mirror of
https://github.com/samba-team/samba.git
synced 2025-11-23 20:23:50 +03:00
r24127: Set the Domain SID into the libnet context, and have libnet_UserInfo
return full SIDs for the user SID and primary group sid. This should help kai with his getpwnam work in winbind. Andrew Bartlett
This commit is contained in:
Andrew Bartlett
committed by
Gerald (Jerry) Carter
Gerald (Jerry) Carter
parent
9a8315019e
commit
078671d501
@@ -28,7 +28,8 @@ struct libnet_context {
|
||||
/* samr connection parameters - opened handles and related properties */
|
||||
struct {
|
||||
struct dcerpc_pipe *pipe;
|
||||
const char *name;
|
||||
char *name;
|
||||
struct dom_sid *sid;
|
||||
uint32_t access_mask;
|
||||
struct policy_handle handle;
|
||||
struct policy_handle connect_handle;
|
||||
@@ -38,7 +39,7 @@ struct libnet_context {
|
||||
/* lsa connection parameters - opened handles and related properties */
|
||||
struct {
|
||||
struct dcerpc_pipe *pipe;
|
||||
const char *name;
|
||||
char *name;
|
||||
uint32_t access_mask;
|
||||
struct policy_handle handle;
|
||||
} lsa;
|
||||
|
||||
@@ -361,6 +361,7 @@ NTSTATUS libnet_DomainOpenSamr_recv(struct composite_context *c, struct libnet_c
|
||||
libnet functions */
|
||||
ctx->samr.connect_handle = s->connect_handle;
|
||||
ctx->samr.handle = s->domain_handle;
|
||||
ctx->samr.sid = talloc_steal(ctx, s->lookup.out.sid);
|
||||
ctx->samr.name = talloc_steal(ctx, s->domain_name.string);
|
||||
ctx->samr.access_mask = s->access_mask;
|
||||
}
|
||||
@@ -844,7 +845,10 @@ NTSTATUS libnet_DomainCloseSamr_recv(struct composite_context *c, struct libnet_
|
||||
/* domain policy handle closed successfully */
|
||||
|
||||
ZERO_STRUCT(ctx->samr.handle);
|
||||
talloc_free(ctx->samr.name);
|
||||
talloc_free(ctx->samr.sid);
|
||||
ctx->samr.name = NULL;
|
||||
ctx->samr.sid = NULL;
|
||||
|
||||
io->out.error_string = talloc_asprintf(mem_ctx, "Success");
|
||||
|
||||
|
||||
@@ -773,6 +773,9 @@ NTSTATUS libnet_UserInfo_recv(struct composite_context *c, TALLOC_CTX *mem_ctx,
|
||||
s = talloc_get_type(c->private_data, struct user_info_state);
|
||||
info = &s->userinfo.out.info.info21;
|
||||
|
||||
r->out.user_sid = dom_sid_add_rid(mem_ctx, s->ctx->samr.sid, info->rid);
|
||||
r->out.primary_group_sid = dom_sid_add_rid(mem_ctx, s->ctx->samr.sid, info->primary_gid);
|
||||
|
||||
/* string fields */
|
||||
r->out.account_name = talloc_steal(mem_ctx, info->account_name.string);
|
||||
r->out.full_name = talloc_steal(mem_ctx, info->full_name.string);
|
||||
|
||||
@@ -92,6 +92,8 @@ struct libnet_UserInfo {
|
||||
const char *domain_name;
|
||||
} in;
|
||||
struct {
|
||||
struct dom_sid *user_sid;
|
||||
struct dom_sid *primary_group_sid;
|
||||
const char *account_name;
|
||||
const char *full_name;
|
||||
const char *description;
|
||||
|
||||
@@ -34,7 +34,7 @@
|
||||
|
||||
static BOOL test_opendomain_samr(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
|
||||
struct policy_handle *handle, struct lsa_String *domname,
|
||||
uint32_t *access_mask)
|
||||
uint32_t *access_mask, struct dom_sid **sid)
|
||||
{
|
||||
NTSTATUS status;
|
||||
struct policy_handle h, domain_handle;
|
||||
@@ -69,7 +69,7 @@ static BOOL test_opendomain_samr(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
|
||||
|
||||
r3.in.connect_handle = &h;
|
||||
r3.in.access_mask = *access_mask;
|
||||
r3.in.sid = r2.out.sid;
|
||||
r3.in.sid = *sid = r2.out.sid;
|
||||
r3.out.domain_handle = &domain_handle;
|
||||
|
||||
printf("opening domain\n");
|
||||
@@ -320,6 +320,7 @@ BOOL torture_domain_close_samr(struct torture_context *torture)
|
||||
struct policy_handle h;
|
||||
struct dcerpc_pipe *p;
|
||||
struct libnet_DomainClose r;
|
||||
struct dom_sid *sid;
|
||||
|
||||
bindstr = torture_setting_string(torture, "binding", NULL);
|
||||
status = dcerpc_parse_binding(torture, bindstr, &binding);
|
||||
@@ -347,18 +348,19 @@ BOOL torture_domain_close_samr(struct torture_context *torture)
|
||||
goto done;
|
||||
}
|
||||
|
||||
domain_name.string = lp_workgroup();
|
||||
domain_name.string = talloc_strdup(mem_ctx, lp_workgroup());
|
||||
|
||||
if (!test_opendomain_samr(p, torture, &h, &domain_name, &access_mask)) {
|
||||
if (!test_opendomain_samr(p, torture, &h, &domain_name, &access_mask, &sid)) {
|
||||
d_printf("failed to open domain on samr service\n");
|
||||
ret = False;
|
||||
goto done;
|
||||
}
|
||||
|
||||
ctx->samr.pipe = p;
|
||||
ctx->samr.name = domain_name.string;
|
||||
ctx->samr.name = talloc_steal(ctx, domain_name.string);
|
||||
ctx->samr.access_mask = access_mask;
|
||||
ctx->samr.handle = h;
|
||||
ctx->samr.sid = talloc_steal(ctx, sid);
|
||||
/* we have to use pipe's event context, otherwise the call will
|
||||
hang indefinitely - this wouldn't be the case if pipe was opened
|
||||
by means of libnet call */
|
||||
|
||||
@@ -396,6 +396,7 @@ static void init_domain_recv_samr(struct composite_context *ctx)
|
||||
talloc_steal(state->domain->libnet_ctx->samr.pipe, state->domain->samr_binding);
|
||||
state->domain->libnet_ctx->samr.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
|
||||
state->domain->libnet_ctx->samr.name = state->domain->info->name;
|
||||
state->domain->libnet_ctx->samr.sid = state->domain->info->sid;
|
||||
|
||||
state->domain->ldap_conn =
|
||||
ldap4_new_connection(state->domain, state->ctx->event_ctx);
|
||||
|
||||
Reference in New Issue
Block a user