diff options
author | Jelmer Vernooij <jelmer@samba.org> | 2008-10-11 14:44:10 +0200 |
---|---|---|
committer | Jelmer Vernooij <jelmer@samba.org> | 2008-10-11 14:44:10 +0200 |
commit | 6a78e56277799672b7ac187c57e546836e136f79 (patch) | |
tree | 87f0336cb1908d01690b74c56a44f4713559b5bc /source3/include | |
parent | ddbddbd80c80b872cdd36a01f9a3a6bc2eca1b1f (diff) | |
parent | f0a27064869871806343648de3b5a0667118872f (diff) | |
download | samba-6a78e56277799672b7ac187c57e546836e136f79.tar.gz samba-6a78e56277799672b7ac187c57e546836e136f79.tar.bz2 samba-6a78e56277799672b7ac187c57e546836e136f79.zip |
Merge branch 'master' of ssh://git.samba.org/data/git/samba into arc4
Diffstat (limited to 'source3/include')
-rw-r--r-- | source3/include/dynconfig.h | 4 | ||||
-rw-r--r-- | source3/include/libmsrpc.h | 3045 | ||||
-rw-r--r-- | source3/include/libmsrpc_internal.h | 73 | ||||
-rw-r--r-- | source3/include/nameserv.h | 11 | ||||
-rw-r--r-- | source3/include/printing.h | 2 | ||||
-rw-r--r-- | source3/include/proto.h | 31 | ||||
-rw-r--r-- | source3/include/rpc_secdes.h | 3 | ||||
-rw-r--r-- | source3/include/secrets.h | 2 | ||||
-rw-r--r-- | source3/include/smb.h | 1 | ||||
-rw-r--r-- | source3/include/smb_macros.h | 16 | ||||
-rw-r--r-- | source3/include/vfs.h | 5 |
11 files changed, 33 insertions, 3160 deletions
diff --git a/source3/include/dynconfig.h b/source3/include/dynconfig.h index 758bde33cc..8267064f23 100644 --- a/source3/include/dynconfig.h +++ b/source3/include/dynconfig.h @@ -71,6 +71,10 @@ const char *get_dyn_PIDDIR(void); const char *set_dyn_PIDDIR(const char *newpath); bool is_default_dyn_PIDDIR(void); +const char *get_dyn_NCALRPCDIR(void); +const char *set_dyn_NCALRPCDIR(const char *newpath); +bool is_default_dyn_NCALRPCDIR(void); + const char *get_dyn_SMB_PASSWD_FILE(void); const char *set_dyn_SMB_PASSWD_FILE(const char *newpath); bool is_default_dyn_SMB_PASSWD_FILE(void); diff --git a/source3/include/libmsrpc.h b/source3/include/libmsrpc.h deleted file mode 100644 index 3f2a7260ca..0000000000 --- a/source3/include/libmsrpc.h +++ /dev/null @@ -1,3045 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * MS-RPC client library API definitions/prototypes - * - * Copyright (C) Chris Nicholls 2005. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see <http://www.gnu.org/licenses/>. - */ - -#ifndef LIBMSRPC_H -#define LIBMSRPC_H - - -#include "includes.h" -#include "libsmbclient.h" -#include "libsmb_internal.h" - -/*server capability levels*/ -#define SRV_WIN_NT4 1 -#define SRV_WIN_2K 2 -#define SRV_WIN_2K_SP3 3 -#define SRV_WIN_2K3 4 - -/**@defgroup handle Server Handle*/ -/**@defgroup Library_Functions Library/Utility Functions*/ -/**@defgroup lsa_defs LSA Definitions*/ -/**@defgroup LSA_Functions LSA Functions*/ -/**@defgroup reg_defs Registry Definitions*/ -/**@defgroup Reg_Functions Registry Functions*/ -/**@defgroup sam_defs SAM Definitions*/ -/**@defgroup SAM_Functions SAM Functions*/ -/**@defgroup svc_defs Service Control Definitions*/ -/**@defgroup SCM_Functions Service Control Functions*/ - -/**Operation was unsuccessful*/ -#define CAC_FAILURE 0 -/**Operation was successful*/ -#define CAC_SUCCESS 1 -/**Operation was only partially successful - * an example of this is if you try to lookup a list of accounts to SIDs and not all accounts can be resolved*/ -#define CAC_PARTIAL_SUCCESS 2 - -/**@ingroup CAC_errors Use this to see if the last operation failed - useful for enumeration functions that use multiple calls*/ -#define CAC_OP_FAILED(status) !NT_STATUS_IS_OK(status) && \ - NT_STATUS_V(status) != NT_STATUS_V(STATUS_SOME_UNMAPPED) && \ - NT_STATUS_V(status) != NT_STATUS_V(STATUS_NO_MORE_FILES) && \ - NT_STATUS_V(status) != NT_STATUS_V(NT_STATUS_NO_MORE_ENTRIES) && \ - NT_STATUS_V(status) != NT_STATUS_V(NT_STATUS_NONE_MAPPED) && \ - NT_STATUS_V(status) != NT_STATUS_V(NT_STATUS_GUIDS_EXHAUSTED) - - -/**Privilege string constants*/ -#define CAC_SE_CREATE_TOKEN "SeCreateTokenPrivilege" -#define CAC_SE_ASSIGN_PRIMARY_TOKEN "SeAssignPrimaryTokenPrivilege" -#define CAC_SE_LOCK_MEMORY "SeLockMemoryPrivilege" -#define CAC_SE_INCREASE_QUOTA "SeIncreaseQuotaPrivilege" -#define CAC_SE_MACHINE_ACCOUNT "SeMachineAccountPrivilege" -#define CAC_SE_TCB "SeTcbPrivilege" -#define CAC_SE_SECURITY "SeSecurityPrivilege" -#define CAC_SE_TAKE_OWNERSHIP "SeTakeOwnershipPrivilege" -#define CAC_SE_LOAD_DRIVER "SeLoadDriverPrivilege" -#define CAC_SE_SYSTEM_PROFILE "SeSystemProfilePrivilege" -#define CAC_SE_SYSTEM_TIME "SeSystemtimePrivilege" -#define CAC_SE_PROFILE_SINGLE_PROC "SeProfileSingleProcessPrivilege" -#define CAC_SE_INCREASE_BASE_PRIORITY "SeIncreaseBasePriorityPrivilege" -#define CAC_SE_CREATE_PAGEFILE "SeCreatePagefilePrivilege" -#define CAC_SE_CREATE_PERMANENT "SeCreatePermanentPrivilege" -#define CAC_SE_BACKUP "SeBackupPrivilege" -#define CAC_SE_RESTORE "SeRestorePrivilege" -#define CAC_SE_SHUTDOWN "SeShutdownPrivilege" -#define CAC_SE_DEBUG "SeDebugPrivilege" -#define CAC_SE_AUDIT "SeAuditPrivilege" -#define CAC_SE_SYSTEM_ENV "SeSystemEnvironmentPrivilege" -#define CAC_SE_CHANGE_NOTIFY "SeChangeNotifyPrivilege" -#define CAC_SE_REMOTE_SHUTDOWN "SeRemoteShutdownPrivilege" -#define CAC_SE_UNDOCK "SeUndockPrivilege" -#define CAC_SE_SYNC_AGENT "SeSyncAgentPrivilege" -#define CAC_SE_ENABLE_DELEGATION "SeEnableDelegationPrivilege" -#define CAC_SE_MANAGE_VOLUME "SeManageVolumePrivilege" -#define CAC_SE_IMPERSONATE "SeImpersonatePrivilege" -#define CAC_SE_CREATE_GLOBAL "SeCreateGlobalPrivilege" -#define CAC_SE_PRINT_OPERATOR "SePrintOperatorPrivilege" -#define CAC_SE_NETWORK_LOGON "SeNetworkLogonRight" -#define CAC_SE_INTERACTIVE_LOGON "SeInteractiveLogonRight" -#define CAC_SE_BATCH_LOGON "SeBatchLogonRight" -#define CAC_SE_SERVICE_LOGON "SeServiceLogonRight" -#define CAC_SE_ADD_USERS "SeAddUsersPrivilege" -#define CAC_SE_DISK_OPERATOR "SeDiskOperatorPrivilege" - -/** - * @addtogroup lsa_defs - * @{ - */ -/**used to specify what data to retrieve using cac_LsaQueryTrustedDomainInformation*/ -#define CAC_INFO_TRUSTED_DOMAIN_NAME 0x1 -#define CAC_INFO_TRUSTED_DOMAIN_POSIX_OFFSET 0x3 -#define CAC_INFO_TRUSTED_DOMAIN_PASSWORD 0x4 - -/**Used when requesting machine domain information*/ -#define CAC_DOMAIN_INFO 0x0003 - -/**Used when requesting machine local information*/ -#define CAC_LOCAL_INFO 0x0005 - -/**Stores information about a SID*/ -typedef struct _CACSIDINFO { - /**The actual SID*/ - DOM_SID sid; - - /**The name of the object which maps to this SID*/ - char *name; - - /**The domain the SID belongs to*/ - char *domain; -} CacSidInfo; -/* @} */ - -/** - * @addtogroup reg_defs - * @{ - */ -/**Null terminated string*/ -typedef char* REG_SZ_DATA; - -/**Null terminated string with windows environment variables that should be expanded*/ -typedef char* REG_EXPAND_SZ_DATA; - -/**Binary data of some kind*/ -typedef struct _REGBINARYDATA { - uint32 data_length; - uint8 * data; -} REG_BINARY_DATA; - -/**32-bit (little endian) number*/ -typedef uint32 REG_DWORD_DATA; - -/**32-bit big endian number*/ -typedef uint32 REG_DWORD_BE_DATA; - -/**array of strings*/ -typedef struct _REGMULTISZDATA { - uint32 num_strings; - - char **strings; -} REG_MULTI_SZ_DATA; - -typedef union _REGVALUEDATA { - REG_SZ_DATA reg_sz; - REG_EXPAND_SZ_DATA reg_expand_sz; - REG_BINARY_DATA reg_binary; - REG_DWORD_DATA reg_dword; - REG_DWORD_BE_DATA reg_dword_be; - REG_MULTI_SZ_DATA reg_multi_sz; -} REG_VALUE_DATA; -/**@}*/ - -/** - * @addtogroup sam_defs - * @{ - */ - -#define CAC_USER_RID 0x1 -#define CAC_GROUP_RID 0x2 - -typedef struct _CACLOOKUPRIDSRECORD { - char *name; - uint32 rid; - - /**If found, this will be one of: - * - CAC_USER_RID - * - CAC_GROUP_RID - */ - uint32 type; - - /*if the name or RID was looked up, then found = True*/ - bool found; -} CacLookupRidsRecord; - -typedef struct _CACUSERINFO { - /**Last logon time*/ - time_t logon_time; - - /**Last logoff time*/ - time_t logoff_time; - - /**Last kickoff time*/ - time_t kickoff_time; - - /**Last password set time*/ - time_t pass_last_set_time; - - /**Time password can change*/ - time_t pass_can_change_time; - - /**Time password must change*/ - time_t pass_must_change_time; - - /**LM user password*/ - uint8 lm_password[8]; - - /**NT user password*/ - uint8 nt_password[8]; - - /**User's RID*/ - uint32 rid; - - /**RID of primary group*/ - uint32 group_rid; - - /**User's ACB mask*/ - uint32 acb_mask; - - /**Bad password count*/ - uint16 bad_passwd_count; - - /**Number of logons*/ - uint16 logon_count; - - /**Change password at next logon?*/ - bool pass_must_change; - - /**Username*/ - char *username; - - /**User's full name*/ - char *full_name; - - /**User's home directory*/ - char *home_dir; - - /**Home directory drive*/ - char *home_drive; - - /**Logon script*/ - char *logon_script; - - /**Path to profile*/ - char *profile_path; - - /**Account description*/ - char *description; - - /**Login from workstations*/ - char *workstations; - - char *dial; - - /**Possible logon hours*/ - LOGON_HRS *logon_hours; - -} CacUserInfo; - -typedef struct _CACGROUPINFO { - /**Group name*/ - char *name; - - /**Description*/ - char *description; - - /**Number of members*/ - uint32 num_members; -} CacGroupInfo, CacAliasInfo; - -/**Represents a period (duration) of time*/ -typedef struct _CACTIME { - /**Number of days*/ - uint32 days; - - /**Number of hours*/ - uint32 hours; - - /**Number of minutes*/ - uint32 minutes; - - /**number of seconds*/ - uint32 seconds; -} CacTime; - - -typedef struct _CACDOMINFO { - /**The server role. Should be one of: - * ROLE_STANDALONE - * ROLE_DOMAIN_MEMBER - * ROLE_DOMAIN_BDC - * ROLE_DOMAIN_PDC - * see include/smb.h - */ - uint32 server_role; - - /**Number of domain users*/ - uint32 num_users; - - /**Number of domain groups*/ - uint32 num_domain_groups; - - /**Number of local groups*/ - uint32 num_local_groups; - - /**Comment*/ - char *comment; - - /**Domain name*/ - char *domain_name; - - /**Server name*/ - char *server_name; - - /**Minimum password length*/ - uint16 min_pass_length; - - /**How many previous passwords to remember - ie, password cannot be the same as N previous passwords*/ - uint16 pass_history; - - /**How long (from now) before passwords expire*/ - CacTime expire; - - /**How long (from now) before passwords can be changed*/ - CacTime min_pass_age; - - /**How long users are locked out for too many bad password attempts*/ - CacTime lockout_duration; - - /**How long before lockouts are reset*/ - CacTime lockout_reset; - - /**How many bad password attempts before lockout occurs*/ - uint16 num_bad_attempts; -} CacDomainInfo; - -/**@}*/ /*sam_defs*/ - -/**@addtogroup svc_defs - * @{ - */ -typedef struct _CACSERVICE { - /**The service name*/ - char *service_name; - - /**The display name of the service*/ - char *display_name; - - /**Current status of the service - see include/rpc_svcctl.h for SERVICE_STATUS definition*/ - SERVICE_STATUS status; -} CacService; - -typedef struct __CACSERVICECONFIG { - /**The service type*/ - uint32 type; - - /**The start type. Should be one of: - * - SVCCTL_BOOT_START - * - SVCCTL_SYSTEM_START - * - SVCCTL_AUTO_START - * - SVCCTL_DEMAND_START - */ - uint32 start_type; - - uint32 error_control; - - /**Path to executable*/ - char *exe_path; - - /***/ - char *load_order_group; - - uint32 tag_id; - - /**Any dependencies for the service*/ - char *dependencies; - - /**Run as...*/ - char *start_name; - - /**Service display name*/ - char *display_name; - -} CacServiceConfig; -/**@}*/ /*svc_defs*/ - -#include "libmsrpc_internal.h" - -/** - * @addtogroup handle - * @{ - */ - -/** - * Server handle used to keep track of client/server/pipe information. Use cac_NewServerHandle() to allocate. - * Initiliaze as many values as possible before calling cac_Connect(). - * - * @note When allocating memory for the fields, use SMB_MALLOC() (or equivalent) instead of talloc() (or equivalent) - - * If memory is not allocated for a field, cac_Connect will allocate sizeof(fstring) bytes for it. - * - * @note It may be wise to allocate large buffers for these fields and strcpy data into them. - * - * @see cac_NewServerHandle() - * @see cac_FreeHandle() - */ -typedef struct _CACSERVERHANDLE { - /** debug level - */ - int debug; - - /** netbios name used to make connections - */ - char *netbios_name; - - /** domain name used to make connections - */ - char *domain; - - /** username used to make connections - */ - char *username; - - /** user's password plain text string - */ - char *password; - - /** name or IP address of server we are currently working with - */ - char *server; - - /**stores the latest NTSTATUS code - */ - NTSTATUS status; - - /** internal. do not modify! - */ - struct CacServerHandleInternal _internal; - -} CacServerHandle; - -/*@}*/ - -/**internal function. do not call this function*/ -SMBCSRV *cac_GetServer(CacServerHandle *hnd); - - -/** @addtogroup Library_Functions - * @{ - */ -/** - * Initializes the library - do not need to call this function. Open's smb.conf as well as initializes logging. - * @param debug Debug level for library to use - */ - -void cac_Init(int debug); - -/** - * Creates an un-initialized CacServerHandle - * @param allocate_fields If True, the function will allocate sizeof(fstring) bytes for all char * fields in the handle - * @return - un-initialized server handle - * - NULL if no memory could be allocated - */ -CacServerHandle * cac_NewServerHandle(bool allocate_fields); - -/** - * Specifies the smbc_get_auth_data_fn to use if you do not want to use the default. - * @param hnd non-NULL server handle - * @param auth_fn auth_data_fn to set in server handle - */ - -void cac_SetAuthDataFn(CacServerHandle *hnd, smbc_get_auth_data_fn auth_fn); - -/** Use your own libsmbclient context - not necessary. - * @note You must still call cac_Connect() after specifying your own libsmbclient context - * @param hnd Initialized, but not connected CacServerHandle - * @param ctx The libsmbclient context you would like to use. - */ -void cac_SetSmbcContext(CacServerHandle *hnd, SMBCCTX *ctx); - -/** Connects to a specified server. If there is already a connection to a different server, - * it will be cleaned up before connecting to the new server. - * @param hnd Pre-initialized CacServerHandle - * @param srv (Optional) Name or IP of the server to connect to. If NULL, server from the CacServerHandle will be used. - * - * @return CAC_FAILURE if the operation could not be completed successfully (hnd->status will also be set with a NTSTATUS code) - * @return CAC_SUCCESS if the operation succeeded - */ -int cac_Connect(CacServerHandle *hnd, const char *srv); - - -/** - * Cleans up any data used by the CacServerHandle. If the libsmbclient context was set using cac_SetSmbcContext(), it will not be free'd. - * @param hnd the CacServerHandle to destroy - */ -void cac_FreeHandle(CacServerHandle * hnd); - -/** - * Initializes a CacTime structure based on an NTTIME structure - * If the function fails, then the CacTime structure will be zero'd out - */ -void cac_InitCacTime(CacTime *cactime, NTTIME nttime); - -/** - * Called by cac_NewServerHandle() if allocate_fields = True. You can call this if you want to, allocates sizeof(fstring) char's for every char * field - * @param hnd Uninitialized server handle - * @return CAC_FAILURE Memory could not be allocated - * @return CAC_SUCCESS Memory was allocated - */ -int cac_InitHandleMem(CacServerHandle *hnd); - -/** - * Default smbc_get_auth_data_fn for libmsrpc. This function is called when libmsrpc needs to get more information about the - * client (username/password, workgroup). - * This function provides simple prompts to the user to enter the information. This description his here so you know how to re-define this function. - * @see cac_SetAuthDataFn() - * @param pServer Name/IP of the server to connect to. - * @param pShare Share name to connect to - * @param pWorkgroup libmsrpc passes in the workgroup/domain name from hnd->domain. It can be modified in the function. - * @param maxLenWorkgroup The maximum length of a string pWogroup can hold. - * @param pUsername libmsrpc passes in the username from hnd->username. It can be modified in the function. - * @param maxLenUsername The maximum length of a string pUsername can hold. - * @param pPassword libmsrpc pass in the password from hnd->password. It can be modified in the function. - * @param maxLenPassword The maximum length of a string pPassword can hold. - */ -void cac_GetAuthDataFn(const char * pServer, - const char * pShare, - char * pWorkgroup, - int maxLenWorkgroup, - char * pUsername, - int maxLenUsername, - char * pPassword, - int maxLenPassword); - - -/**@}*/ - -/***************** - * LSA Functions * - *****************/ - -/** @addtogroup LSA_Functions - * @{ - */ - -struct LsaOpenPolicy { - /**Inputs*/ - struct { - /**Access Mask. Refer to Security Access Masks in include/rpc_secdes.h*/ - uint32 access; - - /**Use security quality of service? (True/False)*/ - bool security_qos; - } in; - - /**Outputs*/ - struct { - /**Handle to the open policy (needed for all other operations)*/ - POLICY_HND *pol; - } out; -}; - -/** - * Opens a policy handle on a remote machine. - * @param hnd fully initialized CacServerHandle for remote machine - * @param mem_ctx Talloc context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE if the policy could not be opened. hnd->status set with appropriate NTSTATUS - * @return CAC_SUCCESS if the policy could be opened, the policy handle can be found - */ -int cac_LsaOpenPolicy(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaOpenPolicy *op); - - -/** - * Closes an LSA policy handle (Retrieved using cac_LsaOpenPolicy). - * If successful, the handle will be closed on the server, and memory for pol will be freed - * @param hnd - An initialized and connected server handle - * @param mem_ctx Talloc context for memory allocation - * @param pol - the policy handle to close - * @return CAC_FAILURE could not close the policy handle, hnd->status is set to the appropriate NTSTATUS error code - * @return CAC_SUCCESS the policy handle was closed - */ -int cac_LsaClosePolicy(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *pol); - - -struct LsaGetNamesFromSids { - struct { - /**handle to and open LSA policy*/ - POLICY_HND *pol; - - /**the number of SIDs to lookup*/ - uint32 num_sids; - - /**array of SIDs to lookup*/ - DOM_SID *sids; - } in; - - struct { - /**The number of names returned (in case of CAC_PARTIAL_SUCCESS)*/ - uint32 num_found; - - /**array of SID info each index is one sid */ - CacSidInfo *sids; - - /**in case of partial success, an array of SIDs that could not be looked up (NULL if all sids were looked up)*/ - DOM_SID *unknown; - } out; -}; - -/** - * Looks up the names for a list of SIDS - * @param hnd initialized and connected server handle - * @param mem_ctx Talloc context for memory allocation - * @param op input and output parameters - * @return CAC_FAILURE none of the SIDs could be looked up hnd->status is set with appropriate NTSTATUS error code - * @return CAC_SUCCESS all of the SIDs were translated and a list of names has been output - * @return CAC_PARTIAL_SUCCESS not all of the SIDs were translated, as a result the number of returned names is less than the original list of SIDs - */ -int cac_LsaGetNamesFromSids(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaGetNamesFromSids *op); - -struct LsaGetSidsFromNames { - struct { - /**handle to an open LSA policy*/ - POLICY_HND *pol; - - /**number of SIDs to lookup*/ - uint32 num_names; - - /**array of strings listing the names*/ - char **names; - } in; - - struct { - /**The number of SIDs returned (in case of partial success*/ - uint32 num_found; - - /**array of SID info for the looked up names*/ - CacSidInfo *sids; - - /**in case of partial success, the names that were not looked up*/ - char **unknown; - } out; -}; - -/** - * Looks up the SIDs for a list of names - * @param hnd initialized and connected server handle - * @param mem_ctx Talloc context for memory allocation - * @param op input and output parameters - * @return CAC_FAILURE none of the SIDs could be looked up hnd->status is set with appropriate NTSTATUS error code - * @return CAC_SUCCESS all of the SIDs were translated and a list of names has been output - * @return CAC_PARTIAL_SUCCESS not all of the SIDs were translated, as a result the number of returned names is less than the original list of SIDs - */ -int cac_LsaGetSidsFromNames(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaGetSidsFromNames *op); - -struct LsaFetchSid { - struct { - /**handle to an open LSA policy*/ - POLICY_HND *pol; - - /**can be CAC_LOCAL_INFO, CAC_DOMAIN_INFO, or (CAC_LOCAL_INFO | CAC_DOMAIN_INFO)*/ - uint16 info_class; - } in; - - struct { - /**the machine's local SID and domain name (NULL if not asked for)*/ - CacSidInfo *local_sid; - - /**the machine's domain SID and name (NULL if not asked for)*/ - CacSidInfo *domain_sid; - - } out; -}; - -/** - * Looks up the domain or local sid of a machine with an open LSA policy handle - * @param hnd initialized and connected server handle - * @param mem_ctx Talloc context for memory allocation - * @param op input and output parameters - * @return CAC_FAILURE if the SID could not be fetched - * @return CAC_SUCCESS if the SID was fetched - * @return CAC_PARTIAL_SUCCESS if you asked for both local and domain sids but only one was returned - */ -int cac_LsaFetchSid(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaFetchSid *op); - -struct LsaQueryInfoPolicy { - struct { - /**Open LSA policy handle on remote server*/ - POLICY_HND *pol; - } in; - - struct { - /**remote server's domain name*/ - char *domain_name; - - /**remote server's dns name*/ - char *dns_name; - - /**remote server's forest name*/ - char *forest_name; - - /**remote server's domain guid*/ - struct GUID *domain_guid; - - /**remote server's domain SID*/ - DOM_SID *domain_sid; - } out; -}; - -/** - * Retrieves information about the LSA machine/domain - * @param hnd initialized and connected server handle - * @param mem_ctx Talloc context for memory allocation - * @param op input and output parameters - * Note: for pre-Windows 2000 machines, only op->out.SID and op->out.domain will be set. @see cac_LsaFetchSid - * @return - CAC_FAILURE if the operation was not successful. hnd->status will be set with an accurate NT_STATUS code - * @return CAC_SUCCESS the operation was successful. - */ -int cac_LsaQueryInfoPolicy(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaQueryInfoPolicy *op); - -struct LsaEnumSids { - struct { - /**Open LSA Policy handle*/ - POLICY_HND *pol; - - /**The prefered maximum number of SIDs returned per call*/ - uint32 pref_max_sids; - } in; - - struct { - /**used to keep track of how many sids have been retrieved over multiple calls - * should be set to zero via ZERO_STRUCT() befrore the first call. Use the same struct LsaEnumSids for multiple calls*/ - uint32 resume_idx; - - /**The number of sids returned this call*/ - uint32 num_sids; - - /**Array of sids returned*/ - DOM_SID *sids; - - } out; -}; - -/** - * Enumerates the SIDs in the LSA. Can be enumerated in blocks by calling the function multiple times. - * Example: while(cac_LsaEnumSids(hnd, mem_ctx, op) { ... } - * @param hnd - An initialized and connected server handle - * @param mem_ctx Talloc context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE there was an error during operations OR there are no more results - * @return CAC_SUCCESS the operation completed and results were returned - */ -int cac_LsaEnumSids(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumSids *op); - -struct LsaEnumAccountRights { - struct { - /**Open LSA Policy handle*/ - POLICY_HND *pol; - - /**(Optional) SID of the account - must supply either sid or name*/ - DOM_SID *sid; - - /**(Optional) name of the account - must supply either sid or name*/ - char *name; - } in; - - struct { - /**Count of rights for this account*/ - uint32 num_privs; - - /**array of privilege names*/ - char **priv_names; - } out; -}; - -/** - * Enumerates rights assigned to a given account. Takes a SID instead of account handle as input - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE the rights could not be retrieved. hnd->status is set with NT_STATUS code - * @return CAC_SUCCESS the operation was successful. - */ - -int cac_LsaEnumAccountRights(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumAccountRights *op); - -struct LsaEnumTrustedDomains { - struct { - /**Open LSA policy handle*/ - POLICY_HND *pol; - } in; - - struct { - /**used to keep track of how many domains have been retrieved over multiple calls - * should be set to zero via ZERO_STRUCT() before the first call. Use the same struct LsaEnumSids for multiple calls*/ - uint32 resume_idx; - - /**The number of domains returned by the remote server this call*/ - uint32 num_domains; - - /**array of trusted domain names returned by the remote server*/ - char **domain_names; - - /**array of trusted domain sids returned by the remote server*/ - DOM_SID *domain_sids; - } out; -}; - -/** - * Enumerates the trusted domains in the LSA. - * @param hnd - An initialized and connected server handle - * @param mem_ctx Talloc context for memory allocation - * @param op - initialized parameters - * @return CAC_FAILURE there was an error during operations OR there are no more results - * @return CAC_SUCCESS the operation completed and results were returned - */ -int cac_LsaEnumTrustedDomains(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumTrustedDomains *op); - -struct LsaOpenTrustedDomain { - struct { - /**an open LSA policy handle*/ - POLICY_HND *pol; - - /**SID of the trusted domain to open*/ - DOM_SID *domain_sid; - - /**Desired access on the open domain*/ - uint32 access; - } in; - - struct { - /**A handle to the policy that is opened*/ - POLICY_HND *domain_pol; - } out; -}; - -/** - * Opens a trusted domain by SID. - * @param hnd An initialized and connected server handle - * @param mem_ctx Talloc context for memory allocation - * @param op initialized I/O parameters - * @return CAC_FAILURE a handle to the domain could not be opened. hnd->status is set with approriate NT_STATUS code - * @return CAC_SUCCESS the domain was opened successfully - */ -int cac_LsaOpenTrustedDomain(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaOpenTrustedDomain *op); - -struct LsaQueryTrustedDomainInfo { - struct { - /**Open LSA policy handle*/ - POLICY_HND *pol; - - /**Info class of returned data*/ - uint16 info_class; - - /**(Optional)SID of trusted domain to query (must specify either SID or name of trusted domain)*/ - DOM_SID *domain_sid; - - /**(Optional)Name of trusted domain to query (must specify either SID or name of trusted domain)*/ - char *domain_name; - } in; - - struct { - /**information about the trusted domain*/ - LSA_TRUSTED_DOMAIN_INFO *info; - } out; -}; - -/** - * Retrieves information a trusted domain. - * @param hnd An initialized and connected server handle - * @param mem_ctx Talloc context for memory allocation - * @param op initialized I/O parameters - * @return CAC_FAILURE a handle to the domain could not be opened. hnd->status is set with approriate NT_STATUS code - * @return CAC_SUCCESS the domain was opened successfully - */ - -int cac_LsaQueryTrustedDomainInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaQueryTrustedDomainInfo *op); - -struct LsaEnumPrivileges { - struct { - /**An open LSA policy handle*/ - POLICY_HND *pol; - - /**The _preferred_ maxinum number of privileges returned per call*/ - uint32 pref_max_privs; - } in; - - struct { - /**Used to keep track of how many privileges have been retrieved over multiple calls. Do not modify this value between calls*/ - uint32 resume_idx; - - /**The number of privileges returned this call*/ - uint32 num_privs; - - /**Array of privilege names*/ - char **priv_names; - - /**Array of high bits for privilege LUID*/ - uint32 *high_bits; - - /**Array of low bits for privilege LUID*/ - uint32 *low_bits; - } out; -}; - -/** - * Enumerates the Privileges supported by the LSA. Can be enumerated in blocks by calling the function multiple times. - * Example: while(cac_LsaEnumPrivileges(hnd, mem_ctx, op) { ... } - * @param hnd An initialized and connected server handle - * @param mem_ctx Talloc context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE there was an error during operations OR there are no more results - * @return CAC_SUCCESS the operation completed and results were returned - * @see CAC_OP_FAILED() - */ -int cac_LsaEnumPrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumPrivileges *op); - -struct LsaOpenAccount { - struct { - /**An open LSA policy handle*/ - POLICY_HND *pol; - - /**(Optional) account SID - must supply either sid or name*/ - DOM_SID *sid; - - /**(Optional) account name - must supply either sid or name*/ - char *name; - - /**desired access for the handle*/ - uint32 access; - } in; - - struct { - /**A handle to the opened user*/ - POLICY_HND *user; - } out; -}; - -/** - * Opens a handle to an account in the LSA - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE the account could not be opened. hnd->status has appropriate NT_STATUS code - * @return CAC_SUCCESS the account was opened - */ -int cac_LsaOpenAccount(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaOpenAccount *op); - -struct LsaAddPrivileges { - struct { - /**An open LSA policy handle*/ - POLICY_HND *pol; - - /**(Optional) The user's SID (must specify at least sid or name)*/ - DOM_SID *sid; - - /**(Optional) The user's name (must specify at least sid or name)*/ - char *name; - - /**The privilege names of the privileges to add for the account*/ - char **priv_names; - - /**The number of privileges in the priv_names array*/ - uint32 num_privs; - - } in; -}; - -/** - * Adds Privileges an account. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE the privileges could not be set. hnd->status has appropriate NT_STATUS code - * @return CAC_SUCCESS the privileges were set. - */ -int cac_LsaAddPrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaAddPrivileges *op); - -struct LsaRemovePrivileges { - struct { - /**An open handle to the LSA*/ - POLICY_HND *pol; - - /**(Optional) The account SID (must specify at least sid or name)*/ - DOM_SID *sid; - - /**(Optional) The account name (must specify at least sid or name)*/ - char *name; - - /**The privilege names of the privileges to remove from the account*/ - char **priv_names; - - /**The number of privileges in the priv_names array*/ - uint32 num_privs; - - } in; - -}; - -/** - * Removes a _specific_ set of privileges from an account - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE the privileges could not be removed. hnd->status is set with NT_STATUS code - * @return CAC_SUCCESS the privileges were removed - */ -int cac_LsaRemovePrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaRemovePrivileges *op); - -struct LsaClearPrivileges { - struct { - /**An open handle to the LSA*/ - POLICY_HND *pol; - - /**(Optional) The user's SID (must specify at least sid or name)*/ - DOM_SID *sid; - - /**(Optional) The user's name (must specify at least sid or name)*/ - char *name; - } in; - -}; - -/** - * Removes ALL privileges from an account - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE the operation was not successful, hnd->status set with NT_STATUS code - * @return CAC_SUCCESS the opeartion was successful. - */ -int cac_LsaClearPrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaClearPrivileges *op); - -/** - * Sets an accounts priviliges. Removes all privileges and then adds specified privileges. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE The operation could not complete successfully - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_LsaSetPrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaAddPrivileges *op); - -struct LsaGetSecurityObject { - struct { - /**Open LSA policy handle*/ - POLICY_HND *pol; - } in; - - struct { - /**Returned security descriptor information*/ - SEC_DESC_BUF *sec; - } out; -}; - -/** - * Retrieves Security Descriptor information about the LSA - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE The operation could not complete successfully - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_LsaGetSecurityObject(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaGetSecurityObject *op); - - -/**@}*/ /*LSA_Functions*/ - -/********************** - * Registry Functions * - *********************/ - -/**@addtogroup Reg_Functions - * @{ - */ - -struct RegConnect { - struct { - /** must be one of : - * HKEY_CLASSES_ROOT, - * HKEY_LOCAL_MACHINE, - * HKEY_USERS, - * HKEY_PERFORMANCE_DATA, - */ - int root; - - /**desired access on the root key - * combination of: - * REG_KEY_READ, - * REG_KEY_WRITE, - * REG_KEY_EXECUTE, - * REG_KEY_ALL, - * found in include/rpc_secdes.h*/ - uint32 access; - } in; - - struct { - POLICY_HND *key; - } out; -}; - -/** - * Opens a handle to the registry on the server - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_RegConnect(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegConnect *op); - -/** - * Closes an open registry handle - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param key The Key/Handle to close - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_RegClose(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *key); - -struct RegOpenKey { - struct { - /**(Optional)parent key. - * If this is NULL, then cac_RegOpenKey() will attempt to connect to the registry, name MUST start with something like:<br> - * HKEY_LOCAL_MACHINE\ or an abbreviation like HKCR\ - * - * supported root names: - * - HKEY_LOCAL_MACHINE\ or HKLM\ - * - HKEY_CLASSES_ROOT\ or HKCR\ - * - HKEY_USERS\ or HKU\ - * - HKEY_PERFORMANCE_DATA or HKPD\ - */ - POLICY_HND *parent_key; - - /**name/path of key*/ - char *name; - - /**desired access on this key*/ - uint32 access; - } in; - - struct { - POLICY_HND *key; - } out; -}; - -/** - * Opens a registry key - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_RegOpenKey(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegOpenKey *op); - -struct RegEnumKeys { - struct { - /**enumerate subkeys of this key*/ - POLICY_HND *key; - - /**maximum number of keys to enumerate each call*/ - uint32 max_keys; - } in; - - struct { - /**keeps track of the index to resume enumerating*/ - uint32 resume_idx; - - /**the number of keys returned this call*/ - uint32 num_keys; - - /**array of key names*/ - char **key_names; - - /**class names of the keys*/ - char **class_names; - - /**last modification time of the key*/ - time_t *mod_times; - } out; -}; - -/** - * Enumerates Subkeys of a given key. Can be run in a loop. Example: while(cac_RegEnumKeys(hnd, mem_ctx, op)) { ... } - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @see CAC_OP_FAILED() - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_RegEnumKeys(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegEnumKeys *op); - - -struct RegCreateKey { - struct { - /**create a subkey of parent_key*/ - POLICY_HND *parent_key; - - /**name of the key to create*/ - char *key_name; - - /**class of the key*/ - char *class_name; - - /**Access mask to open the key with. See REG_KEY_* in include/rpc_secdes.h*/ - uint32 access; - } in; - - struct { - /**Open handle to the key*/ - POLICY_HND *key; - } out; -}; - -/** - * Creates a registry key, if the key already exists, it will be opened __Creating keys is not currently working__. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parmeters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_RegCreateKey(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegCreateKey *op); - -struct RegDeleteKey { - struct { - /**handle to open registry key*/ - POLICY_HND *parent_key; - - /**name of the key to delete*/ - char *name; - - /**delete recursively. WARNING: this might not always work as planned*/ - bool recursive; - } in; - -}; - -/** - * Deletes a subkey of an open key. Note: if you run this with op->in.recursive == True, and the operation fails, it may leave the key in an inconsistent state. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_RegDeleteKey(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegDeleteKey *op); - -struct RegDeleteValue { - struct { - /**handle to open registry key*/ - POLICY_HND *parent_key; - - /**name of the value to delete*/ - char *name; - } in; -}; - -/** - * Deletes a registry value. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_RegDeleteValue(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegDeleteValue *op); - -struct RegQueryKeyInfo { - struct { - /**Open handle to the key to query*/ - POLICY_HND *key; - } in; - - struct { - /**name of the key class*/ - char *class_name; - - /**number of subkeys of the key*/ - uint32 num_subkeys; - - /**length (in characters) of the longest subkey name*/ - uint32 longest_subkey; - - /**length (in characters) of the longest class name*/ - uint32 longest_class; - - /**number of values in this key*/ - uint32 num_values; - - /**length (in characters) of the longest value name*/ - uint32 longest_value_name; - - /**length (in bytes) of the biggest value data*/ - uint32 longest_value_data; - - /**size (in bytes) of the security descriptor*/ - uint32 security_desc_size; - - /**time of the last write*/ - time_t last_write_time; - } out; -}; - -/** - * Retrieves information about an open key - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_RegQueryKeyInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegQueryKeyInfo *op); - -struct RegSaveKey { - struct { - /**Open key to be saved*/ - POLICY_HND *key; - - /**The path (on the remote computer) to save the file to*/ - char *filename; - } in; -}; - -/** - * Saves a key to a file on the remote machine __Not currently working__. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_RegSaveKey(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegSaveKey *op); - -struct RegQueryValue { - struct { - /**handle to open registry key*/ - POLICY_HND *key; - - /**name of the value to query*/ - char *val_name; - } in; - - struct { - /**Value type. - * One of: - * - REG_DWORD (equivalent to REG_DWORD_LE) - * - REG_DWORD_BE - * - REG_SZ - * - REG_EXPAND_SZ - * - REG_MULTI_SZ - * - REG_BINARY - */ - uint32 type; - - /**The value*/ - REG_VALUE_DATA *data; - } out; -}; - -/** - * Retrieves a value (type and data) _not currently working_. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_RegQueryValue(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegQueryValue *op); - -struct RegEnumValues { - struct { - /**handle to open key*/ - POLICY_HND *key; - - /**max number of values returned per call*/ - uint32 max_values; - - } in; - - struct { - /**keeps track of the index to resume from - used over multiple calls*/ - uint32 resume_idx; - - /**the number of values that were returned this call*/ - uint32 num_values; - - /**Array of value types. A type can be one of: - * - REG_DWORD (equivalent to REG_DWORD_LE) - * - REG_DWORD_BE - * - REG_SZ - * - REG_EXPAND_SZ - * - REG_MULTI_SZ - * - REG_BINARY - */ - uint32 *types; - - /**array of strings storing the names of the values*/ - char **value_names; - - /**array of pointers to the value data returned*/ - REG_VALUE_DATA **values; - } out; -}; - -/** - * Enumerates a number of Registry values in an open registry key. - * Can be run in a loop. Example: while(cac_RegEnumValues(hnd, mem_ctx, op)) { ... } - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @see CAC_OP_FAILED() - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_RegEnumValues(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegEnumValues *op); - -struct RegSetValue { - struct { - /**Handle to open registry key*/ - POLICY_HND *key; - - /**Name of the value*/ - char *val_name; - - /**Value type. - * One of: - * - REG_DWORD (equivalent to REG_DWORD_LE) - * - REG_DWORD_BE - * - REG_SZ - * - REG_EXPAND_SZ - * - REG_MULTI_SZ - * - REG_BINARY - */ - uint32 type; - - /**the value*/ - REG_VALUE_DATA value; - } in; -}; - -/** - * Sets or creates value (type and data). - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_RegSetValue(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegSetValue *op); - -struct RegGetVersion { - struct { - /**open registry key*/ - POLICY_HND *key; - } in; - - struct { - /**version number*/ - uint32 version; - } out; -}; - -/** - * Retrieves the registry version number - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_RegGetVersion(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegGetVersion *op); - -struct RegGetKeySecurity { - struct { - /**Handle to key to query*/ - POLICY_HND *key; - - /**Info that you want. Should be a combination of (1 or more or'd): - * - OWNER_SECURITY_INFORMATION - * - GROUP_SECURITY_INFORMATION - * - DACL_SECURITY_INFORMATION - * - SACL_SECURITY_INFORMATION - * - UNPROTECTED_SACL_SECURITY_INFORMATION - * - UNPROTECTED_DACL_SECURITY_INFORMATION - * - PROTECTED_SACL_SECURITY_INFORMATION - * - PROTECTED_DACL_SECURITY_INFORMATION - * - * or use: - * - ALL_SECURITY_INFORMATION - * - * all definitions from include/rpc_secdes.h - */ - uint32 info_type; - } in; - - struct { - /**size of the data returned*/ - uint32 size; - - /**Security descriptor*/ - SEC_DESC *descriptor; - } out; -}; - -/** - * Retrieves a key security descriptor. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_RegGetKeySecurity(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegGetKeySecurity *op); - -struct RegSetKeySecurity { - struct { - /**Handle to key to query*/ - POLICY_HND *key; - - /**Info that you want. Should be a combination of (1 or more or'd): - * - OWNER_SECURITY_INFORMATION - * - GROUP_SECURITY_INFORMATION - * - DACL_SECURITY_INFORMATION - * - SACL_SECURITY_INFORMATION - * - UNPROTECTED_SACL_SECURITY_INFORMATION - * - UNPROTECTED_DACL_SECURITY_INFORMATION - * - PROTECTED_SACL_SECURITY_INFORMATION - * - PROTECTED_DACL_SECURITY_INFORMATION - * - * or use: - * - ALL_SECURITY_INFORMATION - * - * all definitions from include/rpc_secdes.h - */ - uint32 info_type; - - /**size of the descriptor*/ - size_t size; - - /**Security descriptor*/ - SEC_DESC *descriptor; - } in; -}; - -/** - * Sets the key security descriptor. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_RegSetKeySecurity(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegSetKeySecurity *op); - -/**@}*/ /*Reg_Functions*/ - -struct Shutdown { - struct { - /**the message to display (can be NULL)*/ - char *message; - - /**timeout in seconds*/ - uint32 timeout; - - /**False = shutdown, True = reboot*/ - bool reboot; - - /**force the*/ - bool force; - - /*FIXME: make this useful*/ - uint32 reason; - } in; -}; - - -/** - * Shutdown the server _not currently working_. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_Shutdown(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct Shutdown *op); - -/** - * Attempt to abort initiated shutdown on the server _not currently working_. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_AbortShutdown(CacServerHandle *hnd, TALLOC_CTX *mem_ctx); - -/***************** - * SAM Functions * - *****************/ - -/**@addtogroup SAM_Functions - * @{ - */ -struct SamConnect { - struct { - /**Access mask to open with - * see generic access masks in include/smb.h*/ - uint32 access; - } in; - - struct { - POLICY_HND *sam; - } out; -}; - -/** - * Connects to the SAM. This can be skipped by just calling cac_SamOpenDomain() - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_SamConnect(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamConnect *op); - - -/** - * Closes any (SAM, domain, user, group, etc.) SAM handle. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param sam Handle to close - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_SamClose(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *sam); - -struct SamOpenDomain { - struct { - /**The desired access. See generic access masks - include/smb.h*/ - uint32 access; - - /**(Optional) An open handle to the SAM. If it is NULL, the function will connect to the SAM with the access mask above*/ - POLICY_HND *sam; - - /**(Optional) The SID of the domain to open. - * If this this is NULL, the function will attempt to open the domain specified in hnd->domain */ - DOM_SID *sid; - } in; - - struct { - /**handle to the open domain*/ - POLICY_HND *dom_hnd; - - /**Handle to the open SAM*/ - POLICY_HND *sam; - } out; -}; - -/** - * Opens a handle to a domain. This must be called before any other SAM functions - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamOpenDomain(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamOpenDomain *op); - -struct SamCreateUser { - struct { - /**Open domain handle*/ - POLICY_HND *dom_hnd; - - /**Username*/ - char *name; - - /**See Allowable account control bits in include/smb.h*/ - uint32 acb_mask; - } in; - - struct { - /**handle to the user*/ - POLICY_HND *user_hnd; - - /**rid of the user*/ - uint32 rid; - } out; -}; - -/** - * Creates a new domain user, if the account already exists it will _not_ be opened and hnd->status will be NT_STATUS_USER_EXISTS - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_SamCreateUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamCreateUser *op); - -struct SamOpenUser { - struct { - /**Handle to open SAM connection*/ - POLICY_HND *dom_hnd; - - /**desired access - see generic access masks in include/smb.h*/ - uint32 access; - - /**RID of the user*/ - uint32 rid; - - /**(Optional) name of the user - must supply either RID or user name*/ - char *name; - } in; - - struct { - /**Handle to the user*/ - POLICY_HND *user_hnd; - } out; -}; - -/** - * Opens a domain user. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamOpenUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamOpenUser *op); - -/** - * Deletes a domain user. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param user_hnd Open handle to the user - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamDeleteUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *user_hnd); - - -struct SamEnumUsers { - struct { - /**Open handle to a domain*/ - POLICY_HND *dom_hnd; - - /**Enumerate users with specific ACB. If 0, all users will be enumerated*/ - uint32 acb_mask; - } in; - - struct { - /**where to resume from. Used over multiple calls*/ - uint32 resume_idx; - - /**the number of users returned this call*/ - uint32 num_users; - - /**Array storing the rids of the returned users*/ - uint32 *rids; - - /**Array storing the names of all the users returned*/ - char **names; - - bool done; - } out; -}; - -/** - * Enumerates domain users. Can be used as a loop condition. Example: while(cac_SamEnumUsers(hnd, mem_ctx, op)) { ... } - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamEnumUsers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamEnumUsers *op); - -struct SamGetNamesFromRids { - struct { - /**An open handle to the domain SAM from cac_SamOpenDomain()*/ - POLICY_HND *dom_hnd; - - /**Number of RIDs to resolve*/ - uint32 num_rids; - - /**Array of RIDs to resolve*/ - uint32 *rids; - } in; - - struct { - /**the number of names returned - if this is 0, the map is NULL*/ - uint32 num_names; - - /**array contiaing the Names and RIDs*/ - CacLookupRidsRecord *map; - } out; -}; - -/** - * Returns a list of names which map to a list of RIDs. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamGetNamesFromRids(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetNamesFromRids *op); - -struct SamGetRidsFromNames { - struct { - /**An open handle to the domain SAM from cac_SamOpenDomain()*/ - POLICY_HND *dom_hnd; - - /**Number of names to resolve*/ - uint32 num_names; - - /**Array of names to resolve*/ - char **names; - } in; - - struct { - /**the number of names returned - if this is 0, then map is NULL*/ - uint32 num_rids; - - /**array contiaing the Names and RIDs*/ - CacLookupRidsRecord *map; - } out; -}; - -/** - * Returns a list of RIDs which map to a list of names. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamGetRidsFromNames(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetRidsFromNames *op); - -struct SamGetGroupsForUser { - struct { - /**An open handle to the user*/ - POLICY_HND *user_hnd; - } in; - - struct { - /**The number of groups the user is a member of*/ - uint32 num_groups; - - /**The RIDs of the groups*/ - uint32 *rids; - - /**The attributes of the groups*/ - uint32 *attributes; - } out; -}; -/** - * Retrieves a list of groups that a user is a member of. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamGetGroupsForUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetGroupsForUser *op); - -struct SamOpenGroup { - struct { - /**Open handle to the domain SAM*/ - POLICY_HND *dom_hnd; - - /**Desired access to open the group with. See Generic access masks in include/smb.h*/ - uint32 access; - - /**rid of the group*/ - uint32 rid; - } in; - - struct { - /**Handle to the group*/ - POLICY_HND *group_hnd; - } out; -}; - -/** - * Opens a domain group. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamOpenGroup(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamOpenGroup *op); - -struct SamCreateGroup { - struct { - /**Open handle to the domain SAM*/ - POLICY_HND *dom_hnd; - - /**Desired access to open the group with. See Generic access masks in include/smb.h*/ - uint32 access; - - /**The name of the group*/ - char *name; - } in; - - struct { - /**Handle to the group*/ - POLICY_HND *group_hnd; - } out; -}; - -/** - * Creates a group. If the group already exists it will not be opened. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamCreateGroup(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamCreateGroup *op); - -/** - * Deletes a domain group. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param group_hnd Open handle to the group. - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamDeleteGroup(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *group_hnd); - -struct SamGetGroupMembers { - struct { - /**Open handle to a group*/ - POLICY_HND *group_hnd; - } in; - - struct { - /**The number of members in the group*/ - uint32 num_members; - - /**An array storing the RIDs of the users*/ - uint32 *rids; - - /**The attributes*/ - uint32 *attributes; - } out; -}; - -/** - * Retrives a list of users in a group. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamGetGroupMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetGroupMembers *op); - -struct SamAddGroupMember { - struct { - /**Open handle to a group*/ - POLICY_HND *group_hnd; - - /**RID of new member*/ - uint32 rid; - } in; -}; - -/** - * Adds a user to a group. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamAddGroupMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamAddGroupMember *op); - -struct SamRemoveGroupMember { - struct { - /**Open handle to a group*/ - POLICY_HND *group_hnd; - - /**RID of member to remove*/ - uint32 rid; - } in; -}; - -/** - * Removes a user from a group. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamRemoveGroupMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRemoveGroupMember *op); - -/** - * Removes all the members of a group - warning: if this function fails is is possible that some but not all members were removed - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param group_hnd Open handle to the group to clear - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamClearGroupMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *group_hnd); - -struct SamSetGroupMembers { - struct { - /**Open handle to the group*/ - POLICY_HND *group_hnd; - - /**Number of members in the group - if this is 0, all members of the group will be removed*/ - uint32 num_members; - - /**The RIDs of the users to add*/ - uint32 *rids; - } in; -}; - -/** - * Clears the members of a group and adds a list of members to the group - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamSetGroupMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetGroupMembers *op); - -struct SamEnumGroups { - struct { - /**Open handle to a domain*/ - POLICY_HND *dom_hnd; - } in; - - struct { - /**Where to resume from _do not_ modify this value. Used over multiple calls.*/ - uint32 resume_idx; - - /**the number of users returned this call*/ - uint32 num_groups; - - /**Array storing the rids of the returned groups*/ - uint32 *rids; - - /**Array storing the names of all the groups returned*/ - char **names; - - /**Array storing the descriptions of all the groups returned*/ - char **descriptions; - - bool done; - } out; -}; - -/** - * Enumerates domain groups. Can be used as a loop condition. Example: while(cac_SamEnumGroups(hnd, mem_ctx, op)) { ... } - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamEnumGroups(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamEnumGroups *op); - -struct SamEnumAliases { - struct { - /**Open handle to a domain*/ - POLICY_HND *dom_hnd; - } in; - - struct { - /**where to resume from. Used over multiple calls*/ - uint32 resume_idx; - - /**the number of users returned this call*/ - uint32 num_aliases; - - /**Array storing the rids of the returned groups*/ - uint32 *rids; - - /**Array storing the names of all the groups returned*/ - char **names; - - /**Array storing the descriptions of all the groups returned*/ - char **descriptions; - - bool done; - } out; -}; - -/** - * Enumerates domain aliases. Can be used as a loop condition. Example: while(cac_SamEnumAliases(hnd, mem_ctx, op)) { ... } - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamEnumAliases(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamEnumAliases *op); - -struct SamCreateAlias { - struct { - /**Open handle to the domain SAM*/ - POLICY_HND *dom_hnd; - - /**The name of the alias*/ - char *name; - } in; - - struct { - /**Handle to the group*/ - POLICY_HND *alias_hnd; - } out; -}; - -/** - * Creates an alias. If the alias already exists it will not be opened. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_SamCreateAlias(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamCreateAlias *op); - -struct SamOpenAlias { - struct { - /**Open handle to the domain SAM*/ - POLICY_HND *dom_hnd; - - /**Desired access to open the group with. See Generic access masks in include/smb.h*/ - uint32 access; - - /**rid of the alias*/ - uint32 rid; - } in; - - struct { - /**Handle to the alias*/ - POLICY_HND *alias_hnd; - } out; -}; - -/** - * Opens a handle to an alias. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamOpenAlias(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamOpenAlias *op); - -/** - * Deletes an alias. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param alias_hnd Open handle to the alias - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamDeleteAlias(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *alias_hnd); - -struct SamAddAliasMember { - struct { - /**Open handle to a alias*/ - POLICY_HND *alias_hnd; - - /**SID of new member*/ - DOM_SID *sid; - } in; -}; - -/** - * Adds an account to an alias. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamAddAliasMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamAddAliasMember *op); - -struct SamRemoveAliasMember { - struct { - /**Open handle to the alias*/ - POLICY_HND *alias_hnd; - - /**The SID of the member*/ - DOM_SID *sid; - } in; -}; - -/** - * Removes an account from an alias. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamRemoveAliasMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRemoveAliasMember *op); - -struct SamGetAliasMembers { - struct { - /**Open handle to the alias*/ - POLICY_HND *alias_hnd; - } in; - - struct { - /**The number of members*/ - uint32 num_members; - - /**An array storing the SIDs of the accounts*/ - DOM_SID *sids; - } out; -}; - -/** - * Retrieves a list of all accounts in an alias. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamGetAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetAliasMembers *op); - -/** - * Removes all the members of an alias - warning: if this function fails is is possible that some but not all members were removed - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param alias_hnd Handle to the alias to clear - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_SamClearAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *alias_hnd); - -struct SamSetAliasMembers { - struct { - /**Open handle to the group*/ - POLICY_HND *alias_hnd; - - /**Number of members in the group - if this is 0, all members of the group will be removed*/ - uint32 num_members; - - /**The SIDs of the accounts to add*/ - DOM_SID *sids; - } in; -}; - -/** - * Clears the members of an alias and adds a list of members to the alias - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamSetAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetAliasMembers *op); - - -struct SamUserChangePasswd { - struct { - /**The username*/ - char *username; - - /**The current password*/ - char *password; - - /**The new password*/ - char *new_password; - } in; -}; -/**Used by a user to change their password*/ -int cac_SamUserChangePasswd(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamUserChangePasswd *op); - -/** - * Enables a user - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param user_hnd Open handle to the user to enable - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamEnableUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *user_hnd); - -/** - * Disables a user - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param user_hnd Open handle to the user to disables - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamDisableUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *user_hnd); - -struct SamSetPassword { - struct { - /**Open handle to a user*/ - POLICY_HND *user_hnd; - - /**The new password*/ - char *password; - } in; -}; - -/** - * Sets a user's password - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_SamSetPassword(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetPassword *op); - -struct SamGetUserInfo { - struct { - /**Open Handle to a user*/ - POLICY_HND *user_hnd; - } in; - - struct { - CacUserInfo *info; - } out; -}; - -/** - * Retrieves user information using a CacUserInfo structure. If you would like to use a SAM_USERINFO_CTR directly, use cac_SamGetUserInfoCtr() - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @see cac_SamGetUserInfoCtr() - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamGetUserInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetUserInfo *op); - -struct SamSetUserInfo { - struct { - /**Open handle to a user*/ - POLICY_HND *user_hnd; - - /**Structure containing the data you would like to set*/ - CacUserInfo *info; - } in; -}; - -/** - * Sets the user info using a CacUserInfo structure. If you would like to use a SAM_USERINFO_CTR directly use cac_SamSetUserInfoCtr(). - * @note All fields in the CacUserInfo structure will be set. Best to call cac_GetUserInfo() modify fields that you want, and then call cac_SetUserInfo(). - * @note When calling this, you _must_ set the user's password. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @see cac_SamSetUserInfoCtr() - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamSetUserInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetUserInfo *op); - -struct SamGetUserInfoCtr { - struct { - /**Open handle to a user*/ - POLICY_HND *user_hnd; - - /**What USER_INFO structure you want. See include/rpc_samr.h*/ - uint16 info_class; - } in; - - struct { - /**returned user info*/ - SAM_USERINFO_CTR *ctr; - } out; -}; - -/** - * Retrieves user information using a SAM_USERINFO_CTR structure. If you don't want to use this structure, user SamGetUserInfo() - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @see cac_SamGetUserInfo() - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamGetUserInfoCtr(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetUserInfoCtr *op); - -struct SamSetUserInfoCtr { - struct { - /**Open handle to a user*/ - POLICY_HND *user_hnd; - - /**user info - make sure ctr->switch_value is set properly*/ - SAM_USERINFO_CTR *ctr; - } in; -}; - -/** - * Sets the user info using a SAM_USERINFO_CTR structure. If you don't want to use this structure, use cac_SamSetUserInfo() - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @see cac_SamSetUserInfo() - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_SamSetUserInfoCtr(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetUserInfoCtr *op); - -struct SamRenameUser { - struct { - /**Open handle to user*/ - POLICY_HND *user_hnd; - - /**New user name*/ - char *new_name; - } in; -}; - -/** - * Changes the name of a user. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamRenameUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRenameUser *op); - -struct SamGetGroupInfo { - struct { - /**Open handle to a group*/ - POLICY_HND *group_hnd; - } in; - - struct { - /**Returned info about the group*/ - CacGroupInfo *info; - } out; -}; - -/** - * Retrieves information about a group. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamGetGroupInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetGroupInfo *op); - -struct SamSetGroupInfo { - struct { - /**Open handle to a group*/ - POLICY_HND *group_hnd; - - /**group info*/ - CacGroupInfo *info; - } in; -}; - -/** - * Sets information about a group. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamSetGroupInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetGroupInfo *op); - -struct SamRenameGroup { - struct { - /**Open handle to a group*/ - POLICY_HND *group_hnd; - - /**New name*/ - char *new_name; - } in; -}; - -/** - * Changes the name of a group - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ - -int cac_SamRenameGroup(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRenameGroup *op); - -struct SamGetAliasInfo { - struct { - /**Open handle to an alias*/ - POLICY_HND *alias_hnd; - } in; - - struct { - /**Returned alias info*/ - CacAliasInfo *info; - } out; -}; - -/** - * Retrieves information about an alias. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamGetAliasInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetAliasInfo *op); - -struct SamSetAliasInfo { - struct { - /**Open handle to an alias*/ - POLICY_HND *alias_hnd; - - /**Returned alias info*/ - CacAliasInfo *info; - } in; -}; - -/** - * Sets information about an alias. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code - * @return CAC_SUCCESS The operation completed successfully - */ -int cac_SamSetAliasInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetAliasInfo *op); - -struct SamGetDomainInfo { - struct { - /**Open handle to the domain SAM*/ - POLICY_HND *dom_hnd; - } in; - - struct { - /**Returned domain info*/ - CacDomainInfo *info; - } out; -}; - -/** - * Gets domain information in the form of a CacDomainInfo structure. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @see SamGetDomainInfoCtr() - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - * @return CAC_PARTIAL_SUCCESS - This function makes 3 rpc calls, if one or two fail and the rest succeed, - * not all fields in the CacDomainInfo structure will be filled - */ -int cac_SamGetDomainInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetDomainInfo *op); - -struct SamGetDomainInfoCtr { - struct { - /**Open handle to domain*/ - POLICY_HND *dom_hnd; - - /**What info level you want*/ - uint16 info_class; - } in; - - struct { - SAM_UNK_CTR *info; - } out; -}; - -/** - * Gets domain information in the form of a SAM_UNK_CTR structure. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @see SamGetDomainInfo() - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SamGetDomainInfoCtr(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetDomainInfoCtr *op); - -struct SamGetDisplayInfo { - struct { - /**Open handle to domain*/ - POLICY_HND *dom_hnd; - - /**What type of data*/ - uint16 info_class; - - /**(Optional)If 0, max_entries and max_size will be filled in by the function*/ - uint32 max_entries; - - /**(Optional)If 0, max_entries and max_size will be filled in by the function*/ - uint32 max_size; - } in; - - struct { - /**Do not modify this value, use the same value between multiple calls (ie in while loop)*/ - uint32 resume_idx; - - /**Number of entries returned*/ - uint32 num_entries; - - /**Returned display info*/ - SAM_DISPINFO_CTR ctr; - - /**Internal value. Do not modify.*/ - uint32 loop_count; - - bool done; - } out; -}; - -/** - * Gets dislpay information using a SAM_DISPINFO_CTR. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SamGetDisplayInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetDisplayInfo *op); - -struct SamLookupDomain { - struct { - /**Open handle to the sam (opened with cac_SamConnect() or cac_SamOpenDomain()*/ - POLICY_HND *sam; - - /**Name of the domain to lookup*/ - char *name; - } in; - - struct { - /**SID of the domain*/ - DOM_SID *sid; - } out; -}; - -/** - * Looks up a Domain SID given it's name. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SamLookupDomain(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamLookupDomain *op); - -struct SamGetSecurityObject { - struct { - /**An open handle (SAM, domain or user)*/ - POLICY_HND *pol; - } in; - - struct { - SEC_DESC_BUF *sec; - } out; -}; - -/** - * Retrievies Security descriptor information for a SAM/Domain/user - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SamGetSecurityObject(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetSecurityObject *op); - -struct SamFlush { - struct { - /**Open handle to the domain SAM*/ - POLICY_HND *dom_hnd; - - /**(Optional)Domain SID. If NULL, the domain in hnd->domain will be opened*/ - DOM_SID *sid; - - /**(Optional)Desired access to re-open the domain with. If 0, MAXIMUM_ALLOWED_ACCESS is used.*/ - uint32 access; - } in; -}; - -/** - * Closes the domain handle, then re-opens it - effectively flushing any changes made. - * WARNING: if this fails you will no longer have an open handle to the domain SAM. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SamFlush(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamFlush *op); - -/**@}*/ /*SAM_Functions*/ - -/**@addtogroup SCM_Functions - * @{ - */ - -struct SvcOpenScm { - struct { - /**Desired access to open the Handle with. See SC_RIGHT_MGR_* or SC_MANAGER_* in include/rpc_secdes.h*/ - uint32 access; - } in; - - struct { - /**Handle to the SCM*/ - POLICY_HND *scm_hnd; - } out; -}; - -/** - * Opens a handle to the SCM on the remote machine. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SvcOpenScm(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcOpenScm *op); - -/** - * Closes an Svc handle (SCM or Service) - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param scm_hnd The handle to close - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SvcClose(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *scm_hnd); - -struct SvcEnumServices { - struct { - /**Open handle to the SCM*/ - POLICY_HND *scm_hnd; - - /**(Optional)Type of service to enumerate. Possible values: - * - SVCCTL_TYPE_WIN32 - * - SVCCTL_TYPE_DRIVER - * If this is 0, (SVCCTL_TYPE_DRIVER | SVCCTL_TYPE_WIN32) is assumed. - */ - uint32 type; - - /**(Optional)State of service to enumerate. Possible values: - * - SVCCTL_STATE_ACTIVE - * - SVCCTL_STATE_INACTIVE - * - SVCCTL_STATE_ALL - * If this is 0, SVCCTL_STATE_ALL is assumed. - */ - uint32 state; - } in; - - struct { - /**Number of services returned*/ - uint32 num_services; - - /**Array of service structures*/ - CacService *services; - } out; -}; - -/** - * Enumerates services on the remote machine. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SvcEnumServices(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcEnumServices *op); - -struct SvcOpenService { - struct { - /**Handle to the Service Control Manager*/ - POLICY_HND *scm_hnd; - - /**Access mask to open service with see SERVICE_* or SC_RIGHT_SVC_* in include/rpc_secdes.h*/ - uint32 access; - - /**The name of the service. _not_ the display name*/ - char *name; - } in; - - struct { - /**Handle to the open service*/ - POLICY_HND *svc_hnd; - } out; -}; - -/** - * Opens a handle to a service. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ - -int cac_SvcOpenService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcOpenService *op); - -struct SvcGetStatus { - struct { - /**Open handle to the service to query*/ - POLICY_HND *svc_hnd; - } in; - - struct { - /**The status of the service. See include/rpc_svcctl.h for SERVICE_STATUS definition.*/ - SERVICE_STATUS status; - } out; -}; - -/** - * Retrieves the status of a service. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SvcGetStatus(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcGetStatus *op); - -struct SvcStartService { - struct { - /**open handle to the service*/ - POLICY_HND *svc_hnd; - - /**Array of parameters to start the service with. Can be NULL if num_parms is 0*/ - char **parms; - - /**Number of parameters in the parms array*/ - uint32 num_parms; - - /**Number of seconds to wait for the service to actually start. If this is 0, then the status will not be checked after the initial call*/ - uint32 timeout; - } in; -}; - -/** - * Attempts to start a service. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ - -int cac_SvcStartService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcStartService *op); - -struct SvcControlService { - struct { - /**Open handle to the service to control*/ - POLICY_HND *svc_hnd; - - /**The control operation to perform. Possible values (from include/rpc_svcctl.h): - * - SVCCTL_CONTROL_STOP - * - SVCCTL_CONTROL_PAUSE - * - SVCCTL_CONTROL_CONTINUE - * - SVCCTL_CONTROL_SHUTDOWN - */ - uint32 control; - } in; - - struct { - /**The returned status of the service, _immediately_ after the call*/ - SERVICE_STATUS *status; - } out; -}; - -/** - * Performs a control operation on a service and _immediately_ returns. - * @see cac_SvcStopService() - * @see cac_SvcPauseService() - * @see cac_SvcContinueService() - * @see cac_SvcShutdownService() - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SvcControlService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcControlService *op); - -struct SvcStopService { - struct { - /**Open handle to the service*/ - POLICY_HND *svc_hnd; - - /**Number of seconds to wait for the service to actually start. - * If this is 0, then the status will not be checked after the initial call and CAC_SUCCESS might be returned if the status isn't actually started - */ - uint32 timeout; - } in; - - struct { - /**Status of the service after the operation*/ - SERVICE_STATUS status; - } out; -}; - -/** - * Attempts to stop a service. - * @see cacSvcControlService() - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE - the operation was not successful. If hnd->status is NT_STATUS_OK, then a timeout occured. - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SvcStopService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcStopService *op); - -struct SvcPauseService { - struct { - /**Open handle to the service*/ - POLICY_HND *svc_hnd; - - /**Number of seconds to wait for the service to actually start. - * If this is 0, then the status will not be checked after the initial call and CAC_SUCCESS might be returned if the status isn't actually started - */ - uint32 timeout; - } in; - - struct { - /**Status of the service after the operation*/ - SERVICE_STATUS status; - } out; -}; - -/** - * Attempts to pause a service. - * @see cacSvcControlService() - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE - the operation was not successful. If hnd->status is NT_STATUS_OK, then a timeout occured. - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SvcPauseService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcPauseService *op); - -struct SvcContinueService { - struct { - /**Open handle to the service*/ - POLICY_HND *svc_hnd; - - /**Number of seconds to wait for the service to actually start. - * If this is 0, then the status will not be checked after the initial call and CAC_SUCCESS might be returned if the status isn't actually started - */ - uint32 timeout; - } in; - - struct { - /**Status of the service after the operation*/ - SERVICE_STATUS status; - } out; -}; - -/** - * Attempts to continue a paused service. - * @see cacSvcControlService() - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE - the operation was not successful. If hnd->status is NT_STATUS_OK, then a timeout occured. - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SvcContinueService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcContinueService *op); - -struct SvcGetDisplayName { - struct { - /**Open handle to the service*/ - POLICY_HND *svc_hnd; - } in; - - struct { - /**The returned display name of the service*/ - char *display_name; - } out; -}; - -/** - * Retrieves the display name of a service _not currently working_ - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SvcGetDisplayName(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcGetDisplayName *op); - -struct SvcGetServiceConfig { - struct { - /**Open handle to the service*/ - POLICY_HND *svc_hnd; - } in; - - struct { - /**Returned Configuration information*/ - CacServiceConfig config; - } out; -}; - -/** - * Retrieves configuration information about a service. - * @param hnd Initialized and connected server handle - * @param mem_ctx Context for memory allocation - * @param op Initialized Parameters - * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately - * @return CAC_SUCCESS - the operation was successful - */ -int cac_SvcGetServiceConfig(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcGetServiceConfig *op); - -/**@}*/ /*SCM_Functions*/ - -struct rpc_pipe_client *cac_GetPipe(CacServerHandle *hnd, int pi_idx); - -#endif /* LIBMSRPC_H */ - - diff --git a/source3/include/libmsrpc_internal.h b/source3/include/libmsrpc_internal.h deleted file mode 100644 index 623c43f9c3..0000000000 --- a/source3/include/libmsrpc_internal.h +++ /dev/null @@ -1,73 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * MS-RPC client internal definitions - * Copyright (C) Chris Nicholls 2005. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see <http://www.gnu.org/licenses/>. - */ - -#ifndef LIBMSRPC_INTERNAL_H -#define LIBMSRPC_INTERNAL_H - -#include "libmsrpc.h" - -/*definitions*/ - -struct CacServerHandleInternal { - /*stores the os type of the server*/ - uint16 srv_level; - - /*stores the initialized/active pipes*/ - bool pipes[PI_MAX_PIPES]; - - /*underlying smbc context*/ - SMBCCTX *ctx; - - /*did the user supply this SMBCCTX?*/ - bool user_supplied_ctx; -}; - -/*used to get a struct rpc_pipe_client* to be passed into rpccli* calls*/ - -/*nessecary prototypes*/ -bool rid_in_list(uint32 rid, uint32 *list, uint32 list_len); - -int cac_ParseRegPath(char *path, uint32 *reg_type, char **key_name); - -REG_VALUE_DATA *cac_MakeRegValueData(TALLOC_CTX *mem_ctx, uint32 data_type, REGVAL_BUFFER buf); - -RPC_DATA_BLOB *cac_MakeRpcDataBlob(TALLOC_CTX *mem_ctx, uint32 data_type, REG_VALUE_DATA data); - -SAM_USERINFO_CTR *cac_MakeUserInfoCtr(TALLOC_CTX *mem_ctx, CacUserInfo *info); - -CacUserInfo *cac_MakeUserInfo(TALLOC_CTX *mem_ctx, SAM_USERINFO_CTR *ctr); -CacGroupInfo *cac_MakeGroupInfo(TALLOC_CTX *mem_ctx, GROUP_INFO_CTR *ctr); -GROUP_INFO_CTR *cac_MakeGroupInfoCtr(TALLOC_CTX *mem_ctx, CacGroupInfo *info); -CacAliasInfo *cac_MakeAliasInfo(TALLOC_CTX *mem_ctx, ALIAS_INFO_CTR ctr); -ALIAS_INFO_CTR *cac_MakeAliasInfoCtr(TALLOC_CTX *mem_ctx, CacAliasInfo *info); -CacDomainInfo *cac_MakeDomainInfo(TALLOC_CTX *mem_ctx, SAM_UNK_INFO_1 *info1, SAM_UNK_INFO_2 *info2, SAM_UNK_INFO_12 *info12); -CacService *cac_MakeServiceArray(TALLOC_CTX *mem_ctx, ENUM_SERVICES_STATUS *svc, uint32 num_services); -int cac_InitCacServiceConfig(TALLOC_CTX *mem_ctx, SERVICE_CONFIG *src, CacServiceConfig *dest); - -/*moved to libmsrpc.h*/ -/*struct rpc_pipe_client *cac_GetPipe(CacServerHandle *hnd, int pi_idx);*/ - -SMBCSRV *smbc_attr_server(SMBCCTX *context, - const char *server, const char *share, - fstring workgroup, - fstring username, fstring password, - POLICY_HND *pol); - - -#endif /* LIBMSRPC_INTERNAL_H */ diff --git a/source3/include/nameserv.h b/source3/include/nameserv.h index 4377e3330a..a7d46e72d8 100644 --- a/source3/include/nameserv.h +++ b/source3/include/nameserv.h @@ -539,17 +539,6 @@ struct packet_struct } packet; }; -/* NETLOGON opcodes */ - -#define QUERYFORPDC 7 /* Query for PDC. */ -#define SAM_UAS_CHANGE 10 /* Announce change to UAS or SAM. */ -#define QUERYFORPDC_R 12 /* Response to Query for PDC. */ -#define SAMLOGON 18 -#define SAMLOGON_R 19 -#define SAMLOGON_UNK_R 21 -#define SAMLOGON_AD_UNK_R 23 -#define SAMLOGON_AD_R 25 - /* Ids for netbios packet types. */ #define ANN_HostAnnouncement 1 diff --git a/source3/include/printing.h b/source3/include/printing.h index 04e30a011b..d91917b528 100644 --- a/source3/include/printing.h +++ b/source3/include/printing.h @@ -77,7 +77,7 @@ extern struct printif iprint_printif; #define NEXT_JOBID(j) ((j+1) % PRINT_MAX_JOBID > 0 ? (j+1) % PRINT_MAX_JOBID : 1) #define MAX_CACHE_VALID_TIME 3600 -#define CUPS_DEFAULT_TIMEOUT 30 +#define CUPS_DEFAULT_CONNECTION_TIMEOUT 30 #ifndef PRINT_SPOOL_PREFIX #define PRINT_SPOOL_PREFIX "smbprn." diff --git a/source3/include/proto.h b/source3/include/proto.h index 198248c517..3df87a6c34 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -43,7 +43,10 @@ bool password_ok(const char *smb_name, DATA_BLOB password_blob); /* The following definitions come from auth/auth_domain.c */ -NTSTATUS auth_domain_init(void) ; +void attempt_machine_password_change(void); +NTSTATUS auth_domain_init(void); + +NTSTATUS auth_netlogond_init(void); /* The following definitions come from auth/auth_ntlmssp.c */ @@ -489,7 +492,7 @@ TALLOC_CTX *debug_ctx(void); /* The following definitions come from lib/display_sec.c */ char *get_sec_mask_str(TALLOC_CTX *ctx, uint32 type); -void display_sec_access(SEC_ACCESS *info); +void display_sec_access(uint32_t *info); void display_sec_ace_flags(uint8_t flags); void display_sec_ace(SEC_ACE *ace); void display_sec_acl(SEC_ACL *sec_acl); @@ -507,6 +510,7 @@ void display_set_stderr(void); /* The following definitions come from lib/errmap_unix.c */ NTSTATUS map_nt_error_from_unix(int unix_error); +int map_errno_from_nt_status(NTSTATUS status); /* The following definitions come from lib/events.c */ @@ -702,6 +706,7 @@ bool privilege_set_to_se_priv( SE_PRIV *mask, struct lsa_PrivilegeSet *privset ) /* The following definitions come from lib/readline.c */ +void smb_readline_done(void); char *smb_readline(const char *prompt, void (*callback)(void), char **(completion_fn)(const char *text, int start, int end)); const char *smb_readline_get_line_buffer(void); @@ -766,7 +771,6 @@ NTSTATUS sec_desc_mod_sid(SEC_DESC *sd, DOM_SID *sid, uint32 mask); NTSTATUS sec_desc_del_sid(TALLOC_CTX *ctx, SEC_DESC **psd, DOM_SID *sid, size_t *sd_size); SEC_DESC_BUF *se_create_child_secdesc(TALLOC_CTX *ctx, SEC_DESC *parent_ctr, bool child_container); -void init_sec_access(uint32 *t, uint32 mask); /* The following definitions come from lib/select.c */ @@ -1421,6 +1425,7 @@ WERROR registry_push_value(TALLOC_CTX *mem_ctx, /* The following definitions come from lib/util_seaccess.c */ void se_map_generic(uint32 *access_mask, const struct generic_mapping *mapping); +void security_acl_map_generic(struct security_acl *sa, const struct generic_mapping *mapping); void se_map_standard(uint32 *access_mask, struct standard_mapping *mapping); bool se_access_check(const SEC_DESC *sd, const NT_USER_TOKEN *token, uint32 acc_desired, uint32 *acc_granted, @@ -5819,7 +5824,7 @@ const char **lp_svcctl_list(void); char *lp_cups_options(int ); char *lp_cups_server(void); char *lp_iprint_server(void); -int lp_cups_timeout(void); +int lp_cups_connection_timeout(void); const char *lp_ctdbd_socket(void); const char **lp_cluster_addresses(void); bool lp_clustering(void); @@ -5985,7 +5990,7 @@ bool dump_a_parameter(int snum, char *parm_name, FILE * f, bool isGlobal); struct parm_struct *lp_get_parameter(const char *param_name); struct parm_struct *lp_next_parameter(int snum, int *i, int allparameters); bool lp_snum_ok(int iService); -void lp_add_one_printer(char *name, char *comment); +void lp_add_one_printer(const char *name, const char *comment, void *pdata); bool lp_loaded(void); void lp_killunused(bool (*snumused) (int)); void lp_kill_all_services(void); @@ -6414,6 +6419,8 @@ bool secrets_restore_schannel_session_info(TALLOC_CTX *mem_ctx, struct dcinfo **ppdc); bool secrets_store_generic(const char *owner, const char *key, const char *secret); char *secrets_fetch_generic(const char *owner, const char *key); +bool secrets_store_local_schannel_key(uint8_t schannel_key[16]); +bool secrets_fetch_local_schannel_key(uint8_t schannel_key[16]); /* The following definitions come from passdb/util_builtin.c */ @@ -6556,11 +6563,15 @@ char* get_server_name( Printer_entry *printer ); /* The following definitions come from printing/pcap.c */ +bool pcap_cache_add_specific(struct pcap_cache **ppcache, const char *name, const char *comment); +void pcap_cache_destroy_specific(struct pcap_cache **ppcache); bool pcap_cache_add(const char *name, const char *comment); bool pcap_cache_loaded(void); +void pcap_cache_replace(const struct pcap_cache *cache); void pcap_cache_reload(void); bool pcap_printername_ok(const char *printername); -void pcap_printer_fn(void (*fn)(char *, char *)); +void pcap_printer_fn_specific(const struct pcap_cache *, void (*fn)(const char *, const char *, void *), void *); +void pcap_printer_fn(void (*fn)(const char *, const char *, void *), void *); /* The following definitions come from printing/print_aix.c */ @@ -9545,7 +9556,6 @@ NTSTATUS open_fake_file(connection_struct *conn, const char *fname, uint32 access_mask, files_struct **result); -void destroy_fake_file_handle(struct fake_file_handle **fh); NTSTATUS close_fake_file(files_struct *fsp); /* The following definitions come from smbd/file_access.c */ @@ -9911,14 +9921,17 @@ void reply_pipe_close(connection_struct *conn, struct smb_request *req); /* The following definitions come from smbd/posix_acls.c */ -NTSTATUS unpack_nt_owners(int snum, uid_t *puser, gid_t *pgrp, uint32 security_info_sent, SEC_DESC *psd); +NTSTATUS unpack_nt_owners(int snum, uid_t *puser, gid_t *pgrp, uint32 security_info_sent, const SEC_DESC *psd); SMB_ACL_T free_empty_sys_acl(connection_struct *conn, SMB_ACL_T the_acl); NTSTATUS posix_fget_nt_acl(struct files_struct *fsp, uint32_t security_info, SEC_DESC **ppdesc); NTSTATUS posix_get_nt_acl(struct connection_struct *conn, const char *name, uint32_t security_info, SEC_DESC **ppdesc); int try_chown(connection_struct *conn, const char *fname, uid_t uid, gid_t gid); -NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd); +NTSTATUS append_parent_acl(files_struct *fsp, + const SEC_DESC *pcsd, + SEC_DESC **pp_new_sd); +NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd); int get_acl_group_bits( connection_struct *conn, const char *fname, mode_t *mode ); int chmod_acl(connection_struct *conn, const char *name, mode_t mode); int inherit_access_posix_acl(connection_struct *conn, const char *inherit_from_dir, diff --git a/source3/include/rpc_secdes.h b/source3/include/rpc_secdes.h index 83103b7386..71fba41fe9 100644 --- a/source3/include/rpc_secdes.h +++ b/source3/include/rpc_secdes.h @@ -70,9 +70,6 @@ PROTECTED_SACL_SECURITY_INFORMATION|\ PROTECTED_DACL_SECURITY_INFORMATION) -/* SEC_ACCESS */ -typedef uint32 SEC_ACCESS; - /* SEC_ACE */ typedef struct security_ace SEC_ACE; #define SEC_ACE_HEADER_SIZE (2 * sizeof(uint8) + sizeof(uint16) + sizeof(uint32)) diff --git a/source3/include/secrets.h b/source3/include/secrets.h index d9f457558b..3c8e2ccf81 100644 --- a/source3/include/secrets.h +++ b/source3/include/secrets.h @@ -45,6 +45,8 @@ #define SECRETS_LDAP_BIND_PW "SECRETS/LDAP_BIND_PW" +#define SECRETS_LOCAL_SCHANNEL_KEY "SECRETS/LOCAL_SCHANNEL_KEY" + /* Authenticated user info is stored in secrets.tdb under these keys */ #define SECRETS_AUTH_USER "SECRETS/AUTH_USER" diff --git a/source3/include/smb.h b/source3/include/smb.h index c8c4f8c3cc..ef98b5e1b5 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -391,6 +391,7 @@ struct idle_event; struct share_mode_entry; struct uuid; struct named_mutex; +struct pcap_cache; struct vfs_fsp_data { struct vfs_fsp_data *next; diff --git a/source3/include/smb_macros.h b/source3/include/smb_macros.h index 20e2a9a443..d2e0aa95ac 100644 --- a/source3/include/smb_macros.h +++ b/source3/include/smb_macros.h @@ -75,22 +75,6 @@ return ERROR_NT(NT_STATUS_INVALID_HANDLE); \ } while(0) -/* you must add the following extern declaration to files using this macro - * (do not add it to the macro as that causes nested extern declaration warnings) - * extern struct current_user current_user; - */ -#define CHECK_FSP(fsp,conn) do {\ - if (!(fsp) || !(conn)) \ - return ERROR_NT(NT_STATUS_INVALID_HANDLE); \ - else if (((conn) != (fsp)->conn) || current_user.vuid != (fsp)->vuid) \ - return ERROR_NT(NT_STATUS_INVALID_HANDLE); \ - else if ((fsp)->is_directory) \ - return ERROR_NT(NT_STATUS_INVALID_DEVICE_REQUEST); \ - else if ((fsp)->fh->fd == -1) \ - return ERROR_NT(NT_STATUS_ACCESS_DENIED); \ - (fsp)->num_smb_operations++;\ - } while(0) - #define CHECK_READ(fsp,inbuf) (((fsp)->fh->fd != -1) && ((fsp)->can_read || \ ((SVAL((inbuf),smb_flg2) & FLAGS2_READ_PERMIT_EXECUTE) && \ (fsp->access_mask & FILE_EXECUTE)))) diff --git a/source3/include/vfs.h b/source3/include/vfs.h index 9b72f69328..a3d38f6a25 100644 --- a/source3/include/vfs.h +++ b/source3/include/vfs.h @@ -108,8 +108,9 @@ /* Leave at 22 - not yet released. Remove parameter fd from close_fn. - obnox */ /* Changed to version 23 - remove set_nt_acl call. This can only be done via an open handle. JRA. */ +/* Changed to version 24 - make security descriptor const in fset_nt_acl. JRA. */ -#define SMB_VFS_INTERFACE_VERSION 23 +#define SMB_VFS_INTERFACE_VERSION 24 /* to bug old modules which are trying to compile with the old functions */ @@ -365,7 +366,7 @@ struct vfs_ops { NTSTATUS (*fset_nt_acl)(struct vfs_handle_struct *handle, struct files_struct *fsp, uint32 security_info_sent, - struct security_descriptor *psd); + const struct security_descriptor *psd); /* POSIX ACL operations. */ |