diff options
author | Alexander Bokovoy <ab@samba.org> | 2008-02-06 08:58:20 +0300 |
---|---|---|
committer | Alexander Bokovoy <ab@samba.org> | 2008-02-06 08:58:20 +0300 |
commit | d022ed3eecbe4c3bd0c93ee09608c43048e6881a (patch) | |
tree | e1d22eead92455edbcccbd291694bf7354b83b5b /source3 | |
parent | d3ee93596f574be2d0263efb92b2c38cf47a1a9d (diff) | |
parent | b3f48266f353fb93fee35bdcadaec3abc0fe0122 (diff) | |
download | samba-d022ed3eecbe4c3bd0c93ee09608c43048e6881a.tar.gz samba-d022ed3eecbe4c3bd0c93ee09608c43048e6881a.tar.bz2 samba-d022ed3eecbe4c3bd0c93ee09608c43048e6881a.zip |
Merge branch 'v3-2-test' of ssh://git.samba.org/data/git/samba into dmapi-integration
(This used to be commit f59d3786abcc53065c838a2fa82ec2f4b577b16f)
Diffstat (limited to 'source3')
96 files changed, 3761 insertions, 8964 deletions
diff --git a/source3/auth/auth.c b/source3/auth/auth.c index 0a9ae32472..05bb6a5af0 100644 --- a/source3/auth/auth.c +++ b/source3/auth/auth.c @@ -458,7 +458,9 @@ NTSTATUS make_auth_context_subsystem(struct auth_context **auth_context) char **auth_method_list = NULL; NTSTATUS nt_status; - if (lp_auth_methods() && !str_list_copy(&auth_method_list, lp_auth_methods())) { + if (lp_auth_methods() + && !str_list_copy(talloc_tos(), &auth_method_list, + lp_auth_methods())) { return NT_STATUS_NO_MEMORY; } @@ -467,38 +469,52 @@ NTSTATUS make_auth_context_subsystem(struct auth_context **auth_context) { case SEC_DOMAIN: DEBUG(5,("Making default auth method list for security=domain\n")); - auth_method_list = str_list_make("guest sam winbind:ntdomain", NULL); + auth_method_list = str_list_make( + talloc_tos(), "guest sam winbind:ntdomain", + NULL); break; case SEC_SERVER: DEBUG(5,("Making default auth method list for security=server\n")); - auth_method_list = str_list_make("guest sam smbserver", NULL); + auth_method_list = str_list_make( + talloc_tos(), "guest sam smbserver", + NULL); break; case SEC_USER: if (lp_encrypted_passwords()) { if ((lp_server_role() == ROLE_DOMAIN_PDC) || (lp_server_role() == ROLE_DOMAIN_BDC)) { DEBUG(5,("Making default auth method list for DC, security=user, encrypt passwords = yes\n")); - auth_method_list = str_list_make("guest sam winbind:trustdomain", NULL); + auth_method_list = str_list_make( + talloc_tos(), + "guest sam winbind:trustdomain", + NULL); } else { DEBUG(5,("Making default auth method list for standalone security=user, encrypt passwords = yes\n")); - auth_method_list = str_list_make("guest sam", NULL); + auth_method_list = str_list_make( + talloc_tos(), "guest sam", + NULL); } } else { DEBUG(5,("Making default auth method list for security=user, encrypt passwords = no\n")); - auth_method_list = str_list_make("guest unix", NULL); + auth_method_list = str_list_make( + talloc_tos(), "guest unix", NULL); } break; case SEC_SHARE: if (lp_encrypted_passwords()) { DEBUG(5,("Making default auth method list for security=share, encrypt passwords = yes\n")); - auth_method_list = str_list_make("guest sam", NULL); + auth_method_list = str_list_make( + talloc_tos(), "guest sam", NULL); } else { DEBUG(5,("Making default auth method list for security=share, encrypt passwords = no\n")); - auth_method_list = str_list_make("guest unix", NULL); + auth_method_list = str_list_make( + talloc_tos(), "guest unix", NULL); } break; case SEC_ADS: DEBUG(5,("Making default auth method list for security=ADS\n")); - auth_method_list = str_list_make("guest sam winbind:ntdomain", NULL); + auth_method_list = str_list_make( + talloc_tos(), "guest sam winbind:ntdomain", + NULL); break; default: DEBUG(5,("Unknown auth method!\n")); @@ -508,12 +524,10 @@ NTSTATUS make_auth_context_subsystem(struct auth_context **auth_context) DEBUG(5,("Using specified auth order\n")); } - if (!NT_STATUS_IS_OK(nt_status = make_auth_context_text_list(auth_context, auth_method_list))) { - str_list_free(&auth_method_list); - return nt_status; - } - - str_list_free(&auth_method_list); + nt_status = make_auth_context_text_list(auth_context, + auth_method_list); + + TALLOC_FREE(auth_method_list); return nt_status; } diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c index 1ab0c8b3eb..66504a8a52 100644 --- a/source3/auth/auth_sam.c +++ b/source3/auth/auth_sam.c @@ -122,7 +122,7 @@ static bool logon_hours_ok(struct samu *sampass) } /**************************************************************************** - Do a specific test for a struct samu being vaild for this connection + Do a specific test for a struct samu being valid for this connection (ie not disabled, expired and the like). ****************************************************************************/ diff --git a/source3/client/client.c b/source3/client/client.c index c934310491..1c85a6dafc 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -4422,9 +4422,30 @@ static void readline_callback(void) session keepalives and then drop them here. */ if (FD_ISSET(cli->fd,&fds)) { - if (receive_smb_raw(cli->fd,cli->inbuf,0,0,&cli->smb_rw_error) == -1) { - DEBUG(0, ("Read from server failed, maybe it closed the " - "connection\n")); + NTSTATUS status; + size_t len; + + set_smb_read_error(&cli->smb_rw_error, SMB_READ_OK); + + status = receive_smb_raw(cli->fd, cli->inbuf, 0, 0, &len); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("Read from server failed, maybe it closed " + "the connection\n")); + + if (NT_STATUS_EQUAL(status, NT_STATUS_END_OF_FILE)) { + set_smb_read_error(&cli->smb_rw_error, + SMB_READ_EOF); + return; + } + + if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) { + set_smb_read_error(&cli->smb_rw_error, + SMB_READ_TIMEOUT); + return; + } + + set_smb_read_error(&cli->smb_rw_error, SMB_READ_ERROR); return; } if(CVAL(cli->inbuf,0) != SMBkeepalive) { diff --git a/source3/configure.in b/source3/configure.in index a054590b96..4bfb1db02e 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -965,6 +965,7 @@ AC_CHECK_HEADERS(sys/sysmacros.h) AC_CHECK_HEADERS(sys/syslog.h syslog.h) AC_CHECK_HEADERS(langinfo.h locale.h) AC_CHECK_HEADERS(xfs/libxfs.h) +AC_CHECK_HEADERS(netgroup.h) AC_CHECK_HEADERS(rpcsvc/yp_prot.h,,,[[ #if HAVE_RPC_RPC_H diff --git a/source3/dynconfig.c b/source3/dynconfig.c index ab0dd48da7..57008ece44 100644 --- a/source3/dynconfig.c +++ b/source3/dynconfig.c @@ -64,6 +64,11 @@ static char *dyn_##name; \ }\ dyn_##name = SMB_STRDUP(newpath);\ return dyn_##name;\ +}\ +\ + bool is_default_dyn_##name(void) \ +{\ + return (dyn_##name == NULL);\ } DEFINE_DYN_CONFIG_PARAM(SBINDIR) diff --git a/source3/include/dynconfig.h b/source3/include/dynconfig.h index bb7e2c20f4..fac027ccfe 100644 --- a/source3/include/dynconfig.h +++ b/source3/include/dynconfig.h @@ -41,42 +41,60 @@ extern char dyn_PRIVATE_DIR[1024]; const char *get_dyn_SBINDIR(void); const char *set_dyn_SBINDIR(const char *newpath); +bool is_default_dyn_SBINDIR(void); const char *get_dyn_BINDIR(void); const char *set_dyn_BINDIR(const char *newpath); +bool is_default_dyn_BINDIR(void); const char *get_dyn_SWATDIR(void); const char *set_dyn_SWATDIR(const char *newpath); +bool is_default_dyn_SWATDIR(void); const char *get_dyn_CONFIGFILE(void); const char *set_dyn_CONFIGFILE(const char *newpath); +bool is_default_dyn_CONFIGFILE(void); -const char *get_dyn_dyn_LOGFILEBASE(void); -const char *set_dyn_dyn_LOGFILEBASE(const char *newpath); +const char *get_dyn_LOGFILEBASE(void); +const char *set_dyn_LOGFILEBASE(const char *newpath); +bool is_default_dyn_LOGFILEBASE(void); const char *get_dyn_LMHOSTSFILE(void); const char *set_dyn_LMHOSTSFILE(const char *newpath); +bool is_default_dyn_LOGFILEBASE(void); const char *get_dyn_CODEPAGEDIR(void); const char *set_dyn_CODEPAGEDIR(const char *newpath); +bool is_default_dyn_CODEPAGEDIR(void); const char *get_dyn_LIBDIR(void); const char *set_dyn_LIBDIR(const char *newpath); +bool is_default_dyn_LIBDIR(void); const char *get_dyn_SHLIBEXT(void); const char *set_dyn_SHLIBEXT(const char *newpath); +bool is_default_dyn_SHLIBEXT(void); const char *get_dyn_LOCKDIR(void); const char *set_dyn_LOCKDIR(const char *newpath); +bool is_default_dyn_LOCKDIR(void); const char *get_dyn_PIDDIR(void); const char *set_dyn_PIDDIR(const char *newpath); +bool is_default_dyn_PIDDIR(void); const char *get_dyn_SMB_PASSWD_FILE(void); const char *set_dyn_SMB_PASSWD_FILE(const char *newpath); +bool is_default_dyn_SMB_PASSWD_FILE(void); const char *get_dyn_PRIVATE_DIR(void); const char *set_dyn_PRIVATE_DIR(const char *newpath); +bool is_default_dyn_PRIVATE_DIR(void); const char *get_dyn_STATEDIR(void); +const char *set_dyn_STATEDIR(const char *newpath); +bool is_default_dyn_STATEDIR(void); + const char *get_dyn_CACHEDIR(void); +const char *set_dyn_CACHEDIR(const char *newpath); +bool is_default_dyn_CACHEDIR(bool); diff --git a/source3/include/includes.h b/source3/include/includes.h index b7fcc10ab1..041c431a58 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -250,6 +250,10 @@ typedef int ber_int_t; #include <langinfo.h> #endif +#if HAVE_NETGROUP_H +#include <netgroup.h> +#endif + #if defined(HAVE_AIO_H) && defined(WITH_AIO) #include <aio.h> #endif diff --git a/source3/include/rpc_eventlog.h b/source3/include/rpc_eventlog.h index 9ec76a071c..3f5d03ed63 100644 --- a/source3/include/rpc_eventlog.h +++ b/source3/include/rpc_eventlog.h @@ -60,51 +60,6 @@ typedef struct elog_tdb { /***********************************/ -typedef struct { - uint16 unknown1; - uint16 unknown2; -} EVENTLOG_OPEN_UNKNOWN0; - -typedef struct { - EVENTLOG_OPEN_UNKNOWN0 *unknown0; - UNISTR4 logname; - UNISTR4 servername; - uint32 unknown1; - uint32 unknown2; -} EVENTLOG_Q_OPEN_EVENTLOG; - -typedef struct { - POLICY_HND handle; - NTSTATUS status; -} EVENTLOG_R_OPEN_EVENTLOG; - - -/***********************************/ - -typedef struct { - POLICY_HND handle; -} EVENTLOG_Q_GET_NUM_RECORDS; - -typedef struct { - uint32 num_records; - NTSTATUS status; -} EVENTLOG_R_GET_NUM_RECORDS; - - -/***********************************/ - -typedef struct { - POLICY_HND handle; -} EVENTLOG_Q_GET_OLDEST_ENTRY; - -typedef struct { - uint32 oldest_entry; - NTSTATUS status; -} EVENTLOG_R_GET_OLDEST_ENTRY; - - -/***********************************/ - typedef struct { POLICY_HND handle; @@ -165,16 +120,4 @@ typedef struct { NTSTATUS status; } EVENTLOG_R_READ_EVENTLOG; - -/***********************************/ - -typedef struct { - POLICY_HND handle; - UNISTR4 backupfile; -} EVENTLOG_Q_CLEAR_EVENTLOG; - -typedef struct { - NTSTATUS status; -} EVENTLOG_R_CLEAR_EVENTLOG; - #endif /* _RPC_EVENTLOG_H */ diff --git a/source3/include/rpc_lsa.h b/source3/include/rpc_lsa.h index 371c3ebd11..2825efc038 100644 --- a/source3/include/rpc_lsa.h +++ b/source3/include/rpc_lsa.h @@ -270,24 +270,6 @@ typedef struct lsa_r_open_pol2_info POLICY_VIEW_LOCAL_INFORMATION |\ POLICY_LOOKUP_NAMES ) -/* LSA_Q_QUERY_SEC_OBJ - LSA query security */ -typedef struct lsa_query_sec_obj_info -{ - POLICY_HND pol; /* policy handle */ - uint32 sec_info; - -} LSA_Q_QUERY_SEC_OBJ; - -/* LSA_R_QUERY_SEC_OBJ - probably an open */ -typedef struct r_lsa_query_sec_obj_info -{ - uint32 ptr; - SEC_DESC_BUF *buf; - - NTSTATUS status; /* return status */ - -} LSA_R_QUERY_SEC_OBJ; - /* LSA_Q_QUERY_INFO - LSA query info policy */ typedef struct lsa_query_info { @@ -926,14 +908,4 @@ typedef struct lsa_r_removeprivs NTSTATUS status; } LSA_R_REMOVEPRIVS; -/*******************************************************/ - -typedef struct { - POLICY_HND handle; -} LSA_Q_DELETE_OBJECT; - -typedef struct { - NTSTATUS status; -} LSA_R_DELETE_OBJECT; - #endif /* _RPC_LSA_H */ diff --git a/source3/include/rpc_samr.h b/source3/include/rpc_samr.h index 1f6cb95b5a..971a1a7489 100644 --- a/source3/include/rpc_samr.h +++ b/source3/include/rpc_samr.h @@ -445,88 +445,6 @@ typedef struct sam_user_info_9 } SAM_USER_INFO_9; -/**************************************************************************** -SAMR_Q_GET_USRDOM_PWINFO - a "set user info" occurs just after this -*****************************************************************************/ - -/* SAMR_Q_GET_USRDOM_PWINFO */ -typedef struct q_samr_usrdom_pwinfo_info -{ - POLICY_HND user_pol; /* policy handle */ - -} SAMR_Q_GET_USRDOM_PWINFO; - - -/**************************************************************************** -SAMR_R_GET_USRDOM_PWINFO - a "set user info" occurs just after this -*****************************************************************************/ - -/* SAMR_R_GET_USRDOM_PWINFO */ -typedef struct r_samr_usrdom_pwinfo_info -{ - uint16 min_pwd_length; - uint16 unknown_1; /* 0x0016 or 0x0015 */ - uint32 password_properties; - NTSTATUS status; - -} SAMR_R_GET_USRDOM_PWINFO; - -/**************************************************************************** -SAMR_Q_SET_SEC_OBJ - info level 4. -*****************************************************************************/ - -/* SAMR_Q_SET_SEC_OBJ - */ -typedef struct q_samr_set_sec_obj_info -{ - POLICY_HND pol; /* policy handle */ - uint32 sec_info; /* xxxx_SECURITY_INFORMATION 0x0000 0004 */ - SEC_DESC_BUF *buf; - -} SAMR_Q_SET_SEC_OBJ; - -/* SAMR_R_SET_SEC_OBJ - */ -typedef struct r_samr_set_sec_obj_info -{ - NTSTATUS status; /* return status */ - -} SAMR_R_SET_SEC_OBJ; - - -/**************************************************************************** -SAMR_Q_QUERY_SEC_OBJ - info level 4. returns SIDs. -*****************************************************************************/ - -/* SAMR_Q_QUERY_SEC_OBJ - probably get domain info... */ -typedef struct q_samr_query_sec_obj_info -{ - POLICY_HND user_pol; /* policy handle */ - uint32 sec_info; /* xxxx_SECURITY_INFORMATION 0x0000 0004 */ - -} SAMR_Q_QUERY_SEC_OBJ; - -/* SAMR_R_QUERY_SEC_OBJ - probably an open */ -typedef struct r_samr_query_sec_obj_info -{ - uint32 ptr; - SEC_DESC_BUF *buf; - - NTSTATUS status; /* return status */ - -} SAMR_R_QUERY_SEC_OBJ; - - -/**************************************************************************** -SAMR_Q_QUERY_DOMAIN_INFO - probably a query on domain group info. -*****************************************************************************/ - -/* SAMR_Q_QUERY_DOMAIN_INFO - */ -typedef struct q_samr_query_domain_info -{ - POLICY_HND domain_pol; /* policy handle */ - uint16 switch_value; /* 0x0002, 0x0001 */ - -} SAMR_Q_QUERY_DOMAIN_INFO; - typedef struct sam_unknown_info_1_inf { uint16 min_length_password; @@ -537,32 +455,6 @@ typedef struct sam_unknown_info_1_inf } SAM_UNK_INFO_1; -typedef struct sam_unknown_info_2_inf -{ - NTTIME logout; /* whether users are forcibly disconnected when logon hours expire */ - UNIHDR hdr_comment; /* comment according to samba4 idl */ - UNIHDR hdr_domain; /* domain name unicode header */ - UNIHDR hdr_server; /* server name unicode header */ - - /* put all the data in here, at the moment, including what the above - pointer is referring to - */ - - uint64 seq_num; - - uint32 unknown_4; /* 0x0000 0001 */ - uint32 server_role; - uint32 unknown_6; /* 0x0000 0001 */ - uint32 num_domain_usrs; /* number of users in domain */ - uint32 num_domain_grps; /* number of domain groups in domain */ - uint32 num_local_grps; /* number of local groups in domain */ - - UNISTR2 uni_comment; /* comment unicode string */ - UNISTR2 uni_domain; /* domain name unicode string */ - UNISTR2 uni_server; /* server name unicode string */ - -} SAM_UNK_INFO_2; - typedef struct sam_unknown_info_3_info { NTTIME logout; @@ -571,144 +463,6 @@ typedef struct sam_unknown_info_3_info } SAM_UNK_INFO_3; -typedef struct sam_unknown_info_4_inf -{ - UNIHDR hdr_comment; /* comment according to samba4 idl */ - UNISTR2 uni_comment; /* comment unicode string */ - -} SAM_UNK_INFO_4; - -typedef struct sam_unknown_info_5_inf -{ - UNIHDR hdr_domain; /* domain name unicode header */ - UNISTR2 uni_domain; /* domain name unicode string */ - -} SAM_UNK_INFO_5; - -typedef struct sam_unknown_info_6_info -{ - UNIHDR hdr_server; /* server name unicode header */ - UNISTR2 uni_server; /* server name unicode string */ - -} SAM_UNK_INFO_6; - -typedef struct sam_unknown_info_7_info -{ - uint16 server_role; - -} SAM_UNK_INFO_7; - -typedef struct sam_unknown_info_8_info -{ - uint64 seq_num; - NTTIME domain_create_time; - -} SAM_UNK_INFO_8; - -typedef struct sam_unknown_info_9_info -{ - uint32 unknown; - -} SAM_UNK_INFO_9; - -typedef struct sam_unknown_info_12_inf -{ - NTTIME duration; - NTTIME reset_count; - uint16 bad_attempt_lockout; - -} SAM_UNK_INFO_12; - -typedef struct sam_unknown_info_13_info -{ - uint64 seq_num; - NTTIME domain_create_time; - uint32 unknown1; - uint32 unknown2; - -} SAM_UNK_INFO_13; - -typedef struct sam_unknown_ctr_info -{ - union - { - SAM_UNK_INFO_1 inf1; - SAM_UNK_INFO_2 inf2; - SAM_UNK_INFO_3 inf3; - SAM_UNK_INFO_4 inf4; - SAM_UNK_INFO_5 inf5; - SAM_UNK_INFO_6 inf6; - SAM_UNK_INFO_7 inf7; - SAM_UNK_INFO_8 inf8; - SAM_UNK_INFO_9 inf9; - SAM_UNK_INFO_12 inf12; - SAM_UNK_INFO_13 inf13; - - } info; - -} SAM_UNK_CTR; - - -/* SAMR_R_QUERY_DOMAIN_INFO - */ -typedef struct r_samr_query_domain_info -{ - uint32 ptr_0; - uint16 switch_value; /* same as in query */ - - SAM_UNK_CTR *ctr; - - NTSTATUS status; /* return status */ - -} SAMR_R_QUERY_DOMAIN_INFO; - - -/* SAMR_Q_LOOKUP_DOMAIN - obtain SID for a local domain */ -typedef struct q_samr_lookup_domain_info -{ - POLICY_HND connect_pol; - - UNIHDR hdr_domain; - UNISTR2 uni_domain; - -} SAMR_Q_LOOKUP_DOMAIN; - - -/* SAMR_R_LOOKUP_DOMAIN */ -typedef struct r_samr_lookup_domain_info -{ - uint32 ptr_sid; - DOM_SID2 dom_sid; - - NTSTATUS status; - -} SAMR_R_LOOKUP_DOMAIN; - - -/**************************************************************************** -SAMR_Q_OPEN_DOMAIN - unknown_0 values seen associated with SIDs: - -0x0000 03f1 and a specific domain sid - S-1-5-21-44c01ca6-797e5c3d-33f83fd0 -0x0000 0200 and a specific domain sid - S-1-5-21-44c01ca6-797e5c3d-33f83fd0 -*****************************************************************************/ - -/* SAMR_Q_OPEN_DOMAIN */ -typedef struct q_samr_open_domain_info -{ - POLICY_HND pol; /* policy handle */ - uint32 flags; /* 0x2000 0000; 0x0000 0211; 0x0000 0280; 0x0000 0200 - flags? */ - DOM_SID2 dom_sid; /* domain SID */ - -} SAMR_Q_OPEN_DOMAIN; - - -/* SAMR_R_OPEN_DOMAIN - probably an open */ -typedef struct r_samr_open_domain_info -{ - POLICY_HND domain_pol; /* policy handle associated with the SID */ - NTSTATUS status; /* return status */ - -} SAMR_R_OPEN_DOMAIN; - #define MAX_SAM_ENTRIES_W2K 0x400 #define MAX_SAM_ENTRIES_W95 50 /* The following should be the greater of the preceeding two. */ @@ -1059,45 +813,6 @@ typedef struct r_samr_get_dispenum_index } SAMR_R_GET_DISPENUM_INDEX; -/* SAMR_Q_DELETE_DOM_GROUP - delete domain group */ -typedef struct q_samr_delete_dom_group_info -{ - POLICY_HND group_pol; /* policy handle */ - -} SAMR_Q_DELETE_DOM_GROUP; - - -/* SAMR_R_DELETE_DOM_GROUP - delete domain group */ -typedef struct r_samr_delete_dom_group_info -{ - POLICY_HND pol; /* policy handle */ - NTSTATUS status; /* return status */ - -} SAMR_R_DELETE_DOM_GROUP; - - -/* SAMR_Q_CREATE_DOM_GROUP - SAM create group */ -typedef struct q_samr_create_dom_group_info -{ - POLICY_HND pol; /* policy handle */ - - UNIHDR hdr_acct_desc; - UNISTR2 uni_acct_desc; - - uint32 access_mask; - -} SAMR_Q_CREATE_DOM_GROUP; - -/* SAMR_R_CREATE_DOM_GROUP - SAM create group */ -typedef struct r_samr_create_dom_group_info -{ - POLICY_HND pol; /* policy handle */ - - uint32 rid; - NTSTATUS status; - -} SAMR_R_CREATE_DOM_GROUP; - /* SAMR_Q_QUERY_GROUPINFO - SAM Group Info */ typedef struct q_samr_query_group_info { @@ -1201,46 +916,6 @@ typedef struct r_samr_set_group_info } SAMR_R_SET_GROUPINFO; -/* SAMR_Q_DELETE_DOM_ALIAS - delete domain alias */ -typedef struct q_samr_delete_dom_alias_info -{ - POLICY_HND alias_pol; /* policy handle */ - -} SAMR_Q_DELETE_DOM_ALIAS; - - -/* SAMR_R_DELETE_DOM_ALIAS - delete domain alias */ -typedef struct r_samr_delete_dom_alias_info -{ - POLICY_HND pol; /* policy handle */ - NTSTATUS status; /* return status */ - -} SAMR_R_DELETE_DOM_ALIAS; - - -/* SAMR_Q_CREATE_DOM_ALIAS - SAM create alias */ -typedef struct q_samr_create_dom_alias_info -{ - POLICY_HND dom_pol; /* policy handle */ - - UNIHDR hdr_acct_desc; - UNISTR2 uni_acct_desc; - - uint32 access_mask; /* 0x001f000f */ - -} SAMR_Q_CREATE_DOM_ALIAS; - -/* SAMR_R_CREATE_DOM_ALIAS - SAM create alias */ -typedef struct r_samr_create_dom_alias_info -{ - POLICY_HND alias_pol; /* policy handle */ - - uint32 rid; - NTSTATUS status; - -} SAMR_R_CREATE_DOM_ALIAS; - - /********************************************************/ typedef struct { @@ -1391,42 +1066,6 @@ typedef struct r_samr_query_user_info /**************************************************************************** -SAMR_Q_QUERY_USERALIASES - do a conversion from name to RID. - -the policy handle allocated by an "samr open secret" call is associated -with a SID. this policy handle is what is queried here, *not* the SID -itself. the response to the lookup rids is relative to this SID. -*****************************************************************************/ -/* SAMR_Q_QUERY_USERALIASES */ -typedef struct q_samr_query_useraliases_info -{ - POLICY_HND pol; /* policy handle */ - - uint32 num_sids1; /* number of rids being looked up */ - uint32 ptr; /* buffer pointer */ - uint32 num_sids2; /* number of rids being looked up */ - - uint32 *ptr_sid; /* pointers to sids to be looked up */ - DOM_SID2 *sid ; /* sids to be looked up. */ - -} SAMR_Q_QUERY_USERALIASES; - - -/* SAMR_R_QUERY_USERALIASES */ -typedef struct r_samr_query_useraliases_info -{ - uint32 num_entries; - uint32 ptr; /* undocumented buffer pointer */ - - uint32 num_entries2; - uint32 *rid; /* domain RIDs being looked up */ - - NTSTATUS status; /* return code */ - -} SAMR_R_QUERY_USERALIASES; - - -/**************************************************************************** SAMR_Q_LOOKUP_NAMES - do a conversion from Names to RIDs+types. *****************************************************************************/ /* SAMR_Q_LOOKUP_NAMES */ @@ -1510,302 +1149,6 @@ typedef struct r_samr_lookup_rids_info } SAMR_R_LOOKUP_RIDS; -/* SAMR_Q_OPEN_USER - probably an open */ -typedef struct q_samr_open_user_info -{ - POLICY_HND domain_pol; /* policy handle */ - uint32 access_mask; /* 32 bit unknown - 0x02011b */ - uint32 user_rid; /* user RID */ - -} SAMR_Q_OPEN_USER; - - -/* SAMR_R_OPEN_USER - probably an open */ -typedef struct r_samr_open_user_info -{ - POLICY_HND user_pol; /* policy handle associated with unknown id */ - NTSTATUS status; /* return status */ - -} SAMR_R_OPEN_USER; - - -/* SAMR_Q_CREATE_USER - probably a create */ -typedef struct q_samr_create_user_info -{ - POLICY_HND domain_pol; /* policy handle */ - - UNIHDR hdr_name; /* unicode account name header */ - UNISTR2 uni_name; /* unicode account name */ - - uint32 acb_info; /* account control info */ - uint32 acct_flags; /* 0xe005 00b0 */ - -} SAMR_Q_CREATE_USER; - - -/* SAMR_R_CREATE_USER - probably a create */ -typedef struct r_samr_create_user_info -{ - POLICY_HND user_pol; /* policy handle associated with user */ - - uint32 access_granted; - uint32 user_rid; /* user RID */ - NTSTATUS status; /* return status */ - -} SAMR_R_CREATE_USER; - - -/* SAMR_Q_DELETE_DOM_USER - delete domain user */ -typedef struct q_samr_delete_dom_user_info -{ - POLICY_HND user_pol; /* policy handle */ - -} SAMR_Q_DELETE_DOM_USER; - - -/* SAMR_R_DELETE_DOM_USER - delete domain user */ -typedef struct r_samr_delete_dom_user_info -{ - POLICY_HND pol; /* policy handle */ - NTSTATUS status; /* return status */ - -} SAMR_R_DELETE_DOM_USER; - - -/* SAMR_Q_QUERY_GROUPMEM - query group members */ -typedef struct q_samr_query_groupmem_info -{ - POLICY_HND group_pol; /* policy handle */ - -} SAMR_Q_QUERY_GROUPMEM; - - -/* SAMR_R_QUERY_GROUPMEM - query group members */ -typedef struct r_samr_query_groupmem_info -{ - uint32 ptr; - uint32 num_entries; - - uint32 ptr_rids; - uint32 ptr_attrs; - - uint32 num_rids; - uint32 *rid; - - uint32 num_attrs; - uint32 *attr; - - NTSTATUS status; - -} SAMR_R_QUERY_GROUPMEM; - - -/* SAMR_Q_DEL_GROUPMEM - probably an del group member */ -typedef struct q_samr_del_group_mem_info -{ - POLICY_HND pol; /* policy handle */ - uint32 rid; /* rid */ - -} SAMR_Q_DEL_GROUPMEM; - - -/* SAMR_R_DEL_GROUPMEM - probably an del group member */ -typedef struct r_samr_del_group_mem_info -{ - NTSTATUS status; /* return status */ - -} SAMR_R_DEL_GROUPMEM; - - -/* SAMR_Q_ADD_GROUPMEM - probably an add group member */ -typedef struct q_samr_add_group_mem_info -{ - POLICY_HND pol; /* policy handle */ - - uint32 rid; /* rid */ - uint32 unknown; /* 0x0000 0005 */ - -} SAMR_Q_ADD_GROUPMEM; - - -/* SAMR_R_ADD_GROUPMEM - probably an add group member */ -typedef struct r_samr_add_group_mem_info -{ - NTSTATUS status; /* return status */ - -} SAMR_R_ADD_GROUPMEM; - - -/* SAMR_Q_OPEN_GROUP - probably an open */ -typedef struct q_samr_open_group_info -{ - POLICY_HND domain_pol; /* policy handle */ - uint32 access_mask; /* 0x0000 0001, 0x0000 0003, 0x0000 001f */ - uint32 rid_group; /* rid */ - -} SAMR_Q_OPEN_GROUP; - - -/* SAMR_R_OPEN_GROUP - probably an open */ -typedef struct r_samr_open_group_info -{ - POLICY_HND pol; /* policy handle */ - NTSTATUS status; /* return status */ - -} SAMR_R_OPEN_GROUP; - - -/* SAMR_Q_QUERY_ALIASMEM - query alias members */ -typedef struct q_samr_query_aliasmem_info -{ - POLICY_HND alias_pol; /* policy handle */ - -} SAMR_Q_QUERY_ALIASMEM; - - -/* SAMR_R_QUERY_ALIASMEM - query alias members */ -typedef struct r_samr_query_aliasmem_info -{ - uint32 num_sids; - uint32 ptr; - uint32 num_sids1; - - DOM_SID2 *sid; - - NTSTATUS status; - -} SAMR_R_QUERY_ALIASMEM; - - -/* SAMR_Q_ADD_ALIASMEM - add alias member */ -typedef struct q_samr_add_alias_mem_info -{ - POLICY_HND alias_pol; /* policy handle */ - - DOM_SID2 sid; /* member sid to be added to the alias */ - -} SAMR_Q_ADD_ALIASMEM; - - -/* SAMR_R_ADD_ALIASMEM - add alias member */ -typedef struct r_samr_add_alias_mem_info -{ - NTSTATUS status; /* return status */ - -} SAMR_R_ADD_ALIASMEM; - - -/* SAMR_Q_DEL_ALIASMEM - add an add alias member */ -typedef struct q_samr_del_alias_mem_info -{ - POLICY_HND alias_pol; /* policy handle */ - - DOM_SID2 sid; /* member sid to be added to alias */ - -} SAMR_Q_DEL_ALIASMEM; - - -/* SAMR_R_DEL_ALIASMEM - delete alias member */ -typedef struct r_samr_del_alias_mem_info -{ - NTSTATUS status; /* return status */ - -} SAMR_R_DEL_ALIASMEM; - - - -/* SAMR_Q_OPEN_ALIAS - probably an open */ -typedef struct q_samr_open_alias_info -{ - POLICY_HND dom_pol; - - uint32 access_mask; - uint32 rid_alias; - -} SAMR_Q_OPEN_ALIAS; - - -/* SAMR_R_OPEN_ALIAS - probably an open */ -typedef struct r_samr_open_alias_info -{ - POLICY_HND pol; /* policy handle */ - NTSTATUS status; /* return status */ - -} SAMR_R_OPEN_ALIAS; - - -/* SAMR_Q_CONNECT_ANON - probably an open */ -typedef struct q_samr_connect_anon_info { - uint32 ptr; /* ptr? */ - uint16 unknown_0; /* Only pushed if ptr is non-zero. */ - uint32 access_mask; -} SAMR_Q_CONNECT_ANON; - -/* SAMR_R_CONNECT_ANON - probably an open */ -typedef struct r_samr_connect_anon_info -{ - POLICY_HND connect_pol; /* policy handle */ - NTSTATUS status; /* return status */ - -} SAMR_R_CONNECT_ANON; - -/* SAMR_Q_CONNECT - probably an open */ -typedef struct q_samr_connect_info -{ - uint32 ptr_srv_name; /* pointer (to server name?) */ - UNISTR2 uni_srv_name; /* unicode server name starting with '\\' */ - - uint32 access_mask; - -} SAMR_Q_CONNECT; - - -/* SAMR_R_CONNECT - probably an open */ -typedef struct r_samr_connect_info -{ - POLICY_HND connect_pol; /* policy handle */ - NTSTATUS status; /* return status */ - -} SAMR_R_CONNECT; - -/* SAMR_Q_CONNECT4 */ -typedef struct q_samr_connect4_info -{ - uint32 ptr_srv_name; /* pointer to server name */ - UNISTR2 uni_srv_name; - - uint32 unk_0; /* possible server name type, 1 for IP num, 2 for name */ - uint32 access_mask; -} SAMR_Q_CONNECT4; - -/* SAMR_R_CONNECT4 - same format as connect */ -typedef struct r_samr_connect_info SAMR_R_CONNECT4; - -/* SAMR_Q_CONNECT5 */ -typedef struct q_samr_connect5_info -{ - uint32 ptr_srv_name; /* pointer to server name */ - UNISTR2 uni_srv_name; - uint32 access_mask; - uint32 level; - /* These following are acutally a level dependent - value. Fudge it for now. JRA */ - uint32 info1_unk1; - uint32 info1_unk2; -} SAMR_Q_CONNECT5; - -/* SAMR_R_CONNECT5 */ -typedef struct r_samr_connect_info5 -{ - uint32 level; - uint32 info1_unk1; - uint32 info1_unk2; - POLICY_HND connect_pol; /* policy handle */ - NTSTATUS status; /* return status */ - -} SAMR_R_CONNECT5; - - /* SAMR_ENC_PASSWD */ typedef struct enc_passwd_info { @@ -1894,25 +1237,6 @@ typedef struct r_samr_chgpasswd_user3 } SAMR_R_CHGPASSWD_USER3; - -/* SAMR_Q_REMOVE_SID_FOREIGN_DOMAIN */ -typedef struct q_samr_remove_sid_foreign_domain_info -{ - POLICY_HND dom_pol; /* policy handle */ - DOM_SID2 sid; /* SID */ - -} SAMR_Q_REMOVE_SID_FOREIGN_DOMAIN; - - -/* SAMR_R_REMOVE_SID_FOREIGN_DOMAIN */ -typedef struct r_samr_remove_sid_foreign_domain_info -{ - NTSTATUS status; /* return status */ - -} SAMR_R_REMOVE_SID_FOREIGN_DOMAIN; - - - /* these are from the old rpc_samr.h - they are needed while the merge is still going on */ #define MAX_SAM_SIDS 15 @@ -1927,39 +1251,4 @@ typedef struct sid_info_3 } DOM_SID3; -/* SAMR_Q_QUERY_DOMAIN_INFO2 */ -typedef struct q_samr_query_domain_info2 -{ - POLICY_HND domain_pol; /* policy handle */ - uint16 switch_value; - -} SAMR_Q_QUERY_DOMAIN_INFO2; - -/* SAMR_R_QUERY_DOMAIN_INFO2 */ -typedef struct r_samr_query_domain_info2 -{ - uint32 ptr_0; - uint16 switch_value; - SAM_UNK_CTR *ctr; - NTSTATUS status; /* return status */ - -} SAMR_R_QUERY_DOMAIN_INFO2; - -/* SAMR_Q_SET_DOMAIN_INFO */ -typedef struct q_samr_set_domain_info -{ - POLICY_HND domain_pol; /* policy handle */ - uint16 switch_value0; - uint16 switch_value; - SAM_UNK_CTR *ctr; - -} SAMR_Q_SET_DOMAIN_INFO; - -/* SAMR_R_SET_DOMAIN_INFO */ -typedef struct r_samr_set_domain_info -{ - NTSTATUS status; /* return status */ - -} SAMR_R_SET_DOMAIN_INFO; - #endif /* _RPC_SAMR_H */ diff --git a/source3/lib/charcnv.c b/source3/lib/charcnv.c index eeff805459..d11620ecd7 100644 --- a/source3/lib/charcnv.c +++ b/source3/lib/charcnv.c @@ -524,7 +524,7 @@ size_t convert_string(charset_t from, charset_t to, size_t convert_string_allocate(TALLOC_CTX *ctx, charset_t from, charset_t to, void const *src, size_t srclen, void *dst, bool allow_bad_conv) { - size_t i_len, o_len, destlen = MAX(srclen, 512); + size_t i_len, o_len, destlen = (srclen * 3) / 2; size_t retval; const char *inbuf = (const char *)src; char *outbuf = NULL, *ob = NULL; @@ -550,7 +550,8 @@ size_t convert_string_allocate(TALLOC_CTX *ctx, charset_t from, charset_t to, convert: - if ((destlen*2) < destlen) { + /* +2 is for ucs2 null termination. */ + if ((destlen*2)+2 < destlen) { /* wrapped ! abort. */ if (!conv_silent) DEBUG(0, ("convert_string_allocate: destlen wrapped !\n")); @@ -561,10 +562,11 @@ size_t convert_string_allocate(TALLOC_CTX *ctx, charset_t from, charset_t to, destlen = destlen * 2; } + /* +2 is for ucs2 null termination. */ if (ctx) { - ob = (char *)TALLOC_REALLOC(ctx, ob, destlen); + ob = (char *)TALLOC_REALLOC(ctx, ob, destlen + 2); } else { - ob = (char *)SMB_REALLOC(ob, destlen); + ob = (char *)SMB_REALLOC(ob, destlen + 2); } if (!ob) { @@ -619,10 +621,11 @@ size_t convert_string_allocate(TALLOC_CTX *ctx, charset_t from, charset_t to, * reallocs *cost*. JRA. */ if (o_len > 1024) { + /* We're shrinking here so we know the +2 is safe from wrap. */ if (ctx) { - ob = (char *)TALLOC_REALLOC(ctx,ob,destlen); + ob = (char *)TALLOC_REALLOC(ctx,ob,destlen + 2); } else { - ob = (char *)SMB_REALLOC(ob,destlen); + ob = (char *)SMB_REALLOC(ob,destlen + 2); } } @@ -632,6 +635,11 @@ size_t convert_string_allocate(TALLOC_CTX *ctx, charset_t from, charset_t to, } *dest = ob; + + /* Must ucs2 null terminate in the extra space we allocated. */ + ob[destlen] = '\0'; + ob[destlen+1] = '\0'; + return destlen; use_as_is: diff --git a/source3/lib/dbwrap_tdb.c b/source3/lib/dbwrap_tdb.c index 18f9495931..da55049e52 100644 --- a/source3/lib/dbwrap_tdb.c +++ b/source3/lib/dbwrap_tdb.c @@ -196,8 +196,15 @@ static NTSTATUS db_tdb_delete(struct db_record *rec) struct db_tdb_ctx *ctx = talloc_get_type_abort(rec->private_data, struct db_tdb_ctx); - return (tdb_delete(ctx->wtdb->tdb, rec->key) == 0) ? - NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; + if (tdb_delete(ctx->wtdb->tdb, rec->key) == 0) { + return NT_STATUS_OK; + } + + if (tdb_error(ctx->wtdb->tdb) == TDB_ERR_NOEXIST) { + return NT_STATUS_NOT_FOUND; + } + + return NT_STATUS_UNSUCCESSFUL; } struct db_tdb_traverse_ctx { diff --git a/source3/lib/debug.c b/source3/lib/debug.c index 51bb0d7541..9ff267b607 100644 --- a/source3/lib/debug.c +++ b/source3/lib/debug.c @@ -460,14 +460,14 @@ bool debug_parse_levels(const char *params_str) if (AllowDebugChange == False) return True; - params = str_list_make(params_str, NULL); + params = str_list_make(talloc_tos(), params_str, NULL); if (debug_parse_params(params)) { debug_dump_status(5); - str_list_free(¶ms); + TALLOC_FREE(params); return True; } else { - str_list_free(¶ms); + TALLOC_FREE(params); return False; } } diff --git a/source3/lib/popt_common.c b/source3/lib/popt_common.c index 5a9d39d181..7f7d23fa00 100644 --- a/source3/lib/popt_common.c +++ b/source3/lib/popt_common.c @@ -71,10 +71,19 @@ static void popt_common_callback(poptContext con, } if (reason == POPT_CALLBACK_REASON_POST) { - if (!PrintSambaVersionString) return; - printf( "Version %s\n", SAMBA_VERSION_STRING); - exit(0); + if (PrintSambaVersionString) { + printf( "Version %s\n", SAMBA_VERSION_STRING); + exit(0); + } + + if (is_default_dyn_CONFIGFILE()) { + if(getenv("SMB_CONF_PATH")) { + set_dyn_CONFIGFILE(getenv("SMB_CONF_PATH")); + } + } + + /* Further 'every Samba program must do this' hooks here. */ return; } diff --git a/source3/lib/replace/libreplace_ld.m4 b/source3/lib/replace/libreplace_ld.m4 index 2aec698967..f0d10c1e3e 100644 --- a/source3/lib/replace/libreplace_ld.m4 +++ b/source3/lib/replace/libreplace_ld.m4 @@ -289,6 +289,9 @@ AC_DEFUN([AC_LIBREPLACE_RUNTIME_LIB_PATH_VAR], *linux*) LIB_PATH_VAR=LD_LIBRARY_PATH ;; + *netbsd*) + LIB_PATH_VAR=LD_LIBRARY_PATH + ;; *solaris*) LIB_PATH_VAR=LD_LIBRARY_PATH ;; diff --git a/source3/lib/replace/system/network.h b/source3/lib/replace/system/network.h index fe6e46817f..aff8a841da 100644 --- a/source3/lib/replace/system/network.h +++ b/source3/lib/replace/system/network.h @@ -137,8 +137,15 @@ const char *rep_inet_ntop(int af, const void *src, char *dst, socklen_t size); #endif #ifndef AI_ADDRCONFIG +/* + * logic copied from AI_NUMERICHOST + */ +#if defined(HAVE_STRUCT_ADDRINFO) && defined(HAVE_GETADDRINFO) +#define AI_ADDRCONFIG 0 +#else #define AI_ADDRCONFIG 0x0020 #endif +#endif #ifndef AI_NUMERICSERV /* diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c index ced1130536..71d48d6053 100644 --- a/source3/lib/util_sock.c +++ b/source3/lib/util_sock.c @@ -112,7 +112,7 @@ static bool interpret_string_addr_internal(struct addrinfo **ppres, &hints, ppres); if (ret) { - DEBUG(3,("interpret_string_addr_interal: getaddrinfo failed " + DEBUG(3,("interpret_string_addr_internal: getaddrinfo failed " "for name %s [%s]\n", str, gai_strerror(ret) )); @@ -913,12 +913,10 @@ ssize_t read_udp_v4_socket(int fd, time_out = timeout in milliseconds ****************************************************************************/ -ssize_t read_socket_with_timeout(int fd, - char *buf, - size_t mincnt, - size_t maxcnt, - unsigned int time_out, - enum smb_read_errors *pre) +NTSTATUS read_socket_with_timeout(int fd, char *buf, + size_t mincnt, size_t maxcnt, + unsigned int time_out, + size_t *size_ret) { fd_set fds; int selrtn; @@ -929,9 +927,7 @@ ssize_t read_socket_with_timeout(int fd, /* just checking .... */ if (maxcnt <= 0) - return(0); - - set_smb_read_error(pre,SMB_READ_OK); + return NT_STATUS_OK; /* Blocking read */ if (time_out == 0) { @@ -945,8 +941,7 @@ ssize_t read_socket_with_timeout(int fd, if (readret == 0) { DEBUG(5,("read_socket_with_timeout: " "blocking read. EOF from client.\n")); - set_smb_read_error(pre,SMB_READ_EOF); - return -1; + return NT_STATUS_END_OF_FILE; } if (readret == -1) { @@ -962,12 +957,11 @@ ssize_t read_socket_with_timeout(int fd, "read error = %s.\n", strerror(errno) )); } - set_smb_read_error(pre,SMB_READ_ERROR); - return -1; + return map_nt_error_from_unix(errno); } nread += readret; } - return((ssize_t)nread); + goto done; } /* Most difficult - timeout read */ @@ -1001,16 +995,14 @@ ssize_t read_socket_with_timeout(int fd, "read. select error = %s.\n", strerror(errno) )); } - set_smb_read_error(pre,SMB_READ_ERROR); - return -1; + return map_nt_error_from_unix(errno); } /* Did we timeout ? */ if (selrtn == 0) { DEBUG(10,("read_socket_with_timeout: timeout read. " "select timed out.\n")); - set_smb_read_error(pre,SMB_READ_TIMEOUT); - return -1; + return NT_STATUS_IO_TIMEOUT; } readret = sys_read(fd, buf+nread, maxcnt-nread); @@ -1019,8 +1011,7 @@ ssize_t read_socket_with_timeout(int fd, /* we got EOF on the file descriptor */ DEBUG(5,("read_socket_with_timeout: timeout read. " "EOF from client.\n")); - set_smb_read_error(pre,SMB_READ_EOF); - return -1; + return NT_STATUS_END_OF_FILE; } if (readret == -1) { @@ -1037,24 +1028,27 @@ ssize_t read_socket_with_timeout(int fd, "read. read error = %s.\n", strerror(errno) )); } - set_smb_read_error(pre,SMB_READ_ERROR); - return -1; + return map_nt_error_from_unix(errno); } nread += readret; } + done: /* Return the number we got */ - return (ssize_t)nread; + if (size_ret) { + *size_ret = nread; + } + return NT_STATUS_OK; } /**************************************************************************** Read data from the client, reading exactly N bytes. ****************************************************************************/ -ssize_t read_data(int fd,char *buffer,size_t N, enum smb_read_errors *pre) +NTSTATUS read_data(int fd, char *buffer, size_t N) { - return read_socket_with_timeout(fd, buffer, N, N, 0, pre); + return read_socket_with_timeout(fd, buffer, N, N, 0, NULL); } /**************************************************************************** @@ -1116,28 +1110,29 @@ bool send_keepalive(int client) Timeout is in milliseconds. ****************************************************************************/ -ssize_t read_smb_length_return_keepalive(int fd, - char *inbuf, - unsigned int timeout, - enum smb_read_errors *pre) +NTSTATUS read_smb_length_return_keepalive(int fd, char *inbuf, + unsigned int timeout, + size_t *len) { - ssize_t len=0; int msg_type; + NTSTATUS status; - if (read_socket_with_timeout(fd, inbuf, 4, 4, timeout, pre) != 4) { - return -1; + status = read_socket_with_timeout(fd, inbuf, 4, 4, timeout, NULL); + + if (!NT_STATUS_IS_OK(status)) { + return status; } - len = smb_len(inbuf); + *len = smb_len(inbuf); msg_type = CVAL(inbuf,0); if (msg_type == SMBkeepalive) { DEBUG(5,("Got keepalive packet\n")); } - DEBUG(10,("got smb length of %lu\n",(unsigned long)len)); + DEBUG(10,("got smb length of %lu\n",(unsigned long)(*len))); - return len; + return NT_STATUS_OK; } /**************************************************************************** @@ -1147,24 +1142,27 @@ ssize_t read_smb_length_return_keepalive(int fd, Timeout is in milliseconds. ****************************************************************************/ -ssize_t read_smb_length(int fd, char *inbuf, unsigned int timeout, enum smb_read_errors *pre) +NTSTATUS read_smb_length(int fd, char *inbuf, unsigned int timeout, + size_t *len) { - ssize_t len; uint8_t msgtype = SMBkeepalive; while (msgtype == SMBkeepalive) { - len = read_smb_length_return_keepalive(fd, inbuf, timeout, - pre); - if (len < 0) { - return len; + NTSTATUS status; + + status = read_smb_length_return_keepalive(fd, inbuf, timeout, + len); + if (!NT_STATUS_IS_OK(status)) { + return status; } + msgtype = CVAL(inbuf, 0); } DEBUG(10,("read_smb_length: got smb length of %lu\n", (unsigned long)len)); - return len; + return NT_STATUS_OK; } /**************************************************************************** @@ -1177,28 +1175,17 @@ ssize_t read_smb_length(int fd, char *inbuf, unsigned int timeout, enum smb_read Doesn't check the MAC on signed packets. ****************************************************************************/ -ssize_t receive_smb_raw(int fd, - char *buffer, - unsigned int timeout, - size_t maxlen, - enum smb_read_errors *pre) +NTSTATUS receive_smb_raw(int fd, char *buffer, unsigned int timeout, + size_t maxlen, size_t *p_len) { - ssize_t len,ret; - - set_smb_read_error(pre,SMB_READ_OK); - - len = read_smb_length_return_keepalive(fd,buffer,timeout,pre); - if (len < 0) { - DEBUG(10,("receive_smb_raw: length < 0!\n")); + size_t len; + NTSTATUS status; - /* - * Correct fix. smb_read_error may have already been - * set. Only set it here if not already set. Global - * variables still suck :-). JRA. - */ + status = read_smb_length_return_keepalive(fd,buffer,timeout,&len); - cond_set_smb_read_error(pre,SMB_READ_ERROR); - return -1; + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("receive_smb_raw: %s!\n", nt_errstr(status))); + return status; } /* @@ -1210,15 +1197,7 @@ ssize_t receive_smb_raw(int fd, DEBUG(0,("Invalid packet length! (%lu bytes).\n", (unsigned long)len)); if (len > BUFFER_SIZE + (SAFETY_MARGIN/2)) { - - /* - * Correct fix. smb_read_error may have already been - * set. Only set it here if not already set. Global - * variables still suck :-). JRA. - */ - - cond_set_smb_read_error(pre,SMB_READ_ERROR); - return -1; + return NT_STATUS_INVALID_PARAMETER; } } @@ -1227,12 +1206,11 @@ ssize_t receive_smb_raw(int fd, len = MIN(len,maxlen); } - ret = read_socket_with_timeout(fd, buffer+4, len, len, timeout, - pre); + status = read_socket_with_timeout( + fd, buffer+4, len, len, timeout, &len); - if (ret != len) { - cond_set_smb_read_error(pre,SMB_READ_ERROR); - return -1; + if (!NT_STATUS_IS_OK(status)) { + return status; } /* not all of samba3 properly checks for packet-termination @@ -1241,7 +1219,8 @@ ssize_t receive_smb_raw(int fd, SSVAL(buffer+4,len, 0); } - return len; + *p_len = len; + return NT_STATUS_OK; } /**************************************************************************** diff --git a/source3/lib/util_str.c b/source3/lib/util_str.c index bcb9197141..93ecad728d 100644 --- a/source3/lib/util_str.c +++ b/source3/lib/util_str.c @@ -1841,149 +1841,93 @@ int fstr_sprintf(fstring s, const char *fmt, ...) #define S_LIST_ABS 16 /* List Allocation Block Size */ -static char **str_list_make_internal(TALLOC_CTX *mem_ctx, - const char *string, - const char *sep) +char **str_list_make(TALLOC_CTX *mem_ctx, const char *string, const char *sep) { - char **list, **rlist; + char **list; const char *str; char *s; int num, lsize; char *tok; - TALLOC_CTX *frame = NULL; if (!string || !*string) return NULL; - if (mem_ctx) { - s = talloc_strdup(mem_ctx, string); - } else { - s = SMB_STRDUP(string); + + list = TALLOC_ARRAY(mem_ctx, char *, S_LIST_ABS+1); + if (list == NULL) { + return NULL; } - if (!s) { + lsize = S_LIST_ABS; + + s = talloc_strdup(list, string); + if (s == NULL) { DEBUG(0,("str_list_make: Unable to allocate memory")); + TALLOC_FREE(list); return NULL; } if (!sep) sep = LIST_SEP; - num = lsize = 0; - list = NULL; - + num = 0; str = s; - frame = talloc_stackframe(); - while (next_token_talloc(frame, &str, &tok, sep)) { + + while (next_token_talloc(list, &str, &tok, sep)) { + if (num == lsize) { + char **tmp; + lsize += S_LIST_ABS; - if (mem_ctx) { - rlist = TALLOC_REALLOC_ARRAY(mem_ctx, list, - char *, lsize +1); - } else { - /* We need to keep the old list on - * error so we can free the elements - if the realloc fails. */ - rlist =SMB_REALLOC_ARRAY_KEEP_OLD_ON_ERROR(list, - char *, lsize +1); - } - if (!rlist) { + + tmp = TALLOC_REALLOC_ARRAY(mem_ctx, list, char *, + lsize + 1); + if (tmp == NULL) { DEBUG(0,("str_list_make: " "Unable to allocate memory")); - str_list_free(&list); - if (mem_ctx) { - TALLOC_FREE(s); - } else { - SAFE_FREE(s); - } - TALLOC_FREE(frame); + TALLOC_FREE(list); return NULL; - } else { - list = rlist; } - memset (&list[num], 0, - ((sizeof(char**)) * (S_LIST_ABS +1))); - } - if (mem_ctx) { - list[num] = talloc_strdup(mem_ctx, tok); - } else { - list[num] = SMB_STRDUP(tok); - } + list = tmp; - if (!list[num]) { - DEBUG(0,("str_list_make: Unable to allocate memory")); - str_list_free(&list); - if (mem_ctx) { - TALLOC_FREE(s); - } else { - SAFE_FREE(s); - } - TALLOC_FREE(frame); - return NULL; + memset (&list[num], 0, + ((sizeof(char**)) * (S_LIST_ABS +1))); } - num++; + list[num] = tok; + num += 1; } - TALLOC_FREE(frame); - - if (mem_ctx) { - TALLOC_FREE(s); - } else { - SAFE_FREE(s); - } + list[num] = NULL; + TALLOC_FREE(s); return list; } -char **str_list_make_talloc(TALLOC_CTX *mem_ctx, - const char *string, - const char *sep) -{ - return str_list_make_internal(mem_ctx, string, sep); -} - -char **str_list_make(const char *string, const char *sep) -{ - return str_list_make_internal(NULL, string, sep); -} - -bool str_list_copy(char ***dest, const char **src) +bool str_list_copy(TALLOC_CTX *mem_ctx, char ***dest, const char **src) { - char **list, **rlist; - int num, lsize; + char **list; + int i, num; *dest = NULL; if (!src) return false; - num = lsize = 0; - list = NULL; + num = 0; + while (src[num] != NULL) { + num += 1; + } - while (src[num]) { - if (num == lsize) { - lsize += S_LIST_ABS; - rlist = SMB_REALLOC_ARRAY_KEEP_OLD_ON_ERROR(list, - char *, lsize +1); - if (!rlist) { - DEBUG(0,("str_list_copy: " - "Unable to re-allocate memory")); - str_list_free(&list); - return false; - } else { - list = rlist; - } - memset (&list[num], 0, - ((sizeof(char **)) * (S_LIST_ABS +1))); - } + list = TALLOC_ARRAY(mem_ctx, char *, num+1); + if (list == NULL) { + return false; + } - list[num] = SMB_STRDUP(src[num]); - if (!list[num]) { - DEBUG(0,("str_list_copy: Unable to allocate memory")); - str_list_free(&list); + for (i=0; i<num; i++) { + list[i] = talloc_strdup(list, src[i]); + if (list[i] == NULL) { + TALLOC_FREE(list); return false; } - - num++; } - + list[i] = NULL; *dest = list; return true; } @@ -2010,37 +1954,6 @@ bool str_list_compare(char **list1, char **list2) return true; } -static void str_list_free_internal(TALLOC_CTX *mem_ctx, char ***list) -{ - char **tlist; - - if (!list || !*list) - return; - tlist = *list; - for(; *tlist; tlist++) { - if (mem_ctx) { - TALLOC_FREE(*tlist); - } else { - SAFE_FREE(*tlist); - } - } - if (mem_ctx) { - TALLOC_FREE(*tlist); - } else { - SAFE_FREE(*list); - } -} - -void str_list_free_talloc(TALLOC_CTX *mem_ctx, char ***list) -{ - str_list_free_internal(mem_ctx, list); -} - -void str_list_free(char ***list) -{ - str_list_free_internal(NULL, list); -} - /****************************************************************************** *****************************************************************************/ diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 7b0adc2fc3..d6b9ba622b 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -664,7 +664,7 @@ static ADS_STATUS ads_do_paged_search_args(ADS_STRUCT *ads, else { /* This would be the utf8-encoded version...*/ /* if (!(search_attrs = ads_push_strvals(ctx, attrs))) */ - if (!(str_list_copy(&search_attrs, attrs))) { + if (!(str_list_copy(talloc_tos(), &search_attrs, attrs))) { rc = LDAP_NO_MEMORY; goto done; } @@ -801,7 +801,7 @@ done: } /* if/when we decide to utf8-encode attrs, take out this next line */ - str_list_free(&search_attrs); + TALLOC_FREE(search_attrs); return ADS_ERROR(rc); } @@ -974,7 +974,7 @@ ADS_STATUS ads_do_search_all_fn(ADS_STRUCT *ads, const char *bind_path, else { /* This would be the utf8-encoded version...*/ /* if (!(search_attrs = ads_push_strvals(ctx, attrs))) */ - if (!(str_list_copy(&search_attrs, attrs))) + if (!(str_list_copy(talloc_tos(), &search_attrs, attrs))) { DEBUG(1,("ads_do_search: str_list_copy() failed!")); rc = LDAP_NO_MEMORY; @@ -998,7 +998,7 @@ ADS_STATUS ads_do_search_all_fn(ADS_STRUCT *ads, const char *bind_path, done: talloc_destroy(ctx); /* if/when we decide to utf8-encode attrs, take out this next line */ - str_list_free(&search_attrs); + TALLOC_FREE(search_attrs); return ADS_ERROR(rc); } /** diff --git a/source3/libgpo/gpo_ldap.c b/source3/libgpo/gpo_ldap.c index 4e63b92e4e..a34e6861a5 100644 --- a/source3/libgpo/gpo_ldap.c +++ b/source3/libgpo/gpo_ldap.c @@ -44,7 +44,7 @@ bool ads_parse_gp_ext(TALLOC_CTX *mem_ctx, goto parse_error; } - ext_list = str_list_make_talloc(mem_ctx, extension_raw, "]"); + ext_list = str_list_make(mem_ctx, extension_raw, "]"); if (!ext_list) { goto parse_error; } @@ -87,7 +87,7 @@ bool ads_parse_gp_ext(TALLOC_CTX *mem_ctx, p++; } - ext_strings = str_list_make_talloc(mem_ctx, p, "}"); + ext_strings = str_list_make(mem_ctx, p, "}"); if (ext_strings == NULL) { goto parse_error; } @@ -137,12 +137,8 @@ bool ads_parse_gp_ext(TALLOC_CTX *mem_ctx, ret = True; parse_error: - if (ext_list) { - str_list_free_talloc(mem_ctx, &ext_list); - } - if (ext_strings) { - str_list_free_talloc(mem_ctx, &ext_strings); - } + TALLOC_FREE(ext_list); + TALLOC_FREE(ext_strings); return ret; } @@ -166,7 +162,7 @@ static ADS_STATUS gpo_parse_gplink(TALLOC_CTX *mem_ctx, DEBUG(10,("gpo_parse_gplink: gPLink: %s\n", gp_link_raw)); - link_list = str_list_make_talloc(mem_ctx, gp_link_raw, "]"); + link_list = str_list_make(mem_ctx, gp_link_raw, "]"); if (!link_list) { goto parse_error; } @@ -226,10 +222,7 @@ static ADS_STATUS gpo_parse_gplink(TALLOC_CTX *mem_ctx, status = ADS_SUCCESS; parse_error: - - if (link_list) { - str_list_free_talloc(mem_ctx, &link_list); - } + TALLOC_FREE(link_list); return status; } diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index c34afc7cae..f855a57f32 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -50,6 +50,11 @@ #define LIBNET_UNJOIN_OUT_DUMP_CTX(ctx, r) \ LIBNET_UNJOIN_DUMP_CTX(ctx, r, NDR_OUT) +static void init_lsa_String(struct lsa_String *name, const char *s) +{ + name->string = s; +} + /**************************************************************** ****************************************************************/ @@ -591,6 +596,7 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx, NTSTATUS status = NT_STATUS_UNSUCCESSFUL; char *acct_name; const char *const_acct_name; + struct lsa_String lsa_acct_name; uint32 user_rid; uint32 num_rids, *name_types, *user_rids; uint32 flags = 0x3e8; @@ -665,16 +671,19 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx, goto done; } - status = rpccli_samr_connect(pipe_hnd, mem_ctx, - SEC_RIGHTS_MAXIMUM_ALLOWED, &sam_pol); + status = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol); if (!NT_STATUS_IS_OK(status)) { goto done; } - status = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &sam_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, - r->out.domain_sid, - &domain_pol); + status = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &sam_pol, + SEC_RIGHTS_MAXIMUM_ALLOWED, + r->out.domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(status)) { goto done; } @@ -683,6 +692,8 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx, strlower_m(acct_name); const_acct_name = acct_name; + init_lsa_String(&lsa_acct_name, acct_name); + if (r->in.join_flags & WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE) { uint32_t acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE | @@ -690,12 +701,16 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx, SAMR_USER_ACCESS_SET_PASSWORD | SAMR_USER_ACCESS_GET_ATTRIBUTES | SAMR_USER_ACCESS_SET_ATTRIBUTES; - - status = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, - &domain_pol, - acct_name, ACB_WSTRUST, - acct_flags, &user_pol, - &user_rid); + uint32_t access_granted = 0; + + status = rpccli_samr_CreateUser2(pipe_hnd, mem_ctx, + &domain_pol, + &lsa_acct_name, + ACB_WSTRUST, + acct_flags, + &user_pol, + &access_granted, + &user_rid); if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) { if (!(r->in.join_flags & WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED)) { @@ -723,9 +738,11 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx, user_rid = user_rids[0]; - status = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, user_rid, - &user_pol); + status = rpccli_samr_OpenUser(pipe_hnd, mem_ctx, + &domain_pol, + SEC_RIGHTS_MAXIMUM_ALLOWED, + user_rid, + &user_pol); if (!NT_STATUS_IS_OK(status)) { goto done; } @@ -834,16 +851,19 @@ static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CTX *mem_ctx, goto done; } - status = rpccli_samr_connect(pipe_hnd, mem_ctx, - SEC_RIGHTS_MAXIMUM_ALLOWED, &sam_pol); + status = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol); if (!NT_STATUS_IS_OK(status)) { goto done; } - status = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &sam_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, - r->in.domain_sid, - &domain_pol); + status = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &sam_pol, + SEC_RIGHTS_MAXIMUM_ALLOWED, + r->in.domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(status)) { goto done; } @@ -867,9 +887,11 @@ static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CTX *mem_ctx, user_rid = user_rids[0]; - status = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, - user_rid, &user_pol); + status = rpccli_samr_OpenUser(pipe_hnd, mem_ctx, + &domain_pol, + SEC_RIGHTS_MAXIMUM_ALLOWED, + user_rid, + &user_pol); if (!NT_STATUS_IS_OK(status)) { goto done; } diff --git a/source3/librpc/gen_ndr/cli_eventlog.c b/source3/librpc/gen_ndr/cli_eventlog.c index 72cd886cb4..0084776a08 100644 --- a/source3/librpc/gen_ndr/cli_eventlog.c +++ b/source3/librpc/gen_ndr/cli_eventlog.c @@ -9,14 +9,14 @@ NTSTATUS rpccli_eventlog_ClearEventLogW(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *handle, - struct lsa_String *unknown) + struct lsa_String *backupfile) { struct eventlog_ClearEventLogW r; NTSTATUS status; /* In parameters */ r.in.handle = handle; - r.in.unknown = unknown; + r.in.backupfile = backupfile; if (DEBUGLEVEL >= 10) { NDR_PRINT_IN_DEBUG(eventlog_ClearEventLogW, &r); @@ -203,12 +203,15 @@ NTSTATUS rpccli_eventlog_GetNumRecords(struct rpc_pipe_client *cli, } NTSTATUS rpccli_eventlog_GetOldestRecord(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx) + TALLOC_CTX *mem_ctx, + struct policy_handle *handle, + uint32_t *oldest_entry) { struct eventlog_GetOldestRecord r; NTSTATUS status; /* In parameters */ + r.in.handle = handle; if (DEBUGLEVEL >= 10) { NDR_PRINT_IN_DEBUG(eventlog_GetOldestRecord, &r); @@ -234,6 +237,7 @@ NTSTATUS rpccli_eventlog_GetOldestRecord(struct rpc_pipe_client *cli, } /* Return variables */ + *oldest_entry = *r.out.oldest_entry; /* Return result */ return r.out.result; @@ -279,8 +283,8 @@ NTSTATUS rpccli_eventlog_ChangeNotify(struct rpc_pipe_client *cli, NTSTATUS rpccli_eventlog_OpenEventLogW(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct eventlog_OpenUnknown0 *unknown0, - struct lsa_String logname, - struct lsa_String servername, + struct lsa_String *logname, + struct lsa_String *servername, uint32_t unknown2, uint32_t unknown3, struct policy_handle *handle) diff --git a/source3/librpc/gen_ndr/cli_eventlog.h b/source3/librpc/gen_ndr/cli_eventlog.h index f75355c390..10790a21fc 100644 --- a/source3/librpc/gen_ndr/cli_eventlog.h +++ b/source3/librpc/gen_ndr/cli_eventlog.h @@ -4,7 +4,7 @@ NTSTATUS rpccli_eventlog_ClearEventLogW(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *handle, - struct lsa_String *unknown); + struct lsa_String *backupfile); NTSTATUS rpccli_eventlog_BackupEventLogW(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx); NTSTATUS rpccli_eventlog_CloseEventLog(struct rpc_pipe_client *cli, @@ -17,14 +17,16 @@ NTSTATUS rpccli_eventlog_GetNumRecords(struct rpc_pipe_client *cli, struct policy_handle *handle, uint32_t *number); NTSTATUS rpccli_eventlog_GetOldestRecord(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx); + TALLOC_CTX *mem_ctx, + struct policy_handle *handle, + uint32_t *oldest_entry); NTSTATUS rpccli_eventlog_ChangeNotify(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx); NTSTATUS rpccli_eventlog_OpenEventLogW(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct eventlog_OpenUnknown0 *unknown0, - struct lsa_String logname, - struct lsa_String servername, + struct lsa_String *logname, + struct lsa_String *servername, uint32_t unknown2, uint32_t unknown3, struct policy_handle *handle); diff --git a/source3/librpc/gen_ndr/cli_lsa.c b/source3/librpc/gen_ndr/cli_lsa.c index 76370cabf1..3599d9fe9c 100644 --- a/source3/librpc/gen_ndr/cli_lsa.c +++ b/source3/librpc/gen_ndr/cli_lsa.c @@ -135,7 +135,7 @@ NTSTATUS rpccli_lsa_QuerySecurity(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *handle, uint32_t sec_info, - struct sec_desc_buf *sdbuf) + struct sec_desc_buf **sdbuf) { struct lsa_QuerySecurity r; NTSTATUS status; @@ -168,21 +168,25 @@ NTSTATUS rpccli_lsa_QuerySecurity(struct rpc_pipe_client *cli, } /* Return variables */ - if (sdbuf && r.out.sdbuf) { - *sdbuf = *r.out.sdbuf; - } + *sdbuf = *r.out.sdbuf; /* Return result */ return r.out.result; } NTSTATUS rpccli_lsa_SetSecObj(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx) + TALLOC_CTX *mem_ctx, + struct policy_handle *handle, + uint32_t sec_info, + struct sec_desc_buf *sdbuf) { struct lsa_SetSecObj r; NTSTATUS status; /* In parameters */ + r.in.handle = handle; + r.in.sec_info = sec_info; + r.in.sdbuf = sdbuf; if (DEBUGLEVEL >= 10) { NDR_PRINT_IN_DEBUG(lsa_SetSecObj, &r); @@ -1488,12 +1492,14 @@ NTSTATUS rpccli_lsa_LookupPrivDisplayName(struct rpc_pipe_client *cli, } NTSTATUS rpccli_lsa_DeleteObject(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx) + TALLOC_CTX *mem_ctx, + struct policy_handle **handle) { struct lsa_DeleteObject r; NTSTATUS status; /* In parameters */ + r.in.handle = handle; if (DEBUGLEVEL >= 10) { NDR_PRINT_IN_DEBUG(lsa_DeleteObject, &r); @@ -1519,6 +1525,7 @@ NTSTATUS rpccli_lsa_DeleteObject(struct rpc_pipe_client *cli, } /* Return variables */ + *handle = *r.out.handle; /* Return result */ return r.out.result; diff --git a/source3/librpc/gen_ndr/cli_lsa.h b/source3/librpc/gen_ndr/cli_lsa.h index c45aed1d37..4997f5cb35 100644 --- a/source3/librpc/gen_ndr/cli_lsa.h +++ b/source3/librpc/gen_ndr/cli_lsa.h @@ -17,9 +17,12 @@ NTSTATUS rpccli_lsa_QuerySecurity(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *handle, uint32_t sec_info, - struct sec_desc_buf *sdbuf); + struct sec_desc_buf **sdbuf); NTSTATUS rpccli_lsa_SetSecObj(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx); + TALLOC_CTX *mem_ctx, + struct policy_handle *handle, + uint32_t sec_info, + struct sec_desc_buf *sdbuf); NTSTATUS rpccli_lsa_ChangePassword(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx); NTSTATUS rpccli_lsa_OpenPolicy(struct rpc_pipe_client *cli, @@ -163,7 +166,8 @@ NTSTATUS rpccli_lsa_LookupPrivDisplayName(struct rpc_pipe_client *cli, uint16_t *language_id, uint16_t unknown); NTSTATUS rpccli_lsa_DeleteObject(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx); + TALLOC_CTX *mem_ctx, + struct policy_handle **handle); NTSTATUS rpccli_lsa_EnumAccountsWithUserRight(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *handle, diff --git a/source3/librpc/gen_ndr/cli_samr.c b/source3/librpc/gen_ndr/cli_samr.c index 73c123bbdd..a0441fcd84 100644 --- a/source3/librpc/gen_ndr/cli_samr.c +++ b/source3/librpc/gen_ndr/cli_samr.c @@ -136,7 +136,7 @@ NTSTATUS rpccli_samr_QuerySecurity(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *handle, uint32_t sec_info, - struct sec_desc_buf *sdbuf) + struct sec_desc_buf **sdbuf) { struct samr_QuerySecurity r; NTSTATUS status; @@ -218,7 +218,7 @@ NTSTATUS rpccli_samr_LookupDomain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *connect_handle, struct lsa_String *domain_name, - struct dom_sid2 *sid) + struct dom_sid2 **sid) { struct samr_LookupDomain r; NTSTATUS status; @@ -354,7 +354,7 @@ NTSTATUS rpccli_samr_QueryDomainInfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *domain_handle, uint16_t level, - union samr_DomainInfo *info) + union samr_DomainInfo **info) { struct samr_QueryDomainInfo r; NTSTATUS status; @@ -1120,7 +1120,7 @@ NTSTATUS rpccli_samr_DeleteGroupMember(struct rpc_pipe_client *cli, NTSTATUS rpccli_samr_QueryGroupMember(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *group_handle, - struct samr_RidTypeArray *rids) + struct samr_RidTypeArray **rids) { struct samr_QueryGroupMember r; NTSTATUS status; @@ -2028,7 +2028,7 @@ NTSTATUS rpccli_samr_QueryDomainInfo2(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *domain_handle, uint16_t level, - union samr_DomainInfo *info) + union samr_DomainInfo **info) { struct samr_QueryDomainInfo2 r; NTSTATUS status; @@ -2751,7 +2751,7 @@ NTSTATUS rpccli_samr_Connect3(struct rpc_pipe_client *cli, NTSTATUS rpccli_samr_Connect4(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *system_name, - uint32_t unknown, + enum samr_ConnectVersion client_version, uint32_t access_mask, struct policy_handle *connect_handle) { @@ -2760,7 +2760,7 @@ NTSTATUS rpccli_samr_Connect4(struct rpc_pipe_client *cli, /* In parameters */ r.in.system_name = system_name; - r.in.unknown = unknown; + r.in.client_version = client_version; r.in.access_mask = access_mask; if (DEBUGLEVEL >= 10) { diff --git a/source3/librpc/gen_ndr/cli_samr.h b/source3/librpc/gen_ndr/cli_samr.h index 23f2d1f1b6..52e6b13c7a 100644 --- a/source3/librpc/gen_ndr/cli_samr.h +++ b/source3/librpc/gen_ndr/cli_samr.h @@ -18,7 +18,7 @@ NTSTATUS rpccli_samr_QuerySecurity(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *handle, uint32_t sec_info, - struct sec_desc_buf *sdbuf); + struct sec_desc_buf **sdbuf); NTSTATUS rpccli_samr_Shutdown(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *connect_handle); @@ -26,7 +26,7 @@ NTSTATUS rpccli_samr_LookupDomain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *connect_handle, struct lsa_String *domain_name, - struct dom_sid2 *sid); + struct dom_sid2 **sid); NTSTATUS rpccli_samr_EnumDomains(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *connect_handle, @@ -44,7 +44,7 @@ NTSTATUS rpccli_samr_QueryDomainInfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *domain_handle, uint16_t level, - union samr_DomainInfo *info); + union samr_DomainInfo **info); NTSTATUS rpccli_samr_SetDomainInfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *domain_handle, @@ -143,7 +143,7 @@ NTSTATUS rpccli_samr_DeleteGroupMember(struct rpc_pipe_client *cli, NTSTATUS rpccli_samr_QueryGroupMember(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *group_handle, - struct samr_RidTypeArray *rids); + struct samr_RidTypeArray **rids); NTSTATUS rpccli_samr_SetMemberAttributesOfGroup(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *group_handle, @@ -250,7 +250,7 @@ NTSTATUS rpccli_samr_QueryDomainInfo2(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *domain_handle, uint16_t level, - union samr_DomainInfo *info); + union samr_DomainInfo **info); NTSTATUS rpccli_samr_QueryUserInfo2(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *user_handle, @@ -347,7 +347,7 @@ NTSTATUS rpccli_samr_Connect3(struct rpc_pipe_client *cli, NTSTATUS rpccli_samr_Connect4(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *system_name, - uint32_t unknown, + enum samr_ConnectVersion client_version, uint32_t access_mask, struct policy_handle *connect_handle); NTSTATUS rpccli_samr_ChangePasswordUser3(struct rpc_pipe_client *cli, diff --git a/source3/librpc/gen_ndr/eventlog.h b/source3/librpc/gen_ndr/eventlog.h index 656dadcc6c..0fd929dd99 100644 --- a/source3/librpc/gen_ndr/eventlog.h +++ b/source3/librpc/gen_ndr/eventlog.h @@ -53,7 +53,7 @@ struct eventlog_Record { struct eventlog_ClearEventLogW { struct { struct policy_handle *handle;/* [ref] */ - struct lsa_String *unknown;/* [unique] */ + struct lsa_String *backupfile;/* [unique] */ } in; struct { @@ -107,6 +107,11 @@ struct eventlog_GetNumRecords { struct eventlog_GetOldestRecord { struct { + struct policy_handle *handle;/* [ref] */ + } in; + + struct { + uint32_t *oldest_entry;/* [ref] */ NTSTATUS result; } out; @@ -124,8 +129,8 @@ struct eventlog_ChangeNotify { struct eventlog_OpenEventLogW { struct { struct eventlog_OpenUnknown0 *unknown0;/* [unique] */ - struct lsa_String logname; - struct lsa_String servername; + struct lsa_String *logname;/* [ref] */ + struct lsa_String *servername;/* [ref] */ uint32_t unknown2; uint32_t unknown3; } in; @@ -159,7 +164,7 @@ struct eventlog_ReadEventLogW { struct policy_handle *handle;/* [ref] */ uint32_t flags; uint32_t offset; - uint32_t number_of_bytes; + uint32_t number_of_bytes;/* [range(0,0x7FFFF)] */ } in; struct { diff --git a/source3/librpc/gen_ndr/lsa.h b/source3/librpc/gen_ndr/lsa.h index 2657557d90..32e6739095 100644 --- a/source3/librpc/gen_ndr/lsa.h +++ b/source3/librpc/gen_ndr/lsa.h @@ -229,7 +229,7 @@ struct lsa_SidPtr { }; struct lsa_SidArray { - uint32_t num_sids;/* [range(0 1000)] */ + uint32_t num_sids;/* [range(0,1000)] */ struct lsa_SidPtr *sids;/* [unique,size_is(num_sids)] */ }/* [public] */; @@ -274,12 +274,12 @@ struct lsa_TranslatedSid { }; struct lsa_TransSidArray { - uint32_t count;/* [range(0 1000)] */ + uint32_t count;/* [range(0,1000)] */ struct lsa_TranslatedSid *sids;/* [unique,size_is(count)] */ }; struct lsa_RefDomainList { - uint32_t count;/* [range(0 1000)] */ + uint32_t count;/* [range(0,1000)] */ struct lsa_DomainInfo *domains;/* [unique,size_is(count)] */ uint32_t max_size; }; @@ -312,7 +312,7 @@ struct lsa_TranslatedName { }; struct lsa_TransNameArray { - uint32_t count;/* [range(0 1000)] */ + uint32_t count;/* [range(0,1000)] */ struct lsa_TranslatedName *names;/* [unique,size_is(count)] */ }; @@ -322,7 +322,7 @@ struct lsa_LUIDAttribute { }; struct lsa_PrivilegeSet { - uint32_t count;/* [range(0 1000)] */ + uint32_t count;/* [range(0,1000)] */ uint32_t unknown; struct lsa_LUIDAttribute *set;/* [size_is(count)] */ }; @@ -334,7 +334,7 @@ struct lsa_DATA_BUF { }/* [flag(LIBNDR_PRINT_ARRAY_HEX)] */; struct lsa_DATA_BUF2 { - uint32_t size;/* [range(0 65536)] */ + uint32_t size;/* [range(0,65536)] */ uint8_t *data;/* [unique,size_is(size)] */ }/* [flag(LIBNDR_PRINT_ARRAY_HEX)] */; @@ -501,7 +501,7 @@ struct lsa_TranslatedName2 { }; struct lsa_TransNameArray2 { - uint32_t count;/* [range(0 1000)] */ + uint32_t count;/* [range(0,1000)] */ struct lsa_TranslatedName2 *names;/* [unique,size_is(count)] */ }; @@ -513,7 +513,7 @@ struct lsa_TranslatedSid2 { }; struct lsa_TransSidArray2 { - uint32_t count;/* [range(0 1000)] */ + uint32_t count;/* [range(0,1000)] */ struct lsa_TranslatedSid2 *sids;/* [unique,size_is(count)] */ }; @@ -525,12 +525,12 @@ struct lsa_TranslatedSid3 { }; struct lsa_TransSidArray3 { - uint32_t count;/* [range(0 1000)] */ + uint32_t count;/* [range(0,1000)] */ struct lsa_TranslatedSid3 *sids;/* [unique,size_is(count)] */ }; struct lsa_ForestTrustBinaryData { - uint32_t length;/* [range(0 131072)] */ + uint32_t length;/* [range(0,131072)] */ uint8_t *data;/* [unique,size_is(length)] */ }; @@ -572,7 +572,7 @@ struct lsa_ForestTrustRecord { }; struct lsa_ForestTrustInformation { - uint32_t count;/* [range(0 4000)] */ + uint32_t count;/* [range(0,4000)] */ struct lsa_ForestTrustRecord **entries;/* [unique,size_is(count)] */ }/* [public] */; @@ -625,7 +625,7 @@ struct lsa_QuerySecurity { } in; struct { - struct sec_desc_buf *sdbuf;/* [unique] */ + struct sec_desc_buf **sdbuf;/* [ref] */ NTSTATUS result; } out; @@ -634,6 +634,12 @@ struct lsa_QuerySecurity { struct lsa_SetSecObj { struct { + struct policy_handle *handle;/* [ref] */ + uint32_t sec_info; + struct sec_desc_buf *sdbuf;/* [ref] */ + } in; + + struct { NTSTATUS result; } out; @@ -717,7 +723,7 @@ struct lsa_CreateAccount { struct lsa_EnumAccounts { struct { struct policy_handle *handle;/* [ref] */ - uint32_t num_entries;/* [range(0 8192)] */ + uint32_t num_entries;/* [range(0,8192)] */ uint32_t *resume_handle;/* [ref] */ } in; @@ -764,7 +770,7 @@ struct lsa_EnumTrustDom { struct lsa_LookupNames { struct { struct policy_handle *handle;/* [ref] */ - uint32_t num_names;/* [range(0 1000)] */ + uint32_t num_names;/* [range(0,1000)] */ struct lsa_String *names;/* [size_is(num_names)] */ enum lsa_LookupNamesLevel level; struct lsa_TransSidArray *sids;/* [ref] */ @@ -1035,6 +1041,11 @@ struct lsa_LookupPrivDisplayName { struct lsa_DeleteObject { struct { + struct policy_handle **handle;/* [ref] */ + } in; + + struct { + struct policy_handle **handle;/* [ref] */ NTSTATUS result; } out; @@ -1351,7 +1362,7 @@ struct lsa_LookupSids2 { struct lsa_LookupNames2 { struct { struct policy_handle *handle;/* [ref] */ - uint32_t num_names;/* [range(0 1000)] */ + uint32_t num_names;/* [range(0,1000)] */ struct lsa_String *names;/* [size_is(num_names)] */ enum lsa_LookupNamesLevel level; uint32_t unknown1; @@ -1445,7 +1456,7 @@ struct lsa_CREDRPROFILELOADED { struct lsa_LookupNames3 { struct { struct policy_handle *handle;/* [ref] */ - uint32_t num_names;/* [range(0 1000)] */ + uint32_t num_names;/* [range(0,1000)] */ struct lsa_String *names;/* [size_is(num_names)] */ enum lsa_LookupNamesLevel level; uint32_t unknown1; @@ -1549,7 +1560,7 @@ struct lsa_LookupSids3 { struct lsa_LookupNames4 { struct { - uint32_t num_names;/* [range(0 1000)] */ + uint32_t num_names;/* [range(0,1000)] */ struct lsa_String *names;/* [size_is(num_names)] */ enum lsa_LookupNamesLevel level; uint32_t unknown1; diff --git a/source3/librpc/gen_ndr/ndr_dssetup.c b/source3/librpc/gen_ndr/ndr_dssetup.c index f089b71cd4..37586549a6 100644 --- a/source3/librpc/gen_ndr/ndr_dssetup.c +++ b/source3/librpc/gen_ndr/ndr_dssetup.c @@ -88,7 +88,6 @@ static enum ndr_err_code ndr_push_dssetup_DsRolePrimaryDomInfoBasic(struct ndr_p NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->forest, CH_UTF16))); NDR_CHECK(ndr_push_charset(ndr, NDR_SCALARS, r->forest, ndr_charset_length(r->forest, CH_UTF16), sizeof(uint16_t), CH_UTF16)); } - NDR_CHECK(ndr_push_GUID(ndr, NDR_BUFFERS, &r->domain_guid)); } return NDR_ERR_SUCCESS; } @@ -162,7 +161,6 @@ static enum ndr_err_code ndr_pull_dssetup_DsRolePrimaryDomInfoBasic(struct ndr_p NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->forest, ndr_get_array_length(ndr, &r->forest), sizeof(uint16_t), CH_UTF16)); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_forest_0, 0); } - NDR_CHECK(ndr_pull_GUID(ndr, NDR_BUFFERS, &r->domain_guid)); } return NDR_ERR_SUCCESS; } diff --git a/source3/librpc/gen_ndr/ndr_eventlog.c b/source3/librpc/gen_ndr/ndr_eventlog.c index ebd76515ff..c6a77c54e5 100644 --- a/source3/librpc/gen_ndr/ndr_eventlog.c +++ b/source3/librpc/gen_ndr/ndr_eventlog.c @@ -130,7 +130,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_eventlog_Record(struct ndr_pull *ndr, int nd ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); NDR_PULL_ALLOC_N(ndr, r->strings, r->num_of_strings); _mem_save_strings_0 = NDR_PULL_GET_MEM_CTX(ndr); - NDR_PULL_SET_MEM_CTX(ndr, *r->strings, 0); + NDR_PULL_SET_MEM_CTX(ndr, r->strings, 0); for (cntr_strings_0 = 0; cntr_strings_0 < r->num_of_strings; cntr_strings_0++) { NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->strings[cntr_strings_0])); } @@ -194,9 +194,9 @@ static enum ndr_err_code ndr_push_eventlog_ClearEventLogW(struct ndr_push *ndr, return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); } NDR_CHECK(ndr_push_policy_handle(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.handle)); - NDR_CHECK(ndr_push_unique_ptr(ndr, r->in.unknown)); - if (r->in.unknown) { - NDR_CHECK(ndr_push_lsa_String(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.unknown)); + NDR_CHECK(ndr_push_unique_ptr(ndr, r->in.backupfile)); + if (r->in.backupfile) { + NDR_CHECK(ndr_push_lsa_String(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.backupfile)); } } if (flags & NDR_OUT) { @@ -207,9 +207,9 @@ static enum ndr_err_code ndr_push_eventlog_ClearEventLogW(struct ndr_push *ndr, static enum ndr_err_code ndr_pull_eventlog_ClearEventLogW(struct ndr_pull *ndr, int flags, struct eventlog_ClearEventLogW *r) { - uint32_t _ptr_unknown; + uint32_t _ptr_backupfile; TALLOC_CTX *_mem_save_handle_0; - TALLOC_CTX *_mem_save_unknown_0; + TALLOC_CTX *_mem_save_backupfile_0; if (flags & NDR_IN) { if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { NDR_PULL_ALLOC(ndr, r->in.handle); @@ -218,17 +218,17 @@ static enum ndr_err_code ndr_pull_eventlog_ClearEventLogW(struct ndr_pull *ndr, NDR_PULL_SET_MEM_CTX(ndr, r->in.handle, LIBNDR_FLAG_REF_ALLOC); NDR_CHECK(ndr_pull_policy_handle(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.handle)); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_handle_0, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_unknown)); - if (_ptr_unknown) { - NDR_PULL_ALLOC(ndr, r->in.unknown); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_backupfile)); + if (_ptr_backupfile) { + NDR_PULL_ALLOC(ndr, r->in.backupfile); } else { - r->in.unknown = NULL; + r->in.backupfile = NULL; } - if (r->in.unknown) { - _mem_save_unknown_0 = NDR_PULL_GET_MEM_CTX(ndr); - NDR_PULL_SET_MEM_CTX(ndr, r->in.unknown, 0); - NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.unknown)); - NDR_PULL_SET_MEM_CTX(ndr, _mem_save_unknown_0, 0); + if (r->in.backupfile) { + _mem_save_backupfile_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.backupfile, 0); + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.backupfile)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_backupfile_0, 0); } } if (flags & NDR_OUT) { @@ -251,10 +251,10 @@ _PUBLIC_ void ndr_print_eventlog_ClearEventLogW(struct ndr_print *ndr, const cha ndr->depth++; ndr_print_policy_handle(ndr, "handle", r->in.handle); ndr->depth--; - ndr_print_ptr(ndr, "unknown", r->in.unknown); + ndr_print_ptr(ndr, "backupfile", r->in.backupfile); ndr->depth++; - if (r->in.unknown) { - ndr_print_lsa_String(ndr, "unknown", r->in.unknown); + if (r->in.backupfile) { + ndr_print_lsa_String(ndr, "backupfile", r->in.backupfile); } ndr->depth--; ndr->depth--; @@ -506,8 +506,16 @@ _PUBLIC_ void ndr_print_eventlog_GetNumRecords(struct ndr_print *ndr, const char static enum ndr_err_code ndr_push_eventlog_GetOldestRecord(struct ndr_push *ndr, int flags, const struct eventlog_GetOldestRecord *r) { if (flags & NDR_IN) { + if (r->in.handle == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_policy_handle(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.handle)); } if (flags & NDR_OUT) { + if (r->out.oldest_entry == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, *r->out.oldest_entry)); NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result)); } return NDR_ERR_SUCCESS; @@ -515,9 +523,29 @@ static enum ndr_err_code ndr_push_eventlog_GetOldestRecord(struct ndr_push *ndr, static enum ndr_err_code ndr_pull_eventlog_GetOldestRecord(struct ndr_pull *ndr, int flags, struct eventlog_GetOldestRecord *r) { + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_oldest_entry_0; if (flags & NDR_IN) { + ZERO_STRUCT(r->out); + + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.handle); + } + _mem_save_handle_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.handle, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_policy_handle(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.handle)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_handle_0, LIBNDR_FLAG_REF_ALLOC); + NDR_PULL_ALLOC(ndr, r->out.oldest_entry); + ZERO_STRUCTP(r->out.oldest_entry); } if (flags & NDR_OUT) { + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.oldest_entry); + } + _mem_save_oldest_entry_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->out.oldest_entry, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, r->out.oldest_entry)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_oldest_entry_0, LIBNDR_FLAG_REF_ALLOC); NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result)); } return NDR_ERR_SUCCESS; @@ -533,11 +561,19 @@ _PUBLIC_ void ndr_print_eventlog_GetOldestRecord(struct ndr_print *ndr, const ch if (flags & NDR_IN) { ndr_print_struct(ndr, "in", "eventlog_GetOldestRecord"); ndr->depth++; + ndr_print_ptr(ndr, "handle", r->in.handle); + ndr->depth++; + ndr_print_policy_handle(ndr, "handle", r->in.handle); + ndr->depth--; ndr->depth--; } if (flags & NDR_OUT) { ndr_print_struct(ndr, "out", "eventlog_GetOldestRecord"); ndr->depth++; + ndr_print_ptr(ndr, "oldest_entry", r->out.oldest_entry); + ndr->depth++; + ndr_print_uint32(ndr, "oldest_entry", *r->out.oldest_entry); + ndr->depth--; ndr_print_NTSTATUS(ndr, "result", r->out.result); ndr->depth--; } @@ -592,8 +628,14 @@ static enum ndr_err_code ndr_push_eventlog_OpenEventLogW(struct ndr_push *ndr, i if (r->in.unknown0) { NDR_CHECK(ndr_push_eventlog_OpenUnknown0(ndr, NDR_SCALARS, r->in.unknown0)); } - NDR_CHECK(ndr_push_lsa_String(ndr, NDR_SCALARS|NDR_BUFFERS, &r->in.logname)); - NDR_CHECK(ndr_push_lsa_String(ndr, NDR_SCALARS|NDR_BUFFERS, &r->in.servername)); + if (r->in.logname == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_lsa_String(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.logname)); + if (r->in.servername == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_lsa_String(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.servername)); NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->in.unknown2)); NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->in.unknown3)); } @@ -611,6 +653,8 @@ static enum ndr_err_code ndr_pull_eventlog_OpenEventLogW(struct ndr_pull *ndr, i { uint32_t _ptr_unknown0; TALLOC_CTX *_mem_save_unknown0_0; + TALLOC_CTX *_mem_save_logname_0; + TALLOC_CTX *_mem_save_servername_0; TALLOC_CTX *_mem_save_handle_0; if (flags & NDR_IN) { ZERO_STRUCT(r->out); @@ -627,8 +671,20 @@ static enum ndr_err_code ndr_pull_eventlog_OpenEventLogW(struct ndr_pull *ndr, i NDR_CHECK(ndr_pull_eventlog_OpenUnknown0(ndr, NDR_SCALARS, r->in.unknown0)); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_unknown0_0, 0); } - NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS|NDR_BUFFERS, &r->in.logname)); - NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS|NDR_BUFFERS, &r->in.servername)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.logname); + } + _mem_save_logname_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.logname, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.logname)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_logname_0, LIBNDR_FLAG_REF_ALLOC); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.servername); + } + _mem_save_servername_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.servername, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.servername)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_servername_0, LIBNDR_FLAG_REF_ALLOC); NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.unknown2)); NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.unknown3)); NDR_PULL_ALLOC(ndr, r->out.handle); @@ -663,8 +719,14 @@ _PUBLIC_ void ndr_print_eventlog_OpenEventLogW(struct ndr_print *ndr, const char ndr_print_eventlog_OpenUnknown0(ndr, "unknown0", r->in.unknown0); } ndr->depth--; - ndr_print_lsa_String(ndr, "logname", &r->in.logname); - ndr_print_lsa_String(ndr, "servername", &r->in.servername); + ndr_print_ptr(ndr, "logname", r->in.logname); + ndr->depth++; + ndr_print_lsa_String(ndr, "logname", r->in.logname); + ndr->depth--; + ndr_print_ptr(ndr, "servername", r->in.servername); + ndr->depth++; + ndr_print_lsa_String(ndr, "servername", r->in.servername); + ndr->depth--; ndr_print_uint32(ndr, "unknown2", r->in.unknown2); ndr_print_uint32(ndr, "unknown3", r->in.unknown3); ndr->depth--; @@ -812,6 +874,9 @@ static enum ndr_err_code ndr_pull_eventlog_ReadEventLogW(struct ndr_pull *ndr, i NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.flags)); NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.offset)); NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.number_of_bytes)); + if (r->in.number_of_bytes < 0 || r->in.number_of_bytes > 0x7FFFF) { + return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range"); + } NDR_PULL_ALLOC_N(ndr, r->out.data, r->in.number_of_bytes); memset(r->out.data, 0, r->in.number_of_bytes * sizeof(*r->out.data)); NDR_PULL_ALLOC(ndr, r->out.sent_size); diff --git a/source3/librpc/gen_ndr/ndr_lsa.c b/source3/librpc/gen_ndr/ndr_lsa.c index 25fa3d2129..89b7da5785 100644 --- a/source3/librpc/gen_ndr/ndr_lsa.c +++ b/source3/librpc/gen_ndr/ndr_lsa.c @@ -4768,10 +4768,14 @@ static enum ndr_err_code ndr_push_lsa_QuerySecurity(struct ndr_push *ndr, int fl NDR_CHECK(ndr_push_security_secinfo(ndr, NDR_SCALARS, r->in.sec_info)); } if (flags & NDR_OUT) { - NDR_CHECK(ndr_push_unique_ptr(ndr, r->out.sdbuf)); - if (r->out.sdbuf) { - NDR_CHECK(ndr_push_sec_desc_buf(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.sdbuf)); + if (r->out.sdbuf == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + if (*r->out.sdbuf == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); } + NDR_CHECK(ndr_push_ref_ptr(ndr)); + NDR_CHECK(ndr_push_sec_desc_buf(ndr, NDR_SCALARS|NDR_BUFFERS, *r->out.sdbuf)); NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result)); } return NDR_ERR_SUCCESS; @@ -4782,6 +4786,7 @@ static enum ndr_err_code ndr_pull_lsa_QuerySecurity(struct ndr_pull *ndr, int fl uint32_t _ptr_sdbuf; TALLOC_CTX *_mem_save_handle_0; TALLOC_CTX *_mem_save_sdbuf_0; + TALLOC_CTX *_mem_save_sdbuf_1; if (flags & NDR_IN) { ZERO_STRUCT(r->out); @@ -4793,20 +4798,24 @@ static enum ndr_err_code ndr_pull_lsa_QuerySecurity(struct ndr_pull *ndr, int fl NDR_CHECK(ndr_pull_policy_handle(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.handle)); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_handle_0, LIBNDR_FLAG_REF_ALLOC); NDR_CHECK(ndr_pull_security_secinfo(ndr, NDR_SCALARS, &r->in.sec_info)); + NDR_PULL_ALLOC(ndr, r->out.sdbuf); + ZERO_STRUCTP(r->out.sdbuf); } if (flags & NDR_OUT) { - NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sdbuf)); - if (_ptr_sdbuf) { + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { NDR_PULL_ALLOC(ndr, r->out.sdbuf); - } else { - r->out.sdbuf = NULL; } - if (r->out.sdbuf) { - _mem_save_sdbuf_0 = NDR_PULL_GET_MEM_CTX(ndr); - NDR_PULL_SET_MEM_CTX(ndr, r->out.sdbuf, 0); - NDR_CHECK(ndr_pull_sec_desc_buf(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.sdbuf)); - NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sdbuf_0, 0); + _mem_save_sdbuf_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->out.sdbuf, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_ref_ptr(ndr, &_ptr_sdbuf)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, *r->out.sdbuf); } + _mem_save_sdbuf_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, *r->out.sdbuf, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_sec_desc_buf(ndr, NDR_SCALARS|NDR_BUFFERS, *r->out.sdbuf)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sdbuf_1, LIBNDR_FLAG_REF_ALLOC); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sdbuf_0, LIBNDR_FLAG_REF_ALLOC); NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result)); } return NDR_ERR_SUCCESS; @@ -4834,9 +4843,10 @@ _PUBLIC_ void ndr_print_lsa_QuerySecurity(struct ndr_print *ndr, const char *nam ndr->depth++; ndr_print_ptr(ndr, "sdbuf", r->out.sdbuf); ndr->depth++; - if (r->out.sdbuf) { - ndr_print_sec_desc_buf(ndr, "sdbuf", r->out.sdbuf); - } + ndr_print_ptr(ndr, "sdbuf", *r->out.sdbuf); + ndr->depth++; + ndr_print_sec_desc_buf(ndr, "sdbuf", *r->out.sdbuf); + ndr->depth--; ndr->depth--; ndr_print_NTSTATUS(ndr, "result", r->out.result); ndr->depth--; @@ -4847,6 +4857,15 @@ _PUBLIC_ void ndr_print_lsa_QuerySecurity(struct ndr_print *ndr, const char *nam static enum ndr_err_code ndr_push_lsa_SetSecObj(struct ndr_push *ndr, int flags, const struct lsa_SetSecObj *r) { if (flags & NDR_IN) { + if (r->in.handle == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_policy_handle(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.handle)); + NDR_CHECK(ndr_push_security_secinfo(ndr, NDR_SCALARS, r->in.sec_info)); + if (r->in.sdbuf == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_sec_desc_buf(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.sdbuf)); } if (flags & NDR_OUT) { NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result)); @@ -4856,7 +4875,24 @@ static enum ndr_err_code ndr_push_lsa_SetSecObj(struct ndr_push *ndr, int flags, static enum ndr_err_code ndr_pull_lsa_SetSecObj(struct ndr_pull *ndr, int flags, struct lsa_SetSecObj *r) { + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_sdbuf_0; if (flags & NDR_IN) { + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.handle); + } + _mem_save_handle_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.handle, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_policy_handle(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.handle)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_handle_0, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_security_secinfo(ndr, NDR_SCALARS, &r->in.sec_info)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.sdbuf); + } + _mem_save_sdbuf_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.sdbuf, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_sec_desc_buf(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.sdbuf)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sdbuf_0, LIBNDR_FLAG_REF_ALLOC); } if (flags & NDR_OUT) { NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result)); @@ -4874,6 +4910,15 @@ _PUBLIC_ void ndr_print_lsa_SetSecObj(struct ndr_print *ndr, const char *name, i if (flags & NDR_IN) { ndr_print_struct(ndr, "in", "lsa_SetSecObj"); ndr->depth++; + ndr_print_ptr(ndr, "handle", r->in.handle); + ndr->depth++; + ndr_print_policy_handle(ndr, "handle", r->in.handle); + ndr->depth--; + ndr_print_security_secinfo(ndr, "sec_info", r->in.sec_info); + ndr_print_ptr(ndr, "sdbuf", r->in.sdbuf); + ndr->depth++; + ndr_print_sec_desc_buf(ndr, "sdbuf", r->in.sdbuf); + ndr->depth--; ndr->depth--; } if (flags & NDR_OUT) { @@ -7592,8 +7637,24 @@ _PUBLIC_ void ndr_print_lsa_LookupPrivDisplayName(struct ndr_print *ndr, const c static enum ndr_err_code ndr_push_lsa_DeleteObject(struct ndr_push *ndr, int flags, const struct lsa_DeleteObject *r) { if (flags & NDR_IN) { + if (r->in.handle == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + if (*r->in.handle == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_ref_ptr(ndr)); + NDR_CHECK(ndr_push_policy_handle(ndr, NDR_SCALARS|NDR_BUFFERS, *r->in.handle)); } if (flags & NDR_OUT) { + if (r->out.handle == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + if (*r->out.handle == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_ref_ptr(ndr)); + NDR_CHECK(ndr_push_policy_handle(ndr, NDR_SCALARS|NDR_BUFFERS, *r->out.handle)); NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result)); } return NDR_ERR_SUCCESS; @@ -7601,9 +7662,44 @@ static enum ndr_err_code ndr_push_lsa_DeleteObject(struct ndr_push *ndr, int fla static enum ndr_err_code ndr_pull_lsa_DeleteObject(struct ndr_pull *ndr, int flags, struct lsa_DeleteObject *r) { + uint32_t _ptr_handle; + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_handle_1; if (flags & NDR_IN) { + ZERO_STRUCT(r->out); + + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.handle); + } + _mem_save_handle_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.handle, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_ref_ptr(ndr, &_ptr_handle)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, *r->in.handle); + } + _mem_save_handle_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, *r->in.handle, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_policy_handle(ndr, NDR_SCALARS|NDR_BUFFERS, *r->in.handle)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_handle_1, LIBNDR_FLAG_REF_ALLOC); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_handle_0, LIBNDR_FLAG_REF_ALLOC); + NDR_PULL_ALLOC(ndr, r->out.handle); + *r->out.handle = *r->in.handle; } if (flags & NDR_OUT) { + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.handle); + } + _mem_save_handle_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->out.handle, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_ref_ptr(ndr, &_ptr_handle)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, *r->out.handle); + } + _mem_save_handle_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, *r->out.handle, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_policy_handle(ndr, NDR_SCALARS|NDR_BUFFERS, *r->out.handle)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_handle_1, LIBNDR_FLAG_REF_ALLOC); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_handle_0, LIBNDR_FLAG_REF_ALLOC); NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result)); } return NDR_ERR_SUCCESS; @@ -7619,11 +7715,25 @@ _PUBLIC_ void ndr_print_lsa_DeleteObject(struct ndr_print *ndr, const char *name if (flags & NDR_IN) { ndr_print_struct(ndr, "in", "lsa_DeleteObject"); ndr->depth++; + ndr_print_ptr(ndr, "handle", r->in.handle); + ndr->depth++; + ndr_print_ptr(ndr, "handle", *r->in.handle); + ndr->depth++; + ndr_print_policy_handle(ndr, "handle", *r->in.handle); + ndr->depth--; + ndr->depth--; ndr->depth--; } if (flags & NDR_OUT) { ndr_print_struct(ndr, "out", "lsa_DeleteObject"); ndr->depth++; + ndr_print_ptr(ndr, "handle", r->out.handle); + ndr->depth++; + ndr_print_ptr(ndr, "handle", *r->out.handle); + ndr->depth++; + ndr_print_policy_handle(ndr, "handle", *r->out.handle); + ndr->depth--; + ndr->depth--; ndr_print_NTSTATUS(ndr, "result", r->out.result); ndr->depth--; } diff --git a/source3/librpc/gen_ndr/ndr_samr.c b/source3/librpc/gen_ndr/ndr_samr.c index adbe549df0..ff3f0a1c98 100644 --- a/source3/librpc/gen_ndr/ndr_samr.c +++ b/source3/librpc/gen_ndr/ndr_samr.c @@ -4380,6 +4380,32 @@ _PUBLIC_ void ndr_print_samr_PwInfo(struct ndr_print *ndr, const char *name, con ndr->depth--; } +static enum ndr_err_code ndr_push_samr_ConnectVersion(struct ndr_push *ndr, int ndr_flags, enum samr_ConnectVersion r) +{ + NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r)); + return NDR_ERR_SUCCESS; +} + +static enum ndr_err_code ndr_pull_samr_ConnectVersion(struct ndr_pull *ndr, int ndr_flags, enum samr_ConnectVersion *r) +{ + uint16_t v; + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &v)); + *r = v; + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ void ndr_print_samr_ConnectVersion(struct ndr_print *ndr, const char *name, enum samr_ConnectVersion r) +{ + const char *val = NULL; + + switch (r) { + case SAMR_CONNECT_PRE_W2K: val = "SAMR_CONNECT_PRE_W2K"; break; + case SAMR_CONNECT_W2K: val = "SAMR_CONNECT_W2K"; break; + case SAMR_CONNECT_AFTER_W2K: val = "SAMR_CONNECT_AFTER_W2K"; break; + } + ndr_print_enum(ndr, name, "ENUM", val, r); +} + static enum ndr_err_code ndr_push_samr_ChangeReject(struct ndr_push *ndr, int ndr_flags, const struct samr_ChangeReject *r) { if (ndr_flags & NDR_SCALARS) { @@ -4420,7 +4446,7 @@ static enum ndr_err_code ndr_push_samr_ConnectInfo1(struct ndr_push *ndr, int nd { if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->unknown1)); + NDR_CHECK(ndr_push_samr_ConnectVersion(ndr, NDR_SCALARS, r->client_version)); NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->unknown2)); } if (ndr_flags & NDR_BUFFERS) { @@ -4432,7 +4458,7 @@ static enum ndr_err_code ndr_pull_samr_ConnectInfo1(struct ndr_pull *ndr, int nd { if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown1)); + NDR_CHECK(ndr_pull_samr_ConnectVersion(ndr, NDR_SCALARS, &r->client_version)); NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown2)); } if (ndr_flags & NDR_BUFFERS) { @@ -4444,7 +4470,7 @@ _PUBLIC_ void ndr_print_samr_ConnectInfo1(struct ndr_print *ndr, const char *nam { ndr_print_struct(ndr, name, "samr_ConnectInfo1"); ndr->depth++; - ndr_print_uint32(ndr, "unknown1", r->unknown1); + ndr_print_samr_ConnectVersion(ndr, "client_version", r->client_version); ndr_print_uint32(ndr, "unknown2", r->unknown2); ndr->depth--; } @@ -5425,7 +5451,11 @@ static enum ndr_err_code ndr_push_samr_QuerySecurity(struct ndr_push *ndr, int f if (r->out.sdbuf == NULL) { return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); } - NDR_CHECK(ndr_push_sec_desc_buf(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.sdbuf)); + if (*r->out.sdbuf == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_ref_ptr(ndr)); + NDR_CHECK(ndr_push_sec_desc_buf(ndr, NDR_SCALARS|NDR_BUFFERS, *r->out.sdbuf)); NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result)); } return NDR_ERR_SUCCESS; @@ -5433,8 +5463,10 @@ static enum ndr_err_code ndr_push_samr_QuerySecurity(struct ndr_push *ndr, int f static enum ndr_err_code ndr_pull_samr_QuerySecurity(struct ndr_pull *ndr, int flags, struct samr_QuerySecurity *r) { + uint32_t _ptr_sdbuf; TALLOC_CTX *_mem_save_handle_0; TALLOC_CTX *_mem_save_sdbuf_0; + TALLOC_CTX *_mem_save_sdbuf_1; if (flags & NDR_IN) { ZERO_STRUCT(r->out); @@ -5455,7 +5487,14 @@ static enum ndr_err_code ndr_pull_samr_QuerySecurity(struct ndr_pull *ndr, int f } _mem_save_sdbuf_0 = NDR_PULL_GET_MEM_CTX(ndr); NDR_PULL_SET_MEM_CTX(ndr, r->out.sdbuf, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_sec_desc_buf(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.sdbuf)); + NDR_CHECK(ndr_pull_ref_ptr(ndr, &_ptr_sdbuf)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, *r->out.sdbuf); + } + _mem_save_sdbuf_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, *r->out.sdbuf, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_sec_desc_buf(ndr, NDR_SCALARS|NDR_BUFFERS, *r->out.sdbuf)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sdbuf_1, LIBNDR_FLAG_REF_ALLOC); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sdbuf_0, LIBNDR_FLAG_REF_ALLOC); NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result)); } @@ -5484,7 +5523,10 @@ _PUBLIC_ void ndr_print_samr_QuerySecurity(struct ndr_print *ndr, const char *na ndr->depth++; ndr_print_ptr(ndr, "sdbuf", r->out.sdbuf); ndr->depth++; - ndr_print_sec_desc_buf(ndr, "sdbuf", r->out.sdbuf); + ndr_print_ptr(ndr, "sdbuf", *r->out.sdbuf); + ndr->depth++; + ndr_print_sec_desc_buf(ndr, "sdbuf", *r->out.sdbuf); + ndr->depth--; ndr->depth--; ndr_print_NTSTATUS(ndr, "result", r->out.result); ndr->depth--; @@ -5565,7 +5607,11 @@ static enum ndr_err_code ndr_push_samr_LookupDomain(struct ndr_push *ndr, int fl if (r->out.sid == NULL) { return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); } - NDR_CHECK(ndr_push_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.sid)); + if (*r->out.sid == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_ref_ptr(ndr)); + NDR_CHECK(ndr_push_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, *r->out.sid)); NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result)); } return NDR_ERR_SUCCESS; @@ -5573,9 +5619,11 @@ static enum ndr_err_code ndr_push_samr_LookupDomain(struct ndr_push *ndr, int fl static enum ndr_err_code ndr_pull_samr_LookupDomain(struct ndr_pull *ndr, int flags, struct samr_LookupDomain *r) { + uint32_t _ptr_sid; TALLOC_CTX *_mem_save_connect_handle_0; TALLOC_CTX *_mem_save_domain_name_0; TALLOC_CTX *_mem_save_sid_0; + TALLOC_CTX *_mem_save_sid_1; if (flags & NDR_IN) { ZERO_STRUCT(r->out); @@ -5602,7 +5650,14 @@ static enum ndr_err_code ndr_pull_samr_LookupDomain(struct ndr_pull *ndr, int fl } _mem_save_sid_0 = NDR_PULL_GET_MEM_CTX(ndr); NDR_PULL_SET_MEM_CTX(ndr, r->out.sid, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.sid)); + NDR_CHECK(ndr_pull_ref_ptr(ndr, &_ptr_sid)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, *r->out.sid); + } + _mem_save_sid_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, *r->out.sid, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, *r->out.sid)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sid_1, LIBNDR_FLAG_REF_ALLOC); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sid_0, LIBNDR_FLAG_REF_ALLOC); NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result)); } @@ -5634,7 +5689,10 @@ _PUBLIC_ void ndr_print_samr_LookupDomain(struct ndr_print *ndr, const char *nam ndr->depth++; ndr_print_ptr(ndr, "sid", r->out.sid); ndr->depth++; - ndr_print_dom_sid2(ndr, "sid", r->out.sid); + ndr_print_ptr(ndr, "sid", *r->out.sid); + ndr->depth++; + ndr_print_dom_sid2(ndr, "sid", *r->out.sid); + ndr->depth--; ndr->depth--; ndr_print_NTSTATUS(ndr, "result", r->out.result); ndr->depth--; @@ -5882,8 +5940,12 @@ static enum ndr_err_code ndr_push_samr_QueryDomainInfo(struct ndr_push *ndr, int if (r->out.info == NULL) { return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); } - NDR_CHECK(ndr_push_set_switch_value(ndr, r->out.info, r->in.level)); - NDR_CHECK(ndr_push_samr_DomainInfo(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.info)); + if (*r->out.info == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_ref_ptr(ndr)); + NDR_CHECK(ndr_push_set_switch_value(ndr, *r->out.info, r->in.level)); + NDR_CHECK(ndr_push_samr_DomainInfo(ndr, NDR_SCALARS|NDR_BUFFERS, *r->out.info)); NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result)); } return NDR_ERR_SUCCESS; @@ -5891,8 +5953,10 @@ static enum ndr_err_code ndr_push_samr_QueryDomainInfo(struct ndr_push *ndr, int static enum ndr_err_code ndr_pull_samr_QueryDomainInfo(struct ndr_pull *ndr, int flags, struct samr_QueryDomainInfo *r) { + uint32_t _ptr_info; TALLOC_CTX *_mem_save_domain_handle_0; TALLOC_CTX *_mem_save_info_0; + TALLOC_CTX *_mem_save_info_1; if (flags & NDR_IN) { ZERO_STRUCT(r->out); @@ -5913,8 +5977,15 @@ static enum ndr_err_code ndr_pull_samr_QueryDomainInfo(struct ndr_pull *ndr, int } _mem_save_info_0 = NDR_PULL_GET_MEM_CTX(ndr); NDR_PULL_SET_MEM_CTX(ndr, r->out.info, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_set_switch_value(ndr, r->out.info, r->in.level)); - NDR_CHECK(ndr_pull_samr_DomainInfo(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.info)); + NDR_CHECK(ndr_pull_ref_ptr(ndr, &_ptr_info)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, *r->out.info); + } + _mem_save_info_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, *r->out.info, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_set_switch_value(ndr, *r->out.info, r->in.level)); + NDR_CHECK(ndr_pull_samr_DomainInfo(ndr, NDR_SCALARS|NDR_BUFFERS, *r->out.info)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_info_1, LIBNDR_FLAG_REF_ALLOC); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_info_0, LIBNDR_FLAG_REF_ALLOC); NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result)); } @@ -5943,8 +6014,11 @@ _PUBLIC_ void ndr_print_samr_QueryDomainInfo(struct ndr_print *ndr, const char * ndr->depth++; ndr_print_ptr(ndr, "info", r->out.info); ndr->depth++; - ndr_print_set_switch_value(ndr, r->out.info, r->in.level); - ndr_print_samr_DomainInfo(ndr, "info", r->out.info); + ndr_print_ptr(ndr, "info", *r->out.info); + ndr->depth++; + ndr_print_set_switch_value(ndr, *r->out.info, r->in.level); + ndr_print_samr_DomainInfo(ndr, "info", *r->out.info); + ndr->depth--; ndr->depth--; ndr_print_NTSTATUS(ndr, "result", r->out.result); ndr->depth--; @@ -7610,7 +7684,11 @@ static enum ndr_err_code ndr_push_samr_QueryGroupMember(struct ndr_push *ndr, in if (r->out.rids == NULL) { return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); } - NDR_CHECK(ndr_push_samr_RidTypeArray(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.rids)); + if (*r->out.rids == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_ref_ptr(ndr)); + NDR_CHECK(ndr_push_samr_RidTypeArray(ndr, NDR_SCALARS|NDR_BUFFERS, *r->out.rids)); NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result)); } return NDR_ERR_SUCCESS; @@ -7618,8 +7696,10 @@ static enum ndr_err_code ndr_push_samr_QueryGroupMember(struct ndr_push *ndr, in static enum ndr_err_code ndr_pull_samr_QueryGroupMember(struct ndr_pull *ndr, int flags, struct samr_QueryGroupMember *r) { + uint32_t _ptr_rids; TALLOC_CTX *_mem_save_group_handle_0; TALLOC_CTX *_mem_save_rids_0; + TALLOC_CTX *_mem_save_rids_1; if (flags & NDR_IN) { ZERO_STRUCT(r->out); @@ -7639,7 +7719,14 @@ static enum ndr_err_code ndr_pull_samr_QueryGroupMember(struct ndr_pull *ndr, in } _mem_save_rids_0 = NDR_PULL_GET_MEM_CTX(ndr); NDR_PULL_SET_MEM_CTX(ndr, r->out.rids, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_samr_RidTypeArray(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.rids)); + NDR_CHECK(ndr_pull_ref_ptr(ndr, &_ptr_rids)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, *r->out.rids); + } + _mem_save_rids_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, *r->out.rids, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_samr_RidTypeArray(ndr, NDR_SCALARS|NDR_BUFFERS, *r->out.rids)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_rids_1, LIBNDR_FLAG_REF_ALLOC); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_rids_0, LIBNDR_FLAG_REF_ALLOC); NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result)); } @@ -7667,7 +7754,10 @@ _PUBLIC_ void ndr_print_samr_QueryGroupMember(struct ndr_print *ndr, const char ndr->depth++; ndr_print_ptr(ndr, "rids", r->out.rids); ndr->depth++; - ndr_print_samr_RidTypeArray(ndr, "rids", r->out.rids); + ndr_print_ptr(ndr, "rids", *r->out.rids); + ndr->depth++; + ndr_print_samr_RidTypeArray(ndr, "rids", *r->out.rids); + ndr->depth--; ndr->depth--; ndr_print_NTSTATUS(ndr, "result", r->out.result); ndr->depth--; @@ -9381,8 +9471,12 @@ static enum ndr_err_code ndr_push_samr_QueryDomainInfo2(struct ndr_push *ndr, in if (r->out.info == NULL) { return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); } - NDR_CHECK(ndr_push_set_switch_value(ndr, r->out.info, r->in.level)); - NDR_CHECK(ndr_push_samr_DomainInfo(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.info)); + if (*r->out.info == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_ref_ptr(ndr)); + NDR_CHECK(ndr_push_set_switch_value(ndr, *r->out.info, r->in.level)); + NDR_CHECK(ndr_push_samr_DomainInfo(ndr, NDR_SCALARS|NDR_BUFFERS, *r->out.info)); NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result)); } return NDR_ERR_SUCCESS; @@ -9390,8 +9484,10 @@ static enum ndr_err_code ndr_push_samr_QueryDomainInfo2(struct ndr_push *ndr, in static enum ndr_err_code ndr_pull_samr_QueryDomainInfo2(struct ndr_pull *ndr, int flags, struct samr_QueryDomainInfo2 *r) { + uint32_t _ptr_info; TALLOC_CTX *_mem_save_domain_handle_0; TALLOC_CTX *_mem_save_info_0; + TALLOC_CTX *_mem_save_info_1; if (flags & NDR_IN) { ZERO_STRUCT(r->out); @@ -9412,8 +9508,15 @@ static enum ndr_err_code ndr_pull_samr_QueryDomainInfo2(struct ndr_pull *ndr, in } _mem_save_info_0 = NDR_PULL_GET_MEM_CTX(ndr); NDR_PULL_SET_MEM_CTX(ndr, r->out.info, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_set_switch_value(ndr, r->out.info, r->in.level)); - NDR_CHECK(ndr_pull_samr_DomainInfo(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.info)); + NDR_CHECK(ndr_pull_ref_ptr(ndr, &_ptr_info)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, *r->out.info); + } + _mem_save_info_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, *r->out.info, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_set_switch_value(ndr, *r->out.info, r->in.level)); + NDR_CHECK(ndr_pull_samr_DomainInfo(ndr, NDR_SCALARS|NDR_BUFFERS, *r->out.info)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_info_1, LIBNDR_FLAG_REF_ALLOC); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_info_0, LIBNDR_FLAG_REF_ALLOC); NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result)); } @@ -9442,8 +9545,11 @@ _PUBLIC_ void ndr_print_samr_QueryDomainInfo2(struct ndr_print *ndr, const char ndr->depth++; ndr_print_ptr(ndr, "info", r->out.info); ndr->depth++; - ndr_print_set_switch_value(ndr, r->out.info, r->in.level); - ndr_print_samr_DomainInfo(ndr, "info", r->out.info); + ndr_print_ptr(ndr, "info", *r->out.info); + ndr->depth++; + ndr_print_set_switch_value(ndr, *r->out.info, r->in.level); + ndr_print_samr_DomainInfo(ndr, "info", *r->out.info); + ndr->depth--; ndr->depth--; ndr_print_NTSTATUS(ndr, "result", r->out.result); ndr->depth--; @@ -10977,7 +11083,7 @@ static enum ndr_err_code ndr_push_samr_Connect4(struct ndr_push *ndr, int flags, NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_charset_length(r->in.system_name, CH_UTF16))); NDR_CHECK(ndr_push_charset(ndr, NDR_SCALARS, r->in.system_name, ndr_charset_length(r->in.system_name, CH_UTF16), sizeof(uint16_t), CH_UTF16)); } - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->in.unknown)); + NDR_CHECK(ndr_push_samr_ConnectVersion(ndr, NDR_SCALARS, r->in.client_version)); NDR_CHECK(ndr_push_samr_ConnectAccessMask(ndr, NDR_SCALARS, r->in.access_mask)); } if (flags & NDR_OUT) { @@ -11016,7 +11122,7 @@ static enum ndr_err_code ndr_pull_samr_Connect4(struct ndr_pull *ndr, int flags, NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.system_name, ndr_get_array_length(ndr, &r->in.system_name), sizeof(uint16_t), CH_UTF16)); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_system_name_0, 0); } - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.unknown)); + NDR_CHECK(ndr_pull_samr_ConnectVersion(ndr, NDR_SCALARS, &r->in.client_version)); NDR_CHECK(ndr_pull_samr_ConnectAccessMask(ndr, NDR_SCALARS, &r->in.access_mask)); NDR_PULL_ALLOC(ndr, r->out.connect_handle); ZERO_STRUCTP(r->out.connect_handle); @@ -11050,7 +11156,7 @@ _PUBLIC_ void ndr_print_samr_Connect4(struct ndr_print *ndr, const char *name, i ndr_print_string(ndr, "system_name", r->in.system_name); } ndr->depth--; - ndr_print_uint32(ndr, "unknown", r->in.unknown); + ndr_print_samr_ConnectVersion(ndr, "client_version", r->in.client_version); ndr_print_samr_ConnectAccessMask(ndr, "access_mask", r->in.access_mask); ndr->depth--; } diff --git a/source3/librpc/gen_ndr/ndr_samr.h b/source3/librpc/gen_ndr/ndr_samr.h index 96fd59b507..f769cddddb 100644 --- a/source3/librpc/gen_ndr/ndr_samr.h +++ b/source3/librpc/gen_ndr/ndr_samr.h @@ -237,6 +237,7 @@ void ndr_print_samr_DispEntryAscii(struct ndr_print *ndr, const char *name, cons void ndr_print_samr_DispInfoAscii(struct ndr_print *ndr, const char *name, const struct samr_DispInfoAscii *r); void ndr_print_samr_DispInfo(struct ndr_print *ndr, const char *name, const union samr_DispInfo *r); void ndr_print_samr_PwInfo(struct ndr_print *ndr, const char *name, const struct samr_PwInfo *r); +void ndr_print_samr_ConnectVersion(struct ndr_print *ndr, const char *name, enum samr_ConnectVersion r); void ndr_print_samr_ChangeReject(struct ndr_print *ndr, const char *name, const struct samr_ChangeReject *r); void ndr_print_samr_ConnectInfo1(struct ndr_print *ndr, const char *name, const struct samr_ConnectInfo1 *r); void ndr_print_samr_ConnectInfo(struct ndr_print *ndr, const char *name, const union samr_ConnectInfo *r); diff --git a/source3/librpc/gen_ndr/netlogon.h b/source3/librpc/gen_ndr/netlogon.h index c8f3c03c79..612e30914a 100644 --- a/source3/librpc/gen_ndr/netlogon.h +++ b/source3/librpc/gen_ndr/netlogon.h @@ -1350,7 +1350,7 @@ struct netr_NETRLOGONSENDTOSAM { struct netr_DsRAddressToSitenamesW { struct { const char *server_name;/* [unique,charset(UTF16)] */ - uint32_t count;/* [range(0 32000)] */ + uint32_t count;/* [range(0,32000)] */ struct netr_DsRAddress *addresses;/* [ref,size_is(count)] */ } in; @@ -1405,7 +1405,7 @@ struct netr_NetrEnumerateTrustedDomainsEx { struct netr_DsRAddressToSitenamesExW { struct { const char *server_name;/* [unique,charset(UTF16)] */ - uint32_t count;/* [range(0 32000)] */ + uint32_t count;/* [range(0,32000)] */ struct netr_DsRAddress *addresses;/* [ref,size_is(count)] */ } in; diff --git a/source3/librpc/gen_ndr/samr.h b/source3/librpc/gen_ndr/samr.h index c6a68e8bd5..d0e758d72f 100644 --- a/source3/librpc/gen_ndr/samr.h +++ b/source3/librpc/gen_ndr/samr.h @@ -200,7 +200,7 @@ union samr_DomainInfo { }/* [switch_type(uint16)] */; struct samr_Ids { - uint32_t count;/* [range(0 1024)] */ + uint32_t count;/* [range(0,1024)] */ uint32_t *ids;/* [unique,size_is(count)] */ }; @@ -603,6 +603,21 @@ struct samr_PwInfo { uint32_t password_properties; }; +enum samr_ConnectVersion +#ifndef USE_UINT_ENUMS + { + SAMR_CONNECT_PRE_W2K=1, + SAMR_CONNECT_W2K=2, + SAMR_CONNECT_AFTER_W2K=3 +} +#else + { __donnot_use_enum_samr_ConnectVersion=0x7FFFFFFF} +#define SAMR_CONNECT_PRE_W2K ( 1 ) +#define SAMR_CONNECT_W2K ( 2 ) +#define SAMR_CONNECT_AFTER_W2K ( 3 ) +#endif +; + enum samr_RejectReason; struct samr_ChangeReject { @@ -612,7 +627,7 @@ struct samr_ChangeReject { }; struct samr_ConnectInfo1 { - uint32_t unknown1; + enum samr_ConnectVersion client_version; uint32_t unknown2; }; @@ -773,7 +788,7 @@ struct samr_QuerySecurity { } in; struct { - struct sec_desc_buf *sdbuf;/* [ref] */ + struct sec_desc_buf **sdbuf;/* [ref] */ NTSTATUS result; } out; @@ -799,7 +814,7 @@ struct samr_LookupDomain { } in; struct { - struct dom_sid2 *sid;/* [ref] */ + struct dom_sid2 **sid;/* [ref] */ NTSTATUS result; } out; @@ -845,7 +860,7 @@ struct samr_QueryDomainInfo { } in; struct { - union samr_DomainInfo *info;/* [ref,switch_is(level)] */ + union samr_DomainInfo **info;/* [ref,switch_is(level)] */ NTSTATUS result; } out; @@ -983,7 +998,7 @@ struct samr_GetAliasMembership { struct samr_LookupNames { struct { struct policy_handle *domain_handle;/* [ref] */ - uint32_t num_names;/* [range(0 1000)] */ + uint32_t num_names;/* [range(0,1000)] */ struct lsa_String *names;/* [length_is(num_names),size_is(1000)] */ } in; @@ -999,7 +1014,7 @@ struct samr_LookupNames { struct samr_LookupRids { struct { struct policy_handle *domain_handle;/* [ref] */ - uint32_t num_rids;/* [range(0 1000)] */ + uint32_t num_rids;/* [range(0,1000)] */ uint32_t *rids;/* [length_is(num_rids),size_is(1000)] */ } in; @@ -1101,7 +1116,7 @@ struct samr_QueryGroupMember { } in; struct { - struct samr_RidTypeArray *rids;/* [ref] */ + struct samr_RidTypeArray **rids;/* [ref] */ NTSTATUS result; } out; @@ -1399,7 +1414,7 @@ struct samr_QueryDomainInfo2 { } in; struct { - union samr_DomainInfo *info;/* [ref,switch_is(level)] */ + union samr_DomainInfo **info;/* [ref,switch_is(level)] */ NTSTATUS result; } out; @@ -1637,7 +1652,7 @@ struct samr_Connect3 { struct samr_Connect4 { struct { const char *system_name;/* [unique,charset(UTF16)] */ - uint32_t unknown; + enum samr_ConnectVersion client_version; uint32_t access_mask; } in; diff --git a/source3/librpc/gen_ndr/security.h b/source3/librpc/gen_ndr/security.h index f37b5d70f0..a17fd512f7 100644 --- a/source3/librpc/gen_ndr/security.h +++ b/source3/librpc/gen_ndr/security.h @@ -258,7 +258,7 @@ enum security_acl_revision struct security_acl { enum security_acl_revision revision; uint16_t size;/* [value(ndr_size_security_acl(r,ndr->flags))] */ - uint32_t num_aces;/* [range(0 1000)] */ + uint32_t num_aces;/* [range(0,1000)] */ struct security_ace *aces; }/* [gensize,public,nosize] */; @@ -301,7 +301,7 @@ struct security_descriptor { }/* [gensize,public,flag(LIBNDR_FLAG_LITTLE_ENDIAN),nosize] */; struct sec_desc_buf { - uint32_t sd_size;/* [value(ndr_size_security_descriptor(sd,ndr->flags)),range(0 0x40000)] */ + uint32_t sd_size;/* [value(ndr_size_security_descriptor(sd,ndr->flags)),range(0,0x40000)] */ struct security_descriptor *sd;/* [unique,subcontext(4)] */ }/* [public] */; diff --git a/source3/librpc/gen_ndr/srv_eventlog.c b/source3/librpc/gen_ndr/srv_eventlog.c index d9310a8fbb..fc94993cee 100644 --- a/source3/librpc/gen_ndr/srv_eventlog.c +++ b/source3/librpc/gen_ndr/srv_eventlog.c @@ -418,6 +418,13 @@ static bool api_eventlog_GetOldestRecord(pipes_struct *p) NDR_PRINT_IN_DEBUG(eventlog_GetOldestRecord, r); } + ZERO_STRUCT(r->out); + r->out.oldest_entry = talloc_zero(r, uint32_t); + if (r->out.oldest_entry == NULL) { + talloc_free(r); + return false; + } + r->out.result = _eventlog_GetOldestRecord(p, r); if (p->rng_fault_state) { diff --git a/source3/librpc/gen_ndr/srv_lsa.c b/source3/librpc/gen_ndr/srv_lsa.c index 8f8f985650..aa870a6d59 100644 --- a/source3/librpc/gen_ndr/srv_lsa.c +++ b/source3/librpc/gen_ndr/srv_lsa.c @@ -274,7 +274,7 @@ static bool api_lsa_QuerySecurity(pipes_struct *p) } ZERO_STRUCT(r->out); - r->out.sdbuf = talloc_zero(r, struct sec_desc_buf); + r->out.sdbuf = talloc_zero(r, struct sec_desc_buf *); if (r->out.sdbuf == NULL) { talloc_free(r); return false; @@ -2674,6 +2674,8 @@ static bool api_lsa_DeleteObject(pipes_struct *p) NDR_PRINT_IN_DEBUG(lsa_DeleteObject, r); } + ZERO_STRUCT(r->out); + r->out.handle = r->in.handle; r->out.result = _lsa_DeleteObject(p, r); if (p->rng_fault_state) { diff --git a/source3/librpc/gen_ndr/srv_samr.c b/source3/librpc/gen_ndr/srv_samr.c index 72116f355b..38cc59978c 100644 --- a/source3/librpc/gen_ndr/srv_samr.c +++ b/source3/librpc/gen_ndr/srv_samr.c @@ -273,7 +273,7 @@ static bool api_samr_QuerySecurity(pipes_struct *p) } ZERO_STRUCT(r->out); - r->out.sdbuf = talloc_zero(r, struct sec_desc_buf); + r->out.sdbuf = talloc_zero(r, struct sec_desc_buf *); if (r->out.sdbuf == NULL) { talloc_free(r); return false; @@ -426,7 +426,7 @@ static bool api_samr_LookupDomain(pipes_struct *p) } ZERO_STRUCT(r->out); - r->out.sid = talloc_zero(r, struct dom_sid2); + r->out.sid = talloc_zero(r, struct dom_sid2 *); if (r->out.sid == NULL) { talloc_free(r); return false; @@ -673,7 +673,7 @@ static bool api_samr_QueryDomainInfo(pipes_struct *p) } ZERO_STRUCT(r->out); - r->out.info = talloc_zero(r, union samr_DomainInfo); + r->out.info = talloc_zero(r, union samr_DomainInfo *); if (r->out.info == NULL) { talloc_free(r); return false; @@ -2051,7 +2051,7 @@ static bool api_samr_QueryGroupMember(pipes_struct *p) } ZERO_STRUCT(r->out); - r->out.rids = talloc_zero(r, struct samr_RidTypeArray); + r->out.rids = talloc_zero(r, struct samr_RidTypeArray *); if (r->out.rids == NULL) { talloc_free(r); return false; @@ -3670,7 +3670,7 @@ static bool api_samr_QueryDomainInfo2(pipes_struct *p) } ZERO_STRUCT(r->out); - r->out.info = talloc_zero(r, union samr_DomainInfo); + r->out.info = talloc_zero(r, union samr_DomainInfo *); if (r->out.info == NULL) { talloc_free(r); return false; diff --git a/source3/librpc/gen_ndr/unixinfo.h b/source3/librpc/gen_ndr/unixinfo.h index 34dc27f469..bfe0934ccd 100644 --- a/source3/librpc/gen_ndr/unixinfo.h +++ b/source3/librpc/gen_ndr/unixinfo.h @@ -68,12 +68,12 @@ struct unixinfo_GidToSid { struct unixinfo_GetPWUid { struct { uint64_t *uids;/* [size_is(*count)] */ - uint32_t *count;/* [ref,range(0 1023)] */ + uint32_t *count;/* [ref,range(0,1023)] */ } in; struct { struct unixinfo_GetPWUidInfo *infos;/* [size_is(*count)] */ - uint32_t *count;/* [ref,range(0 1023)] */ + uint32_t *count;/* [ref,range(0,1023)] */ NTSTATUS result; } out; diff --git a/source3/librpc/idl/eventlog.idl b/source3/librpc/idl/eventlog.idl index 3defd99400..18b1a0e454 100644 --- a/source3/librpc/idl/eventlog.idl +++ b/source3/librpc/idl/eventlog.idl @@ -8,7 +8,6 @@ import "lsa.idl", "security.idl"; [ uuid("82273fdc-e32a-18c3-3f78-827929dc23ea"), version(0.0), - pointer_default(unique), helpstring("Event Logger") ] interface eventlog { @@ -60,7 +59,7 @@ import "lsa.idl", "security.idl"; /* Function: 0x00 */ NTSTATUS eventlog_ClearEventLogW( [in] policy_handle *handle, - [in,unique] lsa_String *unknown + [in,unique] lsa_String *backupfile ); /******************/ @@ -86,7 +85,10 @@ import "lsa.idl", "security.idl"; /******************/ /* Function: 0x05 */ - NTSTATUS eventlog_GetOldestRecord(); + NTSTATUS eventlog_GetOldestRecord( + [in] policy_handle *handle, + [out,ref] uint32 *oldest_entry + ); /******************/ /* Function: 0x06 */ @@ -96,8 +98,8 @@ import "lsa.idl", "security.idl"; /* Function: 0x07 */ NTSTATUS eventlog_OpenEventLogW( [in,unique] eventlog_OpenUnknown0 *unknown0, - [in] lsa_String logname, - [in] lsa_String servername, + [in,ref] lsa_String *logname, + [in,ref] lsa_String *servername, [in] uint32 unknown2, [in] uint32 unknown3, [out] policy_handle *handle @@ -117,10 +119,10 @@ import "lsa.idl", "security.idl"; [in] policy_handle *handle, [in] uint32 flags, [in] uint32 offset, - [in] uint32 number_of_bytes, - [out,size_is(number_of_bytes)] uint8 *data, - [out] uint32 *sent_size, - [out] uint32 *real_size + [in] [range(0,0x7FFFF)] uint32 number_of_bytes, + [out,ref,size_is(number_of_bytes)] uint8 *data, + [out,ref] uint32 *sent_size, + [out,ref] uint32 *real_size ); /*****************/ diff --git a/source3/librpc/idl/lsa.idl b/source3/librpc/idl/lsa.idl index 8d26ec0aad..477ff3ff9b 100644 --- a/source3/librpc/idl/lsa.idl +++ b/source3/librpc/idl/lsa.idl @@ -82,14 +82,17 @@ import "security.idl"; NTSTATUS lsa_QuerySecurity ( [in] policy_handle *handle, [in] security_secinfo sec_info, - [out,unique] sec_desc_buf *sdbuf + [out,ref] sec_desc_buf **sdbuf ); /******************/ /* Function: 0x04 */ - NTSTATUS lsa_SetSecObj (); - + NTSTATUS lsa_SetSecObj( + [in] policy_handle *handle, + [in] security_secinfo sec_info, + [in,ref] sec_desc_buf *sdbuf + ); /******************/ /* Function: 0x05 */ @@ -653,9 +656,10 @@ import "security.idl"; ); /* Function: 0x22 */ - NTSTATUS lsa_DeleteObject(); + NTSTATUS lsa_DeleteObject( + [in,out] policy_handle **handle + ); - /*******************/ /* Function: 0x23 */ NTSTATUS lsa_EnumAccountsWithUserRight ( diff --git a/source3/librpc/idl/netlogon.idl b/source3/librpc/idl/netlogon.idl index 4eb1bff94f..5b84452e3f 100644 --- a/source3/librpc/idl/netlogon.idl +++ b/source3/librpc/idl/netlogon.idl @@ -12,8 +12,7 @@ import "lsa.idl", "samr.idl", "security.idl"; uuid("12345678-1234-abcd-ef00-01234567cffb"), version(1.0), endpoint("ncacn_np:[\\pipe\\netlogon]","ncacn_ip_tcp:","ncalrpc:"), - pointer_default(unique), - pointer_default_top(unique) + pointer_default(unique) ] interface netlogon @@ -44,7 +43,7 @@ interface netlogon } netr_UasInfo; WERROR netr_LogonUasLogon( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in] [string,charset(UTF16)] uint16 account_name[], [in] [string,charset(UTF16)] uint16 workstation[], [out,ref] netr_UasInfo *info @@ -60,7 +59,7 @@ interface netlogon } netr_UasLogoffInfo; WERROR netr_LogonUasLogoff( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in] [string,charset(UTF16)] uint16 account_name[], [in] [string,charset(UTF16)] uint16 workstation[], [out,ref] netr_UasLogoffInfo *info @@ -241,10 +240,10 @@ interface netlogon } netr_Authenticator; NTSTATUS netr_LogonSamLogon( - [in] [string,charset(UTF16)] uint16 *server_name, - [in] [string,charset(UTF16)] uint16 *computer_name, - [in] netr_Authenticator *credential, - [in][out] netr_Authenticator *return_authenticator, + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *computer_name, + [in,unique] netr_Authenticator *credential, + [in,out,unique] netr_Authenticator *return_authenticator, [in] uint16 logon_level, [in] [switch_is(logon_level)] netr_LogonLevel logon, [in] uint16 validation_level, @@ -257,10 +256,10 @@ interface netlogon /* Function 0x03 */ NTSTATUS netr_LogonSamLogoff( - [in] [string,charset(UTF16)] uint16 *server_name, - [in] [string,charset(UTF16)] uint16 *computer_name, - [in] netr_Authenticator *credential, - [in][out] netr_Authenticator *return_authenticator, + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *computer_name, + [in,unique] netr_Authenticator *credential, + [in,out,unique] netr_Authenticator *return_authenticator, [in] uint16 logon_level, [in] [switch_is(logon_level)] netr_LogonLevel logon ); @@ -271,7 +270,7 @@ interface netlogon /* Function 0x04 */ NTSTATUS netr_ServerReqChallenge( - [in,string,charset(UTF16)] uint16 *server_name, + [in,unique,string,charset(UTF16)] uint16 *server_name, [in,string,charset(UTF16)] uint16 computer_name[], [in,out,ref] netr_Credential *credentials ); @@ -283,7 +282,7 @@ interface netlogon typedef enum netr_SchannelType netr_SchannelType; NTSTATUS netr_ServerAuthenticate( - [in,string,charset(UTF16)] uint16 *server_name, + [in,unique,string,charset(UTF16)] uint16 *server_name, [in,string,charset(UTF16)] uint16 account_name[], [in] netr_SchannelType secure_channel_type, [in,string,charset(UTF16)] uint16 computer_name[], @@ -295,7 +294,7 @@ interface netlogon /* Function 0x06 */ NTSTATUS netr_ServerPasswordSet( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in] [string,charset(UTF16)] uint16 account_name[], [in] netr_SchannelType secure_channel_type, [in] [string,charset(UTF16)] uint16 computer_name[], @@ -721,7 +720,7 @@ interface netlogon } netr_AccountBuffer; NTSTATUS netr_AccountDeltas( - [in] [string,charset(UTF16)] uint16 *logon_server, + [in,unique] [string,charset(UTF16)] uint16 *logon_server, [in] [string,charset(UTF16)] uint16 computername[], [in] netr_Authenticator credential, [in,out,ref] netr_Authenticator *return_authenticator, @@ -740,7 +739,7 @@ interface netlogon /* Function 0x0A */ NTSTATUS netr_AccountSync( - [in] [string,charset(UTF16)] uint16 *logon_server, + [in,unique] [string,charset(UTF16)] uint16 *logon_server, [in] [string,charset(UTF16)] uint16 computername[], [in] netr_Authenticator credential, [in,out,ref] netr_Authenticator *return_authenticator, @@ -760,7 +759,7 @@ interface netlogon WERROR netr_GetDcName( [in] [string,charset(UTF16)] uint16 logon_server[], - [in] [string,charset(UTF16)] uint16 *domainname, + [in,unique] [string,charset(UTF16)] uint16 *domainname, [out,ref] [string,charset(UTF16)] uint16 **dcname ); @@ -804,7 +803,7 @@ interface netlogon } netr_LogonControlCode; WERROR netr_LogonControl( - [in] [string,charset(UTF16)] uint16 *logon_server, + [in,unique] [string,charset(UTF16)] uint16 *logon_server, [in] netr_LogonControlCode function_code, [in] uint32 level, [out,ref,switch_is(level)] netr_CONTROL_QUERY_INFORMATION *info @@ -815,8 +814,8 @@ interface netlogon /* Function 0x0D */ WERROR netr_GetAnyDCName( - [in] [string,charset(UTF16)] uint16 *logon_server, - [in] [string,charset(UTF16)] uint16 *domainname, + [in,unique] [string,charset(UTF16)] uint16 *logon_server, + [in,unique] [string,charset(UTF16)] uint16 *domainname, [out,ref] [string,charset(UTF16)] uint16 **dcname ); @@ -832,7 +831,7 @@ interface netlogon } netr_CONTROL_DATA_INFORMATION; WERROR netr_LogonControl2( - [in] [string,charset(UTF16)] uint16 *logon_server, + [in,unique] [string,charset(UTF16)] uint16 *logon_server, [in] uint32 function_code, [in] uint32 level, [in][switch_is(function_code)] netr_CONTROL_DATA_INFORMATION data, @@ -851,7 +850,7 @@ interface netlogon /* Function 0x0F */ NTSTATUS netr_ServerAuthenticate2( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in] [string,charset(UTF16)] uint16 account_name[], [in] netr_SchannelType secure_channel_type, [in] [string,charset(UTF16)] uint16 computer_name[], @@ -886,7 +885,7 @@ interface netlogon [in] [string,charset(UTF16)] uint16 computername[], [in] netr_Authenticator credential, [in,out,ref] netr_Authenticator *return_authenticator, - [in][size_is(change_log_entry_size)] uint8 *change_log_entry, + [in,unique][size_is(change_log_entry_size)] uint8 *change_log_entry, [in] uint32 change_log_entry_size, [out,ref] netr_DELTA_ENUM_ARRAY *delta_enum_array ); @@ -896,7 +895,7 @@ interface netlogon /* Function 0x12 */ WERROR netr_LogonControl2Ex( - [in] [string,charset(UTF16)] uint16 *logon_server, + [in,unique] [string,charset(UTF16)] uint16 *logon_server, [in] uint32 function_code, [in] uint32 level, [in][switch_is(function_code)] netr_CONTROL_DATA_INFORMATION data, @@ -911,7 +910,7 @@ interface netlogon } netr_Blob; WERROR netr_NetrEnumerateTrustedDomains( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [out,ref] netr_Blob *trusted_domains_blob ); @@ -978,10 +977,10 @@ interface netlogon } netr_DsRGetDCNameInfo; WERROR netr_DsRGetDCName( - [in] [string,charset(UTF16)] uint16 *server_unc, - [in] [string,charset(UTF16)] uint16 *domain_name, - [in] GUID *domain_guid, - [in] GUID *site_guid, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *domain_name, + [in,unique] GUID *domain_guid, + [in,unique] GUID *site_guid, [in] netr_DsRGetDCName_flags flags, [out,ref] netr_DsRGetDCNameInfo *info ); @@ -997,8 +996,8 @@ interface netlogon /****************/ /* Function 0x17 */ WERROR netr_LogonGetTrustRid( - [in] [string,charset(UTF16)] uint16 *server_name, - [in] [string,charset(UTF16)] uint16 *domain_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *domain_name, [out,ref] uint32 *rid ); @@ -1013,7 +1012,7 @@ interface netlogon /****************/ /* Function 0x1a */ NTSTATUS netr_ServerAuthenticate3( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in] [string,charset(UTF16)] uint16 account_name[], [in] netr_SchannelType secure_channel_type, [in] [string,charset(UTF16)] uint16 computer_name[], @@ -1026,10 +1025,10 @@ interface netlogon /* Function 0x1b */ WERROR netr_DsRGetDCNameEx( - [in] [string,charset(UTF16)] uint16 *server_unc, - [in] [string,charset(UTF16)] uint16 *domain_name, - [in] GUID *domain_guid, - [in] [string,charset(UTF16)] uint16 *site_name, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *domain_name, + [in,unique] GUID *domain_guid, + [in,unique] [string,charset(UTF16)] uint16 *site_name, [in] netr_DsRGetDCName_flags flags, [out,ref] netr_DsRGetDCNameInfo **info ); @@ -1037,7 +1036,7 @@ interface netlogon /****************/ /* Function 0x1c */ WERROR netr_DsRGetSiteName( - [in] [string,charset(UTF16)] uint16 *computer_name, + [in,unique] [string,charset(UTF16)] uint16 *computer_name, [out,ref] [string,charset(UTF16)] uint16 **site ); @@ -1094,7 +1093,7 @@ interface netlogon NTSTATUS netr_LogonGetDomainInfo( [in] [string,charset(UTF16)] uint16 server_name[], - [in] [string,charset(UTF16)] uint16 *computer_name, + [in,unique] [string,charset(UTF16)] uint16 *computer_name, [in,ref] netr_Authenticator *credential, [in,out,ref] netr_Authenticator *return_authenticator, [in] uint32 level, @@ -1110,7 +1109,7 @@ interface netlogon /*****************/ /* Function 0x1e */ NTSTATUS netr_ServerPasswordSet2( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in] [string,charset(UTF16)] uint16 account_name[], [in] netr_SchannelType secure_channel_type, [in] [string,charset(UTF16)] uint16 computer_name[], @@ -1122,7 +1121,7 @@ interface netlogon /****************/ /* Function 0x1f */ WERROR netr_ServerPasswordGet( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in] [string,charset(UTF16)] uint16 account_name[], [in] netr_SchannelType secure_channel_type, [in] [string,charset(UTF16)] uint16 computer_name[], @@ -1148,7 +1147,7 @@ interface netlogon } netr_DsRAddress; WERROR netr_DsRAddressToSitenamesW( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in] [range(0,32000)] uint32 count, [in] [size_is(count)] [ref] netr_DsRAddress *addresses, [out] [ref] netr_DsRAddressToSitenamesWCtr **ctr @@ -1157,12 +1156,12 @@ interface netlogon /****************/ /* Function 0x22 */ WERROR netr_DsRGetDCNameEx2( - [in] [string,charset(UTF16)] uint16 *server_unc, - [in] [string,charset(UTF16)] uint16 *client_account, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *client_account, [in] samr_AcctFlags mask, - [in] [string,charset(UTF16)] uint16 *domain_name, - [in] GUID *domain_guid, - [in] [string,charset(UTF16)] uint16 *site_name, + [in,unique] [string,charset(UTF16)] uint16 *domain_name, + [in,unique] GUID *domain_guid, + [in,unique] [string,charset(UTF16)] uint16 *site_name, [in] netr_DsRGetDCName_flags flags, [out,ref] netr_DsRGetDCNameInfo **info ); @@ -1216,7 +1215,7 @@ interface netlogon } netr_DomainTrustList; WERROR netr_NetrEnumerateTrustedDomainsEx( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [out,ref] netr_DomainTrustList *dom_trust_list ); @@ -1229,7 +1228,7 @@ interface netlogon } netr_DsRAddressToSitenamesExWCtr; WERROR netr_DsRAddressToSitenamesExW( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in] [range(0,32000)] uint32 count, [in] [size_is(count)] [ref] netr_DsRAddress *addresses, [out] [ref] netr_DsRAddressToSitenamesExWCtr **ctr @@ -1244,15 +1243,15 @@ interface netlogon } DcSitesCtr; WERROR netr_DsrGetDcSiteCoverageW( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [out,ref] DcSitesCtr *ctr ); /****************/ /* Function 0x27 */ NTSTATUS netr_LogonSamLogonEx( - [in] [string,charset(UTF16)] uint16 *server_name, - [in] [string,charset(UTF16)] uint16 *computer_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *computer_name, [in] uint16 logon_level, [in] [switch_is(logon_level)] netr_LogonLevel logon, [in] uint16 validation_level, @@ -1265,7 +1264,7 @@ interface netlogon /* Function 0x28 */ WERROR netr_DsrEnumerateDomainTrusts( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in] netr_TrustFlags trust_flags, [out,ref] netr_DomainTrustList *trusts ); @@ -1274,17 +1273,17 @@ interface netlogon /****************/ /* Function 0x29 */ WERROR netr_DsrDeregisterDNSHostRecords( - [in] [string,charset(UTF16)] uint16 *server_name, - [in] [string,charset(UTF16)] uint16 *domain, - [in] GUID *domain_guid, - [in] GUID *dsa_guid, + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *domain, + [in,unique] GUID *domain_guid, + [in,unique] GUID *dsa_guid, [in,ref] [string,charset(UTF16)] uint16 *dns_host ); /****************/ /* Function 0x2a */ NTSTATUS netr_ServerTrustPasswordsGet( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in] [string,charset(UTF16)] uint16 account_name[], [in] netr_SchannelType secure_channel_type, [in] [string,charset(UTF16)] uint16 computer_name[], @@ -1300,8 +1299,8 @@ interface netlogon const int DS_GFTI_UPDATE_TDO = 0x1; WERROR netr_DsRGetForestTrustInformation( - [in] [string,charset(UTF16)] uint16 *server_name, - [in] [string,charset(UTF16)] uint16 *trusted_domain_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *trusted_domain_name, [in] uint32 flags, [out,ref] lsa_ForestTrustInformation **forest_trust_info ); @@ -1309,7 +1308,7 @@ interface netlogon /****************/ /* Function 0x2c */ WERROR netr_GetForestTrustInformation( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in,ref] [string,charset(UTF16)] uint16 *trusted_domain_name, [in,ref] netr_Authenticator *credential, [out,ref] netr_Authenticator *return_authenticator, @@ -1322,10 +1321,10 @@ interface netlogon /* this is the ADS varient. I don't yet know what the "flags" are for */ NTSTATUS netr_LogonSamLogonWithFlags( - [in] [string,charset(UTF16)] uint16 *server_name, - [in] [string,charset(UTF16)] uint16 *computer_name, - [in] netr_Authenticator *credential, - [in][out] netr_Authenticator *return_authenticator, + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *computer_name, + [in,unique] netr_Authenticator *credential, + [in,out,unique] netr_Authenticator *return_authenticator, [in] uint16 logon_level, [in] [switch_is(logon_level)] netr_LogonLevel logon, [in] uint16 validation_level, diff --git a/source3/librpc/idl/samr.idl b/source3/librpc/idl/samr.idl index 2c4fef5a7d..46d5e492e8 100644 --- a/source3/librpc/idl/samr.idl +++ b/source3/librpc/idl/samr.idl @@ -12,8 +12,7 @@ import "misc.idl", "lsa.idl", "security.idl"; [ uuid("12345778-1234-abcd-ef00-0123456789ac"), version(1.0), endpoint("ncacn_np:[\\pipe\\samr]","ncacn_ip_tcp:", "ncalrpc:"), - pointer_default(unique), - pointer_default_top(unique) + pointer_default(unique) ] interface samr { typedef bitmap security_secinfo security_secinfo; @@ -98,7 +97,7 @@ import "misc.idl", "lsa.idl", "security.idl"; /* Function: 0x00 */ NTSTATUS samr_Connect ( /* notice the lack of [string] */ - [in] uint16 *system_name, + [in,unique] uint16 *system_name, [in] samr_ConnectAccessMask access_mask, [out,ref] policy_handle *connect_handle ); @@ -125,7 +124,7 @@ import "misc.idl", "lsa.idl", "security.idl"; NTSTATUS samr_QuerySecurity ( [in,ref] policy_handle *handle, [in] security_secinfo sec_info, - [out,ref] sec_desc_buf *sdbuf + [out,ref] sec_desc_buf **sdbuf ); /******************/ @@ -141,9 +140,9 @@ import "misc.idl", "lsa.idl", "security.idl"; /******************/ /* Function: 0x05 */ NTSTATUS samr_LookupDomain ( - [in,ref] policy_handle *connect_handle, + [in,ref] policy_handle *connect_handle, [in,ref] lsa_String *domain_name, - [out,ref] dom_sid2 *sid + [out,ref] dom_sid2 **sid ); @@ -288,7 +287,7 @@ import "misc.idl", "lsa.idl", "security.idl"; NTSTATUS samr_QueryDomainInfo( [in,ref] policy_handle *domain_handle, [in] uint16 level, - [out,ref,switch_is(level)] samr_DomainInfo *info + [out,ref,switch_is(level)] samr_DomainInfo **info ); /************************/ @@ -349,7 +348,7 @@ import "misc.idl", "lsa.idl", "security.idl"; [in,out,ref] uint32 *resume_handle, [in] samr_AcctFlags acct_flags, [in] uint32 max_size, - [out] samr_SamArray *sam, + [out,unique] samr_SamArray *sam, [out,ref] uint32 *num_entries ); @@ -509,7 +508,7 @@ import "misc.idl", "lsa.idl", "security.idl"; NTSTATUS samr_QueryGroupMember( [in,ref] policy_handle *group_handle, - [out,ref] samr_RidTypeArray *rids + [out,ref] samr_RidTypeArray **rids ); @@ -887,15 +886,15 @@ import "misc.idl", "lsa.idl", "security.idl"; NTSTATUS samr_ChangePasswordUser( [in,ref] policy_handle *user_handle, [in] boolean8 lm_present, - [in] samr_Password *old_lm_crypted, - [in] samr_Password *new_lm_crypted, + [in,unique] samr_Password *old_lm_crypted, + [in,unique] samr_Password *new_lm_crypted, [in] boolean8 nt_present, - [in] samr_Password *old_nt_crypted, - [in] samr_Password *new_nt_crypted, + [in,unique] samr_Password *old_nt_crypted, + [in,unique] samr_Password *new_nt_crypted, [in] boolean8 cross1_present, - [in] samr_Password *nt_cross, + [in,unique] samr_Password *nt_cross, [in] boolean8 cross2_present, - [in] samr_Password *lm_cross + [in,unique] samr_Password *lm_cross ); /************************/ @@ -1061,7 +1060,7 @@ import "misc.idl", "lsa.idl", "security.idl"; NTSTATUS samr_QueryDomainInfo2( [in,ref] policy_handle *domain_handle, [in] uint16 level, - [out,ref,switch_is(level)] samr_DomainInfo *info + [out,ref,switch_is(level)] samr_DomainInfo **info ); /************************/ @@ -1155,35 +1154,35 @@ import "misc.idl", "lsa.idl", "security.idl"; /* Function 0x36 */ NTSTATUS samr_OemChangePasswordUser2( - [in] lsa_AsciiString *server, + [in,unique] lsa_AsciiString *server, [in,ref] lsa_AsciiString *account, - [in] samr_CryptPassword *password, - [in] samr_Password *hash + [in,unique] samr_CryptPassword *password, + [in,unique] samr_Password *hash ); /************************/ /* Function 0x37 */ NTSTATUS samr_ChangePasswordUser2( - [in] lsa_String *server, + [in,unique] lsa_String *server, [in,ref] lsa_String *account, - [in] samr_CryptPassword *nt_password, - [in] samr_Password *nt_verifier, + [in,unique] samr_CryptPassword *nt_password, + [in,unique] samr_Password *nt_verifier, [in] boolean8 lm_change, - [in] samr_CryptPassword *lm_password, - [in] samr_Password *lm_verifier + [in,unique] samr_CryptPassword *lm_password, + [in,unique] samr_Password *lm_verifier ); /************************/ /* Function 0x38 */ NTSTATUS samr_GetDomPwInfo( - [in] lsa_String *domain_name, + [in,unique] lsa_String *domain_name, [out,ref] samr_PwInfo *info ); /************************/ /* Function 0x39 */ NTSTATUS samr_Connect2( - [in,string,charset(UTF16)] uint16 *system_name, + [in,unique,string,charset(UTF16)] uint16 *system_name, [in] samr_ConnectAccessMask access_mask, [out,ref] policy_handle *connect_handle ); @@ -1221,7 +1220,7 @@ import "misc.idl", "lsa.idl", "security.idl"; /************************/ /* Function 0x3d */ NTSTATUS samr_Connect3( - [in,string,charset(UTF16)] uint16 *system_name, + [in,unique,string,charset(UTF16)] uint16 *system_name, /* this unknown value seems to be completely ignored by w2k3 */ [in] uint32 unknown, [in] samr_ConnectAccessMask access_mask, @@ -1230,9 +1229,16 @@ import "misc.idl", "lsa.idl", "security.idl"; /************************/ /* Function 0x3e */ + + typedef enum { + SAMR_CONNECT_PRE_W2K = 1, + SAMR_CONNECT_W2K = 2, + SAMR_CONNECT_AFTER_W2K = 3 + } samr_ConnectVersion; + NTSTATUS samr_Connect4( - [in,string,charset(UTF16)] uint16 *system_name, - [in] uint32 unknown, + [in,unique,string,charset(UTF16)] uint16 *system_name, + [in] samr_ConnectVersion client_version, [in] samr_ConnectAccessMask access_mask, [out,ref] policy_handle *connect_handle ); @@ -1249,14 +1255,14 @@ import "misc.idl", "lsa.idl", "security.idl"; } samr_ChangeReject; NTSTATUS samr_ChangePasswordUser3( - [in] lsa_String *server, + [in,unique] lsa_String *server, [in,ref] lsa_String *account, - [in] samr_CryptPassword *nt_password, - [in] samr_Password *nt_verifier, + [in,unique] samr_CryptPassword *nt_password, + [in,unique] samr_Password *nt_verifier, [in] boolean8 lm_change, - [in] samr_CryptPassword *lm_password, - [in] samr_Password *lm_verifier, - [in] samr_CryptPassword *password3, + [in,unique] samr_CryptPassword *lm_password, + [in,unique] samr_Password *lm_verifier, + [in,unique] samr_CryptPassword *password3, [out,ref] samr_DomInfo1 *dominfo, [out,ref] samr_ChangeReject *reject ); @@ -1265,7 +1271,7 @@ import "misc.idl", "lsa.idl", "security.idl"; /* Function 0x40 */ typedef struct { - uint32 unknown1; /* w2k3 gives 3 */ + samr_ConnectVersion client_version; /* w2k3 gives 3 */ uint32 unknown2; /* w2k3 gives 0 */ } samr_ConnectInfo1; @@ -1274,7 +1280,7 @@ import "misc.idl", "lsa.idl", "security.idl"; } samr_ConnectInfo; [public] NTSTATUS samr_Connect5( - [in,string,charset(UTF16)] uint16 *system_name, + [in,unique,string,charset(UTF16)] uint16 *system_name, [in] samr_ConnectAccessMask access_mask, [in] uint32 level_in, [in,ref,switch_is(level_in)] samr_ConnectInfo *info_in, @@ -1302,9 +1308,9 @@ import "misc.idl", "lsa.idl", "security.idl"; */ NTSTATUS samr_SetDsrmPassword( - [in] lsa_String *name, + [in,unique] lsa_String *name, [in] uint32 unknown, - [in] samr_Password *hash + [in,unique] samr_Password *hash ); diff --git a/source3/librpc/idl/spoolss.idl b/source3/librpc/idl/spoolss.idl index 104c0e32e5..b64dfa481b 100644 --- a/source3/librpc/idl/spoolss.idl +++ b/source3/librpc/idl/spoolss.idl @@ -8,7 +8,6 @@ version(1.0), endpoint("ncacn_np:[\\pipe\\spoolss]"), pointer_default(unique), - pointer_default_top(unique), helpstring("Spooler SubSystem"), depends(security), helper("librpc/ndr/ndr_spoolss_buf.h") diff --git a/source3/librpc/idl/srvsvc.idl b/source3/librpc/idl/srvsvc.idl index c66486b29c..2f23fd1e70 100644 --- a/source3/librpc/idl/srvsvc.idl +++ b/source3/librpc/idl/srvsvc.idl @@ -10,7 +10,6 @@ import "security.idl", "svcctl.idl"; version(3.0), endpoint("ncacn_np:[\\pipe\\srvsvc]", "ncacn_ip_tcp:", "ncalrpc:"), pointer_default(unique), - pointer_default_top(unique), helpstring("Server Service") ] interface srvsvc { @@ -56,7 +55,7 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x00 */ WERROR srvsvc_NetCharDevEnum( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in,out,ref] uint32 *level, [in,out,ref,switch_is(*level)] srvsvc_NetCharDevCtr *ctr, [in] uint32 max_buffer, @@ -67,7 +66,7 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x01 */ WERROR srvsvc_NetCharDevGetInfo( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] [string,charset(UTF16)] uint16 device_name[], [in] uint32 level, [out,ref,switch_is(level)] srvsvc_NetCharDevInfo *info @@ -76,7 +75,7 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x02 */ WERROR srvsvc_NetCharDevControl( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] [string,charset(UTF16)] uint16 device_name[], [in] uint32 opcode ); @@ -121,19 +120,19 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x03 */ WERROR srvsvc_NetCharDevQEnum( - [in] [string,charset(UTF16)] uint16 *server_unc, - [in] [string,charset(UTF16)] uint16 *user, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *user, [in,out,ref] uint32 *level, [in,out,switch_is(*level),ref] srvsvc_NetCharDevQCtr *ctr, [in] uint32 max_buffer, [out,ref] uint32 *totalentries, - [in,out] uint32 *resume_handle + [in,out,unique] uint32 *resume_handle ); /******************/ /* Function: 0x04 */ WERROR srvsvc_NetCharDevQGetInfo( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] [string,charset(UTF16)] uint16 queue_name[], [in] [string,charset(UTF16)] uint16 user[], [in] uint32 level, @@ -143,24 +142,24 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x05 */ WERROR srvsvc_NetCharDevQSetInfo( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] [string,charset(UTF16)] uint16 queue_name[], [in] uint32 level, [in,switch_is(level)] srvsvc_NetCharDevQInfo info, - [in,out] uint32 *parm_error + [in,out,unique] uint32 *parm_error ); /******************/ /* Function: 0x06 */ WERROR srvsvc_NetCharDevQPurge( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] [string,charset(UTF16)] uint16 queue_name[] ); /******************/ /* Function: 0x07 */ WERROR srvsvc_NetCharDevQPurgeSelf( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] [string,charset(UTF16)] uint16 queue_name[], [in] [string,charset(UTF16)] uint16 computer_name[] ); @@ -201,8 +200,8 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x08 */ WERROR srvsvc_NetConnEnum( - [in] [string,charset(UTF16)] uint16 *server_unc, - [in] [string,charset(UTF16)] uint16 *path, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *path, [in,out,ref] uint32 *level, [in,out,switch_is(*level),ref] srvsvc_NetConnCtr *ctr, [in] uint32 max_buffer, @@ -250,9 +249,9 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x09 */ WERROR srvsvc_NetFileEnum( - [in] [string,charset(UTF16)] uint16 *server_unc, - [in] [string,charset(UTF16)] uint16 *path, - [in] [string,charset(UTF16)] uint16 *user, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *path, + [in,unique] [string,charset(UTF16)] uint16 *user, [in,out,ref] uint32 *level, [in,out,switch_is(*level),ref] srvsvc_NetFileCtr *ctr, [in] uint32 max_buffer, @@ -263,7 +262,7 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x0a */ WERROR srvsvc_NetFileGetInfo( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] uint32 fid, [in] uint32 level, [out,switch_is(level),ref] srvsvc_NetFileInfo *info @@ -272,7 +271,7 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x0b */ WERROR srvsvc_NetFileClose( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] uint32 fid ); @@ -357,9 +356,9 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x0c */ WERROR srvsvc_NetSessEnum( - [in] [string,charset(UTF16)] uint16 *server_unc, - [in] [string,charset(UTF16)] uint16 *client, - [in] [string,charset(UTF16)] uint16 *user, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *client, + [in,unique] [string,charset(UTF16)] uint16 *user, [in,out,ref] uint32 *level, [in,out,switch_is(*level),ref] srvsvc_NetSessCtr *ctr, [in] uint32 max_buffer, @@ -370,9 +369,9 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x0d */ WERROR srvsvc_NetSessDel( - [in] [string,charset(UTF16)] uint16 *server_unc, - [in] [string,charset(UTF16)] uint16 *client, - [in] [string,charset(UTF16)] uint16 *user + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *client, + [in,unique] [string,charset(UTF16)] uint16 *user ); /**************************/ @@ -546,27 +545,27 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x0e */ WERROR srvsvc_NetShareAdd( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] uint32 level, [in,switch_is(level)] srvsvc_NetShareInfo info, - [in,out] uint32 *parm_error + [in,out,unique] uint32 *parm_error ); /******************/ /* Function: 0x0f */ WERROR srvsvc_NetShareEnumAll ( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in,out,ref] uint32 *level, [in,out,ref,switch_is(*level)] srvsvc_NetShareCtr *ctr, [in] uint32 max_buffer, [out,ref] uint32 *totalentries, - [in,out] uint32 *resume_handle + [in,out,unique] uint32 *resume_handle ); /******************/ /* Function: 0x10 */ WERROR srvsvc_NetShareGetInfo( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] [string,charset(UTF16)] uint16 share_name[], [in] uint32 level, [out,ref,switch_is(level)] srvsvc_NetShareInfo *info @@ -575,17 +574,17 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x11 */ WERROR srvsvc_NetShareSetInfo( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] [string,charset(UTF16)] uint16 share_name[], [in] uint32 level, [in,switch_is(level)] srvsvc_NetShareInfo info, - [in,out] uint32 *parm_error + [in,out,unique] uint32 *parm_error ); /******************/ /* Function: 0x12 */ WERROR srvsvc_NetShareDel( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] [string,charset(UTF16)] uint16 share_name[], [in] uint32 reserved ); @@ -593,7 +592,7 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x13 */ WERROR srvsvc_NetShareDelSticky( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] [string,charset(UTF16)] uint16 share_name[], [in] uint32 reserved ); @@ -601,7 +600,7 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x14 */ WERROR srvsvc_NetShareCheck( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] [string,charset(UTF16)] uint16 device_name[], [out,ref] srvsvc_ShareType *type ); @@ -1111,7 +1110,7 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x15 */ WERROR srvsvc_NetSrvGetInfo( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] uint32 level, [out,ref,switch_is(level)] srvsvc_NetSrvInfo *info ); @@ -1119,10 +1118,10 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x16 */ WERROR srvsvc_NetSrvSetInfo( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] uint32 level, [in,switch_is(level)] srvsvc_NetSrvInfo info, - [in,out] uint32 *parm_error + [in,out,unique] uint32 *parm_error ); /**************************/ @@ -1140,12 +1139,12 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x17 */ WERROR srvsvc_NetDiskEnum( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] uint32 level, [in,out,ref] srvsvc_NetDiskInfo *info, [in] uint32 maxlen, [out,ref] uint32 *totalentries, - [in,out] uint32 *resume_handle + [in,out,unique] uint32 *resume_handle ); /**************************/ @@ -1174,8 +1173,8 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x18 */ WERROR srvsvc_NetServerStatisticsGet( - [in] [string,charset(UTF16)] uint16 *server_unc, - [in] [string,charset(UTF16)] uint16 *service, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *service, [in] uint32 level, [in] uint32 options, [out,ref] srvsvc_Statistics *stats @@ -1195,7 +1194,7 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x19 */ WERROR srvsvc_NetTransportAdd( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] uint32 level, [in,switch_is(level)] srvsvc_NetTransportInfo info ); @@ -1262,7 +1261,7 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x1a */ WERROR srvsvc_NetTransportEnum( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in,out,ref] uint32 *level, [in,out,ref,switch_is(*level)] srvsvc_NetTransportCtr *transports, [in] uint32 max_buffer, @@ -1273,7 +1272,7 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x1b */ WERROR srvsvc_NetTransportDel( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] uint32 unknown, [in] srvsvc_NetTransportInfo0 transport ); @@ -1299,8 +1298,8 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x1c */ WERROR srvsvc_NetRemoteTOD( - [in] [string,charset(UTF16)] uint16 *server_unc, - [out] srvsvc_NetRemoteTODInfo *info + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [out,unique] srvsvc_NetRemoteTODInfo *info ); /**************************/ @@ -1309,8 +1308,8 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x1d */ WERROR srvsvc_NetSetServiceBits( - [in] [string,charset(UTF16)] uint16 *server_unc, - [in] [string,charset(UTF16)] uint16 *transport, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *transport, [in] uint32 servicebits, [in] uint32 updateimmediately ); @@ -1321,7 +1320,7 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x1e */ WERROR srvsvc_NetPathType( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] [string,charset(UTF16)] uint16 path[], [in] uint32 pathflags, [out,ref] uint32 *pathtype @@ -1330,7 +1329,7 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x1f */ WERROR srvsvc_NetPathCanonicalize( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] [string,charset(UTF16)] uint16 path[], [out] [size_is(maxbuf)] uint8 can_path[], [in] uint32 maxbuf, @@ -1342,7 +1341,7 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x20 */ WERROR srvsvc_NetPathCompare( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] [string,charset(UTF16)] uint16 path1[], [in] [string,charset(UTF16)] uint16 path2[], [in] uint32 pathtype, @@ -1355,7 +1354,7 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x21 */ WERROR srvsvc_NetNameValidate( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] [string,charset(UTF16)] uint16 name[], [in] uint32 name_type, [in] uint32 flags @@ -1369,7 +1368,7 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x23 */ WERROR srvsvc_NetPRNameCompare( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] [string,charset(UTF16)] uint16 name1[], [in] [string,charset(UTF16)] uint16 name2[], [in] uint32 name_type, @@ -1384,7 +1383,7 @@ import "security.idl", "svcctl.idl"; /* Note, there must be some way to return entries read vs total entries ... */ WERROR srvsvc_NetShareEnum( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in,out,ref] uint32 *level, [in,out,ref,switch_is(*level)] srvsvc_NetShareCtr *ctr, [in] uint32 max_buffer, @@ -1395,33 +1394,33 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x25 */ WERROR srvsvc_NetShareDelStart( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] [string,charset(UTF16)] uint16 share[], [in] uint32 reserved, - [out] policy_handle *hnd + [out,unique] policy_handle *hnd ); /******************/ /* Function: 0x26 */ WERROR srvsvc_NetShareDelCommit( - [in, out] policy_handle *hnd + [in, out,unique] policy_handle *hnd ); /******************/ /* Function: 0x27 */ WERROR srvsvc_NetGetFileSecurity( - [in] [string,charset(UTF16)] uint16 *server_unc, - [in] [string,charset(UTF16)] uint16 *share, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *share, [in] [string,charset(UTF16)] uint16 file[], [in] security_secinfo securityinformation, - [out] sec_desc_buf *sd_buf + [out,unique] sec_desc_buf *sd_buf ); /******************/ /* Function: 0x28 */ WERROR srvsvc_NetSetFileSecurity( - [in] [string,charset(UTF16)] uint16 *server_unc, - [in] [string,charset(UTF16)] uint16 *share, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *share, [in] [string,charset(UTF16)] uint16 file[], [in] security_secinfo securityinformation, [in] sec_desc_buf sd_buf @@ -1439,7 +1438,7 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x29 */ WERROR srvsvc_NetServerTransportAddEx( - [in] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, [in] uint32 level, [in,switch_is(level)] srvsvc_NetTransportInfo info ); @@ -1447,9 +1446,9 @@ import "security.idl", "svcctl.idl"; /******************/ /* Function: 0x2a */ WERROR srvsvc_NetServerSetServiceBitsEx( - [in] [string,charset(UTF16)] uint16 *server_unc, - [in] [string,charset(UTF16)] uint16 *emulated_server_unc, - [in] [string,charset(UTF16)] uint16 *transport, + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *emulated_server_unc, + [in,unique] [string,charset(UTF16)] uint16 *transport, [in] uint32 servicebitsofinterest, [in] uint32 servicebits, [in] uint32 updateimmediately diff --git a/source3/librpc/idl/svcctl.idl b/source3/librpc/idl/svcctl.idl index 2fbdb71e74..97c9f0e24b 100644 --- a/source3/librpc/idl/svcctl.idl +++ b/source3/librpc/idl/svcctl.idl @@ -7,7 +7,6 @@ [ uuid("367abb81-9844-35f1-ad32-98f038001003"), version(2.0), pointer_default(unique), - pointer_default_top(unique), endpoint("ncacn_np:[\\pipe\\svcctl]", "ncalrpc:"), helpstring("Service Control") ] interface svcctl @@ -162,13 +161,13 @@ [in] uint32 type, [in] uint32 start, [in] uint32 error, - [in] [string,charset(UTF16)] uint16 *binary_path, - [in] [string,charset(UTF16)] uint16 *load_order_group, + [in,unique] [string,charset(UTF16)] uint16 *binary_path, + [in,unique] [string,charset(UTF16)] uint16 *load_order_group, [out,ref] uint32 *tag_id, - [in] [string,charset(UTF16)] uint16 *dependencies, - [in] [string,charset(UTF16)] uint16 *service_start_name, - [in] [string,charset(UTF16)] uint16 *password, - [in] [string,charset(UTF16)] uint16 *display_name + [in,unique] [string,charset(UTF16)] uint16 *dependencies, + [in,unique] [string,charset(UTF16)] uint16 *service_start_name, + [in,unique] [string,charset(UTF16)] uint16 *password, + [in,unique] [string,charset(UTF16)] uint16 *display_name ); /*****************/ @@ -176,18 +175,18 @@ WERROR svcctl_CreateServiceW( [in,ref] policy_handle *scmanager_handle, [in] [string,charset(UTF16)] uint16 ServiceName[], - [in] [string,charset(UTF16)] uint16 *DisplayName, + [in,unique] [string,charset(UTF16)] uint16 *DisplayName, [in] uint32 desired_access, [in] uint32 type, [in] uint32 start_type, [in] uint32 error_control, [in] [string,charset(UTF16)] uint16 binary_path[], - [in] [string,charset(UTF16)] uint16 *LoadOrderGroupKey, - [in,out] uint32 *TagId, - [in,size_is(dependencies_size)] uint8 *dependencies, + [in,unique] [string,charset(UTF16)] uint16 *LoadOrderGroupKey, + [in,out,unique] uint32 *TagId, + [in,unique,size_is(dependencies_size)] uint8 *dependencies, [in] uint32 dependencies_size, - [in] [string,charset(UTF16)] uint16 *service_start_name, - [in,size_is(password_size)] uint8 *password, + [in,unique] [string,charset(UTF16)] uint16 *service_start_name, + [in,unique,size_is(password_size)] uint8 *password, [in] uint32 password_size, [out,ref] policy_handle *handle ); @@ -197,7 +196,7 @@ WERROR svcctl_EnumDependentServicesW( [in,ref] policy_handle *service, [in] uint32 state, - [out] ENUM_SERVICE_STATUS *service_status, + [out,unique] ENUM_SERVICE_STATUS *service_status, [in] uint32 buf_size, [out,ref] uint32 *bytes_needed, [out,ref] uint32 *services_returned @@ -213,14 +212,14 @@ [out,size_is(buf_size)] uint8 service[*], [out,ref] uint32 *bytes_needed, [out,ref] uint32 *services_returned, - [in,out] uint32 *resume_handle + [in,out,unique] uint32 *resume_handle ); /*****************/ /* Function 0x0f */ WERROR svcctl_OpenSCManagerW( - [in] [string,charset(UTF16)] uint16 *MachineName, - [in] [string,charset(UTF16)] uint16 *DatabaseName, + [in,unique] [string,charset(UTF16)] uint16 *MachineName, + [in,unique] [string,charset(UTF16)] uint16 *DatabaseName, [in] uint32 access_mask, [out,ref] policy_handle *handle ); @@ -257,25 +256,25 @@ WERROR svcctl_StartServiceW( [in,ref] policy_handle *handle, [in] uint32 NumArgs, - [in/*FIXME:,length_is(NumArgs)*/] [string,charset(UTF16)] uint16 *Arguments + [in,unique/*FIXME:,length_is(NumArgs)*/] [string,charset(UTF16)] uint16 *Arguments ); /*****************/ /* Function 0x14 */ WERROR svcctl_GetServiceDisplayNameW( [in,ref] policy_handle *handle, - [in] [string,charset(UTF16)] uint16 *service_name, + [in,unique] [string,charset(UTF16)] uint16 *service_name, [out,ref] [string,charset(UTF16)] uint16 **display_name, - [in,out] uint32 *display_name_length + [in,out,unique] uint32 *display_name_length ); /*****************/ /* Function 0x15 */ WERROR svcctl_GetServiceKeyNameW( [in,ref] policy_handle *handle, - [in] [string,charset(UTF16)] uint16 *service_name, + [in,unique] [string,charset(UTF16)] uint16 *service_name, [out,ref] [string,charset(UTF16)] uint16 **key_name, - [in,out] uint32 *display_name_length + [in,out,unique] uint32 *display_name_length ); /*****************/ @@ -294,31 +293,31 @@ [in] uint32 type, [in] uint32 start, [in] uint32 error, - [in] [string,charset(UTF16)] uint16 *binary_path, - [in] [string,charset(UTF16)] uint16 *load_order_group, + [in,unique] [string,charset(UTF16)] uint16 *binary_path, + [in,unique] [string,charset(UTF16)] uint16 *load_order_group, [out,ref] uint32 *tag_id, - [in] [string,charset(UTF16)] uint16 *dependencies, - [in] [string,charset(UTF16)] uint16 *service_start_name, - [in] [string,charset(UTF16)] uint16 *password, - [in] [string,charset(UTF16)] uint16 *display_name + [in,unique] [string,charset(UTF16)] uint16 *dependencies, + [in,unique] [string,charset(UTF16)] uint16 *service_start_name, + [in,unique] [string,charset(UTF16)] uint16 *password, + [in,unique] [string,charset(UTF16)] uint16 *display_name ); /*****************/ /* Function 0x18 */ WERROR svcctl_CreateServiceA( [in,ref] policy_handle *handle, - [in] [string,charset(UTF16)] uint16 *ServiceName, - [in] [string,charset(UTF16)] uint16 *DisplayName, + [in,unique] [string,charset(UTF16)] uint16 *ServiceName, + [in,unique] [string,charset(UTF16)] uint16 *DisplayName, [in] uint32 desired_access, [in] uint32 type, [in] uint32 start_type, [in] uint32 error_control, - [in] [string,charset(UTF16)] uint16 *binary_path, - [in] [string,charset(UTF16)] uint16 *LoadOrderGroupKey, - [out] uint32 *TagId, - [in] [string,charset(UTF16)] uint16 *dependencies, - [in] [string,charset(UTF16)] uint16 *service_start_name, - [in] [string,charset(UTF16)] uint16 *password + [in,unique] [string,charset(UTF16)] uint16 *binary_path, + [in,unique] [string,charset(UTF16)] uint16 *LoadOrderGroupKey, + [out,unique] uint32 *TagId, + [in,unique] [string,charset(UTF16)] uint16 *dependencies, + [in,unique] [string,charset(UTF16)] uint16 *service_start_name, + [in,unique] [string,charset(UTF16)] uint16 *password ); /*****************/ @@ -326,7 +325,7 @@ WERROR svcctl_EnumDependentServicesA( [in,ref] policy_handle *service, [in] uint32 state, - [out] ENUM_SERVICE_STATUS *service_status, + [out,unique] ENUM_SERVICE_STATUS *service_status, [in] uint32 buf_size, [out,ref] uint32 *bytes_needed, [out,ref] uint32 *services_returned @@ -342,14 +341,14 @@ [out,size_is(buf_size)] uint8 service[*], [out,ref] uint32 *bytes_needed, [out,ref] uint32 *services_returned, - [in,out] uint32 *resume_handle + [in,out,unique] uint32 *resume_handle ); /*****************/ /* Function 0x1b */ WERROR svcctl_OpenSCManagerA( - [in] [string,charset(UTF16)] uint16 *MachineName, - [in] [string,charset(UTF16)] uint16 *DatabaseName, + [in,unique] [string,charset(UTF16)] uint16 *MachineName, + [in,unique] [string,charset(UTF16)] uint16 *DatabaseName, [in] uint32 access_mask, [out,ref] policy_handle *handle ); @@ -358,7 +357,7 @@ /* Function 0x1c */ WERROR svcctl_OpenServiceA( [in,ref] policy_handle *scmanager_handle, - [in] [string,charset(UTF16)] uint16 *ServiceName, + [in,unique] [string,charset(UTF16)] uint16 *ServiceName, [in] uint32 access_mask ); @@ -385,25 +384,25 @@ WERROR svcctl_StartServiceA( [in,ref] policy_handle *handle, [in] uint32 NumArgs, - [in/*FIXME:,length_is(NumArgs)*/] [string,charset(UTF16)] uint16 *Arguments + [in,unique/*FIXME:,length_is(NumArgs)*/] [string,charset(UTF16)] uint16 *Arguments ); /*****************/ /* Function 0x20 */ WERROR svcctl_GetServiceDisplayNameA( [in,ref] policy_handle *handle, - [in] [string,charset(UTF16)] uint16 *service_name, + [in,unique] [string,charset(UTF16)] uint16 *service_name, [out,ref] [string,charset(UTF16)] uint16 **display_name, - [in,out] uint32 *display_name_length + [in,out,unique] uint32 *display_name_length ); /*****************/ /* Function 0x21 */ WERROR svcctl_GetServiceKeyNameA( [in,ref] policy_handle *handle, - [in] [string,charset(UTF16)] uint16 *service_name, + [in,unique] [string,charset(UTF16)] uint16 *service_name, [out,ref] [string,charset(UTF16)] uint16 **key_name, - [in,out] uint32 *display_name_length + [in,out,unique] uint32 *display_name_length ); /*****************/ @@ -421,7 +420,7 @@ WERROR svcctl_ChangeServiceConfig2A( [in,ref] policy_handle *handle, [in] uint32 info_level, - [in] uint8 *info + [in,unique] uint8 *info ); /*****************/ @@ -429,7 +428,7 @@ WERROR svcctl_ChangeServiceConfig2W( [in,ref] policy_handle *handle, [in] uint32 info_level, - [in] uint8 *info + [in,unique] uint8 *info ); /*****************/ @@ -473,7 +472,7 @@ [in] uint32 buf_size, [out,ref] uint32 *bytes_needed, [out,ref] uint32 *service_returned, - [in,out] uint32 *resume_handle, + [in,out,unique] uint32 *resume_handle, [out,ref] [string,charset(UTF16)] uint16 **group_name ); @@ -488,7 +487,7 @@ [in] uint32 buf_size, [out,ref] uint32 *bytes_needed, [out,ref] uint32 *service_returned, - [in,out] uint32 *resume_handle, + [in,out,unique] uint32 *resume_handle, [out,ref] [string,charset(UTF16)] uint16 **group_name ); diff --git a/source3/librpc/idl/winreg.idl b/source3/librpc/idl/winreg.idl index 9f316ab39b..f7a61ecbea 100644 --- a/source3/librpc/idl/winreg.idl +++ b/source3/librpc/idl/winreg.idl @@ -9,7 +9,6 @@ import "lsa.idl", "initshutdown.idl", "security.idl"; version(1.0), endpoint("ncacn_np:[\\pipe\\winreg]","ncacn_ip_tcp:","ncalrpc:"), pointer_default(unique), - pointer_default_top(unique), helpstring("Remote Registry Service") ] interface winreg { @@ -50,7 +49,7 @@ import "lsa.idl", "initshutdown.idl", "security.idl"; /******************/ /* Function: 0x00 */ WERROR winreg_OpenHKCR( - [in] uint16 *system_name, + [in,unique] uint16 *system_name, [in] winreg_AccessMask access_mask, [out,ref] policy_handle *handle ); @@ -58,7 +57,7 @@ import "lsa.idl", "initshutdown.idl", "security.idl"; /******************/ /* Function: 0x01 */ WERROR winreg_OpenHKCU( - [in] uint16 *system_name, + [in,unique] uint16 *system_name, [in] winreg_AccessMask access_mask, [out,ref] policy_handle *handle ); @@ -66,7 +65,7 @@ import "lsa.idl", "initshutdown.idl", "security.idl"; /******************/ /* Function: 0x02 */ WERROR winreg_OpenHKLM( - [in] uint16 *system_name, + [in,unique] uint16 *system_name, [in] winreg_AccessMask access_mask, [out,ref] policy_handle *handle ); @@ -74,7 +73,7 @@ import "lsa.idl", "initshutdown.idl", "security.idl"; /******************/ /* Function: 0x03 */ WERROR winreg_OpenHKPD( - [in] uint16 *system_name, + [in,unique] uint16 *system_name, [in] winreg_AccessMask access_mask, [out,ref] policy_handle *handle ); @@ -82,7 +81,7 @@ import "lsa.idl", "initshutdown.idl", "security.idl"; /******************/ /* Function: 0x04 */ WERROR winreg_OpenHKU( - [in] uint16 *system_name, + [in,unique] uint16 *system_name, [in] winreg_AccessMask access_mask, [out,ref] policy_handle *handle ); @@ -198,8 +197,8 @@ import "lsa.idl", "initshutdown.idl", "security.idl"; /* Function: 0x0d */ WERROR winreg_LoadKey( [in,ref] policy_handle *handle, - [in] winreg_String *keyname, - [in] winreg_String *filename + [in,unique] winreg_String *keyname, + [in,unique] winreg_String *filename ); /******************/ @@ -244,10 +243,10 @@ import "lsa.idl", "initshutdown.idl", "security.idl"; WERROR winreg_QueryValue( [in,ref] policy_handle *handle, [in] winreg_String value_name, - [in,out] winreg_Type *type, - [in,out,size_is(*data_size),length_is(*value_length)] uint8 *data, - [in,out] uint32 *data_size, - [in,out] uint32 *value_length + [in,out,unique] winreg_Type *type, + [in,out,unique,size_is(*data_size),length_is(*value_length)] uint8 *data, + [in,out,unique] uint32 *data_size, + [in,out,unique] uint32 *value_length ); /******************/ @@ -304,8 +303,8 @@ import "lsa.idl", "initshutdown.idl", "security.idl"; /******************/ /* Function: 0x18 */ WERROR winreg_InitiateSystemShutdown( - [in] uint16 *hostname, - [in] initshutdown_String *message, + [in,unique] uint16 *hostname, + [in,unique] initshutdown_String *message, [in] uint32 timeout, [in] uint8 force_apps, [in] uint8 reboot @@ -314,7 +313,7 @@ import "lsa.idl", "initshutdown.idl", "security.idl"; /******************/ /* Function: 0x19 */ WERROR winreg_AbortSystemShutdown( - [in] uint16 *server + [in,unique] uint16 *server ); /******************/ @@ -327,7 +326,7 @@ import "lsa.idl", "initshutdown.idl", "security.idl"; /******************/ /* Function: 0x1b */ WERROR winreg_OpenHKCC( - [in] uint16 *system_name, + [in,unique] uint16 *system_name, [in] winreg_AccessMask access_mask, [out,ref] policy_handle *handle ); @@ -335,7 +334,7 @@ import "lsa.idl", "initshutdown.idl", "security.idl"; /******************/ /* Function: 0x1c */ WERROR winreg_OpenHKDD( - [in] uint16 *system_name, + [in,unique] uint16 *system_name, [in] winreg_AccessMask access_mask, [out,ref] policy_handle *handle ); @@ -353,15 +352,15 @@ import "lsa.idl", "initshutdown.idl", "security.idl"; [in,ref] policy_handle *key_handle, [in,out,ref,size_is(num_values),length_is(num_values)] QueryMultipleValue *values, [in] uint32 num_values, - [in,out,size_is(*buffer_size),length_is(*buffer_size)] uint8 *buffer, + [in,out,unique,size_is(*buffer_size),length_is(*buffer_size)] uint8 *buffer, [in,out,ref] uint32 *buffer_size ); /******************/ /* Function: 0x1e */ WERROR winreg_InitiateSystemShutdownEx( - [in] uint16 *hostname, - [in] initshutdown_String *message, + [in,unique] uint16 *hostname, + [in,unique] initshutdown_String *message, [in] uint32 timeout, [in] uint8 force_apps, [in] uint8 reboot, @@ -376,7 +375,7 @@ import "lsa.idl", "initshutdown.idl", "security.idl"; /******************/ /* Function: 0x20 */ WERROR winreg_OpenHKPT( - [in] uint16 *system_name, + [in,unique] uint16 *system_name, [in] winreg_AccessMask access_mask, [out,ref] policy_handle *handle ); @@ -384,7 +383,7 @@ import "lsa.idl", "initshutdown.idl", "security.idl"; /******************/ /* Function: 0x21 */ WERROR winreg_OpenHKPN( - [in] uint16 *system_name, + [in,unique] uint16 *system_name, [in] winreg_AccessMask access_mask, [out,ref] policy_handle *handle ); diff --git a/source3/librpc/idl/wkssvc.idl b/source3/librpc/idl/wkssvc.idl index 9829379eef..38c16c7d86 100644 --- a/source3/librpc/idl/wkssvc.idl +++ b/source3/librpc/idl/wkssvc.idl @@ -9,7 +9,6 @@ import "srvsvc.idl", "lsa.idl"; [ uuid("6bffd098-a112-3610-9833-46c3f87e345a"), version(1.0), pointer_default(unique), - pointer_default_top(unique), helpstring("Workstation Service"), endpoint("ncacn_np:[\\pipe\\wkssvc]","ncacn_ip_tcp:","ncalrpc:") ] interface wkssvc @@ -259,7 +258,7 @@ import "srvsvc.idl", "lsa.idl"; } wkssvc_NetWkstaInfo; WERROR wkssvc_NetWkstaGetInfo( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in] uint32 level, [out,switch_is(level),ref] wkssvc_NetWkstaInfo *info ); @@ -268,7 +267,7 @@ import "srvsvc.idl", "lsa.idl"; /******************/ /* Function: 0x01 */ WERROR wkssvc_NetWkstaSetInfo( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in] uint32 level, [in,switch_is(level),ref] wkssvc_NetWkstaInfo *info, [in,out,ref] uint32 *parm_error @@ -309,11 +308,11 @@ import "srvsvc.idl", "lsa.idl"; } wkssvc_NetWkstaEnumUsersInfo; WERROR wkssvc_NetWkstaEnumUsers( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in,out,ref] wkssvc_NetWkstaEnumUsersInfo *info, [in] uint32 prefmaxlen, [out,ref] uint32 *entries_read, - [in,out] uint32 *resume_handle + [in,out,unique] uint32 *resume_handle ); /*****************************/ @@ -329,7 +328,7 @@ import "srvsvc.idl", "lsa.idl"; } wkssvc_NetrWkstaUserInfo; WERROR wkssvc_NetrWkstaUserGetInfo( - [in] [string,charset(UTF16)] uint16 *unknown, + [in,unique] [string,charset(UTF16)] uint16 *unknown, [in] uint32 level, [out,ref] [switch_is(level)] wkssvc_NetrWkstaUserInfo *info ); @@ -337,10 +336,10 @@ import "srvsvc.idl", "lsa.idl"; /*****************************/ /* Function 0x04 */ WERROR wkssvc_NetrWkstaUserSetInfo( - [in] [string,charset(UTF16)] uint16 *unknown, + [in,unique] [string,charset(UTF16)] uint16 *unknown, [in] uint32 level, [in,ref] [switch_is(level)] wkssvc_NetrWkstaUserInfo *info, - [in,out] uint32 *parm_err + [in,out,unique] uint32 *parm_err ); /*****************************/ @@ -369,29 +368,29 @@ import "srvsvc.idl", "lsa.idl"; } wkssvc_NetWkstaTransportInfo; WERROR wkssvc_NetWkstaTransportEnum ( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in,out,ref] wkssvc_NetWkstaTransportInfo *info, [in] uint32 max_buffer, [out,ref] uint32 *total_entries, - [in,out] uint32 *resume_handle + [in,out,unique] uint32 *resume_handle ); /*****************************/ /* Function 0x06 */ /* only supported on NT */ WERROR wkssvc_NetrWkstaTransportAdd( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in] uint32 level, /* must be 0 */ [in,ref] wkssvc_NetWkstaTransportInfo0 *info0, - [in,out] uint32 *parm_err + [in,out,unique] uint32 *parm_err ); /*****************************/ /* Function 0x07 */ /* only supported on NT */ WERROR wkssvc_NetrWkstaTransportDel( - [in] [string,charset(UTF16)] uint16 *server_name, - [in] [string,charset(UTF16)] uint16 *transport_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *transport_name, [in] uint32 unknown3 ); @@ -437,16 +436,16 @@ import "srvsvc.idl", "lsa.idl"; } wkssvc_NetrUseGetInfoCtr; WERROR wkssvc_NetrUseAdd( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in] uint32 level, [in,ref] [switch_is(level)] wkssvc_NetrUseGetInfoCtr *ctr, - [in,out] uint32 *parm_err + [in,out,unique] uint32 *parm_err ); /*****************************/ /* Function 0x09 */ WERROR wkssvc_NetrUseGetInfo( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in,ref] [string,charset(UTF16)] uint16 *use_name, [in] uint32 level, [out,ref] [switch_is(level)] wkssvc_NetrUseGetInfoCtr *ctr @@ -455,7 +454,7 @@ import "srvsvc.idl", "lsa.idl"; /*****************************/ /* Function 0x0a */ WERROR wkssvc_NetrUseDel( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in,ref] [string,charset(UTF16)] uint16 *use_name, [in] uint32 force_cond ); @@ -489,19 +488,19 @@ import "srvsvc.idl", "lsa.idl"; } wkssvc_NetrUseEnumInfo; WERROR wkssvc_NetrUseEnum( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in,out,ref] wkssvc_NetrUseEnumInfo *info, [in] uint32 prefmaxlen, [out,ref] uint32 *entries_read, - [in,out] uint32 *resume_handle + [in,out,unique] uint32 *resume_handle ); /*****************************/ /* Function 0x0c */ WERROR wkssvc_NetrMessageBufferSend( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in,ref] [string,charset(UTF16)] uint16 *message_name, - [in] [string,charset(UTF16)] uint16 *message_sender_name, + [in,unique] [string,charset(UTF16)] uint16 *message_sender_name, [in,ref] [size_is(message_size)] uint8 *message_buffer, [in] uint32 message_size ); @@ -552,8 +551,8 @@ import "srvsvc.idl", "lsa.idl"; } wkssvc_NetrWorkstationStatistics; WERROR wkssvc_NetrWorkstationStatisticsGet( - [in] [string,charset(UTF16)] uint16 *server_name, - [in] [string,charset(UTF16)] uint16 *unknown2, + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *unknown2, [in] uint32 unknown3, [in] uint32 unknown4, [out,ref] wkssvc_NetrWorkstationStatistics **info @@ -574,20 +573,20 @@ import "srvsvc.idl", "lsa.idl"; /*****************************/ /* Function 0x10 */ WERROR wkssvc_NetrJoinDomain( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in,ref] [string,charset(UTF16)] uint16 *domain_name, - [in] [string,charset(UTF16)] uint16 *account_ou, - [in] [string,charset(UTF16)] uint16 *Account, - [in] [string,charset(UTF16)] uint16 *password, + [in,unique] [string,charset(UTF16)] uint16 *account_ou, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] [string,charset(UTF16)] uint16 *password, [in] wkssvc_joinflags join_flags ); /*****************************/ /* Function 0x11 */ WERROR wkssvc_NetrUnjoinDomain( - [in] [string,charset(UTF16)] uint16 *server_name, - [in] [string,charset(UTF16)] uint16 *Account, - [in] [string,charset(UTF16)] uint16 *password, + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] [string,charset(UTF16)] uint16 *password, [in] wkssvc_joinflags unjoin_flags ); @@ -599,10 +598,10 @@ import "srvsvc.idl", "lsa.idl"; } wkssvc_renameflags; WERROR wkssvc_NetrRenameMachineInDomain( - [in] [string,charset(UTF16)] uint16 *server_name, - [in] [string,charset(UTF16)] uint16 *NewMachineName, - [in] [string,charset(UTF16)] uint16 *Account, - [in] [string,charset(UTF16)] uint16 *password, + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *NewMachineName, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] [string,charset(UTF16)] uint16 *password, [in] wkssvc_renameflags RenameOptions ); @@ -618,10 +617,10 @@ import "srvsvc.idl", "lsa.idl"; } wkssvc_NetValidateNameType; WERROR wkssvc_NetrValidateName( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in,ref] [string,charset(UTF16)] uint16 *name, - [in] [string,charset(UTF16)] uint16 *Account, - [in] [string,charset(UTF16)] uint16 *Password, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] [string,charset(UTF16)] uint16 *Password, [in] wkssvc_NetValidateNameType name_type ); @@ -635,7 +634,7 @@ import "srvsvc.idl", "lsa.idl"; } wkssvc_NetJoinStatus; WERROR wkssvc_NetrGetJoinInformation( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in,out,ref] [string,charset(UTF16)] uint16 **name_buffer, [out,ref] wkssvc_NetJoinStatus *name_type ); @@ -643,10 +642,10 @@ import "srvsvc.idl", "lsa.idl"; /*****************************/ /* Function 0x15 */ WERROR wkssvc_NetrGetJoinableOus( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in,ref] [string,charset(UTF16)] uint16 *domain_name, - [in] [string,charset(UTF16)] uint16 *Account, - [in] [string,charset(UTF16)] uint16 *unknown, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] [string,charset(UTF16)] uint16 *unknown, [in,out,ref] uint32 *num_ous, [out,ref] [size_is(*num_ous)] [string,charset(UTF16)] uint16 ***ous ); @@ -687,50 +686,50 @@ import "srvsvc.idl", "lsa.idl"; /*****************************/ /* Function 0x16 */ WERROR wkssvc_NetrJoinDomain2 ( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in,ref] [string,charset(UTF16)] uint16 *domain_name, - [in] [string,charset(UTF16)] uint16 *account_ou, - [in] [string,charset(UTF16)] uint16 *admin_account, - [in] wkssvc_PasswordBuffer *encrypted_password, + [in,unique] [string,charset(UTF16)] uint16 *account_ou, + [in,unique] [string,charset(UTF16)] uint16 *admin_account, + [in,unique] wkssvc_PasswordBuffer *encrypted_password, [in] wkssvc_joinflags join_flags ); /*****************************/ /* Function 0x17 */ WERROR wkssvc_NetrUnjoinDomain2 ( - [in] [string,charset(UTF16)] uint16 *server_name, - [in] [string,charset(UTF16)] uint16 *account, - [in] wkssvc_PasswordBuffer *encrypted_password, + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *account, + [in,unique] wkssvc_PasswordBuffer *encrypted_password, [in] wkssvc_joinflags unjoin_flags ); /*****************************/ /* Function 0x18 */ WERROR wkssvc_NetrRenameMachineInDomain2( - [in] [string,charset(UTF16)] uint16 *server_name, - [in] [string,charset(UTF16)] uint16 *NewMachineName, - [in] [string,charset(UTF16)] uint16 *Account, - [in] wkssvc_PasswordBuffer *EncryptedPassword, + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *NewMachineName, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] wkssvc_PasswordBuffer *EncryptedPassword, [in] wkssvc_renameflags RenameOptions ); /*****************************/ /* Function 0x19 */ WERROR wkssvc_NetrValidateName2( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in,ref] [string,charset(UTF16)] uint16 *name, - [in] [string,charset(UTF16)] uint16 *Account, - [in] wkssvc_PasswordBuffer *EncryptedPassword, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] wkssvc_PasswordBuffer *EncryptedPassword, [in] wkssvc_NetValidateNameType name_type ); /*****************************/ /* Function 0x1a */ WERROR wkssvc_NetrGetJoinableOus2( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in,ref] [string,charset(UTF16)] uint16 *domain_name, - [in] [string,charset(UTF16)] uint16 *Account, - [in] wkssvc_PasswordBuffer *EncryptedPassword, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] wkssvc_PasswordBuffer *EncryptedPassword, [in,out,ref] uint32 *num_ous, [out,ref] [size_is(*num_ous)] [string,charset(UTF16)] uint16 ***ous ); @@ -738,30 +737,30 @@ import "srvsvc.idl", "lsa.idl"; /*****************************/ /* Function 0x1b */ WERROR wkssvc_NetrAddAlternateComputerName( - [in] [string,charset(UTF16)] uint16 *server_name, - [in] [string,charset(UTF16)] uint16 *NewAlternateMachineName, - [in] [string,charset(UTF16)] uint16 *Account, - [in] wkssvc_PasswordBuffer *EncryptedPassword, + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *NewAlternateMachineName, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] wkssvc_PasswordBuffer *EncryptedPassword, [in] uint32 Reserved ); /*****************************/ /* Function 0x1c */ WERROR wkssvc_NetrRemoveAlternateComputerName( - [in] [string,charset(UTF16)] uint16 *server_name, - [in] [string,charset(UTF16)] uint16 *AlternateMachineNameToRemove, - [in] [string,charset(UTF16)] uint16 *Account, - [in] wkssvc_PasswordBuffer *EncryptedPassword, + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *AlternateMachineNameToRemove, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] wkssvc_PasswordBuffer *EncryptedPassword, [in] uint32 Reserved ); /*****************************/ /* Function 0x1d */ WERROR wkssvc_NetrSetPrimaryComputername( - [in] [string,charset(UTF16)] uint16 *server_name, - [in] [string,charset(UTF16)] uint16 *primary_name, - [in] [string,charset(UTF16)] uint16 *Account, - [in] wkssvc_PasswordBuffer *EncryptedPassword, + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *primary_name, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] wkssvc_PasswordBuffer *EncryptedPassword, [in] uint32 Reserved ); @@ -780,7 +779,7 @@ import "srvsvc.idl", "lsa.idl"; } wkssvc_ComputerNamesCtr; WERROR wkssvc_NetrEnumerateComputerNames( - [in] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *server_name, [in] wkssvc_ComputerNameType name_type, [in] uint32 Reserved, [out,ref] wkssvc_ComputerNamesCtr **ctr diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index 042b3bdfb0..3b7669f33e 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -69,15 +69,36 @@ int cli_set_port(struct cli_state *cli, int port) static ssize_t client_receive_smb(struct cli_state *cli, size_t maxlen) { - ssize_t len; + size_t len; for(;;) { - len = receive_smb_raw(cli->fd, cli->inbuf, cli->timeout, - maxlen, &cli->smb_rw_error); + NTSTATUS status; - if (len < 0) { + set_smb_read_error(&cli->smb_rw_error, SMB_READ_OK); + + status = receive_smb_raw(cli->fd, cli->inbuf, cli->timeout, + maxlen, &len); + if (!NT_STATUS_IS_OK(status)) { DEBUG(10,("client_receive_smb failed\n")); show_msg(cli->inbuf); + + if (NT_STATUS_EQUAL(status, NT_STATUS_END_OF_FILE)) { + set_smb_read_error(&cli->smb_rw_error, + SMB_READ_EOF); + return -1; + } + + if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) { + set_smb_read_error(&cli->smb_rw_error, + SMB_READ_TIMEOUT); + return -1; + } + + set_smb_read_error(&cli->smb_rw_error, SMB_READ_ERROR); + return -1; + } + + if (len < 0) { return len; } @@ -180,8 +201,28 @@ bool cli_receive_smb(struct cli_state *cli) ssize_t cli_receive_smb_data(struct cli_state *cli, char *buffer, size_t len) { - return read_socket_with_timeout(cli->fd, buffer, len, len, - cli->timeout, &cli->smb_rw_error); + NTSTATUS status; + + set_smb_read_error(&cli->smb_rw_error, SMB_READ_OK); + + status = read_socket_with_timeout( + cli->fd, buffer, len, len, cli->timeout, NULL); + if (NT_STATUS_IS_OK(status)) { + return len; + } + + if (NT_STATUS_EQUAL(status, NT_STATUS_END_OF_FILE)) { + set_smb_read_error(&cli->smb_rw_error, SMB_READ_EOF); + return -1; + } + + if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) { + set_smb_read_error(&cli->smb_rw_error, SMB_READ_TIMEOUT); + return -1; + } + + set_smb_read_error(&cli->smb_rw_error, SMB_READ_ERROR); + return -1; } /**************************************************************************** diff --git a/source3/nmbd/asyncdns.c b/source3/nmbd/asyncdns.c index 33c1cb6cb1..5e5565991e 100644 --- a/source3/nmbd/asyncdns.c +++ b/source3/nmbd/asyncdns.c @@ -87,8 +87,13 @@ static void asyncdns_process(void) DEBUGLEVEL = -1; while (1) { - if (read_data(fd_in, (char *)&r, sizeof(r), NULL) != sizeof(r)) + NTSTATUS status; + + status = read_data(fd_in, (char *)&r, sizeof(r)); + + if (!NT_STATUS_IS_OK(status)) { break; + } pull_ascii_nstring( qname, sizeof(qname), r.name.name); r.result.s_addr = interpret_addr(qname); @@ -194,7 +199,7 @@ void run_dns_queue(void) struct query_record r; struct packet_struct *p, *p2; struct name_record *namerec; - int size; + NTSTATUS status; if (fd_in == -1) return; @@ -208,11 +213,11 @@ void run_dns_queue(void) start_async_dns(); } - if ((size=read_data(fd_in, (char *)&r, sizeof(r), NULL)) != sizeof(r)) { - if (size) { - DEBUG(0,("Incomplete DNS answer from child!\n")); - fd_in = -1; - } + status = read_data(fd_in, (char *)&r, sizeof(r)); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("read from child failed: %s\n", nt_errstr(status))); + fd_in = -1; BlockSignals(True, SIGTERM); return; } diff --git a/source3/nsswitch/pam_winbind.h b/source3/nsswitch/pam_winbind.h index 6ec564fe71..a1d32726f5 100644 --- a/source3/nsswitch/pam_winbind.h +++ b/source3/nsswitch/pam_winbind.h @@ -12,6 +12,7 @@ #define PAM_SM_AUTH #define PAM_SM_ACCOUNT #define PAM_SM_PASSWORD +#define PAM_SM_SESSION #ifndef PAM_WINBIND_CONFIG_FILE #define PAM_WINBIND_CONFIG_FILE "/etc/security/pam_winbind.conf" diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c index 3410668fcd..9d1a56536b 100644 --- a/source3/nsswitch/wbinfo.c +++ b/source3/nsswitch/wbinfo.c @@ -53,7 +53,7 @@ static char winbind_separator_int(bool strict) } sep = response.data.info.winbind_separator; - got_sep = True; + got_sep = true; if (!sep) { d_fprintf(stderr, "winbind separator was NULL!\n"); @@ -69,27 +69,27 @@ static char winbind_separator_int(bool strict) static char winbind_separator(void) { - return winbind_separator_int(False); + return winbind_separator_int(false); } static const char *get_winbind_domain(void) { - wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; struct wbcDomainInfo *dinfo = NULL; static fstring winbind_domain; ZERO_STRUCT(dinfo); - + wbc_status = wbcDomainInfo(".", &dinfo); if (!WBC_ERROR_IS_OK(wbc_status)) { d_fprintf(stderr, "could not obtain winbind domain name!\n"); - + /* HACK: (this module should not call lp_ funtions) */ return lp_workgroup(); } - fstrcpy(winbind_domain, dinfo->short_name); + fstrcpy(winbind_domain, dinfo->short_name); wbcFreeMemory(dinfo); @@ -99,7 +99,7 @@ static const char *get_winbind_domain(void) /* Copy of parse_domain_user from winbindd_util.c. Parse a string of the form DOMAIN/user into a domain and a user */ -static bool parse_wbinfo_domain_user(const char *domuser, fstring domain, +static bool parse_wbinfo_domain_user(const char *domuser, fstring domain, fstring user) { @@ -110,20 +110,20 @@ static bool parse_wbinfo_domain_user(const char *domuser, fstring domain, if ((p = strchr(domuser, '@')) != NULL) { fstrcpy(domain, ""); fstrcpy(user, domuser); - return True; + return true; } - + fstrcpy(user, domuser); fstrcpy(domain, get_winbind_domain()); - return True; + return true; } - + fstrcpy(user, p+1); fstrcpy(domain, domuser); domain[PTR_DIFF(p, domuser)] = 0; strupper_m(domain); - return True; + return true; } /* pull pwent info for a given user */ @@ -131,13 +131,13 @@ static bool parse_wbinfo_domain_user(const char *domuser, fstring domain, static bool wbinfo_get_userinfo(char *user) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - struct passwd *pwd = NULL; + struct passwd *pwd = NULL; wbc_status = wbcGetpwnam(user, &pwd); if (!WBC_ERROR_IS_OK(wbc_status)) { return false; } - + d_printf("%s:%s:%d:%d:%s:%s:%s\n", pwd->pw_name, pwd->pw_passwd, @@ -146,7 +146,7 @@ static bool wbinfo_get_userinfo(char *user) pwd->pw_gecos, pwd->pw_dir, pwd->pw_shell); - + return true; } @@ -154,13 +154,13 @@ static bool wbinfo_get_userinfo(char *user) static bool wbinfo_get_uidinfo(int uid) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - struct passwd *pwd = NULL; + struct passwd *pwd = NULL; wbc_status = wbcGetpwuid(uid, &pwd); if (!WBC_ERROR_IS_OK(wbc_status)) { return false; } - + d_printf("%s:%s:%d:%d:%s:%s:%s\n", pwd->pw_name, pwd->pw_passwd, @@ -169,7 +169,7 @@ static bool wbinfo_get_uidinfo(int uid) pwd->pw_gecos, pwd->pw_dir, pwd->pw_shell); - + return true; } @@ -191,14 +191,14 @@ static bool wbinfo_get_groupinfo(char *group) &response); if ( result != NSS_STATUS_SUCCESS) - return False; + return false; - d_printf( "%s:%s:%d\n", + d_printf( "%s:%s:%d\n", response.data.gr.gr_name, response.data.gr.gr_passwd, response.data.gr.gr_gid ); - - return True; + + return true; } /* List groups a user is a member of */ @@ -209,7 +209,7 @@ static bool wbinfo_get_usergroups(char *user) struct winbindd_response response; NSS_STATUS result; int i; - + ZERO_STRUCT(request); ZERO_STRUCT(response); @@ -220,14 +220,14 @@ static bool wbinfo_get_usergroups(char *user) result = winbindd_request_response(WINBINDD_GETGROUPS, &request, &response); if (result != NSS_STATUS_SUCCESS) - return False; + return false; for (i = 0; i < response.data.num_entries; i++) d_printf("%d\n", (int)((gid_t *)response.extra_data.data)[i]); SAFE_FREE(response.extra_data.data); - return True; + return true; } @@ -249,7 +249,7 @@ static bool wbinfo_get_usersids(char *user_sid) result = winbindd_request_response(WINBINDD_GETUSERSIDS, &request, &response); if (result != NSS_STATUS_SUCCESS) - return False; + return false; s = (const char *)response.extra_data.data; for (i = 0; i < response.data.num_entries; i++) { @@ -259,7 +259,7 @@ static bool wbinfo_get_usersids(char *user_sid) SAFE_FREE(response.extra_data.data); - return True; + return true; } static bool wbinfo_get_userdomgroups(const char *user_sid) @@ -275,17 +275,17 @@ static bool wbinfo_get_userdomgroups(const char *user_sid) fstrcpy(request.data.sid, user_sid); result = winbindd_request_response(WINBINDD_GETUSERDOMGROUPS, &request, - &response); + &response); if (result != NSS_STATUS_SUCCESS) - return False; + return false; if (response.data.num_entries != 0) printf("%s", (char *)response.extra_data.data); - + SAFE_FREE(response.extra_data.data); - return True; + return true; } /* Convert NetBIOS name to IP */ @@ -304,14 +304,14 @@ static bool wbinfo_wins_byname(char *name) if (winbindd_request_response(WINBINDD_WINS_BYNAME, &request, &response) != NSS_STATUS_SUCCESS) { - return False; + return false; } /* Display response */ d_printf("%s\n", response.data.winsresp); - return True; + return true; } /* Convert IP to NetBIOS name */ @@ -330,14 +330,14 @@ static bool wbinfo_wins_byip(char *ip) if (winbindd_request_response(WINBINDD_WINS_BYIP, &request, &response) != NSS_STATUS_SUCCESS) { - return False; + return false; } /* Display response */ d_printf("%s\n", response.data.winsresp); - return True; + return true; } /* List trusted domains */ @@ -356,7 +356,7 @@ static bool wbinfo_list_domains(bool list_all_domains) if (winbindd_request_response(WINBINDD_LIST_TRUSTDOM, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ @@ -373,7 +373,7 @@ static bool wbinfo_list_domains(bool list_all_domains) extra_data); TALLOC_FREE(frame); SAFE_FREE(response.extra_data.data); - return False; + return false; } *p = 0; d_printf("%s\n", name); @@ -382,7 +382,7 @@ static bool wbinfo_list_domains(bool list_all_domains) SAFE_FREE(response.extra_data.data); } - return True; + return true; } /* List own domain */ @@ -391,7 +391,7 @@ static bool wbinfo_list_own_domain(void) { d_printf("%s\n", get_winbind_domain()); - return True; + return true; } /* show sequence numbers */ @@ -410,7 +410,7 @@ static bool wbinfo_show_sequence(const char *domain) if (winbindd_request_response(WINBINDD_SHOW_SEQUENCE, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ @@ -427,7 +427,7 @@ static bool wbinfo_show_sequence(const char *domain) SAFE_FREE(response.extra_data.data); } - return True; + return true; } /* Show domain info */ @@ -449,7 +449,7 @@ static bool wbinfo_domain_info(const char *domain_name) if (winbindd_request_response(WINBINDD_DOMAIN_INFO, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ @@ -466,7 +466,7 @@ static bool wbinfo_domain_info(const char *domain_name) d_printf("Primary : %s\n", response.data.domain_info.primary ? "Yes" : "No"); - return True; + return true; } /* Get a foreign DC's name */ @@ -485,14 +485,14 @@ static bool wbinfo_getdcname(const char *domain_name) if (winbindd_request_response(WINBINDD_GETDCNAME, &request, &response) != NSS_STATUS_SUCCESS) { d_fprintf(stderr, "Could not get dc name for %s\n", domain_name); - return False; + return false; } /* Display response */ d_printf("%s\n", response.data.dc_name); - return True; + return true; } /* Find a DC */ @@ -514,35 +514,35 @@ static bool wbinfo_dsgetdcname(const char *domain_name, uint32_t flags) if (winbindd_request_response(WINBINDD_DSGETDCNAME, &request, &response) != NSS_STATUS_SUCCESS) { d_fprintf(stderr, "Could not find dc for %s\n", domain_name); - return False; + return false; } /* Display response */ d_printf("%s\n", response.data.dc_name); - return True; + return true; } /* Check trust account password */ static bool wbinfo_check_secret(void) { - struct winbindd_response response; - NSS_STATUS result; + struct winbindd_response response; + NSS_STATUS result; - ZERO_STRUCT(response); + ZERO_STRUCT(response); - result = winbindd_request_response(WINBINDD_CHECK_MACHACC, NULL, &response); - - d_printf("checking the trust secret via RPC calls %s\n", + result = winbindd_request_response(WINBINDD_CHECK_MACHACC, NULL, &response); + + d_printf("checking the trust secret via RPC calls %s\n", (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed"); - if (result != NSS_STATUS_SUCCESS) - d_fprintf(stderr, "error code was %s (0x%x)\n", - response.data.auth.nt_status_string, + if (result != NSS_STATUS_SUCCESS) + d_fprintf(stderr, "error code was %s (0x%x)\n", + response.data.auth.nt_status_string, response.data.auth.nt_status); - + return result == NSS_STATUS_SUCCESS; } @@ -562,13 +562,13 @@ static bool wbinfo_uid_to_sid(uid_t uid) if (winbindd_request_response(WINBINDD_UID_TO_SID, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ d_printf("%s\n", response.data.sid.sid); - return True; + return true; } /* Convert gid to sid */ @@ -587,13 +587,13 @@ static bool wbinfo_gid_to_sid(gid_t gid) if (winbindd_request_response(WINBINDD_GID_TO_SID, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ d_printf("%s\n", response.data.sid.sid); - return True; + return true; } /* Convert sid to uid */ @@ -612,13 +612,13 @@ static bool wbinfo_sid_to_uid(char *sid) if (winbindd_request_response(WINBINDD_SID_TO_UID, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ d_printf("%d\n", (int)response.data.uid); - return True; + return true; } static bool wbinfo_sid_to_gid(char *sid) @@ -635,13 +635,13 @@ static bool wbinfo_sid_to_gid(char *sid) if (winbindd_request_response(WINBINDD_SID_TO_GID, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ d_printf("%d\n", (int)response.data.gid); - return True; + return true; } static bool wbinfo_allocate_uid(void) @@ -649,11 +649,11 @@ static bool wbinfo_allocate_uid(void) uid_t uid; if (!winbind_allocate_uid(&uid)) - return False; + return false; d_printf("New uid: %d\n", uid); - return True; + return true; } static bool wbinfo_allocate_gid(void) @@ -661,11 +661,11 @@ static bool wbinfo_allocate_gid(void) gid_t gid; if (!winbind_allocate_gid(&gid)) - return False; + return false; d_printf("New gid: %d\n", gid); - return True; + return true; } /* Convert sid to string */ @@ -684,15 +684,15 @@ static bool wbinfo_lookupsid(char *sid) if (winbindd_request_response(WINBINDD_LOOKUPSID, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ - d_printf("%s%c%s %d\n", response.data.name.dom_name, - winbind_separator(), response.data.name.name, + d_printf("%s%c%s %d\n", response.data.name.dom_name, + winbind_separator(), response.data.name.name, response.data.name.type); - return True; + return true; } /* Lookup a list of RIDs */ @@ -725,18 +725,18 @@ static bool wbinfo_lookuprids(char *domain, char *arg) if (winbindd_request_response(WINBINDD_DOMAIN_INFO, &request, &response) != NSS_STATUS_SUCCESS) { d_printf("Could not get domain sid for %s\n", request.domain_name); - return False; + return false; } if (!string_to_sid(&sid, response.data.domain_info.sid)) { d_printf("Could not convert %s to sid\n", response.data.domain_info.sid); - return False; + return false; } mem_ctx = talloc_new(NULL); if (mem_ctx == NULL) { d_printf("talloc_new failed\n"); - return False; + return false; } num_rids = 0; @@ -750,14 +750,14 @@ static bool wbinfo_lookuprids(char *domain, char *arg) if (rids == NULL) { TALLOC_FREE(mem_ctx); - return False; + return false; } if (!winbind_lookup_rids(mem_ctx, &sid, num_rids, rids, &domain_name, &names, &types)) { d_printf("winbind_lookup_rids failed\n"); TALLOC_FREE(mem_ctx); - return False; + return false; } d_printf("Domain: %s\n", domain_name); @@ -768,7 +768,7 @@ static bool wbinfo_lookuprids(char *domain, char *arg) } TALLOC_FREE(mem_ctx); - return True; + return true; } /* Convert string to sid */ @@ -783,18 +783,18 @@ static bool wbinfo_lookupname(char *name) ZERO_STRUCT(request); ZERO_STRUCT(response); - parse_wbinfo_domain_user(name, request.data.name.dom_name, + parse_wbinfo_domain_user(name, request.data.name.dom_name, request.data.name.name); if (winbindd_request_response(WINBINDD_LOOKUPNAME, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Display response */ d_printf("%s %s (%d)\n", response.data.sid.sid, sid_type_lookup(response.data.sid.type), response.data.sid.type); - return True; + return true; } /* Authenticate a user with a plaintext password */ @@ -863,39 +863,41 @@ static bool wbinfo_auth_krb5(char *username, const char *cctype, uint32 flags) static bool wbinfo_auth(char *username) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; - char *s = NULL; - char *p = NULL; - char *password = NULL; - char *name = NULL; + char *s = NULL; + char *p = NULL; + const char *password = NULL; + char *name = NULL; if ((s = SMB_STRDUP(username)) == NULL) { return false; } if ((p = strchr(s, '%')) != NULL) { - *p = 0; + *p = 0; p++; + password = p; + } else { + password = ""; } name = s; - password = p; wbc_status = wbcAuthenticateUser(name, password); - d_printf("plaintext password authentication %s\n", + d_printf("plaintext password authentication %s\n", WBC_ERROR_IS_OK(wbc_status) ? "succeeded" : "failed"); #if 0 if (response.data.auth.nt_status) d_fprintf(stderr, "error code was %s (0x%x)\nerror messsage was: %s\n", - response.data.auth.nt_status_string, + response.data.auth.nt_status_string, response.data.auth.nt_status, response.data.auth.error_string); #endif SAFE_FREE(s); - return WBC_ERROR_IS_OK(wbc_status); + return WBC_ERROR_IS_OK(wbc_status); } /* Authenticate a user with a challenge/response */ @@ -904,22 +906,22 @@ static bool wbinfo_auth_crap(char *username) { struct winbindd_request request; struct winbindd_response response; - NSS_STATUS result; - fstring name_user; - fstring name_domain; - fstring pass; - char *p; + NSS_STATUS result; + fstring name_user; + fstring name_domain; + fstring pass; + char *p; /* Send off request */ ZERO_STRUCT(request); ZERO_STRUCT(response); - p = strchr(username, '%'); + p = strchr(username, '%'); - if (p) { - *p = 0; - fstrcpy(pass, p + 1); + if (p) { + *p = 0; + fstrcpy(pass, p + 1); } parse_wbinfo_domain_user(username, name_domain, name_user); @@ -928,49 +930,48 @@ static bool wbinfo_auth_crap(char *username) fstrcpy(request.data.auth_crap.user, name_user); - fstrcpy(request.data.auth_crap.domain, - name_domain); + fstrcpy(request.data.auth_crap.domain, name_domain); generate_random_buffer(request.data.auth_crap.chal, 8); - + if (lp_client_ntlmv2_auth()) { DATA_BLOB server_chal; - DATA_BLOB names_blob; + DATA_BLOB names_blob; DATA_BLOB lm_response; DATA_BLOB nt_response; - server_chal = data_blob(request.data.auth_crap.chal, 8); - + server_chal = data_blob(request.data.auth_crap.chal, 8); + /* Pretend this is a login to 'us', for blob purposes */ names_blob = NTLMv2_generate_names_blob(global_myname(), lp_workgroup()); - - if (!SMBNTLMv2encrypt(name_user, name_domain, pass, &server_chal, + + if (!SMBNTLMv2encrypt(name_user, name_domain, pass, &server_chal, &names_blob, &lm_response, &nt_response, NULL)) { data_blob_free(&names_blob); data_blob_free(&server_chal); - return False; + return false; } data_blob_free(&names_blob); data_blob_free(&server_chal); - memcpy(request.data.auth_crap.nt_resp, nt_response.data, - MIN(nt_response.length, + memcpy(request.data.auth_crap.nt_resp, nt_response.data, + MIN(nt_response.length, sizeof(request.data.auth_crap.nt_resp))); request.data.auth_crap.nt_resp_len = nt_response.length; - memcpy(request.data.auth_crap.lm_resp, lm_response.data, - MIN(lm_response.length, + memcpy(request.data.auth_crap.lm_resp, lm_response.data, + MIN(lm_response.length, sizeof(request.data.auth_crap.lm_resp))); request.data.auth_crap.lm_resp_len = lm_response.length; - + data_blob_free(&nt_response); data_blob_free(&lm_response); } else { - if (lp_client_lanman_auth() - && SMBencrypt(pass, request.data.auth_crap.chal, + if (lp_client_lanman_auth() + && SMBencrypt(pass, request.data.auth_crap.chal, (uchar *)request.data.auth_crap.lm_resp)) { request.data.auth_crap.lm_resp_len = 24; } else { @@ -986,16 +987,16 @@ static bool wbinfo_auth_crap(char *username) /* Display response */ - d_printf("challenge/response password authentication %s\n", - (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed"); + d_printf("challenge/response password authentication %s\n", + (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed"); if (response.data.auth.nt_status) d_fprintf(stderr, "error code was %s (0x%x)\nerror messsage was: %s\n", - response.data.auth.nt_status_string, + response.data.auth.nt_status_string, response.data.auth.nt_status, response.data.auth.error_string); - return result == NSS_STATUS_SUCCESS; + return result == NSS_STATUS_SUCCESS; } /* Authenticate a user with a plaintext password and set a token */ @@ -1004,23 +1005,23 @@ static bool wbinfo_klog(char *username) { struct winbindd_request request; struct winbindd_response response; - NSS_STATUS result; - char *p; + NSS_STATUS result; + char *p; /* Send off request */ ZERO_STRUCT(request); ZERO_STRUCT(response); - p = strchr(username, '%'); + p = strchr(username, '%'); - if (p) { - *p = 0; - fstrcpy(request.data.auth.user, username); - fstrcpy(request.data.auth.pass, p + 1); - *p = '%'; - } else { - fstrcpy(request.data.auth.user, username); + if (p) { + *p = 0; + fstrcpy(request.data.auth.user, username); + fstrcpy(request.data.auth.pass, p + 1); + *p = '%'; + } else { + fstrcpy(request.data.auth.user, username); fstrcpy(request.data.auth.pass, getpass("Password: ")); } @@ -1030,30 +1031,30 @@ static bool wbinfo_klog(char *username) /* Display response */ - d_printf("plaintext password authentication %s\n", - (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed"); + d_printf("plaintext password authentication %s\n", + (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed"); if (response.data.auth.nt_status) d_fprintf(stderr, "error code was %s (0x%x)\nerror messsage was: %s\n", - response.data.auth.nt_status_string, + response.data.auth.nt_status_string, response.data.auth.nt_status, response.data.auth.error_string); if (result != NSS_STATUS_SUCCESS) - return False; + return false; if (response.extra_data.data == NULL) { d_fprintf(stderr, "Did not get token data\n"); - return False; + return false; } if (!afs_settoken_str((char *)response.extra_data.data)) { d_fprintf(stderr, "Could not set token\n"); - return False; + return false; } d_printf("Successfully created AFS token\n"); - return True; + return true; } /* Print domain users */ @@ -1081,12 +1082,12 @@ static bool print_domain_users(const char *domain) if (winbindd_request_response(WINBINDD_LIST_USERS, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Look through extra data */ if (!response.extra_data.data) - return False; + return false; extra_data = (const char *)response.extra_data.data; @@ -1097,7 +1098,7 @@ static bool print_domain_users(const char *domain) SAFE_FREE(response.extra_data.data); - return True; + return true; } /* Print domain groups */ @@ -1122,12 +1123,12 @@ static bool print_domain_groups(const char *domain) if (winbindd_request_response(WINBINDD_LIST_GROUPS, &request, &response) != NSS_STATUS_SUCCESS) - return False; + return false; /* Look through extra data */ if (!response.extra_data.data) - return False; + return false; extra_data = (const char *)response.extra_data.data; @@ -1138,7 +1139,7 @@ static bool print_domain_groups(const char *domain) SAFE_FREE(response.extra_data.data); - return True; + return true; } /* Set the authorised user for winbindd access in secrets.tdb */ @@ -1161,7 +1162,7 @@ static bool wbinfo_set_auth_user(char *username) } else { char *thepass = getpass("Password: "); if (thepass) { - password = thepass; + password = thepass; } else password = ""; } @@ -1175,7 +1176,7 @@ static bool wbinfo_set_auth_user(char *username) if (!secrets_store(SECRETS_AUTH_USER, user, strlen(user) + 1)) { d_fprintf(stderr, "error storing username\n"); - return False; + return false; } /* We always have a domain name added by the @@ -1184,7 +1185,7 @@ static bool wbinfo_set_auth_user(char *username) if (!secrets_store(SECRETS_AUTH_DOMAIN, domain, strlen(domain) + 1)) { d_fprintf(stderr, "error storing domain name\n"); - return False; + return false; } } else { @@ -1197,13 +1198,13 @@ static bool wbinfo_set_auth_user(char *username) if (!secrets_store(SECRETS_AUTH_PASSWORD, password, strlen(password) + 1)) { d_fprintf(stderr, "error storing password\n"); - return False; + return false; } } else secrets_delete(SECRETS_AUTH_PASSWORD); - return True; + return true; } static void wbinfo_get_auth_user(void) @@ -1211,7 +1212,7 @@ static void wbinfo_get_auth_user(void) char *user, *domain, *password; /* Lift data from secrets file */ - + secrets_fetch_ipc_userpass(&user, &domain, &password); if ((!user || !*user) && (!domain || !*domain ) && (!password || !*password)){ @@ -1241,10 +1242,10 @@ static bool wbinfo_ping(void) /* Display response */ - d_printf("Ping to winbindd %s on fd %d\n", - (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed", winbindd_fd); + d_printf("Ping to winbindd %s on fd %d\n", + (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed", winbindd_fd); - return result == NSS_STATUS_SUCCESS; + return result == NSS_STATUS_SUCCESS; } /* Main program */ @@ -1270,7 +1271,7 @@ enum { int main(int argc, char **argv, char **envp) { int opt; - TALLOC_CTX *frame = talloc_stackframe(); + TALLOC_CTX *frame = talloc_stackframe(); poptContext pc; static char *string_arg; static char *opt_domain_name; @@ -1280,7 +1281,7 @@ int main(int argc, char **argv, char **envp) struct poptOption long_options[] = { POPT_AUTOHELP - /* longName, shortName, argInfo, argPtr, value, descrip, + /* longName, shortName, argInfo, argPtr, value, descrip, argDesc */ { "domain-users", 'u', POPT_ARG_NONE, 0, 'u', "Lists all domain users", "domain"}, @@ -1354,7 +1355,7 @@ int main(int argc, char **argv, char **envp) poptFreeContext(pc); - if (!lp_load(get_dyn_CONFIGFILE(), True, False, False, True)) { + if (!lp_load(get_dyn_CONFIGFILE(), true, false, false, true)) { d_fprintf(stderr, "wbinfo: error opening config file %s. Error was %s\n", get_dyn_CONFIGFILE(), strerror(errno)); exit(1); @@ -1458,7 +1459,7 @@ int main(int argc, char **argv, char **envp) } break; case 'm': - if (!wbinfo_list_domains(False)) { + if (!wbinfo_list_domains(false)) { d_fprintf(stderr, "Could not list trusted domains\n"); goto done; } @@ -1518,18 +1519,18 @@ int main(int argc, char **argv, char **envp) } break; case 'a': { - bool got_error = False; + bool got_error = false; if (!wbinfo_auth(string_arg)) { d_fprintf(stderr, "Could not authenticate user %s with " "plaintext password\n", string_arg); - got_error = True; + got_error = true; } if (!wbinfo_auth_crap(string_arg)) { d_fprintf(stderr, "Could not authenticate user %s with " "challenge/response\n", string_arg); - got_error = True; + got_error = true; } if (got_error) @@ -1580,7 +1581,7 @@ int main(int argc, char **argv, char **envp) } break; case OPT_SEPARATOR: { - const char sep = winbind_separator_int(True); + const char sep = winbind_separator_int(true); if ( !sep ) { goto done; } @@ -1588,7 +1589,7 @@ int main(int argc, char **argv, char **envp) break; } case OPT_LIST_ALL_DOMAINS: - if (!wbinfo_list_domains(True)) { + if (!wbinfo_list_domains(true)) { goto done; } break; diff --git a/source3/nsswitch/winbind_krb5_locator.c b/source3/nsswitch/winbind_krb5_locator.c index eef57ca2c0..33a68f0cdc 100644 --- a/source3/nsswitch/winbind_krb5_locator.c +++ b/source3/nsswitch/winbind_krb5_locator.c @@ -90,7 +90,7 @@ static const char *family_name(int family) return "AF_UNSPEC"; case AF_INET: return "AF_INET"; -#if defined(HAVE_IPv6) +#if defined(HAVE_IPV6) case AF_INET6: return "AF_INET6"; #endif @@ -137,9 +137,9 @@ static int smb_krb5_locator_lookup_sanity_check(enum locate_service_type svc, case AF_UNSPEC: case AF_INET: break; -#if defined(HAVE_IPv6) - case AF_INET6: /* not yet */ - return KRB5_PLUGIN_NO_HANDLE; +#if defined(HAVE_IPV6) + case AF_INET6: + break; #endif default: return EINVAL; diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index c1d26af989..8edd32e937 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -1691,7 +1691,7 @@ static void init_globals(bool first_time_only) Globals.bWinbindTrustedDomainsOnly = False; Globals.bWinbindNestedGroups = True; Globals.winbind_expand_groups = 1; - Globals.szWinbindNssInfo = str_list_make("template", NULL); + Globals.szWinbindNssInfo = str_list_make(NULL, "template", NULL); Globals.bWinbindRefreshTickets = False; Globals.bWinbindOfflineLogon = False; @@ -2397,7 +2397,7 @@ const char **lp_parm_string_list(int snum, const char *type, const char *option, return (const char **)def; if (data->list==NULL) { - data->list = str_list_make(data->value, NULL); + data->list = str_list_make(NULL, data->value, NULL); } return (const char **)data->list; @@ -2494,9 +2494,10 @@ static void free_service(service *pservice) PTR_DIFF(parm_table[i].ptr, &sDefault))); else if (parm_table[i].type == P_LIST && parm_table[i].p_class == P_LOCAL) - str_list_free((char ***) - (((char *)pservice) + - PTR_DIFF(parm_table[i].ptr, &sDefault))); + TALLOC_FREE(*((char ***) + (((char *)pservice) + + PTR_DIFF(parm_table[i].ptr, + &sDefault)))); } data = pservice->param_opt; @@ -2506,7 +2507,7 @@ static void free_service(service *pservice) DEBUG(5,("[%s = %s]\n", data->key, data->value)); string_free(&data->key); string_free(&data->value); - str_list_free(&data->list); + TALLOC_FREE(data->list); pdata = data->next; SAFE_FREE(data); data = pdata; @@ -2566,7 +2567,7 @@ static int add_a_service(const service *pservice, const char *name) while (data) { string_free(&data->key); string_free(&data->value); - str_list_free(&data->list); + TALLOC_FREE(data->list); pdata = data->next; SAFE_FREE(data); data = pdata; @@ -3275,8 +3276,9 @@ static void copy_service(service * pserviceDest, service * pserviceSource, strupper_m(*(char **)dest_ptr); break; case P_LIST: - str_list_free((char ***)dest_ptr); - str_list_copy((char ***)dest_ptr, *(const char ***)src_ptr); + TALLOC_FREE(*((char ***)dest_ptr)); + str_list_copy(NULL, (char ***)dest_ptr, + *(const char ***)src_ptr); break; default: break; @@ -3299,7 +3301,7 @@ static void copy_service(service * pserviceDest, service * pserviceSource, /* If we already have same option, override it */ if (strcmp(pdata->key, data->key) == 0) { string_free(&pdata->value); - str_list_free(&data->list); + TALLOC_FREE(data->list); pdata->value = SMB_STRDUP(data->value); not_added = False; break; @@ -3774,8 +3776,8 @@ static bool handle_netbios_scope(int snum, const char *pszParmValue, char **ptr) static bool handle_netbios_aliases(int snum, const char *pszParmValue, char **ptr) { - str_list_free(&Globals.szNetbiosAliases); - Globals.szNetbiosAliases = str_list_make(pszParmValue, NULL); + TALLOC_FREE(Globals.szNetbiosAliases); + Globals.szNetbiosAliases = str_list_make(NULL, pszParmValue, NULL); return set_netbios_aliases((const char **)Globals.szNetbiosAliases); } @@ -4099,7 +4101,7 @@ bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue /* If we already have same option, override it */ if (strcmp(data->key, param_key) == 0) { string_free(&data->value); - str_list_free(&data->list); + TALLOC_FREE(data->list); data->value = SMB_STRDUP(pszParmValue); not_added = False; break; @@ -4192,8 +4194,9 @@ bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue break; case P_LIST: - str_list_free((char ***)parm_ptr); - *(char ***)parm_ptr = str_list_make(pszParmValue, NULL); + TALLOC_FREE(*((char ***)parm_ptr)); + *(char ***)parm_ptr = str_list_make( + NULL, pszParmValue, NULL); break; case P_STRING: @@ -4812,8 +4815,9 @@ static void lp_save_defaults(void) continue; switch (parm_table[i].type) { case P_LIST: - str_list_copy(&(parm_table[i].def.lvalue), - *(const char ***)parm_table[i].ptr); + str_list_copy( + NULL, &(parm_table[i].def.lvalue), + *(const char ***)parm_table[i].ptr); break; case P_STRING: case P_USTRING: @@ -5647,7 +5651,7 @@ void gfree_loadparm(void) string_free( (char**)parm_table[i].ptr ); } else if (parm_table[i].type == P_LIST) { - str_list_free( (char***)parm_table[i].ptr ); + TALLOC_FREE( *((char***)parm_table[i].ptr) ); } } } @@ -5687,7 +5691,7 @@ bool lp_load(const char *pszFname, while (data) { string_free(&data->key); string_free(&data->value); - str_list_free(&data->list); + TALLOC_FREE(data->list); pdata = data->next; SAFE_FREE(data); data = pdata; diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c index 9f66eb934e..4341bc02cc 100644 --- a/source3/passdb/lookup_sid.c +++ b/source3/passdb/lookup_sid.c @@ -548,10 +548,16 @@ static bool lookup_rids(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid, if (*domain_name == NULL) { *domain_name = talloc_strdup( mem_ctx, unix_users_domain_name()); + if (*domain_name == NULL) { + return false; + } } for (i=0; i<num_rids; i++) { (*names)[i] = talloc_strdup( (*names), uidtoname(rids[i])); + if ((*names)[i] == NULL) { + return false; + } (*types)[i] = SID_NAME_USER; } return true; @@ -561,10 +567,16 @@ static bool lookup_rids(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid, if (*domain_name == NULL) { *domain_name = talloc_strdup( mem_ctx, unix_groups_domain_name()); + if (*domain_name == NULL) { + return false; + } } for (i=0; i<num_rids; i++) { (*names)[i] = talloc_strdup( (*names), gidtoname(rids[i])); + if ((*names)[i] == NULL) { + return false; + } (*types)[i] = SID_NAME_DOM_GRP; } return true; diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 4228f6c32f..b6a4126df1 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -443,10 +443,7 @@ bool pdb_gethexhours(const char *p, unsigned char *hours) int algorithmic_rid_base(void) { - static int rid_offset = 0; - - if (rid_offset != 0) - return rid_offset; + int rid_offset; rid_offset = lp_algorithmic_rid_base(); diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c index 6cf54fbdf6..70944a9596 100644 --- a/source3/passdb/pdb_smbpasswd.c +++ b/source3/passdb/pdb_smbpasswd.c @@ -1559,8 +1559,24 @@ static bool smbpasswd_search_next_entry(struct pdb_search *search, return false; } - *entry = state->entries[state->current++]; + entry->idx = state->entries[state->current].idx; + entry->rid = state->entries[state->current].rid; + entry->acct_flags = state->entries[state->current].acct_flags; + + entry->account_name = talloc_strdup( + search->mem_ctx, state->entries[state->current].account_name); + entry->fullname = talloc_strdup( + search->mem_ctx, state->entries[state->current].fullname); + entry->description = talloc_strdup( + search->mem_ctx, state->entries[state->current].description); + + if ((entry->account_name == NULL) || (entry->fullname == NULL) + || (entry->description == NULL)) { + DEBUG(0, ("talloc_strdup failed\n")); + return false; + } + state->current += 1; return true; } diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c index 286cc210e2..7019e7f6f2 100644 --- a/source3/rpc_client/cli_lsarpc.c +++ b/source3/rpc_client/cli_lsarpc.c @@ -1151,48 +1151,6 @@ NTSTATUS rpccli_lsa_lookup_priv_value(struct rpc_pipe_client *cli, TALLOC_CTX *m return result; } -/** Query LSA security object */ - -NTSTATUS rpccli_lsa_query_secobj(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *pol, uint32 sec_info, - SEC_DESC_BUF **psdb) -{ - prs_struct qbuf, rbuf; - LSA_Q_QUERY_SEC_OBJ q; - LSA_R_QUERY_SEC_OBJ r; - NTSTATUS result; - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_q_query_sec_obj(&q, pol, sec_info); - - CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYSECOBJ, - q, r, - qbuf, rbuf, - lsa_io_q_query_sec_obj, - lsa_io_r_query_sec_obj, - NT_STATUS_UNSUCCESSFUL); - - result = r.status; - - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - /* Return output parameters */ - - if (psdb) - *psdb = r.buf; - - done: - - return result; -} - - /* Enumerate account rights This is similar to enum_privileges but takes a SID directly, avoiding the open_account call. */ diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c index 2fb3768866..4765e529be 100644 --- a/source3/rpc_client/cli_samr.c +++ b/source3/rpc_client/cli_samr.c @@ -22,302 +22,6 @@ #include "includes.h" -/* Connect to SAMR database */ - -NTSTATUS rpccli_samr_connect(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - uint32 access_mask, POLICY_HND *connect_pol) -{ - prs_struct qbuf, rbuf; - SAMR_Q_CONNECT q; - SAMR_R_CONNECT r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - DEBUG(10,("cli_samr_connect to %s\n", cli->cli->desthost)); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_connect(&q, cli->cli->desthost, access_mask); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CONNECT, - q, r, - qbuf, rbuf, - samr_io_q_connect, - samr_io_r_connect, - NT_STATUS_UNSUCCESSFUL); - /* Return output parameters */ - - if (NT_STATUS_IS_OK(result = r.status)) { - *connect_pol = r.connect_pol; -#ifdef __INSURE__ - connect_pol->marker = malloc(1); -#endif - } - - return result; -} - -/* Connect to SAMR database */ - -NTSTATUS rpccli_samr_connect4(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - uint32 access_mask, POLICY_HND *connect_pol) -{ - prs_struct qbuf, rbuf; - SAMR_Q_CONNECT4 q; - SAMR_R_CONNECT4 r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_connect4(&q, cli->cli->desthost, access_mask); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CONNECT4, - q, r, - qbuf, rbuf, - samr_io_q_connect4, - samr_io_r_connect4, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - if (NT_STATUS_IS_OK(result = r.status)) { - *connect_pol = r.connect_pol; -#ifdef __INSURE__ - connect_pol->marker = malloc(1); -#endif - } - - return result; -} - -/* Open handle on a domain */ - -NTSTATUS rpccli_samr_open_domain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *connect_pol, uint32 access_mask, - const DOM_SID *domain_sid, - POLICY_HND *domain_pol) -{ - prs_struct qbuf, rbuf; - SAMR_Q_OPEN_DOMAIN q; - SAMR_R_OPEN_DOMAIN r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - DEBUG(10,("cli_samr_open_domain with sid %s\n", - sid_string_dbg(domain_sid) )); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_open_domain(&q, connect_pol, access_mask, domain_sid); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_OPEN_DOMAIN, - q, r, - qbuf, rbuf, - samr_io_q_open_domain, - samr_io_r_open_domain, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - if (NT_STATUS_IS_OK(result = r.status)) { - *domain_pol = r.domain_pol; -#ifdef __INSURE__ - domain_pol->marker = malloc(1); -#endif - } - - return result; -} - -NTSTATUS rpccli_samr_open_user(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, - POLICY_HND *domain_pol, uint32 access_mask, - uint32 user_rid, POLICY_HND *user_pol) -{ - prs_struct qbuf, rbuf; - SAMR_Q_OPEN_USER q; - SAMR_R_OPEN_USER r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - DEBUG(10,("cli_samr_open_user with rid 0x%x\n", user_rid )); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_open_user(&q, domain_pol, access_mask, user_rid); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_OPEN_USER, - q, r, - qbuf, rbuf, - samr_io_q_open_user, - samr_io_r_open_user, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - if (NT_STATUS_IS_OK(result = r.status)) { - *user_pol = r.user_pol; -#ifdef __INSURE__ - user_pol->marker = malloc(1); -#endif - } - - return result; -} - -/* Open handle on a group */ - -NTSTATUS rpccli_samr_open_group(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, - POLICY_HND *domain_pol, uint32 access_mask, - uint32 group_rid, POLICY_HND *group_pol) -{ - prs_struct qbuf, rbuf; - SAMR_Q_OPEN_GROUP q; - SAMR_R_OPEN_GROUP r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - DEBUG(10,("cli_samr_open_group with rid 0x%x\n", group_rid )); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_open_group(&q, domain_pol, access_mask, group_rid); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_OPEN_GROUP, - q, r, - qbuf, rbuf, - samr_io_q_open_group, - samr_io_r_open_group, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - if (NT_STATUS_IS_OK(result = r.status)) { - *group_pol = r.pol; -#ifdef __INSURE__ - group_pol->marker = malloc(1); -#endif - } - - return result; -} - -/* Create domain group */ - -NTSTATUS rpccli_samr_create_dom_group(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *domain_pol, - const char *group_name, - uint32 access_mask, POLICY_HND *group_pol) -{ - prs_struct qbuf, rbuf; - SAMR_Q_CREATE_DOM_GROUP q; - SAMR_R_CREATE_DOM_GROUP r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - DEBUG(10,("cli_samr_create_dom_group\n")); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_create_dom_group(&q, domain_pol, group_name, access_mask); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CREATE_DOM_GROUP, - q, r, - qbuf, rbuf, - samr_io_q_create_dom_group, - samr_io_r_create_dom_group, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - result = r.status; - - if (NT_STATUS_IS_OK(result)) - *group_pol = r.pol; - - return result; -} - -/* Add a domain group member */ - -NTSTATUS rpccli_samr_add_groupmem(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *group_pol, uint32 rid) -{ - prs_struct qbuf, rbuf; - SAMR_Q_ADD_GROUPMEM q; - SAMR_R_ADD_GROUPMEM r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - DEBUG(10,("cli_samr_add_groupmem\n")); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_add_groupmem(&q, group_pol, rid); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ADD_GROUPMEM, - q, r, - qbuf, rbuf, - samr_io_q_add_groupmem, - samr_io_r_add_groupmem, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - result = r.status; - - return result; -} - -/* Delete a domain group member */ - -NTSTATUS rpccli_samr_del_groupmem(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *group_pol, uint32 rid) -{ - prs_struct qbuf, rbuf; - SAMR_Q_DEL_GROUPMEM q; - SAMR_R_DEL_GROUPMEM r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - DEBUG(10,("cli_samr_del_groupmem\n")); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_del_groupmem(&q, group_pol, rid); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DEL_GROUPMEM, - q, r, - qbuf, rbuf, - samr_io_q_del_groupmem, - samr_io_r_del_groupmem, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - result = r.status; - - return result; -} - /* Query user info */ NTSTATUS rpccli_samr_query_userinfo(struct rpc_pipe_client *cli, @@ -496,97 +200,6 @@ NTSTATUS rpccli_samr_set_aliasinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ return result; } -/* Query user aliases */ - -NTSTATUS rpccli_samr_query_useraliases(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, - POLICY_HND *dom_pol, uint32 num_sids, - DOM_SID2 *sid, - uint32 *num_aliases, uint32 **als_rids) -{ - prs_struct qbuf, rbuf; - SAMR_Q_QUERY_USERALIASES q; - SAMR_R_QUERY_USERALIASES r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - int i; - uint32 *sid_ptrs; - - DEBUG(10,("cli_samr_query_useraliases\n")); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - if (num_sids) { - sid_ptrs = TALLOC_ARRAY(mem_ctx, uint32, num_sids); - if (sid_ptrs == NULL) - return NT_STATUS_NO_MEMORY; - } else { - sid_ptrs = NULL; - } - - for (i=0; i<num_sids; i++) - sid_ptrs[i] = 1; - - /* Marshall data and send request */ - - init_samr_q_query_useraliases(&q, dom_pol, num_sids, sid_ptrs, sid); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_USERALIASES, - q, r, - qbuf, rbuf, - samr_io_q_query_useraliases, - samr_io_r_query_useraliases, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - if (NT_STATUS_IS_OK(result = r.status)) { - *num_aliases = r.num_entries; - *als_rids = r.rid; - } - - return result; -} - -/* Query user groups */ - -NTSTATUS rpccli_samr_query_groupmem(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, - POLICY_HND *group_pol, uint32 *num_mem, - uint32 **rid, uint32 **attr) -{ - prs_struct qbuf, rbuf; - SAMR_Q_QUERY_GROUPMEM q; - SAMR_R_QUERY_GROUPMEM r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - DEBUG(10,("cli_samr_query_groupmem\n")); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_query_groupmem(&q, group_pol); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_GROUPMEM, - q, r, - qbuf, rbuf, - samr_io_q_query_groupmem, - samr_io_r_query_groupmem, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - if (NT_STATUS_IS_OK(result = r.status)) { - *num_mem = r.num_entries; - *rid = r.rid; - *attr = r.attr; - } - - return result; -} - /** * Enumerate domain users * @@ -814,200 +427,6 @@ NTSTATUS rpccli_samr_enum_als_groups(struct rpc_pipe_client *cli, return result; } -/* Query alias members */ - -NTSTATUS rpccli_samr_query_aliasmem(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, - POLICY_HND *alias_pol, uint32 *num_mem, - DOM_SID **sids) -{ - prs_struct qbuf, rbuf; - SAMR_Q_QUERY_ALIASMEM q; - SAMR_R_QUERY_ALIASMEM r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - uint32 i; - - DEBUG(10,("cli_samr_query_aliasmem\n")); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_query_aliasmem(&q, alias_pol); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_ALIASMEM, - q, r, - qbuf, rbuf, - samr_io_q_query_aliasmem, - samr_io_r_query_aliasmem, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - if (!NT_STATUS_IS_OK(result = r.status)) { - goto done; - } - - *num_mem = r.num_sids; - - if (*num_mem == 0) { - *sids = NULL; - result = NT_STATUS_OK; - goto done; - } - - if (!(*sids = TALLOC_ARRAY(mem_ctx, DOM_SID, *num_mem))) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - for (i = 0; i < *num_mem; i++) { - (*sids)[i] = r.sid[i].sid; - } - - done: - return result; -} - -/* Open handle on an alias */ - -NTSTATUS rpccli_samr_open_alias(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, - POLICY_HND *domain_pol, uint32 access_mask, - uint32 alias_rid, POLICY_HND *alias_pol) -{ - prs_struct qbuf, rbuf; - SAMR_Q_OPEN_ALIAS q; - SAMR_R_OPEN_ALIAS r; - NTSTATUS result; - - DEBUG(10,("cli_samr_open_alias with rid 0x%x\n", alias_rid)); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_open_alias(&q, domain_pol, access_mask, alias_rid); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_OPEN_ALIAS, - q, r, - qbuf, rbuf, - samr_io_q_open_alias, - samr_io_r_open_alias, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - if (NT_STATUS_IS_OK(result = r.status)) { - *alias_pol = r.pol; -#ifdef __INSURE__ - alias_pol->marker = malloc(1); -#endif - } - - return result; -} - -/* Create an alias */ - -NTSTATUS rpccli_samr_create_dom_alias(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *domain_pol, const char *name, - POLICY_HND *alias_pol) -{ - prs_struct qbuf, rbuf; - SAMR_Q_CREATE_DOM_ALIAS q; - SAMR_R_CREATE_DOM_ALIAS r; - NTSTATUS result; - - DEBUG(10,("cli_samr_create_dom_alias named %s\n", name)); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_create_dom_alias(&q, domain_pol, name); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CREATE_DOM_ALIAS, - q, r, - qbuf, rbuf, - samr_io_q_create_dom_alias, - samr_io_r_create_dom_alias, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - if (NT_STATUS_IS_OK(result = r.status)) { - *alias_pol = r.alias_pol; - } - - return result; -} - -/* Add an alias member */ - -NTSTATUS rpccli_samr_add_aliasmem(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *alias_pol, DOM_SID *member) -{ - prs_struct qbuf, rbuf; - SAMR_Q_ADD_ALIASMEM q; - SAMR_R_ADD_ALIASMEM r; - NTSTATUS result; - - DEBUG(10,("cli_samr_add_aliasmem")); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_add_aliasmem(&q, alias_pol, member); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ADD_ALIASMEM, - q, r, - qbuf, rbuf, - samr_io_q_add_aliasmem, - samr_io_r_add_aliasmem, - NT_STATUS_UNSUCCESSFUL); - - result = r.status; - - return result; -} - -/* Delete an alias member */ - -NTSTATUS rpccli_samr_del_aliasmem(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *alias_pol, DOM_SID *member) -{ - prs_struct qbuf, rbuf; - SAMR_Q_DEL_ALIASMEM q; - SAMR_R_DEL_ALIASMEM r; - NTSTATUS result; - - DEBUG(10,("cli_samr_del_aliasmem")); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_del_aliasmem(&q, alias_pol, member); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DEL_ALIASMEM, - q, r, - qbuf, rbuf, - samr_io_q_del_aliasmem, - samr_io_r_del_aliasmem, - NT_STATUS_UNSUCCESSFUL); - - result = r.status; - - return result; -} - /* Query alias info */ NTSTATUS rpccli_samr_query_alias_info(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, @@ -1048,130 +467,6 @@ NTSTATUS rpccli_samr_query_alias_info(struct rpc_pipe_client *cli, TALLOC_CTX *m return result; } -/* Query domain info */ - -NTSTATUS rpccli_samr_query_dom_info(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, - POLICY_HND *domain_pol, - uint16 switch_value, - SAM_UNK_CTR *ctr) -{ - prs_struct qbuf, rbuf; - SAMR_Q_QUERY_DOMAIN_INFO q; - SAMR_R_QUERY_DOMAIN_INFO r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - DEBUG(10,("cli_samr_query_dom_info\n")); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_query_domain_info(&q, domain_pol, switch_value); - - r.ctr = ctr; - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DOMAIN_INFO, - q, r, - qbuf, rbuf, - samr_io_q_query_domain_info, - samr_io_r_query_domain_info, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - if (!NT_STATUS_IS_OK(result = r.status)) { - goto done; - } - - done: - - return result; -} - -/* Query domain info2 */ - -NTSTATUS rpccli_samr_query_dom_info2(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, - POLICY_HND *domain_pol, - uint16 switch_value, - SAM_UNK_CTR *ctr) -{ - prs_struct qbuf, rbuf; - SAMR_Q_QUERY_DOMAIN_INFO2 q; - SAMR_R_QUERY_DOMAIN_INFO2 r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - DEBUG(10,("cli_samr_query_dom_info2\n")); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_query_domain_info2(&q, domain_pol, switch_value); - - r.ctr = ctr; - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DOMAIN_INFO2, - q, r, - qbuf, rbuf, - samr_io_q_query_domain_info2, - samr_io_r_query_domain_info2, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - if (!NT_STATUS_IS_OK(result = r.status)) { - goto done; - } - - done: - - return result; -} - -/* Set domain info */ - -NTSTATUS rpccli_samr_set_domain_info(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, - POLICY_HND *domain_pol, - uint16 switch_value, - SAM_UNK_CTR *ctr) -{ - prs_struct qbuf, rbuf; - SAMR_Q_SET_DOMAIN_INFO q; - SAMR_R_SET_DOMAIN_INFO r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - DEBUG(10,("cli_samr_set_domain_info\n")); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_set_domain_info(&q, domain_pol, switch_value, ctr); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_DOMAIN_INFO, - q, r, - qbuf, rbuf, - samr_io_q_set_domain_info, - samr_io_r_set_domain_info, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - if (!NT_STATUS_IS_OK(result = r.status)) { - goto done; - } - - done: - - return result; -} - /* User change password */ NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli, @@ -1601,51 +896,6 @@ NTSTATUS rpccli_samr_lookup_names(struct rpc_pipe_client *cli, TALLOC_CTX *mem_c return result; } -/* Create a domain user */ - -NTSTATUS rpccli_samr_create_dom_user(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *domain_pol, const char *acct_name, - uint32 acb_info, uint32 acct_flags, - POLICY_HND *user_pol, uint32 *rid) -{ - prs_struct qbuf, rbuf; - SAMR_Q_CREATE_USER q; - SAMR_R_CREATE_USER r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - DEBUG(10,("cli_samr_create_dom_user %s\n", acct_name)); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_create_user(&q, domain_pol, acct_name, acb_info, acct_flags); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CREATE_USER, - q, r, - qbuf, rbuf, - samr_io_q_create_user, - samr_io_r_create_user, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - if (!NT_STATUS_IS_OK(result = r.status)) { - goto done; - } - - if (user_pol) - *user_pol = r.user_pol; - - if (rid) - *rid = r.user_rid; - - done: - - return result; -} - /* Set userinfo */ NTSTATUS rpccli_samr_set_userinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, @@ -1739,243 +989,3 @@ NTSTATUS rpccli_samr_set_userinfo2(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ return result; } - -/* Delete domain group */ - -NTSTATUS rpccli_samr_delete_dom_group(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *group_pol) -{ - prs_struct qbuf, rbuf; - SAMR_Q_DELETE_DOM_GROUP q; - SAMR_R_DELETE_DOM_GROUP r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - DEBUG(10,("cli_samr_delete_dom_group\n")); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_delete_dom_group(&q, group_pol); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DELETE_DOM_GROUP, - q, r, - qbuf, rbuf, - samr_io_q_delete_dom_group, - samr_io_r_delete_dom_group, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - result = r.status; - - return result; -} - -/* Delete domain alias */ - -NTSTATUS rpccli_samr_delete_dom_alias(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *alias_pol) -{ - prs_struct qbuf, rbuf; - SAMR_Q_DELETE_DOM_ALIAS q; - SAMR_R_DELETE_DOM_ALIAS r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - DEBUG(10,("cli_samr_delete_dom_alias\n")); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_delete_dom_alias(&q, alias_pol); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DELETE_DOM_ALIAS, - q, r, - qbuf, rbuf, - samr_io_q_delete_dom_alias, - samr_io_r_delete_dom_alias, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - result = r.status; - - return result; -} - -/* Delete domain user */ - -NTSTATUS rpccli_samr_delete_dom_user(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *user_pol) -{ - prs_struct qbuf, rbuf; - SAMR_Q_DELETE_DOM_USER q; - SAMR_R_DELETE_DOM_USER r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - DEBUG(10,("cli_samr_delete_dom_user\n")); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_delete_dom_user(&q, user_pol); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DELETE_DOM_USER, - q, r, - qbuf, rbuf, - samr_io_q_delete_dom_user, - samr_io_r_delete_dom_user, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - result = r.status; - - return result; -} - -/* Remove foreign SID */ - -NTSTATUS rpccli_samr_remove_sid_foreign_domain(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, - POLICY_HND *user_pol, - DOM_SID *sid) -{ - prs_struct qbuf, rbuf; - SAMR_Q_REMOVE_SID_FOREIGN_DOMAIN q; - SAMR_R_REMOVE_SID_FOREIGN_DOMAIN r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - DEBUG(10,("cli_samr_remove_sid_foreign_domain\n")); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_remove_sid_foreign_domain(&q, user_pol, sid); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_REMOVE_SID_FOREIGN_DOMAIN, - q, r, - qbuf, rbuf, - samr_io_q_remove_sid_foreign_domain, - samr_io_r_remove_sid_foreign_domain, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - result = r.status; - - return result; -} - -/* Query user security object */ - -NTSTATUS rpccli_samr_query_sec_obj(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *user_pol, uint32 sec_info, - TALLOC_CTX *ctx, SEC_DESC_BUF **sec_desc_buf) -{ - prs_struct qbuf, rbuf; - SAMR_Q_QUERY_SEC_OBJ q; - SAMR_R_QUERY_SEC_OBJ r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - DEBUG(10,("cli_samr_query_sec_obj\n")); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_query_sec_obj(&q, user_pol, sec_info); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_SEC_OBJECT, - q, r, - qbuf, rbuf, - samr_io_q_query_sec_obj, - samr_io_r_query_sec_obj, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - result = r.status; - *sec_desc_buf=dup_sec_desc_buf(ctx, r.buf); - - return result; -} - -/* Set user security object */ - -NTSTATUS rpccli_samr_set_sec_obj(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *user_pol, uint32 sec_info, - SEC_DESC_BUF *sec_desc_buf) -{ - prs_struct qbuf, rbuf; - SAMR_Q_SET_SEC_OBJ q; - SAMR_R_SET_SEC_OBJ r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - DEBUG(10,("cli_samr_set_sec_obj\n")); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_set_sec_obj(&q, user_pol, sec_info, sec_desc_buf); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_SEC_OBJECT, - q, r, - qbuf, rbuf, - samr_io_q_set_sec_obj, - samr_io_r_set_sec_obj, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - result = r.status; - - return result; -} - -/* Lookup Domain Name */ - -NTSTATUS rpccli_samr_lookup_domain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *user_pol, char *domain_name, - DOM_SID *sid) -{ - prs_struct qbuf, rbuf; - SAMR_Q_LOOKUP_DOMAIN q; - SAMR_R_LOOKUP_DOMAIN r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - DEBUG(10,("cli_samr_lookup_domain\n")); - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - /* Marshall data and send request */ - - init_samr_q_lookup_domain(&q, user_pol, domain_name); - - CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_LOOKUP_DOMAIN, - q, r, - qbuf, rbuf, - samr_io_q_lookup_domain, - samr_io_r_lookup_domain, - NT_STATUS_UNSUCCESSFUL); - - /* Return output parameters */ - - result = r.status; - - if (NT_STATUS_IS_OK(result)) - sid_copy(sid, &r.dom_sid.sid); - - return result; -} diff --git a/source3/rpc_parse/parse_eventlog.c b/source3/rpc_parse/parse_eventlog.c index 70226bca15..2ff217eb9e 100644 --- a/source3/rpc_parse/parse_eventlog.c +++ b/source3/rpc_parse/parse_eventlog.c @@ -25,154 +25,6 @@ /******************************************************************** ********************************************************************/ -bool prs_ev_open_unknown0( const char *desc, prs_struct *ps, int depth, EVENTLOG_OPEN_UNKNOWN0 *u ) -{ - if ( !u ) - return False; - - if ( !prs_uint16("", ps, depth, &u->unknown1) ) - return False; - if ( !prs_uint16("", ps, depth, &u->unknown2) ) - return False; - - return True; -} - -/******************************************************************** -********************************************************************/ - -bool eventlog_io_q_open_eventlog(const char *desc, EVENTLOG_Q_OPEN_EVENTLOG *q_u, - prs_struct *ps, int depth) -{ - if(q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "eventlog_io_q_open_eventlog"); - depth++; - - if(!prs_align(ps)) - return False; - - if ( !prs_pointer("", ps, depth, (void*)&q_u->unknown0, sizeof(EVENTLOG_OPEN_UNKNOWN0), (PRS_POINTER_CAST)prs_ev_open_unknown0)) - return False; - - if ( !prs_unistr4("logname", ps, depth, &q_u->logname) ) - return False; - if ( !prs_align(ps) ) - return False; - - if ( !prs_unistr4("servername", ps, depth, &q_u->servername) ) - return False; - if ( !prs_align(ps) ) - return False; - - if ( !prs_uint32("unknown1", ps, depth, &q_u->unknown1) ) - return False; - if ( !prs_uint32("unknown2", ps, depth, &q_u->unknown2) ) - return False; - - return True; -} - -bool eventlog_io_r_open_eventlog(const char *desc, EVENTLOG_R_OPEN_EVENTLOG *r_u, - prs_struct *ps, int depth) -{ - if(r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "eventlog_io_r_open_eventlog"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!(smb_io_pol_hnd("log handle", &(r_u->handle), ps, depth))) - return False; - - if(!(prs_ntstatus("status code", ps, depth, &r_u->status))) - return False; - - return True; -} - -bool eventlog_io_q_get_num_records(const char *desc, EVENTLOG_Q_GET_NUM_RECORDS *q_u, - prs_struct *ps, int depth) -{ - if(q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "eventlog_io_q_get_num_records"); - depth++; - - if(!(prs_align(ps))) - return False; - - if(!(smb_io_pol_hnd("log handle", &(q_u->handle), ps, depth))) - return False; - - return True; -} - -bool eventlog_io_r_get_num_records(const char *desc, EVENTLOG_R_GET_NUM_RECORDS *r_u, - prs_struct *ps, int depth) -{ - if(r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "eventlog_io_r_get_num_records"); - depth++; - - if(!(prs_align(ps))) - return False; - - if(!(prs_uint32("num records", ps, depth, &(r_u->num_records)))) - return False; - - if(!(prs_ntstatus("status code", ps, depth, &r_u->status))) - return False; - - return True; -} - -bool eventlog_io_q_get_oldest_entry(const char *desc, EVENTLOG_Q_GET_OLDEST_ENTRY *q_u, - prs_struct *ps, int depth) -{ - if(q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "eventlog_io_q_get_oldest_entry"); - depth++; - - if(!(prs_align(ps))) - return False; - - if(!(smb_io_pol_hnd("log handle", &(q_u->handle), ps, depth))) - return False; - - return True; -} - -bool eventlog_io_r_get_oldest_entry(const char *desc, EVENTLOG_R_GET_OLDEST_ENTRY *r_u, - prs_struct *ps, int depth) -{ - if(r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "eventlog_io_r_get_oldest_entry"); - depth++; - - if(!(prs_align(ps))) - return False; - - if(!(prs_uint32("oldest entry", ps, depth, &(r_u->oldest_entry)))) - return False; - - if(!(prs_ntstatus("status code", ps, depth, &r_u->status))) - return False; - - return True; -} - bool eventlog_io_q_read_eventlog(const char *desc, EVENTLOG_Q_READ_EVENTLOG *q_u, prs_struct *ps, int depth) { @@ -339,55 +191,3 @@ bool eventlog_io_r_read_eventlog(const char *desc, return True; } - -/** The windows client seems to be doing something funny with the file name - A call like - ClearEventLog(handle, "backup_file") - on the client side will result in the backup file name looking like this on the - server side: - \??\${CWD of client}\backup_file - If an absolute path gets specified, such as - ClearEventLog(handle, "C:\\temp\\backup_file") - then it is still mangled by the client into this: - \??\C:\temp\backup_file - when it is on the wire. - I'm not sure where the \?? is coming from, or why the ${CWD} of the client process - would be added in given that the backup file gets written on the server side. */ - -bool eventlog_io_q_clear_eventlog(const char *desc, EVENTLOG_Q_CLEAR_EVENTLOG *q_u, - prs_struct *ps, int depth) -{ - if(q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "eventlog_io_q_clear_eventlog"); - depth++; - - if(!prs_align(ps)) - return False; - if(!(smb_io_pol_hnd("log handle", &(q_u->handle), ps, depth))) - return False; - - if ( !prs_unistr4("backupfile", ps, depth, &q_u->backupfile) ) - return False; - - return True; - -} - -bool eventlog_io_r_clear_eventlog(const char *desc, EVENTLOG_R_CLEAR_EVENTLOG *r_u, - prs_struct *ps, int depth) -{ - if(r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "eventlog_io_r_clear_eventlog"); - depth++; - - if(!prs_align(ps)) - return False; - if(!(prs_ntstatus("status code", ps, depth, &r_u->status))) - return False; - - return True; -} diff --git a/source3/rpc_parse/parse_lsa.c b/source3/rpc_parse/parse_lsa.c index 1bddfba28e..daf4806392 100644 --- a/source3/rpc_parse/parse_lsa.c +++ b/source3/rpc_parse/parse_lsa.c @@ -419,66 +419,6 @@ bool lsa_io_r_open_pol2(const char *desc, LSA_R_OPEN_POL2 *out, prs_struct *ps, } /******************************************************************* -makes an LSA_Q_QUERY_SEC_OBJ structure. -********************************************************************/ - -void init_q_query_sec_obj(LSA_Q_QUERY_SEC_OBJ *in, const POLICY_HND *hnd, - uint32 sec_info) -{ - DEBUG(5, ("init_q_query_sec_obj\n")); - - in->pol = *hnd; - in->sec_info = sec_info; - - return; -} - -/******************************************************************* - Reads or writes an LSA_Q_QUERY_SEC_OBJ structure. -********************************************************************/ - -bool lsa_io_q_query_sec_obj(const char *desc, LSA_Q_QUERY_SEC_OBJ *in, - prs_struct *ps, int depth) -{ - prs_debug(ps, depth, desc, "lsa_io_q_query_sec_obj"); - depth++; - - if (!smb_io_pol_hnd("", &in->pol, ps, depth)) - return False; - - if (!prs_uint32("sec_info", ps, depth, &in->sec_info)) - return False; - - return True; -} - -/******************************************************************* - Reads or writes a LSA_R_QUERY_SEC_OBJ structure. -********************************************************************/ - -bool lsa_io_r_query_sec_obj(const char *desc, LSA_R_QUERY_SEC_OBJ *out, prs_struct *ps, int depth) -{ - prs_debug(ps, depth, desc, "lsa_io_r_query_sec_obj"); - depth++; - - if (!prs_align(ps)) - return False; - - if (!prs_uint32("ptr", ps, depth, &out->ptr)) - return False; - - if (out->ptr != 0) { - if (!sec_io_desc_buf("sec", &out->buf, ps, depth)) - return False; - } - - if (!prs_ntstatus("status", ps, depth, &out->status)) - return False; - - return True; -} - -/******************************************************************* Inits an LSA_Q_QUERY_INFO structure. ********************************************************************/ @@ -3266,34 +3206,3 @@ bool lsa_io_r_remove_acct_rights(const char *desc, LSA_R_REMOVE_ACCT_RIGHTS *out return True; } - -/******************************************************************* -********************************************************************/ - -bool lsa_io_q_delete_object(const char *desc, LSA_Q_DELETE_OBJECT *in, prs_struct *ps, int depth) -{ - prs_debug(ps, depth, desc, "lsa_io_q_delete_object"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("", &in->handle, ps, depth)) - return False; - - return True; -} - -/******************************************************************* -********************************************************************/ - -bool lsa_io_r_delete_object(const char *desc, LSA_R_DELETE_OBJECT *out, prs_struct *ps, int depth) -{ - prs_debug(ps, depth, desc, "lsa_io_r_delete_object"); - depth++; - - if(!prs_ntstatus("status", ps, depth, &out->status)) - return False; - - return True; -} diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c index 37f9ba05d6..1c2cf57b89 100644 --- a/source3/rpc_parse/parse_samr.c +++ b/source3/rpc_parse/parse_samr.c @@ -29,414 +29,146 @@ #define DBGC_CLASS DBGC_RPC_PARSE /******************************************************************* -inits a SAMR_Q_LOOKUP_DOMAIN structure. + inits a structure. ********************************************************************/ -void init_samr_q_lookup_domain(SAMR_Q_LOOKUP_DOMAIN * q_u, - POLICY_HND *pol, char *dom_name) +static void init_lsa_String(struct lsa_String *name, const char *s) { - DEBUG(5, ("init_samr_q_lookup_domain\n")); - - q_u->connect_pol = *pol; - - init_unistr2(&q_u->uni_domain, dom_name, UNI_FLAGS_NONE); - init_uni_hdr(&q_u->hdr_domain, &q_u->uni_domain); -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ -bool samr_io_q_lookup_domain(const char *desc, SAMR_Q_LOOKUP_DOMAIN * q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_lookup_domain"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("connect_pol", &q_u->connect_pol, ps, depth)) - return False; - - if(!smb_io_unihdr("hdr_domain", &q_u->hdr_domain, ps, depth)) - return False; - - if(!smb_io_unistr2("uni_domain", &q_u->uni_domain, q_u->hdr_domain.buffer, ps, depth)) - return False; - - return True; -} - -/******************************************************************* -inits a SAMR_R_LOOKUP_DOMAIN structure. -********************************************************************/ - -void init_samr_r_lookup_domain(SAMR_R_LOOKUP_DOMAIN * r_u, - DOM_SID *dom_sid, NTSTATUS status) -{ - DEBUG(5, ("init_samr_r_lookup_domain\n")); - - r_u->status = status; - r_u->ptr_sid = 0; - if (NT_STATUS_IS_OK(status)) { - r_u->ptr_sid = 1; - init_dom_sid2(&r_u->dom_sid, dom_sid); - } -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_lookup_domain(const char *desc, SAMR_R_LOOKUP_DOMAIN * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_lookup_domain"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_uint32("ptr", ps, depth, &r_u->ptr_sid)) - return False; - - if (r_u->ptr_sid != 0) { - if(!smb_io_dom_sid2("sid", &r_u->dom_sid, ps, depth)) - return False; - if(!prs_align(ps)) - return False; - } - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -void init_samr_q_remove_sid_foreign_domain(SAMR_Q_REMOVE_SID_FOREIGN_DOMAIN * q_u, POLICY_HND *dom_pol, DOM_SID *sid) -{ - DEBUG(5, ("samr_init_samr_q_remove_sid_foreign_domain\n")); - - q_u->dom_pol = *dom_pol; - init_dom_sid2(&q_u->sid, sid); -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_remove_sid_foreign_domain(const char *desc, SAMR_Q_REMOVE_SID_FOREIGN_DOMAIN * q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_remove_sid_foreign_domain"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("domain_pol", &q_u->dom_pol, ps, depth)) - return False; - - if(!smb_io_dom_sid2("sid", &q_u->sid, ps, depth)) - return False; - - if(!prs_align(ps)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_remove_sid_foreign_domain(const char *desc, SAMR_R_REMOVE_SID_FOREIGN_DOMAIN * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_remove_sid_foreign_domain"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -void init_samr_q_open_domain(SAMR_Q_OPEN_DOMAIN * q_u, - POLICY_HND *pol, uint32 flags, - const DOM_SID *sid) -{ - DEBUG(5, ("samr_init_samr_q_open_domain\n")); - - q_u->pol = *pol; - q_u->flags = flags; - init_dom_sid2(&q_u->dom_sid, sid); -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_open_domain(const char *desc, SAMR_Q_OPEN_DOMAIN * q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_open_domain"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("pol", &q_u->pol, ps, depth)) - return False; - - if(!prs_uint32("flags", ps, depth, &q_u->flags)) - return False; - - if(!smb_io_dom_sid2("sid", &q_u->dom_sid, ps, depth)) - return False; - - return True; + name->string = s; } /******************************************************************* -reads or writes a structure. + inits a structure. ********************************************************************/ -bool samr_io_r_open_domain(const char *desc, SAMR_R_OPEN_DOMAIN * r_u, - prs_struct *ps, int depth) +void init_samr_DomInfo1(struct samr_DomInfo1 *r, + uint16_t min_password_length, + uint16_t password_history_length, + uint32_t password_properties, + int64_t max_password_age, + int64_t min_password_age) { - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_open_domain"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("domain_pol", &r_u->domain_pol, ps, depth)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; + r->min_password_length = min_password_length; + r->password_history_length = password_history_length; + r->password_properties = password_properties; + r->max_password_age = max_password_age; + r->min_password_age = min_password_age; } /******************************************************************* -reads or writes a structure. + inits a structure. ********************************************************************/ -void init_samr_q_get_usrdom_pwinfo(SAMR_Q_GET_USRDOM_PWINFO * q_u, - POLICY_HND *user_pol) +void init_samr_DomInfo2(struct samr_DomInfo2 *r, + NTTIME force_logoff_time, + const char *comment, + const char *domain_name, + const char *primary, + uint64_t sequence_num, + uint32_t unknown2, + enum samr_Role role, + uint32_t unknown3, + uint32_t num_users, + uint32_t num_groups, + uint32_t num_aliases) { - DEBUG(5, ("samr_init_samr_q_get_usrdom_pwinfo\n")); - - q_u->user_pol = *user_pol; + r->force_logoff_time = force_logoff_time; + init_lsa_String(&r->comment, comment); + init_lsa_String(&r->domain_name, domain_name); + init_lsa_String(&r->primary, primary); + r->sequence_num = sequence_num; + r->unknown2 = unknown2; + r->role = role; + r->unknown3 = unknown3; + r->num_users = num_users; + r->num_groups = num_groups; + r->num_aliases = num_aliases; } /******************************************************************* -reads or writes a structure. + inits a structure. ********************************************************************/ -bool samr_io_q_get_usrdom_pwinfo(const char *desc, SAMR_Q_GET_USRDOM_PWINFO * q_u, - prs_struct *ps, int depth) +void init_samr_DomInfo3(struct samr_DomInfo3 *r, + NTTIME force_logoff_time) { - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_get_usrdom_pwinfo"); - depth++; - - if(!prs_align(ps)) - return False; - - return smb_io_pol_hnd("user_pol", &q_u->user_pol, ps, depth); + r->force_logoff_time = force_logoff_time; } /******************************************************************* - Init. + inits a structure. ********************************************************************/ -void init_samr_r_get_usrdom_pwinfo(SAMR_R_GET_USRDOM_PWINFO *r_u, NTSTATUS status) +void init_samr_DomInfo4(struct samr_DomInfo4 *r, + const char *comment) { - DEBUG(5, ("init_samr_r_get_usrdom_pwinfo\n")); - - r_u->min_pwd_length = 0x0000; - - /* - * used to be - * r_u->unknown_1 = 0x0015; - * but for trusts. - */ - r_u->unknown_1 = 0x01D1; - r_u->unknown_1 = 0x0015; - - r_u->password_properties = 0x00000000; - - r_u->status = status; + init_lsa_String(&r->comment, comment); } /******************************************************************* -reads or writes a structure. + inits a structure. ********************************************************************/ -bool samr_io_r_get_usrdom_pwinfo(const char *desc, SAMR_R_GET_USRDOM_PWINFO * r_u, - prs_struct *ps, int depth) +void init_samr_DomInfo5(struct samr_DomInfo5 *r, + const char *domain_name) { - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_get_usrdom_pwinfo"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_uint16("min_pwd_length", ps, depth, &r_u->min_pwd_length)) - return False; - if(!prs_uint16("unknown_1", ps, depth, &r_u->unknown_1)) - return False; - if(!prs_uint32("password_properties", ps, depth, &r_u->password_properties)) - return False; - - if(!prs_ntstatus("status ", ps, depth, &r_u->status)) - return False; - - return True; + init_lsa_String(&r->domain_name, domain_name); } - /******************************************************************* -reads or writes a structure. + inits a structure. ********************************************************************/ -bool samr_io_q_set_sec_obj(const char *desc, SAMR_Q_SET_SEC_OBJ * q_u, - prs_struct *ps, int depth) +void init_samr_DomInfo6(struct samr_DomInfo6 *r, + const char *primary) { - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_set_sec_obj"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("pol", &q_u->pol, ps, depth)) - return False; - - if(!prs_uint32("sec_info", ps, depth, &q_u->sec_info)) - return False; - - if(!sec_io_desc_buf("sec_desc", &q_u->buf, ps, depth)) - return False; - - return True; + init_lsa_String(&r->primary, primary); } - /******************************************************************* -reads or writes a structure. + inits a structure. ********************************************************************/ -void init_samr_q_query_sec_obj(SAMR_Q_QUERY_SEC_OBJ * q_u, - POLICY_HND *user_pol, uint32 sec_info) +void init_samr_DomInfo7(struct samr_DomInfo7 *r, + enum samr_Role role) { - DEBUG(5, ("samr_init_samr_q_query_sec_obj\n")); - - q_u->user_pol = *user_pol; - q_u->sec_info = sec_info; + r->role = role; } - /******************************************************************* -reads or writes a structure. + inits a structure. ********************************************************************/ -bool samr_io_q_query_sec_obj(const char *desc, SAMR_Q_QUERY_SEC_OBJ * q_u, - prs_struct *ps, int depth) +void init_samr_DomInfo8(struct samr_DomInfo8 *r, + uint64_t sequence_num, + NTTIME domain_create_time) { - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_query_sec_obj"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("user_pol", &q_u->user_pol, ps, depth)) - return False; - - if(!prs_uint32("sec_info", ps, depth, &q_u->sec_info)) - return False; - - return True; + r->sequence_num = sequence_num; + r->domain_create_time = domain_create_time; } /******************************************************************* -reads or writes a structure. + inits a structure. ********************************************************************/ -void init_samr_q_query_domain_info(SAMR_Q_QUERY_DOMAIN_INFO * q_u, - POLICY_HND *domain_pol, uint16 switch_value) +void init_samr_DomInfo9(struct samr_DomInfo9 *r, + uint32_t unknown) { - DEBUG(5, ("samr_init_samr_q_query_domain_info\n")); - - q_u->domain_pol = *domain_pol; - q_u->switch_value = switch_value; + r->unknown = unknown; } /******************************************************************* -reads or writes a structure. + inits a structure. ********************************************************************/ -bool samr_io_q_query_domain_info(const char *desc, SAMR_Q_QUERY_DOMAIN_INFO * q_u, - prs_struct *ps, int depth) +void init_samr_DomInfo12(struct samr_DomInfo12 *r, + uint64_t lockout_duration, + uint64_t lockout_window, + uint16_t lockout_threshold) { - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_query_domain_info"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("domain_pol", &q_u->domain_pol, ps, depth)) - return False; - - if(!prs_uint16("switch_value", ps, depth, &q_u->switch_value)) - return False; - - return True; + r->lockout_duration = lockout_duration; + r->lockout_window = lockout_window; + r->lockout_threshold = lockout_threshold; } /******************************************************************* @@ -490,546 +222,6 @@ static bool sam_io_unk_info1(const char *desc, SAM_UNK_INFO_1 * u_1, } /******************************************************************* -inits a structure. -********************************************************************/ - -void init_unk_info2(SAM_UNK_INFO_2 * u_2, - const char *comment, const char *domain, const char *server, - uint32 seq_num, uint32 num_users, uint32 num_groups, uint32 num_alias, NTTIME nt_logout, uint32 server_role) -{ - u_2->logout = nt_logout; - - u_2->seq_num = seq_num; - - - u_2->unknown_4 = 0x00000001; - u_2->server_role = server_role; - u_2->unknown_6 = 0x00000001; - u_2->num_domain_usrs = num_users; - u_2->num_domain_grps = num_groups; - u_2->num_local_grps = num_alias; - - init_unistr2(&u_2->uni_comment, comment, UNI_FLAGS_NONE); - init_uni_hdr(&u_2->hdr_comment, &u_2->uni_comment); - init_unistr2(&u_2->uni_domain, domain, UNI_FLAGS_NONE); - init_uni_hdr(&u_2->hdr_domain, &u_2->uni_domain); - init_unistr2(&u_2->uni_server, server, UNI_FLAGS_NONE); - init_uni_hdr(&u_2->hdr_server, &u_2->uni_server); -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -static bool sam_io_unk_info2(const char *desc, SAM_UNK_INFO_2 * u_2, - prs_struct *ps, int depth) -{ - if (u_2 == NULL) - return False; - - prs_debug(ps, depth, desc, "sam_io_unk_info2"); - depth++; - - if(!smb_io_time("logout", &u_2->logout, ps, depth)) - return False; - if(!smb_io_unihdr("hdr_comment", &u_2->hdr_comment, ps, depth)) - return False; - if(!smb_io_unihdr("hdr_domain", &u_2->hdr_domain, ps, depth)) - return False; - if(!smb_io_unihdr("hdr_server", &u_2->hdr_server, ps, depth)) - return False; - - /* put all the data in here, at the moment, including what the above - pointer is referring to - */ - - if(!prs_uint64("seq_num ", ps, depth, &u_2->seq_num)) - return False; - - if(!prs_uint32("unknown_4 ", ps, depth, &u_2->unknown_4)) /* 0x0000 0001 */ - return False; - if(!prs_uint32("server_role ", ps, depth, &u_2->server_role)) - return False; - if(!prs_uint32("unknown_6 ", ps, depth, &u_2->unknown_6)) /* 0x0000 0001 */ - return False; - if(!prs_uint32("num_domain_usrs ", ps, depth, &u_2->num_domain_usrs)) - return False; - if(!prs_uint32("num_domain_grps", ps, depth, &u_2->num_domain_grps)) - return False; - if(!prs_uint32("num_local_grps", ps, depth, &u_2->num_local_grps)) - return False; - - if(!smb_io_unistr2("uni_comment", &u_2->uni_comment, u_2->hdr_comment.buffer, ps, depth)) - return False; - if(!smb_io_unistr2("uni_domain", &u_2->uni_domain, u_2->hdr_domain.buffer, ps, depth)) - return False; - if(!smb_io_unistr2("uni_server", &u_2->uni_server, u_2->hdr_server.buffer, ps, depth)) - return False; - - return True; -} - -/******************************************************************* -inits a structure. -********************************************************************/ - -void init_unk_info3(SAM_UNK_INFO_3 *u_3, NTTIME nt_logout) -{ - u_3->logout = nt_logout; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -static bool sam_io_unk_info3(const char *desc, SAM_UNK_INFO_3 * u_3, - prs_struct *ps, int depth) -{ - if (u_3 == NULL) - return False; - - prs_debug(ps, depth, desc, "sam_io_unk_info3"); - depth++; - - if(!smb_io_time("logout", &u_3->logout, ps, depth)) - return False; - - return True; -} - -/******************************************************************* -inits a structure. -********************************************************************/ - -void init_unk_info4(SAM_UNK_INFO_4 * u_4,const char *comment) -{ - init_unistr2(&u_4->uni_comment, comment, UNI_FLAGS_NONE); - init_uni_hdr(&u_4->hdr_comment, &u_4->uni_comment); -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -static bool sam_io_unk_info4(const char *desc, SAM_UNK_INFO_4 * u_4, - prs_struct *ps, int depth) -{ - if (u_4 == NULL) - return False; - - prs_debug(ps, depth, desc, "sam_io_unk_info4"); - depth++; - - if(!smb_io_unihdr("hdr_comment", &u_4->hdr_comment, ps, depth)) - return False; - - if(!smb_io_unistr2("uni_comment", &u_4->uni_comment, u_4->hdr_comment.buffer, ps, depth)) - return False; - - return True; -} - -/******************************************************************* -inits a structure. -********************************************************************/ - -void init_unk_info5(SAM_UNK_INFO_5 * u_5,const char *domain) -{ - init_unistr2(&u_5->uni_domain, domain, UNI_FLAGS_NONE); - init_uni_hdr(&u_5->hdr_domain, &u_5->uni_domain); -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -static bool sam_io_unk_info5(const char *desc, SAM_UNK_INFO_5 * u_5, - prs_struct *ps, int depth) -{ - if (u_5 == NULL) - return False; - - prs_debug(ps, depth, desc, "sam_io_unk_info5"); - depth++; - - if(!smb_io_unihdr("hdr_domain", &u_5->hdr_domain, ps, depth)) - return False; - - if(!smb_io_unistr2("uni_domain", &u_5->uni_domain, u_5->hdr_domain.buffer, ps, depth)) - return False; - - return True; -} - -/******************************************************************* -inits a structure. -********************************************************************/ - -void init_unk_info6(SAM_UNK_INFO_6 * u_6, const char *server) -{ - init_unistr2(&u_6->uni_server, server, UNI_FLAGS_NONE); - init_uni_hdr(&u_6->hdr_server, &u_6->uni_server); -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -static bool sam_io_unk_info6(const char *desc, SAM_UNK_INFO_6 * u_6, - prs_struct *ps, int depth) -{ - if (u_6 == NULL) - return False; - - prs_debug(ps, depth, desc, "sam_io_unk_info6"); - depth++; - - if(!smb_io_unihdr("hdr_server", &u_6->hdr_server, ps, depth)) - return False; - - if(!smb_io_unistr2("uni_server", &u_6->uni_server, u_6->hdr_server.buffer, ps, depth)) - return False; - - return True; -} - -/******************************************************************* -inits a structure. -********************************************************************/ - -void init_unk_info7(SAM_UNK_INFO_7 * u_7, uint32 server_role) -{ - u_7->server_role = server_role; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -static bool sam_io_unk_info7(const char *desc, SAM_UNK_INFO_7 * u_7, - prs_struct *ps, int depth) -{ - if (u_7 == NULL) - return False; - - prs_debug(ps, depth, desc, "sam_io_unk_info7"); - depth++; - - if(!prs_uint16("server_role", ps, depth, &u_7->server_role)) - return False; - - return True; -} - -/******************************************************************* -inits a structure. -********************************************************************/ - -void init_unk_info8(SAM_UNK_INFO_8 * u_8, uint32 seq_num) -{ - unix_to_nt_time(&u_8->domain_create_time, 0); - u_8->seq_num = seq_num; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -static bool sam_io_unk_info8(const char *desc, SAM_UNK_INFO_8 * u_8, - prs_struct *ps, int depth) -{ - if (u_8 == NULL) - return False; - - prs_debug(ps, depth, desc, "sam_io_unk_info8"); - depth++; - - if (!prs_uint64("seq_num", ps, depth, &u_8->seq_num)) - return False; - - if(!smb_io_time("domain_create_time", &u_8->domain_create_time, ps, depth)) - return False; - - return True; -} - -/******************************************************************* -inits a structure. -********************************************************************/ - -void init_unk_info9(SAM_UNK_INFO_9 * u_9, uint32 unknown) -{ - u_9->unknown = unknown; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -static bool sam_io_unk_info9(const char *desc, SAM_UNK_INFO_9 * u_9, - prs_struct *ps, int depth) -{ - if (u_9 == NULL) - return False; - - prs_debug(ps, depth, desc, "sam_io_unk_info9"); - depth++; - - if (!prs_uint32("unknown", ps, depth, &u_9->unknown)) - return False; - - return True; -} - -/******************************************************************* -inits a structure. -********************************************************************/ - -void init_unk_info12(SAM_UNK_INFO_12 * u_12, NTTIME nt_lock_duration, NTTIME nt_reset_time, uint16 lockout) -{ - u_12->duration = nt_lock_duration; - u_12->reset_count = nt_reset_time; - - u_12->bad_attempt_lockout = lockout; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -static bool sam_io_unk_info12(const char *desc, SAM_UNK_INFO_12 * u_12, - prs_struct *ps, int depth) -{ - if (u_12 == NULL) - return False; - - prs_debug(ps, depth, desc, "sam_io_unk_info12"); - depth++; - - if(!smb_io_time("duration", &u_12->duration, ps, depth)) - return False; - if(!smb_io_time("reset_count", &u_12->reset_count, ps, depth)) - return False; - if(!prs_uint16("bad_attempt_lockout", ps, depth, &u_12->bad_attempt_lockout)) - return False; - - return True; -} - -/******************************************************************* -inits a structure. -********************************************************************/ - -void init_unk_info13(SAM_UNK_INFO_13 * u_13, uint32 seq_num) -{ - unix_to_nt_time(&u_13->domain_create_time, 0); - u_13->seq_num = seq_num; - u_13->unknown1 = 0; - u_13->unknown2 = 0; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -static bool sam_io_unk_info13(const char *desc, SAM_UNK_INFO_13 * u_13, - prs_struct *ps, int depth) -{ - if (u_13 == NULL) - return False; - - prs_debug(ps, depth, desc, "sam_io_unk_info13"); - depth++; - - if (!prs_uint64("seq_num", ps, depth, &u_13->seq_num)) - return False; - - if(!smb_io_time("domain_create_time", &u_13->domain_create_time, ps, depth)) - return False; - - if (!prs_uint32("unknown1", ps, depth, &u_13->unknown1)) - return False; - if (!prs_uint32("unknown2", ps, depth, &u_13->unknown2)) - return False; - - return True; -} - -/******************************************************************* -inits a SAMR_R_QUERY_DOMAIN_INFO structure. -********************************************************************/ - -void init_samr_r_query_domain_info(SAMR_R_QUERY_DOMAIN_INFO * r_u, - uint16 switch_value, SAM_UNK_CTR * ctr, - NTSTATUS status) -{ - DEBUG(5, ("init_samr_r_query_domain_info\n")); - - r_u->ptr_0 = 0; - r_u->switch_value = 0; - r_u->status = status; /* return status */ - - if (NT_STATUS_IS_OK(status)) { - r_u->switch_value = switch_value; - r_u->ptr_0 = 1; - r_u->ctr = ctr; - } -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_query_domain_info(const char *desc, SAMR_R_QUERY_DOMAIN_INFO * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_query_domain_info"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_uint32("ptr_0 ", ps, depth, &r_u->ptr_0)) - return False; - - if (r_u->ptr_0 != 0 && r_u->ctr != NULL) { - if(!prs_uint16("switch_value", ps, depth, &r_u->switch_value)) - return False; - if(!prs_align(ps)) - return False; - - switch (r_u->switch_value) { - case 0x0d: - if(!sam_io_unk_info13("unk_inf13", &r_u->ctr->info.inf13, ps, depth)) - return False; - break; - case 0x0c: - if(!sam_io_unk_info12("unk_inf12", &r_u->ctr->info.inf12, ps, depth)) - return False; - break; - case 0x09: - if(!sam_io_unk_info9("unk_inf9",&r_u->ctr->info.inf9, ps,depth)) - return False; - break; - case 0x08: - if(!sam_io_unk_info8("unk_inf8",&r_u->ctr->info.inf8, ps,depth)) - return False; - break; - case 0x07: - if(!sam_io_unk_info7("unk_inf7",&r_u->ctr->info.inf7, ps,depth)) - return False; - break; - case 0x06: - if(!sam_io_unk_info6("unk_inf6",&r_u->ctr->info.inf6, ps,depth)) - return False; - break; - case 0x05: - if(!sam_io_unk_info5("unk_inf5",&r_u->ctr->info.inf5, ps,depth)) - return False; - break; - case 0x04: - if(!sam_io_unk_info4("unk_inf4",&r_u->ctr->info.inf4, ps,depth)) - return False; - break; - case 0x03: - if(!sam_io_unk_info3("unk_inf3",&r_u->ctr->info.inf3, ps,depth)) - return False; - break; - case 0x02: - if(!sam_io_unk_info2("unk_inf2",&r_u->ctr->info.inf2, ps,depth)) - return False; - break; - case 0x01: - if(!sam_io_unk_info1("unk_inf1",&r_u->ctr->info.inf1, ps,depth)) - return False; - break; - default: - DEBUG(0, ("samr_io_r_query_domain_info: unknown switch level 0x%x\n", - r_u->switch_value)); - r_u->status = NT_STATUS_INVALID_INFO_CLASS; - return False; - } - } - - if(!prs_align(ps)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -void init_samr_q_set_sec_obj(SAMR_Q_SET_SEC_OBJ * q_u, - POLICY_HND *pol, uint32 sec_info, SEC_DESC_BUF *buf) -{ - DEBUG(5, ("samr_init_samr_q_set_sec_obj\n")); - - q_u->pol = *pol; - q_u->sec_info = sec_info; - q_u->buf = buf; -} - - -/******************************************************************* -reads or writes a SAMR_R_SET_SEC_OBJ structure. -********************************************************************/ - -bool samr_io_r_set_sec_obj(const char *desc, SAMR_R_SET_SEC_OBJ * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_set_sec_obj"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a SAMR_R_QUERY_SEC_OBJ structure. -********************************************************************/ - -bool samr_io_r_query_sec_obj(const char *desc, SAMR_R_QUERY_SEC_OBJ * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_query_sec_obj"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_uint32("ptr", ps, depth, &r_u->ptr)) - return False; - if (r_u->ptr != 0) { - if(!sec_io_desc_buf("sec", &r_u->buf, ps, depth)) - return False; - } - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* reads or writes a SAM_STR1 structure. ********************************************************************/ @@ -2117,73 +1309,6 @@ bool samr_io_r_query_dispinfo(const char *desc, SAMR_R_QUERY_DISPINFO * r_u, } /******************************************************************* -inits a SAMR_Q_OPEN_GROUP structure. -********************************************************************/ - -void init_samr_q_open_group(SAMR_Q_OPEN_GROUP * q_c, - POLICY_HND *hnd, - uint32 access_mask, uint32 rid) -{ - DEBUG(5, ("init_samr_q_open_group\n")); - - q_c->domain_pol = *hnd; - q_c->access_mask = access_mask; - q_c->rid_group = rid; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_open_group(const char *desc, SAMR_Q_OPEN_GROUP * q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_open_group"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("domain_pol", &q_u->domain_pol, ps, depth)) - return False; - - if(!prs_uint32("access_mask", ps, depth, &q_u->access_mask)) - return False; - if(!prs_uint32("rid_group", ps, depth, &q_u->rid_group)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_open_group(const char *desc, SAMR_R_OPEN_GROUP * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_open_group"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("pol", &r_u->pol, ps, depth)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* inits a GROUP_INFO1 structure. ********************************************************************/ @@ -2463,290 +1588,6 @@ static bool samr_group_info_ctr(const char *desc, GROUP_INFO_CTR **ctr, } /******************************************************************* -inits a SAMR_Q_CREATE_DOM_GROUP structure. -********************************************************************/ - -void init_samr_q_create_dom_group(SAMR_Q_CREATE_DOM_GROUP * q_e, - POLICY_HND *pol, const char *acct_desc, - uint32 access_mask) -{ - DEBUG(5, ("init_samr_q_create_dom_group\n")); - - q_e->pol = *pol; - - init_unistr2(&q_e->uni_acct_desc, acct_desc, UNI_FLAGS_NONE); - init_uni_hdr(&q_e->hdr_acct_desc, &q_e->uni_acct_desc); - - q_e->access_mask = access_mask; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_create_dom_group(const char *desc, SAMR_Q_CREATE_DOM_GROUP * q_e, - prs_struct *ps, int depth) -{ - if (q_e == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_create_dom_group"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("pol", &q_e->pol, ps, depth)) - return False; - - if(!smb_io_unihdr("hdr_acct_desc", &q_e->hdr_acct_desc, ps, depth)) - return False; - if(!smb_io_unistr2("uni_acct_desc", &q_e->uni_acct_desc, - q_e->hdr_acct_desc.buffer, ps, depth)) - return False; - - if(!prs_align(ps)) - return False; - if(!prs_uint32("access", ps, depth, &q_e->access_mask)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_create_dom_group(const char *desc, SAMR_R_CREATE_DOM_GROUP * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_create_dom_group"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("pol", &r_u->pol, ps, depth)) - return False; - - if(!prs_uint32("rid ", ps, depth, &r_u->rid)) - return False; - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* -inits a SAMR_Q_DELETE_DOM_GROUP structure. -********************************************************************/ - -void init_samr_q_delete_dom_group(SAMR_Q_DELETE_DOM_GROUP * q_c, - POLICY_HND *hnd) -{ - DEBUG(5, ("init_samr_q_delete_dom_group\n")); - - q_c->group_pol = *hnd; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_delete_dom_group(const char *desc, SAMR_Q_DELETE_DOM_GROUP * q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_delete_dom_group"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("group_pol", &q_u->group_pol, ps, depth)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_delete_dom_group(const char *desc, SAMR_R_DELETE_DOM_GROUP * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_delete_dom_group"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("pol", &r_u->pol, ps, depth)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* -inits a SAMR_Q_DEL_GROUPMEM structure. -********************************************************************/ - -void init_samr_q_del_groupmem(SAMR_Q_DEL_GROUPMEM * q_e, - POLICY_HND *pol, uint32 rid) -{ - DEBUG(5, ("init_samr_q_del_groupmem\n")); - - q_e->pol = *pol; - q_e->rid = rid; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_del_groupmem(const char *desc, SAMR_Q_DEL_GROUPMEM * q_e, - prs_struct *ps, int depth) -{ - if (q_e == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_del_groupmem"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("pol", &q_e->pol, ps, depth)) - return False; - - if(!prs_uint32("rid", ps, depth, &q_e->rid)) - return False; - - return True; -} - -/******************************************************************* -inits a SAMR_R_DEL_GROUPMEM structure. -********************************************************************/ - -void init_samr_r_del_groupmem(SAMR_R_DEL_GROUPMEM * r_u, POLICY_HND *pol, - NTSTATUS status) -{ - DEBUG(5, ("init_samr_r_del_groupmem\n")); - - r_u->status = status; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_del_groupmem(const char *desc, SAMR_R_DEL_GROUPMEM * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_del_groupmem"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* -inits a SAMR_Q_ADD_GROUPMEM structure. -********************************************************************/ - -void init_samr_q_add_groupmem(SAMR_Q_ADD_GROUPMEM * q_e, - POLICY_HND *pol, uint32 rid) -{ - DEBUG(5, ("init_samr_q_add_groupmem\n")); - - q_e->pol = *pol; - q_e->rid = rid; - q_e->unknown = 0x0005; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_add_groupmem(const char *desc, SAMR_Q_ADD_GROUPMEM * q_e, - prs_struct *ps, int depth) -{ - if (q_e == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_add_groupmem"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("pol", &q_e->pol, ps, depth)) - return False; - - if(!prs_uint32("rid ", ps, depth, &q_e->rid)) - return False; - if(!prs_uint32("unknown", ps, depth, &q_e->unknown)) - return False; - - return True; -} - -/******************************************************************* -inits a SAMR_R_ADD_GROUPMEM structure. -********************************************************************/ - -void init_samr_r_add_groupmem(SAMR_R_ADD_GROUPMEM * r_u, POLICY_HND *pol, - NTSTATUS status) -{ - DEBUG(5, ("init_samr_r_add_groupmem\n")); - - r_u->status = status; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_add_groupmem(const char *desc, SAMR_R_ADD_GROUPMEM * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_add_groupmem"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* inits a SAMR_Q_SET_GROUPINFO structure. ********************************************************************/ @@ -2903,139 +1744,6 @@ bool samr_io_r_query_groupinfo(const char *desc, SAMR_R_QUERY_GROUPINFO * r_u, } /******************************************************************* -inits a SAMR_Q_QUERY_GROUPMEM structure. -********************************************************************/ - -void init_samr_q_query_groupmem(SAMR_Q_QUERY_GROUPMEM * q_c, POLICY_HND *hnd) -{ - DEBUG(5, ("init_samr_q_query_groupmem\n")); - - q_c->group_pol = *hnd; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_query_groupmem(const char *desc, SAMR_Q_QUERY_GROUPMEM * q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_query_groupmem"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("group_pol", &q_u->group_pol, ps, depth)) - return False; - - return True; -} - -/******************************************************************* -inits a SAMR_R_QUERY_GROUPMEM structure. -********************************************************************/ - -void init_samr_r_query_groupmem(SAMR_R_QUERY_GROUPMEM * r_u, - uint32 num_entries, uint32 *rid, - uint32 *attr, NTSTATUS status) -{ - DEBUG(5, ("init_samr_r_query_groupmem\n")); - - if (NT_STATUS_IS_OK(status)) { - r_u->ptr = 1; - r_u->num_entries = num_entries; - - r_u->ptr_attrs = attr != NULL ? 1 : 0; - r_u->ptr_rids = rid != NULL ? 1 : 0; - - r_u->num_rids = num_entries; - r_u->rid = rid; - - r_u->num_attrs = num_entries; - r_u->attr = attr; - } else { - r_u->ptr = 0; - r_u->num_entries = 0; - } - - r_u->status = status; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_query_groupmem(const char *desc, SAMR_R_QUERY_GROUPMEM * r_u, - prs_struct *ps, int depth) -{ - uint32 i; - - if (r_u == NULL) - return False; - - if (UNMARSHALLING(ps)) - ZERO_STRUCTP(r_u); - - prs_debug(ps, depth, desc, "samr_io_r_query_groupmem"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_uint32("ptr", ps, depth, &r_u->ptr)) - return False; - if(!prs_uint32("num_entries ", ps, depth, &r_u->num_entries)) - return False; - - if (r_u->ptr != 0) { - if(!prs_uint32("ptr_rids ", ps, depth, &r_u->ptr_rids)) - return False; - if(!prs_uint32("ptr_attrs", ps, depth, &r_u->ptr_attrs)) - return False; - - if (r_u->ptr_rids != 0) { - if(!prs_uint32("num_rids", ps, depth, &r_u->num_rids)) - return False; - if (UNMARSHALLING(ps) && r_u->num_rids != 0) { - r_u->rid = PRS_ALLOC_MEM(ps,uint32,r_u->num_rids); - if (r_u->rid == NULL) - return False; - } - - for (i = 0; i < r_u->num_rids; i++) { - if(!prs_uint32("", ps, depth, &r_u->rid[i])) - return False; - } - } - - if (r_u->ptr_attrs != 0) { - if(!prs_uint32("num_attrs", ps, depth, &r_u->num_attrs)) - return False; - - if (UNMARSHALLING(ps) && r_u->num_attrs != 0) { - r_u->attr = PRS_ALLOC_MEM(ps,uint32,r_u->num_attrs); - if (r_u->attr == NULL) - return False; - } - - for (i = 0; i < r_u->num_attrs; i++) { - if(!prs_uint32("", ps, depth, &r_u->attr[i])) - return False; - } - } - } - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* inits a SAMR_Q_QUERY_USERGROUPS structure. ********************************************************************/ @@ -3859,251 +2567,6 @@ bool samr_io_r_set_aliasinfo(const char *desc, SAMR_R_SET_ALIASINFO * r_u, } /******************************************************************* -inits a SAMR_Q_QUERY_USERALIASES structure. -********************************************************************/ - -void init_samr_q_query_useraliases(SAMR_Q_QUERY_USERALIASES * q_u, - POLICY_HND *hnd, - uint32 num_sids, - uint32 *ptr_sid, DOM_SID2 * sid) -{ - DEBUG(5, ("init_samr_q_query_useraliases\n")); - - q_u->pol = *hnd; - - q_u->num_sids1 = num_sids; - q_u->ptr = 1; - q_u->num_sids2 = num_sids; - - q_u->ptr_sid = ptr_sid; - q_u->sid = sid; -} - -/******************************************************************* -reads or writes a SAMR_Q_QUERY_USERALIASES structure. -********************************************************************/ - -bool samr_io_q_query_useraliases(const char *desc, SAMR_Q_QUERY_USERALIASES * q_u, - prs_struct *ps, int depth) -{ - fstring tmp; - uint32 i; - - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_query_useraliases"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("pol", &q_u->pol, ps, depth)) - return False; - - if(!prs_uint32("num_sids1", ps, depth, &q_u->num_sids1)) - return False; - if(!prs_uint32("ptr ", ps, depth, &q_u->ptr)) - return False; - - if (q_u->ptr==0) - return True; - - if(!prs_uint32("num_sids2", ps, depth, &q_u->num_sids2)) - return False; - - if (UNMARSHALLING(ps) && (q_u->num_sids2 != 0)) { - q_u->ptr_sid = PRS_ALLOC_MEM(ps,uint32,q_u->num_sids2); - if (q_u->ptr_sid == NULL) - return False; - - q_u->sid = PRS_ALLOC_MEM(ps, DOM_SID2, q_u->num_sids2); - if (q_u->sid == NULL) - return False; - } - - for (i = 0; i < q_u->num_sids2; i++) { - slprintf(tmp, sizeof(tmp) - 1, "ptr[%02d]", i); - if(!prs_uint32(tmp, ps, depth, &q_u->ptr_sid[i])) - return False; - } - - for (i = 0; i < q_u->num_sids2; i++) { - if (q_u->ptr_sid[i] != 0) { - slprintf(tmp, sizeof(tmp) - 1, "sid[%02d]", i); - if(!smb_io_dom_sid2(tmp, &q_u->sid[i], ps, depth)) - return False; - } - } - - return True; -} - -/******************************************************************* -inits a SAMR_R_QUERY_USERALIASES structure. -********************************************************************/ - -void init_samr_r_query_useraliases(SAMR_R_QUERY_USERALIASES * r_u, - uint32 num_rids, uint32 *rid, - NTSTATUS status) -{ - DEBUG(5, ("init_samr_r_query_useraliases\n")); - - if (NT_STATUS_IS_OK(status)) { - r_u->num_entries = num_rids; - r_u->ptr = 1; - r_u->num_entries2 = num_rids; - - r_u->rid = rid; - } else { - r_u->num_entries = 0; - r_u->ptr = 0; - r_u->num_entries2 = 0; - } - - r_u->status = status; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_rids(const char *desc, uint32 *num_rids, uint32 **rid, - prs_struct *ps, int depth) -{ - fstring tmp; - uint32 i; - if (rid == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_rids"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_uint32("num_rids", ps, depth, num_rids)) - return False; - - if ((*num_rids) != 0) { - if (UNMARSHALLING(ps)) { - /* reading */ - (*rid) = PRS_ALLOC_MEM(ps,uint32, *num_rids); - } - if ((*rid) == NULL) - return False; - - for (i = 0; i < (*num_rids); i++) { - slprintf(tmp, sizeof(tmp) - 1, "rid[%02d]", i); - if(!prs_uint32(tmp, ps, depth, &((*rid)[i]))) - return False; - } - } - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_query_useraliases(const char *desc, SAMR_R_QUERY_USERALIASES * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_query_useraliases"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_uint32("num_entries", ps, depth, &r_u->num_entries)) - return False; - if(!prs_uint32("ptr ", ps, depth, &r_u->ptr)) - return False; - - if (r_u->ptr != 0) { - if(!samr_io_rids("rids", &r_u->num_entries2, &r_u->rid, ps, depth)) - return False; - } - - if(!prs_align(ps)) - return False; - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* -inits a SAMR_Q_OPEN_ALIAS structure. -********************************************************************/ - -void init_samr_q_open_alias(SAMR_Q_OPEN_ALIAS * q_u, POLICY_HND *pol, - uint32 access_mask, uint32 rid) -{ - DEBUG(5, ("init_samr_q_open_alias\n")); - - q_u->dom_pol = *pol; - q_u->access_mask = access_mask; - q_u->rid_alias = rid; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_open_alias(const char *desc, SAMR_Q_OPEN_ALIAS * q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_open_alias"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("domain_pol", &q_u->dom_pol, ps, depth)) - return False; - - if(!prs_uint32("access_mask", ps, depth, &q_u->access_mask)) - return False; - if(!prs_uint32("rid_alias", ps, depth, &q_u->rid_alias)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_open_alias(const char *desc, SAMR_R_OPEN_ALIAS * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_open_alias"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("pol", &r_u->pol, ps, depth)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* inits a SAMR_Q_LOOKUP_RIDS structure. ********************************************************************/ @@ -4302,460 +2765,6 @@ bool samr_io_r_lookup_rids(const char *desc, SAMR_R_LOOKUP_RIDS * r_u, } /******************************************************************* -inits a SAMR_Q_OPEN_ALIAS structure. -********************************************************************/ - -void init_samr_q_delete_alias(SAMR_Q_DELETE_DOM_ALIAS * q_u, POLICY_HND *hnd) -{ - DEBUG(5, ("init_samr_q_delete_alias\n")); - - q_u->alias_pol = *hnd; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_delete_alias(const char *desc, SAMR_Q_DELETE_DOM_ALIAS * q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_delete_alias"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("alias_pol", &q_u->alias_pol, ps, depth)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_delete_alias(const char *desc, SAMR_R_DELETE_DOM_ALIAS * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_delete_alias"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("pol", &r_u->pol, ps, depth)) - return False; - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* -inits a SAMR_Q_CREATE_DOM_ALIAS structure. -********************************************************************/ - -void init_samr_q_create_dom_alias(SAMR_Q_CREATE_DOM_ALIAS * q_u, - POLICY_HND *hnd, const char *acct_desc) -{ - DEBUG(5, ("init_samr_q_create_dom_alias\n")); - - q_u->dom_pol = *hnd; - - init_unistr2(&q_u->uni_acct_desc, acct_desc, UNI_FLAGS_NONE); - init_uni_hdr(&q_u->hdr_acct_desc, &q_u->uni_acct_desc); - - q_u->access_mask = MAXIMUM_ALLOWED_ACCESS; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_create_dom_alias(const char *desc, SAMR_Q_CREATE_DOM_ALIAS * q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_create_dom_alias"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("dom_pol", &q_u->dom_pol, ps, depth)) - return False; - - if(!smb_io_unihdr("hdr_acct_desc", &q_u->hdr_acct_desc, ps, depth)) - return False; - if(!smb_io_unistr2("uni_acct_desc", &q_u->uni_acct_desc, - q_u->hdr_acct_desc.buffer, ps, depth)) - return False; - - if(!prs_align(ps)) - return False; - if(!prs_uint32("access_mask", ps, depth, &q_u->access_mask)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_create_dom_alias(const char *desc, SAMR_R_CREATE_DOM_ALIAS * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_create_dom_alias"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("alias_pol", &r_u->alias_pol, ps, depth)) - return False; - - if(!prs_uint32("rid", ps, depth, &r_u->rid)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* -inits a SAMR_Q_ADD_ALIASMEM structure. -********************************************************************/ - -void init_samr_q_add_aliasmem(SAMR_Q_ADD_ALIASMEM * q_u, POLICY_HND *hnd, - DOM_SID *sid) -{ - DEBUG(5, ("init_samr_q_add_aliasmem\n")); - - q_u->alias_pol = *hnd; - init_dom_sid2(&q_u->sid, sid); -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_add_aliasmem(const char *desc, SAMR_Q_ADD_ALIASMEM * q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_add_aliasmem"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("alias_pol", &q_u->alias_pol, ps, depth)) - return False; - if(!smb_io_dom_sid2("sid ", &q_u->sid, ps, depth)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_add_aliasmem(const char *desc, SAMR_R_ADD_ALIASMEM * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_add_aliasmem"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* -inits a SAMR_Q_DEL_ALIASMEM structure. -********************************************************************/ - -void init_samr_q_del_aliasmem(SAMR_Q_DEL_ALIASMEM * q_u, POLICY_HND *hnd, - DOM_SID *sid) -{ - DEBUG(5, ("init_samr_q_del_aliasmem\n")); - - q_u->alias_pol = *hnd; - init_dom_sid2(&q_u->sid, sid); -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_del_aliasmem(const char *desc, SAMR_Q_DEL_ALIASMEM * q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_del_aliasmem"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("alias_pol", &q_u->alias_pol, ps, depth)) - return False; - if(!smb_io_dom_sid2("sid ", &q_u->sid, ps, depth)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_del_aliasmem(const char *desc, SAMR_R_DEL_ALIASMEM * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_del_aliasmem"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* -inits a SAMR_Q_DELETE_DOM_ALIAS structure. -********************************************************************/ - -void init_samr_q_delete_dom_alias(SAMR_Q_DELETE_DOM_ALIAS * q_c, - POLICY_HND *hnd) -{ - DEBUG(5, ("init_samr_q_delete_dom_alias\n")); - - q_c->alias_pol = *hnd; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_delete_dom_alias(const char *desc, SAMR_Q_DELETE_DOM_ALIAS * q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_delete_dom_alias"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("alias_pol", &q_u->alias_pol, ps, depth)) - return False; - - return True; -} - -/******************************************************************* -inits a SAMR_R_DELETE_DOM_ALIAS structure. -********************************************************************/ - -void init_samr_r_delete_dom_alias(SAMR_R_DELETE_DOM_ALIAS * r_u, - NTSTATUS status) -{ - DEBUG(5, ("init_samr_r_delete_dom_alias\n")); - - r_u->status = status; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_delete_dom_alias(const char *desc, SAMR_R_DELETE_DOM_ALIAS * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_delete_dom_alias"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("pol", &r_u->pol, ps, depth)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* -inits a SAMR_Q_QUERY_ALIASMEM structure. -********************************************************************/ - -void init_samr_q_query_aliasmem(SAMR_Q_QUERY_ALIASMEM * q_c, - POLICY_HND *hnd) -{ - DEBUG(5, ("init_samr_q_query_aliasmem\n")); - - q_c->alias_pol = *hnd; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_query_aliasmem(const char *desc, SAMR_Q_QUERY_ALIASMEM * q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_query_aliasmem"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("alias_pol", &q_u->alias_pol, ps, depth)) - return False; - - return True; -} - -/******************************************************************* -inits a SAMR_R_QUERY_ALIASMEM structure. -********************************************************************/ - -void init_samr_r_query_aliasmem(SAMR_R_QUERY_ALIASMEM * r_u, - uint32 num_sids, DOM_SID2 * sid, - NTSTATUS status) -{ - DEBUG(5, ("init_samr_r_query_aliasmem\n")); - - if (NT_STATUS_IS_OK(status)) { - r_u->num_sids = num_sids; - r_u->ptr = (num_sids != 0) ? 1 : 0; - r_u->num_sids1 = num_sids; - - r_u->sid = sid; - } else { - r_u->ptr = 0; - r_u->num_sids = 0; - } - - r_u->status = status; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_query_aliasmem(const char *desc, SAMR_R_QUERY_ALIASMEM * r_u, - prs_struct *ps, int depth) -{ - uint32 i; - - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_query_aliasmem"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_uint32("num_sids ", ps, depth, &r_u->num_sids)) - return False; - if(!prs_uint32("ptr", ps, depth, &r_u->ptr)) - return False; - - if (r_u->ptr != 0 && r_u->num_sids != 0) { - uint32 *ptr_sid = NULL; - - if(!prs_uint32("num_sids1", ps, depth, &r_u->num_sids1)) - return False; - - /* We must always use talloc here even when marshalling. */ - if (r_u->num_sids1) { - ptr_sid = TALLOC_ARRAY(ps->mem_ctx, uint32, r_u->num_sids1); - if (!ptr_sid) { - return False; - } - } else { - ptr_sid = NULL; - } - - for (i = 0; i < r_u->num_sids1; i++) { - ptr_sid[i] = 1; - if(!prs_uint32("ptr_sid", ps, depth, &ptr_sid[i])) - return False; - } - - if (UNMARSHALLING(ps)) { - if (r_u->num_sids1) { - r_u->sid = TALLOC_ARRAY(ps->mem_ctx, DOM_SID2, r_u->num_sids1); - if (!r_u->sid) { - return False; - } - } else { - r_u->sid = NULL; - } - } - - for (i = 0; i < r_u->num_sids1; i++) { - if (ptr_sid[i] != 0) { - if(!smb_io_dom_sid2("sid", &r_u->sid[i], ps, depth)) - return False; - } - } - } - - if(!prs_align(ps)) - return False; - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* inits a SAMR_Q_LOOKUP_NAMES structure. ********************************************************************/ @@ -4985,215 +2994,6 @@ bool samr_io_r_lookup_names(const char *desc, SAMR_R_LOOKUP_NAMES * r_u, } /******************************************************************* -inits a SAMR_Q_DELETE_DOM_USER structure. -********************************************************************/ - -void init_samr_q_delete_dom_user(SAMR_Q_DELETE_DOM_USER * q_c, - POLICY_HND *hnd) -{ - DEBUG(5, ("init_samr_q_delete_dom_user\n")); - - q_c->user_pol = *hnd; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_delete_dom_user(const char *desc, SAMR_Q_DELETE_DOM_USER * q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_delete_dom_user"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("user_pol", &q_u->user_pol, ps, depth)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_delete_dom_user(const char *desc, SAMR_R_DELETE_DOM_USER * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_delete_dom_user"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("pol", &r_u->pol, ps, depth)) - return False; - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -void init_samr_q_open_user(SAMR_Q_OPEN_USER * q_u, - POLICY_HND *pol, - uint32 access_mask, uint32 rid) -{ - DEBUG(5, ("samr_init_samr_q_open_user\n")); - - q_u->domain_pol = *pol; - q_u->access_mask = access_mask; - q_u->user_rid = rid; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_open_user(const char *desc, SAMR_Q_OPEN_USER * q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_open_user"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("domain_pol", &q_u->domain_pol, ps, depth)) - return False; - - if(!prs_uint32("access_mask", ps, depth, &q_u->access_mask)) - return False; - if(!prs_uint32("user_rid ", ps, depth, &q_u->user_rid)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_open_user(const char *desc, SAMR_R_OPEN_USER * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_open_user"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("user_pol", &r_u->user_pol, ps, depth)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -void init_samr_q_create_user(SAMR_Q_CREATE_USER * q_u, - POLICY_HND *pol, - const char *name, - uint32 acb_info, uint32 acct_flags) -{ - DEBUG(5, ("samr_init_samr_q_create_user\n")); - - q_u->domain_pol = *pol; - - init_unistr2(&q_u->uni_name, name, UNI_FLAGS_NONE); - init_uni_hdr(&q_u->hdr_name, &q_u->uni_name); - - q_u->acb_info = acb_info; - q_u->acct_flags = acct_flags; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_create_user(const char *desc, SAMR_Q_CREATE_USER * q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_create_user"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("domain_pol", &q_u->domain_pol, ps, depth)) - return False; - - if(!smb_io_unihdr("hdr_name", &q_u->hdr_name, ps, depth)) - return False; - if(!smb_io_unistr2("uni_name", &q_u->uni_name, q_u->hdr_name.buffer, ps, depth)) - return False; - - if(!prs_align(ps)) - return False; - if(!prs_uint32("acb_info ", ps, depth, &q_u->acb_info)) - return False; - if(!prs_uint32("acct_flags", ps, depth, &q_u->acct_flags)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_create_user(const char *desc, SAMR_R_CREATE_USER * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_create_user"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("user_pol", &r_u->user_pol, ps, depth)) - return False; - - if(!prs_uint32("access_granted", ps, depth, &r_u->access_granted)) - return False; - if(!prs_uint32("user_rid ", ps, depth, &r_u->user_rid)) - return False; - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* inits a SAMR_Q_QUERY_USERINFO structure. ********************************************************************/ @@ -6959,331 +4759,6 @@ bool samr_io_r_set_userinfo2(const char *desc, SAMR_R_SET_USERINFO2 * r_u, } /******************************************************************* -inits a SAMR_Q_CONNECT structure. -********************************************************************/ - -void init_samr_q_connect(SAMR_Q_CONNECT * q_u, - char *srv_name, uint32 access_mask) -{ - DEBUG(5, ("init_samr_q_connect\n")); - - /* make PDC server name \\server */ - q_u->ptr_srv_name = (srv_name != NULL && *srv_name) ? 1 : 0; - init_unistr2(&q_u->uni_srv_name, srv_name, UNI_STR_TERMINATE); - - /* example values: 0x0000 0002 */ - q_u->access_mask = access_mask; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_connect(const char *desc, SAMR_Q_CONNECT * q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_connect"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_uint32("ptr_srv_name", ps, depth, &q_u->ptr_srv_name)) - return False; - if(!smb_io_unistr2("", &q_u->uni_srv_name, q_u->ptr_srv_name, ps, depth)) - return False; - - if(!prs_align(ps)) - return False; - if(!prs_uint32("access_mask", ps, depth, &q_u->access_mask)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_connect(const char *desc, SAMR_R_CONNECT * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_connect"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("connect_pol", &r_u->connect_pol, ps, depth)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* -inits a SAMR_Q_CONNECT4 structure. -********************************************************************/ - -void init_samr_q_connect4(SAMR_Q_CONNECT4 * q_u, - char *srv_name, uint32 access_mask) -{ - DEBUG(5, ("init_samr_q_connect4\n")); - - /* make PDC server name \\server */ - q_u->ptr_srv_name = (srv_name != NULL && *srv_name) ? 1 : 0; - init_unistr2(&q_u->uni_srv_name, srv_name, UNI_STR_TERMINATE); - - /* Only value we've seen, possibly an address type ? */ - q_u->unk_0 = 2; - - /* example values: 0x0000 0002 */ - q_u->access_mask = access_mask; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_connect4(const char *desc, SAMR_Q_CONNECT4 * q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_connect4"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_uint32("ptr_srv_name", ps, depth, &q_u->ptr_srv_name)) - return False; - if(!smb_io_unistr2("", &q_u->uni_srv_name, q_u->ptr_srv_name, ps, depth)) - return False; - - if(!prs_align(ps)) - return False; - if(!prs_uint32("unk_0", ps, depth, &q_u->unk_0)) - return False; - if(!prs_uint32("access_mask", ps, depth, &q_u->access_mask)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_connect4(const char *desc, SAMR_R_CONNECT4 * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_connect4"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("connect_pol", &r_u->connect_pol, ps, depth)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* -inits a SAMR_Q_CONNECT5 structure. -********************************************************************/ - -void init_samr_q_connect5(SAMR_Q_CONNECT5 * q_u, - char *srv_name, uint32 access_mask) -{ - DEBUG(5, ("init_samr_q_connect5\n")); - - /* make PDC server name \\server */ - q_u->ptr_srv_name = (srv_name != NULL && *srv_name) ? 1 : 0; - init_unistr2(&q_u->uni_srv_name, srv_name, UNI_STR_TERMINATE); - - /* example values: 0x0000 0002 */ - q_u->access_mask = access_mask; - - q_u->level = 1; - q_u->info1_unk1 = 3; - q_u->info1_unk2 = 0; -} - -/******************************************************************* -inits a SAMR_R_CONNECT5 structure. -********************************************************************/ - -void init_samr_r_connect5(SAMR_R_CONNECT5 * r_u, POLICY_HND *pol, NTSTATUS status) -{ - DEBUG(5, ("init_samr_q_connect5\n")); - - r_u->level = 1; - r_u->info1_unk1 = 3; - r_u->info1_unk2 = 0; - - r_u->connect_pol = *pol; - r_u->status = status; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_connect5(const char *desc, SAMR_Q_CONNECT5 * q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_connect5"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_uint32("ptr_srv_name", ps, depth, &q_u->ptr_srv_name)) - return False; - if(!smb_io_unistr2("", &q_u->uni_srv_name, q_u->ptr_srv_name, ps, depth)) - return False; - - if(!prs_align(ps)) - return False; - if(!prs_uint32("access_mask", ps, depth, &q_u->access_mask)) - return False; - - if(!prs_uint32("level", ps, depth, &q_u->level)) - return False; - if(!prs_uint32("level", ps, depth, &q_u->level)) - return False; - - if(!prs_uint32("info1_unk1", ps, depth, &q_u->info1_unk1)) - return False; - if(!prs_uint32("info1_unk2", ps, depth, &q_u->info1_unk2)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_connect5(const char *desc, SAMR_R_CONNECT5 * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_connect5"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_uint32("level", ps, depth, &r_u->level)) - return False; - if(!prs_uint32("level", ps, depth, &r_u->level)) - return False; - if(!prs_uint32("info1_unk1", ps, depth, &r_u->info1_unk1)) - return False; - if(!prs_uint32("info1_unk2", ps, depth, &r_u->info1_unk2)) - return False; - - if(!smb_io_pol_hnd("connect_pol", &r_u->connect_pol, ps, depth)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* -inits a SAMR_Q_CONNECT_ANON structure. -********************************************************************/ - -void init_samr_q_connect_anon(SAMR_Q_CONNECT_ANON * q_u) -{ - DEBUG(5, ("init_samr_q_connect_anon\n")); - - q_u->ptr = 1; - q_u->unknown_0 = 0x5c; /* server name (?!!) */ - q_u->access_mask = MAXIMUM_ALLOWED_ACCESS; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_connect_anon(const char *desc, SAMR_Q_CONNECT_ANON * q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_connect_anon"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_uint32("ptr ", ps, depth, &q_u->ptr)) - return False; - if (q_u->ptr) { - if(!prs_uint16("unknown_0", ps, depth, &q_u->unknown_0)) - return False; - } - if(!prs_align(ps)) - return False; - if(!prs_uint32("access_mask", ps, depth, &q_u->access_mask)) - return False; - - return True; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_connect_anon(const char *desc, SAMR_R_CONNECT_ANON * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_connect_anon"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("connect_pol", &r_u->connect_pol, ps, depth)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - -/******************************************************************* make a SAMR_ENC_PASSWD structure. ********************************************************************/ @@ -7660,272 +5135,3 @@ bool samr_io_r_chgpasswd_user3(const char *desc, SAMR_R_CHGPASSWD_USER3 *r_u, return True; } - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -void init_samr_q_query_domain_info2(SAMR_Q_QUERY_DOMAIN_INFO2 *q_u, - POLICY_HND *domain_pol, uint16 switch_value) -{ - DEBUG(5, ("init_samr_q_query_domain_info2\n")); - - q_u->domain_pol = *domain_pol; - q_u->switch_value = switch_value; -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_query_domain_info2(const char *desc, SAMR_Q_QUERY_DOMAIN_INFO2 *q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_query_domain_info2"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("domain_pol", &q_u->domain_pol, ps, depth)) - return False; - - if(!prs_uint16("switch_value", ps, depth, &q_u->switch_value)) - return False; - - return True; -} - -/******************************************************************* -inits a SAMR_R_QUERY_DOMAIN_INFO structure. -********************************************************************/ - -void init_samr_r_query_domain_info2(SAMR_R_QUERY_DOMAIN_INFO2 * r_u, - uint16 switch_value, SAM_UNK_CTR * ctr, - NTSTATUS status) -{ - DEBUG(5, ("init_samr_r_query_domain_info2\n")); - - r_u->ptr_0 = 0; - r_u->switch_value = 0; - r_u->status = status; /* return status */ - - if (NT_STATUS_IS_OK(status)) { - r_u->switch_value = switch_value; - r_u->ptr_0 = 1; - r_u->ctr = ctr; - } -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_query_domain_info2(const char *desc, SAMR_R_QUERY_DOMAIN_INFO2 * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_query_domain_info2"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_uint32("ptr_0 ", ps, depth, &r_u->ptr_0)) - return False; - - if (r_u->ptr_0 != 0 && r_u->ctr != NULL) { - if(!prs_uint16("switch_value", ps, depth, &r_u->switch_value)) - return False; - if(!prs_align(ps)) - return False; - - switch (r_u->switch_value) { - case 0x0d: - if(!sam_io_unk_info13("unk_inf13", &r_u->ctr->info.inf13, ps, depth)) - return False; - break; - case 0x0c: - if(!sam_io_unk_info12("unk_inf12", &r_u->ctr->info.inf12, ps, depth)) - return False; - break; - case 0x09: - if(!sam_io_unk_info9("unk_inf9",&r_u->ctr->info.inf9, ps,depth)) - return False; - break; - case 0x08: - if(!sam_io_unk_info8("unk_inf8",&r_u->ctr->info.inf8, ps,depth)) - return False; - break; - case 0x07: - if(!sam_io_unk_info7("unk_inf7",&r_u->ctr->info.inf7, ps,depth)) - return False; - break; - case 0x06: - if(!sam_io_unk_info6("unk_inf6",&r_u->ctr->info.inf6, ps,depth)) - return False; - break; - case 0x05: - if(!sam_io_unk_info5("unk_inf5",&r_u->ctr->info.inf5, ps,depth)) - return False; - break; - case 0x04: - if(!sam_io_unk_info4("unk_inf4",&r_u->ctr->info.inf4, ps,depth)) - return False; - break; - case 0x03: - if(!sam_io_unk_info3("unk_inf3",&r_u->ctr->info.inf3, ps,depth)) - return False; - break; - case 0x02: - if(!sam_io_unk_info2("unk_inf2",&r_u->ctr->info.inf2, ps,depth)) - return False; - break; - case 0x01: - if(!sam_io_unk_info1("unk_inf1",&r_u->ctr->info.inf1, ps,depth)) - return False; - break; - default: - DEBUG(0, ("samr_io_r_query_domain_info2: unknown switch level 0x%x\n", - r_u->switch_value)); - r_u->status = NT_STATUS_INVALID_INFO_CLASS; - return False; - } - } - - if(!prs_align(ps)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} - - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -void init_samr_q_set_domain_info(SAMR_Q_SET_DOMAIN_INFO *q_u, - POLICY_HND *domain_pol, uint16 switch_value, SAM_UNK_CTR *ctr) -{ - DEBUG(5, ("init_samr_q_set_domain_info\n")); - - q_u->domain_pol = *domain_pol; - q_u->switch_value0 = switch_value; - - q_u->switch_value = switch_value; - q_u->ctr = ctr; - -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_q_set_domain_info(const char *desc, SAMR_Q_SET_DOMAIN_INFO *q_u, - prs_struct *ps, int depth) -{ - if (q_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_q_set_domain_info"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("domain_pol", &q_u->domain_pol, ps, depth)) - return False; - - if(!prs_uint16("switch_value0", ps, depth, &q_u->switch_value0)) - return False; - - if(!prs_uint16("switch_value", ps, depth, &q_u->switch_value)) - return False; - - if(!prs_align(ps)) - return False; - - if (UNMARSHALLING(ps)) { - if ((q_u->ctr = PRS_ALLOC_MEM(ps, SAM_UNK_CTR, 1)) == NULL) - return False; - } - - switch (q_u->switch_value) { - - case 0x0c: - if(!sam_io_unk_info12("unk_inf12", &q_u->ctr->info.inf12, ps, depth)) - return False; - break; - case 0x07: - if(!sam_io_unk_info7("unk_inf7",&q_u->ctr->info.inf7, ps,depth)) - return False; - break; - case 0x06: - if(!sam_io_unk_info6("unk_inf6",&q_u->ctr->info.inf6, ps,depth)) - return False; - break; - case 0x05: - if(!sam_io_unk_info5("unk_inf5",&q_u->ctr->info.inf5, ps,depth)) - return False; - break; - case 0x03: - if(!sam_io_unk_info3("unk_inf3",&q_u->ctr->info.inf3, ps,depth)) - return False; - break; - case 0x02: - if(!sam_io_unk_info2("unk_inf2",&q_u->ctr->info.inf2, ps,depth)) - return False; - break; - case 0x01: - if(!sam_io_unk_info1("unk_inf1",&q_u->ctr->info.inf1, ps,depth)) - return False; - break; - default: - DEBUG(0, ("samr_io_r_samr_unknown_2e: unknown switch level 0x%x\n", - q_u->switch_value)); - return False; - } - - return True; -} - -/******************************************************************* -inits a SAMR_R_QUERY_DOMAIN_INFO structure. -********************************************************************/ - -void init_samr_r_set_domain_info(SAMR_R_SET_DOMAIN_INFO * r_u, NTSTATUS status) -{ - DEBUG(5, ("init_samr_r_set_domain_info\n")); - - r_u->status = status; /* return status */ -} - -/******************************************************************* -reads or writes a structure. -********************************************************************/ - -bool samr_io_r_set_domain_info(const char *desc, SAMR_R_SET_DOMAIN_INFO * r_u, - prs_struct *ps, int depth) -{ - if (r_u == NULL) - return False; - - prs_debug(ps, depth, desc, "samr_io_r_samr_unknown_2e"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_ntstatus("status", ps, depth, &r_u->status)) - return False; - - return True; -} diff --git a/source3/rpc_server/srv_eventlog.c b/source3/rpc_server/srv_eventlog.c index 516ea134f2..5679a6acb6 100644 --- a/source3/rpc_server/srv_eventlog.c +++ b/source3/rpc_server/srv_eventlog.c @@ -42,27 +42,7 @@ static bool proxy_eventlog_call(pipes_struct *p, uint8 opnum) static bool api_eventlog_open_eventlog(pipes_struct *p) { - EVENTLOG_Q_OPEN_EVENTLOG q_u; - EVENTLOG_R_OPEN_EVENTLOG r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!(eventlog_io_q_open_eventlog("", &q_u, data, 0))) { - DEBUG(0, ("eventlog_io_q_open_eventlog: unable to unmarshall EVENTLOG_Q_OPEN_EVENTLOG.\n")); - return False; - } - - r_u.status = _eventlog_open_eventlog(p, &q_u, &r_u); - - if (!(eventlog_io_r_open_eventlog("", &r_u, rdata, 0))) { - DEBUG(0, ("eventlog_io_r_open_eventlog: unable to marshall EVENTLOG_R_OPEN_EVENTLOG.\n")); - return False; - } - - return True; + return proxy_eventlog_call(p, NDR_EVENTLOG_OPENEVENTLOGW); } static bool api_eventlog_close_eventlog(pipes_struct *p) @@ -72,52 +52,12 @@ static bool api_eventlog_close_eventlog(pipes_struct *p) static bool api_eventlog_get_num_records(pipes_struct *p) { - EVENTLOG_Q_GET_NUM_RECORDS q_u; - EVENTLOG_R_GET_NUM_RECORDS r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!(eventlog_io_q_get_num_records("", &q_u, data, 0))) { - DEBUG(0, ("eventlog_io_q_get_num_records: unable to unmarshall EVENTLOG_Q_GET_NUM_RECORDS.\n")); - return False; - } - - r_u.status = _eventlog_get_num_records(p, &q_u, &r_u); - - if (!(eventlog_io_r_get_num_records("", &r_u, rdata, 0))) { - DEBUG(0, ("eventlog_io_r_get_num_records: unable to marshall EVENTLOG_R_GET_NUM_RECORDS.\n")); - return False; - } - - return True; + return proxy_eventlog_call(p, NDR_EVENTLOG_GETNUMRECORDS); } static bool api_eventlog_get_oldest_entry(pipes_struct *p) { - EVENTLOG_Q_GET_OLDEST_ENTRY q_u; - EVENTLOG_R_GET_OLDEST_ENTRY r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!(eventlog_io_q_get_oldest_entry("", &q_u, data, 0))) { - DEBUG(0, ("eventlog_io_q_get_oldest_entry: unable to unmarshall EVENTLOG_Q_GET_OLDEST_ENTRY.\n")); - return False; - } - - r_u.status = _eventlog_get_oldest_entry(p, &q_u, &r_u); - - if (!(eventlog_io_r_get_oldest_entry("", &r_u, rdata, 0))) { - DEBUG(0, ("eventlog_io_r_get_oldest_entry: unable to marshall EVENTLOG_R_GET_OLDEST_ENTRY.\n")); - return False; - } - - return True; + return proxy_eventlog_call(p, NDR_EVENTLOG_GETOLDESTRECORD); } static bool api_eventlog_read_eventlog(pipes_struct *p) @@ -147,27 +87,7 @@ static bool api_eventlog_read_eventlog(pipes_struct *p) static bool api_eventlog_clear_eventlog(pipes_struct *p) { - EVENTLOG_Q_CLEAR_EVENTLOG q_u; - EVENTLOG_R_CLEAR_EVENTLOG r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!(eventlog_io_q_clear_eventlog("", &q_u, data, 0))) { - DEBUG(0, ("eventlog_io_q_clear_eventlog: unable to unmarshall EVENTLOG_Q_CLEAR_EVENTLOG.\n")); - return False; - } - - r_u.status = _eventlog_clear_eventlog(p, &q_u, &r_u); - - if (!(eventlog_io_r_clear_eventlog("", &r_u, rdata, 0))) { - DEBUG(0, ("eventlog_io_q_clear_eventlog: unable to marshall EVENTLOG_Q_CLEAR_EVENTLOG.\n")); - return False; - } - - return True; + return proxy_eventlog_call(p, NDR_EVENTLOG_CLEAREVENTLOGW); } /* diff --git a/source3/rpc_server/srv_eventlog_nt.c b/source3/rpc_server/srv_eventlog_nt.c index 7af8219a3e..0e2bcf4126 100644 --- a/source3/rpc_server/srv_eventlog_nt.c +++ b/source3/rpc_server/srv_eventlog_nt.c @@ -493,8 +493,6 @@ done: ********************************************************************/ static Eventlog_entry *read_package_entry( prs_struct * ps, - EVENTLOG_Q_READ_EVENTLOG * q_u, - EVENTLOG_R_READ_EVENTLOG * r_u, Eventlog_entry * entry ) { uint8 *offset; @@ -610,28 +608,23 @@ static bool add_record_to_resp( EVENTLOG_R_READ_EVENTLOG * r_u, } /******************************************************************** + _eventlog_OpenEventLogW ********************************************************************/ -NTSTATUS _eventlog_open_eventlog( pipes_struct * p, - EVENTLOG_Q_OPEN_EVENTLOG * q_u, - EVENTLOG_R_OPEN_EVENTLOG * r_u ) +NTSTATUS _eventlog_OpenEventLogW(pipes_struct *p, + struct eventlog_OpenEventLogW *r) { - fstring servername, logname; + const char *servername = ""; + const char *logname = ""; EVENTLOG_INFO *info; NTSTATUS result; - fstrcpy( servername, "" ); - if ( q_u->servername.string ) { - rpcstr_pull( servername, q_u->servername.string->buffer, - sizeof( servername ), - q_u->servername.string->uni_str_len * 2, 0 ); + if (r->in.servername->string) { + servername = r->in.servername->string; } - fstrcpy( logname, "" ); - if ( q_u->logname.string ) { - rpcstr_pull( logname, q_u->logname.string->buffer, - sizeof( logname ), - q_u->logname.string->uni_str_len * 2, 0 ); + if (r->in.logname->string) { + logname = r->in.logname->string; } DEBUG( 10,("_eventlog_open_eventlog: Server [%s], Log [%s]\n", @@ -640,13 +633,13 @@ NTSTATUS _eventlog_open_eventlog( pipes_struct * p, /* according to MSDN, if the logfile cannot be found, we should default to the "Application" log */ - if ( !NT_STATUS_IS_OK( result = elog_open( p, logname, &r_u->handle )) ) + if ( !NT_STATUS_IS_OK( result = elog_open( p, logname, r->out.handle )) ) return result; - if ( !(info = find_eventlog_info_by_hnd( p, &r_u->handle )) ) { + if ( !(info = find_eventlog_info_by_hnd( p, r->out.handle )) ) { DEBUG(0,("_eventlog_open_eventlog: eventlog (%s) opened but unable to find handle!\n", logname )); - elog_close( p, &r_u->handle ); + elog_close( p, r->out.handle ); return NT_STATUS_INVALID_HANDLE; } @@ -659,28 +652,35 @@ NTSTATUS _eventlog_open_eventlog( pipes_struct * p, } /******************************************************************** + _eventlog_ClearEventLogW This call still needs some work ********************************************************************/ - -NTSTATUS _eventlog_clear_eventlog( pipes_struct * p, - EVENTLOG_Q_CLEAR_EVENTLOG * q_u, - EVENTLOG_R_CLEAR_EVENTLOG * r_u ) -{ - EVENTLOG_INFO *info = find_eventlog_info_by_hnd( p, &q_u->handle ); - char *backup_file_name = NULL; +/** The windows client seems to be doing something funny with the file name + A call like + ClearEventLog(handle, "backup_file") + on the client side will result in the backup file name looking like this on the + server side: + \??\${CWD of client}\backup_file + If an absolute path gets specified, such as + ClearEventLog(handle, "C:\\temp\\backup_file") + then it is still mangled by the client into this: + \??\C:\temp\backup_file + when it is on the wire. + I'm not sure where the \?? is coming from, or why the ${CWD} of the client process + would be added in given that the backup file gets written on the server side. */ + +NTSTATUS _eventlog_ClearEventLogW(pipes_struct *p, + struct eventlog_ClearEventLogW *r) +{ + EVENTLOG_INFO *info = find_eventlog_info_by_hnd( p, r->in.handle ); + const char *backup_file_name = NULL; if ( !info ) return NT_STATUS_INVALID_HANDLE; - if (q_u->backupfile.string) { - size_t len = rpcstr_pull_talloc(p->mem_ctx, - &backup_file_name, - q_u->backupfile.string->buffer, - q_u->backupfile.string->uni_str_len * 2, - 0 ); - if (len == (size_t)-1 || !backup_file_name) { - return NT_STATUS_INVALID_PARAMETER; - } + if (r->in.backupfile && r->in.backupfile->string) { + + backup_file_name = r->in.backupfile->string; DEBUG(8,( "_eventlog_clear_eventlog: Using [%s] as the backup " "file name for log [%s].", @@ -771,7 +771,7 @@ NTSTATUS _eventlog_read_eventlog( pipes_struct * p, /* Now see if there is enough room to add */ - if ( !(ee_new = read_package_entry( ps, q_u, r_u, entry )) ) + if ( !(ee_new = read_package_entry( ps, entry )) ) return NT_STATUS_NO_MEMORY; if ( r_u->num_bytes_in_resp + ee_new->record.length > q_u->max_read_size ) { @@ -811,13 +811,13 @@ NTSTATUS _eventlog_read_eventlog( pipes_struct * p, } /******************************************************************** + _eventlog_GetOldestRecord ********************************************************************/ -NTSTATUS _eventlog_get_oldest_entry( pipes_struct * p, - EVENTLOG_Q_GET_OLDEST_ENTRY * q_u, - EVENTLOG_R_GET_OLDEST_ENTRY * r_u ) +NTSTATUS _eventlog_GetOldestRecord(pipes_struct *p, + struct eventlog_GetOldestRecord *r) { - EVENTLOG_INFO *info = find_eventlog_info_by_hnd( p, &q_u->handle ); + EVENTLOG_INFO *info = find_eventlog_info_by_hnd( p, r->in.handle ); if (info == NULL) { return NT_STATUS_INVALID_HANDLE; @@ -826,19 +826,19 @@ NTSTATUS _eventlog_get_oldest_entry( pipes_struct * p, if ( !( get_oldest_entry_hook( info ) ) ) return NT_STATUS_ACCESS_DENIED; - r_u->oldest_entry = info->oldest_entry; + *r->out.oldest_entry = info->oldest_entry; return NT_STATUS_OK; } /******************************************************************** +_eventlog_GetNumRecords ********************************************************************/ -NTSTATUS _eventlog_get_num_records( pipes_struct * p, - EVENTLOG_Q_GET_NUM_RECORDS * q_u, - EVENTLOG_R_GET_NUM_RECORDS * r_u ) +NTSTATUS _eventlog_GetNumRecords(pipes_struct *p, + struct eventlog_GetNumRecords *r) { - EVENTLOG_INFO *info = find_eventlog_info_by_hnd( p, &q_u->handle ); + EVENTLOG_INFO *info = find_eventlog_info_by_hnd( p, r->in.handle ); if (info == NULL) { return NT_STATUS_INVALID_HANDLE; @@ -847,17 +847,11 @@ NTSTATUS _eventlog_get_num_records( pipes_struct * p, if ( !( get_num_records_hook( info ) ) ) return NT_STATUS_ACCESS_DENIED; - r_u->num_records = info->num_records; + *r->out.number = info->num_records; return NT_STATUS_OK; } -NTSTATUS _eventlog_ClearEventLogW(pipes_struct *p, struct eventlog_ClearEventLogW *r) -{ - p->rng_fault_state = True; - return NT_STATUS_NOT_IMPLEMENTED; -} - NTSTATUS _eventlog_BackupEventLogW(pipes_struct *p, struct eventlog_BackupEventLogW *r) { p->rng_fault_state = True; @@ -870,30 +864,12 @@ NTSTATUS _eventlog_DeregisterEventSource(pipes_struct *p, struct eventlog_Deregi return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS _eventlog_GetNumRecords(pipes_struct *p, struct eventlog_GetNumRecords *r) -{ - p->rng_fault_state = True; - return NT_STATUS_NOT_IMPLEMENTED; -} - -NTSTATUS _eventlog_GetOldestRecord(pipes_struct *p, struct eventlog_GetOldestRecord *r) -{ - p->rng_fault_state = True; - return NT_STATUS_NOT_IMPLEMENTED; -} - NTSTATUS _eventlog_ChangeNotify(pipes_struct *p, struct eventlog_ChangeNotify *r) { p->rng_fault_state = True; return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS _eventlog_OpenEventLogW(pipes_struct *p, struct eventlog_OpenEventLogW *r) -{ - p->rng_fault_state = True; - return NT_STATUS_NOT_IMPLEMENTED; -} - NTSTATUS _eventlog_RegisterEventSourceW(pipes_struct *p, struct eventlog_RegisterEventSourceW *r) { p->rng_fault_state = True; diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c index b433ac2c8f..bbd5ff2098 100644 --- a/source3/rpc_server/srv_lsa.c +++ b/source3/rpc_server/srv_lsa.c @@ -52,29 +52,7 @@ static bool proxy_lsa_call(pipes_struct *p, uint8 opnum) static bool api_lsa_open_policy2(pipes_struct *p) { - LSA_Q_OPEN_POL2 q_u; - LSA_R_OPEN_POL2 r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the server, object attributes and desired access flag...*/ - if(!lsa_io_q_open_pol2("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_open_policy2: unable to unmarshall LSA_Q_OPEN_POL2.\n")); - return False; - } - - r_u.status = _lsa_open_policy2(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!lsa_io_r_open_pol2("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_open_policy2: unable to marshall LSA_R_OPEN_POL2.\n")); - return False; - } - - return True; + return proxy_lsa_call(p, NDR_LSA_OPENPOLICY2); } /*************************************************************************** @@ -83,29 +61,7 @@ api_lsa_open_policy static bool api_lsa_open_policy(pipes_struct *p) { - LSA_Q_OPEN_POL q_u; - LSA_R_OPEN_POL r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the server, object attributes and desired access flag...*/ - if(!lsa_io_q_open_pol("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_open_policy: unable to unmarshall LSA_Q_OPEN_POL.\n")); - return False; - } - - r_u.status = _lsa_open_policy(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!lsa_io_r_open_pol("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_open_policy: unable to marshall LSA_R_OPEN_POL.\n")); - return False; - } - - return True; + return proxy_lsa_call(p, NDR_LSA_OPENPOLICY); } /*************************************************************************** @@ -591,29 +547,7 @@ static bool api_lsa_removeprivs(pipes_struct *p) static bool api_lsa_query_secobj(pipes_struct *p) { - LSA_Q_QUERY_SEC_OBJ q_u; - LSA_R_QUERY_SEC_OBJ r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!lsa_io_q_query_sec_obj("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_query_secobj: failed to unmarshall LSA_Q_QUERY_SEC_OBJ.\n")); - return False; - } - - r_u.status = _lsa_query_secobj(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!lsa_io_r_query_sec_obj("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_query_secobj: Failed to marshall LSA_R_QUERY_SEC_OBJ.\n")); - return False; - } - - return True; + return proxy_lsa_call(p, NDR_LSA_QUERYSECURITY); } /*************************************************************************** @@ -777,29 +711,7 @@ static bool api_lsa_set_secret(pipes_struct *p) static bool api_lsa_delete_object(pipes_struct *p) { - LSA_Q_DELETE_OBJECT q_u; - LSA_R_DELETE_OBJECT r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!lsa_io_q_delete_object("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_delete_object: failed to unmarshall LSA_Q_DELETE_OBJECT.\n")); - return False; - } - - r_u.status = _lsa_delete_object(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!lsa_io_r_delete_object("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_delete_object: Failed to marshall LSA_R_DELETE_OBJECT.\n")); - return False; - } - - return True; + return proxy_lsa_call(p, NDR_LSA_DELETEOBJECT); } /*************************************************************************** diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index 20cafbd0af..e4a44af3d7 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -516,15 +516,16 @@ static void init_dns_dom_info(LSA_DNS_DOM_INFO *r_l, const char *nb_name, /*************************************************************************** - _lsa_open_policy2. + _lsa_OpenPolicy2 ***************************************************************************/ -NTSTATUS _lsa_open_policy2(pipes_struct *p, LSA_Q_OPEN_POL2 *q_u, LSA_R_OPEN_POL2 *r_u) +NTSTATUS _lsa_OpenPolicy2(pipes_struct *p, + struct lsa_OpenPolicy2 *r) { struct lsa_info *info; SEC_DESC *psd = NULL; size_t sd_size; - uint32 des_access=q_u->des_access; + uint32 des_access = r->in.access_mask; uint32 acc_granted; NTSTATUS status; @@ -558,22 +559,23 @@ NTSTATUS _lsa_open_policy2(pipes_struct *p, LSA_Q_OPEN_POL2 *q_u, LSA_R_OPEN_POL info->access = acc_granted; /* set up the LSA QUERY INFO response */ - if (!create_policy_hnd(p, &r_u->pol, free_lsa_info, (void *)info)) + if (!create_policy_hnd(p, r->out.handle, free_lsa_info, (void *)info)) return NT_STATUS_OBJECT_NAME_NOT_FOUND; return NT_STATUS_OK; } /*************************************************************************** - _lsa_open_policy + _lsa_OpenPolicy ***************************************************************************/ -NTSTATUS _lsa_open_policy(pipes_struct *p, LSA_Q_OPEN_POL *q_u, LSA_R_OPEN_POL *r_u) +NTSTATUS _lsa_OpenPolicy(pipes_struct *p, + struct lsa_OpenPolicy *r) { struct lsa_info *info; SEC_DESC *psd = NULL; size_t sd_size; - uint32 des_access=q_u->des_access; + uint32 des_access= r->in.access_mask; uint32 acc_granted; NTSTATUS status; @@ -603,7 +605,7 @@ NTSTATUS _lsa_open_policy(pipes_struct *p, LSA_Q_OPEN_POL *q_u, LSA_R_OPEN_POL * info->access = acc_granted; /* set up the LSA QUERY INFO response */ - if (!create_policy_hnd(p, &r_u->pol, free_lsa_info, (void *)info)) + if (!create_policy_hnd(p, r->out.handle, free_lsa_info, (void *)info)) return NT_STATUS_OBJECT_NAME_NOT_FOUND; return NT_STATUS_OK; @@ -1394,9 +1396,11 @@ NTSTATUS _lsa_SetSecret(pipes_struct *p, struct lsa_SetSecret *r) } /*************************************************************************** + _lsa_DeleteObject ***************************************************************************/ -NTSTATUS _lsa_delete_object(pipes_struct *p, LSA_Q_DELETE_OBJECT *q_u, LSA_R_DELETE_OBJECT *r_u) +NTSTATUS _lsa_DeleteObject(pipes_struct *p, + struct lsa_DeleteObject *r) { return NT_STATUS_ACCESS_DENIED; } @@ -1864,20 +1868,19 @@ NTSTATUS _lsa_removeprivs(pipes_struct *p, LSA_Q_REMOVEPRIVS *q_u, LSA_R_REMOVEP } /*************************************************************************** - For a given SID, remove some privileges. + _lsa_QuerySecurity ***************************************************************************/ -NTSTATUS _lsa_query_secobj(pipes_struct *p, LSA_Q_QUERY_SEC_OBJ *q_u, LSA_R_QUERY_SEC_OBJ *r_u) +NTSTATUS _lsa_QuerySecurity(pipes_struct *p, + struct lsa_QuerySecurity *r) { struct lsa_info *handle=NULL; SEC_DESC *psd = NULL; size_t sd_size; NTSTATUS status; - r_u->status = NT_STATUS_OK; - /* find the connection policy handle. */ - if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&handle)) + if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle)) return NT_STATUS_INVALID_HANDLE; /* check if the user have enough rights */ @@ -1885,7 +1888,7 @@ NTSTATUS _lsa_query_secobj(pipes_struct *p, LSA_Q_QUERY_SEC_OBJ *q_u, LSA_R_QUER return NT_STATUS_ACCESS_DENIED; - switch (q_u->sec_info) { + switch (r->in.sec_info) { case 1: /* SD contains only the owner */ @@ -1894,7 +1897,7 @@ NTSTATUS _lsa_query_secobj(pipes_struct *p, LSA_Q_QUERY_SEC_OBJ *q_u, LSA_R_QUER return NT_STATUS_NO_MEMORY; - if((r_u->buf = make_sec_desc_buf(p->mem_ctx, sd_size, psd)) == NULL) + if((*r->out.sdbuf = make_sec_desc_buf(p->mem_ctx, sd_size, psd)) == NULL) return NT_STATUS_NO_MEMORY; break; case 4: @@ -1904,16 +1907,14 @@ NTSTATUS _lsa_query_secobj(pipes_struct *p, LSA_Q_QUERY_SEC_OBJ *q_u, LSA_R_QUER if(!NT_STATUS_IS_OK(status)) return NT_STATUS_NO_MEMORY; - if((r_u->buf = make_sec_desc_buf(p->mem_ctx, sd_size, psd)) == NULL) + if((*r->out.sdbuf = make_sec_desc_buf(p->mem_ctx, sd_size, psd)) == NULL) return NT_STATUS_NO_MEMORY; break; default: return NT_STATUS_INVALID_LEVEL; } - r_u->ptr=1; - - return r_u->status; + return status; } #if 0 /* AD DC work in ongoing in Samba 4 */ @@ -2193,12 +2194,6 @@ NTSTATUS _lsa_EnumPrivs(pipes_struct *p, struct lsa_EnumPrivs *r) return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS _lsa_QuerySecurity(pipes_struct *p, struct lsa_QuerySecurity *r) -{ - p->rng_fault_state = True; - return NT_STATUS_NOT_IMPLEMENTED; -} - NTSTATUS _lsa_SetSecObj(pipes_struct *p, struct lsa_SetSecObj *r) { p->rng_fault_state = True; @@ -2211,12 +2206,6 @@ NTSTATUS _lsa_ChangePassword(pipes_struct *p, struct lsa_ChangePassword *r) return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS _lsa_OpenPolicy(pipes_struct *p, struct lsa_OpenPolicy *r) -{ - p->rng_fault_state = True; - return NT_STATUS_NOT_IMPLEMENTED; -} - NTSTATUS _lsa_QueryInfoPolicy(pipes_struct *p, struct lsa_QueryInfoPolicy *r) { p->rng_fault_state = True; @@ -2349,12 +2338,6 @@ NTSTATUS _lsa_LookupPrivDisplayName(pipes_struct *p, struct lsa_LookupPrivDispla return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS _lsa_DeleteObject(pipes_struct *p, struct lsa_DeleteObject *r) -{ - p->rng_fault_state = True; - return NT_STATUS_NOT_IMPLEMENTED; -} - NTSTATUS _lsa_EnumAccountsWithUserRight(pipes_struct *p, struct lsa_EnumAccountsWithUserRight *r) { p->rng_fault_state = True; @@ -2409,12 +2392,6 @@ NTSTATUS _lsa_RetrievePrivateData(pipes_struct *p, struct lsa_RetrievePrivateDat return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS _lsa_OpenPolicy2(pipes_struct *p, struct lsa_OpenPolicy2 *r) -{ - p->rng_fault_state = True; - return NT_STATUS_NOT_IMPLEMENTED; -} - NTSTATUS _lsa_GetUserName(pipes_struct *p, struct lsa_GetUserName *r) { p->rng_fault_state = True; diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c index c05d126c4c..1d6c1a354a 100644 --- a/source3/rpc_server/srv_samr.c +++ b/source3/rpc_server/srv_samr.c @@ -1,4 +1,4 @@ -/* +/* * Unix SMB/CIFS implementation. * RPC Pipe client / server routines * Copyright (C) Andrew Tridgell 1992-1997, @@ -7,21 +7,21 @@ * Copyright (C) Marc Jacobsen 1999, * Copyright (C) Jean François Micouleau 1998-2001, * Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2002-2003. - * - * Split into interface and implementation modules by, + * + * Split into interface and implementation modules by, * * Copyright (C) Jeremy Allison 2001. - * + * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. - * + * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - * + * * You should have received a copy of the GNU General Public License * along with this program; if not, see <http://www.gnu.org/licenses/>. */ @@ -71,29 +71,7 @@ static bool api_samr_close_hnd(pipes_struct *p) static bool api_samr_open_domain(pipes_struct *p) { - SAMR_Q_OPEN_DOMAIN q_u; - SAMR_R_OPEN_DOMAIN r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!samr_io_q_open_domain("", &q_u, data, 0)) { - DEBUG(0,("api_samr_open_domain: unable to unmarshall SAMR_Q_OPEN_DOMAIN.\n")); - return False; - } - - r_u.status = _samr_open_domain(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!samr_io_r_open_domain("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_open_domain: unable to marshall SAMR_R_OPEN_DOMAIN.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_OPENDOMAIN); } /******************************************************************* @@ -102,28 +80,7 @@ static bool api_samr_open_domain(pipes_struct *p) static bool api_samr_get_usrdom_pwinfo(pipes_struct *p) { - SAMR_Q_GET_USRDOM_PWINFO q_u; - SAMR_R_GET_USRDOM_PWINFO r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!samr_io_q_get_usrdom_pwinfo("", &q_u, data, 0)) { - DEBUG(0,("api_samr_get_usrdom_pwinfo: unable to unmarshall SAMR_Q_GET_USRDOM_PWINFO.\n")); - return False; - } - - r_u.status = _samr_get_usrdom_pwinfo(p, &q_u, &r_u); - - if(!samr_io_r_get_usrdom_pwinfo("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_get_usrdom_pwinfo: unable to marshall SAMR_R_GET_USRDOM_PWINFO.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_GETUSERPWINFO); } /******************************************************************* @@ -132,28 +89,7 @@ static bool api_samr_get_usrdom_pwinfo(pipes_struct *p) static bool api_samr_set_sec_obj(pipes_struct *p) { - SAMR_Q_SET_SEC_OBJ q_u; - SAMR_R_SET_SEC_OBJ r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!samr_io_q_set_sec_obj("", &q_u, data, 0)) { - DEBUG(0,("api_samr_set_sec_obj: unable to unmarshall SAMR_Q_SET_SEC_OBJ.\n")); - return False; - } - - r_u.status = _samr_set_sec_obj(p, &q_u, &r_u); - - if(!samr_io_r_set_sec_obj("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_set_sec_obj: unable to marshall SAMR_R_SET_SEC_OBJ.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_SETSECURITY); } /******************************************************************* @@ -162,28 +98,7 @@ static bool api_samr_set_sec_obj(pipes_struct *p) static bool api_samr_query_sec_obj(pipes_struct *p) { - SAMR_Q_QUERY_SEC_OBJ q_u; - SAMR_R_QUERY_SEC_OBJ r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!samr_io_q_query_sec_obj("", &q_u, data, 0)) { - DEBUG(0,("api_samr_query_sec_obj: unable to unmarshall SAMR_Q_QUERY_SEC_OBJ.\n")); - return False; - } - - r_u.status = _samr_query_sec_obj(p, &q_u, &r_u); - - if(!samr_io_r_query_sec_obj("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_query_sec_obj: unable to marshall SAMR_R_QUERY_SEC_OBJ.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_QUERYSECURITY); } /******************************************************************* @@ -258,7 +173,7 @@ static bool api_samr_enum_dom_aliases(pipes_struct *p) SAMR_R_ENUM_DOM_ALIASES r_u; prs_struct *data = &p->in_data.data; prs_struct *rdata = &p->out_data.rdata; - + ZERO_STRUCT(q_u); ZERO_STRUCT(r_u); @@ -336,7 +251,7 @@ static bool api_samr_query_aliasinfo(pipes_struct *p) DEBUG(0,("api_samr_query_aliasinfo: unable to marshall SAMR_R_QUERY_ALIASINFO.\n")); return False; } - + return True; } @@ -377,29 +292,7 @@ static bool api_samr_lookup_names(pipes_struct *p) static bool api_samr_chgpasswd_user(pipes_struct *p) { - SAMR_Q_CHGPASSWD_USER q_u; - SAMR_R_CHGPASSWD_USER r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* change password request */ - if (!samr_io_q_chgpasswd_user("", &q_u, data, 0)) { - DEBUG(0,("api_samr_chgpasswd_user: Failed to unmarshall SAMR_Q_CHGPASSWD_USER.\n")); - return False; - } - - r_u.status = _samr_chgpasswd_user(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!samr_io_r_chgpasswd_user("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_chgpasswd_user: Failed to marshall SAMR_R_CHGPASSWD_USER.\n" )); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_CHANGEPASSWORDUSER2); } /******************************************************************* @@ -439,28 +332,7 @@ static bool api_samr_lookup_rids(pipes_struct *p) static bool api_samr_open_user(pipes_struct *p) { - SAMR_Q_OPEN_USER q_u; - SAMR_R_OPEN_USER r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!samr_io_q_open_user("", &q_u, data, 0)) { - DEBUG(0,("api_samr_open_user: unable to unmarshall SAMR_Q_OPEN_USER.\n")); - return False; - } - - r_u.status = _samr_open_user(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!samr_io_r_open_user("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_open_user: unable to marshall SAMR_R_OPEN_USER.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_OPENUSER); } /******************************************************************* @@ -529,28 +401,7 @@ static bool api_samr_query_usergroups(pipes_struct *p) static bool api_samr_query_domain_info(pipes_struct *p) { - SAMR_Q_QUERY_DOMAIN_INFO q_u; - SAMR_R_QUERY_DOMAIN_INFO r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!samr_io_q_query_domain_info("", &q_u, data, 0)) { - DEBUG(0,("api_samr_query_domain_info: unable to unmarshall SAMR_Q_QUERY_DOMAIN_INFO.\n")); - return False; - } - - r_u.status = _samr_query_domain_info(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!samr_io_r_query_domain_info("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_query_domain_info: unable to marshall SAMR_R_QUERY_DOMAIN_INFO.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_QUERYDOMAININFO); } /******************************************************************* @@ -559,30 +410,7 @@ static bool api_samr_query_domain_info(pipes_struct *p) static bool api_samr_create_user(pipes_struct *p) { - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - SAMR_Q_CREATE_USER q_u; - SAMR_R_CREATE_USER r_u; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the samr create user */ - if (!samr_io_q_create_user("", &q_u, data, 0)) { - DEBUG(0,("api_samr_create_user: Unable to unmarshall SAMR_Q_CREATE_USER.\n")); - return False; - } - - r_u.status=_samr_create_user(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!samr_io_r_create_user("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_create_user: Unable to marshall SAMR_R_CREATE_USER.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_CREATEUSER2); } /******************************************************************* @@ -591,29 +419,7 @@ static bool api_samr_create_user(pipes_struct *p) static bool api_samr_connect_anon(pipes_struct *p) { - SAMR_Q_CONNECT_ANON q_u; - SAMR_R_CONNECT_ANON r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the samr open policy */ - if(!samr_io_q_connect_anon("", &q_u, data, 0)) { - DEBUG(0,("api_samr_connect_anon: unable to unmarshall SAMR_Q_CONNECT_ANON.\n")); - return False; - } - - r_u.status = _samr_connect_anon(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!samr_io_r_connect_anon("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_connect_anon: unable to marshall SAMR_R_CONNECT_ANON.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_CONNECT); } /******************************************************************* @@ -622,29 +428,7 @@ static bool api_samr_connect_anon(pipes_struct *p) static bool api_samr_connect(pipes_struct *p) { - SAMR_Q_CONNECT q_u; - SAMR_R_CONNECT r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the samr open policy */ - if(!samr_io_q_connect("", &q_u, data, 0)) { - DEBUG(0,("api_samr_connect: unable to unmarshall SAMR_Q_CONNECT.\n")); - return False; - } - - r_u.status = _samr_connect(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!samr_io_r_connect("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_connect: unable to marshall SAMR_R_CONNECT.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_CONNECT2); } /******************************************************************* @@ -653,29 +437,7 @@ static bool api_samr_connect(pipes_struct *p) static bool api_samr_connect4(pipes_struct *p) { - SAMR_Q_CONNECT4 q_u; - SAMR_R_CONNECT4 r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the samr open policy */ - if(!samr_io_q_connect4("", &q_u, data, 0)) { - DEBUG(0,("api_samr_connect4: unable to unmarshall SAMR_Q_CONNECT4.\n")); - return False; - } - - r_u.status = _samr_connect4(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!samr_io_r_connect4("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_connect4: unable to marshall SAMR_R_CONNECT4.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_CONNECT4); } /******************************************************************* @@ -715,29 +477,7 @@ static bool api_samr_chgpasswd_user3(pipes_struct *p) static bool api_samr_connect5(pipes_struct *p) { - SAMR_Q_CONNECT5 q_u; - SAMR_R_CONNECT5 r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the samr open policy */ - if(!samr_io_q_connect5("", &q_u, data, 0)) { - DEBUG(0,("api_samr_connect5: unable to unmarshall SAMR_Q_CONNECT5.\n")); - return False; - } - - r_u.status = _samr_connect5(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!samr_io_r_connect5("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_connect5: unable to marshall SAMR_R_CONNECT5.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_CONNECT5); } /********************************************************************** @@ -746,27 +486,7 @@ static bool api_samr_connect5(pipes_struct *p) static bool api_samr_lookup_domain(pipes_struct *p) { - SAMR_Q_LOOKUP_DOMAIN q_u; - SAMR_R_LOOKUP_DOMAIN r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!samr_io_q_lookup_domain("", &q_u, data, 0)) { - DEBUG(0,("api_samr_lookup_domain: Unable to unmarshall SAMR_Q_LOOKUP_DOMAIN.\n")); - return False; - } - - r_u.status = _samr_lookup_domain(p, &q_u, &r_u); - - if(!samr_io_r_lookup_domain("", &r_u, rdata, 0)){ - DEBUG(0,("api_samr_lookup_domain: Unable to marshall SAMR_R_LOOKUP_DOMAIN.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_LOOKUPDOMAIN); } /********************************************************************** @@ -779,7 +499,7 @@ static bool api_samr_enum_domains(pipes_struct *p) SAMR_R_ENUM_DOMAINS r_u; prs_struct *data = &p->in_data.data; prs_struct *rdata = &p->out_data.rdata; - + ZERO_STRUCT(q_u); ZERO_STRUCT(r_u); @@ -794,7 +514,7 @@ static bool api_samr_enum_domains(pipes_struct *p) DEBUG(0,("api_samr_enum_domains: Unable to marshall SAMR_R_ENUM_DOMAINS.\n")); return False; } - + return True; } @@ -804,29 +524,7 @@ static bool api_samr_enum_domains(pipes_struct *p) static bool api_samr_open_alias(pipes_struct *p) { - SAMR_Q_OPEN_ALIAS q_u; - SAMR_R_OPEN_ALIAS r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the samr open policy */ - if(!samr_io_q_open_alias("", &q_u, data, 0)) { - DEBUG(0,("api_samr_open_alias: Unable to unmarshall SAMR_Q_OPEN_ALIAS.\n")); - return False; - } - - r_u.status=_samr_open_alias(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!samr_io_r_open_alias("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_open_alias: Unable to marshall SAMR_R_OPEN_ALIAS.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_OPENALIAS); } /******************************************************************* @@ -900,28 +598,7 @@ static bool api_samr_set_userinfo2(pipes_struct *p) static bool api_samr_query_useraliases(pipes_struct *p) { - SAMR_Q_QUERY_USERALIASES q_u; - SAMR_R_QUERY_USERALIASES r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_query_useraliases("", &q_u, data, 0)) { - DEBUG(0,("api_samr_query_useraliases: Unable to unmarshall SAMR_Q_QUERY_USERALIASES.\n")); - return False; - } - - r_u.status = _samr_query_useraliases(p, &q_u, &r_u); - - if (! samr_io_r_query_useraliases("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_query_useraliases: Unable to nmarshall SAMR_R_QUERY_USERALIASES.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_GETALIASMEMBERSHIP); } /******************************************************************* @@ -930,28 +607,7 @@ static bool api_samr_query_useraliases(pipes_struct *p) static bool api_samr_query_aliasmem(pipes_struct *p) { - SAMR_Q_QUERY_ALIASMEM q_u; - SAMR_R_QUERY_ALIASMEM r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_query_aliasmem("", &q_u, data, 0)) { - DEBUG(0,("api_samr_query_aliasmem: unable to unmarshall SAMR_Q_QUERY_ALIASMEM.\n")); - return False; - } - - r_u.status = _samr_query_aliasmem(p, &q_u, &r_u); - - if (!samr_io_r_query_aliasmem("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_query_aliasmem: unable to marshall SAMR_R_QUERY_ALIASMEM.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_GETMEMBERSINALIAS); } /******************************************************************* @@ -960,28 +616,7 @@ static bool api_samr_query_aliasmem(pipes_struct *p) static bool api_samr_query_groupmem(pipes_struct *p) { - SAMR_Q_QUERY_GROUPMEM q_u; - SAMR_R_QUERY_GROUPMEM r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_query_groupmem("", &q_u, data, 0)) { - DEBUG(0,("api_samr_query_groupmem: unable to unmarshall SAMR_Q_QUERY_GROUPMEM.\n")); - return False; - } - - r_u.status = _samr_query_groupmem(p, &q_u, &r_u); - - if (!samr_io_r_query_groupmem("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_query_groupmem: unable to marshall SAMR_R_QUERY_GROUPMEM.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_QUERYGROUPMEMBER); } /******************************************************************* @@ -990,28 +625,7 @@ static bool api_samr_query_groupmem(pipes_struct *p) static bool api_samr_add_aliasmem(pipes_struct *p) { - SAMR_Q_ADD_ALIASMEM q_u; - SAMR_R_ADD_ALIASMEM r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_add_aliasmem("", &q_u, data, 0)) { - DEBUG(0,("api_samr_add_aliasmem: unable to unmarshall SAMR_Q_ADD_ALIASMEM.\n")); - return False; - } - - r_u.status = _samr_add_aliasmem(p, &q_u, &r_u); - - if (!samr_io_r_add_aliasmem("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_add_aliasmem: unable to marshall SAMR_R_ADD_ALIASMEM.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_ADDALIASMEMBER); } /******************************************************************* @@ -1020,28 +634,7 @@ static bool api_samr_add_aliasmem(pipes_struct *p) static bool api_samr_del_aliasmem(pipes_struct *p) { - SAMR_Q_DEL_ALIASMEM q_u; - SAMR_R_DEL_ALIASMEM r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_del_aliasmem("", &q_u, data, 0)) { - DEBUG(0,("api_samr_del_aliasmem: unable to unmarshall SAMR_Q_DEL_ALIASMEM.\n")); - return False; - } - - r_u.status = _samr_del_aliasmem(p, &q_u, &r_u); - - if (!samr_io_r_del_aliasmem("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_del_aliasmem: unable to marshall SAMR_R_DEL_ALIASMEM.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_DELETEALIASMEMBER); } /******************************************************************* @@ -1050,28 +643,7 @@ static bool api_samr_del_aliasmem(pipes_struct *p) static bool api_samr_add_groupmem(pipes_struct *p) { - SAMR_Q_ADD_GROUPMEM q_u; - SAMR_R_ADD_GROUPMEM r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_add_groupmem("", &q_u, data, 0)) { - DEBUG(0,("api_samr_add_groupmem: unable to unmarshall SAMR_Q_ADD_GROUPMEM.\n")); - return False; - } - - r_u.status = _samr_add_groupmem(p, &q_u, &r_u); - - if (!samr_io_r_add_groupmem("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_add_groupmem: unable to marshall SAMR_R_ADD_GROUPMEM.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_ADDGROUPMEMBER); } /******************************************************************* @@ -1080,28 +652,7 @@ static bool api_samr_add_groupmem(pipes_struct *p) static bool api_samr_del_groupmem(pipes_struct *p) { - SAMR_Q_DEL_GROUPMEM q_u; - SAMR_R_DEL_GROUPMEM r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_del_groupmem("", &q_u, data, 0)) { - DEBUG(0,("api_samr_del_groupmem: unable to unmarshall SAMR_Q_DEL_GROUPMEM.\n")); - return False; - } - - r_u.status = _samr_del_groupmem(p, &q_u, &r_u); - - if (!samr_io_r_del_groupmem("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_del_groupmem: unable to marshall SAMR_R_DEL_GROUPMEM.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_DELETEGROUPMEMBER); } /******************************************************************* @@ -1110,28 +661,7 @@ static bool api_samr_del_groupmem(pipes_struct *p) static bool api_samr_delete_dom_user(pipes_struct *p) { - SAMR_Q_DELETE_DOM_USER q_u; - SAMR_R_DELETE_DOM_USER r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_delete_dom_user("", &q_u, data, 0)) { - DEBUG(0,("api_samr_delete_dom_user: unable to unmarshall SAMR_Q_DELETE_DOM_USER.\n")); - return False; - } - - r_u.status = _samr_delete_dom_user(p, &q_u, &r_u); - - if (!samr_io_r_delete_dom_user("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_delete_dom_user: unable to marshall SAMR_R_DELETE_DOM_USER.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_DELETEUSER); } /******************************************************************* @@ -1140,28 +670,7 @@ static bool api_samr_delete_dom_user(pipes_struct *p) static bool api_samr_delete_dom_group(pipes_struct *p) { - SAMR_Q_DELETE_DOM_GROUP q_u; - SAMR_R_DELETE_DOM_GROUP r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_delete_dom_group("", &q_u, data, 0)) { - DEBUG(0,("api_samr_delete_dom_group: unable to unmarshall SAMR_Q_DELETE_DOM_GROUP.\n")); - return False; - } - - r_u.status = _samr_delete_dom_group(p, &q_u, &r_u); - - if (!samr_io_r_delete_dom_group("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_delete_dom_group: unable to marshall SAMR_R_DELETE_DOM_GROUP.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_DELETEDOMAINGROUP); } /******************************************************************* @@ -1170,28 +679,7 @@ static bool api_samr_delete_dom_group(pipes_struct *p) static bool api_samr_delete_dom_alias(pipes_struct *p) { - SAMR_Q_DELETE_DOM_ALIAS q_u; - SAMR_R_DELETE_DOM_ALIAS r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_delete_dom_alias("", &q_u, data, 0)) { - DEBUG(0,("api_samr_delete_dom_alias: unable to unmarshall SAMR_Q_DELETE_DOM_ALIAS.\n")); - return False; - } - - r_u.status = _samr_delete_dom_alias(p, &q_u, &r_u); - - if (!samr_io_r_delete_dom_alias("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_delete_dom_alias: unable to marshall SAMR_R_DELETE_DOM_ALIAS.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_DELETEDOMALIAS); } /******************************************************************* @@ -1200,28 +688,7 @@ static bool api_samr_delete_dom_alias(pipes_struct *p) static bool api_samr_create_dom_group(pipes_struct *p) { - SAMR_Q_CREATE_DOM_GROUP q_u; - SAMR_R_CREATE_DOM_GROUP r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_create_dom_group("", &q_u, data, 0)) { - DEBUG(0,("api_samr_create_dom_group: unable to unmarshall SAMR_Q_CREATE_DOM_GROUP.\n")); - return False; - } - - r_u.status = _samr_create_dom_group(p, &q_u, &r_u); - - if (!samr_io_r_create_dom_group("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_create_dom_group: unable to marshall SAMR_R_CREATE_DOM_GROUP.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_CREATEDOMAINGROUP); } /******************************************************************* @@ -1230,28 +697,7 @@ static bool api_samr_create_dom_group(pipes_struct *p) static bool api_samr_create_dom_alias(pipes_struct *p) { - SAMR_Q_CREATE_DOM_ALIAS q_u; - SAMR_R_CREATE_DOM_ALIAS r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_create_dom_alias("", &q_u, data, 0)) { - DEBUG(0,("api_samr_create_dom_alias: unable to unmarshall SAMR_Q_CREATE_DOM_ALIAS.\n")); - return False; - } - - r_u.status = _samr_create_dom_alias(p, &q_u, &r_u); - - if (!samr_io_r_create_dom_alias("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_create_dom_alias: unable to marshall SAMR_R_CREATE_DOM_ALIAS.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_CREATEDOMALIAS); } /******************************************************************* @@ -1359,28 +805,7 @@ static bool api_samr_get_dom_pwinfo(pipes_struct *p) static bool api_samr_open_group(pipes_struct *p) { - SAMR_Q_OPEN_GROUP q_u; - SAMR_R_OPEN_GROUP r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_open_group("", &q_u, data, 0)) { - DEBUG(0,("api_samr_open_group: unable to unmarshall SAMR_Q_OPEN_GROUP.\n")); - return False; - } - - r_u.status = _samr_open_group(p, &q_u, &r_u); - - if (!samr_io_r_open_group("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_open_group: unable to marshall SAMR_R_OPEN_GROUP.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_OPENGROUP); } /******************************************************************* @@ -1389,28 +814,7 @@ static bool api_samr_open_group(pipes_struct *p) static bool api_samr_remove_sid_foreign_domain(pipes_struct *p) { - SAMR_Q_REMOVE_SID_FOREIGN_DOMAIN q_u; - SAMR_R_REMOVE_SID_FOREIGN_DOMAIN r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if (!samr_io_q_remove_sid_foreign_domain("", &q_u, data, 0)) { - DEBUG(0,("api_samr_remove_sid_foreign_domain: unable to unmarshall SAMR_Q_REMOVE_SID_FOREIGN_DOMAIN.\n")); - return False; - } - - r_u.status = _samr_remove_sid_foreign_domain(p, &q_u, &r_u); - - if (!samr_io_r_remove_sid_foreign_domain("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_remove_sid_foreign_domain: unable to marshall SAMR_R_REMOVE_SID_FOREIGN_DOMAIN.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_REMOVEMEMBERFROMFOREIGNDOMAIN); } /******************************************************************* @@ -1419,28 +823,7 @@ static bool api_samr_remove_sid_foreign_domain(pipes_struct *p) static bool api_samr_query_domain_info2(pipes_struct *p) { - SAMR_Q_QUERY_DOMAIN_INFO2 q_u; - SAMR_R_QUERY_DOMAIN_INFO2 r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!samr_io_q_query_domain_info2("", &q_u, data, 0)) { - DEBUG(0,("api_samr_query_domain_info2: unable to unmarshall SAMR_Q_QUERY_DOMAIN_INFO2.\n")); - return False; - } - - r_u.status = _samr_query_domain_info2(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!samr_io_r_query_domain_info2("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_query_domain_info2: unable to marshall SAMR_R_QUERY_DOMAIN_INFO2.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_QUERYDOMAININFO2); } /******************************************************************* @@ -1449,28 +832,7 @@ static bool api_samr_query_domain_info2(pipes_struct *p) static bool api_samr_set_dom_info(pipes_struct *p) { - SAMR_Q_SET_DOMAIN_INFO q_u; - SAMR_R_SET_DOMAIN_INFO r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!samr_io_q_set_domain_info("", &q_u, data, 0)) { - DEBUG(0,("api_samr_set_dom_info: unable to unmarshall SAMR_Q_SET_DOMAIN_INFO.\n")); - return False; - } - - r_u.status = _samr_set_dom_info(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!samr_io_r_set_domain_info("", &r_u, rdata, 0)) { - DEBUG(0,("api_samr_set_dom_info: unable to marshall SAMR_R_SET_DOMAIN_INFO.\n")); - return False; - } - - return True; + return proxy_samr_call(p, NDR_SAMR_SETDOMAININFO); } /******************************************************************* @@ -1484,7 +846,7 @@ static struct api_struct api_samr_cmds [] = {"SAMR_CONNECT_ANON" , SAMR_CONNECT_ANON , api_samr_connect_anon }, {"SAMR_ENUM_DOMAINS" , SAMR_ENUM_DOMAINS , api_samr_enum_domains }, {"SAMR_ENUM_DOM_USERS" , SAMR_ENUM_DOM_USERS , api_samr_enum_dom_users }, - + {"SAMR_ENUM_DOM_GROUPS" , SAMR_ENUM_DOM_GROUPS , api_samr_enum_dom_groups }, {"SAMR_ENUM_DOM_ALIASES" , SAMR_ENUM_DOM_ALIASES , api_samr_enum_dom_aliases }, {"SAMR_QUERY_USERALIASES" , SAMR_QUERY_USERALIASES, api_samr_query_useraliases}, @@ -1494,7 +856,7 @@ static struct api_struct api_samr_cmds [] = {"SAMR_DEL_ALIASMEM" , SAMR_DEL_ALIASMEM , api_samr_del_aliasmem }, {"SAMR_ADD_GROUPMEM" , SAMR_ADD_GROUPMEM , api_samr_add_groupmem }, {"SAMR_DEL_GROUPMEM" , SAMR_DEL_GROUPMEM , api_samr_del_groupmem }, - + {"SAMR_DELETE_DOM_USER" , SAMR_DELETE_DOM_USER , api_samr_delete_dom_user }, {"SAMR_DELETE_DOM_GROUP" , SAMR_DELETE_DOM_GROUP , api_samr_delete_dom_group }, {"SAMR_DELETE_DOM_ALIAS" , SAMR_DELETE_DOM_ALIAS , api_samr_delete_dom_alias }, @@ -1505,13 +867,13 @@ static struct api_struct api_samr_cmds [] = {"SAMR_QUERY_USERINFO" , SAMR_QUERY_USERINFO , api_samr_query_userinfo }, {"SAMR_SET_USERINFO" , SAMR_SET_USERINFO , api_samr_set_userinfo }, {"SAMR_SET_USERINFO2" , SAMR_SET_USERINFO2 , api_samr_set_userinfo2 }, - + {"SAMR_QUERY_DOMAIN_INFO" , SAMR_QUERY_DOMAIN_INFO, api_samr_query_domain_info}, {"SAMR_QUERY_USERGROUPS" , SAMR_QUERY_USERGROUPS , api_samr_query_usergroups }, {"SAMR_QUERY_DISPINFO" , SAMR_QUERY_DISPINFO , api_samr_query_dispinfo }, {"SAMR_QUERY_DISPINFO3" , SAMR_QUERY_DISPINFO3 , api_samr_query_dispinfo }, {"SAMR_QUERY_DISPINFO4" , SAMR_QUERY_DISPINFO4 , api_samr_query_dispinfo }, - + {"SAMR_QUERY_ALIASINFO" , SAMR_QUERY_ALIASINFO , api_samr_query_aliasinfo }, {"SAMR_QUERY_GROUPINFO" , SAMR_QUERY_GROUPINFO , api_samr_query_groupinfo }, {"SAMR_SET_GROUPINFO" , SAMR_SET_GROUPINFO , api_samr_set_groupinfo }, @@ -1525,7 +887,7 @@ static struct api_struct api_samr_cmds [] = {"SAMR_OPEN_DOMAIN" , SAMR_OPEN_DOMAIN , api_samr_open_domain }, {"SAMR_REMOVE_SID_FOREIGN_DOMAIN" , SAMR_REMOVE_SID_FOREIGN_DOMAIN , api_samr_remove_sid_foreign_domain }, {"SAMR_LOOKUP_DOMAIN" , SAMR_LOOKUP_DOMAIN , api_samr_lookup_domain }, - + {"SAMR_QUERY_SEC_OBJECT" , SAMR_QUERY_SEC_OBJECT , api_samr_query_sec_obj }, {"SAMR_SET_SEC_OBJECT" , SAMR_SET_SEC_OBJECT , api_samr_set_sec_obj }, {"SAMR_GET_USRDOM_PWINFO" , SAMR_GET_USRDOM_PWINFO, api_samr_get_usrdom_pwinfo}, diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index cf5e1a9ead..652f66cf61 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -125,12 +125,12 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd /* add Full Access 'BUILTIN\Administrators' and 'BUILTIN\Account Operators */ init_sec_access(&mask, map->generic_all); - + init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); init_sec_ace(&ace[i++], &global_sid_Builtin_Account_Operators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); /* Add Full Access for Domain Admins if we are a DC */ - + if ( IS_DC ) { sid_copy( &domadmin_sid, get_global_sam_sid() ); sid_append_rid( &domadmin_sid, DOMAIN_GROUP_RID_ADMINS ); @@ -162,57 +162,57 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd level of access for further checks. ********************************************************************/ -static NTSTATUS access_check_samr_object( SEC_DESC *psd, NT_USER_TOKEN *token, +static NTSTATUS access_check_samr_object( SEC_DESC *psd, NT_USER_TOKEN *token, SE_PRIV *rights, uint32 rights_mask, - uint32 des_access, uint32 *acc_granted, + uint32 des_access, uint32 *acc_granted, const char *debug ) { NTSTATUS status = NT_STATUS_ACCESS_DENIED; uint32 saved_mask = 0; - /* check privileges; certain SAM access bits should be overridden - by privileges (mostly having to do with creating/modifying/deleting + /* check privileges; certain SAM access bits should be overridden + by privileges (mostly having to do with creating/modifying/deleting users and groups) */ - + if ( rights && user_has_any_privilege( token, rights ) ) { - + saved_mask = (des_access & rights_mask); des_access &= ~saved_mask; - + DEBUG(4,("access_check_samr_object: user rights access mask [0x%x]\n", rights_mask)); } - - + + /* check the security descriptor first */ - + if ( se_access_check(psd, token, des_access, acc_granted, &status) ) goto done; - + /* give root a free pass */ - + if ( geteuid() == sec_initial_uid() ) { - + DEBUG(4,("%s: ACCESS should be DENIED (requested: %#010x)\n", debug, des_access)); DEBUGADD(4,("but overritten by euid == sec_initial_uid()\n")); - + *acc_granted = des_access; - + status = NT_STATUS_OK; goto done; } - - + + done: - /* add in any bits saved during the privilege check (only + /* add in any bits saved during the privilege check (only matters is status is ok) */ - + *acc_granted |= rights_mask; - DEBUG(4,("%s: access %s (requested: 0x%08x, granted: 0x%08x)\n", - debug, NT_STATUS_IS_OK(status) ? "GRANTED" : "DENIED", + DEBUG(4,("%s: access %s (requested: 0x%08x, granted: 0x%08x)\n", + debug, NT_STATUS_IS_OK(status) ? "GRANTED" : "DENIED", des_access, *acc_granted)); - + return status; } @@ -222,28 +222,28 @@ done: static NTSTATUS access_check_samr_function(uint32 acc_granted, uint32 acc_required, const char *debug) { - DEBUG(5,("%s: access check ((granted: %#010x; required: %#010x)\n", + DEBUG(5,("%s: access check ((granted: %#010x; required: %#010x)\n", debug, acc_granted, acc_required)); /* check the security descriptor first */ - + if ( (acc_granted&acc_required) == acc_required ) return NT_STATUS_OK; - + /* give root a free pass */ if (geteuid() == sec_initial_uid()) { - + DEBUG(4,("%s: ACCESS should be DENIED (granted: %#010x; required: %#010x)\n", debug, acc_granted, acc_required)); DEBUGADD(4,("but overwritten by euid == 0\n")); - + return NT_STATUS_OK; } - - DEBUG(2,("%s: ACCESS DENIED (granted: %#010x; required: %#010x)\n", + + DEBUG(2,("%s: ACCESS DENIED (granted: %#010x; required: %#010x)\n", debug, acc_granted, acc_required)); - + return NT_STATUS_ACCESS_DENIED; } @@ -278,7 +278,7 @@ static DISP_INFO *get_samr_dispinfo_by_sid(DOM_SID *psid) /* There are two cases to consider here: 1) The SID is a domain SID and we look for an equality match, or - 2) This is an account SID and so we return the DISP_INFO* for our + 2) This is an account SID and so we return the DISP_INFO* for our domain */ if (psid == NULL) { @@ -293,7 +293,7 @@ static DISP_INFO *get_samr_dispinfo_by_sid(DOM_SID *psid) return &builtin_dispinfo; } - + if (sid_check_is_domain(psid) || sid_check_is_in_our_domain(psid)) { /* * Necessary only once, but it does not really hurt. @@ -315,7 +315,7 @@ static struct samr_info *get_samr_info_by_sid(DOM_SID *psid) struct samr_info *info; fstring sid_str; TALLOC_CTX *mem_ctx; - + if (psid) { sid_to_fstring(sid_str, psid); } else { @@ -465,7 +465,7 @@ static void force_flush_samr_cache(DISP_INFO *disp_info) static void samr_clear_sam_passwd(struct samu *sam_pass) { - + if (!sam_pass) return; @@ -558,99 +558,97 @@ NTSTATUS _samr_Close(pipes_struct *p, struct samr_Close *r) } /******************************************************************* - samr_reply_open_domain + _samr_OpenDomain ********************************************************************/ -NTSTATUS _samr_open_domain(pipes_struct *p, SAMR_Q_OPEN_DOMAIN *q_u, SAMR_R_OPEN_DOMAIN *r_u) +NTSTATUS _samr_OpenDomain(pipes_struct *p, + struct samr_OpenDomain *r) { struct samr_info *info; SEC_DESC *psd = NULL; uint32 acc_granted; - uint32 des_access = q_u->flags; + uint32 des_access = r->in.access_mask; NTSTATUS status; size_t sd_size; SE_PRIV se_rights; - r_u->status = NT_STATUS_OK; - /* find the connection policy handle. */ - - if ( !find_policy_by_hnd(p, &q_u->pol, (void**)(void *)&info) ) + + if ( !find_policy_by_hnd(p, r->in.connect_handle, (void**)(void *)&info) ) return NT_STATUS_INVALID_HANDLE; - status = access_check_samr_function( info->acc_granted, - SA_RIGHT_SAM_OPEN_DOMAIN, "_samr_open_domain" ); - + status = access_check_samr_function( info->acc_granted, + SA_RIGHT_SAM_OPEN_DOMAIN, "_samr_OpenDomain" ); + if ( !NT_STATUS_IS_OK(status) ) return status; /*check if access can be granted as requested by client. */ - + make_samr_object_sd( p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0 ); se_map_generic( &des_access, &dom_generic_mapping ); - + se_priv_copy( &se_rights, &se_machine_account ); se_priv_add( &se_rights, &se_add_users ); - status = access_check_samr_object( psd, p->pipe_user.nt_user_token, - &se_rights, GENERIC_RIGHTS_DOMAIN_WRITE, des_access, - &acc_granted, "_samr_open_domain" ); - + status = access_check_samr_object( psd, p->pipe_user.nt_user_token, + &se_rights, GENERIC_RIGHTS_DOMAIN_WRITE, des_access, + &acc_granted, "_samr_OpenDomain" ); + if ( !NT_STATUS_IS_OK(status) ) return status; - if (!sid_check_is_domain(&q_u->dom_sid.sid) && - !sid_check_is_builtin(&q_u->dom_sid.sid)) { + if (!sid_check_is_domain(r->in.sid) && + !sid_check_is_builtin(r->in.sid)) { return NT_STATUS_NO_SUCH_DOMAIN; } /* associate the domain SID with the (unique) handle. */ - if ((info = get_samr_info_by_sid(&q_u->dom_sid.sid))==NULL) + if ((info = get_samr_info_by_sid(r->in.sid))==NULL) return NT_STATUS_NO_MEMORY; info->acc_granted = acc_granted; /* get a (unique) handle. open a policy on it. */ - if (!create_policy_hnd(p, &r_u->domain_pol, free_samr_info, (void *)info)) + if (!create_policy_hnd(p, r->out.domain_handle, free_samr_info, (void *)info)) return NT_STATUS_OBJECT_NAME_NOT_FOUND; - DEBUG(5,("samr_open_domain: %d\n", __LINE__)); + DEBUG(5,("_samr_OpenDomain: %d\n", __LINE__)); - return r_u->status; + return NT_STATUS_OK; } /******************************************************************* - _samr_get_usrdom_pwinfo + _samr_GetUserPwInfo ********************************************************************/ -NTSTATUS _samr_get_usrdom_pwinfo(pipes_struct *p, SAMR_Q_GET_USRDOM_PWINFO *q_u, SAMR_R_GET_USRDOM_PWINFO *r_u) +NTSTATUS _samr_GetUserPwInfo(pipes_struct *p, + struct samr_GetUserPwInfo *r) { struct samr_info *info = NULL; - r_u->status = NT_STATUS_OK; - /* find the policy handle. open a policy on it. */ - if (!find_policy_by_hnd(p, &q_u->user_pol, (void **)(void *)&info)) + if (!find_policy_by_hnd(p, r->in.user_handle, (void **)(void *)&info)) return NT_STATUS_INVALID_HANDLE; if (!sid_check_is_in_our_domain(&info->sid)) return NT_STATUS_OBJECT_TYPE_MISMATCH; - init_samr_r_get_usrdom_pwinfo(r_u, NT_STATUS_OK); + ZERO_STRUCTP(r->out.info); - DEBUG(5,("_samr_get_usrdom_pwinfo: %d\n", __LINE__)); + DEBUG(5,("_samr_GetUserPwInfo: %d\n", __LINE__)); - /* + /* * NT sometimes return NT_STATUS_ACCESS_DENIED * I don't know yet why. */ - return r_u->status; + return NT_STATUS_OK; } /******************************************************************* ********************************************************************/ -static bool get_lsa_policy_samr_sid( pipes_struct *p, POLICY_HND *pol, +static bool get_lsa_policy_samr_sid( pipes_struct *p, POLICY_HND *pol, DOM_SID *sid, uint32 *acc_granted, DISP_INFO **ppdisp_info) { @@ -673,10 +671,11 @@ static bool get_lsa_policy_samr_sid( pipes_struct *p, POLICY_HND *pol, } /******************************************************************* - _samr_set_sec_obj + _samr_SetSecurity ********************************************************************/ -NTSTATUS _samr_set_sec_obj(pipes_struct *p, SAMR_Q_SET_SEC_OBJ *q_u, SAMR_R_SET_SEC_OBJ *r_u) +NTSTATUS _samr_SetSecurity(pipes_struct *p, + struct samr_SetSecurity *r) { DOM_SID pol_sid; uint32 acc_granted, i; @@ -685,9 +684,7 @@ NTSTATUS _samr_set_sec_obj(pipes_struct *p, SAMR_Q_SET_SEC_OBJ *q_u, SAMR_R_SET_ struct samu *sampass=NULL; NTSTATUS status; - r_u->status = NT_STATUS_OK; - - if (!get_lsa_policy_samr_sid(p, &q_u->pol, &pol_sid, &acc_granted, NULL)) + if (!get_lsa_policy_samr_sid(p, r->in.handle, &pol_sid, &acc_granted, NULL)) return NT_STATUS_INVALID_HANDLE; if (!(sampass = samu_new( p->mem_ctx))) { @@ -706,12 +703,12 @@ NTSTATUS _samr_set_sec_obj(pipes_struct *p, SAMR_Q_SET_SEC_OBJ *q_u, SAMR_R_SET_ return NT_STATUS_INVALID_HANDLE; } - dacl = q_u->buf->sd->dacl; + dacl = r->in.sdbuf->sd->dacl; for (i=0; i < dacl->num_aces; i++) { if (sid_equal(&pol_sid, &dacl->aces[i].trustee)) { - ret = pdb_set_pass_can_change(sampass, - (dacl->aces[i].access_mask & - SA_RIGHT_USER_CHANGE_PASSWORD) ? + ret = pdb_set_pass_can_change(sampass, + (dacl->aces[i].access_mask & + SA_RIGHT_USER_CHANGE_PASSWORD) ? True: False); break; } @@ -722,7 +719,7 @@ NTSTATUS _samr_set_sec_obj(pipes_struct *p, SAMR_Q_SET_SEC_OBJ *q_u, SAMR_R_SET_ return NT_STATUS_ACCESS_DENIED; } - status = access_check_samr_function(acc_granted, SA_RIGHT_USER_SET_ATTRIBUTES, "_samr_set_sec_obj"); + status = access_check_samr_function(acc_granted, SA_RIGHT_USER_SET_ATTRIBUTES, "_samr_SetSecurity"); if (NT_STATUS_IS_OK(status)) { become_root(); status = pdb_update_sam_account(sampass); @@ -769,66 +766,63 @@ static bool check_change_pw_access(TALLOC_CTX *mem_ctx, DOM_SID *user_sid) /******************************************************************* - _samr_query_sec_obj + _samr_QuerySecurity ********************************************************************/ -NTSTATUS _samr_query_sec_obj(pipes_struct *p, SAMR_Q_QUERY_SEC_OBJ *q_u, SAMR_R_QUERY_SEC_OBJ *r_u) +NTSTATUS _samr_QuerySecurity(pipes_struct *p, + struct samr_QuerySecurity *r) { + NTSTATUS status; DOM_SID pol_sid; SEC_DESC * psd = NULL; uint32 acc_granted; size_t sd_size; - r_u->status = NT_STATUS_OK; - /* Get the SID. */ - if (!get_lsa_policy_samr_sid(p, &q_u->user_pol, &pol_sid, &acc_granted, NULL)) + if (!get_lsa_policy_samr_sid(p, r->in.handle, &pol_sid, &acc_granted, NULL)) return NT_STATUS_INVALID_HANDLE; - DEBUG(10,("_samr_query_sec_obj: querying security on SID: %s\n", + DEBUG(10,("_samr_QuerySecurity: querying security on SID: %s\n", sid_string_dbg(&pol_sid))); /* Check what typ of SID is beeing queried (e.g Domain SID, User SID, Group SID) */ /* To query the security of the SAM it self an invalid SID with S-0-0 is passed to this function */ if (pol_sid.sid_rev_num == 0) { - DEBUG(5,("_samr_query_sec_obj: querying security on SAM\n")); - r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0); - } else if (sid_equal(&pol_sid,get_global_sam_sid())) { + DEBUG(5,("_samr_QuerySecurity: querying security on SAM\n")); + status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0); + } else if (sid_equal(&pol_sid,get_global_sam_sid())) { /* check if it is our domain SID */ - DEBUG(5,("_samr_query_sec_obj: querying security on Domain " + DEBUG(5,("_samr_QuerySecurity: querying security on Domain " "with SID: %s\n", sid_string_dbg(&pol_sid))); - r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0); + status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0); } else if (sid_equal(&pol_sid,&global_sid_Builtin)) { /* check if it is the Builtin Domain */ /* TODO: Builtin probably needs a different SD with restricted write access*/ - DEBUG(5,("_samr_query_sec_obj: querying security on Builtin " + DEBUG(5,("_samr_QuerySecurity: querying security on Builtin " "Domain with SID: %s\n", sid_string_dbg(&pol_sid))); - r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0); + status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0); } else if (sid_check_is_in_our_domain(&pol_sid) || sid_check_is_in_builtin(&pol_sid)) { /* TODO: different SDs have to be generated for aliases groups and users. Currently all three get a default user SD */ - DEBUG(10,("_samr_query_sec_obj: querying security on Object " + DEBUG(10,("_samr_QuerySecurity: querying security on Object " "with SID: %s\n", sid_string_dbg(&pol_sid))); if (check_change_pw_access(p->mem_ctx, &pol_sid)) { - r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping, + status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping, &pol_sid, SAMR_USR_RIGHTS_WRITE_PW); } else { - r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_nopwchange_generic_mapping, + status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_nopwchange_generic_mapping, &pol_sid, SAMR_USR_RIGHTS_CANT_WRITE_PW); } } else { return NT_STATUS_OBJECT_TYPE_MISMATCH; } - if ((r_u->buf = make_sec_desc_buf(p->mem_ctx, sd_size, psd)) == NULL) + if ((*r->out.sdbuf = make_sec_desc_buf(p->mem_ctx, sd_size, psd)) == NULL) return NT_STATUS_NO_MEMORY; - if (NT_STATUS_IS_OK(r_u->status)) - r_u->ptr = 1; - - return r_u->status; + return status; } /******************************************************************* @@ -843,7 +837,7 @@ static NTSTATUS make_user_sam_entry_list(TALLOC_CTX *ctx, SAM_ENTRY **sam_pp, uint32 i; SAM_ENTRY *sam; UNISTR2 *uni_name; - + *sam_pp = NULL; *uni_name_pp = NULL; @@ -886,7 +880,7 @@ static NTSTATUS make_user_sam_entry_list(TALLOC_CTX *ctx, SAM_ENTRY **sam_pp, samr_reply_enum_dom_users ********************************************************************/ -NTSTATUS _samr_enum_dom_users(pipes_struct *p, SAMR_Q_ENUM_DOM_USERS *q_u, +NTSTATUS _samr_enum_dom_users(pipes_struct *p, SAMR_Q_ENUM_DOM_USERS *q_u, SAMR_R_ENUM_DOM_USERS *r_u) { struct samr_info *info = NULL; @@ -896,19 +890,19 @@ NTSTATUS _samr_enum_dom_users(pipes_struct *p, SAMR_Q_ENUM_DOM_USERS *q_u, int max_sam_entries = (ra_type == RA_WIN95) ? MAX_SAM_ENTRIES_W95 : MAX_SAM_ENTRIES_W2K; uint32 max_entries = max_sam_entries; struct samr_displayentry *entries = NULL; - + r_u->status = NT_STATUS_OK; /* find the policy handle. open a policy on it. */ if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info)) return NT_STATUS_INVALID_HANDLE; - if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(info->acc_granted, - SA_RIGHT_DOMAIN_ENUM_ACCOUNTS, + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(info->acc_granted, + SA_RIGHT_DOMAIN_ENUM_ACCOUNTS, "_samr_enum_dom_users"))) { return r_u->status; } - + DEBUG(5,("_samr_enum_dom_users: %d\n", __LINE__)); if (info->builtin_domain) { @@ -955,7 +949,7 @@ NTSTATUS _samr_enum_dom_users(pipes_struct *p, SAMR_Q_ENUM_DOM_USERS *q_u, } r_u->status = make_user_sam_entry_list(p->mem_ctx, &r_u->sam, - &r_u->uni_acct_name, + &r_u->uni_acct_name, num_account, enum_context, entries); @@ -1068,7 +1062,7 @@ NTSTATUS _samr_enum_dom_groups(pipes_struct *p, SAMR_Q_ENUM_DOM_GROUPS *q_u, SAM num_groups = pdb_search_entries(info->disp_info->groups, q_u->start_idx, MAX_SAM_ENTRIES, &groups); unbecome_root(); - + /* Ensure we cache this enumeration. */ set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT); @@ -1118,7 +1112,7 @@ NTSTATUS _samr_enum_dom_aliases(pipes_struct *p, SAMR_Q_ENUM_DOM_ALIASES *q_u, S num_aliases = pdb_search_entries(info->disp_info->aliases, q_u->start_idx, MAX_SAM_ENTRIES, &aliases); unbecome_root(); - + /* Ensure we cache this enumeration. */ set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT); @@ -1137,12 +1131,12 @@ NTSTATUS _samr_enum_dom_aliases(pipes_struct *p, SAMR_Q_ENUM_DOM_ALIASES *q_u, S samr_reply_query_dispinfo ********************************************************************/ -NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, +NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, SAMR_R_QUERY_DISPINFO *r_u) { struct samr_info *info = NULL; uint32 struct_size=0x20; /* W2K always reply that, client doesn't care */ - + uint32 max_entries=q_u->max_entries; uint32 enum_context=q_u->start_idx; uint32 max_size=q_u->max_size; @@ -1164,7 +1158,7 @@ NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, /* * calculate how many entries we will return. - * based on + * based on * - the number of entries the client asked * - our limit on that * - the starting point (enumeration context) @@ -1208,7 +1202,7 @@ NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, * return */ temp_size=max_entries*struct_size; - + if (temp_size>max_size) { max_entries=MIN((max_size/struct_size),max_entries);; DEBUG(5, ("samr_reply_query_dispinfo: buffer size limits to " @@ -1371,11 +1365,11 @@ NTSTATUS _samr_query_aliasinfo(pipes_struct *p, SAMR_Q_QUERY_ALIASINFO *q_u, SAM become_root(); status = pdb_get_aliasinfo(&sid, &info); unbecome_root(); - + if ( !NT_STATUS_IS_OK(status)) return status; - if ( !(r_u->ctr = TALLOC_ZERO_P( p->mem_ctx, ALIAS_INFO_CTR )) ) + if ( !(r_u->ctr = TALLOC_ZERO_P( p->mem_ctx, ALIAS_INFO_CTR )) ) return NT_STATUS_NO_MEMORY; @@ -1481,7 +1475,7 @@ NTSTATUS _samr_lookup_names(pipes_struct *p, SAMR_Q_LOOKUP_NAMES *q_u, SAMR_R_LO init_samr_r_lookup_names(p->mem_ctx, r_u, 0, NULL, NULL, NT_STATUS_OBJECT_TYPE_MISMATCH); return r_u->status; } - + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, 0, "_samr_lookup_names"))) { /* Don't know the acc_bits yet */ return r_u->status; } @@ -1493,7 +1487,7 @@ NTSTATUS _samr_lookup_names(pipes_struct *p, SAMR_Q_LOOKUP_NAMES *q_u, SAMR_R_LO DEBUG(5,("_samr_lookup_names: looking name on SID %s\n", sid_string_dbg(&pol_sid))); - + for (i = 0; i < num_rids; i++) { fstring name; int ret; @@ -1530,43 +1524,41 @@ NTSTATUS _samr_lookup_names(pipes_struct *p, SAMR_Q_LOOKUP_NAMES *q_u, SAMR_R_LO } /******************************************************************* - _samr_chgpasswd_user + _samr_ChangePasswordUser2 ********************************************************************/ +NTSTATUS _samr_ChangePasswordUser2(pipes_struct *p, + struct samr_ChangePasswordUser2 *r) -NTSTATUS _samr_chgpasswd_user(pipes_struct *p, SAMR_Q_CHGPASSWD_USER *q_u, SAMR_R_CHGPASSWD_USER *r_u) { + NTSTATUS status; fstring user_name; fstring wks; - DEBUG(5,("_samr_chgpasswd_user: %d\n", __LINE__)); + DEBUG(5,("_samr_ChangePasswordUser2: %d\n", __LINE__)); - r_u->status = NT_STATUS_OK; + fstrcpy(user_name, r->in.account->string); + fstrcpy(wks, r->in.server->string); - rpcstr_pull(user_name, q_u->uni_user_name.buffer, sizeof(user_name), q_u->uni_user_name.uni_str_len*2, 0); - rpcstr_pull(wks, q_u->uni_dest_host.buffer, sizeof(wks), q_u->uni_dest_host.uni_str_len*2,0); - - DEBUG(5,("samr_chgpasswd_user: user: %s wks: %s\n", user_name, wks)); + DEBUG(5,("_samr_ChangePasswordUser2: user: %s wks: %s\n", user_name, wks)); /* * Pass the user through the NT -> unix user mapping * function. */ - + (void)map_username(user_name); - + /* - * UNIX username case mangling not required, pass_oem_change + * UNIX username case mangling not required, pass_oem_change * is case insensitive. */ - r_u->status = pass_oem_change(user_name, q_u->lm_newpass.pass, q_u->lm_oldhash.hash, - q_u->nt_newpass.pass, q_u->nt_oldhash.hash, NULL); - - init_samr_r_chgpasswd_user(r_u, r_u->status); + status = pass_oem_change(user_name, r->in.lm_password->data, r->in.lm_verifier->hash, + r->in.nt_password->data, r->in.nt_verifier->hash, NULL); - DEBUG(5,("_samr_chgpasswd_user: %d\n", __LINE__)); + DEBUG(5,("_samr_ChangePasswordUser2: %d\n", __LINE__)); - return r_u->status; + return status; } /******************************************************************* @@ -1592,18 +1584,18 @@ NTSTATUS _samr_chgpasswd_user3(pipes_struct *p, SAMR_Q_CHGPASSWD_USER3 *q_u, SAM * Pass the user through the NT -> unix user mapping * function. */ - + (void)map_username(user_name); - + /* - * UNIX username case mangling not required, pass_oem_change + * UNIX username case mangling not required, pass_oem_change * is case insensitive. */ r_u->status = pass_oem_change(user_name, q_u->lm_newpass.pass, q_u->lm_oldhash.hash, q_u->nt_newpass.pass, q_u->nt_oldhash.hash, &reject_reason); - if (NT_STATUS_EQUAL(r_u->status, NT_STATUS_PASSWORD_RESTRICTION) || + if (NT_STATUS_EQUAL(r_u->status, NT_STATUS_PASSWORD_RESTRICTION) || NT_STATUS_EQUAL(r_u->status, NT_STATUS_ACCOUNT_RESTRICTION)) { uint32 min_pass_len,pass_hist,password_properties; @@ -1642,18 +1634,18 @@ NTSTATUS _samr_chgpasswd_user3(pipes_struct *p, SAMR_Q_CHGPASSWD_USER3 *q_u, SAM u_min_age = account_policy_temp; /* !AS ROOT */ - + unbecome_root(); unix_to_nt_time_abs(&nt_expire, u_expire); unix_to_nt_time_abs(&nt_min_age, u_min_age); - init_unk_info1(info, (uint16)min_pass_len, (uint16)pass_hist, + init_unk_info1(info, (uint16)min_pass_len, (uint16)pass_hist, password_properties, nt_expire, nt_min_age); reject->reject_reason = reject_reason; } - + init_samr_r_chgpasswd_user3(r_u, r_u->status, reject, info); DEBUG(5,("_samr_chgpasswd_user3: %d\n", __LINE__)); @@ -1767,34 +1759,33 @@ NTSTATUS _samr_lookup_rids(pipes_struct *p, SAMR_Q_LOOKUP_RIDS *q_u, SAMR_R_LOOK } /******************************************************************* - _samr_open_user. Safe - gives out no passwd info. - ********************************************************************/ + _samr_OpenUser +********************************************************************/ -NTSTATUS _samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN_USER *r_u) +NTSTATUS _samr_OpenUser(pipes_struct *p, + struct samr_OpenUser *r) { struct samu *sampass=NULL; DOM_SID sid; - POLICY_HND domain_pol = q_u->domain_pol; - POLICY_HND *user_pol = &r_u->user_pol; + POLICY_HND domain_pol = *r->in.domain_handle; + POLICY_HND *user_pol = r->out.user_handle; struct samr_info *info = NULL; SEC_DESC *psd = NULL; uint32 acc_granted; - uint32 des_access = q_u->access_mask; + uint32 des_access = r->in.access_mask; size_t sd_size; bool ret; NTSTATUS nt_status; SE_PRIV se_rights; - r_u->status = NT_STATUS_OK; - /* find the domain policy handle and get domain SID / access bits in the domain policy. */ - + if ( !get_lsa_policy_samr_sid(p, &domain_pol, &sid, &acc_granted, NULL) ) return NT_STATUS_INVALID_HANDLE; - - nt_status = access_check_samr_function( acc_granted, - SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_open_user" ); - + + nt_status = access_check_samr_function( acc_granted, + SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_OpenUser" ); + if ( !NT_STATUS_IS_OK(nt_status) ) return nt_status; @@ -1803,22 +1794,22 @@ NTSTATUS _samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN_USE } /* append the user's RID to it */ - - if (!sid_append_rid(&sid, q_u->user_rid)) + + if (!sid_append_rid(&sid, r->in.rid)) return NT_STATUS_NO_SUCH_USER; - + /* check if access can be granted as requested by client. */ - + make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping, &sid, SAMR_USR_RIGHTS_WRITE_PW); se_map_generic(&des_access, &usr_generic_mapping); - + se_priv_copy( &se_rights, &se_machine_account ); se_priv_add( &se_rights, &se_add_users ); - - nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, - &se_rights, GENERIC_RIGHTS_USER_WRITE, des_access, - &acc_granted, "_samr_open_user"); - + + nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, + &se_rights, GENERIC_RIGHTS_USER_WRITE, des_access, + &acc_granted, "_samr_OpenUser"); + if ( !NT_STATUS_IS_OK(nt_status) ) return nt_status; @@ -1842,7 +1833,7 @@ NTSTATUS _samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN_USE if (!create_policy_hnd(p, user_pol, free_samr_info, (void *)info)) return NT_STATUS_OBJECT_NAME_NOT_FOUND; - return r_u->status; + return NT_STATUS_OK; } /************************************************************************* @@ -1857,7 +1848,7 @@ static NTSTATUS get_user_info_7(TALLOC_CTX *mem_ctx, SAM_USER_INFO_7 *id7, DOM_S if ( !(smbpass = samu_new( mem_ctx )) ) { return NT_STATUS_NO_MEMORY; } - + become_root(); ret = pdb_getsampwsid(smbpass, user_sid); unbecome_root(); @@ -1943,7 +1934,7 @@ static NTSTATUS get_user_info_16(TALLOC_CTX *mem_ctx, SAM_USER_INFO_16 *id16, DO /************************************************************************* get_user_info_18. OK - this is the killer as it gives out password info. Ensure that this is only allowed on an encrypted connection with a root - user. JRA. + user. JRA. *************************************************************************/ static NTSTATUS get_user_info_18(pipes_struct *p, TALLOC_CTX *mem_ctx, SAM_USER_INFO_18 * id18, DOM_SID *user_sid) @@ -1984,7 +1975,7 @@ static NTSTATUS get_user_info_18(pipes_struct *p, TALLOC_CTX *mem_ctx, SAM_USER_ ZERO_STRUCTP(id18); init_sam_user_info18(id18, pdb_get_lanman_passwd(smbpass), pdb_get_nt_passwd(smbpass)); - + TALLOC_FREE(smbpass); return NT_STATUS_OK; @@ -2018,7 +2009,7 @@ static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx, SAM_USER_INFO_20 *id20, DO ZERO_STRUCTP(id20); init_sam_user_info20A(id20, sampass); - + TALLOC_FREE(sampass); return NT_STATUS_OK; @@ -2028,7 +2019,7 @@ static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx, SAM_USER_INFO_20 *id20, DO get_user_info_21 *************************************************************************/ -static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx, SAM_USER_INFO_21 *id21, +static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx, SAM_USER_INFO_21 *id21, DOM_SID *user_sid, DOM_SID *domain_sid) { struct samu *sampass=NULL; @@ -2054,7 +2045,7 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx, SAM_USER_INFO_21 *id21, ZERO_STRUCTP(id21); nt_status = init_sam_user_info21A(id21, sampass, domain_sid); - + TALLOC_FREE(sampass); return nt_status; @@ -2070,7 +2061,7 @@ NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_ struct samr_info *info = NULL; DOM_SID domain_sid; uint32 rid; - + r_u->status=NT_STATUS_OK; /* search for the handle */ @@ -2132,7 +2123,7 @@ NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_ if (!NT_STATUS_IS_OK(r_u->status = get_user_info_18(p, p->mem_ctx, ctr->info.id18, &info->sid))) return r_u->status; break; - + case 20: ctr->info.id20 = TALLOC_ZERO_P(p->mem_ctx,SAM_USER_INFO_20); if (ctr->info.id20 == NULL) @@ -2145,7 +2136,7 @@ NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_ ctr->info.id21 = TALLOC_ZERO_P(p->mem_ctx,SAM_USER_INFO_21); if (ctr->info.id21 == NULL) return NT_STATUS_NO_MEMORY; - if (!NT_STATUS_IS_OK(r_u->status = get_user_info_21(p->mem_ctx, ctr->info.id21, + if (!NT_STATUS_IS_OK(r_u->status = get_user_info_21(p->mem_ctx, ctr->info.id21, &info->sid, &domain_sid))) return r_u->status; break; @@ -2157,7 +2148,7 @@ NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_ init_samr_r_query_userinfo(r_u, ctr, r_u->status); DEBUG(5,("_samr_query_userinfo: %d\n", __LINE__)); - + return r_u->status; } @@ -2200,7 +2191,7 @@ NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, S /* find the policy handle. open a policy on it. */ if (!get_lsa_policy_samr_sid(p, &q_u->pol, &sid, &acc_granted, NULL)) return NT_STATUS_INVALID_HANDLE; - + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_USER_GET_GROUPS, "_samr_query_usergroups"))) { return r_u->status; } @@ -2229,7 +2220,7 @@ NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, S result = pdb_enum_group_memberships(p->mem_ctx, sam_pass, &sids, &unix_gids, &num_groups); if ( NT_STATUS_IS_OK(result) ) { - success = sid_peek_check_rid(get_global_sam_sid(), + success = sid_peek_check_rid(get_global_sam_sid(), pdb_get_group_sid(sam_pass), &primary_group_rid); } @@ -2275,25 +2266,28 @@ NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, S ADD_TO_ARRAY(p->mem_ctx, DOM_GID, dom_gid, &gids, &num_gids); } - + /* construct the response. lkclXXXX: gids are not copied! */ init_samr_r_query_usergroups(r_u, num_gids, gids, r_u->status); - + DEBUG(5,("_samr_query_usergroups: %d\n", __LINE__)); - + return r_u->status; } /******************************************************************* - _samr_query_domain_info + samr_QueryDomainInfo_internal ********************************************************************/ -NTSTATUS _samr_query_domain_info(pipes_struct *p, - SAMR_Q_QUERY_DOMAIN_INFO *q_u, - SAMR_R_QUERY_DOMAIN_INFO *r_u) +static NTSTATUS samr_QueryDomainInfo_internal(const char *fn_name, + pipes_struct *p, + struct policy_handle *handle, + uint32_t level, + union samr_DomainInfo **dom_info_ptr) { + NTSTATUS status = NT_STATUS_OK; struct samr_info *info = NULL; - SAM_UNK_CTR *ctr; + union samr_DomainInfo *dom_info; uint32 min_pass_len,pass_hist,password_properties; time_t u_expire, u_min_age; NTTIME nt_expire, nt_min_age; @@ -2311,24 +2305,23 @@ NTSTATUS _samr_query_domain_info(pipes_struct *p, uint32 num_users=0, num_groups=0, num_aliases=0; - if ((ctr = TALLOC_ZERO_P(p->mem_ctx, SAM_UNK_CTR)) == NULL) { + DEBUG(5,("%s: %d\n", fn_name, __LINE__)); + + dom_info = TALLOC_ZERO_P(p->mem_ctx, union samr_DomainInfo); + if (!dom_info) { return NT_STATUS_NO_MEMORY; } - ZERO_STRUCTP(ctr); + *dom_info_ptr = dom_info; - r_u->status = NT_STATUS_OK; - - DEBUG(5,("_samr_query_domain_info: %d\n", __LINE__)); - /* find the policy handle. open a policy on it. */ - if (!find_policy_by_hnd(p, &q_u->domain_pol, (void **)(void *)&info)) { + if (!find_policy_by_hnd(p, handle, (void **)(void *)&info)) { return NT_STATUS_INVALID_HANDLE; } - - switch (q_u->switch_value) { + + switch (level) { case 0x01: - + become_root(); /* AS ROOT !!! */ @@ -2349,14 +2342,18 @@ NTSTATUS _samr_query_domain_info(pipes_struct *p, u_min_age = account_policy_temp; /* !AS ROOT */ - + unbecome_root(); unix_to_nt_time_abs(&nt_expire, u_expire); unix_to_nt_time_abs(&nt_min_age, u_min_age); - init_unk_info1(&ctr->info.inf1, (uint16)min_pass_len, (uint16)pass_hist, - password_properties, nt_expire, nt_min_age); + init_samr_DomInfo1(&dom_info->info1, + (uint16)min_pass_len, + (uint16)pass_hist, + password_properties, + nt_expire, + nt_min_age); break; case 0x02: @@ -2377,15 +2374,25 @@ NTSTATUS _samr_query_domain_info(pipes_struct *p, seq_num = time(NULL); /* !AS ROOT */ - + unbecome_root(); server_role = ROLE_DOMAIN_PDC; if (lp_server_role() == ROLE_DOMAIN_BDC) server_role = ROLE_DOMAIN_BDC; - init_unk_info2(&ctr->info.inf2, lp_serverstring(), lp_workgroup(), global_myname(), seq_num, - num_users, num_groups, num_aliases, nt_logout, server_role); + init_samr_DomInfo2(&dom_info->info2, + nt_logout, + lp_serverstring(), + lp_workgroup(), + global_myname(), + seq_num, + 1, + server_role, + 1, + num_users, + num_groups, + num_aliases); break; case 0x03: @@ -2400,31 +2407,37 @@ NTSTATUS _samr_query_domain_info(pipes_struct *p, } /* !AS ROOT */ - + unbecome_root(); unix_to_nt_time_abs(&nt_logout, u_logout); - - init_unk_info3(&ctr->info.inf3, nt_logout); + + init_samr_DomInfo3(&dom_info->info3, + nt_logout); + break; case 0x04: - init_unk_info4(&ctr->info.inf4, lp_serverstring()); + init_samr_DomInfo4(&dom_info->info4, + lp_serverstring()); break; case 0x05: - init_unk_info5(&ctr->info.inf5, get_global_sam_name()); + init_samr_DomInfo5(&dom_info->info5, + get_global_sam_name()); break; case 0x06: /* NT returns its own name when a PDC. win2k and later * only the name of the PDC if itself is a BDC (samba4 * idl) */ - init_unk_info6(&ctr->info.inf6, global_myname()); + init_samr_DomInfo6(&dom_info->info6, + global_myname()); break; case 0x07: server_role = ROLE_DOMAIN_PDC; if (lp_server_role() == ROLE_DOMAIN_BDC) server_role = ROLE_DOMAIN_BDC; - init_unk_info7(&ctr->info.inf7, server_role); + init_samr_DomInfo7(&dom_info->info7, + server_role); break; case 0x08: @@ -2437,10 +2450,12 @@ NTSTATUS _samr_query_domain_info(pipes_struct *p, } /* !AS ROOT */ - + unbecome_root(); - init_unk_info8(&ctr->info.inf8, (uint32) seq_num); + init_samr_DomInfo8(&dom_info->info8, + seq_num, + 0); break; case 0x0c: @@ -2461,24 +2476,38 @@ NTSTATUS _samr_query_domain_info(pipes_struct *p, lockout = account_policy_temp; /* !AS ROOT */ - + unbecome_root(); unix_to_nt_time_abs(&nt_lock_duration, u_lock_duration); unix_to_nt_time_abs(&nt_reset_time, u_reset_time); - - init_unk_info12(&ctr->info.inf12, nt_lock_duration, nt_reset_time, (uint16)lockout); + + init_samr_DomInfo12(&dom_info->info12, + nt_lock_duration, + nt_reset_time, + (uint16)lockout); break; default: return NT_STATUS_INVALID_INFO_CLASS; - } - + } - init_samr_r_query_domain_info(r_u, q_u->switch_value, ctr, NT_STATUS_OK); - - DEBUG(5,("_samr_query_domain_info: %d\n", __LINE__)); - - return r_u->status; + DEBUG(5,("%s: %d\n", fn_name, __LINE__)); + + return status; +} + +/******************************************************************* + _samr_QueryDomainInfo + ********************************************************************/ + +NTSTATUS _samr_QueryDomainInfo(pipes_struct *p, + struct samr_QueryDomainInfo *r) +{ + return samr_QueryDomainInfo_internal("_samr_QueryDomainInfo", + p, + r->in.domain_handle, + r->in.level, + r->out.info); } /* W2k3 seems to use the same check for all 3 objects that can be created via @@ -2520,19 +2549,17 @@ static NTSTATUS can_create(TALLOC_CTX *mem_ctx, const char *new_name) } /******************************************************************* - _samr_create_user - Create an account, can be either a normal user or a machine. - This funcion will need to be updated for bdc/domain trusts. + _samr_CreateUser2 ********************************************************************/ -NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, - SAMR_R_CREATE_USER *r_u) +NTSTATUS _samr_CreateUser2(pipes_struct *p, + struct samr_CreateUser2 *r) { - char *account; + const char *account = NULL; DOM_SID sid; - POLICY_HND dom_pol = q_u->domain_pol; - uint16 acb_info = q_u->acb_info; - POLICY_HND *user_pol = &r_u->user_pol; + POLICY_HND dom_pol = *r->in.domain_handle; + uint32_t acb_info = r->in.acct_flags; + POLICY_HND *user_pol = r->out.user_handle; struct samr_info *info = NULL; NTSTATUS nt_status; uint32 acc_granted; @@ -2551,19 +2578,19 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, nt_status = access_check_samr_function(acc_granted, SA_RIGHT_DOMAIN_CREATE_USER, - "_samr_create_user"); + "_samr_CreateUser2"); if (!NT_STATUS_IS_OK(nt_status)) { return nt_status; } if (!(acb_info == ACB_NORMAL || acb_info == ACB_DOMTRUST || - acb_info == ACB_WSTRUST || acb_info == ACB_SVRTRUST)) { - /* Match Win2k, and return NT_STATUS_INVALID_PARAMETER if + acb_info == ACB_WSTRUST || acb_info == ACB_SVRTRUST)) { + /* Match Win2k, and return NT_STATUS_INVALID_PARAMETER if this parameter is not an account type */ return NT_STATUS_INVALID_PARAMETER; } - account = rpcstr_pull_unistr2_talloc(p->mem_ctx, &q_u->uni_name); + account = r->in.account_name->string; if (account == NULL) { return NT_STATUS_NO_MEMORY; } @@ -2574,14 +2601,14 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, } /* determine which user right we need to check based on the acb_info */ - + if ( acb_info & ACB_WSTRUST ) { se_priv_copy( &se_rights, &se_machine_account ); can_add_account = user_has_privileges( p->pipe_user.nt_user_token, &se_rights ); - } - /* usrmgr.exe (and net rpc trustdom grant) creates a normal user + } + /* usrmgr.exe (and net rpc trustdom grant) creates a normal user account for domain trusts and changes the ACB flags later */ else if ( acb_info & ACB_NORMAL && (account[strlen(account)-1] != '$') ) @@ -2589,7 +2616,7 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, se_priv_copy( &se_rights, &se_add_users ); can_add_account = user_has_privileges( p->pipe_user.nt_user_token, &se_rights ); - } + } else /* implicit assumption of a BDC or domain trust account here * (we already check the flags earlier) */ { @@ -2601,41 +2628,41 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, DOMAIN_GROUP_RID_ADMINS ); } } - - DEBUG(5, ("_samr_create_user: %s can add this account : %s\n", + + DEBUG(5, ("_samr_CreateUser2: %s can add this account : %s\n", uidtoname(p->pipe_user.ut.uid), can_add_account ? "True":"False" )); - + /********** BEGIN Admin BLOCK **********/ if ( can_add_account ) become_root(); nt_status = pdb_create_user(p->mem_ctx, account, acb_info, - &r_u->user_rid); + r->out.rid); if ( can_add_account ) unbecome_root(); /********** END Admin BLOCK **********/ - + /* now check for failure */ - + if ( !NT_STATUS_IS_OK(nt_status) ) return nt_status; - + /* Get the user's SID */ - sid_compose(&sid, get_global_sam_sid(), r_u->user_rid); - + sid_compose(&sid, get_global_sam_sid(), *r->out.rid); + make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping, &sid, SAMR_USR_RIGHTS_WRITE_PW); se_map_generic(&des_access, &usr_generic_mapping); - - nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, - &se_rights, GENERIC_RIGHTS_USER_WRITE, des_access, - &acc_granted, "_samr_create_user"); - + + nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, + &se_rights, GENERIC_RIGHTS_USER_WRITE, des_access, + &acc_granted, "_samr_CreateUser2"); + if ( !NT_STATUS_IS_OK(nt_status) ) { return nt_status; } @@ -2657,40 +2684,38 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, /* After a "set" ensure we have no cached display info. */ force_flush_samr_cache(info->disp_info); - r_u->access_granted = acc_granted; + *r->out.access_granted = acc_granted; return NT_STATUS_OK; } /******************************************************************* - samr_reply_connect_anon + _samr_Connect ********************************************************************/ -NTSTATUS _samr_connect_anon(pipes_struct *p, SAMR_Q_CONNECT_ANON *q_u, SAMR_R_CONNECT_ANON *r_u) +NTSTATUS _samr_Connect(pipes_struct *p, + struct samr_Connect *r) { struct samr_info *info = NULL; - uint32 des_access = q_u->access_mask; + uint32 des_access = r->in.access_mask; /* Access check */ if (!pipe_access_check(p)) { - DEBUG(3, ("access denied to samr_connect_anon\n")); - r_u->status = NT_STATUS_ACCESS_DENIED; - return r_u->status; + DEBUG(3, ("access denied to _samr_Connect\n")); + return NT_STATUS_ACCESS_DENIED; } /* set up the SAMR connect_anon response */ - r_u->status = NT_STATUS_OK; - /* associate the user's SID with the new handle. */ if ((info = get_samr_info_by_sid(NULL)) == NULL) return NT_STATUS_NO_MEMORY; /* don't give away the farm but this is probably ok. The SA_RIGHT_SAM_ENUM_DOMAINS - was observed from a win98 client trying to enumerate users (when configured + was observed from a win98 client trying to enumerate users (when configured user level access control on shares) --jerry */ - + if (des_access == MAXIMUM_ALLOWED_ACCESS) { /* Map to max possible knowing we're filtered below. */ des_access = GENERIC_ALL_ACCESS; @@ -2698,152 +2723,143 @@ NTSTATUS _samr_connect_anon(pipes_struct *p, SAMR_Q_CONNECT_ANON *q_u, SAMR_R_CO se_map_generic( &des_access, &sam_generic_mapping ); info->acc_granted = des_access & (SA_RIGHT_SAM_ENUM_DOMAINS|SA_RIGHT_SAM_OPEN_DOMAIN); - - info->status = q_u->unknown_0; /* get a (unique) handle. open a policy on it. */ - if (!create_policy_hnd(p, &r_u->connect_pol, free_samr_info, (void *)info)) + if (!create_policy_hnd(p, r->out.connect_handle, free_samr_info, (void *)info)) return NT_STATUS_OBJECT_NAME_NOT_FOUND; - return r_u->status; + return NT_STATUS_OK; } /******************************************************************* - samr_reply_connect + _samr_Connect2 ********************************************************************/ -NTSTATUS _samr_connect(pipes_struct *p, SAMR_Q_CONNECT *q_u, SAMR_R_CONNECT *r_u) +NTSTATUS _samr_Connect2(pipes_struct *p, + struct samr_Connect2 *r) { struct samr_info *info = NULL; SEC_DESC *psd = NULL; uint32 acc_granted; - uint32 des_access = q_u->access_mask; + uint32 des_access = r->in.access_mask; NTSTATUS nt_status; size_t sd_size; - DEBUG(5,("_samr_connect: %d\n", __LINE__)); + DEBUG(5,("_samr_Connect2: %d\n", __LINE__)); /* Access check */ if (!pipe_access_check(p)) { - DEBUG(3, ("access denied to samr_connect\n")); - r_u->status = NT_STATUS_ACCESS_DENIED; - return r_u->status; + DEBUG(3, ("access denied to _samr_Connect2\n")); + return NT_STATUS_ACCESS_DENIED; } make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0); se_map_generic(&des_access, &sam_generic_mapping); - - nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, - NULL, 0, des_access, &acc_granted, "_samr_connect"); - - if ( !NT_STATUS_IS_OK(nt_status) ) - return nt_status; - r_u->status = NT_STATUS_OK; + nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, + NULL, 0, des_access, &acc_granted, "_samr_Connect2"); + + if ( !NT_STATUS_IS_OK(nt_status) ) + return nt_status; /* associate the user's SID and access granted with the new handle. */ if ((info = get_samr_info_by_sid(NULL)) == NULL) return NT_STATUS_NO_MEMORY; info->acc_granted = acc_granted; - info->status = q_u->access_mask; + info->status = r->in.access_mask; /* this looks so wrong... - gd */ /* get a (unique) handle. open a policy on it. */ - if (!create_policy_hnd(p, &r_u->connect_pol, free_samr_info, (void *)info)) + if (!create_policy_hnd(p, r->out.connect_handle, free_samr_info, (void *)info)) return NT_STATUS_OBJECT_NAME_NOT_FOUND; - DEBUG(5,("_samr_connect: %d\n", __LINE__)); + DEBUG(5,("_samr_Connect2: %d\n", __LINE__)); - return r_u->status; + return nt_status; } /******************************************************************* - samr_connect4 + _samr_Connect4 ********************************************************************/ -NTSTATUS _samr_connect4(pipes_struct *p, SAMR_Q_CONNECT4 *q_u, SAMR_R_CONNECT4 *r_u) +NTSTATUS _samr_Connect4(pipes_struct *p, + struct samr_Connect4 *r) { struct samr_info *info = NULL; SEC_DESC *psd = NULL; uint32 acc_granted; - uint32 des_access = q_u->access_mask; + uint32 des_access = r->in.access_mask; NTSTATUS nt_status; size_t sd_size; - DEBUG(5,("_samr_connect4: %d\n", __LINE__)); + DEBUG(5,("_samr_Connect4: %d\n", __LINE__)); /* Access check */ if (!pipe_access_check(p)) { - DEBUG(3, ("access denied to samr_connect4\n")); - r_u->status = NT_STATUS_ACCESS_DENIED; - return r_u->status; + DEBUG(3, ("access denied to samr_Connect4\n")); + return NT_STATUS_ACCESS_DENIED; } make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0); se_map_generic(&des_access, &sam_generic_mapping); - - nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, - NULL, 0, des_access, &acc_granted, "_samr_connect4"); - - if ( !NT_STATUS_IS_OK(nt_status) ) - return nt_status; - r_u->status = NT_STATUS_OK; + nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, + NULL, 0, des_access, &acc_granted, "_samr_Connect4"); + + if ( !NT_STATUS_IS_OK(nt_status) ) + return nt_status; /* associate the user's SID and access granted with the new handle. */ if ((info = get_samr_info_by_sid(NULL)) == NULL) return NT_STATUS_NO_MEMORY; info->acc_granted = acc_granted; - info->status = q_u->access_mask; + info->status = r->in.access_mask; /* ??? */ /* get a (unique) handle. open a policy on it. */ - if (!create_policy_hnd(p, &r_u->connect_pol, free_samr_info, (void *)info)) + if (!create_policy_hnd(p, r->out.connect_handle, free_samr_info, (void *)info)) return NT_STATUS_OBJECT_NAME_NOT_FOUND; - DEBUG(5,("_samr_connect: %d\n", __LINE__)); + DEBUG(5,("_samr_Connect4: %d\n", __LINE__)); - return r_u->status; + return NT_STATUS_OK; } /******************************************************************* - samr_connect5 + _samr_Connect5 ********************************************************************/ -NTSTATUS _samr_connect5(pipes_struct *p, SAMR_Q_CONNECT5 *q_u, SAMR_R_CONNECT5 *r_u) +NTSTATUS _samr_Connect5(pipes_struct *p, + struct samr_Connect5 *r) { struct samr_info *info = NULL; SEC_DESC *psd = NULL; uint32 acc_granted; - uint32 des_access = q_u->access_mask; + uint32 des_access = r->in.access_mask; NTSTATUS nt_status; - POLICY_HND pol; size_t sd_size; + struct samr_ConnectInfo1 info1; - - DEBUG(5,("_samr_connect5: %d\n", __LINE__)); - - ZERO_STRUCTP(r_u); + DEBUG(5,("_samr_Connect5: %d\n", __LINE__)); /* Access check */ if (!pipe_access_check(p)) { - DEBUG(3, ("access denied to samr_connect5\n")); - r_u->status = NT_STATUS_ACCESS_DENIED; - return r_u->status; + DEBUG(3, ("access denied to samr_Connect5\n")); + return NT_STATUS_ACCESS_DENIED; } make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0); se_map_generic(&des_access, &sam_generic_mapping); - - nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, - NULL, 0, des_access, &acc_granted, "_samr_connect5"); - - if ( !NT_STATUS_IS_OK(nt_status) ) + + nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, + NULL, 0, des_access, &acc_granted, "_samr_Connect5"); + + if ( !NT_STATUS_IS_OK(nt_status) ) return nt_status; /* associate the user's SID and access granted with the new handle. */ @@ -2851,61 +2867,68 @@ NTSTATUS _samr_connect5(pipes_struct *p, SAMR_Q_CONNECT5 *q_u, SAMR_R_CONNECT5 * return NT_STATUS_NO_MEMORY; info->acc_granted = acc_granted; - info->status = q_u->access_mask; + info->status = r->in.access_mask; /* ??? */ /* get a (unique) handle. open a policy on it. */ - if (!create_policy_hnd(p, &pol, free_samr_info, (void *)info)) + if (!create_policy_hnd(p, r->out.connect_handle, free_samr_info, (void *)info)) return NT_STATUS_OBJECT_NAME_NOT_FOUND; - DEBUG(5,("_samr_connect: %d\n", __LINE__)); + DEBUG(5,("_samr_Connect5: %d\n", __LINE__)); - init_samr_r_connect5(r_u, &pol, NT_STATUS_OK); + info1.client_version = SAMR_CONNECT_AFTER_W2K; + info1.unknown2 = 0; - return r_u->status; + *r->out.level_out = 1; + r->out.info_out->info1 = info1; + + return NT_STATUS_OK; } /********************************************************************** - api_samr_lookup_domain + _samr_LookupDomain **********************************************************************/ - -NTSTATUS _samr_lookup_domain(pipes_struct *p, SAMR_Q_LOOKUP_DOMAIN *q_u, SAMR_R_LOOKUP_DOMAIN *r_u) +NTSTATUS _samr_LookupDomain(pipes_struct *p, + struct samr_LookupDomain *r) { + NTSTATUS status = NT_STATUS_OK; struct samr_info *info; - fstring domain_name; - DOM_SID sid; + const char *domain_name; + DOM_SID *sid = NULL; - r_u->status = NT_STATUS_OK; - - if (!find_policy_by_hnd(p, &q_u->connect_pol, (void**)(void *)&info)) + if (!find_policy_by_hnd(p, r->in.connect_handle, (void**)(void *)&info)) return NT_STATUS_INVALID_HANDLE; - /* win9x user manager likes to use SA_RIGHT_SAM_ENUM_DOMAINS here. + /* win9x user manager likes to use SA_RIGHT_SAM_ENUM_DOMAINS here. Reverted that change so we will work with RAS servers again */ - if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(info->acc_granted, - SA_RIGHT_SAM_OPEN_DOMAIN, "_samr_lookup_domain"))) - { - return r_u->status; + status = access_check_samr_function(info->acc_granted, + SA_RIGHT_SAM_OPEN_DOMAIN, + "_samr_LookupDomain"); + if (!NT_STATUS_IS_OK(status)) { + return status; } - rpcstr_pull(domain_name, q_u->uni_domain.buffer, sizeof(domain_name), q_u->uni_domain.uni_str_len*2, 0); + domain_name = r->in.domain_name->string; - ZERO_STRUCT(sid); + sid = TALLOC_ZERO_P(p->mem_ctx, struct dom_sid2); + if (!sid) { + return NT_STATUS_NO_MEMORY; + } if (strequal(domain_name, builtin_domain_name())) { - sid_copy(&sid, &global_sid_Builtin); + sid_copy(sid, &global_sid_Builtin); } else { - if (!secrets_fetch_domain_sid(domain_name, &sid)) { - r_u->status = NT_STATUS_NO_SUCH_DOMAIN; + if (!secrets_fetch_domain_sid(domain_name, sid)) { + status = NT_STATUS_NO_SUCH_DOMAIN; } } DEBUG(2,("Returning domain sid for domain %s -> %s\n", domain_name, - sid_string_dbg(&sid))); + sid_string_dbg(sid))); - init_samr_r_lookup_domain(r_u, &sid, r_u->status); + *r->out.sid = sid; - return r_u->status; + return status; } /****************************************************************** @@ -2956,10 +2979,10 @@ NTSTATUS _samr_enum_domains(pipes_struct *p, SAMR_Q_ENUM_DOMAINS *q_u, SAMR_R_EN const char *name; r_u->status = NT_STATUS_OK; - + if (!find_policy_by_hnd(p, &q_u->pol, (void**)(void *)&info)) return NT_STATUS_INVALID_HANDLE; - + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(info->acc_granted, SA_RIGHT_SAM_ENUM_DOMAINS, "_samr_enum_domains"))) { return r_u->status; } @@ -2979,53 +3002,52 @@ NTSTATUS _samr_enum_domains(pipes_struct *p, SAMR_Q_ENUM_DOMAINS *q_u, SAMR_R_EN } /******************************************************************* - api_samr_open_alias + _samr_OpenAlias ********************************************************************/ -NTSTATUS _samr_open_alias(pipes_struct *p, SAMR_Q_OPEN_ALIAS *q_u, SAMR_R_OPEN_ALIAS *r_u) +NTSTATUS _samr_OpenAlias(pipes_struct *p, + struct samr_OpenAlias *r) { DOM_SID sid; - POLICY_HND domain_pol = q_u->dom_pol; - uint32 alias_rid = q_u->rid_alias; - POLICY_HND *alias_pol = &r_u->pol; + POLICY_HND domain_pol = *r->in.domain_handle; + uint32 alias_rid = r->in.rid; + POLICY_HND *alias_pol = r->out.alias_handle; struct samr_info *info = NULL; SEC_DESC *psd = NULL; uint32 acc_granted; - uint32 des_access = q_u->access_mask; + uint32 des_access = r->in.access_mask; size_t sd_size; NTSTATUS status; SE_PRIV se_rights; - r_u->status = NT_STATUS_OK; - /* find the domain policy and get the SID / access bits stored in the domain policy */ - + if ( !get_lsa_policy_samr_sid(p, &domain_pol, &sid, &acc_granted, NULL) ) return NT_STATUS_INVALID_HANDLE; - - status = access_check_samr_function(acc_granted, - SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_open_alias"); - - if ( !NT_STATUS_IS_OK(status) ) + + status = access_check_samr_function(acc_granted, + SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_OpenAlias"); + + if ( !NT_STATUS_IS_OK(status) ) return status; /* append the alias' RID to it */ - + if (!sid_append_rid(&sid, alias_rid)) return NT_STATUS_NO_SUCH_ALIAS; - + /*check if access can be granted as requested by client. */ - + make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &ali_generic_mapping, NULL, 0); se_map_generic(&des_access,&ali_generic_mapping); - + se_priv_copy( &se_rights, &se_add_users ); - - - status = access_check_samr_object(psd, p->pipe_user.nt_user_token, - &se_rights, GENERIC_RIGHTS_ALIAS_WRITE, des_access, - &acc_granted, "_samr_open_alias"); - + + + status = access_check_samr_object(psd, p->pipe_user.nt_user_token, + &se_rights, GENERIC_RIGHTS_ALIAS_WRITE, des_access, + &acc_granted, "_samr_OpenAlias"); + if ( !NT_STATUS_IS_OK(status) ) return status; @@ -3044,7 +3066,7 @@ NTSTATUS _samr_open_alias(pipes_struct *p, SAMR_Q_OPEN_ALIAS *q_u, SAMR_R_OPEN_A } /* make sure there is a mapping */ - + if ( !sid_to_gid( &sid, &gid ) ) { return NT_STATUS_NO_SUCH_ALIAS; } @@ -3054,14 +3076,14 @@ NTSTATUS _samr_open_alias(pipes_struct *p, SAMR_Q_OPEN_ALIAS *q_u, SAMR_R_OPEN_A /* associate the alias SID with the new handle. */ if ((info = get_samr_info_by_sid(&sid)) == NULL) return NT_STATUS_NO_MEMORY; - + info->acc_granted = acc_granted; /* get a (unique) handle. open a policy on it. */ if (!create_policy_hnd(p, alias_pol, free_samr_info, (void *)info)) return NT_STATUS_OBJECT_NAME_NOT_FOUND; - return r_u->status; + return NT_STATUS_OK; } /******************************************************************* @@ -3086,7 +3108,7 @@ static NTSTATUS set_user_info_7(TALLOC_CTX *mem_ctx, } /* check to see if the new username already exists. Note: we can't - reliably lock all backends, so there is potentially the + reliably lock all backends, so there is potentially the possibility that a user can be created in between this check and the rename. The rename should fail, but may not get the exact same failure status code. I think this is small enough @@ -3116,7 +3138,7 @@ static bool set_user_info_16(const SAM_USER_INFO_16 *id16, struct samu *pwd) TALLOC_FREE(pwd); return False; } - + /* FIX ME: check if the value is really changed --metze */ if (!pdb_set_acct_ctrl(pwd, id16->acb_info, PDB_CHANGED)) { TALLOC_FREE(pwd); @@ -3145,7 +3167,7 @@ static bool set_user_info_18(SAM_USER_INFO_18 *id18, struct samu *pwd) TALLOC_FREE(pwd); return False; } - + if (!pdb_set_lanman_passwd (pwd, id18->lm_pwd, PDB_CHANGED)) { TALLOC_FREE(pwd); return False; @@ -3156,9 +3178,9 @@ static bool set_user_info_18(SAM_USER_INFO_18 *id18, struct samu *pwd) } if (!pdb_set_pass_last_set_time (pwd, time(NULL), PDB_CHANGED)) { TALLOC_FREE(pwd); - return False; + return False; } - + if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) { TALLOC_FREE(pwd); return False; @@ -3178,7 +3200,7 @@ static bool set_user_info_20(SAM_USER_INFO_20 *id20, struct samu *pwd) DEBUG(5, ("set_user_info_20: NULL id20\n")); return False; } - + copy_id20_to_sam_passwd(pwd, id20); /* write the change out */ @@ -3200,21 +3222,21 @@ static NTSTATUS set_user_info_21(TALLOC_CTX *mem_ctx, SAM_USER_INFO_21 *id21, { fstring new_name; NTSTATUS status; - + if (id21 == NULL) { DEBUG(5, ("set_user_info_21: NULL id21\n")); return NT_STATUS_INVALID_PARAMETER; } /* we need to separately check for an account rename first */ - - if (rpcstr_pull(new_name, id21->uni_user_name.buffer, - sizeof(new_name), id21->uni_user_name.uni_str_len*2, 0) - && (!strequal(new_name, pdb_get_username(pwd)))) + + if (rpcstr_pull(new_name, id21->uni_user_name.buffer, + sizeof(new_name), id21->uni_user_name.uni_str_len*2, 0) + && (!strequal(new_name, pdb_get_username(pwd)))) { /* check to see if the new username already exists. Note: we can't - reliably lock all backends, so there is potentially the + reliably lock all backends, so there is potentially the possibility that a user can be created in between this check and the rename. The rename should fail, but may not get the exact same failure status code. I think this is small enough @@ -3230,35 +3252,35 @@ static NTSTATUS set_user_info_21(TALLOC_CTX *mem_ctx, SAM_USER_INFO_21 *id21, status = pdb_rename_sam_account(pwd, new_name); if (!NT_STATUS_IS_OK(status)) { - DEBUG(0,("set_user_info_21: failed to rename account: %s\n", + DEBUG(0,("set_user_info_21: failed to rename account: %s\n", nt_errstr(status))); TALLOC_FREE(pwd); return status; } - /* set the new username so that later + /* set the new username so that later functions can work on the new account */ pdb_set_username(pwd, new_name, PDB_SET); } copy_id21_to_sam_passwd(pwd, id21); - + /* * The funny part about the previous two calls is * that pwd still has the password hashes from the * passdb entry. These have not been updated from * id21. I don't know if they need to be set. --jerry */ - + if ( IS_SAM_CHANGED(pwd, PDB_GROUPSID) ) { status = pdb_set_unix_primary_group(mem_ctx, pwd); if ( !NT_STATUS_IS_OK(status) ) { return status; } } - + /* Don't worry about writing out the user account since the - primary group SID is generated solely from the user's Unix + primary group SID is generated solely from the user's Unix primary group. */ /* write the change out */ @@ -3447,14 +3469,14 @@ static NTSTATUS set_user_info_25(TALLOC_CTX *mem_ctx, SAM_USER_INFO_25 *id25, struct samu *pwd) { NTSTATUS status; - + if (id25 == NULL) { DEBUG(5, ("set_user_info_25: NULL id25\n")); return NT_STATUS_INVALID_PARAMETER; } copy_id25_to_sam_passwd(pwd, id25); - + /* write the change out */ if(!NT_STATUS_IS_OK(status = pdb_update_sam_account(pwd))) { TALLOC_FREE(pwd); @@ -3475,7 +3497,7 @@ static NTSTATUS set_user_info_25(TALLOC_CTX *mem_ctx, SAM_USER_INFO_25 *id25, return status; } } - + /* WARNING: No TALLOC_FREE(pwd), we are about to set the password * hereafter! */ @@ -3508,13 +3530,13 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE if (!get_lsa_policy_samr_sid(p, pol, &sid, &acc_granted, &disp_info)) return NT_STATUS_INVALID_HANDLE; - /* This is tricky. A WinXP domain join sets + /* This is tricky. A WinXP domain join sets (SA_RIGHT_USER_SET_PASSWORD|SA_RIGHT_USER_SET_ATTRIBUTES|SA_RIGHT_USER_ACCT_FLAGS_EXPIRY) - The MMC lusrmgr plugin includes these perms and more in the SamrOpenUser(). But the - standard Win32 API calls just ask for SA_RIGHT_USER_SET_PASSWORD in the SamrOpenUser(). - This should be enough for levels 18, 24, 25,& 26. Info level 23 can set more so + The MMC lusrmgr plugin includes these perms and more in the SamrOpenUser(). But the + standard Win32 API calls just ask for SA_RIGHT_USER_SET_PASSWORD in the SamrOpenUser(). + This should be enough for levels 18, 24, 25,& 26. Info level 23 can set more so we'll use the set from the WinXP join as the basis. */ - + switch (switch_value) { case 18: case 24: @@ -3526,7 +3548,7 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE acc_required = SA_RIGHT_USER_SET_PASSWORD | SA_RIGHT_USER_SET_ATTRIBUTES | SA_RIGHT_USER_ACCT_FLAGS_EXPIRY; break; } - + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, acc_required, "_samr_set_userinfo"))) { return r_u->status; } @@ -3538,25 +3560,25 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE DEBUG(5, ("_samr_set_userinfo: NULL info level\n")); return NT_STATUS_INVALID_INFO_CLASS; } - + if ( !(pwd = samu_new( NULL )) ) { return NT_STATUS_NO_MEMORY; } - + become_root(); ret = pdb_getsampwsid(pwd, &sid); unbecome_root(); - + if ( !ret ) { TALLOC_FREE(pwd); return NT_STATUS_NO_SUCH_USER; } - + /* deal with machine password changes differently from userinfo changes */ /* check to see if we have the sufficient rights */ - + acb_info = pdb_get_acct_ctrl(pwd); - if ( acb_info & ACB_WSTRUST ) + if ( acb_info & ACB_WSTRUST ) has_enough_rights = user_has_privileges( p->pipe_user.nt_user_token, &se_machine_account); else if ( acb_info & ACB_NORMAL ) has_enough_rights = user_has_privileges( p->pipe_user.nt_user_token, &se_add_users ); @@ -3564,16 +3586,16 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE if ( lp_enable_privileges() ) has_enough_rights = nt_token_check_domain_rid( p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS ); } - + DEBUG(5, ("_samr_set_userinfo: %s does%s possess sufficient rights\n", uidtoname(p->pipe_user.ut.uid), has_enough_rights ? "" : " not")); /* ================ BEGIN SeMachineAccountPrivilege BLOCK ================ */ - - if ( has_enough_rights ) - become_root(); - + + if ( has_enough_rights ) + become_root(); + /* ok! user info levels (lots: see MSDEV help), off we go... */ switch (switch_value) { @@ -3640,10 +3662,10 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE } done: - - if ( has_enough_rights ) + + if ( has_enough_rights ) unbecome_root(); - + /* ================ END SeMachineAccountPrivilege BLOCK ================ */ if (NT_STATUS_IS_OK(r_u->status)) { @@ -3679,7 +3701,7 @@ NTSTATUS _samr_set_userinfo2(pipes_struct *p, SAMR_Q_SET_USERINFO2 *q_u, SAMR_R_ if (!get_lsa_policy_samr_sid(p, pol, &sid, &acc_granted, &disp_info)) return NT_STATUS_INVALID_HANDLE; - + #if 0 /* this really should be applied on a per info level basis --jerry */ /* observed when joining XP client to Samba domain */ @@ -3687,7 +3709,7 @@ NTSTATUS _samr_set_userinfo2(pipes_struct *p, SAMR_Q_SET_USERINFO2 *q_u, SAMR_R_ #else acc_required = SA_RIGHT_USER_SET_ATTRIBUTES; #endif - + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, acc_required, "_samr_set_userinfo2"))) { return r_u->status; } @@ -3709,14 +3731,14 @@ NTSTATUS _samr_set_userinfo2(pipes_struct *p, SAMR_Q_SET_USERINFO2 *q_u, SAMR_R_ become_root(); ret = pdb_getsampwsid(pwd, &sid); unbecome_root(); - + if ( !ret ) { TALLOC_FREE(pwd); return NT_STATUS_NO_SUCH_USER; } - + acb_info = pdb_get_acct_ctrl(pwd); - if ( acb_info & ACB_WSTRUST ) + if ( acb_info & ACB_WSTRUST ) has_enough_rights = user_has_privileges( p->pipe_user.nt_user_token, &se_machine_account); else if ( acb_info & ACB_NORMAL ) has_enough_rights = user_has_privileges( p->pipe_user.nt_user_token, &se_add_users ); @@ -3724,18 +3746,18 @@ NTSTATUS _samr_set_userinfo2(pipes_struct *p, SAMR_Q_SET_USERINFO2 *q_u, SAMR_R_ if ( lp_enable_privileges() ) has_enough_rights = nt_token_check_domain_rid( p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS ); } - + DEBUG(5, ("_samr_set_userinfo2: %s does%s possess sufficient rights\n", uidtoname(p->pipe_user.ut.uid), has_enough_rights ? "" : " not")); /* ================ BEGIN SeMachineAccountPrivilege BLOCK ================ */ - - if ( has_enough_rights ) - become_root(); - + + if ( has_enough_rights ) + become_root(); + /* ok! user info levels (lots: see MSDEV help), off we go... */ - + switch (switch_value) { case 7: r_u->status = set_user_info_7(p->mem_ctx, @@ -3784,9 +3806,9 @@ NTSTATUS _samr_set_userinfo2(pipes_struct *p, SAMR_Q_SET_USERINFO2 *q_u, SAMR_R_ r_u->status = NT_STATUS_INVALID_INFO_CLASS; } - if ( has_enough_rights ) + if ( has_enough_rights ) unbecome_root(); - + /* ================ END SeMachineAccountPrivilege BLOCK ================ */ if (NT_STATUS_IS_OK(r_u->status)) { @@ -3797,45 +3819,44 @@ NTSTATUS _samr_set_userinfo2(pipes_struct *p, SAMR_Q_SET_USERINFO2 *q_u, SAMR_R_ } /********************************************************************* - _samr_query_aliasmem + _samr_GetAliasMembership *********************************************************************/ -NTSTATUS _samr_query_useraliases(pipes_struct *p, SAMR_Q_QUERY_USERALIASES *q_u, SAMR_R_QUERY_USERALIASES *r_u) +NTSTATUS _samr_GetAliasMembership(pipes_struct *p, + struct samr_GetAliasMembership *r) { size_t num_alias_rids; uint32 *alias_rids; struct samr_info *info = NULL; size_t i; - + NTSTATUS ntstatus1; NTSTATUS ntstatus2; DOM_SID *members; - r_u->status = NT_STATUS_OK; - - DEBUG(5,("_samr_query_useraliases: %d\n", __LINE__)); + DEBUG(5,("_samr_GetAliasMembership: %d\n", __LINE__)); /* find the policy handle. open a policy on it. */ - if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info)) + if (!find_policy_by_hnd(p, r->in.domain_handle, (void **)(void *)&info)) return NT_STATUS_INVALID_HANDLE; - - ntstatus1 = access_check_samr_function(info->acc_granted, SA_RIGHT_DOMAIN_LOOKUP_ALIAS_BY_MEM, "_samr_query_useraliases"); - ntstatus2 = access_check_samr_function(info->acc_granted, SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_query_useraliases"); - + + ntstatus1 = access_check_samr_function(info->acc_granted, SA_RIGHT_DOMAIN_LOOKUP_ALIAS_BY_MEM, "_samr_GetAliasMembership"); + ntstatus2 = access_check_samr_function(info->acc_granted, SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_GetAliasMembership"); + if (!NT_STATUS_IS_OK(ntstatus1) || !NT_STATUS_IS_OK(ntstatus2)) { if (!(NT_STATUS_EQUAL(ntstatus1,NT_STATUS_ACCESS_DENIED) && NT_STATUS_IS_OK(ntstatus2)) && !(NT_STATUS_EQUAL(ntstatus1,NT_STATUS_ACCESS_DENIED) && NT_STATUS_IS_OK(ntstatus1))) { return (NT_STATUS_IS_OK(ntstatus1)) ? ntstatus2 : ntstatus1; } - } + } if (!sid_check_is_domain(&info->sid) && !sid_check_is_builtin(&info->sid)) return NT_STATUS_OBJECT_TYPE_MISMATCH; - if (q_u->num_sids1) { - members = TALLOC_ARRAY(p->mem_ctx, DOM_SID, q_u->num_sids1); + if (r->in.sids->num_sids) { + members = TALLOC_ARRAY(p->mem_ctx, DOM_SID, r->in.sids->num_sids); if (members == NULL) return NT_STATUS_NO_MEMORY; @@ -3843,15 +3864,15 @@ NTSTATUS _samr_query_useraliases(pipes_struct *p, SAMR_Q_QUERY_USERALIASES *q_u, members = NULL; } - for (i=0; i<q_u->num_sids1; i++) - sid_copy(&members[i], &q_u->sid[i].sid); + for (i=0; i<r->in.sids->num_sids; i++) + sid_copy(&members[i], r->in.sids->sids[i].sid); alias_rids = NULL; num_alias_rids = 0; become_root(); ntstatus1 = pdb_enum_alias_memberships(p->mem_ctx, &info->sid, members, - q_u->num_sids1, + r->in.sids->num_sids, &alias_rids, &num_alias_rids); unbecome_root(); @@ -3859,40 +3880,42 @@ NTSTATUS _samr_query_useraliases(pipes_struct *p, SAMR_Q_QUERY_USERALIASES *q_u, return ntstatus1; } - init_samr_r_query_useraliases(r_u, num_alias_rids, alias_rids, - NT_STATUS_OK); + r->out.rids->count = num_alias_rids; + r->out.rids->ids = alias_rids; + return NT_STATUS_OK; } /********************************************************************* - _samr_query_aliasmem + _samr_GetMembersInAlias *********************************************************************/ -NTSTATUS _samr_query_aliasmem(pipes_struct *p, SAMR_Q_QUERY_ALIASMEM *q_u, SAMR_R_QUERY_ALIASMEM *r_u) +NTSTATUS _samr_GetMembersInAlias(pipes_struct *p, + struct samr_GetMembersInAlias *r) { NTSTATUS status; size_t i; size_t num_sids = 0; - DOM_SID2 *sid; - DOM_SID *sids=NULL; + struct lsa_SidPtr *sids = NULL; + DOM_SID *pdb_sids = NULL; DOM_SID alias_sid; uint32 acc_granted; /* find the policy handle. open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid, &acc_granted, NULL)) + if (!get_lsa_policy_samr_sid(p, r->in.alias_handle, &alias_sid, &acc_granted, NULL)) return NT_STATUS_INVALID_HANDLE; - - if (!NT_STATUS_IS_OK(r_u->status = - access_check_samr_function(acc_granted, SA_RIGHT_ALIAS_GET_MEMBERS, "_samr_query_aliasmem"))) { - return r_u->status; + + status = access_check_samr_function(acc_granted, SA_RIGHT_ALIAS_GET_MEMBERS, "_samr_GetMembersInAlias"); + if (!NT_STATUS_IS_OK(status)) { + return status; } DEBUG(10, ("sid is %s\n", sid_string_dbg(&alias_sid))); become_root(); - status = pdb_enum_aliasmem(&alias_sid, &sids, &num_sids); + status = pdb_enum_aliasmem(&alias_sid, &pdb_sids, &num_sids); unbecome_root(); if (!NT_STATUS_IS_OK(status)) { @@ -3900,31 +3923,35 @@ NTSTATUS _samr_query_aliasmem(pipes_struct *p, SAMR_Q_QUERY_ALIASMEM *q_u, SAMR_ } if (num_sids) { - sid = TALLOC_ZERO_ARRAY(p->mem_ctx, DOM_SID2, num_sids); - if (sid == NULL) { - SAFE_FREE(sids); + sids = TALLOC_ZERO_ARRAY(p->mem_ctx, struct lsa_SidPtr, num_sids); + if (sids == NULL) { + TALLOC_FREE(pdb_sids); return NT_STATUS_NO_MEMORY; } - } else { - sid = NULL; } for (i = 0; i < num_sids; i++) { - init_dom_sid2(&sid[i], &sids[i]); + sids[i].sid = sid_dup_talloc(p->mem_ctx, &pdb_sids[i]); + if (!sids[i].sid) { + TALLOC_FREE(pdb_sids); + return NT_STATUS_NO_MEMORY; + } } - init_samr_r_query_aliasmem(r_u, num_sids, sid, NT_STATUS_OK); + r->out.sids->num_sids = num_sids; + r->out.sids->sids = sids; - TALLOC_FREE(sids); + TALLOC_FREE(pdb_sids); return NT_STATUS_OK; } /********************************************************************* - _samr_query_groupmem + _samr_QueryGroupMember *********************************************************************/ -NTSTATUS _samr_query_groupmem(pipes_struct *p, SAMR_Q_QUERY_GROUPMEM *q_u, SAMR_R_QUERY_GROUPMEM *r_u) +NTSTATUS _samr_QueryGroupMember(pipes_struct *p, + struct samr_QueryGroupMember *r) { DOM_SID group_sid; size_t i, num_members; @@ -3934,16 +3961,23 @@ NTSTATUS _samr_query_groupmem(pipes_struct *p, SAMR_Q_QUERY_GROUPMEM *q_u, SAMR_ uint32 acc_granted; - NTSTATUS result; + NTSTATUS status; + struct samr_RidTypeArray *rids = NULL; + + rids = TALLOC_ZERO_P(p->mem_ctx, struct samr_RidTypeArray); + if (!rids) { + return NT_STATUS_NO_MEMORY; + } /* find the policy handle. open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->group_pol, &group_sid, &acc_granted, NULL)) + if (!get_lsa_policy_samr_sid(p, r->in.group_handle, &group_sid, &acc_granted, NULL)) return NT_STATUS_INVALID_HANDLE; - - if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_GROUP_GET_MEMBERS, "_samr_query_groupmem"))) { - return r_u->status; + + status = access_check_samr_function(acc_granted, SA_RIGHT_GROUP_GET_MEMBERS, "_samr_QueryGroupMember"); + if (!NT_STATUS_IS_OK(status)) { + return status; } - + DEBUG(10, ("sid is %s\n", sid_string_dbg(&group_sid))); if (!sid_check_is_in_our_domain(&group_sid)) { @@ -3955,12 +3989,12 @@ NTSTATUS _samr_query_groupmem(pipes_struct *p, SAMR_Q_QUERY_GROUPMEM *q_u, SAMR_ DEBUG(10, ("lookup on Domain SID\n")); become_root(); - result = pdb_enum_group_members(p->mem_ctx, &group_sid, + status = pdb_enum_group_members(p->mem_ctx, &group_sid, &rid, &num_members); unbecome_root(); - if (!NT_STATUS_IS_OK(result)) - return result; + if (!NT_STATUS_IS_OK(status)) + return status; if (num_members) { attr=TALLOC_ZERO_ARRAY(p->mem_ctx, uint32, num_members); @@ -3970,81 +4004,89 @@ NTSTATUS _samr_query_groupmem(pipes_struct *p, SAMR_Q_QUERY_GROUPMEM *q_u, SAMR_ } else { attr = NULL; } - + for (i=0; i<num_members; i++) attr[i] = SID_NAME_USER; - init_samr_r_query_groupmem(r_u, num_members, rid, attr, NT_STATUS_OK); + rids->count = num_members; + rids->types = attr; + rids->rids = rid; + + *r->out.rids = rids; return NT_STATUS_OK; } /********************************************************************* - _samr_add_aliasmem + _samr_AddAliasMember *********************************************************************/ -NTSTATUS _samr_add_aliasmem(pipes_struct *p, SAMR_Q_ADD_ALIASMEM *q_u, SAMR_R_ADD_ALIASMEM *r_u) +NTSTATUS _samr_AddAliasMember(pipes_struct *p, + struct samr_AddAliasMember *r) { DOM_SID alias_sid; uint32 acc_granted; SE_PRIV se_rights; bool can_add_accounts; - NTSTATUS ret; + NTSTATUS status; DISP_INFO *disp_info = NULL; /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid, &acc_granted, &disp_info)) + if (!get_lsa_policy_samr_sid(p, r->in.alias_handle, &alias_sid, &acc_granted, &disp_info)) return NT_STATUS_INVALID_HANDLE; - - if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_ALIAS_ADD_MEMBER, "_samr_add_aliasmem"))) { - return r_u->status; + + status = access_check_samr_function(acc_granted, SA_RIGHT_ALIAS_ADD_MEMBER, "_samr_AddAliasMember"); + if (!NT_STATUS_IS_OK(status)) { + return status; } - + DEBUG(10, ("sid is %s\n", sid_string_dbg(&alias_sid))); - + se_priv_copy( &se_rights, &se_add_users ); can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights ); /******** BEGIN SeAddUsers BLOCK *********/ - + if ( can_add_accounts ) become_root(); - - ret = pdb_add_aliasmem(&alias_sid, &q_u->sid.sid); - + + status = pdb_add_aliasmem(&alias_sid, r->in.sid); + if ( can_add_accounts ) unbecome_root(); - + /******** END SeAddUsers BLOCK *********/ - - if (NT_STATUS_IS_OK(ret)) { + + if (NT_STATUS_IS_OK(status)) { force_flush_samr_cache(disp_info); } - return ret; + return status; } /********************************************************************* - _samr_del_aliasmem + _samr_DeleteAliasMember *********************************************************************/ -NTSTATUS _samr_del_aliasmem(pipes_struct *p, SAMR_Q_DEL_ALIASMEM *q_u, SAMR_R_DEL_ALIASMEM *r_u) +NTSTATUS _samr_DeleteAliasMember(pipes_struct *p, + struct samr_DeleteAliasMember *r) { DOM_SID alias_sid; uint32 acc_granted; SE_PRIV se_rights; bool can_add_accounts; - NTSTATUS ret; + NTSTATUS status; DISP_INFO *disp_info = NULL; /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid, &acc_granted, &disp_info)) + if (!get_lsa_policy_samr_sid(p, r->in.alias_handle, &alias_sid, &acc_granted, &disp_info)) return NT_STATUS_INVALID_HANDLE; - - if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_ALIAS_REMOVE_MEMBER, "_samr_del_aliasmem"))) { - return r_u->status; + + status = access_check_samr_function(acc_granted, SA_RIGHT_ALIAS_REMOVE_MEMBER, "_samr_DeleteAliasMember"); + if (!NT_STATUS_IS_OK(status)) { + return status; } - + DEBUG(10, ("_samr_del_aliasmem:sid is %s\n", sid_string_dbg(&alias_sid))); @@ -4052,30 +4094,32 @@ NTSTATUS _samr_del_aliasmem(pipes_struct *p, SAMR_Q_DEL_ALIASMEM *q_u, SAMR_R_DE can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights ); /******** BEGIN SeAddUsers BLOCK *********/ - + if ( can_add_accounts ) become_root(); - ret = pdb_del_aliasmem(&alias_sid, &q_u->sid.sid); - + status = pdb_del_aliasmem(&alias_sid, r->in.sid); + if ( can_add_accounts ) unbecome_root(); - + /******** END SeAddUsers BLOCK *********/ - - if (NT_STATUS_IS_OK(ret)) { + + if (NT_STATUS_IS_OK(status)) { force_flush_samr_cache(disp_info); } - return ret; + return status; } /********************************************************************* - _samr_add_groupmem + _samr_AddGroupMember *********************************************************************/ -NTSTATUS _samr_add_groupmem(pipes_struct *p, SAMR_Q_ADD_GROUPMEM *q_u, SAMR_R_ADD_GROUPMEM *r_u) +NTSTATUS _samr_AddGroupMember(pipes_struct *p, + struct samr_AddGroupMember *r) { + NTSTATUS status; DOM_SID group_sid; uint32 group_rid; uint32 acc_granted; @@ -4084,11 +4128,12 @@ NTSTATUS _samr_add_groupmem(pipes_struct *p, SAMR_Q_ADD_GROUPMEM *q_u, SAMR_R_AD DISP_INFO *disp_info = NULL; /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid, &acc_granted, &disp_info)) + if (!get_lsa_policy_samr_sid(p, r->in.group_handle, &group_sid, &acc_granted, &disp_info)) return NT_STATUS_INVALID_HANDLE; - - if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_GROUP_ADD_MEMBER, "_samr_add_groupmem"))) { - return r_u->status; + + status = access_check_samr_function(acc_granted, SA_RIGHT_GROUP_ADD_MEMBER, "_samr_AddGroupMember"); + if (!NT_STATUS_IS_OK(status)) { + return status; } DEBUG(10, ("sid is %s\n", sid_string_dbg(&group_sid))); @@ -4102,28 +4147,31 @@ NTSTATUS _samr_add_groupmem(pipes_struct *p, SAMR_Q_ADD_GROUPMEM *q_u, SAMR_R_AD can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights ); /******** BEGIN SeAddUsers BLOCK *********/ - + if ( can_add_accounts ) become_root(); - r_u->status = pdb_add_groupmem(p->mem_ctx, group_rid, q_u->rid); - + status = pdb_add_groupmem(p->mem_ctx, group_rid, r->in.rid); + if ( can_add_accounts ) unbecome_root(); - + /******** END SeAddUsers BLOCK *********/ - + force_flush_samr_cache(disp_info); - return r_u->status; + return status; } /********************************************************************* - _samr_del_groupmem + _samr_DeleteGroupMember *********************************************************************/ -NTSTATUS _samr_del_groupmem(pipes_struct *p, SAMR_Q_DEL_GROUPMEM *q_u, SAMR_R_DEL_GROUPMEM *r_u) +NTSTATUS _samr_DeleteGroupMember(pipes_struct *p, + struct samr_DeleteGroupMember *r) + { + NTSTATUS status; DOM_SID group_sid; uint32 group_rid; uint32 acc_granted; @@ -4132,17 +4180,18 @@ NTSTATUS _samr_del_groupmem(pipes_struct *p, SAMR_Q_DEL_GROUPMEM *q_u, SAMR_R_DE DISP_INFO *disp_info = NULL; /* - * delete the group member named q_u->rid + * delete the group member named r->in.rid * who is a member of the sid associated with the handle * the rid is a user's rid as the group is a domain group. */ /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid, &acc_granted, &disp_info)) + if (!get_lsa_policy_samr_sid(p, r->in.group_handle, &group_sid, &acc_granted, &disp_info)) return NT_STATUS_INVALID_HANDLE; - - if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_GROUP_REMOVE_MEMBER, "_samr_del_groupmem"))) { - return r_u->status; + + status = access_check_samr_function(acc_granted, SA_RIGHT_GROUP_REMOVE_MEMBER, "_samr_DeleteGroupMember"); + if (!NT_STATUS_IS_OK(status)) { + return status; } if (!sid_peek_check_rid(get_global_sam_sid(), &group_sid, @@ -4154,28 +4203,30 @@ NTSTATUS _samr_del_groupmem(pipes_struct *p, SAMR_Q_DEL_GROUPMEM *q_u, SAMR_R_DE can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights ); /******** BEGIN SeAddUsers BLOCK *********/ - + if ( can_add_accounts ) become_root(); - - r_u->status = pdb_del_groupmem(p->mem_ctx, group_rid, q_u->rid); + + status = pdb_del_groupmem(p->mem_ctx, group_rid, r->in.rid); if ( can_add_accounts ) unbecome_root(); - + /******** END SeAddUsers BLOCK *********/ - + force_flush_samr_cache(disp_info); - return r_u->status; + return status; } /********************************************************************* - _samr_delete_dom_user + _samr_DeleteUser *********************************************************************/ -NTSTATUS _samr_delete_dom_user(pipes_struct *p, SAMR_Q_DELETE_DOM_USER *q_u, SAMR_R_DELETE_DOM_USER *r_u ) +NTSTATUS _samr_DeleteUser(pipes_struct *p, + struct samr_DeleteUser *r) { + NTSTATUS status; DOM_SID user_sid; struct samu *sam_pass=NULL; uint32 acc_granted; @@ -4184,16 +4235,17 @@ NTSTATUS _samr_delete_dom_user(pipes_struct *p, SAMR_Q_DELETE_DOM_USER *q_u, SAM DISP_INFO *disp_info = NULL; bool ret; - DEBUG(5, ("_samr_delete_dom_user: %d\n", __LINE__)); + DEBUG(5, ("_samr_DeleteUser: %d\n", __LINE__)); /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->user_pol, &user_sid, &acc_granted, &disp_info)) + if (!get_lsa_policy_samr_sid(p, r->in.user_handle, &user_sid, &acc_granted, &disp_info)) return NT_STATUS_INVALID_HANDLE; - - if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, "_samr_delete_dom_user"))) { - return r_u->status; + + status = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, "_samr_DeleteUser"); + if (!NT_STATUS_IS_OK(status)) { + return status; } - + if (!sid_check_is_in_our_domain(&user_sid)) return NT_STATUS_CANNOT_DELETE; @@ -4207,12 +4259,12 @@ NTSTATUS _samr_delete_dom_user(pipes_struct *p, SAMR_Q_DELETE_DOM_USER *q_u, SAM unbecome_root(); if( !ret ) { - DEBUG(5,("_samr_delete_dom_user:User %s doesn't exist.\n", + DEBUG(5,("_samr_DeleteUser: User %s doesn't exist.\n", sid_string_dbg(&user_sid))); TALLOC_FREE(sam_pass); return NT_STATUS_NO_SUCH_USER; } - + acb_info = pdb_get_acct_ctrl(sam_pass); /* For machine accounts it's the SeMachineAccountPrivilege that counts. */ @@ -4220,32 +4272,32 @@ NTSTATUS _samr_delete_dom_user(pipes_struct *p, SAMR_Q_DELETE_DOM_USER *q_u, SAM can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_machine_account ); } else { can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_add_users ); - } + } /******** BEGIN SeAddUsers BLOCK *********/ - + if ( can_add_accounts ) become_root(); - r_u->status = pdb_delete_user(p->mem_ctx, sam_pass); + status = pdb_delete_user(p->mem_ctx, sam_pass); if ( can_add_accounts ) unbecome_root(); - + /******** END SeAddUsers BLOCK *********/ - - if ( !NT_STATUS_IS_OK(r_u->status) ) { - DEBUG(5,("_samr_delete_dom_user: Failed to delete entry for " + + if ( !NT_STATUS_IS_OK(status) ) { + DEBUG(5,("_samr_DeleteUser: Failed to delete entry for " "user %s: %s.\n", pdb_get_username(sam_pass), - nt_errstr(r_u->status))); + nt_errstr(status))); TALLOC_FREE(sam_pass); - return r_u->status; + return status; } TALLOC_FREE(sam_pass); - if (!close_policy_hnd(p, &q_u->user_pol)) + if (!close_policy_hnd(p, r->in.user_handle)) return NT_STATUS_OBJECT_NAME_INVALID; force_flush_samr_cache(disp_info); @@ -4254,11 +4306,13 @@ NTSTATUS _samr_delete_dom_user(pipes_struct *p, SAMR_Q_DELETE_DOM_USER *q_u, SAM } /********************************************************************* - _samr_delete_dom_group + _samr_DeleteDomainGroup *********************************************************************/ -NTSTATUS _samr_delete_dom_group(pipes_struct *p, SAMR_Q_DELETE_DOM_GROUP *q_u, SAMR_R_DELETE_DOM_GROUP *r_u) +NTSTATUS _samr_DeleteDomainGroup(pipes_struct *p, + struct samr_DeleteDomainGroup *r) { + NTSTATUS status; DOM_SID group_sid; uint32 group_rid; uint32 acc_granted; @@ -4266,14 +4320,15 @@ NTSTATUS _samr_delete_dom_group(pipes_struct *p, SAMR_Q_DELETE_DOM_GROUP *q_u, S bool can_add_accounts; DISP_INFO *disp_info = NULL; - DEBUG(5, ("samr_delete_dom_group: %d\n", __LINE__)); + DEBUG(5, ("samr_DeleteDomainGroup: %d\n", __LINE__)); /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->group_pol, &group_sid, &acc_granted, &disp_info)) + if (!get_lsa_policy_samr_sid(p, r->in.group_handle, &group_sid, &acc_granted, &disp_info)) return NT_STATUS_INVALID_HANDLE; - - if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, "_samr_delete_dom_group"))) { - return r_u->status; + + status = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, "_samr_DeleteDomainGroup"); + if (!NT_STATUS_IS_OK(status)) { + return status; } DEBUG(10, ("sid is %s\n", sid_string_dbg(&group_sid))); @@ -4287,26 +4342,26 @@ NTSTATUS _samr_delete_dom_group(pipes_struct *p, SAMR_Q_DELETE_DOM_GROUP *q_u, S can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights ); /******** BEGIN SeAddUsers BLOCK *********/ - + if ( can_add_accounts ) become_root(); - r_u->status = pdb_delete_dom_group(p->mem_ctx, group_rid); + status = pdb_delete_dom_group(p->mem_ctx, group_rid); if ( can_add_accounts ) unbecome_root(); - + /******** END SeAddUsers BLOCK *********/ - - if ( !NT_STATUS_IS_OK(r_u->status) ) { - DEBUG(5,("_samr_delete_dom_group: Failed to delete mapping " + + if ( !NT_STATUS_IS_OK(status) ) { + DEBUG(5,("_samr_DeleteDomainGroup: Failed to delete mapping " "entry for group %s: %s\n", sid_string_dbg(&group_sid), - nt_errstr(r_u->status))); - return r_u->status; + nt_errstr(status))); + return status; } - - if (!close_policy_hnd(p, &q_u->group_pol)) + + if (!close_policy_hnd(p, r->in.group_handle)) return NT_STATUS_OBJECT_NAME_INVALID; force_flush_samr_cache(disp_info); @@ -4315,10 +4370,11 @@ NTSTATUS _samr_delete_dom_group(pipes_struct *p, SAMR_Q_DELETE_DOM_GROUP *q_u, S } /********************************************************************* - _samr_delete_dom_alias + _samr_DeleteDomAlias *********************************************************************/ -NTSTATUS _samr_delete_dom_alias(pipes_struct *p, SAMR_Q_DELETE_DOM_ALIAS *q_u, SAMR_R_DELETE_DOM_ALIAS *r_u) +NTSTATUS _samr_DeleteDomAlias(pipes_struct *p, + struct samr_DeleteDomAlias *r) { DOM_SID alias_sid; uint32 acc_granted; @@ -4327,18 +4383,19 @@ NTSTATUS _samr_delete_dom_alias(pipes_struct *p, SAMR_Q_DELETE_DOM_ALIAS *q_u, S NTSTATUS status; DISP_INFO *disp_info = NULL; - DEBUG(5, ("_samr_delete_dom_alias: %d\n", __LINE__)); + DEBUG(5, ("_samr_DeleteDomAlias: %d\n", __LINE__)); /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid, &acc_granted, &disp_info)) + if (!get_lsa_policy_samr_sid(p, r->in.alias_handle, &alias_sid, &acc_granted, &disp_info)) return NT_STATUS_INVALID_HANDLE; - + /* copy the handle to the outgoing reply */ - memcpy( &r_u->pol, &q_u->alias_pol, sizeof(r_u->pol) ); + memcpy(r->out.alias_handle, r->in.alias_handle, sizeof(r->out.alias_handle)); - if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, "_samr_delete_dom_alias"))) { - return r_u->status; + status = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, "_samr_DeleteDomAlias"); + if (!NT_STATUS_IS_OK(status)) { + return status; } DEBUG(10, ("sid is %s\n", sid_string_dbg(&alias_sid))); @@ -4351,29 +4408,29 @@ NTSTATUS _samr_delete_dom_alias(pipes_struct *p, SAMR_Q_DELETE_DOM_ALIAS *q_u, S if (!sid_check_is_in_our_domain(&alias_sid)) return NT_STATUS_NO_SUCH_ALIAS; - + DEBUG(10, ("lookup on Local SID\n")); se_priv_copy( &se_rights, &se_add_users ); can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights ); /******** BEGIN SeAddUsers BLOCK *********/ - + if ( can_add_accounts ) become_root(); /* Have passdb delete the alias */ status = pdb_delete_alias(&alias_sid); - + if ( can_add_accounts ) unbecome_root(); - + /******** END SeAddUsers BLOCK *********/ if ( !NT_STATUS_IS_OK(status)) return status; - if (!close_policy_hnd(p, &q_u->alias_pol)) + if (!close_policy_hnd(p, r->in.alias_handle)) return NT_STATUS_OBJECT_NAME_INVALID; force_flush_samr_cache(disp_info); @@ -4382,11 +4439,14 @@ NTSTATUS _samr_delete_dom_alias(pipes_struct *p, SAMR_Q_DELETE_DOM_ALIAS *q_u, S } /********************************************************************* - _samr_create_dom_group + _samr_CreateDomainGroup *********************************************************************/ -NTSTATUS _samr_create_dom_group(pipes_struct *p, SAMR_Q_CREATE_DOM_GROUP *q_u, SAMR_R_CREATE_DOM_GROUP *r_u) +NTSTATUS _samr_CreateDomainGroup(pipes_struct *p, + struct samr_CreateDomainGroup *r) + { + NTSTATUS status; DOM_SID dom_sid; DOM_SID info_sid; const char *name; @@ -4397,50 +4457,51 @@ NTSTATUS _samr_create_dom_group(pipes_struct *p, SAMR_Q_CREATE_DOM_GROUP *q_u, S DISP_INFO *disp_info = NULL; /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->pol, &dom_sid, &acc_granted, &disp_info)) + if (!get_lsa_policy_samr_sid(p, r->in.domain_handle, &dom_sid, &acc_granted, &disp_info)) return NT_STATUS_INVALID_HANDLE; - - if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_DOMAIN_CREATE_GROUP, "_samr_create_dom_group"))) { - return r_u->status; + + status = access_check_samr_function(acc_granted, SA_RIGHT_DOMAIN_CREATE_GROUP, "_samr_CreateDomainGroup"); + if (!NT_STATUS_IS_OK(status)) { + return status; } - + if (!sid_equal(&dom_sid, get_global_sam_sid())) return NT_STATUS_ACCESS_DENIED; - name = rpcstr_pull_unistr2_talloc(p->mem_ctx, &q_u->uni_acct_desc); + name = r->in.name->string; if (name == NULL) { return NT_STATUS_NO_MEMORY; } - r_u->status = can_create(p->mem_ctx, name); - if (!NT_STATUS_IS_OK(r_u->status)) { - return r_u->status; + status = can_create(p->mem_ctx, name); + if (!NT_STATUS_IS_OK(status)) { + return status; } se_priv_copy( &se_rights, &se_add_users ); can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights ); /******** BEGIN SeAddUsers BLOCK *********/ - + if ( can_add_accounts ) become_root(); - + /* check that we successfully create the UNIX group */ - - r_u->status = pdb_create_dom_group(p->mem_ctx, name, &r_u->rid); + + status = pdb_create_dom_group(p->mem_ctx, name, r->out.rid); if ( can_add_accounts ) unbecome_root(); - + /******** END SeAddUsers BLOCK *********/ - + /* check if we should bail out here */ - - if ( !NT_STATUS_IS_OK(r_u->status) ) - return r_u->status; - sid_compose(&info_sid, get_global_sam_sid(), r_u->rid); - + if ( !NT_STATUS_IS_OK(status) ) + return status; + + sid_compose(&info_sid, get_global_sam_sid(), *r->out.rid); + if ((info = get_samr_info_by_sid(&info_sid)) == NULL) return NT_STATUS_NO_MEMORY; @@ -4449,7 +4510,7 @@ NTSTATUS _samr_create_dom_group(pipes_struct *p, SAMR_Q_CREATE_DOM_GROUP *q_u, S info->acc_granted = GENERIC_RIGHTS_GROUP_ALL_ACCESS; /* get a (unique) handle. open a policy on it. */ - if (!create_policy_hnd(p, &r_u->pol, free_samr_info, (void *)info)) + if (!create_policy_hnd(p, r->out.group_handle, free_samr_info, (void *)info)) return NT_STATUS_OBJECT_NAME_NOT_FOUND; force_flush_samr_cache(disp_info); @@ -4458,14 +4519,15 @@ NTSTATUS _samr_create_dom_group(pipes_struct *p, SAMR_Q_CREATE_DOM_GROUP *q_u, S } /********************************************************************* - _samr_create_dom_alias + _samr_CreateDomAlias *********************************************************************/ -NTSTATUS _samr_create_dom_alias(pipes_struct *p, SAMR_Q_CREATE_DOM_ALIAS *q_u, SAMR_R_CREATE_DOM_ALIAS *r_u) +NTSTATUS _samr_CreateDomAlias(pipes_struct *p, + struct samr_CreateDomAlias *r) { DOM_SID dom_sid; DOM_SID info_sid; - fstring name; + const char *name = NULL; struct samr_info *info; uint32 acc_granted; gid_t gid; @@ -4475,17 +4537,18 @@ NTSTATUS _samr_create_dom_alias(pipes_struct *p, SAMR_Q_CREATE_DOM_ALIAS *q_u, S DISP_INFO *disp_info = NULL; /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->dom_pol, &dom_sid, &acc_granted, &disp_info)) + if (!get_lsa_policy_samr_sid(p, r->in.domain_handle, &dom_sid, &acc_granted, &disp_info)) return NT_STATUS_INVALID_HANDLE; - - if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_DOMAIN_CREATE_ALIAS, "_samr_create_alias"))) { - return r_u->status; + + result = access_check_samr_function(acc_granted, SA_RIGHT_DOMAIN_CREATE_ALIAS, "_samr_CreateDomAlias"); + if (!NT_STATUS_IS_OK(result)) { + return result; } - + if (!sid_equal(&dom_sid, get_global_sam_sid())) return NT_STATUS_ACCESS_DENIED; - unistr2_to_ascii(name, &q_u->uni_acct_desc, sizeof(name)); + name = r->in.alias_name->string; se_priv_copy( &se_rights, &se_add_users ); can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights ); @@ -4496,16 +4559,16 @@ NTSTATUS _samr_create_dom_alias(pipes_struct *p, SAMR_Q_CREATE_DOM_ALIAS *q_u, S } /******** BEGIN SeAddUsers BLOCK *********/ - + if ( can_add_accounts ) become_root(); /* Have passdb create the alias */ - result = pdb_create_alias(name, &r_u->rid); + result = pdb_create_alias(name, r->out.rid); if ( can_add_accounts ) unbecome_root(); - + /******** END SeAddUsers BLOCK *********/ if (!NT_STATUS_IS_OK(result)) { @@ -4515,7 +4578,7 @@ NTSTATUS _samr_create_dom_alias(pipes_struct *p, SAMR_Q_CREATE_DOM_ALIAS *q_u, S } sid_copy(&info_sid, get_global_sam_sid()); - sid_append_rid(&info_sid, r_u->rid); + sid_append_rid(&info_sid, *r->out.rid); if (!sid_to_gid(&info_sid, &gid)) { DEBUG(10, ("Could not find alias just created\n")); @@ -4537,7 +4600,7 @@ NTSTATUS _samr_create_dom_alias(pipes_struct *p, SAMR_Q_CREATE_DOM_ALIAS *q_u, S info->acc_granted = GENERIC_RIGHTS_ALIAS_ALL_ACCESS; /* get a (unique) handle. open a policy on it. */ - if (!create_policy_hnd(p, &r_u->alias_pol, free_samr_info, (void *)info)) + if (!create_policy_hnd(p, r->out.alias_handle, free_samr_info, (void *)info)) return NT_STATUS_OBJECT_NAME_NOT_FOUND; force_flush_samr_cache(disp_info); @@ -4560,13 +4623,13 @@ NTSTATUS _samr_query_groupinfo(pipes_struct *p, SAMR_Q_QUERY_GROUPINFO *q_u, SAM uint32 acc_granted; bool ret; - if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid, &acc_granted, NULL)) + if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid, &acc_granted, NULL)) return NT_STATUS_INVALID_HANDLE; - + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_GROUP_LOOKUP_INFO, "_samr_query_groupinfo"))) { return r_u->status; } - + become_root(); ret = get_domain_group_from_sid(group_sid, &map); unbecome_root(); @@ -4588,7 +4651,7 @@ NTSTATUS _samr_query_groupinfo(pipes_struct *p, SAMR_Q_QUERY_GROUPINFO *q_u, SAM r_u->status = pdb_enum_group_members( p->mem_ctx, &group_sid, &members, &num_members); unbecome_root(); - + if (!NT_STATUS_IS_OK(r_u->status)) { return r_u->status; } @@ -4622,7 +4685,7 @@ NTSTATUS _samr_query_groupinfo(pipes_struct *p, SAMR_Q_QUERY_GROUPINFO *q_u, SAM r_u->status = pdb_enum_group_members( p->mem_ctx, &group_sid, &members, &num_members); unbecome_root(); - + if (!NT_STATUS_IS_OK(r_u->status)) { return r_u->status; } @@ -4642,7 +4705,7 @@ NTSTATUS _samr_query_groupinfo(pipes_struct *p, SAMR_Q_QUERY_GROUPINFO *q_u, SAM /********************************************************************* _samr_set_groupinfo - + update a domain group's comment. *********************************************************************/ @@ -4659,7 +4722,7 @@ NTSTATUS _samr_set_groupinfo(pipes_struct *p, SAMR_Q_SET_GROUPINFO *q_u, SAMR_R_ if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid, &acc_granted, &disp_info)) return NT_STATUS_INVALID_HANDLE; - + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_GROUP_SET_INFO, "_samr_set_groupinfo"))) { return r_u->status; } @@ -4669,7 +4732,7 @@ NTSTATUS _samr_set_groupinfo(pipes_struct *p, SAMR_Q_SET_GROUPINFO *q_u, SAMR_R_ unbecome_root(); if (!result) return NT_STATUS_NO_SUCH_GROUP; - + ctr=q_u->ctr; switch (ctr->switch_value1) { @@ -4689,7 +4752,7 @@ NTSTATUS _samr_set_groupinfo(pipes_struct *p, SAMR_Q_SET_GROUPINFO *q_u, SAMR_R_ if ( can_mod_accounts ) become_root(); - + ret = pdb_update_group_mapping_entry(&map); if ( can_mod_accounts ) @@ -4706,7 +4769,7 @@ NTSTATUS _samr_set_groupinfo(pipes_struct *p, SAMR_Q_SET_GROUPINFO *q_u, SAMR_R_ /********************************************************************* _samr_set_aliasinfo - + update an alias's comment. *********************************************************************/ @@ -4722,11 +4785,11 @@ NTSTATUS _samr_set_aliasinfo(pipes_struct *p, SAMR_Q_SET_ALIASINFO *q_u, SAMR_R_ if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &group_sid, &acc_granted, &disp_info)) return NT_STATUS_INVALID_HANDLE; - + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_ALIAS_SET_INFO, "_samr_set_aliasinfo"))) { return r_u->status; } - + ctr=&q_u->ctr; /* get the current group information */ @@ -4744,7 +4807,7 @@ NTSTATUS _samr_set_aliasinfo(pipes_struct *p, SAMR_Q_SET_ALIASINFO *q_u, SAMR_R_ fstring group_name, acct_name; /* We currently do not support renaming groups in the - the BUILTIN domain. Refer to util_builtin.c to understand + the BUILTIN domain. Refer to util_builtin.c to understand why. The eventually needs to be fixed to be like Windows where you can rename builtin groups, just not delete them */ @@ -4754,10 +4817,10 @@ NTSTATUS _samr_set_aliasinfo(pipes_struct *p, SAMR_Q_SET_ALIASINFO *q_u, SAMR_R_ /* There has to be a valid name (and it has to be different) */ - if ( !ctr->alias.info2.name.string ) + if ( !ctr->alias.info2.name.string ) return NT_STATUS_INVALID_PARAMETER; - unistr2_to_ascii( acct_name, ctr->alias.info2.name.string, + unistr2_to_ascii( acct_name, ctr->alias.info2.name.string, sizeof(acct_name)); /* If the name is the same just reply "ok". Yes this @@ -4768,19 +4831,19 @@ NTSTATUS _samr_set_aliasinfo(pipes_struct *p, SAMR_Q_SET_ALIASINFO *q_u, SAMR_R_ fstrcpy( info.acct_name, acct_name ); - /* make sure the name doesn't already exist as a user + /* make sure the name doesn't already exist as a user or local group */ fstr_sprintf( group_name, "%s\\%s", global_myname(), info.acct_name ); status = can_create( p->mem_ctx, group_name ); - if ( !NT_STATUS_IS_OK( status ) ) + if ( !NT_STATUS_IS_OK( status ) ) return status; break; } case 3: if ( ctr->alias.info3.description.string ) { - unistr2_to_ascii( info.acct_desc, - ctr->alias.info3.description.string, + unistr2_to_ascii( info.acct_desc, + ctr->alias.info3.description.string, sizeof(info.acct_desc)); } else @@ -4833,10 +4896,12 @@ NTSTATUS _samr_GetDomPwInfo(pipes_struct *p, } /********************************************************************* - _samr_open_group + _samr_OpenGroup *********************************************************************/ -NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_GROUP *r_u) +NTSTATUS _samr_OpenGroup(pipes_struct *p, + struct samr_OpenGroup *r) + { DOM_SID sid; DOM_SID info_sid; @@ -4844,50 +4909,50 @@ NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_G struct samr_info *info; SEC_DESC *psd = NULL; uint32 acc_granted; - uint32 des_access = q_u->access_mask; + uint32 des_access = r->in.access_mask; size_t sd_size; NTSTATUS status; fstring sid_string; bool ret; SE_PRIV se_rights; - if (!get_lsa_policy_samr_sid(p, &q_u->domain_pol, &sid, &acc_granted, NULL)) + if (!get_lsa_policy_samr_sid(p, r->in.domain_handle, &sid, &acc_granted, NULL)) return NT_STATUS_INVALID_HANDLE; - - status = access_check_samr_function(acc_granted, - SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_open_group"); - + + status = access_check_samr_function(acc_granted, + SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_OpenGroup"); + if ( !NT_STATUS_IS_OK(status) ) return status; - + /*check if access can be granted as requested by client. */ make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &grp_generic_mapping, NULL, 0); se_map_generic(&des_access,&grp_generic_mapping); se_priv_copy( &se_rights, &se_add_users ); - status = access_check_samr_object(psd, p->pipe_user.nt_user_token, - &se_rights, GENERIC_RIGHTS_GROUP_WRITE, des_access, - &acc_granted, "_samr_open_group"); - - if ( !NT_STATUS_IS_OK(status) ) + status = access_check_samr_object(psd, p->pipe_user.nt_user_token, + &se_rights, GENERIC_RIGHTS_GROUP_WRITE, des_access, + &acc_granted, "_samr_OpenGroup"); + + if ( !NT_STATUS_IS_OK(status) ) return status; /* this should not be hard-coded like this */ - + if (!sid_equal(&sid, get_global_sam_sid())) return NT_STATUS_ACCESS_DENIED; sid_copy(&info_sid, get_global_sam_sid()); - sid_append_rid(&info_sid, q_u->rid_group); + sid_append_rid(&info_sid, r->in.rid); sid_to_fstring(sid_string, &info_sid); if ((info = get_samr_info_by_sid(&info_sid)) == NULL) return NT_STATUS_NO_MEMORY; - + info->acc_granted = acc_granted; - DEBUG(10, ("_samr_open_group:Opening SID: %s\n", sid_string)); + DEBUG(10, ("_samr_OpenGroup:Opening SID: %s\n", sid_string)); /* check if that group really exists */ become_root(); @@ -4897,46 +4962,45 @@ NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_G return NT_STATUS_NO_SUCH_GROUP; /* get a (unique) handle. open a policy on it. */ - if (!create_policy_hnd(p, &r_u->pol, free_samr_info, (void *)info)) + if (!create_policy_hnd(p, r->out.group_handle, free_samr_info, (void *)info)) return NT_STATUS_OBJECT_NAME_NOT_FOUND; return NT_STATUS_OK; } /********************************************************************* - _samr_remove_sid_foreign_domain + _samr_RemoveMemberFromForeignDomain *********************************************************************/ -NTSTATUS _samr_remove_sid_foreign_domain(pipes_struct *p, - SAMR_Q_REMOVE_SID_FOREIGN_DOMAIN *q_u, - SAMR_R_REMOVE_SID_FOREIGN_DOMAIN *r_u) +NTSTATUS _samr_RemoveMemberFromForeignDomain(pipes_struct *p, + struct samr_RemoveMemberFromForeignDomain *r) { DOM_SID delete_sid, domain_sid; uint32 acc_granted; NTSTATUS result; DISP_INFO *disp_info = NULL; - sid_copy( &delete_sid, &q_u->sid.sid ); + sid_copy( &delete_sid, r->in.sid ); - DEBUG(5,("_samr_remove_sid_foreign_domain: removing SID [%s]\n", + DEBUG(5,("_samr_RemoveMemberFromForeignDomain: removing SID [%s]\n", sid_string_dbg(&delete_sid))); /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->dom_pol, &domain_sid, - &acc_granted, &disp_info)) + if (!get_lsa_policy_samr_sid(p, r->in.domain_handle, &domain_sid, + &acc_granted, &disp_info)) return NT_STATUS_INVALID_HANDLE; - - result = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, - "_samr_remove_sid_foreign_domain"); - - if (!NT_STATUS_IS_OK(result)) + + result = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, + "_samr_RemoveMemberFromForeignDomain"); + + if (!NT_STATUS_IS_OK(result)) return result; - - DEBUG(8, ("_samr_remove_sid_foreign_domain:sid is %s\n", + + DEBUG(8, ("_samr_RemoveMemberFromForeignDomain: sid is %s\n", sid_string_dbg(&domain_sid))); - /* we can only delete a user from a group since we don't have + /* we can only delete a user from a group since we don't have nested groups anyways. So in the latter case, just say OK */ /* TODO: The above comment nowadays is bogus. Since we have nested @@ -4951,7 +5015,7 @@ NTSTATUS _samr_remove_sid_foreign_domain(pipes_struct *p, * other cases. */ if (!sid_check_is_builtin(&domain_sid)) { - DEBUG(1,("_samr_remove_sid_foreign_domain: domain_sid = %s, " + DEBUG(1,("_samr_RemoveMemberFromForeignDomain: domain_sid = %s, " "global_sam_sid() = %s\n", sid_string_dbg(&domain_sid), sid_string_dbg(get_global_sam_sid()))); @@ -4967,68 +5031,52 @@ NTSTATUS _samr_remove_sid_foreign_domain(pipes_struct *p, } /******************************************************************* - _samr_query_domain_info2 + _samr_QueryDomainInfo2 ********************************************************************/ -NTSTATUS _samr_query_domain_info2(pipes_struct *p, - SAMR_Q_QUERY_DOMAIN_INFO2 *q_u, - SAMR_R_QUERY_DOMAIN_INFO2 *r_u) +NTSTATUS _samr_QueryDomainInfo2(pipes_struct *p, + struct samr_QueryDomainInfo2 *r) { - SAMR_Q_QUERY_DOMAIN_INFO q; - SAMR_R_QUERY_DOMAIN_INFO r; - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - DEBUG(5,("_samr_query_domain_info2: %d\n", __LINE__)); - - q.domain_pol = q_u->domain_pol; - q.switch_value = q_u->switch_value; - - r_u->status = _samr_query_domain_info(p, &q, &r); - - r_u->ptr_0 = r.ptr_0; - r_u->switch_value = r.switch_value; - r_u->ctr = r.ctr; - - return r_u->status; + return samr_QueryDomainInfo_internal("_samr_QueryDomainInfo2", + p, + r->in.domain_handle, + r->in.level, + r->out.info); } /******************************************************************* - _samr_set_dom_info + _samr_SetDomainInfo ********************************************************************/ -NTSTATUS _samr_set_dom_info(pipes_struct *p, SAMR_Q_SET_DOMAIN_INFO *q_u, SAMR_R_SET_DOMAIN_INFO *r_u) +NTSTATUS _samr_SetDomainInfo(pipes_struct *p, + struct samr_SetDomainInfo *r) { time_t u_expire, u_min_age; time_t u_logout; time_t u_lock_duration, u_reset_time; - r_u->status = NT_STATUS_OK; - - DEBUG(5,("_samr_set_dom_info: %d\n", __LINE__)); + DEBUG(5,("_samr_SetDomainInfo: %d\n", __LINE__)); /* find the policy handle. open a policy on it. */ - if (!find_policy_by_hnd(p, &q_u->domain_pol, NULL)) + if (!find_policy_by_hnd(p, r->in.domain_handle, NULL)) return NT_STATUS_INVALID_HANDLE; - DEBUG(5,("_samr_set_dom_info: switch_value: %d\n", q_u->switch_value)); + DEBUG(5,("_samr_SetDomainInfo: level: %d\n", r->in.level)); - switch (q_u->switch_value) { + switch (r->in.level) { case 0x01: - u_expire=nt_time_to_unix_abs(&q_u->ctr->info.inf1.expire); - u_min_age=nt_time_to_unix_abs(&q_u->ctr->info.inf1.min_passwordage); - - pdb_set_account_policy(AP_MIN_PASSWORD_LEN, (uint32)q_u->ctr->info.inf1.min_length_password); - pdb_set_account_policy(AP_PASSWORD_HISTORY, (uint32)q_u->ctr->info.inf1.password_history); - pdb_set_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS, (uint32)q_u->ctr->info.inf1.password_properties); + u_expire=nt_time_to_unix_abs((NTTIME *)&r->in.info->info1.max_password_age); + u_min_age=nt_time_to_unix_abs((NTTIME *)&r->in.info->info1.min_password_age); + pdb_set_account_policy(AP_MIN_PASSWORD_LEN, (uint32)r->in.info->info1.min_password_length); + pdb_set_account_policy(AP_PASSWORD_HISTORY, (uint32)r->in.info->info1.password_history_length); + pdb_set_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS, (uint32)r->in.info->info1.password_properties); pdb_set_account_policy(AP_MAX_PASSWORD_AGE, (int)u_expire); pdb_set_account_policy(AP_MIN_PASSWORD_AGE, (int)u_min_age); break; case 0x02: break; case 0x03: - u_logout=nt_time_to_unix_abs(&q_u->ctr->info.inf3.logout); + u_logout=nt_time_to_unix_abs((NTTIME *)&r->in.info->info3.force_logoff_time); pdb_set_account_policy(AP_TIME_TO_LOGOUT, (int)u_logout); break; case 0x05: @@ -5038,55 +5086,23 @@ NTSTATUS _samr_set_dom_info(pipes_struct *p, SAMR_Q_SET_DOMAIN_INFO *q_u, SAMR_R case 0x07: break; case 0x0c: - u_lock_duration=nt_time_to_unix_abs(&q_u->ctr->info.inf12.duration); + u_lock_duration=nt_time_to_unix_abs((NTTIME *)&r->in.info->info12.lockout_duration); if (u_lock_duration != -1) u_lock_duration /= 60; - u_reset_time=nt_time_to_unix_abs(&q_u->ctr->info.inf12.reset_count)/60; - + u_reset_time=nt_time_to_unix_abs((NTTIME *)&r->in.info->info12.lockout_window)/60; + pdb_set_account_policy(AP_LOCK_ACCOUNT_DURATION, (int)u_lock_duration); pdb_set_account_policy(AP_RESET_COUNT_TIME, (int)u_reset_time); - pdb_set_account_policy(AP_BAD_ATTEMPT_LOCKOUT, (uint32)q_u->ctr->info.inf12.bad_attempt_lockout); + pdb_set_account_policy(AP_BAD_ATTEMPT_LOCKOUT, (uint32)r->in.info->info12.lockout_threshold); break; default: return NT_STATUS_INVALID_INFO_CLASS; } - init_samr_r_set_domain_info(r_u, NT_STATUS_OK); - - DEBUG(5,("_samr_set_dom_info: %d\n", __LINE__)); - - return r_u->status; -} - -/**************************************************************** -****************************************************************/ - -NTSTATUS _samr_Connect(pipes_struct *p, - struct samr_Connect *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ + DEBUG(5,("_samr_SetDomainInfo: %d\n", __LINE__)); -NTSTATUS _samr_SetSecurity(pipes_struct *p, - struct samr_SetSecurity *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - -NTSTATUS _samr_QuerySecurity(pipes_struct *p, - struct samr_QuerySecurity *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; + return NT_STATUS_OK; } /**************************************************************** @@ -5102,16 +5118,6 @@ NTSTATUS _samr_Shutdown(pipes_struct *p, /**************************************************************** ****************************************************************/ -NTSTATUS _samr_LookupDomain(pipes_struct *p, - struct samr_LookupDomain *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - NTSTATUS _samr_EnumDomains(pipes_struct *p, struct samr_EnumDomains *r) { @@ -5122,46 +5128,6 @@ NTSTATUS _samr_EnumDomains(pipes_struct *p, /**************************************************************** ****************************************************************/ -NTSTATUS _samr_OpenDomain(pipes_struct *p, - struct samr_OpenDomain *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - -NTSTATUS _samr_QueryDomainInfo(pipes_struct *p, - struct samr_QueryDomainInfo *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - -NTSTATUS _samr_SetDomainInfo(pipes_struct *p, - struct samr_SetDomainInfo *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - -NTSTATUS _samr_CreateDomainGroup(pipes_struct *p, - struct samr_CreateDomainGroup *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - NTSTATUS _samr_EnumDomainGroups(pipes_struct *p, struct samr_EnumDomainGroups *r) { @@ -5192,16 +5158,6 @@ NTSTATUS _samr_EnumDomainUsers(pipes_struct *p, /**************************************************************** ****************************************************************/ -NTSTATUS _samr_CreateDomAlias(pipes_struct *p, - struct samr_CreateDomAlias *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - NTSTATUS _samr_EnumDomainAliases(pipes_struct *p, struct samr_EnumDomainAliases *r) { @@ -5212,16 +5168,6 @@ NTSTATUS _samr_EnumDomainAliases(pipes_struct *p, /**************************************************************** ****************************************************************/ -NTSTATUS _samr_GetAliasMembership(pipes_struct *p, - struct samr_GetAliasMembership *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - NTSTATUS _samr_LookupNames(pipes_struct *p, struct samr_LookupNames *r) { @@ -5242,16 +5188,6 @@ NTSTATUS _samr_LookupRids(pipes_struct *p, /**************************************************************** ****************************************************************/ -NTSTATUS _samr_OpenGroup(pipes_struct *p, - struct samr_OpenGroup *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - NTSTATUS _samr_QueryGroupInfo(pipes_struct *p, struct samr_QueryGroupInfo *r) { @@ -5272,46 +5208,6 @@ NTSTATUS _samr_SetGroupInfo(pipes_struct *p, /**************************************************************** ****************************************************************/ -NTSTATUS _samr_AddGroupMember(pipes_struct *p, - struct samr_AddGroupMember *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - -NTSTATUS _samr_DeleteDomainGroup(pipes_struct *p, - struct samr_DeleteDomainGroup *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - -NTSTATUS _samr_DeleteGroupMember(pipes_struct *p, - struct samr_DeleteGroupMember *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - -NTSTATUS _samr_QueryGroupMember(pipes_struct *p, - struct samr_QueryGroupMember *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - NTSTATUS _samr_SetMemberAttributesOfGroup(pipes_struct *p, struct samr_SetMemberAttributesOfGroup *r) { @@ -5322,16 +5218,6 @@ NTSTATUS _samr_SetMemberAttributesOfGroup(pipes_struct *p, /**************************************************************** ****************************************************************/ -NTSTATUS _samr_OpenAlias(pipes_struct *p, - struct samr_OpenAlias *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - NTSTATUS _samr_QueryAliasInfo(pipes_struct *p, struct samr_QueryAliasInfo *r) { @@ -5352,66 +5238,6 @@ NTSTATUS _samr_SetAliasInfo(pipes_struct *p, /**************************************************************** ****************************************************************/ -NTSTATUS _samr_DeleteDomAlias(pipes_struct *p, - struct samr_DeleteDomAlias *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - -NTSTATUS _samr_AddAliasMember(pipes_struct *p, - struct samr_AddAliasMember *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - -NTSTATUS _samr_DeleteAliasMember(pipes_struct *p, - struct samr_DeleteAliasMember *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - -NTSTATUS _samr_GetMembersInAlias(pipes_struct *p, - struct samr_GetMembersInAlias *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - -NTSTATUS _samr_OpenUser(pipes_struct *p, - struct samr_OpenUser *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - -NTSTATUS _samr_DeleteUser(pipes_struct *p, - struct samr_DeleteUser *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - NTSTATUS _samr_QueryUserInfo(pipes_struct *p, struct samr_QueryUserInfo *r) { @@ -5492,36 +5318,6 @@ NTSTATUS _samr_TestPrivateFunctionsUser(pipes_struct *p, /**************************************************************** ****************************************************************/ -NTSTATUS _samr_GetUserPwInfo(pipes_struct *p, - struct samr_GetUserPwInfo *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - -NTSTATUS _samr_RemoveMemberFromForeignDomain(pipes_struct *p, - struct samr_RemoveMemberFromForeignDomain *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - -NTSTATUS _samr_QueryDomainInfo2(pipes_struct *p, - struct samr_QueryDomainInfo2 *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - NTSTATUS _samr_QueryUserInfo2(pipes_struct *p, struct samr_QueryUserInfo2 *r) { @@ -5552,16 +5348,6 @@ NTSTATUS _samr_GetDisplayEnumerationIndex2(pipes_struct *p, /**************************************************************** ****************************************************************/ -NTSTATUS _samr_CreateUser2(pipes_struct *p, - struct samr_CreateUser2 *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - NTSTATUS _samr_QueryDisplayInfo3(pipes_struct *p, struct samr_QueryDisplayInfo3 *r) { @@ -5602,26 +5388,6 @@ NTSTATUS _samr_OemChangePasswordUser2(pipes_struct *p, /**************************************************************** ****************************************************************/ -NTSTATUS _samr_ChangePasswordUser2(pipes_struct *p, - struct samr_ChangePasswordUser2 *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - -NTSTATUS _samr_Connect2(pipes_struct *p, - struct samr_Connect2 *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - NTSTATUS _samr_SetUserInfo2(pipes_struct *p, struct samr_SetUserInfo2 *r) { @@ -5662,16 +5428,6 @@ NTSTATUS _samr_Connect3(pipes_struct *p, /**************************************************************** ****************************************************************/ -NTSTATUS _samr_Connect4(pipes_struct *p, - struct samr_Connect4 *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - NTSTATUS _samr_ChangePasswordUser3(pipes_struct *p, struct samr_ChangePasswordUser3 *r) { @@ -5682,16 +5438,6 @@ NTSTATUS _samr_ChangePasswordUser3(pipes_struct *p, /**************************************************************** ****************************************************************/ -NTSTATUS _samr_Connect5(pipes_struct *p, - struct samr_Connect5 *r) -{ - p->rng_fault_state = true; - return NT_STATUS_NOT_IMPLEMENTED; -} - -/**************************************************************** -****************************************************************/ - NTSTATUS _samr_RidToSid(pipes_struct *p, struct samr_RidToSid *r) { diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c index 05269d7711..887a8cf214 100644 --- a/source3/rpcclient/cmd_lsarpc.c +++ b/source3/rpcclient/cmd_lsarpc.c @@ -879,8 +879,10 @@ static NTSTATUS cmd_lsa_query_secobj(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_lsa_query_secobj(cli, mem_ctx, &pol, sec_info, &sdb); - + result = rpccli_lsa_QuerySecurity(cli, mem_ctx, + &pol, + sec_info, + &sdb); if (!NT_STATUS_IS_OK(result)) goto done; @@ -976,8 +978,7 @@ static NTSTATUS cmd_lsa_query_trustdominfobysid(struct rpc_pipe_client *cli, display_trust_dom_info(mem_ctx, &info, info_class, cli->pwd.password); done: - if (&pol) - rpccli_lsa_Close(cli, mem_ctx, &pol); + rpccli_lsa_Close(cli, mem_ctx, &pol); return result; } @@ -1024,8 +1025,7 @@ static NTSTATUS cmd_lsa_query_trustdominfobyname(struct rpc_pipe_client *cli, display_trust_dom_info(mem_ctx, &info, info_class, cli->pwd.password); done: - if (&pol) - rpccli_lsa_Close(cli, mem_ctx, &pol); + rpccli_lsa_Close(cli, mem_ctx, &pol); return result; } @@ -1078,8 +1078,7 @@ static NTSTATUS cmd_lsa_query_trustdominfo(struct rpc_pipe_client *cli, display_trust_dom_info(mem_ctx, &info, info_class, cli->pwd.password); done: - if (&pol) - rpccli_lsa_Close(cli, mem_ctx, &pol); + rpccli_lsa_Close(cli, mem_ctx, &pol); return result; } diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index 11d9c983df..b8bcd616ac 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -26,6 +26,11 @@ extern DOM_SID domain_sid; +static void init_lsa_String(struct lsa_String *name, const char *s) +{ + name->string = s; +} + /**************************************************************************** display sam_user_info_7 structure ****************************************************************************/ @@ -145,98 +150,90 @@ static void display_password_properties(uint32_t password_properties) printf("\tDOMAIN_REFUSE_PASSWORD_CHANGE\n"); } -static void display_sam_unk_info_1(SAM_UNK_INFO_1 *info1) +static void display_sam_dom_info_1(struct samr_DomInfo1 *info1) { - - printf("Minimum password length:\t\t\t%d\n", info1->min_length_password); - printf("Password uniqueness (remember x passwords):\t%d\n", info1->password_history); + printf("Minimum password length:\t\t\t%d\n", + info1->min_password_length); + printf("Password uniqueness (remember x passwords):\t%d\n", + info1->password_history_length); display_password_properties(info1->password_properties); - printf("password expire in:\t\t\t\t%s\n", display_time(info1->expire)); - printf("Min password age (allow changing in x days):\t%s\n", display_time(info1->min_passwordage)); + printf("password expire in:\t\t\t\t%s\n", + display_time(info1->max_password_age)); + printf("Min password age (allow changing in x days):\t%s\n", + display_time(info1->min_password_age)); } -static void display_sam_unk_info_2(SAM_UNK_INFO_2 *info2) +static void display_sam_dom_info_2(struct samr_DomInfo2 *info2) { - fstring name; - - unistr2_to_ascii(name, &info2->uni_domain, sizeof(name)); - printf("Domain:\t\t%s\n", name); - - unistr2_to_ascii(name, &info2->uni_server, sizeof(name)); - printf("Server:\t\t%s\n", name); + printf("Domain:\t\t%s\n", info2->domain_name.string); + printf("Server:\t\t%s\n", info2->primary.string); + printf("Comment:\t%s\n", info2->comment.string); - unistr2_to_ascii(name, &info2->uni_comment, sizeof(name)); - printf("Comment:\t%s\n", name); + printf("Total Users:\t%d\n", info2->num_users); + printf("Total Groups:\t%d\n", info2->num_groups); + printf("Total Aliases:\t%d\n", info2->num_aliases); - printf("Total Users:\t%d\n", info2->num_domain_usrs); - printf("Total Groups:\t%d\n", info2->num_domain_grps); - printf("Total Aliases:\t%d\n", info2->num_local_grps); - - printf("Sequence No:\t%llu\n", (unsigned long long)info2->seq_num); + printf("Sequence No:\t%llu\n", (unsigned long long)info2->sequence_num); - printf("Force Logoff:\t%d\n", (int)nt_time_to_unix_abs(&info2->logout)); + printf("Force Logoff:\t%d\n", + (int)nt_time_to_unix_abs(&info2->force_logoff_time)); - printf("Unknown 4:\t0x%x\n", info2->unknown_4); - printf("Server Role:\t%s\n", server_role_str(info2->server_role)); - printf("Unknown 6:\t0x%x\n", info2->unknown_6); + printf("Unknown 2:\t0x%x\n", info2->unknown2); + printf("Server Role:\t%s\n", server_role_str(info2->role)); + printf("Unknown 3:\t0x%x\n", info2->unknown3); } -static void display_sam_unk_info_3(SAM_UNK_INFO_3 *info3) +static void display_sam_dom_info_3(struct samr_DomInfo3 *info3) { - printf("Force Logoff:\t%d\n", (int)nt_time_to_unix_abs(&info3->logout)); + printf("Force Logoff:\t%d\n", + (int)nt_time_to_unix_abs(&info3->force_logoff_time)); } -static void display_sam_unk_info_4(SAM_UNK_INFO_4 *info4) +static void display_sam_dom_info_4(struct samr_DomInfo4 *info4) { - fstring name; - - unistr2_to_ascii(name, &info4->uni_comment, sizeof(name)); - printf("Comment:\t%s\n", name); + printf("Comment:\t%s\n", info4->comment.string); } -static void display_sam_unk_info_5(SAM_UNK_INFO_5 *info5) +static void display_sam_dom_info_5(struct samr_DomInfo5 *info5) { - fstring name; - - unistr2_to_ascii(name, &info5->uni_domain, sizeof(name)); - printf("Domain:\t\t%s\n", name); + printf("Domain:\t\t%s\n", info5->domain_name.string); } -static void display_sam_unk_info_6(SAM_UNK_INFO_6 *info6) +static void display_sam_dom_info_6(struct samr_DomInfo6 *info6) { - fstring name; - - unistr2_to_ascii(name, &info6->uni_server, sizeof(name)); - printf("Server:\t\t%s\n", name); + printf("Server:\t\t%s\n", info6->primary.string); } -static void display_sam_unk_info_7(SAM_UNK_INFO_7 *info7) +static void display_sam_dom_info_7(struct samr_DomInfo7 *info7) { - printf("Server Role:\t%s\n", server_role_str(info7->server_role)); + printf("Server Role:\t%s\n", server_role_str(info7->role)); } -static void display_sam_unk_info_8(SAM_UNK_INFO_8 *info8) +static void display_sam_dom_info_8(struct samr_DomInfo8 *info8) { - printf("Sequence No:\t%llu\n", (unsigned long long)info8->seq_num); + printf("Sequence No:\t%llu\n", (unsigned long long)info8->sequence_num); printf("Domain Create Time:\t%s\n", http_timestring(nt_time_to_unix(info8->domain_create_time))); } -static void display_sam_unk_info_9(SAM_UNK_INFO_9 *info9) +static void display_sam_dom_info_9(struct samr_DomInfo9 *info9) { printf("unknown:\t%d (0x%08x)\n", info9->unknown, info9->unknown); } -static void display_sam_unk_info_12(SAM_UNK_INFO_12 *info12) +static void display_sam_dom_info_12(struct samr_DomInfo12 *info12) { - printf("Bad password lockout duration: %s\n", display_time(info12->duration)); - printf("Reset Lockout after: %s\n", display_time(info12->reset_count)); - printf("Lockout after bad attempts: %d\n", info12->bad_attempt_lockout); + printf("Bad password lockout duration: %s\n", + display_time(info12->lockout_duration)); + printf("Reset Lockout after: %s\n", + display_time(info12->lockout_window)); + printf("Lockout after bad attempts: %d\n", + info12->lockout_threshold); } -static void display_sam_unk_info_13(SAM_UNK_INFO_13 *info13) +static void display_sam_dom_info_13(struct samr_DomInfo13 *info13) { - printf("Sequence No:\t%llu\n", (unsigned long long)info13->seq_num); + printf("Sequence No:\t%llu\n", (unsigned long long)info13->sequence_num); printf("Domain Create Time:\t%s\n", http_timestring(nt_time_to_unix(info13->domain_create_time))); printf("Unknown1:\t%d\n", info13->unknown1); @@ -321,17 +318,23 @@ static void display_sam_info_5(SAM_ENTRY5 *e5, SAM_STR5 *s5) } /**************************************************************************** - Try samr_connect4 first, then samr_conenct if it fails + Try samr_connect4 first, then samr_connect2 if it fails ****************************************************************************/ static NTSTATUS try_samr_connects(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint32 access_mask, POLICY_HND *connect_pol) { NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - result = rpccli_samr_connect4(cli, mem_ctx, access_mask, connect_pol); + + result = rpccli_samr_Connect4(cli, mem_ctx, + cli->cli->desthost, + SAMR_CONNECT_W2K, + access_mask, + connect_pol); if (!NT_STATUS_IS_OK(result)) { - result = rpccli_samr_connect(cli, mem_ctx, access_mask, - connect_pol); + result = rpccli_samr_Connect2(cli, mem_ctx, + cli->cli->desthost, + access_mask, + connect_pol); } return result; } @@ -374,16 +377,19 @@ static NTSTATUS cmd_samr_query_user(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); - + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol, - access_mask, - user_rid, &user_pol); + result = rpccli_samr_OpenUser(cli, mem_ctx, + &domain_pol, + access_mask, + user_rid, + &user_pol); if (NT_STATUS_EQUAL(result, NT_STATUS_NO_SUCH_USER) && (user_rid == 0)) { @@ -398,10 +404,11 @@ static NTSTATUS cmd_samr_query_user(struct rpc_pipe_client *cli, &types); if (NT_STATUS_IS_OK(result)) { - result = rpccli_samr_open_user(cli, mem_ctx, - &domain_pol, - access_mask, - rids[0], &user_pol); + result = rpccli_samr_OpenUser(cli, mem_ctx, + &domain_pol, + access_mask, + rids[0], + &user_pol); } } @@ -567,16 +574,20 @@ static NTSTATUS cmd_samr_query_group(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_group(cli, mem_ctx, &domain_pol, - access_mask, - group_rid, &group_pol); + result = rpccli_samr_OpenGroup(cli, mem_ctx, + &domain_pol, + access_mask, + group_rid, + &group_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -632,16 +643,19 @@ static NTSTATUS cmd_samr_query_usergroups(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol, - access_mask, - user_rid, &user_pol); + result = rpccli_samr_OpenUser(cli, mem_ctx, + &domain_pol, + access_mask, + user_rid, + &user_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -674,11 +688,11 @@ static NTSTATUS cmd_samr_query_useraliases(struct rpc_pipe_client *cli, NTSTATUS result = NT_STATUS_UNSUCCESSFUL; DOM_SID *sids; size_t num_sids; - uint32 num_aliases, *alias_rids; uint32 access_mask = MAXIMUM_ALLOWED_ACCESS; int i; fstring server; - DOM_SID2 *sid2; + struct lsa_SidArray sid_array; + struct samr_Ids alias_rids; if (argc < 3) { printf("Usage: %s builtin|domain sid1 sid2 ...\n", argv[0]); @@ -701,18 +715,22 @@ static NTSTATUS cmd_samr_query_useraliases(struct rpc_pipe_client *cli, } if (num_sids) { - sid2 = TALLOC_ARRAY(mem_ctx, DOM_SID2, num_sids); - if (sid2 == NULL) + sid_array.sids = TALLOC_ZERO_ARRAY(mem_ctx, struct lsa_SidPtr, num_sids); + if (sid_array.sids == NULL) return NT_STATUS_NO_MEMORY; } else { - sid2 = NULL; + sid_array.sids = NULL; } for (i=0; i<num_sids; i++) { - sid_copy(&sid2[i].sid, &sids[i]); - sid2[i].num_auths = sid2[i].sid.num_auths; + sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sids[i]); + if (!sid_array.sids[i].sid) { + return NT_STATUS_NO_MEMORY; + } } + sid_array.num_sids = num_sids; + slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost); strupper_m(server); @@ -723,14 +741,16 @@ static NTSTATUS cmd_samr_query_useraliases(struct rpc_pipe_client *cli, goto done; if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, &domain_pol); else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &global_sid_Builtin, - &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), + &domain_pol); else { printf("Usage: %s builtin|domain sid1 sid2 ...\n", argv[0]); return NT_STATUS_INVALID_PARAMETER; @@ -739,15 +759,15 @@ static NTSTATUS cmd_samr_query_useraliases(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_query_useraliases(cli, mem_ctx, &domain_pol, - num_sids, sid2, - &num_aliases, &alias_rids); - + result = rpccli_samr_GetAliasMembership(cli, mem_ctx, + &domain_pol, + &sid_array, + &alias_rids); if (!NT_STATUS_IS_OK(result)) goto done; - for (i = 0; i < num_aliases; i++) { - printf("\tgroup rid:[0x%x]\n", alias_rids[i]); + for (i = 0; i < alias_rids.count; i++) { + printf("\tgroup rid:[0x%x]\n", alias_rids.ids[i]); } rpccli_samr_Close(cli, mem_ctx, &domain_pol); @@ -764,12 +784,13 @@ static NTSTATUS cmd_samr_query_groupmem(struct rpc_pipe_client *cli, { POLICY_HND connect_pol, domain_pol, group_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - uint32 num_members, *group_rids, *group_attrs, group_rid; + uint32 group_rid; uint32 access_mask = MAXIMUM_ALLOWED_ACCESS; int i; fstring server; unsigned int old_timeout; - + struct samr_RidTypeArray *rids = NULL; + if ((argc < 2) || (argc > 3)) { printf("Usage: %s rid [access mask]\n", argv[0]); return NT_STATUS_OK; @@ -789,16 +810,20 @@ static NTSTATUS cmd_samr_query_groupmem(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_group(cli, mem_ctx, &domain_pol, - access_mask, - group_rid, &group_pol); + result = rpccli_samr_OpenGroup(cli, mem_ctx, + &domain_pol, + access_mask, + group_rid, + &group_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -806,18 +831,18 @@ static NTSTATUS cmd_samr_query_groupmem(struct rpc_pipe_client *cli, /* Make sure to wait for our DC's reply */ old_timeout = cli_set_timeout(cli->cli, MAX(cli->cli->timeout,30000)); /* 30 seconds. */ - result = rpccli_samr_query_groupmem(cli, mem_ctx, &group_pol, - &num_members, &group_rids, - &group_attrs); + result = rpccli_samr_QueryGroupMember(cli, mem_ctx, + &group_pol, + &rids); cli_set_timeout(cli->cli, old_timeout); if (!NT_STATUS_IS_OK(result)) goto done; - for (i = 0; i < num_members; i++) { - printf("\trid:[0x%x] attr:[0x%x]\n", group_rids[i], - group_attrs[i]); + for (i = 0; i < rids->count; i++) { + printf("\trid:[0x%x] attr:[0x%x]\n", rids->rids[i], + rids->types[i]); } rpccli_samr_Close(cli, mem_ctx, &group_pol); @@ -865,9 +890,11 @@ static NTSTATUS cmd_samr_enum_dom_users(struct rpc_pipe_client *cli, /* Get domain policy handle */ - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -937,9 +964,11 @@ static NTSTATUS cmd_samr_enum_dom_groups(struct rpc_pipe_client *cli, /* Get domain policy handle */ - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1011,13 +1040,17 @@ static NTSTATUS cmd_samr_enum_als_groups(struct rpc_pipe_client *cli, /* Get domain policy handle */ if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &global_sid_Builtin, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), + &domain_pol); else return NT_STATUS_OK; @@ -1064,9 +1097,9 @@ static NTSTATUS cmd_samr_query_aliasmem(struct rpc_pipe_client *cli, { POLICY_HND connect_pol, domain_pol, alias_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - uint32 alias_rid, num_members, i; + uint32 alias_rid, i; uint32 access_mask = MAXIMUM_ALLOWED_ACCESS; - DOM_SID *alias_sids; + struct lsa_SidArray sid_array; if ((argc < 3) || (argc > 4)) { printf("Usage: %s builtin|domain rid [access mask]\n", argv[0]); @@ -1089,13 +1122,17 @@ static NTSTATUS cmd_samr_query_aliasmem(struct rpc_pipe_client *cli, /* Open handle on domain */ if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &global_sid_Builtin, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), + &domain_pol); else return NT_STATUS_OK; @@ -1104,22 +1141,25 @@ static NTSTATUS cmd_samr_query_aliasmem(struct rpc_pipe_client *cli, /* Open handle on alias */ - result = rpccli_samr_open_alias(cli, mem_ctx, &domain_pol, - access_mask, - alias_rid, &alias_pol); + result = rpccli_samr_OpenAlias(cli, mem_ctx, + &domain_pol, + access_mask, + alias_rid, + &alias_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_query_aliasmem(cli, mem_ctx, &alias_pol, - &num_members, &alias_sids); + result = rpccli_samr_GetMembersInAlias(cli, mem_ctx, + &alias_pol, + &sid_array); if (!NT_STATUS_IS_OK(result)) goto done; - for (i = 0; i < num_members; i++) { + for (i = 0; i < sid_array.num_sids; i++) { fstring sid_str; - sid_to_fstring(sid_str, &alias_sids[i]); + sid_to_fstring(sid_str, sid_array.sids[i].sid); printf("\tsid:[%s]\n", sid_str); } @@ -1159,13 +1199,17 @@ static NTSTATUS cmd_samr_delete_alias(struct rpc_pipe_client *cli, /* Open handle on domain */ if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &global_sid_Builtin, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), + &domain_pol); else return NT_STATUS_INVALID_PARAMETER; @@ -1174,9 +1218,11 @@ static NTSTATUS cmd_samr_delete_alias(struct rpc_pipe_client *cli, /* Open handle on alias */ - result = rpccli_samr_open_alias(cli, mem_ctx, &domain_pol, - access_mask, - alias_rid, &alias_pol); + result = rpccli_samr_OpenAlias(cli, mem_ctx, + &domain_pol, + access_mask, + alias_rid, + &alias_pol); if (!NT_STATUS_IS_OK(result) && (alias_rid == 0)) { /* Probably this was a user name, try lookupnames */ uint32 num_rids; @@ -1188,14 +1234,16 @@ static NTSTATUS cmd_samr_delete_alias(struct rpc_pipe_client *cli, &types); if (NT_STATUS_IS_OK(result)) { - result = rpccli_samr_open_alias(cli, mem_ctx, + result = rpccli_samr_OpenAlias(cli, mem_ctx, &domain_pol, access_mask, - rids[0], &alias_pol); + rids[0], + &alias_pol); } } - result = rpccli_samr_delete_dom_alias(cli, mem_ctx, &alias_pol); + result = rpccli_samr_DeleteDomAlias(cli, mem_ctx, + &alias_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1260,9 +1308,11 @@ static NTSTATUS cmd_samr_query_dispinfo(struct rpc_pipe_client *cli, /* Get domain policy handle */ - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1352,7 +1402,7 @@ static NTSTATUS cmd_samr_query_dominfo(struct rpc_pipe_client *cli, NTSTATUS result = NT_STATUS_UNSUCCESSFUL; uint32 switch_level = 2; uint32 access_mask = MAXIMUM_ALLOWED_ACCESS; - SAM_UNK_CTR ctr; + union samr_DomainInfo *info = NULL; if (argc > 3) { printf("Usage: %s [info level] [access mask]\n", argv[0]); @@ -1375,17 +1425,21 @@ static NTSTATUS cmd_samr_query_dominfo(struct rpc_pipe_client *cli, /* Get domain policy handle */ - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Query domain info */ - result = rpccli_samr_query_dom_info(cli, mem_ctx, &domain_pol, - switch_level, &ctr); + result = rpccli_samr_QueryDomainInfo(cli, mem_ctx, + &domain_pol, + switch_level, + &info); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1394,37 +1448,37 @@ static NTSTATUS cmd_samr_query_dominfo(struct rpc_pipe_client *cli, switch (switch_level) { case 1: - display_sam_unk_info_1(&ctr.info.inf1); + display_sam_dom_info_1(&info->info1); break; case 2: - display_sam_unk_info_2(&ctr.info.inf2); + display_sam_dom_info_2(&info->info2); break; case 3: - display_sam_unk_info_3(&ctr.info.inf3); + display_sam_dom_info_3(&info->info3); break; case 4: - display_sam_unk_info_4(&ctr.info.inf4); + display_sam_dom_info_4(&info->info4); break; case 5: - display_sam_unk_info_5(&ctr.info.inf5); + display_sam_dom_info_5(&info->info5); break; case 6: - display_sam_unk_info_6(&ctr.info.inf6); + display_sam_dom_info_6(&info->info6); break; case 7: - display_sam_unk_info_7(&ctr.info.inf7); + display_sam_dom_info_7(&info->info7); break; case 8: - display_sam_unk_info_8(&ctr.info.inf8); + display_sam_dom_info_8(&info->info8); break; case 9: - display_sam_unk_info_9(&ctr.info.inf9); + display_sam_dom_info_9(&info->info9); break; case 12: - display_sam_unk_info_12(&ctr.info.inf12); + display_sam_dom_info_12(&info->info12); break; case 13: - display_sam_unk_info_13(&ctr.info.inf13); + display_sam_dom_info_13(&info->info13); break; default: @@ -1448,17 +1502,18 @@ static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli, { POLICY_HND connect_pol, domain_pol, user_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - const char *acct_name; + struct lsa_String acct_name; uint32 acb_info; uint32 acct_flags, user_rid; uint32 access_mask = MAXIMUM_ALLOWED_ACCESS; + uint32_t access_granted = 0; if ((argc < 2) || (argc > 3)) { printf("Usage: %s username [access mask]\n", argv[0]); return NT_STATUS_OK; } - acct_name = argv[1]; + init_lsa_String(&acct_name, argv[1]); if (argc > 2) sscanf(argv[2], "%x", &access_mask); @@ -1473,9 +1528,11 @@ static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli, /* Get domain policy handle */ - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1489,9 +1546,14 @@ static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli, SAMR_USER_ACCESS_GET_ATTRIBUTES | SAMR_USER_ACCESS_SET_ATTRIBUTES; - result = rpccli_samr_create_dom_user(cli, mem_ctx, &domain_pol, - acct_name, acb_info, acct_flags, - &user_pol, &user_rid); + result = rpccli_samr_CreateUser2(cli, mem_ctx, + &domain_pol, + &acct_name, + acb_info, + acct_flags, + &user_pol, + &access_granted, + &user_rid); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1517,16 +1579,17 @@ static NTSTATUS cmd_samr_create_dom_group(struct rpc_pipe_client *cli, { POLICY_HND connect_pol, domain_pol, group_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - const char *grp_name; + struct lsa_String grp_name; uint32 access_mask = MAXIMUM_ALLOWED_ACCESS; + uint32_t rid = 0; if ((argc < 2) || (argc > 3)) { printf("Usage: %s groupname [access mask]\n", argv[0]); return NT_STATUS_OK; } - grp_name = argv[1]; - + init_lsa_String(&grp_name, argv[1]); + if (argc > 2) sscanf(argv[2], "%x", &access_mask); @@ -1540,18 +1603,22 @@ static NTSTATUS cmd_samr_create_dom_group(struct rpc_pipe_client *cli, /* Get domain policy handle */ - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Create domain user */ - - result = rpccli_samr_create_dom_group(cli, mem_ctx, &domain_pol, - grp_name, MAXIMUM_ALLOWED_ACCESS, - &group_pol); + result = rpccli_samr_CreateDomainGroup(cli, mem_ctx, + &domain_pol, + &grp_name, + MAXIMUM_ALLOWED_ACCESS, + &group_pol, + &rid); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1577,16 +1644,17 @@ static NTSTATUS cmd_samr_create_dom_alias(struct rpc_pipe_client *cli, { POLICY_HND connect_pol, domain_pol, alias_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - const char *alias_name; + struct lsa_String alias_name; uint32 access_mask = MAXIMUM_ALLOWED_ACCESS; + uint32_t rid = 0; if ((argc < 2) || (argc > 3)) { printf("Usage: %s aliasname [access mask]\n", argv[0]); return NT_STATUS_OK; } - alias_name = argv[1]; - + init_lsa_String(&alias_name, argv[1]); + if (argc > 2) sscanf(argv[2], "%x", &access_mask); @@ -1600,17 +1668,23 @@ static NTSTATUS cmd_samr_create_dom_alias(struct rpc_pipe_client *cli, /* Get domain policy handle */ - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Create domain user */ - result = rpccli_samr_create_dom_alias(cli, mem_ctx, &domain_pol, - alias_name, &alias_pol); + result = rpccli_samr_CreateDomAlias(cli, mem_ctx, + &domain_pol, + &alias_name, + MAXIMUM_ALLOWED_ACCESS, + &alias_pol, + &rid); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1657,13 +1731,17 @@ static NTSTATUS cmd_samr_lookup_names(struct rpc_pipe_client *cli, goto done; if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &global_sid_Builtin, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), + &domain_pol); else return NT_STATUS_OK; @@ -1729,13 +1807,17 @@ static NTSTATUS cmd_samr_lookup_rids(struct rpc_pipe_client *cli, goto done; if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &global_sid_Builtin, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), + &domain_pol); else return NT_STATUS_OK; @@ -1800,9 +1882,11 @@ static NTSTATUS cmd_samr_delete_dom_group(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1821,17 +1905,20 @@ static NTSTATUS cmd_samr_delete_dom_group(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_group(cli, mem_ctx, &domain_pol, - access_mask, - group_rids[0], &group_pol); + result = rpccli_samr_OpenGroup(cli, mem_ctx, + &domain_pol, + access_mask, + group_rids[0], + &group_pol); if (!NT_STATUS_IS_OK(result)) goto done; } - /* Delete user */ + /* Delete group */ - result = rpccli_samr_delete_dom_group(cli, mem_ctx, &group_pol); + result = rpccli_samr_DeleteDomainGroup(cli, mem_ctx, + &group_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1872,9 +1959,11 @@ static NTSTATUS cmd_samr_delete_dom_user(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1893,9 +1982,11 @@ static NTSTATUS cmd_samr_delete_dom_user(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol, - access_mask, - user_rids[0], &user_pol); + result = rpccli_samr_OpenUser(cli, mem_ctx, + &domain_pol, + access_mask, + user_rids[0], + &user_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1903,7 +1994,8 @@ static NTSTATUS cmd_samr_delete_dom_user(struct rpc_pipe_client *cli, /* Delete user */ - result = rpccli_samr_delete_dom_user(cli, mem_ctx, &user_pol); + result = rpccli_samr_DeleteUser(cli, mem_ctx, + &user_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1963,17 +2055,21 @@ static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli, goto done; if (domain || user_rid) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; if (user_rid) - result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - user_rid, &user_pol); + result = rpccli_samr_OpenUser(cli, mem_ctx, + &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + user_rid, + &user_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1990,8 +2086,10 @@ static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli, /* Query SAM security object */ - result = rpccli_samr_query_sec_obj(cli, mem_ctx, pol, sec_info, ctx, - &sec_desc_buf); + result = rpccli_samr_QuerySecurity(cli, mem_ctx, + pol, + sec_info, + &sec_desc_buf); if (!NT_STATUS_IS_OK(result)) goto done; @@ -2029,16 +2127,21 @@ static NTSTATUS cmd_samr_get_usrdom_pwinfo(struct rpc_pipe_client *cli, goto done; } - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } - result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - rid, &user_pol); + result = rpccli_samr_OpenUser(cli, mem_ctx, + &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + rid, + &user_pol); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -2060,11 +2163,6 @@ static NTSTATUS cmd_samr_get_usrdom_pwinfo(struct rpc_pipe_client *cli, return result; } -static void init_lsa_String(struct lsa_String *name, const char *s) -{ - name->string = s; -} - static NTSTATUS cmd_samr_get_dom_pwinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv) @@ -2099,34 +2197,40 @@ static NTSTATUS cmd_samr_lookup_domain(struct rpc_pipe_client *cli, POLICY_HND connect_pol, domain_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; uint32 access_mask = MAXIMUM_ALLOWED_ACCESS; - fstring domain_name,sid_string; - DOM_SID sid; - + fstring sid_string; + struct lsa_String domain_name; + DOM_SID *sid = NULL; + if (argc != 2) { printf("Usage: %s domain_name\n", argv[0]); return NT_STATUS_OK; } - - sscanf(argv[1], "%s", domain_name); - + + init_lsa_String(&domain_name, argv[1]); + result = try_samr_connects(cli, mem_ctx, access_mask, &connect_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; - - result = rpccli_samr_lookup_domain( - cli, mem_ctx, &connect_pol, domain_name, &sid); + + result = rpccli_samr_LookupDomain(cli, mem_ctx, + &connect_pol, + &domain_name, + &sid); if (NT_STATUS_IS_OK(result)) { - sid_to_fstring(sid_string,&sid); + sid_to_fstring(sid_string, sid); printf("SAMR_LOOKUP_DOMAIN: Domain Name: %s Domain SID: %s\n", - domain_name,sid_string); + argv[1], sid_string); } rpccli_samr_Close(cli, mem_ctx, &domain_pol); @@ -2165,9 +2269,11 @@ static NTSTATUS cmd_samr_chgpasswd2(struct rpc_pipe_client *cli, /* Get domain policy handle */ - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -2221,9 +2327,11 @@ static NTSTATUS cmd_samr_chgpasswd3(struct rpc_pipe_client *cli, /* Get domain policy handle */ - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -2232,8 +2340,8 @@ static NTSTATUS cmd_samr_chgpasswd3(struct rpc_pipe_client *cli, result = rpccli_samr_chgpasswd3(cli, mem_ctx, user, newpass, oldpass, &info, &reject); if (NT_STATUS_EQUAL(result, NT_STATUS_PASSWORD_RESTRICTION)) { - - display_sam_unk_info_1(&info); + + /*display_sam_dom_info_1(&info);*/ switch (reject.reject_reason) { case SAMR_REJECT_TOO_SHORT: diff --git a/source3/rpcclient/cmd_spoolss.c b/source3/rpcclient/cmd_spoolss.c index b5282d2e9b..e923302f4e 100644 --- a/source3/rpcclient/cmd_spoolss.c +++ b/source3/rpcclient/cmd_spoolss.c @@ -1483,7 +1483,7 @@ static WERROR cmd_spoolss_setdriver(struct rpc_pipe_client *cli, goto done;; } - printf("Succesfully set %s to driver %s.\n", argv[1], argv[2]); + printf("Successfully set %s to driver %s.\n", argv[1], argv[2]); done: /* Cleanup */ diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c index 668c8e2095..e7ab60d22f 100644 --- a/source3/smbd/chgpasswd.c +++ b/source3/smbd/chgpasswd.c @@ -239,7 +239,8 @@ static int dochild(int master, const char *slavedev, const struct passwd *pass, static int expect(int master, char *issue, char *expected) { char buffer[1024]; - int attempts, timeout, nread, len; + int attempts, timeout, nread; + size_t len; bool match = False; for (attempts = 0; attempts < 2; attempts++) { @@ -248,7 +249,8 @@ static int expect(int master, char *issue, char *expected) DEBUG(100, ("expect: sending [%s]\n", issue)); if ((len = sys_write(master, issue, strlen(issue))) != strlen(issue)) { - DEBUG(2,("expect: (short) write returned %d\n", len )); + DEBUG(2,("expect: (short) write returned %d\n", + (int)len )); return False; } } @@ -261,9 +263,16 @@ static int expect(int master, char *issue, char *expected) nread = 0; buffer[nread] = 0; - while ((len = read_socket_with_timeout(master, buffer + nread, 1, - sizeof(buffer) - nread - 1, - timeout, NULL)) > 0) { + while (True) { + NTSTATUS status; + status = read_socket_with_timeout( + master, buffer + nread, 1, + sizeof(buffer) - nread - 1, + timeout, &len); + + if (!NT_STATUS_IS_OK(status)) { + break; + } nread += len; buffer[nread] = 0; diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 5a6df1f139..18e6bf9f7b 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -3175,7 +3175,7 @@ static bool api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, where: - usri11_name specifies the user name for which information is retireved + usri11_name specifies the user name for which information is retrieved usri11_pad aligns the next data structure element to a word boundary diff --git a/source3/smbd/map_username.c b/source3/smbd/map_username.c index 7290f70547..7536758bcb 100644 --- a/source3/smbd/map_username.c +++ b/source3/smbd/map_username.c @@ -178,7 +178,7 @@ bool map_username(fstring user) /* skip lines like 'user = ' */ - dosuserlist = str_list_make(dosname, NULL); + dosuserlist = str_list_make(talloc_tos(), dosname, NULL); if (!dosuserlist) { DEBUG(0,("Bad username map entry. Unable to build user list. Ignoring.\n")); continue; @@ -193,13 +193,13 @@ bool map_username(fstring user) fstrcpy( user, unixname ); if ( return_if_mapped ) { - str_list_free (&dosuserlist); + TALLOC_FREE(dosuserlist); x_fclose(f); return True; } } - str_list_free (&dosuserlist); + TALLOC_FREE(dosuserlist); } x_fclose(f); diff --git a/source3/smbd/oplock_irix.c b/source3/smbd/oplock_irix.c index a4ea63bc0a..788cd04c17 100644 --- a/source3/smbd/oplock_irix.c +++ b/source3/smbd/oplock_irix.c @@ -121,7 +121,6 @@ static files_struct *irix_oplock_receive_message(fd_set *fds) DEBUG(0,("irix_oplock_receive_message: read of kernel " "notification failed. Error was %s.\n", strerror(errno) )); - set_smb_read_error(get_srv_read_error(), SMB_READ_ERROR); return NULL; } @@ -141,7 +140,6 @@ static files_struct *irix_oplock_receive_message(fd_set *fds) */ return NULL; } - set_smb_read_error(get_srv_read_error(), SMB_READ_ERROR); return NULL; } diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 85e1ccf0a7..687b67950a 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -582,7 +582,7 @@ static bool user_ok(const char *user, int snum) ret = True; if (lp_invalid_users(snum)) { - str_list_copy(&invalid, lp_invalid_users(snum)); + str_list_copy(talloc_tos(), &invalid, lp_invalid_users(snum)); if (invalid && str_list_substitute(invalid, "%S", lp_servicename(snum))) { @@ -595,11 +595,10 @@ static bool user_ok(const char *user, int snum) } } } - if (invalid) - str_list_free (&invalid); + TALLOC_FREE(invalid); if (ret && lp_valid_users(snum)) { - str_list_copy(&valid, lp_valid_users(snum)); + str_list_copy(talloc_tos(), &valid, lp_valid_users(snum)); if ( valid && str_list_substitute(valid, "%S", lp_servicename(snum)) ) { @@ -611,17 +610,17 @@ static bool user_ok(const char *user, int snum) } } } - if (valid) - str_list_free (&valid); + TALLOC_FREE(valid); if (ret && lp_onlyuser(snum)) { - char **user_list = str_list_make (lp_username(snum), NULL); + char **user_list = str_list_make( + talloc_tos(), lp_username(snum), NULL); if (user_list && str_list_substitute(user_list, "%S", lp_servicename(snum))) { ret = user_in_list(user, (const char **)user_list); } - if (user_list) str_list_free (&user_list); + TALLOC_FREE(user_list); } return(ret); diff --git a/source3/smbd/process.c b/source3/smbd/process.c index 4672510d8d..68bec7830a 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -22,8 +22,6 @@ extern int smb_echo_count; -static enum smb_read_errors smb_read_error = SMB_READ_OK; - /* * Size of data we can send to client. Set * by the client for all protocols above CORE. @@ -43,11 +41,6 @@ extern int max_send; /* Accessor function for smb_read_error for smbd functions. */ -enum smb_read_errors *get_srv_read_error(void) -{ - return &smb_read_error; -} - /**************************************************************************** Send an smb to a fd. ****************************************************************************/ @@ -128,42 +121,20 @@ static bool valid_packet_size(size_t len) DEBUG(0,("Invalid packet length! (%lu bytes).\n", (unsigned long)len)); if (len > BUFFER_SIZE + (SAFETY_MARGIN/2)) { - - /* - * Correct fix. smb_read_error may have already been - * set. Only set it here if not already set. Global - * variables still suck :-). JRA. - */ - - cond_set_smb_read_error(get_srv_read_error(), - SMB_READ_ERROR); return false; } } return true; } -static ssize_t read_packet_remainder(int fd, - char *buffer, - unsigned int timeout, - ssize_t len) +static NTSTATUS read_packet_remainder(int fd, char *buffer, + unsigned int timeout, ssize_t len) { - ssize_t ret; - - if(len <= 0) { - return len; + if (len <= 0) { + return NT_STATUS_OK; } - ret = read_socket_with_timeout(fd, buffer, len, len, timeout, - get_srv_read_error()); - - if (ret != len) { - cond_set_smb_read_error(get_srv_read_error(), - SMB_READ_ERROR); - return -1; - } - - return len; + return read_socket_with_timeout(fd, buffer, len, len, timeout, NULL); } /**************************************************************************** @@ -182,30 +153,29 @@ static ssize_t read_packet_remainder(int fd, (2*14) + /* word count (including bcc) */ \ 1 /* pad byte */) -static ssize_t receive_smb_raw_talloc_partial_read(TALLOC_CTX *mem_ctx, - const char lenbuf[4], - int fd, - char **buffer, - unsigned int timeout, - size_t *p_unread) +static NTSTATUS receive_smb_raw_talloc_partial_read(TALLOC_CTX *mem_ctx, + const char lenbuf[4], + int fd, char **buffer, + unsigned int timeout, + size_t *p_unread, + size_t *len_ret) { /* Size of a WRITEX call (+4 byte len). */ char writeX_header[4 + STANDARD_WRITE_AND_X_HEADER_SIZE]; ssize_t len = smb_len_large(lenbuf); /* Could be a UNIX large writeX. */ ssize_t toread; - ssize_t ret; + NTSTATUS status; memcpy(writeX_header, lenbuf, sizeof(lenbuf)); - ret = read_socket_with_timeout(fd, writeX_header + 4, - STANDARD_WRITE_AND_X_HEADER_SIZE, - STANDARD_WRITE_AND_X_HEADER_SIZE, - timeout, get_srv_read_error()); + status = read_socket_with_timeout( + fd, writeX_header + 4, + STANDARD_WRITE_AND_X_HEADER_SIZE, + STANDARD_WRITE_AND_X_HEADER_SIZE, + timeout, NULL); - if (ret != STANDARD_WRITE_AND_X_HEADER_SIZE) { - cond_set_smb_read_error(get_srv_read_error(), - SMB_READ_ERROR); - return -1; + if (!NT_STATUS_IS_OK(status)) { + return status; } /* @@ -244,19 +214,17 @@ static ssize_t receive_smb_raw_talloc_partial_read(TALLOC_CTX *mem_ctx, if (*buffer == NULL) { DEBUG(0, ("Could not allocate inbuf of length %d\n", (int)sizeof(writeX_header))); - cond_set_smb_read_error(get_srv_read_error(), - SMB_READ_ERROR); - return -1; + return NT_STATUS_NO_MEMORY; } /* Work out the remaining bytes. */ *p_unread = len - STANDARD_WRITE_AND_X_HEADER_SIZE; - - return newlen + 4; + *len_ret = newlen + 4; + return NT_STATUS_OK; } if (!valid_packet_size(len)) { - return -1; + return NT_STATUS_INVALID_PARAMETER; } /* @@ -269,9 +237,7 @@ static ssize_t receive_smb_raw_talloc_partial_read(TALLOC_CTX *mem_ctx, if (*buffer == NULL) { DEBUG(0, ("Could not allocate inbuf of length %d\n", (int)len+4)); - cond_set_smb_read_error(get_srv_read_error(), - SMB_READ_ERROR); - return -1; + return NT_STATUS_NO_MEMORY; } /* Copy in what we already read. */ @@ -281,44 +247,34 @@ static ssize_t receive_smb_raw_talloc_partial_read(TALLOC_CTX *mem_ctx, toread = len - STANDARD_WRITE_AND_X_HEADER_SIZE; if(toread > 0) { - ret = read_packet_remainder(fd, - (*buffer) + 4 + STANDARD_WRITE_AND_X_HEADER_SIZE, - timeout, - toread); - if (ret != toread) { - return -1; + status = read_packet_remainder( + fd, (*buffer) + 4 + STANDARD_WRITE_AND_X_HEADER_SIZE, + timeout, toread); + + if (!NT_STATUS_IS_OK(status)) { + return status; } } - return len + 4; + *len_ret = len + 4; + return NT_STATUS_OK; } -static ssize_t receive_smb_raw_talloc(TALLOC_CTX *mem_ctx, - int fd, - char **buffer, - unsigned int timeout, - size_t *p_unread) +static NTSTATUS receive_smb_raw_talloc(TALLOC_CTX *mem_ctx, int fd, + char **buffer, unsigned int timeout, + size_t *p_unread, size_t *plen) { char lenbuf[4]; - ssize_t len,ret; + size_t len; int min_recv_size = lp_min_receive_file_size(); + NTSTATUS status; - set_smb_read_error(get_srv_read_error(),SMB_READ_OK); *p_unread = 0; - len = read_smb_length_return_keepalive(fd, lenbuf, - timeout, get_srv_read_error()); - if (len < 0) { - DEBUG(10,("receive_smb_raw: length < 0!\n")); - - /* - * Correct fix. smb_read_error may have already been - * set. Only set it here if not already set. Global - * variables still suck :-). JRA. - */ - - cond_set_smb_read_error(get_srv_read_error(),SMB_READ_ERROR); - return -1; + status = read_smb_length_return_keepalive(fd, lenbuf, timeout, &len); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("receive_smb_raw: %s\n", nt_errstr(status))); + return status; } if (CVAL(lenbuf,0) == 0 && @@ -326,16 +282,18 @@ static ssize_t receive_smb_raw_talloc(TALLOC_CTX *mem_ctx, smb_len_large(lenbuf) > min_recv_size && /* Could be a UNIX large writeX. */ !srv_is_signing_active()) { - return receive_smb_raw_talloc_partial_read(mem_ctx, - lenbuf, - fd, - buffer, - timeout, - p_unread); + status = receive_smb_raw_talloc_partial_read( + mem_ctx, lenbuf, fd, buffer, timeout, p_unread, &len); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("receive_smb_raw: %s\n", + nt_errstr(status))); + return status; + } } if (!valid_packet_size(len)) { - return -1; + return NT_STATUS_INVALID_PARAMETER; } /* @@ -347,46 +305,43 @@ static ssize_t receive_smb_raw_talloc(TALLOC_CTX *mem_ctx, if (*buffer == NULL) { DEBUG(0, ("Could not allocate inbuf of length %d\n", (int)len+4)); - cond_set_smb_read_error(get_srv_read_error(),SMB_READ_ERROR); - return -1; + return NT_STATUS_NO_MEMORY; } memcpy(*buffer, lenbuf, sizeof(lenbuf)); - ret = read_packet_remainder(fd, (*buffer)+4, timeout, len); - if (ret != len) { - return -1; + status = read_packet_remainder(fd, (*buffer)+4, timeout, len); + if (!NT_STATUS_IS_OK(status)) { + return status; } - return len + 4; + *plen = len + 4; + return NT_STATUS_OK; } -static ssize_t receive_smb_talloc(TALLOC_CTX *mem_ctx, - int fd, - char **buffer, - unsigned int timeout, - size_t *p_unread, - bool *p_encrypted) +static NTSTATUS receive_smb_talloc(TALLOC_CTX *mem_ctx, int fd, + char **buffer, unsigned int timeout, + size_t *p_unread, bool *p_encrypted, + size_t *p_len) { - ssize_t len; + size_t len = 0; + NTSTATUS status; *p_encrypted = false; - len = receive_smb_raw_talloc(mem_ctx, fd, buffer, timeout, p_unread); - - if (len < 0) { - return -1; + status = receive_smb_raw_talloc(mem_ctx, fd, buffer, timeout, + p_unread, &len); + if (!NT_STATUS_IS_OK(status)) { + return status; } if (is_encrypted_packet((uint8_t *)*buffer)) { - NTSTATUS status = srv_decrypt_buffer(*buffer); + status = srv_decrypt_buffer(*buffer); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("receive_smb_talloc: SMB decryption failed on " "incoming packet! Error %s\n", nt_errstr(status) )); - cond_set_smb_read_error(get_srv_read_error(), - SMB_READ_BAD_DECRYPT); - return -1; + return status; } *p_encrypted = true; } @@ -395,11 +350,11 @@ static ssize_t receive_smb_talloc(TALLOC_CTX *mem_ctx, if (!srv_check_sign_mac(*buffer, true)) { DEBUG(0, ("receive_smb: SMB Signature verification failed on " "incoming packet!\n")); - cond_set_smb_read_error(get_srv_read_error(),SMB_READ_BAD_SIG); - return -1; + return NT_STATUS_INVALID_NETWORK_RESPONSE; } - return len; + *p_len = len; + return NT_STATUS_OK; } /* @@ -756,21 +711,18 @@ static int select_on_fd(int fd, int maxfd, fd_set *fds) The timeout is in milliseconds ****************************************************************************/ -static bool receive_message_or_smb(TALLOC_CTX *mem_ctx, - char **buffer, - size_t *buffer_len, - int timeout, - size_t *p_unread, - bool *p_encrypted) +static NTSTATUS receive_message_or_smb(TALLOC_CTX *mem_ctx, char **buffer, + size_t *buffer_len, int timeout, + size_t *p_unread, bool *p_encrypted) { fd_set r_fds, w_fds; int selrtn; struct timeval to; int maxfd = 0; - ssize_t len; + size_t len = 0; + NTSTATUS status; *p_unread = 0; - set_smb_read_error(get_srv_read_error(),SMB_READ_OK); again: @@ -824,8 +776,7 @@ static bool receive_message_or_smb(TALLOC_CTX *mem_ctx, msg->buf.length); if (*buffer == NULL) { DEBUG(0, ("talloc failed\n")); - set_smb_read_error(get_srv_read_error(),SMB_READ_ERROR); - return False; + return NT_STATUS_NO_MEMORY; } *buffer_len = msg->buf.length; *p_encrypted = msg->encrypted; @@ -833,7 +784,7 @@ static bool receive_message_or_smb(TALLOC_CTX *mem_ctx, /* We leave this message on the queue so the open code can know this is a retry. */ DEBUG(5,("receive_message_or_smb: returning deferred open smb message.\n")); - return True; + return NT_STATUS_OK; } } @@ -919,14 +870,12 @@ static bool receive_message_or_smb(TALLOC_CTX *mem_ctx, /* Check if error */ if (selrtn == -1) { /* something is wrong. Maybe the socket is dead? */ - set_smb_read_error(get_srv_read_error(),SMB_READ_ERROR); - return False; + return map_nt_error_from_unix(errno); } /* Did we timeout ? */ if (selrtn == 0) { - set_smb_read_error(get_srv_read_error(),SMB_READ_TIMEOUT); - return False; + return NT_STATUS_IO_TIMEOUT; } /* @@ -945,16 +894,16 @@ static bool receive_message_or_smb(TALLOC_CTX *mem_ctx, goto again; } - len = receive_smb_talloc(mem_ctx, smbd_server_fd(), - buffer, 0, p_unread, p_encrypted); + status = receive_smb_talloc(mem_ctx, smbd_server_fd(), buffer, 0, + p_unread, p_encrypted, &len); - if (len == -1) { - return False; + if (!NT_STATUS_IS_OK(status)) { + return status; } - *buffer_len = (size_t)len; + *buffer_len = len; - return True; + return NT_STATUS_OK; } /* @@ -1932,27 +1881,11 @@ void check_reload(time_t t) Process any timeout housekeeping. Return False if the caller should exit. ****************************************************************************/ -static bool timeout_processing(int *select_timeout, +static void timeout_processing(int *select_timeout, time_t *last_timeout_processing_time) { time_t t; - if (*get_srv_read_error() == SMB_READ_EOF) { - DEBUG(3,("timeout_processing: End of file from client (client has disconnected).\n")); - return false; - } - - if (*get_srv_read_error() == SMB_READ_ERROR) { - DEBUG(3,("timeout_processing: receive_smb error (%s) Exiting\n", - strerror(errno))); - return false; - } - - if (*get_srv_read_error() == SMB_READ_BAD_SIG) { - DEBUG(3,("timeout_processing: receive_smb error bad smb signature. Exiting\n")); - return false; - } - *last_timeout_processing_time = t = time(NULL); /* become root again if waiting */ @@ -1982,14 +1915,14 @@ static bool timeout_processing(int *select_timeout, if (secrets_lock_trust_account_password(lp_workgroup(), True) == False) { DEBUG(0,("process: unable to lock the machine account password for \ machine %s in domain %s.\n", global_myname(), lp_workgroup() )); - return True; + return; } if(!secrets_fetch_trust_account_password(lp_workgroup(), trust_passwd_hash, &lct, NULL)) { DEBUG(0,("process: unable to read the machine account password for \ machine %s in domain %s.\n", global_myname(), lp_workgroup())); secrets_lock_trust_account_password(lp_workgroup(), False); - return True; + return; } /* @@ -1999,7 +1932,7 @@ machine %s in domain %s.\n", global_myname(), lp_workgroup())); if(t < lct + lp_machine_password_timeout()) { global_machine_password_needs_changing = False; secrets_lock_trust_account_password(lp_workgroup(), False); - return True; + return; } /* always just contact the PDC here */ @@ -2031,7 +1964,7 @@ machine %s in domain %s.\n", global_myname(), lp_workgroup())); *select_timeout = setup_select_timeout(); - return True; + return; } /**************************************************************************** @@ -2049,8 +1982,8 @@ void smbd_process(void) while (True) { int select_timeout = setup_select_timeout(); int num_echos; - char *inbuf; - size_t inbuf_len; + char *inbuf = NULL; + size_t inbuf_len = 0; bool encrypted = false; TALLOC_CTX *frame = talloc_stackframe_pool(8192); @@ -2058,21 +1991,35 @@ void smbd_process(void) /* Did someone ask for immediate checks on things like blocking locks ? */ if (select_timeout == 0) { - if(!timeout_processing(&select_timeout, - &last_timeout_processing_time)) - return; + timeout_processing(&select_timeout, + &last_timeout_processing_time); num_smbs = 0; /* Reset smb counter. */ } run_events(smbd_event_context(), 0, NULL, NULL); - while (!receive_message_or_smb(talloc_tos(), &inbuf, &inbuf_len, - select_timeout, - &unread_bytes, - &encrypted)) { - if(!timeout_processing(&select_timeout, - &last_timeout_processing_time)) - return; + while (True) { + NTSTATUS status; + + status = receive_message_or_smb( + talloc_tos(), &inbuf, &inbuf_len, + select_timeout, &unread_bytes, &encrypted); + + if (NT_STATUS_IS_OK(status)) { + break; + } + + if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) { + timeout_processing( + &select_timeout, + &last_timeout_processing_time); + continue; + } + + DEBUG(3, ("receive_message_or_smb failed: %s, " + "exiting\n", nt_errstr(status))); + return; + num_smbs = 0; /* Reset smb counter. */ } @@ -2093,8 +2040,8 @@ void smbd_process(void) TALLOC_FREE(inbuf); if (smb_echo_count != num_echos) { - if(!timeout_processing( &select_timeout, &last_timeout_processing_time)) - return; + timeout_processing(&select_timeout, + &last_timeout_processing_time); num_smbs = 0; /* Reset smb counter. */ } @@ -2110,10 +2057,9 @@ void smbd_process(void) if ((num_smbs % 200) == 0) { time_t new_check_time = time(NULL); if(new_check_time - last_timeout_processing_time >= (select_timeout/1000)) { - if(!timeout_processing( - &select_timeout, - &last_timeout_processing_time)) - return; + timeout_processing( + &select_timeout, + &last_timeout_processing_time); num_smbs = 0; /* Reset smb counter. */ last_timeout_processing_time = new_check_time; /* Reset time. */ } diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 18376031ec..bced8ed984 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3492,18 +3492,12 @@ void reply_writebraw(struct smb_request *req) } /* Now read the raw data into the buffer and write it */ - if (read_smb_length(smbd_server_fd(),buf, - SMB_SECONDARY_WAIT, get_srv_read_error()) == -1) { + status = read_smb_length(smbd_server_fd(), buf, SMB_SECONDARY_WAIT, + &numtowrite); + if (!NT_STATUS_IS_OK(status)) { exit_server_cleanly("secondary writebraw failed"); } - /* - * Even though this is not an smb message, - * smb_len returns the generic length of a packet. - */ - - numtowrite = smb_len(buf); - /* Set up outbuf to return the correct size */ reply_outbuf(req, 1, 0); @@ -3522,11 +3516,12 @@ void reply_writebraw(struct smb_request *req) (int)tcount,(int)nwritten,(int)numtowrite)); } - if (read_data(smbd_server_fd(), buf+4, numtowrite,get_srv_read_error()) - != numtowrite ) { + status = read_data(smbd_server_fd(), buf+4, numtowrite); + + if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("reply_writebraw: Oversize secondary write " - "raw read failed (%s). Terminating\n", - strerror(errno) )); + "raw read failed (%s). Terminating\n", + nt_errstr(status))); exit_server_cleanly("secondary writebraw failed"); } diff --git a/source3/utils/net_domain.c b/source3/utils/net_domain.c index b15f61bf63..11099ab233 100644 --- a/source3/utils/net_domain.c +++ b/source3/utils/net_domain.c @@ -37,6 +37,11 @@ goto done; \ } +static void init_lsa_String(struct lsa_String *name, const char *s) +{ + name->string = s; +} + /******************************************************************* Leave an AD domain. Windows XP disables the machine account. We'll try the same. The old code would do an LDAP delete. @@ -66,14 +71,19 @@ NTSTATUS netdom_leave_domain( TALLOC_CTX *mem_ctx, struct cli_state *cli, return status; } - status = rpccli_samr_connect(pipe_hnd, mem_ctx, - SEC_RIGHTS_MAXIMUM_ALLOWED, &sam_pol); + status = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol); if ( !NT_STATUS_IS_OK(status) ) return status; - - status = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &sam_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, dom_sid, &domain_pol); + + status = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &sam_pol, + SEC_RIGHTS_MAXIMUM_ALLOWED, + dom_sid, + &domain_pol); if ( !NT_STATUS_IS_OK(status) ) return status; @@ -98,8 +108,11 @@ NTSTATUS netdom_leave_domain( TALLOC_CTX *mem_ctx, struct cli_state *cli, /* Open handle on user */ - status = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, user_rid, &user_pol); + status = rpccli_samr_OpenUser(pipe_hnd, mem_ctx, + &domain_pol, + SEC_RIGHTS_MAXIMUM_ALLOWED, + user_rid, + &user_pol); if ( !NT_STATUS_IS_OK(status) ) { goto done; } @@ -204,6 +217,7 @@ NTSTATUS netdom_join_domain( TALLOC_CTX *mem_ctx, struct cli_state *cli, NTSTATUS status = NT_STATUS_UNSUCCESSFUL; char *acct_name; const char *const_acct_name; + struct lsa_String lsa_acct_name; uint32 user_rid; uint32 num_rids, *name_types, *user_rids; uint32 flags = 0x3e8; @@ -218,6 +232,7 @@ NTSTATUS netdom_join_domain( TALLOC_CTX *mem_ctx, struct cli_state *cli, uchar md5buffer[16]; DATA_BLOB digested_session_key; uchar md4_trust_password[16]; + uint32_t access_granted = 0; /* Open the domain */ @@ -227,14 +242,19 @@ NTSTATUS netdom_join_domain( TALLOC_CTX *mem_ctx, struct cli_state *cli, return status; } - status = rpccli_samr_connect(pipe_hnd, mem_ctx, - SEC_RIGHTS_MAXIMUM_ALLOWED, &sam_pol); + status = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol); if ( !NT_STATUS_IS_OK(status) ) return status; - - status = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &sam_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, dom_sid, &domain_pol); + + status = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &sam_pol, + SEC_RIGHTS_MAXIMUM_ALLOWED, + dom_sid, + &domain_pol); if ( !NT_STATUS_IS_OK(status) ) return status; @@ -244,6 +264,8 @@ NTSTATUS netdom_join_domain( TALLOC_CTX *mem_ctx, struct cli_state *cli, strlower_m(acct_name); const_acct_name = acct_name; + init_lsa_String(&lsa_acct_name, acct_name); + /* Don't try to set any acb_info flags other than ACB_WSTRUST */ acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE | SEC_STD_WRITE_DAC | SEC_STD_DELETE | @@ -253,8 +275,14 @@ NTSTATUS netdom_join_domain( TALLOC_CTX *mem_ctx, struct cli_state *cli, DEBUG(10, ("Creating account with flags: %d\n",acct_flags)); - status = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol, - acct_name, acb_info, acct_flags, &user_pol, &user_rid); + status = rpccli_samr_CreateUser2(pipe_hnd, mem_ctx, + &domain_pol, + &lsa_acct_name, + acb_info, + acct_flags, + &user_pol, + &access_granted, + &user_rid); if ( !NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) @@ -292,8 +320,11 @@ NTSTATUS netdom_join_domain( TALLOC_CTX *mem_ctx, struct cli_state *cli, /* Open handle on user */ - status = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, user_rid, &user_pol); + status = rpccli_samr_OpenUser(pipe_hnd, mem_ctx, + &domain_pol, + SEC_RIGHTS_MAXIMUM_ALLOWED, + user_rid, + &user_pol); if (!NT_STATUS_IS_OK(status)) { return status; } diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 2140829649..a1e093a335 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -23,6 +23,11 @@ #include "includes.h" #include "utils/net.h" +static void init_lsa_String(struct lsa_String *name, const char *s) +{ + name->string = s; +} + static int net_mode_share; static bool sync_files(struct copy_clistate *cp_clistate, const char *mask); @@ -440,40 +445,44 @@ NTSTATUS rpc_info_internals(const DOM_SID *domain_sid, { POLICY_HND connect_pol, domain_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - SAM_UNK_CTR ctr; + union samr_DomainInfo *info = NULL; fstring sid_str; sid_to_fstring(sid_str, domain_sid); - /* Get sam policy handle */ - result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + /* Get sam policy handle */ + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "Could not connect to SAM: %s\n", nt_errstr(result)); goto done; } - + /* Get domain policy handle */ - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, domain_sid), + &domain_pol); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "Could not open domain: %s\n", nt_errstr(result)); goto done; } - ZERO_STRUCT(ctr); - result = rpccli_samr_query_dom_info(pipe_hnd, mem_ctx, &domain_pol, - 2, &ctr); + result = rpccli_samr_QueryDomainInfo(pipe_hnd, mem_ctx, + &domain_pol, + 2, + &info); if (NT_STATUS_IS_OK(result)) { - TALLOC_CTX *ctx = talloc_init("rpc_info_internals"); - d_printf("Domain Name: %s\n", unistr2_to_ascii_talloc(ctx, &ctr.info.inf2.uni_domain)); + d_printf("Domain Name: %s\n", info->info2.domain_name.string); d_printf("Domain SID: %s\n", sid_str); - d_printf("Sequence number: %llu\n", (unsigned long long)ctr.info.inf2.seq_num); - d_printf("Num users: %u\n", ctr.info.inf2.num_domain_usrs); - d_printf("Num domain groups: %u\n", ctr.info.inf2.num_domain_grps); - d_printf("Num local groups: %u\n", ctr.info.inf2.num_local_grps); - talloc_destroy(ctx); + d_printf("Sequence number: %llu\n", + (unsigned long long)info->info2.sequence_num); + d_printf("Num users: %u\n", info->info2.num_users); + d_printf("Num domain groups: %u\n", info->info2.num_groups); + d_printf("Num local groups: %u\n", info->info2.num_aliases); } done: @@ -587,8 +596,10 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid, POLICY_HND connect_pol, domain_pol, user_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; const char *acct_name; + struct lsa_String lsa_acct_name; uint32 acb_info; uint32 acct_flags, user_rid; + uint32_t access_granted = 0; if (argc < 1) { d_printf("User must be specified\n"); @@ -597,20 +608,25 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid, } acct_name = argv[0]; + init_lsa_String(&lsa_acct_name, acct_name); /* Get sam policy handle */ - - result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } /* Get domain policy handle */ - - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); + + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, domain_sid), + &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } @@ -624,9 +640,15 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid, SAMR_USER_ACCESS_GET_ATTRIBUTES | SAMR_USER_ACCESS_SET_ATTRIBUTES; - result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol, - acct_name, acb_info, acct_flags, - &user_pol, &user_rid); + result = rpccli_samr_CreateUser2(pipe_hnd, mem_ctx, + &domain_pol, + &lsa_acct_name, + acb_info, + acct_flags, + &user_pol, + &access_granted, + &user_rid); + if (!NT_STATUS_IS_OK(result)) { goto done; } @@ -648,9 +670,11 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid, goto done; } - result = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - user_rids[0], &user_pol); + result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx, + &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + user_rids[0], + &user_pol); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -675,7 +699,8 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid, d_fprintf(stderr, "Failed to set password for user %s - %s\n", acct_name, nt_errstr(result)); - result = rpccli_samr_delete_dom_user(pipe_hnd, mem_ctx, &user_pol); + result = rpccli_samr_DeleteUser(pipe_hnd, mem_ctx, + &user_pol); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "Failed to delete user %s - %s\n", @@ -749,16 +774,20 @@ static NTSTATUS rpc_user_del_internals(const DOM_SID *domain_sid, /* Get sam policy and domain handles */ - result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, domain_sid), + &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -779,9 +808,11 @@ static NTSTATUS rpc_user_del_internals(const DOM_SID *domain_sid, goto done; } - result = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - user_rids[0], &user_pol); + result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx, + &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + user_rids[0], + &user_pol); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -790,7 +821,8 @@ static NTSTATUS rpc_user_del_internals(const DOM_SID *domain_sid, /* Delete user */ - result = rpccli_samr_delete_dom_user(pipe_hnd, mem_ctx, &user_pol); + result = rpccli_samr_DeleteUser(pipe_hnd, mem_ctx, + &user_pol); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -857,18 +889,23 @@ static NTSTATUS rpc_user_rename_internals(const DOM_SID *domain_sid, ZERO_STRUCT(user_ctr); /* Get sam policy handle */ - - result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); + if (!NT_STATUS_IS_OK(result)) { goto done; } /* Get domain policy handle */ - - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); + + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, domain_sid), + &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } @@ -886,8 +923,11 @@ static NTSTATUS rpc_user_rename_internals(const DOM_SID *domain_sid, } /* Open domain user */ - result = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, user_rid[0], &user_pol); + result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx, + &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + user_rid[0], + &user_pol); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -1007,16 +1047,20 @@ static NTSTATUS rpc_user_password_internals(const DOM_SID *domain_sid, /* Get sam policy and domain handles */ - result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, domain_sid), + &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -1037,9 +1081,11 @@ static NTSTATUS rpc_user_password_internals(const DOM_SID *domain_sid, goto done; } - result = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - user_rids[0], &user_pol); + result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx, + &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + user_rids[0], + &user_pol); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -1126,16 +1172,20 @@ static NTSTATUS rpc_user_info_internals(const DOM_SID *domain_sid, return NT_STATUS_OK; } /* Get sam policy handle */ - - result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Get domain policy handle */ - - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); + + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, domain_sid), + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Get handle on user */ @@ -1146,9 +1196,11 @@ static NTSTATUS rpc_user_info_internals(const DOM_SID *domain_sid, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - rids[0], &user_pol); + result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx, + &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + rids[0], + &user_pol); if (!NT_STATUS_IS_OK(result)) goto done; result = rpccli_samr_query_usergroups(pipe_hnd, mem_ctx, &user_pol, @@ -1231,18 +1283,22 @@ static NTSTATUS rpc_user_list_internals(const DOM_SID *domain_sid, SAM_DISPINFO_1 info1; /* Get sam policy handle */ - - result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } /* Get domain policy handle */ - - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); + + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, domain_sid), + &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } @@ -1377,22 +1433,28 @@ static NTSTATUS rpc_sh_handle_user(TALLOC_CTX *mem_ctx, goto done; } - result = rpccli_samr_connect(pipe_hnd, mem_ctx, - MAXIMUM_ALLOWED_ACCESS, &connect_pol); + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - ctx->domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + ctx->domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } - result = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - rid, &user_pol); + result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx, + &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + rid, + &user_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } @@ -1725,8 +1787,8 @@ static NTSTATUS rpc_group_delete_internals(const DOM_SID *domain_sid, bool group_is_primary = False; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - uint32 *group_rids, num_rids, *name_types, num_members, - *group_attrs, group_rid; + uint32 *group_rids, num_rids, *name_types, group_rid; + struct samr_RidTypeArray *rids = NULL; uint32 flags = 0x000003e8; /* Unknown */ /* char **names; */ int i; @@ -1740,18 +1802,22 @@ static NTSTATUS rpc_group_delete_internals(const DOM_SID *domain_sid, return NT_STATUS_OK; /* ok? */ } - result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) { - d_fprintf(stderr, "Request samr_connect failed\n"); + d_fprintf(stderr, "Request samr_Connect2 failed\n"); goto done; } - - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); - + + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, domain_sid), + &domain_pol); + if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "Request open_domain failed\n"); goto done; @@ -1770,20 +1836,22 @@ static NTSTATUS rpc_group_delete_internals(const DOM_SID *domain_sid, switch (name_types[0]) { case SID_NAME_DOM_GRP: - result = rpccli_samr_open_group(pipe_hnd, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - group_rids[0], &group_pol); + result = rpccli_samr_OpenGroup(pipe_hnd, mem_ctx, + &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + group_rids[0], + &group_pol); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "Request open_group failed"); goto done; } group_rid = group_rids[0]; - - result = rpccli_samr_query_groupmem(pipe_hnd, mem_ctx, &group_pol, - &num_members, &group_rids, - &group_attrs); - + + result = rpccli_samr_QueryGroupMember(pipe_hnd, mem_ctx, + &group_pol, + &rids); + if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "Unable to query group members of %s",argv[0]); goto done; @@ -1791,18 +1859,21 @@ static NTSTATUS rpc_group_delete_internals(const DOM_SID *domain_sid, if (opt_verbose) { d_printf("Domain Group %s (rid: %d) has %d members\n", - argv[0],group_rid,num_members); + argv[0],group_rid, rids->count); } /* Check if group is anyone's primary group */ - for (i = 0; i < num_members; i++) + for (i = 0; i < rids->count; i++) { - result = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - group_rids[i], &user_pol); + result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx, + &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + rids->rids[i], + &user_pol); if (!NT_STATUS_IS_OK(result)) { - d_fprintf(stderr, "Unable to open group member %d\n",group_rids[i]); + d_fprintf(stderr, "Unable to open group member %d\n", + rids->rids[i]); goto done; } @@ -1812,7 +1883,8 @@ static NTSTATUS rpc_group_delete_internals(const DOM_SID *domain_sid, 21, &user_ctr); if (!NT_STATUS_IS_OK(result)) { - d_fprintf(stderr, "Unable to lookup userinfo for group member %d\n",group_rids[i]); + d_fprintf(stderr, "Unable to lookup userinfo for group member %d\n", + rids->rids[i]); goto done; } @@ -1835,11 +1907,14 @@ static NTSTATUS rpc_group_delete_internals(const DOM_SID *domain_sid, } /* remove all group members */ - for (i = 0; i < num_members; i++) + for (i = 0; i < rids->count; i++) { if (opt_verbose) - d_printf("Remove group member %d...",group_rids[i]); - result = rpccli_samr_del_groupmem(pipe_hnd, mem_ctx, &group_pol, group_rids[i]); + d_printf("Remove group member %d...", + rids->rids[i]); + result = rpccli_samr_DeleteGroupMember(pipe_hnd, mem_ctx, + &group_pol, + rids->rids[i]); if (NT_STATUS_IS_OK(result)) { if (opt_verbose) @@ -1851,21 +1926,25 @@ static NTSTATUS rpc_group_delete_internals(const DOM_SID *domain_sid, } } - result = rpccli_samr_delete_dom_group(pipe_hnd, mem_ctx, &group_pol); + result = rpccli_samr_DeleteDomainGroup(pipe_hnd, mem_ctx, + &group_pol); break; /* removing a local group is easier... */ case SID_NAME_ALIAS: - result = rpccli_samr_open_alias(pipe_hnd, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - group_rids[0], &group_pol); + result = rpccli_samr_OpenAlias(pipe_hnd, mem_ctx, + &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + group_rids[0], + &group_pol); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "Request open_alias failed\n"); goto done; } - - result = rpccli_samr_delete_dom_alias(pipe_hnd, mem_ctx, &group_pol); + + result = rpccli_samr_DeleteDomAlias(pipe_hnd, mem_ctx, + &group_pol); break; default: d_fprintf(stderr, "%s is of type %s. This command is only for deleting local or global groups\n", @@ -1905,6 +1984,8 @@ static NTSTATUS rpc_group_add_internals(const DOM_SID *domain_sid, POLICY_HND connect_pol, domain_pol, group_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; GROUP_INFO_CTR group_info; + struct lsa_String grp_name; + uint32_t rid = 0; if (argc != 1) { d_printf("Group name must be specified\n"); @@ -1912,24 +1993,33 @@ static NTSTATUS rpc_group_add_internals(const DOM_SID *domain_sid, return NT_STATUS_OK; } + init_lsa_String(&grp_name, argv[0]); + /* Get sam policy handle */ - - result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Get domain policy handle */ - - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); + + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, domain_sid), + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Create the group */ - result = rpccli_samr_create_dom_group(pipe_hnd, mem_ctx, &domain_pol, - argv[0], MAXIMUM_ALLOWED_ACCESS, - &group_pol); + result = rpccli_samr_CreateDomainGroup(pipe_hnd, mem_ctx, + &domain_pol, + &grp_name, + MAXIMUM_ALLOWED_ACCESS, + &group_pol, + &rid); if (!NT_STATUS_IS_OK(result)) goto done; if (strlen(opt_comment) == 0) goto done; @@ -1962,6 +2052,8 @@ static NTSTATUS rpc_alias_add_internals(const DOM_SID *domain_sid, POLICY_HND connect_pol, domain_pol, alias_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; ALIAS_INFO_CTR alias_info; + struct lsa_String alias_name; + uint32_t rid = 0; if (argc != 1) { d_printf("Alias name must be specified\n"); @@ -1969,23 +2061,33 @@ static NTSTATUS rpc_alias_add_internals(const DOM_SID *domain_sid, return NT_STATUS_OK; } + init_lsa_String(&alias_name, argv[0]); + /* Get sam policy handle */ - - result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Get domain policy handle */ - - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); + + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, domain_sid), + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Create the group */ - result = rpccli_samr_create_dom_alias(pipe_hnd, mem_ctx, &domain_pol, - argv[0], &alias_pol); + result = rpccli_samr_CreateDomAlias(pipe_hnd, mem_ctx, + &domain_pol, + &alias_name, + MAXIMUM_ALLOWED_ACCESS, + &alias_pol, + &rid); if (!NT_STATUS_IS_OK(result)) goto done; if (strlen(opt_comment) == 0) goto done; @@ -2096,17 +2198,21 @@ static NTSTATUS rpc_add_groupmem(struct rpc_pipe_client *pipe_hnd, return NT_STATUS_UNSUCCESSFUL; } - /* Get sam policy handle */ - result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + /* Get sam policy handle */ + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) { return result; } - + /* Get domain policy handle */ - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &sid, &domain_pol); + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) { return result; } @@ -2120,15 +2226,20 @@ static NTSTATUS rpc_add_groupmem(struct rpc_pipe_client *pipe_hnd, goto done; } - result = rpccli_samr_open_group(pipe_hnd, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - group_rid, &group_pol); + result = rpccli_samr_OpenGroup(pipe_hnd, mem_ctx, + &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + group_rid, + &group_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } - result = rpccli_samr_add_groupmem(pipe_hnd, mem_ctx, &group_pol, rids[0]); + result = rpccli_samr_AddGroupMember(pipe_hnd, mem_ctx, + &group_pol, + rids[0], + 0x0005); /* unknown flags */ done: rpccli_samr_Close(pipe_hnd, mem_ctx, &connect_pol); @@ -2164,30 +2275,38 @@ static NTSTATUS rpc_add_aliasmem(struct rpc_pipe_client *pipe_hnd, return result; } - /* Get sam policy handle */ - result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + /* Get sam policy handle */ + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } - + /* Get domain policy handle */ - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &sid, &domain_pol); + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } - result = rpccli_samr_open_alias(pipe_hnd, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - alias_rid, &alias_pol); + result = rpccli_samr_OpenAlias(pipe_hnd, mem_ctx, + &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + alias_rid, + &alias_pol); if (!NT_STATUS_IS_OK(result)) { return result; } - result = rpccli_samr_add_aliasmem(pipe_hnd, mem_ctx, &alias_pol, &member_sid); + result = rpccli_samr_AddAliasMember(pipe_hnd, mem_ctx, + &alias_pol, + &member_sid); if (!NT_STATUS_IS_OK(result)) { return result; @@ -2276,16 +2395,20 @@ static NTSTATUS rpc_del_groupmem(struct rpc_pipe_client *pipe_hnd, if (!sid_split_rid(&sid, &group_rid)) return NT_STATUS_UNSUCCESSFUL; - /* Get sam policy handle */ - result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + /* Get sam policy handle */ + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) return result; - + /* Get domain policy handle */ - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &sid, &domain_pol); + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) return result; @@ -2298,14 +2421,18 @@ static NTSTATUS rpc_del_groupmem(struct rpc_pipe_client *pipe_hnd, goto done; } - result = rpccli_samr_open_group(pipe_hnd, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - group_rid, &group_pol); + result = rpccli_samr_OpenGroup(pipe_hnd, mem_ctx, + &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + group_rid, + &group_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_del_groupmem(pipe_hnd, mem_ctx, &group_pol, rids[0]); + result = rpccli_samr_DeleteGroupMember(pipe_hnd, mem_ctx, + &group_pol, + rids[0]); done: rpccli_samr_Close(pipe_hnd, mem_ctx, &connect_pol); @@ -2340,29 +2467,37 @@ static NTSTATUS rpc_del_aliasmem(struct rpc_pipe_client *pipe_hnd, return result; } - /* Get sam policy handle */ - result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + /* Get sam policy handle */ + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } - + /* Get domain policy handle */ - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &sid, &domain_pol); + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } - result = rpccli_samr_open_alias(pipe_hnd, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - alias_rid, &alias_pol); + result = rpccli_samr_OpenAlias(pipe_hnd, mem_ctx, + &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + alias_rid, + &alias_pol); if (!NT_STATUS_IS_OK(result)) return result; - result = rpccli_samr_del_aliasmem(pipe_hnd, mem_ctx, &alias_pol, &member_sid); + result = rpccli_samr_DeleteAliasMember(pipe_hnd, mem_ctx, + &alias_pol, + &member_sid); if (!NT_STATUS_IS_OK(result)) return result; @@ -2479,18 +2614,22 @@ static NTSTATUS rpc_group_list_internals(const DOM_SID *domain_sid, } /* Get sam policy handle */ - - result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } /* Get domain policy handle */ - - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); + + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, domain_sid), + &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } @@ -2563,11 +2702,11 @@ static NTSTATUS rpc_group_list_internals(const DOM_SID *domain_sid, POLICY_HND alias_pol; ALIAS_INFO_CTR ctr; - if ((NT_STATUS_IS_OK(rpccli_samr_open_alias(pipe_hnd, mem_ctx, - &domain_pol, - 0x8, - groups[i].rid, - &alias_pol))) && + if ((NT_STATUS_IS_OK(rpccli_samr_OpenAlias(pipe_hnd, mem_ctx, + &domain_pol, + 0x8, + groups[i].rid, + &alias_pol))) && (NT_STATUS_IS_OK(rpccli_samr_query_alias_info(pipe_hnd, mem_ctx, &alias_pol, 3, &ctr))) && @@ -2589,10 +2728,12 @@ static NTSTATUS rpc_group_list_internals(const DOM_SID *domain_sid, } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); rpccli_samr_Close(pipe_hnd, mem_ctx, &domain_pol); /* Get builtin policy handle */ - - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &global_sid_Builtin, &domain_pol); + + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), + &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } @@ -2618,11 +2759,11 @@ static NTSTATUS rpc_group_list_internals(const DOM_SID *domain_sid, POLICY_HND alias_pol; ALIAS_INFO_CTR ctr; - if ((NT_STATUS_IS_OK(rpccli_samr_open_alias(pipe_hnd, mem_ctx, - &domain_pol, - 0x8, - groups[i].rid, - &alias_pol))) && + if ((NT_STATUS_IS_OK(rpccli_samr_OpenAlias(pipe_hnd, mem_ctx, + &domain_pol, + 0x8, + groups[i].rid, + &alias_pol))) && (NT_STATUS_IS_OK(rpccli_samr_query_alias_info(pipe_hnd, mem_ctx, &alias_pol, 3, &ctr))) && @@ -2663,29 +2804,35 @@ static NTSTATUS rpc_list_group_members(struct rpc_pipe_client *pipe_hnd, { NTSTATUS result; POLICY_HND group_pol; - uint32 num_members, *group_rids, *group_attrs; + uint32 num_members, *group_rids; uint32 num_names; char **names; uint32 *name_types; int i; + struct samr_RidTypeArray *rids = NULL; fstring sid_str; sid_to_fstring(sid_str, domain_sid); - result = rpccli_samr_open_group(pipe_hnd, mem_ctx, domain_pol, - MAXIMUM_ALLOWED_ACCESS, - rid, &group_pol); + result = rpccli_samr_OpenGroup(pipe_hnd, mem_ctx, + domain_pol, + MAXIMUM_ALLOWED_ACCESS, + rid, + &group_pol); if (!NT_STATUS_IS_OK(result)) return result; - result = rpccli_samr_query_groupmem(pipe_hnd, mem_ctx, &group_pol, - &num_members, &group_rids, - &group_attrs); + result = rpccli_samr_QueryGroupMember(pipe_hnd, mem_ctx, + &group_pol, + &rids); if (!NT_STATUS_IS_OK(result)) return result; + num_members = rids->count; + group_rids = rids->rids; + while (num_members > 0) { int this_time = 512; @@ -2734,21 +2881,28 @@ static NTSTATUS rpc_list_alias_members(struct rpc_pipe_client *pipe_hnd, char **names; enum lsa_SidType *types; int i; + struct lsa_SidArray sid_array; - result = rpccli_samr_open_alias(pipe_hnd, mem_ctx, domain_pol, - MAXIMUM_ALLOWED_ACCESS, rid, &alias_pol); + result = rpccli_samr_OpenAlias(pipe_hnd, mem_ctx, + domain_pol, + MAXIMUM_ALLOWED_ACCESS, + rid, + &alias_pol); if (!NT_STATUS_IS_OK(result)) return result; - result = rpccli_samr_query_aliasmem(pipe_hnd, mem_ctx, &alias_pol, - &num_members, &alias_sids); + result = rpccli_samr_GetMembersInAlias(pipe_hnd, mem_ctx, + &alias_pol, + &sid_array); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "Couldn't list alias members\n"); return result; } + num_members = sid_array.num_sids; + if (num_members == 0) { return NT_STATUS_OK; } @@ -2769,6 +2923,17 @@ static NTSTATUS rpc_list_alias_members(struct rpc_pipe_client *pipe_hnd, return result; } + alias_sids = TALLOC_ZERO_ARRAY(mem_ctx, DOM_SID, num_members); + if (!alias_sids) { + d_fprintf(stderr, "Out of memory\n"); + cli_rpc_pipe_close(lsa_pipe); + return NT_STATUS_NO_MEMORY; + } + + for (i=0; i<num_members; i++) { + sid_copy(&alias_sids[i], sid_array.sids[i].sid); + } + result = rpccli_lsa_lookup_sids(lsa_pipe, mem_ctx, &lsa_pol, num_members, alias_sids, &domains, &names, &types); @@ -2813,18 +2978,22 @@ static NTSTATUS rpc_group_members_internals(const DOM_SID *domain_sid, uint32 num_rids, *rids, *rid_types; /* Get sam policy handle */ - - result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) return result; /* Get domain policy handle */ - - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); + + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, domain_sid), + &domain_pol); if (!NT_STATUS_IS_OK(result)) return result; @@ -2842,9 +3011,11 @@ static NTSTATUS rpc_group_members_internals(const DOM_SID *domain_sid, string_to_sid(&sid_Builtin, "S-1-5-32"); - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &sid_Builtin, &domain_pol); + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &sid_Builtin, + &domain_pol); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "Couldn't find group %s\n", argv[0]); @@ -2910,18 +3081,22 @@ static NTSTATUS rpc_group_rename_internals(const DOM_SID *domain_sid, } /* Get sam policy handle */ - - result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) return result; /* Get domain policy handle */ - - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); + + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, domain_sid), + &domain_pol); if (!NT_STATUS_IS_OK(result)) return result; @@ -2939,9 +3114,11 @@ static NTSTATUS rpc_group_rename_internals(const DOM_SID *domain_sid, return NT_STATUS_UNSUCCESSFUL; } - result = rpccli_samr_open_group(pipe_hnd, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - rids[0], &group_pol); + result = rpccli_samr_OpenGroup(pipe_hnd, mem_ctx, + &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + rids[0], + &group_pol); if (!NT_STATUS_IS_OK(result)) return result; @@ -4009,10 +4186,12 @@ static NTSTATUS rpc_fetch_domain_aliases(struct rpc_pipe_client *pipe_hnd, POLICY_HND domain_pol; /* Get domain policy handle */ - - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); + + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, domain_sid), + &domain_pol); if (!NT_STATUS_IS_OK(result)) return result; @@ -4028,23 +4207,25 @@ static NTSTATUS rpc_fetch_domain_aliases(struct rpc_pipe_client *pipe_hnd, POLICY_HND alias_pol; struct full_alias alias; - DOM_SID *members; + struct lsa_SidArray sid_array; int j; - result = rpccli_samr_open_alias(pipe_hnd, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - groups[i].rid, - &alias_pol); + result = rpccli_samr_OpenAlias(pipe_hnd, mem_ctx, + &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + groups[i].rid, + &alias_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_query_aliasmem(pipe_hnd, mem_ctx, - &alias_pol, - &alias.num_members, - &members); + result = rpccli_samr_GetMembersInAlias(pipe_hnd, mem_ctx, + &alias_pol, + &sid_array); if (!NT_STATUS_IS_OK(result)) goto done; + alias.num_members = sid_array.num_sids; + result = rpccli_samr_Close(pipe_hnd, mem_ctx, &alias_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -4056,7 +4237,7 @@ static NTSTATUS rpc_fetch_domain_aliases(struct rpc_pipe_client *pipe_hnd, for (j = 0; j < alias.num_members; j++) sid_copy(&alias.members[j], - &members[j]); + sid_array.sids[j].sid); } sid_copy(&alias.sid, domain_sid); @@ -4154,8 +4335,10 @@ static NTSTATUS rpc_aliaslist_internals(const DOM_SID *domain_sid, NTSTATUS result; POLICY_HND connect_pol; - result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -5344,9 +5527,11 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid, POLICY_HND connect_pol, domain_pol, user_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; char *acct_name; + struct lsa_String lsa_acct_name; uint32 acb_info; uint32 acct_flags=0; uint32 user_rid; + uint32_t access_granted = 0; if (argc != 2) { d_printf("Usage: net rpc trustdom add <domain_name> <pw>\n"); @@ -5356,24 +5541,30 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid, /* * Make valid trusting domain account (ie. uppercased and with '$' appended) */ - + if (asprintf(&acct_name, "%s$", argv[0]) < 0) { return NT_STATUS_NO_MEMORY; } strupper_m(acct_name); + init_lsa_String(&lsa_acct_name, acct_name); + /* Get samr policy handle */ - result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } - + /* Get domain policy handle */ - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, domain_sid), + &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } @@ -5386,9 +5577,14 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid, SAMR_USER_ACCESS_GET_ATTRIBUTES | SAMR_USER_ACCESS_SET_ATTRIBUTES; - result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol, - acct_name, acb_info, acct_flags, - &user_pol, &user_rid); + result = rpccli_samr_CreateUser2(pipe_hnd, mem_ctx, + &domain_pol, + &lsa_acct_name, + acb_info, + acct_flags, + &user_pol, + &access_granted, + &user_rid); if (!NT_STATUS_IS_OK(result)) { goto done; } @@ -5511,16 +5707,20 @@ static NTSTATUS rpc_trustdom_del_internals(const DOM_SID *domain_sid, /* Get samr policy handle */ - result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } - + /* Get domain policy handle */ - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, domain_sid), + &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } @@ -5533,9 +5733,11 @@ static NTSTATUS rpc_trustdom_del_internals(const DOM_SID *domain_sid, goto done; } - result = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - user_rids[0], &user_pol); + result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx, + &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + user_rids[0], + &user_pol); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -5549,16 +5751,17 @@ static NTSTATUS rpc_trustdom_del_internals(const DOM_SID *domain_sid, /* remove the sid */ - result = rpccli_samr_remove_sid_foreign_domain(pipe_hnd, mem_ctx, &user_pol, - &trust_acct_sid); - + result = rpccli_samr_RemoveMemberFromForeignDomain(pipe_hnd, mem_ctx, + &user_pol, + &trust_acct_sid); if (!NT_STATUS_IS_OK(result)) { goto done; } /* Delete user */ - result = rpccli_samr_delete_dom_user(pipe_hnd, mem_ctx, &user_pol); + result = rpccli_samr_DeleteUser(pipe_hnd, mem_ctx, + &user_pol); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -6194,10 +6397,12 @@ static int rpc_trustdom_list(int argc, const char **argv) talloc_destroy(mem_ctx); return -1; }; - - /* SamrConnect */ - nt_status = rpccli_samr_connect(pipe_hnd, mem_ctx, SA_RIGHT_SAM_OPEN_DOMAIN, - &connect_hnd); + + /* SamrConnect2 */ + nt_status = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + SA_RIGHT_SAM_OPEN_DOMAIN, + &connect_hnd); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0, ("Couldn't open SAMR policy handle. Error was %s\n", nt_errstr(nt_status))); @@ -6205,12 +6410,14 @@ static int rpc_trustdom_list(int argc, const char **argv) talloc_destroy(mem_ctx); return -1; }; - + /* SamrOpenDomain - we have to open domain policy handle in order to be able to enumerate accounts*/ - nt_status = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_hnd, - SA_RIGHT_DOMAIN_ENUM_ACCOUNTS, - queried_dom_sid, &domain_hnd); + nt_status = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_hnd, + SA_RIGHT_DOMAIN_ENUM_ACCOUNTS, + queried_dom_sid, + &domain_hnd); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0, ("Couldn't open domain object. Error was %s\n", nt_errstr(nt_status))); diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c index de8661b0df..d678029c46 100644 --- a/source3/utils/net_rpc_join.c +++ b/source3/utils/net_rpc_join.c @@ -34,6 +34,12 @@ goto done; \ } +static void init_lsa_String(struct lsa_String *name, const char *s) +{ + name->string = s; +} + + /** * confirm that a domain join is still valid * @@ -160,7 +166,9 @@ int net_rpc_join_newstyle(int argc, const char **argv) uint32 flags = 0x3e8; char *acct_name; const char *const_acct_name; + struct lsa_String lsa_acct_name; uint32 acct_flags=0; + uint32_t access_granted = 0; /* check what type of join */ if (argc >= 0) { @@ -231,15 +239,18 @@ int net_rpc_join_newstyle(int argc, const char **argv) goto done; } - CHECK_RPC_ERR(rpccli_samr_connect(pipe_hnd, mem_ctx, - SEC_RIGHTS_MAXIMUM_ALLOWED, - &sam_pol), + CHECK_RPC_ERR(rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol), "could not connect to SAM database"); - - CHECK_RPC_ERR(rpccli_samr_open_domain(pipe_hnd, mem_ctx, &sam_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, - domain_sid, &domain_pol), + + CHECK_RPC_ERR(rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &sam_pol, + SEC_RIGHTS_MAXIMUM_ALLOWED, + domain_sid, + &domain_pol), "could not open domain"); /* Create domain user */ @@ -250,6 +261,8 @@ int net_rpc_join_newstyle(int argc, const char **argv) strlower_m(acct_name); const_acct_name = acct_name; + init_lsa_String(&lsa_acct_name, acct_name); + acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE | SEC_STD_WRITE_DAC | SEC_STD_DELETE | SAMR_USER_ACCESS_SET_PASSWORD | @@ -258,10 +271,14 @@ int net_rpc_join_newstyle(int argc, const char **argv) DEBUG(10, ("Creating account with flags: %d\n",acct_flags)); - result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol, - acct_name, acb_info, - acct_flags, &user_pol, - &user_rid); + result = rpccli_samr_CreateUser2(pipe_hnd, mem_ctx, + &domain_pol, + &lsa_acct_name, + acb_info, + acct_flags, + &user_pol, + &access_granted, + &user_rid); if (!NT_STATUS_IS_OK(result) && !NT_STATUS_EQUAL(result, NT_STATUS_USER_EXISTS)) { @@ -301,9 +318,11 @@ int net_rpc_join_newstyle(int argc, const char **argv) /* Open handle on user */ CHECK_RPC_ERR_DEBUG( - rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, - user_rid, &user_pol), + rpccli_samr_OpenUser(pipe_hnd, mem_ctx, + &domain_pol, + SEC_RIGHTS_MAXIMUM_ALLOWED, + user_rid, + &user_pol), ("could not re-open existing user %s: %s\n", acct_name, nt_errstr(result))); diff --git a/source3/utils/net_rpc_sh_acct.c b/source3/utils/net_rpc_sh_acct.c index f5b0c2e0d7..57640ca3a8 100644 --- a/source3/utils/net_rpc_sh_acct.c +++ b/source3/utils/net_rpc_sh_acct.c @@ -31,39 +31,46 @@ static NTSTATUS rpc_sh_acct_do(TALLOC_CTX *mem_ctx, int argc, const char **argv, int (*fn)(TALLOC_CTX *mem_ctx, struct rpc_sh_ctx *ctx, - SAM_UNK_INFO_1 *i1, - SAM_UNK_INFO_3 *i3, - SAM_UNK_INFO_12 *i12, + struct samr_DomInfo1 *i1, + struct samr_DomInfo3 *i3, + struct samr_DomInfo12 *i12, int argc, const char **argv)) { POLICY_HND connect_pol, domain_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - SAM_UNK_CTR ctr1, ctr3, ctr12; + union samr_DomainInfo *info1 = NULL; + union samr_DomainInfo *info3 = NULL; + union samr_DomainInfo *info12 = NULL; int store; ZERO_STRUCT(connect_pol); ZERO_STRUCT(domain_pol); /* Get sam policy handle */ - - result = rpccli_samr_connect(pipe_hnd, mem_ctx, - MAXIMUM_ALLOWED_ACCESS, - &connect_pol); + + result = rpccli_samr_Connect2(pipe_hnd, mem_ctx, + pipe_hnd->cli->desthost, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } /* Get domain policy handle */ - - result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - ctx->domain_sid, &domain_pol); + + result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + ctx->domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } - result = rpccli_samr_query_dom_info(pipe_hnd, mem_ctx, &domain_pol, - 1, &ctr1); + result = rpccli_samr_QueryDomainInfo(pipe_hnd, mem_ctx, + &domain_pol, + 1, + &info1); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "query_domain_info level 1 failed: %s\n", @@ -71,8 +78,10 @@ static NTSTATUS rpc_sh_acct_do(TALLOC_CTX *mem_ctx, goto done; } - result = rpccli_samr_query_dom_info(pipe_hnd, mem_ctx, &domain_pol, - 3, &ctr3); + result = rpccli_samr_QueryDomainInfo(pipe_hnd, mem_ctx, + &domain_pol, + 3, + &info3); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "query_domain_info level 3 failed: %s\n", @@ -80,8 +89,10 @@ static NTSTATUS rpc_sh_acct_do(TALLOC_CTX *mem_ctx, goto done; } - result = rpccli_samr_query_dom_info(pipe_hnd, mem_ctx, &domain_pol, - 12, &ctr12); + result = rpccli_samr_QueryDomainInfo(pipe_hnd, mem_ctx, + &domain_pol, + 12, + &info12); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "query_domain_info level 12 failed: %s\n", @@ -89,8 +100,8 @@ static NTSTATUS rpc_sh_acct_do(TALLOC_CTX *mem_ctx, goto done; } - store = fn(mem_ctx, ctx, &ctr1.info.inf1, &ctr3.info.inf3, - &ctr12.info.inf12, argc, argv); + store = fn(mem_ctx, ctx, &info1->info1, &info3->info3, + &info12->info12, argc, argv); if (store <= 0) { /* Don't save anything */ @@ -99,16 +110,22 @@ static NTSTATUS rpc_sh_acct_do(TALLOC_CTX *mem_ctx, switch (store) { case 1: - result = rpccli_samr_set_domain_info(pipe_hnd, mem_ctx, - &domain_pol, 1, &ctr1); + result = rpccli_samr_SetDomainInfo(pipe_hnd, mem_ctx, + &domain_pol, + 1, + info1); break; case 3: - result = rpccli_samr_set_domain_info(pipe_hnd, mem_ctx, - &domain_pol, 3, &ctr3); + result = rpccli_samr_SetDomainInfo(pipe_hnd, mem_ctx, + &domain_pol, + 3, + info3); break; case 12: - result = rpccli_samr_set_domain_info(pipe_hnd, mem_ctx, - &domain_pol, 12, &ctr12); + result = rpccli_samr_SetDomainInfo(pipe_hnd, mem_ctx, + &domain_pol, + 12, + info12); break; default: d_fprintf(stderr, "Got unexpected info level %d\n", store); @@ -128,8 +145,9 @@ static NTSTATUS rpc_sh_acct_do(TALLOC_CTX *mem_ctx, } static int account_show(TALLOC_CTX *mem_ctx, struct rpc_sh_ctx *ctx, - SAM_UNK_INFO_1 *i1, SAM_UNK_INFO_3 *i3, - SAM_UNK_INFO_12 *i12, + struct samr_DomInfo1 *i1, + struct samr_DomInfo3 *i3, + struct samr_DomInfo12 *i12, int argc, const char **argv) { if (argc != 0) { @@ -137,40 +155,40 @@ static int account_show(TALLOC_CTX *mem_ctx, struct rpc_sh_ctx *ctx, return -1; } - d_printf("Minimum password length: %d\n", i1->min_length_password); - d_printf("Password history length: %d\n", i1->password_history); + d_printf("Minimum password length: %d\n", i1->min_password_length); + d_printf("Password history length: %d\n", i1->password_history_length); d_printf("Minimum password age: "); - if (!nt_time_is_zero(&i1->min_passwordage)) { - time_t t = nt_time_to_unix_abs(&i1->min_passwordage); + if (!nt_time_is_zero((NTTIME *)&i1->min_password_age)) { + time_t t = nt_time_to_unix_abs((NTTIME *)&i1->min_password_age); d_printf("%d seconds\n", (int)t); } else { d_printf("not set\n"); } d_printf("Maximum password age: "); - if (nt_time_is_set(&i1->expire)) { - time_t t = nt_time_to_unix_abs(&i1->expire); + if (nt_time_is_set((NTTIME *)&i1->max_password_age)) { + time_t t = nt_time_to_unix_abs((NTTIME *)&i1->max_password_age); d_printf("%d seconds\n", (int)t); } else { d_printf("not set\n"); } - d_printf("Bad logon attempts: %d\n", i12->bad_attempt_lockout); + d_printf("Bad logon attempts: %d\n", i12->lockout_threshold); - if (i12->bad_attempt_lockout != 0) { + if (i12->lockout_threshold != 0) { d_printf("Account lockout duration: "); - if (nt_time_is_set(&i12->duration)) { - time_t t = nt_time_to_unix_abs(&i12->duration); + if (nt_time_is_set(&i12->lockout_duration)) { + time_t t = nt_time_to_unix_abs(&i12->lockout_duration); d_printf("%d seconds\n", (int)t); } else { d_printf("not set\n"); } d_printf("Bad password count reset after: "); - if (nt_time_is_set(&i12->reset_count)) { - time_t t = nt_time_to_unix_abs(&i12->reset_count); + if (nt_time_is_set(&i12->lockout_window)) { + time_t t = nt_time_to_unix_abs(&i12->lockout_window); d_printf("%d seconds\n", (int)t); } else { d_printf("not set\n"); @@ -178,7 +196,7 @@ static int account_show(TALLOC_CTX *mem_ctx, struct rpc_sh_ctx *ctx, } d_printf("Disconnect users when logon hours expire: %s\n", - nt_time_is_zero(&i3->logout) ? "yes" : "no"); + nt_time_is_zero(&i3->force_logoff_time) ? "yes" : "no"); d_printf("User must logon to change password: %s\n", (i1->password_properties & 0x2) ? "yes" : "no"); @@ -195,8 +213,9 @@ static NTSTATUS rpc_sh_acct_pol_show(TALLOC_CTX *mem_ctx, } static int account_set_badpw(TALLOC_CTX *mem_ctx, struct rpc_sh_ctx *ctx, - SAM_UNK_INFO_1 *i1, SAM_UNK_INFO_3 *i3, - SAM_UNK_INFO_12 *i12, + struct samr_DomInfo1 *i1, + struct samr_DomInfo3 *i3, + struct samr_DomInfo12 *i12, int argc, const char **argv) { if (argc != 1) { @@ -204,9 +223,9 @@ static int account_set_badpw(TALLOC_CTX *mem_ctx, struct rpc_sh_ctx *ctx, return -1; } - i12->bad_attempt_lockout = atoi(argv[0]); + i12->lockout_threshold = atoi(argv[0]); d_printf("Setting bad password count to %d\n", - i12->bad_attempt_lockout); + i12->lockout_threshold); return 12; } @@ -222,8 +241,9 @@ static NTSTATUS rpc_sh_acct_set_badpw(TALLOC_CTX *mem_ctx, static int account_set_lockduration(TALLOC_CTX *mem_ctx, struct rpc_sh_ctx *ctx, - SAM_UNK_INFO_1 *i1, SAM_UNK_INFO_3 *i3, - SAM_UNK_INFO_12 *i12, + struct samr_DomInfo1 *i1, + struct samr_DomInfo3 *i3, + struct samr_DomInfo12 *i12, int argc, const char **argv) { if (argc != 1) { @@ -231,9 +251,9 @@ static int account_set_lockduration(TALLOC_CTX *mem_ctx, return -1; } - unix_to_nt_time_abs(&i12->duration, atoi(argv[0])); + unix_to_nt_time_abs(&i12->lockout_duration, atoi(argv[0])); d_printf("Setting lockout duration to %d seconds\n", - (int)nt_time_to_unix_abs(&i12->duration)); + (int)nt_time_to_unix_abs(&i12->lockout_duration)); return 12; } @@ -249,8 +269,9 @@ static NTSTATUS rpc_sh_acct_set_lockduration(TALLOC_CTX *mem_ctx, static int account_set_resetduration(TALLOC_CTX *mem_ctx, struct rpc_sh_ctx *ctx, - SAM_UNK_INFO_1 *i1, SAM_UNK_INFO_3 *i3, - SAM_UNK_INFO_12 *i12, + struct samr_DomInfo1 *i1, + struct samr_DomInfo3 *i3, + struct samr_DomInfo12 *i12, int argc, const char **argv) { if (argc != 1) { @@ -258,9 +279,9 @@ static int account_set_resetduration(TALLOC_CTX *mem_ctx, return -1; } - unix_to_nt_time_abs(&i12->reset_count, atoi(argv[0])); + unix_to_nt_time_abs(&i12->lockout_window, atoi(argv[0])); d_printf("Setting bad password reset duration to %d seconds\n", - (int)nt_time_to_unix_abs(&i12->reset_count)); + (int)nt_time_to_unix_abs(&i12->lockout_window)); return 12; } @@ -276,8 +297,9 @@ static NTSTATUS rpc_sh_acct_set_resetduration(TALLOC_CTX *mem_ctx, static int account_set_minpwage(TALLOC_CTX *mem_ctx, struct rpc_sh_ctx *ctx, - SAM_UNK_INFO_1 *i1, SAM_UNK_INFO_3 *i3, - SAM_UNK_INFO_12 *i12, + struct samr_DomInfo1 *i1, + struct samr_DomInfo3 *i3, + struct samr_DomInfo12 *i12, int argc, const char **argv) { if (argc != 1) { @@ -285,9 +307,9 @@ static int account_set_minpwage(TALLOC_CTX *mem_ctx, return -1; } - unix_to_nt_time_abs(&i1->min_passwordage, atoi(argv[0])); + unix_to_nt_time_abs((NTTIME *)&i1->min_password_age, atoi(argv[0])); d_printf("Setting minimum password age to %d seconds\n", - (int)nt_time_to_unix_abs(&i1->min_passwordage)); + (int)nt_time_to_unix_abs((NTTIME *)&i1->min_password_age)); return 1; } @@ -303,8 +325,9 @@ static NTSTATUS rpc_sh_acct_set_minpwage(TALLOC_CTX *mem_ctx, static int account_set_maxpwage(TALLOC_CTX *mem_ctx, struct rpc_sh_ctx *ctx, - SAM_UNK_INFO_1 *i1, SAM_UNK_INFO_3 *i3, - SAM_UNK_INFO_12 *i12, + struct samr_DomInfo1 *i1, + struct samr_DomInfo3 *i3, + struct samr_DomInfo12 *i12, int argc, const char **argv) { if (argc != 1) { @@ -312,9 +335,9 @@ static int account_set_maxpwage(TALLOC_CTX *mem_ctx, return -1; } - unix_to_nt_time_abs(&i1->expire, atoi(argv[0])); + unix_to_nt_time_abs((NTTIME *)&i1->max_password_age, atoi(argv[0])); d_printf("Setting maximum password age to %d seconds\n", - (int)nt_time_to_unix_abs(&i1->expire)); + (int)nt_time_to_unix_abs((NTTIME *)&i1->max_password_age)); return 1; } @@ -330,8 +353,9 @@ static NTSTATUS rpc_sh_acct_set_maxpwage(TALLOC_CTX *mem_ctx, static int account_set_minpwlen(TALLOC_CTX *mem_ctx, struct rpc_sh_ctx *ctx, - SAM_UNK_INFO_1 *i1, SAM_UNK_INFO_3 *i3, - SAM_UNK_INFO_12 *i12, + struct samr_DomInfo1 *i1, + struct samr_DomInfo3 *i3, + struct samr_DomInfo12 *i12, int argc, const char **argv) { if (argc != 1) { @@ -339,9 +363,9 @@ static int account_set_minpwlen(TALLOC_CTX *mem_ctx, return -1; } - i1->min_length_password = atoi(argv[0]); + i1->min_password_length = atoi(argv[0]); d_printf("Setting minimum password length to %d\n", - i1->min_length_password); + i1->min_password_length); return 1; } @@ -357,8 +381,9 @@ static NTSTATUS rpc_sh_acct_set_minpwlen(TALLOC_CTX *mem_ctx, static int account_set_pwhistlen(TALLOC_CTX *mem_ctx, struct rpc_sh_ctx *ctx, - SAM_UNK_INFO_1 *i1, SAM_UNK_INFO_3 *i3, - SAM_UNK_INFO_12 *i12, + struct samr_DomInfo1 *i1, + struct samr_DomInfo3 *i3, + struct samr_DomInfo12 *i12, int argc, const char **argv) { if (argc != 1) { @@ -366,9 +391,9 @@ static int account_set_pwhistlen(TALLOC_CTX *mem_ctx, return -1; } - i1->password_history = atoi(argv[0]); + i1->password_history_length = atoi(argv[0]); d_printf("Setting password history length to %d\n", - i1->password_history); + i1->password_history_length); return 1; } diff --git a/source3/utils/smbfilter.c b/source3/utils/smbfilter.c index 8db969722a..e128e1ce34 100644 --- a/source3/utils/smbfilter.c +++ b/source3/utils/smbfilter.c @@ -169,7 +169,9 @@ static void filter_child(int c, struct sockaddr_storage *dest_ss) if (num <= 0) continue; if (c != -1 && FD_ISSET(c, &fds)) { - if (!receive_smb_raw(c, packet, 0, 0, NULL)) { + size_t len; + if (!NT_STATUS_IS_OK(receive_smb_raw( + c, packet, 0, 0, &len))) { d_printf("client closed connection\n"); exit(0); } @@ -180,7 +182,9 @@ static void filter_child(int c, struct sockaddr_storage *dest_ss) } } if (s != -1 && FD_ISSET(s, &fds)) { - if (!receive_smb_raw(s, packet, 0, 0, NULL)) { + size_t len; + if (!NT_STATUS_IS_OK(receive_smb_raw( + s, packet, 0, 0, &len))) { d_printf("server closed connection\n"); exit(0); } diff --git a/source3/web/neg_lang.c b/source3/web/neg_lang.c index bb481306e7..82411000cd 100644 --- a/source3/web/neg_lang.c +++ b/source3/web/neg_lang.c @@ -74,7 +74,7 @@ void web_set_lang(const char *lang_string) int lang_num, i; /* build the lang list */ - lang_list = str_list_make(lang_string, ", \t\r\n"); + lang_list = str_list_make(talloc_tos(), lang_string, ", \t\r\n"); if (!lang_list) return; /* sort the list by priority */ @@ -100,7 +100,7 @@ void web_set_lang(const char *lang_string) } pl[i].string = SMB_STRDUP(lang_list[i]); } - str_list_free(&lang_list); + TALLOC_FREE(lang_list); qsort(pl, lang_num, sizeof(struct pri_list), &qsort_cmp_list); diff --git a/source3/winbindd/winbindd.h b/source3/winbindd/winbindd.h index c4c1278d73..b812d69aeb 100644 --- a/source3/winbindd/winbindd.h +++ b/source3/winbindd/winbindd.h @@ -301,15 +301,15 @@ struct winbindd_methods { NTSTATUS (*sequence_number)(struct winbindd_domain *domain, uint32 *seq); /* return the lockout policy */ - NTSTATUS (*lockout_policy)(struct winbindd_domain *domain, + NTSTATUS (*lockout_policy)(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - SAM_UNK_INFO_12 *lockout_policy); - + struct samr_DomInfo12 *lockout_policy); + /* return the lockout policy */ - NTSTATUS (*password_policy)(struct winbindd_domain *domain, + NTSTATUS (*password_policy)(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - SAM_UNK_INFO_1 *password_policy); - + struct samr_DomInfo1 *password_policy); + /* enumerate trusted domains */ NTSTATUS (*trusted_domains)(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, diff --git a/source3/winbindd/winbindd_async.c b/source3/winbindd/winbindd_async.c index ab32ee0c76..2ff5ef230d 100644 --- a/source3/winbindd/winbindd_async.c +++ b/source3/winbindd/winbindd_async.c @@ -283,9 +283,8 @@ static void lookupname_recv2(TALLOC_CTX *mem_ctx, bool success, enum lsa_SidType type) = (void (*)(void *, bool, const DOM_SID *, enum lsa_SidType))c; DOM_SID sid; - struct lookupname_state *s = talloc_get_type_abort( private_data, + struct lookupname_state *s = talloc_get_type_abort( private_data, struct lookupname_state ); - if (!success) { DEBUG(5, ("Could not trigger lookup_name\n")); @@ -311,7 +310,7 @@ static void lookupname_recv2(TALLOC_CTX *mem_ctx, bool success, } /******************************************************************** - This is the first callback after contacting our own domain + This is the first callback after contacting our own domain ********************************************************************/ static void lookupname_recv(TALLOC_CTX *mem_ctx, bool success, @@ -322,7 +321,7 @@ static void lookupname_recv(TALLOC_CTX *mem_ctx, bool success, enum lsa_SidType type) = (void (*)(void *, bool, const DOM_SID *, enum lsa_SidType))c; DOM_SID sid; - struct lookupname_state *s = talloc_get_type_abort( private_data, + struct lookupname_state *s = talloc_get_type_abort( private_data, struct lookupname_state ); if (!success) { @@ -334,8 +333,8 @@ static void lookupname_recv(TALLOC_CTX *mem_ctx, bool success, if (response->result != WINBINDD_OK) { /* Try again using the forest root */ struct winbindd_domain *root_domain = find_root_domain(); - struct winbindd_request request; - + struct winbindd_request request; + if ( !root_domain ) { DEBUG(5,("lookupname_recv: unable to determine forest root\n")); cont(s->caller_private_data, False, NULL, SID_NAME_UNKNOWN); @@ -346,7 +345,7 @@ static void lookupname_recv(TALLOC_CTX *mem_ctx, bool success, request.cmd = WINBINDD_LOOKUPNAME; fstrcpy( request.data.name.dom_name, s->dom_name ); - fstrcpy( request.data.name.name, s->name ); + fstrcpy( request.data.name.name, s->name ); do_async_domain(mem_ctx, root_domain, &request, lookupname_recv2, (void *)cont, s); @@ -381,7 +380,7 @@ void winbindd_lookupname_async(TALLOC_CTX *mem_ctx, { struct winbindd_request request; struct winbindd_domain *domain; - struct lookupname_state *s; + struct lookupname_state *s; if ( (domain = find_lookup_domain_from_name(dom_name)) == NULL ) { DEBUG(5, ("Could not find domain for name '%s'\n", dom_name)); @@ -403,6 +402,11 @@ void winbindd_lookupname_async(TALLOC_CTX *mem_ctx, s->dom_name = talloc_strdup( s, dom_name ); s->name = talloc_strdup( s, name ); + if (!s->dom_name || !s->name) { + cont(private_data, False, NULL, SID_NAME_UNKNOWN); + return; + } + s->caller_private_data = private_data; do_async_domain(mem_ctx, domain, &request, lookupname_recv, diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c index c293861492..f235e401e8 100644 --- a/source3/winbindd/winbindd_cache.c +++ b/source3/winbindd/winbindd_cache.c @@ -908,7 +908,9 @@ static void wcache_save_user(struct winbindd_domain *domain, NTSTATUS status, WI centry_free(centry); } -static void wcache_save_lockout_policy(struct winbindd_domain *domain, NTSTATUS status, SAM_UNK_INFO_12 *lockout_policy) +static void wcache_save_lockout_policy(struct winbindd_domain *domain, + NTSTATUS status, + struct samr_DomInfo12 *lockout_policy) { struct cache_entry *centry; @@ -916,18 +918,20 @@ static void wcache_save_lockout_policy(struct winbindd_domain *domain, NTSTATUS if (!centry) return; - centry_put_nttime(centry, lockout_policy->duration); - centry_put_nttime(centry, lockout_policy->reset_count); - centry_put_uint16(centry, lockout_policy->bad_attempt_lockout); + centry_put_nttime(centry, lockout_policy->lockout_duration); + centry_put_nttime(centry, lockout_policy->lockout_window); + centry_put_uint16(centry, lockout_policy->lockout_threshold); centry_end(centry, "LOC_POL/%s", domain->name); - + DEBUG(10,("wcache_save_lockout_policy: %s\n", domain->name)); centry_free(centry); } -static void wcache_save_password_policy(struct winbindd_domain *domain, NTSTATUS status, SAM_UNK_INFO_1 *policy) +static void wcache_save_password_policy(struct winbindd_domain *domain, + NTSTATUS status, + struct samr_DomInfo1 *policy) { struct cache_entry *centry; @@ -935,14 +939,14 @@ static void wcache_save_password_policy(struct winbindd_domain *domain, NTSTATUS if (!centry) return; - centry_put_uint16(centry, policy->min_length_password); - centry_put_uint16(centry, policy->password_history); + centry_put_uint16(centry, policy->min_password_length); + centry_put_uint16(centry, policy->password_history_length); centry_put_uint32(centry, policy->password_properties); - centry_put_nttime(centry, policy->expire); - centry_put_nttime(centry, policy->min_passwordage); + centry_put_nttime(centry, policy->max_password_age); + centry_put_nttime(centry, policy->min_password_age); centry_end(centry, "PWD_POL/%s", domain->name); - + DEBUG(10,("wcache_save_password_policy: %s\n", domain->name)); centry_free(centry); @@ -2131,55 +2135,56 @@ skip_save: /* get lockout policy */ static NTSTATUS lockout_policy(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - SAM_UNK_INFO_12 *policy){ + struct samr_DomInfo12 *policy) +{ struct winbind_cache *cache = get_cache(domain); struct cache_entry *centry = NULL; NTSTATUS status; - + if (!cache->tdb) goto do_query; - + centry = wcache_fetch(cache, domain, "LOC_POL/%s", domain->name); - + if (!centry) goto do_query; - - policy->duration = centry_nttime(centry); - policy->reset_count = centry_nttime(centry); - policy->bad_attempt_lockout = centry_uint16(centry); - + + policy->lockout_duration = centry_nttime(centry); + policy->lockout_window = centry_nttime(centry); + policy->lockout_threshold = centry_uint16(centry); + status = centry->status; - + DEBUG(10,("lockout_policy: [Cached] - cached info for domain %s status: %s\n", domain->name, nt_errstr(status) )); - + centry_free(centry); return status; - + do_query: ZERO_STRUCTP(policy); - + /* Return status value returned by seq number check */ if (!NT_STATUS_IS_OK(domain->last_status)) return domain->last_status; - + DEBUG(10,("lockout_policy: [Cached] - doing backend query for info for domain %s\n", domain->name )); - - status = domain->backend->lockout_policy(domain, mem_ctx, policy); - + + status = domain->backend->lockout_policy(domain, mem_ctx, policy); + /* and save it */ refresh_sequence_number(domain, false); wcache_save_lockout_policy(domain, status, policy); - + return status; } - + /* get password policy */ static NTSTATUS password_policy(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - SAM_UNK_INFO_1 *policy) + struct samr_DomInfo1 *policy) { struct winbind_cache *cache = get_cache(domain); struct cache_entry *centry = NULL; @@ -2187,17 +2192,17 @@ static NTSTATUS password_policy(struct winbindd_domain *domain, if (!cache->tdb) goto do_query; - + centry = wcache_fetch(cache, domain, "PWD_POL/%s", domain->name); - + if (!centry) goto do_query; - policy->min_length_password = centry_uint16(centry); - policy->password_history = centry_uint16(centry); + policy->min_password_length = centry_uint16(centry); + policy->password_history_length = centry_uint16(centry); policy->password_properties = centry_uint32(centry); - policy->expire = centry_nttime(centry); - policy->min_passwordage = centry_nttime(centry); + policy->max_password_age = centry_nttime(centry); + policy->min_password_age = centry_nttime(centry); status = centry->status; @@ -2214,11 +2219,11 @@ do_query: if (!NT_STATUS_IS_OK(domain->last_status)) return domain->last_status; - + DEBUG(10,("password_policy: [Cached] - doing backend query for info for domain %s\n", domain->name )); - status = domain->backend->password_policy(domain, mem_ctx, policy); + status = domain->backend->password_policy(domain, mem_ctx, policy); /* and save it */ refresh_sequence_number(domain, false); diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index 66787a0d6d..7bc449c90d 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -2109,13 +2109,14 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, "pipe: user %s\\%s\n", domain->name, domain_name, machine_account)); - result = rpccli_samr_connect(conn->samr_pipe, mem_ctx, - SEC_RIGHTS_MAXIMUM_ALLOWED, - &conn->sam_connect_handle); + result = rpccli_samr_Connect2(conn->samr_pipe, mem_ctx, + conn->samr_pipe->cli->desthost, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &conn->sam_connect_handle); if (NT_STATUS_IS_OK(result)) { goto open_domain; } - DEBUG(10,("cm_connect_sam: ntlmssp-sealed rpccli_samr_connect " + DEBUG(10,("cm_connect_sam: ntlmssp-sealed rpccli_samr_Connect2 " "failed for domain %s, error was %s. Trying schannel\n", domain->name, nt_errstr(result) )); cli_rpc_pipe_close(conn->samr_pipe); @@ -2143,13 +2144,14 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, DEBUG(10,("cm_connect_sam: connected to SAMR pipe for domain %s using " "schannel.\n", domain->name )); - result = rpccli_samr_connect(conn->samr_pipe, mem_ctx, - SEC_RIGHTS_MAXIMUM_ALLOWED, - &conn->sam_connect_handle); + result = rpccli_samr_Connect2(conn->samr_pipe, mem_ctx, + conn->samr_pipe->cli->desthost, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &conn->sam_connect_handle); if (NT_STATUS_IS_OK(result)) { goto open_domain; } - DEBUG(10,("cm_connect_sam: schannel-sealed rpccli_samr_connect failed " + DEBUG(10,("cm_connect_sam: schannel-sealed rpccli_samr_Connect2 failed " "for domain %s, error was %s. Trying anonymous\n", domain->name, nt_errstr(result) )); cli_rpc_pipe_close(conn->samr_pipe); @@ -2165,23 +2167,24 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, goto done; } - result = rpccli_samr_connect(conn->samr_pipe, mem_ctx, - SEC_RIGHTS_MAXIMUM_ALLOWED, - &conn->sam_connect_handle); + result = rpccli_samr_Connect2(conn->samr_pipe, mem_ctx, + conn->samr_pipe->cli->desthost, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &conn->sam_connect_handle); if (!NT_STATUS_IS_OK(result)) { - DEBUG(10,("cm_connect_sam: rpccli_samr_connect failed " + DEBUG(10,("cm_connect_sam: rpccli_samr_Connect2 failed " "for domain %s Error was %s\n", domain->name, nt_errstr(result) )); goto done; } open_domain: - result = rpccli_samr_open_domain(conn->samr_pipe, - mem_ctx, - &conn->sam_connect_handle, - SEC_RIGHTS_MAXIMUM_ALLOWED, - &domain->sid, - &conn->sam_domain_handle); + result = rpccli_samr_OpenDomain(conn->samr_pipe, + mem_ctx, + &conn->sam_connect_handle, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &domain->sid, + &conn->sam_domain_handle); done: diff --git a/source3/winbindd/winbindd_dual.c b/source3/winbindd/winbindd_dual.c index 15ca564c6a..2b756b24d1 100644 --- a/source3/winbindd/winbindd_dual.c +++ b/source3/winbindd/winbindd_dual.c @@ -34,20 +34,22 @@ #define DBGC_CLASS DBGC_WINBIND extern bool override_logfile; +extern struct winbindd_methods cache_methods; /* Read some data from a client connection */ static void child_read_request(struct winbindd_cli_state *state) { - ssize_t len; + NTSTATUS status; /* Read data */ - len = read_data(state->sock, (char *)&state->request, - sizeof(state->request), NULL); + status = read_data(state->sock, (char *)&state->request, + sizeof(state->request)); - if (len != sizeof(state->request)) { - DEBUG(len > 0 ? 0 : 3, ("Got invalid request length: %d\n", (int)len)); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(3, ("child_read_request: read_data failed: %s\n", + nt_errstr(status))); state->finished = True; return; } @@ -71,11 +73,12 @@ static void child_read_request(struct winbindd_cli_state *state) /* Ensure null termination */ state->request.extra_data.data[state->request.extra_len] = '\0'; - len = read_data(state->sock, state->request.extra_data.data, - state->request.extra_len, NULL); + status= read_data(state->sock, state->request.extra_data.data, + state->request.extra_len); - if (len != state->request.extra_len) { - DEBUG(0, ("Could not read extra data\n")); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("Could not read extra data: %s\n", + nt_errstr(status))); state->finished = True; return; } @@ -767,7 +770,7 @@ static void account_lockout_policy_handler(struct event_context *ctx, (struct winbindd_child *)private_data; TALLOC_CTX *mem_ctx = NULL; struct winbindd_methods *methods; - SAM_UNK_INFO_12 lockout_policy; + struct samr_DomInfo12 lockout_policy; NTSTATUS result; DEBUG(10,("account_lockout_policy_handler called\n")); @@ -1081,6 +1084,16 @@ static bool fork_domain_child(struct winbindd_child *child) child); } + /* Special case for Winbindd on a Samba DC, + * We want to make sure the child can connect to smbd + * but not the main daemon */ + + if (child->domain && child->domain->internal && IS_DC) { + child->domain->internal = False; + child->domain->methods = &cache_methods; + child->domain->online = False; + } + while (1) { int ret; diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index 59ca15a623..c1a277f9b5 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -324,7 +324,7 @@ struct winbindd_domain *find_auth_domain(struct winbindd_cli_state *state, if (IS_DC) { domain = find_domain_from_name_noinit(domain_name); if (domain == NULL) { - DEBUG(3, ("Authentication for domain [%s] refused" + DEBUG(3, ("Authentication for domain [%s] refused " "as it is not a trusted domain\n", domain_name)); } @@ -370,7 +370,7 @@ static NTSTATUS fillup_password_policy(struct winbindd_domain *domain, { struct winbindd_methods *methods; NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - SAM_UNK_INFO_1 password_policy; + struct samr_DomInfo1 password_policy; if ( !winbindd_can_contact_domain( domain ) ) { DEBUG(5,("fillup_password_policy: No inbound trust to " @@ -386,28 +386,28 @@ static NTSTATUS fillup_password_policy(struct winbindd_domain *domain, } state->response.data.auth.policy.min_length_password = - password_policy.min_length_password; + password_policy.min_password_length; state->response.data.auth.policy.password_history = - password_policy.password_history; + password_policy.password_history_length; state->response.data.auth.policy.password_properties = password_policy.password_properties; state->response.data.auth.policy.expire = - nt_time_to_unix_abs(&(password_policy.expire)); - state->response.data.auth.policy.min_passwordage = - nt_time_to_unix_abs(&(password_policy.min_passwordage)); + nt_time_to_unix_abs((NTTIME *)&(password_policy.max_password_age)); + state->response.data.auth.policy.min_passwordage = + nt_time_to_unix_abs((NTTIME *)&(password_policy.min_password_age)); return NT_STATUS_OK; } static NTSTATUS get_max_bad_attempts_from_lockout_policy(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - uint16 *max_allowed_bad_attempts) + uint16 *lockout_threshold) { struct winbindd_methods *methods; NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - SAM_UNK_INFO_12 lockout_policy; + struct samr_DomInfo12 lockout_policy; - *max_allowed_bad_attempts = 0; + *lockout_threshold = 0; methods = domain->methods; @@ -416,7 +416,7 @@ static NTSTATUS get_max_bad_attempts_from_lockout_policy(struct winbindd_domain return status; } - *max_allowed_bad_attempts = lockout_policy.bad_attempt_lockout; + *lockout_threshold = lockout_policy.lockout_threshold; return NT_STATUS_OK; } @@ -427,7 +427,7 @@ static NTSTATUS get_pwd_properties(struct winbindd_domain *domain, { struct winbindd_methods *methods; NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - SAM_UNK_INFO_1 password_policy; + struct samr_DomInfo1 password_policy; *password_properties = 0; @@ -1339,10 +1339,11 @@ NTSTATUS winbindd_dual_pam_auth_samlogon(struct winbindd_domain *domain, goto done; } - status_tmp = rpccli_samr_open_user(samr_pipe, state->mem_ctx, - &samr_domain_handle, - MAXIMUM_ALLOWED_ACCESS, - my_info3->user_rid, &user_pol); + status_tmp = rpccli_samr_OpenUser(samr_pipe, state->mem_ctx, + &samr_domain_handle, + MAXIMUM_ALLOWED_ACCESS, + my_info3->user_rid, + &user_pol); if (!NT_STATUS_IS_OK(status_tmp)) { DEBUG(3, ("could not open user handle on SAMR pipe: %s\n", diff --git a/source3/winbindd/winbindd_passdb.c b/source3/winbindd/winbindd_passdb.c index 29db8be857..7c1d7bd71b 100644 --- a/source3/winbindd/winbindd_passdb.c +++ b/source3/winbindd/winbindd_passdb.c @@ -338,7 +338,7 @@ static NTSTATUS sequence_number(struct winbindd_domain *domain, uint32 *seq) static NTSTATUS lockout_policy(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - SAM_UNK_INFO_12 *policy) + struct samr_DomInfo12 *policy) { /* actually we have that */ return NT_STATUS_NOT_IMPLEMENTED; @@ -346,14 +346,14 @@ static NTSTATUS lockout_policy(struct winbindd_domain *domain, static NTSTATUS password_policy(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - SAM_UNK_INFO_1 *policy) + struct samr_DomInfo1 *policy) { uint32 min_pass_len,pass_hist,password_properties; time_t u_expire, u_min_age; NTTIME nt_expire, nt_min_age; uint32 account_policy_temp; - if ((policy = TALLOC_ZERO_P(mem_ctx, SAM_UNK_INFO_1)) == NULL) { + if ((policy = TALLOC_ZERO_P(mem_ctx, struct samr_DomInfo1)) == NULL) { return NT_STATUS_NO_MEMORY; } @@ -385,8 +385,12 @@ static NTSTATUS password_policy(struct winbindd_domain *domain, unix_to_nt_time_abs(&nt_expire, u_expire); unix_to_nt_time_abs(&nt_min_age, u_min_age); - init_unk_info1(policy, (uint16)min_pass_len, (uint16)pass_hist, - password_properties, nt_expire, nt_min_age); + init_samr_DomInfo1(policy, + (uint16)min_pass_len, + (uint16)pass_hist, + password_properties, + nt_expire, + nt_min_age); return NT_STATUS_OK; } diff --git a/source3/winbindd/winbindd_reconnect.c b/source3/winbindd/winbindd_reconnect.c index a1f96a0359..25debccc5a 100644 --- a/source3/winbindd/winbindd_reconnect.c +++ b/source3/winbindd/winbindd_reconnect.c @@ -247,7 +247,7 @@ static NTSTATUS sequence_number(struct winbindd_domain *domain, uint32 *seq) /* find the lockout policy of a domain */ static NTSTATUS lockout_policy(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - SAM_UNK_INFO_12 *policy) + struct samr_DomInfo12 *policy) { NTSTATUS result; @@ -262,7 +262,7 @@ static NTSTATUS lockout_policy(struct winbindd_domain *domain, /* find the password policy of a domain */ static NTSTATUS password_policy(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - SAM_UNK_INFO_1 *policy) + struct samr_DomInfo1 *policy) { NTSTATUS result; diff --git a/source3/winbindd/winbindd_rpc.c b/source3/winbindd/winbindd_rpc.c index 47a8d430b2..98e4077a4d 100644 --- a/source3/winbindd/winbindd_rpc.c +++ b/source3/winbindd/winbindd_rpc.c @@ -469,9 +469,11 @@ static NTSTATUS query_user(struct winbindd_domain *domain, return result; /* Get user handle */ - result = rpccli_samr_open_user(cli, mem_ctx, &dom_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, user_rid, - &user_pol); + result = rpccli_samr_OpenUser(cli, mem_ctx, + &dom_pol, + SEC_RIGHTS_MAXIMUM_ALLOWED, + user_rid, + &user_pol); if (!NT_STATUS_IS_OK(result)) return result; @@ -545,8 +547,11 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, return result; /* Get user handle */ - result = rpccli_samr_open_user(cli, mem_ctx, &dom_pol, - des_access, user_rid, &user_pol); + result = rpccli_samr_OpenUser(cli, mem_ctx, + &dom_pol, + des_access, + user_rid, + &user_pol); if (!NT_STATUS_IS_OK(result)) return result; @@ -580,11 +585,10 @@ NTSTATUS msrpc_lookup_useraliases(struct winbindd_domain *domain, { NTSTATUS result = NT_STATUS_UNSUCCESSFUL; POLICY_HND dom_pol; - DOM_SID2 *query_sids; uint32 num_query_sids = 0; int i; struct rpc_pipe_client *cli; - uint32 *alias_rids_query, num_aliases_query; + struct samr_Ids alias_rids_query; int rangesize = MAX_SAM_ENTRIES_W2K; uint32 total_sids = 0; int num_queries = 1; @@ -606,6 +610,9 @@ NTSTATUS msrpc_lookup_useraliases(struct winbindd_domain *domain, do { /* prepare query */ + struct lsa_SidArray sid_array; + + ZERO_STRUCT(sid_array); num_query_sids = MIN(num_sids - total_sids, rangesize); @@ -613,45 +620,48 @@ NTSTATUS msrpc_lookup_useraliases(struct winbindd_domain *domain, num_queries, num_query_sids)); if (num_query_sids) { - query_sids = TALLOC_ARRAY(mem_ctx, DOM_SID2, num_query_sids); - if (query_sids == NULL) { + sid_array.sids = TALLOC_ZERO_ARRAY(mem_ctx, struct lsa_SidPtr, num_query_sids); + if (sid_array.sids == NULL) { return NT_STATUS_NO_MEMORY; } } else { - query_sids = NULL; + sid_array.sids = NULL; } for (i=0; i<num_query_sids; i++) { - sid_copy(&query_sids[i].sid, &sids[total_sids++]); - query_sids[i].num_auths = query_sids[i].sid.num_auths; + sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sids[total_sids++]); + if (sid_array.sids[i].sid) { + TALLOC_FREE(sid_array.sids); + return NT_STATUS_NO_MEMORY; + } } + sid_array.num_sids = num_query_sids; /* do request */ - - result = rpccli_samr_query_useraliases(cli, mem_ctx, &dom_pol, - num_query_sids, query_sids, - &num_aliases_query, - &alias_rids_query); + result = rpccli_samr_GetAliasMembership(cli, mem_ctx, + &dom_pol, + &sid_array, + &alias_rids_query); if (!NT_STATUS_IS_OK(result)) { *num_aliases = 0; *alias_rids = NULL; - TALLOC_FREE(query_sids); + TALLOC_FREE(sid_array.sids); goto done; } /* process output */ - for (i=0; i<num_aliases_query; i++) { + for (i=0; i<alias_rids_query.count; i++) { size_t na = *num_aliases; - if (!add_rid_to_array_unique(mem_ctx, alias_rids_query[i], + if (!add_rid_to_array_unique(mem_ctx, alias_rids_query.ids[i], alias_rids, &na)) { return NT_STATUS_NO_MEMORY; } *num_aliases = na; } - TALLOC_FREE(query_sids); + TALLOC_FREE(sid_array.sids); num_queries++; @@ -681,6 +691,7 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, unsigned int j; struct rpc_pipe_client *cli; unsigned int orig_timeout; + struct samr_RidTypeArray *rids = NULL; DEBUG(10,("rpc: lookup_groupmem %s sid=%s\n", domain->name, sid_string_dbg(group_sid))); @@ -700,8 +711,11 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, if (!NT_STATUS_IS_OK(result)) return result; - result = rpccli_samr_open_group(cli, mem_ctx, &dom_pol, - des_access, group_rid, &group_pol); + result = rpccli_samr_OpenGroup(cli, mem_ctx, + &dom_pol, + des_access, + group_rid, + &group_pol); if (!NT_STATUS_IS_OK(result)) return result; @@ -714,9 +728,9 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, orig_timeout = cli_set_timeout(cli->cli, 35000); - result = rpccli_samr_query_groupmem(cli, mem_ctx, - &group_pol, num_names, &rid_mem, - name_types); + result = rpccli_samr_QueryGroupMember(cli, mem_ctx, + &group_pol, + &rids); /* And restore our original timeout. */ cli_set_timeout(cli->cli, orig_timeout); @@ -726,6 +740,9 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, if (!NT_STATUS_IS_OK(result)) return result; + *num_names = rids->count; + rid_mem = rids->rids; + if (!*num_names) { names = NULL; name_types = NULL; @@ -867,7 +884,7 @@ static int get_ldap_sequence_number(struct winbindd_domain *domain, uint32 *seq) static NTSTATUS sequence_number(struct winbindd_domain *domain, uint32 *seq) { TALLOC_CTX *mem_ctx; - SAM_UNK_CTR ctr; + union samr_DomainInfo *info = NULL; NTSTATUS result; POLICY_HND dom_pol; bool got_seq_num = False; @@ -918,21 +935,27 @@ static NTSTATUS sequence_number(struct winbindd_domain *domain, uint32 *seq) /* Query domain info */ - result = rpccli_samr_query_dom_info(cli, mem_ctx, &dom_pol, 8, &ctr); + result = rpccli_samr_QueryDomainInfo(cli, mem_ctx, + &dom_pol, + 8, + &info); if (NT_STATUS_IS_OK(result)) { - *seq = ctr.info.inf8.seq_num; + *seq = info->info8.sequence_num; got_seq_num = True; goto seq_num; } /* retry with info-level 2 in case the dc does not support info-level 8 - * (like all older samba2 and samba3 dc's - Guenther */ + * (like all older samba2 and samba3 dc's) - Guenther */ + + result = rpccli_samr_QueryDomainInfo(cli, mem_ctx, + &dom_pol, + 2, + &info); - result = rpccli_samr_query_dom_info(cli, mem_ctx, &dom_pol, 2, &ctr); - if (NT_STATUS_IS_OK(result)) { - *seq = ctr.info.inf2.seq_num; + *seq = info->info2.sequence_num; got_seq_num = True; } @@ -1016,14 +1039,14 @@ static NTSTATUS trusted_domains(struct winbindd_domain *domain, } /* find the lockout policy for a domain */ -NTSTATUS msrpc_lockout_policy(struct winbindd_domain *domain, +NTSTATUS msrpc_lockout_policy(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - SAM_UNK_INFO_12 *lockout_policy) + struct samr_DomInfo12 *lockout_policy) { NTSTATUS result; struct rpc_pipe_client *cli; POLICY_HND dom_pol; - SAM_UNK_CTR ctr; + union samr_DomainInfo *info = NULL; DEBUG(10,("rpc: fetch lockout policy for %s\n", domain->name)); @@ -1038,15 +1061,18 @@ NTSTATUS msrpc_lockout_policy(struct winbindd_domain *domain, goto done; } - result = rpccli_samr_query_dom_info(cli, mem_ctx, &dom_pol, 12, &ctr); + result = rpccli_samr_QueryDomainInfo(cli, mem_ctx, + &dom_pol, + 12, + &info); if (!NT_STATUS_IS_OK(result)) { goto done; } - *lockout_policy = ctr.info.inf12; + *lockout_policy = info->info12; - DEBUG(10,("msrpc_lockout_policy: bad_attempt_lockout %d\n", - ctr.info.inf12.bad_attempt_lockout)); + DEBUG(10,("msrpc_lockout_policy: lockout_threshold %d\n", + info->info12.lockout_threshold)); done: @@ -1054,14 +1080,14 @@ NTSTATUS msrpc_lockout_policy(struct winbindd_domain *domain, } /* find the password policy for a domain */ -NTSTATUS msrpc_password_policy(struct winbindd_domain *domain, +NTSTATUS msrpc_password_policy(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, - SAM_UNK_INFO_1 *password_policy) + struct samr_DomInfo1 *password_policy) { NTSTATUS result; struct rpc_pipe_client *cli; POLICY_HND dom_pol; - SAM_UNK_CTR ctr; + union samr_DomainInfo *info = NULL; DEBUG(10,("rpc: fetch password policy for %s\n", domain->name)); @@ -1076,15 +1102,18 @@ NTSTATUS msrpc_password_policy(struct winbindd_domain *domain, goto done; } - result = rpccli_samr_query_dom_info(cli, mem_ctx, &dom_pol, 1, &ctr); + result = rpccli_samr_QueryDomainInfo(cli, mem_ctx, + &dom_pol, + 1, + &info); if (!NT_STATUS_IS_OK(result)) { goto done; } - *password_policy = ctr.info.inf1; + *password_policy = info->info1; - DEBUG(10,("msrpc_password_policy: min_length_password %d\n", - ctr.info.inf1.min_length_password)); + DEBUG(10,("msrpc_password_policy: min_length_password %d\n", + info->info1.min_password_length)); done: diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c index 10779cd60a..7933ecf63e 100644 --- a/source3/winbindd/winbindd_util.c +++ b/source3/winbindd/winbindd_util.c @@ -82,9 +82,6 @@ static bool is_internal_domain(const DOM_SID *sid) if (sid == NULL) return False; - if ( IS_DC ) - return sid_check_is_builtin(sid); - return (sid_check_is_domain(sid) || sid_check_is_builtin(sid)); } @@ -93,9 +90,6 @@ static bool is_in_internal_domain(const DOM_SID *sid) if (sid == NULL) return False; - if ( IS_DC ) - return sid_check_is_in_builtin(sid); - return (sid_check_is_in_our_domain(sid) || sid_check_is_in_builtin(sid)); } |