summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/libnet/userman.c178
1 files changed, 121 insertions, 57 deletions
diff --git a/source4/libnet/userman.c b/source4/libnet/userman.c
index 2ffc6bbd96..9c084eee48 100644
--- a/source4/libnet/userman.c
+++ b/source4/libnet/userman.c
@@ -81,7 +81,8 @@ static void useradd_handler(struct rpc_request *req)
switch (s->stage) {
case USERADD_CREATE:
c->status = useradd_create(c, s);
-
+
+ /* prepare a message to pass to monitor function */
msg.type = rpc_create_user;
rpc_create = talloc(s, struct msg_rpc_create_user);
rpc_create->rid = *s->createuser.out.rid;
@@ -90,14 +91,17 @@ static void useradd_handler(struct rpc_request *req)
break;
}
+ /* are we ok so far ? */
if (!NT_STATUS_IS_OK(c->status)) {
c->state = COMPOSITE_STATE_ERROR;
}
+ /* call monitor function provided the pointer has been passed */
if (s->monitor_fn) {
s->monitor_fn(&msg);
}
+ /* are we done yet ? */
if (c->state >= COMPOSITE_STATE_DONE &&
c->async.fn) {
c->async.fn(c);
@@ -110,6 +114,7 @@ static void useradd_handler(struct rpc_request *req)
*
* @param p dce/rpc call pipe
* @param io arguments and results of the call
+ * @param monitor monitor function for providing information about the progress
*/
struct composite_context *libnet_rpc_useradd_send(struct dcerpc_pipe *p,
@@ -118,21 +123,23 @@ struct composite_context *libnet_rpc_useradd_send(struct dcerpc_pipe *p,
{
struct composite_context *c;
struct useradd_state *s;
-
+
+ /* composite allocation and setup */
c = talloc_zero(p, struct composite_context);
- if (c == NULL) goto failure;
+ if (c == NULL) return NULL;
s = talloc_zero(c, struct useradd_state);
- if (s == NULL) goto failure;
-
- s->domain_handle = io->in.domain_handle;
- s->pipe = p;
- s->monitor_fn = monitor;
+ if (composite_nomem(s, c)) return c;
c->state = COMPOSITE_STATE_IN_PROGRESS;
c->private_data = s;
c->event_ctx = dcerpc_event_context(p);
+ /* put passed arguments to the state structure */
+ s->domain_handle = io->in.domain_handle;
+ s->pipe = p;
+ s->monitor_fn = monitor;
+
/* preparing parameters to send rpc request */
s->createuser.in.domain_handle = &io->in.domain_handle;
s->createuser.in.account_name = talloc_zero(c, struct lsa_String);
@@ -140,19 +147,16 @@ struct composite_context *libnet_rpc_useradd_send(struct dcerpc_pipe *p,
s->createuser.out.user_handle = &s->user_handle;
s->createuser.out.rid = &s->user_rid;
- /* send request */
+ /* send the request */
s->req = dcerpc_samr_CreateUser_send(p, c, &s->createuser);
+ if (composite_nomem(s->req, c)) return c;
- /* callback handler */
+ /* callback handler for continuation */
s->req->async.callback = useradd_handler;
s->req->async.private = c;
s->stage = USERADD_CREATE;
return c;
-
-failure:
- talloc_free(c);
- return NULL;
}
@@ -232,27 +236,32 @@ struct userdel_state {
static NTSTATUS userdel_lookup(struct composite_context *c,
struct userdel_state *s)
{
- NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
-
+ /* receive samr_LookupNames result */
c->status = dcerpc_ndr_request_recv(s->req);
NT_STATUS_NOT_OK_RETURN(c->status);
-
+
+ /* what to do when there's no user account to delete
+ and what if there's more than one rid resolved */
if (!s->lookupname.out.rids.count) {
- /* TODO: no such user */
- status = NT_STATUS_NO_SUCH_USER;
+ c->status = NT_STATUS_NO_SUCH_USER;
+ composite_error(c, c->status);
} else if (!s->lookupname.out.rids.count > 1) {
- /* TODO: ambiguous username */
- status = NT_STATUS_INVALID_ACCOUNT_NAME;
+ c->status = NT_STATUS_INVALID_ACCOUNT_NAME;
+ composite_error(c, c->status);
}
-
+
+ /* prepare the next rpc call arguments */
s->openuser.in.domain_handle = &s->domain_handle;
s->openuser.in.rid = s->lookupname.out.rids.ids[0];
s->openuser.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
s->openuser.out.user_handle = &s->user_handle;
+ /* send rpc request */
s->req = dcerpc_samr_OpenUser_send(s->pipe, c, &s->openuser);
-
+ if (s->req == NULL) return NT_STATUS_NO_MEMORY;
+
+ /* callback handler setup */
s->req->async.callback = userdel_handler;
s->req->async.private = c;
s->stage = USERDEL_OPEN;
@@ -267,14 +276,19 @@ static NTSTATUS userdel_lookup(struct composite_context *c,
static NTSTATUS userdel_open(struct composite_context *c,
struct userdel_state *s)
{
+ /* receive samr_OpenUser result */
c->status = dcerpc_ndr_request_recv(s->req);
NT_STATUS_NOT_OK_RETURN(c->status);
-
+
+ /* prepare the final rpc call arguments */
s->deleteuser.in.user_handle = &s->user_handle;
s->deleteuser.out.user_handle = &s->user_handle;
+ /* send rpc request */
s->req = dcerpc_samr_DeleteUser_send(s->pipe, c, &s->deleteuser);
-
+ if (s->req == NULL) return NT_STATUS_NO_MEMORY;
+
+ /* callback handler setup */
s->req->async.callback = userdel_handler;
s->req->async.private = c;
s->stage = USERDEL_DELETE;
@@ -289,9 +303,10 @@ static NTSTATUS userdel_open(struct composite_context *c,
static NTSTATUS userdel_delete(struct composite_context *c,
struct userdel_state *s)
{
+ /* receive samr_DeleteUser result */
c->status = dcerpc_ndr_request_recv(s->req);
NT_STATUS_NOT_OK_RETURN(c->status);
-
+
c->state = COMPOSITE_STATE_DONE;
return NT_STATUS_OK;
@@ -306,16 +321,20 @@ static NTSTATUS userdel_delete(struct composite_context *c,
*/
static void userdel_handler(struct rpc_request *req)
{
- struct composite_context *c = req->async.private;
- struct userdel_state *s = talloc_get_type(c->private_data, struct userdel_state);
+ struct composite_context *c;
+ struct userdel_state *s;
struct monitor_msg msg;
struct msg_rpc_lookup_name *msg_lookup;
struct msg_rpc_open_user *msg_open;
+
+ c = talloc_get_type(req->async.private, struct composite_context);
+ s = talloc_get_type(c->private_data, struct userdel_state);
switch (s->stage) {
case USERDEL_LOOKUP:
c->status = userdel_lookup(c, s);
+ /* monitor message */
msg.type = rpc_lookup_name;
msg_lookup = talloc(s, struct msg_rpc_lookup_name);
@@ -328,6 +347,7 @@ static void userdel_handler(struct rpc_request *req)
case USERDEL_OPEN:
c->status = userdel_open(c, s);
+ /* monitor message */
msg.type = rpc_open_user;
msg_open = talloc(s, struct msg_rpc_open_user);
@@ -340,20 +360,24 @@ static void userdel_handler(struct rpc_request *req)
case USERDEL_DELETE:
c->status = userdel_delete(c, s);
+ /* monitor message */
msg.type = rpc_delete_user;
msg.data = NULL;
msg.data_size = 0;
break;
}
+ /* are we ok, so far ? */
if (!NT_STATUS_IS_OK(c->status)) {
c->state = COMPOSITE_STATE_ERROR;
}
+ /* call monitor function provided the pointer has been passed */
if (s->monitor_fn) {
s->monitor_fn(&msg);
}
+ /* are we done yet */
if (c->state >= COMPOSITE_STATE_DONE &&
c->async.fn) {
c->async.fn(c);
@@ -366,6 +390,7 @@ static void userdel_handler(struct rpc_request *req)
*
* @param p dce/rpc call pipe
* @param io arguments and results of the call
+ * @param monitor monitor function for providing information about the progress
*/
struct composite_context *libnet_rpc_userdel_send(struct dcerpc_pipe *p,
@@ -374,19 +399,22 @@ struct composite_context *libnet_rpc_userdel_send(struct dcerpc_pipe *p,
{
struct composite_context *c;
struct userdel_state *s;
-
+
+ /* composite context allocation and setup */
c = talloc_zero(p, struct composite_context);
- if (c == NULL) goto failure;
+ if (c == NULL) return NULL;
s = talloc_zero(c, struct userdel_state);
- if (s == NULL) goto failure;
+ if (composite_nomem(s, c)) return c;
c->state = COMPOSITE_STATE_IN_PROGRESS;
c->private_data = s;
c->event_ctx = dcerpc_event_context(p);
+ /* store function parameters in the state structure */
s->pipe = p;
s->domain_handle = io->in.domain_handle;
+ s->monitor_fn = monitor;
/* preparing parameters to send rpc request */
s->lookupname.in.domain_handle = &io->in.domain_handle;
@@ -397,16 +425,12 @@ struct composite_context *libnet_rpc_userdel_send(struct dcerpc_pipe *p,
/* send the request */
s->req = dcerpc_samr_LookupNames_send(p, c, &s->lookupname);
- /* callback handler */
+ /* callback handler setup */
s->req->async.callback = userdel_handler;
s->req->async.private = c;
s->stage = USERDEL_LOOKUP;
return c;
-
-failure:
- talloc_free(c);
- return NULL;
}
@@ -487,27 +511,31 @@ struct usermod_state {
static NTSTATUS usermod_lookup(struct composite_context *c,
struct usermod_state *s)
{
- NTSTATUS status;
-
+ /* receive samr_LookupNames result */
c->status = dcerpc_ndr_request_recv(s->req);
NT_STATUS_NOT_OK_RETURN(c->status);
+ /* what to do when there's no user account to delete
+ and what if there's more than one rid resolved */
if (!s->lookupname.out.rids.count) {
- /* TODO: no such user */
- status = NT_STATUS_NO_SUCH_USER;
+ c->status = NT_STATUS_NO_SUCH_USER;
+ composite_error(c, c->status);
} else if (!s->lookupname.out.rids.count > 1) {
- /* TODO: ambiguous username */
- status = NT_STATUS_INVALID_ACCOUNT_NAME;
+ c->status = NT_STATUS_INVALID_ACCOUNT_NAME;
+ composite_error(c, c->status);
}
+ /* prepare the next rpc call */
s->openuser.in.domain_handle = &s->domain_handle;
s->openuser.in.rid = s->lookupname.out.rids.ids[0];
s->openuser.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
s->openuser.out.user_handle = &s->user_handle;
+ /* send the rpc request */
s->req = dcerpc_samr_OpenUser_send(s->pipe, c, &s->openuser);
+ /* callback handler setup */
s->req->async.callback = usermod_handler;
s->req->async.private = c;
s->stage = USERMOD_OPEN;
@@ -516,6 +544,12 @@ static NTSTATUS usermod_lookup(struct composite_context *c,
}
+/**
+ * Choose a proper level of samr_UserInfo structure depending on required
+ * change specified by means of flags field. Subsequent calls of this
+ * function are made until there's no flags set meaning that all of the
+ * changes have been made.
+ */
static uint32_t usermod_setfields(struct usermod_state *s, uint16_t *level,
union samr_UserInfo *i)
{
@@ -625,13 +659,20 @@ static NTSTATUS usermod_open(struct composite_context *c,
c->status = dcerpc_ndr_request_recv(s->req);
NT_STATUS_NOT_OK_RETURN(c->status);
- /* Prepare UserInfo level and data based on bitmask field */
+ /* prepare UserInfo level and data based on bitmask field */
s->change.fields = usermod_setfields(s, &level, i);
+ /* If some specific level is used to set user account data and the change
+ itself does not cover all fields then we need to query the user info
+ first, right before changing the data. Otherwise we could set required
+ fields and accidentally reset the others.
+ */
if (s->stage == USERMOD_QUERY) {
s->queryuser.in.user_handle = &s->user_handle;
s->queryuser.in.level = level;
+ /* send query user info request to retrieve complete data of
+ a particular info level */
s->req = dcerpc_samr_QueryUserInfo_send(s->pipe, c, &s->queryuser);
} else {
@@ -639,9 +680,11 @@ static NTSTATUS usermod_open(struct composite_context *c,
s->setuser.in.level = level;
s->setuser.in.info = i;
+ /* send set user info request after making required change */
s->req = dcerpc_samr_SetUserInfo_send(s->pipe, c, &s->setuser);
}
+ /* callback handler setup */
s->req->async.callback = usermod_handler;
s->req->async.private = c;
@@ -658,19 +701,25 @@ static NTSTATUS usermod_query(struct composite_context *c,
union samr_UserInfo *i = &s->info;
uint16_t level;
+ /* receive samr_QueryUserInfo result */
c->status = dcerpc_ndr_request_recv(s->req);
NT_STATUS_NOT_OK_RETURN(c->status);
+ /* get returned user data and make a change (potentially one
+ of many) */
s->info = *s->queryuser.out.info;
s->change.fields = usermod_setfields(s, &level, i);
+ /* prepare rpc call arguments */
s->setuser.in.user_handle = &s->user_handle;
s->setuser.in.level = level;
s->setuser.in.info = i;
-
+
+ /* send the rpc request */
s->req = dcerpc_samr_SetUserInfo_send(s->pipe, c, &s->setuser);
+ /* callback handler setup */
s->req->async.callback = usermod_handler;
s->req->async.private = c;
@@ -684,6 +733,7 @@ static NTSTATUS usermod_query(struct composite_context *c,
static NTSTATUS usermod_modify(struct composite_context *c,
struct usermod_state *s)
{
+ /* receive samr_SetUserInfo result */
c->status = dcerpc_ndr_request_recv(s->req);
NT_STATUS_NOT_OK_RETURN(c->status);
@@ -702,16 +752,20 @@ static NTSTATUS usermod_modify(struct composite_context *c,
static void usermod_handler(struct rpc_request *req)
{
- struct composite_context *c = req->async.private;
- struct usermod_state *s = talloc_get_type(c->private_data, struct usermod_state);
+ struct composite_context *c;
+ struct usermod_state *s;
struct monitor_msg msg;
struct msg_rpc_lookup_name *msg_lookup;
struct msg_rpc_open_user *msg_open;
+ c = talloc_get_type(req->async.private, struct composite_context);
+ s = talloc_get_type(c->private_data, struct usermod_state);
+
switch (s->stage) {
case USERMOD_LOOKUP:
c->status = usermod_lookup(c, s);
-
+
+ /* monitor message */
msg.type = rpc_lookup_name;
msg_lookup = talloc(s, struct msg_rpc_lookup_name);
@@ -724,6 +778,7 @@ static void usermod_handler(struct rpc_request *req)
case USERMOD_OPEN:
c->status = usermod_open(c, s);
+ /* monitor message */
msg.type = rpc_open_user;
msg_open = talloc(s, struct msg_rpc_open_user);
@@ -736,6 +791,7 @@ static void usermod_handler(struct rpc_request *req)
case USERMOD_QUERY:
c->status = usermod_query(c, s);
+ /* monitor message */
msg.type = rpc_query_user;
msg.data = NULL;
msg.data_size = 0;
@@ -744,20 +800,24 @@ static void usermod_handler(struct rpc_request *req)
case USERMOD_MODIFY:
c->status = usermod_modify(c, s);
+ /* monitor message */
msg.type = rpc_set_user;
msg.data = NULL;
msg.data_size = 0;
break;
}
+ /* are we ok, so far ? */
if (!NT_STATUS_IS_OK(c->status)) {
c->state = COMPOSITE_STATE_ERROR;
}
+ /* call monitor function provided the pointer has been passed */
if (s->monitor_fn) {
s->monitor_fn(&msg);
}
+ /* are we done yet ? */
if (c->state >= COMPOSITE_STATE_DONE &&
c->async.fn) {
c->async.fn(c);
@@ -770,44 +830,48 @@ static void usermod_handler(struct rpc_request *req)
*
* @param p dce/rpc call pipe
* @param io arguments and results of the call
+ * @param monitor monitor function for providing information about the progress
*/
struct composite_context *libnet_rpc_usermod_send(struct dcerpc_pipe *p,
- struct libnet_rpc_usermod *io)
+ struct libnet_rpc_usermod *io,
+ void (*monitor)(struct monitor_msg*))
{
struct composite_context *c;
struct usermod_state *s;
-
+
+ /* composite context allocation and setup */
c = talloc_zero(p, struct composite_context);
- if (c == NULL) goto failure;
+ if (c == NULL) return NULL;
s = talloc_zero(c, struct usermod_state);
- if (s == NULL) goto failure;
+ if (composite_nomem(s, c)) return c;
c->state = COMPOSITE_STATE_IN_PROGRESS;
c->private_data = s;
c->event_ctx = dcerpc_event_context(p);
+ /* store parameters in the call structure */
s->pipe = p;
s->domain_handle = io->in.domain_handle;
s->change = io->in.change;
+ s->monitor_fn = monitor;
+ /* prepare rpc call arguments */
s->lookupname.in.domain_handle = &io->in.domain_handle;
s->lookupname.in.num_names = 1;
s->lookupname.in.names = talloc_zero(s, struct lsa_String);
s->lookupname.in.names->string = io->in.username;
-
+
+ /* send the rpc request */
s->req = dcerpc_samr_LookupNames_send(p, c, &s->lookupname);
+ /* callback handler setup */
s->req->async.callback = usermod_handler;
s->req->async.private = c;
s->stage = USERMOD_LOOKUP;
return c;
-
-failure:
- talloc_free(c);
- return NULL;
}
@@ -845,6 +909,6 @@ NTSTATUS libnet_rpc_usermod(struct dcerpc_pipe *p,
TALLOC_CTX *mem_ctx,
struct libnet_rpc_usermod *io)
{
- struct composite_context *c = libnet_rpc_usermod_send(p, io);
+ struct composite_context *c = libnet_rpc_usermod_send(p, io, NULL);
return libnet_rpc_usermod_recv(c, mem_ctx, io);
}