sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-22 22:04:08 +03:00
Code

r15938: Extend userinfo call with one optional stage - lookup for

Browse Source 
username to resolve it to a rid, when a sid argument is not
explicitly provided.

rafal
(This used to be commit 9bc4ef267c3d6720422e2a2f7f2c1572ba694d2d)
This commit is contained in:
Rafal Szczesniak 2006-05-29 21:58:53 +00:00 committed by Gerald (Jerry) Carter
parent ab7d25c4d1
commit 95399b1e66
1 changed files with 84 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

103
source4/libnet/userinfo.c
View File

@ -32,14 +32,16 @@
static void userinfo_handler(struct rpc_request *req);
enum userinfo_stage { USERINFO_OPENUSER, USERINFO_GETUSER, USERINFO_CLOSEUSER };
enum userinfo_stage { USERINFO_LOOKUP, USERINFO_OPENUSER, USERINFO_GETUSER, USERINFO_CLOSEUSER };
struct userinfo_state {
enum userinfo_stage stage;
struct dcerpc_pipe *pipe;
struct rpc_request *req;
struct policy_handle domain_handle;
struct policy_handle user_handle;
uint16_t level;
struct samr_LookupNames lookup;
struct samr_OpenUser openuser;
struct samr_QueryUserInfo queryuserinfo;
struct samr_Close samrclose;
@ -51,7 +53,46 @@ struct userinfo_state {
/**
* Stage 1: Open user policy handle in SAM server.
* Stage 1 (optional): Look for a username in SAM server.
*/
static NTSTATUS userinfo_lookup(struct composite_context *c,
struct userinfo_state *s)
{
/* receive samr_Lookup reply */
c->status = dcerpc_ndr_request_recv(s->req);
NT_STATUS_NOT_OK_RETURN(c->status);
/* have we actually got name resolved
- we're looking for only one at the moment */
if (s->lookup.out.rids.count == 0) {
return NT_STATUS_NO_SUCH_USER;
}
/* TODO: find proper status code for more than one rid found */
/* prepare parameters for LookupNames */
s->openuser.in.domain_handle = &s->domain_handle;
s->openuser.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
s->openuser.in.rid = s->lookup.out.rids.ids[0];
s->openuser.out.user_handle = &s->user_handle;
/* send request */
s->req = dcerpc_samr_OpenUser_send(s->pipe, c, &s->openuser);
if (s->req == NULL) goto failure;
s->req->async.callback = userinfo_handler;
s->req->async.private = c;
s->stage = USERINFO_OPENUSER;
return NT_STATUS_OK;
failure:
return NT_STATUS_UNSUCCESSFUL;
}
/**
* Stage 2: Open user policy handle.
*/
static NTSTATUS userinfo_openuser(struct composite_context *c,
struct userinfo_state *s)
@ -80,7 +121,7 @@ failure:
/**
* Stage 2: Get requested user information.
* Stage 3: Get requested user information.
*/
static NTSTATUS userinfo_getuser(struct composite_context *c,
struct userinfo_state *s)
@ -107,7 +148,7 @@ static NTSTATUS userinfo_getuser(struct composite_context *c,
/**
* Stage 3: Close policy handle associated with opened user.
* Stage 4: Close policy handle associated with opened user.
*/
static NTSTATUS userinfo_closeuser(struct composite_context *c,
struct userinfo_state *s)
@ -139,6 +180,10 @@ static void userinfo_handler(struct rpc_request *req)
/* Stages of the call */
switch (s->stage) {
case USERINFO_LOOKUP:
c->status = userinfo_lookup(c, s);
break;
case USERINFO_OPENUSER:
c->status = userinfo_openuser(c, s);
@ -208,29 +253,49 @@ struct composite_context *libnet_rpc_userinfo_send(struct dcerpc_pipe *p,
s = talloc_zero(c, struct userinfo_state);
if (s == NULL) goto failure;
s->level = io->in.level;
s->pipe = p;
s->monitor_fn = monitor;
sid = dom_sid_parse_talloc(s, io->in.sid);
if (sid == NULL) goto failure;
s->level = io->in.level;
s->pipe = p;
s->domain_handle = io->in.domain_handle;
s->monitor_fn = monitor;
c->state = COMPOSITE_STATE_IN_PROGRESS;
c->private_data = s;
c->event_ctx = dcerpc_event_context(p);
/* preparing parameters to send rpc request */
s->openuser.in.domain_handle = &io->in.domain_handle;
s->openuser.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
s->openuser.in.rid = sid->sub_auths[sid->num_auths - 1];
s->openuser.out.user_handle = &s->user_handle;
if (io->in.sid) {
sid = dom_sid_parse_talloc(s, io->in.sid);
if (sid == NULL) goto failure;
/* send request */
s->req = dcerpc_samr_OpenUser_send(p, c, &s->openuser);
s->openuser.in.domain_handle = &s->domain_handle;
s->openuser.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
s->openuser.in.rid = sid->sub_auths[sid->num_auths - 1];
s->openuser.out.user_handle = &s->user_handle;
/* send request */
s->req = dcerpc_samr_OpenUser_send(p, c, &s->openuser);
if (s->req == NULL) goto failure;
s->stage = USERINFO_OPENUSER;
} else {
/* preparing parameters to send rpc request */
s->lookup.in.domain_handle = &s->domain_handle;
s->lookup.in.num_names = 1;
s->lookup.in.names = talloc_array(s, struct lsa_String, 1);
if (composite_nomem(s->lookup.in.names, c)) return c;
s->lookup.in.names[0].string = talloc_strdup(s, io->in.username);
/* send request */
s->req = dcerpc_samr_LookupNames_send(p, c, &s->lookup);
if (s->req == NULL) goto failure;
s->stage = USERINFO_LOOKUP;
}
/* callback handler */
s->req->async.callback = userinfo_handler;
s->req->async.private = c;
s->stage = USERINFO_OPENUSER;
s->req->async.private = c;
return c;