summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2006-02-03 22:19:41 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:06:23 -0500
commit0af1500fc0bafe61019f1b2ab1d9e1d369221240 (patch)
tree653fc2533795458d5f9696402285d9f14e527a21 /source3/rpc_server
parent21a30a1346c9f9a25659a0cea0d276d8c2e6ddca (diff)
downloadsamba-0af1500fc0bafe61019f1b2ab1d9e1d369221240.tar.gz
samba-0af1500fc0bafe61019f1b2ab1d9e1d369221240.tar.bz2
samba-0af1500fc0bafe61019f1b2ab1d9e1d369221240.zip
r13316: Let the carnage begin....
Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_dfs.c587
-rw-r--r--source3/rpc_server/srv_dfs_nt.c406
-rw-r--r--source3/rpc_server/srv_lsa_nt.c256
-rw-r--r--source3/rpc_server/srv_netlog_nt.c96
-rw-r--r--source3/rpc_server/srv_pipe.c5
-rw-r--r--source3/rpc_server/srv_pipe_hnd.c5
-rw-r--r--source3/rpc_server/srv_samr_nt.c279
-rw-r--r--source3/rpc_server/srv_spoolss_nt.c20
-rw-r--r--source3/rpc_server/srv_srvsvc_nt.c208
9 files changed, 1129 insertions, 733 deletions
diff --git a/source3/rpc_server/srv_dfs.c b/source3/rpc_server/srv_dfs.c
index 42be7c5a35..44a9c06a3c 100644
--- a/source3/rpc_server/srv_dfs.c
+++ b/source3/rpc_server/srv_dfs.c
@@ -1,177 +1,602 @@
-/*
- * Unix SMB/CIFS implementation.
- * RPC Pipe client / server routines for Dfs
- * Copyright (C) Andrew Tridgell 1992-1997,
- * Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
- * Copyright (C) Shirish Kalele 2000,
- * Copyright (C) Jeremy Allison 2001,
- * Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+/*
+ * Unix SMB/CIFS implementation.
+ * server auto-generated by pidl. DO NOT MODIFY!
*/
-/* This is the interface to the dfs pipe. */
-
#include "includes.h"
#include "nterr.h"
#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_MSDFS
+#define DBGC_CLASS DBGC_RPC
-/**********************************************************************
- api_dfs_exist
- **********************************************************************/
+/******************************************************************
+ api_dfs_GetManagerVersion
+ *****************************************************************/
-static BOOL api_dfs_exist(pipes_struct *p)
+static BOOL api_dfs_GetManagerVersion(pipes_struct *p)
{
- DFS_Q_DFS_EXIST q_u;
- DFS_R_DFS_EXIST r_u;
+ NETDFS_Q_DFS_GETMANAGERVERSION q_u;
+ NETDFS_R_DFS_GETMANAGERVERSION r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!netdfs_io_q_dfs_GetManagerVersion("", &q_u, data, 0))
+ return False;
+
+ _dfs_GetManagerVersion(p, &q_u, &r_u);
+
+ if (!netdfs_io_r_dfs_GetManagerVersion("", &r_u, rdata, 0))
+ return False;
+
+ return True;
+}
+/******************************************************************
+ api_dfs_Add
+ *****************************************************************/
- if(!dfs_io_q_dfs_exist("", &q_u, data, 0))
+static BOOL api_dfs_Add(pipes_struct *p)
+{
+ NETDFS_Q_DFS_ADD q_u;
+ NETDFS_R_DFS_ADD r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!netdfs_io_q_dfs_Add("", &q_u, data, 0))
return False;
- r_u.status = _dfs_exist(p, &q_u, &r_u);
+ r_u.status = _dfs_Add(p, &q_u, &r_u);
- if (!dfs_io_r_dfs_exist("", &r_u, rdata, 0))
+ if (!netdfs_io_r_dfs_Add("", &r_u, rdata, 0))
return False;
+
+ return True;
+}
+/******************************************************************
+ api_dfs_Remove
+ *****************************************************************/
+static BOOL api_dfs_Remove(pipes_struct *p)
+{
+ NETDFS_Q_DFS_REMOVE q_u;
+ NETDFS_R_DFS_REMOVE r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!netdfs_io_q_dfs_Remove("", &q_u, data, 0))
+ return False;
+
+ r_u.status = _dfs_Remove(p, &q_u, &r_u);
+
+ if (!netdfs_io_r_dfs_Remove("", &r_u, rdata, 0))
+ return False;
+
return True;
}
+/******************************************************************
+ api_dfs_SetInfo
+ *****************************************************************/
-/*****************************************************************
- api_dfs_add
+static BOOL api_dfs_SetInfo(pipes_struct *p)
+{
+ NETDFS_Q_DFS_SETINFO q_u;
+ NETDFS_R_DFS_SETINFO r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!netdfs_io_q_dfs_SetInfo("", &q_u, data, 0))
+ return False;
+
+ r_u.status = _dfs_SetInfo(p, &q_u, &r_u);
+
+ if (!netdfs_io_r_dfs_SetInfo("", &r_u, rdata, 0))
+ return False;
+
+ return True;
+}
+/******************************************************************
+ api_dfs_GetInfo
*****************************************************************/
-static BOOL api_dfs_add(pipes_struct *p)
+static BOOL api_dfs_GetInfo(pipes_struct *p)
{
- DFS_Q_DFS_ADD q_u;
- DFS_R_DFS_ADD r_u;
+ NETDFS_Q_DFS_GETINFO q_u;
+ NETDFS_R_DFS_GETINFO r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!netdfs_io_q_dfs_GetInfo("", &q_u, data, 0))
+ return False;
+
+ r_u.status = _dfs_GetInfo(p, &q_u, &r_u);
+
+ if (!netdfs_io_r_dfs_GetInfo("", &r_u, rdata, 0))
+ return False;
+
+ return True;
+}
+/******************************************************************
+ api_dfs_Enum
+ *****************************************************************/
+static BOOL api_dfs_Enum(pipes_struct *p)
+{
+ NETDFS_Q_DFS_ENUM q_u;
+ NETDFS_R_DFS_ENUM r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
ZERO_STRUCT(q_u);
ZERO_STRUCT(r_u);
- if(!dfs_io_q_dfs_add("", &q_u, data, 0))
+ if (!netdfs_io_q_dfs_Enum("", &q_u, data, 0))
return False;
- r_u.status = _dfs_add(p, &q_u, &r_u);
+ r_u.status = _dfs_Enum(p, &q_u, &r_u);
- if (!dfs_io_r_dfs_add("", &r_u, rdata, 0))
+ if (!netdfs_io_r_dfs_Enum("", &r_u, rdata, 0))
return False;
return True;
}
+/******************************************************************
+ api_dfs_Rename
+ *****************************************************************/
-/*****************************************************************
- api_dfs_remove
+static BOOL api_dfs_Rename(pipes_struct *p)
+{
+ NETDFS_Q_DFS_RENAME q_u;
+ NETDFS_R_DFS_RENAME r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!netdfs_io_q_dfs_Rename("", &q_u, data, 0))
+ return False;
+
+ r_u.status = _dfs_Rename(p, &q_u, &r_u);
+
+ if (!netdfs_io_r_dfs_Rename("", &r_u, rdata, 0))
+ return False;
+
+ return True;
+}
+/******************************************************************
+ api_dfs_Move
*****************************************************************/
-static BOOL api_dfs_remove(pipes_struct *p)
+static BOOL api_dfs_Move(pipes_struct *p)
{
- DFS_Q_DFS_REMOVE q_u;
- DFS_R_DFS_REMOVE r_u;
+ NETDFS_Q_DFS_MOVE q_u;
+ NETDFS_R_DFS_MOVE r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
ZERO_STRUCT(q_u);
ZERO_STRUCT(r_u);
- if(!dfs_io_q_dfs_remove("", &q_u, data, 0))
+ if (!netdfs_io_q_dfs_Move("", &q_u, data, 0))
return False;
- r_u.status = _dfs_remove(p, &q_u, &r_u);
+ r_u.status = _dfs_Move(p, &q_u, &r_u);
- if (!dfs_io_r_dfs_remove("", &r_u, rdata, 0))
+ if (!netdfs_io_r_dfs_Move("", &r_u, rdata, 0))
return False;
return True;
}
+/******************************************************************
+ api_dfs_ManagerGetConfigInfo
+ *****************************************************************/
-/*******************************************************************
- api_dfs_get_info
- *******************************************************************/
+static BOOL api_dfs_ManagerGetConfigInfo(pipes_struct *p)
+{
+ NETDFS_Q_DFS_MANAGERGETCONFIGINFO q_u;
+ NETDFS_R_DFS_MANAGERGETCONFIGINFO r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!netdfs_io_q_dfs_ManagerGetConfigInfo("", &q_u, data, 0))
+ return False;
+
+ r_u.status = _dfs_ManagerGetConfigInfo(p, &q_u, &r_u);
+
+ if (!netdfs_io_r_dfs_ManagerGetConfigInfo("", &r_u, rdata, 0))
+ return False;
+
+ return True;
+}
+/******************************************************************
+ api_dfs_ManagerSendSiteInfo
+ *****************************************************************/
-static BOOL api_dfs_get_info(pipes_struct *p)
+static BOOL api_dfs_ManagerSendSiteInfo(pipes_struct *p)
{
- DFS_Q_DFS_GET_INFO q_u;
- DFS_R_DFS_GET_INFO r_u;
+ NETDFS_Q_DFS_MANAGERSENDSITEINFO q_u;
+ NETDFS_R_DFS_MANAGERSENDSITEINFO r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!netdfs_io_q_dfs_ManagerSendSiteInfo("", &q_u, data, 0))
+ return False;
+
+ r_u.status = _dfs_ManagerSendSiteInfo(p, &q_u, &r_u);
+
+ if (!netdfs_io_r_dfs_ManagerSendSiteInfo("", &r_u, rdata, 0))
+ return False;
+
+ return True;
+}
+/******************************************************************
+ api_dfs_AddFtRoot
+ *****************************************************************/
+static BOOL api_dfs_AddFtRoot(pipes_struct *p)
+{
+ NETDFS_Q_DFS_ADDFTROOT q_u;
+ NETDFS_R_DFS_ADDFTROOT r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
ZERO_STRUCT(q_u);
ZERO_STRUCT(r_u);
- if(!dfs_io_q_dfs_get_info("", &q_u, data, 0))
+ if (!netdfs_io_q_dfs_AddFtRoot("", &q_u, data, 0))
return False;
- r_u.status = _dfs_get_info(p, &q_u, &r_u);
+ r_u.status = _dfs_AddFtRoot(p, &q_u, &r_u);
- if(!dfs_io_r_dfs_get_info("", &r_u, rdata, 0))
+ if (!netdfs_io_r_dfs_AddFtRoot("", &r_u, rdata, 0))
return False;
+
+ return True;
+}
+/******************************************************************
+ api_dfs_RemoveFtRoot
+ *****************************************************************/
+static BOOL api_dfs_RemoveFtRoot(pipes_struct *p)
+{
+ NETDFS_Q_DFS_REMOVEFTROOT q_u;
+ NETDFS_R_DFS_REMOVEFTROOT r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!netdfs_io_q_dfs_RemoveFtRoot("", &q_u, data, 0))
+ return False;
+
+ r_u.status = _dfs_RemoveFtRoot(p, &q_u, &r_u);
+
+ if (!netdfs_io_r_dfs_RemoveFtRoot("", &r_u, rdata, 0))
+ return False;
+
return True;
}
+/******************************************************************
+ api_dfs_AddStdRoot
+ *****************************************************************/
-/*******************************************************************
- api_dfs_enum
- *******************************************************************/
+static BOOL api_dfs_AddStdRoot(pipes_struct *p)
+{
+ NETDFS_Q_DFS_ADDSTDROOT q_u;
+ NETDFS_R_DFS_ADDSTDROOT r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!netdfs_io_q_dfs_AddStdRoot("", &q_u, data, 0))
+ return False;
+
+ r_u.status = _dfs_AddStdRoot(p, &q_u, &r_u);
+
+ if (!netdfs_io_r_dfs_AddStdRoot("", &r_u, rdata, 0))
+ return False;
+
+ return True;
+}
+/******************************************************************
+ api_dfs_RemoveStdRoot
+ *****************************************************************/
-static BOOL api_dfs_enum(pipes_struct *p)
+static BOOL api_dfs_RemoveStdRoot(pipes_struct *p)
{
- DFS_Q_DFS_ENUM q_u;
- DFS_R_DFS_ENUM r_u;
+ NETDFS_Q_DFS_REMOVESTDROOT q_u;
+ NETDFS_R_DFS_REMOVESTDROOT r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!netdfs_io_q_dfs_RemoveStdRoot("", &q_u, data, 0))
+ return False;
+
+ r_u.status = _dfs_RemoveStdRoot(p, &q_u, &r_u);
+
+ if (!netdfs_io_r_dfs_RemoveStdRoot("", &r_u, rdata, 0))
+ return False;
+
+ return True;
+}
+/******************************************************************
+ api_dfs_ManagerInitialize
+ *****************************************************************/
+static BOOL api_dfs_ManagerInitialize(pipes_struct *p)
+{
+ NETDFS_Q_DFS_MANAGERINITIALIZE q_u;
+ NETDFS_R_DFS_MANAGERINITIALIZE r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
ZERO_STRUCT(q_u);
ZERO_STRUCT(r_u);
+
+ if (!netdfs_io_q_dfs_ManagerInitialize("", &q_u, data, 0))
+ return False;
+
+ r_u.status = _dfs_ManagerInitialize(p, &q_u, &r_u);
+
+ if (!netdfs_io_r_dfs_ManagerInitialize("", &r_u, rdata, 0))
+ return False;
+
+ return True;
+}
+/******************************************************************
+ api_dfs_AddStdRootForced
+ *****************************************************************/
- if(!dfs_io_q_dfs_enum("", &q_u, data, 0))
+static BOOL api_dfs_AddStdRootForced(pipes_struct *p)
+{
+ NETDFS_Q_DFS_ADDSTDROOTFORCED q_u;
+ NETDFS_R_DFS_ADDSTDROOTFORCED r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!netdfs_io_q_dfs_AddStdRootForced("", &q_u, data, 0))
return False;
- r_u.status = _dfs_enum(p, &q_u, &r_u);
+ r_u.status = _dfs_AddStdRootForced(p, &q_u, &r_u);
- if(!dfs_io_r_dfs_enum("", &r_u, rdata, 0))
+ if (!netdfs_io_r_dfs_AddStdRootForced("", &r_u, rdata, 0))
return False;
+
+ return True;
+}
+/******************************************************************
+ api_dfs_GetDcAddress
+ *****************************************************************/
+static BOOL api_dfs_GetDcAddress(pipes_struct *p)
+{
+ NETDFS_Q_DFS_GETDCADDRESS q_u;
+ NETDFS_R_DFS_GETDCADDRESS r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!netdfs_io_q_dfs_GetDcAddress("", &q_u, data, 0))
+ return False;
+
+ r_u.status = _dfs_GetDcAddress(p, &q_u, &r_u);
+
+ if (!netdfs_io_r_dfs_GetDcAddress("", &r_u, rdata, 0))
+ return False;
+
+ return True;
+}
+/******************************************************************
+ api_dfs_SetDcAddress
+ *****************************************************************/
+
+static BOOL api_dfs_SetDcAddress(pipes_struct *p)
+{
+ NETDFS_Q_DFS_SETDCADDRESS q_u;
+ NETDFS_R_DFS_SETDCADDRESS r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!netdfs_io_q_dfs_SetDcAddress("", &q_u, data, 0))
+ return False;
+
+ r_u.status = _dfs_SetDcAddress(p, &q_u, &r_u);
+
+ if (!netdfs_io_r_dfs_SetDcAddress("", &r_u, rdata, 0))
+ return False;
+
+ return True;
+}
+/******************************************************************
+ api_dfs_FlushFtTable
+ *****************************************************************/
+
+static BOOL api_dfs_FlushFtTable(pipes_struct *p)
+{
+ NETDFS_Q_DFS_FLUSHFTTABLE q_u;
+ NETDFS_R_DFS_FLUSHFTTABLE r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!netdfs_io_q_dfs_FlushFtTable("", &q_u, data, 0))
+ return False;
+
+ r_u.status = _dfs_FlushFtTable(p, &q_u, &r_u);
+
+ if (!netdfs_io_r_dfs_FlushFtTable("", &r_u, rdata, 0))
+ return False;
+
+ return True;
+}
+/******************************************************************
+ api_dfs_Add2
+ *****************************************************************/
+
+static BOOL api_dfs_Add2(pipes_struct *p)
+{
+ NETDFS_Q_DFS_ADD2 q_u;
+ NETDFS_R_DFS_ADD2 r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!netdfs_io_q_dfs_Add2("", &q_u, data, 0))
+ return False;
+
+ r_u.status = _dfs_Add2(p, &q_u, &r_u);
+
+ if (!netdfs_io_r_dfs_Add2("", &r_u, rdata, 0))
+ return False;
+
+ return True;
+}
+/******************************************************************
+ api_dfs_Remove2
+ *****************************************************************/
+
+static BOOL api_dfs_Remove2(pipes_struct *p)
+{
+ NETDFS_Q_DFS_REMOVE2 q_u;
+ NETDFS_R_DFS_REMOVE2 r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!netdfs_io_q_dfs_Remove2("", &q_u, data, 0))
+ return False;
+
+ r_u.status = _dfs_Remove2(p, &q_u, &r_u);
+
+ if (!netdfs_io_r_dfs_Remove2("", &r_u, rdata, 0))
+ return False;
+
+ return True;
+}
+/******************************************************************
+ api_dfs_EnumEx
+ *****************************************************************/
+
+static BOOL api_dfs_EnumEx(pipes_struct *p)
+{
+ NETDFS_Q_DFS_ENUMEX q_u;
+ NETDFS_R_DFS_ENUMEX r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!netdfs_io_q_dfs_EnumEx("", &q_u, data, 0))
+ return False;
+
+ r_u.status = _dfs_EnumEx(p, &q_u, &r_u);
+
+ if (!netdfs_io_r_dfs_EnumEx("", &r_u, rdata, 0))
+ return False;
+
+ return True;
+}
+/******************************************************************
+ api_dfs_SetInfo2
+ *****************************************************************/
+
+static BOOL api_dfs_SetInfo2(pipes_struct *p)
+{
+ NETDFS_Q_DFS_SETINFO2 q_u;
+ NETDFS_R_DFS_SETINFO2 r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!netdfs_io_q_dfs_SetInfo2("", &q_u, data, 0))
+ return False;
+
+ r_u.status = _dfs_SetInfo2(p, &q_u, &r_u);
+
+ if (!netdfs_io_r_dfs_SetInfo2("", &r_u, rdata, 0))
+ return False;
+
return True;
}
-/*******************************************************************
-\pipe\netdfs commands
-********************************************************************/
-static struct api_struct api_netdfs_cmds[] =
+/* Tables */
+static struct api_struct api_netdfs_cmds[] =
{
- {"DFS_EXIST", DFS_EXIST, api_dfs_exist },
- {"DFS_ADD", DFS_ADD, api_dfs_add },
- {"DFS_REMOVE", DFS_REMOVE, api_dfs_remove },
- {"DFS_GET_INFO", DFS_GET_INFO, api_dfs_get_info },
- {"DFS_ENUM", DFS_ENUM, api_dfs_enum }
+ {"DFS_GETMANAGERVERSION", DFS_GETMANAGERVERSION, api_dfs_GetManagerVersion},
+ {"DFS_ADD", DFS_ADD, api_dfs_Add},
+ {"DFS_REMOVE", DFS_REMOVE, api_dfs_Remove},
+ {"DFS_SETINFO", DFS_SETINFO, api_dfs_SetInfo},
+ {"DFS_GETINFO", DFS_GETINFO, api_dfs_GetInfo},
+ {"DFS_ENUM", DFS_ENUM, api_dfs_Enum},
+ {"DFS_RENAME", DFS_RENAME, api_dfs_Rename},
+ {"DFS_MOVE", DFS_MOVE, api_dfs_Move},
+ {"DFS_MANAGERGETCONFIGINFO", DFS_MANAGERGETCONFIGINFO, api_dfs_ManagerGetConfigInfo},
+ {"DFS_MANAGERSENDSITEINFO", DFS_MANAGERSENDSITEINFO, api_dfs_ManagerSendSiteInfo},
+ {"DFS_ADDFTROOT", DFS_ADDFTROOT, api_dfs_AddFtRoot},
+ {"DFS_REMOVEFTROOT", DFS_REMOVEFTROOT, api_dfs_RemoveFtRoot},
+ {"DFS_ADDSTDROOT", DFS_ADDSTDROOT, api_dfs_AddStdRoot},
+ {"DFS_REMOVESTDROOT", DFS_REMOVESTDROOT, api_dfs_RemoveStdRoot},
+ {"DFS_MANAGERINITIALIZE", DFS_MANAGERINITIALIZE, api_dfs_ManagerInitialize},
+ {"DFS_ADDSTDROOTFORCED", DFS_ADDSTDROOTFORCED, api_dfs_AddStdRootForced},
+ {"DFS_GETDCADDRESS", DFS_GETDCADDRESS, api_dfs_GetDcAddress},
+ {"DFS_SETDCADDRESS", DFS_SETDCADDRESS, api_dfs_SetDcAddress},
+ {"DFS_FLUSHFTTABLE", DFS_FLUSHFTTABLE, api_dfs_FlushFtTable},
+ {"DFS_ADD2", DFS_ADD2, api_dfs_Add2},
+ {"DFS_REMOVE2", DFS_REMOVE2, api_dfs_Remove2},
+ {"DFS_ENUMEX", DFS_ENUMEX, api_dfs_EnumEx},
+ {"DFS_SETINFO2", DFS_SETINFO2, api_dfs_SetInfo2},
};
-void netdfs_get_pipe_fns( struct api_struct **fns, int *n_fns )
+void netdfs_get_pipe_fns(struct api_struct **fns, int *n_fns)
{
*fns = api_netdfs_cmds;
*n_fns = sizeof(api_netdfs_cmds) / sizeof(struct api_struct);
}
-NTSTATUS rpc_dfs_init(void)
+NTSTATUS rpc_netdfs_init(void)
{
- return rpc_pipe_register_commands(SMB_RPC_INTERFACE_VERSION, "netdfs", "netdfs", api_netdfs_cmds,
- sizeof(api_netdfs_cmds) / sizeof(struct api_struct));
+ return rpc_pipe_register_commands(SMB_RPC_INTERFACE_VERSION, "netdfs", "netdfs", api_netdfs_cmds, sizeof(api_netdfs_cmds) / sizeof(struct api_struct));
}
diff --git a/source3/rpc_server/srv_dfs_nt.c b/source3/rpc_server/srv_dfs_nt.c
index 63e4d4e9b7..f04d8c37c3 100644
--- a/source3/rpc_server/srv_dfs_nt.c
+++ b/source3/rpc_server/srv_dfs_nt.c
@@ -1,10 +1,9 @@
/*
* Unix SMB/CIFS implementation.
* RPC Pipe client / server routines for Dfs
- * Copyright (C) Andrew Tridgell 1992-1997,
- * Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
- * Copyright (C) Shirish Kalele 2000.
- * Copyright (C) Jeremy Allison 2001.
+ * Copyright (C) Shirish Kalele 2000.
+ * Copyright (C) Jeremy Allison 2001.
+ * Copyright (C) Jelmer Vernooij 2005.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -24,7 +23,6 @@
/* This is the implementation of the dfs pipe. */
#include "includes.h"
-#include "nterr.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_MSDFS
@@ -32,7 +30,7 @@
/* This function does not return a WERROR or NTSTATUS code but rather 1 if
dfs exists, or 0 otherwise. */
-uint32 _dfs_exist(pipes_struct *p, DFS_Q_DFS_EXIST *q_u, DFS_R_DFS_EXIST *r_u)
+uint32 _dfs_GetManagerVersion(pipes_struct *p, NETDFS_Q_DFS_GETMANAGERVERSION *q_u, NETDFS_R_DFS_GETMANAGERVERSION *r_u)
{
if(lp_host_msdfs())
return 1;
@@ -40,7 +38,7 @@ uint32 _dfs_exist(pipes_struct *p, DFS_Q_DFS_EXIST *q_u, DFS_R_DFS_EXIST *r_u)
return 0;
}
-WERROR _dfs_add(pipes_struct *p, DFS_Q_DFS_ADD* q_u, DFS_R_DFS_ADD *r_u)
+WERROR _dfs_Add(pipes_struct *p, NETDFS_Q_DFS_ADD* q_u, NETDFS_R_DFS_ADD *r_u)
{
struct current_user user;
struct junction_map jn;
@@ -57,9 +55,9 @@ WERROR _dfs_add(pipes_struct *p, DFS_Q_DFS_ADD* q_u, DFS_R_DFS_ADD *r_u)
return WERR_ACCESS_DENIED;
}
- unistr2_to_ascii(dfspath, &q_u->DfsEntryPath, sizeof(dfspath)-1);
- unistr2_to_ascii(servername, &q_u->ServerName, sizeof(servername)-1);
- unistr2_to_ascii(sharename, &q_u->ShareName, sizeof(sharename)-1);
+ unistr2_to_ascii(dfspath, &q_u->path, sizeof(dfspath)-1);
+ unistr2_to_ascii(servername, &q_u->server, sizeof(servername)-1);
+ unistr2_to_ascii(sharename, &q_u->share, sizeof(sharename)-1);
DEBUG(5,("init_reply_dfs_add: Request to add %s -> %s\\%s.\n",
dfspath, servername, sharename));
@@ -103,8 +101,8 @@ WERROR _dfs_add(pipes_struct *p, DFS_Q_DFS_ADD* q_u, DFS_R_DFS_ADD *r_u)
return WERR_OK;
}
-WERROR _dfs_remove(pipes_struct *p, DFS_Q_DFS_REMOVE *q_u,
- DFS_R_DFS_REMOVE *r_u)
+WERROR _dfs_Remove(pipes_struct *p, NETDFS_Q_DFS_REMOVE *q_u,
+ NETDFS_R_DFS_REMOVE *r_u)
{
struct current_user user;
struct junction_map jn;
@@ -120,16 +118,16 @@ WERROR _dfs_remove(pipes_struct *p, DFS_Q_DFS_REMOVE *q_u,
return WERR_ACCESS_DENIED;
}
- unistr2_to_ascii(dfspath, &q_u->DfsEntryPath, sizeof(dfspath)-1);
- if(q_u->ptr_ServerName) {
- unistr2_to_ascii(servername, &q_u->ServerName, sizeof(servername)-1);
+ unistr2_to_ascii(dfspath, &q_u->path, sizeof(dfspath)-1);
+ if(q_u->ptr0_server) {
+ unistr2_to_ascii(servername, &q_u->server, sizeof(servername)-1);
}
- if(q_u->ptr_ShareName) {
- unistr2_to_ascii(sharename, &q_u->ShareName, sizeof(sharename)-1);
+ if(q_u->ptr0_share) {
+ unistr2_to_ascii(sharename, &q_u->share, sizeof(sharename)-1);
}
- if(q_u->ptr_ServerName && q_u->ptr_ShareName) {
+ if(q_u->ptr0_server && q_u->ptr0_share) {
pstrcpy(altpath, servername);
pstrcat(altpath, "\\");
pstrcat(altpath, sharename);
@@ -144,7 +142,7 @@ WERROR _dfs_remove(pipes_struct *p, DFS_Q_DFS_REMOVE *q_u,
}
/* if no server-share pair given, remove the msdfs link completely */
- if(!q_u->ptr_ServerName && !q_u->ptr_ShareName) {
+ if(!q_u->ptr0_server && !q_u->ptr0_share) {
if(!remove_msdfs_link(&jn)) {
vfs_ChDir(p->conn,p->conn->connectpath);
return WERR_DFS_NO_SUCH_VOL;
@@ -189,167 +187,164 @@ WERROR _dfs_remove(pipes_struct *p, DFS_Q_DFS_REMOVE *q_u,
return WERR_OK;
}
-static BOOL init_reply_dfs_info_1(struct junction_map* j, DFS_INFO_1* dfs1, int num_j)
+static BOOL init_reply_dfs_info_1(struct junction_map* j, NETDFS_DFS_INFO1* dfs1)
{
- int i=0;
- for(i=0;i<num_j;i++) {
- pstring str;
- dfs1[i].ptr_entrypath = 1;
- slprintf(str, sizeof(pstring)-1, "\\\\%s\\%s\\%s", global_myname(),
- j[i].service_name, j[i].volume_name);
- DEBUG(5,("init_reply_dfs_info_1: %d) initing entrypath: %s\n",i,str));
- init_unistr2(&dfs1[i].entrypath,str,UNI_STR_TERMINATE);
- }
+ pstring str;
+ dfs1->ptr0_path = 1;
+ slprintf(str, sizeof(pstring)-1, "\\\\%s\\%s\\%s", global_myname(),
+ j->service_name, j->volume_name);
+ DEBUG(5,("init_reply_dfs_info_1: initing entrypath: %s\n",str));
+ init_unistr2(&dfs1->path,str,UNI_STR_TERMINATE);
return True;
}
-static BOOL init_reply_dfs_info_2(struct junction_map* j, DFS_INFO_2* dfs2, int num_j)
+static BOOL init_reply_dfs_info_2(struct junction_map* j, NETDFS_DFS_INFO2* dfs2)
{
- int i=0;
- for(i=0;i<num_j;i++) {
- pstring str;
- dfs2[i].ptr_entrypath = 1;
- slprintf(str, sizeof(pstring)-1, "\\\\%s\\%s\\%s", global_myname(),
- j[i].service_name, j[i].volume_name);
- init_unistr2(&dfs2[i].entrypath, str, UNI_STR_TERMINATE);
- dfs2[i].ptr_comment = 0;
- dfs2[i].state = 1; /* set up state of dfs junction as OK */
- dfs2[i].num_storages = j[i].referral_count;
- }
+ pstring str;
+ dfs2->ptr0_path = 1;
+ slprintf(str, sizeof(pstring)-1, "\\\\%s\\%s\\%s", global_myname(),
+ j->service_name, j->volume_name);
+ init_unistr2(&dfs2->path, str, UNI_STR_TERMINATE);
+ dfs2->ptr0_comment = 0;
+ dfs2->state = 1; /* set up state of dfs junction as OK */
+ dfs2->num_stores = j->referral_count;
return True;
}
-static BOOL init_reply_dfs_info_3(TALLOC_CTX *ctx, struct junction_map* j, DFS_INFO_3* dfs3, int num_j)
+static BOOL init_reply_dfs_info_3(TALLOC_CTX *ctx, struct junction_map* j, NETDFS_DFS_INFO3* dfs3)
{
- int i=0,ii=0;
- for(i=0;i<num_j;i++) {
- pstring str;
- dfs3[i].ptr_entrypath = 1;
- if (j[i].volume_name[0] == '\0')
- slprintf(str, sizeof(pstring)-1, "\\\\%s\\%s",
- global_myname(), j[i].service_name);
- else
- slprintf(str, sizeof(pstring)-1, "\\\\%s\\%s\\%s", global_myname(),
- j[i].service_name, j[i].volume_name);
-
- init_unistr2(&dfs3[i].entrypath, str, UNI_STR_TERMINATE);
- dfs3[i].ptr_comment = 1;
- init_unistr2(&dfs3[i].comment, "", UNI_STR_TERMINATE);
- dfs3[i].state = 1;
- dfs3[i].num_storages = dfs3[i].num_storage_infos = j[i].referral_count;
- dfs3[i].ptr_storages = 1;
-
- /* also enumerate the storages */
- dfs3[i].storages = TALLOC_ARRAY(ctx, DFS_STORAGE_INFO, j[i].referral_count);
- if (!dfs3[i].storages)
- return False;
-
- memset(dfs3[i].storages, '\0', j[i].referral_count * sizeof(DFS_STORAGE_INFO));
-
- for(ii=0;ii<j[i].referral_count;ii++) {
- char* p;
- pstring path;
- DFS_STORAGE_INFO* stor = &(dfs3[i].storages[ii]);
- struct referral* ref = &(j[i].referral_list[ii]);
-
- pstrcpy(path, ref->alternate_path);
- trim_char(path,'\\','\0');
- p = strrchr_m(path,'\\');
- if(p==NULL) {
- DEBUG(4,("init_reply_dfs_info_3: invalid path: no \\ found in %s\n",path));
- continue;
- }
- *p = '\0';
- DEBUG(5,("storage %d: %s.%s\n",ii,path,p+1));
- stor->state = 2; /* set all storages as ONLINE */
- init_unistr2(&stor->servername, path, UNI_STR_TERMINATE);
- init_unistr2(&stor->sharename, p+1, UNI_STR_TERMINATE);
- stor->ptr_servername = stor->ptr_sharename = 1;
+ int ii;
+ pstring str;
+ dfs3->ptr0_path = 1;
+ if (j->volume_name[0] == '\0')
+ slprintf(str, sizeof(pstring)-1, "\\\\%s\\%s",
+ global_myname(), j->service_name);
+ else
+ slprintf(str, sizeof(pstring)-1, "\\\\%s\\%s\\%s", global_myname(),
+ j->service_name, j->volume_name);
+
+ init_unistr2(&dfs3->path, str, UNI_STR_TERMINATE);
+ dfs3->ptr0_comment = 1;
+ init_unistr2(&dfs3->comment, "", UNI_STR_TERMINATE);
+ dfs3->state = 1;
+ dfs3->num_stores = dfs3->size_stores = j->referral_count;
+ dfs3->ptr0_stores = 1;
+
+ /* also enumerate the stores */
+ dfs3->stores = TALLOC_ARRAY(ctx, NETDFS_DFS_STORAGEINFO, j->referral_count);
+ if (!dfs3->stores)
+ return False;
+
+ memset(dfs3->stores, '\0', j->referral_count * sizeof(NETDFS_DFS_STORAGEINFO));
+
+ for(ii=0;ii<j->referral_count;ii++) {
+ char* p;
+ pstring path;
+ NETDFS_DFS_STORAGEINFO* stor = &(dfs3->stores[ii]);
+ struct referral* ref = &(j->referral_list[ii]);
+
+ pstrcpy(path, ref->alternate_path);
+ trim_char(path,'\\','\0');
+ p = strrchr_m(path,'\\');
+ if(p==NULL) {
+ DEBUG(4,("init_reply_dfs_info_3: invalid path: no \\ found in %s\n",path));
+ continue;
}
+ *p = '\0';
+ DEBUG(5,("storage %d: %s.%s\n",ii,path,p+1));
+ stor->state = 2; /* set all stores as ONLINE */
+ init_unistr2(&stor->server, path, UNI_STR_TERMINATE);
+ init_unistr2(&stor->share, p+1, UNI_STR_TERMINATE);
+ stor->ptr0_server = stor->ptr0_share = 1;
}
return True;
}
-static WERROR init_reply_dfs_ctr(TALLOC_CTX *ctx, uint32 level,
- DFS_INFO_CTR* ctr, struct junction_map* jn,
- int num_jn)
+WERROR _dfs_Enum(pipes_struct *p, NETDFS_Q_DFS_ENUM *q_u, NETDFS_R_DFS_ENUM *r_u)
{
- /* do the levels */
- switch(level) {
+ uint32 level = q_u->level;
+ struct junction_map jn[MAX_MSDFS_JUNCTIONS];
+ int num_jn = 0;
+ int i;
+
+ num_jn = enum_msdfs_links(p->mem_ctx, jn, ARRAY_SIZE(jn));
+ vfs_ChDir(p->conn,p->conn->connectpath);
+
+ DEBUG(5,("make_reply_dfs_enum: %d junctions found in Dfs, doing level %d\n", num_jn, level));
+
+ r_u->ptr0_info = q_u->ptr0_info;
+ r_u->ptr0_total = q_u->ptr0_total;
+ r_u->total = num_jn;
+
+ r_u->info = q_u->info;
+
+ /* Create the return array */
+ switch (level) {
case 1:
- {
- DFS_INFO_1* dfs1;
- dfs1 = TALLOC_ARRAY(ctx, DFS_INFO_1, num_jn);
- if (!dfs1)
+ if ((r_u->info.e.u.info1.s = TALLOC_ARRAY(p->mem_ctx, NETDFS_DFS_INFO1, num_jn)) == NULL) {
return WERR_NOMEM;
- init_reply_dfs_info_1(jn, dfs1, num_jn);
- ctr->dfs.info1 = dfs1;
- break;
}
+ r_u->info.e.u.info1.count = num_jn;
+ r_u->info.e.u.info1.ptr0_s = 1;
+ r_u->info.e.u.info1.size_s = num_jn;
+ break;
case 2:
- {
- DFS_INFO_2* dfs2;
- dfs2 = TALLOC_ARRAY(ctx, DFS_INFO_2, num_jn);
- if (!dfs2)
+ if ((r_u->info.e.u.info2.s = TALLOC_ARRAY(p->mem_ctx, NETDFS_DFS_INFO2, num_jn)) == NULL) {
return WERR_NOMEM;
- init_reply_dfs_info_2(jn, dfs2, num_jn);
- ctr->dfs.info2 = dfs2;
- break;
}
+ r_u->info.e.u.info2.count = num_jn;
+ r_u->info.e.u.info2.ptr0_s = 1;
+ r_u->info.e.u.info2.size_s = num_jn;
+ break;
case 3:
- {
- DFS_INFO_3* dfs3;
- dfs3 = TALLOC_ARRAY(ctx, DFS_INFO_3, num_jn);
- if (!dfs3)
+ if ((r_u->info.e.u.info3.s = TALLOC_ARRAY(p->mem_ctx, NETDFS_DFS_INFO3, num_jn)) == NULL) {
return WERR_NOMEM;
- init_reply_dfs_info_3(ctx, jn, dfs3, num_jn);
- ctr->dfs.info3 = dfs3;
+ }
+ r_u->info.e.u.info3.count = num_jn;
+ r_u->info.e.u.info3.ptr0_s = 1;
+ r_u->info.e.u.info3.size_s = num_jn;
break;
+ case 4:
+ if ((r_u->info.e.u.info4.s = TALLOC_ARRAY(p->mem_ctx, NETDFS_DFS_INFO4, num_jn)) == NULL) {
+ return WERR_NOMEM;
}
+ r_u->info.e.u.info4.count = num_jn;
+ r_u->info.e.u.info4.ptr0_s = 1;
+ r_u->info.e.u.info4.size_s = num_jn;
+ break;
default:
return WERR_INVALID_PARAM;
}
- return WERR_OK;
-}
-
-WERROR _dfs_enum(pipes_struct *p, DFS_Q_DFS_ENUM *q_u, DFS_R_DFS_ENUM *r_u)
-{
- uint32 level = q_u->level;
- struct junction_map jn[MAX_MSDFS_JUNCTIONS];
- int num_jn = 0;
-
- num_jn = enum_msdfs_links(p->mem_ctx, jn, ARRAY_SIZE(jn));
- vfs_ChDir(p->conn,p->conn->connectpath);
-
- DEBUG(5,("make_reply_dfs_enum: %d junctions found in Dfs, doing level %d\n", num_jn, level));
- r_u->ptr_buffer = level;
- r_u->level = r_u->level2 = level;
- r_u->ptr_num_entries = r_u->ptr_num_entries2 = 1;
- r_u->num_entries = r_u->num_entries2 = num_jn;
- r_u->reshnd.ptr_hnd = 1;
- r_u->reshnd.handle = num_jn;
-
- r_u->ctr = TALLOC_P(p->mem_ctx, DFS_INFO_CTR);
- if (!r_u->ctr)
- return WERR_NOMEM;
- ZERO_STRUCTP(r_u->ctr);
- r_u->ctr->switch_value = level;
- r_u->ctr->num_entries = num_jn;
- r_u->ctr->ptr_dfs_ctr = 1;
+ for (i = 0; i < num_jn; i++) {
+ switch (level) {
+ case 1:
+ init_reply_dfs_info_1(&jn[i], &r_u->info.e.u.info1.s[i]);
+ break;
+ case 2:
+ init_reply_dfs_info_2(&jn[i], &r_u->info.e.u.info2.s[i]);
+ break;
+ case 3:
+ init_reply_dfs_info_3(p->mem_ctx, &jn[i], &r_u->info.e.u.info3.s[i]);
+ break;
+ default:
+ return WERR_INVALID_PARAM;
+ }
+ }
- r_u->status = init_reply_dfs_ctr(p->mem_ctx, level, r_u->ctr, jn, num_jn);
+ r_u->status = WERR_OK;
return r_u->status;
}
-WERROR _dfs_get_info(pipes_struct *p, DFS_Q_DFS_GET_INFO *q_u,
- DFS_R_DFS_GET_INFO *r_u)
+WERROR _dfs_GetInfo(pipes_struct *p, NETDFS_Q_DFS_GETINFO *q_u,
+ NETDFS_R_DFS_GETINFO *r_u)
{
- UNISTR2* uni_path = &q_u->uni_path;
+ UNISTR2* uni_path = &q_u->path;
uint32 level = q_u->level;
int consumedcnt = sizeof(pstring);
pstring path;
+ BOOL ret;
struct junction_map jn;
unistr2_to_ascii(path, uni_path, sizeof(path)-1);
@@ -363,9 +358,130 @@ WERROR _dfs_get_info(pipes_struct *p, DFS_Q_DFS_GET_INFO *q_u,
}
vfs_ChDir(p->conn,p->conn->connectpath);
- r_u->level = level;
- r_u->ptr_ctr = 1;
- r_u->status = init_reply_dfs_ctr(p->mem_ctx, level, &r_u->ctr, &jn, 1);
+ r_u->info.switch_value = level;
+ r_u->info.ptr0 = 1;
+ r_u->status = WERR_OK;
+
+ switch (level) {
+ case 1: ret = init_reply_dfs_info_1(&jn, &r_u->info.u.info1); break;
+ case 2: ret = init_reply_dfs_info_2(&jn, &r_u->info.u.info2); break;
+ case 3: ret = init_reply_dfs_info_3(p->mem_ctx, &jn, &r_u->info.u.info3); break;
+ default:
+ ret = False;
+ break;
+ }
+
+ if (!ret)
+ r_u->status = WERR_INVALID_PARAM;
return r_u->status;
}
+
+WERROR _dfs_SetInfo(pipes_struct *p, NETDFS_Q_DFS_SETINFO *q_u, NETDFS_R_DFS_SETINFO *r_u)
+{
+ /* FIXME: Implement your code here */
+ return WERR_NOT_SUPPORTED;
+}
+
+WERROR _dfs_Rename(pipes_struct *p, NETDFS_Q_DFS_RENAME *q_u, NETDFS_R_DFS_RENAME *r_u)
+{
+ /* FIXME: Implement your code here */
+ return WERR_NOT_SUPPORTED;
+}
+
+WERROR _dfs_Move(pipes_struct *p, NETDFS_Q_DFS_MOVE *q_u, NETDFS_R_DFS_MOVE *r_u)
+{
+ /* FIXME: Implement your code here */
+ return WERR_NOT_SUPPORTED;
+}
+
+WERROR _dfs_ManagerGetConfigInfo(pipes_struct *p, NETDFS_Q_DFS_MANAGERGETCONFIGINFO *q_u, NETDFS_R_DFS_MANAGERGETCONFIGINFO *r_u)
+{
+ /* FIXME: Implement your code here */
+ return WERR_NOT_SUPPORTED;
+}
+
+WERROR _dfs_ManagerSendSiteInfo(pipes_struct *p, NETDFS_Q_DFS_MANAGERSENDSITEINFO *q_u, NETDFS_R_DFS_MANAGERSENDSITEINFO *r_u)
+{
+ /* FIXME: Implement your code here */
+ return WERR_NOT_SUPPORTED;
+}
+
+WERROR _dfs_AddFtRoot(pipes_struct *p, NETDFS_Q_DFS_ADDFTROOT *q_u, NETDFS_R_DFS_ADDFTROOT *r_u)
+{
+ /* FIXME: Implement your code here */
+ return WERR_NOT_SUPPORTED;
+}
+
+WERROR _dfs_RemoveFtRoot(pipes_struct *p, NETDFS_Q_DFS_REMOVEFTROOT *q_u, NETDFS_R_DFS_REMOVEFTROOT *r_u)
+{
+ /* FIXME: Implement your code here */
+ return WERR_NOT_SUPPORTED;
+}
+
+WERROR _dfs_AddStdRoot(pipes_struct *p, NETDFS_Q_DFS_ADDSTDROOT *q_u, NETDFS_R_DFS_ADDSTDROOT *r_u)
+{
+ /* FIXME: Implement your code here */
+ return WERR_NOT_SUPPORTED;
+}
+
+WERROR _dfs_RemoveStdRoot(pipes_struct *p, NETDFS_Q_DFS_REMOVESTDROOT *q_u, NETDFS_R_DFS_REMOVESTDROOT *r_u)
+{
+ /* FIXME: Implement your code here */
+ return WERR_NOT_SUPPORTED;
+}
+
+WERROR _dfs_ManagerInitialize(pipes_struct *p, NETDFS_Q_DFS_MANAGERINITIALIZE *q_u, NETDFS_R_DFS_MANAGERINITIALIZE *r_u)
+{
+ /* FIXME: Implement your code here */
+ return WERR_NOT_SUPPORTED;
+}
+
+WERROR _dfs_AddStdRootForced(pipes_struct *p, NETDFS_Q_DFS_ADDSTDROOTFORCED *q_u, NETDFS_R_DFS_ADDSTDROOTFORCED *r_u)
+{
+ /* FIXME: Implement your code here */
+ return WERR_NOT_SUPPORTED;
+}
+
+WERROR _dfs_GetDcAddress(pipes_struct *p, NETDFS_Q_DFS_GETDCADDRESS *q_u, NETDFS_R_DFS_GETDCADDRESS *r_u)
+{
+ /* FIXME: Implement your code here */
+ return WERR_NOT_SUPPORTED;
+}
+
+WERROR _dfs_SetDcAddress(pipes_struct *p, NETDFS_Q_DFS_SETDCADDRESS *q_u, NETDFS_R_DFS_SETDCADDRESS *r_u)
+{
+ /* FIXME: Implement your code here */
+ return WERR_NOT_SUPPORTED;
+}
+
+WERROR _dfs_FlushFtTable(pipes_struct *p, NETDFS_Q_DFS_FLUSHFTTABLE *q_u, NETDFS_R_DFS_FLUSHFTTABLE *r_u)
+{
+ /* FIXME: Implement your code here */
+ return WERR_NOT_SUPPORTED;
+}
+
+WERROR _dfs_Add2(pipes_struct *p, NETDFS_Q_DFS_ADD2 *q_u, NETDFS_R_DFS_ADD2 *r_u)
+{
+ /* FIXME: Implement your code here */
+ return WERR_NOT_SUPPORTED;
+}
+
+WERROR _dfs_Remove2(pipes_struct *p, NETDFS_Q_DFS_REMOVE2 *q_u, NETDFS_R_DFS_REMOVE2 *r_u)
+{
+ /* FIXME: Implement your code here */
+ return WERR_NOT_SUPPORTED;
+}
+
+WERROR _dfs_EnumEx(pipes_struct *p, NETDFS_Q_DFS_ENUMEX *q_u, NETDFS_R_DFS_ENUMEX *r_u)
+{
+ /* FIXME: Implement your code here */
+ return WERR_NOT_SUPPORTED;
+}
+
+WERROR _dfs_SetInfo2(pipes_struct *p, NETDFS_Q_DFS_SETINFO2 *q_u, NETDFS_R_DFS_SETINFO2 *r_u)
+{
+ /* FIXME: Implement your code here */
+ return WERR_NOT_SUPPORTED;
+}
+
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index f48f3e863a..c93107cec4 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -9,6 +9,7 @@
* Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2002,
* Copyright (C) Simo Sorce 2003.
* Copyright (C) Gerald (Jerry) Carter 2005.
+ * Copyright (C) Volker Lendecke 2005.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -102,9 +103,7 @@ static int init_dom_ref(DOM_R_REF *ref, const char *dom_name, DOM_SID *dom_sid)
if (dom_name != NULL) {
for (num = 0; num < ref->num_ref_doms_1; num++) {
- fstring domname;
- rpcstr_pull(domname, ref->ref_dom[num].uni_dom_name.buffer, sizeof(domname), -1, 0);
- if (strequal(domname, dom_name))
+ if (sid_equal(dom_sid, &ref->ref_dom[num].ref_dom.sid))
return num;
}
} else {
@@ -159,8 +158,8 @@ static int init_lsa_rid2s(TALLOC_CTX *mem_ctx,
/* Split name into domain and user component */
- if (rpcstr_pull_unistr2_talloc(mem_ctx, &full_name,
- &name[i]) < 0) {
+ full_name = rpcstr_pull_unistr2_talloc(mem_ctx, &name[i]);
+ if (full_name == NULL) {
DEBUG(0, ("pull_ucs2_talloc failed\n"));
return 0;
}
@@ -227,87 +226,6 @@ static void init_reply_lookup_names(LSA_R_LOOKUP_NAMES *r_l,
}
/***************************************************************************
- Init lsa_trans_names.
- ***************************************************************************/
-
-static void init_lsa_trans_names(TALLOC_CTX *ctx, DOM_R_REF *ref, LSA_TRANS_NAME_ENUM *trn,
- int num_entries, DOM_SID2 *sid,
- uint32 *mapped_count)
-{
- int i;
- int total = 0;
- *mapped_count = 0;
-
- /* Allocate memory for list of names */
-
- if (num_entries > 0) {
- if (!(trn->name = TALLOC_ARRAY(ctx, LSA_TRANS_NAME, num_entries))) {
- DEBUG(0, ("init_lsa_trans_names(): out of memory\n"));
- return;
- }
-
- if (!(trn->uni_name = TALLOC_ARRAY(ctx, UNISTR2, num_entries))) {
- DEBUG(0, ("init_lsa_trans_names(): out of memory\n"));
- return;
- }
- }
-
- become_root(); /* Need root to get to passdb to for local sids */
-
- for (i = 0; i < num_entries; i++) {
- BOOL status = False;
- DOM_SID find_sid = sid[i].sid;
- uint32 rid = 0xffffffff;
- int dom_idx = -1;
- const char *name, *domain;
- enum SID_NAME_USE type = SID_NAME_UNKNOWN;
-
- DEBUG(5, ("init_lsa_trans_names: looking up sid %s\n",
- sid_string_static(&find_sid)));
-
- /* Lookup sid from winbindd */
-
- status = lookup_sid(ctx, &find_sid, &domain, &name, &type);
-
- DEBUG(5, ("init_lsa_trans_names: %s\n", status ? "found" :
- "not found"));
-
- if (!status) {
- type = SID_NAME_UNKNOWN;
- domain = talloc_strdup(ctx, "");
- name = talloc_strdup(ctx,
- sid_string_static(&find_sid));
- dom_idx = -1;
-
- DEBUG(10,("init_lsa_trans_names: added unknown user "
- "'%s' to referenced list.\n", name ));
- } else {
- (*mapped_count)++;
- /* Store domain sid in ref array */
- if (find_sid.num_auths == 5) {
- sid_split_rid(&find_sid, &rid);
- }
- dom_idx = init_dom_ref(ref, domain, &find_sid);
-
- DEBUG(10,("init_lsa_trans_names: added %s '%s\\%s' "
- "(%d) to referenced list.\n",
- sid_type_lookup(type), domain, name, type));
-
- }
-
- init_lsa_trans_name(&trn->name[total], &trn->uni_name[total],
- type, name, dom_idx);
- total++;
- }
-
- unbecome_root();
-
- trn->num_entries = total;
- trn->ptr_trans_names = 1;
- trn->num_entries2 = total;
-}
-
-/***************************************************************************
Init_reply_lookup_sids.
***************************************************************************/
@@ -315,7 +233,7 @@ static void init_reply_lookup_sids(LSA_R_LOOKUP_SIDS *r_l,
DOM_R_REF *ref, LSA_TRANS_NAME_ENUM *names,
uint32 mapped_count)
{
- r_l->ptr_dom_ref = 1;
+ r_l->ptr_dom_ref = ref ? 1 : 0;
r_l->dom_ref = ref;
r_l->names = names;
r_l->mapped_count = mapped_count;
@@ -496,10 +414,12 @@ NTSTATUS _lsa_open_policy(pipes_struct *p, LSA_Q_OPEN_POL *q_u, LSA_R_OPEN_POL *
ufff, done :) mimir
***************************************************************************/
-NTSTATUS _lsa_enum_trust_dom(pipes_struct *p, LSA_Q_ENUM_TRUST_DOM *q_u, LSA_R_ENUM_TRUST_DOM *r_u)
+NTSTATUS _lsa_enum_trust_dom(pipes_struct *p, LSA_Q_ENUM_TRUST_DOM *q_u,
+ LSA_R_ENUM_TRUST_DOM *r_u)
{
struct lsa_info *info;
- uint32 enum_context = q_u->enum_context;
+ uint32 next_idx;
+ struct trustdom_info **domains;
/*
* preferred length is set to 5 as a "our" preferred length
@@ -507,10 +427,11 @@ NTSTATUS _lsa_enum_trust_dom(pipes_struct *p, LSA_Q_ENUM_TRUST_DOM *q_u, LSA_R_E
* update (20.08.2002): it's not preferred length, but preferred size!
* it needs further investigation how to optimally choose this value
*/
- uint32 max_num_domains = q_u->preferred_len < 5 ? q_u->preferred_len : 10;
- TRUSTDOM **trust_doms;
+ uint32 max_num_domains =
+ q_u->preferred_len < 5 ? q_u->preferred_len : 10;
uint32 num_domains;
NTSTATUS nt_status;
+ uint32 num_thistime;
if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info))
return NT_STATUS_INVALID_HANDLE;
@@ -519,19 +440,34 @@ NTSTATUS _lsa_enum_trust_dom(pipes_struct *p, LSA_Q_ENUM_TRUST_DOM *q_u, LSA_R_E
if (!(info->access & POLICY_VIEW_LOCAL_INFORMATION))
return NT_STATUS_ACCESS_DENIED;
- nt_status = secrets_get_trusted_domains(p->mem_ctx, (int *)&enum_context, max_num_domains, (int *)&num_domains, &trust_doms);
+ nt_status = secrets_trusted_domains(p->mem_ctx, &num_domains,
+ &domains);
- if (!NT_STATUS_IS_OK(nt_status) &&
- !NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES) &&
- !NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_MORE_ENTRIES)) {
+ if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
- } else {
- r_u->status = nt_status;
}
+ if (q_u->enum_context < num_domains) {
+ num_thistime = MIN(num_domains, max_num_domains);
+
+ r_u->status = STATUS_MORE_ENTRIES;
+
+ if (q_u->enum_context + num_thistime > num_domains) {
+ num_thistime = num_domains - q_u->enum_context;
+ r_u->status = NT_STATUS_OK;
+ }
+
+ next_idx = q_u->enum_context + num_thistime;
+ } else {
+ num_thistime = 0;
+ next_idx = 0xffffffff;
+ r_u->status = NT_STATUS_NO_MORE_ENTRIES;
+ }
+
/* set up the lsa_enum_trust_dom response */
- init_r_enum_trust_dom(p->mem_ctx, r_u, enum_context, max_num_domains, num_domains, trust_doms);
+ init_r_enum_trust_dom(p->mem_ctx, r_u, next_idx,
+ num_thistime, domains+q_u->enum_context);
return r_u->status;
}
@@ -650,24 +586,29 @@ NTSTATUS _lsa_query_info(pipes_struct *p, LSA_Q_QUERY_INFO *q_u, LSA_R_QUERY_INF
_lsa_lookup_sids
***************************************************************************/
-NTSTATUS _lsa_lookup_sids(pipes_struct *p, LSA_Q_LOOKUP_SIDS *q_u, LSA_R_LOOKUP_SIDS *r_u)
+NTSTATUS _lsa_lookup_sids(pipes_struct *p,
+ LSA_Q_LOOKUP_SIDS *q_u,
+ LSA_R_LOOKUP_SIDS *r_u)
{
struct lsa_info *handle;
- DOM_SID2 *sid = q_u->sids.sid;
- int num_entries = q_u->sids.num_entries;
- DOM_R_REF *ref = NULL;
- LSA_TRANS_NAME_ENUM *names = NULL;
+
+ int i, num_sids;
+ const DOM_SID **sids;
uint32 mapped_count = 0;
- if (num_entries > MAX_LOOKUP_SIDS) {
- num_entries = 0;
- DEBUG(5,("_lsa_lookup_sids: limit of %d exceeded, truncating SID lookup list to %d\n", MAX_LOOKUP_SIDS, num_entries));
- r_u->status = NT_STATUS_NONE_MAPPED;
- }
+ struct lsa_dom_info *dom_infos;
+ struct lsa_name_info *name_infos;
+
+ DOM_R_REF *ref = NULL;
+ LSA_TRANS_NAME_ENUM *names = NULL;
- ref = TALLOC_ZERO_P(p->mem_ctx, DOM_R_REF);
names = TALLOC_ZERO_P(p->mem_ctx, LSA_TRANS_NAME_ENUM);
+ if ((q_u->level < 1) || (q_u->level > 6)) {
+ r_u->status = NT_STATUS_INVALID_PARAMETER;
+ goto done;
+ }
+
if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&handle)) {
r_u->status = NT_STATUS_INVALID_HANDLE;
goto done;
@@ -678,19 +619,91 @@ NTSTATUS _lsa_lookup_sids(pipes_struct *p, LSA_Q_LOOKUP_SIDS *q_u, LSA_R_LOOKUP_
r_u->status = NT_STATUS_ACCESS_DENIED;
goto done;
}
- if (!ref || !names)
- return NT_STATUS_NO_MEMORY;
-done:
+ num_sids = q_u->sids.num_entries;
+ if (num_sids > MAX_LOOKUP_SIDS) {
+ DEBUG(5,("_lsa_lookup_sids: limit of %d exceeded, truncating "
+ "SID lookup list to %d\n",
+ MAX_LOOKUP_SIDS, num_sids));
+ r_u->status = NT_STATUS_NONE_MAPPED;
+ goto done;
+ }
- /* set up the LSA Lookup SIDs response */
- init_lsa_trans_names(p->mem_ctx, ref, names, num_entries, sid, &mapped_count);
- if (NT_STATUS_IS_OK(r_u->status)) {
- if (mapped_count == 0)
- r_u->status = NT_STATUS_NONE_MAPPED;
- else if (mapped_count != num_entries)
- r_u->status = STATUS_SOME_UNMAPPED;
+ ref = TALLOC_ZERO_P(p->mem_ctx, DOM_R_REF);
+
+ sids = TALLOC_ARRAY(p->mem_ctx, const DOM_SID *, num_sids);
+ if ((ref == NULL) || (names == NULL) || (sids == NULL)) {
+ r_u->status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+
+ for (i=0; i<num_sids; i++) {
+ sids[i] = &q_u->sids.sid[i].sid;
+ }
+
+ r_u->status = lookup_sids(p->mem_ctx, num_sids, sids, q_u->level,
+ &dom_infos, &name_infos);
+
+ if (!NT_STATUS_IS_OK(r_u->status)) {
+ goto done;
+ }
+
+ if (num_sids > 0) {
+ names->name = TALLOC_ARRAY(names, LSA_TRANS_NAME, num_sids);
+ names->uni_name = TALLOC_ARRAY(names, UNISTR2, num_sids);
+ if ((names->name == NULL) || (names->uni_name == NULL)) {
+ r_u->status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
}
+
+ for (i=0; i<MAX_REF_DOMAINS; i++) {
+
+ if (!dom_infos[i].valid) {
+ break;
+ }
+
+ if (init_dom_ref(ref, dom_infos[i].name,
+ &dom_infos[i].sid) != i) {
+ DEBUG(0, ("Domain %s mentioned twice??\n",
+ dom_infos[i].name));
+ r_u->status = NT_STATUS_INTERNAL_ERROR;
+ goto done;
+ }
+ }
+
+ for (i=0; i<num_sids; i++) {
+ struct lsa_name_info *name = &name_infos[i];
+
+ if (name->type == SID_NAME_UNKNOWN) {
+ name->dom_idx = -1;
+ name->name = talloc_asprintf(p->mem_ctx, "%8.8x",
+ name->rid);
+ if (name->name == NULL) {
+ r_u->status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+ } else {
+ mapped_count += 1;
+ }
+ init_lsa_trans_name(&names->name[i], &names->uni_name[i],
+ name->type, name->name, name->dom_idx);
+ }
+
+ names->num_entries = num_sids;
+ names->ptr_trans_names = 1;
+ names->num_entries2 = num_sids;
+
+ r_u->status = NT_STATUS_NONE_MAPPED;
+ if (mapped_count > 0) {
+ r_u->status = (mapped_count < num_sids) ?
+ STATUS_SOME_UNMAPPED : NT_STATUS_OK;
+ }
+
+ DEBUG(10, ("num_sids %d, mapped_count %d, status %s\n",
+ num_sids, mapped_count, nt_errstr(r_u->status)));
+
+ done:
init_reply_lookup_sids(r_u, ref, names, mapped_count);
return r_u->status;
@@ -1173,10 +1186,7 @@ NTSTATUS _lsa_setsystemaccount(pipes_struct *p, LSA_Q_SETSYSTEMACCOUNT *q_u, LSA
if (!pdb_getgrsid(&map, info->sid))
return NT_STATUS_NO_SUCH_GROUP;
- if(!pdb_update_group_mapping_entry(&map))
- return NT_STATUS_NO_SUCH_GROUP;
-
- return r_u->status;
+ return pdb_update_group_mapping_entry(&map);
}
/***************************************************************************
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 643921f596..fd78f954cc 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -542,12 +542,9 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *
}
become_root();
- ret = pdb_update_sam_account (sampass);
+ r_u->status = pdb_update_sam_account (sampass);
unbecome_root();
}
- if (ret) {
- status = NT_STATUS_OK;
- }
/* set up the LSA Server Password Set response */
init_net_r_srv_pwset(r_u, &cred_out, status);
@@ -587,29 +584,29 @@ NTSTATUS _net_sam_logoff(pipes_struct *p, NET_Q_SAM_LOGOFF *q_u, NET_R_SAM_LOGOF
/*******************************************************************
gets a domain user's groups from their already-calculated NT_USER_TOKEN
********************************************************************/
-static NTSTATUS nt_token_to_group_list(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid,
- const NT_USER_TOKEN *nt_token,
+static NTSTATUS nt_token_to_group_list(TALLOC_CTX *mem_ctx,
+ const DOM_SID *domain_sid,
+ size_t num_sids,
+ const DOM_SID *sids,
int *numgroups, DOM_GID **pgids)
{
- DOM_GID *gids;
int i;
- gids = TALLOC_ARRAY(mem_ctx, DOM_GID, nt_token->num_sids);
-
- if (!gids) {
- return NT_STATUS_NO_MEMORY;
- }
-
*numgroups=0;
+ *pgids = NULL;
- for (i=PRIMARY_GROUP_SID_INDEX; i < nt_token->num_sids; i++) {
- if (sid_compare_domain(domain_sid, &nt_token->user_sids[i])==0) {
- sid_peek_rid(&nt_token->user_sids[i], &(gids[*numgroups].g_rid));
- gids[*numgroups].attr= (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT|SE_GROUP_ENABLED);
- (*numgroups)++;
+ for (i=0; i<num_sids; i++) {
+ DOM_GID gid;
+ if (!sid_peek_check_rid(domain_sid, &sids[i], &gid.g_rid)) {
+ continue;
+ }
+ gid.attr = (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT|
+ SE_GROUP_ENABLED);
+ ADD_TO_ARRAY(mem_ctx, DOM_GID, gid, pgids, numgroups);
+ if (*pgids == NULL) {
+ return NT_STATUS_NO_MEMORY;
}
}
- *pgids = gids;
return NT_STATUS_OK;
}
@@ -655,7 +652,7 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
/* 'server schannel = yes' should enforce use of
schannel, the client did offer it in auth2, but
obviously did not use it. */
- DEBUG(0,("_net_sam_logoff: client %s not using schannel for netlogon\n",
+ DEBUG(0,("_net_sam_logon: client %s not using schannel for netlogon\n",
p->dc->remote_machine ));
return NT_STATUS_ACCESS_DENIED;
}
@@ -734,10 +731,10 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
break;
}
case INTERACTIVE_LOGON_TYPE:
- /* 'Interactive' autheticaion, supplies the password in its
- MD4 form, encrypted with the session key. We will
- convert this to chellange/responce for the auth
- subsystem to chew on */
+ /* 'Interactive' authentication, supplies the password in its
+ MD4 form, encrypted with the session key. We will convert
+ this to challenge/response for the auth subsystem to chew
+ on */
{
const uint8 *chal;
@@ -787,14 +784,15 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
&& !is_trusted_domain(nt_domain) )
r_u->auth_resp = 0; /* We are not authoritative */
- free_server_info(&server_info);
+ talloc_free(server_info);
return status;
}
if (server_info->guest) {
/* We don't like guest domain logons... */
- DEBUG(5,("_net_sam_logon: Attempted domain logon as GUEST denied.\n"));
- free_server_info(&server_info);
+ DEBUG(5,("_net_sam_logon: Attempted domain logon as GUEST "
+ "denied.\n"));
+ talloc_free(server_info);
return NT_STATUS_LOGON_FAILURE;
}
@@ -819,7 +817,8 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
sampw = server_info->sam_account;
- /* set up pointer indicating user/password failed to be found */
+ /* set up pointer indicating user/password failed to be
+ * found */
usr_info->ptr_user_info = 0;
user_sid = pdb_get_user_sid(sampw);
@@ -829,8 +828,12 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
sid_split_rid(&domain_sid, &user_rid);
if (!sid_peek_check_rid(&domain_sid, group_sid, &group_rid)) {
- DEBUG(1, ("_net_sam_logon: user %s\\%s has user sid %s\n but group sid %s.\nThe conflicting domain portions are not supported for NETLOGON calls\n",
- pdb_get_domain(sampw), pdb_get_username(sampw),
+ DEBUG(1, ("_net_sam_logon: user %s\\%s has user sid "
+ "%s\n but group sid %s.\n"
+ "The conflicting domain portions are not "
+ "supported for NETLOGON calls\n",
+ pdb_get_domain(sampw),
+ pdb_get_username(sampw),
sid_to_string(user_sid_string, user_sid),
sid_to_string(group_sid_string, group_sid)));
return NT_STATUS_UNSUCCESSFUL;
@@ -842,26 +845,30 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
} else {
pstrcpy(my_name, global_myname());
}
-
- if (!NT_STATUS_IS_OK(status
- = nt_token_to_group_list(p->mem_ctx,
- &domain_sid,
- server_info->ptok,
- &num_gids,
- &gids))) {
+
+ status = nt_token_to_group_list(p->mem_ctx, &domain_sid,
+ server_info->num_sids,
+ server_info->sids,
+ &num_gids, &gids);
+
+ if (!NT_STATUS_IS_OK(status)) {
return status;
}
ZERO_STRUCT(netlogon_sess_key);
memcpy(netlogon_sess_key, p->dc->sess_key, 8);
if (server_info->user_session_key.length) {
- memcpy(user_session_key, server_info->user_session_key.data,
- MIN(sizeof(user_session_key), server_info->user_session_key.length));
+ memcpy(user_session_key,
+ server_info->user_session_key.data,
+ MIN(sizeof(user_session_key),
+ server_info->user_session_key.length));
SamOEMhash(user_session_key, netlogon_sess_key, 16);
}
if (server_info->lm_session_key.length) {
- memcpy(lm_session_key, server_info->lm_session_key.data,
- MIN(sizeof(lm_session_key), server_info->lm_session_key.length));
+ memcpy(lm_session_key,
+ server_info->lm_session_key.data,
+ MIN(sizeof(lm_session_key),
+ server_info->lm_session_key.length));
SamOEMhash(lm_session_key, netlogon_sess_key, 16);
}
ZERO_STRUCT(netlogon_sess_key);
@@ -891,14 +898,11 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
server_info->lm_session_key.length ? lm_session_key : NULL,
my_name , /* char *logon_srv */
pdb_get_domain(sampw),
- &domain_sid, /* DOM_SID *dom_sid */
- /* Should be users domain sid, not servers - for trusted domains */
-
- NULL); /* char *other_sids */
+ &domain_sid); /* DOM_SID *dom_sid */
ZERO_STRUCT(user_session_key);
ZERO_STRUCT(lm_session_key);
}
- free_server_info(&server_info);
+ talloc_free(server_info);
return status;
}
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 381adbe635..68b3a2d434 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -616,7 +616,7 @@ static BOOL pipe_ntlmssp_verify_final(pipes_struct *p, DATA_BLOB *p_resp_blob)
memset(p->wks, '\0', sizeof(p->wks));
/* Set up for non-authenticated user. */
- delete_nt_token(&p->pipe_user.nt_user_token);
+ talloc_free(p->pipe_user.nt_user_token);
p->pipe_user.ut.ngroups = 0;
SAFE_FREE( p->pipe_user.ut.groups);
@@ -664,7 +664,8 @@ static BOOL pipe_ntlmssp_verify_final(pipes_struct *p, DATA_BLOB *p_resp_blob)
}
if (a->server_info->ptok) {
- p->pipe_user.nt_user_token = dup_nt_token(a->server_info->ptok);
+ p->pipe_user.nt_user_token =
+ dup_nt_token(NULL, a->server_info->ptok);
} else {
DEBUG(1,("Error: Authmodule failed to provide nt_user_token\n"));
p->pipe_user.nt_user_token = NULL;
diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c
index 37d3ef64c0..86a04e7ccb 100644
--- a/source3/rpc_server/srv_pipe_hnd.c
+++ b/source3/rpc_server/srv_pipe_hnd.c
@@ -349,7 +349,8 @@ static void *make_internal_rpc_pipe_p(char *pipe_name,
/* Store the session key and NT_TOKEN */
if (vuser) {
p->session_key = data_blob(vuser->session_key.data, vuser->session_key.length);
- p->pipe_user.nt_user_token = dup_nt_token(vuser->nt_user_token);
+ p->pipe_user.nt_user_token = dup_nt_token(
+ NULL, vuser->nt_user_token);
}
/*
@@ -1222,7 +1223,7 @@ static BOOL close_internal_rpc_pipe_hnd(void *np_conn)
/* Free the handles database. */
close_policy_by_pipe(p);
- delete_nt_token(&p->pipe_user.nt_user_token);
+ talloc_free(p->pipe_user.nt_user_token);
data_blob_free(&p->session_key);
SAFE_FREE(p->pipe_user.ut.groups);
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 2f9d494a26..81344cdc1e 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -140,7 +140,7 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd
if ( sid ) {
init_sec_access( &mask, sid_access );
init_sec_ace(&ace[i++], sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
-}
+ }
/* create the security descriptor */
@@ -1416,7 +1416,7 @@ NTSTATUS _samr_lookup_names(pipes_struct *p, SAMR_Q_LOOKUP_NAMES *q_u, SAMR_R_LO
type[i] = SID_NAME_ALIAS;
}
} else {
- lookup_global_sam_name(name, &rid[i], &type[i]);
+ lookup_global_sam_name(name, 0, &rid[i], &type[i]);
}
if (type[i] != SID_NAME_UNKNOWN) {
@@ -1927,28 +1927,6 @@ NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_
return r_u->status;
break;
-#if 0
-/* whoops - got this wrong. i think. or don't understand what's happening. */
- case 17:
- {
- NTTIME expire;
- info = (void *)&id11;
-
- expire.low = 0xffffffff;
- expire.high = 0x7fffffff;
-
- ctr->info.id = TALLOC_ZERO_P(p->mem_ctx, SAM_USER_INFO_17));
- ZERO_STRUCTP(ctr->info.id17);
- init_sam_user_info17(ctr->info.id17, &expire,
- "BROOKFIELDS$", /* name */
- 0x03ef, /* user rid */
- 0x201, /* group rid */
- 0x0080); /* acb info */
-
- break;
- }
-#endif
-
case 18:
ctr->info.id18 = TALLOC_ZERO_P(p->mem_ctx, SAM_USER_INFO_18);
if (ctr->info.id18 == NULL)
@@ -1993,10 +1971,11 @@ NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_
NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, SAMR_R_QUERY_USERGROUPS *r_u)
{
SAM_ACCOUNT *sam_pass=NULL;
- struct passwd *passwd;
DOM_SID sid;
DOM_SID *sids;
+ DOM_GID dom_gid;
DOM_GID *gids = NULL;
+ uint32 primary_group_rid;
size_t num_groups = 0;
gid_t *unix_gids;
size_t i, num_gids;
@@ -2031,58 +2010,72 @@ NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, S
if (!sid_check_is_in_our_domain(&sid))
return NT_STATUS_OBJECT_TYPE_MISMATCH;
- pdb_init_sam(&sam_pass);
+ pdb_init_sam_talloc(p->mem_ctx, &sam_pass);
become_root();
ret = pdb_getsampwsid(sam_pass, &sid);
unbecome_root();
- if (ret == False) {
- pdb_free_sam(&sam_pass);
- return NT_STATUS_NO_SUCH_USER;
- }
-
- passwd = getpwnam_alloc(pdb_get_username(sam_pass));
- if (passwd == NULL) {
- pdb_free_sam(&sam_pass);
+ if (!ret) {
+ DEBUG(10, ("pdb_getsampwsid failed for %s\n",
+ sid_string_static(&sid)));
return NT_STATUS_NO_SUCH_USER;
}
sids = NULL;
become_root();
- result = pdb_enum_group_memberships(pdb_get_username(sam_pass),
- passwd->pw_gid,
+ result = pdb_enum_group_memberships(p->mem_ctx, sam_pass,
&sids, &unix_gids, &num_groups);
unbecome_root();
- pdb_free_sam(&sam_pass);
- passwd_free(&passwd);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(result)) {
+ DEBUG(10, ("pdb_enum_group_memberships failed for %s\n",
+ sid_string_static(&sid)));
return result;
-
- SAFE_FREE(unix_gids);
+ }
gids = NULL;
num_gids = 0;
+ dom_gid.attr = (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT|
+ SE_GROUP_ENABLED);
+
+ if (!sid_peek_check_rid(get_global_sam_sid(),
+ pdb_get_group_sid(sam_pass),
+ &primary_group_rid)) {
+ DEBUG(5, ("Group sid %s for user %s not in our domain\n",
+ sid_string_static(pdb_get_group_sid(sam_pass)),
+ pdb_get_username(sam_pass)));
+ pdb_free_sam(&sam_pass);
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+
+ dom_gid.g_rid = primary_group_rid;
+
+ ADD_TO_ARRAY(p->mem_ctx, DOM_GID, dom_gid, &gids, &num_gids);
+
for (i=0; i<num_groups; i++) {
- uint32 rid;
if (!sid_peek_check_rid(get_global_sam_sid(),
- &(sids[i]), &rid))
+ &(sids[i]), &dom_gid.g_rid)) {
+ DEBUG(10, ("Found sid %s not in our domain\n",
+ sid_string_static(&sids[i])));
continue;
+ }
- gids = TALLOC_REALLOC_ARRAY(p->mem_ctx, gids, DOM_GID, num_gids+1);
- gids[num_gids].attr= (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT|SE_GROUP_ENABLED);
- gids[num_gids].g_rid = rid;
- num_gids += 1;
+ if (dom_gid.g_rid == primary_group_rid) {
+ /* We added the primary group directly from the
+ * sam_account. The other SIDs are unique from
+ * enum_group_memberships */
+ continue;
+ }
+
+ ADD_TO_ARRAY(p->mem_ctx, DOM_GID, dom_gid, &gids, &num_gids);
}
- SAFE_FREE(sids);
/* construct the response. lkclXXXX: gids are not copied! */
- init_samr_r_query_usergroups(r_u, num_groups, gids, r_u->status);
+ init_samr_r_query_usergroups(r_u, num_gids, gids, r_u->status);
DEBUG(5,("_samr_query_usergroups: %d\n", __LINE__));
@@ -2322,7 +2315,8 @@ static NTSTATUS can_create(TALLOC_CTX *mem_ctx, const char *new_name)
This funcion will need to be updated for bdc/domain trusts.
********************************************************************/
-NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CREATE_USER *r_u)
+NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u,
+ SAMR_R_CREATE_USER *r_u)
{
SAM_ACCOUNT *sam_pass=NULL;
fstring account;
@@ -2339,7 +2333,6 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CREA
uint32 acc_granted;
SEC_DESC *psd;
size_t sd_size;
- uint32 new_rid = 0;
/* check this, when giving away 'add computer to domain' privs */
uint32 des_access = GENERIC_RIGHTS_USER_ALL_ACCESS;
BOOL can_add_account = False;
@@ -2347,20 +2340,26 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CREA
DISP_INFO *disp_info = NULL;
/* Get the domain SID stored in the domain policy */
- if (!get_lsa_policy_samr_sid(p, &dom_pol, &sid, &acc_granted, &disp_info))
+ if (!get_lsa_policy_samr_sid(p, &dom_pol, &sid, &acc_granted,
+ &disp_info))
return NT_STATUS_INVALID_HANDLE;
- if (!NT_STATUS_IS_OK(nt_status = access_check_samr_function(acc_granted, SA_RIGHT_DOMAIN_CREATE_USER, "_samr_create_user"))) {
+ nt_status = access_check_samr_function(acc_granted,
+ SA_RIGHT_DOMAIN_CREATE_USER,
+ "_samr_create_user");
+ if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
}
- if (!(acb_info == ACB_NORMAL || acb_info == ACB_DOMTRUST || acb_info == ACB_WSTRUST || acb_info == ACB_SVRTRUST)) {
+ if (!(acb_info == ACB_NORMAL || acb_info == ACB_DOMTRUST ||
+ acb_info == ACB_WSTRUST || acb_info == ACB_SVRTRUST)) {
/* Match Win2k, and return NT_STATUS_INVALID_PARAMETER if
this parameter is not an account type */
return NT_STATUS_INVALID_PARAMETER;
}
- rpcstr_pull(account, user_account.buffer, sizeof(account), user_account.uni_str_len*2, 0);
+ rpcstr_pull(account, user_account.buffer, sizeof(account),
+ user_account.uni_str_len*2, 0);
strlower_m(account);
nt_status = can_create(p->mem_ctx, account);
@@ -2369,14 +2368,14 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CREA
}
/*********************************************************************
- * HEADS UP! If we have to create a new user account, we have to get
- * a new RID from somewhere. This used to be done by the passdb
- * backend. It has been moved into idmap now. Since idmap is now
- * wrapped up behind winbind, this means you have to run winbindd if you
- * want new accounts to get a new RID when "enable rid algorithm = no".
- * Tough. We now have a uniform way of allocating RIDs regardless
- * of what ever passdb backend people may use.
- * --jerry (2003-07-10)
+ * HEADS UP! If we have to create a new user account, we have to get
+ * a new RID from somewhere. This used to be done by the passdb
+ * backend. It has been moved into idmap now. Since idmap is now
+ * wrapped up behind winbind, this means you have to run winbindd if
+ * you want new accounts to get a new RID when "enable rid algorithm =
+ * no". Tough. We now have a uniform way of allocating RIDs
+ * regardless of what ever passdb backend people may use. --jerry
+ * (2003-07-10)
*********************************************************************/
pw = Get_Pwnam(account);
@@ -2387,24 +2386,30 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CREA
{
pstrcpy(add_script, lp_addmachine_script());
se_priv_copy( &se_rights, &se_machine_account );
- can_add_account = user_has_privileges( p->pipe_user.nt_user_token, &se_rights );
+ can_add_account = user_has_privileges(
+ p->pipe_user.nt_user_token, &se_rights );
}
/* usrmgr.exe (and net rpc trustdom grant) creates a normal user
account for domain trusts and changes the ACB flags later */
- else if ( acb_info & ACB_NORMAL && (account[strlen(account)-1] != '$') )
+ else if ( acb_info & ACB_NORMAL &&
+ (account[strlen(account)-1] != '$') )
{
pstrcpy(add_script, lp_adduser_script());
se_priv_copy( &se_rights, &se_add_users );
- can_add_account = user_has_privileges( p->pipe_user.nt_user_token, &se_rights );
+ can_add_account = user_has_privileges(
+ p->pipe_user.nt_user_token, &se_rights );
}
- else /* implicit assumption of a BDC or domain trust account here (we already check the flags earlier) */
+ else /* implicit assumption of a BDC or domain trust account here
+ * (we already check the flags earlier) */
{
pstrcpy(add_script, lp_addmachine_script());
if ( lp_enable_privileges() ) {
/* only Domain Admins can add a BDC or domain trust */
se_priv_copy( &se_rights, &se_priv_none );
- can_add_account = nt_token_check_domain_rid( p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS );
- }
+ can_add_account = nt_token_check_domain_rid(
+ p->pipe_user.nt_user_token,
+ DOMAIN_GROUP_RID_ADMINS );
+ }
}
DEBUG(5, ("_samr_create_user: %s can add this account : %s\n",
@@ -2419,16 +2424,20 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CREA
if (*add_script) {
int add_ret;
- all_string_sub(add_script, "%u", account, sizeof(add_script));
+ all_string_sub(add_script, "%u", account,
+ sizeof(add_script));
add_ret = smbrun(add_script,NULL);
- DEBUG(add_ret ? 0 : 3,("_samr_create_user: Running the command `%s' gave %d\n", add_script, add_ret));
+ DEBUG(add_ret ? 0 : 3,("_samr_create_user: Running "
+ "the command `%s' gave %d\n",
+ add_script, add_ret));
}
}
- /* implicit call to getpwnam() next. we have a valid SID coming out of this call */
+ /* implicit call to getpwnam() next. we have a valid SID coming out
+ * of this call */
flush_pwnam_cache();
- nt_status = pdb_init_sam_new(&sam_pass, account, new_rid);
+ nt_status = pdb_init_sam_new(&sam_pass, account);
/* this code is order such that we have no unnecessary retuns
out of the admin block of code */
@@ -2438,7 +2447,8 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CREA
if ( !(ret = pdb_add_sam_account(sam_pass)) ) {
pdb_free_sam(&sam_pass);
- DEBUG(0, ("could not add user/computer %s to passdb. Check permissions?\n",
+ DEBUG(0, ("could not add user/computer %s to passdb. "
+ "Check permissions?\n",
account));
nt_status = NT_STATUS_ACCESS_DENIED;
}
@@ -2458,7 +2468,8 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CREA
sid_copy(&sid, pdb_get_user_sid(sam_pass));
- make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping, &sid, SAMR_USR_RIGHTS_WRITE_PW);
+ make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping,
+ &sid, SAMR_USR_RIGHTS_WRITE_PW);
se_map_generic(&des_access, &usr_generic_mapping);
nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token,
@@ -2944,7 +2955,7 @@ static BOOL set_user_info_16(const SAM_USER_INFO_16 *id16, SAM_ACCOUNT *pwd)
return False;
}
- if(!pdb_update_sam_account(pwd)) {
+ if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) {
pdb_free_sam(&pwd);
return False;
}
@@ -2980,7 +2991,7 @@ static BOOL set_user_info_18(SAM_USER_INFO_18 *id18, SAM_ACCOUNT *pwd)
return False;
}
- if(!pdb_update_sam_account(pwd)) {
+ if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) {
pdb_free_sam(&pwd);
return False;
}
@@ -2997,8 +3008,7 @@ static BOOL set_unix_primary_group(SAM_ACCOUNT *sampass)
struct group *grp;
gid_t gid;
- if (!NT_STATUS_IS_OK(sid_to_gid(pdb_get_group_sid(sampass),
- &gid))) {
+ if (!sid_to_gid(pdb_get_group_sid(sampass), &gid)) {
DEBUG(2,("Could not get gid for primary group of "
"user %s\n", pdb_get_username(sampass)));
return False;
@@ -3039,7 +3049,7 @@ static BOOL set_user_info_20(SAM_USER_INFO_20 *id20, SAM_ACCOUNT *pwd)
copy_id20_to_sam_passwd(pwd, id20);
/* write the change out */
- if(!pdb_update_sam_account(pwd)) {
+ if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) {
pdb_free_sam(&pwd);
return False;
}
@@ -3073,7 +3083,7 @@ static BOOL set_user_info_21(SAM_USER_INFO_21 *id21, SAM_ACCOUNT *pwd)
set_unix_primary_group(pwd);
/* write the change out */
- if(!pdb_update_sam_account(pwd)) {
+ if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) {
pdb_free_sam(&pwd);
return False;
}
@@ -3140,7 +3150,7 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, SAM_ACCOUNT *pwd)
if (IS_SAM_CHANGED(pwd, PDB_GROUPSID))
set_unix_primary_group(pwd);
- if(!pdb_update_sam_account(pwd)) {
+ if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) {
pdb_free_sam(&pwd);
return False;
}
@@ -3202,7 +3212,7 @@ static BOOL set_user_info_pw(uint8 *pass, SAM_ACCOUNT *pwd)
DEBUG(5,("set_user_info_pw: pdb_update_pwd()\n"));
/* update the SAMBA password */
- if(!pdb_update_sam_account(pwd)) {
+ if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) {
pdb_free_sam(&pwd);
return False;
}
@@ -3485,7 +3495,6 @@ NTSTATUS _samr_query_useraliases(pipes_struct *p, SAMR_Q_QUERY_USERALIASES *q_u,
NTSTATUS ntstatus2;
DOM_SID *members;
- BOOL res;
r_u->status = NT_STATUS_OK;
@@ -3521,13 +3530,14 @@ NTSTATUS _samr_query_useraliases(pipes_struct *p, SAMR_Q_QUERY_USERALIASES *q_u,
num_alias_rids = 0;
become_root();
- res = pdb_enum_alias_memberships(p->mem_ctx, &info->sid, members,
- q_u->num_sids1,
- &alias_rids, &num_alias_rids);
+ ntstatus1 = pdb_enum_alias_memberships(p->mem_ctx, &info->sid, members,
+ q_u->num_sids1,
+ &alias_rids, &num_alias_rids);
unbecome_root();
- if (!res)
- return NT_STATUS_UNSUCCESSFUL;
+ if (!NT_STATUS_IS_OK(ntstatus1)) {
+ return ntstatus1;
+ }
init_samr_r_query_useraliases(r_u, num_alias_rids, alias_rids,
NT_STATUS_OK);
@@ -3540,6 +3550,7 @@ NTSTATUS _samr_query_useraliases(pipes_struct *p, SAMR_Q_QUERY_USERALIASES *q_u,
NTSTATUS _samr_query_aliasmem(pipes_struct *p, SAMR_Q_QUERY_ALIASMEM *q_u, SAMR_R_QUERY_ALIASMEM *r_u)
{
+ NTSTATUS status;
size_t i;
size_t num_sids = 0;
DOM_SID2 *sid;
@@ -3560,8 +3571,11 @@ NTSTATUS _samr_query_aliasmem(pipes_struct *p, SAMR_Q_QUERY_ALIASMEM *q_u, SAMR_
DEBUG(10, ("sid is %s\n", sid_string_static(&alias_sid)));
- if (!pdb_enum_aliasmem(&alias_sid, &sids, &num_sids))
- return NT_STATUS_NO_SUCH_ALIAS;
+ status = pdb_enum_aliasmem(&alias_sid, &sids, &num_sids);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
sid = TALLOC_ZERO_ARRAY(p->mem_ctx, DOM_SID2, num_sids);
if (num_sids!=0 && sid == NULL) {
@@ -3710,7 +3724,7 @@ NTSTATUS _samr_add_aliasmem(pipes_struct *p, SAMR_Q_ADD_ALIASMEM *q_u, SAMR_R_AD
uint32 acc_granted;
SE_PRIV se_rights;
BOOL can_add_accounts;
- BOOL ret;
+ NTSTATUS ret;
DISP_INFO *disp_info = NULL;
/* Find the policy handle. Open a policy on it. */
@@ -3738,11 +3752,11 @@ NTSTATUS _samr_add_aliasmem(pipes_struct *p, SAMR_Q_ADD_ALIASMEM *q_u, SAMR_R_AD
/******** END SeAddUsers BLOCK *********/
- if (ret) {
+ if (NT_STATUS_IS_OK(ret)) {
force_flush_samr_cache(disp_info);
}
- return ret ? NT_STATUS_OK : NT_STATUS_ACCESS_DENIED;
+ return ret;
}
/*********************************************************************
@@ -3755,7 +3769,7 @@ NTSTATUS _samr_del_aliasmem(pipes_struct *p, SAMR_Q_DEL_ALIASMEM *q_u, SAMR_R_DE
uint32 acc_granted;
SE_PRIV se_rights;
BOOL can_add_accounts;
- BOOL ret;
+ NTSTATUS ret;
DISP_INFO *disp_info = NULL;
/* Find the policy handle. Open a policy on it. */
@@ -3784,11 +3798,11 @@ NTSTATUS _samr_del_aliasmem(pipes_struct *p, SAMR_Q_DEL_ALIASMEM *q_u, SAMR_R_DE
/******** END SeAddUsers BLOCK *********/
- if (ret) {
+ if (NT_STATUS_IS_OK(ret)) {
force_flush_samr_cache(disp_info);
}
- return ret ? NT_STATUS_OK : NT_STATUS_ACCESS_DENIED;
+ return ret;
}
/*********************************************************************
@@ -3847,19 +3861,18 @@ NTSTATUS _samr_add_groupmem(pipes_struct *p, SAMR_Q_ADD_GROUPMEM *q_u, SAMR_R_AD
}
/* check a real user exist before we run the script to add a user to a group */
- if (!NT_STATUS_IS_OK(sid_to_uid(pdb_get_user_sid(sam_user), &uid))) {
+ if (!sid_to_uid(pdb_get_user_sid(sam_user), &uid)) {
pdb_free_sam(&sam_user);
return NT_STATUS_NO_SUCH_USER;
}
pdb_free_sam(&sam_user);
- if ((pwd=getpwuid_alloc(uid)) == NULL) {
+ if ((pwd=getpwuid_alloc(p->mem_ctx, uid)) == NULL) {
return NT_STATUS_NO_SUCH_USER;
}
if ((grp=getgrgid(map.gid)) == NULL) {
- passwd_free(&pwd);
return NT_STATUS_NO_SUCH_GROUP;
}
@@ -3867,8 +3880,7 @@ NTSTATUS _samr_add_groupmem(pipes_struct *p, SAMR_Q_ADD_GROUPMEM *q_u, SAMR_R_AD
fstrcpy(grp_name, grp->gr_name);
/* if the user is already in the group */
- if(user_in_unix_group_list(pwd->pw_name, grp_name)) {
- passwd_free(&pwd);
+ if(user_in_unix_group(pwd->pw_name, grp_name)) {
return NT_STATUS_MEMBER_IN_GROUP;
}
@@ -3894,13 +3906,10 @@ NTSTATUS _samr_add_groupmem(pipes_struct *p, SAMR_Q_ADD_GROUPMEM *q_u, SAMR_R_AD
/******** END SeAddUsers BLOCK *********/
/* check if the user has been added then ... */
- if(!user_in_unix_group_list(pwd->pw_name, grp_name)) {
- passwd_free(&pwd);
+ if(!user_in_unix_group(pwd->pw_name, grp_name)) {
return NT_STATUS_MEMBER_NOT_IN_GROUP; /* don't know what to reply else */
}
- passwd_free(&pwd);
-
force_flush_samr_cache(disp_info);
return NT_STATUS_OK;
@@ -3961,7 +3970,7 @@ NTSTATUS _samr_del_groupmem(pipes_struct *p, SAMR_Q_DEL_GROUPMEM *q_u, SAMR_R_DE
}
/* if the user is not in the group */
- if (!user_in_unix_group_list(pdb_get_username(sam_pass), grp_name)) {
+ if (!user_in_unix_group(pdb_get_username(sam_pass), grp_name)) {
pdb_free_sam(&sam_pass);
return NT_STATUS_MEMBER_NOT_IN_GROUP;
}
@@ -3983,7 +3992,7 @@ NTSTATUS _samr_del_groupmem(pipes_struct *p, SAMR_Q_DEL_GROUPMEM *q_u, SAMR_R_DE
/******** END SeAddUsers BLOCK *********/
/* check if the user has been removed then ... */
- if (user_in_unix_group_list(pdb_get_username(sam_pass), grp_name)) {
+ if (user_in_unix_group(pdb_get_username(sam_pass), grp_name)) {
pdb_free_sam(&sam_pass);
return NT_STATUS_ACCESS_DENIED; /* don't know what to reply else */
}
@@ -4290,19 +4299,28 @@ NTSTATUS _samr_create_dom_group(pipes_struct *p, SAMR_Q_CREATE_DOM_GROUP *q_u, S
/* so far, so good */
result = NT_STATUS_OK;
-
- r_u->rid = pdb_gid_to_group_rid( grp->gr_gid );
- /* add the group to the mapping table */
+ if (pdb_rid_algorithm()) {
+ r_u->rid = pdb_gid_to_group_rid( grp->gr_gid );
+ } else {
+ if (!pdb_new_rid(&r_u->rid)) {
+ result = NT_STATUS_ACCESS_DENIED;
+ }
+ }
+
+ if (NT_STATUS_IS_OK(result)) {
+
+ /* add the group to the mapping table */
- sid_copy( &info_sid, get_global_sam_sid() );
- sid_append_rid( &info_sid, r_u->rid );
- sid_to_string( sid_string, &info_sid );
+ sid_copy( &info_sid, get_global_sam_sid() );
+ sid_append_rid( &info_sid, r_u->rid );
+ sid_to_string( sid_string, &info_sid );
- /* reset the error code if we fail to add the mapping entry */
+ /* reset the error code if we fail to add the mapping entry */
- if ( !add_initial_entry(grp->gr_gid, sid_string, SID_NAME_DOM_GRP, name, NULL) )
- result = NT_STATUS_ACCESS_DENIED;
+ if ( !add_initial_entry(grp->gr_gid, sid_string, SID_NAME_DOM_GRP, name, NULL) )
+ result = NT_STATUS_ACCESS_DENIED;
+ }
}
if ( can_add_accounts )
@@ -4383,18 +4401,26 @@ NTSTATUS _samr_create_dom_alias(pipes_struct *p, SAMR_Q_CREATE_DOM_ALIAS *q_u, S
/******** END SeAddUsers BLOCK *********/
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(result)) {
+ DEBUG(10, ("pdb_create_alias failed: %s\n",
+ nt_errstr(result)));
return result;
+ }
sid_copy(&info_sid, get_global_sam_sid());
sid_append_rid(&info_sid, r_u->rid);
- if (!NT_STATUS_IS_OK(sid_to_gid(&info_sid, &gid)))
+ if (!sid_to_gid(&info_sid, &gid)) {
+ DEBUG(10, ("Could not find alias just created\n"));
return NT_STATUS_ACCESS_DENIED;
+ }
/* check if the group has been successfully created */
- if ( getgrgid(gid) == NULL )
+ if ( getgrgid(gid) == NULL ) {
+ DEBUG(10, ("getgrgid(%d) of just created alias failed\n",
+ gid));
return NT_STATUS_ACCESS_DENIED;
+ }
if ((info = get_samr_info_by_sid(&info_sid)) == NULL)
return NT_STATUS_NO_MEMORY;
@@ -4485,7 +4511,8 @@ NTSTATUS _samr_set_groupinfo(pipes_struct *p, SAMR_Q_SET_GROUPINFO *q_u, SAMR_R_
GROUP_MAP map;
GROUP_INFO_CTR *ctr;
uint32 acc_granted;
- BOOL ret;
+ NTSTATUS ret;
+ BOOL result;
BOOL can_mod_accounts;
DISP_INFO *disp_info = NULL;
@@ -4497,9 +4524,9 @@ NTSTATUS _samr_set_groupinfo(pipes_struct *p, SAMR_Q_SET_GROUPINFO *q_u, SAMR_R_
}
become_root();
- ret = get_domain_group_from_sid(group_sid, &map);
+ result = get_domain_group_from_sid(group_sid, &map);
unbecome_root();
- if (!ret)
+ if (!result)
return NT_STATUS_NO_SUCH_GROUP;
ctr=q_u->ctr;
@@ -4529,11 +4556,11 @@ NTSTATUS _samr_set_groupinfo(pipes_struct *p, SAMR_Q_SET_GROUPINFO *q_u, SAMR_R_
/******** End SeAddUsers BLOCK *********/
- if (ret) {
+ if (NT_STATUS_IS_OK(ret)) {
force_flush_samr_cache(disp_info);
}
- return ret ? NT_STATUS_OK : NT_STATUS_ACCESS_DENIED;
+ return ret;
}
/*********************************************************************
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index a22d6db266..e6d45f76ec 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -1620,10 +1620,13 @@ WERROR _spoolss_open_printer_ex( pipes_struct *p, SPOOL_Q_OPEN_PRINTER_EX *q_u,
/* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege,
and not a printer admin, then fail */
- if ( user.ut.uid != 0
- && !user_has_privileges( user.nt_user_token, &se_printop )
- && !user_in_list(uidtoname(user.ut.uid), lp_printer_admin(snum), user.ut.groups, user.ut.ngroups) )
- {
+ if ((user.ut.uid != 0) &&
+ !user_has_privileges(user.nt_user_token,
+ &se_printop ) &&
+ !token_contains_name_in_list(
+ uidtoname(user.ut.uid), NULL,
+ user.nt_user_token,
+ lp_printer_admin(snum))) {
close_printer_handle(p, handle);
return WERR_ACCESS_DENIED;
}
@@ -1676,7 +1679,10 @@ WERROR _spoolss_open_printer_ex( pipes_struct *p, SPOOL_Q_OPEN_PRINTER_EX *q_u,
return WERR_ACCESS_DENIED;
}
- if (!user_ok(uidtoname(user.ut.uid), snum, user.ut.groups, user.ut.ngroups) || !print_access_check(&user, snum, printer_default->access_required)) {
+ if (!user_ok_token(uidtoname(user.ut.uid), user.nt_user_token,
+ snum) ||
+ !print_access_check(&user, snum,
+ printer_default->access_required)) {
DEBUG(3, ("access DENIED for printer open\n"));
close_printer_handle(p, handle);
return WERR_ACCESS_DENIED;
@@ -5997,7 +6003,7 @@ BOOL add_printer_hook(NT_USER_TOKEN *token, NT_PRINTER_INFO_LEVEL *printer)
numlines = 0;
/* Get lines and convert them back to dos-codepage */
- qlines = fd_lines_load(fd, &numlines);
+ qlines = fd_lines_load(fd, &numlines, 0);
DEBUGADD(10,("Lines returned = [%d]\n", numlines));
close(fd);
@@ -7195,7 +7201,7 @@ WERROR enumports_hook( int *count, char ***lines )
}
numlines = 0;
- qlines = fd_lines_load(fd, &numlines);
+ qlines = fd_lines_load(fd, &numlines, 0);
DEBUGADD(10,("Lines returned = [%d]\n", numlines));
close(fd);
}
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index 8150a8bf69..f279c98c31 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -29,26 +29,6 @@ extern struct generic_mapping file_generic_mapping;
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_RPC_SRV
-#define INVALID_SHARENAME_CHARS "<>*?|/\\+=;:\","
-
-/********************************************************************
- Check a string for any occurrences of a specified list of invalid
- characters.
-********************************************************************/
-
-static BOOL validate_net_name( const char *name, const char *invalid_chars, int max_len )
-{
- int i;
-
- for ( i=0; i<max_len && name[i]; i++ ) {
- /* fail if strchr_m() finds one of the invalid characters */
- if ( name[i] && strchr_m( invalid_chars, name[i] ) )
- return False;
- }
-
- return True;
-}
-
/*******************************************************************
Utility function to get the 'type' of a share from an snum.
********************************************************************/
@@ -132,189 +112,10 @@ static void init_srv_share_info_2(pipes_struct *p, SRV_SHARE_INFO_2 *sh2, int sn
}
/*******************************************************************
- What to do when smb.conf is updated.
- ********************************************************************/
-
-static void smb_conf_updated(int msg_type, struct process_id src,
- void *buf, size_t len)
-{
- DEBUG(10,("smb_conf_updated: Got message saying smb.conf was updated. Reloading.\n"));
- reload_services(False);
-}
-
-/*******************************************************************
- Create the share security tdb.
- ********************************************************************/
-
-static TDB_CONTEXT *share_tdb; /* used for share security descriptors */
-#define SHARE_DATABASE_VERSION_V1 1
-#define SHARE_DATABASE_VERSION_V2 2 /* version id in little endian. */
-
-BOOL share_info_db_init(void)
-{
- static pid_t local_pid;
- const char *vstring = "INFO/version";
- int32 vers_id;
-
- if (share_tdb && local_pid == sys_getpid())
- return True;
- share_tdb = tdb_open_log(lock_path("share_info.tdb"), 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
- if (!share_tdb) {
- DEBUG(0,("Failed to open share info database %s (%s)\n",
- lock_path("share_info.tdb"), strerror(errno) ));
- return False;
- }
-
- local_pid = sys_getpid();
-
- /* handle a Samba upgrade */
- tdb_lock_bystring(share_tdb, vstring, 0);
-
- /* Cope with byte-reversed older versions of the db. */
- vers_id = tdb_fetch_int32(share_tdb, vstring);
- if ((vers_id == SHARE_DATABASE_VERSION_V1) || (IREV(vers_id) == SHARE_DATABASE_VERSION_V1)) {
- /* Written on a bigendian machine with old fetch_int code. Save as le. */
- tdb_store_int32(share_tdb, vstring, SHARE_DATABASE_VERSION_V2);
- vers_id = SHARE_DATABASE_VERSION_V2;
- }
-
- if (vers_id != SHARE_DATABASE_VERSION_V2) {
- tdb_traverse(share_tdb, tdb_traverse_delete_fn, NULL);
- tdb_store_int32(share_tdb, vstring, SHARE_DATABASE_VERSION_V2);
- }
- tdb_unlock_bystring(share_tdb, vstring);
-
- message_register(MSG_SMB_CONF_UPDATED, smb_conf_updated);
-
- return True;
-}
-
-/*******************************************************************
- Fake up a Everyone, full access as a default.
- ********************************************************************/
-
-static SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, int snum, size_t *psize)
-{
- SEC_ACCESS sa;
- SEC_ACE ace;
- SEC_ACL *psa = NULL;
- SEC_DESC *psd = NULL;
- uint32 def_access = GENERIC_ALL_ACCESS;
-
- se_map_generic(&def_access, &file_generic_mapping);
-
- init_sec_access(&sa, GENERIC_ALL_ACCESS | def_access );
- init_sec_ace(&ace, &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, sa, 0);
-
- if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, 1, &ace)) != NULL) {
- psd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, psa, psize);
- }
-
- if (!psd) {
- DEBUG(0,("get_share_security: Failed to make SEC_DESC.\n"));
- return NULL;
- }
-
- return psd;
-}
-
-/*******************************************************************
- Pull a security descriptor from the share tdb.
- ********************************************************************/
-
-static SEC_DESC *get_share_security( TALLOC_CTX *ctx, int snum, size_t *psize)
-{
- prs_struct ps;
- fstring key;
- SEC_DESC *psd = NULL;
-
- *psize = 0;
-
- /* Fetch security descriptor from tdb */
-
- slprintf(key, sizeof(key)-1, "SECDESC/%s", lp_servicename(snum));
-
- if (tdb_prs_fetch(share_tdb, key, &ps, ctx)!=0 ||
- !sec_io_desc("get_share_security", &psd, &ps, 1)) {
-
- DEBUG(4,("get_share_security: using default secdesc for %s\n", lp_servicename(snum) ));
-
- return get_share_security_default(ctx, snum, psize);
- }
-
- if (psd)
- *psize = sec_desc_size(psd);
-
- prs_mem_free(&ps);
- return psd;
-}
-
-/*******************************************************************
- Store a security descriptor in the share db.
- ********************************************************************/
-
-static BOOL set_share_security(TALLOC_CTX *ctx, const char *share_name, SEC_DESC *psd)
-{
- prs_struct ps;
- TALLOC_CTX *mem_ctx = NULL;
- fstring key;
- BOOL ret = False;
-
- mem_ctx = talloc_init("set_share_security");
- if (mem_ctx == NULL)
- return False;
-
- prs_init(&ps, (uint32)sec_desc_size(psd), mem_ctx, MARSHALL);
-
- if (!sec_io_desc("share_security", &psd, &ps, 1))
- goto out;
-
- slprintf(key, sizeof(key)-1, "SECDESC/%s", share_name);
-
- if (tdb_prs_store(share_tdb, key, &ps)==0) {
- ret = True;
- DEBUG(5,("set_share_security: stored secdesc for %s\n", share_name ));
- } else {
- DEBUG(1,("set_share_security: Failed to store secdesc for %s\n", share_name ));
- }
-
- /* Free malloc'ed memory */
-
-out:
-
- prs_mem_free(&ps);
- if (mem_ctx)
- talloc_destroy(mem_ctx);
- return ret;
-}
-
-/*******************************************************************
- Delete a security descriptor.
-********************************************************************/
-
-static BOOL delete_share_security(int snum)
-{
- TDB_DATA kbuf;
- fstring key;
-
- slprintf(key, sizeof(key)-1, "SECDESC/%s", lp_servicename(snum));
- kbuf.dptr = key;
- kbuf.dsize = strlen(key)+1;
-
- if (tdb_delete(share_tdb, kbuf) != 0) {
- DEBUG(0,("delete_share_security: Failed to delete entry for share %s\n",
- lp_servicename(snum) ));
- return False;
- }
-
- return True;
-}
-
-/*******************************************************************
Map any generic bits to file specific bits.
********************************************************************/
-void map_generic_share_sd_bits(SEC_DESC *psd)
+static void map_generic_share_sd_bits(SEC_DESC *psd)
{
int i;
SEC_ACL *ps_dacl = NULL;
@@ -517,7 +318,7 @@ static BOOL init_srv_share_info_ctr(pipes_struct *p, SRV_SHARE_INFO_CTR *ctr,
uint32 info_level, uint32 *resume_hnd, uint32 *total_entries, BOOL all_shares)
{
int num_entries = 0;
- int num_services = lp_numservices();
+ int num_services = 0;
int snum;
TALLOC_CTX *ctx = p->mem_ctx;
@@ -528,6 +329,11 @@ static BOOL init_srv_share_info_ctr(pipes_struct *p, SRV_SHARE_INFO_CTR *ctr,
ctr->info_level = ctr->switch_value = info_level;
*resume_hnd = 0;
+ /* Ensure all the usershares are loaded. */
+ become_root();
+ num_services = load_usershare_shares();
+ unbecome_root();
+
/* Count the number of entries. */
for (snum = 0; snum < num_services; snum++) {
if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) )