diff options
| -rw-r--r-- | source3/Makefile.in | 2 | ||||
| -rw-r--r-- | source3/configure.in | 4 | ||||
| -rw-r--r-- | source3/rpc_server/srv_lsa.c | 463 | ||||
| -rw-r--r-- | source3/rpc_server/srv_pipe.c | 2 |
4 files changed, 4 insertions, 467 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index c948bb8131..9da2f580f3 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -485,7 +485,7 @@ REG_API_OBJ = registry/reg_api.o \ $(REGFIO_OBJ) -RPC_LSA_OBJ = rpc_server/srv_lsa.o rpc_server/srv_lsa_nt.o librpc/gen_ndr/srv_lsa.o +RPC_LSA_OBJ = rpc_server/srv_lsa_nt.o librpc/gen_ndr/srv_lsa.o RPC_NETLOG_OBJ = rpc_server/srv_netlog_nt.o \ librpc/gen_ndr/srv_netlogon.o diff --git a/source3/configure.in b/source3/configure.in index 16c9ed916b..f1bd2d28a5 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -745,7 +745,7 @@ AC_SUBST(DYNEXP) dnl Add modules that have to be built by default here dnl These have to be built static: -default_static_modules="pdb_smbpasswd pdb_tdbsam rpc_lsa rpc_samr rpc_winreg rpc_initshutdown rpc_dssetup rpc_wkssvc rpc_svcctl2 rpc_ntsvcs2 rpc_netlogon rpc_netdfs rpc_srvsvc2 rpc_spoolss rpc_eventlog2 auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin vfs_default nss_info_template" +default_static_modules="pdb_smbpasswd pdb_tdbsam rpc_lsarpc rpc_samr rpc_winreg rpc_initshutdown rpc_dssetup rpc_wkssvc rpc_svcctl2 rpc_ntsvcs2 rpc_netlogon rpc_netdfs rpc_srvsvc2 rpc_spoolss rpc_eventlog2 auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin vfs_default nss_info_template" dnl These are preferably build shared, and static if dlopen() is not available default_shared_modules="vfs_recycle vfs_audit vfs_extd_audit vfs_full_audit vfs_netatalk vfs_fake_perms vfs_default_quota vfs_readonly vfs_cap vfs_expand_msdfs vfs_shadow_copy vfs_shadow_copy2 charset_CP850 charset_CP437 auth_script vfs_readahead vfs_syncops vfs_xattr_tdb vfs_streams_xattr" @@ -6609,7 +6609,7 @@ SMB_MODULE(pdb_tdbsam, passdb/pdb_tdb.o, "bin/tdbsam.$SHLIBEXT", PDB) SMB_SUBSYSTEM(PDB,passdb/pdb_interface.o) -SMB_MODULE(rpc_lsa, \$(RPC_LSA_OBJ), "bin/librpc_lsarpc.$SHLIBEXT", RPC) +SMB_MODULE(rpc_lsarpc, \$(RPC_LSA_OBJ), "bin/librpc_lsarpc.$SHLIBEXT", RPC) SMB_MODULE(rpc_winreg, \$(RPC_REG_OBJ), "bin/librpc_winreg.$SHLIBEXT", RPC) SMB_MODULE(rpc_initshutdown, \$(RPC_INITSHUTDOWN_OBJ), "bin/librpc_initshutdown.$SHLIBEXT", RPC) SMB_MODULE(rpc_dssetup, \$(RPC_DSSETUP_OBJ), "bin/librpc_dssetup.$SHLIBEXT", RPC) diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c deleted file mode 100644 index 3f292c2158..0000000000 --- a/source3/rpc_server/srv_lsa.c +++ /dev/null @@ -1,463 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * RPC Pipe client / server routines - * Copyright (C) Andrew Tridgell 1992-1997, - * Copyright (C) Luke Kenneth Casson Leighton 1996-1997, - * Copyright (C) Paul Ashton 1997, - * Copyright (C) Jeremy Allison 2001, - * Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2002-2003. - * Copyright (C) Gerald (Jerry) Carter 2005 - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see <http://www.gnu.org/licenses/>. - */ - -/* This is the interface to the lsa server code. */ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_RPC_SRV - -static bool proxy_lsa_call(pipes_struct *p, uint8 opnum) -{ - struct api_struct *fns; - int n_fns; - - lsarpc_get_pipe_fns(&fns, &n_fns); - - if (opnum >= n_fns) - return False; - - if (fns[opnum].opnum != opnum) { - smb_panic("LSA function table not sorted"); - } - - return fns[opnum].fn(p); -} - -/*************************************************************************** - api_lsa_open_policy2 - ***************************************************************************/ - -static bool api_lsa_open_policy2(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_OPENPOLICY2); -} - -/*************************************************************************** -api_lsa_open_policy - ***************************************************************************/ - -static bool api_lsa_open_policy(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_OPENPOLICY); -} - -/*************************************************************************** - api_lsa_enum_trust_dom - ***************************************************************************/ - -static bool api_lsa_enum_trust_dom(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ENUMTRUSTDOM); -} - -/*************************************************************************** - api_lsa_query_info - ***************************************************************************/ - -static bool api_lsa_query_info(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_QUERYINFOPOLICY); -} - -/*************************************************************************** - api_lsa_lookup_sids - ***************************************************************************/ - -static bool api_lsa_lookup_sids(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_LOOKUPSIDS); -} - -/*************************************************************************** - api_lsa_lookup_names - ***************************************************************************/ - -static bool api_lsa_lookup_names(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_LOOKUPNAMES); -} - -/*************************************************************************** - api_lsa_close. - ***************************************************************************/ - -static bool api_lsa_close(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_CLOSE); -} - -/*************************************************************************** - api_lsa_open_secret. - ***************************************************************************/ - -static bool api_lsa_open_secret(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_OPENSECRET); -} - -/*************************************************************************** - api_lsa_open_secret. - ***************************************************************************/ - -static bool api_lsa_enum_privs(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ENUMPRIVS); -} - -/*************************************************************************** - api_lsa_open_secret. - ***************************************************************************/ - -static bool api_lsa_priv_get_dispname(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_LOOKUPPRIVDISPLAYNAME); -} - -/*************************************************************************** - api_lsa_open_secret. - ***************************************************************************/ - -static bool api_lsa_enum_accounts(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ENUMACCOUNTS); -} - -/*************************************************************************** - api_lsa_UNK_GET_CONNUSER - ***************************************************************************/ - -static bool api_lsa_unk_get_connuser(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_GETUSERNAME); -} - -/*************************************************************************** - api_lsa_create_user - ***************************************************************************/ - -static bool api_lsa_create_account(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_CREATEACCOUNT); -} - -/*************************************************************************** - api_lsa_open_user - ***************************************************************************/ - -static bool api_lsa_open_account(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_OPENACCOUNT); -} - -/*************************************************************************** - api_lsa_get_privs - ***************************************************************************/ - -static bool api_lsa_enum_privsaccount(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ENUMPRIVSACCOUNT); -} - -/*************************************************************************** - api_lsa_getsystemaccount - ***************************************************************************/ - -static bool api_lsa_getsystemaccount(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_GETSYSTEMACCESSACCOUNT); -} - - -/*************************************************************************** - api_lsa_setsystemaccount - ***************************************************************************/ - -static bool api_lsa_setsystemaccount(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_SETSYSTEMACCESSACCOUNT); -} - -/*************************************************************************** - api_lsa_addprivs - ***************************************************************************/ - -static bool api_lsa_addprivs(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ADDPRIVILEGESTOACCOUNT); -} - -/*************************************************************************** - api_lsa_removeprivs - ***************************************************************************/ - -static bool api_lsa_removeprivs(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_REMOVEPRIVILEGESFROMACCOUNT); -} - -/*************************************************************************** - api_lsa_query_secobj - ***************************************************************************/ - -static bool api_lsa_query_secobj(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_QUERYSECURITY); -} - -/*************************************************************************** - api_lsa_add_acct_rights - ***************************************************************************/ - -static bool api_lsa_add_acct_rights(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ADDACCOUNTRIGHTS); -} - -/*************************************************************************** - api_lsa_remove_acct_rights - ***************************************************************************/ - -static bool api_lsa_remove_acct_rights(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_REMOVEACCOUNTRIGHTS); -} - -/*************************************************************************** - api_lsa_enum_acct_rights - ***************************************************************************/ - -static bool api_lsa_enum_acct_rights(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ENUMACCOUNTRIGHTS); -} - -/*************************************************************************** - api_lsa_lookup_priv_value - ***************************************************************************/ - -static bool api_lsa_lookup_priv_value(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_LOOKUPPRIVVALUE); -} - -/*************************************************************************** - ***************************************************************************/ - -static bool api_lsa_open_trust_dom(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_OPENTRUSTEDDOMAIN); -} - -/*************************************************************************** - ***************************************************************************/ - -static bool api_lsa_create_trust_dom(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_CREATETRUSTEDDOMAIN); -} - -/*************************************************************************** - ***************************************************************************/ - -static bool api_lsa_create_secret(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_CREATESECRET); -} - -/*************************************************************************** - ***************************************************************************/ - -static bool api_lsa_set_secret(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_SETSECRET); -} - -/*************************************************************************** - ***************************************************************************/ - -static bool api_lsa_delete_object(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_DELETEOBJECT); -} - -/*************************************************************************** - api_lsa_lookup_sids2 - ***************************************************************************/ - -static bool api_lsa_lookup_sids2(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_LOOKUPSIDS2); -} - -/*************************************************************************** - api_lsa_lookup_sids3 - ***************************************************************************/ - -static bool api_lsa_lookup_sids3(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_LOOKUPSIDS3); -} - -/*************************************************************************** - api_lsa_lookup_names2 - ***************************************************************************/ - -static bool api_lsa_lookup_names2(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_LOOKUPNAMES2); -} - -/*************************************************************************** - api_lsa_lookup_names3 - ***************************************************************************/ - -static bool api_lsa_lookup_names3(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_LOOKUPNAMES3); -} - -/*************************************************************************** - api_lsa_lookup_names4 - ***************************************************************************/ - -static bool api_lsa_lookup_names4(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_LOOKUPNAMES4); -} - -#if 0 /* AD DC work in ongoing in Samba 4 */ - -/*************************************************************************** - api_lsa_query_info2 - ***************************************************************************/ - -static bool api_lsa_query_info2(pipes_struct *p) -{ - LSA_Q_QUERY_INFO2 q_u; - LSA_R_QUERY_INFO2 r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!lsa_io_q_query_info2("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_query_info2: failed to unmarshall LSA_Q_QUERY_INFO2.\n")); - return False; - } - - r_u.status = _lsa_query_info2(p, &q_u, &r_u); - - if (!lsa_io_r_query_info2("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_query_info2: failed to marshall LSA_R_QUERY_INFO2.\n")); - return False; - } - - return True; -} -#endif /* AD DC work in ongoing in Samba 4 */ - -/*************************************************************************** - \PIPE\ntlsa commands - ***************************************************************************/ - -static struct api_struct api_lsa_cmds[] = -{ - { "LSA_OPENPOLICY2" , LSA_OPENPOLICY2 , api_lsa_open_policy2 }, - { "LSA_OPENPOLICY" , LSA_OPENPOLICY , api_lsa_open_policy }, - { "LSA_QUERYINFOPOLICY" , LSA_QUERYINFOPOLICY , api_lsa_query_info }, - { "LSA_ENUMTRUSTDOM" , LSA_ENUMTRUSTDOM , api_lsa_enum_trust_dom }, - { "LSA_CLOSE" , LSA_CLOSE , api_lsa_close }, - { "LSA_OPENSECRET" , LSA_OPENSECRET , api_lsa_open_secret }, - { "LSA_LOOKUPSIDS" , LSA_LOOKUPSIDS , api_lsa_lookup_sids }, - { "LSA_LOOKUPNAMES" , LSA_LOOKUPNAMES , api_lsa_lookup_names }, - { "LSA_ENUM_PRIVS" , LSA_ENUM_PRIVS , api_lsa_enum_privs }, - { "LSA_PRIV_GET_DISPNAME",LSA_PRIV_GET_DISPNAME,api_lsa_priv_get_dispname}, - { "LSA_ENUM_ACCOUNTS" , LSA_ENUM_ACCOUNTS , api_lsa_enum_accounts }, - { "LSA_UNK_GET_CONNUSER", LSA_UNK_GET_CONNUSER, api_lsa_unk_get_connuser }, - { "LSA_CREATEACCOUNT" , LSA_CREATEACCOUNT , api_lsa_create_account }, - { "LSA_OPENACCOUNT" , LSA_OPENACCOUNT , api_lsa_open_account }, - { "LSA_ENUMPRIVSACCOUNT", LSA_ENUMPRIVSACCOUNT, api_lsa_enum_privsaccount}, - { "LSA_GETSYSTEMACCOUNT", LSA_GETSYSTEMACCOUNT, api_lsa_getsystemaccount }, - { "LSA_SETSYSTEMACCOUNT", LSA_SETSYSTEMACCOUNT, api_lsa_setsystemaccount }, - { "LSA_ADDPRIVS" , LSA_ADDPRIVS , api_lsa_addprivs }, - { "LSA_REMOVEPRIVS" , LSA_REMOVEPRIVS , api_lsa_removeprivs }, - { "LSA_ADDACCTRIGHTS" , LSA_ADDACCTRIGHTS , api_lsa_add_acct_rights }, - { "LSA_REMOVEACCTRIGHTS", LSA_REMOVEACCTRIGHTS, api_lsa_remove_acct_rights }, - { "LSA_ENUMACCTRIGHTS" , LSA_ENUMACCTRIGHTS , api_lsa_enum_acct_rights }, - { "LSA_QUERYSECOBJ" , LSA_QUERYSECOBJ , api_lsa_query_secobj }, - { "LSA_LOOKUPPRIVVALUE" , LSA_LOOKUPPRIVVALUE , api_lsa_lookup_priv_value }, - { "LSA_OPENTRUSTDOM" , LSA_OPENTRUSTDOM , api_lsa_open_trust_dom }, - { "LSA_OPENSECRET" , LSA_OPENSECRET , api_lsa_open_secret }, - { "LSA_CREATETRUSTDOM" , LSA_CREATETRUSTDOM , api_lsa_create_trust_dom }, - { "LSA_CREATSECRET" , LSA_CREATESECRET , api_lsa_create_secret }, - { "LSA_SETSECRET" , LSA_SETSECRET , api_lsa_set_secret }, - { "LSA_DELETEOBJECT" , LSA_DELETEOBJECT , api_lsa_delete_object }, - { "LSA_LOOKUPSIDS2" , LSA_LOOKUPSIDS2 , api_lsa_lookup_sids2 }, - { "LSA_LOOKUPNAMES2" , LSA_LOOKUPNAMES2 , api_lsa_lookup_names2 }, - { "LSA_LOOKUPNAMES3" , LSA_LOOKUPNAMES3 , api_lsa_lookup_names3 }, - { "LSA_LOOKUPSIDS3" , LSA_LOOKUPSIDS3 , api_lsa_lookup_sids3 }, - { "LSA_LOOKUPNAMES4" , LSA_LOOKUPNAMES4 , api_lsa_lookup_names4 } -#if 0 /* AD DC work in ongoing in Samba 4 */ - /* be careful of the adding of new RPC's. See commentrs below about - ADS DC capabilities */ - { "LSA_QUERYINFO2" , LSA_QUERYINFO2 , api_lsa_query_info2 } -#endif /* AD DC work in ongoing in Samba 4 */ -}; - -static int count_fns(void) -{ - int funcs = sizeof(api_lsa_cmds) / sizeof(struct api_struct); - -#if 0 /* AD DC work is on going in Samba 4 */ - /* - * NOTE: Certain calls can not be enabled if we aren't an ADS DC. Make sure - * these calls are always last and that you decrement by the amount of calls - * to disable. - */ - if (!(SEC_ADS == lp_security() && ROLE_DOMAIN_PDC == lp_server_role())) { - funcs -= 1; - } -#endif /* AD DC work in ongoing in Samba 4 */ - - return funcs; -} - -void lsa_get_pipe_fns( struct api_struct **fns, int *n_fns ) -{ - *fns = api_lsa_cmds; - *n_fns = count_fns(); -} - - -NTSTATUS rpc_lsa_init(void) -{ - int funcs = count_fns(); - - return rpc_pipe_register_commands(SMB_RPC_INTERFACE_VERSION, "lsarpc", "lsass", api_lsa_cmds, - funcs); -} diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index a7a7f9a389..4d066a6b7a 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -2376,7 +2376,7 @@ void get_pipe_fns( int idx, struct api_struct **fns, int *n_fns ) switch ( idx ) { case PI_LSARPC: - lsa_get_pipe_fns( &cmds, &n_cmds ); + lsarpc_get_pipe_fns( &cmds, &n_cmds ); break; case PI_DSSETUP: dssetup_get_pipe_fns( &cmds, &n_cmds ); |