mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
Port of lsa_lookup_sids() and lsa_lookup_names() rpc client functions from
TNG branch.
Re-instated lsa_lookup_sids and lsa_lookup_names functions in rpcclient.
This requires most samba binaries to link in another handful of object
files due to uncessary coupling between modules. )-:
(This used to be commit 817819d0cc
)
This commit is contained in:
parent
cf9443677d
commit
3478427f2e
@ -154,7 +154,11 @@ RPC_CLIENT_OBJ = \
|
||||
rpc_client/cli_srvsvc.o \
|
||||
rpc_client/cli_samr.o \
|
||||
rpc_client/cli_reg.o \
|
||||
rpc_client/cli_spoolss_notify.o
|
||||
rpc_client/cli_spoolss_notify.o \
|
||||
rpc_client/cli_connect.o \
|
||||
rpc_client/cli_use.o \
|
||||
rpc_client/ncacn_np_use.o \
|
||||
lib/util_list.o
|
||||
|
||||
LOCKING_OBJ = locking/locking.o locking/brlock.o locking/posix.o
|
||||
|
||||
@ -250,12 +254,10 @@ PDBEDIT_OBJ = utils/pdbedit.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(PASSDB_OBJ) \
|
||||
$(UBIQX_OBJ) $(LIB_OBJ)
|
||||
|
||||
RPCCLIENT_OBJ1 = rpcclient/rpcclient.o \
|
||||
lib/cmd_interp.o lib/util_list.o \
|
||||
lib/cmd_interp.o \
|
||||
lib/msrpc-client.o \
|
||||
rpc_client/cli_connect.o \
|
||||
rpc_client/cli_use.o \
|
||||
rpc_client/ncacn_np_use.o \
|
||||
rpcclient/spoolss_cmds.o rpcclient/cmd_spoolss.o \
|
||||
rpcclient/cmd_lsarpc.o \
|
||||
rpcclient/display_spool.o rpcclient/display_sec.o \
|
||||
rpc_client/msrpc_spoolss.o rpc_client/cli_spoolss.o
|
||||
|
||||
|
@ -863,7 +863,7 @@ int name_len(char *s1);
|
||||
/*The following definitions come from libsmb/nterr.c */
|
||||
|
||||
BOOL get_safe_nt_error_msg(uint32 nt_code,char *msg, size_t len);
|
||||
const char *get_nt_error_msg(uint32 nt_code);
|
||||
char *get_nt_error_msg(uint32 nt_code);
|
||||
|
||||
/*The following definitions come from libsmb/passchange.c */
|
||||
|
||||
@ -1934,6 +1934,13 @@ BOOL do_lsa_query_info_pol(struct cli_state *cli,
|
||||
fstring domain_name, DOM_SID *domain_sid);
|
||||
BOOL do_lsa_close(struct cli_state *cli, POLICY_HND *hnd);
|
||||
BOOL cli_lsa_get_domain_sid(struct cli_state *cli, char *server);
|
||||
uint32 lsa_open_policy(const char *system_name, POLICY_HND *hnd,
|
||||
BOOL sec_qos, uint32 des_access);
|
||||
uint32 lsa_close(POLICY_HND *hnd);
|
||||
uint32 lsa_lookup_sids(POLICY_HND *hnd, int num_sids, DOM_SID *sids,
|
||||
char ***names, uint32 **types, int *num_names);
|
||||
uint32 lsa_lookup_names(POLICY_HND *hnd, int num_names, char **names,
|
||||
DOM_SID **sids, uint32 **types, int *num_sids);
|
||||
|
||||
/*The following definitions come from rpc_client/cli_netlogon.c */
|
||||
|
||||
@ -2266,7 +2273,8 @@ void init_q_open_pol(LSA_Q_OPEN_POL *r_q, uint16 system_name,
|
||||
uint32 attributes,
|
||||
uint32 desired_access,
|
||||
LSA_SEC_QOS *qos);
|
||||
BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, int depth);
|
||||
BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps,
|
||||
int depth);
|
||||
BOOL lsa_io_r_open_pol(char *desc, LSA_R_OPEN_POL *r_p, prs_struct *ps, int depth);
|
||||
void init_q_open_pol2(LSA_Q_OPEN_POL2 *r_q, char *server_name,
|
||||
uint32 attributes,
|
||||
@ -2285,14 +2293,14 @@ void init_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM *r_e,
|
||||
uint32 status);
|
||||
BOOL lsa_io_r_enum_trust_dom(char *desc, LSA_R_ENUM_TRUST_DOM *r_e, prs_struct *ps, int depth);
|
||||
BOOL lsa_io_r_query(char *desc, LSA_R_QUERY_INFO *r_q, prs_struct *ps, int depth);
|
||||
void init_lsa_sid_enum(LSA_SID_ENUM *sen, int num_entries, DOM_SID **sids);
|
||||
void init_lsa_sid_enum(LSA_SID_ENUM *sen, int num_entries, DOM_SID *sids);
|
||||
void init_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd,
|
||||
int num_sids, DOM_SID **sids,
|
||||
uint16 level);
|
||||
BOOL lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, prs_struct *ps, int depth);
|
||||
int num_sids, DOM_SID *sids, uint16 level);
|
||||
BOOL lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s,
|
||||
prs_struct *ps, int depth);
|
||||
BOOL lsa_io_r_lookup_sids(char *desc, LSA_R_LOOKUP_SIDS *r_s, prs_struct *ps, int depth);
|
||||
void init_q_lookup_names(LSA_Q_LOOKUP_NAMES *q_l, POLICY_HND *hnd,
|
||||
int num_names, char **names);
|
||||
int num_names, char **names);
|
||||
BOOL lsa_io_q_lookup_names(char *desc, LSA_Q_LOOKUP_NAMES *q_r, prs_struct *ps, int depth);
|
||||
BOOL lsa_io_r_lookup_names(char *desc, LSA_R_LOOKUP_NAMES *r_r, prs_struct *ps, int depth);
|
||||
void init_lsa_q_close(LSA_Q_CLOSE *q_c, POLICY_HND *hnd);
|
||||
@ -3338,6 +3346,12 @@ uint32 lookup_user_rid(char *user_name, uint32 *rid);
|
||||
BOOL api_wkssvc_rpc(pipes_struct *p);
|
||||
#endif
|
||||
|
||||
/*The following definitions come from rpcclient/cmd_lsarpc.c */
|
||||
|
||||
uint32 cmd_lsa_lookup_sids(struct client_info *info, int argc, char *argv[]);
|
||||
uint32 cmd_lsa_lookup_names(struct client_info *info, int argc, char *argv[]);
|
||||
void add_lsa_commands(void);
|
||||
|
||||
/*The following definitions come from rpcclient/cmd_spoolss.c */
|
||||
|
||||
uint32 cmd_spoolss_enum_printers(struct client_info *info, int argc, char *argv[]);
|
||||
|
@ -3,6 +3,35 @@
|
||||
/* This file is automatically generated with "make proto". DO NOT EDIT */
|
||||
|
||||
|
||||
/*The following definitions come from lib/util_list.c */
|
||||
|
||||
BOOL copy_policy_hnd (POLICY_HND *dest, const POLICY_HND *src);
|
||||
BOOL compare_rpc_hnd_node(const RPC_HND_NODE *x,
|
||||
const RPC_HND_NODE *y);
|
||||
BOOL RpcHndList_set_connection(const POLICY_HND *hnd,
|
||||
struct cli_connection *con);
|
||||
BOOL RpcHndList_del_connection(const POLICY_HND *hnd);
|
||||
struct cli_connection* RpcHndList_get_connection(const POLICY_HND *hnd);
|
||||
|
||||
/*The following definitions come from rpc_client/cli_connect.c */
|
||||
|
||||
void init_connections(void);
|
||||
void free_connections(void);
|
||||
void cli_connection_free(struct cli_connection *con);
|
||||
void cli_connection_unlink(struct cli_connection *con);
|
||||
BOOL cli_connection_init(const char *srv_name, char *pipe_name,
|
||||
struct cli_connection **con);
|
||||
BOOL cli_connection_init_auth(const char *srv_name, char *pipe_name,
|
||||
struct cli_connection **con,
|
||||
cli_auth_fns * auth, void *auth_creds);
|
||||
struct _cli_auth_fns *cli_conn_get_authfns(struct cli_connection *con);
|
||||
void *cli_conn_get_auth_creds(struct cli_connection *con);
|
||||
BOOL rpc_hnd_pipe_req(const POLICY_HND * hnd, uint8 op_num,
|
||||
prs_struct * data, prs_struct * rdata);
|
||||
BOOL rpc_con_pipe_req(struct cli_connection *con, uint8 op_num,
|
||||
prs_struct * data, prs_struct * rdata);
|
||||
BOOL rpc_con_ok(struct cli_connection *con);
|
||||
|
||||
/*The following definitions come from rpc_client/cli_login.c */
|
||||
|
||||
BOOL cli_nt_setup_creds(struct cli_state *cli, unsigned char mach_pwd[16]);
|
||||
@ -32,6 +61,13 @@ BOOL do_lsa_query_info_pol(struct cli_state *cli,
|
||||
fstring domain_name, DOM_SID *domain_sid);
|
||||
BOOL do_lsa_close(struct cli_state *cli, POLICY_HND *hnd);
|
||||
BOOL cli_lsa_get_domain_sid(struct cli_state *cli, char *server);
|
||||
uint32 lsa_open_policy(const char *system_name, POLICY_HND *hnd,
|
||||
BOOL sec_qos, uint32 des_access);
|
||||
uint32 lsa_close(POLICY_HND *hnd);
|
||||
uint32 lsa_lookup_sids(POLICY_HND *hnd, int num_sids, DOM_SID *sids,
|
||||
char ***names, uint32 **types, int *num_names);
|
||||
uint32 lsa_lookup_names(POLICY_HND *hnd, int num_names, char **names,
|
||||
DOM_SID **sids, uint32 **types, int *num_sids);
|
||||
|
||||
/*The following definitions come from rpc_client/cli_netlogon.c */
|
||||
|
||||
@ -171,9 +207,35 @@ BOOL do_srv_net_srv_file_enum(struct cli_state *cli,
|
||||
BOOL do_srv_net_srv_get_info(struct cli_state *cli,
|
||||
char *server_name, uint32 switch_value, SRV_INFO_CTR *ctr);
|
||||
|
||||
/*The following definitions come from rpc_client/cli_use.c */
|
||||
|
||||
void init_cli_use(void);
|
||||
void free_cli_use(void);
|
||||
struct cli_state *cli_net_use_add(const char *srv_name,
|
||||
const struct ntuser_creds *usr_creds,
|
||||
BOOL reuse, BOOL *is_new);
|
||||
BOOL cli_net_use_del(const char *srv_name,
|
||||
const struct ntuser_creds *usr_creds,
|
||||
BOOL force_close, BOOL *connection_closed);
|
||||
void cli_net_use_enum(uint32 *num_cons, struct use_info ***use);
|
||||
void cli_use_wait_keyboard(void);
|
||||
|
||||
/*The following definitions come from rpc_client/cli_wkssvc.c */
|
||||
|
||||
BOOL do_wks_query_info(struct cli_state *cli,
|
||||
char *server_name, uint32 switch_value,
|
||||
WKS_INFO_100 *wks100);
|
||||
|
||||
/*The following definitions come from rpc_client/ncacn_np_use.c */
|
||||
|
||||
BOOL ncacn_np_use_del(const char *srv_name, const char *pipe_name,
|
||||
const vuser_key * key,
|
||||
BOOL force_close, BOOL *connection_closed);
|
||||
struct ncacn_np *ncacn_np_initialise(struct ncacn_np *msrpc,
|
||||
const vuser_key * key);
|
||||
struct ncacn_np *ncacn_np_use_add(const char *pipe_name,
|
||||
const vuser_key * key,
|
||||
const char *srv_name,
|
||||
const struct ntuser_creds *ntc,
|
||||
BOOL reuse, BOOL *is_new_connection);
|
||||
#endif /* _PROTO_H_ */
|
||||
|
@ -96,7 +96,7 @@ typedef struct obj_attr_info
|
||||
typedef struct lsa_q_open_pol_info
|
||||
{
|
||||
uint32 ptr; /* undocumented buffer pointer */
|
||||
uint16 system_name; /* 0x5c - system name */
|
||||
uint16 system_name; /* system name BUG!!! (should be \\server!) */
|
||||
LSA_OBJ_ATTR attr ; /* object attributes */
|
||||
|
||||
uint32 des_access; /* desired access attributes */
|
||||
|
@ -1,4 +1,3 @@
|
||||
|
||||
/*
|
||||
* Unix SMB/Netbios implementation.
|
||||
* Version 1.9.
|
||||
@ -23,16 +22,10 @@
|
||||
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
||||
*/
|
||||
|
||||
|
||||
#ifdef SYSLOG
|
||||
#undef SYSLOG
|
||||
#endif
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
extern int DEBUGLEVEL;
|
||||
|
||||
|
||||
/****************************************************************************
|
||||
do a LSA Open Policy
|
||||
****************************************************************************/
|
||||
@ -402,3 +395,414 @@ BOOL cli_lsa_get_domain_sid(struct cli_state *cli, char *server)
|
||||
|
||||
return res3;
|
||||
}
|
||||
|
||||
/****************************************************************************
|
||||
do a LSA Open Policy
|
||||
****************************************************************************/
|
||||
uint32 lsa_open_policy(const char *system_name, POLICY_HND *hnd,
|
||||
BOOL sec_qos, uint32 des_access)
|
||||
{
|
||||
prs_struct rbuf;
|
||||
prs_struct buf;
|
||||
LSA_Q_OPEN_POL q_o;
|
||||
LSA_SEC_QOS qos;
|
||||
struct cli_connection *con = NULL;
|
||||
uint32 result;
|
||||
|
||||
if (!cli_connection_init(system_name, PIPE_LSARPC, &con)) {
|
||||
return NT_STATUS_UNSUCCESSFUL;
|
||||
}
|
||||
|
||||
if (hnd == NULL) return NT_STATUS_UNSUCCESSFUL;
|
||||
|
||||
prs_init(&buf, MAX_PDU_FRAG_LEN, 4, NULL, False);
|
||||
prs_init(&rbuf, 0, 4, NULL, True);
|
||||
|
||||
/* create and send a MSRPC command with api LSA_OPENPOLICY */
|
||||
|
||||
DEBUG(4, ("LSA Open Policy\n"));
|
||||
|
||||
/* store the parameters */
|
||||
if (sec_qos) {
|
||||
init_lsa_sec_qos(&qos, 2, 1, 0, des_access);
|
||||
init_q_open_pol(&q_o, '\\', 0, des_access, &qos);
|
||||
} else {
|
||||
init_q_open_pol(&q_o, '\\', 0, des_access, NULL);
|
||||
}
|
||||
|
||||
/* turn parameters into data stream */
|
||||
if (lsa_io_q_open_pol("", &q_o, &buf, 0) &&
|
||||
rpc_con_pipe_req(con, LSA_OPENPOLICY, &buf, &rbuf)) {
|
||||
LSA_R_OPEN_POL r_o;
|
||||
BOOL p;
|
||||
|
||||
lsa_io_r_open_pol("", &r_o, &rbuf, 0);
|
||||
p = rbuf.data_offset != 0;
|
||||
|
||||
result = r_o.status;
|
||||
|
||||
if (p && r_o.status != 0) {
|
||||
/* report error code */
|
||||
DEBUG(0,
|
||||
("LSA_OPENPOLICY: %s\n",
|
||||
get_nt_error_msg(r_o.status)));
|
||||
p = False;
|
||||
}
|
||||
|
||||
if (p) {
|
||||
|
||||
/* Return the policy handle */
|
||||
|
||||
*hnd = r_o.pol;
|
||||
|
||||
if (!RpcHndList_set_connection(hnd, con)) {
|
||||
result = NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
prs_mem_free(&rbuf);
|
||||
prs_mem_free(&buf);
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
/****************************************************************************
|
||||
do a LSA Close
|
||||
****************************************************************************/
|
||||
uint32 lsa_close(POLICY_HND *hnd)
|
||||
{
|
||||
prs_struct rbuf;
|
||||
prs_struct buf;
|
||||
LSA_Q_CLOSE q_c;
|
||||
uint32 result;
|
||||
|
||||
if (hnd == NULL) return False;
|
||||
|
||||
/* Create and send a MSRPC command with api LSA_OPENPOLICY */
|
||||
|
||||
prs_init(&buf, MAX_PDU_FRAG_LEN, 4, NULL, False);
|
||||
prs_init(&rbuf, 0, 4, NULL, True);
|
||||
|
||||
DEBUG(4, ("LSA Close\n"));
|
||||
|
||||
/* Store the parameters */
|
||||
|
||||
init_lsa_q_close(&q_c, hnd);
|
||||
|
||||
/* Turn parameters into data stream */
|
||||
|
||||
if (lsa_io_q_close("", &q_c, &buf, 0) &&
|
||||
rpc_hnd_pipe_req(hnd, LSA_CLOSE, &buf, &rbuf)) {
|
||||
LSA_R_CLOSE r_c;
|
||||
BOOL p;
|
||||
|
||||
lsa_io_r_close("", &r_c, &rbuf, 0);
|
||||
p = rbuf.data_offset != 0;
|
||||
result = r_c.status;
|
||||
|
||||
if (p && r_c.status != 0) {
|
||||
|
||||
/* Report error code */
|
||||
|
||||
DEBUG(0, ("LSA_CLOSE: %s\n",
|
||||
get_nt_error_msg(r_c.status)));
|
||||
|
||||
p = False;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
prs_mem_free(&rbuf);
|
||||
prs_mem_free(&buf);
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
/****************************************************************************
|
||||
do a LSA Lookup SIDs
|
||||
****************************************************************************/
|
||||
uint32 lsa_lookup_sids(POLICY_HND *hnd, int num_sids, DOM_SID *sids,
|
||||
char ***names, uint32 **types, int *num_names)
|
||||
{
|
||||
prs_struct rbuf;
|
||||
prs_struct buf;
|
||||
LSA_Q_LOOKUP_SIDS q_l;
|
||||
TALLOC_CTX *ctx = talloc_init();
|
||||
uint32 result;
|
||||
|
||||
ZERO_STRUCT(q_l);
|
||||
|
||||
if (hnd == NULL || num_sids == 0 || sids == NULL) return False;
|
||||
|
||||
if (num_names != NULL) {
|
||||
*num_names = 0;
|
||||
}
|
||||
|
||||
if (types != NULL) {
|
||||
*types = NULL;
|
||||
}
|
||||
|
||||
if (names != NULL) {
|
||||
*names = NULL;
|
||||
}
|
||||
|
||||
prs_init(&buf, MAX_PDU_FRAG_LEN, 4, ctx, False);
|
||||
prs_init(&rbuf, 0, 4, ctx, True);
|
||||
|
||||
/* Create and send a MSRPC command with api LSA_LOOKUP_SIDS */
|
||||
|
||||
DEBUG(4, ("LSA Lookup SIDs\n"));
|
||||
|
||||
/* Store the parameters */
|
||||
|
||||
init_q_lookup_sids(&q_l, hnd, num_sids, sids, 1);
|
||||
|
||||
/* turn parameters into data stream */
|
||||
if (lsa_io_q_lookup_sids("", &q_l, &buf, 0) &&
|
||||
rpc_hnd_pipe_req(hnd, LSA_LOOKUPSIDS, &buf, &rbuf)) {
|
||||
LSA_R_LOOKUP_SIDS r_l;
|
||||
DOM_R_REF ref;
|
||||
LSA_TRANS_NAME_ENUM t_names;
|
||||
BOOL p, valid_response;
|
||||
|
||||
r_l.dom_ref = &ref;
|
||||
r_l.names = &t_names;
|
||||
|
||||
lsa_io_r_lookup_sids("", &r_l, &rbuf, 0);
|
||||
p = rbuf.data_offset != 0;
|
||||
result = r_l.status;
|
||||
|
||||
if (p && r_l.status != 0 &&
|
||||
r_l.status != 0x107 &&
|
||||
r_l.status != (0xC0000000 | NT_STATUS_NONE_MAPPED)) {
|
||||
|
||||
/* Report error code */
|
||||
|
||||
DEBUG(1, ("LSA_LOOKUP_SIDS: %s\n",
|
||||
get_nt_error_msg(r_l.status)));
|
||||
|
||||
return r_l.status;
|
||||
}
|
||||
|
||||
result = NT_STATUS_NOPROBLEMO;
|
||||
|
||||
if (p) {
|
||||
if (t_names.ptr_trans_names != 0
|
||||
&& r_l.ptr_dom_ref != 0) {
|
||||
valid_response = True;
|
||||
}
|
||||
}
|
||||
|
||||
if (num_names != NULL && valid_response) {
|
||||
(*num_names) = t_names.num_entries;
|
||||
}
|
||||
|
||||
if (valid_response) {
|
||||
uint32 i;
|
||||
|
||||
for (i = 0; i < t_names.num_entries; i++) {
|
||||
if ((t_names.name[i].domain_idx >=
|
||||
ref.num_ref_doms_1)
|
||||
&& (t_names.name[i].domain_idx !=
|
||||
0xffffffff)) {
|
||||
DEBUG(0,
|
||||
("LSA_LOOKUP_SIDS: domain index out of bounds\n"));
|
||||
valid_response = False;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (types != NULL && valid_response && (*num_names) != 0) {
|
||||
(*types) = (uint32 *) malloc((*num_names) *
|
||||
sizeof(uint32));
|
||||
}
|
||||
|
||||
if (names != NULL && valid_response && (*num_names) != 0) {
|
||||
(*names) = (char **)malloc((*num_names) *
|
||||
sizeof(char *));
|
||||
}
|
||||
|
||||
if (names != NULL && (*names) != NULL) {
|
||||
int i;
|
||||
|
||||
/* Take each name, construct a \DOMAIN\name string */
|
||||
|
||||
for (i = 0; i < (*num_names); i++) {
|
||||
fstring name;
|
||||
fstring dom_name;
|
||||
fstring full_name;
|
||||
uint32 dom_idx = t_names.name[i].domain_idx;
|
||||
|
||||
if (dom_idx != 0xffffffff) {
|
||||
unistr2_to_ascii(dom_name,
|
||||
&ref.
|
||||
ref_dom[dom_idx].
|
||||
uni_dom_name,
|
||||
sizeof(dom_name) -
|
||||
1);
|
||||
unistr2_to_ascii(name,
|
||||
&t_names.uni_name[i],
|
||||
sizeof(name) - 1);
|
||||
|
||||
memset(full_name, 0,
|
||||
sizeof(full_name));
|
||||
|
||||
slprintf(full_name,
|
||||
sizeof(full_name) - 1,
|
||||
"%s\\%s", dom_name, name);
|
||||
|
||||
(*names)[i] = strdup(full_name);
|
||||
if (types != NULL &&
|
||||
(*types) != NULL) {
|
||||
(*types)[i] = t_names.name[i].sid_name_use;
|
||||
}
|
||||
} else {
|
||||
(*names)[i] = NULL;
|
||||
if (types != NULL &&
|
||||
(*types) != NULL) {
|
||||
(*types)[i] = SID_NAME_UNKNOWN;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
prs_mem_free(&rbuf);
|
||||
prs_mem_free(&buf);
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
/****************************************************************************
|
||||
do a LSA Lookup Names
|
||||
****************************************************************************/
|
||||
uint32 lsa_lookup_names(POLICY_HND *hnd, int num_names, char **names,
|
||||
DOM_SID **sids, uint32 **types, int *num_sids)
|
||||
{
|
||||
prs_struct rbuf;
|
||||
prs_struct buf;
|
||||
LSA_Q_LOOKUP_NAMES q_l;
|
||||
BOOL valid_response = False;
|
||||
TALLOC_CTX *ctx = talloc_init();
|
||||
uint32 result;
|
||||
|
||||
if (hnd == NULL || num_sids == 0 || sids == NULL) return False;
|
||||
|
||||
prs_init(&buf, MAX_PDU_FRAG_LEN, 4, ctx, False);
|
||||
prs_init(&rbuf, 0, 4, ctx, True);
|
||||
|
||||
/* create and send a MSRPC command with api LSA_LOOKUP_NAMES */
|
||||
|
||||
DEBUG(4, ("LSA Lookup NAMEs\n"));
|
||||
|
||||
/* store the parameters */
|
||||
init_q_lookup_names(&q_l, hnd, num_names, names);
|
||||
|
||||
/* turn parameters into data stream */
|
||||
if (lsa_io_q_lookup_names("", &q_l, &buf, 0) &&
|
||||
rpc_hnd_pipe_req(hnd, LSA_LOOKUPNAMES, &buf, &rbuf)) {
|
||||
LSA_R_LOOKUP_NAMES r_l;
|
||||
DOM_R_REF ref;
|
||||
DOM_RID2 t_rids[MAX_LOOKUP_SIDS];
|
||||
BOOL p;
|
||||
|
||||
ZERO_STRUCT(ref);
|
||||
ZERO_STRUCT(t_rids);
|
||||
|
||||
r_l.dom_ref = &ref;
|
||||
r_l.dom_rid = t_rids;
|
||||
|
||||
lsa_io_r_lookup_names("", &r_l, &rbuf, 0);
|
||||
p = rbuf.data_offset != 0;
|
||||
|
||||
if (p && r_l.status != 0) {
|
||||
/* report error code */
|
||||
DEBUG(1,
|
||||
("LSA_LOOKUP_NAMES: %s\n",
|
||||
get_nt_error_msg(r_l.status)));
|
||||
p = False;
|
||||
|
||||
return r_l.status;
|
||||
}
|
||||
|
||||
result = r_l.status;
|
||||
|
||||
if (p) {
|
||||
if (r_l.ptr_dom_ref != 0 && r_l.ptr_entries != 0) {
|
||||
valid_response = True;
|
||||
}
|
||||
}
|
||||
|
||||
if (num_sids != NULL && valid_response) {
|
||||
(*num_sids) = r_l.num_entries;
|
||||
}
|
||||
|
||||
if (valid_response) {
|
||||
uint32 i;
|
||||
|
||||
for (i = 0; i < r_l.num_entries; i++) {
|
||||
if (t_rids[i].rid_idx >= ref.num_ref_doms_1 &&
|
||||
t_rids[i].rid_idx != 0xffffffff) {
|
||||
DEBUG(0,
|
||||
("LSA_LOOKUP_NAMES: domain index %d out of bounds\n",
|
||||
t_rids[i].rid_idx));
|
||||
valid_response = False;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (types != NULL && valid_response && r_l.num_entries != 0) {
|
||||
(*types) = (uint32 *) malloc((*num_sids) *
|
||||
sizeof(uint32));
|
||||
}
|
||||
|
||||
if (sids != NULL && valid_response && r_l.num_entries != 0) {
|
||||
(*sids) = (DOM_SID *) malloc((*num_sids) *
|
||||
sizeof(DOM_SID));
|
||||
}
|
||||
|
||||
if (sids != NULL && (*sids) != NULL) {
|
||||
int i;
|
||||
|
||||
/* Take each name, construct a SID */
|
||||
|
||||
for (i = 0; i < (*num_sids); i++) {
|
||||
uint32 dom_idx = t_rids[i].rid_idx;
|
||||
uint32 dom_rid = t_rids[i].rid;
|
||||
DOM_SID *sid = &(*sids)[i];
|
||||
|
||||
if (dom_idx != 0xffffffff) {
|
||||
|
||||
sid_copy(sid,
|
||||
&ref.ref_dom[dom_idx].
|
||||
ref_dom.sid);
|
||||
|
||||
if (dom_rid != 0xffffffff) {
|
||||
sid_append_rid(sid, dom_rid);
|
||||
}
|
||||
|
||||
if (types != NULL &&
|
||||
(*types) != NULL) {
|
||||
(*types)[i] = t_rids[i].type;
|
||||
}
|
||||
|
||||
} else {
|
||||
ZERO_STRUCTP(sid);
|
||||
|
||||
if (types != NULL &&
|
||||
(*types) != NULL) {
|
||||
(*types)[i] = SID_NAME_UNKNOWN;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
prs_mem_free(&rbuf);
|
||||
prs_mem_free(&buf);
|
||||
|
||||
return result;
|
||||
}
|
||||
|
@ -147,7 +147,7 @@ static BOOL lsa_io_dom_r_ref(char *desc, DOM_R_REF *r_r, prs_struct *ps, int dep
|
||||
void init_lsa_sec_qos(LSA_SEC_QOS *qos, uint16 imp_lev, uint8 ctxt, uint8 eff,
|
||||
uint32 unknown)
|
||||
{
|
||||
DEBUG(5,("init_lsa_sec_qos\n"));
|
||||
DEBUG(5, ("init_lsa_sec_qos\n"));
|
||||
|
||||
qos->len = 0x0c; /* length of quality of service block, in bytes */
|
||||
qos->sec_imp_level = imp_lev;
|
||||
@ -205,7 +205,7 @@ static BOOL lsa_io_sec_qos(char *desc, LSA_SEC_QOS *qos, prs_struct *ps, int de
|
||||
|
||||
void init_lsa_obj_attr(LSA_OBJ_ATTR *attr, uint32 attributes, LSA_SEC_QOS *qos)
|
||||
{
|
||||
DEBUG(5,("make_lsa_obj_attr\n"));
|
||||
DEBUG(5, ("init_lsa_obj_attr\n"));
|
||||
|
||||
attr->len = 0x18; /* length of object attribute block, in bytes */
|
||||
attr->ptr_root_dir = 0;
|
||||
@ -281,7 +281,8 @@ void init_q_open_pol(LSA_Q_OPEN_POL *r_q, uint16 system_name,
|
||||
uint32 desired_access,
|
||||
LSA_SEC_QOS *qos)
|
||||
{
|
||||
DEBUG(5,("make_open_pol: attr:%d da:%d\n", attributes, desired_access));
|
||||
DEBUG(5, ("init_open_pol: attr:%d da:%d\n", attributes,
|
||||
desired_access));
|
||||
|
||||
r_q->ptr = 1; /* undocumented pointer */
|
||||
|
||||
@ -296,10 +297,10 @@ void init_q_open_pol(LSA_Q_OPEN_POL *r_q, uint16 system_name,
|
||||
Reads or writes an LSA_Q_OPEN_POL structure.
|
||||
********************************************************************/
|
||||
|
||||
BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, int depth)
|
||||
BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps,
|
||||
int depth)
|
||||
{
|
||||
if (r_q == NULL)
|
||||
return False;
|
||||
if (r_q == NULL) return False;
|
||||
|
||||
prs_debug(ps, depth, desc, "lsa_io_q_open_pol");
|
||||
depth++;
|
||||
@ -308,7 +309,7 @@ BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, int dept
|
||||
return False;
|
||||
if(!prs_uint16("system_name", ps, depth, &r_q->system_name))
|
||||
return False;
|
||||
if(!prs_align( ps ))
|
||||
if(!prs_align(ps))
|
||||
return False;
|
||||
|
||||
if(!lsa_io_obj_attr("", &r_q->attr, ps, depth))
|
||||
@ -352,7 +353,8 @@ void init_q_open_pol2(LSA_Q_OPEN_POL2 *r_q, char *server_name,
|
||||
uint32 desired_access,
|
||||
LSA_SEC_QOS *qos)
|
||||
{
|
||||
DEBUG(5,("make_open_pol2: attr:%d da:%d\n", attributes, desired_access));
|
||||
DEBUG(5, ("init_open_pol2: attr:%d da:%d\n", attributes,
|
||||
desired_access));
|
||||
|
||||
r_q->ptr = 1; /* undocumented pointer */
|
||||
|
||||
@ -484,7 +486,7 @@ BOOL lsa_io_r_query_sec_obj(char *desc, LSA_R_QUERY_SEC_OBJ *r_u, prs_struct *ps
|
||||
|
||||
void init_q_query(LSA_Q_QUERY_INFO *q_q, POLICY_HND *hnd, uint16 info_class)
|
||||
{
|
||||
DEBUG(5,("make_q_query\n"));
|
||||
DEBUG(5, ("init_q_query\n"));
|
||||
|
||||
memcpy(&q_q->pol, hnd, sizeof(q_q->pol));
|
||||
|
||||
@ -544,7 +546,7 @@ void init_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM *r_e,
|
||||
uint32 enum_context, char *domain_name, DOM_SID *domain_sid,
|
||||
uint32 status)
|
||||
{
|
||||
DEBUG(5,("make_r_enum_trust_dom\n"));
|
||||
DEBUG(5, ("init_r_enum_trust_dom\n"));
|
||||
|
||||
r_e->enum_context = enum_context;
|
||||
|
||||
@ -646,26 +648,21 @@ BOOL lsa_io_r_query(char *desc, LSA_R_QUERY_INFO *r_q, prs_struct *ps, int depth
|
||||
Inits a LSA_SID_ENUM structure.
|
||||
********************************************************************/
|
||||
|
||||
void init_lsa_sid_enum(LSA_SID_ENUM *sen, int num_entries, DOM_SID **sids)
|
||||
void init_lsa_sid_enum(LSA_SID_ENUM *sen, int num_entries, DOM_SID *sids)
|
||||
{
|
||||
int i, i2;
|
||||
int i;
|
||||
|
||||
DEBUG(5,("make_lsa_sid_enum\n"));
|
||||
DEBUG(5, ("init_lsa_sid_enum\n"));
|
||||
|
||||
sen->num_entries = num_entries;
|
||||
sen->ptr_sid_enum = (num_entries != 0) ? 1 : 0;
|
||||
sen->ptr_sid_enum = num_entries != 0;
|
||||
sen->num_entries2 = num_entries;
|
||||
|
||||
SMB_ASSERT_ARRAY(sen->sid, sen->num_entries);
|
||||
|
||||
for (i = 0, i2 = 0; i < num_entries; i++) {
|
||||
if (sids[i] != NULL) {
|
||||
sen->ptr_sid[i] = 1;
|
||||
init_dom_sid2(&sen->sid[i2], sids[i]);
|
||||
i2++;
|
||||
} else {
|
||||
sen->ptr_sid[i] = 0;
|
||||
}
|
||||
for (i = 0; i < num_entries; i++) {
|
||||
sen->ptr_sid[i] = 1;
|
||||
init_dom_sid2(&sen->sid[i], &sids[i]);
|
||||
}
|
||||
}
|
||||
|
||||
@ -720,12 +717,12 @@ static BOOL lsa_io_sid_enum(char *desc, LSA_SID_ENUM *sen,
|
||||
********************************************************************/
|
||||
|
||||
void init_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd,
|
||||
int num_sids, DOM_SID **sids,
|
||||
uint16 level)
|
||||
int num_sids, DOM_SID *sids, uint16 level)
|
||||
{
|
||||
DEBUG(5,("make_r_enum_trust_dom\n"));
|
||||
DEBUG(5, ("init_q_lookup_sids\n"));
|
||||
|
||||
q_l->pol = *hnd;
|
||||
|
||||
memcpy(&q_l->pol, hnd, sizeof(q_l->pol));
|
||||
init_lsa_sid_enum(&q_l->sids, num_sids, sids);
|
||||
|
||||
q_l->names.num_entries = 0;
|
||||
@ -739,7 +736,8 @@ void init_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd,
|
||||
Reads or writes a LSA_Q_LOOKUP_SIDS structure.
|
||||
********************************************************************/
|
||||
|
||||
BOOL lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, prs_struct *ps, int depth)
|
||||
BOOL lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s,
|
||||
prs_struct *ps, int depth)
|
||||
{
|
||||
if (q_s == NULL)
|
||||
return False;
|
||||
@ -857,22 +855,22 @@ makes a structure.
|
||||
********************************************************************/
|
||||
|
||||
void init_q_lookup_names(LSA_Q_LOOKUP_NAMES *q_l, POLICY_HND *hnd,
|
||||
int num_names, char **names)
|
||||
int num_names, char **names)
|
||||
{
|
||||
int i;
|
||||
|
||||
DEBUG(5,("init_q_lookup_names\n"));
|
||||
|
||||
memcpy(&q_l->pol, hnd, sizeof(q_l->pol));
|
||||
|
||||
q_l->pol = *hnd;
|
||||
q_l->num_entries = num_names;
|
||||
q_l->num_entries2 = num_names;
|
||||
|
||||
SMB_ASSERT_ARRAY(q_l->uni_name, q_l->num_entries);
|
||||
|
||||
for (i = 0; i < num_names; i++) {
|
||||
char* name = names[i];
|
||||
int len = strlen(name)+1;
|
||||
char *name = names[i];
|
||||
int len = strlen(name);
|
||||
|
||||
init_uni_hdr(&q_l->hdr_name[i], len);
|
||||
init_unistr2(&q_l->uni_name[i], name, len);
|
||||
}
|
||||
@ -993,7 +991,7 @@ BOOL lsa_io_r_lookup_names(char *desc, LSA_R_LOOKUP_NAMES *r_r, prs_struct *ps,
|
||||
|
||||
void init_lsa_q_close(LSA_Q_CLOSE *q_c, POLICY_HND *hnd)
|
||||
{
|
||||
DEBUG(5,("make_lsa_q_close\n"));
|
||||
DEBUG(5, ("init_lsa_q_close\n"));
|
||||
|
||||
memcpy(&q_c->pol, hnd, sizeof(q_c->pol));
|
||||
}
|
||||
|
@ -321,7 +321,7 @@ void init_uni_hdr(UNIHDR *hdr, int len)
|
||||
{
|
||||
hdr->uni_str_len = 2 * len;
|
||||
hdr->uni_max_len = 2 * len;
|
||||
hdr->buffer = len != 0 ? 1 : 0;
|
||||
hdr->buffer = len != 0;
|
||||
}
|
||||
|
||||
/*******************************************************************
|
||||
@ -867,7 +867,8 @@ void init_unistr2(UNISTR2 *str, const char *buf, size_t len)
|
||||
{
|
||||
ZERO_STRUCTP(str);
|
||||
|
||||
/* set up string lengths. */
|
||||
/* Set up string lengths. */
|
||||
|
||||
str->uni_max_len = (uint32)len;
|
||||
str->undoc = 0;
|
||||
str->uni_str_len = (uint32)len;
|
||||
@ -880,8 +881,7 @@ void init_unistr2(UNISTR2 *str, const char *buf, size_t len)
|
||||
len *= sizeof(uint16);
|
||||
|
||||
str->buffer = (uint16 *)talloc(parse_misc_talloc, len);
|
||||
if ((str->buffer == NULL) && (len > 0))
|
||||
{
|
||||
if ((str->buffer == NULL) && (len > 0)) {
|
||||
smb_panic("init_unistr2: malloc fail\n");
|
||||
return;
|
||||
}
|
||||
|
@ -20,198 +20,229 @@
|
||||
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
||||
*/
|
||||
|
||||
|
||||
|
||||
#ifdef SYSLOG
|
||||
#undef SYSLOG
|
||||
#endif
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
extern int DEBUGLEVEL;
|
||||
extern FILE *out_hnd;
|
||||
|
||||
#define DEBUG_TESTING
|
||||
/* Convert SID_NAME_USE values to strings */
|
||||
|
||||
extern struct cli_state *smb_cli;
|
||||
extern int smb_tidx;
|
||||
struct sid_name {
|
||||
enum SID_NAME_USE name_type;
|
||||
char *name;
|
||||
} sid_name_type_str[] = {
|
||||
{ SID_NAME_UNKNOWN, "UNKNOWN" },
|
||||
{ SID_NAME_USER, "User" },
|
||||
{ SID_NAME_DOM_GRP, "Domain Group" },
|
||||
{ SID_NAME_DOMAIN, "Domain" },
|
||||
{ SID_NAME_ALIAS, "Local Group"} ,
|
||||
{ SID_NAME_WKN_GRP, "Well-known Group" },
|
||||
{ SID_NAME_DELETED, "Deleted" },
|
||||
{ SID_NAME_INVALID, "Invalid" },
|
||||
{ 0, NULL }
|
||||
};
|
||||
|
||||
extern FILE* out_hnd;
|
||||
|
||||
|
||||
/****************************************************************************
|
||||
nt lsa query
|
||||
****************************************************************************/
|
||||
void cmd_lsa_query_info(struct client_info *info)
|
||||
static char *get_sid_name_type_str(enum SID_NAME_USE name_type)
|
||||
{
|
||||
fstring srv_name;
|
||||
int i = 0;
|
||||
|
||||
BOOL res = True;
|
||||
|
||||
fstrcpy(info->dom.level3_dom, "");
|
||||
fstrcpy(info->dom.level5_dom, "");
|
||||
ZERO_STRUCT(info->dom.level3_sid);
|
||||
ZERO_STRUCT(info->dom.level5_sid);
|
||||
|
||||
fstrcpy(srv_name, "\\\\");
|
||||
fstrcat(srv_name, info->myhostname);
|
||||
strupper(srv_name);
|
||||
|
||||
DEBUG(4,("cmd_lsa_query_info: server:%s\n", srv_name));
|
||||
|
||||
DEBUG(5, ("cmd_lsa_query_info: smb_cli->fd:%d\n", smb_cli->fd));
|
||||
|
||||
/* open LSARPC session. */
|
||||
res = res ? cli_nt_session_open(smb_cli, PIPE_LSARPC) : False;
|
||||
|
||||
/* lookup domain controller; receive a policy handle */
|
||||
res = res ? do_lsa_open_policy(smb_cli,
|
||||
srv_name,
|
||||
&info->dom.lsa_info_pol, False) : False;
|
||||
|
||||
/* send client info query, level 3. receive domain name and sid */
|
||||
res = res ? do_lsa_query_info_pol(smb_cli,
|
||||
&info->dom.lsa_info_pol, 0x03,
|
||||
info->dom.level3_dom,
|
||||
&info->dom.level3_sid) : False;
|
||||
|
||||
/* send client info query, level 5. receive domain name and sid */
|
||||
res = res ? do_lsa_query_info_pol(smb_cli,
|
||||
&info->dom.lsa_info_pol, 0x05,
|
||||
info->dom.level5_dom,
|
||||
&info->dom.level5_sid) : False;
|
||||
|
||||
res = res ? do_lsa_close(smb_cli, &info->dom.lsa_info_pol) : False;
|
||||
|
||||
/* close the session */
|
||||
cli_nt_session_close(smb_cli);
|
||||
|
||||
if (res)
|
||||
{
|
||||
BOOL domain_something = False;
|
||||
fstring sid;
|
||||
DEBUG(5,("cmd_lsa_query_info: query succeeded\n"));
|
||||
|
||||
fprintf(out_hnd, "LSA Query Info Policy\n");
|
||||
|
||||
if (info->dom.level3_dom[0] != 0)
|
||||
{
|
||||
sid_to_string(sid, &info->dom.level3_sid);
|
||||
fprintf(out_hnd, "Domain Member - Domain: %s SID: %s\n",
|
||||
info->dom.level3_dom, sid);
|
||||
domain_something = True;
|
||||
}
|
||||
if (info->dom.level5_dom[0] != 0)
|
||||
{
|
||||
sid_to_string(sid, &info->dom.level5_sid);
|
||||
fprintf(out_hnd, "Domain Controller - Domain: %s SID: %s\n",
|
||||
info->dom.level5_dom, sid);
|
||||
domain_something = True;
|
||||
}
|
||||
if (!domain_something)
|
||||
{
|
||||
fprintf(out_hnd, "%s is not a Domain Member or Controller\n",
|
||||
info->dest_host);
|
||||
while(sid_name_type_str[i].name) {
|
||||
if (name_type == sid_name_type_str[i].name_type) {
|
||||
return sid_name_type_str[i].name;
|
||||
}
|
||||
i++;
|
||||
}
|
||||
else
|
||||
{
|
||||
DEBUG(5,("cmd_lsa_query_info: query failed\n"));
|
||||
}
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/****************************************************************************
|
||||
nt lsa query
|
||||
****************************************************************************/
|
||||
void cmd_lsa_lookup_sids(struct client_info *info)
|
||||
{
|
||||
fstring temp;
|
||||
int i;
|
||||
fstring sid_name;
|
||||
fstring srv_name;
|
||||
DOM_SID sid[10];
|
||||
DOM_SID *sids[10];
|
||||
int num_sids = 0;
|
||||
char **names = NULL;
|
||||
int num_names = 0;
|
||||
/* Look up a list of sids */
|
||||
|
||||
BOOL res = True;
|
||||
uint32 cmd_lsa_lookup_sids(struct client_info *info, int argc, char *argv[])
|
||||
{
|
||||
POLICY_HND lsa_pol;
|
||||
fstring srv_name;
|
||||
char **names;
|
||||
DOM_SID *sids;
|
||||
int num_sids = 0, num_names, i;
|
||||
uint32 *types, result;
|
||||
|
||||
/* Check command arguments */
|
||||
|
||||
if (argc == 1) {
|
||||
fprintf(out_hnd, "lsa_lookupsids sid1 [sid2...]\n");
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
sids = (DOM_SID *)malloc((argc - 1) * sizeof(DOM_SID));
|
||||
|
||||
for (i = 1; i < argc; i++) {
|
||||
if (string_to_sid(&sids[num_sids], argv[i])) {
|
||||
num_sids++;
|
||||
} else {
|
||||
fprintf(out_hnd, "could not parse sid %s\n", argv[i]);
|
||||
}
|
||||
}
|
||||
|
||||
fstrcpy(srv_name, "\\\\");
|
||||
fstrcat(srv_name, info->myhostname);
|
||||
fstrcat(srv_name, info->dest_host);
|
||||
strupper(srv_name);
|
||||
|
||||
DEBUG(4,("cmd_lsa_lookup_sids: server: %s\n", srv_name));
|
||||
/* Lookup domain controller; receive a policy handle */
|
||||
|
||||
while (num_sids < 10 && next_token(NULL, temp, NULL, sizeof(temp)))
|
||||
{
|
||||
if (strnequal("S-", temp, 2))
|
||||
{
|
||||
fstrcpy(sid_name, temp);
|
||||
}
|
||||
else
|
||||
{
|
||||
sid_to_string(sid_name, &info->dom.level5_sid);
|
||||
result = lsa_open_policy(srv_name, &lsa_pol, True,
|
||||
SEC_RIGHTS_MAXIMUM_ALLOWED);
|
||||
|
||||
if (sid_name[0] == 0)
|
||||
{
|
||||
fprintf(out_hnd, "please use lsaquery first or specify a complete SID\n");
|
||||
return;
|
||||
}
|
||||
|
||||
fstrcat(sid_name, "-");
|
||||
fstrcat(sid_name, temp);
|
||||
}
|
||||
init_dom_sid(&sid[num_sids], sid_name);
|
||||
sids[num_sids] = &sid[num_sids];
|
||||
num_sids++;
|
||||
if (result != 0) {
|
||||
report(out_hnd, "open policy failed: %s\n",
|
||||
get_nt_error_msg(result));
|
||||
return result;
|
||||
}
|
||||
|
||||
if (num_sids == 0)
|
||||
{
|
||||
fprintf(out_hnd, "lookupsid RID or SID\n");
|
||||
return;
|
||||
/* Send lsa lookup sids call */
|
||||
|
||||
result = lsa_lookup_sids(&lsa_pol, num_sids, sids, &names,
|
||||
&types, &num_names);
|
||||
|
||||
if (result != 0) {
|
||||
report(out_hnd, "lookup names failed: %s\n",
|
||||
get_nt_error_msg(result));
|
||||
return result;
|
||||
}
|
||||
|
||||
/* open LSARPC session. */
|
||||
res = res ? cli_nt_session_open(smb_cli, PIPE_LSARPC) : False;
|
||||
result = lsa_close(&lsa_pol);
|
||||
|
||||
/* lookup domain controller; receive a policy handle */
|
||||
res = res ? do_lsa_open_policy(smb_cli,
|
||||
srv_name,
|
||||
&info->dom.lsa_info_pol, True) : False;
|
||||
|
||||
/* send lsa lookup sids call */
|
||||
res = res ? do_lsa_lookup_sids(smb_cli,
|
||||
&info->dom.lsa_info_pol,
|
||||
num_sids, sids,
|
||||
&names, &num_names) : False;
|
||||
|
||||
res = res ? do_lsa_close(smb_cli, &info->dom.lsa_info_pol) : False;
|
||||
|
||||
/* close the session */
|
||||
cli_nt_session_close(smb_cli);
|
||||
|
||||
if (res)
|
||||
{
|
||||
DEBUG(5,("cmd_lsa_lookup_sids: query succeeded\n"));
|
||||
if (result != 0) {
|
||||
report(out_hnd, "lsa close failed: %s\n",
|
||||
get_nt_error_msg(result));
|
||||
return result;
|
||||
}
|
||||
else
|
||||
{
|
||||
DEBUG(5,("cmd_lsa_lookup_sids: query failed\n"));
|
||||
}
|
||||
if (names != NULL)
|
||||
{
|
||||
fprintf(out_hnd,"Lookup SIDS:\n");
|
||||
for (i = 0; i < num_names; i++)
|
||||
{
|
||||
sid_to_string(temp, sids[i]);
|
||||
fprintf(out_hnd, "SID: %s -> %s\n", temp, names[i]);
|
||||
if (names[i] != NULL)
|
||||
{
|
||||
|
||||
/* Print output */
|
||||
|
||||
if (names != NULL) {
|
||||
report(out_hnd, "Lookup SIDS:\n");
|
||||
|
||||
for (i = 0; i < num_names; i++) {
|
||||
fstring temp;
|
||||
|
||||
sid_to_string(temp, &sids[i]);
|
||||
|
||||
report(out_hnd, "SID: %s -> %s (%d: %s)\n",
|
||||
temp, names[i] ? names[i] : "(null)",
|
||||
types[i], get_sid_name_type_str(types[i]));
|
||||
|
||||
if (names[i] != NULL) {
|
||||
free(names[i]);
|
||||
}
|
||||
}
|
||||
|
||||
free(names);
|
||||
}
|
||||
|
||||
if (types) {
|
||||
free(types);
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
/* Look up a list of names */
|
||||
|
||||
uint32 cmd_lsa_lookup_names(struct client_info *info, int argc, char *argv[])
|
||||
{
|
||||
POLICY_HND lsa_pol;
|
||||
fstring srv_name;
|
||||
int num_names, i, num_sids;
|
||||
DOM_SID *sids;
|
||||
char **names;
|
||||
uint32 *types, result;
|
||||
|
||||
/* Check command arguments */
|
||||
|
||||
if (argc == 1) {
|
||||
fprintf(out_hnd, "lsa_lookupnames name1 [name2...]\n");
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
names = (char **)malloc((argc - 1) * sizeof(char *));
|
||||
num_names = argc - 1;
|
||||
|
||||
for (i = 1; i < argc; i++) {
|
||||
names[i - 1] = argv[i];
|
||||
}
|
||||
|
||||
fstrcpy(srv_name, "\\\\");
|
||||
fstrcat(srv_name, info->dest_host);
|
||||
strupper(srv_name);
|
||||
|
||||
/* Lookup domain controller; receive a policy handle */
|
||||
|
||||
result = lsa_open_policy(srv_name, &lsa_pol, True,
|
||||
SEC_RIGHTS_MAXIMUM_ALLOWED);
|
||||
|
||||
if (result != 0) {
|
||||
report(out_hnd, "open policy failed: %s\n",
|
||||
get_nt_error_msg(result));
|
||||
return result;
|
||||
}
|
||||
|
||||
/* Send lsa lookup names call */
|
||||
|
||||
result = lsa_lookup_names(&lsa_pol, num_names, names, &sids,
|
||||
&types, &num_sids);
|
||||
|
||||
if (result != 0) {
|
||||
report(out_hnd, "lookup sids failed: %s\n",
|
||||
get_nt_error_msg(result));
|
||||
return result;
|
||||
}
|
||||
|
||||
result = lsa_close(&lsa_pol);
|
||||
|
||||
if (result != 0) {
|
||||
report(out_hnd, "lsa close failed: %s\n",
|
||||
get_nt_error_msg(result));
|
||||
return result;
|
||||
}
|
||||
|
||||
/* Print output */
|
||||
|
||||
if (sids != NULL) {
|
||||
fstring temp;
|
||||
|
||||
report(out_hnd, "Lookup Names:\n");
|
||||
for (i = 0; i < num_sids; i++) {
|
||||
sid_to_string(temp, &sids[i]);
|
||||
report(out_hnd, "Name: %s -> %s (%d: %s)\n",
|
||||
names[i], temp, types[i],
|
||||
get_sid_name_type_str(types[i]));
|
||||
#if 0
|
||||
if (sids[i] != NULL) {
|
||||
free(sids[i]);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
free(sids);
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
/* rpcclient interface */
|
||||
|
||||
static const struct command_set lsa_commands[] = {
|
||||
|
||||
{ "LSARPC", NULL, NULL, {NULL, NULL} },
|
||||
|
||||
{ "lsa_lookup_sids", cmd_lsa_lookup_sids },
|
||||
{ "lsa_lookup_names", cmd_lsa_lookup_names },
|
||||
|
||||
{"", NULL, NULL, {NULL, NULL}}
|
||||
};
|
||||
|
||||
|
||||
void add_lsa_commands(void)
|
||||
{
|
||||
add_command_set(lsa_commands);
|
||||
}
|
||||
|
@ -26,8 +26,8 @@
|
||||
|
||||
int main(int argc, char *argv[])
|
||||
{
|
||||
#if 0
|
||||
add_lsa_commands();
|
||||
#if 0
|
||||
add_net_commands();
|
||||
add_evt_commands();
|
||||
add_sam_commands();
|
||||
|
Loading…
Reference in New Issue
Block a user