diff options
| author | Simo Sorce <idra@samba.org> | 2008-02-01 14:24:31 -0500 |
|---|---|---|
| committer | Simo Sorce <idra@samba.org> | 2008-02-01 14:24:31 -0500 |
| commit | 2fffc9a1b1fe2a1490e867bb38462e50c282d2b3 (patch) | |
| tree | 428e09c9b35138db8b7ca7161c659a71aa129d29 /source3/rpc_server | |
| parent | 93a3c5b3f9927973b4ad1496f593ea147052d1e1 (diff) | |
| parent | b708005a7106db26d7df689b887b419c9f2ea41c (diff) | |
| download | samba-2fffc9a1b1fe2a1490e867bb38462e50c282d2b3.tar.gz samba-2fffc9a1b1fe2a1490e867bb38462e50c282d2b3.tar.bz2 samba-2fffc9a1b1fe2a1490e867bb38462e50c282d2b3.zip | |
Merge branch 'v3-2-test' of ssh://git.samba.org/data/git/samba into v3-2-test
(This used to be commit 7dbfc7bdc65314466a83e8121b35c9bcb24b2631)
Diffstat (limited to 'source3/rpc_server')
| -rw-r--r-- | source3/rpc_server/srv_dfs_nt.c | 4 | ||||
| -rw-r--r-- | source3/rpc_server/srv_dssetup_nt.c | 220 | ||||
| -rw-r--r-- | source3/rpc_server/srv_eventlog_lib.c | 8 | ||||
| -rw-r--r-- | source3/rpc_server/srv_eventlog_nt.c | 46 | ||||
| -rw-r--r-- | source3/rpc_server/srv_lsa_ds.c | 85 | ||||
| -rw-r--r-- | source3/rpc_server/srv_lsa_ds_nt.c | 130 | ||||
| -rw-r--r-- | source3/rpc_server/srv_lsa_nt.c | 6 | ||||
| -rw-r--r-- | source3/rpc_server/srv_netlog.c | 40 | ||||
| -rw-r--r-- | source3/rpc_server/srv_netlog_nt.c | 494 | ||||
| -rw-r--r-- | source3/rpc_server/srv_pipe.c | 6 | ||||
| -rw-r--r-- | source3/rpc_server/srv_samr.c | 297 | ||||
| -rw-r--r-- | source3/rpc_server/srv_samr_nt.c | 854 | ||||
| -rw-r--r-- | source3/rpc_server/srv_samr_util.c | 12 | ||||
| -rw-r--r-- | source3/rpc_server/srv_srvsvc_nt.c | 44 | ||||
| -rw-r--r-- | source3/rpc_server/srv_svcctl_nt.c | 34 | ||||
| -rw-r--r-- | source3/rpc_server/srv_winreg_nt.c | 14 | ||||
| -rw-r--r-- | source3/rpc_server/srv_wkssvc_nt.c | 68 |
17 files changed, 1589 insertions, 773 deletions
diff --git a/source3/rpc_server/srv_dfs_nt.c b/source3/rpc_server/srv_dfs_nt.c index 8a1cdedb4f..29538a304f 100644 --- a/source3/rpc_server/srv_dfs_nt.c +++ b/source3/rpc_server/srv_dfs_nt.c @@ -34,7 +34,7 @@ void _dfs_GetManagerVersion(pipes_struct *p, struct dfs_GetManagerVersion *r) if (lp_host_msdfs()) { *r->out.version = DFS_MANAGER_VERSION_NT4; } else { - *r->out.version = 0; + *r->out.version = (enum dfs_ManagerVersion)0; } } @@ -133,10 +133,10 @@ WERROR _dfs_Remove(pipes_struct *p, struct dfs_Remove *r) altpath = talloc_asprintf(ctx, "%s\\%s", r->in.servername, r->in.sharename); - strlower_m(altpath); if (!altpath) { return WERR_NOMEM; } + strlower_m(altpath); DEBUG(5,("init_reply_dfs_remove: Request to remove %s -> %s\\%s.\n", r->in.dfs_entry_path, r->in.servername, r->in.sharename)); } diff --git a/source3/rpc_server/srv_dssetup_nt.c b/source3/rpc_server/srv_dssetup_nt.c new file mode 100644 index 0000000000..ea535a3375 --- /dev/null +++ b/source3/rpc_server/srv_dssetup_nt.c @@ -0,0 +1,220 @@ +/* + * Unix SMB/CIFS implementation. + * RPC Pipe client / server routines + * Copyright (C) Andrew Tridgell 1992-1997. + * Copyright (C) Luke Kenneth Casson Leighton 1996-1997. + * Copyright (C) Paul Ashton 1997. + * Copyright (C) Jeremy Allison 2001. + * Copyright (C) Gerald Carter 2002. + * Copyright (C) Guenther Deschner 2008. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#include "includes.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + +/******************************************************************** + Fill in a dssetup_DsRolePrimaryDomInfoBasic structure + ********************************************************************/ + +static WERROR fill_dsrole_dominfo_basic(TALLOC_CTX *ctx, + struct dssetup_DsRolePrimaryDomInfoBasic **info) +{ + struct dssetup_DsRolePrimaryDomInfoBasic *basic = NULL; + fstring dnsdomain; + + DEBUG(10,("fill_dsrole_dominfo_basic: enter\n")); + + basic = TALLOC_ZERO_P(ctx, struct dssetup_DsRolePrimaryDomInfoBasic); + if (!basic) { + DEBUG(0,("fill_dsrole_dominfo_basic: out of memory\n")); + return WERR_NOMEM; + } + + switch (lp_server_role()) { + case ROLE_STANDALONE: + basic->role = DS_ROLE_STANDALONE_SERVER; + basic->domain = get_global_sam_name(); + break; + case ROLE_DOMAIN_MEMBER: + basic->role = DS_ROLE_MEMBER_SERVER; + basic->domain = lp_workgroup(); + break; + case ROLE_DOMAIN_BDC: + basic->role = DS_ROLE_BACKUP_DC; + basic->domain = get_global_sam_name(); + break; + case ROLE_DOMAIN_PDC: + basic->role = DS_ROLE_PRIMARY_DC; + basic->domain = get_global_sam_name(); + break; + } + + if (secrets_fetch_domain_guid(lp_workgroup(), &basic->domain_guid)) { + basic->flags |= DS_ROLE_PRIMARY_DOMAIN_GUID_PRESENT; + } + + /* fill in some additional fields if we are a member of an AD domain */ + + if (lp_security() == SEC_ADS) { + fstrcpy(dnsdomain, lp_realm()); + strlower_m(dnsdomain); + basic->dns_domain = dnsdomain; + + /* FIXME!! We really should fill in the correct forest + name. Should get this information from winbindd. */ + basic->forest = dnsdomain; + } else { + /* security = domain should not fill in the dns or + forest name */ + basic->dns_domain = NULL; + basic->forest = NULL; + } + + *info = basic; + + return WERR_OK; +} + +/******************************************************************** + Implement the _dssetup_DsRoleGetPrimaryDomainInformation() call + ********************************************************************/ + +WERROR _dssetup_DsRoleGetPrimaryDomainInformation(pipes_struct *p, + struct dssetup_DsRoleGetPrimaryDomainInformation *r) +{ + WERROR werr = WERR_OK; + + switch (r->in.level) { + + case DS_ROLE_BASIC_INFORMATION: { + struct dssetup_DsRolePrimaryDomInfoBasic *basic = NULL; + werr = fill_dsrole_dominfo_basic(p->mem_ctx, &basic); + if (W_ERROR_IS_OK(werr)) { + r->out.info->basic = *basic; + } + break; + } + default: + DEBUG(0,("_dssetup_DsRoleGetPrimaryDomainInformation: " + "Unknown info level [%d]!\n", r->in.level)); + werr = WERR_UNKNOWN_LEVEL; + } + + return werr; +} + +/**************************************************************** +****************************************************************/ + +WERROR _dssetup_DsRoleDnsNameToFlatName(pipes_struct *p, + struct dssetup_DsRoleDnsNameToFlatName *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _dssetup_DsRoleDcAsDc(pipes_struct *p, + struct dssetup_DsRoleDcAsDc *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _dssetup_DsRoleDcAsReplica(pipes_struct *p, + struct dssetup_DsRoleDcAsReplica *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _dssetup_DsRoleDemoteDc(pipes_struct *p, + struct dssetup_DsRoleDemoteDc *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _dssetup_DsRoleGetDcOperationProgress(pipes_struct *p, + struct dssetup_DsRoleGetDcOperationProgress *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _dssetup_DsRoleGetDcOperationResults(pipes_struct *p, + struct dssetup_DsRoleGetDcOperationResults *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _dssetup_DsRoleCancel(pipes_struct *p, + struct dssetup_DsRoleCancel *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _dssetup_DsRoleServerSaveStateForUpgrade(pipes_struct *p, + struct dssetup_DsRoleServerSaveStateForUpgrade *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _dssetup_DsRoleUpgradeDownlevelServer(pipes_struct *p, + struct dssetup_DsRoleUpgradeDownlevelServer *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _dssetup_DsRoleAbortDownlevelServerUpgrade(pipes_struct *p, + struct dssetup_DsRoleAbortDownlevelServerUpgrade *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + diff --git a/source3/rpc_server/srv_eventlog_lib.c b/source3/rpc_server/srv_eventlog_lib.c index 4e996ee19b..269e2f318e 100644 --- a/source3/rpc_server/srv_eventlog_lib.c +++ b/source3/rpc_server/srv_eventlog_lib.c @@ -140,15 +140,14 @@ int elog_tdb_size( TDB_CONTEXT * tdb, int *MaxSize, int *Retention ) return True if we made enough room to accommodate needed bytes ********************************************************************/ -bool make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, - bool whack_by_date ) +static bool make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, + bool whack_by_date ) { int start_record, i, new_start; int end_record; int nbytes, reclen, len, Retention, MaxSize; int tresv1, trecnum, timegen, timewr; TDB_DATA key, ret; - TALLOC_CTX *mem_ctx = NULL; time_t current_time, exp_time; /* discard some eventlogs */ @@ -156,10 +155,7 @@ bool make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32 needed, /* read eventlogs from oldest_entry -- there can't be any discontinuity in recnos, although records not necessarily guaranteed to have successive times */ /* */ - mem_ctx = talloc_init( "make_way_for_eventlogs" ); /* Homage to BPG */ - if ( mem_ctx == NULL ) - return False; /* can't allocate memory indicates bigger problems */ /* lock */ tdb_lock_bystring_with_timeout( the_tdb, EVT_NEXT_RECORD, 1 ); /* read */ diff --git a/source3/rpc_server/srv_eventlog_nt.c b/source3/rpc_server/srv_eventlog_nt.c index 3c9c835bad..7af8219a3e 100644 --- a/source3/rpc_server/srv_eventlog_nt.c +++ b/source3/rpc_server/srv_eventlog_nt.c @@ -423,12 +423,12 @@ static bool sync_eventlog_params( EVENTLOG_INFO *info ) char *path = NULL; uint32 uiMaxSize; uint32 uiRetention; - REGISTRY_KEY *keyinfo; - REGISTRY_VALUE *val; - REGVAL_CTR *values; + struct registry_key *key; + struct registry_value *value; WERROR wresult; char *elogname = info->logname; TALLOC_CTX *ctx = talloc_tos(); + bool ret = false; DEBUG( 4, ( "sync_eventlog_params with %s\n", elogname ) ); @@ -451,36 +451,42 @@ static bool sync_eventlog_params( EVENTLOG_INFO *info ) return false; } - wresult = regkey_open_internal( NULL, &keyinfo, path, - get_root_nt_token( ), REG_KEY_READ ); + wresult = reg_open_path(ctx, path, REG_KEY_READ, get_root_nt_token(), + &key); if ( !W_ERROR_IS_OK( wresult ) ) { DEBUG( 4, ( "sync_eventlog_params: Failed to open key [%s] (%s)\n", path, dos_errstr( wresult ) ) ); - return False; + return false; } - if ( !( values = TALLOC_ZERO_P( keyinfo, REGVAL_CTR ) ) ) { - TALLOC_FREE( keyinfo ); - DEBUG( 0, ( "control_eventlog_hook: talloc() failed!\n" ) ); - - return False; + wresult = reg_queryvalue(key, key, "Retention", &value); + if (!W_ERROR_IS_OK(wresult)) { + DEBUG(4, ("Failed to query value \"Retention\": %s\n", + dos_errstr(wresult))); + ret = false; + goto done; } - fetch_reg_values( keyinfo, values ); - - if ( ( val = regval_ctr_getvalue( values, "Retention" ) ) != NULL ) - uiRetention = IVAL( regval_data_p( val ), 0 ); + uiRetention = value->v.dword; - if ( ( val = regval_ctr_getvalue( values, "MaxSize" ) ) != NULL ) - uiMaxSize = IVAL( regval_data_p( val ), 0 ); - - TALLOC_FREE( keyinfo ); + wresult = reg_queryvalue(key, key, "MaxSize", &value); + if (!W_ERROR_IS_OK(wresult)) { + DEBUG(4, ("Failed to query value \"MaxSize\": %s\n", + dos_errstr(wresult))); + ret = false; + goto done; + } + uiMaxSize = value->v.dword; tdb_store_int32( ELOG_TDB_CTX(info->etdb), EVT_MAXSIZE, uiMaxSize ); tdb_store_int32( ELOG_TDB_CTX(info->etdb), EVT_RETENTION, uiRetention ); - return True; + ret = true; + +done: + TALLOC_FREE(ctx); + return ret; } /******************************************************************** diff --git a/source3/rpc_server/srv_lsa_ds.c b/source3/rpc_server/srv_lsa_ds.c deleted file mode 100644 index 55baa40261..0000000000 --- a/source3/rpc_server/srv_lsa_ds.c +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * RPC Pipe client / server routines - * Copyright (C) Gerald Carter 2003 - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see <http://www.gnu.org/licenses/>. - */ - -/* This is the interface for the registry functions. */ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_RPC_SRV - -/******************************************************************* - ********************************************************************/ - -static bool api_dsrole_get_primary_dominfo(pipes_struct *p) -{ - DS_Q_GETPRIMDOMINFO q_u; - DS_R_GETPRIMDOMINFO r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the request */ - if ( !ds_io_q_getprimdominfo("", &q_u, data, 0) ) - return False; - - /* construct reply. */ - r_u.status = _dsrole_get_primary_dominfo( p, &q_u, &r_u ); - - if ( !ds_io_r_getprimdominfo("", &r_u, rdata, 0) ) - return False; - - return True; -} - -/******************************************************************* - stub functions for unimplemented RPC -*******************************************************************/ - -static bool api_dsrole_stub( pipes_struct *p ) -{ - DEBUG(0,("api_dsrole_stub: Hmmm....didn't know this RPC existed...\n")); - - return False; -} - - -/******************************************************************* - array of \PIPE\lsass (new windows 2000 UUID) operations -********************************************************************/ -static struct api_struct api_lsa_ds_cmds[] = { - { "DS_NOP", DS_NOP, api_dsrole_stub }, - { "DS_GETPRIMDOMINFO", DS_GETPRIMDOMINFO, api_dsrole_get_primary_dominfo } - -}; - -void lsa_ds_get_pipe_fns( struct api_struct **fns, int *n_fns ) -{ - *fns = api_lsa_ds_cmds; - *n_fns = sizeof(api_lsa_ds_cmds) / sizeof(struct api_struct); -} - - -NTSTATUS rpc_lsa_ds_init(void) -{ - return rpc_pipe_register_commands(SMB_RPC_INTERFACE_VERSION, "lsa_ds", "lsa_ds", api_lsa_ds_cmds, - sizeof(api_lsa_ds_cmds) / sizeof(struct api_struct)); -} diff --git a/source3/rpc_server/srv_lsa_ds_nt.c b/source3/rpc_server/srv_lsa_ds_nt.c deleted file mode 100644 index 994b3cccca..0000000000 --- a/source3/rpc_server/srv_lsa_ds_nt.c +++ /dev/null @@ -1,130 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * RPC Pipe client / server routines - * Copyright (C) Andrew Tridgell 1992-1997. - * Copyright (C) Luke Kenneth Casson Leighton 1996-1997. - * Copyright (C) Paul Ashton 1997. - * Copyright (C) Jeremy Allison 2001. - * Copyright (C) Gerald Carter 2002. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see <http://www.gnu.org/licenses/>. - */ - -/* Implementation of registry functions. */ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_RPC_SRV - -/******************************************************************** - Fill in a DS_DOMINFO_CTR structure - ********************************************************************/ - -static NTSTATUS fill_dsrole_dominfo_basic(TALLOC_CTX *ctx, DSROLE_PRIMARY_DOMAIN_INFO_BASIC **info) -{ - DSROLE_PRIMARY_DOMAIN_INFO_BASIC *basic; - const char *netbios_domain = ""; - fstring dnsdomain; - - DEBUG(10,("fill_dsrole_dominfo_basic: enter\n")); - - if ( !(basic = TALLOC_ZERO_P(ctx, DSROLE_PRIMARY_DOMAIN_INFO_BASIC)) ) { - DEBUG(0,("fill_dsrole_dominfo_basic: FATAL error! talloc_xero() failed\n")); - return NT_STATUS_NO_MEMORY; - } - - switch ( lp_server_role() ) { - case ROLE_STANDALONE: - basic->machine_role = DSROLE_STANDALONE_SRV; - basic->netbios_ptr = 1; - netbios_domain = get_global_sam_name(); - break; - case ROLE_DOMAIN_MEMBER: - basic->netbios_ptr = 1; - netbios_domain = lp_workgroup(); - basic->machine_role = DSROLE_DOMAIN_MEMBER_SRV; - break; - case ROLE_DOMAIN_BDC: - basic->netbios_ptr = 1; - netbios_domain = get_global_sam_name(); - basic->machine_role = DSROLE_BDC; - break; - case ROLE_DOMAIN_PDC: - basic->netbios_ptr = 1; - netbios_domain = get_global_sam_name(); - basic->machine_role = DSROLE_PDC; - break; - } - - /* always set netbios name */ - - init_unistr2( &basic->netbios_domain, netbios_domain, UNI_STR_TERMINATE); - - if ( secrets_fetch_domain_guid( lp_workgroup(), &basic->domain_guid ) ) - basic->flags |= DSROLE_PRIMARY_DOMAIN_GUID_PRESENT; - - /* fill in some additional fields if we are a member of an AD domain */ - - if ( lp_security() == SEC_ADS ) { - fstrcpy( dnsdomain, lp_realm() ); - strlower_m( dnsdomain ); - - basic->dnsname_ptr = 1; - init_unistr2( &basic->dns_domain, dnsdomain, UNI_STR_TERMINATE); - - /* FIXME!! We really should fill in the correct forest - name. Should get this information from winbindd. */ - basic->forestname_ptr = 1; - init_unistr2( &basic->forest_domain, dnsdomain, UNI_STR_TERMINATE); - } else { - /* security = domain should not fill in the dns or - forest name */ - basic->dnsname_ptr = 0; - basic->forestname_ptr = 0; - } - - *info = basic; - - return NT_STATUS_OK; -} - -/******************************************************************** - Implement the DsroleGetPrimaryDomainInfo() call - ********************************************************************/ - -NTSTATUS _dsrole_get_primary_dominfo(pipes_struct *p, DS_Q_GETPRIMDOMINFO *q_u, DS_R_GETPRIMDOMINFO *r_u) -{ - NTSTATUS result = NT_STATUS_OK; - uint32 level = q_u->level; - - switch ( level ) { - - case DsRolePrimaryDomainInfoBasic: - r_u->level = DsRolePrimaryDomainInfoBasic; - r_u->ptr = 1; - result = fill_dsrole_dominfo_basic( p->mem_ctx, &r_u->info.basic ); - break; - - default: - DEBUG(0,("_dsrole_get_primary_dominfo: Unsupported info level [%d]!\n", - level)); - result = NT_STATUS_INVALID_LEVEL; - } - - return result; -} - - - diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index a289196f5f..20cafbd0af 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -463,7 +463,9 @@ static NTSTATUS lsa_get_generic_sd(TALLOC_CTX *mem_ctx, SEC_DESC **sd, size_t *s if((psa = make_sec_acl(mem_ctx, NT4_ACL_REVISION, 3, ace)) == NULL) return NT_STATUS_NO_MEMORY; - if((*sd = make_sec_desc(mem_ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, &adm_sid, NULL, NULL, psa, sd_size)) == NULL) + if((*sd = make_sec_desc(mem_ctx, SECURITY_DESCRIPTOR_REVISION_1, + SEC_DESC_SELF_RELATIVE, &adm_sid, NULL, NULL, + psa, sd_size)) == NULL) return NT_STATUS_NO_MEMORY; return NT_STATUS_OK; @@ -2581,7 +2583,7 @@ NTSTATUS _lsa_LSARUNREGISTERAUDITEVENT(pipes_struct *p, struct lsa_LSARUNREGISTE return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS _lsa_LSARQUERYFORESTTRUSTINFORMATION(pipes_struct *p, struct lsa_LSARQUERYFORESTTRUSTINFORMATION *r) +NTSTATUS _lsa_lsaRQueryForestTrustInformation(pipes_struct *p, struct lsa_lsaRQueryForestTrustInformation *r) { p->rng_fault_state = True; return NT_STATUS_NOT_IMPLEMENTED; diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c index 6d9859a9ae..30ef02bee8 100644 --- a/source3/rpc_server/srv_netlog.c +++ b/source3/rpc_server/srv_netlog.c @@ -335,43 +335,6 @@ static bool api_net_sam_logon_ex(pipes_struct *p) return True; } - -/************************************************************************* - api_ds_enum_dom_trusts: - *************************************************************************/ - -#if 0 /* JERRY */ -static bool api_ds_enum_dom_trusts(pipes_struct *p) -{ - DS_Q_ENUM_DOM_TRUSTS q_u; - DS_R_ENUM_DOM_TRUSTS r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - DEBUG(6,("api_ds_enum_dom_trusts\n")); - - if ( !ds_io_q_enum_domain_trusts("", data, 0, &q_u) ) { - DEBUG(0,("api_ds_enum_domain_trusts: Failed to unmarshall DS_Q_ENUM_DOM_TRUSTS.\n")); - return False; - } - - r_u.status = _ds_enum_dom_trusts(p, &q_u, &r_u); - - if ( !ds_io_r_enum_domain_trusts("", rdata, 0, &r_u) ) { - DEBUG(0,("api_ds_enum_domain_trusts: Failed to marshall DS_R_ENUM_DOM_TRUSTS.\n")); - return False; - } - - DEBUG(6,("api_ds_enum_dom_trusts\n")); - - return True; -} -#endif /* JERRY */ - /******************************************************************* array of \PIPE\NETLOGON operations ********************************************************************/ @@ -387,9 +350,6 @@ static struct api_struct api_net_cmds [] = { "NET_TRUST_DOM_LIST", NET_TRUST_DOM_LIST, api_net_trust_dom_list }, { "NET_LOGON_CTRL" , NET_LOGON_CTRL , api_net_logon_ctrl }, { "NET_SAMLOGON_EX" , NET_SAMLOGON_EX , api_net_sam_logon_ex }, -#if 0 /* JERRY */ - { "DS_ENUM_DOM_TRUSTS", DS_ENUM_DOM_TRUSTS, api_ds_enum_dom_trusts } -#endif /* JERRY */ }; void netlog_get_pipe_fns( struct api_struct **fns, int *n_fns ) diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index 218ce73444..3a7075ecd6 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -43,14 +43,6 @@ static void init_net_r_req_chal(NET_R_REQ_CHAL *r_c, } /************************************************************************* - error messages cropping up when using nltest.exe... - *************************************************************************/ - -#define ERROR_NO_SUCH_DOMAIN 0x54b -#define ERROR_NO_LOGON_SERVERS 0x51f -#define NO_ERROR 0x0 - -/************************************************************************* net_reply_logon_ctrl: *************************************************************************/ @@ -97,7 +89,7 @@ NTSTATUS _net_logon_ctrl2(pipes_struct *p, NET_Q_LOGON_CTRL2 *q_u, NET_R_LOGON_C r_u->status = NT_STATUS_OK; - tc_status = ERROR_NO_SUCH_DOMAIN; + tc_status = W_ERROR_V(WERR_NO_SUCH_DOMAIN); fstrcpy( dc_name, "" ); switch ( q_u->function_code ) { @@ -108,13 +100,13 @@ NTSTATUS _net_logon_ctrl2(pipes_struct *p, NET_Q_LOGON_CTRL2 *q_u, NET_R_LOGON_C break; if ( !get_dc_name( domain, NULL, dc_name2, &dc_ss ) ) { - tc_status = ERROR_NO_LOGON_SERVERS; + tc_status = W_ERROR_V(WERR_NO_LOGON_SERVERS); break; } fstr_sprintf( dc_name, "\\\\%s", dc_name2 ); - tc_status = NO_ERROR; + tc_status = W_ERROR_V(WERR_OK); break; @@ -125,13 +117,13 @@ NTSTATUS _net_logon_ctrl2(pipes_struct *p, NET_Q_LOGON_CTRL2 *q_u, NET_R_LOGON_C break; if ( !get_dc_name( domain, NULL, dc_name2, &dc_ss ) ) { - tc_status = ERROR_NO_LOGON_SERVERS; + tc_status = W_ERROR_V(WERR_NO_LOGON_SERVERS); break; } fstr_sprintf( dc_name, "\\\\%s", dc_name2 ); - tc_status = NO_ERROR; + tc_status = W_ERROR_V(WERR_OK); break; @@ -1062,7 +1054,7 @@ static NTSTATUS _net_sam_logon_internal(pipes_struct *p, 0, /* bad_pw_count */ num_gids, /* uint32 num_groups */ gids , /* DOM_GID *gids */ - LOGON_EXTRA_SIDS, /* uint32 user_flgs (?) */ + NETLOGON_EXTRA_SIDS, /* uint32 user_flgs (?) */ pdb_get_acct_ctrl(sampw), server_info->user_session_key.length ? user_session_key : NULL, server_info->lm_session_key.length ? lm_session_key : NULL, @@ -1130,7 +1122,7 @@ NTSTATUS _net_sam_logon_ex(pipes_struct *p, NET_Q_SAM_LOGON_EX *q_u, NET_R_SAM_L _ds_enum_dom_trusts *************************************************************************/ #if 0 /* JERRY -- not correct */ -NTSTATUS _ds_enum_dom_trusts(pipes_struct *p, DS_Q_ENUM_DOM_TRUSTS *q_u, + NTSTATUS _ds_enum_dom_trusts(pipes_struct *p, DS_Q_ENUM_DOM_TRUSTS *q_u, DS_R_ENUM_DOM_TRUSTS *r_u) { NTSTATUS status = NT_STATUS_OK; @@ -1144,3 +1136,475 @@ NTSTATUS _ds_enum_dom_trusts(pipes_struct *p, DS_Q_ENUM_DOM_TRUSTS *q_u, return status; } #endif /* JERRY */ + + +/**************************************************************** +****************************************************************/ + +WERROR _netr_LogonUasLogon(pipes_struct *p, + struct netr_LogonUasLogon *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_LogonUasLogoff(pipes_struct *p, + struct netr_LogonUasLogoff *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _netr_LogonSamLogon(pipes_struct *p, + struct netr_LogonSamLogon *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _netr_LogonSamLogoff(pipes_struct *p, + struct netr_LogonSamLogoff *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _netr_ServerReqChallenge(pipes_struct *p, + struct netr_ServerReqChallenge *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _netr_ServerAuthenticate(pipes_struct *p, + struct netr_ServerAuthenticate *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _netr_ServerPasswordSet(pipes_struct *p, + struct netr_ServerPasswordSet *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _netr_DatabaseDeltas(pipes_struct *p, + struct netr_DatabaseDeltas *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _netr_DatabaseSync(pipes_struct *p, + struct netr_DatabaseSync *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _netr_AccountDeltas(pipes_struct *p, + struct netr_AccountDeltas *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _netr_AccountSync(pipes_struct *p, + struct netr_AccountSync *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_LogonControl(pipes_struct *p, + struct netr_LogonControl *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_GetDcName(pipes_struct *p, + struct netr_GetDcName *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_GetAnyDCName(pipes_struct *p, + struct netr_GetAnyDCName *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_LogonControl2(pipes_struct *p, + struct netr_LogonControl2 *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _netr_ServerAuthenticate2(pipes_struct *p, + struct netr_ServerAuthenticate2 *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _netr_DatabaseSync2(pipes_struct *p, + struct netr_DatabaseSync2 *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _netr_DatabaseRedo(pipes_struct *p, + struct netr_DatabaseRedo *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_LogonControl2Ex(pipes_struct *p, + struct netr_LogonControl2Ex *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_NetrEnumerateTrustedDomains(pipes_struct *p, + struct netr_NetrEnumerateTrustedDomains *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_DsRGetDCName(pipes_struct *p, + struct netr_DsRGetDCName *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_NETRLOGONDUMMYROUTINE1(pipes_struct *p, + struct netr_NETRLOGONDUMMYROUTINE1 *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_NETRLOGONSETSERVICEBITS(pipes_struct *p, + struct netr_NETRLOGONSETSERVICEBITS *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_LogonGetTrustRid(pipes_struct *p, + struct netr_LogonGetTrustRid *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_NETRLOGONCOMPUTESERVERDIGEST(pipes_struct *p, + struct netr_NETRLOGONCOMPUTESERVERDIGEST *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_NETRLOGONCOMPUTECLIENTDIGEST(pipes_struct *p, + struct netr_NETRLOGONCOMPUTECLIENTDIGEST *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _netr_ServerAuthenticate3(pipes_struct *p, + struct netr_ServerAuthenticate3 *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_DsRGetDCNameEx(pipes_struct *p, + struct netr_DsRGetDCNameEx *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_DsRGetSiteName(pipes_struct *p, + struct netr_DsRGetSiteName *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _netr_LogonGetDomainInfo(pipes_struct *p, + struct netr_LogonGetDomainInfo *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _netr_ServerPasswordSet2(pipes_struct *p, + struct netr_ServerPasswordSet2 *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_ServerPasswordGet(pipes_struct *p, + struct netr_ServerPasswordGet *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_NETRLOGONSENDTOSAM(pipes_struct *p, + struct netr_NETRLOGONSENDTOSAM *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_DsRAddressToSitenamesW(pipes_struct *p, + struct netr_DsRAddressToSitenamesW *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_DsRGetDCNameEx2(pipes_struct *p, + struct netr_DsRGetDCNameEx2 *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN(pipes_struct *p, + struct netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_NetrEnumerateTrustedDomainsEx(pipes_struct *p, + struct netr_NetrEnumerateTrustedDomainsEx *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_DsRAddressToSitenamesExW(pipes_struct *p, + struct netr_DsRAddressToSitenamesExW *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_DsrGetDcSiteCoverageW(pipes_struct *p, + struct netr_DsrGetDcSiteCoverageW *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _netr_LogonSamLogonEx(pipes_struct *p, + struct netr_LogonSamLogonEx *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_DsrEnumerateDomainTrusts(pipes_struct *p, + struct netr_DsrEnumerateDomainTrusts *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_DsrDeregisterDNSHostRecords(pipes_struct *p, + struct netr_DsrDeregisterDNSHostRecords *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _netr_ServerTrustPasswordsGet(pipes_struct *p, + struct netr_ServerTrustPasswordsGet *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_DsRGetForestTrustInformation(pipes_struct *p, + struct netr_DsRGetForestTrustInformation *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_GetForestTrustInformation(pipes_struct *p, + struct netr_GetForestTrustInformation *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _netr_LogonSamLogonWithFlags(pipes_struct *p, + struct netr_LogonSamLogonWithFlags *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _netr_NETRSERVERGETTRUSTINFO(pipes_struct *p, + struct netr_NETRSERVERGETTRUSTINFO *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index 5ede0c93f4..8c7c43f686 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -2363,11 +2363,11 @@ void get_pipe_fns( int idx, struct api_struct **fns, int *n_fns ) case PI_LSARPC: lsa_get_pipe_fns( &cmds, &n_cmds ); break; - case PI_LSARPC_DS: - lsa_ds_get_pipe_fns( &cmds, &n_cmds ); + case PI_DSSETUP: + dssetup_get_pipe_fns( &cmds, &n_cmds ); break; case PI_SAMR: - samr_get_pipe_fns( &cmds, &n_cmds ); + samr2_get_pipe_fns( &cmds, &n_cmds ); break; case PI_NETLOGON: netlog_get_pipe_fns( &cmds, &n_cmds ); diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c index a1deac083d..f2e6f79d8c 100644 --- a/source3/rpc_server/srv_samr.c +++ b/source3/rpc_server/srv_samr.c @@ -36,64 +36,42 @@ #define DBGC_CLASS DBGC_RPC_SRV /******************************************************************* - api_samr_close_hnd ********************************************************************/ -static bool api_samr_close_hnd(pipes_struct *p) +static bool proxy_samr_call(pipes_struct *p, uint8 opnum) { - SAMR_Q_CLOSE_HND q_u; - SAMR_R_CLOSE_HND r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; + struct api_struct *fns; + int n_fns; - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); + samr_get_pipe_fns(&fns, &n_fns); - if(!samr_io_q_close_hnd("", &q_u, data, 0)) { - DEBUG(0,("api_samr_close_hnd: unable to unmarshall SAMR_Q_CLOSE_HND.\n")); - return False; + if (opnum >= n_fns) { + return false; } - r_u.status = _samr_close_hnd(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!samr_io_r_close_hnd("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_close_hnd: unable to marshall SAMR_R_CLOSE_HND.\n")); - return False; + if (fns[opnum].opnum != opnum) { + smb_panic("SAMR function table not sorted"); } - return True; + return fns[opnum].fn(p); } /******************************************************************* - api_samr_open_domain + api_samr_close_hnd ********************************************************************/ -static bool api_samr_open_domain(pipes_struct *p) +static bool api_samr_close_hnd(pipes_struct *p) { - SAMR_Q_OPEN_DOMAIN q_u; - SAMR_R_OPEN_DOMAIN r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!samr_io_q_open_domain("", &q_u, data, 0)) { - DEBUG(0,("api_samr_open_domain: unable to unmarshall SAMR_Q_OPEN_DOMAIN.\n")); - return False; - } - - r_u.status = _samr_open_domain(p, &q_u, &r_u); + return proxy_samr_call(p, NDR_SAMR_CLOSE); +} - /* store the response in the SMB stream */ - if(!samr_io_r_open_domain("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_open_domain: unable to marshall SAMR_R_OPEN_DOMAIN.\n")); - return False; - } +/******************************************************************* + api_samr_open_domain + ********************************************************************/ - return True; +static bool api_samr_open_domain(pipes_struct *p) +{ + return proxy_samr_call(p, NDR_SAMR_OPENDOMAIN); } /******************************************************************* @@ -439,28 +417,7 @@ static bool api_samr_lookup_rids(pipes_struct *p) static bool api_samr_open_user(pipes_struct *p) { - SAMR_Q_OPEN_USER q_u; - SAMR_R_OPEN_USER r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!samr_io_q_open_user("", &q_u, data, 0)) { - DEBUG(0,("api_samr_open_user: unable to unmarshall SAMR_Q_OPEN_USER.\n")); - return False; - } - - r_u.status = _samr_open_user(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!samr_io_r_open_user("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_open_user: unable to marshall SAMR_R_OPEN_USER.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_OPENUSER); } /******************************************************************* @@ -559,30 +516,7 @@ static bool api_samr_query_domain_info(pipes_struct *p) static bool api_samr_create_user(pipes_struct *p) { - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - SAMR_Q_CREATE_USER q_u; - SAMR_R_CREATE_USER r_u; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the samr create user */ - if (!samr_io_q_create_user("", &q_u, data, 0)) { - DEBUG(0,("api_samr_create_user: Unable to unmarshall SAMR_Q_CREATE_USER.\n")); - return False; - } - - r_u.status=_samr_create_user(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!samr_io_r_create_user("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_create_user: Unable to marshall SAMR_R_CREATE_USER.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_CREATEUSER2); } /******************************************************************* @@ -804,29 +738,7 @@ static bool api_samr_enum_domains(pipes_struct *p) static bool api_samr_open_alias(pipes_struct *p) { - SAMR_Q_OPEN_ALIAS q_u; - SAMR_R_OPEN_ALIAS r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the samr open policy */ - if(!samr_io_q_open_alias("", &q_u, data, 0)) { - DEBUG(0,("api_samr_open_alias: Unable to unmarshall SAMR_Q_OPEN_ALIAS.\n")); - return False; - } - - r_u.status=_samr_open_alias(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!samr_io_r_open_alias("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_open_alias: Unable to marshall SAMR_R_OPEN_ALIAS.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_OPENALIAS); } /******************************************************************* @@ -1110,28 +1022,7 @@ static bool api_samr_del_groupmem(pipes_struct *p) static bool api_samr_delete_dom_user(pipes_struct *p) { - SAMR_Q_DELETE_DOM_USER q_u; - SAMR_R_DELETE_DOM_USER r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_delete_dom_user("", &q_u, data, 0)) { - DEBUG(0,("api_samr_delete_dom_user: unable to unmarshall SAMR_Q_DELETE_DOM_USER.\n")); - return False; - } - - r_u.status = _samr_delete_dom_user(p, &q_u, &r_u); - - if (!samr_io_r_delete_dom_user("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_delete_dom_user: unable to marshall SAMR_R_DELETE_DOM_USER.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_DELETEUSER); } /******************************************************************* @@ -1140,28 +1031,7 @@ static bool api_samr_delete_dom_user(pipes_struct *p) static bool api_samr_delete_dom_group(pipes_struct *p) { - SAMR_Q_DELETE_DOM_GROUP q_u; - SAMR_R_DELETE_DOM_GROUP r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_delete_dom_group("", &q_u, data, 0)) { - DEBUG(0,("api_samr_delete_dom_group: unable to unmarshall SAMR_Q_DELETE_DOM_GROUP.\n")); - return False; - } - - r_u.status = _samr_delete_dom_group(p, &q_u, &r_u); - - if (!samr_io_r_delete_dom_group("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_delete_dom_group: unable to marshall SAMR_R_DELETE_DOM_GROUP.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_DELETEDOMAINGROUP); } /******************************************************************* @@ -1170,28 +1040,7 @@ static bool api_samr_delete_dom_group(pipes_struct *p) static bool api_samr_delete_dom_alias(pipes_struct *p) { - SAMR_Q_DELETE_DOM_ALIAS q_u; - SAMR_R_DELETE_DOM_ALIAS r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_delete_dom_alias("", &q_u, data, 0)) { - DEBUG(0,("api_samr_delete_dom_alias: unable to unmarshall SAMR_Q_DELETE_DOM_ALIAS.\n")); - return False; - } - - r_u.status = _samr_delete_dom_alias(p, &q_u, &r_u); - - if (!samr_io_r_delete_dom_alias("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_delete_dom_alias: unable to marshall SAMR_R_DELETE_DOM_ALIAS.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_DELETEDOMALIAS); } /******************************************************************* @@ -1200,28 +1049,7 @@ static bool api_samr_delete_dom_alias(pipes_struct *p) static bool api_samr_create_dom_group(pipes_struct *p) { - SAMR_Q_CREATE_DOM_GROUP q_u; - SAMR_R_CREATE_DOM_GROUP r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_create_dom_group("", &q_u, data, 0)) { - DEBUG(0,("api_samr_create_dom_group: unable to unmarshall SAMR_Q_CREATE_DOM_GROUP.\n")); - return False; - } - - r_u.status = _samr_create_dom_group(p, &q_u, &r_u); - - if (!samr_io_r_create_dom_group("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_create_dom_group: unable to marshall SAMR_R_CREATE_DOM_GROUP.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_CREATEDOMAINGROUP); } /******************************************************************* @@ -1230,28 +1058,7 @@ static bool api_samr_create_dom_group(pipes_struct *p) static bool api_samr_create_dom_alias(pipes_struct *p) { - SAMR_Q_CREATE_DOM_ALIAS q_u; - SAMR_R_CREATE_DOM_ALIAS r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_create_dom_alias("", &q_u, data, 0)) { - DEBUG(0,("api_samr_create_dom_alias: unable to unmarshall SAMR_Q_CREATE_DOM_ALIAS.\n")); - return False; - } - - r_u.status = _samr_create_dom_alias(p, &q_u, &r_u); - - if (!samr_io_r_create_dom_alias("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_create_dom_alias: unable to marshall SAMR_R_CREATE_DOM_ALIAS.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_CREATEDOMALIAS); } /******************************************************************* @@ -1350,28 +1157,7 @@ static bool api_samr_set_aliasinfo(pipes_struct *p) static bool api_samr_get_dom_pwinfo(pipes_struct *p) { - SAMR_Q_GET_DOM_PWINFO q_u; - SAMR_R_GET_DOM_PWINFO r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_get_dom_pwinfo("", &q_u, data, 0)) { - DEBUG(0,("api_samr_get_dom_pwinfo: unable to unmarshall SAMR_Q_GET_DOM_PWINFO.\n")); - return False; - } - - r_u.status = _samr_get_dom_pwinfo(p, &q_u, &r_u); - - if (!samr_io_r_get_dom_pwinfo("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_get_dom_pwinfo: unable to marshall SAMR_R_GET_DOM_PWINFO.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_GETDOMPWINFO); } /******************************************************************* @@ -1380,28 +1166,7 @@ static bool api_samr_get_dom_pwinfo(pipes_struct *p) static bool api_samr_open_group(pipes_struct *p) { - SAMR_Q_OPEN_GROUP q_u; - SAMR_R_OPEN_GROUP r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_open_group("", &q_u, data, 0)) { - DEBUG(0,("api_samr_open_group: unable to unmarshall SAMR_Q_OPEN_GROUP.\n")); - return False; - } - - r_u.status = _samr_open_group(p, &q_u, &r_u); - - if (!samr_io_r_open_group("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_open_group: unable to marshall SAMR_R_OPEN_GROUP.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_OPENGROUP); } /******************************************************************* @@ -1557,14 +1322,14 @@ static struct api_struct api_samr_cmds [] = {"SAMR_CONNECT5" , SAMR_CONNECT5 , api_samr_connect5 } }; -void samr_get_pipe_fns( struct api_struct **fns, int *n_fns ) +void samr2_get_pipe_fns( struct api_struct **fns, int *n_fns ) { *fns = api_samr_cmds; *n_fns = sizeof(api_samr_cmds) / sizeof(struct api_struct); } -NTSTATUS rpc_samr_init(void) +NTSTATUS rpc_samr2_init(void) { return rpc_pipe_register_commands(SMB_RPC_INTERFACE_VERSION, "samr", "lsass", api_samr_cmds, sizeof(api_samr_cmds) / sizeof(struct api_struct)); diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index cc4b4f330f..3f2022c9ed 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -149,7 +149,9 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) == NULL) return NT_STATUS_NO_MEMORY; - if ((*psd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, psa, sd_size)) == NULL) + if ((*psd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1, + SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, + psa, sd_size)) == NULL) return NT_STATUS_NO_MEMORY; return NT_STATUS_OK; @@ -541,45 +543,42 @@ static uint32 count_sam_aliases(struct disp_info *info) } /******************************************************************* - _samr_close_hnd + _samr_Close ********************************************************************/ -NTSTATUS _samr_close_hnd(pipes_struct *p, SAMR_Q_CLOSE_HND *q_u, SAMR_R_CLOSE_HND *r_u) +NTSTATUS _samr_Close(pipes_struct *p, struct samr_Close *r) { - r_u->status = NT_STATUS_OK; - - /* close the policy handle */ - if (!close_policy_hnd(p, &q_u->pol)) - return NT_STATUS_OBJECT_NAME_INVALID; + if (!close_policy_hnd(p, r->in.handle)) { + return NT_STATUS_INVALID_HANDLE; + } - DEBUG(5,("samr_reply_close_hnd: %d\n", __LINE__)); + ZERO_STRUCTP(r->out.handle); - return r_u->status; + return NT_STATUS_OK; } /******************************************************************* - samr_reply_open_domain + _samr_OpenDomain ********************************************************************/ -NTSTATUS _samr_open_domain(pipes_struct *p, SAMR_Q_OPEN_DOMAIN *q_u, SAMR_R_OPEN_DOMAIN *r_u) +NTSTATUS _samr_OpenDomain(pipes_struct *p, + struct samr_OpenDomain *r) { struct samr_info *info; SEC_DESC *psd = NULL; uint32 acc_granted; - uint32 des_access = q_u->flags; + uint32 des_access = r->in.access_mask; NTSTATUS status; size_t sd_size; SE_PRIV se_rights; - r_u->status = NT_STATUS_OK; - /* find the connection policy handle. */ - if ( !find_policy_by_hnd(p, &q_u->pol, (void**)(void *)&info) ) + if ( !find_policy_by_hnd(p, r->in.connect_handle, (void**)(void *)&info) ) return NT_STATUS_INVALID_HANDLE; status = access_check_samr_function( info->acc_granted, - SA_RIGHT_SAM_OPEN_DOMAIN, "_samr_open_domain" ); + SA_RIGHT_SAM_OPEN_DOMAIN, "_samr_OpenDomain" ); if ( !NT_STATUS_IS_OK(status) ) return status; @@ -594,28 +593,28 @@ NTSTATUS _samr_open_domain(pipes_struct *p, SAMR_Q_OPEN_DOMAIN *q_u, SAMR_R_OPEN status = access_check_samr_object( psd, p->pipe_user.nt_user_token, &se_rights, GENERIC_RIGHTS_DOMAIN_WRITE, des_access, - &acc_granted, "_samr_open_domain" ); + &acc_granted, "_samr_OpenDomain" ); if ( !NT_STATUS_IS_OK(status) ) return status; - if (!sid_check_is_domain(&q_u->dom_sid.sid) && - !sid_check_is_builtin(&q_u->dom_sid.sid)) { + if (!sid_check_is_domain(r->in.sid) && + !sid_check_is_builtin(r->in.sid)) { return NT_STATUS_NO_SUCH_DOMAIN; } /* associate the domain SID with the (unique) handle. */ - if ((info = get_samr_info_by_sid(&q_u->dom_sid.sid))==NULL) + if ((info = get_samr_info_by_sid(r->in.sid))==NULL) return NT_STATUS_NO_MEMORY; info->acc_granted = acc_granted; /* get a (unique) handle. open a policy on it. */ - if (!create_policy_hnd(p, &r_u->domain_pol, free_samr_info, (void *)info)) + if (!create_policy_hnd(p, r->out.domain_handle, free_samr_info, (void *)info)) return NT_STATUS_OBJECT_NAME_NOT_FOUND; - DEBUG(5,("samr_open_domain: %d\n", __LINE__)); + DEBUG(5,("_samr_OpenDomain: %d\n", __LINE__)); - return r_u->status; + return NT_STATUS_OK; } /******************************************************************* @@ -1767,33 +1766,32 @@ NTSTATUS _samr_lookup_rids(pipes_struct *p, SAMR_Q_LOOKUP_RIDS *q_u, SAMR_R_LOOK } /******************************************************************* - _samr_open_user. Safe - gives out no passwd info. - ********************************************************************/ + _samr_OpenUser +********************************************************************/ -NTSTATUS _samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN_USER *r_u) +NTSTATUS _samr_OpenUser(pipes_struct *p, + struct samr_OpenUser *r) { struct samu *sampass=NULL; DOM_SID sid; - POLICY_HND domain_pol = q_u->domain_pol; - POLICY_HND *user_pol = &r_u->user_pol; + POLICY_HND domain_pol = *r->in.domain_handle; + POLICY_HND *user_pol = r->out.user_handle; struct samr_info *info = NULL; SEC_DESC *psd = NULL; uint32 acc_granted; - uint32 des_access = q_u->access_mask; + uint32 des_access = r->in.access_mask; size_t sd_size; bool ret; NTSTATUS nt_status; SE_PRIV se_rights; - r_u->status = NT_STATUS_OK; - /* find the domain policy handle and get domain SID / access bits in the domain policy. */ if ( !get_lsa_policy_samr_sid(p, &domain_pol, &sid, &acc_granted, NULL) ) return NT_STATUS_INVALID_HANDLE; nt_status = access_check_samr_function( acc_granted, - SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_open_user" ); + SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_OpenUser" ); if ( !NT_STATUS_IS_OK(nt_status) ) return nt_status; @@ -1804,7 +1802,7 @@ NTSTATUS _samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN_USE /* append the user's RID to it */ - if (!sid_append_rid(&sid, q_u->user_rid)) + if (!sid_append_rid(&sid, r->in.rid)) return NT_STATUS_NO_SUCH_USER; /* check if access can be granted as requested by client. */ @@ -1817,7 +1815,7 @@ NTSTATUS _samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN_USE nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, &se_rights, GENERIC_RIGHTS_USER_WRITE, des_access, - &acc_granted, "_samr_open_user"); + &acc_granted, "_samr_OpenUser"); if ( !NT_STATUS_IS_OK(nt_status) ) return nt_status; @@ -1842,7 +1840,7 @@ NTSTATUS _samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN_USE if (!create_policy_hnd(p, user_pol, free_samr_info, (void *)info)) return NT_STATUS_OBJECT_NAME_NOT_FOUND; - return r_u->status; + return NT_STATUS_OK; } /************************************************************************* @@ -2520,19 +2518,17 @@ static NTSTATUS can_create(TALLOC_CTX *mem_ctx, const char *new_name) } /******************************************************************* - _samr_create_user - Create an account, can be either a normal user or a machine. - This funcion will need to be updated for bdc/domain trusts. + _samr_CreateUser2 ********************************************************************/ -NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, - SAMR_R_CREATE_USER *r_u) +NTSTATUS _samr_CreateUser2(pipes_struct *p, + struct samr_CreateUser2 *r) { - char *account; + const char *account = NULL; DOM_SID sid; - POLICY_HND dom_pol = q_u->domain_pol; - uint16 acb_info = q_u->acb_info; - POLICY_HND *user_pol = &r_u->user_pol; + POLICY_HND dom_pol = *r->in.domain_handle; + uint32_t acb_info = r->in.acct_flags; + POLICY_HND *user_pol = r->out.user_handle; struct samr_info *info = NULL; NTSTATUS nt_status; uint32 acc_granted; @@ -2551,7 +2547,7 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, nt_status = access_check_samr_function(acc_granted, SA_RIGHT_DOMAIN_CREATE_USER, - "_samr_create_user"); + "_samr_CreateUser2"); if (!NT_STATUS_IS_OK(nt_status)) { return nt_status; } @@ -2563,7 +2559,7 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, return NT_STATUS_INVALID_PARAMETER; } - account = rpcstr_pull_unistr2_talloc(p->mem_ctx, &q_u->uni_name); + account = r->in.account_name->string; if (account == NULL) { return NT_STATUS_NO_MEMORY; } @@ -2602,7 +2598,7 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, } } - DEBUG(5, ("_samr_create_user: %s can add this account : %s\n", + DEBUG(5, ("_samr_CreateUser2: %s can add this account : %s\n", uidtoname(p->pipe_user.ut.uid), can_add_account ? "True":"False" )); @@ -2612,7 +2608,7 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, become_root(); nt_status = pdb_create_user(p->mem_ctx, account, acb_info, - &r_u->user_rid); + r->out.rid); if ( can_add_account ) unbecome_root(); @@ -2626,7 +2622,7 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, /* Get the user's SID */ - sid_compose(&sid, get_global_sam_sid(), r_u->user_rid); + sid_compose(&sid, get_global_sam_sid(), *r->out.rid); make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping, &sid, SAMR_USR_RIGHTS_WRITE_PW); @@ -2634,7 +2630,7 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, &se_rights, GENERIC_RIGHTS_USER_WRITE, des_access, - &acc_granted, "_samr_create_user"); + &acc_granted, "_samr_CreateUser2"); if ( !NT_STATUS_IS_OK(nt_status) ) { return nt_status; @@ -2657,7 +2653,7 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, /* After a "set" ensure we have no cached display info. */ force_flush_samr_cache(info->disp_info); - r_u->access_granted = acc_granted; + *r->out.access_granted = acc_granted; return NT_STATUS_OK; } @@ -2979,32 +2975,31 @@ NTSTATUS _samr_enum_domains(pipes_struct *p, SAMR_Q_ENUM_DOMAINS *q_u, SAMR_R_EN } /******************************************************************* - api_samr_open_alias + _samr_OpenAlias ********************************************************************/ -NTSTATUS _samr_open_alias(pipes_struct *p, SAMR_Q_OPEN_ALIAS *q_u, SAMR_R_OPEN_ALIAS *r_u) +NTSTATUS _samr_OpenAlias(pipes_struct *p, + struct samr_OpenAlias *r) { DOM_SID sid; - POLICY_HND domain_pol = q_u->dom_pol; - uint32 alias_rid = q_u->rid_alias; - POLICY_HND *alias_pol = &r_u->pol; + POLICY_HND domain_pol = *r->in.domain_handle; + uint32 alias_rid = r->in.rid; + POLICY_HND *alias_pol = r->out.alias_handle; struct samr_info *info = NULL; SEC_DESC *psd = NULL; uint32 acc_granted; - uint32 des_access = q_u->access_mask; + uint32 des_access = r->in.access_mask; size_t sd_size; NTSTATUS status; SE_PRIV se_rights; - r_u->status = NT_STATUS_OK; - /* find the domain policy and get the SID / access bits stored in the domain policy */ if ( !get_lsa_policy_samr_sid(p, &domain_pol, &sid, &acc_granted, NULL) ) return NT_STATUS_INVALID_HANDLE; status = access_check_samr_function(acc_granted, - SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_open_alias"); + SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_OpenAlias"); if ( !NT_STATUS_IS_OK(status) ) return status; @@ -3024,7 +3019,7 @@ NTSTATUS _samr_open_alias(pipes_struct *p, SAMR_Q_OPEN_ALIAS *q_u, SAMR_R_OPEN_A status = access_check_samr_object(psd, p->pipe_user.nt_user_token, &se_rights, GENERIC_RIGHTS_ALIAS_WRITE, des_access, - &acc_granted, "_samr_open_alias"); + &acc_granted, "_samr_OpenAlias"); if ( !NT_STATUS_IS_OK(status) ) return status; @@ -3061,7 +3056,7 @@ NTSTATUS _samr_open_alias(pipes_struct *p, SAMR_Q_OPEN_ALIAS *q_u, SAMR_R_OPEN_A if (!create_policy_hnd(p, alias_pol, free_samr_info, (void *)info)) return NT_STATUS_OBJECT_NAME_NOT_FOUND; - return r_u->status; + return NT_STATUS_OK; } /******************************************************************* @@ -3325,7 +3320,8 @@ static NTSTATUS set_user_info_23(TALLOC_CTX *mem_ctx, SAM_USER_INFO_23 *id23, return NT_STATUS_ACCESS_DENIED; } - if ((passwd = Get_Pwnam(pdb_get_username(pwd))) == NULL) { + passwd = Get_Pwnam_alloc(pwd, pdb_get_username(pwd)); + if (passwd == NULL) { DEBUG(1, ("chgpasswd: Username does not exist in system !?!\n")); } @@ -3333,6 +3329,7 @@ static NTSTATUS set_user_info_23(TALLOC_CTX *mem_ctx, SAM_USER_INFO_23 *id23, TALLOC_FREE(pwd); return NT_STATUS_ACCESS_DENIED; } + TALLOC_FREE(passwd); } } @@ -3406,7 +3403,8 @@ static bool set_user_info_pw(uint8 *pass, struct samu *pwd) return False; } - if ((passwd = Get_Pwnam(pdb_get_username(pwd))) == NULL) { + passwd = Get_Pwnam_alloc(pwd, pdb_get_username(pwd)); + if (passwd == NULL) { DEBUG(1, ("chgpasswd: Username does not exist in system !?!\n")); } @@ -3414,6 +3412,7 @@ static bool set_user_info_pw(uint8 *pass, struct samu *pwd) TALLOC_FREE(pwd); return False; } + TALLOC_FREE(passwd); } } @@ -4167,11 +4166,13 @@ NTSTATUS _samr_del_groupmem(pipes_struct *p, SAMR_Q_DEL_GROUPMEM *q_u, SAMR_R_DE } /********************************************************************* - _samr_delete_dom_user + _samr_DeleteUser *********************************************************************/ -NTSTATUS _samr_delete_dom_user(pipes_struct *p, SAMR_Q_DELETE_DOM_USER *q_u, SAMR_R_DELETE_DOM_USER *r_u ) +NTSTATUS _samr_DeleteUser(pipes_struct *p, + struct samr_DeleteUser *r) { + NTSTATUS status; DOM_SID user_sid; struct samu *sam_pass=NULL; uint32 acc_granted; @@ -4180,14 +4181,15 @@ NTSTATUS _samr_delete_dom_user(pipes_struct *p, SAMR_Q_DELETE_DOM_USER *q_u, SAM DISP_INFO *disp_info = NULL; bool ret; - DEBUG(5, ("_samr_delete_dom_user: %d\n", __LINE__)); + DEBUG(5, ("_samr_DeleteUser: %d\n", __LINE__)); /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->user_pol, &user_sid, &acc_granted, &disp_info)) + if (!get_lsa_policy_samr_sid(p, r->in.user_handle, &user_sid, &acc_granted, &disp_info)) return NT_STATUS_INVALID_HANDLE; - if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, "_samr_delete_dom_user"))) { - return r_u->status; + status = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, "_samr_DeleteUser"); + if (!NT_STATUS_IS_OK(status)) { + return status; } if (!sid_check_is_in_our_domain(&user_sid)) @@ -4203,7 +4205,7 @@ NTSTATUS _samr_delete_dom_user(pipes_struct *p, SAMR_Q_DELETE_DOM_USER *q_u, SAM unbecome_root(); if( !ret ) { - DEBUG(5,("_samr_delete_dom_user:User %s doesn't exist.\n", + DEBUG(5,("_samr_DeleteUser: User %s doesn't exist.\n", sid_string_dbg(&user_sid))); TALLOC_FREE(sam_pass); return NT_STATUS_NO_SUCH_USER; @@ -4223,25 +4225,25 @@ NTSTATUS _samr_delete_dom_user(pipes_struct *p, SAMR_Q_DELETE_DOM_USER *q_u, SAM if ( can_add_accounts ) become_root(); - r_u->status = pdb_delete_user(p->mem_ctx, sam_pass); + status = pdb_delete_user(p->mem_ctx, sam_pass); if ( can_add_accounts ) unbecome_root(); /******** END SeAddUsers BLOCK *********/ - if ( !NT_STATUS_IS_OK(r_u->status) ) { - DEBUG(5,("_samr_delete_dom_user: Failed to delete entry for " + if ( !NT_STATUS_IS_OK(status) ) { + DEBUG(5,("_samr_DeleteUser: Failed to delete entry for " "user %s: %s.\n", pdb_get_username(sam_pass), - nt_errstr(r_u->status))); + nt_errstr(status))); TALLOC_FREE(sam_pass); - return r_u->status; + return status; } TALLOC_FREE(sam_pass); - if (!close_policy_hnd(p, &q_u->user_pol)) + if (!close_policy_hnd(p, r->in.user_handle)) return NT_STATUS_OBJECT_NAME_INVALID; force_flush_samr_cache(disp_info); @@ -4250,11 +4252,13 @@ NTSTATUS _samr_delete_dom_user(pipes_struct *p, SAMR_Q_DELETE_DOM_USER *q_u, SAM } /********************************************************************* - _samr_delete_dom_group + _samr_DeleteDomainGroup *********************************************************************/ -NTSTATUS _samr_delete_dom_group(pipes_struct *p, SAMR_Q_DELETE_DOM_GROUP *q_u, SAMR_R_DELETE_DOM_GROUP *r_u) +NTSTATUS _samr_DeleteDomainGroup(pipes_struct *p, + struct samr_DeleteDomainGroup *r) { + NTSTATUS status; DOM_SID group_sid; uint32 group_rid; uint32 acc_granted; @@ -4262,14 +4266,15 @@ NTSTATUS _samr_delete_dom_group(pipes_struct *p, SAMR_Q_DELETE_DOM_GROUP *q_u, S bool can_add_accounts; DISP_INFO *disp_info = NULL; - DEBUG(5, ("samr_delete_dom_group: %d\n", __LINE__)); + DEBUG(5, ("samr_DeleteDomainGroup: %d\n", __LINE__)); /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->group_pol, &group_sid, &acc_granted, &disp_info)) + if (!get_lsa_policy_samr_sid(p, r->in.group_handle, &group_sid, &acc_granted, &disp_info)) return NT_STATUS_INVALID_HANDLE; - - if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, "_samr_delete_dom_group"))) { - return r_u->status; + + status = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, "_samr_DeleteDomainGroup"); + if (!NT_STATUS_IS_OK(status)) { + return status; } DEBUG(10, ("sid is %s\n", sid_string_dbg(&group_sid))); @@ -4287,22 +4292,22 @@ NTSTATUS _samr_delete_dom_group(pipes_struct *p, SAMR_Q_DELETE_DOM_GROUP *q_u, S if ( can_add_accounts ) become_root(); - r_u->status = pdb_delete_dom_group(p->mem_ctx, group_rid); + status = pdb_delete_dom_group(p->mem_ctx, group_rid); if ( can_add_accounts ) unbecome_root(); /******** END SeAddUsers BLOCK *********/ - if ( !NT_STATUS_IS_OK(r_u->status) ) { - DEBUG(5,("_samr_delete_dom_group: Failed to delete mapping " + if ( !NT_STATUS_IS_OK(status) ) { + DEBUG(5,("_samr_DeleteDomainGroup: Failed to delete mapping " "entry for group %s: %s\n", sid_string_dbg(&group_sid), - nt_errstr(r_u->status))); - return r_u->status; + nt_errstr(status))); + return status; } - if (!close_policy_hnd(p, &q_u->group_pol)) + if (!close_policy_hnd(p, r->in.group_handle)) return NT_STATUS_OBJECT_NAME_INVALID; force_flush_samr_cache(disp_info); @@ -4311,10 +4316,11 @@ NTSTATUS _samr_delete_dom_group(pipes_struct *p, SAMR_Q_DELETE_DOM_GROUP *q_u, S } /********************************************************************* - _samr_delete_dom_alias + _samr_DeleteDomAlias *********************************************************************/ -NTSTATUS _samr_delete_dom_alias(pipes_struct *p, SAMR_Q_DELETE_DOM_ALIAS *q_u, SAMR_R_DELETE_DOM_ALIAS *r_u) +NTSTATUS _samr_DeleteDomAlias(pipes_struct *p, + struct samr_DeleteDomAlias *r) { DOM_SID alias_sid; uint32 acc_granted; @@ -4323,18 +4329,19 @@ NTSTATUS _samr_delete_dom_alias(pipes_struct *p, SAMR_Q_DELETE_DOM_ALIAS *q_u, S NTSTATUS status; DISP_INFO *disp_info = NULL; - DEBUG(5, ("_samr_delete_dom_alias: %d\n", __LINE__)); + DEBUG(5, ("_samr_DeleteDomAlias: %d\n", __LINE__)); /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid, &acc_granted, &disp_info)) + if (!get_lsa_policy_samr_sid(p, r->in.alias_handle, &alias_sid, &acc_granted, &disp_info)) return NT_STATUS_INVALID_HANDLE; /* copy the handle to the outgoing reply */ - memcpy( &r_u->pol, &q_u->alias_pol, sizeof(r_u->pol) ); + memcpy(r->out.alias_handle, r->in.alias_handle, sizeof(r->out.alias_handle)); - if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, "_samr_delete_dom_alias"))) { - return r_u->status; + status = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, "_samr_DeleteDomAlias"); + if (!NT_STATUS_IS_OK(status)) { + return status; } DEBUG(10, ("sid is %s\n", sid_string_dbg(&alias_sid))); @@ -4369,7 +4376,7 @@ NTSTATUS _samr_delete_dom_alias(pipes_struct *p, SAMR_Q_DELETE_DOM_ALIAS *q_u, S if ( !NT_STATUS_IS_OK(status)) return status; - if (!close_policy_hnd(p, &q_u->alias_pol)) + if (!close_policy_hnd(p, r->in.alias_handle)) return NT_STATUS_OBJECT_NAME_INVALID; force_flush_samr_cache(disp_info); @@ -4378,11 +4385,14 @@ NTSTATUS _samr_delete_dom_alias(pipes_struct *p, SAMR_Q_DELETE_DOM_ALIAS *q_u, S } /********************************************************************* - _samr_create_dom_group + _samr_CreateDomainGroup *********************************************************************/ -NTSTATUS _samr_create_dom_group(pipes_struct *p, SAMR_Q_CREATE_DOM_GROUP *q_u, SAMR_R_CREATE_DOM_GROUP *r_u) +NTSTATUS _samr_CreateDomainGroup(pipes_struct *p, + struct samr_CreateDomainGroup *r) + { + NTSTATUS status; DOM_SID dom_sid; DOM_SID info_sid; const char *name; @@ -4393,24 +4403,25 @@ NTSTATUS _samr_create_dom_group(pipes_struct *p, SAMR_Q_CREATE_DOM_GROUP *q_u, S DISP_INFO *disp_info = NULL; /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->pol, &dom_sid, &acc_granted, &disp_info)) + if (!get_lsa_policy_samr_sid(p, r->in.domain_handle, &dom_sid, &acc_granted, &disp_info)) return NT_STATUS_INVALID_HANDLE; - if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_DOMAIN_CREATE_GROUP, "_samr_create_dom_group"))) { - return r_u->status; + status = access_check_samr_function(acc_granted, SA_RIGHT_DOMAIN_CREATE_GROUP, "_samr_CreateDomainGroup"); + if (!NT_STATUS_IS_OK(status)) { + return status; } if (!sid_equal(&dom_sid, get_global_sam_sid())) return NT_STATUS_ACCESS_DENIED; - name = rpcstr_pull_unistr2_talloc(p->mem_ctx, &q_u->uni_acct_desc); + name = r->in.name->string; if (name == NULL) { return NT_STATUS_NO_MEMORY; } - r_u->status = can_create(p->mem_ctx, name); - if (!NT_STATUS_IS_OK(r_u->status)) { - return r_u->status; + status = can_create(p->mem_ctx, name); + if (!NT_STATUS_IS_OK(status)) { + return status; } se_priv_copy( &se_rights, &se_add_users ); @@ -4423,7 +4434,7 @@ NTSTATUS _samr_create_dom_group(pipes_struct *p, SAMR_Q_CREATE_DOM_GROUP *q_u, S /* check that we successfully create the UNIX group */ - r_u->status = pdb_create_dom_group(p->mem_ctx, name, &r_u->rid); + status = pdb_create_dom_group(p->mem_ctx, name, r->out.rid); if ( can_add_accounts ) unbecome_root(); @@ -4432,10 +4443,10 @@ NTSTATUS _samr_create_dom_group(pipes_struct *p, SAMR_Q_CREATE_DOM_GROUP *q_u, S /* check if we should bail out here */ - if ( !NT_STATUS_IS_OK(r_u->status) ) - return r_u->status; + if ( !NT_STATUS_IS_OK(status) ) + return status; - sid_compose(&info_sid, get_global_sam_sid(), r_u->rid); + sid_compose(&info_sid, get_global_sam_sid(), *r->out.rid); if ((info = get_samr_info_by_sid(&info_sid)) == NULL) return NT_STATUS_NO_MEMORY; @@ -4445,7 +4456,7 @@ NTSTATUS _samr_create_dom_group(pipes_struct *p, SAMR_Q_CREATE_DOM_GROUP *q_u, S info->acc_granted = GENERIC_RIGHTS_GROUP_ALL_ACCESS; /* get a (unique) handle. open a policy on it. */ - if (!create_policy_hnd(p, &r_u->pol, free_samr_info, (void *)info)) + if (!create_policy_hnd(p, r->out.group_handle, free_samr_info, (void *)info)) return NT_STATUS_OBJECT_NAME_NOT_FOUND; force_flush_samr_cache(disp_info); @@ -4454,14 +4465,15 @@ NTSTATUS _samr_create_dom_group(pipes_struct *p, SAMR_Q_CREATE_DOM_GROUP *q_u, S } /********************************************************************* - _samr_create_dom_alias + _samr_CreateDomAlias *********************************************************************/ -NTSTATUS _samr_create_dom_alias(pipes_struct *p, SAMR_Q_CREATE_DOM_ALIAS *q_u, SAMR_R_CREATE_DOM_ALIAS *r_u) +NTSTATUS _samr_CreateDomAlias(pipes_struct *p, + struct samr_CreateDomAlias *r) { DOM_SID dom_sid; DOM_SID info_sid; - fstring name; + const char *name = NULL; struct samr_info *info; uint32 acc_granted; gid_t gid; @@ -4471,17 +4483,18 @@ NTSTATUS _samr_create_dom_alias(pipes_struct *p, SAMR_Q_CREATE_DOM_ALIAS *q_u, S DISP_INFO *disp_info = NULL; /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->dom_pol, &dom_sid, &acc_granted, &disp_info)) + if (!get_lsa_policy_samr_sid(p, r->in.domain_handle, &dom_sid, &acc_granted, &disp_info)) return NT_STATUS_INVALID_HANDLE; - if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_DOMAIN_CREATE_ALIAS, "_samr_create_alias"))) { - return r_u->status; + result = access_check_samr_function(acc_granted, SA_RIGHT_DOMAIN_CREATE_ALIAS, "_samr_CreateDomAlias"); + if (!NT_STATUS_IS_OK(result)) { + return result; } if (!sid_equal(&dom_sid, get_global_sam_sid())) return NT_STATUS_ACCESS_DENIED; - unistr2_to_ascii(name, &q_u->uni_acct_desc, sizeof(name)); + name = r->in.alias_name->string; se_priv_copy( &se_rights, &se_add_users ); can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights ); @@ -4497,7 +4510,7 @@ NTSTATUS _samr_create_dom_alias(pipes_struct *p, SAMR_Q_CREATE_DOM_ALIAS *q_u, S become_root(); /* Have passdb create the alias */ - result = pdb_create_alias(name, &r_u->rid); + result = pdb_create_alias(name, r->out.rid); if ( can_add_accounts ) unbecome_root(); @@ -4511,7 +4524,7 @@ NTSTATUS _samr_create_dom_alias(pipes_struct *p, SAMR_Q_CREATE_DOM_ALIAS *q_u, S } sid_copy(&info_sid, get_global_sam_sid()); - sid_append_rid(&info_sid, r_u->rid); + sid_append_rid(&info_sid, *r->out.rid); if (!sid_to_gid(&info_sid, &gid)) { DEBUG(10, ("Could not find alias just created\n")); @@ -4533,7 +4546,7 @@ NTSTATUS _samr_create_dom_alias(pipes_struct *p, SAMR_Q_CREATE_DOM_ALIAS *q_u, S info->acc_granted = GENERIC_RIGHTS_ALIAS_ALL_ACCESS; /* get a (unique) handle. open a policy on it. */ - if (!create_policy_hnd(p, &r_u->alias_pol, free_samr_info, (void *)info)) + if (!create_policy_hnd(p, r->out.alias_handle, free_samr_info, (void *)info)) return NT_STATUS_OBJECT_NAME_NOT_FOUND; force_flush_samr_cache(disp_info); @@ -4806,32 +4819,35 @@ NTSTATUS _samr_set_aliasinfo(pipes_struct *p, SAMR_Q_SET_ALIASINFO *q_u, SAMR_R_ return status; } -/********************************************************************* - _samr_get_dom_pwinfo -*********************************************************************/ +/**************************************************************** + _samr_GetDomPwInfo +****************************************************************/ -NTSTATUS _samr_get_dom_pwinfo(pipes_struct *p, SAMR_Q_GET_DOM_PWINFO *q_u, SAMR_R_GET_DOM_PWINFO *r_u) +NTSTATUS _samr_GetDomPwInfo(pipes_struct *p, + struct samr_GetDomPwInfo *r) { /* Perform access check. Since this rpc does not require a policy handle it will not be caught by the access checks on SAMR_CONNECT or SAMR_CONNECT_ANON. */ if (!pipe_access_check(p)) { - DEBUG(3, ("access denied to samr_get_dom_pwinfo\n")); - r_u->status = NT_STATUS_ACCESS_DENIED; - return r_u->status; + DEBUG(3, ("access denied to _samr_GetDomPwInfo\n")); + return NT_STATUS_ACCESS_DENIED; } /* Actually, returning zeros here works quite well :-). */ + ZERO_STRUCTP(r->out.info); return NT_STATUS_OK; } /********************************************************************* - _samr_open_group + _samr_OpenGroup *********************************************************************/ -NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_GROUP *r_u) +NTSTATUS _samr_OpenGroup(pipes_struct *p, + struct samr_OpenGroup *r) + { DOM_SID sid; DOM_SID info_sid; @@ -4839,18 +4855,18 @@ NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_G struct samr_info *info; SEC_DESC *psd = NULL; uint32 acc_granted; - uint32 des_access = q_u->access_mask; + uint32 des_access = r->in.access_mask; size_t sd_size; NTSTATUS status; fstring sid_string; bool ret; SE_PRIV se_rights; - if (!get_lsa_policy_samr_sid(p, &q_u->domain_pol, &sid, &acc_granted, NULL)) + if (!get_lsa_policy_samr_sid(p, r->in.domain_handle, &sid, &acc_granted, NULL)) return NT_STATUS_INVALID_HANDLE; status = access_check_samr_function(acc_granted, - SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_open_group"); + SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_OpenGroup"); if ( !NT_STATUS_IS_OK(status) ) return status; @@ -4863,7 +4879,7 @@ NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_G status = access_check_samr_object(psd, p->pipe_user.nt_user_token, &se_rights, GENERIC_RIGHTS_GROUP_WRITE, des_access, - &acc_granted, "_samr_open_group"); + &acc_granted, "_samr_OpenGroup"); if ( !NT_STATUS_IS_OK(status) ) return status; @@ -4874,7 +4890,7 @@ NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_G return NT_STATUS_ACCESS_DENIED; sid_copy(&info_sid, get_global_sam_sid()); - sid_append_rid(&info_sid, q_u->rid_group); + sid_append_rid(&info_sid, r->in.rid); sid_to_fstring(sid_string, &info_sid); if ((info = get_samr_info_by_sid(&info_sid)) == NULL) @@ -4882,7 +4898,7 @@ NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_G info->acc_granted = acc_granted; - DEBUG(10, ("_samr_open_group:Opening SID: %s\n", sid_string)); + DEBUG(10, ("_samr_OpenGroup:Opening SID: %s\n", sid_string)); /* check if that group really exists */ become_root(); @@ -4892,7 +4908,7 @@ NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_G return NT_STATUS_NO_SUCH_GROUP; /* get a (unique) handle. open a policy on it. */ - if (!create_policy_hnd(p, &r_u->pol, free_samr_info, (void *)info)) + if (!create_policy_hnd(p, r->out.group_handle, free_samr_info, (void *)info)) return NT_STATUS_OBJECT_NAME_NOT_FOUND; return NT_STATUS_OK; @@ -5053,3 +5069,563 @@ NTSTATUS _samr_set_dom_info(pipes_struct *p, SAMR_Q_SET_DOMAIN_INFO *q_u, SAMR_R return r_u->status; } + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_Connect(pipes_struct *p, + struct samr_Connect *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_SetSecurity(pipes_struct *p, + struct samr_SetSecurity *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_QuerySecurity(pipes_struct *p, + struct samr_QuerySecurity *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_Shutdown(pipes_struct *p, + struct samr_Shutdown *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_LookupDomain(pipes_struct *p, + struct samr_LookupDomain *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_EnumDomains(pipes_struct *p, + struct samr_EnumDomains *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_QueryDomainInfo(pipes_struct *p, + struct samr_QueryDomainInfo *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_SetDomainInfo(pipes_struct *p, + struct samr_SetDomainInfo *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_EnumDomainGroups(pipes_struct *p, + struct samr_EnumDomainGroups *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_CreateUser(pipes_struct *p, + struct samr_CreateUser *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_EnumDomainUsers(pipes_struct *p, + struct samr_EnumDomainUsers *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_EnumDomainAliases(pipes_struct *p, + struct samr_EnumDomainAliases *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_GetAliasMembership(pipes_struct *p, + struct samr_GetAliasMembership *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_LookupNames(pipes_struct *p, + struct samr_LookupNames *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_LookupRids(pipes_struct *p, + struct samr_LookupRids *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_QueryGroupInfo(pipes_struct *p, + struct samr_QueryGroupInfo *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_SetGroupInfo(pipes_struct *p, + struct samr_SetGroupInfo *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_AddGroupMember(pipes_struct *p, + struct samr_AddGroupMember *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_DeleteGroupMember(pipes_struct *p, + struct samr_DeleteGroupMember *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_QueryGroupMember(pipes_struct *p, + struct samr_QueryGroupMember *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_SetMemberAttributesOfGroup(pipes_struct *p, + struct samr_SetMemberAttributesOfGroup *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_QueryAliasInfo(pipes_struct *p, + struct samr_QueryAliasInfo *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_SetAliasInfo(pipes_struct *p, + struct samr_SetAliasInfo *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_AddAliasMember(pipes_struct *p, + struct samr_AddAliasMember *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_DeleteAliasMember(pipes_struct *p, + struct samr_DeleteAliasMember *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_GetMembersInAlias(pipes_struct *p, + struct samr_GetMembersInAlias *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_QueryUserInfo(pipes_struct *p, + struct samr_QueryUserInfo *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_SetUserInfo(pipes_struct *p, + struct samr_SetUserInfo *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_ChangePasswordUser(pipes_struct *p, + struct samr_ChangePasswordUser *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_GetGroupsForUser(pipes_struct *p, + struct samr_GetGroupsForUser *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_QueryDisplayInfo(pipes_struct *p, + struct samr_QueryDisplayInfo *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_GetDisplayEnumerationIndex(pipes_struct *p, + struct samr_GetDisplayEnumerationIndex *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_TestPrivateFunctionsDomain(pipes_struct *p, + struct samr_TestPrivateFunctionsDomain *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_TestPrivateFunctionsUser(pipes_struct *p, + struct samr_TestPrivateFunctionsUser *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_GetUserPwInfo(pipes_struct *p, + struct samr_GetUserPwInfo *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_RemoveMemberFromForeignDomain(pipes_struct *p, + struct samr_RemoveMemberFromForeignDomain *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_QueryDomainInfo2(pipes_struct *p, + struct samr_QueryDomainInfo2 *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_QueryUserInfo2(pipes_struct *p, + struct samr_QueryUserInfo2 *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_QueryDisplayInfo2(pipes_struct *p, + struct samr_QueryDisplayInfo2 *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_GetDisplayEnumerationIndex2(pipes_struct *p, + struct samr_GetDisplayEnumerationIndex2 *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_QueryDisplayInfo3(pipes_struct *p, + struct samr_QueryDisplayInfo3 *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_AddMultipleMembersToAlias(pipes_struct *p, + struct samr_AddMultipleMembersToAlias *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_RemoveMultipleMembersFromAlias(pipes_struct *p, + struct samr_RemoveMultipleMembersFromAlias *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_OemChangePasswordUser2(pipes_struct *p, + struct samr_OemChangePasswordUser2 *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_ChangePasswordUser2(pipes_struct *p, + struct samr_ChangePasswordUser2 *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_Connect2(pipes_struct *p, + struct samr_Connect2 *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_SetUserInfo2(pipes_struct *p, + struct samr_SetUserInfo2 *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_SetBootKeyInformation(pipes_struct *p, + struct samr_SetBootKeyInformation *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_GetBootKeyInformation(pipes_struct *p, + struct samr_GetBootKeyInformation *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_Connect3(pipes_struct *p, + struct samr_Connect3 *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_Connect4(pipes_struct *p, + struct samr_Connect4 *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_ChangePasswordUser3(pipes_struct *p, + struct samr_ChangePasswordUser3 *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_Connect5(pipes_struct *p, + struct samr_Connect5 *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_RidToSid(pipes_struct *p, + struct samr_RidToSid *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_SetDsrmPassword(pipes_struct *p, + struct samr_SetDsrmPassword *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************** +****************************************************************/ + +NTSTATUS _samr_ValidatePassword(pipes_struct *p, + struct samr_ValidatePassword *r) +{ + p->rng_fault_state = true; + return NT_STATUS_NOT_IMPLEMENTED; +} diff --git a/source3/rpc_server/srv_samr_util.c b/source3/rpc_server/srv_samr_util.c index bde7936343..c8f732153c 100644 --- a/source3/rpc_server/srv_samr_util.c +++ b/source3/rpc_server/srv_samr_util.c @@ -44,16 +44,16 @@ void copy_id20_to_sam_passwd(struct samu *to, SAM_USER_INFO_20 *from) char *new_string; DATA_BLOB mung; - if (from == NULL || to == NULL) + if (from == NULL || to == NULL) return; - + if (from->hdr_munged_dial.buffer) { old_string = pdb_get_munged_dial(to); mung.length = from->hdr_munged_dial.uni_str_len; mung.data = (uint8 *) from->uni_munged_dial.buffer; mung.free = NULL; new_string = (mung.length == 0) ? - NULL : base64_encode_data_blob(mung); + NULL : base64_encode_data_blob(talloc_tos(), mung); DEBUG(10,("INFO_20 UNI_MUNGED_DIAL: %s -> %s\n",old_string, new_string)); if (STRING_CHANGED_NC(old_string,new_string)) pdb_set_munged_dial(to , new_string, PDB_CHANGED); @@ -196,7 +196,7 @@ void copy_id21_to_sam_passwd(struct samu *to, SAM_USER_INFO_21 *from) mung.data = (uint8 *) from->uni_munged_dial.buffer; mung.free = NULL; newstr = (mung.length == 0) ? - NULL : base64_encode_data_blob(mung); + NULL : base64_encode_data_blob(talloc_tos(), mung); DEBUG(10,("INFO_21 UNI_MUNGED_DIAL: %s -> %s\n",old_string, newstr)); if (STRING_CHANGED_NC(old_string,newstr)) pdb_set_munged_dial(to , newstr, PDB_CHANGED); @@ -421,7 +421,7 @@ void copy_id23_to_sam_passwd(struct samu *to, SAM_USER_INFO_23 *from) mung.data = (uint8 *) from->uni_munged_dial.buffer; mung.free = NULL; newstr = (mung.length == 0) ? - NULL : base64_encode_data_blob(mung); + NULL : base64_encode_data_blob(talloc_tos(), mung); DEBUG(10,("INFO_23 UNI_MUNGED_DIAL: %s -> %s\n",old_string, newstr)); if (STRING_CHANGED_NC(old_string, newstr)) pdb_set_munged_dial(to , newstr, PDB_CHANGED); @@ -633,7 +633,7 @@ void copy_id25_to_sam_passwd(struct samu *to, SAM_USER_INFO_25 *from) mung.data = (uint8 *) from->uni_munged_dial.buffer; mung.free = NULL; newstr = (mung.length == 0) ? - NULL : base64_encode_data_blob(mung); + NULL : base64_encode_data_blob(talloc_tos(), mung); DEBUG(10,("INFO_25 UNI_MUNGED_DIAL: %s -> %s\n",old_string, newstr)); if (STRING_CHANGED_NC(old_string,newstr)) pdb_set_munged_dial(to , newstr, PDB_CHANGED); diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index 125ccb4752..1b877ee5b4 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -167,7 +167,7 @@ static void enum_file_fn( const struct share_mode_entry *e, ZERO_STRUCT( fsp ); fsp.file_id = e->id; - if ( (brl = brl_get_locks(NULL,&fsp)) != NULL ) { + if ( (brl = brl_get_locks(talloc_tos(), &fsp)) != NULL ) { num_locks = brl->num_locks; TALLOC_FREE(brl); } @@ -870,13 +870,11 @@ static void init_srv_sess_info_0(pipes_struct *p, SRV_SESS_INFO_0 *ss0, uint32 * /******************************************************************* ********************************************************************/ -/* global needed to make use of the share_mode_forall() callback */ -static struct sess_file_count s_file_cnt; - static void sess_file_fn( const struct share_mode_entry *e, - const char *sharepath, const char *fname, void *state ) + const char *sharepath, const char *fname, + void *data ) { - struct sess_file_count *sess = &s_file_cnt; + struct sess_file_count *sess = (struct sess_file_count *)data; if ( procid_equal(&e->pid, &sess->pid) && (sess->uid == e->uid) ) { sess->count++; @@ -890,11 +888,13 @@ static void sess_file_fn( const struct share_mode_entry *e, static int net_count_files( uid_t uid, struct server_id pid ) { + struct sess_file_count s_file_cnt; + s_file_cnt.count = 0; s_file_cnt.uid = uid; s_file_cnt.pid = pid; - share_mode_forall( sess_file_fn, NULL ); + share_mode_forall( sess_file_fn, &s_file_cnt ); return s_file_cnt.count; } @@ -2089,7 +2089,6 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC char *filename_in = NULL; char *filename = NULL; char *qualname = NULL; - files_struct *fsp = NULL; SMB_STRUCT_STAT st; NTSTATUS nt_status; struct current_user user; @@ -2149,25 +2148,7 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC goto error_exit; } - nt_status = open_file_stat(conn, NULL, filename, &st, &fsp); - /* Perhaps it is a directory */ - if (NT_STATUS_EQUAL(nt_status, NT_STATUS_FILE_IS_A_DIRECTORY)) { - nt_status = open_directory(conn, NULL, filename, &st, - READ_CONTROL_ACCESS, - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, - 0, - FILE_ATTRIBUTE_DIRECTORY, - NULL, &fsp); - } - - if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(3,("_srv_net_file_query_secdesc: Unable to open file %s\n", filename)); - r_u->status = ntstatus_to_werror(nt_status); - goto error_exit; - } - - nt_status = SMB_VFS_GET_NT_ACL(fsp, fsp->fsp_name, + nt_status = SMB_VFS_GET_NT_ACL(conn, filename, (OWNER_SECURITY_INFORMATION |GROUP_SECURITY_INFORMATION |DACL_SECURITY_INFORMATION), &psd); @@ -2178,7 +2159,7 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC goto error_exit; } - sd_size = sec_desc_size(psd); + sd_size = ndr_size_security_descriptor(psd, 0); r_u->ptr_response = 1; r_u->size_response = sd_size; @@ -2186,19 +2167,14 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC r_u->size_secdesc = sd_size; r_u->sec_desc = psd; - psd->dacl->revision = (uint16) NT4_ACL_REVISION; + psd->dacl->revision = NT4_ACL_REVISION; - close_file(fsp, NORMAL_CLOSE); unbecome_user(); close_cnum(conn, user.vuid); return r_u->status; error_exit: - if(fsp) { - close_file(fsp, NORMAL_CLOSE); - } - if (became_user) unbecome_user(); diff --git a/source3/rpc_server/srv_svcctl_nt.c b/source3/rpc_server/srv_svcctl_nt.c index 7d81033264..ac45d8bf75 100644 --- a/source3/rpc_server/srv_svcctl_nt.c +++ b/source3/rpc_server/srv_svcctl_nt.c @@ -162,7 +162,9 @@ static SEC_DESC* construct_scm_sd( TALLOC_CTX *ctx ) if ( !(acl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) ) return NULL; - if ( !(sd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, acl, &sd_size)) ) + if ( !(sd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1, + SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, + acl, &sd_size)) ) return NULL; return sd; @@ -346,8 +348,8 @@ WERROR _svcctl_get_display_name(pipes_struct *p, SVCCTL_Q_GET_DISPLAY_NAME *q_u, rpcstr_pull(service, q_u->servicename.buffer, sizeof(service), q_u->servicename.uni_str_len*2, 0); - display_name = svcctl_lookup_dispname( service, p->pipe_user.nt_user_token ); - init_svcctl_r_get_display_name( r_u, display_name ); + display_name = svcctl_lookup_dispname(p->mem_ctx, service, p->pipe_user.nt_user_token ); + init_svcctl_r_get_display_name( r_u, display_name ? display_name : ""); return WERR_OK; } @@ -394,8 +396,8 @@ static int enumerate_status( TALLOC_CTX *ctx, ENUM_SERVICES_STATUS **status, NT_ for ( i=0; i<num_services; i++ ) { init_unistr( &st[i].servicename, svcctl_ops[i].name ); - display_name = svcctl_lookup_dispname( svcctl_ops[i].name, token ); - init_unistr( &st[i].displayname, display_name ); + display_name = svcctl_lookup_dispname(ctx, svcctl_ops[i].name, token ); + init_unistr( &st[i].displayname, display_name ? display_name : ""); svcctl_ops[i].ops->service_status( svcctl_ops[i].name, &st[i].status ); } @@ -688,16 +690,16 @@ WERROR _svcctl_query_service_config2( pipes_struct *p, SVCCTL_Q_QUERY_SERVICE_CO { SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle ); uint32 buffer_size; - + /* perform access checks */ if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) ) - return WERR_BADFID; - + return WERR_BADFID; + if ( !(info->access_granted & SC_RIGHT_SVC_QUERY_CONFIG) ) return WERR_ACCESS_DENIED; - - /* we have to set the outgoing buffer size to the same as the + + /* we have to set the outgoing buffer size to the same as the incoming buffer size (even in the case of failure */ rpcbuf_init( &r_u->buffer, q_u->buffer_size, p->mem_ctx ); @@ -708,12 +710,12 @@ WERROR _svcctl_query_service_config2( pipes_struct *p, SVCCTL_Q_QUERY_SERVICE_CO { SERVICE_DESCRIPTION desc_buf; const char *description; - - description = svcctl_lookup_description( info->name, p->pipe_user.nt_user_token ); - + + description = svcctl_lookup_description(p->mem_ctx, info->name, p->pipe_user.nt_user_token ); + ZERO_STRUCTP( &desc_buf ); - init_service_description_buffer( &desc_buf, description ); + init_service_description_buffer( &desc_buf, description ? description : ""); svcctl_io_service_description( "", &desc_buf, &r_u->buffer, 0 ); buffer_size = svcctl_sizeof_service_description( &desc_buf ); @@ -737,7 +739,7 @@ WERROR _svcctl_query_service_config2( pipes_struct *p, SVCCTL_Q_QUERY_SERVICE_CO default: return WERR_UNKNOWN_LEVEL; } - + buffer_size += buffer_size % 4; r_u->needed = (buffer_size > q_u->buffer_size) ? buffer_size : q_u->buffer_size; @@ -811,7 +813,7 @@ WERROR _svcctl_query_service_sec( pipes_struct *p, SVCCTL_Q_QUERY_SERVICE_SEC *q if ( !(sec_desc = svcctl_get_secdesc( p->mem_ctx, info->name, get_root_nt_token() )) ) return WERR_NOMEM; - r_u->needed = sec_desc_size( sec_desc ); + r_u->needed = ndr_size_security_descriptor( sec_desc, 0 ); if ( r_u->needed > q_u->buffer_size ) { ZERO_STRUCTP( &r_u->buffer ); diff --git a/source3/rpc_server/srv_winreg_nt.c b/source3/rpc_server/srv_winreg_nt.c index 873224085c..92c178042f 100644 --- a/source3/rpc_server/srv_winreg_nt.c +++ b/source3/rpc_server/srv_winreg_nt.c @@ -234,7 +234,7 @@ WERROR _winreg_QueryValue(pipes_struct *p, struct winreg_QueryValue *r) if ( !regkey ) return WERR_BADFID; - *r->out.value_length = *r->out.type = 0; + *r->out.value_length = *r->out.type = REG_NONE; DEBUG(7,("_reg_info: policy key name = [%s]\n", regkey->key->name)); DEBUG(7,("_reg_info: policy key type = [%08x]\n", regkey->key->type)); @@ -370,9 +370,7 @@ WERROR _winreg_GetVersion(pipes_struct *p, struct winreg_GetVersion *r) if ( !regkey ) return WERR_BADFID; - *r->out.version = 0x00000005; /* Windows 2000 registry API version */ - - return WERR_OK; + return reg_getversion(r->out.version); } @@ -934,7 +932,9 @@ static WERROR make_default_reg_sd( TALLOC_CTX *ctx, SEC_DESC **psd ) if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, 2, ace)) == NULL) return WERR_NOMEM; - if ((*psd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, &owner_sid, NULL, NULL, psa, &sd_size)) == NULL) + if ((*psd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1, + SEC_DESC_SELF_RELATIVE, &owner_sid, NULL, + NULL, psa, &sd_size)) == NULL) return WERR_NOMEM; return WERR_OK; @@ -1113,7 +1113,7 @@ WERROR _winreg_GetKeySecurity(pipes_struct *p, struct winreg_GetKeySecurity *r) if ( !(key->key->access_granted & STD_RIGHT_READ_CONTROL_ACCESS) ) return WERR_ACCESS_DENIED; - err = regkey_get_secdesc(p->mem_ctx, key->key, &secdesc); + err = reg_getkeysecurity(p->mem_ctx, key, &secdesc); if (!W_ERROR_IS_OK(err)) { return err; } @@ -1159,7 +1159,7 @@ WERROR _winreg_SetKeySecurity(pipes_struct *p, struct winreg_SetKeySecurity *r) return err; } - return regkey_set_secdesc(key->key, secdesc); + return reg_setkeysecurity(key, secdesc); } /******************************************************************* diff --git a/source3/rpc_server/srv_wkssvc_nt.c b/source3/rpc_server/srv_wkssvc_nt.c index 1e43b5ae99..e0103e6b58 100644 --- a/source3/rpc_server/srv_wkssvc_nt.c +++ b/source3/rpc_server/srv_wkssvc_nt.c @@ -22,6 +22,7 @@ /* This is the implementation of the wks interface. */ #include "includes.h" +#include "libnet/libnet.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_RPC_SRV @@ -32,7 +33,7 @@ static void create_wks_info_100(struct wkssvc_NetWkstaInfo100 *info100) { - info100->platform_id = 0x000001f4; /* unknown */ + info100->platform_id = PLATFORM_ID_NT; /* unknown */ info100->version_major = lp_major_announce_version(); info100->version_minor = lp_minor_announce_version(); @@ -284,7 +285,70 @@ WERROR _wkssvc_NetrGetJoinableOus(pipes_struct *p, struct wkssvc_NetrGetJoinable WERROR _wkssvc_NetrJoinDomain2(pipes_struct *p, struct wkssvc_NetrJoinDomain2 *r) { - /* FIXME: Add implementation code here */ +#if 0 + struct libnet_JoinCtx *j = NULL; + char *cleartext_pwd = NULL; + char *admin_domain = NULL; + char *admin_account = NULL; + WERROR werr; + NTSTATUS status; + struct nt_user_token *token = p->pipe_user.nt_user_token; + struct DS_DOMAIN_CONTROLLER_INFO *info = NULL; + + if (!r->in.domain_name) { + return WERR_INVALID_PARAM; + } + + if (!user_has_privileges(token, &se_machine_account) && + !nt_token_check_domain_rid(token, DOMAIN_GROUP_RID_ADMINS) && + !nt_token_check_domain_rid(token, BUILTIN_ALIAS_RID_ADMINS)) { + return WERR_ACCESS_DENIED; + } + + werr = decode_wkssvc_join_password_buffer(p->mem_ctx, + r->in.encrypted_password, + &p->session_key, + &cleartext_pwd); + if (!W_ERROR_IS_OK(werr)) { + return werr; + } + + split_domain_user(p->mem_ctx, + r->in.admin_account, + &admin_domain, + &admin_account); + + status = dsgetdcname(p->mem_ctx, + r->in.domain_name, + NULL, + NULL, + DS_DIRECTORY_SERVICE_REQUIRED | + DS_WRITABLE_REQUIRED | + DS_RETURN_DNS_NAME, + &info); + if (!NT_STATUS_IS_OK(status)) { + return ntstatus_to_werror(status); + } + + werr = libnet_init_JoinCtx(p->mem_ctx, &j); + if (!W_ERROR_IS_OK(werr)) { + return werr; + } + + j->in.dc_name = info->domain_controller_name; + j->in.domain_name = r->in.domain_name; + j->in.account_ou = r->in.account_ou; + j->in.join_flags = r->in.join_flags; + j->in.admin_account = admin_account; + j->in.admin_password = cleartext_pwd; + j->in.modify_config = true; + + become_root(); + werr = libnet_Join(p->mem_ctx, j); + unbecome_root(); + + return werr; +#endif p->rng_fault_state = True; return WERR_NOT_SUPPORTED; } |