mirror of
https://github.com/samba-team/samba.git
synced 2025-01-12 09:18:10 +03:00
lsa_lookup_sids command added. severe debugging needed on lookup_sids
code. added "quality of service" capability to lsa_open_policy code.
different lsa_open_policy queries are *not* dealt with in the server code.
answers like "0xC000 0022" - access denied - will have to be made to
lsa_lookup_sids calls when a "quality of service" request is *not* specified
in the lsa_open_policy call.
(This used to be commit 299a723d4e
)
This commit is contained in:
parent
88460e63c5
commit
d8f609aeeb
@ -1204,7 +1204,13 @@ BOOL cli_nt_logoff(struct cli_state *cli, NET_ID_INFO_CTR *ctr);
|
|||||||
/*The following definitions come from rpc_client/cli_lsarpc.c */
|
/*The following definitions come from rpc_client/cli_lsarpc.c */
|
||||||
|
|
||||||
BOOL do_lsa_open_policy(struct cli_state *cli,
|
BOOL do_lsa_open_policy(struct cli_state *cli,
|
||||||
char *server_name, POLICY_HND *hnd);
|
char *server_name, POLICY_HND *hnd,
|
||||||
|
BOOL sec_qos);
|
||||||
|
BOOL do_lsa_lookup_sids(struct cli_state *cli,
|
||||||
|
POLICY_HND *hnd,
|
||||||
|
int num_sids,
|
||||||
|
DOM_SID **sids,
|
||||||
|
char **names);
|
||||||
BOOL do_lsa_query_info_pol(struct cli_state *cli,
|
BOOL do_lsa_query_info_pol(struct cli_state *cli,
|
||||||
POLICY_HND *hnd, uint16 info_class,
|
POLICY_HND *hnd, uint16 info_class,
|
||||||
fstring domain_name, fstring domain_sid);
|
fstring domain_name, fstring domain_sid);
|
||||||
@ -1274,10 +1280,13 @@ BOOL do_wks_query_info(struct cli_state *cli,
|
|||||||
/*The following definitions come from rpc_parse/parse_lsa.c */
|
/*The following definitions come from rpc_parse/parse_lsa.c */
|
||||||
|
|
||||||
void make_lsa_trans_name(LSA_TRANS_NAME *trn, uint32 sid_name_use, char *name, uint32 idx);
|
void make_lsa_trans_name(LSA_TRANS_NAME *trn, uint32 sid_name_use, char *name, uint32 idx);
|
||||||
void make_lsa_obj_attr(LSA_OBJ_ATTR *attr, uint32 attributes, uint32 sec_qos);
|
void make_lsa_sec_qos(LSA_SEC_QOS *qos, uint16 imp_lev, uint8 ctxt, uint8 eff,
|
||||||
|
uint32 unknown);
|
||||||
|
void make_lsa_obj_attr(LSA_OBJ_ATTR *attr, uint32 attributes, LSA_SEC_QOS *qos);
|
||||||
void make_q_open_pol(LSA_Q_OPEN_POL *r_q, char *server_name,
|
void make_q_open_pol(LSA_Q_OPEN_POL *r_q, char *server_name,
|
||||||
uint32 attributes, uint32 sec_qos,
|
uint32 attributes,
|
||||||
uint32 desired_access);
|
uint32 desired_access,
|
||||||
|
LSA_SEC_QOS *qos);
|
||||||
void lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, int depth);
|
void lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, int depth);
|
||||||
void lsa_io_r_open_pol(char *desc, LSA_R_OPEN_POL *r_p, prs_struct *ps, int depth);
|
void lsa_io_r_open_pol(char *desc, LSA_R_OPEN_POL *r_p, prs_struct *ps, int depth);
|
||||||
void make_q_query(LSA_Q_QUERY_INFO *q_q, POLICY_HND *hnd, uint16 info_class);
|
void make_q_query(LSA_Q_QUERY_INFO *q_q, POLICY_HND *hnd, uint16 info_class);
|
||||||
@ -1288,6 +1297,10 @@ void make_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM *r_e,
|
|||||||
uint32 status);
|
uint32 status);
|
||||||
void lsa_io_r_enum_trust_dom(char *desc, LSA_R_ENUM_TRUST_DOM *r_e, prs_struct *ps, int depth);
|
void lsa_io_r_enum_trust_dom(char *desc, LSA_R_ENUM_TRUST_DOM *r_e, prs_struct *ps, int depth);
|
||||||
void lsa_io_r_query(char *desc, LSA_R_QUERY_INFO *r_q, prs_struct *ps, int depth);
|
void lsa_io_r_query(char *desc, LSA_R_QUERY_INFO *r_q, prs_struct *ps, int depth);
|
||||||
|
void make_lsa_sid_enum(LSA_SID_ENUM *sen, int num_entries, DOM_SID **sids);
|
||||||
|
void make_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd,
|
||||||
|
int num_sids, DOM_SID **sids,
|
||||||
|
uint16 level);
|
||||||
void lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, prs_struct *ps, int depth);
|
void lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, prs_struct *ps, int depth);
|
||||||
void lsa_io_r_lookup_sids(char *desc, LSA_R_LOOKUP_SIDS *r_s, prs_struct *ps, int depth);
|
void lsa_io_r_lookup_sids(char *desc, LSA_R_LOOKUP_SIDS *r_s, prs_struct *ps, int depth);
|
||||||
void lsa_io_q_lookup_rids(char *desc, LSA_Q_LOOKUP_RIDS *q_r, prs_struct *ps, int depth);
|
void lsa_io_q_lookup_rids(char *desc, LSA_Q_LOOKUP_RIDS *q_r, prs_struct *ps, int depth);
|
||||||
@ -1779,6 +1792,7 @@ BOOL api_wkssvc_rpc(pipes_struct *p, prs_struct *data);
|
|||||||
/*The following definitions come from rpcclient/cmd_lsarpc.c */
|
/*The following definitions come from rpcclient/cmd_lsarpc.c */
|
||||||
|
|
||||||
void cmd_lsa_query_info(struct client_info *info);
|
void cmd_lsa_query_info(struct client_info *info);
|
||||||
|
void cmd_lsa_lookup_sids(struct client_info *info);
|
||||||
|
|
||||||
/*The following definitions come from rpcclient/cmd_samr.c */
|
/*The following definitions come from rpcclient/cmd_samr.c */
|
||||||
|
|
||||||
|
@ -64,6 +64,15 @@ typedef struct dom_query_info
|
|||||||
typedef DOM_QUERY DOM_QUERY_3;
|
typedef DOM_QUERY DOM_QUERY_3;
|
||||||
typedef DOM_QUERY DOM_QUERY_5;
|
typedef DOM_QUERY DOM_QUERY_5;
|
||||||
|
|
||||||
|
typedef struct seq_qos_info
|
||||||
|
{
|
||||||
|
uint32 len; /* 12 */
|
||||||
|
uint16 sec_imp_level; /* 0x02 - impersonation level */
|
||||||
|
uint8 sec_ctxt_mode; /* 0x01 - context tracking mode */
|
||||||
|
uint8 effective_only; /* 0x00 - effective only */
|
||||||
|
uint32 unknown; /* 0x2000 0000 - not known */
|
||||||
|
|
||||||
|
} LSA_SEC_QOS;
|
||||||
|
|
||||||
typedef struct obj_attr_info
|
typedef struct obj_attr_info
|
||||||
{
|
{
|
||||||
@ -72,7 +81,8 @@ typedef struct obj_attr_info
|
|||||||
uint32 ptr_obj_name; /* 0 - object name (pointer) */
|
uint32 ptr_obj_name; /* 0 - object name (pointer) */
|
||||||
uint32 attributes; /* 0 - attributes (undocumented) */
|
uint32 attributes; /* 0 - attributes (undocumented) */
|
||||||
uint32 ptr_sec_desc; /* 0 - security descriptior (pointer) */
|
uint32 ptr_sec_desc; /* 0 - security descriptior (pointer) */
|
||||||
uint32 sec_qos; /* 0 - security quality of service */
|
uint32 ptr_sec_qos; /* security quality of service */
|
||||||
|
LSA_SEC_QOS *sec_qos;
|
||||||
|
|
||||||
} LSA_OBJ_ATTR;
|
} LSA_OBJ_ATTR;
|
||||||
|
|
||||||
@ -165,33 +175,44 @@ typedef struct lsa_r_close_info
|
|||||||
|
|
||||||
#define MAX_REF_DOMAINS 10
|
#define MAX_REF_DOMAINS 10
|
||||||
|
|
||||||
|
/* DOM_TRUST_HDR */
|
||||||
|
typedef struct dom_trust_hdr
|
||||||
|
{
|
||||||
|
UNIHDR hdr_dom_name; /* referenced domain unicode string headers */
|
||||||
|
uint32 ptr_dom_sid;
|
||||||
|
|
||||||
|
} DOM_TRUST_HDR;
|
||||||
|
|
||||||
|
/* DOM_TRUST_INFO */
|
||||||
|
typedef struct dom_trust_info
|
||||||
|
{
|
||||||
|
UNISTR2 uni_dom_name; /* domain name unicode string */
|
||||||
|
DOM_SID2 ref_dom ; /* referenced domain SID */
|
||||||
|
|
||||||
|
} DOM_TRUST_INFO;
|
||||||
|
|
||||||
/* DOM_R_REF */
|
/* DOM_R_REF */
|
||||||
typedef struct dom_ref_info
|
typedef struct dom_ref_info
|
||||||
{
|
{
|
||||||
uint32 undoc_buffer; /* undocumented buffer pointer. */
|
uint32 undoc_buffer; /* undocumented buffer pointer. */
|
||||||
uint32 num_ref_doms_1; /* num referenced domains */
|
uint32 num_ref_doms_1; /* num referenced domains */
|
||||||
uint32 buffer_dom_name; /* undocumented domain name buffer pointer. */
|
uint32 undoc_buffer2; /* undocumented domain name buffer pointer. */
|
||||||
uint32 max_entries; /* 32 - max number of entries */
|
uint32 max_entries; /* 32 - max number of entries */
|
||||||
uint32 num_ref_doms_2; /* num referenced domains */
|
uint32 num_ref_doms_2; /* num referenced domains */
|
||||||
|
|
||||||
|
DOM_TRUST_HDR hdr_ref_dom[MAX_REF_DOMAINS]; /* referenced domains */
|
||||||
UNIHDR2 hdr_dom_name; /* domain name unicode string header */
|
DOM_TRUST_INFO ref_dom [MAX_REF_DOMAINS]; /* referenced domains */
|
||||||
UNIHDR2 hdr_ref_dom[MAX_REF_DOMAINS]; /* referenced domain unicode string headers */
|
|
||||||
|
|
||||||
UNISTR uni_dom_name; /* domain name unicode string */
|
|
||||||
DOM_SID2 ref_dom[MAX_REF_DOMAINS]; /* referenced domain SIDs */
|
|
||||||
|
|
||||||
} DOM_R_REF;
|
} DOM_R_REF;
|
||||||
|
|
||||||
|
/* the domain_idx points to a SID associated with the name */
|
||||||
|
|
||||||
/* LSA_TRANS_NAME - translated name */
|
/* LSA_TRANS_NAME - translated name */
|
||||||
typedef struct lsa_trans_name_info
|
typedef struct lsa_trans_name_info
|
||||||
{
|
{
|
||||||
uint32 sid_name_use; /* value is 5 for a well-known group; 2 for a domain group; 1 for a user... */
|
uint32 sid_name_use; /* value is 5 for a well-known group; 2 for a domain group; 1 for a user... */
|
||||||
|
|
||||||
UNIHDR hdr_name;
|
UNIHDR hdr_name;
|
||||||
UNISTR2 uni_name;
|
uint32 domain_idx; /* index into DOM_R_REF array of SIDs */
|
||||||
|
|
||||||
uint32 domain_idx;
|
|
||||||
|
|
||||||
} LSA_TRANS_NAME;
|
} LSA_TRANS_NAME;
|
||||||
|
|
||||||
@ -204,8 +225,8 @@ typedef struct lsa_trans_name_enum_info
|
|||||||
uint32 ptr_trans_names;
|
uint32 ptr_trans_names;
|
||||||
uint32 num_entries2;
|
uint32 num_entries2;
|
||||||
|
|
||||||
uint32 ptr_name[MAX_LOOKUP_SIDS]; /* translated name pointers */
|
|
||||||
LSA_TRANS_NAME name [MAX_LOOKUP_SIDS]; /* translated names */
|
LSA_TRANS_NAME name [MAX_LOOKUP_SIDS]; /* translated names */
|
||||||
|
UNISTR2 uni_name[MAX_LOOKUP_SIDS];
|
||||||
|
|
||||||
} LSA_TRANS_NAME_ENUM;
|
} LSA_TRANS_NAME_ENUM;
|
||||||
|
|
||||||
@ -224,7 +245,7 @@ typedef struct lsa_sid_enum_info
|
|||||||
/* LSA_Q_LOOKUP_SIDS - LSA Lookup SIDs */
|
/* LSA_Q_LOOKUP_SIDS - LSA Lookup SIDs */
|
||||||
typedef struct lsa_q_lookup_sids
|
typedef struct lsa_q_lookup_sids
|
||||||
{
|
{
|
||||||
POLICY_HND pol_hnd; /* policy handle */
|
POLICY_HND pol; /* policy handle */
|
||||||
LSA_SID_ENUM sids;
|
LSA_SID_ENUM sids;
|
||||||
LSA_TRANS_NAME_ENUM names;
|
LSA_TRANS_NAME_ENUM names;
|
||||||
LOOKUP_LEVEL level;
|
LOOKUP_LEVEL level;
|
||||||
@ -257,7 +278,7 @@ typedef struct dom_name_info
|
|||||||
/* LSA_Q_LOOKUP_RIDS - LSA Lookup RIDs */
|
/* LSA_Q_LOOKUP_RIDS - LSA Lookup RIDs */
|
||||||
typedef struct lsa_q_lookup_rids
|
typedef struct lsa_q_lookup_rids
|
||||||
{
|
{
|
||||||
POLICY_HND pol_hnd; /* policy handle */
|
POLICY_HND pol; /* policy handle */
|
||||||
uint32 num_entries;
|
uint32 num_entries;
|
||||||
uint32 num_entries2;
|
uint32 num_entries2;
|
||||||
uint32 buffer_dom_sid; /* undocumented domain SID buffer pointer */
|
uint32 buffer_dom_sid; /* undocumented domain SID buffer pointer */
|
||||||
|
@ -113,37 +113,38 @@ static void lsa_reply_query_info(LSA_Q_QUERY_INFO *q_q, prs_struct *rdata,
|
|||||||
lsa_io_r_query("", &r_q, rdata, 0);
|
lsa_io_r_query("", &r_q, rdata, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/***************************************************************************
|
/***************************************************************************
|
||||||
make_dom_ref
|
make_dom_ref
|
||||||
|
|
||||||
pretty much hard-coded choice of "other" sids, unfortunately...
|
|
||||||
|
|
||||||
***************************************************************************/
|
***************************************************************************/
|
||||||
static void make_dom_ref(DOM_R_REF *ref, char *dom_name, DOM_SID *dom_sid,
|
static void make_dom_ref(DOM_R_REF *ref, int num_domains,
|
||||||
DOM_SID *other_sid1, DOM_SID *other_sid2, DOM_SID *other_sid3)
|
char **dom_names, DOM_SID **dom_sids)
|
||||||
|
|
||||||
{
|
{
|
||||||
int len_dom_name = strlen(dom_name);
|
int i;
|
||||||
|
|
||||||
ref->undoc_buffer = 1;
|
if (num_domains > MAX_REF_DOMAINS)
|
||||||
ref->num_ref_doms_1 = 4;
|
|
||||||
ref->buffer_dom_name = 1;
|
|
||||||
ref->max_entries = 32;
|
|
||||||
ref->num_ref_doms_2 = 4;
|
|
||||||
|
|
||||||
make_uni_hdr2(&(ref->hdr_dom_name ), len_dom_name , len_dom_name , 0);
|
|
||||||
make_uni_hdr2(&(ref->hdr_ref_dom[0]), sizeof(DOM_SID), sizeof(DOM_SID), 0);
|
|
||||||
make_uni_hdr2(&(ref->hdr_ref_dom[1]), sizeof(DOM_SID), sizeof(DOM_SID), 0);
|
|
||||||
make_uni_hdr2(&(ref->hdr_ref_dom[2]), sizeof(DOM_SID), sizeof(DOM_SID), 0);
|
|
||||||
|
|
||||||
if (dom_name != NULL)
|
|
||||||
{
|
{
|
||||||
make_unistr(&(ref->uni_dom_name), dom_name);
|
num_domains = MAX_REF_DOMAINS;
|
||||||
|
}
|
||||||
|
|
||||||
|
ref->undoc_buffer = 1;
|
||||||
|
ref->num_ref_doms_1 = num_domains;
|
||||||
|
ref->undoc_buffer2 = 1;
|
||||||
|
ref->max_entries = MAX_REF_DOMAINS;
|
||||||
|
ref->num_ref_doms_2 = num_domains;
|
||||||
|
|
||||||
|
for (i = 0; i < num_domains; i++)
|
||||||
|
{
|
||||||
|
int len = dom_names[i] != NULL ? strlen(dom_names[i]) : 0;
|
||||||
|
|
||||||
|
make_uni_hdr(&(ref->hdr_ref_dom[i].hdr_dom_name), len, len, len != 0 ? 1 : 0);
|
||||||
|
ref->hdr_ref_dom[i].ptr_dom_sid = dom_sids[i] != NULL ? 1 : 0;
|
||||||
|
|
||||||
|
make_unistr2 (&(ref->ref_dom[i].uni_dom_name), dom_names[i], len);
|
||||||
|
make_dom_sid2(&(ref->ref_dom[i].ref_dom ), dom_sids [i]);
|
||||||
}
|
}
|
||||||
|
|
||||||
make_dom_sid2(&(ref->ref_dom[0]), dom_sid );
|
|
||||||
make_dom_sid2(&(ref->ref_dom[1]), other_sid1);
|
|
||||||
make_dom_sid2(&(ref->ref_dom[2]), other_sid2);
|
|
||||||
make_dom_sid2(&(ref->ref_dom[3]), other_sid3);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/***************************************************************************
|
/***************************************************************************
|
||||||
@ -151,13 +152,12 @@ make_reply_lookup_rids
|
|||||||
***************************************************************************/
|
***************************************************************************/
|
||||||
static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS *r_l,
|
static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS *r_l,
|
||||||
int num_entries, uint32 dom_rids[MAX_LOOKUP_SIDS],
|
int num_entries, uint32 dom_rids[MAX_LOOKUP_SIDS],
|
||||||
char *dom_name, DOM_SID *dom_sid,
|
int num_ref_doms,
|
||||||
DOM_SID *other_sid1, DOM_SID *other_sid2, DOM_SID *other_sid3)
|
char **dom_names, DOM_SID **dom_sids)
|
||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
make_dom_ref(&(r_l->dom_ref), dom_name, dom_sid,
|
make_dom_ref(&(r_l->dom_ref), num_ref_doms, dom_names, dom_sids);
|
||||||
other_sid1, other_sid2, other_sid3);
|
|
||||||
|
|
||||||
r_l->num_entries = num_entries;
|
r_l->num_entries = num_entries;
|
||||||
r_l->undoc_buffer = 1;
|
r_l->undoc_buffer = 1;
|
||||||
@ -193,9 +193,6 @@ static void make_lsa_trans_names(LSA_TRANS_NAME_ENUM *trn,
|
|||||||
fstring name;
|
fstring name;
|
||||||
uint32 type;
|
uint32 type;
|
||||||
|
|
||||||
trn->ptr_name[i] = 0;
|
|
||||||
trn->ptr_name[(*total)] = 0;
|
|
||||||
|
|
||||||
SMB_ASSERT_ARRAY(sid[i].sid.sub_auths, num_auths);
|
SMB_ASSERT_ARRAY(sid[i].sid.sub_auths, num_auths);
|
||||||
|
|
||||||
/* find the rid to look up */
|
/* find the rid to look up */
|
||||||
@ -212,7 +209,6 @@ static void make_lsa_trans_names(LSA_TRANS_NAME_ENUM *trn,
|
|||||||
|
|
||||||
if (status == 0x0)
|
if (status == 0x0)
|
||||||
{
|
{
|
||||||
trn->ptr_name[i] = 1;
|
|
||||||
make_lsa_trans_name(&(trn->name[(*total)]), type, name, (*total));
|
make_lsa_trans_name(&(trn->name[(*total)]), type, name, (*total));
|
||||||
(*total)++;
|
(*total)++;
|
||||||
}
|
}
|
||||||
@ -241,8 +237,8 @@ lsa_reply_lookup_sids
|
|||||||
***************************************************************************/
|
***************************************************************************/
|
||||||
static void lsa_reply_lookup_sids(prs_struct *rdata,
|
static void lsa_reply_lookup_sids(prs_struct *rdata,
|
||||||
int num_entries, DOM_SID2 sid[MAX_LOOKUP_SIDS],
|
int num_entries, DOM_SID2 sid[MAX_LOOKUP_SIDS],
|
||||||
char *dom_name, DOM_SID *dom_sid,
|
int num_ref_doms,
|
||||||
DOM_SID *other_sid1, DOM_SID *other_sid2, DOM_SID *other_sid3)
|
char **dom_names, DOM_SID **dom_sids)
|
||||||
{
|
{
|
||||||
LSA_R_LOOKUP_SIDS r_l;
|
LSA_R_LOOKUP_SIDS r_l;
|
||||||
DOM_R_REF ref;
|
DOM_R_REF ref;
|
||||||
@ -254,7 +250,7 @@ static void lsa_reply_lookup_sids(prs_struct *rdata,
|
|||||||
ZERO_STRUCT(names);
|
ZERO_STRUCT(names);
|
||||||
|
|
||||||
/* set up the LSA Lookup SIDs response */
|
/* set up the LSA Lookup SIDs response */
|
||||||
make_dom_ref(&ref, dom_name, dom_sid, other_sid1, other_sid2, other_sid3);
|
make_dom_ref(&ref, num_ref_doms, dom_names, dom_sids);
|
||||||
make_lsa_trans_names(&names, num_entries, sid, &mapped_count);
|
make_lsa_trans_names(&names, num_entries, sid, &mapped_count);
|
||||||
make_reply_lookup_sids(&r_l, &ref, &names, mapped_count, 0x0);
|
make_reply_lookup_sids(&r_l, &ref, &names, mapped_count, 0x0);
|
||||||
|
|
||||||
@ -267,8 +263,8 @@ lsa_reply_lookup_rids
|
|||||||
***************************************************************************/
|
***************************************************************************/
|
||||||
static void lsa_reply_lookup_rids(prs_struct *rdata,
|
static void lsa_reply_lookup_rids(prs_struct *rdata,
|
||||||
int num_entries, uint32 dom_rids[MAX_LOOKUP_SIDS],
|
int num_entries, uint32 dom_rids[MAX_LOOKUP_SIDS],
|
||||||
char *dom_name, DOM_SID *dom_sid,
|
int num_ref_doms,
|
||||||
DOM_SID *other_sid1, DOM_SID *other_sid2, DOM_SID *other_sid3)
|
char **dom_names, DOM_SID **dom_sids)
|
||||||
{
|
{
|
||||||
LSA_R_LOOKUP_RIDS r_l;
|
LSA_R_LOOKUP_RIDS r_l;
|
||||||
|
|
||||||
@ -276,7 +272,7 @@ static void lsa_reply_lookup_rids(prs_struct *rdata,
|
|||||||
|
|
||||||
/* set up the LSA Lookup RIDs response */
|
/* set up the LSA Lookup RIDs response */
|
||||||
make_reply_lookup_rids(&r_l, num_entries, dom_rids,
|
make_reply_lookup_rids(&r_l, num_entries, dom_rids,
|
||||||
dom_name, dom_sid, other_sid1, other_sid2, other_sid3);
|
num_ref_doms, dom_names, dom_sids);
|
||||||
r_l.status = 0x0;
|
r_l.status = 0x0;
|
||||||
|
|
||||||
/* store the response in the SMB stream */
|
/* store the response in the SMB stream */
|
||||||
@ -351,6 +347,9 @@ static void api_lsa_lookup_sids( uint16 vuid, prs_struct *data,
|
|||||||
DOM_SID sid_S_1_3;
|
DOM_SID sid_S_1_3;
|
||||||
DOM_SID sid_S_1_5;
|
DOM_SID sid_S_1_5;
|
||||||
|
|
||||||
|
DOM_SID *sid_array[4];
|
||||||
|
char *dom_names[4];
|
||||||
|
|
||||||
ZERO_STRUCT(q_l);
|
ZERO_STRUCT(q_l);
|
||||||
ZERO_STRUCT(sid_S_1_1);
|
ZERO_STRUCT(sid_S_1_1);
|
||||||
ZERO_STRUCT(sid_S_1_3);
|
ZERO_STRUCT(sid_S_1_3);
|
||||||
@ -365,11 +364,22 @@ static void api_lsa_lookup_sids( uint16 vuid, prs_struct *data,
|
|||||||
string_to_sid(&sid_S_1_3, "S-1-3");
|
string_to_sid(&sid_S_1_3, "S-1-3");
|
||||||
string_to_sid(&sid_S_1_5, "S-1-5");
|
string_to_sid(&sid_S_1_5, "S-1-5");
|
||||||
|
|
||||||
|
dom_names[0] = dom_name;
|
||||||
|
sid_array[0] = &global_machine_sid;
|
||||||
|
|
||||||
|
dom_names[1] = "Everyone";
|
||||||
|
sid_array[1] = &sid_S_1_1;
|
||||||
|
|
||||||
|
dom_names[2] = "don't know";
|
||||||
|
sid_array[2] = &sid_S_1_3;
|
||||||
|
|
||||||
|
dom_names[3] = "NT AUTHORITY";
|
||||||
|
sid_array[3] = &sid_S_1_5;
|
||||||
|
|
||||||
/* construct reply. return status is always 0x0 */
|
/* construct reply. return status is always 0x0 */
|
||||||
lsa_reply_lookup_sids(rdata,
|
lsa_reply_lookup_sids(rdata,
|
||||||
q_l.sids.num_entries, q_l.sids.sid, /* SIDs */
|
q_l.sids.num_entries, q_l.sids.sid, /* SIDs */
|
||||||
dom_name, &global_machine_sid, /* domain name, domain SID */
|
4, dom_names, sid_array);
|
||||||
&sid_S_1_1, &sid_S_1_3, &sid_S_1_5); /* the three other SIDs */
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/***************************************************************************
|
/***************************************************************************
|
||||||
@ -381,11 +391,15 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
|
|||||||
int i;
|
int i;
|
||||||
LSA_Q_LOOKUP_RIDS q_l;
|
LSA_Q_LOOKUP_RIDS q_l;
|
||||||
pstring dom_name;
|
pstring dom_name;
|
||||||
|
uint32 dom_rids[MAX_LOOKUP_SIDS];
|
||||||
|
uint32 dummy_g_rid;
|
||||||
|
|
||||||
DOM_SID sid_S_1_1;
|
DOM_SID sid_S_1_1;
|
||||||
DOM_SID sid_S_1_3;
|
DOM_SID sid_S_1_3;
|
||||||
DOM_SID sid_S_1_5;
|
DOM_SID sid_S_1_5;
|
||||||
uint32 dom_rids[MAX_LOOKUP_SIDS];
|
|
||||||
uint32 dummy_g_rid;
|
DOM_SID *sid_array[4];
|
||||||
|
char *dom_names[4];
|
||||||
|
|
||||||
ZERO_STRUCT(q_l);
|
ZERO_STRUCT(q_l);
|
||||||
ZERO_STRUCT(sid_S_1_1);
|
ZERO_STRUCT(sid_S_1_1);
|
||||||
@ -402,6 +416,18 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
|
|||||||
string_to_sid(&sid_S_1_3, "S-1-3");
|
string_to_sid(&sid_S_1_3, "S-1-3");
|
||||||
string_to_sid(&sid_S_1_5, "S-1-5");
|
string_to_sid(&sid_S_1_5, "S-1-5");
|
||||||
|
|
||||||
|
dom_names[0] = dom_name;
|
||||||
|
sid_array[0] = &global_machine_sid;
|
||||||
|
|
||||||
|
dom_names[1] = "Everyone";
|
||||||
|
sid_array[1] = &sid_S_1_1;
|
||||||
|
|
||||||
|
dom_names[2] = "don't know";
|
||||||
|
sid_array[2] = &sid_S_1_3;
|
||||||
|
|
||||||
|
dom_names[3] = "NT AUTHORITY";
|
||||||
|
sid_array[3] = &sid_S_1_5;
|
||||||
|
|
||||||
SMB_ASSERT_ARRAY(q_l.lookup_name, q_l.num_entries);
|
SMB_ASSERT_ARRAY(q_l.lookup_name, q_l.num_entries);
|
||||||
|
|
||||||
/* convert received RIDs to strings, so we can do them. */
|
/* convert received RIDs to strings, so we can do them. */
|
||||||
@ -429,8 +455,7 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
|
|||||||
/* construct reply. return status is always 0x0 */
|
/* construct reply. return status is always 0x0 */
|
||||||
lsa_reply_lookup_rids(rdata,
|
lsa_reply_lookup_rids(rdata,
|
||||||
q_l.num_entries, dom_rids, /* text-converted SIDs */
|
q_l.num_entries, dom_rids, /* text-converted SIDs */
|
||||||
dom_name, &global_machine_sid, /* domain name, domain SID */
|
4, dom_names, sid_array);
|
||||||
&sid_S_1_1, &sid_S_1_3, &sid_S_1_5); /* the three other SIDs */
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/***************************************************************************
|
/***************************************************************************
|
||||||
|
@ -36,11 +36,13 @@ extern int DEBUGLEVEL;
|
|||||||
do a LSA Open Policy
|
do a LSA Open Policy
|
||||||
****************************************************************************/
|
****************************************************************************/
|
||||||
BOOL do_lsa_open_policy(struct cli_state *cli,
|
BOOL do_lsa_open_policy(struct cli_state *cli,
|
||||||
char *server_name, POLICY_HND *hnd)
|
char *server_name, POLICY_HND *hnd,
|
||||||
|
BOOL sec_qos)
|
||||||
{
|
{
|
||||||
prs_struct rbuf;
|
prs_struct rbuf;
|
||||||
prs_struct buf;
|
prs_struct buf;
|
||||||
LSA_Q_OPEN_POL q_o;
|
LSA_Q_OPEN_POL q_o;
|
||||||
|
LSA_SEC_QOS qos;
|
||||||
BOOL valid_pol = False;
|
BOOL valid_pol = False;
|
||||||
|
|
||||||
if (hnd == NULL) return False;
|
if (hnd == NULL) return False;
|
||||||
@ -53,7 +55,15 @@ BOOL do_lsa_open_policy(struct cli_state *cli,
|
|||||||
DEBUG(4,("LSA Open Policy\n"));
|
DEBUG(4,("LSA Open Policy\n"));
|
||||||
|
|
||||||
/* store the parameters */
|
/* store the parameters */
|
||||||
make_q_open_pol(&q_o, server_name, 0, 0, 0x1);
|
if (sec_qos)
|
||||||
|
{
|
||||||
|
make_lsa_sec_qos(&qos, 2, 1, 0, 0x20000000);
|
||||||
|
make_q_open_pol(&q_o, server_name, 0, 0, &qos);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
make_q_open_pol(&q_o, server_name, 0, 0x1, NULL);
|
||||||
|
}
|
||||||
|
|
||||||
/* turn parameters into data stream */
|
/* turn parameters into data stream */
|
||||||
lsa_io_q_open_pol("", &q_o, &buf, 0);
|
lsa_io_q_open_pol("", &q_o, &buf, 0);
|
||||||
@ -88,6 +98,69 @@ BOOL do_lsa_open_policy(struct cli_state *cli,
|
|||||||
return valid_pol;
|
return valid_pol;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/****************************************************************************
|
||||||
|
do a LSA Lookup SIDs
|
||||||
|
****************************************************************************/
|
||||||
|
BOOL do_lsa_lookup_sids(struct cli_state *cli,
|
||||||
|
POLICY_HND *hnd,
|
||||||
|
int num_sids,
|
||||||
|
DOM_SID **sids,
|
||||||
|
char **names)
|
||||||
|
{
|
||||||
|
prs_struct rbuf;
|
||||||
|
prs_struct buf;
|
||||||
|
LSA_Q_LOOKUP_SIDS q_l;
|
||||||
|
BOOL valid_response = False;
|
||||||
|
|
||||||
|
if (hnd == NULL || num_sids == 0 || sids == NULL) return False;
|
||||||
|
|
||||||
|
prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
|
||||||
|
prs_init(&rbuf, 0 , 4, SAFETY_MARGIN, True );
|
||||||
|
|
||||||
|
/* create and send a MSRPC command with api LSA_LOOKUP_SIDS */
|
||||||
|
|
||||||
|
DEBUG(4,("LSA Lookup SIDs\n"));
|
||||||
|
|
||||||
|
/* store the parameters */
|
||||||
|
make_q_lookup_sids(&q_l, hnd, num_sids, sids, 1);
|
||||||
|
|
||||||
|
/* turn parameters into data stream */
|
||||||
|
lsa_io_q_lookup_sids("", &q_l, &buf, 0);
|
||||||
|
|
||||||
|
/* send the data on \PIPE\ */
|
||||||
|
if (rpc_api_pipe_req(cli, LSA_LOOKUPSIDS, &buf, &rbuf))
|
||||||
|
{
|
||||||
|
LSA_R_LOOKUP_SIDS r_l;
|
||||||
|
DOM_R_REF ref;
|
||||||
|
LSA_TRANS_NAME_ENUM t_names;
|
||||||
|
BOOL p;
|
||||||
|
|
||||||
|
r_l.dom_ref = &ref;
|
||||||
|
r_l.names = &t_names;
|
||||||
|
|
||||||
|
lsa_io_r_lookup_sids("", &r_l, &rbuf, 0);
|
||||||
|
p = rbuf.offset != 0;
|
||||||
|
|
||||||
|
if (p && r_l.status != 0)
|
||||||
|
{
|
||||||
|
/* report error code */
|
||||||
|
DEBUG(0,("LSA_LOOKUP_SIDS: %s\n", get_nt_error_msg(r_l.status)));
|
||||||
|
p = False;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (p)
|
||||||
|
{
|
||||||
|
valid_response = True;
|
||||||
|
*names = NULL;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
prs_mem_free(&rbuf);
|
||||||
|
prs_mem_free(&buf );
|
||||||
|
|
||||||
|
return valid_response;
|
||||||
|
}
|
||||||
|
|
||||||
/****************************************************************************
|
/****************************************************************************
|
||||||
do a LSA Query Info Policy
|
do a LSA Query Info Policy
|
||||||
****************************************************************************/
|
****************************************************************************/
|
||||||
|
@ -37,7 +37,6 @@ void make_lsa_trans_name(LSA_TRANS_NAME *trn, uint32 sid_name_use, char *name, u
|
|||||||
|
|
||||||
trn->sid_name_use = sid_name_use;
|
trn->sid_name_use = sid_name_use;
|
||||||
make_uni_hdr(&(trn->hdr_name), len_name, len_name, len_name != 0);
|
make_uni_hdr(&(trn->hdr_name), len_name, len_name, len_name != 0);
|
||||||
make_unistr2(&(trn->uni_name), name, len_name);
|
|
||||||
trn->domain_idx = idx;
|
trn->domain_idx = idx;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -54,10 +53,7 @@ static void lsa_io_trans_name(char *desc, LSA_TRANS_NAME *trn, prs_struct *ps, i
|
|||||||
prs_align(ps);
|
prs_align(ps);
|
||||||
|
|
||||||
prs_uint32("sid_name_use", ps, depth, &(trn->sid_name_use));
|
prs_uint32("sid_name_use", ps, depth, &(trn->sid_name_use));
|
||||||
|
|
||||||
smb_io_unihdr ("hdr_name", &(trn->hdr_name), ps, depth);
|
smb_io_unihdr ("hdr_name", &(trn->hdr_name), ps, depth);
|
||||||
smb_io_unistr2("uni_name", &(trn->uni_name), trn->hdr_name.buffer, ps, depth);
|
|
||||||
|
|
||||||
prs_uint32("domain_idx ", ps, depth, &(trn->domain_idx ));
|
prs_uint32("domain_idx ", ps, depth, &(trn->domain_idx ));
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -66,7 +62,7 @@ reads or writes a DOM_R_REF structure.
|
|||||||
********************************************************************/
|
********************************************************************/
|
||||||
static void lsa_io_dom_r_ref(char *desc, DOM_R_REF *r_r, prs_struct *ps, int depth)
|
static void lsa_io_dom_r_ref(char *desc, DOM_R_REF *r_r, prs_struct *ps, int depth)
|
||||||
{
|
{
|
||||||
int i;
|
int i, s, n;
|
||||||
|
|
||||||
prs_debug(ps, depth, desc, "smb_io_dom_r_ref");
|
prs_debug(ps, depth, desc, "smb_io_dom_r_ref");
|
||||||
depth++;
|
depth++;
|
||||||
@ -75,28 +71,93 @@ static void lsa_io_dom_r_ref(char *desc, DOM_R_REF *r_r, prs_struct *ps, int de
|
|||||||
|
|
||||||
prs_align(ps);
|
prs_align(ps);
|
||||||
|
|
||||||
prs_uint32("undoc_buffer ", ps, depth, &(r_r->undoc_buffer)); /* undocumented buffer pointer. */
|
prs_uint32("undoc_buffer ", ps, depth, &(r_r->undoc_buffer )); /* undocumented buffer pointer. */
|
||||||
prs_uint32("num_ref_doms_1 ", ps, depth, &(r_r->num_ref_doms_1)); /* num referenced domains? */
|
prs_uint32("num_ref_doms_1", ps, depth, &(r_r->num_ref_doms_1)); /* num referenced domains? */
|
||||||
prs_uint32("buffer_dom_name", ps, depth, &(r_r->buffer_dom_name)); /* undocumented domain name buffer pointer. */
|
prs_uint32("undoc_buffer2 ", ps, depth, &(r_r->undoc_buffer2 )); /* undocumented buffer pointer. */
|
||||||
prs_uint32("max_entries ", ps, depth, &(r_r->max_entries)); /* 32 - max number of entries */
|
prs_uint32("max_entries ", ps, depth, &(r_r->max_entries )); /* 32 - max number of entries */
|
||||||
prs_uint32("num_ref_doms_2 ", ps, depth, &(r_r->num_ref_doms_2)); /* 4 - num referenced domains? */
|
prs_uint32("num_ref_doms_2", ps, depth, &(r_r->num_ref_doms_2)); /* 4 - num referenced domains? */
|
||||||
|
|
||||||
smb_io_unihdr2("", &(r_r->hdr_dom_name), ps, depth); /* domain name unicode string header */
|
|
||||||
|
|
||||||
SMB_ASSERT_ARRAY(r_r->hdr_ref_dom, r_r->num_ref_doms_1-1);
|
SMB_ASSERT_ARRAY(r_r->hdr_ref_dom, r_r->num_ref_doms_1-1);
|
||||||
|
|
||||||
for (i = 0; i < r_r->num_ref_doms_1-1; i++)
|
|
||||||
{
|
|
||||||
smb_io_unihdr2("", &(r_r->hdr_ref_dom[i]), ps, depth);
|
|
||||||
}
|
|
||||||
|
|
||||||
smb_io_unistr("", &(r_r->uni_dom_name), ps, depth); /* domain name unicode string */
|
|
||||||
|
|
||||||
SMB_ASSERT_ARRAY(r_r->ref_dom, r_r->num_ref_doms_2);
|
SMB_ASSERT_ARRAY(r_r->ref_dom, r_r->num_ref_doms_2);
|
||||||
|
|
||||||
for (i = 0; i < r_r->num_ref_doms_2; i++)
|
for (i = 0; i < r_r->num_ref_doms_1; i++)
|
||||||
{
|
{
|
||||||
smb_io_dom_sid2("", &(r_r->ref_dom[i]), ps, depth); /* referenced domain SIDs */
|
fstring t;
|
||||||
|
|
||||||
|
slprintf(t, sizeof(t) - 1, "dom_ref[%d] ", i);
|
||||||
|
smb_io_unihdr(t, &(r_r->hdr_ref_dom[i].hdr_dom_name), ps, depth);
|
||||||
|
|
||||||
|
slprintf(t, sizeof(t) - 1, "sid_ptr[%d] ", i);
|
||||||
|
prs_uint32(t, ps, depth, &(r_r->hdr_ref_dom[i].ptr_dom_sid));
|
||||||
|
}
|
||||||
|
|
||||||
|
for (i = 0, n = 0, s = 0; i < r_r->num_ref_doms_2; i++)
|
||||||
|
{
|
||||||
|
fstring t;
|
||||||
|
|
||||||
|
if (r_r->hdr_ref_dom[i].hdr_dom_name.buffer != 0)
|
||||||
|
{
|
||||||
|
slprintf(t, sizeof(t) - 1, "dom_ref[%d] ", i);
|
||||||
|
smb_io_unistr2(t, &(r_r->ref_dom[n].uni_dom_name), True, ps, depth); /* domain name unicode string */
|
||||||
|
n++;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (r_r->hdr_ref_dom[i].ptr_dom_sid != 0)
|
||||||
|
{
|
||||||
|
slprintf(t, sizeof(t) - 1, "sid_ptr[%d] ", i);
|
||||||
|
smb_io_dom_sid2("", &(r_r->ref_dom[s].ref_dom), ps, depth); /* referenced domain SIDs */
|
||||||
|
s++;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/*******************************************************************
|
||||||
|
makes an LSA_SEC_QOS structure.
|
||||||
|
********************************************************************/
|
||||||
|
void make_lsa_sec_qos(LSA_SEC_QOS *qos, uint16 imp_lev, uint8 ctxt, uint8 eff,
|
||||||
|
uint32 unknown)
|
||||||
|
{
|
||||||
|
if (qos == NULL) return;
|
||||||
|
|
||||||
|
DEBUG(5,("make_lsa_sec_qos\n"));
|
||||||
|
|
||||||
|
qos->len = 0x0c; /* length of quality of service block, in bytes */
|
||||||
|
qos->sec_imp_level = imp_lev;
|
||||||
|
qos->sec_ctxt_mode = ctxt;
|
||||||
|
qos->effective_only = eff;
|
||||||
|
qos->unknown = unknown;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*******************************************************************
|
||||||
|
reads or writes an LSA_SEC_QOS structure.
|
||||||
|
********************************************************************/
|
||||||
|
static void lsa_io_sec_qos(char *desc, LSA_SEC_QOS *qos, prs_struct *ps, int depth)
|
||||||
|
{
|
||||||
|
int start;
|
||||||
|
|
||||||
|
if (qos == NULL) return;
|
||||||
|
|
||||||
|
prs_debug(ps, depth, desc, "lsa_io_obj_qos");
|
||||||
|
depth++;
|
||||||
|
|
||||||
|
prs_align(ps);
|
||||||
|
|
||||||
|
start = ps->offset;
|
||||||
|
|
||||||
|
/* these pointers had _better_ be zero, because we don't know
|
||||||
|
what they point to!
|
||||||
|
*/
|
||||||
|
prs_uint32("len ", ps, depth, &(qos->len )); /* 0x18 - length (in bytes) inc. the length field. */
|
||||||
|
prs_uint16("sec_imp_level ", ps, depth, &(qos->sec_imp_level ));
|
||||||
|
prs_uint8 ("sec_ctxt_mode ", ps, depth, &(qos->sec_ctxt_mode ));
|
||||||
|
prs_uint8 ("effective_only", ps, depth, &(qos->effective_only));
|
||||||
|
prs_uint32("unknown ", ps, depth, &(qos->unknown ));
|
||||||
|
|
||||||
|
if (qos->len != ps->offset - start)
|
||||||
|
{
|
||||||
|
DEBUG(3,("lsa_io_sec_qos: length %x does not match size %x\n",
|
||||||
|
qos->len, ps->offset - start));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -104,7 +165,7 @@ static void lsa_io_dom_r_ref(char *desc, DOM_R_REF *r_r, prs_struct *ps, int de
|
|||||||
/*******************************************************************
|
/*******************************************************************
|
||||||
makes an LSA_OBJ_ATTR structure.
|
makes an LSA_OBJ_ATTR structure.
|
||||||
********************************************************************/
|
********************************************************************/
|
||||||
void make_lsa_obj_attr(LSA_OBJ_ATTR *attr, uint32 attributes, uint32 sec_qos)
|
void make_lsa_obj_attr(LSA_OBJ_ATTR *attr, uint32 attributes, LSA_SEC_QOS *qos)
|
||||||
{
|
{
|
||||||
if (attr == NULL) return;
|
if (attr == NULL) return;
|
||||||
|
|
||||||
@ -115,7 +176,17 @@ void make_lsa_obj_attr(LSA_OBJ_ATTR *attr, uint32 attributes, uint32 sec_qos)
|
|||||||
attr->ptr_obj_name = 0;
|
attr->ptr_obj_name = 0;
|
||||||
attr->attributes = attributes;
|
attr->attributes = attributes;
|
||||||
attr->ptr_sec_desc = 0;
|
attr->ptr_sec_desc = 0;
|
||||||
attr->sec_qos = sec_qos;
|
|
||||||
|
if (qos != NULL)
|
||||||
|
{
|
||||||
|
attr->ptr_sec_qos = 1;
|
||||||
|
attr->sec_qos = qos;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
attr->ptr_sec_qos = 0;
|
||||||
|
attr->sec_qos = NULL;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/*******************************************************************
|
/*******************************************************************
|
||||||
@ -137,37 +208,46 @@ static void lsa_io_obj_attr(char *desc, LSA_OBJ_ATTR *attr, prs_struct *ps, int
|
|||||||
/* these pointers had _better_ be zero, because we don't know
|
/* these pointers had _better_ be zero, because we don't know
|
||||||
what they point to!
|
what they point to!
|
||||||
*/
|
*/
|
||||||
prs_uint32("len" , ps, depth, &(attr->len )); /* 0x18 - length (in bytes) inc. the length field. */
|
prs_uint32("len ", ps, depth, &(attr->len )); /* 0x18 - length (in bytes) inc. the length field. */
|
||||||
prs_uint32("ptr_root_dir", ps, depth, &(attr->ptr_root_dir)); /* 0 - root directory (pointer) */
|
prs_uint32("ptr_root_dir", ps, depth, &(attr->ptr_root_dir)); /* 0 - root directory (pointer) */
|
||||||
prs_uint32("ptr_obj_name", ps, depth, &(attr->ptr_obj_name)); /* 0 - object name (pointer) */
|
prs_uint32("ptr_obj_name", ps, depth, &(attr->ptr_obj_name)); /* 0 - object name (pointer) */
|
||||||
prs_uint32("attributes" , ps, depth, &(attr->attributes )); /* 0 - attributes (undocumented) */
|
prs_uint32("attributes ", ps, depth, &(attr->attributes )); /* 0 - attributes (undocumented) */
|
||||||
prs_uint32("ptr_sec_desc", ps, depth, &(attr->ptr_sec_desc)); /* 0 - security descriptior (pointer) */
|
prs_uint32("ptr_sec_desc", ps, depth, &(attr->ptr_sec_desc)); /* 0 - security descriptior (pointer) */
|
||||||
prs_uint32("sec_qos" , ps, depth, &(attr->sec_qos )); /* 0 - security quality of service */
|
prs_uint32("ptr_sec_qos ", ps, depth, &(attr->ptr_sec_qos )); /* security quality of service (pointer) */
|
||||||
|
|
||||||
if (attr->len != ps->offset - start)
|
if (attr->len != ps->offset - start)
|
||||||
{
|
{
|
||||||
DEBUG(3,("lsa_io_obj_attr: length %x does not match size %x\n",
|
DEBUG(3,("lsa_io_obj_attr: length %x does not match size %x\n",
|
||||||
attr->len, ps->offset - start));
|
attr->len, ps->offset - start));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (attr->ptr_sec_qos != 0 && attr->sec_qos != NULL)
|
||||||
|
{
|
||||||
|
lsa_io_sec_qos("sec_qos", attr->sec_qos, ps, depth);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/*******************************************************************
|
/*******************************************************************
|
||||||
makes an LSA_Q_OPEN_POL structure.
|
makes an LSA_Q_OPEN_POL structure.
|
||||||
********************************************************************/
|
********************************************************************/
|
||||||
void make_q_open_pol(LSA_Q_OPEN_POL *r_q, char *server_name,
|
void make_q_open_pol(LSA_Q_OPEN_POL *r_q, char *server_name,
|
||||||
uint32 attributes, uint32 sec_qos,
|
uint32 attributes,
|
||||||
uint32 desired_access)
|
uint32 desired_access,
|
||||||
|
LSA_SEC_QOS *qos)
|
||||||
{
|
{
|
||||||
if (r_q == NULL) return;
|
if (r_q == NULL) return;
|
||||||
|
|
||||||
DEBUG(5,("make_open_pol\n"));
|
DEBUG(5,("make_open_pol: attr:%d da:%d\n", attributes, desired_access));
|
||||||
|
|
||||||
r_q->ptr = 1; /* undocumented pointer */
|
r_q->ptr = 1; /* undocumented pointer */
|
||||||
|
|
||||||
make_unistr2 (&(r_q->uni_server_name), server_name, strlen(server_name));
|
if (qos == NULL)
|
||||||
make_lsa_obj_attr(&(r_q->attr ), attributes, sec_qos);
|
{
|
||||||
|
|
||||||
r_q->des_access = desired_access;
|
r_q->des_access = desired_access;
|
||||||
|
}
|
||||||
|
|
||||||
|
make_unistr2 (&(r_q->uni_server_name), server_name, strlen(server_name));
|
||||||
|
make_lsa_obj_attr(&(r_q->attr ), attributes, qos);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*******************************************************************
|
/*******************************************************************
|
||||||
@ -185,7 +265,10 @@ void lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, int dep
|
|||||||
smb_io_unistr2 ("", &(r_q->uni_server_name), r_q->ptr, ps, depth);
|
smb_io_unistr2 ("", &(r_q->uni_server_name), r_q->ptr, ps, depth);
|
||||||
lsa_io_obj_attr("", &(r_q->attr ), ps, depth);
|
lsa_io_obj_attr("", &(r_q->attr ), ps, depth);
|
||||||
|
|
||||||
|
if (r_q->attr.ptr_sec_qos == 0)
|
||||||
|
{
|
||||||
prs_uint32("des_access", ps, depth, &(r_q->des_access));
|
prs_uint32("des_access", ps, depth, &(r_q->des_access));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/*******************************************************************
|
/*******************************************************************
|
||||||
@ -198,7 +281,6 @@ void lsa_io_r_open_pol(char *desc, LSA_R_OPEN_POL *r_p, prs_struct *ps, int dep
|
|||||||
prs_debug(ps, depth, desc, "lsa_io_r_open_pol");
|
prs_debug(ps, depth, desc, "lsa_io_r_open_pol");
|
||||||
depth++;
|
depth++;
|
||||||
|
|
||||||
|
|
||||||
smb_io_pol_hnd("", &(r_p->pol), ps, depth);
|
smb_io_pol_hnd("", &(r_p->pol), ps, depth);
|
||||||
|
|
||||||
prs_uint32("status", ps, depth, &(r_p->status));
|
prs_uint32("status", ps, depth, &(r_p->status));
|
||||||
@ -348,10 +430,42 @@ void lsa_io_r_query(char *desc, LSA_R_QUERY_INFO *r_q, prs_struct *ps, int dept
|
|||||||
prs_uint32("status", ps, depth, &(r_q->status));
|
prs_uint32("status", ps, depth, &(r_q->status));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*******************************************************************
|
||||||
|
makes a LSA_SID_ENUM structure.
|
||||||
|
********************************************************************/
|
||||||
|
void make_lsa_sid_enum(LSA_SID_ENUM *sen, int num_entries, DOM_SID **sids)
|
||||||
|
{
|
||||||
|
int i, i2;
|
||||||
|
if (sen == NULL || sids == NULL) return;
|
||||||
|
|
||||||
|
DEBUG(5,("make_lsa_sid_enum\n"));
|
||||||
|
|
||||||
|
sen->num_entries = num_entries;
|
||||||
|
sen->ptr_sid_enum = num_entries != 0 ? 1 : 0;
|
||||||
|
sen->num_entries2 = num_entries;
|
||||||
|
|
||||||
|
SMB_ASSERT_ARRAY(sen->sid, sen->num_entries);
|
||||||
|
|
||||||
|
for (i = 0, i2 = 0; i < num_entries; i++)
|
||||||
|
{
|
||||||
|
if (sids[i] != NULL)
|
||||||
|
{
|
||||||
|
sen->ptr_sid[i] = 1;
|
||||||
|
make_dom_sid2(&(sen->sid[i2]), sids[i]);
|
||||||
|
i2++;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
sen->ptr_sid[i] = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/*******************************************************************
|
/*******************************************************************
|
||||||
reads or writes a LSA_SID_ENUM structure.
|
reads or writes a LSA_SID_ENUM structure.
|
||||||
********************************************************************/
|
********************************************************************/
|
||||||
static void lsa_io_sid_enum(char *desc, LSA_SID_ENUM *sen, prs_struct *ps, int depth)
|
static void lsa_io_sid_enum(char *desc, LSA_SID_ENUM *sen,
|
||||||
|
prs_struct *ps, int depth)
|
||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
@ -385,6 +499,27 @@ static void lsa_io_sid_enum(char *desc, LSA_SID_ENUM *sen, prs_struct *ps, int d
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*******************************************************************
|
||||||
|
makes an LSA_R_ENUM_TRUST_DOM structure.
|
||||||
|
********************************************************************/
|
||||||
|
void make_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd,
|
||||||
|
int num_sids, DOM_SID **sids,
|
||||||
|
uint16 level)
|
||||||
|
{
|
||||||
|
if (q_l == NULL) return;
|
||||||
|
|
||||||
|
DEBUG(5,("make_r_enum_trust_dom\n"));
|
||||||
|
|
||||||
|
memcpy(&(q_l->pol), hnd, sizeof(q_l->pol));
|
||||||
|
make_lsa_sid_enum(&(q_l->sids), num_sids, sids);
|
||||||
|
|
||||||
|
q_l->names.num_entries = 0;
|
||||||
|
q_l->names.ptr_trans_names = 0;
|
||||||
|
q_l->names.num_entries2 = 0;
|
||||||
|
|
||||||
|
q_l->level.value = level;
|
||||||
|
}
|
||||||
|
|
||||||
/*******************************************************************
|
/*******************************************************************
|
||||||
reads or writes a LSA_Q_LOOKUP_SIDS structure.
|
reads or writes a LSA_Q_LOOKUP_SIDS structure.
|
||||||
********************************************************************/
|
********************************************************************/
|
||||||
@ -397,7 +532,7 @@ void lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, prs_struct *ps, in
|
|||||||
|
|
||||||
prs_align(ps);
|
prs_align(ps);
|
||||||
|
|
||||||
smb_io_pol_hnd ("pol_hnd", &(q_s->pol_hnd), ps, depth); /* policy handle */
|
smb_io_pol_hnd ("pol_hnd", &(q_s->pol), ps, depth); /* policy handle */
|
||||||
lsa_io_sid_enum ("sids ", &(q_s->sids ), ps, depth); /* sids to be looked up */
|
lsa_io_sid_enum ("sids ", &(q_s->sids ), ps, depth); /* sids to be looked up */
|
||||||
lsa_io_trans_names ("names ", &(q_s->names ), ps, depth); /* translated names */
|
lsa_io_trans_names ("names ", &(q_s->names ), ps, depth); /* translated names */
|
||||||
smb_io_lookup_level("switch ", &(q_s->level ), ps, depth); /* lookup level */
|
smb_io_lookup_level("switch ", &(q_s->level ), ps, depth); /* lookup level */
|
||||||
@ -408,7 +543,8 @@ void lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, prs_struct *ps, in
|
|||||||
/*******************************************************************
|
/*******************************************************************
|
||||||
reads or writes a structure.
|
reads or writes a structure.
|
||||||
********************************************************************/
|
********************************************************************/
|
||||||
static void lsa_io_trans_names(char *desc, LSA_TRANS_NAME_ENUM *trn, prs_struct *ps, int depth)
|
static void lsa_io_trans_names(char *desc, LSA_TRANS_NAME_ENUM *trn,
|
||||||
|
prs_struct *ps, int depth)
|
||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
int i2;
|
int i2;
|
||||||
@ -422,27 +558,28 @@ static void lsa_io_trans_names(char *desc, LSA_TRANS_NAME_ENUM *trn, prs_struct
|
|||||||
|
|
||||||
prs_uint32("num_entries ", ps, depth, &(trn->num_entries));
|
prs_uint32("num_entries ", ps, depth, &(trn->num_entries));
|
||||||
prs_uint32("ptr_trans_names", ps, depth, &(trn->ptr_trans_names));
|
prs_uint32("ptr_trans_names", ps, depth, &(trn->ptr_trans_names));
|
||||||
|
|
||||||
|
if (trn->ptr_trans_names != 0)
|
||||||
|
{
|
||||||
prs_uint32("num_entries2 ", ps, depth, &(trn->num_entries2));
|
prs_uint32("num_entries2 ", ps, depth, &(trn->num_entries2));
|
||||||
|
|
||||||
SMB_ASSERT_ARRAY(trn->ptr_name, trn->num_entries);
|
SMB_ASSERT_ARRAY(trn->name, trn->num_entries);
|
||||||
|
|
||||||
for (i = 0; i < trn->num_entries; i++)
|
|
||||||
{
|
|
||||||
fstring temp;
|
|
||||||
slprintf(temp, sizeof(temp) - 1, "ptr_name[%d] ", i);
|
|
||||||
prs_uint32(temp, ps, depth, &(trn->ptr_name[i])); /* pointer to translated name */
|
|
||||||
}
|
|
||||||
|
|
||||||
for (i = 0, i2 = 0; i < trn->num_entries2; i++)
|
for (i = 0, i2 = 0; i < trn->num_entries2; i++)
|
||||||
{
|
{
|
||||||
if (trn->ptr_name[i] != 0)
|
fstring t;
|
||||||
|
slprintf(t, sizeof(t) - 1, "name[%d] ", i);
|
||||||
|
|
||||||
|
lsa_io_trans_name(t, &(trn->name[i]), ps, depth); /* translated name */
|
||||||
|
|
||||||
|
if (trn->name[i].hdr_name.buffer != 0)
|
||||||
{
|
{
|
||||||
fstring temp;
|
smb_io_unistr2(t, &(trn->uni_name[i2]), 1, ps, depth);
|
||||||
slprintf(temp, sizeof(temp) - 1, "name[%d] ", i);
|
prs_align(ps);
|
||||||
lsa_io_trans_name(temp, &(trn->name[i2]), ps, depth); /* translated name */
|
|
||||||
i2++;
|
i2++;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/*******************************************************************
|
/*******************************************************************
|
||||||
@ -460,6 +597,8 @@ void lsa_io_r_lookup_sids(char *desc, LSA_R_LOOKUP_SIDS *r_s, prs_struct *ps, i
|
|||||||
lsa_io_dom_r_ref ("dom_ref", r_s->dom_ref, ps, depth); /* domain reference info */
|
lsa_io_dom_r_ref ("dom_ref", r_s->dom_ref, ps, depth); /* domain reference info */
|
||||||
lsa_io_trans_names("names ", r_s->names , ps, depth); /* translated names */
|
lsa_io_trans_names("names ", r_s->names , ps, depth); /* translated names */
|
||||||
|
|
||||||
|
prs_align(ps);
|
||||||
|
|
||||||
prs_uint32("mapped_count", ps, depth, &(r_s->mapped_count));
|
prs_uint32("mapped_count", ps, depth, &(r_s->mapped_count));
|
||||||
|
|
||||||
prs_uint32("status ", ps, depth, &(r_s->status));
|
prs_uint32("status ", ps, depth, &(r_s->status));
|
||||||
@ -479,7 +618,7 @@ void lsa_io_q_lookup_rids(char *desc, LSA_Q_LOOKUP_RIDS *q_r, prs_struct *ps, i
|
|||||||
|
|
||||||
prs_align(ps);
|
prs_align(ps);
|
||||||
|
|
||||||
smb_io_pol_hnd("", &(q_r->pol_hnd), ps, depth); /* policy handle */
|
smb_io_pol_hnd("", &(q_r->pol), ps, depth); /* policy handle */
|
||||||
|
|
||||||
prs_uint32("num_entries ", ps, depth, &(q_r->num_entries));
|
prs_uint32("num_entries ", ps, depth, &(q_r->num_entries));
|
||||||
prs_uint32("num_entries2 ", ps, depth, &(q_r->num_entries2));
|
prs_uint32("num_entries2 ", ps, depth, &(q_r->num_entries2));
|
||||||
|
@ -113,37 +113,38 @@ static void lsa_reply_query_info(LSA_Q_QUERY_INFO *q_q, prs_struct *rdata,
|
|||||||
lsa_io_r_query("", &r_q, rdata, 0);
|
lsa_io_r_query("", &r_q, rdata, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/***************************************************************************
|
/***************************************************************************
|
||||||
make_dom_ref
|
make_dom_ref
|
||||||
|
|
||||||
pretty much hard-coded choice of "other" sids, unfortunately...
|
|
||||||
|
|
||||||
***************************************************************************/
|
***************************************************************************/
|
||||||
static void make_dom_ref(DOM_R_REF *ref, char *dom_name, DOM_SID *dom_sid,
|
static void make_dom_ref(DOM_R_REF *ref, int num_domains,
|
||||||
DOM_SID *other_sid1, DOM_SID *other_sid2, DOM_SID *other_sid3)
|
char **dom_names, DOM_SID **dom_sids)
|
||||||
|
|
||||||
{
|
{
|
||||||
int len_dom_name = strlen(dom_name);
|
int i;
|
||||||
|
|
||||||
ref->undoc_buffer = 1;
|
if (num_domains > MAX_REF_DOMAINS)
|
||||||
ref->num_ref_doms_1 = 4;
|
|
||||||
ref->buffer_dom_name = 1;
|
|
||||||
ref->max_entries = 32;
|
|
||||||
ref->num_ref_doms_2 = 4;
|
|
||||||
|
|
||||||
make_uni_hdr2(&(ref->hdr_dom_name ), len_dom_name , len_dom_name , 0);
|
|
||||||
make_uni_hdr2(&(ref->hdr_ref_dom[0]), sizeof(DOM_SID), sizeof(DOM_SID), 0);
|
|
||||||
make_uni_hdr2(&(ref->hdr_ref_dom[1]), sizeof(DOM_SID), sizeof(DOM_SID), 0);
|
|
||||||
make_uni_hdr2(&(ref->hdr_ref_dom[2]), sizeof(DOM_SID), sizeof(DOM_SID), 0);
|
|
||||||
|
|
||||||
if (dom_name != NULL)
|
|
||||||
{
|
{
|
||||||
make_unistr(&(ref->uni_dom_name), dom_name);
|
num_domains = MAX_REF_DOMAINS;
|
||||||
|
}
|
||||||
|
|
||||||
|
ref->undoc_buffer = 1;
|
||||||
|
ref->num_ref_doms_1 = num_domains;
|
||||||
|
ref->undoc_buffer2 = 1;
|
||||||
|
ref->max_entries = MAX_REF_DOMAINS;
|
||||||
|
ref->num_ref_doms_2 = num_domains;
|
||||||
|
|
||||||
|
for (i = 0; i < num_domains; i++)
|
||||||
|
{
|
||||||
|
int len = dom_names[i] != NULL ? strlen(dom_names[i]) : 0;
|
||||||
|
|
||||||
|
make_uni_hdr(&(ref->hdr_ref_dom[i].hdr_dom_name), len, len, len != 0 ? 1 : 0);
|
||||||
|
ref->hdr_ref_dom[i].ptr_dom_sid = dom_sids[i] != NULL ? 1 : 0;
|
||||||
|
|
||||||
|
make_unistr2 (&(ref->ref_dom[i].uni_dom_name), dom_names[i], len);
|
||||||
|
make_dom_sid2(&(ref->ref_dom[i].ref_dom ), dom_sids [i]);
|
||||||
}
|
}
|
||||||
|
|
||||||
make_dom_sid2(&(ref->ref_dom[0]), dom_sid );
|
|
||||||
make_dom_sid2(&(ref->ref_dom[1]), other_sid1);
|
|
||||||
make_dom_sid2(&(ref->ref_dom[2]), other_sid2);
|
|
||||||
make_dom_sid2(&(ref->ref_dom[3]), other_sid3);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/***************************************************************************
|
/***************************************************************************
|
||||||
@ -151,13 +152,12 @@ make_reply_lookup_rids
|
|||||||
***************************************************************************/
|
***************************************************************************/
|
||||||
static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS *r_l,
|
static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS *r_l,
|
||||||
int num_entries, uint32 dom_rids[MAX_LOOKUP_SIDS],
|
int num_entries, uint32 dom_rids[MAX_LOOKUP_SIDS],
|
||||||
char *dom_name, DOM_SID *dom_sid,
|
int num_ref_doms,
|
||||||
DOM_SID *other_sid1, DOM_SID *other_sid2, DOM_SID *other_sid3)
|
char **dom_names, DOM_SID **dom_sids)
|
||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
make_dom_ref(&(r_l->dom_ref), dom_name, dom_sid,
|
make_dom_ref(&(r_l->dom_ref), num_ref_doms, dom_names, dom_sids);
|
||||||
other_sid1, other_sid2, other_sid3);
|
|
||||||
|
|
||||||
r_l->num_entries = num_entries;
|
r_l->num_entries = num_entries;
|
||||||
r_l->undoc_buffer = 1;
|
r_l->undoc_buffer = 1;
|
||||||
@ -193,9 +193,6 @@ static void make_lsa_trans_names(LSA_TRANS_NAME_ENUM *trn,
|
|||||||
fstring name;
|
fstring name;
|
||||||
uint32 type;
|
uint32 type;
|
||||||
|
|
||||||
trn->ptr_name[i] = 0;
|
|
||||||
trn->ptr_name[(*total)] = 0;
|
|
||||||
|
|
||||||
SMB_ASSERT_ARRAY(sid[i].sid.sub_auths, num_auths);
|
SMB_ASSERT_ARRAY(sid[i].sid.sub_auths, num_auths);
|
||||||
|
|
||||||
/* find the rid to look up */
|
/* find the rid to look up */
|
||||||
@ -212,7 +209,6 @@ static void make_lsa_trans_names(LSA_TRANS_NAME_ENUM *trn,
|
|||||||
|
|
||||||
if (status == 0x0)
|
if (status == 0x0)
|
||||||
{
|
{
|
||||||
trn->ptr_name[i] = 1;
|
|
||||||
make_lsa_trans_name(&(trn->name[(*total)]), type, name, (*total));
|
make_lsa_trans_name(&(trn->name[(*total)]), type, name, (*total));
|
||||||
(*total)++;
|
(*total)++;
|
||||||
}
|
}
|
||||||
@ -241,8 +237,8 @@ lsa_reply_lookup_sids
|
|||||||
***************************************************************************/
|
***************************************************************************/
|
||||||
static void lsa_reply_lookup_sids(prs_struct *rdata,
|
static void lsa_reply_lookup_sids(prs_struct *rdata,
|
||||||
int num_entries, DOM_SID2 sid[MAX_LOOKUP_SIDS],
|
int num_entries, DOM_SID2 sid[MAX_LOOKUP_SIDS],
|
||||||
char *dom_name, DOM_SID *dom_sid,
|
int num_ref_doms,
|
||||||
DOM_SID *other_sid1, DOM_SID *other_sid2, DOM_SID *other_sid3)
|
char **dom_names, DOM_SID **dom_sids)
|
||||||
{
|
{
|
||||||
LSA_R_LOOKUP_SIDS r_l;
|
LSA_R_LOOKUP_SIDS r_l;
|
||||||
DOM_R_REF ref;
|
DOM_R_REF ref;
|
||||||
@ -254,7 +250,7 @@ static void lsa_reply_lookup_sids(prs_struct *rdata,
|
|||||||
ZERO_STRUCT(names);
|
ZERO_STRUCT(names);
|
||||||
|
|
||||||
/* set up the LSA Lookup SIDs response */
|
/* set up the LSA Lookup SIDs response */
|
||||||
make_dom_ref(&ref, dom_name, dom_sid, other_sid1, other_sid2, other_sid3);
|
make_dom_ref(&ref, num_ref_doms, dom_names, dom_sids);
|
||||||
make_lsa_trans_names(&names, num_entries, sid, &mapped_count);
|
make_lsa_trans_names(&names, num_entries, sid, &mapped_count);
|
||||||
make_reply_lookup_sids(&r_l, &ref, &names, mapped_count, 0x0);
|
make_reply_lookup_sids(&r_l, &ref, &names, mapped_count, 0x0);
|
||||||
|
|
||||||
@ -267,8 +263,8 @@ lsa_reply_lookup_rids
|
|||||||
***************************************************************************/
|
***************************************************************************/
|
||||||
static void lsa_reply_lookup_rids(prs_struct *rdata,
|
static void lsa_reply_lookup_rids(prs_struct *rdata,
|
||||||
int num_entries, uint32 dom_rids[MAX_LOOKUP_SIDS],
|
int num_entries, uint32 dom_rids[MAX_LOOKUP_SIDS],
|
||||||
char *dom_name, DOM_SID *dom_sid,
|
int num_ref_doms,
|
||||||
DOM_SID *other_sid1, DOM_SID *other_sid2, DOM_SID *other_sid3)
|
char **dom_names, DOM_SID **dom_sids)
|
||||||
{
|
{
|
||||||
LSA_R_LOOKUP_RIDS r_l;
|
LSA_R_LOOKUP_RIDS r_l;
|
||||||
|
|
||||||
@ -276,7 +272,7 @@ static void lsa_reply_lookup_rids(prs_struct *rdata,
|
|||||||
|
|
||||||
/* set up the LSA Lookup RIDs response */
|
/* set up the LSA Lookup RIDs response */
|
||||||
make_reply_lookup_rids(&r_l, num_entries, dom_rids,
|
make_reply_lookup_rids(&r_l, num_entries, dom_rids,
|
||||||
dom_name, dom_sid, other_sid1, other_sid2, other_sid3);
|
num_ref_doms, dom_names, dom_sids);
|
||||||
r_l.status = 0x0;
|
r_l.status = 0x0;
|
||||||
|
|
||||||
/* store the response in the SMB stream */
|
/* store the response in the SMB stream */
|
||||||
@ -351,6 +347,9 @@ static void api_lsa_lookup_sids( uint16 vuid, prs_struct *data,
|
|||||||
DOM_SID sid_S_1_3;
|
DOM_SID sid_S_1_3;
|
||||||
DOM_SID sid_S_1_5;
|
DOM_SID sid_S_1_5;
|
||||||
|
|
||||||
|
DOM_SID *sid_array[4];
|
||||||
|
char *dom_names[4];
|
||||||
|
|
||||||
ZERO_STRUCT(q_l);
|
ZERO_STRUCT(q_l);
|
||||||
ZERO_STRUCT(sid_S_1_1);
|
ZERO_STRUCT(sid_S_1_1);
|
||||||
ZERO_STRUCT(sid_S_1_3);
|
ZERO_STRUCT(sid_S_1_3);
|
||||||
@ -365,11 +364,22 @@ static void api_lsa_lookup_sids( uint16 vuid, prs_struct *data,
|
|||||||
string_to_sid(&sid_S_1_3, "S-1-3");
|
string_to_sid(&sid_S_1_3, "S-1-3");
|
||||||
string_to_sid(&sid_S_1_5, "S-1-5");
|
string_to_sid(&sid_S_1_5, "S-1-5");
|
||||||
|
|
||||||
|
dom_names[0] = dom_name;
|
||||||
|
sid_array[0] = &global_machine_sid;
|
||||||
|
|
||||||
|
dom_names[1] = "Everyone";
|
||||||
|
sid_array[1] = &sid_S_1_1;
|
||||||
|
|
||||||
|
dom_names[2] = "don't know";
|
||||||
|
sid_array[2] = &sid_S_1_3;
|
||||||
|
|
||||||
|
dom_names[3] = "NT AUTHORITY";
|
||||||
|
sid_array[3] = &sid_S_1_5;
|
||||||
|
|
||||||
/* construct reply. return status is always 0x0 */
|
/* construct reply. return status is always 0x0 */
|
||||||
lsa_reply_lookup_sids(rdata,
|
lsa_reply_lookup_sids(rdata,
|
||||||
q_l.sids.num_entries, q_l.sids.sid, /* SIDs */
|
q_l.sids.num_entries, q_l.sids.sid, /* SIDs */
|
||||||
dom_name, &global_machine_sid, /* domain name, domain SID */
|
4, dom_names, sid_array);
|
||||||
&sid_S_1_1, &sid_S_1_3, &sid_S_1_5); /* the three other SIDs */
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/***************************************************************************
|
/***************************************************************************
|
||||||
@ -381,11 +391,15 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
|
|||||||
int i;
|
int i;
|
||||||
LSA_Q_LOOKUP_RIDS q_l;
|
LSA_Q_LOOKUP_RIDS q_l;
|
||||||
pstring dom_name;
|
pstring dom_name;
|
||||||
|
uint32 dom_rids[MAX_LOOKUP_SIDS];
|
||||||
|
uint32 dummy_g_rid;
|
||||||
|
|
||||||
DOM_SID sid_S_1_1;
|
DOM_SID sid_S_1_1;
|
||||||
DOM_SID sid_S_1_3;
|
DOM_SID sid_S_1_3;
|
||||||
DOM_SID sid_S_1_5;
|
DOM_SID sid_S_1_5;
|
||||||
uint32 dom_rids[MAX_LOOKUP_SIDS];
|
|
||||||
uint32 dummy_g_rid;
|
DOM_SID *sid_array[4];
|
||||||
|
char *dom_names[4];
|
||||||
|
|
||||||
ZERO_STRUCT(q_l);
|
ZERO_STRUCT(q_l);
|
||||||
ZERO_STRUCT(sid_S_1_1);
|
ZERO_STRUCT(sid_S_1_1);
|
||||||
@ -402,6 +416,18 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
|
|||||||
string_to_sid(&sid_S_1_3, "S-1-3");
|
string_to_sid(&sid_S_1_3, "S-1-3");
|
||||||
string_to_sid(&sid_S_1_5, "S-1-5");
|
string_to_sid(&sid_S_1_5, "S-1-5");
|
||||||
|
|
||||||
|
dom_names[0] = dom_name;
|
||||||
|
sid_array[0] = &global_machine_sid;
|
||||||
|
|
||||||
|
dom_names[1] = "Everyone";
|
||||||
|
sid_array[1] = &sid_S_1_1;
|
||||||
|
|
||||||
|
dom_names[2] = "don't know";
|
||||||
|
sid_array[2] = &sid_S_1_3;
|
||||||
|
|
||||||
|
dom_names[3] = "NT AUTHORITY";
|
||||||
|
sid_array[3] = &sid_S_1_5;
|
||||||
|
|
||||||
SMB_ASSERT_ARRAY(q_l.lookup_name, q_l.num_entries);
|
SMB_ASSERT_ARRAY(q_l.lookup_name, q_l.num_entries);
|
||||||
|
|
||||||
/* convert received RIDs to strings, so we can do them. */
|
/* convert received RIDs to strings, so we can do them. */
|
||||||
@ -429,8 +455,7 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
|
|||||||
/* construct reply. return status is always 0x0 */
|
/* construct reply. return status is always 0x0 */
|
||||||
lsa_reply_lookup_rids(rdata,
|
lsa_reply_lookup_rids(rdata,
|
||||||
q_l.num_entries, dom_rids, /* text-converted SIDs */
|
q_l.num_entries, dom_rids, /* text-converted SIDs */
|
||||||
dom_name, &global_machine_sid, /* domain name, domain SID */
|
4, dom_names, sid_array);
|
||||||
&sid_S_1_1, &sid_S_1_3, &sid_S_1_5); /* the three other SIDs */
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/***************************************************************************
|
/***************************************************************************
|
||||||
|
@ -67,7 +67,7 @@ void cmd_lsa_query_info(struct client_info *info)
|
|||||||
/* lookup domain controller; receive a policy handle */
|
/* lookup domain controller; receive a policy handle */
|
||||||
res = res ? do_lsa_open_policy(smb_cli,
|
res = res ? do_lsa_open_policy(smb_cli,
|
||||||
srv_name,
|
srv_name,
|
||||||
&info->dom.lsa_info_pol) : False;
|
&info->dom.lsa_info_pol, False) : False;
|
||||||
|
|
||||||
/* send client info query, level 3. receive domain name and sid */
|
/* send client info query, level 3. receive domain name and sid */
|
||||||
res = res ? do_lsa_query_info_pol(smb_cli,
|
res = res ? do_lsa_query_info_pol(smb_cli,
|
||||||
@ -113,7 +113,88 @@ void cmd_lsa_query_info(struct client_info *info)
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
DEBUG(5,("cmd_lsa_query_info: query succeeded\n"));
|
DEBUG(5,("cmd_lsa_query_info: query failed\n"));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/****************************************************************************
|
||||||
|
nt lsa query
|
||||||
|
****************************************************************************/
|
||||||
|
void cmd_lsa_lookup_sids(struct client_info *info)
|
||||||
|
{
|
||||||
|
fstring temp;
|
||||||
|
fstring sid_name;
|
||||||
|
fstring srv_name;
|
||||||
|
DOM_SID sid;
|
||||||
|
DOM_SID *sids[1];
|
||||||
|
char **names;
|
||||||
|
|
||||||
|
BOOL res = True;
|
||||||
|
|
||||||
|
DEBUG(5, ("cmd_lsa_lookup_sids: smb_cli->fd:%d\n", smb_cli->fd));
|
||||||
|
|
||||||
|
fstrcpy(srv_name, "\\\\");
|
||||||
|
fstrcat(srv_name, info->myhostname);
|
||||||
|
strupper(srv_name);
|
||||||
|
|
||||||
|
fstrcpy(sid_name, info->dom.level5_sid);
|
||||||
|
|
||||||
|
if (next_token(NULL, temp, NULL, sizeof(temp)))
|
||||||
|
{
|
||||||
|
if (info->dom.level5_sid[0] == 0)
|
||||||
|
{
|
||||||
|
fprintf(out_hnd, "please use lsaquery first or specify a complete SID\n");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (strnequal("S-", temp, 2))
|
||||||
|
{
|
||||||
|
fstrcpy(sid_name, temp);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
fstrcat(sid_name, "-");
|
||||||
|
fstrcat(sid_name, temp);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
fprintf(out_hnd, "lsalookup RID or SID\n");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
DEBUG(4,("cmd_lsa_lookup_sids: server: %s sid:%s\n",
|
||||||
|
srv_name, sid_name));
|
||||||
|
|
||||||
|
make_dom_sid(&sid, sid_name);
|
||||||
|
|
||||||
|
sids[0] = &sid;
|
||||||
|
|
||||||
|
/* open LSARPC session. */
|
||||||
|
res = res ? cli_nt_session_open(smb_cli, PIPE_LSARPC, False) : False;
|
||||||
|
|
||||||
|
/* lookup domain controller; receive a policy handle */
|
||||||
|
res = res ? do_lsa_open_policy(smb_cli,
|
||||||
|
srv_name,
|
||||||
|
&info->dom.lsa_info_pol, True) : False;
|
||||||
|
|
||||||
|
/* send client info query, level 3. receive domain name and sid */
|
||||||
|
res = res ? do_lsa_lookup_sids(smb_cli,
|
||||||
|
&info->dom.lsa_info_pol, 1, sids, names) : False;
|
||||||
|
|
||||||
|
res = res ? do_lsa_close(smb_cli, &info->dom.lsa_info_pol) : False;
|
||||||
|
|
||||||
|
/* close the session */
|
||||||
|
cli_nt_session_close(smb_cli);
|
||||||
|
|
||||||
|
if (res)
|
||||||
|
{
|
||||||
|
DEBUG(5,("cmd_lsa_lookup_sids: query succeeded\n"));
|
||||||
|
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
DEBUG(5,("cmd_lsa_lookup_sids: query failed\n"));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -115,6 +115,7 @@ struct
|
|||||||
{"srvfiles", cmd_srv_enum_files, "DCE/RPC - List files on a server"},
|
{"srvfiles", cmd_srv_enum_files, "DCE/RPC - List files on a server"},
|
||||||
#endif
|
#endif
|
||||||
{"lsaquery", cmd_lsa_query_info, "Query Info Policy (domain member or server)"},
|
{"lsaquery", cmd_lsa_query_info, "Query Info Policy (domain member or server)"},
|
||||||
|
{"lookupsids", cmd_lsa_lookup_sids, "Resolve names from SIDs"},
|
||||||
{"enumusers", cmd_sam_enum_users, "SAM User Database Query (experimental!)"},
|
{"enumusers", cmd_sam_enum_users, "SAM User Database Query (experimental!)"},
|
||||||
{"samuser", cmd_sam_query_user, "<username> SAM User Query (experimental!)"},
|
{"samuser", cmd_sam_query_user, "<username> SAM User Query (experimental!)"},
|
||||||
{"samtest", cmd_sam_test , "SAM User Encrypted RPC test (experimental!)"},
|
{"samtest", cmd_sam_test , "SAM User Encrypted RPC test (experimental!)"},
|
||||||
|
Loading…
Reference in New Issue
Block a user