Factor out generation of an info3 struct from a serversupplied_info

(This used to be commit e60faccc1bdd2b80e039ec8c93683be10752f937)

2 files changed, 185 insertions, 183 deletions

diff --git a/source3/rpc_client/init_netlogon.c b/source3/rpc_client/init_netlogon.c
index 62f1fac626..61841953fc 100644
--- a/source3/rpc_client/init_netlogon.c
+++ b/source3/rpc_client/init_netlogon.c
@@ -137,6 +137,179 @@ void init_netr_SamInfo3(struct netr_SamInfo3 *r,
 }
 
 /*******************************************************************
+ gets a domain user's groups from their already-calculated NT_USER_TOKEN
+ ********************************************************************/
+
+static NTSTATUS nt_token_to_group_list(TALLOC_CTX *mem_ctx,
+				       const DOM_SID *domain_sid,
+				       size_t num_sids,
+				       const DOM_SID *sids,
+				       int *numgroups, DOM_GID **pgids)
+{
+	int i;
+
+	*numgroups=0;
+	*pgids = NULL;
+
+	for (i=0; i<num_sids; i++) {
+		DOM_GID gid;
+		if (!sid_peek_check_rid(domain_sid, &sids[i], &gid.g_rid)) {
+			continue;
+		}
+		gid.attr = (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT|
+			    SE_GROUP_ENABLED);
+		ADD_TO_ARRAY(mem_ctx, DOM_GID, gid, pgids, numgroups);
+		if (*pgids == NULL) {
+			return NT_STATUS_NO_MEMORY;
+		}
+	}
+	return NT_STATUS_OK;
+}
+
+/****************************************************************************
+ inits a netr_SamInfo3 structure from an auth_serversupplied_info. sam3 must
+ already be initialized and is used as the talloc parent for its members.
+*****************************************************************************/
+
+NTSTATUS serverinfo_to_SamInfo3(struct auth_serversupplied_info *server_info,
+				uint8_t pipe_session_key[16],
+				struct netr_SamInfo3 *sam3)
+{
+	struct samu *sampw;
+	DOM_GID *gids = NULL;
+	const DOM_SID *user_sid = NULL;
+	const DOM_SID *group_sid = NULL;
+	DOM_SID domain_sid;
+	uint32 user_rid, group_rid;
+	NTSTATUS status;
+
+	int num_gids = 0;
+	const char *my_name;
+
+	struct netr_UserSessionKey user_session_key;
+	struct netr_LMSessionKey lm_session_key;
+
+	NTTIME last_logon, last_logoff, acct_expiry, last_password_change;
+	NTTIME allow_password_change, force_password_change;
+	struct samr_RidWithAttributeArray groups;
+	int i;
+	struct dom_sid2 *sid = NULL;
+
+	ZERO_STRUCT(user_session_key);
+	ZERO_STRUCT(lm_session_key);
+
+	sampw = server_info->sam_account;
+
+	user_sid = pdb_get_user_sid(sampw);
+	group_sid = pdb_get_group_sid(sampw);
+
+	if ((user_sid == NULL) || (group_sid == NULL)) {
+		DEBUG(1, ("_netr_LogonSamLogon: User without group or user SID\n"));
+		return NT_STATUS_UNSUCCESSFUL;
+	}
+
+	sid_copy(&domain_sid, user_sid);
+	sid_split_rid(&domain_sid, &user_rid);
+
+	sid = sid_dup_talloc(sam3, &domain_sid);
+	if (!sid) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	if (!sid_peek_check_rid(&domain_sid, group_sid, &group_rid)) {
+		DEBUG(1, ("_netr_LogonSamLogon: user %s\\%s has user sid "
+			  "%s\n but group sid %s.\n"
+			  "The conflicting domain portions are not "
+			  "supported for NETLOGON calls\n",
+			  pdb_get_domain(sampw),
+			  pdb_get_username(sampw),
+			  sid_string_dbg(user_sid),
+			  sid_string_dbg(group_sid)));
+		return NT_STATUS_UNSUCCESSFUL;
+	}
+
+	if(server_info->login_server) {
+		my_name = server_info->login_server;
+	} else {
+		my_name = global_myname();
+	}
+
+	status = nt_token_to_group_list(sam3, &domain_sid,
+					server_info->num_sids,
+					server_info->sids,
+					&num_gids, &gids);
+
+	if (!NT_STATUS_IS_OK(status)) {
+		return status;
+	}
+
+	if (server_info->user_session_key.length) {
+		memcpy(user_session_key.key,
+		       server_info->user_session_key.data,
+		       MIN(sizeof(user_session_key.key),
+			   server_info->user_session_key.length));
+		SamOEMhash(user_session_key.key, pipe_session_key, 16);
+	}
+	if (server_info->lm_session_key.length) {
+		memcpy(lm_session_key.key,
+		       server_info->lm_session_key.data,
+		       MIN(sizeof(lm_session_key.key),
+			   server_info->lm_session_key.length));
+		SamOEMhash(lm_session_key.key, pipe_session_key, 8);
+	}
+
+	groups.count = num_gids;
+	groups.rids = TALLOC_ARRAY(sam3, struct samr_RidWithAttribute, groups.count);
+	if (!groups.rids) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	for (i=0; i < groups.count; i++) {
+		groups.rids[i].rid = gids[i].g_rid;
+		groups.rids[i].attributes = gids[i].attr;
+	}
+
+	unix_to_nt_time(&last_logon, pdb_get_logon_time(sampw));
+	unix_to_nt_time(&last_logoff, get_time_t_max());
+	unix_to_nt_time(&acct_expiry, get_time_t_max());
+	unix_to_nt_time(&last_password_change, pdb_get_pass_last_set_time(sampw));
+	unix_to_nt_time(&allow_password_change, pdb_get_pass_can_change_time(sampw));
+	unix_to_nt_time(&force_password_change, pdb_get_pass_must_change_time(sampw));
+
+	init_netr_SamInfo3(sam3,
+			   last_logon,
+			   last_logoff,
+			   acct_expiry,
+			   last_password_change,
+			   allow_password_change,
+			   force_password_change,
+			   talloc_strdup(sam3, pdb_get_username(sampw)),
+			   talloc_strdup(sam3, pdb_get_fullname(sampw)),
+			   talloc_strdup(sam3, pdb_get_logon_script(sampw)),
+			   talloc_strdup(sam3, pdb_get_profile_path(sampw)),
+			   talloc_strdup(sam3, pdb_get_homedir(sampw)),
+			   talloc_strdup(sam3, pdb_get_dir_drive(sampw)),
+			   0, /* logon_count */
+			   0, /* bad_password_count */
+			   user_rid,
+			   group_rid,
+			   groups,
+			   NETLOGON_EXTRA_SIDS,
+			   user_session_key,
+			   my_name,
+			   talloc_strdup(sam3, pdb_get_domain(sampw)),
+			   sid,
+			   lm_session_key,
+			   pdb_get_acct_ctrl(sampw),
+			   0, /* sidcount */
+			   NULL); /* struct netr_SidAttr *sids */
+	ZERO_STRUCT(user_session_key);
+	ZERO_STRUCT(lm_session_key);
+
+	return NT_STATUS_OK;
+}
+
+/*******************************************************************
  inits a structure.
 ********************************************************************/
 
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 203f5382a8..863c62acc4 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -747,36 +747,6 @@ NTSTATUS _netr_LogonSamLogoff(pipes_struct *p,
 	return NT_STATUS_OK;
 }
 
-/*******************************************************************
- gets a domain user's groups from their already-calculated NT_USER_TOKEN
- ********************************************************************/
-
-static NTSTATUS nt_token_to_group_list(TALLOC_CTX *mem_ctx,
-				       const DOM_SID *domain_sid,
-				       size_t num_sids,
-				       const DOM_SID *sids,
-				       int *numgroups, DOM_GID **pgids)
-{
-	int i;
-
-	*numgroups=0;
-	*pgids = NULL;
-
-	for (i=0; i<num_sids; i++) {
-		DOM_GID gid;
-		if (!sid_peek_check_rid(domain_sid, &sids[i], &gid.g_rid)) {
-			continue;
-		}
-		gid.attr = (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT|
-			    SE_GROUP_ENABLED);
-		ADD_TO_ARRAY(mem_ctx, DOM_GID, gid, pgids, numgroups);
-		if (*pgids == NULL) {
-			return NT_STATUS_NO_MEMORY;
-		}
-	}
-	return NT_STATUS_OK;
-}
-
 /*************************************************************************
  _netr_LogonSamLogon
  *************************************************************************/
@@ -790,8 +760,8 @@ NTSTATUS _netr_LogonSamLogon(pipes_struct *p,
 	fstring nt_username, nt_domain, nt_workstation;
 	auth_usersupplied_info *user_info = NULL;
 	auth_serversupplied_info *server_info = NULL;
-	struct samu *sampw;
 	struct auth_context *auth_context = NULL;
+	uint8_t pipe_session_key[16];
 	bool process_creds = true;
 
 	switch (p->hdr_req.opnum) {
@@ -1008,160 +978,19 @@ NTSTATUS _netr_LogonSamLogon(pipes_struct *p,
            the SAM Local Security Authority should record that the user is
            logged in to the domain.  */
 
-	{
-		DOM_GID *gids = NULL;
-		const DOM_SID *user_sid = NULL;
-		const DOM_SID *group_sid = NULL;
-		DOM_SID domain_sid;
-		uint32 user_rid, group_rid;
-
-		int num_gids = 0;
-		const char *my_name;
-
-		struct netr_UserSessionKey user_session_key;
-		struct netr_LMSessionKey lm_session_key;
-		unsigned char pipe_session_key[16];
-
-		NTTIME last_logon, last_logoff, acct_expiry, last_password_change;
-		NTTIME allow_password_change, force_password_change;
-		struct samr_RidWithAttributeArray groups;
-		int i;
-		struct dom_sid2 *sid = NULL;
-
-		ZERO_STRUCT(user_session_key);
-		ZERO_STRUCT(lm_session_key);
-
-		sampw = server_info->sam_account;
-
-		user_sid = pdb_get_user_sid(sampw);
-		group_sid = pdb_get_group_sid(sampw);
-
-		if ((user_sid == NULL) || (group_sid == NULL)) {
-			DEBUG(1, ("_netr_LogonSamLogon: User without group or user SID\n"));
-			return NT_STATUS_UNSUCCESSFUL;
-		}
-
-		sid_copy(&domain_sid, user_sid);
-		sid_split_rid(&domain_sid, &user_rid);
-
-		sid = sid_dup_talloc(p->mem_ctx, &domain_sid);
-		if (!sid) {
-			return NT_STATUS_NO_MEMORY;
-		}
-
-		if (!sid_peek_check_rid(&domain_sid, group_sid, &group_rid)) {
-			DEBUG(1, ("_netr_LogonSamLogon: user %s\\%s has user sid "
-				  "%s\n but group sid %s.\n"
-				  "The conflicting domain portions are not "
-				  "supported for NETLOGON calls\n",
-				  pdb_get_domain(sampw),
-				  pdb_get_username(sampw),
-				  sid_string_dbg(user_sid),
-				  sid_string_dbg(group_sid)));
-			return NT_STATUS_UNSUCCESSFUL;
-		}
-
-		if(server_info->login_server) {
-		        my_name = server_info->login_server;
-		} else {
-		        my_name = global_myname();
-		}
-
-		status = nt_token_to_group_list(p->mem_ctx, &domain_sid,
-						server_info->num_sids,
-						server_info->sids,
-						&num_gids, &gids);
-
-		if (!NT_STATUS_IS_OK(status)) {
-			return status;
-		}
-
-		if (server_info->user_session_key.length) {
-			memcpy(user_session_key.key,
-			       server_info->user_session_key.data,
-			       MIN(sizeof(user_session_key.key),
-				   server_info->user_session_key.length));
-			if (process_creds) {
-				/* Get the pipe session key from the creds. */
-				memcpy(pipe_session_key, p->dc->sess_key, 16);
-			} else {
-				/* Get the pipe session key from the schannel. */
-				if (p->auth.auth_type != PIPE_AUTH_TYPE_SCHANNEL || p->auth.a_u.schannel_auth == NULL) {
-					return NT_STATUS_INVALID_HANDLE;
-				}
-				memcpy(pipe_session_key, p->auth.a_u.schannel_auth->sess_key, 16);
-			}
-			SamOEMhash(user_session_key.key, pipe_session_key, 16);
-			memset(pipe_session_key, '\0', 16);
-		}
-		if (server_info->lm_session_key.length) {
-			memcpy(lm_session_key.key,
-			       server_info->lm_session_key.data,
-			       MIN(sizeof(lm_session_key.key),
-				   server_info->lm_session_key.length));
-			if (process_creds) {
-				/* Get the pipe session key from the creds. */
-				memcpy(pipe_session_key, p->dc->sess_key, 16);
-			} else {
-				/* Get the pipe session key from the schannel. */
-				if (p->auth.auth_type != PIPE_AUTH_TYPE_SCHANNEL || p->auth.a_u.schannel_auth == NULL) {
-					return NT_STATUS_INVALID_HANDLE;
-				}
-				memcpy(pipe_session_key, p->auth.a_u.schannel_auth->sess_key, 16);
-			}
-			SamOEMhash(lm_session_key.key, pipe_session_key, 8);
-			memset(pipe_session_key, '\0', 16);
-		}
-
-		groups.count = num_gids;
-		groups.rids = TALLOC_ARRAY(p->mem_ctx, struct samr_RidWithAttribute,
-					   groups.count);
-		if (!groups.rids) {
-			return NT_STATUS_NO_MEMORY;
-		}
-
-		for (i=0; i < groups.count; i++) {
-			groups.rids[i].rid = gids[i].g_rid;
-			groups.rids[i].attributes = gids[i].attr;
+	if (process_creds) {
+		/* Get the pipe session key from the creds. */
+		memcpy(pipe_session_key, p->dc->sess_key, 16);
+	} else {
+		/* Get the pipe session key from the schannel. */
+		if ((p->auth.auth_type != PIPE_AUTH_TYPE_SCHANNEL)
+		    || (p->auth.a_u.schannel_auth == NULL)) {
+			return NT_STATUS_INVALID_HANDLE;
 		}
-
-		unix_to_nt_time(&last_logon, pdb_get_logon_time(sampw));
-		unix_to_nt_time(&last_logoff, get_time_t_max());
-		unix_to_nt_time(&acct_expiry, get_time_t_max());
-		unix_to_nt_time(&last_password_change, pdb_get_pass_last_set_time(sampw));
-		unix_to_nt_time(&allow_password_change, pdb_get_pass_can_change_time(sampw));
-		unix_to_nt_time(&force_password_change, pdb_get_pass_must_change_time(sampw));
-
-		init_netr_SamInfo3(sam3,
-				   last_logon,
-				   last_logoff,
-				   acct_expiry,
-				   last_password_change,
-				   allow_password_change,
-				   force_password_change,
-				   talloc_strdup(p->mem_ctx, pdb_get_username(sampw)),
-				   talloc_strdup(p->mem_ctx, pdb_get_fullname(sampw)),
-				   talloc_strdup(p->mem_ctx, pdb_get_logon_script(sampw)),
-				   talloc_strdup(p->mem_ctx, pdb_get_profile_path(sampw)),
-				   talloc_strdup(p->mem_ctx, pdb_get_homedir(sampw)),
-				   talloc_strdup(p->mem_ctx, pdb_get_dir_drive(sampw)),
-				   0, /* logon_count */
-				   0, /* bad_password_count */
-				   user_rid,
-				   group_rid,
-				   groups,
-				   NETLOGON_EXTRA_SIDS,
-				   user_session_key,
-				   my_name,
-				   talloc_strdup(p->mem_ctx, pdb_get_domain(sampw)),
-				   sid,
-				   lm_session_key,
-				   pdb_get_acct_ctrl(sampw),
-				   0, /* sidcount */
-				   NULL); /* struct netr_SidAttr *sids */
-		ZERO_STRUCT(user_session_key);
-		ZERO_STRUCT(lm_session_key);
+		memcpy(pipe_session_key, p->auth.a_u.schannel_auth->sess_key, 16);
 	}
+
+	status = serverinfo_to_SamInfo3(server_info, pipe_session_key, sam3);
 	TALLOC_FREE(server_info);
 	return status;
 }