1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00

Port of lsa_lookup_sids() and lsa_lookup_names() rpc client functions from

TNG branch.

Re-instated lsa_lookup_sids and lsa_lookup_names functions in rpcclient.

This requires most samba binaries to link in another handful of object
files due to uncessary coupling between modules.  )-:
(This used to be commit 817819d0cc)
This commit is contained in:
Tim Potter 2000-12-08 03:34:00 +00:00
parent cf9443677d
commit 3478427f2e
9 changed files with 733 additions and 222 deletions

View File

@ -154,7 +154,11 @@ RPC_CLIENT_OBJ = \
rpc_client/cli_srvsvc.o \
rpc_client/cli_samr.o \
rpc_client/cli_reg.o \
rpc_client/cli_spoolss_notify.o
rpc_client/cli_spoolss_notify.o \
rpc_client/cli_connect.o \
rpc_client/cli_use.o \
rpc_client/ncacn_np_use.o \
lib/util_list.o
LOCKING_OBJ = locking/locking.o locking/brlock.o locking/posix.o
@ -250,12 +254,10 @@ PDBEDIT_OBJ = utils/pdbedit.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(PASSDB_OBJ) \
$(UBIQX_OBJ) $(LIB_OBJ)
RPCCLIENT_OBJ1 = rpcclient/rpcclient.o \
lib/cmd_interp.o lib/util_list.o \
lib/cmd_interp.o \
lib/msrpc-client.o \
rpc_client/cli_connect.o \
rpc_client/cli_use.o \
rpc_client/ncacn_np_use.o \
rpcclient/spoolss_cmds.o rpcclient/cmd_spoolss.o \
rpcclient/cmd_lsarpc.o \
rpcclient/display_spool.o rpcclient/display_sec.o \
rpc_client/msrpc_spoolss.o rpc_client/cli_spoolss.o

View File

@ -863,7 +863,7 @@ int name_len(char *s1);
/*The following definitions come from libsmb/nterr.c */
BOOL get_safe_nt_error_msg(uint32 nt_code,char *msg, size_t len);
const char *get_nt_error_msg(uint32 nt_code);
char *get_nt_error_msg(uint32 nt_code);
/*The following definitions come from libsmb/passchange.c */
@ -1934,6 +1934,13 @@ BOOL do_lsa_query_info_pol(struct cli_state *cli,
fstring domain_name, DOM_SID *domain_sid);
BOOL do_lsa_close(struct cli_state *cli, POLICY_HND *hnd);
BOOL cli_lsa_get_domain_sid(struct cli_state *cli, char *server);
uint32 lsa_open_policy(const char *system_name, POLICY_HND *hnd,
BOOL sec_qos, uint32 des_access);
uint32 lsa_close(POLICY_HND *hnd);
uint32 lsa_lookup_sids(POLICY_HND *hnd, int num_sids, DOM_SID *sids,
char ***names, uint32 **types, int *num_names);
uint32 lsa_lookup_names(POLICY_HND *hnd, int num_names, char **names,
DOM_SID **sids, uint32 **types, int *num_sids);
/*The following definitions come from rpc_client/cli_netlogon.c */
@ -2266,7 +2273,8 @@ void init_q_open_pol(LSA_Q_OPEN_POL *r_q, uint16 system_name,
uint32 attributes,
uint32 desired_access,
LSA_SEC_QOS *qos);
BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, int depth);
BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps,
int depth);
BOOL lsa_io_r_open_pol(char *desc, LSA_R_OPEN_POL *r_p, prs_struct *ps, int depth);
void init_q_open_pol2(LSA_Q_OPEN_POL2 *r_q, char *server_name,
uint32 attributes,
@ -2285,14 +2293,14 @@ void init_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM *r_e,
uint32 status);
BOOL lsa_io_r_enum_trust_dom(char *desc, LSA_R_ENUM_TRUST_DOM *r_e, prs_struct *ps, int depth);
BOOL lsa_io_r_query(char *desc, LSA_R_QUERY_INFO *r_q, prs_struct *ps, int depth);
void init_lsa_sid_enum(LSA_SID_ENUM *sen, int num_entries, DOM_SID **sids);
void init_lsa_sid_enum(LSA_SID_ENUM *sen, int num_entries, DOM_SID *sids);
void init_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd,
int num_sids, DOM_SID **sids,
uint16 level);
BOOL lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, prs_struct *ps, int depth);
int num_sids, DOM_SID *sids, uint16 level);
BOOL lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s,
prs_struct *ps, int depth);
BOOL lsa_io_r_lookup_sids(char *desc, LSA_R_LOOKUP_SIDS *r_s, prs_struct *ps, int depth);
void init_q_lookup_names(LSA_Q_LOOKUP_NAMES *q_l, POLICY_HND *hnd,
int num_names, char **names);
int num_names, char **names);
BOOL lsa_io_q_lookup_names(char *desc, LSA_Q_LOOKUP_NAMES *q_r, prs_struct *ps, int depth);
BOOL lsa_io_r_lookup_names(char *desc, LSA_R_LOOKUP_NAMES *r_r, prs_struct *ps, int depth);
void init_lsa_q_close(LSA_Q_CLOSE *q_c, POLICY_HND *hnd);
@ -3338,6 +3346,12 @@ uint32 lookup_user_rid(char *user_name, uint32 *rid);
BOOL api_wkssvc_rpc(pipes_struct *p);
#endif
/*The following definitions come from rpcclient/cmd_lsarpc.c */
uint32 cmd_lsa_lookup_sids(struct client_info *info, int argc, char *argv[]);
uint32 cmd_lsa_lookup_names(struct client_info *info, int argc, char *argv[]);
void add_lsa_commands(void);
/*The following definitions come from rpcclient/cmd_spoolss.c */
uint32 cmd_spoolss_enum_printers(struct client_info *info, int argc, char *argv[]);

View File

@ -3,6 +3,35 @@
/* This file is automatically generated with "make proto". DO NOT EDIT */
/*The following definitions come from lib/util_list.c */
BOOL copy_policy_hnd (POLICY_HND *dest, const POLICY_HND *src);
BOOL compare_rpc_hnd_node(const RPC_HND_NODE *x,
const RPC_HND_NODE *y);
BOOL RpcHndList_set_connection(const POLICY_HND *hnd,
struct cli_connection *con);
BOOL RpcHndList_del_connection(const POLICY_HND *hnd);
struct cli_connection* RpcHndList_get_connection(const POLICY_HND *hnd);
/*The following definitions come from rpc_client/cli_connect.c */
void init_connections(void);
void free_connections(void);
void cli_connection_free(struct cli_connection *con);
void cli_connection_unlink(struct cli_connection *con);
BOOL cli_connection_init(const char *srv_name, char *pipe_name,
struct cli_connection **con);
BOOL cli_connection_init_auth(const char *srv_name, char *pipe_name,
struct cli_connection **con,
cli_auth_fns * auth, void *auth_creds);
struct _cli_auth_fns *cli_conn_get_authfns(struct cli_connection *con);
void *cli_conn_get_auth_creds(struct cli_connection *con);
BOOL rpc_hnd_pipe_req(const POLICY_HND * hnd, uint8 op_num,
prs_struct * data, prs_struct * rdata);
BOOL rpc_con_pipe_req(struct cli_connection *con, uint8 op_num,
prs_struct * data, prs_struct * rdata);
BOOL rpc_con_ok(struct cli_connection *con);
/*The following definitions come from rpc_client/cli_login.c */
BOOL cli_nt_setup_creds(struct cli_state *cli, unsigned char mach_pwd[16]);
@ -32,6 +61,13 @@ BOOL do_lsa_query_info_pol(struct cli_state *cli,
fstring domain_name, DOM_SID *domain_sid);
BOOL do_lsa_close(struct cli_state *cli, POLICY_HND *hnd);
BOOL cli_lsa_get_domain_sid(struct cli_state *cli, char *server);
uint32 lsa_open_policy(const char *system_name, POLICY_HND *hnd,
BOOL sec_qos, uint32 des_access);
uint32 lsa_close(POLICY_HND *hnd);
uint32 lsa_lookup_sids(POLICY_HND *hnd, int num_sids, DOM_SID *sids,
char ***names, uint32 **types, int *num_names);
uint32 lsa_lookup_names(POLICY_HND *hnd, int num_names, char **names,
DOM_SID **sids, uint32 **types, int *num_sids);
/*The following definitions come from rpc_client/cli_netlogon.c */
@ -171,9 +207,35 @@ BOOL do_srv_net_srv_file_enum(struct cli_state *cli,
BOOL do_srv_net_srv_get_info(struct cli_state *cli,
char *server_name, uint32 switch_value, SRV_INFO_CTR *ctr);
/*The following definitions come from rpc_client/cli_use.c */
void init_cli_use(void);
void free_cli_use(void);
struct cli_state *cli_net_use_add(const char *srv_name,
const struct ntuser_creds *usr_creds,
BOOL reuse, BOOL *is_new);
BOOL cli_net_use_del(const char *srv_name,
const struct ntuser_creds *usr_creds,
BOOL force_close, BOOL *connection_closed);
void cli_net_use_enum(uint32 *num_cons, struct use_info ***use);
void cli_use_wait_keyboard(void);
/*The following definitions come from rpc_client/cli_wkssvc.c */
BOOL do_wks_query_info(struct cli_state *cli,
char *server_name, uint32 switch_value,
WKS_INFO_100 *wks100);
/*The following definitions come from rpc_client/ncacn_np_use.c */
BOOL ncacn_np_use_del(const char *srv_name, const char *pipe_name,
const vuser_key * key,
BOOL force_close, BOOL *connection_closed);
struct ncacn_np *ncacn_np_initialise(struct ncacn_np *msrpc,
const vuser_key * key);
struct ncacn_np *ncacn_np_use_add(const char *pipe_name,
const vuser_key * key,
const char *srv_name,
const struct ntuser_creds *ntc,
BOOL reuse, BOOL *is_new_connection);
#endif /* _PROTO_H_ */

View File

@ -96,7 +96,7 @@ typedef struct obj_attr_info
typedef struct lsa_q_open_pol_info
{
uint32 ptr; /* undocumented buffer pointer */
uint16 system_name; /* 0x5c - system name */
uint16 system_name; /* system name BUG!!! (should be \\server!) */
LSA_OBJ_ATTR attr ; /* object attributes */
uint32 des_access; /* desired access attributes */

View File

@ -1,4 +1,3 @@
/*
* Unix SMB/Netbios implementation.
* Version 1.9.
@ -23,16 +22,10 @@
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#ifdef SYSLOG
#undef SYSLOG
#endif
#include "includes.h"
extern int DEBUGLEVEL;
/****************************************************************************
do a LSA Open Policy
****************************************************************************/
@ -402,3 +395,414 @@ BOOL cli_lsa_get_domain_sid(struct cli_state *cli, char *server)
return res3;
}
/****************************************************************************
do a LSA Open Policy
****************************************************************************/
uint32 lsa_open_policy(const char *system_name, POLICY_HND *hnd,
BOOL sec_qos, uint32 des_access)
{
prs_struct rbuf;
prs_struct buf;
LSA_Q_OPEN_POL q_o;
LSA_SEC_QOS qos;
struct cli_connection *con = NULL;
uint32 result;
if (!cli_connection_init(system_name, PIPE_LSARPC, &con)) {
return NT_STATUS_UNSUCCESSFUL;
}
if (hnd == NULL) return NT_STATUS_UNSUCCESSFUL;
prs_init(&buf, MAX_PDU_FRAG_LEN, 4, NULL, False);
prs_init(&rbuf, 0, 4, NULL, True);
/* create and send a MSRPC command with api LSA_OPENPOLICY */
DEBUG(4, ("LSA Open Policy\n"));
/* store the parameters */
if (sec_qos) {
init_lsa_sec_qos(&qos, 2, 1, 0, des_access);
init_q_open_pol(&q_o, '\\', 0, des_access, &qos);
} else {
init_q_open_pol(&q_o, '\\', 0, des_access, NULL);
}
/* turn parameters into data stream */
if (lsa_io_q_open_pol("", &q_o, &buf, 0) &&
rpc_con_pipe_req(con, LSA_OPENPOLICY, &buf, &rbuf)) {
LSA_R_OPEN_POL r_o;
BOOL p;
lsa_io_r_open_pol("", &r_o, &rbuf, 0);
p = rbuf.data_offset != 0;
result = r_o.status;
if (p && r_o.status != 0) {
/* report error code */
DEBUG(0,
("LSA_OPENPOLICY: %s\n",
get_nt_error_msg(r_o.status)));
p = False;
}
if (p) {
/* Return the policy handle */
*hnd = r_o.pol;
if (!RpcHndList_set_connection(hnd, con)) {
result = NT_STATUS_NO_MEMORY;
}
}
}
prs_mem_free(&rbuf);
prs_mem_free(&buf);
return result;
}
/****************************************************************************
do a LSA Close
****************************************************************************/
uint32 lsa_close(POLICY_HND *hnd)
{
prs_struct rbuf;
prs_struct buf;
LSA_Q_CLOSE q_c;
uint32 result;
if (hnd == NULL) return False;
/* Create and send a MSRPC command with api LSA_OPENPOLICY */
prs_init(&buf, MAX_PDU_FRAG_LEN, 4, NULL, False);
prs_init(&rbuf, 0, 4, NULL, True);
DEBUG(4, ("LSA Close\n"));
/* Store the parameters */
init_lsa_q_close(&q_c, hnd);
/* Turn parameters into data stream */
if (lsa_io_q_close("", &q_c, &buf, 0) &&
rpc_hnd_pipe_req(hnd, LSA_CLOSE, &buf, &rbuf)) {
LSA_R_CLOSE r_c;
BOOL p;
lsa_io_r_close("", &r_c, &rbuf, 0);
p = rbuf.data_offset != 0;
result = r_c.status;
if (p && r_c.status != 0) {
/* Report error code */
DEBUG(0, ("LSA_CLOSE: %s\n",
get_nt_error_msg(r_c.status)));
p = False;
}
}
prs_mem_free(&rbuf);
prs_mem_free(&buf);
return result;
}
/****************************************************************************
do a LSA Lookup SIDs
****************************************************************************/
uint32 lsa_lookup_sids(POLICY_HND *hnd, int num_sids, DOM_SID *sids,
char ***names, uint32 **types, int *num_names)
{
prs_struct rbuf;
prs_struct buf;
LSA_Q_LOOKUP_SIDS q_l;
TALLOC_CTX *ctx = talloc_init();
uint32 result;
ZERO_STRUCT(q_l);
if (hnd == NULL || num_sids == 0 || sids == NULL) return False;
if (num_names != NULL) {
*num_names = 0;
}
if (types != NULL) {
*types = NULL;
}
if (names != NULL) {
*names = NULL;
}
prs_init(&buf, MAX_PDU_FRAG_LEN, 4, ctx, False);
prs_init(&rbuf, 0, 4, ctx, True);
/* Create and send a MSRPC command with api LSA_LOOKUP_SIDS */
DEBUG(4, ("LSA Lookup SIDs\n"));
/* Store the parameters */
init_q_lookup_sids(&q_l, hnd, num_sids, sids, 1);
/* turn parameters into data stream */
if (lsa_io_q_lookup_sids("", &q_l, &buf, 0) &&
rpc_hnd_pipe_req(hnd, LSA_LOOKUPSIDS, &buf, &rbuf)) {
LSA_R_LOOKUP_SIDS r_l;
DOM_R_REF ref;
LSA_TRANS_NAME_ENUM t_names;
BOOL p, valid_response;
r_l.dom_ref = &ref;
r_l.names = &t_names;
lsa_io_r_lookup_sids("", &r_l, &rbuf, 0);
p = rbuf.data_offset != 0;
result = r_l.status;
if (p && r_l.status != 0 &&
r_l.status != 0x107 &&
r_l.status != (0xC0000000 | NT_STATUS_NONE_MAPPED)) {
/* Report error code */
DEBUG(1, ("LSA_LOOKUP_SIDS: %s\n",
get_nt_error_msg(r_l.status)));
return r_l.status;
}
result = NT_STATUS_NOPROBLEMO;
if (p) {
if (t_names.ptr_trans_names != 0
&& r_l.ptr_dom_ref != 0) {
valid_response = True;
}
}
if (num_names != NULL && valid_response) {
(*num_names) = t_names.num_entries;
}
if (valid_response) {
uint32 i;
for (i = 0; i < t_names.num_entries; i++) {
if ((t_names.name[i].domain_idx >=
ref.num_ref_doms_1)
&& (t_names.name[i].domain_idx !=
0xffffffff)) {
DEBUG(0,
("LSA_LOOKUP_SIDS: domain index out of bounds\n"));
valid_response = False;
break;
}
}
}
if (types != NULL && valid_response && (*num_names) != 0) {
(*types) = (uint32 *) malloc((*num_names) *
sizeof(uint32));
}
if (names != NULL && valid_response && (*num_names) != 0) {
(*names) = (char **)malloc((*num_names) *
sizeof(char *));
}
if (names != NULL && (*names) != NULL) {
int i;
/* Take each name, construct a \DOMAIN\name string */
for (i = 0; i < (*num_names); i++) {
fstring name;
fstring dom_name;
fstring full_name;
uint32 dom_idx = t_names.name[i].domain_idx;
if (dom_idx != 0xffffffff) {
unistr2_to_ascii(dom_name,
&ref.
ref_dom[dom_idx].
uni_dom_name,
sizeof(dom_name) -
1);
unistr2_to_ascii(name,
&t_names.uni_name[i],
sizeof(name) - 1);
memset(full_name, 0,
sizeof(full_name));
slprintf(full_name,
sizeof(full_name) - 1,
"%s\\%s", dom_name, name);
(*names)[i] = strdup(full_name);
if (types != NULL &&
(*types) != NULL) {
(*types)[i] = t_names.name[i].sid_name_use;
}
} else {
(*names)[i] = NULL;
if (types != NULL &&
(*types) != NULL) {
(*types)[i] = SID_NAME_UNKNOWN;
}
}
}
}
}
prs_mem_free(&rbuf);
prs_mem_free(&buf);
return result;
}
/****************************************************************************
do a LSA Lookup Names
****************************************************************************/
uint32 lsa_lookup_names(POLICY_HND *hnd, int num_names, char **names,
DOM_SID **sids, uint32 **types, int *num_sids)
{
prs_struct rbuf;
prs_struct buf;
LSA_Q_LOOKUP_NAMES q_l;
BOOL valid_response = False;
TALLOC_CTX *ctx = talloc_init();
uint32 result;
if (hnd == NULL || num_sids == 0 || sids == NULL) return False;
prs_init(&buf, MAX_PDU_FRAG_LEN, 4, ctx, False);
prs_init(&rbuf, 0, 4, ctx, True);
/* create and send a MSRPC command with api LSA_LOOKUP_NAMES */
DEBUG(4, ("LSA Lookup NAMEs\n"));
/* store the parameters */
init_q_lookup_names(&q_l, hnd, num_names, names);
/* turn parameters into data stream */
if (lsa_io_q_lookup_names("", &q_l, &buf, 0) &&
rpc_hnd_pipe_req(hnd, LSA_LOOKUPNAMES, &buf, &rbuf)) {
LSA_R_LOOKUP_NAMES r_l;
DOM_R_REF ref;
DOM_RID2 t_rids[MAX_LOOKUP_SIDS];
BOOL p;
ZERO_STRUCT(ref);
ZERO_STRUCT(t_rids);
r_l.dom_ref = &ref;
r_l.dom_rid = t_rids;
lsa_io_r_lookup_names("", &r_l, &rbuf, 0);
p = rbuf.data_offset != 0;
if (p && r_l.status != 0) {
/* report error code */
DEBUG(1,
("LSA_LOOKUP_NAMES: %s\n",
get_nt_error_msg(r_l.status)));
p = False;
return r_l.status;
}
result = r_l.status;
if (p) {
if (r_l.ptr_dom_ref != 0 && r_l.ptr_entries != 0) {
valid_response = True;
}
}
if (num_sids != NULL && valid_response) {
(*num_sids) = r_l.num_entries;
}
if (valid_response) {
uint32 i;
for (i = 0; i < r_l.num_entries; i++) {
if (t_rids[i].rid_idx >= ref.num_ref_doms_1 &&
t_rids[i].rid_idx != 0xffffffff) {
DEBUG(0,
("LSA_LOOKUP_NAMES: domain index %d out of bounds\n",
t_rids[i].rid_idx));
valid_response = False;
break;
}
}
}
if (types != NULL && valid_response && r_l.num_entries != 0) {
(*types) = (uint32 *) malloc((*num_sids) *
sizeof(uint32));
}
if (sids != NULL && valid_response && r_l.num_entries != 0) {
(*sids) = (DOM_SID *) malloc((*num_sids) *
sizeof(DOM_SID));
}
if (sids != NULL && (*sids) != NULL) {
int i;
/* Take each name, construct a SID */
for (i = 0; i < (*num_sids); i++) {
uint32 dom_idx = t_rids[i].rid_idx;
uint32 dom_rid = t_rids[i].rid;
DOM_SID *sid = &(*sids)[i];
if (dom_idx != 0xffffffff) {
sid_copy(sid,
&ref.ref_dom[dom_idx].
ref_dom.sid);
if (dom_rid != 0xffffffff) {
sid_append_rid(sid, dom_rid);
}
if (types != NULL &&
(*types) != NULL) {
(*types)[i] = t_rids[i].type;
}
} else {
ZERO_STRUCTP(sid);
if (types != NULL &&
(*types) != NULL) {
(*types)[i] = SID_NAME_UNKNOWN;
}
}
}
}
}
prs_mem_free(&rbuf);
prs_mem_free(&buf);
return result;
}

View File

@ -147,7 +147,7 @@ static BOOL lsa_io_dom_r_ref(char *desc, DOM_R_REF *r_r, prs_struct *ps, int dep
void init_lsa_sec_qos(LSA_SEC_QOS *qos, uint16 imp_lev, uint8 ctxt, uint8 eff,
uint32 unknown)
{
DEBUG(5,("init_lsa_sec_qos\n"));
DEBUG(5, ("init_lsa_sec_qos\n"));
qos->len = 0x0c; /* length of quality of service block, in bytes */
qos->sec_imp_level = imp_lev;
@ -205,7 +205,7 @@ static BOOL lsa_io_sec_qos(char *desc, LSA_SEC_QOS *qos, prs_struct *ps, int de
void init_lsa_obj_attr(LSA_OBJ_ATTR *attr, uint32 attributes, LSA_SEC_QOS *qos)
{
DEBUG(5,("make_lsa_obj_attr\n"));
DEBUG(5, ("init_lsa_obj_attr\n"));
attr->len = 0x18; /* length of object attribute block, in bytes */
attr->ptr_root_dir = 0;
@ -281,7 +281,8 @@ void init_q_open_pol(LSA_Q_OPEN_POL *r_q, uint16 system_name,
uint32 desired_access,
LSA_SEC_QOS *qos)
{
DEBUG(5,("make_open_pol: attr:%d da:%d\n", attributes, desired_access));
DEBUG(5, ("init_open_pol: attr:%d da:%d\n", attributes,
desired_access));
r_q->ptr = 1; /* undocumented pointer */
@ -296,10 +297,10 @@ void init_q_open_pol(LSA_Q_OPEN_POL *r_q, uint16 system_name,
Reads or writes an LSA_Q_OPEN_POL structure.
********************************************************************/
BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, int depth)
BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps,
int depth)
{
if (r_q == NULL)
return False;
if (r_q == NULL) return False;
prs_debug(ps, depth, desc, "lsa_io_q_open_pol");
depth++;
@ -308,7 +309,7 @@ BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, int dept
return False;
if(!prs_uint16("system_name", ps, depth, &r_q->system_name))
return False;
if(!prs_align( ps ))
if(!prs_align(ps))
return False;
if(!lsa_io_obj_attr("", &r_q->attr, ps, depth))
@ -352,7 +353,8 @@ void init_q_open_pol2(LSA_Q_OPEN_POL2 *r_q, char *server_name,
uint32 desired_access,
LSA_SEC_QOS *qos)
{
DEBUG(5,("make_open_pol2: attr:%d da:%d\n", attributes, desired_access));
DEBUG(5, ("init_open_pol2: attr:%d da:%d\n", attributes,
desired_access));
r_q->ptr = 1; /* undocumented pointer */
@ -484,7 +486,7 @@ BOOL lsa_io_r_query_sec_obj(char *desc, LSA_R_QUERY_SEC_OBJ *r_u, prs_struct *ps
void init_q_query(LSA_Q_QUERY_INFO *q_q, POLICY_HND *hnd, uint16 info_class)
{
DEBUG(5,("make_q_query\n"));
DEBUG(5, ("init_q_query\n"));
memcpy(&q_q->pol, hnd, sizeof(q_q->pol));
@ -544,7 +546,7 @@ void init_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM *r_e,
uint32 enum_context, char *domain_name, DOM_SID *domain_sid,
uint32 status)
{
DEBUG(5,("make_r_enum_trust_dom\n"));
DEBUG(5, ("init_r_enum_trust_dom\n"));
r_e->enum_context = enum_context;
@ -646,26 +648,21 @@ BOOL lsa_io_r_query(char *desc, LSA_R_QUERY_INFO *r_q, prs_struct *ps, int depth
Inits a LSA_SID_ENUM structure.
********************************************************************/
void init_lsa_sid_enum(LSA_SID_ENUM *sen, int num_entries, DOM_SID **sids)
void init_lsa_sid_enum(LSA_SID_ENUM *sen, int num_entries, DOM_SID *sids)
{
int i, i2;
int i;
DEBUG(5,("make_lsa_sid_enum\n"));
DEBUG(5, ("init_lsa_sid_enum\n"));
sen->num_entries = num_entries;
sen->ptr_sid_enum = (num_entries != 0) ? 1 : 0;
sen->ptr_sid_enum = num_entries != 0;
sen->num_entries2 = num_entries;
SMB_ASSERT_ARRAY(sen->sid, sen->num_entries);
for (i = 0, i2 = 0; i < num_entries; i++) {
if (sids[i] != NULL) {
sen->ptr_sid[i] = 1;
init_dom_sid2(&sen->sid[i2], sids[i]);
i2++;
} else {
sen->ptr_sid[i] = 0;
}
for (i = 0; i < num_entries; i++) {
sen->ptr_sid[i] = 1;
init_dom_sid2(&sen->sid[i], &sids[i]);
}
}
@ -720,12 +717,12 @@ static BOOL lsa_io_sid_enum(char *desc, LSA_SID_ENUM *sen,
********************************************************************/
void init_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd,
int num_sids, DOM_SID **sids,
uint16 level)
int num_sids, DOM_SID *sids, uint16 level)
{
DEBUG(5,("make_r_enum_trust_dom\n"));
DEBUG(5, ("init_q_lookup_sids\n"));
q_l->pol = *hnd;
memcpy(&q_l->pol, hnd, sizeof(q_l->pol));
init_lsa_sid_enum(&q_l->sids, num_sids, sids);
q_l->names.num_entries = 0;
@ -739,7 +736,8 @@ void init_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd,
Reads or writes a LSA_Q_LOOKUP_SIDS structure.
********************************************************************/
BOOL lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, prs_struct *ps, int depth)
BOOL lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s,
prs_struct *ps, int depth)
{
if (q_s == NULL)
return False;
@ -857,22 +855,22 @@ makes a structure.
********************************************************************/
void init_q_lookup_names(LSA_Q_LOOKUP_NAMES *q_l, POLICY_HND *hnd,
int num_names, char **names)
int num_names, char **names)
{
int i;
DEBUG(5,("init_q_lookup_names\n"));
memcpy(&q_l->pol, hnd, sizeof(q_l->pol));
q_l->pol = *hnd;
q_l->num_entries = num_names;
q_l->num_entries2 = num_names;
SMB_ASSERT_ARRAY(q_l->uni_name, q_l->num_entries);
for (i = 0; i < num_names; i++) {
char* name = names[i];
int len = strlen(name)+1;
char *name = names[i];
int len = strlen(name);
init_uni_hdr(&q_l->hdr_name[i], len);
init_unistr2(&q_l->uni_name[i], name, len);
}
@ -993,7 +991,7 @@ BOOL lsa_io_r_lookup_names(char *desc, LSA_R_LOOKUP_NAMES *r_r, prs_struct *ps,
void init_lsa_q_close(LSA_Q_CLOSE *q_c, POLICY_HND *hnd)
{
DEBUG(5,("make_lsa_q_close\n"));
DEBUG(5, ("init_lsa_q_close\n"));
memcpy(&q_c->pol, hnd, sizeof(q_c->pol));
}

View File

@ -321,7 +321,7 @@ void init_uni_hdr(UNIHDR *hdr, int len)
{
hdr->uni_str_len = 2 * len;
hdr->uni_max_len = 2 * len;
hdr->buffer = len != 0 ? 1 : 0;
hdr->buffer = len != 0;
}
/*******************************************************************
@ -867,7 +867,8 @@ void init_unistr2(UNISTR2 *str, const char *buf, size_t len)
{
ZERO_STRUCTP(str);
/* set up string lengths. */
/* Set up string lengths. */
str->uni_max_len = (uint32)len;
str->undoc = 0;
str->uni_str_len = (uint32)len;
@ -880,8 +881,7 @@ void init_unistr2(UNISTR2 *str, const char *buf, size_t len)
len *= sizeof(uint16);
str->buffer = (uint16 *)talloc(parse_misc_talloc, len);
if ((str->buffer == NULL) && (len > 0))
{
if ((str->buffer == NULL) && (len > 0)) {
smb_panic("init_unistr2: malloc fail\n");
return;
}

View File

@ -20,198 +20,229 @@
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#ifdef SYSLOG
#undef SYSLOG
#endif
#include "includes.h"
extern int DEBUGLEVEL;
extern FILE *out_hnd;
#define DEBUG_TESTING
/* Convert SID_NAME_USE values to strings */
extern struct cli_state *smb_cli;
extern int smb_tidx;
struct sid_name {
enum SID_NAME_USE name_type;
char *name;
} sid_name_type_str[] = {
{ SID_NAME_UNKNOWN, "UNKNOWN" },
{ SID_NAME_USER, "User" },
{ SID_NAME_DOM_GRP, "Domain Group" },
{ SID_NAME_DOMAIN, "Domain" },
{ SID_NAME_ALIAS, "Local Group"} ,
{ SID_NAME_WKN_GRP, "Well-known Group" },
{ SID_NAME_DELETED, "Deleted" },
{ SID_NAME_INVALID, "Invalid" },
{ 0, NULL }
};
extern FILE* out_hnd;
/****************************************************************************
nt lsa query
****************************************************************************/
void cmd_lsa_query_info(struct client_info *info)
static char *get_sid_name_type_str(enum SID_NAME_USE name_type)
{
fstring srv_name;
int i = 0;
BOOL res = True;
fstrcpy(info->dom.level3_dom, "");
fstrcpy(info->dom.level5_dom, "");
ZERO_STRUCT(info->dom.level3_sid);
ZERO_STRUCT(info->dom.level5_sid);
fstrcpy(srv_name, "\\\\");
fstrcat(srv_name, info->myhostname);
strupper(srv_name);
DEBUG(4,("cmd_lsa_query_info: server:%s\n", srv_name));
DEBUG(5, ("cmd_lsa_query_info: smb_cli->fd:%d\n", smb_cli->fd));
/* open LSARPC session. */
res = res ? cli_nt_session_open(smb_cli, PIPE_LSARPC) : False;
/* lookup domain controller; receive a policy handle */
res = res ? do_lsa_open_policy(smb_cli,
srv_name,
&info->dom.lsa_info_pol, False) : False;
/* send client info query, level 3. receive domain name and sid */
res = res ? do_lsa_query_info_pol(smb_cli,
&info->dom.lsa_info_pol, 0x03,
info->dom.level3_dom,
&info->dom.level3_sid) : False;
/* send client info query, level 5. receive domain name and sid */
res = res ? do_lsa_query_info_pol(smb_cli,
&info->dom.lsa_info_pol, 0x05,
info->dom.level5_dom,
&info->dom.level5_sid) : False;
res = res ? do_lsa_close(smb_cli, &info->dom.lsa_info_pol) : False;
/* close the session */
cli_nt_session_close(smb_cli);
if (res)
{
BOOL domain_something = False;
fstring sid;
DEBUG(5,("cmd_lsa_query_info: query succeeded\n"));
fprintf(out_hnd, "LSA Query Info Policy\n");
if (info->dom.level3_dom[0] != 0)
{
sid_to_string(sid, &info->dom.level3_sid);
fprintf(out_hnd, "Domain Member - Domain: %s SID: %s\n",
info->dom.level3_dom, sid);
domain_something = True;
}
if (info->dom.level5_dom[0] != 0)
{
sid_to_string(sid, &info->dom.level5_sid);
fprintf(out_hnd, "Domain Controller - Domain: %s SID: %s\n",
info->dom.level5_dom, sid);
domain_something = True;
}
if (!domain_something)
{
fprintf(out_hnd, "%s is not a Domain Member or Controller\n",
info->dest_host);
while(sid_name_type_str[i].name) {
if (name_type == sid_name_type_str[i].name_type) {
return sid_name_type_str[i].name;
}
i++;
}
else
{
DEBUG(5,("cmd_lsa_query_info: query failed\n"));
}
return NULL;
}
/****************************************************************************
nt lsa query
****************************************************************************/
void cmd_lsa_lookup_sids(struct client_info *info)
{
fstring temp;
int i;
fstring sid_name;
fstring srv_name;
DOM_SID sid[10];
DOM_SID *sids[10];
int num_sids = 0;
char **names = NULL;
int num_names = 0;
/* Look up a list of sids */
BOOL res = True;
uint32 cmd_lsa_lookup_sids(struct client_info *info, int argc, char *argv[])
{
POLICY_HND lsa_pol;
fstring srv_name;
char **names;
DOM_SID *sids;
int num_sids = 0, num_names, i;
uint32 *types, result;
/* Check command arguments */
if (argc == 1) {
fprintf(out_hnd, "lsa_lookupsids sid1 [sid2...]\n");
return NT_STATUS_INVALID_PARAMETER;
}
sids = (DOM_SID *)malloc((argc - 1) * sizeof(DOM_SID));
for (i = 1; i < argc; i++) {
if (string_to_sid(&sids[num_sids], argv[i])) {
num_sids++;
} else {
fprintf(out_hnd, "could not parse sid %s\n", argv[i]);
}
}
fstrcpy(srv_name, "\\\\");
fstrcat(srv_name, info->myhostname);
fstrcat(srv_name, info->dest_host);
strupper(srv_name);
DEBUG(4,("cmd_lsa_lookup_sids: server: %s\n", srv_name));
/* Lookup domain controller; receive a policy handle */
while (num_sids < 10 && next_token(NULL, temp, NULL, sizeof(temp)))
{
if (strnequal("S-", temp, 2))
{
fstrcpy(sid_name, temp);
}
else
{
sid_to_string(sid_name, &info->dom.level5_sid);
result = lsa_open_policy(srv_name, &lsa_pol, True,
SEC_RIGHTS_MAXIMUM_ALLOWED);
if (sid_name[0] == 0)
{
fprintf(out_hnd, "please use lsaquery first or specify a complete SID\n");
return;
}
fstrcat(sid_name, "-");
fstrcat(sid_name, temp);
}
init_dom_sid(&sid[num_sids], sid_name);
sids[num_sids] = &sid[num_sids];
num_sids++;
if (result != 0) {
report(out_hnd, "open policy failed: %s\n",
get_nt_error_msg(result));
return result;
}
if (num_sids == 0)
{
fprintf(out_hnd, "lookupsid RID or SID\n");
return;
/* Send lsa lookup sids call */
result = lsa_lookup_sids(&lsa_pol, num_sids, sids, &names,
&types, &num_names);
if (result != 0) {
report(out_hnd, "lookup names failed: %s\n",
get_nt_error_msg(result));
return result;
}
/* open LSARPC session. */
res = res ? cli_nt_session_open(smb_cli, PIPE_LSARPC) : False;
result = lsa_close(&lsa_pol);
/* lookup domain controller; receive a policy handle */
res = res ? do_lsa_open_policy(smb_cli,
srv_name,
&info->dom.lsa_info_pol, True) : False;
/* send lsa lookup sids call */
res = res ? do_lsa_lookup_sids(smb_cli,
&info->dom.lsa_info_pol,
num_sids, sids,
&names, &num_names) : False;
res = res ? do_lsa_close(smb_cli, &info->dom.lsa_info_pol) : False;
/* close the session */
cli_nt_session_close(smb_cli);
if (res)
{
DEBUG(5,("cmd_lsa_lookup_sids: query succeeded\n"));
if (result != 0) {
report(out_hnd, "lsa close failed: %s\n",
get_nt_error_msg(result));
return result;
}
else
{
DEBUG(5,("cmd_lsa_lookup_sids: query failed\n"));
}
if (names != NULL)
{
fprintf(out_hnd,"Lookup SIDS:\n");
for (i = 0; i < num_names; i++)
{
sid_to_string(temp, sids[i]);
fprintf(out_hnd, "SID: %s -> %s\n", temp, names[i]);
if (names[i] != NULL)
{
/* Print output */
if (names != NULL) {
report(out_hnd, "Lookup SIDS:\n");
for (i = 0; i < num_names; i++) {
fstring temp;
sid_to_string(temp, &sids[i]);
report(out_hnd, "SID: %s -> %s (%d: %s)\n",
temp, names[i] ? names[i] : "(null)",
types[i], get_sid_name_type_str(types[i]));
if (names[i] != NULL) {
free(names[i]);
}
}
free(names);
}
if (types) {
free(types);
}
return result;
}
/* Look up a list of names */
uint32 cmd_lsa_lookup_names(struct client_info *info, int argc, char *argv[])
{
POLICY_HND lsa_pol;
fstring srv_name;
int num_names, i, num_sids;
DOM_SID *sids;
char **names;
uint32 *types, result;
/* Check command arguments */
if (argc == 1) {
fprintf(out_hnd, "lsa_lookupnames name1 [name2...]\n");
return NT_STATUS_INVALID_PARAMETER;
}
names = (char **)malloc((argc - 1) * sizeof(char *));
num_names = argc - 1;
for (i = 1; i < argc; i++) {
names[i - 1] = argv[i];
}
fstrcpy(srv_name, "\\\\");
fstrcat(srv_name, info->dest_host);
strupper(srv_name);
/* Lookup domain controller; receive a policy handle */
result = lsa_open_policy(srv_name, &lsa_pol, True,
SEC_RIGHTS_MAXIMUM_ALLOWED);
if (result != 0) {
report(out_hnd, "open policy failed: %s\n",
get_nt_error_msg(result));
return result;
}
/* Send lsa lookup names call */
result = lsa_lookup_names(&lsa_pol, num_names, names, &sids,
&types, &num_sids);
if (result != 0) {
report(out_hnd, "lookup sids failed: %s\n",
get_nt_error_msg(result));
return result;
}
result = lsa_close(&lsa_pol);
if (result != 0) {
report(out_hnd, "lsa close failed: %s\n",
get_nt_error_msg(result));
return result;
}
/* Print output */
if (sids != NULL) {
fstring temp;
report(out_hnd, "Lookup Names:\n");
for (i = 0; i < num_sids; i++) {
sid_to_string(temp, &sids[i]);
report(out_hnd, "Name: %s -> %s (%d: %s)\n",
names[i], temp, types[i],
get_sid_name_type_str(types[i]));
#if 0
if (sids[i] != NULL) {
free(sids[i]);
}
#endif
}
free(sids);
}
return result;
}
/* rpcclient interface */
static const struct command_set lsa_commands[] = {
{ "LSARPC", NULL, NULL, {NULL, NULL} },
{ "lsa_lookup_sids", cmd_lsa_lookup_sids },
{ "lsa_lookup_names", cmd_lsa_lookup_names },
{"", NULL, NULL, {NULL, NULL}}
};
void add_lsa_commands(void)
{
add_command_set(lsa_commands);
}

View File

@ -26,8 +26,8 @@
int main(int argc, char *argv[])
{
#if 0
add_lsa_commands();
#if 0
add_net_commands();
add_evt_commands();
add_sam_commands();