diff options
-rw-r--r-- | source3/libmsrpc/cac_lsarpc.c | 2092 | ||||
-rw-r--r-- | source3/libmsrpc/cac_samr.c | 4048 | ||||
-rw-r--r-- | source3/libmsrpc/cac_svcctl.c | 850 | ||||
-rw-r--r-- | source3/libmsrpc/cac_winreg.c | 1791 | ||||
-rw-r--r-- | source3/libmsrpc/libmsrpc.c | 495 | ||||
-rw-r--r-- | source3/libmsrpc/libmsrpc_internal.c | 1199 |
6 files changed, 5563 insertions, 4912 deletions
diff --git a/source3/libmsrpc/cac_lsarpc.c b/source3/libmsrpc/cac_lsarpc.c index 3af0b7b3b5..2e3eb276d5 100644 --- a/source3/libmsrpc/cac_lsarpc.c +++ b/source3/libmsrpc/cac_lsarpc.c @@ -1,3 +1,4 @@ + /* * Unix SMB/CIFS implementation. * MS-RPC client library implementation (LSA pipe) @@ -21,1061 +22,1212 @@ #include "libmsrpc.h" #include "libsmb_internal.h" -int cac_LsaOpenPolicy(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaOpenPolicy *op) { - SMBCSRV *srv = NULL; - POLICY_HND *policy = NULL; - struct rpc_pipe_client *pipe_hnd = NULL; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!mem_ctx || !op) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - op->out.pol = NULL; - - srv = cac_GetServer(hnd); - if(!srv) { - hnd->status = NT_STATUS_INVALID_CONNECTION; - return CAC_FAILURE; - } - - /*see if there is already an active session on this pipe, if not then open one*/ - if(!hnd->_internal.pipes[PI_LSARPC]) { - pipe_hnd = cli_rpc_pipe_open_noauth(srv->cli, PI_LSARPC, &hnd->status); - - if(!pipe_hnd) { - hnd->status = NT_STATUS_UNSUCCESSFUL; - return CAC_FAILURE; - } - - hnd->_internal.pipes[PI_LSARPC] = True; - } - - pipe_hnd = cac_GetPipe(hnd, PI_LSARPC); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - policy = TALLOC_P(mem_ctx, POLICY_HND); - if(!policy) { - errno = ENOMEM; - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - /*need to make sure that our nt status is good otherwise check might fail below*/ - hnd->status = NT_STATUS_OK; - - if(hnd->_internal.srv_level >= SRV_WIN_2K) { - - /*try using open_policy2, if this fails try again in next block using open_policy, if that works then adjust hnd->_internal.srv_level*/ - - /*we shouldn't need to modify the access mask to make it work here*/ - hnd->status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, op->in.security_qos, op->in.access, policy); - - } - - if(hnd->_internal.srv_level < SRV_WIN_2K || !NT_STATUS_IS_OK(hnd->status)) { - hnd->status = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, op->in.security_qos, op->in.access, policy); - - if(hnd->_internal.srv_level > SRV_WIN_NT4 && NT_STATUS_IS_OK(hnd->status)) { - /*change the server level to 1*/ - hnd->_internal.srv_level = SRV_WIN_NT4; - } - - } - - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } - - op->out.pol = policy; - - return CAC_SUCCESS; +int cac_LsaOpenPolicy( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct LsaOpenPolicy *op ) +{ + SMBCSRV *srv = NULL; + POLICY_HND *policy = NULL; + struct rpc_pipe_client *pipe_hnd = NULL; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !mem_ctx || !op ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + op->out.pol = NULL; + + srv = cac_GetServer( hnd ); + if ( !srv ) { + hnd->status = NT_STATUS_INVALID_CONNECTION; + return CAC_FAILURE; + } + + /*see if there is already an active session on this pipe, if not then open one */ + if ( !hnd->_internal.pipes[PI_LSARPC] ) { + pipe_hnd = + cli_rpc_pipe_open_noauth( srv->cli, PI_LSARPC, + &hnd->status ); + + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_UNSUCCESSFUL; + return CAC_FAILURE; + } + + hnd->_internal.pipes[PI_LSARPC] = True; + } + + pipe_hnd = cac_GetPipe( hnd, PI_LSARPC ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + policy = TALLOC_P( mem_ctx, POLICY_HND ); + if ( !policy ) { + errno = ENOMEM; + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + /*need to make sure that our nt status is good otherwise check might fail below */ + hnd->status = NT_STATUS_OK; + + if ( hnd->_internal.srv_level >= SRV_WIN_2K ) { + + /*try using open_policy2, if this fails try again in next block using open_policy, if that works then adjust hnd->_internal.srv_level */ + + /*we shouldn't need to modify the access mask to make it work here */ + hnd->status = + rpccli_lsa_open_policy2( pipe_hnd, mem_ctx, + op->in.security_qos, + op->in.access, policy ); + + } + + if ( hnd->_internal.srv_level < SRV_WIN_2K + || !NT_STATUS_IS_OK( hnd->status ) ) { + hnd->status = + rpccli_lsa_open_policy( pipe_hnd, mem_ctx, + op->in.security_qos, + op->in.access, policy ); + + if ( hnd->_internal.srv_level > SRV_WIN_NT4 + && NT_STATUS_IS_OK( hnd->status ) ) { + /*change the server level to 1 */ + hnd->_internal.srv_level = SRV_WIN_NT4; + } + + } + + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } + + op->out.pol = policy; + + return CAC_SUCCESS; } -int cac_LsaClosePolicy(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *pol) { +int cac_LsaClosePolicy( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + POLICY_HND * pol ) +{ + + struct rpc_pipe_client *pipe_hnd = NULL; - struct rpc_pipe_client *pipe_hnd = NULL; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd) - return CAC_FAILURE; - - if(!pol) - return CAC_SUCCESS; /*if the policy handle doesnt exist then it's already closed*/ + if ( !pol ) + return CAC_SUCCESS; /*if the policy handle doesnt exist then it's already closed */ - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_LSARPC); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_LSARPC ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - hnd->status = rpccli_lsa_Close(pipe_hnd, mem_ctx, pol); + hnd->status = rpccli_lsa_Close( pipe_hnd, mem_ctx, pol ); - TALLOC_FREE(pol); + TALLOC_FREE( pol ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_LsaGetNamesFromSids(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaGetNamesFromSids *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - - int result = -1; - - int i; - - /*buffers for outputs*/ - char **domains = NULL; - char **names = NULL; - enum lsa_SidType *types = NULL; - - CacSidInfo *sids_out = NULL; - DOM_SID *unknown_out = NULL; - int num_unknown = 0; - - int num_sids; - - int found_idx; - int unknown_idx; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!mem_ctx || !op || !op->in.pol || !op->in.sids) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - num_sids = op->in.num_sids; - - pipe_hnd = cac_GetPipe(hnd, PI_LSARPC); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - - - /*now actually lookup the names*/ - hnd->status = rpccli_lsa_lookup_sids(pipe_hnd, mem_ctx, op->in.pol, op->in.num_sids, - op->in.sids, &domains, &names, &types); - - if(NT_STATUS_IS_OK(hnd->status)) { - /*this is the easy part, just make the out.sids array*/ - sids_out = TALLOC_ARRAY(mem_ctx, CacSidInfo, num_sids); - if(!sids_out) { - errno = ENOMEM; - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - for(i = 0; i < num_sids; i++) { - sids_out[i].sid = op->in.sids[i]; - sids_out[i].name = names[i]; - sids_out[i].domain = domains[i]; - } - - result = CAC_SUCCESS; - } - else if(NT_STATUS_V(hnd->status) == NT_STATUS_V(STATUS_SOME_UNMAPPED)) { - /*first find out how many couldn't be looked up*/ - - for(i = 0; i < num_sids; i++) { - if(names[i] == NULL) { - num_unknown++; - } - } - - if( num_unknown >= num_sids) { - hnd->status = NT_STATUS_UNSUCCESSFUL; - return CAC_FAILURE; - } - - sids_out = TALLOC_ARRAY(mem_ctx, CacSidInfo, (num_sids - num_unknown)); - if(!sids_out) { - errno = ENOMEM; - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - unknown_out = TALLOC_ARRAY(mem_ctx, DOM_SID, num_unknown); - if(!unknown_out) { - errno = ENOMEM; - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - found_idx = unknown_idx = 0; - - /*now we can actually do the real work*/ - for(i = 0; i < num_sids; i++) { - if(names[i] != NULL) { - sids_out[found_idx].sid = op->in.sids[i]; - sids_out[found_idx].name = names[i]; - sids_out[found_idx].domain = domains[i]; - - found_idx++; - } - else { /*then this one didnt work out*/ - unknown_out[unknown_idx] = op->in.sids[i]; - - unknown_idx++; - } - } - - result = CAC_PARTIAL_SUCCESS; - } - else { /*then it failed for some reason*/ - return CAC_FAILURE; - } - - op->out.num_found = num_sids - num_unknown; - op->out.sids = sids_out; - op->out.unknown = unknown_out; - - return result; - +int cac_LsaGetNamesFromSids( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct LsaGetNamesFromSids *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + int result = -1; + + int i; + + /*buffers for outputs */ + char **domains = NULL; + char **names = NULL; + enum lsa_SidType *types = NULL; + + CacSidInfo *sids_out = NULL; + DOM_SID *unknown_out = NULL; + int num_unknown = 0; + + int num_sids; + + int found_idx; + int unknown_idx; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !mem_ctx || !op || !op->in.pol || !op->in.sids ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + num_sids = op->in.num_sids; + + pipe_hnd = cac_GetPipe( hnd, PI_LSARPC ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + + + /*now actually lookup the names */ + hnd->status = + rpccli_lsa_lookup_sids( pipe_hnd, mem_ctx, op->in.pol, + op->in.num_sids, op->in.sids, + &domains, &names, &types ); + + if ( NT_STATUS_IS_OK( hnd->status ) ) { + /*this is the easy part, just make the out.sids array */ + sids_out = TALLOC_ARRAY( mem_ctx, CacSidInfo, num_sids ); + if ( !sids_out ) { + errno = ENOMEM; + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + for ( i = 0; i < num_sids; i++ ) { + sids_out[i].sid = op->in.sids[i]; + sids_out[i].name = names[i]; + sids_out[i].domain = domains[i]; + } + + result = CAC_SUCCESS; + } else if ( NT_STATUS_V( hnd->status ) == + NT_STATUS_V( STATUS_SOME_UNMAPPED ) ) { + /*first find out how many couldn't be looked up */ + + for ( i = 0; i < num_sids; i++ ) { + if ( names[i] == NULL ) { + num_unknown++; + } + } + + if ( num_unknown >= num_sids ) { + hnd->status = NT_STATUS_UNSUCCESSFUL; + return CAC_FAILURE; + } + + sids_out = + TALLOC_ARRAY( mem_ctx, CacSidInfo, + ( num_sids - num_unknown ) ); + if ( !sids_out ) { + errno = ENOMEM; + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + unknown_out = TALLOC_ARRAY( mem_ctx, DOM_SID, num_unknown ); + if ( !unknown_out ) { + errno = ENOMEM; + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + found_idx = unknown_idx = 0; + + /*now we can actually do the real work */ + for ( i = 0; i < num_sids; i++ ) { + if ( names[i] != NULL ) { + sids_out[found_idx].sid = op->in.sids[i]; + sids_out[found_idx].name = names[i]; + sids_out[found_idx].domain = domains[i]; + + found_idx++; + } else { /*then this one didnt work out */ + unknown_out[unknown_idx] = op->in.sids[i]; + + unknown_idx++; + } + } + + result = CAC_PARTIAL_SUCCESS; + } else { /*then it failed for some reason */ + return CAC_FAILURE; + } + + op->out.num_found = num_sids - num_unknown; + op->out.sids = sids_out; + op->out.unknown = unknown_out; + + return result; + } -int cac_LsaGetSidsFromNames(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaGetSidsFromNames *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - int result = -1; - - int i; - - /*buffers for outputs*/ - DOM_SID *sids = NULL; - enum lsa_SidType *types = NULL; - - CacSidInfo *sids_out = NULL; - char **unknown_out = NULL; - int num_unknown = 0; - - int num_names; - - int found_idx = 0; - int unknown_idx = 0; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!mem_ctx || !op || !op->in.pol || !op->in.names) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - num_names = op->in.num_names; - - pipe_hnd = cac_GetPipe(hnd, PI_LSARPC); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - - /*now actually lookup the names*/ - hnd->status = rpccli_lsa_lookup_names( pipe_hnd, mem_ctx, op->in.pol, num_names, - (const char **)op->in.names, NULL, &sids, &types); - - if(NT_STATUS_IS_OK(hnd->status)) { - /*this is the easy part, just make the out.sids array*/ - sids_out = TALLOC_ARRAY(mem_ctx, CacSidInfo, num_names); - if(!sids_out) { - errno = ENOMEM; - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - for(i = 0; i < num_names; i++) { - sids_out[i].sid = sids[i]; - sids_out[i].name = talloc_strdup(mem_ctx, op->in.names[i]); - sids_out[i].domain = NULL; - } - - result = CAC_SUCCESS; - } - else if(NT_STATUS_V(hnd->status) == NT_STATUS_V(STATUS_SOME_UNMAPPED)) { - /*first find out how many couldn't be looked up*/ - - for(i = 0; i < num_names; i++) { - if(types[i] == SID_NAME_UNKNOWN) { - num_unknown++; - } - } - - if( num_unknown >= num_names) { - hnd->status = NT_STATUS_UNSUCCESSFUL; - return CAC_FAILURE; - } - - sids_out = TALLOC_ARRAY(mem_ctx, CacSidInfo, (num_names - num_unknown)); - if(!sids_out) { - errno = ENOMEM; - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - unknown_out = TALLOC_ARRAY(mem_ctx, char *, num_unknown); - if(!unknown_out) { - errno = ENOMEM; - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - unknown_idx = found_idx = 0; - - /*now we can actually do the real work*/ - for(i = 0; i < num_names; i++) { - if(types[i] != SID_NAME_UNKNOWN) { - sids_out[found_idx].sid = sids[i]; - sids_out[found_idx].name = talloc_strdup(mem_ctx, op->in.names[i]); - sids_out[found_idx].domain = NULL; - - found_idx++; - } - else { /*then this one didnt work out*/ - unknown_out[unknown_idx] = talloc_strdup(mem_ctx, op->in.names[i]); - - unknown_idx++; - } - } - - result = CAC_PARTIAL_SUCCESS; - } - else { /*then it failed for some reason*/ - return CAC_FAILURE; - } - - op->out.num_found = num_names - num_unknown; - op->out.sids = sids_out; - op->out.unknown = unknown_out; - - return result; - +int cac_LsaGetSidsFromNames( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct LsaGetSidsFromNames *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + int result = -1; + + int i; + + /*buffers for outputs */ + DOM_SID *sids = NULL; + enum lsa_SidType *types = NULL; + + CacSidInfo *sids_out = NULL; + char **unknown_out = NULL; + int num_unknown = 0; + + int num_names; + + int found_idx = 0; + int unknown_idx = 0; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !mem_ctx || !op || !op->in.pol || !op->in.names ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + num_names = op->in.num_names; + + pipe_hnd = cac_GetPipe( hnd, PI_LSARPC ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + + /*now actually lookup the names */ + hnd->status = + rpccli_lsa_lookup_names( pipe_hnd, mem_ctx, op->in.pol, + num_names, + ( const char ** ) op->in.names, NULL, + &sids, &types ); + + if ( NT_STATUS_IS_OK( hnd->status ) ) { + /*this is the easy part, just make the out.sids array */ + sids_out = TALLOC_ARRAY( mem_ctx, CacSidInfo, num_names ); + if ( !sids_out ) { + errno = ENOMEM; + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + for ( i = 0; i < num_names; i++ ) { + sids_out[i].sid = sids[i]; + sids_out[i].name = + talloc_strdup( mem_ctx, op->in.names[i] ); + sids_out[i].domain = NULL; + } + + result = CAC_SUCCESS; + } else if ( NT_STATUS_V( hnd->status ) == + NT_STATUS_V( STATUS_SOME_UNMAPPED ) ) { + /*first find out how many couldn't be looked up */ + + for ( i = 0; i < num_names; i++ ) { + if ( types[i] == SID_NAME_UNKNOWN ) { + num_unknown++; + } + } + + if ( num_unknown >= num_names ) { + hnd->status = NT_STATUS_UNSUCCESSFUL; + return CAC_FAILURE; + } + + sids_out = + TALLOC_ARRAY( mem_ctx, CacSidInfo, + ( num_names - num_unknown ) ); + if ( !sids_out ) { + errno = ENOMEM; + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + unknown_out = TALLOC_ARRAY( mem_ctx, char *, num_unknown ); + if ( !unknown_out ) { + errno = ENOMEM; + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + unknown_idx = found_idx = 0; + + /*now we can actually do the real work */ + for ( i = 0; i < num_names; i++ ) { + if ( types[i] != SID_NAME_UNKNOWN ) { + sids_out[found_idx].sid = sids[i]; + sids_out[found_idx].name = + talloc_strdup( mem_ctx, + op->in.names[i] ); + sids_out[found_idx].domain = NULL; + + found_idx++; + } else { /*then this one didnt work out */ + unknown_out[unknown_idx] = + talloc_strdup( mem_ctx, + op->in.names[i] ); + + unknown_idx++; + } + } + + result = CAC_PARTIAL_SUCCESS; + } else { /*then it failed for some reason */ + return CAC_FAILURE; + } + + op->out.num_found = num_names - num_unknown; + op->out.sids = sids_out; + op->out.unknown = unknown_out; + + return result; + } -int cac_LsaFetchSid(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaFetchSid *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - int result = -1; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC] ) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!mem_ctx || !op || !op->in.pol) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_LSARPC); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - op->out.local_sid = NULL; - op->out.domain_sid = NULL; - - if( (op->in.info_class & CAC_LOCAL_INFO) == CAC_LOCAL_INFO) { - DOM_SID *local_sid = NULL; - char *dom_name = NULL; - - hnd->status = rpccli_lsa_query_info_policy( pipe_hnd, mem_ctx, op->in.pol, CAC_LOCAL_INFO, &dom_name, &local_sid); - - if(!NT_STATUS_IS_OK(hnd->status)) { - result = CAC_FAILURE; - goto domain; - } - - op->out.local_sid = talloc(mem_ctx, CacSidInfo); - if(!op->out.local_sid) { - hnd->status = NT_STATUS_NO_MEMORY; - result = CAC_FAILURE; - goto domain; - } - - op->out.local_sid->domain = dom_name; - - sid_copy(&op->out.local_sid->sid, local_sid); - TALLOC_FREE(local_sid); - } - -domain: - - if( (op->in.info_class & CAC_DOMAIN_INFO) == CAC_DOMAIN_INFO) { - DOM_SID *domain_sid; - char *dom_name; - - hnd->status = rpccli_lsa_query_info_policy( pipe_hnd, mem_ctx, op->in.pol, CAC_DOMAIN_INFO, &dom_name, &domain_sid); - if(!NT_STATUS_IS_OK(hnd->status)) { - /*if we succeeded above, report partial success*/ - result = CAC_FAILURE; - goto done; - } - else if(result == CAC_FAILURE) { - /*if we failed above but succeded here then report partial success*/ - result = CAC_PARTIAL_SUCCESS; - } - - op->out.domain_sid = talloc(mem_ctx, CacSidInfo); - if(!op->out.domain_sid) { - hnd->status = NT_STATUS_NO_MEMORY; - result = CAC_FAILURE; - goto done; - } - - op->out.domain_sid->domain = dom_name; - sid_copy(&op->out.domain_sid->sid, domain_sid); - TALLOC_FREE(domain_sid); - } - -done: - return result; +int cac_LsaFetchSid( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct LsaFetchSid *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + int result = -1; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !mem_ctx || !op || !op->in.pol ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + pipe_hnd = cac_GetPipe( hnd, PI_LSARPC ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + op->out.local_sid = NULL; + op->out.domain_sid = NULL; + + if ( ( op->in.info_class & CAC_LOCAL_INFO ) == CAC_LOCAL_INFO ) { + DOM_SID *local_sid = NULL; + char *dom_name = NULL; + + hnd->status = + rpccli_lsa_query_info_policy( pipe_hnd, mem_ctx, + op->in.pol, + CAC_LOCAL_INFO, + &dom_name, &local_sid ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + result = CAC_FAILURE; + goto domain; + } + + op->out.local_sid = talloc( mem_ctx, CacSidInfo ); + if ( !op->out.local_sid ) { + hnd->status = NT_STATUS_NO_MEMORY; + result = CAC_FAILURE; + goto domain; + } + + op->out.local_sid->domain = dom_name; + + sid_copy( &op->out.local_sid->sid, local_sid ); + TALLOC_FREE( local_sid ); + } + + domain: + + if ( ( op->in.info_class & CAC_DOMAIN_INFO ) == CAC_DOMAIN_INFO ) { + DOM_SID *domain_sid; + char *dom_name; + + hnd->status = + rpccli_lsa_query_info_policy( pipe_hnd, mem_ctx, + op->in.pol, + CAC_DOMAIN_INFO, + &dom_name, + &domain_sid ); + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + /*if we succeeded above, report partial success */ + result = CAC_FAILURE; + goto done; + } else if ( result == CAC_FAILURE ) { + /*if we failed above but succeded here then report partial success */ + result = CAC_PARTIAL_SUCCESS; + } + + op->out.domain_sid = talloc( mem_ctx, CacSidInfo ); + if ( !op->out.domain_sid ) { + hnd->status = NT_STATUS_NO_MEMORY; + result = CAC_FAILURE; + goto done; + } + + op->out.domain_sid->domain = dom_name; + sid_copy( &op->out.domain_sid->sid, domain_sid ); + TALLOC_FREE( domain_sid ); + } + + done: + return result; } -int cac_LsaQueryInfoPolicy(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaQueryInfoPolicy *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - - char *domain_name = NULL; - char *dns_name = NULL; - char *forest_name = NULL; - struct GUID *domain_guid = NULL; - DOM_SID *domain_sid = NULL; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || !op->in.pol) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_LSARPC); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - /*only works if info_class parm is 12*/ - hnd->status = rpccli_lsa_query_info_policy2(pipe_hnd, mem_ctx, op->in.pol, 12, - &domain_name, &dns_name, &forest_name, &domain_guid, &domain_sid); - - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } - - op->out.domain_name = domain_name; - op->out.dns_name = dns_name; - op->out.forest_name = forest_name; - op->out.domain_guid = domain_guid; - op->out.domain_sid = domain_sid; - - return CAC_SUCCESS; +int cac_LsaQueryInfoPolicy( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct LsaQueryInfoPolicy *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + char *domain_name = NULL; + char *dns_name = NULL; + char *forest_name = NULL; + struct GUID *domain_guid = NULL; + DOM_SID *domain_sid = NULL; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !op->in.pol ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + pipe_hnd = cac_GetPipe( hnd, PI_LSARPC ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + /*only works if info_class parm is 12 */ + hnd->status = + rpccli_lsa_query_info_policy2( pipe_hnd, mem_ctx, op->in.pol, + 12, &domain_name, &dns_name, + &forest_name, &domain_guid, + &domain_sid ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } + + op->out.domain_name = domain_name; + op->out.dns_name = dns_name; + op->out.forest_name = forest_name; + op->out.domain_guid = domain_guid; + op->out.domain_sid = domain_sid; + + return CAC_SUCCESS; } -int cac_LsaEnumSids(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumSids *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_LsaEnumSids( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct LsaEnumSids *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - uint32 num_sids; - DOM_SID *sids; + uint32 num_sids; + DOM_SID *sids; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.pol) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.pol ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_LSARPC); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_LSARPC ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - hnd->status = rpccli_lsa_enum_sids(pipe_hnd, mem_ctx, op->in.pol, &(op->out.resume_idx), op->in.pref_max_sids, &num_sids, &sids); + hnd->status = + rpccli_lsa_enum_sids( pipe_hnd, mem_ctx, op->in.pol, + &( op->out.resume_idx ), + op->in.pref_max_sids, &num_sids, + &sids ); - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } - op->out.num_sids = num_sids; - op->out.sids = sids; + op->out.num_sids = num_sids; + op->out.sids = sids; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_LsaEnumAccountRights(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumAccountRights *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_LsaEnumAccountRights( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct LsaEnumAccountRights *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - uint32 count = 0; - char **privs = NULL; + uint32 count = 0; + char **privs = NULL; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op->in.pol) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op->in.pol ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - if(!op->in.name && !op->in.sid) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op->in.name && !op->in.sid ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_LSARPC); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_LSARPC ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(op->in.name && !op->in.sid) { - DOM_SID *user_sid = NULL; - enum lsa_SidType *type; + if ( op->in.name && !op->in.sid ) { + DOM_SID *user_sid = NULL; + enum lsa_SidType *type; - /*lookup the SID*/ - hnd->status = rpccli_lsa_lookup_names( pipe_hnd, mem_ctx, op->in.pol, 1, (const char **)&(op->in.name), NULL, &user_sid, &type); + /*lookup the SID */ + hnd->status = + rpccli_lsa_lookup_names( pipe_hnd, mem_ctx, + op->in.pol, 1, + ( const char ** ) &( op->in. + name ), + NULL, &user_sid, &type ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->in.sid = user_sid; - } - - hnd->status = rpccli_lsa_enum_account_rights( pipe_hnd, mem_ctx, op->in.pol, op->in.sid, - &count, &privs); + op->in.sid = user_sid; + } - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } + hnd->status = + rpccli_lsa_enum_account_rights( pipe_hnd, mem_ctx, op->in.pol, + op->in.sid, &count, &privs ); - op->out.num_privs = count; - op->out.priv_names = privs; + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } - return CAC_SUCCESS; -} + op->out.num_privs = count; + op->out.priv_names = privs; -int cac_LsaEnumTrustedDomains(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumTrustedDomains *op) { - struct rpc_pipe_client *pipe_hnd; - - uint32 num_domains; - char **domain_names; - DOM_SID *domain_sids; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op->in.pol) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_LSARPC); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - hnd->status = rpccli_lsa_enum_trust_dom( pipe_hnd, mem_ctx, op->in.pol, &(op->out.resume_idx), &num_domains, &domain_names, &domain_sids); - - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } - - op->out.num_domains = num_domains; - op->out.domain_names = domain_names; - op->out.domain_sids = domain_sids; - - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_LsaOpenTrustedDomain(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaOpenTrustedDomain *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - - POLICY_HND *dom_pol = NULL; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op->in.pol || !op->in.access || !op->in.domain_sid) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_LSARPC); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - dom_pol = talloc(mem_ctx, POLICY_HND); - if(!dom_pol) { - hnd->status = NT_STATUS_NO_MEMORY; - errno = ENOMEM; - return CAC_FAILURE; - } - - hnd->status = rpccli_lsa_open_trusted_domain( pipe_hnd, mem_ctx, op->in.pol, op->in.domain_sid, op->in.access, dom_pol); - - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } - - op->out.domain_pol = dom_pol; - - return CAC_SUCCESS; +int cac_LsaEnumTrustedDomains( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct LsaEnumTrustedDomains *op ) +{ + struct rpc_pipe_client *pipe_hnd; + + uint32 num_domains; + char **domain_names; + DOM_SID *domain_sids; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op->in.pol ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + pipe_hnd = cac_GetPipe( hnd, PI_LSARPC ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + hnd->status = + rpccli_lsa_enum_trust_dom( pipe_hnd, mem_ctx, op->in.pol, + &( op->out.resume_idx ), + &num_domains, &domain_names, + &domain_sids ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } + + op->out.num_domains = num_domains; + op->out.domain_names = domain_names; + op->out.domain_sids = domain_sids; + + return CAC_SUCCESS; } -int cac_LsaQueryTrustedDomainInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaQueryTrustedDomainInfo *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_LsaOpenTrustedDomain( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct LsaOpenTrustedDomain *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - LSA_TRUSTED_DOMAIN_INFO *dom_info; + POLICY_HND *dom_pol = NULL; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op->in.pol || !op->in.info_class) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op->in.pol || !op->in.access || !op->in.domain_sid ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - if(!op->in.domain_sid && !op->in.domain_name) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_LSARPC ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_LSARPC); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + dom_pol = talloc( mem_ctx, POLICY_HND ); + if ( !dom_pol ) { + hnd->status = NT_STATUS_NO_MEMORY; + errno = ENOMEM; + return CAC_FAILURE; + } - if(op->in.domain_sid) { - hnd->status = rpccli_lsa_query_trusted_domain_info_by_sid( pipe_hnd, mem_ctx, op->in.pol, op->in.info_class, op->in.domain_sid, &dom_info); - } - else if(op->in.domain_name) { - hnd->status = rpccli_lsa_query_trusted_domain_info_by_name( pipe_hnd, mem_ctx, op->in.pol, op->in.info_class, op->in.domain_name, &dom_info); - } + hnd->status = + rpccli_lsa_open_trusted_domain( pipe_hnd, mem_ctx, op->in.pol, + op->in.domain_sid, + op->in.access, dom_pol ); - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } - op->out.info = dom_info; - - return CAC_SUCCESS; + op->out.domain_pol = dom_pol; + return CAC_SUCCESS; } -int cac_LsaEnumPrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumPrivileges *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - - uint32 num_privs; - char **priv_names; - uint32 *high_bits; - uint32 *low_bits; - - if(!hnd) { - return CAC_FAILURE; - } - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || !op->in.pol) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_LSARPC); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - hnd->status = rpccli_lsa_enum_privilege(pipe_hnd, mem_ctx, op->in.pol, &(op->out.resume_idx), op->in.pref_max_privs, - &num_privs, &priv_names, &high_bits, &low_bits); - - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } +int cac_LsaQueryTrustedDomainInfo( CacServerHandle * hnd, + TALLOC_CTX * mem_ctx, + struct LsaQueryTrustedDomainInfo *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + LSA_TRUSTED_DOMAIN_INFO *dom_info; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op->in.pol || !op->in.info_class ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + if ( !op->in.domain_sid && !op->in.domain_name ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + pipe_hnd = cac_GetPipe( hnd, PI_LSARPC ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( op->in.domain_sid ) { + hnd->status = + rpccli_lsa_query_trusted_domain_info_by_sid( pipe_hnd, + mem_ctx, + op->in. + pol, + op->in. + info_class, + op->in. + domain_sid, + &dom_info ); + } else if ( op->in.domain_name ) { + hnd->status = + rpccli_lsa_query_trusted_domain_info_by_name + ( pipe_hnd, mem_ctx, op->in.pol, op->in.info_class, + op->in.domain_name, &dom_info ); + } + + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } + + op->out.info = dom_info; + + return CAC_SUCCESS; - op->out.num_privs = num_privs; - op->out.priv_names = priv_names; - op->out.high_bits = high_bits; - op->out.low_bits = low_bits; - - return CAC_SUCCESS; } -int cac_LsaOpenAccount(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaOpenAccount *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - - POLICY_HND *user_pol = NULL; - - if(!hnd) { - return CAC_FAILURE; - } - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || !op->in.pol) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - if(!op->in.sid && !op->in.name) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_LSARPC); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - /*look up the user's SID if we have to*/ - if(op->in.name && !op->in.sid) { - DOM_SID *user_sid = NULL; - enum lsa_SidType *type; - - /*lookup the SID*/ - hnd->status = rpccli_lsa_lookup_names( pipe_hnd, mem_ctx, op->in.pol, 1, (const char **)&(op->in.name), NULL, &user_sid, &type); - - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; - - op->in.sid = user_sid; - } - - user_pol = talloc(mem_ctx, POLICY_HND); - if(!user_pol) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - hnd->status = rpccli_lsa_open_account(pipe_hnd, mem_ctx, op->in.pol, op->in.sid, op->in.access, user_pol); - - if(!NT_STATUS_IS_OK(hnd->status)) { - TALLOC_FREE(user_pol); - return CAC_FAILURE; - } - - op->out.user = user_pol; - - return CAC_SUCCESS; +int cac_LsaEnumPrivileges( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct LsaEnumPrivileges *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + uint32 num_privs; + char **priv_names; + uint32 *high_bits; + uint32 *low_bits; + + if ( !hnd ) { + return CAC_FAILURE; + } + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !op->in.pol ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + pipe_hnd = cac_GetPipe( hnd, PI_LSARPC ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + hnd->status = + rpccli_lsa_enum_privilege( pipe_hnd, mem_ctx, op->in.pol, + &( op->out.resume_idx ), + op->in.pref_max_privs, &num_privs, + &priv_names, &high_bits, + &low_bits ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } + + op->out.num_privs = num_privs; + op->out.priv_names = priv_names; + op->out.high_bits = high_bits; + op->out.low_bits = low_bits; + + return CAC_SUCCESS; } - -int cac_LsaAddPrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaAddPrivileges *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - - DOM_SID *user_sid = NULL; - enum lsa_SidType *type = NULL; - - if(!hnd) { - return CAC_FAILURE; - } - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || !op->in.pol || !op->in.priv_names) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - if(!op->in.sid && !op->in.name) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_LSARPC); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(op->in.name && !op->in.sid) { - /*lookup the SID*/ - hnd->status = rpccli_lsa_lookup_names( pipe_hnd, mem_ctx, op->in.pol, 1, (const char **)&(op->in.name), NULL, &user_sid, &type); - - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; - - op->in.sid = user_sid; - } - - hnd->status = rpccli_lsa_add_account_rights( pipe_hnd, mem_ctx, op->in.pol, *(op->in.sid), op->in.num_privs, (const char **)op->in.priv_names); - - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } - - return CAC_SUCCESS; +int cac_LsaOpenAccount( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct LsaOpenAccount *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + POLICY_HND *user_pol = NULL; + + if ( !hnd ) { + return CAC_FAILURE; + } + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !op->in.pol ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + if ( !op->in.sid && !op->in.name ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + pipe_hnd = cac_GetPipe( hnd, PI_LSARPC ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + /*look up the user's SID if we have to */ + if ( op->in.name && !op->in.sid ) { + DOM_SID *user_sid = NULL; + enum lsa_SidType *type; + + /*lookup the SID */ + hnd->status = + rpccli_lsa_lookup_names( pipe_hnd, mem_ctx, + op->in.pol, 1, + ( const char ** ) &( op->in. + name ), + NULL, &user_sid, &type ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; + + op->in.sid = user_sid; + } + + user_pol = talloc( mem_ctx, POLICY_HND ); + if ( !user_pol ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + hnd->status = + rpccli_lsa_open_account( pipe_hnd, mem_ctx, op->in.pol, + op->in.sid, op->in.access, + user_pol ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + TALLOC_FREE( user_pol ); + return CAC_FAILURE; + } + + op->out.user = user_pol; + + return CAC_SUCCESS; } -int cac_LsaRemovePrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaRemovePrivileges *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - - DOM_SID *user_sid = NULL; - enum lsa_SidType *type = NULL; - - if(!hnd) { - return CAC_FAILURE; - } - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || !op->in.pol || !op->in.priv_names) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - if(!op->in.sid && !op->in.name) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_LSARPC); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(op->in.name && !op->in.sid) { - /*lookup the SID*/ - hnd->status = rpccli_lsa_lookup_names( pipe_hnd, mem_ctx, op->in.pol, 1, (const char **)&(op->in.name), NULL, &user_sid, &type); - - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; - - op->in.sid = user_sid; - } - - hnd->status = rpccli_lsa_remove_account_rights( pipe_hnd, mem_ctx, op->in.pol, *(op->in.sid), False, op->in.num_privs, (const char **)op->in.priv_names); - - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } - - return CAC_SUCCESS; +int cac_LsaAddPrivileges( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct LsaAddPrivileges *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + DOM_SID *user_sid = NULL; + enum lsa_SidType *type = NULL; + + if ( !hnd ) { + return CAC_FAILURE; + } + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !op->in.pol || !op->in.priv_names ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + if ( !op->in.sid && !op->in.name ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + pipe_hnd = cac_GetPipe( hnd, PI_LSARPC ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( op->in.name && !op->in.sid ) { + /*lookup the SID */ + hnd->status = + rpccli_lsa_lookup_names( pipe_hnd, mem_ctx, + op->in.pol, 1, + ( const char ** ) &( op->in. + name ), + NULL, &user_sid, &type ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; + + op->in.sid = user_sid; + } + + hnd->status = + rpccli_lsa_add_account_rights( pipe_hnd, mem_ctx, op->in.pol, + *( op->in.sid ), + op->in.num_privs, + ( const char ** ) op->in. + priv_names ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } + + return CAC_SUCCESS; } -int cac_LsaClearPrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaClearPrivileges *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - - DOM_SID *user_sid = NULL; - enum lsa_SidType *type = NULL; - - if(!hnd) { - return CAC_FAILURE; - } - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || !op->in.pol) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - if(!op->in.sid && !op->in.name) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_LSARPC); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(op->in.name && !op->in.sid) { - /*lookup the SID*/ - hnd->status = rpccli_lsa_lookup_names( pipe_hnd, mem_ctx, op->in.pol, 1, (const char **)&(op->in.name), NULL, &user_sid, &type); - - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; - - op->in.sid = user_sid; - } - - hnd->status = rpccli_lsa_remove_account_rights( pipe_hnd, mem_ctx, op->in.pol, *(op->in.sid), True, 0, NULL); - - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } - - return CAC_SUCCESS; +int cac_LsaRemovePrivileges( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct LsaRemovePrivileges *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + DOM_SID *user_sid = NULL; + enum lsa_SidType *type = NULL; + + if ( !hnd ) { + return CAC_FAILURE; + } + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !op->in.pol || !op->in.priv_names ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + if ( !op->in.sid && !op->in.name ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + pipe_hnd = cac_GetPipe( hnd, PI_LSARPC ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( op->in.name && !op->in.sid ) { + /*lookup the SID */ + hnd->status = + rpccli_lsa_lookup_names( pipe_hnd, mem_ctx, + op->in.pol, 1, + ( const char ** ) &( op->in. + name ), + NULL, &user_sid, &type ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; + + op->in.sid = user_sid; + } + + hnd->status = + rpccli_lsa_remove_account_rights( pipe_hnd, mem_ctx, + op->in.pol, *( op->in.sid ), + False, op->in.num_privs, + ( const char ** ) op->in. + priv_names ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } + + return CAC_SUCCESS; } -int cac_LsaSetPrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaAddPrivileges *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - - DOM_SID *user_sid = NULL; - enum lsa_SidType *type = NULL; - - if(!hnd) { - return CAC_FAILURE; - } - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || !op->in.pol || !op->in.priv_names) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - if(!op->in.sid && !op->in.name) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_LSARPC); - if(!pipe_hnd) { - return CAC_FAILURE; - } - - if(op->in.name && !op->in.sid) { - /*lookup the SID*/ - hnd->status = rpccli_lsa_lookup_names( pipe_hnd, mem_ctx, op->in.pol, 1, (const char **)&(op->in.name), NULL, &user_sid, &type); - - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; - - op->in.sid = user_sid; - } - - /*first remove all privileges*/ - hnd->status = rpccli_lsa_remove_account_rights( pipe_hnd, mem_ctx, op->in.pol, *(op->in.sid), True, 0, NULL); - - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } - - hnd->status = rpccli_lsa_add_account_rights( pipe_hnd, mem_ctx, op->in.pol, *(op->in.sid), op->in.num_privs, (const char **)op->in.priv_names); - - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } +int cac_LsaClearPrivileges( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct LsaClearPrivileges *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + DOM_SID *user_sid = NULL; + enum lsa_SidType *type = NULL; + + if ( !hnd ) { + return CAC_FAILURE; + } + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !op->in.pol ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + if ( !op->in.sid && !op->in.name ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + pipe_hnd = cac_GetPipe( hnd, PI_LSARPC ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( op->in.name && !op->in.sid ) { + /*lookup the SID */ + hnd->status = + rpccli_lsa_lookup_names( pipe_hnd, mem_ctx, + op->in.pol, 1, + ( const char ** ) &( op->in. + name ), + NULL, &user_sid, &type ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; + + op->in.sid = user_sid; + } + + hnd->status = + rpccli_lsa_remove_account_rights( pipe_hnd, mem_ctx, + op->in.pol, *( op->in.sid ), + True, 0, NULL ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } + + return CAC_SUCCESS; +} - return CAC_SUCCESS; +int cac_LsaSetPrivileges( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct LsaAddPrivileges *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + DOM_SID *user_sid = NULL; + enum lsa_SidType *type = NULL; + + if ( !hnd ) { + return CAC_FAILURE; + } + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !op->in.pol || !op->in.priv_names ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + if ( !op->in.sid && !op->in.name ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + pipe_hnd = cac_GetPipe( hnd, PI_LSARPC ); + if ( !pipe_hnd ) { + return CAC_FAILURE; + } + + if ( op->in.name && !op->in.sid ) { + /*lookup the SID */ + hnd->status = + rpccli_lsa_lookup_names( pipe_hnd, mem_ctx, + op->in.pol, 1, + ( const char ** ) &( op->in. + name ), + NULL, &user_sid, &type ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; + + op->in.sid = user_sid; + } + + /*first remove all privileges */ + hnd->status = + rpccli_lsa_remove_account_rights( pipe_hnd, mem_ctx, + op->in.pol, *( op->in.sid ), + True, 0, NULL ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } + + hnd->status = + rpccli_lsa_add_account_rights( pipe_hnd, mem_ctx, op->in.pol, + *( op->in.sid ), + op->in.num_privs, + ( const char ** ) op->in. + priv_names ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } + + return CAC_SUCCESS; } -int cac_LsaGetSecurityObject(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaGetSecurityObject *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_LsaGetSecurityObject( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct LsaGetSecurityObject *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - /*this is taken from rpcclient/cmd_lsarpc.c*/ - uint16 info_level = 4; + /*this is taken from rpcclient/cmd_lsarpc.c */ + uint16 info_level = 4; - SEC_DESC_BUF *sec_out = NULL; + SEC_DESC_BUF *sec_out = NULL; - if(!hnd) { - return CAC_FAILURE; - } + if ( !hnd ) { + return CAC_FAILURE; + } - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_LSARPC] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.pol) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.pol ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_LSARPC); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_LSARPC ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - hnd->status = rpccli_lsa_query_secobj( pipe_hnd, mem_ctx, op->in.pol, info_level, &sec_out); + hnd->status = + rpccli_lsa_query_secobj( pipe_hnd, mem_ctx, op->in.pol, + info_level, &sec_out ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->out.sec = sec_out; + op->out.sec = sec_out; - return CAC_FAILURE; + return CAC_FAILURE; } diff --git a/source3/libmsrpc/cac_samr.c b/source3/libmsrpc/cac_samr.c index 0567188307..aee6080437 100644 --- a/source3/libmsrpc/cac_samr.c +++ b/source3/libmsrpc/cac_samr.c @@ -1,3 +1,4 @@ + /* * Unix SMB/CIFS implementation. * MS-RPC client library implementation (SAMR pipe) @@ -29,2384 +30,2651 @@ /*not sure what this is.. taken from rpcclient/cmd_samr.c*/ #define SAMR_LOOKUP_FLAGS 0x000003e8 -int cac_SamConnect(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamConnect *op) { - SMBCSRV *srv = NULL; - struct rpc_pipe_client *pipe_hnd = NULL; - POLICY_HND *sam_out = NULL; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || op->in.access == 0 || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - srv = cac_GetServer(hnd); - if(!srv) { - hnd->status = NT_STATUS_INVALID_CONNECTION; - return CAC_FAILURE; - } - - /*initialize for samr pipe if we have to*/ - if(!hnd->_internal.pipes[PI_SAMR]) { - if(!(pipe_hnd = cli_rpc_pipe_open_noauth(srv->cli, PI_SAMR, &hnd->status))) { - return CAC_FAILURE; - } - - hnd->_internal.pipes[PI_SAMR] = True; - } - - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - sam_out = talloc(mem_ctx, POLICY_HND); - if(!sam_out) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } +int cac_SamConnect( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamConnect *op ) +{ + SMBCSRV *srv = NULL; + struct rpc_pipe_client *pipe_hnd = NULL; + POLICY_HND *sam_out = NULL; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || op->in.access == 0 || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + srv = cac_GetServer( hnd ); + if ( !srv ) { + hnd->status = NT_STATUS_INVALID_CONNECTION; + return CAC_FAILURE; + } + + /*initialize for samr pipe if we have to */ + if ( !hnd->_internal.pipes[PI_SAMR] ) { + if ( ! + ( pipe_hnd = + cli_rpc_pipe_open_noauth( srv->cli, PI_SAMR, + &hnd->status ) ) ) { + return CAC_FAILURE; + } + + hnd->_internal.pipes[PI_SAMR] = True; + } + + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + sam_out = talloc( mem_ctx, POLICY_HND ); + if ( !sam_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + if ( hnd->_internal.srv_level >= SRV_WIN_2K_SP3 ) { + hnd->status = + rpccli_samr_connect4( pipe_hnd, mem_ctx, + op->in.access, sam_out ); + } + + if ( hnd->_internal.srv_level < SRV_WIN_2K_SP3 + || !NT_STATUS_IS_OK( hnd->status ) ) { + /*if sam_connect4 failed, the use sam_connect and lower srv_level */ + + hnd->status = + rpccli_samr_connect( pipe_hnd, mem_ctx, op->in.access, + sam_out ); + + if ( NT_STATUS_IS_OK( hnd->status ) + && hnd->_internal.srv_level > SRV_WIN_2K ) { + hnd->_internal.srv_level = SRV_WIN_2K; + } + } + + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; + + op->out.sam = sam_out; + + return CAC_SUCCESS; +} - if(hnd->_internal.srv_level >= SRV_WIN_2K_SP3) { - hnd->status = rpccli_samr_connect4( pipe_hnd, mem_ctx, op->in.access, sam_out); - } +int cac_SamClose( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + POLICY_HND * sam ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - if(hnd->_internal.srv_level < SRV_WIN_2K_SP3 || !NT_STATUS_IS_OK(hnd->status)) { - /*if sam_connect4 failed, the use sam_connect and lower srv_level*/ + if ( !hnd ) + return CAC_FAILURE; - hnd->status = rpccli_samr_connect( pipe_hnd, mem_ctx, op->in.access, sam_out); + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(NT_STATUS_IS_OK(hnd->status) && hnd->_internal.srv_level > SRV_WIN_2K) { - hnd->_internal.srv_level = SRV_WIN_2K; - } - } + if ( !sam || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - op->out.sam = sam_out; + hnd->status = rpccli_samr_close( pipe_hnd, mem_ctx, sam ); - return CAC_SUCCESS; -} + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; -int cac_SamClose(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *sam) { - struct rpc_pipe_client *pipe_hnd = NULL; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!sam || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - hnd->status = rpccli_samr_close( pipe_hnd, mem_ctx, sam); - - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; - - return CAC_SUCCESS; + return CAC_SUCCESS; } /*this is an internal function. Due to a circular dependency, it must be prototyped in libmsrpc.h (which I don't want to do) * cac_SamOpenDomain() is the only function that calls it, so I just put the definition here */ + /*attempts to find the sid of the domain we are connected to*/ -DOM_SID *cac_get_domain_sid(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, uint32 des_access) { - struct LsaOpenPolicy lop; - struct LsaFetchSid fs; +DOM_SID *cac_get_domain_sid( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + uint32 des_access ) +{ + struct LsaOpenPolicy lop; + struct LsaFetchSid fs; + + DOM_SID *sid; + + ZERO_STRUCT( lop ); + ZERO_STRUCT( fs ); - DOM_SID *sid; - - ZERO_STRUCT(lop); - ZERO_STRUCT(fs); + lop.in.access = des_access; + lop.in.security_qos = True; - lop.in.access = des_access; - lop.in.security_qos = True; + if ( !cac_LsaOpenPolicy( hnd, mem_ctx, &lop ) ) + return NULL; - if(!cac_LsaOpenPolicy(hnd, mem_ctx, &lop)) - return NULL; + fs.in.pol = lop.out.pol; + fs.in.info_class = CAC_DOMAIN_INFO; - fs.in.pol = lop.out.pol; - fs.in.info_class = CAC_DOMAIN_INFO; + if ( !cac_LsaFetchSid( hnd, mem_ctx, &fs ) ) + return NULL; - if(!cac_LsaFetchSid(hnd, mem_ctx, &fs)) - return NULL; - - cac_LsaClosePolicy(hnd, mem_ctx, lop.out.pol); + cac_LsaClosePolicy( hnd, mem_ctx, lop.out.pol ); - if(!fs.out.domain_sid) - return NULL; + if ( !fs.out.domain_sid ) + return NULL; - sid = (DOM_SID *)talloc_memdup(mem_ctx, &(fs.out.domain_sid->sid), - sizeof(DOM_SID)); + sid = ( DOM_SID * ) talloc_memdup( mem_ctx, + &( fs.out.domain_sid->sid ), + sizeof( DOM_SID ) ); - if(!sid) { - hnd->status = NT_STATUS_NO_MEMORY; - } + if ( !sid ) { + hnd->status = NT_STATUS_NO_MEMORY; + } - return sid; + return sid; } -int cac_SamOpenDomain(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamOpenDomain *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - - DOM_SID *sid_buf; - POLICY_HND *sam_out; - POLICY_HND *pol_out; - - struct SamLookupDomain sld; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || op->in.access == 0 || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - if(!op->in.sam) { - /*use cac_SamConnect() since it does the session setup*/ - struct SamConnect sc; - ZERO_STRUCT(sc); - - sc.in.access = op->in.access; - - if(!cac_SamConnect(hnd, mem_ctx, &sc)) { - return CAC_FAILURE; - } - - sam_out = sc.out.sam; - } - else { - sam_out = op->in.sam; - } - - if(!op->in.sid) { - /*find the sid for the SAM's domain*/ - - /*try using cac_SamLookupDomain() first*/ - ZERO_STRUCT(sld); - - sld.in.sam = sam_out; - sld.in.name = hnd->domain; - - if(cac_SamLookupDomain(hnd, mem_ctx, &sld)) { - /*then we got the sid*/ - sid_buf = sld.out.sid; - } - else { - /*try to get it from the LSA*/ - sid_buf = cac_get_domain_sid(hnd, mem_ctx, op->in.access); - } - } - else { - /*we already have the sid for the domain we want*/ - sid_buf = op->in.sid; - } - - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - pol_out = talloc(mem_ctx, POLICY_HND); - if(!pol_out) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - /*now open the domain*/ - hnd->status = rpccli_samr_open_domain( pipe_hnd, mem_ctx, sam_out, op->in.access, sid_buf, pol_out); - - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; - - op->out.sam = sam_out; - op->out.dom_hnd = pol_out; - - return CAC_SUCCESS; +int cac_SamOpenDomain( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamOpenDomain *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + DOM_SID *sid_buf; + POLICY_HND *sam_out; + POLICY_HND *pol_out; + + struct SamLookupDomain sld; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || op->in.access == 0 || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + if ( !op->in.sam ) { + /*use cac_SamConnect() since it does the session setup */ + struct SamConnect sc; + + ZERO_STRUCT( sc ); + + sc.in.access = op->in.access; + + if ( !cac_SamConnect( hnd, mem_ctx, &sc ) ) { + return CAC_FAILURE; + } + + sam_out = sc.out.sam; + } else { + sam_out = op->in.sam; + } + + if ( !op->in.sid ) { + /*find the sid for the SAM's domain */ + + /*try using cac_SamLookupDomain() first */ + ZERO_STRUCT( sld ); + + sld.in.sam = sam_out; + sld.in.name = hnd->domain; + + if ( cac_SamLookupDomain( hnd, mem_ctx, &sld ) ) { + /*then we got the sid */ + sid_buf = sld.out.sid; + } else { + /*try to get it from the LSA */ + sid_buf = + cac_get_domain_sid( hnd, mem_ctx, + op->in.access ); + } + } else { + /*we already have the sid for the domain we want */ + sid_buf = op->in.sid; + } + + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + pol_out = talloc( mem_ctx, POLICY_HND ); + if ( !pol_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + /*now open the domain */ + hnd->status = + rpccli_samr_open_domain( pipe_hnd, mem_ctx, sam_out, + op->in.access, sid_buf, pol_out ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; + + op->out.sam = sam_out; + op->out.dom_hnd = pol_out; + + return CAC_SUCCESS; } -int cac_SamOpenUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamOpenUser *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamOpenUser( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamOpenUser *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - uint32 *rid_buf = NULL; + uint32 *rid_buf = NULL; - uint32 num_rids = 0; - uint32 *rid_types = NULL; + uint32 num_rids = 0; + uint32 *rid_types = NULL; - POLICY_HND *user_out = NULL; + POLICY_HND *user_out = NULL; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.dom_hnd || op->in.access == 0 || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.dom_hnd || op->in.access == 0 || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - if(op->in.rid == 0 && op->in.name == NULL) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( op->in.rid == 0 && op->in.name == NULL ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(op->in.rid == 0 && op->in.name) { - /*lookup the name and then set rid_buf*/ + if ( op->in.rid == 0 && op->in.name ) { + /*lookup the name and then set rid_buf */ - hnd->status = rpccli_samr_lookup_names( pipe_hnd, mem_ctx, op->in.dom_hnd, SAMR_LOOKUP_FLAGS, 1, (const char **)&op->in.name, - &num_rids, &rid_buf, &rid_types); + hnd->status = + rpccli_samr_lookup_names( pipe_hnd, mem_ctx, + op->in.dom_hnd, + SAMR_LOOKUP_FLAGS, 1, + ( const char ** ) &op->in. + name, &num_rids, &rid_buf, + &rid_types ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - if(num_rids == 0 || rid_buf == NULL || rid_types[0] == SAMR_RID_UNKNOWN) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( num_rids == 0 || rid_buf == NULL + || rid_types[0] == SAMR_RID_UNKNOWN ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - TALLOC_FREE(rid_types); + TALLOC_FREE( rid_types ); - } - else { - rid_buf = &op->in.rid; - } + } else { + rid_buf = &op->in.rid; + } - user_out = talloc(mem_ctx, POLICY_HND); - if(!user_out) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } + user_out = talloc( mem_ctx, POLICY_HND ); + if ( !user_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_open_user(pipe_hnd, mem_ctx, op->in.dom_hnd, op->in.access, *rid_buf, user_out); - - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + hnd->status = + rpccli_samr_open_user( pipe_hnd, mem_ctx, op->in.dom_hnd, + op->in.access, *rid_buf, user_out ); - op->out.user_hnd = user_out; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - return CAC_SUCCESS; + op->out.user_hnd = user_out; + + return CAC_SUCCESS; } -int cac_SamCreateUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamCreateUser *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamCreateUser( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamCreateUser *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - POLICY_HND *user_out = NULL; - uint32 rid_out; + POLICY_HND *user_out = NULL; + uint32 rid_out; /**found in rpcclient/cmd_samr.c*/ - uint32 unknown = 0xe005000b; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || !op->in.dom_hnd || !op->in.name || op->in.acb_mask == 0 || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - user_out = talloc(mem_ctx, POLICY_HND); - if(!user_out) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - hnd->status = rpccli_samr_create_dom_user( pipe_hnd, mem_ctx, op->in.dom_hnd, op->in.name, op->in.acb_mask, unknown, user_out, &rid_out); - - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; - - op->out.user_hnd = user_out; - op->out.rid = rid_out; - - return CAC_SUCCESS; + uint32 unknown = 0xe005000b; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !op->in.dom_hnd || !op->in.name || op->in.acb_mask == 0 + || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + user_out = talloc( mem_ctx, POLICY_HND ); + if ( !user_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + hnd->status = + rpccli_samr_create_dom_user( pipe_hnd, mem_ctx, + op->in.dom_hnd, op->in.name, + op->in.acb_mask, unknown, + user_out, &rid_out ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; + + op->out.user_hnd = user_out; + op->out.rid = rid_out; + + return CAC_SUCCESS; } -int cac_SamDeleteUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *user_hnd) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamDeleteUser( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + POLICY_HND * user_hnd ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!user_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !user_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_delete_dom_user( pipe_hnd, mem_ctx, user_hnd); + hnd->status = + rpccli_samr_delete_dom_user( pipe_hnd, mem_ctx, user_hnd ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamEnumUsers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamEnumUsers *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamEnumUsers( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamEnumUsers *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - uint32 resume_idx_out = 0; - char **names_out = NULL; - uint32 *rids_out = NULL; - uint32 num_users_out = 0; + uint32 resume_idx_out = 0; + char **names_out = NULL; + uint32 *rids_out = NULL; + uint32 num_users_out = 0; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.dom_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.dom_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - /*this is a hack.. but is the only reliable way to know if everything has been enumerated*/ - if(op->out.done == True) - return CAC_FAILURE; + /*this is a hack.. but is the only reliable way to know if everything has been enumerated */ + if ( op->out.done == True ) + return CAC_FAILURE; - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - resume_idx_out = op->out.resume_idx; + resume_idx_out = op->out.resume_idx; - hnd->status = rpccli_samr_enum_dom_users( pipe_hnd, mem_ctx, op->in.dom_hnd, &resume_idx_out, op->in.acb_mask, SAMR_ENUM_MAX_SIZE, - &names_out, &rids_out, &num_users_out); + hnd->status = + rpccli_samr_enum_dom_users( pipe_hnd, mem_ctx, op->in.dom_hnd, + &resume_idx_out, op->in.acb_mask, + SAMR_ENUM_MAX_SIZE, &names_out, + &rids_out, &num_users_out ); - if(NT_STATUS_IS_OK(hnd->status)) - op->out.done = True; + if ( NT_STATUS_IS_OK( hnd->status ) ) + op->out.done = True; - /*if there are no more entries, the operation will return NT_STATUS_OK. - * We want to return failure if no results were returned*/ - if(!NT_STATUS_IS_OK(hnd->status) && NT_STATUS_V(hnd->status) != NT_STATUS_V(STATUS_MORE_ENTRIES)) - return CAC_FAILURE; + /*if there are no more entries, the operation will return NT_STATUS_OK. + * We want to return failure if no results were returned*/ + if ( !NT_STATUS_IS_OK( hnd->status ) + && NT_STATUS_V( hnd->status ) != + NT_STATUS_V( STATUS_MORE_ENTRIES ) ) + return CAC_FAILURE; - op->out.resume_idx= resume_idx_out; - op->out.num_users = num_users_out; - op->out.rids = rids_out; - op->out.names = names_out; + op->out.resume_idx = resume_idx_out; + op->out.num_users = num_users_out; + op->out.rids = rids_out; + op->out.names = names_out; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamGetNamesFromRids(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetNamesFromRids *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - - uint32 num_names_out; - char **names_out; - uint32 *name_types_out; - - - uint32 i = 0; - - CacLookupRidsRecord *map_out; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || !op->in.dom_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - if(!op->in.rids && op->in.num_rids != 0) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - if(op->in.num_rids == 0) { - /*nothing to do*/ - op->out.num_names = 0; - return CAC_SUCCESS; - } - - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - hnd->status = rpccli_samr_lookup_rids( pipe_hnd, mem_ctx, op->in.dom_hnd, op->in.num_rids, op->in.rids, &num_names_out, &names_out, &name_types_out); - - if(!NT_STATUS_IS_OK(hnd->status) && !NT_STATUS_EQUAL(hnd->status, STATUS_SOME_UNMAPPED)) - return CAC_FAILURE; - - map_out = TALLOC_ARRAY(mem_ctx, CacLookupRidsRecord, num_names_out); - if(!map_out) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - for(i = 0; i < num_names_out; i++) { - if(name_types_out[i] == SAMR_RID_UNKNOWN) { - map_out[i].found = False; - map_out[i].name = NULL; - map_out[i].type = 0; - } - else { - map_out[i].found = True; - map_out[i].name = talloc_strdup(mem_ctx, names_out[i]); - map_out[i].type = name_types_out[i]; - } - map_out[i].rid = op->in.rids[i]; - } - - TALLOC_FREE(names_out); - TALLOC_FREE(name_types_out); - - op->out.num_names = num_names_out; - op->out.map = map_out; - - if(NT_STATUS_EQUAL(hnd->status, STATUS_SOME_UNMAPPED)) - return CAC_PARTIAL_SUCCESS; - - return CAC_SUCCESS; +int cac_SamGetNamesFromRids( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamGetNamesFromRids *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + uint32 num_names_out; + char **names_out; + uint32 *name_types_out; + + + uint32 i = 0; + + CacLookupRidsRecord *map_out; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !op->in.dom_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + if ( !op->in.rids && op->in.num_rids != 0 ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + if ( op->in.num_rids == 0 ) { + /*nothing to do */ + op->out.num_names = 0; + return CAC_SUCCESS; + } + + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + hnd->status = + rpccli_samr_lookup_rids( pipe_hnd, mem_ctx, op->in.dom_hnd, + op->in.num_rids, op->in.rids, + &num_names_out, &names_out, + &name_types_out ); + + if ( !NT_STATUS_IS_OK( hnd->status ) + && !NT_STATUS_EQUAL( hnd->status, STATUS_SOME_UNMAPPED ) ) + return CAC_FAILURE; + + map_out = TALLOC_ARRAY( mem_ctx, CacLookupRidsRecord, num_names_out ); + if ( !map_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + for ( i = 0; i < num_names_out; i++ ) { + if ( name_types_out[i] == SAMR_RID_UNKNOWN ) { + map_out[i].found = False; + map_out[i].name = NULL; + map_out[i].type = 0; + } else { + map_out[i].found = True; + map_out[i].name = + talloc_strdup( mem_ctx, names_out[i] ); + map_out[i].type = name_types_out[i]; + } + map_out[i].rid = op->in.rids[i]; + } + + TALLOC_FREE( names_out ); + TALLOC_FREE( name_types_out ); + + op->out.num_names = num_names_out; + op->out.map = map_out; + + if ( NT_STATUS_EQUAL( hnd->status, STATUS_SOME_UNMAPPED ) ) + return CAC_PARTIAL_SUCCESS; + + return CAC_SUCCESS; } -int cac_SamGetRidsFromNames(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetRidsFromNames *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - - uint32 num_rids_out; - uint32 *rids_out; - uint32 *rid_types_out; - - uint32 i = 0; - - CacLookupRidsRecord *map_out; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || !op->in.dom_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - if(!op->in.names && op->in.num_names != 0) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - if(op->in.num_names == 0) { - /*then we don't have to do anything*/ - op->out.num_rids = 0; - return CAC_SUCCESS; - } - - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - hnd->status = rpccli_samr_lookup_names( pipe_hnd, mem_ctx, op->in.dom_hnd, SAMR_LOOKUP_FLAGS, op->in.num_names, (const char **)op->in.names, - &num_rids_out, &rids_out, &rid_types_out); - - if(!NT_STATUS_IS_OK(hnd->status) && !NT_STATUS_EQUAL(hnd->status, STATUS_SOME_UNMAPPED)) - return CAC_FAILURE; - - map_out = TALLOC_ARRAY(mem_ctx, CacLookupRidsRecord, num_rids_out); - if(!map_out) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - for(i = 0; i < num_rids_out; i++) { - - if(rid_types_out[i] == SAMR_RID_UNKNOWN) { - map_out[i].found = False; - map_out[i].rid = 0; - map_out[i].type = 0; - } - else { - map_out[i].found = True; - map_out[i].rid = rids_out[i]; - map_out[i].type = rid_types_out[i]; - } - - map_out[i].name = talloc_strdup(mem_ctx, op->in.names[i]); - } - - op->out.num_rids = num_rids_out; - op->out.map = map_out; - - TALLOC_FREE(rids_out); - TALLOC_FREE(rid_types_out); - - if(NT_STATUS_EQUAL(hnd->status, STATUS_SOME_UNMAPPED)) - return CAC_PARTIAL_SUCCESS; - - return CAC_SUCCESS; +int cac_SamGetRidsFromNames( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamGetRidsFromNames *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + uint32 num_rids_out; + uint32 *rids_out; + uint32 *rid_types_out; + + uint32 i = 0; + + CacLookupRidsRecord *map_out; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !op->in.dom_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + if ( !op->in.names && op->in.num_names != 0 ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + if ( op->in.num_names == 0 ) { + /*then we don't have to do anything */ + op->out.num_rids = 0; + return CAC_SUCCESS; + } + + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + hnd->status = + rpccli_samr_lookup_names( pipe_hnd, mem_ctx, op->in.dom_hnd, + SAMR_LOOKUP_FLAGS, op->in.num_names, + ( const char ** ) op->in.names, + &num_rids_out, &rids_out, + &rid_types_out ); + + if ( !NT_STATUS_IS_OK( hnd->status ) + && !NT_STATUS_EQUAL( hnd->status, STATUS_SOME_UNMAPPED ) ) + return CAC_FAILURE; + + map_out = TALLOC_ARRAY( mem_ctx, CacLookupRidsRecord, num_rids_out ); + if ( !map_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + for ( i = 0; i < num_rids_out; i++ ) { + + if ( rid_types_out[i] == SAMR_RID_UNKNOWN ) { + map_out[i].found = False; + map_out[i].rid = 0; + map_out[i].type = 0; + } else { + map_out[i].found = True; + map_out[i].rid = rids_out[i]; + map_out[i].type = rid_types_out[i]; + } + + map_out[i].name = talloc_strdup( mem_ctx, op->in.names[i] ); + } + + op->out.num_rids = num_rids_out; + op->out.map = map_out; + + TALLOC_FREE( rids_out ); + TALLOC_FREE( rid_types_out ); + + if ( NT_STATUS_EQUAL( hnd->status, STATUS_SOME_UNMAPPED ) ) + return CAC_PARTIAL_SUCCESS; + + return CAC_SUCCESS; } -int cac_SamGetGroupsForUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetGroupsForUser *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamGetGroupsForUser( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamGetGroupsForUser *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + DOM_GID *groups = NULL; + uint32 num_groups_out = 0; - DOM_GID *groups = NULL; - uint32 num_groups_out = 0; + uint32 *rids_out = NULL; + uint32 *attr_out = NULL; - uint32 *rids_out = NULL; - uint32 *attr_out = NULL; + uint32 i; - uint32 i; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd) - return CAC_FAILURE; + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !op || !op->in.user_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - if(!op || !op->in.user_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + hnd->status = + rpccli_samr_query_usergroups( pipe_hnd, mem_ctx, + op->in.user_hnd, + &num_groups_out, &groups ); - hnd->status = rpccli_samr_query_usergroups(pipe_hnd, mem_ctx, op->in.user_hnd, &num_groups_out, &groups); + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + rids_out = talloc_array( mem_ctx, uint32, num_groups_out ); + if ( !rids_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } - rids_out = talloc_array(mem_ctx, uint32, num_groups_out); - if(!rids_out) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } + attr_out = talloc_array( mem_ctx, uint32, num_groups_out ); + if ( !attr_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } - attr_out = talloc_array(mem_ctx, uint32, num_groups_out); - if(!attr_out) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - for(i = 0; i < num_groups_out; i++) { - rids_out[i] = groups[i].g_rid; - attr_out[i] = groups[i].attr; - } + for ( i = 0; i < num_groups_out; i++ ) { + rids_out[i] = groups[i].g_rid; + attr_out[i] = groups[i].attr; + } - TALLOC_FREE(groups); + TALLOC_FREE( groups ); - op->out.num_groups = num_groups_out; - op->out.rids = rids_out; - op->out.attributes = attr_out; + op->out.num_groups = num_groups_out; + op->out.rids = rids_out; + op->out.attributes = attr_out; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamOpenGroup(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamOpenGroup *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamOpenGroup( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamOpenGroup *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - POLICY_HND *group_hnd_out = NULL; + POLICY_HND *group_hnd_out = NULL; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || op->in.access == 0 || op->in.rid == 0 || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || op->in.access == 0 || op->in.rid == 0 || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - group_hnd_out = talloc(mem_ctx, POLICY_HND); - if(!group_hnd_out) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } + group_hnd_out = talloc( mem_ctx, POLICY_HND ); + if ( !group_hnd_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_open_group( pipe_hnd, mem_ctx, op->in.dom_hnd, op->in.access, op->in.rid, group_hnd_out); + hnd->status = + rpccli_samr_open_group( pipe_hnd, mem_ctx, op->in.dom_hnd, + op->in.access, op->in.rid, + group_hnd_out ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->out.group_hnd = group_hnd_out; + op->out.group_hnd = group_hnd_out; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamCreateGroup(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamCreateGroup *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamCreateGroup( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamCreateGroup *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - POLICY_HND *group_hnd_out = NULL; + POLICY_HND *group_hnd_out = NULL; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.name || op->in.name[0] == '\0' || op->in.access == 0 || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.name || op->in.name[0] == '\0' + || op->in.access == 0 || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - group_hnd_out = talloc(mem_ctx, POLICY_HND); - if(!group_hnd_out) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } + group_hnd_out = talloc( mem_ctx, POLICY_HND ); + if ( !group_hnd_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_create_dom_group( pipe_hnd, mem_ctx, op->in.dom_hnd, op->in.name, op->in.access, group_hnd_out); + hnd->status = + rpccli_samr_create_dom_group( pipe_hnd, mem_ctx, + op->in.dom_hnd, op->in.name, + op->in.access, group_hnd_out ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->out.group_hnd = group_hnd_out; + op->out.group_hnd = group_hnd_out; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamDeleteGroup(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *group_hnd) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamDeleteGroup( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + POLICY_HND * group_hnd ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!group_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !group_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_delete_dom_group( pipe_hnd, mem_ctx, group_hnd); + hnd->status = + rpccli_samr_delete_dom_group( pipe_hnd, mem_ctx, group_hnd ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamGetGroupMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetGroupMembers *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamGetGroupMembers( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamGetGroupMembers *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - uint32 num_mem_out; - uint32 *rids_out; - uint32 *attr_out; + uint32 num_mem_out; + uint32 *rids_out; + uint32 *attr_out; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.group_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.group_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_query_groupmem( pipe_hnd, mem_ctx, op->in.group_hnd, &num_mem_out, &rids_out, &attr_out); + hnd->status = + rpccli_samr_query_groupmem( pipe_hnd, mem_ctx, + op->in.group_hnd, &num_mem_out, + &rids_out, &attr_out ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->out.num_members = num_mem_out; - op->out.rids = rids_out; - op->out.attributes = attr_out; + op->out.num_members = num_mem_out; + op->out.rids = rids_out; + op->out.attributes = attr_out; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamAddGroupMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamAddGroupMember *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamAddGroupMember( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamAddGroupMember *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.group_hnd || op->in.rid == 0 || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.group_hnd || op->in.rid == 0 || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_add_groupmem( pipe_hnd, mem_ctx, op->in.group_hnd, op->in.rid); + hnd->status = + rpccli_samr_add_groupmem( pipe_hnd, mem_ctx, op->in.group_hnd, + op->in.rid ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamRemoveGroupMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRemoveGroupMember *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamRemoveGroupMember( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamRemoveGroupMember *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.group_hnd || op->in.rid == 0 || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.group_hnd || op->in.rid == 0 || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_del_groupmem( pipe_hnd, mem_ctx, op->in.group_hnd, op->in.rid); + hnd->status = + rpccli_samr_del_groupmem( pipe_hnd, mem_ctx, op->in.group_hnd, + op->in.rid ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamClearGroupMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *group_hnd) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamClearGroupMembers( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + POLICY_HND * group_hnd ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - int result = CAC_SUCCESS; + int result = CAC_SUCCESS; - int i = 0; + int i = 0; - uint32 num_mem = 0; - uint32 *rid = NULL; - uint32 *attr = NULL; + uint32 num_mem = 0; + uint32 *rid = NULL; + uint32 *attr = NULL; - NTSTATUS status; + NTSTATUS status; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!group_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !group_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_query_groupmem(pipe_hnd, mem_ctx, group_hnd, &num_mem, &rid, &attr); - - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + hnd->status = + rpccli_samr_query_groupmem( pipe_hnd, mem_ctx, group_hnd, + &num_mem, &rid, &attr ); - /*try to delete the users one by one*/ - for(i = 0; i < num_mem && NT_STATUS_IS_OK(hnd->status); i++) { - hnd->status = rpccli_samr_del_groupmem(pipe_hnd, mem_ctx, group_hnd, rid[i]); - } + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - /*if not all members could be removed, then try to re-add the members that were already deleted*/ - if(!NT_STATUS_IS_OK(hnd->status)) { - status = NT_STATUS_OK; + /*try to delete the users one by one */ + for ( i = 0; i < num_mem && NT_STATUS_IS_OK( hnd->status ); i++ ) { + hnd->status = + rpccli_samr_del_groupmem( pipe_hnd, mem_ctx, + group_hnd, rid[i] ); + } - for(i -= 1; i >= 0 && NT_STATUS_IS_OK(status); i--) { - status = rpccli_samr_add_groupmem( pipe_hnd, mem_ctx, group_hnd, rid[i]); - } + /*if not all members could be removed, then try to re-add the members that were already deleted */ + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + status = NT_STATUS_OK; - /*we return with the NTSTATUS error that we got when trying to delete users*/ - if(!NT_STATUS_IS_OK(status)) - result = CAC_FAILURE; - } + for ( i -= 1; i >= 0 && NT_STATUS_IS_OK( status ); i-- ) { + status = rpccli_samr_add_groupmem( pipe_hnd, mem_ctx, + group_hnd, + rid[i] ); + } - TALLOC_FREE(attr); + /*we return with the NTSTATUS error that we got when trying to delete users */ + if ( !NT_STATUS_IS_OK( status ) ) + result = CAC_FAILURE; + } - return result; + TALLOC_FREE( attr ); + + return result; } -int cac_SamSetGroupMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetGroupMembers *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamSetGroupMembers( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamSetGroupMembers *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + uint32 i = 0; - uint32 i = 0; - - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.group_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.group_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - /*use cac_SamClearGroupMembers() to clear them*/ - if(!cac_SamClearGroupMembers(hnd, mem_ctx, op->in.group_hnd)) - return CAC_FAILURE; /*hnd->status is already set*/ + /*use cac_SamClearGroupMembers() to clear them */ + if ( !cac_SamClearGroupMembers( hnd, mem_ctx, op->in.group_hnd ) ) + return CAC_FAILURE; /*hnd->status is already set */ - for(i = 0; i < op->in.num_members && NT_STATUS_IS_OK(hnd->status); i++) { - hnd->status = rpccli_samr_add_groupmem( pipe_hnd, mem_ctx, op->in.group_hnd, op->in.rids[i]); - } + for ( i = 0; i < op->in.num_members && NT_STATUS_IS_OK( hnd->status ); + i++ ) { + hnd->status = + rpccli_samr_add_groupmem( pipe_hnd, mem_ctx, + op->in.group_hnd, + op->in.rids[i] ); + } - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamEnumGroups(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamEnumGroups *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - - uint32 i = 0; - - uint32 resume_idx_out = 0; - char **names_out = NULL; - char **desc_out = NULL; - uint32 *rids_out = NULL; - uint32 num_groups_out = 0; - - struct acct_info *acct_buf = NULL; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || !op->in.dom_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - /*using this BOOL is the only reliable way to know that we are done*/ - if(op->out.done == True) /*we return failure so the call will break out of a loop*/ - return CAC_FAILURE; - - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - resume_idx_out = op->out.resume_idx; - - hnd->status = rpccli_samr_enum_dom_groups( pipe_hnd, mem_ctx, op->in.dom_hnd, &resume_idx_out, SAMR_ENUM_MAX_SIZE, - &acct_buf, &num_groups_out); - - - if(NT_STATUS_IS_OK(hnd->status)) { - op->out.done = True; - } - else if(NT_STATUS_V(hnd->status) != NT_STATUS_V(STATUS_MORE_ENTRIES)) { - /*if there are no more entries, the operation will return NT_STATUS_OK. - * We want to return failure if no results were returned*/ - return CAC_FAILURE; - } - - names_out = talloc_array(mem_ctx, char *, num_groups_out); - if(!names_out) { - hnd->status = NT_STATUS_NO_MEMORY; - TALLOC_FREE(acct_buf); - return CAC_FAILURE; - } - - desc_out = talloc_array(mem_ctx, char *, num_groups_out); - if(!desc_out) { - hnd->status = NT_STATUS_NO_MEMORY; - TALLOC_FREE(acct_buf); - TALLOC_FREE(names_out); - return CAC_FAILURE; - } - - rids_out = talloc_array(mem_ctx, uint32, num_groups_out); - if(!rids_out) { - hnd->status = NT_STATUS_NO_MEMORY; - TALLOC_FREE(acct_buf); - TALLOC_FREE(names_out); - TALLOC_FREE(desc_out); - return CAC_FAILURE; - } - - for(i = 0; i < num_groups_out; i++) { - names_out[i] = talloc_strdup(mem_ctx, acct_buf[i].acct_name); - desc_out[i] = talloc_strdup(mem_ctx, acct_buf[i].acct_desc); - rids_out[i] = acct_buf[i].rid; - - if(!names_out[i] || !desc_out[i]) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - } - - op->out.resume_idx = resume_idx_out; - op->out.num_groups = num_groups_out; - op->out.rids = rids_out; - op->out.names = names_out; - op->out.descriptions = desc_out; - - return CAC_SUCCESS; +int cac_SamEnumGroups( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamEnumGroups *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + uint32 i = 0; + + uint32 resume_idx_out = 0; + char **names_out = NULL; + char **desc_out = NULL; + uint32 *rids_out = NULL; + uint32 num_groups_out = 0; + + struct acct_info *acct_buf = NULL; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !op->in.dom_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + /*using this BOOL is the only reliable way to know that we are done */ + if ( op->out.done == True ) /*we return failure so the call will break out of a loop */ + return CAC_FAILURE; + + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + resume_idx_out = op->out.resume_idx; + + hnd->status = + rpccli_samr_enum_dom_groups( pipe_hnd, mem_ctx, + op->in.dom_hnd, &resume_idx_out, + SAMR_ENUM_MAX_SIZE, &acct_buf, + &num_groups_out ); + + + if ( NT_STATUS_IS_OK( hnd->status ) ) { + op->out.done = True; + } else if ( NT_STATUS_V( hnd->status ) != + NT_STATUS_V( STATUS_MORE_ENTRIES ) ) { + /*if there are no more entries, the operation will return NT_STATUS_OK. + * We want to return failure if no results were returned*/ + return CAC_FAILURE; + } + + names_out = talloc_array( mem_ctx, char *, num_groups_out ); + if ( !names_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + TALLOC_FREE( acct_buf ); + return CAC_FAILURE; + } + + desc_out = talloc_array( mem_ctx, char *, num_groups_out ); + if ( !desc_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + TALLOC_FREE( acct_buf ); + TALLOC_FREE( names_out ); + return CAC_FAILURE; + } + + rids_out = talloc_array( mem_ctx, uint32, num_groups_out ); + if ( !rids_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + TALLOC_FREE( acct_buf ); + TALLOC_FREE( names_out ); + TALLOC_FREE( desc_out ); + return CAC_FAILURE; + } + + for ( i = 0; i < num_groups_out; i++ ) { + names_out[i] = + talloc_strdup( mem_ctx, acct_buf[i].acct_name ); + desc_out[i] = talloc_strdup( mem_ctx, acct_buf[i].acct_desc ); + rids_out[i] = acct_buf[i].rid; + + if ( !names_out[i] || !desc_out[i] ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + } + + op->out.resume_idx = resume_idx_out; + op->out.num_groups = num_groups_out; + op->out.rids = rids_out; + op->out.names = names_out; + op->out.descriptions = desc_out; + + return CAC_SUCCESS; } -int cac_SamEnumAliases(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamEnumAliases *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - - uint32 i = 0; - - uint32 resume_idx_out = 0; - char **names_out = NULL; - char **desc_out = NULL; - uint32 *rids_out = NULL; - uint32 num_als_out = 0; - - struct acct_info *acct_buf = NULL; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || !op->in.dom_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - /*this is a hack.. but is the only reliable way to know if everything has been enumerated*/ - if(op->out.done == True) { - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - resume_idx_out = op->out.resume_idx; - - hnd->status = rpccli_samr_enum_als_groups( pipe_hnd, mem_ctx, op->in.dom_hnd, &resume_idx_out, SAMR_ENUM_MAX_SIZE, - &acct_buf, &num_als_out); - - - if(NT_STATUS_IS_OK(hnd->status)) - op->out.done = True; - - /*if there are no more entries, the operation will return NT_STATUS_OK. - * We want to return failure if no results were returned*/ - if(!NT_STATUS_IS_OK(hnd->status) && NT_STATUS_V(hnd->status) != NT_STATUS_V(STATUS_MORE_ENTRIES)) - return CAC_FAILURE; - - names_out = talloc_array(mem_ctx, char *, num_als_out); - if(!names_out) { - hnd->status = NT_STATUS_NO_MEMORY; - TALLOC_FREE(acct_buf); - return CAC_FAILURE; - } - - desc_out = talloc_array(mem_ctx, char *, num_als_out); - if(!desc_out) { - hnd->status = NT_STATUS_NO_MEMORY; - TALLOC_FREE(acct_buf); - TALLOC_FREE(names_out); - return CAC_FAILURE; - } - - rids_out = talloc_array(mem_ctx, uint32, num_als_out); - if(!rids_out) { - hnd->status = NT_STATUS_NO_MEMORY; - TALLOC_FREE(acct_buf); - TALLOC_FREE(names_out); - TALLOC_FREE(desc_out); - return CAC_FAILURE; - } - - for(i = 0; i < num_als_out; i++) { - names_out[i] = talloc_strdup(mem_ctx, acct_buf[i].acct_name); - desc_out[i] = talloc_strdup(mem_ctx, acct_buf[i].acct_desc); - rids_out[i] = acct_buf[i].rid; - - if(!names_out[i] || !desc_out[i]) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - } - - op->out.resume_idx = resume_idx_out; - op->out.num_aliases = num_als_out; - op->out.rids = rids_out; - op->out.names = names_out; - op->out.descriptions = desc_out; - - return CAC_SUCCESS; +int cac_SamEnumAliases( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamEnumAliases *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + uint32 i = 0; + + uint32 resume_idx_out = 0; + char **names_out = NULL; + char **desc_out = NULL; + uint32 *rids_out = NULL; + uint32 num_als_out = 0; + + struct acct_info *acct_buf = NULL; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !op->in.dom_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + /*this is a hack.. but is the only reliable way to know if everything has been enumerated */ + if ( op->out.done == True ) { + return CAC_FAILURE; + } + + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + resume_idx_out = op->out.resume_idx; + + hnd->status = + rpccli_samr_enum_als_groups( pipe_hnd, mem_ctx, + op->in.dom_hnd, &resume_idx_out, + SAMR_ENUM_MAX_SIZE, &acct_buf, + &num_als_out ); + + + if ( NT_STATUS_IS_OK( hnd->status ) ) + op->out.done = True; + + /*if there are no more entries, the operation will return NT_STATUS_OK. + * We want to return failure if no results were returned*/ + if ( !NT_STATUS_IS_OK( hnd->status ) + && NT_STATUS_V( hnd->status ) != + NT_STATUS_V( STATUS_MORE_ENTRIES ) ) + return CAC_FAILURE; + + names_out = talloc_array( mem_ctx, char *, num_als_out ); + if ( !names_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + TALLOC_FREE( acct_buf ); + return CAC_FAILURE; + } + + desc_out = talloc_array( mem_ctx, char *, num_als_out ); + if ( !desc_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + TALLOC_FREE( acct_buf ); + TALLOC_FREE( names_out ); + return CAC_FAILURE; + } + + rids_out = talloc_array( mem_ctx, uint32, num_als_out ); + if ( !rids_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + TALLOC_FREE( acct_buf ); + TALLOC_FREE( names_out ); + TALLOC_FREE( desc_out ); + return CAC_FAILURE; + } + + for ( i = 0; i < num_als_out; i++ ) { + names_out[i] = + talloc_strdup( mem_ctx, acct_buf[i].acct_name ); + desc_out[i] = talloc_strdup( mem_ctx, acct_buf[i].acct_desc ); + rids_out[i] = acct_buf[i].rid; + + if ( !names_out[i] || !desc_out[i] ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + } + + op->out.resume_idx = resume_idx_out; + op->out.num_aliases = num_als_out; + op->out.rids = rids_out; + op->out.names = names_out; + op->out.descriptions = desc_out; + + return CAC_SUCCESS; } -int cac_SamCreateAlias(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamCreateAlias *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamCreateAlias( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamCreateAlias *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - POLICY_HND *als_hnd_out = NULL; + POLICY_HND *als_hnd_out = NULL; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.name || op->in.name[0] == '\0' || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.name || op->in.name[0] == '\0' || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - als_hnd_out = talloc(mem_ctx, POLICY_HND); - if(!als_hnd_out) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } + als_hnd_out = talloc( mem_ctx, POLICY_HND ); + if ( !als_hnd_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_create_dom_alias( pipe_hnd, mem_ctx, op->in.dom_hnd, op->in.name, als_hnd_out); + hnd->status = + rpccli_samr_create_dom_alias( pipe_hnd, mem_ctx, + op->in.dom_hnd, op->in.name, + als_hnd_out ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->out.alias_hnd = als_hnd_out; + op->out.alias_hnd = als_hnd_out; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamOpenAlias(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamOpenAlias *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamOpenAlias( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamOpenAlias *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - POLICY_HND *als_hnd_out = NULL; + POLICY_HND *als_hnd_out = NULL; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || op->in.access == 0 || op->in.rid == 0 || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || op->in.access == 0 || op->in.rid == 0 || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - als_hnd_out = talloc(mem_ctx, POLICY_HND); - if(!als_hnd_out) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } + als_hnd_out = talloc( mem_ctx, POLICY_HND ); + if ( !als_hnd_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_open_alias( pipe_hnd, mem_ctx, op->in.dom_hnd, op->in.access, op->in.rid, als_hnd_out); + hnd->status = + rpccli_samr_open_alias( pipe_hnd, mem_ctx, op->in.dom_hnd, + op->in.access, op->in.rid, + als_hnd_out ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->out.alias_hnd = als_hnd_out; + op->out.alias_hnd = als_hnd_out; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamDeleteAlias(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *alias_hnd) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamDeleteAlias( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + POLICY_HND * alias_hnd ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!alias_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !alias_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_delete_dom_alias( pipe_hnd, mem_ctx, alias_hnd); + hnd->status = + rpccli_samr_delete_dom_alias( pipe_hnd, mem_ctx, alias_hnd ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamAddAliasMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamAddAliasMember *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamAddAliasMember( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamAddAliasMember *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.alias_hnd || !op->in.sid || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.alias_hnd || !op->in.sid || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_add_aliasmem( pipe_hnd, mem_ctx, op->in.alias_hnd, op->in.sid); + hnd->status = + rpccli_samr_add_aliasmem( pipe_hnd, mem_ctx, op->in.alias_hnd, + op->in.sid ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamRemoveAliasMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRemoveAliasMember *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamRemoveAliasMember( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamRemoveAliasMember *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.alias_hnd || !op->in.sid || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.alias_hnd || !op->in.sid || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_del_aliasmem( pipe_hnd, mem_ctx, op->in.alias_hnd, op->in.sid); + hnd->status = + rpccli_samr_del_aliasmem( pipe_hnd, mem_ctx, op->in.alias_hnd, + op->in.sid ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamGetAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetAliasMembers *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamGetAliasMembers( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamGetAliasMembers *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - uint32 num_mem_out; - DOM_SID *sids_out; + uint32 num_mem_out; + DOM_SID *sids_out; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.alias_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.alias_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_query_aliasmem( pipe_hnd, mem_ctx, op->in.alias_hnd, &num_mem_out, &sids_out); + hnd->status = + rpccli_samr_query_aliasmem( pipe_hnd, mem_ctx, + op->in.alias_hnd, &num_mem_out, + &sids_out ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->out.num_members = num_mem_out; - op->out.sids = sids_out; + op->out.num_members = num_mem_out; + op->out.sids = sids_out; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamClearAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *alias_hnd) { - struct rpc_pipe_client *pipe_hnd = NULL; - - int result = CAC_SUCCESS; - - int i = 0; - - uint32 num_mem = 0; - DOM_SID *sid = NULL; - - NTSTATUS status; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!alias_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } +int cac_SamClearAliasMembers( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + POLICY_HND * alias_hnd ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - hnd->status = rpccli_samr_query_aliasmem(pipe_hnd, mem_ctx, alias_hnd, &num_mem, &sid); - - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + int result = CAC_SUCCESS; - /*try to delete the users one by one*/ - for(i = 0; i < num_mem && NT_STATUS_IS_OK(hnd->status); i++) { - hnd->status = rpccli_samr_del_aliasmem(pipe_hnd, mem_ctx, alias_hnd, &sid[i]); - } + int i = 0; - /*if not all members could be removed, then try to re-add the members that were already deleted*/ - if(!NT_STATUS_IS_OK(hnd->status)) { - status = NT_STATUS_OK; + uint32 num_mem = 0; + DOM_SID *sid = NULL; - for(i -= 1; i >= 0 && NT_STATUS_IS_OK(status); i--) { - status = rpccli_samr_add_aliasmem( pipe_hnd, mem_ctx, alias_hnd, &sid[i]); - } + NTSTATUS status; - /*we return with the NTSTATUS error that we got when trying to delete users*/ - if(!NT_STATUS_IS_OK(status)) - result = CAC_FAILURE; - } + if ( !hnd ) + return CAC_FAILURE; - TALLOC_FREE(sid); - return result; -} + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } -int cac_SamSetAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetAliasMembers *op) { - struct rpc_pipe_client *pipe_hnd = NULL; + if ( !alias_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - uint32 i = 0; - - if(!hnd) - return CAC_FAILURE; + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + hnd->status = + rpccli_samr_query_aliasmem( pipe_hnd, mem_ctx, alias_hnd, + &num_mem, &sid ); - if(!op || !op->in.alias_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + /*try to delete the users one by one */ + for ( i = 0; i < num_mem && NT_STATUS_IS_OK( hnd->status ); i++ ) { + hnd->status = + rpccli_samr_del_aliasmem( pipe_hnd, mem_ctx, + alias_hnd, &sid[i] ); + } - /*use cac_SamClearAliasMembers() to clear them*/ - if(!cac_SamClearAliasMembers(hnd, mem_ctx, op->in.alias_hnd)) - return CAC_FAILURE; /*hnd->status is already set*/ + /*if not all members could be removed, then try to re-add the members that were already deleted */ + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + status = NT_STATUS_OK; + for ( i -= 1; i >= 0 && NT_STATUS_IS_OK( status ); i-- ) { + status = rpccli_samr_add_aliasmem( pipe_hnd, mem_ctx, + alias_hnd, + &sid[i] ); + } - for(i = 0; i < op->in.num_members && NT_STATUS_IS_OK(hnd->status); i++) { - hnd->status = rpccli_samr_add_aliasmem( pipe_hnd, mem_ctx, op->in.alias_hnd, &(op->in.sids[i])); - } + /*we return with the NTSTATUS error that we got when trying to delete users */ + if ( !NT_STATUS_IS_OK( status ) ) + result = CAC_FAILURE; + } - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + TALLOC_FREE( sid ); + return result; +} - return CAC_SUCCESS; +int cac_SamSetAliasMembers( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamSetAliasMembers *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; -} + uint32 i = 0; -int cac_SamUserChangePasswd(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamUserChangePasswd *op) { - SMBCSRV *srv = NULL; - struct rpc_pipe_client *pipe_hnd = NULL; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd) - return CAC_FAILURE; + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!hnd->_internal.ctx) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !op || !op->in.alias_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - if(!op || !op->in.username || !op->in.password || !op->in.new_password || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - srv = cac_GetServer(hnd); - if(!srv) { - hnd->status = NT_STATUS_INVALID_CONNECTION; - return CAC_FAILURE; - } + /*use cac_SamClearAliasMembers() to clear them */ + if ( !cac_SamClearAliasMembers( hnd, mem_ctx, op->in.alias_hnd ) ) + return CAC_FAILURE; /*hnd->status is already set */ - /*open a session on SAMR if we don't have one*/ - if(!hnd->_internal.pipes[PI_SAMR]) { - if(!(pipe_hnd = cli_rpc_pipe_open_noauth(srv->cli, PI_SAMR, &hnd->status))) { - return CAC_FAILURE; - } - hnd->_internal.pipes[PI_SAMR] = True; - } + for ( i = 0; i < op->in.num_members && NT_STATUS_IS_OK( hnd->status ); + i++ ) { + hnd->status = + rpccli_samr_add_aliasmem( pipe_hnd, mem_ctx, + op->in.alias_hnd, + &( op->in.sids[i] ) ); + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - hnd->status = rpccli_samr_chgpasswd_user(pipe_hnd, mem_ctx, op->in.username, op->in.new_password, op->in.password); + return CAC_SUCCESS; - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; +} - return CAC_SUCCESS; +int cac_SamUserChangePasswd( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamUserChangePasswd *op ) +{ + SMBCSRV *srv = NULL; + struct rpc_pipe_client *pipe_hnd = NULL; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !op->in.username || !op->in.password + || !op->in.new_password || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + srv = cac_GetServer( hnd ); + if ( !srv ) { + hnd->status = NT_STATUS_INVALID_CONNECTION; + return CAC_FAILURE; + } + + /*open a session on SAMR if we don't have one */ + if ( !hnd->_internal.pipes[PI_SAMR] ) { + if ( ! + ( pipe_hnd = + cli_rpc_pipe_open_noauth( srv->cli, PI_SAMR, + &hnd->status ) ) ) { + return CAC_FAILURE; + } + + hnd->_internal.pipes[PI_SAMR] = True; + } + + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + hnd->status = + rpccli_samr_chgpasswd_user( pipe_hnd, mem_ctx, + op->in.username, + op->in.new_password, + op->in.password ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; + + return CAC_SUCCESS; } -int cac_SamEnableUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *user_hnd) { - SMBCSRV *srv = NULL; - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamEnableUser( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + POLICY_HND * user_hnd ) +{ + SMBCSRV *srv = NULL; + struct rpc_pipe_client *pipe_hnd = NULL; - SAM_USERINFO_CTR *ctr; + SAM_USERINFO_CTR *ctr; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!user_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !user_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - srv = cac_GetServer(hnd); - if(!srv) { - hnd->status = NT_STATUS_INVALID_CONNECTION; - return CAC_FAILURE; - } + srv = cac_GetServer( hnd ); + if ( !srv ) { + hnd->status = NT_STATUS_INVALID_CONNECTION; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - /*info_level = 21 is the only level that I have found to work reliably. It would be nice if user_level = 10 worked.*/ - hnd->status = rpccli_samr_query_userinfo( pipe_hnd, mem_ctx, user_hnd, 0x10, &ctr); + /*info_level = 21 is the only level that I have found to work reliably. It would be nice if user_level = 10 worked. */ + hnd->status = + rpccli_samr_query_userinfo( pipe_hnd, mem_ctx, user_hnd, 0x10, + &ctr ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; /**check the ACB mask*/ - if((ctr->info.id16->acb_info & ACB_DISABLED) == ACB_DISABLED) { - /*toggle the disabled bit*/ - ctr->info.id16->acb_info ^= ACB_DISABLED; - } - else { - /*the user is already enabled so just return success*/ - return CAC_SUCCESS; - } - - /*now set the userinfo*/ - hnd->status = rpccli_samr_set_userinfo2( pipe_hnd, mem_ctx, user_hnd, 0x10, &srv->cli->user_session_key, ctr); - - /*this will only work properly if we use set_userinfo2 - fail if it is not supported*/ - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; - - return CAC_SUCCESS; + if ( ( ctr->info.id16->acb_info & ACB_DISABLED ) == ACB_DISABLED ) { + /*toggle the disabled bit */ + ctr->info.id16->acb_info ^= ACB_DISABLED; + } else { + /*the user is already enabled so just return success */ + return CAC_SUCCESS; + } + + /*now set the userinfo */ + hnd->status = + rpccli_samr_set_userinfo2( pipe_hnd, mem_ctx, user_hnd, 0x10, + &srv->cli->user_session_key, ctr ); + + /*this will only work properly if we use set_userinfo2 - fail if it is not supported */ + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; + + return CAC_SUCCESS; } -int cac_SamDisableUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *user_hnd) { - SMBCSRV *srv = NULL; - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamDisableUser( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + POLICY_HND * user_hnd ) +{ + SMBCSRV *srv = NULL; + struct rpc_pipe_client *pipe_hnd = NULL; - SAM_USERINFO_CTR *ctr; + SAM_USERINFO_CTR *ctr; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!user_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !user_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - srv = cac_GetServer(hnd); - if(!srv) { - hnd->status = NT_STATUS_INVALID_CONNECTION; - return CAC_FAILURE; - } + srv = cac_GetServer( hnd ); + if ( !srv ) { + hnd->status = NT_STATUS_INVALID_CONNECTION; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_query_userinfo( pipe_hnd, mem_ctx, user_hnd, 0x10, &ctr); + hnd->status = + rpccli_samr_query_userinfo( pipe_hnd, mem_ctx, user_hnd, 0x10, + &ctr ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - if((ctr->info.id16->acb_info & ACB_DISABLED) == ACB_DISABLED) { - /*then the user is already disabled*/ - return CAC_SUCCESS; - } + if ( ( ctr->info.id16->acb_info & ACB_DISABLED ) == ACB_DISABLED ) { + /*then the user is already disabled */ + return CAC_SUCCESS; + } - /*toggle the disabled bit*/ - ctr->info.id16->acb_info ^= ACB_DISABLED; + /*toggle the disabled bit */ + ctr->info.id16->acb_info ^= ACB_DISABLED; - /*this will only work properly if we use set_userinfo2*/ - hnd->status = rpccli_samr_set_userinfo2( pipe_hnd, mem_ctx, user_hnd, 0x10, &srv->cli->user_session_key, ctr); + /*this will only work properly if we use set_userinfo2 */ + hnd->status = + rpccli_samr_set_userinfo2( pipe_hnd, mem_ctx, user_hnd, 0x10, + &srv->cli->user_session_key, ctr ); - /*this will only work properly if we use set_userinfo2 fail if it is not supported*/ - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + /*this will only work properly if we use set_userinfo2 fail if it is not supported */ + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamSetPassword(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetPassword *op) { - SMBCSRV *srv = NULL; - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamSetPassword( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamSetPassword *op ) +{ + SMBCSRV *srv = NULL; + struct rpc_pipe_client *pipe_hnd = NULL; - SAM_USERINFO_CTR ctr; - SAM_USER_INFO_24 info24; - uint8 pw[516]; + SAM_USERINFO_CTR ctr; + SAM_USER_INFO_24 info24; + uint8 pw[516]; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op->in.user_hnd || !op->in.password || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op->in.user_hnd || !op->in.password || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - srv = cac_GetServer(hnd); - if(!srv) { - hnd->status = NT_STATUS_INVALID_CONNECTION; - return CAC_FAILURE; - } + srv = cac_GetServer( hnd ); + if ( !srv ) { + hnd->status = NT_STATUS_INVALID_CONNECTION; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - ZERO_STRUCT(ctr); - ZERO_STRUCT(info24); + ZERO_STRUCT( ctr ); + ZERO_STRUCT( info24 ); - encode_pw_buffer(pw, op->in.password, STR_UNICODE); + encode_pw_buffer( pw, op->in.password, STR_UNICODE ); - init_sam_user_info24(&info24, (char *)pw, 24); + init_sam_user_info24( &info24, ( char * ) pw, 24 ); - ctr.switch_value = 24; - ctr.info.id24 = &info24; + ctr.switch_value = 24; + ctr.info.id24 = &info24; - hnd->status = rpccli_samr_set_userinfo( pipe_hnd, mem_ctx, op->in.user_hnd, 24, &srv->cli->user_session_key, &ctr); + hnd->status = + rpccli_samr_set_userinfo( pipe_hnd, mem_ctx, op->in.user_hnd, + 24, &srv->cli->user_session_key, + &ctr ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamGetUserInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetUserInfo *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamGetUserInfo( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamGetUserInfo *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - SAM_USERINFO_CTR *ctr; + SAM_USERINFO_CTR *ctr; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op->in.user_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op->in.user_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_query_userinfo( pipe_hnd, mem_ctx, op->in.user_hnd, 21, &ctr); + hnd->status = + rpccli_samr_query_userinfo( pipe_hnd, mem_ctx, + op->in.user_hnd, 21, &ctr ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->out.info = cac_MakeUserInfo(mem_ctx, ctr); + op->out.info = cac_MakeUserInfo( mem_ctx, ctr ); - if(!op->out.info) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } + if ( !op->out.info ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamSetUserInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetUserInfo *op) { - SMBCSRV *srv = NULL; - struct rpc_pipe_client *pipe_hnd = NULL; - - SAM_USERINFO_CTR *ctr; - - if(!hnd) - return CAC_FAILURE; +int cac_SamSetUserInfo( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamSetUserInfo *op ) +{ + SMBCSRV *srv = NULL; + struct rpc_pipe_client *pipe_hnd = NULL; + + SAM_USERINFO_CTR *ctr; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op->in.user_hnd || !op->in.info || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + ctr = cac_MakeUserInfoCtr( mem_ctx, op->in.info ); + if ( !ctr ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + srv = cac_GetServer( hnd ); + if ( !srv ) { + hnd->status = NT_STATUS_INVALID_CONNECTION; + return CAC_FAILURE; + } + + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( hnd->_internal.srv_level >= SRV_WIN_NT4 ) { + hnd->status = + rpccli_samr_set_userinfo2( pipe_hnd, mem_ctx, + op->in.user_hnd, 21, + &srv->cli-> + user_session_key, ctr ); + } + + if ( hnd->_internal.srv_level < SRV_WIN_NT4 + || !NT_STATUS_IS_OK( hnd->status ) ) { + hnd->status = + rpccli_samr_set_userinfo( pipe_hnd, mem_ctx, + op->in.user_hnd, 21, + &srv->cli->user_session_key, + ctr ); + + if ( NT_STATUS_IS_OK( hnd->status ) + && hnd->_internal.srv_level > SRV_WIN_NT4 ) { + hnd->_internal.srv_level = SRV_WIN_NT4; + } + } + + + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; + + return CAC_SUCCESS; +} - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - if(!op->in.user_hnd || !op->in.info || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } +int cac_SamGetUserInfoCtr( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamGetUserInfoCtr *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - ctr = cac_MakeUserInfoCtr(mem_ctx, op->in.info); - if(!ctr) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } + SAM_USERINFO_CTR *ctr_out; - srv = cac_GetServer(hnd); - if(!srv) { - hnd->status = NT_STATUS_INVALID_CONNECTION; - return CAC_FAILURE; - } + if ( !hnd ) + return CAC_FAILURE; - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(hnd->_internal.srv_level >= SRV_WIN_NT4) { - hnd->status = rpccli_samr_set_userinfo2( pipe_hnd, mem_ctx, op->in.user_hnd, 21, &srv->cli->user_session_key, ctr); - } + if ( !op->in.user_hnd || op->in.info_class == 0 || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - if(hnd->_internal.srv_level < SRV_WIN_NT4 || !NT_STATUS_IS_OK(hnd->status)) { - hnd->status = rpccli_samr_set_userinfo( pipe_hnd, mem_ctx, op->in.user_hnd, 21, &srv->cli->user_session_key, ctr); + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(NT_STATUS_IS_OK(hnd->status) && hnd->_internal.srv_level > SRV_WIN_NT4) { - hnd->_internal.srv_level = SRV_WIN_NT4; - } - } + hnd->status = + rpccli_samr_query_userinfo( pipe_hnd, mem_ctx, + op->in.user_hnd, + op->in.info_class, &ctr_out ); + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + op->out.ctr = ctr_out; - return CAC_SUCCESS; + return CAC_SUCCESS; } +int cac_SamSetUserInfoCtr( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamSetUserInfoCtr *op ) +{ + SMBCSRV *srv = NULL; + struct rpc_pipe_client *pipe_hnd = NULL; -int cac_SamGetUserInfoCtr(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetUserInfoCtr *op) { - struct rpc_pipe_client *pipe_hnd = NULL; + if ( !hnd ) + return CAC_FAILURE; - SAM_USERINFO_CTR *ctr_out; + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!hnd) - return CAC_FAILURE; + if ( !op->in.user_hnd || !op->in.ctr || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + srv = cac_GetServer( hnd ); + if ( !srv ) { + hnd->status = NT_STATUS_INVALID_CONNECTION; + return CAC_FAILURE; + } - if(!op->in.user_hnd || op->in.info_class == 0 || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - hnd->status = rpccli_samr_query_userinfo( pipe_hnd, mem_ctx, op->in.user_hnd, op->in.info_class, &ctr_out); + hnd->status = + rpccli_samr_set_userinfo( pipe_hnd, mem_ctx, op->in.user_hnd, + op->in.ctr->switch_value, + &srv->cli->user_session_key, + op->in.ctr ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->out.ctr = ctr_out; + return CAC_SUCCESS; - return CAC_SUCCESS; } -int cac_SamSetUserInfoCtr(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetUserInfoCtr *op) { - SMBCSRV *srv = NULL; - struct rpc_pipe_client *pipe_hnd = NULL; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } +int cac_SamRenameUser( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamRenameUser *op ) +{ + SMBCSRV *srv = NULL; + struct rpc_pipe_client *pipe_hnd = NULL; - if(!op->in.user_hnd || !op->in.ctr || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + SAM_USERINFO_CTR ctr; + SAM_USER_INFO_7 info7; - srv = cac_GetServer(hnd); - if(!srv) { - hnd->status = NT_STATUS_INVALID_CONNECTION; - return CAC_FAILURE; - } + if ( !hnd ) + return CAC_FAILURE; - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + if ( !op->in.user_hnd || !op->in.new_name + || op->in.new_name[0] == '\0' || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_set_userinfo( pipe_hnd, mem_ctx, op->in.user_hnd, op->in.ctr->switch_value, &srv->cli->user_session_key, op->in.ctr); + srv = cac_GetServer( hnd ); + if ( !srv ) { + hnd->status = NT_STATUS_INVALID_CONNECTION; + return CAC_FAILURE; + } - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - return CAC_SUCCESS; + ZERO_STRUCT( ctr ); + ZERO_STRUCT( info7 ); -} - -int cac_SamRenameUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRenameUser *op) { - SMBCSRV *srv = NULL; - struct rpc_pipe_client *pipe_hnd = NULL; - - SAM_USERINFO_CTR ctr; - SAM_USER_INFO_7 info7; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + init_sam_user_info7( &info7, op->in.new_name ); - if(!op->in.user_hnd || !op->in.new_name || op->in.new_name[0] == '\0' || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + ctr.switch_value = 7; + ctr.info.id7 = &info7; - srv = cac_GetServer(hnd); - if(!srv) { - hnd->status = NT_STATUS_INVALID_CONNECTION; - return CAC_FAILURE; - } + hnd->status = + rpccli_samr_set_userinfo( pipe_hnd, mem_ctx, op->in.user_hnd, + 7, &srv->cli->user_session_key, + &ctr ); - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - ZERO_STRUCT(ctr); - ZERO_STRUCT(info7); + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - init_sam_user_info7(&info7, op->in.new_name); - - ctr.switch_value = 7; - ctr.info.id7 = &info7; - - hnd->status = rpccli_samr_set_userinfo( pipe_hnd, mem_ctx, op->in.user_hnd, 7, &srv->cli->user_session_key, &ctr); - - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; - - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamGetGroupInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetGroupInfo *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamGetGroupInfo( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamGetGroupInfo *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - GROUP_INFO_CTR *ctr; + GROUP_INFO_CTR *ctr; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op->in.group_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op->in.group_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - /*get a GROUP_INFO_1 structure*/ - hnd->status = rpccli_samr_query_groupinfo( pipe_hnd, mem_ctx, op->in.group_hnd, 1, &ctr); + /*get a GROUP_INFO_1 structure */ + hnd->status = + rpccli_samr_query_groupinfo( pipe_hnd, mem_ctx, + op->in.group_hnd, 1, &ctr ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->out.info = cac_MakeGroupInfo(mem_ctx, ctr); - if(!op->out.info) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } + op->out.info = cac_MakeGroupInfo( mem_ctx, ctr ); + if ( !op->out.info ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamSetGroupInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetGroupInfo *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamSetGroupInfo( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamSetGroupInfo *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - GROUP_INFO_CTR *ctr = NULL; + GROUP_INFO_CTR *ctr = NULL; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op->in.group_hnd || !op->in.info || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op->in.group_hnd || !op->in.info || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - ctr = cac_MakeGroupInfoCtr(mem_ctx, op->in.info); - if(!ctr) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } + ctr = cac_MakeGroupInfoCtr( mem_ctx, op->in.info ); + if ( !ctr ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_set_groupinfo(pipe_hnd, mem_ctx, op->in.group_hnd, ctr); + hnd->status = + rpccli_samr_set_groupinfo( pipe_hnd, mem_ctx, + op->in.group_hnd, ctr ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamRenameGroup(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRenameGroup *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamRenameGroup( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamRenameGroup *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - GROUP_INFO_CTR ctr; + GROUP_INFO_CTR ctr; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op->in.group_hnd || !op->in.new_name || op->in.new_name[0] == '\0' || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op->in.group_hnd || !op->in.new_name + || op->in.new_name[0] == '\0' || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - ZERO_STRUCT(ctr); + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - init_samr_group_info2(&ctr.group.info2, op->in.new_name); - ctr.switch_value1 = 2; - - hnd->status = rpccli_samr_set_groupinfo( pipe_hnd, mem_ctx, op->in.group_hnd, &ctr); + ZERO_STRUCT( ctr ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + init_samr_group_info2( &ctr.group.info2, op->in.new_name ); + ctr.switch_value1 = 2; - return CAC_SUCCESS; -} + hnd->status = + rpccli_samr_set_groupinfo( pipe_hnd, mem_ctx, + op->in.group_hnd, &ctr ); -int cac_SamGetAliasInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetAliasInfo *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - - ALIAS_INFO_CTR ctr; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op->in.alias_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - /*get a GROUP_INFO_1 structure*/ - hnd->status = rpccli_samr_query_alias_info( pipe_hnd, mem_ctx, op->in.alias_hnd, 1, &ctr); - - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; - - op->out.info = cac_MakeAliasInfo(mem_ctx, ctr); - if(!op->out.info) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - return CAC_SUCCESS; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; + return CAC_SUCCESS; } -int cac_SamSetAliasInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetAliasInfo *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamGetAliasInfo( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamGetAliasInfo *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - ALIAS_INFO_CTR *ctr = NULL; + ALIAS_INFO_CTR ctr; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op->in.alias_hnd || !op->in.info || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op->in.alias_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - ctr = cac_MakeAliasInfoCtr(mem_ctx, op->in.info); - if(!ctr) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + /*get a GROUP_INFO_1 structure */ + hnd->status = + rpccli_samr_query_alias_info( pipe_hnd, mem_ctx, + op->in.alias_hnd, 1, &ctr ); - hnd->status = rpccli_samr_set_aliasinfo(pipe_hnd, mem_ctx, op->in.alias_hnd, ctr); + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + op->out.info = cac_MakeAliasInfo( mem_ctx, ctr ); + if ( !op->out.info ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } - return CAC_SUCCESS; -} + return CAC_SUCCESS; -int cac_SamGetDomainInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetDomainInfo *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - - SAM_UNK_CTR ctr; - SAM_UNK_INFO_1 info1; - SAM_UNK_INFO_2 info2; - SAM_UNK_INFO_12 info12; - - /*use this to keep track of a failed call*/ - NTSTATUS status_buf = NT_STATUS_OK; - - uint16 fail_count = 0; - - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op->in.dom_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - /*first try with info 1*/ - hnd->status = rpccli_samr_query_dom_info( pipe_hnd, mem_ctx, op->in.dom_hnd, 1, &ctr); - - if(NT_STATUS_IS_OK(hnd->status)) { - /*then we buffer the SAM_UNK_INFO_1 structure*/ - info1 = ctr.info.inf1; - } - else { - /*then the call failed, store the status and ZERO out the info structure*/ - ZERO_STRUCT(info1); - status_buf = hnd->status; - fail_count++; - } - - /*try again for the next one*/ - hnd->status = rpccli_samr_query_dom_info( pipe_hnd, mem_ctx, op->in.dom_hnd, 2, &ctr); - - if(NT_STATUS_IS_OK(hnd->status)) { - /*store the info*/ - info2 = ctr.info.inf2; - } - else { - /*ZERO out the structure and store the bad status*/ - ZERO_STRUCT(info2); - status_buf = hnd->status; - fail_count++; - } - - /*once more*/ - hnd->status = rpccli_samr_query_dom_info( pipe_hnd, mem_ctx, op->in.dom_hnd, 12, &ctr); - - if(NT_STATUS_IS_OK(hnd->status)) { - info12 = ctr.info.inf12; - } - else { - ZERO_STRUCT(info12); - status_buf = hnd->status; - fail_count++; - } - - /*return failure if all 3 calls failed*/ - if(fail_count == 3) - return CAC_FAILURE; - - op->out.info = cac_MakeDomainInfo(mem_ctx, &info1, &info2, &info12); - - if(!op->out.info) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - if(fail_count > 0) { - hnd->status = status_buf; - return CAC_PARTIAL_SUCCESS; - } - - return CAC_SUCCESS; } -int cac_SamGetDomainInfoCtr(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetDomainInfoCtr *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - - SAM_UNK_CTR *ctr_out; +int cac_SamSetAliasInfo( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamSetAliasInfo *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - if(!hnd) - return CAC_FAILURE; + ALIAS_INFO_CTR *ctr = NULL; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd ) + return CAC_FAILURE; - if(!op->in.dom_hnd || op->in.info_class == 0 || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !op->in.alias_hnd || !op->in.info || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - ctr_out = talloc(mem_ctx, SAM_UNK_CTR); - if(!ctr_out) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } + ctr = cac_MakeAliasInfoCtr( mem_ctx, op->in.info ); + if ( !ctr ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_query_dom_info( pipe_hnd, mem_ctx, op->in.dom_hnd, op->in.info_class, ctr_out); + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + hnd->status = + rpccli_samr_set_aliasinfo( pipe_hnd, mem_ctx, + op->in.alias_hnd, ctr ); - op->out.info = ctr_out; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamGetDisplayInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetDisplayInfo *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - - SAM_DISPINFO_CTR ctr_out; - - uint32 max_entries_buf = 0; - uint32 max_size_buf = 0; - - uint32 resume_idx_out; - uint32 num_entries_out; +int cac_SamGetDomainInfo( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamGetDomainInfo *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + SAM_UNK_CTR ctr; + SAM_UNK_INFO_1 info1; + SAM_UNK_INFO_2 info2; + SAM_UNK_INFO_12 info12; + + /*use this to keep track of a failed call */ + NTSTATUS status_buf = NT_STATUS_OK; + + uint16 fail_count = 0; + + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op->in.dom_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + /*first try with info 1 */ + hnd->status = + rpccli_samr_query_dom_info( pipe_hnd, mem_ctx, op->in.dom_hnd, + 1, &ctr ); + + if ( NT_STATUS_IS_OK( hnd->status ) ) { + /*then we buffer the SAM_UNK_INFO_1 structure */ + info1 = ctr.info.inf1; + } else { + /*then the call failed, store the status and ZERO out the info structure */ + ZERO_STRUCT( info1 ); + status_buf = hnd->status; + fail_count++; + } + + /*try again for the next one */ + hnd->status = + rpccli_samr_query_dom_info( pipe_hnd, mem_ctx, op->in.dom_hnd, + 2, &ctr ); + + if ( NT_STATUS_IS_OK( hnd->status ) ) { + /*store the info */ + info2 = ctr.info.inf2; + } else { + /*ZERO out the structure and store the bad status */ + ZERO_STRUCT( info2 ); + status_buf = hnd->status; + fail_count++; + } + + /*once more */ + hnd->status = + rpccli_samr_query_dom_info( pipe_hnd, mem_ctx, op->in.dom_hnd, + 12, &ctr ); + + if ( NT_STATUS_IS_OK( hnd->status ) ) { + info12 = ctr.info.inf12; + } else { + ZERO_STRUCT( info12 ); + status_buf = hnd->status; + fail_count++; + } + + /*return failure if all 3 calls failed */ + if ( fail_count == 3 ) + return CAC_FAILURE; + + op->out.info = cac_MakeDomainInfo( mem_ctx, &info1, &info2, &info12 ); + + if ( !op->out.info ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + if ( fail_count > 0 ) { + hnd->status = status_buf; + return CAC_PARTIAL_SUCCESS; + } + + return CAC_SUCCESS; +} - if(!hnd) - return CAC_FAILURE; +int cac_SamGetDomainInfoCtr( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamGetDomainInfoCtr *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + SAM_UNK_CTR *ctr_out; - if(!op->in.dom_hnd || op->in.info_class == 0 || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !hnd ) + return CAC_FAILURE; - if(op->out.done == True) /*this is done so we can use the function as a loop condition*/ - return CAC_FAILURE; + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !op->in.dom_hnd || op->in.info_class == 0 || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - if(op->in.max_entries == 0 || op->in.max_size == 0) { - get_query_dispinfo_params(op->out.loop_count, &max_entries_buf, &max_size_buf); - } - else { - max_entries_buf = op->in.max_entries; - max_size_buf = op->in.max_size; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - resume_idx_out = op->out.resume_idx; + ctr_out = talloc( mem_ctx, SAM_UNK_CTR ); + if ( !ctr_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_query_dispinfo( pipe_hnd, mem_ctx, op->in.dom_hnd, &resume_idx_out, op->in.info_class, - &num_entries_out, max_entries_buf, max_size_buf, &ctr_out); + hnd->status = + rpccli_samr_query_dom_info( pipe_hnd, mem_ctx, op->in.dom_hnd, + op->in.info_class, ctr_out ); - if(!NT_STATUS_IS_OK(hnd->status) && !NT_STATUS_EQUAL(hnd->status, STATUS_MORE_ENTRIES)) { - /*be defensive, maybe they'll call again without zeroing the struct*/ - op->out.loop_count = 0; - op->out.resume_idx = 0; - return CAC_FAILURE; - } + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - if(NT_STATUS_IS_OK(hnd->status)) { - /*we want to quit once the function is called next. so it can be used in a loop*/ - op->out.done = True; - } + op->out.info = ctr_out; - op->out.resume_idx = resume_idx_out; - op->out.num_entries = num_entries_out; - op->out.ctr = ctr_out; - op->out.loop_count++; + return CAC_SUCCESS; +} - return CAC_SUCCESS; +int cac_SamGetDisplayInfo( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamGetDisplayInfo *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + SAM_DISPINFO_CTR ctr_out; + + uint32 max_entries_buf = 0; + uint32 max_size_buf = 0; + + uint32 resume_idx_out; + uint32 num_entries_out; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op->in.dom_hnd || op->in.info_class == 0 || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + if ( op->out.done == True ) /*this is done so we can use the function as a loop condition */ + return CAC_FAILURE; + + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( op->in.max_entries == 0 || op->in.max_size == 0 ) { + get_query_dispinfo_params( op->out.loop_count, + &max_entries_buf, &max_size_buf ); + } else { + max_entries_buf = op->in.max_entries; + max_size_buf = op->in.max_size; + } + + resume_idx_out = op->out.resume_idx; + + hnd->status = + rpccli_samr_query_dispinfo( pipe_hnd, mem_ctx, op->in.dom_hnd, + &resume_idx_out, + op->in.info_class, + &num_entries_out, max_entries_buf, + max_size_buf, &ctr_out ); + + if ( !NT_STATUS_IS_OK( hnd->status ) + && !NT_STATUS_EQUAL( hnd->status, STATUS_MORE_ENTRIES ) ) { + /*be defensive, maybe they'll call again without zeroing the struct */ + op->out.loop_count = 0; + op->out.resume_idx = 0; + return CAC_FAILURE; + } + + if ( NT_STATUS_IS_OK( hnd->status ) ) { + /*we want to quit once the function is called next. so it can be used in a loop */ + op->out.done = True; + } + + op->out.resume_idx = resume_idx_out; + op->out.num_entries = num_entries_out; + op->out.ctr = ctr_out; + op->out.loop_count++; + + return CAC_SUCCESS; } -int cac_SamLookupDomain(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamLookupDomain *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamLookupDomain( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamLookupDomain *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + DOM_SID *sid_out = NULL; - DOM_SID *sid_out = NULL; - - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op->in.sam || !op->in.name || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op->in.sam || !op->in.name || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - sid_out = talloc(mem_ctx, DOM_SID); - if(!sid_out) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } + sid_out = talloc( mem_ctx, DOM_SID ); + if ( !sid_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_lookup_domain( pipe_hnd, mem_ctx, op->in.sam, op->in.name, sid_out); + hnd->status = + rpccli_samr_lookup_domain( pipe_hnd, mem_ctx, op->in.sam, + op->in.name, sid_out ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->out.sid = sid_out; + op->out.sid = sid_out; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamGetSecurityObject(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetSecurityObject *op) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_SamGetSecurityObject( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamGetSecurityObject *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - /*this number taken from rpcclient/cmd_samr.c, I think it is the only supported level*/ - uint32 sec_info = DACL_SECURITY_INFORMATION; + /*this number taken from rpcclient/cmd_samr.c, I think it is the only supported level */ + uint32 sec_info = DACL_SECURITY_INFORMATION; - SEC_DESC_BUF *sec_out = NULL; + SEC_DESC_BUF *sec_out = NULL; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op->in.pol || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op->in.pol || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SAMR); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SAMR ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - hnd->status = rpccli_samr_query_sec_obj(pipe_hnd, mem_ctx, op->in.pol, sec_info, mem_ctx, &sec_out); + hnd->status = + rpccli_samr_query_sec_obj( pipe_hnd, mem_ctx, op->in.pol, + sec_info, mem_ctx, &sec_out ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->out.sec = sec_out; + op->out.sec = sec_out; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SamFlush(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamFlush *op) { - struct SamOpenDomain od; +int cac_SamFlush( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SamFlush *op ) +{ + struct SamOpenDomain od; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.dom_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.dom_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - if(!cac_SamClose(hnd, mem_ctx, op->in.dom_hnd)) - return CAC_FAILURE; + if ( !cac_SamClose( hnd, mem_ctx, op->in.dom_hnd ) ) + return CAC_FAILURE; - ZERO_STRUCT(od); - od.in.access = (op->in.access) ? op->in.access : MAXIMUM_ALLOWED_ACCESS; - od.in.sid = op->in.sid; + ZERO_STRUCT( od ); + od.in.access = + ( op->in.access ) ? op->in.access : MAXIMUM_ALLOWED_ACCESS; + od.in.sid = op->in.sid; - if(!cac_SamOpenDomain(hnd, mem_ctx, &od)) - return CAC_FAILURE; + if ( !cac_SamOpenDomain( hnd, mem_ctx, &od ) ) + return CAC_FAILURE; - /*this function does not use an output parameter to make it as convenient as possible to use*/ - *op->in.dom_hnd = *od.out.dom_hnd; + /*this function does not use an output parameter to make it as convenient as possible to use */ + *op->in.dom_hnd = *od.out.dom_hnd; - TALLOC_FREE(od.out.dom_hnd); + TALLOC_FREE( od.out.dom_hnd ); - return CAC_SUCCESS; + return CAC_SUCCESS; } diff --git a/source3/libmsrpc/cac_svcctl.c b/source3/libmsrpc/cac_svcctl.c index 51a5b5d2dd..9f61b42129 100644 --- a/source3/libmsrpc/cac_svcctl.c +++ b/source3/libmsrpc/cac_svcctl.c @@ -1,3 +1,4 @@ + /* * Unix SMB/CIFS implementation. * MS-RPC client library implementation (SVCCTL pipe) @@ -23,259 +24,288 @@ #define WAIT_SLEEP_TIME 300000 -int cac_SvcOpenScm(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcOpenScm *op) { - SMBCSRV *srv = NULL; - struct rpc_pipe_client *pipe_hnd = NULL; - WERROR err; - - POLICY_HND *scm_out = NULL; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || op->in.access == 0 || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - srv = cac_GetServer(hnd); - if(!srv) { - hnd->status = NT_STATUS_INVALID_CONNECTION; - return CAC_FAILURE; - } - - /*initialize for samr pipe if we have to*/ - if(!hnd->_internal.pipes[PI_SVCCTL]) { - if(!(pipe_hnd = cli_rpc_pipe_open_noauth(srv->cli, PI_SVCCTL, &(hnd->status)))) { - hnd->status = NT_STATUS_UNSUCCESSFUL; - return CAC_FAILURE; - } - - hnd->_internal.pipes[PI_SVCCTL] = True; - } - - scm_out = talloc(mem_ctx, POLICY_HND); - if(!scm_out) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - err = rpccli_svcctl_open_scm( pipe_hnd, mem_ctx, scm_out, op->in.access); - hnd->status = werror_to_ntstatus(err); - - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; - - op->out.scm_hnd = scm_out; - - return CAC_SUCCESS; +int cac_SvcOpenScm( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SvcOpenScm *op ) +{ + SMBCSRV *srv = NULL; + struct rpc_pipe_client *pipe_hnd = NULL; + WERROR err; + + POLICY_HND *scm_out = NULL; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || op->in.access == 0 || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + srv = cac_GetServer( hnd ); + if ( !srv ) { + hnd->status = NT_STATUS_INVALID_CONNECTION; + return CAC_FAILURE; + } + + /*initialize for samr pipe if we have to */ + if ( !hnd->_internal.pipes[PI_SVCCTL] ) { + if ( ! + ( pipe_hnd = + cli_rpc_pipe_open_noauth( srv->cli, PI_SVCCTL, + &( hnd->status ) ) ) ) { + hnd->status = NT_STATUS_UNSUCCESSFUL; + return CAC_FAILURE; + } + + hnd->_internal.pipes[PI_SVCCTL] = True; + } + + scm_out = talloc( mem_ctx, POLICY_HND ); + if ( !scm_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + err = rpccli_svcctl_open_scm( pipe_hnd, mem_ctx, scm_out, + op->in.access ); + hnd->status = werror_to_ntstatus( err ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; + + op->out.scm_hnd = scm_out; + + return CAC_SUCCESS; } -int cac_SvcClose(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *scm_hnd) { - struct rpc_pipe_client *pipe_hnd = NULL; - WERROR err; +int cac_SvcClose( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + POLICY_HND * scm_hnd ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + WERROR err; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!scm_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !scm_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SVCCTL); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SVCCTL ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - err = rpccli_svcctl_close_service( pipe_hnd, mem_ctx, scm_hnd); - hnd->status = werror_to_ntstatus(err); + err = rpccli_svcctl_close_service( pipe_hnd, mem_ctx, scm_hnd ); + hnd->status = werror_to_ntstatus( err ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SvcEnumServices(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcEnumServices *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - WERROR err; +int cac_SvcEnumServices( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SvcEnumServices *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + WERROR err; - uint32 type_buf = 0; - uint32 state_buf = 0; + uint32 type_buf = 0; + uint32 state_buf = 0; - uint32 num_svc_out = 0; + uint32 num_svc_out = 0; - ENUM_SERVICES_STATUS *svc_buf = NULL; + ENUM_SERVICES_STATUS *svc_buf = NULL; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.scm_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.scm_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SVCCTL); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SVCCTL ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - type_buf = (op->in.type != 0) ? op->in.type : (SVCCTL_TYPE_DRIVER | SVCCTL_TYPE_WIN32); - state_buf = (op->in.state != 0) ? op->in.state : SVCCTL_STATE_ALL; + type_buf = + ( op->in.type != + 0 ) ? op->in. + type : ( SVCCTL_TYPE_DRIVER | SVCCTL_TYPE_WIN32 ); + state_buf = ( op->in.state != 0 ) ? op->in.state : SVCCTL_STATE_ALL; - err = rpccli_svcctl_enumerate_services( pipe_hnd, mem_ctx, op->in.scm_hnd, type_buf, state_buf, &num_svc_out, &svc_buf); - hnd->status = werror_to_ntstatus(err); + err = rpccli_svcctl_enumerate_services( pipe_hnd, mem_ctx, + op->in.scm_hnd, type_buf, + state_buf, &num_svc_out, + &svc_buf ); + hnd->status = werror_to_ntstatus( err ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->out.services = cac_MakeServiceArray(mem_ctx, svc_buf, num_svc_out); + op->out.services = + cac_MakeServiceArray( mem_ctx, svc_buf, num_svc_out ); - if(!op->out.services) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } + if ( !op->out.services ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } - TALLOC_FREE(svc_buf); + TALLOC_FREE( svc_buf ); - op->out.num_services = num_svc_out; + op->out.num_services = num_svc_out; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SvcOpenService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcOpenService *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - WERROR err; +int cac_SvcOpenService( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SvcOpenService *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + WERROR err; - POLICY_HND *svc_hnd_out = NULL; + POLICY_HND *svc_hnd_out = NULL; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.scm_hnd || !op->in.name || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.scm_hnd || !op->in.name || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SVCCTL); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SVCCTL ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - svc_hnd_out = talloc(mem_ctx, POLICY_HND); - if(!svc_hnd_out) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } + svc_hnd_out = talloc( mem_ctx, POLICY_HND ); + if ( !svc_hnd_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } - err = rpccli_svcctl_open_service( pipe_hnd, mem_ctx, op->in.scm_hnd, svc_hnd_out, op->in.name, op->in.access); - hnd->status = werror_to_ntstatus(err); + err = rpccli_svcctl_open_service( pipe_hnd, mem_ctx, op->in.scm_hnd, + svc_hnd_out, op->in.name, + op->in.access ); + hnd->status = werror_to_ntstatus( err ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->out.svc_hnd = svc_hnd_out; + op->out.svc_hnd = svc_hnd_out; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SvcControlService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcControlService *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - WERROR err; +int cac_SvcControlService( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SvcControlService *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + WERROR err; - SERVICE_STATUS status_out; + SERVICE_STATUS status_out; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.svc_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.svc_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - if(op->in.control < SVCCTL_CONTROL_STOP || op->in.control > SVCCTL_CONTROL_SHUTDOWN) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( op->in.control < SVCCTL_CONTROL_STOP + || op->in.control > SVCCTL_CONTROL_SHUTDOWN ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SVCCTL); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SVCCTL ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - err = rpccli_svcctl_control_service( pipe_hnd, mem_ctx, op->in.svc_hnd, op->in.control, &status_out); - hnd->status = werror_to_ntstatus(err); + err = rpccli_svcctl_control_service( pipe_hnd, mem_ctx, + op->in.svc_hnd, op->in.control, + &status_out ); + hnd->status = werror_to_ntstatus( err ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SvcGetStatus(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcGetStatus *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - WERROR err; +int cac_SvcGetStatus( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SvcGetStatus *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + WERROR err; - SERVICE_STATUS status_out; + SERVICE_STATUS status_out; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.svc_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.svc_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SVCCTL); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SVCCTL ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - err = rpccli_svcctl_query_status( pipe_hnd, mem_ctx, op->in.svc_hnd, &status_out); - hnd->status = werror_to_ntstatus(err); + err = rpccli_svcctl_query_status( pipe_hnd, mem_ctx, op->in.svc_hnd, + &status_out ); + hnd->status = werror_to_ntstatus( err ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->out.status = status_out; + op->out.status = status_out; - return CAC_SUCCESS; + return CAC_SUCCESS; } @@ -288,273 +318,313 @@ int cac_SvcGetStatus(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcGetSta * returns CAC_FAILURE if the state is never reached * or CAC_SUCCESS if the state is reached */ -int cac_WaitForService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *svc_hnd, uint32 state, uint32 timeout, SERVICE_STATUS *status) { - struct rpc_pipe_client *pipe_hnd = NULL; - /*number of milliseconds we have spent*/ - uint32 time_spent = 0; - WERROR err; - - if(!hnd || !mem_ctx || !svc_hnd || !status) - return CAC_FAILURE; - - pipe_hnd = cac_GetPipe(hnd, PI_SVCCTL); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - while(status->state != state && time_spent < (timeout * 1000000) && NT_STATUS_IS_OK(hnd->status)) { - /*if this is the first call, then we _just_ got the status.. sleep now*/ - usleep(WAIT_SLEEP_TIME); - time_spent += WAIT_SLEEP_TIME; - - err = rpccli_svcctl_query_status(pipe_hnd, mem_ctx, svc_hnd, status); - hnd->status = werror_to_ntstatus(err); - } - - if(status->state == state) - return CAC_SUCCESS; - - return CAC_FAILURE; +int cac_WaitForService( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + POLICY_HND * svc_hnd, uint32 state, uint32 timeout, + SERVICE_STATUS * status ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + /*number of milliseconds we have spent */ + uint32 time_spent = 0; + WERROR err; + + if ( !hnd || !mem_ctx || !svc_hnd || !status ) + return CAC_FAILURE; + + pipe_hnd = cac_GetPipe( hnd, PI_SVCCTL ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + while ( status->state != state && time_spent < ( timeout * 1000000 ) + && NT_STATUS_IS_OK( hnd->status ) ) { + /*if this is the first call, then we _just_ got the status.. sleep now */ + usleep( WAIT_SLEEP_TIME ); + time_spent += WAIT_SLEEP_TIME; + + err = rpccli_svcctl_query_status( pipe_hnd, mem_ctx, svc_hnd, + status ); + hnd->status = werror_to_ntstatus( err ); + } + + if ( status->state == state ) + return CAC_SUCCESS; + + return CAC_FAILURE; } -int cac_SvcStartService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcStartService *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - WERROR err; +int cac_SvcStartService( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SvcStartService *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + WERROR err; - SERVICE_STATUS status_buf; + SERVICE_STATUS status_buf; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.svc_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.svc_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - if(op->in.num_parms != 0 && op->in.parms == NULL) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( op->in.num_parms != 0 && op->in.parms == NULL ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SVCCTL); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SVCCTL ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - err = rpccli_svcctl_start_service(pipe_hnd, mem_ctx, op->in.svc_hnd, (const char **)op->in.parms, op->in.num_parms); - hnd->status = werror_to_ntstatus(err); + err = rpccli_svcctl_start_service( pipe_hnd, mem_ctx, op->in.svc_hnd, + ( const char ** ) op->in.parms, + op->in.num_parms ); + hnd->status = werror_to_ntstatus( err ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - if(op->in.timeout == 0) - return CAC_SUCCESS; + if ( op->in.timeout == 0 ) + return CAC_SUCCESS; - return cac_WaitForService(hnd, mem_ctx, op->in.svc_hnd, SVCCTL_RUNNING, op->in.timeout, &status_buf); + return cac_WaitForService( hnd, mem_ctx, op->in.svc_hnd, + SVCCTL_RUNNING, op->in.timeout, + &status_buf ); } -int cac_SvcStopService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcStopService *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - WERROR err; +int cac_SvcStopService( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SvcStopService *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + WERROR err; - SERVICE_STATUS status_out; + SERVICE_STATUS status_out; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.svc_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.svc_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SVCCTL); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SVCCTL ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - err = rpccli_svcctl_control_service( pipe_hnd, mem_ctx, op->in.svc_hnd, SVCCTL_CONTROL_STOP, &status_out); - hnd->status = werror_to_ntstatus(err); + err = rpccli_svcctl_control_service( pipe_hnd, mem_ctx, + op->in.svc_hnd, + SVCCTL_CONTROL_STOP, + &status_out ); + hnd->status = werror_to_ntstatus( err ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->out.status = status_out; + op->out.status = status_out; - if(op->in.timeout == 0) - return CAC_SUCCESS; + if ( op->in.timeout == 0 ) + return CAC_SUCCESS; - return cac_WaitForService(hnd, mem_ctx, op->in.svc_hnd, SVCCTL_STOPPED, op->in.timeout, &op->out.status); + return cac_WaitForService( hnd, mem_ctx, op->in.svc_hnd, + SVCCTL_STOPPED, op->in.timeout, + &op->out.status ); } -int cac_SvcPauseService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcPauseService *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - WERROR err; +int cac_SvcPauseService( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SvcPauseService *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + WERROR err; - SERVICE_STATUS status_out; + SERVICE_STATUS status_out; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.svc_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.svc_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SVCCTL); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SVCCTL ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - err = rpccli_svcctl_control_service( pipe_hnd, mem_ctx, op->in.svc_hnd, SVCCTL_CONTROL_PAUSE, &status_out); - hnd->status = werror_to_ntstatus(err); + err = rpccli_svcctl_control_service( pipe_hnd, mem_ctx, + op->in.svc_hnd, + SVCCTL_CONTROL_PAUSE, + &status_out ); + hnd->status = werror_to_ntstatus( err ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->out.status = status_out; + op->out.status = status_out; - if(op->in.timeout == 0) - return CAC_SUCCESS; + if ( op->in.timeout == 0 ) + return CAC_SUCCESS; - return cac_WaitForService(hnd, mem_ctx, op->in.svc_hnd, SVCCTL_PAUSED, op->in.timeout, &op->out.status); + return cac_WaitForService( hnd, mem_ctx, op->in.svc_hnd, + SVCCTL_PAUSED, op->in.timeout, + &op->out.status ); } -int cac_SvcContinueService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcContinueService *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - WERROR err; +int cac_SvcContinueService( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SvcContinueService *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + WERROR err; - SERVICE_STATUS status_out; + SERVICE_STATUS status_out; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.svc_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.svc_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SVCCTL); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SVCCTL ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - err = rpccli_svcctl_control_service( pipe_hnd, mem_ctx, op->in.svc_hnd, SVCCTL_CONTROL_CONTINUE, &status_out); - hnd->status = werror_to_ntstatus(err); + err = rpccli_svcctl_control_service( pipe_hnd, mem_ctx, + op->in.svc_hnd, + SVCCTL_CONTROL_CONTINUE, + &status_out ); + hnd->status = werror_to_ntstatus( err ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->out.status = status_out; + op->out.status = status_out; - if(op->in.timeout == 0) - return CAC_SUCCESS; + if ( op->in.timeout == 0 ) + return CAC_SUCCESS; - return cac_WaitForService(hnd, mem_ctx, op->in.svc_hnd, SVCCTL_RUNNING, op->in.timeout, &op->out.status); + return cac_WaitForService( hnd, mem_ctx, op->in.svc_hnd, + SVCCTL_RUNNING, op->in.timeout, + &op->out.status ); } -int cac_SvcGetDisplayName(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcGetDisplayName *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - WERROR err; +int cac_SvcGetDisplayName( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SvcGetDisplayName *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + WERROR err; - fstring disp_name_out; + fstring disp_name_out; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.svc_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.svc_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SVCCTL); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SVCCTL ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - err = rpccli_svcctl_get_dispname( pipe_hnd, mem_ctx, op->in.svc_hnd, disp_name_out); - hnd->status = werror_to_ntstatus(err); + err = rpccli_svcctl_get_dispname( pipe_hnd, mem_ctx, op->in.svc_hnd, + disp_name_out ); + hnd->status = werror_to_ntstatus( err ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->out.display_name = talloc_strdup(mem_ctx, disp_name_out); + op->out.display_name = talloc_strdup( mem_ctx, disp_name_out ); - if(!op->out.display_name) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } + if ( !op->out.display_name ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_SvcGetServiceConfig(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcGetServiceConfig *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - WERROR err; +int cac_SvcGetServiceConfig( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct SvcGetServiceConfig *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + WERROR err; + + SERVICE_CONFIG config_out; - SERVICE_CONFIG config_out; - - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.svc_hnd || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.svc_hnd || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_SVCCTL); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_SVCCTL ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - err = rpccli_svcctl_query_config( pipe_hnd, mem_ctx, op->in.svc_hnd, &config_out); - hnd->status = werror_to_ntstatus(err); + err = rpccli_svcctl_query_config( pipe_hnd, mem_ctx, op->in.svc_hnd, + &config_out ); + hnd->status = werror_to_ntstatus( err ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - if(!cac_InitCacServiceConfig(mem_ctx, &config_out, &op->out.config)) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } + if ( !cac_InitCacServiceConfig + ( mem_ctx, &config_out, &op->out.config ) ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } - return CAC_SUCCESS; + return CAC_SUCCESS; } diff --git a/source3/libmsrpc/cac_winreg.c b/source3/libmsrpc/cac_winreg.c index 448197627e..9e32a36082 100644 --- a/source3/libmsrpc/cac_winreg.c +++ b/source3/libmsrpc/cac_winreg.c @@ -1,3 +1,4 @@ + /* * Unix SMB/CIFS implementation. * MS-RPC client library implementation (WINREG pipe) @@ -22,982 +23,1086 @@ #include "libmsrpc_internal.h" -int cac_RegConnect(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegConnect *op) { - SMBCSRV *srv = NULL; - struct rpc_pipe_client *pipe_hnd = NULL; - POLICY_HND *key = NULL; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || !op->in.root || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - srv = cac_GetServer(hnd); - if(!srv) { - hnd->status = NT_STATUS_INVALID_CONNECTION; - return CAC_FAILURE; - } - - /*initialize for winreg pipe if we have to*/ - if(!hnd->_internal.pipes[PI_WINREG]) { - if(!(pipe_hnd = cli_rpc_pipe_open_noauth(srv->cli, PI_WINREG, &hnd->status))) { - return CAC_FAILURE; - } - - hnd->_internal.pipes[PI_WINREG] = True; - } - - pipe_hnd = cac_GetPipe(hnd, PI_WINREG); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - key = talloc(mem_ctx, POLICY_HND); - if(!key) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - hnd->status = rpccli_winreg_connect( pipe_hnd, mem_ctx, op->in.root, op->in.access, key); - - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } - - op->out.key = key; - - return CAC_SUCCESS; +int cac_RegConnect( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct RegConnect *op ) +{ + SMBCSRV *srv = NULL; + struct rpc_pipe_client *pipe_hnd = NULL; + POLICY_HND *key = NULL; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !op->in.root || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + srv = cac_GetServer( hnd ); + if ( !srv ) { + hnd->status = NT_STATUS_INVALID_CONNECTION; + return CAC_FAILURE; + } + + /*initialize for winreg pipe if we have to */ + if ( !hnd->_internal.pipes[PI_WINREG] ) { + if ( ! + ( pipe_hnd = + cli_rpc_pipe_open_noauth( srv->cli, PI_WINREG, + &hnd->status ) ) ) { + return CAC_FAILURE; + } + + hnd->_internal.pipes[PI_WINREG] = True; + } + + pipe_hnd = cac_GetPipe( hnd, PI_WINREG ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + key = talloc( mem_ctx, POLICY_HND ); + if ( !key ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + hnd->status = + rpccli_winreg_connect( pipe_hnd, mem_ctx, op->in.root, + op->in.access, key ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } + + op->out.key = key; + + return CAC_SUCCESS; } -int cac_RegClose(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *key) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_RegClose( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + POLICY_HND * key ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!key || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !key || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_WINREG); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_WINREG ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - hnd->status = rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, key); + hnd->status = rpccli_winreg_CloseKey( pipe_hnd, mem_ctx, key ); - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_RegOpenKey(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegOpenKey *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - struct winreg_String key_string; +int cac_RegOpenKey( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct RegOpenKey *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + struct winreg_String key_string; - POLICY_HND *key_out; - POLICY_HND *parent_key; + POLICY_HND *key_out; + POLICY_HND *parent_key; - char *key_name = NULL; - uint32 reg_type = 0; + char *key_name = NULL; + uint32 reg_type = 0; - struct RegConnect rc; + struct RegConnect rc; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.name || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.name || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - key_out = talloc(mem_ctx, POLICY_HND); - if(!key_out) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } + key_out = talloc( mem_ctx, POLICY_HND ); + if ( !key_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } - if(!op->in.parent_key) { - /*then we need to connect to the registry*/ - if(!cac_ParseRegPath(op->in.name, ®_type, &key_name)) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op->in.parent_key ) { + /*then we need to connect to the registry */ + if ( !cac_ParseRegPath( op->in.name, ®_type, &key_name ) ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - /*use cac_RegConnect because it handles the session setup*/ - ZERO_STRUCT(rc); + /*use cac_RegConnect because it handles the session setup */ + ZERO_STRUCT( rc ); - rc.in.access = op->in.access; - rc.in.root = reg_type; + rc.in.access = op->in.access; + rc.in.root = reg_type; - if(!cac_RegConnect(hnd, mem_ctx, &rc)) { - return CAC_FAILURE; - } + if ( !cac_RegConnect( hnd, mem_ctx, &rc ) ) { + return CAC_FAILURE; + } /**if they only specified the root key, return the key we just opened*/ - if(key_name == NULL) { - op->out.key = rc.out.key; - return CAC_SUCCESS; - } - - parent_key = rc.out.key; - } - else { - parent_key = op->in.parent_key; - key_name = op->in.name; - } - - pipe_hnd = cac_GetPipe(hnd, PI_WINREG); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - key_string.name = key_name; - hnd->status = rpccli_winreg_OpenKey( pipe_hnd, mem_ctx, parent_key, key_string, 0, op->in.access, key_out); - - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } - - if(!op->in.parent_key) { - /*then close the one that we opened above*/ - hnd->status = rpccli_winreg_CloseKey( pipe_hnd, mem_ctx, parent_key); - - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } - } - - op->out.key = key_out; - - return CAC_SUCCESS; + if ( key_name == NULL ) { + op->out.key = rc.out.key; + return CAC_SUCCESS; + } + + parent_key = rc.out.key; + } else { + parent_key = op->in.parent_key; + key_name = op->in.name; + } + + pipe_hnd = cac_GetPipe( hnd, PI_WINREG ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + key_string.name = key_name; + hnd->status = + rpccli_winreg_OpenKey( pipe_hnd, mem_ctx, parent_key, + key_string, 0, op->in.access, + key_out ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } + + if ( !op->in.parent_key ) { + /*then close the one that we opened above */ + hnd->status = + rpccli_winreg_CloseKey( pipe_hnd, mem_ctx, + parent_key ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } + } + + op->out.key = key_out; + + return CAC_SUCCESS; } -int cac_RegEnumKeys(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegEnumKeys *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - - /*buffers for rpccli_reg_enum_key call*/ - fstring key_name_in; - fstring class_name_in; - - /*output buffers*/ - char **key_names_out = NULL; - char **class_names_out = NULL; - time_t *mod_times_out = NULL; - uint32 num_keys_out = 0; - uint32 resume_idx = 0; - - if(!hnd) - return CAC_FAILURE; - - /*this is to avoid useless rpc calls, if the last call exhausted all the keys, then we don't need to go through everything again*/ - if(NT_STATUS_V(hnd->status) == NT_STATUS_V(NT_STATUS_GUIDS_EXHAUSTED)) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || op->in.max_keys == 0 || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_WINREG); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } +int cac_RegEnumKeys( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct RegEnumKeys *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + /*buffers for rpccli_reg_enum_key call */ + fstring key_name_in; + fstring class_name_in; + + /*output buffers */ + char **key_names_out = NULL; + char **class_names_out = NULL; + time_t *mod_times_out = NULL; + uint32 num_keys_out = 0; + uint32 resume_idx = 0; + + if ( !hnd ) + return CAC_FAILURE; + + /*this is to avoid useless rpc calls, if the last call exhausted all the keys, then we don't need to go through everything again */ + if ( NT_STATUS_V( hnd->status ) == + NT_STATUS_V( NT_STATUS_GUIDS_EXHAUSTED ) ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || op->in.max_keys == 0 || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + pipe_hnd = cac_GetPipe( hnd, PI_WINREG ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } /**the only way to know how many keys to expect is to assume max_keys keys will be found*/ - key_names_out = TALLOC_ARRAY(mem_ctx, char *, op->in.max_keys); - if(!key_names_out) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - class_names_out = TALLOC_ARRAY(mem_ctx, char *, op->in.max_keys); - if(!class_names_out) { - hnd->status = NT_STATUS_NO_MEMORY; - TALLOC_FREE(key_names_out); - return CAC_FAILURE; - } - - mod_times_out = TALLOC_ARRAY(mem_ctx, time_t, op->in.max_keys); - if(!mod_times_out) { - hnd->status = NT_STATUS_NO_MEMORY; - TALLOC_FREE(key_names_out); - TALLOC_FREE(class_names_out); - - return CAC_FAILURE; - } - - resume_idx = op->out.resume_idx; - - do { - hnd->status = rpccli_winreg_enum_key( pipe_hnd, mem_ctx, op->in.key, resume_idx, key_name_in, class_name_in, &mod_times_out[num_keys_out]); - - if(!NT_STATUS_IS_OK(hnd->status)) { - /*don't increment any values*/ - break; - } - - key_names_out[num_keys_out] = talloc_strdup(mem_ctx, key_name_in); - - class_names_out[num_keys_out] = talloc_strdup(mem_ctx, class_name_in); - - if(!key_names_out[num_keys_out] || !class_names_out[num_keys_out]) { - hnd->status = NT_STATUS_NO_MEMORY; - break; - } - - resume_idx++; - num_keys_out++; - } while(num_keys_out < op->in.max_keys); - - if(CAC_OP_FAILED(hnd->status)) { - op->out.num_keys = 0; - return CAC_FAILURE; - } - - op->out.resume_idx = resume_idx; - op->out.num_keys = num_keys_out; - op->out.key_names = key_names_out; - op->out.class_names = class_names_out; - op->out.mod_times = mod_times_out; - - return CAC_SUCCESS; + key_names_out = TALLOC_ARRAY( mem_ctx, char *, op->in.max_keys ); + if ( !key_names_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + class_names_out = TALLOC_ARRAY( mem_ctx, char *, op->in.max_keys ); + if ( !class_names_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + TALLOC_FREE( key_names_out ); + return CAC_FAILURE; + } + + mod_times_out = TALLOC_ARRAY( mem_ctx, time_t, op->in.max_keys ); + if ( !mod_times_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + TALLOC_FREE( key_names_out ); + TALLOC_FREE( class_names_out ); + + return CAC_FAILURE; + } + + resume_idx = op->out.resume_idx; + + do { + hnd->status = + rpccli_winreg_enum_key( pipe_hnd, mem_ctx, op->in.key, + resume_idx, key_name_in, + class_name_in, + &mod_times_out + [num_keys_out] ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + /*don't increment any values */ + break; + } + + key_names_out[num_keys_out] = + talloc_strdup( mem_ctx, key_name_in ); + + class_names_out[num_keys_out] = + talloc_strdup( mem_ctx, class_name_in ); + + if ( !key_names_out[num_keys_out] + || !class_names_out[num_keys_out] ) { + hnd->status = NT_STATUS_NO_MEMORY; + break; + } + + resume_idx++; + num_keys_out++; + } while ( num_keys_out < op->in.max_keys ); + + if ( CAC_OP_FAILED( hnd->status ) ) { + op->out.num_keys = 0; + return CAC_FAILURE; + } + + op->out.resume_idx = resume_idx; + op->out.num_keys = num_keys_out; + op->out.key_names = key_names_out; + op->out.class_names = class_names_out; + op->out.mod_times = mod_times_out; + + return CAC_SUCCESS; } -int cac_RegCreateKey(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegCreateKey *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - POLICY_HND *key_out; - struct RegOpenKey rok; - struct winreg_String key_string, class_string; - enum winreg_CreateAction action = 0; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || !op->in.parent_key || !op->in.key_name || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - /*first try to open the key - we use cac_RegOpenKey(). this doubles as a way to ensure the winreg pipe is initialized*/ - ZERO_STRUCT(rok); - - rok.in.name = op->in.key_name; - rok.in.access = op->in.access; - rok.in.parent_key = op->in.parent_key; - - if(cac_RegOpenKey(hnd, mem_ctx, &rok)) { - /*then we got the key, return*/ - op->out.key = rok.out.key; - return CAC_SUCCESS; - } - - /*just be ultra-safe*/ - pipe_hnd = cac_GetPipe(hnd, PI_WINREG); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - key_out = talloc(mem_ctx, POLICY_HND); - if(!key_out) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - key_string.name = op->in.key_name; - class_string.name = op->in.class_name; - hnd->status = rpccli_winreg_CreateKey( pipe_hnd, mem_ctx, op->in.parent_key, - key_string, class_string, 0, op->in.access, NULL, key_out, &action); - - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } - - op->out.key = key_out; - - return CAC_SUCCESS; +int cac_RegCreateKey( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct RegCreateKey *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + POLICY_HND *key_out; + struct RegOpenKey rok; + struct winreg_String key_string, class_string; + enum winreg_CreateAction action = 0; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !op->in.parent_key || !op->in.key_name || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + /*first try to open the key - we use cac_RegOpenKey(). this doubles as a way to ensure the winreg pipe is initialized */ + ZERO_STRUCT( rok ); + + rok.in.name = op->in.key_name; + rok.in.access = op->in.access; + rok.in.parent_key = op->in.parent_key; + + if ( cac_RegOpenKey( hnd, mem_ctx, &rok ) ) { + /*then we got the key, return */ + op->out.key = rok.out.key; + return CAC_SUCCESS; + } + + /*just be ultra-safe */ + pipe_hnd = cac_GetPipe( hnd, PI_WINREG ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + key_out = talloc( mem_ctx, POLICY_HND ); + if ( !key_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + key_string.name = op->in.key_name; + class_string.name = op->in.class_name; + hnd->status = + rpccli_winreg_CreateKey( pipe_hnd, mem_ctx, op->in.parent_key, + key_string, class_string, 0, + op->in.access, NULL, key_out, + &action ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } + + op->out.key = key_out; + + return CAC_SUCCESS; } -WERROR cac_delete_subkeys_recursive(struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, POLICY_HND *key) { - /*NOTE: using cac functions might result in a big(ger) memory bloat, and would probably be far less efficient - * so we use the cli_reg functions directly*/ - - WERROR err = WERR_OK; +WERROR cac_delete_subkeys_recursive( struct rpc_pipe_client * pipe_hnd, + TALLOC_CTX * mem_ctx, POLICY_HND * key ) +{ + /*NOTE: using cac functions might result in a big(ger) memory bloat, and would probably be far less efficient + * so we use the cli_reg functions directly*/ - POLICY_HND subkey; - fstring subkey_name; - fstring class_buf; - time_t mod_time_buf; + WERROR err = WERR_OK; - int cur_key = 0; + POLICY_HND subkey; + fstring subkey_name; + fstring class_buf; + time_t mod_time_buf; - while(W_ERROR_IS_OK(err)) { - struct winreg_String key_string; - NTSTATUS status; + int cur_key = 0; - status = rpccli_winreg_enum_key( pipe_hnd, mem_ctx, key, cur_key, subkey_name, class_buf, &mod_time_buf); + while ( W_ERROR_IS_OK( err ) ) { + struct winreg_String key_string; + NTSTATUS status; - if ( !NT_STATUS_IS_OK(status) ) - break; + status = rpccli_winreg_enum_key( pipe_hnd, mem_ctx, key, + cur_key, subkey_name, + class_buf, &mod_time_buf ); - /*try to open the key with full access*/ - key_string.name = subkey_name; - status = rpccli_winreg_OpenKey(pipe_hnd, mem_ctx, key, key_string, 0, REG_KEY_ALL, &subkey); + if ( !NT_STATUS_IS_OK( status ) ) + break; - if ( !NT_STATUS_IS_OK(status) ) - break; + /*try to open the key with full access */ + key_string.name = subkey_name; + status = rpccli_winreg_OpenKey( pipe_hnd, mem_ctx, key, + key_string, 0, REG_KEY_ALL, + &subkey ); - err = cac_delete_subkeys_recursive(pipe_hnd, mem_ctx, &subkey); + if ( !NT_STATUS_IS_OK( status ) ) + break; - if(!W_ERROR_EQUAL(err,WERR_NO_MORE_ITEMS) && !W_ERROR_IS_OK(err)) - break; + err = cac_delete_subkeys_recursive( pipe_hnd, mem_ctx, + &subkey ); - /*flush the key just to be safe*/ - rpccli_winreg_FlushKey(pipe_hnd, mem_ctx, key); - - /*close the key that we opened*/ - rpccli_winreg_CloseKey(pipe_hnd, mem_ctx, &subkey); + if ( !W_ERROR_EQUAL( err, WERR_NO_MORE_ITEMS ) + && !W_ERROR_IS_OK( err ) ) + break; - /*now we delete the subkey*/ - key_string.name = subkey_name; - status = rpccli_winreg_DeleteKey(pipe_hnd, mem_ctx, key, key_string); - err = ntstatus_to_werror(status); + /*flush the key just to be safe */ + rpccli_winreg_FlushKey( pipe_hnd, mem_ctx, key ); + /*close the key that we opened */ + rpccli_winreg_CloseKey( pipe_hnd, mem_ctx, &subkey ); - cur_key++; - } + /*now we delete the subkey */ + key_string.name = subkey_name; + status = rpccli_winreg_DeleteKey( pipe_hnd, mem_ctx, key, + key_string ); + err = ntstatus_to_werror( status ); - return err; -} - - - -int cac_RegDeleteKey(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegDeleteKey *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - WERROR err; - struct winreg_String key_string; + cur_key++; + } - if(!hnd) - return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || !op->in.parent_key || !op->in.name || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + return err; +} - pipe_hnd = cac_GetPipe(hnd, PI_WINREG); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - if(op->in.recursive) { - /*first open the key, and then delete all of it's subkeys recursively*/ - struct RegOpenKey rok; - ZERO_STRUCT(rok); - rok.in.parent_key = op->in.parent_key; - rok.in.name = op->in.name; - rok.in.access = REG_KEY_ALL; +int cac_RegDeleteKey( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct RegDeleteKey *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + WERROR err; + struct winreg_String key_string; - if(!cac_RegOpenKey(hnd, mem_ctx, &rok)) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - err = cac_delete_subkeys_recursive(pipe_hnd, mem_ctx, rok.out.key); + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - /*close the key that we opened*/ - cac_RegClose(hnd, mem_ctx, rok.out.key); + if ( !op || !op->in.parent_key || !op->in.name || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - hnd->status = werror_to_ntstatus(err); + pipe_hnd = cac_GetPipe( hnd, PI_WINREG ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(NT_STATUS_V(hnd->status) != NT_STATUS_V(NT_STATUS_GUIDS_EXHAUSTED) && !NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( op->in.recursive ) { + /*first open the key, and then delete all of it's subkeys recursively */ + struct RegOpenKey rok; - /*now go on to actually delete the key*/ - } + ZERO_STRUCT( rok ); - key_string.name = op->in.name; - hnd->status = rpccli_winreg_DeleteKey( pipe_hnd, mem_ctx, op->in.parent_key, key_string ); + rok.in.parent_key = op->in.parent_key; + rok.in.name = op->in.name; + rok.in.access = REG_KEY_ALL; - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } + if ( !cac_RegOpenKey( hnd, mem_ctx, &rok ) ) + return CAC_FAILURE; - return CAC_SUCCESS; -} + err = cac_delete_subkeys_recursive( pipe_hnd, mem_ctx, + rok.out.key ); -int cac_RegDeleteValue(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegDeleteValue *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - struct winreg_String value_string; + /*close the key that we opened */ + cac_RegClose( hnd, mem_ctx, rok.out.key ); - if(!hnd) - return CAC_FAILURE; + hnd->status = werror_to_ntstatus( err ); - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( NT_STATUS_V( hnd->status ) != + NT_STATUS_V( NT_STATUS_GUIDS_EXHAUSTED ) + && !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - if(!op || !op->in.parent_key || !op->in.name || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + /*now go on to actually delete the key */ + } - pipe_hnd = cac_GetPipe(hnd, PI_WINREG); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + key_string.name = op->in.name; + hnd->status = + rpccli_winreg_DeleteKey( pipe_hnd, mem_ctx, op->in.parent_key, + key_string ); - value_string.name = op->in.name; - hnd->status = rpccli_winreg_DeleteValue( pipe_hnd, mem_ctx, op->in.parent_key, value_string ); + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } + return CAC_SUCCESS; +} - return CAC_SUCCESS; +int cac_RegDeleteValue( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct RegDeleteValue *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + struct winreg_String value_string; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !op->in.parent_key || !op->in.name || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + pipe_hnd = cac_GetPipe( hnd, PI_WINREG ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + value_string.name = op->in.name; + hnd->status = + rpccli_winreg_DeleteValue( pipe_hnd, mem_ctx, + op->in.parent_key, value_string ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } + + return CAC_SUCCESS; } #if 0 + /* JRA - disabled until fix. */ + /* This code is currently broken so disable it - it needs to handle the ERROR_MORE_DATA cleanly and resubmit the query. */ -int cac_RegQueryKeyInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegQueryKeyInfo *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - WERROR err; - - char *class_name_out = NULL; - uint32 class_len = 0; - uint32 num_subkeys_out = 0; - uint32 long_subkey_out = 0; - uint32 long_class_out = 0; - uint32 num_values_out = 0; - uint32 long_value_out = 0; - uint32 long_data_out = 0; - uint32 secdesc_size = 0; - NTTIME mod_time; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || !op->in.key || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_WINREG); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - err = rpccli_reg_query_key( pipe_hnd, mem_ctx, op->in.key, - class_name_out, - &class_len, - &num_subkeys_out, - &long_subkey_out, - &long_class_out, - &num_values_out, - &long_value_out, - &long_data_out, - &secdesc_size, - &mod_time); - - hnd->status = werror_to_ntstatus(err); - - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; - - if(!class_name_out) { - op->out.class_name = talloc_strdup(mem_ctx, ""); - } - else if(class_len != 0 && class_name_out[class_len - 1] != '\0') { - /*then we need to add a '\0'*/ - op->out.class_name = talloc_size(mem_ctx, sizeof(char)*(class_len + 1)); - - memcpy(op->out.class_name, class_name_out, class_len); - - op->out.class_name[class_len] = '\0'; - } - else { /*then everything worked out fine in the function*/ - op->out.class_name = talloc_strdup(mem_ctx, class_name_out); - } - - if(!op->out.class_name) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - op->out.num_subkeys = num_subkeys_out; - op->out.longest_subkey = long_subkey_out; - op->out.longest_class = long_class_out; - op->out.num_values = num_values_out; - op->out.longest_value_name = long_value_out; - op->out.longest_value_data = long_data_out; - op->out.security_desc_size = secdesc_size; - op->out.last_write_time = nt_time_to_unix(&mod_time); - - return CAC_FAILURE; +int cac_RegQueryKeyInfo( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct RegQueryKeyInfo *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + WERROR err; + + char *class_name_out = NULL; + uint32 class_len = 0; + uint32 num_subkeys_out = 0; + uint32 long_subkey_out = 0; + uint32 long_class_out = 0; + uint32 num_values_out = 0; + uint32 long_value_out = 0; + uint32 long_data_out = 0; + uint32 secdesc_size = 0; + NTTIME mod_time; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !op->in.key || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + pipe_hnd = cac_GetPipe( hnd, PI_WINREG ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + err = rpccli_reg_query_key( pipe_hnd, mem_ctx, op->in.key, + class_name_out, + &class_len, + &num_subkeys_out, + &long_subkey_out, + &long_class_out, + &num_values_out, + &long_value_out, + &long_data_out, + &secdesc_size, &mod_time ); + + hnd->status = werror_to_ntstatus( err ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; + + if ( !class_name_out ) { + op->out.class_name = talloc_strdup( mem_ctx, "" ); + } else if ( class_len != 0 && class_name_out[class_len - 1] != '\0' ) { + /*then we need to add a '\0' */ + op->out.class_name = + talloc_size( mem_ctx, + sizeof( char ) * ( class_len + 1 ) ); + + memcpy( op->out.class_name, class_name_out, class_len ); + + op->out.class_name[class_len] = '\0'; + } else { /*then everything worked out fine in the function */ + op->out.class_name = talloc_strdup( mem_ctx, class_name_out ); + } + + if ( !op->out.class_name ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + op->out.num_subkeys = num_subkeys_out; + op->out.longest_subkey = long_subkey_out; + op->out.longest_class = long_class_out; + op->out.num_values = num_values_out; + op->out.longest_value_name = long_value_out; + op->out.longest_value_data = long_data_out; + op->out.security_desc_size = secdesc_size; + op->out.last_write_time = nt_time_to_unix( &mod_time ); + + return CAC_FAILURE; } #endif -int cac_RegQueryValue(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegQueryValue *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - struct winreg_String value_string; - REGVAL_BUFFER buffer; - REG_VALUE_DATA *data_out = NULL; - enum winreg_Type val_type; - uint8 *buf; - uint32 buf_size = 4096; - uint32 length = 0; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || !op->in.key || !op->in.val_name || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_WINREG); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - value_string.name = op->in.val_name; - - if ( (buf = TALLOC_ARRAY( mem_ctx, uint8, buf_size )) == NULL ) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - hnd->status = rpccli_winreg_QueryValue(pipe_hnd, mem_ctx, op->in.key, - value_string, &val_type, buf, &buf_size, &length ); - - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; - - init_regval_buffer( &buffer, buf, length ); - - data_out = cac_MakeRegValueData(mem_ctx, val_type, buffer); - if(!data_out) { - if(errno == ENOMEM) - hnd->status = NT_STATUS_NO_MEMORY; - else - hnd->status = NT_STATUS_INVALID_PARAMETER; - - return CAC_FAILURE; - } - - op->out.type = val_type; - op->out.data = data_out; - - return CAC_SUCCESS; +int cac_RegQueryValue( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct RegQueryValue *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + struct winreg_String value_string; + REGVAL_BUFFER buffer; + REG_VALUE_DATA *data_out = NULL; + enum winreg_Type val_type; + uint8 *buf; + uint32 buf_size = 4096; + uint32 length = 0; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !op->in.key || !op->in.val_name || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + pipe_hnd = cac_GetPipe( hnd, PI_WINREG ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + value_string.name = op->in.val_name; + + if ( ( buf = TALLOC_ARRAY( mem_ctx, uint8, buf_size ) ) == NULL ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + hnd->status = rpccli_winreg_QueryValue( pipe_hnd, mem_ctx, op->in.key, + value_string, &val_type, buf, + &buf_size, &length ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; + + init_regval_buffer( &buffer, buf, length ); + + data_out = cac_MakeRegValueData( mem_ctx, val_type, buffer ); + if ( !data_out ) { + if ( errno == ENOMEM ) + hnd->status = NT_STATUS_NO_MEMORY; + else + hnd->status = NT_STATUS_INVALID_PARAMETER; + + return CAC_FAILURE; + } + + op->out.type = val_type; + op->out.data = data_out; + + return CAC_SUCCESS; } -int cac_RegEnumValues(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegEnumValues *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - - /*buffers for rpccli_reg_enum_key call*/ - fstring val_name_buf; - REGVAL_BUFFER val_buf; - - /*output buffers*/ - uint32 *types_out = NULL; - REG_VALUE_DATA **values_out = NULL; - char **val_names_out = NULL; - uint32 num_values_out = 0; - uint32 resume_idx = 0; - - if(!hnd) - return CAC_FAILURE; - - /*this is to avoid useless rpc calls, if the last call exhausted all the keys, then we don't need to go through everything again*/ - if(NT_STATUS_V(hnd->status) == NT_STATUS_V(NT_STATUS_GUIDS_EXHAUSTED)) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || !op->in.key || op->in.max_values == 0 || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_WINREG); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - /*we need to assume that the max number of values will be enumerated*/ - types_out = (uint32 *)talloc_array(mem_ctx, int, op->in.max_values); - if(!types_out) { - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - values_out = talloc_array(mem_ctx, REG_VALUE_DATA *, op->in.max_values); - if(!values_out) { - TALLOC_FREE(types_out); - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - val_names_out = talloc_array(mem_ctx, char *, op->in.max_values); - if(!val_names_out) { - TALLOC_FREE(types_out); - TALLOC_FREE(values_out); - hnd->status = NT_STATUS_NO_MEMORY; - return CAC_FAILURE; - } - - resume_idx = op->out.resume_idx; - do { - ZERO_STRUCT(val_buf); - - hnd->status = rpccli_winreg_enum_val(pipe_hnd, mem_ctx, op->in.key, resume_idx, val_name_buf, &types_out[num_values_out], &val_buf); - - if(!NT_STATUS_IS_OK(hnd->status)) - break; - - values_out[num_values_out] = cac_MakeRegValueData(mem_ctx, types_out[num_values_out], val_buf); - val_names_out[num_values_out] = talloc_strdup(mem_ctx, val_name_buf); - - if(!val_names_out[num_values_out] || !values_out[num_values_out]) { - hnd->status = NT_STATUS_NO_MEMORY; - break; - } - - num_values_out++; - resume_idx++; - } while(num_values_out < op->in.max_values); - - if(CAC_OP_FAILED(hnd->status)) - return CAC_FAILURE; - - op->out.types = types_out; - op->out.num_values = num_values_out; - op->out.value_names = val_names_out; - op->out.values = values_out; - op->out.resume_idx = resume_idx; - - return CAC_SUCCESS; +int cac_RegEnumValues( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct RegEnumValues *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + + /*buffers for rpccli_reg_enum_key call */ + fstring val_name_buf; + REGVAL_BUFFER val_buf; + + /*output buffers */ + uint32 *types_out = NULL; + REG_VALUE_DATA **values_out = NULL; + char **val_names_out = NULL; + uint32 num_values_out = 0; + uint32 resume_idx = 0; + + if ( !hnd ) + return CAC_FAILURE; + + /*this is to avoid useless rpc calls, if the last call exhausted all the keys, then we don't need to go through everything again */ + if ( NT_STATUS_V( hnd->status ) == + NT_STATUS_V( NT_STATUS_GUIDS_EXHAUSTED ) ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !op->in.key || op->in.max_values == 0 || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + pipe_hnd = cac_GetPipe( hnd, PI_WINREG ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + /*we need to assume that the max number of values will be enumerated */ + types_out = + ( uint32 * ) talloc_array( mem_ctx, int, op->in.max_values ); + if ( !types_out ) { + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + values_out = + talloc_array( mem_ctx, REG_VALUE_DATA *, op->in.max_values ); + if ( !values_out ) { + TALLOC_FREE( types_out ); + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + val_names_out = talloc_array( mem_ctx, char *, op->in.max_values ); + if ( !val_names_out ) { + TALLOC_FREE( types_out ); + TALLOC_FREE( values_out ); + hnd->status = NT_STATUS_NO_MEMORY; + return CAC_FAILURE; + } + + resume_idx = op->out.resume_idx; + do { + ZERO_STRUCT( val_buf ); + + hnd->status = + rpccli_winreg_enum_val( pipe_hnd, mem_ctx, op->in.key, + resume_idx, val_name_buf, + &types_out[num_values_out], + &val_buf ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) + break; + + values_out[num_values_out] = + cac_MakeRegValueData( mem_ctx, + types_out[num_values_out], + val_buf ); + val_names_out[num_values_out] = + talloc_strdup( mem_ctx, val_name_buf ); + + if ( !val_names_out[num_values_out] + || !values_out[num_values_out] ) { + hnd->status = NT_STATUS_NO_MEMORY; + break; + } + + num_values_out++; + resume_idx++; + } while ( num_values_out < op->in.max_values ); + + if ( CAC_OP_FAILED( hnd->status ) ) + return CAC_FAILURE; + + op->out.types = types_out; + op->out.num_values = num_values_out; + op->out.value_names = val_names_out; + op->out.values = values_out; + op->out.resume_idx = resume_idx; + + return CAC_SUCCESS; } -int cac_RegSetValue(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegSetValue *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - struct winreg_String value_string; +int cac_RegSetValue( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct RegSetValue *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + struct winreg_String value_string; + + RPC_DATA_BLOB *buffer; - RPC_DATA_BLOB *buffer; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd) - return CAC_FAILURE; + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !op || !op->in.key || !op->in.val_name || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - if(!op || !op->in.key || !op->in.val_name || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_WINREG ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_WINREG); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + buffer = cac_MakeRpcDataBlob( mem_ctx, op->in.type, op->in.value ); - buffer = cac_MakeRpcDataBlob(mem_ctx, op->in.type, op->in.value); + if ( !buffer ) { + if ( errno == ENOMEM ) + hnd->status = NT_STATUS_NO_MEMORY; + else + hnd->status = NT_STATUS_INVALID_PARAMETER; - if(!buffer) { - if(errno == ENOMEM) - hnd->status = NT_STATUS_NO_MEMORY; - else - hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - return CAC_FAILURE; - } + value_string.name = op->in.val_name; + hnd->status = + rpccli_winreg_SetValue( pipe_hnd, mem_ctx, op->in.key, + value_string, op->in.type, + buffer->buffer, buffer->buf_len ); - value_string.name = op->in.val_name; - hnd->status = rpccli_winreg_SetValue(pipe_hnd, mem_ctx, op->in.key, value_string, op->in.type, buffer->buffer, buffer->buf_len); - - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - /*flush*/ - hnd->status = rpccli_winreg_FlushKey(pipe_hnd, mem_ctx, op->in.key); + /*flush */ + hnd->status = rpccli_winreg_FlushKey( pipe_hnd, mem_ctx, op->in.key ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_RegGetVersion(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegGetVersion *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - uint32 version_out; +int cac_RegGetVersion( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct RegGetVersion *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + uint32 version_out; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.key || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.key || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_WINREG); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_WINREG ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - hnd->status = rpccli_winreg_GetVersion( pipe_hnd, mem_ctx, op->in.key, &version_out); + hnd->status = + rpccli_winreg_GetVersion( pipe_hnd, mem_ctx, op->in.key, + &version_out ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - op->out.version = version_out; + op->out.version = version_out; - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_RegGetKeySecurity(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegGetKeySecurity *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - struct KeySecurityData keysec; - - ZERO_STRUCT(keysec); - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || !op->in.key || op->in.info_type == 0 || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - pipe_hnd = cac_GetPipe(hnd, PI_WINREG); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - hnd->status = rpccli_winreg_GetKeySecurity(pipe_hnd, mem_ctx, op->in.key, op->in.info_type, &keysec); - - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } - -#if 0 /* FIX ME!!!! unmarshall the security descriptor */ - op->out.size = buf.sd_size; - op->out.descriptor = dup_sec_desc(mem_ctx, buf.sd); +int cac_RegGetKeySecurity( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct RegGetKeySecurity *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + struct KeySecurityData keysec; + + ZERO_STRUCT( keysec ); + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !op->in.key || op->in.info_type == 0 || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + pipe_hnd = cac_GetPipe( hnd, PI_WINREG ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + hnd->status = + rpccli_winreg_GetKeySecurity( pipe_hnd, mem_ctx, op->in.key, + op->in.info_type, &keysec ); + + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } +#if 0 /* FIX ME!!!! unmarshall the security descriptor */ + op->out.size = buf.sd_size; + op->out.descriptor = dup_sec_desc( mem_ctx, buf.sd ); #endif - if (op->out.descriptor == NULL) { - return CAC_FAILURE; - } + if ( op->out.descriptor == NULL ) { + return CAC_FAILURE; + } - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_RegSetKeySecurity(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegSetKeySecurity *op) { - struct rpc_pipe_client *pipe_hnd = NULL; - struct KeySecurityData keysec; +int cac_RegSetKeySecurity( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct RegSetKeySecurity *op ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; + struct KeySecurityData keysec; - ZERO_STRUCT( keysec ); + ZERO_STRUCT( keysec ); - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_WINREG] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - if(!op || !op->in.key || op->in.info_type == 0 || op->in.size == 0 || !op->in.descriptor || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } + if ( !op || !op->in.key || op->in.info_type == 0 || op->in.size == 0 + || !op->in.descriptor || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_WINREG); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_WINREG ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - /* FIXME!!! Marshall in the input sec_desc to struct KeySecurityData */ - hnd->status = rpccli_winreg_SetKeySecurity(pipe_hnd, mem_ctx, op->in.key, op->in.info_type, &keysec ); + /* FIXME!!! Marshall in the input sec_desc to struct KeySecurityData */ + hnd->status = + rpccli_winreg_SetKeySecurity( pipe_hnd, mem_ctx, op->in.key, + op->in.info_type, &keysec ); - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } - return CAC_SUCCESS; + return CAC_SUCCESS; } -int cac_Shutdown(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct Shutdown *op) { - SMBCSRV *srv = NULL; - struct rpc_pipe_client *pipe_hnd = NULL; - struct initshutdown_String msg_string; - struct initshutdown_String_sub s; - - char *msg; - - if(!hnd) - return CAC_FAILURE; - - if(!hnd->_internal.ctx) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - if(!op || !mem_ctx) { - hnd->status = NT_STATUS_INVALID_PARAMETER; - return CAC_FAILURE; - } - - srv = cac_GetServer(hnd); - if(!srv) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - /*initialize for winreg pipe if we have to*/ - if(!hnd->_internal.pipes[PI_INITSHUTDOWN]) { - if(!(pipe_hnd = cli_rpc_pipe_open_noauth(srv->cli, PI_INITSHUTDOWN, &(hnd->status)))) { - return CAC_FAILURE; - } - - hnd->_internal.pipes[PI_INITSHUTDOWN] = True; - } - - pipe_hnd = cac_GetPipe(hnd, PI_INITSHUTDOWN); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } - - msg = (op->in.message != NULL) ? op->in.message : talloc_strdup(mem_ctx, ""); - msg_string.name = &s; - msg_string.name->name = msg; - - hnd->status = NT_STATUS_OK; - - if(hnd->_internal.srv_level > SRV_WIN_NT4) { - hnd->status = rpccli_initshutdown_InitEx( pipe_hnd, mem_ctx, NULL, &msg_string, - op->in.timeout, op->in.reboot, op->in.force, op->in.reason); - } - - if(hnd->_internal.srv_level < SRV_WIN_2K || !NT_STATUS_IS_OK(hnd->status)) { - hnd->status = rpccli_initshutdown_Init( pipe_hnd, mem_ctx, NULL, &msg_string, - op->in.timeout, op->in.reboot, op->in.force); - - hnd->_internal.srv_level = SRV_WIN_NT4; - } - - if(!NT_STATUS_IS_OK(hnd->status)) { - return CAC_FAILURE; - } - - return CAC_SUCCESS; +int cac_Shutdown( CacServerHandle * hnd, TALLOC_CTX * mem_ctx, + struct Shutdown *op ) +{ + SMBCSRV *srv = NULL; + struct rpc_pipe_client *pipe_hnd = NULL; + struct initshutdown_String msg_string; + struct initshutdown_String_sub s; + + char *msg; + + if ( !hnd ) + return CAC_FAILURE; + + if ( !hnd->_internal.ctx ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if ( !op || !mem_ctx ) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + srv = cac_GetServer( hnd ); + if ( !srv ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + /*initialize for winreg pipe if we have to */ + if ( !hnd->_internal.pipes[PI_INITSHUTDOWN] ) { + if ( ! + ( pipe_hnd = + cli_rpc_pipe_open_noauth( srv->cli, PI_INITSHUTDOWN, + &( hnd->status ) ) ) ) { + return CAC_FAILURE; + } + + hnd->_internal.pipes[PI_INITSHUTDOWN] = True; + } + + pipe_hnd = cac_GetPipe( hnd, PI_INITSHUTDOWN ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + msg = ( op->in.message != + NULL ) ? op->in.message : talloc_strdup( mem_ctx, "" ); + msg_string.name = &s; + msg_string.name->name = msg; + + hnd->status = NT_STATUS_OK; + + if ( hnd->_internal.srv_level > SRV_WIN_NT4 ) { + hnd->status = + rpccli_initshutdown_InitEx( pipe_hnd, mem_ctx, NULL, + &msg_string, + op->in.timeout, + op->in.reboot, + op->in.force, + op->in.reason ); + } + + if ( hnd->_internal.srv_level < SRV_WIN_2K + || !NT_STATUS_IS_OK( hnd->status ) ) { + hnd->status = + rpccli_initshutdown_Init( pipe_hnd, mem_ctx, NULL, + &msg_string, op->in.timeout, + op->in.reboot, + op->in.force ); + + hnd->_internal.srv_level = SRV_WIN_NT4; + } + + if ( !NT_STATUS_IS_OK( hnd->status ) ) { + return CAC_FAILURE; + } + + return CAC_SUCCESS; } -int cac_AbortShutdown(CacServerHandle *hnd, TALLOC_CTX *mem_ctx) { - struct rpc_pipe_client *pipe_hnd = NULL; +int cac_AbortShutdown( CacServerHandle * hnd, TALLOC_CTX * mem_ctx ) +{ + struct rpc_pipe_client *pipe_hnd = NULL; - if(!hnd) - return CAC_FAILURE; + if ( !hnd ) + return CAC_FAILURE; - if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_INITSHUTDOWN]) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + if ( !hnd->_internal.ctx || !hnd->_internal.pipes[PI_INITSHUTDOWN] ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - pipe_hnd = cac_GetPipe(hnd, PI_INITSHUTDOWN); - if(!pipe_hnd) { - hnd->status = NT_STATUS_INVALID_HANDLE; - return CAC_FAILURE; - } + pipe_hnd = cac_GetPipe( hnd, PI_INITSHUTDOWN ); + if ( !pipe_hnd ) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } - hnd->status = rpccli_initshutdown_Abort(pipe_hnd, mem_ctx, NULL); + hnd->status = rpccli_initshutdown_Abort( pipe_hnd, mem_ctx, NULL ); - if(!NT_STATUS_IS_OK(hnd->status)) - return CAC_FAILURE; + if ( !NT_STATUS_IS_OK( hnd->status ) ) + return CAC_FAILURE; - return CAC_SUCCESS; + return CAC_SUCCESS; } - diff --git a/source3/libmsrpc/libmsrpc.c b/source3/libmsrpc/libmsrpc.c index d96eaf5916..adaf89d0fe 100644 --- a/source3/libmsrpc/libmsrpc.c +++ b/source3/libmsrpc/libmsrpc.c @@ -1,3 +1,4 @@ + /* * Unix SMB/CIFS implementation. * MS-RPC client library implementation @@ -24,314 +25,324 @@ #include "libsmb_internal.h" /*this function is based on code found in smbc_init_context() (libsmb/libsmbclient.c)*/ -void cac_Init(int debug) { - if(debug < 0 || debug > 99) - debug = 0; +void cac_Init( int debug ) +{ + if ( debug < 0 || debug > 99 ) + debug = 0; - DEBUGLEVEL = debug; + DEBUGLEVEL = debug; - setup_logging("libmsrpc", True); + setup_logging( "libmsrpc", True ); } -int cac_InitHandleMem(CacServerHandle *hnd) { - hnd->username = SMB_MALLOC_ARRAY(char, sizeof(fstring)); - if(!hnd->username) - return CAC_FAILURE; +int cac_InitHandleMem( CacServerHandle * hnd ) +{ + hnd->username = SMB_MALLOC_ARRAY( char, sizeof( fstring ) ); + + if ( !hnd->username ) + return CAC_FAILURE; + + hnd->username[0] = '\0'; - hnd->username[0] = '\0'; + hnd->domain = SMB_MALLOC_ARRAY( char, sizeof( fstring ) ); + if ( !hnd->domain ) + return CAC_FAILURE; - hnd->domain = SMB_MALLOC_ARRAY(char, sizeof(fstring)); - if(!hnd->domain) - return CAC_FAILURE; - - hnd->domain[0] = '\0'; + hnd->domain[0] = '\0'; - hnd->netbios_name = SMB_MALLOC_ARRAY(char, sizeof(fstring)); - if(!hnd->netbios_name) - return CAC_FAILURE; + hnd->netbios_name = SMB_MALLOC_ARRAY( char, sizeof( fstring ) ); + if ( !hnd->netbios_name ) + return CAC_FAILURE; - hnd->netbios_name[0] = '\0'; + hnd->netbios_name[0] = '\0'; - hnd->password = SMB_MALLOC_ARRAY(char, sizeof(fstring)); - if(!hnd->password) - return CAC_FAILURE; + hnd->password = SMB_MALLOC_ARRAY( char, sizeof( fstring ) ); + if ( !hnd->password ) + return CAC_FAILURE; - hnd->password[0] = '\0'; + hnd->password[0] = '\0'; - hnd->server = SMB_MALLOC_ARRAY(char, sizeof(fstring)); - if(!hnd->server) - return CAC_FAILURE; + hnd->server = SMB_MALLOC_ARRAY( char, sizeof( fstring ) ); + if ( !hnd->server ) + return CAC_FAILURE; - hnd->server[0] = '\0'; + hnd->server[0] = '\0'; - return CAC_SUCCESS; + return CAC_SUCCESS; } -CacServerHandle *cac_NewServerHandle(BOOL allocate_fields) { - CacServerHandle * hnd; +CacServerHandle *cac_NewServerHandle( BOOL allocate_fields ) +{ + CacServerHandle *hnd; + + hnd = SMB_MALLOC_P( CacServerHandle ); + + if ( !hnd ) { + errno = ENOMEM; + return NULL; + } - hnd = SMB_MALLOC_P(CacServerHandle); + ZERO_STRUCTP( hnd ); - if(!hnd) { - errno = ENOMEM; - return NULL; - } - - ZERO_STRUCTP(hnd); + if ( allocate_fields == True ) { + if ( !cac_InitHandleMem( hnd ) ) { + SAFE_FREE( hnd ); + return NULL; + } + } - if(allocate_fields == True) { - if(!cac_InitHandleMem(hnd)) { - SAFE_FREE(hnd); - return NULL; - } - } + hnd->_internal.ctx = smbc_new_context( ); + if ( !hnd->_internal.ctx ) { + cac_FreeHandle( hnd ); + return NULL; + } - hnd->_internal.ctx = smbc_new_context(); - if(!hnd->_internal.ctx) { - cac_FreeHandle(hnd); - return NULL; - } + hnd->_internal.ctx->callbacks.auth_fn = cac_GetAuthDataFn; - hnd->_internal.ctx->callbacks.auth_fn = cac_GetAuthDataFn; - - /*add defaults*/ - hnd->debug = 0; + /*add defaults */ + hnd->debug = 0; - /*start at the highest and it will fall down after trying the functions*/ - hnd->_internal.srv_level = SRV_WIN_2K3; + /*start at the highest and it will fall down after trying the functions */ + hnd->_internal.srv_level = SRV_WIN_2K3; - hnd->_internal.user_supplied_ctx = False; + hnd->_internal.user_supplied_ctx = False; - return hnd; + return hnd; } -int cac_InitHandleData(CacServerHandle *hnd) { - /*store any automatically initialized values*/ - if(!hnd->netbios_name) { - hnd->netbios_name = SMB_STRDUP(hnd->_internal.ctx->netbios_name); - } - else if(hnd->netbios_name[0] == '\0') { - strncpy(hnd->netbios_name, hnd->_internal.ctx->netbios_name, sizeof(fstring)); - } - - if(!hnd->username) { - hnd->username = SMB_STRDUP(hnd->_internal.ctx->user); - } - else if(hnd->username[0] == '\0') { - strncpy(hnd->username, hnd->_internal.ctx->user, sizeof(fstring)); - } - - if(!hnd->domain) { - hnd->domain = SMB_STRDUP(hnd->_internal.ctx->workgroup); - } - else if(hnd->domain[0] == '\0') { - strncpy(hnd->domain, hnd->_internal.ctx->workgroup, sizeof(fstring)); - } - - return CAC_SUCCESS; +int cac_InitHandleData( CacServerHandle * hnd ) +{ + /*store any automatically initialized values */ + if ( !hnd->netbios_name ) { + hnd->netbios_name = + SMB_STRDUP( hnd->_internal.ctx->netbios_name ); + } else if ( hnd->netbios_name[0] == '\0' ) { + strncpy( hnd->netbios_name, hnd->_internal.ctx->netbios_name, + sizeof( fstring ) ); + } + + if ( !hnd->username ) { + hnd->username = SMB_STRDUP( hnd->_internal.ctx->user ); + } else if ( hnd->username[0] == '\0' ) { + strncpy( hnd->username, hnd->_internal.ctx->user, + sizeof( fstring ) ); + } + + if ( !hnd->domain ) { + hnd->domain = SMB_STRDUP( hnd->_internal.ctx->workgroup ); + } else if ( hnd->domain[0] == '\0' ) { + strncpy( hnd->domain, hnd->_internal.ctx->workgroup, + sizeof( fstring ) ); + } + + return CAC_SUCCESS; } -void cac_SetAuthDataFn(CacServerHandle *hnd, smbc_get_auth_data_fn auth_fn) { - hnd->_internal.ctx->callbacks.auth_fn = auth_fn; +void cac_SetAuthDataFn( CacServerHandle * hnd, smbc_get_auth_data_fn auth_fn ) +{ + hnd->_internal.ctx->callbacks.auth_fn = auth_fn; } -void cac_SetSmbcContext(CacServerHandle *hnd, SMBCCTX *ctx) { +void cac_SetSmbcContext( CacServerHandle * hnd, SMBCCTX * ctx ) +{ - SAFE_FREE(hnd->_internal.ctx); + SAFE_FREE( hnd->_internal.ctx ); - hnd->_internal.user_supplied_ctx = True; + hnd->_internal.user_supplied_ctx = True; - hnd->_internal.ctx = ctx; + hnd->_internal.ctx = ctx; /*_try_ to avoid any problems that might occur if cac_Connect() isn't called*/ - /*cac_InitHandleData(hnd);*/ + /*cac_InitHandleData(hnd); */ } /*used internally*/ -SMBCSRV *cac_GetServer(CacServerHandle *hnd) { - SMBCSRV *srv; - - if(!hnd || !hnd->_internal.ctx) { - return NULL; - } +SMBCSRV *cac_GetServer( CacServerHandle * hnd ) +{ + SMBCSRV *srv; + + if ( !hnd || !hnd->_internal.ctx ) { + return NULL; + } + + srv = smbc_attr_server( hnd->_internal.ctx, hnd->server, "IPC$", + hnd->domain, hnd->username, hnd->password, + NULL ); + if ( !srv ) { + hnd->status = NT_STATUS_UNSUCCESSFUL; + DEBUG( 1, + ( "cac_GetServer: Could not find server connection.\n" ) ); + } + + return srv; +} - srv = smbc_attr_server(hnd->_internal.ctx, hnd->server, "IPC$", hnd->domain, hnd->username, hnd->password, NULL); - if(!srv) { - hnd->status=NT_STATUS_UNSUCCESSFUL; - DEBUG(1, ("cac_GetServer: Could not find server connection.\n")); - } - return srv; -} +int cac_Connect( CacServerHandle * hnd, const char *srv ) +{ + if ( !hnd ) { + return CAC_FAILURE; + } + /*these values should be initialized by the user */ + if ( !hnd->server && !srv ) { + return CAC_FAILURE; + } -int cac_Connect(CacServerHandle *hnd, const char *srv) { - if(!hnd) { - return CAC_FAILURE; - } - /*these values should be initialized by the user*/ - if(!hnd->server && !srv) { - return CAC_FAILURE; - } + /*change the server name in the server handle if necessary */ + if ( srv && hnd->server && strcmp( hnd->server, srv ) == 0 ) { + SAFE_FREE( hnd->server ); + hnd->server = SMB_STRDUP( srv ); + } - /*change the server name in the server handle if necessary*/ - if(srv && hnd->server && strcmp(hnd->server, srv) == 0) { - SAFE_FREE(hnd->server); - hnd->server = SMB_STRDUP(srv); - } + /*first see if the context has already been setup */ + if ( !( hnd->_internal.ctx->internal->_initialized ) ) { + hnd->_internal.ctx->debug = hnd->debug; + /*initialize the context */ + if ( !smbc_init_context( hnd->_internal.ctx ) ) { + return CAC_FAILURE; + } + } - /*first see if the context has already been setup*/ - if( !(hnd->_internal.ctx->internal->_initialized) ) { - hnd->_internal.ctx->debug = hnd->debug; + /*copy any uninitialized values out of the smbc context into the handle */ + if ( !cac_InitHandleData( hnd ) ) { + return CAC_FAILURE; + } - /*initialize the context*/ - if(!smbc_init_context(hnd->_internal.ctx)) { - return CAC_FAILURE; - } - } + DEBUG( 3, ( "cac_Connect: Username: %s\n", hnd->username ) ); + DEBUG( 3, ( "cac_Connect: Domain: %s\n", hnd->domain ) ); + DEBUG( 3, ( "cac_Connect: Netbios Name: %s\n", hnd->netbios_name ) ); - /*copy any uninitialized values out of the smbc context into the handle*/ - if(!cac_InitHandleData(hnd)) { - return CAC_FAILURE; - } + if ( !cac_GetServer( hnd ) ) { + return CAC_FAILURE; + } - DEBUG(3, ("cac_Connect: Username: %s\n", hnd->username)); - DEBUG(3, ("cac_Connect: Domain: %s\n", hnd->domain)); - DEBUG(3, ("cac_Connect: Netbios Name: %s\n", hnd->netbios_name)); + return CAC_SUCCESS; - if(!cac_GetServer(hnd)) { - return CAC_FAILURE; - } - - return CAC_SUCCESS; - } -void cac_FreeHandle(CacServerHandle * hnd) { - if(!hnd) - return; +void cac_FreeHandle( CacServerHandle * hnd ) +{ + if ( !hnd ) + return; - /*only free the context if we created it*/ - if(!hnd->_internal.user_supplied_ctx) { - smbc_free_context(hnd->_internal.ctx, True); - } + /*only free the context if we created it */ + if ( !hnd->_internal.user_supplied_ctx ) { + smbc_free_context( hnd->_internal.ctx, True ); + } - SAFE_FREE(hnd->netbios_name); - SAFE_FREE(hnd->domain); - SAFE_FREE(hnd->username); - SAFE_FREE(hnd->password); - SAFE_FREE(hnd->server); - SAFE_FREE(hnd); + SAFE_FREE( hnd->netbios_name ); + SAFE_FREE( hnd->domain ); + SAFE_FREE( hnd->username ); + SAFE_FREE( hnd->password ); + SAFE_FREE( hnd->server ); + SAFE_FREE( hnd ); } -void cac_InitCacTime(CacTime *cactime, NTTIME nttime) { - float high, low; - uint32 sec; +void cac_InitCacTime( CacTime * cactime, NTTIME nttime ) +{ + float high, low; + uint32 sec; - if(!cactime) - return; + if ( !cactime ) + return; - ZERO_STRUCTP(cactime); + ZERO_STRUCTP( cactime ); - /*this code is taken from display_time() found in rpcclient/cmd_samr.c*/ - if (nttime==0) + /*this code is taken from display_time() found in rpcclient/cmd_samr.c */ + if ( nttime == 0 ) return; - if (nttime==0x80000000000000LL) + if ( nttime == 0x80000000000000LL ) return; - high = 65536; - high = high/10000; - high = high*65536; - high = high/1000; - high = high * (~(nttime >> 32)); - - low = ~(nttime & 0xFFFFFFFF); - low = low/(1000*1000*10); - - sec=high+low; - - cactime->days=sec/(60*60*24); - cactime->hours=(sec - (cactime->days*60*60*24)) / (60*60); - cactime->minutes=(sec - (cactime->days*60*60*24) - (cactime->hours*60*60) ) / 60; - cactime->seconds=sec - (cactime->days*60*60*24) - (cactime->hours*60*60) - (cactime->minutes*60); + high = 65536; + high = high / 10000; + high = high * 65536; + high = high / 1000; + high = high * ( ~( nttime >> 32 ) ); + + low = ~( nttime & 0xFFFFFFFF ); + low = low / ( 1000 * 1000 * 10 ); + + sec = high + low; + + cactime->days = sec / ( 60 * 60 * 24 ); + cactime->hours = + ( sec - ( cactime->days * 60 * 60 * 24 ) ) / ( 60 * 60 ); + cactime->minutes = + ( sec - ( cactime->days * 60 * 60 * 24 ) - + ( cactime->hours * 60 * 60 ) ) / 60; + cactime->seconds = + sec - ( cactime->days * 60 * 60 * 24 ) - + ( cactime->hours * 60 * 60 ) - ( cactime->minutes * 60 ); } -void cac_GetAuthDataFn(const char * pServer, - const char * pShare, - char * pWorkgroup, - int maxLenWorkgroup, - char * pUsername, - int maxLenUsername, - char * pPassword, - int maxLenPassword) - +void cac_GetAuthDataFn( const char *pServer, + const char *pShare, + char *pWorkgroup, + int maxLenWorkgroup, + char *pUsername, + int maxLenUsername, + char *pPassword, int maxLenPassword ) { - char temp[sizeof(fstring)]; - - static char authUsername[sizeof(fstring)]; - static char authWorkgroup[sizeof(fstring)]; - static char authPassword[sizeof(fstring)]; - static char authSet = 0; - - char *pass = NULL; - - - if (authSet) - { - strncpy(pWorkgroup, authWorkgroup, maxLenWorkgroup - 1); - strncpy(pUsername, authUsername, maxLenUsername - 1); - strncpy(pPassword, authPassword, maxLenPassword - 1); - } - else - { - d_printf("Domain: [%s] ", pWorkgroup); - fgets(temp, sizeof(fstring), stdin); - - if (temp[strlen(temp) - 1] == '\n') /* A new line? */ - { - temp[strlen(temp) - 1] = '\0'; - } - - - if (temp[0] != '\0') - { - strncpy(pWorkgroup, temp, maxLenWorkgroup - 1); - strncpy(authWorkgroup, temp, maxLenWorkgroup - 1); - } - - d_printf("Username: [%s] ", pUsername); - fgets(temp, sizeof(fstring), stdin); - - if (temp[strlen(temp) - 1] == '\n') /* A new line? */ - { - temp[strlen(temp) - 1] = '\0'; - } - - if (temp[0] != '\0') - { - strncpy(pUsername, temp, maxLenUsername - 1); - strncpy(authUsername, pUsername, maxLenUsername - 1); - } - - pass = getpass("Password: "); - if (pass) - fstrcpy(temp, pass); - if (temp[strlen(temp) - 1] == '\n') /* A new line? */ - { - temp[strlen(temp) - 1] = '\0'; - } - if (temp[0] != '\0') - { - strncpy(pPassword, temp, maxLenPassword - 1); - strncpy(authPassword, pPassword, maxLenPassword - 1); - } - authSet = 1; - } + char temp[sizeof( fstring )]; + + static char authUsername[sizeof( fstring )]; + static char authWorkgroup[sizeof( fstring )]; + static char authPassword[sizeof( fstring )]; + static char authSet = 0; + + char *pass = NULL; + + + if ( authSet ) { + strncpy( pWorkgroup, authWorkgroup, maxLenWorkgroup - 1 ); + strncpy( pUsername, authUsername, maxLenUsername - 1 ); + strncpy( pPassword, authPassword, maxLenPassword - 1 ); + } else { + d_printf( "Domain: [%s] ", pWorkgroup ); + fgets( temp, sizeof( fstring ), stdin ); + + if ( temp[strlen( temp ) - 1] == '\n' ) { /* A new line? */ + temp[strlen( temp ) - 1] = '\0'; + } + + + if ( temp[0] != '\0' ) { + strncpy( pWorkgroup, temp, maxLenWorkgroup - 1 ); + strncpy( authWorkgroup, temp, maxLenWorkgroup - 1 ); + } + + d_printf( "Username: [%s] ", pUsername ); + fgets( temp, sizeof( fstring ), stdin ); + + if ( temp[strlen( temp ) - 1] == '\n' ) { /* A new line? */ + temp[strlen( temp ) - 1] = '\0'; + } + + if ( temp[0] != '\0' ) { + strncpy( pUsername, temp, maxLenUsername - 1 ); + strncpy( authUsername, pUsername, + maxLenUsername - 1 ); + } + + pass = getpass( "Password: " ); + if ( pass ) + fstrcpy( temp, pass ); + if ( temp[strlen( temp ) - 1] == '\n' ) { /* A new line? */ + temp[strlen( temp ) - 1] = '\0'; + } + if ( temp[0] != '\0' ) { + strncpy( pPassword, temp, maxLenPassword - 1 ); + strncpy( authPassword, pPassword, + maxLenPassword - 1 ); + } + authSet = 1; + } } - diff --git a/source3/libmsrpc/libmsrpc_internal.c b/source3/libmsrpc/libmsrpc_internal.c index db884d3bf0..59a39efec9 100644 --- a/source3/libmsrpc/libmsrpc_internal.c +++ b/source3/libmsrpc/libmsrpc_internal.c @@ -1,3 +1,4 @@ + /* * Unix SMB/CIFS implementation. * MS-RPC client internal functions @@ -23,29 +24,29 @@ #include "libmsrpc_internal.h" /*used to get a struct rpc_pipe_client* to be passed into rpccli* calls*/ -struct rpc_pipe_client *cac_GetPipe(CacServerHandle *hnd, int pi_idx) +struct rpc_pipe_client *cac_GetPipe( CacServerHandle * hnd, int pi_idx ) { SMBCSRV *srv = NULL; struct rpc_pipe_client *pipe_hnd = NULL; - if(!hnd) { + if ( !hnd ) { return NULL; } - if(hnd->_internal.pipes[pi_idx] == False) { + if ( hnd->_internal.pipes[pi_idx] == False ) { hnd->status = NT_STATUS_INVALID_HANDLE; return NULL; } - srv = cac_GetServer(hnd); - if(!srv) { + srv = cac_GetServer( hnd ); + if ( !srv ) { hnd->status = NT_STATUS_INVALID_CONNECTION; return NULL; } pipe_hnd = srv->cli->pipe_list; - while(pipe_hnd != NULL && pipe_hnd->pipe_idx != pi_idx) { + while ( pipe_hnd != NULL && pipe_hnd->pipe_idx != pi_idx ) { pipe_hnd = pipe_hnd->next; } @@ -53,664 +54,708 @@ struct rpc_pipe_client *cac_GetPipe(CacServerHandle *hnd, int pi_idx) } /*takes a string like HKEY_LOCAL_MACHINE\HARDWARE\ACPI and returns the reg_type code and then a pointer to the start of the path (HARDWARE)*/ -int cac_ParseRegPath(char *path, uint32 *reg_type, char **key_name) { - - if(!path) - return CAC_FAILURE; - - if(strncmp(path, "HKLM", 4) == 0) { - *reg_type = HKEY_LOCAL_MACHINE; - *key_name = (path[4] == '\\') ? path + 5 : NULL; - } - else if(strncmp(path, "HKEY_LOCAL_MACHINE", 18) == 0) { - *reg_type = HKEY_LOCAL_MACHINE; - *key_name = (path[18] == '\\') ? path + 19 : NULL; - } - else if(strncmp(path, "HKCR", 4) == 0) { - *reg_type = HKEY_CLASSES_ROOT; - *key_name = (path[4] == '\\') ? path + 5 : NULL; - } - else if(strncmp(path, "HKEY_CLASSES_ROOT", 17) == 0) { - *reg_type = HKEY_CLASSES_ROOT; - *key_name = (path[17] == '\\') ? path + 18 : NULL; - } - else if(strncmp(path, "HKU", 3) == 0) { - *reg_type = HKEY_USERS; - *key_name = (path[3] == '\\') ? path + 4 : NULL; - } - else if(strncmp(path, "HKEY_USERS", 10) == 0) { - *reg_type = HKEY_USERS; - *key_name = (path[10] == '\\') ? path + 11 : NULL; - } - else if(strncmp(path, "HKPD", 4) == 0) { - *reg_type = HKEY_PERFORMANCE_DATA; - *key_name = (path[4] == '\\') ? path + 5 : NULL; - } - else if(strncmp(path, "HKEY_PERFORMANCE_DATA", 21) == 0) { - *reg_type = HKEY_PERFORMANCE_DATA; - *key_name = (path[21] == '\\') ? path + 22 : NULL; - } - else { - return CAC_FAILURE; - } - - return CAC_SUCCESS; +int cac_ParseRegPath( char *path, uint32 * reg_type, char **key_name ) +{ + + if ( !path ) + return CAC_FAILURE; + + if ( strncmp( path, "HKLM", 4 ) == 0 ) { + *reg_type = HKEY_LOCAL_MACHINE; + *key_name = ( path[4] == '\\' ) ? path + 5 : NULL; + } else if ( strncmp( path, "HKEY_LOCAL_MACHINE", 18 ) == 0 ) { + *reg_type = HKEY_LOCAL_MACHINE; + *key_name = ( path[18] == '\\' ) ? path + 19 : NULL; + } else if ( strncmp( path, "HKCR", 4 ) == 0 ) { + *reg_type = HKEY_CLASSES_ROOT; + *key_name = ( path[4] == '\\' ) ? path + 5 : NULL; + } else if ( strncmp( path, "HKEY_CLASSES_ROOT", 17 ) == 0 ) { + *reg_type = HKEY_CLASSES_ROOT; + *key_name = ( path[17] == '\\' ) ? path + 18 : NULL; + } else if ( strncmp( path, "HKU", 3 ) == 0 ) { + *reg_type = HKEY_USERS; + *key_name = ( path[3] == '\\' ) ? path + 4 : NULL; + } else if ( strncmp( path, "HKEY_USERS", 10 ) == 0 ) { + *reg_type = HKEY_USERS; + *key_name = ( path[10] == '\\' ) ? path + 11 : NULL; + } else if ( strncmp( path, "HKPD", 4 ) == 0 ) { + *reg_type = HKEY_PERFORMANCE_DATA; + *key_name = ( path[4] == '\\' ) ? path + 5 : NULL; + } else if ( strncmp( path, "HKEY_PERFORMANCE_DATA", 21 ) == 0 ) { + *reg_type = HKEY_PERFORMANCE_DATA; + *key_name = ( path[21] == '\\' ) ? path + 22 : NULL; + } else { + return CAC_FAILURE; + } + + return CAC_SUCCESS; } -RPC_DATA_BLOB *cac_MakeRpcDataBlob(TALLOC_CTX *mem_ctx, uint32 data_type, REG_VALUE_DATA data) { - RPC_DATA_BLOB *blob = NULL; - int i; - uint32 size = 0; - uint8 *multi = NULL; - uint32 multi_idx = 0; - - blob = talloc(mem_ctx, RPC_DATA_BLOB); - - if(!blob) { - errno = ENOMEM; - return NULL; - } - - switch(data_type) { - case REG_SZ: - init_rpc_blob_str(blob, data.reg_sz, strlen(data.reg_sz ) + 1); - break; - - case REG_EXPAND_SZ: - init_rpc_blob_str(blob, data.reg_expand_sz, strlen(data.reg_sz) + 1); - break; - - case REG_BINARY: - init_rpc_blob_bytes(blob, data.reg_binary.data, data.reg_binary.data_length); - break; - - case REG_DWORD: - init_rpc_blob_uint32(blob, data.reg_dword); - break; - - case REG_DWORD_BE: - init_rpc_blob_uint32(blob, data.reg_dword_be); - break; - - case REG_MULTI_SZ: - /*need to find the size*/ - for(i = 0; i < data.reg_multi_sz.num_strings; i++) { - size += strlen(data.reg_multi_sz.strings[i]) + 1; - } - - /**need a whole bunch of unicode strings in a row (seperated by null characters), with an extra null-character on the end*/ - - multi = TALLOC_ZERO_ARRAY(mem_ctx, uint8, (size + 1)*2); /*size +1 for the extra null character*/ - if(!multi) { - errno = ENOMEM; - break; - } - - /*do it using rpcstr_push()*/ - multi_idx = 0; - for(i = 0; i < data.reg_multi_sz.num_strings; i++) { - size_t len = strlen(data.reg_multi_sz.strings[i]) + 1; - - rpcstr_push((multi + multi_idx), data.reg_multi_sz.strings[i], len * 2, STR_TERMINATE); - - /* x2 becuase it is a uint8 buffer*/ - multi_idx += len * 2; - } - - /*now initialize the buffer as binary data*/ - init_rpc_blob_bytes(blob, multi, (size + 1)*2); - - break; - - default: - TALLOC_FREE(blob); - blob = NULL; - return NULL; - } - - if(!(blob->buffer)) { - TALLOC_FREE(blob); - return NULL; - } - - return blob; +RPC_DATA_BLOB *cac_MakeRpcDataBlob( TALLOC_CTX * mem_ctx, uint32 data_type, + REG_VALUE_DATA data ) +{ + RPC_DATA_BLOB *blob = NULL; + int i; + uint32 size = 0; + uint8 *multi = NULL; + uint32 multi_idx = 0; + + blob = talloc( mem_ctx, RPC_DATA_BLOB ); + + if ( !blob ) { + errno = ENOMEM; + return NULL; + } + + switch ( data_type ) { + case REG_SZ: + init_rpc_blob_str( blob, data.reg_sz, + strlen( data.reg_sz ) + 1 ); + break; + + case REG_EXPAND_SZ: + init_rpc_blob_str( blob, data.reg_expand_sz, + strlen( data.reg_sz ) + 1 ); + break; + + case REG_BINARY: + init_rpc_blob_bytes( blob, data.reg_binary.data, + data.reg_binary.data_length ); + break; + + case REG_DWORD: + init_rpc_blob_uint32( blob, data.reg_dword ); + break; + + case REG_DWORD_BE: + init_rpc_blob_uint32( blob, data.reg_dword_be ); + break; + + case REG_MULTI_SZ: + /*need to find the size */ + for ( i = 0; i < data.reg_multi_sz.num_strings; i++ ) { + size += strlen( data.reg_multi_sz.strings[i] ) + 1; + } + + /**need a whole bunch of unicode strings in a row (seperated by null characters), with an extra null-character on the end*/ + + multi = TALLOC_ZERO_ARRAY( mem_ctx, uint8, ( size + 1 ) * 2 ); /*size +1 for the extra null character */ + if ( !multi ) { + errno = ENOMEM; + break; + } + + /*do it using rpcstr_push() */ + multi_idx = 0; + for ( i = 0; i < data.reg_multi_sz.num_strings; i++ ) { + size_t len = + strlen( data.reg_multi_sz.strings[i] ) + 1; + + rpcstr_push( ( multi + multi_idx ), + data.reg_multi_sz.strings[i], len * 2, + STR_TERMINATE ); + + /* x2 becuase it is a uint8 buffer */ + multi_idx += len * 2; + } + + /*now initialize the buffer as binary data */ + init_rpc_blob_bytes( blob, multi, ( size + 1 ) * 2 ); + + break; + + default: + TALLOC_FREE( blob ); + blob = NULL; + return NULL; + } + + if ( !( blob->buffer ) ) { + TALLOC_FREE( blob ); + return NULL; + } + + return blob; } /*turns a string in a uint16 array to a char array*/ -char *cac_unistr_to_str(TALLOC_CTX *mem_ctx, uint16 *src, int num_bytes) { - char *buf; - - int i = 0; +char *cac_unistr_to_str( TALLOC_CTX * mem_ctx, uint16 * src, int num_bytes ) +{ + char *buf; - uint32 str_len = 0; - - /*don't allocate more space than we need*/ - while( (str_len) < num_bytes/2 && src[str_len] != 0x0000) - str_len++; + int i = 0; - /*need room for a '\0'*/ - str_len++; + uint32 str_len = 0; - buf = talloc_array(mem_ctx, char, str_len); - if(!buf) { - return NULL; - } + /*don't allocate more space than we need */ + while ( ( str_len ) < num_bytes / 2 && src[str_len] != 0x0000 ) + str_len++; - for(i = 0; i < num_bytes/2; i++) { - buf[i] = ((char *)src)[2*i]; - } + /*need room for a '\0' */ + str_len++; - buf[str_len - 1] = '\0'; + buf = talloc_array( mem_ctx, char, str_len ); - return buf; -} + if ( !buf ) { + return NULL; + } -REG_VALUE_DATA *cac_MakeRegValueData(TALLOC_CTX *mem_ctx, uint32 data_type, REGVAL_BUFFER buf) { - REG_VALUE_DATA *data; - - uint32 i; - - /*all of the following used for MULTI_SZ data*/ - uint32 size = 0; - uint32 len = 0; - uint32 multi_idx = 0; - uint32 num_strings= 0; - char **strings = NULL; - - data = talloc(mem_ctx, REG_VALUE_DATA); - if(!data) { - errno = ENOMEM; - return NULL; - } - - switch (data_type) { - case REG_SZ: - data->reg_sz = cac_unistr_to_str(mem_ctx, buf.buffer, buf.buf_len); - if(!data->reg_sz) { - TALLOC_FREE(data); - errno = ENOMEM; - data = NULL; - } - - break; - - case REG_EXPAND_SZ: - data->reg_expand_sz = cac_unistr_to_str(mem_ctx, buf.buffer, buf.buf_len); - - if(!data->reg_expand_sz) { - TALLOC_FREE(data); - errno = ENOMEM; - data = NULL; - } - - break; - - case REG_BINARY: - size = buf.buf_len; - - data->reg_binary.data_length = size; - - data->reg_binary.data = (uint8 *)talloc_memdup(mem_ctx, buf.buffer, - size); - if(!data->reg_binary.data) { - TALLOC_FREE(data); - errno = ENOMEM; - data = NULL; - } - break; - - case REG_DWORD: - data->reg_dword = *((uint32 *)buf.buffer); - break; - - case REG_DWORD_BE: - data->reg_dword_be = *((uint32 *)buf.buffer); - break; - - case REG_MULTI_SZ: - size = buf.buf_len; - - /*find out how many strings there are. size is # of bytes and we want to work uint16*/ - for(i = 0; i < (size/2 - 1); i++) { - if(buf.buffer[i] == 0x0000) - num_strings++; - - /*buffer is suppsed to be terminated with \0\0, but it might not be*/ - if(buf.buffer[i] == 0x0000 && buf.buffer[i + 1] == 0x0000) - break; - } - - strings = talloc_array(mem_ctx, char *, num_strings); - if(!strings) { - errno = ENOMEM; - TALLOC_FREE(data); - break; - } - - if(num_strings == 0) /*then our work here is done*/ - break; - - for(i = 0; i < num_strings; i++) { - /*find out how many characters are in this string*/ - len = 0; - /*make sure we don't go past the end of the buffer and keep looping until we have a uni \0*/ - while( multi_idx + len < size/2 && buf.buffer[multi_idx + len] != 0x0000) - len++; - - /*stay aware of the \0\0*/ - len++; - - strings[i] = TALLOC_ZERO_ARRAY(mem_ctx, char, len); - - /*pull out the unicode string*/ - rpcstr_pull(strings[i], (buf.buffer + multi_idx) , len, -1, STR_TERMINATE); - - /*keep track of where we are in the bigger array*/ - multi_idx += len; - } - - data->reg_multi_sz.num_strings = num_strings; - data->reg_multi_sz.strings = strings; - - break; - - default: - TALLOC_FREE(data); - data = NULL; - } - - return data; + for ( i = 0; i < num_bytes / 2; i++ ) { + buf[i] = ( ( char * ) src )[2 * i]; + } + + buf[str_len - 1] = '\0'; + + return buf; } -SAM_USERINFO_CTR *cac_MakeUserInfoCtr(TALLOC_CTX *mem_ctx, CacUserInfo *info) { - SAM_USERINFO_CTR *ctr = NULL; - - /*the flags we are 'setting'- include/passdb.h*/ - uint32 flags = ACCT_USERNAME | ACCT_FULL_NAME | ACCT_PRIMARY_GID | ACCT_DESCRIPTION | ACCT_COMMENT | - ACCT_HOME_DIR | ACCT_HOME_DRIVE | ACCT_LOGON_SCRIPT | ACCT_PROFILE | ACCT_WORKSTATIONS | - ACCT_FLAGS; - - NTTIME logon_time; - NTTIME logoff_time; - NTTIME kickoff_time; - NTTIME pass_last_set_time; - NTTIME pass_can_change_time; - NTTIME pass_must_change_time; - - UNISTR2 user_name; - UNISTR2 full_name; - UNISTR2 home_dir; - UNISTR2 dir_drive; - UNISTR2 log_scr; - UNISTR2 prof_path; - UNISTR2 desc; - UNISTR2 wkstas; - UNISTR2 mung_dial; - UNISTR2 unk; - - ctr = talloc(mem_ctx, SAM_USERINFO_CTR); - if(!ctr) - return NULL; - - ZERO_STRUCTP(ctr->info.id23); - - ctr->info.id21 = talloc(mem_ctx, SAM_USER_INFO_21); - if(!ctr->info.id21) - return NULL; - - ctr->switch_value = 21; - - ZERO_STRUCTP(ctr->info.id21); - - unix_to_nt_time(&logon_time, info->logon_time); - unix_to_nt_time(&logoff_time, info->logoff_time); - unix_to_nt_time(&kickoff_time, info->kickoff_time); - unix_to_nt_time(&pass_last_set_time, info->pass_last_set_time); - unix_to_nt_time(&pass_can_change_time, info->pass_can_change_time); - unix_to_nt_time(&pass_must_change_time, info->pass_must_change_time); - - /*initialize the strings*/ - init_unistr2(&user_name, info->username, UNI_STR_TERMINATE); - init_unistr2(&full_name, info->full_name, UNI_STR_TERMINATE); - init_unistr2(&home_dir, info->home_dir, UNI_STR_TERMINATE); - init_unistr2(&dir_drive, info->home_drive, UNI_STR_TERMINATE); - init_unistr2(&log_scr, info->logon_script, UNI_STR_TERMINATE); - init_unistr2(&prof_path, info->profile_path, UNI_STR_TERMINATE); - init_unistr2(&desc, info->description, UNI_STR_TERMINATE); - init_unistr2(&wkstas, info->workstations, UNI_STR_TERMINATE); - init_unistr2(&unk, "\0", UNI_STR_TERMINATE); - init_unistr2(&mung_dial, info->dial, UNI_STR_TERMINATE); - - /*manually set passmustchange*/ - ctr->info.id21->passmustchange = (info->pass_must_change) ? 0x01 : 0x00; - - init_sam_user_info21W(ctr->info.id21, - &logon_time, - &logoff_time, - &kickoff_time, - &pass_last_set_time, - &pass_can_change_time, - &pass_must_change_time, - &user_name, - &full_name, - &home_dir, - &dir_drive, - &log_scr, - &prof_path, - &desc, - &wkstas, - &unk, - &mung_dial, - info->lm_password, - info->nt_password, - info->rid, - info->group_rid, - info->acb_mask, - flags, - 168, /*logon divs*/ - info->logon_hours, - info->bad_passwd_count, - info->logon_count); - - return ctr; - +REG_VALUE_DATA *cac_MakeRegValueData( TALLOC_CTX * mem_ctx, uint32 data_type, + REGVAL_BUFFER buf ) +{ + REG_VALUE_DATA *data; + + uint32 i; + + /*all of the following used for MULTI_SZ data */ + uint32 size = 0; + uint32 len = 0; + uint32 multi_idx = 0; + uint32 num_strings = 0; + char **strings = NULL; + + data = talloc( mem_ctx, REG_VALUE_DATA ); + if ( !data ) { + errno = ENOMEM; + return NULL; + } + + switch ( data_type ) { + case REG_SZ: + data->reg_sz = + cac_unistr_to_str( mem_ctx, buf.buffer, buf.buf_len ); + if ( !data->reg_sz ) { + TALLOC_FREE( data ); + errno = ENOMEM; + data = NULL; + } + + break; + + case REG_EXPAND_SZ: + data->reg_expand_sz = + cac_unistr_to_str( mem_ctx, buf.buffer, buf.buf_len ); + + if ( !data->reg_expand_sz ) { + TALLOC_FREE( data ); + errno = ENOMEM; + data = NULL; + } + + break; + + case REG_BINARY: + size = buf.buf_len; + + data->reg_binary.data_length = size; + + data->reg_binary.data = + ( uint8 * ) talloc_memdup( mem_ctx, buf.buffer, + size ); + if ( !data->reg_binary.data ) { + TALLOC_FREE( data ); + errno = ENOMEM; + data = NULL; + } + break; + + case REG_DWORD: + data->reg_dword = *( ( uint32 * ) buf.buffer ); + break; + + case REG_DWORD_BE: + data->reg_dword_be = *( ( uint32 * ) buf.buffer ); + break; + + case REG_MULTI_SZ: + size = buf.buf_len; + + /*find out how many strings there are. size is # of bytes and we want to work uint16 */ + for ( i = 0; i < ( size / 2 - 1 ); i++ ) { + if ( buf.buffer[i] == 0x0000 ) + num_strings++; + + /*buffer is suppsed to be terminated with \0\0, but it might not be */ + if ( buf.buffer[i] == 0x0000 + && buf.buffer[i + 1] == 0x0000 ) + break; + } + + strings = talloc_array( mem_ctx, char *, num_strings ); + + if ( !strings ) { + errno = ENOMEM; + TALLOC_FREE( data ); + break; + } + + if ( num_strings == 0 ) /*then our work here is done */ + break; + + for ( i = 0; i < num_strings; i++ ) { + /*find out how many characters are in this string */ + len = 0; + /*make sure we don't go past the end of the buffer and keep looping until we have a uni \0 */ + while ( multi_idx + len < size / 2 + && buf.buffer[multi_idx + len] != 0x0000 ) + len++; + + /*stay aware of the \0\0 */ + len++; + + strings[i] = TALLOC_ZERO_ARRAY( mem_ctx, char, len ); + + /*pull out the unicode string */ + rpcstr_pull( strings[i], ( buf.buffer + multi_idx ), + len, -1, STR_TERMINATE ); + + /*keep track of where we are in the bigger array */ + multi_idx += len; + } + + data->reg_multi_sz.num_strings = num_strings; + data->reg_multi_sz.strings = strings; + + break; + + default: + TALLOC_FREE( data ); + data = NULL; + } + + return data; } -char *talloc_unistr2_to_ascii(TALLOC_CTX *mem_ctx, UNISTR2 str) { - char *buf = NULL; +SAM_USERINFO_CTR *cac_MakeUserInfoCtr( TALLOC_CTX * mem_ctx, + CacUserInfo * info ) +{ + SAM_USERINFO_CTR *ctr = NULL; + + /*the flags we are 'setting'- include/passdb.h */ + uint32 flags = + ACCT_USERNAME | ACCT_FULL_NAME | ACCT_PRIMARY_GID | + ACCT_DESCRIPTION | ACCT_COMMENT | ACCT_HOME_DIR | + ACCT_HOME_DRIVE | ACCT_LOGON_SCRIPT | ACCT_PROFILE | + ACCT_WORKSTATIONS | ACCT_FLAGS; + + NTTIME logon_time; + NTTIME logoff_time; + NTTIME kickoff_time; + NTTIME pass_last_set_time; + NTTIME pass_can_change_time; + NTTIME pass_must_change_time; + + UNISTR2 user_name; + UNISTR2 full_name; + UNISTR2 home_dir; + UNISTR2 dir_drive; + UNISTR2 log_scr; + UNISTR2 prof_path; + UNISTR2 desc; + UNISTR2 wkstas; + UNISTR2 mung_dial; + UNISTR2 unk; + + ctr = talloc( mem_ctx, SAM_USERINFO_CTR ); + if ( !ctr ) + return NULL; + + ZERO_STRUCTP( ctr->info.id23 ); + + ctr->info.id21 = talloc( mem_ctx, SAM_USER_INFO_21 ); + if ( !ctr->info.id21 ) + return NULL; + + ctr->switch_value = 21; + + ZERO_STRUCTP( ctr->info.id21 ); + + unix_to_nt_time( &logon_time, info->logon_time ); + unix_to_nt_time( &logoff_time, info->logoff_time ); + unix_to_nt_time( &kickoff_time, info->kickoff_time ); + unix_to_nt_time( &pass_last_set_time, info->pass_last_set_time ); + unix_to_nt_time( &pass_can_change_time, info->pass_can_change_time ); + unix_to_nt_time( &pass_must_change_time, + info->pass_must_change_time ); + + /*initialize the strings */ + init_unistr2( &user_name, info->username, UNI_STR_TERMINATE ); + init_unistr2( &full_name, info->full_name, UNI_STR_TERMINATE ); + init_unistr2( &home_dir, info->home_dir, UNI_STR_TERMINATE ); + init_unistr2( &dir_drive, info->home_drive, UNI_STR_TERMINATE ); + init_unistr2( &log_scr, info->logon_script, UNI_STR_TERMINATE ); + init_unistr2( &prof_path, info->profile_path, UNI_STR_TERMINATE ); + init_unistr2( &desc, info->description, UNI_STR_TERMINATE ); + init_unistr2( &wkstas, info->workstations, UNI_STR_TERMINATE ); + init_unistr2( &unk, "\0", UNI_STR_TERMINATE ); + init_unistr2( &mung_dial, info->dial, UNI_STR_TERMINATE ); - if(!mem_ctx) - return NULL; + /*manually set passmustchange */ + ctr->info.id21->passmustchange = + ( info->pass_must_change ) ? 0x01 : 0x00; - buf = talloc_array(mem_ctx, char, (str.uni_str_len + 1)); - if(!buf) - return NULL; + init_sam_user_info21W( ctr->info.id21, &logon_time, &logoff_time, &kickoff_time, &pass_last_set_time, &pass_can_change_time, &pass_must_change_time, &user_name, &full_name, &home_dir, &dir_drive, &log_scr, &prof_path, &desc, &wkstas, &unk, &mung_dial, info->lm_password, info->nt_password, info->rid, info->group_rid, info->acb_mask, flags, 168, /*logon divs */ + info->logon_hours, + info->bad_passwd_count, info->logon_count ); - unistr2_to_ascii(buf, &str, str.uni_str_len + 1); + return ctr; - return buf; } -CacUserInfo *cac_MakeUserInfo(TALLOC_CTX *mem_ctx, SAM_USERINFO_CTR *ctr) { - CacUserInfo *info = NULL; - SAM_USER_INFO_21 *id21 = NULL; - - if(!ctr || ctr->switch_value != 21) - return NULL; - - info = talloc(mem_ctx, CacUserInfo); - if(!info) - return NULL; - - id21 = ctr->info.id21; - - ZERO_STRUCTP(info); - - info->logon_time = nt_time_to_unix(id21->logon_time); - info->logoff_time = nt_time_to_unix(id21->logoff_time); - info->kickoff_time = nt_time_to_unix(id21->kickoff_time); - info->pass_last_set_time = nt_time_to_unix(id21->pass_last_set_time); - info->pass_can_change_time = nt_time_to_unix(id21->pass_can_change_time); - info->pass_must_change_time = nt_time_to_unix(id21->pass_must_change_time); - - info->username = talloc_unistr2_to_ascii(mem_ctx, id21->uni_user_name); - if(!info->username) - return NULL; - - info->full_name = talloc_unistr2_to_ascii(mem_ctx, id21->uni_full_name); - if(!info->full_name) - return NULL; - - info->home_dir = talloc_unistr2_to_ascii(mem_ctx, id21->uni_home_dir); - if(!info->home_dir) - return NULL; - - info->home_drive = talloc_unistr2_to_ascii(mem_ctx, id21->uni_dir_drive); - if(!info->home_drive) - return NULL; - - info->logon_script = talloc_unistr2_to_ascii(mem_ctx, id21->uni_logon_script); - if(!info->logon_script) - return NULL; - - info->profile_path = talloc_unistr2_to_ascii(mem_ctx, id21->uni_profile_path); - if(!info->profile_path) - return NULL; - - info->description = talloc_unistr2_to_ascii(mem_ctx, id21->uni_acct_desc); - if(!info->description) - return NULL; - - info->workstations = talloc_unistr2_to_ascii(mem_ctx, id21->uni_workstations); - if(!info->workstations) - return NULL; - - info->dial = talloc_unistr2_to_ascii(mem_ctx, id21->uni_munged_dial); - if(!info->dial) - return NULL; - - info->rid = id21->user_rid; - info->group_rid = id21->group_rid; - info->acb_mask = id21->acb_info; - info->bad_passwd_count = id21->bad_password_count; - info->logon_count = id21->logon_count; - - memcpy(info->nt_password, id21->nt_pwd, 8); - memcpy(info->lm_password, id21->lm_pwd, 8); - - info->logon_hours = (LOGON_HRS *)talloc_memdup(mem_ctx, &(id21->logon_hrs), - sizeof(LOGON_HRS)); - if(!info->logon_hours) - return NULL; - - info->pass_must_change = (id21->passmustchange) ? True : False; - - return info; +char *talloc_unistr2_to_ascii( TALLOC_CTX * mem_ctx, UNISTR2 str ) +{ + char *buf = NULL; + + if ( !mem_ctx ) + return NULL; + + buf = talloc_array( mem_ctx, char, ( str.uni_str_len + 1 ) ); + if ( !buf ) + return NULL; + + unistr2_to_ascii( buf, &str, str.uni_str_len + 1 ); + + return buf; } -CacGroupInfo *cac_MakeGroupInfo(TALLOC_CTX *mem_ctx, GROUP_INFO_CTR *ctr) { - CacGroupInfo *info = NULL; +CacUserInfo *cac_MakeUserInfo( TALLOC_CTX * mem_ctx, SAM_USERINFO_CTR * ctr ) +{ + CacUserInfo *info = NULL; + SAM_USER_INFO_21 *id21 = NULL; + + if ( !ctr || ctr->switch_value != 21 ) + return NULL; - if(!mem_ctx || !ctr || ctr->switch_value1 != 1) - return NULL; + info = talloc( mem_ctx, CacUserInfo ); + if ( !info ) + return NULL; - info = talloc(mem_ctx, CacGroupInfo); - if(!info) - return NULL; + id21 = ctr->info.id21; - info->name = talloc_unistr2_to_ascii(mem_ctx, ctr->group.info1.uni_acct_name); - if(!info->name) - return NULL; + ZERO_STRUCTP( info ); - info->description = talloc_unistr2_to_ascii(mem_ctx, ctr->group.info1.uni_acct_desc); - if(!info->description) - return NULL; + info->logon_time = nt_time_to_unix( id21->logon_time ); + info->logoff_time = nt_time_to_unix( id21->logoff_time ); + info->kickoff_time = nt_time_to_unix( id21->kickoff_time ); + info->pass_last_set_time = + nt_time_to_unix( id21->pass_last_set_time ); + info->pass_can_change_time = + nt_time_to_unix( id21->pass_can_change_time ); + info->pass_must_change_time = + nt_time_to_unix( id21->pass_must_change_time ); - info->num_members = ctr->group.info1.num_members; + info->username = + talloc_unistr2_to_ascii( mem_ctx, id21->uni_user_name ); + if ( !info->username ) + return NULL; - return info; -} + info->full_name = + talloc_unistr2_to_ascii( mem_ctx, id21->uni_full_name ); + if ( !info->full_name ) + return NULL; + + info->home_dir = + talloc_unistr2_to_ascii( mem_ctx, id21->uni_home_dir ); + if ( !info->home_dir ) + return NULL; + + info->home_drive = + talloc_unistr2_to_ascii( mem_ctx, id21->uni_dir_drive ); + if ( !info->home_drive ) + return NULL; + + info->logon_script = + talloc_unistr2_to_ascii( mem_ctx, id21->uni_logon_script ); + if ( !info->logon_script ) + return NULL; -GROUP_INFO_CTR *cac_MakeGroupInfoCtr(TALLOC_CTX *mem_ctx, CacGroupInfo *info) { - GROUP_INFO_CTR *ctr = NULL; + info->profile_path = + talloc_unistr2_to_ascii( mem_ctx, id21->uni_profile_path ); + if ( !info->profile_path ) + return NULL; + + info->description = + talloc_unistr2_to_ascii( mem_ctx, id21->uni_acct_desc ); + if ( !info->description ) + return NULL; + + info->workstations = + talloc_unistr2_to_ascii( mem_ctx, id21->uni_workstations ); + if ( !info->workstations ) + return NULL; + + info->dial = + talloc_unistr2_to_ascii( mem_ctx, id21->uni_munged_dial ); + if ( !info->dial ) + return NULL; - if(!mem_ctx || !info) - return NULL; + info->rid = id21->user_rid; + info->group_rid = id21->group_rid; + info->acb_mask = id21->acb_info; + info->bad_passwd_count = id21->bad_password_count; + info->logon_count = id21->logon_count; - ctr = talloc(mem_ctx, GROUP_INFO_CTR); - if(!ctr) - return NULL; + memcpy( info->nt_password, id21->nt_pwd, 8 ); + memcpy( info->lm_password, id21->lm_pwd, 8 ); - ctr->switch_value1 = 1; + info->logon_hours = + ( LOGON_HRS * ) talloc_memdup( mem_ctx, &( id21->logon_hrs ), + sizeof( LOGON_HRS ) ); + if ( !info->logon_hours ) + return NULL; - init_samr_group_info1(&(ctr->group.info1), info->name, info->description, info->num_members); + info->pass_must_change = ( id21->passmustchange ) ? True : False; - return ctr; + return info; } -CacAliasInfo *cac_MakeAliasInfo(TALLOC_CTX *mem_ctx, ALIAS_INFO_CTR ctr) { - CacGroupInfo *info = NULL; +CacGroupInfo *cac_MakeGroupInfo( TALLOC_CTX * mem_ctx, GROUP_INFO_CTR * ctr ) +{ + CacGroupInfo *info = NULL; - if(!mem_ctx || ctr.level != 1) - return NULL; + if ( !mem_ctx || !ctr || ctr->switch_value1 != 1 ) + return NULL; - info = talloc(mem_ctx, CacAliasInfo); - if(!info) - return NULL; + info = talloc( mem_ctx, CacGroupInfo ); + if ( !info ) + return NULL; - info->name = talloc_unistr2_to_ascii(mem_ctx, *(ctr.alias.info1.name.string)); - if(!info->name) - return NULL; + info->name = + talloc_unistr2_to_ascii( mem_ctx, + ctr->group.info1.uni_acct_name ); + if ( !info->name ) + return NULL; - info->description = talloc_unistr2_to_ascii(mem_ctx, *(ctr.alias.info1.description.string)); - if(!info->name) - return NULL; + info->description = + talloc_unistr2_to_ascii( mem_ctx, + ctr->group.info1.uni_acct_desc ); + if ( !info->description ) + return NULL; - info->num_members = ctr.alias.info1.num_member; + info->num_members = ctr->group.info1.num_members; - return info; + return info; } -ALIAS_INFO_CTR *cac_MakeAliasInfoCtr(TALLOC_CTX *mem_ctx, CacAliasInfo *info) { - ALIAS_INFO_CTR *ctr = NULL; +GROUP_INFO_CTR *cac_MakeGroupInfoCtr( TALLOC_CTX * mem_ctx, + CacGroupInfo * info ) +{ + GROUP_INFO_CTR *ctr = NULL; - if(!mem_ctx || !info) - return NULL; + if ( !mem_ctx || !info ) + return NULL; - ctr = talloc(mem_ctx, ALIAS_INFO_CTR); - if(!ctr) - return NULL; + ctr = talloc( mem_ctx, GROUP_INFO_CTR ); + if ( !ctr ) + return NULL; - ctr->level = 1; + ctr->switch_value1 = 1; - init_samr_alias_info1(&(ctr->alias.info1), info->name, info->num_members, info->description); + init_samr_group_info1( &( ctr->group.info1 ), info->name, + info->description, info->num_members ); - return ctr; + return ctr; } -CacDomainInfo *cac_MakeDomainInfo(TALLOC_CTX *mem_ctx, SAM_UNK_INFO_1 *info1, SAM_UNK_INFO_2 *info2, SAM_UNK_INFO_12 *info12) { - CacDomainInfo *info = NULL; +CacAliasInfo *cac_MakeAliasInfo( TALLOC_CTX * mem_ctx, ALIAS_INFO_CTR ctr ) +{ + CacGroupInfo *info = NULL; - if(!mem_ctx || !info1 || !info2 || !info12) - return NULL; + if ( !mem_ctx || ctr.level != 1 ) + return NULL; - info = talloc(mem_ctx, CacDomainInfo); - if(!info) - return NULL; + info = talloc( mem_ctx, CacAliasInfo ); + if ( !info ) + return NULL; - info->min_pass_length = info1->min_length_password; - info->pass_history = info1->password_history; + info->name = + talloc_unistr2_to_ascii( mem_ctx, + *( ctr.alias.info1.name.string ) ); + if ( !info->name ) + return NULL; - cac_InitCacTime(&(info->expire), info1->expire); - cac_InitCacTime(&(info->min_pass_age), info1->min_passwordage); + info->description = + talloc_unistr2_to_ascii( mem_ctx, + *( ctr.alias.info1.description. + string ) ); + if ( !info->name ) + return NULL; - info->server_role = info2->server_role; - info->num_users = info2->num_domain_usrs; - info->num_domain_groups = info2->num_domain_grps; - info->num_local_groups = info2->num_local_grps; + info->num_members = ctr.alias.info1.num_member; - /*if these have been ZERO'd out we need to know. uni_str_len will be 0*/ - if(info2->uni_comment.uni_str_len == 0) { - info->comment = talloc_strdup(mem_ctx, "\0"); - } - else { - info->comment = talloc_unistr2_to_ascii(mem_ctx, info2->uni_comment); - } + return info; +} - if(info2->uni_domain.uni_str_len == 0) { - info->domain_name = talloc_strdup(mem_ctx, "\0"); - } - else { - info->domain_name = talloc_unistr2_to_ascii(mem_ctx, info2->uni_domain); - } +ALIAS_INFO_CTR *cac_MakeAliasInfoCtr( TALLOC_CTX * mem_ctx, + CacAliasInfo * info ) +{ + ALIAS_INFO_CTR *ctr = NULL; - if(info2->uni_server.uni_str_len == 0) { - info->server_name = talloc_strdup(mem_ctx, "\0"); - } - else { - info->server_name = talloc_unistr2_to_ascii(mem_ctx, info2->uni_server); - } + if ( !mem_ctx || !info ) + return NULL; + ctr = talloc( mem_ctx, ALIAS_INFO_CTR ); + if ( !ctr ) + return NULL; - cac_InitCacTime(&(info->lockout_duration), info12->duration); - cac_InitCacTime(&(info->lockout_reset), info12->reset_count); - info->num_bad_attempts = info12->bad_attempt_lockout; + ctr->level = 1; - return info; + init_samr_alias_info1( &( ctr->alias.info1 ), info->name, + info->num_members, info->description ); + + return ctr; } -char *cac_unistr_ascii(TALLOC_CTX *mem_ctx, UNISTR src) { - char *buf; - uint32 len; +CacDomainInfo *cac_MakeDomainInfo( TALLOC_CTX * mem_ctx, + SAM_UNK_INFO_1 * info1, + SAM_UNK_INFO_2 * info2, + SAM_UNK_INFO_12 * info12 ) +{ + CacDomainInfo *info = NULL; - if(!mem_ctx || !src.buffer) - return NULL; + if ( !mem_ctx || !info1 || !info2 || !info12 ) + return NULL; - len = unistrlen(src.buffer) + 1; + info = talloc( mem_ctx, CacDomainInfo ); + if ( !info ) + return NULL; - buf = TALLOC_ZERO_ARRAY(mem_ctx, char, len); - if(!buf) - return NULL; + info->min_pass_length = info1->min_length_password; + info->pass_history = info1->password_history; - rpcstr_pull(buf, src.buffer, len, -1, STR_TERMINATE); + cac_InitCacTime( &( info->expire ), info1->expire ); + cac_InitCacTime( &( info->min_pass_age ), info1->min_passwordage ); - return buf; -} + info->server_role = info2->server_role; + info->num_users = info2->num_domain_usrs; + info->num_domain_groups = info2->num_domain_grps; + info->num_local_groups = info2->num_local_grps; -CacService *cac_MakeServiceArray(TALLOC_CTX *mem_ctx, ENUM_SERVICES_STATUS *svc, uint32 num_services) { - int i; - CacService *services = NULL; + /*if these have been ZERO'd out we need to know. uni_str_len will be 0 */ + if ( info2->uni_comment.uni_str_len == 0 ) { + info->comment = talloc_strdup( mem_ctx, "\0" ); + } else { + info->comment = + talloc_unistr2_to_ascii( mem_ctx, + info2->uni_comment ); + } - if(!mem_ctx || !svc) - return NULL; + if ( info2->uni_domain.uni_str_len == 0 ) { + info->domain_name = talloc_strdup( mem_ctx, "\0" ); + } else { + info->domain_name = + talloc_unistr2_to_ascii( mem_ctx, info2->uni_domain ); + } - services = TALLOC_ZERO_ARRAY(mem_ctx, CacService, num_services); - if(!services) - return NULL; + if ( info2->uni_server.uni_str_len == 0 ) { + info->server_name = talloc_strdup( mem_ctx, "\0" ); + } else { + info->server_name = + talloc_unistr2_to_ascii( mem_ctx, info2->uni_server ); + } - for(i = 0; i < num_services; i++) { - services[i].service_name = cac_unistr_ascii(mem_ctx, svc[i].servicename); - services[i].display_name = cac_unistr_ascii(mem_ctx, svc[i].displayname); - if(!services[i].service_name || !services[i].display_name) - return NULL; + cac_InitCacTime( &( info->lockout_duration ), info12->duration ); + cac_InitCacTime( &( info->lockout_reset ), info12->reset_count ); + info->num_bad_attempts = info12->bad_attempt_lockout; - services[i].status = svc[i].status; - } + return info; +} - return services; +char *cac_unistr_ascii( TALLOC_CTX * mem_ctx, UNISTR src ) +{ + char *buf; + uint32 len; + + if ( !mem_ctx || !src.buffer ) + return NULL; + + len = unistrlen( src.buffer ) + 1; + + buf = TALLOC_ZERO_ARRAY( mem_ctx, char, len ); + if ( !buf ) + return NULL; + + rpcstr_pull( buf, src.buffer, len, -1, STR_TERMINATE ); + + return buf; } -int cac_InitCacServiceConfig(TALLOC_CTX *mem_ctx, SERVICE_CONFIG *src, CacServiceConfig *dest) { - if(!src || !dest) - return CAC_FAILURE; +CacService *cac_MakeServiceArray( TALLOC_CTX * mem_ctx, + ENUM_SERVICES_STATUS * svc, + uint32 num_services ) +{ + int i; + CacService *services = NULL; - dest->exe_path = talloc_unistr2_to_ascii(mem_ctx, *src->executablepath); - if(!dest->exe_path) - return CAC_FAILURE; + if ( !mem_ctx || !svc ) + return NULL; - dest->load_order_group = talloc_unistr2_to_ascii(mem_ctx, *src->loadordergroup); - if(!dest->load_order_group) - return CAC_FAILURE; + services = TALLOC_ZERO_ARRAY( mem_ctx, CacService, num_services ); + if ( !services ) + return NULL; - dest->dependencies = talloc_unistr2_to_ascii(mem_ctx, *src->dependencies); - if(!dest->dependencies) - return CAC_FAILURE; + for ( i = 0; i < num_services; i++ ) { + services[i].service_name = + cac_unistr_ascii( mem_ctx, svc[i].servicename ); + services[i].display_name = + cac_unistr_ascii( mem_ctx, svc[i].displayname ); - dest->start_name = talloc_unistr2_to_ascii(mem_ctx, *src->startname); - if(!dest->start_name) - return CAC_FAILURE; + if ( !services[i].service_name || !services[i].display_name ) + return NULL; - dest->display_name = talloc_unistr2_to_ascii(mem_ctx, *src->displayname); - if(!dest->display_name) - return CAC_FAILURE; + services[i].status = svc[i].status; + } - dest->type = src->service_type; - dest->start_type = src->start_type; - dest->error_control = src->error_control; - dest->tag_id = src->tag_id; + return services; +} - return CAC_SUCCESS; +int cac_InitCacServiceConfig( TALLOC_CTX * mem_ctx, SERVICE_CONFIG * src, + CacServiceConfig * dest ) +{ + if ( !src || !dest ) + return CAC_FAILURE; + + dest->exe_path = + talloc_unistr2_to_ascii( mem_ctx, *src->executablepath ); + if ( !dest->exe_path ) + return CAC_FAILURE; + + dest->load_order_group = + talloc_unistr2_to_ascii( mem_ctx, *src->loadordergroup ); + if ( !dest->load_order_group ) + return CAC_FAILURE; + + dest->dependencies = + talloc_unistr2_to_ascii( mem_ctx, *src->dependencies ); + if ( !dest->dependencies ) + return CAC_FAILURE; + + dest->start_name = + talloc_unistr2_to_ascii( mem_ctx, *src->startname ); + if ( !dest->start_name ) + return CAC_FAILURE; + + dest->display_name = + talloc_unistr2_to_ascii( mem_ctx, *src->displayname ); + if ( !dest->display_name ) + return CAC_FAILURE; + + dest->type = src->service_type; + dest->start_type = src->start_type; + dest->error_control = src->error_control; + dest->tag_id = src->tag_id; + + return CAC_SUCCESS; } |