diff options
Diffstat (limited to 'source3/rpc_server/srv_lsa.c')
-rw-r--r-- | source3/rpc_server/srv_lsa.c | 614 |
1 files changed, 0 insertions, 614 deletions
diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c deleted file mode 100644 index dfb3323873..0000000000 --- a/source3/rpc_server/srv_lsa.c +++ /dev/null @@ -1,614 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * RPC Pipe client / server routines - * Copyright (C) Andrew Tridgell 1992-1997, - * Copyright (C) Luke Kenneth Casson Leighton 1996-1997, - * Copyright (C) Paul Ashton 1997, - * Copyright (C) Jeremy Allison 2001, - * Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2002-2003. - * Copyright (C) Gerald (Jerry) Carter 2005 - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see <http://www.gnu.org/licenses/>. - */ - -/* This is the interface to the lsa server code. */ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_RPC_SRV - -static bool proxy_lsa_call(pipes_struct *p, uint8 opnum) -{ - struct api_struct *fns; - int n_fns; - - lsarpc_get_pipe_fns(&fns, &n_fns); - - if (opnum >= n_fns) - return False; - - if (fns[opnum].opnum != opnum) { - smb_panic("LSA function table not sorted"); - } - - return fns[opnum].fn(p); -} - -/*************************************************************************** - api_lsa_open_policy2 - ***************************************************************************/ - -static bool api_lsa_open_policy2(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_OPENPOLICY2); -} - -/*************************************************************************** -api_lsa_open_policy - ***************************************************************************/ - -static bool api_lsa_open_policy(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_OPENPOLICY); -} - -/*************************************************************************** - api_lsa_enum_trust_dom - ***************************************************************************/ - -static bool api_lsa_enum_trust_dom(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ENUMTRUSTDOM); -} - -/*************************************************************************** - api_lsa_query_info - ***************************************************************************/ - -static bool api_lsa_query_info(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_QUERYINFOPOLICY); -} - -/*************************************************************************** - api_lsa_lookup_sids - ***************************************************************************/ - -static bool api_lsa_lookup_sids(pipes_struct *p) -{ - LSA_Q_LOOKUP_SIDS q_u; - LSA_R_LOOKUP_SIDS r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the info class and policy handle */ - if(!lsa_io_q_lookup_sids("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_lookup_sids: failed to unmarshall LSA_Q_LOOKUP_SIDS.\n")); - return False; - } - - r_u.status = _lsa_lookup_sids(p, &q_u, &r_u); - - if(!lsa_io_r_lookup_sids("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_lookup_sids: Failed to marshall LSA_R_LOOKUP_SIDS.\n")); - return False; - } - - return True; -} - -/*************************************************************************** - api_lsa_lookup_names - ***************************************************************************/ - -static bool api_lsa_lookup_names(pipes_struct *p) -{ - LSA_Q_LOOKUP_NAMES q_u; - LSA_R_LOOKUP_NAMES r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the info class and policy handle */ - if(!lsa_io_q_lookup_names("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_lookup_names: failed to unmarshall LSA_Q_LOOKUP_NAMES.\n")); - return False; - } - - r_u.status = _lsa_lookup_names(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!lsa_io_r_lookup_names("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_lookup_names: Failed to marshall LSA_R_LOOKUP_NAMES.\n")); - return False; - } - - return True; -} - -/*************************************************************************** - api_lsa_close. - ***************************************************************************/ - -static bool api_lsa_close(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_CLOSE); -} - -/*************************************************************************** - api_lsa_open_secret. - ***************************************************************************/ - -static bool api_lsa_open_secret(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_OPENSECRET); -} - -/*************************************************************************** - api_lsa_open_secret. - ***************************************************************************/ - -static bool api_lsa_enum_privs(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ENUMPRIVS); -} - -/*************************************************************************** - api_lsa_open_secret. - ***************************************************************************/ - -static bool api_lsa_priv_get_dispname(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_LOOKUPPRIVDISPLAYNAME); -} - -/*************************************************************************** - api_lsa_open_secret. - ***************************************************************************/ - -static bool api_lsa_enum_accounts(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ENUMACCOUNTS); -} - -/*************************************************************************** - api_lsa_UNK_GET_CONNUSER - ***************************************************************************/ - -static bool api_lsa_unk_get_connuser(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_GETUSERNAME); -} - -/*************************************************************************** - api_lsa_create_user - ***************************************************************************/ - -static bool api_lsa_create_account(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_CREATEACCOUNT); -} - -/*************************************************************************** - api_lsa_open_user - ***************************************************************************/ - -static bool api_lsa_open_account(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_OPENACCOUNT); -} - -/*************************************************************************** - api_lsa_get_privs - ***************************************************************************/ - -static bool api_lsa_enum_privsaccount(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ENUMPRIVSACCOUNT); -} - -/*************************************************************************** - api_lsa_getsystemaccount - ***************************************************************************/ - -static bool api_lsa_getsystemaccount(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_GETSYSTEMACCESSACCOUNT); -} - - -/*************************************************************************** - api_lsa_setsystemaccount - ***************************************************************************/ - -static bool api_lsa_setsystemaccount(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_SETSYSTEMACCESSACCOUNT); -} - -/*************************************************************************** - api_lsa_addprivs - ***************************************************************************/ - -static bool api_lsa_addprivs(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ADDPRIVILEGESTOACCOUNT); -} - -/*************************************************************************** - api_lsa_removeprivs - ***************************************************************************/ - -static bool api_lsa_removeprivs(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_REMOVEPRIVILEGESFROMACCOUNT); -} - -/*************************************************************************** - api_lsa_query_secobj - ***************************************************************************/ - -static bool api_lsa_query_secobj(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_QUERYSECURITY); -} - -/*************************************************************************** - api_lsa_add_acct_rights - ***************************************************************************/ - -static bool api_lsa_add_acct_rights(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ADDACCOUNTRIGHTS); -} - -/*************************************************************************** - api_lsa_remove_acct_rights - ***************************************************************************/ - -static bool api_lsa_remove_acct_rights(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_REMOVEACCOUNTRIGHTS); -} - -/*************************************************************************** - api_lsa_enum_acct_rights - ***************************************************************************/ - -static bool api_lsa_enum_acct_rights(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_ENUMACCOUNTRIGHTS); -} - -/*************************************************************************** - api_lsa_lookup_priv_value - ***************************************************************************/ - -static bool api_lsa_lookup_priv_value(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_LOOKUPPRIVVALUE); -} - -/*************************************************************************** - ***************************************************************************/ - -static bool api_lsa_open_trust_dom(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_OPENTRUSTEDDOMAIN); -} - -/*************************************************************************** - ***************************************************************************/ - -static bool api_lsa_create_trust_dom(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_CREATETRUSTEDDOMAIN); -} - -/*************************************************************************** - ***************************************************************************/ - -static bool api_lsa_create_secret(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_CREATESECRET); -} - -/*************************************************************************** - ***************************************************************************/ - -static bool api_lsa_set_secret(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_SETSECRET); -} - -/*************************************************************************** - ***************************************************************************/ - -static bool api_lsa_delete_object(pipes_struct *p) -{ - return proxy_lsa_call(p, NDR_LSA_DELETEOBJECT); -} - -/*************************************************************************** - api_lsa_lookup_sids2 - ***************************************************************************/ - -static bool api_lsa_lookup_sids2(pipes_struct *p) -{ - LSA_Q_LOOKUP_SIDS2 q_u; - LSA_R_LOOKUP_SIDS2 r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the info class and policy handle */ - if(!lsa_io_q_lookup_sids2("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_lookup_sids2: failed to unmarshall LSA_Q_LOOKUP_SIDS2.\n")); - return False; - } - - r_u.status = _lsa_lookup_sids2(p, &q_u, &r_u); - - if(!lsa_io_r_lookup_sids2("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_lookup_sids2: Failed to marshall LSA_R_LOOKUP_SIDS2.\n")); - return False; - } - - return True; -} - -/*************************************************************************** - api_lsa_lookup_sids3 - ***************************************************************************/ - -static bool api_lsa_lookup_sids3(pipes_struct *p) -{ - LSA_Q_LOOKUP_SIDS3 q_u; - LSA_R_LOOKUP_SIDS3 r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the info class and policy handle */ - if(!lsa_io_q_lookup_sids3("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_lookup_sids3: failed to unmarshall LSA_Q_LOOKUP_SIDS3.\n")); - return False; - } - - r_u.status = _lsa_lookup_sids3(p, &q_u, &r_u); - - if(!lsa_io_r_lookup_sids3("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_lookup_sids3: Failed to marshall LSA_R_LOOKUP_SIDS3.\n")); - return False; - } - - return True; -} - -/*************************************************************************** - api_lsa_lookup_names2 - ***************************************************************************/ - -static bool api_lsa_lookup_names2(pipes_struct *p) -{ - LSA_Q_LOOKUP_NAMES2 q_u; - LSA_R_LOOKUP_NAMES2 r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the info class and policy handle */ - if(!lsa_io_q_lookup_names2("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_lookup_names2: failed to unmarshall LSA_Q_LOOKUP_NAMES2.\n")); - return False; - } - - r_u.status = _lsa_lookup_names2(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!lsa_io_r_lookup_names2("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_lookup_names2: Failed to marshall LSA_R_LOOKUP_NAMES2.\n")); - return False; - } - - return True; -} - -/*************************************************************************** - api_lsa_lookup_names3 - ***************************************************************************/ - -static bool api_lsa_lookup_names3(pipes_struct *p) -{ - LSA_Q_LOOKUP_NAMES3 q_u; - LSA_R_LOOKUP_NAMES3 r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the info class and policy handle */ - if(!lsa_io_q_lookup_names3("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_lookup_names3: failed to unmarshall LSA_Q_LOOKUP_NAMES3.\n")); - return False; - } - - r_u.status = _lsa_lookup_names3(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!lsa_io_r_lookup_names3("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_lookup_names3: Failed to marshall LSA_R_LOOKUP_NAMES3.\n")); - return False; - } - - return True; -} - -/*************************************************************************** - api_lsa_lookup_names4 - ***************************************************************************/ - -static bool api_lsa_lookup_names4(pipes_struct *p) -{ - LSA_Q_LOOKUP_NAMES4 q_u; - LSA_R_LOOKUP_NAMES4 r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the info class and policy handle */ - if(!lsa_io_q_lookup_names4("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_lookup_names4: failed to unmarshall LSA_Q_LOOKUP_NAMES4.\n")); - return False; - } - - r_u.status = _lsa_lookup_names4(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!lsa_io_r_lookup_names4("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_lookup_names4: Failed to marshall LSA_R_LOOKUP_NAMES4.\n")); - return False; - } - - return True; -} - -#if 0 /* AD DC work in ongoing in Samba 4 */ - -/*************************************************************************** - api_lsa_query_info2 - ***************************************************************************/ - -static bool api_lsa_query_info2(pipes_struct *p) -{ - LSA_Q_QUERY_INFO2 q_u; - LSA_R_QUERY_INFO2 r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!lsa_io_q_query_info2("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_query_info2: failed to unmarshall LSA_Q_QUERY_INFO2.\n")); - return False; - } - - r_u.status = _lsa_query_info2(p, &q_u, &r_u); - - if (!lsa_io_r_query_info2("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_query_info2: failed to marshall LSA_R_QUERY_INFO2.\n")); - return False; - } - - return True; -} -#endif /* AD DC work in ongoing in Samba 4 */ - -/*************************************************************************** - \PIPE\ntlsa commands - ***************************************************************************/ - -static struct api_struct api_lsa_cmds[] = -{ - { "LSA_OPENPOLICY2" , LSA_OPENPOLICY2 , api_lsa_open_policy2 }, - { "LSA_OPENPOLICY" , LSA_OPENPOLICY , api_lsa_open_policy }, - { "LSA_QUERYINFOPOLICY" , LSA_QUERYINFOPOLICY , api_lsa_query_info }, - { "LSA_ENUMTRUSTDOM" , LSA_ENUMTRUSTDOM , api_lsa_enum_trust_dom }, - { "LSA_CLOSE" , LSA_CLOSE , api_lsa_close }, - { "LSA_OPENSECRET" , LSA_OPENSECRET , api_lsa_open_secret }, - { "LSA_LOOKUPSIDS" , LSA_LOOKUPSIDS , api_lsa_lookup_sids }, - { "LSA_LOOKUPNAMES" , LSA_LOOKUPNAMES , api_lsa_lookup_names }, - { "LSA_ENUM_PRIVS" , LSA_ENUM_PRIVS , api_lsa_enum_privs }, - { "LSA_PRIV_GET_DISPNAME",LSA_PRIV_GET_DISPNAME,api_lsa_priv_get_dispname}, - { "LSA_ENUM_ACCOUNTS" , LSA_ENUM_ACCOUNTS , api_lsa_enum_accounts }, - { "LSA_UNK_GET_CONNUSER", LSA_UNK_GET_CONNUSER, api_lsa_unk_get_connuser }, - { "LSA_CREATEACCOUNT" , LSA_CREATEACCOUNT , api_lsa_create_account }, - { "LSA_OPENACCOUNT" , LSA_OPENACCOUNT , api_lsa_open_account }, - { "LSA_ENUMPRIVSACCOUNT", LSA_ENUMPRIVSACCOUNT, api_lsa_enum_privsaccount}, - { "LSA_GETSYSTEMACCOUNT", LSA_GETSYSTEMACCOUNT, api_lsa_getsystemaccount }, - { "LSA_SETSYSTEMACCOUNT", LSA_SETSYSTEMACCOUNT, api_lsa_setsystemaccount }, - { "LSA_ADDPRIVS" , LSA_ADDPRIVS , api_lsa_addprivs }, - { "LSA_REMOVEPRIVS" , LSA_REMOVEPRIVS , api_lsa_removeprivs }, - { "LSA_ADDACCTRIGHTS" , LSA_ADDACCTRIGHTS , api_lsa_add_acct_rights }, - { "LSA_REMOVEACCTRIGHTS", LSA_REMOVEACCTRIGHTS, api_lsa_remove_acct_rights }, - { "LSA_ENUMACCTRIGHTS" , LSA_ENUMACCTRIGHTS , api_lsa_enum_acct_rights }, - { "LSA_QUERYSECOBJ" , LSA_QUERYSECOBJ , api_lsa_query_secobj }, - { "LSA_LOOKUPPRIVVALUE" , LSA_LOOKUPPRIVVALUE , api_lsa_lookup_priv_value }, - { "LSA_OPENTRUSTDOM" , LSA_OPENTRUSTDOM , api_lsa_open_trust_dom }, - { "LSA_OPENSECRET" , LSA_OPENSECRET , api_lsa_open_secret }, - { "LSA_CREATETRUSTDOM" , LSA_CREATETRUSTDOM , api_lsa_create_trust_dom }, - { "LSA_CREATSECRET" , LSA_CREATESECRET , api_lsa_create_secret }, - { "LSA_SETSECRET" , LSA_SETSECRET , api_lsa_set_secret }, - { "LSA_DELETEOBJECT" , LSA_DELETEOBJECT , api_lsa_delete_object }, - { "LSA_LOOKUPSIDS2" , LSA_LOOKUPSIDS2 , api_lsa_lookup_sids2 }, - { "LSA_LOOKUPNAMES2" , LSA_LOOKUPNAMES2 , api_lsa_lookup_names2 }, - { "LSA_LOOKUPNAMES3" , LSA_LOOKUPNAMES3 , api_lsa_lookup_names3 }, - { "LSA_LOOKUPSIDS3" , LSA_LOOKUPSIDS3 , api_lsa_lookup_sids3 }, - { "LSA_LOOKUPNAMES4" , LSA_LOOKUPNAMES4 , api_lsa_lookup_names4 } -#if 0 /* AD DC work in ongoing in Samba 4 */ - /* be careful of the adding of new RPC's. See commentrs below about - ADS DC capabilities */ - { "LSA_QUERYINFO2" , LSA_QUERYINFO2 , api_lsa_query_info2 } -#endif /* AD DC work in ongoing in Samba 4 */ -}; - -static int count_fns(void) -{ - int funcs = sizeof(api_lsa_cmds) / sizeof(struct api_struct); - -#if 0 /* AD DC work is on going in Samba 4 */ - /* - * NOTE: Certain calls can not be enabled if we aren't an ADS DC. Make sure - * these calls are always last and that you decrement by the amount of calls - * to disable. - */ - if (!(SEC_ADS == lp_security() && ROLE_DOMAIN_PDC == lp_server_role())) { - funcs -= 1; - } -#endif /* AD DC work in ongoing in Samba 4 */ - - return funcs; -} - -void lsa_get_pipe_fns( struct api_struct **fns, int *n_fns ) -{ - *fns = api_lsa_cmds; - *n_fns = count_fns(); -} - - -NTSTATUS rpc_lsa_init(void) -{ - int funcs = count_fns(); - - return rpc_pipe_register_commands(SMB_RPC_INTERFACE_VERSION, "lsarpc", "lsass", api_lsa_cmds, - funcs); -} |