summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/rpc_server/srv_samr_nt.c204
1 files changed, 37 insertions, 167 deletions
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 8c64029246..cbcd4de60c 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -2255,11 +2255,9 @@ static NTSTATUS init_samr_parameters_string(TALLOC_CTX *mem_ctx,
static NTSTATUS get_user_info_5(TALLOC_CTX *mem_ctx,
struct samr_UserInfo5 *r,
- DOM_SID *user_sid,
+ struct samu *pw,
DOM_SID *domain_sid)
{
- struct samu *pw = NULL;
- bool ret;
const DOM_SID *sid_user, *sid_group;
uint32_t rid, primary_gid;
NTTIME last_logon, last_logoff, last_password_change,
@@ -2271,24 +2269,6 @@ static NTSTATUS get_user_info_5(TALLOC_CTX *mem_ctx,
ZERO_STRUCTP(r);
- if (!(pw = samu_new(mem_ctx))) {
- return NT_STATUS_NO_MEMORY;
- }
-
- become_root();
- ret = pdb_getsampwsid(pw, user_sid);
- unbecome_root();
-
- if (ret == False) {
- DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
- TALLOC_FREE(pw);
- return NT_STATUS_NO_SUCH_USER;
- }
-
- samr_clear_sam_passwd(pw);
-
- DEBUG(3,("User:[%s]\n", pdb_get_username(pw)));
-
sid_user = pdb_get_user_sid(pw);
if (!sid_peek_check_rid(domain_sid, sid_user, &rid)) {
@@ -2296,7 +2276,6 @@ static NTSTATUS get_user_info_5(TALLOC_CTX *mem_ctx,
"the domain sid %s. Failing operation.\n",
pdb_get_username(pw), sid_string_dbg(sid_user),
sid_string_dbg(domain_sid)));
- TALLOC_FREE(pw);
return NT_STATUS_UNSUCCESSFUL;
}
@@ -2309,7 +2288,6 @@ static NTSTATUS get_user_info_5(TALLOC_CTX *mem_ctx,
"which conflicts with the domain sid %s. Failing operation.\n",
pdb_get_username(pw), sid_string_dbg(sid_group),
sid_string_dbg(domain_sid)));
- TALLOC_FREE(pw);
return NT_STATUS_UNSUCCESSFUL;
}
@@ -2350,8 +2328,6 @@ static NTSTATUS get_user_info_5(TALLOC_CTX *mem_ctx,
acct_expiry,
pdb_get_acct_ctrl(pw));
- TALLOC_FREE(pw);
-
return NT_STATUS_OK;
}
@@ -2361,35 +2337,16 @@ static NTSTATUS get_user_info_5(TALLOC_CTX *mem_ctx,
static NTSTATUS get_user_info_7(TALLOC_CTX *mem_ctx,
struct samr_UserInfo7 *r,
- DOM_SID *user_sid)
+ struct samu *smbpass)
{
- struct samu *smbpass=NULL;
- bool ret;
const char *account_name = NULL;
ZERO_STRUCTP(r);
- if ( !(smbpass = samu_new( mem_ctx )) ) {
- return NT_STATUS_NO_MEMORY;
- }
-
- become_root();
- ret = pdb_getsampwsid(smbpass, user_sid);
- unbecome_root();
-
- if ( !ret ) {
- DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
- return NT_STATUS_NO_SUCH_USER;
- }
-
account_name = talloc_strdup(mem_ctx, pdb_get_username(smbpass));
if (!account_name) {
- TALLOC_FREE(smbpass);
return NT_STATUS_NO_MEMORY;
}
- TALLOC_FREE(smbpass);
-
- DEBUG(3,("User:[%s]\n", account_name));
init_samr_user_info7(r, account_name);
@@ -2402,33 +2359,12 @@ static NTSTATUS get_user_info_7(TALLOC_CTX *mem_ctx,
static NTSTATUS get_user_info_9(TALLOC_CTX *mem_ctx,
struct samr_UserInfo9 *r,
- DOM_SID *user_sid)
+ struct samu *smbpass)
{
- struct samu *smbpass=NULL;
- bool ret;
-
ZERO_STRUCTP(r);
- if ( !(smbpass = samu_new( mem_ctx )) ) {
- return NT_STATUS_NO_MEMORY;
- }
-
- become_root();
- ret = pdb_getsampwsid(smbpass, user_sid);
- unbecome_root();
-
- if (ret==False) {
- DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
- TALLOC_FREE(smbpass);
- return NT_STATUS_NO_SUCH_USER;
- }
-
- DEBUG(3,("User:[%s]\n", pdb_get_username(smbpass) ));
-
init_samr_user_info9(r, pdb_get_group_rid(smbpass));
- TALLOC_FREE(smbpass);
-
return NT_STATUS_OK;
}
@@ -2438,33 +2374,12 @@ static NTSTATUS get_user_info_9(TALLOC_CTX *mem_ctx,
static NTSTATUS get_user_info_16(TALLOC_CTX *mem_ctx,
struct samr_UserInfo16 *r,
- DOM_SID *user_sid)
+ struct samu *smbpass)
{
- struct samu *smbpass=NULL;
- bool ret;
-
ZERO_STRUCTP(r);
- if ( !(smbpass = samu_new( mem_ctx )) ) {
- return NT_STATUS_NO_MEMORY;
- }
-
- become_root();
- ret = pdb_getsampwsid(smbpass, user_sid);
- unbecome_root();
-
- if (ret==False) {
- DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
- TALLOC_FREE(smbpass);
- return NT_STATUS_NO_SUCH_USER;
- }
-
- DEBUG(3,("User:[%s]\n", pdb_get_username(smbpass) ));
-
init_samr_user_info16(r, pdb_get_acct_ctrl(smbpass));
- TALLOC_FREE(smbpass);
-
return NT_STATUS_OK;
}
@@ -2529,10 +2444,8 @@ static NTSTATUS get_user_info_18(pipes_struct *p,
static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx,
struct samr_UserInfo20 *r,
- DOM_SID *user_sid)
+ struct samu *sampass)
{
- struct samu *sampass=NULL;
- bool ret;
const char *munged_dial = NULL;
DATA_BLOB blob;
NTSTATUS status;
@@ -2540,24 +2453,8 @@ static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx,
ZERO_STRUCTP(r);
- if ( !(sampass = samu_new( mem_ctx )) ) {
- return NT_STATUS_NO_MEMORY;
- }
-
- become_root();
- ret = pdb_getsampwsid(sampass, user_sid);
- unbecome_root();
-
- if (ret == False) {
- DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
- TALLOC_FREE(sampass);
- return NT_STATUS_NO_SUCH_USER;
- }
-
munged_dial = pdb_get_munged_dial(sampass);
- samr_clear_sam_passwd(sampass);
-
DEBUG(3,("User:[%s] has [%s] (length: %d)\n", pdb_get_username(sampass),
munged_dial, (int)strlen(munged_dial)));
@@ -2569,7 +2466,6 @@ static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx,
status = init_samr_parameters_string(mem_ctx, &blob, &parameters);
data_blob_free(&blob);
- TALLOC_FREE(sampass);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
@@ -2586,12 +2482,10 @@ static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx,
static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx,
struct samr_UserInfo21 *r,
- DOM_SID *user_sid,
+ struct samu *pw,
DOM_SID *domain_sid)
{
NTSTATUS status;
- struct samu *pw = NULL;
- bool ret;
const DOM_SID *sid_user, *sid_group;
uint32_t rid, primary_gid;
NTTIME last_logon, last_logoff, last_password_change,
@@ -2608,24 +2502,6 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx,
ZERO_STRUCTP(r);
- if (!(pw = samu_new(mem_ctx))) {
- return NT_STATUS_NO_MEMORY;
- }
-
- become_root();
- ret = pdb_getsampwsid(pw, user_sid);
- unbecome_root();
-
- if (ret == False) {
- DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
- TALLOC_FREE(pw);
- return NT_STATUS_NO_SUCH_USER;
- }
-
- samr_clear_sam_passwd(pw);
-
- DEBUG(3,("User:[%s]\n", pdb_get_username(pw)));
-
sid_user = pdb_get_user_sid(pw);
if (!sid_peek_check_rid(domain_sid, sid_user, &rid)) {
@@ -2633,7 +2509,6 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx,
"the domain sid %s. Failing operation.\n",
pdb_get_username(pw), sid_string_dbg(sid_user),
sid_string_dbg(domain_sid)));
- TALLOC_FREE(pw);
return NT_STATUS_UNSUCCESSFUL;
}
@@ -2646,7 +2521,6 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx,
"which conflicts with the domain sid %s. Failing operation.\n",
pdb_get_username(pw), sid_string_dbg(sid_group),
sid_string_dbg(domain_sid)));
- TALLOC_FREE(pw);
return NT_STATUS_UNSUCCESSFUL;
}
@@ -2679,7 +2553,6 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx,
status = init_samr_parameters_string(mem_ctx, &blob, &parameters);
data_blob_free(&blob);
if (!NT_STATUS_IS_OK(status)) {
- TALLOC_FREE(pw);
return status;
}
@@ -2737,7 +2610,6 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx,
0, /* nt_password_set */
0, /* lm_password_set */
password_expired);
- TALLOC_FREE(pw);
return NT_STATUS_OK;
}
@@ -2754,6 +2626,8 @@ NTSTATUS _samr_QueryUserInfo(pipes_struct *p,
struct samr_info *info = NULL;
DOM_SID domain_sid;
uint32 rid;
+ bool ret = false;
+ struct samu *pwd = NULL;
/* search for the handle */
if (!find_policy_by_hnd(p, r->in.user_handle, (void **)(void *)&info))
@@ -2783,58 +2657,54 @@ NTSTATUS _samr_QueryUserInfo(pipes_struct *p,
DEBUG(5,("_samr_QueryUserInfo: user info level: %d\n", r->in.level));
+ if (!(pwd = samu_new(p->mem_ctx))) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ become_root();
+ ret = pdb_getsampwsid(pwd, &info->sid);
+ unbecome_root();
+
+ if (ret == false) {
+ DEBUG(4,("User %s not found\n", sid_string_dbg(&info->sid)));
+ TALLOC_FREE(pwd);
+ return NT_STATUS_NO_SUCH_USER;
+ }
+
+ DEBUG(3,("User:[%s]\n", pdb_get_username(pwd)));
+
+ samr_clear_sam_passwd(pwd);
+
switch (r->in.level) {
case 5:
- status = get_user_info_5(p->mem_ctx, &user_info->info5, &info->sid, &domain_sid);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
+ status = get_user_info_5(p->mem_ctx, &user_info->info5, pwd, &domain_sid);
break;
case 7:
- status = get_user_info_7(p->mem_ctx, &user_info->info7, &info->sid);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
+ status = get_user_info_7(p->mem_ctx, &user_info->info7, pwd);
break;
case 9:
- status = get_user_info_9(p->mem_ctx, &user_info->info9, &info->sid);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
+ status = get_user_info_9(p->mem_ctx, &user_info->info9, pwd);
break;
case 16:
- status = get_user_info_16(p->mem_ctx, &user_info->info16, &info->sid);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
+ status = get_user_info_16(p->mem_ctx, &user_info->info16, pwd);
break;
-
case 18:
+ /* level 18 is special */
status = get_user_info_18(p, p->mem_ctx, &user_info->info18, &info->sid);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
break;
-
case 20:
- status = get_user_info_20(p->mem_ctx, &user_info->info20, &info->sid);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
+ status = get_user_info_20(p->mem_ctx, &user_info->info20, pwd);
break;
-
case 21:
- status = get_user_info_21(p->mem_ctx, &user_info->info21,
- &info->sid, &domain_sid);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
+ status = get_user_info_21(p->mem_ctx, &user_info->info21, pwd, &domain_sid);
break;
-
default:
- return NT_STATUS_INVALID_INFO_CLASS;
+ status = NT_STATUS_INVALID_INFO_CLASS;
+ break;
}
+ TALLOC_FREE(pwd);
+
*r->out.info = user_info;
DEBUG(5,("_samr_QueryUserInfo: %d\n", __LINE__));