summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/libnet/libnet_domain.c113
1 files changed, 101 insertions, 12 deletions
diff --git a/source4/libnet/libnet_domain.c b/source4/libnet/libnet_domain.c
index 9462cbe93d..80ae547625 100644
--- a/source4/libnet/libnet_domain.c
+++ b/source4/libnet/libnet_domain.c
@@ -19,7 +19,7 @@
*/
/*
- a composite function for domain handling on samr pipe
+ a composite function for domain handling on samr and lsa pipes
*/
#include "includes.h"
@@ -238,7 +238,7 @@ static void domain_open_handler(struct rpc_request *req)
/**
- * Sends asynchronous DomainOpen request
+ * Sends asynchronous DomainOpenSamr request
*
* @param ctx initialised libnet context
* @param io arguments and results of the call
@@ -267,11 +267,15 @@ struct composite_context *libnet_DomainOpenSamr_send(struct libnet_context *ctx,
s->access_mask = io->in.access_mask;
s->domain_name.string = io->in.domain_name;
+ /* check, if there's samr pipe opened already, before opening a domain */
if (ctx->samr.pipe == NULL) {
+
+ /* attempting to connect a domain controller */
s->rpcconn.level = LIBNET_RPC_CONNECT_DC;
s->rpcconn.in.name = io->in.domain_name;
s->rpcconn.in.dcerpc_iface = &dcerpc_table_samr;
-
+
+ /* send rpc pipe connect request */
s->rpcconn_req = libnet_RpcConnect_send(ctx, c, &s->rpcconn);
if (composite_nomem(s->rpcconn_req, c)) return c;
@@ -329,7 +333,7 @@ struct composite_context *libnet_DomainOpenSamr_send(struct libnet_context *ctx,
/**
- * Waits for and receives result of asynchronous DomainOpen call
+ * Waits for and receives result of asynchronous DomainOpenSamr call
*
* @param c composite context returned by asynchronous DomainOpen call
* @param ctx initialised libnet context
@@ -378,6 +382,14 @@ static void continue_rpc_connect_lsa(struct composite_context *ctx);
static void continue_lsa_policy_open(struct rpc_request *req);
+/**
+ * Sends asynchronous DomainOpenLsa request
+ *
+ * @param ctx initialised libnet context
+ * @param io arguments and results of the call
+ * @param monitor pointer to monitor function that is passed monitor message
+ */
+
struct composite_context* libnet_DomainOpenLsa_send(struct libnet_context *ctx,
struct libnet_DomainOpen *io,
void (*monitor)(struct monitor_msg*))
@@ -388,6 +400,7 @@ struct composite_context* libnet_DomainOpenLsa_send(struct libnet_context *ctx,
struct rpc_request *openpol_req;
struct lsa_QosInfo *qos;
+ /* create composite context and state */
c = composite_create(ctx, ctx->event_ctx);
if (c == NULL) return c;
@@ -396,15 +409,20 @@ struct composite_context* libnet_DomainOpenLsa_send(struct libnet_context *ctx,
c->private_data = s;
- s->name = talloc_strdup(c, io->in.domain_name);
- s->access_mask = io->in.access_mask;
- s->ctx = ctx;
+ /* store arguments in the state structure */
+ s->name = talloc_strdup(c, io->in.domain_name);
+ s->access_mask = io->in.access_mask;
+ s->ctx = ctx;
+ /* check, if there's lsa pipe opened already, before opening a handle */
if (ctx->lsa.pipe == NULL) {
+
+ /* attempting to connect a domain controller */
s->rpcconn.level = LIBNET_RPC_CONNECT_DC;
s->rpcconn.in.name = talloc_strdup(c, io->in.domain_name);
s->rpcconn.in.dcerpc_iface = &dcerpc_table_lsarpc;
+ /* send rpc pipe connect request */
rpcconn_req = libnet_RpcConnect_send(ctx, c, &s->rpcconn);
if (composite_nomem(rpcconn_req, c)) return c;
@@ -414,6 +432,7 @@ struct composite_context* libnet_DomainOpenLsa_send(struct libnet_context *ctx,
s->pipe = ctx->lsa.pipe;
+ /* preparing parameters for lsa_OpenPolicy2 rpc call */
s->openpol.in.system_name = s->name;
s->openpol.in.access_mask = s->access_mask;
s->openpol.in.attr = talloc_zero(c, struct lsa_ObjectAttribute);
@@ -426,7 +445,8 @@ struct composite_context* libnet_DomainOpenLsa_send(struct libnet_context *ctx,
s->openpol.in.attr->sec_qos = qos;
s->openpol.out.handle = &s->handle;
-
+
+ /* send rpc request */
openpol_req = dcerpc_lsa_OpenPolicy2_send(s->pipe, c, &s->openpol);
if (composite_nomem(openpol_req, c)) return c;
@@ -435,6 +455,9 @@ struct composite_context* libnet_DomainOpenLsa_send(struct libnet_context *ctx,
}
+/*
+ Stage 0.5 (optional): Rpc pipe connected, send lsa open policy request
+ */
static void continue_rpc_connect_lsa(struct composite_context *ctx)
{
struct composite_context *c;
@@ -445,11 +468,15 @@ static void continue_rpc_connect_lsa(struct composite_context *ctx)
c = talloc_get_type(ctx->async.private_data, struct composite_context);
s = talloc_get_type(c->private_data, struct domain_open_lsa_state);
+ /* receive rpc connection */
c->status = libnet_RpcConnect_recv(ctx, s->ctx, c, &s->rpcconn);
if (!composite_is_ok(c)) return;
+ /* RpcConnect function leaves the pipe in libnet context,
+ so get it from there */
s->pipe = s->ctx->lsa.pipe;
-
+
+ /* prepare lsa_OpenPolicy2 call */
s->openpol.in.system_name = s->name;
s->openpol.in.access_mask = s->access_mask;
s->openpol.in.attr = talloc_zero(c, struct lsa_ObjectAttribute);
@@ -462,7 +489,8 @@ static void continue_rpc_connect_lsa(struct composite_context *ctx)
s->openpol.in.attr->sec_qos = qos;
s->openpol.out.handle = &s->handle;
-
+
+ /* send rpc request */
openpol_req = dcerpc_lsa_OpenPolicy2_send(s->pipe, c, &s->openpol);
if (composite_nomem(openpol_req, c)) return;
@@ -470,6 +498,9 @@ static void continue_rpc_connect_lsa(struct composite_context *ctx)
}
+/*
+ Stage 1: Lsa policy opened - we're done, if successfully
+ */
static void continue_lsa_policy_open(struct rpc_request *req)
{
struct composite_context *c;
@@ -485,6 +516,16 @@ static void continue_lsa_policy_open(struct rpc_request *req)
}
+/**
+ * Receives result of asynchronous DomainOpenLsa call
+ *
+ * @param c composite context returned by asynchronous DomainOpenLsa call
+ * @param ctx initialised libnet context
+ * @param mem_ctx memory context of the call
+ * @param io pointer to results (and arguments) of the call
+ * @return nt status code of execution
+ */
+
NTSTATUS libnet_DomainOpenLsa_recv(struct composite_context *c, struct libnet_context *ctx,
TALLOC_CTX *mem_ctx, struct libnet_DomainOpen *io)
{
@@ -494,14 +535,19 @@ NTSTATUS libnet_DomainOpenLsa_recv(struct composite_context *c, struct libnet_co
status = composite_wait(c);
if (NT_STATUS_IS_OK(status) && io) {
+ /* everything went fine - get the results and
+ return the error string */
s = talloc_get_type(c->private_data, struct domain_open_lsa_state);
io->out.domain_handle = s->handle;
ctx->lsa.handle = s->handle;
- ctx->lsa.name = talloc_strdup(ctx, s->name);
+ ctx->lsa.name = talloc_steal(ctx, s->name);
ctx->lsa.access_mask = s->access_mask;
+
+ io->out.error_string = talloc_strdup(mem_ctx, "Success");
} else if (!NT_STATUS_IS_OK(status)) {
+ /* there was an error, so provide nt status code description */
io->out.error_string = talloc_asprintf(mem_ctx,
"Failed to open domain: %s",
nt_errstr(status));
@@ -512,6 +558,14 @@ NTSTATUS libnet_DomainOpenLsa_recv(struct composite_context *c, struct libnet_co
}
+/**
+ * Sends a request to open a domain in desired service
+ *
+ * @param ctx initalised libnet context
+ * @param io arguments and results of the call
+ * @param monitor pointer to monitor function that is passed monitor message
+ */
+
struct composite_context* libnet_DomainOpen_send(struct libnet_context *ctx,
struct libnet_DomainOpen *io,
void (*monitor)(struct monitor_msg*))
@@ -520,11 +574,13 @@ struct composite_context* libnet_DomainOpen_send(struct libnet_context *ctx,
switch (io->in.type) {
case DOMAIN_LSA:
+ /* reques to open a policy handle on \pipe\lsarpc */
c = libnet_DomainOpenLsa_send(ctx, io, monitor);
break;
case DOMAIN_SAMR:
default:
+ /* request to open a domain policy handle on \pipe\samr */
c = libnet_DomainOpenSamr_send(ctx, io, monitor);
break;
}
@@ -533,6 +589,15 @@ struct composite_context* libnet_DomainOpen_send(struct libnet_context *ctx,
}
+/**
+ * Receive result of domain open request
+ *
+ * @param c composite context returned by DomainOpen_send function
+ * @param ctx initialised libnet context
+ * @param mem_ctx memory context of the call
+ * @param io results and arguments of the call
+ */
+
NTSTATUS libnet_DomainOpen_recv(struct composite_context *c, struct libnet_context *ctx,
TALLOC_CTX *mem_ctx, struct libnet_DomainOpen *io)
{
@@ -591,6 +656,7 @@ struct composite_context* libnet_DomainCloseLsa_send(struct libnet_context *ctx,
struct domain_close_lsa_state *s;
struct rpc_request *close_req;
+ /* composite context and state structure allocation */
c = composite_create(ctx, ctx->event_ctx);
if (c == NULL) return c;
@@ -607,11 +673,14 @@ struct composite_context* libnet_DomainCloseLsa_send(struct libnet_context *ctx,
return c;
}
+ /* get opened lsarpc pipe pointer */
s->pipe = ctx->lsa.pipe;
-
+
+ /* prepare close handle call arguments */
s->close.in.handle = &ctx->lsa.handle;
s->close.out.handle = &s->handle;
+ /* send the request */
close_req = dcerpc_lsa_Close_send(s->pipe, c, &s->close);
if (composite_nomem(close_req, c)) return c;
@@ -620,6 +689,9 @@ struct composite_context* libnet_DomainCloseLsa_send(struct libnet_context *ctx,
}
+/*
+ Stage 1: Receive result of lsa close call
+*/
static void continue_lsa_close(struct rpc_request *req)
{
struct composite_context *c;
@@ -643,12 +715,15 @@ NTSTATUS libnet_DomainCloseLsa_recv(struct composite_context *c, struct libnet_c
status = composite_wait(c);
if (NT_STATUS_IS_OK(status) && io) {
+ /* policy handle closed successfully */
+
ctx->lsa.name = NULL;
ZERO_STRUCT(ctx->lsa.handle);
io->out.error_string = talloc_asprintf(mem_ctx, "Success");
} else if (!NT_STATUS_IS_OK(status)) {
+ /* there was an error, so return description of the status code */
io->out.error_string = talloc_asprintf(mem_ctx, "Error: %s", nt_errstr(status));
}
@@ -675,6 +750,7 @@ struct composite_context* libnet_DomainCloseSamr_send(struct libnet_context *ctx
struct domain_close_samr_state *s;
struct rpc_request *close_req;
+ /* composite context and state structure allocation */
c = composite_create(ctx, ctx->event_ctx);
if (c == NULL) return c;
@@ -691,8 +767,10 @@ struct composite_context* libnet_DomainCloseSamr_send(struct libnet_context *ctx
return c;
}
+ /* prepare close domain handle call arguments */
s->close.in.handle = &ctx->samr.handle;
+ /* send the request */
close_req = dcerpc_samr_Close_send(ctx->samr.pipe, ctx, &s->close);
if (composite_nomem(close_req, c)) return c;
@@ -701,6 +779,9 @@ struct composite_context* libnet_DomainCloseSamr_send(struct libnet_context *ctx
}
+/*
+ Stage 1: Receive result of samr close call
+*/
static void continue_samr_close(struct rpc_request *req)
{
struct composite_context *c;
@@ -724,11 +805,15 @@ NTSTATUS libnet_DomainCloseSamr_recv(struct composite_context *c, struct libnet_
status = composite_wait(c);
if (NT_STATUS_IS_OK(status) && io) {
+ /* domain policy handle closed successfully */
+
ZERO_STRUCT(ctx->samr.handle);
ctx->samr.name = NULL;
+
io->out.error_string = talloc_asprintf(mem_ctx, "Success");
} else if (!NT_STATUS_IS_OK(status)) {
+ /* there was an error, so return description of the status code */
io->out.error_string = talloc_asprintf(mem_ctx, "Error: %s", nt_errstr(status));
}
@@ -745,11 +830,13 @@ struct composite_context* libnet_DomainClose_send(struct libnet_context *ctx,
switch (io->in.type) {
case DOMAIN_LSA:
+ /* request to close policy handle on \pipe\lsarpc */
c = libnet_DomainCloseLsa_send(ctx, io, monitor);
break;
case DOMAIN_SAMR:
default:
+ /* request to close domain policy handle on \pipe\samr */
c = libnet_DomainCloseSamr_send(ctx, io, monitor);
break;
}
@@ -765,11 +852,13 @@ NTSTATUS libnet_DomainClose_recv(struct composite_context *c, struct libnet_cont
switch (io->in.type) {
case DOMAIN_LSA:
+ /* receive result of closing lsa policy handle */
status = libnet_DomainCloseLsa_recv(c, ctx, mem_ctx, io);
break;
case DOMAIN_SAMR:
default:
+ /* receive result of closing samr domain policy handle */
status = libnet_DomainCloseSamr_recv(c, ctx, mem_ctx, io);
break;
}