sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-13 13:18:06 +03:00
Code
8539fb3aaa
samba-mirror/source4/rpc_server/lsa/dcesrv_lsa.c
Andrew Bartlett 8539fb3aaa r19682: Fix comments. 
Andrew Bartlett
(This used to be commit 4c349f44f8)
2007-10-10 14:25:31 -05:00

3588 lines
89 KiB
C
Raw Blame History

/*
Unix SMB/CIFS implementation.
endpoint server for the lsarpc pipe
Copyright (C) Andrew Tridgell 2004
Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004-2005
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
#include "rpc_server/dcerpc_server.h"
#include "rpc_server/common/common.h"
#include "auth/auth.h"
#include "dsdb/samdb/samdb.h"
#include "libcli/ldap/ldap.h"
#include "lib/ldb/include/ldb_errors.h"
#include "libcli/security/security.h"
#include "libcli/auth/libcli_auth.h"
#include "param/secrets.h"
#include "db_wrap.h"
#include "librpc/gen_ndr/ndr_dssetup.h"
/*
this type allows us to distinguish handle types
*/
enum lsa_handle {
LSA_HANDLE_POLICY,
LSA_HANDLE_ACCOUNT,
LSA_HANDLE_SECRET,
LSA_HANDLE_TRUSTED_DOMAIN
};
/*
state associated with a lsa_OpenPolicy() operation
*/
struct lsa_policy_state {
struct dcesrv_handle *handle;
struct ldb_context *sam_ldb;
struct sidmap_context *sidmap;
uint32_t access_mask;
const struct ldb_dn *domain_dn;
const struct ldb_dn *builtin_dn;
const struct ldb_dn *system_dn;
const char *domain_name;
const char *domain_dns;
struct dom_sid *domain_sid;
struct GUID domain_guid;
struct dom_sid *builtin_sid;
int mixed_domain;
};
/*
state associated with a lsa_OpenAccount() operation
*/
struct lsa_account_state {
struct lsa_policy_state *policy;
uint32_t access_mask;
struct dom_sid *account_sid;
};
/*
state associated with a lsa_OpenSecret() operation
*/
struct lsa_secret_state {
struct lsa_policy_state *policy;
uint32_t access_mask;
struct ldb_dn *secret_dn;
struct ldb_context *sam_ldb;
BOOL global;
};
/*
state associated with a lsa_OpenTrustedDomain() operation
*/
struct lsa_trusted_domain_state {
struct lsa_policy_state *policy;
uint32_t access_mask;
const struct ldb_dn *trusted_domain_dn;
};
static NTSTATUS lsa_EnumAccountRights(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_EnumAccountRights *r);
static NTSTATUS lsa_AddRemoveAccountRights(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_policy_state *state,
int ldb_flag,
struct dom_sid *sid,
const struct lsa_RightSet *rights);
/*
lsa_Close
*/
static NTSTATUS lsa_Close(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_Close *r)
{
struct dcesrv_handle *h;
*r->out.handle = *r->in.handle;
DCESRV_PULL_HANDLE(h, r->in.handle, DCESRV_HANDLE_ANY);
talloc_free(h);
ZERO_STRUCTP(r->out.handle);
return NT_STATUS_OK;
}
/*
lsa_Delete
*/
static NTSTATUS lsa_Delete(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_Delete *r)
{
struct dcesrv_handle *h;
int ret;
DCESRV_PULL_HANDLE(h, r->in.handle, DCESRV_HANDLE_ANY);
if (h->wire_handle.handle_type == LSA_HANDLE_SECRET) {
struct lsa_secret_state *secret_state = h->data;
ret = samdb_delete(secret_state->sam_ldb, mem_ctx, secret_state->secret_dn);
talloc_free(h);
if (ret != 0) {
return NT_STATUS_INVALID_HANDLE;
}
return NT_STATUS_OK;
} else if (h->wire_handle.handle_type == LSA_HANDLE_TRUSTED_DOMAIN) {
struct lsa_trusted_domain_state *trusted_domain_state = h->data;
ret = samdb_delete(trusted_domain_state->policy->sam_ldb, mem_ctx,
trusted_domain_state->trusted_domain_dn);
talloc_free(h);
if (ret != 0) {
return NT_STATUS_INVALID_HANDLE;
}
return NT_STATUS_OK;
} else if (h->wire_handle.handle_type == LSA_HANDLE_ACCOUNT) {
struct lsa_RightSet *rights;
struct lsa_account_state *astate;
struct lsa_EnumAccountRights r2;
NTSTATUS status;
rights = talloc(mem_ctx, struct lsa_RightSet);
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_ACCOUNT);
astate = h->data;
r2.in.handle = &astate->policy->handle->wire_handle;
r2.in.sid = astate->account_sid;
r2.out.rights = rights;
status = lsa_EnumAccountRights(dce_call, mem_ctx, &r2);
if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
return NT_STATUS_OK;
}
if (!NT_STATUS_IS_OK(status)) {
return status;
}
status = lsa_AddRemoveAccountRights(dce_call, mem_ctx, astate->policy,
LDB_FLAG_MOD_DELETE, astate->account_sid,
r2.out.rights);
if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
return NT_STATUS_OK;
}
if (!NT_STATUS_IS_OK(status)) {
return status;
}
}
return NT_STATUS_INVALID_HANDLE;
}
/*
lsa_EnumPrivs
*/
static NTSTATUS lsa_EnumPrivs(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_EnumPrivs *r)
{
struct dcesrv_handle *h;
struct lsa_policy_state *state;
int i;
const char *privname;
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
state = h->data;
i = *r->in.resume_handle;
if (i == 0) i = 1;
while ((privname = sec_privilege_name(i)) &&
r->out.privs->count < r->in.max_count) {
struct lsa_PrivEntry *e;
r->out.privs->privs = talloc_realloc(r->out.privs,
r->out.privs->privs,
struct lsa_PrivEntry,
r->out.privs->count+1);
if (r->out.privs->privs == NULL) {
return NT_STATUS_NO_MEMORY;
}
e = &r->out.privs->privs[r->out.privs->count];
e->luid.low = i;
e->luid.high = 0;
e->name.string = privname;
r->out.privs->count++;
i++;
}
*r->out.resume_handle = i;
return NT_STATUS_OK;
}
/*
lsa_QuerySecObj
*/
static NTSTATUS lsa_QuerySecurity(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_QuerySecurity *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_SetSecObj
*/
static NTSTATUS lsa_SetSecObj(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_SetSecObj *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_ChangePassword
*/
static NTSTATUS lsa_ChangePassword(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_ChangePassword *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
static NTSTATUS lsa_get_policy_state(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_policy_state **_state)
{
struct lsa_policy_state *state;
const struct ldb_dn *partitions_basedn;
struct ldb_result *dom_res;
const char *dom_attrs[] = {
"objectSid",
"objectGUID",
"nTMixedDomain",
NULL
};
struct ldb_result *ref_res;
const char *ref_attrs[] = {
"nETBIOSName",
"dnsRoot",
NULL
};
char *ref_filter;
int ret;
state = talloc(mem_ctx, struct lsa_policy_state);
if (!state) {
return NT_STATUS_NO_MEMORY;
}
/* make sure the sam database is accessible */
state->sam_ldb = samdb_connect(state, dce_call->conn->auth_state.session_info);
if (state->sam_ldb == NULL) {
return NT_STATUS_INVALID_SYSTEM_SERVICE;
}
partitions_basedn = samdb_partitions_dn(state->sam_ldb, mem_ctx);
state->sidmap = sidmap_open(state);
if (state->sidmap == NULL) {
return NT_STATUS_INVALID_SYSTEM_SERVICE;
}
/* work out the domain_dn - useful for so many calls its worth
fetching here */
state->domain_dn = samdb_base_dn(state->sam_ldb);
if (!state->domain_dn) {
return NT_STATUS_NO_MEMORY;
}
ret = ldb_search(state->sam_ldb, state->domain_dn, LDB_SCOPE_BASE, NULL, dom_attrs, &dom_res);
if (ret != LDB_SUCCESS) {
return NT_STATUS_INVALID_SYSTEM_SERVICE;
}
talloc_steal(state, dom_res);
if (dom_res->count != 1) {
return NT_STATUS_NO_SUCH_DOMAIN;
}
state->domain_sid = samdb_result_dom_sid(state, dom_res->msgs[0], "objectSid");
if (!state->domain_sid) {
return NT_STATUS_NO_SUCH_DOMAIN;
}
state->domain_guid = samdb_result_guid(dom_res->msgs[0], "objectGUID");
if (!state->domain_sid) {
return NT_STATUS_NO_SUCH_DOMAIN;
}
state->mixed_domain = ldb_msg_find_attr_as_uint(dom_res->msgs[0], "nTMixedDomain", 0);
talloc_free(dom_res);
ref_filter = talloc_asprintf(state, "(&(objectclass=crossRef)(ncName=%s))",
ldb_dn_linearize(mem_ctx, state->domain_dn));
if (!ref_filter) {
return NT_STATUS_NO_MEMORY;
}
ret = ldb_search(state->sam_ldb, partitions_basedn, LDB_SCOPE_SUBTREE, ref_filter, ref_attrs, &ref_res);
talloc_steal(state, ref_res);
talloc_free(ref_filter);
if (ret != LDB_SUCCESS) {
return NT_STATUS_INVALID_SYSTEM_SERVICE;
}
if (ref_res->count != 1) {
return NT_STATUS_NO_SUCH_DOMAIN;
}
state->domain_name = ldb_msg_find_attr_as_string(ref_res->msgs[0], "nETBIOSName", NULL);
if (!state->domain_name) {
return NT_STATUS_NO_SUCH_DOMAIN;
}
talloc_steal(state, state->domain_name);
state->domain_dns = ldb_msg_find_attr_as_string(ref_res->msgs[0], "dnsRoot", NULL);
if (!state->domain_dns) {
return NT_STATUS_NO_SUCH_DOMAIN;
}
talloc_steal(state, state->domain_dns);
talloc_free(ref_res);
/* work out the builtin_dn - useful for so many calls its worth
fetching here */
state->builtin_dn = samdb_search_dn(state->sam_ldb, state, state->domain_dn, "(objectClass=builtinDomain)");
if (!state->builtin_dn) {
return NT_STATUS_NO_SUCH_DOMAIN;
}
/* work out the system_dn - useful for so many calls its worth
fetching here */
state->system_dn = samdb_search_dn(state->sam_ldb, state,
state->domain_dn, "(&(objectClass=container)(cn=System))");
if (!state->system_dn) {
return NT_STATUS_NO_SUCH_DOMAIN;
}
state->builtin_sid = dom_sid_parse_talloc(state, SID_BUILTIN);
if (!state->builtin_sid) {
return NT_STATUS_NO_SUCH_DOMAIN;
}
*_state = state;
return NT_STATUS_OK;
}
/*
dssetup_DsRoleGetPrimaryDomainInformation
This is not an LSA call, but is the only call left on the DSSETUP
pipe (after the pipe was truncated), and needs lsa_get_policy_state
*/
static WERROR dssetup_DsRoleGetPrimaryDomainInformation(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct dssetup_DsRoleGetPrimaryDomainInformation *r)
{
union dssetup_DsRoleInfo *info;
info = talloc(mem_ctx, union dssetup_DsRoleInfo);
W_ERROR_HAVE_NO_MEMORY(info);
switch (r->in.level) {
case DS_ROLE_BASIC_INFORMATION:
{
enum dssetup_DsRole role = DS_ROLE_STANDALONE_SERVER;
uint32_t flags = 0;
const char *domain = NULL;
const char *dns_domain = NULL;
const char *forest = NULL;
struct GUID domain_guid;
struct lsa_policy_state *state;
NTSTATUS status = lsa_get_policy_state(dce_call, mem_ctx, &state);
if (!NT_STATUS_IS_OK(status)) {
return ntstatus_to_werror(status);
}
ZERO_STRUCT(domain_guid);
switch (lp_server_role()) {
case ROLE_STANDALONE:
role = DS_ROLE_STANDALONE_SERVER;
break;
case ROLE_DOMAIN_MEMBER:
role = DS_ROLE_MEMBER_SERVER;
break;
case ROLE_DOMAIN_BDC:
role = DS_ROLE_BACKUP_DC;
break;
case ROLE_DOMAIN_PDC:
role = DS_ROLE_PRIMARY_DC;
break;
}
switch (lp_server_role()) {
case ROLE_STANDALONE:
domain = talloc_strdup(mem_ctx, lp_workgroup());
W_ERROR_HAVE_NO_MEMORY(domain);
break;
case ROLE_DOMAIN_MEMBER:
domain = talloc_strdup(mem_ctx, lp_workgroup());
W_ERROR_HAVE_NO_MEMORY(domain);
/* TODO: what is with dns_domain and forest and guid? */
break;
case ROLE_DOMAIN_BDC:
case ROLE_DOMAIN_PDC:
flags = DS_ROLE_PRIMARY_DS_RUNNING;
if (state->mixed_domain == 1) {
flags |= DS_ROLE_PRIMARY_DS_MIXED_MODE;
}
domain = state->domain_name;
dns_domain = state->domain_dns;
forest = state->domain_dns;
domain_guid = state->domain_guid;
flags |= DS_ROLE_PRIMARY_DOMAIN_GUID_PRESENT;
break;
}
info->basic.role = role;
info->basic.flags = flags;
info->basic.domain = domain;
info->basic.dns_domain = dns_domain;
info->basic.forest = forest;
info->basic.domain_guid = domain_guid;
r->out.info = info;
return WERR_OK;
}
case DS_ROLE_UPGRADE_STATUS:
{
info->upgrade.upgrading = DS_ROLE_NOT_UPGRADING;
info->upgrade.previous_role = DS_ROLE_PREVIOUS_UNKNOWN;
r->out.info = info;
return WERR_OK;
}
case DS_ROLE_OP_STATUS:
{
info->opstatus.status = DS_ROLE_OP_IDLE;
r->out.info = info;
return WERR_OK;
}
default:
return WERR_INVALID_PARAM;
}
return WERR_INVALID_PARAM;
}
/*
lsa_OpenPolicy2
*/
static NTSTATUS lsa_OpenPolicy2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_OpenPolicy2 *r)
{
NTSTATUS status;
struct lsa_policy_state *state;
struct dcesrv_handle *handle;
ZERO_STRUCTP(r->out.handle);
status = lsa_get_policy_state(dce_call, mem_ctx, &state);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
handle = dcesrv_handle_new(dce_call->context, LSA_HANDLE_POLICY);
if (!handle) {
return NT_STATUS_NO_MEMORY;
}
handle->data = talloc_steal(handle, state);
state->access_mask = r->in.access_mask;
state->handle = handle;
*r->out.handle = handle->wire_handle;
/* note that we have completely ignored the attr element of
the OpenPolicy. As far as I can tell, this is what w2k3
does */
return NT_STATUS_OK;
}
/*
lsa_OpenPolicy
a wrapper around lsa_OpenPolicy2
*/
static NTSTATUS lsa_OpenPolicy(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_OpenPolicy *r)
{
struct lsa_OpenPolicy2 r2;
r2.in.system_name = NULL;
r2.in.attr = r->in.attr;
r2.in.access_mask = r->in.access_mask;
r2.out.handle = r->out.handle;
return lsa_OpenPolicy2(dce_call, mem_ctx, &r2);
}
/*
fill in the AccountDomain info
*/
static NTSTATUS lsa_info_AccountDomain(struct lsa_policy_state *state, TALLOC_CTX *mem_ctx,
struct lsa_DomainInfo *info)
{
info->name.string = state->domain_name;
info->sid = state->domain_sid;
return NT_STATUS_OK;
}
/*
fill in the DNS domain info
*/
static NTSTATUS lsa_info_DNS(struct lsa_policy_state *state, TALLOC_CTX *mem_ctx,
struct lsa_DnsDomainInfo *info)
{
info->name.string = state->domain_name;
info->sid = state->domain_sid;
info->dns_domain.string = state->domain_dns;
info->dns_forest.string = state->domain_dns;
info->domain_guid = state->domain_guid;
return NT_STATUS_OK;
}
/*
lsa_QueryInfoPolicy2
*/
static NTSTATUS lsa_QueryInfoPolicy2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_QueryInfoPolicy2 *r)
{
struct lsa_policy_state *state;
struct dcesrv_handle *h;
r->out.info = NULL;
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
state = h->data;
r->out.info = talloc(mem_ctx, union lsa_PolicyInformation);
if (!r->out.info) {
return NT_STATUS_NO_MEMORY;
}
ZERO_STRUCTP(r->out.info);
switch (r->in.level) {
case LSA_POLICY_INFO_DOMAIN:
case LSA_POLICY_INFO_ACCOUNT_DOMAIN:
return lsa_info_AccountDomain(state, mem_ctx, &r->out.info->account_domain);
case LSA_POLICY_INFO_DNS:
return lsa_info_DNS(state, mem_ctx, &r->out.info->dns);
}
return NT_STATUS_INVALID_INFO_CLASS;
}
/*
lsa_QueryInfoPolicy
*/
static NTSTATUS lsa_QueryInfoPolicy(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_QueryInfoPolicy *r)
{
struct lsa_QueryInfoPolicy2 r2;
NTSTATUS status;
r2.in.handle = r->in.handle;
r2.in.level = r->in.level;
status = lsa_QueryInfoPolicy2(dce_call, mem_ctx, &r2);
r->out.info = r2.out.info;
return status;
}
/*
lsa_SetInfoPolicy
*/
static NTSTATUS lsa_SetInfoPolicy(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_SetInfoPolicy *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_ClearAuditLog
*/
static NTSTATUS lsa_ClearAuditLog(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_ClearAuditLog *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_CreateAccount
*/
static NTSTATUS lsa_CreateAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CreateAccount *r)
{
struct lsa_account_state *astate;
struct lsa_policy_state *state;
struct dcesrv_handle *h, *ah;
ZERO_STRUCTP(r->out.acct_handle);
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
state = h->data;
astate = talloc(dce_call->conn, struct lsa_account_state);
if (astate == NULL) {
return NT_STATUS_NO_MEMORY;
}
astate->account_sid = dom_sid_dup(astate, r->in.sid);
if (astate->account_sid == NULL) {
talloc_free(astate);
return NT_STATUS_NO_MEMORY;
}
astate->policy = talloc_reference(astate, state);
astate->access_mask = r->in.access_mask;
ah = dcesrv_handle_new(dce_call->context, LSA_HANDLE_ACCOUNT);
if (!ah) {
talloc_free(astate);
return NT_STATUS_NO_MEMORY;
}
ah->data = talloc_steal(ah, astate);
*r->out.acct_handle = ah->wire_handle;
return NT_STATUS_OK;
}
/*
lsa_EnumAccounts
*/
static NTSTATUS lsa_EnumAccounts(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_EnumAccounts *r)
{
struct dcesrv_handle *h;
struct lsa_policy_state *state;
int ret, i;
struct ldb_message **res;
const char * const attrs[] = { "objectSid", NULL};
uint32_t count;
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
state = h->data;
/* NOTE: This call must only return accounts that have at least
one privilege set
*/
ret = gendb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs,
"(&(objectSid=*)(privilege=*))");
if (ret < 0) {
return NT_STATUS_NO_SUCH_USER;
}
if (*r->in.resume_handle >= ret) {
return NT_STATUS_NO_MORE_ENTRIES;
}
count = ret - *r->in.resume_handle;
if (count > r->in.num_entries) {
count = r->in.num_entries;
}
if (count == 0) {
return NT_STATUS_NO_MORE_ENTRIES;
}
r->out.sids->sids = talloc_array(r->out.sids, struct lsa_SidPtr, count);
if (r->out.sids->sids == NULL) {
return NT_STATUS_NO_MEMORY;
}
for (i=0;i<count;i++) {
r->out.sids->sids[i].sid =
samdb_result_dom_sid(r->out.sids->sids,
res[i + *r->in.resume_handle],
"objectSid");
NT_STATUS_HAVE_NO_MEMORY(r->out.sids->sids[i].sid);
}
r->out.sids->num_sids = count;
*r->out.resume_handle = count + *r->in.resume_handle;
return NT_STATUS_OK;
}
/*
lsa_CreateTrustedDomainEx2
*/
static NTSTATUS lsa_CreateTrustedDomainEx2(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_CreateTrustedDomainEx2 *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_CreateTrustedDomainEx
*/
static NTSTATUS lsa_CreateTrustedDomainEx(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_CreateTrustedDomainEx *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_CreateTrustedDomain
*/
static NTSTATUS lsa_CreateTrustedDomain(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CreateTrustedDomain *r)
{
struct dcesrv_handle *policy_handle;
struct lsa_policy_state *policy_state;
struct lsa_trusted_domain_state *trusted_domain_state;
struct dcesrv_handle *handle;
struct ldb_message **msgs, *msg;
const char *attrs[] = {
NULL
};
const char *name;
int ret;
DCESRV_PULL_HANDLE(policy_handle, r->in.handle, LSA_HANDLE_POLICY);
ZERO_STRUCTP(r->out.trustdom_handle);
policy_state = policy_handle->data;
if (!r->in.info->name.string) {
return NT_STATUS_INVALID_PARAMETER;
}
name = r->in.info->name.string;
trusted_domain_state = talloc(mem_ctx, struct lsa_trusted_domain_state);
if (!trusted_domain_state) {
return NT_STATUS_NO_MEMORY;
}
trusted_domain_state->policy = policy_state;
msg = ldb_msg_new(mem_ctx);
if (msg == NULL) {
return NT_STATUS_NO_MEMORY;
}
/* search for the trusted_domain record */
ret = gendb_search(trusted_domain_state->policy->sam_ldb,
mem_ctx, policy_state->system_dn, &msgs, attrs,
"(&(cn=%s)(objectclass=trustedDomain))",
ldb_binary_encode_string(mem_ctx, r->in.info->name.string));
if (ret > 0) {
return NT_STATUS_OBJECT_NAME_COLLISION;
}
if (ret < 0 || ret > 1) {
DEBUG(0,("Found %d records matching DN %s\n", ret,
ldb_dn_linearize(mem_ctx, policy_state->system_dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
msg->dn = ldb_dn_build_child(mem_ctx, "cn",
r->in.info->name.string,
policy_state->system_dn);
if (!msg->dn) {
return NT_STATUS_NO_MEMORY;
}
samdb_msg_add_string(trusted_domain_state->policy->sam_ldb, mem_ctx, msg, "cn", name);
samdb_msg_add_string(trusted_domain_state->policy->sam_ldb, mem_ctx, msg, "flatname", name);
if (r->in.info->sid) {
const char *sid_string = dom_sid_string(mem_ctx, r->in.info->sid);
if (!sid_string) {
return NT_STATUS_NO_MEMORY;
}
samdb_msg_add_string(trusted_domain_state->policy->sam_ldb, mem_ctx, msg, "securityIdentifier", sid_string);
}
samdb_msg_add_string(trusted_domain_state->policy->sam_ldb, mem_ctx, msg, "objectClass", "trustedDomain");
trusted_domain_state->trusted_domain_dn = talloc_reference(trusted_domain_state, msg->dn);
/* create the trusted_domain */
ret = ldb_add(trusted_domain_state->policy->sam_ldb, msg);
if (ret != LDB_SUCCESS) {
DEBUG(0,("Failed to create trusted_domain record %s: %s\n",
ldb_dn_linearize(mem_ctx, msg->dn), ldb_errstring(trusted_domain_state->policy->sam_ldb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
handle = dcesrv_handle_new(dce_call->context, LSA_HANDLE_TRUSTED_DOMAIN);
if (!handle) {
return NT_STATUS_NO_MEMORY;
}
handle->data = talloc_steal(handle, trusted_domain_state);
trusted_domain_state->access_mask = r->in.access_mask;
trusted_domain_state->policy = talloc_reference(trusted_domain_state, policy_state);
*r->out.trustdom_handle = handle->wire_handle;
return NT_STATUS_OK;
}
/*
lsa_OpenTrustedDomain
*/
static NTSTATUS lsa_OpenTrustedDomain(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_OpenTrustedDomain *r)
{
struct dcesrv_handle *policy_handle;
struct lsa_policy_state *policy_state;
struct lsa_trusted_domain_state *trusted_domain_state;
struct dcesrv_handle *handle;
struct ldb_message **msgs;
const char *attrs[] = {
NULL
};
const char *sid_string;
int ret;
DCESRV_PULL_HANDLE(policy_handle, r->in.handle, LSA_HANDLE_POLICY);
ZERO_STRUCTP(r->out.trustdom_handle);
policy_state = policy_handle->data;
trusted_domain_state = talloc(mem_ctx, struct lsa_trusted_domain_state);
if (!trusted_domain_state) {
return NT_STATUS_NO_MEMORY;
}
trusted_domain_state->policy = policy_state;
sid_string = dom_sid_string(mem_ctx, r->in.sid);
if (!sid_string) {
return NT_STATUS_NO_MEMORY;
}
/* search for the trusted_domain record */
ret = gendb_search(trusted_domain_state->policy->sam_ldb,
mem_ctx, policy_state->system_dn, &msgs, attrs,
"(&(securityIdentifier=%s)(objectclass=trustedDomain))",
sid_string);
if (ret == 0) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
if (ret != 1) {
DEBUG(0,("Found %d records matching DN %s\n", ret,
ldb_dn_linearize(mem_ctx, policy_state->system_dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
trusted_domain_state->trusted_domain_dn = talloc_reference(trusted_domain_state, msgs[0]->dn);
handle = dcesrv_handle_new(dce_call->context, LSA_HANDLE_TRUSTED_DOMAIN);
if (!handle) {
return NT_STATUS_NO_MEMORY;
}
handle->data = talloc_steal(handle, trusted_domain_state);
trusted_domain_state->access_mask = r->in.access_mask;
trusted_domain_state->policy = talloc_reference(trusted_domain_state, policy_state);
*r->out.trustdom_handle = handle->wire_handle;
return NT_STATUS_OK;
}
/*
lsa_OpenTrustedDomainByName
*/
static NTSTATUS lsa_OpenTrustedDomainByName(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_OpenTrustedDomainByName *r)
{
struct dcesrv_handle *policy_handle;
struct lsa_policy_state *policy_state;
struct lsa_trusted_domain_state *trusted_domain_state;
struct dcesrv_handle *handle;
struct ldb_message **msgs;
const char *attrs[] = {
NULL
};
int ret;
DCESRV_PULL_HANDLE(policy_handle, r->in.handle, LSA_HANDLE_POLICY);
ZERO_STRUCTP(r->out.trustdom_handle);
policy_state = policy_handle->data;
if (!r->in.name.string) {
return NT_STATUS_INVALID_PARAMETER;
}
trusted_domain_state = talloc(mem_ctx, struct lsa_trusted_domain_state);
if (!trusted_domain_state) {
return NT_STATUS_NO_MEMORY;
}
trusted_domain_state->policy = policy_state;
/* search for the trusted_domain record */
ret = gendb_search(trusted_domain_state->policy->sam_ldb,
mem_ctx, policy_state->system_dn, &msgs, attrs,
"(&(flatname=%s)(objectclass=trustedDomain))",
ldb_binary_encode_string(mem_ctx, r->in.name.string));
if (ret == 0) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
if (ret != 1) {
DEBUG(0,("Found %d records matching DN %s\n", ret,
ldb_dn_linearize(mem_ctx, policy_state->system_dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
trusted_domain_state->trusted_domain_dn = talloc_reference(trusted_domain_state, msgs[0]->dn);
handle = dcesrv_handle_new(dce_call->context, LSA_HANDLE_TRUSTED_DOMAIN);
if (!handle) {
return NT_STATUS_NO_MEMORY;
}
handle->data = talloc_steal(handle, trusted_domain_state);
trusted_domain_state->access_mask = r->in.access_mask;
trusted_domain_state->policy = talloc_reference(trusted_domain_state, policy_state);
*r->out.trustdom_handle = handle->wire_handle;
return NT_STATUS_OK;
}
/*
lsa_SetTrustedDomainInfo
*/
static NTSTATUS lsa_SetTrustedDomainInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_SetTrustedDomainInfo *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_SetInfomrationTrustedDomain
*/
static NTSTATUS lsa_SetInformationTrustedDomain(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_SetInformationTrustedDomain *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_DeleteTrustedDomain
*/
static NTSTATUS lsa_DeleteTrustedDomain(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_DeleteTrustedDomain *r)
{
NTSTATUS status;
struct lsa_OpenTrustedDomain open;
struct lsa_Delete delete;
struct dcesrv_handle *h;
open.in.handle = r->in.handle;
open.in.sid = r->in.dom_sid;
open.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
open.out.trustdom_handle = talloc(mem_ctx, struct policy_handle);
if (!open.out.trustdom_handle) {
return NT_STATUS_NO_MEMORY;
}
status = lsa_OpenTrustedDomain(dce_call, mem_ctx, &open);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
DCESRV_PULL_HANDLE(h, open.out.trustdom_handle, DCESRV_HANDLE_ANY);
talloc_steal(mem_ctx, h);
delete.in.handle = open.out.trustdom_handle;
status = lsa_Delete(dce_call, mem_ctx, &delete);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
return NT_STATUS_OK;
}
static NTSTATUS fill_trust_domain_ex(TALLOC_CTX *mem_ctx,
struct ldb_message *msg,
struct lsa_TrustDomainInfoInfoEx *info_ex)
{
info_ex->domain_name.string
= ldb_msg_find_attr_as_string(msg, "trustPartner", NULL);
info_ex->netbios_name.string
= ldb_msg_find_attr_as_string(msg, "flatname", NULL);
info_ex->sid
= samdb_result_dom_sid(mem_ctx, msg, "securityIdentifier");
info_ex->trust_direction
= ldb_msg_find_attr_as_int(msg, "trustDirection", 0);
info_ex->trust_type
= ldb_msg_find_attr_as_int(msg, "trustType", 0);
info_ex->trust_attributes
= ldb_msg_find_attr_as_int(msg, "trustAttributes", 0);
return NT_STATUS_OK;
}
/*
lsa_QueryTrustedDomainInfo
*/
static NTSTATUS lsa_QueryTrustedDomainInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_QueryTrustedDomainInfo *r)
{
struct dcesrv_handle *h;
struct lsa_trusted_domain_state *trusted_domain_state;
struct ldb_message *msg;
int ret;
struct ldb_message **res;
const char *attrs[] = {
"flatname",
"trustPartner",
"securityIdentifier",
"trustDirection",
"trustType",
"trustAttributes",
NULL
};
DCESRV_PULL_HANDLE(h, r->in.trustdom_handle, LSA_HANDLE_TRUSTED_DOMAIN);
trusted_domain_state = h->data;
/* pull all the user attributes */
ret = gendb_search_dn(trusted_domain_state->policy->sam_ldb, mem_ctx,
trusted_domain_state->trusted_domain_dn, &res, attrs);
if (ret != 1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
msg = res[0];
r->out.info = talloc(mem_ctx, union lsa_TrustedDomainInfo);
if (!r->out.info) {
return NT_STATUS_NO_MEMORY;
}
switch (r->in.level) {
case LSA_TRUSTED_DOMAIN_INFO_NAME:
r->out.info->name.netbios_name.string
= samdb_result_string(msg, "flatname", NULL);
break;
case LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET:
r->out.info->posix_offset.posix_offset
= samdb_result_uint(msg, "posixOffset", 0);
break;
#if 0 /* Win2k3 doesn't implement this */
case LSA_TRUSTED_DOMAIN_INFO_BASIC:
r->out.info->info_basic.netbios_name.string
= ldb_msg_find_attr_as_string(msg, "flatname", NULL);
r->out.info->info_basic.sid
= samdb_result_dom_sid(mem_ctx, msg, "securityIdentifier");
break;
#endif
case LSA_TRUSTED_DOMAIN_INFO_INFO_EX:
return fill_trust_domain_ex(mem_ctx, msg, &r->out.info->info_ex);
case LSA_TRUSTED_DOMAIN_INFO_FULL_INFO:
ZERO_STRUCT(r->out.info->full_info);
return fill_trust_domain_ex(mem_ctx, msg, &r->out.info->full_info.info_ex);
case LSA_TRUSTED_DOMAIN_INFO_INFO_ALL:
ZERO_STRUCT(r->out.info->info_all);
return fill_trust_domain_ex(mem_ctx, msg, &r->out.info->info_all.info_ex);
case LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS_INFO:
case LSA_TRUSTED_DOMAIN_INFO_11:
/* oops, we don't want to return the info after all */
talloc_free(r->out.info);
r->out.info = NULL;
return NT_STATUS_INVALID_PARAMETER;
default:
/* oops, we don't want to return the info after all */
talloc_free(r->out.info);
r->out.info = NULL;
return NT_STATUS_INVALID_INFO_CLASS;
}
return NT_STATUS_OK;
}
/*
lsa_QueryTrustedDomainInfoBySid
*/
static NTSTATUS lsa_QueryTrustedDomainInfoBySid(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_QueryTrustedDomainInfoBySid *r)
{
NTSTATUS status;
struct lsa_OpenTrustedDomain open;
struct lsa_QueryTrustedDomainInfo query;
struct dcesrv_handle *h;
open.in.handle = r->in.handle;
open.in.sid = r->in.dom_sid;
open.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
open.out.trustdom_handle = talloc(mem_ctx, struct policy_handle);
if (!open.out.trustdom_handle) {
return NT_STATUS_NO_MEMORY;
}
status = lsa_OpenTrustedDomain(dce_call, mem_ctx, &open);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
/* Ensure this handle goes away at the end of this call */
DCESRV_PULL_HANDLE(h, open.out.trustdom_handle, DCESRV_HANDLE_ANY);
talloc_steal(mem_ctx, h);
query.in.trustdom_handle = open.out.trustdom_handle;
query.in.level = r->in.level;
status = lsa_QueryTrustedDomainInfo(dce_call, mem_ctx, &query);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
r->out.info = query.out.info;
return NT_STATUS_OK;
}
/*
lsa_SetTrustedDomainInfoByName
*/
static NTSTATUS lsa_SetTrustedDomainInfoByName(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_SetTrustedDomainInfoByName *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_QueryTrustedDomainInfoByName
*/
static NTSTATUS lsa_QueryTrustedDomainInfoByName(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_QueryTrustedDomainInfoByName *r)
{
NTSTATUS status;
struct lsa_OpenTrustedDomainByName open;
struct lsa_QueryTrustedDomainInfo query;
struct dcesrv_handle *h;
open.in.handle = r->in.handle;
open.in.name = r->in.trusted_domain;
open.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
open.out.trustdom_handle = talloc(mem_ctx, struct policy_handle);
if (!open.out.trustdom_handle) {
return NT_STATUS_NO_MEMORY;
}
status = lsa_OpenTrustedDomainByName(dce_call, mem_ctx, &open);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
/* Ensure this handle goes away at the end of this call */
DCESRV_PULL_HANDLE(h, open.out.trustdom_handle, DCESRV_HANDLE_ANY);
talloc_steal(mem_ctx, h);
query.in.trustdom_handle = open.out.trustdom_handle;
query.in.level = r->in.level;
status = lsa_QueryTrustedDomainInfo(dce_call, mem_ctx, &query);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
r->out.info = query.out.info;
return NT_STATUS_OK;
}
/*
lsa_CloseTrustedDomainEx
*/
static NTSTATUS lsa_CloseTrustedDomainEx(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_CloseTrustedDomainEx *r)
{
/* The result of a bad hair day from an IDL programmer? Not
* implmented in Win2k3. You should always just lsa_Close
* anyway. */
return NT_STATUS_NOT_IMPLEMENTED;
}
/*
comparison function for sorting lsa_DomainInformation array
*/
static int compare_DomainInfo(struct lsa_DomainInfo *e1, struct lsa_DomainInfo *e2)
{
return strcasecmp_m(e1->name.string, e2->name.string);
}
/*
lsa_EnumTrustDom
*/
static NTSTATUS lsa_EnumTrustDom(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_EnumTrustDom *r)
{
struct dcesrv_handle *policy_handle;
struct lsa_DomainInfo *entries;
struct lsa_policy_state *policy_state;
struct ldb_message **domains;
const char *attrs[] = {
"flatname",
"securityIdentifier",
NULL
};
int count, i;
*r->out.resume_handle = 0;
r->out.domains->domains = NULL;
r->out.domains->count = 0;
DCESRV_PULL_HANDLE(policy_handle, r->in.handle, LSA_HANDLE_POLICY);
policy_state = policy_handle->data;
/* search for all users in this domain. This could possibly be cached and
resumed based on resume_key */
count = gendb_search(policy_state->sam_ldb, mem_ctx, policy_state->system_dn, &domains, attrs,
"objectclass=trustedDomain");
if (count == -1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
if (count == 0 || r->in.max_size == 0) {
return NT_STATUS_OK;
}
/* convert to lsa_TrustInformation format */
entries = talloc_array(mem_ctx, struct lsa_DomainInfo, count);
if (!entries) {
return NT_STATUS_NO_MEMORY;
}
for (i=0;i<count;i++) {
entries[i].sid = samdb_result_dom_sid(mem_ctx, domains[i], "securityIdentifier");
entries[i].name.string = samdb_result_string(domains[i], "flatname", NULL);
}
/* sort the results by name */
qsort(entries, count, sizeof(*entries),
(comparison_fn_t)compare_DomainInfo);
if (*r->in.resume_handle >= count) {
*r->out.resume_handle = -1;
return NT_STATUS_NO_MORE_ENTRIES;
}
/* return the rest, limit by max_size. Note that we
use the w2k3 element size value of 60 */
r->out.domains->count = count - *r->in.resume_handle;
r->out.domains->count = MIN(r->out.domains->count,
1+(r->in.max_size/LSA_ENUM_TRUST_DOMAIN_MULTIPLIER));
r->out.domains->domains = entries + *r->in.resume_handle;
r->out.domains->count = r->out.domains->count;
if (r->out.domains->count < count - *r->in.resume_handle) {
*r->out.resume_handle = *r->in.resume_handle + r->out.domains->count;
return STATUS_MORE_ENTRIES;
}
return NT_STATUS_OK;
}
/*
comparison function for sorting lsa_DomainInformation array
*/
static int compare_TrustDomainInfoInfoEx(struct lsa_TrustDomainInfoInfoEx *e1, struct lsa_TrustDomainInfoInfoEx *e2)
{
return strcasecmp_m(e1->netbios_name.string, e2->netbios_name.string);
}
/*
lsa_EnumTrustedDomainsEx
*/
static NTSTATUS lsa_EnumTrustedDomainsEx(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_EnumTrustedDomainsEx *r)
{
struct dcesrv_handle *policy_handle;
struct lsa_TrustDomainInfoInfoEx *entries;
struct lsa_policy_state *policy_state;
struct ldb_message **domains;
const char *attrs[] = {
"flatname",
"trustPartner",
"securityIdentifier",
"trustDirection",
"trustType",
"trustAttributes",
NULL
};
NTSTATUS nt_status;
int count, i;
*r->out.resume_handle = 0;
r->out.domains->domains = NULL;
r->out.domains->count = 0;
DCESRV_PULL_HANDLE(policy_handle, r->in.handle, LSA_HANDLE_POLICY);
policy_state = policy_handle->data;
/* search for all users in this domain. This could possibly be cached and
resumed based on resume_key */
count = gendb_search(policy_state->sam_ldb, mem_ctx, policy_state->system_dn, &domains, attrs,
"objectclass=trustedDomain");
if (count == -1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
if (count == 0 || r->in.max_size == 0) {
return NT_STATUS_OK;
}
/* convert to lsa_DomainInformation format */
entries = talloc_array(mem_ctx, struct lsa_TrustDomainInfoInfoEx, count);
if (!entries) {
return NT_STATUS_NO_MEMORY;
}
for (i=0;i<count;i++) {
nt_status = fill_trust_domain_ex(mem_ctx, domains[i], &entries[i]);
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
}
}
/* sort the results by name */
qsort(entries, count, sizeof(*entries),
(comparison_fn_t)compare_TrustDomainInfoInfoEx);
if (*r->in.resume_handle >= count) {
*r->out.resume_handle = -1;
return NT_STATUS_NO_MORE_ENTRIES;
}
/* return the rest, limit by max_size. Note that we
use the w2k3 element size value of 60 */
r->out.domains->count = count - *r->in.resume_handle;
r->out.domains->count = MIN(r->out.domains->count,
1+(r->in.max_size/LSA_ENUM_TRUST_DOMAIN_EX_MULTIPLIER));
r->out.domains->domains = entries + *r->in.resume_handle;
r->out.domains->count = r->out.domains->count;
if (r->out.domains->count < count - *r->in.resume_handle) {
*r->out.resume_handle = *r->in.resume_handle + r->out.domains->count;
return STATUS_MORE_ENTRIES;
}
return NT_STATUS_OK;
}
/*
return the authority name and authority sid, given a sid
*/
static NTSTATUS lsa_authority_name(struct lsa_policy_state *state,
TALLOC_CTX *mem_ctx, struct dom_sid *sid,
const char **authority_name,
struct dom_sid **authority_sid)
{
if (dom_sid_in_domain(state->domain_sid, sid)) {
*authority_name = state->domain_name;
*authority_sid = state->domain_sid;
return NT_STATUS_OK;
}
if (dom_sid_in_domain(state->builtin_sid, sid)) {
*authority_name = "BUILTIN";
*authority_sid = state->builtin_sid;
return NT_STATUS_OK;
}
*authority_sid = dom_sid_dup(mem_ctx, sid);
if (*authority_sid == NULL) {
return NT_STATUS_NO_MEMORY;
}
(*authority_sid)->num_auths = 0;
*authority_name = dom_sid_string(mem_ctx, *authority_sid);
if (*authority_name == NULL) {
return NT_STATUS_NO_MEMORY;
}
return NT_STATUS_OK;
}
/*
add to the lsa_RefDomainList for LookupSids and LookupNames
*/
static NTSTATUS lsa_authority_list(struct lsa_policy_state *state, TALLOC_CTX *mem_ctx,
struct dom_sid *sid,
struct lsa_RefDomainList *domains,
uint32_t *sid_index)
{
NTSTATUS status;
const char *authority_name;
struct dom_sid *authority_sid;
int i;
/* work out the authority name */
status = lsa_authority_name(state, mem_ctx, sid,
&authority_name, &authority_sid);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
/* see if we've already done this authority name */
for (i=0;i<domains->count;i++) {
if (strcmp(authority_name, domains->domains[i].name.string) == 0) {
*sid_index = i;
return NT_STATUS_OK;
}
}
domains->domains = talloc_realloc(domains,
domains->domains,
struct lsa_DomainInfo,
domains->count+1);
if (domains->domains == NULL) {
return NT_STATUS_NO_MEMORY;
}
domains->domains[i].name.string = authority_name;
domains->domains[i].sid = authority_sid;
domains->count++;
domains->max_size = LSA_REF_DOMAIN_LIST_MULTIPLIER * domains->count;
*sid_index = i;
return NT_STATUS_OK;
}
/*
lookup a name for 1 SID
*/
static NTSTATUS lsa_lookup_sid(struct lsa_policy_state *state, TALLOC_CTX *mem_ctx,
struct dom_sid *sid, const char *sid_str,
const char **name, uint32_t *atype)
{
int ret;
struct ldb_message **res;
const char * const attrs[] = { "sAMAccountName", "sAMAccountType", "name", NULL};
NTSTATUS status;
ret = gendb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs,
"objectSid=%s", ldap_encode_ndr_dom_sid(mem_ctx, sid));
if (ret == 1) {
*name = ldb_msg_find_attr_as_string(res[0], "sAMAccountName", NULL);
if (!*name) {
*name = ldb_msg_find_attr_as_string(res[0], "name", NULL);
if (!*name) {
*name = talloc_strdup(mem_ctx, sid_str);
NT_STATUS_HAVE_NO_MEMORY(*name);
}
}
*atype = samdb_result_uint(res[0], "sAMAccountType", 0);
return NT_STATUS_OK;
}
status = sidmap_allocated_sid_lookup(state->sidmap, mem_ctx, sid, name, atype);
return status;
}
/*
lsa_LookupSids2
*/
static NTSTATUS lsa_LookupSids2(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_LookupSids2 *r)
{
struct lsa_policy_state *state;
int i;
NTSTATUS status = NT_STATUS_OK;
r->out.domains = NULL;
status = lsa_get_policy_state(dce_call, mem_ctx, &state);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
r->out.domains = talloc_zero(mem_ctx, struct lsa_RefDomainList);
if (r->out.domains == NULL) {
return NT_STATUS_NO_MEMORY;
}
r->out.names = talloc_zero(mem_ctx, struct lsa_TransNameArray2);
if (r->out.names == NULL) {
return NT_STATUS_NO_MEMORY;
}
*r->out.count = 0;
r->out.names->names = talloc_array(r->out.names, struct lsa_TranslatedName2,
r->in.sids->num_sids);
if (r->out.names->names == NULL) {
return NT_STATUS_NO_MEMORY;
}
for (i=0;i<r->in.sids->num_sids;i++) {
struct dom_sid *sid = r->in.sids->sids[i].sid;
char *sid_str = dom_sid_string(mem_ctx, sid);
const char *name;
uint32_t atype, rtype, sid_index;
NTSTATUS status2;
r->out.names->count++;
(*r->out.count)++;
r->out.names->names[i].sid_type = SID_NAME_UNKNOWN;
r->out.names->names[i].name.string = sid_str;
r->out.names->names[i].sid_index = 0xFFFFFFFF;
r->out.names->names[i].unknown = 0;
if (sid_str == NULL) {
r->out.names->names[i].name.string = "(SIDERROR)";
status = STATUS_SOME_UNMAPPED;
continue;
}
/* work out the authority name */
status2 = lsa_authority_list(state, mem_ctx, sid, r->out.domains, &sid_index);
if (!NT_STATUS_IS_OK(status2)) {
return status2;
}
status2 = lsa_lookup_sid(state, mem_ctx, sid, sid_str,
&name, &atype);
if (!NT_STATUS_IS_OK(status2)) {
status = STATUS_SOME_UNMAPPED;
continue;
}
rtype = samdb_atype_map(atype);
if (rtype == SID_NAME_UNKNOWN) {
status = STATUS_SOME_UNMAPPED;
continue;
}
r->out.names->names[i].sid_type = rtype;
r->out.names->names[i].name.string = name;
r->out.names->names[i].sid_index = sid_index;
r->out.names->names[i].unknown = 0;
}
return status;
}
/*
lsa_LookupSids3
Identical to LookupSids2, but doesn't take a policy handle
*/
static NTSTATUS lsa_LookupSids3(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_LookupSids3 *r)
{
struct lsa_LookupSids2 r2;
struct lsa_OpenPolicy2 pol;
NTSTATUS status;
struct dcesrv_handle *h;
/* No policy handle on the wire, so make one up here */
r2.in.handle = talloc(mem_ctx, struct policy_handle);
if (!r2.in.handle) {
return NT_STATUS_NO_MEMORY;
}
pol.out.handle = r2.in.handle;
pol.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
pol.in.attr = NULL;
pol.in.system_name = NULL;
status = lsa_OpenPolicy2(dce_call, mem_ctx, &pol);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
/* ensure this handle goes away at the end of this call */
DCESRV_PULL_HANDLE(h, r2.in.handle, LSA_HANDLE_POLICY);
talloc_steal(mem_ctx, h);
r2.in.sids = r->in.sids;
r2.in.names = r->in.names;
r2.in.level = r->in.level;
r2.in.count = r->in.count;
r2.in.unknown1 = r->in.unknown1;
r2.in.unknown2 = r->in.unknown2;
r2.out.count = r->out.count;
r2.out.names = r->out.names;
status = lsa_LookupSids2(dce_call, mem_ctx, &r2);
if (dce_call->fault_code != 0) {
return status;
}
r->out.domains = r2.out.domains;
r->out.names = r2.out.names;
r->out.count = r2.out.count;
return status;
}
/*
lsa_LookupSids
*/
static NTSTATUS lsa_LookupSids(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LookupSids *r)
{
struct lsa_LookupSids2 r2;
NTSTATUS status;
int i;
r2.in.handle = r->in.handle;
r2.in.sids = r->in.sids;
r2.in.names = NULL;
r2.in.level = r->in.level;
r2.in.count = r->in.count;
r2.in.unknown1 = 0;
r2.in.unknown2 = 0;
r2.out.count = r->out.count;
r2.out.names = NULL;
status = lsa_LookupSids2(dce_call, mem_ctx, &r2);
if (dce_call->fault_code != 0) {
return status;
}
r->out.domains = r2.out.domains;
if (!r2.out.names) {
r->out.names = NULL;
return status;
}
r->out.names = talloc(mem_ctx, struct lsa_TransNameArray);
if (r->out.names == NULL) {
return NT_STATUS_NO_MEMORY;
}
r->out.names->count = r2.out.names->count;
r->out.names->names = talloc_array(r->out.names, struct lsa_TranslatedName,
r->out.names->count);
if (r->out.names->names == NULL) {
return NT_STATUS_NO_MEMORY;
}
for (i=0;i<r->out.names->count;i++) {
r->out.names->names[i].sid_type = r2.out.names->names[i].sid_type;
r->out.names->names[i].name.string = r2.out.names->names[i].name.string;
r->out.names->names[i].sid_index = r2.out.names->names[i].sid_index;
}
return status;
}
/*
lsa_OpenAccount
*/
static NTSTATUS lsa_OpenAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_OpenAccount *r)
{
struct dcesrv_handle *h, *ah;
struct lsa_policy_state *state;
struct lsa_account_state *astate;
ZERO_STRUCTP(r->out.acct_handle);
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
state = h->data;
astate = talloc(dce_call->conn, struct lsa_account_state);
if (astate == NULL) {
return NT_STATUS_NO_MEMORY;
}
astate->account_sid = dom_sid_dup(astate, r->in.sid);
if (astate->account_sid == NULL) {
talloc_free(astate);
return NT_STATUS_NO_MEMORY;
}
astate->policy = talloc_reference(astate, state);
astate->access_mask = r->in.access_mask;
ah = dcesrv_handle_new(dce_call->context, LSA_HANDLE_ACCOUNT);
if (!ah) {
talloc_free(astate);
return NT_STATUS_NO_MEMORY;
}
ah->data = talloc_steal(ah, astate);
*r->out.acct_handle = ah->wire_handle;
return NT_STATUS_OK;
}
/*
lsa_EnumPrivsAccount
*/
static NTSTATUS lsa_EnumPrivsAccount(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_EnumPrivsAccount *r)
{
struct dcesrv_handle *h;
struct lsa_account_state *astate;
int ret, i;
struct ldb_message **res;
const char * const attrs[] = { "privilege", NULL};
struct ldb_message_element *el;
const char *sidstr;
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_ACCOUNT);
astate = h->data;
r->out.privs = talloc(mem_ctx, struct lsa_PrivilegeSet);
r->out.privs->count = 0;
r->out.privs->unknown = 0;
r->out.privs->set = NULL;
sidstr = ldap_encode_ndr_dom_sid(mem_ctx, astate->account_sid);
if (sidstr == NULL) {
return NT_STATUS_NO_MEMORY;
}
ret = gendb_search(astate->policy->sam_ldb, mem_ctx, NULL, &res, attrs,
"objectSid=%s", sidstr);
if (ret != 1) {
return NT_STATUS_OK;
}
el = ldb_msg_find_element(res[0], "privilege");
if (el == NULL || el->num_values == 0) {
return NT_STATUS_OK;
}
r->out.privs->set = talloc_array(r->out.privs,
struct lsa_LUIDAttribute, el->num_values);
if (r->out.privs->set == NULL) {
return NT_STATUS_NO_MEMORY;
}
for (i=0;i<el->num_values;i++) {
int id = sec_privilege_id((const char *)el->values[i].data);
if (id == -1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
r->out.privs->set[i].attribute = 0;
r->out.privs->set[i].luid.low = id;
r->out.privs->set[i].luid.high = 0;
}
r->out.privs->count = el->num_values;
return NT_STATUS_OK;
}
/*
lsa_EnumAccountRights
*/
static NTSTATUS lsa_EnumAccountRights(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_EnumAccountRights *r)
{
struct dcesrv_handle *h;
struct lsa_policy_state *state;
int ret, i;
struct ldb_message **res;
const char * const attrs[] = { "privilege", NULL};
const char *sidstr;
struct ldb_message_element *el;
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
state = h->data;
sidstr = ldap_encode_ndr_dom_sid(mem_ctx, r->in.sid);
if (sidstr == NULL) {
return NT_STATUS_NO_MEMORY;
}
ret = gendb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs,
"(&(objectSid=%s)(privilege=*))", sidstr);
if (ret == 0) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
if (ret > 1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
if (ret == -1) {
DEBUG(3, ("searching for account rights for SID: %s failed: %s",
dom_sid_string(mem_ctx, r->in.sid),
ldb_errstring(state->sam_ldb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
el = ldb_msg_find_element(res[0], "privilege");
if (el == NULL || el->num_values == 0) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
r->out.rights->count = el->num_values;
r->out.rights->names = talloc_array(r->out.rights,
struct lsa_StringLarge, r->out.rights->count);
if (r->out.rights->names == NULL) {
return NT_STATUS_NO_MEMORY;
}
for (i=0;i<el->num_values;i++) {
r->out.rights->names[i].string = (const char *)el->values[i].data;
}
return NT_STATUS_OK;
}
/*
helper for lsa_AddAccountRights and lsa_RemoveAccountRights
*/
static NTSTATUS lsa_AddRemoveAccountRights(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_policy_state *state,
int ldb_flag,
struct dom_sid *sid,
const struct lsa_RightSet *rights)
{
const char *sidstr;
struct ldb_message *msg;
struct ldb_message_element *el;
int i, ret;
struct lsa_EnumAccountRights r2;
sidstr = ldap_encode_ndr_dom_sid(mem_ctx, sid);
if (sidstr == NULL) {
return NT_STATUS_NO_MEMORY;
}
msg = ldb_msg_new(mem_ctx);
if (msg == NULL) {
return NT_STATUS_NO_MEMORY;
}
msg->dn = samdb_search_dn(state->sam_ldb, mem_ctx,
NULL, "objectSid=%s", sidstr);
if (msg->dn == NULL) {
NTSTATUS status;
if (ldb_flag == LDB_FLAG_MOD_DELETE) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
status = samdb_create_foreign_security_principal(state->sam_ldb, mem_ctx,
sid, &msg->dn);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
return NT_STATUS_NO_SUCH_USER;
}
if (ldb_msg_add_empty(msg, "privilege", ldb_flag, NULL)) {
return NT_STATUS_NO_MEMORY;
}
if (ldb_flag == LDB_FLAG_MOD_ADD) {
NTSTATUS status;
r2.in.handle = &state->handle->wire_handle;
r2.in.sid = sid;
r2.out.rights = talloc(mem_ctx, struct lsa_RightSet);
status = lsa_EnumAccountRights(dce_call, mem_ctx, &r2);
if (!NT_STATUS_IS_OK(status)) {
ZERO_STRUCTP(r2.out.rights);
}
}
for (i=0;i<rights->count;i++) {
if (sec_privilege_id(rights->names[i].string) == -1) {
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
if (ldb_flag == LDB_FLAG_MOD_ADD) {
int j;
for (j=0;j<r2.out.rights->count;j++) {
if (strcasecmp_m(r2.out.rights->names[j].string,
rights->names[i].string) == 0) {
break;
}
}
if (j != r2.out.rights->count) continue;
}
ret = ldb_msg_add_string(msg, "privilege", rights->names[i].string);
if (ret != LDB_SUCCESS) {
return NT_STATUS_NO_MEMORY;
}
}
el = ldb_msg_find_element(msg, "privilege");
if (!el) {
return NT_STATUS_OK;
}
ret = samdb_modify(state->sam_ldb, mem_ctx, msg);
if (ret != 0) {
if (ldb_flag == LDB_FLAG_MOD_DELETE && ret == LDB_ERR_NO_SUCH_ATTRIBUTE) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
DEBUG(3, ("Could not %s attributes from %s: %s",
ldb_flag == LDB_FLAG_MOD_DELETE ? "delete" : "add",
ldb_dn_linearize(mem_ctx, msg->dn), ldb_errstring(state->sam_ldb)));
return NT_STATUS_UNEXPECTED_IO_ERROR;
}
return NT_STATUS_OK;
}
/*
lsa_AddPrivilegesToAccount
*/
static NTSTATUS lsa_AddPrivilegesToAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_AddPrivilegesToAccount *r)
{
struct lsa_RightSet rights;
struct dcesrv_handle *h;
struct lsa_account_state *astate;
int i;
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_ACCOUNT);
astate = h->data;
rights.count = r->in.privs->count;
rights.names = talloc_array(mem_ctx, struct lsa_StringLarge, rights.count);
if (rights.names == NULL) {
return NT_STATUS_NO_MEMORY;
}
for (i=0;i<rights.count;i++) {
int id = r->in.privs->set[i].luid.low;
if (r->in.privs->set[i].luid.high) {
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
rights.names[i].string = sec_privilege_name(id);
if (rights.names[i].string == NULL) {
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
}
return lsa_AddRemoveAccountRights(dce_call, mem_ctx, astate->policy,
LDB_FLAG_MOD_ADD, astate->account_sid,
&rights);
}
/*
lsa_RemovePrivilegesFromAccount
*/
static NTSTATUS lsa_RemovePrivilegesFromAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_RemovePrivilegesFromAccount *r)
{
struct lsa_RightSet *rights;
struct dcesrv_handle *h;
struct lsa_account_state *astate;
int i;
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_ACCOUNT);
astate = h->data;
rights = talloc(mem_ctx, struct lsa_RightSet);
if (r->in.remove_all == 1 &&
r->in.privs == NULL) {
struct lsa_EnumAccountRights r2;
NTSTATUS status;
r2.in.handle = &astate->policy->handle->wire_handle;
r2.in.sid = astate->account_sid;
r2.out.rights = rights;
status = lsa_EnumAccountRights(dce_call, mem_ctx, &r2);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
return lsa_AddRemoveAccountRights(dce_call, mem_ctx, astate->policy,
LDB_FLAG_MOD_DELETE, astate->account_sid,
r2.out.rights);
}
if (r->in.remove_all != 0) {
return NT_STATUS_INVALID_PARAMETER;
}
rights->count = r->in.privs->count;
rights->names = talloc_array(mem_ctx, struct lsa_StringLarge, rights->count);
if (rights->names == NULL) {
return NT_STATUS_NO_MEMORY;
}
for (i=0;i<rights->count;i++) {
int id = r->in.privs->set[i].luid.low;
if (r->in.privs->set[i].luid.high) {
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
rights->names[i].string = sec_privilege_name(id);
if (rights->names[i].string == NULL) {
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
}
return lsa_AddRemoveAccountRights(dce_call, mem_ctx, astate->policy,
LDB_FLAG_MOD_DELETE, astate->account_sid,
rights);
}
/*
lsa_GetQuotasForAccount
*/
static NTSTATUS lsa_GetQuotasForAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_GetQuotasForAccount *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_SetQuotasForAccount
*/
static NTSTATUS lsa_SetQuotasForAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_SetQuotasForAccount *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_GetSystemAccessAccount
*/
static NTSTATUS lsa_GetSystemAccessAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_GetSystemAccessAccount *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_SetSystemAccessAccount
*/
static NTSTATUS lsa_SetSystemAccessAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_SetSystemAccessAccount *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_CreateSecret
*/
static NTSTATUS lsa_CreateSecret(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CreateSecret *r)
{
struct dcesrv_handle *policy_handle;
struct lsa_policy_state *policy_state;
struct lsa_secret_state *secret_state;
struct dcesrv_handle *handle;
struct ldb_message **msgs, *msg;
const char *errstr;
const char *attrs[] = {
NULL
};
const char *name;
int ret;
DCESRV_PULL_HANDLE(policy_handle, r->in.handle, LSA_HANDLE_POLICY);
ZERO_STRUCTP(r->out.sec_handle);
policy_state = policy_handle->data;
if (!r->in.name.string) {
return NT_STATUS_INVALID_PARAMETER;
}
secret_state = talloc(mem_ctx, struct lsa_secret_state);
if (!secret_state) {
return NT_STATUS_NO_MEMORY;
}
secret_state->policy = policy_state;
msg = ldb_msg_new(mem_ctx);
if (msg == NULL) {
return NT_STATUS_NO_MEMORY;
}
if (strncmp("G$", r->in.name.string, 2) == 0) {
const char *name2;
name = &r->in.name.string[2];
secret_state->sam_ldb = talloc_reference(secret_state, policy_state->sam_ldb);
secret_state->global = True;
if (strlen(name) < 1) {
return NT_STATUS_INVALID_PARAMETER;
}
name2 = talloc_asprintf(mem_ctx, "%s Secret", ldb_binary_encode_string(mem_ctx, name));
/* search for the secret record */
ret = gendb_search(secret_state->sam_ldb,
mem_ctx, policy_state->system_dn, &msgs, attrs,
"(&(cn=%s)(objectclass=secret))",
name2);
if (ret > 0) {
return NT_STATUS_OBJECT_NAME_COLLISION;
}
if (ret == -1) {
DEBUG(0,("Failure searching for CN=%s: %s\n",
name2, ldb_errstring(secret_state->sam_ldb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
msg->dn = ldb_dn_build_child(mem_ctx, "cn", name2, policy_state->system_dn);
if (!name2 || !msg->dn) {
return NT_STATUS_NO_MEMORY;
}
samdb_msg_add_string(secret_state->sam_ldb, mem_ctx, msg, "cn", name2);
} else {
secret_state->global = False;
name = r->in.name.string;
if (strlen(name) < 1) {
return NT_STATUS_INVALID_PARAMETER;
}
secret_state->sam_ldb = talloc_reference(secret_state, secrets_db_connect(mem_ctx));
/* search for the secret record */
ret = gendb_search(secret_state->sam_ldb, mem_ctx,
ldb_dn_explode(mem_ctx, "cn=LSA Secrets"),
&msgs, attrs,
"(&(cn=%s)(objectclass=secret))",
ldb_binary_encode_string(mem_ctx, name));
if (ret > 0) {
return NT_STATUS_OBJECT_NAME_COLLISION;
}
if (ret == -1) {
DEBUG(0,("Failure searching for CN=%s: %s\n",
name, ldb_errstring(secret_state->sam_ldb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
msg->dn = ldb_dn_string_compose(mem_ctx, NULL, "cn=%s,cn=LSA Secrets", name);
samdb_msg_add_string(secret_state->sam_ldb, mem_ctx, msg, "cn", name);
}
/* pull in all the template attributes. Note this is always from the global samdb */
ret = samdb_copy_template(secret_state->policy->sam_ldb, msg,
"(&(cn=TemplateSecret)(objectclass=secretTemplate))", &errstr);
if (ret != 0) {
DEBUG(0,("Failed to load TemplateSecret from samdb: %s\n",
errstr));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
samdb_msg_add_string(secret_state->sam_ldb, mem_ctx, msg, "objectClass", "secret");
secret_state->secret_dn = talloc_reference(secret_state, msg->dn);
/* create the secret */
ret = samdb_add(secret_state->sam_ldb, mem_ctx, msg);
if (ret != 0) {
DEBUG(0,("Failed to create secret record %s: %s\n",
ldb_dn_linearize(mem_ctx, msg->dn),
ldb_errstring(secret_state->sam_ldb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
handle = dcesrv_handle_new(dce_call->context, LSA_HANDLE_SECRET);
if (!handle) {
return NT_STATUS_NO_MEMORY;
}
handle->data = talloc_steal(handle, secret_state);
secret_state->access_mask = r->in.access_mask;
secret_state->policy = talloc_reference(secret_state, policy_state);
*r->out.sec_handle = handle->wire_handle;
return NT_STATUS_OK;
}
/*
lsa_OpenSecret
*/
static NTSTATUS lsa_OpenSecret(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_OpenSecret *r)
{
struct dcesrv_handle *policy_handle;
struct lsa_policy_state *policy_state;
struct lsa_secret_state *secret_state;
struct dcesrv_handle *handle;
struct ldb_message **msgs;
const char *attrs[] = {
NULL
};
const char *name;
int ret;
DCESRV_PULL_HANDLE(policy_handle, r->in.handle, LSA_HANDLE_POLICY);
ZERO_STRUCTP(r->out.sec_handle);
policy_state = policy_handle->data;
if (!r->in.name.string) {
return NT_STATUS_INVALID_PARAMETER;
}
secret_state = talloc(mem_ctx, struct lsa_secret_state);
if (!secret_state) {
return NT_STATUS_NO_MEMORY;
}
secret_state->policy = policy_state;
if (strncmp("G$", r->in.name.string, 2) == 0) {
name = &r->in.name.string[2];
secret_state->sam_ldb = talloc_reference(secret_state, policy_state->sam_ldb);
secret_state->global = True;
if (strlen(name) < 1) {
return NT_STATUS_INVALID_PARAMETER;
}
/* search for the secret record */
ret = gendb_search(secret_state->sam_ldb,
mem_ctx, policy_state->system_dn, &msgs, attrs,
"(&(cn=%s Secret)(objectclass=secret))",
ldb_binary_encode_string(mem_ctx, name));
if (ret == 0) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
if (ret != 1) {
DEBUG(0,("Found %d records matching DN %s\n", ret,
ldb_dn_linearize(mem_ctx, policy_state->system_dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
} else {
secret_state->sam_ldb = talloc_reference(secret_state, secrets_db_connect(mem_ctx));
secret_state->global = False;
name = r->in.name.string;
if (strlen(name) < 1) {
return NT_STATUS_INVALID_PARAMETER;
}
/* search for the secret record */
ret = gendb_search(secret_state->sam_ldb, mem_ctx,
ldb_dn_explode(mem_ctx, "cn=LSA Secrets"),
&msgs, attrs,
"(&(cn=%s)(objectclass=secret))",
ldb_binary_encode_string(mem_ctx, name));
if (ret == 0) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
if (ret != 1) {
DEBUG(0,("Found %d records matching DN %s\n", ret,
ldb_dn_linearize(mem_ctx, policy_state->system_dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
}
secret_state->secret_dn = talloc_reference(secret_state, msgs[0]->dn);
handle = dcesrv_handle_new(dce_call->context, LSA_HANDLE_SECRET);
if (!handle) {
return NT_STATUS_NO_MEMORY;
}
handle->data = talloc_steal(handle, secret_state);
secret_state->access_mask = r->in.access_mask;
secret_state->policy = talloc_reference(secret_state, policy_state);
*r->out.sec_handle = handle->wire_handle;
return NT_STATUS_OK;
}
/*
lsa_SetSecret
*/
static NTSTATUS lsa_SetSecret(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_SetSecret *r)
{
struct dcesrv_handle *h;
struct lsa_secret_state *secret_state;
struct ldb_message *msg;
DATA_BLOB session_key;
DATA_BLOB crypt_secret, secret;
struct ldb_val val;
int ret;
NTSTATUS status = NT_STATUS_OK;
struct timeval now = timeval_current();
NTTIME nt_now = timeval_to_nttime(&now);
DCESRV_PULL_HANDLE(h, r->in.sec_handle, LSA_HANDLE_SECRET);
secret_state = h->data;
msg = ldb_msg_new(mem_ctx);
if (msg == NULL) {
return NT_STATUS_NO_MEMORY;
}
msg->dn = talloc_reference(mem_ctx, secret_state->secret_dn);
if (!msg->dn) {
return NT_STATUS_NO_MEMORY;
}
status = dcesrv_fetch_session_key(dce_call->conn, &session_key);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
if (r->in.old_val) {
/* Decrypt */
crypt_secret.data = r->in.old_val->data;
crypt_secret.length = r->in.old_val->size;
status = sess_decrypt_blob(mem_ctx, &crypt_secret, &session_key, &secret);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
val.data = secret.data;
val.length = secret.length;
/* set value */
if (samdb_msg_add_value(secret_state->sam_ldb,
mem_ctx, msg, "priorValue", &val) != 0) {
return NT_STATUS_NO_MEMORY;
}
/* set old value mtime */
if (samdb_msg_add_uint64(secret_state->sam_ldb,
mem_ctx, msg, "priorSetTime", nt_now) != 0) {
return NT_STATUS_NO_MEMORY;
}
if (!r->in.new_val) {
/* This behaviour varies depending of if this is a local, or a global secret... */
if (secret_state->global) {
/* set old value mtime */
if (samdb_msg_add_uint64(secret_state->sam_ldb,
mem_ctx, msg, "lastSetTime", nt_now) != 0) {
return NT_STATUS_NO_MEMORY;
}
} else {
if (samdb_msg_add_delete(secret_state->sam_ldb,
mem_ctx, msg, "currentValue")) {
return NT_STATUS_NO_MEMORY;
}
if (samdb_msg_add_delete(secret_state->sam_ldb,
mem_ctx, msg, "lastSetTime")) {
return NT_STATUS_NO_MEMORY;
}
}
}
}
if (r->in.new_val) {
/* Decrypt */
crypt_secret.data = r->in.new_val->data;
crypt_secret.length = r->in.new_val->size;
status = sess_decrypt_blob(mem_ctx, &crypt_secret, &session_key, &secret);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
val.data = secret.data;
val.length = secret.length;
/* set value */
if (samdb_msg_add_value(secret_state->sam_ldb,
mem_ctx, msg, "currentValue", &val) != 0) {
return NT_STATUS_NO_MEMORY;
}
/* set new value mtime */
if (samdb_msg_add_uint64(secret_state->sam_ldb,
mem_ctx, msg, "lastSetTime", nt_now) != 0) {
return NT_STATUS_NO_MEMORY;
}
/* If the old value is not set, then migrate the
* current value to the old value */
if (!r->in.old_val) {
const struct ldb_val *new_val;
NTTIME last_set_time;
struct ldb_message **res;
const char *attrs[] = {
"currentValue",
"lastSetTime",
NULL
};
/* search for the secret record */
ret = gendb_search_dn(secret_state->sam_ldb,mem_ctx,
secret_state->secret_dn, &res, attrs);
if (ret == 0) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
if (ret != 1) {
DEBUG(0,("Found %d records matching dn=%s\n", ret,
ldb_dn_linearize(mem_ctx, secret_state->secret_dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
new_val = ldb_msg_find_ldb_val(res[0], "currentValue");
last_set_time = ldb_msg_find_attr_as_uint64(res[0], "lastSetTime", 0);
if (new_val) {
/* set value */
if (samdb_msg_add_value(secret_state->sam_ldb,
mem_ctx, msg, "priorValue",
new_val) != 0) {
return NT_STATUS_NO_MEMORY;
}
}
/* set new value mtime */
if (ldb_msg_find_ldb_val(res[0], "lastSetTime")) {
if (samdb_msg_add_uint64(secret_state->sam_ldb,
mem_ctx, msg, "priorSetTime", last_set_time) != 0) {
return NT_STATUS_NO_MEMORY;
}
}
}
}
/* modify the samdb record */
ret = samdb_replace(secret_state->sam_ldb, mem_ctx, msg);
if (ret != 0) {
/* we really need samdb.c to return NTSTATUS */
return NT_STATUS_UNSUCCESSFUL;
}
return NT_STATUS_OK;
}
/*
lsa_QuerySecret
*/
static NTSTATUS lsa_QuerySecret(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_QuerySecret *r)
{
struct dcesrv_handle *h;
struct lsa_secret_state *secret_state;
struct ldb_message *msg;
DATA_BLOB session_key;
DATA_BLOB crypt_secret, secret;
int ret;
struct ldb_message **res;
const char *attrs[] = {
"currentValue",
"priorValue",
"lastSetTime",
"priorSetTime",
NULL
};
NTSTATUS nt_status;
DCESRV_PULL_HANDLE(h, r->in.sec_handle, LSA_HANDLE_SECRET);
secret_state = h->data;
/* pull all the user attributes */
ret = gendb_search_dn(secret_state->sam_ldb, mem_ctx,
secret_state->secret_dn, &res, attrs);
if (ret != 1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
msg = res[0];
nt_status = dcesrv_fetch_session_key(dce_call->conn, &session_key);
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
}
if (r->in.old_val) {
const struct ldb_val *prior_val;
r->out.old_val = talloc_zero(mem_ctx, struct lsa_DATA_BUF_PTR);
if (!r->out.old_val) {
return NT_STATUS_NO_MEMORY;
}
prior_val = ldb_msg_find_ldb_val(res[0], "priorValue");
if (prior_val && prior_val->length) {
secret.data = prior_val->data;
secret.length = prior_val->length;
/* Encrypt */
crypt_secret = sess_encrypt_blob(mem_ctx, &secret, &session_key);
if (!crypt_secret.length) {
return NT_STATUS_NO_MEMORY;
}
r->out.old_val->buf = talloc(mem_ctx, struct lsa_DATA_BUF);
if (!r->out.old_val->buf) {
return NT_STATUS_NO_MEMORY;
}
r->out.old_val->buf->size = crypt_secret.length;
r->out.old_val->buf->length = crypt_secret.length;
r->out.old_val->buf->data = crypt_secret.data;
}
}
if (r->in.old_mtime) {
r->out.old_mtime = talloc(mem_ctx, NTTIME);
if (!r->out.old_mtime) {
return NT_STATUS_NO_MEMORY;
}
*r->out.old_mtime = ldb_msg_find_attr_as_uint64(res[0], "priorSetTime", 0);
}
if (r->in.new_val) {
const struct ldb_val *new_val;
r->out.new_val = talloc_zero(mem_ctx, struct lsa_DATA_BUF_PTR);
if (!r->out.new_val) {
return NT_STATUS_NO_MEMORY;
}
new_val = ldb_msg_find_ldb_val(res[0], "currentValue");
if (new_val && new_val->length) {
secret.data = new_val->data;
secret.length = new_val->length;
/* Encrypt */
crypt_secret = sess_encrypt_blob(mem_ctx, &secret, &session_key);
if (!crypt_secret.length) {
return NT_STATUS_NO_MEMORY;
}
r->out.new_val->buf = talloc(mem_ctx, struct lsa_DATA_BUF);
if (!r->out.new_val->buf) {
return NT_STATUS_NO_MEMORY;
}
r->out.new_val->buf->length = crypt_secret.length;
r->out.new_val->buf->size = crypt_secret.length;
r->out.new_val->buf->data = crypt_secret.data;
}
}
if (r->in.new_mtime) {
r->out.new_mtime = talloc(mem_ctx, NTTIME);
if (!r->out.new_mtime) {
return NT_STATUS_NO_MEMORY;
}
*r->out.new_mtime = ldb_msg_find_attr_as_uint64(res[0], "lastSetTime", 0);
}
return NT_STATUS_OK;
}
/*
lsa_LookupPrivValue
*/
static NTSTATUS lsa_LookupPrivValue(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_LookupPrivValue *r)
{
struct dcesrv_handle *h;
struct lsa_policy_state *state;
int id;
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
state = h->data;
id = sec_privilege_id(r->in.name->string);
if (id == -1) {
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
r->out.luid->low = id;
r->out.luid->high = 0;
return NT_STATUS_OK;
}
/*
lsa_LookupPrivName
*/
static NTSTATUS lsa_LookupPrivName(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_LookupPrivName *r)
{
struct dcesrv_handle *h;
struct lsa_policy_state *state;
const char *privname;
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
state = h->data;
if (r->in.luid->high != 0) {
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
privname = sec_privilege_name(r->in.luid->low);
if (privname == NULL) {
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
r->out.name = talloc(mem_ctx, struct lsa_StringLarge);
if (r->out.name == NULL) {
return NT_STATUS_NO_MEMORY;
}
r->out.name->string = privname;
return NT_STATUS_OK;
}
/*
lsa_LookupPrivDisplayName
*/
static NTSTATUS lsa_LookupPrivDisplayName(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_LookupPrivDisplayName *r)
{
struct dcesrv_handle *h;
struct lsa_policy_state *state;
int id;
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
state = h->data;
id = sec_privilege_id(r->in.name->string);
if (id == -1) {
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
r->out.disp_name = talloc(mem_ctx, struct lsa_StringLarge);
if (r->out.disp_name == NULL) {
return NT_STATUS_NO_MEMORY;
}
r->out.disp_name->string = sec_privilege_display_name(id, r->in.language_id);
if (r->out.disp_name->string == NULL) {
return NT_STATUS_INTERNAL_ERROR;
}
return NT_STATUS_OK;
}
/*
lsa_DeleteObject
*/
static NTSTATUS lsa_DeleteObject(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_DeleteObject *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_EnumAccountsWithUserRight
*/
static NTSTATUS lsa_EnumAccountsWithUserRight(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_EnumAccountsWithUserRight *r)
{
struct dcesrv_handle *h;
struct lsa_policy_state *state;
int ret, i;
struct ldb_message **res;
const char * const attrs[] = { "objectSid", NULL};
const char *privname;
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
state = h->data;
if (r->in.name == NULL) {
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
privname = r->in.name->string;
if (sec_privilege_id(privname) == -1) {
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
ret = gendb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs,
"privilege=%s", privname);
if (ret == -1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
if (ret == 0) {
return NT_STATUS_NO_MORE_ENTRIES;
}
r->out.sids->sids = talloc_array(r->out.sids, struct lsa_SidPtr, ret);
if (r->out.sids->sids == NULL) {
return NT_STATUS_NO_MEMORY;
}
for (i=0;i<ret;i++) {
r->out.sids->sids[i].sid = samdb_result_dom_sid(r->out.sids->sids,
res[i], "objectSid");
NT_STATUS_HAVE_NO_MEMORY(r->out.sids->sids[i].sid);
}
r->out.sids->num_sids = ret;
return NT_STATUS_OK;
}
/*
lsa_AddAccountRights
*/
static NTSTATUS lsa_AddAccountRights(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_AddAccountRights *r)
{
struct dcesrv_handle *h;
struct lsa_policy_state *state;
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
state = h->data;
return lsa_AddRemoveAccountRights(dce_call, mem_ctx, state,
LDB_FLAG_MOD_ADD,
r->in.sid, r->in.rights);
}
/*
lsa_RemoveAccountRights
*/
static NTSTATUS lsa_RemoveAccountRights(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_RemoveAccountRights *r)
{
struct dcesrv_handle *h;
struct lsa_policy_state *state;
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
state = h->data;
return lsa_AddRemoveAccountRights(dce_call, mem_ctx, state,
LDB_FLAG_MOD_DELETE,
r->in.sid, r->in.rights);
}
/*
lsa_StorePrivateData
*/
static NTSTATUS lsa_StorePrivateData(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_StorePrivateData *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_RetrievePrivateData
*/
static NTSTATUS lsa_RetrievePrivateData(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_RetrievePrivateData *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_GetUserName
*/
static NTSTATUS lsa_GetUserName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_GetUserName *r)
{
NTSTATUS status = NT_STATUS_OK;
const char *account_name;
const char *authority_name;
struct lsa_String *_account_name;
struct lsa_StringPointer *_authority_name = NULL;
/* this is what w2k3 does */
r->out.account_name = r->in.account_name;
r->out.authority_name = r->in.authority_name;
if (r->in.account_name && r->in.account_name->string) {
return NT_STATUS_INVALID_PARAMETER;
}
if (r->in.authority_name &&
r->in.authority_name->string &&
r->in.authority_name->string->string) {
return NT_STATUS_INVALID_PARAMETER;
}
account_name = talloc_reference(mem_ctx, dce_call->conn->auth_state.session_info->server_info->account_name);
authority_name = talloc_reference(mem_ctx, dce_call->conn->auth_state.session_info->server_info->domain_name);
_account_name = talloc(mem_ctx, struct lsa_String);
NT_STATUS_HAVE_NO_MEMORY(_account_name);
_account_name->string = account_name;
if (r->in.authority_name) {
_authority_name = talloc(mem_ctx, struct lsa_StringPointer);
NT_STATUS_HAVE_NO_MEMORY(_authority_name);
_authority_name->string = talloc(mem_ctx, struct lsa_String);
NT_STATUS_HAVE_NO_MEMORY(_authority_name->string);
_authority_name->string->string = authority_name;
}
r->out.account_name = _account_name;
r->out.authority_name = _authority_name;
return status;
}
/*
lsa_SetInfoPolicy2
*/
static NTSTATUS lsa_SetInfoPolicy2(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_SetInfoPolicy2 *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_QueryDomainInformationPolicy
*/
static NTSTATUS lsa_QueryDomainInformationPolicy(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_QueryDomainInformationPolicy *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_SetDomInfoPolicy
*/
static NTSTATUS lsa_SetDomainInformationPolicy(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_SetDomainInformationPolicy *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_TestCall
*/
static NTSTATUS lsa_TestCall(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_TestCall *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lookup a SID for 1 name
*/
static NTSTATUS lsa_lookup_name(struct lsa_policy_state *state, TALLOC_CTX *mem_ctx,
const char *name, struct dom_sid **sid, uint32_t *atype)
{
int ret;
struct ldb_message **res;
const char * const attrs[] = { "objectSid", "sAMAccountType", NULL};
const char *p;
p = strchr_m(name, '\\');
if (p != NULL) {
/* TODO: properly parse the domain prefix here, and use it to
limit the search */
name = p + 1;
}
ret = gendb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs, "sAMAccountName=%s", ldb_binary_encode_string(mem_ctx, name));
if (ret == 1) {
*sid = samdb_result_dom_sid(mem_ctx, res[0], "objectSid");
if (*sid == NULL) {
return NT_STATUS_INVALID_SID;
}
*atype = samdb_result_uint(res[0], "sAMAccountType", 0);
return NT_STATUS_OK;
}
/* need to add a call into sidmap to check for a allocated sid */
return NT_STATUS_INVALID_SID;
}
/*
lsa_LookupNames3
*/
static NTSTATUS lsa_LookupNames3(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_LookupNames3 *r)
{
struct lsa_policy_state *policy_state;
struct dcesrv_handle *policy_handle;
int i;
NTSTATUS status = NT_STATUS_OK;
DCESRV_PULL_HANDLE(policy_handle, r->in.handle, LSA_HANDLE_POLICY);
policy_state = policy_handle->data;
r->out.domains = NULL;
r->out.domains = talloc_zero(mem_ctx, struct lsa_RefDomainList);
if (r->out.domains == NULL) {
return NT_STATUS_NO_MEMORY;
}
r->out.sids = talloc_zero(mem_ctx, struct lsa_TransSidArray3);
if (r->out.sids == NULL) {
return NT_STATUS_NO_MEMORY;
}
*r->out.count = 0;
r->out.sids->sids = talloc_array(r->out.sids, struct lsa_TranslatedSid3,
r->in.num_names);
if (r->out.sids->sids == NULL) {
return NT_STATUS_NO_MEMORY;
}
for (i=0;i<r->in.num_names;i++) {
const char *name = r->in.names[i].string;
struct dom_sid *sid;
uint32_t atype, rtype, sid_index;
NTSTATUS status2;
r->out.sids->count++;
(*r->out.count)++;
r->out.sids->sids[i].sid_type = SID_NAME_UNKNOWN;
r->out.sids->sids[i].sid = NULL;
r->out.sids->sids[i].sid_index = 0xFFFFFFFF;
r->out.sids->sids[i].unknown = 0;
status2 = lsa_lookup_name(policy_state, mem_ctx, name, &sid, &atype);
if (!NT_STATUS_IS_OK(status2) || sid->num_auths == 0) {
status = STATUS_SOME_UNMAPPED;
continue;
}
rtype = samdb_atype_map(atype);
if (rtype == SID_NAME_UNKNOWN) {
status = STATUS_SOME_UNMAPPED;
continue;
}
status2 = lsa_authority_list(policy_state, mem_ctx, sid, r->out.domains, &sid_index);
if (!NT_STATUS_IS_OK(status2)) {
return status2;
}
r->out.sids->sids[i].sid_type = rtype;
r->out.sids->sids[i].sid = sid;
r->out.sids->sids[i].sid_index = sid_index;
r->out.sids->sids[i].unknown = 0;
}
return status;
}
/*
lsa_LookupNames4
Identical to LookupNames3, but doesn't take a policy handle
*/
static NTSTATUS lsa_LookupNames4(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LookupNames4 *r)
{
struct lsa_LookupNames3 r2;
struct lsa_OpenPolicy2 pol;
NTSTATUS status;
struct dcesrv_handle *h;
/* No policy handle on the wire, so make one up here */
r2.in.handle = talloc(mem_ctx, struct policy_handle);
if (!r2.in.handle) {
return NT_STATUS_NO_MEMORY;
}
pol.out.handle = r2.in.handle;
pol.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
pol.in.attr = NULL;
pol.in.system_name = NULL;
status = lsa_OpenPolicy2(dce_call, mem_ctx, &pol);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
/* ensure this handle goes away at the end of this call */
DCESRV_PULL_HANDLE(h, r2.in.handle, LSA_HANDLE_POLICY);
talloc_steal(mem_ctx, h);
r2.in.num_names = r->in.num_names;
r2.in.names = r->in.names;
r2.in.sids = r->in.sids;
r2.in.count = r->in.count;
r2.in.unknown1 = r->in.unknown1;
r2.in.unknown2 = r->in.unknown2;
r2.out.domains = r->out.domains;
r2.out.sids = r->out.sids;
r2.out.count = r->out.count;
status = lsa_LookupNames3(dce_call, mem_ctx, &r2);
if (dce_call->fault_code != 0) {
return status;
}
r->out.domains = r2.out.domains;
r->out.sids = r2.out.sids;
r->out.count = r2.out.count;
return status;
}
/*
lsa_LookupNames2
*/
static NTSTATUS lsa_LookupNames2(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_LookupNames2 *r)
{
struct lsa_policy_state *state;
struct dcesrv_handle *h;
int i;
NTSTATUS status = NT_STATUS_OK;
r->out.domains = NULL;
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
state = h->data;
r->out.domains = talloc_zero(mem_ctx, struct lsa_RefDomainList);
if (r->out.domains == NULL) {
return NT_STATUS_NO_MEMORY;
}
r->out.sids = talloc_zero(mem_ctx, struct lsa_TransSidArray2);
if (r->out.sids == NULL) {
return NT_STATUS_NO_MEMORY;
}
*r->out.count = 0;
r->out.sids->sids = talloc_array(r->out.sids, struct lsa_TranslatedSid2,
r->in.num_names);
if (r->out.sids->sids == NULL) {
return NT_STATUS_NO_MEMORY;
}
for (i=0;i<r->in.num_names;i++) {
const char *name = r->in.names[i].string;
struct dom_sid *sid;
uint32_t atype, rtype, sid_index;
NTSTATUS status2;
r->out.sids->count++;
(*r->out.count)++;
r->out.sids->sids[i].sid_type = SID_NAME_UNKNOWN;
r->out.sids->sids[i].rid = 0xFFFFFFFF;
r->out.sids->sids[i].sid_index = 0xFFFFFFFF;
r->out.sids->sids[i].unknown = 0;
status2 = lsa_lookup_name(state, mem_ctx, name, &sid, &atype);
if (!NT_STATUS_IS_OK(status2) || sid->num_auths == 0) {
status = STATUS_SOME_UNMAPPED;
continue;
}
rtype = samdb_atype_map(atype);
if (rtype == SID_NAME_UNKNOWN) {
status = STATUS_SOME_UNMAPPED;
continue;
}
status2 = lsa_authority_list(state, mem_ctx, sid, r->out.domains, &sid_index);
if (!NT_STATUS_IS_OK(status2)) {
return status2;
}
r->out.sids->sids[i].sid_type = rtype;
r->out.sids->sids[i].rid = sid->sub_auths[sid->num_auths-1];
r->out.sids->sids[i].sid_index = sid_index;
r->out.sids->sids[i].unknown = 0;
}
return status;
}
/*
lsa_LookupNames
*/
static NTSTATUS lsa_LookupNames(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LookupNames *r)
{
struct lsa_LookupNames2 r2;
NTSTATUS status;
int i;
r2.in.handle = r->in.handle;
r2.in.num_names = r->in.num_names;
r2.in.names = r->in.names;
r2.in.sids = NULL;
r2.in.level = r->in.level;
r2.in.count = r->in.count;
r2.in.unknown1 = 0;
r2.in.unknown2 = 0;
r2.out.count = r->out.count;
status = lsa_LookupNames2(dce_call, mem_ctx, &r2);
if (dce_call->fault_code != 0) {
return status;
}
r->out.domains = r2.out.domains;
r->out.sids = talloc(mem_ctx, struct lsa_TransSidArray);
if (r->out.sids == NULL) {
return NT_STATUS_NO_MEMORY;
}
r->out.sids->count = r2.out.sids->count;
r->out.sids->sids = talloc_array(r->out.sids, struct lsa_TranslatedSid,
r->out.sids->count);
if (r->out.sids->sids == NULL) {
return NT_STATUS_NO_MEMORY;
}
for (i=0;i<r->out.sids->count;i++) {
r->out.sids->sids[i].sid_type = r2.out.sids->sids[i].sid_type;
r->out.sids->sids[i].rid = r2.out.sids->sids[i].rid;
r->out.sids->sids[i].sid_index = r2.out.sids->sids[i].sid_index;
}
return status;
}
/*
lsa_CREDRWRITE
*/
static NTSTATUS lsa_CREDRWRITE(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CREDRWRITE *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_CREDRREAD
*/
static NTSTATUS lsa_CREDRREAD(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CREDRREAD *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_CREDRENUMERATE
*/
static NTSTATUS lsa_CREDRENUMERATE(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CREDRENUMERATE *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_CREDRWRITEDOMAINCREDENTIALS
*/
static NTSTATUS lsa_CREDRWRITEDOMAINCREDENTIALS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CREDRWRITEDOMAINCREDENTIALS *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_CREDRREADDOMAINCREDENTIALS
*/
static NTSTATUS lsa_CREDRREADDOMAINCREDENTIALS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CREDRREADDOMAINCREDENTIALS *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_CREDRDELETE
*/
static NTSTATUS lsa_CREDRDELETE(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CREDRDELETE *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_CREDRGETTARGETINFO
*/
static NTSTATUS lsa_CREDRGETTARGETINFO(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CREDRGETTARGETINFO *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_CREDRPROFILELOADED
*/
static NTSTATUS lsa_CREDRPROFILELOADED(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CREDRPROFILELOADED *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_CREDRGETSESSIONTYPES
*/
static NTSTATUS lsa_CREDRGETSESSIONTYPES(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CREDRGETSESSIONTYPES *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_LSARREGISTERAUDITEVENT
*/
static NTSTATUS lsa_LSARREGISTERAUDITEVENT(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LSARREGISTERAUDITEVENT *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_LSARGENAUDITEVENT
*/
static NTSTATUS lsa_LSARGENAUDITEVENT(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LSARGENAUDITEVENT *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_LSARUNREGISTERAUDITEVENT
*/
static NTSTATUS lsa_LSARUNREGISTERAUDITEVENT(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LSARUNREGISTERAUDITEVENT *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_LSARQUERYFORESTTRUSTINFORMATION
*/
static NTSTATUS lsa_LSARQUERYFORESTTRUSTINFORMATION(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LSARQUERYFORESTTRUSTINFORMATION *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_LSARSETFORESTTRUSTINFORMATION
*/
static NTSTATUS lsa_LSARSETFORESTTRUSTINFORMATION(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LSARSETFORESTTRUSTINFORMATION *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_CREDRRENAME
*/
static NTSTATUS lsa_CREDRRENAME(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_CREDRRENAME *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_LSAROPENPOLICYSCE
*/
static NTSTATUS lsa_LSAROPENPOLICYSCE(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LSAROPENPOLICYSCE *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_LSARADTREGISTERSECURITYEVENTSOURCE
*/
static NTSTATUS lsa_LSARADTREGISTERSECURITYEVENTSOURCE(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LSARADTREGISTERSECURITYEVENTSOURCE *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE
*/
static NTSTATUS lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
lsa_LSARADTREPORTSECURITYEVENT
*/
static NTSTATUS lsa_LSARADTREPORTSECURITYEVENT(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_LSARADTREPORTSECURITYEVENT *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/* include the generated boilerplate */
#include "librpc/gen_ndr/ndr_lsa_s.c"
/*****************************************
NOTE! The remaining calls below were
removed in w2k3, so the DCESRV_FAULT()
replies are the correct implementation. Do
not try and fill these in with anything else
******************************************/
/*
dssetup_DsRoleDnsNameToFlatName
*/
static WERROR dssetup_DsRoleDnsNameToFlatName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct dssetup_DsRoleDnsNameToFlatName *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
dssetup_DsRoleDcAsDc
*/
static WERROR dssetup_DsRoleDcAsDc(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct dssetup_DsRoleDcAsDc *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
dssetup_DsRoleDcAsReplica
*/
static WERROR dssetup_DsRoleDcAsReplica(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct dssetup_DsRoleDcAsReplica *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
dssetup_DsRoleDemoteDc
*/
static WERROR dssetup_DsRoleDemoteDc(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct dssetup_DsRoleDemoteDc *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
dssetup_DsRoleGetDcOperationProgress
*/
static WERROR dssetup_DsRoleGetDcOperationProgress(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct dssetup_DsRoleGetDcOperationProgress *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
dssetup_DsRoleGetDcOperationResults
*/
static WERROR dssetup_DsRoleGetDcOperationResults(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct dssetup_DsRoleGetDcOperationResults *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
dssetup_DsRoleCancel
*/
static WERROR dssetup_DsRoleCancel(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct dssetup_DsRoleCancel *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
dssetup_DsRoleServerSaveStateForUpgrade
*/
static WERROR dssetup_DsRoleServerSaveStateForUpgrade(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct dssetup_DsRoleServerSaveStateForUpgrade *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
dssetup_DsRoleUpgradeDownlevelServer
*/
static WERROR dssetup_DsRoleUpgradeDownlevelServer(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct dssetup_DsRoleUpgradeDownlevelServer *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/*
dssetup_DsRoleAbortDownlevelServerUpgrade
*/
static WERROR dssetup_DsRoleAbortDownlevelServerUpgrade(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct dssetup_DsRoleAbortDownlevelServerUpgrade *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
/* include the generated boilerplate */
#include "librpc/gen_ndr/ndr_dssetup_s.c"
NTSTATUS dcerpc_server_lsa_init(void)
{
NTSTATUS ret;
ret = dcerpc_server_dssetup_init();
if (!NT_STATUS_IS_OK(ret)) {
return ret;
}
ret = dcerpc_server_lsarpc_init();
if (!NT_STATUS_IS_OK(ret)) {
return ret;
}
return ret;
}
View Git Blame Copy Permalink