mirror of
https://github.com/samba-team/samba.git
synced 2024-12-25 23:21:54 +03:00
7eeca44f03
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11237 Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
114 lines
2.9 KiB
C
114 lines
2.9 KiB
C
/*
|
|
Unix SMB/CIFS implementation.
|
|
Security Descriptor (SD) helper functions
|
|
|
|
Copyright (C) Andrew Tridgell 2000
|
|
Copyright (C) Tim Potter 2000
|
|
Copyright (C) Jeremy Allison 2000
|
|
Copyright (C) Jelmer Vernooij 2003
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
#include "includes.h"
|
|
#include "libsmb/libsmb.h"
|
|
#include "util_sd.h"
|
|
#include "librpc/gen_ndr/ndr_lsa.h"
|
|
#include "../libcli/security/security.h"
|
|
#include "rpc_client/cli_pipe.h"
|
|
#include "rpc_client/cli_lsarpc.h"
|
|
|
|
/* Open cli connection and policy handle */
|
|
static NTSTATUS cli_lsa_lookup_sid(struct cli_state *cli,
|
|
const struct dom_sid *sid,
|
|
TALLOC_CTX *mem_ctx,
|
|
enum lsa_SidType *type,
|
|
char **domain, char **name)
|
|
{
|
|
uint16 orig_cnum = cli_state_get_tid(cli);
|
|
struct rpc_pipe_client *p = NULL;
|
|
struct policy_handle handle;
|
|
NTSTATUS status;
|
|
TALLOC_CTX *frame = talloc_stackframe();
|
|
enum lsa_SidType *types;
|
|
char **domains;
|
|
char **names;
|
|
|
|
status = cli_tree_connect(cli, "IPC$", "?????", "", 0);
|
|
if (!NT_STATUS_IS_OK(status)) {
|
|
goto tcon_fail;
|
|
}
|
|
|
|
status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc,
|
|
&p);
|
|
if (!NT_STATUS_IS_OK(status)) {
|
|
goto fail;
|
|
}
|
|
|
|
status = rpccli_lsa_open_policy(p, talloc_tos(), True,
|
|
GENERIC_EXECUTE_ACCESS, &handle);
|
|
if (!NT_STATUS_IS_OK(status)) {
|
|
goto fail;
|
|
}
|
|
|
|
status = rpccli_lsa_lookup_sids(p, talloc_tos(), &handle, 1, sid,
|
|
&domains, &names, &types);
|
|
if (!NT_STATUS_IS_OK(status)) {
|
|
goto fail;
|
|
}
|
|
|
|
*type = types[0];
|
|
*domain = talloc_move(mem_ctx, &domains[0]);
|
|
*name = talloc_move(mem_ctx, &names[0]);
|
|
|
|
status = NT_STATUS_OK;
|
|
fail:
|
|
TALLOC_FREE(p);
|
|
cli_tdis(cli);
|
|
tcon_fail:
|
|
cli_state_set_tid(cli, orig_cnum);
|
|
TALLOC_FREE(frame);
|
|
return status;
|
|
}
|
|
|
|
/* convert a SID to a string, either numeric or username/group */
|
|
void SidToString(struct cli_state *cli, fstring str, const struct dom_sid *sid,
|
|
bool numeric)
|
|
{
|
|
char *domain = NULL;
|
|
char *name = NULL;
|
|
enum lsa_SidType type;
|
|
NTSTATUS status;
|
|
|
|
sid_to_fstring(str, sid);
|
|
|
|
if (numeric) {
|
|
return;
|
|
}
|
|
|
|
status = cli_lsa_lookup_sid(cli, sid, talloc_tos(), &type,
|
|
&domain, &name);
|
|
|
|
if (!NT_STATUS_IS_OK(status)) {
|
|
return;
|
|
}
|
|
|
|
if (*domain) {
|
|
slprintf(str, sizeof(fstring) - 1, "%s%s%s",
|
|
domain, lp_winbind_separator(), name);
|
|
} else {
|
|
fstrcpy(str, name);
|
|
}
|
|
}
|