diff options
-rw-r--r-- | source3/Makefile.in | 12 | ||||
-rw-r--r-- | source3/include/proto.h | 28 | ||||
-rw-r--r-- | source3/include/rpc_client_proto.h | 62 | ||||
-rw-r--r-- | source3/include/rpc_lsa.h | 2 | ||||
-rw-r--r-- | source3/rpc_client/cli_lsarpc.c | 418 | ||||
-rw-r--r-- | source3/rpc_parse/parse_lsa.c | 64 | ||||
-rw-r--r-- | source3/rpc_parse/parse_misc.c | 8 | ||||
-rw-r--r-- | source3/rpcclient/cmd_lsarpc.c | 321 | ||||
-rw-r--r-- | source3/rpcclient/rpcclient.c | 2 |
9 files changed, 714 insertions, 203 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index 7dc23e2eae..05fdcb0f9c 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -154,7 +154,11 @@ RPC_CLIENT_OBJ = \ rpc_client/cli_srvsvc.o \ rpc_client/cli_samr.o \ rpc_client/cli_reg.o \ - rpc_client/cli_spoolss_notify.o + rpc_client/cli_spoolss_notify.o \ + rpc_client/cli_connect.o \ + rpc_client/cli_use.o \ + rpc_client/ncacn_np_use.o \ + lib/util_list.o LOCKING_OBJ = locking/locking.o locking/brlock.o locking/posix.o @@ -250,12 +254,10 @@ PDBEDIT_OBJ = utils/pdbedit.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(PASSDB_OBJ) \ $(UBIQX_OBJ) $(LIB_OBJ) RPCCLIENT_OBJ1 = rpcclient/rpcclient.o \ - lib/cmd_interp.o lib/util_list.o \ + lib/cmd_interp.o \ lib/msrpc-client.o \ - rpc_client/cli_connect.o \ - rpc_client/cli_use.o \ - rpc_client/ncacn_np_use.o \ rpcclient/spoolss_cmds.o rpcclient/cmd_spoolss.o \ + rpcclient/cmd_lsarpc.o \ rpcclient/display_spool.o rpcclient/display_sec.o \ rpc_client/msrpc_spoolss.o rpc_client/cli_spoolss.o diff --git a/source3/include/proto.h b/source3/include/proto.h index 5c8adc8ca4..c6574e139f 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -863,7 +863,7 @@ int name_len(char *s1); /*The following definitions come from libsmb/nterr.c */ BOOL get_safe_nt_error_msg(uint32 nt_code,char *msg, size_t len); -const char *get_nt_error_msg(uint32 nt_code); +char *get_nt_error_msg(uint32 nt_code); /*The following definitions come from libsmb/passchange.c */ @@ -1934,6 +1934,13 @@ BOOL do_lsa_query_info_pol(struct cli_state *cli, fstring domain_name, DOM_SID *domain_sid); BOOL do_lsa_close(struct cli_state *cli, POLICY_HND *hnd); BOOL cli_lsa_get_domain_sid(struct cli_state *cli, char *server); +uint32 lsa_open_policy(const char *system_name, POLICY_HND *hnd, + BOOL sec_qos, uint32 des_access); +uint32 lsa_close(POLICY_HND *hnd); +uint32 lsa_lookup_sids(POLICY_HND *hnd, int num_sids, DOM_SID *sids, + char ***names, uint32 **types, int *num_names); +uint32 lsa_lookup_names(POLICY_HND *hnd, int num_names, char **names, + DOM_SID **sids, uint32 **types, int *num_sids); /*The following definitions come from rpc_client/cli_netlogon.c */ @@ -2266,7 +2273,8 @@ void init_q_open_pol(LSA_Q_OPEN_POL *r_q, uint16 system_name, uint32 attributes, uint32 desired_access, LSA_SEC_QOS *qos); -BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, int depth); +BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, + int depth); BOOL lsa_io_r_open_pol(char *desc, LSA_R_OPEN_POL *r_p, prs_struct *ps, int depth); void init_q_open_pol2(LSA_Q_OPEN_POL2 *r_q, char *server_name, uint32 attributes, @@ -2285,14 +2293,14 @@ void init_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM *r_e, uint32 status); BOOL lsa_io_r_enum_trust_dom(char *desc, LSA_R_ENUM_TRUST_DOM *r_e, prs_struct *ps, int depth); BOOL lsa_io_r_query(char *desc, LSA_R_QUERY_INFO *r_q, prs_struct *ps, int depth); -void init_lsa_sid_enum(LSA_SID_ENUM *sen, int num_entries, DOM_SID **sids); +void init_lsa_sid_enum(LSA_SID_ENUM *sen, int num_entries, DOM_SID *sids); void init_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd, - int num_sids, DOM_SID **sids, - uint16 level); -BOOL lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, prs_struct *ps, int depth); + int num_sids, DOM_SID *sids, uint16 level); +BOOL lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, + prs_struct *ps, int depth); BOOL lsa_io_r_lookup_sids(char *desc, LSA_R_LOOKUP_SIDS *r_s, prs_struct *ps, int depth); void init_q_lookup_names(LSA_Q_LOOKUP_NAMES *q_l, POLICY_HND *hnd, - int num_names, char **names); + int num_names, char **names); BOOL lsa_io_q_lookup_names(char *desc, LSA_Q_LOOKUP_NAMES *q_r, prs_struct *ps, int depth); BOOL lsa_io_r_lookup_names(char *desc, LSA_R_LOOKUP_NAMES *r_r, prs_struct *ps, int depth); void init_lsa_q_close(LSA_Q_CLOSE *q_c, POLICY_HND *hnd); @@ -3338,6 +3346,12 @@ uint32 lookup_user_rid(char *user_name, uint32 *rid); BOOL api_wkssvc_rpc(pipes_struct *p); #endif +/*The following definitions come from rpcclient/cmd_lsarpc.c */ + +uint32 cmd_lsa_lookup_sids(struct client_info *info, int argc, char *argv[]); +uint32 cmd_lsa_lookup_names(struct client_info *info, int argc, char *argv[]); +void add_lsa_commands(void); + /*The following definitions come from rpcclient/cmd_spoolss.c */ uint32 cmd_spoolss_enum_printers(struct client_info *info, int argc, char *argv[]); diff --git a/source3/include/rpc_client_proto.h b/source3/include/rpc_client_proto.h index 90d675dbb4..f74cf62602 100644 --- a/source3/include/rpc_client_proto.h +++ b/source3/include/rpc_client_proto.h @@ -3,6 +3,35 @@ /* This file is automatically generated with "make proto". DO NOT EDIT */ +/*The following definitions come from lib/util_list.c */ + +BOOL copy_policy_hnd (POLICY_HND *dest, const POLICY_HND *src); +BOOL compare_rpc_hnd_node(const RPC_HND_NODE *x, + const RPC_HND_NODE *y); +BOOL RpcHndList_set_connection(const POLICY_HND *hnd, + struct cli_connection *con); +BOOL RpcHndList_del_connection(const POLICY_HND *hnd); +struct cli_connection* RpcHndList_get_connection(const POLICY_HND *hnd); + +/*The following definitions come from rpc_client/cli_connect.c */ + +void init_connections(void); +void free_connections(void); +void cli_connection_free(struct cli_connection *con); +void cli_connection_unlink(struct cli_connection *con); +BOOL cli_connection_init(const char *srv_name, char *pipe_name, + struct cli_connection **con); +BOOL cli_connection_init_auth(const char *srv_name, char *pipe_name, + struct cli_connection **con, + cli_auth_fns * auth, void *auth_creds); +struct _cli_auth_fns *cli_conn_get_authfns(struct cli_connection *con); +void *cli_conn_get_auth_creds(struct cli_connection *con); +BOOL rpc_hnd_pipe_req(const POLICY_HND * hnd, uint8 op_num, + prs_struct * data, prs_struct * rdata); +BOOL rpc_con_pipe_req(struct cli_connection *con, uint8 op_num, + prs_struct * data, prs_struct * rdata); +BOOL rpc_con_ok(struct cli_connection *con); + /*The following definitions come from rpc_client/cli_login.c */ BOOL cli_nt_setup_creds(struct cli_state *cli, unsigned char mach_pwd[16]); @@ -32,6 +61,13 @@ BOOL do_lsa_query_info_pol(struct cli_state *cli, fstring domain_name, DOM_SID *domain_sid); BOOL do_lsa_close(struct cli_state *cli, POLICY_HND *hnd); BOOL cli_lsa_get_domain_sid(struct cli_state *cli, char *server); +uint32 lsa_open_policy(const char *system_name, POLICY_HND *hnd, + BOOL sec_qos, uint32 des_access); +uint32 lsa_close(POLICY_HND *hnd); +uint32 lsa_lookup_sids(POLICY_HND *hnd, int num_sids, DOM_SID *sids, + char ***names, uint32 **types, int *num_names); +uint32 lsa_lookup_names(POLICY_HND *hnd, int num_names, char **names, + DOM_SID **sids, uint32 **types, int *num_sids); /*The following definitions come from rpc_client/cli_netlogon.c */ @@ -171,9 +207,35 @@ BOOL do_srv_net_srv_file_enum(struct cli_state *cli, BOOL do_srv_net_srv_get_info(struct cli_state *cli, char *server_name, uint32 switch_value, SRV_INFO_CTR *ctr); +/*The following definitions come from rpc_client/cli_use.c */ + +void init_cli_use(void); +void free_cli_use(void); +struct cli_state *cli_net_use_add(const char *srv_name, + const struct ntuser_creds *usr_creds, + BOOL reuse, BOOL *is_new); +BOOL cli_net_use_del(const char *srv_name, + const struct ntuser_creds *usr_creds, + BOOL force_close, BOOL *connection_closed); +void cli_net_use_enum(uint32 *num_cons, struct use_info ***use); +void cli_use_wait_keyboard(void); + /*The following definitions come from rpc_client/cli_wkssvc.c */ BOOL do_wks_query_info(struct cli_state *cli, char *server_name, uint32 switch_value, WKS_INFO_100 *wks100); + +/*The following definitions come from rpc_client/ncacn_np_use.c */ + +BOOL ncacn_np_use_del(const char *srv_name, const char *pipe_name, + const vuser_key * key, + BOOL force_close, BOOL *connection_closed); +struct ncacn_np *ncacn_np_initialise(struct ncacn_np *msrpc, + const vuser_key * key); +struct ncacn_np *ncacn_np_use_add(const char *pipe_name, + const vuser_key * key, + const char *srv_name, + const struct ntuser_creds *ntc, + BOOL reuse, BOOL *is_new_connection); #endif /* _PROTO_H_ */ diff --git a/source3/include/rpc_lsa.h b/source3/include/rpc_lsa.h index b2e2e3c813..0ef54587dc 100644 --- a/source3/include/rpc_lsa.h +++ b/source3/include/rpc_lsa.h @@ -96,7 +96,7 @@ typedef struct obj_attr_info typedef struct lsa_q_open_pol_info { uint32 ptr; /* undocumented buffer pointer */ - uint16 system_name; /* 0x5c - system name */ + uint16 system_name; /* system name BUG!!! (should be \\server!) */ LSA_OBJ_ATTR attr ; /* object attributes */ uint32 des_access; /* desired access attributes */ diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c index a9b9eddfb8..a1e63475cf 100644 --- a/source3/rpc_client/cli_lsarpc.c +++ b/source3/rpc_client/cli_lsarpc.c @@ -1,4 +1,3 @@ - /* * Unix SMB/Netbios implementation. * Version 1.9. @@ -23,16 +22,10 @@ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ - -#ifdef SYSLOG -#undef SYSLOG -#endif - #include "includes.h" extern int DEBUGLEVEL; - /**************************************************************************** do a LSA Open Policy ****************************************************************************/ @@ -402,3 +395,414 @@ BOOL cli_lsa_get_domain_sid(struct cli_state *cli, char *server) return res3; } + +/**************************************************************************** +do a LSA Open Policy +****************************************************************************/ +uint32 lsa_open_policy(const char *system_name, POLICY_HND *hnd, + BOOL sec_qos, uint32 des_access) +{ + prs_struct rbuf; + prs_struct buf; + LSA_Q_OPEN_POL q_o; + LSA_SEC_QOS qos; + struct cli_connection *con = NULL; + uint32 result; + + if (!cli_connection_init(system_name, PIPE_LSARPC, &con)) { + return NT_STATUS_UNSUCCESSFUL; + } + + if (hnd == NULL) return NT_STATUS_UNSUCCESSFUL; + + prs_init(&buf, MAX_PDU_FRAG_LEN, 4, NULL, False); + prs_init(&rbuf, 0, 4, NULL, True); + + /* create and send a MSRPC command with api LSA_OPENPOLICY */ + + DEBUG(4, ("LSA Open Policy\n")); + + /* store the parameters */ + if (sec_qos) { + init_lsa_sec_qos(&qos, 2, 1, 0, des_access); + init_q_open_pol(&q_o, '\\', 0, des_access, &qos); + } else { + init_q_open_pol(&q_o, '\\', 0, des_access, NULL); + } + + /* turn parameters into data stream */ + if (lsa_io_q_open_pol("", &q_o, &buf, 0) && + rpc_con_pipe_req(con, LSA_OPENPOLICY, &buf, &rbuf)) { + LSA_R_OPEN_POL r_o; + BOOL p; + + lsa_io_r_open_pol("", &r_o, &rbuf, 0); + p = rbuf.data_offset != 0; + + result = r_o.status; + + if (p && r_o.status != 0) { + /* report error code */ + DEBUG(0, + ("LSA_OPENPOLICY: %s\n", + get_nt_error_msg(r_o.status))); + p = False; + } + + if (p) { + + /* Return the policy handle */ + + *hnd = r_o.pol; + + if (!RpcHndList_set_connection(hnd, con)) { + result = NT_STATUS_NO_MEMORY; + } + } + } + + prs_mem_free(&rbuf); + prs_mem_free(&buf); + + return result; +} + +/**************************************************************************** +do a LSA Close +****************************************************************************/ +uint32 lsa_close(POLICY_HND *hnd) +{ + prs_struct rbuf; + prs_struct buf; + LSA_Q_CLOSE q_c; + uint32 result; + + if (hnd == NULL) return False; + + /* Create and send a MSRPC command with api LSA_OPENPOLICY */ + + prs_init(&buf, MAX_PDU_FRAG_LEN, 4, NULL, False); + prs_init(&rbuf, 0, 4, NULL, True); + + DEBUG(4, ("LSA Close\n")); + + /* Store the parameters */ + + init_lsa_q_close(&q_c, hnd); + + /* Turn parameters into data stream */ + + if (lsa_io_q_close("", &q_c, &buf, 0) && + rpc_hnd_pipe_req(hnd, LSA_CLOSE, &buf, &rbuf)) { + LSA_R_CLOSE r_c; + BOOL p; + + lsa_io_r_close("", &r_c, &rbuf, 0); + p = rbuf.data_offset != 0; + result = r_c.status; + + if (p && r_c.status != 0) { + + /* Report error code */ + + DEBUG(0, ("LSA_CLOSE: %s\n", + get_nt_error_msg(r_c.status))); + + p = False; + } + + } + + prs_mem_free(&rbuf); + prs_mem_free(&buf); + + return result; +} + +/**************************************************************************** +do a LSA Lookup SIDs +****************************************************************************/ +uint32 lsa_lookup_sids(POLICY_HND *hnd, int num_sids, DOM_SID *sids, + char ***names, uint32 **types, int *num_names) +{ + prs_struct rbuf; + prs_struct buf; + LSA_Q_LOOKUP_SIDS q_l; + TALLOC_CTX *ctx = talloc_init(); + uint32 result; + + ZERO_STRUCT(q_l); + + if (hnd == NULL || num_sids == 0 || sids == NULL) return False; + + if (num_names != NULL) { + *num_names = 0; + } + + if (types != NULL) { + *types = NULL; + } + + if (names != NULL) { + *names = NULL; + } + + prs_init(&buf, MAX_PDU_FRAG_LEN, 4, ctx, False); + prs_init(&rbuf, 0, 4, ctx, True); + + /* Create and send a MSRPC command with api LSA_LOOKUP_SIDS */ + + DEBUG(4, ("LSA Lookup SIDs\n")); + + /* Store the parameters */ + + init_q_lookup_sids(&q_l, hnd, num_sids, sids, 1); + + /* turn parameters into data stream */ + if (lsa_io_q_lookup_sids("", &q_l, &buf, 0) && + rpc_hnd_pipe_req(hnd, LSA_LOOKUPSIDS, &buf, &rbuf)) { + LSA_R_LOOKUP_SIDS r_l; + DOM_R_REF ref; + LSA_TRANS_NAME_ENUM t_names; + BOOL p, valid_response; + + r_l.dom_ref = &ref; + r_l.names = &t_names; + + lsa_io_r_lookup_sids("", &r_l, &rbuf, 0); + p = rbuf.data_offset != 0; + result = r_l.status; + + if (p && r_l.status != 0 && + r_l.status != 0x107 && + r_l.status != (0xC0000000 | NT_STATUS_NONE_MAPPED)) { + + /* Report error code */ + + DEBUG(1, ("LSA_LOOKUP_SIDS: %s\n", + get_nt_error_msg(r_l.status))); + + return r_l.status; + } + + result = NT_STATUS_NOPROBLEMO; + + if (p) { + if (t_names.ptr_trans_names != 0 + && r_l.ptr_dom_ref != 0) { + valid_response = True; + } + } + + if (num_names != NULL && valid_response) { + (*num_names) = t_names.num_entries; + } + + if (valid_response) { + uint32 i; + + for (i = 0; i < t_names.num_entries; i++) { + if ((t_names.name[i].domain_idx >= + ref.num_ref_doms_1) + && (t_names.name[i].domain_idx != + 0xffffffff)) { + DEBUG(0, + ("LSA_LOOKUP_SIDS: domain index out of bounds\n")); + valid_response = False; + break; + } + } + } + + if (types != NULL && valid_response && (*num_names) != 0) { + (*types) = (uint32 *) malloc((*num_names) * + sizeof(uint32)); + } + + if (names != NULL && valid_response && (*num_names) != 0) { + (*names) = (char **)malloc((*num_names) * + sizeof(char *)); + } + + if (names != NULL && (*names) != NULL) { + int i; + + /* Take each name, construct a \DOMAIN\name string */ + + for (i = 0; i < (*num_names); i++) { + fstring name; + fstring dom_name; + fstring full_name; + uint32 dom_idx = t_names.name[i].domain_idx; + + if (dom_idx != 0xffffffff) { + unistr2_to_ascii(dom_name, + &ref. + ref_dom[dom_idx]. + uni_dom_name, + sizeof(dom_name) - + 1); + unistr2_to_ascii(name, + &t_names.uni_name[i], + sizeof(name) - 1); + + memset(full_name, 0, + sizeof(full_name)); + + slprintf(full_name, + sizeof(full_name) - 1, + "%s\\%s", dom_name, name); + + (*names)[i] = strdup(full_name); + if (types != NULL && + (*types) != NULL) { + (*types)[i] = t_names.name[i].sid_name_use; + } + } else { + (*names)[i] = NULL; + if (types != NULL && + (*types) != NULL) { + (*types)[i] = SID_NAME_UNKNOWN; + } + } + } + } + } + + prs_mem_free(&rbuf); + prs_mem_free(&buf); + + return result; +} + +/**************************************************************************** +do a LSA Lookup Names +****************************************************************************/ +uint32 lsa_lookup_names(POLICY_HND *hnd, int num_names, char **names, + DOM_SID **sids, uint32 **types, int *num_sids) +{ + prs_struct rbuf; + prs_struct buf; + LSA_Q_LOOKUP_NAMES q_l; + BOOL valid_response = False; + TALLOC_CTX *ctx = talloc_init(); + uint32 result; + + if (hnd == NULL || num_sids == 0 || sids == NULL) return False; + + prs_init(&buf, MAX_PDU_FRAG_LEN, 4, ctx, False); + prs_init(&rbuf, 0, 4, ctx, True); + + /* create and send a MSRPC command with api LSA_LOOKUP_NAMES */ + + DEBUG(4, ("LSA Lookup NAMEs\n")); + + /* store the parameters */ + init_q_lookup_names(&q_l, hnd, num_names, names); + + /* turn parameters into data stream */ + if (lsa_io_q_lookup_names("", &q_l, &buf, 0) && + rpc_hnd_pipe_req(hnd, LSA_LOOKUPNAMES, &buf, &rbuf)) { + LSA_R_LOOKUP_NAMES r_l; + DOM_R_REF ref; + DOM_RID2 t_rids[MAX_LOOKUP_SIDS]; + BOOL p; + + ZERO_STRUCT(ref); + ZERO_STRUCT(t_rids); + + r_l.dom_ref = &ref; + r_l.dom_rid = t_rids; + + lsa_io_r_lookup_names("", &r_l, &rbuf, 0); + p = rbuf.data_offset != 0; + + if (p && r_l.status != 0) { + /* report error code */ + DEBUG(1, + ("LSA_LOOKUP_NAMES: %s\n", + get_nt_error_msg(r_l.status))); + p = False; + + return r_l.status; + } + + result = r_l.status; + + if (p) { + if (r_l.ptr_dom_ref != 0 && r_l.ptr_entries != 0) { + valid_response = True; + } + } + + if (num_sids != NULL && valid_response) { + (*num_sids) = r_l.num_entries; + } + + if (valid_response) { + uint32 i; + + for (i = 0; i < r_l.num_entries; i++) { + if (t_rids[i].rid_idx >= ref.num_ref_doms_1 && + t_rids[i].rid_idx != 0xffffffff) { + DEBUG(0, + ("LSA_LOOKUP_NAMES: domain index %d out of bounds\n", + t_rids[i].rid_idx)); + valid_response = False; + break; + } + } + } + + if (types != NULL && valid_response && r_l.num_entries != 0) { + (*types) = (uint32 *) malloc((*num_sids) * + sizeof(uint32)); + } + + if (sids != NULL && valid_response && r_l.num_entries != 0) { + (*sids) = (DOM_SID *) malloc((*num_sids) * + sizeof(DOM_SID)); + } + + if (sids != NULL && (*sids) != NULL) { + int i; + + /* Take each name, construct a SID */ + + for (i = 0; i < (*num_sids); i++) { + uint32 dom_idx = t_rids[i].rid_idx; + uint32 dom_rid = t_rids[i].rid; + DOM_SID *sid = &(*sids)[i]; + + if (dom_idx != 0xffffffff) { + + sid_copy(sid, + &ref.ref_dom[dom_idx]. + ref_dom.sid); + + if (dom_rid != 0xffffffff) { + sid_append_rid(sid, dom_rid); + } + + if (types != NULL && + (*types) != NULL) { + (*types)[i] = t_rids[i].type; + } + + } else { + ZERO_STRUCTP(sid); + + if (types != NULL && + (*types) != NULL) { + (*types)[i] = SID_NAME_UNKNOWN; + } + } + } + } + } + + prs_mem_free(&rbuf); + prs_mem_free(&buf); + + return result; +} diff --git a/source3/rpc_parse/parse_lsa.c b/source3/rpc_parse/parse_lsa.c index 5a266cbbda..a53c07366e 100644 --- a/source3/rpc_parse/parse_lsa.c +++ b/source3/rpc_parse/parse_lsa.c @@ -147,7 +147,7 @@ static BOOL lsa_io_dom_r_ref(char *desc, DOM_R_REF *r_r, prs_struct *ps, int dep void init_lsa_sec_qos(LSA_SEC_QOS *qos, uint16 imp_lev, uint8 ctxt, uint8 eff, uint32 unknown) { - DEBUG(5,("init_lsa_sec_qos\n")); + DEBUG(5, ("init_lsa_sec_qos\n")); qos->len = 0x0c; /* length of quality of service block, in bytes */ qos->sec_imp_level = imp_lev; @@ -205,7 +205,7 @@ static BOOL lsa_io_sec_qos(char *desc, LSA_SEC_QOS *qos, prs_struct *ps, int de void init_lsa_obj_attr(LSA_OBJ_ATTR *attr, uint32 attributes, LSA_SEC_QOS *qos) { - DEBUG(5,("make_lsa_obj_attr\n")); + DEBUG(5, ("init_lsa_obj_attr\n")); attr->len = 0x18; /* length of object attribute block, in bytes */ attr->ptr_root_dir = 0; @@ -281,7 +281,8 @@ void init_q_open_pol(LSA_Q_OPEN_POL *r_q, uint16 system_name, uint32 desired_access, LSA_SEC_QOS *qos) { - DEBUG(5,("make_open_pol: attr:%d da:%d\n", attributes, desired_access)); + DEBUG(5, ("init_open_pol: attr:%d da:%d\n", attributes, + desired_access)); r_q->ptr = 1; /* undocumented pointer */ @@ -296,10 +297,10 @@ void init_q_open_pol(LSA_Q_OPEN_POL *r_q, uint16 system_name, Reads or writes an LSA_Q_OPEN_POL structure. ********************************************************************/ -BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, int depth) +BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, + int depth) { - if (r_q == NULL) - return False; + if (r_q == NULL) return False; prs_debug(ps, depth, desc, "lsa_io_q_open_pol"); depth++; @@ -308,7 +309,7 @@ BOOL lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, int dept return False; if(!prs_uint16("system_name", ps, depth, &r_q->system_name)) return False; - if(!prs_align( ps )) + if(!prs_align(ps)) return False; if(!lsa_io_obj_attr("", &r_q->attr, ps, depth)) @@ -352,7 +353,8 @@ void init_q_open_pol2(LSA_Q_OPEN_POL2 *r_q, char *server_name, uint32 desired_access, LSA_SEC_QOS *qos) { - DEBUG(5,("make_open_pol2: attr:%d da:%d\n", attributes, desired_access)); + DEBUG(5, ("init_open_pol2: attr:%d da:%d\n", attributes, + desired_access)); r_q->ptr = 1; /* undocumented pointer */ @@ -484,7 +486,7 @@ BOOL lsa_io_r_query_sec_obj(char *desc, LSA_R_QUERY_SEC_OBJ *r_u, prs_struct *ps void init_q_query(LSA_Q_QUERY_INFO *q_q, POLICY_HND *hnd, uint16 info_class) { - DEBUG(5,("make_q_query\n")); + DEBUG(5, ("init_q_query\n")); memcpy(&q_q->pol, hnd, sizeof(q_q->pol)); @@ -544,7 +546,7 @@ void init_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM *r_e, uint32 enum_context, char *domain_name, DOM_SID *domain_sid, uint32 status) { - DEBUG(5,("make_r_enum_trust_dom\n")); + DEBUG(5, ("init_r_enum_trust_dom\n")); r_e->enum_context = enum_context; @@ -646,26 +648,21 @@ BOOL lsa_io_r_query(char *desc, LSA_R_QUERY_INFO *r_q, prs_struct *ps, int depth Inits a LSA_SID_ENUM structure. ********************************************************************/ -void init_lsa_sid_enum(LSA_SID_ENUM *sen, int num_entries, DOM_SID **sids) +void init_lsa_sid_enum(LSA_SID_ENUM *sen, int num_entries, DOM_SID *sids) { - int i, i2; + int i; - DEBUG(5,("make_lsa_sid_enum\n")); + DEBUG(5, ("init_lsa_sid_enum\n")); sen->num_entries = num_entries; - sen->ptr_sid_enum = (num_entries != 0) ? 1 : 0; + sen->ptr_sid_enum = num_entries != 0; sen->num_entries2 = num_entries; SMB_ASSERT_ARRAY(sen->sid, sen->num_entries); - for (i = 0, i2 = 0; i < num_entries; i++) { - if (sids[i] != NULL) { - sen->ptr_sid[i] = 1; - init_dom_sid2(&sen->sid[i2], sids[i]); - i2++; - } else { - sen->ptr_sid[i] = 0; - } + for (i = 0; i < num_entries; i++) { + sen->ptr_sid[i] = 1; + init_dom_sid2(&sen->sid[i], &sids[i]); } } @@ -720,12 +717,12 @@ static BOOL lsa_io_sid_enum(char *desc, LSA_SID_ENUM *sen, ********************************************************************/ void init_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd, - int num_sids, DOM_SID **sids, - uint16 level) + int num_sids, DOM_SID *sids, uint16 level) { - DEBUG(5,("make_r_enum_trust_dom\n")); + DEBUG(5, ("init_q_lookup_sids\n")); + + q_l->pol = *hnd; - memcpy(&q_l->pol, hnd, sizeof(q_l->pol)); init_lsa_sid_enum(&q_l->sids, num_sids, sids); q_l->names.num_entries = 0; @@ -739,7 +736,8 @@ void init_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd, Reads or writes a LSA_Q_LOOKUP_SIDS structure. ********************************************************************/ -BOOL lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, prs_struct *ps, int depth) +BOOL lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, + prs_struct *ps, int depth) { if (q_s == NULL) return False; @@ -857,22 +855,22 @@ makes a structure. ********************************************************************/ void init_q_lookup_names(LSA_Q_LOOKUP_NAMES *q_l, POLICY_HND *hnd, - int num_names, char **names) + int num_names, char **names) { int i; DEBUG(5,("init_q_lookup_names\n")); - memcpy(&q_l->pol, hnd, sizeof(q_l->pol)); - + q_l->pol = *hnd; q_l->num_entries = num_names; q_l->num_entries2 = num_names; SMB_ASSERT_ARRAY(q_l->uni_name, q_l->num_entries); for (i = 0; i < num_names; i++) { - char* name = names[i]; - int len = strlen(name)+1; + char *name = names[i]; + int len = strlen(name); + init_uni_hdr(&q_l->hdr_name[i], len); init_unistr2(&q_l->uni_name[i], name, len); } @@ -993,7 +991,7 @@ BOOL lsa_io_r_lookup_names(char *desc, LSA_R_LOOKUP_NAMES *r_r, prs_struct *ps, void init_lsa_q_close(LSA_Q_CLOSE *q_c, POLICY_HND *hnd) { - DEBUG(5,("make_lsa_q_close\n")); + DEBUG(5, ("init_lsa_q_close\n")); memcpy(&q_c->pol, hnd, sizeof(q_c->pol)); } diff --git a/source3/rpc_parse/parse_misc.c b/source3/rpc_parse/parse_misc.c index 859a800771..dd6784a8e7 100644 --- a/source3/rpc_parse/parse_misc.c +++ b/source3/rpc_parse/parse_misc.c @@ -321,7 +321,7 @@ void init_uni_hdr(UNIHDR *hdr, int len) { hdr->uni_str_len = 2 * len; hdr->uni_max_len = 2 * len; - hdr->buffer = len != 0 ? 1 : 0; + hdr->buffer = len != 0; } /******************************************************************* @@ -867,7 +867,8 @@ void init_unistr2(UNISTR2 *str, const char *buf, size_t len) { ZERO_STRUCTP(str); - /* set up string lengths. */ + /* Set up string lengths. */ + str->uni_max_len = (uint32)len; str->undoc = 0; str->uni_str_len = (uint32)len; @@ -880,8 +881,7 @@ void init_unistr2(UNISTR2 *str, const char *buf, size_t len) len *= sizeof(uint16); str->buffer = (uint16 *)talloc(parse_misc_talloc, len); - if ((str->buffer == NULL) && (len > 0)) - { + if ((str->buffer == NULL) && (len > 0)) { smb_panic("init_unistr2: malloc fail\n"); return; } diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c index ee4d5803d5..bbc1e6ebdb 100644 --- a/source3/rpcclient/cmd_lsarpc.c +++ b/source3/rpcclient/cmd_lsarpc.c @@ -20,198 +20,229 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ - - -#ifdef SYSLOG -#undef SYSLOG -#endif - #include "includes.h" -extern int DEBUGLEVEL; - -#define DEBUG_TESTING +extern FILE *out_hnd; + +/* Convert SID_NAME_USE values to strings */ + +struct sid_name { + enum SID_NAME_USE name_type; + char *name; +} sid_name_type_str[] = { + { SID_NAME_UNKNOWN, "UNKNOWN" }, + { SID_NAME_USER, "User" }, + { SID_NAME_DOM_GRP, "Domain Group" }, + { SID_NAME_DOMAIN, "Domain" }, + { SID_NAME_ALIAS, "Local Group"} , + { SID_NAME_WKN_GRP, "Well-known Group" }, + { SID_NAME_DELETED, "Deleted" }, + { SID_NAME_INVALID, "Invalid" }, + { 0, NULL } +}; + +static char *get_sid_name_type_str(enum SID_NAME_USE name_type) +{ + int i = 0; -extern struct cli_state *smb_cli; -extern int smb_tidx; + while(sid_name_type_str[i].name) { + if (name_type == sid_name_type_str[i].name_type) { + return sid_name_type_str[i].name; + } + i++; + } -extern FILE* out_hnd; + return NULL; +} +/* Look up a list of sids */ -/**************************************************************************** -nt lsa query -****************************************************************************/ -void cmd_lsa_query_info(struct client_info *info) +uint32 cmd_lsa_lookup_sids(struct client_info *info, int argc, char *argv[]) { + POLICY_HND lsa_pol; fstring srv_name; + char **names; + DOM_SID *sids; + int num_sids = 0, num_names, i; + uint32 *types, result; + + /* Check command arguments */ - BOOL res = True; + if (argc == 1) { + fprintf(out_hnd, "lsa_lookupsids sid1 [sid2...]\n"); + return NT_STATUS_INVALID_PARAMETER; + } - fstrcpy(info->dom.level3_dom, ""); - fstrcpy(info->dom.level5_dom, ""); - ZERO_STRUCT(info->dom.level3_sid); - ZERO_STRUCT(info->dom.level5_sid); + sids = (DOM_SID *)malloc((argc - 1) * sizeof(DOM_SID)); + + for (i = 1; i < argc; i++) { + if (string_to_sid(&sids[num_sids], argv[i])) { + num_sids++; + } else { + fprintf(out_hnd, "could not parse sid %s\n", argv[i]); + } + } fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->myhostname); + fstrcat(srv_name, info->dest_host); strupper(srv_name); - DEBUG(4,("cmd_lsa_query_info: server:%s\n", srv_name)); + /* Lookup domain controller; receive a policy handle */ - DEBUG(5, ("cmd_lsa_query_info: smb_cli->fd:%d\n", smb_cli->fd)); + result = lsa_open_policy(srv_name, &lsa_pol, True, + SEC_RIGHTS_MAXIMUM_ALLOWED); - /* open LSARPC session. */ - res = res ? cli_nt_session_open(smb_cli, PIPE_LSARPC) : False; + if (result != 0) { + report(out_hnd, "open policy failed: %s\n", + get_nt_error_msg(result)); + return result; + } - /* lookup domain controller; receive a policy handle */ - res = res ? do_lsa_open_policy(smb_cli, - srv_name, - &info->dom.lsa_info_pol, False) : False; + /* Send lsa lookup sids call */ - /* send client info query, level 3. receive domain name and sid */ - res = res ? do_lsa_query_info_pol(smb_cli, - &info->dom.lsa_info_pol, 0x03, - info->dom.level3_dom, - &info->dom.level3_sid) : False; + result = lsa_lookup_sids(&lsa_pol, num_sids, sids, &names, + &types, &num_names); - /* send client info query, level 5. receive domain name and sid */ - res = res ? do_lsa_query_info_pol(smb_cli, - &info->dom.lsa_info_pol, 0x05, - info->dom.level5_dom, - &info->dom.level5_sid) : False; + if (result != 0) { + report(out_hnd, "lookup names failed: %s\n", + get_nt_error_msg(result)); + return result; + } - res = res ? do_lsa_close(smb_cli, &info->dom.lsa_info_pol) : False; + result = lsa_close(&lsa_pol); - /* close the session */ - cli_nt_session_close(smb_cli); + if (result != 0) { + report(out_hnd, "lsa close failed: %s\n", + get_nt_error_msg(result)); + return result; + } - if (res) - { - BOOL domain_something = False; - fstring sid; - DEBUG(5,("cmd_lsa_query_info: query succeeded\n")); + /* Print output */ - fprintf(out_hnd, "LSA Query Info Policy\n"); + if (names != NULL) { + report(out_hnd, "Lookup SIDS:\n"); - if (info->dom.level3_dom[0] != 0) - { - sid_to_string(sid, &info->dom.level3_sid); - fprintf(out_hnd, "Domain Member - Domain: %s SID: %s\n", - info->dom.level3_dom, sid); - domain_something = True; - } - if (info->dom.level5_dom[0] != 0) - { - sid_to_string(sid, &info->dom.level5_sid); - fprintf(out_hnd, "Domain Controller - Domain: %s SID: %s\n", - info->dom.level5_dom, sid); - domain_something = True; - } - if (!domain_something) - { - fprintf(out_hnd, "%s is not a Domain Member or Controller\n", - info->dest_host); + for (i = 0; i < num_names; i++) { + fstring temp; + + sid_to_string(temp, &sids[i]); + + report(out_hnd, "SID: %s -> %s (%d: %s)\n", + temp, names[i] ? names[i] : "(null)", + types[i], get_sid_name_type_str(types[i])); + + if (names[i] != NULL) { + free(names[i]); + } } + + free(names); } - else - { - DEBUG(5,("cmd_lsa_query_info: query failed\n")); + + if (types) { + free(types); } + + return result; } -/**************************************************************************** -nt lsa query -****************************************************************************/ -void cmd_lsa_lookup_sids(struct client_info *info) +/* Look up a list of names */ + +uint32 cmd_lsa_lookup_names(struct client_info *info, int argc, char *argv[]) { - fstring temp; - int i; - fstring sid_name; + POLICY_HND lsa_pol; fstring srv_name; - DOM_SID sid[10]; - DOM_SID *sids[10]; - int num_sids = 0; - char **names = NULL; - int num_names = 0; + int num_names, i, num_sids; + DOM_SID *sids; + char **names; + uint32 *types, result; - BOOL res = True; + /* Check command arguments */ - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->myhostname); - strupper(srv_name); + if (argc == 1) { + fprintf(out_hnd, "lsa_lookupnames name1 [name2...]\n"); + return NT_STATUS_INVALID_PARAMETER; + } - DEBUG(4,("cmd_lsa_lookup_sids: server: %s\n", srv_name)); + names = (char **)malloc((argc - 1) * sizeof(char *)); + num_names = argc - 1; - while (num_sids < 10 && next_token(NULL, temp, NULL, sizeof(temp))) - { - if (strnequal("S-", temp, 2)) - { - fstrcpy(sid_name, temp); - } - else - { - sid_to_string(sid_name, &info->dom.level5_sid); - - if (sid_name[0] == 0) - { - fprintf(out_hnd, "please use lsaquery first or specify a complete SID\n"); - return; - } - - fstrcat(sid_name, "-"); - fstrcat(sid_name, temp); - } - init_dom_sid(&sid[num_sids], sid_name); - sids[num_sids] = &sid[num_sids]; - num_sids++; + for (i = 1; i < argc; i++) { + names[i - 1] = argv[i]; } - if (num_sids == 0) - { - fprintf(out_hnd, "lookupsid RID or SID\n"); - return; - } + fstrcpy(srv_name, "\\\\"); + fstrcat(srv_name, info->dest_host); + strupper(srv_name); - /* open LSARPC session. */ - res = res ? cli_nt_session_open(smb_cli, PIPE_LSARPC) : False; + /* Lookup domain controller; receive a policy handle */ - /* lookup domain controller; receive a policy handle */ - res = res ? do_lsa_open_policy(smb_cli, - srv_name, - &info->dom.lsa_info_pol, True) : False; + result = lsa_open_policy(srv_name, &lsa_pol, True, + SEC_RIGHTS_MAXIMUM_ALLOWED); - /* send lsa lookup sids call */ - res = res ? do_lsa_lookup_sids(smb_cli, - &info->dom.lsa_info_pol, - num_sids, sids, - &names, &num_names) : False; + if (result != 0) { + report(out_hnd, "open policy failed: %s\n", + get_nt_error_msg(result)); + return result; + } - res = res ? do_lsa_close(smb_cli, &info->dom.lsa_info_pol) : False; + /* Send lsa lookup names call */ - /* close the session */ - cli_nt_session_close(smb_cli); + result = lsa_lookup_names(&lsa_pol, num_names, names, &sids, + &types, &num_sids); - if (res) - { - DEBUG(5,("cmd_lsa_lookup_sids: query succeeded\n")); + if (result != 0) { + report(out_hnd, "lookup sids failed: %s\n", + get_nt_error_msg(result)); + return result; } - else - { - DEBUG(5,("cmd_lsa_lookup_sids: query failed\n")); + + result = lsa_close(&lsa_pol); + + if (result != 0) { + report(out_hnd, "lsa close failed: %s\n", + get_nt_error_msg(result)); + return result; } - if (names != NULL) - { - fprintf(out_hnd,"Lookup SIDS:\n"); - for (i = 0; i < num_names; i++) - { - sid_to_string(temp, sids[i]); - fprintf(out_hnd, "SID: %s -> %s\n", temp, names[i]); - if (names[i] != NULL) - { - free(names[i]); + + /* Print output */ + + if (sids != NULL) { + fstring temp; + + report(out_hnd, "Lookup Names:\n"); + for (i = 0; i < num_sids; i++) { + sid_to_string(temp, &sids[i]); + report(out_hnd, "Name: %s -> %s (%d: %s)\n", + names[i], temp, types[i], + get_sid_name_type_str(types[i])); +#if 0 + if (sids[i] != NULL) { + free(sids[i]); } +#endif } - free(names); + + free(sids); } + + return result; } +/* rpcclient interface */ + +static const struct command_set lsa_commands[] = { + + { "LSARPC", NULL, NULL, {NULL, NULL} }, + + { "lsa_lookup_sids", cmd_lsa_lookup_sids }, + { "lsa_lookup_names", cmd_lsa_lookup_names }, + + {"", NULL, NULL, {NULL, NULL}} +}; + + +void add_lsa_commands(void) +{ + add_command_set(lsa_commands); +} diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index 74e5111037..6de9363b72 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -26,8 +26,8 @@ int main(int argc, char *argv[]) { -#if 0 add_lsa_commands(); +#if 0 add_net_commands(); add_evt_commands(); add_sam_commands(); |