRV *srv);
*
* @return 0 when found and removed. 1 on failure.
*
- */
+ */
typedef int (*smbc_purge_cached_fn) (SMBCCTX * c);
*
*
* @return Returns 0 on succes. Returns 1 on failure with errno set:
- * - EBUSY Server connections are still used, Files are open or cache
+ * - EBUSY Server connections are still used, Files are open or cache
* could not be purged
* - EBADF context == NULL
*
* is perfectly safe, but it might leak memory on
* smbc_context_init() failure. Avoid this.
* You'll have to call smbc_free_context() yourself
- * on failure.
+ * on failure.
*/
SMBCCTX * smbc_init_context(SMBCCTX * context);
* Initialize the samba client library.
*
* Must be called before using any of the smbclient API function
- *
- * @param fn The function that will be called to obtaion
+ *
+ * @param fn The function that will be called to obtaion
* authentication credentials.
*
* @param debug Allows caller to set the debug level. Can be
* changed in smb.conf file. Allows caller to set
* debugging if no smb.conf.
- *
+ *
* @return 0 on success, < 0 on error with errno set:
* - ENOMEM Out of memory
* - ENOENT The smb.conf file would not load
/**@ingroup file
* Open a file on an SMB server.
*
- * @param furl The smb url of the file to be opened.
+ * @param furl The smb url of the file to be opened.
*
- * @param flags Is one of O_RDONLY, O_WRONLY or O_RDWR which
+ * @param flags Is one of O_RDONLY, O_WRONLY or O_RDWR which
* request opening the file read-only,write-only
* or read/write. flags may also be bitwise-or'd with
- * one or more of the following:
- * O_CREAT - If the file does not exist it will be
+ * one or more of the following:
+ * O_CREAT - If the file does not exist it will be
* created.
- * O_EXCL - When used with O_CREAT, if the file
- * already exists it is an error and the open will
- * fail.
+ * O_EXCL - When used with O_CREAT, if the file
+ * already exists it is an error and the open will
+ * fail.
* O_TRUNC - If the file already exists it will be
* truncated.
- * O_APPEND The file is opened in append mode
+ * O_APPEND The file is opened in append mode
*
- * @param mode mode specifies the permissions to use if a new
- * file is created. It is modified by the
+ * @param mode mode specifies the permissions to use if a new
+ * file is created. It is modified by the
* process's umask in the usual way: the permissions
- * of the created file are (mode & ~umask)
+ * of the created file are (mode & ~umask)
*
* Not currently use, but there for future use.
* We will map this to SYSTEM, HIDDEN, etc bits
*
* @return Valid file handle, < 0 on error with errno set:
* - ENOMEM Out of memory
- * - EINVAL if an invalid parameter passed, like no
+ * - EINVAL if an invalid parameter passed, like no
* file, or smbc_init not called.
- * - EEXIST pathname already exists and O_CREAT and
+ * - EEXIST pathname already exists and O_CREAT and
* O_EXCL were used.
- * - EISDIR pathname refers to a directory and
+ * - EISDIR pathname refers to a directory and
* the access requested involved writing.
- * - EACCES The requested access to the file is not
- * allowed
+ * - EACCES The requested access to the file is not
+ * allowed
* - ENODEV The requested share does not exist
* - ENOTDIR A file on the path is not a directory
- * - ENOENT A directory component in pathname does
+ * - ENOENT A directory component in pathname does
* not exist.
*
* @see smbc_creat()
* a new connection to the server specified in the URL.
* If the credentials supplied in the URL, or via the
* auth_fn in the smbc_init call, fail, this call will
- * try again with an empty username and password. This
+ * try again with an empty username and password. This
* often gets mapped to the guest account on some machines.
*/
/**@ingroup file
* Create a file on an SMB server.
*
- * Same as calling smbc_open() with flags = O_CREAT|O_WRONLY|O_TRUNC
- *
+ * Same as calling smbc_open() with flags = O_CREAT|O_WRONLY|O_TRUNC
+ *
* @param furl The smb url of the file to be created
- *
- * @param mode mode specifies the permissions to use if a new
- * file is created. It is modified by the
+ *
+ * @param mode mode specifies the permissions to use if a new
+ * file is created. It is modified by the
* process's umask in the usual way: the permissions
* of the created file are (mode & ~umask)
*
- * NOTE, the above is not true. We are dealing with
+ * NOTE, the above is not true. We are dealing with
* an SMB server, which has no concept of a umask!
- *
+ *
* @return Valid file handle, < 0 on error with errno set:
* - ENOMEM Out of memory
- * - EINVAL if an invalid parameter passed, like no
+ * - EINVAL if an invalid parameter passed, like no
* file, or smbc_init not called.
* - EEXIST pathname already exists and O_CREAT and
* O_EXCL were used.
* - EISDIR pathname refers to a directory and
* the access requested involved writing.
* - EACCES The requested access to the file is not
- * allowed
- * - ENOENT A directory component in pathname does
+ * allowed
+ * - ENOENT A directory component in pathname does
* not exist.
* - ENODEV The requested share does not exist.
* @see smbc_open()
* 0 upon EOF;
* < 0 on error, with errno set:
* - EISDIR fd refers to a directory
- * - EBADF fd is not a valid file descriptor or
+ * - EBADF fd is not a valid file descriptor or
* is not open for reading.
- * - EINVAL fd is attached to an object which is
+ * - EINVAL fd is attached to an object which is
* unsuitable for reading, or no buffer passed or
* smbc_init not called.
*
*
* @return Number of bytes written, < 0 on error with errno set:
* - EISDIR fd refers to a directory.
- * - EBADF fd is not a valid file descriptor or
+ * - EBADF fd is not a valid file descriptor or
* is not open for reading.
- * - EINVAL fd is attached to an object which is
+ * - EINVAL fd is attached to an object which is
* unsuitable for reading, or no buffer passed or
* smbc_init not called.
*
* Seek to a specific location in a file.
*
* @param fd Open file handle from smbc_open() or smbc_creat()
- *
+ *
* @param offset Offset in bytes from whence
- *
+ *
* @param whence A location in the file:
* - SEEK_SET The offset is set to offset bytes from
* the beginning of the file
- * - SEEK_CUR The offset is set to current location
+ * - SEEK_CUR The offset is set to current location
* plus offset bytes.
- * - SEEK_END The offset is set to the size of the
+ * - SEEK_END The offset is set to the size of the
* file plus offset bytes.
*
- * @return Upon successful completion, lseek returns the
- * resulting offset location as measured in bytes
+ * @return Upon successful completion, lseek returns the
+ * resulting offset location as measured in bytes
* from the beginning of the file. Otherwise, a value
- * of (off_t)-1 is returned and errno is set to
+ * of (off_t)-1 is returned and errno is set to
* indicate the error:
* - EBADF Fildes is not an open file descriptor.
* - EINVAL Whence is not a proper value or smbc_init
* not called.
*
* @todo Are all the whence values really supported?
- *
+ *
* @todo Are errno values complete and correct?
*/
off_t smbc_lseek(int fd, off_t offset, int whence);
* @param furl The smb url of the file to delete
*
* @return 0 on success, < 0 on error with errno set:
- * - EACCES or EPERM Write access to the directory
- * containing pathname is not allowed or one
+ * - EACCES or EPERM Write access to the directory
+ * containing pathname is not allowed or one
* of the directories in pathname did not allow
* search (execute) permission
* - ENOENT A directory component in pathname does
/**@ingroup directory
* Rename or move a file or directory.
- *
- * @param ourl The original smb url (source url) of file or
+ *
+ * @param ourl The original smb url (source url) of file or
* directory to be moved
- *
+ *
* @param nurl The new smb url (destination url) of the file
* or directory after the move. Currently nurl must
* be on the same share as ourl.
* @return 0 on success, < 0 on error with errno set:
* - EISDIR nurl is an existing directory, but ourl is
* not a directory.
- * - EEXIST nurl is a non-empty directory,
+ * - EEXIST nurl is a non-empty directory,
* i.e., contains entries other than "." and ".."
- * - EINVAL The new url contained a path prefix
+ * - EINVAL The new url contained a path prefix
* of the old, or, more generally, an attempt was
* made to make a directory a subdirectory of itself
* or smbc_init not called.
- * - ENOTDIR A component used as a directory in ourl
- * or nurl path is not, in fact, a directory. Or,
+ * - ENOTDIR A component used as a directory in ourl
+ * or nurl path is not, in fact, a directory. Or,
* ourl is a directory, and newpath exists but is not
* a directory.
- * - EACCES or EPERM Write access to the directory
- * containing ourl or nurl is not allowed for the
- * process's effective uid, or one of the
+ * - EACCES or EPERM Write access to the directory
+ * containing ourl or nurl is not allowed for the
+ * process's effective uid, or one of the
* directories in ourl or nurl did not allow search
* (execute) permission, or ourl was a directory
* and did not allow write permission.
- * - ENOENT A directory component in ourl or nurl
+ * - ENOENT A directory component in ourl or nurl
* does not exist.
* - EXDEV Rename across shares not supported.
* - ENOMEM Insufficient kernel memory was available.
* - EINVAL A NULL file/URL was passed, or the URL would
* not parse, or was of incorrect form or smbc_init not
* called.
- * - ENOENT durl does not exist, or name is an
- * - ENOMEM Insufficient memory to complete the
- * operation.
+ * - ENOENT durl does not exist, or name is an
+ * - ENOMEM Insufficient memory to complete the
+ * operation.
* - ENOTDIR name is not a directory.
* - EPERM the workgroup could not be found.
* - ENODEV the workgroup or server could not be found.
/**@ingroup directory
* Get multiple directory entries.
*
- * smbc_getdents() reads as many dirent structures from the an open
+ * smbc_getdents() reads as many dirent structures from the an open
* directory handle into a specified memory area as will fit.
*
* @param dh Valid directory as returned by smbc_opendir()
*
* @param dirp pointer to buffer that will receive the directory
* entries.
- *
+ *
* @param count The size of the dirp buffer in bytes
*
* @returns If any dirents returned, return will indicate the
*
* @return The current location in the directory stream or -1
* if an error occur. The current location is not
- * an offset. Becuase of the implementation, it is a
+ * an offset. Becuase of the implementation, it is a
* handle that allows the library to find the entry
* later.
* - EBADF dh is not a valid directory handle
* smbc_telldir(). (rewind by smbc_lseekdir(fd, NULL))
*
* @param fd Valid directory as returned by smbc_opendir()
- *
+ *
* @param offset The offset (as returned by smbc_telldir). Can be
* NULL, in which case we will rewind
*
* @param durl The url of the directory to create
*
* @param mode Specifies the permissions to use. It is modified
- * by the process's umask in the usual way: the
+ * by the process's umask in the usual way: the
* permissions of the created file are (mode & ~umask).
- *
+ *
* @return 0 on success, < 0 on error with errno set:
* - EEXIST directory url already exists
* - EACCES The parent directory does not allow write
/**@ingroup directory
* Remove a directory.
- *
+ *
* @param durl The smb url of the directory to remove
*
* @return 0 on success, < 0 on error with errno set:
* - ENOTEMPTY directory contains entries.
* - ENOMEM Insufficient kernel memory was available.
*
- * @see smbc_mkdir(), smbc_unlink()
+ * @see smbc_mkdir(), smbc_unlink()
*
* @todo Are errno values complete and correct?
*/
*
* @param url The smb url to get information for
*
- * @param st pointer to a buffer that will be filled with
+ * @param st pointer to a buffer that will be filled with
* standard Unix struct stat information.
*
* @return 0 on success, < 0 on error with errno set:
/**@ingroup attribute
* Get file information via an file descriptor.
- *
+ *
* @param fd Open file handle from smbc_open() or smbc_creat()
*
- * @param st pointer to a buffer that will be filled with
+ * @param st pointer to a buffer that will be filled with
* standard Unix struct stat information.
- *
+ *
* @return 0 on success, < 0 on error with errno set:
* - EBADF filedes is bad.
* - EACCES Permission denied.
/**@ingroup attribute
* Get file system information for a specified path.
- *
+ *
* @param url The smb url to get information for
*
- * @param st pointer to a buffer that will be filled with
+ * @param st pointer to a buffer that will be filled with
* standard Unix struct statvfs information.
- *
+ *
* @return 0 on success, < 0 on error with errno set:
* - EBADF filedes is bad.
* - EACCES Permission denied.
/**@ingroup attribute
* Get file system information via an file descriptor.
- *
+ *
* @param fd Open file handle from smbc_open(), smbc_creat(),
* or smbc_opendir()
*
- * @param st pointer to a buffer that will be filled with
+ * @param st pointer to a buffer that will be filled with
* standard Unix struct statvfs information.
- *
+ *
* @return 0 on success, < 0 on error with errno set:
* - EBADF filedes is bad.
* - EACCES Permission denied.
/**@ingroup attribute
* Truncate a file given a file descriptor
- *
+ *
* @param fd Open file handle from smbc_open() or smbc_creat()
*
* @param size size to truncate the file to
- *
+ *
* @return 0 on success, < 0 on error with errno set:
* - EBADF filedes is bad.
* - EACCES Permission denied.
*
* @param url The smb url of the file or directory to change
* permissions of
- *
+ *
* @param mode The permissions to set:
* - Put good explaination of permissions here!
*
*
* @param url The smb url of the file or directory to set extended
* attributes for.
- *
+ *
* @param name The name of an attribute to be changed. Names are of
* one of the following forms:
*
*
* @param url The smb url of the file or directory to set extended
* attributes for.
- *
+ *
* @param name The name of an attribute to be changed. Names are of
* one of the following forms:
*
* @param fd A file descriptor associated with an open file (as
* previously returned by smbc_open(), to get extended
* attributes for.
- *
+ *
* @param name The name of an attribute to be changed. Names are of
* one of the following forms:
*
*
* @param url The smb url of the file or directory to get extended
* attributes for.
- *
+ *
* @param name The name of an attribute to be retrieved. Names are of
* one of the following forms:
*
* may also be zero, in which case the size of the buffer
* required to hold the attribute value will be returned,
* but nothing will be placed into the value buffer.
- *
+ *
* @return 0 on success, < 0 on error with errno set:
* - EINVAL The client library is not properly initialized
* or one of the parameters is not of a correct
*
* @param url The smb url of the file or directory to get extended
* attributes for.
- *
+ *
* @param name The name of an attribute to be retrieved. Names are of
* one of the following forms:
*
* may also be zero, in which case the size of the buffer
* required to hold the attribute value will be returned,
* but nothing will be placed into the value buffer.
- *
+ *
* @return 0 on success, < 0 on error with errno set:
* - EINVAL The client library is not properly initialized
* or one of the parameters is not of a correct
* @param fd A file descriptor associated with an open file (as
* previously returned by smbc_open(), to get extended
* attributes for.
- *
+ *
* @param name The name of an attribute to be retrieved. Names are of
* one of the following forms:
*
* may also be zero, in which case the size of the buffer
* required to hold the attribute value will be returned,
* but nothing will be placed into the value buffer.
- *
+ *
* @return 0 on success, < 0 on error with errno set:
* - EINVAL The client library is not properly initialized
* or one of the parameters is not of a correct
*
* @param url The smb url of the file or directory to remove the extended
* attributes for.
- *
+ *
* @param name The name of an attribute to be removed. Names are of
* one of the following forms:
*
*
* @param url The smb url of the file or directory to remove the extended
* attributes for.
- *
+ *
* @param name The name of an attribute to be removed. Names are of
* one of the following forms:
*
* @param fd A file descriptor associated with an open file (as
* previously returned by smbc_open(), to get extended
* attributes for.
- *
+ *
* @param name The name of an attribute to be removed. Names are of
* one of the following forms:
*
* may also be zero, in which case the size of the buffer
* required to hold all of the attribute names will be
* returned, but nothing will be placed into the list buffer.
- *
+ *
* @return 0 on success, < 0 on error with errno set:
* - EINVAL The client library is not properly initialized
* - ENOMEM No memory was available for internal needs
* may also be zero, in which case the size of the buffer
* required to hold all of the attribute names will be
* returned, but nothing will be placed into the list buffer.
- *
+ *
* @return 0 on success, < 0 on error with errno set:
* - EINVAL The client library is not properly initialized
* - ENOMEM No memory was available for internal needs
* @param fd A file descriptor associated with an open file (as
* previously returned by smbc_open(), to get extended
* attributes for.
- *
+ *
* @param list A pointer to a buffer in which the list of attributes for
* the specified file or directory will be placed (unless
* size is zero).
* may also be zero, in which case the size of the buffer
* required to hold all of the attribute names will be
* returned, but nothing will be placed into the list buffer.
- *
+ *
* @return 0 on success, < 0 on error with errno set:
* - EINVAL The client library is not properly initialized
* - ENOMEM No memory was available for internal needs
/**@ingroup print
* Print a file given the name in fname. It would be a URL ...
- *
+ *
* @param fname The URL of a file on a remote SMB server that the
* caller wants printed
*
* @param printq The URL of the print share to print the file to.
*
- * @return 0 on success, < 0 on error with errno set:
+ * @return 0 on success, < 0 on error with errno set:
*
* - EINVAL fname or printq was NULL or smbc_init not
* not called.
* and errors returned by smbc_open
*
- */
+ */
int smbc_print_file(const char *fname, const char *printq);
/**@ingroup print
int smbc_open_print_job(const char *fname);
/**@ingroup print
- * List the print jobs on a print share, for the moment, pass a callback
+ * List the print jobs on a print share, for the moment, pass a callback
*
* @param purl The url of the print share to list the jobs of
- *
+ *
* @param fn Callback function the receives printjob info
- *
- * @return 0 on success, < 0 on error with errno set:
+ *
+ * @return 0 on success, < 0 on error with errno set:
* - EINVAL fname was NULL or smbc_init not called
* - EACCES ???
*/
int smbc_list_print_jobs(const char *purl, smbc_list_print_job_fn fn);
/**@ingroup print
- * Delete a print job
+ * Delete a print job
*
* @param purl Url of the print share
*
* @param id The id of the job to delete
*
- * @return 0 on success, < 0 on error with errno set:
+ * @return 0 on success, < 0 on error with errno set:
* - EINVAL fname was NULL or smbc_init not called
*
* @todo what errno values are possible here?
* @param dest A pointer to a buffer in which the resulting decoded
* string should be placed. This may be a pointer to the
* same buffer as src_segment.
- *
+ *
* @param src A pointer to the buffer containing the URL to be decoded.
* Any %xx sequences herein are converted to their single
* character equivalent. Each 'x' must be a valid hexadecimal
*
* @param max_dest_len
* The size of the buffer pointed to by dest_segment.
- *
+ *
* @return The number of % sequences which could not be converted
* due to lack of two following hexadecimal digits.
*/
* @param dest A pointer to a buffer in which the resulting encoded
* string should be placed. Unlike smbc_urldecode(), this
* must be a buffer unique from src.
- *
+ *
* @param src A pointer to the buffer containing the string to be encoded.
* Any character not specifically allowed in a URL is converted
* into its hexadecimal value and encoded as %xx.
*
* @param max_dest_len
* The size of the buffer pointed to by dest_segment.
- *
+ *
* @returns The remaining buffer length.
*/
#ifdef __cplusplus
/*
* Wrapper around smbc_set_credentials.
* Used to set correct credentials that will
- * be used to connect to DFS target share
+ * be used to connect to DFS target share
* in libsmbclient
*/
int (*lock_mutex)(void *plock,
int lock_type,
const char *location),
-
+
/* Thread local storage. */
int (*create_tls)(const char *keyname,
void **ppkey,
/**
* @ingroup structure
- * Structure that contains a client context information
+ * Structure that contains a client context information
* This structure is known as SMBCCTX
*
* DO NOT DIRECTLY MANIPULATE THE CONTEXT STRUCTURE! The data in the context
* Use smbc_getDebug() and smbc_setDebug()
*/
int debug DEPRECATED_SMBC_INTERFACE;
-
+
/**
* netbios name used for making connections
*
*
* Use smbc_getFunction*() and smbc_setFunction*(), e.g.
* smbc_getFunctionOpen(), smbc_setFunctionUnlink(), etc.
- */
+ */
smbc_open_fn open DEPRECATED_SMBC_INTERFACE;
smbc_creat_fn creat DEPRECATED_SMBC_INTERFACE;
smbc_read_fn read DEPRECATED_SMBC_INTERFACE;
* Use smbc_getFunctionAuthData(), smbc_setFunctionAuthData()
*/
smbc_get_auth_data_fn auth_fn DEPRECATED_SMBC_INTERFACE;
-
+
/**
* check if a server is still good
*
*/
/**
- * server cache addition
+ * server cache addition
*
* DEPRECATED:
* Use smbc_getFunctionAddCachedServer(),
smbc_add_cached_srv_fn add_cached_srv_fn DEPRECATED_SMBC_INTERFACE;
/**
- * server cache lookup
+ * server cache lookup
*
* DEPRECATED:
* Use smbc_getFunctionGetCachedServer(),
* smbc_setFunctionRemoveCachedServer()
*/
smbc_remove_cached_srv_fn remove_cached_srv_fn DEPRECATED_SMBC_INTERFACE;
-
+
/**
* server cache purging, try to remove all cached servers
* (disconnect)
/*
* Very old configuration options.
- *
+ *
* DEPRECATED:
* Use one of the following functions instead:
* smbc_setOptionUseKerberos()
* smbc_getOptionNoAutoAnonymousLogin()
*/
int flags DEPRECATED_SMBC_INTERFACE;
-
+
/**
* user options selections that apply to this session
*
int urlencode_readdir_entries DEPRECATED_SMBC_INTERFACE;
int one_share_per_server DEPRECATED_SMBC_INTERFACE;
} options DEPRECATED_SMBC_INTERFACE;
-
+
/** INTERNAL DATA
* do _NOT_ touch this from your program !
*/
Copyright (C) Andrew Tridgell 2004
Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004-2008
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
this is based on the samba3 function make_lsa_object_sd()
It uses the same logic, but with samba4 helper functions
*/
-static NTSTATUS dcesrv_build_lsa_sd(TALLOC_CTX *mem_ctx,
+static NTSTATUS dcesrv_build_lsa_sd(TALLOC_CTX *mem_ctx,
struct security_descriptor **sd,
- struct dom_sid *sid,
+ struct dom_sid *sid,
uint32_t sid_access)
{
NTSTATUS status;
domain_admins_sid_str = dom_sid_string(tmp_ctx, domain_admins_sid);
NT_STATUS_HAVE_NO_MEMORY_AND_FREE(domain_admins_sid_str, tmp_ctx);
-
+
sidstr = dom_sid_string(tmp_ctx, sid);
NT_STATUS_HAVE_NO_MEMORY_AND_FREE(sidstr, tmp_ctx);
-
+
*sd = security_descriptor_dacl_create(mem_ctx,
0, sidstr, NULL,
SID_WORLD,
SEC_ACE_TYPE_ACCESS_ALLOWED,
SEC_GENERIC_EXECUTE | SEC_GENERIC_READ, 0,
-
+
SID_BUILTIN_ADMINISTRATORS,
SEC_ACE_TYPE_ACCESS_ALLOWED,
SEC_GENERIC_ALL, 0,
-
+
SID_BUILTIN_ACCOUNT_OPERATORS,
SEC_ACE_TYPE_ACCESS_ALLOWED,
SEC_GENERIC_ALL, 0,
-
+
domain_admins_sid_str,
SEC_ACE_TYPE_ACCESS_ALLOWED,
SEC_GENERIC_ALL, 0,
}
-static NTSTATUS dcesrv_lsa_EnumAccountRights(struct dcesrv_call_state *dce_call,
+static NTSTATUS dcesrv_lsa_EnumAccountRights(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_EnumAccountRights *r);
-static NTSTATUS dcesrv_lsa_AddRemoveAccountRights(struct dcesrv_call_state *dce_call,
+static NTSTATUS dcesrv_lsa_AddRemoveAccountRights(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_policy_state *state,
int ldb_flag,
struct dom_sid *sid,
const struct lsa_RightSet *rights);
-/*
- lsa_Close
+/*
+ lsa_Close
*/
static NTSTATUS dcesrv_lsa_Close(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_Close *r)
}
-/*
- lsa_Delete
+/*
+ lsa_Delete
*/
static NTSTATUS dcesrv_lsa_Delete(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_Delete *r)
}
-/*
+/*
lsa_DeleteObject
*/
static NTSTATUS dcesrv_lsa_DeleteObject(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
return NT_STATUS_ACCESS_DENIED;
}
- ret = ldb_delete(secret_state->sam_ldb,
+ ret = ldb_delete(secret_state->sam_ldb,
secret_state->secret_dn);
if (ret != LDB_SUCCESS) {
return NT_STATUS_INVALID_HANDLE;
return NT_STATUS_OK;
} else if (h->wire_handle.handle_type == LSA_HANDLE_TRUSTED_DOMAIN) {
- struct lsa_trusted_domain_state *trusted_domain_state =
+ struct lsa_trusted_domain_state *trusted_domain_state =
talloc_get_type(h->data, struct lsa_trusted_domain_state);
ret = ldb_transaction_start(trusted_domain_state->policy->sam_ldb);
if (ret != LDB_SUCCESS) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- ret = ldb_delete(trusted_domain_state->policy->sam_ldb,
+ ret = ldb_delete(trusted_domain_state->policy->sam_ldb,
trusted_domain_state->trusted_domain_dn);
if (ret != LDB_SUCCESS) {
ldb_transaction_cancel(trusted_domain_state->policy->sam_ldb);
}
if (trusted_domain_state->trusted_domain_user_dn) {
- ret = ldb_delete(trusted_domain_state->policy->sam_ldb,
+ ret = ldb_delete(trusted_domain_state->policy->sam_ldb,
trusted_domain_state->trusted_domain_user_dn);
if (ret != LDB_SUCCESS) {
ldb_transaction_cancel(trusted_domain_state->policy->sam_ldb);
rights = talloc(mem_ctx, struct lsa_RightSet);
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_ACCOUNT);
-
+
astate = h->data;
r2.in.handle = &astate->policy->handle->wire_handle;
return status;
}
- status = dcesrv_lsa_AddRemoveAccountRights(dce_call, mem_ctx, astate->policy,
+ status = dcesrv_lsa_AddRemoveAccountRights(dce_call, mem_ctx, astate->policy,
LDB_FLAG_MOD_DELETE, astate->account_sid,
r2.out.rights);
if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
ZERO_STRUCTP(r->out.handle);
return NT_STATUS_OK;
- }
-
+ }
+
return NT_STATUS_INVALID_HANDLE;
}
-/*
- lsa_EnumPrivs
+/*
+ lsa_EnumPrivs
*/
static NTSTATUS dcesrv_lsa_EnumPrivs(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_EnumPrivs *r)
struct lsa_PrivEntry *e;
privname = sec_privilege_name(priv);
r->out.privs->privs = talloc_realloc(r->out.privs,
- r->out.privs->privs,
- struct lsa_PrivEntry,
+ r->out.privs->privs,
+ struct lsa_PrivEntry,
r->out.privs->count+1);
if (r->out.privs->privs == NULL) {
return NT_STATUS_NO_MEMORY;
}
-/*
- lsa_QuerySecObj
+/*
+ lsa_QuerySecObj
*/
static NTSTATUS dcesrv_lsa_QuerySecurity(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_QuerySecurity *r)
if (h->wire_handle.handle_type == LSA_HANDLE_POLICY) {
status = dcesrv_build_lsa_sd(mem_ctx, &sd, sid, 0);
} else if (h->wire_handle.handle_type == LSA_HANDLE_ACCOUNT) {
- status = dcesrv_build_lsa_sd(mem_ctx, &sd, sid,
+ status = dcesrv_build_lsa_sd(mem_ctx, &sd, sid,
LSA_ACCOUNT_ALL_ACCESS);
} else {
return NT_STATUS_INVALID_HANDLE;
NT_STATUS_HAVE_NO_MEMORY(*r->out.sdbuf);
(*r->out.sdbuf)->sd = sd;
-
+
return NT_STATUS_OK;
}
-/*
- lsa_SetSecObj
+/*
+ lsa_SetSecObj
*/
static NTSTATUS dcesrv_lsa_SetSecObj(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_SetSecObj *r)
}
-/*
- lsa_ChangePassword
+/*
+ lsa_ChangePassword
*/
static NTSTATUS dcesrv_lsa_ChangePassword(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_ChangePassword *r)
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
-/*
- dssetup_DsRoleGetPrimaryDomainInformation
+/*
+ dssetup_DsRoleGetPrimaryDomainInformation
This is not an LSA call, but is the only call left on the DSSETUP
pipe (after the pipe was truncated), and needs lsa_get_policy_state
*/
-static WERROR dcesrv_dssetup_DsRoleGetPrimaryDomainInformation(struct dcesrv_call_state *dce_call,
+static WERROR dcesrv_dssetup_DsRoleGetPrimaryDomainInformation(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct dssetup_DsRoleGetPrimaryDomainInformation *r)
{
if (state->mixed_domain == 1) {
flags |= DS_ROLE_PRIMARY_DS_MIXED_MODE;
}
-
+
domain = state->domain_name;
dns_domain = state->domain_dns;
forest = state->forest_dns;
break;
}
- info->basic.role = role;
+ info->basic.role = role;
info->basic.flags = flags;
info->basic.domain = domain;
info->basic.dns_domain = dns_domain;
return NT_STATUS_OK;
}
-/*
+/*
lsa_QueryInfoPolicy2
*/
static NTSTATUS dcesrv_lsa_QueryInfoPolicy2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
return NT_STATUS_INVALID_INFO_CLASS;
}
-/*
- lsa_QueryInfoPolicy
+/*
+ lsa_QueryInfoPolicy
*/
static NTSTATUS dcesrv_lsa_QueryInfoPolicy(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_QueryInfoPolicy *r)
r2.in.handle = r->in.handle;
r2.in.level = r->in.level;
r2.out.info = r->out.info;
-
+
status = dcesrv_lsa_QueryInfoPolicy2(dce_call, mem_ctx, &r2);
return status;
}
-/*
- lsa_SetInfoPolicy
+/*
+ lsa_SetInfoPolicy
*/
static NTSTATUS dcesrv_lsa_SetInfoPolicy(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_SetInfoPolicy *r)
}
-/*
- lsa_ClearAuditLog
+/*
+ lsa_ClearAuditLog
*/
static NTSTATUS dcesrv_lsa_ClearAuditLog(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_ClearAuditLog *r)
}
-/*
- lsa_CreateAccount
+/*
+ lsa_CreateAccount
This call does not seem to have any long-term effects, hence no database operations
talloc_free(astate);
return NT_STATUS_NO_MEMORY;
}
-
+
astate->policy = talloc_reference(astate, state);
astate->access_mask = r->in.access_mask;
}
-/*
- lsa_EnumAccounts
+/*
+ lsa_EnumAccounts
*/
static NTSTATUS dcesrv_lsa_EnumAccounts(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_EnumAccounts *r)
state = h->data;
/* NOTE: This call must only return accounts that have at least
- one privilege set
+ one privilege set
*/
- ret = gendb_search(state->pdb, mem_ctx, NULL, &res, attrs,
+ ret = gendb_search(state->pdb, mem_ctx, NULL, &res, attrs,
"(&(objectSid=*)(privilege=*))");
if (ret < 0) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
for (i=0;i<count;i++) {
- r->out.sids->sids[i].sid =
- samdb_result_dom_sid(r->out.sids->sids,
+ r->out.sids->sids[i].sid =
+ samdb_result_dom_sid(r->out.sids->sids,
res[i + *r->in.resume_handle],
"objectSid");
NT_STATUS_HAVE_NO_MEMORY(r->out.sids->sids[i].sid);
*r->out.resume_handle = count + *r->in.resume_handle;
return NT_STATUS_OK;
-
}
/* This decrypts and returns Trusted Domain Auth Information Internal data */
return dcesrv_lsa_CreateTrustedDomain_base(dce_call, mem_ctx, &r2, NDR_LSA_CREATETRUSTEDDOMAINEX, r->in.auth_info);
}
-/*
- lsa_CreateTrustedDomain
+/*
+ lsa_CreateTrustedDomain
*/
static NTSTATUS dcesrv_lsa_CreateTrustedDomain(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CreateTrustedDomain *r)
r2.in.info->trust_direction = LSA_TRUST_DIRECTION_OUTBOUND;
r2.in.info->trust_type = LSA_TRUST_TYPE_DOWNLEVEL;
r2.in.info->trust_attributes = 0;
-
+
r2.in.access_mask = r->in.access_mask;
r2.out.trustdom_handle = r->out.trustdom_handle;
return dcesrv_lsa_CreateTrustedDomain_base(dce_call, mem_ctx, &r2, NDR_LSA_CREATETRUSTEDDOMAIN, NULL);
-
}
-/*
+/*
lsa_OpenTrustedDomain
*/
static NTSTATUS dcesrv_lsa_OpenTrustedDomain(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_OpenTrustedDomain *r)
{
struct dcesrv_handle *policy_handle;
-
+
struct lsa_policy_state *policy_state;
struct lsa_trusted_domain_state *trusted_domain_state;
struct dcesrv_handle *handle;
/* search for the trusted_domain record */
ret = gendb_search(trusted_domain_state->policy->sam_ldb,
mem_ctx, policy_state->system_dn, &msgs, attrs,
- "(&(securityIdentifier=%s)(objectclass=trustedDomain))",
+ "(&(securityIdentifier=%s)(objectclass=trustedDomain))",
sid_string);
if (ret == 0) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
-
+
if (ret != 1) {
DEBUG(0,("Found %d records matching DN %s\n", ret,
ldb_dn_get_linearized(policy_state->system_dn)));
if (!handle) {
return NT_STATUS_NO_MEMORY;
}
-
+
handle->data = talloc_steal(handle, trusted_domain_state);
-
+
trusted_domain_state->access_mask = r->in.access_mask;
trusted_domain_state->policy = talloc_reference(trusted_domain_state, policy_state);
-
+
*r->out.trustdom_handle = handle->wire_handle;
-
+
return NT_STATUS_OK;
}
-/*
+/*
lsa_SetTrustedDomainInfo
*/
static NTSTATUS dcesrv_lsa_SetTrustedDomainInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
}
-/*
+/*
lsa_DeleteTrustedDomain
*/
static NTSTATUS dcesrv_lsa_DeleteTrustedDomain(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
return NT_STATUS_OK;
}
-static NTSTATUS fill_trust_domain_ex(TALLOC_CTX *mem_ctx,
- struct ldb_message *msg,
- struct lsa_TrustDomainInfoInfoEx *info_ex)
+static NTSTATUS fill_trust_domain_ex(TALLOC_CTX *mem_ctx,
+ struct ldb_message *msg,
+ struct lsa_TrustDomainInfoInfoEx *info_ex)
{
info_ex->domain_name.string
= ldb_msg_find_attr_as_string(msg, "trustPartner", NULL);
info_ex->netbios_name.string
= ldb_msg_find_attr_as_string(msg, "flatname", NULL);
- info_ex->sid
+ info_ex->sid
= samdb_result_dom_sid(mem_ctx, msg, "securityIdentifier");
info_ex->trust_direction
= ldb_msg_find_attr_as_int(msg, "trustDirection", 0);
info_ex->trust_type
= ldb_msg_find_attr_as_int(msg, "trustType", 0);
info_ex->trust_attributes
- = ldb_msg_find_attr_as_int(msg, "trustAttributes", 0);
+ = ldb_msg_find_attr_as_int(msg, "trustAttributes", 0);
return NT_STATUS_OK;
}
-/*
+/*
lsa_QueryTrustedDomainInfo
*/
static NTSTATUS dcesrv_lsa_QueryTrustedDomainInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
int ret;
struct ldb_message **res;
const char *attrs[] = {
- "flatname",
+ "flatname",
"trustPartner",
"securityIdentifier",
"trustDirection",
"trustType",
- "trustAttributes",
+ "trustAttributes",
"msDs-supportedEncryptionTypes",
NULL
};
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
msg = res[0];
-
+
info = talloc_zero(mem_ctx, union lsa_TrustedDomainInfo);
if (!info) {
return NT_STATUS_NO_MEMORY;
break;
#if 0 /* Win2k3 doesn't implement this */
case LSA_TRUSTED_DOMAIN_INFO_BASIC:
- r->out.info->info_basic.netbios_name.string
+ r->out.info->info_basic.netbios_name.string
= ldb_msg_find_attr_as_string(msg, "flatname", NULL);
r->out.info->info_basic.sid
= samdb_result_dom_sid(mem_ctx, msg, "securityIdentifier");
info->full_info2_internal.posix_offset.posix_offset
= ldb_msg_find_attr_as_uint(msg, "posixOffset", 0);
return fill_trust_domain_ex(mem_ctx, msg, &info->full_info2_internal.info.info_ex);
-
+
case LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES:
info->enc_types.enc_types
= ldb_msg_find_attr_as_uint(msg, "msDs-supportedEncryptionTypes", KERB_ENCTYPE_RC4_HMAC_MD5);
}
-/*
+/*
lsa_QueryTrustedDomainInfoBySid
*/
static NTSTATUS dcesrv_lsa_QueryTrustedDomainInfoBySid(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
msgs[0], r->in.level, r->in.info);
}
-/*
+/*
lsa_QueryTrustedDomainInfoByName
*/
static NTSTATUS dcesrv_lsa_QueryTrustedDomainInfoByName(struct dcesrv_call_state *dce_call,
if (!NT_STATUS_IS_OK(status)) {
return status;
}
-
+
/* Ensure this handle goes away at the end of this call */
DCESRV_PULL_HANDLE(h, opn.out.trustdom_handle, DCESRV_HANDLE_ANY);
talloc_steal(mem_ctx, h);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
-
+
return NT_STATUS_OK;
}
/*
- lsa_CloseTrustedDomainEx
+ lsa_CloseTrustedDomainEx
*/
static NTSTATUS dcesrv_lsa_CloseTrustedDomainEx(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
return strcasecmp_m(e1->name.string, e2->name.string);
}
-/*
- lsa_EnumTrustDom
+/*
+ lsa_EnumTrustDom
*/
static NTSTATUS dcesrv_lsa_EnumTrustDom(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_EnumTrustDom *r)
struct lsa_policy_state *policy_state;
struct ldb_message **domains;
const char *attrs[] = {
- "flatname",
+ "flatname",
"securityIdentifier",
NULL
};
policy_state = policy_handle->data;
- /* search for all users in this domain. This could possibly be cached and
+ /* search for all users in this domain. This could possibly be cached and
resumed based on resume_key */
- count = gendb_search(policy_state->sam_ldb, mem_ctx, policy_state->system_dn, &domains, attrs,
+ count = gendb_search(policy_state->sam_ldb, mem_ctx, policy_state->system_dn, &domains, attrs,
"objectclass=trustedDomain");
if (count < 0) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
return NT_STATUS_NO_MORE_ENTRIES;
}
- /* return the rest, limit by max_size. Note that we
+ /* return the rest, limit by max_size. Note that we
use the w2k3 element size value of 60 */
r->out.domains->count = count - *r->in.resume_handle;
- r->out.domains->count = MIN(r->out.domains->count,
+ r->out.domains->count = MIN(r->out.domains->count,
1+(r->in.max_size/LSA_ENUM_TRUST_DOMAIN_MULTIPLIER));
r->out.domains->domains = entries + *r->in.resume_handle;
return strcasecmp_m(e1->netbios_name.string, e2->netbios_name.string);
}
-/*
- lsa_EnumTrustedDomainsEx
+/*
+ lsa_EnumTrustedDomainsEx
*/
static NTSTATUS dcesrv_lsa_EnumTrustedDomainsEx(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_EnumTrustedDomainsEx *r)
struct lsa_policy_state *policy_state;
struct ldb_message **domains;
const char *attrs[] = {
- "flatname",
+ "flatname",
"trustPartner",
"securityIdentifier",
"trustDirection",
"trustType",
- "trustAttributes",
+ "trustAttributes",
NULL
};
NTSTATUS nt_status;
policy_state = policy_handle->data;
- /* search for all users in this domain. This could possibly be cached and
+ /* search for all users in this domain. This could possibly be cached and
resumed based on resume_key */
- count = gendb_search(policy_state->sam_ldb, mem_ctx, policy_state->system_dn, &domains, attrs,
+ count = gendb_search(policy_state->sam_ldb, mem_ctx, policy_state->system_dn, &domains, attrs,
"objectclass=trustedDomain");
if (count < 0) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
return NT_STATUS_NO_MORE_ENTRIES;
}
- /* return the rest, limit by max_size. Note that we
+ /* return the rest, limit by max_size. Note that we
use the w2k3 element size value of 60 */
r->out.domains->count = count - *r->in.resume_handle;
- r->out.domains->count = MIN(r->out.domains->count,
+ r->out.domains->count = MIN(r->out.domains->count,
1+(r->in.max_size/LSA_ENUM_TRUST_DOMAIN_EX_MULTIPLIER));
r->out.domains->domains = entries + *r->in.resume_handle;
}
-/*
- lsa_OpenAccount
+/*
+ lsa_OpenAccount
*/
static NTSTATUS dcesrv_lsa_OpenAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_OpenAccount *r)
talloc_free(astate);
return NT_STATUS_NO_MEMORY;
}
-
+
astate->policy = talloc_reference(astate, state);
astate->access_mask = r->in.access_mask;
}
-/*
- lsa_EnumPrivsAccount
+/*
+ lsa_EnumPrivsAccount
*/
-static NTSTATUS dcesrv_lsa_EnumPrivsAccount(struct dcesrv_call_state *dce_call,
+static NTSTATUS dcesrv_lsa_EnumPrivsAccount(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_EnumPrivsAccount *r)
{
return NT_STATUS_NO_MEMORY;
}
- ret = gendb_search(astate->policy->pdb, mem_ctx, NULL, &res, attrs,
+ ret = gendb_search(astate->policy->pdb, mem_ctx, NULL, &res, attrs,
"objectSid=%s", sidstr);
if (ret < 0) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
return NT_STATUS_OK;
}
-/*
- lsa_EnumAccountRights
+/*
+ lsa_EnumAccountRights
*/
-static NTSTATUS dcesrv_lsa_EnumAccountRights(struct dcesrv_call_state *dce_call,
+static NTSTATUS dcesrv_lsa_EnumAccountRights(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_EnumAccountRights *r)
{
return NT_STATUS_NO_MEMORY;
}
- ret = gendb_search(state->pdb, mem_ctx, NULL, &res, attrs,
+ ret = gendb_search(state->pdb, mem_ctx, NULL, &res, attrs,
"(&(objectSid=%s)(privilege=*))", sidstr);
if (ret == 0) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
if (ret != 1) {
- DEBUG(3, ("searching for account rights for SID: %s failed: %s",
+ DEBUG(3, ("searching for account rights for SID: %s failed: %s",
dom_sid_string(mem_ctx, r->in.sid),
ldb_errstring(state->pdb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
r->out.rights->count = el->num_values;
- r->out.rights->names = talloc_array(r->out.rights,
+ r->out.rights->names = talloc_array(r->out.rights,
struct lsa_StringLarge, r->out.rights->count);
if (r->out.rights->names == NULL) {
return NT_STATUS_NO_MEMORY;
-/*
+/*
helper for lsa_AddAccountRights and lsa_RemoveAccountRights
*/
-static NTSTATUS dcesrv_lsa_AddRemoveAccountRights(struct dcesrv_call_state *dce_call,
+static NTSTATUS dcesrv_lsa_AddRemoveAccountRights(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_policy_state *state,
int ldb_flag,
if (LDB_FLAG_MOD_TYPE(ldb_flag) == LDB_FLAG_MOD_ADD) {
uint32_t j;
for (j=0;j<r2.out.rights->count;j++) {
- if (strcasecmp_m(r2.out.rights->names[j].string,
+ if (strcasecmp_m(r2.out.rights->names[j].string,
rights->names[i].string) == 0) {
break;
}
return NT_STATUS_NO_MEMORY;
}
ldb_msg_add_string(msg, "comment", "added via LSA");
- ret = ldb_add(state->pdb, msg);
+ ret = ldb_add(state->pdb, msg);
}
if (ret != LDB_SUCCESS) {
if (LDB_FLAG_MOD_TYPE(ldb_flag) == LDB_FLAG_MOD_DELETE && ret == LDB_ERR_NO_SUCH_ATTRIBUTE) {
talloc_free(msg);
return NT_STATUS_OK;
}
- DEBUG(3, ("Could not %s attributes from %s: %s",
+ DEBUG(3, ("Could not %s attributes from %s: %s",
LDB_FLAG_MOD_TYPE(ldb_flag) == LDB_FLAG_MOD_DELETE ? "delete" : "add",
ldb_dn_get_linearized(msg->dn), ldb_errstring(state->pdb)));
talloc_free(msg);
return NT_STATUS_OK;
}
-/*
+/*
lsa_AddPrivilegesToAccount
*/
static NTSTATUS dcesrv_lsa_AddPrivilegesToAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
}
}
- return dcesrv_lsa_AddRemoveAccountRights(dce_call, mem_ctx, astate->policy,
+ return dcesrv_lsa_AddRemoveAccountRights(dce_call, mem_ctx, astate->policy,
LDB_FLAG_MOD_ADD, astate->account_sid,
&rights);
}
-/*
+/*
lsa_RemovePrivilegesFromAccount
*/
static NTSTATUS dcesrv_lsa_RemovePrivilegesFromAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
rights = talloc(mem_ctx, struct lsa_RightSet);
- if (r->in.remove_all == 1 &&
+ if (r->in.remove_all == 1 &&
r->in.privs == NULL) {
struct lsa_EnumAccountRights r2;
NTSTATUS status;
return status;
}
- return dcesrv_lsa_AddRemoveAccountRights(dce_call, mem_ctx, astate->policy,
+ return dcesrv_lsa_AddRemoveAccountRights(dce_call, mem_ctx, astate->policy,
LDB_FLAG_MOD_DELETE, astate->account_sid,
r2.out.rights);
}
}
}
- return dcesrv_lsa_AddRemoveAccountRights(dce_call, mem_ctx, astate->policy,
+ return dcesrv_lsa_AddRemoveAccountRights(dce_call, mem_ctx, astate->policy,
LDB_FLAG_MOD_DELETE, astate->account_sid,
rights);
}
-/*
+/*
lsa_GetQuotasForAccount
*/
static NTSTATUS dcesrv_lsa_GetQuotasForAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
}
-/*
+/*
lsa_SetQuotasForAccount
*/
static NTSTATUS dcesrv_lsa_SetQuotasForAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
}
-/*
+/*
lsa_GetSystemAccessAccount
*/
static NTSTATUS dcesrv_lsa_GetSystemAccessAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
return NT_STATUS_NO_MEMORY;
}
- ret = gendb_search(astate->policy->pdb, mem_ctx, NULL, &res, attrs,
+ ret = gendb_search(astate->policy->pdb, mem_ctx, NULL, &res, attrs,
"objectSid=%s", sidstr);
if (ret < 0) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
-/*
+/*
lsa_SetSystemAccessAccount
*/
static NTSTATUS dcesrv_lsa_SetSystemAccessAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
}
-/*
- lsa_CreateSecret
+/*
+ lsa_CreateSecret
*/
static NTSTATUS dcesrv_lsa_CreateSecret(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CreateSecret *r)
DCESRV_PULL_HANDLE(policy_handle, r->in.handle, LSA_HANDLE_POLICY);
ZERO_STRUCTP(r->out.sec_handle);
-
+
switch (security_session_user_level(dce_call->conn->auth_state.session_info, NULL))
{
case SECURITY_SYSTEM:
if (!r->in.name.string) {
return NT_STATUS_INVALID_PARAMETER;
}
-
+
secret_state = talloc(mem_ctx, struct lsa_secret_state);
NT_STATUS_HAVE_NO_MEMORY(secret_state);
secret_state->policy = policy_state;
/* search for the secret record */
ret = gendb_search(secret_state->sam_ldb,
mem_ctx, policy_state->system_dn, &msgs, attrs,
- "(&(cn=%s)(objectclass=secret))",
+ "(&(cn=%s)(objectclass=secret))",
name2);
if (ret > 0) {
return NT_STATUS_OBJECT_NAME_COLLISION;
}
-
+
if (ret < 0) {
- DEBUG(0,("Failure searching for CN=%s: %s\n",
+ DEBUG(0,("Failure searching for CN=%s: %s\n",
name2, ldb_errstring(secret_state->sam_ldb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
return NT_STATUS_INVALID_PARAMETER;
}
- secret_state->sam_ldb = talloc_reference(secret_state,
+ secret_state->sam_ldb = talloc_reference(secret_state,
secrets_db_connect(mem_ctx, dce_call->conn->dce_ctx->lp_ctx));
NT_STATUS_HAVE_NO_MEMORY(secret_state->sam_ldb);
ret = gendb_search(secret_state->sam_ldb, mem_ctx,
ldb_dn_new(mem_ctx, secret_state->sam_ldb, "cn=LSA Secrets"),
&msgs, attrs,
- "(&(cn=%s)(objectclass=secret))",
+ "(&(cn=%s)(objectclass=secret))",
ldb_binary_encode_string(mem_ctx, name));
if (ret > 0) {
return NT_STATUS_OBJECT_NAME_COLLISION;
}
-
+
if (ret < 0) {
- DEBUG(0,("Failure searching for CN=%s: %s\n",
+ DEBUG(0,("Failure searching for CN=%s: %s\n",
name, ldb_errstring(secret_state->sam_ldb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
NT_STATUS_HAVE_NO_MEMORY(msg->dn);
ret = ldb_msg_add_string(msg, "cn", name);
if (ret != LDB_SUCCESS) return NT_STATUS_NO_MEMORY;
- }
+ }
ret = ldb_msg_add_string(msg, "objectClass", "secret");
if (ret != LDB_SUCCESS) return NT_STATUS_NO_MEMORY;
-
+
secret_state->secret_dn = talloc_reference(secret_state, msg->dn);
NT_STATUS_HAVE_NO_MEMORY(secret_state->secret_dn);
ret = ldb_add(secret_state->sam_ldb, msg);
if (ret != LDB_SUCCESS) {
DEBUG(0,("Failed to create secret record %s: %s\n",
- ldb_dn_get_linearized(msg->dn),
+ ldb_dn_get_linearized(msg->dn),
ldb_errstring(secret_state->sam_ldb)));
return NT_STATUS_ACCESS_DENIED;
}
NT_STATUS_HAVE_NO_MEMORY(handle);
handle->data = talloc_steal(handle, secret_state);
-
+
secret_state->access_mask = r->in.access_mask;
secret_state->policy = talloc_reference(secret_state, policy_state);
NT_STATUS_HAVE_NO_MEMORY(secret_state->policy);
-
+
*r->out.sec_handle = handle->wire_handle;
-
+
return NT_STATUS_OK;
}
-/*
- lsa_OpenSecret
+/*
+ lsa_OpenSecret
*/
static NTSTATUS dcesrv_lsa_OpenSecret(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_OpenSecret *r)
{
struct dcesrv_handle *policy_handle;
-
+
struct lsa_policy_state *policy_state;
struct lsa_secret_state *secret_state;
struct dcesrv_handle *handle;
if (!r->in.name.string) {
return NT_STATUS_INVALID_PARAMETER;
}
-
+
switch (security_session_user_level(dce_call->conn->auth_state.session_info, NULL))
{
case SECURITY_SYSTEM:
if (strncmp("G$", r->in.name.string, 2) == 0) {
name = &r->in.name.string[2];
/* We need to connect to the database as system, as this is one of the rare RPC calls that must read the secrets (and this is denied otherwise) */
- secret_state->sam_ldb = talloc_reference(secret_state,
+ secret_state->sam_ldb = talloc_reference(secret_state,
samdb_connect(mem_ctx, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx, system_session(dce_call->conn->dce_ctx->lp_ctx), 0));
secret_state->global = true;
/* search for the secret record */
ret = gendb_search(secret_state->sam_ldb,
mem_ctx, policy_state->system_dn, &msgs, attrs,
- "(&(cn=%s Secret)(objectclass=secret))",
+ "(&(cn=%s Secret)(objectclass=secret))",
ldb_binary_encode_string(mem_ctx, name));
if (ret == 0) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
-
+
if (ret != 1) {
DEBUG(0,("Found %d records matching DN %s\n", ret,
ldb_dn_get_linearized(policy_state->system_dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
-
} else {
secret_state->global = false;
- secret_state->sam_ldb = talloc_reference(secret_state,
+ secret_state->sam_ldb = talloc_reference(secret_state,
secrets_db_connect(mem_ctx, dce_call->conn->dce_ctx->lp_ctx));
name = r->in.name.string;
ret = gendb_search(secret_state->sam_ldb, mem_ctx,
ldb_dn_new(mem_ctx, secret_state->sam_ldb, "cn=LSA Secrets"),
&msgs, attrs,
- "(&(cn=%s)(objectclass=secret))",
+ "(&(cn=%s)(objectclass=secret))",
ldb_binary_encode_string(mem_ctx, name));
if (ret == 0) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
-
+
if (ret != 1) {
- DEBUG(0,("Found %d records matching CN=%s\n",
+ DEBUG(0,("Found %d records matching CN=%s\n",
ret, ldb_binary_encode_string(mem_ctx, name)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- }
+ }
secret_state->secret_dn = talloc_reference(secret_state, msgs[0]->dn);
-
+
handle = dcesrv_handle_new(dce_call->context, LSA_HANDLE_SECRET);
if (!handle) {
return NT_STATUS_NO_MEMORY;
}
-
+
handle->data = talloc_steal(handle, secret_state);
-
+
secret_state->access_mask = r->in.access_mask;
secret_state->policy = talloc_reference(secret_state, policy_state);
-
+
*r->out.sec_handle = handle->wire_handle;
-
+
return NT_STATUS_OK;
}
-/*
- lsa_SetSecret
+/*
+ lsa_SetSecret
*/
static NTSTATUS dcesrv_lsa_SetSecret(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_SetSecret *r)
/* Decrypt */
crypt_secret.data = r->in.old_val->data;
crypt_secret.length = r->in.old_val->size;
-
+
status = sess_decrypt_blob(mem_ctx, &crypt_secret, &session_key, &secret);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
-
+
val.data = secret.data;
val.length = secret.length;
-
+
/* set value */
if (ldb_msg_add_value(msg, "priorValue", &val, NULL) != LDB_SUCCESS) {
- return NT_STATUS_NO_MEMORY;
+ return NT_STATUS_NO_MEMORY;
}
-
+
/* set old value mtime */
- if (samdb_msg_add_uint64(secret_state->sam_ldb,
+ if (samdb_msg_add_uint64(secret_state->sam_ldb,
mem_ctx, msg, "priorSetTime", nt_now) != LDB_SUCCESS) {
- return NT_STATUS_NO_MEMORY;
+ return NT_STATUS_NO_MEMORY;
}
} else {
"lastSetTime",
NULL
};
-
+
/* search for the secret record */
ret = gendb_search_dn(secret_state->sam_ldb,mem_ctx,
secret_state->secret_dn, &res, attrs);
if (ret == 0) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
-
+
if (ret != 1) {
DEBUG(0,("Found %d records matching dn=%s\n", ret,
ldb_dn_get_linearized(secret_state->secret_dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
-
+
old_val = ldb_msg_find_ldb_val(res[0], "currentValue");
last_set_time = ldb_msg_find_attr_as_uint64(res[0], "lastSetTime", 0);
-
+
if (old_val) {
/* set old value */
if (ldb_msg_add_value(msg, "priorValue",
old_val, NULL) != LDB_SUCCESS) {
- return NT_STATUS_NO_MEMORY;
+ return NT_STATUS_NO_MEMORY;
}
} else {
- if (samdb_msg_add_delete(secret_state->sam_ldb,
+ if (samdb_msg_add_delete(secret_state->sam_ldb,
mem_ctx, msg, "priorValue") != LDB_SUCCESS) {
return NT_STATUS_NO_MEMORY;
}
-
}
-
+
/* set old value mtime */
if (ldb_msg_find_ldb_val(res[0], "lastSetTime")) {
- if (samdb_msg_add_uint64(secret_state->sam_ldb,
+ if (samdb_msg_add_uint64(secret_state->sam_ldb,
mem_ctx, msg, "priorSetTime", last_set_time) != LDB_SUCCESS) {
- return NT_STATUS_NO_MEMORY;
+ return NT_STATUS_NO_MEMORY;
}
} else {
- if (samdb_msg_add_uint64(secret_state->sam_ldb,
+ if (samdb_msg_add_uint64(secret_state->sam_ldb,
mem_ctx, msg, "priorSetTime", nt_now) != LDB_SUCCESS) {
- return NT_STATUS_NO_MEMORY;
+ return NT_STATUS_NO_MEMORY;
}
}
}
/* Decrypt */
crypt_secret.data = r->in.new_val->data;
crypt_secret.length = r->in.new_val->size;
-
+
status = sess_decrypt_blob(mem_ctx, &crypt_secret, &session_key, &secret);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
-
+
val.data = secret.data;
val.length = secret.length;
-
+
/* set value */
if (ldb_msg_add_value(msg, "currentValue", &val, NULL) != LDB_SUCCESS) {
- return NT_STATUS_NO_MEMORY;
+ return NT_STATUS_NO_MEMORY;
}
-
+
/* set new value mtime */
- if (samdb_msg_add_uint64(secret_state->sam_ldb,
+ if (samdb_msg_add_uint64(secret_state->sam_ldb,
mem_ctx, msg, "lastSetTime", nt_now) != LDB_SUCCESS) {
- return NT_STATUS_NO_MEMORY;
+ return NT_STATUS_NO_MEMORY;
}
-
} else {
/* NULL out the NEW value */
- if (samdb_msg_add_uint64(secret_state->sam_ldb,
+ if (samdb_msg_add_uint64(secret_state->sam_ldb,
mem_ctx, msg, "lastSetTime", nt_now) != LDB_SUCCESS) {
- return NT_STATUS_NO_MEMORY;
+ return NT_STATUS_NO_MEMORY;
}
- if (samdb_msg_add_delete(secret_state->sam_ldb,
+ if (samdb_msg_add_delete(secret_state->sam_ldb,
mem_ctx, msg, "currentValue") != LDB_SUCCESS) {
return NT_STATUS_NO_MEMORY;
}
}
-/*
- lsa_QuerySecret
+/*
+ lsa_QuerySecret
*/
static NTSTATUS dcesrv_lsa_QuerySecret(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_QuerySecret *r)
"currentValue",
"priorValue",
"lastSetTime",
- "priorSetTime",
+ "priorSetTime",
NULL
};
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
msg = res[0];
-
+
nt_status = dcesrv_fetch_session_key(dce_call->conn, &session_key);
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
}
-
+
if (r->in.old_val) {
const struct ldb_val *prior_val;
r->out.old_val = talloc_zero(mem_ctx, struct lsa_DATA_BUF_PTR);
return NT_STATUS_NO_MEMORY;
}
prior_val = ldb_msg_find_ldb_val(res[0], "priorValue");
-
+
if (prior_val && prior_val->length) {
secret.data = prior_val->data;
secret.length = prior_val->length;
-
+
/* Encrypt */
crypt_secret = sess_encrypt_blob(mem_ctx, &secret, &session_key);
if (!crypt_secret.length) {
r->out.old_val->buf->data = crypt_secret.data;
}
}
-
+
if (r->in.old_mtime) {
r->out.old_mtime = talloc(mem_ctx, NTTIME);
if (!r->out.old_mtime) {
}
*r->out.old_mtime = ldb_msg_find_attr_as_uint64(res[0], "priorSetTime", 0);
}
-
+
if (r->in.new_val) {
const struct ldb_val *new_val;
r->out.new_val = talloc_zero(mem_ctx, struct lsa_DATA_BUF_PTR);
}
new_val = ldb_msg_find_ldb_val(res[0], "currentValue");
-
+
if (new_val && new_val->length) {
secret.data = new_val->data;
secret.length = new_val->length;
-
+
/* Encrypt */
crypt_secret = sess_encrypt_blob(mem_ctx, &secret, &session_key);
if (!crypt_secret.length) {
r->out.new_val->buf->data = crypt_secret.data;
}
}
-
+
if (r->in.new_mtime) {
r->out.new_mtime = talloc(mem_ctx, NTTIME);
if (!r->out.new_mtime) {
}
*r->out.new_mtime = ldb_msg_find_attr_as_uint64(res[0], "lastSetTime", 0);
}
-
+
return NT_STATUS_OK;
}
-/*
+/*
lsa_LookupPrivValue
*/
-static NTSTATUS dcesrv_lsa_LookupPrivValue(struct dcesrv_call_state *dce_call,
+static NTSTATUS dcesrv_lsa_LookupPrivValue(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_LookupPrivValue *r)
{
r->out.luid->low = id;
r->out.luid->high = 0;
- return NT_STATUS_OK;
+ return NT_STATUS_OK;
}
-/*
- lsa_LookupPrivName
+/*
+ lsa_LookupPrivName
*/
-static NTSTATUS dcesrv_lsa_LookupPrivName(struct dcesrv_call_state *dce_call,
+static NTSTATUS dcesrv_lsa_LookupPrivName(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_LookupPrivName *r)
{
*r->out.name = name;
- return NT_STATUS_OK;
+ return NT_STATUS_OK;
}
-/*
+/*
lsa_LookupPrivDisplayName
*/
-static NTSTATUS dcesrv_lsa_LookupPrivDisplayName(struct dcesrv_call_state *dce_call,
+static NTSTATUS dcesrv_lsa_LookupPrivDisplayName(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_LookupPrivDisplayName *r)
{
}
-/*
+/*
lsa_EnumAccountsWithUserRight
*/
-static NTSTATUS dcesrv_lsa_EnumAccountsWithUserRight(struct dcesrv_call_state *dce_call,
+static NTSTATUS dcesrv_lsa_EnumAccountsWithUserRight(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_EnumAccountsWithUserRight *r)
{
if (r->in.name == NULL) {
return NT_STATUS_NO_SUCH_PRIVILEGE;
- }
+ }
privname = r->in.name->string;
if (sec_privilege_id(privname) == SEC_PRIV_INVALID && sec_right_bit(privname) == 0) {
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
- ret = gendb_search(state->pdb, mem_ctx, NULL, &res, attrs,
+ ret = gendb_search(state->pdb, mem_ctx, NULL, &res, attrs,
"privilege=%s", privname);
if (ret < 0) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
-/*
+/*
lsa_AddAccountRights
*/
-static NTSTATUS dcesrv_lsa_AddAccountRights(struct dcesrv_call_state *dce_call,
+static NTSTATUS dcesrv_lsa_AddAccountRights(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_AddAccountRights *r)
{
state = h->data;
- return dcesrv_lsa_AddRemoveAccountRights(dce_call, mem_ctx, state,
+ return dcesrv_lsa_AddRemoveAccountRights(dce_call, mem_ctx, state,
LDB_FLAG_MOD_ADD,
r->in.sid, r->in.rights);
}
-/*
+/*
lsa_RemoveAccountRights
*/
-static NTSTATUS dcesrv_lsa_RemoveAccountRights(struct dcesrv_call_state *dce_call,
+static NTSTATUS dcesrv_lsa_RemoveAccountRights(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_RemoveAccountRights *r)
{
state = h->data;
- return dcesrv_lsa_AddRemoveAccountRights(dce_call, mem_ctx, state,
+ return dcesrv_lsa_AddRemoveAccountRights(dce_call, mem_ctx, state,
LDB_FLAG_MOD_DELETE,
r->in.sid, r->in.rights);
}
-/*
+/*
lsa_StorePrivateData
*/
static NTSTATUS dcesrv_lsa_StorePrivateData(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
}
-/*
+/*
lsa_RetrievePrivateData
*/
static NTSTATUS dcesrv_lsa_RetrievePrivateData(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
}
-/*
+/*
lsa_GetUserName
*/
static NTSTATUS dcesrv_lsa_GetUserName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
config option (the max skew), it would probably make more sense
to have a lp_ or ldb global option as the samba default */
if (smb_krb5_context) {
- unix_to_nt_time(&k->clock_skew,
+ unix_to_nt_time(&k->clock_skew,
krb5_get_max_time_skew(smb_krb5_context->krb5_context));
}
#endif
{
struct lsa_DomainInfoKerberos *k = &info->kerberos_info;
struct smb_krb5_context *smb_krb5_context;
- int ret = smb_krb5_init_context(mem_ctx,
- dce_call->event_ctx,
+ int ret = smb_krb5_init_context(mem_ctx,
+ dce_call->event_ctx,
dce_call->conn->dce_ctx->lp_ctx,
&smb_krb5_context);
if (ret != 0) {
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
-/*
- lsa_CREDRWRITE
+/*
+ lsa_CREDRWRITE
*/
static NTSTATUS dcesrv_lsa_CREDRWRITE(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CREDRWRITE *r)
}
-/*
- lsa_CREDRREAD
+/*
+ lsa_CREDRREAD
*/
static NTSTATUS dcesrv_lsa_CREDRREAD(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CREDRREAD *r)
}
-/*
- lsa_CREDRENUMERATE
+/*
+ lsa_CREDRENUMERATE
*/
static NTSTATUS dcesrv_lsa_CREDRENUMERATE(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CREDRENUMERATE *r)
}
-/*
- lsa_CREDRWRITEDOMAINCREDENTIALS
+/*
+ lsa_CREDRWRITEDOMAINCREDENTIALS
*/
static NTSTATUS dcesrv_lsa_CREDRWRITEDOMAINCREDENTIALS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CREDRWRITEDOMAINCREDENTIALS *r)
}
-/*
- lsa_CREDRREADDOMAINCREDENTIALS
+/*
+ lsa_CREDRREADDOMAINCREDENTIALS
*/
static NTSTATUS dcesrv_lsa_CREDRREADDOMAINCREDENTIALS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CREDRREADDOMAINCREDENTIALS *r)
}
-/*
- lsa_CREDRDELETE
+/*
+ lsa_CREDRDELETE
*/
static NTSTATUS dcesrv_lsa_CREDRDELETE(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CREDRDELETE *r)
}
-/*
- lsa_CREDRGETTARGETINFO
+/*
+ lsa_CREDRGETTARGETINFO
*/
static NTSTATUS dcesrv_lsa_CREDRGETTARGETINFO(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CREDRGETTARGETINFO *r)
}
-/*
- lsa_CREDRPROFILELOADED
+/*
+ lsa_CREDRPROFILELOADED
*/
static NTSTATUS dcesrv_lsa_CREDRPROFILELOADED(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CREDRPROFILELOADED *r)
}
-/*
- lsa_CREDRGETSESSIONTYPES
+/*
+ lsa_CREDRGETSESSIONTYPES
*/
static NTSTATUS dcesrv_lsa_CREDRGETSESSIONTYPES(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CREDRGETSESSIONTYPES *r)
}
-/*
- lsa_LSARREGISTERAUDITEVENT
+/*
+ lsa_LSARREGISTERAUDITEVENT
*/
static NTSTATUS dcesrv_lsa_LSARREGISTERAUDITEVENT(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LSARREGISTERAUDITEVENT *r)
}
-/*
- lsa_LSARGENAUDITEVENT
+/*
+ lsa_LSARGENAUDITEVENT
*/
static NTSTATUS dcesrv_lsa_LSARGENAUDITEVENT(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LSARGENAUDITEVENT *r)
}
-/*
- lsa_LSARUNREGISTERAUDITEVENT
+/*
+ lsa_LSARUNREGISTERAUDITEVENT
*/
static NTSTATUS dcesrv_lsa_LSARUNREGISTERAUDITEVENT(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LSARUNREGISTERAUDITEVENT *r)
}
-/*
- lsa_lsaRQueryForestTrustInformation
+/*
+ lsa_lsaRQueryForestTrustInformation
*/
static NTSTATUS dcesrv_lsa_lsaRQueryForestTrustInformation(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_lsaRQueryForestTrustInformation *r)
return NT_STATUS_OK;
}
-/*
- lsa_CREDRRENAME
+/*
+ lsa_CREDRRENAME
*/
static NTSTATUS dcesrv_lsa_CREDRRENAME(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CREDRRENAME *r)
-/*
- lsa_LSAROPENPOLICYSCE
+/*
+ lsa_LSAROPENPOLICYSCE
*/
static NTSTATUS dcesrv_lsa_LSAROPENPOLICYSCE(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LSAROPENPOLICYSCE *r)
}
-/*
- lsa_LSARADTREGISTERSECURITYEVENTSOURCE
+/*
+ lsa_LSARADTREGISTERSECURITYEVENTSOURCE
*/
static NTSTATUS dcesrv_lsa_LSARADTREGISTERSECURITYEVENTSOURCE(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LSARADTREGISTERSECURITYEVENTSOURCE *r)
}
-/*
- lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE
+/*
+ lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE
*/
static NTSTATUS dcesrv_lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE *r)
}
-/*
- lsa_LSARADTREPORTSECURITYEVENT
+/*
+ lsa_LSARADTREPORTSECURITYEVENT
*/
static NTSTATUS dcesrv_lsa_LSARADTREPORTSECURITYEVENT(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LSARADTREPORTSECURITYEVENT *r)
not try and fill these in with anything else
******************************************/
-/*
- dssetup_DsRoleDnsNameToFlatName
+/*
+ dssetup_DsRoleDnsNameToFlatName
*/
static WERROR dcesrv_dssetup_DsRoleDnsNameToFlatName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct dssetup_DsRoleDnsNameToFlatName *r)
}
-/*
- dssetup_DsRoleDcAsDc
+/*
+ dssetup_DsRoleDcAsDc
*/
static WERROR dcesrv_dssetup_DsRoleDcAsDc(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct dssetup_DsRoleDcAsDc *r)
}
-/*
- dssetup_DsRoleDcAsReplica
+/*
+ dssetup_DsRoleDcAsReplica
*/
static WERROR dcesrv_dssetup_DsRoleDcAsReplica(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct dssetup_DsRoleDcAsReplica *r)
}
-/*
- dssetup_DsRoleDemoteDc
+/*
+ dssetup_DsRoleDemoteDc
*/
static WERROR dcesrv_dssetup_DsRoleDemoteDc(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct dssetup_DsRoleDemoteDc *r)
}
-/*
- dssetup_DsRoleGetDcOperationProgress
+/*
+ dssetup_DsRoleGetDcOperationProgress
*/
static WERROR dcesrv_dssetup_DsRoleGetDcOperationProgress(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct dssetup_DsRoleGetDcOperationProgress *r)
}
-/*
- dssetup_DsRoleServerSaveStateForUpgrade
+/*
+ dssetup_DsRoleServerSaveStateForUpgrade
*/
static WERROR dcesrv_dssetup_DsRoleServerSaveStateForUpgrade(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct dssetup_DsRoleServerSaveStateForUpgrade *r)
}
-/*
- dssetup_DsRoleUpgradeDownlevelServer
+/*
+ dssetup_DsRoleUpgradeDownlevelServer
*/
static WERROR dcesrv_dssetup_DsRoleUpgradeDownlevelServer(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct dssetup_DsRoleUpgradeDownlevelServer *r)
}
-/*
- dssetup_DsRoleAbortDownlevelServerUpgrade
+/*
+ dssetup_DsRoleAbortDownlevelServerUpgrade
*/
static WERROR dcesrv_dssetup_DsRoleAbortDownlevelServerUpgrade(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct dssetup_DsRoleAbortDownlevelServerUpgrade *r)
NTSTATUS dcerpc_server_lsa_init(void)
{
NTSTATUS ret;
-
+
ret = dcerpc_server_dssetup_init();
if (!NT_STATUS_IS_OK(ret)) {
return ret;
git.samba.org / vlendec / samba-autobuild / .git / commitdiff