summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_lsa.c3
-rw-r--r--source3/rpc_server/srv_lsa_hnd.c274
-rw-r--r--source3/rpc_server/srv_lsa_nt.c27
-rw-r--r--source3/rpc_server/srv_netlog.c835
-rw-r--r--source3/rpc_server/srv_netlog_nt.c184
-rw-r--r--source3/rpc_server/srv_pipe.c71
-rw-r--r--source3/rpc_server/srv_pipe_hnd.c61
-rw-r--r--source3/rpc_server/srv_reg.c2
-rw-r--r--source3/rpc_server/srv_reg_nt.c35
-rw-r--r--source3/rpc_server/srv_samr.c2502
-rw-r--r--source3/rpc_server/srv_samr_nt.c672
-rwxr-xr-xsource3/rpc_server/srv_spoolss.c9
-rw-r--r--source3/rpc_server/srv_spoolss_nt.c434
-rw-r--r--source3/rpc_server/srv_srvsvc.c3
-rw-r--r--source3/rpc_server/srv_srvsvc_nt.c5
-rw-r--r--source3/rpc_server/srv_util.c51
-rw-r--r--source3/rpc_server/srv_wkssvc.c3
-rw-r--r--source3/rpc_server/srv_wkssvc_nt.c2
18 files changed, 1465 insertions, 3708 deletions
diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c
index 3b6725ec3a..b6a8c745a4 100644
--- a/source3/rpc_server/srv_lsa.c
+++ b/source3/rpc_server/srv_lsa.c
@@ -1,4 +1,3 @@
-#define OLD_NTDOMAIN 1
/*
* Unix SMB/Netbios implementation.
* Version 1.9.
@@ -293,5 +292,3 @@ BOOL api_ntlsa_rpc(pipes_struct *p)
{
return api_rpcTNP(p, "api_ntlsa_rpc", api_lsa_cmds);
}
-
-#undef OLD_NTDOMAIN
diff --git a/source3/rpc_server/srv_lsa_hnd.c b/source3/rpc_server/srv_lsa_hnd.c
index 10b9bef1be..bcc3878d86 100644
--- a/source3/rpc_server/srv_lsa_hnd.c
+++ b/source3/rpc_server/srv_lsa_hnd.c
@@ -1,11 +1,10 @@
-#define OLD_NTDOMAIN 1
-
/*
* Unix SMB/Netbios implementation.
* Version 1.9.
* RPC Pipe client / server routines
* Copyright (C) Andrew Tridgell 1992-1997,
* Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
+ * Copyright (C) Jeremy Allison 2001.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -26,266 +25,145 @@
extern int DEBUGLEVEL;
+/* This is the max handles per pipe. */
#ifndef MAX_OPEN_POLS
-#define MAX_OPEN_POLS 2048
+#define MAX_OPEN_POLS 256
#endif
-struct reg_info
-{
- /* for use by \PIPE\winreg */
- fstring name; /* name of registry key */
-};
-
-struct samr_info
-{
- /* for use by the \PIPE\samr policy */
- DOM_SID sid;
- uint32 status; /* some sort of flag. best to record it. comes from opnum 0x39 */
-};
-
-static struct policy
-{
- struct policy *next, *prev;
- int pnum;
- BOOL open;
- POLICY_HND pol_hnd;
-
- union {
- struct samr_info samr;
- struct reg_info reg;
- } dev;
-} *Policy;
-
-static struct bitmap *bmap;
-
-static uint32 pol_hnd_low = 0;
-static uint32 pol_hnd_high = 0;
-
-/*******************************************************************
- Creates a POLICY_HND structure.
-********************************************************************/
-
-void create_policy_handle(POLICY_HND *hnd, uint32 *hnd_low, uint32 *hnd_high)
-{
- if (hnd == NULL) return;
-
- (*hnd_low)++;
- if (*hnd_low == 0) (*hnd_high)++;
-
- ZERO_STRUCTP(hnd);
-
- SIVAL(&hnd->data1, 0 , 0); /* first bit must be null */
- SIVAL(&hnd->data2, 0 , *hnd_low ); /* second bit is incrementing */
- SSVAL(&hnd->data3, 0 , *hnd_high); /* second bit is incrementing */
- SSVAL(&hnd->data4, 0 , (*hnd_high>>16)); /* second bit is incrementing */
- SIVAL(hnd->data5, 0, time(NULL)); /* something random */
- SIVAL(hnd->data5, 4, sys_getpid()); /* something more random */
-}
-
/****************************************************************************
initialise policy handle states...
****************************************************************************/
-void init_lsa_policy_hnd(void)
+
+void init_pipe_handles(pipes_struct *p)
{
- bmap = bitmap_allocate(MAX_OPEN_POLS);
- if (!bmap) {
- exit_server("out of memory in init_lsa_policy_hnd\n");
- }
+ p->pipe_handles.Policy = NULL;
+ p->pipe_handles.count = 0;
}
/****************************************************************************
find first available policy slot. creates a policy handle for you.
****************************************************************************/
-BOOL open_lsa_policy_hnd(POLICY_HND *hnd)
+
+BOOL create_policy_hnd(pipes_struct *p, POLICY_HND *hnd, void (*free_fn)(void *), void *data_ptr)
{
- int i;
- struct policy *p;
+ static uint32 pol_hnd_low = 0;
+ static uint32 pol_hnd_high = 0;
- i = bitmap_find(bmap, 1);
+ struct policy *pol;
- if (i == -1) {
- DEBUG(0,("ERROR: out of Policy Handles!\n"));
+ if (p->pipe_handles.count > MAX_OPEN_POLS) {
+ DEBUG(0,("create_policy_hnd: ERROR: too many handles (%d) on this pipe.\n", (int)p->pipe_handles.count));
return False;
}
- p = (struct policy *)malloc(sizeof(*p));
- if (!p) {
- DEBUG(0,("ERROR: out of memory!\n"));
+ pol = (struct policy *)malloc(sizeof(*p));
+ if (!pol) {
+ DEBUG(0,("create_policy_hnd: ERROR: out of memory!\n"));
return False;
}
- ZERO_STRUCTP(p);
+ ZERO_STRUCTP(pol);
+
+ pol->p = p;
+ pol->data_ptr = data_ptr;
+ pol->free_fn = free_fn;
- p->open = True;
- p->pnum = i;
+ pol_hnd_low++;
+ if (pol_hnd_low == 0) (pol_hnd_high)++;
- create_policy_handle(hnd, &pol_hnd_low, &pol_hnd_high);
- p->pol_hnd = *hnd;
+ SIVAL(&pol->pol_hnd.data1, 0 , 0); /* first bit must be null */
+ SIVAL(&pol->pol_hnd.data2, 0 , pol_hnd_low ); /* second bit is incrementing */
+ SSVAL(&pol->pol_hnd.data3, 0 , pol_hnd_high); /* second bit is incrementing */
+ SSVAL(&pol->pol_hnd.data4, 0 , (pol_hnd_high>>16)); /* second bit is incrementing */
+ SIVAL(pol->pol_hnd.data5, 0, time(NULL)); /* something random */
+ SIVAL(pol->pol_hnd.data5, 4, sys_getpid()); /* something more random */
- bitmap_set(bmap, i);
+ DLIST_ADD(p->pipe_handles.Policy, pol);
+ p->pipe_handles.count++;
- DLIST_ADD(Policy, p);
+ *hnd = pol->pol_hnd;
- DEBUG(4,("Opened policy hnd[%x] ", i));
- dump_data(4, (char *)hnd, sizeof(hnd));
+ DEBUG(4,("Opened policy hnd[%d] ", (int)p->pipe_handles.count));
+ dump_data(4, (char *)hnd, sizeof(*hnd));
return True;
}
/****************************************************************************
- find policy by handle
+ find policy by handle - internal version.
****************************************************************************/
-static struct policy *find_lsa_policy(POLICY_HND *hnd)
-{
- struct policy *p;
- for (p=Policy;p;p=p->next) {
- if (memcmp(&p->pol_hnd, hnd, sizeof(*hnd)) == 0) {
- DEBUG(4,("Found policy hnd[%x] ", p->pnum));
- dump_data(4, (char *)hnd, sizeof(hnd));
- return p;
+static struct policy *find_policy_by_hnd_internal(pipes_struct *p, POLICY_HND *hnd, void **data_p)
+{
+ struct policy *pol;
+ size_t i;
+
+ if (data_p)
+ *data_p = NULL;
+
+ for (i = 0, pol=p->pipe_handles.Policy;pol;pol=pol->next, i++) {
+ if (memcmp(&pol->pol_hnd, hnd, sizeof(*hnd)) == 0) {
+ DEBUG(4,("Found policy hnd[%d] ", (int)i));
+ dump_data(4, (char *)hnd, sizeof(*hnd));
+ if (data_p)
+ *data_p = pol->data_ptr;
+ return pol;
}
}
DEBUG(4,("Policy not found: "));
- dump_data(4, (char *)hnd, sizeof(hnd));
+ dump_data(4, (char *)hnd, sizeof(*hnd));
return NULL;
}
/****************************************************************************
- find policy index by handle
+ find policy by handle
****************************************************************************/
-int find_lsa_policy_by_hnd(POLICY_HND *hnd)
-{
- struct policy *p = find_lsa_policy(hnd);
- return p?p->pnum:-1;
-}
-
-
-/****************************************************************************
- set samr pol status. absolutely no idea what this is.
-****************************************************************************/
-BOOL set_lsa_policy_samr_pol_status(POLICY_HND *hnd, uint32 pol_status)
+BOOL find_policy_by_hnd(pipes_struct *p, POLICY_HND *hnd, void **data_p)
{
- struct policy *p = find_lsa_policy(hnd);
-
- if (p && p->open) {
- DEBUG(3,("Setting policy status=%x pnum=%x\n",
- pol_status, p->pnum));
-
- p->dev.samr.status = pol_status;
- return True;
- }
-
- DEBUG(3,("Error setting policy status=%x\n",
- pol_status));
- return False;
+ return find_policy_by_hnd_internal(p, hnd, data_p) == NULL ? False : True;
}
/****************************************************************************
- set samr sid
+ Close a policy.
****************************************************************************/
-BOOL set_lsa_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid)
-{
- fstring sidstr;
- struct policy *p = find_lsa_policy(hnd);
- if (p && p->open) {
- DEBUG(3,("Setting policy sid=%s pnum=%x\n",
- sid_to_string(sidstr, sid), p->pnum));
-
- memcpy(&p->dev.samr.sid, sid, sizeof(*sid));
- return True;
- }
-
- DEBUG(3,("Error setting policy sid=%s\n",
- sid_to_string(sidstr, sid)));
- return False;
-}
-
-/****************************************************************************
- get samr sid
-****************************************************************************/
-BOOL get_lsa_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid)
+BOOL close_policy_hnd(pipes_struct *p, POLICY_HND *hnd)
{
- struct policy *p = find_lsa_policy(hnd);
+ struct policy *pol = find_policy_by_hnd_internal(p, hnd, NULL);
- if (p != NULL && p->open) {
- fstring sidstr;
- memcpy(sid, &p->dev.samr.sid, sizeof(*sid));
- DEBUG(3,("Getting policy sid=%s pnum=%x\n",
- sid_to_string(sidstr, sid), p->pnum));
-
- return True;
+ if (!pol) {
+ DEBUG(3,("Error closing policy\n"));
+ return False;
}
- DEBUG(3,("Error getting policy\n"));
- return False;
-}
+ DEBUG(3,("Closed policy\n"));
-/****************************************************************************
- get samr rid
-****************************************************************************/
-uint32 get_lsa_policy_samr_rid(POLICY_HND *hnd)
-{
- struct policy *p = find_lsa_policy(hnd);
+ if (pol->free_fn && pol->data_ptr)
+ (*pol->free_fn)(pol->data_ptr);
- if (p && p->open) {
- uint32 rid = p->dev.samr.sid.sub_auths[p->dev.samr.sid.num_auths-1];
- DEBUG(3,("Getting policy device rid=%x pnum=%x\n",
- rid, p->pnum));
+ pol->p->pipe_handles.count--;
- return rid;
- }
+ DLIST_REMOVE(pol->p->pipe_handles.Policy, pol);
- DEBUG(3,("Error getting policy\n"));
- return 0xffffffff;
-}
+ ZERO_STRUCTP(pol);
-/****************************************************************************
- set reg name
-****************************************************************************/
-BOOL set_lsa_policy_reg_name(POLICY_HND *hnd, fstring name)
-{
- struct policy *p = find_lsa_policy(hnd);
-
- if (p && p->open) {
- DEBUG(3,("Setting policy pnum=%x name=%s\n",
- p->pnum, name));
+ free(pol);
- fstrcpy(p->dev.reg.name, name);
- return True;
- }
-
- DEBUG(3,("Error setting policy name=%s\n", name));
- return False;
+ return True;
}
/****************************************************************************
- close an lsa policy
+ Close all the pipe handles.
****************************************************************************/
-BOOL close_lsa_policy_hnd(POLICY_HND *hnd)
-{
- struct policy *p = find_lsa_policy(hnd);
- if (!p) {
- DEBUG(3,("Error closing policy\n"));
- return False;
- }
-
- DEBUG(3,("Closed policy name pnum=%x\n", p->pnum));
-
- DLIST_REMOVE(Policy, p);
-
- bitmap_clear(bmap, p->pnum);
-
- ZERO_STRUCTP(p);
-
- free(p);
+void close_policy_by_pipe(pipes_struct *p)
+{
+ while (p->pipe_handles.Policy)
+ close_policy_hnd(p, &p->pipe_handles.Policy->pol_hnd);
- return True;
+ p->pipe_handles.Policy = NULL;
+ p->pipe_handles.count = 0;
}
-
-#undef OLD_NTDOMAIN
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index ee2f38b715..8e1d934309 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -1,4 +1,3 @@
-#define OLD_NTDOMAIN 1
/*
* Unix SMB/Netbios implementation.
* Version 1.9.
@@ -275,9 +274,6 @@ static void init_reply_lookup_sids(LSA_R_LOOKUP_SIDS *r_l,
r_l->status = NT_STATUS_NO_PROBLEMO;
}
-static uint32 lsa_hnd_low = 0;
-static uint32 lsa_hnd_high = 0;
-
/***************************************************************************
_lsa_open_policy2.
***************************************************************************/
@@ -287,7 +283,8 @@ uint32 _lsa_open_policy2(pipes_struct *p, LSA_Q_OPEN_POL2 *q_u, LSA_R_OPEN_POL2
/* lkclXXXX having decoded it, ignore all fields in the open policy! */
/* set up the LSA QUERY INFO response */
- create_policy_handle(&r_u->pol, &lsa_hnd_low, &lsa_hnd_high);
+ if (!create_policy_hnd(p, &r_u->pol, NULL, NULL))
+ return NT_STATUS_OBJECT_NAME_NOT_FOUND;
return NT_STATUS_NOPROBLEMO;
}
@@ -301,7 +298,8 @@ uint32 _lsa_open_policy(pipes_struct *p, LSA_Q_OPEN_POL *q_u, LSA_R_OPEN_POL *r_
/* lkclXXXX having decoded it, ignore all fields in the open policy! */
/* set up the LSA QUERY INFO response */
- create_policy_handle(&r_u->pol, &lsa_hnd_low, &lsa_hnd_high);
+ if (!create_policy_hnd(p, &r_u->pol, NULL, NULL))
+ return NT_STATUS_OBJECT_NAME_NOT_FOUND;
return NT_STATUS_NOPROBLEMO;
}
@@ -316,6 +314,9 @@ uint32 _lsa_enum_trust_dom(pipes_struct *p, LSA_Q_ENUM_TRUST_DOM *q_u, LSA_R_ENU
char *dom_name = NULL;
DOM_SID *dom_sid = NULL;
+ if (!find_policy_by_hnd(p, &q_u->pol, NULL))
+ return NT_STATUS_INVALID_HANDLE;
+
/* set up the LSA QUERY INFO response */
init_r_enum_trust_dom(r_u, enum_context, dom_name, dom_sid,
dom_name != NULL ? NT_STATUS_NO_PROBLEMO : NT_STATUS_UNABLE_TO_FREE_VM);
@@ -336,6 +337,9 @@ uint32 _lsa_query_info(pipes_struct *p, LSA_Q_QUERY_INFO *q_u, LSA_R_QUERY_INFO
r_u->status = NT_STATUS_NO_PROBLEMO;
+ if (!find_policy_by_hnd(p, &q_u->pol, NULL))
+ return NT_STATUS_INVALID_HANDLE;
+
switch (q_u->info_class) {
case 0x02:
{
@@ -420,6 +424,9 @@ uint32 _lsa_lookup_sids(pipes_struct *p, LSA_Q_LOOKUP_SIDS *q_u, LSA_R_LOOKUP_SI
LSA_TRANS_NAME_ENUM *names = NULL;
uint32 mapped_count = 0;
+ if (!find_policy_by_hnd(p, &q_u->pol, NULL))
+ return NT_STATUS_INVALID_HANDLE;
+
ref = (DOM_R_REF *)talloc_zero(p->mem_ctx, sizeof(DOM_R_REF));
names = (LSA_TRANS_NAME_ENUM *)talloc_zero(p->mem_ctx, sizeof(LSA_TRANS_NAME_ENUM));
@@ -445,6 +452,9 @@ uint32 _lsa_lookup_names(pipes_struct *p,LSA_Q_LOOKUP_NAMES *q_u, LSA_R_LOOKUP_N
DOM_RID2 *rids;
uint32 mapped_count = 0;
+ if (!find_policy_by_hnd(p, &q_u->pol, NULL))
+ return NT_STATUS_INVALID_HANDLE;
+
ref = (DOM_R_REF *)talloc_zero(p->mem_ctx, sizeof(DOM_R_REF));
rids = (DOM_RID2 *)talloc_zero(p->mem_ctx, sizeof(DOM_RID2)*MAX_LOOKUP_SIDS);
@@ -464,6 +474,10 @@ uint32 _lsa_lookup_names(pipes_struct *p,LSA_Q_LOOKUP_NAMES *q_u, LSA_R_LOOKUP_N
uint32 _lsa_close(pipes_struct *p, LSA_Q_CLOSE *q_u, LSA_R_CLOSE *r_u)
{
+ if (!find_policy_by_hnd(p, &q_u->pol, NULL))
+ return NT_STATUS_INVALID_HANDLE;
+
+ close_policy_hnd(p, &q_u->pol);
return NT_STATUS_NO_PROBLEMO;
}
@@ -475,4 +489,3 @@ uint32 _lsa_open_secret(pipes_struct *p, LSA_Q_OPEN_SECRET *q_u, LSA_R_OPEN_SECR
{
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
-#undef OLD_NTDOMAIN
diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c
index 8e2b3819cb..01d646bf57 100644
--- a/source3/rpc_server/srv_netlog.c
+++ b/source3/rpc_server/srv_netlog.c
@@ -1,4 +1,3 @@
-#define OLD_NTDOMAIN 1
/*
* Unix SMB/Netbios implementation.
* Version 1.9.
@@ -6,7 +5,7 @@
* Copyright (C) Andrew Tridgell 1992-1997,
* Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
* Copyright (C) Paul Ashton 1997.
- * Copyright (C) Jeremy Allison 1998.
+ * Copyright (C) Jeremy Allison 1998-2001.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -23,344 +22,39 @@
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
+/* This is the interface to the netlogon pipe. */
+
#include "includes.h"
extern int DEBUGLEVEL;
-extern BOOL sam_logon_in_ssb;
-extern pstring samlogon_user;
-extern pstring global_myname;
-extern DOM_SID global_sam_sid;
-
-/*************************************************************************
- init_net_r_req_chal:
- *************************************************************************/
-
-static void init_net_r_req_chal(NET_R_REQ_CHAL *r_c,
- DOM_CHAL *srv_chal, int status)
-{
- DEBUG(6,("init_net_r_req_chal: %d\n", __LINE__));
- memcpy(r_c->srv_chal.data, srv_chal->data, sizeof(srv_chal->data));
- r_c->status = status;
-}
-
-/*************************************************************************
- net_reply_req_chal:
- *************************************************************************/
-
-static BOOL net_reply_req_chal(NET_Q_REQ_CHAL *q_c, prs_struct *rdata,
- DOM_CHAL *srv_chal, uint32 srv_time)
-{
- NET_R_REQ_CHAL r_c;
-
- DEBUG(6,("net_reply_req_chal: %d\n", __LINE__));
-
- /* set up the LSA REQUEST CHALLENGE response */
- init_net_r_req_chal(&r_c, srv_chal, srv_time);
-
- /* store the response in the SMB stream */
- if(!net_io_r_req_chal("", &r_c, rdata, 0)) {
- DEBUG(0,("net_reply_req_chal: Failed to marshall NET_R_REQ_CHAL.\n"));
- return False;
- }
-
- DEBUG(6,("net_reply_req_chal: %d\n", __LINE__));
-
- return True;
-}
-
-/*************************************************************************
- net_reply_logon_ctrl2:
- *************************************************************************/
-
-static BOOL net_reply_logon_ctrl2(NET_Q_LOGON_CTRL2 *q_l, prs_struct *rdata,
- uint32 flags, uint32 pdc_status, uint32 logon_attempts,
- uint32 tc_status, char *trust_domain_name)
-{
- NET_R_LOGON_CTRL2 r_l;
-
- DEBUG(6,("net_reply_logon_ctrl2: %d\n", __LINE__));
-
- /* set up the Logon Control2 response */
- init_r_logon_ctrl2(&r_l, q_l->query_level,
- flags, pdc_status, logon_attempts,
- tc_status, trust_domain_name);
-
- /* store the response in the SMB stream */
- if(!net_io_r_logon_ctrl2("", &r_l, rdata, 0)) {
- DEBUG(0,("net_reply_logon_ctrl2: Failed to marshall NET_R_LOGON_CTRL2.\n"));
- return False;
- }
-
- DEBUG(6,("net_reply_logon_ctrl2: %d\n", __LINE__));
-
- return True;
-}
-
-/*************************************************************************
- net_reply_trust_dom_list:
- *************************************************************************/
-
-static BOOL net_reply_trust_dom_list(NET_Q_TRUST_DOM_LIST *q_t, prs_struct *rdata,
- uint32 num_trust_domains, char *trust_domain_name)
-{
- NET_R_TRUST_DOM_LIST r_t;
-
- DEBUG(6,("net_reply_trust_dom_list: %d\n", __LINE__));
-
- /* set up the Trusted Domain List response */
- init_r_trust_dom(&r_t, num_trust_domains, trust_domain_name);
-
- /* store the response in the SMB stream */
- if(!net_io_r_trust_dom("", &r_t, rdata, 0)) {
- DEBUG(0,("net_reply_trust_dom_list: Failed to marshall NET_R_TRUST_DOM_LIST.\n"));
- return False;
- }
-
- DEBUG(6,("net_reply_trust_dom_listlogon_ctrl2: %d\n", __LINE__));
-
- return True;
-}
-
-/*************************************************************************
- init_net_r_auth_2:
- *************************************************************************/
-
-static void init_net_r_auth_2(NET_R_AUTH_2 *r_a,
- DOM_CHAL *resp_cred, NEG_FLAGS *flgs, int status)
-{
- memcpy(r_a->srv_chal.data, resp_cred->data, sizeof(resp_cred->data));
- memcpy(&r_a->srv_flgs, flgs, sizeof(r_a->srv_flgs));
- r_a->status = status;
-}
-
-/************************************************************************
- net_reply_auth_2:
- *************************************************************************/
-
-static BOOL net_reply_auth_2(NET_Q_AUTH_2 *q_a, prs_struct *rdata,
- DOM_CHAL *resp_cred, int status)
-{
- NET_R_AUTH_2 r_a;
- NEG_FLAGS srv_flgs;
-
- srv_flgs.neg_flags = 0x000001ff;
-
- /* set up the LSA AUTH 2 response */
-
- init_net_r_auth_2(&r_a, resp_cred, &srv_flgs, status);
-
- /* store the response in the SMB stream */
- if(!net_io_r_auth_2("", &r_a, rdata, 0)) {
- DEBUG(0,("net_reply_auth_2: Failed to marshall NET_R_AUTH_2.\n"));
- return False;
- }
-
- return True;
-}
-
-/***********************************************************************************
- init_net_r_srv_pwset:
- ***********************************************************************************/
-
-static void init_net_r_srv_pwset(NET_R_SRV_PWSET *r_s,
- DOM_CRED *srv_cred, int status)
-{
- DEBUG(5,("init_net_r_srv_pwset: %d\n", __LINE__));
-
- memcpy(&r_s->srv_cred, srv_cred, sizeof(r_s->srv_cred));
- r_s->status = status;
-
- DEBUG(5,("init_net_r_srv_pwset: %d\n", __LINE__));
-}
-
-/*************************************************************************
- net_reply_srv_pwset:
- *************************************************************************/
-
-static BOOL net_reply_srv_pwset(NET_Q_SRV_PWSET *q_s, prs_struct *rdata,
- DOM_CRED *srv_cred, int status)
-{
- NET_R_SRV_PWSET r_s;
-
- DEBUG(5,("net_srv_pwset: %d\n", __LINE__));
-
- /* set up the LSA Server Password Set response */
- init_net_r_srv_pwset(&r_s, srv_cred, status);
-
- /* store the response in the SMB stream */
- if(!net_io_r_srv_pwset("", &r_s, rdata, 0)) {
- DEBUG(0,("net_reply_srv_pwset: Failed to marshall NET_R_SRV_PWSET.\n"));
- return False;
- }
-
- DEBUG(5,("net_srv_pwset: %d\n", __LINE__));
-
- return True;
-}
-
-/*************************************************************************
- net_reply_sam_logon:
- *************************************************************************/
-
-static BOOL net_reply_sam_logon(NET_Q_SAM_LOGON *q_s, prs_struct *rdata,
- DOM_CRED *srv_cred, NET_USER_INFO_3 *user_info,
- uint32 status)
-{
- NET_R_SAM_LOGON r_s;
-
- /* XXXX maybe we want to say 'no', reject the client's credentials */
- r_s.buffer_creds = 1; /* yes, we have valid server credentials */
- memcpy(&r_s.srv_creds, srv_cred, sizeof(r_s.srv_creds));
-
- /* store the user information, if there is any. */
- r_s.user = user_info;
- if (status == 0x0 && user_info != NULL && user_info->ptr_user_info != 0)
- r_s.switch_value = 3; /* indicates type of validation user info */
- else
- r_s.switch_value = 0; /* indicates no info */
-
- r_s.status = status;
- r_s.auth_resp = 1; /* authoritative response */
-
- /* store the response in the SMB stream */
- if(!net_io_r_sam_logon("", &r_s, rdata, 0)) {
- DEBUG(0,("net_reply_sam_logon: Failed to marshall NET_R_SAM_LOGON.\n"));
- return False;
- }
-
- return True;
-}
-
-
-/*************************************************************************
- net_reply_sam_logoff:
- *************************************************************************/
-
-static BOOL net_reply_sam_logoff(NET_Q_SAM_LOGOFF *q_s, prs_struct *rdata,
- DOM_CRED *srv_cred,
- uint32 status)
-{
- NET_R_SAM_LOGOFF r_s;
-
- /* XXXX maybe we want to say 'no', reject the client's credentials */
- r_s.buffer_creds = 1; /* yes, we have valid server credentials */
- memcpy(&r_s.srv_creds, srv_cred, sizeof(r_s.srv_creds));
-
- r_s.status = status;
-
- /* store the response in the SMB stream */
- if(!net_io_r_sam_logoff("", &r_s, rdata, 0)) {
- DEBUG(0,("net_reply_sam_logoff: Failed to marshall NET_R_SAM_LOGOFF.\n"));
- return False;
- }
-
- return True;
-}
-
-/******************************************************************
- gets a machine password entry. checks access rights of the host.
- ******************************************************************/
-
-static BOOL get_md4pw(char *md4pw, char *mach_name, char *mach_acct)
-{
- SAM_ACCOUNT *sampass = NULL;
- BYTE *pass = NULL;
-
-#if 0
- /*
- * Currently this code is redundent as we already have a filter
- * by hostname list. What this code really needs to do is to
- * get a hosts allowed/hosts denied list from the SAM database
- * on a per user basis, and make the access decision there.
- * I will leave this code here for now as a reminder to implement
- * this at a later date. JRA.
- */
-
- if (!allow_access(lp_domain_hostsdeny(), lp_domain_hostsallow(),
- client_name(), client_addr()))
- {
- DEBUG(0,("get_md4pw: Workstation %s denied access to domain\n", mach_acct));
- return False;
- }
-#endif /* 0 */
-
- become_root();
- sampass = pdb_getsampwnam(mach_acct);
- unbecome_root();
-
- if ((sampass) != NULL && !(pdb_get_acct_ctrl(sampass) & ACB_DISABLED) &&
- ((pass=pdb_get_nt_passwd(sampass)) != NULL))
- {
- memcpy(md4pw, pass, 16);
- dump_data(5, md4pw, 16);
-
- return True;
- }
- DEBUG(0,("get_md4pw: Workstation %s: no account in domain\n", mach_acct));
- return False;
-}
-
/*************************************************************************
api_net_req_chal:
*************************************************************************/
static BOOL api_net_req_chal(pipes_struct *p)
{
- NET_Q_REQ_CHAL q_r;
- uint32 status = 0x0;
- uint16 vuid = p->vuid;
+ NET_Q_REQ_CHAL q_u;
+ NET_R_REQ_CHAL r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- fstring mach_acct;
- fstring mach_name;
-
- user_struct *vuser;
-
- DEBUG(5,("api_net_req_chal(%d): vuid %d\n", __LINE__, (int)vuid));
-
- if ((vuser = get_valid_user_struct(vuid)) == NULL)
- return False;
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
/* grab the challenge... */
- if(!net_io_q_req_chal("", &q_r, data, 0)) {
+ if(!net_io_q_req_chal("", &q_u, data, 0)) {
DEBUG(0,("api_net_req_chal: Failed to unmarshall NET_Q_REQ_CHAL.\n"));
return False;
}
- fstrcpy(mach_acct, dos_unistrn2(q_r.uni_logon_clnt.buffer,
- q_r.uni_logon_clnt.uni_str_len));
-
- fstrcpy(mach_name, mach_acct);
- strlower(mach_name);
-
- fstrcat(mach_acct, "$");
+ r_u.status = _net_req_chal(p, &q_u, &r_u);
- if (get_md4pw((char *)vuser->dc.md4pw, mach_name, mach_acct)) {
- /* copy the client credentials */
- memcpy(vuser->dc.clnt_chal.data , q_r.clnt_chal.data, sizeof(q_r.clnt_chal.data));
- memcpy(vuser->dc.clnt_cred.challenge.data, q_r.clnt_chal.data, sizeof(q_r.clnt_chal.data));
-
- /* create a server challenge for the client */
- /* Set these to random values. */
- generate_random_buffer(vuser->dc.srv_chal.data, 8, False);
-
- memcpy(vuser->dc.srv_cred.challenge.data, vuser->dc.srv_chal.data, 8);
-
- memset((char *)vuser->dc.sess_key, '\0', sizeof(vuser->dc.sess_key));
-
- /* from client / server challenges and md4 password, generate sess key */
- cred_session_key(&(vuser->dc.clnt_chal), &(vuser->dc.srv_chal),
- (char *)vuser->dc.md4pw, vuser->dc.sess_key);
- } else {
- /* lkclXXXX take a guess at a good error message to return :-) */
- status = NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT;
- }
-
- /* construct reply. */
- if(!net_reply_req_chal(&q_r, rdata, &vuser->dc.srv_chal, status))
+ /* store the response in the SMB stream */
+ if(!net_io_r_req_chal("", &r_u, rdata, 0)) {
+ DEBUG(0,("api_net_req_chal: Failed to marshall NET_R_REQ_CHAL.\n"));
return False;
+ }
return True;
}
@@ -371,270 +65,90 @@ static BOOL api_net_req_chal(pipes_struct *p)
static BOOL api_net_auth_2(pipes_struct *p)
{
- uint16 vuid = p->vuid;
- NET_Q_AUTH_2 q_a;
- uint32 status = 0x0;
+ NET_Q_AUTH_2 q_u;
+ NET_R_AUTH_2 r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- DOM_CHAL srv_cred;
- UTIME srv_time;
-
- user_struct *vuser;
-
- if ((vuser = get_valid_user_struct(vuid)) == NULL)
- return False;
-
- srv_time.time = 0;
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
/* grab the challenge... */
- if(!net_io_q_auth_2("", &q_a, data, 0)) {
+ if(!net_io_q_auth_2("", &q_u, data, 0)) {
DEBUG(0,("api_net_auth_2: Failed to unmarshall NET_Q_AUTH_2.\n"));
return False;
}
- /* check that the client credentials are valid */
- if (cred_assert(&(q_a.clnt_chal), vuser->dc.sess_key,
- &(vuser->dc.clnt_cred.challenge), srv_time)) {
-
- /* create server challenge for inclusion in the reply */
- cred_create(vuser->dc.sess_key, &(vuser->dc.srv_cred.challenge), srv_time, &srv_cred);
-
- /* copy the received client credentials for use next time */
- memcpy(vuser->dc.clnt_cred.challenge.data, q_a.clnt_chal.data, sizeof(q_a.clnt_chal.data));
- memcpy(vuser->dc.srv_cred .challenge.data, q_a.clnt_chal.data, sizeof(q_a.clnt_chal.data));
- } else {
- status = NT_STATUS_ACCESS_DENIED;
- }
+ r_u.status = _net_auth_2(p, &q_u, &r_u);
- /* construct reply. */
- if(!net_reply_auth_2(&q_a, rdata, &srv_cred, status))
+ /* store the response in the SMB stream */
+ if(!net_io_r_auth_2("", &r_u, rdata, 0)) {
+ DEBUG(0,("api_net_auth_2: Failed to marshall NET_R_AUTH_2.\n"));
return False;
+ }
return True;
}
-
/*************************************************************************
api_net_srv_pwset:
*************************************************************************/
static BOOL api_net_srv_pwset(pipes_struct *p)
{
- uint16 vuid = p->vuid;
- NET_Q_SRV_PWSET q_a;
- uint32 status = NT_STATUS_WRONG_PASSWORD;
- DOM_CRED srv_cred;
- pstring mach_acct;
- SAM_ACCOUNT *sampass;
- BOOL ret;
- user_struct *vuser;
+ NET_Q_SRV_PWSET q_u;
+ NET_R_SRV_PWSET r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- if ((vuser = get_valid_user_struct(vuid)) == NULL)
- return False;
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
/* grab the challenge and encrypted password ... */
- if(!net_io_q_srv_pwset("", &q_a, data, 0)) {
+ if(!net_io_q_srv_pwset("", &q_u, data, 0)) {
DEBUG(0,("api_net_srv_pwset: Failed to unmarshall NET_Q_SRV_PWSET.\n"));
return False;
}
- /* checks and updates credentials. creates reply credentials */
- if (deal_with_creds(vuser->dc.sess_key, &(vuser->dc.clnt_cred),
- &(q_a.clnt_id.cred), &srv_cred))
- {
- memcpy(&(vuser->dc.srv_cred), &(vuser->dc.clnt_cred), sizeof(vuser->dc.clnt_cred));
-
- DEBUG(5,("api_net_srv_pwset: %d\n", __LINE__));
-
- pstrcpy(mach_acct, dos_unistrn2(q_a.clnt_id.login.uni_acct_name.buffer,
- q_a.clnt_id.login.uni_acct_name.uni_str_len));
-
- DEBUG(3,("Server Password Set Wksta:[%s]\n", mach_acct));
-
- become_root();
- sampass = pdb_getsampwnam(mach_acct);
- unbecome_root();
-
- if (sampass != NULL) {
- unsigned char pwd[16];
- int i;
-
- DEBUG(100,("Server password set : new given value was :\n"));
- for(i = 0; i < 16; i++)
- DEBUG(100,("%02X ", q_a.pwd[i]));
- DEBUG(100,("\n"));
-
- cred_hash3( pwd, q_a.pwd, vuser->dc.sess_key, 0);
-
- /* lies! nt and lm passwords are _not_ the same: don't care */
- pdb_set_lanman_passwd (sampass, pwd);
- pdb_set_nt_passwd (sampass, pwd);
- pdb_set_acct_ctrl (sampass, ACB_WSTRUST);
-
- become_root();
- ret = pdb_update_sam_account (sampass,False);
- unbecome_root();
-
- if (ret) {
- /* hooray! */
- status = 0x0;
- }
- }
-
- DEBUG(5,("api_net_srv_pwset: %d\n", __LINE__));
+ r_u.status = _net_srv_pwset(p, &q_u, &r_u);
- } else {
- /* lkclXXXX take a guess at a sensible error code to return... */
- status = NT_STATUS_NETWORK_CREDENTIAL_CONFLICT;
- }
-
- /* Construct reply. */
- if(!net_reply_srv_pwset(&q_a, rdata, &srv_cred, status))
+ /* store the response in the SMB stream */
+ if(!net_io_r_srv_pwset("", &r_u, rdata, 0)) {
+ DEBUG(0,("api_net_srv_pwset: Failed to marshall NET_R_SRV_PWSET.\n"));
return False;
+ }
return True;
}
-
/*************************************************************************
api_net_sam_logoff:
*************************************************************************/
static BOOL api_net_sam_logoff(pipes_struct *p)
{
- uint16 vuid = p->vuid;
- NET_Q_SAM_LOGOFF q_l;
- NET_ID_INFO_CTR ctr;
- DOM_CRED srv_cred;
+ NET_Q_SAM_LOGOFF q_u;
+ NET_R_SAM_LOGOFF r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- user_struct *vuser;
-
- if ((vuser = get_valid_user_struct(vuid)) == NULL)
- return False;
-
- /* the DOM_ID_INFO_1 structure is a bit big. plus we might want to
- dynamically allocate it inside net_io_q_sam_logon, at some point */
- q_l.sam_id.ctr = &ctr;
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- /* grab the challenge... */
- if(!net_io_q_sam_logoff("", &q_l, data, 0)) {
+ if(!net_io_q_sam_logoff("", &q_u, data, 0)) {
DEBUG(0,("api_net_sam_logoff: Failed to unmarshall NET_Q_SAM_LOGOFF.\n"));
return False;
}
- /* checks and updates credentials. creates reply credentials */
- deal_with_creds(vuser->dc.sess_key, &vuser->dc.clnt_cred,
- &q_l.sam_id.client.cred, &srv_cred);
- memcpy(&vuser->dc.srv_cred, &vuser->dc.clnt_cred, sizeof(vuser->dc.clnt_cred));
+ r_u.status = _net_sam_logoff(p, &q_u, &r_u);
- /* construct reply. always indicate success */
- if(!net_reply_sam_logoff(&q_l, rdata, &srv_cred, 0x0))
+ /* store the response in the SMB stream */
+ if(!net_io_r_sam_logoff("", &r_u, rdata, 0)) {
+ DEBUG(0,("api_net_sam_logoff: Failed to marshall NET_R_SAM_LOGOFF.\n"));
return False;
-
- return True;
-}
-
-/*************************************************************************
- net_login_interactive:
- *************************************************************************/
-
-static uint32 net_login_interactive(NET_ID_INFO_1 *id1, SAM_ACCOUNT *sampass,
- user_struct *vuser)
-{
- uint32 status = 0x0;
-
- char nt_pwd[16];
- char lm_pwd[16];
- unsigned char key[16];
-
- memset(key, 0, 16);
- memcpy(key, vuser->dc.sess_key, 8);
-
- memcpy(lm_pwd, id1->lm_owf.data, 16);
- memcpy(nt_pwd, id1->nt_owf.data, 16);
-
-#ifdef DEBUG_PASSWORD
- DEBUG(100,("key:"));
- dump_data(100, (char *)key, 16);
-
- DEBUG(100,("lm owf password:"));
- dump_data(100, lm_pwd, 16);
-
- DEBUG(100,("nt owf password:"));
- dump_data(100, nt_pwd, 16);
-#endif
-
- SamOEMhash((uchar *)lm_pwd, key, False);
- SamOEMhash((uchar *)nt_pwd, key, False);
-
-#ifdef DEBUG_PASSWORD
- DEBUG(100,("decrypt of lm owf password:"));
- dump_data(100, lm_pwd, 16);
-
- DEBUG(100,("decrypt of nt owf password:"));
- dump_data(100, nt_pwd, 16);
-#endif
-
- if (memcmp(pdb_get_lanman_passwd(sampass) ,lm_pwd, 16) != 0 ||
- memcmp(pdb_get_nt_passwd(sampass) ,nt_pwd, 16) != 0)
- {
- status = NT_STATUS_WRONG_PASSWORD;
}
- return status;
-}
-
-/*************************************************************************
- net_login_network:
- *************************************************************************/
-
-static uint32 net_login_network(NET_ID_INFO_2 *id2, SAM_ACCOUNT *sampass)
-{
- BYTE *nt_pwd, *lanman_pwd;
-
- DEBUG(5,("net_login_network: lm_len: %d nt_len: %d\n",
- id2->hdr_lm_chal_resp.str_str_len,
- id2->hdr_nt_chal_resp.str_str_len));
-
- /* JRA. Check the NT password first if it exists - this is a higher quality
- password, if it exists and it doesn't match - fail. */
-
- nt_pwd = pdb_get_nt_passwd (sampass);
- lanman_pwd = pdb_get_lanman_passwd (sampass);
- if (id2->hdr_nt_chal_resp.str_str_len == 24 &&
- nt_pwd != NULL)
- {
- if(smb_password_check((char *)id2->nt_chal_resp.buffer, nt_pwd,
- id2->lm_chal))
- return 0x0;
- else
- return NT_STATUS_WRONG_PASSWORD;
- }
-
- /* lkclXXXX this is not a good place to put disabling of LM hashes in.
- if that is to be done, first move this entire function into a
- library routine that calls the two smb_password_check() functions.
- if disabling LM hashes (which nt can do for security reasons) then
- an attempt should be made to disable them everywhere (which nt does
- not do, for various security-hole reasons).
- */
-
- if (id2->hdr_lm_chal_resp.str_str_len == 24 &&
- smb_password_check((char *)id2->lm_chal_resp.buffer,
- lanman_pwd, id2->lm_chal))
- {
- return 0x0;
- }
-
-
- /* oops! neither password check succeeded */
-
- return NT_STATUS_WRONG_PASSWORD;
+ return True;
}
/*************************************************************************
@@ -643,284 +157,94 @@ static uint32 net_login_network(NET_ID_INFO_2 *id2, SAM_ACCOUNT *sampass)
static BOOL api_net_sam_logon(pipes_struct *p)
{
- uint16 vuid = p->vuid;
- NET_Q_SAM_LOGON q_l;
- NET_ID_INFO_CTR ctr;
- NET_USER_INFO_3 usr_info;
- uint32 status = 0x0;
- DOM_CRED srv_cred;
- SAM_ACCOUNT *sampass = NULL;
- uint16 acct_ctrl;
- UNISTR2 *uni_samlogon_user = NULL;
- fstring nt_username;
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
- user_struct *vuser = NULL;
-
- if ((vuser = get_valid_user_struct(vuid)) == NULL)
- return False;
-
- ZERO_STRUCT(q_l);
- ZERO_STRUCT(ctr);
- ZERO_STRUCT(usr_info);
-
- q_l.sam_id.ctr = &ctr;
+ NET_Q_SAM_LOGON q_u;
+ NET_R_SAM_LOGON r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
- if(!net_io_q_sam_logon("", &q_l, data, 0)) {
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if(!net_io_q_sam_logon("", &q_u, data, 0)) {
DEBUG(0, ("api_net_sam_logon: Failed to unmarshall NET_Q_SAM_LOGON.\n"));
return False;
}
-
- /* checks and updates credentials. creates reply credentials */
- if (!deal_with_creds(vuser->dc.sess_key, &vuser->dc.clnt_cred, &q_l.sam_id.client.cred, &srv_cred))
- status = NT_STATUS_INVALID_HANDLE;
- else
- memcpy(&vuser->dc.srv_cred, &vuser->dc.clnt_cred, sizeof(vuser->dc.clnt_cred));
-
- /* find the username */
-
- if (status == 0) {
- switch (q_l.sam_id.logon_level) {
- case INTERACTIVE_LOGON_TYPE:
- uni_samlogon_user = &q_l.sam_id.ctr->auth.id1.uni_user_name;
-
- DEBUG(3,("SAM Logon (Interactive). Domain:[%s]. ", lp_workgroup()));
- break;
- case NET_LOGON_TYPE:
- uni_samlogon_user = &q_l.sam_id.ctr->auth.id2.uni_user_name;
-
- DEBUG(3,("SAM Logon (Network). Domain:[%s]. ", lp_workgroup()));
- break;
- default:
- DEBUG(2,("SAM Logon: unsupported switch value\n"));
- status = NT_STATUS_INVALID_INFO_CLASS;
- break;
- } /* end switch */
- } /* end if status == 0 */
-
- /* check username exists */
-
- if (status == 0)
- {
- pstrcpy(nt_username, dos_unistrn2(uni_samlogon_user->buffer,
- uni_samlogon_user->uni_str_len));
-
- DEBUG(3,("User:[%s]\n", nt_username));
-
- /*
- * Convert to a UNIX username.
- */
- map_username(nt_username);
-
- /* get the account information */
- become_root();
- sampass = pdb_getsampwnam(nt_username);
- unbecome_root();
-
- acct_ctrl = pdb_get_acct_ctrl(sampass);
- if (sampass == NULL)
- status = NT_STATUS_NO_SUCH_USER;
- else if (acct_ctrl & ACB_PWNOTREQ)
- status = 0;
- else if (acct_ctrl & ACB_DISABLED)
- status = NT_STATUS_ACCOUNT_DISABLED;
- }
-
- /* Validate password - if required. */
-
- if ((status == 0) && !(acct_ctrl & ACB_PWNOTREQ)) {
- switch (q_l.sam_id.logon_level) {
- case INTERACTIVE_LOGON_TYPE:
- /* interactive login. */
- status = net_login_interactive(&q_l.sam_id.ctr->auth.id1,
- sampass, vuser);
- break;
- case NET_LOGON_TYPE:
- /* network login. lm challenge and 24 byte responses */
- status = net_login_network(&q_l.sam_id.ctr->auth.id2, sampass);
- break;
- }
- }
-
- /* lkclXXXX this is the point at which, if the login was
- successful, that the SAM Local Security Authority should
- record that the user is logged in to the domain.
- */
-
- /* return the profile plus other bits :-) */
-
- if (status == 0) {
- DOM_GID *gids = NULL;
- int num_gids = 0;
- pstring my_name;
- pstring my_workgroup;
- pstring domain_groups;
-
- /* set up pointer indicating user/password failed to be found */
- usr_info.ptr_user_info = 0;
-
- /* XXXX hack to get standard_sub_basic() to use sam logon username */
- /* possibly a better way would be to do a become_user() call */
-
- /*
- * All this information should be filled in from the
- * passdb information
- */
- sam_logon_in_ssb = True;
- pstrcpy(samlogon_user, nt_username);
-
-#if 0
- gid = pdb_get_gid(sampass);
-
- pstrcpy(str, pdb_get_logon_script(sampass));
- standard_sub_advanced(-1, nt_username, "", gid, str);
- pdb_set_logon_script(sampass, str);
-
- pstrcpy(str, pdb_get_profile_path(sampass));
- standard_sub_advanced(-1, nt_username, "", gid, str);
- pdb_set_profile_path(sampass, str);
-
- pstrcpy(str, pdb_get_homedir(sampass));
- standard_sub_advanced(-1, nt_username, "", gid, str);
- pdb_set_homedir(sampass, str);
-
- fstrcpy(full_name, "<Full Name>");
- if (lp_unix_realname())
- fstrcpy(full_name, pdb_get_fullname(sampass));
-#endif
-
- pstrcpy(my_workgroup, lp_workgroup());
- pstrcpy(my_name, global_myname);
- strupper(my_name);
-
-
- /*
- * This is the point at which we get the group
- * database - we should be getting the gid_t list
- * from /etc/group and then turning the uids into
- * rids and then into machine sids for this user.
- * JRA.
- */
-
- get_domain_user_groups(domain_groups, nt_username);
-
- /*
- * make_dom_gids allocates the gids array. JRA.
- */
- gids = NULL;
- num_gids = make_dom_gids(domain_groups, &gids);
-
- sam_logon_in_ssb = False;
-
- /*
- * This next call is where the 'domain admin users' parameter
- * gets mapped. I'm leaving it out for now. The user and group rid
- * has already been mapped into the SAM_ACCOUNT struct. I don't
- * think this should be overridden here. The correct solution
- * is proper group memberships and mapping. --jerry
- */
-#if 0
- if (pdb_name_to_rid(nt_username, &r_uid, &r_gid))
-#endif
- init_net_user_info3(&usr_info, sampass,
- 0, /* logon_count */
- 0, /* bad_pw_count */
- num_gids, /* uint32 num_groups */
- gids , /* DOM_GID *gids */
- 0x20 , /* uint32 user_flgs (?) */
- NULL, /* char sess_key[16] */
- my_name , /* char *logon_srv */
- my_workgroup, /* char *logon_dom */
- &global_sam_sid, /* DOM_SID *dom_sid */
- NULL); /* char *other_sids */
-
-#if 0
- else
- status = NT_STATUS_NO_SUCH_USER;
-#endif
-
- /* Free any allocated groups array. */
- if(gids)
- free((char *)gids);
- }
-
- if(!net_reply_sam_logon(&q_l, rdata, &srv_cred, &usr_info, status)) {
- free_user_info3(&usr_info);
- return False;
- }
+
+ r_u.status = _net_sam_logon(p, &q_u, &r_u);
- free_user_info3(&usr_info);
+ /* store the response in the SMB stream */
+ if(!net_io_r_sam_logon("", &r_u, rdata, 0)) {
+ DEBUG(0,("api_net_sam_logon: Failed to marshall NET_R_SAM_LOGON.\n"));
+ return False;
+ }
return True;
}
-
/*************************************************************************
api_net_trust_dom_list:
*************************************************************************/
static BOOL api_net_trust_dom_list(pipes_struct *p)
{
- NET_Q_TRUST_DOM_LIST q_t;
+ NET_Q_TRUST_DOM_LIST q_u;
+ NET_R_TRUST_DOM_LIST r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- char *trusted_domain = "test_domain";
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
DEBUG(6,("api_net_trust_dom_list: %d\n", __LINE__));
/* grab the lsa trusted domain list query... */
- if(!net_io_q_trust_dom("", &q_t, data, 0)) {
+ if(!net_io_q_trust_dom("", &q_u, data, 0)) {
DEBUG(0,("api_net_trust_dom_list: Failed to unmarshall NET_Q_TRUST_DOM_LIST.\n"));
return False;
}
/* construct reply. */
- if(!net_reply_trust_dom_list(&q_t, rdata, 1, trusted_domain))
+ r_u.status = _net_trust_dom_list(p, &q_u, &r_u);
+
+ /* store the response in the SMB stream */
+ if(!net_io_r_trust_dom("", &r_u, rdata, 0)) {
+ DEBUG(0,("net_reply_trust_dom_list: Failed to marshall NET_R_TRUST_DOM_LIST.\n"));
return False;
+ }
DEBUG(6,("api_net_trust_dom_list: %d\n", __LINE__));
return True;
}
-
-/*************************************************************************
- error messages cropping up when using nltest.exe...
- *************************************************************************/
-#define ERROR_NO_SUCH_DOMAIN 0x54b
-#define ERROR_NO_LOGON_SERVERS 0x51f
-
/*************************************************************************
api_net_logon_ctrl2:
*************************************************************************/
static BOOL api_net_logon_ctrl2(pipes_struct *p)
{
- NET_Q_LOGON_CTRL2 q_l;
+ NET_Q_LOGON_CTRL2 q_u;
+ NET_R_LOGON_CTRL2 r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- /* lkclXXXX - guess what - absolutely no idea what these are! */
- uint32 flags = 0x0;
- uint32 pdc_connection_status = 0x0;
- uint32 logon_attempts = 0x0;
- uint32 tc_status = ERROR_NO_LOGON_SERVERS;
- char *trusted_domain = "test_domain";
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
DEBUG(6,("api_net_logon_ctrl2: %d\n", __LINE__));
/* grab the lsa netlogon ctrl2 query... */
- if(!net_io_q_logon_ctrl2("", &q_l, data, 0)) {
+ if(!net_io_q_logon_ctrl2("", &q_u, data, 0)) {
DEBUG(0,("api_net_logon_ctrl2: Failed to unmarshall NET_Q_LOGON_CTRL2.\n"));
return False;
}
- /* construct reply. */
- if(!net_reply_logon_ctrl2(&q_l, rdata,
- flags, pdc_connection_status, logon_attempts,
- tc_status, trusted_domain))
+ r_u.status = _net_logon_ctrl2(p, &q_u, &r_u);
+
+ if(!net_io_r_logon_ctrl2("", &r_u, rdata, 0)) {
+ DEBUG(0,("net_reply_logon_ctrl2: Failed to marshall NET_R_LOGON_CTRL2.\n"));
return False;
+ }
DEBUG(6,("api_net_logon_ctrl2: %d\n", __LINE__));
@@ -950,4 +274,3 @@ BOOL api_netlog_rpc(pipes_struct *p)
{
return api_rpcTNP(p, "api_netlog_rpc", api_net_cmds);
}
-#undef OLD_NTDOMAIN
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 151c72499a..613f8f54b2 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -129,7 +129,8 @@ static void init_net_r_srv_pwset(NET_R_SRV_PWSET *r_s,
static BOOL get_md4pw(char *md4pw, char *mach_acct)
{
- struct smb_passwd *smb_pass;
+ SAM_ACCOUNT *sampass = NULL;
+ BYTE *pass;
#if 0
/*
@@ -150,17 +151,18 @@ static BOOL get_md4pw(char *md4pw, char *mach_acct)
#endif /* 0 */
become_root();
- smb_pass = getsmbpwnam(mach_acct);
+ sampass = pdb_getsampwnam(mach_acct);
unbecome_root();
-
- if ((smb_pass) != NULL && !(smb_pass->acct_ctrl & ACB_DISABLED) &&
- (smb_pass->smb_nt_passwd != NULL))
+
+ if ((sampass) != NULL && !(pdb_get_acct_ctrl(sampass) & ACB_DISABLED) &&
+ ((pass=pdb_get_nt_passwd(sampass)) != NULL))
{
- memcpy(md4pw, smb_pass->smb_nt_passwd, 16);
+ memcpy(md4pw, pass, 16);
dump_data(5, md4pw, 16);
-
+
return True;
}
+
DEBUG(0,("get_md4pw: Workstation %s: no account in domain\n", mach_acct));
return False;
}
@@ -256,11 +258,11 @@ uint32 _net_auth_2(pipes_struct *p, NET_Q_AUTH_2 *q_u, NET_R_AUTH_2 *r_u)
uint32 _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *r_u)
{
uint16 vuid = p->vuid;
- uint32 status = NT_STATUS_NOPROBLEMO;
+ uint32 status = NT_STATUS_WRONG_PASSWORD;
DOM_CRED srv_cred;
pstring mach_acct;
- struct smb_passwd *smb_pass;
- BOOL ret;
+ SAM_ACCOUNT *sampass;
+ BOOL ret = False;
user_struct *vuser;
unsigned char pwd[16];
int i;
@@ -282,10 +284,10 @@ uint32 _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *r_
DEBUG(3,("Server Password Set Wksta:[%s]\n", mach_acct));
become_root();
- smb_pass = getsmbpwnam(mach_acct);
+ sampass = pdb_getsampwnam(mach_acct);
unbecome_root();
- if (smb_pass == NULL)
+ if (sampass == NULL)
return NT_STATUS_NO_SUCH_USER;
DEBUG(100,("Server password set : new given value was :\n"));
@@ -296,16 +298,16 @@ uint32 _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *r_
cred_hash3( pwd, q_u->pwd, vuser->dc.sess_key, 0);
/* lies! nt and lm passwords are _not_ the same: don't care */
- smb_pass->smb_passwd = pwd;
- smb_pass->smb_nt_passwd = pwd;
- smb_pass->acct_ctrl = ACB_WSTRUST;
-
+ pdb_set_lanman_passwd (sampass, pwd);
+ pdb_set_nt_passwd (sampass, pwd);
+ pdb_set_acct_ctrl (sampass, ACB_WSTRUST);
+
become_root();
- ret = mod_smbpwd_entry(smb_pass,False);
+ ret = pdb_update_sam_account (sampass,False);
unbecome_root();
-
- if (!ret)
- status = NT_STATUS_WRONG_PASSWORD;
+
+ if (ret)
+ status = NT_STATUS_NOPROBLEMO;
/* set up the LSA Server Password Set response */
init_net_r_srv_pwset(r_u, &srv_cred, status);
@@ -347,7 +349,7 @@ uint32 _net_sam_logoff(pipes_struct *p, NET_Q_SAM_LOGOFF *q_u, NET_R_SAM_LOGOFF
net_login_interactive:
*************************************************************************/
-static uint32 net_login_interactive(NET_ID_INFO_1 *id1, struct smb_passwd *smb_pass, user_struct *vuser)
+static uint32 net_login_interactive(NET_ID_INFO_1 *id1, SAM_ACCOUNT *sampass, user_struct *vuser)
{
uint32 status = 0x0;
@@ -383,9 +385,8 @@ static uint32 net_login_interactive(NET_ID_INFO_1 *id1, struct smb_passwd *smb_p
dump_data(100, nt_pwd, 16);
#endif
- if (memcmp(smb_pass->smb_passwd , lm_pwd, 16) != 0 ||
- memcmp(smb_pass->smb_nt_passwd, nt_pwd, 16) != 0)
- {
+ if (memcmp(pdb_get_lanman_passwd(sampass), lm_pwd, 16) != 0 ||
+ memcmp(pdb_get_nt_passwd(sampass), nt_pwd, 16) != 0) {
status = NT_STATUS_WRONG_PASSWORD;
}
@@ -396,8 +397,10 @@ static uint32 net_login_interactive(NET_ID_INFO_1 *id1, struct smb_passwd *smb_p
_net_login_network:
*************************************************************************/
-static uint32 net_login_network(NET_ID_INFO_2 *id2, struct smb_passwd *smb_pass)
+static uint32 net_login_network(NET_ID_INFO_2 *id2, SAM_ACCOUNT *sampass)
{
+ BYTE *nt_pwd, *lanman_pwd;
+
DEBUG(5,("net_login_network: lm_len: %d nt_len: %d\n",
id2->hdr_lm_chal_resp.str_str_len,
id2->hdr_nt_chal_resp.str_str_len));
@@ -405,13 +408,13 @@ static uint32 net_login_network(NET_ID_INFO_2 *id2, struct smb_passwd *smb_pass)
/* JRA. Check the NT password first if it exists - this is a higher quality
password, if it exists and it doesn't match - fail. */
- if (id2->hdr_nt_chal_resp.str_str_len == 24 &&
- smb_pass->smb_nt_passwd != NULL)
- {
+ nt_pwd = pdb_get_nt_passwd(sampass);
+ lanman_pwd = pdb_get_lanman_passwd(sampass);
+
+ if (id2->hdr_nt_chal_resp.str_str_len == 24 && nt_pwd) {
if(smb_password_check((char *)id2->nt_chal_resp.buffer,
- smb_pass->smb_nt_passwd,
- id2->lm_chal))
- return 0x0;
+ nt_pwd, id2->lm_chal))
+ return NT_STATUS_NOPROBLEMO;
else
return NT_STATUS_WRONG_PASSWORD;
}
@@ -424,14 +427,10 @@ static uint32 net_login_network(NET_ID_INFO_2 *id2, struct smb_passwd *smb_pass)
not do, for various security-hole reasons).
*/
- if (id2->hdr_lm_chal_resp.str_str_len == 24 &&
+ if (id2->hdr_lm_chal_resp.str_str_len == 24 && lanman_pwd &&
smb_password_check((char *)id2->lm_chal_resp.buffer,
- smb_pass->smb_passwd,
- id2->lm_chal))
- {
- return 0x0;
- }
-
+ lanman_pwd, id2->lm_chal))
+ return NT_STATUS_NOPROBLEMO;
/* oops! neither password check succeeded */
@@ -448,11 +447,10 @@ uint32 _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *r_
uint16 vuid = p->vuid;
NET_USER_INFO_3 *usr_info = NULL;
DOM_CRED srv_cred;
- struct smb_passwd *smb_pass = NULL;
- struct sam_passwd *sam_pass = NULL;
+ SAM_ACCOUNT *sampass = NULL;
+ uint16 acct_ctrl;
UNISTR2 *uni_samlogon_user = NULL;
fstring nt_username;
- struct passwd *pw;
user_struct *vuser = NULL;
usr_info = (NET_USER_INFO_3 *)talloc(p->mem_ctx, sizeof(NET_USER_INFO_3));
@@ -499,33 +497,30 @@ uint32 _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *r_
map_username(nt_username);
- /*
- * Do any case conversions.
- */
-
- pw=Get_Pwnam(nt_username, True);
-
+ /* get the account information */
become_root();
- sam_pass = getsam21pwnam(nt_username);
- smb_pass = getsmbpwnam(nt_username);
+ sampass = pdb_getsampwnam(nt_username);
unbecome_root();
-
- if (smb_pass == NULL)
+
+ if (sampass == NULL)
return NT_STATUS_NO_SUCH_USER;
- else if (smb_pass->acct_ctrl & ACB_DISABLED)
+
+ acct_ctrl = pdb_get_acct_ctrl(sampass);
+
+ if (acct_ctrl & ACB_DISABLED)
return NT_STATUS_ACCOUNT_DISABLED;
/* Validate password - if required. */
- if (!(smb_pass->acct_ctrl & ACB_PWNOTREQ)) {
+ if (!(acct_ctrl & ACB_PWNOTREQ)) {
switch (q_u->sam_id.logon_level) {
case INTERACTIVE_LOGON_TYPE:
/* interactive login. */
- status = net_login_interactive(&q_u->sam_id.ctr->auth.id1, smb_pass, vuser);
+ status = net_login_interactive(&q_u->sam_id.ctr->auth.id1, sampass, vuser);
break;
case NET_LOGON_TYPE:
/* network login. lm challenge and 24 byte responses */
- status = net_login_network(&q_u->sam_id.ctr->auth.id2, smb_pass);
+ status = net_login_network(&q_u->sam_id.ctr->auth.id2, sampass);
break;
}
}
@@ -538,58 +533,25 @@ uint32 _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *r_
record that the user is logged in to the domain.
*/
- /* return the profile plus other bits :-) */
-
{
DOM_GID *gids = NULL;
int num_gids = 0;
- NTTIME dummy_time;
- pstring logon_script;
- pstring profile_path;
- pstring home_dir;
- pstring home_drive;
pstring my_name;
pstring my_workgroup;
pstring domain_groups;
- uint32 r_uid;
- uint32 r_gid;
- fstring full_name;
/* set up pointer indicating user/password failed to be found */
usr_info->ptr_user_info = 0;
- dummy_time.low = 0xffffffff;
- dummy_time.high = 0x7fffffff;
-
/* XXXX hack to get standard_sub_basic() to use sam logon username */
/* possibly a better way would be to do a become_user() call */
sam_logon_in_ssb = True;
pstrcpy(samlogon_user, nt_username);
- pstrcpy(logon_script, sam_pass->logon_script);
- standard_sub_advanced(-1, nt_username, "", pw->pw_gid, logon_script);
-
- pstrcpy(profile_path, sam_pass->profile_path);
- standard_sub_advanced(-1, nt_username, "", pw->pw_gid, profile_path);
-
pstrcpy(my_workgroup, lp_workgroup());
-
- pstrcpy(home_drive, sam_pass->dir_drive);
- standard_sub_advanced(-1, nt_username, "", pw->pw_gid, home_drive);
-
- pstrcpy(home_dir, sam_pass->home_dir);
- standard_sub_advanced(-1, nt_username, "", pw->pw_gid, home_dir);
-
pstrcpy(my_name, global_myname);
strupper(my_name);
- pstrcpy(full_name, sam_pass->full_name );
- if( !*full_name ) {
- fstrcpy(full_name, "<Full Name>");
- if (lp_unix_realname())
- fstrcpy(full_name, strtok(pw->pw_gecos, ","));
- }
-
/*
* This is the point at which we get the group
* database - we should be getting the gid_t list
@@ -608,41 +570,17 @@ uint32 _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *r_
sam_logon_in_ssb = False;
- if (pdb_name_to_rid(nt_username, &r_uid, &r_gid))
- init_net_user_info3(p->mem_ctx, usr_info,
- &dummy_time, /* logon_time */
- &dummy_time, /* logoff_time */
- &dummy_time, /* kickoff_time */
- &dummy_time, /* pass_last_set_time */
- &dummy_time, /* pass_can_change_time */
- &dummy_time, /* pass_must_change_time */
-
- nt_username , /* user_name */
- full_name, /* full_name */
- logon_script , /* logon_script */
- profile_path , /* profile_path */
- home_dir , /* home_dir */
- home_drive , /* dir_drive */
-
- 0, /* logon_count */
- 0, /* bad_pw_count */
-
- r_uid , /* RID user_id */
- r_gid , /* RID group_id */
- num_gids, /* uint32 num_groups */
- gids , /* DOM_GID *gids */
- 0x20 , /* uint32 user_flgs (?) */
-
- NULL, /* char sess_key[16] */
-
- my_name , /* char *logon_srv */
- my_workgroup, /* char *logon_dom */
-
- &global_sam_sid, /* DOM_SID *dom_sid */
- NULL); /* char *other_sids */
- else
- return NT_STATUS_NO_SUCH_USER;
-
+ init_net_user_info3(p->mem_ctx, usr_info, sampass,
+ 0, /* logon_count */
+ 0, /* bad_pw_count */
+ num_gids, /* uint32 num_groups */
+ gids , /* DOM_GID *gids */
+ 0x20 , /* uint32 user_flgs (?) */
+ NULL, /* char sess_key[16] */
+ my_name , /* char *logon_srv */
+ my_workgroup, /* char *logon_dom */
+ &global_sam_sid, /* DOM_SID *dom_sid */
+ NULL); /* char *other_sids */
}
/* XXXX maybe we want to say 'no', reject the client's credentials */
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index dcefeed8b9..bc5b2ab473 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -1,4 +1,3 @@
-#define OLD_NTDOMAIN 1
/*
* Unix SMB/Netbios implementation.
* Version 1.9.
@@ -270,9 +269,9 @@ static BOOL api_pipe_ntlmssp_verify(pipes_struct *p, RPC_AUTH_NTLMSSP_RESP *ntlm
fstring domain;
fstring wks;
BOOL guest_user = False;
- SAM_ACCOUNT *sam_pass = NULL;
- BYTE null_smb_passwd[16];
- BYTE *smb_passwd_ptr = NULL;
+ SAM_ACCOUNT *sampass = NULL;
+ uchar null_smb_passwd[16];
+ uchar *smb_passwd_ptr = NULL;
DEBUG(5,("api_pipe_ntlmssp_verify: checking user details\n"));
@@ -358,18 +357,6 @@ static BOOL api_pipe_ntlmssp_verify(pipes_struct *p, RPC_AUTH_NTLMSSP_RESP *ntlm
return False;
}
-/* unnecessary as the passdb validates the user before returning --jerry */
-#if 0
- /*
- * Find the user in the unix password db.
- */
-
- if(!(pass = Get_Pwnam(pipe_user_name,True))) {
- DEBUG(1,("Couldn't find user '%s' in UNIX password database.\n",pipe_user_name));
- return(False);
- }
-
-#endif /* 0 */
if(!guest_user) {
@@ -383,8 +370,8 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name
return False;
}
- if(!(sam_pass = pdb_getsampwnam(pipe_user_name))) {
- DEBUG(1,("api_pipe_ntlmssp_verify: Cannot find user %s in passdb.\n",
+ if(!(sampass = pdb_getsampwnam(pipe_user_name))) {
+ DEBUG(1,("api_pipe_ntlmssp_verify: Cannot find user %s in smb passwd database.\n",
pipe_user_name));
unbecome_root();
return False;
@@ -392,24 +379,18 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name
unbecome_root();
- if (sam_pass == NULL) {
- DEBUG(1,("api_pipe_ntlmssp_verify: Couldn't find user '%s' in passdb.\n",
- pipe_user_name));
- return(False);
- }
-
- /* Quit if the account was disabled. */
- if((pdb_get_acct_ctrl(sam_pass) & ACB_DISABLED) || !pdb_get_lanman_passwd(sam_pass)) {
- DEBUG(1,("Account for user '%s' was disabled.\n", pipe_user_name));
- return(False);
- }
-
- if(!pdb_get_nt_passwd(sam_pass)) {
- DEBUG(1,("Account for user '%s' has no NT password hash.\n", pipe_user_name));
- return(False);
- }
-
- smb_passwd_ptr = pdb_get_lanman_passwd(sam_pass);
+ /* Quit if the account was disabled. */
+ if((pdb_get_acct_ctrl(sampass) & ACB_DISABLED) || !pdb_get_lanman_passwd(sampass)) {
+ DEBUG(1,("Account for user '%s' was disabled.\n", pipe_user_name));
+ return(False);
+ }
+
+ if(!pdb_get_nt_passwd(sampass)) {
+ DEBUG(1,("Account for user '%s' has no NT password hash.\n", pipe_user_name));
+ return(False);
+ }
+
+ smb_passwd_ptr = pdb_get_lanman_passwd(sampass);
}
/*
@@ -459,18 +440,18 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name
/*
* Store the UNIX credential data (uid/gid pair) in the pipe structure.
*/
- p->pipe_user.uid = pdb_get_uid(sam_pass);
- p->pipe_user.gid = pdb_get_gid(sam_pass);
+
+ p->pipe_user.uid = pdb_get_uid(sampass);
+ p->pipe_user.gid = pdb_get_uid(sampass);
/* Set up pipe user group membership. */
initialise_groups(pipe_user_name, p->pipe_user.uid, p->pipe_user.gid);
get_current_groups( &p->pipe_user.ngroups, &p->pipe_user.groups);
/* Create an NT_USER_TOKEN struct for this user. */
- p->pipe_user.nt_user_token =
- create_nt_token(p->pipe_user.uid,p->pipe_user.gid,
- p->pipe_user.ngroups, p->pipe_user.groups,
- guest_user);
+ p->pipe_user.nt_user_token = create_nt_token(p->pipe_user.uid,p->pipe_user.gid,
+ p->pipe_user.ngroups, p->pipe_user.groups,
+ guest_user);
p->ntlmssp_auth_validated = True;
return True;
@@ -1148,7 +1129,9 @@ BOOL api_pipe_request(pipes_struct *p)
if (strequal(api_fd_commands[i].pipe_clnt_name, p->name) &&
api_fd_commands[i].fn != NULL) {
DEBUG(3,("Doing \\PIPE\\%s\n", api_fd_commands[i].pipe_clnt_name));
+ set_current_rpc_talloc(p->mem_ctx);
ret = api_fd_commands[i].fn(p);
+ set_current_rpc_talloc(NULL);
}
}
@@ -1222,7 +1205,7 @@ BOOL api_rpcTNP(pipes_struct *p, char *rpc_name,
DEBUG(10, ("api_rpcTNP: rpc input buffer underflow (parse error?)\n"));
if (data) {
- prs_uint8s(False, "", &p->in_data.data, 0, data,
+ prs_uint8s(False, "", &p->in_data.data, 0, (unsigned char *)data,
data_len);
free(data);
}
@@ -1231,5 +1214,3 @@ BOOL api_rpcTNP(pipes_struct *p, char *rpc_name,
return True;
}
-
-#undef OLD_NTDOMAIN
diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c
index 5545071913..cd072122f3 100644
--- a/source3/rpc_server/srv_pipe_hnd.c
+++ b/source3/rpc_server/srv_pipe_hnd.c
@@ -1,4 +1,3 @@
-#define OLD_NTDOMAIN 1
/*
* Unix SMB/Netbios implementation.
* Version 1.9.
@@ -40,6 +39,20 @@ static int pipes_open;
static pipes_struct *Pipes;
static struct bitmap *bmap;
+/****************************************************************************
+ Pipe iterator functions.
+****************************************************************************/
+
+pipes_struct *get_first_pipe(void)
+{
+ return Pipes;
+}
+
+pipes_struct *get_next_pipe(pipes_struct *p)
+{
+ return p->next;
+}
+
/* this must be larger than the sum of the open files and directories */
static int pipe_handle_offset;
@@ -135,7 +148,7 @@ pipes_struct *open_rpc_pipe_p(char *pipe_name,
next_pipe = (i+1) % MAX_OPEN_PIPES;
for (p = Pipes; p; p = p->next)
- DEBUG(5,("open pipes: name %s pnum=%x\n", p->name, p->pnum));
+ DEBUG(5,("open_rpc_pipe_p: name %s pnum=%x\n", p->name, p->pnum));
p = (pipes_struct *)malloc(sizeof(*p));
@@ -150,6 +163,8 @@ pipes_struct *open_rpc_pipe_p(char *pipe_name,
return NULL;
}
+ init_pipe_handles(p);
+
DLIST_ADD(Pipes, p);
/*
@@ -380,6 +395,23 @@ static ssize_t unmarshall_rpc_header(pipes_struct *p)
}
/****************************************************************************
+ Call this to free any talloc'ed memory. Do this before and after processing
+ a complete PDU.
+****************************************************************************/
+
+void free_pipe_context(pipes_struct *p)
+{
+ if (p->mem_ctx) {
+ DEBUG(3,("free_pipe_context: destroying talloc pool of size %u\n", talloc_pool_size(p->mem_ctx) ));
+ talloc_destroy_pool(p->mem_ctx);
+ } else {
+ p->mem_ctx = talloc_init();
+ if (p->mem_ctx == NULL)
+ p->fault_state = True;
+ }
+}
+
+/****************************************************************************
Processes a request pdu. This will do auth processing if needed, and
appends the data into the complete stream if the LAST flag is not set.
****************************************************************************/
@@ -487,9 +519,13 @@ authentication failed. Denying the request.\n", p->name));
* Process the complete data stream here.
*/
+ free_pipe_context(p);
+
if(pipe_init_outgoing_data(p))
ret = api_pipe_request(p);
+ free_pipe_context(p);
+
/*
* We have consumed the whole data stream. Set back to
* marshalling and set the offset back to the start of
@@ -780,23 +816,6 @@ returning %d bytes.\n", p->name, (unsigned int)p->out_data.current_pdu_len,
out:
- if(p->out_data.data_sent_length >= prs_offset(&p->out_data.rdata)) {
- /*
- * We have copied all possible data into the current_pdu. This RPC is finished.
- * Reset the talloc context to free any allocated data from this RPC.
- */
-
- if (p->mem_ctx) {
- DEBUG(3,("read_from_pipe: destroying talloc pool of size %u\n", talloc_pool_size(p->mem_ctx) ));
- talloc_destroy_pool(p->mem_ctx);
- } else {
- p->mem_ctx = talloc_init();
- if (p->mem_ctx == NULL)
- p->fault_state = True;
- }
-
- }
-
return data_returned;
}
@@ -865,6 +884,9 @@ BOOL close_rpc_pipe_hnd(pipes_struct *p, connection_struct *conn)
if (p->mem_ctx)
talloc_destroy(p->mem_ctx);
+ /* Free the handles database. */
+ close_policy_by_pipe(p);
+
bitmap_clear(bmap, p->pnum - pipe_handle_offset);
pipes_open--;
@@ -921,4 +943,3 @@ pipes_struct *get_rpc_pipe(int pnum)
return NULL;
}
-#undef OLD_NTDOMAIN
diff --git a/source3/rpc_server/srv_reg.c b/source3/rpc_server/srv_reg.c
index 1ca9963cd4..65f0e2304c 100644
--- a/source3/rpc_server/srv_reg.c
+++ b/source3/rpc_server/srv_reg.c
@@ -1,4 +1,3 @@
-#define OLD_NTDOMAIN 1
/*
* Unix SMB/Netbios implementation.
* Version 1.9.
@@ -156,4 +155,3 @@ BOOL api_reg_rpc(pipes_struct *p)
{
return api_rpcTNP(p, "api_reg_rpc", api_reg_cmds);
}
-#undef OLD_NTDOMAIN
diff --git a/source3/rpc_server/srv_reg_nt.c b/source3/rpc_server/srv_reg_nt.c
index 4bd97abb65..4f941e3e1b 100644
--- a/source3/rpc_server/srv_reg_nt.c
+++ b/source3/rpc_server/srv_reg_nt.c
@@ -1,4 +1,3 @@
-#define OLD_NTDOMAIN 1
/*
* Unix SMB/Netbios implementation.
* Version 1.9.
@@ -30,6 +29,19 @@
extern int DEBUGLEVEL;
+struct reg_info
+{
+ /* for use by \PIPE\winreg */
+ fstring name; /* name of registry key */
+};
+
+static void free_reg_info(void *ptr)
+{
+ struct reg_info *info = (struct reg_info *)ptr;
+
+ safe_free(info);
+}
+
/*******************************************************************
reg_reply_unknown_1
********************************************************************/
@@ -40,7 +52,7 @@ uint32 _reg_close(pipes_struct *p, REG_Q_CLOSE *q_u, REG_R_CLOSE *r_u)
ZERO_STRUCT(r_u->pol);
/* close the policy handle */
- if (!close_lsa_policy_hnd(&q_u->pol))
+ if (!close_policy_hnd(p, &q_u->pol))
return NT_STATUS_OBJECT_NAME_INVALID;
return NT_STATUS_NOPROBLEMO;
@@ -52,7 +64,7 @@ uint32 _reg_close(pipes_struct *p, REG_Q_CLOSE *q_u, REG_R_CLOSE *r_u)
uint32 _reg_open(pipes_struct *p, REG_Q_OPEN_HKLM *q_u, REG_R_OPEN_HKLM *r_u)
{
- if (!open_lsa_policy_hnd(&r_u->pol))
+ if (!create_policy_hnd(p, &r_u->pol, free_reg_info, NULL))
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
return NT_STATUS_NOPROBLEMO;
@@ -66,15 +78,13 @@ uint32 _reg_open_entry(pipes_struct *p, REG_Q_OPEN_ENTRY *q_u, REG_R_OPEN_ENTRY
{
POLICY_HND pol;
fstring name;
+ struct reg_info *info = NULL;
DEBUG(5,("reg_open_entry: %d\n", __LINE__));
- if (find_lsa_policy_by_hnd(&q_u->pol) == -1)
+ if (!find_policy_by_hnd(p, &q_u->pol, NULL))
return NT_STATUS_INVALID_HANDLE;
- if (!open_lsa_policy_hnd(&pol))
- return NT_STATUS_TOO_MANY_SECRETS; /* ha ha very droll */
-
fstrcpy(name, dos_unistrn2(q_u->uni_name.buffer, q_u->uni_name.uni_str_len));
DEBUG(5,("reg_open_entry: %s\n", name));
@@ -84,7 +94,13 @@ uint32 _reg_open_entry(pipes_struct *p, REG_Q_OPEN_ENTRY *q_u, REG_R_OPEN_ENTRY
!strequal(name, "System\\CurrentControlSet\\services\\Netlogon\\parameters\\"))
return NT_STATUS_ACCESS_DENIED;
- if (!set_lsa_policy_reg_name(&pol, name))
+ if ((info = (struct reg_info *)malloc(sizeof(struct reg_info))) == NULL)
+ return NT_STATUS_NO_MEMORY;
+
+ ZERO_STRUCTP(info);
+ fstrcpy(info->name, name);
+
+ if (!create_policy_hnd(p, &pol, free_reg_info, (void *)info))
return NT_STATUS_TOO_MANY_SECRETS; /* ha ha very droll */
init_reg_r_open_entry(r_u, &pol, NT_STATUS_NOPROBLEMO);
@@ -110,7 +126,7 @@ uint32 _reg_info(pipes_struct *p, REG_Q_INFO *q_u, REG_R_INFO *r_u)
DEBUG(5,("_reg_info: %d\n", __LINE__));
- if (find_lsa_policy_by_hnd(&q_u->pol) == -1)
+ if (find_policy_by_hnd(p, &q_u->pol, NULL) == -1)
return NT_STATUS_INVALID_HANDLE;
fstrcpy(name, dos_unistrn2(q_u->uni_type.buffer, q_u->uni_type.uni_str_len));
@@ -161,4 +177,3 @@ uint32 _reg_info(pipes_struct *p, REG_Q_INFO *q_u, REG_R_INFO *r_u)
return status;
}
-#undef OLD_NTDOMAIN
diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c
index 2f4143bd6a..828e2e5595 100644
--- a/source3/rpc_server/srv_samr.c
+++ b/source3/rpc_server/srv_samr.c
@@ -1,4 +1,3 @@
-#define OLD_NTDOMAIN 1
/*
* Unix SMB/Netbios implementation.
* Version 1.9.
@@ -7,6 +6,10 @@
* Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
* Copyright (C) Paul Ashton 1997.
* Copyright (C) Hewlett-Packard Company 1999.
+ *
+ * Split into interface and implementation modules by,
+ *
+ * Copyright (C) Jeremy Allison 2001.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -23,426 +26,40 @@
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
+/*
+ * This is the interface to the SAMR code.
+ */
+
#include "includes.h"
extern int DEBUGLEVEL;
-extern fstring global_myworkgroup;
-extern pstring global_myname;
-extern DOM_SID global_sam_sid;
-
-extern rid_name domain_group_rids[];
-extern rid_name domain_alias_rids[];
-extern rid_name builtin_alias_rids[];
-
-/*******************************************************************
- This next function should be replaced with something that
- dynamically returns the correct user info..... JRA.
- ********************************************************************/
-
-static BOOL get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx,
- int *total_entries, int *num_entries,
- int max_num_entries, uint16 acb_mask)
-{
- SAM_ACCOUNT *pwd = NULL;
-
- (*num_entries) = 0;
- (*total_entries) = 0;
-
- if (pw_buf == NULL)
- return False;
-
- if (!pdb_setsampwent(False))
- {
- DEBUG(0, ("get_sampwd_entries: Unable to open passdb.\n"));
- return False;
- }
-
- while ( ((pwd=pdb_getsampwent()) != NULL) && ((*num_entries) < max_num_entries) )
- {
- int user_name_len;
-
- if (start_idx > 0) {
- /* skip the requested number of entries.
- not very efficient, but hey...
- */
- start_idx--;
- continue;
- }
-
- user_name_len = strlen(pdb_get_username(pwd))+1;
- init_unistr2(&(pw_buf[(*num_entries)].uni_user_name), pdb_get_username(pwd), user_name_len);
- init_uni_hdr(&(pw_buf[(*num_entries)].hdr_user_name), user_name_len);
- pw_buf[(*num_entries)].user_rid = pdb_get_user_rid(pwd);
- memset((char *)pw_buf[(*num_entries)].nt_pwd, '\0', 16);
-
- /* Now check if the NT compatible password is available. */
- if (pdb_get_nt_passwd(pwd) != NULL)
- {
- memcpy( pw_buf[(*num_entries)].nt_pwd , pdb_get_nt_passwd(pwd), 16);
- }
-
- pw_buf[(*num_entries)].acb_info = pdb_get_acct_ctrl(pwd);
-
- DEBUG(5, ("entry idx: %d user %s, rid 0x%x, acb %x",
- (*num_entries), pdb_get_username(pwd),
- pdb_get_user_rid(pwd), pdb_get_acct_ctrl(pwd)));
-
- if (acb_mask == 0 || (pdb_get_acct_ctrl(pwd) & acb_mask))
- {
- DEBUG(5,(" acb_mask %x accepts\n", acb_mask));
- (*num_entries)++;
- }
- else
- {
- DEBUG(5,(" acb_mask %x rejects\n", acb_mask));
- }
-
- (*total_entries)++;
- }
-
- pdb_endsampwent();
-
- return (*num_entries) > 0;
-}
-
-/*******************************************************************
- This function uses the username map file and tries to map a UNIX
- user name to an DOS name. (Sort of the reverse of the
- map_username() function.) Since more than one DOS name can map
- to the UNIX name, to reverse the mapping you have to specify
- which corresponding DOS name you want; that's where the name_idx
- parameter comes in. Returns the string requested or NULL if it
- fails or can't complete the request for any reason. This doesn't
- handle group names (starting with '@') or names starting with
- '+' or '&'. If they are encountered, they are skipped.
-********************************************************************/
-
-static char *unmap_unixname(char *unix_user_name, int name_idx)
-{
- char *mapfile = lp_username_map();
- char **lines;
- static pstring tok;
- int i;
-
- if (!*unix_user_name) return NULL;
- if (!*mapfile) return NULL;
-
- lines = file_lines_load(mapfile, NULL,False);
- if (!lines) {
- DEBUG(0,("unmap_unixname: can't open username map %s\n", mapfile));
- return NULL;
- }
-
- DEBUG(5,("unmap_unixname: scanning username map %s, index: %d\n", mapfile, name_idx));
-
- for (i=0; lines[i]; i++) {
- char *unixname = lines[i];
- char *dosname = strchr(unixname,'=');
-
- if (!dosname)
- continue;
-
- *dosname++ = 0;
-
- while (isspace(*unixname))
- unixname++;
- if ('!' == *unixname) {
- unixname++;
- while (*unixname && isspace(*unixname))
- unixname++;
- }
-
- if (!*unixname || strchr("#;",*unixname))
- continue;
-
- if (strncmp(unixname, unix_user_name, strlen(unix_user_name)))
- continue;
-
- /* We have matched the UNIX user name */
-
- while(next_token(&dosname, tok, LIST_SEP, sizeof(tok))) {
- if (!strchr("@&+", *tok)) {
- name_idx--;
- if (name_idx < 0 ) {
- break;
- }
- }
- }
-
- if (name_idx >= 0) {
- DEBUG(0,("unmap_unixname: index too high - not that many DOS names\n"));
- file_lines_free(lines);
- return NULL;
- } else {
- file_lines_free(lines);
- return tok;
- }
- }
-
- DEBUG(0,("unmap_unixname: Couldn't find the UNIX user name\n"));
- file_lines_free(lines);
- return NULL;
-}
-
-/*******************************************************************
- This function sets up a list of users taken from the list of
- users that UNIX knows about, as well as all the user names that
- Samba maps to a valid UNIX user name. (This should work with
- /etc/passwd or NIS.)
-********************************************************************/
-
-static BOOL get_passwd_entries(SAM_USER_INFO_21 *pw_buf,
- int start_idx,
- int *total_entries, int *num_entries,
- int max_num_entries,
- uint16 acb_mask)
-{
- static struct passwd *pwd = NULL;
- static uint32 pw_rid;
- static BOOL orig_done = False;
- static int current_idx = 0;
- static int mapped_idx = 0;
- char *sep;
-
- DEBUG(5, ("get_passwd_entries: retrieving a list of UNIX users\n"));
-
- (*num_entries) = 0;
- (*total_entries) = 0;
-
- /* Skip all this stuff if we're in appliance mode */
-
- if (lp_hide_local_users()) goto done;
-
- if (pw_buf == NULL) return False;
-
- if (current_idx == 0) {
- sys_setpwent();
- }
-
- /* These two cases are inefficient, but should be called very rarely */
- /* they are the cases where the starting index isn't picking up */
- /* where we left off last time. It is efficient when it starts over */
- /* at zero though. */
- if (start_idx > current_idx) {
- /* We aren't far enough; advance to start_idx */
- while (current_idx < start_idx) {
- char *unmap_name;
-
- if(!orig_done) {
- if ((pwd = sys_getpwent()) == NULL) break;
- current_idx++;
- orig_done = True;
- }
-
- while (((unmap_name = unmap_unixname(pwd->pw_name, mapped_idx)) != NULL) &&
- (current_idx < start_idx)) {
- current_idx++;
- mapped_idx++;
- }
-
- if (unmap_name == NULL) {
- orig_done = False;
- mapped_idx = 0;
- }
- }
- } else if (start_idx < current_idx) {
- /* We are already too far; start over and advance to start_idx */
- sys_endpwent();
- sys_setpwent();
- current_idx = 0;
- mapped_idx = 0;
- orig_done = False;
- while (current_idx < start_idx) {
- char *unmap_name;
-
- if(!orig_done) {
- if ((pwd = sys_getpwent()) == NULL) break;
- current_idx++;
- orig_done = True;
- }
-
- while (((unmap_name = unmap_unixname(pwd->pw_name, mapped_idx)) != NULL) &&
- (current_idx < start_idx)) {
- current_idx++;
- mapped_idx++;
- }
-
- if (unmap_name == NULL) {
- orig_done = False;
- mapped_idx = 0;
- }
- }
- }
-
- sep = lp_winbind_separator();
-
- /* now current_idx == start_idx */
- while ((*num_entries) < max_num_entries) {
- int user_name_len;
- char *unmap_name;
-
- /* This does the original UNIX user itself */
- if(!orig_done) {
- if ((pwd = sys_getpwent()) == NULL) break;
-
- /* Don't enumerate winbind users as they are not local */
-
- if (strchr(pwd->pw_name, *sep) != NULL) {
- continue;
- }
-
- user_name_len = strlen(pwd->pw_name);
- pw_rid = pdb_uid_to_user_rid(pwd->pw_uid);
- ZERO_STRUCTP(&pw_buf[(*num_entries)]);
- init_unistr2(&(pw_buf[(*num_entries)].uni_user_name), pwd->pw_name, user_name_len);
- init_uni_hdr(&(pw_buf[(*num_entries)].hdr_user_name), user_name_len);
- pw_buf[(*num_entries)].user_rid = pw_rid;
- memset((char *)pw_buf[(*num_entries)].nt_pwd, '\0', 16);
-
- pw_buf[(*num_entries)].acb_info = ACB_NORMAL;
-
- DEBUG(5, ("get_passwd_entries: entry idx %d user %s, rid 0x%x\n", (*num_entries), pwd->pw_name, pw_rid));
-
- (*num_entries)++;
- (*total_entries)++;
- current_idx++;
- orig_done = True;
- }
-
- /* This does all the user names that map to the UNIX user */
- while (((unmap_name = unmap_unixname(pwd->pw_name, mapped_idx)) != NULL) &&
- (*num_entries < max_num_entries)) {
- user_name_len = strlen(unmap_name);
- ZERO_STRUCTP(&pw_buf[(*num_entries)]);
- init_unistr2(&(pw_buf[(*num_entries)].uni_user_name), unmap_name, user_name_len);
- init_uni_hdr(&(pw_buf[(*num_entries)].hdr_user_name), user_name_len);
- pw_buf[(*num_entries)].user_rid = pw_rid;
- memset((char *)pw_buf[(*num_entries)].nt_pwd, '\0', 16);
-
- pw_buf[(*num_entries)].acb_info = ACB_NORMAL;
-
- DEBUG(5, ("get_passwd_entries: entry idx %d user %s, rid 0x%x\n", (*num_entries), pwd->pw_name, pw_rid));
-
- (*num_entries)++;
- (*total_entries)++;
- current_idx++;
- mapped_idx++;
- }
-
- if (unmap_name == NULL) {
- /* done with 'aliases', go on to next UNIX user */
- orig_done = False;
- mapped_idx = 0;
- }
- }
-
- if (pwd == NULL) {
- /* totally done, reset everything */
- sys_endpwent();
- current_idx = 0;
- mapped_idx = 0;
- }
-
-done:
- return (*num_entries) > 0;
-}
-
-/*******************************************************************
- samr_reply_unknown_1
- ********************************************************************/
-static BOOL samr_reply_close_hnd(SAMR_Q_CLOSE_HND *q_u,
- prs_struct *rdata)
-{
- SAMR_R_CLOSE_HND r_u;
-
- /* set up the SAMR unknown_1 response */
- ZERO_STRUCT(r_u.pol);
-
- /* close the policy handle */
- if (close_lsa_policy_hnd(&(q_u->pol)))
- {
- r_u.status = 0;
- }
- else
- {
- r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_INVALID;
- }
-
- DEBUG(5,("samr_reply_close_hnd: %d\n", __LINE__));
-
- /* store the response in the SMB stream */
- if(!samr_io_r_close_hnd("", &r_u, rdata, 0))
- return False;
-
- DEBUG(5,("samr_reply_close_hnd: %d\n", __LINE__));
-
- return True;
-}
-
/*******************************************************************
api_samr_close_hnd
********************************************************************/
+
static BOOL api_samr_close_hnd(pipes_struct *p)
{
SAMR_Q_CLOSE_HND q_u;
+ SAMR_R_CLOSE_HND r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- /* grab the samr unknown 1 */
- if(!samr_io_q_close_hnd("", &q_u, data, 0))
- return False;
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- /* construct reply. always indicate success */
- if(!samr_reply_close_hnd(&q_u, rdata))
+ if(!samr_io_q_close_hnd("", &q_u, data, 0)) {
+ DEBUG(0,("api_samr_close_hnd: unable to unmarshall SAMR_Q_CLOSE_HND.\n"));
return False;
-
- return True;
-}
-
-
-/*******************************************************************
- samr_reply_open_domain
- ********************************************************************/
-static BOOL samr_reply_open_domain(SAMR_Q_OPEN_DOMAIN *q_u,
- prs_struct *rdata)
-{
- SAMR_R_OPEN_DOMAIN r_u;
- BOOL pol_open = False;
-
- r_u.status = 0x0;
-
- /* find the connection policy handle. */
- if (r_u.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
- {
- r_u.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
}
- /* get a (unique) handle. open a policy on it. */
- if (r_u.status == 0x0 && !(pol_open = open_lsa_policy_hnd(&(r_u.domain_pol))))
- {
- r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
- }
-
- /* associate the domain SID with the (unique) handle. */
- if (r_u.status == 0x0 && !set_lsa_policy_samr_sid(&(r_u.domain_pol), &(q_u->dom_sid.sid)))
- {
- /* oh, whoops. don't know what error message to return, here */
- r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
- }
-
- if (r_u.status != 0 && pol_open)
- {
- close_lsa_policy_hnd(&(r_u.domain_pol));
- }
-
- DEBUG(5,("samr_open_domain: %d\n", __LINE__));
+ r_u.status = _samr_close_hnd(p, &q_u, &r_u);
/* store the response in the SMB stream */
- if(!samr_io_r_open_domain("", &r_u, rdata, 0))
+ if(!samr_io_r_close_hnd("", &r_u, rdata, 0)) {
+ DEBUG(0,("api_samr_close_hnd: unable to marshall SAMR_R_CLOSE_HND.\n"));
return False;
-
- DEBUG(5,("samr_open_domain: %d\n", __LINE__));
+ }
return True;
}
@@ -450,569 +67,189 @@ static BOOL samr_reply_open_domain(SAMR_Q_OPEN_DOMAIN *q_u,
/*******************************************************************
api_samr_open_domain
********************************************************************/
+
static BOOL api_samr_open_domain(pipes_struct *p)
{
SAMR_Q_OPEN_DOMAIN q_u;
+ SAMR_R_OPEN_DOMAIN r_u;
+
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- /* grab the samr open */
- if(!samr_io_q_open_domain("", &q_u, data, 0))
- return False;
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- /* construct reply. always indicate success */
- if(!samr_reply_open_domain(&q_u, rdata))
+ if(!samr_io_q_open_domain("", &q_u, data, 0)) {
+ DEBUG(0,("api_samr_open_domain: unable to unmarshall SAMR_Q_OPEN_DOMAIN.\n"));
return False;
-
- return True;
-}
-
-
-/*******************************************************************
- samr_reply_unknown_2c
- ********************************************************************/
-static BOOL samr_reply_unknown_2c(SAMR_Q_UNKNOWN_2C *q_u,
- prs_struct *rdata)
-{
- SAMR_R_UNKNOWN_2C r_u;
- uint32 status = 0x0;
-
- /* find the policy handle. open a policy on it. */
- if (status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->user_pol)) == -1))
- {
- status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
- }
-
- /* find the user's rid */
- if ((status == 0x0) && (get_lsa_policy_samr_rid(&(q_u->user_pol)) == 0xffffffff))
- {
- status = NT_STATUS_OBJECT_TYPE_MISMATCH;
}
- init_samr_r_unknown_2c(&r_u, status);
-
- DEBUG(5,("samr_unknown_2c: %d\n", __LINE__));
+ r_u.status = _samr_open_domain(p, &q_u, &r_u);
/* store the response in the SMB stream */
- if(!samr_io_r_unknown_2c("", &r_u, rdata, 0))
+ if(!samr_io_r_open_domain("", &r_u, rdata, 0)) {
+ DEBUG(0,("api_samr_open_domain: unable to marshall SAMR_R_OPEN_DOMAIN.\n"));
return False;
-
- DEBUG(5,("samr_unknown_2c: %d\n", __LINE__));
+ }
return True;
}
/*******************************************************************
- api_samr_unknown_2c
+ api_samr_get_usrdom_pwinfo
********************************************************************/
-static BOOL api_samr_unknown_2c(pipes_struct *p)
+
+static BOOL api_samr_get_usrdom_pwinfo(pipes_struct *p)
{
- SAMR_Q_UNKNOWN_2C q_u;
+ SAMR_Q_GET_USRDOM_PWINFO q_u;
+ SAMR_R_GET_USRDOM_PWINFO r_u;
+
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- /* grab the samr open */
- if(!samr_io_q_unknown_2c("", &q_u, data, 0))
- return False;
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- /* construct reply. always indicate success */
- if(!samr_reply_unknown_2c(&q_u, rdata))
+ if(!samr_io_q_get_usrdom_pwinfo("", &q_u, data, 0))
return False;
- return True;
-}
-
-
-/*******************************************************************
- samr_reply_unknown_3
- ********************************************************************/
-static BOOL samr_reply_unknown_3(SAMR_Q_UNKNOWN_3 *q_u,
- prs_struct *rdata)
-{
- SAMR_R_UNKNOWN_3 r_u;
- DOM_SID3 sid[MAX_SAM_SIDS];
- uint32 rid;
- uint32 status;
-
- status = 0x0;
-
- /* find the policy handle. open a policy on it. */
- if (status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->user_pol)) == -1))
- {
- status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
- }
-
- /* find the user's rid */
- if (status == 0x0 && (rid = get_lsa_policy_samr_rid(&(q_u->user_pol))) == 0xffffffff)
- {
- status = NT_STATUS_OBJECT_TYPE_MISMATCH;
- }
-
- if (status == 0x0)
- {
- DOM_SID user_sid;
- DOM_SID everyone_sid;
-
- user_sid = global_sam_sid;
-
- SMB_ASSERT_ARRAY(user_sid.sub_auths, user_sid.num_auths+1);
-
- /*
- * Add the user RID.
- */
- user_sid.sub_auths[user_sid.num_auths++] = rid;
-
- string_to_sid(&everyone_sid, "S-1-1");
-
- /* maybe need another 1 or 2 (S-1-5-0x20-0x220 and S-1-5-20-0x224) */
- /* these two are DOMAIN_ADMIN and DOMAIN_ACCT_OP group RIDs */
- init_dom_sid3(&(sid[0]), 0x035b, 0x0002, &everyone_sid);
- init_dom_sid3(&(sid[1]), 0x0044, 0x0002, &user_sid);
- }
-
- init_samr_r_unknown_3(&r_u,
- 0x0001, 0x8004,
- 0x00000014, 0x0002, 0x0070,
- 2, sid, status);
-
- DEBUG(5,("samr_unknown_3: %d\n", __LINE__));
+ r_u.status = _samr_get_usrdom_pwinfo(p, &q_u, &r_u);
- /* store the response in the SMB stream */
- if(!samr_io_r_unknown_3("", &r_u, rdata, 0))
+ if(!samr_io_r_get_usrdom_pwinfo("", &r_u, rdata, 0))
return False;
- DEBUG(5,("samr_unknown_3: %d\n", __LINE__));
-
return True;
}
/*******************************************************************
- api_samr_unknown_3
+ api_samr_query_sec_obj
********************************************************************/
-static BOOL api_samr_unknown_3(pipes_struct *p)
+
+static BOOL api_samr_query_sec_obj(pipes_struct *p)
{
- SAMR_Q_UNKNOWN_3 q_u;
+ SAMR_Q_QUERY_SEC_OBJ q_u;
+ SAMR_R_QUERY_SEC_OBJ r_u;
+
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- /* grab the samr open */
- if(!samr_io_q_unknown_3("", &q_u, data, 0))
- return False;
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- /* construct reply. always indicate success */
- if(!samr_reply_unknown_3(&q_u, rdata))
+ if(!samr_io_q_query_sec_obj("", &q_u, data, 0))
return False;
- return True;
-}
-
+ r_u.status = _samr_query_sec_obj(p, &q_u, &r_u);
-/*******************************************************************
- samr_reply_enum_dom_users
- ********************************************************************/
-static BOOL samr_reply_enum_dom_users(SAMR_Q_ENUM_DOM_USERS *q_u,
- prs_struct *rdata)
-{
- SAMR_R_ENUM_DOM_USERS r_e;
- SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES];
- int num_entries;
- int total_entries;
-
- ZERO_STRUCT(r_e);
-
- r_e.status = 0x0;
- r_e.total_num_entries = 0;
-
- /* find the policy handle. open a policy on it. */
- if (r_e.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
- {
- r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
- }
-
- DEBUG(5,("samr_reply_enum_dom_users: %d\n", __LINE__));
-
- become_root();
- get_sampwd_entries(pass, 0, &total_entries, &num_entries, MAX_SAM_ENTRIES, q_u->acb_mask);
- unbecome_root();
-
- init_samr_r_enum_dom_users(&r_e, total_entries,
- q_u->unknown_0, num_entries,
- pass, r_e.status);
-
- /* store the response in the SMB stream */
- if(!samr_io_r_enum_dom_users("", &r_e, rdata, 0))
+ if(!samr_io_r_query_sec_obj("", &r_u, rdata, 0))
return False;
- DEBUG(5,("samr_enum_dom_users: %d\n", __LINE__));
-
return True;
}
/*******************************************************************
api_samr_enum_dom_users
********************************************************************/
+
static BOOL api_samr_enum_dom_users(pipes_struct *p)
{
- SAMR_Q_ENUM_DOM_USERS q_e;
+ SAMR_Q_ENUM_DOM_USERS q_u;
+ SAMR_R_ENUM_DOM_USERS r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- /* grab the samr open */
- if(!samr_io_q_enum_dom_users("", &q_e, data, 0))
- return False;
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- /* construct reply. */
- if(!samr_reply_enum_dom_users(&q_e, rdata))
+ /* grab the samr open */
+ if(!samr_io_q_enum_dom_users("", &q_u, data, 0))
return False;
- return True;
-}
-
-/*******************************************************************
- samr_reply_enum_dom_groups
- ********************************************************************/
-static BOOL samr_reply_enum_dom_groups(SAMR_Q_ENUM_DOM_GROUPS *q_u,
- prs_struct *rdata)
-{
- SAMR_R_ENUM_DOM_GROUPS r_e;
- SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES];
- int num_entries;
- BOOL got_grps;
- char *dummy_group = "Domain Admins";
-
- ZERO_STRUCT(r_e);
-
- r_e.status = 0x0;
- r_e.num_entries = 0;
-
- /* find the policy handle. open a policy on it. */
- if (r_e.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
- {
- r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
- }
-
- DEBUG(5,("samr_reply_enum_dom_groups: %d\n", __LINE__));
-
- got_grps = True;
- num_entries = 1;
- ZERO_STRUCTP(&pass[0]);
- init_unistr2(&(pass[0].uni_user_name), dummy_group, strlen(dummy_group)+1);
- pass[0].user_rid = DOMAIN_GROUP_RID_ADMINS;
-
- if (r_e.status == 0 && got_grps)
- {
- init_samr_r_enum_dom_groups(&r_e, q_u->start_idx, num_entries, pass, r_e.status);
- }
+ r_u.status = _samr_enum_dom_users(p, &q_u, &r_u);
/* store the response in the SMB stream */
- if(!samr_io_r_enum_dom_groups("", &r_e, rdata, 0))
+ if(!samr_io_r_enum_dom_users("", &r_u, rdata, 0))
return False;
- DEBUG(5,("samr_enum_dom_groups: %d\n", __LINE__));
-
return True;
}
/*******************************************************************
api_samr_enum_dom_groups
********************************************************************/
+
static BOOL api_samr_enum_dom_groups(pipes_struct *p)
{
- SAMR_Q_ENUM_DOM_GROUPS q_e;
+ SAMR_Q_ENUM_DOM_GROUPS q_u;
+ SAMR_R_ENUM_DOM_GROUPS r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- /* grab the samr open */
- if(!samr_io_q_enum_dom_groups("", &q_e, data, 0))
- return False;
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- /* construct reply. */
- if(!samr_reply_enum_dom_groups(&q_e, rdata))
+ /* grab the samr open */
+ if(!samr_io_q_enum_dom_groups("", &q_u, data, 0))
return False;
- return True;
-}
-
-/*******************************************************************
- samr_reply_enum_dom_aliases
- ********************************************************************/
-static BOOL samr_reply_enum_dom_aliases(SAMR_Q_ENUM_DOM_ALIASES *q_u,
- prs_struct *rdata)
-{
- SAMR_R_ENUM_DOM_ALIASES r_e;
- SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES];
- int num_entries = 0;
- DOM_SID sid;
- fstring sid_str;
- fstring sam_sid_str;
- struct group *grp;
-
- ZERO_STRUCT(r_e);
-
- /* find the policy handle. open a policy on it. */
- if (r_e.status == 0x0 && !get_lsa_policy_samr_sid(&q_u->pol, &sid))
- {
- r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
- }
-
- sid_to_string(sid_str, &sid);
- sid_to_string(sam_sid_str, &global_sam_sid);
-
- DEBUG(5,("samr_reply_enum_dom_aliases: sid %s\n", sid_str));
-
- /* well-known aliases */
- if (strequal(sid_str, "S-1-5-32"))
- {
- char *name;
- while (!lp_hide_local_users() &&
- num_entries < MAX_SAM_ENTRIES &&
- ((name = builtin_alias_rids[num_entries].name) != NULL))
- {
- init_unistr2(&(pass[num_entries].uni_user_name), name, strlen(name)+1);
- pass[num_entries].user_rid = builtin_alias_rids[num_entries].rid;
- num_entries++;
- }
- }
- else if (strequal(sid_str, sam_sid_str) && !lp_hide_local_users())
- {
- char *name;
- char *sep;
-
- sep = lp_winbind_separator();
-
- /* local aliases */
- /* we return the UNIX groups here. This seems to be the right */
- /* thing to do, since NT member servers return their local */
- /* groups in the same situation. */
- setgrent();
-
- while (num_entries < MAX_SAM_ENTRIES && ((grp = getgrent()) != NULL))
- {
- int i;
- uint32 trid;
- name = grp->gr_name;
-
- /* Don't return winbind groups as they are not local! */
-
- if (strchr(name, *sep) != NULL) {
- continue;
- }
-
- trid = pdb_gid_to_group_rid(grp->gr_gid);
- for( i = 0; i < num_entries; i++)
- if ( pass[i].user_rid == trid ) break;
- if ( i < num_entries )
- continue; /* rid was there, dup! */
-
- init_unistr2(&(pass[num_entries].uni_user_name), name, strlen(name)+1);
- pass[num_entries].user_rid = trid;
- num_entries++;
- }
-
- endgrent();
- }
-
- init_samr_r_enum_dom_aliases(&r_e, num_entries, pass, r_e.status);
+ r_u.status = _samr_enum_dom_groups(p, &q_u, &r_u);
/* store the response in the SMB stream */
- if(!samr_io_r_enum_dom_aliases("", &r_e, rdata, 0))
+ if(!samr_io_r_enum_dom_groups("", &r_u, rdata, 0))
return False;
- DEBUG(5,("samr_enum_dom_aliases: %d\n", __LINE__));
-
return True;
}
/*******************************************************************
api_samr_enum_dom_aliases
********************************************************************/
+
static BOOL api_samr_enum_dom_aliases(pipes_struct *p)
{
- SAMR_Q_ENUM_DOM_ALIASES q_e;
+ SAMR_Q_ENUM_DOM_ALIASES q_u;
+ SAMR_R_ENUM_DOM_ALIASES r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- ZERO_STRUCT(q_e);
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
/* grab the samr open */
- if(!samr_io_q_enum_dom_aliases("", &q_e, data, 0))
+ if(!samr_io_q_enum_dom_aliases("", &q_u, data, 0))
return False;
- /* construct reply. */
- if(!samr_reply_enum_dom_aliases(&q_e, rdata))
- return False;
-
- return True;
-}
-
-
-/*******************************************************************
- samr_reply_query_dispinfo
- ********************************************************************/
-static BOOL samr_reply_query_dispinfo(SAMR_Q_QUERY_DISPINFO *q_u, prs_struct *rdata)
-{
- SAMR_R_QUERY_DISPINFO r_e;
- SAM_INFO_CTR ctr;
- SAM_INFO_1 info1;
- SAM_INFO_2 info2;
- SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES];
- int num_entries = 0;
- int total_entries = 0;
- BOOL got_pwds;
- uint16 switch_level = 0x0;
-
- ZERO_STRUCT(r_e);
-
- DEBUG(5,("samr_reply_query_dispinfo: %d\n", __LINE__));
-
- /* find the policy handle. open a policy on it. */
- if (r_e.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
- {
- r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
- DEBUG(5,("samr_reply_query_dispinfo: invalid handle\n"));
- }
-
- if (r_e.status == 0x0)
- {
- /* decide how many entries to get depending on the max_entries
- and max_size passed by client */
- uint32 retsize;
-
- if(q_u->max_entries > MAX_SAM_ENTRIES)
- q_u->max_entries = MAX_SAM_ENTRIES;
-
- retsize = (q_u->max_entries * (sizeof(SAM_ENTRY1)+sizeof(SAM_STR1)))
- + 3*sizeof(uint32);
-
- if(retsize > q_u->max_size)
- {
- /* determine max_entries based on max_size */
- q_u->max_entries = (q_u->max_size - 3*sizeof(uint32)) /
- (sizeof(SAM_ENTRY1)+sizeof(SAM_STR1));
- q_u->max_entries = (q_u->max_entries>0?q_u->max_entries:1);
- }
-
- DEBUG(10,("samr_reply_query_dispinfo: Setting q_u->max_entries to %u\n",q_u->max_entries));
-
- become_root();
- got_pwds = get_passwd_entries(pass, q_u->start_idx, &total_entries, &num_entries, q_u->max_entries, 0);
- unbecome_root();
-
- /* more left - set resume handle */
- if(total_entries > num_entries)
- {
- r_e.status = 0x105;
- }
-
- switch (q_u->switch_level)
- {
- case 0x1:
- {
-
- /* query disp info is for users */
- ZERO_STRUCT (info1);
- switch_level = 0x1;
- init_sam_info_1(&info1, ACB_NORMAL,
- q_u->start_idx, num_entries, pass);
-
- ctr.sam.info1 = &info1;
-
- break;
- }
- case 0x2:
- {
- /* query disp info is for servers */
- ZERO_STRUCT (info2);
- switch_level = 0x2;
- init_sam_info_2(&info2, ACB_WSTRUST,
- q_u->start_idx, num_entries, pass);
-
- ctr.sam.info2 = &info2;
-
- break;
- }
- }
- }
-
- /* more left - set resume handle */
- if(total_entries > num_entries)
- {
- r_e.status = 0x105;
- }
-
- if (r_e.status == 0 || r_e.status == 0x105)
- {
- init_samr_r_query_dispinfo(&r_e, switch_level, &ctr, r_e.status);
- }
+ r_u.status = _samr_enum_dom_aliases(p, &q_u, &r_u);
/* store the response in the SMB stream */
- if(!samr_io_r_query_dispinfo("", &r_e, rdata, 0))
+ if(!samr_io_r_enum_dom_aliases("", &r_u, rdata, 0))
return False;
- DEBUG(5,("samr_query_dispinfo: %d\n", __LINE__));
-
return True;
}
/*******************************************************************
api_samr_query_dispinfo
********************************************************************/
+
static BOOL api_samr_query_dispinfo(pipes_struct *p)
{
- SAMR_Q_QUERY_DISPINFO q_e;
+ SAMR_Q_QUERY_DISPINFO q_u;
+ SAMR_R_QUERY_DISPINFO r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- /* grab the samr open */
- if(!samr_io_q_query_dispinfo("", &q_e, data, 0))
- return False;
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- /* construct reply. */
- if(!samr_reply_query_dispinfo(&q_e, rdata))
+ if(!samr_io_q_query_dispinfo("", &q_u, data, 0))
return False;
- return True;
-}
-
+ r_u.status = _samr_query_dispinfo(p, &q_u, &r_u);
-/*******************************************************************
- samr_reply_query_aliasinfo
- ********************************************************************/
-static BOOL samr_reply_query_aliasinfo(SAMR_Q_QUERY_ALIASINFO *q_u,
- prs_struct *rdata)
-{
- SAMR_R_QUERY_ALIASINFO r_e;
- fstring alias_desc = "Local Unix group";
- fstring alias="";
- enum SID_NAME_USE type;
- uint32 alias_rid;
-
- ZERO_STRUCT(r_e);
-
- DEBUG(5,("samr_reply_query_aliasinfo: %d\n", __LINE__));
-
- /* find the policy handle. open a policy on it. */
- if (r_e.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
- {
- r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
- }
-
- alias_rid = get_lsa_policy_samr_rid(&q_u->pol);
- if(alias_rid == 0xffffffff)
- r_e.status = 0xC0000000 | NT_STATUS_NO_SUCH_ALIAS;
-
- if(!local_lookup_rid(alias_rid, alias, &type))
- {
- r_e.status = 0xC0000000 | NT_STATUS_NO_SUCH_ALIAS;
- }
-
- init_samr_r_query_aliasinfo(&r_e, q_u->switch_level, alias, alias_desc);
-
- /* store the response in the SMB stream */
- if(!samr_io_r_query_aliasinfo("", &r_e, rdata, 0))
+ /* store the response in the SMB stream */
+ if(!samr_io_r_query_dispinfo("", &r_u, rdata, 0))
return False;
-
- DEBUG(5,("samr_query_aliasinfo: %d\n", __LINE__));
return True;
}
@@ -1020,1461 +257,878 @@ static BOOL samr_reply_query_aliasinfo(SAMR_Q_QUERY_ALIASINFO *q_u,
/*******************************************************************
api_samr_query_aliasinfo
********************************************************************/
+
static BOOL api_samr_query_aliasinfo(pipes_struct *p)
{
- SAMR_Q_QUERY_ALIASINFO q_e;
+ SAMR_Q_QUERY_ALIASINFO q_u;
+ SAMR_R_QUERY_ALIASINFO r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
/* grab the samr open */
- if(!samr_io_q_query_aliasinfo("", &q_e, data, 0))
+ if(!samr_io_q_query_aliasinfo("", &q_u, data, 0))
return False;
- /* construct reply. */
- if(!samr_reply_query_aliasinfo(&q_e, rdata))
- return False;
+ r_u.status = _samr_query_aliasinfo(p, &q_u, &r_u);
+ /* store the response in the SMB stream */
+ if(!samr_io_r_query_aliasinfo("", &r_u, rdata, 0))
+ return False;
+
return True;
}
-
/*******************************************************************
- samr_reply_lookup_ids
+ api_samr_lookup_names
********************************************************************/
-static BOOL samr_reply_lookup_ids(SAMR_Q_LOOKUP_IDS *q_u,
- prs_struct *rdata)
-{
- uint32 rid[MAX_SAM_ENTRIES];
- uint32 status = 0;
- int num_rids = q_u->num_sids1;
-
- SAMR_R_LOOKUP_IDS r_u;
-
- DEBUG(5,("samr_lookup_ids: %d\n", __LINE__));
- if (num_rids > MAX_SAM_ENTRIES)
- {
- num_rids = MAX_SAM_ENTRIES;
- DEBUG(5,("samr_lookup_ids: truncating entries to %d\n", num_rids));
- }
+static BOOL api_samr_lookup_names(pipes_struct *p)
+{
+ SAMR_Q_LOOKUP_NAMES q_u;
+ SAMR_R_LOOKUP_NAMES r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
-#if 0
- int i;
- SMB_ASSERT_ARRAY(q_u->uni_user_name, num_rids);
-
- for (i = 0; i < num_rids && status == 0; i++)
- {
- SAM_ACCOUNT *sam_pass;
- fstring user_name;
-
-
- fstrcpy(user_name, unistrn2(q_u->uni_user_name[i].buffer,
- q_u->uni_user_name[i].uni_str_len));
-
- /* find the user account */
- become_root();
- sam_pass = pdb_getsampwnam(user_name);
- unbecome_root();
-
- if (sam_pass == NULL)
- {
- status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
- rid[i] = 0;
- }
- else
- {
- rid[i] = pdb_get_user_rid(sam_pass);
- }
- }
-#endif
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- num_rids = 1;
- rid[0] = BUILTIN_ALIAS_RID_USERS;
+ /* grab the samr lookup names */
+ if(!samr_io_q_lookup_names("", &q_u, data, 0))
+ return False;
- init_samr_r_lookup_ids(&r_u, num_rids, rid, status);
+ r_u.status = _samr_lookup_names(p, &q_u, &r_u);
/* store the response in the SMB stream */
- if(!samr_io_r_lookup_ids("", &r_u, rdata, 0))
+ if(!samr_io_r_lookup_names("", &r_u, rdata, 0))
return False;
- DEBUG(5,("samr_lookup_ids: %d\n", __LINE__));
-
return True;
}
/*******************************************************************
- api_samr_lookup_ids
+ api_samr_chgpasswd_user
********************************************************************/
-static BOOL api_samr_lookup_ids(pipes_struct *p)
+
+static BOOL api_samr_chgpasswd_user(pipes_struct *p)
{
- SAMR_Q_LOOKUP_IDS q_u;
+ SAMR_Q_CHGPASSWD_USER q_u;
+ SAMR_R_CHGPASSWD_USER r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- /* grab the samr 0x10 */
- if(!samr_io_q_lookup_ids("", &q_u, data, 0))
- return False;
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- /* construct reply. always indicate success */
- if(!samr_reply_lookup_ids(&q_u, rdata))
+ /* unknown 38 command */
+ if (!samr_io_q_chgpasswd_user("", &q_u, data, 0)) {
+ DEBUG(0,("api_samr_chgpasswd_user: Failed to unmarshall SAMR_Q_CHGPASSWD_USER.\n"));
return False;
-
- return True;
-}
-
-/*******************************************************************
- samr_reply_lookup_names
- ********************************************************************/
-
-static BOOL samr_reply_lookup_names(SAMR_Q_LOOKUP_NAMES *q_u,
- prs_struct *rdata)
-{
- uint32 rid[MAX_SAM_ENTRIES];
- enum SID_NAME_USE type[MAX_SAM_ENTRIES];
- uint32 status = 0;
- int i;
- int num_rids = q_u->num_names1;
- DOM_SID pol_sid;
-
- SAMR_R_LOOKUP_NAMES r_u;
-
- DEBUG(5,("samr_lookup_names: %d\n", __LINE__));
-
- ZERO_ARRAY(rid);
- ZERO_ARRAY(type);
-
- if (!get_lsa_policy_samr_sid(&q_u->pol, &pol_sid)) {
- status = 0xC0000000 | NT_STATUS_OBJECT_TYPE_MISMATCH;
- init_samr_r_lookup_names(&r_u, 0, rid, type, status);
- if(!samr_io_r_lookup_names("", &r_u, rdata, 0)) {
- DEBUG(0,("samr_reply_lookup_names: failed to marshall SAMR_R_LOOKUP_NAMES.\n"));
- return False;
- }
- return True;
- }
-
- if (num_rids > MAX_SAM_ENTRIES) {
- num_rids = MAX_SAM_ENTRIES;
- DEBUG(5,("samr_lookup_names: truncating entries to %d\n", num_rids));
- }
-
- SMB_ASSERT_ARRAY(q_u->uni_name, num_rids);
-
- for (i = 0; i < num_rids; i++) {
- fstring name;
-
- status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
-
- rid [i] = 0xffffffff;
- type[i] = SID_NAME_UNKNOWN;
-
- fstrcpy(name, dos_unistrn2(q_u->uni_name[i].buffer,
- q_u->uni_name[i].uni_str_len));
-
- if(sid_equal(&pol_sid, &global_sam_sid))
- {
- DOM_SID sid;
- if(local_lookup_name(global_myname, name,
- &sid, &type[i]))
- {
- sid_split_rid( &sid, &rid[i]);
- status = 0;
}
- }
- }
- init_samr_r_lookup_names(&r_u, num_rids, rid, type, status);
+ r_u.status = _samr_chgpasswd_user(p, &q_u, &r_u);
- /* store the response in the SMB stream */
- if(!samr_io_r_lookup_names("", &r_u, rdata, 0)) {
- DEBUG(0,("samr_reply_lookup_names: failed to marshall SAMR_R_LOOKUP_NAMES.\n"));
- return False;
- }
-
- DEBUG(5,("samr_lookup_names: %d\n", __LINE__));
+ /* store the response in the SMB stream */
+ if(!samr_io_r_chgpasswd_user("", &r_u, rdata, 0)) {
+ DEBUG(0,("api_samr_chgpasswd_user: Failed to marshall SAMR_R_CHGPASSWD_USER.\n" ));
+ return False;
+ }
- return True;
+ return True;
}
/*******************************************************************
- api_samr_lookup_names
+ api_samr_lookup_rids
********************************************************************/
-static BOOL api_samr_lookup_names(pipes_struct *p)
+static BOOL api_samr_lookup_rids(pipes_struct *p)
{
- SAMR_Q_LOOKUP_NAMES q_u;
+ SAMR_Q_LOOKUP_RIDS q_u;
+ SAMR_R_LOOKUP_RIDS r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- memset(&q_u, '\0', sizeof(q_u));
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
/* grab the samr lookup names */
- if(!samr_io_q_lookup_names("", &q_u, data, 0)) {
- DEBUG(0,("api_samr_lookup_names: failed to unmarshall SAMR_Q_LOOKUP_NAMES.\n"));
+ if(!samr_io_q_lookup_rids("", &q_u, data, 0))
return False;
- }
- /* construct reply. always indicate success */
- if(!samr_reply_lookup_names(&q_u, rdata))
+ r_u.status = _samr_lookup_rids(p, &q_u, &r_u);
+
+ /* store the response in the SMB stream */
+ if(!samr_io_r_lookup_rids("", &r_u, rdata, 0))
return False;
return True;
}
/*******************************************************************
- samr_reply_chgpasswd_user
+ api_samr_open_user
********************************************************************/
-static BOOL samr_reply_chgpasswd_user(SAMR_Q_CHGPASSWD_USER *q_u,
- prs_struct *rdata)
+static BOOL api_samr_open_user(pipes_struct *p)
{
- SAMR_R_CHGPASSWD_USER r_u;
- uint32 status = 0x0;
- fstring user_name;
- fstring wks;
-
- fstrcpy(user_name, dos_unistrn2(q_u->uni_user_name.buffer, q_u->uni_user_name.uni_str_len));
- fstrcpy(wks , dos_unistrn2(q_u->uni_dest_host.buffer, q_u->uni_dest_host.uni_str_len));
+ SAMR_Q_OPEN_USER q_u;
+ SAMR_R_OPEN_USER r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
- DEBUG(5,("samr_chgpasswd_user: user: %s wks: %s\n", user_name, wks));
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- if (!pass_oem_change(user_name,
- q_u->lm_newpass.pass, q_u->lm_oldhash.hash,
- q_u->nt_newpass.pass, q_u->nt_oldhash.hash))
- {
- status = 0xC0000000 | NT_STATUS_WRONG_PASSWORD;
- }
+ /* grab the samr unknown 22 */
+ if(!samr_io_q_open_user("", &q_u, data, 0))
+ return False;
- init_samr_r_chgpasswd_user(&r_u, status);
+ r_u.status = _api_samr_open_user(p, &q_u, &r_u);
/* store the response in the SMB stream */
- if(!samr_io_r_chgpasswd_user("", &r_u, rdata, 0)) {
- DEBUG(0,("samr_reply_chgpasswd_user: Failed to marshall SAMR_R_CHGPASSWD_USER struct.\n" ));
+ if(!samr_io_r_open_user("", &r_u, rdata, 0))
return False;
- }
- DEBUG(5,("samr_chgpasswd_user: %d\n", __LINE__));
+ DEBUG(5,("samr_open_user: %d\n", __LINE__));
+
return True;
}
/*******************************************************************
- api_samr_chgpasswd_user
+ api_samr_query_userinfo
********************************************************************/
-static BOOL api_samr_chgpasswd_user(pipes_struct *p)
+static BOOL api_samr_query_userinfo(pipes_struct *p)
{
- SAMR_Q_CHGPASSWD_USER q_u;
+ SAMR_Q_QUERY_USERINFO q_u;
+ SAMR_R_QUERY_USERINFO r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- /* unknown 38 command */
- if (!samr_io_q_chgpasswd_user("", &q_u, data, 0)) {
- DEBUG(0,("api_samr_chgpasswd_user: samr_io_q_chgpasswd_user failed to parse RPC packet.\n"));
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ /* grab the samr unknown 24 */
+ if(!samr_io_q_query_userinfo("", &q_u, data, 0))
return False;
- }
- /* construct reply. */
- if(!samr_reply_chgpasswd_user(&q_u, rdata)) {
- DEBUG(0,("api_samr_chgpasswd_user: samr_reply_chgpasswd_user failed to create reply packet.\n"));
+ r_u.status = _samr_query_userinfo(p, &q_u, &r_u);
+
+ /* store the response in the SMB stream */
+ if(!samr_io_r_query_userinfo("", &r_u, rdata, 0))
return False;
- }
return True;
}
-
/*******************************************************************
- samr_reply_unknown_38
+ api_samr_query_usergroups
********************************************************************/
-static BOOL samr_reply_unknown_38(SAMR_Q_UNKNOWN_38 *q_u, prs_struct *rdata)
+
+static BOOL api_samr_query_usergroups(pipes_struct *p)
{
- SAMR_R_UNKNOWN_38 r_u;
+ SAMR_Q_QUERY_USERGROUPS q_u;
+ SAMR_R_QUERY_USERGROUPS r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- DEBUG(5,("samr_unknown_38: %d\n", __LINE__));
+ /* grab the samr unknown 32 */
+ if(!samr_io_q_query_usergroups("", &q_u, data, 0))
+ return False;
- init_samr_r_unknown_38(&r_u);
+ r_u.status = _samr_query_usergroups(p, &q_u, &r_u);
/* store the response in the SMB stream */
- if(!samr_io_r_unknown_38("", &r_u, rdata, 0))
+ if(!samr_io_r_query_usergroups("", &r_u, rdata, 0)) {
return False;
+ }
- DEBUG(5,("samr_unknown_38: %d\n", __LINE__));
return True;
}
/*******************************************************************
- api_samr_unknown_38
+ api_samr_query_dom_info
********************************************************************/
-static BOOL api_samr_unknown_38(pipes_struct *p)
+
+static BOOL api_samr_query_dom_info(pipes_struct *p)
{
- SAMR_Q_UNKNOWN_38 q_u;
+ SAMR_Q_QUERY_DOMAIN_INFO q_u;
+ SAMR_R_QUERY_DOMAIN_INFO r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- /* unknown 38 command */
- if(!samr_io_q_unknown_38("", &q_u, data, 0))
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ /* grab the samr unknown 8 command */
+ if(!samr_io_q_query_dom_info("", &q_u, data, 0))
return False;
- /* construct reply. always indicate success */
- if(!samr_reply_unknown_38(&q_u, rdata))
+ r_u.status = _samr_query_dom_info(p, &q_u, &r_u);
+
+ /* store the response in the SMB stream */
+ if(!samr_io_r_query_dom_info("", &r_u, rdata, 0))
return False;
+ DEBUG(5,("api_samr_query_dom_info: %d\n", __LINE__));
+
return True;
}
-
/*******************************************************************
- samr_reply_lookup_rids
+ api_samr_create_user
********************************************************************/
-static BOOL samr_reply_lookup_rids(SAMR_Q_LOOKUP_RIDS *q_u,
- prs_struct *rdata)
-{
- fstring group_names[MAX_SAM_ENTRIES];
- uint32 group_attrs[MAX_SAM_ENTRIES];
- uint32 status = 0;
- int num_gids = q_u->num_gids1;
- SAMR_R_LOOKUP_RIDS r_u;
+static BOOL api_samr_create_user(pipes_struct *p)
+{
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
- DEBUG(5,("samr_reply_lookup_rids: %d\n", __LINE__));
+ SAMR_Q_CREATE_USER q_u;
+ SAMR_R_CREATE_USER r_u;
- /* find the policy handle. open a policy on it. */
- if (status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
- {
- status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
- }
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- if (status == 0x0)
- {
- int i;
- if (num_gids > MAX_SAM_ENTRIES)
- {
- num_gids = MAX_SAM_ENTRIES;
- DEBUG(5,("samr_reply_lookup_rids: truncating entries to %d\n", num_gids));
- }
-
- for (i = 0; i < num_gids && status == 0; i++)
- {
- fstrcpy(group_names[i], "dummy group");
- group_attrs[i] = 0x2;
- }
+ /* grab the samr create user */
+ if (!samr_io_q_create_user("", &q_u, data, 0)) {
+ DEBUG(0,("api_samr_create_user: Unable to unmarshall SAMR_Q_CREATE_USER.\n"));
+ return False;
}
- init_samr_r_lookup_rids(&r_u, num_gids, group_names, group_attrs, status);
+ r_u.status=_api_samr_create_user(p, &q_u, &r_u);
/* store the response in the SMB stream */
- if(!samr_io_r_lookup_rids("", &r_u, rdata, 0))
+ if(!samr_io_r_create_user("", &r_u, rdata, 0)) {
+ DEBUG(0,("api_samr_create_user: Unable to marshall SAMR_R_CREATE_USER.\n"));
return False;
-
- DEBUG(5,("samr_reply_lookup_rids: %d\n", __LINE__));
+ }
return True;
}
/*******************************************************************
- api_samr_lookup_rids
+ api_samr_connect_anon
********************************************************************/
-static BOOL api_samr_lookup_rids(pipes_struct *p)
+
+static BOOL api_samr_connect_anon(pipes_struct *p)
{
- SAMR_Q_LOOKUP_RIDS q_u;
+ SAMR_Q_CONNECT_ANON q_u;
+ SAMR_R_CONNECT_ANON r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- /* grab the samr lookup names */
- if(!samr_io_q_lookup_rids("", &q_u, data, 0))
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ /* grab the samr open policy */
+ if(!samr_io_q_connect_anon("", &q_u, data, 0))
return False;
- /* construct reply. always indicate success */
- if(!samr_reply_lookup_rids(&q_u, rdata))
+ r_u.status = _samr_connect_anon(p, &q_u, &r_u);
+
+ /* store the response in the SMB stream */
+ if(!samr_io_r_connect_anon("", &r_u, rdata, 0))
return False;
return True;
}
-
/*******************************************************************
- _api_samr_open_user
+ api_samr_connect
********************************************************************/
-static uint32 _api_samr_open_user(POLICY_HND domain_pol, uint32 user_rid, POLICY_HND *user_pol)
-{
- SAM_ACCOUNT *sam_pass;
- DOM_SID sid;
-
- /* find the domain policy handle. */
- if (find_lsa_policy_by_hnd(&domain_pol) == -1)
- return NT_STATUS_INVALID_HANDLE;
-
- /* get a (unique) handle. open a policy on it. */
- if (!open_lsa_policy_hnd(user_pol))
- return NT_STATUS_OBJECT_NAME_NOT_FOUND;
-
- become_root();
- sam_pass = pdb_getsampwrid(user_rid);
- unbecome_root();
-
- /* check that the RID exists in our domain. */
- if (sam_pass == NULL) {
- close_lsa_policy_hnd(user_pol);
- return NT_STATUS_NO_SUCH_USER;
- }
-
- /* Get the domain SID stored in the domain policy */
- if(!get_lsa_policy_samr_sid(&domain_pol, &sid)) {
- close_lsa_policy_hnd(user_pol);
- return NT_STATUS_INVALID_HANDLE;
- }
-
- /* append the user's RID to it */
- if(!sid_append_rid(&sid, user_rid)) {
- close_lsa_policy_hnd(user_pol);
- return NT_STATUS_NO_SUCH_USER;
- }
- /* associate the user's SID with the handle. */
- if (!set_lsa_policy_samr_sid(user_pol, &sid)) {
- /* oh, whoops. don't know what error message to return, here */
- close_lsa_policy_hnd(user_pol);
- return NT_STATUS_OBJECT_NAME_NOT_FOUND;
- }
-
- return NT_STATUS_NO_PROBLEMO;
-}
-
-/*******************************************************************
- api_samr_open_user
- ********************************************************************/
-static BOOL api_samr_open_user(pipes_struct *p)
+static BOOL api_samr_connect(pipes_struct *p)
{
- SAMR_Q_OPEN_USER q_u;
- SAMR_R_OPEN_USER r_u;
+ SAMR_Q_CONNECT q_u;
+ SAMR_R_CONNECT r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
ZERO_STRUCT(q_u);
ZERO_STRUCT(r_u);
- /* grab the samr unknown 22 */
- if(!samr_io_q_open_user("", &q_u, data, 0))
+ /* grab the samr open policy */
+ if(!samr_io_q_connect("", &q_u, data, 0))
return False;
- r_u.status = _api_samr_open_user(q_u.domain_pol, q_u.user_rid, &r_u.user_pol);
+ r_u.status = _samr_connect(p, &q_u, &r_u);
/* store the response in the SMB stream */
- if(!samr_io_r_open_user("", &r_u, rdata, 0))
+ if(!samr_io_r_connect("", &r_u, rdata, 0))
return False;
- DEBUG(5,("samr_open_user: %d\n", __LINE__));
-
return True;
}
-/*************************************************************************
- get_user_info_10
- *************************************************************************/
-static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, uint32 user_rid)
+/**********************************************************************
+ api_samr_lookup_domain
+ **********************************************************************/
+
+static BOOL api_samr_lookup_domain(pipes_struct *p)
{
- SAM_ACCOUNT *sampass;
+ SAMR_Q_LOOKUP_DOMAIN q_u;
+ SAMR_R_LOOKUP_DOMAIN r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- if (!pdb_rid_is_user(user_rid))
- {
- DEBUG(4,("RID 0x%x is not a user RID\n", user_rid));
+ if(!samr_io_q_lookup_domain("", &q_u, data, 0)) {
+ DEBUG(0,("api_samr_lookup_domain: Unable to unmarshall SAMR_Q_LOOKUP_DOMAIN.\n"));
return False;
}
- become_root();
- sampass = pdb_getsampwrid(user_rid);
- unbecome_root();
-
- if (sampass == NULL)
- {
- DEBUG(4,("User 0x%x not found\n", user_rid));
+ r_u.status = _samr_lookup_domain(p, &q_u, &r_u);
+
+ if(!samr_io_r_lookup_domain("", &r_u, rdata, 0)){
+ DEBUG(0,("api_samr_lookup_domain: Unable to marshall SAMR_R_LOOKUP_DOMAIN.\n"));
return False;
}
-
- DEBUG(3,("User:[%s]\n", pdb_get_username(sampass)));
-
- init_sam_user_info10(id10, pdb_get_acct_ctrl(sampass));
-
+
return True;
}
-/*************************************************************************
- get_user_info_21
- *************************************************************************/
-static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid)
+/**********************************************************************
+ api_samr_enum_domains
+ **********************************************************************/
+
+static BOOL api_samr_enum_domains(pipes_struct *p)
{
- SAM_ACCOUNT *sam_pass;
+ SAMR_Q_ENUM_DOMAINS q_u;
+ SAMR_R_ENUM_DOMAINS r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- if (!pdb_rid_is_user(user_rid))
- {
- DEBUG(4,("RID 0x%x is not a user RID\n", user_rid));
+ if(!samr_io_q_enum_domains("", &q_u, data, 0)) {
+ DEBUG(0,("api_samr_enum_domains: Unable to unmarshall SAMR_Q_ENUM_DOMAINS.\n"));
return False;
}
- become_root();
- sam_pass = pdb_getsampwrid(user_rid);
- unbecome_root();
+ r_u.status = _samr_enum_domains(p, &q_u, &r_u);
- if (sam_pass == NULL)
- {
- DEBUG(4,("User 0x%x not found\n", user_rid));
+ if(!samr_io_r_enum_domains("", &r_u, rdata, 0)) {
+ DEBUG(0,("api_samr_enum_domains: Unable to marshall SAMR_R_ENUM_DOMAINS.\n"));
return False;
}
-
- DEBUG(3,("User:[%s]\n", pdb_get_username(sam_pass)));
-
- init_sam_user_info21(id21, sam_pass);
-
+
return True;
}
/*******************************************************************
- samr_reply_query_userinfo
+ api_samr_open_alias
********************************************************************/
-static BOOL samr_reply_query_userinfo(SAMR_Q_QUERY_USERINFO *q_u,
- prs_struct *rdata)
-{
- SAMR_R_QUERY_USERINFO r_u;
-#if 0
- SAM_USER_INFO_11 id11;
-#endif
- SAM_USER_INFO_10 id10;
- SAM_USER_INFO_21 id21;
- void *info = NULL;
-
- uint32 status = 0x0;
- uint32 rid = 0x0;
-
- DEBUG(5,("samr_reply_query_userinfo: %d\n", __LINE__));
- /* search for the handle */
- if (status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
- {
- status = NT_STATUS_INVALID_HANDLE;
- }
+static BOOL api_samr_open_alias(pipes_struct *p)
+{
+ SAMR_Q_OPEN_ALIAS q_u;
+ SAMR_R_OPEN_ALIAS r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
- /* find the user's rid */
- if (status == 0x0 && (rid = get_lsa_policy_samr_rid(&(q_u->pol))) == 0xffffffff)
- {
- status = NT_STATUS_OBJECT_TYPE_MISMATCH;
- }
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- DEBUG(5,("samr_reply_query_userinfo: rid:0x%x\n", rid));
-
- /* ok! user info levels (there are lots: see MSDEV help), off we go... */
- if (status == 0x0)
- {
- switch (q_u->switch_value)
- {
- case 0x10:
- {
- info = (void*)&id10;
- status = get_user_info_10(&id10, rid) ? 0 : NT_STATUS_NO_SUCH_USER;
- break;
- }
-#if 0
-/* whoops - got this wrong. i think. or don't understand what's happening. */
- case 0x11:
- {
- NTTIME expire;
- info = (void*)&id11;
-
- expire.low = 0xffffffff;
- expire.high = 0x7fffffff;
-
- make_sam_user_info11(&id11, &expire, "BROOKFIELDS$", 0x03ef, 0x201, 0x0080);
-
- break;
- }
-#endif
- case 21:
- {
- info = (void*)&id21;
- status = get_user_info_21(&id21, rid) ? 0 : NT_STATUS_NO_SUCH_USER;
- break;
- }
-
- default:
- {
- status = NT_STATUS_INVALID_INFO_CLASS;
-
- break;
- }
- }
+ /* grab the samr open policy */
+ if(!samr_io_q_open_alias("", &q_u, data, 0)) {
+ DEBUG(0,("api_samr_open_alias: Unable to unmarshall SAMR_Q_OPEN_ALIAS.\n"));
+ return False;
}
- init_samr_r_query_userinfo(&r_u, q_u->switch_value, info, status);
+ r_u.status=_api_samr_open_alias(p, &q_u, &r_u);
/* store the response in the SMB stream */
- if(!samr_io_r_query_userinfo("", &r_u, rdata, 0))
+ if(!samr_io_r_open_alias("", &r_u, rdata, 0)) {
+ DEBUG(0,("api_samr_open_alias: Unable to marshall SAMR_R_OPEN_ALIAS.\n"));
return False;
-
- DEBUG(5,("samr_reply_query_userinfo: %d\n", __LINE__));
-
+ }
+
return True;
}
/*******************************************************************
- api_samr_query_userinfo
+ api_samr_set_userinfo
********************************************************************/
-static BOOL api_samr_query_userinfo(pipes_struct *p)
+
+static BOOL api_samr_set_userinfo(pipes_struct *p)
{
- SAMR_Q_QUERY_USERINFO q_u;
+ SAMR_Q_SET_USERINFO q_u;
+ SAMR_R_SET_USERINFO r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- /* grab the samr unknown 24 */
- if(!samr_io_q_query_userinfo("", &q_u, data, 0))
- return False;
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- /* construct reply. always indicate success */
- if(!samr_reply_query_userinfo(&q_u, rdata))
+ if (!samr_io_q_set_userinfo("", &q_u, data, 0)) {
+ DEBUG(0,("api_samr_set_userinfo: Unable to unmarshall SAMR_Q_SET_USERINFO.\n"));
return False;
-
- return True;
-}
-
-
-/*******************************************************************
- samr_reply_query_usergroups
- ********************************************************************/
-static BOOL samr_reply_query_usergroups(SAMR_Q_QUERY_USERGROUPS *q_u,
- prs_struct *rdata)
-{
- SAMR_R_QUERY_USERGROUPS r_u;
- uint32 status = 0x0;
-
- SAM_ACCOUNT *sam_pass;
- DOM_GID *gids = NULL;
- int num_groups = 0;
- uint32 rid;
-
- DEBUG(5,("samr_query_usergroups: %d\n", __LINE__));
-
- /* find the policy handle. open a policy on it. */
- if (status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
- {
- status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
- }
-
- /* find the user's rid */
- if (status == 0x0 && (rid = get_lsa_policy_samr_rid(&(q_u->pol))) == 0xffffffff)
- {
- status = NT_STATUS_OBJECT_TYPE_MISMATCH;
- }
-
- if (status == 0x0)
- {
- become_root();
- sam_pass = pdb_getsampwrid(rid);
- unbecome_root();
-
- if (sam_pass == NULL)
- {
- status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
- }
- }
-
- if (status == 0x0)
- {
- pstring groups;
- get_domain_user_groups(groups, pdb_get_username(sam_pass));
- gids = NULL;
- num_groups = make_dom_gids(groups, &gids);
}
- /* construct the response. lkclXXXX: gids are not copied! */
- init_samr_r_query_usergroups(&r_u, num_groups, gids, status);
+ r_u.status = _samr_set_userinfo(p, &q_u, &r_u);
- /* store the response in the SMB stream */
- if(!samr_io_r_query_usergroups("", &r_u, rdata, 0)) {
- if (gids)
- free((char *)gids);
+ if(!samr_io_r_set_userinfo("", &r_u, rdata, 0)) {
+ DEBUG(0,("api_samr_set_userinfo: Unable to marshall SAMR_R_SET_USERINFO.\n"));
return False;
}
- if (gids)
- free((char *)gids);
-
- DEBUG(5,("samr_query_usergroups: %d\n", __LINE__));
-
return True;
}
/*******************************************************************
- api_samr_query_usergroups
+ api_samr_set_userinfo2
********************************************************************/
-static BOOL api_samr_query_usergroups(pipes_struct *p)
+
+static BOOL api_samr_set_userinfo2(pipes_struct *p)
{
- SAMR_Q_QUERY_USERGROUPS q_u;
+ SAMR_Q_SET_USERINFO2 q_u;
+ SAMR_R_SET_USERINFO2 r_u;
+
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- /* grab the samr unknown 32 */
- if(!samr_io_q_query_usergroups("", &q_u, data, 0))
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!samr_io_q_set_userinfo2("", &q_u, data, 0)) {
+ DEBUG(0,("api_samr_set_userinfo2: Unable to unmarshall SAMR_Q_SET_USERINFO2.\n"));
return False;
+ }
- /* construct reply. */
- if(!samr_reply_query_usergroups(&q_u, rdata))
+ r_u.status = _samr_set_userinfo2(p, &q_u, &r_u);
+
+ if(!samr_io_r_set_userinfo2("", &r_u, rdata, 0)) {
+ DEBUG(0,("api_samr_set_userinfo2: Unable to marshall SAMR_R_SET_USERINFO2.\n"));
return False;
+ }
return True;
}
-
/*******************************************************************
- api_samr_query_dom_info
+ api_samr_query_useraliases
********************************************************************/
-static BOOL api_samr_query_dom_info(pipes_struct *p)
+
+static BOOL api_samr_query_useraliases(pipes_struct *p)
{
- SAMR_Q_QUERY_DOMAIN_INFO q_u;
- SAMR_R_QUERY_DOMAIN_INFO r_u;
- SAM_UNK_CTR ctr;
+ SAMR_Q_QUERY_USERALIASES q_u;
+ SAMR_R_QUERY_USERALIASES r_u;
+
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- uint16 switch_value = 0x0;
- uint32 status = 0x0;
-
ZERO_STRUCT(q_u);
ZERO_STRUCT(r_u);
- ZERO_STRUCT(ctr);
-
- DEBUG(5,("api_samr_query_dom_info: %d\n", __LINE__));
- /* grab the samr unknown 8 command */
- if(!samr_io_q_query_dom_info("", &q_u, data, 0))
+ if (!samr_io_q_query_useraliases("", &q_u, data, 0)) {
+ DEBUG(0,("api_samr_query_useraliases: Unable to unmarshall SAMR_Q_QUERY_USERALIASES.\n"));
return False;
-
- /* find the policy handle. open a policy on it. */
- if (find_lsa_policy_by_hnd(&q_u.domain_pol) == -1) {
- status = NT_STATUS_INVALID_HANDLE;
- DEBUG(5,("api_samr_query_dom_info: invalid handle\n"));
}
- if (status == 0x0) {
- switch (q_u.switch_value) {
- case 0x01:
- switch_value = 0x1;
- init_unk_info1(&ctr.info.inf1);
- break;
- case 0x02:
- switch_value = 0x2;
- init_unk_info2(&ctr.info.inf2, global_myworkgroup, global_myname);
- break;
- case 0x03:
- switch_value = 0x3;
- init_unk_info3(&ctr.info.inf3);
- break;
- case 0x06:
- switch_value = 0x6;
- init_unk_info6(&ctr.info.inf6);
- break;
- case 0x07:
- switch_value = 0x7;
- init_unk_info7(&ctr.info.inf7);
- break;
- case 0x0c:
- switch_value = 0xc;
- init_unk_info12(&ctr.info.inf12);
- break;
- default:
- status = NT_STATUS_INVALID_INFO_CLASS;
- break;
- }
- }
-
- init_samr_r_query_dom_info(&r_u, switch_value, &ctr, status);
+ r_u.status = _samr_query_useraliases(p, &q_u, &r_u);
- /* store the response in the SMB stream */
- if(!samr_io_r_query_dom_info("", &r_u, rdata, 0))
+ if (! samr_io_r_query_useraliases("", &r_u, rdata, 0)) {
+ DEBUG(0,("api_samr_query_useraliases: Unable to nmarshall SAMR_R_QUERY_USERALIASES.\n"));
return False;
-
- DEBUG(5,("api_samr_query_dom_info: %d\n", __LINE__));
+ }
return True;
}
-
/*******************************************************************
- _api_samr_create_user
+ api_samr_query_aliasmem
********************************************************************/
-static BOOL _api_samr_create_user(POLICY_HND dom_pol, UNISTR2 user_account, uint32 acb_info, uint32 access_mask,
- POLICY_HND *user_pol, uint32 *unknown0, uint32 *user_rid)
+
+static BOOL api_samr_query_aliasmem(pipes_struct *p)
{
- SAM_ACCOUNT *sam_pass;
- fstring mach_acct;
- pstring err_str;
- pstring msg_str;
- int local_flags=0;
- DOM_SID sid;
-
- /* find the policy handle. open a policy on it. */
- if (find_lsa_policy_by_hnd(&dom_pol) == -1)
- return NT_STATUS_INVALID_HANDLE;
-
- /* find the machine account: tell the caller if it exists.
- lkclXXXX i have *no* idea if this is a problem or not
- or even if you are supposed to construct a different
- reply if the account already exists...
- */
-
- fstrcpy(mach_acct, dos_unistrn2(user_account.buffer, user_account.uni_str_len));
- strlower(mach_acct);
-
- become_root();
- sam_pass = pdb_getsampwnam(mach_acct);
- unbecome_root();
- if (sam_pass != NULL)
- {
- /* machine account exists: say so */
- return NT_STATUS_USER_EXISTS;
- }
+ SAMR_Q_QUERY_ALIASMEM q_u;
+ SAMR_R_QUERY_ALIASMEM r_u;
- /* get a (unique) handle. open a policy on it. */
- if (!open_lsa_policy_hnd(user_pol))
- return NT_STATUS_OBJECT_NAME_NOT_FOUND;
-
- local_flags=LOCAL_ADD_USER|LOCAL_DISABLE_USER|LOCAL_SET_NO_PASSWORD;
- local_flags|= (acb_info & ACB_WSTRUST) ? LOCAL_TRUST_ACCOUNT:0;
-
- /*
- * NB. VERY IMPORTANT ! This call must be done as the current pipe user,
- * *NOT* surrounded by a become_root()/unbecome_root() call. This ensures
- * that only people with write access to the smbpasswd file will be able
- * to create a user. JRA.
- */
-
- /* add the user in the /etc/passwd file or the unix authority system */
- if (lp_adduser_script())
- smb_create_user(mach_acct,NULL);
-
- /* add the user in the smbpasswd file or the Samba authority database */
- if (!local_password_change(mach_acct, local_flags, NULL, err_str,
- sizeof(err_str), msg_str, sizeof(msg_str)))
- {
- DEBUG(0, ("%s\n", err_str));
- close_lsa_policy_hnd(user_pol);
- return NT_STATUS_ACCESS_DENIED;
- }
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
- become_root();
- sam_pass = pdb_getsampwnam(mach_acct);
- unbecome_root();
- if (sam_pass == NULL) {
- /* account doesn't exist: say so */
- close_lsa_policy_hnd(user_pol);
- return NT_STATUS_ACCESS_DENIED;
- }
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- /* Get the domain SID stored in the domain policy */
- if(!get_lsa_policy_samr_sid(&dom_pol, &sid)) {
- close_lsa_policy_hnd(user_pol);
- return NT_STATUS_INVALID_HANDLE;
+ if (!samr_io_q_query_aliasmem("", &q_u, data, 0)) {
+ return False;
}
- /* append the user's RID to it */
- if(!sid_append_rid(&sid, sam_pass->user_rid)) {
- close_lsa_policy_hnd(user_pol);
- return NT_STATUS_NO_SUCH_USER;
- }
+ r_u.status = _samr_query_aliasmem(p, &q_u, &r_u);
- /* associate the RID with the (unique) handle. */
- if (!set_lsa_policy_samr_sid(user_pol, &sid)) {
- /* oh, whoops. don't know what error message to return, here */
- close_lsa_policy_hnd(user_pol);
- return NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ if (!samr_io_r_query_aliasmem("", &r_u, rdata, 0)) {
+ return False;
}
- *unknown0 = 0x000703ff;
- *user_rid = pdb_get_user_rid(sam_pass);
-
- return NT_STATUS_NO_PROBLEMO;
+ return True;
}
/*******************************************************************
- api_samr_create_user
+ api_samr_query_groupmem
********************************************************************/
-static BOOL api_samr_create_user(pipes_struct *p)
+
+static BOOL api_samr_query_groupmem(pipes_struct *p)
{
+ SAMR_Q_QUERY_GROUPMEM q_u;
+ SAMR_R_QUERY_GROUPMEM r_u;
+
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- SAMR_Q_CREATE_USER q_u;
- SAMR_R_CREATE_USER r_u;
-
ZERO_STRUCT(q_u);
ZERO_STRUCT(r_u);
- /* grab the samr create user */
- if (!samr_io_q_create_user("", &q_u, data, 0)) {
- DEBUG(0,("api_samr_create_user: Unable to unmarshall SAMR_Q_CREATE_USER.\n"));
+ if (!samr_io_q_query_groupmem("", &q_u, data, 0)) {
return False;
}
- r_u.status=_api_samr_create_user(q_u.pol, q_u.uni_mach_acct, q_u.acb_info, q_u.access_mask,
- &r_u.pol, &r_u.unknown_0, &r_u.user_rid);
+ r_u.status = _samr_query_groupmem(p, &q_u, &r_u);
- /* store the response in the SMB stream */
- if(!samr_io_r_create_user("", &r_u, rdata, 0)) {
- DEBUG(0,("api_samr_create_user: Unable to marshall SAMR_R_CREATE_USER.\n"));
+ if (!samr_io_r_query_groupmem("", &r_u, rdata, 0)) {
return False;
}
return True;
}
-
/*******************************************************************
- samr_reply_connect_anon
+ api_samr_add_aliasmem
********************************************************************/
-static BOOL samr_reply_connect_anon(SAMR_Q_CONNECT_ANON *q_u, prs_struct *rdata)
-{
- SAMR_R_CONNECT_ANON r_u;
- BOOL pol_open = False;
- /* set up the SAMR connect_anon response */
+static BOOL api_samr_add_aliasmem(pipes_struct *p)
+{
+ SAMR_Q_ADD_ALIASMEM q_u;
+ SAMR_R_ADD_ALIASMEM r_u;
- r_u.status = 0x0;
- /* get a (unique) handle. open a policy on it. */
- if (r_u.status == 0x0 && !(pol_open = open_lsa_policy_hnd(&(r_u.connect_pol))))
- {
- r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
- }
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
- /* associate the domain SID with the (unique) handle. */
- if (r_u.status == 0x0 && !set_lsa_policy_samr_pol_status(&(r_u.connect_pol), q_u->unknown_0))
- {
- /* oh, whoops. don't know what error message to return, here */
- r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
- }
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- if (r_u.status != 0 && pol_open)
- {
- close_lsa_policy_hnd(&(r_u.connect_pol));
+ if (!samr_io_q_add_aliasmem("", &q_u, data, 0)) {
+ return False;
}
- DEBUG(5,("samr_connect_anon: %d\n", __LINE__));
+ r_u.status = _samr_add_aliasmem(p, &q_u, &r_u);
- /* store the response in the SMB stream */
- if(!samr_io_r_connect_anon("", &r_u, rdata, 0))
+ if (!samr_io_r_add_aliasmem("", &r_u, rdata, 0)) {
return False;
-
- DEBUG(5,("samr_connect_anon: %d\n", __LINE__));
+ }
return True;
}
/*******************************************************************
- api_samr_connect_anon
+ api_samr_del_aliasmem
********************************************************************/
-static BOOL api_samr_connect_anon(pipes_struct *p)
+
+static BOOL api_samr_del_aliasmem(pipes_struct *p)
{
- SAMR_Q_CONNECT_ANON q_u;
+ SAMR_Q_DEL_ALIASMEM q_u;
+ SAMR_R_DEL_ALIASMEM r_u;
+
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- /* grab the samr open policy */
- if(!samr_io_q_connect_anon("", &q_u, data, 0))
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!samr_io_q_del_aliasmem("", &q_u, data, 0)) {
return False;
+ }
+
+ r_u.status = _samr_del_aliasmem(p, &q_u, &r_u);
- /* construct reply. always indicate success */
- if(!samr_reply_connect_anon(&q_u, rdata))
+ if (!samr_io_r_del_aliasmem("", &r_u, rdata, 0)) {
return False;
+ }
return True;
}
/*******************************************************************
- samr_reply_connect
+ api_samr_add_groupmem
********************************************************************/
-static BOOL samr_reply_connect(SAMR_Q_CONNECT *q_u, prs_struct *rdata)
-{
- SAMR_R_CONNECT r_u;
- BOOL pol_open = False;
- /* set up the SAMR connect response */
+static BOOL api_samr_add_groupmem(pipes_struct *p)
+{
+ SAMR_Q_ADD_GROUPMEM q_u;
+ SAMR_R_ADD_GROUPMEM r_u;
- r_u.status = 0x0;
- /* get a (unique) handle. open a policy on it. */
- if (r_u.status == 0x0 && !(pol_open = open_lsa_policy_hnd(&(r_u.connect_pol))))
- {
- r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
- }
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
- /* associate the domain SID with the (unique) handle. */
- if (r_u.status == 0x0 &&
- !set_lsa_policy_samr_pol_status(&(r_u.connect_pol),
- q_u->access_mask))
- {
- /* oh, whoops. don't know what error message to return, here */
- r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
- }
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- if (r_u.status != 0 && pol_open)
- {
- close_lsa_policy_hnd(&(r_u.connect_pol));
+ if (!samr_io_q_add_groupmem("", &q_u, data, 0)) {
+ return False;
}
- DEBUG(5,("samr_connect: %d\n", __LINE__));
+ r_u.status = _samr_add_groupmem(p, &q_u, &r_u);
- /* store the response in the SMB stream */
- if(!samr_io_r_connect("", &r_u, rdata, 0))
+ if (!samr_io_r_add_groupmem("", &r_u, rdata, 0)) {
return False;
-
- DEBUG(5,("samr_connect: %d\n", __LINE__));
+ }
return True;
}
/*******************************************************************
- api_samr_connect
+ api_samr_del_groupmem
********************************************************************/
-static BOOL api_samr_connect(pipes_struct *p)
-{
- SAMR_Q_CONNECT q_u;
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
- /* grab the samr open policy */
- if(!samr_io_q_connect("", &q_u, data, 0))
- return False;
-
- /* construct reply. always indicate success */
- if(!samr_reply_connect(&q_u, rdata))
- return False;
-
- return True;
-}
-
-
-/**********************************************************************
- api_samr_lookup_domain
- **********************************************************************/
-static BOOL api_samr_lookup_domain(pipes_struct *p)
+static BOOL api_samr_del_groupmem(pipes_struct *p)
{
- SAMR_Q_LOOKUP_DOMAIN q_u;
- SAMR_R_LOOKUP_DOMAIN r_u;
+ SAMR_Q_DEL_GROUPMEM q_u;
+ SAMR_R_DEL_GROUPMEM r_u;
+
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
-
+
ZERO_STRUCT(q_u);
ZERO_STRUCT(r_u);
- if(!samr_io_q_lookup_domain("", &q_u, data, 0)) {
- DEBUG(0,("api_samr_lookup_domain: Unable to unmarshall SAMR_Q_LOOKUP_DOMAIN.\n"));
+ if (!samr_io_q_del_groupmem("", &q_u, data, 0)) {
return False;
}
-
- r_u.status = 0x0;
- if (find_lsa_policy_by_hnd(&q_u.connect_pol) == -1){
- r_u.status = NT_STATUS_INVALID_HANDLE;
- DEBUG(5,("api_samr_lookup_domain: invalid handle\n"));
- }
-
- /* assume the domain name sent is our global_myname and
- send global_sam_sid */
- init_samr_r_lookup_domain(&r_u, &global_sam_sid, r_u.status);
-
- if(!samr_io_r_lookup_domain("", &r_u, rdata, 0)){
- DEBUG(0,("api_samr_lookup_domain: Unable to marshall SAMR_R_LOOKUP_DOMAIN.\n"));
+ r_u.status = _samr_del_groupmem(p, &q_u, &r_u);
+
+ if (!samr_io_r_del_groupmem("", &r_u, rdata, 0)) {
return False;
}
-
+
return True;
}
-/**********************************************************************
- api_samr_enum_domains
- **********************************************************************/
-static BOOL api_samr_enum_domains(pipes_struct *p)
+/*******************************************************************
+ api_samr_delete_dom_user
+ ********************************************************************/
+
+static BOOL api_samr_delete_dom_user(pipes_struct *p)
{
- SAMR_Q_ENUM_DOMAINS q_u;
- SAMR_R_ENUM_DOMAINS r_u;
+ SAMR_Q_DELETE_DOM_USER q_u;
+ SAMR_R_DELETE_DOM_USER r_u;
+
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
-
- fstring dom[2];
ZERO_STRUCT(q_u);
ZERO_STRUCT(r_u);
- fstrcpy(dom[0],global_myworkgroup);
- fstrcpy(dom[1],"Builtin");
-
- if(!samr_io_q_enum_domains("", &q_u, data, 0)) {
- DEBUG(0,("api_samr_enum_domains: Unable to unmarshall SAMR_Q_ENUM_DOMAINS.\n"));
+ if (!samr_io_q_delete_dom_user("", &q_u, data, 0)) {
return False;
}
- r_u.status = NT_STATUS_NO_PROBLEMO;
-
- init_samr_r_enum_domains(&r_u, q_u.start_idx, dom, 2);
+ r_u.status = _samr_delete_dom_user(p, &q_u, &r_u);
- if(!samr_io_r_enum_domains("", &r_u, rdata, 0)) {
- DEBUG(0,("api_samr_enum_domains: Unable to marshall SAMR_R_ENUM_DOMAINS.\n"));
- free(r_u.sam);
- free(r_u.uni_dom_name);
+ if (!samr_io_r_delete_dom_user("", &r_u, rdata, 0)) {
return False;
}
- free(r_u.sam);
- free(r_u.uni_dom_name);
-
return True;
}
-
/*******************************************************************
- api_samr_open_alias
+ api_samr_delete_dom_group
********************************************************************/
-static uint32 _api_samr_open_alias(POLICY_HND domain_pol, uint32 alias_rid, POLICY_HND *alias_pol)
-{
- DOM_SID sid;
-
- /* get the domain policy. */
- if (find_lsa_policy_by_hnd(&domain_pol) == -1)
- return NT_STATUS_INVALID_HANDLE;
-
- /* get a (unique) handle. open a policy on it. */
- if (!open_lsa_policy_hnd(alias_pol))
- return NT_STATUS_OBJECT_NAME_NOT_FOUND;
-
- /* Get the domain SID stored in the domain policy */
- if(!get_lsa_policy_samr_sid(&domain_pol, &sid)) {
- close_lsa_policy_hnd(alias_pol);
- return NT_STATUS_INVALID_HANDLE;
- }
-
- /* append the alias' RID to it */
- if(!sid_append_rid(&sid, alias_rid)) {
- close_lsa_policy_hnd(alias_pol);
- return NT_STATUS_NO_SUCH_USER;
- }
- /* associate a RID with the (unique) handle. */
- if (!set_lsa_policy_samr_sid(alias_pol, &sid)) {
- /* oh, whoops. don't know what error message to return, here */
- close_lsa_policy_hnd(alias_pol);
- return NT_STATUS_OBJECT_NAME_NOT_FOUND;
- }
-
- return NT_STATUS_NO_PROBLEMO;
-}
-
-/*******************************************************************
- api_samr_open_alias
- ********************************************************************/
-static BOOL api_samr_open_alias(pipes_struct *p)
+static BOOL api_samr_delete_dom_group(pipes_struct *p)
{
- SAMR_Q_OPEN_ALIAS q_u;
- SAMR_R_OPEN_ALIAS r_u;
+ SAMR_Q_DELETE_DOM_GROUP q_u;
+ SAMR_R_DELETE_DOM_GROUP r_u;
+
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
ZERO_STRUCT(q_u);
ZERO_STRUCT(r_u);
- /* grab the samr open policy */
- if(!samr_io_q_open_alias("", &q_u, data, 0)) {
- DEBUG(0,("api_samr_open_alias: Unable to unmarshall SAMR_Q_OPEN_ALIAS.\n"));
+ if (!samr_io_q_delete_dom_group("", &q_u, data, 0)) {
return False;
}
- r_u.status=_api_samr_open_alias(q_u.dom_pol, q_u.rid_alias, &r_u.pol);
+ r_u.status = _samr_delete_dom_group(p, &q_u, &r_u);
- /* store the response in the SMB stream */
- if(!samr_io_r_open_alias("", &r_u, rdata, 0)) {
- DEBUG(0,("api_samr_open_alias: Unable to marshall SAMR_R_OPEN_ALIAS.\n"));
+ if (!samr_io_r_delete_dom_group("", &r_u, rdata, 0)) {
return False;
}
-
+
return True;
}
/*******************************************************************
- set_user_info_10
+ api_samr_delete_dom_alias
********************************************************************/
-static BOOL set_user_info_10(const SAM_USER_INFO_10 *id10, uint32 rid)
+
+static BOOL api_samr_delete_dom_alias(pipes_struct *p)
{
- SAM_ACCOUNT *pwd = pdb_getsampwrid(rid);
+ SAMR_Q_DELETE_DOM_ALIAS q_u;
+ SAMR_R_DELETE_DOM_ALIAS r_u;
- if (id10 == NULL) {
- DEBUG(5, ("set_user_info_10: NULL id10\n"));
- return False;
- }
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
- if (pwd == NULL)
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!samr_io_q_delete_dom_alias("", &q_u, data, 0)) {
return False;
+ }
- pdb_set_acct_ctrl(pwd, id10->acb_info);
+ r_u.status = _samr_delete_dom_alias(p, &q_u, &r_u);
- if(!pdb_update_sam_account(pwd, True))
+ if (!samr_io_r_delete_dom_alias("", &r_u, rdata, 0)) {
return False;
+ }
return True;
}
/*******************************************************************
- set_user_info_12
+ api_samr_create_dom_group
********************************************************************/
-static BOOL set_user_info_12(SAM_USER_INFO_12 *id12, uint32 rid)
+
+static BOOL api_samr_create_dom_group(pipes_struct *p)
{
- SAM_ACCOUNT *pwd = pdb_getsampwrid(rid);
+ SAMR_Q_CREATE_DOM_GROUP q_u;
+ SAMR_R_CREATE_DOM_GROUP r_u;
- if (pwd == NULL)
- return False;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
- if (id12 == NULL) {
- DEBUG(2, ("set_user_info_12: id12 is NULL\n"));
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if (!samr_io_q_create_dom_group("", &q_u, data, 0)) {
return False;
}
- pdb_set_lanman_passwd (pwd, id12->lm_pwd);
- pdb_set_nt_passwd (pwd, id12->nt_pwd);
+ r_u.status = _samr_create_dom_group(p, &q_u, &r_u);
- if(!pdb_update_sam_account(pwd, True))
+ if (!samr_io_r_create_dom_group("", &r_u, rdata, 0)) {
return False;
+ }
return True;
}
/*******************************************************************
- set_user_info_21
+ api_samr_create_dom_alias
********************************************************************/
-static BOOL set_user_info_21 (SAM_USER_INFO_21 *id21, uint32 rid)
-{
- SAM_ACCOUNT *pwd = pdb_getsampwrid(rid);
- SAM_ACCOUNT new_pwd;
- if (id21 == NULL) {
- DEBUG(5, ("set_user_info_21: NULL id21\n"));
- return False;
- }
-
- if (pwd == NULL)
- return False;
-
- /* we make a copy so that we can modify stuff */
- copy_sam_passwd(&new_pwd, pwd);
- copy_id21_to_sam_passwd(&new_pwd, id21);
-
- /*
- * The funny part about the previous two calls is
- * that pwd still has the password hashes from the
- * passdb entry. These have not been updated from
- * id21. I don't know if they need to be set. --jerry
- */
+static BOOL api_samr_create_dom_alias(pipes_struct *p)
+{
+ SAMR_Q_CREATE_DOM_ALIAS q_u;
+ SAMR_R_CREATE_DOM_ALIAS r_u;
- /* write the change out */
- if(!pdb_update_sam_account(&new_pwd, True))
- return False;
-
- return True;
-}
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
-/*******************************************************************
- set_user_info_23
- ********************************************************************/
-static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
-{
- SAM_ACCOUNT *pwd = pdb_getsampwrid(rid);
- SAM_ACCOUNT new_pwd;
- BYTE nt_hash[16];
- BYTE lm_hash[16];
- pstring buf;
- uint32 len;
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- if (id23 == NULL) {
- DEBUG(5, ("set_user_info_23: NULL id23\n"));
+ if (!samr_io_q_create_dom_alias("", &q_u, data, 0)) {
return False;
}
- if (pwd == NULL)
- return False;
+ r_u.status = _samr_create_dom_alias(p, &q_u, &r_u);
- copy_sam_passwd(&new_pwd, pwd);
- copy_id23_to_sam_passwd(&new_pwd, id23);
-
- if (!decode_pw_buffer((char*)id23->pass, buf, 256, &len))
+ if (!samr_io_r_create_dom_alias("", &r_u, rdata, 0)) {
return False;
+ }
- nt_lm_owf_gen(buf, nt_hash, lm_hash);
-
- pdb_set_lanman_passwd (&new_pwd, lm_hash);
- pdb_set_nt_passwd (&new_pwd, nt_hash);
-
- /* update the UNIX password */
- if (lp_unix_password_sync())
- if(!chgpasswd(pdb_get_username(&new_pwd), "", buf, True))
- return False;
-
- memset(buf, 0, sizeof(buf));
-
- if(!pdb_update_sam_account(&new_pwd, True))
- return False;
-
return True;
}
/*******************************************************************
- set_user_info_24
+ api_samr_query_groupinfo
********************************************************************/
-static BOOL set_user_info_24(const SAM_USER_INFO_24 *id24, uint32 rid)
+
+static BOOL api_samr_query_groupinfo(pipes_struct *p)
{
- SAM_ACCOUNT *pwd = pdb_getsampwrid(rid);
- uchar nt_hash[16];
- uchar lm_hash[16];
- uint32 len;
- pstring buf;
+ SAMR_Q_QUERY_GROUPINFO q_u;
+ SAMR_R_QUERY_GROUPINFO r_u;
- if (pwd == NULL)
- return False;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
- memset(buf, 0, sizeof(buf));
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- if (!decode_pw_buffer((char*)id24->pass, buf, 256, &len))
+ if (!samr_io_q_query_groupinfo("", &q_u, data, 0)) {
return False;
+ }
- DEBUG(0,("set_user_info_24:nt_lm_owf_gen\n"));
-
- nt_lm_owf_gen(buf, nt_hash, lm_hash);
-
- pdb_set_lanman_passwd (pwd, lm_hash);
- pdb_set_nt_passwd (pwd, nt_hash);
-
- /* update the UNIX password */
- if (lp_unix_password_sync())
- if(!chgpasswd(pdb_get_username(pwd), "", buf, True))
- return False;
-
- memset(buf, 0, sizeof(buf));
-
- DEBUG(0,("set_user_info_24: pdb_update_sam_account()\n"));
+ r_u.status = _samr_query_groupinfo(p, &q_u, &r_u);
- /* update the SAMBA password */
- if(!pdb_update_sam_account(pwd, True))
+ if (!samr_io_r_query_groupinfo("", &r_u, rdata, 0)) {
return False;
+ }
return True;
}
/*******************************************************************
- samr_reply_set_userinfo
+ api_samr_set_groupinfo
********************************************************************/
-static uint32 _samr_set_userinfo(POLICY_HND *pol, uint16 switch_value,
- SAM_USERINFO_CTR *ctr, pipes_struct *p)
-{
- uint32 rid = 0x0;
- DOM_SID sid;
- struct current_user user;
- SAM_ACCOUNT *sam_pass;
- unsigned char sess_key[16];
-
- DEBUG(5, ("_samr_set_userinfo: %d\n", __LINE__));
-
- if (p->ntlmssp_auth_validated)
- {
- memcpy(&user, &p->pipe_user, sizeof(user));
- }
- else
- {
- extern struct current_user current_user;
- memcpy(&user, &current_user, sizeof(user));
- }
-
- /* search for the handle */
- if (find_lsa_policy_by_hnd(pol) == -1)
- return NT_STATUS_INVALID_HANDLE;
- /* find the policy handle. open a policy on it. */
- if (!get_lsa_policy_samr_sid(pol, &sid))
- return NT_STATUS_INVALID_HANDLE;
+static BOOL api_samr_set_groupinfo(pipes_struct *p)
+{
+ SAMR_Q_SET_GROUPINFO q_u;
+ SAMR_R_SET_GROUPINFO r_u;
- sid_split_rid(&sid, &rid);
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
- DEBUG(5, ("_samr_set_userinfo: rid:0x%x, level:%d\n", rid, switch_value));
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- if (ctr == NULL) {
- DEBUG(5, ("_samr_set_userinfo: NULL info level\n"));
- return NT_STATUS_INVALID_INFO_CLASS;
+ if (!samr_io_q_set_groupinfo("", &q_u, data, 0)) {
+ return False;
}
+ r_u.status = _samr_set_groupinfo(p, &q_u, &r_u);
- /*
- * We need the NT hash of the user who is changing the user's password.
- * This NT hash is used to generate a "user session key"
- * This "user session key" is in turn used to encrypt/decrypt the user's password.
- */
-
- become_root();
- sam_pass = pdb_getsampwuid(user.uid);
- unbecome_root();
- if(sam_pass == NULL) {
- DEBUG(0,("_samr_set_userinfo: Unable to get passdb entry for uid %u\n",
- (unsigned int)pdb_get_uid(sam_pass) ));
- return NT_STATUS_ACCESS_DENIED;
- }
-
- memset(sess_key, '\0', 16);
- mdfour(sess_key, pdb_get_nt_passwd(sam_pass), 16);
-
- /* ok! user info levels (lots: see MSDEV help), off we go... */
- switch (switch_value) {
- case 0x12:
- if (!set_user_info_12(ctr->info.id12, rid))
- return NT_STATUS_ACCESS_DENIED;
- break;
-
- case 24:
- SamOEMhash(ctr->info.id24->pass, sess_key, 1);
- if (!set_user_info_24(ctr->info.id24, rid))
- return NT_STATUS_ACCESS_DENIED;
- break;
-
- case 23:
- SamOEMhash(ctr->info.id23->pass, sess_key, 1);
- if (!set_user_info_23(ctr->info.id23, rid))
- return NT_STATUS_ACCESS_DENIED;
- break;
-
- default:
- return NT_STATUS_INVALID_INFO_CLASS;
+ if (!samr_io_r_set_groupinfo("", &r_u, rdata, 0)) {
+ return False;
}
- return NT_STATUS_NOPROBLEMO;
+ return True;
}
/*******************************************************************
- api_samr_set_userinfo
+ api_samr_get_dom_pwinfo
********************************************************************/
-static BOOL api_samr_set_userinfo(pipes_struct *p)
+
+static BOOL api_samr_get_dom_pwinfo(pipes_struct *p)
{
- SAMR_Q_SET_USERINFO q_u;
- SAMR_R_SET_USERINFO r_u;
+ SAMR_Q_GET_DOM_PWINFO q_u;
+ SAMR_R_GET_DOM_PWINFO r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
- SAM_USERINFO_CTR ctr;
-
ZERO_STRUCT(q_u);
ZERO_STRUCT(r_u);
- q_u.ctr = &ctr;
-
- if (!samr_io_q_set_userinfo("", &q_u, data, 0)) {
- DEBUG(0,("api_samr_set_userinfo: Unable to unmarshall SAMR_Q_SET_USERINFO.\n"));
+ if (!samr_io_q_get_dom_pwinfo("", &q_u, data, 0)) {
return False;
}
- r_u.status = _samr_set_userinfo(&q_u.pol, q_u.switch_value, &ctr, p);
+ r_u.status = _samr_get_dom_pwinfo(p, &q_u, &r_u);
- free_samr_q_set_userinfo(&q_u);
-
- if(!samr_io_r_set_userinfo("", &r_u, rdata, 0)) {
- DEBUG(0,("api_samr_set_userinfo: Unable to marshall SAMR_R_SET_USERINFO.\n"));
+ if (!samr_io_r_get_dom_pwinfo("", &r_u, rdata, 0)) {
return False;
}
@@ -2482,59 +1136,41 @@ static BOOL api_samr_set_userinfo(pipes_struct *p)
}
/*******************************************************************
- samr_reply_set_userinfo2
+ api_samr_open_group
********************************************************************/
-static uint32 _samr_set_userinfo2(POLICY_HND *pol, uint16 switch_value, SAM_USERINFO_CTR *ctr)
-{
- DOM_SID sid;
- uint32 rid = 0x0;
-
- DEBUG(5, ("samr_reply_set_userinfo2: %d\n", __LINE__));
-
- /* search for the handle */
- if (find_lsa_policy_by_hnd(pol) == -1)
- return NT_STATUS_INVALID_HANDLE;
- /* find the policy handle. open a policy on it. */
- if (!get_lsa_policy_samr_sid(pol, &sid))
- return NT_STATUS_INVALID_HANDLE;
+static BOOL api_samr_open_group(pipes_struct *p)
+{
+ SAMR_Q_OPEN_GROUP q_u;
+ SAMR_R_OPEN_GROUP r_u;
- sid_split_rid(&sid, &rid);
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
- DEBUG(5, ("samr_reply_set_userinfo2: rid:0x%x\n", rid));
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
- if (ctr == NULL) {
- DEBUG(5, ("samr_reply_set_userinfo2: NULL info level\n"));
- return NT_STATUS_INVALID_INFO_CLASS;
+ if (!samr_io_q_open_group("", &q_u, data, 0)) {
+ return False;
}
- ctr->switch_value = switch_value;
-
- /* ok! user info levels (lots: see MSDEV help), off we go... */
- switch (switch_value) {
- case 21:
- if (!set_user_info_21(ctr->info.id21, rid))
- return NT_STATUS_ACCESS_DENIED;
- break;
- case 16:
- if (!set_user_info_10(ctr->info.id10, rid))
- return NT_STATUS_ACCESS_DENIED;
- break;
- default:
- return NT_STATUS_INVALID_INFO_CLASS;
+ r_u.status = _samr_open_group(p, &q_u, &r_u);
+
+ if (!samr_io_r_open_group("", &r_u, rdata, 0)) {
+ return False;
}
- return NT_STATUS_NOPROBLEMO;
+ return True;
}
/*******************************************************************
- api_samr_set_userinfo2
+ api_samr_unknown_2d
********************************************************************/
-static BOOL api_samr_set_userinfo2(pipes_struct *p)
+
+static BOOL api_samr_unknown_2d(pipes_struct *p)
{
- SAMR_Q_SET_USERINFO2 q_u;
- SAMR_R_SET_USERINFO2 r_u;
- SAM_USERINFO_CTR ctr;
+ SAMR_Q_UNKNOWN_2D q_u;
+ SAMR_R_UNKNOWN_2D r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
@@ -2542,31 +1178,77 @@ static BOOL api_samr_set_userinfo2(pipes_struct *p)
ZERO_STRUCT(q_u);
ZERO_STRUCT(r_u);
- q_u.ctr = &ctr;
-
- if (!samr_io_q_set_userinfo2("", &q_u, data, 0)) {
- DEBUG(0,("api_samr_set_userinfo2: Unable to unmarshall SAMR_Q_SET_USERINFO2.\n"));
+ if (!samr_io_q_unknown_2d("", &q_u, data, 0)) {
return False;
}
- r_u.status = _samr_set_userinfo2(&q_u.pol, q_u.switch_value, &ctr);
+ r_u.status = _samr_unknown_2d(p, &q_u, &r_u);
- free_samr_q_set_userinfo2(&q_u);
-
- if(!samr_io_r_set_userinfo2("", &r_u, rdata, 0)) {
- DEBUG(0,("api_samr_set_userinfo2: Unable to marshall SAMR_R_SET_USERINFO2.\n"));
+ if (!samr_io_r_unknown_2d("", &r_u, rdata, 0)) {
return False;
}
return True;
}
-
/*******************************************************************
array of \PIPE\samr operations
********************************************************************/
+
static struct api_struct api_samr_cmds [] =
{
+ {"SAMR_CLOSE_HND", SAMR_CLOSE_HND, api_samr_close_hnd},
+ {"SAMR_CONNECT", SAMR_CONNECT, api_samr_connect},
+ {"SAMR_CONNECT_ANON", SAMR_CONNECT_ANON, api_samr_connect_anon},
+ {"SAMR_ENUM_DOMAINS", SAMR_ENUM_DOMAINS, api_samr_enum_domains},
+ {"SAMR_ENUM_DOM_USERS", SAMR_ENUM_DOM_USERS, api_samr_enum_dom_users},
+
+ {"SAMR_ENUM_DOM_GROUPS", SAMR_ENUM_DOM_GROUPS, api_samr_enum_dom_groups},
+ {"SAMR_ENUM_DOM_ALIASES", SAMR_ENUM_DOM_ALIASES, api_samr_enum_dom_aliases},
+ {"SAMR_QUERY_USERALIASES", SAMR_QUERY_USERALIASES, api_samr_query_useraliases},
+ {"SAMR_QUERY_ALIASMEM", SAMR_QUERY_ALIASMEM, api_samr_query_aliasmem},
+ {"SAMR_QUERY_GROUPMEM", SAMR_QUERY_GROUPMEM, api_samr_query_groupmem},
+ {"SAMR_ADD_ALIASMEM", SAMR_ADD_ALIASMEM, api_samr_add_aliasmem},
+ {"SAMR_DEL_ALIASMEM", SAMR_DEL_ALIASMEM, api_samr_del_aliasmem},
+ {"SAMR_ADD_GROUPMEM", SAMR_ADD_GROUPMEM, api_samr_add_groupmem},
+ {"SAMR_DEL_GROUPMEM", SAMR_DEL_GROUPMEM, api_samr_del_groupmem},
+
+ {"SAMR_DELETE_DOM_USER", SAMR_DELETE_DOM_USER, api_samr_delete_dom_user},
+ {"SAMR_DELETE_DOM_GROUP", SAMR_DELETE_DOM_GROUP, api_samr_delete_dom_group},
+ {"SAMR_DELETE_DOM_ALIAS", SAMR_DELETE_DOM_ALIAS, api_samr_delete_dom_alias},
+ {"SAMR_CREATE_DOM_GROUP", SAMR_CREATE_DOM_GROUP, api_samr_create_dom_group},
+ {"SAMR_CREATE_DOM_ALIAS", SAMR_CREATE_DOM_ALIAS, api_samr_create_dom_alias},
+ {"SAMR_LOOKUP_NAMES", SAMR_LOOKUP_NAMES, api_samr_lookup_names},
+ {"SAMR_OPEN_USER", SAMR_OPEN_USER, api_samr_open_user},
+ {"SAMR_QUERY_USERINFO", SAMR_QUERY_USERINFO, api_samr_query_userinfo},
+ {"SAMR_SET_USERINFO", SAMR_SET_USERINFO, api_samr_set_userinfo},
+ {"SAMR_SET_USERINFO2", SAMR_SET_USERINFO2, api_samr_set_userinfo2},
+
+ {"SAMR_QUERY_DOMAIN_INFO", SAMR_QUERY_DOMAIN_INFO, api_samr_query_dom_info},
+ {"SAMR_QUERY_USERGROUPS", SAMR_QUERY_USERGROUPS, api_samr_query_usergroups},
+ {"SAMR_QUERY_DISPINFO", SAMR_QUERY_DISPINFO, api_samr_query_dispinfo},
+ {"SAMR_QUERY_DISPINFO3", SAMR_QUERY_DISPINFO3, api_samr_query_dispinfo},
+ {"SAMR_QUERY_DISPINFO4", SAMR_QUERY_DISPINFO4, api_samr_query_dispinfo},
+
+ {"SAMR_QUERY_ALIASINFO", SAMR_QUERY_ALIASINFO, api_samr_query_aliasinfo},
+ {"SAMR_QUERY_GROUPINFO", SAMR_QUERY_GROUPINFO, api_samr_query_groupinfo},
+ {"SAMR_SET_GROUPINFO", SAMR_SET_GROUPINFO, api_samr_set_groupinfo},
+ {"SAMR_CREATE_USER", SAMR_CREATE_USER, api_samr_create_user},
+ {"SAMR_LOOKUP_RIDS", SAMR_LOOKUP_RIDS, api_samr_lookup_rids},
+ {"SAMR_GET_DOM_PWINFO", SAMR_GET_DOM_PWINFO, api_samr_get_dom_pwinfo},
+ {"SAMR_CHGPASSWD_USER", SAMR_CHGPASSWD_USER, api_samr_chgpasswd_user},
+ {"SAMR_OPEN_ALIAS", SAMR_OPEN_ALIAS, api_samr_open_alias},
+ {"SAMR_OPEN_GROUP", SAMR_OPEN_GROUP, api_samr_open_group},
+ {"SAMR_OPEN_DOMAIN", SAMR_OPEN_DOMAIN, api_samr_open_domain},
+ {"SAMR_UNKNOWN_2D", SAMR_UNKNOWN_2D, api_samr_unknown_2d},
+ {"SAMR_LOOKUP_DOMAIN", SAMR_LOOKUP_DOMAIN, api_samr_lookup_domain},
+
+ {"SAMR_QUERY_SEC_OBJECT", SAMR_QUERY_SEC_OBJECT, api_samr_query_sec_obj},
+ {"SAMR_GET_USRDOM_PWINFO", SAMR_GET_USRDOM_PWINFO, api_samr_get_usrdom_pwinfo},
+ {NULL, 0, NULL}
+
+#if 0
+
{ "SAMR_CLOSE_HND" , SAMR_CLOSE_HND , api_samr_close_hnd },
{ "SAMR_CONNECT" , SAMR_CONNECT , api_samr_connect },
{ "SAMR_CONNECT_ANON" , SAMR_CONNECT_ANON , api_samr_connect_anon },
@@ -2587,13 +1269,14 @@ static struct api_struct api_samr_cmds [] =
{ "SAMR_CHGPASSWD_USER" , SAMR_CHGPASSWD_USER , api_samr_chgpasswd_user },
{ "SAMR_OPEN_ALIAS" , SAMR_OPEN_ALIAS , api_samr_open_alias },
{ "SAMR_OPEN_DOMAIN" , SAMR_OPEN_DOMAIN , api_samr_open_domain },
- { "SAMR_UNKNOWN_3" , SAMR_UNKNOWN_3 , api_samr_unknown_3 },
- { "SAMR_UNKNOWN_2C" , SAMR_UNKNOWN_2C , api_samr_unknown_2c },
+ { "SAMR_QUERY_SEC_OBJECT" , SAMR_QUERY_SEC_OBJECT , api_samr_query_sec_obj },
+ { "SAMR_GET_USRDOM_PWINFO", SAMR_GET_USRDOM_PWINFO, api_samr_get_usrdom_pwinfo},
{ "SAMR_LOOKUP_DOMAIN" , SAMR_LOOKUP_DOMAIN , api_samr_lookup_domain },
{ "SAMR_ENUM_DOMAINS" , SAMR_ENUM_DOMAINS , api_samr_enum_domains },
{ "SAMR_SET_USERINFO" , SAMR_SET_USERINFO , api_samr_set_userinfo },
{ "SAMR_SET_USERINFO2" , SAMR_SET_USERINFO2 , api_samr_set_userinfo2 },
{ NULL , 0 , NULL }
+#endif
};
/*******************************************************************
@@ -2603,4 +1286,3 @@ BOOL api_samr_rpc(pipes_struct *p)
{
return api_rpcTNP(p, "api_samr_rpc", api_samr_cmds);
}
-#undef OLD_NTDOMAIN
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index bd04b40c4d..ff484a8ff1 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -39,6 +39,23 @@ extern rid_name domain_group_rids[];
extern rid_name domain_alias_rids[];
extern rid_name builtin_alias_rids[];
+struct samr_info {
+ /* for use by the \PIPE\samr policy */
+ DOM_SID sid;
+ uint32 status; /* some sort of flag. best to record it. comes from opnum 0x39 */
+};
+
+/*******************************************************************
+ Function to free the per handle data.
+ ********************************************************************/
+
+static void free_samr_info(void *ptr)
+{
+ struct samr_info *samr = (struct samr_info *)ptr;
+
+ safe_free(samr);
+}
+
/*******************************************************************
This next function should be replaced with something that
dynamically returns the correct user info..... JRA.
@@ -48,8 +65,7 @@ static BOOL get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx,
int *total_entries, int *num_entries,
int max_num_entries, uint16 acb_mask)
{
- void *vp = NULL;
- struct sam_passwd *pwd = NULL;
+ SAM_ACCOUNT *pwd = NULL;
(*num_entries) = 0;
(*total_entries) = 0;
@@ -57,13 +73,12 @@ static BOOL get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx,
if (pw_buf == NULL)
return False;
- vp = startsmbpwent(False);
- if (!vp) {
- DEBUG(0, ("get_sampwd_entries: Unable to open SMB password database.\n"));
+ if (!pdb_setsampwent(False)) {
+ DEBUG(0, ("get_sampwd_entries: Unable to open passdb.\n"));
return False;
}
- while (((pwd = getsam21pwent(vp)) != NULL) && (*num_entries) < max_num_entries) {
+ while (((pwd = pdb_getsampwent()) != NULL) && (*num_entries) < max_num_entries) {
int user_name_len;
if (start_idx > 0) {
@@ -74,21 +89,20 @@ static BOOL get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx,
continue;
}
- user_name_len = strlen(pwd->smb_name)+1;
- init_unistr2(&pw_buf[(*num_entries)].uni_user_name, pwd->smb_name, user_name_len);
+ user_name_len = strlen(pdb_get_username(pwd))+1;
+ init_unistr2(&pw_buf[(*num_entries)].uni_user_name, pdb_get_username(pwd), user_name_len);
init_uni_hdr(&pw_buf[(*num_entries)].hdr_user_name, user_name_len);
pw_buf[(*num_entries)].user_rid = pwd->user_rid;
memset((char *)pw_buf[(*num_entries)].nt_pwd, '\0', 16);
/* Now check if the NT compatible password is available. */
- if (pwd->smb_nt_passwd != NULL) {
- memcpy( pw_buf[(*num_entries)].nt_pwd , pwd->smb_nt_passwd, 16);
- }
+ if (pdb_get_nt_passwd(pwd))
+ memcpy( pw_buf[(*num_entries)].nt_pwd , pdb_get_nt_passwd(pwd), 16);
- pw_buf[(*num_entries)].acb_info = (uint16)pwd->acct_ctrl;
+ pw_buf[(*num_entries)].acb_info = pdb_get_acct_ctrl(pwd);
DEBUG(5, ("entry idx: %d user %s, rid 0x%x, acb %x",
- (*num_entries), pwd->smb_name, pwd->user_rid, pwd->acct_ctrl));
+ (*num_entries), pdb_get_username(pwd), pdb_get_user_rid(pwd), pdb_get_acct_ctrl(pwd) ));
if (acb_mask == 0 || (pwd->acct_ctrl & acb_mask)) {
DEBUG(5,(" acb_mask %x accepts\n", acb_mask));
@@ -100,17 +114,16 @@ static BOOL get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx,
(*total_entries)++;
}
- endsmbpwent(vp);
+ pdb_endsampwent();
return (*num_entries) > 0;
}
static BOOL jf_get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx,
- int *total_entries, int *num_entries,
+ int *total_entries, uint32 *num_entries,
int max_num_entries, uint16 acb_mask)
{
- void *vp = NULL;
- struct sam_passwd *pwd = NULL;
+ SAM_ACCOUNT *pwd = NULL;
*num_entries = 0;
*total_entries = 0;
@@ -118,17 +131,16 @@ static BOOL jf_get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx,
if (pw_buf == NULL)
return False;
- vp = startsmbpwent(False);
- if (!vp) {
- DEBUG(0, ("get_sampwd_entries: Unable to open SMB password database.\n"));
- return False;
- }
+ if (!pdb_setsampwent(False)) {
+ DEBUG(0, ("jf_get_sampwd_entries: Unable to open passdb.\n"));
+ return False;
+ }
- while (((pwd = getsam21pwent(vp)) != NULL) && (*num_entries) < max_num_entries) {
+ while (((pwd = pdb_getsampwent()) != NULL) && (*num_entries) < max_num_entries) {
int user_name_len;
int full_name_len;
- if (acb_mask != 0 && !(pwd->acct_ctrl & acb_mask))
+ if (acb_mask != 0 && !(pdb_get_acct_ctrl(pwd) & acb_mask))
continue;
if (start_idx > 0) {
@@ -141,29 +153,29 @@ static BOOL jf_get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx,
ZERO_STRUCTP(&pw_buf[(*num_entries)]);
- user_name_len = strlen(pwd->smb_name);
- init_unistr2(&pw_buf[(*num_entries)].uni_user_name, pwd->smb_name, user_name_len);
+ user_name_len = strlen(pdb_get_username(pwd));
+ init_unistr2(&pw_buf[(*num_entries)].uni_user_name, pdb_get_username(pwd), user_name_len);
init_uni_hdr(&pw_buf[(*num_entries)].hdr_user_name, user_name_len);
- full_name_len = strlen(pwd->full_name);
- init_unistr2(&pw_buf[(*num_entries)].uni_full_name, pwd->full_name, full_name_len);
+ full_name_len = strlen(pdb_get_fullname(pwd));
+ init_unistr2(&pw_buf[(*num_entries)].uni_full_name, pdb_get_fullname(pwd), full_name_len);
init_uni_hdr(&pw_buf[(*num_entries)].hdr_full_name, full_name_len);
- pw_buf[(*num_entries)].user_rid = pwd->user_rid;
+ pw_buf[(*num_entries)].user_rid = pdb_get_user_rid(pwd);
memset((char *)pw_buf[(*num_entries)].nt_pwd, '\0', 16);
/* Now check if the NT compatible password is available. */
- if (pwd->smb_nt_passwd != NULL) {
- memcpy( pw_buf[(*num_entries)].nt_pwd , pwd->smb_nt_passwd, 16);
- }
+ if (pdb_get_nt_passwd(pwd))
+ memcpy( pw_buf[(*num_entries)].nt_pwd , pdb_get_nt_passwd(pwd), 16);
- pw_buf[(*num_entries)].acb_info = (uint16)pwd->acct_ctrl;
+ pw_buf[(*num_entries)].acb_info = pdb_get_acct_ctrl(pwd);
- DEBUG(5, ("entry idx: %d user %s, rid 0x%x, acb %x\n", (*num_entries), pwd->smb_name, pwd->user_rid, pwd->acct_ctrl));
+ DEBUG(5, ("entry idx: %d user %s, rid 0x%x, acb %x\n", (*num_entries),
+ pdb_get_username(pwd), pdb_get_user_rid(pwd), pdb_get_acct_ctrl(pwd) ));
(*num_entries)++;
}
- endsmbpwent(vp);
+ pdb_endsampwent();
*total_entries = *num_entries;
return True;
@@ -425,7 +437,7 @@ uint32 _samr_close_hnd(pipes_struct *p, SAMR_Q_CLOSE_HND *q_u, SAMR_R_CLOSE_HND
r_u->status = NT_STATUS_NOPROBLEMO;
/* close the policy handle */
- if (!close_lsa_policy_hnd(&q_u->pol))
+ if (!close_policy_hnd(p, &q_u->pol))
return NT_STATUS_OBJECT_NAME_INVALID;
DEBUG(5,("samr_reply_close_hnd: %d\n", __LINE__));
@@ -439,42 +451,57 @@ uint32 _samr_close_hnd(pipes_struct *p, SAMR_Q_CLOSE_HND *q_u, SAMR_R_CLOSE_HND
uint32 _samr_open_domain(pipes_struct *p, SAMR_Q_OPEN_DOMAIN *q_u, SAMR_R_OPEN_DOMAIN *r_u)
{
+ struct samr_info *info;
+
r_u->status = NT_STATUS_NOPROBLEMO;
/* find the connection policy handle. */
- if (find_lsa_policy_by_hnd(&q_u->pol) == -1)
+ if (!find_policy_by_hnd(p, &q_u->pol, NULL))
return NT_STATUS_INVALID_HANDLE;
- /* get a (unique) handle. open a policy on it. */
- if (!open_lsa_policy_hnd(&r_u->domain_pol))
- return NT_STATUS_OBJECT_NAME_NOT_FOUND;
-
/* associate the domain SID with the (unique) handle. */
- if (!set_lsa_policy_samr_sid(&r_u->domain_pol, &q_u->dom_sid.sid)) {
- close_lsa_policy_hnd(&r_u->domain_pol);
+ if ((info = (struct samr_info *)malloc(sizeof(struct samr_info))) == NULL)
+ return NT_STATUS_NO_MEMORY;
+
+ ZERO_STRUCTP(info);
+ info->sid = q_u->dom_sid.sid;
+
+ /* get a (unique) handle. open a policy on it. */
+ if (!create_policy_hnd(p, &r_u->domain_pol, free_samr_info, (void *)info))
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
- }
DEBUG(5,("samr_open_domain: %d\n", __LINE__));
return r_u->status;
}
+static uint32 get_lsa_policy_samr_rid(struct samr_info *info)
+{
+ if (!info) {
+ DEBUG(3,("Error getting policy\n"));
+ return 0xffffffff;
+ }
+
+ return info->sid.sub_auths[info->sid.num_auths-1];
+}
+
/*******************************************************************
_samr_get_usrdom_pwinfo
********************************************************************/
uint32 _samr_get_usrdom_pwinfo(pipes_struct *p, SAMR_Q_GET_USRDOM_PWINFO *q_u, SAMR_R_GET_USRDOM_PWINFO *r_u)
{
+ struct samr_info *info = NULL;
+
r_u->status = NT_STATUS_NOPROBLEMO;
/* find the policy handle. open a policy on it. */
- if (find_lsa_policy_by_hnd(&q_u->user_pol) == -1) {
+ if (!find_policy_by_hnd(p, &q_u->user_pol, (void **)&info)) {
return NT_STATUS_INVALID_HANDLE;
}
/* find the user's rid */
- if (get_lsa_policy_samr_rid(&q_u->user_pol) == 0xffffffff) {
+ if (get_lsa_policy_samr_rid(info) == 0xffffffff) {
return NT_STATUS_OBJECT_TYPE_MISMATCH;
}
@@ -531,6 +558,21 @@ static uint32 samr_make_usr_obj_sd(TALLOC_CTX *ctx, SEC_DESC_BUF **buf, DOM_SID
return NT_STATUS_NOPROBLEMO;
}
+static BOOL get_lsa_policy_samr_sid(pipes_struct *p, POLICY_HND *pol, DOM_SID *sid)
+{
+ struct samr_info *info = NULL;
+
+ /* find the policy handle. open a policy on it. */
+ if (!find_policy_by_hnd(p, pol, (void **)&info))
+ return False;
+
+ if (!info)
+ return False;
+
+ *sid = info->sid;
+ return True;
+}
+
/*******************************************************************
_samr_query_sec_obj
********************************************************************/
@@ -541,13 +583,10 @@ uint32 _samr_query_sec_obj(pipes_struct *p, SAMR_Q_QUERY_SEC_OBJ *q_u, SAMR_R_QU
r_u->status = NT_STATUS_NOPROBLEMO;
- /* find the policy handle. open a policy on it. */
- if ((find_lsa_policy_by_hnd(&q_u->user_pol)) == -1)
- return NT_STATUS_INVALID_HANDLE;
-
/* Get the SID. */
- if (!get_lsa_policy_samr_sid(&q_u->user_pol, &pol_sid))
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
+
+ if (!get_lsa_policy_samr_sid(p, &q_u->user_pol, &pol_sid))
+ return NT_STATUS_INVALID_HANDLE;
r_u->status = samr_make_usr_obj_sd(p->mem_ctx, &r_u->buf, &pol_sid);
@@ -608,7 +647,7 @@ uint32 _samr_enum_dom_users(pipes_struct *p, SAMR_Q_ENUM_DOM_USERS *q_u, SAMR_R_
r_u->status = NT_STATUS_NOPROBLEMO;
/* find the policy handle. open a policy on it. */
- if (find_lsa_policy_by_hnd(&q_u->pol) == -1)
+ if (!find_policy_by_hnd(p, &q_u->pol, NULL))
return NT_STATUS_INVALID_HANDLE;
DEBUG(5,("_samr_enum_dom_users: %d\n", __LINE__));
@@ -808,12 +847,12 @@ static BOOL get_group_domain_entries(DOMAIN_GRP *d_grp, DOM_SID *sid, uint32 sta
uint32 _samr_enum_dom_groups(pipes_struct *p, SAMR_Q_ENUM_DOM_GROUPS *q_u, SAMR_R_ENUM_DOM_GROUPS *r_u)
{
DOMAIN_GRP grp[2];
- int num_entries;
+ uint32 num_entries;
DOM_SID sid;
r_u->status = NT_STATUS_NOPROBLEMO;
- if (!get_lsa_policy_samr_sid(&q_u->pol, &sid))
+ if (!get_lsa_policy_samr_sid(p, &q_u->pol, &sid))
return NT_STATUS_INVALID_HANDLE;
DEBUG(5,("samr_reply_enum_dom_groups: %d\n", __LINE__));
@@ -837,14 +876,13 @@ uint32 _samr_enum_dom_groups(pipes_struct *p, SAMR_Q_ENUM_DOM_GROUPS *q_u, SAMR_
uint32 _samr_enum_dom_aliases(pipes_struct *p, SAMR_Q_ENUM_DOM_ALIASES *q_u, SAMR_R_ENUM_DOM_ALIASES *r_u)
{
DOMAIN_GRP grp[MAX_SAM_ENTRIES];
- int num_entries = 0;
+ uint32 num_entries = 0;
fstring sid_str;
DOM_SID sid;
r_u->status = NT_STATUS_NOPROBLEMO;
- /* find the policy handle. open a policy on it. */
- if (!get_lsa_policy_samr_sid(&q_u->pol, &sid))
+ if (!get_lsa_policy_samr_sid(p, &q_u->pol, &sid))
return NT_STATUS_INVALID_HANDLE;
sid_to_string(sid_str, &sid);
@@ -871,7 +909,7 @@ uint32 _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, SAMR_R_
SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES];
DOMAIN_GRP grps[MAX_SAM_ENTRIES];
uint16 acb_mask = ACB_NORMAL;
- int num_entries = 0;
+ uint32 num_entries = 0;
int orig_num_entries = 0;
int total_entries = 0;
uint32 data_size = 0;
@@ -883,7 +921,7 @@ uint32 _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, SAMR_R_
r_u->status = NT_STATUS_NOPROBLEMO;
- if (!get_lsa_policy_samr_sid(&q_u->domain_pol, &sid))
+ if (!get_lsa_policy_samr_sid(p, &q_u->domain_pol, &sid))
return NT_STATUS_INVALID_HANDLE;
/* decide how many entries to get depending on the max_entries
@@ -994,21 +1032,22 @@ uint32 _samr_query_aliasinfo(pipes_struct *p, SAMR_Q_QUERY_ALIASINFO *q_u, SAMR_
fstring alias="";
enum SID_NAME_USE type;
uint32 alias_rid;
+ struct samr_info *info = NULL;
r_u->status = NT_STATUS_NOPROBLEMO;
DEBUG(5,("_samr_query_aliasinfo: %d\n", __LINE__));
/* find the policy handle. open a policy on it. */
- if (find_lsa_policy_by_hnd(&q_u->pol) == -1)
+ if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info))
return NT_STATUS_INVALID_HANDLE;
- alias_rid = get_lsa_policy_samr_rid(&q_u->pol);
+ alias_rid = get_lsa_policy_samr_rid(info);
if(alias_rid == 0xffffffff)
return NT_STATUS_NO_SUCH_ALIAS;
if(!local_lookup_rid(alias_rid, alias, &type))
- return NT_STATUS_NO_SUCH_ALIAS;
+ return NT_STATUS_NO_SUCH_ALIAS;
switch (q_u->switch_level) {
case 3:
@@ -1104,7 +1143,7 @@ uint32 _samr_lookup_names(pipes_struct *p, SAMR_Q_LOOKUP_NAMES *q_u, SAMR_R_LOOK
ZERO_ARRAY(rid);
ZERO_ARRAY(type);
- if (!get_lsa_policy_samr_sid(&q_u->pol, &pol_sid)) {
+ if (!get_lsa_policy_samr_sid(p, &q_u->pol, &pol_sid)) {
init_samr_r_lookup_names(p->mem_ctx, r_u, 0, NULL, NULL, NT_STATUS_OBJECT_TYPE_MISMATCH);
return r_u->status;
}
@@ -1135,7 +1174,7 @@ uint32 _samr_lookup_names(pipes_struct *p, SAMR_Q_LOOKUP_NAMES *q_u, SAMR_R_LOOK
}
}
- init_samr_r_lookup_names(p->mem_ctx, r_u, num_rids, rid, type, r_u->status);
+ init_samr_r_lookup_names(p->mem_ctx, r_u, num_rids, rid, (uint32 *)type, r_u->status);
DEBUG(5,("_samr_lookup_names: %d\n", __LINE__));
@@ -1227,7 +1266,7 @@ uint32 _samr_lookup_rids(pipes_struct *p, SAMR_Q_LOOKUP_RIDS *q_u, SAMR_R_LOOKUP
DEBUG(5,("_samr_lookup_rids: %d\n", __LINE__));
/* find the policy handle. open a policy on it. */
- if (!get_lsa_policy_samr_sid(&q_u->pol, &pol_sid))
+ if (!get_lsa_policy_samr_sid(p, &q_u->pol, &pol_sid))
return NT_STATUS_INVALID_HANDLE;
if (num_rids > MAX_SAM_ENTRIES) {
@@ -1274,50 +1313,45 @@ uint32 _samr_lookup_rids(pipes_struct *p, SAMR_Q_LOOKUP_RIDS *q_u, SAMR_R_LOOKUP
uint32 _api_samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN_USER *r_u)
{
- struct sam_passwd *sam_pass;
+ SAM_ACCOUNT *sampass;
DOM_SID sid;
POLICY_HND domain_pol = q_u->domain_pol;
uint32 user_rid = q_u->user_rid;
POLICY_HND *user_pol = &r_u->user_pol;
+ struct samr_info *info = NULL;
r_u->status = NT_STATUS_NO_PROBLEMO;
/* find the domain policy handle. */
- if (find_lsa_policy_by_hnd(&domain_pol) == -1)
+ if (!find_policy_by_hnd(p, &domain_pol, NULL))
return NT_STATUS_INVALID_HANDLE;
- /* get a (unique) handle. open a policy on it. */
- if (!open_lsa_policy_hnd(user_pol))
- return NT_STATUS_OBJECT_NAME_NOT_FOUND;
-
become_root();
- sam_pass = getsam21pwrid(user_rid);
+ sampass = pdb_getsampwrid(user_rid);
unbecome_root();
/* check that the RID exists in our domain. */
- if (sam_pass == NULL) {
- close_lsa_policy_hnd(user_pol);
+ if (sampass == NULL)
return NT_STATUS_NO_SUCH_USER;
- }
/* Get the domain SID stored in the domain policy */
- if(!get_lsa_policy_samr_sid(&domain_pol, &sid)) {
- close_lsa_policy_hnd(user_pol);
+ if(!get_lsa_policy_samr_sid(p, &domain_pol, &sid))
return NT_STATUS_INVALID_HANDLE;
- }
/* append the user's RID to it */
- if(!sid_append_rid(&sid, user_rid)) {
- close_lsa_policy_hnd(user_pol);
+ if(!sid_append_rid(&sid, user_rid))
return NT_STATUS_NO_SUCH_USER;
- }
- /* associate the user's SID with the handle. */
- if (!set_lsa_policy_samr_sid(user_pol, &sid)) {
- /* oh, whoops. don't know what error message to return, here */
- close_lsa_policy_hnd(user_pol);
+ /* associate the user's SID with the new handle. */
+ if ((info = (struct samr_info *)malloc(sizeof(struct samr_info))) == NULL)
+ return NT_STATUS_NO_MEMORY;
+
+ ZERO_STRUCTP(info);
+ info->sid = sid;
+
+ /* get a (unique) handle. open a policy on it. */
+ if (!create_policy_hnd(p, user_pol, free_samr_info, (void *)info))
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
- }
return r_u->status;
}
@@ -1328,7 +1362,7 @@ uint32 _api_samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN_U
static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, uint32 user_rid)
{
- struct smb_passwd *smb_pass;
+ SAM_ACCOUNT *smbpass;
if (!pdb_rid_is_user(user_rid)) {
DEBUG(4,("RID 0x%x is not a user RID\n", user_rid));
@@ -1336,18 +1370,17 @@ static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, uint32 user_rid)
}
become_root();
- smb_pass = getsmbpwrid(user_rid);
+ smbpass = pdb_getsampwrid(user_rid);
unbecome_root();
- if (smb_pass == NULL)
- {
+ if (smbpass == NULL) {
DEBUG(4,("User 0x%x not found\n", user_rid));
return False;
}
- DEBUG(3,("User:[%s]\n", smb_pass->smb_name));
+ DEBUG(3,("User:[%s]\n", pdb_get_username(smbpass) ));
- init_sam_user_info10(id10, smb_pass->acct_ctrl);
+ init_sam_user_info10(id10, pdb_get_acct_ctrl(smbpass) );
return True;
}
@@ -1358,23 +1391,23 @@ static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, uint32 user_rid)
static BOOL get_user_info_12(SAM_USER_INFO_12 * id12, uint32 user_rid)
{
- struct smb_passwd *smb_pass;
+ SAM_ACCOUNT *smbpass;
become_root();
- smb_pass = getsmbpwrid(user_rid);
+ smbpass = pdb_getsampwrid(user_rid);
unbecome_root();
- if (smb_pass == NULL) {
+ if (smbpass == NULL) {
DEBUG(4, ("User 0x%x not found\n", user_rid));
return False;
}
- DEBUG(3,("User:[%s] 0x%x\n", smb_pass->smb_name, smb_pass->acct_ctrl));
+ DEBUG(3,("User:[%s] 0x%x\n", pdb_get_username(smbpass), pdb_get_acct_ctrl(smbpass) ));
- if (smb_pass->acct_ctrl & ACB_DISABLED)
+ if ( pdb_get_acct_ctrl(smbpass) & ACB_DISABLED)
return False;
- init_sam_user_info12(id12, smb_pass->smb_passwd, smb_pass->smb_nt_passwd);
+ init_sam_user_info12(id12, pdb_get_lanman_passwd(smbpass), pdb_get_nt_passwd(smbpass));
return True;
}
@@ -1385,10 +1418,7 @@ static BOOL get_user_info_12(SAM_USER_INFO_12 * id12, uint32 user_rid)
static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid)
{
- NTTIME dummy_time;
- struct sam_passwd *sam_pass;
- LOGON_HRS hrs;
- int i;
+ SAM_ACCOUNT *sampass;
if (!pdb_rid_is_user(user_rid)) {
DEBUG(4,("RID 0x%x is not a user RID\n", user_rid));
@@ -1396,56 +1426,17 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid)
}
become_root();
- sam_pass = getsam21pwrid(user_rid);
+ sampass = pdb_getsampwrid(user_rid);
unbecome_root();
- if (sam_pass == NULL) {
+ if (sampass == NULL) {
DEBUG(4,("User 0x%x not found\n", user_rid));
return False;
}
- DEBUG(3,("User:[%s]\n", sam_pass->smb_name));
-
- dummy_time.low = 0xffffffff;
- dummy_time.high = 0x7fffffff;
-
- DEBUG(5,("get_user_info_21 - TODO: convert unix times to NTTIMEs\n"));
-
- /* create a LOGON_HRS structure */
- hrs.len = sam_pass->hours_len;
- SMB_ASSERT_ARRAY(hrs.hours, hrs.len);
- for (i = 0; i < hrs.len; i++)
- hrs.hours[i] = sam_pass->hours[i];
-
- init_sam_user_info21A(id21,
-
- &dummy_time, /* logon_time */
- &dummy_time, /* logoff_time */
- &dummy_time, /* kickoff_time */
- &dummy_time, /* pass_last_set_time */
- &dummy_time, /* pass_can_change_time */
- &dummy_time, /* pass_must_change_time */
-
- sam_pass->smb_name, /* user_name */
- sam_pass->full_name, /* full_name */
- sam_pass->home_dir, /* home_dir */
- sam_pass->dir_drive, /* dir_drive */
- sam_pass->logon_script, /* logon_script */
- sam_pass->profile_path, /* profile_path */
- sam_pass->acct_desc, /* description */
- sam_pass->workstations, /* workstations user can log in from */
- sam_pass->unknown_str, /* don't know, yet */
- sam_pass->munged_dial, /* dialin info. contains dialin path and tel no */
-
- sam_pass->user_rid, /* RID user_id */
- sam_pass->group_rid, /* RID group_id */
- sam_pass->acct_ctrl,
-
- sam_pass->unknown_3, /* unknown_3 */
- sam_pass->logon_divs, /* divisions per week */
- &hrs, /* logon hours */
- sam_pass->unknown_5,
- sam_pass->unknown_6);
+ DEBUG(3,("User:[%s]\n", pdb_get_username(sampass) ));
+
+ init_sam_user_info21A(id21, sampass);
return True;
}
@@ -1458,15 +1449,16 @@ uint32 _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_R_
{
SAM_USERINFO_CTR *ctr;
uint32 rid = 0;
+ struct samr_info *info = NULL;
r_u->status=NT_STATUS_NO_PROBLEMO;
/* search for the handle */
- if (find_lsa_policy_by_hnd(&q_u->pol) == -1)
+ if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info))
return NT_STATUS_INVALID_HANDLE;
/* find the user's rid */
- if ((rid = get_lsa_policy_samr_rid(&q_u->pol)) == 0xffffffff)
+ if ((rid = get_lsa_policy_samr_rid(info)) == 0xffffffff)
return NT_STATUS_OBJECT_TYPE_MISMATCH;
DEBUG(5,("_samr_query_userinfo: rid:0x%x\n", rid));
@@ -1554,27 +1546,28 @@ uint32 _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, SAM
int num_groups = 0;
pstring groups;
uint32 rid;
+ struct samr_info *info = NULL;
r_u->status = NT_STATUS_NO_PROBLEMO;
DEBUG(5,("_samr_query_usergroups: %d\n", __LINE__));
/* find the policy handle. open a policy on it. */
- if (find_lsa_policy_by_hnd(&q_u->pol) == -1)
+ if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info))
return NT_STATUS_INVALID_HANDLE;
/* find the user's rid */
- if ((rid = get_lsa_policy_samr_rid(&q_u->pol)) == 0xffffffff)
+ if ((rid = get_lsa_policy_samr_rid(info)) == 0xffffffff)
return NT_STATUS_OBJECT_TYPE_MISMATCH;
become_root();
- sam_pass = getsam21pwrid(rid);
+ sam_pass = pdb_getsampwrid(rid);
unbecome_root();
if (sam_pass == NULL)
return NT_STATUS_NO_SUCH_USER;
- get_domain_user_groups(groups, sam_pass->smb_name);
+ get_domain_user_groups(groups, pdb_get_username(sam_pass));
gids = NULL;
num_groups = make_dom_gids(p->mem_ctx, groups, &gids);
@@ -1593,7 +1586,6 @@ uint32 _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, SAM
uint32 _samr_query_dom_info(pipes_struct *p, SAMR_Q_QUERY_DOMAIN_INFO *q_u, SAMR_R_QUERY_DOMAIN_INFO *r_u)
{
SAM_UNK_CTR *ctr;
- uint16 switch_value = 0;
if ((ctr = (SAM_UNK_CTR *)talloc(p->mem_ctx, sizeof(SAM_UNK_CTR))) == NULL)
return NT_STATUS_NO_MEMORY;
@@ -1605,38 +1597,31 @@ uint32 _samr_query_dom_info(pipes_struct *p, SAMR_Q_QUERY_DOMAIN_INFO *q_u, SAMR
DEBUG(5,("_samr_query_dom_info: %d\n", __LINE__));
/* find the policy handle. open a policy on it. */
- if (find_lsa_policy_by_hnd(&q_u->domain_pol) == -1)
+ if (!find_policy_by_hnd(p, &q_u->domain_pol, NULL))
return NT_STATUS_INVALID_HANDLE;
switch (q_u->switch_value) {
case 0x01:
- switch_value = 0x1;
init_unk_info1(&ctr->info.inf1);
break;
case 0x02:
- switch_value = 0x2;
/* The time call below is to get a sequence number for the sam. FIXME !!! JRA. */
init_unk_info2(&ctr->info.inf2, global_myworkgroup, global_myname, (uint32) time(NULL));
break;
case 0x03:
- switch_value = 0x3;
init_unk_info3(&ctr->info.inf3);
break;
case 0x06:
- switch_value = 0x6;
init_unk_info6(&ctr->info.inf6);
break;
case 0x07:
- switch_value = 0x7;
init_unk_info7(&ctr->info.inf7);
break;
case 0x0c:
- switch_value = 0xc;
init_unk_info12(&ctr->info.inf12);
break;
default:
return NT_STATUS_INVALID_INFO_CLASS;
- break;
}
init_samr_r_query_dom_info(r_u, q_u->switch_value, ctr, NT_STATUS_NOPROBLEMO);
@@ -1652,7 +1637,7 @@ uint32 _samr_query_dom_info(pipes_struct *p, SAMR_Q_QUERY_DOMAIN_INFO *q_u, SAMR
uint32 _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CREATE_USER *r_u)
{
- struct sam_passwd *sam_pass;
+ SAM_ACCOUNT *sam_pass;
fstring mach_acct;
pstring err_str;
pstring msg_str;
@@ -1663,9 +1648,10 @@ uint32 _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CR
UNISTR2 user_account = q_u->uni_name;
uint16 acb_info = q_u->acb_info;
POLICY_HND *user_pol = &r_u->user_pol;
+ struct samr_info *info = NULL;
/* find the policy handle. open a policy on it. */
- if (find_lsa_policy_by_hnd(&dom_pol) == -1)
+ if (!find_policy_by_hnd(p, &dom_pol, NULL))
return NT_STATUS_INVALID_HANDLE;
/* find the machine account: tell the caller if it exists.
@@ -1678,17 +1664,13 @@ uint32 _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CR
strlower(mach_acct);
become_root();
- sam_pass = getsam21pwnam(mach_acct);
+ sam_pass = pdb_getsampwnam(mach_acct);
unbecome_root();
if (sam_pass != NULL) {
/* machine account exists: say so */
return NT_STATUS_USER_EXISTS;
}
- /* get a (unique) handle. open a policy on it. */
- if (!open_lsa_policy_hnd(user_pol))
- return NT_STATUS_OBJECT_NAME_NOT_FOUND;
-
local_flags=LOCAL_ADD_USER|LOCAL_DISABLE_USER|LOCAL_SET_NO_PASSWORD;
local_flags|= (acb_info & ACB_WSTRUST) ? LOCAL_TRUST_ACCOUNT:0;
@@ -1720,37 +1702,41 @@ uint32 _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CR
sizeof(err_str), msg_str, sizeof(msg_str)))
{
DEBUG(0, ("%s\n", err_str));
- close_lsa_policy_hnd(user_pol);
+ close_policy_hnd(p, user_pol);
return NT_STATUS_ACCESS_DENIED;
}
become_root();
- sam_pass = getsam21pwnam(mach_acct);
+ sam_pass = pdb_getsampwnam(mach_acct);
unbecome_root();
if (sam_pass == NULL) {
/* account doesn't exist: say so */
- close_lsa_policy_hnd(user_pol);
+ close_policy_hnd(p, user_pol);
return NT_STATUS_ACCESS_DENIED;
}
/* Get the domain SID stored in the domain policy */
- if(!get_lsa_policy_samr_sid(&dom_pol, &sid)) {
- close_lsa_policy_hnd(user_pol);
+ if(!get_lsa_policy_samr_sid(p, &dom_pol, &sid)) {
+ close_policy_hnd(p, user_pol);
return NT_STATUS_INVALID_HANDLE;
}
/* append the user's RID to it */
- if(!sid_append_rid(&sid, sam_pass->user_rid)) {
- close_lsa_policy_hnd(user_pol);
+ if(!sid_append_rid(&sid, pdb_get_user_rid(sam_pass) )) {
+ close_policy_hnd(p, user_pol);
return NT_STATUS_NO_SUCH_USER;
}
- /* associate the SID with the (unique) handle. */
- if (!set_lsa_policy_samr_sid(user_pol, &sid)) {
- /* oh, whoops. don't know what error message to return, here */
- close_lsa_policy_hnd(user_pol);
+ /* associate the user's SID with the new handle. */
+ if ((info = (struct samr_info *)malloc(sizeof(struct samr_info))) == NULL)
+ return NT_STATUS_NO_MEMORY;
+
+ ZERO_STRUCTP(info);
+ info->sid = sid;
+
+ /* get a (unique) handle. open a policy on it. */
+ if (!create_policy_hnd(p, user_pol, free_samr_info, (void *)info))
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
- }
r_u->user_rid=sam_pass->user_rid;
r_u->unknown_0 = 0x000703ff;
@@ -1764,19 +1750,22 @@ uint32 _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CR
uint32 _samr_connect_anon(pipes_struct *p, SAMR_Q_CONNECT_ANON *q_u, SAMR_R_CONNECT_ANON *r_u)
{
+ struct samr_info *info = NULL;
+
/* set up the SAMR connect_anon response */
r_u->status = NT_STATUS_NO_PROBLEMO;
- /* get a (unique) handle. open a policy on it. */
- if (!open_lsa_policy_hnd(&r_u->connect_pol))
- return NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ /* associate the user's SID with the new handle. */
+ if ((info = (struct samr_info *)malloc(sizeof(struct samr_info))) == NULL)
+ return NT_STATUS_NO_MEMORY;
+
+ ZERO_STRUCTP(info);
+ info->status = q_u->unknown_0;
- /* associate the domain SID with the (unique) handle. */
- if (!set_lsa_policy_samr_pol_status(&r_u->connect_pol, q_u->unknown_0)) {
- close_lsa_policy_hnd(&r_u->connect_pol);
+ /* get a (unique) handle. open a policy on it. */
+ if (!create_policy_hnd(p, &r_u->connect_pol, free_samr_info, (void *)info))
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
- }
return r_u->status;
}
@@ -1787,19 +1776,22 @@ uint32 _samr_connect_anon(pipes_struct *p, SAMR_Q_CONNECT_ANON *q_u, SAMR_R_CONN
uint32 _samr_connect(pipes_struct *p, SAMR_Q_CONNECT *q_u, SAMR_R_CONNECT *r_u)
{
+ struct samr_info *info = NULL;
+
DEBUG(5,("_samr_connect: %d\n", __LINE__));
r_u->status = NT_STATUS_NO_PROBLEMO;
- /* get a (unique) handle. open a policy on it. */
- if (!open_lsa_policy_hnd(&r_u->connect_pol))
- return NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ /* associate the user's SID with the new handle. */
+ if ((info = (struct samr_info *)malloc(sizeof(struct samr_info))) == NULL)
+ return NT_STATUS_NO_MEMORY;
+
+ ZERO_STRUCTP(info);
+ info->status = q_u->access_mask;
- /* associate the domain SID with the (unique) handle. */
- if (!set_lsa_policy_samr_pol_status(&r_u->connect_pol, q_u->access_mask)) {
- close_lsa_policy_hnd(&r_u->connect_pol);
+ /* get a (unique) handle. open a policy on it. */
+ if (!create_policy_hnd(p, &r_u->connect_pol, free_samr_info, (void *)info))
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
- }
DEBUG(5,("_samr_connect: %d\n", __LINE__));
@@ -1814,7 +1806,7 @@ uint32 _samr_lookup_domain(pipes_struct *p, SAMR_Q_LOOKUP_DOMAIN *q_u, SAMR_R_LO
{
r_u->status = NT_STATUS_NO_PROBLEMO;
- if (find_lsa_policy_by_hnd(&q_u->connect_pol) == -1)
+ if (!find_policy_by_hnd(p, &q_u->connect_pol, NULL))
return NT_STATUS_INVALID_HANDLE;
/* assume the domain name sent is our global_myname and
@@ -1894,41 +1886,37 @@ uint32 _api_samr_open_alias(pipes_struct *p, SAMR_Q_OPEN_ALIAS *q_u, SAMR_R_OPEN
POLICY_HND domain_pol = q_u->dom_pol;
uint32 alias_rid = q_u->rid_alias;
POLICY_HND *alias_pol = &r_u->pol;
+ struct samr_info *info = NULL;
r_u->status = NT_STATUS_NO_PROBLEMO;
/* get the domain policy. */
- if (find_lsa_policy_by_hnd(&domain_pol) == -1)
+ if (!find_policy_by_hnd(p, &domain_pol, NULL))
return NT_STATUS_INVALID_HANDLE;
- /* get a (unique) handle. open a policy on it. */
- if (!open_lsa_policy_hnd(alias_pol))
- return NT_STATUS_OBJECT_NAME_NOT_FOUND;
-
/* Get the domain SID stored in the domain policy */
- if(!get_lsa_policy_samr_sid(&domain_pol, &sid)) {
- close_lsa_policy_hnd(alias_pol);
+ if(!get_lsa_policy_samr_sid(p, &domain_pol, &sid))
return NT_STATUS_INVALID_HANDLE;
- }
+
+ /* append the alias' RID to it */
+ if(!sid_append_rid(&sid, alias_rid))
+ return NT_STATUS_NO_SUCH_USER;
/*
* we should check if the rid really exist !!!
* JFM.
*/
+ /* associate the user's SID with the new handle. */
+ if ((info = (struct samr_info *)malloc(sizeof(struct samr_info))) == NULL)
+ return NT_STATUS_NO_MEMORY;
- /* append the alias' RID to it */
- if(!sid_append_rid(&sid, alias_rid)) {
- close_lsa_policy_hnd(alias_pol);
- return NT_STATUS_NO_SUCH_USER;
- }
+ ZERO_STRUCTP(info);
+ info->sid = sid;
- /* associate a SID with the (unique) handle. */
- if (!set_lsa_policy_samr_sid(alias_pol, &sid)) {
- /* oh, whoops. don't know what error message to return, here */
- close_lsa_policy_hnd(alias_pol);
+ /* get a (unique) handle. open a policy on it. */
+ if (!create_policy_hnd(p, alias_pol, free_samr_info, (void *)info))
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
- }
return r_u->status;
}
@@ -1939,22 +1927,20 @@ uint32 _api_samr_open_alias(pipes_struct *p, SAMR_Q_OPEN_ALIAS *q_u, SAMR_R_OPEN
static BOOL set_user_info_10(const SAM_USER_INFO_10 *id10, uint32 rid)
{
- struct sam_passwd *pwd = getsam21pwrid(rid);
- struct sam_passwd new_pwd;
+ SAM_ACCOUNT *pwd = pdb_getsampwrid(rid);
if (id10 == NULL) {
DEBUG(5, ("set_user_info_10: NULL id10\n"));
return False;
}
- if (pwd == NULL)
+ pwd = pdb_getsampwrid(rid);
+ if (!pwd)
return False;
- copy_sam_passwd(&new_pwd, pwd);
-
- new_pwd.acct_ctrl = id10->acb_info;
+ pdb_set_acct_ctrl(pwd, id10->acb_info);
- if(!mod_sam21pwd_entry(&new_pwd, True))
+ if(!pdb_update_sam_account(pwd, True))
return False;
return True;
@@ -1966,31 +1952,22 @@ static BOOL set_user_info_10(const SAM_USER_INFO_10 *id10, uint32 rid)
static BOOL set_user_info_12(SAM_USER_INFO_12 *id12, uint32 rid)
{
- struct sam_passwd *pwd = getsam21pwrid(rid);
- struct sam_passwd new_pwd;
- static uchar nt_hash[16];
- static uchar lm_hash[16];
-
+ SAM_ACCOUNT *pwd = pdb_getsampwrid(rid);
+
if (pwd == NULL)
return False;
-
+
if (id12 == NULL) {
DEBUG(2, ("set_user_info_12: id12 is NULL\n"));
return False;
}
-
- pdb_init_sam(&new_pwd);
- copy_sam_passwd(&new_pwd, pwd);
-
- memcpy(nt_hash, id12->nt_pwd, sizeof(nt_hash));
- memcpy(lm_hash, id12->lm_pwd, sizeof(lm_hash));
-
- new_pwd.smb_passwd = lm_hash;
- new_pwd.smb_nt_passwd = nt_hash;
-
- if(!mod_sam21pwd_entry(&new_pwd, True))
+
+ pdb_set_lanman_passwd (pwd, id12->lm_pwd);
+ pdb_set_nt_passwd (pwd, id12->nt_pwd);
+
+ if(!pdb_update_sam_account(pwd, True))
return False;
-
+
return True;
}
@@ -1998,41 +1975,34 @@ static BOOL set_user_info_12(SAM_USER_INFO_12 *id12, uint32 rid)
set_user_info_21
********************************************************************/
-static BOOL set_user_info_21 (SAM_USER_INFO_21 *id21, uint32 rid)
+static BOOL set_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid)
{
- struct sam_passwd *pwd = getsam21pwrid(rid);
- struct sam_passwd new_pwd;
- static uchar nt_hash[16];
- static uchar lm_hash[16];
-
+ SAM_ACCOUNT *pwd = pdb_getsampwrid(rid);
+ SAM_ACCOUNT new_pwd;
+
if (id21 == NULL) {
DEBUG(5, ("set_user_info_21: NULL id21\n"));
return False;
}
-
+
if (pwd == NULL)
return False;
-
- pdb_init_sam(&new_pwd);
- /* we make a copy so that we can modify stuff */
+
+ /* we make a copy so that we can modify stuff */
copy_sam_passwd(&new_pwd, pwd);
copy_id21_to_sam_passwd(&new_pwd, id21);
-
- if (pwd->smb_nt_passwd != NULL) {
- memcpy(nt_hash, pwd->smb_nt_passwd, 16);
- new_pwd.smb_nt_passwd = nt_hash;
- } else
- new_pwd.smb_nt_passwd = NULL;
-
- if (pwd->smb_nt_passwd != NULL) {
- memcpy(lm_hash, pwd->smb_passwd, 16);
- new_pwd.smb_passwd = lm_hash;
- } else
- new_pwd.smb_passwd = NULL;
-
- if(!mod_sam21pwd_entry(&new_pwd, True))
+
+ /*
+ * The funny part about the previous two calls is
+ * that pwd still has the password hashes from the
+ * passdb entry. These have not been updated from
+ * id21. I don't know if they need to be set. --jerry
+ */
+
+ /* write the change out */
+ if(!pdb_update_sam_account(&new_pwd, True))
return False;
-
+
return True;
}
@@ -2042,52 +2012,54 @@ static BOOL set_user_info_21 (SAM_USER_INFO_21 *id21, uint32 rid)
static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
{
- struct sam_passwd *pwd = getsam21pwrid(rid);
- struct sam_passwd new_pwd;
- static uchar nt_hash[16];
- static uchar lm_hash[16];
- pstring buf;
- uint32 len;
-
- if (id23 == NULL) {
- DEBUG(5, ("set_user_info_23: NULL id23\n"));
- return False;
- }
-
- if (pwd == NULL)
- return False;
-
- pdb_init_sam(&new_pwd);
- copy_sam_passwd(&new_pwd, pwd);
- copy_id23_to_sam_passwd(&new_pwd, id23);
-
- memset(buf, 0, sizeof(pstring));
-
- if (!decode_pw_buffer((char*)id23->pass, buf, 256, &len, nt_hash, lm_hash))
- return False;
-
- new_pwd.smb_passwd = lm_hash;
- new_pwd.smb_nt_passwd = nt_hash;
+ SAM_ACCOUNT *pwd = pdb_getsampwrid(rid);
+ SAM_ACCOUNT new_pwd;
+ BYTE nt_hash[16];
+ BYTE lm_hash[16];
+ pstring buf;
+ uint32 len;
+ uint16 acct_ctrl;
+
+ if (id23 == NULL) {
+ DEBUG(5, ("set_user_info_23: NULL id23\n"));
+ return False;
+ }
+
+ if (pwd == NULL)
+ return False;
+
+ acct_ctrl = pdb_get_acct_ctrl(pwd);
+ copy_sam_passwd(&new_pwd, pwd);
+ copy_id23_to_sam_passwd(&new_pwd, id23);
+
+ if (!decode_pw_buffer((char*)id23->pass, buf, 256, &len))
+ return False;
+
+ nt_lm_owf_gen(buf, nt_hash, lm_hash);
+
+ pdb_set_lanman_passwd (&new_pwd, lm_hash);
+ pdb_set_nt_passwd (&new_pwd, nt_hash);
+
/* if it's a trust account, don't update /etc/passwd */
- if ( ( (new_pwd.acct_ctrl & ACB_DOMTRUST) == ACB_DOMTRUST ) ||
- ( (new_pwd.acct_ctrl & ACB_WSTRUST) == ACB_WSTRUST) ||
- ( (new_pwd.acct_ctrl & ACB_SVRTRUST) == ACB_SVRTRUST) ) {
+ if ( ( (acct_ctrl & ACB_DOMTRUST) == ACB_DOMTRUST ) ||
+ ( (acct_ctrl & ACB_WSTRUST) == ACB_WSTRUST) ||
+ ( (acct_ctrl & ACB_SVRTRUST) == ACB_SVRTRUST) ) {
DEBUG(5, ("Changing trust account password, not updating /etc/passwd\n"));
- } else {
-
+ } else {
+ /* update the UNIX password */
/* update the UNIX password */
if (lp_unix_password_sync() )
- if(!chgpasswd(new_pwd.smb_name, "", buf, True))
+ if(!chgpasswd(pdb_get_username(&new_pwd), "", buf, True))
return False;
}
-
- memset(buf, 0, sizeof(buf));
-
- if(!mod_sam21pwd_entry(&new_pwd, True))
- return False;
-
- return True;
+
+ memset(buf, 0, sizeof(buf));
+
+ if(!pdb_update_sam_account(&new_pwd, True))
+ return False;
+
+ return True;
}
/*******************************************************************
@@ -2096,49 +2068,51 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
static BOOL set_user_info_24(SAM_USER_INFO_24 *id24, uint32 rid)
{
- struct sam_passwd *pwd = getsam21pwrid(rid);
- struct sam_passwd new_pwd;
- static uchar nt_hash[16];
- static uchar lm_hash[16];
+ SAM_ACCOUNT *pwd = pdb_getsampwrid(rid);
+ uchar nt_hash[16];
+ uchar lm_hash[16];
uint32 len;
pstring buf;
-
+ uint16 acct_ctrl;
+
if (pwd == NULL)
return False;
+
+ acct_ctrl = pdb_get_acct_ctrl(pwd);
- pdb_init_sam(&new_pwd);
- copy_sam_passwd(&new_pwd, pwd);
-
- memset(buf, 0, sizeof(pstring));
-
- if (!decode_pw_buffer((char*)id24->pass, buf, 256, &len, nt_hash, lm_hash))
+ memset(buf, 0, sizeof(buf));
+
+ if (!decode_pw_buffer((char*)id24->pass, buf, 256, &len))
return False;
-
- new_pwd.smb_passwd = lm_hash;
- new_pwd.smb_nt_passwd = nt_hash;
-
+
+ DEBUG(5,("set_user_info_24:nt_lm_owf_gen\n"));
+
+ nt_lm_owf_gen(buf, nt_hash, lm_hash);
+
+ pdb_set_lanman_passwd (pwd, lm_hash);
+ pdb_set_nt_passwd (pwd, nt_hash);
+
/* if it's a trust account, don't update /etc/passwd */
- if ( ( (new_pwd.acct_ctrl & ACB_DOMTRUST) == ACB_DOMTRUST ) ||
- ( (new_pwd.acct_ctrl & ACB_WSTRUST) == ACB_WSTRUST) ||
- ( (new_pwd.acct_ctrl & ACB_SVRTRUST) == ACB_SVRTRUST) ) {
+ if ( ( (acct_ctrl & ACB_DOMTRUST) == ACB_DOMTRUST ) ||
+ ( (acct_ctrl & ACB_WSTRUST) == ACB_WSTRUST) ||
+ ( (acct_ctrl & ACB_SVRTRUST) == ACB_SVRTRUST) ) {
DEBUG(5, ("Changing trust account password, not updating /etc/passwd\n"));
} else {
-
/* update the UNIX password */
- if (lp_unix_password_sync() )
- if(!chgpasswd(new_pwd.smb_name, "", buf, True))
+ if (lp_unix_password_sync())
+ if(!chgpasswd(pdb_get_username(pwd), "", buf, True))
return False;
}
-
- memset(buf, 0, sizeof(buf));
-
- DEBUG(5,("set_user_info_24: pdb_update_sam_account()\n"));
-
- /* update the SAMBA password */
- if(!mod_sam21pwd_entry(&new_pwd, True))
- return False;
-
- return True;
+
+ memset(buf, 0, sizeof(buf));
+
+ DEBUG(0,("set_user_info_24: pdb_update_sam_account()\n"));
+
+ /* update the SAMBA password */
+ if(!pdb_update_sam_account(pwd, True))
+ return False;
+
+ return True;
}
/*******************************************************************
@@ -2150,7 +2124,7 @@ uint32 _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SET_
uint32 rid = 0x0;
DOM_SID sid;
struct current_user user;
- struct smb_passwd *smb_pass;
+ SAM_ACCOUNT *sam_pass;
unsigned char sess_key[16];
POLICY_HND *pol = &q_u->pol;
uint16 switch_value = q_u->switch_value;
@@ -2167,12 +2141,8 @@ uint32 _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SET_
memcpy(&user, &current_user, sizeof(user));
}
- /* search for the handle */
- if (find_lsa_policy_by_hnd(pol) == -1)
- return NT_STATUS_INVALID_HANDLE;
-
/* find the policy handle. open a policy on it. */
- if (!get_lsa_policy_samr_sid(pol, &sid))
+ if (!get_lsa_policy_samr_sid(p, pol, &sid))
return NT_STATUS_INVALID_HANDLE;
sid_split_rid(&sid, &rid);
@@ -2192,15 +2162,15 @@ uint32 _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SET_
*/
become_root();
- smb_pass = getsmbpwuid(user.uid);
+ sam_pass = pdb_getsampwuid(user.uid);
unbecome_root();
- if(smb_pass == NULL) {
+ if(sam_pass == NULL) {
DEBUG(0,("_samr_set_userinfo: Unable to get smbpasswd entry for uid %u\n", (unsigned int)user.uid ));
return NT_STATUS_ACCESS_DENIED;
}
memset(sess_key, '\0', 16);
- mdfour(sess_key, smb_pass->smb_nt_passwd, 16);
+ mdfour(sess_key, pdb_get_nt_passwd(sam_pass), 16);
/* ok! user info levels (lots: see MSDEV help), off we go... */
switch (switch_value) {
@@ -2236,7 +2206,7 @@ uint32 _samr_set_userinfo2(pipes_struct *p, SAMR_Q_SET_USERINFO2 *q_u, SAMR_R_SE
{
DOM_SID sid;
uint32 rid = 0x0;
- SAM_USERINFO_CTR *ctr = NULL;
+ SAM_USERINFO_CTR *ctr = q_u->ctr;
POLICY_HND *pol = &q_u->pol;
uint16 switch_value = q_u->switch_value;
@@ -2244,18 +2214,8 @@ uint32 _samr_set_userinfo2(pipes_struct *p, SAMR_Q_SET_USERINFO2 *q_u, SAMR_R_SE
r_u->status = NT_STATUS_NOPROBLEMO;
- ctr = (SAM_USERINFO_CTR *)talloc(p->mem_ctx, sizeof(SAM_USERINFO_CTR));
- if (!ctr)
- return NT_STATUS_NO_MEMORY;
-
- q_u->ctr = ctr;
-
- /* search for the handle */
- if (find_lsa_policy_by_hnd(pol) == -1)
- return NT_STATUS_INVALID_HANDLE;
-
/* find the policy handle. open a policy on it. */
- if (!get_lsa_policy_samr_sid(pol, &sid))
+ if (!get_lsa_policy_samr_sid(p, pol, &sid))
return NT_STATUS_INVALID_HANDLE;
sid_split_rid(&sid, &rid);
@@ -2267,7 +2227,7 @@ uint32 _samr_set_userinfo2(pipes_struct *p, SAMR_Q_SET_USERINFO2 *q_u, SAMR_R_SE
return NT_STATUS_INVALID_INFO_CLASS;
}
- ctr->switch_value = switch_value;
+ switch_value=ctr->switch_value;
/* ok! user info levels (lots: see MSDEV help), off we go... */
switch (switch_value) {
diff --git a/source3/rpc_server/srv_spoolss.c b/source3/rpc_server/srv_spoolss.c
index 0cb72232f2..126581ba80 100755
--- a/source3/rpc_server/srv_spoolss.c
+++ b/source3/rpc_server/srv_spoolss.c
@@ -1,4 +1,3 @@
-#define OLD_NTDOMAIN 1
/*
* Unix SMB/Netbios implementation.
* Version 1.9.
@@ -249,7 +248,11 @@ static BOOL api_spoolss_rffpcnex(pipes_struct *p)
* api_spoolss_rfnpcnex
* ReplyFindNextPrinterChangeNotifyEx
* called from the spoolss dispatcher
- *
+
+ * Note - this is the *ONLY* function that breaks the RPC call
+ * symmetry in all the other calls. We need to do this to fix
+ * the massive memory allocation problem with thousands of jobs...
+ * JRA.
********************************************************************/
static BOOL api_spoolss_rfnpcnex(pipes_struct *p)
@@ -1188,5 +1191,3 @@ BOOL api_spoolss_rpc(pipes_struct *p)
{
return api_rpcTNP(p, "api_spoolss_rpc", api_spoolss_cmds);
}
-
-#undef OLD_NTDOMAIN
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index 0fb38b84db..9fcf9930bf 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -1,4 +1,3 @@
-#define OLD_NTDOMAIN 1
/*
* Unix SMB/Netbios implementation.
* Version 1.9.
@@ -40,14 +39,9 @@ extern pstring global_myname;
/* and the notify info asked about */
/* that's the central struct */
typedef struct _Printer{
- ubi_dlNode Next;
- ubi_dlNode Prev;
-
- BOOL open;
BOOL document_started;
BOOL page_started;
int jobid; /* jobid in printing backend */
- POLICY_HND printer_hnd;
BOOL printer_type;
union {
fstring handlename;
@@ -78,14 +72,12 @@ typedef struct _counter_printer_0 {
uint32 counter;
} counter_printer_0;
-static ubi_dlList Printer_list;
static ubi_dlList counter_list;
static struct cli_state cli;
static uint32 smb_connections=0;
-#define OPEN_HANDLE(pnum) ((pnum!=NULL) && (pnum->open!=False) && (IVAL(pnum->printer_hnd.data5,4)==(uint32)sys_getpid()))
-#define OUR_HANDLE(pnum) ((pnum==NULL)?"NULL":(IVAL(pnum->data5,4)==(uint32)sys_getpid()?"OURS":"OTHER"))
+#define OUR_HANDLE(hnd) ((hnd==NULL)?"NULL":(IVAL(hnd->data5,4)==(uint32)sys_getpid()?"OURS":"OTHER"))
/* translate between internal status numbers and NT status numbers */
static int nt_printj_status(int v)
@@ -151,6 +143,56 @@ static void free_spool_notify_option(SPOOL_NOTIFY_OPTION **pp)
free(sp);
}
+/***************************************************************************
+ Disconnect from the client
+****************************************************************************/
+
+static void srv_spoolss_replycloseprinter(POLICY_HND *handle)
+{
+ uint32 status;
+
+ /* weird if the test succeds !!! */
+ if (smb_connections==0) {
+ DEBUG(0,("srv_spoolss_replycloseprinter:Trying to close non-existant notify backchannel !\n"));
+ return;
+ }
+
+ if(!cli_spoolss_reply_close_printer(&cli, handle, &status))
+ DEBUG(0,("srv_spoolss_replycloseprinter: reply_close_printer failed.\n"));
+
+ /* if it's the last connection, deconnect the IPC$ share */
+ if (smb_connections==1) {
+ if(!spoolss_disconnect_from_client(&cli))
+ return;
+
+ message_deregister(MSG_PRINTER_NOTIFY);
+ }
+
+ smb_connections--;
+}
+
+/****************************************************************************
+ Functions to free a printer entry datastruct.
+****************************************************************************/
+
+static void free_printer_entry(void *ptr)
+{
+ Printer_entry *Printer = (Printer_entry *)ptr;
+
+ if (Printer->notify.client_connected==True)
+ srv_spoolss_replycloseprinter(&Printer->notify.client_hnd);
+
+ Printer->notify.flags=0;
+ Printer->notify.options=0;
+ Printer->notify.localmachine[0]='\0';
+ Printer->notify.printerlocal=0;
+ free_spool_notify_option(&Printer->notify.option);
+ Printer->notify.option=NULL;
+ Printer->notify.client_connected=False;
+
+ safe_free(Printer);
+}
+
/****************************************************************************
Functions to duplicate a SPOOL_NOTIFY_OPTION struct stored in Printer_entry.
****************************************************************************/
@@ -181,15 +223,6 @@ SPOOL_NOTIFY_OPTION *dup_spool_notify_option(SPOOL_NOTIFY_OPTION *sp)
}
/****************************************************************************
- initialise printer handle states...
-****************************************************************************/
-void init_printer_hnd(void)
-{
- ubi_dlInitList(&Printer_list);
- ubi_dlInitList(&counter_list);
-}
-
-/****************************************************************************
Return a user struct for a pipe user.
****************************************************************************/
@@ -206,108 +239,35 @@ static struct current_user *get_current_user(struct current_user *user, pipes_st
}
/****************************************************************************
- create a unique printer handle
-****************************************************************************/
-static void create_printer_hnd(POLICY_HND *hnd)
-{
- static uint32 prt_hnd_low = 0;
- static uint32 prt_hnd_high = 0;
-
- if (hnd == NULL) return;
-
- create_policy_handle(hnd, &prt_hnd_low, &prt_hnd_high);
-}
-
-/****************************************************************************
find printer index by handle
****************************************************************************/
-static Printer_entry *find_printer_index_by_hnd(const POLICY_HND *hnd)
-{
- Printer_entry *find_printer;
- find_printer = (Printer_entry *)ubi_dlFirst(&Printer_list);
-
- for(; find_printer; find_printer = (Printer_entry *)ubi_dlNext(find_printer)) {
-
- if (memcmp(&(find_printer->printer_hnd), hnd, sizeof(*hnd)) == 0) {
- DEBUG(4,("Found printer handle \n"));
- /*dump_data(4, hnd->data, sizeof(hnd->data));*/
- return find_printer;
- }
- }
-
- DEBUG(3,("Whoops, Printer handle not found: "));
- /*dump_data(4, hnd->data, sizeof(hnd->data));*/
- return NULL;
-}
-
-/****************************************************************************
- clear an handle
-****************************************************************************/
-static void clear_handle(POLICY_HND *hnd)
-{
- ZERO_STRUCTP(hnd);
-}
-
-/***************************************************************************
- Disconnect from the client
-****************************************************************************/
-static BOOL srv_spoolss_replycloseprinter(POLICY_HND *handle)
+static Printer_entry *find_printer_index_by_hnd(pipes_struct *p, POLICY_HND *hnd)
{
- uint32 status;
-
- /* weird if the test succeds !!! */
- if (smb_connections==0) {
- DEBUG(0,("srv_spoolss_replycloseprinter:Trying to close non-existant notify backchannel !\n"));
- return False;
- }
-
- if(!cli_spoolss_reply_close_printer(&cli, handle, &status))
- return False;
-
- /* if it's the last connection, deconnect the IPC$ share */
- if (smb_connections==1) {
- if(!spoolss_disconnect_from_client(&cli))
- return False;
+ Printer_entry *find_printer = NULL;
- message_deregister(MSG_PRINTER_NOTIFY);
+ if(!find_policy_by_hnd(p,hnd,(void **)&find_printer)) {
+ DEBUG(3,("find_printer_index_by_hnd: Printer handle not found: "));
+ return NULL;
}
- smb_connections--;
-
- return True;
+ return find_printer;
}
/****************************************************************************
close printer index by handle
****************************************************************************/
-static BOOL close_printer_handle(POLICY_HND *hnd)
+
+static BOOL close_printer_handle(pipes_struct *p, POLICY_HND *hnd)
{
- Printer_entry *Printer = find_printer_index_by_hnd(hnd);
+ Printer_entry *Printer = find_printer_index_by_hnd(p, hnd);
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("close_printer_handle: Invalid handle (%s)\n", OUR_HANDLE(hnd)));
return False;
}
- if (Printer->notify.client_connected==True)
- if(!srv_spoolss_replycloseprinter(&Printer->notify.client_hnd))
- return ERROR_INVALID_HANDLE;
-
- Printer->open=False;
- Printer->notify.flags=0;
- Printer->notify.options=0;
- Printer->notify.localmachine[0]='\0';
- Printer->notify.printerlocal=0;
- free_spool_notify_option(&Printer->notify.option);
- Printer->notify.option=NULL;
- Printer->notify.client_connected=False;
-
- clear_handle(hnd);
-
- ubi_dlRemThis(&Printer_list, Printer);
-
- safe_free(Printer);
+ close_policy_hnd(p, hnd);
return True;
}
@@ -315,11 +275,11 @@ static BOOL close_printer_handle(POLICY_HND *hnd)
/****************************************************************************
delete a printer given a handle
****************************************************************************/
-static uint32 delete_printer_handle(POLICY_HND *hnd)
+static uint32 delete_printer_handle(pipes_struct *p, POLICY_HND *hnd)
{
- Printer_entry *Printer = find_printer_index_by_hnd(hnd);
+ Printer_entry *Printer = find_printer_index_by_hnd(p, hnd);
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("delete_printer_handle: Invalid handle (%s)\n", OUR_HANDLE(hnd)));
return ERROR_INVALID_HANDLE;
}
@@ -387,11 +347,11 @@ static uint32 delete_printer_handle(POLICY_HND *hnd)
/****************************************************************************
return the snum of a printer corresponding to an handle
****************************************************************************/
-static BOOL get_printer_snum(POLICY_HND *hnd, int *number)
+static BOOL get_printer_snum(pipes_struct *p, POLICY_HND *hnd, int *number)
{
- Printer_entry *Printer = find_printer_index_by_hnd(hnd);
+ Printer_entry *Printer = find_printer_index_by_hnd(p, hnd);
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("get_printer_snum: Invalid handle (%s)\n", OUR_HANDLE(hnd)));
return False;
}
@@ -411,11 +371,11 @@ static BOOL get_printer_snum(POLICY_HND *hnd, int *number)
/****************************************************************************
set printer handle type.
****************************************************************************/
-static BOOL set_printer_hnd_accesstype(POLICY_HND *hnd, uint32 access_required)
+static BOOL set_printer_hnd_accesstype(pipes_struct *p, POLICY_HND *hnd, uint32 access_required)
{
- Printer_entry *Printer = find_printer_index_by_hnd(hnd);
+ Printer_entry *Printer = find_printer_index_by_hnd(p, hnd);
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("set_printer_hnd_accesstype: Invalid handle (%s)", OUR_HANDLE(hnd)));
return False;
}
@@ -581,38 +541,35 @@ static BOOL set_printer_hnd_name(Printer_entry *Printer, char *handlename)
find first available printer slot. creates a printer handle for you.
****************************************************************************/
-static BOOL open_printer_hnd(POLICY_HND *hnd, char *name)
+static BOOL open_printer_hnd(pipes_struct *p, POLICY_HND *hnd, char *name)
{
Printer_entry *new_printer;
DEBUG(10,("open_printer_hnd: name [%s]\n", name));
- clear_handle(hnd);
- create_printer_hnd(hnd);
if((new_printer=(Printer_entry *)malloc(sizeof(Printer_entry))) == NULL)
return False;
ZERO_STRUCTP(new_printer);
- new_printer->open = True;
new_printer->notify.option=NULL;
- memcpy(&new_printer->printer_hnd, hnd, sizeof(*hnd));
-
- ubi_dlAddHead( &Printer_list, (ubi_dlNode *)new_printer);
+ if (!create_policy_hnd(p, hnd, free_printer_entry, new_printer)) {
+ safe_free(new_printer);
+ return False;
+ }
if (!set_printer_hnd_printertype(new_printer, name)) {
- close_printer_handle(hnd);
+ close_printer_handle(p, hnd);
return False;
}
if (!set_printer_hnd_name(new_printer, name)) {
- close_printer_handle(hnd);
+ close_printer_handle(p, hnd);
return False;
}
- DEBUG(5, ("%d printer handles active\n",
- (int)ubi_dlCount(&Printer_list)));
+ DEBUG(5, ("%d printer handles active\n", (int)p->pipe_handles.count ));
return True;
}
@@ -620,11 +577,12 @@ static BOOL open_printer_hnd(POLICY_HND *hnd, char *name)
/********************************************************************
Return True is the handle is a print server.
********************************************************************/
-static BOOL handle_is_printserver(const POLICY_HND *handle)
+
+static BOOL handle_is_printserver(pipes_struct *p, POLICY_HND *handle)
{
- Printer_entry *Printer=find_printer_index_by_hnd(handle);
+ Printer_entry *Printer=find_printer_index_by_hnd(p,handle);
- if (!OPEN_HANDLE(Printer))
+ if (!Printer)
return False;
if (Printer->printer_type != PRINTER_HANDLE_IS_PRINTSERVER)
@@ -670,11 +628,12 @@ static BOOL alloc_buffer_size(NEW_BUFFER *buffer, uint32 buffer_size)
/***************************************************************************
receive the notify message
****************************************************************************/
+
void srv_spoolss_receive_message(int msg_type, pid_t src, void *buf, size_t len)
{
fstring printer;
uint32 status;
- Printer_entry *find_printer;
+ struct pipes_struct *p;
*printer = '\0';
fstrcpy(printer,buf);
@@ -686,36 +645,45 @@ void srv_spoolss_receive_message(int msg_type, pid_t src, void *buf, size_t len)
DEBUG(10,("srv_spoolss_receive_message: Got message about printer %s\n", printer ));
- find_printer = (Printer_entry *)ubi_dlFirst(&Printer_list);
+ /* We need to enumerate all our pipes and all printers on them. */
+ for ( p = get_first_pipe(); p; get_next_pipe(p)) {
+ struct policy *pol;
- /* Iterate the printer list. */
- for(; find_printer; find_printer = (Printer_entry *)ubi_dlNext(find_printer)) {
+ if (!strequal(p->name, "spoolss"))
+ continue;
- /*
- * if the entry is the given printer or if it's a printerserver
- * we send the message
- */
+ /* Iterate the printer list on this pipe. */
+ for (pol = p->pipe_handles.Policy; pol; pol = pol->next ) {
+ Printer_entry *find_printer = (Printer_entry *)pol->data_ptr;
- if (find_printer->printer_type==PRINTER_HANDLE_IS_PRINTER)
- if (strcmp(find_printer->dev.handlename, printer))
+ if (!find_printer)
continue;
- if (find_printer->notify.client_connected==True)
- cli_spoolss_reply_rrpcn(&cli, &find_printer->notify.client_hnd, PRINTER_CHANGE_ALL, 0x0, &status);
+ /*
+ * if the entry is the given printer or if it's a printerserver
+ * we send the message
+ */
+
+ if (find_printer->printer_type==PRINTER_HANDLE_IS_PRINTER)
+ if (strcmp(find_printer->dev.handlename, printer))
+ continue;
+ if (find_printer->notify.client_connected==True)
+ cli_spoolss_reply_rrpcn(&cli, &find_printer->notify.client_hnd, PRINTER_CHANGE_ALL, 0x0, &status);
+ }
}
}
/***************************************************************************
send a notify event
****************************************************************************/
-static BOOL srv_spoolss_sendnotify(POLICY_HND *handle)
+static BOOL srv_spoolss_sendnotify(pipes_struct *p, POLICY_HND *handle)
{
fstring printer;
- Printer_entry *Printer=find_printer_index_by_hnd(handle);
+ Printer_entry *Printer=find_printer_index_by_hnd(p, handle);
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("srv_spoolss_sendnotify: Invalid handle (%s).\n", OUR_HANDLE(handle)));
return False;
}
@@ -767,7 +735,7 @@ uint32 _spoolss_open_printer_ex( pipes_struct *p, SPOOL_Q_OPEN_PRINTER_EX *q_u,
DEBUGADD(3,("checking name: %s\n",name));
- if (!open_printer_hnd(handle, name))
+ if (!open_printer_hnd(p, handle, name))
return ERROR_INVALID_PRINTER_NAME;
/*
@@ -780,8 +748,8 @@ uint32 _spoolss_open_printer_ex( pipes_struct *p, SPOOL_Q_OPEN_PRINTER_EX *q_u,
set_printer_hnd_datatype(handle, "");
*/
- if (!set_printer_hnd_accesstype(handle, printer_default->access_required)) {
- close_printer_handle(handle);
+ if (!set_printer_hnd_accesstype(p, handle, printer_default->access_required)) {
+ close_printer_handle(p, handle);
return ERROR_ACCESS_DENIED;
}
@@ -810,7 +778,7 @@ uint32 _spoolss_open_printer_ex( pipes_struct *p, SPOOL_Q_OPEN_PRINTER_EX *q_u,
get_current_user(&user, p);
- if (handle_is_printserver(handle)) {
+ if (handle_is_printserver(p, handle)) {
if (printer_default->access_required == 0) {
return NT_STATUS_NO_PROBLEMO;
}
@@ -820,14 +788,14 @@ uint32 _spoolss_open_printer_ex( pipes_struct *p, SPOOL_Q_OPEN_PRINTER_EX *q_u,
snum = -1;
if (!lp_ms_add_printer_wizard()) {
- close_printer_handle(handle);
+ close_printer_handle(p, handle);
return ERROR_ACCESS_DENIED;
}
else if (user.uid == 0 || user_in_list(uidtoname(user.uid), lp_printer_admin(snum))) {
return NT_STATUS_NO_PROBLEMO;
}
else {
- close_printer_handle(handle);
+ close_printer_handle(p, handle);
return ERROR_ACCESS_DENIED;
}
}
@@ -837,7 +805,7 @@ uint32 _spoolss_open_printer_ex( pipes_struct *p, SPOOL_Q_OPEN_PRINTER_EX *q_u,
/* NT doesn't let us connect to a printer if the connecting user
doesn't have print permission. */
- if (!get_printer_snum(handle, &snum))
+ if (!get_printer_snum(p, handle, &snum))
return ERROR_INVALID_HANDLE;
/* map an empty access mask to the minimum access mask */
@@ -846,7 +814,7 @@ uint32 _spoolss_open_printer_ex( pipes_struct *p, SPOOL_Q_OPEN_PRINTER_EX *q_u,
if (!print_access_check(&user, snum, printer_default->access_required)) {
DEBUG(3, ("access DENIED for printer open\n"));
- close_printer_handle(handle);
+ close_printer_handle(p, handle);
return ERROR_ACCESS_DENIED;
}
@@ -919,7 +887,7 @@ uint32 _spoolss_open_printer_ex( pipes_struct *p, SPOOL_Q_OPEN_PRINTER_EX *q_u,
if (printer_default->devmode_cont.devmode != NULL) {
result = printer_write_default_dev( snum, printer_default);
if (result != 0) {
- close_printer_handle(handle);
+ close_printer_handle(p, handle);
return result;
}
}
@@ -1038,11 +1006,11 @@ BOOL convert_devicemode(char *printername, const DEVICEMODE *devmode,
* _spoolss_enddocprinter_internal.
********************************************************************/
-static uint32 _spoolss_enddocprinter_internal(POLICY_HND *handle)
+static uint32 _spoolss_enddocprinter_internal(pipes_struct *p, POLICY_HND *handle)
{
- Printer_entry *Printer=find_printer_index_by_hnd(handle);
+ Printer_entry *Printer=find_printer_index_by_hnd(p, handle);
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("_spoolss_enddocprinter_internal: Invalid handle (%s)\n", OUR_HANDLE(handle)));
return ERROR_INVALID_HANDLE;
}
@@ -1062,14 +1030,14 @@ uint32 _spoolss_closeprinter(pipes_struct *p, SPOOL_Q_CLOSEPRINTER *q_u, SPOOL_R
{
POLICY_HND *handle = &q_u->handle;
- Printer_entry *Printer=find_printer_index_by_hnd(handle);
+ Printer_entry *Printer=find_printer_index_by_hnd(p, handle);
if (Printer && Printer->document_started)
- _spoolss_enddocprinter_internal(handle); /* print job was not closed */
+ _spoolss_enddocprinter_internal(p, handle); /* print job was not closed */
memcpy(&r_u->handle, &q_u->handle, sizeof(r_u->handle));
- if (!close_printer_handle(handle))
+ if (!close_printer_handle(p, handle))
return ERROR_INVALID_HANDLE;
return NT_STATUS_NO_PROBLEMO;
@@ -1084,18 +1052,18 @@ uint32 _spoolss_deleteprinter(pipes_struct *p, SPOOL_Q_DELETEPRINTER *q_u, SPOOL
{
POLICY_HND *handle = &q_u->handle;
- Printer_entry *Printer=find_printer_index_by_hnd(handle);
+ Printer_entry *Printer=find_printer_index_by_hnd(p, handle);
uint32 result;
if (Printer && Printer->document_started)
- _spoolss_enddocprinter_internal(handle); /* print job was not closed */
+ _spoolss_enddocprinter_internal(p, handle); /* print job was not closed */
memcpy(&r_u->handle, &q_u->handle, sizeof(r_u->handle));
- result = delete_printer_handle(handle);
+ result = delete_printer_handle(p, handle);
if (result == ERROR_SUCCESS) {
- srv_spoolss_sendnotify(handle);
+ srv_spoolss_sendnotify(p, handle);
}
return result;
@@ -1182,7 +1150,7 @@ static BOOL getprinterdata_printer_server(TALLOC_CTX *ctx, fstring value, uint32
/********************************************************************
GetPrinterData on a printer Handle.
********************************************************************/
-static BOOL getprinterdata_printer(TALLOC_CTX *ctx, POLICY_HND *handle,
+static BOOL getprinterdata_printer(pipes_struct *p, TALLOC_CTX *ctx, POLICY_HND *handle,
fstring value, uint32 *type,
uint8 **data, uint32 *needed, uint32 in_size )
{
@@ -1190,16 +1158,16 @@ static BOOL getprinterdata_printer(TALLOC_CTX *ctx, POLICY_HND *handle,
int snum=0;
uint8 *idata=NULL;
uint32 len;
- Printer_entry *Printer = find_printer_index_by_hnd(handle);
+ Printer_entry *Printer = find_printer_index_by_hnd(p, handle);
DEBUG(5,("getprinterdata_printer\n"));
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("getprinterdata_printer: Invalid handle (%s).\n", OUR_HANDLE(handle)));
return False;
}
- if(!get_printer_snum(handle, &snum))
+ if(!get_printer_snum(p, handle, &snum))
return False;
if(get_a_printer(&printer, 2, lp_servicename(snum)) != 0)
@@ -1251,7 +1219,7 @@ uint32 _spoolss_getprinterdata(pipes_struct *p, SPOOL_Q_GETPRINTERDATA *q_u, SPO
fstring value;
BOOL found=False;
- Printer_entry *Printer = find_printer_index_by_hnd(handle);
+ Printer_entry *Printer = find_printer_index_by_hnd(p, handle);
/*
* Reminder: when it's a string, the length is in BYTES
@@ -1268,7 +1236,7 @@ uint32 _spoolss_getprinterdata(pipes_struct *p, SPOOL_Q_GETPRINTERDATA *q_u, SPO
DEBUG(4,("_spoolss_getprinterdata\n"));
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
if((*data=(uint8 *)malloc(4*sizeof(uint8))) == NULL)
return ERROR_NOT_ENOUGH_MEMORY;
DEBUG(0,("_spoolss_getprinterdata: Invalid handle (%s).\n", OUR_HANDLE(handle)));
@@ -1277,10 +1245,10 @@ uint32 _spoolss_getprinterdata(pipes_struct *p, SPOOL_Q_GETPRINTERDATA *q_u, SPO
unistr2_to_ascii(value, valuename, sizeof(value)-1);
- if (handle_is_printserver(handle))
+ if (Printer->printer_type == PRINTER_HANDLE_IS_PRINTSERVER)
found=getprinterdata_printer_server(p->mem_ctx, value, type, data, needed, *out_size);
else
- found= getprinterdata_printer(p->mem_ctx, handle, value, type, data, needed, *out_size);
+ found= getprinterdata_printer(p, p->mem_ctx, handle, value, type, data, needed, *out_size);
if (found==False) {
DEBUG(5, ("value not found, allocating %d\n", *out_size));
@@ -1351,9 +1319,9 @@ uint32 _spoolss_rffpcnex(pipes_struct *p, SPOOL_Q_RFFPCNEX *q_u, SPOOL_R_RFFPCNE
/* store the notify value in the printer struct */
- Printer_entry *Printer=find_printer_index_by_hnd(handle);
+ Printer_entry *Printer=find_printer_index_by_hnd(p, handle);
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("_spoolss_rffpcnex: Invalid handle (%s).\n", OUR_HANDLE(handle)));
return ERROR_INVALID_HANDLE;
}
@@ -1786,13 +1754,11 @@ static void spoolss_notify_status(int snum,
NT_PRINTER_INFO_LEVEL *printer,
TALLOC_CTX *mem_ctx)
{
- int count;
-
print_queue_struct *q=NULL;
print_status_struct status;
memset(&status, 0, sizeof(status));
- count = print_queue_status(snum, &q, &status);
+ print_queue_status(snum, &q, &status);
data->notify_data.value[0]=(uint32) status.status;
safe_free(q);
}
@@ -2277,20 +2243,19 @@ static BOOL construct_notify_jobs_info(print_queue_struct *queue,
* that's the print server case, the printer case is even worse.
*/
-
-
/*******************************************************************
*
* enumerate all printers on the printserver
* fill a notify_info struct with info asked
*
********************************************************************/
-static uint32 printserver_notify_info(const POLICY_HND *hnd,
+
+static uint32 printserver_notify_info(pipes_struct *p, POLICY_HND *hnd,
SPOOL_NOTIFY_INFO *info,
TALLOC_CTX *mem_ctx)
{
int snum;
- Printer_entry *Printer=find_printer_index_by_hnd(hnd);
+ Printer_entry *Printer=find_printer_index_by_hnd(p, hnd);
int n_services=lp_numservices();
int i;
uint32 id;
@@ -2341,11 +2306,11 @@ static uint32 printserver_notify_info(const POLICY_HND *hnd,
* fill a notify_info struct with info asked
*
********************************************************************/
-static uint32 printer_notify_info(POLICY_HND *hnd, SPOOL_NOTIFY_INFO *info,
+static uint32 printer_notify_info(pipes_struct *p, POLICY_HND *hnd, SPOOL_NOTIFY_INFO *info,
TALLOC_CTX *mem_ctx)
{
int snum;
- Printer_entry *Printer=find_printer_index_by_hnd(hnd);
+ Printer_entry *Printer=find_printer_index_by_hnd(p, hnd);
int i;
uint32 id;
SPOOL_NOTIFY_OPTION *option;
@@ -2362,7 +2327,7 @@ static uint32 printer_notify_info(POLICY_HND *hnd, SPOOL_NOTIFY_INFO *info,
info->data=NULL;
info->count=0;
- get_printer_snum(hnd, &snum);
+ get_printer_snum(p, hnd, &snum);
for (i=0; i<option->count; i++) {
option_type=&option->ctr.type[i];
@@ -2430,13 +2395,13 @@ uint32 _spoolss_rfnpcnex( pipes_struct *p, SPOOL_Q_RFNPCNEX *q_u, SPOOL_R_RFNPCN
/* SPOOL_NOTIFY_OPTION *option = q_u->option; - notused. */
SPOOL_NOTIFY_INFO *info = &r_u->info;
- Printer_entry *Printer=find_printer_index_by_hnd(handle);
+ Printer_entry *Printer=find_printer_index_by_hnd(p, handle);
uint32 result = ERROR_INVALID_HANDLE;
/* we always have a NOTIFY_INFO struct */
r_u->info_ptr=0x1;
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("_spoolss_rfnpcnex: Invalid handle (%s).\n",
OUR_HANDLE(handle)));
goto done;
@@ -2459,12 +2424,11 @@ uint32 _spoolss_rfnpcnex( pipes_struct *p, SPOOL_Q_RFNPCNEX *q_u, SPOOL_R_RFNPCN
switch (Printer->printer_type) {
case PRINTER_HANDLE_IS_PRINTSERVER:
- result = printserver_notify_info(handle, info,
- p->mem_ctx);
+ result = printserver_notify_info(p, handle, info, p->mem_ctx);
break;
case PRINTER_HANDLE_IS_PRINTER:
- result = printer_notify_info(handle, info, p->mem_ctx);
+ result = printer_notify_info(p, handle, info, p->mem_ctx);
break;
}
@@ -3312,7 +3276,7 @@ uint32 _spoolss_getprinter(pipes_struct *p, SPOOL_Q_GETPRINTER *q_u, SPOOL_R_GET
*needed=0;
- if (!get_printer_snum(handle, &snum))
+ if (!get_printer_snum(p, handle, &snum))
return ERROR_INVALID_HANDLE;
switch (level) {
@@ -3831,7 +3795,7 @@ uint32 _spoolss_getprinterdriver2(pipes_struct *p, SPOOL_Q_GETPRINTERDRIVER2 *q_
pstrcpy(servername, global_myname);
unistr2_to_ascii(architecture, uni_arch, sizeof(architecture)-1);
- if (!get_printer_snum(handle, &snum))
+ if (!get_printer_snum(p, handle, &snum))
return ERROR_INVALID_HANDLE;
switch (level) {
@@ -3855,9 +3819,9 @@ uint32 _spoolss_startpageprinter(pipes_struct *p, SPOOL_Q_STARTPAGEPRINTER *q_u,
{
POLICY_HND *handle = &q_u->handle;
- Printer_entry *Printer = find_printer_index_by_hnd(handle);
+ Printer_entry *Printer = find_printer_index_by_hnd(p, handle);
- if (OPEN_HANDLE(Printer)) {
+ if (Printer) {
Printer->page_started=True;
return 0x0;
}
@@ -3873,9 +3837,9 @@ uint32 _spoolss_endpageprinter(pipes_struct *p, SPOOL_Q_ENDPAGEPRINTER *q_u, SPO
{
POLICY_HND *handle = &q_u->handle;
- Printer_entry *Printer = find_printer_index_by_hnd(handle);
+ Printer_entry *Printer = find_printer_index_by_hnd(p, handle);
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("_spoolss_endpageprinter: Invalid handle (%s).\n",OUR_HANDLE(handle)));
return ERROR_INVALID_HANDLE;
}
@@ -3902,10 +3866,10 @@ uint32 _spoolss_startdocprinter(pipes_struct *p, SPOOL_Q_STARTDOCPRINTER *q_u, S
int snum;
pstring jobname;
fstring datatype;
- Printer_entry *Printer = find_printer_index_by_hnd(handle);
+ Printer_entry *Printer = find_printer_index_by_hnd(p, handle);
struct current_user user;
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("_spoolss_startdocprinter: Invalid handle (%s)\n", OUR_HANDLE(handle)));
return ERROR_INVALID_HANDLE;
}
@@ -3933,7 +3897,7 @@ uint32 _spoolss_startdocprinter(pipes_struct *p, SPOOL_Q_STARTDOCPRINTER *q_u, S
}
/* get the share number of the printer */
- if (!get_printer_snum(handle, &snum)) {
+ if (!get_printer_snum(p, handle, &snum)) {
return ERROR_INVALID_HANDLE;
}
@@ -3964,7 +3928,7 @@ uint32 _spoolss_enddocprinter(pipes_struct *p, SPOOL_Q_ENDDOCPRINTER *q_u, SPOOL
{
POLICY_HND *handle = &q_u->handle;
- return _spoolss_enddocprinter_internal(handle);
+ return _spoolss_enddocprinter_internal(p, handle);
}
/****************************************************************************
@@ -3977,9 +3941,9 @@ uint32 _spoolss_writeprinter(pipes_struct *p, SPOOL_Q_WRITEPRINTER *q_u, SPOOL_R
uint8 *buffer = q_u->buffer;
uint32 *buffer_written = &q_u->buffer_size2;
- Printer_entry *Printer = find_printer_index_by_hnd(handle);
+ Printer_entry *Printer = find_printer_index_by_hnd(p, handle);
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("_spoolss_writeprinter: Invalid handle (%s)\n",OUR_HANDLE(handle)));
r_u->buffer_written = q_u->buffer_size2;
return ERROR_INVALID_HANDLE;
@@ -4003,16 +3967,16 @@ static uint32 control_printer(POLICY_HND *handle, uint32 command,
{
struct current_user user;
int snum, errcode = ERROR_INVALID_FUNCTION;
- Printer_entry *Printer = find_printer_index_by_hnd(handle);
+ Printer_entry *Printer = find_printer_index_by_hnd(p, handle);
get_current_user(&user, p);
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("control_printer: Invalid handle (%s)\n", OUR_HANDLE(handle)));
return ERROR_INVALID_HANDLE;
}
- if (!get_printer_snum(handle, &snum))
+ if (!get_printer_snum(p, handle, &snum))
return ERROR_INVALID_HANDLE;
switch (command) {
@@ -4063,9 +4027,9 @@ static uint32 update_printer_sec(POLICY_HND *handle, uint32 level,
uint32 result;
int snum;
- Printer_entry *Printer = find_printer_index_by_hnd(handle);
+ Printer_entry *Printer = find_printer_index_by_hnd(p, handle);
- if (!OPEN_HANDLE(Printer) || !get_printer_snum(handle, &snum)) {
+ if (!Printer || !get_printer_snum(p, handle, &snum)) {
DEBUG(0,("update_printer_sec: Invalid handle (%s)\n",
OUR_HANDLE(handle)));
@@ -4478,13 +4442,13 @@ static BOOL nt_printer_info_level_equal(NT_PRINTER_INFO_LEVEL *p1,
* when updating a printer description
********************************************************************/
-static uint32 update_printer(POLICY_HND *handle, uint32 level,
+static uint32 update_printer(pipes_struct *p, POLICY_HND *handle, uint32 level,
const SPOOL_PRINTER_INFO_LEVEL *info,
DEVICEMODE *devmode)
{
int snum;
NT_PRINTER_INFO_LEVEL *printer = NULL, *old_printer = NULL;
- Printer_entry *Printer = find_printer_index_by_hnd(handle);
+ Printer_entry *Printer = find_printer_index_by_hnd(p, handle);
uint32 result;
DEBUG(8,("update_printer\n"));
@@ -4498,12 +4462,12 @@ static uint32 update_printer(POLICY_HND *handle, uint32 level,
goto done;
}
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
result = ERROR_INVALID_HANDLE;
goto done;
}
- if (!get_printer_snum(handle, &snum)) {
+ if (!get_printer_snum(p, handle, &snum)) {
result = ERROR_INVALID_HANDLE;
goto done;
}
@@ -4582,7 +4546,7 @@ static uint32 update_printer(POLICY_HND *handle, uint32 level,
free_a_printer(&printer, 2);
free_a_printer(&old_printer, 2);
- srv_spoolss_sendnotify(handle);
+ srv_spoolss_sendnotify(p, handle);
return result;
}
@@ -4599,9 +4563,9 @@ uint32 _spoolss_setprinter(pipes_struct *p, SPOOL_Q_SETPRINTER *q_u, SPOOL_R_SET
SEC_DESC_BUF *secdesc_ctr = q_u->secdesc_ctr;
uint32 command = q_u->command;
- Printer_entry *Printer = find_printer_index_by_hnd(handle);
+ Printer_entry *Printer = find_printer_index_by_hnd(p, handle);
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("_spoolss_setprinter: Invalid handle (%s)\n", OUR_HANDLE(handle)));
return ERROR_INVALID_HANDLE;
}
@@ -4611,7 +4575,7 @@ uint32 _spoolss_setprinter(pipes_struct *p, SPOOL_Q_SETPRINTER *q_u, SPOOL_R_SET
case 0:
return control_printer(handle, command, p);
case 2:
- return update_printer(handle, level, info, devmode_ctr.devmode);
+ return update_printer(p, handle, level, info, devmode_ctr.devmode);
case 3:
return update_printer_sec(handle, level, info, p,
secdesc_ctr);
@@ -4627,16 +4591,15 @@ uint32 _spoolss_fcpn(pipes_struct *p, SPOOL_Q_FCPN *q_u, SPOOL_R_FCPN *r_u)
{
POLICY_HND *handle = &q_u->handle;
- Printer_entry *Printer= find_printer_index_by_hnd(handle);
+ Printer_entry *Printer= find_printer_index_by_hnd(p, handle);
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("_spoolss_fcpn: Invalid handle (%s)\n", OUR_HANDLE(handle)));
return ERROR_INVALID_HANDLE;
}
if (Printer->notify.client_connected==True)
- if(!srv_spoolss_replycloseprinter(&Printer->notify.client_hnd))
- return ERROR_INVALID_HANDLE;
+ srv_spoolss_replycloseprinter(&Printer->notify.client_hnd);
Printer->notify.flags=0;
Printer->notify.options=0;
@@ -4872,7 +4835,7 @@ uint32 _spoolss_enumjobs( pipes_struct *p, SPOOL_Q_ENUMJOBS *q_u, SPOOL_R_ENUMJO
*needed=0;
*returned=0;
- if (!get_printer_snum(handle, &snum))
+ if (!get_printer_snum(p, handle, &snum))
return ERROR_INVALID_HANDLE;
*returned = print_queue_status(snum, &queue, &prt_status);
@@ -4920,7 +4883,7 @@ uint32 _spoolss_setjob(pipes_struct *p, SPOOL_Q_SETJOB *q_u, SPOOL_R_SETJOB *r_u
memset(&prt_status, 0, sizeof(prt_status));
- if (!get_printer_snum(handle, &snum)) {
+ if (!get_printer_snum(p, handle, &snum)) {
return ERROR_INVALID_HANDLE;
}
@@ -5647,7 +5610,7 @@ uint32 _spoolss_enumports( pipes_struct *p, SPOOL_Q_ENUMPORTS *q_u, SPOOL_R_ENUM
/****************************************************************************
****************************************************************************/
-static uint32 spoolss_addprinterex_level_2( const UNISTR2 *uni_srv_name,
+static uint32 spoolss_addprinterex_level_2( pipes_struct *p, const UNISTR2 *uni_srv_name,
const SPOOL_PRINTER_INFO_LEVEL *info,
uint32 unk0, uint32 unk1, uint32 unk2, uint32 unk3,
uint32 user_switch, const SPOOL_USER_CTR *user,
@@ -5702,7 +5665,7 @@ static uint32 spoolss_addprinterex_level_2( const UNISTR2 *uni_srv_name,
return ERROR_ACCESS_DENIED;
}
- if (!open_printer_hnd(handle, name)) {
+ if (!open_printer_hnd(p, handle, name)) {
/* Handle open failed - remove addition. */
del_a_printer(printer->info_2->sharename);
free_a_printer(&printer,2);
@@ -5711,7 +5674,7 @@ static uint32 spoolss_addprinterex_level_2( const UNISTR2 *uni_srv_name,
free_a_printer(&printer,2);
- srv_spoolss_sendnotify(handle);
+ srv_spoolss_sendnotify(p, handle);
return NT_STATUS_NO_PROBLEMO;
}
@@ -5738,7 +5701,7 @@ uint32 _spoolss_addprinterex( pipes_struct *p, SPOOL_Q_ADDPRINTEREX *q_u, SPOOL_
/* but I know what to do ... */
return ERROR_INVALID_LEVEL;
case 2:
- return spoolss_addprinterex_level_2(uni_srv_name, info,
+ return spoolss_addprinterex_level_2(p, uni_srv_name, info,
unk0, unk1, unk2, unk3,
user_switch, user, handle);
default:
@@ -5886,7 +5849,7 @@ uint32 _spoolss_enumprinterdata(pipes_struct *p, SPOOL_Q_ENUMPRINTERDATA *q_u, S
uint32 biggest_valuesize;
uint32 biggest_datasize;
uint32 data_len;
- Printer_entry *Printer = find_printer_index_by_hnd(handle);
+ Printer_entry *Printer = find_printer_index_by_hnd(p, handle);
int snum;
uint8 *data=NULL;
uint32 type;
@@ -5905,12 +5868,12 @@ uint32 _spoolss_enumprinterdata(pipes_struct *p, SPOOL_Q_ENUMPRINTERDATA *q_u, S
DEBUG(5,("spoolss_enumprinterdata\n"));
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("_spoolss_enumprinterdata: Invalid handle (%s).\n", OUR_HANDLE(handle)));
return ERROR_INVALID_HANDLE;
}
- if (!get_printer_snum(handle, &snum))
+ if (!get_printer_snum(p,handle, &snum))
return ERROR_INVALID_HANDLE;
if (get_a_printer(&printer, 2, lp_servicename(snum)) != 0)
@@ -6045,16 +6008,16 @@ uint32 _spoolss_setprinterdata( pipes_struct *p, SPOOL_Q_SETPRINTERDATA *q_u, SP
NT_PRINTER_PARAM *param = NULL, old_param;
int snum=0;
uint32 status = 0x0;
- Printer_entry *Printer=find_printer_index_by_hnd(handle);
+ Printer_entry *Printer=find_printer_index_by_hnd(p, handle);
DEBUG(5,("spoolss_setprinterdata\n"));
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("_spoolss_setprinterdata: Invalid handle (%s).\n", OUR_HANDLE(handle)));
return ERROR_INVALID_HANDLE;
}
- if (!get_printer_snum(handle, &snum))
+ if (!get_printer_snum(p,handle, &snum))
return ERROR_INVALID_HANDLE;
status = get_a_printer(&printer, 2, lp_servicename(snum));
@@ -6117,16 +6080,16 @@ uint32 _spoolss_deleteprinterdata(pipes_struct *p, SPOOL_Q_DELETEPRINTERDATA *q_
NT_PRINTER_PARAM param;
int snum=0;
uint32 status = 0x0;
- Printer_entry *Printer=find_printer_index_by_hnd(handle);
+ Printer_entry *Printer=find_printer_index_by_hnd(p, handle);
DEBUG(5,("spoolss_deleteprinterdata\n"));
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("_spoolss_deleteprinterdata: Invalid handle (%s).\n", OUR_HANDLE(handle)));
return ERROR_INVALID_HANDLE;
}
- if (!get_printer_snum(handle, &snum))
+ if (!get_printer_snum(p, handle, &snum))
return ERROR_INVALID_HANDLE;
if (!print_access_check(NULL, snum, PRINTER_ACCESS_ADMINISTER)) {
@@ -6162,11 +6125,11 @@ uint32 _spoolss_addform( pipes_struct *p, SPOOL_Q_ADDFORM *q_u, SPOOL_R_ADDFORM
int count=0;
nt_forms_struct *list=NULL;
- Printer_entry *Printer = find_printer_index_by_hnd(handle);
+ Printer_entry *Printer = find_printer_index_by_hnd(p, handle);
DEBUG(5,("spoolss_addform\n"));
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("_spoolss_addform: Invalid handle (%s).\n", OUR_HANDLE(handle)));
return ERROR_INVALID_HANDLE;
}
@@ -6192,11 +6155,11 @@ uint32 _spoolss_deleteform( pipes_struct *p, SPOOL_Q_DELETEFORM *q_u, SPOOL_R_DE
int count=0;
uint32 ret = 0;
nt_forms_struct *list=NULL;
- Printer_entry *Printer = find_printer_index_by_hnd(handle);
+ Printer_entry *Printer = find_printer_index_by_hnd(p, handle);
DEBUG(5,("spoolss_deleteform\n"));
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("_spoolss_deleteform: Invalid handle (%s).\n", OUR_HANDLE(handle)));
return ERROR_INVALID_HANDLE;
}
@@ -6222,11 +6185,11 @@ uint32 _spoolss_setform(pipes_struct *p, SPOOL_Q_SETFORM *q_u, SPOOL_R_SETFORM *
int count=0;
nt_forms_struct *list=NULL;
- Printer_entry *Printer = find_printer_index_by_hnd(handle);
+ Printer_entry *Printer = find_printer_index_by_hnd(p, handle);
DEBUG(5,("spoolss_setform\n"));
- if (!OPEN_HANDLE(Printer)) {
+ if (!Printer) {
DEBUG(0,("_spoolss_setform: Invalid handle (%s).\n", OUR_HANDLE(handle)));
return ERROR_INVALID_HANDLE;
}
@@ -6605,7 +6568,7 @@ uint32 _spoolss_getjob( pipes_struct *p, SPOOL_Q_GETJOB *q_u, SPOOL_R_GETJOB *r_
*needed=0;
- if (!get_printer_snum(handle, &snum))
+ if (!get_printer_snum(p, handle, &snum))
return ERROR_INVALID_HANDLE;
count = print_queue_status(snum, &queue, &prt_status);
@@ -6623,4 +6586,3 @@ uint32 _spoolss_getjob( pipes_struct *p, SPOOL_Q_GETJOB *q_u, SPOOL_R_GETJOB *r_
return ERROR_INVALID_LEVEL;
}
}
-#undef OLD_NTDOMAIN
diff --git a/source3/rpc_server/srv_srvsvc.c b/source3/rpc_server/srv_srvsvc.c
index b530d66092..a3176bfd73 100644
--- a/source3/rpc_server/srv_srvsvc.c
+++ b/source3/rpc_server/srv_srvsvc.c
@@ -1,4 +1,3 @@
-#define OLD_NTDOMAIN 1
/*
* Unix SMB/Netbios implementation.
* Version 1.9.
@@ -248,5 +247,3 @@ BOOL api_srvsvc_rpc(pipes_struct *p)
{
return api_rpcTNP(p, "api_srvsvc_rpc", api_srv_cmds);
}
-
-#undef OLD_NTDOMAIN
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index 80794609ea..6e0043b0bb 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -1,4 +1,3 @@
-#define OLD_NTDOMAIN 1
/*
* Unix SMB/Netbios implementation.
* Version 1.9.
@@ -695,6 +694,9 @@ uint32 _srv_net_srv_get_info(pipes_struct *p, SRV_Q_NET_SRV_GET_INFO *q_u, SRV_R
lp_default_server_announce(),
string_truncate(lp_serverstring(), MAX_SERVER_STRING_LENGTH));
break;
+ case 100:
+ init_srv_info_100(&ctr->srv.sv100, 500, global_myname);
+ break;
default:
status = NT_STATUS_INVALID_INFO_CLASS;
break;
@@ -863,4 +865,3 @@ uint32 _srv_net_remote_tod(pipes_struct *p, SRV_Q_NET_REMOTE_TOD *q_u, SRV_R_NET
return r_u->status;
}
-#undef OLD_NTDOMAIN
diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c
index 8349b7add6..82125a7085 100644
--- a/source3/rpc_server/srv_util.c
+++ b/source3/rpc_server/srv_util.c
@@ -1,5 +1,3 @@
-#define OLD_NTDOMAIN 1
-
/*
* Unix SMB/Netbios implementation.
* Version 1.9.
@@ -80,7 +78,7 @@ rid_name domain_group_rids[] =
{ 0 , NULL }
};
-int make_dom_gids(char *gids_str, DOM_GID **ppgids)
+int make_dom_gids(TALLOC_CTX *ctx, char *gids_str, DOM_GID **ppgids)
{
char *ptr;
pstring s2;
@@ -99,10 +97,10 @@ int make_dom_gids(char *gids_str, DOM_GID **ppgids)
count++)
;
- gids = (DOM_GID *)malloc( sizeof(DOM_GID) * count );
+ gids = (DOM_GID *)talloc(ctx, sizeof(DOM_GID) * count );
if(!gids)
{
- DEBUG(0,("make_dom_gids: malloc fail !\n"));
+ DEBUG(0,("make_dom_gids: talloc fail !\n"));
return 0;
}
@@ -192,11 +190,10 @@ void get_domain_user_groups(char *domain_groups, char *user)
}
}
-
/*******************************************************************
- lookup_group_name
+ Look up a local (domain) rid and return a name and type.
********************************************************************/
-uint32 lookup_group_name(uint32 rid, char *group_name, uint32 *type)
+uint32 local_lookup_group_name(uint32 rid, char *group_name, uint32 *type)
{
int i = 0;
(*type) = SID_NAME_DOM_GRP;
@@ -220,9 +217,9 @@ uint32 lookup_group_name(uint32 rid, char *group_name, uint32 *type)
}
/*******************************************************************
- lookup_alias_name
+ Look up a local alias rid and return a name and type.
********************************************************************/
-uint32 lookup_alias_name(uint32 rid, char *alias_name, uint32 *type)
+uint32 local_lookup_alias_name(uint32 rid, char *alias_name, uint32 *type)
{
int i = 0;
(*type) = SID_NAME_WKN_GRP;
@@ -246,11 +243,11 @@ uint32 lookup_alias_name(uint32 rid, char *alias_name, uint32 *type)
}
/*******************************************************************
- lookup_user_name
+ Look up a local user rid and return a name and type.
********************************************************************/
-uint32 lookup_user_name(uint32 rid, char *user_name, uint32 *type)
+uint32 local_lookup_user_name(uint32 rid, char *user_name, uint32 *type)
{
- struct sam_disp_info *disp_info;
+ SAM_ACCOUNT *sampwd;
int i = 0;
(*type) = SID_NAME_USER;
@@ -271,12 +268,12 @@ uint32 lookup_user_name(uint32 rid, char *user_name, uint32 *type)
/* ok, it's a user. find the user account */
become_root();
- disp_info = pdb_sam_to_dispinfo(pdb_getsampwrid(rid));
+ sampwd = pdb_getsampwrid(rid);
unbecome_root();
- if (disp_info != NULL)
+ if (sampwd != NULL)
{
- fstrcpy(user_name, disp_info->smb_name);
+ fstrcpy(user_name, pdb_get_username(sampwd) );
DEBUG(5,(" = %s\n", user_name));
return 0x0;
}
@@ -286,9 +283,9 @@ uint32 lookup_user_name(uint32 rid, char *user_name, uint32 *type)
}
/*******************************************************************
- lookup_group_rid
+ Look up a local (domain) group name and return a rid
********************************************************************/
-uint32 lookup_group_rid(char *group_name, uint32 *rid)
+uint32 local_lookup_group_rid(char *group_name, uint32 *rid)
{
char *grp_name;
int i = -1; /* start do loop at -1 */
@@ -305,9 +302,9 @@ uint32 lookup_group_rid(char *group_name, uint32 *rid)
}
/*******************************************************************
- lookup_alias_rid
+ Look up a local (BUILTIN) alias name and return a rid
********************************************************************/
-uint32 lookup_alias_rid(char *alias_name, uint32 *rid)
+uint32 local_lookup_alias_rid(char *alias_name, uint32 *rid)
{
char *als_name;
int i = -1; /* start do loop at -1 */
@@ -324,25 +321,23 @@ uint32 lookup_alias_rid(char *alias_name, uint32 *rid)
}
/*******************************************************************
- lookup_user_rid
+ Look up a local user name and return a rid
********************************************************************/
-uint32 lookup_user_rid(char *user_name, uint32 *rid)
+uint32 local_lookup_user_rid(char *user_name, uint32 *rid)
{
- SAM_ACCOUNT *sam_pass;
+ SAM_ACCOUNT *sampass;
(*rid) = 0;
/* find the user account */
become_root();
- sam_pass = pdb_getsampwnam(user_name);
+ sampass = pdb_getsampwnam(user_name);
unbecome_root();
- if (sam_pass != NULL)
+ if (sampass != NULL)
{
- *rid = pdb_get_user_rid(sam_pass);
+ (*rid) = pdb_get_user_rid(sampass);
return 0x0;
}
return NT_STATUS_NONE_MAPPED;
}
-
-#undef OLD_NTDOMAIN
diff --git a/source3/rpc_server/srv_wkssvc.c b/source3/rpc_server/srv_wkssvc.c
index e648c0f122..12e4a8f335 100644
--- a/source3/rpc_server/srv_wkssvc.c
+++ b/source3/rpc_server/srv_wkssvc.c
@@ -1,4 +1,3 @@
-#define OLD_NTDOMAIN 1
/*
* Unix SMB/Netbios implementation.
* Version 1.9.
@@ -72,5 +71,3 @@ BOOL api_wkssvc_rpc(pipes_struct *p)
{
return api_rpcTNP(p, "api_wkssvc_rpc", api_wks_cmds);
}
-
-#undef OLD_NTDOMAIN
diff --git a/source3/rpc_server/srv_wkssvc_nt.c b/source3/rpc_server/srv_wkssvc_nt.c
index 688c7f1d01..40771d2fb9 100644
--- a/source3/rpc_server/srv_wkssvc_nt.c
+++ b/source3/rpc_server/srv_wkssvc_nt.c
@@ -1,4 +1,3 @@
-#define OLD_NTDOMAIN 1
/*
* Unix SMB/Netbios implementation.
* Version 1.9.
@@ -79,4 +78,3 @@ uint32 _wks_query_info(pipes_struct *p, WKS_Q_QUERY_INFO *q_u, WKS_R_QUERY_INFO
return r_u->status;
}
-#undef OLD_NTDOMAIN