sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Code

Merge branch 'v3-2-test' of ssh://git.samba.org/data/git/samba into v3-2-test

Browse Source 
(This used to be commit 3482cd9b0e)
This commit is contained in:
Jelmer Vernooij 2008-03-05 19:42:15 +01:00
commit 63036a6f33
306 changed files with 39309 additions and 31045 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -61,3 +61,4 @@ examples/libsmbclient/teststat2
examples/libsmbclient/teststat3
examples/libsmbclient/testutime
examples/libsmbclient/testwrite
examples/libsmbclient/testtruncate

314
WHATSNEW.txt
View File

@ -1,6 +1,6 @@
=================================
Release Notes for Samba 3.2.0pre2
Oct XX, 2007
Mar 04, 2008
=================================
This is the second preview release of Samba 3.2.0. This is *not*
@ -22,17 +22,26 @@ Major enhancements in Samba 3.2.0 include:
o Introduction of a registry based configuration system.
o Improved CIFS Unix Extensions support.
o Experimental support for file serving clusters.
o Support for IPv6 in the server, and client tools and libraries.
o Support for storing alternate data streams in xattrs.
o Encrypted SMB transport in client tools and libraries, and server.
o Support for Vista clients authenticating via Kerberos.
Winbind and Active Directory Integration:
o Full support for Windows 2003 cross-forest, transitive trusts
and one-way domain trusts
and one-way domain trusts.
o Support for userPrincipalName logons via pam_winbind and NSS
lookups.
o Support in pam_winbind for logging on using the userPrincipalName.
o Expansion of nested domain groups via NSS calls.
o Support for Active Directory LDAP Signing policy.
o New LGPL Winbind client library (libwbclient.so).
Joining:
o New NetApi library for domain join related queries (libnetapi.so)
and example GTK+ Domain join gui.
o New client and server support for remotely joining and unjoining
Domains.
o Support for joining into Windows 2008 domains.
Users & Groups:
o New ldb backend for local group mapping tables
@ -50,12 +59,12 @@ Now Licensed under the GNU GPLv3
The Samba Team has adopted the Version 3 of the GNU General Public
License for the 3.2 and later releases. The GPLv3 is the updated
version of the GPLv2 license under which Samba is currently
distributed. It has been updated to improvecompatibility with other
licenses and to make it easier to adopt internationally, and is an
distributed. It has been updated to improve compatibility with other
licenses and to make it easier to adopt internationally, and is an
improved version of the license to better suit the needs of Free
Software in the 21st Century.
The original announcement is available on-line at
The original announcement is available on-line at
http://news.samba.org/announcements/samba_gplv3/
@ -63,25 +72,24 @@ The original announcement is available on-line at
New Security Defaults for Authentication
========================================
Support for LanMan passwords is now disabled in both client and server
applications. Additionally, clear text authentication requests are
Support for LanMan passwords is now disabled in both client and server
applications. Additionally, clear text authentication requests are
disabled by default in client utilities such as smbclient and all
libsmbclient based applications. This will affect connection both
to and from hosts running DOS, Windows 9x/ME, and OS/2. Please refer
to the "Changes" section for details on the exact parameters that were
libsmbclient based applications. This will affect connection both
to and from hosts running DOS, Windows 9x/ME, and OS/2. Please refer
to the "Changes" section for details on the exact parameters that were
updated.
Registry Configuration Backend
==============================
Samba is now able to use a registry based configuration backed to
supplement smb.conf setting. This feature may be enabled by setting
"include = registry" and "registry shares = yes" in the [global]
section of smb.conf and may be managed using the "net conf" command.
"config backend = registry" and "registry shares = yes" in the [global]
section of smb.conf and may be managed using the "net conf" command.
More information may be obtained from the smb.conf(5) and net(8) man
More information may be obtained from the smb.conf(5) and net(8) man
pages.
@ -91,6 +99,68 @@ Removed Features
Both the Python bindings and the libmsrpc shared library have been
removed from the tree due to lack of an official maintainer.
As smbfs is no longer supported in current kernel versions, smbmount has
been removed in this Samba version. Please use cifs (mount.cifs) instead.
See examples/scripts/mount/mount.smbfs as an example for a wrapper which
calls mount.cifs instead of smbmount/mount.smbfs.
Modified API for libsmbclient
==============================================================================
Maintaining ABI compatibility for libsmbclient has become increasingly
difficult to accomplish, while also keeping the code organization such that it
is easily readable. Towards the goal of maintaining ABI compatibility and
also keeping the code easy to maintain and enhance, the API has been enhanced.
In particular, the fields in the SMBCCTX context structure are no longer
intended to be read/write by the user, and are marked as deprecated. An
application that previously accessed the members of the SMBCCTX context
structure will now encounter warnings if recompiled. This is intentional, to
encourage implementation of the small changes required for the new interface.
The number of changes is expected to be quite small for the vast majority of
applications, and no changes need be made for many applications. The changes
required for KDE (konqueror) to conform to the new interface, for example, are
only four lines in only one file.
Instead of the application manually changing or reading values in the context
structure, there are now setter and getter functions for each configurable
member in that structure. Similarly, the smbc_option_get() and
smbc_option_set() functions are deprecated in favor of the setter/getter
interface. The setters and getters are all documented in libsmbclient.h
under these comment blocks:
Getters and setters for CONFIGURATION
Getters and setters for OPTIONS
Getters and setters for FUNCTIONS
Callable functions for files
Callable functions for directories
Callable functions applicable to both files and directories
Example changes that may be required to eliminate "deprecated" warnings:
/* Set the debug level */
context->debug = 99;
changes to:
smbc_setDebug(context, 99);
/* Specify the authentication callback function */
context->callbacks.auth_fn = auth_smbc_get_data;
changes to:
smbc_setFunctionAuthData(context, auth_smbc_get_data);
/* Specify the new-style authentication callback with context parameter */
smbc_option_set("auth_function", auth_smbc_get_data_with_ctx);
changes to:
smbc_setFunctionAuthDataWithContext(context, auth_smbc_get_data_with_ctx);
/* Set kerberos flags */
context->flags = (SMB_CTX_FLAG_USE_KERBEROS |
SMB_CTX_FLAG_FALLBACK_AFTER_KERBEROS);
changes to:
smbc_setOptionUseKerberos(context, 1);
smbc_setOptionFallbackAfterKerberos(context, 1);
######################################################################
@ -107,19 +177,205 @@ smb.conf changes
client plaintext auth Changed Default No
clustering New No
cluster addresses New ""
config backend New file
ctdb socket New ""
debug class New No
administrative share New No
lanman auth Changed Default No
mangle map Removed
ldap debug level New 0
ldap debug threshold New 10
mangle map Removed
open files database hashsize Removed
read bmpx Removed
read bmpx Removed
registry shares New No
winbind expand groups New 1
winbind rpc only New No
winbind expand groups New 1
winbind rpc only New No
Changes since 3.2.0pre1:
-----------------------
o Michael Adam <obnox@samba.org>
* Add library for access to the registry configuration data.
* BUG 5023: Separate NFS4 and POSIX ACL code in file access checks.
* BUG 4308: Fix Excel save operation ACL bug.
* Refactor and consolidate logic for retrieving the machine
trust password information.
* VFS API cleanup (remove redundant parameter).
* BUG 4801: Correctly implement LSA lookup levels for LookupNames.
* Add new option "debug class" to control printing of the debug class.
in debug headers.
* Enable building of the zfsacl and notify_fam vfs modules.
* BUG 5083: Fix memleak in solarisacl module.
* BUG 5063: Fix build on RHEL5.
* New smb.conf parameter "config backend = registry" to enable registry
only configuration.
* Move "net conf" functionality into a separate module libnet_conf.c
* Restructure registry code, eliminating the dynamic overlay.
Make use of reg_api instead of backend code in most places.
* Add support for intercepting LDAP libraries' debug output and print
it in Samba's debugging system.
* Libreplace fixes.
* Build fixes.
* Initial support for using subsystems as shared libraries.
Use talloc, tdb, and libnetapi as shared libraries internally.
o Jeremy Allison <jra@samba.org>
* Added support for IPv6 client and server connections.
* Add in the recvfile entry to the VFS layer.
* Removal of pstring data type.
* Remove unused utilities: smbctool and rpctorture.
* Fix service principal detection to match Windows Vista
(based on work from Andreas Schneider).
* Encrypted SMB transport in client tools and libraries, and server.
o Kai Blin <kai@samba.org>
* Added support for an SMB_CONF_PATH environment variable
containing the path to smb.conf.
* Various fixes to ntlm_auth.
* make test now supports more extensive SPOOLSS testing using vlp.
* Correctly handle mixed-case hostnames in NTLMv2 authentication.
o Gerald (Jerry) Carter <jerry@samba.org>
* Add Winbind client library.
* Decouple static linking between smbd and winbindd's client
interface.
o Guenther Deschner <gd@samba.org>
* Enhance client and server remote registry access.
* Add client calls for remotely joining a computer to a domain
(including calls from "net dom" command).
* Add libnetapi.so library for joining domains including
sample GTK+ app.
* Fixes for Vista SP1 Kerberos authdata handling to only pickup
the PAC.
* Various error code and error message fixes.
* Add initial draft of libnetconf to allow programmatic
configuration changes.
* Add libnet_join internal library for programmatically joining
and unjoining Domains.
* Add various fixes and new calls to libnetapi.so library.
* Various fixes for DsGetDcName and conversion to IDL based
structures.
* Fixes for pidl to correctly generate WERROR based client calls.
* Fixes for pidl to generate output that complies to coding
conventions.
* Various IDL fixes.
* Add ads_get_joinable_ous() to libads to get list of joinable ous.
* Add get_logon_hours_from_pdb() to comply with new IDL based
structures.
* Add debugging capabilities to dump AD connections to libads
(using ndr_print).
* Add "dump-domain-list" command for smbcontrol to retrieve better
debugging information out of winbindd.
* Migration of the entire client and server DCE/RPC code to IDL
based structures and autogenerated code for DSSETUP, LSA, SAMR
and NETLOGON.
* Started migration of client and server DCE/RPC code to IDL based
structures and autogenerated code for NTSSVC, SVCCTL and
EVENTLOG.
* Use IDL and autogenerated code for samlogoncache and Kerberos
PAC handling.
* Various fixes and cleanup of Kerberos PAC handling.
* Fix segfault in _srv_net_file_enum.
* Conversion of client join and unjoin code to libnet_join.
* Add remote join/unjoin server-side implementation.
* Removed a lot of code which has become obsolete.
o Steve Langasek <vorlon@debian.org>
* Integrate 2 out of 3 --with-fhs patches from Debian packaging
for better adherence to the FHS standard.
o Volker Lendecke <vl@samba.org>
* Add talloc_stackframe() and talloc_pool() features.
* Removal of pstring data type.
* Add generic a in-memory cache.
* Import the Linux red-black tree implementation.
* Remove large amount of global variables.
* Support for storing xattrs in tdb files.
* Support for storing alternate data streams in xattrs.
* Implement a generic in-memory cache based on rb-trees.
* Add implicit temporary talloc contexts via talloc_stack().
* Speed up the smbclient "get" command
* Add the aio_fork module
o Derrell Lipman <derrell@samba.org>
* Modified libsmbclient API for more easily maintaining ABI compatibility
while adding new features to libsmbclient.
o Stefan Metzmacher <metze@samba.org>
* Fixes for libreplace.
* Pidl fixes.
* Build fixes.
* Add nss_wrapper support.
* Start and test winbindd by 'make test'.
* Split up child_dispatch_table into domain, idmap and locator tables
in winbindd.
* Fix for a crash bug in pidl generated client code.
This could have happend with [in,out,unique] pointers
when the client sends a valid pointer, but the server
responds with a NULL pointer (as samba-3.0.26a does for some calls).
* Change NTSTATUS into enum ndr_err_code in librpc/ndr.
* Remove unused calls in the struct based winbindd protocol.
* Add --configfile option to wbinfo.
* Convert winbind_env_set(), winbind_on() and winbind_off() into macros.
* Return rids and other_sids arrays in WBFLAG_PAM_INFO3_TEXT mode.
* Implement wbcErrorString() and wbcAuthenticateUserEx().
* Convert auth_winbind to use wbcAuthenticateUserEx().
o James Peach <jpeach@samba.org>
* Add support for DNS Service Discovery. Based on work from
Rishi Srivatsavai <rishisv@gmail.com>.
o Andreas Schneider <anschneider@suse.de>
* Don't restart winbind if a corrupted tdb is found during
initialization.
* Fix Windows 2008 (Longhorn) join.
* Fix crashbug in winbindd.
* Add share parameter "administrative share".
o Karolin Seeger <ks@sernet.de>
* Improve error messages of net subcommands.
* Add 'net rap file user'.
* Change LDAP search filter to find machine accounts which
are not located in the user suffix.
* Remove smbmount.
o David Shaw <dshaw@jabberwocky.com>
* BUG 5073: Allow "delete readonly = yes" to correctly override
deletion of a file.
o Rishi Srivatsavai <rishisv@gmail.com>
* Register the smb service with mDNS if mDNS is supported.
* Add smbclient support for basic mDNS browsing.
o Andrew Tridgell <tridge@samba.org>
* Fix padding between Winbind 32bit/64bit client library in
the request/response structures.
* Added a syncops VFS module for file systems which do not
guarantee meta-data operations are immediately committed to
disk in stable form.
o Jelmer Vernooij <jelmer@samba.org>
* Additional portability support for building shared libraries.
o Corinna Vinschen <corinna@vinschen.de>
* Get Samba version or capability information from Windows user space.
Original 3.2.0pre1 commits:
---------------------------
@ -134,16 +390,16 @@ o Michael Adam <obnox@samba.org>
* Merged \winreg server code from the SAMBA_3_2 development branch.
* Fixes for libreplace.
* Implement new registry configuration backend.
o Jeremy Allison <jra@samba.org>
* Add support for file system objectIDs.
* Winbind cache validation support.
* Add in the UNIX capability for 24-bit readX.
* Improve Delete-on-Close semantics.
* Removal of static file and path name buffers in SMB file serving
* Removal of static file and path name buffers in SMB file serving
code.
o Danilo Almeida <dalmeida@centeris.com>
* Move the machine account to the OU specified when running "net
@ -151,7 +407,7 @@ o Danilo Almeida <dalmeida@centeris.com>
o Andrew Bartlett <abartlet@samba.org>
* Tighten authentication protocol defaults in client tools and
* Tighten authentication protocol defaults in client tools and
servers.
@ -165,7 +421,7 @@ o Gerald (Jerry) Carter <jerry@samba.org>
* Fix lockups in Winbind when running nscd.
* UPN logon support in pam_winbind.
* Add support for GNU linker scripts when build shared libraries
(based on work by Julien Cristau <jcristau@debian.org> and James
(based on work by Julien Cristau <jcristau@debian.org> and James
Peach).
@ -182,7 +438,7 @@ o Guenther Deschner <gd@samba.org>
o Steve Langasek <vorlon@debian.org>
* Allow SIGTERM to cause nmbd to exit while awaiting a interface
to come up.
to come up.
o Volker Lendecke <vl@samba.org>
@ -192,13 +448,13 @@ o Volker Lendecke <vl@samba.org>
* Add client support for the SamLogonEx() authentication request.
* Implement RPC proxy stubs in the Samba server code to allow
replacing implementation functions one by one.
* Remove static incoming and outgoing buffers from core server SMB
* Remove static incoming and outgoing buffers from core server SMB
packet processing code.
* Add "net sam rights" command.
o Steve French <sfrench@samba.org>
* Fixes for mount.cfs Linux utility.
* Fixes for mount.cifs Linux utility.
o Stefan Metzmacher <metze@samba.org>
@ -219,7 +475,7 @@ o James Peach <jpeach@apple.com>
o Jiri Sasek <Jiri.Sasek@Sun.COM>
* Added vfs_vfsacl module.
* Added vfs_zfsacl module.
o Karolin Seeger <ks@sernet.de>

9
examples/libsmbclient/Makefile
View File

@ -1,14 +1,14 @@
#
CC = gcc
SAMBA_INCL = ../../source/include
SAMBA_INCL = -I/usr/local/samba/include
EXTLIB_INCL = -I/usr/include/gtk-1.2 \
-I/usr/include/glib-1.2 \
-I/usr/lib/glib/include
EXTLIB_INCL = `gtk-config --cflags`
DEFS = -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE
CFLAGS = -O0 -g -I$(SAMBA_INCL) $(EXTLIB_INCL) $(DEFS)
CFLAGS = -O0 -g $(SAMBA_INCL) $(EXTLIB_INCL) $(DEFS)
LDFLAGS = -L/usr/local/samba/lib \
-lldap -lkrb5 -lgssapi_krb5
@ -24,6 +24,7 @@ TESTS= testsmbc \
teststat \
teststat2 \
teststat3 \
testtruncate \
testchmod \
testutime \
testread \
@ -73,6 +74,10 @@ teststat3: teststat3.o
@echo Linking teststat3
$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $< $(LIBSMBCLIENT) -lpopt
testtruncate: testtruncate.o
@echo Linking testtruncate
$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $< $(LIBSMBCLIENT) -lpopt
testchmod: testchmod.o
@echo Linking testchmod
$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $< $(LIBSMBCLIENT) -lpopt

10
examples/libsmbclient/smbwrapper/smbw.c
View File

@ -174,11 +174,11 @@ static void do_init(StartupType startupType)
exit(1);
}
smbw_ctx->debug = debug_level;
smbw_ctx->callbacks.auth_fn = get_auth_data_fn;
smbw_ctx->options.browse_max_lmb_count = 0;
smbw_ctx->options.urlencode_readdir_entries = 1;
smbw_ctx->options.one_share_per_server = 1;
smbc_setDebug(smbw_ctx, debug_level);
smbc_setFunctionAuthData(smbw_ctx, get_auth_data_fn);
smbc_setOptionBrowseMaxLmbCount(smbw_ctx, 0);
smbc_setOptionUrlEncodeReaddirEntries(smbw_ctx, 1);
smbc_setOptionOneSharePerServer(smbw_ctx, 1);
if (smbc_init_context(smbw_ctx) == NULL) {
fprintf(stderr, "Could not initialize context.\n");

2
examples/libsmbclient/testacl.c
View File

@ -143,7 +143,7 @@ int main(int argc, const char *argv[])
if (full_time_names) {
SMBCCTX *context = smbc_set_context(NULL);
smbc_option_set(context, "full_time_names", 1);
smbc_setOptionFullTimeNames(context, 1);
}
/* Perform requested action */

2
examples/libsmbclient/testacl2.c
View File

@ -39,7 +39,7 @@ int main(int argc, const char *argv[])
}
SMBCCTX *context = smbc_set_context(NULL);
smbc_option_set(context, "full_time_names", 1);
smbc_setOptionFullTimeNames(context, 1);
the_acl = strdup("system.nt_sec_desc.*");
ret = smbc_getxattr(argv[1], the_acl, value, sizeof(value));

2
examples/libsmbclient/testacl3.c
View File

@ -28,7 +28,7 @@ int main(int argc, char * argv[])
smbc_init(get_auth_data_fn, debug);
context = smbc_set_context(NULL);
smbc_option_set(context, "full_time_names", 1);
smbc_setOptionFullTimeNames(context, 1);
for (;;)
{

19
examples/libsmbclient/testbrowse.c
View File

@ -108,24 +108,21 @@ main(int argc, char * argv[])
}
/* Set mandatory options (is that a contradiction in terms?) */
context->debug = debug;
smbc_setDebug(context, debug);
if (context_auth) {
context->callbacks.auth_fn = NULL;
smbc_option_set(context,
"auth_function",
(void *) get_auth_data_with_context_fn);
smbc_option_set(context, "user_data", "hello world");
smbc_setFunctionAuthDataWithContext(context,
get_auth_data_with_context_fn);
smbc_setOptionUserData(context, "hello world");
} else {
context->callbacks.auth_fn =
(no_auth ? no_auth_data_fn : get_auth_data_fn);
smbc_setFunctionAuthData(context, get_auth_data_fn);
}
/* If we've been asked to log to stderr instead of stdout, ... */
if (debug_stderr) {
/* ... then set the option to do so */
smbc_option_set(context, "debug_to_stderr", 1);
smbc_setOptionDebugToStderr(context, 1);
}
/* Initialize the context using the previously specified options */
if (!smbc_init_context(context)) {
smbc_free_context(context, 0);
@ -199,7 +196,7 @@ get_auth_data_with_context_fn(SMBCCTX * context,
{
printf("Authenticating with context 0x%lx", context);
if (context != NULL) {
char *user_data = smbc_option_get(context, "user_data");
char *user_data = smbc_getOptionUserData(context);
printf(" with user data %s", user_data);
}
printf("\n");

17
examples/libsmbclient/testbrowse2.c
View File

@ -93,8 +93,8 @@ SMBCCTX* create_smbctx(){
if ((ctx = smbc_new_context()) == NULL) return NULL;
ctx->debug = debuglevel;
ctx->callbacks.auth_fn = smbc_auth_fn;
smbc_setDebug(ctx, debuglevel);
smbc_setFunctionAuthData(ctx, smbc_auth_fn);
if (smbc_init_context(ctx) == NULL){
smbc_free_context(ctx, 1);
@ -105,7 +105,7 @@ SMBCCTX* create_smbctx(){
}
void delete_smbctx(SMBCCTX* ctx){
ctx->callbacks.purge_cached_fn(ctx);
smbc_getFunctionPurgeCachedServers(ctx)(ctx);
smbc_free_context(ctx, 1);
}
@ -114,8 +114,9 @@ smbitem* get_smbitem_list(SMBCCTX *ctx, char *smb_path){
struct smbc_dirent *dirent;
smbitem *list = NULL, *item;
if ((fd = ctx->opendir(ctx, smb_path)) == NULL) return NULL;
while((dirent = ctx->readdir(ctx, fd)) != NULL){
if ((fd = smbc_getFunctionOpendir(ctx)(ctx, smb_path)) == NULL)
return NULL;
while((dirent = smbc_getFunctionReaddir(ctx)(ctx, fd)) != NULL){
if (strcmp(dirent->name, "") == 0) continue;
if (strcmp(dirent->name, ".") == 0) continue;
if (strcmp(dirent->name, "..") == 0) continue;
@ -128,7 +129,7 @@ smbitem* get_smbitem_list(SMBCCTX *ctx, char *smb_path){
strcpy(item->name, dirent->name);
list = item;
}
ctx->close_fn(ctx, fd);
smbc_getFunctionClose(ctx)(ctx, fd);
return /* smbitem_list_sort */ (list);
}
@ -167,7 +168,7 @@ void recurse(SMBCCTX *ctx, char *smb_group, char *smb_path, int maxlen){
delete_smbctx(ctx1);
}else{
recurse(ctx, smb_group, smb_path, maxlen);
ctx->callbacks.purge_cached_fn(ctx);
smbc_getFunctionPurgeCachedServers(ctx)(ctx);
}
break;
case SMBC_FILE_SHARE:
@ -181,7 +182,7 @@ void recurse(SMBCCTX *ctx, char *smb_group, char *smb_path, int maxlen){
if (list->type != SMBC_FILE){
recurse(ctx, smb_group, smb_path, maxlen);
if (list->type == SMBC_FILE_SHARE)
ctx->callbacks.purge_cached_fn(ctx);
smbc_getFunctionPurgeCachedServers(ctx)(ctx);
}
break;
}

2
examples/libsmbclient/testsmbc.c
View File

@ -25,7 +25,7 @@
#include <string.h>
#include <unistd.h>
#include <stdlib.h>
#include <libsmbclient.h>
#include "libsmbclient.h"
#include "get_auth_data_fn.h"
int global_id = 0;

82
examples/libsmbclient/testtruncate.c Normal file
View File

@ -0,0 +1,82 @@
#include <stdio.h>
#include <unistd.h>
#include <string.h>
#include <time.h>
#include <errno.h>
#include <libsmbclient.h>
#include "get_auth_data_fn.h"
int main(int argc, char * argv[])
{
int fd;
int ret;
int debug = 0;
int savedErrno;
char buffer[128];
char * pSmbPath = NULL;
char * pLocalPath = NULL;
struct stat st;
if (argc != 2)
{
printf("usage: "
"%s smb://path/to/file\n",
argv[0]);
return 1;
}
smbc_init(get_auth_data_fn, debug);
if ((fd = smbc_open(argv[1], O_WRONLY | O_CREAT | O_TRUNC, 0)) < 0)
{
perror("smbc_open");
return 1;
}
strcpy(buffer, "Hello world.\nThis is a test.\n");
ret = smbc_write(fd, buffer, strlen(buffer));
savedErrno = errno;
smbc_close(fd);
if (ret < 0)
{
errno = savedErrno;
perror("write");
}
if (smbc_stat(argv[1], &st) < 0)
{
perror("smbc_stat");
return 1;
}
printf("Original size: %lu\n", (unsigned long) st.st_size);
if ((fd = smbc_open(argv[1], O_WRONLY, 0)) < 0)
{
perror("smbc_open");
return 1;
}
ret = smbc_ftruncate(fd, 13);
savedErrno = errno;
smbc_close(fd);
if (ret < 0)
{
errno = savedErrno;
perror("smbc_ftruncate");
return 1;
}
if (smbc_stat(argv[1], &st) < 0)
{
perror("smbc_stat");
return 1;
}
printf("New size: %lu\n", (unsigned long) st.st_size);
return 0;
}

115
examples/scripts/mount/mount.smbfs Normal file
View File

@ -0,0 +1,115 @@
#!/bin/bash
# Debian mount.smbfs compatibility wrapper
# Copyright 2007, Steve Langasek <vorlon at debian.org>
# Licensed under the GNU General Public License, version 2. See the
# file /usr/share/common-licenses/GPL or <http://www.gnu.org/copyleft/gpl.txt>.
# This script accepts all documented mount options for mount.smbfs,
# passing through those that are also recognized by mount.cifs,
# converting those that are not recognized but map to available cifs
# options, and warning about the use of options for which no equivalent
# exists.
# known bugs: quoted spaces in arguments are not passed intact
set -e
# reverse the order of username and password in a "username" parameter,
# taking care to leave any "%password" bit intact
reverse_username_workgroup() {
local workgroup password username
username="$1"
case "$username" in
*%*) password="${username#*%}"
username="${username%%%*}"
;;
*) ;;
esac
case "$username" in
*/*) workgroup="${username#*/}"
username="${username%%/*}"
;;
*) ;;
esac
if [ -n "$workgroup" ]; then
username="$workgroup\\$username"
fi
if [ -n "$password" ]; then
username="$username%$password"
fi
echo "$username"
}
# parse out the mount options that have been specified using -o, and if
# necessary, convert them for use by mount.cifs
parse_mount_options () {
local OLD_IFS IFS options option username
OLD_IFS="$IFS"
IFS=","
options=""
workgroup=""
password=""
for option in $@; do
case "$option" in
sockopt=* | scope=* | codepage=* | ttl=* | debug=*)
echo "Warning: ignoring deprecated smbfs option '$option'" >&2
;;
krb)
options="$options${options:+,}sec=krb5"
;;
guest)
echo "Warning: mapping 'guest' to 'guest,sec=none'" >&2
options="$options${options:+,}guest,sec=none"
;;
# username and workgroup are reversed in username= arguments,
# so need to be parsed out
username=*/*)
IFS="$OLD_IFS"
username="${option#username=}"
username="$(reverse_username_workgroup "$username")"
IFS=","
options="$options${options:+,}username=$username"
;;
*)
options="$options${options:+,}$option"
;;
esac
done
IFS="$OLD_IFS"
echo $options
}
args=()
while [ "$#" -gt 0 ]; do
case "$1" in
-o*)
arg=${1#-o}
shift
if [ -z "$arg" ]; then
arg=$1
shift
fi
arg="$(parse_mount_options "$arg")"
if [ -n "$arg" ]; then
args=("${args[@]}" "-o" "$arg")
fi
;;
*)
args=("${args[@]}" "$1")
shift
;;
esac
done
USER="$(reverse_username_workgroup "$USER")"
exec /sbin/mount.cifs "${args[@]}"

702
source3/Makefile.in
View File

File diff suppressed because it is too large Load Diff

10
source3/auth/auth_domain.c
View File

@ -189,7 +189,7 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
struct sockaddr_storage *dc_ss)
{
NET_USER_INFO_3 info3;
struct netr_SamInfo3 *info3 = NULL;
struct cli_state *cli = NULL;
struct rpc_pipe_client *netlogon_pipe = NULL;
NTSTATUS nt_status = NT_STATUS_NO_LOGON_SERVERS;
@ -227,8 +227,6 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
saf_store( domain, cli->desthost );
ZERO_STRUCT(info3);
/*
* If this call succeeds, we now have lots of info about the user
* in the info3 structure.
@ -267,7 +265,7 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
user_info->smb_name,
domain,
server_info,
&info3);
info3);
if (NT_STATUS_IS_OK(nt_status)) {
if (user_info->was_mapped) {
@ -281,12 +279,14 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
if ( !NT_STATUS_IS_OK(nt_status)) {
DEBUG(1, ("PAM account restriction prevents user login\n"));
cli_shutdown(cli);
TALLOC_FREE(info3);
return nt_status;
}
}
}
netsamlogon_cache_store( user_info->smb_name, &info3 );
netsamlogon_cache_store(user_info->smb_name, info3);
TALLOC_FREE(info3);
}
/* Note - once the cli stream is shutdown the mem_ctx used

7
source3/auth/auth_ntlmssp.c
View File

@ -186,8 +186,13 @@ NTSTATUS auth_ntlmssp_start(AUTH_NTLMSSP_STATE **auth_ntlmssp_state)
void auth_ntlmssp_end(AUTH_NTLMSSP_STATE **auth_ntlmssp_state)
{
TALLOC_CTX *mem_ctx = (*auth_ntlmssp_state)->mem_ctx;
TALLOC_CTX *mem_ctx;
if (*auth_ntlmssp_state == NULL) {
return;
}
mem_ctx = (*auth_ntlmssp_state)->mem_ctx;
if ((*auth_ntlmssp_state)->ntlmssp_state) {
ntlmssp_end(&(*auth_ntlmssp_state)->ntlmssp_state);
}

285
source3/auth/auth_util.c
View File

@ -1422,7 +1422,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
const char *sent_nt_username,
const char *domain,
auth_serversupplied_info **server_info,
NET_USER_INFO_3 *info3)
struct netr_SamInfo3 *info3)
{
char zeros[16];
@ -1446,23 +1446,25 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
matches.
*/
sid_copy(&user_sid, &info3->dom_sid.sid);
if (!sid_append_rid(&user_sid, info3->user_rid)) {
sid_copy(&user_sid, info3->base.domain_sid);
if (!sid_append_rid(&user_sid, info3->base.rid)) {
return NT_STATUS_INVALID_PARAMETER;
}
sid_copy(&group_sid, &info3->dom_sid.sid);
if (!sid_append_rid(&group_sid, info3->group_rid)) {
sid_copy(&group_sid, info3->base.domain_sid);
if (!sid_append_rid(&group_sid, info3->base.primary_gid)) {
return NT_STATUS_INVALID_PARAMETER;
}
if (!(nt_username = unistr2_to_ascii_talloc(mem_ctx, &(info3->uni_user_name)))) {
nt_username = talloc_strdup(mem_ctx, info3->base.account_name.string);
if (!nt_username) {
/* If the server didn't give us one, just use the one we sent
* them */
nt_username = sent_nt_username;
}
if (!(nt_domain = unistr2_to_ascii_talloc(mem_ctx, &(info3->uni_logon_dom)))) {
nt_domain = talloc_strdup(mem_ctx, info3->base.domain.string);
if (!nt_domain) {
/* If the server didn't give us one, just use the one we sent
* them */
nt_domain = domain;
@ -1527,50 +1529,50 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
TALLOC_FREE(sam_account);
return NT_STATUS_UNSUCCESSFUL;
}
if (!pdb_set_fullname(sam_account,
unistr2_static(&(info3->uni_full_name)),
info3->base.full_name.string,
PDB_CHANGED)) {
TALLOC_FREE(sam_account);
return NT_STATUS_NO_MEMORY;
}
if (!pdb_set_logon_script(sam_account,
unistr2_static(&(info3->uni_logon_script)),
info3->base.logon_script.string,
PDB_CHANGED)) {
TALLOC_FREE(sam_account);
return NT_STATUS_NO_MEMORY;
}
if (!pdb_set_profile_path(sam_account,
unistr2_static(&(info3->uni_profile_path)),
info3->base.profile_path.string,
PDB_CHANGED)) {
TALLOC_FREE(sam_account);
return NT_STATUS_NO_MEMORY;
}
if (!pdb_set_homedir(sam_account,
unistr2_static(&(info3->uni_home_dir)),
info3->base.home_directory.string,
PDB_CHANGED)) {
TALLOC_FREE(sam_account);
return NT_STATUS_NO_MEMORY;
}
if (!pdb_set_dir_drive(sam_account,
unistr2_static(&(info3->uni_dir_drive)),
info3->base.home_drive.string,
PDB_CHANGED)) {
TALLOC_FREE(sam_account);
return NT_STATUS_NO_MEMORY;
}
if (!pdb_set_acct_ctrl(sam_account, info3->acct_flags, PDB_CHANGED)) {
if (!pdb_set_acct_ctrl(sam_account, info3->base.acct_flags, PDB_CHANGED)) {
TALLOC_FREE(sam_account);
return NT_STATUS_NO_MEMORY;
}
if (!pdb_set_pass_last_set_time(
sam_account,
nt_time_to_unix(info3->pass_last_set_time),
nt_time_to_unix(info3->base.last_password_change),
PDB_CHANGED)) {
TALLOC_FREE(sam_account);
return NT_STATUS_NO_MEMORY;
@ -1578,7 +1580,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
if (!pdb_set_pass_can_change_time(
sam_account,
nt_time_to_unix(info3->pass_can_change_time),
nt_time_to_unix(info3->base.allow_password_change),
PDB_CHANGED)) {
TALLOC_FREE(sam_account);
return NT_STATUS_NO_MEMORY;
@ -1586,7 +1588,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
if (!pdb_set_pass_must_change_time(
sam_account,
nt_time_to_unix(info3->pass_must_change_time),
nt_time_to_unix(info3->base.force_password_change),
PDB_CHANGED)) {
TALLOC_FREE(sam_account);
return NT_STATUS_NO_MEMORY;
@ -1624,27 +1626,260 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
return nt_status;
}
result->login_server = unistr2_to_ascii_talloc(result,
&(info3->uni_logon_srv));
result->login_server = talloc_strdup(result,
info3->base.logon_server.string);
/* ensure we are never given NULL session keys */
ZERO_STRUCT(zeros);
if (memcmp(info3->user_sess_key, zeros, sizeof(zeros)) == 0) {
if (memcmp(info3->base.key.key, zeros, sizeof(zeros)) == 0) {
result->user_session_key = data_blob_null;
} else {
result->user_session_key = data_blob_talloc(
result, info3->user_sess_key,
sizeof(info3->user_sess_key));
result, info3->base.key.key,
sizeof(info3->base.key.key));
}
if (memcmp(info3->lm_sess_key, zeros, 8) == 0) {
if (memcmp(info3->base.LMSessKey.key, zeros, 8) == 0) {
result->lm_session_key = data_blob_null;
} else {
result->lm_session_key = data_blob_talloc(
result, info3->lm_sess_key,
sizeof(info3->lm_sess_key));
result, info3->base.LMSessKey.key,
sizeof(info3->base.LMSessKey.key));
}
result->was_mapped = username_was_mapped;
*server_info = result;
return NT_STATUS_OK;
}
/*****************************************************************************
Make a server_info struct from the wbcAuthUserInfo returned by a domain logon
******************************************************************************/
NTSTATUS make_server_info_wbcAuthUserInfo(TALLOC_CTX *mem_ctx,
const char *sent_nt_username,
const char *domain,
const struct wbcAuthUserInfo *info,
auth_serversupplied_info **server_info)
{
char zeros[16];
NTSTATUS nt_status = NT_STATUS_OK;
char *found_username = NULL;
const char *nt_domain;
const char *nt_username;
struct samu *sam_account = NULL;
DOM_SID user_sid;
DOM_SID group_sid;
bool username_was_mapped;
uint32_t i;
uid_t uid = (uid_t)-1;
gid_t gid = (gid_t)-1;
auth_serversupplied_info *result;
result = make_server_info(NULL);
if (result == NULL) {
DEBUG(4, ("make_server_info failed!\n"));
return NT_STATUS_NO_MEMORY;
}
/*
Here is where we should check the list of
trusted domains, and verify that the SID
matches.
*/
memcpy(&user_sid, &info->sids[0].sid, sizeof(user_sid));
memcpy(&group_sid, &info->sids[1].sid, sizeof(group_sid));
if (info->account_name) {
nt_username = talloc_strdup(result, info->account_name);
} else {
/* If the server didn't give us one, just use the one we sent
* them */
nt_username = talloc_strdup(result, sent_nt_username);
}
if (!nt_username) {
TALLOC_FREE(result);
return NT_STATUS_NO_MEMORY;
}
if (info->domain_name) {
nt_domain = talloc_strdup(result, info->domain_name);
} else {
/* If the server didn't give us one, just use the one we sent
* them */
nt_domain = talloc_strdup(result, domain);
}
if (!nt_domain) {
TALLOC_FREE(result);
return NT_STATUS_NO_MEMORY;
}
/* try to fill the SAM account.. If getpwnam() fails, then try the
add user script (2.2.x behavior).
We use the _unmapped_ username here in an attempt to provide
consistent username mapping behavior between kerberos and NTLM[SSP]
authentication in domain mode security. I.E. Username mapping
should be applied to the fully qualified username
(e.g. DOMAIN\user) and not just the login name. Yes this means we
called map_username() unnecessarily in make_user_info_map() but
that is how the current code is designed. Making the change here
is the least disruptive place. -- jerry */
if ( !(sam_account = samu_new( result )) ) {
TALLOC_FREE(result);
return NT_STATUS_NO_MEMORY;
}
/* this call will try to create the user if necessary */
nt_status = fill_sam_account(result, nt_domain, sent_nt_username,
&found_username, &uid, &gid, sam_account,
&username_was_mapped);
/* if we still don't have a valid unix account check for
'map to guest = bad uid' */
if (!NT_STATUS_IS_OK(nt_status)) {
TALLOC_FREE( result );
if ( lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_UID ) {
make_server_info_guest(server_info);
return NT_STATUS_OK;
}
return nt_status;
}
if (!pdb_set_nt_username(sam_account, nt_username, PDB_CHANGED)) {
TALLOC_FREE(result);
return NT_STATUS_NO_MEMORY;
}
if (!pdb_set_username(sam_account, nt_username, PDB_CHANGED)) {
TALLOC_FREE(result);
return NT_STATUS_NO_MEMORY;
}
if (!pdb_set_domain(sam_account, nt_domain, PDB_CHANGED)) {
TALLOC_FREE(result);
return NT_STATUS_NO_MEMORY;
}
if (!pdb_set_user_sid(sam_account, &user_sid, PDB_CHANGED)) {
TALLOC_FREE(result);
return NT_STATUS_UNSUCCESSFUL;
}
if (!pdb_set_group_sid(sam_account, &group_sid, PDB_CHANGED)) {
TALLOC_FREE(result);
return NT_STATUS_UNSUCCESSFUL;
}
if (!pdb_set_fullname(sam_account, info->full_name, PDB_CHANGED)) {
TALLOC_FREE(result);
return NT_STATUS_NO_MEMORY;
}
if (!pdb_set_logon_script(sam_account, info->logon_script, PDB_CHANGED)) {
TALLOC_FREE(result);
return NT_STATUS_NO_MEMORY;
}
if (!pdb_set_profile_path(sam_account, info->profile_path, PDB_CHANGED)) {
TALLOC_FREE(result);
return NT_STATUS_NO_MEMORY;
}
if (!pdb_set_homedir(sam_account, info->home_directory, PDB_CHANGED)) {
TALLOC_FREE(result);
return NT_STATUS_NO_MEMORY;
}
if (!pdb_set_dir_drive(sam_account, info->home_drive, PDB_CHANGED)) {
TALLOC_FREE(result);
return NT_STATUS_NO_MEMORY;
}
if (!pdb_set_acct_ctrl(sam_account, info->acct_flags, PDB_CHANGED)) {
TALLOC_FREE(result);
return NT_STATUS_NO_MEMORY;
}
if (!pdb_set_pass_last_set_time(
sam_account,
nt_time_to_unix(info->pass_last_set_time),
PDB_CHANGED)) {
TALLOC_FREE(result);
return NT_STATUS_NO_MEMORY;
}
if (!pdb_set_pass_can_change_time(
sam_account,
nt_time_to_unix(info->pass_can_change_time),
PDB_CHANGED)) {
TALLOC_FREE(result);
return NT_STATUS_NO_MEMORY;
}
if (!pdb_set_pass_must_change_time(
sam_account,
nt_time_to_unix(info->pass_must_change_time),
PDB_CHANGED)) {
TALLOC_FREE(result);
return NT_STATUS_NO_MEMORY;
}
/* save this here to _net_sam_logon() doesn't fail (it assumes a
valid struct samu) */
result->sam_account = sam_account;
result->unix_name = talloc_strdup(result, found_username);
result->login_server = talloc_strdup(result, info->logon_server);
/* Fill in the unix info we found on the way */
result->uid = uid;
result->gid = gid;
/* Create a 'combined' list of all SIDs we might want in the SD */
result->num_sids = info->num_sids - 2;
result->sids = talloc_array(result, DOM_SID, result->num_sids);
if (result->sids == NULL) {
TALLOC_FREE(result);
return NT_STATUS_NO_MEMORY;
}
for (i=0; i < result->num_sids; i++) {
memcpy(&result->sids[i], &info->sids[i+2].sid, sizeof(result->sids[i]));
}
/* ensure we are never given NULL session keys */
ZERO_STRUCT(zeros);
if (memcmp(info->user_session_key, zeros, sizeof(zeros)) == 0) {
result->user_session_key = data_blob_null;
} else {
result->user_session_key = data_blob_talloc(
result, info->user_session_key,
sizeof(info->user_session_key));
}
if (memcmp(info->lm_session_key, zeros, 8) == 0) {
result->lm_session_key = data_blob_null;
} else {
result->lm_session_key = data_blob_talloc(
result, info->lm_session_key,
sizeof(info->lm_session_key));
}
result->was_mapped = username_was_mapped;

113
source3/auth/auth_winbind.c
View File

@ -25,31 +25,6 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_AUTH
static NTSTATUS get_info3_from_ndr(TALLOC_CTX *mem_ctx, struct winbindd_response *response, NET_USER_INFO_3 *info3)
{
uint8 *info3_ndr;
size_t len = response->length - sizeof(struct winbindd_response);
prs_struct ps;
if (len > 0) {
info3_ndr = (uint8 *)response->extra_data.data;
if (!prs_init(&ps, len, mem_ctx, UNMARSHALL)) {
return NT_STATUS_NO_MEMORY;
}
prs_copy_data_in(&ps, (char *)info3_ndr, len);
prs_set_offset(&ps,0);
if (!net_io_user_info3("", info3, &ps, 1, 3, False)) {
DEBUG(2, ("get_info3_from_ndr: could not parse info3 struct!\n"));
return NT_STATUS_UNSUCCESSFUL;
}
prs_mem_free(&ps);
return NT_STATUS_OK;
} else {
DEBUG(2, ("get_info3_from_ndr: No info3 struct found!\n"));
return NT_STATUS_UNSUCCESSFUL;
}
}
/* Authenticate a user with a challenge/response */
static NTSTATUS check_winbind_security(const struct auth_context *auth_context,
@ -58,11 +33,11 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context,
const auth_usersupplied_info *user_info,
auth_serversupplied_info **server_info)
{
struct winbindd_request request;
struct winbindd_response response;
NSS_STATUS result;
NTSTATUS nt_status;
NET_USER_INFO_3 info3;
wbcErr wbc_status;
struct wbcAuthUserParams params;
struct wbcAuthUserInfo *info = NULL;
struct wbcAuthErrorInfo *err = NULL;
if (!user_info) {
return NT_STATUS_INVALID_PARAMETER;
@ -82,36 +57,34 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context,
/* Send off request */
ZERO_STRUCT(request);
ZERO_STRUCT(response);
params.account_name = user_info->smb_name;
params.domain_name = user_info->domain;
params.workstation_name = user_info->wksta_name;
request.flags = WBFLAG_PAM_INFO3_NDR;
params.flags = 0;
params.parameter_control= user_info->logon_parameters;
request.data.auth_crap.logon_parameters = user_info->logon_parameters;
params.level = WBC_AUTH_USER_LEVEL_RESPONSE;
fstrcpy(request.data.auth_crap.user, user_info->smb_name);
fstrcpy(request.data.auth_crap.domain, user_info->domain);
fstrcpy(request.data.auth_crap.workstation, user_info->wksta_name);
memcpy(params.password.response.challenge,
auth_context->challenge.data,
sizeof(params.password.response.challenge));
memcpy(request.data.auth_crap.chal, auth_context->challenge.data, sizeof(request.data.auth_crap.chal));
request.data.auth_crap.lm_resp_len = MIN(user_info->lm_resp.length,
sizeof(request.data.auth_crap.lm_resp));
request.data.auth_crap.nt_resp_len = MIN(user_info->nt_resp.length,
sizeof(request.data.auth_crap.nt_resp));
memcpy(request.data.auth_crap.lm_resp, user_info->lm_resp.data,
request.data.auth_crap.lm_resp_len);
memcpy(request.data.auth_crap.nt_resp, user_info->nt_resp.data,
request.data.auth_crap.nt_resp_len);
params.password.response.nt_length = user_info->nt_resp.length;
params.password.response.nt_data = user_info->nt_resp.data;
params.password.response.lm_length = user_info->lm_resp.length;
params.password.response.lm_data = user_info->lm_resp.data;
/* we are contacting the privileged pipe */
become_root();
result = winbindd_priv_request_response(WINBINDD_PAM_AUTH_CRAP,
&request, &response);
wbc_status = wbcAuthenticateUserEx(&params, &info, &err);
unbecome_root();
if ( result == NSS_STATUS_UNAVAIL ) {
if (wbc_status == WBC_ERR_NO_MEMORY) {
return NT_STATUS_NO_MEMORY;
}
if (wbc_status == WBC_ERR_WINBIND_NOT_AVAILABLE) {
struct auth_methods *auth_method =
(struct auth_methods *)my_private_data;
@ -123,27 +96,29 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context,
DEBUG(0,("check_winbind_security: ERROR! my_private_data == NULL!\n"));
}
nt_status = NT_STATUS(response.data.auth.nt_status);
if (result == NSS_STATUS_SUCCESS && response.extra_data.data) {
if (NT_STATUS_IS_OK(nt_status)) {
if (NT_STATUS_IS_OK(nt_status = get_info3_from_ndr(mem_ctx, &response, &info3))) {
nt_status = make_server_info_info3(mem_ctx,
user_info->smb_name, user_info->domain,
server_info, &info3);
}
if (NT_STATUS_IS_OK(nt_status)) {
if (user_info->was_mapped) {
(*server_info)->was_mapped = user_info->was_mapped;
}
}
}
} else if (NT_STATUS_IS_OK(nt_status)) {
nt_status = NT_STATUS_NO_LOGON_SERVERS;
if (wbc_status == WBC_ERR_AUTH_ERROR) {
nt_status = NT_STATUS(err->nt_status);
wbcFreeMemory(err);
return nt_status;
}
if (!WBC_ERROR_IS_OK(wbc_status)) {
return NT_STATUS_LOGON_FAILURE;
}
nt_status = make_server_info_wbcAuthUserInfo(mem_ctx,
user_info->smb_name,
user_info->domain,
info, server_info);
wbcFreeMemory(info);
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
}
if (user_info->was_mapped) {
(*server_info)->was_mapped = user_info->was_mapped;
}
SAFE_FREE(response.extra_data.data);
return nt_status;
}

105
source3/client/mount.cifs.c
View File

@ -37,6 +37,7 @@
#include <string.h>
#include <mntent.h>
#include <fcntl.h>
#include <limits.h>
#define MOUNT_CIFS_VERSION_MAJOR "1"
#define MOUNT_CIFS_VERSION_MINOR "11"
@ -62,8 +63,6 @@
#define MS_BIND 4096
#endif
#define MAX_UNC_LEN 1024
#define CONST_DISCARD(type, ptr) ((type) ((void *) (ptr)))
const char *thisprogram;
@ -75,6 +74,7 @@ static int got_ip = 0;
static int got_unc = 0;
static int got_uid = 0;
static int got_gid = 0;
static int free_share_name = 0;
static char * user_name = NULL;
static char * mountpassword = NULL;
char * domain_name = NULL;
@ -205,8 +205,10 @@ static int open_cred_file(char * file_name)
/* go past equals sign */
temp_val++;
for(length = 0;length<4087;length++) {
if(temp_val[length] == '\n')
if ((temp_val[length] == '\n')
|| (temp_val[length] == '\0')) {
break;
}
}
if(length > 4086) {
printf("mount.cifs failed due to malformed username in credentials file");
@ -229,8 +231,10 @@ static int open_cred_file(char * file_name)
/* go past equals sign */
temp_val++;
for(length = 0;length<65;length++) {
if(temp_val[length] == '\n')
if ((temp_val[length] == '\n')
|| (temp_val[length] == '\0')) {
break;
}
}
if(length > 64) {
printf("mount.cifs failed: password in credentials file too long\n");
@ -258,8 +262,10 @@ static int open_cred_file(char * file_name)
if(verboseflag)
printf("\nDomain %s\n",temp_val);
for(length = 0;length<65;length++) {
if(temp_val[length] == '\n')
break;
if ((temp_val[length] == '\n')
|| (temp_val[length] == '\0')) {
break;
}
}
if(length > 64) {
printf("mount.cifs failed: domain in credentials file too long\n");
@ -831,27 +837,17 @@ static char * check_for_domain(char **ppuser)
return domainnm;
}
/* replace all occurances of "from" in a string with "to" */
static void replace_char(char *string, char from, char to)
{
while (string) {
string = strchr(string, from);
if (string)
*string = to;
}
}
/* Note that caller frees the returned buffer if necessary */
static char * parse_server(char ** punc_name)
{
char * unc_name = *punc_name;
int length = strnlen(unc_name, MAX_UNC_LEN);
int length = strnlen(unc_name,1024);
char * share;
char * ipaddress_string = NULL;
struct hostent * host_entry = NULL;
struct in_addr server_ipaddr;
if(length > (MAX_UNC_LEN - 1)) {
if(length > 1023) {
printf("mount error: UNC name too long");
return NULL;
}
@ -870,6 +866,7 @@ static char * parse_server(char ** punc_name)
/* check for nfs syntax ie server:share */
share = strchr(unc_name,':');
if(share) {
free_share_name = 1;
*punc_name = (char *)malloc(length+3);
if(*punc_name == NULL) {
/* put the original string back if
@ -877,9 +874,9 @@ static char * parse_server(char ** punc_name)
*punc_name = unc_name;
return NULL;
}
*share = '/';
strncpy((*punc_name)+2,unc_name,length);
free(unc_name);
unc_name = *punc_name;
unc_name[length+2] = 0;
goto continue_unc_parsing;
@ -890,21 +887,18 @@ static char * parse_server(char ** punc_name)
}
} else {
continue_unc_parsing:
unc_name[0] = '\\';
unc_name[1] = '\\';
unc_name[0] = '/';
unc_name[1] = '/';
unc_name += 2;
/* convert any '/' in unc to '\\' */
replace_char(unc_name, '/', '\\');
if ((share = strchr(unc_name,'\\'))) {
if ((share = strchr(unc_name, '/')) ||
(share = strchr(unc_name,'\\'))) {
*share = 0; /* temporarily terminate the string */
share += 1;
if(got_ip == 0) {
host_entry = gethostbyname(unc_name);
}
*(share - 1) = '\\'; /* put delimiter back */
if ((prefixpath = strchr(share, '\\'))) {
*(share - 1) = '/'; /* put the slash back */
if ((prefixpath = strchr(share, '/'))) {
*prefixpath = 0; /* permanently terminate the string */
if (!strlen(++prefixpath))
prefixpath = NULL; /* this needs to be done explicitly */
@ -969,25 +963,6 @@ static struct option longopts[] = {
{ NULL, 0, NULL, 0 }
};
/* convert a string to uppercase. return false if the string
* wasn't ASCII or was a NULL ptr */
static int
uppercase_string(char *string)
{
if (!string)
return 0;
while (*string) {
/* check for unicode */
if ((unsigned char) string[0] & 0x80)
return 0;
*string = toupper((unsigned char) *string);
string++;
}
return 1;
}
int main(int argc, char ** argv)
{
int c;
@ -1000,7 +975,6 @@ int main(int argc, char ** argv)
char * options = NULL;
char * resolved_path = NULL;
char * temp;
char * dev_name;
int rc;
int rsize = 0;
int wsize = 0;
@ -1037,16 +1011,8 @@ int main(int argc, char ** argv)
printf(" node: %s machine: %s sysname %s domain %s\n", sysinfo.nodename,sysinfo.machine,sysinfo.sysname,sysinfo.domainname);
#endif */
if(argc > 2) {
dev_name = argv[1];
share_name = strndup(argv[1], MAX_UNC_LEN);
if (share_name == NULL) {
fprintf(stderr, "%s: %s", argv[0], strerror(ENOMEM));
exit(1);
}
share_name = argv[1];
mountpoint = argv[2];
} else {
mount_cifs_usage();
exit(1);
}
/* add sharename in opts string as unc= parm */
@ -1186,7 +1152,7 @@ int main(int argc, char ** argv)
}
}
if((argc < 3) || (dev_name == NULL) || (mountpoint == NULL)) {
if((argc < 3) || (share_name == NULL) || (mountpoint == NULL)) {
mount_cifs_usage();
exit(1);
}
@ -1344,12 +1310,10 @@ mount_retry:
}
if(verboseflag)
printf("\nmount.cifs kernel mount options %s \n",options);
/* convert all '\\' to '/' so that /proc/mounts looks pretty */
replace_char(dev_name, '\\', '/');
if(mount(dev_name, mountpoint, "cifs", flags, options)) {
if(mount(share_name, mountpoint, "cifs", flags, options)) {
/* remember to kill daemon on error */
char * tmp;
switch (errno) {
case 0:
printf("mount failed but no error number set\n");
@ -1360,9 +1324,12 @@ mount_retry:
case ENXIO:
if(retry == 0) {
retry = 1;
if (uppercase_string(dev_name) &&
uppercase_string(share_name) &&
uppercase_string(prefixpath)) {
tmp = share_name;
while (*tmp && !(((unsigned char)tmp[0]) & 0x80)) {
*tmp = toupper((unsigned char)*tmp);
tmp++;
}
if(!*tmp) {
printf("retrying with upper case share name\n");
goto mount_retry;
}
@ -1376,7 +1343,7 @@ mount_retry:
} else {
pmntfile = setmntent(MOUNTED, "a+");
if(pmntfile) {
mountent.mnt_fsname = dev_name;
mountent.mnt_fsname = share_name;
mountent.mnt_dir = mountpoint;
mountent.mnt_type = CONST_DISCARD(char *,"cifs");
mountent.mnt_opts = (char *)malloc(220);
@ -1436,6 +1403,8 @@ mount_exit:
free(resolved_path);
}
free(share_name);
if(free_share_name) {
free(share_name);
}
return rc;
}

332
source3/client/smbmnt.c
View File

@ -1,332 +0,0 @@
/*
* smbmnt.c
*
* Copyright (C) 1995-1998 by Paal-Kr. Engstad and Volker Lendecke
* extensively modified by Tridge
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see <http://www.gnu.org/licenses/>.
*
*/
#define SMBMOUNT_MALLOC 1
#include "includes.h"
#include <mntent.h>
#include <sys/utsname.h>
#include <asm/types.h>
#include <asm/posix_types.h>
#include <linux/smb.h>
#include <linux/smb_mount.h>
#include <asm/unistd.h>
#ifndef MS_MGC_VAL
/* This may look strange but MS_MGC_VAL is what we are looking for and
is what we need from <linux/fs.h> under libc systems and is
provided in standard includes on glibc systems. So... We
switch on what we need... */
#include <linux/fs.h>
#endif
static uid_t mount_uid;
static gid_t mount_gid;
static int mount_ro;
static unsigned mount_fmask;
static unsigned mount_dmask;
static int user_mount;
static char *options;
static void
help(void)
{
printf("\n");
printf("Usage: smbmnt mount-point [options]\n");
printf("Version %s\n\n",SAMBA_VERSION_STRING);
printf("-s share share name on server\n"
"-r mount read-only\n"
"-u uid mount as uid\n"
"-g gid mount as gid\n"
"-f mask permission mask for files\n"
"-d mask permission mask for directories\n"
"-o options name=value, list of options\n"
"-h print this help text\n");
}
static int
parse_args(int argc, char *argv[], struct smb_mount_data *data, char **share)
{
int opt;
while ((opt = getopt (argc, argv, "s:u:g:rf:d:o:")) != EOF)
{
switch (opt)
{
case 's':
*share = optarg;
break;
case 'u':
if (!user_mount) {
mount_uid = strtol(optarg, NULL, 0);
}
break;
case 'g':
if (!user_mount) {
mount_gid = strtol(optarg, NULL, 0);
}
break;
case 'r':
mount_ro = 1;
break;
case 'f':
mount_fmask = strtol(optarg, NULL, 8);
break;
case 'd':
mount_dmask = strtol(optarg, NULL, 8);
break;
case 'o':
options = optarg;
break;
default:
return -1;
}
}
return 0;
}
static char *
fullpath(const char *p)
{
char path[PATH_MAX+1];
if (strlen(p) > PATH_MAX) {
return NULL;
}
if (realpath(p, path) == NULL) {
fprintf(stderr,"Failed to find real path for mount point %s: %s\n",
p, strerror(errno));
exit(1);
}
return strdup(path);
}
/* Check whether user is allowed to mount on the specified mount point. If it's
OK then we change into that directory - this prevents race conditions */
static int mount_ok(char *mount_point)
{
struct stat st;
if (chdir(mount_point) != 0) {
return -1;
}
if (stat(".", &st) != 0) {
return -1;
}
if (!S_ISDIR(st.st_mode)) {
errno = ENOTDIR;
return -1;
}
if ((getuid() != 0) &&
((getuid() != st.st_uid) ||
((st.st_mode & S_IRWXU) != S_IRWXU))) {
errno = EPERM;
return -1;
}
return 0;
}
/* Tries to mount using the appropriate format. For 2.2 the struct,
for 2.4 the ascii version. */
static int
do_mount(char *share_name, unsigned int flags, struct smb_mount_data *data)
{
char *opts;
struct utsname uts;
char *release, *major, *minor;
char *data1, *data2;
int ret;
char *saveptr = NULL;
if (asprintf(&opts,
"version=7,uid=%d,gid=%d,file_mode=0%o,dir_mode=0%o,%s",
mount_uid, mount_gid, data->file_mode,
data->dir_mode,options) < 0) {
return -1;
}
uname(&uts);
release = uts.release;
major = strtok_r(release, ".", &saveptr);
minor = strtok_r(NULL, ".", &saveptr);
if (major && minor && atoi(major) == 2 && atoi(minor) < 4) {
/* < 2.4, assume struct */
data1 = (char *) data;
data2 = opts;
} else {
/* >= 2.4, assume ascii but fall back on struct */
data1 = opts;
data2 = (char *) data;
}
if (mount(share_name, ".", "smbfs", flags, data1) == 0) {
SAFE_FREE(opts);
return 0;
}
ret = mount(share_name, ".", "smbfs", flags, data2);
SAFE_FREE(opts);
return ret;
}
int main(int argc, char *argv[])
{
char *mount_point, *share_name = NULL;
FILE *mtab;
int fd;
unsigned int flags;
struct smb_mount_data data;
struct mntent ment;
memset(&data, 0, sizeof(struct smb_mount_data));
if (argc < 2) {
help();
exit(1);
}
if (argv[1][0] == '-') {
help();
exit(1);
}
if (getuid() != 0) {
user_mount = 1;
}
if (geteuid() != 0) {
fprintf(stderr, "smbmnt must be installed suid root for direct user mounts (%d,%d)\n", getuid(), geteuid());
exit(1);
}
mount_uid = getuid();
mount_gid = getgid();
mount_fmask = umask(0);
umask(mount_fmask);
mount_fmask = ~mount_fmask;
mount_point = fullpath(argv[1]);
argv += 1;
argc -= 1;
if (mount_ok(mount_point) != 0) {
fprintf(stderr, "cannot mount on %s: %s\n",
mount_point, strerror(errno));
exit(1);
}
data.version = SMB_MOUNT_VERSION;
/* getuid() gives us the real uid, who may umount the fs */
data.mounted_uid = getuid();
if (parse_args(argc, argv, &data, &share_name) != 0) {
help();
return -1;
}
data.uid = mount_uid; // truncates to 16-bits here!!!
data.gid = mount_gid;
data.file_mode = (S_IRWXU|S_IRWXG|S_IRWXO) & mount_fmask;
data.dir_mode = (S_IRWXU|S_IRWXG|S_IRWXO) & mount_dmask;
if (mount_dmask == 0) {
data.dir_mode = data.file_mode;
if ((data.dir_mode & S_IRUSR) != 0)
data.dir_mode |= S_IXUSR;
if ((data.dir_mode & S_IRGRP) != 0)
data.dir_mode |= S_IXGRP;
if ((data.dir_mode & S_IROTH) != 0)
data.dir_mode |= S_IXOTH;
}
flags = MS_MGC_VAL | MS_NOSUID | MS_NODEV;
if (mount_ro) flags |= MS_RDONLY;
if (do_mount(share_name, flags, &data) < 0) {
switch (errno) {
case ENODEV:
fprintf(stderr, "ERROR: smbfs filesystem not supported by the kernel\n");
break;
default:
perror("mount error");
}
fprintf(stderr, "Please refer to the smbmnt(8) manual page\n");
return -1;
}
ment.mnt_fsname = share_name ? share_name : (char *)"none";
ment.mnt_dir = mount_point;
ment.mnt_type = (char *)"smbfs";
ment.mnt_opts = (char *)"";
ment.mnt_freq = 0;
ment.mnt_passno= 0;
mount_point = ment.mnt_dir;
if (mount_point == NULL)
{
fprintf(stderr, "Mount point too long\n");
return -1;
}
if ((fd = open(MOUNTED"~", O_RDWR|O_CREAT|O_EXCL, 0600)) == -1)
{
fprintf(stderr, "Can't get "MOUNTED"~ lock file");
return 1;
}
close(fd);
if ((mtab = setmntent(MOUNTED, "a+")) == NULL)
{
fprintf(stderr, "Can't open " MOUNTED);
return 1;
}
if (addmntent(mtab, &ment) == 1)
{
fprintf(stderr, "Can't write mount entry");
return 1;
}
if (fchmod(fileno(mtab), 0644) == -1)
{
fprintf(stderr, "Can't set perms on "MOUNTED);
return 1;
}
endmntent(mtab);
if (unlink(MOUNTED"~") == -1)
{
fprintf(stderr, "Can't remove "MOUNTED"~");
return 1;
}
return 0;
}

1047
source3/client/smbmount.c
View File

File diff suppressed because it is too large Load Diff

196
source3/client/smbumount.c
View File

@ -1,196 +0,0 @@
/*
* smbumount.c
*
* Copyright (C) 1995-1998 by Volker Lendecke
*
*/
#define SMBMOUNT_MALLOC 1
#include "includes.h"
#include <mntent.h>
#include <asm/types.h>
#include <asm/posix_types.h>
#include <linux/smb.h>
#include <linux/smb_mount.h>
#include <linux/smb_fs.h>
/* This is a (hopefully) temporary hack due to the fact that
sizeof( uid_t ) != sizeof( __kernel_uid_t ) under glibc.
This may change in the future and smb.h may get fixed in the
future. In the mean time, it's ugly hack time - get over it.
*/
#undef SMB_IOC_GETMOUNTUID
#define SMB_IOC_GETMOUNTUID _IOR('u', 1, __kernel_uid_t)
#ifndef O_NOFOLLOW
#define O_NOFOLLOW 0400000
#endif
static void
usage(void)
{
printf("usage: smbumount mountpoint\n\n");
printf("Please be aware that smbfs is deprecated in favor of "
"cifs\n");
}
static int
umount_ok(const char *mount_point)
{
/* we set O_NOFOLLOW to prevent users playing games with symlinks to
umount filesystems they don't own */
int fid = open(mount_point, O_RDONLY|O_NOFOLLOW, 0);
__kernel_uid32_t mount_uid;
if (fid == -1) {
fprintf(stderr, "Could not open %s: %s\n",
mount_point, strerror(errno));
return -1;
}
if (ioctl(fid, SMB_IOC_GETMOUNTUID32, &mount_uid) != 0) {
__kernel_uid_t mount_uid16;
if (ioctl(fid, SMB_IOC_GETMOUNTUID, &mount_uid16) != 0) {
fprintf(stderr, "%s probably not smb-filesystem\n",
mount_point);
return -1;
}
mount_uid = mount_uid16;
}
if ((getuid() != 0)
&& (mount_uid != getuid())) {
fprintf(stderr, "You are not allowed to umount %s\n",
mount_point);
return -1;
}
close(fid);
return 0;
}
/* Make a canonical pathname from PATH. Returns a freshly malloced string.
It is up the *caller* to ensure that the PATH is sensible. i.e.
canonicalize ("/dev/fd0/.") returns "/dev/fd0" even though ``/dev/fd0/.''
is not a legal pathname for ``/dev/fd0'' Anything we cannot parse
we return unmodified. */
static char *
canonicalize (char *path)
{
char *canonical = (char*)malloc (PATH_MAX + 1);
if (!canonical) {
fprintf(stderr, "Error! Not enough memory!\n");
return NULL;
}
if (strlen(path) > PATH_MAX) {
fprintf(stderr, "Mount point string too long\n");
return NULL;
}
if (path == NULL)
return NULL;
if (realpath (path, canonical))
return canonical;
strncpy (canonical, path, PATH_MAX);
canonical[PATH_MAX] = '\0';
return canonical;
}
int
main(int argc, char *argv[])
{
int fd;
char* mount_point;
struct mntent *mnt;
FILE* mtab;
FILE* new_mtab;
TALLOC_CTX *frame = talloc_stackframe();
if (argc != 2) {
usage();
exit(1);
}
if (geteuid() != 0) {
fprintf(stderr, "smbumount must be installed suid root\n");
exit(1);
}
mount_point = canonicalize(argv[1]);
if (mount_point == NULL)
{
exit(1);
}
if (umount_ok(mount_point) != 0) {
exit(1);
}
if (umount(mount_point) != 0) {
fprintf(stderr, "Could not umount %s: %s\n",
mount_point, strerror(errno));
exit(1);
}
if ((fd = open(MOUNTED"~", O_RDWR|O_CREAT|O_EXCL, 0600)) == -1)
{
fprintf(stderr, "Can't get "MOUNTED"~ lock file");
return 1;
}
close(fd);
if ((mtab = setmntent(MOUNTED, "r")) == NULL) {
fprintf(stderr, "Can't open " MOUNTED ": %s\n",
strerror(errno));
return 1;
}
#define MOUNTED_TMP MOUNTED".tmp"
if ((new_mtab = setmntent(MOUNTED_TMP, "w")) == NULL) {
fprintf(stderr, "Can't open " MOUNTED_TMP ": %s\n",
strerror(errno));
endmntent(mtab);
return 1;
}
while ((mnt = getmntent(mtab)) != NULL) {
if (strcmp(mnt->mnt_dir, mount_point) != 0) {
addmntent(new_mtab, mnt);
}
}
endmntent(mtab);
if (fchmod (fileno (new_mtab), S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH) < 0) {
fprintf(stderr, "Error changing mode of %s: %s\n",
MOUNTED_TMP, strerror(errno));
exit(1);
}
endmntent(new_mtab);
if (rename(MOUNTED_TMP, MOUNTED) < 0) {
fprintf(stderr, "Cannot rename %s to %s: %s\n",
MOUNTED, MOUNTED_TMP, strerror(errno));
exit(1);
}
if (unlink(MOUNTED"~") == -1)
{
fprintf(stderr, "Can't remove "MOUNTED"~");
return 1;
}
TALLOC_FREE(frame);
return 0;
}

829
source3/configure.in
View File

File diff suppressed because it is too large Load Diff

5
source3/exports/libtalloc.syms
View File

@ -1,3 +1,6 @@
{
global: *;
global:
talloc_*;
_talloc_*;
local: *;
};

5
source3/include/ads.h
View File

@ -319,11 +319,6 @@ typedef void **ADS_MODLIST;
#define ADS_DNS_DOMAIN 0x40000000 /* DomainName is a DNS name */
#define ADS_DNS_FOREST 0x80000000 /* DnsForestName is a DNS name */
/* DomainControllerAddressType */
#define ADS_INET_ADDRESS 0x00000001
#define ADS_NETBIOS_ADDRESS 0x00000002
/* ads auth control flags */
#define ADS_AUTH_DISABLE_KERBEROS 0x01
#define ADS_AUTH_NO_BIND 0x02

134
source3/include/authdata.h
View File

@ -19,7 +19,7 @@
*/
#ifndef _AUTHDATA_H
#define _AUTHDATA_H
#define _AUTHDATA_H
#include "rpc_misc.h"
#include "rpc_netlogon.h"
@ -37,136 +37,4 @@
#define KRB5_AUTHDATA_IF_RELEVANT 1
#endif
typedef struct pac_logon_name {
NTTIME logon_time;
uint16 len;
uint8 *username; /* Actually always little-endian. might not be null terminated, so not UNISTR */
} PAC_LOGON_NAME;
typedef struct pac_signature_data {
uint32 type;
RPC_DATA_BLOB signature; /* this not the on-wire-format (!) */
} PAC_SIGNATURE_DATA;
typedef struct group_membership {
uint32 rid;
uint32 attrs;
} GROUP_MEMBERSHIP;
typedef struct group_membership_array {
uint32 count;
GROUP_MEMBERSHIP *group_membership;
} GROUP_MEMBERSHIP_ARRAY;
#if 0 /* Unused, replaced by NET_USER_INFO_3 - Guenther */
typedef struct krb_sid_and_attrs {
uint32 sid_ptr;
uint32 attrs;
DOM_SID2 *sid;
} KRB_SID_AND_ATTRS;
typedef struct krb_sid_and_attr_array {
uint32 count;
KRB_SID_AND_ATTRS *krb_sid_and_attrs;
} KRB_SID_AND_ATTR_ARRAY;
/* This is awfully similar to a samr_user_info_23, but not identical.
Many of the field names have been swiped from there, because it is
so similar that they are likely the same, but many have been verified.
Some are in a different order, though... */
typedef struct pac_logon_info {
NTTIME logon_time; /* logon time */
NTTIME logoff_time; /* logoff time */
NTTIME kickoff_time; /* kickoff time */
NTTIME pass_last_set_time; /* password last set time */
NTTIME pass_can_change_time; /* password can change time */
NTTIME pass_must_change_time; /* password must change time */
UNIHDR hdr_user_name; /* user name unicode string header */
UNIHDR hdr_full_name; /* user's full name unicode string header */
UNIHDR hdr_logon_script; /* these last 4 appear to be in a different */
UNIHDR hdr_profile_path; /* order than in the info23 */
UNIHDR hdr_home_dir;
UNIHDR hdr_dir_drive;
uint16 logon_count; /* number of times user has logged onto domain */
uint16 bad_password_count; /* samba4 idl */
uint32 user_rid;
uint32 group_rid;
uint32 group_count;
uint32 group_membership_ptr;
uint32 user_flags;
uint8 session_key[16]; /* samba4 idl */
UNIHDR hdr_dom_controller;
UNIHDR hdr_dom_name;
uint32 ptr_dom_sid;
uint8 lm_session_key[8]; /* samba4 idl */
uint32 acct_flags; /* samba4 idl */
uint32 unknown[7];
uint32 sid_count;
uint32 ptr_extra_sids;
uint32 ptr_res_group_dom_sid;
uint32 res_group_count;
uint32 ptr_res_groups;
UNISTR2 uni_user_name; /* user name unicode string header */
UNISTR2 uni_full_name; /* user's full name unicode string header */
UNISTR2 uni_logon_script; /* these last 4 appear to be in a different*/
UNISTR2 uni_profile_path; /* order than in the info23 */
UNISTR2 uni_home_dir;
UNISTR2 uni_dir_drive;
UNISTR2 uni_dom_controller;
UNISTR2 uni_dom_name;
DOM_SID2 dom_sid;
GROUP_MEMBERSHIP_ARRAY groups;
KRB_SID_AND_ATTR_ARRAY extra_sids;
DOM_SID2 res_group_dom_sid;
GROUP_MEMBERSHIP_ARRAY res_groups;
} PAC_LOGON_INFO;
#endif
typedef struct pac_logon_info {
NET_USER_INFO_3 info3;
DOM_SID2 res_group_dom_sid;
GROUP_MEMBERSHIP_ARRAY res_groups;
} PAC_LOGON_INFO;
typedef struct pac_info_ctr
{
union
{
PAC_LOGON_INFO *logon_info;
PAC_SIGNATURE_DATA *srv_cksum;
PAC_SIGNATURE_DATA *privsrv_cksum;
PAC_LOGON_NAME *logon_name;
} pac;
} PAC_INFO_CTR;
typedef struct pac_buffer {
uint32 type;
uint32 size;
uint32 offset;
uint32 offsethi;
PAC_INFO_CTR *ctr;
uint32 pad;
} PAC_BUFFER;
typedef struct pac_data {
uint32 num_buffers;
uint32 version;
PAC_BUFFER *pac_buffer;
} PAC_DATA;
#endif

6
source3/include/byteorder.h
View File

@ -167,4 +167,10 @@ it also defines lots of intermediate macros, just ignore those :-)
#define ALIGN4(p,base) ((p) + ((4 - (PTR_DIFF((p), (base)) & 3)) & 3))
#define ALIGN2(p,base) ((p) + ((2 - (PTR_DIFF((p), (base)) & 1)) & 1))
/* 64 bit macros */
#define BVAL(p, ofs) (IVAL(p,ofs) | (((uint64_t)IVAL(p,(ofs)+4)) << 32))
#define BVALS(p, ofs) ((int64_t)BVAL(p,ofs))
#define SBVAL(p, ofs, v) (SIVAL(p,ofs,(v)&0xFFFFFFFF), SIVAL(p,(ofs)+4,((uint64_t)(v))>>32))
#define SBVALS(p, ofs, v) (SBVAL(p,ofs,(uint64_t)v))
#endif /* _BYTEORDER_H */

7
source3/include/client.h
View File

@ -82,7 +82,12 @@ struct rpc_pipe_client {
};
/* Transport encryption state. */
enum smb_trans_enc_type { SMB_TRANS_ENC_NTLM, SMB_TRANS_ENC_GSS };
enum smb_trans_enc_type {
SMB_TRANS_ENC_NTLM
#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5)
, SMB_TRANS_ENC_GSS
#endif
};
#if defined(HAVE_GSSAPI) && defined(HAVE_KRB5)
struct smb_tran_enc_state_gss {

64
source3/include/gpo.h
View File

@ -1,7 +1,7 @@
/*
* Unix SMB/CIFS implementation.
* Group Policy Object Support
* Copyright (C) Guenther Deschner 2005-2007
* Copyright (C) Guenther Deschner 2005-2008
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -22,7 +22,8 @@ enum GPO_LINK_TYPE {
GP_LINK_MACHINE = 1,
GP_LINK_SITE = 2,
GP_LINK_DOMAIN = 3,
GP_LINK_OU = 4
GP_LINK_OU = 4,
GP_LINK_LOCAL = 5 /* for convenience */
};
/* GPO_OPTIONS */
@ -33,6 +34,17 @@ enum GPO_LINK_TYPE {
#define GPO_LIST_FLAG_MACHINE 0x00000001
#define GPO_LIST_FLAG_SITEONLY 0x00000002
/* following flags from http://support.microsoft.com/kb/312164/EN-US/ */
#define GPO_INFO_FLAG_MACHINE 0x00000001
#define GPO_INFO_FLAG_BACKGROUND 0x00000010
#define GPO_INFO_FLAG_SLOWLINK 0x00000020
#define GPO_INFO_FLAG_VERBOSE 0x00000040
#define GPO_INFO_FLAG_NOCHANGES 0x00000080
#define GPO_INFO_FLAG_LINKTRANSITION 0x00000100
#define GPO_INFO_FLAG_LOGRSOP_TRANSITION 0x00000200
#define GPO_INFO_FLAG_FORCED_REFRESH 0x00000400
#define GPO_INFO_FLAG_SAFEMODE_BOOT 0x00000800
#define GPO_VERSION_USER(x) (x >> 16)
#define GPO_VERSION_MACHINE(x) (x & 0xffff)
@ -88,11 +100,59 @@ struct GP_EXT {
char **extensions_guid;
char **snapins;
char **snapins_guid;
struct GP_EXT *next, *prev;
};
#define GPO_CACHE_DIR "gpo_cache"
#define GPT_INI "GPT.INI"
#define GPO_REFRESH_INTERVAL 60*90
#define GPO_REG_STATE_MACHINE "State\\Machine"
enum gp_reg_action {
GP_REG_ACTION_NONE = 0,
GP_REG_ACTION_ADD_VALUE = 1,
GP_REG_ACTION_ADD_KEY = 2,
GP_REG_ACTION_DEL_VALUES = 3,
GP_REG_ACTION_DEL_VALUE = 4,
GP_REG_ACTION_DEL_ALL_VALUES = 5,
GP_REG_ACTION_DEL_KEYS = 6,
GP_REG_ACTION_SEC_KEY_SET = 7,
GP_REG_ACTION_SEC_KEY_RESET = 8
};
struct gp_registry_entry {
enum gp_reg_action action;
const char *key;
const char *value;
struct registry_value *data;
};
struct gp_registry_value {
const char *value;
struct registry_value *data;
};
struct gp_registry_entry2 {
enum gp_reg_action action;
const char *key;
size_t num_values;
struct gp_registry_value **values;
};
struct gp_registry_entries {
size_t num_entries;
struct gp_registry_entry **entries;
};
struct gp_registry_context {
const struct nt_user_token *token;
const char *path;
struct registry_key *curr_key;
};
#define GP_EXT_GUID_SECURITY "827D319E-6EAC-11D2-A4EA-00C04F79F83A"
#define GP_EXT_GUID_REGISTRY "35378EAC-683F-11D2-A89A-00C04FBBCFA2"
#define GP_EXT_GUID_SCRIPTS "42B5FAAE-6536-11D2-AE5A-0000F87571E3"
#include "libgpo/gpext/gpext.h"

15
source3/include/includes.h
View File

@ -698,7 +698,6 @@ typedef char fstring[FSTRING_LEN];
#include "rpc_netlogon.h"
#include "reg_objects.h"
#include "reg_db.h"
#include "rpc_samr.h"
#include "rpc_srvsvc.h"
#include "rpc_spoolss.h"
#include "rpc_eventlog.h"
@ -1170,15 +1169,15 @@ bool kerberos_compatible_enctypes(krb5_context context, krb5_enctype enctype1, k
void kerberos_free_data_contents(krb5_context context, krb5_data *pdata);
NTSTATUS decode_pac_data(TALLOC_CTX *mem_ctx,
DATA_BLOB *pac_data_blob,
krb5_context context,
krb5_context context,
krb5_keyblock *service_keyblock,
krb5_const_principal client_principal,
time_t tgs_authtime,
PAC_DATA **pac_data);
struct PAC_DATA **pac_data_out);
void smb_krb5_checksum_from_pac_sig(krb5_checksum *cksum,
PAC_SIGNATURE_DATA *sig);
struct PAC_SIGNATURE_DATA *sig);
krb5_error_code smb_krb5_verify_checksum(krb5_context context,
krb5_keyblock *keyblock,
const krb5_keyblock *keyblock,
krb5_keyusage usage,
krb5_checksum *cksum,
uint8 *data,
@ -1206,7 +1205,6 @@ bool smb_krb5_principal_compare_any_realm(krb5_context context,
krb5_const_principal princ2);
int cli_krb5_get_ticket(const char *principal, time_t time_offset,
DATA_BLOB *ticket, DATA_BLOB *session_key_krb5, uint32 extra_ap_opts, const char *ccname, time_t *tgs_expire);
PAC_LOGON_INFO *get_logon_info_from_pac(PAC_DATA *pac_data);
krb5_error_code smb_krb5_renew_ticket(const char *ccache_string, const char *client_string, const char *service_string, time_t *expire_time);
krb5_error_code kpasswd_err_to_krb5_err(krb5_error_code res_code);
krb5_error_code smb_krb5_gen_netbios_krb5_address(smb_krb5_addresses **kerb_addr);
@ -1289,4 +1287,9 @@ void exit_server_fault(void) NORETURN_ATTRIBUTE ;
#include "libnscd.h"
#endif
#if defined(HAVE_IPV6)
void in6_addr_to_sockaddr_storage(struct sockaddr_storage *ss,
struct in6_addr ip);
#endif
#endif /* _INCLUDES_H */

446
source3/include/libsmb_internal.h
View File

@ -1,12 +1,71 @@
/*
Unix SMB/Netbios implementation.
SMB client library implementation
Copyright (C) Andrew Tridgell 1998
Copyright (C) Richard Sharpe 2000, 2002
Copyright (C) John Terpstra 2000
Copyright (C) Tom Jansen (Ninja ISD) 2002
Copyright (C) Derrell Lipman 2003-2008
Copyright (C) Jeremy Allison 2007, 2008
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
#ifndef _LIBSMB_INTERNAL_H_
#define _LIBSMB_INTERNAL_H_
#include "../include/libsmbclient.h"
#define SMBC_MAX_NAME 1023
#define SMBC_FILE_MODE (S_IFREG | 0444)
#define SMBC_DIR_MODE (S_IFDIR | 0555)
/*
* DOS Attribute values (used internally)
*/
typedef struct DOS_ATTR_DESC {
int mode;
SMB_OFF_T size;
time_t create_time;
time_t access_time;
time_t write_time;
time_t change_time;
SMB_INO_T inode;
} DOS_ATTR_DESC;
#include "include/libsmbclient.h"
/*
* Internal flags for extended attributes
*/
/* internal mode values */
#define SMBC_XATTR_MODE_ADD 1
#define SMBC_XATTR_MODE_REMOVE 2
#define SMBC_XATTR_MODE_REMOVE_ALL 3
#define SMBC_XATTR_MODE_SET 4
#define SMBC_XATTR_MODE_CHOWN 5
#define SMBC_XATTR_MODE_CHGRP 6
#define CREATE_ACCESS_READ READ_CONTROL_ACCESS
/*We should test for this in configure ... */
#ifndef ENOTSUP
#define ENOTSUP EOPNOTSUPP
#endif
struct _SMBCSRV {
@ -46,12 +105,13 @@ struct _SMBCFILE {
};
struct smbc_internal_data {
/*
* Context structure
*/
struct SMBC_internal_data {
/*
* Is this handle initialized ?
*/
bool _initialized;
/* True when this handle is initialized */
bool initialized;
/* dirent pointer location
*
@ -64,22 +124,22 @@ struct smbc_internal_data {
* According to <linux/limits.h>, NAME_MAX is 255. Is it longer
* anyplace else?
*/
char _dirent[1024];
char dirent[1024];
/*
* server connection list
*/
SMBCSRV * _servers;
SMBCSRV * servers;
/*
* open file/dir list
*/
SMBCFILE * _files;
SMBCFILE * files;
/*
* Log to standard error instead of the more typical standard output
*/
bool _debug_stderr;
bool debug_stderr;
/*
* Support "Create Time" in get/set with the *xattr() functions, if
@ -88,33 +148,389 @@ struct smbc_internal_data {
* CREATE_TIME. Default is FALSE, i.e. to use the old-style shorter
* names and to not support CREATE time, for backward compatibility.
*/
bool _full_time_names;
bool full_time_names;
/*
* The share mode of a file being opened. To match POSIX semantics
* (and maintain backward compatibility), DENY_NONE is the default.
*/
smbc_share_mode _share_mode;
smbc_share_mode share_mode;
/*
* Authentication function which includes the context. This will be
* used if set; otherwise context->callbacks.auth_fn() will be used.
*/
smbc_get_auth_data_with_context_fn _auth_fn_with_context;
smbc_get_auth_data_with_context_fn auth_fn_with_context;
/*
* An opaque (to this library) user data handle which can be set
* and retrieved with smbc_option_set() and smbc_option_get().
*/
void * _user_data;
void * user_data;
/*
* Should we attempt UNIX smb encryption ?
* Set to 0 if we should never attempt, set to 1 if
* encryption requested, set to 2 if encryption required.
*/
int _smb_encryption_level;
smbc_smb_encrypt_level smb_encryption_level;
struct smbc_server_cache * server_cache;
/* POSIX emulation functions */
struct
{
#if 0 /* Left in libsmbclient.h for backward compatibility */
smbc_open_fn open_fn;
smbc_creat_fn creat_fn;
smbc_read_fn read_fn;
smbc_write_fn write_fn;
smbc_unlink_fn unlink_fn;
smbc_rename_fn rename_fn;
smbc_lseek_fn lseek_fn;
smbc_stat_fn stat_fn;
smbc_fstat_fn fstat_fn;
#endif
smbc_ftruncate_fn ftruncate_fn;
#if 0 /* Left in libsmbclient.h for backward compatibility */
smbc_close_fn close_fn;
smbc_opendir_fn opendir_fn;
smbc_closedir_fn closedir_fn;
smbc_readdir_fn readdir_fn;
smbc_getdents_fn getdents_fn;
smbc_mkdir_fn mkdir_fn;
smbc_rmdir_fn rmdir_fn;
smbc_telldir_fn telldir_fn;
smbc_lseekdir_fn lseekdir_fn;
smbc_fstatdir_fn fstatdir_fn;
smbc_chmod_fn chmod_fn;
smbc_utimes_fn utimes_fn;
smbc_setxattr_fn setxattr_fn;
smbc_getxattr_fn getxattr_fn;
smbc_removexattr_fn removexattr_fn;
smbc_listxattr_fn listxattr_fn;
#endif
} posix_emu;
#if 0 /* Left in libsmbclient.h for backward compatibility */
/* Printing-related functions */
struct
{
smbc_print_file_fn print_file_fn;
smbc_open_print_job_fn open_print_job_fn;
smbc_list_print_jobs_fn list_print_jobs_fn;
smbc_unlink_print_job_fn unlink_print_job_fn;
} printing;
#endif
#if 0 /* None available yet */
/* SMB high-level functions */
struct
{
} smb;
#endif
};
/* Functions in libsmb_cache.c */
int
SMBC_add_cached_server(SMBCCTX * context,
SMBCSRV * newsrv,
const char * server,
const char * share,
const char * workgroup,
const char * username);
SMBCSRV *
SMBC_get_cached_server(SMBCCTX * context,
const char * server,
const char * share,
const char * workgroup,
const char * user);
int
SMBC_remove_cached_server(SMBCCTX * context,
SMBCSRV * server);
int
SMBC_purge_cached_servers(SMBCCTX * context);
/* Functions in libsmb_dir.c */
int
SMBC_check_options(char *server,
char *share,
char *path,
char *options);
SMBCFILE *
SMBC_opendir_ctx(SMBCCTX *context,
const char *fname);
int
SMBC_closedir_ctx(SMBCCTX *context,
SMBCFILE *dir);
struct smbc_dirent *
SMBC_readdir_ctx(SMBCCTX *context,
SMBCFILE *dir);
int
SMBC_getdents_ctx(SMBCCTX *context,
SMBCFILE *dir,
struct smbc_dirent *dirp,
int count);
int
SMBC_mkdir_ctx(SMBCCTX *context,
const char *fname,
mode_t mode);
int
SMBC_rmdir_ctx(SMBCCTX *context,
const char *fname);
off_t
SMBC_telldir_ctx(SMBCCTX *context,
SMBCFILE *dir);
int
SMBC_lseekdir_ctx(SMBCCTX *context,
SMBCFILE *dir,
off_t offset);
int
SMBC_fstatdir_ctx(SMBCCTX *context,
SMBCFILE *dir,
struct stat *st);
int
SMBC_chmod_ctx(SMBCCTX *context,
const char *fname,
mode_t newmode);
int
SMBC_utimes_ctx(SMBCCTX *context,
const char *fname,
struct timeval *tbuf);
int
SMBC_unlink_ctx(SMBCCTX *context,
const char *fname);
int
SMBC_rename_ctx(SMBCCTX *ocontext,
const char *oname,
SMBCCTX *ncontext,
const char *nname);
/* Functions in libsmb_file.c */
SMBCFILE *
SMBC_open_ctx(SMBCCTX *context,
const char *fname,
int flags,
mode_t mode);
SMBCFILE *
SMBC_creat_ctx(SMBCCTX *context,
const char *path,
mode_t mode);
ssize_t
SMBC_read_ctx(SMBCCTX *context,
SMBCFILE *file,
void *buf,
size_t count);
ssize_t
SMBC_write_ctx(SMBCCTX *context,
SMBCFILE *file,
void *buf,
size_t count);
int
SMBC_close_ctx(SMBCCTX *context,
SMBCFILE *file);
bool
SMBC_getatr(SMBCCTX * context,
SMBCSRV *srv,
char *path,
uint16 *mode,
SMB_OFF_T *size,
struct timespec *create_time_ts,
struct timespec *access_time_ts,
struct timespec *write_time_ts,
struct timespec *change_time_ts,
SMB_INO_T *ino);
bool
SMBC_setatr(SMBCCTX * context, SMBCSRV *srv, char *path,
time_t create_time,
time_t access_time,
time_t write_time,
time_t change_time,
uint16 mode);
off_t
SMBC_lseek_ctx(SMBCCTX *context,
SMBCFILE *file,
off_t offset,
int whence);
int
SMBC_ftruncate_ctx(SMBCCTX *context,
SMBCFILE *file,
off_t length);
/* Functions in libsmb_misc.c */
int
SMBC_dlist_contains(SMBCFILE * list, SMBCFILE *p);
int
SMBC_errno(SMBCCTX *context,
struct cli_state *c);
/* Functions in libsmb_path.c */
int
SMBC_urldecode(char *dest,
char *src,
size_t max_dest_len);
int
SMBC_urlencode(char *dest,
char *src,
int max_dest_len);
int
SMBC_parse_path(TALLOC_CTX *ctx,
SMBCCTX *context,
const char *fname,
char **pp_workgroup,
char **pp_server,
char **pp_share,
char **pp_path,
char **pp_user,
char **pp_password,
char **pp_options);
/* Functions in libsmb_printjob.c */
SMBCFILE *
SMBC_open_print_job_ctx(SMBCCTX *context,
const char *fname);
int
SMBC_print_file_ctx(SMBCCTX *c_file,
const char *fname,
SMBCCTX *c_print,
const char *printq);
int
SMBC_list_print_jobs_ctx(SMBCCTX *context,
const char *fname,
smbc_list_print_job_fn fn);
int
SMBC_unlink_print_job_ctx(SMBCCTX *context,
const char *fname,
int id);
/* Functions in libsmb_server.c */
int
SMBC_check_server(SMBCCTX * context,
SMBCSRV * server);
int
SMBC_remove_unused_server(SMBCCTX * context,
SMBCSRV * srv);
void
SMBC_call_auth_fn(TALLOC_CTX *ctx,
SMBCCTX *context,
const char *server,
const char *share,
char **pp_workgroup,
char **pp_username,
char **pp_password);
void
SMBC_get_auth_data(const char *server, const char *share,
char *workgroup_buf, int workgroup_buf_len,
char *username_buf, int username_buf_len,
char *password_buf, int password_buf_len);
SMBCSRV *
SMBC_find_server(TALLOC_CTX *ctx,
SMBCCTX *context,
const char *server,
const char *share,
char **pp_workgroup,
char **pp_username,
char **pp_password);
SMBCSRV *
SMBC_server(TALLOC_CTX *ctx,
SMBCCTX *context,
bool connect_if_not_found,
const char *server,
const char *share,
char **pp_workgroup,
char **pp_username,
char **pp_password);
SMBCSRV *
SMBC_attr_server(TALLOC_CTX *ctx,
SMBCCTX *context,
const char *server,
const char *share,
char **pp_workgroup,
char **pp_username,
char **pp_password);
/* Functions in libsmb_stat.c */
int
SMBC_stat_ctx(SMBCCTX *context,
const char *fname,
struct stat *st);
int
SMBC_fstat_ctx(SMBCCTX *context,
SMBCFILE *file,
struct stat *st);
/* Functions in libsmb_xattr.c */
int
SMBC_setxattr_ctx(SMBCCTX *context,
const char *fname,
const char *name,
const void *value,
size_t size,
int flags);
int
SMBC_getxattr_ctx(SMBCCTX *context,
const char *fname,
const char *name,
const void *value,
size_t size);
int
SMBC_removexattr_ctx(SMBCCTX *context,
const char *fname,
const char *name);
int
SMBC_listxattr_ctx(SMBCCTX *context,
const char *fname,
char *list,
size_t size);
#endif

1030
source3/include/libsmbclient.h
View File

File diff suppressed because it is too large Load Diff

6
source3/include/ntdomain.h
View File

@ -135,9 +135,9 @@ struct handle_list {
/* Domain controller authentication protocol info */
struct dcinfo {
uint32 sequence; /* "timestamp" from client. */
DOM_CHAL seed_chal;
DOM_CHAL clnt_chal; /* Client credential */
DOM_CHAL srv_chal; /* Server credential */
struct netr_Credential seed_chal;
struct netr_Credential clnt_chal; /* Client credential */
struct netr_Credential srv_chal; /* Server credential */
unsigned char sess_key[16]; /* Session key - 8 bytes followed by 8 zero bytes */
unsigned char mach_pw[16]; /* md4(machine password) */

7
source3/include/reg_objects.h
View File

@ -105,9 +105,16 @@ typedef struct {
#define KEY_CURRENT_VERSION "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion"
#define KEY_PERFLIB "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Perflib"
#define KEY_PERFLIB_009 "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Perflib\\009"
#define KEY_GROUP_POLICY "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Group Policy"
#define KEY_WINLOGON "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon"
#define KEY_SMBCONF "HKLM\\SOFTWARE\\Samba\\smbconf"
#define KEY_SAMBA_GROUP_POLICY "HKLM\\SOFTWARE\\Samba\\Group Policy"
#define KEY_TREE_ROOT ""
#define KEY_GP_MACHINE_POLICY "HKLM\\Software\\Policies"
#define KEY_GP_MACHINE_WIN_POLICY "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies"
#define KEY_GP_USER_POLICY "HKCU\\Software\\Policies"
#define KEY_GP_USER_WIN_POLICY "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies"
/*
* Registry key types
* Most keys are going to be GENERIC -- may need a better name?

79
source3/include/rpc_brs.h
View File

@ -1,79 +0,0 @@
/*
Unix SMB/CIFS implementation.
SMB parameters and setup
Copyright (C) Andrew Tridgell 1992-1999
Copyright (C) Luke Kenneth Casson Leighton 1996-1999
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef _RPC_BRS_H /* _RPC_BRS_H */
#define _RPC_BRS_H
/* brssvc pipe */
#define BRS_QUERY_INFO 0x02
/* BRS_Q_QUERY_INFO - probably a capabilities request */
typedef struct q_brs_query_info_info
{
uint32 ptr_srv_name; /* pointer (to server name?) */
UNISTR2 uni_srv_name; /* unicode server name starting with '\\' */
uint16 switch_value1; /* info level 100 (0x64) */
/* align */
uint16 switch_value2; /* info level 100 (0x64) */
uint32 ptr;
uint32 pad1;
uint32 pad2;
} BRS_Q_QUERY_INFO;
/* BRS_INFO_100 - level 100 info */
typedef struct brs_info_100_info
{
uint32 pad1;
uint32 ptr2;
uint32 pad2;
uint32 pad3;
} BRS_INFO_100;
/* BRS_R_QUERY_INFO - probably a capabilities request */
typedef struct r_brs_query_info_info
{
uint16 switch_value1; /* 100 (0x64) - switch value */
/* align */
uint16 switch_value2; /* info level 100 (0x64) */
/* for now, only level 100 is supported. this should be an enum container */
uint32 ptr_1; /* pointer 1 */
union
{
BRS_INFO_100 *brs100; /* browser info level 100 */
void *id;
} info;
NTSTATUS status; /* return status */
} BRS_R_QUERY_INFO;
#endif /* _RPC_BRS_H */

1
source3/include/rpc_client.h
View File

@ -34,6 +34,7 @@
#include "librpc/gen_ndr/cli_samr.h"
#include "librpc/gen_ndr/cli_netlogon.h"
#include "librpc/gen_ndr/cli_dssetup.h"
#include "librpc/gen_ndr/cli_ntsvcs.h"
/* macro to expand cookie-cutter code in cli_xxx() using rpc_api_pipe_req() */

574
source3/include/rpc_lsa.h
View File

@ -23,547 +23,37 @@
#ifndef _RPC_LSA_H /* _RPC_LSA_H */
#define _RPC_LSA_H
/* Opcodes available on PIPE_LSARPC */
#define LSA_CLOSE 0x00
#define LSA_DELETE 0x01
#define LSA_ENUM_PRIVS 0x02
#define LSA_QUERYSECOBJ 0x03
#define LSA_SETSECOBJ 0x04
#define LSA_CHANGEPASSWORD 0x05
#define LSA_OPENPOLICY 0x06
#define LSA_QUERYINFOPOLICY 0x07
#define LSA_SETINFOPOLICY 0x08
#define LSA_CLEARAUDITLOG 0x09
#define LSA_CREATEACCOUNT 0x0a
#define LSA_ENUM_ACCOUNTS 0x0b
#define LSA_CREATETRUSTDOM 0x0c /* TODO: implement this one -- jerry */
#define LSA_ENUMTRUSTDOM 0x0d
#define LSA_LOOKUPNAMES 0x0e
#define LSA_LOOKUPSIDS 0x0f
#define LSA_CREATESECRET 0x10 /* TODO: implement this one -- jerry */
#define LSA_OPENACCOUNT 0x11
#define LSA_ENUMPRIVSACCOUNT 0x12
#define LSA_ADDPRIVS 0x13
#define LSA_REMOVEPRIVS 0x14
#define LSA_GETQUOTAS 0x15
#define LSA_SETQUOTAS 0x16
#define LSA_GETSYSTEMACCOUNT 0x17
#define LSA_SETSYSTEMACCOUNT 0x18
#define LSA_OPENTRUSTDOM 0x19
#define LSA_QUERYTRUSTDOMINFO 0x1a
#define LSA_SETINFOTRUSTDOM 0x1b
#define LSA_OPENSECRET 0x1c /* TODO: implement this one -- jerry */
#define LSA_SETSECRET 0x1d /* TODO: implement this one -- jerry */
#define LSA_QUERYSECRET 0x1e
#define LSA_LOOKUPPRIVVALUE 0x1f
#define LSA_LOOKUPPRIVNAME 0x20
#define LSA_PRIV_GET_DISPNAME 0x21
#define LSA_DELETEOBJECT 0x22 /* TODO: implement this one -- jerry */
#define LSA_ENUMACCTWITHRIGHT 0x23 /* TODO: implement this one -- jerry */
#define LSA_ENUMACCTRIGHTS 0x24
#define LSA_ADDACCTRIGHTS 0x25
#define LSA_REMOVEACCTRIGHTS 0x26
#define LSA_QUERYTRUSTDOMINFOBYSID 0x27
#define LSA_SETTRUSTDOMINFO 0x28
#define LSA_DELETETRUSTDOM 0x29
#define LSA_STOREPRIVDATA 0x2a
#define LSA_RETRPRIVDATA 0x2b
#define LSA_OPENPOLICY2 0x2c
#define LSA_UNK_GET_CONNUSER 0x2d /* LsaGetConnectedCredentials ? */
#define LSA_QUERYINFO2 0x2e
#define LSA_QUERYTRUSTDOMINFOBYNAME 0x30
#define LSA_QUERYDOMINFOPOL 0x35
#define LSA_OPENTRUSTDOMBYNAME 0x37
#define LSA_LOOKUPSIDS2 0x39
#define LSA_LOOKUPNAMES2 0x3a
#define LSA_LOOKUPNAMES3 0x44
#define LSA_LOOKUPSIDS3 0x4c
#define LSA_LOOKUPNAMES4 0x4d
/* XXXX these are here to get a compile! */
#define LSA_LOOKUPRIDS 0xFD
#define LSA_AUDIT_NUM_CATEGORIES_NT4 7
#define LSA_AUDIT_NUM_CATEGORIES_WIN2K 9
#define LSA_AUDIT_NUM_CATEGORIES LSA_AUDIT_NUM_CATEGORIES_NT4
#define POLICY_VIEW_LOCAL_INFORMATION 0x00000001
#define POLICY_VIEW_AUDIT_INFORMATION 0x00000002
#define POLICY_GET_PRIVATE_INFORMATION 0x00000004
#define POLICY_TRUST_ADMIN 0x00000008
#define POLICY_CREATE_ACCOUNT 0x00000010
#define POLICY_CREATE_SECRET 0x00000020
#define POLICY_CREATE_PRIVILEGE 0x00000040
#define POLICY_SET_DEFAULT_QUOTA_LIMITS 0x00000080
#define POLICY_SET_AUDIT_REQUIREMENTS 0x00000100
#define POLICY_AUDIT_LOG_ADMIN 0x00000200
#define POLICY_SERVER_ADMIN 0x00000400
#define POLICY_LOOKUP_NAMES 0x00000800
#define POLICY_ALL_ACCESS ( STANDARD_RIGHTS_REQUIRED_ACCESS |\
POLICY_VIEW_LOCAL_INFORMATION |\
POLICY_VIEW_AUDIT_INFORMATION |\
POLICY_GET_PRIVATE_INFORMATION |\
POLICY_TRUST_ADMIN |\
POLICY_CREATE_ACCOUNT |\
POLICY_CREATE_SECRET |\
POLICY_CREATE_PRIVILEGE |\
POLICY_SET_DEFAULT_QUOTA_LIMITS |\
POLICY_SET_AUDIT_REQUIREMENTS |\
POLICY_AUDIT_LOG_ADMIN |\
POLICY_SERVER_ADMIN |\
POLICY_LOOKUP_NAMES )
#define POLICY_READ ( STANDARD_RIGHTS_READ_ACCESS |\
POLICY_VIEW_AUDIT_INFORMATION |\
POLICY_GET_PRIVATE_INFORMATION)
#define POLICY_WRITE ( STD_RIGHT_READ_CONTROL_ACCESS |\
POLICY_TRUST_ADMIN |\
POLICY_CREATE_ACCOUNT |\
POLICY_CREATE_SECRET |\
POLICY_CREATE_PRIVILEGE |\
POLICY_SET_DEFAULT_QUOTA_LIMITS |\
POLICY_SET_AUDIT_REQUIREMENTS |\
POLICY_AUDIT_LOG_ADMIN |\
POLICY_SERVER_ADMIN)
#define POLICY_EXECUTE ( STANDARD_RIGHTS_EXECUTE_ACCESS |\
POLICY_VIEW_LOCAL_INFORMATION |\
POLICY_LOOKUP_NAMES )
/*******************************************************/
/*******************************************************/
#define MAX_REF_DOMAINS 32
/* DOM_TRUST_HDR */
typedef struct dom_trust_hdr
{
UNIHDR hdr_dom_name; /* referenced domain unicode string headers */
uint32 ptr_dom_sid;
} DOM_TRUST_HDR;
/* DOM_TRUST_INFO */
typedef struct dom_trust_info
{
UNISTR2 uni_dom_name; /* domain name unicode string */
DOM_SID2 ref_dom ; /* referenced domain SID */
} DOM_TRUST_INFO;
/* DOM_R_REF */
typedef struct dom_ref_info
{
uint32 num_ref_doms_1; /* num referenced domains */
uint32 ptr_ref_dom; /* pointer to referenced domains */
uint32 max_entries; /* 32 - max number of entries */
uint32 num_ref_doms_2; /* num referenced domains */
DOM_TRUST_HDR hdr_ref_dom[MAX_REF_DOMAINS]; /* referenced domains */
DOM_TRUST_INFO ref_dom [MAX_REF_DOMAINS]; /* referenced domains */
} DOM_R_REF;
/* the domain_idx points to a SID associated with the name */
/* LSA_TRANS_NAME - translated name */
typedef struct lsa_trans_name_info
{
uint16 sid_name_use; /* value is 5 for a well-known group; 2 for a domain group; 1 for a user... */
UNIHDR hdr_name;
uint32 domain_idx; /* index into DOM_R_REF array of SIDs */
} LSA_TRANS_NAME;
/* LSA_TRANS_NAME2 - translated name */
typedef struct lsa_trans_name_info2
{
uint16 sid_name_use; /* value is 5 for a well-known group; 2 for a domain group; 1 for a user... */
UNIHDR hdr_name;
uint32 domain_idx; /* index into DOM_R_REF array of SIDs */
uint32 unknown;
} LSA_TRANS_NAME2;
/* This number is based on Win2k and later maximum response allowed */
#define MAX_LOOKUP_SIDS 20480 /* 0x5000 */
/* LSA_TRANS_NAME_ENUM - LSA Translated Name Enumeration container */
typedef struct lsa_trans_name_enum_info
{
uint32 num_entries;
uint32 ptr_trans_names;
uint32 num_entries2;
LSA_TRANS_NAME *name; /* translated names */
UNISTR2 *uni_name;
} LSA_TRANS_NAME_ENUM;
/* LSA_TRANS_NAME_ENUM2 - LSA Translated Name Enumeration container 2 */
typedef struct lsa_trans_name_enum_info2
{
uint32 num_entries;
uint32 ptr_trans_names;
uint32 num_entries2;
LSA_TRANS_NAME2 *name; /* translated names */
UNISTR2 *uni_name;
} LSA_TRANS_NAME_ENUM2;
/* LSA_SID_ENUM - LSA SID enumeration container */
typedef struct lsa_sid_enum_info
{
uint32 num_entries;
uint32 ptr_sid_enum;
uint32 num_entries2;
uint32 *ptr_sid; /* domain SID pointers to be looked up. */
DOM_SID2 *sid; /* domain SIDs to be looked up. */
} LSA_SID_ENUM;
/* LSA_Q_LOOKUP_SIDS - LSA Lookup SIDs */
typedef struct lsa_q_lookup_sids
{
POLICY_HND pol; /* policy handle */
LSA_SID_ENUM sids;
LSA_TRANS_NAME_ENUM names;
uint16 level;
uint32 mapped_count;
} LSA_Q_LOOKUP_SIDS;
/* LSA_R_LOOKUP_SIDS - response to LSA Lookup SIDs */
typedef struct lsa_r_lookup_sids
{
uint32 ptr_dom_ref;
DOM_R_REF *dom_ref; /* domain reference info */
LSA_TRANS_NAME_ENUM names;
uint32 mapped_count;
NTSTATUS status; /* return code */
} LSA_R_LOOKUP_SIDS;
/* LSA_Q_LOOKUP_SIDS2 - LSA Lookup SIDs 2*/
typedef struct lsa_q_lookup_sids2
{
POLICY_HND pol; /* policy handle */
LSA_SID_ENUM sids;
LSA_TRANS_NAME_ENUM2 names;
uint16 level;
uint32 mapped_count;
uint32 unknown1;
uint32 unknown2;
} LSA_Q_LOOKUP_SIDS2;
/* LSA_R_LOOKUP_SIDS2 - response to LSA Lookup SIDs 2*/
typedef struct lsa_r_lookup_sids2
{
uint32 ptr_dom_ref;
DOM_R_REF *dom_ref; /* domain reference info */
LSA_TRANS_NAME_ENUM2 names;
uint32 mapped_count;
NTSTATUS status; /* return code */
} LSA_R_LOOKUP_SIDS2;
/* LSA_Q_LOOKUP_SIDS3 - LSA Lookup SIDs 3 */
typedef struct lsa_q_lookup_sids3
{
LSA_SID_ENUM sids;
LSA_TRANS_NAME_ENUM2 names;
uint16 level;
uint32 mapped_count;
uint32 unknown1;
uint32 unknown2;
} LSA_Q_LOOKUP_SIDS3;
/* LSA_R_LOOKUP_SIDS3 - response to LSA Lookup SIDs 3 */
typedef struct lsa_r_lookup_sids3
{
uint32 ptr_dom_ref;
DOM_R_REF *dom_ref; /* domain reference info */
LSA_TRANS_NAME_ENUM2 names;
uint32 mapped_count;
NTSTATUS status; /* return code */
} LSA_R_LOOKUP_SIDS3;
/* LSA_Q_LOOKUP_NAMES - LSA Lookup NAMEs */
typedef struct lsa_q_lookup_names
{
POLICY_HND pol; /* policy handle */
uint32 num_entries;
uint32 num_entries2;
UNIHDR *hdr_name; /* name buffer pointers */
UNISTR2 *uni_name; /* names to be looked up */
uint32 num_trans_entries;
uint32 ptr_trans_sids; /* undocumented domain SID buffer pointer */
uint16 lookup_level;
uint32 mapped_count;
} LSA_Q_LOOKUP_NAMES;
/* LSA_R_LOOKUP_NAMES - response to LSA Lookup NAMEs by name */
typedef struct lsa_r_lookup_names
{
uint32 ptr_dom_ref;
DOM_R_REF *dom_ref; /* domain reference info */
uint32 num_entries;
uint32 ptr_entries;
uint32 num_entries2;
DOM_RID *dom_rid; /* domain RIDs being looked up */
uint32 mapped_count;
NTSTATUS status; /* return code */
} LSA_R_LOOKUP_NAMES;
/* LSA_Q_LOOKUP_NAMES2 - LSA Lookup NAMEs 2*/
typedef struct lsa_q_lookup_names2
{
POLICY_HND pol; /* policy handle */
uint32 num_entries;
uint32 num_entries2;
UNIHDR *hdr_name; /* name buffer pointers */
UNISTR2 *uni_name; /* names to be looked up */
uint32 num_trans_entries;
uint32 ptr_trans_sids; /* undocumented domain SID buffer pointer */
uint16 lookup_level;
uint32 mapped_count;
uint32 unknown1;
uint32 unknown2;
} LSA_Q_LOOKUP_NAMES2;
/* LSA_R_LOOKUP_NAMES2 - response to LSA Lookup NAMEs by name 2 */
typedef struct lsa_r_lookup_names2
{
uint32 ptr_dom_ref;
DOM_R_REF *dom_ref; /* domain reference info */
uint32 num_entries;
uint32 ptr_entries;
uint32 num_entries2;
DOM_RID2 *dom_rid; /* domain RIDs being looked up */
uint32 mapped_count;
NTSTATUS status; /* return code */
} LSA_R_LOOKUP_NAMES2;
/* LSA_Q_LOOKUP_NAMES3 - LSA Lookup NAMEs 3 */
typedef struct lsa_q_lookup_names3
{
POLICY_HND pol; /* policy handle */
uint32 num_entries;
uint32 num_entries2;
UNIHDR *hdr_name; /* name buffer pointers */
UNISTR2 *uni_name; /* names to be looked up */
uint32 num_trans_entries;
uint32 ptr_trans_sids; /* undocumented domain SID buffer pointer */
uint16 lookup_level;
uint32 mapped_count;
uint32 unknown1;
uint32 unknown2;
} LSA_Q_LOOKUP_NAMES3;
/* Sid type used in lookupnames3 and lookupnames4. */
typedef struct lsa_translatedsid3 {
uint8 sid_type;
DOM_SID2 *sid2;
uint32 sid_idx;
uint32 unknown;
} LSA_TRANSLATED_SID3;
/* LSA_R_LOOKUP_NAMES3 - response to LSA Lookup NAMEs by name 3 */
typedef struct lsa_r_lookup_names3
{
uint32 ptr_dom_ref;
DOM_R_REF *dom_ref; /* domain reference info */
uint32 num_entries;
uint32 ptr_entries;
uint32 num_entries2;
LSA_TRANSLATED_SID3 *trans_sids;
uint32 mapped_count;
NTSTATUS status; /* return code */
} LSA_R_LOOKUP_NAMES3;
/* LSA_Q_LOOKUP_NAMES4 - LSA Lookup NAMEs 4 */
typedef struct lsa_q_lookup_names4
{
uint32 num_entries;
uint32 num_entries2;
UNIHDR *hdr_name; /* name buffer pointers */
UNISTR2 *uni_name; /* names to be looked up */
uint32 num_trans_entries;
uint32 ptr_trans_sids; /* undocumented domain SID buffer pointer */
uint16 lookup_level;
uint32 mapped_count;
uint32 unknown1;
uint32 unknown2;
} LSA_Q_LOOKUP_NAMES4;
/* LSA_R_LOOKUP_NAMES3 - response to LSA Lookup NAMEs by name 4 */
typedef struct lsa_r_lookup_names4
{
uint32 ptr_dom_ref;
DOM_R_REF *dom_ref; /* domain reference info */
uint32 num_entries;
uint32 ptr_entries;
uint32 num_entries2;
LSA_TRANSLATED_SID3 *trans_sids;
uint32 mapped_count;
NTSTATUS status; /* return code */
} LSA_R_LOOKUP_NAMES4;
/* LSA_Q_ENUM_ACCT_RIGHTS - LSA enum account rights */
typedef struct
{
POLICY_HND pol; /* policy handle */
DOM_SID2 sid;
} LSA_Q_ENUM_ACCT_RIGHTS;
/* LSA_R_ENUM_ACCT_RIGHTS - LSA enum account rights */
typedef struct
{
uint32 count;
UNISTR4_ARRAY *rights;
NTSTATUS status;
} LSA_R_ENUM_ACCT_RIGHTS;
/* LSA_Q_ADD_ACCT_RIGHTS - LSA add account rights */
typedef struct
{
POLICY_HND pol; /* policy handle */
DOM_SID2 sid;
uint32 count;
UNISTR4_ARRAY *rights;
} LSA_Q_ADD_ACCT_RIGHTS;
/* LSA_R_ADD_ACCT_RIGHTS - LSA add account rights */
typedef struct
{
NTSTATUS status;
} LSA_R_ADD_ACCT_RIGHTS;
/* LSA_Q_REMOVE_ACCT_RIGHTS - LSA remove account rights */
typedef struct
{
POLICY_HND pol; /* policy handle */
DOM_SID2 sid;
uint32 removeall;
uint32 count;
UNISTR4_ARRAY *rights;
} LSA_Q_REMOVE_ACCT_RIGHTS;
/* LSA_R_REMOVE_ACCT_RIGHTS - LSA remove account rights */
typedef struct
{
NTSTATUS status;
} LSA_R_REMOVE_ACCT_RIGHTS;
/* LSA_Q_ENUM_ACCOUNTS */
typedef struct lsa_q_enum_accounts
{
POLICY_HND pol; /* policy handle */
uint32 enum_context;
uint32 pref_max_length;
} LSA_Q_ENUM_ACCOUNTS;
/* LSA_R_ENUM_ACCOUNTS */
typedef struct lsa_r_enum_accounts
{
uint32 enum_context;
LSA_SID_ENUM sids;
NTSTATUS status;
} LSA_R_ENUM_ACCOUNTS;
typedef struct lsa_q_enumprivsaccount
{
POLICY_HND pol; /* policy handle */
} LSA_Q_ENUMPRIVSACCOUNT;
typedef struct lsa_r_enumprivsaccount
{
uint32 ptr;
uint32 count;
PRIVILEGE_SET set;
NTSTATUS status;
} LSA_R_ENUMPRIVSACCOUNT;
typedef struct {
UNIHDR hdr;
UNISTR2 unistring;
} LSA_STRING;
typedef struct {
POLICY_HND pol; /* policy handle */
LSA_STRING privname;
} LSA_Q_LOOKUP_PRIV_VALUE;
typedef struct {
LUID luid;
NTSTATUS status;
} LSA_R_LOOKUP_PRIV_VALUE;
typedef struct lsa_q_addprivs
{
POLICY_HND pol; /* policy handle */
uint32 count;
PRIVILEGE_SET set;
} LSA_Q_ADDPRIVS;
typedef struct lsa_r_addprivs
{
NTSTATUS status;
} LSA_R_ADDPRIVS;
typedef struct lsa_q_removeprivs
{
POLICY_HND pol; /* policy handle */
uint32 allrights;
uint32 ptr;
uint32 count;
PRIVILEGE_SET set;
} LSA_Q_REMOVEPRIVS;
typedef struct lsa_r_removeprivs
{
NTSTATUS status;
} LSA_R_REMOVEPRIVS;
#define LSA_POLICY_ALL_ACCESS ( STANDARD_RIGHTS_REQUIRED_ACCESS |\
LSA_POLICY_VIEW_LOCAL_INFORMATION |\
LSA_POLICY_VIEW_AUDIT_INFORMATION |\
LSA_POLICY_GET_PRIVATE_INFORMATION |\
LSA_POLICY_TRUST_ADMIN |\
LSA_POLICY_CREATE_ACCOUNT |\
LSA_POLICY_CREATE_SECRET |\
LSA_POLICY_CREATE_PRIVILEGE |\
LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS |\
LSA_POLICY_SET_AUDIT_REQUIREMENTS |\
LSA_POLICY_AUDIT_LOG_ADMIN |\
LSA_POLICY_SERVER_ADMIN |\
LSA_POLICY_LOOKUP_NAMES )
#define LSA_POLICY_READ ( STANDARD_RIGHTS_READ_ACCESS |\
LSA_POLICY_VIEW_AUDIT_INFORMATION |\
LSA_POLICY_GET_PRIVATE_INFORMATION)
#define LSA_POLICY_WRITE ( STD_RIGHT_READ_CONTROL_ACCESS |\
LSA_POLICY_TRUST_ADMIN |\
LSA_POLICY_CREATE_ACCOUNT |\
LSA_POLICY_CREATE_SECRET |\
LSA_POLICY_CREATE_PRIVILEGE |\
LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS |\
LSA_POLICY_SET_AUDIT_REQUIREMENTS |\
LSA_POLICY_AUDIT_LOG_ADMIN |\
LSA_POLICY_SERVER_ADMIN)
#define LSA_POLICY_EXECUTE ( STANDARD_RIGHTS_EXECUTE_ACCESS |\
LSA_POLICY_VIEW_LOCAL_INFORMATION |\
LSA_POLICY_LOOKUP_NAMES )
#endif /* _RPC_LSA_H */

909
source3/include/rpc_netlogon.h
View File

@ -23,59 +23,6 @@
#ifndef _RPC_NETLOGON_H /* _RPC_NETLOGON_H */
#define _RPC_NETLOGON_H
/* NETLOGON pipe */
#define NET_SAMLOGON 0x02
#define NET_SAMLOGOFF 0x03
#define NET_REQCHAL 0x04
#define NET_AUTH 0x05
#define NET_SRVPWSET 0x06
#define NET_SAM_DELTAS 0x07
#define NET_GETDCNAME 0x0b
#define NET_LOGON_CTRL 0x0c
#define NET_GETANYDCNAME 0x0d
#define NET_AUTH2 0x0f
#define NET_LOGON_CTRL2 0x0e
#define NET_SAM_SYNC 0x10
#define NET_TRUST_DOM_LIST 0x13
#define NET_DSR_GETDCNAME 0x14
#define NET_AUTH3 0x1a
#define NET_DSR_GETDCNAMEEX 0x1b
#define NET_DSR_GETSITENAME 0x1c
#define NET_DSR_GETDCNAMEEX2 0x22
#define NET_SAMLOGON_EX 0x27
/* Returned delta types */
#define SAM_DELTA_DOMAIN_INFO 0x01
#define SAM_DELTA_GROUP_INFO 0x02
#define SAM_DELTA_RENAME_GROUP 0x04
#define SAM_DELTA_ACCOUNT_INFO 0x05
#define SAM_DELTA_RENAME_USER 0x07
#define SAM_DELTA_GROUP_MEM 0x08
#define SAM_DELTA_ALIAS_INFO 0x09
#define SAM_DELTA_RENAME_ALIAS 0x0b
#define SAM_DELTA_ALIAS_MEM 0x0c
#define SAM_DELTA_POLICY_INFO 0x0d
#define SAM_DELTA_TRUST_DOMS 0x0e
#define SAM_DELTA_PRIVS_INFO 0x10 /* DT_DELTA_ACCOUNTS */
#define SAM_DELTA_SECRET_INFO 0x12
#define SAM_DELTA_DELETE_GROUP 0x14
#define SAM_DELTA_DELETE_USER 0x15
#define SAM_DELTA_MODIFIED_COUNT 0x16
/* SAM database types */
#define SAM_DATABASE_DOMAIN 0x00 /* Domain users and groups */
#define SAM_DATABASE_BUILTIN 0x01 /* BUILTIN users and groups */
#define SAM_DATABASE_PRIVS 0x02 /* Privileges */
/* flags use when sending a NETLOGON_CONTROL request */
#define NETLOGON_CONTROL_SYNC 0x2
#define NETLOGON_CONTROL_REDISCOVER 0x5
#define NETLOGON_CONTROL_TC_QUERY 0x6
#define NETLOGON_CONTROL_TRANSPORT_NOTIFY 0x7
#define NETLOGON_CONTROL_SET_DBFLAG 0xfffe
/* Some flag values reverse engineered from NLTEST.EXE */
/* used in the NETLOGON_CONTROL[2] reply */
@ -104,515 +51,9 @@
#define MSV1_0_RETURN_PROFILE_PATH 0x00000200
#endif
#if 0
/* I think this is correct - it's what gets parsed on the wire. JRA. */
/* NET_USER_INFO_2 */
typedef struct net_user_info_2 {
uint32 ptr_user_info;
NTTIME logon_time; /* logon time */
NTTIME logoff_time; /* logoff time */
NTTIME kickoff_time; /* kickoff time */
NTTIME pass_last_set_time; /* password last set time */
NTTIME pass_can_change_time; /* password can change time */
NTTIME pass_must_change_time; /* password must change time */
UNIHDR hdr_user_name; /* username unicode string header */
UNIHDR hdr_full_name; /* user's full name unicode string header */
UNIHDR hdr_logon_script; /* logon script unicode string header */
UNIHDR hdr_profile_path; /* profile path unicode string header */
UNIHDR hdr_home_dir; /* home directory unicode string header */
UNIHDR hdr_dir_drive; /* home directory drive unicode string header */
uint16 logon_count; /* logon count */
uint16 bad_pw_count; /* bad password count */
uint32 user_id; /* User ID */
uint32 group_id; /* Group ID */
uint32 num_groups; /* num groups */
uint32 buffer_groups; /* undocumented buffer pointer to groups. */
uint32 user_flgs; /* user flags */
uint8 user_sess_key[16]; /* unused user session key */
UNIHDR hdr_logon_srv; /* logon server unicode string header */
UNIHDR hdr_logon_dom; /* logon domain unicode string header */
uint32 buffer_dom_id; /* undocumented logon domain id pointer */
uint8 padding[40]; /* unused padding bytes. expansion room */
UNISTR2 uni_user_name; /* username unicode string */
UNISTR2 uni_full_name; /* user's full name unicode string */
UNISTR2 uni_logon_script; /* logon script unicode string */
UNISTR2 uni_profile_path; /* profile path unicode string */
UNISTR2 uni_home_dir; /* home directory unicode string */
UNISTR2 uni_dir_drive; /* home directory drive unicode string */
uint32 num_groups2; /* num groups */
DOM_GID *gids; /* group info */
UNISTR2 uni_logon_srv; /* logon server unicode string */
UNISTR2 uni_logon_dom; /* logon domain unicode string */
DOM_SID2 dom_sid; /* domain SID */
uint32 num_other_groups; /* other groups */
DOM_GID *other_gids; /* group info */
DOM_SID2 *other_sids; /* undocumented - domain SIDs */
} NET_USER_INFO_2;
#endif
/* NET_USER_INFO_2 */
typedef struct net_user_info_2 {
uint32 ptr_user_info;
NTTIME logon_time; /* logon time */
NTTIME logoff_time; /* logoff time */
NTTIME kickoff_time; /* kickoff time */
NTTIME pass_last_set_time; /* password last set time */
NTTIME pass_can_change_time; /* password can change time */
NTTIME pass_must_change_time; /* password must change time */
UNIHDR hdr_user_name; /* username unicode string header */
UNIHDR hdr_full_name; /* user's full name unicode string header */
UNIHDR hdr_logon_script; /* logon script unicode string header */
UNIHDR hdr_profile_path; /* profile path unicode string header */
UNIHDR hdr_home_dir; /* home directory unicode string header */
UNIHDR hdr_dir_drive; /* home directory drive unicode string header */
uint16 logon_count; /* logon count */
uint16 bad_pw_count; /* bad password count */
uint32 user_rid; /* User RID */
uint32 group_rid; /* Group RID */
uint32 num_groups; /* num groups */
uint32 buffer_groups; /* undocumented buffer pointer to groups. */
uint32 user_flgs; /* user flags */
uint8 user_sess_key[16]; /* user session key */
UNIHDR hdr_logon_srv; /* logon server unicode string header */
UNIHDR hdr_logon_dom; /* logon domain unicode string header */
uint32 buffer_dom_id; /* undocumented logon domain id pointer */
uint8 lm_sess_key[8]; /* lm session key */
uint32 acct_flags; /* account flags */
uint32 unknown[7]; /* unknown */
UNISTR2 uni_user_name; /* username unicode string */
UNISTR2 uni_full_name; /* user's full name unicode string */
UNISTR2 uni_logon_script; /* logon script unicode string */
UNISTR2 uni_profile_path; /* profile path unicode string */
UNISTR2 uni_home_dir; /* home directory unicode string */
UNISTR2 uni_dir_drive; /* home directory drive unicode string */
UNISTR2 uni_logon_srv; /* logon server unicode string */
UNISTR2 uni_logon_dom; /* logon domain unicode string */
DOM_SID2 dom_sid; /* domain SID */
} NET_USER_INFO_2;
/* NET_USER_INFO_3 */
typedef struct net_user_info_3 {
uint32 ptr_user_info;
NTTIME logon_time; /* logon time */
NTTIME logoff_time; /* logoff time */
NTTIME kickoff_time; /* kickoff time */
NTTIME pass_last_set_time; /* password last set time */
NTTIME pass_can_change_time; /* password can change time */
NTTIME pass_must_change_time; /* password must change time */
UNIHDR hdr_user_name; /* username unicode string header */
UNIHDR hdr_full_name; /* user's full name unicode string header */
UNIHDR hdr_logon_script; /* logon script unicode string header */
UNIHDR hdr_profile_path; /* profile path unicode string header */
UNIHDR hdr_home_dir; /* home directory unicode string header */
UNIHDR hdr_dir_drive; /* home directory drive unicode string header */
uint16 logon_count; /* logon count */
uint16 bad_pw_count; /* bad password count */
uint32 user_rid; /* User RID */
uint32 group_rid; /* Group RID */
uint32 num_groups; /* num groups */
uint32 buffer_groups; /* undocumented buffer pointer to groups. */
uint32 user_flgs; /* user flags */
uint8 user_sess_key[16]; /* user session key */
UNIHDR hdr_logon_srv; /* logon server unicode string header */
UNIHDR hdr_logon_dom; /* logon domain unicode string header */
uint32 buffer_dom_id; /* undocumented logon domain id pointer */
uint8 lm_sess_key[8]; /* lm session key */
uint32 acct_flags; /* account flags */
uint32 unknown[7]; /* unknown */
uint32 num_other_sids; /* number of foreign/trusted domain sids */
uint32 buffer_other_sids;
/* The next three uint32 are not really part of user_info_3 but here
* for parsing convenience. They are only valid in Kerberos PAC
* parsing - Guenther */
uint32 ptr_res_group_dom_sid;
uint32 res_group_count;
uint32 ptr_res_groups;
UNISTR2 uni_user_name; /* username unicode string */
UNISTR2 uni_full_name; /* user's full name unicode string */
UNISTR2 uni_logon_script; /* logon script unicode string */
UNISTR2 uni_profile_path; /* profile path unicode string */
UNISTR2 uni_home_dir; /* home directory unicode string */
UNISTR2 uni_dir_drive; /* home directory drive unicode string */
uint32 num_groups2; /* num groups */
DOM_GID *gids; /* group info */
UNISTR2 uni_logon_srv; /* logon server unicode string */
UNISTR2 uni_logon_dom; /* logon domain unicode string */
DOM_SID2 dom_sid; /* domain SID */
DOM_SID2 *other_sids; /* foreign/trusted domain SIDs */
uint32 *other_sids_attrib;
} NET_USER_INFO_3;
/* NETLOGON_INFO_1 - pdc status info, i presume */
typedef struct netlogon_1_info {
uint32 flags; /* 0x0 - undocumented */
uint32 pdc_status; /* 0x0 - undocumented */
} NETLOGON_INFO_1;
/* NETLOGON_INFO_2 - pdc status info, plus trusted domain info */
typedef struct netlogon_2_info {
uint32 flags; /* 0x0 - undocumented */
uint32 pdc_status; /* 0x0 - undocumented */
uint32 ptr_trusted_dc_name; /* pointer to trusted domain controller name */
uint32 tc_status;
UNISTR2 uni_trusted_dc_name; /* unicode string - trusted dc name */
} NETLOGON_INFO_2;
/* NETLOGON_INFO_3 - logon status info, i presume */
typedef struct netlogon_3_info {
uint32 flags; /* 0x0 - undocumented */
uint32 logon_attempts; /* number of logon attempts */
uint32 reserved_1; /* 0x0 - undocumented */
uint32 reserved_2; /* 0x0 - undocumented */
uint32 reserved_3; /* 0x0 - undocumented */
uint32 reserved_4; /* 0x0 - undocumented */
uint32 reserved_5; /* 0x0 - undocumented */
} NETLOGON_INFO_3;
/********************************************************
Logon Control Query
This is generated by a nltest /bdc_query:DOMAIN
query_level 0x1, function_code 0x1
********************************************************/
/* NET_Q_LOGON_CTRL - LSA Netr Logon Control */
typedef struct net_q_logon_ctrl_info {
uint32 ptr;
UNISTR2 uni_server_name;
uint32 function_code;
uint32 query_level;
} NET_Q_LOGON_CTRL;
/* NET_R_LOGON_CTRL - LSA Netr Logon Control */
typedef struct net_r_logon_ctrl_info {
uint32 switch_value;
uint32 ptr;
union {
NETLOGON_INFO_1 info1;
} logon;
NTSTATUS status;
} NET_R_LOGON_CTRL;
typedef struct ctrl_data_info_5 {
uint32 function_code;
uint32 ptr_domain;
UNISTR2 domain;
} CTRL_DATA_INFO_5;
typedef struct ctrl_data_info_6 {
uint32 function_code;
uint32 ptr_domain;
UNISTR2 domain;
} CTRL_DATA_INFO_6;
/********************************************************
Logon Control2 Query
query_level 0x1 - pdc status
query_level 0x3 - number of logon attempts.
********************************************************/
/* NET_Q_LOGON_CTRL2 - LSA Netr Logon Control 2 */
typedef struct net_q_logon_ctrl2_info {
uint32 ptr; /* undocumented buffer pointer */
UNISTR2 uni_server_name; /* server name, starting with two '\'s */
uint32 function_code;
uint32 query_level;
union {
CTRL_DATA_INFO_5 info5;
CTRL_DATA_INFO_6 info6;
} info;
} NET_Q_LOGON_CTRL2;
/*******************************************************
Logon Control Response
switch_value is same as query_level in request
*******************************************************/
/* NET_R_LOGON_CTRL2 - response to LSA Logon Control2 */
typedef struct net_r_logon_ctrl2_info {
uint32 switch_value; /* 0x1, 0x3 */
uint32 ptr;
union
{
NETLOGON_INFO_1 info1;
NETLOGON_INFO_2 info2;
NETLOGON_INFO_3 info3;
} logon;
NTSTATUS status; /* return code */
} NET_R_LOGON_CTRL2;
/* NEG_FLAGS */
typedef struct neg_flags_info {
uint32 neg_flags; /* negotiated flags */
} NEG_FLAGS;
/* NET_Q_REQ_CHAL */
typedef struct net_q_req_chal_info {
uint32 undoc_buffer; /* undocumented buffer pointer */
UNISTR2 uni_logon_srv; /* logon server unicode string */
UNISTR2 uni_logon_clnt; /* logon client unicode string */
DOM_CHAL clnt_chal; /* client challenge */
} NET_Q_REQ_CHAL;
/* NET_R_REQ_CHAL */
typedef struct net_r_req_chal_info {
DOM_CHAL srv_chal; /* server challenge */
NTSTATUS status; /* return code */
} NET_R_REQ_CHAL;
/* NET_Q_AUTH */
typedef struct net_q_auth_info {
DOM_LOG_INFO clnt_id; /* client identification info */
DOM_CHAL clnt_chal; /* client-calculated credentials */
} NET_Q_AUTH;
/* NET_R_AUTH */
typedef struct net_r_auth_info {
DOM_CHAL srv_chal; /* server-calculated credentials */
NTSTATUS status; /* return code */
} NET_R_AUTH;
/* NET_Q_AUTH_2 */
typedef struct net_q_auth2_info {
DOM_LOG_INFO clnt_id; /* client identification info */
DOM_CHAL clnt_chal; /* client-calculated credentials */
NEG_FLAGS clnt_flgs; /* usually 0x0000 01ff */
} NET_Q_AUTH_2;
/* NET_R_AUTH_2 */
typedef struct net_r_auth2_info {
DOM_CHAL srv_chal; /* server-calculated credentials */
NEG_FLAGS srv_flgs; /* usually 0x0000 01ff */
NTSTATUS status; /* return code */
} NET_R_AUTH_2;
/* NET_Q_AUTH_3 */
typedef struct net_q_auth3_info {
DOM_LOG_INFO clnt_id; /* client identification info */
DOM_CHAL clnt_chal; /* client-calculated credentials */
NEG_FLAGS clnt_flgs; /* usually 0x6007 ffff */
} NET_Q_AUTH_3;
/* NET_R_AUTH_3 */
typedef struct net_r_auth3_info {
DOM_CHAL srv_chal; /* server-calculated credentials */
NEG_FLAGS srv_flgs; /* usually 0x6007 ffff */
uint32 unknown; /* 0x0000045b */
NTSTATUS status; /* return code */
} NET_R_AUTH_3;
/* NET_Q_SRV_PWSET */
typedef struct net_q_srv_pwset_info {
DOM_CLNT_INFO clnt_id; /* client identification/authentication info */
uint8 pwd[16]; /* new password - undocumented. */
} NET_Q_SRV_PWSET;
/* NET_R_SRV_PWSET */
typedef struct net_r_srv_pwset_info {
DOM_CRED srv_cred; /* server-calculated credentials */
NTSTATUS status; /* return code */
} NET_R_SRV_PWSET;
/* NET_ID_INFO_2 */
typedef struct net_network_info_2 {
uint32 ptr_id_info2; /* pointer to id_info_2 */
UNIHDR hdr_domain_name; /* domain name unicode header */
uint32 param_ctrl; /* param control (0x2) */
DOM_LOGON_ID logon_id; /* logon ID */
UNIHDR hdr_user_name; /* user name unicode header */
UNIHDR hdr_wksta_name; /* workstation name unicode header */
uint8 lm_chal[8]; /* lan manager 8 byte challenge */
STRHDR hdr_nt_chal_resp; /* nt challenge response */
STRHDR hdr_lm_chal_resp; /* lm challenge response */
UNISTR2 uni_domain_name; /* domain name unicode string */
UNISTR2 uni_user_name; /* user name unicode string */
UNISTR2 uni_wksta_name; /* workgroup name unicode string */
STRING2 nt_chal_resp; /* nt challenge response */
STRING2 lm_chal_resp; /* lm challenge response */
} NET_ID_INFO_2;
/* NET_ID_INFO_1 */
typedef struct id_info_1 {
uint32 ptr_id_info1; /* pointer to id_info_1 */
UNIHDR hdr_domain_name; /* domain name unicode header */
uint32 param_ctrl; /* param control */
DOM_LOGON_ID logon_id; /* logon ID */
UNIHDR hdr_user_name; /* user name unicode header */
UNIHDR hdr_wksta_name; /* workstation name unicode header */
OWF_INFO lm_owf; /* LM OWF Password */
OWF_INFO nt_owf; /* NT OWF Password */
UNISTR2 uni_domain_name; /* domain name unicode string */
UNISTR2 uni_user_name; /* user name unicode string */
UNISTR2 uni_wksta_name; /* workgroup name unicode string */
} NET_ID_INFO_1;
#define INTERACTIVE_LOGON_TYPE 1
#define NET_LOGON_TYPE 2
/* NET_ID_INFO_CTR */
typedef struct net_id_info_ctr_info {
uint16 switch_value;
union {
NET_ID_INFO_1 id1; /* auth-level 1 - interactive user login */
NET_ID_INFO_2 id2; /* auth-level 2 - workstation referred login */
} auth;
} NET_ID_INFO_CTR;
/* SAM_INFO - sam logon/off id structure */
typedef struct sam_info {
DOM_CLNT_INFO2 client;
uint32 ptr_rtn_cred; /* pointer to return credentials */
DOM_CRED rtn_cred; /* return credentials */
uint16 logon_level;
NET_ID_INFO_CTR *ctr;
} DOM_SAM_INFO;
/* SAM_INFO - sam logon/off id structure - no creds */
typedef struct sam_info_ex {
DOM_CLNT_SRV client;
uint16 logon_level;
NET_ID_INFO_CTR *ctr;
} DOM_SAM_INFO_EX;
/* NET_Q_SAM_LOGON */
typedef struct net_q_sam_logon_info {
DOM_SAM_INFO sam_id;
uint16 validation_level;
} NET_Q_SAM_LOGON;
/* NET_Q_SAM_LOGON_EX */
typedef struct net_q_sam_logon_info_ex {
DOM_SAM_INFO_EX sam_id;
uint16 validation_level;
uint32 flags;
} NET_Q_SAM_LOGON_EX;
/* NET_R_SAM_LOGON */
typedef struct net_r_sam_logon_info {
uint32 buffer_creds; /* undocumented buffer pointer */
DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
uint16 switch_value; /* 3 - indicates type of USER INFO */
NET_USER_INFO_3 *user;
uint32 auth_resp; /* 1 - Authoritative response; 0 - Non-Auth? */
NTSTATUS status; /* return code */
} NET_R_SAM_LOGON;
/* NET_R_SAM_LOGON_EX */
typedef struct net_r_sam_logon_info_ex {
uint16 switch_value; /* 3 - indicates type of USER INFO */
NET_USER_INFO_3 *user;
uint32 auth_resp; /* 1 - Authoritative response; 0 - Non-Auth? */
uint32 flags;
NTSTATUS status; /* return code */
} NET_R_SAM_LOGON_EX;
/* NET_Q_SAM_LOGOFF */
typedef struct net_q_sam_logoff_info {
DOM_SAM_INFO sam_id;
} NET_Q_SAM_LOGOFF;
/* NET_R_SAM_LOGOFF */
typedef struct net_r_sam_logoff_info {
uint32 buffer_creds; /* undocumented buffer pointer */
DOM_CRED srv_creds; /* server credentials. server time stamp appears to be ignored. */
NTSTATUS status; /* return code */
} NET_R_SAM_LOGOFF;
/* NET_Q_SAM_SYNC */
typedef struct net_q_sam_sync_info {
UNISTR2 uni_srv_name; /* \\PDC */
UNISTR2 uni_cli_name; /* BDC */
DOM_CRED cli_creds;
DOM_CRED ret_creds;
uint32 database_id;
uint32 restart_state;
uint32 sync_context;
uint32 max_size; /* preferred maximum length */
} NET_Q_SAM_SYNC;
/* SAM_DELTA_HDR */
typedef struct sam_delta_hdr_info {
uint16 type; /* type of structure attached */
uint16 type2;
uint32 target_rid;
uint32 type3;
uint32 ptr_delta;
} SAM_DELTA_HDR;
/* LOCKOUT_STRING */
typedef struct account_lockout_string {
uint32 array_size;
@ -632,356 +73,6 @@ typedef struct hdr_account_lockout_string {
uint32 buffer;
} HDR_LOCKOUT_STRING;
/* SAM_DOMAIN_INFO (0x1) */
typedef struct sam_domain_info_info {
UNIHDR hdr_dom_name;
UNIHDR hdr_oem_info;
uint64 force_logoff;
uint16 min_pwd_len;
uint16 pwd_history_len;
uint64 max_pwd_age;
uint64 min_pwd_age;
uint64 dom_mod_count;
NTTIME creation_time;
uint32 security_information;
BUFHDR4 hdr_sec_desc; /* security descriptor */
HDR_LOCKOUT_STRING hdr_account_lockout;
UNIHDR hdr_unknown2;
UNIHDR hdr_unknown3;
UNIHDR hdr_unknown4;
UNISTR2 uni_dom_name;
UNISTR2 buf_oem_info;
RPC_DATA_BLOB buf_sec_desc;
LOCKOUT_STRING account_lockout;
UNISTR2 buf_unknown2;
UNISTR2 buf_unknown3;
UNISTR2 buf_unknown4;
uint32 logon_chgpass;
uint32 unknown6;
uint32 unknown7;
uint32 unknown8;
} SAM_DOMAIN_INFO;
/* SAM_GROUP_INFO (0x2) */
typedef struct sam_group_info_info {
UNIHDR hdr_grp_name;
DOM_GID gid;
UNIHDR hdr_grp_desc;
BUFHDR2 hdr_sec_desc; /* security descriptor */
uint8 reserved[48];
UNISTR2 uni_grp_name;
UNISTR2 uni_grp_desc;
RPC_DATA_BLOB buf_sec_desc;
} SAM_GROUP_INFO;
/* SAM_PWD */
typedef struct sam_passwd_info {
/* this structure probably contains password history */
/* this is probably a count of lm/nt pairs */
uint32 unk_0; /* 0x0000 0002 */
UNIHDR hdr_lm_pwd;
uint8 buf_lm_pwd[16];
UNIHDR hdr_nt_pwd;
uint8 buf_nt_pwd[16];
UNIHDR hdr_empty_lm;
UNIHDR hdr_empty_nt;
} SAM_PWD;
/* SAM_ACCOUNT_INFO (0x5) */
typedef struct sam_account_info_info {
UNIHDR hdr_acct_name;
UNIHDR hdr_full_name;
uint32 user_rid;
uint32 group_rid;
UNIHDR hdr_home_dir;
UNIHDR hdr_dir_drive;
UNIHDR hdr_logon_script;
UNIHDR hdr_acct_desc;
UNIHDR hdr_workstations;
NTTIME logon_time;
NTTIME logoff_time;
uint32 logon_divs; /* 0xA8 */
uint32 ptr_logon_hrs;
uint16 bad_pwd_count;
uint16 logon_count;
NTTIME pwd_last_set_time;
NTTIME acct_expiry_time;
uint32 acb_info;
uint8 nt_pwd[16];
uint8 lm_pwd[16];
uint8 nt_pwd_present;
uint8 lm_pwd_present;
uint8 pwd_expired;
UNIHDR hdr_comment;
UNIHDR hdr_parameters;
uint16 country;
uint16 codepage;
BUFHDR2 hdr_sec_desc; /* security descriptor */
UNIHDR hdr_profile;
UNIHDR hdr_reserved[3]; /* space for more strings */
uint32 dw_reserved[4]; /* space for more data - first two seem to
be an NTTIME */
UNISTR2 uni_acct_name;
UNISTR2 uni_full_name;
UNISTR2 uni_home_dir;
UNISTR2 uni_dir_drive;
UNISTR2 uni_logon_script;
UNISTR2 uni_acct_desc;
UNISTR2 uni_workstations;
uint32 unknown1; /* 0x4EC */
uint32 unknown2; /* 0 */
RPC_DATA_BLOB buf_logon_hrs;
UNISTR2 uni_comment;
UNISTR2 uni_parameters;
SAM_PWD pass;
RPC_DATA_BLOB buf_sec_desc;
UNISTR2 uni_profile;
} SAM_ACCOUNT_INFO;
/* SAM_GROUP_MEM_INFO (0x8) */
typedef struct sam_group_mem_info_info {
uint32 ptr_rids;
uint32 ptr_attribs;
uint32 num_members;
uint8 unknown[16];
uint32 num_members2;
uint32 *rids;
uint32 num_members3;
uint32 *attribs;
} SAM_GROUP_MEM_INFO;
/* SAM_ALIAS_INFO (0x9) */
typedef struct sam_alias_info_info {
UNIHDR hdr_als_name;
uint32 als_rid;
BUFHDR2 hdr_sec_desc; /* security descriptor */
UNIHDR hdr_als_desc;
uint8 reserved[40];
UNISTR2 uni_als_name;
RPC_DATA_BLOB buf_sec_desc;
UNISTR2 uni_als_desc;
} SAM_ALIAS_INFO;
/* SAM_ALIAS_MEM_INFO (0xC) */
typedef struct sam_alias_mem_info_info {
uint32 num_members;
uint32 ptr_members;
uint8 unknown[16];
uint32 num_sids;
uint32 *ptr_sids;
DOM_SID2 *sids;
} SAM_ALIAS_MEM_INFO;
/* SAM_DELTA_POLICY (0x0D) */
typedef struct {
uint32 max_log_size; /* 0x5000 */
uint64 audit_retention_period; /* 0 */
uint32 auditing_mode; /* 0 */
uint32 num_events;
uint32 ptr_events;
UNIHDR hdr_dom_name;
uint32 sid_ptr;
uint32 paged_pool_limit; /* 0x02000000 */
uint32 non_paged_pool_limit; /* 0x00100000 */
uint32 min_workset_size; /* 0x00010000 */
uint32 max_workset_size; /* 0x0f000000 */
uint32 page_file_limit; /* 0 */
uint64 time_limit; /* 0 */
NTTIME modify_time; /* 0x3c*/
NTTIME create_time; /* a7080110 */
BUFHDR2 hdr_sec_desc;
uint32 num_event_audit_options;
uint32 event_audit_option;
UNISTR2 domain_name;
DOM_SID2 domain_sid;
RPC_DATA_BLOB buf_sec_desc;
} SAM_DELTA_POLICY;
/* SAM_DELTA_TRUST_DOMS */
typedef struct {
uint32 buf_size;
SEC_DESC *sec_desc;
DOM_SID2 sid;
UNIHDR hdr_domain;
uint32 unknown0;
uint32 unknown1;
uint32 unknown2;
uint32 buf_size2;
uint32 ptr;
uint32 unknown3;
UNISTR2 domain;
} SAM_DELTA_TRUSTDOMS;
/* SAM_DELTA_PRIVS (0x10) */
typedef struct {
DOM_SID2 sid;
uint32 priv_count;
uint32 priv_control;
uint32 priv_attr_ptr;
uint32 priv_name_ptr;
uint32 paged_pool_limit; /* 0x02000000 */
uint32 non_paged_pool_limit; /* 0x00100000 */
uint32 min_workset_size; /* 0x00010000 */
uint32 max_workset_size; /* 0x0f000000 */
uint32 page_file_limit; /* 0 */
uint64 time_limit; /* 0 */
uint32 system_flags; /* 1 */
BUFHDR2 hdr_sec_desc;
uint32 buf_size2;
uint32 attribute_count;
uint32 *attributes;
uint32 privlist_count;
UNIHDR *hdr_privslist;
UNISTR2 *uni_privslist;
RPC_DATA_BLOB buf_sec_desc;
} SAM_DELTA_PRIVS;
/* SAM_DELTA_SECRET */
typedef struct {
uint32 buf_size;
SEC_DESC *sec_desc;
UNISTR2 secret;
uint32 count1;
uint32 count2;
uint32 ptr;
NTTIME time1;
uint32 count3;
uint32 count4;
uint32 ptr2;
NTTIME time2;
uint32 unknow1;
uint32 buf_size2;
uint32 ptr3;
uint32 unknow2; /* 0x0 12 times */
uint32 chal_len;
uint32 reserved1; /* 0 */
uint32 chal_len2;
uint8 chal[16];
uint32 key_len;
uint32 reserved2; /* 0 */
uint32 key_len2;
uint8 key[8];
uint32 buf_size3;
SEC_DESC *sec_desc2;
} SAM_DELTA_SECRET;
/* SAM_DELTA_MOD_COUNT (0x16) */
typedef struct {
uint32 seqnum;
uint32 dom_mod_count_ptr;
uint64 dom_mod_count; /* domain mod count at last sync */
} SAM_DELTA_MOD_COUNT;
typedef union sam_delta_ctr_info {
SAM_DOMAIN_INFO domain_info ;
SAM_GROUP_INFO group_info ;
SAM_ACCOUNT_INFO account_info;
SAM_GROUP_MEM_INFO grp_mem_info;
SAM_ALIAS_INFO alias_info ;
SAM_ALIAS_MEM_INFO als_mem_info;
SAM_DELTA_POLICY policy_info;
SAM_DELTA_PRIVS privs_info;
SAM_DELTA_MOD_COUNT mod_count;
SAM_DELTA_TRUSTDOMS trustdoms_info;
SAM_DELTA_SECRET secret_info;
} SAM_DELTA_CTR;
/* NET_R_SAM_SYNC */
typedef struct net_r_sam_sync_info {
DOM_CRED srv_creds;
uint32 sync_context;
uint32 ptr_deltas;
uint32 num_deltas;
uint32 ptr_deltas2;
uint32 num_deltas2;
SAM_DELTA_HDR *hdr_deltas;
SAM_DELTA_CTR *deltas;
NTSTATUS status;
} NET_R_SAM_SYNC;
/* NET_Q_SAM_DELTAS */
typedef struct net_q_sam_deltas_info {
UNISTR2 uni_srv_name;
UNISTR2 uni_cli_name;
DOM_CRED cli_creds;
DOM_CRED ret_creds;
uint32 database_id;
uint64 dom_mod_count; /* domain mod count at last sync */
uint32 max_size; /* preferred maximum length */
} NET_Q_SAM_DELTAS;
/* NET_R_SAM_DELTAS */
typedef struct net_r_sam_deltas_info {
DOM_CRED srv_creds;
uint64 dom_mod_count; /* new domain mod count */
uint32 ptr_deltas;
uint32 num_deltas;
uint32 num_deltas2;
SAM_DELTA_HDR *hdr_deltas;
SAM_DELTA_CTR *deltas;
NTSTATUS status;
} NET_R_SAM_DELTAS;
#define DSGETDC_VALID_FLAGS ( \
DS_FORCE_REDISCOVERY | \
DS_DIRECTORY_SERVICE_REQUIRED | \

75
source3/include/rpc_ntsvcs.h
View File

@ -33,32 +33,6 @@
#define NTSVCS_GET_VERSION_INTERNAL 0x3e
/**************************/
typedef struct {
/* nothing in the request */
uint32 dummy;
} NTSVCS_Q_GET_VERSION;
typedef struct {
uint32 version;
WERROR status;
} NTSVCS_R_GET_VERSION;
/**************************/
typedef struct {
UNISTR2 *devicename;
uint32 flags;
} NTSVCS_Q_GET_DEVICE_LIST_SIZE;
typedef struct {
uint32 size;
WERROR status;
} NTSVCS_R_GET_DEVICE_LIST_SIZE;
/**************************/
typedef struct {
@ -75,17 +49,6 @@ typedef struct {
/**************************/
typedef struct {
UNISTR2 devicepath;
uint32 flags;
} NTSVCS_Q_VALIDATE_DEVICE_INSTANCE;
typedef struct {
WERROR status;
} NTSVCS_R_VALIDATE_DEVICE_INSTANCE;
/**************************/
#define DEV_REGPROP_DESC 1
typedef struct {
@ -105,42 +68,4 @@ typedef struct {
WERROR status;
} NTSVCS_R_GET_DEVICE_REG_PROPERTY;
/**************************/
typedef struct {
uint32 index;
uint8 *buffer;
uint32 buffer_size;
uint32 unknown1;
} NTSVCS_Q_GET_HW_PROFILE_INFO;
typedef struct {
uint32 buffer_size; /* the size (not included in the reply)
if just matched from the request */
uint8 *buffer;
WERROR status;
} NTSVCS_R_GET_HW_PROFILE_INFO;
/**************************/
typedef struct {
uint32 unknown1;
UNISTR2 devicepath;
uint32 unknown2;
uint32 unknown3;
uint32 unknown4;
uint32 unknown5;
uint32 unknown6;
uint32 unknown7;
} NTSVCS_Q_HW_PROFILE_FLAGS;
typedef struct {
uint32 unknown1;
uint32 unknown2;
uint32 unknown3;
WERROR status;
} NTSVCS_R_HW_PROFILE_FLAGS;
#endif /* _RPC_NTSVCS_H */

160
source3/include/rpc_samr.h
View File

@ -1,160 +0,0 @@
/*
Unix SMB/CIFS implementation.
SMB parameters and setup
Copyright (C) Andrew Tridgell 1992-2000
Copyright (C) Luke Kenneth Casson Leighton 1996-2000
Copyright (C) Paul Ashton 1997-2000
Copyright (C) Jean François Micouleau 1998-2001
Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2002
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef _RPC_SAMR_H /* _RPC_SAMR_H */
#define _RPC_SAMR_H
/*******************************************************************
the following information comes from a QuickView on samsrv.dll,
and gives an idea of exactly what is needed:
x SamrAddMemberToAlias
x SamrAddMemberToGroup
SamrAddMultipleMembersToAlias
x SamrChangePasswordUser
x SamrCloseHandle
x SamrConnect
x SamrCreateAliasInDomain
x SamrCreateGroupInDomain
x SamrCreateUserInDomain
? SamrDeleteAlias
SamrDeleteGroup
x SamrDeleteUser
x SamrEnumerateAliasesInDomain
SamrEnumerateDomainsInSamServer
x SamrEnumerateGroupsInDomain
x SamrEnumerateUsersInDomain
SamrGetUserDomainPasswordInformation
SamrLookupDomainInSamServer
? SamrLookupIdsInDomain
x SamrLookupNamesInDomain
x SamrOpenAlias
x SamrOpenDomain
x SamrOpenGroup
x SamrOpenUser
x SamrQueryDisplayInformation
x SamrQueryInformationAlias
SamrQueryInformationDomain
? SamrQueryInformationUser
x SamrQuerySecurityObject
SamrRemoveMemberFromAlias
SamrRemoveMemberFromForiegnDomain
SamrRemoveMemberFromGroup
SamrRemoveMultipleMembersFromAlias
x SamrSetInformationAlias
SamrSetInformationDomain
x SamrSetInformationGroup
x SamrSetInformationUser
SamrSetMemberAttributesOfGroup
SamrSetSecurityObject
SamrShutdownSamServer
SamrTestPrivateFunctionsDomain
SamrTestPrivateFunctionsUser
********************************************************************/
#define SAMR_CONNECT_ANON 0x00
#define SAMR_CLOSE_HND 0x01
#define SAMR_SET_SEC_OBJECT 0x02
#define SAMR_QUERY_SEC_OBJECT 0x03
#define SAMR_UNKNOWN_4 0x04 /* profile info? */
#define SAMR_LOOKUP_DOMAIN 0x05
#define SAMR_ENUM_DOMAINS 0x06
#define SAMR_OPEN_DOMAIN 0x07
#define SAMR_QUERY_DOMAIN_INFO 0x08
#define SAMR_SET_DOMAIN_INFO 0x09
#define SAMR_CREATE_DOM_GROUP 0x0a
#define SAMR_ENUM_DOM_GROUPS 0x0b
#define SAMR_ENUM_DOM_USERS 0x0d
#define SAMR_CREATE_DOM_ALIAS 0x0e
#define SAMR_ENUM_DOM_ALIASES 0x0f
#define SAMR_QUERY_USERALIASES 0x10
#define SAMR_LOOKUP_NAMES 0x11
#define SAMR_LOOKUP_RIDS 0x12
#define SAMR_OPEN_GROUP 0x13
#define SAMR_QUERY_GROUPINFO 0x14
#define SAMR_SET_GROUPINFO 0x15
#define SAMR_ADD_GROUPMEM 0x16
#define SAMR_DELETE_DOM_GROUP 0x17
#define SAMR_DEL_GROUPMEM 0x18
#define SAMR_QUERY_GROUPMEM 0x19
#define SAMR_UNKNOWN_1A 0x1a
#define SAMR_OPEN_ALIAS 0x1b
#define SAMR_QUERY_ALIASINFO 0x1c
#define SAMR_SET_ALIASINFO 0x1d
#define SAMR_DELETE_DOM_ALIAS 0x1e
#define SAMR_ADD_ALIASMEM 0x1f
#define SAMR_DEL_ALIASMEM 0x20
#define SAMR_QUERY_ALIASMEM 0x21
#define SAMR_OPEN_USER 0x22
#define SAMR_DELETE_DOM_USER 0x23
#define SAMR_QUERY_USERINFO 0x24
#define SAMR_SET_USERINFO2 0x25 /* this is SAMR_SET_USERINFO! */
#define SAMR_QUERY_USERGROUPS 0x27
#define SAMR_QUERY_DISPINFO 0x28
#define SAMR_GET_DISPENUM_INDEX 0x29
#define SAMR_UNKNOWN_2a 0x2a
#define SAMR_UNKNOWN_2b 0x2b
#define SAMR_GET_USRDOM_PWINFO 0x2c
#define SAMR_REMOVE_SID_FOREIGN_DOMAIN 0x2d
#define SAMR_QUERY_DOMAIN_INFO2 0x2e /* looks like an alias for SAMR_QUERY_DOMAIN_INFO */
#define SAMR_UNKNOWN_2f 0x2f
#define SAMR_QUERY_DISPINFO3 0x30 /* Alias for SAMR_QUERY_DISPINFO
with info level 3 */
#define SAMR_UNKNOWN_31 0x31
#define SAMR_CREATE_USER 0x32
#define SAMR_QUERY_DISPINFO4 0x33 /* Alias for SAMR_QUERY_DISPINFO
with info level 4 */
#define SAMR_ADDMULTI_ALIASMEM 0x34
#define SAMR_UNKNOWN_35 0x35
#define SAMR_UNKNOWN_36 0x36
#define SAMR_CHGPASSWD_USER 0x37
#define SAMR_GET_DOM_PWINFO 0x38
#define SAMR_CONNECT 0x39
#define SAMR_SET_USERINFO 0x3A /* this is SAMR_SET_USERINFO2! */
#define SAMR_CONNECT4 0x3E
#define SAMR_CHGPASSWD_USER3 0x3F
#define SAMR_CONNECT5 0x40
#define PASS_MUST_CHANGE_AT_NEXT_LOGON 0x01
#define PASS_DONT_CHANGE_AT_NEXT_LOGON 0x00
#define MAX_SAM_ENTRIES_W2K 0x400
#define MAX_SAM_ENTRIES_W95 50
/* The following should be the greater of the preceeding two. */
#define MAX_SAM_ENTRIES MAX_SAM_ENTRIES_W2K
/* these are from the old rpc_samr.h - they are needed while the merge
is still going on */
#define MAX_SAM_SIDS 15
#endif /* _RPC_SAMR_H */

139
source3/include/rpc_srvsvc.h
View File

@ -683,145 +683,6 @@ typedef struct {
WERROR status;
} SRV_R_NET_FILE_ENUM;
/* SRV_INFO_100 */
typedef struct srv_info_100_info
{
uint32 platform_id; /* 0x500 */
uint32 ptr_name; /* pointer to server name */
UNISTR2 uni_name; /* server name "server" */
} SRV_INFO_100;
/* SRV_INFO_101 */
typedef struct srv_info_101_info
{
uint32 platform_id; /* 0x500 */
uint32 ptr_name; /* pointer to server name */
uint32 ver_major; /* 0x4 */
uint32 ver_minor; /* 0x2 */
uint32 srv_type; /* browse etc type */
uint32 ptr_comment; /* pointer to server comment */
UNISTR2 uni_name; /* server name "server" */
UNISTR2 uni_comment; /* server comment "samba x.x.x blah" */
} SRV_INFO_101;
/* SRV_INFO_102 */
typedef struct srv_info_102_info
{
uint32 platform_id; /* 0x500 */
uint32 ptr_name; /* pointer to server name */
uint32 ver_major; /* 0x4 */
uint32 ver_minor; /* 0x2 */
uint32 srv_type; /* browse etc type */
uint32 ptr_comment; /* pointer to server comment */
uint32 users; /* 0xffff ffff*/
uint32 disc; /* 0xf */
uint32 hidden; /* 0x0 */
uint32 announce; /* 240 */
uint32 ann_delta; /* 3000 */
uint32 licenses; /* 0 */
uint32 ptr_usr_path; /* pointer to user path */
UNISTR2 uni_name; /* server name "server" */
UNISTR2 uni_comment; /* server comment "samba x.x.x blah" */
UNISTR2 uni_usr_path; /* "c:\" (eh?) */
} SRV_INFO_102;
/* SRV_INFO_CTR */
typedef struct srv_info_ctr_info
{
uint32 switch_value; /* switch value */
uint32 ptr_srv_ctr; /* pointer to server info */
union
{
SRV_INFO_102 sv102; /* server info level 102 */
SRV_INFO_101 sv101; /* server info level 101 */
SRV_INFO_100 sv100; /* server info level 100 */
} srv;
} SRV_INFO_CTR;
/* SRV_Q_NET_SRV_GET_INFO */
typedef struct q_net_srv_get_info
{
uint32 ptr_srv_name;
UNISTR2 uni_srv_name; /* "\\server" */
uint32 switch_value;
} SRV_Q_NET_SRV_GET_INFO;
/* SRV_R_NET_SRV_GET_INFO */
typedef struct r_net_srv_get_info
{
SRV_INFO_CTR *ctr;
WERROR status; /* return status */
} SRV_R_NET_SRV_GET_INFO;
/* SRV_Q_NET_SRV_SET_INFO */
typedef struct q_net_srv_set_info
{
uint32 ptr_srv_name;
UNISTR2 uni_srv_name; /* "\\server" */
uint32 switch_value;
SRV_INFO_CTR *ctr;
} SRV_Q_NET_SRV_SET_INFO;
/* SRV_R_NET_SRV_SET_INFO */
typedef struct r_net_srv_set_info
{
uint32 switch_value; /* switch value */
WERROR status; /* return status */
} SRV_R_NET_SRV_SET_INFO;
/* SRV_Q_NET_REMOTE_TOD */
typedef struct q_net_remote_tod
{
uint32 ptr_srv_name;
UNISTR2 uni_srv_name; /* "\\server" */
} SRV_Q_NET_REMOTE_TOD;
/* TIME_OF_DAY_INFO */
typedef struct time_of_day_info
{
uint32 elapsedt;
uint32 msecs;
uint32 hours;
uint32 mins;
uint32 secs;
uint32 hunds;
uint32 zone;
uint32 tintervals;
uint32 day;
uint32 month;
uint32 year;
uint32 weekday;
} TIME_OF_DAY_INFO;
/* SRV_R_NET_REMOTE_TOD */
typedef struct r_net_remote_tod
{
uint32 ptr_srv_tod; /* pointer to TOD */
TIME_OF_DAY_INFO *tod;
WERROR status; /* return status */
} SRV_R_NET_REMOTE_TOD;
/* SRV_Q_NET_FILE_QUERY_SECDESC */
typedef struct q_net_file_query_secdesc
{

127
source3/include/rpc_svcctl.h
View File

@ -196,81 +196,6 @@ typedef struct _ServiceInfo {
/**************************/
typedef struct {
UNISTR2 *servername;
UNISTR2 *database;
uint32 access;
} SVCCTL_Q_OPEN_SCMANAGER;
typedef struct {
POLICY_HND handle;
WERROR status;
} SVCCTL_R_OPEN_SCMANAGER;
/**************************/
typedef struct {
POLICY_HND handle;
UNISTR2 servicename;
uint32 display_name_len;
} SVCCTL_Q_GET_DISPLAY_NAME;
typedef struct {
UNISTR2 displayname;
uint32 display_name_len;
WERROR status;
} SVCCTL_R_GET_DISPLAY_NAME;
/**************************/
typedef struct {
POLICY_HND handle;
UNISTR2 servicename;
uint32 access;
} SVCCTL_Q_OPEN_SERVICE;
typedef struct {
POLICY_HND handle;
WERROR status;
} SVCCTL_R_OPEN_SERVICE;
/**************************/
typedef struct {
POLICY_HND handle;
uint32 parmcount;
UNISTR4_ARRAY *parameters;
} SVCCTL_Q_START_SERVICE;
typedef struct {
WERROR status;
} SVCCTL_R_START_SERVICE;
/**************************/
typedef struct {
POLICY_HND handle;
uint32 control;
} SVCCTL_Q_CONTROL_SERVICE;
typedef struct {
SERVICE_STATUS svc_status;
WERROR status;
} SVCCTL_R_CONTROL_SERVICE;
/**************************/
typedef struct {
POLICY_HND handle;
} SVCCTL_Q_QUERY_STATUS;
typedef struct {
SERVICE_STATUS svc_status;
WERROR status;
} SVCCTL_R_QUERY_STATUS;
/**************************/
typedef struct {
POLICY_HND handle;
uint32 type;
@ -346,57 +271,5 @@ typedef struct {
WERROR status;
} SVCCTL_R_QUERY_SERVICE_STATUSEX;
/**************************/
typedef struct {
POLICY_HND handle;
} SVCCTL_Q_LOCK_SERVICE_DB;
typedef struct {
POLICY_HND h_lock;
WERROR status;
} SVCCTL_R_LOCK_SERVICE_DB;
/**************************/
typedef struct {
POLICY_HND h_lock;
} SVCCTL_Q_UNLOCK_SERVICE_DB;
typedef struct {
WERROR status;
} SVCCTL_R_UNLOCK_SERVICE_DB;
/**************************/
typedef struct {
POLICY_HND handle;
uint32 security_flags;
uint32 buffer_size;
} SVCCTL_Q_QUERY_SERVICE_SEC;
typedef struct {
RPC_BUFFER buffer;
uint32 needed;
WERROR status;
} SVCCTL_R_QUERY_SERVICE_SEC;
/**************************/
typedef struct {
POLICY_HND handle;
uint32 security_flags;
RPC_BUFFER buffer;
uint32 buffer_size;
} SVCCTL_Q_SET_SERVICE_SEC;
typedef struct {
WERROR status;
} SVCCTL_R_SET_SERVICE_SEC;
#endif /* _RPC_SVCCTL_H */

2
source3/include/smb.h
View File

@ -308,6 +308,8 @@ extern const DATA_BLOB data_blob_null;
#include "librpc/gen_ndr/samr.h"
#include "librpc/gen_ndr/dssetup.h"
#include "librpc/gen_ndr/libnet_join.h"
#include "librpc/gen_ndr/krb5pac.h"
#include "librpc/gen_ndr/ntsvcs.h"
struct lsa_dom_info {
bool valid;

5
source3/include/smb_macros.h
View File

@ -305,10 +305,9 @@ NULL returns on zero request. JRA.
#define talloc_destroy(ctx) talloc_free(ctx)
#define TALLOC_FREE(ctx) do { if ((ctx) != NULL) {talloc_free(ctx); ctx=NULL;} } while(0)
/* only define PARANOID_MALLOC_CHECKER with --enable-developer and not compiling
the smbmount utils */
/* only define PARANOID_MALLOC_CHECKER with --enable-developer */
#if defined(DEVELOPER) && !defined(SMBMOUNT_MALLOC)
#if defined(DEVELOPER)
# define PARANOID_MALLOC_CHECKER 1
#endif

11
source3/intl/lang_tdb.c
View File

@ -127,7 +127,11 @@ bool lang_tdb_init(const char *lang)
if (!lang)
return True;
asprintf(&msg_path, "%s.msg", data_path((const char *)lang));
if (asprintf(&msg_path, "%s.msg",
data_path((const char *)lang)) == -1) {
DEBUG(0, ("asprintf failed\n"));
goto done;
}
if (stat(msg_path, &st) != 0) {
/* the msg file isn't available */
DEBUG(10, ("lang_tdb_init: %s: %s\n", msg_path,
@ -135,7 +139,10 @@ bool lang_tdb_init(const char *lang)
goto done;
}
asprintf(&path, "%s%s.tdb", lock_path("lang_"), lang);
if (asprintf(&path, "%s%s.tdb", lock_path("lang_"), lang) == -1) {
DEBUG(0, ("asprintf failed\n"));
goto done;
}
DEBUG(10, ("lang_tdb_init: loading %s\n", path));

10
source3/lib/debug.c
View File

@ -827,6 +827,7 @@ void check_log_size( void )
};
int priority;
char *msgbuf = NULL;
int ret;
if( syslog_level >= ( sizeof(priority_map) / sizeof(priority_map[0]) ) || syslog_level < 0)
priority = LOG_DEBUG;
@ -834,10 +835,10 @@ void check_log_size( void )
priority = priority_map[syslog_level];
va_start(ap, format_str);
vasprintf(&msgbuf, format_str, ap);
ret = vasprintf(&msgbuf, format_str, ap);
va_end(ap);
if (msgbuf) {
if (ret == -1) {
syslog(priority, "%s", msgbuf);
}
SAFE_FREE(msgbuf);
@ -1059,12 +1060,13 @@ bool dbghdr(int level, int cls, const char *file, const char *func, int line)
va_list ap;
char *msgbuf = NULL;
bool ret = true;
int res;
va_start(ap, format_str);
vasprintf(&msgbuf, format_str, ap);
res = vasprintf(&msgbuf, format_str, ap);
va_end(ap);
if (msgbuf) {
if (res != -1) {
format_debug_text(msgbuf);
} else {
ret = false;

72
source3/lib/display_dsdcinfo.c
View File

@ -1,72 +0,0 @@
/*
Unix SMB/CIFS implementation.
Copyright (C) Guenther Deschner 2007
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
/****************************************************************
****************************************************************/
void display_ds_domain_controller_info(TALLOC_CTX *mem_ctx,
const struct DS_DOMAIN_CONTROLLER_INFO *info)
{
d_printf("domain_controller_name: %s\n",
info->domain_controller_name);
d_printf("domain_controller_address: %s\n",
info->domain_controller_address);
d_printf("domain_controller_address_type: %d\n",
info->domain_controller_address_type);
d_printf("domain_guid: %s\n",
GUID_string(mem_ctx, info->domain_guid));
d_printf("domain_name: %s\n",
info->domain_name);
d_printf("dns_forest_name: %s\n",
info->dns_forest_name);
d_printf("flags: 0x%08x\n"
"\tIs a PDC: %s\n"
"\tIs a GC of the forest: %s\n"
"\tIs an LDAP server: %s\n"
"\tSupports DS: %s\n"
"\tIs running a KDC: %s\n"
"\tIs running time services: %s\n"
"\tIs the closest DC: %s\n"
"\tIs writable: %s\n"
"\tHas a hardware clock: %s\n"
"\tIs a non-domain NC serviced by LDAP server: %s\n"
"\tDomainControllerName is a DNS name: %s\n"
"\tDomainName is a DNS name: %s\n"
"\tDnsForestName is a DNS name: %s\n",
info->flags,
(info->flags & ADS_PDC) ? "yes" : "no",
(info->flags & ADS_GC) ? "yes" : "no",
(info->flags & ADS_LDAP) ? "yes" : "no",
(info->flags & ADS_DS) ? "yes" : "no",
(info->flags & ADS_KDC) ? "yes" : "no",
(info->flags & ADS_TIMESERV) ? "yes" : "no",
(info->flags & ADS_CLOSEST) ? "yes" : "no",
(info->flags & ADS_WRITABLE) ? "yes" : "no",
(info->flags & ADS_GOOD_TIMESERV) ? "yes" : "no",
(info->flags & ADS_NDNC) ? "yes" : "no",
(info->flags & ADS_DNS_CONTROLLER) ? "yes":"no",
(info->flags & ADS_DNS_DOMAIN) ? "yes":"no",
(info->flags & ADS_DNS_FOREST) ? "yes":"no");
d_printf("dc_site_name: %s\n", info->dc_site_name);
d_printf("client_site_name: %s\n", info->client_site_name);
}

12
source3/lib/gencache.c
View File

@ -120,9 +120,9 @@ bool gencache_set(const char *keystr, const char *value, time_t timeout)
if (!gencache_init()) return False;
asprintf(&valstr, CACHE_DATA_FMT, (int)timeout, value);
if (!valstr)
if (asprintf(&valstr, CACHE_DATA_FMT, (int)timeout, value) == -1) {
return False;
}
databuf = string_term_tdb_data(valstr);
DEBUG(10, ("Adding cache entry with key = %s; value = %s and timeout ="
@ -340,8 +340,7 @@ bool gencache_set_data_blob(const char *keystr, DATA_BLOB *blob, time_t timeout)
return False;
}
asprintf(&valstr, "%12u/%s", (int)timeout, BLOB_TYPE);
if (!valstr) {
if (asprintf(&valstr, "%12u/%s", (int)timeout, BLOB_TYPE) == -1) {
return False;
}
@ -452,8 +451,9 @@ void gencache_iterate(void (*fn)(const char* key, const char *value, time_t time
break;
}
asprintf(&fmt, READ_CACHE_DATA_FMT_TEMPLATE, (unsigned int)databuf.dsize - TIMEOUT_LEN);
if (!fmt) {
if (asprintf(&fmt, READ_CACHE_DATA_FMT_TEMPLATE,
(unsigned int)databuf.dsize - TIMEOUT_LEN)
== -1) {
SAFE_FREE(valstr);
SAFE_FREE(entry);
SAFE_FREE(keystr);

402
source3/lib/interfaces.c
View File

@ -191,7 +191,6 @@ void make_net(struct sockaddr_storage *pss_out,
Also gets IPv6 interfaces.
****************************************************************************/
#if HAVE_IFACE_GETIFADDRS
/****************************************************************************
Get the netmask address for a local interface.
****************************************************************************/
@ -237,19 +236,9 @@ static int _get_interfaces(struct iface_struct *ifaces, int max_interfaces)
memcpy(&ifaces[total].netmask, ifptr->ifa_netmask, copy_size);
if (ifaces[total].flags & (IFF_BROADCAST|IFF_LOOPBACK)) {
if (ifptr->ifa_broadaddr) {
memcpy(&ifaces[total].bcast,
ifptr->ifa_broadaddr,
copy_size);
} else {
/* For some reason ifptr->ifa_broadaddr
* is null. Make one from ifa_addr and
* ifa_netmask.
*/
make_bcast(&ifaces[total].bcast,
&ifaces[total].ip,
&ifaces[total].netmask);
}
make_bcast(&ifaces[total].bcast,
&ifaces[total].ip,
&ifaces[total].netmask);
} else if ((ifaces[total].flags & IFF_POINTOPOINT) &&
ifptr->ifa_dstaddr ) {
memcpy(&ifaces[total].bcast,
@ -269,339 +258,6 @@ static int _get_interfaces(struct iface_struct *ifaces, int max_interfaces)
return total;
}
#define _FOUND_IFACE_ANY
#endif /* HAVE_IFACE_GETIFADDRS */
#if HAVE_IFACE_IFCONF
/* this works for Linux 2.2, Solaris 2.5, SunOS4, HPUX 10.20, OSF1
V4.0, Ultrix 4.4, SCO Unix 3.2, IRIX 6.4 and FreeBSD 3.2.
It probably also works on any BSD style system. */
/****************************************************************************
Get the netmask address for a local interface.
****************************************************************************/
static int _get_interfaces(struct iface_struct *ifaces, int max_interfaces)
{
struct ifconf ifc;
char buff[8192];
int fd, i, n;
struct ifreq *ifr=NULL;
int total = 0;
if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) == -1) {
return -1;
}
ifc.ifc_len = sizeof(buff);
ifc.ifc_buf = buff;
if (ioctl(fd, SIOCGIFCONF, &ifc) != 0) {
close(fd);
return -1;
}
ifr = ifc.ifc_req;
n = ifc.ifc_len / sizeof(struct ifreq);
/* Loop through interfaces, looking for given IP address */
for (i=n-1;i>=0 && total < max_interfaces;i--) {
memset(&ifaces[total], '\0', sizeof(ifaces[total]));
/* Check the interface is up. */
if (ioctl(fd, SIOCGIFFLAGS, &ifr[i]) != 0) {
continue;
}
ifaces[total].flags = ifr[i].ifr_flags;
if (!(ifaces[total].flags & IFF_UP)) {
continue;
}
if (ioctl(fd, SIOCGIFADDR, &ifr[i]) != 0) {
continue;
}
strlcpy(ifaces[total].name, ifr[i].ifr_name,
sizeof(ifaces[total].name));
memcpy(&ifaces[total].ip, &ifr[i].ifr_addr,
sizeof(struct sockaddr_in));
if (ioctl(fd, SIOCGIFNETMASK, &ifr[i]) != 0) {
continue;
}
memcpy(&ifaces[total].netmask, &ifr[i].ifr_netmask,
sizeof(struct sockaddr_in));
if (ifaces[total].flags & IFF_BROADCAST) {
if (ioctl(fd, SIOCGIFBRDADDR, &ifr[i]) != 0) {
continue;
}
memcpy(&ifaces[total].bcast, &ifr[i].ifr_broadaddr,
sizeof(struct sockaddr_in));
} else if (ifaces[total].flags & IFF_POINTOPOINT) {
if (ioctl(fd, SIOCGIFDSTADDR, &ifr[i]) != 0) {
continue;
}
memcpy(&ifaces[total].bcast, &ifr[i].ifr_dstaddr,
sizeof(struct sockaddr_in));
} else {
continue;
}
total++;
}
close(fd);
return total;
}
#define _FOUND_IFACE_ANY
#endif /* HAVE_IFACE_IFCONF */
#ifdef HAVE_IFACE_IFREQ
#ifndef I_STR
#include <sys/stropts.h>
#endif
/****************************************************************************
This should cover most of the streams based systems.
Thanks to Andrej.Borsenkow@mow.siemens.ru for several ideas in this code.
****************************************************************************/
static int _get_interfaces(struct iface_struct *ifaces, int max_interfaces)
{
struct ifreq ifreq;
struct strioctl strioctl;
char buff[8192];
int fd, i, n;
struct ifreq *ifr=NULL;
int total = 0;
if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) == -1) {
return -1;
}
strioctl.ic_cmd = SIOCGIFCONF;
strioctl.ic_dp = buff;
strioctl.ic_len = sizeof(buff);
if (ioctl(fd, I_STR, &strioctl) < 0) {
close(fd);
return -1;
}
/* we can ignore the possible sizeof(int) here as the resulting
number of interface structures won't change */
n = strioctl.ic_len / sizeof(struct ifreq);
/* we will assume that the kernel returns the length as an int
at the start of the buffer if the offered size is a
multiple of the structure size plus an int */
if (n*sizeof(struct ifreq) + sizeof(int) == strioctl.ic_len) {
ifr = (struct ifreq *)(buff + sizeof(int));
} else {
ifr = (struct ifreq *)buff;
}
/* Loop through interfaces */
for (i = 0; i<n && total < max_interfaces; i++) {
memset(&ifaces[total], '\0', sizeof(ifaces[total]));
ifreq = ifr[i];
strioctl.ic_cmd = SIOCGIFFLAGS;
strioctl.ic_dp = (char *)&ifreq;
strioctl.ic_len = sizeof(struct ifreq);
if (ioctl(fd, I_STR, &strioctl) != 0) {
continue;
}
ifaces[total].flags = ifreq.ifr_flags;
if (!(ifaces[total].flags & IFF_UP)) {
continue;
}
strioctl.ic_cmd = SIOCGIFADDR;
strioctl.ic_dp = (char *)&ifreq;
strioctl.ic_len = sizeof(struct ifreq);
if (ioctl(fd, I_STR, &strioctl) != 0) {
continue;
}
strlcpy(ifaces[total].name,
ifreq.ifr_name,
sizeof(ifaces[total].name));
memcpy(&ifaces[total].ip, &ifreq.ifr_addr,
sizeof(struct sockaddr_in));
strioctl.ic_cmd = SIOCGIFNETMASK;
strioctl.ic_dp = (char *)&ifreq;
strioctl.ic_len = sizeof(struct ifreq);
if (ioctl(fd, I_STR, &strioctl) != 0) {
continue;
}
memcpy(&ifaces[total].netmask, &ifreq.ifr_addr,
sizeof(struct sockaddr_in));
if (ifaces[total].flags & IFF_BROADCAST) {
strioctl.ic_cmd = SIOCGIFBRDADDR;
strioctl.ic_dp = (char *)&ifreq;
strioctl.ic_len = sizeof(struct ifreq);
if (ioctl(fd, I_STR, &strioctl) != 0) {
continue;
}
memcpy(&ifaces[total].bcast, &ifreq.ifr_broadaddr,
sizeof(struct sockaddr_in));
} else if (ifaces[total].flags & IFF_POINTOPOINT) {
strioctl.ic_cmd = SIOCGIFDSTADDR;
strioctl.ic_dp = (char *)&ifreq;
strioctl.ic_len = sizeof(struct ifreq);
if (ioctl(fd, I_STR, &strioctl) != 0) {
continue;
}
memcpy(&ifaces[total].bcast, &ifreq.ifr_dstaddr,
sizeof(struct sockaddr_in));
} else {
continue;
}
total++;
}
close(fd);
return total;
}
#define _FOUND_IFACE_ANY
#endif /* HAVE_IFACE_IFREQ */
#ifdef HAVE_IFACE_AIX
/****************************************************************************
This one is for AIX (tested on 4.2).
****************************************************************************/
static int _get_interfaces(struct iface_struct *ifaces, int max_interfaces)
{
char buff[8192];
int fd, i;
struct ifconf ifc;
struct ifreq *ifr=NULL;
int total = 0;
if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) == -1) {
return -1;
}
ifc.ifc_len = sizeof(buff);
ifc.ifc_buf = buff;
if (ioctl(fd, SIOCGIFCONF, &ifc) != 0) {
close(fd);
return -1;
}
ifr = ifc.ifc_req;
/* Loop through interfaces */
i = ifc.ifc_len;
while (i > 0 && total < max_interfaces) {
uint_t inc;
memset(&ifaces[total], '\0', sizeof(ifaces[total]));
inc = ifr->ifr_addr.sa_len;
if (ioctl(fd, SIOCGIFFLAGS, ifr) != 0) {
goto next;
}
ifaces[total].flags = ifr->ifr_flags;
if (!(ifaces[total].flags & IFF_UP)) {
goto next;
}
if (ioctl(fd, SIOCGIFADDR, ifr) != 0) {
goto next;
}
memcpy(&ifaces[total].ip, &ifr->ifr_addr,
sizeof(struct sockaddr_in));
strlcpy(ifaces[total].name, ifr->ifr_name,
sizeof(ifaces[total].name));
if (ioctl(fd, SIOCGIFNETMASK, ifr) != 0) {
goto next;
}
memcpy(&ifaces[total].netmask, &ifr->ifr_addr,
sizeof(struct sockaddr_in));
if (ifaces[total].flags & IFF_BROADCAST) {
if (ioctl(fd, SIOCGIFBRDADDR, ifr) != 0) {
goto next;
}
memcpy(&ifaces[total].bcast, &ifr->ifr_broadaddr,
sizeof(struct sockaddr_in));
} else if (ifaces[total].flags & IFF_POINTOPOINT) {
if (ioctl(fd, SIOCGIFDSTADDR, ifr) != 0) {
goto next;
}
memcpy(&ifaces[total].bcast, &ifr->ifr_dstaddr,
sizeof(struct sockaddr_in));
} else {
goto next;
}
total++;
next:
/*
* Patch from Archie Cobbs (archie@whistle.com). The
* addresses in the SIOCGIFCONF interface list have a
* minimum size. Usually this doesn't matter, but if
* your machine has tunnel interfaces, etc. that have
* a zero length "link address", this does matter. */
if (inc < sizeof(ifr->ifr_addr))
inc = sizeof(ifr->ifr_addr);
inc += IFNAMSIZ;
ifr = (struct ifreq*) (((char*) ifr) + inc);
i -= inc;
}
close(fd);
return total;
}
#define _FOUND_IFACE_ANY
#endif /* HAVE_IFACE_AIX */
#ifndef _FOUND_IFACE_ANY
static int _get_interfaces(struct iface_struct *ifaces, int max_interfaces)
{
return -1;
}
#endif
static int iface_comp(struct iface_struct *i1, struct iface_struct *i2)
{
int r;
@ -693,55 +349,3 @@ int get_interfaces(struct iface_struct *ifaces, int max_interfaces)
return total;
}
#ifdef AUTOCONF_TEST
/* this is the autoconf driver to test get_interfaces() */
static socklen_t calc_sa_size(struct sockaddr *psa)
{
socklen_t sl = sizeof(struct sockaddr_in);
#if defined(HAVE_IPV6)
if (psa->sa_family == AF_INET6) {
sl = sizeof(struct sockaddr_in6);
}
#endif
return sl;
}
int main()
{
struct iface_struct ifaces[MAX_INTERFACES];
int total = get_interfaces(ifaces, MAX_INTERFACES);
int i;
printf("got %d interfaces:\n", total);
if (total <= 0) {
exit(1);
}
for (i=0;i<total;i++) {
char addr[INET6_ADDRSTRLEN];
int ret;
printf("%-10s ", ifaces[i].name);
addr[0] = '\0';
ret = getnameinfo((struct sockaddr *)&ifaces[i].ip,
calc_sa_size(&ifaces[i].ip),
addr, sizeof(addr),
NULL, 0, NI_NUMERICHOST);
printf("IP=%s ", addr);
addr[0] = '\0';
ret = getnameinfo((struct sockaddr *)&ifaces[i].netmask,
calc_sa_size(&ifaces[i].netmask),
addr, sizeof(addr),
NULL, 0, NI_NUMERICHOST);
printf("NETMASK=%s ", addr);
addr[0] = '\0';
ret = getnameinfo((struct sockaddr *)&ifaces[i].bcast,
calc_sa_size(&ifaces[i].bcast),
addr, sizeof(addr),
NULL, 0, NI_NUMERICHOST);
printf("BCAST=%s\n", addr);
}
return 0;
}
#endif

34
source3/lib/netapi/examples/Makefile.in
View File

@ -3,10 +3,11 @@ GTK_LIBS=`pkg-config gtk+-2.0 --libs`
KRB5LIBS=@KRB5_LIBS@
LDAP_LIBS=@LDAP_LIBS@
LIBS=@LIBS@ -lnetapi
LIBS=@LIBS@ -lnetapi -ltdb -ltalloc
DEVELOPER_CFLAGS=@DEVELOPER_CFLAGS@
FLAGS=-I../ -L../../../bin @CFLAGS@ $(GTK_FLAGS)
CC=@CC@
PICFLAG=@PICFLAG@
LDFLAGS=@PIE_LDFLAGS@ @LDFLAGS@
DYNEXP=@DYNEXP@
@ -14,7 +15,12 @@ DYNEXP=@DYNEXP@
COMPILE_CC = $(CC) -I. $(FLAGS) $(PICFLAG) -c $< -o $@
COMPILE = $(COMPILE_CC)
BINARY_PREREQS = proto_exists bin/.dummy
PROGS = bin/getdc@EXEEXT@ \
bin/netdomjoin@EXEEXT@ \
bin/netdomjoin-gui@EXEEXT@ \
bin/getjoinableous@EXEEXT@
all: $(PROGS)
MAKEDIR = || exec false; \
if test -d "$$dir"; then :; else \
@ -24,6 +30,13 @@ MAKEDIR = || exec false; \
mkdir "$$dir" || \
exec false; fi || exec false
BINARY_PREREQS = bin/.dummy
bin/.dummy:
@if (: >> $@ || : > $@) >/dev/null 2>&1; then :; else \
dir=bin $(MAKEDIR); fi
@: >> $@ || : > $@ # what a fancy emoticon!
.c.o:
@if (: >> $@ || : > $@) >/dev/null 2>&1; then rm -f $@; else \
dir=`echo $@ | sed 's,/[^/]*$$,,;s,^$$,.,'` $(MAKEDIR); fi
@ -38,30 +51,23 @@ NETDOMJOIN_OBJ = netdomjoin/netdomjoin.o
NETDOMJOIN_GUI_OBJ = netdomjoin-gui/netdomjoin-gui.o
GETJOINABLEOUS_OBJ = getjoinableous/getjoinableous.o
PROGS = bin/getdc@EXEEXT@ \
bin/netdomjoin@EXEEXT@ \
bin/netdomjoin-gui@EXEEXT@ \
bin/getjoinableous@EXEEXT@
all: $(PROGS)
bin/getdc@EXEEXT@: $(GETDC_OBJ)
bin/getdc@EXEEXT@: $(BINARY_PREREQS) $(GETDC_OBJ)
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(GETDC_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS)
bin/getjoinableous@EXEEXT@: $(GETJOINABLEOUS_OBJ)
bin/getjoinableous@EXEEXT@: $(BINARY_PREREQS) $(GETJOINABLEOUS_OBJ)
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(GETJOINABLEOUS_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS)
bin/netdomjoin@EXEEXT@: $(NETDOMJOIN_OBJ)
bin/netdomjoin@EXEEXT@: $(BINARY_PREREQS) $(NETDOMJOIN_OBJ)
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(NETDOMJOIN_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS)
bin/netdomjoin-gui@EXEEXT@: $(NETDOMJOIN_GUI_OBJ)
bin/netdomjoin-gui@EXEEXT@: $(BINARY_PREREQS) $(NETDOMJOIN_GUI_OBJ)
@echo Linking $@
@$(CC) $(FLAGS) $(GTK_FLAGS) -o $@ $(NETDOMJOIN_GUI_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(GTK_LIBS)
clean:
-rm -f $(PROGS)
-rm -f core */*~ *~ \
*/*.o */*/*.o */*/*/*.o \
*/*.o */*/*.o */*/*/*.o

2
source3/lib/netapi/examples/netdomjoin-gui/netdomjoin-gui.c
View File

@ -154,7 +154,7 @@ static void callback_apply_description_change(GtkWidget *widget,
GTK_MESSAGE_ERROR,
GTK_BUTTONS_OK,
"Failed to change computer description: %s.",
libnetapi_errstr(status));
libnetapi_get_error_string(state->ctx, status));
g_signal_connect_swapped(dialog, "response",
G_CALLBACK(gtk_widget_destroy),
dialog);

12
source3/lib/netapi/joindomain.c
View File

@ -48,7 +48,7 @@ static WERROR NetJoinDomainLocal(struct libnetapi_ctx *mem_ctx,
if (join_flags & WKSSVC_JOIN_FLAGS_JOIN_TYPE) {
NTSTATUS status;
struct DS_DOMAIN_CONTROLLER_INFO *info = NULL;
struct netr_DsRGetDCNameInfo *info = NULL;
uint32_t flags = DS_DIRECTORY_SERVICE_REQUIRED |
DS_WRITABLE_REQUIRED |
DS_RETURN_DNS_NAME;
@ -60,7 +60,7 @@ static WERROR NetJoinDomainLocal(struct libnetapi_ctx *mem_ctx,
return ntstatus_to_werror(status);
}
r->in.dc_name = talloc_strdup(mem_ctx,
info->domain_controller_name);
info->dc_unc);
W_ERROR_HAVE_NO_MEMORY(r->in.dc_name);
}
@ -252,7 +252,7 @@ static WERROR NetUnjoinDomainLocal(struct libnetapi_ctx *mem_ctx,
} else {
NTSTATUS status;
const char *domain = NULL;
struct DS_DOMAIN_CONTROLLER_INFO *info = NULL;
struct netr_DsRGetDCNameInfo *info = NULL;
uint32_t flags = DS_DIRECTORY_SERVICE_REQUIRED |
DS_WRITABLE_REQUIRED |
DS_RETURN_DNS_NAME;
@ -269,7 +269,7 @@ static WERROR NetUnjoinDomainLocal(struct libnetapi_ctx *mem_ctx,
return ntstatus_to_werror(status);
}
r->in.dc_name = talloc_strdup(mem_ctx,
info->domain_controller_name);
info->dc_unc);
W_ERROR_HAVE_NO_MEMORY(r->in.dc_name);
}
@ -562,7 +562,7 @@ static WERROR NetGetJoinableOUsLocal(struct libnetapi_ctx *ctx,
NTSTATUS status;
ADS_STATUS ads_status;
ADS_STRUCT *ads = NULL;
struct DS_DOMAIN_CONTROLLER_INFO *info = NULL;
struct netr_DsRGetDCNameInfo *info = NULL;
uint32_t flags = DS_DIRECTORY_SERVICE_REQUIRED |
DS_RETURN_DNS_NAME;
@ -574,7 +574,7 @@ static WERROR NetGetJoinableOUsLocal(struct libnetapi_ctx *ctx,
return ntstatus_to_werror(status);
}
ads = ads_init(domain, domain, info->domain_controller_name);
ads = ads_init(domain, domain, info->dc_unc);
if (!ads) {
return WERR_GENERAL_FAILURE;
}

4
source3/lib/netapi/netapi.c
View File

@ -50,7 +50,9 @@ NET_API_STATUS libnetapi_init(struct libnetapi_ctx **context)
return W_ERROR_V(WERR_NOMEM);
}
DEBUGLEVEL = 0;
if (!DEBUGLEVEL) {
DEBUGLEVEL = 0;
}
setup_logging("libnetapi", true);
dbf = x_stderr;

5
source3/lib/netapi/serverinfo.c
View File

@ -185,6 +185,9 @@ static WERROR NetServerSetInfoLocal_1005(struct libnetapi_ctx *ctx,
}
if (!lp_config_backend_is_registry()) {
libnetapi_set_error_string(ctx,
"Configuration manipulation requested but not "
"supported by backend");
return WERR_NOT_SUPPORTED;
}
@ -268,7 +271,7 @@ static WERROR NetServerSetInfoRemote(struct libnetapi_ctx *ctx,
status = rpccli_srvsvc_NetSrvSetInfo(pipe_cli, ctx,
server_name,
level,
info,
&info,
parm_error,
&werr);
if (!NT_STATUS_IS_OK(status)) {

4
source3/lib/privileges_basic.c
View File

@ -473,7 +473,7 @@ bool se_priv_to_privilege_set( PRIVILEGE_SET *set, SE_PRIV *mask )
/*******************************************************************
*******************************************************************/
static bool luid_to_se_priv( LUID *luid, SE_PRIV *mask )
static bool luid_to_se_priv( struct lsa_LUID *luid, SE_PRIV *mask )
{
int i;
uint32 num_privs = count_all_privileges();
@ -491,7 +491,7 @@ static bool luid_to_se_priv( LUID *luid, SE_PRIV *mask )
/*******************************************************************
*******************************************************************/
bool privilege_set_to_se_priv( SE_PRIV *mask, PRIVILEGE_SET *privset )
bool privilege_set_to_se_priv( SE_PRIV *mask, struct lsa_PrivilegeSet *privset )
{
int i;

217
source3/lib/repdir.c
View File

@ -1,217 +0,0 @@
/*
Unix SMB/CIFS implementation.
Copyright (C) Andrew Tridgell 2005
Updated for Samba3 64-bit cleanliness (C) Jeremy Allison 2006
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/*
a replacement for opendir/readdir/telldir/seekdir/closedir for BSD systems
This is needed because the existing directory handling in FreeBSD
and OpenBSD (and possibly NetBSD) doesn't correctly handle unlink()
on files in a directory where telldir() has been used. On a block
boundary it will occasionally miss a file when seekdir() is used to
return to a position previously recorded with telldir().
This also fixes a severe performance and memory usage problem with
telldir() on BSD systems. Each call to telldir() in BSD adds an
entry to a linked list, and those entries are cleaned up on
closedir(). This means with a large directory closedir() can take an
arbitrary amount of time, causing network timeouts as millions of
telldir() entries are freed
Note! This replacement code is not portable. It relies on getdents()
always leaving the file descriptor at a seek offset that is a
multiple of DIR_BUF_SIZE. If the code detects that this doesn't
happen then it will abort(). It also does not handle directories
with offsets larger than can be stored in a long,
This code is available under other free software licenses as
well. Contact the author.
*/
#include <include/includes.h>
void replace_readdir_dummy(void);
void replace_readdir_dummy(void) {}
#if defined(REPLACE_READDIR)
#if defined(PARANOID_MALLOC_CHECKER)
#ifdef malloc
#undef malloc
#endif
#endif
#define DIR_BUF_BITS 9
#define DIR_BUF_SIZE (1<<DIR_BUF_BITS)
struct dir_buf {
int fd;
int nbytes, ofs;
SMB_OFF_T seekpos;
char buf[DIR_BUF_SIZE];
};
#if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_OPENDIR64)
SMB_STRUCT_DIR *opendir64(const char *dname)
#else
SMB_STRUCT_DIR *opendir(const char *dname)
#endif
{
struct dir_buf *d;
d = malloc(sizeof(*d));
if (d == NULL) {
errno = ENOMEM;
return NULL;
}
#if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_OPEN64)
d->fd = open64(dname, O_RDONLY);
#else
d->fd = open(dname, O_RDONLY);
#endif
if (d->fd == -1) {
free(d);
return NULL;
}
d->ofs = 0;
d->seekpos = 0;
d->nbytes = 0;
return (SMB_STRUCT_DIR *)d;
}
#if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_READDIR64)
SMB_STRUCT_DIRENT *readdir64(SMB_STRUCT_DIR *dir)
#else
SMB_STRUCT_DIRENT *readdir(SMB_STRUCT_DIR *dir)
#endif
{
struct dir_buf *d = (struct dir_buf *)dir;
SMB_STRUCT_DIRENT *de;
if (d->ofs >= d->nbytes) {
#if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_LSEEK64)
d->seekpos = lseek64(d->fd, 0, SEEK_CUR);
#else
d->seekpos = lseek(d->fd, 0, SEEK_CUR);
#endif
#if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_GETDENTS64)
d->nbytes = getdents64(d->fd, d->buf, DIR_BUF_SIZE);
#else
d->nbytes = getdents(d->fd, d->buf, DIR_BUF_SIZE);
#endif
d->ofs = 0;
}
if (d->ofs >= d->nbytes) {
return NULL;
}
de = (SMB_STRUCT_DIRENT *)&d->buf[d->ofs];
d->ofs += de->d_reclen;
return de;
}
#if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_TELLDIR64)
long telldir64(SMB_STRUCT_DIR *dir)
#else
long telldir(SMB_STRUCT_DIR *dir)
#endif
{
struct dir_buf *d = (struct dir_buf *)dir;
if (d->ofs >= d->nbytes) {
#if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_LSEEK64)
d->seekpos = lseek64(d->fd, 0, SEEK_CUR);
#else
d->seekpos = lseek(d->fd, 0, SEEK_CUR);
#endif
d->ofs = 0;
d->nbytes = 0;
}
/* this relies on seekpos always being a multiple of
DIR_BUF_SIZE. Is that always true on BSD systems? */
if (d->seekpos & (DIR_BUF_SIZE-1)) {
abort();
}
return d->seekpos + d->ofs;
}
#if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_SEEKDIR64)
void seekdir64(SMB_STRUCT_DIR *dir, long ofs)
#else
void seekdir(SMB_STRUCT_DIR *dir, long ofs)
#endif
{
struct dir_buf *d = (struct dir_buf *)dir;
#if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_LSEEK64)
d->seekpos = lseek64(d->fd, ofs & ~(DIR_BUF_SIZE-1), SEEK_SET);
#else
d->seekpos = lseek(d->fd, ofs & ~(DIR_BUF_SIZE-1), SEEK_SET);
#endif
#if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_GETDENTS64)
d->nbytes = getdents64(d->fd, d->buf, DIR_BUF_SIZE);
#else
d->nbytes = getdents(d->fd, d->buf, DIR_BUF_SIZE);
#endif
d->ofs = 0;
while (d->ofs < (ofs & (DIR_BUF_SIZE-1))) {
#if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_READDIR64)
if (readdir64(dir) == NULL) break;
#else
if (readdir(dir) == NULL) break;
#endif
}
}
#if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_REWINDDIR64)
void rewinddir64(SMB_STRUCT_DIR *dir)
#else
void rewinddir(SMB_STRUCT_DIR *dir)
#endif
{
#if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_SEEKDIR64)
seekdir64(dir, 0);
#else
seekdir(dir, 0);
#endif
}
#if defined(HAVE_EXPLICIT_LARGEFILE_SUPPORT) && defined(HAVE_CLOSEDIR64)
int closedir64(SMB_STRUCT_DIR *dir)
#else
int closedir(SMB_STRUCT_DIR *dir)
#endif
{
struct dir_buf *d = (struct dir_buf *)dir;
int r = close(d->fd);
if (r != 0) {
return r;
}
free(d);
return 0;
}
#ifndef dirfd
/* darn, this is a macro on some systems. */
int dirfd(SMB_STRUCT_DIR *dir)
{
struct dir_buf *d = (struct dir_buf *)dir;
return d->fd;
}
#endif
#endif /* REPLACE_READDIR */

6
source3/lib/replace/Makefile.in
View File

@ -10,6 +10,7 @@ VPATH = @libreplacedir@
srcdir = @srcdir@
builddir = @builddir@
INSTALL = @INSTALL@
LIBS = @LIBS@
.PHONY: test all showflags install installcheck clean distclean realdistclean
@ -25,6 +26,7 @@ showflags:
@echo ' CC = $(CC)'
@echo ' CFLAGS = $(CFLAGS)'
@echo ' LDFLAGS= $(LDFLAGS)'
@echo ' LIBS = $(LIBS)'
install: all
mkdir -p $(libdir)
@ -38,10 +40,10 @@ test: all
installcheck: install test
TEST_OBJS = test/testsuite.o test/os2_delete.o test/strptime.o
TEST_OBJS = test/testsuite.o test/os2_delete.o test/strptime.o test/getifaddrs.o
testsuite: libreplace.a $(TEST_OBJS)
$(CC) -o testsuite $(TEST_OBJS) -L. -lreplace $(LDFLAGS)
$(CC) -o testsuite $(TEST_OBJS) -L. -lreplace $(LDFLAGS) $(LIBS)
.c.o:
@echo Compiling $*.c

2
source3/lib/replace/README
View File

@ -60,6 +60,8 @@ getaddrinfo
freeaddrinfo
getnameinfo
gai_strerror
getifaddrs
freeifaddrs
Types:
bool

2
source3/lib/replace/configure.ac
View File

@ -3,6 +3,8 @@ AC_INIT(replace.c)
AC_CONFIG_SRCDIR([replace.c])
AC_CONFIG_HEADER(config.h)
CFLAGS="$CFLAGS -I$srcdir"
AC_LIBREPLACE_ALL_CHECKS
if test "$ac_cv_prog_gcc" = yes; then

2
source3/lib/replace/dlfcn.c
View File

@ -35,6 +35,8 @@ void *rep_dlopen(const char *name, int flags)
#endif
{
#ifdef HAVE_SHL_LOAD
if (name == NULL)
return PROG_HANDLE;
return (void *)shl_load(name, flags, 0);
#else
return NULL;

361
source3/lib/replace/getifaddrs.c Normal file
View File

@ -0,0 +1,361 @@
/*
Unix SMB/CIFS implementation.
Samba utility functions
Copyright (C) Andrew Tridgell 1998
Copyright (C) Jeremy Allison 2007
Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#define SOCKET_WRAPPER_NOT_REPLACE
#include "replace.h"
#include "system/network.h"
#include <unistd.h>
#include <stdio.h>
#include <sys/types.h>
#ifdef HAVE_SYS_TIME_H
#include <sys/time.h>
#endif
#ifndef SIOCGIFCONF
#ifdef HAVE_SYS_SOCKIO_H
#include <sys/sockio.h>
#endif
#endif
#ifdef HAVE_IFACE_GETIFADDRS
#define _FOUND_IFACE_ANY
#else
void rep_freeifaddrs(struct ifaddrs *ifp)
{
if (ifp != NULL) {
free(ifp->ifa_name);
free(ifp->ifa_addr);
free(ifp->ifa_netmask);
free(ifp->ifa_dstaddr);
freeifaddrs(ifp->ifa_next);
free(ifp);
}
}
static struct sockaddr *sockaddr_dup(struct sockaddr *sa)
{
struct sockaddr *ret;
socklen_t socklen;
#ifdef HAVE_SOCKADDR_SA_LEN
socklen = sa->sa_len;
#else
socklen = sizeof(struct sockaddr_storage);
#endif
ret = calloc(1, socklen);
if (ret == NULL)
return NULL;
memcpy(ret, sa, socklen);
return ret;
}
#endif
#if HAVE_IFACE_IFCONF
/* this works for Linux 2.2, Solaris 2.5, SunOS4, HPUX 10.20, OSF1
V4.0, Ultrix 4.4, SCO Unix 3.2, IRIX 6.4 and FreeBSD 3.2.
It probably also works on any BSD style system. */
int rep_getifaddrs(struct ifaddrs **ifap)
{
struct ifconf ifc;
char buff[8192];
int fd, i, n;
struct ifreq *ifr=NULL;
struct in_addr ipaddr;
struct in_addr nmask;
char *iname;
struct ifaddrs *curif;
struct ifaddrs *lastif = NULL;
*ifap = NULL;
if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) == -1) {
return -1;
}
ifc.ifc_len = sizeof(buff);
ifc.ifc_buf = buff;
if (ioctl(fd, SIOCGIFCONF, &ifc) != 0) {
close(fd);
return -1;
}
ifr = ifc.ifc_req;
n = ifc.ifc_len / sizeof(struct ifreq);
/* Loop through interfaces, looking for given IP address */
for (i=n-1; i>=0; i--) {
if (ioctl(fd, SIOCGIFFLAGS, &ifr[i]) == -1) {
freeifaddrs(*ifap);
return -1;
}
curif = calloc(1, sizeof(struct ifaddrs));
curif->ifa_name = strdup(ifr[i].ifr_name);
curif->ifa_flags = ifr[i].ifr_flags;
curif->ifa_dstaddr = NULL;
curif->ifa_data = NULL;
curif->ifa_next = NULL;
curif->ifa_addr = NULL;
if (ioctl(fd, SIOCGIFADDR, &ifr[i]) != -1) {
curif->ifa_addr = sockaddr_dup(&ifr[i].ifr_addr);
}
curif->ifa_netmask = NULL;
if (ioctl(fd, SIOCGIFNETMASK, &ifr[i]) != -1) {
curif->ifa_netmask = sockaddr_dup(&ifr[i].ifr_addr);
}
if (lastif == NULL) {
*ifap = curif;
} else {
lastif->ifa_next = curif;
}
lastif = curif;
}
close(fd);
return 0;
}
#define _FOUND_IFACE_ANY
#endif /* HAVE_IFACE_IFCONF */
#ifdef HAVE_IFACE_IFREQ
#ifndef I_STR
#include <sys/stropts.h>
#endif
/****************************************************************************
this should cover most of the streams based systems
Thanks to Andrej.Borsenkow@mow.siemens.ru for several ideas in this code
****************************************************************************/
int rep_getifaddrs(struct ifaddrs **ifap)
{
struct ifreq ifreq;
struct strioctl strioctl;
char buff[8192];
int fd, i, n;
struct ifreq *ifr=NULL;
struct in_addr ipaddr;
struct in_addr nmask;
char *iname;
struct ifaddrs *curif;
struct ifaddrs *lastif = NULL;
*ifap = NULL;
if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) == -1) {
return -1;
}
strioctl.ic_cmd = SIOCGIFCONF;
strioctl.ic_dp = buff;
strioctl.ic_len = sizeof(buff);
if (ioctl(fd, I_STR, &strioctl) < 0) {
close(fd);
return -1;
}
/* we can ignore the possible sizeof(int) here as the resulting
number of interface structures won't change */
n = strioctl.ic_len / sizeof(struct ifreq);
/* we will assume that the kernel returns the length as an int
at the start of the buffer if the offered size is a
multiple of the structure size plus an int */
if (n*sizeof(struct ifreq) + sizeof(int) == strioctl.ic_len) {
ifr = (struct ifreq *)(buff + sizeof(int));
} else {
ifr = (struct ifreq *)buff;
}
/* Loop through interfaces */
for (i = 0; i<n; i++) {
ifreq = ifr[i];
curif = calloc(1, sizeof(struct ifaddrs));
if (lastif == NULL) {
*ifap = curif;
} else {
lastif->ifa_next = curif;
}
strioctl.ic_cmd = SIOCGIFFLAGS;
strioctl.ic_dp = (char *)&ifreq;
strioctl.ic_len = sizeof(struct ifreq);
if (ioctl(fd, I_STR, &strioctl) != 0) {
freeifaddrs(*ifap);
return -1;
}
curif->ifa_flags = ifreq.ifr_flags;
strioctl.ic_cmd = SIOCGIFADDR;
strioctl.ic_dp = (char *)&ifreq;
strioctl.ic_len = sizeof(struct ifreq);
if (ioctl(fd, I_STR, &strioctl) != 0) {
freeifaddrs(*ifap);
return -1;
}
curif->ifa_name = strdup(ifreq.ifr_name);
curif->ifa_addr = sockaddr_dup(&ifreq.ifr_addr);
curif->ifa_dstaddr = NULL;
curif->ifa_data = NULL;
curif->ifa_next = NULL;
curif->ifa_netmask = NULL;
strioctl.ic_cmd = SIOCGIFNETMASK;
strioctl.ic_dp = (char *)&ifreq;
strioctl.ic_len = sizeof(struct ifreq);
if (ioctl(fd, I_STR, &strioctl) != 0) {
freeifaddrs(*ifap);
return -1;
}
curif->ifa_netmask = sockaddr_dup(&ifreq.ifr_addr);
lastif = curif;
}
close(fd);
return 0;
}
#define _FOUND_IFACE_ANY
#endif /* HAVE_IFACE_IFREQ */
#ifdef HAVE_IFACE_AIX
/****************************************************************************
this one is for AIX (tested on 4.2)
****************************************************************************/
int rep_getifaddrs(struct ifaddrs **ifap)
{
char buff[8192];
int fd, i;
struct ifconf ifc;
struct ifreq *ifr=NULL;
struct in_addr ipaddr;
struct in_addr nmask;
char *iname;
struct ifaddrs *curif;
struct ifaddrs *lastif = NULL;
*ifap = NULL;
if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) == -1) {
return -1;
}
ifc.ifc_len = sizeof(buff);
ifc.ifc_buf = buff;
if (ioctl(fd, SIOCGIFCONF, &ifc) != 0) {
close(fd);
return -1;
}
ifr = ifc.ifc_req;
/* Loop through interfaces */
i = ifc.ifc_len;
while (i > 0) {
uint_t inc;
inc = ifr->ifr_addr.sa_len;
if (ioctl(fd, SIOCGIFADDR, ifr) != 0) {
freeaddrinfo(*ifap);
return -1;
}
curif = calloc(1, sizeof(struct ifaddrs));
if (lastif == NULL) {
*ifap = curif;
} else {
lastif->ifa_next = curif;
}
curif->ifa_name = strdup(ifr->ifr_name);
curif->ifa_addr = sockaddr_dup(&ifr->ifr_addr);
curif->ifa_dstaddr = NULL;
curif->ifa_data = NULL;
curif->ifa_netmask = NULL;
curif->ifa_next = NULL;
if (ioctl(fd, SIOCGIFFLAGS, ifr) != 0) {
freeaddrinfo(*ifap);
return -1;
}
curif->ifa_flags = ifr->ifr_flags;
if (ioctl(fd, SIOCGIFNETMASK, ifr) != 0) {
freeaddrinfo(*ifap);
return -1;
}
curif->ifa_netmask = sockaddr_dup(&ifr->ifr_addr);
lastif = curif;
next:
/*
* Patch from Archie Cobbs (archie@whistle.com). The
* addresses in the SIOCGIFCONF interface list have a
* minimum size. Usually this doesn't matter, but if
* your machine has tunnel interfaces, etc. that have
* a zero length "link address", this does matter. */
if (inc < sizeof(ifr->ifr_addr))
inc = sizeof(ifr->ifr_addr);
inc += IFNAMSIZ;
ifr = (struct ifreq*) (((char*) ifr) + inc);
i -= inc;
}
close(fd);
return 0;
}
#define _FOUND_IFACE_ANY
#endif /* HAVE_IFACE_AIX */
#ifndef _FOUND_IFACE_ANY
int rep_getifaddrs(struct ifaddrs **ifap)
{
errno = ENOSYS;
return -1;
}
#endif

127
source3/lib/replace/getifaddrs.m4 Normal file
View File

@ -0,0 +1,127 @@
AC_CHECK_HEADERS([ifaddrs.h])
dnl Used when getifaddrs is not available
AC_CHECK_MEMBERS([struct sockaddr.sa_len],
[AC_DEFINE(HAVE_SOCKADDR_SA_LEN, 1, [Whether struct sockaddr has a sa_len member])],
[],
[#include <sys/socket.h>])
dnl test for getifaddrs and freeifaddrs
AC_CACHE_CHECK([for getifaddrs and freeifaddrs],libreplace_cv_HAVE_GETIFADDRS,[
AC_TRY_COMPILE([
#include <sys/types.h>
#if STDC_HEADERS
#include <stdlib.h>
#include <stddef.h>
#endif
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <ifaddrs.h>
#include <netdb.h>],
[
struct ifaddrs *ifp = NULL;
int ret = getifaddrs (&ifp);
freeifaddrs(ifp);
],
libreplace_cv_HAVE_GETIFADDRS=yes,libreplace_cv_HAVE_GETIFADDRS=no)])
if test x"$libreplace_cv_HAVE_GETIFADDRS" = x"yes"; then
AC_DEFINE(HAVE_GETIFADDRS,1,[Whether the system has getifaddrs])
AC_DEFINE(HAVE_FREEIFADDRS,1,[Whether the system has freeifaddrs])
AC_DEFINE(HAVE_STRUCT_IFADDRS,1,[Whether struct ifaddrs is available])
fi
##################
# look for a method of finding the list of network interfaces
#
# This tests need LIBS="$NSL_LIBS $SOCKET_LIBS"
#
old_LIBS=$LIBS
LIBS="$NSL_LIBS $SOCKET_LIBS"
iface=no;
##################
# look for a method of finding the list of network interfaces
iface=no;
AC_CACHE_CHECK([for iface getifaddrs],libreplace_cv_HAVE_IFACE_GETIFADDRS,[
AC_TRY_RUN([
#define HAVE_IFACE_GETIFADDRS 1
#define NO_CONFIG_H 1
#define AUTOCONF_TEST 1
#define SOCKET_WRAPPER_NOT_REPLACE
#include "$libreplacedir/replace.c"
#include "$libreplacedir/inet_ntop.c"
#include "$libreplacedir/snprintf.c"
#include "$libreplacedir/getifaddrs.c"
#define getifaddrs_test main
#include "$libreplacedir/test/getifaddrs.c"],
libreplace_cv_HAVE_IFACE_GETIFADDRS=yes,libreplace_cv_HAVE_IFACE_GETIFADDRS=no,libreplace_cv_HAVE_IFACE_GETIFADDRS=cross)])
if test x"$libreplace_cv_HAVE_IFACE_GETIFADDRS" = x"yes"; then
iface=yes;AC_DEFINE(HAVE_IFACE_GETIFADDRS,1,[Whether iface getifaddrs is available])
else
LIBREPLACEOBJ="${LIBREPLACEOBJ} getifaddrs.o"
fi
if test $iface = no; then
AC_CACHE_CHECK([for iface AIX],libreplace_cv_HAVE_IFACE_AIX,[
AC_TRY_RUN([
#define HAVE_IFACE_AIX 1
#define NO_CONFIG_H 1
#define AUTOCONF_TEST 1
#undef _XOPEN_SOURCE_EXTENDED
#define SOCKET_WRAPPER_NOT_REPLACE
#include "$libreplacedir/replace.c"
#include "$libreplacedir/inet_ntop.c"
#include "$libreplacedir/snprintf.c"
#include "$libreplacedir/getifaddrs.c"
#define getifaddrs_test main
#include "$libreplacedir/test/getifaddrs.c"],
libreplace_cv_HAVE_IFACE_AIX=yes,libreplace_cv_HAVE_IFACE_AIX=no,libreplace_cv_HAVE_IFACE_AIX=cross)])
if test x"$libreplace_cv_HAVE_IFACE_AIX" = x"yes"; then
iface=yes;AC_DEFINE(HAVE_IFACE_AIX,1,[Whether iface AIX is available])
old_LIBS="$old_LIBS $LIBS"
fi
fi
if test $iface = no; then
AC_CACHE_CHECK([for iface ifconf],libreplace_cv_HAVE_IFACE_IFCONF,[
AC_TRY_RUN([
#define HAVE_IFACE_IFCONF 1
#define NO_CONFIG_H 1
#define AUTOCONF_TEST 1
#define SOCKET_WRAPPER_NOT_REPLACE
#include "$libreplacedir/replace.c"
#include "$libreplacedir/inet_ntop.c"
#include "$libreplacedir/snprintf.c"
#include "$libreplacedir/getifaddrs.c"
#define getifaddrs_test main
#include "$libreplacedir/test/getifaddrs.c"],
libreplace_cv_HAVE_IFACE_IFCONF=yes,libreplace_cv_HAVE_IFACE_IFCONF=no,libreplace_cv_HAVE_IFACE_IFCONF=cross)])
if test x"$libreplace_cv_HAVE_IFACE_IFCONF" = x"yes"; then
iface=yes;AC_DEFINE(HAVE_IFACE_IFCONF,1,[Whether iface ifconf is available])
old_LIBS="$old_LIBS $LIBS"
fi
fi
if test $iface = no; then
AC_CACHE_CHECK([for iface ifreq],libreplace_cv_HAVE_IFACE_IFREQ,[
AC_TRY_RUN([
#define HAVE_IFACE_IFREQ 1
#define NO_CONFIG_H 1
#define AUTOCONF_TEST 1
#define SOCKET_WRAPPER_NOT_REPLACE
#include "$libreplacedir/replace.c"
#include "$libreplacedir/inet_ntop.c"
#include "$libreplacedir/snprintf.c"
#include "$libreplacedir/getifaddrs.c"
#define getifaddrs_test main
#include "$libreplacedir/test/getifaddrs.c"],
libreplace_cv_HAVE_IFACE_IFREQ=yes,libreplace_cv_HAVE_IFACE_IFREQ=no,libreplace_cv_HAVE_IFACE_IFREQ=cross)])
if test x"$libreplace_cv_HAVE_IFACE_IFREQ" = x"yes"; then
iface=yes;AC_DEFINE(HAVE_IFACE_IFREQ,1,[Whether iface ifreq is available])
old_LIBS="$old_LIBS $LIBS"
fi
fi
LIBS=$old_LIBS

5
source3/lib/replace/getpass.c
View File

@ -185,7 +185,10 @@ char *rep_getpass(const char *prompt)
buf[0] = 0;
if (!gotintr) {
in_fd = fileno(in);
fgets(buf, bufsize, in);
if (fgets(buf, bufsize, in) == NULL) {
buf[0] = 0;
return buf;
}
}
nread = strlen(buf);
if (nread) {

12
source3/lib/replace/getpass.m4
View File

@ -1,22 +1,22 @@
AC_CHECK_FUNC(getpass, samba_cv_HAVE_GETPASS=yes)
AC_CHECK_FUNC(getpassphrase, samba_cv_HAVE_GETPASSPHRASE=yes)
if test x"$samba_cv_HAVE_GETPASS" = x"yes" -a x"$samba_cv_HAVE_GETPASSPHRASE" = x"yes"; then
AC_CHECK_FUNC(getpass, libreplace_cv_HAVE_GETPASS=yes)
AC_CHECK_FUNC(getpassphrase, libreplace_cv_HAVE_GETPASSPHRASE=yes)
if test x"$libreplace_cv_HAVE_GETPASS" = x"yes" -a x"$libreplace_cv_HAVE_GETPASSPHRASE" = x"yes"; then
AC_DEFINE(REPLACE_GETPASS_BY_GETPASSPHRASE, 1, [getpass returns <9 chars where getpassphrase returns <265 chars])
AC_DEFINE(REPLACE_GETPASS,1,[Whether getpass should be replaced])
LIBREPLACEOBJ="${LIBREPLACEOBJ} getpass.o"
else
AC_CACHE_CHECK([whether getpass should be replaced],samba_cv_REPLACE_GETPASS,[
AC_CACHE_CHECK([whether getpass should be replaced],libreplace_cv_REPLACE_GETPASS,[
SAVE_CPPFLAGS="$CPPFLAGS"
CPPFLAGS="$CPPFLAGS -I$libreplacedir/"
AC_TRY_COMPILE([
#include "confdefs.h"
#define NO_CONFIG_H
#include "$libreplacedir/getpass.c"
],[],samba_cv_REPLACE_GETPASS=yes,samba_cv_REPLACE_GETPASS=no)
],[],libreplace_cv_REPLACE_GETPASS=yes,libreplace_cv_REPLACE_GETPASS=no)
CPPFLAGS="$SAVE_CPPFLAGS"
])
if test x"$samba_cv_REPLACE_GETPASS" = x"yes"; then
if test x"$libreplace_cv_REPLACE_GETPASS" = x"yes"; then
AC_DEFINE(REPLACE_GETPASS,1,[Whether getpass should be replaced])
LIBREPLACEOBJ="${LIBREPLACEOBJ} getpass.o"
fi

74
source3/lib/replace/libreplace.m4
View File

@ -85,10 +85,10 @@ AC_INCLUDES_DEFAULT
#endif]
)
AC_CACHE_CHECK([for working mmap],samba_cv_HAVE_MMAP,[
AC_CACHE_CHECK([for working mmap],libreplace_cv_HAVE_MMAP,[
AC_TRY_RUN([#include "$libreplacedir/test/shared_mmap.c"],
samba_cv_HAVE_MMAP=yes,samba_cv_HAVE_MMAP=no,samba_cv_HAVE_MMAP=cross)])
if test x"$samba_cv_HAVE_MMAP" = x"yes"; then
libreplace_cv_HAVE_MMAP=yes,libreplace_cv_HAVE_MMAP=no,libreplace_cv_HAVE_MMAP=cross)])
if test x"$libreplace_cv_HAVE_MMAP" = x"yes"; then
AC_DEFINE(HAVE_MMAP,1,[Whether mmap works])
fi
@ -120,7 +120,7 @@ if test x"$libreplace_cv_USABLE_NET_IF_H" = x"yes";then
AC_DEFINE(HAVE_NET_IF_H, 1, usability of net/if.h)
fi
AC_CACHE_CHECK([for broken inet_ntoa],samba_cv_REPLACE_INET_NTOA,[
AC_CACHE_CHECK([for broken inet_ntoa],libreplace_cv_REPLACE_INET_NTOA,[
AC_TRY_RUN([
#include <stdio.h>
#include <unistd.h>
@ -133,8 +133,8 @@ main() { struct in_addr ip; ip.s_addr = 0x12345678;
if (strcmp(inet_ntoa(ip),"18.52.86.120") &&
strcmp(inet_ntoa(ip),"120.86.52.18")) { exit(0); }
exit(1);}],
samba_cv_REPLACE_INET_NTOA=yes,samba_cv_REPLACE_INET_NTOA=no,samba_cv_REPLACE_INET_NTOA=cross)])
if test x"$samba_cv_REPLACE_INET_NTOA" = x"yes"; then
libreplace_cv_REPLACE_INET_NTOA=yes,libreplace_cv_REPLACE_INET_NTOA=no,libreplace_cv_REPLACE_INET_NTOA=cross)])
if test x"$libreplace_cv_REPLACE_INET_NTOA" = x"yes"; then
AC_DEFINE(REPLACE_INET_NTOA,1,[Whether inet_ntoa should be replaced])
fi
@ -182,7 +182,7 @@ AC_HAVE_DECL(setresuid, [#include <unistd.h>])
AC_HAVE_DECL(setresgid, [#include <unistd.h>])
AC_HAVE_DECL(errno, [#include <errno.h>])
AC_CACHE_CHECK([for secure mkstemp],samba_cv_HAVE_SECURE_MKSTEMP,[
AC_CACHE_CHECK([for secure mkstemp],libreplace_cv_HAVE_SECURE_MKSTEMP,[
AC_TRY_RUN([#include <stdlib.h>
#include <sys/types.h>
#include <sys/stat.h>
@ -197,10 +197,10 @@ main() {
if ((st.st_mode & 0777) != 0600) exit(1);
exit(0);
}],
samba_cv_HAVE_SECURE_MKSTEMP=yes,
samba_cv_HAVE_SECURE_MKSTEMP=no,
samba_cv_HAVE_SECURE_MKSTEMP=cross)])
if test x"$samba_cv_HAVE_SECURE_MKSTEMP" = x"yes"; then
libreplace_cv_HAVE_SECURE_MKSTEMP=yes,
libreplace_cv_HAVE_SECURE_MKSTEMP=no,
libreplace_cv_HAVE_SECURE_MKSTEMP=cross)])
if test x"$libreplace_cv_HAVE_SECURE_MKSTEMP" = x"yes"; then
AC_DEFINE(HAVE_SECURE_MKSTEMP,1,[Whether mkstemp is secure])
fi
@ -209,7 +209,7 @@ AC_CHECK_HEADERS(stdio.h strings.h)
AC_CHECK_DECLS([snprintf, vsnprintf, asprintf, vasprintf])
AC_CHECK_FUNCS(snprintf vsnprintf asprintf vasprintf)
AC_CACHE_CHECK([for C99 vsnprintf],samba_cv_HAVE_C99_VSNPRINTF,[
AC_CACHE_CHECK([for C99 vsnprintf],libreplace_cv_HAVE_C99_VSNPRINTF,[
AC_TRY_RUN([
#include <sys/types.h>
#include <stdio.h>
@ -243,43 +243,43 @@ void foo(const char *format, ...) {
}
main() { foo("hello"); }
],
samba_cv_HAVE_C99_VSNPRINTF=yes,samba_cv_HAVE_C99_VSNPRINTF=no,samba_cv_HAVE_C99_VSNPRINTF=cross)])
if test x"$samba_cv_HAVE_C99_VSNPRINTF" = x"yes"; then
libreplace_cv_HAVE_C99_VSNPRINTF=yes,libreplace_cv_HAVE_C99_VSNPRINTF=no,libreplace_cv_HAVE_C99_VSNPRINTF=cross)])
if test x"$libreplace_cv_HAVE_C99_VSNPRINTF" = x"yes"; then
AC_DEFINE(HAVE_C99_VSNPRINTF,1,[Whether there is a C99 compliant vsnprintf])
fi
dnl VA_COPY
AC_CACHE_CHECK([for va_copy],samba_cv_HAVE_VA_COPY,[
AC_CACHE_CHECK([for va_copy],libreplace_cv_HAVE_VA_COPY,[
AC_TRY_LINK([#include <stdarg.h>
va_list ap1,ap2;], [va_copy(ap1,ap2);],
samba_cv_HAVE_VA_COPY=yes,samba_cv_HAVE_VA_COPY=no)])
if test x"$samba_cv_HAVE_VA_COPY" = x"yes"; then
libreplace_cv_HAVE_VA_COPY=yes,libreplace_cv_HAVE_VA_COPY=no)])
if test x"$libreplace_cv_HAVE_VA_COPY" = x"yes"; then
AC_DEFINE(HAVE_VA_COPY,1,[Whether va_copy() is available])
fi
if test x"$samba_cv_HAVE_VA_COPY" != x"yes"; then
AC_CACHE_CHECK([for __va_copy],samba_cv_HAVE___VA_COPY,[
if test x"$libreplace_cv_HAVE_VA_COPY" != x"yes"; then
AC_CACHE_CHECK([for __va_copy],libreplace_cv_HAVE___VA_COPY,[
AC_TRY_LINK([#include <stdarg.h>
va_list ap1,ap2;], [__va_copy(ap1,ap2);],
samba_cv_HAVE___VA_COPY=yes,samba_cv_HAVE___VA_COPY=no)])
if test x"$samba_cv_HAVE___VA_COPY" = x"yes"; then
libreplace_cv_HAVE___VA_COPY=yes,libreplace_cv_HAVE___VA_COPY=no)])
if test x"$libreplace_cv_HAVE___VA_COPY" = x"yes"; then
AC_DEFINE(HAVE___VA_COPY,1,[Whether __va_copy() is available])
fi
fi
dnl __FUNCTION__ macro
AC_CACHE_CHECK([for __FUNCTION__ macro],samba_cv_HAVE_FUNCTION_MACRO,[
AC_CACHE_CHECK([for __FUNCTION__ macro],libreplace_cv_HAVE_FUNCTION_MACRO,[
AC_TRY_COMPILE([#include <stdio.h>], [printf("%s\n", __FUNCTION__);],
samba_cv_HAVE_FUNCTION_MACRO=yes,samba_cv_HAVE_FUNCTION_MACRO=no)])
if test x"$samba_cv_HAVE_FUNCTION_MACRO" = x"yes"; then
libreplace_cv_HAVE_FUNCTION_MACRO=yes,libreplace_cv_HAVE_FUNCTION_MACRO=no)])
if test x"$libreplace_cv_HAVE_FUNCTION_MACRO" = x"yes"; then
AC_DEFINE(HAVE_FUNCTION_MACRO,1,[Whether there is a __FUNCTION__ macro])
else
dnl __func__ macro
AC_CACHE_CHECK([for __func__ macro],samba_cv_HAVE_func_MACRO,[
AC_CACHE_CHECK([for __func__ macro],libreplace_cv_HAVE_func_MACRO,[
AC_TRY_COMPILE([#include <stdio.h>], [printf("%s\n", __func__);],
samba_cv_HAVE_func_MACRO=yes,samba_cv_HAVE_func_MACRO=no)])
if test x"$samba_cv_HAVE_func_MACRO" = x"yes"; then
libreplace_cv_HAVE_func_MACRO=yes,libreplace_cv_HAVE_func_MACRO=no)])
if test x"$libreplace_cv_HAVE_func_MACRO" = x"yes"; then
AC_DEFINE(HAVE_func_MACRO,1,[Whether there is a __func__ macro])
fi
fi
@ -302,7 +302,7 @@ eprintf("bla", "bar");
], AC_DEFINE(HAVE__VA_ARGS__MACRO, 1, [Whether the __VA_ARGS__ macro is available]))
AC_CACHE_CHECK([for sig_atomic_t type],samba_cv_sig_atomic_t, [
AC_CACHE_CHECK([for sig_atomic_t type],libreplace_cv_sig_atomic_t, [
AC_TRY_COMPILE([
#include <sys/types.h>
#if STDC_HEADERS
@ -310,30 +310,30 @@ AC_CACHE_CHECK([for sig_atomic_t type],samba_cv_sig_atomic_t, [
#include <stddef.h>
#endif
#include <signal.h>],[sig_atomic_t i = 0],
samba_cv_sig_atomic_t=yes,samba_cv_sig_atomic_t=no)])
if test x"$samba_cv_sig_atomic_t" = x"yes"; then
libreplace_cv_sig_atomic_t=yes,libreplace_cv_sig_atomic_t=no)])
if test x"$libreplace_cv_sig_atomic_t" = x"yes"; then
AC_DEFINE(HAVE_SIG_ATOMIC_T_TYPE,1,[Whether we have the atomic_t variable type])
fi
AC_CACHE_CHECK([for O_DIRECT flag to open(2)],samba_cv_HAVE_OPEN_O_DIRECT,[
AC_CACHE_CHECK([for O_DIRECT flag to open(2)],libreplace_cv_HAVE_OPEN_O_DIRECT,[
AC_TRY_COMPILE([
#include <unistd.h>
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
#endif],
[int fd = open("/dev/null", O_DIRECT);],
samba_cv_HAVE_OPEN_O_DIRECT=yes,samba_cv_HAVE_OPEN_O_DIRECT=no)])
if test x"$samba_cv_HAVE_OPEN_O_DIRECT" = x"yes"; then
libreplace_cv_HAVE_OPEN_O_DIRECT=yes,libreplace_cv_HAVE_OPEN_O_DIRECT=no)])
if test x"$libreplace_cv_HAVE_OPEN_O_DIRECT" = x"yes"; then
AC_DEFINE(HAVE_OPEN_O_DIRECT,1,[Whether the open(2) accepts O_DIRECT])
fi
dnl Check if the C compiler understands volatile (it should, being ANSI).
AC_CACHE_CHECK([that the C compiler understands volatile],samba_cv_volatile, [
AC_CACHE_CHECK([that the C compiler understands volatile],libreplace_cv_volatile, [
AC_TRY_COMPILE([#include <sys/types.h>],[volatile int i = 0],
samba_cv_volatile=yes,samba_cv_volatile=no)])
if test x"$samba_cv_volatile" = x"yes"; then
libreplace_cv_volatile=yes,libreplace_cv_volatile=no)])
if test x"$libreplace_cv_volatile" = x"yes"; then
AC_DEFINE(HAVE_VOLATILE, 1, [Whether the C compiler understands volatile])
fi
@ -344,10 +344,12 @@ m4_include(getpass.m4)
m4_include(strptime.m4)
m4_include(win32.m4)
m4_include(timegm.m4)
m4_include(socket.m4)
m4_include(inet_ntop.m4)
m4_include(inet_pton.m4)
m4_include(getaddrinfo.m4)
m4_include(repdir.m4)
m4_include(getifaddrs.m4)
AC_CHECK_FUNCS([syslog printf memset memcpy],,[AC_MSG_ERROR([Required function not found])])

4
source3/lib/replace/libreplace_ld.m4
View File

@ -246,10 +246,6 @@ AC_DEFUN([AC_LD_SONAMEFLAG],
# Not supported
SONAMEFLAG="#"
;;
*aix*)
# Not supported
SONAMEFLAG="#"
;;
esac
])

20
source3/lib/replace/replace.h
View File

@ -340,6 +340,26 @@ ssize_t rep_pwrite(int __fd, const void *__buf, size_t __nbytes, off_t __offset)
/* prototype is in "system/network.h" */
#endif
#ifndef HAVE_CONNECT
#define connect rep_connect
/* prototype is in "system/network.h" */
#endif
#ifndef HAVE_GETHOSTBYNAME
#define gethostbyname rep_gethostbyname
/* prototype is in "system/network.h" */
#endif
#ifndef HAVE_GETIFADDRS
#define getifaddrs rep_getifaddrs
/* prototype is in "system/network.h" */
#endif
#ifndef HAVE_FREEIFADDRS
#define freeifaddrs rep_freeifaddrs
/* prototype is in "system/network.h" */
#endif
#ifdef HAVE_LIMITS_H
#include <limits.h>
#endif

35
source3/lib/replace/socket.c Normal file
View File

@ -0,0 +1,35 @@
/*
* Unix SMB/CIFS implementation.
*
* Dummy replacements for socket functions.
*
* Copyright (C) Michael Adam <obnox@samba.org> 2008
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "replace.h"
#include "system/network.h"
int rep_connect(int sockfd, const struct sockaddr *serv_addr, socklen_t addrlen)
{
errno = ENOSYS;
return -1;
}
struct hostent *rep_gethostbyname(const char *name)
{
errno = ENOSYS;
return NULL;
}

40
source3/lib/replace/socket.m4 Normal file
View File

@ -0,0 +1,40 @@
dnl The following test is roughl taken from the cvs sources.
dnl
dnl If we can't find connect, try looking in -lsocket, -lnsl, and -linet.
dnl The Irix 5 libc.so has connect and gethostbyname, but Irix 5 also has
dnl libsocket.so which has a bad implementation of gethostbyname (it
dnl only looks in /etc/hosts), so we only look for -lsocket if we need
dnl it.
AC_CHECK_FUNCS(connect)
if test x"$ac_cv_func_connect" = x"no"; then
AC_CHECK_LIB_EXT(nsl_s, SOCKET_LIBS, connect)
AC_CHECK_LIB_EXT(nsl, SOCKET_LIBS, connect)
AC_CHECK_LIB_EXT(socket, SOCKET_LIBS, connect)
AC_CHECK_LIB_EXT(inet, SOCKET_LIBS, connect)
dnl We can't just call AC_CHECK_FUNCS(connect) here,
dnl because the value has been cached.
if test x"$ac_cv_lib_ext_nsl_s_connect" = x"yes" ||
test x"$ac_cv_lib_ext_nsl_connect" = x"yes" ||
test x"$ac_cv_lib_ext_socket_connect" = x"yes" ||
test x"$ac_cv_lib_ext_inet_connect" = x"yes"
then
AC_DEFINE(HAVE_CONNECT,1,[Whether the system has connect()])
fi
fi
AC_CHECK_FUNCS(gethostbyname)
if test x"$ac_cv_func_gethostbyname" = x"no"; then
AC_CHECK_LIB_EXT(nsl_s, NSL_LIBS, gethostbyname)
AC_CHECK_LIB_EXT(nsl, NSL_LIBS, gethostbyname)
AC_CHECK_LIB_EXT(socket, NSL_LIBS, gethostbyname)
dnl We can't just call AC_CHECK_FUNCS(gethostbyname) here,
dnl because the value has been cached.
if test x"$ac_cv_lib_ext_nsl_s_gethostbyname" = x"yes" ||
test x"$ac_cv_lib_ext_nsl_gethostbyname" = x"yes" ||
test x"$ac_cv_lib_ext_socket_gethostbyname" = x"yes"
then
AC_DEFINE(HAVE_GETHOSTBYNAME,1,
[Whether the system has gethostbyname()])
fi
fi

16
source3/lib/replace/system/config.m4
View File

@ -18,7 +18,7 @@ AC_CHECK_HEADERS(sys/capability.h)
case "$host_os" in
*linux*)
AC_CACHE_CHECK([for broken RedHat 7.2 system header files],samba_cv_BROKEN_REDHAT_7_SYSTEM_HEADERS,[
AC_CACHE_CHECK([for broken RedHat 7.2 system header files],libreplace_cv_BROKEN_REDHAT_7_SYSTEM_HEADERS,[
AC_TRY_COMPILE([
#ifdef HAVE_SYS_VFS_H
#include <sys/vfs.h>
@ -29,14 +29,14 @@ AC_TRY_COMPILE([
],[
int i;
],
samba_cv_BROKEN_REDHAT_7_SYSTEM_HEADERS=no,
samba_cv_BROKEN_REDHAT_7_SYSTEM_HEADERS=yes
libreplace_cv_BROKEN_REDHAT_7_SYSTEM_HEADERS=no,
libreplace_cv_BROKEN_REDHAT_7_SYSTEM_HEADERS=yes
)])
if test x"$samba_cv_BROKEN_REDHAT_7_SYSTEM_HEADERS" = x"yes"; then
if test x"$libreplace_cv_BROKEN_REDHAT_7_SYSTEM_HEADERS" = x"yes"; then
AC_DEFINE(BROKEN_REDHAT_7_SYSTEM_HEADERS,1,[Broken RedHat 7.2 system header files])
fi
AC_CACHE_CHECK([for broken RHEL5 sys/capability.h],samba_cv_BROKEN_RHEL5_SYS_CAP_HEADER,[
AC_CACHE_CHECK([for broken RHEL5 sys/capability.h],libreplace_cv_BROKEN_RHEL5_SYS_CAP_HEADER,[
AC_TRY_COMPILE([
#ifdef HAVE_SYS_CAPABILITY_H
#include <sys/capability.h>
@ -45,10 +45,10 @@ AC_TRY_COMPILE([
],[
__s8 i;
],
samba_cv_BROKEN_RHEL5_SYS_CAP_HEADER=no,
samba_cv_BROKEN_RHEL5_SYS_CAP_HEADER=yes
libreplace_cv_BROKEN_RHEL5_SYS_CAP_HEADER=no,
libreplace_cv_BROKEN_RHEL5_SYS_CAP_HEADER=yes
)])
if test x"$samba_cv_BROKEN_RHEL5_SYS_CAP_HEADER" = x"yes"; then
if test x"$libreplace_cv_BROKEN_RHEL5_SYS_CAP_HEADER" = x"yes"; then
AC_DEFINE(BROKEN_RHEL5_SYS_CAP_HEADER,1,[Broken RHEL5 sys/capability.h])
fi
;;

48
source3/lib/replace/system/network.h
View File

@ -6,6 +6,7 @@
networking system include wrappers
Copyright (C) Andrew Tridgell 2004
Copyright (C) Jelmer Vernooij 2007
** NOTE! The following LGPL license applies to the replace
** library. This does NOT imply that all of Samba is released
@ -82,6 +83,11 @@
#include <stropts.h>
#endif
#ifndef HAVE_SOCKLEN_T
#define HAVE_SOCKLEN_T
typedef int socklen_t;
#endif
#ifdef REPLACE_INET_NTOA
/* define is in "replace.h" */
char *rep_inet_ntoa(struct in_addr ip);
@ -97,6 +103,41 @@ int rep_inet_pton(int af, const char *src, void *dst);
const char *rep_inet_ntop(int af, const void *src, char *dst, socklen_t size);
#endif
#ifndef HAVE_CONNECT
/* define is in "replace.h" */
int rep_connect(int sockfd, const struct sockaddr *addr, socklen_t addrlen);
#endif
#ifndef HAVE_GETHOSTBYNAME
/* define is in "replace.h" */
struct hostent *rep_gethostbyname(const char *name);
#endif
#ifdef HAVE_IFADDRS_H
#include <ifaddrs.h>
#endif
#ifndef HAVE_STRUCT_IFADDRS
struct ifaddrs {
struct ifaddrs *ifa_next; /* Pointer to next struct */
char *ifa_name; /* Interface name */
unsigned int ifa_flags; /* Interface flags */
struct sockaddr *ifa_addr; /* Interface address */
struct sockaddr *ifa_netmask; /* Interface netmask */
#undef ifa_dstaddr
struct sockaddr *ifa_dstaddr; /* P2P interface destination */
void *ifa_data; /* Address specific data */
};
#endif
#ifndef HAVE_GETIFADDRS
int rep_getifaddrs(struct ifaddrs **);
#endif
#ifndef HAVE_FREEIFADDRS
void rep_freeifaddrs(struct ifaddrs *);
#endif
/*
* Some systems have getaddrinfo but not the
* defines needed to use it.
@ -219,11 +260,6 @@ const char *rep_inet_ntop(int af, const void *src, char *dst, socklen_t size);
#define HOST_NAME_MAX 256
#endif
#ifndef HAVE_SOCKLEN_T
#define HAVE_SOCKLEN_T
typedef int socklen_t;
#endif
#ifndef HAVE_SA_FAMILY_T
#define HAVE_SA_FAMILY_T
typedef unsigned short int sa_family_t;
@ -269,7 +305,7 @@ struct addrinfo {
/* Needed for some systems that don't define it (Solaris). */
#ifndef ifr_netmask
#define ifr_netmask ifr_addrs
#define ifr_netmask ifr_addr
#endif
#ifdef SOCKET_WRAPPER

100
source3/lib/replace/test/getifaddrs.c Normal file
View File

@ -0,0 +1,100 @@
/*
* Unix SMB/CIFS implementation.
*
* libreplace getifaddrs test
*
* Copyright (C) Michael Adam <obnox@samba.org> 2008
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef AUTOCONF_TEST
#include "replace.h"
#include "system/network.h"
#endif
#ifdef HAVE_INET_NTOP
#define rep_inet_ntop inet_ntop
#endif
static const char *format_sockaddr(struct sockaddr *addr,
char *addrstring,
socklen_t addrlen)
{
const char *result = NULL;
if (addr->sa_family == AF_INET) {
result = rep_inet_ntop(AF_INET,
&((struct sockaddr_in *)addr)->sin_addr,
addrstring,
addrlen);
#ifdef HAVE_STRUCT_SOCKADDR_IN6
} else if (addr->sa_family == AF_INET6) {
result = rep_inet_ntop(AF_INET6,
&((struct sockaddr_in6 *)addr)->sin6_addr,
addrstring,
addrlen);
#endif
}
return result;
}
int getifaddrs_test(void)
{
struct ifaddrs *ifs = NULL;
struct ifaddrs *ifs_head = NULL;
int ret;
ret = getifaddrs(&ifs);
ifs_head = ifs;
if (ret != 0) {
fprintf(stderr, "getifaddrs() failed: %s\n", strerror(errno));
return 1;
}
while (ifs) {
printf("%-10s ", ifs->ifa_name);
if (ifs->ifa_addr != NULL) {
char addrstring[INET6_ADDRSTRLEN];
const char *result;
result = format_sockaddr(ifs->ifa_addr,
addrstring,
sizeof(addrstring));
if (result != NULL) {
printf("IP=%s ", addrstring);
}
if (ifs->ifa_netmask != NULL) {
result = format_sockaddr(ifs->ifa_netmask,
addrstring,
sizeof(addrstring));
if (result != NULL) {
printf("NETMASK=%s", addrstring);
}
} else {
printf("AF=%d ", ifs->ifa_addr->sa_family);
}
} else {
printf("<no address>");
}
printf("\n");
ifs = ifs->ifa_next;
}
freeifaddrs(ifs_head);
return 0;
}

17
source3/lib/replace/test/testsuite.c
View File

@ -856,6 +856,22 @@ static int test_strptime(void)
return libreplace_test_strptime();
}
extern int getifaddrs_test(void);
static int test_getifaddrs(void)
{
printf("test: getifaddrs\n");
if (getifaddrs_test() != 0) {
printf("failure: getifaddrs\n");
return false;
}
printf("success: getifaddrs\n");
return true;
}
struct torture_context;
bool torture_local_replace(struct torture_context *ctx)
{
@ -903,6 +919,7 @@ bool torture_local_replace(struct torture_context *ctx)
ret &= test_MAX();
ret &= test_socketpair();
ret &= test_strptime();
ret &= test_getifaddrs();
return ret;
}

3
source3/lib/select.c
View File

@ -58,7 +58,8 @@ int sys_select(int maxfd, fd_set *readfds, fd_set *writefds, fd_set *errorfds, s
fd_set *readfds2, readfds_buf;
if (initialised != sys_getpid()) {
pipe(select_pipe);
if (pipe(select_pipe) == -1)
smb_panic("Could not create select pipe");
/*
* These next two lines seem to fix a bug with the Linux

8
source3/lib/sock_exec.c
View File

@ -105,8 +105,12 @@ int sock_exec(const char *prog)
close(fd[0]);
close(0);
close(1);
dup(fd[1]);
dup(fd[1]);
if (dup(fd[1]) == -1) {
exit(1);
}
if (dup(fd[1]) == -1) {
exit(1);
}
exit(system(prog));
}
close(fd[1]);

50
source3/lib/util_nttoken.c
View File

@ -7,6 +7,7 @@
* Copyright (C) Rafal Szczesniak 2002
* Copyright (C) Volker Lendecke 2006
* Copyright (C) Michael Adam 2007
* Copyright (C) Guenther Deschner 2007
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -67,3 +68,52 @@ NT_USER_TOKEN *dup_nt_token(TALLOC_CTX *mem_ctx, const NT_USER_TOKEN *ptoken)
return token;
}
/****************************************************************************
merge NT tokens
****************************************************************************/
NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
const struct nt_user_token *token_1,
const struct nt_user_token *token_2,
struct nt_user_token **token_out)
{
struct nt_user_token *token = NULL;
NTSTATUS status;
int i;
if (!token_1 || !token_2 || !token_out) {
return NT_STATUS_INVALID_PARAMETER;
}
token = TALLOC_ZERO_P(mem_ctx, struct nt_user_token);
NT_STATUS_HAVE_NO_MEMORY(token);
for (i=0; i < token_1->num_sids; i++) {
status = add_sid_to_array_unique(mem_ctx,
&token_1->user_sids[i],
&token->user_sids,
&token->num_sids);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(token);
return status;
}
}
for (i=0; i < token_2->num_sids; i++) {
status = add_sid_to_array_unique(mem_ctx,
&token_2->user_sids[i],
&token->user_sids,
&token->num_sids);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(token);
return status;
}
}
se_priv_add(&token->privileges, &token_1->privileges);
se_priv_add(&token->privileges, &token_2->privileges);
*token_out = token;
return NT_STATUS_OK;
}

6
source3/lib/util_reg.c
View File

@ -95,7 +95,7 @@ WERROR reg_pull_multi_sz(TALLOC_CTX *mem_ctx, const void *buf, size_t len,
thislen = strnlen_w(p, len) + 1;
dstlen = convert_string_allocate(*values, CH_UTF16LE, CH_UNIX,
p, thislen*2, (void *)&val,
True);
true);
if (dstlen == (size_t)-1) {
TALLOC_FREE(*values);
return WERR_NOMEM;
@ -137,8 +137,8 @@ bool registry_smbconf_valname_forbidden(const char *valname)
for (forbidden = forbidden_valnames; *forbidden != NULL; forbidden++) {
if (strwicmp(valname, *forbidden) == 0) {
return True;
return true;
}
}
return False;
return false;
}

30
source3/lib/util_sid.c
View File

@ -665,7 +665,7 @@ bool is_null_sid(const DOM_SID *sid)
}
NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx,
const NET_USER_INFO_3 *info3,
const struct netr_SamInfo3 *info3,
DOM_SID **user_sids,
size_t *num_user_sids,
bool include_user_group_rid)
@ -678,45 +678,45 @@ NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx,
if (include_user_group_rid) {
if (!sid_compose(&sid, &(info3->dom_sid.sid), info3->user_rid))
if (!sid_compose(&sid, info3->base.domain_sid, info3->base.rid))
{
DEBUG(3, ("could not compose user SID from rid 0x%x\n",
info3->user_rid));
info3->base.rid));
return NT_STATUS_INVALID_PARAMETER;
}
status = add_sid_to_array(mem_ctx, &sid, &sid_array, &num_sids);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(3, ("could not append user SID from rid 0x%x\n",
info3->user_rid));
info3->base.rid));
return status;
}
if (!sid_compose(&sid, &(info3->dom_sid.sid), info3->group_rid))
if (!sid_compose(&sid, info3->base.domain_sid, info3->base.primary_gid))
{
DEBUG(3, ("could not compose group SID from rid 0x%x\n",
info3->group_rid));
info3->base.primary_gid));
return NT_STATUS_INVALID_PARAMETER;
}
status = add_sid_to_array(mem_ctx, &sid, &sid_array, &num_sids);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(3, ("could not append group SID from rid 0x%x\n",
info3->group_rid));
info3->base.rid));
return status;
}
}
for (i = 0; i < info3->num_groups2; i++) {
if (!sid_compose(&sid, &(info3->dom_sid.sid),
info3->gids[i].g_rid))
for (i = 0; i < info3->base.groups.count; i++) {
if (!sid_compose(&sid, info3->base.domain_sid,
info3->base.groups.rids[i].rid))
{
DEBUG(3, ("could not compose SID from additional group "
"rid 0x%x\n", info3->gids[i].g_rid));
"rid 0x%x\n", info3->base.groups.rids[i].rid));
return NT_STATUS_INVALID_PARAMETER;
}
status = add_sid_to_array(mem_ctx, &sid, &sid_array, &num_sids);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(3, ("could not append SID from additional group "
"rid 0x%x\n", info3->gids[i].g_rid));
"rid 0x%x\n", info3->base.groups.rids[i].rid));
return status;
}
}
@ -727,12 +727,12 @@ NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx,
http://www.microsoft.com/windows2000/techinfo/administration/security/sidfilter.asp
*/
for (i = 0; i < info3->num_other_sids; i++) {
status = add_sid_to_array(mem_ctx, &info3->other_sids[i].sid,
for (i = 0; i < info3->sidcount; i++) {
status = add_sid_to_array(mem_ctx, info3->sids[i].sid,
&sid_array, &num_sids);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(3, ("could not add SID to array: %s\n",
sid_string_dbg(&info3->other_sids[i].sid)));
sid_string_dbg(info3->sids[i].sid)));
return status;
}
}

8
source3/lib/util_sock.c
View File

@ -370,7 +370,7 @@ void in_addr_to_sockaddr_storage(struct sockaddr_storage *ss,
Convert an IPv6 struct in_addr to a struct sockaddr_storage.
********************************************************************/
void in6_addr_to_sockaddr_storage(struct sockaddr_storage *ss,
void in6_addr_to_sockaddr_storage(struct sockaddr_storage *ss,
struct in6_addr ip)
{
struct sockaddr_in6 *sa = (struct sockaddr_in6 *)ss;
@ -1904,8 +1904,7 @@ int create_pipe_sock(const char *socket_dir,
goto out_close;
}
asprintf(&path, "%s/%s", socket_dir, socket_name);
if (!path) {
if (asprintf(&path, "%s/%s", socket_dir, socket_name) == -1) {
goto out_close;
}
@ -1933,7 +1932,8 @@ int create_pipe_sock(const char *socket_dir,
out_close:
SAFE_FREE(path);
close(sock);
if (sock != -1)
close(sock);
out_umask:
umask(old_umask);

30
source3/lib/util_str.c
View File

@ -2086,6 +2086,7 @@ static char *ipstr_list_add(char **ipstr_list, const struct ip_service *service)
{
char *new_ipstr = NULL;
char addr_buf[INET6_ADDRSTRLEN];
int ret;
/* arguments checking */
if (!ipstr_list || !service) {
@ -2100,33 +2101,30 @@ static char *ipstr_list_add(char **ipstr_list, const struct ip_service *service)
if (*ipstr_list) {
if (service->ss.ss_family == AF_INET) {
/* IPv4 */
asprintf(&new_ipstr, "%s%s%s:%d",
*ipstr_list,
IPSTR_LIST_SEP,
addr_buf,
service->port);
ret = asprintf(&new_ipstr, "%s%s%s:%d", *ipstr_list,
IPSTR_LIST_SEP, addr_buf,
service->port);
} else {
/* IPv6 */
asprintf(&new_ipstr, "%s%s[%s]:%d",
*ipstr_list,
IPSTR_LIST_SEP,
addr_buf,
service->port);
ret = asprintf(&new_ipstr, "%s%s[%s]:%d", *ipstr_list,
IPSTR_LIST_SEP, addr_buf,
service->port);
}
SAFE_FREE(*ipstr_list);
} else {
if (service->ss.ss_family == AF_INET) {
/* IPv4 */
asprintf(&new_ipstr, "%s:%d",
addr_buf,
service->port);
ret = asprintf(&new_ipstr, "%s:%d", addr_buf,
service->port);
} else {
/* IPv6 */
asprintf(&new_ipstr, "[%s]:%d",
addr_buf,
service->port);
ret = asprintf(&new_ipstr, "[%s]:%d", addr_buf,
service->port);
}
}
if (ret == -1) {
return NULL;
}
*ipstr_list = new_ipstr;
return *ipstr_list;
}

16
source3/lib/util_tdb.c
View File

@ -669,12 +669,13 @@ static void tdb_log(TDB_CONTEXT *tdb, enum tdb_debug_level level, const char *fo
{
va_list ap;
char *ptr = NULL;
int ret;
va_start(ap, format);
vasprintf(&ptr, format, ap);
ret = vasprintf(&ptr, format, ap);
va_end(ap);
if (!ptr || !*ptr)
if ((ret == -1) || !*ptr)
return;
DEBUG((int)level, ("tdb(%s): %s", tdb_name(tdb) ? tdb_name(tdb) : "unnamed", ptr));
@ -867,11 +868,8 @@ static void tdb_wrap_log(TDB_CONTEXT *tdb, enum tdb_debug_level level,
va_list ap;
char *ptr = NULL;
int debuglevel = 0;
int ret;
va_start(ap, format);
vasprintf(&ptr, format, ap);
va_end(ap);
switch (level) {
case TDB_DEBUG_FATAL:
debug_level = 0;
@ -889,7 +887,11 @@ static void tdb_wrap_log(TDB_CONTEXT *tdb, enum tdb_debug_level level,
debuglevel = 0;
}
if (ptr != NULL) {
va_start(ap, format);
ret = vasprintf(&ptr, format, ap);
va_end(ap);
if (ret != -1) {
const char *name = tdb_name(tdb);
DEBUG(debuglevel, ("tdb(%s): %s", name ? name : "unnamed", ptr));
free(ptr);

1102
source3/libads/authdata.c
View File

File diff suppressed because it is too large Load Diff

22
source3/libads/kerberos.c
View File

@ -407,8 +407,8 @@ static char *kerberos_secrets_fetch_salting_principal(const char *service, int e
char *key = NULL;
char *ret = NULL;
asprintf(&key, "%s/%s/enctype=%d", SECRETS_SALTING_PRINCIPAL, service, enctype);
if (!key) {
if (asprintf(&key, "%s/%s/enctype=%d",
SECRETS_SALTING_PRINCIPAL, service, enctype) == -1) {
return NULL;
}
ret = (char *)secrets_fetch(key, NULL);
@ -438,7 +438,10 @@ static char* des_salt_key( void )
{
char *key;
asprintf(&key, "%s/DES/%s", SECRETS_SALTING_PRINCIPAL, lp_realm());
if (asprintf(&key, "%s/DES/%s", SECRETS_SALTING_PRINCIPAL,
lp_realm()) == -1) {
return NULL;
}
return key;
}
@ -609,9 +612,13 @@ bool kerberos_secrets_store_salting_principal(const char *service,
return False;
}
if (strchr_m(service, '@')) {
asprintf(&princ_s, "%s", service);
if (asprintf(&princ_s, "%s", service) == -1) {
goto out;
}
} else {
asprintf(&princ_s, "%s@%s", service, lp_realm());
if (asprintf(&princ_s, "%s@%s", service, lp_realm()) == -1) {
goto out;
}
}
if (smb_krb5_parse_name(context, princ_s, &princ) != 0) {
@ -622,8 +629,9 @@ bool kerberos_secrets_store_salting_principal(const char *service,
goto out;
}
asprintf(&key, "%s/%s/enctype=%d", SECRETS_SALTING_PRINCIPAL, unparsed_name, enctype);
if (!key) {
if (asprintf(&key, "%s/%s/enctype=%d",
SECRETS_SALTING_PRINCIPAL, unparsed_name, enctype)
== -1) {
goto out;
}

2
source3/libads/kerberos_verify.c
View File

@ -309,7 +309,7 @@ NTSTATUS ads_verify_ticket(TALLOC_CTX *mem_ctx,
time_t time_offset,
const DATA_BLOB *ticket,
char **principal,
PAC_DATA **pac_data,
struct PAC_DATA **pac_data,
DATA_BLOB *ap_rep,
DATA_BLOB *session_key,
bool use_replay_cache)

746
source3/libgpo/gpext/gpext.c Normal file
View File

@ -0,0 +1,746 @@
/*
* Unix SMB/CIFS implementation.
* Group Policy Support
* Copyright (C) Guenther Deschner 2007-2008
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
static struct gp_extension *extensions = NULL;
/****************************************************************
****************************************************************/
struct gp_extension *get_gp_extension_list(void)
{
return extensions;
}
/****************************************************************
****************************************************************/
/* see http://support.microsoft.com/kb/216358/en-us/ for more info */
struct gp_extension_reg_table gpext_reg_vals[] = {
{ "DllName", REG_EXPAND_SZ },
{ "ProcessGroupPolicy", REG_SZ },
{ "NoMachinePolicy", REG_DWORD },
{ "NoUserPolicy", REG_DWORD },
{ "NoSlowLink", REG_DWORD },
{ "NoBackgroundPolicy", REG_DWORD },
{ "NoGPOListChanges", REG_DWORD },
{ "PerUserLocalSettings", REG_DWORD },
{ "RequiresSuccessfulRegistry", REG_DWORD },
{ "EnableAsynchronousProcessing", REG_DWORD },
{ "ExtensionDebugLevel", REG_DWORD },
/* new */
{ "GenerateGroupPolicy", REG_SZ }, /* not supported on w2k */
{ "NotifyLinkTransition", REG_DWORD },
{ "ProcessGroupPolicyEx", REG_SZ }, /* not supported on w2k */
{ "ExtensionEventSource", REG_MULTI_SZ }, /* not supported on w2k */
{ "GenerateGroupPolicy", REG_SZ },
{ "MaxNoGPOListChangesInterval", REG_DWORD },
{ NULL, REG_NONE }
};
/****************************************************************
****************************************************************/
static struct gp_extension *get_extension_by_name(struct gp_extension *be,
const char *name)
{
struct gp_extension *b;
for (b = be; b; b = b->next) {
if (strequal(b->name, name)) {
return b;
}
}
return NULL;
}
/****************************************************************
****************************************************************/
static struct gp_extension_methods *get_methods_by_name(struct gp_extension *be,
const char *name)
{
struct gp_extension *b;
for (b = be; b; b = b->next) {
if (strequal(b->name, name)) {
return b->methods;
}
}
return NULL;
}
/****************************************************************
****************************************************************/
NTSTATUS unregister_gp_extension(const char *name)
{
struct gp_extension *ext;
ext = get_extension_by_name(extensions, name);
if (!ext) {
return NT_STATUS_OK;
}
DLIST_REMOVE(extensions, ext);
TALLOC_FREE(ext);
DEBUG(2,("Successfully removed GP extension '%s'\n", name));
return NT_STATUS_OK;
}
/****************************************************************
****************************************************************/
NTSTATUS register_gp_extension(TALLOC_CTX *gpext_ctx,
int version,
const char *name,
const char *guid,
struct gp_extension_methods *methods)
{
struct gp_extension_methods *test;
struct gp_extension *entry;
NTSTATUS status;
if (!gpext_ctx) {
return NT_STATUS_INTERNAL_DB_ERROR;
}
if ((version != SMB_GPEXT_INTERFACE_VERSION)) {
DEBUG(0,("Failed to register gp extension.\n"
"The module was compiled against "
"SMB_GPEXT_INTERFACE_VERSION %d,\n"
"current SMB_GPEXT_INTERFACE_VERSION is %d.\n"
"Please recompile against the current "
"version of samba!\n",
version, SMB_GPEXT_INTERFACE_VERSION));
return NT_STATUS_OBJECT_TYPE_MISMATCH;
}
if (!guid || !name || !name[0] || !methods) {
DEBUG(0,("Called with NULL pointer or empty name!\n"));
return NT_STATUS_INVALID_PARAMETER;
}
test = get_methods_by_name(extensions, name);
if (test) {
DEBUG(0,("GP extension module %s already registered!\n",
name));
return NT_STATUS_OBJECT_NAME_COLLISION;
}
entry = TALLOC_ZERO_P(gpext_ctx, struct gp_extension);
NT_STATUS_HAVE_NO_MEMORY(entry);
entry->name = talloc_strdup(gpext_ctx, name);
NT_STATUS_HAVE_NO_MEMORY(entry->name);
entry->guid = TALLOC_ZERO_P(gpext_ctx, struct GUID);
NT_STATUS_HAVE_NO_MEMORY(entry->guid);
status = GUID_from_string(guid, entry->guid);
NT_STATUS_NOT_OK_RETURN(status);
entry->methods = methods;
DLIST_ADD(extensions, entry);
DEBUG(2,("Successfully added GP extension '%s' %s\n",
name, GUID_string2(gpext_ctx, entry->guid)));
return NT_STATUS_OK;
}
/****************************************************************
****************************************************************/
static NTSTATUS gp_extension_init_module(TALLOC_CTX *mem_ctx,
const char *name,
struct gp_extension **gpext)
{
NTSTATUS status;
struct gp_extension *ext = NULL;
ext = TALLOC_ZERO_P(mem_ctx, struct gp_extension);
NT_STATUS_HAVE_NO_MEMORY(gpext);
ext->methods = get_methods_by_name(extensions, name);
if (!ext->methods) {
status = smb_probe_module(SAMBA_SUBSYSTEM_GPEXT,
name);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
ext->methods = get_methods_by_name(extensions, name);
if (!ext->methods) {
return NT_STATUS_DLL_INIT_FAILED;
}
}
*gpext = ext;
return NT_STATUS_OK;
}
/****************************************************************
****************************************************************/
static bool add_gp_extension_reg_entry_to_array(TALLOC_CTX *mem_ctx,
struct gp_extension_reg_entry *entry,
struct gp_extension_reg_entry **entries,
size_t *num)
{
*entries = TALLOC_REALLOC_ARRAY(mem_ctx, *entries,
struct gp_extension_reg_entry,
(*num)+1);
if (*entries == NULL) {
*num = 0;
return false;
}
(*entries)[*num].value = entry->value;
(*entries)[*num].data = entry->data;
*num += 1;
return true;
}
/****************************************************************
****************************************************************/
static bool add_gp_extension_reg_info_entry_to_array(TALLOC_CTX *mem_ctx,
struct gp_extension_reg_info_entry *entry,
struct gp_extension_reg_info_entry **entries,
size_t *num)
{
*entries = TALLOC_REALLOC_ARRAY(mem_ctx, *entries,
struct gp_extension_reg_info_entry,
(*num)+1);
if (*entries == NULL) {
*num = 0;
return false;
}
(*entries)[*num].guid = entry->guid;
(*entries)[*num].num_entries = entry->num_entries;
(*entries)[*num].entries = entry->entries;
*num += 1;
return true;
}
/****************************************************************
****************************************************************/
static NTSTATUS gp_ext_info_add_reg(TALLOC_CTX *mem_ctx,
struct gp_extension_reg_info_entry *entry,
const char *value,
enum winreg_Type type,
const char *data_s)
{
struct gp_extension_reg_entry *reg_entry = NULL;
struct registry_value *data = NULL;
reg_entry = TALLOC_ZERO_P(mem_ctx, struct gp_extension_reg_entry);
NT_STATUS_HAVE_NO_MEMORY(reg_entry);
data = TALLOC_ZERO_P(mem_ctx, struct registry_value);
NT_STATUS_HAVE_NO_MEMORY(data);
data->type = type;
switch (type) {
case REG_SZ:
case REG_EXPAND_SZ:
data->v.sz.str = talloc_strdup(mem_ctx, data_s);
NT_STATUS_HAVE_NO_MEMORY(data->v.sz.str);
data->v.sz.len = strlen(data_s);
break;
case REG_DWORD:
data->v.dword = atoi(data_s);
break;
default:
return NT_STATUS_NOT_SUPPORTED;
}
reg_entry->value = value;
reg_entry->data = data;
if (!add_gp_extension_reg_entry_to_array(mem_ctx, reg_entry,
&entry->entries,
&entry->num_entries)) {
return NT_STATUS_NO_MEMORY;
}
return NT_STATUS_OK;
}
/****************************************************************
****************************************************************/
static NTSTATUS gp_ext_info_add_reg_table(TALLOC_CTX *mem_ctx,
const char *module,
struct gp_extension_reg_info_entry *entry,
struct gp_extension_reg_table *table)
{
NTSTATUS status;
const char *module_name = NULL;
int i;
module_name = talloc_asprintf(mem_ctx, "%s.%s", module, shlib_ext());
NT_STATUS_HAVE_NO_MEMORY(module_name);
status = gp_ext_info_add_reg(mem_ctx, entry,
"DllName", REG_EXPAND_SZ, module_name);
NT_STATUS_NOT_OK_RETURN(status);
for (i=0; table[i].val; i++) {
status = gp_ext_info_add_reg(mem_ctx, entry,
table[i].val,
table[i].type,
table[i].data);
NT_STATUS_NOT_OK_RETURN(status);
}
return status;
}
/****************************************************************
****************************************************************/
NTSTATUS gp_ext_info_add_entry(TALLOC_CTX *mem_ctx,
const char *module,
const char *ext_guid,
struct gp_extension_reg_table *table,
struct gp_extension_reg_info *info)
{
NTSTATUS status;
struct gp_extension_reg_info_entry *entry = NULL;
entry = TALLOC_ZERO_P(mem_ctx, struct gp_extension_reg_info_entry);
NT_STATUS_HAVE_NO_MEMORY(entry);
status = GUID_from_string(ext_guid, &entry->guid);
NT_STATUS_NOT_OK_RETURN(status);
status = gp_ext_info_add_reg_table(mem_ctx, module, entry, table);
NT_STATUS_NOT_OK_RETURN(status);
if (!add_gp_extension_reg_info_entry_to_array(mem_ctx, entry,
&info->entries,
&info->num_entries)) {
return NT_STATUS_NO_MEMORY;
}
return NT_STATUS_OK;
}
/****************************************************************
****************************************************************/
static bool gp_extension_reg_info_verify_entry(struct gp_extension_reg_entry *entry)
{
int i;
for (i=0; gpext_reg_vals[i].val; i++) {
if ((strequal(entry->value, gpext_reg_vals[i].val)) &&
(entry->data->type == gpext_reg_vals[i].type)) {
return true;
}
}
return false;
}
/****************************************************************
****************************************************************/
static bool gp_extension_reg_info_verify(struct gp_extension_reg_info_entry *entry)
{
int i;
for (i=0; i < entry->num_entries; i++) {
if (!gp_extension_reg_info_verify_entry(&entry->entries[i])) {
return false;
}
}
return true;
}
/****************************************************************
****************************************************************/
static WERROR gp_extension_store_reg_vals(TALLOC_CTX *mem_ctx,
struct registry_key *key,
struct gp_extension_reg_info_entry *entry)
{
WERROR werr = WERR_OK;
size_t i;
for (i=0; i < entry->num_entries; i++) {
werr = reg_setvalue(key,
entry->entries[i].value,
entry->entries[i].data);
W_ERROR_NOT_OK_RETURN(werr);
}
return werr;
}
/****************************************************************
****************************************************************/
static WERROR gp_extension_store_reg_entry(TALLOC_CTX *mem_ctx,
struct gp_registry_context *reg_ctx,
struct gp_extension_reg_info_entry *entry)
{
WERROR werr;
struct registry_key *key = NULL;
const char *subkeyname = NULL;
if (!gp_extension_reg_info_verify(entry)) {
return WERR_INVALID_PARAM;
}
subkeyname = GUID_string2(mem_ctx, &entry->guid);
W_ERROR_HAVE_NO_MEMORY(subkeyname);
strupper_m(CONST_DISCARD(char *,subkeyname));
werr = gp_store_reg_subkey(mem_ctx,
subkeyname,
reg_ctx->curr_key,
&key);
W_ERROR_NOT_OK_RETURN(werr);
werr = gp_extension_store_reg_vals(mem_ctx,
key,
entry);
W_ERROR_NOT_OK_RETURN(werr);
return werr;
}
/****************************************************************
****************************************************************/
static WERROR gp_extension_store_reg(TALLOC_CTX *mem_ctx,
struct gp_registry_context *reg_ctx,
struct gp_extension_reg_info *info)
{
WERROR werr = WERR_OK;
int i;
if (!info) {
return WERR_OK;
}
for (i=0; i < info->num_entries; i++) {
werr = gp_extension_store_reg_entry(mem_ctx,
reg_ctx,
&info->entries[i]);
W_ERROR_NOT_OK_RETURN(werr);
}
return werr;
}
/****************************************************************
****************************************************************/
static NTSTATUS gp_glob_ext_list(TALLOC_CTX *mem_ctx,
const char ***ext_list,
size_t *ext_list_len)
{
SMB_STRUCT_DIR *dir = NULL;
SMB_STRUCT_DIRENT *dirent = NULL;
dir = sys_opendir(lib_path(SAMBA_SUBSYSTEM_GPEXT));
if (!dir) {
return map_nt_error_from_unix(errno);
}
while ((dirent = sys_readdir(dir))) {
fstring name; /* forgive me... */
char *p;
if ((strequal(dirent->d_name, ".")) ||
(strequal(dirent->d_name, ".."))) {
continue;
}
p = strrchr(dirent->d_name, '.');
if (!p) {
sys_closedir(dir);
return NT_STATUS_NO_MEMORY;
}
if (!strcsequal(p+1, shlib_ext())) {
DEBUG(10,("gp_glob_ext_list: not a *.so file: %s\n",
dirent->d_name));
continue;
}
fstrcpy(name, dirent->d_name);
name[PTR_DIFF(p, dirent->d_name)] = 0;
if (!add_string_to_array(mem_ctx, name, ext_list,
(int *)ext_list_len)) {
sys_closedir(dir);
return NT_STATUS_NO_MEMORY;
}
}
sys_closedir(dir);
return NT_STATUS_OK;
}
/****************************************************************
****************************************************************/
NTSTATUS shutdown_gp_extensions(void)
{
struct gp_extension *ext = NULL;
for (ext = extensions; ext; ext = ext->next) {
if (ext->methods && ext->methods->shutdown) {
ext->methods->shutdown();
}
}
return NT_STATUS_OK;
}
/****************************************************************
****************************************************************/
NTSTATUS init_gp_extensions(TALLOC_CTX *mem_ctx)
{
NTSTATUS status;
WERROR werr;
int i = 0;
const char **ext_array = NULL;
size_t ext_array_len = 0;
struct gp_extension *gpext = NULL;
struct gp_registry_context *reg_ctx = NULL;
if (get_gp_extension_list()) {
return NT_STATUS_OK;
}
status = gp_glob_ext_list(mem_ctx, &ext_array, &ext_array_len);
NT_STATUS_NOT_OK_RETURN(status);
for (i=0; i<ext_array_len; i++) {
struct gp_extension_reg_info *info = NULL;
status = gp_extension_init_module(mem_ctx, ext_array[i],
&gpext);
if (!NT_STATUS_IS_OK(status)) {
goto out;
}
if (gpext->methods->get_reg_config) {
status = gpext->methods->initialize(mem_ctx);
if (!NT_STATUS_IS_OK(status)) {
gpext->methods->shutdown();
goto out;
}
status = gpext->methods->get_reg_config(mem_ctx,
&info);
if (!NT_STATUS_IS_OK(status)) {
gpext->methods->shutdown();
goto out;
}
if (!reg_ctx) {
struct nt_user_token *token;
token = registry_create_system_token(mem_ctx);
NT_STATUS_HAVE_NO_MEMORY(token);
werr = gp_init_reg_ctx(mem_ctx,
KEY_WINLOGON_GPEXT_PATH,
REG_KEY_WRITE,
token,
&reg_ctx);
if (!W_ERROR_IS_OK(werr)) {
status = werror_to_ntstatus(werr);
gpext->methods->shutdown();
goto out;
}
}
werr = gp_extension_store_reg(mem_ctx, reg_ctx, info);
if (!W_ERROR_IS_OK(werr)) {
DEBUG(1,("gp_extension_store_reg failed: %s\n",
dos_errstr(werr)));
TALLOC_FREE(info);
gpext->methods->shutdown();
status = werror_to_ntstatus(werr);
goto out;
}
TALLOC_FREE(info);
}
}
out:
TALLOC_FREE(reg_ctx);
return status;
}
/****************************************************************
****************************************************************/
NTSTATUS free_gp_extensions(void)
{
struct gp_extension *ext, *ext_next = NULL;
for (ext = extensions; ext; ext = ext_next) {
ext_next = ext->next;
DLIST_REMOVE(extensions, ext);
TALLOC_FREE(ext);
}
extensions = NULL;
return NT_STATUS_OK;
}
/****************************************************************
****************************************************************/
void debug_gpext_header(int lvl,
const char *name,
uint32_t flags,
struct GROUP_POLICY_OBJECT *gpo,
const char *extension_guid,
const char *snapin_guid)
{
char *flags_str = NULL;
DEBUG(lvl,("%s\n", name));
DEBUGADD(lvl,("\tgpo: %s (%s)\n", gpo->name,
gpo->display_name));
DEBUGADD(lvl,("\tcse extension: %s (%s)\n", extension_guid,
cse_gpo_guid_string_to_name(extension_guid)));
DEBUGADD(lvl,("\tgplink: %s\n", gpo->link));
DEBUGADD(lvl,("\tsnapin: %s (%s)\n", snapin_guid,
cse_snapin_gpo_guid_string_to_name(snapin_guid)));
flags_str = gpo_flag_str(flags);
DEBUGADD(lvl,("\tflags: 0x%08x %s\n", flags, flags_str));
SAFE_FREE(flags_str);
}
NTSTATUS process_gpo_list_with_extension(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
uint32_t flags,
const struct nt_user_token *token,
struct GROUP_POLICY_OBJECT *gpo_list,
const char *extension_guid,
const char *snapin_guid)
{
return NT_STATUS_OK;
}
/****************************************************************
****************************************************************/
NTSTATUS gpext_process_extension(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
uint32_t flags,
const struct nt_user_token *token,
struct registry_key *root_key,
struct GROUP_POLICY_OBJECT *gpo,
const char *extension_guid,
const char *snapin_guid)
{
NTSTATUS status;
struct gp_extension *ext = NULL;
struct GUID guid;
bool cse_found = false;
status = init_gp_extensions(mem_ctx);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1,("init_gp_extensions failed: %s\n",
nt_errstr(status)));
return status;
}
status = GUID_from_string(extension_guid, &guid);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
for (ext = extensions; ext; ext = ext->next) {
if (GUID_equal(ext->guid, &guid)) {
cse_found = true;
break;
}
}
if (!cse_found) {
goto no_ext;
}
status = ext->methods->initialize(mem_ctx);
NT_STATUS_NOT_OK_RETURN(status);
status = ext->methods->process_group_policy(ads,
mem_ctx,
flags,
root_key,
token,
gpo,
extension_guid,
snapin_guid);
if (!NT_STATUS_IS_OK(status)) {
ext->methods->shutdown();
}
return status;
no_ext:
if (flags & GPO_INFO_FLAG_VERBOSE) {
DEBUG(0,("process_extension: no extension available for:\n"));
DEBUGADD(0,("%s (%s) (snapin: %s)\n",
extension_guid,
cse_gpo_guid_string_to_name(extension_guid),
snapin_guid));
}
return NT_STATUS_OK;
}

79
source3/libgpo/gpext/gpext.h Normal file
View File

@ -0,0 +1,79 @@
/*
* Unix SMB/CIFS implementation.
* Group Policy Support
* Copyright (C) Guenther Deschner 2007-2008
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
#define KEY_WINLOGON_GPEXT_PATH "HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\GPExtensions"
#define SAMBA_SUBSYSTEM_GPEXT "gpext"
#define SMB_GPEXT_INTERFACE_VERSION 1
struct gp_extension {
struct GUID *guid;
const char *name;
struct gp_extension_methods *methods;
struct gp_extension *prev, *next;
};
struct gp_extension_reg_table {
const char *val;
enum winreg_Type type;
const char *data;
};
struct gp_extension_reg_entry {
const char *value;
struct registry_value *data;
};
struct gp_extension_reg_info_entry {
struct GUID guid;
size_t num_entries;
struct gp_extension_reg_entry *entries;
};
struct gp_extension_reg_info {
size_t num_entries;
struct gp_extension_reg_info_entry *entries;
};
struct gp_extension_methods {
NTSTATUS (*initialize)(TALLOC_CTX *mem_ctx);
NTSTATUS (*process_group_policy)(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
uint32_t flags,
struct registry_key *root_key,
const struct nt_user_token *token,
struct GROUP_POLICY_OBJECT *gpo,
const char *extension_guid,
const char *snapin_guid);
NTSTATUS (*process_group_policy2)(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
uint32_t flags,
const struct nt_user_token *token,
struct GROUP_POLICY_OBJECT *gpo_list,
const char *extension_guid);
NTSTATUS (*get_reg_config)(TALLOC_CTX *mem_ctx,
struct gp_extension_reg_info **info);
NTSTATUS (*shutdown)(void);
};

634
source3/libgpo/gpext/registry.c Normal file
View File

@ -0,0 +1,634 @@
/*
* Unix SMB/CIFS implementation.
* Group Policy Support
* Copyright (C) Guenther Deschner 2007-2008
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
#define GP_EXT_NAME "registry"
/* more info can be found at:
* http://msdn2.microsoft.com/en-us/library/aa374407.aspx */
#define GP_REGPOL_FILE "Registry.pol"
#define GP_REGPOL_FILE_SIGNATURE 0x67655250 /* 'PReg' */
#define GP_REGPOL_FILE_VERSION 1
static TALLOC_CTX *ctx = NULL;
struct gp_registry_file_header {
uint32_t signature;
uint32_t version;
};
struct gp_registry_file_entry {
UNISTR key;
UNISTR value;
enum winreg_Type type;
size_t size;
uint8_t *data;
};
struct gp_registry_file {
struct gp_registry_file_header header;
size_t num_entries;
struct gp_registry_entry *entries;
};
/****************************************************************
****************************************************************/
static bool reg_parse_header(const char *desc,
struct gp_registry_file_header *header,
prs_struct *ps,
int depth)
{
if (!header)
return false;
prs_debug(ps, depth, desc, "reg_parse_header");
depth++;
if (!prs_uint32("signature", ps, depth, &header->signature))
return false;
if (!prs_uint32("version", ps, depth, &header->version))
return false;
return true;
}
/****************************************************************
****************************************************************/
static bool reg_parse_and_verify_ucs2_char(const char *desc,
char character,
prs_struct *ps,
int depth)
{
uint16_t tmp;
if (!prs_uint16(desc, ps, depth, &tmp))
return false;
if (tmp != UCS2_CHAR(character))
return false;
return true;
}
/****************************************************************
****************************************************************/
static bool reg_parse_init(prs_struct *ps, int depth)
{
return reg_parse_and_verify_ucs2_char("initiator '['", '[',
ps, depth);
}
/****************************************************************
****************************************************************/
static bool reg_parse_sep(prs_struct *ps, int depth)
{
return reg_parse_and_verify_ucs2_char("separator ';'", ';',
ps, depth);
}
/****************************************************************
****************************************************************/
static bool reg_parse_term(prs_struct *ps, int depth)
{
return reg_parse_and_verify_ucs2_char("terminator ']'", ']',
ps, depth);
}
/****************************************************************
* [key;value;type;size;data]
****************************************************************/
static bool reg_parse_entry(TALLOC_CTX *mem_ctx,
const char *desc,
struct gp_registry_file_entry *entry,
prs_struct *ps,
int depth)
{
uint32_t size = 0;
if (!entry)
return false;
prs_debug(ps, depth, desc, "reg_parse_entry");
depth++;
ZERO_STRUCTP(entry);
if (!reg_parse_init(ps, depth))
return false;
if (!prs_unistr("key", ps, depth, &entry->key))
return false;
if (!reg_parse_sep(ps, depth))
return false;
if (!prs_unistr("value", ps, depth, &entry->value))
return false;
if (!reg_parse_sep(ps, depth))
return false;
if (!prs_uint32("type", ps, depth, &entry->type))
return false;
if (!reg_parse_sep(ps, depth))
return false;
if (!prs_uint32("size", ps, depth, &size))
return false;
entry->size = size;
if (!reg_parse_sep(ps, depth))
return false;
if (entry->size) {
entry->data = TALLOC_ZERO_ARRAY(mem_ctx, uint8, entry->size);
if (!entry->data)
return false;
}
if (!prs_uint8s(false, "data", ps, depth, entry->data, entry->size))
return false;
if (!reg_parse_term(ps, depth))
return false;
return true;
}
/****************************************************************
****************************************************************/
static bool reg_parse_value(TALLOC_CTX *mem_ctx,
char **value,
enum gp_reg_action *action)
{
if (!*value) {
*action = GP_REG_ACTION_ADD_KEY;
return true;
}
if (strncmp(*value, "**", 2) != 0) {
*action = GP_REG_ACTION_ADD_VALUE;
return true;
}
if (strnequal(*value, "**DelVals.", 10)) {
*action = GP_REG_ACTION_DEL_ALL_VALUES;
return true;
}
if (strnequal(*value, "**Del.", 6)) {
*value = talloc_strdup(mem_ctx, *value + 6);
*action = GP_REG_ACTION_DEL_VALUE;
return true;
}
if (strnequal(*value, "**SecureKey", 11)) {
if (strnequal(*value, "**SecureKey=1", 13)) {
*action = GP_REG_ACTION_SEC_KEY_SET;
return true;
}
/*************** not tested from here on ***************/
if (strnequal(*value, "**SecureKey=0", 13)) {
smb_panic("not supported: **SecureKey=0");
*action = GP_REG_ACTION_SEC_KEY_RESET;
return true;
}
DEBUG(0,("unknown: SecureKey: %s\n", *value));
smb_panic("not supported SecureKey method");
return false;
}
if (strnequal(*value, "**DeleteValues", strlen("**DeleteValues"))) {
smb_panic("not supported: **DeleteValues");
*action = GP_REG_ACTION_DEL_VALUES;
return false;
}
if (strnequal(*value, "**DeleteKeys", strlen("**DeleteKeys"))) {
smb_panic("not supported: **DeleteKeys");
*action = GP_REG_ACTION_DEL_KEYS;
return false;
}
DEBUG(0,("unknown value: %s\n", *value));
smb_panic(*value);
return false;
}
/****************************************************************
****************************************************************/
static bool gp_reg_entry_from_file_entry(TALLOC_CTX *mem_ctx,
struct gp_registry_file_entry *file_entry,
struct gp_registry_entry **reg_entry)
{
struct registry_value *data = NULL;
struct gp_registry_entry *entry = NULL;
char *key = NULL;
char *value = NULL;
enum gp_reg_action action = GP_REG_ACTION_NONE;
ZERO_STRUCTP(*reg_entry);
data = TALLOC_ZERO_P(mem_ctx, struct registry_value);
if (!data)
return false;
if (strlen_w((const smb_ucs2_t *)file_entry->key.buffer) <= 0)
return false;
if (!pull_ucs2_talloc(mem_ctx, &key, file_entry->key.buffer))
return false;
if (strlen_w((const smb_ucs2_t *)file_entry->value.buffer) > 0) {
if (!pull_ucs2_talloc(mem_ctx, &value,
file_entry->value.buffer))
return false;
}
if (!reg_parse_value(mem_ctx, &value, &action))
return false;
data->type = file_entry->type;
switch (data->type) {
case REG_DWORD:
data->v.dword = atoi((char *)file_entry->data);
break;
case REG_BINARY:
data->v.binary = data_blob_talloc(mem_ctx,
file_entry->data,
file_entry->size);
break;
case REG_NONE:
break;
case REG_SZ:
data->v.sz.len = pull_ucs2_talloc(mem_ctx,
&data->v.sz.str,
(const smb_ucs2_t *)file_entry->data);
break;
case REG_DWORD_BIG_ENDIAN:
case REG_EXPAND_SZ:
case REG_LINK:
case REG_MULTI_SZ:
case REG_QWORD:
/* case REG_DWORD_LITTLE_ENDIAN: */
/* case REG_QWORD_LITTLE_ENDIAN: */
printf("not yet implemented: %d\n", data->type);
return false;
default:
printf("invalid reg type defined: %d\n", data->type);
return false;
}
entry = TALLOC_ZERO_P(mem_ctx, struct gp_registry_entry);
if (!entry)
return false;
entry->key = key;
entry->value = value;
entry->data = data;
entry->action = action;
*reg_entry = entry;
return true;
}
/****************************************************************
* [key;value;type;size;data][key;value;type;size;data]...
****************************************************************/
static bool reg_parse_entries(TALLOC_CTX *mem_ctx,
const char *desc,
struct gp_registry_entry **entries,
size_t *num_entries,
prs_struct *ps,
int depth)
{
if (!entries || !num_entries)
return false;
prs_debug(ps, depth, desc, "reg_parse_entries");
depth++;
*entries = NULL;
*num_entries = 0;
while (ps->buffer_size > ps->data_offset) {
struct gp_registry_file_entry f_entry;
struct gp_registry_entry *r_entry = NULL;
if (!reg_parse_entry(mem_ctx, desc, &f_entry,
ps, depth))
return false;
if (!gp_reg_entry_from_file_entry(mem_ctx,
&f_entry,
&r_entry))
return false;
if (!add_gp_registry_entry_to_array(mem_ctx,
r_entry,
entries,
num_entries))
return false;
}
return true;
}
/****************************************************************
****************************************************************/
static NTSTATUS reg_parse_registry(TALLOC_CTX *mem_ctx,
uint32_t flags,
const char *filename,
struct gp_registry_entry **entries,
size_t *num_entries)
{
uint16_t *buf = NULL;
size_t n = 0;
NTSTATUS status;
prs_struct ps;
struct gp_registry_file *reg_file;
const char *real_filename = NULL;
reg_file = TALLOC_ZERO_P(mem_ctx, struct gp_registry_file);
NT_STATUS_HAVE_NO_MEMORY(reg_file);
status = gp_find_file(mem_ctx,
flags,
filename,
GP_REGPOL_FILE,
&real_filename);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(reg_file);
return status;
}
buf = (uint16 *)file_load(real_filename, &n, 0);
if (!buf) {
TALLOC_FREE(reg_file);
return NT_STATUS_CANNOT_LOAD_REGISTRY_FILE;
}
if (!prs_init(&ps, n, mem_ctx, UNMARSHALL)) {
status = NT_STATUS_NO_MEMORY;
goto out;
}
if (!prs_copy_data_in(&ps, (char *)buf, n)) {
status = NT_STATUS_NO_MEMORY;
goto out;
}
prs_set_offset(&ps, 0);
if (!reg_parse_header("header", &reg_file->header, &ps, 0)) {
status = NT_STATUS_REGISTRY_IO_FAILED;
goto out;
}
if (reg_file->header.signature != GP_REGPOL_FILE_SIGNATURE) {
status = NT_STATUS_INVALID_PARAMETER;
goto out;
}
if (reg_file->header.version != GP_REGPOL_FILE_VERSION) {
status = NT_STATUS_INVALID_PARAMETER;
goto out;
}
if (!reg_parse_entries(mem_ctx, "entries", &reg_file->entries,
&reg_file->num_entries, &ps, 0)) {
status = NT_STATUS_REGISTRY_IO_FAILED;
goto out;
}
*entries = reg_file->entries;
*num_entries = reg_file->num_entries;
status = NT_STATUS_OK;
out:
SAFE_FREE(buf);
prs_mem_free(&ps);
return status;
}
/****************************************************************
****************************************************************/
static WERROR reg_apply_registry(TALLOC_CTX *mem_ctx,
const struct nt_user_token *token,
struct registry_key *root_key,
uint32_t flags,
struct gp_registry_entry *entries,
size_t num_entries)
{
struct gp_registry_context *reg_ctx = NULL;
WERROR werr;
size_t i;
if (num_entries == 0) {
return WERR_OK;
}
#if 0
if (flags & GPO_LIST_FLAG_MACHINE) {
werr = gp_init_reg_ctx(mem_ctx, KEY_HKLM, REG_KEY_WRITE,
get_system_token(),
&reg_ctx);
} else {
werr = gp_init_reg_ctx(mem_ctx, KEY_HKCU, REG_KEY_WRITE,
token,
&reg_ctx);
}
W_ERROR_NOT_OK_RETURN(werr);
#endif
for (i=0; i<num_entries; i++) {
/* FIXME: maybe we should check here if we attempt to go beyond
* the 4 allowed reg keys */
werr = reg_apply_registry_entry(mem_ctx, root_key,
reg_ctx,
&(entries)[i],
token, flags);
if (!W_ERROR_IS_OK(werr)) {
DEBUG(0,("failed to apply registry: %s\n",
dos_errstr(werr)));
goto done;
}
}
done:
gp_free_reg_ctx(reg_ctx);
return werr;
}
/****************************************************************
****************************************************************/
static NTSTATUS registry_process_group_policy(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
uint32_t flags,
struct registry_key *root_key,
const struct nt_user_token *token,
struct GROUP_POLICY_OBJECT *gpo,
const char *extension_guid,
const char *snapin_guid)
{
NTSTATUS status;
WERROR werr;
struct gp_registry_entry *entries = NULL;
size_t num_entries = 0;
char *unix_path = NULL;
debug_gpext_header(0, "registry_process_group_policy", flags, gpo,
extension_guid, snapin_guid);
status = gpo_get_unix_path(mem_ctx, gpo, &unix_path);
NT_STATUS_NOT_OK_RETURN(status);
status = reg_parse_registry(mem_ctx,
flags,
unix_path,
&entries,
&num_entries);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("failed to parse registry: %s\n",
nt_errstr(status)));
return status;
}
dump_reg_entries(flags, "READ", entries, num_entries);
werr = reg_apply_registry(mem_ctx, token, root_key, flags,
entries, num_entries);
if (!W_ERROR_IS_OK(werr)) {
DEBUG(0,("failed to apply registry: %s\n",
dos_errstr(werr)));
return werror_to_ntstatus(werr);
}
return NT_STATUS_OK;
}
/****************************************************************
****************************************************************/
static NTSTATUS registry_get_reg_config(TALLOC_CTX *mem_ctx,
struct gp_extension_reg_info **reg_info)
{
NTSTATUS status;
struct gp_extension_reg_info *info = NULL;
struct gp_extension_reg_table table[] = {
{ "ProcessGroupPolicy", REG_SZ, "registry_process_group_policy" },
{ NULL, REG_NONE, NULL }
};
info = TALLOC_ZERO_P(mem_ctx, struct gp_extension_reg_info);
NT_STATUS_HAVE_NO_MEMORY(info);
status = gp_ext_info_add_entry(mem_ctx, GP_EXT_NAME,
GP_EXT_GUID_REGISTRY,
table, info);
NT_STATUS_NOT_OK_RETURN(status);
*reg_info = info;
return NT_STATUS_OK;
}
/****************************************************************
****************************************************************/
static NTSTATUS registry_initialize(TALLOC_CTX *mem_ctx)
{
return NT_STATUS_OK;
}
/****************************************************************
****************************************************************/
static NTSTATUS registry_shutdown(void)
{
NTSTATUS status;
status = unregister_gp_extension(GP_EXT_NAME);
if (NT_STATUS_IS_OK(status)) {
return status;
}
TALLOC_FREE(ctx);
return NT_STATUS_OK;
}
/****************************************************************
****************************************************************/
static struct gp_extension_methods registry_methods = {
.initialize = registry_initialize,
.process_group_policy = registry_process_group_policy,
.get_reg_config = registry_get_reg_config,
.shutdown = registry_shutdown
};
/****************************************************************
****************************************************************/
NTSTATUS gpext_registry_init(void)
{
NTSTATUS status;
ctx = talloc_init("gpext_registry_init");
NT_STATUS_HAVE_NO_MEMORY(ctx);
status = register_gp_extension(ctx, SMB_GPEXT_INTERFACE_VERSION,
GP_EXT_NAME, GP_EXT_GUID_REGISTRY,
&registry_methods);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(ctx);
}
return status;
}

35
source3/libgpo/gpo_fetch.c
View File

@ -44,15 +44,18 @@ NTSTATUS gpo_explode_filesyspath(TALLOC_CTX *mem_ctx,
if (!next_token_talloc(mem_ctx, &file_sys_path, server, "\\")) {
return NT_STATUS_INVALID_PARAMETER;
}
NT_STATUS_HAVE_NO_MEMORY(*server);
if (!next_token_talloc(mem_ctx, &file_sys_path, service, "\\")) {
return NT_STATUS_INVALID_PARAMETER;
}
NT_STATUS_HAVE_NO_MEMORY(*service);
if ((*nt_path = talloc_asprintf(mem_ctx, "\\%s", file_sys_path))
== NULL) {
return NT_STATUS_NO_MEMORY;
}
NT_STATUS_HAVE_NO_MEMORY(*nt_path);
if ((path = talloc_asprintf(mem_ctx,
"%s/%s",
@ -65,9 +68,8 @@ NTSTATUS gpo_explode_filesyspath(TALLOC_CTX *mem_ctx,
return NT_STATUS_NO_MEMORY;
}
if ((*unix_path = talloc_strdup(mem_ctx, path)) == NULL) {
return NT_STATUS_NO_MEMORY;
}
*unix_path = talloc_strdup(mem_ctx, path);
NT_STATUS_HAVE_NO_MEMORY(*unix_path);
TALLOC_FREE(path);
return NT_STATUS_OK;
@ -124,36 +126,23 @@ NTSTATUS gpo_fetch_files(TALLOC_CTX *mem_ctx,
result = gpo_explode_filesyspath(mem_ctx, gpo->file_sys_path,
&server, &service, &nt_path,
&unix_path);
if (!NT_STATUS_IS_OK(result)) {
goto out;
}
NT_STATUS_NOT_OK_RETURN(result);
result = gpo_prepare_local_store(mem_ctx, unix_path);
if (!NT_STATUS_IS_OK(result)) {
goto out;
}
NT_STATUS_NOT_OK_RETURN(result);
unix_ini_path = talloc_asprintf(mem_ctx, "%s/%s", unix_path, GPT_INI);
nt_ini_path = talloc_asprintf(mem_ctx, "%s\\%s", nt_path, GPT_INI);
if (!unix_path || !nt_ini_path) {
result = NT_STATUS_NO_MEMORY;
goto out;
}
NT_STATUS_HAVE_NO_MEMORY(unix_ini_path);
NT_STATUS_HAVE_NO_MEMORY(nt_ini_path);
result = gpo_copy_file(mem_ctx, cli, nt_ini_path, unix_ini_path);
if (!NT_STATUS_IS_OK(result)) {
goto out;
}
NT_STATUS_NOT_OK_RETURN(result);
result = gpo_sync_directories(mem_ctx, cli, nt_path, unix_path);
if (!NT_STATUS_IS_OK(result)) {
goto out;
}
NT_STATUS_NOT_OK_RETURN(result);
result = NT_STATUS_OK;
out:
return result;
return NT_STATUS_OK;
}
/****************************************************************

4
source3/libgpo/gpo_filesync.c
View File

@ -117,10 +117,10 @@ static bool gpo_sync_files(struct sync_context *ctx)
ctx) == -1) {
DEBUG(1,("listing [%s] failed with error: %s\n",
ctx->mask, cli_errstr(ctx->cli)));
return False;
return false;
}
return True;
return true;
}
/****************************************************************

4
source3/libgpo/gpo_ini.c
View File

@ -174,7 +174,7 @@ static NTSTATUS convert_file_from_ucs2(TALLOC_CTX *mem_ctx,
failed:
DEBUG(1,("gp_inifile_init_context failed: %s\n",
DEBUG(1,("gp_inifile_init_context failed: %s\n",
nt_errstr(status)));
TALLOC_FREE(ctx);
@ -237,7 +237,7 @@ NTSTATUS parse_gpt_ini(TALLOC_CTX *mem_ctx,
result = NT_STATUS_OK;
out:
if (dict) {
if (dict) {
iniparser_freedict(dict);
}

12
source3/libgpo/gpo_ldap.c
View File

@ -27,7 +27,7 @@ bool ads_parse_gp_ext(TALLOC_CTX *mem_ctx,
const char *extension_raw,
struct GP_EXT **gp_ext)
{
bool ret = False;
bool ret = false;
struct GP_EXT *ext = NULL;
char **ext_list = NULL;
char **ext_strings = NULL;
@ -134,7 +134,7 @@ bool ads_parse_gp_ext(TALLOC_CTX *mem_ctx,
*gp_ext = ext;
ret = True;
ret = true;
parse_error:
TALLOC_FREE(ext_list);
@ -659,7 +659,7 @@ ADS_STATUS ads_get_sid_token(ADS_STRUCT *ads,
}
}
new_token = create_local_nt_token(mem_ctx, &object_sid, False,
new_token = create_local_nt_token(mem_ctx, &object_sid, false,
num_token_sids, token_sids);
ADS_ERROR_HAVE_NO_MEMORY(new_token);
@ -713,7 +713,7 @@ ADS_STATUS ads_get_gpo_list(ADS_STRUCT *ads,
ADS_STATUS status;
struct GP_LINK gp_link;
const char *parent_dn, *site_dn, *tmp_dn;
bool add_only_forced_gpos = False;
bool add_only_forced_gpos = false;
ZERO_STRUCTP(gpo_list);
@ -793,7 +793,7 @@ ADS_STATUS ads_get_gpo_list(ADS_STRUCT *ads,
/* block inheritance from now on */
if (gp_link.gp_opts &
GPOPTIONS_BLOCK_INHERITANCE) {
add_only_forced_gpos = True;
add_only_forced_gpos = true;
}
status = add_gplink_to_gpo_list(ads,
@ -839,7 +839,7 @@ ADS_STATUS ads_get_gpo_list(ADS_STRUCT *ads,
/* block inheritance from now on */
if (gp_link.gp_opts &
GPOPTIONS_BLOCK_INHERITANCE) {
add_only_forced_gpos = True;
add_only_forced_gpos = true;
}
status = add_gplink_to_gpo_list(ads,

1058
source3/libgpo/gpo_reg.c Normal file
View File

File diff suppressed because it is too large Load Diff

8
source3/libgpo/gpo_sec.c
View File

@ -28,13 +28,13 @@ static bool gpo_sd_check_agp_object_guid(const struct security_ace_object *objec
NTSTATUS status;
if (!object) {
return False;
return false;
}
status = GUID_from_string(ADS_EXTENDED_RIGHT_APPLY_GROUP_POLICY,
&ext_right_apg_guid);
if (!NT_STATUS_IS_OK(status)) {
return False;
return false;
}
switch (object->flags) {
@ -52,7 +52,7 @@ static bool gpo_sd_check_agp_object_guid(const struct security_ace_object *objec
break;
}
return False;
return false;
}
/****************************************************************
@ -61,7 +61,7 @@ static bool gpo_sd_check_agp_object_guid(const struct security_ace_object *objec
static bool gpo_sd_check_agp_object(const SEC_ACE *ace)
{
if (!sec_ace_object(ace->type)) {
return False;
return false;
}
return gpo_sd_check_agp_object_guid(&ace->object.object);

82
source3/libgpo/gpo_util.c
View File

@ -1,7 +1,7 @@
/*
* Unix SMB/CIFS implementation.
* Group Policy Object Support
* Copyright (C) Guenther Deschner 2005-2007
* Copyright (C) Guenther Deschner 2005-2008
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -668,6 +668,51 @@ NTSTATUS check_refresh_gpo_list(ADS_STRUCT *ads,
/****************************************************************
****************************************************************/
NTSTATUS gpo_get_unix_path(TALLOC_CTX *mem_ctx,
struct GROUP_POLICY_OBJECT *gpo,
char **unix_path)
{
char *server, *share, *nt_path;
return gpo_explode_filesyspath(mem_ctx, gpo->file_sys_path,
&server, &share, &nt_path, unix_path);
}
/****************************************************************
****************************************************************/
char *gpo_flag_str(uint32_t flags)
{
fstring str = "";
if (flags == 0) {
return NULL;
}
if (flags & GPO_INFO_FLAG_SLOWLINK)
fstrcat(str, "GPO_INFO_FLAG_SLOWLINK ");
if (flags & GPO_INFO_FLAG_VERBOSE)
fstrcat(str, "GPO_INFO_FLAG_VERBOSE ");
if (flags & GPO_INFO_FLAG_SAFEMODE_BOOT)
fstrcat(str, "GPO_INFO_FLAG_SAFEMODE_BOOT ");
if (flags & GPO_INFO_FLAG_NOCHANGES)
fstrcat(str, "GPO_INFO_FLAG_NOCHANGES ");
if (flags & GPO_INFO_FLAG_MACHINE)
fstrcat(str, "GPO_INFO_FLAG_MACHINE ");
if (flags & GPO_INFO_FLAG_LOGRSOP_TRANSITION)
fstrcat(str, "GPO_INFO_FLAG_LOGRSOP_TRANSITION ");
if (flags & GPO_INFO_FLAG_LINKTRANSITION)
fstrcat(str, "GPO_INFO_FLAG_LINKTRANSITION ");
if (flags & GPO_INFO_FLAG_FORCED_REFRESH)
fstrcat(str, "GPO_INFO_FLAG_FORCED_REFRESH ");
if (flags & GPO_INFO_FLAG_BACKGROUND)
fstrcat(str, "GPO_INFO_FLAG_BACKGROUND ");
return SMB_STRDUP(str);
}
/****************************************************************
****************************************************************/
NTSTATUS gp_find_file(TALLOC_CTX *mem_ctx,
uint32_t flags,
const char *filename,
@ -693,8 +738,11 @@ NTSTATUS gp_find_file(TALLOC_CTX *mem_ctx,
return NT_STATUS_OK;
}
tmp = talloc_asprintf_strupper_m(mem_ctx, "%s/%s/%s", filename, path,
suffix);
path = talloc_strdup_upper(mem_ctx, path);
NT_STATUS_HAVE_NO_MEMORY(path);
tmp = talloc_asprintf(mem_ctx, "%s/%s/%s", filename,
path, suffix);
NT_STATUS_HAVE_NO_MEMORY(tmp);
if (sys_stat(tmp, &sbuf) == 0) {
@ -705,3 +753,31 @@ NTSTATUS gp_find_file(TALLOC_CTX *mem_ctx,
return NT_STATUS_NO_SUCH_FILE;
}
/****************************************************************
****************************************************************/
ADS_STATUS gp_get_machine_token(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
const char *dn,
struct nt_user_token **token)
{
struct nt_user_token *ad_token = NULL;
ADS_STATUS status;
NTSTATUS ntstatus;
#ifndef HAVE_ADS
return ADS_ERROR_NT(NT_STATUS_NOT_SUPPORTED);
#endif
status = ads_get_sid_token(ads, mem_ctx, dn, &ad_token);
if (!ADS_ERR_OK(status)) {
return status;
}
ntstatus = merge_nt_token(mem_ctx, ad_token, get_system_token(),
token);
if (!NT_STATUS_IS_OK(ntstatus)) {
return ADS_ERROR_NT(ntstatus);
}
return ADS_SUCCESS;
}

15
source3/libnet/libnet_conf.c
View File

@ -62,7 +62,7 @@ static WERROR libnet_conf_reg_initialize(struct libnet_conf_ctx *ctx)
{
WERROR werr = WERR_OK;
if (!registry_init_regdb()) {
if (!registry_init_smbconf()) {
werr = WERR_REG_IO_FAILURE;
goto done;
}
@ -481,6 +481,19 @@ void libnet_conf_close(struct libnet_conf_ctx *ctx)
TALLOC_FREE(ctx);
}
/**
* Get the change sequence number of the given service/parameter.
*
* NOTE: Currently, for registry configuration, this is independent
* of the service and parameter, it returns the registry-sequence
* number.
*/
uint64_t libnet_conf_get_seqnum(struct libnet_conf_ctx *ctx,
const char *service, const char *param)
{
return (uint64_t)regdb_get_seqnum();
}
/**
* Drop the whole configuration (restarting empty).
*/

423
source3/libnet/libnet_join.c
View File

@ -29,7 +29,7 @@
char *str = NULL; \
str = NDR_PRINT_FUNCTION_STRING(ctx, libnet_JoinCtx, f, r); \
DEBUG(1,("libnet_Join:\n%s", str)); \
talloc_free(str); \
TALLOC_FREE(str); \
} while (0)
#define LIBNET_JOIN_IN_DUMP_CTX(ctx, r) \
@ -42,7 +42,7 @@
char *str = NULL; \
str = NDR_PRINT_FUNCTION_STRING(ctx, libnet_UnjoinCtx, f, r); \
DEBUG(1,("libnet_Unjoin:\n%s", str)); \
talloc_free(str); \
TALLOC_FREE(str); \
} while (0)
#define LIBNET_UNJOIN_IN_DUMP_CTX(ctx, r) \
@ -50,6 +50,12 @@
#define LIBNET_UNJOIN_OUT_DUMP_CTX(ctx, r) \
LIBNET_UNJOIN_DUMP_CTX(ctx, r, NDR_OUT)
#define W_ERROR_NOT_OK_GOTO_DONE(x) do { \
if (!W_ERROR_IS_OK(x)) {\
goto done;\
}\
} while (0)
/****************************************************************
****************************************************************/
@ -146,9 +152,24 @@ static ADS_STATUS libnet_join_connect_ads(TALLOC_CTX *mem_ctx,
libnet_join_set_error_string(mem_ctx, r,
"failed to connect to AD: %s",
ads_errstr(status));
return status;
}
return status;
if (!r->out.netbios_domain_name) {
r->out.netbios_domain_name = talloc_strdup(mem_ctx,
r->in.ads->server.workgroup);
ADS_ERROR_HAVE_NO_MEMORY(r->out.netbios_domain_name);
}
if (!r->out.dns_domain_name) {
r->out.dns_domain_name = talloc_strdup(mem_ctx,
r->in.ads->config.realm);
ADS_ERROR_HAVE_NO_MEMORY(r->out.dns_domain_name);
}
r->out.domain_is_ad = true;
return ADS_SUCCESS;
}
/****************************************************************
@ -175,6 +196,7 @@ static ADS_STATUS libnet_unjoin_connect_ads(TALLOC_CTX *mem_ctx,
}
/****************************************************************
join a domain using ADS (LDAP mods)
****************************************************************/
static ADS_STATUS libnet_join_precreate_machine_acct(TALLOC_CTX *mem_ctx,
@ -183,6 +205,7 @@ static ADS_STATUS libnet_join_precreate_machine_acct(TALLOC_CTX *mem_ctx,
ADS_STATUS status;
LDAPMessage *res = NULL;
const char *attrs[] = { "dn", NULL };
bool moved = false;
status = ads_search_dn(r->in.ads, &res, r->in.account_ou, attrs);
if (!ADS_ERR_OK(status)) {
@ -194,16 +217,41 @@ static ADS_STATUS libnet_join_precreate_machine_acct(TALLOC_CTX *mem_ctx,
return ADS_ERROR_LDAP(LDAP_NO_SUCH_OBJECT);
}
ads_msgfree(r->in.ads, res);
/* Attempt to create the machine account and bail if this fails.
Assume that the admin wants exactly what they requested */
status = ads_create_machine_acct(r->in.ads,
r->in.machine_name,
r->in.account_ou);
ads_msgfree(r->in.ads, res);
if ((status.error_type == ENUM_ADS_ERROR_LDAP) &&
(status.err.rc == LDAP_ALREADY_EXISTS)) {
if (ADS_ERR_OK(status)) {
DEBUG(1,("machine account creation created\n"));
return status;
} else if ((status.error_type == ENUM_ADS_ERROR_LDAP) &&
(status.err.rc == LDAP_ALREADY_EXISTS)) {
status = ADS_SUCCESS;
}
if (!ADS_ERR_OK(status)) {
DEBUG(1,("machine account creation failed\n"));
return status;
}
status = ads_move_machine_acct(r->in.ads,
r->in.machine_name,
r->in.account_ou,
&moved);
if (!ADS_ERR_OK(status)) {
DEBUG(1,("failure to locate/move pre-existing "
"machine account\n"));
return status;
}
DEBUG(1,("The machine account %s the specified OU.\n",
moved ? "was moved into" : "already exists in"));
return status;
}
@ -279,6 +327,7 @@ static ADS_STATUS libnet_join_find_machine_acct(TALLOC_CTX *mem_ctx,
}
/****************************************************************
Set a machines dNSHostName and servicePrincipalName attributes
****************************************************************/
static ADS_STATUS libnet_join_set_machine_spn(TALLOC_CTX *mem_ctx,
@ -290,18 +339,15 @@ static ADS_STATUS libnet_join_set_machine_spn(TALLOC_CTX *mem_ctx,
const char *spn_array[3] = {NULL, NULL, NULL};
char *spn = NULL;
if (!r->in.ads) {
status = libnet_join_connect_ads(mem_ctx, r);
if (!ADS_ERR_OK(status)) {
return status;
}
}
/* Find our DN */
status = libnet_join_find_machine_acct(mem_ctx, r);
if (!ADS_ERR_OK(status)) {
return status;
}
/* Windows only creates HOST/shortname & HOST/fqdn. */
spn = talloc_asprintf(mem_ctx, "HOST/%s", r->in.machine_name);
if (!spn) {
return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
@ -325,6 +371,8 @@ static ADS_STATUS libnet_join_set_machine_spn(TALLOC_CTX *mem_ctx,
return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
}
/* fields of primary importance */
status = ads_mod_str(mem_ctx, &mods, "dNSHostName", my_fqdn);
if (!ADS_ERR_OK(status)) {
return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
@ -352,12 +400,7 @@ static ADS_STATUS libnet_join_set_machine_upn(TALLOC_CTX *mem_ctx,
return ADS_SUCCESS;
}
if (!r->in.ads) {
status = libnet_join_connect_ads(mem_ctx, r);
if (!ADS_ERR_OK(status)) {
return status;
}
}
/* Find our DN */
status = libnet_join_find_machine_acct(mem_ctx, r);
if (!ADS_ERR_OK(status)) {
@ -374,11 +417,15 @@ static ADS_STATUS libnet_join_set_machine_upn(TALLOC_CTX *mem_ctx,
}
}
/* now do the mods */
mods = ads_init_mods(mem_ctx);
if (!mods) {
return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
}
/* fields of primary importance */
status = ads_mod_str(mem_ctx, &mods, "userPrincipalName", r->in.upn);
if (!ADS_ERR_OK(status)) {
return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
@ -402,18 +449,15 @@ static ADS_STATUS libnet_join_set_os_attributes(TALLOC_CTX *mem_ctx,
return ADS_SUCCESS;
}
if (!r->in.ads) {
status = libnet_join_connect_ads(mem_ctx, r);
if (!ADS_ERR_OK(status)) {
return status;
}
}
/* Find our DN */
status = libnet_join_find_machine_acct(mem_ctx, r);
if (!ADS_ERR_OK(status)) {
return status;
}
/* now do the mods */
mods = ads_init_mods(mem_ctx);
if (!mods) {
return ADS_ERROR(LDAP_NO_MEMORY);
@ -424,6 +468,8 @@ static ADS_STATUS libnet_join_set_os_attributes(TALLOC_CTX *mem_ctx,
return ADS_ERROR(LDAP_NO_MEMORY);
}
/* fields of primary importance */
status = ads_mod_str(mem_ctx, &mods, "operatingSystem",
r->in.os_name);
if (!ADS_ERR_OK(status)) {
@ -481,6 +527,8 @@ static bool libnet_join_derive_salting_principal(TALLOC_CTX *mem_ctx,
return false;
}
/* go ahead and setup the default salt */
std_salt = kerberos_standard_des_salt();
if (!std_salt) {
libnet_join_set_error_string(mem_ctx, r,
@ -495,6 +543,8 @@ static bool libnet_join_derive_salting_principal(TALLOC_CTX *mem_ctx,
SAFE_FREE(std_salt);
/* if it's a Windows functional domain, we have to look for the UPN */
if (domain_func == DS_DOMAIN_FUNCTION_2000) {
char *upn;
@ -519,6 +569,13 @@ static ADS_STATUS libnet_join_post_processing_ads(TALLOC_CTX *mem_ctx,
{
ADS_STATUS status;
if (!r->in.ads) {
status = libnet_join_connect_ads(mem_ctx, r);
if (!ADS_ERR_OK(status)) {
return status;
}
}
status = libnet_join_set_machine_spn(mem_ctx, r);
if (!ADS_ERR_OK(status)) {
libnet_join_set_error_string(mem_ctx, r,
@ -558,6 +615,7 @@ static ADS_STATUS libnet_join_post_processing_ads(TALLOC_CTX *mem_ctx,
#endif /* WITH_ADS */
/****************************************************************
Store the machine password and domain SID
****************************************************************/
static bool libnet_join_joindomain_store_secrets(TALLOC_CTX *mem_ctx,
@ -566,13 +624,15 @@ static bool libnet_join_joindomain_store_secrets(TALLOC_CTX *mem_ctx,
if (!secrets_store_domain_sid(r->out.netbios_domain_name,
r->out.domain_sid))
{
DEBUG(1,("Failed to save domain sid\n"));
return false;
}
if (!secrets_store_machine_password(r->in.machine_password,
r->out.netbios_domain_name,
SEC_CHAN_WKSTA))
r->in.secure_channel_type))
{
DEBUG(1,("Failed to save machine password\n"));
return false;
}
@ -580,6 +640,7 @@ static bool libnet_join_joindomain_store_secrets(TALLOC_CTX *mem_ctx,
}
/****************************************************************
Do the domain join
****************************************************************/
static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
@ -591,8 +652,8 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
char *acct_name;
struct lsa_String lsa_acct_name;
uint32 user_rid;
uint32 acb_info = ACB_WSTRUST;
uint32_t user_rid;
uint32_t acct_flags = ACB_WSTRUST;
uchar pwbuf[532];
struct MD5Context md5ctx;
uchar md5buffer[16];
@ -624,10 +685,12 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_LSARPC, &status);
if (!pipe_hnd) {
DEBUG(0,("Error connecting to LSA pipe. Error was %s\n",
nt_errstr(status)));
goto done;
}
status = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, True,
status = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true,
SEC_RIGHTS_MAXIMUM_ALLOWED, &lsa_pol);
if (!NT_STATUS_IS_OK(status)) {
goto done;
@ -660,8 +723,12 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
rpccli_lsa_Close(pipe_hnd, mem_ctx, &lsa_pol);
cli_rpc_pipe_close(pipe_hnd);
/* Open the domain */
pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_SAMR, &status);
if (!pipe_hnd) {
DEBUG(0,("Error connecting to SAM pipe. Error was %s\n",
nt_errstr(status)));
goto done;
}
@ -682,13 +749,15 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
goto done;
}
/* Create domain user */
acct_name = talloc_asprintf(mem_ctx, "%s$", r->in.machine_name);
strlower_m(acct_name);
init_lsa_String(&lsa_acct_name, acct_name);
if (r->in.join_flags & WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE) {
uint32_t acct_flags =
uint32_t access_desired =
SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
SEC_STD_WRITE_DAC | SEC_STD_DELETE |
SAMR_USER_ACCESS_SET_PASSWORD |
@ -696,14 +765,38 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
SAMR_USER_ACCESS_SET_ATTRIBUTES;
uint32_t access_granted = 0;
/* Don't try to set any acct_flags flags other than ACB_WSTRUST */
DEBUG(10,("Creating account with desired access mask: %d\n",
access_desired));
status = rpccli_samr_CreateUser2(pipe_hnd, mem_ctx,
&domain_pol,
&lsa_acct_name,
ACB_WSTRUST,
acct_flags,
access_desired,
&user_pol,
&access_granted,
&user_rid);
if (!NT_STATUS_IS_OK(status) &&
!NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
DEBUG(10,("Creation of workstation account failed: %s\n",
nt_errstr(status)));
/* If NT_STATUS_ACCESS_DENIED then we have a valid
username/password combo but the user does not have
administrator access. */
if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
libnet_join_set_error_string(mem_ctx, r,
"User specified does not have "
"administrator privileges");
}
return status;
}
if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
if (!(r->in.join_flags &
WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED)) {
@ -711,6 +804,8 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
}
}
/* We *must* do this.... don't ask... */
if (NT_STATUS_IS_OK(status)) {
rpccli_samr_Close(pipe_hnd, mem_ctx, &user_pol);
}
@ -727,12 +822,16 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
}
if (name_types.ids[0] != SID_NAME_USER) {
DEBUG(0,("%s is not a user account (type=%d)\n",
acct_name, name_types.ids[0]));
status = NT_STATUS_INVALID_WORKSTATION;
goto done;
}
user_rid = user_rids.ids[0];
/* Open handle on user */
status = rpccli_samr_OpenUser(pipe_hnd, mem_ctx,
&domain_pol,
SEC_RIGHTS_MAXIMUM_ALLOWED,
@ -742,10 +841,12 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
goto done;
}
/* Create a random machine account password and generate the hash */
E_md4hash(r->in.machine_password, md4_trust_password);
encode_pw_buffer(pwbuf, r->in.machine_password, STR_UNICODE);
generate_random_buffer((uint8*)md5buffer, sizeof(md5buffer));
generate_random_buffer((uint8_t*)md5buffer, sizeof(md5buffer));
digested_session_key = data_blob_talloc(mem_ctx, 0, 16);
MD5Init(&md5ctx);
@ -757,27 +858,54 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
SamOEMhashBlob(pwbuf, sizeof(pwbuf), &digested_session_key);
memcpy(&pwbuf[516], md5buffer, sizeof(md5buffer));
acb_info |= ACB_PWNOEXP;
/* Fill in the additional account flags now */
acct_flags |= ACB_PWNOEXP;
if (r->out.domain_is_ad) {
#if !defined(ENCTYPE_ARCFOUR_HMAC)
acb_info |= ACB_USE_DES_KEY_ONLY;
acct_flags |= ACB_USE_DES_KEY_ONLY;
#endif
;;
}
/* Set password and account flags on machine account */
ZERO_STRUCT(user_info.info25);
user_info.info25.info.fields_present = ACCT_NT_PWD_SET |
ACCT_LM_PWD_SET |
SAMR_FIELD_ACCT_FLAGS;
user_info.info25.info.acct_flags = acb_info;
user_info.info25.info.acct_flags = acct_flags;
memcpy(&user_info.info25.password.data, pwbuf, sizeof(pwbuf));
status = rpccli_samr_SetUserInfo(pipe_hnd, mem_ctx,
&user_pol,
25,
&user_info);
if (NT_STATUS_EQUAL(status, NT_STATUS(DCERPC_FAULT_INVALID_TAG))) {
uchar pwbuf2[516];
encode_pw_buffer(pwbuf2, r->in.machine_password, STR_UNICODE);
/* retry with level 24 */
init_samr_user_info24(&user_info.info24, pwbuf2, 24);
SamOEMhashBlob(user_info.info24.password.data, 516,
&cli->user_session_key);
status = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
&user_pol,
24,
&user_info);
}
if (!NT_STATUS_IS_OK(status)) {
libnet_join_set_error_string(mem_ctx, r,
"Failed to set password for machine account (%s)\n",
nt_errstr(status));
goto done;
}
@ -796,6 +924,131 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
/****************************************************************
****************************************************************/
NTSTATUS libnet_join_ok(const char *netbios_domain_name,
const char *machine_name,
const char *dc_name)
{
uint32_t neg_flags = NETLOGON_NEG_SELECT_AUTH2_FLAGS |
NETLOGON_NEG_SCHANNEL;
struct cli_state *cli = NULL;
struct rpc_pipe_client *pipe_hnd = NULL;
struct rpc_pipe_client *netlogon_pipe = NULL;
NTSTATUS status;
char *machine_password = NULL;
char *machine_account = NULL;
if (!dc_name) {
return NT_STATUS_INVALID_PARAMETER;
}
if (!secrets_init()) {
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
machine_password = secrets_fetch_machine_password(netbios_domain_name,
NULL, NULL);
if (!machine_password) {
return NT_STATUS_NO_TRUST_LSA_SECRET;
}
asprintf(&machine_account, "%s$", machine_name);
if (!machine_account) {
SAFE_FREE(machine_password);
return NT_STATUS_NO_MEMORY;
}
status = cli_full_connection(&cli, NULL,
dc_name,
NULL, 0,
"IPC$", "IPC",
machine_account,
NULL,
machine_password,
0,
Undefined, NULL);
free(machine_account);
free(machine_password);
if (!NT_STATUS_IS_OK(status)) {
status = cli_full_connection(&cli, NULL,
dc_name,
NULL, 0,
"IPC$", "IPC",
"",
NULL,
"",
0,
Undefined, NULL);
}
if (!NT_STATUS_IS_OK(status)) {
return status;
}
netlogon_pipe = get_schannel_session_key(cli,
netbios_domain_name,
&neg_flags, &status);
if (!netlogon_pipe) {
if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_NETWORK_RESPONSE)) {
cli_shutdown(cli);
return NT_STATUS_OK;
}
DEBUG(0,("libnet_join_ok: failed to get schannel session "
"key from server %s for domain %s. Error was %s\n",
cli->desthost, netbios_domain_name, nt_errstr(status)));
cli_shutdown(cli);
return status;
}
if (!lp_client_schannel()) {
cli_shutdown(cli);
return NT_STATUS_OK;
}
pipe_hnd = cli_rpc_pipe_open_schannel_with_key(cli, PI_NETLOGON,
PIPE_AUTH_LEVEL_PRIVACY,
netbios_domain_name,
netlogon_pipe->dc,
&status);
cli_shutdown(cli);
if (!pipe_hnd) {
DEBUG(0,("libnet_join_ok: failed to open schannel session "
"on netlogon pipe to server %s for domain %s. "
"Error was %s\n",
cli->desthost, netbios_domain_name, nt_errstr(status)));
return status;
}
return NT_STATUS_OK;
}
/****************************************************************
****************************************************************/
static WERROR libnet_join_post_verify(TALLOC_CTX *mem_ctx,
struct libnet_JoinCtx *r)
{
NTSTATUS status;
status = libnet_join_ok(r->out.netbios_domain_name,
r->in.machine_name,
r->in.dc_name);
if (!NT_STATUS_IS_OK(status)) {
libnet_join_set_error_string(mem_ctx, r,
"failed to verify domain membership after joining: %s",
get_friendly_nt_error_msg(status));
return WERR_SETUP_NOT_JOINED;
}
return WERR_OK;
}
/****************************************************************
****************************************************************/
static bool libnet_join_unjoindomain_remove_secrets(TALLOC_CTX *mem_ctx,
struct libnet_UnjoinCtx *r)
{
@ -821,7 +1074,7 @@ static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CTX *mem_ctx,
POLICY_HND sam_pol, domain_pol, user_pol;
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
char *acct_name;
uint32 user_rid;
uint32_t user_rid;
struct lsa_String lsa_acct_name;
struct samr_Ids user_rids;
struct samr_Ids name_types;
@ -840,8 +1093,12 @@ static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CTX *mem_ctx,
goto done;
}
/* Open the domain */
pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_SAMR, &status);
if (!pipe_hnd) {
DEBUG(0,("Error connecting to SAM pipe. Error was %s\n",
nt_errstr(status)));
goto done;
}
@ -862,6 +1119,8 @@ static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CTX *mem_ctx,
goto done;
}
/* Create domain user */
acct_name = talloc_asprintf(mem_ctx, "%s$", r->in.machine_name);
strlower_m(acct_name);
@ -879,12 +1138,16 @@ static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CTX *mem_ctx,
}
if (name_types.ids[0] != SID_NAME_USER) {
DEBUG(0, ("%s is not a user account (type=%d)\n", acct_name,
name_types.ids[0]));
status = NT_STATUS_INVALID_WORKSTATION;
goto done;
}
user_rid = user_rids.ids[0];
/* Open handle on user */
status = rpccli_samr_OpenUser(pipe_hnd, mem_ctx,
&domain_pol,
SEC_RIGHTS_MAXIMUM_ALLOWED,
@ -894,6 +1157,8 @@ static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CTX *mem_ctx,
goto done;
}
/* Get user info */
status = rpccli_samr_QueryUserInfo(pipe_hnd, mem_ctx,
&user_pol,
16,
@ -903,6 +1168,8 @@ static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CTX *mem_ctx,
goto done;
}
/* now disable and setuser info */
info->info16.acct_flags |= ACB_DISABLED;
status = rpccli_samr_SetUserInfo(pipe_hnd, mem_ctx,
@ -942,9 +1209,7 @@ static WERROR do_join_modify_vals_config(struct libnet_JoinCtx *r)
if (!(r->in.join_flags & WKSSVC_JOIN_FLAGS_JOIN_TYPE)) {
werr = libnet_conf_set_global_parameter(ctx, "security", "user");
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
W_ERROR_NOT_OK_GOTO_DONE(werr);
werr = libnet_conf_set_global_parameter(ctx, "workgroup",
r->in.domain_name);
@ -952,27 +1217,22 @@ static WERROR do_join_modify_vals_config(struct libnet_JoinCtx *r)
}
werr = libnet_conf_set_global_parameter(ctx, "security", "domain");
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
W_ERROR_NOT_OK_GOTO_DONE(werr);
werr = libnet_conf_set_global_parameter(ctx, "workgroup",
r->out.netbios_domain_name);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
W_ERROR_NOT_OK_GOTO_DONE(werr);
if (r->out.domain_is_ad) {
werr = libnet_conf_set_global_parameter(ctx, "security", "ads");
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
W_ERROR_NOT_OK_GOTO_DONE(werr);
werr = libnet_conf_set_global_parameter(ctx, "realm",
r->out.dns_domain_name);
W_ERROR_NOT_OK_GOTO_DONE(werr);
}
done:
done:
libnet_conf_close(ctx);
return werr;
}
@ -993,14 +1253,11 @@ static WERROR do_unjoin_modify_vals_config(struct libnet_UnjoinCtx *r)
if (r->in.unjoin_flags & WKSSVC_JOIN_FLAGS_JOIN_TYPE) {
werr = libnet_conf_set_global_parameter(ctx, "security", "user");
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
W_ERROR_NOT_OK_GOTO_DONE(werr);
libnet_conf_delete_global_parameter(ctx, "realm");
}
libnet_conf_delete_global_parameter(ctx, "realm");
done:
done:
libnet_conf_close(ctx);
return werr;
}
@ -1034,7 +1291,7 @@ static WERROR do_JoinConfig(struct libnet_JoinCtx *r)
/****************************************************************
****************************************************************/
static WERROR do_UnjoinConfig(struct libnet_UnjoinCtx *r)
static WERROR libnet_unjoin_config(struct libnet_UnjoinCtx *r)
{
WERROR werr;
@ -1063,12 +1320,16 @@ static WERROR do_UnjoinConfig(struct libnet_UnjoinCtx *r)
static WERROR libnet_join_pre_processing(TALLOC_CTX *mem_ctx,
struct libnet_JoinCtx *r)
{
if (!r->in.domain_name) {
libnet_join_set_error_string(mem_ctx, r,
"No domain name defined");
return WERR_INVALID_PARAM;
}
if (r->in.modify_config && !lp_config_backend_is_registry()) {
libnet_join_set_error_string(mem_ctx, r,
"Configuration manipulation requested but not "
"supported by backend");
return WERR_NOT_SUPPORTED;
}
@ -1151,6 +1412,8 @@ WERROR libnet_init_JoinCtx(TALLOC_CTX *mem_ctx,
ctx->in.machine_name = talloc_strdup(mem_ctx, global_myname());
W_ERROR_HAVE_NO_MEMORY(ctx->in.machine_name);
ctx->in.secure_channel_type = SEC_CHAN_WKSTA;
*r = ctx;
return WERR_OK;
@ -1191,7 +1454,7 @@ static WERROR libnet_DomainJoin(TALLOC_CTX *mem_ctx,
#endif /* WITH_ADS */
if (!r->in.dc_name) {
struct DS_DOMAIN_CONTROLLER_INFO *info;
struct netr_DsRGetDCNameInfo *info;
status = dsgetdcname(mem_ctx,
r->in.domain_name,
NULL,
@ -1209,7 +1472,7 @@ static WERROR libnet_DomainJoin(TALLOC_CTX *mem_ctx,
}
r->in.dc_name = talloc_strdup(mem_ctx,
info->domain_controller_name);
info->dc_unc);
W_ERROR_HAVE_NO_MEMORY(r->in.dc_name);
}
@ -1283,6 +1546,11 @@ WERROR libnet_Join(TALLOC_CTX *mem_ctx,
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
werr = libnet_join_post_verify(mem_ctx, r);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
}
werr = libnet_join_post_processing(mem_ctx, r);
@ -1318,7 +1586,7 @@ static WERROR libnet_DomainUnjoin(TALLOC_CTX *mem_ctx,
}
if (!r->in.dc_name) {
struct DS_DOMAIN_CONTROLLER_INFO *info;
struct netr_DsRGetDCNameInfo *info;
status = dsgetdcname(mem_ctx,
r->in.domain_name,
NULL,
@ -1336,7 +1604,7 @@ static WERROR libnet_DomainUnjoin(TALLOC_CTX *mem_ctx,
}
r->in.dc_name = talloc_strdup(mem_ctx,
info->domain_controller_name);
info->dc_unc);
W_ERROR_HAVE_NO_MEMORY(r->in.dc_name);
}
@ -1351,6 +1619,8 @@ static WERROR libnet_DomainUnjoin(TALLOC_CTX *mem_ctx,
return ntstatus_to_werror(status);
}
r->out.disabled_machine_account = true;
#ifdef WITH_ADS
if (r->in.unjoin_flags & WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE) {
ADS_STATUS ads_status;
@ -1360,6 +1630,12 @@ static WERROR libnet_DomainUnjoin(TALLOC_CTX *mem_ctx,
libnet_unjoin_set_error_string(mem_ctx, r,
"failed to remove machine account from AD: %s",
ads_errstr(ads_status));
} else {
r->out.deleted_machine_account = true;
/* dirty hack */
r->out.dns_domain_name = talloc_strdup(mem_ctx,
r->in.ads->server.realm);
W_ERROR_HAVE_NO_MEMORY(r->out.dns_domain_name);
}
}
#endif /* WITH_ADS */
@ -1375,10 +1651,23 @@ static WERROR libnet_DomainUnjoin(TALLOC_CTX *mem_ctx,
static WERROR libnet_unjoin_pre_processing(TALLOC_CTX *mem_ctx,
struct libnet_UnjoinCtx *r)
{
if (!r->in.domain_name) {
libnet_unjoin_set_error_string(mem_ctx, r,
"No domain name defined");
return WERR_INVALID_PARAM;
}
if (r->in.modify_config && !lp_config_backend_is_registry()) {
libnet_unjoin_set_error_string(mem_ctx, r,
"Configuration manipulation requested but not "
"supported by backend");
return WERR_NOT_SUPPORTED;
}
if (IS_DC) {
return WERR_SETUP_DOMAIN_CONTROLLER;
}
if (!secrets_init()) {
libnet_unjoin_set_error_string(mem_ctx, r,
"Unable to open secrets database");
@ -1388,6 +1677,17 @@ static WERROR libnet_unjoin_pre_processing(TALLOC_CTX *mem_ctx,
return WERR_OK;
}
/****************************************************************
****************************************************************/
static WERROR libnet_unjoin_post_processing(TALLOC_CTX *mem_ctx,
struct libnet_UnjoinCtx *r)
{
saf_delete(r->out.netbios_domain_name);
saf_delete(r->out.dns_domain_name);
return libnet_unjoin_config(r);
}
/****************************************************************
****************************************************************/
@ -1409,11 +1709,12 @@ WERROR libnet_Unjoin(TALLOC_CTX *mem_ctx,
if (r->in.unjoin_flags & WKSSVC_JOIN_FLAGS_JOIN_TYPE) {
werr = libnet_DomainUnjoin(mem_ctx, r);
if (!W_ERROR_IS_OK(werr)) {
libnet_unjoin_config(r);
goto done;
}
}
werr = do_UnjoinConfig(r);
werr = libnet_unjoin_post_processing(mem_ctx, r);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}

1
source3/library-versions.in
View File

@ -3,6 +3,7 @@
## Makefile_target:major:minor
##
bin/libtalloc.@SHLIBEXT@:1:0
bin/libtdb.@SHLIBEXT@:0:1
bin/libsmbclient.@SHLIBEXT@:0:1
bin/libsmbsharemodes.@SHLIBEXT@:0:2
bin/libaddns.@SHLIBEXT@:0:1

56
source3/librpc/gen_ndr/cli_lsa.c
View File

@ -471,8 +471,8 @@ NTSTATUS rpccli_lsa_EnumAccounts(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
struct policy_handle *handle,
uint32_t *resume_handle,
uint32_t num_entries,
struct lsa_SidArray *sids)
struct lsa_SidArray *sids,
uint32_t num_entries)
{
struct lsa_EnumAccounts r;
NTSTATUS status;
@ -609,7 +609,7 @@ NTSTATUS rpccli_lsa_LookupNames(struct rpc_pipe_client *cli,
struct policy_handle *handle,
uint32_t num_names,
struct lsa_String *names,
struct lsa_RefDomainList *domains,
struct lsa_RefDomainList **domains,
struct lsa_TransSidArray *sids,
enum lsa_LookupNamesLevel level,
uint32_t *count)
@ -649,9 +649,7 @@ NTSTATUS rpccli_lsa_LookupNames(struct rpc_pipe_client *cli,
}
/* Return variables */
if (domains && r.out.domains) {
*domains = *r.out.domains;
}
*domains = *r.out.domains;
*sids = *r.out.sids;
*count = *r.out.count;
@ -663,7 +661,7 @@ NTSTATUS rpccli_lsa_LookupSids(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
struct policy_handle *handle,
struct lsa_SidArray *sids,
struct lsa_RefDomainList *domains,
struct lsa_RefDomainList **domains,
struct lsa_TransNameArray *names,
uint16_t level,
uint32_t *count)
@ -702,9 +700,7 @@ NTSTATUS rpccli_lsa_LookupSids(struct rpc_pipe_client *cli,
}
/* Return variables */
if (domains && r.out.domains) {
*domains = *r.out.domains;
}
*domains = *r.out.domains;
*names = *r.out.names;
*count = *r.out.count;
@ -805,7 +801,7 @@ NTSTATUS rpccli_lsa_OpenAccount(struct rpc_pipe_client *cli,
NTSTATUS rpccli_lsa_EnumPrivsAccount(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
struct policy_handle *handle,
struct lsa_PrivilegeSet *privs)
struct lsa_PrivilegeSet **privs)
{
struct lsa_EnumPrivsAccount r;
NTSTATUS status;
@ -837,9 +833,7 @@ NTSTATUS rpccli_lsa_EnumPrivsAccount(struct rpc_pipe_client *cli,
}
/* Return variables */
if (privs && r.out.privs) {
*privs = *r.out.privs;
}
*privs = *r.out.privs;
/* Return result */
return r.out.result;
@ -1669,7 +1663,7 @@ NTSTATUS rpccli_lsa_RemoveAccountRights(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
struct policy_handle *handle,
struct dom_sid2 *sid,
uint32_t unknown,
uint8_t remove_all,
struct lsa_RightSet *rights)
{
struct lsa_RemoveAccountRights r;
@ -1678,7 +1672,7 @@ NTSTATUS rpccli_lsa_RemoveAccountRights(struct rpc_pipe_client *cli,
/* In parameters */
r.in.handle = handle;
r.in.sid = sid;
r.in.unknown = unknown;
r.in.remove_all = remove_all;
r.in.rights = rights;
if (DEBUGLEVEL >= 10) {
@ -2474,7 +2468,7 @@ NTSTATUS rpccli_lsa_LookupSids2(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
struct policy_handle *handle,
struct lsa_SidArray *sids,
struct lsa_RefDomainList *domains,
struct lsa_RefDomainList **domains,
struct lsa_TransNameArray2 *names,
uint16_t level,
uint32_t *count,
@ -2517,9 +2511,7 @@ NTSTATUS rpccli_lsa_LookupSids2(struct rpc_pipe_client *cli,
}
/* Return variables */
if (domains && r.out.domains) {
*domains = *r.out.domains;
}
*domains = *r.out.domains;
*names = *r.out.names;
*count = *r.out.count;
@ -2532,7 +2524,7 @@ NTSTATUS rpccli_lsa_LookupNames2(struct rpc_pipe_client *cli,
struct policy_handle *handle,
uint32_t num_names,
struct lsa_String *names,
struct lsa_RefDomainList *domains,
struct lsa_RefDomainList **domains,
struct lsa_TransSidArray2 *sids,
enum lsa_LookupNamesLevel level,
uint32_t *count,
@ -2576,9 +2568,7 @@ NTSTATUS rpccli_lsa_LookupNames2(struct rpc_pipe_client *cli,
}
/* Return variables */
if (domains && r.out.domains) {
*domains = *r.out.domains;
}
*domains = *r.out.domains;
*sids = *r.out.sids;
*count = *r.out.count;
@ -2924,7 +2914,7 @@ NTSTATUS rpccli_lsa_LookupNames3(struct rpc_pipe_client *cli,
struct policy_handle *handle,
uint32_t num_names,
struct lsa_String *names,
struct lsa_RefDomainList *domains,
struct lsa_RefDomainList **domains,
struct lsa_TransSidArray3 *sids,
enum lsa_LookupNamesLevel level,
uint32_t *count,
@ -2968,9 +2958,7 @@ NTSTATUS rpccli_lsa_LookupNames3(struct rpc_pipe_client *cli,
}
/* Return variables */
if (domains && r.out.domains) {
*domains = *r.out.domains;
}
*domains = *r.out.domains;
*sids = *r.out.sids;
*count = *r.out.count;
@ -3248,7 +3236,7 @@ NTSTATUS rpccli_lsa_CREDRRENAME(struct rpc_pipe_client *cli,
NTSTATUS rpccli_lsa_LookupSids3(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
struct lsa_SidArray *sids,
struct lsa_RefDomainList *domains,
struct lsa_RefDomainList **domains,
struct lsa_TransNameArray2 *names,
uint16_t level,
uint32_t *count,
@ -3290,9 +3278,7 @@ NTSTATUS rpccli_lsa_LookupSids3(struct rpc_pipe_client *cli,
}
/* Return variables */
if (domains && r.out.domains) {
*domains = *r.out.domains;
}
*domains = *r.out.domains;
*names = *r.out.names;
*count = *r.out.count;
@ -3304,7 +3290,7 @@ NTSTATUS rpccli_lsa_LookupNames4(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
uint32_t num_names,
struct lsa_String *names,
struct lsa_RefDomainList *domains,
struct lsa_RefDomainList **domains,
struct lsa_TransSidArray3 *sids,
enum lsa_LookupNamesLevel level,
uint32_t *count,
@ -3347,9 +3333,7 @@ NTSTATUS rpccli_lsa_LookupNames4(struct rpc_pipe_client *cli,
}
/* Return variables */
if (domains && r.out.domains) {
*domains = *r.out.domains;
}
*domains = *r.out.domains;
*sids = *r.out.sids;
*count = *r.out.count;

22
source3/librpc/gen_ndr/cli_lsa.h
View File

@ -53,8 +53,8 @@ NTSTATUS rpccli_lsa_EnumAccounts(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
struct policy_handle *handle,
uint32_t *resume_handle,
uint32_t num_entries,
struct lsa_SidArray *sids);
struct lsa_SidArray *sids,
uint32_t num_entries);
NTSTATUS rpccli_lsa_CreateTrustedDomain(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
struct policy_handle *handle,
@ -72,7 +72,7 @@ NTSTATUS rpccli_lsa_LookupNames(struct rpc_pipe_client *cli,
struct policy_handle *handle,
uint32_t num_names,
struct lsa_String *names,
struct lsa_RefDomainList *domains,
struct lsa_RefDomainList **domains,
struct lsa_TransSidArray *sids,
enum lsa_LookupNamesLevel level,
uint32_t *count);
@ -80,7 +80,7 @@ NTSTATUS rpccli_lsa_LookupSids(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
struct policy_handle *handle,
struct lsa_SidArray *sids,
struct lsa_RefDomainList *domains,
struct lsa_RefDomainList **domains,
struct lsa_TransNameArray *names,
uint16_t level,
uint32_t *count);
@ -99,7 +99,7 @@ NTSTATUS rpccli_lsa_OpenAccount(struct rpc_pipe_client *cli,
NTSTATUS rpccli_lsa_EnumPrivsAccount(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
struct policy_handle *handle,
struct lsa_PrivilegeSet *privs);
struct lsa_PrivilegeSet **privs);
NTSTATUS rpccli_lsa_AddPrivilegesToAccount(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
struct policy_handle *handle,
@ -192,7 +192,7 @@ NTSTATUS rpccli_lsa_RemoveAccountRights(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
struct policy_handle *handle,
struct dom_sid2 *sid,
uint32_t unknown,
uint8_t remove_all,
struct lsa_RightSet *rights);
NTSTATUS rpccli_lsa_QueryTrustedDomainInfoBySid(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
@ -276,7 +276,7 @@ NTSTATUS rpccli_lsa_LookupSids2(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
struct policy_handle *handle,
struct lsa_SidArray *sids,
struct lsa_RefDomainList *domains,
struct lsa_RefDomainList **domains,
struct lsa_TransNameArray2 *names,
uint16_t level,
uint32_t *count,
@ -287,7 +287,7 @@ NTSTATUS rpccli_lsa_LookupNames2(struct rpc_pipe_client *cli,
struct policy_handle *handle,
uint32_t num_names,
struct lsa_String *names,
struct lsa_RefDomainList *domains,
struct lsa_RefDomainList **domains,
struct lsa_TransSidArray2 *sids,
enum lsa_LookupNamesLevel level,
uint32_t *count,
@ -316,7 +316,7 @@ NTSTATUS rpccli_lsa_LookupNames3(struct rpc_pipe_client *cli,
struct policy_handle *handle,
uint32_t num_names,
struct lsa_String *names,
struct lsa_RefDomainList *domains,
struct lsa_RefDomainList **domains,
struct lsa_TransSidArray3 *sids,
enum lsa_LookupNamesLevel level,
uint32_t *count,
@ -343,7 +343,7 @@ NTSTATUS rpccli_lsa_CREDRRENAME(struct rpc_pipe_client *cli,
NTSTATUS rpccli_lsa_LookupSids3(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
struct lsa_SidArray *sids,
struct lsa_RefDomainList *domains,
struct lsa_RefDomainList **domains,
struct lsa_TransNameArray2 *names,
uint16_t level,
uint32_t *count,
@ -353,7 +353,7 @@ NTSTATUS rpccli_lsa_LookupNames4(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
uint32_t num_names,
struct lsa_String *names,
struct lsa_RefDomainList *domains,
struct lsa_RefDomainList **domains,
struct lsa_TransSidArray3 *sids,
enum lsa_LookupNamesLevel level,
uint32_t *count,

37
source3/librpc/gen_ndr/cli_netlogon.c
View File

@ -113,7 +113,7 @@ NTSTATUS rpccli_netr_LogonSamLogon(struct rpc_pipe_client *cli,
struct netr_Authenticator *credential,
struct netr_Authenticator *return_authenticator,
uint16_t logon_level,
union netr_LogonLevel logon,
union netr_LogonLevel *logon,
uint16_t validation_level,
union netr_Validation *validation,
uint8_t *authoritative)
@ -220,7 +220,8 @@ NTSTATUS rpccli_netr_ServerReqChallenge(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
const char *server_name,
const char *computer_name,
struct netr_Credential *credentials)
struct netr_Credential *credentials,
struct netr_Credential *return_credentials)
{
struct netr_ServerReqChallenge r;
NTSTATUS status;
@ -254,7 +255,7 @@ NTSTATUS rpccli_netr_ServerReqChallenge(struct rpc_pipe_client *cli,
}
/* Return variables */
*credentials = *r.out.credentials;
*return_credentials = *r.out.return_credentials;
/* Return result */
return r.out.result;
@ -266,7 +267,8 @@ NTSTATUS rpccli_netr_ServerAuthenticate(struct rpc_pipe_client *cli,
const char *account_name,
enum netr_SchannelType secure_channel_type,
const char *computer_name,
struct netr_Credential *credentials)
struct netr_Credential *credentials,
struct netr_Credential *return_credentials)
{
struct netr_ServerAuthenticate r;
NTSTATUS status;
@ -302,7 +304,7 @@ NTSTATUS rpccli_netr_ServerAuthenticate(struct rpc_pipe_client *cli,
}
/* Return variables */
*credentials = *r.out.credentials;
*return_credentials = *r.out.return_credentials;
/* Return result */
return r.out.result;
@ -314,9 +316,9 @@ NTSTATUS rpccli_netr_ServerPasswordSet(struct rpc_pipe_client *cli,
const char *account_name,
enum netr_SchannelType secure_channel_type,
const char *computer_name,
struct netr_Authenticator credential,
struct samr_Password new_password,
struct netr_Authenticator *return_authenticator)
struct netr_Authenticator *credential,
struct netr_Authenticator *return_authenticator,
struct samr_Password *new_password)
{
struct netr_ServerPasswordSet r;
NTSTATUS status;
@ -363,12 +365,12 @@ NTSTATUS rpccli_netr_DatabaseDeltas(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
const char *logon_server,
const char *computername,
struct netr_Authenticator credential,
struct netr_Authenticator *credential,
struct netr_Authenticator *return_authenticator,
enum netr_SamDatabaseID database_id,
uint64_t *sequence_num,
uint32_t preferredmaximumlength,
struct netr_DELTA_ENUM_ARRAY *delta_enum_array)
struct netr_DELTA_ENUM_ARRAY **delta_enum_array,
uint32_t preferredmaximumlength)
{
struct netr_DatabaseDeltas r;
NTSTATUS status;
@ -745,7 +747,7 @@ NTSTATUS rpccli_netr_LogonControl2(struct rpc_pipe_client *cli,
const char *logon_server,
uint32_t function_code,
uint32_t level,
union netr_CONTROL_DATA_INFORMATION data,
union netr_CONTROL_DATA_INFORMATION *data,
union netr_CONTROL_QUERY_INFORMATION *query,
WERROR *werror)
{
@ -799,6 +801,7 @@ NTSTATUS rpccli_netr_ServerAuthenticate2(struct rpc_pipe_client *cli,
enum netr_SchannelType secure_channel_type,
const char *computer_name,
struct netr_Credential *credentials,
struct netr_Credential *return_credentials,
uint32_t *negotiate_flags)
{
struct netr_ServerAuthenticate2 r;
@ -836,7 +839,7 @@ NTSTATUS rpccli_netr_ServerAuthenticate2(struct rpc_pipe_client *cli,
}
/* Return variables */
*credentials = *r.out.credentials;
*return_credentials = *r.out.return_credentials;
*negotiate_flags = *r.out.negotiate_flags;
/* Return result */
@ -847,13 +850,13 @@ NTSTATUS rpccli_netr_DatabaseSync2(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
const char *logon_server,
const char *computername,
struct netr_Authenticator credential,
struct netr_Authenticator *credential,
struct netr_Authenticator *return_authenticator,
enum netr_SamDatabaseID database_id,
uint16_t restart_state,
uint32_t *sync_context,
uint32_t preferredmaximumlength,
struct netr_DELTA_ENUM_ARRAY *delta_enum_array)
struct netr_DELTA_ENUM_ARRAY **delta_enum_array,
uint32_t preferredmaximumlength)
{
struct netr_DatabaseSync2 r;
NTSTATUS status;
@ -1971,7 +1974,7 @@ NTSTATUS rpccli_netr_LogonSamLogonEx(struct rpc_pipe_client *cli,
const char *server_name,
const char *computer_name,
uint16_t logon_level,
union netr_LogonLevel logon,
union netr_LogonLevel *logon,
uint16_t validation_level,
union netr_Validation *validation,
uint8_t *authoritative,

31
source3/librpc/gen_ndr/cli_netlogon.h
View File

@ -22,7 +22,7 @@ NTSTATUS rpccli_netr_LogonSamLogon(struct rpc_pipe_client *cli,
struct netr_Authenticator *credential,
struct netr_Authenticator *return_authenticator,
uint16_t logon_level,
union netr_LogonLevel logon,
union netr_LogonLevel *logon,
uint16_t validation_level,
union netr_Validation *validation,
uint8_t *authoritative);
@ -38,33 +38,35 @@ NTSTATUS rpccli_netr_ServerReqChallenge(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
const char *server_name,
const char *computer_name,
struct netr_Credential *credentials);
struct netr_Credential *credentials,
struct netr_Credential *return_credentials);
NTSTATUS rpccli_netr_ServerAuthenticate(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
const char *server_name,
const char *account_name,
enum netr_SchannelType secure_channel_type,
const char *computer_name,
struct netr_Credential *credentials);
struct netr_Credential *credentials,
struct netr_Credential *return_credentials);
NTSTATUS rpccli_netr_ServerPasswordSet(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
const char *server_name,
const char *account_name,
enum netr_SchannelType secure_channel_type,
const char *computer_name,
struct netr_Authenticator credential,
struct samr_Password new_password,
struct netr_Authenticator *return_authenticator);
struct netr_Authenticator *credential,
struct netr_Authenticator *return_authenticator,
struct samr_Password *new_password);
NTSTATUS rpccli_netr_DatabaseDeltas(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
const char *logon_server,
const char *computername,
struct netr_Authenticator credential,
struct netr_Authenticator *credential,
struct netr_Authenticator *return_authenticator,
enum netr_SamDatabaseID database_id,
uint64_t *sequence_num,
uint32_t preferredmaximumlength,
struct netr_DELTA_ENUM_ARRAY *delta_enum_array);
struct netr_DELTA_ENUM_ARRAY **delta_enum_array,
uint32_t preferredmaximumlength);
NTSTATUS rpccli_netr_DatabaseSync(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
const char *logon_server,
@ -127,7 +129,7 @@ NTSTATUS rpccli_netr_LogonControl2(struct rpc_pipe_client *cli,
const char *logon_server,
uint32_t function_code,
uint32_t level,
union netr_CONTROL_DATA_INFORMATION data,
union netr_CONTROL_DATA_INFORMATION *data,
union netr_CONTROL_QUERY_INFORMATION *query,
WERROR *werror);
NTSTATUS rpccli_netr_ServerAuthenticate2(struct rpc_pipe_client *cli,
@ -137,18 +139,19 @@ NTSTATUS rpccli_netr_ServerAuthenticate2(struct rpc_pipe_client *cli,
enum netr_SchannelType secure_channel_type,
const char *computer_name,
struct netr_Credential *credentials,
struct netr_Credential *return_credentials,
uint32_t *negotiate_flags);
NTSTATUS rpccli_netr_DatabaseSync2(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
const char *logon_server,
const char *computername,
struct netr_Authenticator credential,
struct netr_Authenticator *credential,
struct netr_Authenticator *return_authenticator,
enum netr_SamDatabaseID database_id,
uint16_t restart_state,
uint32_t *sync_context,
uint32_t preferredmaximumlength,
struct netr_DELTA_ENUM_ARRAY *delta_enum_array);
struct netr_DELTA_ENUM_ARRAY **delta_enum_array,
uint32_t preferredmaximumlength);
NTSTATUS rpccli_netr_DatabaseRedo(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
const char *logon_server,
@ -295,7 +298,7 @@ NTSTATUS rpccli_netr_LogonSamLogonEx(struct rpc_pipe_client *cli,
const char *server_name,
const char *computer_name,
uint16_t logon_level,
union netr_LogonLevel logon,
union netr_LogonLevel *logon,
uint16_t validation_level,
union netr_Validation *validation,
uint8_t *authoritative,

Some files were not shown because too many files have changed in this diff Show More